pulumi-vault 6.7.0a1743576047__py3-none-any.whl → 6.7.0a1744267302__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_vault/__init__.py +1 -0
- pulumi_vault/_inputs.py +554 -553
- pulumi_vault/ad/__init__.py +1 -0
- pulumi_vault/ad/get_access_credentials.py +20 -19
- pulumi_vault/ad/secret_backend.py +477 -476
- pulumi_vault/ad/secret_library.py +99 -98
- pulumi_vault/ad/secret_role.py +85 -84
- pulumi_vault/alicloud/__init__.py +1 -0
- pulumi_vault/alicloud/auth_backend_role.py +183 -182
- pulumi_vault/approle/__init__.py +1 -0
- pulumi_vault/approle/auth_backend_login.py +106 -105
- pulumi_vault/approle/auth_backend_role.py +239 -238
- pulumi_vault/approle/auth_backend_role_secret_id.py +162 -161
- pulumi_vault/approle/get_auth_backend_role_id.py +18 -17
- pulumi_vault/audit.py +85 -84
- pulumi_vault/audit_request_header.py +43 -42
- pulumi_vault/auth_backend.py +106 -105
- pulumi_vault/aws/__init__.py +1 -0
- pulumi_vault/aws/auth_backend_cert.py +71 -70
- pulumi_vault/aws/auth_backend_client.py +253 -252
- pulumi_vault/aws/auth_backend_config_identity.py +85 -84
- pulumi_vault/aws/auth_backend_identity_whitelist.py +57 -56
- pulumi_vault/aws/auth_backend_login.py +209 -208
- pulumi_vault/aws/auth_backend_role.py +400 -399
- pulumi_vault/aws/auth_backend_role_tag.py +127 -126
- pulumi_vault/aws/auth_backend_roletag_blacklist.py +57 -56
- pulumi_vault/aws/auth_backend_sts_role.py +71 -70
- pulumi_vault/aws/get_access_credentials.py +44 -43
- pulumi_vault/aws/get_static_access_credentials.py +13 -12
- pulumi_vault/aws/secret_backend.py +337 -336
- pulumi_vault/aws/secret_backend_role.py +211 -210
- pulumi_vault/aws/secret_backend_static_role.py +113 -112
- pulumi_vault/azure/__init__.py +1 -0
- pulumi_vault/azure/_inputs.py +21 -20
- pulumi_vault/azure/auth_backend_config.py +183 -182
- pulumi_vault/azure/auth_backend_role.py +253 -252
- pulumi_vault/azure/backend.py +239 -238
- pulumi_vault/azure/backend_role.py +141 -140
- pulumi_vault/azure/get_access_credentials.py +58 -57
- pulumi_vault/azure/outputs.py +11 -10
- pulumi_vault/cert_auth_backend_role.py +365 -364
- pulumi_vault/config/__init__.py +1 -0
- pulumi_vault/config/__init__.pyi +1 -0
- pulumi_vault/config/_inputs.py +11 -10
- pulumi_vault/config/outputs.py +287 -286
- pulumi_vault/config/ui_custom_message.py +113 -112
- pulumi_vault/config/vars.py +1 -0
- pulumi_vault/consul/__init__.py +1 -0
- pulumi_vault/consul/secret_backend.py +197 -196
- pulumi_vault/consul/secret_backend_role.py +183 -182
- pulumi_vault/database/__init__.py +1 -0
- pulumi_vault/database/_inputs.py +2525 -2524
- pulumi_vault/database/outputs.py +1529 -1528
- pulumi_vault/database/secret_backend_connection.py +169 -168
- pulumi_vault/database/secret_backend_role.py +169 -168
- pulumi_vault/database/secret_backend_static_role.py +179 -178
- pulumi_vault/database/secrets_mount.py +267 -266
- pulumi_vault/egp_policy.py +71 -70
- pulumi_vault/gcp/__init__.py +1 -0
- pulumi_vault/gcp/_inputs.py +82 -81
- pulumi_vault/gcp/auth_backend.py +260 -259
- pulumi_vault/gcp/auth_backend_role.py +281 -280
- pulumi_vault/gcp/get_auth_backend_role.py +70 -69
- pulumi_vault/gcp/outputs.py +50 -49
