pulumi-vault 6.7.0a1743490126__py3-none-any.whl → 6.7.0a1744183682__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_vault/__init__.py +1 -0
- pulumi_vault/_inputs.py +554 -553
- pulumi_vault/ad/__init__.py +1 -0
- pulumi_vault/ad/get_access_credentials.py +20 -19
- pulumi_vault/ad/secret_backend.py +477 -476
- pulumi_vault/ad/secret_library.py +99 -98
- pulumi_vault/ad/secret_role.py +85 -84
- pulumi_vault/alicloud/__init__.py +1 -0
- pulumi_vault/alicloud/auth_backend_role.py +183 -182
- pulumi_vault/approle/__init__.py +1 -0
- pulumi_vault/approle/auth_backend_login.py +106 -105
- pulumi_vault/approle/auth_backend_role.py +239 -238
- pulumi_vault/approle/auth_backend_role_secret_id.py +162 -161
- pulumi_vault/approle/get_auth_backend_role_id.py +18 -17
- pulumi_vault/audit.py +85 -84
- pulumi_vault/audit_request_header.py +43 -42
- pulumi_vault/auth_backend.py +106 -105
- pulumi_vault/aws/__init__.py +1 -0
- pulumi_vault/aws/auth_backend_cert.py +71 -70
- pulumi_vault/aws/auth_backend_client.py +253 -252
- pulumi_vault/aws/auth_backend_config_identity.py +85 -84
- pulumi_vault/aws/auth_backend_identity_whitelist.py +57 -56
- pulumi_vault/aws/auth_backend_login.py +209 -208
- pulumi_vault/aws/auth_backend_role.py +400 -399
- pulumi_vault/aws/auth_backend_role_tag.py +127 -126
- pulumi_vault/aws/auth_backend_roletag_blacklist.py +57 -56
- pulumi_vault/aws/auth_backend_sts_role.py +71 -70
- pulumi_vault/aws/get_access_credentials.py +44 -43
- pulumi_vault/aws/get_static_access_credentials.py +13 -12
- pulumi_vault/aws/secret_backend.py +337 -336
- pulumi_vault/aws/secret_backend_role.py +211 -210
- pulumi_vault/aws/secret_backend_static_role.py +113 -112
- pulumi_vault/azure/__init__.py +1 -0
- pulumi_vault/azure/_inputs.py +21 -20
- pulumi_vault/azure/auth_backend_config.py +183 -182
- pulumi_vault/azure/auth_backend_role.py +253 -252
- pulumi_vault/azure/backend.py +239 -238
- pulumi_vault/azure/backend_role.py +141 -140
- pulumi_vault/azure/get_access_credentials.py +58 -57
- pulumi_vault/azure/outputs.py +11 -10
- pulumi_vault/cert_auth_backend_role.py +365 -364
- pulumi_vault/config/__init__.py +1 -0
- pulumi_vault/config/__init__.pyi +1 -0
- pulumi_vault/config/_inputs.py +11 -10
- pulumi_vault/config/outputs.py +287 -286
- pulumi_vault/config/ui_custom_message.py +113 -112
- pulumi_vault/config/vars.py +1 -0
- pulumi_vault/consul/__init__.py +1 -0
- pulumi_vault/consul/secret_backend.py +197 -196
- pulumi_vault/consul/secret_backend_role.py +183 -182
- pulumi_vault/database/__init__.py +1 -0
- pulumi_vault/database/_inputs.py +2525 -2524
- pulumi_vault/database/outputs.py +1529 -1528
- pulumi_vault/database/secret_backend_connection.py +169 -168
- pulumi_vault/database/secret_backend_role.py +169 -168
- pulumi_vault/database/secret_backend_static_role.py +179 -178
- pulumi_vault/database/secrets_mount.py +267 -266
- pulumi_vault/egp_policy.py +71 -70
- pulumi_vault/gcp/__init__.py +1 -0
- pulumi_vault/gcp/_inputs.py +82 -81
- pulumi_vault/gcp/auth_backend.py +260 -259
- pulumi_vault/gcp/auth_backend_role.py +281 -280
- pulumi_vault/gcp/get_auth_backend_role.py +70 -69
- pulumi_vault/gcp/outputs.py +50 -49
- pulumi_vault/gcp/secret_backend.py +232 -231
- pulumi_vault/gcp/secret_impersonated_account.py +92 -91
- pulumi_vault/gcp/secret_roleset.py +92 -91
- pulumi_vault/gcp/secret_static_account.py +92 -91
- pulumi_vault/generic/__init__.py +1 -0
- pulumi_vault/generic/endpoint.py +113 -112
- pulumi_vault/generic/get_secret.py +28 -27
- pulumi_vault/generic/secret.py +78 -77
- pulumi_vault/get_auth_backend.py +19 -18
- pulumi_vault/get_auth_backends.py +14 -13
- pulumi_vault/get_namespace.py +15 -14
- pulumi_vault/get_namespaces.py +8 -7
- pulumi_vault/get_nomad_access_token.py +19 -18
- pulumi_vault/get_policy_document.py +6 -5
- pulumi_vault/get_raft_autopilot_state.py +18 -17
- pulumi_vault/github/__init__.py +1 -0
- pulumi_vault/github/_inputs.py +42 -41
- pulumi_vault/github/auth_backend.py +232 -231
- pulumi_vault/github/outputs.py +26 -25
- pulumi_vault/github/team.py +57 -56
- pulumi_vault/github/user.py +57 -56
- pulumi_vault/identity/__init__.py +1 -0
- pulumi_vault/identity/entity.py +85 -84
- pulumi_vault/identity/entity_alias.py +71 -70
- pulumi_vault/identity/entity_policies.py +64 -63
- pulumi_vault/identity/get_entity.py +43 -42
- pulumi_vault/identity/get_group.py +50 -49
- pulumi_vault/identity/get_oidc_client_creds.py +14 -13
- pulumi_vault/identity/get_oidc_openid_config.py +24 -23
- pulumi_vault/identity/get_oidc_public_keys.py +13 -12
- pulumi_vault/identity/group.py +141 -140
- pulumi_vault/identity/group_alias.py +57 -56
- pulumi_vault/identity/group_member_entity_ids.py +57 -56
- pulumi_vault/identity/group_member_group_ids.py +57 -56
- pulumi_vault/identity/group_policies.py +64 -63
- pulumi_vault/identity/mfa_duo.py +148 -147
- pulumi_vault/identity/mfa_login_enforcement.py +120 -119
- pulumi_vault/identity/mfa_okta.py +134 -133
- pulumi_vault/identity/mfa_pingid.py +127 -126
- pulumi_vault/identity/mfa_totp.py +176 -175
- pulumi_vault/identity/oidc.py +29 -28
- pulumi_vault/identity/oidc_assignment.py +57 -56
- pulumi_vault/identity/oidc_client.py +127 -126
- pulumi_vault/identity/oidc_key.py +85 -84
- pulumi_vault/identity/oidc_key_allowed_client_id.py +43 -42
- pulumi_vault/identity/oidc_provider.py +92 -91
- pulumi_vault/identity/oidc_role.py +85 -84
- pulumi_vault/identity/oidc_scope.py +57 -56
- pulumi_vault/identity/outputs.py +32 -31
- pulumi_vault/jwt/__init__.py +1 -0
- pulumi_vault/jwt/_inputs.py +42 -41
- pulumi_vault/jwt/auth_backend.py +288 -287
- pulumi_vault/jwt/auth_backend_role.py +407 -406
- pulumi_vault/jwt/outputs.py +26 -25
- pulumi_vault/kmip/__init__.py +1 -0
- pulumi_vault/kmip/secret_backend.py +183 -182
- pulumi_vault/kmip/secret_role.py +295 -294
- pulumi_vault/kmip/secret_scope.py +57 -56
- pulumi_vault/kubernetes/__init__.py +1 -0
- pulumi_vault/kubernetes/auth_backend_config.py +141 -140
- pulumi_vault/kubernetes/auth_backend_role.py +225 -224
- pulumi_vault/kubernetes/get_auth_backend_config.py +47 -46
- pulumi_vault/kubernetes/get_auth_backend_role.py +70 -69
- pulumi_vault/kubernetes/get_service_account_token.py +38 -37
- pulumi_vault/kubernetes/secret_backend.py +316 -315
- pulumi_vault/kubernetes/secret_backend_role.py +197 -196
- pulumi_vault/kv/__init__.py +1 -0
- pulumi_vault/kv/_inputs.py +21 -20
- pulumi_vault/kv/get_secret.py +17 -16
- pulumi_vault/kv/get_secret_subkeys_v2.py +30 -29
- pulumi_vault/kv/get_secret_v2.py +29 -28
- pulumi_vault/kv/get_secrets_list.py +13 -12
- pulumi_vault/kv/get_secrets_list_v2.py +19 -18
- pulumi_vault/kv/outputs.py +13 -12
- pulumi_vault/kv/secret.py +50 -49
- pulumi_vault/kv/secret_backend_v2.py +71 -70
- pulumi_vault/kv/secret_v2.py +134 -133
- pulumi_vault/ldap/__init__.py +1 -0
- pulumi_vault/ldap/auth_backend.py +588 -587
- pulumi_vault/ldap/auth_backend_group.py +57 -56
- pulumi_vault/ldap/auth_backend_user.py +71 -70
- pulumi_vault/ldap/get_dynamic_credentials.py +17 -16
- pulumi_vault/ldap/get_static_credentials.py +18 -17
- pulumi_vault/ldap/secret_backend.py +554 -553
- pulumi_vault/ldap/secret_backend_dynamic_role.py +127 -126
- pulumi_vault/ldap/secret_backend_library_set.py +99 -98
- pulumi_vault/ldap/secret_backend_static_role.py +99 -98
- pulumi_vault/managed/__init__.py +1 -0
- pulumi_vault/managed/_inputs.py +229 -228
- pulumi_vault/managed/keys.py +15 -14
- pulumi_vault/managed/outputs.py +139 -138
- pulumi_vault/mfa_duo.py +113 -112
- pulumi_vault/mfa_okta.py +113 -112
- pulumi_vault/mfa_pingid.py +120 -119
- pulumi_vault/mfa_totp.py +127 -126
- pulumi_vault/mongodbatlas/__init__.py +1 -0
- pulumi_vault/mongodbatlas/secret_backend.py +64 -63
- pulumi_vault/mongodbatlas/secret_role.py +155 -154
- pulumi_vault/mount.py +274 -273
- pulumi_vault/namespace.py +64 -63
- pulumi_vault/nomad_secret_backend.py +211 -210
- pulumi_vault/nomad_secret_role.py +85 -84
- pulumi_vault/okta/__init__.py +1 -0
- pulumi_vault/okta/_inputs.py +26 -25
- pulumi_vault/okta/auth_backend.py +274 -273
