pulumi-vault 6.7.0a1743576047__py3-none-any.whl → 6.7.0a1744267302__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_vault/__init__.py +1 -0
- pulumi_vault/_inputs.py +554 -553
- pulumi_vault/ad/__init__.py +1 -0
- pulumi_vault/ad/get_access_credentials.py +20 -19
- pulumi_vault/ad/secret_backend.py +477 -476
- pulumi_vault/ad/secret_library.py +99 -98
- pulumi_vault/ad/secret_role.py +85 -84
- pulumi_vault/alicloud/__init__.py +1 -0
- pulumi_vault/alicloud/auth_backend_role.py +183 -182
- pulumi_vault/approle/__init__.py +1 -0
- pulumi_vault/approle/auth_backend_login.py +106 -105
- pulumi_vault/approle/auth_backend_role.py +239 -238
- pulumi_vault/approle/auth_backend_role_secret_id.py +162 -161
- pulumi_vault/approle/get_auth_backend_role_id.py +18 -17
- pulumi_vault/audit.py +85 -84
- pulumi_vault/audit_request_header.py +43 -42
- pulumi_vault/auth_backend.py +106 -105
- pulumi_vault/aws/__init__.py +1 -0
- pulumi_vault/aws/auth_backend_cert.py +71 -70
- pulumi_vault/aws/auth_backend_client.py +253 -252
- pulumi_vault/aws/auth_backend_config_identity.py +85 -84
- pulumi_vault/aws/auth_backend_identity_whitelist.py +57 -56
- pulumi_vault/aws/auth_backend_login.py +209 -208
- pulumi_vault/aws/auth_backend_role.py +400 -399
- pulumi_vault/aws/auth_backend_role_tag.py +127 -126
- pulumi_vault/aws/auth_backend_roletag_blacklist.py +57 -56
- pulumi_vault/aws/auth_backend_sts_role.py +71 -70
- pulumi_vault/aws/get_access_credentials.py +44 -43
- pulumi_vault/aws/get_static_access_credentials.py +13 -12
- pulumi_vault/aws/secret_backend.py +337 -336
- pulumi_vault/aws/secret_backend_role.py +211 -210
- pulumi_vault/aws/secret_backend_static_role.py +113 -112
- pulumi_vault/azure/__init__.py +1 -0
- pulumi_vault/azure/_inputs.py +21 -20
- pulumi_vault/azure/auth_backend_config.py +183 -182
- pulumi_vault/azure/auth_backend_role.py +253 -252
- pulumi_vault/azure/backend.py +239 -238
- pulumi_vault/azure/backend_role.py +141 -140
- pulumi_vault/azure/get_access_credentials.py +58 -57
- pulumi_vault/azure/outputs.py +11 -10
- pulumi_vault/cert_auth_backend_role.py +365 -364
- pulumi_vault/config/__init__.py +1 -0
- pulumi_vault/config/__init__.pyi +1 -0
- pulumi_vault/config/_inputs.py +11 -10
- pulumi_vault/config/outputs.py +287 -286
- pulumi_vault/config/ui_custom_message.py +113 -112
- pulumi_vault/config/vars.py +1 -0
- pulumi_vault/consul/__init__.py +1 -0
- pulumi_vault/consul/secret_backend.py +197 -196
- pulumi_vault/consul/secret_backend_role.py +183 -182
- pulumi_vault/database/__init__.py +1 -0
- pulumi_vault/database/_inputs.py +2525 -2524
- pulumi_vault/database/outputs.py +1529 -1528
- pulumi_vault/database/secret_backend_connection.py +169 -168
- pulumi_vault/database/secret_backend_role.py +169 -168
- pulumi_vault/database/secret_backend_static_role.py +179 -178
- pulumi_vault/database/secrets_mount.py +267 -266
- pulumi_vault/egp_policy.py +71 -70
- pulumi_vault/gcp/__init__.py +1 -0
- pulumi_vault/gcp/_inputs.py +82 -81
- pulumi_vault/gcp/auth_backend.py +260 -259
- pulumi_vault/gcp/auth_backend_role.py +281 -280
- pulumi_vault/gcp/get_auth_backend_role.py +70 -69
- pulumi_vault/gcp/outputs.py +50 -49
- pulumi_vault/gcp/secret_backend.py +232 -231
- pulumi_vault/gcp/secret_impersonated_account.py +92 -91
- pulumi_vault/gcp/secret_roleset.py +92 -91
- pulumi_vault/gcp/secret_static_account.py +92 -91
- pulumi_vault/generic/__init__.py +1 -0
- pulumi_vault/generic/endpoint.py +113 -112
- pulumi_vault/generic/get_secret.py +28 -27
- pulumi_vault/generic/secret.py +78 -77
- pulumi_vault/get_auth_backend.py +19 -18
- pulumi_vault/get_auth_backends.py +14 -13
- pulumi_vault/get_namespace.py +15 -14
- pulumi_vault/get_namespaces.py +8 -7
- pulumi_vault/get_nomad_access_token.py +19 -18
- pulumi_vault/get_policy_document.py +6 -5
- pulumi_vault/get_raft_autopilot_state.py +18 -17
- pulumi_vault/github/__init__.py +1 -0
- pulumi_vault/github/_inputs.py +42 -41
- pulumi_vault/github/auth_backend.py +232 -231
- pulumi_vault/github/outputs.py +26 -25
- pulumi_vault/github/team.py +57 -56
- pulumi_vault/github/user.py +57 -56
- pulumi_vault/identity/__init__.py +1 -0
- pulumi_vault/identity/entity.py +85 -84
- pulumi_vault/identity/entity_alias.py +71 -70
- pulumi_vault/identity/entity_policies.py +64 -63
- pulumi_vault/identity/get_entity.py +43 -42
- pulumi_vault/identity/get_group.py +50 -49
- pulumi_vault/identity/get_oidc_client_creds.py +14 -13
- pulumi_vault/identity/get_oidc_openid_config.py +24 -23
- pulumi_vault/identity/get_oidc_public_keys.py +13 -12
- pulumi_vault/identity/group.py +141 -140
- pulumi_vault/identity/group_alias.py +57 -56
- pulumi_vault/identity/group_member_entity_ids.py +57 -56
- pulumi_vault/identity/group_member_group_ids.py +57 -56
- pulumi_vault/identity/group_policies.py +64 -63
- pulumi_vault/identity/mfa_duo.py +148 -147
- pulumi_vault/identity/mfa_login_enforcement.py +120 -119
- pulumi_vault/identity/mfa_okta.py +134 -133
- pulumi_vault/identity/mfa_pingid.py +127 -126
- pulumi_vault/identity/mfa_totp.py +176 -175
- pulumi_vault/identity/oidc.py +29 -28
- pulumi_vault/identity/oidc_assignment.py +57 -56
- pulumi_vault/identity/oidc_client.py +127 -126
- pulumi_vault/identity/oidc_key.py +85 -84
- pulumi_vault/identity/oidc_key_allowed_client_id.py +43 -42
- pulumi_vault/identity/oidc_provider.py +92 -91
- pulumi_vault/identity/oidc_role.py +85 -84
- pulumi_vault/identity/oidc_scope.py +57 -56
- pulumi_vault/identity/outputs.py +32 -31
- pulumi_vault/jwt/__init__.py +1 -0
- pulumi_vault/jwt/_inputs.py +42 -41
- pulumi_vault/jwt/auth_backend.py +288 -287
- pulumi_vault/jwt/auth_backend_role.py +407 -406
- pulumi_vault/jwt/outputs.py +26 -25
- pulumi_vault/kmip/__init__.py +1 -0
- pulumi_vault/kmip/secret_backend.py +183 -182
- pulumi_vault/kmip/secret_role.py +295 -294
- pulumi_vault/kmip/secret_scope.py +57 -56
- pulumi_vault/kubernetes/__init__.py +1 -0
- pulumi_vault/kubernetes/auth_backend_config.py +141 -140
- pulumi_vault/kubernetes/auth_backend_role.py +225 -224
- pulumi_vault/kubernetes/get_auth_backend_config.py +47 -46
- pulumi_vault/kubernetes/get_auth_backend_role.py +70 -69
- pulumi_vault/kubernetes/get_service_account_token.py +38 -37
- pulumi_vault/kubernetes/secret_backend.py +316 -315
- pulumi_vault/kubernetes/secret_backend_role.py +197 -196
- pulumi_vault/kv/__init__.py +1 -0
- pulumi_vault/kv/_inputs.py +21 -20
- pulumi_vault/kv/get_secret.py +17 -16
- pulumi_vault/kv/get_secret_subkeys_v2.py +30 -29
- pulumi_vault/kv/get_secret_v2.py +29 -28
- pulumi_vault/kv/get_secrets_list.py +13 -12
- pulumi_vault/kv/get_secrets_list_v2.py +19 -18
- pulumi_vault/kv/outputs.py +13 -12
- pulumi_vault/kv/secret.py +50 -49
- pulumi_vault/kv/secret_backend_v2.py +71 -70
- pulumi_vault/kv/secret_v2.py +134 -133
- pulumi_vault/ldap/__init__.py +1 -0
- pulumi_vault/ldap/auth_backend.py +588 -587
- pulumi_vault/ldap/auth_backend_group.py +57 -56
- pulumi_vault/ldap/auth_backend_user.py +71 -70
- pulumi_vault/ldap/get_dynamic_credentials.py +17 -16
- pulumi_vault/ldap/get_static_credentials.py +18 -17
- pulumi_vault/ldap/secret_backend.py +554 -553
- pulumi_vault/ldap/secret_backend_dynamic_role.py +127 -126
- pulumi_vault/ldap/secret_backend_library_set.py +99 -98
- pulumi_vault/ldap/secret_backend_static_role.py +99 -98
- pulumi_vault/managed/__init__.py +1 -0
- pulumi_vault/managed/_inputs.py +229 -228
- pulumi_vault/managed/keys.py +15 -14
- pulumi_vault/managed/outputs.py +139 -138
- pulumi_vault/mfa_duo.py +113 -112
- pulumi_vault/mfa_okta.py +113 -112
- pulumi_vault/mfa_pingid.py +120 -119
- pulumi_vault/mfa_totp.py +127 -126
- pulumi_vault/mongodbatlas/__init__.py +1 -0
- pulumi_vault/mongodbatlas/secret_backend.py +64 -63
- pulumi_vault/mongodbatlas/secret_role.py +155 -154
- pulumi_vault/mount.py +274 -273
- pulumi_vault/namespace.py +64 -63
- pulumi_vault/nomad_secret_backend.py +211 -210
- pulumi_vault/nomad_secret_role.py +85 -84
- pulumi_vault/okta/__init__.py +1 -0
- pulumi_vault/okta/_inputs.py +26 -25
- pulumi_vault/okta/auth_backend.py +274 -273
- pulumi_vault/okta/auth_backend_group.py +57 -56
- pulumi_vault/okta/auth_backend_user.py +71 -70
- pulumi_vault/okta/outputs.py +16 -15
- pulumi_vault/outputs.py +56 -55
- pulumi_vault/password_policy.py +43 -42
- pulumi_vault/pkisecret/__init__.py +1 -0
- pulumi_vault/pkisecret/_inputs.py +31 -30
- pulumi_vault/pkisecret/backend_acme_eab.py +92 -91
- pulumi_vault/pkisecret/backend_config_acme.py +141 -140
- pulumi_vault/pkisecret/backend_config_auto_tidy.py +323 -322
- pulumi_vault/pkisecret/backend_config_cluster.py +57 -56
- pulumi_vault/pkisecret/backend_config_cmpv2.py +106 -105
- pulumi_vault/pkisecret/backend_config_est.py +120 -119
- pulumi_vault/pkisecret/get_backend_cert_metadata.py +22 -21
- pulumi_vault/pkisecret/get_backend_config_cmpv2.py +22 -21
- pulumi_vault/pkisecret/get_backend_config_est.py +19 -18
- pulumi_vault/pkisecret/get_backend_issuer.py +45 -44
- pulumi_vault/pkisecret/get_backend_issuers.py +15 -14
- pulumi_vault/pkisecret/get_backend_key.py +20 -19
- pulumi_vault/pkisecret/get_backend_keys.py +15 -14
- pulumi_vault/pkisecret/outputs.py +28 -27
- pulumi_vault/pkisecret/secret_backend_cert.py +337 -336
- pulumi_vault/pkisecret/secret_backend_config_ca.py +43 -42
- pulumi_vault/pkisecret/secret_backend_config_issuers.py +57 -56
- pulumi_vault/pkisecret/secret_backend_config_urls.py +85 -84
- pulumi_vault/pkisecret/secret_backend_crl_config.py +197 -196
- pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +421 -420
- pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +57 -56
- pulumi_vault/pkisecret/secret_backend_issuer.py +232 -231
- pulumi_vault/pkisecret/secret_backend_key.py +120 -119
- pulumi_vault/pkisecret/secret_backend_role.py +715 -714
- pulumi_vault/pkisecret/secret_backend_root_cert.py +554 -553
- pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +526 -525
- pulumi_vault/pkisecret/secret_backend_sign.py +281 -280
- pulumi_vault/plugin.py +127 -126
- pulumi_vault/plugin_pinned_version.py +43 -42
- pulumi_vault/policy.py +43 -42
- pulumi_vault/provider.py +120 -119
- pulumi_vault/pulumi-plugin.json +1 -1
- pulumi_vault/quota_lease_count.py +85 -84
- pulumi_vault/quota_rate_limit.py +113 -112
- pulumi_vault/rabbitmq/__init__.py +1 -0
- pulumi_vault/rabbitmq/_inputs.py +41 -40
- pulumi_vault/rabbitmq/outputs.py +25 -24
- pulumi_vault/rabbitmq/secret_backend.py +169 -168
- pulumi_vault/rabbitmq/secret_backend_role.py +57 -56
- pulumi_vault/raft_autopilot.py +113 -112
- pulumi_vault/raft_snapshot_agent_config.py +393 -392
- pulumi_vault/rgp_policy.py +57 -56
- pulumi_vault/saml/__init__.py +1 -0
- pulumi_vault/saml/auth_backend.py +155 -154
- pulumi_vault/saml/auth_backend_role.py +239 -238
- pulumi_vault/secrets/__init__.py +1 -0
- pulumi_vault/secrets/_inputs.py +16 -15
- pulumi_vault/secrets/outputs.py +10 -9
- pulumi_vault/secrets/sync_association.py +71 -70
- pulumi_vault/secrets/sync_aws_destination.py +148 -147
- pulumi_vault/secrets/sync_azure_destination.py +148 -147
- pulumi_vault/secrets/sync_config.py +43 -42
- pulumi_vault/secrets/sync_gcp_destination.py +106 -105
- pulumi_vault/secrets/sync_gh_destination.py +134 -133
- pulumi_vault/secrets/sync_github_apps.py +64 -63
- pulumi_vault/secrets/sync_vercel_destination.py +120 -119
- pulumi_vault/ssh/__init__.py +1 -0
- pulumi_vault/ssh/_inputs.py +11 -10
- pulumi_vault/ssh/get_secret_backend_sign.py +52 -51
- pulumi_vault/ssh/outputs.py +7 -6
- pulumi_vault/ssh/secret_backend_ca.py +99 -98
- pulumi_vault/ssh/secret_backend_role.py +365 -364
- pulumi_vault/terraformcloud/__init__.py +1 -0
- pulumi_vault/terraformcloud/secret_backend.py +111 -110
- pulumi_vault/terraformcloud/secret_creds.py +74 -73
- pulumi_vault/terraformcloud/secret_role.py +93 -92
- pulumi_vault/token.py +246 -245
- pulumi_vault/tokenauth/__init__.py +1 -0
- pulumi_vault/tokenauth/auth_backend_role.py +267 -266
- pulumi_vault/transform/__init__.py +1 -0
- pulumi_vault/transform/alphabet.py +57 -56
- pulumi_vault/transform/get_decode.py +47 -46
- pulumi_vault/transform/get_encode.py +47 -46
- pulumi_vault/transform/role.py +57 -56
- pulumi_vault/transform/template.py +113 -112
- pulumi_vault/transform/transformation.py +141 -140
- pulumi_vault/transit/__init__.py +1 -0
- pulumi_vault/transit/get_decrypt.py +18 -17
- pulumi_vault/transit/get_encrypt.py +21 -20
- pulumi_vault/transit/get_sign.py +54 -53
- pulumi_vault/transit/get_verify.py +60 -59
- pulumi_vault/transit/secret_backend_key.py +274 -273
- pulumi_vault/transit/secret_cache_config.py +43 -42
- {pulumi_vault-6.7.0a1743576047.dist-info → pulumi_vault-6.7.0a1744267302.dist-info}/METADATA +1 -1
- pulumi_vault-6.7.0a1744267302.dist-info/RECORD +265 -0
- pulumi_vault-6.7.0a1743576047.dist-info/RECORD +0 -265
- {pulumi_vault-6.7.0a1743576047.dist-info → pulumi_vault-6.7.0a1744267302.dist-info}/WHEEL +0 -0
- {pulumi_vault-6.7.0a1743576047.dist-info → pulumi_vault-6.7.0a1744267302.dist-info}/top_level.txt +0 -0
@@ -2,6 +2,7 @@
|
|
2
2
|
# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
|
3
3
|
# *** Do not edit by hand unless you're certain you know what you are doing! ***
|
4
4
|
|
5
|
+
import builtins
|
5
6
|
import copy
|
6
7
|
import warnings
|
7
8
|
import sys
|
@@ -19,86 +20,86 @@ __all__ = ['SecretBackendRootSignIntermediateArgs', 'SecretBackendRootSignInterm
|
|
19
20
|
@pulumi.input_type
|
20
21
|
class SecretBackendRootSignIntermediateArgs:
|
21
22
|
def __init__(__self__, *,
|
22
|
-
backend: pulumi.Input[str],
|
23
|
-
common_name: pulumi.Input[str],
|
24
|
-
csr: pulumi.Input[str],
|
25
|
-
alt_names: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
26
|
-
country: Optional[pulumi.Input[str]] = None,
|
27
|
-
exclude_cn_from_sans: Optional[pulumi.Input[bool]] = None,
|
28
|
-
excluded_dns_domains: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
29
|
-
excluded_email_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
30
|
-
excluded_ip_ranges: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
31
|
-
excluded_uri_domains: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
32
|
-
format: Optional[pulumi.Input[str]] = None,
|
33
|
-
ip_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
34
|
-
issuer_ref: Optional[pulumi.Input[str]] = None,
|
35
|
-
locality: Optional[pulumi.Input[str]] = None,
|
36
|
-
max_path_length: Optional[pulumi.Input[int]] = None,
|
37
|
-
namespace: Optional[pulumi.Input[str]] = None,
|
38
|
-
not_after: Optional[pulumi.Input[str]] = None,
|
39
|
-
not_before_duration: Optional[pulumi.Input[str]] = None,
|
40
|
-
organization: Optional[pulumi.Input[str]] = None,
|
41
|
-
other_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
42
|
-
ou: Optional[pulumi.Input[str]] = None,
|
43
|
-
permitted_dns_domains: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
44
|
-
permitted_email_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
45
|
-
permitted_ip_ranges: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
46
|
-
permitted_uri_domains: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
47
|
-
postal_code: Optional[pulumi.Input[str]] = None,
|
48
|
-
province: Optional[pulumi.Input[str]] = None,
|
49
|
-
revoke: Optional[pulumi.Input[bool]] = None,
|
50
|
-
signature_bits: Optional[pulumi.Input[int]] = None,
|
51
|
-
skid: Optional[pulumi.Input[str]] = None,
|
52
|
-
street_address: Optional[pulumi.Input[str]] = None,
|
53
|
-
ttl: Optional[pulumi.Input[str]] = None,
|
54
|
-
uri_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
55
|
-
use_csr_values: Optional[pulumi.Input[bool]] = None,
|
56
|
-
use_pss: Optional[pulumi.Input[bool]] = None):
|
23
|
+
backend: pulumi.Input[builtins.str],
|
24
|
+
common_name: pulumi.Input[builtins.str],
|
25
|
+
csr: pulumi.Input[builtins.str],
|
26
|
+
alt_names: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
27
|
+
country: Optional[pulumi.Input[builtins.str]] = None,
|
28
|
+
exclude_cn_from_sans: Optional[pulumi.Input[builtins.bool]] = None,
|
29
|
+
excluded_dns_domains: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
30
|
+
excluded_email_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
31
|
+
excluded_ip_ranges: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
32
|
+
excluded_uri_domains: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
33
|
+
format: Optional[pulumi.Input[builtins.str]] = None,
|
34
|
+
ip_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
35
|
+
issuer_ref: Optional[pulumi.Input[builtins.str]] = None,
|
36
|
+
locality: Optional[pulumi.Input[builtins.str]] = None,
|
37
|
+
max_path_length: Optional[pulumi.Input[builtins.int]] = None,
|
38
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None,
|
39
|
+
not_after: Optional[pulumi.Input[builtins.str]] = None,
|
40
|
+
not_before_duration: Optional[pulumi.Input[builtins.str]] = None,
|
41
|
+
organization: Optional[pulumi.Input[builtins.str]] = None,
|
42
|
+
other_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
43
|
+
ou: Optional[pulumi.Input[builtins.str]] = None,
|
44
|
+
permitted_dns_domains: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
45
|
+
permitted_email_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
46
|
+
permitted_ip_ranges: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
47
|
+
permitted_uri_domains: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
48
|
+
postal_code: Optional[pulumi.Input[builtins.str]] = None,
|
49
|
+
province: Optional[pulumi.Input[builtins.str]] = None,
|
50
|
+
revoke: Optional[pulumi.Input[builtins.bool]] = None,
|
51
|
+
signature_bits: Optional[pulumi.Input[builtins.int]] = None,
|
52
|
+
skid: Optional[pulumi.Input[builtins.str]] = None,
|
53
|
+
street_address: Optional[pulumi.Input[builtins.str]] = None,
|
54
|
+
ttl: Optional[pulumi.Input[builtins.str]] = None,
|
55
|
+
uri_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
56
|
+
use_csr_values: Optional[pulumi.Input[builtins.bool]] = None,
|
57
|
+
use_pss: Optional[pulumi.Input[builtins.bool]] = None):
|
57
58
|
"""
|
58
59
|
The set of arguments for constructing a SecretBackendRootSignIntermediate resource.