- pulumi_vault/gcp/secret_backend.py +232 -231
- pulumi_vault/gcp/secret_impersonated_account.py +92 -91
- pulumi_vault/gcp/secret_roleset.py +92 -91
- pulumi_vault/gcp/secret_static_account.py +92 -91
- pulumi_vault/generic/__init__.py +1 -0
- pulumi_vault/generic/endpoint.py +113 -112
- pulumi_vault/generic/get_secret.py +28 -27
- pulumi_vault/generic/secret.py +78 -77
- pulumi_vault/get_auth_backend.py +19 -18
- pulumi_vault/get_auth_backends.py +14 -13
- pulumi_vault/get_namespace.py +15 -14
- pulumi_vault/get_namespaces.py +8 -7
- pulumi_vault/get_nomad_access_token.py +19 -18
- pulumi_vault/get_policy_document.py +6 -5
- pulumi_vault/get_raft_autopilot_state.py +18 -17
- pulumi_vault/github/__init__.py +1 -0
- pulumi_vault/github/_inputs.py +42 -41
- pulumi_vault/github/auth_backend.py +232 -231
- pulumi_vault/github/outputs.py +26 -25
- pulumi_vault/github/team.py +57 -56
- pulumi_vault/github/user.py +57 -56
- pulumi_vault/identity/__init__.py +1 -0
- pulumi_vault/identity/entity.py +85 -84
- pulumi_vault/identity/entity_alias.py +71 -70
- pulumi_vault/identity/entity_policies.py +64 -63
- pulumi_vault/identity/get_entity.py +43 -42
- pulumi_vault/identity/get_group.py +50 -49
- pulumi_vault/identity/get_oidc_client_creds.py +14 -13
- pulumi_vault/identity/get_oidc_openid_config.py +24 -23
- pulumi_vault/identity/get_oidc_public_keys.py +13 -12
- pulumi_vault/identity/group.py +141 -140
- pulumi_vault/identity/group_alias.py +57 -56
- pulumi_vault/identity/group_member_entity_ids.py +57 -56
- pulumi_vault/identity/group_member_group_ids.py +57 -56
- pulumi_vault/identity/group_policies.py +64 -63
- pulumi_vault/identity/mfa_duo.py +148 -147
- pulumi_vault/identity/mfa_login_enforcement.py +120 -119
- pulumi_vault/identity/mfa_okta.py +134 -133
- pulumi_vault/identity/mfa_pingid.py +127 -126
- pulumi_vault/identity/mfa_totp.py +176 -175
- pulumi_vault/identity/oidc.py +29 -28
- pulumi_vault/identity/oidc_assignment.py +57 -56
- pulumi_vault/identity/oidc_client.py +127 -126
- pulumi_vault/identity/oidc_key.py +85 -84
- pulumi_vault/identity/oidc_key_allowed_client_id.py +43 -42
- pulumi_vault/identity/oidc_provider.py +92 -91
- pulumi_vault/identity/oidc_role.py +85 -84
- pulumi_vault/identity/oidc_scope.py +57 -56
- pulumi_vault/identity/outputs.py +32 -31
- pulumi_vault/jwt/__init__.py +1 -0
- pulumi_vault/jwt/_inputs.py +42 -41
- pulumi_vault/jwt/auth_backend.py +288 -287
- pulumi_vault/jwt/auth_backend_role.py +407 -406
- pulumi_vault/jwt/outputs.py +26 -25
- pulumi_vault/kmip/__init__.py +1 -0
- pulumi_vault/kmip/secret_backend.py +183 -182
- pulumi_vault/kmip/secret_role.py +295 -294
- pulumi_vault/kmip/secret_scope.py +57 -56
- pulumi_vault/kubernetes/__init__.py +1 -0
- pulumi_vault/kubernetes/auth_backend_config.py +141 -140
- pulumi_vault/kubernetes/auth_backend_role.py +225 -224
- pulumi_vault/kubernetes/get_auth_backend_config.py +47 -46
- pulumi_vault/kubernetes/get_auth_backend_role.py +70 -69
- pulumi_vault/kubernetes/get_service_account_token.py +38 -37
- pulumi_vault/kubernetes/secret_backend.py +316 -315
- pulumi_vault/kubernetes/secret_backend_role.py +197 -196
