pulumi-vault 6.7.0a1743576047__py3-none-any.whl → 6.7.0a1744267302__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_vault/__init__.py +1 -0
- pulumi_vault/_inputs.py +554 -553
- pulumi_vault/ad/__init__.py +1 -0
- pulumi_vault/ad/get_access_credentials.py +20 -19
- pulumi_vault/ad/secret_backend.py +477 -476
- pulumi_vault/ad/secret_library.py +99 -98
- pulumi_vault/ad/secret_role.py +85 -84
- pulumi_vault/alicloud/__init__.py +1 -0
- pulumi_vault/alicloud/auth_backend_role.py +183 -182
- pulumi_vault/approle/__init__.py +1 -0
- pulumi_vault/approle/auth_backend_login.py +106 -105
- pulumi_vault/approle/auth_backend_role.py +239 -238
- pulumi_vault/approle/auth_backend_role_secret_id.py +162 -161
- pulumi_vault/approle/get_auth_backend_role_id.py +18 -17
- pulumi_vault/audit.py +85 -84
- pulumi_vault/audit_request_header.py +43 -42
- pulumi_vault/auth_backend.py +106 -105
- pulumi_vault/aws/__init__.py +1 -0
- pulumi_vault/aws/auth_backend_cert.py +71 -70
- pulumi_vault/aws/auth_backend_client.py +253 -252
- pulumi_vault/aws/auth_backend_config_identity.py +85 -84
- pulumi_vault/aws/auth_backend_identity_whitelist.py +57 -56
- pulumi_vault/aws/auth_backend_login.py +209 -208
- pulumi_vault/aws/auth_backend_role.py +400 -399
- pulumi_vault/aws/auth_backend_role_tag.py +127 -126
- pulumi_vault/aws/auth_backend_roletag_blacklist.py +57 -56
- pulumi_vault/aws/auth_backend_sts_role.py +71 -70
- pulumi_vault/aws/get_access_credentials.py +44 -43
- pulumi_vault/aws/get_static_access_credentials.py +13 -12
- pulumi_vault/aws/secret_backend.py +337 -336
- pulumi_vault/aws/secret_backend_role.py +211 -210
- pulumi_vault/aws/secret_backend_static_role.py +113 -112
- pulumi_vault/azure/__init__.py +1 -0
- pulumi_vault/azure/_inputs.py +21 -20
- pulumi_vault/azure/auth_backend_config.py +183 -182
- pulumi_vault/azure/auth_backend_role.py +253 -252
- pulumi_vault/azure/backend.py +239 -238
- pulumi_vault/azure/backend_role.py +141 -140
- pulumi_vault/azure/get_access_credentials.py +58 -57
- pulumi_vault/azure/outputs.py +11 -10
- pulumi_vault/cert_auth_backend_role.py +365 -364
- pulumi_vault/config/__init__.py +1 -0
- pulumi_vault/config/__init__.pyi +1 -0
- pulumi_vault/config/_inputs.py +11 -10
- pulumi_vault/config/outputs.py +287 -286
- pulumi_vault/config/ui_custom_message.py +113 -112
- pulumi_vault/config/vars.py +1 -0
- pulumi_vault/consul/__init__.py +1 -0
- pulumi_vault/consul/secret_backend.py +197 -196
- pulumi_vault/consul/secret_backend_role.py +183 -182
- pulumi_vault/database/__init__.py +1 -0
- pulumi_vault/database/_inputs.py +2525 -2524
- pulumi_vault/database/outputs.py +1529 -1528
- pulumi_vault/database/secret_backend_connection.py +169 -168
- pulumi_vault/database/secret_backend_role.py +169 -168
- pulumi_vault/database/secret_backend_static_role.py +179 -178
- pulumi_vault/database/secrets_mount.py +267 -266
- pulumi_vault/egp_policy.py +71 -70
- pulumi_vault/gcp/__init__.py +1 -0
- pulumi_vault/gcp/_inputs.py +82 -81
- pulumi_vault/gcp/auth_backend.py +260 -259
- pulumi_vault/gcp/auth_backend_role.py +281 -280
- pulumi_vault/gcp/get_auth_backend_role.py +70 -69
- pulumi_vault/gcp/outputs.py +50 -49
- pulumi_vault/gcp/secret_backend.py +232 -231
- pulumi_vault/gcp/secret_impersonated_account.py +92 -91
- pulumi_vault/gcp/secret_roleset.py +92 -91
- pulumi_vault/gcp/secret_static_account.py +92 -91
- pulumi_vault/generic/__init__.py +1 -0
- pulumi_vault/generic/endpoint.py +113 -112
- pulumi_vault/generic/get_secret.py +28 -27
- pulumi_vault/generic/secret.py +78 -77
- pulumi_vault/get_auth_backend.py +19 -18
- pulumi_vault/get_auth_backends.py +14 -13
- pulumi_vault/get_namespace.py +15 -14
- pulumi_vault/get_namespaces.py +8 -7
- pulumi_vault/get_nomad_access_token.py +19 -18
- pulumi_vault/get_policy_document.py +6 -5
- pulumi_vault/get_raft_autopilot_state.py +18 -17
- pulumi_vault/github/__init__.py +1 -0
- pulumi_vault/github/_inputs.py +42 -41
- pulumi_vault/github/auth_backend.py +232 -231
- pulumi_vault/github/outputs.py +26 -25
- pulumi_vault/github/team.py +57 -56
- pulumi_vault/github/user.py +57 -56
- pulumi_vault/identity/__init__.py +1 -0
- pulumi_vault/identity/entity.py +85 -84
- pulumi_vault/identity/entity_alias.py +71 -70
- pulumi_vault/identity/entity_policies.py +64 -63
- pulumi_vault/identity/get_entity.py +43 -42
- pulumi_vault/identity/get_group.py +50 -49
- pulumi_vault/identity/get_oidc_client_creds.py +14 -13
- pulumi_vault/identity/get_oidc_openid_config.py +24 -23
- pulumi_vault/identity/get_oidc_public_keys.py +13 -12
- pulumi_vault/identity/group.py +141 -140
- pulumi_vault/identity/group_alias.py +57 -56
- pulumi_vault/identity/group_member_entity_ids.py +57 -56
- pulumi_vault/identity/group_member_group_ids.py +57 -56
- pulumi_vault/identity/group_policies.py +64 -63
- pulumi_vault/identity/mfa_duo.py +148 -147
- pulumi_vault/identity/mfa_login_enforcement.py +120 -119
- pulumi_vault/identity/mfa_okta.py +134 -133
- pulumi_vault/identity/mfa_pingid.py +127 -126
- pulumi_vault/identity/mfa_totp.py +176 -175
- pulumi_vault/identity/oidc.py +29 -28
- pulumi_vault/identity/oidc_assignment.py +57 -56
- pulumi_vault/identity/oidc_client.py +127 -126
- pulumi_vault/identity/oidc_key.py +85 -84
- pulumi_vault/identity/oidc_key_allowed_client_id.py +43 -42
- pulumi_vault/identity/oidc_provider.py +92 -91
- pulumi_vault/identity/oidc_role.py +85 -84
- pulumi_vault/identity/oidc_scope.py +57 -56
- pulumi_vault/identity/outputs.py +32 -31
- pulumi_vault/jwt/__init__.py +1 -0
- pulumi_vault/jwt/_inputs.py +42 -41
- pulumi_vault/jwt/auth_backend.py +288 -287
- pulumi_vault/jwt/auth_backend_role.py +407 -406
- pulumi_vault/jwt/outputs.py +26 -25
- pulumi_vault/kmip/__init__.py +1 -0
- pulumi_vault/kmip/secret_backend.py +183 -182
- pulumi_vault/kmip/secret_role.py +295 -294
- pulumi_vault/kmip/secret_scope.py +57 -56
- pulumi_vault/kubernetes/__init__.py +1 -0
- pulumi_vault/kubernetes/auth_backend_config.py +141 -140
- pulumi_vault/kubernetes/auth_backend_role.py +225 -224
- pulumi_vault/kubernetes/get_auth_backend_config.py +47 -46
- pulumi_vault/kubernetes/get_auth_backend_role.py +70 -69
- pulumi_vault/kubernetes/get_service_account_token.py +38 -37
- pulumi_vault/kubernetes/secret_backend.py +316 -315
- pulumi_vault/kubernetes/secret_backend_role.py +197 -196
- pulumi_vault/kv/__init__.py +1 -0
- pulumi_vault/kv/_inputs.py +21 -20
- pulumi_vault/kv/get_secret.py +17 -16
- pulumi_vault/kv/get_secret_subkeys_v2.py +30 -29
- pulumi_vault/kv/get_secret_v2.py +29 -28
- pulumi_vault/kv/get_secrets_list.py +13 -12
- pulumi_vault/kv/get_secrets_list_v2.py +19 -18
- pulumi_vault/kv/outputs.py +13 -12
- pulumi_vault/kv/secret.py +50 -49
- pulumi_vault/kv/secret_backend_v2.py +71 -70
- pulumi_vault/kv/secret_v2.py +134 -133
- pulumi_vault/ldap/__init__.py +1 -0
- pulumi_vault/ldap/auth_backend.py +588 -587
- pulumi_vault/ldap/auth_backend_group.py +57 -56
- pulumi_vault/ldap/auth_backend_user.py +71 -70
- pulumi_vault/ldap/get_dynamic_credentials.py +17 -16
- pulumi_vault/ldap/get_static_credentials.py +18 -17
- pulumi_vault/ldap/secret_backend.py +554 -553
- pulumi_vault/ldap/secret_backend_dynamic_role.py +127 -126
- pulumi_vault/ldap/secret_backend_library_set.py +99 -98
- pulumi_vault/ldap/secret_backend_static_role.py +99 -98
- pulumi_vault/managed/__init__.py +1 -0
- pulumi_vault/managed/_inputs.py +229 -228
- pulumi_vault/managed/keys.py +15 -14
- pulumi_vault/managed/outputs.py +139 -138
- pulumi_vault/mfa_duo.py +113 -112
- pulumi_vault/mfa_okta.py +113 -112
- pulumi_vault/mfa_pingid.py +120 -119
- pulumi_vault/mfa_totp.py +127 -126
- pulumi_vault/mongodbatlas/__init__.py +1 -0
- pulumi_vault/mongodbatlas/secret_backend.py +64 -63
- pulumi_vault/mongodbatlas/secret_role.py +155 -154
- pulumi_vault/mount.py +274 -273
- pulumi_vault/namespace.py +64 -63
- pulumi_vault/nomad_secret_backend.py +211 -210
- pulumi_vault/nomad_secret_role.py +85 -84
- pulumi_vault/okta/__init__.py +1 -0
- pulumi_vault/okta/_inputs.py +26 -25
- pulumi_vault/okta/auth_backend.py +274 -273
- pulumi_vault/okta/auth_backend_group.py +57 -56
- pulumi_vault/okta/auth_backend_user.py +71 -70
- pulumi_vault/okta/outputs.py +16 -15
- pulumi_vault/outputs.py +56 -55
- pulumi_vault/password_policy.py +43 -42
- pulumi_vault/pkisecret/__init__.py +1 -0
- pulumi_vault/pkisecret/_inputs.py +31 -30
- pulumi_vault/pkisecret/backend_acme_eab.py +92 -91