|
59
|
-
:param pulumi.Input[str] backend: The PKI secret backend the resource belongs to.
|
60
|
-
:param pulumi.Input[str] common_name: CN of intermediate to create
|
61
|
-
:param pulumi.Input[str] csr: The CSR
|
62
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] alt_names: List of alternative names
|
63
|
-
:param pulumi.Input[str] country: The country
|
64
|
-
:param pulumi.Input[bool] exclude_cn_from_sans: Flag to exclude CN from SANs
|
65
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] excluded_dns_domains: List of domains for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
66
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] excluded_email_addresses: List of email addresses for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
67
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] excluded_ip_ranges: List of IP ranges for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
68
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] excluded_uri_domains: List of URI domains for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
69
|
-
:param pulumi.Input[str] format: The format of data
|
70
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] ip_sans: List of alternative IPs
|
71
|
-
:param pulumi.Input[str] issuer_ref: Specifies the default issuer of this request. May
|
60
|
+
:param pulumi.Input[builtins.str] backend: The PKI secret backend the resource belongs to.
|
61
|
+
:param pulumi.Input[builtins.str] common_name: CN of intermediate to create
|
62
|
+
:param pulumi.Input[builtins.str] csr: The CSR
|
63
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] alt_names: List of alternative names
|
64
|
+
:param pulumi.Input[builtins.str] country: The country
|
65
|
+
:param pulumi.Input[builtins.bool] exclude_cn_from_sans: Flag to exclude CN from SANs
|
66
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] excluded_dns_domains: List of domains for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
67
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] excluded_email_addresses: List of email addresses for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
68
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] excluded_ip_ranges: List of IP ranges for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
69
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] excluded_uri_domains: List of URI domains for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
70
|
+
:param pulumi.Input[builtins.str] format: The format of data
|
71
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] ip_sans: List of alternative IPs
|
72
|
+
:param pulumi.Input[builtins.str] issuer_ref: Specifies the default issuer of this request. May
|
72
73
|
be the value `default`, a name, or an issuer ID. Use ACLs to prevent access to
|
73
74
|
the `/pki/issuer/:issuer_ref/{issue,sign}/:name` paths to prevent users
|
74
75
|
overriding the role's `issuer_ref` value.
|
75
|
-
:param pulumi.Input[str] locality: The locality
|
76
|
-
:param pulumi.Input[int] max_path_length: The maximum path length to encode in the generated certificate
|
77
|
-
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
76
|
+
:param pulumi.Input[builtins.str] locality: The locality
|
77
|
+
:param pulumi.Input[builtins.int] max_path_length: The maximum path length to encode in the generated certificate
|
78
|
+
:param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
|
78
79
|
The value should not contain leading or trailing forward slashes.
|
79
80
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
80
81
|
*Available only for Vault Enterprise*.
|
81
|
-
:param pulumi.Input[str] not_after: Set the Not After field of the certificate with specified date value.
|
82
|
+
:param pulumi.Input[builtins.str] not_after: Set the Not After field of the certificate with specified date value.
|
82
83
|
The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ. Supports the Y10K end date
|
83
84
|
for IEEE 802.1AR-2018 standard devices, 9999-12-31T23:59:59Z.
|
84
|
-
:param pulumi.Input[str] not_before_duration: Specifies the duration by which to backdate the NotBefore property.
|
85
|
-
:param pulumi.Input[str] organization: The organization
|
86
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] other_sans: List of other SANs
|
87
|
-
:param pulumi.Input[str] ou: The organization unit
|
88
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] permitted_dns_domains: List of domains for which certificates are allowed to be issued
|
89
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] permitted_email_addresses: List of email addresses for which certificates are allowed to be issued. Requires Vault version 1.19+.
|
90
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] permitted_ip_ranges: List of IP ranges for which certificates are allowed to be issued. Requires Vault version 1.19+.
|
91
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] permitted_uri_domains: List of URI domains for which certificates are allowed to be issued. Requires Vault version 1.19+.
|
92
|
-
:param pulumi.Input[str] postal_code: The postal code
|
93
|
-
:param pulumi.Input[str] province: The province
|
94
|
-
:param pulumi.Input[bool] revoke: If set to `true`, the certificate will be revoked on resource destruction.
|
95
|
-
:param pulumi.Input[int] signature_bits: The number of bits to use in the signature algorithm
|
96
|
-
:param pulumi.Input[str] skid: Value for the Subject Key Identifier field (RFC 5280 Section 4.2.1.2). Specified as a string in hex format.
|
97
|
-
:param pulumi.Input[str] street_address: The street address
|
98
|
-
:param pulumi.Input[str] ttl: Time to live
|
99
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] uri_sans: List of alternative URIs
|
100
|
-
:param pulumi.Input[bool] use_csr_values: Preserve CSR values
|
101
|
-
:param pulumi.Input[bool] use_pss: Specifies whether or not to use PSS signatures over PKCS#1v1.5 signatures when a RSA-type issuer is used.
|
85
|
+
:param pulumi.Input[builtins.str] not_before_duration: Specifies the duration by which to backdate the NotBefore property.
|
86
|
+
:param pulumi.Input[builtins.str] organization: The organization
|
87
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] other_sans: List of other SANs
|
88
|
+
:param pulumi.Input[builtins.str] ou: The organization unit
|
89
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] permitted_dns_domains: List of domains for which certificates are allowed to be issued
|
90
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] permitted_email_addresses: List of email addresses for which certificates are allowed to be issued. Requires Vault version 1.19+.
|
91
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] permitted_ip_ranges: List of IP ranges for which certificates are allowed to be issued. Requires Vault version 1.19+.
|
92
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] permitted_uri_domains: List of URI domains for which certificates are allowed to be issued. Requires Vault version 1.19+.
|
93
|
+
:param pulumi.Input[builtins.str] postal_code: The postal code
|
94
|
+
:param pulumi.Input[builtins.str] province: The province
|
95
|
+
:param pulumi.Input[builtins.bool] revoke: If set to `true`, the certificate will be revoked on resource destruction.
|
96
|
+
:param pulumi.Input[builtins.int] signature_bits: The number of bits to use in the signature algorithm
|
97
|
+
:param pulumi.Input[builtins.str] skid: Value for the Subject Key Identifier field (RFC 5280 Section 4.2.1.2). Specified as a string in hex format.
|
98
|
+
:param pulumi.Input[builtins.str] street_address: The street address
|
99
|
+
:param pulumi.Input[builtins.str] ttl: Time to live
|
100
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] uri_sans: List of alternative URIs
|
101
|
+
:param pulumi.Input[builtins.bool] use_csr_values: Preserve CSR values
|
102
|
+
:param pulumi.Input[builtins.bool] use_pss: Specifies whether or not to use PSS signatures over PKCS#1v1.5 signatures when a RSA-type issuer is used.
|
102
103
|
"""
|
103
104
|
pulumi.set(__self__, "backend", backend)
|
104
105
|
pulumi.set(__self__, "common_name", common_name)
|
@@ -170,151 +171,151 @@ class SecretBackendRootSignIntermediateArgs:
|
|
170
171
|
|
171
172
|
@property
|
172
173
|
@pulumi.getter
|
173
|
-
def backend(self) -> pulumi.Input[str]:
|
174
|
+
def backend(self) -> pulumi.Input[builtins.str]:
|
174
175
|
"""
|
175
176
|
The PKI secret backend the resource belongs to.
|
176
177
|
"""
|
177
178
|
return pulumi.get(self, "backend")
|
178
179
|
|
179
180
|
@backend.setter
|
180
|
-
def backend(self, value: pulumi.Input[str]):
|
181
|
+
def backend(self, value: pulumi.Input[builtins.str]):
|
181
182
|
pulumi.set(self, "backend", value)
|
182
183
|
|
183
184
|
@property
|
184
185
|
@pulumi.getter(name="commonName")
|
185
|
-
def common_name(self) -> pulumi.Input[str]:
|
186
|
+
def common_name(self) -> pulumi.Input[builtins.str]:
|
186
187
|
"""
|
187
188
|
CN of intermediate to create
|
188
189
|
"""
|
189
190
|
return pulumi.get(self, "common_name")
|
190
191
|
|
191
192
|
@common_name.setter
|
192
|
-
def common_name(self, value: pulumi.Input[str]):
|
193
|
+
def common_name(self, value: pulumi.Input[builtins.str]):
|
193
194
|
pulumi.set(self, "common_name", value)
|
194
195
|
|
195
196
|
@property
|
196
197
|
@pulumi.getter
|
197
|
-
def csr(self) -> pulumi.Input[str]:
|
198
|
+
def csr(self) -> pulumi.Input[builtins.str]:
|
198
199
|
"""
|
199
200
|
The CSR
|
200
201
|
"""
|
201
202
|
return pulumi.get(self, "csr")
|
202
203
|
|
203
204
|
@csr.setter
|
204
|
-
def csr(self, value: pulumi.Input[str]):
|
205
|
+
def csr(self, value: pulumi.Input[builtins.str]):
|
205
206
|
pulumi.set(self, "csr", value)
|
206
207
|
|
207
208
|
@property
|
208
209
|
@pulumi.getter(name="altNames")
|
209
|
-
def alt_names(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
210
|
+
def alt_names(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
210
211
|
"""
|
211
212
|
List of alternative names
|
212
213
|
"""
|
213
214
|
return pulumi.get(self, "alt_names")
|
214
215
|
|
215
216
|
@alt_names.setter
|
216
|
-
def alt_names(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
217
|
+
def alt_names(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
217
218
|
pulumi.set(self, "alt_names", value)
|
218
219
|
|
219
220
|
@property
|
220
221
|
@pulumi.getter
|
221
|
-
def country(self) -> Optional[pulumi.Input[str]]:
|
222
|
+
def country(self) -> Optional[pulumi.Input[builtins.str]]:
|
222
223
|
"""
|
223
224
|
The country
|
224
225
|
"""
|
225
226
|
return pulumi.get(self, "country")
|
226
227
|
|
227
228
|
@country.setter
|
228
|
-
def country(self, value: Optional[pulumi.Input[str]]):
|
229
|
+
def country(self, value: Optional[pulumi.Input[builtins.str]]):
|
229
230
|
pulumi.set(self, "country", value)
|
230
231
|
|
231
232
|
@property
|
232
233
|
@pulumi.getter(name="excludeCnFromSans")
|
233
|
-
def exclude_cn_from_sans(self) -> Optional[pulumi.Input[bool]]:
|
234
|
+
def exclude_cn_from_sans(self) -> Optional[pulumi.Input[builtins.bool]]:
|
234
235
|
"""
|
235
236
|
Flag to exclude CN from SANs
|
236
237
|
"""
|
237
238
|
return pulumi.get(self, "exclude_cn_from_sans")
|
238
239
|
|
239
240
|
@exclude_cn_from_sans.setter
|
240
|
-
def exclude_cn_from_sans(self, value: Optional[pulumi.Input[bool]]):
|
241
|
+
def exclude_cn_from_sans(self, value: Optional[pulumi.Input[builtins.bool]]):
|
241
242
|
pulumi.set(self, "exclude_cn_from_sans", value)
|
242
243
|
|
243
244
|
@property
|
244
245
|
@pulumi.getter(name="excludedDnsDomains")
|
245
|
-
def excluded_dns_domains(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
246
|
+
def excluded_dns_domains(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
246
247
|
"""
|
247
248
|
List of domains for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
248
249
|
"""
|
249
250
|
return pulumi.get(self, "excluded_dns_domains")
|
250
251
|
|
251
252
|
@excluded_dns_domains.setter
|
252
|
-
def excluded_dns_domains(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
253
|
+
def excluded_dns_domains(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
253
254
|
pulumi.set(self, "excluded_dns_domains", value)
|
254
255
|
|
255
256
|
@property
|
256
257
|
@pulumi.getter(name="excludedEmailAddresses")
|
257
|
-
def excluded_email_addresses(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
258
|
+
def excluded_email_addresses(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
258
259
|
"""
|
259
260
|
List of email addresses for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
260
261
|
"""
|
261
262
|
return pulumi.get(self, "excluded_email_addresses")
|
262
263
|
|
263
264
|
@excluded_email_addresses.setter
|
264
|
-
def excluded_email_addresses(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
265
|
+
def excluded_email_addresses(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
265
266
|
pulumi.set(self, "excluded_email_addresses", value)
|
266
267
|
|
267
268
|
@property
|
268
269
|
@pulumi.getter(name="excludedIpRanges")
|
269
|
-
def excluded_ip_ranges(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
270
|
+
def excluded_ip_ranges(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
270
271
|
"""
|
271
272
|
List of IP ranges for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
272
273
|
"""
|
273
274
|
return pulumi.get(self, "excluded_ip_ranges")
|
274
275
|
|
275
276
|
@excluded_ip_ranges.setter
|
276
|
-
def excluded_ip_ranges(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
277
|
+
def excluded_ip_ranges(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
277
278
|
pulumi.set(self, "excluded_ip_ranges", value)
|
278
279
|
|
279
280
|
@property
|
280
281
|
@pulumi.getter(name="excludedUriDomains")
|
281
|
-
def excluded_uri_domains(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
282
|
+
def excluded_uri_domains(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
282
283
|
"""
|
283
284
|
List of URI domains for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
284
285
|
"""
|
285
286
|
return pulumi.get(self, "excluded_uri_domains")
|
286
287
|
|
287
288
|
@excluded_uri_domains.setter
|
288
|
-
def excluded_uri_domains(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
289
|
+
def excluded_uri_domains(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
289
290
|
pulumi.set(self, "excluded_uri_domains", value)
|
290
291
|
|
291
292
|
@property
|
292
293
|
@pulumi.getter
|
293
|
-
def format(self) -> Optional[pulumi.Input[str]]:
|
294
|
+
def format(self) -> Optional[pulumi.Input[builtins.str]]:
|
294
295
|
"""
|
295
296
|
The format of data
|
296
297
|
"""
|
297
298
|
return pulumi.get(self, "format")
|
298
299
|
|
299
300
|
@format.setter
|
300
|
-
def format(self, value: Optional[pulumi.Input[str]]):
|
301
|
+
def format(self, value: Optional[pulumi.Input[builtins.str]]):
|
301
302
|
pulumi.set(self, "format", value)
|
302
303
|
|
303
304
|
@property
|
304
305
|
@pulumi.getter(name="ipSans")
|
305
|
-
def ip_sans(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
306
|
+
def ip_sans(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
306
307
|
"""
|
307
308
|
List of alternative IPs
|
308
309
|
"""
|
309
310
|
return pulumi.get(self, "ip_sans")
|
310
311
|
|
311
312
|
@ip_sans.setter
|
312
|
-
def ip_sans(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
313
|
+
def ip_sans(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
313
314
|
pulumi.set(self, "ip_sans", value)
|
314
315
|
|
315
316
|
@property
|
316
317
|
@pulumi.getter(name="issuerRef")
|
317
|
-
def issuer_ref(self) -> Optional[pulumi.Input[str]]:
|
318
|
+
def issuer_ref(self) -> Optional[pulumi.Input[builtins.str]]:
|
318
319
|
"""
|
319
320
|
Specifies the default issuer of this request. May
|
320
321
|
be the value `default`, a name, or an issuer ID. Use ACLs to prevent access to
|
@@ -324,36 +325,36 @@ class SecretBackendRootSignIntermediateArgs:
|
|
324
325
|
return pulumi.get(self, "issuer_ref")
|
325
326
|
|
326
327
|
@issuer_ref.setter
|
327
|
-
def issuer_ref(self, value: Optional[pulumi.Input[str]]):
|
328
|
+
def issuer_ref(self, value: Optional[pulumi.Input[builtins.str]]):
|
328
329
|
pulumi.set(self, "issuer_ref", value)
|
329
330
|
|
330
331
|
@property
|
331
332
|
@pulumi.getter
|
332
|
-
def locality(self) -> Optional[pulumi.Input[str]]:
|
333
|
+
def locality(self) -> Optional[pulumi.Input[builtins.str]]:
|
333
334
|
"""
|
334
335
|
The locality
|
335
336
|
"""
|
336
337
|
return pulumi.get(self, "locality")
|
337
338
|
|
338
339
|
@locality.setter
|
339
|
-
def locality(self, value: Optional[pulumi.Input[str]]):
|
340
|
+
def locality(self, value: Optional[pulumi.Input[builtins.str]]):
|
340
341
|
pulumi.set(self, "locality", value)
|
341
342
|
|
342
343
|
@property
|
343
344
|
@pulumi.getter(name="maxPathLength")
|
344
|
-
def max_path_length(self) -> Optional[pulumi.Input[int]]:
|
345
|
+
def max_path_length(self) -> Optional[pulumi.Input[builtins.int]]:
|
345
346
|
"""
|
346
347
|
The maximum path length to encode in the generated certificate
|
347
348
|
"""
|
348
349
|
return pulumi.get(self, "max_path_length")
|
349
350
|
|
350
351
|
@max_path_length.setter
|
351
|
-
def max_path_length(self, value: Optional[pulumi.Input[int]]):
|
352
|
+
def max_path_length(self, value: Optional[pulumi.Input[builtins.int]]):
|
352
353
|
pulumi.set(self, "max_path_length", value)
|
353
354
|
|
354
355
|
@property
|
355
356
|
@pulumi.getter
|
356
|
-
def namespace(self) -> Optional[pulumi.Input[str]]:
|
357
|
+
def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
|
357
358
|
"""
|
358
359
|
The namespace to provision the resource in.
