pulumi-vault 6.7.0a1743576047__py3-none-any.whl → 6.7.0a1744267302__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_vault/__init__.py +1 -0
- pulumi_vault/_inputs.py +554 -553
- pulumi_vault/ad/__init__.py +1 -0
- pulumi_vault/ad/get_access_credentials.py +20 -19
- pulumi_vault/ad/secret_backend.py +477 -476
- pulumi_vault/ad/secret_library.py +99 -98
- pulumi_vault/ad/secret_role.py +85 -84
- pulumi_vault/alicloud/__init__.py +1 -0
- pulumi_vault/alicloud/auth_backend_role.py +183 -182
- pulumi_vault/approle/__init__.py +1 -0
- pulumi_vault/approle/auth_backend_login.py +106 -105
- pulumi_vault/approle/auth_backend_role.py +239 -238
- pulumi_vault/approle/auth_backend_role_secret_id.py +162 -161
- pulumi_vault/approle/get_auth_backend_role_id.py +18 -17
- pulumi_vault/audit.py +85 -84
- pulumi_vault/audit_request_header.py +43 -42
- pulumi_vault/auth_backend.py +106 -105
- pulumi_vault/aws/__init__.py +1 -0
- pulumi_vault/aws/auth_backend_cert.py +71 -70
- pulumi_vault/aws/auth_backend_client.py +253 -252
- pulumi_vault/aws/auth_backend_config_identity.py +85 -84
- pulumi_vault/aws/auth_backend_identity_whitelist.py +57 -56
- pulumi_vault/aws/auth_backend_login.py +209 -208
- pulumi_vault/aws/auth_backend_role.py +400 -399
- pulumi_vault/aws/auth_backend_role_tag.py +127 -126
- pulumi_vault/aws/auth_backend_roletag_blacklist.py +57 -56
- pulumi_vault/aws/auth_backend_sts_role.py +71 -70
- pulumi_vault/aws/get_access_credentials.py +44 -43
- pulumi_vault/aws/get_static_access_credentials.py +13 -12
- pulumi_vault/aws/secret_backend.py +337 -336
- pulumi_vault/aws/secret_backend_role.py +211 -210
- pulumi_vault/aws/secret_backend_static_role.py +113 -112
- pulumi_vault/azure/__init__.py +1 -0
- pulumi_vault/azure/_inputs.py +21 -20
- pulumi_vault/azure/auth_backend_config.py +183 -182
- pulumi_vault/azure/auth_backend_role.py +253 -252
- pulumi_vault/azure/backend.py +239 -238
- pulumi_vault/azure/backend_role.py +141 -140
- pulumi_vault/azure/get_access_credentials.py +58 -57
- pulumi_vault/azure/outputs.py +11 -10
- pulumi_vault/cert_auth_backend_role.py +365 -364
- pulumi_vault/config/__init__.py +1 -0
- pulumi_vault/config/__init__.pyi +1 -0
- pulumi_vault/config/_inputs.py +11 -10
- pulumi_vault/config/outputs.py +287 -286
- pulumi_vault/config/ui_custom_message.py +113 -112
- pulumi_vault/config/vars.py +1 -0
- pulumi_vault/consul/__init__.py +1 -0
- pulumi_vault/consul/secret_backend.py +197 -196
- pulumi_vault/consul/secret_backend_role.py +183 -182
- pulumi_vault/database/__init__.py +1 -0
- pulumi_vault/database/_inputs.py +2525 -2524
- pulumi_vault/database/outputs.py +1529 -1528
- pulumi_vault/database/secret_backend_connection.py +169 -168
- pulumi_vault/database/secret_backend_role.py +169 -168
- pulumi_vault/database/secret_backend_static_role.py +179 -178
- pulumi_vault/database/secrets_mount.py +267 -266
- pulumi_vault/egp_policy.py +71 -70
- pulumi_vault/gcp/__init__.py +1 -0
- pulumi_vault/gcp/_inputs.py +82 -81
- pulumi_vault/gcp/auth_backend.py +260 -259
- pulumi_vault/gcp/auth_backend_role.py +281 -280
- pulumi_vault/gcp/get_auth_backend_role.py +70 -69
- pulumi_vault/gcp/outputs.py +50 -49
- pulumi_vault/gcp/secret_backend.py +232 -231
- pulumi_vault/gcp/secret_impersonated_account.py +92 -91
- pulumi_vault/gcp/secret_roleset.py +92 -91
- pulumi_vault/gcp/secret_static_account.py +92 -91
- pulumi_vault/generic/__init__.py +1 -0
- pulumi_vault/generic/endpoint.py +113 -112
- pulumi_vault/generic/get_secret.py +28 -27
- pulumi_vault/generic/secret.py +78 -77
- pulumi_vault/get_auth_backend.py +19 -18
- pulumi_vault/get_auth_backends.py +14 -13
- pulumi_vault/get_namespace.py +15 -14
- pulumi_vault/get_namespaces.py +8 -7
- pulumi_vault/get_nomad_access_token.py +19 -18
- pulumi_vault/get_policy_document.py +6 -5
- pulumi_vault/get_raft_autopilot_state.py +18 -17
- pulumi_vault/github/__init__.py +1 -0
- pulumi_vault/github/_inputs.py +42 -41
- pulumi_vault/github/auth_backend.py +232 -231
- pulumi_vault/github/outputs.py +26 -25
- pulumi_vault/github/team.py +57 -56
- pulumi_vault/github/user.py +57 -56
- pulumi_vault/identity/__init__.py +1 -0
- pulumi_vault/identity/entity.py +85 -84
- pulumi_vault/identity/entity_alias.py +71 -70
- pulumi_vault/identity/entity_policies.py +64 -63
- pulumi_vault/identity/get_entity.py +43 -42
- pulumi_vault/identity/get_group.py +50 -49
- pulumi_vault/identity/get_oidc_client_creds.py +14 -13
- pulumi_vault/identity/get_oidc_openid_config.py +24 -23
- pulumi_vault/identity/get_oidc_public_keys.py +13 -12
- pulumi_vault/identity/group.py +141 -140
- pulumi_vault/identity/group_alias.py +57 -56
- pulumi_vault/identity/group_member_entity_ids.py +57 -56
- pulumi_vault/identity/group_member_group_ids.py +57 -56
- pulumi_vault/identity/group_policies.py +64 -63
- pulumi_vault/identity/mfa_duo.py +148 -147
- pulumi_vault/identity/mfa_login_enforcement.py +120 -119
- pulumi_vault/identity/mfa_okta.py +134 -133
- pulumi_vault/identity/mfa_pingid.py +127 -126
- pulumi_vault/identity/mfa_totp.py +176 -175
- pulumi_vault/identity/oidc.py +29 -28
- pulumi_vault/identity/oidc_assignment.py +57 -56
- pulumi_vault/identity/oidc_client.py +127 -126
- pulumi_vault/identity/oidc_key.py +85 -84
- pulumi_vault/identity/oidc_key_allowed_client_id.py +43 -42
- pulumi_vault/identity/oidc_provider.py +92 -91
- pulumi_vault/identity/oidc_role.py +85 -84
- pulumi_vault/identity/oidc_scope.py +57 -56
- pulumi_vault/identity/outputs.py +32 -31
- pulumi_vault/jwt/__init__.py +1 -0
- pulumi_vault/jwt/_inputs.py +42 -41
- pulumi_vault/jwt/auth_backend.py +288 -287
- pulumi_vault/jwt/auth_backend_role.py +407 -406
- pulumi_vault/jwt/outputs.py +26 -25
- pulumi_vault/kmip/__init__.py +1 -0
- pulumi_vault/kmip/secret_backend.py +183 -182
- pulumi_vault/kmip/secret_role.py +295 -294
- pulumi_vault/kmip/secret_scope.py +57 -56
- pulumi_vault/kubernetes/__init__.py +1 -0
- pulumi_vault/kubernetes/auth_backend_config.py +141 -140
- pulumi_vault/kubernetes/auth_backend_role.py +225 -224
- pulumi_vault/kubernetes/get_auth_backend_config.py +47 -46
- pulumi_vault/kubernetes/get_auth_backend_role.py +70 -69
- pulumi_vault/kubernetes/get_service_account_token.py +38 -37
- pulumi_vault/kubernetes/secret_backend.py +316 -315
- pulumi_vault/kubernetes/secret_backend_role.py +197 -196
- pulumi_vault/kv/__init__.py +1 -0
- pulumi_vault/kv/_inputs.py +21 -20
- pulumi_vault/kv/get_secret.py +17 -16
- pulumi_vault/kv/get_secret_subkeys_v2.py +30 -29
- pulumi_vault/kv/get_secret_v2.py +29 -28
- pulumi_vault/kv/get_secrets_list.py +13 -12
- pulumi_vault/kv/get_secrets_list_v2.py +19 -18
- pulumi_vault/kv/outputs.py +13 -12
- pulumi_vault/kv/secret.py +50 -49
- pulumi_vault/kv/secret_backend_v2.py +71 -70
- pulumi_vault/kv/secret_v2.py +134 -133
- pulumi_vault/ldap/__init__.py +1 -0
- pulumi_vault/ldap/auth_backend.py +588 -587
- pulumi_vault/ldap/auth_backend_group.py +57 -56
- pulumi_vault/ldap/auth_backend_user.py +71 -70
- pulumi_vault/ldap/get_dynamic_credentials.py +17 -16
- pulumi_vault/ldap/get_static_credentials.py +18 -17
- pulumi_vault/ldap/secret_backend.py +554 -553
- pulumi_vault/ldap/secret_backend_dynamic_role.py +127 -126
- pulumi_vault/ldap/secret_backend_library_set.py +99 -98
- pulumi_vault/ldap/secret_backend_static_role.py +99 -98
- pulumi_vault/managed/__init__.py +1 -0
- pulumi_vault/managed/_inputs.py +229 -228
- pulumi_vault/managed/keys.py +15 -14
- pulumi_vault/managed/outputs.py +139 -138
- pulumi_vault/mfa_duo.py +113 -112
- pulumi_vault/mfa_okta.py +113 -112
- pulumi_vault/mfa_pingid.py +120 -119
- pulumi_vault/mfa_totp.py +127 -126
- pulumi_vault/mongodbatlas/__init__.py +1 -0
- pulumi_vault/mongodbatlas/secret_backend.py +64 -63
- pulumi_vault/mongodbatlas/secret_role.py +155 -154
- pulumi_vault/mount.py +274 -273
- pulumi_vault/namespace.py +64 -63
- pulumi_vault/nomad_secret_backend.py +211 -210
- pulumi_vault/nomad_secret_role.py +85 -84
- pulumi_vault/okta/__init__.py +1 -0
- pulumi_vault/okta/_inputs.py +26 -25
- pulumi_vault/okta/auth_backend.py +274 -273
- pulumi_vault/okta/auth_backend_group.py +57 -56
- pulumi_vault/okta/auth_backend_user.py +71 -70
- pulumi_vault/okta/outputs.py +16 -15
- pulumi_vault/outputs.py +56 -55
- pulumi_vault/password_policy.py +43 -42
- pulumi_vault/pkisecret/__init__.py +1 -0
- pulumi_vault/pkisecret/_inputs.py +31 -30
- pulumi_vault/pkisecret/backend_acme_eab.py +92 -91
- pulumi_vault/pkisecret/backend_config_acme.py +141 -140
- pulumi_vault/pkisecret/backend_config_auto_tidy.py +323 -322
- pulumi_vault/pkisecret/backend_config_cluster.py +57 -56
- pulumi_vault/pkisecret/backend_config_cmpv2.py +106 -105
- pulumi_vault/pkisecret/backend_config_est.py +120 -119
- pulumi_vault/pkisecret/get_backend_cert_metadata.py +22 -21
- pulumi_vault/pkisecret/get_backend_config_cmpv2.py +22 -21
- pulumi_vault/pkisecret/get_backend_config_est.py +19 -18
- pulumi_vault/pkisecret/get_backend_issuer.py +45 -44
- pulumi_vault/pkisecret/get_backend_issuers.py +15 -14
- pulumi_vault/pkisecret/get_backend_key.py +20 -19
- pulumi_vault/pkisecret/get_backend_keys.py +15 -14
- pulumi_vault/pkisecret/outputs.py +28 -27
- pulumi_vault/pkisecret/secret_backend_cert.py +337 -336
- pulumi_vault/pkisecret/secret_backend_config_ca.py +43 -42
- pulumi_vault/pkisecret/secret_backend_config_issuers.py +57 -56
- pulumi_vault/pkisecret/secret_backend_config_urls.py +85 -84
- pulumi_vault/pkisecret/secret_backend_crl_config.py +197 -196
- pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +421 -420
- pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +57 -56
- pulumi_vault/pkisecret/secret_backend_issuer.py +232 -231
- pulumi_vault/pkisecret/secret_backend_key.py +120 -119
- pulumi_vault/pkisecret/secret_backend_role.py +715 -714
- pulumi_vault/pkisecret/secret_backend_root_cert.py +554 -553
- pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +526 -525