- pulumi_vault/pkisecret/backend_config_acme.py +141 -140
- pulumi_vault/pkisecret/backend_config_auto_tidy.py +323 -322
- pulumi_vault/pkisecret/backend_config_cluster.py +57 -56
- pulumi_vault/pkisecret/backend_config_cmpv2.py +106 -105
- pulumi_vault/pkisecret/backend_config_est.py +120 -119
- pulumi_vault/pkisecret/get_backend_cert_metadata.py +22 -21
- pulumi_vault/pkisecret/get_backend_config_cmpv2.py +22 -21
- pulumi_vault/pkisecret/get_backend_config_est.py +19 -18
- pulumi_vault/pkisecret/get_backend_issuer.py +45 -44
- pulumi_vault/pkisecret/get_backend_issuers.py +15 -14
- pulumi_vault/pkisecret/get_backend_key.py +20 -19
- pulumi_vault/pkisecret/get_backend_keys.py +15 -14
- pulumi_vault/pkisecret/outputs.py +28 -27
- pulumi_vault/pkisecret/secret_backend_cert.py +337 -336
- pulumi_vault/pkisecret/secret_backend_config_ca.py +43 -42
- pulumi_vault/pkisecret/secret_backend_config_issuers.py +57 -56
- pulumi_vault/pkisecret/secret_backend_config_urls.py +85 -84
- pulumi_vault/pkisecret/secret_backend_crl_config.py +197 -196
- pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +421 -420
- pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +57 -56
- pulumi_vault/pkisecret/secret_backend_issuer.py +232 -231
- pulumi_vault/pkisecret/secret_backend_key.py +120 -119
- pulumi_vault/pkisecret/secret_backend_role.py +715 -714
- pulumi_vault/pkisecret/secret_backend_root_cert.py +554 -553
- pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +526 -525
- pulumi_vault/pkisecret/secret_backend_sign.py +281 -280
- pulumi_vault/plugin.py +127 -126
- pulumi_vault/plugin_pinned_version.py +43 -42
- pulumi_vault/policy.py +43 -42
- pulumi_vault/provider.py +120 -119
- pulumi_vault/pulumi-plugin.json +1 -1
- pulumi_vault/quota_lease_count.py +85 -84
- pulumi_vault/quota_rate_limit.py +113 -112
- pulumi_vault/rabbitmq/__init__.py +1 -0
- pulumi_vault/rabbitmq/_inputs.py +41 -40
- pulumi_vault/rabbitmq/outputs.py +25 -24
- pulumi_vault/rabbitmq/secret_backend.py +169 -168
- pulumi_vault/rabbitmq/secret_backend_role.py +57 -56
- pulumi_vault/raft_autopilot.py +113 -112
- pulumi_vault/raft_snapshot_agent_config.py +393 -392
- pulumi_vault/rgp_policy.py +57 -56
- pulumi_vault/saml/__init__.py +1 -0
- pulumi_vault/saml/auth_backend.py +155 -154
- pulumi_vault/saml/auth_backend_role.py +239 -238
- pulumi_vault/secrets/__init__.py +1 -0
- pulumi_vault/secrets/_inputs.py +16 -15
- pulumi_vault/secrets/outputs.py +10 -9
- pulumi_vault/secrets/sync_association.py +71 -70
- pulumi_vault/secrets/sync_aws_destination.py +148 -147
- pulumi_vault/secrets/sync_azure_destination.py +148 -147
- pulumi_vault/secrets/sync_config.py +43 -42
- pulumi_vault/secrets/sync_gcp_destination.py +106 -105
- pulumi_vault/secrets/sync_gh_destination.py +134 -133
- pulumi_vault/secrets/sync_github_apps.py +64 -63
- pulumi_vault/secrets/sync_vercel_destination.py +120 -119
- pulumi_vault/ssh/__init__.py +1 -0
- pulumi_vault/ssh/_inputs.py +11 -10
- pulumi_vault/ssh/get_secret_backend_sign.py +52 -51
- pulumi_vault/ssh/outputs.py +7 -6
- pulumi_vault/ssh/secret_backend_ca.py +99 -98
- pulumi_vault/ssh/secret_backend_role.py +365 -364
- pulumi_vault/terraformcloud/__init__.py +1 -0
- pulumi_vault/terraformcloud/secret_backend.py +111 -110
- pulumi_vault/terraformcloud/secret_creds.py +74 -73
- pulumi_vault/terraformcloud/secret_role.py +93 -92
- pulumi_vault/token.py +246 -245
- pulumi_vault/tokenauth/__init__.py +1 -0
- pulumi_vault/tokenauth/auth_backend_role.py +267 -266
- pulumi_vault/transform/__init__.py +1 -0
- pulumi_vault/transform/alphabet.py +57 -56
- pulumi_vault/transform/get_decode.py +47 -46
- pulumi_vault/transform/get_encode.py +47 -46
- pulumi_vault/transform/role.py +57 -56
- pulumi_vault/transform/template.py +113 -112
- pulumi_vault/transform/transformation.py +141 -140
- pulumi_vault/transit/__init__.py +1 -0
- pulumi_vault/transit/get_decrypt.py +18 -17
- pulumi_vault/transit/get_encrypt.py +21 -20
- pulumi_vault/transit/get_sign.py +54 -53
- pulumi_vault/transit/get_verify.py +60 -59
- pulumi_vault/transit/secret_backend_key.py +274 -273
- pulumi_vault/transit/secret_cache_config.py +43 -42
- {pulumi_vault-6.7.0a1743576047.dist-info → pulumi_vault-6.7.0a1744267302.dist-info}/METADATA +1 -1
- pulumi_vault-6.7.0a1744267302.dist-info/RECORD +265 -0
- pulumi_vault-6.7.0a1743576047.dist-info/RECORD +0 -265
- {pulumi_vault-6.7.0a1743576047.dist-info → pulumi_vault-6.7.0a1744267302.dist-info}/WHEEL +0 -0
- {pulumi_vault-6.7.0a1743576047.dist-info → pulumi_vault-6.7.0a1744267302.dist-info}/top_level.txt +0 -0
pulumi_vault/azure/backend.py
CHANGED
@@ -2,6 +2,7 @@
|
|
2
2
|
# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
|
3
3
|
# *** Do not edit by hand unless you're certain you know what you are doing! ***
|
4
4
|
|
5
|
+
import builtins
|
5
6
|
import copy
|
6
7
|
import warnings
|
7
8
|
import sys
|
@@ -19,56 +20,56 @@ __all__ = ['BackendArgs', 'Backend']
|
|
19
20
|
@pulumi.input_type
|
20
21
|
class BackendArgs:
|
21
22
|
def __init__(__self__, *,
|
22
|
-
subscription_id: pulumi.Input[str],
|
23
|
-
tenant_id: pulumi.Input[str],
|
24
|
-
client_id: Optional[pulumi.Input[str]] = None,
|
25
|
-
client_secret: Optional[pulumi.Input[str]] = None,
|
26
|
-
description: Optional[pulumi.Input[str]] = None,
|
27
|
-
disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
|
28
|
-
disable_remount: Optional[pulumi.Input[bool]] = None,
|
29
|
-
environment: Optional[pulumi.Input[str]] = None,
|
30
|
-
identity_token_audience: Optional[pulumi.Input[str]] = None,
|
31
|
-
identity_token_key: Optional[pulumi.Input[str]] = None,
|
32
|
-
identity_token_ttl: Optional[pulumi.Input[int]] = None,
|
33
|
-
namespace: Optional[pulumi.Input[str]] = None,
|
34
|
-
path: Optional[pulumi.Input[str]] = None,
|
35
|
-
rotation_period: Optional[pulumi.Input[int]] = None,
|
36
|
-
rotation_schedule: Optional[pulumi.Input[str]] = None,
|
37
|
-
rotation_window: Optional[pulumi.Input[int]] = None,
|
38
|
-
use_microsoft_graph_api: Optional[pulumi.Input[bool]] = None):
|
23
|
+
subscription_id: pulumi.Input[builtins.str],
|
24
|
+
tenant_id: pulumi.Input[builtins.str],
|
25
|
+
client_id: Optional[pulumi.Input[builtins.str]] = None,
|
26
|
+
client_secret: Optional[pulumi.Input[builtins.str]] = None,
|
27
|
+
description: Optional[pulumi.Input[builtins.str]] = None,
|
28
|
+
disable_automated_rotation: Optional[pulumi.Input[builtins.bool]] = None,
|
29
|
+
disable_remount: Optional[pulumi.Input[builtins.bool]] = None,
|
30
|
+
environment: Optional[pulumi.Input[builtins.str]] = None,
|
31
|
+
identity_token_audience: Optional[pulumi.Input[builtins.str]] = None,
|
32
|
+
identity_token_key: Optional[pulumi.Input[builtins.str]] = None,
|
33
|
+
identity_token_ttl: Optional[pulumi.Input[builtins.int]] = None,
|
34
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None,
|
35
|
+
path: Optional[pulumi.Input[builtins.str]] = None,
|
36
|
+
rotation_period: Optional[pulumi.Input[builtins.int]] = None,
|
37
|
+
rotation_schedule: Optional[pulumi.Input[builtins.str]] = None,
|
38
|
+
rotation_window: Optional[pulumi.Input[builtins.int]] = None,
|
39
|
+
use_microsoft_graph_api: Optional[pulumi.Input[builtins.bool]] = None):
|
39
40
|
"""
|
40
41
|
The set of arguments for constructing a Backend resource.
|
41
|
-
:param pulumi.Input[str] subscription_id: The subscription id for the Azure Active Directory.
|
42
|
-
:param pulumi.Input[str] tenant_id: The tenant id for the Azure Active Directory.
|
43
|
-
:param pulumi.Input[str] client_id: The OAuth2 client id to connect to Azure.
|
44
|
-
:param pulumi.Input[str] client_secret: The OAuth2 client secret to connect to Azure.
|
45
|
-
:param pulumi.Input[str] description: Human-friendly description of the mount for the backend.
|
46
|
-
:param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
42
|
+
:param pulumi.Input[builtins.str] subscription_id: The subscription id for the Azure Active Directory.
|
43
|
+
:param pulumi.Input[builtins.str] tenant_id: The tenant id for the Azure Active Directory.
|
44
|
+
:param pulumi.Input[builtins.str] client_id: The OAuth2 client id to connect to Azure.
|
45
|
+
:param pulumi.Input[builtins.str] client_secret: The OAuth2 client secret to connect to Azure.
|
46
|
+
:param pulumi.Input[builtins.str] description: Human-friendly description of the mount for the backend.