|
359
360
|
The value should not contain leading or trailing forward slashes.
|
@@ -363,12 +364,12 @@ class SecretBackendRootSignIntermediateArgs:
|
|
363
364
|
return pulumi.get(self, "namespace")
|
364
365
|
|
365
366
|
@namespace.setter
|
366
|
-
def namespace(self, value: Optional[pulumi.Input[str]]):
|
367
|
+
def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
|
367
368
|
pulumi.set(self, "namespace", value)
|
368
369
|
|
369
370
|
@property
|
370
371
|
@pulumi.getter(name="notAfter")
|
371
|
-
def not_after(self) -> Optional[pulumi.Input[str]]:
|
372
|
+
def not_after(self) -> Optional[pulumi.Input[builtins.str]]:
|
372
373
|
"""
|
373
374
|
Set the Not After field of the certificate with specified date value.
|
374
375
|
The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ. Supports the Y10K end date
|
@@ -377,320 +378,320 @@ class SecretBackendRootSignIntermediateArgs:
|
|
377
378
|
return pulumi.get(self, "not_after")
|
378
379
|
|
379
380
|
@not_after.setter
|
380
|
-
def not_after(self, value: Optional[pulumi.Input[str]]):
|
381
|
+
def not_after(self, value: Optional[pulumi.Input[builtins.str]]):
|
381
382
|
pulumi.set(self, "not_after", value)
|
382
383
|
|
383
384
|
@property
|
384
385
|
@pulumi.getter(name="notBeforeDuration")
|
385
|
-
def not_before_duration(self) -> Optional[pulumi.Input[str]]:
|
386
|
+
def not_before_duration(self) -> Optional[pulumi.Input[builtins.str]]:
|
386
387
|
"""
|
387
388
|
Specifies the duration by which to backdate the NotBefore property.
|
388
389
|
"""
|
389
390
|
return pulumi.get(self, "not_before_duration")
|
390
391
|
|
391
392
|
@not_before_duration.setter
|
392
|
-
def not_before_duration(self, value: Optional[pulumi.Input[str]]):
|
393
|
+
def not_before_duration(self, value: Optional[pulumi.Input[builtins.str]]):
|
393
394
|
pulumi.set(self, "not_before_duration", value)
|
394
395
|
|
395
396
|
@property
|
396
397
|
@pulumi.getter
|
397
|
-
def organization(self) -> Optional[pulumi.Input[str]]:
|
398
|
+
def organization(self) -> Optional[pulumi.Input[builtins.str]]:
|
398
399
|
"""
|
399
400
|
The organization
|
400
401
|
"""
|
401
402
|
return pulumi.get(self, "organization")
|
402
403
|
|
403
404
|
@organization.setter
|
404
|
-
def organization(self, value: Optional[pulumi.Input[str]]):
|
405
|
+
def organization(self, value: Optional[pulumi.Input[builtins.str]]):
|
405
406
|
pulumi.set(self, "organization", value)
|
406
407
|
|
407
408
|
@property
|
408
409
|
@pulumi.getter(name="otherSans")
|
409
|
-
def other_sans(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
410
|
+
def other_sans(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
410
411
|
"""
|
411
412
|
List of other SANs
|
412
413
|
"""
|
413
414
|
return pulumi.get(self, "other_sans")
|
414
415
|
|
415
416
|
@other_sans.setter
|
416
|
-
def other_sans(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
417
|
+
def other_sans(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
417
418
|
pulumi.set(self, "other_sans", value)
|
418
419
|
|
419
420
|
@property
|
420
421
|
@pulumi.getter
|
421
|
-
def ou(self) -> Optional[pulumi.Input[str]]:
|
422
|
+
def ou(self) -> Optional[pulumi.Input[builtins.str]]:
|
422
423
|
"""
|
423
424
|
The organization unit
|
424
425
|
"""
|
425
426
|
return pulumi.get(self, "ou")
|
426
427
|
|
427
428
|
@ou.setter
|
428
|
-
def ou(self, value: Optional[pulumi.Input[str]]):
|
429
|
+
def ou(self, value: Optional[pulumi.Input[builtins.str]]):
|
429
430
|
pulumi.set(self, "ou", value)
|
430
431
|
|
431
432
|
@property
|
432
433
|
@pulumi.getter(name="permittedDnsDomains")
|
433
|
-
def permitted_dns_domains(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
434
|
+
def permitted_dns_domains(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
434
435
|
"""
|
435
436
|
List of domains for which certificates are allowed to be issued
|
436
437
|
"""
|
437
438
|
return pulumi.get(self, "permitted_dns_domains")
|
438
439
|
|
439
440
|
@permitted_dns_domains.setter
|
440
|
-
def permitted_dns_domains(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
441
|
+
def permitted_dns_domains(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
441
442
|
pulumi.set(self, "permitted_dns_domains", value)
|
442
443
|
|
443
444
|
@property
|
444
445
|
@pulumi.getter(name="permittedEmailAddresses")
|
445
|
-
def permitted_email_addresses(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
446
|
+
def permitted_email_addresses(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
446
447
|
"""
|
447
448
|
List of email addresses for which certificates are allowed to be issued. Requires Vault version 1.19+.
|
448
449
|
"""
|
449
450
|
return pulumi.get(self, "permitted_email_addresses")
|
450
451
|
|
451
452
|
@permitted_email_addresses.setter
|
452
|
-
def permitted_email_addresses(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
453
|
+
def permitted_email_addresses(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
453
454
|
pulumi.set(self, "permitted_email_addresses", value)
|
454
455
|
|
455
456
|
@property
|
456
457
|
@pulumi.getter(name="permittedIpRanges")
|
457
|
-
def permitted_ip_ranges(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
458
|
+
def permitted_ip_ranges(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
458
459
|
"""
|
459
460
|
List of IP ranges for which certificates are allowed to be issued. Requires Vault version 1.19+.
|
460
461
|
"""
|
461
462
|
return pulumi.get(self, "permitted_ip_ranges")
|
462
463
|
|
463
464
|
@permitted_ip_ranges.setter
|
464
|
-
def permitted_ip_ranges(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
465
|
+
def permitted_ip_ranges(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
465
466
|
pulumi.set(self, "permitted_ip_ranges", value)
|
466
467
|
|
467
468
|
@property
|
468
469
|
@pulumi.getter(name="permittedUriDomains")
|
469
|
-
def permitted_uri_domains(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
470
|
+
def permitted_uri_domains(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
470
471
|
"""
|
471
472
|
List of URI domains for which certificates are allowed to be issued. Requires Vault version 1.19+.
|
472
473
|
"""
|
473
474
|
return pulumi.get(self, "permitted_uri_domains")
|
474
475
|
|
475
476
|
@permitted_uri_domains.setter
|
476
|
-
def permitted_uri_domains(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
477
|
+
def permitted_uri_domains(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
477
478
|
pulumi.set(self, "permitted_uri_domains", value)
|
478
479
|
|
479
480
|
@property
|
480
481
|
@pulumi.getter(name="postalCode")
|
481
|
-
def postal_code(self) -> Optional[pulumi.Input[str]]:
|
482
|
+
def postal_code(self) -> Optional[pulumi.Input[builtins.str]]:
|
482
483
|
"""
|
483
484
|
The postal code
|
484
485
|
"""
|
485
486
|
return pulumi.get(self, "postal_code")
|
486
487
|
|
487
488
|
@postal_code.setter
|
488
|
-
def postal_code(self, value: Optional[pulumi.Input[str]]):
|
489
|
+
def postal_code(self, value: Optional[pulumi.Input[builtins.str]]):
|
489
490
|
pulumi.set(self, "postal_code", value)
|
490
491
|
|
491
492
|
@property
|
492
493
|
@pulumi.getter
|
493
|
-
def province(self) -> Optional[pulumi.Input[str]]:
|
494
|
+
def province(self) -> Optional[pulumi.Input[builtins.str]]:
|
494
495
|
"""
|
495
496
|
The province
|
496
497
|
"""
|
497
498
|
return pulumi.get(self, "province")
|
498
499
|
|
499
500
|
@province.setter
|
500
|
-
def province(self, value: Optional[pulumi.Input[str]]):
|
501
|
+
def province(self, value: Optional[pulumi.Input[builtins.str]]):
|
501
502
|
pulumi.set(self, "province", value)
|
502
503
|
|
503
504
|
@property
|
504
505
|
@pulumi.getter
|
505
|
-
def revoke(self) -> Optional[pulumi.Input[bool]]:
|
506
|
+
def revoke(self) -> Optional[pulumi.Input[builtins.bool]]:
|
506
507
|
"""
|
507
508
|
If set to `true`, the certificate will be revoked on resource destruction.
|
508
509
|
"""
|
509
510
|
return pulumi.get(self, "revoke")
|
510
511
|
|
511
512
|
@revoke.setter
|
512
|
-
def revoke(self, value: Optional[pulumi.Input[bool]]):
|
513
|
+
def revoke(self, value: Optional[pulumi.Input[builtins.bool]]):
|
513
514
|
pulumi.set(self, "revoke", value)
|
514
515
|
|
515
516
|
@property
|
516
517
|
@pulumi.getter(name="signatureBits")
|
517
|
-
def signature_bits(self) -> Optional[pulumi.Input[int]]:
|
518
|
+
def signature_bits(self) -> Optional[pulumi.Input[builtins.int]]:
|
518
519
|
"""
|
519
520
|
The number of bits to use in the signature algorithm
|
520
521
|
"""
|
521
522
|
return pulumi.get(self, "signature_bits")
|
522
523
|
|
523
524
|
@signature_bits.setter
|
524
|
-
def signature_bits(self, value: Optional[pulumi.Input[int]]):
|
525
|
+
def signature_bits(self, value: Optional[pulumi.Input[builtins.int]]):
|
525
526
|
pulumi.set(self, "signature_bits", value)
|
526
527
|
|
527
528
|
@property
|
528
529
|
@pulumi.getter
|
529
|
-
def skid(self) -> Optional[pulumi.Input[str]]:
|
530
|
+
def skid(self) -> Optional[pulumi.Input[builtins.str]]:
|
530
531
|
"""
|
531
532
|
Value for the Subject Key Identifier field (RFC 5280 Section 4.2.1.2). Specified as a string in hex format.
|
532
533
|
"""
|
533
534
|
return pulumi.get(self, "skid")
|
534
535
|
|
535
536
|
@skid.setter
|
536
|
-
def skid(self, value: Optional[pulumi.Input[str]]):
|
537
|
+
def skid(self, value: Optional[pulumi.Input[builtins.str]]):
|
537
538
|
pulumi.set(self, "skid", value)
|
538
539
|
|
539
540
|
@property
|
540
541
|
@pulumi.getter(name="streetAddress")
|
541
|
-
def street_address(self) -> Optional[pulumi.Input[str]]:
|
542
|
+
def street_address(self) -> Optional[pulumi.Input[builtins.str]]:
|
542
543
|
"""
|
543
544
|
The street address
|
544
545
|
"""
|
545
546
|
return pulumi.get(self, "street_address")
|
546
547
|
|
547
548
|
@street_address.setter
|
548
|
-
def street_address(self, value: Optional[pulumi.Input[str]]):
|
549
|
+
def street_address(self, value: Optional[pulumi.Input[builtins.str]]):
|
549
550
|
pulumi.set(self, "street_address", value)
|
550
551
|
|
551
552
|
@property
|
552
553
|
@pulumi.getter
|
553
|
-
def ttl(self) -> Optional[pulumi.Input[str]]:
|
554
|
+
def ttl(self) -> Optional[pulumi.Input[builtins.str]]:
|
554
555
|
"""
|
555
556
|
Time to live
|
556
557
|
"""
|
557
558
|
return pulumi.get(self, "ttl")
|
558
559
|
|
559
560
|
@ttl.setter
|
560
|
-
def ttl(self, value: Optional[pulumi.Input[str]]):
|
561
|
+
def ttl(self, value: Optional[pulumi.Input[builtins.str]]):
|
561
562
|
pulumi.set(self, "ttl", value)
|
562
563
|
|
563
564
|
@property
|
564
565
|
@pulumi.getter(name="uriSans")
|
565
|
-
def uri_sans(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
566
|
+
def uri_sans(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
566
567
|
"""
|
567
568
|
List of alternative URIs
|
568
569
|
"""
|
569
570
|
return pulumi.get(self, "uri_sans")
|
570
571
|
|
571
572
|
@uri_sans.setter
|
572
|
-
def uri_sans(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
573
|
+
def uri_sans(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
573
574
|
pulumi.set(self, "uri_sans", value)
|
574
575
|
|
575
576
|
@property
|
576
577
|
@pulumi.getter(name="useCsrValues")
|
577
|
-
def use_csr_values(self) -> Optional[pulumi.Input[bool]]:
|
578
|
+
def use_csr_values(self) -> Optional[pulumi.Input[builtins.bool]]:
|
578
579
|
"""
|
579
580
|
Preserve CSR values
|
580
581
|
"""
|
581
582
|
return pulumi.get(self, "use_csr_values")
|
582
583
|
|
583
584
|
@use_csr_values.setter
|
584
|
-
def use_csr_values(self, value: Optional[pulumi.Input[bool]]):
|
585
|
+
def use_csr_values(self, value: Optional[pulumi.Input[builtins.bool]]):
|
585
586
|
pulumi.set(self, "use_csr_values", value)
|
586
587
|
|
587
588
|
@property
|
588
589
|
@pulumi.getter(name="usePss")
|
589
|
-
def use_pss(self) -> Optional[pulumi.Input[bool]]:
|
590
|
+
def use_pss(self) -> Optional[pulumi.Input[builtins.bool]]:
|
590
591
|
"""
|
591
592
|
Specifies whether or not to use PSS signatures over PKCS#1v1.5 signatures when a RSA-type issuer is used.
