pulumi-vault 6.6.0a1741415971__py3-none-any.whl → 6.7.0a1741847926__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_vault/__init__.py +8 -0
- pulumi_vault/aws/auth_backend_client.py +228 -4
- pulumi_vault/aws/secret_backend.py +266 -50
- pulumi_vault/aws/secret_backend_static_role.py +217 -0
- pulumi_vault/azure/auth_backend_config.py +257 -5
- pulumi_vault/azure/backend.py +249 -4
- pulumi_vault/database/_inputs.py +1692 -36
- pulumi_vault/database/outputs.py +1170 -18
- pulumi_vault/database/secret_backend_connection.py +220 -0
- pulumi_vault/database/secret_backend_static_role.py +143 -1
- pulumi_vault/database/secrets_mount.py +8 -0
- pulumi_vault/gcp/auth_backend.py +222 -2
- pulumi_vault/gcp/secret_backend.py +244 -4
- pulumi_vault/ldap/auth_backend.py +222 -2
- pulumi_vault/ldap/secret_backend.py +222 -2
- pulumi_vault/pkisecret/__init__.py +2 -0
- pulumi_vault/pkisecret/_inputs.py +0 -6
- pulumi_vault/pkisecret/backend_config_acme.py +47 -0
- pulumi_vault/pkisecret/backend_config_auto_tidy.py +1376 -0
- pulumi_vault/pkisecret/backend_config_cmpv2.py +61 -14
- pulumi_vault/pkisecret/get_backend_cert_metadata.py +277 -0
- pulumi_vault/pkisecret/get_backend_config_cmpv2.py +18 -1
- pulumi_vault/pkisecret/get_backend_issuer.py +114 -1
- pulumi_vault/pkisecret/outputs.py +0 -4
- pulumi_vault/pkisecret/secret_backend_cert.py +148 -7
- pulumi_vault/pkisecret/secret_backend_crl_config.py +54 -0
- pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +141 -0
- pulumi_vault/pkisecret/secret_backend_issuer.py +265 -0
- pulumi_vault/pkisecret/secret_backend_role.py +252 -3
- pulumi_vault/pkisecret/secret_backend_root_cert.py +423 -0
- pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +581 -3
- pulumi_vault/pkisecret/secret_backend_sign.py +94 -0
- pulumi_vault/pulumi-plugin.json +1 -1
- pulumi_vault/ssh/__init__.py +1 -0
- pulumi_vault/ssh/get_secret_backend_sign.py +294 -0
- pulumi_vault/terraformcloud/secret_role.py +7 -7
- pulumi_vault/transit/__init__.py +2 -0
- pulumi_vault/transit/get_sign.py +324 -0
- pulumi_vault/transit/get_verify.py +354 -0
- pulumi_vault/transit/secret_backend_key.py +162 -0
- {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0a1741847926.dist-info}/METADATA +1 -1
- {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0a1741847926.dist-info}/RECORD +44 -39
- {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0a1741847926.dist-info}/WHEEL +1 -1
- {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0a1741847926.dist-info}/top_level.txt +0 -0
pulumi_vault/database/_inputs.py
CHANGED
|
@@ -3489,6 +3489,10 @@ if not MYPY:
|
|
|
3489
3489
|
data: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[str]]]]
|
|
3490
3490
|
"""
|
|
3491
3491
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
3492
|
+
"""
|
|
3493
|
+
disable_automated_rotation: NotRequired[pulumi.Input[bool]]
|
|
3494
|
+
"""
|
|
3495
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
3492
3496
|
|
|
3493
3497
|
Supported list of database secrets engines that can be configured:
|
|
3494
3498
|
"""
|
|
@@ -3528,6 +3532,22 @@ if not MYPY:
|
|
|
3528
3532
|
"""
|
|
3529
3533
|
A list of database statements to be executed to rotate the root user's credentials.
|
|
3530
3534
|
"""
|
|
3535
|
+
rotation_period: NotRequired[pulumi.Input[int]]
|
|
3536
|
+
"""
|
|
3537
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
|
3538
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
3539
|
+
"""
|
|
3540
|
+
rotation_schedule: NotRequired[pulumi.Input[str]]
|
|
3541
|
+
"""
|
|
3542
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
3543
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
3544
|
+
"""
|
|
3545
|
+
rotation_window: NotRequired[pulumi.Input[int]]
|
|
3546
|
+
"""
|
|
3547
|
+
The maximum amount of time in seconds allowed to complete
|
|
3548
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
3549
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
3550
|
+
"""
|
|
3531
3551
|
skip_verification: NotRequired[pulumi.Input[bool]]
|
|
3532
3552
|
"""
|
|
3533
3553
|
Skip permissions checks when a connection to Cassandra is first created. These checks ensure that Vault is able to create roles, but can be resource intensive in clusters with many roles.
|
|
@@ -3555,6 +3575,7 @@ class SecretsMountCassandraArgs:
|
|
|
3555
3575
|
allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
3556
3576
|
connect_timeout: Optional[pulumi.Input[int]] = None,
|
|
3557
3577
|
data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
|
3578
|
+
disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
|
|
3558
3579
|
hosts: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
3559
3580
|
insecure_tls: Optional[pulumi.Input[bool]] = None,
|
|
3560
3581
|
password: Optional[pulumi.Input[str]] = None,
|
|
@@ -3564,6 +3585,9 @@ class SecretsMountCassandraArgs:
|
|
|
3564
3585
|
port: Optional[pulumi.Input[int]] = None,
|
|
3565
3586
|
protocol_version: Optional[pulumi.Input[int]] = None,
|
|
3566
3587
|
root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
3588
|
+
rotation_period: Optional[pulumi.Input[int]] = None,
|
|
3589
|
+
rotation_schedule: Optional[pulumi.Input[str]] = None,
|
|
3590
|
+
rotation_window: Optional[pulumi.Input[int]] = None,
|
|
3567
3591
|
skip_verification: Optional[pulumi.Input[bool]] = None,
|
|
3568
3592
|
tls: Optional[pulumi.Input[bool]] = None,
|
|
3569
3593
|
username: Optional[pulumi.Input[str]] = None,
|
|
@@ -3574,6 +3598,7 @@ class SecretsMountCassandraArgs:
|
|
|
3574
3598
|
connection.
|
|
3575
3599
|
:param pulumi.Input[int] connect_timeout: The number of seconds to use as a connection timeout.
|
|
3576
3600
|
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
3601
|
+
:param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
3577
3602
|
|
|
3578
3603
|
Supported list of database secrets engines that can be configured:
|
|
3579
3604
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] hosts: Cassandra hosts to connect to.
|
|
@@ -3585,6 +3610,13 @@ class SecretsMountCassandraArgs:
|
|
|
3585
3610
|
:param pulumi.Input[int] port: The transport port to use to connect to Cassandra.
|
|
3586
3611
|
:param pulumi.Input[int] protocol_version: The CQL protocol version to use.
|
|
3587
3612
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
|
|
3613
|
+
:param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
|
3614
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
3615
|
+
:param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
3616
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
3617
|
+
:param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
|
|
3618
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
3619
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
3588
3620
|
:param pulumi.Input[bool] skip_verification: Skip permissions checks when a connection to Cassandra is first created. These checks ensure that Vault is able to create roles, but can be resource intensive in clusters with many roles.
|
|
3589
3621
|
:param pulumi.Input[bool] tls: Whether to use TLS when connecting to Cassandra.
|
|
3590
3622
|
:param pulumi.Input[str] username: The username to use when authenticating with Cassandra.
|
|
@@ -3598,6 +3630,8 @@ class SecretsMountCassandraArgs:
|
|
|
3598
3630
|
pulumi.set(__self__, "connect_timeout", connect_timeout)
|
|
3599
3631
|
if data is not None:
|
|
3600
3632
|
pulumi.set(__self__, "data", data)
|
|
3633
|
+
if disable_automated_rotation is not None:
|
|
3634
|
+
pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
|
|
3601
3635
|
if hosts is not None:
|
|
3602
3636
|
pulumi.set(__self__, "hosts", hosts)
|
|
3603
3637
|
if insecure_tls is not None:
|
|
@@ -3616,6 +3650,12 @@ class SecretsMountCassandraArgs:
|
|
|
3616
3650
|
pulumi.set(__self__, "protocol_version", protocol_version)
|
|
3617
3651
|
if root_rotation_statements is not None:
|
|
3618
3652
|
pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
|
|
3653
|
+
if rotation_period is not None:
|
|
3654
|
+
pulumi.set(__self__, "rotation_period", rotation_period)
|
|
3655
|
+
if rotation_schedule is not None:
|
|
3656
|
+
pulumi.set(__self__, "rotation_schedule", rotation_schedule)
|
|
3657
|
+
if rotation_window is not None:
|
|
3658
|
+
pulumi.set(__self__, "rotation_window", rotation_window)
|
|
3619
3659
|
if skip_verification is not None:
|
|
3620
3660
|
pulumi.set(__self__, "skip_verification", skip_verification)
|
|
3621
3661
|
if tls is not None:
|
|
@@ -3667,8 +3707,6 @@ class SecretsMountCassandraArgs:
|
|
|
3667
3707
|
def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
|
|
3668
3708
|
"""
|
|
3669
3709
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
3670
|
-
|
|
3671
|
-
Supported list of database secrets engines that can be configured:
|
|
3672
3710
|
"""
|
|
3673
3711
|
return pulumi.get(self, "data")
|
|
3674
3712
|
|
|
@@ -3676,6 +3714,20 @@ class SecretsMountCassandraArgs:
|
|
|
3676
3714
|
def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
|
|
3677
3715
|
pulumi.set(self, "data", value)
|
|
3678
3716
|
|
|
3717
|
+
@property
|
|
3718
|
+
@pulumi.getter(name="disableAutomatedRotation")
|
|
3719
|
+
def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
|
|
3720
|
+
"""
|
|
3721
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
3722
|
+
|
|
3723
|
+
Supported list of database secrets engines that can be configured:
|
|
3724
|
+
"""
|
|
3725
|
+
return pulumi.get(self, "disable_automated_rotation")
|
|
3726
|
+
|
|
3727
|
+
@disable_automated_rotation.setter
|
|
3728
|
+
def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
|
|
3729
|
+
pulumi.set(self, "disable_automated_rotation", value)
|
|
3730
|
+
|
|
3679
3731
|
@property
|
|
3680
3732
|
@pulumi.getter
|
|
3681
3733
|
def hosts(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
|
@@ -3784,6 +3836,46 @@ class SecretsMountCassandraArgs:
|
|
|
3784
3836
|
def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
|
3785
3837
|
pulumi.set(self, "root_rotation_statements", value)
|
|
3786
3838
|
|
|
3839
|
+
@property
|
|
3840
|
+
@pulumi.getter(name="rotationPeriod")
|
|
3841
|
+
def rotation_period(self) -> Optional[pulumi.Input[int]]:
|
|
3842
|
+
"""
|
|
3843
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
|
3844
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
3845
|
+
"""
|
|
3846
|
+
return pulumi.get(self, "rotation_period")
|
|
3847
|
+
|
|
3848
|
+
@rotation_period.setter
|
|
3849
|
+
def rotation_period(self, value: Optional[pulumi.Input[int]]):
|
|
3850
|
+
pulumi.set(self, "rotation_period", value)
|
|
3851
|
+
|
|
3852
|
+
@property
|
|
3853
|
+
@pulumi.getter(name="rotationSchedule")
|
|
3854
|
+
def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
|
|
3855
|
+
"""
|
|
3856
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
3857
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
3858
|
+
"""
|
|
3859
|
+
return pulumi.get(self, "rotation_schedule")
|
|
3860
|
+
|
|
3861
|
+
@rotation_schedule.setter
|
|
3862
|
+
def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
|
|
3863
|
+
pulumi.set(self, "rotation_schedule", value)
|
|
3864
|
+
|
|
3865
|
+
@property
|
|
3866
|
+
@pulumi.getter(name="rotationWindow")
|
|
3867
|
+
def rotation_window(self) -> Optional[pulumi.Input[int]]:
|
|
3868
|
+
"""
|
|
3869
|
+
The maximum amount of time in seconds allowed to complete
|
|
3870
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
3871
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
3872
|
+
"""
|
|
3873
|
+
return pulumi.get(self, "rotation_window")
|
|
3874
|
+
|
|
3875
|
+
@rotation_window.setter
|
|
3876
|
+
def rotation_window(self, value: Optional[pulumi.Input[int]]):
|
|
3877
|
+
pulumi.set(self, "rotation_window", value)
|
|
3878
|
+
|
|
3787
3879
|
@property
|
|
3788
3880
|
@pulumi.getter(name="skipVerification")
|
|
3789
3881
|
def skip_verification(self) -> Optional[pulumi.Input[bool]]:
|
|
@@ -3868,6 +3960,10 @@ if not MYPY:
|
|
|
3868
3960
|
data: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[str]]]]
|
|
3869
3961
|
"""
|
|
3870
3962
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
3963
|
+
"""
|
|
3964
|
+
disable_automated_rotation: NotRequired[pulumi.Input[bool]]
|
|
3965
|
+
"""
|
|
3966
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
3871
3967
|
|
|
3872
3968
|
Supported list of database secrets engines that can be configured:
|
|
3873
3969
|
"""
|
|
@@ -3883,6 +3979,22 @@ if not MYPY:
|
|
|
3883
3979
|
"""
|
|
3884
3980
|
A list of database statements to be executed to rotate the root user's credentials.
|
|
3885
3981
|
"""
|
|
3982
|
+
rotation_period: NotRequired[pulumi.Input[int]]
|
|
3983
|
+
"""
|
|
3984
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
|
3985
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
3986
|
+
"""
|
|
3987
|
+
rotation_schedule: NotRequired[pulumi.Input[str]]
|
|
3988
|
+
"""
|
|
3989
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
3990
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
3991
|
+
"""
|
|
3992
|
+
rotation_window: NotRequired[pulumi.Input[int]]
|
|
3993
|
+
"""
|
|
3994
|
+
The maximum amount of time in seconds allowed to complete
|
|
3995
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
3996
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
3997
|
+
"""
|
|
3886
3998
|
tls: NotRequired[pulumi.Input[bool]]
|
|
3887
3999
|
"""
|
|
3888
4000
|
Specifies whether to use TLS when connecting to Couchbase.
|
|
@@ -3910,9 +4022,13 @@ class SecretsMountCouchbaseArgs:
|
|
|
3910
4022
|
base64_pem: Optional[pulumi.Input[str]] = None,
|
|
3911
4023
|
bucket_name: Optional[pulumi.Input[str]] = None,
|
|
3912
4024
|
data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
|
4025
|
+
disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
|
|
3913
4026
|
insecure_tls: Optional[pulumi.Input[bool]] = None,
|
|
3914
4027
|
plugin_name: Optional[pulumi.Input[str]] = None,
|
|
3915
4028
|
root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
4029
|
+
rotation_period: Optional[pulumi.Input[int]] = None,
|
|
4030
|
+
rotation_schedule: Optional[pulumi.Input[str]] = None,
|
|
4031
|
+
rotation_window: Optional[pulumi.Input[int]] = None,
|
|
3916
4032
|
tls: Optional[pulumi.Input[bool]] = None,
|
|
3917
4033
|
username_template: Optional[pulumi.Input[str]] = None,
|
|
3918
4034
|
verify_connection: Optional[pulumi.Input[bool]] = None):
|
|
@@ -3926,11 +4042,19 @@ class SecretsMountCouchbaseArgs:
|
|
|
3926
4042
|
:param pulumi.Input[str] base64_pem: Required if `tls` is `true`. Specifies the certificate authority of the Couchbase server, as a PEM certificate that has been base64 encoded.
|
|
3927
4043
|
:param pulumi.Input[str] bucket_name: Required for Couchbase versions prior to 6.5.0. This is only used to verify vault's connection to the server.
|
|
3928
4044
|
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
4045
|
+
:param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
3929
4046
|
|
|
3930
4047
|
Supported list of database secrets engines that can be configured:
|
|
3931
4048
|
:param pulumi.Input[bool] insecure_tls: Specifies whether to skip verification of the server certificate when using TLS.
|
|
3932
4049
|
:param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use.
|
|
3933
4050
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
|
|
4051
|
+
:param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
|
4052
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
4053
|
+
:param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
4054
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
4055
|
+
:param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
|
|
4056
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
4057
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
3934
4058
|
:param pulumi.Input[bool] tls: Specifies whether to use TLS when connecting to Couchbase.
|
|
3935
4059
|
:param pulumi.Input[str] username_template: Template describing how dynamic usernames are generated.
|
|
3936
4060
|
:param pulumi.Input[bool] verify_connection: Whether the connection should be verified on
|
|
@@ -3948,12 +4072,20 @@ class SecretsMountCouchbaseArgs:
|
|
|
3948
4072
|
pulumi.set(__self__, "bucket_name", bucket_name)
|
|
3949
4073
|
if data is not None:
|
|
3950
4074
|
pulumi.set(__self__, "data", data)
|
|
4075
|
+
if disable_automated_rotation is not None:
|
|
4076
|
+
pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
|
|
3951
4077
|
if insecure_tls is not None:
|
|
3952
4078
|
pulumi.set(__self__, "insecure_tls", insecure_tls)
|
|
3953
4079
|
if plugin_name is not None:
|
|
3954
4080
|
pulumi.set(__self__, "plugin_name", plugin_name)
|
|
3955
4081
|
if root_rotation_statements is not None:
|
|
3956
4082
|
pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
|
|
4083
|
+
if rotation_period is not None:
|
|
4084
|
+
pulumi.set(__self__, "rotation_period", rotation_period)
|
|
4085
|
+
if rotation_schedule is not None:
|
|
4086
|
+
pulumi.set(__self__, "rotation_schedule", rotation_schedule)
|
|
4087
|
+
if rotation_window is not None:
|
|
4088
|
+
pulumi.set(__self__, "rotation_window", rotation_window)
|
|
3957
4089
|
if tls is not None:
|
|
3958
4090
|
pulumi.set(__self__, "tls", tls)
|
|
3959
4091
|
if username_template is not None:
|
|
@@ -4051,8 +4183,6 @@ class SecretsMountCouchbaseArgs:
|
|
|
4051
4183
|
def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
|
|
4052
4184
|
"""
|
|
4053
4185
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
4054
|
-
|
|
4055
|
-
Supported list of database secrets engines that can be configured:
|
|
4056
4186
|
"""
|
|
4057
4187
|
return pulumi.get(self, "data")
|
|
4058
4188
|
|
|
@@ -4060,6 +4190,20 @@ class SecretsMountCouchbaseArgs:
|
|
|
4060
4190
|
def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
|
|
4061
4191
|
pulumi.set(self, "data", value)
|
|
4062
4192
|
|
|
4193
|
+
@property
|
|
4194
|
+
@pulumi.getter(name="disableAutomatedRotation")
|
|
4195
|
+
def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
|
|
4196
|
+
"""
|
|
4197
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
4198
|
+
|
|
4199
|
+
Supported list of database secrets engines that can be configured:
|
|
4200
|
+
"""
|
|
4201
|
+
return pulumi.get(self, "disable_automated_rotation")
|
|
4202
|
+
|
|
4203
|
+
@disable_automated_rotation.setter
|
|
4204
|
+
def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
|
|
4205
|
+
pulumi.set(self, "disable_automated_rotation", value)
|
|
4206
|
+
|
|
4063
4207
|
@property
|
|
4064
4208
|
@pulumi.getter(name="insecureTls")
|
|
4065
4209
|
def insecure_tls(self) -> Optional[pulumi.Input[bool]]:
|
|
@@ -4096,6 +4240,46 @@ class SecretsMountCouchbaseArgs:
|
|
|
4096
4240
|
def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
|
4097
4241
|
pulumi.set(self, "root_rotation_statements", value)
|
|
4098
4242
|
|
|
4243
|
+
@property
|
|
4244
|
+
@pulumi.getter(name="rotationPeriod")
|
|
4245
|
+
def rotation_period(self) -> Optional[pulumi.Input[int]]:
|
|
4246
|
+
"""
|
|
4247
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
|
4248
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
4249
|
+
"""
|
|
4250
|
+
return pulumi.get(self, "rotation_period")
|
|
4251
|
+
|
|
4252
|
+
@rotation_period.setter
|
|
4253
|
+
def rotation_period(self, value: Optional[pulumi.Input[int]]):
|
|
4254
|
+
pulumi.set(self, "rotation_period", value)
|
|
4255
|
+
|
|
4256
|
+
@property
|
|
4257
|
+
@pulumi.getter(name="rotationSchedule")
|
|
4258
|
+
def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
|
|
4259
|
+
"""
|
|
4260
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
4261
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
4262
|
+
"""
|
|
4263
|
+
return pulumi.get(self, "rotation_schedule")
|
|
4264
|
+
|
|
4265
|
+
@rotation_schedule.setter
|
|
4266
|
+
def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
|
|
4267
|
+
pulumi.set(self, "rotation_schedule", value)
|
|
4268
|
+
|
|
4269
|
+
@property
|
|
4270
|
+
@pulumi.getter(name="rotationWindow")
|
|
4271
|
+
def rotation_window(self) -> Optional[pulumi.Input[int]]:
|
|
4272
|
+
"""
|
|
4273
|
+
The maximum amount of time in seconds allowed to complete
|
|
4274
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
4275
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
4276
|
+
"""
|
|
4277
|
+
return pulumi.get(self, "rotation_window")
|
|
4278
|
+
|
|
4279
|
+
@rotation_window.setter
|
|
4280
|
+
def rotation_window(self, value: Optional[pulumi.Input[int]]):
|
|
4281
|
+
pulumi.set(self, "rotation_window", value)
|
|
4282
|
+
|
|
4099
4283
|
@property
|
|
4100
4284
|
@pulumi.getter
|
|
4101
4285
|
def tls(self) -> Optional[pulumi.Input[bool]]:
|
|
@@ -4176,6 +4360,10 @@ if not MYPY:
|
|
|
4176
4360
|
data: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[str]]]]
|
|
4177
4361
|
"""
|
|
4178
4362
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
4363
|
+
"""
|
|
4364
|
+
disable_automated_rotation: NotRequired[pulumi.Input[bool]]
|
|
4365
|
+
"""
|
|
4366
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
4179
4367
|
|
|
4180
4368
|
Supported list of database secrets engines that can be configured:
|
|
4181
4369
|
"""
|
|
@@ -4191,6 +4379,22 @@ if not MYPY:
|
|
|
4191
4379
|
"""
|
|
4192
4380
|
A list of database statements to be executed to rotate the root user's credentials.