- pulumi_vault/pkisecret/secret_backend_sign.py +281 -280
- pulumi_vault/plugin.py +127 -126
- pulumi_vault/plugin_pinned_version.py +43 -42
- pulumi_vault/policy.py +43 -42
- pulumi_vault/provider.py +120 -119
- pulumi_vault/pulumi-plugin.json +1 -1
- pulumi_vault/quota_lease_count.py +85 -84
- pulumi_vault/quota_rate_limit.py +113 -112
- pulumi_vault/rabbitmq/__init__.py +1 -0
- pulumi_vault/rabbitmq/_inputs.py +41 -40
- pulumi_vault/rabbitmq/outputs.py +25 -24
- pulumi_vault/rabbitmq/secret_backend.py +169 -168
- pulumi_vault/rabbitmq/secret_backend_role.py +57 -56
- pulumi_vault/raft_autopilot.py +113 -112
- pulumi_vault/raft_snapshot_agent_config.py +393 -392
- pulumi_vault/rgp_policy.py +57 -56
- pulumi_vault/saml/__init__.py +1 -0
- pulumi_vault/saml/auth_backend.py +155 -154
- pulumi_vault/saml/auth_backend_role.py +239 -238
- pulumi_vault/secrets/__init__.py +1 -0
- pulumi_vault/secrets/_inputs.py +16 -15
- pulumi_vault/secrets/outputs.py +10 -9
- pulumi_vault/secrets/sync_association.py +71 -70
- pulumi_vault/secrets/sync_aws_destination.py +148 -147
- pulumi_vault/secrets/sync_azure_destination.py +148 -147
- pulumi_vault/secrets/sync_config.py +43 -42
- pulumi_vault/secrets/sync_gcp_destination.py +106 -105
- pulumi_vault/secrets/sync_gh_destination.py +134 -133
- pulumi_vault/secrets/sync_github_apps.py +64 -63
- pulumi_vault/secrets/sync_vercel_destination.py +120 -119
- pulumi_vault/ssh/__init__.py +1 -0
- pulumi_vault/ssh/_inputs.py +11 -10
- pulumi_vault/ssh/get_secret_backend_sign.py +52 -51
- pulumi_vault/ssh/outputs.py +7 -6
- pulumi_vault/ssh/secret_backend_ca.py +99 -98
- pulumi_vault/ssh/secret_backend_role.py +365 -364
- pulumi_vault/terraformcloud/__init__.py +1 -0
- pulumi_vault/terraformcloud/secret_backend.py +111 -110
- pulumi_vault/terraformcloud/secret_creds.py +74 -73
- pulumi_vault/terraformcloud/secret_role.py +93 -92
- pulumi_vault/token.py +246 -245
- pulumi_vault/tokenauth/__init__.py +1 -0
- pulumi_vault/tokenauth/auth_backend_role.py +267 -266
- pulumi_vault/transform/__init__.py +1 -0
- pulumi_vault/transform/alphabet.py +57 -56
- pulumi_vault/transform/get_decode.py +47 -46
- pulumi_vault/transform/get_encode.py +47 -46
- pulumi_vault/transform/role.py +57 -56
- pulumi_vault/transform/template.py +113 -112
- pulumi_vault/transform/transformation.py +141 -140
- pulumi_vault/transit/__init__.py +1 -0
- pulumi_vault/transit/get_decrypt.py +18 -17
- pulumi_vault/transit/get_encrypt.py +21 -20
- pulumi_vault/transit/get_sign.py +54 -53
- pulumi_vault/transit/get_verify.py +60 -59
- pulumi_vault/transit/secret_backend_key.py +274 -273
- pulumi_vault/transit/secret_cache_config.py +43 -42
- {pulumi_vault-6.7.0a1743576047.dist-info → pulumi_vault-6.7.0a1744267302.dist-info}/METADATA +1 -1
- pulumi_vault-6.7.0a1744267302.dist-info/RECORD +265 -0
- pulumi_vault-6.7.0a1743576047.dist-info/RECORD +0 -265
- {pulumi_vault-6.7.0a1743576047.dist-info → pulumi_vault-6.7.0a1744267302.dist-info}/WHEEL +0 -0
- {pulumi_vault-6.7.0a1743576047.dist-info → pulumi_vault-6.7.0a1744267302.dist-info}/top_level.txt +0 -0
@@ -2,6 +2,7 @@
|
|
2
2
|
# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
|
3
3
|
# *** Do not edit by hand unless you're certain you know what you are doing! ***
|
4
4
|
|
5
|
+
import builtins
|
5
6
|
import copy
|
6
7
|
import warnings
|
7
8
|
import sys
|
@@ -21,56 +22,56 @@ __all__ = ['AuthBackendArgs', 'AuthBackend']
|
|
21
22
|
@pulumi.input_type
|
22
23
|
class AuthBackendArgs:
|
23
24
|
def __init__(__self__, *,
|
24
|
-
organization: pulumi.Input[str],
|
25
|
-
base_url: Optional[pulumi.Input[str]] = None,
|
26
|
-
bypass_okta_mfa: Optional[pulumi.Input[bool]] = None,
|
27
|
-
description: Optional[pulumi.Input[str]] = None,
|
28
|
-
disable_remount: Optional[pulumi.Input[bool]] = None,
|
25
|
+
organization: pulumi.Input[builtins.str],
|
26
|
+
base_url: Optional[pulumi.Input[builtins.str]] = None,
|
27
|
+
bypass_okta_mfa: Optional[pulumi.Input[builtins.bool]] = None,
|
28
|
+
description: Optional[pulumi.Input[builtins.str]] = None,
|
29
|
+
disable_remount: Optional[pulumi.Input[builtins.bool]] = None,
|
29
30
|
groups: Optional[pulumi.Input[Sequence[pulumi.Input['AuthBackendGroupArgs']]]] = None,
|
30
|
-
max_ttl: Optional[pulumi.Input[str]] = None,
|
31
|
-
namespace: Optional[pulumi.Input[str]] = None,
|
32
|
-
path: Optional[pulumi.Input[str]] = None,
|
33
|
-
token: Optional[pulumi.Input[str]] = None,
|
34
|
-
token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
35
|
-
token_explicit_max_ttl: Optional[pulumi.Input[int]] = None,
|
36
|
-
token_max_ttl: Optional[pulumi.Input[int]] = None,
|
37
|
-
token_no_default_policy: Optional[pulumi.Input[bool]] = None,
|
38
|
-
token_num_uses: Optional[pulumi.Input[int]] = None,
|
39
|
-
token_period: Optional[pulumi.Input[int]] = None,
|
40
|
-
token_policies: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
41
|
-
token_ttl: Optional[pulumi.Input[int]] = None,
|
42
|
-
token_type: Optional[pulumi.Input[str]] = None,
|
43
|
-
ttl: Optional[pulumi.Input[str]] = None,
|
31
|
+
max_ttl: Optional[pulumi.Input[builtins.str]] = None,
|
32
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None,
|
33
|
+
path: Optional[pulumi.Input[builtins.str]] = None,
|
34
|
+
token: Optional[pulumi.Input[builtins.str]] = None,
|
35
|
+
token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
36
|
+
token_explicit_max_ttl: Optional[pulumi.Input[builtins.int]] = None,
|
37
|
+
token_max_ttl: Optional[pulumi.Input[builtins.int]] = None,
|
38
|
+
token_no_default_policy: Optional[pulumi.Input[builtins.bool]] = None,
|
39
|
+
token_num_uses: Optional[pulumi.Input[builtins.int]] = None,
|
40
|
+
token_period: Optional[pulumi.Input[builtins.int]] = None,
|
41
|
+
token_policies: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
42
|
+
token_ttl: Optional[pulumi.Input[builtins.int]] = None,
|
43
|
+
token_type: Optional[pulumi.Input[builtins.str]] = None,
|
44
|
+
ttl: Optional[pulumi.Input[builtins.str]] = None,
|
44
45
|
users: Optional[pulumi.Input[Sequence[pulumi.Input['AuthBackendUserArgs']]]] = None):
|
45
46
|
"""
|
46
47
|
The set of arguments for constructing a AuthBackend resource.
|
47
|
-
:param pulumi.Input[str] organization: The Okta organization. This will be the first part of the url `https://XXX.okta.com`
|
48
|
-
:param pulumi.Input[str] base_url: The Okta url. Examples: oktapreview.com, okta.com
|
49
|
-
:param pulumi.Input[bool] bypass_okta_mfa: When true, requests by Okta for a MFA check will be bypassed. This also disallows certain status checks on the account, such as whether the password is expired.
|
50
|
-
:param pulumi.Input[str] description: The description of the auth backend
|
51
|
-
:param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
|
48
|
+
:param pulumi.Input[builtins.str] organization: The Okta organization. This will be the first part of the url `https://XXX.okta.com`
|
49
|
+
:param pulumi.Input[builtins.str] base_url: The Okta url. Examples: oktapreview.com, okta.com
|
50
|
+
:param pulumi.Input[builtins.bool] bypass_okta_mfa: When true, requests by Okta for a MFA check will be bypassed. This also disallows certain status checks on the account, such as whether the password is expired.
|
51
|
+
:param pulumi.Input[builtins.str] description: The description of the auth backend
|
52
|
+
:param pulumi.Input[builtins.bool] disable_remount: If set, opts out of mount migration on path updates.
|
52
53
|
See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
|
53
54
|
:param pulumi.Input[Sequence[pulumi.Input['AuthBackendGroupArgs']]] groups: Associate Okta groups with policies within Vault.
|
54
55
|
See below for more details.
|
55
|
-
:param pulumi.Input[str] max_ttl: Maximum duration after which authentication will be expired
|
56
|
+
:param pulumi.Input[builtins.str] max_ttl: Maximum duration after which authentication will be expired
|
56
57
|
[See the documentation for info on valid duration formats](https://golang.org/pkg/time/#ParseDuration).
|
57
|
-
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
58
|
+
:param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
|
58
59
|
The value should not contain leading or trailing forward slashes.
|
59
60
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
60
61
|
*Available only for Vault Enterprise*.
|
61
|
-
:param pulumi.Input[str] path: Path to mount the Okta auth backend. Default to path `okta`.
|
62
|
-
:param pulumi.Input[str] token: The Okta API token. This is required to query Okta for user group membership.
|
62
|
+
:param pulumi.Input[builtins.str] path: Path to mount the Okta auth backend. Default to path `okta`.
|
63
|
+
:param pulumi.Input[builtins.str] token: The Okta API token. This is required to query Okta for user group membership.
|
63
64
|
If this is not supplied only locally configured groups will be enabled.
|
64
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
|
65
|
-
:param pulumi.Input[int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
|
66
|
-
:param pulumi.Input[int] token_max_ttl: The maximum lifetime of the generated token
|
67
|
-
:param pulumi.Input[bool] token_no_default_policy: If true, the 'default' policy will not automatically be added to generated tokens
|
68
|
-
:param pulumi.Input[int] token_num_uses: The maximum number of times a token may be used, a value of zero means unlimited
|
69
|
-
:param pulumi.Input[int] token_period: Generated Token's Period
|
70
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] token_policies: Generated Token's Policies
|
71
|
-
:param pulumi.Input[int] token_ttl: The initial ttl of the token to generate in seconds
|
72
|
-
:param pulumi.Input[str] token_type: The type of token to generate, service or batch
|
73
|
-
:param pulumi.Input[str] ttl: Duration after which authentication will be expired.