|
592
593
|
"""
|
593
594
|
return pulumi.get(self, "use_pss")
|
594
595
|
|
595
596
|
@use_pss.setter
|
596
|
-
def use_pss(self, value: Optional[pulumi.Input[bool]]):
|
597
|
+
def use_pss(self, value: Optional[pulumi.Input[builtins.bool]]):
|
597
598
|
pulumi.set(self, "use_pss", value)
|
598
599
|
|
599
600
|
|
600
601
|
@pulumi.input_type
|
601
602
|
class _SecretBackendRootSignIntermediateState:
|
602
603
|
def __init__(__self__, *,
|
603
|
-
alt_names: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
604
|
-
backend: Optional[pulumi.Input[str]] = None,
|
605
|
-
ca_chains: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
606
|
-
certificate: Optional[pulumi.Input[str]] = None,
|
607
|
-
certificate_bundle: Optional[pulumi.Input[str]] = None,
|
608
|
-
common_name: Optional[pulumi.Input[str]] = None,
|
609
|
-
country: Optional[pulumi.Input[str]] = None,
|
610
|
-
csr: Optional[pulumi.Input[str]] = None,
|
611
|
-
exclude_cn_from_sans: Optional[pulumi.Input[bool]] = None,
|
612
|
-
excluded_dns_domains: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
613
|
-
excluded_email_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
614
|
-
excluded_ip_ranges: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
615
|
-
excluded_uri_domains: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
616
|
-
format: Optional[pulumi.Input[str]] = None,
|
617
|
-
ip_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
618
|
-
issuer_ref: Optional[pulumi.Input[str]] = None,
|
619
|
-
issuing_ca: Optional[pulumi.Input[str]] = None,
|
620
|
-
locality: Optional[pulumi.Input[str]] = None,
|
621
|
-
max_path_length: Optional[pulumi.Input[int]] = None,
|
622
|
-
namespace: Optional[pulumi.Input[str]] = None,
|
623
|
-
not_after: Optional[pulumi.Input[str]] = None,
|
624
|
-
not_before_duration: Optional[pulumi.Input[str]] = None,
|
625
|
-
organization: Optional[pulumi.Input[str]] = None,
|
626
|
-
other_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
627
|
-
ou: Optional[pulumi.Input[str]] = None,
|
628
|
-
permitted_dns_domains: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
629
|
-
permitted_email_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
630
|
-
permitted_ip_ranges: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
631
|
-
permitted_uri_domains: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
632
|
-
postal_code: Optional[pulumi.Input[str]] = None,
|
633
|
-
province: Optional[pulumi.Input[str]] = None,
|
634
|
-
revoke: Optional[pulumi.Input[bool]] = None,
|
635
|
-
serial_number: Optional[pulumi.Input[str]] = None,
|
636
|
-
signature_bits: Optional[pulumi.Input[int]] = None,
|
637
|
-
skid: Optional[pulumi.Input[str]] = None,
|
638
|
-
street_address: Optional[pulumi.Input[str]] = None,
|
639
|
-
ttl: Optional[pulumi.Input[str]] = None,
|
640
|
-
uri_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
641
|
-
use_csr_values: Optional[pulumi.Input[bool]] = None,
|
642
|
-
use_pss: Optional[pulumi.Input[bool]] = None):
|
604
|
+
alt_names: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
605
|
+
backend: Optional[pulumi.Input[builtins.str]] = None,
|
606
|
+
ca_chains: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
607
|
+
certificate: Optional[pulumi.Input[builtins.str]] = None,
|
608
|
+
certificate_bundle: Optional[pulumi.Input[builtins.str]] = None,
|
609
|
+
common_name: Optional[pulumi.Input[builtins.str]] = None,
|
610
|
+
country: Optional[pulumi.Input[builtins.str]] = None,
|
611
|
+
csr: Optional[pulumi.Input[builtins.str]] = None,
|
612
|
+
exclude_cn_from_sans: Optional[pulumi.Input[builtins.bool]] = None,
|
613
|
+
excluded_dns_domains: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
614
|
+
excluded_email_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
615
|
+
excluded_ip_ranges: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
616
|
+
excluded_uri_domains: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
617
|
+
format: Optional[pulumi.Input[builtins.str]] = None,
|
618
|
+
ip_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
619
|
+
issuer_ref: Optional[pulumi.Input[builtins.str]] = None,
|
620
|
+
issuing_ca: Optional[pulumi.Input[builtins.str]] = None,
|
621
|
+
locality: Optional[pulumi.Input[builtins.str]] = None,
|
622
|
+
max_path_length: Optional[pulumi.Input[builtins.int]] = None,
|
623
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None,
|
624
|
+
not_after: Optional[pulumi.Input[builtins.str]] = None,
|
625
|
+
not_before_duration: Optional[pulumi.Input[builtins.str]] = None,
|
626
|
+
organization: Optional[pulumi.Input[builtins.str]] = None,
|
627
|
+
other_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
628
|
+
ou: Optional[pulumi.Input[builtins.str]] = None,
|
629
|
+
permitted_dns_domains: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
630
|
+
permitted_email_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
631
|
+
permitted_ip_ranges: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
632
|
+
permitted_uri_domains: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
633
|
+
postal_code: Optional[pulumi.Input[builtins.str]] = None,
|
634
|
+
province: Optional[pulumi.Input[builtins.str]] = None,
|
635
|
+
revoke: Optional[pulumi.Input[builtins.bool]] = None,
|
636
|
+
serial_number: Optional[pulumi.Input[builtins.str]] = None,
|
637
|
+
signature_bits: Optional[pulumi.Input[builtins.int]] = None,
|
638
|
+
skid: Optional[pulumi.Input[builtins.str]] = None,
|
639
|
+
street_address: Optional[pulumi.Input[builtins.str]] = None,
|
640
|
+
ttl: Optional[pulumi.Input[builtins.str]] = None,
|
641
|
+
uri_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
642
|
+
use_csr_values: Optional[pulumi.Input[builtins.bool]] = None,
|
643
|
+
use_pss: Optional[pulumi.Input[builtins.bool]] = None):
|
643
644
|
"""
|
644
645
|
Input properties used for looking up and filtering SecretBackendRootSignIntermediate resources.
|
645
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] alt_names: List of alternative names
|
646
|
-
:param pulumi.Input[str] backend: The PKI secret backend the resource belongs to.
|
647
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] ca_chains: A list of the issuing and intermediate CA certificates in the `format` specified.
|
648
|
-
:param pulumi.Input[str] certificate: The intermediate CA certificate in the `format` specified.
|
649
|
-
:param pulumi.Input[str] certificate_bundle: The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded).
|
646
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] alt_names: List of alternative names
|
647
|
+
:param pulumi.Input[builtins.str] backend: The PKI secret backend the resource belongs to.
|
648
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] ca_chains: A list of the issuing and intermediate CA certificates in the `format` specified.
|
649
|
+
:param pulumi.Input[builtins.str] certificate: The intermediate CA certificate in the `format` specified.
|
650
|
+
:param pulumi.Input[builtins.str] certificate_bundle: The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded).
|
650
651
|
Requires the `format` to be set to any of: pem, pem_bundle. The value will be empty for all other formats.
|
651
|
-
:param pulumi.Input[str] common_name: CN of intermediate to create
|
652
|
-
:param pulumi.Input[str] country: The country
|
653
|
-
:param pulumi.Input[str] csr: The CSR
|
654
|
-
:param pulumi.Input[bool] exclude_cn_from_sans: Flag to exclude CN from SANs
|
655
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] excluded_dns_domains: List of domains for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
656
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] excluded_email_addresses: List of email addresses for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
657
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] excluded_ip_ranges: List of IP ranges for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
658
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] excluded_uri_domains: List of URI domains for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
659
|
-
:param pulumi.Input[str] format: The format of data
|
660
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] ip_sans: List of alternative IPs
|
661
|
-
:param pulumi.Input[str] issuer_ref: Specifies the default issuer of this request. May
|
652
|
+
:param pulumi.Input[builtins.str] common_name: CN of intermediate to create
|
653
|
+
:param pulumi.Input[builtins.str] country: The country
|
654
|
+
:param pulumi.Input[builtins.str] csr: The CSR
|
655
|
+
:param pulumi.Input[builtins.bool] exclude_cn_from_sans: Flag to exclude CN from SANs
|
656
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] excluded_dns_domains: List of domains for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
657
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] excluded_email_addresses: List of email addresses for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
658
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] excluded_ip_ranges: List of IP ranges for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
659
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] excluded_uri_domains: List of URI domains for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
660
|
+
:param pulumi.Input[builtins.str] format: The format of data
|
661
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] ip_sans: List of alternative IPs
|
662
|
+
:param pulumi.Input[builtins.str] issuer_ref: Specifies the default issuer of this request. May
|
662
663
|
be the value `default`, a name, or an issuer ID. Use ACLs to prevent access to
|
663
664
|
the `/pki/issuer/:issuer_ref/{issue,sign}/:name` paths to prevent users
|
664
665
|
overriding the role's `issuer_ref` value.
|
665
|
-
:param pulumi.Input[str] issuing_ca: The issuing CA certificate in the `format` specified.
|
666
|
-
:param pulumi.Input[str] locality: The locality
|
667
|
-
:param pulumi.Input[int] max_path_length: The maximum path length to encode in the generated certificate
|
668
|
-
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
666
|
+
:param pulumi.Input[builtins.str] issuing_ca: The issuing CA certificate in the `format` specified.
|
667
|
+
:param pulumi.Input[builtins.str] locality: The locality
|
668
|
+
:param pulumi.Input[builtins.int] max_path_length: The maximum path length to encode in the generated certificate
|
669
|
+
:param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
|
669
670
|
The value should not contain leading or trailing forward slashes.
|
670
671
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
671
672
|
*Available only for Vault Enterprise*.
|
672
|
-
:param pulumi.Input[str] not_after: Set the Not After field of the certificate with specified date value.
|
673
|
+
:param pulumi.Input[builtins.str] not_after: Set the Not After field of the certificate with specified date value.
|
673
674
|
The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ. Supports the Y10K end date
|
674
675
|
for IEEE 802.1AR-2018 standard devices, 9999-12-31T23:59:59Z.
|
675
|
-
:param pulumi.Input[str] not_before_duration: Specifies the duration by which to backdate the NotBefore property.
|
676
|
-
:param pulumi.Input[str] organization: The organization
|
677
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] other_sans: List of other SANs
|
678
|
-
:param pulumi.Input[str] ou: The organization unit
|
679
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] permitted_dns_domains: List of domains for which certificates are allowed to be issued
|
680
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] permitted_email_addresses: List of email addresses for which certificates are allowed to be issued. Requires Vault version 1.19+.
|
681
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] permitted_ip_ranges: List of IP ranges for which certificates are allowed to be issued. Requires Vault version 1.19+.
|
682
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] permitted_uri_domains: List of URI domains for which certificates are allowed to be issued. Requires Vault version 1.19+.
|
683
|
-
:param pulumi.Input[str] postal_code: The postal code
|
684
|
-
:param pulumi.Input[str] province: The province
|
685
|
-
:param pulumi.Input[bool] revoke: If set to `true`, the certificate will be revoked on resource destruction.
|
686
|
-
:param pulumi.Input[str] serial_number: The certificate's serial number, hex formatted.
|
687
|
-
:param pulumi.Input[int] signature_bits: The number of bits to use in the signature algorithm
|
688
|
-
:param pulumi.Input[str] skid: Value for the Subject Key Identifier field (RFC 5280 Section 4.2.1.2). Specified as a string in hex format.
|
689
|
-
:param pulumi.Input[str] street_address: The street address
|
690
|
-
:param pulumi.Input[str] ttl: Time to live
|
691
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] uri_sans: List of alternative URIs
|
692
|
-
:param pulumi.Input[bool] use_csr_values: Preserve CSR values
|
693
|
-
:param pulumi.Input[bool] use_pss: Specifies whether or not to use PSS signatures over PKCS#1v1.5 signatures when a RSA-type issuer is used.
|
676
|
+
:param pulumi.Input[builtins.str] not_before_duration: Specifies the duration by which to backdate the NotBefore property.
|
677
|
+
:param pulumi.Input[builtins.str] organization: The organization
|
678
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] other_sans: List of other SANs
|
679
|
+
:param pulumi.Input[builtins.str] ou: The organization unit
|
680
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] permitted_dns_domains: List of domains for which certificates are allowed to be issued
|
681
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] permitted_email_addresses: List of email addresses for which certificates are allowed to be issued. Requires Vault version 1.19+.
|
682
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] permitted_ip_ranges: List of IP ranges for which certificates are allowed to be issued. Requires Vault version 1.19+.
|
683
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] permitted_uri_domains: List of URI domains for which certificates are allowed to be issued. Requires Vault version 1.19+.
|
684
|
+
:param pulumi.Input[builtins.str] postal_code: The postal code
|
685
|
+
:param pulumi.Input[builtins.str] province: The province
|
686
|
+
:param pulumi.Input[builtins.bool] revoke: If set to `true`, the certificate will be revoked on resource destruction.
|
687
|
+
:param pulumi.Input[builtins.str] serial_number: The certificate's serial number, hex formatted.
|
688
|
+
:param pulumi.Input[builtins.int] signature_bits: The number of bits to use in the signature algorithm
|
689
|
+
:param pulumi.Input[builtins.str] skid: Value for the Subject Key Identifier field (RFC 5280 Section 4.2.1.2). Specified as a string in hex format.
|
690
|
+
:param pulumi.Input[builtins.str] street_address: The street address
|
691
|
+
:param pulumi.Input[builtins.str] ttl: Time to live
|
692
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] uri_sans: List of alternative URIs
|
693
|
+
:param pulumi.Input[builtins.bool] use_csr_values: Preserve CSR values
|
694
|
+
:param pulumi.Input[builtins.bool] use_pss: Specifies whether or not to use PSS signatures over PKCS#1v1.5 signatures when a RSA-type issuer is used.
|
694
695
|
"""
|
695
696
|
if alt_names is not None:
|
696
697
|
pulumi.set(__self__, "alt_names", alt_names)
|
@@ -775,55 +776,55 @@ class _SecretBackendRootSignIntermediateState:
|
|
775
776
|
|
776
777
|
@property
|
777
778
|
@pulumi.getter(name="altNames")
|
778
|
-
def alt_names(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
779
|
+
def alt_names(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
779
780
|
"""
|
780
781
|
List of alternative names
|
781
782
|
"""
|
782
783
|
return pulumi.get(self, "alt_names")
|
783
784
|
|
784
785
|
@alt_names.setter
|
785
|
-
def alt_names(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
786
|
+
def alt_names(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
786
787
|
pulumi.set(self, "alt_names", value)
|
787
788
|
|
788
789
|
@property
|
789
790
|
@pulumi.getter
|
790
|
-
def backend(self) -> Optional[pulumi.Input[str]]:
|
791
|
+
def backend(self) -> Optional[pulumi.Input[builtins.str]]:
|
791
792
|
"""
|
792
793
|
The PKI secret backend the resource belongs to.
|
793
794
|
"""
|
794
795
|
return pulumi.get(self, "backend")
|
795
796
|
|
796
797
|
@backend.setter
|
797
|
-
def backend(self, value: Optional[pulumi.Input[str]]):
|
798
|
+
def backend(self, value: Optional[pulumi.Input[builtins.str]]):
|
798
799
|
pulumi.set(self, "backend", value)
|
799
800
|
|
800
801
|
@property
|
801
802
|
@pulumi.getter(name="caChains")
|
802
|
-
def ca_chains(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
803
|
+
def ca_chains(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
803
804
|
"""
|
804
805
|
A list of the issuing and intermediate CA certificates in the `format` specified.
|
805
806
|
"""
|
806
807
|
return pulumi.get(self, "ca_chains")
|
807
808
|
|
808
809
|
@ca_chains.setter
|
809
|
-
def ca_chains(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
810
|
+
def ca_chains(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
810
811
|
pulumi.set(self, "ca_chains", value)
|
811
812
|
|
812
813
|
@property
|
813
814
|
@pulumi.getter
|
814
|
-
def certificate(self) -> Optional[pulumi.Input[str]]:
|
815
|
+
def certificate(self) -> Optional[pulumi.Input[builtins.str]]:
|
815
816
|
"""
|
816
817
|
The intermediate CA certificate in the `format` specified.
|
817
818
|
"""
|
818
819
|
return pulumi.get(self, "certificate")
|
819
820
|
|
820
821
|
@certificate.setter
|
821
|
-
def certificate(self, value: Optional[pulumi.Input[str]]):
|
822
|
+
def certificate(self, value: Optional[pulumi.Input[builtins.str]]):
|
822
823
|
pulumi.set(self, "certificate", value)
|
823
824
|
|
824
825
|
@property
|
825
826
|
@pulumi.getter(name="certificateBundle")
|
826
|
-
def certificate_bundle(self) -> Optional[pulumi.Input[str]]:
|
827
|
+
def certificate_bundle(self) -> Optional[pulumi.Input[builtins.str]]:
|
827
828
|
"""
|
828
829
|
The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded).
|
829
830
|
Requires the `format` to be set to any of: pem, pem_bundle. The value will be empty for all other formats.
