pulumi-vault 6.7.0a1743576047__py3-none-any.whl → 6.7.0a1744267302__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_vault/__init__.py +1 -0
- pulumi_vault/_inputs.py +554 -553
- pulumi_vault/ad/__init__.py +1 -0
- pulumi_vault/ad/get_access_credentials.py +20 -19
- pulumi_vault/ad/secret_backend.py +477 -476
- pulumi_vault/ad/secret_library.py +99 -98
- pulumi_vault/ad/secret_role.py +85 -84
- pulumi_vault/alicloud/__init__.py +1 -0
- pulumi_vault/alicloud/auth_backend_role.py +183 -182
- pulumi_vault/approle/__init__.py +1 -0
- pulumi_vault/approle/auth_backend_login.py +106 -105
- pulumi_vault/approle/auth_backend_role.py +239 -238
- pulumi_vault/approle/auth_backend_role_secret_id.py +162 -161
- pulumi_vault/approle/get_auth_backend_role_id.py +18 -17
- pulumi_vault/audit.py +85 -84
- pulumi_vault/audit_request_header.py +43 -42
- pulumi_vault/auth_backend.py +106 -105
- pulumi_vault/aws/__init__.py +1 -0
- pulumi_vault/aws/auth_backend_cert.py +71 -70
- pulumi_vault/aws/auth_backend_client.py +253 -252
- pulumi_vault/aws/auth_backend_config_identity.py +85 -84
- pulumi_vault/aws/auth_backend_identity_whitelist.py +57 -56
- pulumi_vault/aws/auth_backend_login.py +209 -208
- pulumi_vault/aws/auth_backend_role.py +400 -399
- pulumi_vault/aws/auth_backend_role_tag.py +127 -126
- pulumi_vault/aws/auth_backend_roletag_blacklist.py +57 -56
- pulumi_vault/aws/auth_backend_sts_role.py +71 -70
- pulumi_vault/aws/get_access_credentials.py +44 -43
- pulumi_vault/aws/get_static_access_credentials.py +13 -12
- pulumi_vault/aws/secret_backend.py +337 -336
- pulumi_vault/aws/secret_backend_role.py +211 -210
- pulumi_vault/aws/secret_backend_static_role.py +113 -112
- pulumi_vault/azure/__init__.py +1 -0
- pulumi_vault/azure/_inputs.py +21 -20
- pulumi_vault/azure/auth_backend_config.py +183 -182
- pulumi_vault/azure/auth_backend_role.py +253 -252
- pulumi_vault/azure/backend.py +239 -238
- pulumi_vault/azure/backend_role.py +141 -140
- pulumi_vault/azure/get_access_credentials.py +58 -57
- pulumi_vault/azure/outputs.py +11 -10
- pulumi_vault/cert_auth_backend_role.py +365 -364
- pulumi_vault/config/__init__.py +1 -0
- pulumi_vault/config/__init__.pyi +1 -0
- pulumi_vault/config/_inputs.py +11 -10
- pulumi_vault/config/outputs.py +287 -286
- pulumi_vault/config/ui_custom_message.py +113 -112
- pulumi_vault/config/vars.py +1 -0
- pulumi_vault/consul/__init__.py +1 -0
- pulumi_vault/consul/secret_backend.py +197 -196
- pulumi_vault/consul/secret_backend_role.py +183 -182
- pulumi_vault/database/__init__.py +1 -0
- pulumi_vault/database/_inputs.py +2525 -2524
- pulumi_vault/database/outputs.py +1529 -1528
- pulumi_vault/database/secret_backend_connection.py +169 -168
- pulumi_vault/database/secret_backend_role.py +169 -168
- pulumi_vault/database/secret_backend_static_role.py +179 -178
- pulumi_vault/database/secrets_mount.py +267 -266
- pulumi_vault/egp_policy.py +71 -70
- pulumi_vault/gcp/__init__.py +1 -0
- pulumi_vault/gcp/_inputs.py +82 -81
- pulumi_vault/gcp/auth_backend.py +260 -259
- pulumi_vault/gcp/auth_backend_role.py +281 -280
- pulumi_vault/gcp/get_auth_backend_role.py +70 -69
- pulumi_vault/gcp/outputs.py +50 -49
- pulumi_vault/gcp/secret_backend.py +232 -231
- pulumi_vault/gcp/secret_impersonated_account.py +92 -91
- pulumi_vault/gcp/secret_roleset.py +92 -91
- pulumi_vault/gcp/secret_static_account.py +92 -91
- pulumi_vault/generic/__init__.py +1 -0
- pulumi_vault/generic/endpoint.py +113 -112
- pulumi_vault/generic/get_secret.py +28 -27
- pulumi_vault/generic/secret.py +78 -77
- pulumi_vault/get_auth_backend.py +19 -18
- pulumi_vault/get_auth_backends.py +14 -13
- pulumi_vault/get_namespace.py +15 -14
- pulumi_vault/get_namespaces.py +8 -7
- pulumi_vault/get_nomad_access_token.py +19 -18
- pulumi_vault/get_policy_document.py +6 -5
- pulumi_vault/get_raft_autopilot_state.py +18 -17
- pulumi_vault/github/__init__.py +1 -0
- pulumi_vault/github/_inputs.py +42 -41
- pulumi_vault/github/auth_backend.py +232 -231
- pulumi_vault/github/outputs.py +26 -25
- pulumi_vault/github/team.py +57 -56
- pulumi_vault/github/user.py +57 -56
- pulumi_vault/identity/__init__.py +1 -0
- pulumi_vault/identity/entity.py +85 -84
- pulumi_vault/identity/entity_alias.py +71 -70
- pulumi_vault/identity/entity_policies.py +64 -63
- pulumi_vault/identity/get_entity.py +43 -42
- pulumi_vault/identity/get_group.py +50 -49
- pulumi_vault/identity/get_oidc_client_creds.py +14 -13
- pulumi_vault/identity/get_oidc_openid_config.py +24 -23
- pulumi_vault/identity/get_oidc_public_keys.py +13 -12
- pulumi_vault/identity/group.py +141 -140
- pulumi_vault/identity/group_alias.py +57 -56
- pulumi_vault/identity/group_member_entity_ids.py +57 -56
- pulumi_vault/identity/group_member_group_ids.py +57 -56
- pulumi_vault/identity/group_policies.py +64 -63
- pulumi_vault/identity/mfa_duo.py +148 -147
- pulumi_vault/identity/mfa_login_enforcement.py +120 -119
- pulumi_vault/identity/mfa_okta.py +134 -133
- pulumi_vault/identity/mfa_pingid.py +127 -126
- pulumi_vault/identity/mfa_totp.py +176 -175
- pulumi_vault/identity/oidc.py +29 -28
- pulumi_vault/identity/oidc_assignment.py +57 -56
- pulumi_vault/identity/oidc_client.py +127 -126
- pulumi_vault/identity/oidc_key.py +85 -84
- pulumi_vault/identity/oidc_key_allowed_client_id.py +43 -42
- pulumi_vault/identity/oidc_provider.py +92 -91
- pulumi_vault/identity/oidc_role.py +85 -84
- pulumi_vault/identity/oidc_scope.py +57 -56
- pulumi_vault/identity/outputs.py +32 -31
- pulumi_vault/jwt/__init__.py +1 -0
- pulumi_vault/jwt/_inputs.py +42 -41
- pulumi_vault/jwt/auth_backend.py +288 -287
- pulumi_vault/jwt/auth_backend_role.py +407 -406
- pulumi_vault/jwt/outputs.py +26 -25
- pulumi_vault/kmip/__init__.py +1 -0
- pulumi_vault/kmip/secret_backend.py +183 -182
- pulumi_vault/kmip/secret_role.py +295 -294
- pulumi_vault/kmip/secret_scope.py +57 -56
- pulumi_vault/kubernetes/__init__.py +1 -0
- pulumi_vault/kubernetes/auth_backend_config.py +141 -140
- pulumi_vault/kubernetes/auth_backend_role.py +225 -224
- pulumi_vault/kubernetes/get_auth_backend_config.py +47 -46
- pulumi_vault/kubernetes/get_auth_backend_role.py +70 -69
- pulumi_vault/kubernetes/get_service_account_token.py +38 -37
- pulumi_vault/kubernetes/secret_backend.py +316 -315
- pulumi_vault/kubernetes/secret_backend_role.py +197 -196
- pulumi_vault/kv/__init__.py +1 -0
- pulumi_vault/kv/_inputs.py +21 -20
- pulumi_vault/kv/get_secret.py +17 -16
- pulumi_vault/kv/get_secret_subkeys_v2.py +30 -29
- pulumi_vault/kv/get_secret_v2.py +29 -28
- pulumi_vault/kv/get_secrets_list.py +13 -12
- pulumi_vault/kv/get_secrets_list_v2.py +19 -18
- pulumi_vault/kv/outputs.py +13 -12
- pulumi_vault/kv/secret.py +50 -49
- pulumi_vault/kv/secret_backend_v2.py +71 -70
- pulumi_vault/kv/secret_v2.py +134 -133
- pulumi_vault/ldap/__init__.py +1 -0
- pulumi_vault/ldap/auth_backend.py +588 -587
- pulumi_vault/ldap/auth_backend_group.py +57 -56
- pulumi_vault/ldap/auth_backend_user.py +71 -70
- pulumi_vault/ldap/get_dynamic_credentials.py +17 -16
- pulumi_vault/ldap/get_static_credentials.py +18 -17
- pulumi_vault/ldap/secret_backend.py +554 -553
- pulumi_vault/ldap/secret_backend_dynamic_role.py +127 -126
- pulumi_vault/ldap/secret_backend_library_set.py +99 -98
- pulumi_vault/ldap/secret_backend_static_role.py +99 -98
- pulumi_vault/managed/__init__.py +1 -0
- pulumi_vault/managed/_inputs.py +229 -228
- pulumi_vault/managed/keys.py +15 -14
- pulumi_vault/managed/outputs.py +139 -138
- pulumi_vault/mfa_duo.py +113 -112
- pulumi_vault/mfa_okta.py +113 -112
- pulumi_vault/mfa_pingid.py +120 -119
- pulumi_vault/mfa_totp.py +127 -126
- pulumi_vault/mongodbatlas/__init__.py +1 -0
- pulumi_vault/mongodbatlas/secret_backend.py +64 -63
- pulumi_vault/mongodbatlas/secret_role.py +155 -154
- pulumi_vault/mount.py +274 -273