- pulumi_vault/kv/__init__.py +1 -0
- pulumi_vault/kv/_inputs.py +21 -20
- pulumi_vault/kv/get_secret.py +17 -16
- pulumi_vault/kv/get_secret_subkeys_v2.py +30 -29
- pulumi_vault/kv/get_secret_v2.py +29 -28
- pulumi_vault/kv/get_secrets_list.py +13 -12
- pulumi_vault/kv/get_secrets_list_v2.py +19 -18
- pulumi_vault/kv/outputs.py +13 -12
- pulumi_vault/kv/secret.py +50 -49
- pulumi_vault/kv/secret_backend_v2.py +71 -70
- pulumi_vault/kv/secret_v2.py +134 -133
- pulumi_vault/ldap/__init__.py +1 -0
- pulumi_vault/ldap/auth_backend.py +588 -587
- pulumi_vault/ldap/auth_backend_group.py +57 -56
- pulumi_vault/ldap/auth_backend_user.py +71 -70
- pulumi_vault/ldap/get_dynamic_credentials.py +17 -16
- pulumi_vault/ldap/get_static_credentials.py +18 -17
- pulumi_vault/ldap/secret_backend.py +554 -553
- pulumi_vault/ldap/secret_backend_dynamic_role.py +127 -126
- pulumi_vault/ldap/secret_backend_library_set.py +99 -98
- pulumi_vault/ldap/secret_backend_static_role.py +99 -98
- pulumi_vault/managed/__init__.py +1 -0
- pulumi_vault/managed/_inputs.py +229 -228
- pulumi_vault/managed/keys.py +15 -14
- pulumi_vault/managed/outputs.py +139 -138
- pulumi_vault/mfa_duo.py +113 -112
- pulumi_vault/mfa_okta.py +113 -112
- pulumi_vault/mfa_pingid.py +120 -119
- pulumi_vault/mfa_totp.py +127 -126
- pulumi_vault/mongodbatlas/__init__.py +1 -0
- pulumi_vault/mongodbatlas/secret_backend.py +64 -63
- pulumi_vault/mongodbatlas/secret_role.py +155 -154
- pulumi_vault/mount.py +274 -273
- pulumi_vault/namespace.py +64 -63
- pulumi_vault/nomad_secret_backend.py +211 -210
- pulumi_vault/nomad_secret_role.py +85 -84
- pulumi_vault/okta/__init__.py +1 -0
- pulumi_vault/okta/_inputs.py +26 -25
- pulumi_vault/okta/auth_backend.py +274 -273
- pulumi_vault/okta/auth_backend_group.py +57 -56
- pulumi_vault/okta/auth_backend_user.py +71 -70
- pulumi_vault/okta/outputs.py +16 -15
- pulumi_vault/outputs.py +56 -55
- pulumi_vault/password_policy.py +43 -42
- pulumi_vault/pkisecret/__init__.py +1 -0
- pulumi_vault/pkisecret/_inputs.py +31 -30
- pulumi_vault/pkisecret/backend_acme_eab.py +92 -91
- pulumi_vault/pkisecret/backend_config_acme.py +141 -140
- pulumi_vault/pkisecret/backend_config_auto_tidy.py +323 -322
- pulumi_vault/pkisecret/backend_config_cluster.py +57 -56
- pulumi_vault/pkisecret/backend_config_cmpv2.py +106 -105
- pulumi_vault/pkisecret/backend_config_est.py +120 -119
- pulumi_vault/pkisecret/get_backend_cert_metadata.py +22 -21
- pulumi_vault/pkisecret/get_backend_config_cmpv2.py +22 -21
- pulumi_vault/pkisecret/get_backend_config_est.py +19 -18
- pulumi_vault/pkisecret/get_backend_issuer.py +45 -44
- pulumi_vault/pkisecret/get_backend_issuers.py +15 -14
- pulumi_vault/pkisecret/get_backend_key.py +20 -19
- pulumi_vault/pkisecret/get_backend_keys.py +15 -14
- pulumi_vault/pkisecret/outputs.py +28 -27
- pulumi_vault/pkisecret/secret_backend_cert.py +337 -336
- pulumi_vault/pkisecret/secret_backend_config_ca.py +43 -42
- pulumi_vault/pkisecret/secret_backend_config_issuers.py +57 -56
- pulumi_vault/pkisecret/secret_backend_config_urls.py +85 -84
- pulumi_vault/pkisecret/secret_backend_crl_config.py +197 -196
- pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +421 -420
- pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +57 -56
- pulumi_vault/pkisecret/secret_backend_issuer.py +232 -231
- pulumi_vault/pkisecret/secret_backend_key.py +120 -119
- pulumi_vault/pkisecret/secret_backend_role.py +715 -714
- pulumi_vault/pkisecret/secret_backend_root_cert.py +554 -553
- pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +526 -525
- pulumi_vault/pkisecret/secret_backend_sign.py +281 -280
- pulumi_vault/plugin.py +127 -126
- pulumi_vault/plugin_pinned_version.py +43 -42
- pulumi_vault/policy.py +43 -42
- pulumi_vault/provider.py +120 -119
- pulumi_vault/pulumi-plugin.json +1 -1
- pulumi_vault/quota_lease_count.py +85 -84
- pulumi_vault/quota_rate_limit.py +113 -112
- pulumi_vault/rabbitmq/__init__.py +1 -0
- pulumi_vault/rabbitmq/_inputs.py +41 -40
- pulumi_vault/rabbitmq/outputs.py +25 -24
- pulumi_vault/rabbitmq/secret_backend.py +169 -168
- pulumi_vault/rabbitmq/secret_backend_role.py +57 -56
- pulumi_vault/raft_autopilot.py +113 -112
- pulumi_vault/raft_snapshot_agent_config.py +393 -392
- pulumi_vault/rgp_policy.py +57 -56
- pulumi_vault/saml/__init__.py +1 -0
- pulumi_vault/saml/auth_backend.py +155 -154
- pulumi_vault/saml/auth_backend_role.py +239 -238
- pulumi_vault/secrets/__init__.py +1 -0
- pulumi_vault/secrets/_inputs.py +16 -15
- pulumi_vault/secrets/outputs.py +10 -9
- pulumi_vault/secrets/sync_association.py +71 -70
- pulumi_vault/secrets/sync_aws_destination.py +148 -147
- pulumi_vault/secrets/sync_azure_destination.py +148 -147
- pulumi_vault/secrets/sync_config.py +43 -42
- pulumi_vault/secrets/sync_gcp_destination.py +106 -105
- pulumi_vault/secrets/sync_gh_destination.py +134 -133
- pulumi_vault/secrets/sync_github_apps.py +64 -63
- pulumi_vault/secrets/sync_vercel_destination.py +120 -119
- pulumi_vault/ssh/__init__.py +1 -0
- pulumi_vault/ssh/_inputs.py +11 -10
- pulumi_vault/ssh/get_secret_backend_sign.py +52 -51
- pulumi_vault/ssh/outputs.py +7 -6
- pulumi_vault/ssh/secret_backend_ca.py +99 -98
- pulumi_vault/ssh/secret_backend_role.py +365 -364
- pulumi_vault/terraformcloud/__init__.py +1 -0
- pulumi_vault/terraformcloud/secret_backend.py +111 -110
- pulumi_vault/terraformcloud/secret_creds.py +74 -73
- pulumi_vault/terraformcloud/secret_role.py +93 -92
- pulumi_vault/token.py +246 -245
- pulumi_vault/tokenauth/__init__.py +1 -0
- pulumi_vault/tokenauth/auth_backend_role.py +267 -266
- pulumi_vault/transform/__init__.py +1 -0
- pulumi_vault/transform/alphabet.py +57 -56
- pulumi_vault/transform/get_decode.py +47 -46
- pulumi_vault/transform/get_encode.py +47 -46
- pulumi_vault/transform/role.py +57 -56
- pulumi_vault/transform/template.py +113 -112
- pulumi_vault/transform/transformation.py +141 -140
- pulumi_vault/transit/__init__.py +1 -0
- pulumi_vault/transit/get_decrypt.py +18 -17
- pulumi_vault/transit/get_encrypt.py +21 -20
- pulumi_vault/transit/get_sign.py +54 -53
- pulumi_vault/transit/get_verify.py +60 -59
- pulumi_vault/transit/secret_backend_key.py +274 -273
- pulumi_vault/transit/secret_cache_config.py +43 -42
- {pulumi_vault-6.7.0a1743576047.dist-info → pulumi_vault-6.7.0a1744267302.dist-info}/METADATA +1 -1