|
65
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
|
66
|
+
:param pulumi.Input[builtins.int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
|
67
|
+
:param pulumi.Input[builtins.int] token_max_ttl: The maximum lifetime of the generated token
|
68
|
+
:param pulumi.Input[builtins.bool] token_no_default_policy: If true, the 'default' policy will not automatically be added to generated tokens
|
69
|
+
:param pulumi.Input[builtins.int] token_num_uses: The maximum number of times a token may be used, a value of zero means unlimited
|
70
|
+
:param pulumi.Input[builtins.int] token_period: Generated Token's Period
|
71
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] token_policies: Generated Token's Policies
|
72
|
+
:param pulumi.Input[builtins.int] token_ttl: The initial ttl of the token to generate in seconds
|
73
|
+
:param pulumi.Input[builtins.str] token_type: The type of token to generate, service or batch
|
74
|
+
:param pulumi.Input[builtins.str] ttl: Duration after which authentication will be expired.
|
74
75
|
[See the documentation for info on valid duration formats](https://golang.org/pkg/time/#ParseDuration).
|
75
76
|
:param pulumi.Input[Sequence[pulumi.Input['AuthBackendUserArgs']]] users: Associate Okta users with groups or policies within Vault.
|
76
77
|
See below for more details.
|
@@ -125,55 +126,55 @@ class AuthBackendArgs:
|
|
125
126
|
|
126
127
|
@property
|
127
128
|
@pulumi.getter
|
128
|
-
def organization(self) -> pulumi.Input[str]:
|
129
|
+
def organization(self) -> pulumi.Input[builtins.str]:
|
129
130
|
"""
|
130
131
|
The Okta organization. This will be the first part of the url `https://XXX.okta.com`
|
131
132
|
"""
|
132
133
|
return pulumi.get(self, "organization")
|
133
134
|
|
134
135
|
@organization.setter
|
135
|
-
def organization(self, value: pulumi.Input[str]):
|
136
|
+
def organization(self, value: pulumi.Input[builtins.str]):
|
136
137
|
pulumi.set(self, "organization", value)
|
137
138
|
|
138
139
|
@property
|
139
140
|
@pulumi.getter(name="baseUrl")
|
140
|
-
def base_url(self) -> Optional[pulumi.Input[str]]:
|
141
|
+
def base_url(self) -> Optional[pulumi.Input[builtins.str]]:
|
141
142
|
"""
|
142
143
|
The Okta url. Examples: oktapreview.com, okta.com
|
143
144
|
"""
|
144
145
|
return pulumi.get(self, "base_url")
|
145
146
|
|
146
147
|
@base_url.setter
|
147
|
-
def base_url(self, value: Optional[pulumi.Input[str]]):
|
148
|
+
def base_url(self, value: Optional[pulumi.Input[builtins.str]]):
|
148
149
|
pulumi.set(self, "base_url", value)
|
149
150
|
|
150
151
|
@property
|
151
152
|
@pulumi.getter(name="bypassOktaMfa")
|
152
|
-
def bypass_okta_mfa(self) -> Optional[pulumi.Input[bool]]:
|
153
|
+
def bypass_okta_mfa(self) -> Optional[pulumi.Input[builtins.bool]]:
|
153
154
|
"""
|
154
155
|
When true, requests by Okta for a MFA check will be bypassed. This also disallows certain status checks on the account, such as whether the password is expired.
|
155
156
|
"""
|
156
157
|
return pulumi.get(self, "bypass_okta_mfa")
|
157
158
|
|
158
159
|
@bypass_okta_mfa.setter
|
159
|
-
def bypass_okta_mfa(self, value: Optional[pulumi.Input[bool]]):
|
160
|
+
def bypass_okta_mfa(self, value: Optional[pulumi.Input[builtins.bool]]):
|
160
161
|
pulumi.set(self, "bypass_okta_mfa", value)
|
161
162
|
|
162
163
|
@property
|
163
164
|
@pulumi.getter
|
164
|
-
def description(self) -> Optional[pulumi.Input[str]]:
|
165
|
+
def description(self) -> Optional[pulumi.Input[builtins.str]]:
|
165
166
|
"""
|
166
167
|
The description of the auth backend
|
167
168
|
"""
|
168
169
|
return pulumi.get(self, "description")
|
169
170
|
|
170
171
|
@description.setter
|
171
|
-
def description(self, value: Optional[pulumi.Input[str]]):
|
172
|
+
def description(self, value: Optional[pulumi.Input[builtins.str]]):
|
172
173
|
pulumi.set(self, "description", value)
|
173
174
|
|
174
175
|
@property
|
175
176
|
@pulumi.getter(name="disableRemount")
|
176
|
-
def disable_remount(self) -> Optional[pulumi.Input[bool]]:
|
177
|
+
def disable_remount(self) -> Optional[pulumi.Input[builtins.bool]]:
|
177
178
|
"""
|
178
179
|
If set, opts out of mount migration on path updates.
|
179
180
|
See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
|
@@ -181,7 +182,7 @@ class AuthBackendArgs:
|
|
181
182
|
return pulumi.get(self, "disable_remount")
|
182
183
|
|
183
184
|
@disable_remount.setter
|
184
|
-
def disable_remount(self, value: Optional[pulumi.Input[bool]]):
|
185
|
+
def disable_remount(self, value: Optional[pulumi.Input[builtins.bool]]):
|
185
186
|
pulumi.set(self, "disable_remount", value)
|
186
187
|
|
187
188
|
@property
|
@@ -200,7 +201,7 @@ class AuthBackendArgs:
|
|
200
201
|
@property
|
201
202
|
@pulumi.getter(name="maxTtl")
|
202
203
|
@_utilities.deprecated("""Deprecated. Please use `token_max_ttl` instead.""")
|
203
|
-
def max_ttl(self) -> Optional[pulumi.Input[str]]:
|
204
|
+
def max_ttl(self) -> Optional[pulumi.Input[builtins.str]]:
|
204
205
|
"""
|
205
206
|
Maximum duration after which authentication will be expired
|
206
207
|
[See the documentation for info on valid duration formats](https://golang.org/pkg/time/#ParseDuration).
|
@@ -208,12 +209,12 @@ class AuthBackendArgs:
|
|
208
209
|
return pulumi.get(self, "max_ttl")
|
209
210
|
|
210
211
|
@max_ttl.setter
|
211
|
-
def max_ttl(self, value: Optional[pulumi.Input[str]]):
|
212
|
+
def max_ttl(self, value: Optional[pulumi.Input[builtins.str]]):
|
212
213
|
pulumi.set(self, "max_ttl", value)
|
213
214
|
|
214
215
|
@property
|
215
216
|
@pulumi.getter
|
216
|
-
def namespace(self) -> Optional[pulumi.Input[str]]:
|
217
|
+
def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
|
217
218
|
"""
|
218
219
|
The namespace to provision the resource in.
|
219
220
|
The value should not contain leading or trailing forward slashes.
|
@@ -223,24 +224,24 @@ class AuthBackendArgs:
|
|
223
224
|
return pulumi.get(self, "namespace")
|
224
225
|
|
225
226
|
@namespace.setter
|
226
|
-
def namespace(self, value: Optional[pulumi.Input[str]]):
|
227
|
+
def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
|
227
228
|
pulumi.set(self, "namespace", value)
|
228
229
|
|
229
230
|
@property
|
230
231
|
@pulumi.getter
|
231
|
-
def path(self) -> Optional[pulumi.Input[str]]:
|
232
|
+
def path(self) -> Optional[pulumi.Input[builtins.str]]:
|
232
233
|
"""
|
233
234
|
Path to mount the Okta auth backend. Default to path `okta`.
|
234
235
|
"""
|
235
236
|
return pulumi.get(self, "path")
|
236
237
|
|
237
238
|
@path.setter
|
238
|
-
def path(self, value: Optional[pulumi.Input[str]]):
|
239
|
+
def path(self, value: Optional[pulumi.Input[builtins.str]]):
|
239
240
|
pulumi.set(self, "path", value)
|
240
241
|
|
241
242
|
@property
|
242
243
|
@pulumi.getter
|
243
|
-
def token(self) -> Optional[pulumi.Input[str]]:
|
244
|
+
def token(self) -> Optional[pulumi.Input[builtins.str]]:
|
244
245
|
"""
|
245
246
|
The Okta API token. This is required to query Okta for user group membership.
|
246
247
|
If this is not supplied only locally configured groups will be enabled.
|
@@ -248,121 +249,121 @@ class AuthBackendArgs:
|
|
248
249
|
return pulumi.get(self, "token")
|
249
250
|
|
250
251
|
@token.setter
|
251
|
-
def token(self, value: Optional[pulumi.Input[str]]):
|
252
|
+
def token(self, value: Optional[pulumi.Input[builtins.str]]):
|
252
253
|
pulumi.set(self, "token", value)
|
253
254
|
|
254
255
|
@property
|
255
256
|
@pulumi.getter(name="tokenBoundCidrs")
|
256
|
-
def token_bound_cidrs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
257
|
+
def token_bound_cidrs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
257
258
|
"""
|
258
259
|
Specifies the blocks of IP addresses which are allowed to use the generated token
|
259
260
|
"""
|
260
261
|
return pulumi.get(self, "token_bound_cidrs")
|
261
262
|
|
262
263
|
@token_bound_cidrs.setter
|
263
|
-
def token_bound_cidrs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
264
|
+
def token_bound_cidrs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
264
265
|
pulumi.set(self, "token_bound_cidrs", value)
|
265
266
|
|
266
267
|
@property
|
267
268
|
@pulumi.getter(name="tokenExplicitMaxTtl")
|
268
|
-
def token_explicit_max_ttl(self) -> Optional[pulumi.Input[int]]:
|
269
|
+
def token_explicit_max_ttl(self) -> Optional[pulumi.Input[builtins.int]]:
|
269
270
|
"""
|
270
271
|
Generated Token's Explicit Maximum TTL in seconds
|
271
272
|
"""
|
272
273
|
return pulumi.get(self, "token_explicit_max_ttl")
|
273
274
|
|
274
275
|
@token_explicit_max_ttl.setter
|
275
|
-
def token_explicit_max_ttl(self, value: Optional[pulumi.Input[int]]):
|
276
|
+
def token_explicit_max_ttl(self, value: Optional[pulumi.Input[builtins.int]]):
|
276
277
|
pulumi.set(self, "token_explicit_max_ttl", value)
|
277
278
|
|
278
279
|
@property
|
279
280
|
@pulumi.getter(name="tokenMaxTtl")
|
280
|
-
def token_max_ttl(self) -> Optional[pulumi.Input[int]]:
|
281
|
+
def token_max_ttl(self) -> Optional[pulumi.Input[builtins.int]]:
|
281
282
|
"""
|
282
283
|
The maximum lifetime of the generated token
|
283
284
|
"""
|
284
285
|
return pulumi.get(self, "token_max_ttl")
|
285
286
|
|
286
287
|
@token_max_ttl.setter
|
287
|
-
def token_max_ttl(self, value: Optional[pulumi.Input[int]]):
|
288
|
+
def token_max_ttl(self, value: Optional[pulumi.Input[builtins.int]]):
|
288
289
|
pulumi.set(self, "token_max_ttl", value)
|
289
290
|
|
290
291
|
@property
|
291
292
|
@pulumi.getter(name="tokenNoDefaultPolicy")
|
292
|
-
def token_no_default_policy(self) -> Optional[pulumi.Input[bool]]:
|
293
|
+
def token_no_default_policy(self) -> Optional[pulumi.Input[builtins.bool]]:
|
293
294
|
"""
|
294
295
|
If true, the 'default' policy will not automatically be added to generated tokens
|
295
296
|
"""
|
296
297
|
return pulumi.get(self, "token_no_default_policy")
|
297
298
|
|
298
299
|
@token_no_default_policy.setter
|
299
|
-
def token_no_default_policy(self, value: Optional[pulumi.Input[bool]]):
|
300
|
+
def token_no_default_policy(self, value: Optional[pulumi.Input[builtins.bool]]):
|
300
301
|
pulumi.set(self, "token_no_default_policy", value)
|
301
302
|
|
302
303
|
@property
|
303
304
|
@pulumi.getter(name="tokenNumUses")
|
304
|
-
def token_num_uses(self) -> Optional[pulumi.Input[int]]:
|
305
|
+
def token_num_uses(self) -> Optional[pulumi.Input[builtins.int]]:
|
305
306
|
"""
|
306
307
|
The maximum number of times a token may be used, a value of zero means unlimited
|
307
308
|
"""
|
308
309
|
return pulumi.get(self, "token_num_uses")
|
309
310
|
|
310
311
|
@token_num_uses.setter
|
311
|
-
def token_num_uses(self, value: Optional[pulumi.Input[int]]):
|
312
|
+
def token_num_uses(self, value: Optional[pulumi.Input[builtins.int]]):
|
312
313
|
pulumi.set(self, "token_num_uses", value)
|
313
314
|
|
314
315
|
@property
|
315
316
|
@pulumi.getter(name="tokenPeriod")
|
316
|
-
def token_period(self) -> Optional[pulumi.Input[int]]:
|
317
|
+
def token_period(self) -> Optional[pulumi.Input[builtins.int]]:
|
317
318
|
"""
|
318
319
|
Generated Token's Period
|
319
320
|
"""
|
320
321
|
return pulumi.get(self, "token_period")
|
321
322
|
|
322
323
|
@token_period.setter
|
323
|
-
def token_period(self, value: Optional[pulumi.Input[int]]):
|
324
|
+
def token_period(self, value: Optional[pulumi.Input[builtins.int]]):
|
324
325
|
pulumi.set(self, "token_period", value)
|
325
326
|
|
326
327
|
@property
|
327
328
|
@pulumi.getter(name="tokenPolicies")
|
328
|
-
def token_policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
329
|
+
def token_policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
329
330
|
"""
|
330
331
|
Generated Token's Policies
|
331
332
|
"""
|
332
333
|
return pulumi.get(self, "token_policies")
|
333
334
|
|
334
335
|
@token_policies.setter
|
335
|
-
def token_policies(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
336
|
+
def token_policies(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
336
337
|
pulumi.set(self, "token_policies", value)
|
337
338
|
|
338
339
|
@property
|
339
340
|
@pulumi.getter(name="tokenTtl")
|
340
|
-
def token_ttl(self) -> Optional[pulumi.Input[int]]:
|
341
|
+
def token_ttl(self) -> Optional[pulumi.Input[builtins.int]]:
|
341
342
|
"""
|
342
343
|
The initial ttl of the token to generate in seconds
|
343
344
|
"""
|
344
345
|
return pulumi.get(self, "token_ttl")
|
345
346
|
|
346
347
|
@token_ttl.setter
|
347
|
-
def token_ttl(self, value: Optional[pulumi.Input[int]]):
|
348
|
+
def token_ttl(self, value: Optional[pulumi.Input[builtins.int]]):
|
348
349
|
pulumi.set(self, "token_ttl", value)
|
349
350
|
|
350
351
|
@property
|
351
352
|
@pulumi.getter(name="tokenType")
|
352
|
-
def token_type(self) -> Optional[pulumi.Input[str]]:
|
353
|
+
def token_type(self) -> Optional[pulumi.Input[builtins.str]]:
|
353
354
|
"""
|
354
355
|
The type of token to generate, service or batch
|
355
356
|
"""
|
356
357
|
return pulumi.get(self, "token_type")
|
357
358
|
|
358
359
|
@token_type.setter
|
359
|
-
def token_type(self, value: Optional[pulumi.Input[str]]):
|
360
|
+
def token_type(self, value: Optional[pulumi.Input[builtins.str]]):
|
360
361
|
pulumi.set(self, "token_type", value)
|
361
362
|
|
362
363
|
@property
|
363
364
|
@pulumi.getter
|
364
365
|
@_utilities.deprecated("""Deprecated. Please use `token_ttl` instead.""")