|
@@ -831,132 +832,132 @@ class _SecretBackendRootSignIntermediateState:
|
|
831
832
|
return pulumi.get(self, "certificate_bundle")
|
832
833
|
|
833
834
|
@certificate_bundle.setter
|
834
|
-
def certificate_bundle(self, value: Optional[pulumi.Input[str]]):
|
835
|
+
def certificate_bundle(self, value: Optional[pulumi.Input[builtins.str]]):
|
835
836
|
pulumi.set(self, "certificate_bundle", value)
|
836
837
|
|
837
838
|
@property
|
838
839
|
@pulumi.getter(name="commonName")
|
839
|
-
def common_name(self) -> Optional[pulumi.Input[str]]:
|
840
|
+
def common_name(self) -> Optional[pulumi.Input[builtins.str]]:
|
840
841
|
"""
|
841
842
|
CN of intermediate to create
|
842
843
|
"""
|
843
844
|
return pulumi.get(self, "common_name")
|
844
845
|
|
845
846
|
@common_name.setter
|
846
|
-
def common_name(self, value: Optional[pulumi.Input[str]]):
|
847
|
+
def common_name(self, value: Optional[pulumi.Input[builtins.str]]):
|
847
848
|
pulumi.set(self, "common_name", value)
|
848
849
|
|
849
850
|
@property
|
850
851
|
@pulumi.getter
|
851
|
-
def country(self) -> Optional[pulumi.Input[str]]:
|
852
|
+
def country(self) -> Optional[pulumi.Input[builtins.str]]:
|
852
853
|
"""
|
853
854
|
The country
|
854
855
|
"""
|
855
856
|
return pulumi.get(self, "country")
|
856
857
|
|
857
858
|
@country.setter
|
858
|
-
def country(self, value: Optional[pulumi.Input[str]]):
|
859
|
+
def country(self, value: Optional[pulumi.Input[builtins.str]]):
|
859
860
|
pulumi.set(self, "country", value)
|
860
861
|
|
861
862
|
@property
|
862
863
|
@pulumi.getter
|
863
|
-
def csr(self) -> Optional[pulumi.Input[str]]:
|
864
|
+
def csr(self) -> Optional[pulumi.Input[builtins.str]]:
|
864
865
|
"""
|
865
866
|
The CSR
|
866
867
|
"""
|
867
868
|
return pulumi.get(self, "csr")
|
868
869
|
|
869
870
|
@csr.setter
|
870
|
-
def csr(self, value: Optional[pulumi.Input[str]]):
|
871
|
+
def csr(self, value: Optional[pulumi.Input[builtins.str]]):
|
871
872
|
pulumi.set(self, "csr", value)
|
872
873
|
|
873
874
|
@property
|
874
875
|
@pulumi.getter(name="excludeCnFromSans")
|
875
|
-
def exclude_cn_from_sans(self) -> Optional[pulumi.Input[bool]]:
|
876
|
+
def exclude_cn_from_sans(self) -> Optional[pulumi.Input[builtins.bool]]:
|
876
877
|
"""
|
877
878
|
Flag to exclude CN from SANs
|
878
879
|
"""
|
879
880
|
return pulumi.get(self, "exclude_cn_from_sans")
|
880
881
|
|
881
882
|
@exclude_cn_from_sans.setter
|
882
|
-
def exclude_cn_from_sans(self, value: Optional[pulumi.Input[bool]]):
|
883
|
+
def exclude_cn_from_sans(self, value: Optional[pulumi.Input[builtins.bool]]):
|
883
884
|
pulumi.set(self, "exclude_cn_from_sans", value)
|
884
885
|
|
885
886
|
@property
|
886
887
|
@pulumi.getter(name="excludedDnsDomains")
|
887
|
-
def excluded_dns_domains(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
888
|
+
def excluded_dns_domains(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
888
889
|
"""
|
889
890
|
List of domains for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
890
891
|
"""
|
891
892
|
return pulumi.get(self, "excluded_dns_domains")
|
892
893
|
|
893
894
|
@excluded_dns_domains.setter
|
894
|
-
def excluded_dns_domains(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
895
|
+
def excluded_dns_domains(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
895
896
|
pulumi.set(self, "excluded_dns_domains", value)
|
896
897
|
|
897
898
|
@property
|
898
899
|
@pulumi.getter(name="excludedEmailAddresses")
|
899
|
-
def excluded_email_addresses(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
900
|
+
def excluded_email_addresses(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
900
901
|
"""
|
901
902
|
List of email addresses for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
902
903
|
"""
|
903
904
|
return pulumi.get(self, "excluded_email_addresses")
|
904
905
|
|
905
906
|
@excluded_email_addresses.setter
|
906
|
-
def excluded_email_addresses(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
907
|
+
def excluded_email_addresses(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
907
908
|
pulumi.set(self, "excluded_email_addresses", value)
|
908
909
|
|
909
910
|
@property
|
910
911
|
@pulumi.getter(name="excludedIpRanges")
|
911
|
-
def excluded_ip_ranges(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
912
|
+
def excluded_ip_ranges(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
912
913
|
"""
|
913
914
|
List of IP ranges for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
914
915
|
"""
|
915
916
|
return pulumi.get(self, "excluded_ip_ranges")
|
916
917
|
|
917
918
|
@excluded_ip_ranges.setter
|
918
|
-
def excluded_ip_ranges(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
919
|
+
def excluded_ip_ranges(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
919
920
|
pulumi.set(self, "excluded_ip_ranges", value)
|
920
921
|
|
921
922
|
@property
|
922
923
|
@pulumi.getter(name="excludedUriDomains")
|
923
|
-
def excluded_uri_domains(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
924
|
+
def excluded_uri_domains(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
924
925
|
"""
|
925
926
|
List of URI domains for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
926
927
|
"""
|
927
928
|
return pulumi.get(self, "excluded_uri_domains")
|
928
929
|
|
929
930
|
@excluded_uri_domains.setter
|
930
|
-
def excluded_uri_domains(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
931
|
+
def excluded_uri_domains(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
931
932
|
pulumi.set(self, "excluded_uri_domains", value)
|
932
933
|
|
933
934
|
@property
|
934
935
|
@pulumi.getter
|
935
|
-
def format(self) -> Optional[pulumi.Input[str]]:
|
936
|
+
def format(self) -> Optional[pulumi.Input[builtins.str]]:
|
936
937
|
"""
|
937
938
|
The format of data
|
938
939
|
"""
|
939
940
|
return pulumi.get(self, "format")
|
940
941
|
|
941
942
|
@format.setter
|
942
|
-
def format(self, value: Optional[pulumi.Input[str]]):
|
943
|
+
def format(self, value: Optional[pulumi.Input[builtins.str]]):
|
943
944
|
pulumi.set(self, "format", value)
|
944
945
|
|
945
946
|
@property
|
946
947
|
@pulumi.getter(name="ipSans")
|
947
|
-
def ip_sans(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
948
|
+
def ip_sans(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
948
949
|
"""
|
949
950
|
List of alternative IPs
|
950
951
|
"""
|
951
952
|
return pulumi.get(self, "ip_sans")
|
952
953
|
|
953
954
|
@ip_sans.setter
|
954
|
-
def ip_sans(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
955
|
+
def ip_sans(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
955
956
|
pulumi.set(self, "ip_sans", value)
|
956
957
|
|
957
958
|
@property
|
958
959
|
@pulumi.getter(name="issuerRef")
|
959
|
-
def issuer_ref(self) -> Optional[pulumi.Input[str]]:
|
960
|
+
def issuer_ref(self) -> Optional[pulumi.Input[builtins.str]]:
|
960
961
|
"""
|
961
962
|
Specifies the default issuer of this request. May
|
962
963
|
be the value `default`, a name, or an issuer ID. Use ACLs to prevent access to
|
@@ -966,48 +967,48 @@ class _SecretBackendRootSignIntermediateState:
|
|
966
967
|
return pulumi.get(self, "issuer_ref")
|
967
968
|
|
968
969
|
@issuer_ref.setter
|
969
|
-
def issuer_ref(self, value: Optional[pulumi.Input[str]]):
|
970
|
+
def issuer_ref(self, value: Optional[pulumi.Input[builtins.str]]):
|
970
971
|
pulumi.set(self, "issuer_ref", value)
|
971
972
|
|
972
973
|
@property
|
973
974
|
@pulumi.getter(name="issuingCa")
|
974
|
-
def issuing_ca(self) -> Optional[pulumi.Input[str]]:
|
975
|
+
def issuing_ca(self) -> Optional[pulumi.Input[builtins.str]]:
|
975
976
|
"""
|
976
977
|
The issuing CA certificate in the `format` specified.
|
977
978
|
"""
|
978
979
|
return pulumi.get(self, "issuing_ca")
|
979
980
|
|
980
981
|
@issuing_ca.setter
|
981
|
-
def issuing_ca(self, value: Optional[pulumi.Input[str]]):
|
982
|
+
def issuing_ca(self, value: Optional[pulumi.Input[builtins.str]]):
|
982
983
|
pulumi.set(self, "issuing_ca", value)
|
983
984
|
|
984
985
|
@property
|
985
986
|
@pulumi.getter
|
986
|
-
def locality(self) -> Optional[pulumi.Input[str]]:
|
987
|
+
def locality(self) -> Optional[pulumi.Input[builtins.str]]:
|
987
988
|
"""
|
988
989
|
The locality
|
989
990
|
"""
|
990
991
|
return pulumi.get(self, "locality")
|
991
992
|
|
992
993
|
@locality.setter
|
993
|
-
def locality(self, value: Optional[pulumi.Input[str]]):
|
994
|
+
def locality(self, value: Optional[pulumi.Input[builtins.str]]):
|
994
995
|
pulumi.set(self, "locality", value)
|
995
996
|
|
996
997
|
@property
|
997
998
|
@pulumi.getter(name="maxPathLength")
|
998
|
-
def max_path_length(self) -> Optional[pulumi.Input[int]]:
|
999
|
+
def max_path_length(self) -> Optional[pulumi.Input[builtins.int]]:
|
999
1000
|
"""
|
1000
1001
|
The maximum path length to encode in the generated certificate
|
1001
1002
|
"""
|
1002
1003
|
return pulumi.get(self, "max_path_length")
|
1003
1004
|
|
1004
1005
|
@max_path_length.setter
|
1005
|
-
def max_path_length(self, value: Optional[pulumi.Input[int]]):
|
1006
|
+
def max_path_length(self, value: Optional[pulumi.Input[builtins.int]]):
|
1006
1007
|
pulumi.set(self, "max_path_length", value)
|
1007
1008
|
|
1008
1009
|
@property
|
1009
1010
|
@pulumi.getter
|
1010
|
-
def namespace(self) -> Optional[pulumi.Input[str]]:
|
1011
|
+
def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
|
1011
1012
|
"""
|
1012
1013
|
The namespace to provision the resource in.
|
1013
1014
|
The value should not contain leading or trailing forward slashes.
|
@@ -1017,12 +1018,12 @@ class _SecretBackendRootSignIntermediateState:
|
|
1017
1018
|
return pulumi.get(self, "namespace")
|
1018
1019
|
|
1019
1020
|
@namespace.setter
|
1020
|
-
def namespace(self, value: Optional[pulumi.Input[str]]):
|
1021
|
+
def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
|
1021
1022
|
pulumi.set(self, "namespace", value)
|
1022
1023
|
|
1023
1024
|
@property
|
1024
1025
|
@pulumi.getter(name="notAfter")
|
1025
|
-
def not_after(self) -> Optional[pulumi.Input[str]]:
|
1026
|
+
def not_after(self) -> Optional[pulumi.Input[builtins.str]]:
|
1026
1027
|
"""
|
1027
1028
|
Set the Not After field of the certificate with specified date value.
|
1028
1029
|
The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ. Supports the Y10K end date
|
@@ -1031,235 +1032,235 @@ class _SecretBackendRootSignIntermediateState:
|
|
1031
1032
|
return pulumi.get(self, "not_after")
|
1032
1033
|
|
1033
1034
|
@not_after.setter
|
1034
|
-
def not_after(self, value: Optional[pulumi.Input[str]]):
|
1035
|
+
def not_after(self, value: Optional[pulumi.Input[builtins.str]]):
|
1035
1036
|
pulumi.set(self, "not_after", value)
|
1036
1037
|
|
1037
1038
|
@property
|
1038
1039
|
@pulumi.getter(name="notBeforeDuration")
|
1039
|
-
def not_before_duration(self) -> Optional[pulumi.Input[str]]:
|
1040
|
+
def not_before_duration(self) -> Optional[pulumi.Input[builtins.str]]:
|
1040
1041
|
"""
|
1041
1042
|
Specifies the duration by which to backdate the NotBefore property.
|
1042
1043
|
"""
|
1043
1044
|
return pulumi.get(self, "not_before_duration")
|
1044
1045
|
|
1045
1046
|
@not_before_duration.setter
|
1046
|
-
def not_before_duration(self, value: Optional[pulumi.Input[str]]):
|
1047
|
+
def not_before_duration(self, value: Optional[pulumi.Input[builtins.str]]):
|
1047
1048
|
pulumi.set(self, "not_before_duration", value)
|
1048
1049
|
|
1049
1050
|
@property
|
1050
1051
|
@pulumi.getter
|
1051
|
-
def organization(self) -> Optional[pulumi.Input[str]]:
|
1052
|
+
def organization(self) -> Optional[pulumi.Input[builtins.str]]:
|
1052
1053
|
"""
|
1053
1054
|
The organization
|
1054
1055
|
"""
|
1055
1056
|
return pulumi.get(self, "organization")
|
1056
1057
|
|
1057
1058
|
@organization.setter
|
1058
|
-
def organization(self, value: Optional[pulumi.Input[str]]):
|
1059
|
+
def organization(self, value: Optional[pulumi.Input[builtins.str]]):
|
1059
1060
|
pulumi.set(self, "organization", value)
|
1060
1061
|
|
1061
1062
|
@property
|
1062
1063
|
@pulumi.getter(name="otherSans")
|
1063
|
-
def other_sans(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
1064
|
+
def other_sans(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
1064
1065
|
"""
|
1065
1066
|
List of other SANs
|
1066
1067
|
"""
|
1067
1068
|
return pulumi.get(self, "other_sans")
|
1068
1069
|
|
1069
1070
|
@other_sans.setter
|
1070
|
-
def other_sans(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
1071
|
+
def other_sans(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
1071
1072
|
pulumi.set(self, "other_sans", value)
|
1072
1073
|
|
1073
1074
|
@property
|
1074
1075
|
@pulumi.getter
|
1075
|
-
def ou(self) -> Optional[pulumi.Input[str]]:
|
1076
|
+
def ou(self) -> Optional[pulumi.Input[builtins.str]]:
|
1076
1077
|
"""
|
1077
1078
|
The organization unit
|
1078
1079
|
"""
|
1079
1080
|
return pulumi.get(self, "ou")
|
1080
1081
|
|
1081
1082
|
@ou.setter
|
1082
|
-
def ou(self, value: Optional[pulumi.Input[str]]):
|
1083
|
+
def ou(self, value: Optional[pulumi.Input[builtins.str]]):
|
1083
1084
|
pulumi.set(self, "ou", value)
|
1084
1085
|
|
1085
1086
|
@property
|
1086
1087
|
@pulumi.getter(name="permittedDnsDomains")
|
1087
|
-
def permitted_dns_domains(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
1088
|
+
def permitted_dns_domains(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
1088
1089
|
"""
|
1089
1090
|
List of domains for which certificates are allowed to be issued
|
1090
1091
|
"""
|
1091
1092
|
return pulumi.get(self, "permitted_dns_domains")
|
1092
1093
|
|
1093
1094
|
@permitted_dns_domains.setter
|
1094
|
-
def permitted_dns_domains(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
1095
|
+
def permitted_dns_domains(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
1095
1096
|
pulumi.set(self, "permitted_dns_domains", value)
|
1096
1097
|
|
1097
1098
|
@property
|
1098
1099
|
@pulumi.getter(name="permittedEmailAddresses")
|
1099
|
-
def permitted_email_addresses(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
1100
|
+
def permitted_email_addresses(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
1100
1101
|
"""
|
1101
1102
|
List of email addresses for which certificates are allowed to be issued. Requires Vault version 1.19+.
|
1102
1103
|
"""
|
1103
1104
|
return pulumi.get(self, "permitted_email_addresses")
|
1104
1105
|
|
1105
1106
|
@permitted_email_addresses.setter
|
1106
|
-
def permitted_email_addresses(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
1107
|
+
def permitted_email_addresses(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
1107
1108
|
pulumi.set(self, "permitted_email_addresses", value)
|
1108
1109
|
|
1109
1110
|
@property
|
1110
1111
|
@pulumi.getter(name="permittedIpRanges")
|
1111
|
-
def permitted_ip_ranges(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
1112
|
+
def permitted_ip_ranges(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
1112
1113
|
"""
|
1113
1114
|
List of IP ranges for which certificates are allowed to be issued. Requires Vault version 1.19+.
|
1114
1115
|
"""
|
1115
1116
|
return pulumi.get(self, "permitted_ip_ranges")
|
1116
1117
|
|
1117
1118
|
@permitted_ip_ranges.setter
|
1118
|
-
def permitted_ip_ranges(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
1119
|
+
def permitted_ip_ranges(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
1119
1120
|
pulumi.set(self, "permitted_ip_ranges", value)
|
1120
1121
|
|
1121
1122
|
@property
|
1122
1123
|
@pulumi.getter(name="permittedUriDomains")
|
1123
|
-
def permitted_uri_domains(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
1124
|
+
def permitted_uri_domains(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
1124
1125
|
"""
|
1125
1126
|
List of URI domains for which certificates are allowed to be issued. Requires Vault version 1.19+.
|
1126
1127
|
"""
|
1127
1128
|
return pulumi.get(self, "permitted_uri_domains")
|
1128
1129
|
|
1129
1130
|
@permitted_uri_domains.setter
|
1130
|
-
def permitted_uri_domains(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
1131
|
+
def permitted_uri_domains(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
1131
1132
|
pulumi.set(self, "permitted_uri_domains", value)
|
1132
1133
|
|
1133
1134
|
@property
|
1134
1135
|
@pulumi.getter(name="postalCode")
|
1135
|
-
def postal_code(self) -> Optional[pulumi.Input[str]]:
|
1136
|
+
def postal_code(self) -> Optional[pulumi.Input[builtins.str]]:
|
1136
1137
|
"""
|
1137
1138
|
The postal code
|
1138
1139
|
"""
|
1139
1140
|
return pulumi.get(self, "postal_code")
|
1140
1141
|
|
1141
1142
|
@postal_code.setter
|
1142
|
-
def postal_code(self, value: Optional[pulumi.Input[str]]):
|
1143
|
+
def postal_code(self, value: Optional[pulumi.Input[builtins.str]]):
|
1143
1144
|
pulumi.set(self, "postal_code", value)
|
1144
1145
|
|
1145
1146
|
@property
|
1146
1147
|
@pulumi.getter
|
1147
|
-
def province(self) -> Optional[pulumi.Input[str]]:
|
1148
|
+
def province(self) -> Optional[pulumi.Input[builtins.str]]:
|
1148
1149
|
"""
|
1149
1150
|
The province
|
1150
1151
|
"""
|
1151
1152
|
return pulumi.get(self, "province")
|
1152
1153
|
|
1153
1154
|
@province.setter
|
1154
|
-
def province(self, value: Optional[pulumi.Input[str]]):
|
1155
|
+
def province(self, value: Optional[pulumi.Input[builtins.str]]):
|
1155
1156
|
pulumi.set(self, "province", value)
|
1156
1157
|
|
1157
1158
|
@property
|
1158
1159
|
@pulumi.getter
|
1159
|
-
def revoke(self) -> Optional[pulumi.Input[bool]]:
|
1160
|
+
def revoke(self) -> Optional[pulumi.Input[builtins.bool]]:
|
1160
1161
|
"""
|
1161
1162
|
If set to `true`, the certificate will be revoked on resource destruction.
|
1162
1163
|
"""
|
1163
1164
|
return pulumi.get(self, "revoke")
|
1164
1165
|
|
1165
1166
|
@revoke.setter
|
1166
|
-
def revoke(self, value: Optional[pulumi.Input[bool]]):
|
1167
|
+
def revoke(self, value: Optional[pulumi.Input[builtins.bool]]):
|
1167
1168
|
pulumi.set(self, "revoke", value)
|
1168
1169
|
|
1169
1170
|
@property
|
1170
1171
|
@pulumi.getter(name="serialNumber")
|
1171
|
-
def serial_number(self) -> Optional[pulumi.Input[str]]:
|
1172
|
+
def serial_number(self) -> Optional[pulumi.Input[builtins.str]]:
|
1172
1173
|
"""
|
1173
1174
|
The certificate's serial number, hex formatted.
