pulumi-vault 6.7.0a1743576047__py3-none-any.whl → 6.7.0a1744267302__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_vault/__init__.py +1 -0
- pulumi_vault/_inputs.py +554 -553
- pulumi_vault/ad/__init__.py +1 -0
- pulumi_vault/ad/get_access_credentials.py +20 -19
- pulumi_vault/ad/secret_backend.py +477 -476
- pulumi_vault/ad/secret_library.py +99 -98
- pulumi_vault/ad/secret_role.py +85 -84
- pulumi_vault/alicloud/__init__.py +1 -0
- pulumi_vault/alicloud/auth_backend_role.py +183 -182
- pulumi_vault/approle/__init__.py +1 -0
- pulumi_vault/approle/auth_backend_login.py +106 -105
- pulumi_vault/approle/auth_backend_role.py +239 -238
- pulumi_vault/approle/auth_backend_role_secret_id.py +162 -161
- pulumi_vault/approle/get_auth_backend_role_id.py +18 -17
- pulumi_vault/audit.py +85 -84
- pulumi_vault/audit_request_header.py +43 -42
- pulumi_vault/auth_backend.py +106 -105
- pulumi_vault/aws/__init__.py +1 -0
- pulumi_vault/aws/auth_backend_cert.py +71 -70
- pulumi_vault/aws/auth_backend_client.py +253 -252
- pulumi_vault/aws/auth_backend_config_identity.py +85 -84
- pulumi_vault/aws/auth_backend_identity_whitelist.py +57 -56
- pulumi_vault/aws/auth_backend_login.py +209 -208
- pulumi_vault/aws/auth_backend_role.py +400 -399
- pulumi_vault/aws/auth_backend_role_tag.py +127 -126
- pulumi_vault/aws/auth_backend_roletag_blacklist.py +57 -56
- pulumi_vault/aws/auth_backend_sts_role.py +71 -70
- pulumi_vault/aws/get_access_credentials.py +44 -43
- pulumi_vault/aws/get_static_access_credentials.py +13 -12
- pulumi_vault/aws/secret_backend.py +337 -336
- pulumi_vault/aws/secret_backend_role.py +211 -210
- pulumi_vault/aws/secret_backend_static_role.py +113 -112
- pulumi_vault/azure/__init__.py +1 -0
- pulumi_vault/azure/_inputs.py +21 -20
- pulumi_vault/azure/auth_backend_config.py +183 -182
- pulumi_vault/azure/auth_backend_role.py +253 -252
- pulumi_vault/azure/backend.py +239 -238
- pulumi_vault/azure/backend_role.py +141 -140
- pulumi_vault/azure/get_access_credentials.py +58 -57
- pulumi_vault/azure/outputs.py +11 -10
- pulumi_vault/cert_auth_backend_role.py +365 -364
- pulumi_vault/config/__init__.py +1 -0
- pulumi_vault/config/__init__.pyi +1 -0
- pulumi_vault/config/_inputs.py +11 -10
- pulumi_vault/config/outputs.py +287 -286
- pulumi_vault/config/ui_custom_message.py +113 -112
- pulumi_vault/config/vars.py +1 -0
- pulumi_vault/consul/__init__.py +1 -0
- pulumi_vault/consul/secret_backend.py +197 -196
- pulumi_vault/consul/secret_backend_role.py +183 -182
- pulumi_vault/database/__init__.py +1 -0
- pulumi_vault/database/_inputs.py +2525 -2524
- pulumi_vault/database/outputs.py +1529 -1528
- pulumi_vault/database/secret_backend_connection.py +169 -168
- pulumi_vault/database/secret_backend_role.py +169 -168
- pulumi_vault/database/secret_backend_static_role.py +179 -178
- pulumi_vault/database/secrets_mount.py +267 -266
- pulumi_vault/egp_policy.py +71 -70
- pulumi_vault/gcp/__init__.py +1 -0
- pulumi_vault/gcp/_inputs.py +82 -81
- pulumi_vault/gcp/auth_backend.py +260 -259
- pulumi_vault/gcp/auth_backend_role.py +281 -280
- pulumi_vault/gcp/get_auth_backend_role.py +70 -69
- pulumi_vault/gcp/outputs.py +50 -49
- pulumi_vault/gcp/secret_backend.py +232 -231
- pulumi_vault/gcp/secret_impersonated_account.py +92 -91
- pulumi_vault/gcp/secret_roleset.py +92 -91
- pulumi_vault/gcp/secret_static_account.py +92 -91
- pulumi_vault/generic/__init__.py +1 -0
- pulumi_vault/generic/endpoint.py +113 -112
- pulumi_vault/generic/get_secret.py +28 -27
- pulumi_vault/generic/secret.py +78 -77
- pulumi_vault/get_auth_backend.py +19 -18
- pulumi_vault/get_auth_backends.py +14 -13
- pulumi_vault/get_namespace.py +15 -14
- pulumi_vault/get_namespaces.py +8 -7
- pulumi_vault/get_nomad_access_token.py +19 -18
- pulumi_vault/get_policy_document.py +6 -5
- pulumi_vault/get_raft_autopilot_state.py +18 -17
- pulumi_vault/github/__init__.py +1 -0
- pulumi_vault/github/_inputs.py +42 -41
- pulumi_vault/github/auth_backend.py +232 -231
- pulumi_vault/github/outputs.py +26 -25
- pulumi_vault/github/team.py +57 -56
- pulumi_vault/github/user.py +57 -56
- pulumi_vault/identity/__init__.py +1 -0
- pulumi_vault/identity/entity.py +85 -84
- pulumi_vault/identity/entity_alias.py +71 -70
- pulumi_vault/identity/entity_policies.py +64 -63
- pulumi_vault/identity/get_entity.py +43 -42
- pulumi_vault/identity/get_group.py +50 -49
- pulumi_vault/identity/get_oidc_client_creds.py +14 -13
- pulumi_vault/identity/get_oidc_openid_config.py +24 -23
- pulumi_vault/identity/get_oidc_public_keys.py +13 -12
- pulumi_vault/identity/group.py +141 -140
- pulumi_vault/identity/group_alias.py +57 -56
- pulumi_vault/identity/group_member_entity_ids.py +57 -56
- pulumi_vault/identity/group_member_group_ids.py +57 -56
- pulumi_vault/identity/group_policies.py +64 -63
- pulumi_vault/identity/mfa_duo.py +148 -147
- pulumi_vault/identity/mfa_login_enforcement.py +120 -119
- pulumi_vault/identity/mfa_okta.py +134 -133
- pulumi_vault/identity/mfa_pingid.py +127 -126
- pulumi_vault/identity/mfa_totp.py +176 -175
- pulumi_vault/identity/oidc.py +29 -28
- pulumi_vault/identity/oidc_assignment.py +57 -56
- pulumi_vault/identity/oidc_client.py +127 -126
- pulumi_vault/identity/oidc_key.py +85 -84
- pulumi_vault/identity/oidc_key_allowed_client_id.py +43 -42
- pulumi_vault/identity/oidc_provider.py +92 -91
- pulumi_vault/identity/oidc_role.py +85 -84
- pulumi_vault/identity/oidc_scope.py +57 -56