|
365
|
-
def ttl(self) -> Optional[pulumi.Input[str]]:
|
366
|
+
def ttl(self) -> Optional[pulumi.Input[builtins.str]]:
|
366
367
|
"""
|
367
368
|
Duration after which authentication will be expired.
|
368
369
|
[See the documentation for info on valid duration formats](https://golang.org/pkg/time/#ParseDuration).
|
@@ -370,7 +371,7 @@ class AuthBackendArgs:
|
|
370
371
|
return pulumi.get(self, "ttl")
|
371
372
|
|
372
373
|
@ttl.setter
|
373
|
-
def ttl(self, value: Optional[pulumi.Input[str]]):
|
374
|
+
def ttl(self, value: Optional[pulumi.Input[builtins.str]]):
|
374
375
|
pulumi.set(self, "ttl", value)
|
375
376
|
|
376
377
|
@property
|
@@ -390,58 +391,58 @@ class AuthBackendArgs:
|
|
390
391
|
@pulumi.input_type
|
391
392
|
class _AuthBackendState:
|
392
393
|
def __init__(__self__, *,
|
393
|
-
accessor: Optional[pulumi.Input[str]] = None,
|
394
|
-
base_url: Optional[pulumi.Input[str]] = None,
|
395
|
-
bypass_okta_mfa: Optional[pulumi.Input[bool]] = None,
|
396
|
-
description: Optional[pulumi.Input[str]] = None,
|
397
|
-
disable_remount: Optional[pulumi.Input[bool]] = None,
|
394
|
+
accessor: Optional[pulumi.Input[builtins.str]] = None,
|
395
|
+
base_url: Optional[pulumi.Input[builtins.str]] = None,
|
396
|
+
bypass_okta_mfa: Optional[pulumi.Input[builtins.bool]] = None,
|
397
|
+
description: Optional[pulumi.Input[builtins.str]] = None,
|
398
|
+
disable_remount: Optional[pulumi.Input[builtins.bool]] = None,
|
398
399
|
groups: Optional[pulumi.Input[Sequence[pulumi.Input['AuthBackendGroupArgs']]]] = None,
|
399
|
-
max_ttl: Optional[pulumi.Input[str]] = None,
|
400
|
-
namespace: Optional[pulumi.Input[str]] = None,
|
401
|
-
organization: Optional[pulumi.Input[str]] = None,
|
402
|
-
path: Optional[pulumi.Input[str]] = None,
|
403
|
-
token: Optional[pulumi.Input[str]] = None,
|
404
|
-
token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
405
|
-
token_explicit_max_ttl: Optional[pulumi.Input[int]] = None,
|
406
|
-
token_max_ttl: Optional[pulumi.Input[int]] = None,
|
407
|
-
token_no_default_policy: Optional[pulumi.Input[bool]] = None,
|
408
|
-
token_num_uses: Optional[pulumi.Input[int]] = None,
|
409
|
-
token_period: Optional[pulumi.Input[int]] = None,
|
410
|
-
token_policies: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
411
|
-
token_ttl: Optional[pulumi.Input[int]] = None,
|
412
|
-
token_type: Optional[pulumi.Input[str]] = None,
|
413
|
-
ttl: Optional[pulumi.Input[str]] = None,
|
400
|
+
max_ttl: Optional[pulumi.Input[builtins.str]] = None,
|
401
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None,
|
402
|
+
organization: Optional[pulumi.Input[builtins.str]] = None,
|
403
|
+
path: Optional[pulumi.Input[builtins.str]] = None,
|
404
|
+
token: Optional[pulumi.Input[builtins.str]] = None,
|
405
|
+
token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
406
|
+
token_explicit_max_ttl: Optional[pulumi.Input[builtins.int]] = None,
|
407
|
+
token_max_ttl: Optional[pulumi.Input[builtins.int]] = None,
|
408
|
+
token_no_default_policy: Optional[pulumi.Input[builtins.bool]] = None,
|
409
|
+
token_num_uses: Optional[pulumi.Input[builtins.int]] = None,
|
410
|
+
token_period: Optional[pulumi.Input[builtins.int]] = None,
|
411
|
+
token_policies: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
412
|
+
token_ttl: Optional[pulumi.Input[builtins.int]] = None,
|
413
|
+
token_type: Optional[pulumi.Input[builtins.str]] = None,
|
414
|
+
ttl: Optional[pulumi.Input[builtins.str]] = None,
|
414
415
|
users: Optional[pulumi.Input[Sequence[pulumi.Input['AuthBackendUserArgs']]]] = None):
|
415
416
|
"""
|
416
417
|
Input properties used for looking up and filtering AuthBackend resources.
|
417
|
-
:param pulumi.Input[str] accessor: The mount accessor related to the auth mount. It is useful for integration with [Identity Secrets Engine](https://www.vaultproject.io/docs/secrets/identity/index.html).
|
418
|
-
:param pulumi.Input[str] base_url: The Okta url. Examples: oktapreview.com, okta.com
|
419
|
-
:param pulumi.Input[bool] bypass_okta_mfa: When true, requests by Okta for a MFA check will be bypassed. This also disallows certain status checks on the account, such as whether the password is expired.
|
420
|
-
:param pulumi.Input[str] description: The description of the auth backend
|
421
|
-
:param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
|
418
|
+
:param pulumi.Input[builtins.str] accessor: The mount accessor related to the auth mount. It is useful for integration with [Identity Secrets Engine](https://www.vaultproject.io/docs/secrets/identity/index.html).
|
419
|
+
:param pulumi.Input[builtins.str] base_url: The Okta url. Examples: oktapreview.com, okta.com
|
420
|
+
:param pulumi.Input[builtins.bool] bypass_okta_mfa: When true, requests by Okta for a MFA check will be bypassed. This also disallows certain status checks on the account, such as whether the password is expired.
|
421
|
+
:param pulumi.Input[builtins.str] description: The description of the auth backend
|
422
|
+
:param pulumi.Input[builtins.bool] disable_remount: If set, opts out of mount migration on path updates.
|
422
423
|
See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
|
423
424
|
:param pulumi.Input[Sequence[pulumi.Input['AuthBackendGroupArgs']]] groups: Associate Okta groups with policies within Vault.
|
424
425
|
See below for more details.
|
425
|
-
:param pulumi.Input[str] max_ttl: Maximum duration after which authentication will be expired
|
426
|
+
:param pulumi.Input[builtins.str] max_ttl: Maximum duration after which authentication will be expired
|
426
427
|
[See the documentation for info on valid duration formats](https://golang.org/pkg/time/#ParseDuration).
|
427
|
-
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
428
|
+
:param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
|
428
429
|
The value should not contain leading or trailing forward slashes.
|
429
430
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
430
431
|
*Available only for Vault Enterprise*.
|
431
|
-
:param pulumi.Input[str] organization: The Okta organization. This will be the first part of the url `https://XXX.okta.com`
|
432
|
-
:param pulumi.Input[str] path: Path to mount the Okta auth backend. Default to path `okta`.
|
433
|
-
:param pulumi.Input[str] token: The Okta API token. This is required to query Okta for user group membership.
|
432
|
+
:param pulumi.Input[builtins.str] organization: The Okta organization. This will be the first part of the url `https://XXX.okta.com`
|
433
|
+
:param pulumi.Input[builtins.str] path: Path to mount the Okta auth backend. Default to path `okta`.
|
434
|
+
:param pulumi.Input[builtins.str] token: The Okta API token. This is required to query Okta for user group membership.
|
434
435
|
If this is not supplied only locally configured groups will be enabled.
|
435
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
|
436
|
-
:param pulumi.Input[int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
|
437
|
-
:param pulumi.Input[int] token_max_ttl: The maximum lifetime of the generated token
|
438
|
-
:param pulumi.Input[bool] token_no_default_policy: If true, the 'default' policy will not automatically be added to generated tokens
|
439
|
-
:param pulumi.Input[int] token_num_uses: The maximum number of times a token may be used, a value of zero means unlimited
|
440
|
-
:param pulumi.Input[int] token_period: Generated Token's Period
|
441
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] token_policies: Generated Token's Policies
|
442
|
-
:param pulumi.Input[int] token_ttl: The initial ttl of the token to generate in seconds
|
443
|
-
:param pulumi.Input[str] token_type: The type of token to generate, service or batch
|
444
|
-
:param pulumi.Input[str] ttl: Duration after which authentication will be expired.
|
436
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
|
437
|
+
:param pulumi.Input[builtins.int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
|
438
|
+
:param pulumi.Input[builtins.int] token_max_ttl: The maximum lifetime of the generated token
|
439
|
+
:param pulumi.Input[builtins.bool] token_no_default_policy: If true, the 'default' policy will not automatically be added to generated tokens
|
440
|
+
:param pulumi.Input[builtins.int] token_num_uses: The maximum number of times a token may be used, a value of zero means unlimited
|
441
|
+
:param pulumi.Input[builtins.int] token_period: Generated Token's Period
|
442
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] token_policies: Generated Token's Policies
|
443
|
+
:param pulumi.Input[builtins.int] token_ttl: The initial ttl of the token to generate in seconds
|
444
|
+
:param pulumi.Input[builtins.str] token_type: The type of token to generate, service or batch
|
445
|
+
:param pulumi.Input[builtins.str] ttl: Duration after which authentication will be expired.
|
445
446
|
[See the documentation for info on valid duration formats](https://golang.org/pkg/time/#ParseDuration).