|
|
4193
4381
|
"""
|
|
4382
|
+
rotation_period: NotRequired[pulumi.Input[int]]
|
|
4383
|
+
"""
|
|
4384
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
|
4385
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
4386
|
+
"""
|
|
4387
|
+
rotation_schedule: NotRequired[pulumi.Input[str]]
|
|
4388
|
+
"""
|
|
4389
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
4390
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
4391
|
+
"""
|
|
4392
|
+
rotation_window: NotRequired[pulumi.Input[int]]
|
|
4393
|
+
"""
|
|
4394
|
+
The maximum amount of time in seconds allowed to complete
|
|
4395
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
4396
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
4397
|
+
"""
|
|
4194
4398
|
tls_server_name: NotRequired[pulumi.Input[str]]
|
|
4195
4399
|
"""
|
|
4196
4400
|
This, if set, is used to set the SNI host when connecting via TLS
|
|
@@ -4220,9 +4424,13 @@ class SecretsMountElasticsearchArgs:
|
|
|
4220
4424
|
client_cert: Optional[pulumi.Input[str]] = None,
|
|
4221
4425
|
client_key: Optional[pulumi.Input[str]] = None,
|
|
4222
4426
|
data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
|
4427
|
+
disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
|
|
4223
4428
|
insecure: Optional[pulumi.Input[bool]] = None,
|
|
4224
4429
|
plugin_name: Optional[pulumi.Input[str]] = None,
|
|
4225
4430
|
root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
4431
|
+
rotation_period: Optional[pulumi.Input[int]] = None,
|
|
4432
|
+
rotation_schedule: Optional[pulumi.Input[str]] = None,
|
|
4433
|
+
rotation_window: Optional[pulumi.Input[int]] = None,
|
|
4226
4434
|
tls_server_name: Optional[pulumi.Input[str]] = None,
|
|
4227
4435
|
username_template: Optional[pulumi.Input[str]] = None,
|
|
4228
4436
|
verify_connection: Optional[pulumi.Input[bool]] = None):
|
|
@@ -4238,11 +4446,19 @@ class SecretsMountElasticsearchArgs:
|
|
|
4238
4446
|
:param pulumi.Input[str] client_cert: The path to the certificate for the Elasticsearch client to present for communication
|
|
4239
4447
|
:param pulumi.Input[str] client_key: The path to the key for the Elasticsearch client to use for communication
|
|
4240
4448
|
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
4449
|
+
:param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
4241
4450
|
|
|
4242
4451
|
Supported list of database secrets engines that can be configured:
|
|
4243
4452
|
:param pulumi.Input[bool] insecure: Whether to disable certificate verification
|
|
4244
4453
|
:param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use.
|
|
4245
4454
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
|
|
4455
|
+
:param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
|
4456
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
4457
|
+
:param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
4458
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
4459
|
+
:param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
|
|
4460
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
4461
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
4246
4462
|
:param pulumi.Input[str] tls_server_name: This, if set, is used to set the SNI host when connecting via TLS
|
|
4247
4463
|
:param pulumi.Input[str] username_template: Template describing how dynamic usernames are generated.
|
|
4248
4464
|
:param pulumi.Input[bool] verify_connection: Whether the connection should be verified on
|
|
@@ -4264,12 +4480,20 @@ class SecretsMountElasticsearchArgs:
|
|
|
4264
4480
|
pulumi.set(__self__, "client_key", client_key)
|
|
4265
4481
|
if data is not None:
|
|
4266
4482
|
pulumi.set(__self__, "data", data)
|
|
4483
|
+
if disable_automated_rotation is not None:
|
|
4484
|
+
pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
|
|
4267
4485
|
if insecure is not None:
|
|
4268
4486
|
pulumi.set(__self__, "insecure", insecure)
|
|
4269
4487
|
if plugin_name is not None:
|
|
4270
4488
|
pulumi.set(__self__, "plugin_name", plugin_name)
|
|
4271
4489
|
if root_rotation_statements is not None:
|
|
4272
4490
|
pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
|
|
4491
|
+
if rotation_period is not None:
|
|
4492
|
+
pulumi.set(__self__, "rotation_period", rotation_period)
|
|
4493
|
+
if rotation_schedule is not None:
|
|
4494
|
+
pulumi.set(__self__, "rotation_schedule", rotation_schedule)
|
|
4495
|
+
if rotation_window is not None:
|
|
4496
|
+
pulumi.set(__self__, "rotation_window", rotation_window)
|
|
4273
4497
|
if tls_server_name is not None:
|
|
4274
4498
|
pulumi.set(__self__, "tls_server_name", tls_server_name)
|
|
4275
4499
|
if username_template is not None:
|
|
@@ -4391,8 +4615,6 @@ class SecretsMountElasticsearchArgs:
|
|
|
4391
4615
|
def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
|
|
4392
4616
|
"""
|
|
4393
4617
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
4394
|
-
|
|
4395
|
-
Supported list of database secrets engines that can be configured:
|
|
4396
4618
|
"""
|
|
4397
4619
|
return pulumi.get(self, "data")
|
|
4398
4620
|
|
|
@@ -4400,6 +4622,20 @@ class SecretsMountElasticsearchArgs:
|
|
|
4400
4622
|
def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
|
|
4401
4623
|
pulumi.set(self, "data", value)
|
|
4402
4624
|
|
|
4625
|
+
@property
|
|
4626
|
+
@pulumi.getter(name="disableAutomatedRotation")
|
|
4627
|
+
def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
|
|
4628
|
+
"""
|
|
4629
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
4630
|
+
|
|
4631
|
+
Supported list of database secrets engines that can be configured:
|
|
4632
|
+
"""
|
|
4633
|
+
return pulumi.get(self, "disable_automated_rotation")
|
|
4634
|
+
|
|
4635
|
+
@disable_automated_rotation.setter
|
|
4636
|
+
def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
|
|
4637
|
+
pulumi.set(self, "disable_automated_rotation", value)
|
|
4638
|
+
|
|
4403
4639
|
@property
|
|
4404
4640
|
@pulumi.getter
|
|
4405
4641
|
def insecure(self) -> Optional[pulumi.Input[bool]]:
|
|
@@ -4436,6 +4672,46 @@ class SecretsMountElasticsearchArgs:
|
|
|
4436
4672
|
def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
|
4437
4673
|
pulumi.set(self, "root_rotation_statements", value)
|
|
4438
4674
|
|
|
4675
|
+
@property
|
|
4676
|
+
@pulumi.getter(name="rotationPeriod")
|
|
4677
|
+
def rotation_period(self) -> Optional[pulumi.Input[int]]:
|
|
4678
|
+
"""
|
|
4679
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
|
4680
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
4681
|
+
"""
|
|
4682
|
+
return pulumi.get(self, "rotation_period")
|
|
4683
|
+
|
|
4684
|
+
@rotation_period.setter
|
|
4685
|
+
def rotation_period(self, value: Optional[pulumi.Input[int]]):
|
|
4686
|
+
pulumi.set(self, "rotation_period", value)
|
|
4687
|
+
|
|
4688
|
+
@property
|
|
4689
|
+
@pulumi.getter(name="rotationSchedule")
|
|
4690
|
+
def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
|
|
4691
|
+
"""
|
|
4692
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
4693
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
4694
|
+
"""
|
|
4695
|
+
return pulumi.get(self, "rotation_schedule")
|
|
4696
|
+
|
|
4697
|
+
@rotation_schedule.setter
|
|
4698
|
+
def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
|
|
4699
|
+
pulumi.set(self, "rotation_schedule", value)
|
|
4700
|
+
|
|
4701
|
+
@property
|
|
4702
|
+
@pulumi.getter(name="rotationWindow")
|
|
4703
|
+
def rotation_window(self) -> Optional[pulumi.Input[int]]:
|
|
4704
|
+
"""
|
|
4705
|
+
The maximum amount of time in seconds allowed to complete
|
|
4706
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
4707
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
4708
|
+
"""
|
|
4709
|
+
return pulumi.get(self, "rotation_window")
|
|
4710
|
+
|
|
4711
|
+
@rotation_window.setter
|
|
4712
|
+
def rotation_window(self, value: Optional[pulumi.Input[int]]):
|
|
4713
|
+
pulumi.set(self, "rotation_window", value)
|
|
4714
|
+
|
|
4439
4715
|
@property
|
|
4440
4716
|
@pulumi.getter(name="tlsServerName")
|
|
4441
4717
|
def tls_server_name(self) -> Optional[pulumi.Input[str]]:
|
|
@@ -4492,6 +4768,10 @@ if not MYPY:
|
|
|
4492
4768
|
data: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[str]]]]
|
|
4493
4769
|
"""
|
|
4494
4770
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
4771
|
+
"""
|
|
4772
|
+
disable_automated_rotation: NotRequired[pulumi.Input[bool]]
|
|
4773
|
+
"""
|
|
4774
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
4495
4775
|
|
|
4496
4776
|
Supported list of database secrets engines that can be configured:
|
|
4497
4777
|
"""
|
|
@@ -4523,6 +4803,22 @@ if not MYPY:
|
|
|
4523
4803
|
"""
|
|
4524
4804
|
A list of database statements to be executed to rotate the root user's credentials.
|
|
4525
4805
|
"""
|
|
4806
|
+
rotation_period: NotRequired[pulumi.Input[int]]
|
|
4807
|
+
"""
|
|
4808
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
|
4809
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
4810
|
+
"""
|
|
4811
|
+
rotation_schedule: NotRequired[pulumi.Input[str]]
|
|
4812
|
+
"""
|
|
4813
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
4814
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
4815
|
+
"""
|
|
4816
|
+
rotation_window: NotRequired[pulumi.Input[int]]
|
|
4817
|
+
"""
|
|
4818
|
+
The maximum amount of time in seconds allowed to complete
|
|
4819
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
4820
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
4821
|
+
"""
|
|
4526
4822
|
username: NotRequired[pulumi.Input[str]]
|
|
4527
4823
|
"""
|
|
4528
4824
|
The root credential username used in the connection URL
|
|
@@ -4542,6 +4838,7 @@ class SecretsMountHanaArgs:
|
|
|
4542
4838
|
allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
4543
4839
|
connection_url: Optional[pulumi.Input[str]] = None,
|
|
4544
4840
|
data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
|
4841
|
+
disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
|
|
4545
4842
|
disable_escaping: Optional[pulumi.Input[bool]] = None,
|
|
4546
4843
|
max_connection_lifetime: Optional[pulumi.Input[int]] = None,
|
|
4547
4844
|
max_idle_connections: Optional[pulumi.Input[int]] = None,
|
|
@@ -4549,6 +4846,9 @@ class SecretsMountHanaArgs:
|
|
|
4549
4846
|
password: Optional[pulumi.Input[str]] = None,
|
|
4550
4847
|
plugin_name: Optional[pulumi.Input[str]] = None,
|
|
4551
4848
|
root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
4849
|
+
rotation_period: Optional[pulumi.Input[int]] = None,
|
|
4850
|
+
rotation_schedule: Optional[pulumi.Input[str]] = None,
|
|
4851
|
+
rotation_window: Optional[pulumi.Input[int]] = None,
|
|
4552
4852
|
username: Optional[pulumi.Input[str]] = None,
|
|
4553
4853
|
verify_connection: Optional[pulumi.Input[bool]] = None):
|
|
4554
4854
|
"""
|
|
@@ -4557,6 +4857,7 @@ class SecretsMountHanaArgs:
|
|
|
4557
4857
|
connection.
|
|
4558
4858
|
:param pulumi.Input[str] connection_url: Connection string to use to connect to the database.
|
|
4559
4859
|
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
4860
|
+
:param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
4560
4861
|
|
|
4561
4862
|
Supported list of database secrets engines that can be configured:
|
|
4562
4863
|
:param pulumi.Input[bool] disable_escaping: Disable special character escaping in username and password
|
|
@@ -4566,6 +4867,13 @@ class SecretsMountHanaArgs:
|
|
|
4566
4867
|
:param pulumi.Input[str] password: The root credential password used in the connection URL
|
|
4567
4868
|
:param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use.
|
|
4568
4869
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
|
|
4870
|
+
:param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
|
4871
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
4872
|
+
:param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
4873
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
4874
|
+
:param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
|
|
4875
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
4876
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
4569
4877
|
:param pulumi.Input[str] username: The root credential username used in the connection URL
|
|
4570
4878
|
:param pulumi.Input[bool] verify_connection: Whether the connection should be verified on
|
|
4571
4879
|
initial configuration or not.
|
|
@@ -4577,6 +4885,8 @@ class SecretsMountHanaArgs:
|
|
|
4577
4885
|
pulumi.set(__self__, "connection_url", connection_url)
|
|
4578
4886
|
if data is not None:
|
|
4579
4887
|
pulumi.set(__self__, "data", data)
|
|
4888
|
+
if disable_automated_rotation is not None:
|
|
4889
|
+
pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
|
|
4580
4890
|
if disable_escaping is not None:
|
|
4581
4891
|
pulumi.set(__self__, "disable_escaping", disable_escaping)
|
|
4582
4892
|
if max_connection_lifetime is not None:
|
|
@@ -4591,6 +4901,12 @@ class SecretsMountHanaArgs:
|
|
|
4591
4901
|
pulumi.set(__self__, "plugin_name", plugin_name)
|
|
4592
4902
|
if root_rotation_statements is not None:
|
|
4593
4903
|
pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
|
|
4904
|
+
if rotation_period is not None:
|
|
4905
|
+
pulumi.set(__self__, "rotation_period", rotation_period)
|
|
4906
|
+
if rotation_schedule is not None:
|
|
4907
|
+
pulumi.set(__self__, "rotation_schedule", rotation_schedule)
|
|
4908
|
+
if rotation_window is not None:
|
|
4909
|
+
pulumi.set(__self__, "rotation_window", rotation_window)
|
|
4594
4910
|
if username is not None:
|
|
4595
4911
|
pulumi.set(__self__, "username", username)
|
|
4596
4912
|
if verify_connection is not None:
|
|
@@ -4638,8 +4954,6 @@ class SecretsMountHanaArgs:
|
|
|
4638
4954
|
def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
|
|
4639
4955
|
"""
|
|
4640
4956
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
4641
|
-
|
|
4642
|
-
Supported list of database secrets engines that can be configured:
|
|
4643
4957
|
"""
|
|
4644
4958
|
return pulumi.get(self, "data")
|
|
4645
4959
|
|
|
@@ -4647,6 +4961,20 @@ class SecretsMountHanaArgs:
|
|
|
4647
4961
|
def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
|
|
4648
4962
|
pulumi.set(self, "data", value)
|
|
4649
4963
|
|
|
4964
|
+
@property
|
|
4965
|
+
@pulumi.getter(name="disableAutomatedRotation")
|
|
4966
|
+
def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
|
|
4967
|
+
"""
|
|
4968
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
4969
|
+
|
|
4970
|
+
Supported list of database secrets engines that can be configured:
|
|
4971
|
+
"""
|
|
4972
|
+
return pulumi.get(self, "disable_automated_rotation")
|
|
4973
|
+
|
|
4974
|
+
@disable_automated_rotation.setter
|
|
4975
|
+
def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
|
|
4976
|
+
pulumi.set(self, "disable_automated_rotation", value)
|
|
4977
|
+
|
|
4650
4978
|
@property
|
|
4651
4979
|
@pulumi.getter(name="disableEscaping")
|
|
4652
4980
|
def disable_escaping(self) -> Optional[pulumi.Input[bool]]:
|
|
@@ -4731,6 +5059,46 @@ class SecretsMountHanaArgs:
|
|
|
4731
5059
|
def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
|
4732
5060
|
pulumi.set(self, "root_rotation_statements", value)
|
|
4733
5061
|
|
|
5062
|
+
@property
|
|
5063
|
+
@pulumi.getter(name="rotationPeriod")
|
|
5064
|
+
def rotation_period(self) -> Optional[pulumi.Input[int]]:
|
|
5065
|
+
"""
|
|
5066
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
|
5067
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
5068
|
+
"""
|
|
5069
|
+
return pulumi.get(self, "rotation_period")
|
|
5070
|
+
|
|
5071
|
+
@rotation_period.setter
|
|
5072
|
+
def rotation_period(self, value: Optional[pulumi.Input[int]]):
|
|
5073
|
+
pulumi.set(self, "rotation_period", value)
|
|
5074
|
+
|
|
5075
|
+
@property
|
|
5076
|
+
@pulumi.getter(name="rotationSchedule")
|
|
5077
|
+
def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
|
|
5078
|
+
"""
|
|
5079
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
5080
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
5081
|
+
"""
|
|
5082
|
+
return pulumi.get(self, "rotation_schedule")
|
|
5083
|
+
|
|
5084
|
+
@rotation_schedule.setter
|
|
5085
|
+
def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
|
|
5086
|
+
pulumi.set(self, "rotation_schedule", value)
|
|
5087
|
+
|
|
5088
|
+
@property
|
|
5089
|
+
@pulumi.getter(name="rotationWindow")
|
|
5090
|
+
def rotation_window(self) -> Optional[pulumi.Input[int]]:
|
|
5091
|
+
"""
|
|
5092
|
+
The maximum amount of time in seconds allowed to complete
|
|
5093
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
5094
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
5095
|
+
"""
|
|
5096
|
+
return pulumi.get(self, "rotation_window")
|
|
5097
|
+
|
|
5098
|
+
@rotation_window.setter
|
|
5099
|
+
def rotation_window(self, value: Optional[pulumi.Input[int]]):
|
|
5100
|
+
pulumi.set(self, "rotation_window", value)
|
|
5101
|
+
|
|
4734
5102
|
@property
|
|
4735
5103
|
@pulumi.getter
|
|
4736
5104
|
def username(self) -> Optional[pulumi.Input[str]]:
|
|
@@ -4787,6 +5155,10 @@ if not MYPY:
|
|
|
4787
5155
|
data: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[str]]]]
|
|
4788
5156
|
"""
|
|
4789
5157
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
5158
|
+
"""
|
|
5159
|
+
disable_automated_rotation: NotRequired[pulumi.Input[bool]]
|
|
5160
|
+
"""
|
|
5161
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
4790
5162
|
|
|
4791
5163
|
Supported list of database secrets engines that can be configured:
|
|
4792
5164
|
"""
|
|
@@ -4814,6 +5186,22 @@ if not MYPY:
|
|
|
4814
5186
|
"""
|
|
4815
5187
|
A list of database statements to be executed to rotate the root user's credentials.
|
|
4816
5188
|
"""
|
|
5189
|
+
rotation_period: NotRequired[pulumi.Input[int]]
|
|
5190
|
+
"""
|
|
5191
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
|
5192
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
5193
|
+
"""
|
|
5194
|
+
rotation_schedule: NotRequired[pulumi.Input[str]]
|
|
5195
|
+
"""
|
|
5196
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
5197
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
5198
|
+
"""
|
|
5199
|
+
rotation_window: NotRequired[pulumi.Input[int]]
|
|
5200
|
+
"""
|
|
5201
|
+
The maximum amount of time in seconds allowed to complete
|
|
5202
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
5203
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
5204
|
+
"""
|
|
4817
5205
|
tls: NotRequired[pulumi.Input[bool]]
|
|
4818
5206
|
"""
|
|
4819
5207
|
Whether to use TLS when connecting to Influxdb.
|
|
@@ -4840,12 +5228,16 @@ class SecretsMountInfluxdbArgs:
|
|
|
4840
5228
|
allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
4841
5229
|
connect_timeout: Optional[pulumi.Input[int]] = None,
|
|
4842
5230
|
data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
|
5231
|
+
disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
|
|
4843
5232
|
insecure_tls: Optional[pulumi.Input[bool]] = None,
|
|
4844
5233
|
pem_bundle: Optional[pulumi.Input[str]] = None,
|
|
4845
5234
|
pem_json: Optional[pulumi.Input[str]] = None,
|
|
4846
5235
|
plugin_name: Optional[pulumi.Input[str]] = None,
|
|
4847
5236
|
port: Optional[pulumi.Input[int]] = None,
|
|
4848
5237
|
root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
5238
|
+
rotation_period: Optional[pulumi.Input[int]] = None,
|
|
5239
|
+
rotation_schedule: Optional[pulumi.Input[str]] = None,
|
|
5240
|
+
rotation_window: Optional[pulumi.Input[int]] = None,
|
|
4849
5241
|
tls: Optional[pulumi.Input[bool]] = None,
|
|
4850
5242
|
username_template: Optional[pulumi.Input[str]] = None,
|
|
4851
5243
|
verify_connection: Optional[pulumi.Input[bool]] = None):
|
|
@@ -4858,6 +5250,7 @@ class SecretsMountInfluxdbArgs:
|
|
|
4858
5250
|
connection.