- pulumi_vault/identity/outputs.py +32 -31
- pulumi_vault/jwt/__init__.py +1 -0
- pulumi_vault/jwt/_inputs.py +42 -41
- pulumi_vault/jwt/auth_backend.py +288 -287
- pulumi_vault/jwt/auth_backend_role.py +407 -406
- pulumi_vault/jwt/outputs.py +26 -25
- pulumi_vault/kmip/__init__.py +1 -0
- pulumi_vault/kmip/secret_backend.py +183 -182
- pulumi_vault/kmip/secret_role.py +295 -294
- pulumi_vault/kmip/secret_scope.py +57 -56
- pulumi_vault/kubernetes/__init__.py +1 -0
- pulumi_vault/kubernetes/auth_backend_config.py +141 -140
- pulumi_vault/kubernetes/auth_backend_role.py +225 -224
- pulumi_vault/kubernetes/get_auth_backend_config.py +47 -46
- pulumi_vault/kubernetes/get_auth_backend_role.py +70 -69
- pulumi_vault/kubernetes/get_service_account_token.py +38 -37
- pulumi_vault/kubernetes/secret_backend.py +316 -315
- pulumi_vault/kubernetes/secret_backend_role.py +197 -196
- pulumi_vault/kv/__init__.py +1 -0
- pulumi_vault/kv/_inputs.py +21 -20
- pulumi_vault/kv/get_secret.py +17 -16
- pulumi_vault/kv/get_secret_subkeys_v2.py +30 -29
- pulumi_vault/kv/get_secret_v2.py +29 -28
- pulumi_vault/kv/get_secrets_list.py +13 -12
- pulumi_vault/kv/get_secrets_list_v2.py +19 -18
- pulumi_vault/kv/outputs.py +13 -12
- pulumi_vault/kv/secret.py +50 -49
- pulumi_vault/kv/secret_backend_v2.py +71 -70
- pulumi_vault/kv/secret_v2.py +134 -133
- pulumi_vault/ldap/__init__.py +1 -0
- pulumi_vault/ldap/auth_backend.py +588 -587
- pulumi_vault/ldap/auth_backend_group.py +57 -56
- pulumi_vault/ldap/auth_backend_user.py +71 -70
- pulumi_vault/ldap/get_dynamic_credentials.py +17 -16
- pulumi_vault/ldap/get_static_credentials.py +18 -17
- pulumi_vault/ldap/secret_backend.py +554 -553
- pulumi_vault/ldap/secret_backend_dynamic_role.py +127 -126
- pulumi_vault/ldap/secret_backend_library_set.py +99 -98
- pulumi_vault/ldap/secret_backend_static_role.py +99 -98
- pulumi_vault/managed/__init__.py +1 -0
- pulumi_vault/managed/_inputs.py +229 -228
- pulumi_vault/managed/keys.py +15 -14
- pulumi_vault/managed/outputs.py +139 -138
- pulumi_vault/mfa_duo.py +113 -112
- pulumi_vault/mfa_okta.py +113 -112
- pulumi_vault/mfa_pingid.py +120 -119
- pulumi_vault/mfa_totp.py +127 -126
- pulumi_vault/mongodbatlas/__init__.py +1 -0
- pulumi_vault/mongodbatlas/secret_backend.py +64 -63
- pulumi_vault/mongodbatlas/secret_role.py +155 -154
- pulumi_vault/mount.py +274 -273
- pulumi_vault/namespace.py +64 -63
- pulumi_vault/nomad_secret_backend.py +211 -210
- pulumi_vault/nomad_secret_role.py +85 -84
- pulumi_vault/okta/__init__.py +1 -0
- pulumi_vault/okta/_inputs.py +26 -25
- pulumi_vault/okta/auth_backend.py +274 -273
- pulumi_vault/okta/auth_backend_group.py +57 -56
- pulumi_vault/okta/auth_backend_user.py +71 -70
- pulumi_vault/okta/outputs.py +16 -15
- pulumi_vault/outputs.py +56 -55
- pulumi_vault/password_policy.py +43 -42
- pulumi_vault/pkisecret/__init__.py +1 -0
- pulumi_vault/pkisecret/_inputs.py +31 -30
- pulumi_vault/pkisecret/backend_acme_eab.py +92 -91
- pulumi_vault/pkisecret/backend_config_acme.py +141 -140
- pulumi_vault/pkisecret/backend_config_auto_tidy.py +323 -322
- pulumi_vault/pkisecret/backend_config_cluster.py +57 -56
- pulumi_vault/pkisecret/backend_config_cmpv2.py +106 -105
- pulumi_vault/pkisecret/backend_config_est.py +120 -119
- pulumi_vault/pkisecret/get_backend_cert_metadata.py +22 -21
- pulumi_vault/pkisecret/get_backend_config_cmpv2.py +22 -21
- pulumi_vault/pkisecret/get_backend_config_est.py +19 -18
- pulumi_vault/pkisecret/get_backend_issuer.py +45 -44
- pulumi_vault/pkisecret/get_backend_issuers.py +15 -14
- pulumi_vault/pkisecret/get_backend_key.py +20 -19
- pulumi_vault/pkisecret/get_backend_keys.py +15 -14
- pulumi_vault/pkisecret/outputs.py +28 -27
- pulumi_vault/pkisecret/secret_backend_cert.py +337 -336
- pulumi_vault/pkisecret/secret_backend_config_ca.py +43 -42
- pulumi_vault/pkisecret/secret_backend_config_issuers.py +57 -56
- pulumi_vault/pkisecret/secret_backend_config_urls.py +85 -84
- pulumi_vault/pkisecret/secret_backend_crl_config.py +197 -196
- pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +421 -420
- pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +57 -56
- pulumi_vault/pkisecret/secret_backend_issuer.py +232 -231
- pulumi_vault/pkisecret/secret_backend_key.py +120 -119
- pulumi_vault/pkisecret/secret_backend_role.py +715 -714
- pulumi_vault/pkisecret/secret_backend_root_cert.py +554 -553
- pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +526 -525
- pulumi_vault/pkisecret/secret_backend_sign.py +281 -280
- pulumi_vault/plugin.py +127 -126
- pulumi_vault/plugin_pinned_version.py +43 -42
- pulumi_vault/policy.py +43 -42
- pulumi_vault/provider.py +120 -119
- pulumi_vault/pulumi-plugin.json +1 -1
- pulumi_vault/quota_lease_count.py +85 -84
- pulumi_vault/quota_rate_limit.py +113 -112
- pulumi_vault/rabbitmq/__init__.py +1 -0
- pulumi_vault/rabbitmq/_inputs.py +41 -40
- pulumi_vault/rabbitmq/outputs.py +25 -24
- pulumi_vault/rabbitmq/secret_backend.py +169 -168
- pulumi_vault/rabbitmq/secret_backend_role.py +57 -56
- pulumi_vault/raft_autopilot.py +113 -112
- pulumi_vault/raft_snapshot_agent_config.py +393 -392
- pulumi_vault/rgp_policy.py +57 -56
- pulumi_vault/saml/__init__.py +1 -0
- pulumi_vault/saml/auth_backend.py +155 -154
- pulumi_vault/saml/auth_backend_role.py +239 -238
- pulumi_vault/secrets/__init__.py +1 -0
- pulumi_vault/secrets/_inputs.py +16 -15
- pulumi_vault/secrets/outputs.py +10 -9