- pulumi_vault/namespace.py +64 -63
- pulumi_vault/nomad_secret_backend.py +211 -210
- pulumi_vault/nomad_secret_role.py +85 -84
- pulumi_vault/okta/__init__.py +1 -0
- pulumi_vault/okta/_inputs.py +26 -25
- pulumi_vault/okta/auth_backend.py +274 -273
- pulumi_vault/okta/auth_backend_group.py +57 -56
- pulumi_vault/okta/auth_backend_user.py +71 -70
- pulumi_vault/okta/outputs.py +16 -15
- pulumi_vault/outputs.py +56 -55
- pulumi_vault/password_policy.py +43 -42
- pulumi_vault/pkisecret/__init__.py +1 -0
- pulumi_vault/pkisecret/_inputs.py +31 -30
- pulumi_vault/pkisecret/backend_acme_eab.py +92 -91
- pulumi_vault/pkisecret/backend_config_acme.py +141 -140
- pulumi_vault/pkisecret/backend_config_auto_tidy.py +323 -322
- pulumi_vault/pkisecret/backend_config_cluster.py +57 -56
- pulumi_vault/pkisecret/backend_config_cmpv2.py +106 -105
- pulumi_vault/pkisecret/backend_config_est.py +120 -119
- pulumi_vault/pkisecret/get_backend_cert_metadata.py +22 -21
- pulumi_vault/pkisecret/get_backend_config_cmpv2.py +22 -21
- pulumi_vault/pkisecret/get_backend_config_est.py +19 -18
- pulumi_vault/pkisecret/get_backend_issuer.py +45 -44
- pulumi_vault/pkisecret/get_backend_issuers.py +15 -14
- pulumi_vault/pkisecret/get_backend_key.py +20 -19
- pulumi_vault/pkisecret/get_backend_keys.py +15 -14
- pulumi_vault/pkisecret/outputs.py +28 -27
- pulumi_vault/pkisecret/secret_backend_cert.py +337 -336
- pulumi_vault/pkisecret/secret_backend_config_ca.py +43 -42
- pulumi_vault/pkisecret/secret_backend_config_issuers.py +57 -56
- pulumi_vault/pkisecret/secret_backend_config_urls.py +85 -84
- pulumi_vault/pkisecret/secret_backend_crl_config.py +197 -196
- pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +421 -420
- pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +57 -56
- pulumi_vault/pkisecret/secret_backend_issuer.py +232 -231
- pulumi_vault/pkisecret/secret_backend_key.py +120 -119
- pulumi_vault/pkisecret/secret_backend_role.py +715 -714
- pulumi_vault/pkisecret/secret_backend_root_cert.py +554 -553
- pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +526 -525
- pulumi_vault/pkisecret/secret_backend_sign.py +281 -280
- pulumi_vault/plugin.py +127 -126
- pulumi_vault/plugin_pinned_version.py +43 -42
- pulumi_vault/policy.py +43 -42
- pulumi_vault/provider.py +120 -119
- pulumi_vault/pulumi-plugin.json +1 -1
- pulumi_vault/quota_lease_count.py +85 -84
- pulumi_vault/quota_rate_limit.py +113 -112
- pulumi_vault/rabbitmq/__init__.py +1 -0
- pulumi_vault/rabbitmq/_inputs.py +41 -40
- pulumi_vault/rabbitmq/outputs.py +25 -24
- pulumi_vault/rabbitmq/secret_backend.py +169 -168
- pulumi_vault/rabbitmq/secret_backend_role.py +57 -56
- pulumi_vault/raft_autopilot.py +113 -112
- pulumi_vault/raft_snapshot_agent_config.py +393 -392
- pulumi_vault/rgp_policy.py +57 -56
- pulumi_vault/saml/__init__.py +1 -0
- pulumi_vault/saml/auth_backend.py +155 -154
- pulumi_vault/saml/auth_backend_role.py +239 -238
- pulumi_vault/secrets/__init__.py +1 -0
- pulumi_vault/secrets/_inputs.py +16 -15
- pulumi_vault/secrets/outputs.py +10 -9
- pulumi_vault/secrets/sync_association.py +71 -70
- pulumi_vault/secrets/sync_aws_destination.py +148 -147
- pulumi_vault/secrets/sync_azure_destination.py +148 -147
- pulumi_vault/secrets/sync_config.py +43 -42
- pulumi_vault/secrets/sync_gcp_destination.py +106 -105
- pulumi_vault/secrets/sync_gh_destination.py +134 -133
- pulumi_vault/secrets/sync_github_apps.py +64 -63
- pulumi_vault/secrets/sync_vercel_destination.py +120 -119
- pulumi_vault/ssh/__init__.py +1 -0
- pulumi_vault/ssh/_inputs.py +11 -10
- pulumi_vault/ssh/get_secret_backend_sign.py +52 -51
- pulumi_vault/ssh/outputs.py +7 -6
- pulumi_vault/ssh/secret_backend_ca.py +99 -98
- pulumi_vault/ssh/secret_backend_role.py +365 -364
- pulumi_vault/terraformcloud/__init__.py +1 -0
- pulumi_vault/terraformcloud/secret_backend.py +111 -110
- pulumi_vault/terraformcloud/secret_creds.py +74 -73
- pulumi_vault/terraformcloud/secret_role.py +93 -92
- pulumi_vault/token.py +246 -245
- pulumi_vault/tokenauth/__init__.py +1 -0
- pulumi_vault/tokenauth/auth_backend_role.py +267 -266
- pulumi_vault/transform/__init__.py +1 -0
- pulumi_vault/transform/alphabet.py +57 -56
- pulumi_vault/transform/get_decode.py +47 -46
- pulumi_vault/transform/get_encode.py +47 -46
- pulumi_vault/transform/role.py +57 -56
- pulumi_vault/transform/template.py +113 -112
- pulumi_vault/transform/transformation.py +141 -140
- pulumi_vault/transit/__init__.py +1 -0
- pulumi_vault/transit/get_decrypt.py +18 -17
- pulumi_vault/transit/get_encrypt.py +21 -20
- pulumi_vault/transit/get_sign.py +54 -53
- pulumi_vault/transit/get_verify.py +60 -59
- pulumi_vault/transit/secret_backend_key.py +274 -273
- pulumi_vault/transit/secret_cache_config.py +43 -42
- {pulumi_vault-6.7.0a1743576047.dist-info → pulumi_vault-6.7.0a1744267302.dist-info}/METADATA +1 -1
- pulumi_vault-6.7.0a1744267302.dist-info/RECORD +265 -0
- pulumi_vault-6.7.0a1743576047.dist-info/RECORD +0 -265
- {pulumi_vault-6.7.0a1743576047.dist-info → pulumi_vault-6.7.0a1744267302.dist-info}/WHEEL +0 -0
- {pulumi_vault-6.7.0a1743576047.dist-info → pulumi_vault-6.7.0a1744267302.dist-info}/top_level.txt +0 -0
pulumi_vault/managed/_inputs.py
CHANGED
@@ -2,6 +2,7 @@
|
|
2
2
|
# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
|
3
3
|
# *** Do not edit by hand unless you're certain you know what you are doing! ***
|
4
4
|
|
5
|
+
import builtins
|
5
6
|
import copy
|
6
7
|
import warnings
|
7
8
|
import sys
|
@@ -27,59 +28,59 @@ MYPY = False
|
|
27
28
|
|
28
29
|
if not MYPY:
|
29
30
|
class KeysAwArgsDict(TypedDict):
|
30
|
-
access_key: pulumi.Input[str]
|
31
|
+
access_key: pulumi.Input[builtins.str]
|
31
32
|
"""
|
32
33
|
The AWS access key to use
|
33
34
|
"""
|
34
|
-
key_bits: pulumi.Input[str]
|
35
|
+
key_bits: pulumi.Input[builtins.str]
|
35
36
|
"""
|
36
37
|
The size in bits for an RSA key. This field is required when 'key_type' is 'RSA'
|
37
38
|
"""
|
38
|
-
key_type: pulumi.Input[str]
|
39
|
+
key_type: pulumi.Input[builtins.str]
|
39
40
|
"""
|
40
41
|
The type of key to use
|
41
42
|
"""
|
42
|
-
kms_key: pulumi.Input[str]
|
43
|
+
kms_key: pulumi.Input[builtins.str]
|
43
44
|
"""
|
44
45
|
An identifier for the key
|
45
46
|
"""
|
46
|
-
name: pulumi.Input[str]
|
47
|
+
name: pulumi.Input[builtins.str]
|
47
48
|
"""
|
48
49
|
A unique lowercase name that serves as identifying the key
|
49
50
|
"""
|
50
|
-
secret_key: pulumi.Input[str]
|
51
|
+
secret_key: pulumi.Input[builtins.str]
|
51
52
|
"""
|
52
53
|
The AWS secret key to use
|
53
54
|
"""
|
54
|
-
allow_generate_key: NotRequired[pulumi.Input[bool]]
|
55
|
+
allow_generate_key: NotRequired[pulumi.Input[builtins.bool]]
|
55
56
|
"""
|
56
57
|
If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
|
57
58
|
"""
|
58
|
-
allow_replace_key: NotRequired[pulumi.Input[bool]]
|
59
|
+
allow_replace_key: NotRequired[pulumi.Input[builtins.bool]]
|
59
60
|
"""
|
60
61
|
Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
|
61
62
|
"""
|
62
|
-
allow_store_key: NotRequired[pulumi.Input[bool]]
|
63
|
+
allow_store_key: NotRequired[pulumi.Input[builtins.bool]]
|
63
64
|
"""
|
64
65
|
Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
|
65
66
|
"""
|
66
|
-
any_mount: NotRequired[pulumi.Input[bool]]
|
67
|
+
any_mount: NotRequired[pulumi.Input[builtins.bool]]
|
67
68
|
"""
|
68
69
|
Allow usage from any mount point within the namespace if 'true'
|
69
70
|
"""
|
70
|
-
curve: NotRequired[pulumi.Input[str]]
|
71
|
+
curve: NotRequired[pulumi.Input[builtins.str]]
|
71
72
|
"""
|
72
73
|
The curve to use for an ECDSA key. Used when key_type is 'ECDSA'. Required if 'allow_generate_key' is true
|
73
74
|
"""
|
74
|
-
endpoint: NotRequired[pulumi.Input[str]]
|
75
|
+
endpoint: NotRequired[pulumi.Input[builtins.str]]
|