- pulumi_vault/okta/auth_backend_group.py +57 -56
- pulumi_vault/okta/auth_backend_user.py +71 -70
- pulumi_vault/okta/outputs.py +16 -15
- pulumi_vault/outputs.py +56 -55
- pulumi_vault/password_policy.py +43 -42
- pulumi_vault/pkisecret/__init__.py +1 -0
- pulumi_vault/pkisecret/_inputs.py +31 -30
- pulumi_vault/pkisecret/backend_acme_eab.py +92 -91
- pulumi_vault/pkisecret/backend_config_acme.py +141 -140
- pulumi_vault/pkisecret/backend_config_auto_tidy.py +323 -322
- pulumi_vault/pkisecret/backend_config_cluster.py +57 -56
- pulumi_vault/pkisecret/backend_config_cmpv2.py +106 -105
- pulumi_vault/pkisecret/backend_config_est.py +120 -119
- pulumi_vault/pkisecret/get_backend_cert_metadata.py +22 -21
- pulumi_vault/pkisecret/get_backend_config_cmpv2.py +22 -21
- pulumi_vault/pkisecret/get_backend_config_est.py +19 -18
- pulumi_vault/pkisecret/get_backend_issuer.py +45 -44
- pulumi_vault/pkisecret/get_backend_issuers.py +15 -14
- pulumi_vault/pkisecret/get_backend_key.py +20 -19
- pulumi_vault/pkisecret/get_backend_keys.py +15 -14
- pulumi_vault/pkisecret/outputs.py +28 -27
- pulumi_vault/pkisecret/secret_backend_cert.py +337 -336
- pulumi_vault/pkisecret/secret_backend_config_ca.py +43 -42
- pulumi_vault/pkisecret/secret_backend_config_issuers.py +57 -56
- pulumi_vault/pkisecret/secret_backend_config_urls.py +85 -84
- pulumi_vault/pkisecret/secret_backend_crl_config.py +197 -196
- pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +421 -420
- pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +57 -56
- pulumi_vault/pkisecret/secret_backend_issuer.py +232 -231
- pulumi_vault/pkisecret/secret_backend_key.py +120 -119
- pulumi_vault/pkisecret/secret_backend_role.py +715 -714
- pulumi_vault/pkisecret/secret_backend_root_cert.py +554 -553
- pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +526 -525
- pulumi_vault/pkisecret/secret_backend_sign.py +281 -280
- pulumi_vault/plugin.py +127 -126
- pulumi_vault/plugin_pinned_version.py +43 -42
- pulumi_vault/policy.py +43 -42
- pulumi_vault/provider.py +120 -119
- pulumi_vault/pulumi-plugin.json +1 -1
- pulumi_vault/quota_lease_count.py +85 -84
- pulumi_vault/quota_rate_limit.py +113 -112
- pulumi_vault/rabbitmq/__init__.py +1 -0
- pulumi_vault/rabbitmq/_inputs.py +41 -40
- pulumi_vault/rabbitmq/outputs.py +25 -24
- pulumi_vault/rabbitmq/secret_backend.py +169 -168
- pulumi_vault/rabbitmq/secret_backend_role.py +57 -56
- pulumi_vault/raft_autopilot.py +113 -112
- pulumi_vault/raft_snapshot_agent_config.py +393 -392
- pulumi_vault/rgp_policy.py +57 -56
- pulumi_vault/saml/__init__.py +1 -0
- pulumi_vault/saml/auth_backend.py +155 -154
- pulumi_vault/saml/auth_backend_role.py +239 -238
- pulumi_vault/secrets/__init__.py +1 -0
- pulumi_vault/secrets/_inputs.py +16 -15
- pulumi_vault/secrets/outputs.py +10 -9
- pulumi_vault/secrets/sync_association.py +71 -70
- pulumi_vault/secrets/sync_aws_destination.py +148 -147
- pulumi_vault/secrets/sync_azure_destination.py +148 -147
- pulumi_vault/secrets/sync_config.py +43 -42
- pulumi_vault/secrets/sync_gcp_destination.py +106 -105
- pulumi_vault/secrets/sync_gh_destination.py +134 -133
- pulumi_vault/secrets/sync_github_apps.py +64 -63
- pulumi_vault/secrets/sync_vercel_destination.py +120 -119
- pulumi_vault/ssh/__init__.py +1 -0
- pulumi_vault/ssh/_inputs.py +11 -10
- pulumi_vault/ssh/get_secret_backend_sign.py +52 -51
- pulumi_vault/ssh/outputs.py +7 -6
- pulumi_vault/ssh/secret_backend_ca.py +99 -98
- pulumi_vault/ssh/secret_backend_role.py +365 -364
- pulumi_vault/terraformcloud/__init__.py +1 -0
- pulumi_vault/terraformcloud/secret_backend.py +111 -110
- pulumi_vault/terraformcloud/secret_creds.py +74 -73
- pulumi_vault/terraformcloud/secret_role.py +93 -92
- pulumi_vault/token.py +246 -245
- pulumi_vault/tokenauth/__init__.py +1 -0
- pulumi_vault/tokenauth/auth_backend_role.py +267 -266
- pulumi_vault/transform/__init__.py +1 -0
- pulumi_vault/transform/alphabet.py +57 -56
- pulumi_vault/transform/get_decode.py +47 -46
- pulumi_vault/transform/get_encode.py +47 -46
- pulumi_vault/transform/role.py +57 -56
- pulumi_vault/transform/template.py +113 -112
- pulumi_vault/transform/transformation.py +141 -140
- pulumi_vault/transit/__init__.py +1 -0
- pulumi_vault/transit/get_decrypt.py +18 -17
- pulumi_vault/transit/get_encrypt.py +21 -20
- pulumi_vault/transit/get_sign.py +54 -53
- pulumi_vault/transit/get_verify.py +60 -59
- pulumi_vault/transit/secret_backend_key.py +274 -273
- pulumi_vault/transit/secret_cache_config.py +43 -42
- {pulumi_vault-6.7.0a1743490126.dist-info → pulumi_vault-6.7.0a1744183682.dist-info}/METADATA +1 -1
- pulumi_vault-6.7.0a1744183682.dist-info/RECORD +265 -0
- pulumi_vault-6.7.0a1743490126.dist-info/RECORD +0 -265
- {pulumi_vault-6.7.0a1743490126.dist-info → pulumi_vault-6.7.0a1744183682.dist-info}/WHEEL +0 -0
- {pulumi_vault-6.7.0a1743490126.dist-info → pulumi_vault-6.7.0a1744183682.dist-info}/top_level.txt +0 -0
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
|
|
3
3
|
# *** Do not edit by hand unless you're certain you know what you are doing! ***
|
|
4
4
|
|
|
5
|
+
import builtins
|
|
5
6
|
import copy
|
|
6
7
|
import warnings
|
|
7
8
|
import sys
|
|
@@ -19,42 +20,42 @@ __all__ = ['SecretBackendCrlConfigArgs', 'SecretBackendCrlConfig']
|
|
|
19
20
|
@pulumi.input_type
|
|
20
21
|
class SecretBackendCrlConfigArgs:
|
|
21
22
|
def __init__(__self__, *,
|
|
22
|
-
backend: pulumi.Input[str],
|
|
23
|
-
auto_rebuild: Optional[pulumi.Input[bool]] = None,
|
|
24
|
-
auto_rebuild_grace_period: Optional[pulumi.Input[str]] = None,
|
|
25
|
-
cross_cluster_revocation: Optional[pulumi.Input[bool]] = None,
|
|
26
|
-
delta_rebuild_interval: Optional[pulumi.Input[str]] = None,
|
|
27
|
-
disable: Optional[pulumi.Input[bool]] = None,
|
|
28
|
-
enable_delta: Optional[pulumi.Input[bool]] = None,
|
|
29
|
-
expiry: Optional[pulumi.Input[str]] = None,
|
|
30
|
-
max_crl_entries: Optional[pulumi.Input[int]] = None,
|
|
31
|
-
namespace: Optional[pulumi.Input[str]] = None,
|
|
32
|
-
ocsp_disable: Optional[pulumi.Input[bool]] = None,
|
|
33
|
-
ocsp_expiry: Optional[pulumi.Input[str]] = None,
|
|
34
|
-
unified_crl: Optional[pulumi.Input[bool]] = None,
|
|
35
|
-
unified_crl_on_existing_paths: Optional[pulumi.Input[bool]] = None):
|
|
23
|
+
backend: pulumi.Input[builtins.str],
|
|
24
|
+
auto_rebuild: Optional[pulumi.Input[builtins.bool]] = None,
|
|
25
|
+
auto_rebuild_grace_period: Optional[pulumi.Input[builtins.str]] = None,
|
|
26
|
+
cross_cluster_revocation: Optional[pulumi.Input[builtins.bool]] = None,
|
|
27
|
+
delta_rebuild_interval: Optional[pulumi.Input[builtins.str]] = None,
|
|
28
|
+
disable: Optional[pulumi.Input[builtins.bool]] = None,
|
|
29
|
+
enable_delta: Optional[pulumi.Input[builtins.bool]] = None,
|
|
30
|
+
expiry: Optional[pulumi.Input[builtins.str]] = None,
|
|
31
|
+
max_crl_entries: Optional[pulumi.Input[builtins.int]] = None,
|
|
32
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None,
|
|
33
|
+
ocsp_disable: Optional[pulumi.Input[builtins.bool]] = None,
|
|
34
|
+
ocsp_expiry: Optional[pulumi.Input[builtins.str]] = None,
|
|
35
|
+
unified_crl: Optional[pulumi.Input[builtins.bool]] = None,
|
|
36
|
+
unified_crl_on_existing_paths: Optional[pulumi.Input[builtins.bool]] = None):
|
|
36
37
|
"""
|
|
37
38
|
The set of arguments for constructing a SecretBackendCrlConfig resource.
|
|
38
|
-
:param pulumi.Input[str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
|
|
39
|
-
:param pulumi.Input[bool] auto_rebuild: Enables periodic rebuilding of the CRL upon expiry. **Vault 1.12+**
|
|
40
|
-
:param pulumi.Input[str] auto_rebuild_grace_period: Grace period before CRL expiry to attempt rebuild of CRL. **Vault 1.12+**
|
|
41
|
-
:param pulumi.Input[bool] cross_cluster_revocation: Enable cross-cluster revocation request queues. **Vault 1.13+**
|
|
42
|
-
:param pulumi.Input[str] delta_rebuild_interval: Interval to check for new revocations on, to regenerate the delta CRL.
|
|
43
|
-
:param pulumi.Input[bool] disable: Disables or enables CRL building.