|
47
|
+
:param pulumi.Input[builtins.bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
47
48
|
*Available only for Vault Enterprise*
|
48
|
-
:param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
|
49
|
+
:param pulumi.Input[builtins.bool] disable_remount: If set, opts out of mount migration on path updates.
|
49
50
|
See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
|
50
|
-
:param pulumi.Input[str] environment: The Azure environment.
|
51
|
-
:param pulumi.Input[str] identity_token_audience: The audience claim value. Requires Vault 1.17+.
|
51
|
+
:param pulumi.Input[builtins.str] environment: The Azure environment.
|
52
|
+
:param pulumi.Input[builtins.str] identity_token_audience: The audience claim value. Requires Vault 1.17+.
|
52
53
|
*Available only for Vault Enterprise*
|
53
|
-
:param pulumi.Input[str] identity_token_key: The key to use for signing identity tokens. Requires Vault 1.17+.
|
54
|
+
:param pulumi.Input[builtins.str] identity_token_key: The key to use for signing identity tokens. Requires Vault 1.17+.
|
54
55
|
*Available only for Vault Enterprise*
|
55
|
-
:param pulumi.Input[int] identity_token_ttl: The TTL of generated identity tokens in seconds. Requires Vault 1.17+.
|
56
|
+
:param pulumi.Input[builtins.int] identity_token_ttl: The TTL of generated identity tokens in seconds. Requires Vault 1.17+.
|
56
57
|
*Available only for Vault Enterprise*
|
57
|
-
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
58
|
+
:param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
|
58
59
|
The value should not contain leading or trailing forward slashes.
|
59
60
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
60
61
|
*Available only for Vault Enterprise*.
|
61
|
-
:param pulumi.Input[str] path: The unique path this backend should be mounted at. Defaults to `azure`.
|
62
|
-
:param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
62
|
+
:param pulumi.Input[builtins.str] path: The unique path this backend should be mounted at. Defaults to `azure`.
|
63
|
+
:param pulumi.Input[builtins.int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
63
64
|
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
64
65
|
*Available only for Vault Enterprise*
|
65
|
-
:param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
66
|
+
:param pulumi.Input[builtins.str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
66
67
|
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
67
68
|
*Available only for Vault Enterprise*
|
68
|
-
:param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
|
69
|
+
:param pulumi.Input[builtins.int] rotation_window: The maximum amount of time in seconds allowed to complete
|
69
70
|
a rotation when a scheduled token rotation occurs. The default rotation window is
|
70
71
|
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+. *Available only for Vault Enterprise*
|
71
|
-
:param pulumi.Input[bool] use_microsoft_graph_api: Use the Microsoft Graph API. Should be set to true on vault-1.10+
|
72
|
+
:param pulumi.Input[builtins.bool] use_microsoft_graph_api: Use the Microsoft Graph API. Should be set to true on vault-1.10+
|
72
73
|
"""
|
73
74
|
pulumi.set(__self__, "subscription_id", subscription_id)
|
74
75
|
pulumi.set(__self__, "tenant_id", tenant_id)
|
@@ -108,67 +109,67 @@ class BackendArgs:
|
|
108
109
|
|
109
110
|
@property
|
110
111
|
@pulumi.getter(name="subscriptionId")
|
111
|
-
def subscription_id(self) -> pulumi.Input[str]:
|
112
|
+
def subscription_id(self) -> pulumi.Input[builtins.str]:
|
112
113
|
"""
|
113
114
|
The subscription id for the Azure Active Directory.
|
114
115
|
"""
|
115
116
|
return pulumi.get(self, "subscription_id")
|
116
117
|
|
117
118
|
@subscription_id.setter
|
118
|
-
def subscription_id(self, value: pulumi.Input[str]):
|
119
|
+
def subscription_id(self, value: pulumi.Input[builtins.str]):
|
119
120
|
pulumi.set(self, "subscription_id", value)
|
120
121
|
|
121
122
|
@property
|
122
123
|
@pulumi.getter(name="tenantId")
|
123
|
-
def tenant_id(self) -> pulumi.Input[str]:
|
124
|
+
def tenant_id(self) -> pulumi.Input[builtins.str]:
|
124
125
|
"""
|
125
126
|
The tenant id for the Azure Active Directory.
|
126
127
|
"""
|
127
128
|
return pulumi.get(self, "tenant_id")
|
128
129
|
|
129
130
|
@tenant_id.setter
|
130
|
-
def tenant_id(self, value: pulumi.Input[str]):
|
131
|
+
def tenant_id(self, value: pulumi.Input[builtins.str]):
|
131
132
|
pulumi.set(self, "tenant_id", value)
|
132
133
|
|
133
134
|
@property
|
134
135
|
@pulumi.getter(name="clientId")
|
135
|
-
def client_id(self) -> Optional[pulumi.Input[str]]:
|
136
|
+
def client_id(self) -> Optional[pulumi.Input[builtins.str]]:
|
136
137
|
"""
|
137
138
|
The OAuth2 client id to connect to Azure.
|
138
139
|
"""
|
139
140
|
return pulumi.get(self, "client_id")
|
140
141
|
|
141
142
|
@client_id.setter
|
142
|
-
def client_id(self, value: Optional[pulumi.Input[str]]):
|
143
|
+
def client_id(self, value: Optional[pulumi.Input[builtins.str]]):
|
143
144
|
pulumi.set(self, "client_id", value)
|
144
145
|
|
145
146
|
@property
|
146
147
|
@pulumi.getter(name="clientSecret")
|
147
|
-
def client_secret(self) -> Optional[pulumi.Input[str]]:
|
148
|
+
def client_secret(self) -> Optional[pulumi.Input[builtins.str]]:
|
148
149
|
"""
|
149
150
|
The OAuth2 client secret to connect to Azure.
|
150
151
|
"""
|
151
152
|
return pulumi.get(self, "client_secret")
|
152
153
|
|
153
154
|
@client_secret.setter
|
154
|
-
def client_secret(self, value: Optional[pulumi.Input[str]]):
|
155
|
+
def client_secret(self, value: Optional[pulumi.Input[builtins.str]]):
|
155
156
|
pulumi.set(self, "client_secret", value)
|
156
157
|
|
157
158
|
@property
|
158
159
|
@pulumi.getter
|
159
|
-
def description(self) -> Optional[pulumi.Input[str]]:
|
160
|
+
def description(self) -> Optional[pulumi.Input[builtins.str]]:
|
160
161
|
"""
|
161
162
|
Human-friendly description of the mount for the backend.
|
162
163
|
"""
|
163
164
|
return pulumi.get(self, "description")
|
164
165
|
|
165
166
|
@description.setter
|
166
|
-
def description(self, value: Optional[pulumi.Input[str]]):
|
167
|
+
def description(self, value: Optional[pulumi.Input[builtins.str]]):
|
167
168
|
pulumi.set(self, "description", value)
|
168
169
|
|
169
170
|
@property
|
170
171
|
@pulumi.getter(name="disableAutomatedRotation")
|
171
|
-
def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
|
172
|
+
def disable_automated_rotation(self) -> Optional[pulumi.Input[builtins.bool]]:
|
172
173
|
"""
|
173
174
|
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
174
175
|
*Available only for Vault Enterprise*
|
@@ -176,12 +177,12 @@ class BackendArgs:
|
|
176
177
|
return pulumi.get(self, "disable_automated_rotation")
|
177
178
|
|
178
179
|
@disable_automated_rotation.setter
|
179
|
-
def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
|
180
|
+
def disable_automated_rotation(self, value: Optional[pulumi.Input[builtins.bool]]):
|
180
181
|
pulumi.set(self, "disable_automated_rotation", value)
|
181
182
|
|
182
183
|
@property
|
183
184
|
@pulumi.getter(name="disableRemount")
|
184
|
-
def disable_remount(self) -> Optional[pulumi.Input[bool]]:
|
185
|
+
def disable_remount(self) -> Optional[pulumi.Input[builtins.bool]]:
|
185
186
|
"""
|
186
187
|
If set, opts out of mount migration on path updates.
|
187
188
|
See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
|
@@ -189,24 +190,24 @@ class BackendArgs:
|
|
189
190
|
return pulumi.get(self, "disable_remount")
|
190
191
|
|
191
192
|
@disable_remount.setter
|
192
|
-
def disable_remount(self, value: Optional[pulumi.Input[bool]]):
|
193
|
+
def disable_remount(self, value: Optional[pulumi.Input[builtins.bool]]):
|
193
194
|
pulumi.set(self, "disable_remount", value)
|
194
195
|
|
195
196
|
@property
|
196
197
|
@pulumi.getter
|
197
|
-
def environment(self) -> Optional[pulumi.Input[str]]:
|
198
|
+
def environment(self) -> Optional[pulumi.Input[builtins.str]]:
|
198
199
|
"""
|
199
200
|
The Azure environment.
|
200
201
|
"""
|
201
202
|
return pulumi.get(self, "environment")
|
202
203
|
|
203
204
|
@environment.setter
|
204
|
-
def environment(self, value: Optional[pulumi.Input[str]]):
|
205
|
+
def environment(self, value: Optional[pulumi.Input[builtins.str]]):
|
205
206
|
pulumi.set(self, "environment", value)
|
206
207
|
|
207
208
|
@property
|
208
209
|
@pulumi.getter(name="identityTokenAudience")
|
209
|
-
def identity_token_audience(self) -> Optional[pulumi.Input[str]]:
|
210
|
+
def identity_token_audience(self) -> Optional[pulumi.Input[builtins.str]]:
|
210
211
|
"""
|
211
212
|
The audience claim value. Requires Vault 1.17+.
|
212
213
|
*Available only for Vault Enterprise*
|
@@ -214,12 +215,12 @@ class BackendArgs:
|
|
214
215
|
return pulumi.get(self, "identity_token_audience")
|
215
216
|
|
216
217
|
@identity_token_audience.setter
|
217
|
-
def identity_token_audience(self, value: Optional[pulumi.Input[str]]):
|
218
|
+
def identity_token_audience(self, value: Optional[pulumi.Input[builtins.str]]):
|
218
219
|
pulumi.set(self, "identity_token_audience", value)
|
219
220
|
|
220
221
|
@property
|
221
222
|
@pulumi.getter(name="identityTokenKey")
|
222
|
-
def identity_token_key(self) -> Optional[pulumi.Input[str]]:
|
223
|
+
def identity_token_key(self) -> Optional[pulumi.Input[builtins.str]]:
|
223
224
|
"""
|
224
225
|
The key to use for signing identity tokens. Requires Vault 1.17+.
|
225
226
|
*Available only for Vault Enterprise*
|
@@ -227,12 +228,12 @@ class BackendArgs:
|
|
227
228
|
return pulumi.get(self, "identity_token_key")
|
228
229
|
|
229
230
|
@identity_token_key.setter
|
230
|
-
def identity_token_key(self, value: Optional[pulumi.Input[str]]):
|
231
|
+
def identity_token_key(self, value: Optional[pulumi.Input[builtins.str]]):
|
231
232
|
pulumi.set(self, "identity_token_key", value)
|
232
233
|
|
233
234
|
@property
|
234
235
|
@pulumi.getter(name="identityTokenTtl")
|
235
|
-
def identity_token_ttl(self) -> Optional[pulumi.Input[int]]:
|
236
|
+
def identity_token_ttl(self) -> Optional[pulumi.Input[builtins.int]]:
|
236
237
|
"""
|
237
238
|
The TTL of generated identity tokens in seconds. Requires Vault 1.17+.