75
76
|
"""
|
76
77
|
Used to specify a custom AWS endpoint
|
77
78
|
"""
|
78
|
-
region: NotRequired[pulumi.Input[str]]
|
79
|
+
region: NotRequired[pulumi.Input[builtins.str]]
|
79
80
|
"""
|
80
81
|
The AWS region where the keys are stored (or will be stored)
|
81
82
|
"""
|
82
|
-
uuid: NotRequired[pulumi.Input[str]]
|
83
|
+
uuid: NotRequired[pulumi.Input[builtins.str]]
|
83
84
|
"""
|
84
85
|
ID of the managed key read from Vault
|
85
86
|
"""
|
@@ -89,35 +90,35 @@ elif False:
|
|
89
90
|
@pulumi.input_type
|
90
91
|
class KeysAwArgs:
|
91
92
|
def __init__(__self__, *,
|
92
|
-
access_key: pulumi.Input[str],
|
93
|
-
key_bits: pulumi.Input[str],
|
94
|
-
key_type: pulumi.Input[str],
|
95
|
-
kms_key: pulumi.Input[str],
|
96
|
-
name: pulumi.Input[str],
|
97
|
-
secret_key: pulumi.Input[str],
|
98
|
-
allow_generate_key: Optional[pulumi.Input[bool]] = None,
|
99
|
-
allow_replace_key: Optional[pulumi.Input[bool]] = None,
|
100
|
-
allow_store_key: Optional[pulumi.Input[bool]] = None,
|
101
|
-
any_mount: Optional[pulumi.Input[bool]] = None,
|
102
|
-
curve: Optional[pulumi.Input[str]] = None,
|
103
|
-
endpoint: Optional[pulumi.Input[str]] = None,
|
104
|
-
region: Optional[pulumi.Input[str]] = None,
|
105
|
-
uuid: Optional[pulumi.Input[str]] = None):
|
106
|
-
"""
|
107
|
-
:param pulumi.Input[str] access_key: The AWS access key to use
|
108
|
-
:param pulumi.Input[str] key_bits: The size in bits for an RSA key. This field is required when 'key_type' is 'RSA'
|
109
|
-
:param pulumi.Input[str] key_type: The type of key to use
|
110
|
-
:param pulumi.Input[str] kms_key: An identifier for the key
|
111
|
-
:param pulumi.Input[str] name: A unique lowercase name that serves as identifying the key
|
112
|
-
:param pulumi.Input[str] secret_key: The AWS secret key to use
|
113
|
-
:param pulumi.Input[bool] allow_generate_key: If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
|
114
|
-
:param pulumi.Input[bool] allow_replace_key: Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
|
115
|
-
:param pulumi.Input[bool] allow_store_key: Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
|
116
|
-
:param pulumi.Input[bool] any_mount: Allow usage from any mount point within the namespace if 'true'
|
117
|
-
:param pulumi.Input[str] curve: The curve to use for an ECDSA key. Used when key_type is 'ECDSA'. Required if 'allow_generate_key' is true
|
118
|
-
:param pulumi.Input[str] endpoint: Used to specify a custom AWS endpoint
|
119
|
-
:param pulumi.Input[str] region: The AWS region where the keys are stored (or will be stored)
|
120
|
-
:param pulumi.Input[str] uuid: ID of the managed key read from Vault
|
93
|
+
access_key: pulumi.Input[builtins.str],
|
94
|
+
key_bits: pulumi.Input[builtins.str],
|
95
|
+
key_type: pulumi.Input[builtins.str],
|
96
|
+
kms_key: pulumi.Input[builtins.str],
|
97
|
+
name: pulumi.Input[builtins.str],
|
98
|
+
secret_key: pulumi.Input[builtins.str],
|
99
|
+
allow_generate_key: Optional[pulumi.Input[builtins.bool]] = None,
|
100
|
+
allow_replace_key: Optional[pulumi.Input[builtins.bool]] = None,
|
101
|
+
allow_store_key: Optional[pulumi.Input[builtins.bool]] = None,
|
102
|
+
any_mount: Optional[pulumi.Input[builtins.bool]] = None,
|
103
|
+
curve: Optional[pulumi.Input[builtins.str]] = None,
|
104
|
+
endpoint: Optional[pulumi.Input[builtins.str]] = None,
|
105
|
+
region: Optional[pulumi.Input[builtins.str]] = None,
|
106
|
+
uuid: Optional[pulumi.Input[builtins.str]] = None):
|
107
|
+
"""
|
108
|
+
:param pulumi.Input[builtins.str] access_key: The AWS access key to use
|
109
|
+
:param pulumi.Input[builtins.str] key_bits: The size in bits for an RSA key. This field is required when 'key_type' is 'RSA'
|
110
|
+
:param pulumi.Input[builtins.str] key_type: The type of key to use
|
111
|
+
:param pulumi.Input[builtins.str] kms_key: An identifier for the key
|
112
|
+
:param pulumi.Input[builtins.str] name: A unique lowercase name that serves as identifying the key
|
113
|
+
:param pulumi.Input[builtins.str] secret_key: The AWS secret key to use
|
114
|
+
:param pulumi.Input[builtins.bool] allow_generate_key: If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
|
115
|
+
:param pulumi.Input[builtins.bool] allow_replace_key: Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
|
116
|
+
:param pulumi.Input[builtins.bool] allow_store_key: Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
|
117
|
+
:param pulumi.Input[builtins.bool] any_mount: Allow usage from any mount point within the namespace if 'true'
|
118
|
+
:param pulumi.Input[builtins.str] curve: The curve to use for an ECDSA key. Used when key_type is 'ECDSA'. Required if 'allow_generate_key' is true
|
119
|
+
:param pulumi.Input[builtins.str] endpoint: Used to specify a custom AWS endpoint
|
120
|
+
:param pulumi.Input[builtins.str] region: The AWS region where the keys are stored (or will be stored)
|
121
|
+
:param pulumi.Input[builtins.str] uuid: ID of the managed key read from Vault
|
121
122
|
"""
|
122
123
|
pulumi.set(__self__, "access_key", access_key)
|
123
124
|
pulumi.set(__self__, "key_bits", key_bits)
|
@@ -144,232 +145,232 @@ class KeysAwArgs:
|
|
144
145
|
|
145
146
|
@property
|
146
147
|
@pulumi.getter(name="accessKey")
|
147
|
-
def access_key(self) -> pulumi.Input[str]:
|
148
|
+
def access_key(self) -> pulumi.Input[builtins.str]:
|
148
149
|
"""
|
149
150
|
The AWS access key to use
|
150
151
|
"""
|
151
152
|
return pulumi.get(self, "access_key")
|
152
153
|
|
153
154
|
@access_key.setter
|
154
|
-
def access_key(self, value: pulumi.Input[str]):
|
155
|
+
def access_key(self, value: pulumi.Input[builtins.str]):
|
155
156
|
pulumi.set(self, "access_key", value)
|
156
157
|
|
157
158
|
@property
|
158
159
|
@pulumi.getter(name="keyBits")
|
159
|
-
def key_bits(self) -> pulumi.Input[str]:
|
160
|
+
def key_bits(self) -> pulumi.Input[builtins.str]:
|
160
161
|
"""
|
161
162
|
The size in bits for an RSA key. This field is required when 'key_type' is 'RSA'
|
162
163
|
"""
|
163
164
|
return pulumi.get(self, "key_bits")
|
164
165
|
|
165
166
|
@key_bits.setter
|
166
|
-
def key_bits(self, value: pulumi.Input[str]):
|
167
|
+
def key_bits(self, value: pulumi.Input[builtins.str]):
|
167
168
|
pulumi.set(self, "key_bits", value)
|
168
169
|
|
169
170
|
@property
|
170
171
|
@pulumi.getter(name="keyType")
|
171
|
-
def key_type(self) -> pulumi.Input[str]:
|
172
|
+
def key_type(self) -> pulumi.Input[builtins.str]:
|
172
173
|
"""
|
173
174
|
The type of key to use
|
174
175
|
"""
|
175
176
|
return pulumi.get(self, "key_type")
|
176
177
|
|
177
178
|
@key_type.setter
|
178
|
-
def key_type(self, value: pulumi.Input[str]):
|
179
|
+
def key_type(self, value: pulumi.Input[builtins.str]):
|
179
180
|
pulumi.set(self, "key_type", value)
|
180
181
|
|
181
182
|
@property
|
182
183
|
@pulumi.getter(name="kmsKey")
|
183
|
-
def kms_key(self) -> pulumi.Input[str]:
|
184
|
+
def kms_key(self) -> pulumi.Input[builtins.str]:
|
184
185
|
"""
|
185
186
|
An identifier for the key
|
186
187
|
"""
|
187
188
|
return pulumi.get(self, "kms_key")
|
188
189
|
|
189
190
|
@kms_key.setter
|
190
|
-
def kms_key(self, value: pulumi.Input[str]):
|
191
|
+
def kms_key(self, value: pulumi.Input[builtins.str]):
|
191
192
|
pulumi.set(self, "kms_key", value)
|
192
193
|
|
193
194
|
@property
|
194
195
|
@pulumi.getter
|
195
|
-
def name(self) -> pulumi.Input[str]:
|
196
|
+
def name(self) -> pulumi.Input[builtins.str]:
|
196
197
|
"""
|
197
198
|
A unique lowercase name that serves as identifying the key
|
198
199
|
"""
|
199
200
|
return pulumi.get(self, "name")
|
200
201
|
|
201
202
|
@name.setter
|
202
|
-
def name(self, value: pulumi.Input[str]):
|
203
|
+
def name(self, value: pulumi.Input[builtins.str]):
|
203
204
|
pulumi.set(self, "name", value)
|
204
205
|
|