- pulumi_vault/secrets/sync_association.py +71 -70
- pulumi_vault/secrets/sync_aws_destination.py +148 -147
- pulumi_vault/secrets/sync_azure_destination.py +148 -147
- pulumi_vault/secrets/sync_config.py +43 -42
- pulumi_vault/secrets/sync_gcp_destination.py +106 -105
- pulumi_vault/secrets/sync_gh_destination.py +134 -133
- pulumi_vault/secrets/sync_github_apps.py +64 -63
- pulumi_vault/secrets/sync_vercel_destination.py +120 -119
- pulumi_vault/ssh/__init__.py +1 -0
- pulumi_vault/ssh/_inputs.py +11 -10
- pulumi_vault/ssh/get_secret_backend_sign.py +52 -51
- pulumi_vault/ssh/outputs.py +7 -6
- pulumi_vault/ssh/secret_backend_ca.py +99 -98
- pulumi_vault/ssh/secret_backend_role.py +365 -364
- pulumi_vault/terraformcloud/__init__.py +1 -0
- pulumi_vault/terraformcloud/secret_backend.py +111 -110
- pulumi_vault/terraformcloud/secret_creds.py +74 -73
- pulumi_vault/terraformcloud/secret_role.py +93 -92
- pulumi_vault/token.py +246 -245
- pulumi_vault/tokenauth/__init__.py +1 -0
- pulumi_vault/tokenauth/auth_backend_role.py +267 -266
- pulumi_vault/transform/__init__.py +1 -0
- pulumi_vault/transform/alphabet.py +57 -56
- pulumi_vault/transform/get_decode.py +47 -46
- pulumi_vault/transform/get_encode.py +47 -46
- pulumi_vault/transform/role.py +57 -56
- pulumi_vault/transform/template.py +113 -112
- pulumi_vault/transform/transformation.py +141 -140
- pulumi_vault/transit/__init__.py +1 -0
- pulumi_vault/transit/get_decrypt.py +18 -17
- pulumi_vault/transit/get_encrypt.py +21 -20
- pulumi_vault/transit/get_sign.py +54 -53
- pulumi_vault/transit/get_verify.py +60 -59
- pulumi_vault/transit/secret_backend_key.py +274 -273
- pulumi_vault/transit/secret_cache_config.py +43 -42
- {pulumi_vault-6.7.0a1743576047.dist-info → pulumi_vault-6.7.0a1744267302.dist-info}/METADATA +1 -1
- pulumi_vault-6.7.0a1744267302.dist-info/RECORD +265 -0
- pulumi_vault-6.7.0a1743576047.dist-info/RECORD +0 -265
- {pulumi_vault-6.7.0a1743576047.dist-info → pulumi_vault-6.7.0a1744267302.dist-info}/WHEEL +0 -0
- {pulumi_vault-6.7.0a1743576047.dist-info → pulumi_vault-6.7.0a1744267302.dist-info}/top_level.txt +0 -0
pulumi_vault/managed/outputs.py
CHANGED
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
|
|
3
3
|
# *** Do not edit by hand unless you're certain you know what you are doing! ***
|
|
4
4
|
|
|
5
|
+
import builtins
|
|
5
6
|
import copy
|
|
6
7
|
import warnings
|
|
7
8
|
import sys
|
|
@@ -56,35 +57,35 @@ class KeysAw(dict):
|
|
|
56
57
|
return super().get(key, default)
|
|
57
58
|
|
|
58
59
|
def __init__(__self__, *,
|
|
59
|
-
access_key: str,
|
|
60
|
-
key_bits: str,
|
|
61
|
-
key_type: str,
|
|
62
|
-
kms_key: str,
|
|
63
|
-
name: str,
|
|
64
|
-
secret_key: str,
|
|
65
|
-
allow_generate_key: Optional[bool] = None,
|
|
66
|
-
allow_replace_key: Optional[bool] = None,
|
|
67
|
-
allow_store_key: Optional[bool] = None,
|
|
68
|
-
any_mount: Optional[bool] = None,
|
|
69
|
-
curve: Optional[str] = None,
|
|
70
|
-
endpoint: Optional[str] = None,
|
|
71
|
-
region: Optional[str] = None,
|
|
72
|
-
uuid: Optional[str] = None):
|
|
73
|
-
"""
|
|
74
|
-
:param str access_key: The AWS access key to use
|
|
75
|
-
:param str key_bits: The size in bits for an RSA key. This field is required when 'key_type' is 'RSA'
|
|
76
|
-
:param str key_type: The type of key to use
|
|
77
|
-
:param str kms_key: An identifier for the key
|
|
78
|
-
:param str name: A unique lowercase name that serves as identifying the key
|
|
79
|
-
:param str secret_key: The AWS secret key to use
|
|
80
|
-
:param bool allow_generate_key: If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
|
|
81
|
-
:param bool allow_replace_key: Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
|
|
82
|
-
:param bool allow_store_key: Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
|
|
83
|
-
:param bool any_mount: Allow usage from any mount point within the namespace if 'true'
|
|
84
|
-
:param str curve: The curve to use for an ECDSA key. Used when key_type is 'ECDSA'. Required if 'allow_generate_key' is true
|
|
85
|
-
:param str endpoint: Used to specify a custom AWS endpoint
|
|
86
|
-
:param str region: The AWS region where the keys are stored (or will be stored)
|
|
87
|
-
:param str uuid: ID of the managed key read from Vault
|
|
60
|
+
access_key: builtins.str,
|
|
61
|
+
key_bits: builtins.str,
|
|
62
|
+
key_type: builtins.str,
|
|
63
|
+
kms_key: builtins.str,
|
|
64
|
+
name: builtins.str,
|
|
65
|
+
secret_key: builtins.str,
|
|
66
|
+
allow_generate_key: Optional[builtins.bool] = None,
|
|
67
|
+
allow_replace_key: Optional[builtins.bool] = None,
|
|
68
|
+
allow_store_key: Optional[builtins.bool] = None,
|
|
69
|
+
any_mount: Optional[builtins.bool] = None,
|
|
70
|
+
curve: Optional[builtins.str] = None,
|
|
71
|
+
endpoint: Optional[builtins.str] = None,
|
|
72
|
+
region: Optional[builtins.str] = None,
|
|
73
|
+
uuid: Optional[builtins.str] = None):
|
|
74
|
+
"""
|
|
75
|
+
:param builtins.str access_key: The AWS access key to use
|
|
76
|
+
:param builtins.str key_bits: The size in bits for an RSA key. This field is required when 'key_type' is 'RSA'
|
|
77
|
+
:param builtins.str key_type: The type of key to use
|
|
78
|
+
:param builtins.str kms_key: An identifier for the key
|
|
79
|
+
:param builtins.str name: A unique lowercase name that serves as identifying the key
|
|
80
|
+
:param builtins.str secret_key: The AWS secret key to use
|
|
81
|
+