|
446
447
|
:param pulumi.Input[Sequence[pulumi.Input['AuthBackendUserArgs']]] users: Associate Okta users with groups or policies within Vault.
|
447
448
|
See below for more details.
|
@@ -499,55 +500,55 @@ class _AuthBackendState:
|
|
499
500
|
|
500
501
|
@property
|
501
502
|
@pulumi.getter
|
502
|
-
def accessor(self) -> Optional[pulumi.Input[str]]:
|
503
|
+
def accessor(self) -> Optional[pulumi.Input[builtins.str]]:
|
503
504
|
"""
|
504
505
|
The mount accessor related to the auth mount. It is useful for integration with [Identity Secrets Engine](https://www.vaultproject.io/docs/secrets/identity/index.html).
|
505
506
|
"""
|
506
507
|
return pulumi.get(self, "accessor")
|
507
508
|
|
508
509
|
@accessor.setter
|
509
|
-
def accessor(self, value: Optional[pulumi.Input[str]]):
|
510
|
+
def accessor(self, value: Optional[pulumi.Input[builtins.str]]):
|
510
511
|
pulumi.set(self, "accessor", value)
|
511
512
|
|
512
513
|
@property
|
513
514
|
@pulumi.getter(name="baseUrl")
|
514
|
-
def base_url(self) -> Optional[pulumi.Input[str]]:
|
515
|
+
def base_url(self) -> Optional[pulumi.Input[builtins.str]]:
|
515
516
|
"""
|
516
517
|
The Okta url. Examples: oktapreview.com, okta.com
|
517
518
|
"""
|
518
519
|
return pulumi.get(self, "base_url")
|
519
520
|
|
520
521
|
@base_url.setter
|
521
|
-
def base_url(self, value: Optional[pulumi.Input[str]]):
|
522
|
+
def base_url(self, value: Optional[pulumi.Input[builtins.str]]):
|
522
523
|
pulumi.set(self, "base_url", value)
|
523
524
|
|
524
525
|
@property
|
525
526
|
@pulumi.getter(name="bypassOktaMfa")
|
526
|
-
def bypass_okta_mfa(self) -> Optional[pulumi.Input[bool]]:
|
527
|
+
def bypass_okta_mfa(self) -> Optional[pulumi.Input[builtins.bool]]:
|
527
528
|
"""
|
528
529
|
When true, requests by Okta for a MFA check will be bypassed. This also disallows certain status checks on the account, such as whether the password is expired.
|
529
530
|
"""
|
530
531
|
return pulumi.get(self, "bypass_okta_mfa")
|
531
532
|
|
532
533
|
@bypass_okta_mfa.setter
|
533
|
-
def bypass_okta_mfa(self, value: Optional[pulumi.Input[bool]]):
|
534
|
+
def bypass_okta_mfa(self, value: Optional[pulumi.Input[builtins.bool]]):
|
534
535
|
pulumi.set(self, "bypass_okta_mfa", value)
|
535
536
|
|
536
537
|
@property
|
537
538
|
@pulumi.getter
|
538
|
-
def description(self) -> Optional[pulumi.Input[str]]:
|
539
|
+
def description(self) -> Optional[pulumi.Input[builtins.str]]:
|
539
540
|
"""
|
540
541
|
The description of the auth backend
|
541
542
|
"""
|
542
543
|
return pulumi.get(self, "description")
|
543
544
|
|
544
545
|
@description.setter
|
545
|
-
def description(self, value: Optional[pulumi.Input[str]]):
|
546
|
+
def description(self, value: Optional[pulumi.Input[builtins.str]]):
|
546
547
|
pulumi.set(self, "description", value)
|
547
548
|
|
548
549
|
@property
|
549
550
|
@pulumi.getter(name="disableRemount")
|
550
|
-
def disable_remount(self) -> Optional[pulumi.Input[bool]]:
|
551
|
+
def disable_remount(self) -> Optional[pulumi.Input[builtins.bool]]:
|
551
552
|
"""
|
552
553
|
If set, opts out of mount migration on path updates.
|
553
554
|
See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
|
@@ -555,7 +556,7 @@ class _AuthBackendState:
|
|
555
556
|
return pulumi.get(self, "disable_remount")
|
556
557
|
|
557
558
|
@disable_remount.setter
|
558
|
-
def disable_remount(self, value: Optional[pulumi.Input[bool]]):
|
559
|
+
def disable_remount(self, value: Optional[pulumi.Input[builtins.bool]]):
|
559
560
|
pulumi.set(self, "disable_remount", value)
|
560
561
|
|
561
562
|
@property
|
@@ -574,7 +575,7 @@ class _AuthBackendState:
|
|
574
575
|
@property
|
575
576
|
@pulumi.getter(name="maxTtl")
|
576
577
|
@_utilities.deprecated("""Deprecated. Please use `token_max_ttl` instead.""")
|
577
|
-
def max_ttl(self) -> Optional[pulumi.Input[str]]:
|
578
|
+
def max_ttl(self) -> Optional[pulumi.Input[builtins.str]]:
|
578
579
|
"""
|
579
580
|
Maximum duration after which authentication will be expired
|
580
581
|
[See the documentation for info on valid duration formats](https://golang.org/pkg/time/#ParseDuration).
|
@@ -582,12 +583,12 @@ class _AuthBackendState:
|
|
582
583
|
return pulumi.get(self, "max_ttl")
|
583
584
|
|
584
585
|
@max_ttl.setter
|
585
|
-
def max_ttl(self, value: Optional[pulumi.Input[str]]):
|
586
|
+
def max_ttl(self, value: Optional[pulumi.Input[builtins.str]]):
|
586
587
|
pulumi.set(self, "max_ttl", value)
|
587
588
|
|
588
589
|
@property
|
589
590
|
@pulumi.getter
|
590
|
-
def namespace(self) -> Optional[pulumi.Input[str]]:
|
591
|
+
def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
|
591
592
|
"""
|
592
593
|
The namespace to provision the resource in.
|
593
594
|
The value should not contain leading or trailing forward slashes.
|
@@ -597,36 +598,36 @@ class _AuthBackendState:
|
|
597
598
|
return pulumi.get(self, "namespace")
|
598
599
|
|
599
600
|
@namespace.setter
|
600
|
-
def namespace(self, value: Optional[pulumi.Input[str]]):
|
601
|
+
def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
|
601
602
|
pulumi.set(self, "namespace", value)
|
602
603
|
|
603
604
|
@property
|
604
605
|
@pulumi.getter
|
605
|
-
def organization(self) -> Optional[pulumi.Input[str]]:
|
606
|
+
def organization(self) -> Optional[pulumi.Input[builtins.str]]:
|
606
607
|
"""
|
607
608
|
The Okta organization. This will be the first part of the url `https://XXX.okta.com`
|
608
609
|
"""
|
609
610
|
return pulumi.get(self, "organization")
|
610
611
|
|
611
612
|
@organization.setter
|
612
|
-
def organization(self, value: Optional[pulumi.Input[str]]):
|
613
|
+
def organization(self, value: Optional[pulumi.Input[builtins.str]]):
|
613
614
|
pulumi.set(self, "organization", value)
|
614
615
|
|
615
616
|
@property
|
616
617
|
@pulumi.getter
|
617
|
-
def path(self) -> Optional[pulumi.Input[str]]:
|
618
|
+
def path(self) -> Optional[pulumi.Input[builtins.str]]:
|
618
619
|
"""
|
619
620
|
Path to mount the Okta auth backend. Default to path `okta`.
|
620
621
|
"""
|
621
622
|
return pulumi.get(self, "path")
|
622
623
|
|
623
624
|
@path.setter
|
624
|
-
def path(self, value: Optional[pulumi.Input[str]]):
|
625
|
+
def path(self, value: Optional[pulumi.Input[builtins.str]]):
|
625
626
|
pulumi.set(self, "path", value)
|
626
627
|
|
627
628
|
@property
|
628
629
|
@pulumi.getter
|
629
|
-
def token(self) -> Optional[pulumi.Input[str]]:
|
630
|
+
def token(self) -> Optional[pulumi.Input[builtins.str]]:
|
630
631
|
"""
|
631
632
|
The Okta API token. This is required to query Okta for user group membership.
|
632
633
|
If this is not supplied only locally configured groups will be enabled.
|
@@ -634,121 +635,121 @@ class _AuthBackendState:
|
|
634
635
|
return pulumi.get(self, "token")
|
635
636
|
|
636
637
|
@token.setter
|
637
|
-
def token(self, value: Optional[pulumi.Input[str]]):
|
638
|
+
def token(self, value: Optional[pulumi.Input[builtins.str]]):
|
638
639
|
pulumi.set(self, "token", value)
|
639
640
|
|
640
641
|
@property
|
641
642
|
@pulumi.getter(name="tokenBoundCidrs")
|
642
|
-
def token_bound_cidrs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
643
|
+
def token_bound_cidrs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
643
644
|
"""
|
644
645
|
Specifies the blocks of IP addresses which are allowed to use the generated token
|
645
646
|
"""
|
646
647
|
return pulumi.get(self, "token_bound_cidrs")
|
647
648
|
|
648
649
|
@token_bound_cidrs.setter
|
649
|
-
def token_bound_cidrs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
650
|
+
def token_bound_cidrs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
650
651
|
pulumi.set(self, "token_bound_cidrs", value)
|
651
652
|
|
652
653
|
@property
|
653
654
|
@pulumi.getter(name="tokenExplicitMaxTtl")
|
654
|
-
def token_explicit_max_ttl(self) -> Optional[pulumi.Input[int]]:
|
655
|
+
def token_explicit_max_ttl(self) -> Optional[pulumi.Input[builtins.int]]:
|
655
656
|
"""
|
656
657
|
Generated Token's Explicit Maximum TTL in seconds
|
657
658
|
"""
|
658
659
|
return pulumi.get(self, "token_explicit_max_ttl")
|
659
660
|
|
660
661
|
@token_explicit_max_ttl.setter
|
661
|
-
def token_explicit_max_ttl(self, value: Optional[pulumi.Input[int]]):
|
662
|
+
def token_explicit_max_ttl(self, value: Optional[pulumi.Input[builtins.int]]):
|
662
663
|
pulumi.set(self, "token_explicit_max_ttl", value)
|
663
664
|
|
664
665
|
@property
|
665
666
|
@pulumi.getter(name="tokenMaxTtl")
|
666
|
-
def token_max_ttl(self) -> Optional[pulumi.Input[int]]:
|
667
|
+
def token_max_ttl(self) -> Optional[pulumi.Input[builtins.int]]:
|
667
668
|
"""
|
668
669
|
The maximum lifetime of the generated token
|
669
670
|
"""
|
670
671
|
return pulumi.get(self, "token_max_ttl")
|
671
672
|
|
672
673
|
@token_max_ttl.setter
|
673
|
-
def token_max_ttl(self, value: Optional[pulumi.Input[int]]):
|
674
|
+
def token_max_ttl(self, value: Optional[pulumi.Input[builtins.int]]):
|
674
675
|
pulumi.set(self, "token_max_ttl", value)
|
675
676
|
|
676
677
|
@property
|
677
678
|
@pulumi.getter(name="tokenNoDefaultPolicy")
|
678
|
-
def token_no_default_policy(self) -> Optional[pulumi.Input[bool]]:
|
679
|
+
def token_no_default_policy(self) -> Optional[pulumi.Input[builtins.bool]]:
|
679
680
|
"""
|
680
681
|
If true, the 'default' policy will not automatically be added to generated tokens
|
681
682
|
"""
|
682
683
|
return pulumi.get(self, "token_no_default_policy")
|
683
684
|
|
684
685
|
@token_no_default_policy.setter
|
685
|
-
def token_no_default_policy(self, value: Optional[pulumi.Input[bool]]):
|
686
|
+
def token_no_default_policy(self, value: Optional[pulumi.Input[builtins.bool]]):
|
686
687
|
pulumi.set(self, "token_no_default_policy", value)
|
687
688
|
|
688
689
|
@property
|
689
690
|
@pulumi.getter(name="tokenNumUses")
|
690
|
-
def token_num_uses(self) -> Optional[pulumi.Input[int]]:
|
691
|
+
def token_num_uses(self) -> Optional[pulumi.Input[builtins.int]]:
|
691
692
|
"""
|
692
693
|
The maximum number of times a token may be used, a value of zero means unlimited
|
693
694
|
"""
|
694
695
|
return pulumi.get(self, "token_num_uses")
|
695
696
|
|
696
697
|
@token_num_uses.setter
|
697
|
-
def token_num_uses(self, value: Optional[pulumi.Input[int]]):
|
698
|
+
def token_num_uses(self, value: Optional[pulumi.Input[builtins.int]]):
|
698
699
|
pulumi.set(self, "token_num_uses", value)
|
699
700
|
|
700
701
|
@property
|
701
702
|
@pulumi.getter(name="tokenPeriod")
|
702
|
-
def token_period(self) -> Optional[pulumi.Input[int]]:
|
703
|
+
def token_period(self) -> Optional[pulumi.Input[builtins.int]]:
|
703
704
|
"""
|
704
705
|
Generated Token's Period
|
705
706
|
"""
|
706
707
|
return pulumi.get(self, "token_period")
|
707
708
|
|
708
709
|
@token_period.setter
|
709
|
-
def token_period(self, value: Optional[pulumi.Input[int]]):
|
710
|
+
def token_period(self, value: Optional[pulumi.Input[builtins.int]]):
|
710
711
|
pulumi.set(self, "token_period", value)
|
711
712
|
|
712
713
|
@property
|
713
714
|
@pulumi.getter(name="tokenPolicies")
|
714
|
-
def token_policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
715
|
+
def token_policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
715
716
|
"""
|
716
717
|
Generated Token's Policies
|
717
718
|
"""
|
718
719
|
return pulumi.get(self, "token_policies")
|
719
720
|
|
720
721
|
@token_policies.setter
|
721
|
-
def token_policies(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
722
|
+
def token_policies(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
722
723
|
pulumi.set(self, "token_policies", value)
|
723
724
|
|
724
725
|
@property
|
725
726
|
@pulumi.getter(name="tokenTtl")
|
726
|
-
def token_ttl(self) -> Optional[pulumi.Input[int]]:
|
727
|
+
def token_ttl(self) -> Optional[pulumi.Input[builtins.int]]:
|
727
728
|
"""
|
728
729
|
The initial ttl of the token to generate in seconds
|
729
730
|
"""
|
730
731
|
return pulumi.get(self, "token_ttl")
|
731
732
|
|
732
733
|
@token_ttl.setter
|
733
|
-
def token_ttl(self, value: Optional[pulumi.Input[int]]):
|
734
|
+
def token_ttl(self, value: Optional[pulumi.Input[builtins.int]]):
|
734
735
|
pulumi.set(self, "token_ttl", value)
|
735
736
|
|
736
737
|
@property
|
737
738
|
@pulumi.getter(name="tokenType")
|
738
|
-
def token_type(self) -> Optional[pulumi.Input[str]]:
|
739
|
+
def token_type(self) -> Optional[pulumi.Input[builtins.str]]:
|
739
740
|
"""
|
740
741
|
The type of token to generate, service or batch
|
741
742
|
"""
|
742
743
|
return pulumi.get(self, "token_type")
|
743
744
|
|
744
745
|
@token_type.setter
|
745
|
-
def token_type(self, value: Optional[pulumi.Input[str]]):
|
746
|
+
def token_type(self, value: Optional[pulumi.Input[builtins.str]]):
|
746
747
|
pulumi.set(self, "token_type", value)
|
747
748
|
|
748
749
|
@property
|
749
750
|
@pulumi.getter
|
750
751
|
@_utilities.deprecated("""Deprecated. Please use `token_ttl` instead.""")