205
206
|
@property
|
206
207
|
@pulumi.getter(name="secretKey")
|
207
|
-
def secret_key(self) -> pulumi.Input[str]:
|
208
|
+
def secret_key(self) -> pulumi.Input[builtins.str]:
|
208
209
|
"""
|
209
210
|
The AWS secret key to use
|
210
211
|
"""
|
211
212
|
return pulumi.get(self, "secret_key")
|
212
213
|
|
213
214
|
@secret_key.setter
|
214
|
-
def secret_key(self, value: pulumi.Input[str]):
|
215
|
+
def secret_key(self, value: pulumi.Input[builtins.str]):
|
215
216
|
pulumi.set(self, "secret_key", value)
|
216
217
|
|
217
218
|
@property
|
218
219
|
@pulumi.getter(name="allowGenerateKey")
|
219
|
-
def allow_generate_key(self) -> Optional[pulumi.Input[bool]]:
|
220
|
+
def allow_generate_key(self) -> Optional[pulumi.Input[builtins.bool]]:
|
220
221
|
"""
|
221
222
|
If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
|
222
223
|
"""
|
223
224
|
return pulumi.get(self, "allow_generate_key")
|
224
225
|
|
225
226
|
@allow_generate_key.setter
|
226
|
-
def allow_generate_key(self, value: Optional[pulumi.Input[bool]]):
|
227
|
+
def allow_generate_key(self, value: Optional[pulumi.Input[builtins.bool]]):
|
227
228
|
pulumi.set(self, "allow_generate_key", value)
|
228
229
|
|
229
230
|
@property
|
230
231
|
@pulumi.getter(name="allowReplaceKey")
|
231
|
-
def allow_replace_key(self) -> Optional[pulumi.Input[bool]]:
|
232
|
+
def allow_replace_key(self) -> Optional[pulumi.Input[builtins.bool]]:
|
232
233
|
"""
|
233
234
|
Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
|
234
235
|
"""
|
235
236
|
return pulumi.get(self, "allow_replace_key")
|
236
237
|
|
237
238
|
@allow_replace_key.setter
|
238
|
-
def allow_replace_key(self, value: Optional[pulumi.Input[bool]]):
|
239
|
+
def allow_replace_key(self, value: Optional[pulumi.Input[builtins.bool]]):
|
239
240
|
pulumi.set(self, "allow_replace_key", value)
|
240
241
|
|
241
242
|
@property
|
242
243
|
@pulumi.getter(name="allowStoreKey")
|
243
|
-
def allow_store_key(self) -> Optional[pulumi.Input[bool]]:
|
244
|
+
def allow_store_key(self) -> Optional[pulumi.Input[builtins.bool]]:
|
244
245
|
"""
|
245
246
|
Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
|
246
247
|
"""
|
247
248
|
return pulumi.get(self, "allow_store_key")
|
248
249
|
|
249
250
|
@allow_store_key.setter
|
250
|
-
def allow_store_key(self, value: Optional[pulumi.Input[bool]]):
|
251
|
+
def allow_store_key(self, value: Optional[pulumi.Input[builtins.bool]]):
|
251
252
|
pulumi.set(self, "allow_store_key", value)
|
252
253
|
|
253
254
|
@property
|
254
255
|
@pulumi.getter(name="anyMount")
|
255
|
-
def any_mount(self) -> Optional[pulumi.Input[bool]]:
|
256
|
+
def any_mount(self) -> Optional[pulumi.Input[builtins.bool]]:
|
256
257
|
"""
|
257
258
|
Allow usage from any mount point within the namespace if 'true'
|
258
259
|
"""
|
259
260
|
return pulumi.get(self, "any_mount")
|
260
261
|
|
261
262
|
@any_mount.setter
|
262
|
-
def any_mount(self, value: Optional[pulumi.Input[bool]]):
|
263
|
+
def any_mount(self, value: Optional[pulumi.Input[builtins.bool]]):
|
263
264
|
pulumi.set(self, "any_mount", value)
|
264
265
|
|
265
266
|
@property
|
266
267
|
@pulumi.getter
|
267
|
-
def curve(self) -> Optional[pulumi.Input[str]]:
|
268
|
+
def curve(self) -> Optional[pulumi.Input[builtins.str]]:
|
268
269
|
"""
|
269
270
|
The curve to use for an ECDSA key. Used when key_type is 'ECDSA'. Required if 'allow_generate_key' is true
|
270
271
|
"""
|
271
272
|
return pulumi.get(self, "curve")
|
272
273
|
|
273
274
|
@curve.setter
|
274
|
-
def curve(self, value: Optional[pulumi.Input[str]]):
|
275
|
+
def curve(self, value: Optional[pulumi.Input[builtins.str]]):
|
275
276
|
pulumi.set(self, "curve", value)
|
276
277
|
|
277
278
|
@property
|
278
279
|
@pulumi.getter
|
279
|
-
def endpoint(self) -> Optional[pulumi.Input[str]]:
|
280
|
+
def endpoint(self) -> Optional[pulumi.Input[builtins.str]]:
|
280
281
|
"""
|
281
282
|
Used to specify a custom AWS endpoint
|
282
283
|
"""
|
283
284
|
return pulumi.get(self, "endpoint")
|
284
285
|
|
285
286
|
@endpoint.setter
|
286
|
-
def endpoint(self, value: Optional[pulumi.Input[str]]):
|
287
|
+
def endpoint(self, value: Optional[pulumi.Input[builtins.str]]):
|
287
288
|
pulumi.set(self, "endpoint", value)
|
288
289
|
|
289
290
|
@property
|
290
291
|
@pulumi.getter
|
291
|
-
def region(self) -> Optional[pulumi.Input[str]]:
|
292
|
+
def region(self) -> Optional[pulumi.Input[builtins.str]]:
|
292
293
|
"""
|
293
294
|
The AWS region where the keys are stored (or will be stored)
|
294
295
|
"""
|
295
296
|
return pulumi.get(self, "region")
|
296
297
|
|
297
298
|
@region.setter
|
298
|
-
def region(self, value: Optional[pulumi.Input[str]]):
|
299
|
+
def region(self, value: Optional[pulumi.Input[builtins.str]]):
|
299
300
|
pulumi.set(self, "region", value)
|
300
301
|
|
301
302
|
@property
|
302
303
|
@pulumi.getter
|
303
|
-
def uuid(self) -> Optional[pulumi.Input[str]]:
|
304
|
+
def uuid(self) -> Optional[pulumi.Input[builtins.str]]:
|
304
305
|
"""
|
305
306
|
ID of the managed key read from Vault
|
306
307
|
"""
|
307
308
|
return pulumi.get(self, "uuid")
|
308
309
|
|
309
310
|
@uuid.setter
|
310
|
-
def uuid(self, value: Optional[pulumi.Input[str]]):
|
311
|
+
def uuid(self, value: Optional[pulumi.Input[builtins.str]]):
|
311
312
|
pulumi.set(self, "uuid", value)
|
312
313
|
|
313
314
|
|
314
315
|
if not MYPY:
|
315
316
|
class KeysAzureArgsDict(TypedDict):
|
316
|
-
client_id: pulumi.Input[str]
|
317
|
+
client_id: pulumi.Input[builtins.str]
|
317
318
|
"""
|
318
319
|
The client id for credentials to query the Azure APIs
|
319
320
|
"""
|
320
|
-
client_secret: pulumi.Input[str]
|
321
|
+
client_secret: pulumi.Input[builtins.str]
|
321
322
|
"""
|
322
323
|
The client secret for credentials to query the Azure APIs
|
323
324
|
"""
|
324
|
-
key_name: pulumi.Input[str]
|
325
|
+
key_name: pulumi.Input[builtins.str]
|
325
326
|
"""
|
326
327
|
The Key Vault key to use for encryption and decryption
|
327
328
|
"""
|
328
|
-
key_type: pulumi.Input[str]
|
329
|
+
key_type: pulumi.Input[builtins.str]
|
329
330
|
"""
|
330
331
|
The type of key to use
|
331
332
|
"""
|
332
|
-
name: pulumi.Input[str]
|
333
|
+
name: pulumi.Input[builtins.str]
|
333
334
|
"""
|
334
335
|
A unique lowercase name that serves as identifying the key
|
335
336
|
"""
|
336
|
-
tenant_id: pulumi.Input[str]
|
337
|
+
tenant_id: pulumi.Input[builtins.str]
|
337
338
|
"""
|
338
339
|
The tenant id for the Azure Active Directory organization
|
339
340
|
"""
|
340
|
-
vault_name: pulumi.Input[str]
|
341
|
+
vault_name: pulumi.Input[builtins.str]
|
341
342
|
"""
|
342
343
|
The Key Vault vault to use the encryption keys for encryption and decryption
|
343
344
|
"""
|
344
|
-
allow_generate_key: NotRequired[pulumi.Input[bool]]
|
345
|
+
allow_generate_key: NotRequired[pulumi.Input[builtins.bool]]
|
345
346
|
"""
|
346
347
|
If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
|
347
348
|
"""
|
348
|
-
allow_replace_key: NotRequired[pulumi.Input[bool]]
|
349
|
+
allow_replace_key: NotRequired[pulumi.Input[builtins.bool]]
|
349
350
|
"""
|
350
351
|
Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
|
351
352
|
"""
|
352
|
-
allow_store_key: NotRequired[pulumi.Input[bool]]
|
353
|
+
allow_store_key: NotRequired[pulumi.Input[builtins.bool]]
|
353
354
|
"""
|
354
355
|
Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
|
355
356
|
"""
|
356
|
-
any_mount: NotRequired[pulumi.Input[bool]]
|
357
|
+
any_mount: NotRequired[pulumi.Input[builtins.bool]]
|
357
358
|
"""
|
358
359
|
Allow usage from any mount point within the namespace if 'true'
|
359
360
|
"""
|
360
|
-
environment: NotRequired[pulumi.Input[str]]
|
361
|
+
environment: NotRequired[pulumi.Input[builtins.str]]
|
361
362
|
"""
|
362
363
|