|
238
239
|
*Available only for Vault Enterprise*
|
@@ -240,12 +241,12 @@ class BackendArgs:
|
|
240
241
|
return pulumi.get(self, "identity_token_ttl")
|
241
242
|
|
242
243
|
@identity_token_ttl.setter
|
243
|
-
def identity_token_ttl(self, value: Optional[pulumi.Input[int]]):
|
244
|
+
def identity_token_ttl(self, value: Optional[pulumi.Input[builtins.int]]):
|
244
245
|
pulumi.set(self, "identity_token_ttl", value)
|
245
246
|
|
246
247
|
@property
|
247
248
|
@pulumi.getter
|
248
|
-
def namespace(self) -> Optional[pulumi.Input[str]]:
|
249
|
+
def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
|
249
250
|
"""
|
250
251
|
The namespace to provision the resource in.
|
251
252
|
The value should not contain leading or trailing forward slashes.
|
@@ -255,24 +256,24 @@ class BackendArgs:
|
|
255
256
|
return pulumi.get(self, "namespace")
|
256
257
|
|
257
258
|
@namespace.setter
|
258
|
-
def namespace(self, value: Optional[pulumi.Input[str]]):
|
259
|
+
def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
|
259
260
|
pulumi.set(self, "namespace", value)
|
260
261
|
|
261
262
|
@property
|
262
263
|
@pulumi.getter
|
263
|
-
def path(self) -> Optional[pulumi.Input[str]]:
|
264
|
+
def path(self) -> Optional[pulumi.Input[builtins.str]]:
|
264
265
|
"""
|
265
266
|
The unique path this backend should be mounted at. Defaults to `azure`.
|
266
267
|
"""
|
267
268
|
return pulumi.get(self, "path")
|
268
269
|
|
269
270
|
@path.setter
|
270
|
-
def path(self, value: Optional[pulumi.Input[str]]):
|
271
|
+
def path(self, value: Optional[pulumi.Input[builtins.str]]):
|
271
272
|
pulumi.set(self, "path", value)
|
272
273
|
|
273
274
|
@property
|
274
275
|
@pulumi.getter(name="rotationPeriod")
|
275
|
-
def rotation_period(self) -> Optional[pulumi.Input[int]]:
|
276
|
+
def rotation_period(self) -> Optional[pulumi.Input[builtins.int]]:
|
276
277
|
"""
|
277
278
|
The amount of time in seconds Vault should wait before rotating the root credential.
|
278
279
|
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
@@ -281,12 +282,12 @@ class BackendArgs:
|
|
281
282
|
return pulumi.get(self, "rotation_period")
|
282
283
|
|
283
284
|
@rotation_period.setter
|
284
|
-
def rotation_period(self, value: Optional[pulumi.Input[int]]):
|
285
|
+
def rotation_period(self, value: Optional[pulumi.Input[builtins.int]]):
|
285
286
|
pulumi.set(self, "rotation_period", value)
|
286
287
|
|
287
288
|
@property
|
288
289
|
@pulumi.getter(name="rotationSchedule")
|
289
|
-
def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
|
290
|
+
def rotation_schedule(self) -> Optional[pulumi.Input[builtins.str]]:
|
290
291
|
"""
|
291
292
|
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
292
293
|
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
@@ -295,12 +296,12 @@ class BackendArgs:
|
|
295
296
|
return pulumi.get(self, "rotation_schedule")
|
296
297
|
|
297
298
|
@rotation_schedule.setter
|
298
|
-
def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
|
299
|
+
def rotation_schedule(self, value: Optional[pulumi.Input[builtins.str]]):
|
299
300
|
pulumi.set(self, "rotation_schedule", value)
|
300
301
|
|
301
302
|
@property
|
302
303
|
@pulumi.getter(name="rotationWindow")
|
303
|
-
def rotation_window(self) -> Optional[pulumi.Input[int]]:
|
304
|
+
def rotation_window(self) -> Optional[pulumi.Input[builtins.int]]:
|
304
305
|
"""
|
305
306
|
The maximum amount of time in seconds allowed to complete
|
306
307
|
a rotation when a scheduled token rotation occurs. The default rotation window is
|
@@ -309,76 +310,76 @@ class BackendArgs:
|
|
309
310
|
return pulumi.get(self, "rotation_window")
|
310
311
|
|
311
312
|
@rotation_window.setter
|
312
|
-
def rotation_window(self, value: Optional[pulumi.Input[int]]):
|
313
|
+
def rotation_window(self, value: Optional[pulumi.Input[builtins.int]]):
|
313
314
|
pulumi.set(self, "rotation_window", value)
|
314
315
|
|
315
316
|
@property
|
316
317
|
@pulumi.getter(name="useMicrosoftGraphApi")
|
317
318
|
@_utilities.deprecated("""This field is not supported in Vault-1.12+ and is the default behavior. This field will be removed in future version of the provider.""")
|
318
|
-
def use_microsoft_graph_api(self) -> Optional[pulumi.Input[bool]]:
|
319
|
+
def use_microsoft_graph_api(self) -> Optional[pulumi.Input[builtins.bool]]:
|
319
320
|
"""
|
320
321
|
Use the Microsoft Graph API. Should be set to true on vault-1.10+
|
321
322
|
"""
|
322
323
|
return pulumi.get(self, "use_microsoft_graph_api")
|
323
324
|
|
324
325
|
@use_microsoft_graph_api.setter
|
325
|
-
def use_microsoft_graph_api(self, value: Optional[pulumi.Input[bool]]):
|
326
|
+
def use_microsoft_graph_api(self, value: Optional[pulumi.Input[builtins.bool]]):
|
326
327
|
pulumi.set(self, "use_microsoft_graph_api", value)
|
327
328
|
|
328
329
|
|
329
330
|
@pulumi.input_type
|
330
331
|
class _BackendState:
|
331
332
|
def __init__(__self__, *,
|
332
|
-
client_id: Optional[pulumi.Input[str]] = None,
|
333
|
-
client_secret: Optional[pulumi.Input[str]] = None,
|
334
|
-
description: Optional[pulumi.Input[str]] = None,
|
335
|
-
disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
|
336
|
-
disable_remount: Optional[pulumi.Input[bool]] = None,
|
337
|
-
environment: Optional[pulumi.Input[str]] = None,
|
338
|
-
identity_token_audience: Optional[pulumi.Input[str]] = None,
|
339
|
-
identity_token_key: Optional[pulumi.Input[str]] = None,
|
340
|
-
identity_token_ttl: Optional[pulumi.Input[int]] = None,
|
341
|
-
namespace: Optional[pulumi.Input[str]] = None,
|
342
|
-
path: Optional[pulumi.Input[str]] = None,
|
343
|
-
rotation_period: Optional[pulumi.Input[int]] = None,
|
344
|
-
rotation_schedule: Optional[pulumi.Input[str]] = None,
|
345
|
-
rotation_window: Optional[pulumi.Input[int]] = None,
|
346
|
-
subscription_id: Optional[pulumi.Input[str]] = None,
|
347
|
-
tenant_id: Optional[pulumi.Input[str]] = None,
|
348
|
-
use_microsoft_graph_api: Optional[pulumi.Input[bool]] = None):
|
333
|
+
client_id: Optional[pulumi.Input[builtins.str]] = None,
|
334
|
+
client_secret: Optional[pulumi.Input[builtins.str]] = None,
|
335
|
+
description: Optional[pulumi.Input[builtins.str]] = None,
|
336
|
+
disable_automated_rotation: Optional[pulumi.Input[builtins.bool]] = None,
|
337
|
+
disable_remount: Optional[pulumi.Input[builtins.bool]] = None,
|
338
|
+
environment: Optional[pulumi.Input[builtins.str]] = None,
|
339
|
+
identity_token_audience: Optional[pulumi.Input[builtins.str]] = None,
|
340
|
+
identity_token_key: Optional[pulumi.Input[builtins.str]] = None,
|
341
|
+
identity_token_ttl: Optional[pulumi.Input[builtins.int]] = None,
|
342
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None,
|
343
|
+
path: Optional[pulumi.Input[builtins.str]] = None,
|
344
|
+
rotation_period: Optional[pulumi.Input[builtins.int]] = None,
|
345
|
+
rotation_schedule: Optional[pulumi.Input[builtins.str]] = None,
|
346
|
+
rotation_window: Optional[pulumi.Input[builtins.int]] = None,
|
347
|
+
subscription_id: Optional[pulumi.Input[builtins.str]] = None,
|
348
|
+
tenant_id: Optional[pulumi.Input[builtins.str]] = None,
|
349
|
+
use_microsoft_graph_api: Optional[pulumi.Input[builtins.bool]] = None):
|
349
350
|
"""
|
350
351
|
Input properties used for looking up and filtering Backend resources.
|
351
|
-
:param pulumi.Input[str] client_id: The OAuth2 client id to connect to Azure.
|
352
|
-
:param pulumi.Input[str] client_secret: The OAuth2 client secret to connect to Azure.
|
353
|
-
:param pulumi.Input[str] description: Human-friendly description of the mount for the backend.
|
354
|
-
:param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
352
|
+
:param pulumi.Input[builtins.str] client_id: The OAuth2 client id to connect to Azure.
|
353
|
+
:param pulumi.Input[builtins.str] client_secret: The OAuth2 client secret to connect to Azure.
|
354
|
+
:param pulumi.Input[builtins.str] description: Human-friendly description of the mount for the backend.
|
355
|
+
:param pulumi.Input[builtins.bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
355
356
|
*Available only for Vault Enterprise*
|
356
|
-
:param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
|
357
|
+
:param pulumi.Input[builtins.bool] disable_remount: If set, opts out of mount migration on path updates.
|
357
358
|
See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
|
358
|
-
:param pulumi.Input[str] environment: The Azure environment.
|
359
|
-
:param pulumi.Input[str] identity_token_audience: The audience claim value. Requires Vault 1.17+.
|
359
|
+
:param pulumi.Input[builtins.str] environment: The Azure environment.
|
360
|
+
:param pulumi.Input[builtins.str] identity_token_audience: The audience claim value. Requires Vault 1.17+.
|
360
361
|
*Available only for Vault Enterprise*
|
361
|
-
:param pulumi.Input[str] identity_token_key: The key to use for signing identity tokens. Requires Vault 1.17+.
|
362
|
+
:param pulumi.Input[builtins.str] identity_token_key: The key to use for signing identity tokens. Requires Vault 1.17+.
|
362
363
|
*Available only for Vault Enterprise*
|
363
|
-
:param pulumi.Input[int] identity_token_ttl: The TTL of generated identity tokens in seconds. Requires Vault 1.17+.