:param builtins.bool allow_generate_key: If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
|
|
82
|
+
:param builtins.bool allow_replace_key: Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
|
|
83
|
+
:param builtins.bool allow_store_key: Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
|
|
84
|
+
:param builtins.bool any_mount: Allow usage from any mount point within the namespace if 'true'
|
|
85
|
+
:param builtins.str curve: The curve to use for an ECDSA key. Used when key_type is 'ECDSA'. Required if 'allow_generate_key' is true
|
|
86
|
+
:param builtins.str endpoint: Used to specify a custom AWS endpoint
|
|
87
|
+
:param builtins.str region: The AWS region where the keys are stored (or will be stored)
|
|
88
|
+
:param builtins.str uuid: ID of the managed key read from Vault
|
|
88
89
|
"""
|
|
89
90
|
pulumi.set(__self__, "access_key", access_key)
|
|
90
91
|
pulumi.set(__self__, "key_bits", key_bits)
|
|
@@ -111,7 +112,7 @@ class KeysAw(dict):
|
|
|
111
112
|
|
|
112
113
|
@property
|
|
113
114
|
@pulumi.getter(name="accessKey")
|
|
114
|
-
def access_key(self) -> str:
|
|
115
|
+
def access_key(self) -> builtins.str:
|
|
115
116
|
"""
|
|
116
117
|
The AWS access key to use
|
|
117
118
|
"""
|
|
@@ -119,7 +120,7 @@ class KeysAw(dict):
|
|
|
119
120
|
|
|
120
121
|
@property
|
|
121
122
|
@pulumi.getter(name="keyBits")
|
|
122
|
-
def key_bits(self) -> str:
|
|
123
|
+
def key_bits(self) -> builtins.str:
|
|
123
124
|
"""
|
|
124
125
|
The size in bits for an RSA key. This field is required when 'key_type' is 'RSA'
|
|
125
126
|
"""
|
|
@@ -127,7 +128,7 @@ class KeysAw(dict):
|
|
|
127
128
|
|
|
128
129
|
@property
|
|
129
130
|
@pulumi.getter(name="keyType")
|
|
130
|
-
def key_type(self) -> str:
|
|
131
|
+
def key_type(self) -> builtins.str:
|
|
131
132
|
"""
|
|
132
133
|
The type of key to use
|
|
133
134
|
"""
|
|
@@ -135,7 +136,7 @@ class KeysAw(dict):
|
|
|
135
136
|
|
|
136
137
|
@property
|
|
137
138
|
@pulumi.getter(name="kmsKey")
|
|
138
|
-
def kms_key(self) -> str:
|
|
139
|
+
def kms_key(self) -> builtins.str:
|
|
139
140
|
"""
|
|
140
141
|
An identifier for the key
|
|
141
142
|
"""
|
|
@@ -143,7 +144,7 @@ class KeysAw(dict):
|
|
|
143
144
|
|
|
144
145
|
@property
|
|
145
146
|
@pulumi.getter
|
|
146
|
-
def name(self) -> str:
|
|
147
|
+
def name(self) -> builtins.str:
|
|
147
148
|
"""
|
|
148
149
|
A unique lowercase name that serves as identifying the key
|
|
149
150
|
"""
|
|
@@ -151,7 +152,7 @@ class KeysAw(dict):
|
|
|
151
152
|
|
|
152
153
|
@property
|
|
153
154
|
@pulumi.getter(name="secretKey")
|
|
154
|
-
def secret_key(self) -> str:
|
|
155
|
+
def secret_key(self) -> builtins.str:
|
|
155
156
|
"""
|
|
156
157
|
The AWS secret key to use
|
|
157
158
|
"""
|
|
@@ -159,7 +160,7 @@ class KeysAw(dict):
|
|
|
159
160
|
|
|
160
161
|
@property
|
|
161
162
|
@pulumi.getter(name="allowGenerateKey")
|
|
162
|
-
def allow_generate_key(self) -> Optional[bool]:
|
|
163
|
+
def allow_generate_key(self) -> Optional[builtins.bool]:
|
|
163
164
|
"""
|
|
164
165
|
If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
|
|
165
166
|
"""
|
|
@@ -167,7 +168,7 @@ class KeysAw(dict):
|
|
|
167
168
|
|
|
168
169
|
@property
|
|
169
170
|
@pulumi.getter(name="allowReplaceKey")
|
|
170
|
-
def allow_replace_key(self) -> Optional[bool]:
|
|
171
|
+
def allow_replace_key(self) -> Optional[builtins.bool]:
|
|
171
172
|
"""
|
|
172
173
|
Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
|
|
173
174
|
"""
|
|
@@ -175,7 +176,7 @@ class KeysAw(dict):
|
|
|
175
176
|
|
|
176
177
|
@property
|
|
177
178
|
@pulumi.getter(name="allowStoreKey")
|
|
178
|
-
def allow_store_key(self) -> Optional[bool]:
|
|
179
|
+
def allow_store_key(self) -> Optional[builtins.bool]:
|
|
179
180
|
"""
|
|
180
181
|
Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
|
|
181
182
|
"""
|
|
@@ -183,7 +184,7 @@ class KeysAw(dict):
|
|
|
183
184
|
|
|
184
185
|
@property
|
|
185
186
|
@pulumi.getter(name="anyMount")
|
|
186
|
-
def any_mount(self) -> Optional[bool]:
|
|
187
|
+
def any_mount(self) -> Optional[builtins.bool]:
|
|
187
188
|
"""
|
|
188
189
|
Allow usage from any mount point within the namespace if 'true'
|
|
189
190
|
"""
|
|
@@ -191,7 +192,7 @@ class KeysAw(dict):
|
|
|
191
192
|
|
|
192
193
|
@property
|
|
193
194
|
@pulumi.getter
|
|
194
|
-
def curve(self) -> Optional[str]:
|
|
195
|
+
def curve(self) -> Optional[builtins.str]:
|
|
195
196
|
"""
|
|
196
197
|
The curve to use for an ECDSA key. Used when key_type is 'ECDSA'. Required if 'allow_generate_key' is true
|
|
197
198
|
"""
|
|
@@ -199,7 +200,7 @@ class KeysAw(dict):
|
|
|
199
200
|
|
|
200
201
|
@property
|
|
201
202
|
@pulumi.getter
|
|
202
|
-
def endpoint(self) -> Optional[str]:
|
|
203
|
+
def endpoint(self) -> Optional[builtins.str]:
|
|
203
204
|
"""
|
|
204
205
|
Used to specify a custom AWS endpoint
|
|
205
206
|
"""
|
|
@@ -207,7 +208,7 @@ class KeysAw(dict):
|
|
|
207
208
|
|
|
208
209
|
@property
|
|
209
210
|
@pulumi.getter
|
|
210
|
-
def region(self) -> Optional[str]:
|
|
211
|
+
def region(self) -> Optional[builtins.str]:
|
|
211
212
|
"""
|
|
212
213
|
The AWS region where the keys are stored (or will be stored)
|
|
213
214
|
"""
|
|
@@ -215,7 +216,7 @@ class KeysAw(dict):
|
|
|
215
216
|
|
|
216
217
|
@property
|
|
217
218
|
@pulumi.getter
|
|
218
|
-
def uuid(self) -> Optional[str]:
|
|
219
|
+
def uuid(self) -> Optional[builtins.str]:
|
|
219
220
|
"""
|
|
220
221
|