|
1174
1175
|
"""
|
1175
1176
|
return pulumi.get(self, "serial_number")
|
1176
1177
|
|
1177
1178
|
@serial_number.setter
|
1178
|
-
def serial_number(self, value: Optional[pulumi.Input[str]]):
|
1179
|
+
def serial_number(self, value: Optional[pulumi.Input[builtins.str]]):
|
1179
1180
|
pulumi.set(self, "serial_number", value)
|
1180
1181
|
|
1181
1182
|
@property
|
1182
1183
|
@pulumi.getter(name="signatureBits")
|
1183
|
-
def signature_bits(self) -> Optional[pulumi.Input[int]]:
|
1184
|
+
def signature_bits(self) -> Optional[pulumi.Input[builtins.int]]:
|
1184
1185
|
"""
|
1185
1186
|
The number of bits to use in the signature algorithm
|
1186
1187
|
"""
|
1187
1188
|
return pulumi.get(self, "signature_bits")
|
1188
1189
|
|
1189
1190
|
@signature_bits.setter
|
1190
|
-
def signature_bits(self, value: Optional[pulumi.Input[int]]):
|
1191
|
+
def signature_bits(self, value: Optional[pulumi.Input[builtins.int]]):
|
1191
1192
|
pulumi.set(self, "signature_bits", value)
|
1192
1193
|
|
1193
1194
|
@property
|
1194
1195
|
@pulumi.getter
|
1195
|
-
def skid(self) -> Optional[pulumi.Input[str]]:
|
1196
|
+
def skid(self) -> Optional[pulumi.Input[builtins.str]]:
|
1196
1197
|
"""
|
1197
1198
|
Value for the Subject Key Identifier field (RFC 5280 Section 4.2.1.2). Specified as a string in hex format.
|
1198
1199
|
"""
|
1199
1200
|
return pulumi.get(self, "skid")
|
1200
1201
|
|
1201
1202
|
@skid.setter
|
1202
|
-
def skid(self, value: Optional[pulumi.Input[str]]):
|
1203
|
+
def skid(self, value: Optional[pulumi.Input[builtins.str]]):
|
1203
1204
|
pulumi.set(self, "skid", value)
|
1204
1205
|
|
1205
1206
|
@property
|
1206
1207
|
@pulumi.getter(name="streetAddress")
|
1207
|
-
def street_address(self) -> Optional[pulumi.Input[str]]:
|
1208
|
+
def street_address(self) -> Optional[pulumi.Input[builtins.str]]:
|
1208
1209
|
"""
|
1209
1210
|
The street address
|
1210
1211
|
"""
|
1211
1212
|
return pulumi.get(self, "street_address")
|
1212
1213
|
|
1213
1214
|
@street_address.setter
|
1214
|
-
def street_address(self, value: Optional[pulumi.Input[str]]):
|
1215
|
+
def street_address(self, value: Optional[pulumi.Input[builtins.str]]):
|
1215
1216
|
pulumi.set(self, "street_address", value)
|
1216
1217
|
|
1217
1218
|
@property
|
1218
1219
|
@pulumi.getter
|
1219
|
-
def ttl(self) -> Optional[pulumi.Input[str]]:
|
1220
|
+
def ttl(self) -> Optional[pulumi.Input[builtins.str]]:
|
1220
1221
|
"""
|
1221
1222
|
Time to live
|
1222
1223
|
"""
|
1223
1224
|
return pulumi.get(self, "ttl")
|
1224
1225
|
|
1225
1226
|
@ttl.setter
|
1226
|
-
def ttl(self, value: Optional[pulumi.Input[str]]):
|
1227
|
+
def ttl(self, value: Optional[pulumi.Input[builtins.str]]):
|
1227
1228
|
pulumi.set(self, "ttl", value)
|
1228
1229
|
|
1229
1230
|
@property
|
1230
1231
|
@pulumi.getter(name="uriSans")
|
1231
|
-
def uri_sans(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
1232
|
+
def uri_sans(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
1232
1233
|
"""
|
1233
1234
|
List of alternative URIs
|
1234
1235
|
"""
|
1235
1236
|
return pulumi.get(self, "uri_sans")
|
1236
1237
|
|
1237
1238
|
@uri_sans.setter
|
1238
|
-
def uri_sans(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
1239
|
+
def uri_sans(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
1239
1240
|
pulumi.set(self, "uri_sans", value)
|
1240
1241
|
|
1241
1242
|
@property
|
1242
1243
|
@pulumi.getter(name="useCsrValues")
|
1243
|
-
def use_csr_values(self) -> Optional[pulumi.Input[bool]]:
|
1244
|
+
def use_csr_values(self) -> Optional[pulumi.Input[builtins.bool]]:
|
1244
1245
|
"""
|
1245
1246
|
Preserve CSR values
|
1246
1247
|
"""
|
1247
1248
|
return pulumi.get(self, "use_csr_values")
|
1248
1249
|
|
1249
1250
|
@use_csr_values.setter
|
1250
|
-
def use_csr_values(self, value: Optional[pulumi.Input[bool]]):
|
1251
|
+
def use_csr_values(self, value: Optional[pulumi.Input[builtins.bool]]):
|
1251
1252
|
pulumi.set(self, "use_csr_values", value)
|
1252
1253
|
|
1253
1254
|
@property
|
1254
1255
|
@pulumi.getter(name="usePss")
|
1255
|
-
def use_pss(self) -> Optional[pulumi.Input[bool]]:
|
1256
|
+
def use_pss(self) -> Optional[pulumi.Input[builtins.bool]]:
|
1256
1257
|
"""
|
1257
1258
|
Specifies whether or not to use PSS signatures over PKCS#1v1.5 signatures when a RSA-type issuer is used.
|
1258
1259
|
"""
|
1259
1260
|
return pulumi.get(self, "use_pss")
|
1260
1261
|
|
1261
1262
|
@use_pss.setter
|
1262
|
-
def use_pss(self, value: Optional[pulumi.Input[bool]]):
|
1263
|
+
def use_pss(self, value: Optional[pulumi.Input[builtins.bool]]):
|
1263
1264
|
pulumi.set(self, "use_pss", value)
|
1264
1265
|
|
1265
1266
|
|
@@ -1268,41 +1269,41 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1268
1269
|
def __init__(__self__,
|
1269
1270
|
resource_name: str,
|
1270
1271
|
opts: Optional[pulumi.ResourceOptions] = None,
|
1271
|
-
alt_names: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1272
|
-
backend: Optional[pulumi.Input[str]] = None,
|
1273
|
-
common_name: Optional[pulumi.Input[str]] = None,
|
1274
|
-
country: Optional[pulumi.Input[str]] = None,
|
1275
|
-
csr: Optional[pulumi.Input[str]] = None,
|
1276
|
-
exclude_cn_from_sans: Optional[pulumi.Input[bool]] = None,
|
1277
|
-
excluded_dns_domains: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1278
|
-
excluded_email_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1279
|
-
excluded_ip_ranges: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1280
|
-
excluded_uri_domains: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1281
|
-
format: Optional[pulumi.Input[str]] = None,
|
1282
|
-
ip_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1283
|
-
issuer_ref: Optional[pulumi.Input[str]] = None,
|
1284
|
-
locality: Optional[pulumi.Input[str]] = None,
|
1285
|
-
max_path_length: Optional[pulumi.Input[int]] = None,
|
1286
|
-
namespace: Optional[pulumi.Input[str]] = None,
|
1287
|
-
not_after: Optional[pulumi.Input[str]] = None,
|
1288
|
-
not_before_duration: Optional[pulumi.Input[str]] = None,
|
1289
|
-
organization: Optional[pulumi.Input[str]] = None,
|
1290
|
-
other_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1291
|
-
ou: Optional[pulumi.Input[str]] = None,
|
1292
|
-
permitted_dns_domains: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1293
|
-
permitted_email_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1294
|
-
permitted_ip_ranges: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1295
|
-
permitted_uri_domains: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1296
|
-
postal_code: Optional[pulumi.Input[str]] = None,
|
1297
|
-
province: Optional[pulumi.Input[str]] = None,
|
1298
|
-
revoke: Optional[pulumi.Input[bool]] = None,
|
1299
|
-
signature_bits: Optional[pulumi.Input[int]] = None,
|
1300
|
-
skid: Optional[pulumi.Input[str]] = None,
|
1301
|
-
street_address: Optional[pulumi.Input[str]] = None,
|
1302
|
-
ttl: Optional[pulumi.Input[str]] = None,
|
1303
|
-
uri_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1304
|
-
use_csr_values: Optional[pulumi.Input[bool]] = None,
|
1305
|
-
use_pss: Optional[pulumi.Input[bool]] = None,
|
1272
|
+
alt_names: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1273
|
+
backend: Optional[pulumi.Input[builtins.str]] = None,
|
1274
|
+
common_name: Optional[pulumi.Input[builtins.str]] = None,
|
1275
|
+
country: Optional[pulumi.Input[builtins.str]] = None,
|
1276
|
+
csr: Optional[pulumi.Input[builtins.str]] = None,
|
1277
|
+
exclude_cn_from_sans: Optional[pulumi.Input[builtins.bool]] = None,
|
1278
|
+
excluded_dns_domains: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1279
|
+
excluded_email_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1280
|
+
excluded_ip_ranges: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1281
|
+
excluded_uri_domains: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1282
|
+
format: Optional[pulumi.Input[builtins.str]] = None,
|
1283
|
+
ip_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1284
|
+
issuer_ref: Optional[pulumi.Input[builtins.str]] = None,
|
1285
|
+
locality: Optional[pulumi.Input[builtins.str]] = None,
|
1286
|
+
max_path_length: Optional[pulumi.Input[builtins.int]] = None,
|
1287
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None,
|
1288
|
+
not_after: Optional[pulumi.Input[builtins.str]] = None,
|
1289
|
+
not_before_duration: Optional[pulumi.Input[builtins.str]] = None,
|
1290
|
+
organization: Optional[pulumi.Input[builtins.str]] = None,
|
1291
|
+
other_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1292
|
+
ou: Optional[pulumi.Input[builtins.str]] = None,
|
1293
|
+
permitted_dns_domains: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1294
|
+
permitted_email_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1295
|
+
permitted_ip_ranges: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1296
|
+
permitted_uri_domains: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1297
|
+
postal_code: Optional[pulumi.Input[builtins.str]] = None,
|
1298
|
+
province: Optional[pulumi.Input[builtins.str]] = None,
|
1299
|
+
revoke: Optional[pulumi.Input[builtins.bool]] = None,
|
1300
|
+
signature_bits: Optional[pulumi.Input[builtins.int]] = None,
|
1301
|
+
skid: Optional[pulumi.Input[builtins.str]] = None,
|
1302
|
+
street_address: Optional[pulumi.Input[builtins.str]] = None,
|
1303
|
+
ttl: Optional[pulumi.Input[builtins.str]] = None,
|
1304
|
+
uri_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1305
|
+
use_csr_values: Optional[pulumi.Input[builtins.bool]] = None,
|
1306
|
+
use_pss: Optional[pulumi.Input[builtins.bool]] = None,
|
1306
1307
|
__props__=None):
|
1307
1308
|
"""
|
1308
1309
|
Creates PKI certificate.
|
@@ -1325,49 +1326,49 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1325
1326
|
|
1326
1327
|
:param str resource_name: The name of the resource.
|
1327
1328
|
:param pulumi.ResourceOptions opts: Options for the resource.
|
1328
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] alt_names: List of alternative names
|
1329
|
-
:param pulumi.Input[str] backend: The PKI secret backend the resource belongs to.
|
1330
|
-
:param pulumi.Input[str] common_name: CN of intermediate to create
|
1331
|
-
:param pulumi.Input[str] country: The country
|
1332
|
-
:param pulumi.Input[str] csr: The CSR
|
1333
|
-
:param pulumi.Input[bool] exclude_cn_from_sans: Flag to exclude CN from SANs
|
1334
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] excluded_dns_domains: List of domains for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
1335
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] excluded_email_addresses: List of email addresses for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
1336
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] excluded_ip_ranges: List of IP ranges for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
1337
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] excluded_uri_domains: List of URI domains for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
1338
|
-
:param pulumi.Input[str] format: The format of data
|
1339
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] ip_sans: List of alternative IPs
|
1340
|
-
:param pulumi.Input[str] issuer_ref: Specifies the default issuer of this request. May
|
1329
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] alt_names: List of alternative names
|
1330
|
+
:param pulumi.Input[builtins.str] backend: The PKI secret backend the resource belongs to.
|
1331
|
+
:param pulumi.Input[builtins.str] common_name: CN of intermediate to create
|
1332
|
+
:param pulumi.Input[builtins.str] country: The country
|
1333
|
+
:param pulumi.Input[builtins.str] csr: The CSR
|
1334
|
+
:param pulumi.Input[builtins.bool] exclude_cn_from_sans: Flag to exclude CN from SANs
|
1335
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] excluded_dns_domains: List of domains for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
1336
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] excluded_email_addresses: List of email addresses for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
1337
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] excluded_ip_ranges: List of IP ranges for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
1338
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] excluded_uri_domains: List of URI domains for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
1339
|
+
:param pulumi.Input[builtins.str] format: The format of data
|
1340
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] ip_sans: List of alternative IPs
|
1341
|
+
:param pulumi.Input[builtins.str] issuer_ref: Specifies the default issuer of this request. May
|
1341
1342
|
be the value `default`, a name, or an issuer ID. Use ACLs to prevent access to
|
1342
1343
|
the `/pki/issuer/:issuer_ref/{issue,sign}/:name` paths to prevent users
|
1343
1344
|
overriding the role's `issuer_ref` value.
|
1344
|
-
:param pulumi.Input[str] locality: The locality
|
1345
|
-
:param pulumi.Input[int] max_path_length: The maximum path length to encode in the generated certificate
|
1346
|
-
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
1345
|
+
:param pulumi.Input[builtins.str] locality: The locality
|
1346
|
+
:param pulumi.Input[builtins.int] max_path_length: The maximum path length to encode in the generated certificate
|
1347
|
+
:param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
|
1347
1348
|
The value should not contain leading or trailing forward slashes.
|
1348
1349
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
1349
1350
|
*Available only for Vault Enterprise*.
|
1350
|
-
:param pulumi.Input[str] not_after: Set the Not After field of the certificate with specified date value.
|
1351
|
+
:param pulumi.Input[builtins.str] not_after: Set the Not After field of the certificate with specified date value.
|
1351
1352
|
The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ. Supports the Y10K end date
|
1352
1353
|
for IEEE 802.1AR-2018 standard devices, 9999-12-31T23:59:59Z.
|
1353
|
-
:param pulumi.Input[str] not_before_duration: Specifies the duration by which to backdate the NotBefore property.
|
1354
|
-
:param pulumi.Input[str] organization: The organization
|
1355
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] other_sans: List of other SANs
|
1356
|
-
:param pulumi.Input[str] ou: The organization unit
|
1357
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] permitted_dns_domains: List of domains for which certificates are allowed to be issued
|
1358
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] permitted_email_addresses: List of email addresses for which certificates are allowed to be issued. Requires Vault version 1.19+.
|
1359
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] permitted_ip_ranges: List of IP ranges for which certificates are allowed to be issued. Requires Vault version 1.19+.
|
1360
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] permitted_uri_domains: List of URI domains for which certificates are allowed to be issued. Requires Vault version 1.19+.
|
1361
|
-
:param pulumi.Input[str] postal_code: The postal code
|
1362
|
-
:param pulumi.Input[str] province: The province
|
1363
|
-
:param pulumi.Input[bool] revoke: If set to `true`, the certificate will be revoked on resource destruction.
|
1364
|
-
:param pulumi.Input[int] signature_bits: The number of bits to use in the signature algorithm
|
1365
|
-
:param pulumi.Input[str] skid: Value for the Subject Key Identifier field (RFC 5280 Section 4.2.1.2). Specified as a string in hex format.
|
1366
|
-
:param pulumi.Input[str] street_address: The street address
|
1367
|
-
:param pulumi.Input[str] ttl: Time to live
|
1368
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] uri_sans: List of alternative URIs
|
1369
|
-
:param pulumi.Input[bool] use_csr_values: Preserve CSR values
|
1370
|
-
:param pulumi.Input[bool] use_pss: Specifies whether or not to use PSS signatures over PKCS#1v1.5 signatures when a RSA-type issuer is used.
|
1354
|
+
:param pulumi.Input[builtins.str] not_before_duration: Specifies the duration by which to backdate the NotBefore property.
|
1355
|
+
:param pulumi.Input[builtins.str] organization: The organization
|
1356
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] other_sans: List of other SANs
|
1357
|
+
:param pulumi.Input[builtins.str] ou: The organization unit
|
1358
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] permitted_dns_domains: List of domains for which certificates are allowed to be issued
|
1359
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] permitted_email_addresses: List of email addresses for which certificates are allowed to be issued. Requires Vault version 1.19+.
|
1360
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] permitted_ip_ranges: List of IP ranges for which certificates are allowed to be issued. Requires Vault version 1.19+.
|
1361
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] permitted_uri_domains: List of URI domains for which certificates are allowed to be issued. Requires Vault version 1.19+.
|
1362
|
+
:param pulumi.Input[builtins.str] postal_code: The postal code
|
1363
|
+
:param pulumi.Input[builtins.str] province: The province
|
1364
|
+
:param pulumi.Input[builtins.bool] revoke: If set to `true`, the certificate will be revoked on resource destruction.
|
1365
|
+
:param pulumi.Input[builtins.int] signature_bits: The number of bits to use in the signature algorithm
|
1366
|
+
:param pulumi.Input[builtins.str] skid: Value for the Subject Key Identifier field (RFC 5280 Section 4.2.1.2). Specified as a string in hex format.
|
1367
|
+
:param pulumi.Input[builtins.str] street_address: The street address
|
1368
|
+
:param pulumi.Input[builtins.str] ttl: Time to live
|
1369
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] uri_sans: List of alternative URIs
|
1370
|
+
:param pulumi.Input[builtins.bool] use_csr_values: Preserve CSR values
|
1371
|
+
:param pulumi.Input[builtins.bool] use_pss: Specifies whether or not to use PSS signatures over PKCS#1v1.5 signatures when a RSA-type issuer is used.
|
1371
1372
|
"""
|
1372
1373
|
...