|
364
|
+
:param pulumi.Input[builtins.int] identity_token_ttl: The TTL of generated identity tokens in seconds. Requires Vault 1.17+.
|
364
365
|
*Available only for Vault Enterprise*
|
365
|
-
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
366
|
+
:param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
|
366
367
|
The value should not contain leading or trailing forward slashes.
|
367
368
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
368
369
|
*Available only for Vault Enterprise*.
|
369
|
-
:param pulumi.Input[str] path: The unique path this backend should be mounted at. Defaults to `azure`.
|
370
|
-
:param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
370
|
+
:param pulumi.Input[builtins.str] path: The unique path this backend should be mounted at. Defaults to `azure`.
|
371
|
+
:param pulumi.Input[builtins.int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
371
372
|
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
372
373
|
*Available only for Vault Enterprise*
|
373
|
-
:param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
374
|
+
:param pulumi.Input[builtins.str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
374
375
|
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
375
376
|
*Available only for Vault Enterprise*
|
376
|
-
:param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
|
377
|
+
:param pulumi.Input[builtins.int] rotation_window: The maximum amount of time in seconds allowed to complete
|
377
378
|
a rotation when a scheduled token rotation occurs. The default rotation window is
|
378
379
|
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+. *Available only for Vault Enterprise*
|
379
|
-
:param pulumi.Input[str] subscription_id: The subscription id for the Azure Active Directory.
|
380
|
-
:param pulumi.Input[str] tenant_id: The tenant id for the Azure Active Directory.
|
381
|
-
:param pulumi.Input[bool] use_microsoft_graph_api: Use the Microsoft Graph API. Should be set to true on vault-1.10+
|
380
|
+
:param pulumi.Input[builtins.str] subscription_id: The subscription id for the Azure Active Directory.
|
381
|
+
:param pulumi.Input[builtins.str] tenant_id: The tenant id for the Azure Active Directory.
|
382
|
+
:param pulumi.Input[builtins.bool] use_microsoft_graph_api: Use the Microsoft Graph API. Should be set to true on vault-1.10+
|
382
383
|
"""
|
383
384
|
if client_id is not None:
|
384
385
|
pulumi.set(__self__, "client_id", client_id)
|
@@ -420,43 +421,43 @@ class _BackendState:
|
|
420
421
|
|
421
422
|
@property
|
422
423
|
@pulumi.getter(name="clientId")
|
423
|
-
def client_id(self) -> Optional[pulumi.Input[str]]:
|
424
|
+
def client_id(self) -> Optional[pulumi.Input[builtins.str]]:
|
424
425
|
"""
|
425
426
|
The OAuth2 client id to connect to Azure.
|
426
427
|
"""
|
427
428
|
return pulumi.get(self, "client_id")
|
428
429
|
|
429
430
|
@client_id.setter
|
430
|
-
def client_id(self, value: Optional[pulumi.Input[str]]):
|
431
|
+
def client_id(self, value: Optional[pulumi.Input[builtins.str]]):
|
431
432
|
pulumi.set(self, "client_id", value)
|
432
433
|
|
433
434
|
@property
|
434
435
|
@pulumi.getter(name="clientSecret")
|
435
|
-
def client_secret(self) -> Optional[pulumi.Input[str]]:
|
436
|
+
def client_secret(self) -> Optional[pulumi.Input[builtins.str]]:
|
436
437
|
"""
|
437
438
|
The OAuth2 client secret to connect to Azure.
|
438
439
|
"""
|
439
440
|
return pulumi.get(self, "client_secret")
|
440
441
|
|
441
442
|
@client_secret.setter
|
442
|
-
def client_secret(self, value: Optional[pulumi.Input[str]]):
|
443
|
+
def client_secret(self, value: Optional[pulumi.Input[builtins.str]]):
|
443
444
|
pulumi.set(self, "client_secret", value)
|
444
445
|
|
445
446
|
@property
|
446
447
|
@pulumi.getter
|
447
|
-
def description(self) -> Optional[pulumi.Input[str]]:
|
448
|
+
def description(self) -> Optional[pulumi.Input[builtins.str]]:
|
448
449
|
"""
|
449
450
|
Human-friendly description of the mount for the backend.
|
450
451
|
"""
|
451
452
|
return pulumi.get(self, "description")
|
452
453
|
|
453
454
|
@description.setter
|
454
|
-
def description(self, value: Optional[pulumi.Input[str]]):
|
455
|
+
def description(self, value: Optional[pulumi.Input[builtins.str]]):
|
455
456
|
pulumi.set(self, "description", value)
|
456
457
|
|
457
458
|
@property
|
458
459
|
@pulumi.getter(name="disableAutomatedRotation")
|
459
|
-
def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
|
460
|
+
def disable_automated_rotation(self) -> Optional[pulumi.Input[builtins.bool]]:
|
460
461
|
"""
|
461
462
|
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
462
463
|
*Available only for Vault Enterprise*
|
@@ -464,12 +465,12 @@ class _BackendState:
|
|
464
465
|
return pulumi.get(self, "disable_automated_rotation")
|
465
466
|
|
466
467
|
@disable_automated_rotation.setter
|
467
|
-
def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
|
468
|
+
def disable_automated_rotation(self, value: Optional[pulumi.Input[builtins.bool]]):
|
468
469
|
pulumi.set(self, "disable_automated_rotation", value)
|
469
470
|
|
470
471
|
@property
|
471
472
|
@pulumi.getter(name="disableRemount")
|
472
|
-
def disable_remount(self) -> Optional[pulumi.Input[bool]]:
|
473
|
+
def disable_remount(self) -> Optional[pulumi.Input[builtins.bool]]:
|
473
474
|
"""
|
474
475
|
If set, opts out of mount migration on path updates.
|
475
476
|
See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
|
@@ -477,24 +478,24 @@ class _BackendState:
|
|
477
478
|
return pulumi.get(self, "disable_remount")
|
478
479
|
|
479
480
|
@disable_remount.setter
|
480
|
-
def disable_remount(self, value: Optional[pulumi.Input[bool]]):
|
481
|
+
def disable_remount(self, value: Optional[pulumi.Input[builtins.bool]]):
|
481
482
|
pulumi.set(self, "disable_remount", value)
|
482
483
|
|
483
484
|
@property
|
484
485
|
@pulumi.getter
|
485
|
-
def environment(self) -> Optional[pulumi.Input[str]]:
|
486
|
+
def environment(self) -> Optional[pulumi.Input[builtins.str]]:
|
486
487
|
"""
|
487
488
|
The Azure environment.
|
488
489
|
"""
|
489
490
|
return pulumi.get(self, "environment")
|
490
491
|
|
491
492
|
@environment.setter
|
492
|
-
def environment(self, value: Optional[pulumi.Input[str]]):
|
493
|
+
def environment(self, value: Optional[pulumi.Input[builtins.str]]):
|
493
494
|
pulumi.set(self, "environment", value)
|
494
495
|
|
495
496
|
@property
|
496
497
|
@pulumi.getter(name="identityTokenAudience")
|
497
|
-
def identity_token_audience(self) -> Optional[pulumi.Input[str]]:
|
498
|
+
def identity_token_audience(self) -> Optional[pulumi.Input[builtins.str]]:
|
498
499
|
"""
|
499
500
|
The audience claim value. Requires Vault 1.17+.
|
500
501
|
*Available only for Vault Enterprise*
|
@@ -502,12 +503,12 @@ class _BackendState:
|
|
502
503
|
return pulumi.get(self, "identity_token_audience")
|
503
504
|
|
504
505
|
@identity_token_audience.setter
|
505
|
-
def identity_token_audience(self, value: Optional[pulumi.Input[str]]):
|
506
|
+
def identity_token_audience(self, value: Optional[pulumi.Input[builtins.str]]):
|
506
507
|
pulumi.set(self, "identity_token_audience", value)
|
507
508
|
|
508
509
|
@property
|
509
510
|
@pulumi.getter(name="identityTokenKey")
|
510
|
-
def identity_token_key(self) -> Optional[pulumi.Input[str]]:
|
511
|
+
def identity_token_key(self) -> Optional[pulumi.Input[builtins.str]]:
|
511
512
|
"""
|
512
513
|
The key to use for signing identity tokens. Requires Vault 1.17+.
|
513
514
|
*Available only for Vault Enterprise*
|
@@ -515,12 +516,12 @@ class _BackendState:
|
|
515
516
|
return pulumi.get(self, "identity_token_key")
|
516
517
|
|
517
518
|
@identity_token_key.setter
|
518
|
-
def identity_token_key(self, value: Optional[pulumi.Input[str]]):
|
519
|
+
def identity_token_key(self, value: Optional[pulumi.Input[builtins.str]]):
|
519
520
|
pulumi.set(self, "identity_token_key", value)
|
520
521
|
|
521
522
|
@property
|
522
523
|
@pulumi.getter(name="identityTokenTtl")
|
523
|
-
def identity_token_ttl(self) -> Optional[pulumi.Input[int]]:
|
524
|
+
def identity_token_ttl(self) -> Optional[pulumi.Input[builtins.int]]:
|
524
525
|
"""
|
525
526
|
The TTL of generated identity tokens in seconds. Requires Vault 1.17+.
|
526
527
|
*Available only for Vault Enterprise*
|
@@ -528,12 +529,12 @@ class _BackendState:
|
|
528
529
|
return pulumi.get(self, "identity_token_ttl")
|
529
530
|
|
530
531
|
@identity_token_ttl.setter
|
531
|
-
def identity_token_ttl(self, value: Optional[pulumi.Input[int]]):
|
532
|
+
def identity_token_ttl(self, value: Optional[pulumi.Input[builtins.int]]):
|
532
533
|
pulumi.set(self, "identity_token_ttl", value)
|
533
534
|
|
534
535
|
@property
|
535
536
|
@pulumi.getter
|
536
|
-
def namespace(self) -> Optional[pulumi.Input[str]]:
|
537
|
+
def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
|
537
538
|
"""
|
538
539
|
The namespace to provision the resource in.
|
539
540
|
The value should not contain leading or trailing forward slashes.
|
@@ -543,24 +544,24 @@ class _BackendState:
|
|
543
544
|
return pulumi.get(self, "namespace")
|
544
545
|
|
545
546
|
@namespace.setter
|
546
|
-
def namespace(self, value: Optional[pulumi.Input[str]]):
|
547
|
+
def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
|
547
548
|
pulumi.set(self, "namespace", value)
|
548
549
|
|
549
550
|
@property
|
550
551
|
@pulumi.getter
|
551
|
-
def path(self) -> Optional[pulumi.Input[str]]:
|
552
|
+
def path(self) -> Optional[pulumi.Input[builtins.str]]:
|
552
553
|
"""
|
553
554
|
The unique path this backend should be mounted at. Defaults to `azure`.