|
|
44
|
-
:param pulumi.Input[bool] enable_delta: Enables building of delta CRLs with up-to-date revocation information,
|
|
39
|
+
:param pulumi.Input[builtins.str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
|
|
40
|
+
:param pulumi.Input[builtins.bool] auto_rebuild: Enables periodic rebuilding of the CRL upon expiry. **Vault 1.12+**
|
|
41
|
+
:param pulumi.Input[builtins.str] auto_rebuild_grace_period: Grace period before CRL expiry to attempt rebuild of CRL. **Vault 1.12+**
|
|
42
|
+
:param pulumi.Input[builtins.bool] cross_cluster_revocation: Enable cross-cluster revocation request queues. **Vault 1.13+**
|
|
43
|
+
:param pulumi.Input[builtins.str] delta_rebuild_interval: Interval to check for new revocations on, to regenerate the delta CRL.
|
|
44
|
+
:param pulumi.Input[builtins.bool] disable: Disables or enables CRL building.
|
|
45
|
+
:param pulumi.Input[builtins.bool] enable_delta: Enables building of delta CRLs with up-to-date revocation information,
|
|
45
46
|
augmenting the last complete CRL. **Vault 1.12+**
|
|
46
|
-
:param pulumi.Input[str] expiry: Specifies the time until expiration.
|
|
47
|
-
:param pulumi.Input[int] max_crl_entries: The maximum number of entries a CRL can contain. This option exists to prevent
|
|
47
|
+
:param pulumi.Input[builtins.str] expiry: Specifies the time until expiration.
|
|
48
|
+
:param pulumi.Input[builtins.int] max_crl_entries: The maximum number of entries a CRL can contain. This option exists to prevent
|
|
48
49
|
accidental runaway issuance/revocation from overloading Vault. If set to -1, the limit is disabled. **Vault 1.19**
|
|
49
|
-
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
|
50
|
+
:param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
|
|
50
51
|
The value should not contain leading or trailing forward slashes.
|
|
51
52
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
|
52
53
|
*Available only for Vault Enterprise*.
|
|
53
|
-
:param pulumi.Input[bool] ocsp_disable: Disables the OCSP responder in Vault. **Vault 1.12+**
|
|
54
|
-
:param pulumi.Input[str] ocsp_expiry: The amount of time an OCSP response can be cached for, useful for OCSP stapling
|
|
54
|
+
:param pulumi.Input[builtins.bool] ocsp_disable: Disables the OCSP responder in Vault. **Vault 1.12+**
|
|
55
|
+
:param pulumi.Input[builtins.str] ocsp_expiry: The amount of time an OCSP response can be cached for, useful for OCSP stapling
|
|
55
56
|
refresh durations. **Vault 1.12+**
|
|
56
|
-
:param pulumi.Input[bool] unified_crl: Enables unified CRL and OCSP building. **Vault 1.13+**
|
|
57
|
-
:param pulumi.Input[bool] unified_crl_on_existing_paths: Enables serving the unified CRL and OCSP on the existing, previously
|
|
57
|
+
:param pulumi.Input[builtins.bool] unified_crl: Enables unified CRL and OCSP building. **Vault 1.13+**
|
|
58
|
+
:param pulumi.Input[builtins.bool] unified_crl_on_existing_paths: Enables serving the unified CRL and OCSP on the existing, previously
|
|
58
59
|
cluster-local paths. **Vault 1.13+**
|
|
59
60
|
"""
|
|
60
61
|
pulumi.set(__self__, "backend", backend)
|
|
@@ -87,79 +88,79 @@ class SecretBackendCrlConfigArgs:
|
|
|
87
88
|
|
|
88
89
|
@property
|
|
89
90
|
@pulumi.getter
|
|
90
|
-
def backend(self) -> pulumi.Input[str]:
|
|
91
|
+
def backend(self) -> pulumi.Input[builtins.str]:
|
|
91
92
|
"""
|
|
92
93
|
The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
|
|
93
94
|
"""
|
|
94
95
|
return pulumi.get(self, "backend")
|
|
95
96
|
|
|
96
97
|
@backend.setter
|
|
97
|
-
def backend(self, value: pulumi.Input[str]):
|
|
98
|
+
def backend(self, value: pulumi.Input[builtins.str]):
|
|
98
99
|
pulumi.set(self, "backend", value)
|
|
99
100
|
|
|
100
101
|
@property
|
|
101
102
|
@pulumi.getter(name="autoRebuild")
|
|
102
|
-
def auto_rebuild(self) -> Optional[pulumi.Input[bool]]:
|
|
103
|
+
def auto_rebuild(self) -> Optional[pulumi.Input[builtins.bool]]:
|
|
103
104
|
"""
|
|
104
105
|
Enables periodic rebuilding of the CRL upon expiry. **Vault 1.12+**
|
|
105
106
|
"""
|
|
106
107
|
return pulumi.get(self, "auto_rebuild")
|
|
107
108
|
|
|
108
109
|
@auto_rebuild.setter
|
|
109
|
-
def auto_rebuild(self, value: Optional[pulumi.Input[bool]]):
|
|
110
|
+
def auto_rebuild(self, value: Optional[pulumi.Input[builtins.bool]]):
|
|
110
111
|
pulumi.set(self, "auto_rebuild", value)
|
|
111
112
|
|
|
112
113
|
@property
|
|
113
114
|
@pulumi.getter(name="autoRebuildGracePeriod")
|
|
114
|
-
def auto_rebuild_grace_period(self) -> Optional[pulumi.Input[str]]:
|
|
115
|
+
def auto_rebuild_grace_period(self) -> Optional[pulumi.Input[builtins.str]]:
|
|
115
116
|
"""
|
|
116
117
|
Grace period before CRL expiry to attempt rebuild of CRL. **Vault 1.12+**
|
|
117
118
|
"""
|
|
118
119
|
return pulumi.get(self, "auto_rebuild_grace_period")
|
|
119
120
|
|
|
120
121
|
@auto_rebuild_grace_period.setter
|
|
121
|
-
def auto_rebuild_grace_period(self, value: Optional[pulumi.Input[str]]):
|
|
122
|
+
def auto_rebuild_grace_period(self, value: Optional[pulumi.Input[builtins.str]]):
|
|
122
123
|
pulumi.set(self, "auto_rebuild_grace_period", value)
|
|
123
124
|
|
|
124
125
|
@property
|
|
125
126
|
@pulumi.getter(name="crossClusterRevocation")
|
|
126
|
-
def cross_cluster_revocation(self) -> Optional[pulumi.Input[bool]]:
|
|
127
|
+
def cross_cluster_revocation(self) -> Optional[pulumi.Input[builtins.bool]]:
|
|
127
128
|
"""
|
|
128
129
|
Enable cross-cluster revocation request queues. **Vault 1.13+**
|
|
129
130
|
"""
|
|
130
131
|
return pulumi.get(self, "cross_cluster_revocation")
|
|
131
132
|
|
|
132
133
|
@cross_cluster_revocation.setter
|
|
133
|
-
def cross_cluster_revocation(self, value: Optional[pulumi.Input[bool]]):
|
|
134
|
+
def cross_cluster_revocation(self, value: Optional[pulumi.Input[builtins.bool]]):
|
|
134
135
|
pulumi.set(self, "cross_cluster_revocation", value)
|
|
135
136
|
|
|
136
137
|
@property
|
|
137
138
|
@pulumi.getter(name="deltaRebuildInterval")
|
|
138
|
-
def delta_rebuild_interval(self) -> Optional[pulumi.Input[str]]:
|
|
139
|
+
def delta_rebuild_interval(self) -> Optional[pulumi.Input[builtins.str]]:
|
|
139
140
|
"""
|
|
140
141
|
Interval to check for new revocations on, to regenerate the delta CRL.
|
|
141
142
|
"""
|
|
142
143
|
return pulumi.get(self, "delta_rebuild_interval")
|
|
143
144
|
|
|
144
145
|
@delta_rebuild_interval.setter
|
|
145
|
-
def delta_rebuild_interval(self, value: Optional[pulumi.Input[str]]):
|
|
146
|
+
def delta_rebuild_interval(self, value: Optional[pulumi.Input[builtins.str]]):
|
|
146
147
|
pulumi.set(self, "delta_rebuild_interval", value)
|
|
147
148
|
|
|
148
149
|
@property
|
|
149
150
|
@pulumi.getter
|
|
150
|
-
def disable(self) -> Optional[pulumi.Input[bool]]:
|
|
151
|
+
def disable(self) -> Optional[pulumi.Input[builtins.bool]]:
|
|
151
152
|
"""
|
|
152
153
|
Disables or enables CRL building.
|
|
153
154
|
"""
|
|
154
155
|
return pulumi.get(self, "disable")
|
|
155
156
|
|
|
156
157
|
@disable.setter
|
|
157
|
-
def disable(self, value: Optional[pulumi.Input[bool]]):
|
|
158
|
+
def disable(self, value: Optional[pulumi.Input[builtins.bool]]):
|
|
158
159
|
pulumi.set(self, "disable", value)
|
|
159
160
|
|
|
160
161
|
@property
|
|
161
162
|
@pulumi.getter(name="enableDelta")
|
|
162
|
-
def enable_delta(self) -> Optional[pulumi.Input[bool]]:
|
|
163
|
+
def enable_delta(self) -> Optional[pulumi.Input[builtins.bool]]:
|
|
163
164
|
"""
|
|
164
165
|
Enables building of delta CRLs with up-to-date revocation information,
|
|
165
166
|
augmenting the last complete CRL. **Vault 1.12+**
|
|
@@ -167,24 +168,24 @@ class SecretBackendCrlConfigArgs:
|
|
|
167
168
|
return pulumi.get(self, "enable_delta")
|
|
168
169
|
|
|
169
170
|
@enable_delta.setter
|
|
170
|
-
def enable_delta(self, value: Optional[pulumi.Input[bool]]):
|
|
171
|
+
def enable_delta(self, value: Optional[pulumi.Input[builtins.bool]]):
|
|
171
172
|
pulumi.set(self, "enable_delta", value)
|
|
172
173
|
|
|
173
174
|
@property
|
|
174
175
|
@pulumi.getter
|
|
175
|
-
def expiry(self) -> Optional[pulumi.Input[str]]:
|
|
176
|
+
def expiry(self) -> Optional[pulumi.Input[builtins.str]]:
|
|
176
177
|
"""
|
|
177
178
|
Specifies the time until expiration.