|
751
|
-
def ttl(self) -> Optional[pulumi.Input[str]]:
|
752
|
+
def ttl(self) -> Optional[pulumi.Input[builtins.str]]:
|
752
753
|
"""
|
753
754
|
Duration after which authentication will be expired.
|
754
755
|
[See the documentation for info on valid duration formats](https://golang.org/pkg/time/#ParseDuration).
|
@@ -756,7 +757,7 @@ class _AuthBackendState:
|
|
756
757
|
return pulumi.get(self, "ttl")
|
757
758
|
|
758
759
|
@ttl.setter
|
759
|
-
def ttl(self, value: Optional[pulumi.Input[str]]):
|
760
|
+
def ttl(self, value: Optional[pulumi.Input[builtins.str]]):
|
760
761
|
pulumi.set(self, "ttl", value)
|
761
762
|
|
762
763
|
@property
|
@@ -778,26 +779,26 @@ class AuthBackend(pulumi.CustomResource):
|
|
778
779
|
def __init__(__self__,
|
779
780
|
resource_name: str,
|
780
781
|
opts: Optional[pulumi.ResourceOptions] = None,
|
781
|
-
base_url: Optional[pulumi.Input[str]] = None,
|
782
|
-
bypass_okta_mfa: Optional[pulumi.Input[bool]] = None,
|
783
|
-
description: Optional[pulumi.Input[str]] = None,
|
784
|
-
disable_remount: Optional[pulumi.Input[bool]] = None,
|
782
|
+
base_url: Optional[pulumi.Input[builtins.str]] = None,
|
783
|
+
bypass_okta_mfa: Optional[pulumi.Input[builtins.bool]] = None,
|
784
|
+
description: Optional[pulumi.Input[builtins.str]] = None,
|
785
|
+
disable_remount: Optional[pulumi.Input[builtins.bool]] = None,
|
785
786
|
groups: Optional[pulumi.Input[Sequence[pulumi.Input[Union['AuthBackendGroupArgs', 'AuthBackendGroupArgsDict']]]]] = None,
|
786
|
-
max_ttl: Optional[pulumi.Input[str]] = None,
|
787
|
-
namespace: Optional[pulumi.Input[str]] = None,
|
788
|
-
organization: Optional[pulumi.Input[str]] = None,
|
789
|
-
path: Optional[pulumi.Input[str]] = None,
|
790
|
-
token: Optional[pulumi.Input[str]] = None,
|
791
|
-
token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
792
|
-
token_explicit_max_ttl: Optional[pulumi.Input[int]] = None,
|
793
|
-
token_max_ttl: Optional[pulumi.Input[int]] = None,
|
794
|
-
token_no_default_policy: Optional[pulumi.Input[bool]] = None,
|
795
|
-
token_num_uses: Optional[pulumi.Input[int]] = None,
|
796
|
-
token_period: Optional[pulumi.Input[int]] = None,
|
797
|
-
token_policies: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
798
|
-
token_ttl: Optional[pulumi.Input[int]] = None,
|
799
|
-
token_type: Optional[pulumi.Input[str]] = None,
|
800
|
-
ttl: Optional[pulumi.Input[str]] = None,
|
787
|
+
max_ttl: Optional[pulumi.Input[builtins.str]] = None,
|
788
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None,
|
789
|
+
organization: Optional[pulumi.Input[builtins.str]] = None,
|
790
|
+
path: Optional[pulumi.Input[builtins.str]] = None,
|
791
|
+
token: Optional[pulumi.Input[builtins.str]] = None,
|
792
|
+
token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
793
|
+
token_explicit_max_ttl: Optional[pulumi.Input[builtins.int]] = None,
|
794
|
+
token_max_ttl: Optional[pulumi.Input[builtins.int]] = None,
|
795
|
+
token_no_default_policy: Optional[pulumi.Input[builtins.bool]] = None,
|
796
|
+
token_num_uses: Optional[pulumi.Input[builtins.int]] = None,
|
797
|
+
token_period: Optional[pulumi.Input[builtins.int]] = None,
|
798
|
+
token_policies: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
799
|
+
token_ttl: Optional[pulumi.Input[builtins.int]] = None,
|
800
|
+
token_type: Optional[pulumi.Input[builtins.str]] = None,
|
801
|
+
ttl: Optional[pulumi.Input[builtins.str]] = None,
|
801
802
|
users: Optional[pulumi.Input[Sequence[pulumi.Input[Union['AuthBackendUserArgs', 'AuthBackendUserArgsDict']]]]] = None,
|
802
803
|
__props__=None):
|
803
804
|
"""
|
@@ -837,33 +838,33 @@ class AuthBackend(pulumi.CustomResource):
|
|
837
838
|
|
838
839
|
:param str resource_name: The name of the resource.
|
839
840
|
:param pulumi.ResourceOptions opts: Options for the resource.
|
840
|
-
:param pulumi.Input[str] base_url: The Okta url. Examples: oktapreview.com, okta.com
|
841
|
-
:param pulumi.Input[bool] bypass_okta_mfa: When true, requests by Okta for a MFA check will be bypassed. This also disallows certain status checks on the account, such as whether the password is expired.
|
842
|
-
:param pulumi.Input[str] description: The description of the auth backend
|
843
|
-
:param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
|
841
|
+
:param pulumi.Input[builtins.str] base_url: The Okta url. Examples: oktapreview.com, okta.com
|
842
|
+
:param pulumi.Input[builtins.bool] bypass_okta_mfa: When true, requests by Okta for a MFA check will be bypassed. This also disallows certain status checks on the account, such as whether the password is expired.
|
843
|
+
:param pulumi.Input[builtins.str] description: The description of the auth backend
|
844
|
+
:param pulumi.Input[builtins.bool] disable_remount: If set, opts out of mount migration on path updates.
|
844
845
|
See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
|
845
846
|
:param pulumi.Input[Sequence[pulumi.Input[Union['AuthBackendGroupArgs', 'AuthBackendGroupArgsDict']]]] groups: Associate Okta groups with policies within Vault.
|
846
847
|
See below for more details.
|
847
|
-
:param pulumi.Input[str] max_ttl: Maximum duration after which authentication will be expired
|
848
|
+
:param pulumi.Input[builtins.str] max_ttl: Maximum duration after which authentication will be expired
|
848
849
|
[See the documentation for info on valid duration formats](https://golang.org/pkg/time/#ParseDuration).
|
849
|
-
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
850
|
+
:param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
|
850
851
|
The value should not contain leading or trailing forward slashes.
|
851
852
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
852
853
|
*Available only for Vault Enterprise*.
|
853
|
-
:param pulumi.Input[str] organization: The Okta organization. This will be the first part of the url `https://XXX.okta.com`
|
854
|
-
:param pulumi.Input[str] path: Path to mount the Okta auth backend. Default to path `okta`.
|
855
|
-
:param pulumi.Input[str] token: The Okta API token. This is required to query Okta for user group membership.
|
854
|
+
:param pulumi.Input[builtins.str] organization: The Okta organization. This will be the first part of the url `https://XXX.okta.com`
|
855
|
+
:param pulumi.Input[builtins.str] path: Path to mount the Okta auth backend. Default to path `okta`.
|
856
|
+
:param pulumi.Input[builtins.str] token: The Okta API token. This is required to query Okta for user group membership.
|
856
857
|
If this is not supplied only locally configured groups will be enabled.
|
857
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
|
858
|
-
:param pulumi.Input[int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
|
859
|
-
:param pulumi.Input[int] token_max_ttl: The maximum lifetime of the generated token
|
860
|
-
:param pulumi.Input[bool] token_no_default_policy: If true, the 'default' policy will not automatically be added to generated tokens
|
861
|
-
:param pulumi.Input[int] token_num_uses: The maximum number of times a token may be used, a value of zero means unlimited
|
862
|
-
:param pulumi.Input[int] token_period: Generated Token's Period
|
863
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] token_policies: Generated Token's Policies
|
864
|
-
:param pulumi.Input[int] token_ttl: The initial ttl of the token to generate in seconds
|
865
|
-
:param pulumi.Input[str] token_type: The type of token to generate, service or batch
|
866
|
-
:param pulumi.Input[str] ttl: Duration after which authentication will be expired.
|
858
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
|
859
|
+
:param pulumi.Input[builtins.int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
|
860
|
+
:param pulumi.Input[builtins.int] token_max_ttl: The maximum lifetime of the generated token
|
861
|
+
:param pulumi.Input[builtins.bool] token_no_default_policy: If true, the 'default' policy will not automatically be added to generated tokens
|
862
|
+
:param pulumi.Input[builtins.int] token_num_uses: The maximum number of times a token may be used, a value of zero means unlimited
|
863
|
+
:param pulumi.Input[builtins.int] token_period: Generated Token's Period
|
864
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] token_policies: Generated Token's Policies
|
865
|
+
:param pulumi.Input[builtins.int] token_ttl: The initial ttl of the token to generate in seconds
|
866
|
+
:param pulumi.Input[builtins.str] token_type: The type of token to generate, service or batch
|
867
|
+
:param pulumi.Input[builtins.str] ttl: Duration after which authentication will be expired.
|
867
868
|
[See the documentation for info on valid duration formats](https://golang.org/pkg/time/#ParseDuration).