|
554
555
|
"""
|
555
556
|
return pulumi.get(self, "path")
|
556
557
|
|
557
558
|
@path.setter
|
558
|
-
def path(self, value: Optional[pulumi.Input[str]]):
|
559
|
+
def path(self, value: Optional[pulumi.Input[builtins.str]]):
|
559
560
|
pulumi.set(self, "path", value)
|
560
561
|
|
561
562
|
@property
|
562
563
|
@pulumi.getter(name="rotationPeriod")
|
563
|
-
def rotation_period(self) -> Optional[pulumi.Input[int]]:
|
564
|
+
def rotation_period(self) -> Optional[pulumi.Input[builtins.int]]:
|
564
565
|
"""
|
565
566
|
The amount of time in seconds Vault should wait before rotating the root credential.
|
566
567
|
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
@@ -569,12 +570,12 @@ class _BackendState:
|
|
569
570
|
return pulumi.get(self, "rotation_period")
|
570
571
|
|
571
572
|
@rotation_period.setter
|
572
|
-
def rotation_period(self, value: Optional[pulumi.Input[int]]):
|
573
|
+
def rotation_period(self, value: Optional[pulumi.Input[builtins.int]]):
|
573
574
|
pulumi.set(self, "rotation_period", value)
|
574
575
|
|
575
576
|
@property
|
576
577
|
@pulumi.getter(name="rotationSchedule")
|
577
|
-
def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
|
578
|
+
def rotation_schedule(self) -> Optional[pulumi.Input[builtins.str]]:
|
578
579
|
"""
|
579
580
|
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
580
581
|
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
@@ -583,12 +584,12 @@ class _BackendState:
|
|
583
584
|
return pulumi.get(self, "rotation_schedule")
|
584
585
|
|
585
586
|
@rotation_schedule.setter
|
586
|
-
def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
|
587
|
+
def rotation_schedule(self, value: Optional[pulumi.Input[builtins.str]]):
|
587
588
|
pulumi.set(self, "rotation_schedule", value)
|
588
589
|
|
589
590
|
@property
|
590
591
|
@pulumi.getter(name="rotationWindow")
|
591
|
-
def rotation_window(self) -> Optional[pulumi.Input[int]]:
|
592
|
+
def rotation_window(self) -> Optional[pulumi.Input[builtins.int]]:
|
592
593
|
"""
|
593
594
|
The maximum amount of time in seconds allowed to complete
|
594
595
|
a rotation when a scheduled token rotation occurs. The default rotation window is
|
@@ -597,44 +598,44 @@ class _BackendState:
|
|
597
598
|
return pulumi.get(self, "rotation_window")
|
598
599
|
|
599
600
|
@rotation_window.setter
|
600
|
-
def rotation_window(self, value: Optional[pulumi.Input[int]]):
|
601
|
+
def rotation_window(self, value: Optional[pulumi.Input[builtins.int]]):
|
601
602
|
pulumi.set(self, "rotation_window", value)
|
602
603
|
|
603
604
|
@property
|
604
605
|
@pulumi.getter(name="subscriptionId")
|
605
|
-
def subscription_id(self) -> Optional[pulumi.Input[str]]:
|
606
|
+
def subscription_id(self) -> Optional[pulumi.Input[builtins.str]]:
|
606
607
|
"""
|
607
608
|
The subscription id for the Azure Active Directory.
|
608
609
|
"""
|
609
610
|
return pulumi.get(self, "subscription_id")
|
610
611
|
|
611
612
|
@subscription_id.setter
|
612
|
-
def subscription_id(self, value: Optional[pulumi.Input[str]]):
|
613
|
+
def subscription_id(self, value: Optional[pulumi.Input[builtins.str]]):
|
613
614
|
pulumi.set(self, "subscription_id", value)
|
614
615
|
|
615
616
|
@property
|
616
617
|
@pulumi.getter(name="tenantId")
|
617
|
-
def tenant_id(self) -> Optional[pulumi.Input[str]]:
|
618
|
+
def tenant_id(self) -> Optional[pulumi.Input[builtins.str]]:
|
618
619
|
"""
|
619
620
|
The tenant id for the Azure Active Directory.
|
620
621
|
"""
|
621
622
|
return pulumi.get(self, "tenant_id")
|
622
623
|
|
623
624
|
@tenant_id.setter
|
624
|
-
def tenant_id(self, value: Optional[pulumi.Input[str]]):
|
625
|
+
def tenant_id(self, value: Optional[pulumi.Input[builtins.str]]):
|
625
626
|
pulumi.set(self, "tenant_id", value)
|
626
627
|
|
627
628
|
@property
|
628
629
|
@pulumi.getter(name="useMicrosoftGraphApi")
|
629
630
|
@_utilities.deprecated("""This field is not supported in Vault-1.12+ and is the default behavior. This field will be removed in future version of the provider.""")
|
630
|
-
def use_microsoft_graph_api(self) -> Optional[pulumi.Input[bool]]:
|
631
|
+
def use_microsoft_graph_api(self) -> Optional[pulumi.Input[builtins.bool]]:
|
631
632
|
"""
|
632
633
|
Use the Microsoft Graph API. Should be set to true on vault-1.10+
|
633
634
|
"""
|
634
635
|
return pulumi.get(self, "use_microsoft_graph_api")
|
635
636
|
|
636
637
|
@use_microsoft_graph_api.setter
|
637
|
-
def use_microsoft_graph_api(self, value: Optional[pulumi.Input[bool]]):
|
638
|
+
def use_microsoft_graph_api(self, value: Optional[pulumi.Input[builtins.bool]]):
|
638
639
|
pulumi.set(self, "use_microsoft_graph_api", value)
|
639
640
|
|
640
641
|
|
@@ -643,23 +644,23 @@ class Backend(pulumi.CustomResource):
|
|
643
644
|
def __init__(__self__,
|
644
645
|
resource_name: str,
|
645
646
|
opts: Optional[pulumi.ResourceOptions] = None,
|
646
|
-
client_id: Optional[pulumi.Input[str]] = None,
|
647
|
-
client_secret: Optional[pulumi.Input[str]] = None,
|
648
|
-
description: Optional[pulumi.Input[str]] = None,
|
649
|
-
disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
|
650
|
-
disable_remount: Optional[pulumi.Input[bool]] = None,
|
651
|
-
environment: Optional[pulumi.Input[str]] = None,
|
652
|
-
identity_token_audience: Optional[pulumi.Input[str]] = None,
|
653
|
-
identity_token_key: Optional[pulumi.Input[str]] = None,
|
654
|
-
identity_token_ttl: Optional[pulumi.Input[int]] = None,
|
655
|
-
namespace: Optional[pulumi.Input[str]] = None,
|
656
|
-
path: Optional[pulumi.Input[str]] = None,
|
657
|
-
rotation_period: Optional[pulumi.Input[int]] = None,
|
658
|
-
rotation_schedule: Optional[pulumi.Input[str]] = None,
|
659
|
-
rotation_window: Optional[pulumi.Input[int]] = None,
|
660
|
-
subscription_id: Optional[pulumi.Input[str]] = None,
|
661
|
-
tenant_id: Optional[pulumi.Input[str]] = None,
|
662
|
-
use_microsoft_graph_api: Optional[pulumi.Input[bool]] = None,
|
647
|
+
client_id: Optional[pulumi.Input[builtins.str]] = None,
|
648
|
+
client_secret: Optional[pulumi.Input[builtins.str]] = None,
|
649
|
+
description: Optional[pulumi.Input[builtins.str]] = None,
|
650
|
+
disable_automated_rotation: Optional[pulumi.Input[builtins.bool]] = None,
|
651
|
+
disable_remount: Optional[pulumi.Input[builtins.bool]] = None,
|
652
|
+
environment: Optional[pulumi.Input[builtins.str]] = None,
|
653
|
+
identity_token_audience: Optional[pulumi.Input[builtins.str]] = None,
|
654
|
+
identity_token_key: Optional[pulumi.Input[builtins.str]] = None,
|
655
|
+
identity_token_ttl: Optional[pulumi.Input[builtins.int]] = None,
|
656
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None,
|
657
|
+
path: Optional[pulumi.Input[builtins.str]] = None,
|
658
|
+
rotation_period: Optional[pulumi.Input[builtins.int]] = None,
|
659
|
+
rotation_schedule: Optional[pulumi.Input[builtins.str]] = None,
|
660
|
+
rotation_window: Optional[pulumi.Input[builtins.int]] = None,
|
661
|
+
subscription_id: Optional[pulumi.Input[builtins.str]] = None,
|
662
|
+
tenant_id: Optional[pulumi.Input[builtins.str]] = None,
|
663
|
+
use_microsoft_graph_api: Optional[pulumi.Input[builtins.bool]] = None,
|
663
664
|
__props__=None):
|
664
665
|
"""
|
665
666
|
## Example Usage
|
@@ -713,37 +714,37 @@ class Backend(pulumi.CustomResource):
|
|
713
714
|
|
714
715
|
:param str resource_name: The name of the resource.
|
715
716
|
:param pulumi.ResourceOptions opts: Options for the resource.
|
716
|
-
:param pulumi.Input[str] client_id: The OAuth2 client id to connect to Azure.
|
717
|
-
:param pulumi.Input[str] client_secret: The OAuth2 client secret to connect to Azure.
|
718
|
-
:param pulumi.Input[str] description: Human-friendly description of the mount for the backend.
|
719
|
-
:param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
717
|
+
:param pulumi.Input[builtins.str] client_id: The OAuth2 client id to connect to Azure.
|
718
|
+
:param pulumi.Input[builtins.str] client_secret: The OAuth2 client secret to connect to Azure.
|
719
|
+
:param pulumi.Input[builtins.str] description: Human-friendly description of the mount for the backend.
|
720
|
+
:param pulumi.Input[builtins.bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
720
721
|
*Available only for Vault Enterprise*
|
721
|
-
:param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
|
722
|
+
:param pulumi.Input[builtins.bool] disable_remount: If set, opts out of mount migration on path updates.
|
722
723
|
See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
|
723
|
-
:param pulumi.Input[str] environment: The Azure environment.
|
724
|
-
:param pulumi.Input[str] identity_token_audience: The audience claim value. Requires Vault 1.17+.
|
724
|
+
:param pulumi.Input[builtins.str] environment: The Azure environment.
|
725
|
+
:param pulumi.Input[builtins.str] identity_token_audience: The audience claim value. Requires Vault 1.17+.
|
725
726
|
*Available only for Vault Enterprise*
|
726
|
-
:param pulumi.Input[str] identity_token_key: The key to use for signing identity tokens. Requires Vault 1.17+.
|
727
|
+
:param pulumi.Input[builtins.str] identity_token_key: The key to use for signing identity tokens. Requires Vault 1.17+.
|
727
728
|
*Available only for Vault Enterprise*
|
728
|
-
:param pulumi.Input[int] identity_token_ttl: The TTL of generated identity tokens in seconds. Requires Vault 1.17+.
|
729
|
+
:param pulumi.Input[builtins.int] identity_token_ttl: The TTL of generated identity tokens in seconds. Requires Vault 1.17+.