|
|
178
179
|
"""
|
|
179
180
|
return pulumi.get(self, "expiry")
|
|
180
181
|
|
|
181
182
|
@expiry.setter
|
|
182
|
-
def expiry(self, value: Optional[pulumi.Input[str]]):
|
|
183
|
+
def expiry(self, value: Optional[pulumi.Input[builtins.str]]):
|
|
183
184
|
pulumi.set(self, "expiry", value)
|
|
184
185
|
|
|
185
186
|
@property
|
|
186
187
|
@pulumi.getter(name="maxCrlEntries")
|
|
187
|
-
def max_crl_entries(self) -> Optional[pulumi.Input[int]]:
|
|
188
|
+
def max_crl_entries(self) -> Optional[pulumi.Input[builtins.int]]:
|
|
188
189
|
"""
|
|
189
190
|
The maximum number of entries a CRL can contain. This option exists to prevent
|
|
190
191
|
accidental runaway issuance/revocation from overloading Vault. If set to -1, the limit is disabled. **Vault 1.19**
|
|
@@ -192,12 +193,12 @@ class SecretBackendCrlConfigArgs:
|
|
|
192
193
|
return pulumi.get(self, "max_crl_entries")
|
|
193
194
|
|
|
194
195
|
@max_crl_entries.setter
|
|
195
|
-
def max_crl_entries(self, value: Optional[pulumi.Input[int]]):
|
|
196
|
+
def max_crl_entries(self, value: Optional[pulumi.Input[builtins.int]]):
|
|
196
197
|
pulumi.set(self, "max_crl_entries", value)
|
|
197
198
|
|
|
198
199
|
@property
|
|
199
200
|
@pulumi.getter
|
|
200
|
-
def namespace(self) -> Optional[pulumi.Input[str]]:
|
|
201
|
+
def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
|
|
201
202
|
"""
|
|
202
203
|
The namespace to provision the resource in.
|
|
203
204
|
The value should not contain leading or trailing forward slashes.
|
|
@@ -207,24 +208,24 @@ class SecretBackendCrlConfigArgs:
|
|
|
207
208
|
return pulumi.get(self, "namespace")
|
|
208
209
|
|
|
209
210
|
@namespace.setter
|
|
210
|
-
def namespace(self, value: Optional[pulumi.Input[str]]):
|
|
211
|
+
def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
|
|
211
212
|
pulumi.set(self, "namespace", value)
|
|
212
213
|
|
|
213
214
|
@property
|
|
214
215
|
@pulumi.getter(name="ocspDisable")
|
|
215
|
-
def ocsp_disable(self) -> Optional[pulumi.Input[bool]]:
|
|
216
|
+
def ocsp_disable(self) -> Optional[pulumi.Input[builtins.bool]]:
|
|
216
217
|
"""
|
|
217
218
|
Disables the OCSP responder in Vault. **Vault 1.12+**
|
|
218
219
|
"""
|
|
219
220
|
return pulumi.get(self, "ocsp_disable")
|
|
220
221
|
|
|
221
222
|
@ocsp_disable.setter
|
|
222
|
-
def ocsp_disable(self, value: Optional[pulumi.Input[bool]]):
|
|
223
|
+
def ocsp_disable(self, value: Optional[pulumi.Input[builtins.bool]]):
|
|
223
224
|
pulumi.set(self, "ocsp_disable", value)
|
|
224
225
|
|
|
225
226
|
@property
|
|
226
227
|
@pulumi.getter(name="ocspExpiry")
|
|
227
|
-
def ocsp_expiry(self) -> Optional[pulumi.Input[str]]:
|
|
228
|
+
def ocsp_expiry(self) -> Optional[pulumi.Input[builtins.str]]:
|
|
228
229
|
"""
|
|
229
230
|
The amount of time an OCSP response can be cached for, useful for OCSP stapling
|
|
230
231
|
refresh durations. **Vault 1.12+**
|
|
@@ -232,24 +233,24 @@ class SecretBackendCrlConfigArgs:
|
|
|
232
233
|
return pulumi.get(self, "ocsp_expiry")
|
|
233
234
|
|
|
234
235
|
@ocsp_expiry.setter
|
|
235
|
-
def ocsp_expiry(self, value: Optional[pulumi.Input[str]]):
|
|
236
|
+
def ocsp_expiry(self, value: Optional[pulumi.Input[builtins.str]]):
|
|
236
237
|
pulumi.set(self, "ocsp_expiry", value)
|
|
237
238
|
|
|
238
239
|
@property
|
|
239
240
|
@pulumi.getter(name="unifiedCrl")
|
|
240
|
-
def unified_crl(self) -> Optional[pulumi.Input[bool]]:
|
|
241
|
+
def unified_crl(self) -> Optional[pulumi.Input[builtins.bool]]:
|
|
241
242
|
"""
|
|
242
243
|
Enables unified CRL and OCSP building. **Vault 1.13+**
|
|
243
244
|
"""
|
|
244
245
|
return pulumi.get(self, "unified_crl")
|
|
245
246
|
|
|
246
247
|
@unified_crl.setter
|
|
247
|
-
def unified_crl(self, value: Optional[pulumi.Input[bool]]):
|
|
248
|
+
def unified_crl(self, value: Optional[pulumi.Input[builtins.bool]]):
|
|
248
249
|
pulumi.set(self, "unified_crl", value)
|
|
249
250
|
|
|
250
251
|
@property
|
|
251
252
|
@pulumi.getter(name="unifiedCrlOnExistingPaths")
|
|
252
|
-
def unified_crl_on_existing_paths(self) -> Optional[pulumi.Input[bool]]:
|
|
253
|
+
def unified_crl_on_existing_paths(self) -> Optional[pulumi.Input[builtins.bool]]:
|
|
253
254
|
"""
|
|
254
255
|
Enables serving the unified CRL and OCSP on the existing, previously
|
|
255
256
|
cluster-local paths. **Vault 1.13+**
|
|
@@ -257,49 +258,49 @@ class SecretBackendCrlConfigArgs:
|
|
|
257
258
|
return pulumi.get(self, "unified_crl_on_existing_paths")
|
|
258
259
|
|
|
259
260
|
@unified_crl_on_existing_paths.setter
|
|
260
|
-
def unified_crl_on_existing_paths(self, value: Optional[pulumi.Input[bool]]):
|
|
261
|
+
def unified_crl_on_existing_paths(self, value: Optional[pulumi.Input[builtins.bool]]):
|
|
261
262
|
pulumi.set(self, "unified_crl_on_existing_paths", value)
|
|
262
263
|
|
|
263
264
|
|
|
264
265
|
@pulumi.input_type
|
|
265
266
|
class _SecretBackendCrlConfigState:
|
|
266
267
|
def __init__(__self__, *,
|
|
267
|
-
auto_rebuild: Optional[pulumi.Input[bool]] = None,
|
|
268
|
-
auto_rebuild_grace_period: Optional[pulumi.Input[str]] = None,
|
|
269
|
-
backend: Optional[pulumi.Input[str]] = None,
|
|
270
|
-
cross_cluster_revocation: Optional[pulumi.Input[bool]] = None,
|
|
271
|
-
delta_rebuild_interval: Optional[pulumi.Input[str]] = None,
|
|
272
|
-
disable: Optional[pulumi.Input[bool]] = None,
|
|
273
|
-
enable_delta: Optional[pulumi.Input[bool]] = None,
|
|
274
|
-
expiry: Optional[pulumi.Input[str]] = None,
|
|
275
|
-
max_crl_entries: Optional[pulumi.Input[int]] = None,
|
|
276
|
-
namespace: Optional[pulumi.Input[str]] = None,
|
|
277
|
-
ocsp_disable: Optional[pulumi.Input[bool]] = None,
|
|
278
|
-
ocsp_expiry: Optional[pulumi.Input[str]] = None,
|
|
279
|
-
unified_crl: Optional[pulumi.Input[bool]] = None,
|
|
280
|
-
unified_crl_on_existing_paths: Optional[pulumi.Input[bool]] = None):
|
|
268
|
+
auto_rebuild: Optional[pulumi.Input[builtins.bool]] = None,
|
|
269
|
+
auto_rebuild_grace_period: Optional[pulumi.Input[builtins.str]] = None,
|
|
270
|
+
backend: Optional[pulumi.Input[builtins.str]] = None,
|
|
271
|
+
cross_cluster_revocation: Optional[pulumi.Input[builtins.bool]] = None,
|
|
272
|
+
delta_rebuild_interval: Optional[pulumi.Input[builtins.str]] = None,
|
|
273
|
+
disable: Optional[pulumi.Input[builtins.bool]] = None,
|
|
274
|
+
enable_delta: Optional[pulumi.Input[builtins.bool]] = None,
|
|
275
|
+
expiry: Optional[pulumi.Input[builtins.str]] = None,
|
|
276
|
+
max_crl_entries: Optional[pulumi.Input[builtins.int]] = None,
|
|
277
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None,
|
|
278
|
+
ocsp_disable: Optional[pulumi.Input[builtins.bool]] = None,
|
|
279
|
+
ocsp_expiry: Optional[pulumi.Input[builtins.str]] = None,
|
|
280
|
+
unified_crl: Optional[pulumi.Input[builtins.bool]] = None,
|
|
281
|
+
unified_crl_on_existing_paths: Optional[pulumi.Input[builtins.bool]] = None):
|
|
281
282
|
"""
|
|
282
283
|
Input properties used for looking up and filtering SecretBackendCrlConfig resources.
|
|
283
|
-
:param pulumi.Input[bool] auto_rebuild: Enables periodic rebuilding of the CRL upon expiry. **Vault 1.12+**
|
|
284
|
-
:param pulumi.Input[str] auto_rebuild_grace_period: Grace period before CRL expiry to attempt rebuild of CRL. **Vault 1.12+**
|
|
285
|
-
:param pulumi.Input[str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
|
|
286
|
-
:param pulumi.Input[bool] cross_cluster_revocation: Enable cross-cluster revocation request queues. **Vault 1.13+**
|
|
287
|
-
:param pulumi.Input[str] delta_rebuild_interval: Interval to check for new revocations on, to regenerate the delta CRL.
|
|
288
|
-
:param pulumi.Input[bool] disable: Disables or enables CRL building.
|
|
289
|
-
:param pulumi.Input[bool] enable_delta: Enables building of delta CRLs with up-to-date revocation information,
|
|
284
|
+
:param pulumi.Input[builtins.bool] auto_rebuild: Enables periodic rebuilding of the CRL upon expiry. **Vault 1.12+**
|
|
285
|
+
:param pulumi.Input[builtins.str] auto_rebuild_grace_period: Grace period before CRL expiry to attempt rebuild of CRL. **Vault 1.12+**
|
|
286
|
+
:param pulumi.Input[builtins.str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
|
|
287
|
+
:param pulumi.Input[builtins.bool] cross_cluster_revocation: Enable cross-cluster revocation request queues. **Vault 1.13+**
|
|
288
|
+
:param pulumi.Input[builtins.str] delta_rebuild_interval: Interval to check for new revocations on, to regenerate the delta CRL.