|
|
4859
5251
|
:param pulumi.Input[int] connect_timeout: The number of seconds to use as a connection timeout.
|
|
4860
5252
|
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
5253
|
+
:param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
4861
5254
|
|
|
4862
5255
|
Supported list of database secrets engines that can be configured:
|
|
4863
5256
|
:param pulumi.Input[bool] insecure_tls: Whether to skip verification of the server certificate when using TLS.
|
|
@@ -4866,6 +5259,13 @@ class SecretsMountInfluxdbArgs:
|
|
|
4866
5259
|
:param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use.
|
|
4867
5260
|
:param pulumi.Input[int] port: The transport port to use to connect to Influxdb.
|
|
4868
5261
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
|
|
5262
|
+
:param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
|
5263
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
5264
|
+
:param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
5265
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
5266
|
+
:param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
|
|
5267
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
5268
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
4869
5269
|
:param pulumi.Input[bool] tls: Whether to use TLS when connecting to Influxdb.
|
|
4870
5270
|
:param pulumi.Input[str] username_template: Template describing how dynamic usernames are generated.
|
|
4871
5271
|
:param pulumi.Input[bool] verify_connection: Whether the connection should be verified on
|
|
@@ -4881,6 +5281,8 @@ class SecretsMountInfluxdbArgs:
|
|
|
4881
5281
|
pulumi.set(__self__, "connect_timeout", connect_timeout)
|
|
4882
5282
|
if data is not None:
|
|
4883
5283
|
pulumi.set(__self__, "data", data)
|
|
5284
|
+
if disable_automated_rotation is not None:
|
|
5285
|
+
pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
|
|
4884
5286
|
if insecure_tls is not None:
|
|
4885
5287
|
pulumi.set(__self__, "insecure_tls", insecure_tls)
|
|
4886
5288
|
if pem_bundle is not None:
|
|
@@ -4893,6 +5295,12 @@ class SecretsMountInfluxdbArgs:
|
|
|
4893
5295
|
pulumi.set(__self__, "port", port)
|
|
4894
5296
|
if root_rotation_statements is not None:
|
|
4895
5297
|
pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
|
|
5298
|
+
if rotation_period is not None:
|
|
5299
|
+
pulumi.set(__self__, "rotation_period", rotation_period)
|
|
5300
|
+
if rotation_schedule is not None:
|
|
5301
|
+
pulumi.set(__self__, "rotation_schedule", rotation_schedule)
|
|
5302
|
+
if rotation_window is not None:
|
|
5303
|
+
pulumi.set(__self__, "rotation_window", rotation_window)
|
|
4896
5304
|
if tls is not None:
|
|
4897
5305
|
pulumi.set(__self__, "tls", tls)
|
|
4898
5306
|
if username_template is not None:
|
|
@@ -4978,8 +5386,6 @@ class SecretsMountInfluxdbArgs:
|
|
|
4978
5386
|
def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
|
|
4979
5387
|
"""
|
|
4980
5388
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
4981
|
-
|
|
4982
|
-
Supported list of database secrets engines that can be configured:
|
|
4983
5389
|
"""
|
|
4984
5390
|
return pulumi.get(self, "data")
|
|
4985
5391
|
|
|
@@ -4987,6 +5393,20 @@ class SecretsMountInfluxdbArgs:
|
|
|
4987
5393
|
def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
|
|
4988
5394
|
pulumi.set(self, "data", value)
|
|
4989
5395
|
|
|
5396
|
+
@property
|
|
5397
|
+
@pulumi.getter(name="disableAutomatedRotation")
|
|
5398
|
+
def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
|
|
5399
|
+
"""
|
|
5400
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
5401
|
+
|
|
5402
|
+
Supported list of database secrets engines that can be configured:
|
|
5403
|
+
"""
|
|
5404
|
+
return pulumi.get(self, "disable_automated_rotation")
|
|
5405
|
+
|
|
5406
|
+
@disable_automated_rotation.setter
|
|
5407
|
+
def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
|
|
5408
|
+
pulumi.set(self, "disable_automated_rotation", value)
|
|
5409
|
+
|
|
4990
5410
|
@property
|
|
4991
5411
|
@pulumi.getter(name="insecureTls")
|
|
4992
5412
|
def insecure_tls(self) -> Optional[pulumi.Input[bool]]:
|
|
@@ -5059,6 +5479,46 @@ class SecretsMountInfluxdbArgs:
|
|
|
5059
5479
|
def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
|
5060
5480
|
pulumi.set(self, "root_rotation_statements", value)
|
|
5061
5481
|
|
|
5482
|
+
@property
|
|
5483
|
+
@pulumi.getter(name="rotationPeriod")
|
|
5484
|
+
def rotation_period(self) -> Optional[pulumi.Input[int]]:
|
|
5485
|
+
"""
|
|
5486
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
|
5487
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
5488
|
+
"""
|
|
5489
|
+
return pulumi.get(self, "rotation_period")
|
|
5490
|
+
|
|
5491
|
+
@rotation_period.setter
|
|
5492
|
+
def rotation_period(self, value: Optional[pulumi.Input[int]]):
|
|
5493
|
+
pulumi.set(self, "rotation_period", value)
|
|
5494
|
+
|
|
5495
|
+
@property
|
|
5496
|
+
@pulumi.getter(name="rotationSchedule")
|
|
5497
|
+
def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
|
|
5498
|
+
"""
|
|
5499
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
5500
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
5501
|
+
"""
|
|
5502
|
+
return pulumi.get(self, "rotation_schedule")
|
|
5503
|
+
|
|
5504
|
+
@rotation_schedule.setter
|
|
5505
|
+
def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
|
|
5506
|
+
pulumi.set(self, "rotation_schedule", value)
|
|
5507
|
+
|
|
5508
|
+
@property
|
|
5509
|
+
@pulumi.getter(name="rotationWindow")
|
|
5510
|
+
def rotation_window(self) -> Optional[pulumi.Input[int]]:
|
|
5511
|
+
"""
|
|
5512
|
+
The maximum amount of time in seconds allowed to complete
|
|
5513
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
5514
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
5515
|
+
"""
|
|
5516
|
+
return pulumi.get(self, "rotation_window")
|
|
5517
|
+
|
|
5518
|
+
@rotation_window.setter
|
|
5519
|
+
def rotation_window(self, value: Optional[pulumi.Input[int]]):
|
|
5520
|
+
pulumi.set(self, "rotation_window", value)
|
|
5521
|
+
|
|
5062
5522
|
@property
|
|
5063
5523
|
@pulumi.getter
|
|
5064
5524
|
def tls(self) -> Optional[pulumi.Input[bool]]:
|
|
@@ -5115,6 +5575,10 @@ if not MYPY:
|
|
|
5115
5575
|
data: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[str]]]]
|
|
5116
5576
|
"""
|
|
5117
5577
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
5578
|
+
"""
|
|
5579
|
+
disable_automated_rotation: NotRequired[pulumi.Input[bool]]
|
|
5580
|
+
"""
|
|
5581
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
5118
5582
|
|
|
5119
5583
|
Supported list of database secrets engines that can be configured:
|
|
5120
5584
|
"""
|
|
@@ -5142,6 +5606,22 @@ if not MYPY:
|
|
|
5142
5606
|
"""
|
|
5143
5607
|
A list of database statements to be executed to rotate the root user's credentials.
|
|
5144
5608
|
"""
|
|
5609
|
+
rotation_period: NotRequired[pulumi.Input[int]]
|
|
5610
|
+
"""
|
|
5611
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
|
5612
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
5613
|
+
"""
|
|
5614
|
+
rotation_schedule: NotRequired[pulumi.Input[str]]
|
|
5615
|
+
"""
|
|
5616
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
5617
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
5618
|
+
"""
|
|
5619
|
+
rotation_window: NotRequired[pulumi.Input[int]]
|
|
5620
|
+
"""
|
|
5621
|
+
The maximum amount of time in seconds allowed to complete
|
|
5622
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
5623
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
5624
|
+
"""
|
|
5145
5625
|
username: NotRequired[pulumi.Input[str]]
|
|
5146
5626
|
"""
|
|
5147
5627
|
The root credential username used in the connection URL
|
|
@@ -5165,12 +5645,16 @@ class SecretsMountMongodbArgs:
|
|
|
5165
5645
|
allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
5166
5646
|
connection_url: Optional[pulumi.Input[str]] = None,
|
|
5167
5647
|
data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
|
5648
|
+
disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
|
|
5168
5649
|
max_connection_lifetime: Optional[pulumi.Input[int]] = None,
|
|
5169
5650
|
max_idle_connections: Optional[pulumi.Input[int]] = None,
|
|
5170
5651
|
max_open_connections: Optional[pulumi.Input[int]] = None,
|
|
5171
5652
|
password: Optional[pulumi.Input[str]] = None,
|
|
5172
5653
|
plugin_name: Optional[pulumi.Input[str]] = None,
|
|
5173
5654
|
root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
5655
|
+
rotation_period: Optional[pulumi.Input[int]] = None,
|
|
5656
|
+
rotation_schedule: Optional[pulumi.Input[str]] = None,
|
|
5657
|
+
rotation_window: Optional[pulumi.Input[int]] = None,
|
|
5174
5658
|
username: Optional[pulumi.Input[str]] = None,
|
|
5175
5659
|
username_template: Optional[pulumi.Input[str]] = None,
|
|
5176
5660
|
verify_connection: Optional[pulumi.Input[bool]] = None):
|
|
@@ -5180,6 +5664,7 @@ class SecretsMountMongodbArgs:
|
|
|
5180
5664
|
connection.
|
|
5181
5665
|
:param pulumi.Input[str] connection_url: Connection string to use to connect to the database.
|
|
5182
5666
|
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
5667
|
+
:param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
5183
5668
|
|
|
5184
5669
|
Supported list of database secrets engines that can be configured:
|
|
5185
5670
|
:param pulumi.Input[int] max_connection_lifetime: Maximum number of seconds a connection may be reused.
|
|
@@ -5188,6 +5673,13 @@ class SecretsMountMongodbArgs:
|
|
|
5188
5673
|
:param pulumi.Input[str] password: The root credential password used in the connection URL
|
|
5189
5674
|
:param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use.
|
|
5190
5675
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
|
|
5676
|
+
:param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
|
5677
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
5678
|
+
:param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
5679
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
5680
|
+
:param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
|
|
5681
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
5682
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
5191
5683
|
:param pulumi.Input[str] username: The root credential username used in the connection URL
|
|
5192
5684
|
:param pulumi.Input[str] username_template: Username generation template.
|
|
5193
5685
|
:param pulumi.Input[bool] verify_connection: Whether the connection should be verified on
|
|
@@ -5200,6 +5692,8 @@ class SecretsMountMongodbArgs:
|
|
|
5200
5692
|
pulumi.set(__self__, "connection_url", connection_url)
|
|
5201
5693
|
if data is not None:
|
|
5202
5694
|
pulumi.set(__self__, "data", data)
|
|
5695
|
+
if disable_automated_rotation is not None:
|
|
5696
|
+
pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
|
|
5203
5697
|
if max_connection_lifetime is not None:
|
|
5204
5698
|
pulumi.set(__self__, "max_connection_lifetime", max_connection_lifetime)
|
|
5205
5699
|
if max_idle_connections is not None:
|
|
@@ -5212,6 +5706,12 @@ class SecretsMountMongodbArgs:
|
|
|
5212
5706
|
pulumi.set(__self__, "plugin_name", plugin_name)
|
|
5213
5707
|
if root_rotation_statements is not None:
|
|
5214
5708
|
pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
|
|
5709
|
+
if rotation_period is not None:
|
|
5710
|
+
pulumi.set(__self__, "rotation_period", rotation_period)
|
|
5711
|
+
if rotation_schedule is not None:
|
|
5712
|
+
pulumi.set(__self__, "rotation_schedule", rotation_schedule)
|
|
5713
|
+
if rotation_window is not None:
|
|
5714
|
+
pulumi.set(__self__, "rotation_window", rotation_window)
|
|
5215
5715
|
if username is not None:
|
|
5216
5716
|
pulumi.set(__self__, "username", username)
|
|
5217
5717
|
if username_template is not None:
|
|
@@ -5261,8 +5761,6 @@ class SecretsMountMongodbArgs:
|
|
|
5261
5761
|
def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
|
|
5262
5762
|
"""
|
|
5263
5763
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
5264
|
-
|
|
5265
|
-
Supported list of database secrets engines that can be configured:
|
|
5266
5764
|
"""
|
|
5267
5765
|
return pulumi.get(self, "data")
|
|
5268
5766
|
|
|
@@ -5270,6 +5768,20 @@ class SecretsMountMongodbArgs:
|
|
|
5270
5768
|
def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
|
|
5271
5769
|
pulumi.set(self, "data", value)
|
|
5272
5770
|
|
|
5771
|
+
@property
|
|
5772
|
+
@pulumi.getter(name="disableAutomatedRotation")
|
|
5773
|
+
def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
|
|
5774
|
+
"""
|
|
5775
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
5776
|
+
|
|
5777
|
+
Supported list of database secrets engines that can be configured:
|
|
5778
|
+
"""
|
|
5779
|
+
return pulumi.get(self, "disable_automated_rotation")
|
|
5780
|
+
|
|
5781
|
+
@disable_automated_rotation.setter
|
|
5782
|
+
def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
|
|
5783
|
+
pulumi.set(self, "disable_automated_rotation", value)
|
|
5784
|
+
|
|
5273
5785
|
@property
|
|
5274
5786
|
@pulumi.getter(name="maxConnectionLifetime")
|
|
5275
5787
|
def max_connection_lifetime(self) -> Optional[pulumi.Input[int]]:
|
|
@@ -5342,6 +5854,46 @@ class SecretsMountMongodbArgs:
|
|
|
5342
5854
|
def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
|
5343
5855
|
pulumi.set(self, "root_rotation_statements", value)
|
|
5344
5856
|
|
|
5857
|
+
@property
|
|
5858
|
+
@pulumi.getter(name="rotationPeriod")
|
|
5859
|
+
def rotation_period(self) -> Optional[pulumi.Input[int]]:
|
|
5860
|
+
"""
|
|
5861
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
|
5862
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
5863
|
+
"""
|
|
5864
|
+
return pulumi.get(self, "rotation_period")
|
|
5865
|
+
|
|
5866
|
+
@rotation_period.setter
|
|
5867
|
+
def rotation_period(self, value: Optional[pulumi.Input[int]]):
|
|
5868
|
+
pulumi.set(self, "rotation_period", value)
|
|
5869
|
+
|
|
5870
|
+
@property
|
|
5871
|
+
@pulumi.getter(name="rotationSchedule")
|
|
5872
|
+
def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
|
|
5873
|
+
"""
|
|
5874
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
5875
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
5876
|
+
"""
|
|
5877
|
+
return pulumi.get(self, "rotation_schedule")
|
|
5878
|
+
|
|
5879
|
+
@rotation_schedule.setter
|
|
5880
|
+
def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
|
|
5881
|
+
pulumi.set(self, "rotation_schedule", value)
|
|
5882
|
+
|
|
5883
|
+
@property
|
|
5884
|
+
@pulumi.getter(name="rotationWindow")
|
|
5885
|
+
def rotation_window(self) -> Optional[pulumi.Input[int]]:
|
|
5886
|
+
"""
|
|
5887
|
+
The maximum amount of time in seconds allowed to complete
|
|
5888
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
5889
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
5890
|
+
"""
|
|
5891
|
+
return pulumi.get(self, "rotation_window")
|
|
5892
|
+
|
|
5893
|
+
@rotation_window.setter
|
|
5894
|
+
def rotation_window(self, value: Optional[pulumi.Input[int]]):
|
|
5895
|
+
pulumi.set(self, "rotation_window", value)
|
|
5896
|
+
|
|
5345
5897
|
@property
|
|
5346
5898
|
@pulumi.getter
|
|
5347
5899
|
def username(self) -> Optional[pulumi.Input[str]]:
|
|
@@ -5406,6 +5958,10 @@ if not MYPY:
|
|
|
5406
5958
|
data: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[str]]]]
|
|
5407
5959
|
"""
|
|
5408
5960
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
5961
|
+
"""
|
|
5962
|
+
disable_automated_rotation: NotRequired[pulumi.Input[bool]]
|
|
5963
|
+
"""
|
|
5964
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
5409
5965
|
|
|
5410
5966
|
Supported list of database secrets engines that can be configured:
|
|
5411
5967
|
"""
|
|
@@ -5417,6 +5973,22 @@ if not MYPY:
|
|
|
5417
5973
|
"""
|
|
5418
5974
|
A list of database statements to be executed to rotate the root user's credentials.
|
|
5419
5975
|
"""
|
|
5976
|
+
rotation_period: NotRequired[pulumi.Input[int]]
|
|
5977
|
+
"""
|
|
5978
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
|
5979
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
5980
|
+
"""
|
|
5981
|
+
rotation_schedule: NotRequired[pulumi.Input[str]]
|
|
5982
|
+
"""
|
|
5983
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
5984
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
5985
|
+
"""
|
|
5986
|
+
rotation_window: NotRequired[pulumi.Input[int]]
|
|
5987
|
+
"""
|
|
5988
|
+
The maximum amount of time in seconds allowed to complete
|
|
5989
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
5990
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
5991
|
+
"""
|
|
5420
5992
|
verify_connection: NotRequired[pulumi.Input[bool]]
|
|
5421
5993
|
"""
|
|
5422
5994
|
Whether the connection should be verified on
|
|
@@ -5434,8 +6006,12 @@ class SecretsMountMongodbatlaArgs:
|
|
|
5434
6006
|
public_key: pulumi.Input[str],
|
|
5435
6007
|
allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
5436
6008
|
data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
|
6009
|
+
disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
|
|
5437
6010
|
plugin_name: Optional[pulumi.Input[str]] = None,
|
|
5438
6011
|
root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
6012
|
+
rotation_period: Optional[pulumi.Input[int]] = None,
|
|
6013
|
+
rotation_schedule: Optional[pulumi.Input[str]] = None,
|
|
6014
|
+
rotation_window: Optional[pulumi.Input[int]] = None,
|
|
5439
6015
|
verify_connection: Optional[pulumi.Input[bool]] = None):
|
|
5440
6016
|
"""
|
|
5441
6017
|
:param pulumi.Input[str] name: Name of the database connection.
|
|
@@ -5445,10 +6021,18 @@ class SecretsMountMongodbatlaArgs:
|
|
|
5445
6021
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_roles: A list of roles that are allowed to use this
|
|
5446
6022
|
connection.
|
|
5447
6023
|
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
6024
|
+
:param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
5448
6025
|
|
|
5449
6026
|
Supported list of database secrets engines that can be configured:
|
|
5450
6027
|
:param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use.
|
|
5451
6028
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
|
|
6029
|
+
:param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
|
6030
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
6031
|
+
:param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
6032
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
6033
|
+
:param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
|
|
6034
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
6035
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
5452
6036
|
:param pulumi.Input[bool] verify_connection: Whether the connection should be verified on
|
|
5453
6037
|
initial configuration or not.