|
729
730
|
*Available only for Vault Enterprise*
|
730
|
-
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
731
|
+
:param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
|
731
732
|
The value should not contain leading or trailing forward slashes.
|
732
733
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
733
734
|
*Available only for Vault Enterprise*.
|
734
|
-
:param pulumi.Input[str] path: The unique path this backend should be mounted at. Defaults to `azure`.
|
735
|
-
:param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
735
|
+
:param pulumi.Input[builtins.str] path: The unique path this backend should be mounted at. Defaults to `azure`.
|
736
|
+
:param pulumi.Input[builtins.int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
736
737
|
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
737
738
|
*Available only for Vault Enterprise*
|
738
|
-
:param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
739
|
+
:param pulumi.Input[builtins.str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
739
740
|
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
740
741
|
*Available only for Vault Enterprise*
|
741
|
-
:param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
|
742
|
+
:param pulumi.Input[builtins.int] rotation_window: The maximum amount of time in seconds allowed to complete
|
742
743
|
a rotation when a scheduled token rotation occurs. The default rotation window is
|
743
744
|
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+. *Available only for Vault Enterprise*
|
744
|
-
:param pulumi.Input[str] subscription_id: The subscription id for the Azure Active Directory.
|
745
|
-
:param pulumi.Input[str] tenant_id: The tenant id for the Azure Active Directory.
|
746
|
-
:param pulumi.Input[bool] use_microsoft_graph_api: Use the Microsoft Graph API. Should be set to true on vault-1.10+
|
745
|
+
:param pulumi.Input[builtins.str] subscription_id: The subscription id for the Azure Active Directory.
|
746
|
+
:param pulumi.Input[builtins.str] tenant_id: The tenant id for the Azure Active Directory.
|
747
|
+
:param pulumi.Input[builtins.bool] use_microsoft_graph_api: Use the Microsoft Graph API. Should be set to true on vault-1.10+
|
747
748
|
"""
|
748
749
|
...
|
749
750
|
@overload
|
@@ -816,23 +817,23 @@ class Backend(pulumi.CustomResource):
|
|
816
817
|
def _internal_init(__self__,
|
817
818
|
resource_name: str,
|
818
819
|
opts: Optional[pulumi.ResourceOptions] = None,
|
819
|
-
client_id: Optional[pulumi.Input[str]] = None,
|
820
|
-
client_secret: Optional[pulumi.Input[str]] = None,
|
821
|
-
description: Optional[pulumi.Input[str]] = None,
|
822
|
-
disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
|
823
|
-
disable_remount: Optional[pulumi.Input[bool]] = None,
|
824
|
-
environment: Optional[pulumi.Input[str]] = None,
|
825
|
-
identity_token_audience: Optional[pulumi.Input[str]] = None,
|
826
|
-
identity_token_key: Optional[pulumi.Input[str]] = None,
|
827
|
-
identity_token_ttl: Optional[pulumi.Input[int]] = None,
|
828
|
-
namespace: Optional[pulumi.Input[str]] = None,
|
829
|
-
path: Optional[pulumi.Input[str]] = None,
|
830
|
-
rotation_period: Optional[pulumi.Input[int]] = None,
|
831
|
-
rotation_schedule: Optional[pulumi.Input[str]] = None,
|
832
|
-
rotation_window: Optional[pulumi.Input[int]] = None,
|
833
|
-
subscription_id: Optional[pulumi.Input[str]] = None,
|
834
|
-
tenant_id: Optional[pulumi.Input[str]] = None,
|
835
|
-
use_microsoft_graph_api: Optional[pulumi.Input[bool]] = None,
|
820
|
+
client_id: Optional[pulumi.Input[builtins.str]] = None,
|
821
|
+
client_secret: Optional[pulumi.Input[builtins.str]] = None,
|
822
|
+
description: Optional[pulumi.Input[builtins.str]] = None,
|
823
|
+
disable_automated_rotation: Optional[pulumi.Input[builtins.bool]] = None,
|
824
|
+
disable_remount: Optional[pulumi.Input[builtins.bool]] = None,
|
825
|
+
environment: Optional[pulumi.Input[builtins.str]] = None,
|
826
|
+
identity_token_audience: Optional[pulumi.Input[builtins.str]] = None,
|
827
|
+
identity_token_key: Optional[pulumi.Input[builtins.str]] = None,
|
828
|
+
identity_token_ttl: Optional[pulumi.Input[builtins.int]] = None,
|
829
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None,
|
830
|
+
path: Optional[pulumi.Input[builtins.str]] = None,
|
831
|
+
rotation_period: Optional[pulumi.Input[builtins.int]] = None,
|
832
|
+
rotation_schedule: Optional[pulumi.Input[builtins.str]] = None,
|
833
|
+
rotation_window: Optional[pulumi.Input[builtins.int]] = None,
|
834
|
+
subscription_id: Optional[pulumi.Input[builtins.str]] = None,
|
835
|
+
tenant_id: Optional[pulumi.Input[builtins.str]] = None,
|
836
|
+
use_microsoft_graph_api: Optional[pulumi.Input[builtins.bool]] = None,
|
836
837
|
__props__=None):
|
837
838
|
opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
|
838
839
|
if not isinstance(opts, pulumi.ResourceOptions):
|
@@ -875,23 +876,23 @@ class Backend(pulumi.CustomResource):
|
|
875
876
|
def get(resource_name: str,
|
876
877
|
id: pulumi.Input[str],
|
877
878
|
opts: Optional[pulumi.ResourceOptions] = None,
|
878
|
-
client_id: Optional[pulumi.Input[str]] = None,
|
879
|
-
client_secret: Optional[pulumi.Input[str]] = None,
|
880
|
-
description: Optional[pulumi.Input[str]] = None,
|
881
|
-
disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
|
882
|
-
disable_remount: Optional[pulumi.Input[bool]] = None,
|
883
|
-
environment: Optional[pulumi.Input[str]] = None,
|
884
|
-
identity_token_audience: Optional[pulumi.Input[str]] = None,
|
885
|
-
identity_token_key: Optional[pulumi.Input[str]] = None,
|
886
|
-
identity_token_ttl: Optional[pulumi.Input[int]] = None,
|
887
|
-
namespace: Optional[pulumi.Input[str]] = None,
|
888
|
-
path: Optional[pulumi.Input[str]] = None,
|
889
|
-
rotation_period: Optional[pulumi.Input[int]] = None,
|
890
|
-
rotation_schedule: Optional[pulumi.Input[str]] = None,
|
891
|
-
rotation_window: Optional[pulumi.Input[int]] = None,
|
892
|
-
subscription_id: Optional[pulumi.Input[str]] = None,
|
893
|
-
tenant_id: Optional[pulumi.Input[str]] = None,
|
894
|
-
use_microsoft_graph_api: Optional[pulumi.Input[bool]] = None) -> 'Backend':
|
879
|
+
client_id: Optional[pulumi.Input[builtins.str]] = None,
|
880
|
+
client_secret: Optional[pulumi.Input[builtins.str]] = None,
|
881
|
+
description: Optional[pulumi.Input[builtins.str]] = None,
|
882
|
+
disable_automated_rotation: Optional[pulumi.Input[builtins.bool]] = None,
|
883
|
+
disable_remount: Optional[pulumi.Input[builtins.bool]] = None,
|
884
|
+
environment: Optional[pulumi.Input[builtins.str]] = None,
|
885
|
+
identity_token_audience: Optional[pulumi.Input[builtins.str]] = None,
|
886
|
+
identity_token_key: Optional[pulumi.Input[builtins.str]] = None,
|
887
|
+
identity_token_ttl: Optional[pulumi.Input[builtins.int]] = None,
|
888
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None,
|
889
|
+
path: Optional[pulumi.Input[builtins.str]] = None,
|
890
|
+
rotation_period: Optional[pulumi.Input[builtins.int]] = None,
|
891
|
+
rotation_schedule: Optional[pulumi.Input[builtins.str]] = None,
|
892
|
+
rotation_window: Optional[pulumi.Input[builtins.int]] = None,
|
893
|
+
subscription_id: Optional[pulumi.Input[builtins.str]] = None,
|
894
|
+
tenant_id: Optional[pulumi.Input[builtins.str]] = None,
|
895
|
+
use_microsoft_graph_api: Optional[pulumi.Input[builtins.bool]] = None) -> 'Backend':
|
895
896
|
"""
|
896
897
|
Get an existing Backend resource's state with the given name, id, and optional extra
|
897
898
|
properties used to qualify the lookup.
|
@@ -899,37 +900,37 @@ class Backend(pulumi.CustomResource):
|
|
899
900
|
:param str resource_name: The unique name of the resulting resource.
|
900
901
|
:param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
|
901
902
|
:param pulumi.ResourceOptions opts: Options for the resource.
|
902
|
-
:param pulumi.Input[str] client_id: The OAuth2 client id to connect to Azure.
|
903
|
-
:param pulumi.Input[str] client_secret: The OAuth2 client secret to connect to Azure.
|
904
|
-
:param pulumi.Input[str] description: Human-friendly description of the mount for the backend.
|
905
|
-
:param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
903
|
+
:param pulumi.Input[builtins.str] client_id: The OAuth2 client id to connect to Azure.
|
904
|
+
:param pulumi.Input[builtins.str] client_secret: The OAuth2 client secret to connect to Azure.
|
905
|
+
:param pulumi.Input[builtins.str] description: Human-friendly description of the mount for the backend.
|
906
|
+
:param pulumi.Input[builtins.bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
906
907
|
*Available only for Vault Enterprise*
|
907
|
-
:param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
|
908
|
+
:param pulumi.Input[builtins.bool] disable_remount: If set, opts out of mount migration on path updates.
|
908
909
|
See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
|
909
|
-
:param pulumi.Input[str] environment: The Azure environment.
|
910
|
-
:param pulumi.Input[str] identity_token_audience: The audience claim value. Requires Vault 1.17+.
|
910
|
+
:param pulumi.Input[builtins.str] environment: The Azure environment.
|
911
|
+
:param pulumi.Input[builtins.str] identity_token_audience: The audience claim value. Requires Vault 1.17+.
|
911
912
|
*Available only for Vault Enterprise*
|
912
|
-
:param pulumi.Input[str] identity_token_key: The key to use for signing identity tokens. Requires Vault 1.17+.
|
913
|
+
:param pulumi.Input[builtins.str] identity_token_key: The key to use for signing identity tokens. Requires Vault 1.17+.
|
913
914
|
*Available only for Vault Enterprise*
|
914
|
-
:param pulumi.Input[int] identity_token_ttl: The TTL of generated identity tokens in seconds. Requires Vault 1.17+.
|
915
|
+
:param pulumi.Input[builtins.int] identity_token_ttl: The TTL of generated identity tokens in seconds. Requires Vault 1.17+.
|
915
916
|
*Available only for Vault Enterprise*
|
916
|
-
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
917
|
+
:param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
|
917
918
|
The value should not contain leading or trailing forward slashes.
|
918
919
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
919
920
|
*Available only for Vault Enterprise*.