|
|
289
|
+
:param pulumi.Input[builtins.bool] disable: Disables or enables CRL building.
|
|
290
|
+
:param pulumi.Input[builtins.bool] enable_delta: Enables building of delta CRLs with up-to-date revocation information,
|
|
290
291
|
augmenting the last complete CRL. **Vault 1.12+**
|
|
291
|
-
:param pulumi.Input[str] expiry: Specifies the time until expiration.
|
|
292
|
-
:param pulumi.Input[int] max_crl_entries: The maximum number of entries a CRL can contain. This option exists to prevent
|
|
292
|
+
:param pulumi.Input[builtins.str] expiry: Specifies the time until expiration.
|
|
293
|
+
:param pulumi.Input[builtins.int] max_crl_entries: The maximum number of entries a CRL can contain. This option exists to prevent
|
|
293
294
|
accidental runaway issuance/revocation from overloading Vault. If set to -1, the limit is disabled. **Vault 1.19**
|
|
294
|
-
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
|
295
|
+
:param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
|
|
295
296
|
The value should not contain leading or trailing forward slashes.
|
|
296
297
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
|
297
298
|
*Available only for Vault Enterprise*.
|
|
298
|
-
:param pulumi.Input[bool] ocsp_disable: Disables the OCSP responder in Vault. **Vault 1.12+**
|
|
299
|
-
:param pulumi.Input[str] ocsp_expiry: The amount of time an OCSP response can be cached for, useful for OCSP stapling
|
|
299
|
+
:param pulumi.Input[builtins.bool] ocsp_disable: Disables the OCSP responder in Vault. **Vault 1.12+**
|
|
300
|
+
:param pulumi.Input[builtins.str] ocsp_expiry: The amount of time an OCSP response can be cached for, useful for OCSP stapling
|
|
300
301
|
refresh durations. **Vault 1.12+**
|
|
301
|
-
:param pulumi.Input[bool] unified_crl: Enables unified CRL and OCSP building. **Vault 1.13+**
|
|
302
|
-
:param pulumi.Input[bool] unified_crl_on_existing_paths: Enables serving the unified CRL and OCSP on the existing, previously
|
|
302
|
+
:param pulumi.Input[builtins.bool] unified_crl: Enables unified CRL and OCSP building. **Vault 1.13+**
|
|
303
|
+
:param pulumi.Input[builtins.bool] unified_crl_on_existing_paths: Enables serving the unified CRL and OCSP on the existing, previously
|
|
303
304
|
cluster-local paths. **Vault 1.13+**
|
|
304
305
|
"""
|
|
305
306
|
if auto_rebuild is not None:
|
|
@@ -333,79 +334,79 @@ class _SecretBackendCrlConfigState:
|
|
|
333
334
|
|
|
334
335
|
@property
|
|
335
336
|
@pulumi.getter(name="autoRebuild")
|
|
336
|
-
def auto_rebuild(self) -> Optional[pulumi.Input[bool]]:
|
|
337
|
+
def auto_rebuild(self) -> Optional[pulumi.Input[builtins.bool]]:
|
|
337
338
|
"""
|
|
338
339
|
Enables periodic rebuilding of the CRL upon expiry. **Vault 1.12+**
|
|
339
340
|
"""
|
|
340
341
|
return pulumi.get(self, "auto_rebuild")
|
|
341
342
|
|
|
342
343
|
@auto_rebuild.setter
|
|
343
|
-
def auto_rebuild(self, value: Optional[pulumi.Input[bool]]):
|
|
344
|
+
def auto_rebuild(self, value: Optional[pulumi.Input[builtins.bool]]):
|
|
344
345
|
pulumi.set(self, "auto_rebuild", value)
|
|
345
346
|
|
|
346
347
|
@property
|
|
347
348
|
@pulumi.getter(name="autoRebuildGracePeriod")
|
|
348
|
-
def auto_rebuild_grace_period(self) -> Optional[pulumi.Input[str]]:
|
|
349
|
+
def auto_rebuild_grace_period(self) -> Optional[pulumi.Input[builtins.str]]:
|
|
349
350
|
"""
|
|
350
351
|
Grace period before CRL expiry to attempt rebuild of CRL. **Vault 1.12+**
|
|
351
352
|
"""
|
|
352
353
|
return pulumi.get(self, "auto_rebuild_grace_period")
|
|
353
354
|
|
|
354
355
|
@auto_rebuild_grace_period.setter
|
|
355
|
-
def auto_rebuild_grace_period(self, value: Optional[pulumi.Input[str]]):
|
|
356
|
+
def auto_rebuild_grace_period(self, value: Optional[pulumi.Input[builtins.str]]):
|
|
356
357
|
pulumi.set(self, "auto_rebuild_grace_period", value)
|
|
357
358
|
|
|
358
359
|
@property
|
|
359
360
|
@pulumi.getter
|
|
360
|
-
def backend(self) -> Optional[pulumi.Input[str]]:
|
|
361
|
+
def backend(self) -> Optional[pulumi.Input[builtins.str]]:
|
|
361
362
|
"""
|
|
362
363
|
The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
|
|
363
364
|
"""
|
|
364
365
|
return pulumi.get(self, "backend")
|
|
365
366
|
|
|
366
367
|
@backend.setter
|
|
367
|
-
def backend(self, value: Optional[pulumi.Input[str]]):
|
|
368
|
+
def backend(self, value: Optional[pulumi.Input[builtins.str]]):
|
|
368
369
|
pulumi.set(self, "backend", value)
|
|
369
370
|
|
|
370
371
|
@property
|
|
371
372
|
@pulumi.getter(name="crossClusterRevocation")
|
|
372
|
-
def cross_cluster_revocation(self) -> Optional[pulumi.Input[bool]]:
|
|
373
|
+
def cross_cluster_revocation(self) -> Optional[pulumi.Input[builtins.bool]]:
|
|
373
374
|
"""
|
|
374
375
|
Enable cross-cluster revocation request queues. **Vault 1.13+**
|
|
375
376
|
"""
|
|
376
377
|
return pulumi.get(self, "cross_cluster_revocation")
|
|
377
378
|
|
|
378
379
|
@cross_cluster_revocation.setter
|
|
379
|
-
def cross_cluster_revocation(self, value: Optional[pulumi.Input[bool]]):
|
|
380
|
+
def cross_cluster_revocation(self, value: Optional[pulumi.Input[builtins.bool]]):
|
|
380
381
|
pulumi.set(self, "cross_cluster_revocation", value)
|
|
381
382
|
|
|
382
383
|
@property
|
|
383
384
|
@pulumi.getter(name="deltaRebuildInterval")
|
|
384
|
-
def delta_rebuild_interval(self) -> Optional[pulumi.Input[str]]:
|
|
385
|
+
def delta_rebuild_interval(self) -> Optional[pulumi.Input[builtins.str]]:
|
|
385
386
|
"""
|
|
386
387
|
Interval to check for new revocations on, to regenerate the delta CRL.
|
|
387
388
|
"""
|
|
388
389
|
return pulumi.get(self, "delta_rebuild_interval")
|
|
389
390
|
|
|
390
391
|
@delta_rebuild_interval.setter
|
|
391
|
-
def delta_rebuild_interval(self, value: Optional[pulumi.Input[str]]):
|
|
392
|
+
def delta_rebuild_interval(self, value: Optional[pulumi.Input[builtins.str]]):
|
|
392
393
|
pulumi.set(self, "delta_rebuild_interval", value)
|
|
393
394
|
|
|
394
395
|
@property
|
|
395
396
|
@pulumi.getter
|
|
396
|
-
def disable(self) -> Optional[pulumi.Input[bool]]:
|
|
397
|
+
def disable(self) -> Optional[pulumi.Input[builtins.bool]]:
|
|
397
398
|
"""
|
|
398
399
|
Disables or enables CRL building.
|
|
399
400
|
"""
|
|
400
401
|
return pulumi.get(self, "disable")
|
|
401
402
|
|
|
402
403
|
@disable.setter
|
|
403
|
-
def disable(self, value: Optional[pulumi.Input[bool]]):
|
|
404
|
+
def disable(self, value: Optional[pulumi.Input[builtins.bool]]):
|
|
404
405
|
pulumi.set(self, "disable", value)
|
|
405
406
|
|
|
406
407
|
@property
|
|
407
408
|
@pulumi.getter(name="enableDelta")
|
|
408
|
-
def enable_delta(self) -> Optional[pulumi.Input[bool]]:
|
|
409
|
+
def enable_delta(self) -> Optional[pulumi.Input[builtins.bool]]:
|
|
409
410
|
"""
|
|
410
411
|
Enables building of delta CRLs with up-to-date revocation information,
|
|
411
412
|
augmenting the last complete CRL. **Vault 1.12+**
|
|
@@ -413,24 +414,24 @@ class _SecretBackendCrlConfigState:
|
|
|
413
414
|
return pulumi.get(self, "enable_delta")
|
|
414
415
|
|
|
415
416
|
@enable_delta.setter
|
|
416
|
-
def enable_delta(self, value: Optional[pulumi.Input[bool]]):
|
|
417
|
+
def enable_delta(self, value: Optional[pulumi.Input[builtins.bool]]):
|
|
417
418
|
pulumi.set(self, "enable_delta", value)
|
|
418
419
|
|
|
419
420
|
@property
|
|
420
421
|
@pulumi.getter
|
|
421
|
-
def expiry(self) -> Optional[pulumi.Input[str]]:
|
|
422
|
+
def expiry(self) -> Optional[pulumi.Input[builtins.str]]:
|
|
422
423
|
"""
|
|
423
424
|
Specifies the time until expiration.
|
|
424
425
|
"""
|
|
425
426
|
return pulumi.get(self, "expiry")
|
|
426
427
|
|
|
427
428
|
@expiry.setter
|
|
428
|
-
def expiry(self, value: Optional[pulumi.Input[str]]):
|
|
429
|
+
def expiry(self, value: Optional[pulumi.Input[builtins.str]]):
|
|
429
430
|
pulumi.set(self, "expiry", value)
|
|
430
431
|
|
|
431
432
|
@property
|
|
432
433
|
@pulumi.getter(name="maxCrlEntries")
|
|
433
|
-
def max_crl_entries(self) -> Optional[pulumi.Input[int]]:
|
|
434
|
+
def max_crl_entries(self) -> Optional[pulumi.Input[builtins.int]]:
|
|
434
435
|
"""
|
|
435
436
|
The maximum number of entries a CRL can contain. This option exists to prevent
|
|
436
437
|
accidental runaway issuance/revocation from overloading Vault. If set to -1, the limit is disabled. **Vault 1.19**
|
|
@@ -438,12 +439,12 @@ class _SecretBackendCrlConfigState:
|
|
|
438
439
|
return pulumi.get(self, "max_crl_entries")
|
|
439
440
|
|
|
440
441
|
@max_crl_entries.setter
|
|
441
|
-
def max_crl_entries(self, value: Optional[pulumi.Input[int]]):
|
|
442
|
+
def max_crl_entries(self, value: Optional[pulumi.Input[builtins.int]]):
|
|
442
443
|
pulumi.set(self, "max_crl_entries", value)
|
|
443
444
|
|
|
444
445
|
@property
|
|
445
446
|
@pulumi.getter
|
|
446
|
-
def namespace(self) -> Optional[pulumi.Input[str]]:
|
|
447
|
+
def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
|
|
447
448
|
"""
|
|
448
449
|
The namespace to provision the resource in.