|
1373
1374
|
@overload
|
@@ -1409,41 +1410,41 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1409
1410
|
def _internal_init(__self__,
|
1410
1411
|
resource_name: str,
|
1411
1412
|
opts: Optional[pulumi.ResourceOptions] = None,
|
1412
|
-
alt_names: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1413
|
-
backend: Optional[pulumi.Input[str]] = None,
|
1414
|
-
common_name: Optional[pulumi.Input[str]] = None,
|
1415
|
-
country: Optional[pulumi.Input[str]] = None,
|
1416
|
-
csr: Optional[pulumi.Input[str]] = None,
|
1417
|
-
exclude_cn_from_sans: Optional[pulumi.Input[bool]] = None,
|
1418
|
-
excluded_dns_domains: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1419
|
-
excluded_email_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1420
|
-
excluded_ip_ranges: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1421
|
-
excluded_uri_domains: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1422
|
-
format: Optional[pulumi.Input[str]] = None,
|
1423
|
-
ip_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1424
|
-
issuer_ref: Optional[pulumi.Input[str]] = None,
|
1425
|
-
locality: Optional[pulumi.Input[str]] = None,
|
1426
|
-
max_path_length: Optional[pulumi.Input[int]] = None,
|
1427
|
-
namespace: Optional[pulumi.Input[str]] = None,
|
1428
|
-
not_after: Optional[pulumi.Input[str]] = None,
|
1429
|
-
not_before_duration: Optional[pulumi.Input[str]] = None,
|
1430
|
-
organization: Optional[pulumi.Input[str]] = None,
|
1431
|
-
other_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1432
|
-
ou: Optional[pulumi.Input[str]] = None,
|
1433
|
-
permitted_dns_domains: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1434
|
-
permitted_email_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1435
|
-
permitted_ip_ranges: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1436
|
-
permitted_uri_domains: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1437
|
-
postal_code: Optional[pulumi.Input[str]] = None,
|
1438
|
-
province: Optional[pulumi.Input[str]] = None,
|
1439
|
-
revoke: Optional[pulumi.Input[bool]] = None,
|
1440
|
-
signature_bits: Optional[pulumi.Input[int]] = None,
|
1441
|
-
skid: Optional[pulumi.Input[str]] = None,
|
1442
|
-
street_address: Optional[pulumi.Input[str]] = None,
|
1443
|
-
ttl: Optional[pulumi.Input[str]] = None,
|
1444
|
-
uri_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1445
|
-
use_csr_values: Optional[pulumi.Input[bool]] = None,
|
1446
|
-
use_pss: Optional[pulumi.Input[bool]] = None,
|
1413
|
+
alt_names: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1414
|
+
backend: Optional[pulumi.Input[builtins.str]] = None,
|
1415
|
+
common_name: Optional[pulumi.Input[builtins.str]] = None,
|
1416
|
+
country: Optional[pulumi.Input[builtins.str]] = None,
|
1417
|
+
csr: Optional[pulumi.Input[builtins.str]] = None,
|
1418
|
+
exclude_cn_from_sans: Optional[pulumi.Input[builtins.bool]] = None,
|
1419
|
+
excluded_dns_domains: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1420
|
+
excluded_email_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1421
|
+
excluded_ip_ranges: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1422
|
+
excluded_uri_domains: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1423
|
+
format: Optional[pulumi.Input[builtins.str]] = None,
|
1424
|
+
ip_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1425
|
+
issuer_ref: Optional[pulumi.Input[builtins.str]] = None,
|
1426
|
+
locality: Optional[pulumi.Input[builtins.str]] = None,
|
1427
|
+
max_path_length: Optional[pulumi.Input[builtins.int]] = None,
|
1428
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None,
|
1429
|
+
not_after: Optional[pulumi.Input[builtins.str]] = None,
|
1430
|
+
not_before_duration: Optional[pulumi.Input[builtins.str]] = None,
|
1431
|
+
organization: Optional[pulumi.Input[builtins.str]] = None,
|
1432
|
+
other_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1433
|
+
ou: Optional[pulumi.Input[builtins.str]] = None,
|
1434
|
+
permitted_dns_domains: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1435
|
+
permitted_email_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1436
|
+
permitted_ip_ranges: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1437
|
+
permitted_uri_domains: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1438
|
+
postal_code: Optional[pulumi.Input[builtins.str]] = None,
|
1439
|
+
province: Optional[pulumi.Input[builtins.str]] = None,
|
1440
|
+
revoke: Optional[pulumi.Input[builtins.bool]] = None,
|
1441
|
+
signature_bits: Optional[pulumi.Input[builtins.int]] = None,
|
1442
|
+
skid: Optional[pulumi.Input[builtins.str]] = None,
|
1443
|
+
street_address: Optional[pulumi.Input[builtins.str]] = None,
|
1444
|
+
ttl: Optional[pulumi.Input[builtins.str]] = None,
|
1445
|
+
uri_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1446
|
+
use_csr_values: Optional[pulumi.Input[builtins.bool]] = None,
|
1447
|
+
use_pss: Optional[pulumi.Input[builtins.bool]] = None,
|
1447
1448
|
__props__=None):
|
1448
1449
|
opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
|
1449
1450
|
if not isinstance(opts, pulumi.ResourceOptions):
|
@@ -1509,46 +1510,46 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1509
1510
|
def get(resource_name: str,
|
1510
1511
|
id: pulumi.Input[str],
|
1511
1512
|
opts: Optional[pulumi.ResourceOptions] = None,
|
1512
|
-
alt_names: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1513
|
-
backend: Optional[pulumi.Input[str]] = None,
|
1514
|
-
ca_chains: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1515
|
-
certificate: Optional[pulumi.Input[str]] = None,
|
1516
|
-
certificate_bundle: Optional[pulumi.Input[str]] = None,
|
1517
|
-
common_name: Optional[pulumi.Input[str]] = None,
|
1518
|
-
country: Optional[pulumi.Input[str]] = None,
|
1519
|
-
csr: Optional[pulumi.Input[str]] = None,
|
1520
|
-
exclude_cn_from_sans: Optional[pulumi.Input[bool]] = None,
|
1521
|
-
excluded_dns_domains: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1522
|
-
excluded_email_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1523
|
-
excluded_ip_ranges: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1524
|
-
excluded_uri_domains: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1525
|
-
format: Optional[pulumi.Input[str]] = None,
|
1526
|
-
ip_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1527
|
-
issuer_ref: Optional[pulumi.Input[str]] = None,
|
1528
|
-
issuing_ca: Optional[pulumi.Input[str]] = None,
|
1529
|
-
locality: Optional[pulumi.Input[str]] = None,
|
1530
|
-
max_path_length: Optional[pulumi.Input[int]] = None,
|
1531
|
-
namespace: Optional[pulumi.Input[str]] = None,
|
1532
|
-
not_after: Optional[pulumi.Input[str]] = None,
|
1533
|
-
not_before_duration: Optional[pulumi.Input[str]] = None,
|
1534
|
-
organization: Optional[pulumi.Input[str]] = None,
|
1535
|
-
other_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1536
|
-
ou: Optional[pulumi.Input[str]] = None,
|
1537
|
-
permitted_dns_domains: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1538
|
-
permitted_email_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1539
|
-
permitted_ip_ranges: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1540
|
-
permitted_uri_domains: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1541
|
-
postal_code: Optional[pulumi.Input[str]] = None,
|
1542
|
-
province: Optional[pulumi.Input[str]] = None,
|
1543
|
-
revoke: Optional[pulumi.Input[bool]] = None,
|
1544
|
-
serial_number: Optional[pulumi.Input[str]] = None,
|
1545
|
-
signature_bits: Optional[pulumi.Input[int]] = None,
|
1546
|
-
skid: Optional[pulumi.Input[str]] = None,
|
1547
|
-
street_address: Optional[pulumi.Input[str]] = None,
|
1548
|
-
ttl: Optional[pulumi.Input[str]] = None,
|
1549
|
-
uri_sans: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
1550
|
-
use_csr_values: Optional[pulumi.Input[bool]] = None,
|
1551
|
-
use_pss: Optional[pulumi.Input[bool]] = None) -> 'SecretBackendRootSignIntermediate':
|
1513
|
+
alt_names: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1514
|
+
backend: Optional[pulumi.Input[builtins.str]] = None,
|
1515
|
+
ca_chains: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1516
|
+
certificate: Optional[pulumi.Input[builtins.str]] = None,
|
1517
|
+
certificate_bundle: Optional[pulumi.Input[builtins.str]] = None,
|
1518
|
+
common_name: Optional[pulumi.Input[builtins.str]] = None,
|
1519
|
+
country: Optional[pulumi.Input[builtins.str]] = None,
|
1520
|
+
csr: Optional[pulumi.Input[builtins.str]] = None,
|
1521
|
+
exclude_cn_from_sans: Optional[pulumi.Input[builtins.bool]] = None,
|
1522
|
+
excluded_dns_domains: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1523
|
+
excluded_email_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1524
|
+
excluded_ip_ranges: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1525
|
+
excluded_uri_domains: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1526
|
+
format: Optional[pulumi.Input[builtins.str]] = None,
|
1527
|
+
ip_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1528
|
+
issuer_ref: Optional[pulumi.Input[builtins.str]] = None,
|
1529
|
+
issuing_ca: Optional[pulumi.Input[builtins.str]] = None,
|
1530
|
+
locality: Optional[pulumi.Input[builtins.str]] = None,
|
1531
|
+
max_path_length: Optional[pulumi.Input[builtins.int]] = None,
|
1532
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None,
|
1533
|
+
not_after: Optional[pulumi.Input[builtins.str]] = None,
|
1534
|
+
not_before_duration: Optional[pulumi.Input[builtins.str]] = None,
|
1535
|
+
organization: Optional[pulumi.Input[builtins.str]] = None,
|
1536
|
+
other_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1537
|
+
ou: Optional[pulumi.Input[builtins.str]] = None,
|
1538
|
+
permitted_dns_domains: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1539
|
+
permitted_email_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1540
|
+
permitted_ip_ranges: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1541
|
+
permitted_uri_domains: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1542
|
+
postal_code: Optional[pulumi.Input[builtins.str]] = None,
|
1543
|
+
province: Optional[pulumi.Input[builtins.str]] = None,
|
1544
|
+
revoke: Optional[pulumi.Input[builtins.bool]] = None,
|
1545
|
+
serial_number: Optional[pulumi.Input[builtins.str]] = None,
|
1546
|
+
signature_bits: Optional[pulumi.Input[builtins.int]] = None,
|
1547
|
+
skid: Optional[pulumi.Input[builtins.str]] = None,
|
1548
|
+
street_address: Optional[pulumi.Input[builtins.str]] = None,
|
1549
|
+
ttl: Optional[pulumi.Input[builtins.str]] = None,
|
1550
|
+
uri_sans: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
1551
|
+
use_csr_values: Optional[pulumi.Input[builtins.bool]] = None,
|
1552
|
+
use_pss: Optional[pulumi.Input[builtins.bool]] = None) -> 'SecretBackendRootSignIntermediate':
|
1552
1553
|
"""
|
1553
1554
|
Get an existing SecretBackendRootSignIntermediate resource's state with the given name, id, and optional extra
|
1554
1555
|
properties used to qualify the lookup.
|
@@ -1556,55 +1557,55 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1556
1557
|
:param str resource_name: The unique name of the resulting resource.
|
1557
1558
|
:param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
|
1558
1559
|
:param pulumi.ResourceOptions opts: Options for the resource.
|
1559
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] alt_names: List of alternative names
|
1560
|
-
:param pulumi.Input[str] backend: The PKI secret backend the resource belongs to.
|
1561
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] ca_chains: A list of the issuing and intermediate CA certificates in the `format` specified.
|
1562
|
-
:param pulumi.Input[str] certificate: The intermediate CA certificate in the `format` specified.
|
1563
|
-
:param pulumi.Input[str] certificate_bundle: The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded).
|
1560
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] alt_names: List of alternative names
|
1561
|
+
:param pulumi.Input[builtins.str] backend: The PKI secret backend the resource belongs to.
|
1562
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] ca_chains: A list of the issuing and intermediate CA certificates in the `format` specified.
|
1563
|
+
:param pulumi.Input[builtins.str] certificate: The intermediate CA certificate in the `format` specified.
|
1564
|
+
:param pulumi.Input[builtins.str] certificate_bundle: The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded).
|
1564
1565
|
Requires the `format` to be set to any of: pem, pem_bundle. The value will be empty for all other formats.
|
1565
|
-
:param pulumi.Input[str] common_name: CN of intermediate to create
|
1566
|
-
:param pulumi.Input[str] country: The country
|
1567
|
-
:param pulumi.Input[str] csr: The CSR
|
1568
|
-
:param pulumi.Input[bool] exclude_cn_from_sans: Flag to exclude CN from SANs
|
1569
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] excluded_dns_domains: List of domains for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
1570
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] excluded_email_addresses: List of email addresses for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
1571
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] excluded_ip_ranges: List of IP ranges for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
1572
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] excluded_uri_domains: List of URI domains for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
1573
|
-
:param pulumi.Input[str] format: The format of data
|
1574
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] ip_sans: List of alternative IPs
|
1575
|
-
:param pulumi.Input[str] issuer_ref: Specifies the default issuer of this request. May
|
1566
|
+
:param pulumi.Input[builtins.str] common_name: CN of intermediate to create
|
1567
|
+
:param pulumi.Input[builtins.str] country: The country
|
1568
|
+
:param pulumi.Input[builtins.str] csr: The CSR
|
1569
|
+
:param pulumi.Input[builtins.bool] exclude_cn_from_sans: Flag to exclude CN from SANs
|
1570
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] excluded_dns_domains: List of domains for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
1571
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] excluded_email_addresses: List of email addresses for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
1572
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] excluded_ip_ranges: List of IP ranges for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
1573
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] excluded_uri_domains: List of URI domains for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
1574
|
+
:param pulumi.Input[builtins.str] format: The format of data
|
1575
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] ip_sans: List of alternative IPs
|
1576
|
+
:param pulumi.Input[builtins.str] issuer_ref: Specifies the default issuer of this request. May
|
1576
1577
|
be the value `default`, a name, or an issuer ID. Use ACLs to prevent access to
|
1577
1578
|
the `/pki/issuer/:issuer_ref/{issue,sign}/:name` paths to prevent users
|
1578
1579
|
overriding the role's `issuer_ref` value.
|
1579
|
-
:param pulumi.Input[str] issuing_ca: The issuing CA certificate in the `format` specified.
|
1580
|
-
:param pulumi.Input[str] locality: The locality
|
1581
|
-
:param pulumi.Input[int] max_path_length: The maximum path length to encode in the generated certificate
|
1582
|
-
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
1580
|
+
:param pulumi.Input[builtins.str] issuing_ca: The issuing CA certificate in the `format` specified.
|
1581
|
+
:param pulumi.Input[builtins.str] locality: The locality
|
1582
|
+
:param pulumi.Input[builtins.int] max_path_length: The maximum path length to encode in the generated certificate
|
1583
|
+
:param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
|
1583
1584
|
The value should not contain leading or trailing forward slashes.
|
1584
1585
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
1585
1586
|
*Available only for Vault Enterprise*.
|
1586
|
-
:param pulumi.Input[str] not_after: Set the Not After field of the certificate with specified date value.
|
1587
|
+
:param pulumi.Input[builtins.str] not_after: Set the Not After field of the certificate with specified date value.
|
1587
1588
|
The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ. Supports the Y10K end date
|
1588
1589
|
for IEEE 802.1AR-2018 standard devices, 9999-12-31T23:59:59Z.
|
1589
|
-
:param pulumi.Input[str] not_before_duration: Specifies the duration by which to backdate the NotBefore property.
|
1590
|
-
:param pulumi.Input[str] organization: The organization
|
1591
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] other_sans: List of other SANs
|
1592
|
-
:param pulumi.Input[str] ou: The organization unit
|
1593
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] permitted_dns_domains: List of domains for which certificates are allowed to be issued
|
1594
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] permitted_email_addresses: List of email addresses for which certificates are allowed to be issued. Requires Vault version 1.19+.
|
1595
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] permitted_ip_ranges: List of IP ranges for which certificates are allowed to be issued. Requires Vault version 1.19+.
|
1596
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] permitted_uri_domains: List of URI domains for which certificates are allowed to be issued. Requires Vault version 1.19+.
|
1597
|
-
:param pulumi.Input[str] postal_code: The postal code
|
1598
|
-
:param pulumi.Input[str] province: The province
|
1599
|
-
:param pulumi.Input[bool] revoke: If set to `true`, the certificate will be revoked on resource destruction.
|
1600
|
-
:param pulumi.Input[str] serial_number: The certificate's serial number, hex formatted.
|
1601
|
-
:param pulumi.Input[int] signature_bits: The number of bits to use in the signature algorithm
|
1602
|
-
:param pulumi.Input[str] skid: Value for the Subject Key Identifier field (RFC 5280 Section 4.2.1.2). Specified as a string in hex format.
|
1603
|
-
:param pulumi.Input[str] street_address: The street address
|
1604
|
-
:param pulumi.Input[str] ttl: Time to live
|
1605
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] uri_sans: List of alternative URIs
|
1606
|
-
:param pulumi.Input[bool] use_csr_values: Preserve CSR values
|
1607
|
-
:param pulumi.Input[bool] use_pss: Specifies whether or not to use PSS signatures over PKCS#1v1.5 signatures when a RSA-type issuer is used.
|
1590
|
+
:param pulumi.Input[builtins.str] not_before_duration: Specifies the duration by which to backdate the NotBefore property.
|
1591
|
+
:param pulumi.Input[builtins.str] organization: The organization
|
1592
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] other_sans: List of other SANs
|
1593
|
+
:param pulumi.Input[builtins.str] ou: The organization unit
|
1594
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] permitted_dns_domains: List of domains for which certificates are allowed to be issued
|
1595
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] permitted_email_addresses: List of email addresses for which certificates are allowed to be issued. Requires Vault version 1.19+.
|
1596
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] permitted_ip_ranges: List of IP ranges for which certificates are allowed to be issued. Requires Vault version 1.19+.
|
1597
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] permitted_uri_domains: List of URI domains for which certificates are allowed to be issued. Requires Vault version 1.19+.
|
1598
|
+
:param pulumi.Input[builtins.str] postal_code: The postal code
|
1599
|
+
:param pulumi.Input[builtins.str] province: The province
|
1600
|
+
:param pulumi.Input[builtins.bool] revoke: If set to `true`, the certificate will be revoked on resource destruction.
|
1601
|
+
:param pulumi.Input[builtins.str] serial_number: The certificate's serial number, hex formatted.
|
1602
|
+
:param pulumi.Input[builtins.int] signature_bits: The number of bits to use in the signature algorithm
|
1603
|
+
:param pulumi.Input[builtins.str] skid: Value for the Subject Key Identifier field (RFC 5280 Section 4.2.1.2). Specified as a string in hex format.
|
1604
|
+
:param pulumi.Input[builtins.str] street_address: The street address
|
1605
|
+
:param pulumi.Input[builtins.str] ttl: Time to live
|
1606
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] uri_sans: List of alternative URIs
|
1607
|
+
:param pulumi.Input[builtins.bool] use_csr_values: Preserve CSR values
|
1608
|
+
:param pulumi.Input[builtins.bool] use_pss: Specifies whether or not to use PSS signatures over PKCS#1v1.5 signatures when a RSA-type issuer is used.