|
868
869
|
:param pulumi.Input[Sequence[pulumi.Input[Union['AuthBackendUserArgs', 'AuthBackendUserArgsDict']]]] users: Associate Okta users with groups or policies within Vault.
|
869
870
|
See below for more details.
|
@@ -924,26 +925,26 @@ class AuthBackend(pulumi.CustomResource):
|
|
924
925
|
def _internal_init(__self__,
|
925
926
|
resource_name: str,
|
926
927
|
opts: Optional[pulumi.ResourceOptions] = None,
|
927
|
-
base_url: Optional[pulumi.Input[str]] = None,
|
928
|
-
bypass_okta_mfa: Optional[pulumi.Input[bool]] = None,
|
929
|
-
description: Optional[pulumi.Input[str]] = None,
|
930
|
-
disable_remount: Optional[pulumi.Input[bool]] = None,
|
928
|
+
base_url: Optional[pulumi.Input[builtins.str]] = None,
|
929
|
+
bypass_okta_mfa: Optional[pulumi.Input[builtins.bool]] = None,
|
930
|
+
description: Optional[pulumi.Input[builtins.str]] = None,
|
931
|
+
disable_remount: Optional[pulumi.Input[builtins.bool]] = None,
|
931
932
|
groups: Optional[pulumi.Input[Sequence[pulumi.Input[Union['AuthBackendGroupArgs', 'AuthBackendGroupArgsDict']]]]] = None,
|
932
|
-
max_ttl: Optional[pulumi.Input[str]] = None,
|
933
|
-
namespace: Optional[pulumi.Input[str]] = None,
|
934
|
-
organization: Optional[pulumi.Input[str]] = None,
|
935
|
-
path: Optional[pulumi.Input[str]] = None,
|
936
|
-
token: Optional[pulumi.Input[str]] = None,
|
937
|
-
token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
938
|
-
token_explicit_max_ttl: Optional[pulumi.Input[int]] = None,
|
939
|
-
token_max_ttl: Optional[pulumi.Input[int]] = None,
|
940
|
-
token_no_default_policy: Optional[pulumi.Input[bool]] = None,
|
941
|
-
token_num_uses: Optional[pulumi.Input[int]] = None,
|
942
|
-
token_period: Optional[pulumi.Input[int]] = None,
|
943
|
-
token_policies: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
944
|
-
token_ttl: Optional[pulumi.Input[int]] = None,
|
945
|
-
token_type: Optional[pulumi.Input[str]] = None,
|
946
|
-
ttl: Optional[pulumi.Input[str]] = None,
|
933
|
+
max_ttl: Optional[pulumi.Input[builtins.str]] = None,
|
934
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None,
|
935
|
+
organization: Optional[pulumi.Input[builtins.str]] = None,
|
936
|
+
path: Optional[pulumi.Input[builtins.str]] = None,
|
937
|
+
token: Optional[pulumi.Input[builtins.str]] = None,
|
938
|
+
token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
939
|
+
token_explicit_max_ttl: Optional[pulumi.Input[builtins.int]] = None,
|
940
|
+
token_max_ttl: Optional[pulumi.Input[builtins.int]] = None,
|
941
|
+
token_no_default_policy: Optional[pulumi.Input[builtins.bool]] = None,
|
942
|
+
token_num_uses: Optional[pulumi.Input[builtins.int]] = None,
|
943
|
+
token_period: Optional[pulumi.Input[builtins.int]] = None,
|
944
|
+
token_policies: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
945
|
+
token_ttl: Optional[pulumi.Input[builtins.int]] = None,
|
946
|
+
token_type: Optional[pulumi.Input[builtins.str]] = None,
|
947
|
+
ttl: Optional[pulumi.Input[builtins.str]] = None,
|
947
948
|
users: Optional[pulumi.Input[Sequence[pulumi.Input[Union['AuthBackendUserArgs', 'AuthBackendUserArgsDict']]]]] = None,
|
948
949
|
__props__=None):
|
949
950
|
opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
|
@@ -990,27 +991,27 @@ class AuthBackend(pulumi.CustomResource):
|
|
990
991
|
def get(resource_name: str,
|
991
992
|
id: pulumi.Input[str],
|
992
993
|
opts: Optional[pulumi.ResourceOptions] = None,
|
993
|
-
accessor: Optional[pulumi.Input[str]] = None,
|
994
|
-
base_url: Optional[pulumi.Input[str]] = None,
|
995
|
-
bypass_okta_mfa: Optional[pulumi.Input[bool]] = None,
|
996
|
-
description: Optional[pulumi.Input[str]] = None,
|
997
|
-
disable_remount: Optional[pulumi.Input[bool]] = None,
|
994
|
+
accessor: Optional[pulumi.Input[builtins.str]] = None,
|
995
|
+
base_url: Optional[pulumi.Input[builtins.str]] = None,
|
996
|
+
bypass_okta_mfa: Optional[pulumi.Input[builtins.bool]] = None,
|
997
|
+
description: Optional[pulumi.Input[builtins.str]] = None,
|
998
|
+
disable_remount: Optional[pulumi.Input[builtins.bool]] = None,
|
998
999
|
groups: Optional[pulumi.Input[Sequence[pulumi.Input[Union['AuthBackendGroupArgs', 'AuthBackendGroupArgsDict']]]]] = None,
|
999
|
-
max_ttl: Optional[pulumi.Input[str]] = None,
|
1000
|
-
namespace: Optional[pulumi.Input[str]] = None,
|
1001
|
-
organization: Optional[pulumi.Input[str]] = None,
|
1002
|
-
path: Optional[pulumi.Input[str]] = None,
|
1003
|
-
token: Optional[pulumi.Input[str]] = None,
|
1004
|
-
token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1005
|
-
token_explicit_max_ttl: Optional[pulumi.Input[int]] = None,
|
1006
|
-
token_max_ttl: Optional[pulumi.Input[int]] = None,
|
1007
|
-
token_no_default_policy: Optional[pulumi.Input[bool]] = None,
|
1008
|
-
token_num_uses: Optional[pulumi.Input[int]] = None,
|
1009
|
-
token_period: Optional[pulumi.Input[int]] = None,
|
1010
|
-
token_policies: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1011
|
-
token_ttl: Optional[pulumi.Input[int]] = None,
|
1012
|
-
token_type: Optional[pulumi.Input[str]] = None,
|
1013
|
-
ttl: Optional[pulumi.Input[str]] = None,
|
1000
|
+
max_ttl: Optional[pulumi.Input[builtins.str]] = None,
|
1001
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None,
|
1002
|
+
organization: Optional[pulumi.Input[builtins.str]] = None,
|
1003
|
+
path: Optional[pulumi.Input[builtins.str]] = None,
|
1004
|
+
token: Optional[pulumi.Input[builtins.str]] = None,
|
1005
|
+
token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1006
|
+
token_explicit_max_ttl: Optional[pulumi.Input[builtins.int]] = None,
|
1007
|
+
token_max_ttl: Optional[pulumi.Input[builtins.int]] = None,
|
1008
|
+
token_no_default_policy: Optional[pulumi.Input[builtins.bool]] = None,
|
1009
|
+
token_num_uses: Optional[pulumi.Input[builtins.int]] = None,
|
1010
|
+
token_period: Optional[pulumi.Input[builtins.int]] = None,
|
1011
|
+
token_policies: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1012
|
+
token_ttl: Optional[pulumi.Input[builtins.int]] = None,
|
1013
|
+
token_type: Optional[pulumi.Input[builtins.str]] = None,
|
1014
|
+
ttl: Optional[pulumi.Input[builtins.str]] = None,
|
1014
1015
|
users: Optional[pulumi.Input[Sequence[pulumi.Input[Union['AuthBackendUserArgs', 'AuthBackendUserArgsDict']]]]] = None) -> 'AuthBackend':
|
1015
1016
|
"""
|
1016
1017
|
Get an existing AuthBackend resource's state with the given name, id, and optional extra
|
@@ -1019,34 +1020,34 @@ class AuthBackend(pulumi.CustomResource):
|
|
1019
1020
|
:param str resource_name: The unique name of the resulting resource.
|
1020
1021
|
:param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
|
1021
1022
|
:param pulumi.ResourceOptions opts: Options for the resource.
|
1022
|
-
:param pulumi.Input[str] accessor: The mount accessor related to the auth mount. It is useful for integration with [Identity Secrets Engine](https://www.vaultproject.io/docs/secrets/identity/index.html).
|
1023
|
-
:param pulumi.Input[str] base_url: The Okta url. Examples: oktapreview.com, okta.com
|
1024
|
-
:param pulumi.Input[bool] bypass_okta_mfa: When true, requests by Okta for a MFA check will be bypassed. This also disallows certain status checks on the account, such as whether the password is expired.
|
1025
|
-
:param pulumi.Input[str] description: The description of the auth backend
|
1026
|
-
:param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
|
1023
|
+
:param pulumi.Input[builtins.str] accessor: The mount accessor related to the auth mount. It is useful for integration with [Identity Secrets Engine](https://www.vaultproject.io/docs/secrets/identity/index.html).
|
1024
|
+
:param pulumi.Input[builtins.str] base_url: The Okta url. Examples: oktapreview.com, okta.com
|
1025
|
+
:param pulumi.Input[builtins.bool] bypass_okta_mfa: When true, requests by Okta for a MFA check will be bypassed. This also disallows certain status checks on the account, such as whether the password is expired.
|
1026
|
+
:param pulumi.Input[builtins.str] description: The description of the auth backend
|
1027
|
+
:param pulumi.Input[builtins.bool] disable_remount: If set, opts out of mount migration on path updates.
|
1027
1028
|
See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
|
1028
1029
|
:param pulumi.Input[Sequence[pulumi.Input[Union['AuthBackendGroupArgs', 'AuthBackendGroupArgsDict']]]] groups: Associate Okta groups with policies within Vault.
|
1029
1030
|
See below for more details.
|
1030
|
-
:param pulumi.Input[str] max_ttl: Maximum duration after which authentication will be expired
|
1031
|
+
:param pulumi.Input[builtins.str] max_ttl: Maximum duration after which authentication will be expired
|
1031
1032
|
[See the documentation for info on valid duration formats](https://golang.org/pkg/time/#ParseDuration).
|
1032
|
-
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
1033
|
+
:param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
|
1033
1034
|
The value should not contain leading or trailing forward slashes.
|
1034
1035
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
1035
1036
|
*Available only for Vault Enterprise*.
|
1036
|
-
:param pulumi.Input[str] organization: The Okta organization. This will be the first part of the url `https://XXX.okta.com`
|
1037
|
-
:param pulumi.Input[str] path: Path to mount the Okta auth backend. Default to path `okta`.
|
1038
|
-
:param pulumi.Input[str] token: The Okta API token. This is required to query Okta for user group membership.
|
1037
|
+
:param pulumi.Input[builtins.str] organization: The Okta organization. This will be the first part of the url `https://XXX.okta.com`
|
1038
|
+
:param pulumi.Input[builtins.str] path: Path to mount the Okta auth backend. Default to path `okta`.
|
1039
|
+
:param pulumi.Input[builtins.str] token: The Okta API token. This is required to query Okta for user group membership.
|
1039
1040
|
If this is not supplied only locally configured groups will be enabled.
|
1040
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
|
1041
|
-
:param pulumi.Input[int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
|
1042
|
-
:param pulumi.Input[int] token_max_ttl: The maximum lifetime of the generated token
|
1043
|
-
:param pulumi.Input[bool] token_no_default_policy: If true, the 'default' policy will not automatically be added to generated tokens
|
1044
|
-
:param pulumi.Input[int] token_num_uses: The maximum number of times a token may be used, a value of zero means unlimited
|
1045
|
-
:param pulumi.Input[int] token_period: Generated Token's Period
|
1046
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] token_policies: Generated Token's Policies
|
1047
|
-
:param pulumi.Input[int] token_ttl: The initial ttl of the token to generate in seconds
|
1048
|
-
:param pulumi.Input[str] token_type: The type of token to generate, service or batch
|
1049
|
-
:param pulumi.Input[str] ttl: Duration after which authentication will be expired.