- pulumi_vault-6.7.0a1744267302.dist-info/RECORD +265 -0
- pulumi_vault-6.7.0a1743576047.dist-info/RECORD +0 -265
- {pulumi_vault-6.7.0a1743576047.dist-info → pulumi_vault-6.7.0a1744267302.dist-info}/WHEEL +0 -0
- {pulumi_vault-6.7.0a1743576047.dist-info → pulumi_vault-6.7.0a1744267302.dist-info}/top_level.txt +0 -0
@@ -2,6 +2,7 @@
|
|
2
2
|
# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
|
3
3
|
# *** Do not edit by hand unless you're certain you know what you are doing! ***
|
4
4
|
|
5
|
+
import builtins
|
5
6
|
import copy
|
6
7
|
import warnings
|
7
8
|
import sys
|
@@ -21,39 +22,39 @@ __all__ = ['BackendRoleArgs', 'BackendRole']
|
|
21
22
|
@pulumi.input_type
|
22
23
|
class BackendRoleArgs:
|
23
24
|
def __init__(__self__, *,
|
24
|
-
role: pulumi.Input[str],
|
25
|
-
application_object_id: Optional[pulumi.Input[str]] = None,
|
25
|
+
role: pulumi.Input[builtins.str],
|
26
|
+
application_object_id: Optional[pulumi.Input[builtins.str]] = None,
|
26
27
|
azure_groups: Optional[pulumi.Input[Sequence[pulumi.Input['BackendRoleAzureGroupArgs']]]] = None,
|
27
28
|
azure_roles: Optional[pulumi.Input[Sequence[pulumi.Input['BackendRoleAzureRoleArgs']]]] = None,
|
28
|
-
backend: Optional[pulumi.Input[str]] = None,
|
29
|
-
description: Optional[pulumi.Input[str]] = None,
|
30
|
-
max_ttl: Optional[pulumi.Input[str]] = None,
|
31
|
-
namespace: Optional[pulumi.Input[str]] = None,
|
32
|
-
permanently_delete: Optional[pulumi.Input[bool]] = None,
|
33
|
-
sign_in_audience: Optional[pulumi.Input[str]] = None,
|
34
|
-
tags: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
35
|
-
ttl: Optional[pulumi.Input[str]] = None):
|
29
|
+
backend: Optional[pulumi.Input[builtins.str]] = None,
|
30
|
+
description: Optional[pulumi.Input[builtins.str]] = None,
|
31
|
+
max_ttl: Optional[pulumi.Input[builtins.str]] = None,
|
32
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None,
|
33
|
+
permanently_delete: Optional[pulumi.Input[builtins.bool]] = None,
|
34
|
+
sign_in_audience: Optional[pulumi.Input[builtins.str]] = None,
|
35
|
+
tags: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
36
|
+
ttl: Optional[pulumi.Input[builtins.str]] = None):
|
36
37
|
"""
|
37
38
|
The set of arguments for constructing a BackendRole resource.
|
38
|
-
:param pulumi.Input[str] role: Name of the Azure role
|
39
|
-
:param pulumi.Input[str] application_object_id: Application Object ID for an existing service principal that will
|
39
|
+
:param pulumi.Input[builtins.str] role: Name of the Azure role
|
40
|
+
:param pulumi.Input[builtins.str] application_object_id: Application Object ID for an existing service principal that will
|
40
41
|
be used instead of creating dynamic service principals. If present, `azure_roles` and `permanently_delete` will be ignored.
|
41
42
|
:param pulumi.Input[Sequence[pulumi.Input['BackendRoleAzureGroupArgs']]] azure_groups: List of Azure groups to be assigned to the generated service principal.
|
42
43
|
:param pulumi.Input[Sequence[pulumi.Input['BackendRoleAzureRoleArgs']]] azure_roles: List of Azure roles to be assigned to the generated service principal.