|
920
|
-
:param pulumi.Input[str] path: The unique path this backend should be mounted at. Defaults to `azure`.
|
921
|
-
:param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
921
|
+
:param pulumi.Input[builtins.str] path: The unique path this backend should be mounted at. Defaults to `azure`.
|
922
|
+
:param pulumi.Input[builtins.int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
|
922
923
|
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
923
924
|
*Available only for Vault Enterprise*
|
924
|
-
:param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
925
|
+
:param pulumi.Input[builtins.str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
925
926
|
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
926
927
|
*Available only for Vault Enterprise*
|
927
|
-
:param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
|
928
|
+
:param pulumi.Input[builtins.int] rotation_window: The maximum amount of time in seconds allowed to complete
|
928
929
|
a rotation when a scheduled token rotation occurs. The default rotation window is
|
929
930
|
unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+. *Available only for Vault Enterprise*
|
930
|
-
:param pulumi.Input[str] subscription_id: The subscription id for the Azure Active Directory.
|
931
|
-
:param pulumi.Input[str] tenant_id: The tenant id for the Azure Active Directory.
|
932
|
-
:param pulumi.Input[bool] use_microsoft_graph_api: Use the Microsoft Graph API. Should be set to true on vault-1.10+
|
931
|
+
:param pulumi.Input[builtins.str] subscription_id: The subscription id for the Azure Active Directory.
|
932
|
+
:param pulumi.Input[builtins.str] tenant_id: The tenant id for the Azure Active Directory.
|
933
|
+
:param pulumi.Input[builtins.bool] use_microsoft_graph_api: Use the Microsoft Graph API. Should be set to true on vault-1.10+
|
933
934
|
"""
|
934
935
|
opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
|
935
936
|
|
@@ -956,7 +957,7 @@ class Backend(pulumi.CustomResource):
|
|
956
957
|
|
957
958
|
@property
|
958
959
|
@pulumi.getter(name="clientId")
|
959
|
-
def client_id(self) -> pulumi.Output[Optional[str]]:
|
960
|
+
def client_id(self) -> pulumi.Output[Optional[builtins.str]]:
|
960
961
|
"""
|
961
962
|
The OAuth2 client id to connect to Azure.
|
962
963
|
"""
|
@@ -964,7 +965,7 @@ class Backend(pulumi.CustomResource):
|
|
964
965
|
|
965
966
|
@property
|
966
967
|
@pulumi.getter(name="clientSecret")
|
967
|
-
def client_secret(self) -> pulumi.Output[Optional[str]]:
|
968
|
+
def client_secret(self) -> pulumi.Output[Optional[builtins.str]]:
|
968
969
|
"""
|
969
970
|
The OAuth2 client secret to connect to Azure.
|
970
971
|
"""
|
@@ -972,7 +973,7 @@ class Backend(pulumi.CustomResource):
|
|
972
973
|
|
973
974
|
@property
|
974
975
|
@pulumi.getter
|
975
|
-
def description(self) -> pulumi.Output[Optional[str]]:
|
976
|
+
def description(self) -> pulumi.Output[Optional[builtins.str]]:
|
976
977
|
"""
|
977
978
|
Human-friendly description of the mount for the backend.
|
978
979
|
"""
|
@@ -980,7 +981,7 @@ class Backend(pulumi.CustomResource):
|
|
980
981
|
|
981
982
|
@property
|
982
983
|
@pulumi.getter(name="disableAutomatedRotation")
|
983
|
-
def disable_automated_rotation(self) -> pulumi.Output[Optional[bool]]:
|
984
|
+
def disable_automated_rotation(self) -> pulumi.Output[Optional[builtins.bool]]:
|
984
985
|
"""
|
985
986
|
Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
|
986
987
|
*Available only for Vault Enterprise*
|
@@ -989,7 +990,7 @@ class Backend(pulumi.CustomResource):
|
|
989
990
|
|
990
991
|
@property
|
991
992
|
@pulumi.getter(name="disableRemount")
|
992
|
-
def disable_remount(self) -> pulumi.Output[Optional[bool]]:
|
993
|
+
def disable_remount(self) -> pulumi.Output[Optional[builtins.bool]]:
|
993
994
|
"""
|
994
995
|
If set, opts out of mount migration on path updates.
|
995
996
|
See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
|
@@ -998,7 +999,7 @@ class Backend(pulumi.CustomResource):
|
|
998
999
|
|
999
1000
|
@property
|
1000
1001
|
@pulumi.getter
|
1001
|
-
def environment(self) -> pulumi.Output[Optional[str]]:
|
1002
|
+
def environment(self) -> pulumi.Output[Optional[builtins.str]]:
|
1002
1003
|
"""
|
1003
1004
|
The Azure environment.
|
1004
1005
|
"""
|
@@ -1006,7 +1007,7 @@ class Backend(pulumi.CustomResource):
|
|
1006
1007
|
|
1007
1008
|
@property
|
1008
1009
|
@pulumi.getter(name="identityTokenAudience")
|
1009
|
-
def identity_token_audience(self) -> pulumi.Output[Optional[str]]:
|
1010
|
+
def identity_token_audience(self) -> pulumi.Output[Optional[builtins.str]]:
|
1010
1011
|
"""
|
1011
1012
|
The audience claim value. Requires Vault 1.17+.
|
1012
1013
|
*Available only for Vault Enterprise*
|
@@ -1015,7 +1016,7 @@ class Backend(pulumi.CustomResource):
|
|
1015
1016
|
|
1016
1017
|
@property
|
1017
1018
|
@pulumi.getter(name="identityTokenKey")
|
1018
|
-
def identity_token_key(self) -> pulumi.Output[Optional[str]]:
|
1019
|
+
def identity_token_key(self) -> pulumi.Output[Optional[builtins.str]]:
|
1019
1020
|
"""
|
1020
1021
|
The key to use for signing identity tokens. Requires Vault 1.17+.
|
1021
1022
|
*Available only for Vault Enterprise*
|
@@ -1024,7 +1025,7 @@ class Backend(pulumi.CustomResource):
|
|
1024
1025
|
|
1025
1026
|
@property
|
1026
1027
|
@pulumi.getter(name="identityTokenTtl")
|
1027
|
-
def identity_token_ttl(self) -> pulumi.Output[int]:
|
1028
|
+
def identity_token_ttl(self) -> pulumi.Output[builtins.int]:
|
1028
1029
|
"""
|
1029
1030
|
The TTL of generated identity tokens in seconds. Requires Vault 1.17+.
|
1030
1031
|
*Available only for Vault Enterprise*
|
@@ -1033,7 +1034,7 @@ class Backend(pulumi.CustomResource):
|
|
1033
1034
|
|
1034
1035
|
@property
|
1035
1036
|
@pulumi.getter
|
1036
|
-
def namespace(self) -> pulumi.Output[Optional[str]]:
|
1037
|
+
def namespace(self) -> pulumi.Output[Optional[builtins.str]]:
|
1037
1038
|
"""
|
1038
1039
|
The namespace to provision the resource in.
|
1039
1040
|
The value should not contain leading or trailing forward slashes.
|
@@ -1044,7 +1045,7 @@ class Backend(pulumi.CustomResource):
|
|
1044
1045
|
|
1045
1046
|
@property
|
1046
1047
|
@pulumi.getter
|
1047
|
-
def path(self) -> pulumi.Output[Optional[str]]:
|
1048
|
+
def path(self) -> pulumi.Output[Optional[builtins.str]]:
|
1048
1049
|
"""
|
1049
1050
|
The unique path this backend should be mounted at. Defaults to `azure`.
|
1050
1051
|
"""
|
@@ -1052,7 +1053,7 @@ class Backend(pulumi.CustomResource):
|
|
1052
1053
|
|
1053
1054
|
@property
|
1054
1055
|
@pulumi.getter(name="rotationPeriod")
|
1055
|
-
def rotation_period(self) -> pulumi.Output[Optional[int]]:
|
1056
|
+
def rotation_period(self) -> pulumi.Output[Optional[builtins.int]]:
|
1056
1057
|
"""
|
1057
1058
|
The amount of time in seconds Vault should wait before rotating the root credential.
|
1058
1059
|
A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
|
@@ -1062,7 +1063,7 @@ class Backend(pulumi.CustomResource):
|
|
1062
1063
|
|
1063
1064
|
@property
|
1064
1065
|
@pulumi.getter(name="rotationSchedule")
|
1065
|
-
def rotation_schedule(self) -> pulumi.Output[Optional[str]]:
|
1066
|
+
def rotation_schedule(self) -> pulumi.Output[Optional[builtins.str]]:
|
1066
1067
|
"""
|
1067
1068
|
The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
|
1068
1069
|
defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
|
@@ -1072,7 +1073,7 @@ class Backend(pulumi.CustomResource):
|
|
1072
1073
|
|
1073
1074
|
@property
|
1074
1075
|
@pulumi.getter(name="rotationWindow")
|
1075
|
-
def rotation_window(self) -> pulumi.Output[Optional[int]]:
|
1076
|
+
def rotation_window(self) -> pulumi.Output[Optional[builtins.int]]:
|
1076
1077
|
"""
|
1077
1078
|
The maximum amount of time in seconds allowed to complete
|
1078
1079
|
a rotation when a scheduled token rotation occurs. The default rotation window is
|
@@ -1082,7 +1083,7 @@ class Backend(pulumi.CustomResource):
|
|
1082
1083
|
|
1083
1084
|
@property
|
1084
1085
|
@pulumi.getter(name="subscriptionId")
|
1085
|
-
def subscription_id(self) -> pulumi.Output[str]:
|
1086
|
+
def subscription_id(self) -> pulumi.Output[builtins.str]:
|
1086
1087
|
"""
|
1087
1088
|
The subscription id for the Azure Active Directory.
|
1088
1089
|
"""
|
@@ -1090,7 +1091,7 @@ class Backend(pulumi.CustomResource):
|
|
1090
1091
|
|
1091
1092
|
@property
|
1092
1093
|
@pulumi.getter(name="tenantId")
|
1093
|
-
def tenant_id(self) -> pulumi.Output[str]:
|
1094
|
+
def tenant_id(self) -> pulumi.Output[builtins.str]:
|
1094
1095
|
"""
|
1095
1096
|
The tenant id for the Azure Active Directory.
|
1096
1097
|
"""
|
@@ -1099,7 +1100,7 @@ class Backend(pulumi.CustomResource):
|
|
1099
1100
|
@property
|
1100
1101
|
@pulumi.getter(name="useMicrosoftGraphApi")
|
1101
1102
|
@_utilities.deprecated("""This field is not supported in Vault-1.12+ and is the default behavior. This field will be removed in future version of the provider.""")
|
1102
|
-
def use_microsoft_graph_api(self) -> pulumi.Output[bool]:
|
1103
|
+
def use_microsoft_graph_api(self) -> pulumi.Output[builtins.bool]:
|
1103
1104
|
"""
|
1104
1105
|
Use the Microsoft Graph API. Should be set to true on vault-1.10+
|
1105
1106
|
"""
|