|
|
449
450
|
The value should not contain leading or trailing forward slashes.
|
|
@@ -453,24 +454,24 @@ class _SecretBackendCrlConfigState:
|
|
|
453
454
|
return pulumi.get(self, "namespace")
|
|
454
455
|
|
|
455
456
|
@namespace.setter
|
|
456
|
-
def namespace(self, value: Optional[pulumi.Input[str]]):
|
|
457
|
+
def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
|
|
457
458
|
pulumi.set(self, "namespace", value)
|
|
458
459
|
|
|
459
460
|
@property
|
|
460
461
|
@pulumi.getter(name="ocspDisable")
|
|
461
|
-
def ocsp_disable(self) -> Optional[pulumi.Input[bool]]:
|
|
462
|
+
def ocsp_disable(self) -> Optional[pulumi.Input[builtins.bool]]:
|
|
462
463
|
"""
|
|
463
464
|
Disables the OCSP responder in Vault. **Vault 1.12+**
|
|
464
465
|
"""
|
|
465
466
|
return pulumi.get(self, "ocsp_disable")
|
|
466
467
|
|
|
467
468
|
@ocsp_disable.setter
|
|
468
|
-
def ocsp_disable(self, value: Optional[pulumi.Input[bool]]):
|
|
469
|
+
def ocsp_disable(self, value: Optional[pulumi.Input[builtins.bool]]):
|
|
469
470
|
pulumi.set(self, "ocsp_disable", value)
|
|
470
471
|
|
|
471
472
|
@property
|
|
472
473
|
@pulumi.getter(name="ocspExpiry")
|
|
473
|
-
def ocsp_expiry(self) -> Optional[pulumi.Input[str]]:
|
|
474
|
+
def ocsp_expiry(self) -> Optional[pulumi.Input[builtins.str]]:
|
|
474
475
|
"""
|
|
475
476
|
The amount of time an OCSP response can be cached for, useful for OCSP stapling
|
|
476
477
|
refresh durations. **Vault 1.12+**
|
|
@@ -478,24 +479,24 @@ class _SecretBackendCrlConfigState:
|
|
|
478
479
|
return pulumi.get(self, "ocsp_expiry")
|
|
479
480
|
|
|
480
481
|
@ocsp_expiry.setter
|
|
481
|
-
def ocsp_expiry(self, value: Optional[pulumi.Input[str]]):
|
|
482
|
+
def ocsp_expiry(self, value: Optional[pulumi.Input[builtins.str]]):
|
|
482
483
|
pulumi.set(self, "ocsp_expiry", value)
|
|
483
484
|
|
|
484
485
|
@property
|
|
485
486
|
@pulumi.getter(name="unifiedCrl")
|
|
486
|
-
def unified_crl(self) -> Optional[pulumi.Input[bool]]:
|
|
487
|
+
def unified_crl(self) -> Optional[pulumi.Input[builtins.bool]]:
|
|
487
488
|
"""
|
|
488
489
|
Enables unified CRL and OCSP building. **Vault 1.13+**
|
|
489
490
|
"""
|
|
490
491
|
return pulumi.get(self, "unified_crl")
|
|
491
492
|
|
|
492
493
|
@unified_crl.setter
|
|
493
|
-
def unified_crl(self, value: Optional[pulumi.Input[bool]]):
|
|
494
|
+
def unified_crl(self, value: Optional[pulumi.Input[builtins.bool]]):
|
|
494
495
|
pulumi.set(self, "unified_crl", value)
|
|
495
496
|
|
|
496
497
|
@property
|
|
497
498
|
@pulumi.getter(name="unifiedCrlOnExistingPaths")
|
|
498
|
-
def unified_crl_on_existing_paths(self) -> Optional[pulumi.Input[bool]]:
|
|
499
|
+
def unified_crl_on_existing_paths(self) -> Optional[pulumi.Input[builtins.bool]]:
|
|
499
500
|
"""
|
|
500
501
|
Enables serving the unified CRL and OCSP on the existing, previously
|
|
501
502
|
cluster-local paths. **Vault 1.13+**
|
|
@@ -503,7 +504,7 @@ class _SecretBackendCrlConfigState:
|
|
|
503
504
|
return pulumi.get(self, "unified_crl_on_existing_paths")
|
|
504
505
|
|
|
505
506
|
@unified_crl_on_existing_paths.setter
|
|
506
|
-
def unified_crl_on_existing_paths(self, value: Optional[pulumi.Input[bool]]):
|
|
507
|
+
def unified_crl_on_existing_paths(self, value: Optional[pulumi.Input[builtins.bool]]):
|
|
507
508
|
pulumi.set(self, "unified_crl_on_existing_paths", value)
|
|
508
509
|
|
|
509
510
|
|
|
@@ -512,20 +513,20 @@ class SecretBackendCrlConfig(pulumi.CustomResource):
|
|
|
512
513
|
def __init__(__self__,
|
|
513
514
|
resource_name: str,
|
|
514
515
|
opts: Optional[pulumi.ResourceOptions] = None,
|
|
515
|
-
auto_rebuild: Optional[pulumi.Input[bool]] = None,
|
|
516
|
-
auto_rebuild_grace_period: Optional[pulumi.Input[str]] = None,
|
|
517
|
-
backend: Optional[pulumi.Input[str]] = None,
|
|
518
|
-
cross_cluster_revocation: Optional[pulumi.Input[bool]] = None,
|
|
519
|
-
delta_rebuild_interval: Optional[pulumi.Input[str]] = None,
|
|
520
|
-
disable: Optional[pulumi.Input[bool]] = None,
|
|
521
|
-
enable_delta: Optional[pulumi.Input[bool]] = None,
|
|
522
|
-
expiry: Optional[pulumi.Input[str]] = None,
|
|
523
|
-
max_crl_entries: Optional[pulumi.Input[int]] = None,
|
|
524
|
-
namespace: Optional[pulumi.Input[str]] = None,
|
|
525
|
-
ocsp_disable: Optional[pulumi.Input[bool]] = None,
|
|
526
|
-
ocsp_expiry: Optional[pulumi.Input[str]] = None,
|
|
527
|
-
unified_crl: Optional[pulumi.Input[bool]] = None,
|
|
528
|
-
unified_crl_on_existing_paths: Optional[pulumi.Input[bool]] = None,
|
|
516
|
+
auto_rebuild: Optional[pulumi.Input[builtins.bool]] = None,
|
|
517
|
+
auto_rebuild_grace_period: Optional[pulumi.Input[builtins.str]] = None,
|
|
518
|
+
backend: Optional[pulumi.Input[builtins.str]] = None,
|
|
519
|
+
cross_cluster_revocation: Optional[pulumi.Input[builtins.bool]] = None,
|
|
520
|
+
delta_rebuild_interval: Optional[pulumi.Input[builtins.str]] = None,
|
|
521
|
+
disable: Optional[pulumi.Input[builtins.bool]] = None,
|
|
522
|
+
enable_delta: Optional[pulumi.Input[builtins.bool]] = None,
|
|
523
|
+
expiry: Optional[pulumi.Input[builtins.str]] = None,
|
|
524
|
+
max_crl_entries: Optional[pulumi.Input[builtins.int]] = None,
|
|
525
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None,
|
|
526
|
+
ocsp_disable: Optional[pulumi.Input[builtins.bool]] = None,
|
|
527
|
+
ocsp_expiry: Optional[pulumi.Input[builtins.str]] = None,
|
|
528
|
+
unified_crl: Optional[pulumi.Input[builtins.bool]] = None,
|
|
529
|
+
unified_crl_on_existing_paths: Optional[pulumi.Input[builtins.bool]] = None,
|
|
529
530
|
__props__=None):
|
|
530
531
|
"""
|
|
531
532
|
Allows setting the duration for which the generated CRL should be marked valid. If the CRL is disabled, it will return a signed but zero-length CRL for any request. If enabled, it will re-build the CRL.
|
|
@@ -549,26 +550,26 @@ class SecretBackendCrlConfig(pulumi.CustomResource):
|
|
|
549
550
|
|
|
550
551
|
:param str resource_name: The name of the resource.
|
|
551
552
|
:param pulumi.ResourceOptions opts: Options for the resource.
|
|
552
|
-
:param pulumi.Input[bool] auto_rebuild: Enables periodic rebuilding of the CRL upon expiry. **Vault 1.12+**
|
|
553
|
-
:param pulumi.Input[str] auto_rebuild_grace_period: Grace period before CRL expiry to attempt rebuild of CRL. **Vault 1.12+**
|
|
554
|
-
:param pulumi.Input[str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
|
|
555
|
-
:param pulumi.Input[bool] cross_cluster_revocation: Enable cross-cluster revocation request queues. **Vault 1.13+**
|
|
556
|
-
:param pulumi.Input[str] delta_rebuild_interval: Interval to check for new revocations on, to regenerate the delta CRL.
|
|
557
|
-
:param pulumi.Input[bool] disable: Disables or enables CRL building.
|
|
558
|
-
:param pulumi.Input[bool] enable_delta: Enables building of delta CRLs with up-to-date revocation information,
|
|
553
|
+
:param pulumi.Input[builtins.bool] auto_rebuild: Enables periodic rebuilding of the CRL upon expiry. **Vault 1.12+**
|
|
554
|
+
:param pulumi.Input[builtins.str] auto_rebuild_grace_period: Grace period before CRL expiry to attempt rebuild of CRL. **Vault 1.12+**
|
|
555
|
+
:param pulumi.Input[builtins.str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
|
|
556
|
+
:param pulumi.Input[builtins.bool] cross_cluster_revocation: Enable cross-cluster revocation request queues. **Vault 1.13+**
|
|
557
|
+
:param pulumi.Input[builtins.str] delta_rebuild_interval: Interval to check for new revocations on, to regenerate the delta CRL.
|
|
558
|
+
:param pulumi.Input[builtins.bool] disable: Disables or enables CRL building.
|
|
559
|
+
:param pulumi.Input[builtins.bool] enable_delta: Enables building of delta CRLs with up-to-date revocation information,
|
|
559
560
|
augmenting the last complete CRL. **Vault 1.12+**
|
|
560
|
-
:param pulumi.Input[str] expiry: Specifies the time until expiration.