|
1041
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
|
1042
|
+
:param pulumi.Input[builtins.int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
|
1043
|
+
:param pulumi.Input[builtins.int] token_max_ttl: The maximum lifetime of the generated token
|
1044
|
+
:param pulumi.Input[builtins.bool] token_no_default_policy: If true, the 'default' policy will not automatically be added to generated tokens
|
1045
|
+
:param pulumi.Input[builtins.int] token_num_uses: The maximum number of times a token may be used, a value of zero means unlimited
|
1046
|
+
:param pulumi.Input[builtins.int] token_period: Generated Token's Period
|
1047
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] token_policies: Generated Token's Policies
|
1048
|
+
:param pulumi.Input[builtins.int] token_ttl: The initial ttl of the token to generate in seconds
|
1049
|
+
:param pulumi.Input[builtins.str] token_type: The type of token to generate, service or batch
|
1050
|
+
:param pulumi.Input[builtins.str] ttl: Duration after which authentication will be expired.
|
1050
1051
|
[See the documentation for info on valid duration formats](https://golang.org/pkg/time/#ParseDuration).
|
1051
1052
|
:param pulumi.Input[Sequence[pulumi.Input[Union['AuthBackendUserArgs', 'AuthBackendUserArgsDict']]]] users: Associate Okta users with groups or policies within Vault.
|
1052
1053
|
See below for more details.
|
@@ -1081,7 +1082,7 @@ class AuthBackend(pulumi.CustomResource):
|
|
1081
1082
|
|
1082
1083
|
@property
|
1083
1084
|
@pulumi.getter
|
1084
|
-
def accessor(self) -> pulumi.Output[str]:
|
1085
|
+
def accessor(self) -> pulumi.Output[builtins.str]:
|
1085
1086
|
"""
|
1086
1087
|
The mount accessor related to the auth mount. It is useful for integration with [Identity Secrets Engine](https://www.vaultproject.io/docs/secrets/identity/index.html).
|
1087
1088
|
"""
|
@@ -1089,7 +1090,7 @@ class AuthBackend(pulumi.CustomResource):
|
|
1089
1090
|
|
1090
1091
|
@property
|
1091
1092
|
@pulumi.getter(name="baseUrl")
|
1092
|
-
def base_url(self) -> pulumi.Output[Optional[str]]:
|
1093
|
+
def base_url(self) -> pulumi.Output[Optional[builtins.str]]:
|
1093
1094
|
"""
|
1094
1095
|
The Okta url. Examples: oktapreview.com, okta.com
|
1095
1096
|
"""
|
@@ -1097,7 +1098,7 @@ class AuthBackend(pulumi.CustomResource):
|
|
1097
1098
|
|
1098
1099
|
@property
|
1099
1100
|
@pulumi.getter(name="bypassOktaMfa")
|
1100
|
-
def bypass_okta_mfa(self) -> pulumi.Output[Optional[bool]]:
|
1101
|
+
def bypass_okta_mfa(self) -> pulumi.Output[Optional[builtins.bool]]:
|
1101
1102
|
"""
|
1102
1103
|
When true, requests by Okta for a MFA check will be bypassed. This also disallows certain status checks on the account, such as whether the password is expired.
|
1103
1104
|
"""
|
@@ -1105,7 +1106,7 @@ class AuthBackend(pulumi.CustomResource):
|
|
1105
1106
|
|
1106
1107
|
@property
|
1107
1108
|
@pulumi.getter
|
1108
|
-
def description(self) -> pulumi.Output[Optional[str]]:
|
1109
|
+
def description(self) -> pulumi.Output[Optional[builtins.str]]:
|
1109
1110
|
"""
|
1110
1111
|
The description of the auth backend
|
1111
1112
|
"""
|
@@ -1113,7 +1114,7 @@ class AuthBackend(pulumi.CustomResource):
|
|
1113
1114
|
|
1114
1115
|
@property
|
1115
1116
|
@pulumi.getter(name="disableRemount")
|
1116
|
-
def disable_remount(self) -> pulumi.Output[Optional[bool]]:
|
1117
|
+
def disable_remount(self) -> pulumi.Output[Optional[builtins.bool]]:
|
1117
1118
|
"""
|
1118
1119
|
If set, opts out of mount migration on path updates.
|
1119
1120
|
See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
|
@@ -1132,7 +1133,7 @@ class AuthBackend(pulumi.CustomResource):
|
|
1132
1133
|
@property
|
1133
1134
|
@pulumi.getter(name="maxTtl")
|
1134
1135
|
@_utilities.deprecated("""Deprecated. Please use `token_max_ttl` instead.""")
|
1135
|
-
def max_ttl(self) -> pulumi.Output[Optional[str]]:
|
1136
|
+
def max_ttl(self) -> pulumi.Output[Optional[builtins.str]]:
|
1136
1137
|
"""
|
1137
1138
|
Maximum duration after which authentication will be expired
|
1138
1139
|
[See the documentation for info on valid duration formats](https://golang.org/pkg/time/#ParseDuration).
|
@@ -1141,7 +1142,7 @@ class AuthBackend(pulumi.CustomResource):
|
|
1141
1142
|
|
1142
1143
|
@property
|
1143
1144
|
@pulumi.getter
|
1144
|
-
def namespace(self) -> pulumi.Output[Optional[str]]:
|
1145
|
+
def namespace(self) -> pulumi.Output[Optional[builtins.str]]:
|
1145
1146
|
"""
|
1146
1147
|
The namespace to provision the resource in.
|
1147
1148
|
The value should not contain leading or trailing forward slashes.
|
@@ -1152,7 +1153,7 @@ class AuthBackend(pulumi.CustomResource):
|
|
1152
1153
|
|
1153
1154
|
@property
|
1154
1155
|
@pulumi.getter
|
1155
|
-
def organization(self) -> pulumi.Output[str]:
|
1156
|
+
def organization(self) -> pulumi.Output[builtins.str]:
|
1156
1157
|
"""
|
1157
1158
|
The Okta organization. This will be the first part of the url `https://XXX.okta.com`
|
1158
1159
|
"""
|
@@ -1160,7 +1161,7 @@ class AuthBackend(pulumi.CustomResource):
|
|
1160
1161
|
|
1161
1162
|
@property
|
1162
1163
|
@pulumi.getter
|
1163
|
-
def path(self) -> pulumi.Output[Optional[str]]:
|
1164
|
+
def path(self) -> pulumi.Output[Optional[builtins.str]]:
|
1164
1165
|
"""
|
1165
1166
|
Path to mount the Okta auth backend. Default to path `okta`.
|
1166
1167
|
"""
|
@@ -1168,7 +1169,7 @@ class AuthBackend(pulumi.CustomResource):
|
|
1168
1169
|
|
1169
1170
|
@property
|
1170
1171
|
@pulumi.getter
|
1171
|
-
def token(self) -> pulumi.Output[Optional[str]]:
|
1172
|
+
def token(self) -> pulumi.Output[Optional[builtins.str]]:
|
1172
1173
|
"""
|
1173
1174
|
The Okta API token. This is required to query Okta for user group membership.
|
1174
1175
|
If this is not supplied only locally configured groups will be enabled.
|
@@ -1177,7 +1178,7 @@ class AuthBackend(pulumi.CustomResource):
|
|
1177
1178
|
|
1178
1179
|
@property
|
1179
1180
|
@pulumi.getter(name="tokenBoundCidrs")
|
1180
|
-
def token_bound_cidrs(self) -> pulumi.Output[Optional[Sequence[str]]]:
|
1181
|
+
def token_bound_cidrs(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
|
1181
1182
|
"""
|
1182
1183
|
Specifies the blocks of IP addresses which are allowed to use the generated token
|
1183
1184
|
"""
|
@@ -1185,7 +1186,7 @@ class AuthBackend(pulumi.CustomResource):
|
|
1185
1186
|
|
1186
1187
|
@property
|
1187
1188
|
@pulumi.getter(name="tokenExplicitMaxTtl")
|
1188
|
-
def token_explicit_max_ttl(self) -> pulumi.Output[Optional[int]]:
|
1189
|
+
def token_explicit_max_ttl(self) -> pulumi.Output[Optional[builtins.int]]:
|
1189
1190
|
"""
|
1190
1191
|
Generated Token's Explicit Maximum TTL in seconds
|
1191
1192
|
"""
|
@@ -1193,7 +1194,7 @@ class AuthBackend(pulumi.CustomResource):
|
|
1193
1194
|
|
1194
1195
|
@property
|
1195
1196
|
@pulumi.getter(name="tokenMaxTtl")
|
1196
|
-
def token_max_ttl(self) -> pulumi.Output[Optional[int]]:
|
1197
|
+
def token_max_ttl(self) -> pulumi.Output[Optional[builtins.int]]:
|
1197
1198
|
"""
|
1198
1199
|
The maximum lifetime of the generated token
|
1199
1200
|
"""
|
@@ -1201,7 +1202,7 @@ class AuthBackend(pulumi.CustomResource):
|
|
1201
1202
|
|
1202
1203
|
@property
|
1203
1204
|
@pulumi.getter(name="tokenNoDefaultPolicy")
|
1204
|
-
def token_no_default_policy(self) -> pulumi.Output[Optional[bool]]:
|
1205
|
+
def token_no_default_policy(self) -> pulumi.Output[Optional[builtins.bool]]:
|
1205
1206
|
"""
|
1206
1207
|
If true, the 'default' policy will not automatically be added to generated tokens
|
1207
1208
|
"""
|
@@ -1209,7 +1210,7 @@ class AuthBackend(pulumi.CustomResource):
|
|
1209
1210
|
|
1210
1211
|
@property
|
1211
1212
|
@pulumi.getter(name="tokenNumUses")
|
1212
|
-
def token_num_uses(self) -> pulumi.Output[Optional[int]]:
|
1213
|
+
def token_num_uses(self) -> pulumi.Output[Optional[builtins.int]]:
|
1213
1214
|
"""
|
1214
1215
|
The maximum number of times a token may be used, a value of zero means unlimited
|
1215
1216
|
"""
|
@@ -1217,7 +1218,7 @@ class AuthBackend(pulumi.CustomResource):
|
|
1217
1218
|
|
1218
1219
|
@property
|
1219
1220
|
@pulumi.getter(name="tokenPeriod")
|
1220
|
-
def token_period(self) -> pulumi.Output[Optional[int]]:
|
1221
|
+
def token_period(self) -> pulumi.Output[Optional[builtins.int]]:
|
1221
1222
|
"""
|
1222
1223
|
Generated Token's Period
|
1223
1224
|
"""
|
@@ -1225,7 +1226,7 @@ class AuthBackend(pulumi.CustomResource):
|
|
1225
1226
|
|
1226
1227
|
@property
|
1227
1228
|
@pulumi.getter(name="tokenPolicies")
|
1228
|
-
def token_policies(self) -> pulumi.Output[Optional[Sequence[str]]]:
|
1229
|
+
def token_policies(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
|
1229
1230
|
"""
|
1230
1231
|
Generated Token's Policies
|
1231
1232
|
"""
|
@@ -1233,7 +1234,7 @@ class AuthBackend(pulumi.CustomResource):
|
|
1233
1234
|
|
1234
1235
|
@property
|
1235
1236
|
@pulumi.getter(name="tokenTtl")
|
1236
|
-
def token_ttl(self) -> pulumi.Output[Optional[int]]:
|
1237
|
+
def token_ttl(self) -> pulumi.Output[Optional[builtins.int]]:
|
1237
1238
|
"""
|
1238
1239
|
The initial ttl of the token to generate in seconds
|
1239
1240
|
"""
|
@@ -1241,7 +1242,7 @@ class AuthBackend(pulumi.CustomResource):
|
|
1241
1242
|
|
1242
1243
|
@property
|
1243
1244
|
@pulumi.getter(name="tokenType")
|
1244
|
-
def token_type(self) -> pulumi.Output[Optional[str]]:
|
1245
|
+
def token_type(self) -> pulumi.Output[Optional[builtins.str]]:
|
1245
1246
|
"""
|
1246
1247
|
The type of token to generate, service or batch
|
1247
1248
|
"""
|
@@ -1250,7 +1251,7 @@ class AuthBackend(pulumi.CustomResource):
|
|
1250
1251
|
@property
|
1251
1252
|
@pulumi.getter
|
1252
1253
|
@_utilities.deprecated("""Deprecated. Please use `token_ttl` instead.""")
|
1253
|
-
def ttl(self) -> pulumi.Output[Optional[str]]:
|
1254
|
+
def ttl(self) -> pulumi.Output[Optional[builtins.str]]:
|
1254
1255
|
"""
|
1255
1256
|
Duration after which authentication will be expired.
|
1256
1257
|
[See the documentation for info on valid duration formats](https://golang.org/pkg/time/#ParseDuration).
|