|
|
5454
6038
|
"""
|
|
@@ -5460,10 +6044,18 @@ class SecretsMountMongodbatlaArgs:
|
|
|
5460
6044
|
pulumi.set(__self__, "allowed_roles", allowed_roles)
|
|
5461
6045
|
if data is not None:
|
|
5462
6046
|
pulumi.set(__self__, "data", data)
|
|
6047
|
+
if disable_automated_rotation is not None:
|
|
6048
|
+
pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
|
|
5463
6049
|
if plugin_name is not None:
|
|
5464
6050
|
pulumi.set(__self__, "plugin_name", plugin_name)
|
|
5465
6051
|
if root_rotation_statements is not None:
|
|
5466
6052
|
pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
|
|
6053
|
+
if rotation_period is not None:
|
|
6054
|
+
pulumi.set(__self__, "rotation_period", rotation_period)
|
|
6055
|
+
if rotation_schedule is not None:
|
|
6056
|
+
pulumi.set(__self__, "rotation_schedule", rotation_schedule)
|
|
6057
|
+
if rotation_window is not None:
|
|
6058
|
+
pulumi.set(__self__, "rotation_window", rotation_window)
|
|
5467
6059
|
if verify_connection is not None:
|
|
5468
6060
|
pulumi.set(__self__, "verify_connection", verify_connection)
|
|
5469
6061
|
|
|
@@ -5533,8 +6125,6 @@ class SecretsMountMongodbatlaArgs:
|
|
|
5533
6125
|
def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
|
|
5534
6126
|
"""
|
|
5535
6127
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
5536
|
-
|
|
5537
|
-
Supported list of database secrets engines that can be configured:
|
|
5538
6128
|
"""
|
|
5539
6129
|
return pulumi.get(self, "data")
|
|
5540
6130
|
|
|
@@ -5542,6 +6132,20 @@ class SecretsMountMongodbatlaArgs:
|
|
|
5542
6132
|
def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
|
|
5543
6133
|
pulumi.set(self, "data", value)
|
|
5544
6134
|
|
|
6135
|
+
@property
|
|
6136
|
+
@pulumi.getter(name="disableAutomatedRotation")
|
|
6137
|
+
def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
|
|
6138
|
+
"""
|
|
6139
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
6140
|
+
|
|
6141
|
+
Supported list of database secrets engines that can be configured:
|
|
6142
|
+
"""
|
|
6143
|
+
return pulumi.get(self, "disable_automated_rotation")
|
|
6144
|
+
|
|
6145
|
+
@disable_automated_rotation.setter
|
|
6146
|
+
def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
|
|
6147
|
+
pulumi.set(self, "disable_automated_rotation", value)
|
|
6148
|
+
|
|
5545
6149
|
@property
|
|
5546
6150
|
@pulumi.getter(name="pluginName")
|
|
5547
6151
|
def plugin_name(self) -> Optional[pulumi.Input[str]]:
|
|
@@ -5566,6 +6170,46 @@ class SecretsMountMongodbatlaArgs:
|
|
|
5566
6170
|
def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
|
5567
6171
|
pulumi.set(self, "root_rotation_statements", value)
|
|
5568
6172
|
|
|
6173
|
+
@property
|
|
6174
|
+
@pulumi.getter(name="rotationPeriod")
|
|
6175
|
+
def rotation_period(self) -> Optional[pulumi.Input[int]]:
|
|
6176
|
+
"""
|
|
6177
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
|
6178
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
6179
|
+
"""
|
|
6180
|
+
return pulumi.get(self, "rotation_period")
|
|
6181
|
+
|
|
6182
|
+
@rotation_period.setter
|
|
6183
|
+
def rotation_period(self, value: Optional[pulumi.Input[int]]):
|
|
6184
|
+
pulumi.set(self, "rotation_period", value)
|
|
6185
|
+
|
|
6186
|
+
@property
|
|
6187
|
+
@pulumi.getter(name="rotationSchedule")
|
|
6188
|
+
def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
|
|
6189
|
+
"""
|
|
6190
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
6191
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
6192
|
+
"""
|
|
6193
|
+
return pulumi.get(self, "rotation_schedule")
|
|
6194
|
+
|
|
6195
|
+
@rotation_schedule.setter
|
|
6196
|
+
def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
|
|
6197
|
+
pulumi.set(self, "rotation_schedule", value)
|
|
6198
|
+
|
|
6199
|
+
@property
|
|
6200
|
+
@pulumi.getter(name="rotationWindow")
|
|
6201
|
+
def rotation_window(self) -> Optional[pulumi.Input[int]]:
|
|
6202
|
+
"""
|
|
6203
|
+
The maximum amount of time in seconds allowed to complete
|
|
6204
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
6205
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
6206
|
+
"""
|
|
6207
|
+
return pulumi.get(self, "rotation_window")
|
|
6208
|
+
|
|
6209
|
+
@rotation_window.setter
|
|
6210
|
+
def rotation_window(self, value: Optional[pulumi.Input[int]]):
|
|
6211
|
+
pulumi.set(self, "rotation_window", value)
|
|
6212
|
+
|
|
5569
6213
|
@property
|
|
5570
6214
|
@pulumi.getter(name="verifyConnection")
|
|
5571
6215
|
def verify_connection(self) -> Optional[pulumi.Input[bool]]:
|
|
@@ -5602,6 +6246,10 @@ if not MYPY:
|
|
|
5602
6246
|
data: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[str]]]]
|
|
5603
6247
|
"""
|
|
5604
6248
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
6249
|
+
"""
|
|
6250
|
+
disable_automated_rotation: NotRequired[pulumi.Input[bool]]
|
|
6251
|
+
"""
|
|
6252
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
5605
6253
|
|
|
5606
6254
|
Supported list of database secrets engines that can be configured:
|
|
5607
6255
|
"""
|
|
@@ -5633,6 +6281,22 @@ if not MYPY:
|
|
|
5633
6281
|
"""
|
|
5634
6282
|
A list of database statements to be executed to rotate the root user's credentials.
|
|
5635
6283
|
"""
|
|
6284
|
+
rotation_period: NotRequired[pulumi.Input[int]]
|
|
6285
|
+
"""
|
|
6286
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
|
6287
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
6288
|
+
"""
|
|
6289
|
+
rotation_schedule: NotRequired[pulumi.Input[str]]
|
|
6290
|
+
"""
|
|
6291
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
6292
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
6293
|
+
"""
|
|
6294
|
+
rotation_window: NotRequired[pulumi.Input[int]]
|
|
6295
|
+
"""
|
|
6296
|
+
The maximum amount of time in seconds allowed to complete
|
|
6297
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
6298
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
6299
|
+
"""
|
|
5636
6300
|
username: NotRequired[pulumi.Input[str]]
|
|
5637
6301
|
"""
|
|
5638
6302
|
The root credential username used in the connection URL
|
|
@@ -5657,6 +6321,7 @@ class SecretsMountMssqlArgs:
|
|
|
5657
6321
|
connection_url: Optional[pulumi.Input[str]] = None,
|
|
5658
6322
|
contained_db: Optional[pulumi.Input[bool]] = None,
|
|
5659
6323
|
data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
|
6324
|
+
disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
|
|
5660
6325
|
disable_escaping: Optional[pulumi.Input[bool]] = None,
|
|
5661
6326
|
max_connection_lifetime: Optional[pulumi.Input[int]] = None,
|
|
5662
6327
|
max_idle_connections: Optional[pulumi.Input[int]] = None,
|
|
@@ -5664,6 +6329,9 @@ class SecretsMountMssqlArgs:
|
|
|
5664
6329
|
password: Optional[pulumi.Input[str]] = None,
|
|
5665
6330
|
plugin_name: Optional[pulumi.Input[str]] = None,
|
|
5666
6331
|
root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
6332
|
+
rotation_period: Optional[pulumi.Input[int]] = None,
|
|
6333
|
+
rotation_schedule: Optional[pulumi.Input[str]] = None,
|
|
6334
|
+
rotation_window: Optional[pulumi.Input[int]] = None,
|
|
5667
6335
|
username: Optional[pulumi.Input[str]] = None,
|
|
5668
6336
|
username_template: Optional[pulumi.Input[str]] = None,
|
|
5669
6337
|
verify_connection: Optional[pulumi.Input[bool]] = None):
|
|
@@ -5674,6 +6342,7 @@ class SecretsMountMssqlArgs:
|
|
|
5674
6342
|
:param pulumi.Input[str] connection_url: Connection string to use to connect to the database.
|
|
5675
6343
|
:param pulumi.Input[bool] contained_db: Set to true when the target is a Contained Database, e.g. AzureSQL.
|
|
5676
6344
|
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
6345
|
+
:param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
5677
6346
|
|
|
5678
6347
|
Supported list of database secrets engines that can be configured:
|
|
5679
6348
|
:param pulumi.Input[bool] disable_escaping: Disable special character escaping in username and password
|
|
@@ -5683,6 +6352,13 @@ class SecretsMountMssqlArgs:
|
|
|
5683
6352
|
:param pulumi.Input[str] password: The root credential password used in the connection URL
|
|
5684
6353
|
:param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use.
|
|
5685
6354
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
|
|
6355
|
+
:param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
|
6356
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
6357
|
+
:param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
6358
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
6359
|
+
:param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
|
|
6360
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
6361
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
5686
6362
|
:param pulumi.Input[str] username: The root credential username used in the connection URL
|
|
5687
6363
|
:param pulumi.Input[str] username_template: Username generation template.
|
|
5688
6364
|
:param pulumi.Input[bool] verify_connection: Whether the connection should be verified on
|
|
@@ -5697,6 +6373,8 @@ class SecretsMountMssqlArgs:
|
|
|
5697
6373
|
pulumi.set(__self__, "contained_db", contained_db)
|
|
5698
6374
|
if data is not None:
|
|
5699
6375
|
pulumi.set(__self__, "data", data)
|
|
6376
|
+
if disable_automated_rotation is not None:
|
|
6377
|
+
pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
|
|
5700
6378
|
if disable_escaping is not None:
|
|
5701
6379
|
pulumi.set(__self__, "disable_escaping", disable_escaping)
|
|
5702
6380
|
if max_connection_lifetime is not None:
|
|
@@ -5711,6 +6389,12 @@ class SecretsMountMssqlArgs:
|
|
|
5711
6389
|
pulumi.set(__self__, "plugin_name", plugin_name)
|
|
5712
6390
|
if root_rotation_statements is not None:
|
|
5713
6391
|
pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
|
|
6392
|
+
if rotation_period is not None:
|
|
6393
|
+
pulumi.set(__self__, "rotation_period", rotation_period)
|
|
6394
|
+
if rotation_schedule is not None:
|
|
6395
|
+
pulumi.set(__self__, "rotation_schedule", rotation_schedule)
|
|
6396
|
+
if rotation_window is not None:
|
|
6397
|
+
pulumi.set(__self__, "rotation_window", rotation_window)
|
|
5714
6398
|
if username is not None:
|
|
5715
6399
|
pulumi.set(__self__, "username", username)
|
|
5716
6400
|
if username_template is not None:
|
|
@@ -5772,8 +6456,6 @@ class SecretsMountMssqlArgs:
|
|
|
5772
6456
|
def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
|
|
5773
6457
|
"""
|
|
5774
6458
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
5775
|
-
|
|
5776
|
-
Supported list of database secrets engines that can be configured:
|
|
5777
6459
|
"""
|
|
5778
6460
|
return pulumi.get(self, "data")
|
|
5779
6461
|
|
|
@@ -5781,6 +6463,20 @@ class SecretsMountMssqlArgs:
|
|
|
5781
6463
|
def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
|
|
5782
6464
|
pulumi.set(self, "data", value)
|
|
5783
6465
|
|
|
6466
|
+
@property
|
|
6467
|
+
@pulumi.getter(name="disableAutomatedRotation")
|
|
6468
|
+
def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
|
|
6469
|
+
"""
|
|
6470
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
6471
|
+
|
|
6472
|
+
Supported list of database secrets engines that can be configured:
|
|
6473
|
+
"""
|
|
6474
|
+
return pulumi.get(self, "disable_automated_rotation")
|
|
6475
|
+
|
|
6476
|
+
@disable_automated_rotation.setter
|
|
6477
|
+
def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
|
|
6478
|
+
pulumi.set(self, "disable_automated_rotation", value)
|
|
6479
|
+
|
|
5784
6480
|
@property
|
|
5785
6481
|
@pulumi.getter(name="disableEscaping")
|
|
5786
6482
|
def disable_escaping(self) -> Optional[pulumi.Input[bool]]:
|
|
@@ -5865,6 +6561,46 @@ class SecretsMountMssqlArgs:
|
|
|
5865
6561
|
def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
|
5866
6562
|
pulumi.set(self, "root_rotation_statements", value)
|
|
5867
6563
|
|
|
6564
|
+
@property
|
|
6565
|
+
@pulumi.getter(name="rotationPeriod")
|
|
6566
|
+
def rotation_period(self) -> Optional[pulumi.Input[int]]:
|
|
6567
|
+
"""
|
|
6568
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
|
6569
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
6570
|
+
"""
|
|
6571
|
+
return pulumi.get(self, "rotation_period")
|
|
6572
|
+
|
|
6573
|
+
@rotation_period.setter
|
|
6574
|
+
def rotation_period(self, value: Optional[pulumi.Input[int]]):
|
|
6575
|
+
pulumi.set(self, "rotation_period", value)
|
|
6576
|
+
|
|
6577
|
+
@property
|
|
6578
|
+
@pulumi.getter(name="rotationSchedule")
|
|
6579
|
+
def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
|
|
6580
|
+
"""
|
|
6581
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
6582
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
6583
|
+
"""
|
|
6584
|
+
return pulumi.get(self, "rotation_schedule")
|
|
6585
|
+
|
|
6586
|
+
@rotation_schedule.setter
|
|
6587
|
+
def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
|
|
6588
|
+
pulumi.set(self, "rotation_schedule", value)
|
|
6589
|
+
|
|
6590
|
+
@property
|
|
6591
|
+
@pulumi.getter(name="rotationWindow")
|
|
6592
|
+
def rotation_window(self) -> Optional[pulumi.Input[int]]:
|
|
6593
|
+
"""
|
|
6594
|
+
The maximum amount of time in seconds allowed to complete
|
|
6595
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
6596
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
6597
|
+
"""
|
|
6598
|
+
return pulumi.get(self, "rotation_window")
|
|
6599
|
+
|
|
6600
|
+
@rotation_window.setter
|
|
6601
|
+
def rotation_window(self, value: Optional[pulumi.Input[int]]):
|
|
6602
|
+
pulumi.set(self, "rotation_window", value)
|
|
6603
|
+
|
|
5868
6604
|
@property
|
|
5869
6605
|
@pulumi.getter
|
|
5870
6606
|
def username(self) -> Optional[pulumi.Input[str]]:
|
|
@@ -5925,6 +6661,10 @@ if not MYPY:
|
|
|
5925
6661
|
data: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[str]]]]
|
|
5926
6662
|
"""
|
|
5927
6663
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
6664
|
+
"""
|
|
6665
|
+
disable_automated_rotation: NotRequired[pulumi.Input[bool]]
|
|
6666
|
+
"""
|
|
6667
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
5928
6668
|
|
|
5929
6669
|
Supported list of database secrets engines that can be configured:
|
|
5930
6670
|
"""
|
|
@@ -5952,6 +6692,22 @@ if not MYPY:
|
|
|
5952
6692
|
"""
|
|
5953
6693
|
A list of database statements to be executed to rotate the root user's credentials.
|
|
5954
6694
|
"""
|
|
6695
|
+
rotation_period: NotRequired[pulumi.Input[int]]
|
|
6696
|
+
"""
|
|
6697
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
|
6698
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
6699
|
+
"""
|
|
6700
|
+
rotation_schedule: NotRequired[pulumi.Input[str]]
|
|
6701
|
+
"""
|
|
6702
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
6703
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
6704
|
+
"""
|
|
6705
|
+
rotation_window: NotRequired[pulumi.Input[int]]
|
|
6706
|
+
"""
|
|
6707
|
+
The maximum amount of time in seconds allowed to complete
|
|
6708
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
6709
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
6710
|
+
"""
|
|
5955
6711
|
service_account_json: NotRequired[pulumi.Input[str]]
|
|
5956
6712
|
"""
|
|
5957
6713
|
A JSON encoded credential for use with IAM authorization
|
|
@@ -5988,12 +6744,16 @@ class SecretsMountMysqlArgs:
|
|
|
5988
6744
|
auth_type: Optional[pulumi.Input[str]] = None,
|
|
5989
6745
|
connection_url: Optional[pulumi.Input[str]] = None,
|
|
5990
6746
|
data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
|
6747
|
+
disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
|
|
5991
6748
|
max_connection_lifetime: Optional[pulumi.Input[int]] = None,
|
|
5992
6749
|
max_idle_connections: Optional[pulumi.Input[int]] = None,
|
|
5993
6750
|
max_open_connections: Optional[pulumi.Input[int]] = None,
|
|
5994
6751
|
password: Optional[pulumi.Input[str]] = None,
|
|
5995
6752
|
plugin_name: Optional[pulumi.Input[str]] = None,
|
|
5996
6753
|
root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
6754
|
+
rotation_period: Optional[pulumi.Input[int]] = None,
|
|
6755
|
+
rotation_schedule: Optional[pulumi.Input[str]] = None,
|
|
6756
|
+
rotation_window: Optional[pulumi.Input[int]] = None,
|
|
5997
6757
|
service_account_json: Optional[pulumi.Input[str]] = None,
|
|
5998
6758
|
tls_ca: Optional[pulumi.Input[str]] = None,
|
|
5999
6759
|
tls_certificate_key: Optional[pulumi.Input[str]] = None,
|
|
@@ -6007,6 +6767,7 @@ class SecretsMountMysqlArgs:
|
|
|
6007
6767
|
:param pulumi.Input[str] auth_type: Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
|
|
6008
6768
|
:param pulumi.Input[str] connection_url: Connection string to use to connect to the database.
|
|
6009
6769
|
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
6770
|
+
:param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
6010
6771
|
|
|
6011
6772
|
Supported list of database secrets engines that can be configured:
|
|
6012
6773
|
:param pulumi.Input[int] max_connection_lifetime: Maximum number of seconds a connection may be reused.
|
|
@@ -6015,6 +6776,13 @@ class SecretsMountMysqlArgs:
|
|
|
6015
6776
|
:param pulumi.Input[str] password: The root credential password used in the connection URL
|
|
6016
6777
|
:param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use.
|
|
6017
6778
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
|
|
6779
|
+
:param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
|
6780
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
6781
|
+
:param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
6782
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
6783
|
+
:param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
|
|
6784
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
6785
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
6018
6786
|
:param pulumi.Input[str] service_account_json: A JSON encoded credential for use with IAM authorization
|
|
6019
6787
|
:param pulumi.Input[str] tls_ca: x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
|
|
6020
6788
|
:param pulumi.Input[str] tls_certificate_key: x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
|
|
@@ -6032,6 +6800,8 @@ class SecretsMountMysqlArgs:
|
|
|
6032
6800
|
pulumi.set(__self__, "connection_url", connection_url)
|
|
6033
6801
|
if data is not None:
|
|
6034
6802
|
pulumi.set(__self__, "data", data)
|
|
6803
|
+
if disable_automated_rotation is not None:
|
|
6804
|
+
pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
|
|
6035
6805
|
if max_connection_lifetime is not None:
|
|
6036
6806
|
pulumi.set(__self__, "max_connection_lifetime", max_connection_lifetime)
|
|
6037
6807
|
if max_idle_connections is not None:
|
|
@@ -6044,6 +6814,12 @@ class SecretsMountMysqlArgs:
|
|
|
6044
6814
|
pulumi.set(__self__, "plugin_name", plugin_name)
|
|
6045
6815
|
if root_rotation_statements is not None:
|
|
6046
6816
|
pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
|
|
6817
|
+
if rotation_period is not None:
|
|
6818
|
+
pulumi.set(__self__, "rotation_period", rotation_period)
|
|
6819
|
+
if rotation_schedule is not None:
|
|
6820
|
+
pulumi.set(__self__, "rotation_schedule", rotation_schedule)
|
|
6821
|
+
if rotation_window is not None:
|
|
6822
|
+
pulumi.set(__self__, "rotation_window", rotation_window)
|
|
6047
6823
|
if service_account_json is not None:
|
|
6048
6824
|
pulumi.set(__self__, "service_account_json", service_account_json)
|
|
6049
6825
|
if tls_ca is not None:
|
|
@@ -6111,8 +6887,6 @@ class SecretsMountMysqlArgs:
|
|
|
6111
6887
|
def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
|
|
6112
6888
|
"""
|
|
6113
6889
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
6114
|
-
|
|
6115
|
-
Supported list of database secrets engines that can be configured:
|
|
6116
6890
|
"""
|
|
6117
6891
|
return pulumi.get(self, "data")
|
|
6118
6892
|
|
|
@@ -6120,6 +6894,20 @@ class SecretsMountMysqlArgs:
|
|
|
6120
6894
|
def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
|
|
6121
6895
|
pulumi.set(self, "data", value)
|
|
6122
6896
|
|
|
6897
|
+
@property
|
|
6898
|
+
@pulumi.getter(name="disableAutomatedRotation")
|
|
6899
|
+
def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
|
|
6900
|
+
"""
|
|
6901
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
6902
|
+
|
|
6903
|
+
Supported list of database secrets engines that can be configured:
|
|
6904
|
+
"""
|
|
6905
|
+
return pulumi.get(self, "disable_automated_rotation")
|
|
6906
|
+
|
|
6907
|
+
@disable_automated_rotation.setter
|
|
6908
|
+
def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
|
|
6909
|
+
pulumi.set(self, "disable_automated_rotation", value)
|
|
6910
|
+
|
|
6123
6911
|
@property
|
|
6124
6912
|
@pulumi.getter(name="maxConnectionLifetime")
|
|
6125
6913
|
def max_connection_lifetime(self) -> Optional[pulumi.Input[int]]:
|
|
@@ -6192,6 +6980,46 @@ class SecretsMountMysqlArgs:
|
|
|
6192
6980
|
def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
|
6193
6981
|
pulumi.set(self, "root_rotation_statements", value)
|
|
6194
6982
|
|
|
6983
|
+
@property
|
|
6984
|
+
@pulumi.getter(name="rotationPeriod")
|
|
6985
|
+
def rotation_period(self) -> Optional[pulumi.Input[int]]:
|
|
6986
|
+
"""
|
|
6987
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
|
6988
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
6989
|
+
"""
|
|
6990
|
+
return pulumi.get(self, "rotation_period")
|
|
6991
|
+
|
|
6992
|
+
@rotation_period.setter
|
|
6993
|
+
def rotation_period(self, value: Optional[pulumi.Input[int]]):
|
|
6994
|
+
pulumi.set(self, "rotation_period", value)
|
|
6995
|
+
|
|
6996
|
+
@property
|
|
6997
|
+
@pulumi.getter(name="rotationSchedule")
|
|
6998
|
+
def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
|
|
6999
|
+
"""
|
|
7000
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
7001
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
7002
|
+
"""
|
|
7003
|
+
return pulumi.get(self, "rotation_schedule")
|
|
7004
|
+
|
|
7005
|
+
@rotation_schedule.setter
|
|
7006
|
+
def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
|
|
7007
|
+
pulumi.set(self, "rotation_schedule", value)
|
|
7008
|
+
|
|
7009
|
+
@property
|
|
7010
|
+
@pulumi.getter(name="rotationWindow")
|
|
7011
|
+
def rotation_window(self) -> Optional[pulumi.Input[int]]:
|
|
7012
|
+
"""
|
|
7013
|
+
The maximum amount of time in seconds allowed to complete
|
|
7014
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
7015
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
7016
|
+
"""
|
|
7017
|
+
return pulumi.get(self, "rotation_window")
|
|
7018
|
+
|
|
7019
|
+
@rotation_window.setter
|
|
7020
|
+
def rotation_window(self, value: Optional[pulumi.Input[int]]):
|
|
7021
|
+
pulumi.set(self, "rotation_window", value)
|
|
7022
|
+
|
|
6195
7023
|
@property
|
|
6196
7024
|
@pulumi.getter(name="serviceAccountJson")
|
|
6197
7025
|
def service_account_json(self) -> Optional[pulumi.Input[str]]:
|
|
@@ -6288,6 +7116,10 @@ if not MYPY:
|
|
|
6288
7116
|
data: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[str]]]]
|
|
6289
7117
|
"""
|
|
6290
7118
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
7119
|
+
"""
|
|
7120
|
+
disable_automated_rotation: NotRequired[pulumi.Input[bool]]
|
|
7121
|
+
"""
|
|
7122
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
6291
7123
|
|
|
6292
7124
|
Supported list of database secrets engines that can be configured:
|
|
6293
7125
|
"""
|
|
@@ -6315,6 +7147,22 @@ if not MYPY:
|
|
|
6315
7147
|
"""
|
|
6316
7148
|
A list of database statements to be executed to rotate the root user's credentials.