The Azure Cloud environment API endpoints to use
|
363
364
|
"""
|
364
|
-
key_bits: NotRequired[pulumi.Input[str]]
|
365
|
+
key_bits: NotRequired[pulumi.Input[builtins.str]]
|
365
366
|
"""
|
366
367
|
The size in bits for an RSA key. This field is required when 'key_type' is 'RSA' or when 'allow_generate_key' is true
|
367
368
|
"""
|
368
|
-
resource: NotRequired[pulumi.Input[str]]
|
369
|
+
resource: NotRequired[pulumi.Input[builtins.str]]
|
369
370
|
"""
|
370
371
|
The Azure Key Vault resource's DNS Suffix to connect to
|
371
372
|
"""
|
372
|
-
uuid: NotRequired[pulumi.Input[str]]
|
373
|
+
uuid: NotRequired[pulumi.Input[builtins.str]]
|
373
374
|
"""
|
374
375
|
ID of the managed key read from Vault
|
375
376
|
"""
|
@@ -379,37 +380,37 @@ elif False:
|
|
379
380
|
@pulumi.input_type
|
380
381
|
class KeysAzureArgs:
|
381
382
|
def __init__(__self__, *,
|
382
|
-
client_id: pulumi.Input[str],
|
383
|
-
client_secret: pulumi.Input[str],
|
384
|
-
key_name: pulumi.Input[str],
|
385
|
-
key_type: pulumi.Input[str],
|
386
|
-
name: pulumi.Input[str],
|
387
|
-
tenant_id: pulumi.Input[str],
|
388
|
-
vault_name: pulumi.Input[str],
|
389
|
-
allow_generate_key: Optional[pulumi.Input[bool]] = None,
|
390
|
-
allow_replace_key: Optional[pulumi.Input[bool]] = None,
|
391
|
-
allow_store_key: Optional[pulumi.Input[bool]] = None,
|
392
|
-
any_mount: Optional[pulumi.Input[bool]] = None,
|
393
|
-
environment: Optional[pulumi.Input[str]] = None,
|
394
|
-
key_bits: Optional[pulumi.Input[str]] = None,
|
395
|
-
resource: Optional[pulumi.Input[str]] = None,
|
396
|
-
uuid: Optional[pulumi.Input[str]] = None):
|
397
|
-
"""
|
398
|
-
:param pulumi.Input[str] client_id: The client id for credentials to query the Azure APIs
|
399
|
-
:param pulumi.Input[str] client_secret: The client secret for credentials to query the Azure APIs
|
400
|
-
:param pulumi.Input[str] key_name: The Key Vault key to use for encryption and decryption
|
401
|
-
:param pulumi.Input[str] key_type: The type of key to use
|
402
|
-
:param pulumi.Input[str] name: A unique lowercase name that serves as identifying the key
|
403
|
-
:param pulumi.Input[str] tenant_id: The tenant id for the Azure Active Directory organization
|
404
|
-
:param pulumi.Input[str] vault_name: The Key Vault vault to use the encryption keys for encryption and decryption
|
405
|
-
:param pulumi.Input[bool] allow_generate_key: If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
|
406
|
-
:param pulumi.Input[bool] allow_replace_key: Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
|
407
|
-
:param pulumi.Input[bool] allow_store_key: Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
|
408
|
-
:param pulumi.Input[bool] any_mount: Allow usage from any mount point within the namespace if 'true'
|
409
|
-
:param pulumi.Input[str] environment: The Azure Cloud environment API endpoints to use
|
410
|
-
:param pulumi.Input[str] key_bits: The size in bits for an RSA key. This field is required when 'key_type' is 'RSA' or when 'allow_generate_key' is true
|
411
|
-
:param pulumi.Input[str] resource: The Azure Key Vault resource's DNS Suffix to connect to
|
412
|
-
:param pulumi.Input[str] uuid: ID of the managed key read from Vault
|
383
|
+
client_id: pulumi.Input[builtins.str],
|
384
|
+
client_secret: pulumi.Input[builtins.str],
|
385
|
+
key_name: pulumi.Input[builtins.str],
|
386
|
+
key_type: pulumi.Input[builtins.str],
|
387
|
+
name: pulumi.Input[builtins.str],
|
388
|
+
tenant_id: pulumi.Input[builtins.str],
|
389
|
+
vault_name: pulumi.Input[builtins.str],
|
390
|
+
allow_generate_key: Optional[pulumi.Input[builtins.bool]] = None,
|
391
|
+
allow_replace_key: Optional[pulumi.Input[builtins.bool]] = None,
|
392
|
+
allow_store_key: Optional[pulumi.Input[builtins.bool]] = None,
|
393
|
+
any_mount: Optional[pulumi.Input[builtins.bool]] = None,
|
394
|
+
environment: Optional[pulumi.Input[builtins.str]] = None,
|
395
|
+
key_bits: Optional[pulumi.Input[builtins.str]] = None,
|
396
|
+
resource: Optional[pulumi.Input[builtins.str]] = None,
|
397
|
+
uuid: Optional[pulumi.Input[builtins.str]] = None):
|
398
|
+
"""
|
399
|
+
:param pulumi.Input[builtins.str] client_id: The client id for credentials to query the Azure APIs
|
400
|
+
:param pulumi.Input[builtins.str] client_secret: The client secret for credentials to query the Azure APIs
|
401
|
+
:param pulumi.Input[builtins.str] key_name: The Key Vault key to use for encryption and decryption
|
402
|
+
:param pulumi.Input[builtins.str] key_type: The type of key to use
|
403
|
+
:param pulumi.Input[builtins.str] name: A unique lowercase name that serves as identifying the key
|
404
|
+
:param pulumi.Input[builtins.str] tenant_id: The tenant id for the Azure Active Directory organization
|
405
|
+
:param pulumi.Input[builtins.str] vault_name: The Key Vault vault to use the encryption keys for encryption and decryption
|
406
|
+
:param pulumi.Input[builtins.bool] allow_generate_key: If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
|
407
|
+
:param pulumi.Input[builtins.bool] allow_replace_key: Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
|
408
|
+
:param pulumi.Input[builtins.bool] allow_store_key: Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
|
409
|
+
:param pulumi.Input[builtins.bool] any_mount: Allow usage from any mount point within the namespace if 'true'
|
410
|
+
:param pulumi.Input[builtins.str] environment: The Azure Cloud environment API endpoints to use
|
411
|
+
:param pulumi.Input[builtins.str] key_bits: The size in bits for an RSA key. This field is required when 'key_type' is 'RSA' or when 'allow_generate_key' is true
|
412
|
+
:param pulumi.Input[builtins.str] resource: The Azure Key Vault resource's DNS Suffix to connect to
|
413
|
+
:param pulumi.Input[builtins.str] uuid: ID of the managed key read from Vault
|
413
414
|
"""
|
414
415
|
pulumi.set(__self__, "client_id", client_id)
|
415
416
|
pulumi.set(__self__, "client_secret", client_secret)
|
@@ -437,248 +438,248 @@ class KeysAzureArgs:
|
|
437
438
|
|
438
439
|
@property
|
439
440
|
@pulumi.getter(name="clientId")
|
440
|
-
def client_id(self) -> pulumi.Input[str]:
|
441
|
+
def client_id(self) -> pulumi.Input[builtins.str]:
|
441
442
|
"""
|
442
443
|
The client id for credentials to query the Azure APIs
|
443
444
|
"""
|
444
445
|
return pulumi.get(self, "client_id")
|
445
446
|
|
446
447
|
@client_id.setter
|
447
|
-
def client_id(self, value: pulumi.Input[str]):
|
448
|
+
def client_id(self, value: pulumi.Input[builtins.str]):
|
448
449
|
pulumi.set(self, "client_id", value)
|
449
450
|
|
450
451
|
@property
|
451
452
|
@pulumi.getter(name="clientSecret")
|
452
|
-
def client_secret(self) -> pulumi.Input[str]:
|
453
|
+
def client_secret(self) -> pulumi.Input[builtins.str]:
|
453
454
|
"""
|
454
455
|
The client secret for credentials to query the Azure APIs
|
455
456
|
"""
|
456
457
|
return pulumi.get(self, "client_secret")
|
457
458
|
|
458
459
|
@client_secret.setter
|
459
|
-
def client_secret(self, value: pulumi.Input[str]):
|
460
|
+
def client_secret(self, value: pulumi.Input[builtins.str]):
|
460
461
|
pulumi.set(self, "client_secret", value)
|
461
462
|
|
462
463
|
@property
|
463
464
|
@pulumi.getter(name="keyName")
|
464
|
-
def key_name(self) -> pulumi.Input[str]:
|
465
|
+
def key_name(self) -> pulumi.Input[builtins.str]:
|
465
466
|
"""
|
466
467
|
The Key Vault key to use for encryption and decryption
|
467
468
|
"""
|
468
469
|
return pulumi.get(self, "key_name")
|
469
470
|
|
470
471
|
@key_name.setter
|
471
|
-
def key_name(self, value: pulumi.Input[str]):
|
472
|
+
def key_name(self, value: pulumi.Input[builtins.str]):
|
472
473
|
pulumi.set(self, "key_name", value)
|
473
474
|
|
474
475
|
@property
|
475
476
|
@pulumi.getter(name="keyType")
|
476
|
-