|
43
|
-
:param pulumi.Input[str] backend: Path to the mounted Azure auth backend
|
44
|
-
:param pulumi.Input[str] description: Human-friendly description of the mount for the backend.
|
45
|
-
:param pulumi.Input[str] max_ttl: Specifies the maximum TTL for service principals generated using this role. Accepts time
|
44
|
+
:param pulumi.Input[builtins.str] backend: Path to the mounted Azure auth backend
|
45
|
+
:param pulumi.Input[builtins.str] description: Human-friendly description of the mount for the backend.
|
46
|
+
:param pulumi.Input[builtins.str] max_ttl: Specifies the maximum TTL for service principals generated using this role. Accepts time
|
46
47
|
suffixed strings ("1h") or an integer number of seconds. Defaults to the system/engine max TTL time.
|
47
|
-
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
48
|
+
:param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
|
48
49
|
The value should not contain leading or trailing forward slashes.
|
49
50
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
50
51
|
*Available only for Vault Enterprise*.
|
51
|
-
:param pulumi.Input[bool] permanently_delete: Indicates whether the applications and service principals created by Vault will be permanently
|
52
|
+
:param pulumi.Input[builtins.bool] permanently_delete: Indicates whether the applications and service principals created by Vault will be permanently
|
52
53
|
deleted when the corresponding leases expire. Defaults to `false`. For Vault v1.12+.
|
53
|
-
:param pulumi.Input[str] sign_in_audience: Specifies the security principal types that are allowed to sign in to the application.
|
54
|
+
:param pulumi.Input[builtins.str] sign_in_audience: Specifies the security principal types that are allowed to sign in to the application.
|
54
55
|
Valid values are: AzureADMyOrg, AzureADMultipleOrgs, AzureADandPersonalMicrosoftAccount, PersonalMicrosoftAccount. Requires Vault 1.16+.
|
55
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] tags: A list of Azure tags to attach to an application. Requires Vault 1.16+.
|
56
|
-
:param pulumi.Input[str] ttl: Specifies the default TTL for service principals generated using this role.
|
56
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] tags: A list of Azure tags to attach to an application. Requires Vault 1.16+.
|
57
|
+
:param pulumi.Input[builtins.str] ttl: Specifies the default TTL for service principals generated using this role.
|
57
58
|
Accepts time suffixed strings ("1h") or an integer number of seconds. Defaults to the system/engine default TTL time.
|
58
59
|
"""
|
59
60
|
pulumi.set(__self__, "role", role)
|
@@ -82,19 +83,19 @@ class BackendRoleArgs:
|
|
82
83
|
|
83
84
|
@property
|
84
85
|
@pulumi.getter
|
85
|
-
def role(self) -> pulumi.Input[str]:
|
86
|
+
def role(self) -> pulumi.Input[builtins.str]:
|
86
87
|
"""
|
87
88
|
Name of the Azure role
|
88
89
|
"""
|
89
90
|
return pulumi.get(self, "role")
|
90
91
|
|
91
92
|
@role.setter
|
92
|
-
def role(self, value: pulumi.Input[str]):
|
93
|
+
def role(self, value: pulumi.Input[builtins.str]):
|
93
94
|
pulumi.set(self, "role", value)
|
94
95
|
|
95
96
|
@property
|
96
97
|
@pulumi.getter(name="applicationObjectId")
|
97
|
-
def application_object_id(self) -> Optional[pulumi.Input[str]]:
|
98
|
+
def application_object_id(self) -> Optional[pulumi.Input[builtins.str]]:
|
98
99
|
"""
|
99
100
|
Application Object ID for an existing service principal that will
|
100
101
|
be used instead of creating dynamic service principals. If present, `azure_roles` and `permanently_delete` will be ignored.