ID of the managed key read from Vault
|
|
221
222
|
"""
|
|
@@ -262,37 +263,37 @@ class KeysAzure(dict):
|
|
|
262
263
|
return super().get(key, default)
|
|
263
264
|
|
|
264
265
|
def __init__(__self__, *,
|
|
265
|
-
client_id: str,
|
|
266
|
-
client_secret: str,
|
|
267
|
-
key_name: str,
|
|
268
|
-
key_type: str,
|
|
269
|
-
name: str,
|
|
270
|
-
tenant_id: str,
|
|
271
|
-
vault_name: str,
|
|
272
|
-
allow_generate_key: Optional[bool] = None,
|
|
273
|
-
allow_replace_key: Optional[bool] = None,
|
|
274
|
-
allow_store_key: Optional[bool] = None,
|
|
275
|
-
any_mount: Optional[bool] = None,
|
|
276
|
-
environment: Optional[str] = None,
|
|
277
|
-
key_bits: Optional[str] = None,
|
|
278
|
-
resource: Optional[str] = None,
|
|
279
|
-
uuid: Optional[str] = None):
|
|
280
|
-
"""
|
|
281
|
-
:param str client_id: The client id for credentials to query the Azure APIs
|
|
282
|
-
:param str client_secret: The client secret for credentials to query the Azure APIs
|
|
283
|
-
:param str key_name: The Key Vault key to use for encryption and decryption
|
|
284
|
-
:param str key_type: The type of key to use
|
|
285
|
-
:param str name: A unique lowercase name that serves as identifying the key
|
|
286
|
-
:param str tenant_id: The tenant id for the Azure Active Directory organization
|
|
287
|
-
:param str vault_name: The Key Vault vault to use the encryption keys for encryption and decryption
|
|
288
|
-
:param bool allow_generate_key: If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
|
|
289
|
-
:param bool allow_replace_key: Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
|
|
290
|
-
:param bool allow_store_key: Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
|
|
291
|
-
:param bool any_mount: Allow usage from any mount point within the namespace if 'true'
|
|
292
|
-
:param str environment: The Azure Cloud environment API endpoints to use
|
|
293
|
-
:param str key_bits: The size in bits for an RSA key. This field is required when 'key_type' is 'RSA' or when 'allow_generate_key' is true
|
|
294
|
-
:param str resource: The Azure Key Vault resource's DNS Suffix to connect to
|
|
295
|
-
:param str uuid: ID of the managed key read from Vault
|
|
266
|
+
client_id: builtins.str,
|
|
267
|
+
client_secret: builtins.str,
|
|
268
|
+
key_name: builtins.str,
|
|
269
|
+
key_type: builtins.str,
|
|
270
|
+
name: builtins.str,
|
|
271
|
+
tenant_id: builtins.str,
|
|
272
|
+
vault_name: builtins.str,
|
|
273
|
+
allow_generate_key: Optional[builtins.bool] = None,
|
|
274
|
+
allow_replace_key: Optional[builtins.bool] = None,
|
|
275
|
+
allow_store_key: Optional[builtins.bool] = None,
|
|
276
|
+
any_mount: Optional[builtins.bool] = None,
|
|
277
|
+
environment: Optional[builtins.str] = None,
|
|
278
|
+
key_bits: Optional[builtins.str] = None,
|
|
279
|
+
resource: Optional[builtins.str] = None,
|
|
280
|
+
uuid: Optional[builtins.str] = None):
|
|
281
|
+
"""
|
|
282
|
+
:param builtins.str client_id: The client id for credentials to query the Azure APIs
|
|
283
|
+
:param builtins.str client_secret: The client secret for credentials to query the Azure APIs
|
|
284
|
+
:param builtins.str key_name: The Key Vault key to use for encryption and decryption
|
|
285
|
+
:param builtins.str key_type: The type of key to use
|
|
286
|
+
:param builtins.str name: A unique lowercase name that serves as identifying the key
|
|
287
|
+
:param builtins.str tenant_id: The tenant id for the Azure Active Directory organization
|
|
288
|
+
:param builtins.str vault_name: The Key Vault vault to use the encryption keys for encryption and decryption
|
|
289
|
+
:param builtins.bool allow_generate_key: If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
|
|
290
|
+
:param builtins.bool allow_replace_key: Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
|
|
291
|
+
:param builtins.bool allow_store_key: Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
|
|
292
|
+
:param builtins.bool any_mount: Allow usage from any mount point within the namespace if 'true'
|
|
293
|
+
:param builtins.str environment: The Azure Cloud environment API endpoints to use
|
|
294
|
+
:param builtins.str key_bits: The size in bits for an RSA key. This field is required when 'key_type' is 'RSA' or when 'allow_generate_key' is true
|
|
295
|
+
:param builtins.str resource: The Azure Key Vault resource's DNS Suffix to connect to
|
|
296
|
+
:param builtins.str uuid: ID of the managed key read from Vault
|
|
296
297
|
"""
|
|
297
298
|
pulumi.set(__self__, "client_id", client_id)
|
|
298
299
|
pulumi.set(__self__, "client_secret", client_secret)
|
|
@@ -320,7 +321,7 @@ class KeysAzure(dict):
|
|
|
320
321
|
|
|
321
322
|
@property
|
|
322
323
|
@pulumi.getter(name="clientId")
|
|
323
|
-
def client_id(self) -> str:
|
|
324
|
+
def client_id(self) -> builtins.str:
|
|
324
325
|
"""
|
|
325
326
|
The client id for credentials to query the Azure APIs
|
|
326
327
|
"""
|
|
@@ -328,7 +329,7 @@ class KeysAzure(dict):
|
|
|
328
329
|
|
|
329
330
|
@property
|
|
330
331
|
@pulumi.getter(name="clientSecret")
|
|
331
|
-
def client_secret(self) -> str:
|
|
332
|
+
def client_secret(self) -> builtins.str:
|
|
332
333
|
"""
|
|
333
334
|
The client secret for credentials to query the Azure APIs
|
|
334
335
|
"""
|
|
@@ -336,7 +337,7 @@ class KeysAzure(dict):
|
|
|
336
337
|
|
|
337
338
|
@property
|
|
338
339
|
@pulumi.getter(name="keyName")
|
|
339
|
-
def key_name(self) -> str:
|
|
340
|
+
def key_name(self) -> builtins.str:
|
|
340
341
|
"""
|
|
341
342
|
The Key Vault key to use for encryption and decryption
|
|
342
343
|
"""
|
|
@@ -344,7 +345,7 @@ class KeysAzure(dict):
|
|
|
344
345
|
|
|
345
346
|
@property
|
|
346
347
|
@pulumi.getter(name="keyType")
|
|
347
|
-
def key_type(self) -> str:
|
|
348
|
+
def key_type(self) -> builtins.str:
|
|
348
349
|
"""
|
|
349
350
|
The type of key to use
|
|
350
351
|
"""
|
|
@@ -352,7 +353,7 @@ class KeysAzure(dict):
|
|
|
352
353
|
|
|
353
354
|
@property
|
|
354
355
|
@pulumi.getter
|
|
355
|
-
def name(self) -> str:
|
|
356
|
+
def name(self) -> builtins.str:
|
|
356
357
|
"""
|
|
357
358
|
A unique lowercase name that serves as identifying the key
|
|
358
359
|
"""
|
|
@@ -360,7 +361,7 @@ class KeysAzure(dict):
|
|
|
360
361
|
|
|
361
362
|
@property
|
|
362
363
|
@pulumi.getter(name="tenantId")
|
|
363
|
-
def tenant_id(self) -> str:
|
|
364
|
+
def tenant_id(self) -> builtins.str:
|
|
364
365
|
"""
|
|
365
366
|
The tenant id for the Azure Active Directory organization
|
|
366
367
|
"""
|
|
@@ -368,7 +369,7 @@ class KeysAzure(dict):
|
|
|
368
369
|
|
|
369
370
|
@property
|
|
370
371
|
@pulumi.getter(name="vaultName")
|
|
371
|
-
def vault_name(self) -> str:
|
|
372
|
+
def vault_name(self) -> builtins.str:
|
|
372
373
|
"""
|
|
373
374
|
The Key Vault vault to use the encryption keys for encryption and decryption
|
|
374
375
|
"""
|
|
@@ -376,7 +377,7 @@ class KeysAzure(dict):
|
|
|
376
377
|
|
|
377
378
|
@property
|
|
378
379
|
@pulumi.getter(name="allowGenerateKey")
|
|
379
|
-
def allow_generate_key(self) -> Optional[bool]:
|
|
380
|
+
def allow_generate_key(self) -> Optional[builtins.bool]:
|
|
380
381
|
"""
|
|
381
382
|
If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
|
|
382
383
|
"""
|
|
@@ -384,7 +385,7 @@ class KeysAzure(dict):
|
|
|
384
385
|
|
|
385
386
|
@property
|
|
386
387
|
@pulumi.getter(name="allowReplaceKey")
|
|
387
|
-
def allow_replace_key(self) -> Optional[bool]:
|
|
388
|
+
def allow_replace_key(self) -> Optional[builtins.bool]:
|
|
388
389
|
"""
|
|
389
390
|
Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
|
|
390
391
|
"""
|
|
@@ -392,7 +393,7 @@ class KeysAzure(dict):
|
|
|
392
393
|
|
|
393
394
|
@property
|
|
394
395
|
@pulumi.getter(name="allowStoreKey")
|
|
395
|
-
def allow_store_key(self) -> Optional[bool]:
|
|
396
|
+
def allow_store_key(self) -> Optional[builtins.bool]:
|
|
396
397
|
"""
|
|
397
398
|
Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
|
|
398
399
|
"""
|
|
@@ -400,7 +401,7 @@ class KeysAzure(dict):
|
|
|
400
401
|
|
|
401
402
|
@property
|
|
402
403
|
@pulumi.getter(name="anyMount")
|
|
403
|
-
def any_mount(self) -> Optional[bool]:
|
|
404
|
+
def any_mount(self) -> Optional[builtins.bool]:
|
|
404
405
|
"""
|
|
405
406
|
Allow usage from any mount point within the namespace if 'true'
|
|
406
407
|
"""
|
|
@@ -408,7 +409,7 @@ class KeysAzure(dict):
|
|
|
408
409
|
|
|
409
410
|
@property
|
|
410
411
|
@pulumi.getter
|
|
411
|
-
def environment(self) -> Optional[str]:
|
|
412
|
+
def environment(self) -> Optional[builtins.str]:
|
|
412
413
|
"""
|
|
413
414
|
The Azure Cloud environment API endpoints to use
|
|
414
415
|
"""
|
|
@@ -416,7 +417,7 @@ class KeysAzure(dict):
|
|
|
416
417
|
|
|
417
418
|
@property
|
|
418
419
|
@pulumi.getter(name="keyBits")
|
|
419
|
-
def key_bits(self) -> Optional[str]:
|
|
420
|
+
def key_bits(self) -> Optional[builtins.str]:
|
|
420
421
|
"""
|
|
421
422
|
The size in bits for an RSA key. This field is required when 'key_type' is 'RSA' or when 'allow_generate_key' is true
|
|
422
423
|
"""
|
|
@@ -424,7 +425,7 @@ class KeysAzure(dict):
|
|
|
424
425
|
|
|
425
426
|
@property
|
|
426
427
|
@pulumi.getter
|
|
427
|
-
def resource(self) -> Optional[str]:
|
|
428
|
+
def resource(self) -> Optional[builtins.str]:
|
|
428
429
|
"""
|
|
429
430
|
The Azure Key Vault resource's DNS Suffix to connect to
|
|
430
431
|
"""
|
|
@@ -432,7 +433,7 @@ class KeysAzure(dict):
|
|
|
432
433
|
|
|
433
434
|
@property
|
|
434
435
|
@pulumi.getter
|
|
435
|
-
def uuid(self) -> Optional[str]:
|
|
436
|
+
def uuid(self) -> Optional[builtins.str]:
|
|
436
437
|
"""
|
|
437
438
|
ID of the managed key read from Vault
|
|
438
439
|
"""
|
|
@@ -475,39 +476,39 @@ class KeysPkc(dict):
|
|
|
475
476
|
return super().get(key, default)
|
|
476
477
|
|
|
477
478
|
def __init__(__self__, *,
|
|
478
|
-
key_id: str,
|
|
479
|
-
key_label: str,
|
|
480
|
-
library: str,
|
|
481
|
-
mechanism: str,
|
|
482
|
-
name: str,
|
|
483
|
-
pin: str,
|
|
484
|
-
allow_generate_key: Optional[bool] = None,
|
|
485
|
-
allow_replace_key: Optional[bool] = None,
|
|
486
|
-
allow_store_key: Optional[bool] = None,
|
|
487
|
-
any_mount: Optional[bool] = None,
|
|
488
|
-
curve: Optional[str] = None,
|
|
489
|
-
force_rw_session: Optional[str] = None,
|
|
490
|
-
key_bits: Optional[str] = None,
|
|
491
|
-
slot: Optional[str] = None,
|
|
492
|
-
token_label: Optional[str] = None,
|
|
493
|
-
uuid: Optional[str] = None):
|
|
494
|
-
"""
|
|
495
|
-
:param str key_id: The id of a PKCS#11 key to use
|
|
496
|
-
:param str key_label: The label of the key to use
|
|
497
|
-
:param str library: The name of the kms_library stanza to use from Vault's config to lookup the local library path
|
|
498
|
-
:param str mechanism: The encryption/decryption mechanism to use, specified as a hexadecimal (prefixed by 0x) string.