def key_type(self) -> pulumi.Input[str]:
|
477
|
+
def key_type(self) -> pulumi.Input[builtins.str]:
|
477
478
|
"""
|
478
479
|
The type of key to use
|
479
480
|
"""
|
480
481
|
return pulumi.get(self, "key_type")
|
481
482
|
|
482
483
|
@key_type.setter
|
483
|
-
def key_type(self, value: pulumi.Input[str]):
|
484
|
+
def key_type(self, value: pulumi.Input[builtins.str]):
|
484
485
|
pulumi.set(self, "key_type", value)
|
485
486
|
|
486
487
|
@property
|
487
488
|
@pulumi.getter
|
488
|
-
def name(self) -> pulumi.Input[str]:
|
489
|
+
def name(self) -> pulumi.Input[builtins.str]:
|
489
490
|
"""
|
490
491
|
A unique lowercase name that serves as identifying the key
|
491
492
|
"""
|
492
493
|
return pulumi.get(self, "name")
|
493
494
|
|
494
495
|
@name.setter
|
495
|
-
def name(self, value: pulumi.Input[str]):
|
496
|
+
def name(self, value: pulumi.Input[builtins.str]):
|
496
497
|
pulumi.set(self, "name", value)
|
497
498
|
|
498
499
|
@property
|
499
500
|
@pulumi.getter(name="tenantId")
|
500
|
-
def tenant_id(self) -> pulumi.Input[str]:
|
501
|
+
def tenant_id(self) -> pulumi.Input[builtins.str]:
|
501
502
|
"""
|
502
503
|
The tenant id for the Azure Active Directory organization
|
503
504
|
"""
|
504
505
|
return pulumi.get(self, "tenant_id")
|
505
506
|
|
506
507
|
@tenant_id.setter
|
507
|
-
def tenant_id(self, value: pulumi.Input[str]):
|
508
|
+
def tenant_id(self, value: pulumi.Input[builtins.str]):
|
508
509
|
pulumi.set(self, "tenant_id", value)
|
509
510
|
|
510
511
|
@property
|
511
512
|
@pulumi.getter(name="vaultName")
|
512
|
-
def vault_name(self) -> pulumi.Input[str]:
|
513
|
+
def vault_name(self) -> pulumi.Input[builtins.str]:
|
513
514
|
"""
|
514
515
|
The Key Vault vault to use the encryption keys for encryption and decryption
|
515
516
|
"""
|
516
517
|
return pulumi.get(self, "vault_name")
|
517
518
|
|
518
519
|
@vault_name.setter
|
519
|
-
def vault_name(self, value: pulumi.Input[str]):
|
520
|
+
def vault_name(self, value: pulumi.Input[builtins.str]):
|
520
521
|
pulumi.set(self, "vault_name", value)
|
521
522
|
|
522
523
|
@property
|
523
524
|
@pulumi.getter(name="allowGenerateKey")
|
524
|
-
def allow_generate_key(self) -> Optional[pulumi.Input[bool]]:
|
525
|
+
def allow_generate_key(self) -> Optional[pulumi.Input[builtins.bool]]:
|
525
526
|
"""
|
526
527
|
If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
|
527
528
|
"""
|
528
529
|
return pulumi.get(self, "allow_generate_key")
|
529
530
|
|
530
531
|
@allow_generate_key.setter
|
531
|
-
def allow_generate_key(self, value: Optional[pulumi.Input[bool]]):
|
532
|
+
def allow_generate_key(self, value: Optional[pulumi.Input[builtins.bool]]):
|
532
533
|
pulumi.set(self, "allow_generate_key", value)
|
533
534
|
|
534
535
|
@property
|
535
536
|
@pulumi.getter(name="allowReplaceKey")
|
536
|
-
def allow_replace_key(self) -> Optional[pulumi.Input[bool]]:
|
537
|
+
def allow_replace_key(self) -> Optional[pulumi.Input[builtins.bool]]:
|
537
538
|
"""
|
538
539
|
Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
|
539
540
|
"""
|
540
541
|
return pulumi.get(self, "allow_replace_key")
|
541
542
|
|
542
543
|
@allow_replace_key.setter
|
543
|
-
def allow_replace_key(self, value: Optional[pulumi.Input[bool]]):
|
544
|
+
def allow_replace_key(self, value: Optional[pulumi.Input[builtins.bool]]):
|
544
545
|
pulumi.set(self, "allow_replace_key", value)
|
545
546
|
|
546
547
|
@property
|
547
548
|
@pulumi.getter(name="allowStoreKey")
|
548
|
-
def allow_store_key(self) -> Optional[pulumi.Input[bool]]:
|
549
|
+
def allow_store_key(self) -> Optional[pulumi.Input[builtins.bool]]:
|
549
550
|
"""
|
550
551
|
Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
|
551
552
|
"""
|
552
553
|
return pulumi.get(self, "allow_store_key")
|
553
554
|
|
554
555
|
@allow_store_key.setter
|
555
|
-
def allow_store_key(self, value: Optional[pulumi.Input[bool]]):
|
556
|
+
def allow_store_key(self, value: Optional[pulumi.Input[builtins.bool]]):
|
556
557
|
pulumi.set(self, "allow_store_key", value)
|
557
558
|
|
558
559
|
@property
|
559
560
|
@pulumi.getter(name="anyMount")
|
560
|
-
def any_mount(self) -> Optional[pulumi.Input[bool]]:
|
561
|
+
def any_mount(self) -> Optional[pulumi.Input[builtins.bool]]:
|
561
562
|
"""
|
562
563
|
Allow usage from any mount point within the namespace if 'true'
|
563
564
|
"""
|
564
565
|
return pulumi.get(self, "any_mount")
|
565
566
|
|
566
567
|
@any_mount.setter
|
567
|
-
def any_mount(self, value: Optional[pulumi.Input[bool]]):
|
568
|
+
def any_mount(self, value: Optional[pulumi.Input[builtins.bool]]):
|
568
569
|
pulumi.set(self, "any_mount", value)
|
569
570
|
|
570
571
|
@property
|
571
572
|
@pulumi.getter
|
572
|
-
def environment(self) -> Optional[pulumi.Input[str]]:
|
573
|
+
def environment(self) -> Optional[pulumi.Input[builtins.str]]:
|
573
574
|
"""
|
574
575
|
The Azure Cloud environment API endpoints to use
|
575
576
|
"""
|
576
577
|
return pulumi.get(self, "environment")
|
577
578
|
|
578
579
|
@environment.setter
|
579
|
-
def environment(self, value: Optional[pulumi.Input[str]]):
|
580
|
+
def environment(self, value: Optional[pulumi.Input[builtins.str]]):
|
580
581
|
pulumi.set(self, "environment", value)
|
581
582
|
|
582
583
|
@property
|
583
584
|
@pulumi.getter(name="keyBits")
|
584
|
-
def key_bits(self) -> Optional[pulumi.Input[str]]:
|
585
|
+
def key_bits(self) -> Optional[pulumi.Input[builtins.str]]:
|
585
586
|
"""
|
586
587
|
The size in bits for an RSA key. This field is required when 'key_type' is 'RSA' or when 'allow_generate_key' is true
|
587
588
|
"""
|
588
589
|
return pulumi.get(self, "key_bits")
|
589
590
|
|
590
591
|
@key_bits.setter
|
591
|
-
def key_bits(self, value: Optional[pulumi.Input[str]]):
|
592
|
+
def key_bits(self, value: Optional[pulumi.Input[builtins.str]]):
|
592
593
|
pulumi.set(self, "key_bits", value)
|
593
594
|
|
594
595
|
@property
|
595
596
|
@pulumi.getter
|
596
|
-
def resource(self) -> Optional[pulumi.Input[str]]:
|
597
|
+
def resource(self) -> Optional[pulumi.Input[builtins.str]]:
|
597
598
|
"""
|
598
599
|
The Azure Key Vault resource's DNS Suffix to connect to
|
599
600
|
"""
|
600
601
|
return pulumi.get(self, "resource")
|
601
602
|
|
602
603
|
@resource.setter
|
603
|
-
def resource(self, value: Optional[pulumi.Input[str]]):
|
604
|
+
def resource(self, value: Optional[pulumi.Input[builtins.str]]):
|
604
605
|
pulumi.set(self, "resource", value)
|
605
606
|
|
606
607
|
@property
|
607
608
|
@pulumi.getter
|
608
|
-
def uuid(self) -> Optional[pulumi.Input[str]]:
|
609
|
+
def uuid(self) -> Optional[pulumi.Input[builtins.str]]:
|
609
610
|
"""
|
610
611
|
ID of the managed key read from Vault
|
611
612
|
"""
|
612
613
|
return pulumi.get(self, "uuid")
|
613
614
|
|
614
615
|
@uuid.setter
|
615
|
-
def uuid(self, value: Optional[pulumi.Input[str]]):
|
616
|
+
def uuid(self, value: Optional[pulumi.Input[builtins.str]]):
|
616
617
|
pulumi.set(self, "uuid", value)
|
617
618
|
|
618
619
|
|
619
620
|
if not MYPY:
|
620
621
|
class KeysPkcArgsDict(TypedDict):
|
621
|
-
key_id: pulumi.Input[str]
|
622
|
+
key_id: pulumi.Input[builtins.str]
|
622
623
|
"""
|
623
624
|
The id of a PKCS#11 key to use
|
624
625
|
"""
|
625
|
-
key_label: pulumi.Input[str]
|
626
|
+
key_label: pulumi.Input[builtins.str]
|
626
627
|
"""
|
627
628
|
The label of the key to use
|
628
629
|
"""
|
629
|
-
library: pulumi.Input[str]
|
630
|
+
library: pulumi.Input[builtins.str]
|
630
631
|
"""
|
631
632
|
The name of the kms_library stanza to use from Vault's config to lookup the local library path
|
632
633
|
"""
|
633
|
-
mechanism: pulumi.Input[str]
|
634
|
+
mechanism: pulumi.Input[builtins.str]
|
634
635
|
"""
|
635
636
|
The encryption/decryption mechanism to use, specified as a hexadecimal (prefixed by 0x) string.