|
|
6317
7149
|
"""
|
|
7150
|
+
rotation_period: NotRequired[pulumi.Input[int]]
|
|
7151
|
+
"""
|
|
7152
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
|
7153
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
7154
|
+
"""
|
|
7155
|
+
rotation_schedule: NotRequired[pulumi.Input[str]]
|
|
7156
|
+
"""
|
|
7157
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
7158
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
7159
|
+
"""
|
|
7160
|
+
rotation_window: NotRequired[pulumi.Input[int]]
|
|
7161
|
+
"""
|
|
7162
|
+
The maximum amount of time in seconds allowed to complete
|
|
7163
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
7164
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
7165
|
+
"""
|
|
6318
7166
|
service_account_json: NotRequired[pulumi.Input[str]]
|
|
6319
7167
|
"""
|
|
6320
7168
|
A JSON encoded credential for use with IAM authorization
|
|
@@ -6351,12 +7199,16 @@ class SecretsMountMysqlAuroraArgs:
|
|
|
6351
7199
|
auth_type: Optional[pulumi.Input[str]] = None,
|
|
6352
7200
|
connection_url: Optional[pulumi.Input[str]] = None,
|
|
6353
7201
|
data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
|
7202
|
+
disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
|
|
6354
7203
|
max_connection_lifetime: Optional[pulumi.Input[int]] = None,
|
|
6355
7204
|
max_idle_connections: Optional[pulumi.Input[int]] = None,
|
|
6356
7205
|
max_open_connections: Optional[pulumi.Input[int]] = None,
|
|
6357
7206
|
password: Optional[pulumi.Input[str]] = None,
|
|
6358
7207
|
plugin_name: Optional[pulumi.Input[str]] = None,
|
|
6359
7208
|
root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
7209
|
+
rotation_period: Optional[pulumi.Input[int]] = None,
|
|
7210
|
+
rotation_schedule: Optional[pulumi.Input[str]] = None,
|
|
7211
|
+
rotation_window: Optional[pulumi.Input[int]] = None,
|
|
6360
7212
|
service_account_json: Optional[pulumi.Input[str]] = None,
|
|
6361
7213
|
tls_ca: Optional[pulumi.Input[str]] = None,
|
|
6362
7214
|
tls_certificate_key: Optional[pulumi.Input[str]] = None,
|
|
@@ -6370,6 +7222,7 @@ class SecretsMountMysqlAuroraArgs:
|
|
|
6370
7222
|
:param pulumi.Input[str] auth_type: Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
|
|
6371
7223
|
:param pulumi.Input[str] connection_url: Connection string to use to connect to the database.
|
|
6372
7224
|
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
7225
|
+
:param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
6373
7226
|
|
|
6374
7227
|
Supported list of database secrets engines that can be configured:
|
|
6375
7228
|
:param pulumi.Input[int] max_connection_lifetime: Maximum number of seconds a connection may be reused.
|
|
@@ -6378,6 +7231,13 @@ class SecretsMountMysqlAuroraArgs:
|
|
|
6378
7231
|
:param pulumi.Input[str] password: The root credential password used in the connection URL
|
|
6379
7232
|
:param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use.
|
|
6380
7233
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
|
|
7234
|
+
:param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
|
7235
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
7236
|
+
:param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
7237
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
7238
|
+
:param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
|
|
7239
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
7240
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
6381
7241
|
:param pulumi.Input[str] service_account_json: A JSON encoded credential for use with IAM authorization
|
|
6382
7242
|
:param pulumi.Input[str] tls_ca: x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
|
|
6383
7243
|
:param pulumi.Input[str] tls_certificate_key: x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
|
|
@@ -6395,6 +7255,8 @@ class SecretsMountMysqlAuroraArgs:
|
|
|
6395
7255
|
pulumi.set(__self__, "connection_url", connection_url)
|
|
6396
7256
|
if data is not None:
|
|
6397
7257
|
pulumi.set(__self__, "data", data)
|
|
7258
|
+
if disable_automated_rotation is not None:
|
|
7259
|
+
pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
|
|
6398
7260
|
if max_connection_lifetime is not None:
|
|
6399
7261
|
pulumi.set(__self__, "max_connection_lifetime", max_connection_lifetime)
|
|
6400
7262
|
if max_idle_connections is not None:
|
|
@@ -6407,6 +7269,12 @@ class SecretsMountMysqlAuroraArgs:
|
|
|
6407
7269
|
pulumi.set(__self__, "plugin_name", plugin_name)
|
|
6408
7270
|
if root_rotation_statements is not None:
|
|
6409
7271
|
pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
|
|
7272
|
+
if rotation_period is not None:
|
|
7273
|
+
pulumi.set(__self__, "rotation_period", rotation_period)
|
|
7274
|
+
if rotation_schedule is not None:
|
|
7275
|
+
pulumi.set(__self__, "rotation_schedule", rotation_schedule)
|
|
7276
|
+
if rotation_window is not None:
|
|
7277
|
+
pulumi.set(__self__, "rotation_window", rotation_window)
|
|
6410
7278
|
if service_account_json is not None:
|
|
6411
7279
|
pulumi.set(__self__, "service_account_json", service_account_json)
|
|
6412
7280
|
if tls_ca is not None:
|
|
@@ -6474,8 +7342,6 @@ class SecretsMountMysqlAuroraArgs:
|
|
|
6474
7342
|
def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
|
|
6475
7343
|
"""
|
|
6476
7344
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
6477
|
-
|
|
6478
|
-
Supported list of database secrets engines that can be configured:
|
|
6479
7345
|
"""
|
|
6480
7346
|
return pulumi.get(self, "data")
|
|
6481
7347
|
|
|
@@ -6483,6 +7349,20 @@ class SecretsMountMysqlAuroraArgs:
|
|
|
6483
7349
|
def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
|
|
6484
7350
|
pulumi.set(self, "data", value)
|
|
6485
7351
|
|
|
7352
|
+
@property
|
|
7353
|
+
@pulumi.getter(name="disableAutomatedRotation")
|
|
7354
|
+
def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
|
|
7355
|
+
"""
|
|
7356
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
7357
|
+
|
|
7358
|
+
Supported list of database secrets engines that can be configured:
|
|
7359
|
+
"""
|
|
7360
|
+
return pulumi.get(self, "disable_automated_rotation")
|
|
7361
|
+
|
|
7362
|
+
@disable_automated_rotation.setter
|
|
7363
|
+
def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
|
|
7364
|
+
pulumi.set(self, "disable_automated_rotation", value)
|
|
7365
|
+
|
|
6486
7366
|
@property
|
|
6487
7367
|
@pulumi.getter(name="maxConnectionLifetime")
|
|
6488
7368
|
def max_connection_lifetime(self) -> Optional[pulumi.Input[int]]:
|
|
@@ -6555,6 +7435,46 @@ class SecretsMountMysqlAuroraArgs:
|
|
|
6555
7435
|
def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
|
6556
7436
|
pulumi.set(self, "root_rotation_statements", value)
|
|
6557
7437
|
|
|
7438
|
+
@property
|
|
7439
|
+
@pulumi.getter(name="rotationPeriod")
|
|
7440
|
+
def rotation_period(self) -> Optional[pulumi.Input[int]]:
|
|
7441
|
+
"""
|
|
7442
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
|
7443
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
7444
|
+
"""
|
|
7445
|
+
return pulumi.get(self, "rotation_period")
|
|
7446
|
+
|
|
7447
|
+
@rotation_period.setter
|
|
7448
|
+
def rotation_period(self, value: Optional[pulumi.Input[int]]):
|
|
7449
|
+
pulumi.set(self, "rotation_period", value)
|
|
7450
|
+
|
|
7451
|
+
@property
|
|
7452
|
+
@pulumi.getter(name="rotationSchedule")
|
|
7453
|
+
def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
|
|
7454
|
+
"""
|
|
7455
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
7456
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
7457
|
+
"""
|
|
7458
|
+
return pulumi.get(self, "rotation_schedule")
|
|
7459
|
+
|
|
7460
|
+
@rotation_schedule.setter
|
|
7461
|
+
def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
|
|
7462
|
+
pulumi.set(self, "rotation_schedule", value)
|
|
7463
|
+
|
|
7464
|
+
@property
|
|
7465
|
+
@pulumi.getter(name="rotationWindow")
|
|
7466
|
+
def rotation_window(self) -> Optional[pulumi.Input[int]]:
|
|
7467
|
+
"""
|
|
7468
|
+
The maximum amount of time in seconds allowed to complete
|
|
7469
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
7470
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
7471
|
+
"""
|
|
7472
|
+
return pulumi.get(self, "rotation_window")
|
|
7473
|
+
|
|
7474
|
+
@rotation_window.setter
|
|
7475
|
+
def rotation_window(self, value: Optional[pulumi.Input[int]]):
|
|
7476
|
+
pulumi.set(self, "rotation_window", value)
|
|
7477
|
+
|
|
6558
7478
|
@property
|
|
6559
7479
|
@pulumi.getter(name="serviceAccountJson")
|
|
6560
7480
|
def service_account_json(self) -> Optional[pulumi.Input[str]]:
|
|
@@ -6651,6 +7571,10 @@ if not MYPY:
|
|
|
6651
7571
|
data: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[str]]]]
|
|
6652
7572
|
"""
|
|
6653
7573
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
7574
|
+
"""
|
|
7575
|
+
disable_automated_rotation: NotRequired[pulumi.Input[bool]]
|
|
7576
|
+
"""
|
|
7577
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
6654
7578
|
|
|
6655
7579
|
Supported list of database secrets engines that can be configured:
|
|
6656
7580
|
"""
|
|
@@ -6678,6 +7602,22 @@ if not MYPY:
|
|
|
6678
7602
|
"""
|
|
6679
7603
|
A list of database statements to be executed to rotate the root user's credentials.
|
|
6680
7604
|
"""
|
|
7605
|
+
rotation_period: NotRequired[pulumi.Input[int]]
|
|
7606
|
+
"""
|
|
7607
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
|
7608
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
7609
|
+
"""
|
|
7610
|
+
rotation_schedule: NotRequired[pulumi.Input[str]]
|
|
7611
|
+
"""
|
|
7612
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
7613
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
7614
|
+
"""
|
|
7615
|
+
rotation_window: NotRequired[pulumi.Input[int]]
|
|
7616
|
+
"""
|
|
7617
|
+
The maximum amount of time in seconds allowed to complete
|
|
7618
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
7619
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
7620
|
+
"""
|
|
6681
7621
|
service_account_json: NotRequired[pulumi.Input[str]]
|
|
6682
7622
|
"""
|
|
6683
7623
|
A JSON encoded credential for use with IAM authorization
|
|
@@ -6714,12 +7654,16 @@ class SecretsMountMysqlLegacyArgs:
|
|
|
6714
7654
|
auth_type: Optional[pulumi.Input[str]] = None,
|
|
6715
7655
|
connection_url: Optional[pulumi.Input[str]] = None,
|
|
6716
7656
|
data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
|
7657
|
+
disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
|
|
6717
7658
|
max_connection_lifetime: Optional[pulumi.Input[int]] = None,
|
|
6718
7659
|
max_idle_connections: Optional[pulumi.Input[int]] = None,
|
|
6719
7660
|
max_open_connections: Optional[pulumi.Input[int]] = None,
|
|
6720
7661
|
password: Optional[pulumi.Input[str]] = None,
|
|
6721
7662
|
plugin_name: Optional[pulumi.Input[str]] = None,
|
|
6722
7663
|
root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
7664
|
+
rotation_period: Optional[pulumi.Input[int]] = None,
|
|
7665
|
+
rotation_schedule: Optional[pulumi.Input[str]] = None,
|
|
7666
|
+
rotation_window: Optional[pulumi.Input[int]] = None,
|
|
6723
7667
|
service_account_json: Optional[pulumi.Input[str]] = None,
|
|
6724
7668
|
tls_ca: Optional[pulumi.Input[str]] = None,
|
|
6725
7669
|
tls_certificate_key: Optional[pulumi.Input[str]] = None,
|
|
@@ -6733,6 +7677,7 @@ class SecretsMountMysqlLegacyArgs:
|
|
|
6733
7677
|
:param pulumi.Input[str] auth_type: Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
|
|
6734
7678
|
:param pulumi.Input[str] connection_url: Connection string to use to connect to the database.
|
|
6735
7679
|
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
7680
|
+
:param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
6736
7681
|
|
|
6737
7682
|
Supported list of database secrets engines that can be configured:
|
|
6738
7683
|
:param pulumi.Input[int] max_connection_lifetime: Maximum number of seconds a connection may be reused.
|
|
@@ -6741,6 +7686,13 @@ class SecretsMountMysqlLegacyArgs:
|
|
|
6741
7686
|
:param pulumi.Input[str] password: The root credential password used in the connection URL
|
|
6742
7687
|
:param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use.
|
|
6743
7688
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
|
|
7689
|
+
:param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
|
7690
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
7691
|
+
:param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
7692
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
7693
|
+
:param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
|
|
7694
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
7695
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
6744
7696
|
:param pulumi.Input[str] service_account_json: A JSON encoded credential for use with IAM authorization
|
|
6745
7697
|
:param pulumi.Input[str] tls_ca: x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
|
|
6746
7698
|
:param pulumi.Input[str] tls_certificate_key: x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
|
|
@@ -6758,6 +7710,8 @@ class SecretsMountMysqlLegacyArgs:
|
|
|
6758
7710
|
pulumi.set(__self__, "connection_url", connection_url)
|
|
6759
7711
|
if data is not None:
|
|
6760
7712
|
pulumi.set(__self__, "data", data)
|
|
7713
|
+
if disable_automated_rotation is not None:
|
|
7714
|
+
pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
|
|
6761
7715
|
if max_connection_lifetime is not None:
|
|
6762
7716
|
pulumi.set(__self__, "max_connection_lifetime", max_connection_lifetime)
|
|
6763
7717
|
if max_idle_connections is not None:
|
|
@@ -6770,6 +7724,12 @@ class SecretsMountMysqlLegacyArgs:
|
|
|
6770
7724
|
pulumi.set(__self__, "plugin_name", plugin_name)
|
|
6771
7725
|
if root_rotation_statements is not None:
|
|
6772
7726
|
pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
|
|
7727
|
+
if rotation_period is not None:
|
|
7728
|
+
pulumi.set(__self__, "rotation_period", rotation_period)
|
|
7729
|
+
if rotation_schedule is not None:
|
|
7730
|
+
pulumi.set(__self__, "rotation_schedule", rotation_schedule)
|
|
7731
|
+
if rotation_window is not None:
|
|
7732
|
+
pulumi.set(__self__, "rotation_window", rotation_window)
|
|
6773
7733
|
if service_account_json is not None:
|
|
6774
7734
|
pulumi.set(__self__, "service_account_json", service_account_json)
|
|
6775
7735
|
if tls_ca is not None:
|
|
@@ -6837,8 +7797,6 @@ class SecretsMountMysqlLegacyArgs:
|
|
|
6837
7797
|
def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
|
|
6838
7798
|
"""
|
|
6839
7799
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
6840
|
-
|
|
6841
|
-
Supported list of database secrets engines that can be configured:
|
|
6842
7800
|
"""
|
|
6843
7801
|
return pulumi.get(self, "data")
|
|
6844
7802
|
|
|
@@ -6846,6 +7804,20 @@ class SecretsMountMysqlLegacyArgs:
|
|
|
6846
7804
|
def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
|
|
6847
7805
|
pulumi.set(self, "data", value)
|
|
6848
7806
|
|
|
7807
|
+
@property
|
|
7808
|
+
@pulumi.getter(name="disableAutomatedRotation")
|
|
7809
|
+
def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
|
|
7810
|
+
"""
|
|
7811
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
7812
|
+
|
|
7813
|
+
Supported list of database secrets engines that can be configured:
|
|
7814
|
+
"""
|
|
7815
|
+
return pulumi.get(self, "disable_automated_rotation")
|
|
7816
|
+
|
|
7817
|
+
@disable_automated_rotation.setter
|
|
7818
|
+
def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
|
|
7819
|
+
pulumi.set(self, "disable_automated_rotation", value)
|
|
7820
|
+
|
|
6849
7821
|
@property
|
|
6850
7822
|
@pulumi.getter(name="maxConnectionLifetime")
|
|
6851
7823
|
def max_connection_lifetime(self) -> Optional[pulumi.Input[int]]:
|
|
@@ -6918,6 +7890,46 @@ class SecretsMountMysqlLegacyArgs:
|
|
|
6918
7890
|
def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
|
6919
7891
|
pulumi.set(self, "root_rotation_statements", value)
|
|
6920
7892
|
|
|
7893
|
+
@property
|
|
7894
|
+
@pulumi.getter(name="rotationPeriod")
|
|
7895
|
+
def rotation_period(self) -> Optional[pulumi.Input[int]]:
|
|
7896
|
+
"""
|
|
7897
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
|
7898
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
7899
|
+
"""
|
|
7900
|
+
return pulumi.get(self, "rotation_period")
|
|
7901
|
+
|
|
7902
|
+
@rotation_period.setter
|
|
7903
|
+
def rotation_period(self, value: Optional[pulumi.Input[int]]):
|
|
7904
|
+
pulumi.set(self, "rotation_period", value)
|
|
7905
|
+
|
|
7906
|
+
@property
|
|
7907
|
+
@pulumi.getter(name="rotationSchedule")
|
|
7908
|
+
def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
|
|
7909
|
+
"""
|
|
7910
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
7911
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
7912
|
+
"""
|
|
7913
|
+
return pulumi.get(self, "rotation_schedule")
|
|
7914
|
+
|
|
7915
|
+
@rotation_schedule.setter
|
|
7916
|
+
def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
|
|
7917
|
+
pulumi.set(self, "rotation_schedule", value)
|
|
7918
|
+
|
|
7919
|
+
@property
|
|
7920
|
+
@pulumi.getter(name="rotationWindow")
|
|
7921
|
+
def rotation_window(self) -> Optional[pulumi.Input[int]]:
|
|
7922
|
+
"""
|
|
7923
|
+
The maximum amount of time in seconds allowed to complete
|
|
7924
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
7925
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
7926
|
+
"""
|
|
7927
|
+
return pulumi.get(self, "rotation_window")
|
|
7928
|
+
|
|
7929
|
+
@rotation_window.setter
|
|
7930
|
+
def rotation_window(self, value: Optional[pulumi.Input[int]]):
|
|
7931
|
+
pulumi.set(self, "rotation_window", value)
|
|
7932
|
+
|
|
6921
7933
|
@property
|
|
6922
7934
|
@pulumi.getter(name="serviceAccountJson")
|
|
6923
7935
|
def service_account_json(self) -> Optional[pulumi.Input[str]]:
|
|
@@ -7014,6 +8026,10 @@ if not MYPY:
|
|
|
7014
8026
|
data: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[str]]]]
|
|
7015
8027
|
"""
|
|
7016
8028
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
8029
|
+
"""
|
|
8030
|
+
disable_automated_rotation: NotRequired[pulumi.Input[bool]]
|
|
8031
|
+
"""
|
|
8032
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
7017
8033
|
|
|
7018
8034
|
Supported list of database secrets engines that can be configured:
|
|
7019
8035
|
"""
|
|
@@ -7041,6 +8057,22 @@ if not MYPY:
|
|
|
7041
8057
|
"""
|
|
7042
8058
|
A list of database statements to be executed to rotate the root user's credentials.