|
|
561
|
-
:param pulumi.Input[int] max_crl_entries: The maximum number of entries a CRL can contain. This option exists to prevent
|
|
561
|
+
:param pulumi.Input[builtins.str] expiry: Specifies the time until expiration.
|
|
562
|
+
:param pulumi.Input[builtins.int] max_crl_entries: The maximum number of entries a CRL can contain. This option exists to prevent
|
|
562
563
|
accidental runaway issuance/revocation from overloading Vault. If set to -1, the limit is disabled. **Vault 1.19**
|
|
563
|
-
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
|
564
|
+
:param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
|
|
564
565
|
The value should not contain leading or trailing forward slashes.
|
|
565
566
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
|
566
567
|
*Available only for Vault Enterprise*.
|
|
567
|
-
:param pulumi.Input[bool] ocsp_disable: Disables the OCSP responder in Vault. **Vault 1.12+**
|
|
568
|
-
:param pulumi.Input[str] ocsp_expiry: The amount of time an OCSP response can be cached for, useful for OCSP stapling
|
|
568
|
+
:param pulumi.Input[builtins.bool] ocsp_disable: Disables the OCSP responder in Vault. **Vault 1.12+**
|
|
569
|
+
:param pulumi.Input[builtins.str] ocsp_expiry: The amount of time an OCSP response can be cached for, useful for OCSP stapling
|
|
569
570
|
refresh durations. **Vault 1.12+**
|
|
570
|
-
:param pulumi.Input[bool] unified_crl: Enables unified CRL and OCSP building. **Vault 1.13+**
|
|
571
|
-
:param pulumi.Input[bool] unified_crl_on_existing_paths: Enables serving the unified CRL and OCSP on the existing, previously
|
|
571
|
+
:param pulumi.Input[builtins.bool] unified_crl: Enables unified CRL and OCSP building. **Vault 1.13+**
|
|
572
|
+
:param pulumi.Input[builtins.bool] unified_crl_on_existing_paths: Enables serving the unified CRL and OCSP on the existing, previously
|
|
572
573
|
cluster-local paths. **Vault 1.13+**
|
|
573
574
|
"""
|
|
574
575
|
...
|
|
@@ -612,20 +613,20 @@ class SecretBackendCrlConfig(pulumi.CustomResource):
|
|
|
612
613
|
def _internal_init(__self__,
|
|
613
614
|
resource_name: str,
|
|
614
615
|
opts: Optional[pulumi.ResourceOptions] = None,
|
|
615
|
-
auto_rebuild: Optional[pulumi.Input[bool]] = None,
|
|
616
|
-
auto_rebuild_grace_period: Optional[pulumi.Input[str]] = None,
|
|
617
|
-
backend: Optional[pulumi.Input[str]] = None,
|
|
618
|
-
cross_cluster_revocation: Optional[pulumi.Input[bool]] = None,
|
|
619
|
-
delta_rebuild_interval: Optional[pulumi.Input[str]] = None,
|
|
620
|
-
disable: Optional[pulumi.Input[bool]] = None,
|
|
621
|
-
enable_delta: Optional[pulumi.Input[bool]] = None,
|
|
622
|
-
expiry: Optional[pulumi.Input[str]] = None,
|
|
623
|
-
max_crl_entries: Optional[pulumi.Input[int]] = None,
|
|
624
|
-
namespace: Optional[pulumi.Input[str]] = None,
|
|
625
|
-
ocsp_disable: Optional[pulumi.Input[bool]] = None,
|
|
626
|
-
ocsp_expiry: Optional[pulumi.Input[str]] = None,
|
|
627
|
-
unified_crl: Optional[pulumi.Input[bool]] = None,
|
|
628
|
-
unified_crl_on_existing_paths: Optional[pulumi.Input[bool]] = None,
|
|
616
|
+
auto_rebuild: Optional[pulumi.Input[builtins.bool]] = None,
|
|
617
|
+
auto_rebuild_grace_period: Optional[pulumi.Input[builtins.str]] = None,
|
|
618
|
+
backend: Optional[pulumi.Input[builtins.str]] = None,
|
|
619
|
+
cross_cluster_revocation: Optional[pulumi.Input[builtins.bool]] = None,
|
|
620
|
+
delta_rebuild_interval: Optional[pulumi.Input[builtins.str]] = None,
|
|
621
|
+
disable: Optional[pulumi.Input[builtins.bool]] = None,
|
|
622
|
+
enable_delta: Optional[pulumi.Input[builtins.bool]] = None,
|
|
623
|
+
expiry: Optional[pulumi.Input[builtins.str]] = None,
|
|
624
|
+
max_crl_entries: Optional[pulumi.Input[builtins.int]] = None,
|
|
625
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None,
|
|
626
|
+
ocsp_disable: Optional[pulumi.Input[builtins.bool]] = None,
|
|
627
|
+
ocsp_expiry: Optional[pulumi.Input[builtins.str]] = None,
|
|
628
|
+
unified_crl: Optional[pulumi.Input[builtins.bool]] = None,
|
|
629
|
+
unified_crl_on_existing_paths: Optional[pulumi.Input[builtins.bool]] = None,
|
|
629
630
|
__props__=None):
|
|
630
631
|
opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
|
|
631
632
|
if not isinstance(opts, pulumi.ResourceOptions):
|
|
@@ -661,20 +662,20 @@ class SecretBackendCrlConfig(pulumi.CustomResource):
|
|
|
661
662
|
def get(resource_name: str,
|
|
662
663
|
id: pulumi.Input[str],
|
|
663
664
|
opts: Optional[pulumi.ResourceOptions] = None,
|
|
664
|
-
auto_rebuild: Optional[pulumi.Input[bool]] = None,
|
|
665
|
-
auto_rebuild_grace_period: Optional[pulumi.Input[str]] = None,
|
|
666
|
-
backend: Optional[pulumi.Input[str]] = None,
|
|
667
|
-
cross_cluster_revocation: Optional[pulumi.Input[bool]] = None,
|
|
668
|
-
delta_rebuild_interval: Optional[pulumi.Input[str]] = None,
|
|
669
|
-
disable: Optional[pulumi.Input[bool]] = None,
|
|
670
|
-
enable_delta: Optional[pulumi.Input[bool]] = None,
|
|
671
|
-
expiry: Optional[pulumi.Input[str]] = None,
|
|
672
|
-
max_crl_entries: Optional[pulumi.Input[int]] = None,
|
|
673
|
-
namespace: Optional[pulumi.Input[str]] = None,
|
|
674
|
-
ocsp_disable: Optional[pulumi.Input[bool]] = None,
|
|
675
|
-
ocsp_expiry: Optional[pulumi.Input[str]] = None,
|
|
676
|
-
unified_crl: Optional[pulumi.Input[bool]] = None,
|
|
677
|
-
unified_crl_on_existing_paths: Optional[pulumi.Input[bool]] = None) -> 'SecretBackendCrlConfig':
|
|
665
|
+
auto_rebuild: Optional[pulumi.Input[builtins.bool]] = None,
|
|
666
|
+
auto_rebuild_grace_period: Optional[pulumi.Input[builtins.str]] = None,
|
|
667
|
+
backend: Optional[pulumi.Input[builtins.str]] = None,
|
|
668
|
+
cross_cluster_revocation: Optional[pulumi.Input[builtins.bool]] = None,
|
|
669
|
+
delta_rebuild_interval: Optional[pulumi.Input[builtins.str]] = None,
|
|
670
|
+
disable: Optional[pulumi.Input[builtins.bool]] = None,
|
|
671
|
+
enable_delta: Optional[pulumi.Input[builtins.bool]] = None,
|
|
672
|
+
expiry: Optional[pulumi.Input[builtins.str]] = None,
|
|
673
|
+
max_crl_entries: Optional[pulumi.Input[builtins.int]] = None,
|
|
674
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None,
|
|
675
|
+
ocsp_disable: Optional[pulumi.Input[builtins.bool]] = None,
|
|
676
|
+
ocsp_expiry: Optional[pulumi.Input[builtins.str]] = None,
|
|
677
|
+
unified_crl: Optional[pulumi.Input[builtins.bool]] = None,
|
|
678
|
+
unified_crl_on_existing_paths: Optional[pulumi.Input[builtins.bool]] = None) -> 'SecretBackendCrlConfig':
|
|
678
679
|
"""
|
|
679
680
|
Get an existing SecretBackendCrlConfig resource's state with the given name, id, and optional extra
|
|
680
681
|
properties used to qualify the lookup.
|
|
@@ -682,26 +683,26 @@ class SecretBackendCrlConfig(pulumi.CustomResource):
|
|
|
682
683
|
:param str resource_name: The unique name of the resulting resource.
|
|
683
684
|
:param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
|
|
684
685
|
:param pulumi.ResourceOptions opts: Options for the resource.
|
|
685
|
-
:param pulumi.Input[bool] auto_rebuild: Enables periodic rebuilding of the CRL upon expiry. **Vault 1.12+**
|
|
686
|
-
:param pulumi.Input[str] auto_rebuild_grace_period: Grace period before CRL expiry to attempt rebuild of CRL. **Vault 1.12+**
|
|
687
|
-
:param pulumi.Input[str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
|
|
688
|
-
:param pulumi.Input[bool] cross_cluster_revocation: Enable cross-cluster revocation request queues. **Vault 1.13+**
|
|
689
|
-
:param pulumi.Input[str] delta_rebuild_interval: Interval to check for new revocations on, to regenerate the delta CRL.
|
|
690
|
-
:param pulumi.Input[bool] disable: Disables or enables CRL building.
|
|
691
|
-
:param pulumi.Input[bool] enable_delta: Enables building of delta CRLs with up-to-date revocation information,
|
|
686
|
+
:param pulumi.Input[builtins.bool] auto_rebuild: Enables periodic rebuilding of the CRL upon expiry. **Vault 1.12+**
|
|
687
|
+
:param pulumi.Input[builtins.str] auto_rebuild_grace_period: Grace period before CRL expiry to attempt rebuild of CRL. **Vault 1.12+**
|
|
688
|
+
:param pulumi.Input[builtins.str] backend: The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
|
|
689
|
+
:param pulumi.Input[builtins.bool] cross_cluster_revocation: Enable cross-cluster revocation request queues. **Vault 1.13+**
|
|
690
|
+
:param pulumi.Input[builtins.str] delta_rebuild_interval: Interval to check for new revocations on, to regenerate the delta CRL.
|
|
691
|
+
:param pulumi.Input[builtins.bool] disable: Disables or enables CRL building.