|
636
637
|
"""
|
637
|
-
name: pulumi.Input[str]
|
638
|
+
name: pulumi.Input[builtins.str]
|
638
639
|
"""
|
639
640
|
A unique lowercase name that serves as identifying the key
|
640
641
|
"""
|
641
|
-
pin: pulumi.Input[str]
|
642
|
+
pin: pulumi.Input[builtins.str]
|
642
643
|
"""
|
643
644
|
The PIN for login
|
644
645
|
"""
|
645
|
-
allow_generate_key: NotRequired[pulumi.Input[bool]]
|
646
|
+
allow_generate_key: NotRequired[pulumi.Input[builtins.bool]]
|
646
647
|
"""
|
647
648
|
If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
|
648
649
|
"""
|
649
|
-
allow_replace_key: NotRequired[pulumi.Input[bool]]
|
650
|
+
allow_replace_key: NotRequired[pulumi.Input[builtins.bool]]
|
650
651
|
"""
|
651
652
|
Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
|
652
653
|
"""
|
653
|
-
allow_store_key: NotRequired[pulumi.Input[bool]]
|
654
|
+
allow_store_key: NotRequired[pulumi.Input[builtins.bool]]
|
654
655
|
"""
|
655
656
|
Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
|
656
657
|
"""
|
657
|
-
any_mount: NotRequired[pulumi.Input[bool]]
|
658
|
+
any_mount: NotRequired[pulumi.Input[builtins.bool]]
|
658
659
|
"""
|
659
660
|
Allow usage from any mount point within the namespace if 'true'
|
660
661
|
"""
|
661
|
-
curve: NotRequired[pulumi.Input[str]]
|
662
|
+
curve: NotRequired[pulumi.Input[builtins.str]]
|
662
663
|
"""
|
663
664
|
Supplies the curve value when using the 'CKM_ECDSA' mechanism. Required if 'allow_generate_key' is true
|
664
665
|
"""
|
665
|
-
force_rw_session: NotRequired[pulumi.Input[str]]
|
666
|
+
force_rw_session: NotRequired[pulumi.Input[builtins.str]]
|
666
667
|
"""
|
667
668
|
Force all operations to open up a read-write session to the HSM
|
668
669
|
"""
|
669
|
-
key_bits: NotRequired[pulumi.Input[str]]
|
670
|
+
key_bits: NotRequired[pulumi.Input[builtins.str]]
|
670
671
|
"""
|
671
672
|
Supplies the size in bits of the key when using 'CKM_RSA_PKCS_PSS', 'CKM_RSA_PKCS_OAEP' or 'CKM_RSA_PKCS' as a value for 'mechanism'. Required if 'allow_generate_key' is true
|
672
673
|
"""
|
673
|
-
slot: NotRequired[pulumi.Input[str]]
|
674
|
+
slot: NotRequired[pulumi.Input[builtins.str]]
|
674
675
|
"""
|
675
676
|
The slot number to use, specified as a string in a decimal format (e.g. '2305843009213693953')
|
676
677
|
"""
|
677
|
-
token_label: NotRequired[pulumi.Input[str]]
|
678
|
+
token_label: NotRequired[pulumi.Input[builtins.str]]
|
678
679
|
"""
|
679
680
|
The slot token label to use
|
680
681
|
"""
|
681
|
-
uuid: NotRequired[pulumi.Input[str]]
|
682
|
+
uuid: NotRequired[pulumi.Input[builtins.str]]
|
682
683
|
"""
|
683
684
|
ID of the managed key read from Vault
|
684
685
|
"""
|
@@ -688,39 +689,39 @@ elif False:
|
|
688
689
|
@pulumi.input_type
|
689
690
|
class KeysPkcArgs:
|
690
691
|
def __init__(__self__, *,
|
691
|
-
key_id: pulumi.Input[str],
|
692
|
-
key_label: pulumi.Input[str],
|
693
|
-
library: pulumi.Input[str],
|
694
|
-
mechanism: pulumi.Input[str],
|
695
|
-
name: pulumi.Input[str],
|
696
|
-
pin: pulumi.Input[str],
|
697
|
-
allow_generate_key: Optional[pulumi.Input[bool]] = None,
|
698
|
-
allow_replace_key: Optional[pulumi.Input[bool]] = None,
|
699
|
-
allow_store_key: Optional[pulumi.Input[bool]] = None,
|
700
|
-
any_mount: Optional[pulumi.Input[bool]] = None,
|
701
|
-
curve: Optional[pulumi.Input[str]] = None,
|
702
|
-
force_rw_session: Optional[pulumi.Input[str]] = None,
|
703
|
-
key_bits: Optional[pulumi.Input[str]] = None,
|
704
|
-
slot: Optional[pulumi.Input[str]] = None,
|
705
|
-
token_label: Optional[pulumi.Input[str]] = None,
|
706
|
-
uuid: Optional[pulumi.Input[str]] = None):
|
707
|
-
"""
|
708
|
-
:param pulumi.Input[str] key_id: The id of a PKCS#11 key to use
|
709
|
-
:param pulumi.Input[str] key_label: The label of the key to use
|
710
|
-
:param pulumi.Input[str] library: The name of the kms_library stanza to use from Vault's config to lookup the local library path
|
711
|
-
:param pulumi.Input[str] mechanism: The encryption/decryption mechanism to use, specified as a hexadecimal (prefixed by 0x) string.
|
712
|
-
:param pulumi.Input[str] name: A unique lowercase name that serves as identifying the key
|
713
|
-
:param pulumi.Input[str] pin: The PIN for login
|
714
|
-
:param pulumi.Input[bool] allow_generate_key: If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
|
715
|
-
:param pulumi.Input[bool] allow_replace_key: Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
|
716
|
-
:param pulumi.Input[bool] allow_store_key: Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
|
717
|
-
:param pulumi.Input[bool] any_mount: Allow usage from any mount point within the namespace if 'true'
|
718
|
-
:param pulumi.Input[str] curve: Supplies the curve value when using the 'CKM_ECDSA' mechanism. Required if 'allow_generate_key' is true
|
719
|
-
:param pulumi.Input[str] force_rw_session: Force all operations to open up a read-write session to the HSM
|
720
|
-
:param pulumi.Input[str] key_bits: Supplies the size in bits of the key when using 'CKM_RSA_PKCS_PSS', 'CKM_RSA_PKCS_OAEP' or 'CKM_RSA_PKCS' as a value for 'mechanism'. Required if 'allow_generate_key' is true
|
721
|
-
:param pulumi.Input[str] slot: The slot number to use, specified as a string in a decimal format (e.g. '2305843009213693953')
|
722
|
-
:param pulumi.Input[str] token_label: The slot token label to use
|
723
|
-
:param pulumi.Input[str] uuid: ID of the managed key read from Vault
|
692
|
+
key_id: pulumi.Input[builtins.str],
|
693
|
+
key_label: pulumi.Input[builtins.str],
|
694
|
+
library: pulumi.Input[builtins.str],
|
695
|
+
mechanism: pulumi.Input[builtins.str],
|
696
|
+
name: pulumi.Input[builtins.str],
|
697
|
+
pin: pulumi.Input[builtins.str],
|
698
|
+
allow_generate_key: Optional[pulumi.Input[builtins.bool]] = None,
|
699
|
+
allow_replace_key: Optional[pulumi.Input[builtins.bool]] = None,
|
700
|
+
allow_store_key: Optional[pulumi.Input[builtins.bool]] = None,
|
701
|
+
any_mount: Optional[pulumi.Input[builtins.bool]] = None,
|
702
|
+
curve: Optional[pulumi.Input[builtins.str]] = None,
|
703
|
+
force_rw_session: Optional[pulumi.Input[builtins.str]] = None,
|
704
|
+
key_bits: Optional[pulumi.Input[builtins.str]] = None,
|
705
|
+
slot: Optional[pulumi.Input[builtins.str]] = None,
|
706
|
+
token_label: Optional[pulumi.Input[builtins.str]] = None,
|
707
|
+
uuid: Optional[pulumi.Input[builtins.str]] = None):
|
708
|
+
"""
|
709
|
+
:param pulumi.Input[builtins.str] key_id: The id of a PKCS#11 key to use
|
710
|
+
:param pulumi.Input[builtins.str] key_label: The label of the key to use
|
711
|
+
:param pulumi.Input[builtins.str] library: The name of the kms_library stanza to use from Vault's config to lookup the local library path
|
712
|
+
:param pulumi.Input[builtins.str] mechanism: The encryption/decryption mechanism to use, specified as a hexadecimal (prefixed by 0x) string.
|
713
|
+
:param pulumi.Input[builtins.str] name: A unique lowercase name that serves as identifying the key
|
714
|
+
:param pulumi.Input[builtins.str] pin: The PIN for login
|
715
|
+
:param pulumi.Input[builtins.bool] allow_generate_key: If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
|
716
|
+
:param pulumi.Input[builtins.bool] allow_replace_key: Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
|
717
|
+
:param pulumi.Input[builtins.bool] allow_store_key: Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
|
718
|
+
:param pulumi.Input[builtins.bool] any_mount: Allow usage from any mount point within the namespace if 'true'
|
719
|
+
:param pulumi.Input[builtins.str] curve: Supplies the curve value when using the 'CKM_ECDSA' mechanism. Required if 'allow_generate_key' is true
|
720
|
+
:param pulumi.Input[builtins.str] force_rw_session: Force all operations to open up a read-write session to the HSM
|
721
|
+
:param pulumi.Input[builtins.str] key_bits: Supplies the size in bits of the key when using 'CKM_RSA_PKCS_PSS', 'CKM_RSA_PKCS_OAEP' or 'CKM_RSA_PKCS' as a value for 'mechanism'. Required if 'allow_generate_key' is true
|
722
|
+
:param pulumi.Input[builtins.str] slot: The slot number to use, specified as a string in a decimal format (e.g. '2305843009213693953')
|
723
|
+
:param pulumi.Input[builtins.str] token_label: The slot token label to use
|
724
|
+
:param pulumi.Input[builtins.str] uuid: ID of the managed key read from Vault
|
724
725
|
"""
|
725
726
|
pulumi.set(__self__, "key_id", key_id)
|
726
727
|
pulumi.set(__self__, "key_label", key_label)
|
@@ -751,194 +752,194 @@ class KeysPkcArgs:
|
|
751
752
|
|
752
753
|
@property
|
753
754
|
@pulumi.getter(name="keyId")
|
754
|
-
def key_id(self) -> pulumi.Input[str]:
|
755
|
+
def key_id(self) -> pulumi.Input[builtins.str]:
|
755
756
|
"""
|
756
757
|
The id of a PKCS#11 key to use
|
757
758
|
"""
|
758
759
|
return pulumi.get(self, "key_id")
|
759
760
|
|
760
761
|
@key_id.setter
|
761
|
-
def key_id(self, value: pulumi.Input[str]):
|
762
|
+
def key_id(self, value: pulumi.Input[builtins.str]):
|
762
763
|
pulumi.set(self, "key_id", value)
|
763
764
|
|
764
765
|
@property
|
765
766
|
@pulumi.getter(name="keyLabel")
|
766
|
-
def key_label(self) -> pulumi.Input[str]:
|
767
|
+
def key_label(self) -> pulumi.Input[builtins.str]:
|
767
768
|
"""
|
768
769
|
The label of the key to use
|
769
770
|
"""
|
770
771
|
return pulumi.get(self, "key_label")
|
771
772
|
|
772
773
|
@key_label.setter
|
773
|
-
def key_label(self, value: pulumi.Input[str]):
|
774
|
+
def key_label(self, value: pulumi.Input[builtins.str]):
|
774
775
|
pulumi.set(self, "key_label", value)
|
775
776
|
|
776
777
|
@property
|
777
778
|
@pulumi.getter
|
778
|
-
def library(self) -> pulumi.Input[str]:
|
779
|
+
def library(self) -> pulumi.Input[builtins.str]:
|
779
780
|
"""
|
780
781
|
The name of the kms_library stanza to use from Vault's config to lookup the local library path
|
781
782
|
"""
|
782
783
|
return pulumi.get(self, "library")
|
783
784
|
|
784
785
|
@library.setter
|
785
|
-
def library(self, value: pulumi.Input[str]):
|
786
|
+
def library(self, value: pulumi.Input[builtins.str]):
|
786
787
|
pulumi.set(self, "library", value)
|
787
788
|
|
788
789
|
@property
|
789
790
|
@pulumi.getter
|
790
|
-
def mechanism(self) -> pulumi.Input[str]:
|
791
|
+
def mechanism(self) -> pulumi.Input[builtins.str]:
|
791
792
|
"""
|
792
793
|
The encryption/decryption mechanism to use, specified as a hexadecimal (prefixed by 0x) string.