|
|
7043
8059
|
"""
|
|
8060
|
+
rotation_period: NotRequired[pulumi.Input[int]]
|
|
8061
|
+
"""
|
|
8062
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
|
8063
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
8064
|
+
"""
|
|
8065
|
+
rotation_schedule: NotRequired[pulumi.Input[str]]
|
|
8066
|
+
"""
|
|
8067
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
8068
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
8069
|
+
"""
|
|
8070
|
+
rotation_window: NotRequired[pulumi.Input[int]]
|
|
8071
|
+
"""
|
|
8072
|
+
The maximum amount of time in seconds allowed to complete
|
|
8073
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
8074
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
8075
|
+
"""
|
|
7044
8076
|
service_account_json: NotRequired[pulumi.Input[str]]
|
|
7045
8077
|
"""
|
|
7046
8078
|
A JSON encoded credential for use with IAM authorization
|
|
@@ -7077,12 +8109,16 @@ class SecretsMountMysqlRdArgs:
|
|
|
7077
8109
|
auth_type: Optional[pulumi.Input[str]] = None,
|
|
7078
8110
|
connection_url: Optional[pulumi.Input[str]] = None,
|
|
7079
8111
|
data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
|
8112
|
+
disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
|
|
7080
8113
|
max_connection_lifetime: Optional[pulumi.Input[int]] = None,
|
|
7081
8114
|
max_idle_connections: Optional[pulumi.Input[int]] = None,
|
|
7082
8115
|
max_open_connections: Optional[pulumi.Input[int]] = None,
|
|
7083
8116
|
password: Optional[pulumi.Input[str]] = None,
|
|
7084
8117
|
plugin_name: Optional[pulumi.Input[str]] = None,
|
|
7085
8118
|
root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
8119
|
+
rotation_period: Optional[pulumi.Input[int]] = None,
|
|
8120
|
+
rotation_schedule: Optional[pulumi.Input[str]] = None,
|
|
8121
|
+
rotation_window: Optional[pulumi.Input[int]] = None,
|
|
7086
8122
|
service_account_json: Optional[pulumi.Input[str]] = None,
|
|
7087
8123
|
tls_ca: Optional[pulumi.Input[str]] = None,
|
|
7088
8124
|
tls_certificate_key: Optional[pulumi.Input[str]] = None,
|
|
@@ -7096,6 +8132,7 @@ class SecretsMountMysqlRdArgs:
|
|
|
7096
8132
|
:param pulumi.Input[str] auth_type: Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
|
|
7097
8133
|
:param pulumi.Input[str] connection_url: Connection string to use to connect to the database.
|
|
7098
8134
|
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
8135
|
+
:param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
7099
8136
|
|
|
7100
8137
|
Supported list of database secrets engines that can be configured:
|
|
7101
8138
|
:param pulumi.Input[int] max_connection_lifetime: Maximum number of seconds a connection may be reused.
|
|
@@ -7104,6 +8141,13 @@ class SecretsMountMysqlRdArgs:
|
|
|
7104
8141
|
:param pulumi.Input[str] password: The root credential password used in the connection URL
|
|
7105
8142
|
:param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use.
|
|
7106
8143
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
|
|
8144
|
+
:param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
|
8145
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
8146
|
+
:param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
8147
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
8148
|
+
:param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
|
|
8149
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
8150
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
7107
8151
|
:param pulumi.Input[str] service_account_json: A JSON encoded credential for use with IAM authorization
|
|
7108
8152
|
:param pulumi.Input[str] tls_ca: x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
|
|
7109
8153
|
:param pulumi.Input[str] tls_certificate_key: x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
|
|
@@ -7121,6 +8165,8 @@ class SecretsMountMysqlRdArgs:
|
|
|
7121
8165
|
pulumi.set(__self__, "connection_url", connection_url)
|
|
7122
8166
|
if data is not None:
|
|
7123
8167
|
pulumi.set(__self__, "data", data)
|
|
8168
|
+
if disable_automated_rotation is not None:
|
|
8169
|
+
pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
|
|
7124
8170
|
if max_connection_lifetime is not None:
|
|
7125
8171
|
pulumi.set(__self__, "max_connection_lifetime", max_connection_lifetime)
|
|
7126
8172
|
if max_idle_connections is not None:
|
|
@@ -7133,6 +8179,12 @@ class SecretsMountMysqlRdArgs:
|
|
|
7133
8179
|
pulumi.set(__self__, "plugin_name", plugin_name)
|
|
7134
8180
|
if root_rotation_statements is not None:
|
|
7135
8181
|
pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
|
|
8182
|
+
if rotation_period is not None:
|
|
8183
|
+
pulumi.set(__self__, "rotation_period", rotation_period)
|
|
8184
|
+
if rotation_schedule is not None:
|
|
8185
|
+
pulumi.set(__self__, "rotation_schedule", rotation_schedule)
|
|
8186
|
+
if rotation_window is not None:
|
|
8187
|
+
pulumi.set(__self__, "rotation_window", rotation_window)
|
|
7136
8188
|
if service_account_json is not None:
|
|
7137
8189
|
pulumi.set(__self__, "service_account_json", service_account_json)
|
|
7138
8190
|
if tls_ca is not None:
|
|
@@ -7200,8 +8252,6 @@ class SecretsMountMysqlRdArgs:
|
|
|
7200
8252
|
def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
|
|
7201
8253
|
"""
|
|
7202
8254
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
7203
|
-
|
|
7204
|
-
Supported list of database secrets engines that can be configured:
|
|
7205
8255
|
"""
|
|
7206
8256
|
return pulumi.get(self, "data")
|
|
7207
8257
|
|
|
@@ -7209,6 +8259,20 @@ class SecretsMountMysqlRdArgs:
|
|
|
7209
8259
|
def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
|
|
7210
8260
|
pulumi.set(self, "data", value)
|
|
7211
8261
|
|
|
8262
|
+
@property
|
|
8263
|
+
@pulumi.getter(name="disableAutomatedRotation")
|
|
8264
|
+
def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
|
|
8265
|
+
"""
|
|
8266
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
8267
|
+
|
|
8268
|
+
Supported list of database secrets engines that can be configured:
|
|
8269
|
+
"""
|
|
8270
|
+
return pulumi.get(self, "disable_automated_rotation")
|
|
8271
|
+
|
|
8272
|
+
@disable_automated_rotation.setter
|
|
8273
|
+
def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
|
|
8274
|
+
pulumi.set(self, "disable_automated_rotation", value)
|
|
8275
|
+
|
|
7212
8276
|
@property
|
|
7213
8277
|
@pulumi.getter(name="maxConnectionLifetime")
|
|
7214
8278
|
def max_connection_lifetime(self) -> Optional[pulumi.Input[int]]:
|
|
@@ -7281,6 +8345,46 @@ class SecretsMountMysqlRdArgs:
|
|
|
7281
8345
|
def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
|
7282
8346
|
pulumi.set(self, "root_rotation_statements", value)
|
|
7283
8347
|
|
|
8348
|
+
@property
|
|
8349
|
+
@pulumi.getter(name="rotationPeriod")
|
|
8350
|
+
def rotation_period(self) -> Optional[pulumi.Input[int]]:
|
|
8351
|
+
"""
|
|
8352
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
|
8353
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
8354
|
+
"""
|
|
8355
|
+
return pulumi.get(self, "rotation_period")
|
|
8356
|
+
|
|
8357
|
+
@rotation_period.setter
|
|
8358
|
+
def rotation_period(self, value: Optional[pulumi.Input[int]]):
|
|
8359
|
+
pulumi.set(self, "rotation_period", value)
|
|
8360
|
+
|
|
8361
|
+
@property
|
|
8362
|
+
@pulumi.getter(name="rotationSchedule")
|
|
8363
|
+
def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
|
|
8364
|
+
"""
|
|
8365
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
8366
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
8367
|
+
"""
|
|
8368
|
+
return pulumi.get(self, "rotation_schedule")
|
|
8369
|
+
|
|
8370
|
+
@rotation_schedule.setter
|
|
8371
|
+
def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
|
|
8372
|
+
pulumi.set(self, "rotation_schedule", value)
|
|
8373
|
+
|
|
8374
|
+
@property
|
|
8375
|
+
@pulumi.getter(name="rotationWindow")
|
|
8376
|
+
def rotation_window(self) -> Optional[pulumi.Input[int]]:
|
|
8377
|
+
"""
|
|
8378
|
+
The maximum amount of time in seconds allowed to complete
|
|
8379
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
8380
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
8381
|
+
"""
|
|
8382
|
+
return pulumi.get(self, "rotation_window")
|
|
8383
|
+
|
|
8384
|
+
@rotation_window.setter
|
|
8385
|
+
def rotation_window(self, value: Optional[pulumi.Input[int]]):
|
|
8386
|
+
pulumi.set(self, "rotation_window", value)
|
|
8387
|
+
|
|
7284
8388
|
@property
|
|
7285
8389
|
@pulumi.getter(name="serviceAccountJson")
|
|
7286
8390
|
def service_account_json(self) -> Optional[pulumi.Input[str]]:
|
|
@@ -7373,6 +8477,10 @@ if not MYPY:
|
|
|
7373
8477
|
data: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[str]]]]
|
|
7374
8478
|
"""
|
|
7375
8479
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
8480
|
+
"""
|
|
8481
|
+
disable_automated_rotation: NotRequired[pulumi.Input[bool]]
|
|
8482
|
+
"""
|
|
8483
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
7376
8484
|
|
|
7377
8485
|
Supported list of database secrets engines that can be configured:
|
|
7378
8486
|
"""
|
|
@@ -7404,6 +8512,22 @@ if not MYPY:
|
|
|
7404
8512
|
"""
|
|
7405
8513
|
A list of database statements to be executed to rotate the root user's credentials.
|
|
7406
8514
|
"""
|
|
8515
|
+
rotation_period: NotRequired[pulumi.Input[int]]
|
|
8516
|
+
"""
|
|
8517
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
|
8518
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
8519
|
+
"""
|
|
8520
|
+
rotation_schedule: NotRequired[pulumi.Input[str]]
|
|
8521
|
+
"""
|
|
8522
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
8523
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
8524
|
+
"""
|
|
8525
|
+
rotation_window: NotRequired[pulumi.Input[int]]
|
|
8526
|
+
"""
|
|
8527
|
+
The maximum amount of time in seconds allowed to complete
|
|
8528
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
8529
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
8530
|
+
"""
|
|
7407
8531
|
split_statements: NotRequired[pulumi.Input[bool]]
|
|
7408
8532
|
"""
|
|
7409
8533
|
Set to true in order to split statements after semi-colons.
|
|
@@ -7431,6 +8555,7 @@ class SecretsMountOracleArgs:
|
|
|
7431
8555
|
allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
7432
8556
|
connection_url: Optional[pulumi.Input[str]] = None,
|
|
7433
8557
|
data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
|
8558
|
+
disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
|
|
7434
8559
|
disconnect_sessions: Optional[pulumi.Input[bool]] = None,
|
|
7435
8560
|
max_connection_lifetime: Optional[pulumi.Input[int]] = None,
|
|
7436
8561
|
max_idle_connections: Optional[pulumi.Input[int]] = None,
|
|
@@ -7438,6 +8563,9 @@ class SecretsMountOracleArgs:
|
|
|
7438
8563
|
password: Optional[pulumi.Input[str]] = None,
|
|
7439
8564
|
plugin_name: Optional[pulumi.Input[str]] = None,
|
|
7440
8565
|
root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
8566
|
+
rotation_period: Optional[pulumi.Input[int]] = None,
|
|
8567
|
+
rotation_schedule: Optional[pulumi.Input[str]] = None,
|
|
8568
|
+
rotation_window: Optional[pulumi.Input[int]] = None,
|
|
7441
8569
|
split_statements: Optional[pulumi.Input[bool]] = None,
|
|
7442
8570
|
username: Optional[pulumi.Input[str]] = None,
|
|
7443
8571
|
username_template: Optional[pulumi.Input[str]] = None,
|
|
@@ -7448,6 +8576,7 @@ class SecretsMountOracleArgs:
|
|
|
7448
8576
|
connection.
|
|
7449
8577
|
:param pulumi.Input[str] connection_url: Connection string to use to connect to the database.
|
|
7450
8578
|
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
8579
|
+
:param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
7451
8580
|
|
|
7452
8581
|
Supported list of database secrets engines that can be configured:
|
|
7453
8582
|
:param pulumi.Input[bool] disconnect_sessions: Set to true to disconnect any open sessions prior to running the revocation statements.
|
|
@@ -7457,6 +8586,13 @@ class SecretsMountOracleArgs:
|
|
|
7457
8586
|
:param pulumi.Input[str] password: The root credential password used in the connection URL
|
|
7458
8587
|
:param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use.
|
|
7459
8588
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
|
|
8589
|
+
:param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
|
8590
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
8591
|
+
:param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
8592
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
8593
|
+
:param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
|
|
8594
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
8595
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
7460
8596
|
:param pulumi.Input[bool] split_statements: Set to true in order to split statements after semi-colons.
|
|
7461
8597
|
:param pulumi.Input[str] username: The root credential username used in the connection URL
|
|
7462
8598
|
:param pulumi.Input[str] username_template: Username generation template.
|
|
@@ -7470,6 +8606,8 @@ class SecretsMountOracleArgs:
|
|
|
7470
8606
|
pulumi.set(__self__, "connection_url", connection_url)
|
|
7471
8607
|
if data is not None:
|
|
7472
8608
|
pulumi.set(__self__, "data", data)
|
|
8609
|
+
if disable_automated_rotation is not None:
|
|
8610
|
+
pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
|
|
7473
8611
|
if disconnect_sessions is not None:
|
|
7474
8612
|
pulumi.set(__self__, "disconnect_sessions", disconnect_sessions)
|
|
7475
8613
|
if max_connection_lifetime is not None:
|
|
@@ -7484,6 +8622,12 @@ class SecretsMountOracleArgs:
|
|
|
7484
8622
|
pulumi.set(__self__, "plugin_name", plugin_name)
|
|
7485
8623
|
if root_rotation_statements is not None:
|
|
7486
8624
|
pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
|
|
8625
|
+
if rotation_period is not None:
|
|
8626
|
+
pulumi.set(__self__, "rotation_period", rotation_period)
|
|
8627
|
+
if rotation_schedule is not None:
|
|
8628
|
+
pulumi.set(__self__, "rotation_schedule", rotation_schedule)
|
|
8629
|
+
if rotation_window is not None:
|
|
8630
|
+
pulumi.set(__self__, "rotation_window", rotation_window)
|
|
7487
8631
|
if split_statements is not None:
|
|
7488
8632
|
pulumi.set(__self__, "split_statements", split_statements)
|
|
7489
8633
|
if username is not None:
|
|
@@ -7535,8 +8679,6 @@ class SecretsMountOracleArgs:
|
|
|
7535
8679
|
def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
|
|
7536
8680
|
"""
|
|
7537
8681
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
7538
|
-
|
|
7539
|
-
Supported list of database secrets engines that can be configured:
|
|
7540
8682
|
"""
|
|
7541
8683
|
return pulumi.get(self, "data")
|
|
7542
8684
|
|
|
@@ -7544,6 +8686,20 @@ class SecretsMountOracleArgs:
|
|
|
7544
8686
|
def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
|
|
7545
8687
|
pulumi.set(self, "data", value)
|
|
7546
8688
|
|
|
8689
|
+
@property
|
|
8690
|
+
@pulumi.getter(name="disableAutomatedRotation")
|
|
8691
|
+
def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
|
|
8692
|
+
"""
|
|
8693
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
8694
|
+
|
|
8695
|
+
Supported list of database secrets engines that can be configured:
|
|
8696
|
+
"""
|
|
8697
|
+
return pulumi.get(self, "disable_automated_rotation")
|
|
8698
|
+
|
|
8699
|
+
@disable_automated_rotation.setter
|
|
8700
|
+
def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
|
|
8701
|
+
pulumi.set(self, "disable_automated_rotation", value)
|
|
8702
|
+
|
|
7547
8703
|
@property
|
|
7548
8704
|
@pulumi.getter(name="disconnectSessions")
|
|
7549
8705
|
def disconnect_sessions(self) -> Optional[pulumi.Input[bool]]:
|
|
@@ -7628,6 +8784,46 @@ class SecretsMountOracleArgs:
|
|
|
7628
8784
|
def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
|
7629
8785
|
pulumi.set(self, "root_rotation_statements", value)
|
|
7630
8786
|
|
|
8787
|
+
@property
|
|
8788
|
+
@pulumi.getter(name="rotationPeriod")
|
|
8789
|
+
def rotation_period(self) -> Optional[pulumi.Input[int]]:
|
|
8790
|
+
"""
|
|
8791
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
|
8792
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
8793
|
+
"""
|
|
8794
|
+
return pulumi.get(self, "rotation_period")
|
|
8795
|
+
|
|
8796
|
+
@rotation_period.setter
|
|
8797
|
+
def rotation_period(self, value: Optional[pulumi.Input[int]]):
|
|
8798
|
+
pulumi.set(self, "rotation_period", value)
|
|
8799
|
+
|
|
8800
|
+
@property
|
|
8801
|
+
@pulumi.getter(name="rotationSchedule")
|
|
8802
|
+
def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
|
|
8803
|
+
"""
|
|
8804
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
8805
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
8806
|
+
"""
|
|
8807
|
+
return pulumi.get(self, "rotation_schedule")
|
|
8808
|
+
|
|
8809
|
+
@rotation_schedule.setter
|
|
8810
|
+
def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
|
|
8811
|
+
pulumi.set(self, "rotation_schedule", value)
|
|
8812
|
+
|
|
8813
|
+
@property
|
|
8814
|
+
@pulumi.getter(name="rotationWindow")
|
|
8815
|
+
def rotation_window(self) -> Optional[pulumi.Input[int]]:
|
|
8816
|
+
"""
|
|
8817
|
+
The maximum amount of time in seconds allowed to complete
|
|
8818
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
8819
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
8820
|
+
"""
|
|
8821
|
+
return pulumi.get(self, "rotation_window")
|
|
8822
|
+
|
|
8823
|
+
@rotation_window.setter
|
|
8824
|
+
def rotation_window(self, value: Optional[pulumi.Input[int]]):
|
|
8825
|
+
pulumi.set(self, "rotation_window", value)
|
|
8826
|
+
|
|
7631
8827
|
@property
|
|
7632
8828
|
@pulumi.getter(name="splitStatements")
|
|
7633
8829
|
def split_statements(self) -> Optional[pulumi.Input[bool]]:
|
|
@@ -7700,6 +8896,10 @@ if not MYPY:
|
|
|
7700
8896
|
data: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[str]]]]
|
|
7701
8897
|
"""
|
|
7702
8898
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
8899
|
+
"""
|
|
8900
|
+
disable_automated_rotation: NotRequired[pulumi.Input[bool]]
|
|
8901
|
+
"""
|
|
8902
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
7703
8903
|
|
|
7704
8904
|
Supported list of database secrets engines that can be configured:
|
|
7705
8905
|
"""
|
|
@@ -7739,6 +8939,22 @@ if not MYPY:
|
|
|
7739
8939
|
"""
|
|
7740
8940
|
A list of database statements to be executed to rotate the root user's credentials.
|
|
7741
8941
|
"""
|
|
8942
|
+
rotation_period: NotRequired[pulumi.Input[int]]
|
|
8943
|
+
"""
|
|
8944
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
|
8945
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
8946
|
+
"""
|
|
8947
|
+
rotation_schedule: NotRequired[pulumi.Input[str]]
|
|
8948
|
+
"""
|
|
8949
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
8950
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
8951
|
+
"""
|
|
8952
|
+
rotation_window: NotRequired[pulumi.Input[int]]
|
|
8953
|
+
"""
|
|
8954
|
+
The maximum amount of time in seconds allowed to complete
|
|
8955
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
8956
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
8957
|
+
"""
|
|
7742
8958
|
self_managed: NotRequired[pulumi.Input[bool]]
|
|
7743
8959
|
"""
|
|
7744
8960
|
If set, allows onboarding static roles with a rootless connection configuration.
|
|
@@ -7779,6 +8995,7 @@ class SecretsMountPostgresqlArgs:
|
|
|
7779
8995
|
auth_type: Optional[pulumi.Input[str]] = None,
|
|
7780
8996
|
connection_url: Optional[pulumi.Input[str]] = None,
|
|
7781
8997
|
data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
|
8998
|
+
disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
|
|
7782
8999
|
disable_escaping: Optional[pulumi.Input[bool]] = None,
|
|
7783
9000
|
max_connection_lifetime: Optional[pulumi.Input[int]] = None,
|
|
7784
9001
|
max_idle_connections: Optional[pulumi.Input[int]] = None,
|
|
@@ -7788,6 +9005,9 @@ class SecretsMountPostgresqlArgs:
|
|
|
7788
9005
|
plugin_name: Optional[pulumi.Input[str]] = None,
|
|
7789
9006
|
private_key: Optional[pulumi.Input[str]] = None,
|
|
7790
9007
|
root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
9008
|
+
rotation_period: Optional[pulumi.Input[int]] = None,
|
|
9009
|
+
rotation_schedule: Optional[pulumi.Input[str]] = None,
|
|
9010
|
+
rotation_window: Optional[pulumi.Input[int]] = None,
|
|
7791
9011
|
self_managed: Optional[pulumi.Input[bool]] = None,
|
|
7792
9012
|
service_account_json: Optional[pulumi.Input[str]] = None,
|
|
7793
9013
|
tls_ca: Optional[pulumi.Input[str]] = None,
|
|
@@ -7802,6 +9022,7 @@ class SecretsMountPostgresqlArgs:
|
|
|
7802
9022
|
:param pulumi.Input[str] auth_type: Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
|
|
7803
9023
|
:param pulumi.Input[str] connection_url: Connection string to use to connect to the database.
|
|
7804
9024
|
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
9025
|
+
:param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
7805
9026
|
|
|
7806
9027
|
Supported list of database secrets engines that can be configured:
|
|
7807
9028
|
:param pulumi.Input[bool] disable_escaping: Disable special character escaping in username and password
|
|
@@ -7813,6 +9034,13 @@ class SecretsMountPostgresqlArgs:
|
|
|
7813
9034
|
:param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use.
|
|
7814
9035
|
:param pulumi.Input[str] private_key: The secret key used for the x509 client certificate. Must be PEM encoded.