|
|
692
|
+
:param pulumi.Input[builtins.bool] enable_delta: Enables building of delta CRLs with up-to-date revocation information,
|
|
692
693
|
augmenting the last complete CRL. **Vault 1.12+**
|
|
693
|
-
:param pulumi.Input[str] expiry: Specifies the time until expiration.
|
|
694
|
-
:param pulumi.Input[int] max_crl_entries: The maximum number of entries a CRL can contain. This option exists to prevent
|
|
694
|
+
:param pulumi.Input[builtins.str] expiry: Specifies the time until expiration.
|
|
695
|
+
:param pulumi.Input[builtins.int] max_crl_entries: The maximum number of entries a CRL can contain. This option exists to prevent
|
|
695
696
|
accidental runaway issuance/revocation from overloading Vault. If set to -1, the limit is disabled. **Vault 1.19**
|
|
696
|
-
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
|
697
|
+
:param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
|
|
697
698
|
The value should not contain leading or trailing forward slashes.
|
|
698
699
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
|
699
700
|
*Available only for Vault Enterprise*.
|
|
700
|
-
:param pulumi.Input[bool] ocsp_disable: Disables the OCSP responder in Vault. **Vault 1.12+**
|
|
701
|
-
:param pulumi.Input[str] ocsp_expiry: The amount of time an OCSP response can be cached for, useful for OCSP stapling
|
|
701
|
+
:param pulumi.Input[builtins.bool] ocsp_disable: Disables the OCSP responder in Vault. **Vault 1.12+**
|
|
702
|
+
:param pulumi.Input[builtins.str] ocsp_expiry: The amount of time an OCSP response can be cached for, useful for OCSP stapling
|
|
702
703
|
refresh durations. **Vault 1.12+**
|
|
703
|
-
:param pulumi.Input[bool] unified_crl: Enables unified CRL and OCSP building. **Vault 1.13+**
|
|
704
|
-
:param pulumi.Input[bool] unified_crl_on_existing_paths: Enables serving the unified CRL and OCSP on the existing, previously
|
|
704
|
+
:param pulumi.Input[builtins.bool] unified_crl: Enables unified CRL and OCSP building. **Vault 1.13+**
|
|
705
|
+
:param pulumi.Input[builtins.bool] unified_crl_on_existing_paths: Enables serving the unified CRL and OCSP on the existing, previously
|
|
705
706
|
cluster-local paths. **Vault 1.13+**
|
|
706
707
|
"""
|
|
707
708
|
opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
|
|
@@ -726,7 +727,7 @@ class SecretBackendCrlConfig(pulumi.CustomResource):
|
|
|
726
727
|
|
|
727
728
|
@property
|
|
728
729
|
@pulumi.getter(name="autoRebuild")
|
|
729
|
-
def auto_rebuild(self) -> pulumi.Output[Optional[bool]]:
|
|
730
|
+
def auto_rebuild(self) -> pulumi.Output[Optional[builtins.bool]]:
|
|
730
731
|
"""
|
|
731
732
|
Enables periodic rebuilding of the CRL upon expiry. **Vault 1.12+**
|
|
732
733
|
"""
|
|
@@ -734,7 +735,7 @@ class SecretBackendCrlConfig(pulumi.CustomResource):
|
|
|
734
735
|
|
|
735
736
|
@property
|
|
736
737
|
@pulumi.getter(name="autoRebuildGracePeriod")
|
|
737
|
-
def auto_rebuild_grace_period(self) -> pulumi.Output[str]:
|
|
738
|
+
def auto_rebuild_grace_period(self) -> pulumi.Output[builtins.str]:
|
|
738
739
|
"""
|
|
739
740
|
Grace period before CRL expiry to attempt rebuild of CRL. **Vault 1.12+**
|
|
740
741
|
"""
|
|
@@ -742,7 +743,7 @@ class SecretBackendCrlConfig(pulumi.CustomResource):
|
|
|
742
743
|
|
|
743
744
|
@property
|
|
744
745
|
@pulumi.getter
|
|
745
|
-
def backend(self) -> pulumi.Output[str]:
|
|
746
|
+
def backend(self) -> pulumi.Output[builtins.str]:
|
|
746
747
|
"""
|
|
747
748
|
The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
|
|
748
749
|
"""
|
|
@@ -750,7 +751,7 @@ class SecretBackendCrlConfig(pulumi.CustomResource):
|
|
|
750
751
|
|
|
751
752
|
@property
|
|
752
753
|
@pulumi.getter(name="crossClusterRevocation")
|
|
753
|
-
def cross_cluster_revocation(self) -> pulumi.Output[bool]:
|
|
754
|
+
def cross_cluster_revocation(self) -> pulumi.Output[builtins.bool]:
|
|
754
755
|
"""
|
|
755
756
|
Enable cross-cluster revocation request queues. **Vault 1.13+**
|
|
756
757
|
"""
|
|
@@ -758,7 +759,7 @@ class SecretBackendCrlConfig(pulumi.CustomResource):
|
|
|
758
759
|
|
|
759
760
|
@property
|
|
760
761
|
@pulumi.getter(name="deltaRebuildInterval")
|
|
761
|
-
def delta_rebuild_interval(self) -> pulumi.Output[str]:
|
|
762
|
+
def delta_rebuild_interval(self) -> pulumi.Output[builtins.str]:
|
|
762
763
|
"""
|
|
763
764
|
Interval to check for new revocations on, to regenerate the delta CRL.
|
|
764
765
|
"""
|
|
@@ -766,7 +767,7 @@ class SecretBackendCrlConfig(pulumi.CustomResource):
|
|
|
766
767
|
|
|
767
768
|
@property
|
|
768
769
|
@pulumi.getter
|
|
769
|
-
def disable(self) -> pulumi.Output[Optional[bool]]:
|
|
770
|
+
def disable(self) -> pulumi.Output[Optional[builtins.bool]]:
|
|
770
771
|
"""
|
|
771
772
|
Disables or enables CRL building.
|
|
772
773
|
"""
|
|
@@ -774,7 +775,7 @@ class SecretBackendCrlConfig(pulumi.CustomResource):
|
|
|
774
775
|
|
|
775
776
|
@property
|
|
776
777
|
@pulumi.getter(name="enableDelta")
|
|
777
|
-
def enable_delta(self) -> pulumi.Output[Optional[bool]]:
|
|
778
|
+
def enable_delta(self) -> pulumi.Output[Optional[builtins.bool]]:
|
|
778
779
|
"""
|
|
779
780
|
Enables building of delta CRLs with up-to-date revocation information,
|
|
780
781
|
augmenting the last complete CRL. **Vault 1.12+**
|
|
@@ -783,7 +784,7 @@ class SecretBackendCrlConfig(pulumi.CustomResource):
|
|
|
783
784
|
|
|
784
785
|
@property
|
|
785
786
|
@pulumi.getter
|
|
786
|
-
def expiry(self) -> pulumi.Output[Optional[str]]:
|
|
787
|
+
def expiry(self) -> pulumi.Output[Optional[builtins.str]]:
|
|
787
788
|
"""
|
|
788
789
|
Specifies the time until expiration.
|
|
789
790
|
"""
|
|
@@ -791,7 +792,7 @@ class SecretBackendCrlConfig(pulumi.CustomResource):
|
|
|
791
792
|
|
|
792
793
|
@property
|
|
793
794
|
@pulumi.getter(name="maxCrlEntries")
|
|
794
|
-
def max_crl_entries(self) -> pulumi.Output[int]:
|
|
795
|
+
def max_crl_entries(self) -> pulumi.Output[builtins.int]:
|
|
795
796
|
"""
|
|
796
797
|
The maximum number of entries a CRL can contain. This option exists to prevent
|
|
797
798
|
accidental runaway issuance/revocation from overloading Vault. If set to -1, the limit is disabled. **Vault 1.19**
|
|
@@ -800,7 +801,7 @@ class SecretBackendCrlConfig(pulumi.CustomResource):
|
|
|
800
801
|
|
|
801
802
|
@property
|
|
802
803
|
@pulumi.getter
|
|
803
|
-
def namespace(self) -> pulumi.Output[Optional[str]]:
|
|
804
|
+
def namespace(self) -> pulumi.Output[Optional[builtins.str]]:
|
|
804
805
|
"""
|
|
805
806
|
The namespace to provision the resource in.
|
|
806
807
|
The value should not contain leading or trailing forward slashes.
|
|
@@ -811,7 +812,7 @@ class SecretBackendCrlConfig(pulumi.CustomResource):
|
|
|
811
812
|
|
|
812
813
|
@property
|
|
813
814
|
@pulumi.getter(name="ocspDisable")
|
|
814
|
-
def ocsp_disable(self) -> pulumi.Output[Optional[bool]]:
|
|
815
|
+
def ocsp_disable(self) -> pulumi.Output[Optional[builtins.bool]]:
|
|
815
816
|
"""
|
|
816
817
|
Disables the OCSP responder in Vault. **Vault 1.12+**
|
|
817
818
|
"""
|
|
@@ -819,7 +820,7 @@ class SecretBackendCrlConfig(pulumi.CustomResource):
|
|
|
819
820
|
|
|
820
821
|
@property
|
|
821
822
|
@pulumi.getter(name="ocspExpiry")
|
|
822
|
-
def ocsp_expiry(self) -> pulumi.Output[str]:
|
|
823
|
+
def ocsp_expiry(self) -> pulumi.Output[builtins.str]:
|
|
823
824
|
"""
|
|
824
825
|
The amount of time an OCSP response can be cached for, useful for OCSP stapling
|
|
825
826
|
refresh durations. **Vault 1.12+**
|
|
@@ -828,7 +829,7 @@ class SecretBackendCrlConfig(pulumi.CustomResource):
|
|
|
828
829
|
|
|
829
830
|
@property
|
|
830
831
|
@pulumi.getter(name="unifiedCrl")
|
|
831
|
-
def unified_crl(self) -> pulumi.Output[bool]:
|
|
832
|
+
def unified_crl(self) -> pulumi.Output[builtins.bool]:
|
|
832
833
|
"""
|
|
833
834
|
Enables unified CRL and OCSP building. **Vault 1.13+**
|
|
834
835
|
"""
|
|
@@ -836,7 +837,7 @@ class SecretBackendCrlConfig(pulumi.CustomResource):
|
|
|
836
837
|
|
|
837
838
|
@property
|
|
838
839
|
@pulumi.getter(name="unifiedCrlOnExistingPaths")
|
|
839
|
-
def unified_crl_on_existing_paths(self) -> pulumi.Output[bool]:
|
|
840
|
+
def unified_crl_on_existing_paths(self) -> pulumi.Output[builtins.bool]:
|
|
840
841
|
"""
|
|
841
842
|
Enables serving the unified CRL and OCSP on the existing, previously
|
|
842
843
|
cluster-local paths. **Vault 1.13+**
|