|
|
499
|
-
:param str name: A unique lowercase name that serves as identifying the key
|
|
500
|
-
:param str pin: The PIN for login
|
|
501
|
-
:param bool allow_generate_key: If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
|
|
502
|
-
:param bool allow_replace_key: Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
|
|
503
|
-
:param bool allow_store_key: Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
|
|
504
|
-
:param bool any_mount: Allow usage from any mount point within the namespace if 'true'
|
|
505
|
-
:param str curve: Supplies the curve value when using the 'CKM_ECDSA' mechanism. Required if 'allow_generate_key' is true
|
|
506
|
-
:param str force_rw_session: Force all operations to open up a read-write session to the HSM
|
|
507
|
-
:param str key_bits: Supplies the size in bits of the key when using 'CKM_RSA_PKCS_PSS', 'CKM_RSA_PKCS_OAEP' or 'CKM_RSA_PKCS' as a value for 'mechanism'. Required if 'allow_generate_key' is true
|
|
508
|
-
:param str slot: The slot number to use, specified as a string in a decimal format (e.g. '2305843009213693953')
|
|
509
|
-
:param str token_label: The slot token label to use
|
|
510
|
-
:param str uuid: ID of the managed key read from Vault
|
|
479
|
+
key_id: builtins.str,
|
|
480
|
+
key_label: builtins.str,
|
|
481
|
+
library: builtins.str,
|
|
482
|
+
mechanism: builtins.str,
|
|
483
|
+
name: builtins.str,
|
|
484
|
+
pin: builtins.str,
|
|
485
|
+
allow_generate_key: Optional[builtins.bool] = None,
|
|
486
|
+
allow_replace_key: Optional[builtins.bool] = None,
|
|
487
|
+
allow_store_key: Optional[builtins.bool] = None,
|
|
488
|
+
any_mount: Optional[builtins.bool] = None,
|
|
489
|
+
curve: Optional[builtins.str] = None,
|
|
490
|
+
force_rw_session: Optional[builtins.str] = None,
|
|
491
|
+
key_bits: Optional[builtins.str] = None,
|
|
492
|
+
slot: Optional[builtins.str] = None,
|
|
493
|
+
token_label: Optional[builtins.str] = None,
|
|
494
|
+
uuid: Optional[builtins.str] = None):
|
|
495
|
+
"""
|
|
496
|
+
:param builtins.str key_id: The id of a PKCS#11 key to use
|
|
497
|
+
:param builtins.str key_label: The label of the key to use
|
|
498
|
+
:param builtins.str library: The name of the kms_library stanza to use from Vault's config to lookup the local library path
|
|
499
|
+
:param builtins.str mechanism: The encryption/decryption mechanism to use, specified as a hexadecimal (prefixed by 0x) string.
|
|
500
|
+
:param builtins.str name: A unique lowercase name that serves as identifying the key
|
|
501
|
+
:param builtins.str pin: The PIN for login
|
|
502
|
+
:param builtins.bool allow_generate_key: If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
|
|
503
|
+
:param builtins.bool allow_replace_key: Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
|
|
504
|
+
:param builtins.bool allow_store_key: Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
|
|
505
|
+
:param builtins.bool any_mount: Allow usage from any mount point within the namespace if 'true'
|
|
506
|
+
:param builtins.str curve: Supplies the curve value when using the 'CKM_ECDSA' mechanism. Required if 'allow_generate_key' is true
|
|
507
|
+
:param builtins.str force_rw_session: Force all operations to open up a read-write session to the HSM
|
|
508
|
+
:param builtins.str key_bits: Supplies the size in bits of the key when using 'CKM_RSA_PKCS_PSS', 'CKM_RSA_PKCS_OAEP' or 'CKM_RSA_PKCS' as a value for 'mechanism'. Required if 'allow_generate_key' is true
|
|
509
|
+
:param builtins.str slot: The slot number to use, specified as a string in a decimal format (e.g. '2305843009213693953')
|
|
510
|
+
:param builtins.str token_label: The slot token label to use
|
|
511
|
+
:param builtins.str uuid: ID of the managed key read from Vault
|
|
511
512
|
"""
|
|
512
513
|
pulumi.set(__self__, "key_id", key_id)
|
|
513
514
|
pulumi.set(__self__, "key_label", key_label)
|
|
@@ -538,7 +539,7 @@ class KeysPkc(dict):
|
|
|
538
539
|
|
|
539
540
|
@property
|
|
540
541
|
@pulumi.getter(name="keyId")
|
|
541
|
-
def key_id(self) -> str:
|
|
542
|
+
def key_id(self) -> builtins.str:
|
|
542
543
|
"""
|
|
543
544
|
The id of a PKCS#11 key to use
|
|
544
545
|
"""
|
|
@@ -546,7 +547,7 @@ class KeysPkc(dict):
|
|
|
546
547
|
|
|
547
548
|
@property
|
|
548
549
|
@pulumi.getter(name="keyLabel")
|
|
549
|
-
def key_label(self) -> str:
|
|
550
|
+
def key_label(self) -> builtins.str:
|
|
550
551
|
"""
|
|
551
552
|
The label of the key to use
|
|
552
553
|
"""
|
|
@@ -554,7 +555,7 @@ class KeysPkc(dict):
|
|
|
554
555
|
|
|
555
556
|
@property
|
|
556
557
|
@pulumi.getter
|
|
557
|
-
def library(self) -> str:
|
|
558
|
+
def library(self) -> builtins.str:
|
|
558
559
|
"""
|
|
559
560
|
The name of the kms_library stanza to use from Vault's config to lookup the local library path
|
|
560
561
|
"""
|
|
@@ -562,7 +563,7 @@ class KeysPkc(dict):
|
|
|
562
563
|
|
|
563
564
|
@property
|
|
564
565
|
@pulumi.getter
|
|
565
|
-
def mechanism(self) -> str:
|
|
566
|
+
def mechanism(self) -> builtins.str:
|
|
566
567
|
"""
|
|
567
568
|
The encryption/decryption mechanism to use, specified as a hexadecimal (prefixed by 0x) string.