|
@@ -102,7 +103,7 @@ class BackendRoleArgs:
|
|
102
103
|
return pulumi.get(self, "application_object_id")
|
103
104
|
|
104
105
|
@application_object_id.setter
|
105
|
-
def application_object_id(self, value: Optional[pulumi.Input[str]]):
|
106
|
+
def application_object_id(self, value: Optional[pulumi.Input[builtins.str]]):
|
106
107
|
pulumi.set(self, "application_object_id", value)
|
107
108
|
|
108
109
|
@property
|
@@ -131,31 +132,31 @@ class BackendRoleArgs:
|
|
131
132
|
|
132
133
|
@property
|
133
134
|
@pulumi.getter
|
134
|
-
def backend(self) -> Optional[pulumi.Input[str]]:
|
135
|
+
def backend(self) -> Optional[pulumi.Input[builtins.str]]:
|
135
136
|
"""
|
136
137
|
Path to the mounted Azure auth backend
|
137
138
|
"""
|
138
139
|
return pulumi.get(self, "backend")
|
139
140
|
|
140
141
|
@backend.setter
|
141
|
-
def backend(self, value: Optional[pulumi.Input[str]]):
|
142
|
+
def backend(self, value: Optional[pulumi.Input[builtins.str]]):
|
142
143
|
pulumi.set(self, "backend", value)
|
143
144
|
|
144
145
|
@property
|
145
146
|
@pulumi.getter
|
146
|
-
def description(self) -> Optional[pulumi.Input[str]]:
|
147
|
+
def description(self) -> Optional[pulumi.Input[builtins.str]]:
|
147
148
|
"""
|
148
149
|
Human-friendly description of the mount for the backend.
|
149
150
|
"""
|
150
151
|
return pulumi.get(self, "description")
|
151
152
|
|
152
153
|
@description.setter
|
153
|
-
def description(self, value: Optional[pulumi.Input[str]]):
|
154
|
+
def description(self, value: Optional[pulumi.Input[builtins.str]]):
|
154
155
|
pulumi.set(self, "description", value)
|
155
156
|
|
156
157
|
@property
|
157
158
|
@pulumi.getter(name="maxTtl")
|
158
|
-
def max_ttl(self) -> Optional[pulumi.Input[str]]:
|
159
|
+
def max_ttl(self) -> Optional[pulumi.Input[builtins.str]]:
|
159
160
|
"""
|
160
161
|
Specifies the maximum TTL for service principals generated using this role. Accepts time
|
161
162
|
suffixed strings ("1h") or an integer number of seconds. Defaults to the system/engine max TTL time.
|
@@ -163,12 +164,12 @@ class BackendRoleArgs:
|
|
163
164
|
return pulumi.get(self, "max_ttl")
|
164
165
|
|
165
166
|
@max_ttl.setter
|
166
|
-
def max_ttl(self, value: Optional[pulumi.Input[str]]):
|
167
|
+
def max_ttl(self, value: Optional[pulumi.Input[builtins.str]]):
|
167
168
|
pulumi.set(self, "max_ttl", value)
|
168
169
|
|
169
170
|
@property
|
170
171
|
@pulumi.getter
|
171
|
-
def namespace(self) -> Optional[pulumi.Input[str]]:
|
172
|
+
def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
|
172
173
|
"""
|
173
174
|
The namespace to provision the resource in.
|
174
175
|
The value should not contain leading or trailing forward slashes.
|
@@ -178,12 +179,12 @@ class BackendRoleArgs:
|
|
178
179
|
return pulumi.get(self, "namespace")
|
179
180
|
|
180
181
|
@namespace.setter
|
181
|
-
def namespace(self, value: Optional[pulumi.Input[str]]):
|
182
|
+
def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
|
182
183
|
pulumi.set(self, "namespace", value)
|
183
184
|
|
184
185
|
@property
|
185
186
|
@pulumi.getter(name="permanentlyDelete")
|
186
|
-
def permanently_delete(self) -> Optional[pulumi.Input[bool]]:
|
187
|
+
def permanently_delete(self) -> Optional[pulumi.Input[builtins.bool]]:
|
187
188
|
"""
|
188
189
|
Indicates whether the applications and service principals created by Vault will be permanently
|
189
190
|
deleted when the corresponding leases expire. Defaults to `false`. For Vault v1.12+.