|
1608
1609
|
"""
|
1609
1610
|
opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
|
1610
1611
|
|
@@ -1654,7 +1655,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1654
1655
|
|
1655
1656
|
@property
|
1656
1657
|
@pulumi.getter(name="altNames")
|
1657
|
-
def alt_names(self) -> pulumi.Output[Optional[Sequence[str]]]:
|
1658
|
+
def alt_names(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
|
1658
1659
|
"""
|
1659
1660
|
List of alternative names
|
1660
1661
|
"""
|
@@ -1662,7 +1663,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1662
1663
|
|
1663
1664
|
@property
|
1664
1665
|
@pulumi.getter
|
1665
|
-
def backend(self) -> pulumi.Output[str]:
|
1666
|
+
def backend(self) -> pulumi.Output[builtins.str]:
|
1666
1667
|
"""
|
1667
1668
|
The PKI secret backend the resource belongs to.
|
1668
1669
|
"""
|
@@ -1670,7 +1671,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1670
1671
|
|
1671
1672
|
@property
|
1672
1673
|
@pulumi.getter(name="caChains")
|
1673
|
-
def ca_chains(self) -> pulumi.Output[Sequence[str]]:
|
1674
|
+
def ca_chains(self) -> pulumi.Output[Sequence[builtins.str]]:
|
1674
1675
|
"""
|
1675
1676
|
A list of the issuing and intermediate CA certificates in the `format` specified.
|
1676
1677
|
"""
|
@@ -1678,7 +1679,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1678
1679
|
|
1679
1680
|
@property
|
1680
1681
|
@pulumi.getter
|
1681
|
-
def certificate(self) -> pulumi.Output[str]:
|
1682
|
+
def certificate(self) -> pulumi.Output[builtins.str]:
|
1682
1683
|
"""
|
1683
1684
|
The intermediate CA certificate in the `format` specified.
|
1684
1685
|
"""
|
@@ -1686,7 +1687,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1686
1687
|
|
1687
1688
|
@property
|
1688
1689
|
@pulumi.getter(name="certificateBundle")
|
1689
|
-
def certificate_bundle(self) -> pulumi.Output[str]:
|
1690
|
+
def certificate_bundle(self) -> pulumi.Output[builtins.str]:
|
1690
1691
|
"""
|
1691
1692
|
The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded).
|
1692
1693
|
Requires the `format` to be set to any of: pem, pem_bundle. The value will be empty for all other formats.
|
@@ -1695,7 +1696,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1695
1696
|
|
1696
1697
|
@property
|
1697
1698
|
@pulumi.getter(name="commonName")
|
1698
|
-
def common_name(self) -> pulumi.Output[str]:
|
1699
|
+
def common_name(self) -> pulumi.Output[builtins.str]:
|
1699
1700
|
"""
|
1700
1701
|
CN of intermediate to create
|
1701
1702
|
"""
|
@@ -1703,7 +1704,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1703
1704
|
|
1704
1705
|
@property
|
1705
1706
|
@pulumi.getter
|
1706
|
-
def country(self) -> pulumi.Output[Optional[str]]:
|
1707
|
+
def country(self) -> pulumi.Output[Optional[builtins.str]]:
|
1707
1708
|
"""
|
1708
1709
|
The country
|
1709
1710
|
"""
|
@@ -1711,7 +1712,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1711
1712
|
|
1712
1713
|
@property
|
1713
1714
|
@pulumi.getter
|
1714
|
-
def csr(self) -> pulumi.Output[str]:
|
1715
|
+
def csr(self) -> pulumi.Output[builtins.str]:
|
1715
1716
|
"""
|
1716
1717
|
The CSR
|
1717
1718
|
"""
|
@@ -1719,7 +1720,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1719
1720
|
|
1720
1721
|
@property
|
1721
1722
|
@pulumi.getter(name="excludeCnFromSans")
|
1722
|
-
def exclude_cn_from_sans(self) -> pulumi.Output[Optional[bool]]:
|
1723
|
+
def exclude_cn_from_sans(self) -> pulumi.Output[Optional[builtins.bool]]:
|
1723
1724
|
"""
|
1724
1725
|
Flag to exclude CN from SANs
|
1725
1726
|
"""
|
@@ -1727,7 +1728,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1727
1728
|
|
1728
1729
|
@property
|
1729
1730
|
@pulumi.getter(name="excludedDnsDomains")
|
1730
|
-
def excluded_dns_domains(self) -> pulumi.Output[Optional[Sequence[str]]]:
|
1731
|
+
def excluded_dns_domains(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
|
1731
1732
|
"""
|
1732
1733
|
List of domains for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
1733
1734
|
"""
|
@@ -1735,7 +1736,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1735
1736
|
|
1736
1737
|
@property
|
1737
1738
|
@pulumi.getter(name="excludedEmailAddresses")
|
1738
|
-
def excluded_email_addresses(self) -> pulumi.Output[Optional[Sequence[str]]]:
|
1739
|
+
def excluded_email_addresses(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
|
1739
1740
|
"""
|
1740
1741
|
List of email addresses for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
1741
1742
|
"""
|
@@ -1743,7 +1744,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1743
1744
|
|
1744
1745
|
@property
|
1745
1746
|
@pulumi.getter(name="excludedIpRanges")
|
1746
|
-
def excluded_ip_ranges(self) -> pulumi.Output[Optional[Sequence[str]]]:
|
1747
|
+
def excluded_ip_ranges(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
|
1747
1748
|
"""
|
1748
1749
|
List of IP ranges for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
1749
1750
|
"""
|
@@ -1751,7 +1752,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1751
1752
|
|
1752
1753
|
@property
|
1753
1754
|
@pulumi.getter(name="excludedUriDomains")
|
1754
|
-
def excluded_uri_domains(self) -> pulumi.Output[Optional[Sequence[str]]]:
|
1755
|
+
def excluded_uri_domains(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
|
1755
1756
|
"""
|
1756
1757
|
List of URI domains for which certificates are not allowed to be issued. Requires Vault version 1.19+.
|
1757
1758
|
"""
|
@@ -1759,7 +1760,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1759
1760
|
|
1760
1761
|
@property
|
1761
1762
|
@pulumi.getter
|
1762
|
-
def format(self) -> pulumi.Output[Optional[str]]:
|
1763
|
+
def format(self) -> pulumi.Output[Optional[builtins.str]]:
|
1763
1764
|
"""
|
1764
1765
|
The format of data
|
1765
1766
|
"""
|
@@ -1767,7 +1768,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1767
1768
|
|
1768
1769
|
@property
|
1769
1770
|
@pulumi.getter(name="ipSans")
|
1770
|
-
def ip_sans(self) -> pulumi.Output[Optional[Sequence[str]]]:
|
1771
|
+
def ip_sans(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
|
1771
1772
|
"""
|
1772
1773
|
List of alternative IPs
|
1773
1774
|
"""
|
@@ -1775,7 +1776,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1775
1776
|
|
1776
1777
|
@property
|
1777
1778
|
@pulumi.getter(name="issuerRef")
|
1778
|
-
def issuer_ref(self) -> pulumi.Output[Optional[str]]:
|
1779
|
+
def issuer_ref(self) -> pulumi.Output[Optional[builtins.str]]:
|
1779
1780
|
"""
|
1780
1781
|
Specifies the default issuer of this request. May
|
1781
1782
|
be the value `default`, a name, or an issuer ID. Use ACLs to prevent access to
|
@@ -1786,7 +1787,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1786
1787
|
|
1787
1788
|
@property
|
1788
1789
|
@pulumi.getter(name="issuingCa")
|
1789
|
-
def issuing_ca(self) -> pulumi.Output[str]:
|
1790
|
+
def issuing_ca(self) -> pulumi.Output[builtins.str]:
|
1790
1791
|
"""
|
1791
1792
|
The issuing CA certificate in the `format` specified.
|
1792
1793
|
"""
|
@@ -1794,7 +1795,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1794
1795
|
|
1795
1796
|
@property
|
1796
1797
|
@pulumi.getter
|
1797
|
-
def locality(self) -> pulumi.Output[Optional[str]]:
|
1798
|
+
def locality(self) -> pulumi.Output[Optional[builtins.str]]:
|
1798
1799
|
"""
|
1799
1800
|
The locality
|
1800
1801
|
"""
|
@@ -1802,7 +1803,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1802
1803
|
|
1803
1804
|
@property
|
1804
1805
|
@pulumi.getter(name="maxPathLength")
|
1805
|
-
def max_path_length(self) -> pulumi.Output[Optional[int]]:
|
1806
|
+
def max_path_length(self) -> pulumi.Output[Optional[builtins.int]]:
|
1806
1807
|
"""
|
1807
1808
|
The maximum path length to encode in the generated certificate
|
1808
1809
|
"""
|
@@ -1810,7 +1811,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1810
1811
|
|
1811
1812
|
@property
|
1812
1813
|
@pulumi.getter
|
1813
|
-
def namespace(self) -> pulumi.Output[Optional[str]]:
|
1814
|
+
def namespace(self) -> pulumi.Output[Optional[builtins.str]]:
|
1814
1815
|
"""
|
1815
1816
|
The namespace to provision the resource in.
|
1816
1817
|
The value should not contain leading or trailing forward slashes.
|
@@ -1821,7 +1822,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1821
1822
|
|
1822
1823
|
@property
|
1823
1824
|
@pulumi.getter(name="notAfter")
|
1824
|
-
def not_after(self) -> pulumi.Output[Optional[str]]:
|
1825
|
+
def not_after(self) -> pulumi.Output[Optional[builtins.str]]:
|
1825
1826
|
"""
|
1826
1827
|
Set the Not After field of the certificate with specified date value.
|
1827
1828
|
The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ. Supports the Y10K end date
|
@@ -1831,7 +1832,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1831
1832
|
|
1832
1833
|
@property
|
1833
1834
|
@pulumi.getter(name="notBeforeDuration")
|
1834
|
-
def not_before_duration(self) -> pulumi.Output[Optional[str]]:
|
1835
|
+
def not_before_duration(self) -> pulumi.Output[Optional[builtins.str]]:
|
1835
1836
|
"""
|
1836
1837
|
Specifies the duration by which to backdate the NotBefore property.
|
1837
1838
|
"""
|
@@ -1839,7 +1840,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1839
1840
|
|
1840
1841
|
@property
|
1841
1842
|
@pulumi.getter
|
1842
|
-
def organization(self) -> pulumi.Output[Optional[str]]:
|
1843
|
+
def organization(self) -> pulumi.Output[Optional[builtins.str]]:
|
1843
1844
|
"""
|
1844
1845
|
The organization
|
1845
1846
|
"""
|
@@ -1847,7 +1848,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1847
1848
|
|
1848
1849
|
@property
|
1849
1850
|
@pulumi.getter(name="otherSans")
|
1850
|
-
def other_sans(self) -> pulumi.Output[Optional[Sequence[str]]]:
|
1851
|
+
def other_sans(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
|
1851
1852
|
"""
|
1852
1853
|
List of other SANs
|
1853
1854
|
"""
|
@@ -1855,7 +1856,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1855
1856
|
|
1856
1857
|
@property
|
1857
1858
|
@pulumi.getter
|
1858
|
-
def ou(self) -> pulumi.Output[Optional[str]]:
|
1859
|
+
def ou(self) -> pulumi.Output[Optional[builtins.str]]:
|
1859
1860
|
"""
|
1860
1861
|
The organization unit
|
1861
1862
|
"""
|
@@ -1863,7 +1864,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1863
1864
|
|
1864
1865
|
@property
|
1865
1866
|
@pulumi.getter(name="permittedDnsDomains")
|
1866
|
-
def permitted_dns_domains(self) -> pulumi.Output[Optional[Sequence[str]]]:
|
1867
|
+
def permitted_dns_domains(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
|
1867
1868
|
"""
|
1868
1869
|
List of domains for which certificates are allowed to be issued
|
1869
1870
|
"""
|
@@ -1871,7 +1872,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1871
1872
|
|
1872
1873
|
@property
|
1873
1874
|
@pulumi.getter(name="permittedEmailAddresses")
|
1874
|
-
def permitted_email_addresses(self) -> pulumi.Output[Optional[Sequence[str]]]:
|
1875
|
+
def permitted_email_addresses(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
|
1875
1876
|
"""
|
1876
1877
|
List of email addresses for which certificates are allowed to be issued. Requires Vault version 1.19+.
|
1877
1878
|
"""
|
@@ -1879,7 +1880,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1879
1880
|
|
1880
1881
|
@property
|
1881
1882
|
@pulumi.getter(name="permittedIpRanges")
|
1882
|
-
def permitted_ip_ranges(self) -> pulumi.Output[Optional[Sequence[str]]]:
|
1883
|
+
def permitted_ip_ranges(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
|
1883
1884
|
"""
|
1884
1885
|
List of IP ranges for which certificates are allowed to be issued. Requires Vault version 1.19+.
|
1885
1886
|
"""
|
@@ -1887,7 +1888,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1887
1888
|
|
1888
1889
|
@property
|
1889
1890
|
@pulumi.getter(name="permittedUriDomains")
|
1890
|
-
def permitted_uri_domains(self) -> pulumi.Output[Optional[Sequence[str]]]:
|
1891
|
+
def permitted_uri_domains(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
|
1891
1892
|
"""
|
1892
1893
|
List of URI domains for which certificates are allowed to be issued. Requires Vault version 1.19+.
|
1893
1894
|
"""
|
@@ -1895,7 +1896,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1895
1896
|
|
1896
1897
|
@property
|
1897
1898
|
@pulumi.getter(name="postalCode")
|
1898
|
-
def postal_code(self) -> pulumi.Output[Optional[str]]:
|
1899
|
+
def postal_code(self) -> pulumi.Output[Optional[builtins.str]]:
|
1899
1900
|
"""
|
1900
1901
|
The postal code
|
1901
1902
|
"""
|
@@ -1903,7 +1904,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1903
1904
|
|
1904
1905
|
@property
|
1905
1906
|
@pulumi.getter
|
1906
|
-
def province(self) -> pulumi.Output[Optional[str]]:
|
1907
|
+
def province(self) -> pulumi.Output[Optional[builtins.str]]:
|
1907
1908
|
"""
|
1908
1909
|
The province
|
1909
1910
|
"""
|
@@ -1911,7 +1912,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1911
1912
|
|
1912
1913
|
@property
|
1913
1914
|
@pulumi.getter
|
1914
|
-
def revoke(self) -> pulumi.Output[Optional[bool]]:
|
1915
|
+
def revoke(self) -> pulumi.Output[Optional[builtins.bool]]:
|
1915
1916
|
"""
|
1916
1917
|
If set to `true`, the certificate will be revoked on resource destruction.
|
1917
1918
|
"""
|
@@ -1919,7 +1920,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1919
1920
|
|
1920
1921
|
@property
|
1921
1922
|
@pulumi.getter(name="serialNumber")
|
1922
|
-
def serial_number(self) -> pulumi.Output[str]:
|
1923
|
+
def serial_number(self) -> pulumi.Output[builtins.str]:
|
1923
1924
|
"""
|
1924
1925
|
The certificate's serial number, hex formatted.
|
1925
1926
|
"""
|
@@ -1927,7 +1928,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1927
1928
|
|
1928
1929
|
@property
|
1929
1930
|
@pulumi.getter(name="signatureBits")
|
1930
|
-
def signature_bits(self) -> pulumi.Output[Optional[int]]:
|
1931
|
+
def signature_bits(self) -> pulumi.Output[Optional[builtins.int]]:
|
1931
1932
|
"""
|
1932
1933
|
The number of bits to use in the signature algorithm
|
1933
1934
|
"""
|
@@ -1935,7 +1936,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1935
1936
|
|
1936
1937
|
@property
|
1937
1938
|
@pulumi.getter
|
1938
|
-
def skid(self) -> pulumi.Output[Optional[str]]:
|
1939
|
+
def skid(self) -> pulumi.Output[Optional[builtins.str]]:
|
1939
1940
|
"""
|
1940
1941
|
Value for the Subject Key Identifier field (RFC 5280 Section 4.2.1.2). Specified as a string in hex format.
|
1941
1942
|
"""
|
@@ -1943,7 +1944,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1943
1944
|
|
1944
1945
|
@property
|
1945
1946
|
@pulumi.getter(name="streetAddress")
|
1946
|
-
def street_address(self) -> pulumi.Output[Optional[str]]:
|
1947
|
+
def street_address(self) -> pulumi.Output[Optional[builtins.str]]:
|
1947
1948
|
"""
|
1948
1949
|
The street address
|
1949
1950
|
"""
|
@@ -1951,7 +1952,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1951
1952
|
|
1952
1953
|
@property
|
1953
1954
|
@pulumi.getter
|
1954
|
-
def ttl(self) -> pulumi.Output[Optional[str]]:
|
1955
|
+
def ttl(self) -> pulumi.Output[Optional[builtins.str]]:
|
1955
1956
|
"""
|
1956
1957
|
Time to live
|
1957
1958
|
"""
|
@@ -1959,7 +1960,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1959
1960
|
|
1960
1961
|
@property
|
1961
1962
|
@pulumi.getter(name="uriSans")
|
1962
|
-
def uri_sans(self) -> pulumi.Output[Optional[Sequence[str]]]:
|
1963
|
+
def uri_sans(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
|
1963
1964
|
"""
|
1964
1965
|
List of alternative URIs
|
1965
1966
|
"""
|
@@ -1967,7 +1968,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1967
1968
|
|
1968
1969
|
@property
|
1969
1970
|
@pulumi.getter(name="useCsrValues")
|
1970
|
-
def use_csr_values(self) -> pulumi.Output[Optional[bool]]:
|
1971
|
+
def use_csr_values(self) -> pulumi.Output[Optional[builtins.bool]]:
|
1971
1972
|
"""
|
1972
1973
|
Preserve CSR values
|
1973
1974
|
"""
|
@@ -1975,7 +1976,7 @@ class SecretBackendRootSignIntermediate(pulumi.CustomResource):
|
|
1975
1976
|
|
1976
1977
|
@property
|
1977
1978
|
@pulumi.getter(name="usePss")
|
1978
|
-
def use_pss(self) -> pulumi.Output[Optional[bool]]:
|
1979
|
+
def use_pss(self) -> pulumi.Output[Optional[builtins.bool]]:
|
1979
1980
|
"""
|
1980
1981
|
Specifies whether or not to use PSS signatures over PKCS#1v1.5 signatures when a RSA-type issuer is used.
|
1981
1982
|
"""
|