|
793
794
|
"""
|
794
795
|
return pulumi.get(self, "mechanism")
|
795
796
|
|
796
797
|
@mechanism.setter
|
797
|
-
def mechanism(self, value: pulumi.Input[str]):
|
798
|
+
def mechanism(self, value: pulumi.Input[builtins.str]):
|
798
799
|
pulumi.set(self, "mechanism", value)
|
799
800
|
|
800
801
|
@property
|
801
802
|
@pulumi.getter
|
802
|
-
def name(self) -> pulumi.Input[str]:
|
803
|
+
def name(self) -> pulumi.Input[builtins.str]:
|
803
804
|
"""
|
804
805
|
A unique lowercase name that serves as identifying the key
|
805
806
|
"""
|
806
807
|
return pulumi.get(self, "name")
|
807
808
|
|
808
809
|
@name.setter
|
809
|
-
def name(self, value: pulumi.Input[str]):
|
810
|
+
def name(self, value: pulumi.Input[builtins.str]):
|
810
811
|
pulumi.set(self, "name", value)
|
811
812
|
|
812
813
|
@property
|
813
814
|
@pulumi.getter
|
814
|
-
def pin(self) -> pulumi.Input[str]:
|
815
|
+
def pin(self) -> pulumi.Input[builtins.str]:
|
815
816
|
"""
|
816
817
|
The PIN for login
|
817
818
|
"""
|
818
819
|
return pulumi.get(self, "pin")
|
819
820
|
|
820
821
|
@pin.setter
|
821
|
-
def pin(self, value: pulumi.Input[str]):
|
822
|
+
def pin(self, value: pulumi.Input[builtins.str]):
|
822
823
|
pulumi.set(self, "pin", value)
|
823
824
|
|
824
825
|
@property
|
825
826
|
@pulumi.getter(name="allowGenerateKey")
|
826
|
-
def allow_generate_key(self) -> Optional[pulumi.Input[bool]]:
|
827
|
+
def allow_generate_key(self) -> Optional[pulumi.Input[builtins.bool]]:
|
827
828
|
"""
|
828
829
|
If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
|
829
830
|
"""
|
830
831
|
return pulumi.get(self, "allow_generate_key")
|
831
832
|
|
832
833
|
@allow_generate_key.setter
|
833
|
-
def allow_generate_key(self, value: Optional[pulumi.Input[bool]]):
|
834
|
+
def allow_generate_key(self, value: Optional[pulumi.Input[builtins.bool]]):
|
834
835
|
pulumi.set(self, "allow_generate_key", value)
|
835
836
|
|
836
837
|
@property
|
837
838
|
@pulumi.getter(name="allowReplaceKey")
|
838
|
-
def allow_replace_key(self) -> Optional[pulumi.Input[bool]]:
|
839
|
+
def allow_replace_key(self) -> Optional[pulumi.Input[builtins.bool]]:
|
839
840
|
"""
|
840
841
|
Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
|
841
842
|
"""
|
842
843
|
return pulumi.get(self, "allow_replace_key")
|
843
844
|
|
844
845
|
@allow_replace_key.setter
|
845
|
-
def allow_replace_key(self, value: Optional[pulumi.Input[bool]]):
|
846
|
+
def allow_replace_key(self, value: Optional[pulumi.Input[builtins.bool]]):
|
846
847
|
pulumi.set(self, "allow_replace_key", value)
|
847
848
|
|
848
849
|
@property
|
849
850
|
@pulumi.getter(name="allowStoreKey")
|
850
|
-
def allow_store_key(self) -> Optional[pulumi.Input[bool]]:
|
851
|
+
def allow_store_key(self) -> Optional[pulumi.Input[builtins.bool]]:
|
851
852
|
"""
|
852
853
|
Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
|
853
854
|
"""
|
854
855
|
return pulumi.get(self, "allow_store_key")
|
855
856
|
|
856
857
|
@allow_store_key.setter
|
857
|
-
def allow_store_key(self, value: Optional[pulumi.Input[bool]]):
|
858
|
+
def allow_store_key(self, value: Optional[pulumi.Input[builtins.bool]]):
|
858
859
|
pulumi.set(self, "allow_store_key", value)
|
859
860
|
|
860
861
|
@property
|
861
862
|
@pulumi.getter(name="anyMount")
|
862
|
-
def any_mount(self) -> Optional[pulumi.Input[bool]]:
|
863
|
+
def any_mount(self) -> Optional[pulumi.Input[builtins.bool]]:
|
863
864
|
"""
|
864
865
|
Allow usage from any mount point within the namespace if 'true'
|
865
866
|
"""
|
866
867
|
return pulumi.get(self, "any_mount")
|
867
868
|
|
868
869
|
@any_mount.setter
|
869
|
-
def any_mount(self, value: Optional[pulumi.Input[bool]]):
|
870
|
+
def any_mount(self, value: Optional[pulumi.Input[builtins.bool]]):
|
870
871
|
pulumi.set(self, "any_mount", value)
|
871
872
|
|
872
873
|
@property
|
873
874
|
@pulumi.getter
|
874
|
-
def curve(self) -> Optional[pulumi.Input[str]]:
|
875
|
+
def curve(self) -> Optional[pulumi.Input[builtins.str]]:
|
875
876
|
"""
|
876
877
|
Supplies the curve value when using the 'CKM_ECDSA' mechanism. Required if 'allow_generate_key' is true
|
877
878
|
"""
|
878
879
|
return pulumi.get(self, "curve")
|
879
880
|
|
880
881
|
@curve.setter
|
881
|
-
def curve(self, value: Optional[pulumi.Input[str]]):
|
882
|
+
def curve(self, value: Optional[pulumi.Input[builtins.str]]):
|
882
883
|
pulumi.set(self, "curve", value)
|
883
884
|
|
884
885
|
@property
|
885
886
|
@pulumi.getter(name="forceRwSession")
|
886
|
-
def force_rw_session(self) -> Optional[pulumi.Input[str]]:
|
887
|
+
def force_rw_session(self) -> Optional[pulumi.Input[builtins.str]]:
|
887
888
|
"""
|
888
889
|
Force all operations to open up a read-write session to the HSM
|
889
890
|
"""
|
890
891
|
return pulumi.get(self, "force_rw_session")
|
891
892
|
|
892
893
|
@force_rw_session.setter
|
893
|
-
def force_rw_session(self, value: Optional[pulumi.Input[str]]):
|
894
|
+
def force_rw_session(self, value: Optional[pulumi.Input[builtins.str]]):
|
894
895
|
pulumi.set(self, "force_rw_session", value)
|
895
896
|
|
896
897
|
@property
|
897
898
|
@pulumi.getter(name="keyBits")
|
898
|
-
def key_bits(self) -> Optional[pulumi.Input[str]]:
|
899
|
+
def key_bits(self) -> Optional[pulumi.Input[builtins.str]]:
|
899
900
|
"""
|
900
901
|
Supplies the size in bits of the key when using 'CKM_RSA_PKCS_PSS', 'CKM_RSA_PKCS_OAEP' or 'CKM_RSA_PKCS' as a value for 'mechanism'. Required if 'allow_generate_key' is true
|
901
902
|
"""
|
902
903
|
return pulumi.get(self, "key_bits")
|
903
904
|
|
904
905
|
@key_bits.setter
|
905
|
-
def key_bits(self, value: Optional[pulumi.Input[str]]):
|
906
|
+
def key_bits(self, value: Optional[pulumi.Input[builtins.str]]):
|
906
907
|
pulumi.set(self, "key_bits", value)
|
907
908
|
|
908
909
|
@property
|
909
910
|
@pulumi.getter
|
910
|
-
def slot(self) -> Optional[pulumi.Input[str]]:
|
911
|
+
def slot(self) -> Optional[pulumi.Input[builtins.str]]:
|
911
912
|
"""
|
912
913
|
The slot number to use, specified as a string in a decimal format (e.g. '2305843009213693953')
|
913
914
|
"""
|
914
915
|
return pulumi.get(self, "slot")
|
915
916
|
|
916
917
|
@slot.setter
|
917
|
-
def slot(self, value: Optional[pulumi.Input[str]]):
|
918
|
+
def slot(self, value: Optional[pulumi.Input[builtins.str]]):
|
918
919
|
pulumi.set(self, "slot", value)
|
919
920
|
|
920
921
|
@property
|
921
922
|
@pulumi.getter(name="tokenLabel")
|
922
|
-
def token_label(self) -> Optional[pulumi.Input[str]]:
|
923
|
+
def token_label(self) -> Optional[pulumi.Input[builtins.str]]:
|
923
924
|
"""
|
924
925
|
The slot token label to use
|
925
926
|
"""
|
926
927
|
return pulumi.get(self, "token_label")
|
927
928
|
|
928
929
|
@token_label.setter
|
929
|
-
def token_label(self, value: Optional[pulumi.Input[str]]):
|
930
|
+
def token_label(self, value: Optional[pulumi.Input[builtins.str]]):
|
930
931
|
pulumi.set(self, "token_label", value)
|
931
932
|
|
932
933
|
@property
|
933
934
|
@pulumi.getter
|
934
|
-
def uuid(self) -> Optional[pulumi.Input[str]]:
|
935
|
+
def uuid(self) -> Optional[pulumi.Input[builtins.str]]:
|
935
936
|
"""
|
936
937
|
ID of the managed key read from Vault
|
937
938
|
"""
|
938
939
|
return pulumi.get(self, "uuid")
|
939
940
|
|
940
941
|
@uuid.setter
|
941
|
-
def uuid(self, value: Optional[pulumi.Input[str]]):
|
942
|
+
def uuid(self, value: Optional[pulumi.Input[builtins.str]]):
|
942
943
|
pulumi.set(self, "uuid", value)
|
943
944
|
|
944
945
|
|