|
|
7815
9036
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
|
|
9037
|
+
:param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
|
9038
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
9039
|
+
:param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
9040
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
9041
|
+
:param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
|
|
9042
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
9043
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
7816
9044
|
:param pulumi.Input[bool] self_managed: If set, allows onboarding static roles with a rootless connection configuration.
|
|
7817
9045
|
:param pulumi.Input[str] service_account_json: A JSON encoded credential for use with IAM authorization
|
|
7818
9046
|
:param pulumi.Input[str] tls_ca: The x509 CA file for validating the certificate presented by the PostgreSQL server. Must be PEM encoded.
|
|
@@ -7831,6 +9059,8 @@ class SecretsMountPostgresqlArgs:
|
|
|
7831
9059
|
pulumi.set(__self__, "connection_url", connection_url)
|
|
7832
9060
|
if data is not None:
|
|
7833
9061
|
pulumi.set(__self__, "data", data)
|
|
9062
|
+
if disable_automated_rotation is not None:
|
|
9063
|
+
pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
|
|
7834
9064
|
if disable_escaping is not None:
|
|
7835
9065
|
pulumi.set(__self__, "disable_escaping", disable_escaping)
|
|
7836
9066
|
if max_connection_lifetime is not None:
|
|
@@ -7849,6 +9079,12 @@ class SecretsMountPostgresqlArgs:
|
|
|
7849
9079
|
pulumi.set(__self__, "private_key", private_key)
|
|
7850
9080
|
if root_rotation_statements is not None:
|
|
7851
9081
|
pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
|
|
9082
|
+
if rotation_period is not None:
|
|
9083
|
+
pulumi.set(__self__, "rotation_period", rotation_period)
|
|
9084
|
+
if rotation_schedule is not None:
|
|
9085
|
+
pulumi.set(__self__, "rotation_schedule", rotation_schedule)
|
|
9086
|
+
if rotation_window is not None:
|
|
9087
|
+
pulumi.set(__self__, "rotation_window", rotation_window)
|
|
7852
9088
|
if self_managed is not None:
|
|
7853
9089
|
pulumi.set(__self__, "self_managed", self_managed)
|
|
7854
9090
|
if service_account_json is not None:
|
|
@@ -7918,8 +9154,6 @@ class SecretsMountPostgresqlArgs:
|
|
|
7918
9154
|
def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
|
|
7919
9155
|
"""
|
|
7920
9156
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
7921
|
-
|
|
7922
|
-
Supported list of database secrets engines that can be configured:
|
|
7923
9157
|
"""
|
|
7924
9158
|
return pulumi.get(self, "data")
|
|
7925
9159
|
|
|
@@ -7927,6 +9161,20 @@ class SecretsMountPostgresqlArgs:
|
|
|
7927
9161
|
def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
|
|
7928
9162
|
pulumi.set(self, "data", value)
|
|
7929
9163
|
|
|
9164
|
+
@property
|
|
9165
|
+
@pulumi.getter(name="disableAutomatedRotation")
|
|
9166
|
+
def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
|
|
9167
|
+
"""
|
|
9168
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
9169
|
+
|
|
9170
|
+
Supported list of database secrets engines that can be configured:
|
|
9171
|
+
"""
|
|
9172
|
+
return pulumi.get(self, "disable_automated_rotation")
|
|
9173
|
+
|
|
9174
|
+
@disable_automated_rotation.setter
|
|
9175
|
+
def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
|
|
9176
|
+
pulumi.set(self, "disable_automated_rotation", value)
|
|
9177
|
+
|
|
7930
9178
|
@property
|
|
7931
9179
|
@pulumi.getter(name="disableEscaping")
|
|
7932
9180
|
def disable_escaping(self) -> Optional[pulumi.Input[bool]]:
|
|
@@ -8035,6 +9283,46 @@ class SecretsMountPostgresqlArgs:
|
|
|
8035
9283
|
def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
|
8036
9284
|
pulumi.set(self, "root_rotation_statements", value)
|
|
8037
9285
|
|
|
9286
|
+
@property
|
|
9287
|
+
@pulumi.getter(name="rotationPeriod")
|
|
9288
|
+
def rotation_period(self) -> Optional[pulumi.Input[int]]:
|
|
9289
|
+
"""
|
|
9290
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
|
9291
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
9292
|
+
"""
|
|
9293
|
+
return pulumi.get(self, "rotation_period")
|
|
9294
|
+
|
|
9295
|
+
@rotation_period.setter
|
|
9296
|
+
def rotation_period(self, value: Optional[pulumi.Input[int]]):
|
|
9297
|
+
pulumi.set(self, "rotation_period", value)
|
|
9298
|
+
|
|
9299
|
+
@property
|
|
9300
|
+
@pulumi.getter(name="rotationSchedule")
|
|
9301
|
+
def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
|
|
9302
|
+
"""
|
|
9303
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
9304
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
9305
|
+
"""
|
|
9306
|
+
return pulumi.get(self, "rotation_schedule")
|
|
9307
|
+
|
|
9308
|
+
@rotation_schedule.setter
|
|
9309
|
+
def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
|
|
9310
|
+
pulumi.set(self, "rotation_schedule", value)
|
|
9311
|
+
|
|
9312
|
+
@property
|
|
9313
|
+
@pulumi.getter(name="rotationWindow")
|
|
9314
|
+
def rotation_window(self) -> Optional[pulumi.Input[int]]:
|
|
9315
|
+
"""
|
|
9316
|
+
The maximum amount of time in seconds allowed to complete
|
|
9317
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
9318
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
9319
|
+
"""
|
|
9320
|
+
return pulumi.get(self, "rotation_window")
|
|
9321
|
+
|
|
9322
|
+
@rotation_window.setter
|
|
9323
|
+
def rotation_window(self, value: Optional[pulumi.Input[int]]):
|
|
9324
|
+
pulumi.set(self, "rotation_window", value)
|
|
9325
|
+
|
|
8038
9326
|
@property
|
|
8039
9327
|
@pulumi.getter(name="selfManaged")
|
|
8040
9328
|
def self_managed(self) -> Optional[pulumi.Input[bool]]:
|
|
@@ -8151,6 +9439,10 @@ if not MYPY:
|
|
|
8151
9439
|
data: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[str]]]]
|
|
8152
9440
|
"""
|
|
8153
9441
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
9442
|
+
"""
|
|
9443
|
+
disable_automated_rotation: NotRequired[pulumi.Input[bool]]
|
|
9444
|
+
"""
|
|
9445
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
8154
9446
|
|
|
8155
9447
|
Supported list of database secrets engines that can be configured:
|
|
8156
9448
|
"""
|
|
@@ -8170,6 +9462,22 @@ if not MYPY:
|
|
|
8170
9462
|
"""
|
|
8171
9463
|
A list of database statements to be executed to rotate the root user's credentials.
|
|
8172
9464
|
"""
|
|
9465
|
+
rotation_period: NotRequired[pulumi.Input[int]]
|
|
9466
|
+
"""
|
|
9467
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
|
9468
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
9469
|
+
"""
|
|
9470
|
+
rotation_schedule: NotRequired[pulumi.Input[str]]
|
|
9471
|
+
"""
|
|
9472
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
9473
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
9474
|
+
"""
|
|
9475
|
+
rotation_window: NotRequired[pulumi.Input[int]]
|
|
9476
|
+
"""
|
|
9477
|
+
The maximum amount of time in seconds allowed to complete
|
|
9478
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
9479
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
9480
|
+
"""
|
|
8173
9481
|
tls: NotRequired[pulumi.Input[bool]]
|
|
8174
9482
|
"""
|
|
8175
9483
|
Specifies whether to use TLS when connecting to Redis.
|
|
@@ -8192,10 +9500,14 @@ class SecretsMountRediArgs:
|
|
|
8192
9500
|
allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
8193
9501
|
ca_cert: Optional[pulumi.Input[str]] = None,
|
|
8194
9502
|
data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
|
9503
|
+
disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
|
|
8195
9504
|
insecure_tls: Optional[pulumi.Input[bool]] = None,
|
|
8196
9505
|
plugin_name: Optional[pulumi.Input[str]] = None,
|
|
8197
9506
|
port: Optional[pulumi.Input[int]] = None,
|
|
8198
9507
|
root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
9508
|
+
rotation_period: Optional[pulumi.Input[int]] = None,
|
|
9509
|
+
rotation_schedule: Optional[pulumi.Input[str]] = None,
|
|
9510
|
+
rotation_window: Optional[pulumi.Input[int]] = None,
|
|
8199
9511
|
tls: Optional[pulumi.Input[bool]] = None,
|
|
8200
9512
|
verify_connection: Optional[pulumi.Input[bool]] = None):
|
|
8201
9513
|
"""
|
|
@@ -8207,12 +9519,20 @@ class SecretsMountRediArgs:
|
|
|
8207
9519
|
connection.
|
|
8208
9520
|
:param pulumi.Input[str] ca_cert: The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity.
|
|
8209
9521
|
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
9522
|
+
:param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
8210
9523
|
|
|
8211
9524
|
Supported list of database secrets engines that can be configured:
|
|
8212
9525
|
:param pulumi.Input[bool] insecure_tls: Specifies whether to skip verification of the server certificate when using TLS.
|
|
8213
9526
|
:param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use.
|
|
8214
9527
|
:param pulumi.Input[int] port: The transport port to use to connect to Redis.
|
|
8215
9528
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
|
|
9529
|
+
:param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
|
9530
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
9531
|
+
:param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
9532
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
9533
|
+
:param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
|
|
9534
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
9535
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
8216
9536
|
:param pulumi.Input[bool] tls: Specifies whether to use TLS when connecting to Redis.
|
|
8217
9537
|
:param pulumi.Input[bool] verify_connection: Whether the connection should be verified on
|
|
8218
9538
|
initial configuration or not.
|
|
@@ -8227,6 +9547,8 @@ class SecretsMountRediArgs:
|
|
|
8227
9547
|
pulumi.set(__self__, "ca_cert", ca_cert)
|
|
8228
9548
|
if data is not None:
|
|
8229
9549
|
pulumi.set(__self__, "data", data)
|
|
9550
|
+
if disable_automated_rotation is not None:
|
|
9551
|
+
pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
|
|
8230
9552
|
if insecure_tls is not None:
|
|
8231
9553
|
pulumi.set(__self__, "insecure_tls", insecure_tls)
|
|
8232
9554
|
if plugin_name is not None:
|
|
@@ -8235,6 +9557,12 @@ class SecretsMountRediArgs:
|
|
|
8235
9557
|
pulumi.set(__self__, "port", port)
|
|
8236
9558
|
if root_rotation_statements is not None:
|
|
8237
9559
|
pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
|
|
9560
|
+
if rotation_period is not None:
|
|
9561
|
+
pulumi.set(__self__, "rotation_period", rotation_period)
|
|
9562
|
+
if rotation_schedule is not None:
|
|
9563
|
+
pulumi.set(__self__, "rotation_schedule", rotation_schedule)
|
|
9564
|
+
if rotation_window is not None:
|
|
9565
|
+
pulumi.set(__self__, "rotation_window", rotation_window)
|
|
8238
9566
|
if tls is not None:
|
|
8239
9567
|
pulumi.set(__self__, "tls", tls)
|
|
8240
9568
|
if verify_connection is not None:
|
|
@@ -8318,8 +9646,6 @@ class SecretsMountRediArgs:
|
|
|
8318
9646
|
def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
|
|
8319
9647
|
"""
|
|
8320
9648
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
8321
|
-
|
|
8322
|
-
Supported list of database secrets engines that can be configured:
|
|
8323
9649
|
"""
|
|
8324
9650
|
return pulumi.get(self, "data")
|
|
8325
9651
|
|
|
@@ -8327,6 +9653,20 @@ class SecretsMountRediArgs:
|
|
|
8327
9653
|
def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
|
|
8328
9654
|
pulumi.set(self, "data", value)
|
|
8329
9655
|
|
|
9656
|
+
@property
|
|
9657
|
+
@pulumi.getter(name="disableAutomatedRotation")
|
|
9658
|
+
def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
|
|
9659
|
+
"""
|
|
9660
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
9661
|
+
|
|
9662
|
+
Supported list of database secrets engines that can be configured:
|
|
9663
|
+
"""
|
|
9664
|
+
return pulumi.get(self, "disable_automated_rotation")
|
|
9665
|
+
|
|
9666
|
+
@disable_automated_rotation.setter
|
|
9667
|
+
def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
|
|
9668
|
+
pulumi.set(self, "disable_automated_rotation", value)
|
|
9669
|
+
|
|
8330
9670
|
@property
|
|
8331
9671
|
@pulumi.getter(name="insecureTls")
|
|
8332
9672
|
def insecure_tls(self) -> Optional[pulumi.Input[bool]]:
|
|
@@ -8375,6 +9715,46 @@ class SecretsMountRediArgs:
|
|
|
8375
9715
|
def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
|
8376
9716
|
pulumi.set(self, "root_rotation_statements", value)
|
|
8377
9717
|
|
|
9718
|
+
@property
|
|
9719
|
+
@pulumi.getter(name="rotationPeriod")
|
|
9720
|
+
def rotation_period(self) -> Optional[pulumi.Input[int]]:
|
|
9721
|
+
"""
|
|
9722
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
|
9723
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
9724
|
+
"""
|
|
9725
|
+
return pulumi.get(self, "rotation_period")
|
|
9726
|
+
|
|
9727
|
+
@rotation_period.setter
|
|
9728
|
+
def rotation_period(self, value: Optional[pulumi.Input[int]]):
|
|
9729
|
+
pulumi.set(self, "rotation_period", value)
|
|
9730
|
+
|
|
9731
|
+
@property
|
|
9732
|
+
@pulumi.getter(name="rotationSchedule")
|
|
9733
|
+
def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
|
|
9734
|
+
"""
|
|
9735
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
9736
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
9737
|
+
"""
|
|
9738
|
+
return pulumi.get(self, "rotation_schedule")
|
|
9739
|
+
|
|
9740
|
+
@rotation_schedule.setter
|
|
9741
|
+
def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
|
|
9742
|
+
pulumi.set(self, "rotation_schedule", value)
|
|
9743
|
+
|
|
9744
|
+
@property
|
|
9745
|
+
@pulumi.getter(name="rotationWindow")
|
|
9746
|
+
def rotation_window(self) -> Optional[pulumi.Input[int]]:
|
|
9747
|
+
"""
|
|
9748
|
+
The maximum amount of time in seconds allowed to complete
|
|
9749
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
9750
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
9751
|
+
"""
|
|
9752
|
+
return pulumi.get(self, "rotation_window")
|
|
9753
|
+
|
|
9754
|
+
@rotation_window.setter
|
|
9755
|
+
def rotation_window(self, value: Optional[pulumi.Input[int]]):
|
|
9756
|
+
pulumi.set(self, "rotation_window", value)
|
|
9757
|
+
|
|
8378
9758
|
@property
|
|
8379
9759
|
@pulumi.getter
|
|
8380
9760
|
def tls(self) -> Optional[pulumi.Input[bool]]:
|
|
@@ -8419,6 +9799,10 @@ if not MYPY:
|
|
|
8419
9799
|
data: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[str]]]]
|
|
8420
9800
|
"""
|
|
8421
9801
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
9802
|
+
"""
|
|
9803
|
+
disable_automated_rotation: NotRequired[pulumi.Input[bool]]
|
|
9804
|
+
"""
|
|
9805
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
8422
9806
|
|
|
8423
9807
|
Supported list of database secrets engines that can be configured:
|
|
8424
9808
|
"""
|
|
@@ -8438,6 +9822,22 @@ if not MYPY:
|
|
|
8438
9822
|
"""
|
|
8439
9823
|
A list of database statements to be executed to rotate the root user's credentials.
|
|
8440
9824
|
"""
|
|
9825
|
+
rotation_period: NotRequired[pulumi.Input[int]]
|
|
9826
|
+
"""
|
|
9827
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
|
9828
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
9829
|
+
"""
|
|
9830
|
+
rotation_schedule: NotRequired[pulumi.Input[str]]
|
|
9831
|
+
"""
|
|
9832
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
9833
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
9834
|
+
"""
|
|
9835
|
+
rotation_window: NotRequired[pulumi.Input[int]]
|
|
9836
|
+
"""
|
|
9837
|
+
The maximum amount of time in seconds allowed to complete
|
|
9838
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
9839
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
9840
|
+
"""
|
|
8441
9841
|
username: NotRequired[pulumi.Input[str]]
|
|
8442
9842
|
"""
|
|
8443
9843
|
The AWS access key id to use to talk to ElastiCache. If omitted the credentials chain provider is used instead.
|
|
@@ -8457,10 +9857,14 @@ class SecretsMountRedisElasticachArgs:
|
|
|
8457
9857
|
url: pulumi.Input[str],
|
|
8458
9858
|
allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
8459
9859
|
data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
|
9860
|
+
disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
|
|
8460
9861
|
password: Optional[pulumi.Input[str]] = None,
|
|
8461
9862
|
plugin_name: Optional[pulumi.Input[str]] = None,
|
|
8462
9863
|
region: Optional[pulumi.Input[str]] = None,
|
|
8463
9864
|
root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
9865
|
+
rotation_period: Optional[pulumi.Input[int]] = None,
|
|
9866
|
+
rotation_schedule: Optional[pulumi.Input[str]] = None,
|
|
9867
|
+
rotation_window: Optional[pulumi.Input[int]] = None,
|
|
8464
9868
|
username: Optional[pulumi.Input[str]] = None,
|
|
8465
9869
|
verify_connection: Optional[pulumi.Input[bool]] = None):
|
|
8466
9870
|
"""
|
|
@@ -8469,12 +9873,20 @@ class SecretsMountRedisElasticachArgs:
|
|
|
8469
9873
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_roles: A list of roles that are allowed to use this
|
|
8470
9874
|
connection.
|
|
8471
9875
|
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
9876
|
+
:param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
8472
9877
|
|
|
8473
9878
|
Supported list of database secrets engines that can be configured:
|
|
8474
9879
|
:param pulumi.Input[str] password: The AWS secret key id to use to talk to ElastiCache. If omitted the credentials chain provider is used instead.
|
|
8475
9880
|
:param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use.
|
|
8476
9881
|
:param pulumi.Input[str] region: The AWS region where the ElastiCache cluster is hosted. If omitted the plugin tries to infer the region from the environment.
|
|
8477
9882
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
|
|
9883
|
+
:param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
|
9884
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
9885
|
+
:param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
9886
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
9887
|
+
:param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
|
|
9888
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
9889
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
8478
9890
|
:param pulumi.Input[str] username: The AWS access key id to use to talk to ElastiCache. If omitted the credentials chain provider is used instead.
|
|
8479
9891
|
:param pulumi.Input[bool] verify_connection: Whether the connection should be verified on
|
|
8480
9892
|
initial configuration or not.