|
|
568
569
|
"""
|
|
@@ -570,7 +571,7 @@ class KeysPkc(dict):
|
|
|
570
571
|
|
|
571
572
|
@property
|
|
572
573
|
@pulumi.getter
|
|
573
|
-
def name(self) -> str:
|
|
574
|
+
def name(self) -> builtins.str:
|
|
574
575
|
"""
|
|
575
576
|
A unique lowercase name that serves as identifying the key
|
|
576
577
|
"""
|
|
@@ -578,7 +579,7 @@ class KeysPkc(dict):
|
|
|
578
579
|
|
|
579
580
|
@property
|
|
580
581
|
@pulumi.getter
|
|
581
|
-
def pin(self) -> str:
|
|
582
|
+
def pin(self) -> builtins.str:
|
|
582
583
|
"""
|
|
583
584
|
The PIN for login
|
|
584
585
|
"""
|
|
@@ -586,7 +587,7 @@ class KeysPkc(dict):
|
|
|
586
587
|
|
|
587
588
|
@property
|
|
588
589
|
@pulumi.getter(name="allowGenerateKey")
|
|
589
|
-
def allow_generate_key(self) -> Optional[bool]:
|
|
590
|
+
def allow_generate_key(self) -> Optional[builtins.bool]:
|
|
590
591
|
"""
|
|
591
592
|
If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
|
|
592
593
|
"""
|
|
@@ -594,7 +595,7 @@ class KeysPkc(dict):
|
|
|
594
595
|
|
|
595
596
|
@property
|
|
596
597
|
@pulumi.getter(name="allowReplaceKey")
|
|
597
|
-
def allow_replace_key(self) -> Optional[bool]:
|
|
598
|
+
def allow_replace_key(self) -> Optional[builtins.bool]:
|
|
598
599
|
"""
|
|
599
600
|
Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
|
|
600
601
|
"""
|
|
@@ -602,7 +603,7 @@ class KeysPkc(dict):
|
|
|
602
603
|
|
|
603
604
|
@property
|
|
604
605
|
@pulumi.getter(name="allowStoreKey")
|
|
605
|
-
def allow_store_key(self) -> Optional[bool]:
|
|
606
|
+
def allow_store_key(self) -> Optional[builtins.bool]:
|
|
606
607
|
"""
|
|
607
608
|
Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
|
|
608
609
|
"""
|
|
@@ -610,7 +611,7 @@ class KeysPkc(dict):
|
|
|
610
611
|
|
|
611
612
|
@property
|
|
612
613
|
@pulumi.getter(name="anyMount")
|
|
613
|
-
def any_mount(self) -> Optional[bool]:
|
|
614
|
+
def any_mount(self) -> Optional[builtins.bool]:
|
|
614
615
|
"""
|
|
615
616
|
Allow usage from any mount point within the namespace if 'true'
|
|
616
617
|
"""
|
|
@@ -618,7 +619,7 @@ class KeysPkc(dict):
|
|
|
618
619
|
|
|
619
620
|
@property
|
|
620
621
|
@pulumi.getter
|
|
621
|
-
def curve(self) -> Optional[str]:
|
|
622
|
+
def curve(self) -> Optional[builtins.str]:
|
|
622
623
|
"""
|
|
623
624
|
Supplies the curve value when using the 'CKM_ECDSA' mechanism. Required if 'allow_generate_key' is true
|
|
624
625
|
"""
|
|
@@ -626,7 +627,7 @@ class KeysPkc(dict):
|
|
|
626
627
|
|
|
627
628
|
@property
|
|
628
629
|
@pulumi.getter(name="forceRwSession")
|
|
629
|
-
def force_rw_session(self) -> Optional[str]:
|
|
630
|
+
def force_rw_session(self) -> Optional[builtins.str]:
|
|
630
631
|
"""
|
|
631
632
|
Force all operations to open up a read-write session to the HSM
|
|
632
633
|
"""
|
|
@@ -634,7 +635,7 @@ class KeysPkc(dict):
|
|
|
634
635
|
|
|
635
636
|
@property
|
|
636
637
|
@pulumi.getter(name="keyBits")
|
|
637
|
-
def key_bits(self) -> Optional[str]:
|
|
638
|
+
def key_bits(self) -> Optional[builtins.str]:
|
|
638
639
|
"""
|
|
639
640
|
Supplies the size in bits of the key when using 'CKM_RSA_PKCS_PSS', 'CKM_RSA_PKCS_OAEP' or 'CKM_RSA_PKCS' as a value for 'mechanism'. Required if 'allow_generate_key' is true
|
|
640
641
|
"""
|
|
@@ -642,7 +643,7 @@ class KeysPkc(dict):
|
|
|
642
643
|
|
|
643
644
|
@property
|
|
644
645
|
@pulumi.getter
|
|
645
|
-
def slot(self) -> Optional[str]:
|
|
646
|
+
def slot(self) -> Optional[builtins.str]:
|
|
646
647
|
"""
|
|
647
648
|
The slot number to use, specified as a string in a decimal format (e.g. '2305843009213693953')
|
|
648
649
|
"""
|
|
@@ -650,7 +651,7 @@ class KeysPkc(dict):
|
|
|
650
651
|
|
|
651
652
|
@property
|
|
652
653
|
@pulumi.getter(name="tokenLabel")
|
|
653
|
-
def token_label(self) -> Optional[str]:
|
|
654
|
+
def token_label(self) -> Optional[builtins.str]:
|
|
654
655
|
"""
|
|
655
656
|
The slot token label to use
|
|
656
657
|
"""
|
|
@@ -658,7 +659,7 @@ class KeysPkc(dict):
|
|
|
658
659
|
|
|
659
660
|
@property
|
|
660
661
|
@pulumi.getter
|
|
661
|
-
def uuid(self) -> Optional[str]:
|
|
662
|
+
def uuid(self) -> Optional[builtins.str]:
|
|
662
663
|
"""
|
|
663
664
|
ID of the managed key read from Vault
|
|
664
665
|
"""
|