|
|
@@ -8485,6 +9897,8 @@ class SecretsMountRedisElasticachArgs:
|
|
|
8485
9897
|
pulumi.set(__self__, "allowed_roles", allowed_roles)
|
|
8486
9898
|
if data is not None:
|
|
8487
9899
|
pulumi.set(__self__, "data", data)
|
|
9900
|
+
if disable_automated_rotation is not None:
|
|
9901
|
+
pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
|
|
8488
9902
|
if password is not None:
|
|
8489
9903
|
pulumi.set(__self__, "password", password)
|
|
8490
9904
|
if plugin_name is not None:
|
|
@@ -8493,6 +9907,12 @@ class SecretsMountRedisElasticachArgs:
|
|
|
8493
9907
|
pulumi.set(__self__, "region", region)
|
|
8494
9908
|
if root_rotation_statements is not None:
|
|
8495
9909
|
pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
|
|
9910
|
+
if rotation_period is not None:
|
|
9911
|
+
pulumi.set(__self__, "rotation_period", rotation_period)
|
|
9912
|
+
if rotation_schedule is not None:
|
|
9913
|
+
pulumi.set(__self__, "rotation_schedule", rotation_schedule)
|
|
9914
|
+
if rotation_window is not None:
|
|
9915
|
+
pulumi.set(__self__, "rotation_window", rotation_window)
|
|
8496
9916
|
if username is not None:
|
|
8497
9917
|
pulumi.set(__self__, "username", username)
|
|
8498
9918
|
if verify_connection is not None:
|
|
@@ -8540,8 +9960,6 @@ class SecretsMountRedisElasticachArgs:
|
|
|
8540
9960
|
def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
|
|
8541
9961
|
"""
|
|
8542
9962
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
8543
|
-
|
|
8544
|
-
Supported list of database secrets engines that can be configured:
|
|
8545
9963
|
"""
|
|
8546
9964
|
return pulumi.get(self, "data")
|
|
8547
9965
|
|
|
@@ -8549,6 +9967,20 @@ class SecretsMountRedisElasticachArgs:
|
|
|
8549
9967
|
def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
|
|
8550
9968
|
pulumi.set(self, "data", value)
|
|
8551
9969
|
|
|
9970
|
+
@property
|
|
9971
|
+
@pulumi.getter(name="disableAutomatedRotation")
|
|
9972
|
+
def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
|
|
9973
|
+
"""
|
|
9974
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
9975
|
+
|
|
9976
|
+
Supported list of database secrets engines that can be configured:
|
|
9977
|
+
"""
|
|
9978
|
+
return pulumi.get(self, "disable_automated_rotation")
|
|
9979
|
+
|
|
9980
|
+
@disable_automated_rotation.setter
|
|
9981
|
+
def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
|
|
9982
|
+
pulumi.set(self, "disable_automated_rotation", value)
|
|
9983
|
+
|
|
8552
9984
|
@property
|
|
8553
9985
|
@pulumi.getter
|
|
8554
9986
|
def password(self) -> Optional[pulumi.Input[str]]:
|
|
@@ -8597,6 +10029,46 @@ class SecretsMountRedisElasticachArgs:
|
|
|
8597
10029
|
def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
|
8598
10030
|
pulumi.set(self, "root_rotation_statements", value)
|
|
8599
10031
|
|
|
10032
|
+
@property
|
|
10033
|
+
@pulumi.getter(name="rotationPeriod")
|
|
10034
|
+
def rotation_period(self) -> Optional[pulumi.Input[int]]:
|
|
10035
|
+
"""
|
|
10036
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
|
10037
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
10038
|
+
"""
|
|
10039
|
+
return pulumi.get(self, "rotation_period")
|
|
10040
|
+
|
|
10041
|
+
@rotation_period.setter
|
|
10042
|
+
def rotation_period(self, value: Optional[pulumi.Input[int]]):
|
|
10043
|
+
pulumi.set(self, "rotation_period", value)
|
|
10044
|
+
|
|
10045
|
+
@property
|
|
10046
|
+
@pulumi.getter(name="rotationSchedule")
|
|
10047
|
+
def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
|
|
10048
|
+
"""
|
|
10049
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
10050
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
10051
|
+
"""
|
|
10052
|
+
return pulumi.get(self, "rotation_schedule")
|
|
10053
|
+
|
|
10054
|
+
@rotation_schedule.setter
|
|
10055
|
+
def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
|
|
10056
|
+
pulumi.set(self, "rotation_schedule", value)
|
|
10057
|
+
|
|
10058
|
+
@property
|
|
10059
|
+
@pulumi.getter(name="rotationWindow")
|
|
10060
|
+
def rotation_window(self) -> Optional[pulumi.Input[int]]:
|
|
10061
|
+
"""
|
|
10062
|
+
The maximum amount of time in seconds allowed to complete
|
|
10063
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
10064
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
10065
|
+
"""
|
|
10066
|
+
return pulumi.get(self, "rotation_window")
|
|
10067
|
+
|
|
10068
|
+
@rotation_window.setter
|
|
10069
|
+
def rotation_window(self, value: Optional[pulumi.Input[int]]):
|
|
10070
|
+
pulumi.set(self, "rotation_window", value)
|
|
10071
|
+
|
|
8600
10072
|
@property
|
|
8601
10073
|
@pulumi.getter
|
|
8602
10074
|
def username(self) -> Optional[pulumi.Input[str]]:
|
|
@@ -8641,6 +10113,10 @@ if not MYPY:
|
|
|
8641
10113
|
data: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[str]]]]
|
|
8642
10114
|
"""
|
|
8643
10115
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
10116
|
+
"""
|
|
10117
|
+
disable_automated_rotation: NotRequired[pulumi.Input[bool]]
|
|
10118
|
+
"""
|
|
10119
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
8644
10120
|
|
|
8645
10121
|
Supported list of database secrets engines that can be configured:
|
|
8646
10122
|
"""
|
|
@@ -8672,6 +10148,22 @@ if not MYPY:
|
|
|
8672
10148
|
"""
|
|
8673
10149
|
A list of database statements to be executed to rotate the root user's credentials.
|
|
8674
10150
|
"""
|
|
10151
|
+
rotation_period: NotRequired[pulumi.Input[int]]
|
|
10152
|
+
"""
|
|
10153
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
|
10154
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
10155
|
+
"""
|
|
10156
|
+
rotation_schedule: NotRequired[pulumi.Input[str]]
|
|
10157
|
+
"""
|
|
10158
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
10159
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
10160
|
+
"""
|
|
10161
|
+
rotation_window: NotRequired[pulumi.Input[int]]
|
|
10162
|
+
"""
|
|
10163
|
+
The maximum amount of time in seconds allowed to complete
|
|
10164
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
10165
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
10166
|
+
"""
|
|
8675
10167
|
username: NotRequired[pulumi.Input[str]]
|
|
8676
10168
|
"""
|
|
8677
10169
|
The root credential username used in the connection URL
|
|
@@ -8695,6 +10187,7 @@ class SecretsMountRedshiftArgs:
|
|
|
8695
10187
|
allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
8696
10188
|
connection_url: Optional[pulumi.Input[str]] = None,
|
|
8697
10189
|
data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
|
10190
|
+
disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
|
|
8698
10191
|
disable_escaping: Optional[pulumi.Input[bool]] = None,
|
|
8699
10192
|
max_connection_lifetime: Optional[pulumi.Input[int]] = None,
|
|
8700
10193
|
max_idle_connections: Optional[pulumi.Input[int]] = None,
|
|
@@ -8702,6 +10195,9 @@ class SecretsMountRedshiftArgs:
|
|
|
8702
10195
|
password: Optional[pulumi.Input[str]] = None,
|
|
8703
10196
|
plugin_name: Optional[pulumi.Input[str]] = None,
|
|
8704
10197
|
root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
10198
|
+
rotation_period: Optional[pulumi.Input[int]] = None,
|
|
10199
|
+
rotation_schedule: Optional[pulumi.Input[str]] = None,
|
|
10200
|
+
rotation_window: Optional[pulumi.Input[int]] = None,
|
|
8705
10201
|
username: Optional[pulumi.Input[str]] = None,
|
|
8706
10202
|
username_template: Optional[pulumi.Input[str]] = None,
|
|
8707
10203
|
verify_connection: Optional[pulumi.Input[bool]] = None):
|
|
@@ -8711,6 +10207,7 @@ class SecretsMountRedshiftArgs:
|
|
|
8711
10207
|
connection.
|
|
8712
10208
|
:param pulumi.Input[str] connection_url: Connection string to use to connect to the database.
|
|
8713
10209
|
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
10210
|
+
:param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
8714
10211
|
|
|
8715
10212
|
Supported list of database secrets engines that can be configured:
|
|
8716
10213
|
:param pulumi.Input[bool] disable_escaping: Disable special character escaping in username and password
|
|
@@ -8720,6 +10217,13 @@ class SecretsMountRedshiftArgs:
|
|
|
8720
10217
|
:param pulumi.Input[str] password: The root credential password used in the connection URL
|
|
8721
10218
|
:param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use.
|
|
8722
10219
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
|
|
10220
|
+
:param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
|
10221
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
10222
|
+
:param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
10223
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
10224
|
+
:param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
|
|
10225
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
10226
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
8723
10227
|
:param pulumi.Input[str] username: The root credential username used in the connection URL
|
|
8724
10228
|
:param pulumi.Input[str] username_template: Username generation template.
|
|
8725
10229
|
:param pulumi.Input[bool] verify_connection: Whether the connection should be verified on
|
|
@@ -8732,6 +10236,8 @@ class SecretsMountRedshiftArgs:
|
|
|
8732
10236
|
pulumi.set(__self__, "connection_url", connection_url)
|
|
8733
10237
|
if data is not None:
|
|
8734
10238
|
pulumi.set(__self__, "data", data)
|
|
10239
|
+
if disable_automated_rotation is not None:
|
|
10240
|
+
pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
|
|
8735
10241
|
if disable_escaping is not None:
|
|
8736
10242
|
pulumi.set(__self__, "disable_escaping", disable_escaping)
|
|
8737
10243
|
if max_connection_lifetime is not None:
|
|
@@ -8746,6 +10252,12 @@ class SecretsMountRedshiftArgs:
|
|
|
8746
10252
|
pulumi.set(__self__, "plugin_name", plugin_name)
|
|
8747
10253
|
if root_rotation_statements is not None:
|
|
8748
10254
|
pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
|
|
10255
|
+
if rotation_period is not None:
|
|
10256
|
+
pulumi.set(__self__, "rotation_period", rotation_period)
|
|
10257
|
+
if rotation_schedule is not None:
|
|
10258
|
+
pulumi.set(__self__, "rotation_schedule", rotation_schedule)
|
|
10259
|
+
if rotation_window is not None:
|
|
10260
|
+
pulumi.set(__self__, "rotation_window", rotation_window)
|
|
8749
10261
|
if username is not None:
|
|
8750
10262
|
pulumi.set(__self__, "username", username)
|
|
8751
10263
|
if username_template is not None:
|
|
@@ -8795,8 +10307,6 @@ class SecretsMountRedshiftArgs:
|
|
|
8795
10307
|
def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
|
|
8796
10308
|
"""
|
|
8797
10309
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
8798
|
-
|
|
8799
|
-
Supported list of database secrets engines that can be configured:
|
|
8800
10310
|
"""
|
|
8801
10311
|
return pulumi.get(self, "data")
|
|
8802
10312
|
|
|
@@ -8804,6 +10314,20 @@ class SecretsMountRedshiftArgs:
|
|
|
8804
10314
|
def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
|
|
8805
10315
|
pulumi.set(self, "data", value)
|
|
8806
10316
|
|
|
10317
|
+
@property
|
|
10318
|
+
@pulumi.getter(name="disableAutomatedRotation")
|
|
10319
|
+
def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
|
|
10320
|
+
"""
|
|
10321
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
10322
|
+
|
|
10323
|
+
Supported list of database secrets engines that can be configured:
|
|
10324
|
+
"""
|
|
10325
|
+
return pulumi.get(self, "disable_automated_rotation")
|
|
10326
|
+
|
|
10327
|
+
@disable_automated_rotation.setter
|
|
10328
|
+
def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
|
|
10329
|
+
pulumi.set(self, "disable_automated_rotation", value)
|
|
10330
|
+
|
|
8807
10331
|
@property
|
|
8808
10332
|
@pulumi.getter(name="disableEscaping")
|
|
8809
10333
|
def disable_escaping(self) -> Optional[pulumi.Input[bool]]:
|
|
@@ -8888,6 +10412,46 @@ class SecretsMountRedshiftArgs:
|
|
|
8888
10412
|
def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
|
8889
10413
|
pulumi.set(self, "root_rotation_statements", value)
|
|
8890
10414
|
|
|
10415
|
+
@property
|
|
10416
|
+
@pulumi.getter(name="rotationPeriod")
|
|
10417
|
+
def rotation_period(self) -> Optional[pulumi.Input[int]]:
|
|
10418
|
+
"""
|
|
10419
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
|
10420
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
10421
|
+
"""
|
|
10422
|
+
return pulumi.get(self, "rotation_period")
|
|
10423
|
+
|
|
10424
|
+
@rotation_period.setter
|
|
10425
|
+
def rotation_period(self, value: Optional[pulumi.Input[int]]):
|
|
10426
|
+
pulumi.set(self, "rotation_period", value)
|
|
10427
|
+
|
|
10428
|
+
@property
|
|
10429
|
+
@pulumi.getter(name="rotationSchedule")
|
|
10430
|
+
def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
|
|
10431
|
+
"""
|
|
10432
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
10433
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
10434
|
+
"""
|
|
10435
|
+
return pulumi.get(self, "rotation_schedule")
|
|
10436
|
+
|
|
10437
|
+
@rotation_schedule.setter
|
|
10438
|
+
def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
|
|
10439
|
+
pulumi.set(self, "rotation_schedule", value)
|
|
10440
|
+
|
|
10441
|
+
@property
|
|
10442
|
+
@pulumi.getter(name="rotationWindow")
|
|
10443
|
+
def rotation_window(self) -> Optional[pulumi.Input[int]]:
|
|
10444
|
+
"""
|
|
10445
|
+
The maximum amount of time in seconds allowed to complete
|
|
10446
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
10447
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
10448
|
+
"""
|
|
10449
|
+
return pulumi.get(self, "rotation_window")
|
|
10450
|
+
|
|
10451
|
+
@rotation_window.setter
|
|
10452
|
+
def rotation_window(self, value: Optional[pulumi.Input[int]]):
|
|
10453
|
+
pulumi.set(self, "rotation_window", value)
|
|
10454
|
+
|
|
8891
10455
|
@property
|
|
8892
10456
|
@pulumi.getter
|
|
8893
10457
|
def username(self) -> Optional[pulumi.Input[str]]:
|
|
@@ -8944,6 +10508,10 @@ if not MYPY:
|
|
|
8944
10508
|
data: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[str]]]]
|
|
8945
10509
|
"""
|
|
8946
10510
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
10511
|
+
"""
|
|
10512
|
+
disable_automated_rotation: NotRequired[pulumi.Input[bool]]
|
|
10513
|
+
"""
|
|
10514
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
8947
10515
|
|
|
8948
10516
|
Supported list of database secrets engines that can be configured:
|
|
8949
10517
|
"""
|
|
@@ -8971,6 +10539,22 @@ if not MYPY:
|
|
|
8971
10539
|
"""
|
|
8972
10540
|
A list of database statements to be executed to rotate the root user's credentials.
|
|
8973
10541
|
"""
|
|
10542
|
+
rotation_period: NotRequired[pulumi.Input[int]]
|
|
10543
|
+
"""
|
|
10544
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
|
10545
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
10546
|
+
"""
|
|
10547
|
+
rotation_schedule: NotRequired[pulumi.Input[str]]
|
|
10548
|
+
"""
|
|
10549
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
10550
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
10551
|
+
"""
|
|
10552
|
+
rotation_window: NotRequired[pulumi.Input[int]]
|
|
10553
|
+
"""
|
|
10554
|
+
The maximum amount of time in seconds allowed to complete
|
|
10555
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
10556
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
10557
|
+
"""
|
|
8974
10558
|
username: NotRequired[pulumi.Input[str]]
|
|
8975
10559
|
"""
|
|
8976
10560
|
The root credential username used in the connection URL
|
|
@@ -8994,12 +10578,16 @@ class SecretsMountSnowflakeArgs:
|
|
|
8994
10578
|
allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
8995
10579
|
connection_url: Optional[pulumi.Input[str]] = None,
|
|
8996
10580
|
data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
|
10581
|
+
disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
|
|
8997
10582
|
max_connection_lifetime: Optional[pulumi.Input[int]] = None,
|
|
8998
10583
|
max_idle_connections: Optional[pulumi.Input[int]] = None,
|
|
8999
10584
|
max_open_connections: Optional[pulumi.Input[int]] = None,
|
|
9000
10585
|
password: Optional[pulumi.Input[str]] = None,
|
|
9001
10586
|
plugin_name: Optional[pulumi.Input[str]] = None,
|
|
9002
10587
|
root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
10588
|
+
rotation_period: Optional[pulumi.Input[int]] = None,
|
|
10589
|
+
rotation_schedule: Optional[pulumi.Input[str]] = None,
|
|
10590
|
+
rotation_window: Optional[pulumi.Input[int]] = None,
|
|
9003
10591
|
username: Optional[pulumi.Input[str]] = None,
|
|
9004
10592
|
username_template: Optional[pulumi.Input[str]] = None,
|
|
9005
10593
|
verify_connection: Optional[pulumi.Input[bool]] = None):
|
|
@@ -9009,6 +10597,7 @@ class SecretsMountSnowflakeArgs:
|
|
|
9009
10597
|
connection.
|
|
9010
10598
|
:param pulumi.Input[str] connection_url: Connection string to use to connect to the database.
|
|
9011
10599
|
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
10600
|
+
:param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
9012
10601
|
|
|
9013
10602
|
Supported list of database secrets engines that can be configured:
|
|
9014
10603
|
:param pulumi.Input[int] max_connection_lifetime: Maximum number of seconds a connection may be reused.
|
|
@@ -9017,6 +10606,13 @@ class SecretsMountSnowflakeArgs:
|
|
|
9017
10606
|
:param pulumi.Input[str] password: The root credential password used in the connection URL
|
|
9018
10607
|
:param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use.
|
|
9019
10608
|
:param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
|
|
10609
|
+
:param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
|
10610
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
10611
|
+
:param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
10612
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
10613
|
+
:param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
|
|
10614
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
10615
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
9020
10616
|
:param pulumi.Input[str] username: The root credential username used in the connection URL
|
|
9021
10617
|
:param pulumi.Input[str] username_template: Username generation template.
|
|
9022
10618
|
:param pulumi.Input[bool] verify_connection: Whether the connection should be verified on
|
|
@@ -9029,6 +10625,8 @@ class SecretsMountSnowflakeArgs:
|
|
|
9029
10625
|
pulumi.set(__self__, "connection_url", connection_url)
|
|
9030
10626
|
if data is not None:
|
|
9031
10627
|
pulumi.set(__self__, "data", data)
|
|
10628
|
+
if disable_automated_rotation is not None:
|
|
10629
|
+
pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
|
|
9032
10630
|
if max_connection_lifetime is not None:
|
|
9033
10631
|
pulumi.set(__self__, "max_connection_lifetime", max_connection_lifetime)
|
|
9034
10632
|
if max_idle_connections is not None:
|
|
@@ -9041,6 +10639,12 @@ class SecretsMountSnowflakeArgs:
|
|
|
9041
10639
|
pulumi.set(__self__, "plugin_name", plugin_name)
|
|
9042
10640
|
if root_rotation_statements is not None:
|
|
9043
10641
|
pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
|
|
10642
|
+
if rotation_period is not None:
|
|
10643
|
+
pulumi.set(__self__, "rotation_period", rotation_period)
|
|
10644
|
+
if rotation_schedule is not None:
|
|
10645
|
+
pulumi.set(__self__, "rotation_schedule", rotation_schedule)
|
|
10646
|
+
if rotation_window is not None:
|
|
10647
|
+
pulumi.set(__self__, "rotation_window", rotation_window)
|
|
9044
10648
|
if username is not None:
|
|
9045
10649
|
pulumi.set(__self__, "username", username)
|
|
9046
10650
|
if username_template is not None:
|
|
@@ -9090,8 +10694,6 @@ class SecretsMountSnowflakeArgs:
|
|
|
9090
10694
|
def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
|
|
9091
10695
|
"""
|
|
9092
10696
|
A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
|
|
9093
|
-
|
|
9094
|
-
Supported list of database secrets engines that can be configured:
|
|
9095
10697
|
"""
|
|
9096
10698
|
return pulumi.get(self, "data")
|
|
9097
10699
|
|
|
@@ -9099,6 +10701,20 @@ class SecretsMountSnowflakeArgs:
|
|
|
9099
10701
|
def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
|
|
9100
10702
|
pulumi.set(self, "data", value)
|
|
9101
10703
|
|
|
10704
|
+
@property
|
|
10705
|
+
@pulumi.getter(name="disableAutomatedRotation")
|
|
10706
|
+
def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
|
|
10707
|
+
"""
|
|
10708
|
+
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
|
10709
|
+
|
|
10710
|
+
Supported list of database secrets engines that can be configured:
|
|
10711
|
+
"""
|
|
10712
|
+
return pulumi.get(self, "disable_automated_rotation")
|
|
10713
|
+
|
|
10714
|
+
@disable_automated_rotation.setter
|
|
10715
|
+
def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
|
|
10716
|
+
pulumi.set(self, "disable_automated_rotation", value)
|
|
10717
|
+
|
|
9102
10718
|
@property
|
|
9103
10719
|
@pulumi.getter(name="maxConnectionLifetime")
|
|
9104
10720
|
def max_connection_lifetime(self) -> Optional[pulumi.Input[int]]:
|
|
@@ -9171,6 +10787,46 @@ class SecretsMountSnowflakeArgs:
|
|
|
9171
10787
|
def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
|
9172
10788
|
pulumi.set(self, "root_rotation_statements", value)
|
|
9173
10789
|
|
|
10790
|
+
@property
|
|
10791
|
+
@pulumi.getter(name="rotationPeriod")
|
|
10792
|
+
def rotation_period(self) -> Optional[pulumi.Input[int]]:
|
|
10793
|
+
"""
|
|
10794
|
+
The amount of time in seconds Vault should wait before rotating the root credential.
|
|
10795
|
+
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
|
10796
|
+
"""
|
|
10797
|
+
return pulumi.get(self, "rotation_period")
|
|
10798
|
+
|
|
10799
|
+
@rotation_period.setter
|
|
10800
|
+
def rotation_period(self, value: Optional[pulumi.Input[int]]):
|
|
10801
|
+
pulumi.set(self, "rotation_period", value)
|
|
10802
|
+
|
|
10803
|
+
@property
|
|
10804
|
+
@pulumi.getter(name="rotationSchedule")
|
|
10805
|
+
def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
|
|
10806
|
+
"""
|
|
10807
|
+
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
|
10808
|
+
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
|
10809
|
+
"""
|
|
10810
|
+
return pulumi.get(self, "rotation_schedule")
|
|
10811
|
+
|
|
10812
|
+
@rotation_schedule.setter
|
|
10813
|
+
def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
|
|
10814
|
+
pulumi.set(self, "rotation_schedule", value)
|
|
10815
|
+
|
|
10816
|
+
@property
|
|
10817
|
+
@pulumi.getter(name="rotationWindow")
|
|
10818
|
+
def rotation_window(self) -> Optional[pulumi.Input[int]]:
|
|
10819
|
+
"""
|
|
10820
|
+
The maximum amount of time in seconds allowed to complete
|
|
10821
|
+
a rotation when a scheduled token rotation occurs. The default rotation window is
|
|
10822
|
+
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
|
|
10823
|
+
"""
|
|
10824
|
+
return pulumi.get(self, "rotation_window")
|
|
10825
|
+
|
|
10826
|
+
@rotation_window.setter
|
|
10827
|
+
def rotation_window(self, value: Optional[pulumi.Input[int]]):
|
|
10828
|
+
pulumi.set(self, "rotation_window", value)
|
|
10829
|
+
|
|
9174
10830
|
@property
|
|
9175
10831
|
@pulumi.getter
|
|
9176
10832
|
def username(self) -> Optional[pulumi.Input[str]]:
|