|
@@ -191,12 +192,12 @@ class BackendRoleArgs:
|
|
191
192
|
return pulumi.get(self, "permanently_delete")
|
192
193
|
|
193
194
|
@permanently_delete.setter
|
194
|
-
def permanently_delete(self, value: Optional[pulumi.Input[bool]]):
|
195
|
+
def permanently_delete(self, value: Optional[pulumi.Input[builtins.bool]]):
|
195
196
|
pulumi.set(self, "permanently_delete", value)
|
196
197
|
|
197
198
|
@property
|
198
199
|
@pulumi.getter(name="signInAudience")
|
199
|
-
def sign_in_audience(self) -> Optional[pulumi.Input[str]]:
|
200
|
+
def sign_in_audience(self) -> Optional[pulumi.Input[builtins.str]]:
|
200
201
|
"""
|
201
202
|
Specifies the security principal types that are allowed to sign in to the application.
|
202
203
|
Valid values are: AzureADMyOrg, AzureADMultipleOrgs, AzureADandPersonalMicrosoftAccount, PersonalMicrosoftAccount. Requires Vault 1.16+.
|
@@ -204,24 +205,24 @@ class BackendRoleArgs:
|
|
204
205
|
return pulumi.get(self, "sign_in_audience")
|
205
206
|
|
206
207
|
@sign_in_audience.setter
|
207
|
-
def sign_in_audience(self, value: Optional[pulumi.Input[str]]):
|
208
|
+
def sign_in_audience(self, value: Optional[pulumi.Input[builtins.str]]):
|
208
209
|
pulumi.set(self, "sign_in_audience", value)
|
209
210
|
|
210
211
|
@property
|
211
212
|
@pulumi.getter
|
212
|
-
def tags(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
213
|
+
def tags(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
213
214
|
"""
|
214
215
|
A list of Azure tags to attach to an application. Requires Vault 1.16+.
|
215
216
|
"""
|
216
217
|
return pulumi.get(self, "tags")
|
217
218
|
|
218
219
|
@tags.setter
|
219
|
-
def tags(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
220
|
+
def tags(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
220
221
|
pulumi.set(self, "tags", value)
|
221
222
|
|
222
223
|
@property
|
223
224
|
@pulumi.getter
|
224
|
-
def ttl(self) -> Optional[pulumi.Input[str]]:
|
225
|
+
def ttl(self) -> Optional[pulumi.Input[builtins.str]]:
|
225
226
|
"""
|
226
227
|
Specifies the default TTL for service principals generated using this role.
|
227
228
|
Accepts time suffixed strings ("1h") or an integer number of seconds. Defaults to the system/engine default TTL time.
|
@@ -229,46 +230,46 @@ class BackendRoleArgs:
|
|
229
230
|
return pulumi.get(self, "ttl")
|
230
231
|
|
231
232
|
@ttl.setter
|
232
|
-
def ttl(self, value: Optional[pulumi.Input[str]]):
|
233
|
+
def ttl(self, value: Optional[pulumi.Input[builtins.str]]):
|
233
234
|
pulumi.set(self, "ttl", value)
|
234
235
|
|
235
236
|
|
236
237
|
@pulumi.input_type
|
237
238
|
class _BackendRoleState:
|
238
239
|
def __init__(__self__, *,
|
239
|
-
application_object_id: Optional[pulumi.Input[str]] = None,
|
240
|
+
application_object_id: Optional[pulumi.Input[builtins.str]] = None,
|
240
241
|
azure_groups: Optional[pulumi.Input[Sequence[pulumi.Input['BackendRoleAzureGroupArgs']]]] = None,
|
241
242
|
azure_roles: Optional[pulumi.Input[Sequence[pulumi.Input['BackendRoleAzureRoleArgs']]]] = None,
|
242
|
-
backend: Optional[pulumi.Input[str]] = None,
|
243
|
-
description: Optional[pulumi.Input[str]] = None,
|
244
|
-
max_ttl: Optional[pulumi.Input[str]] = None,
|
245
|
-
namespace: Optional[pulumi.Input[str]] = None,
|
246
|
-
permanently_delete: Optional[pulumi.Input[bool]] = None,
|
247
|
-
role: Optional[pulumi.Input[str]] = None,
|
248
|
-
sign_in_audience: Optional[pulumi.Input[str]] = None,
|
249
|
-
tags: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
250
|
-
ttl: Optional[pulumi.Input[str]] = None):
|
243
|
+
backend: Optional[pulumi.Input[builtins.str]] = None,
|
244
|
+
description: Optional[pulumi.Input[builtins.str]] = None,
|
245
|
+
max_ttl: Optional[pulumi.Input[builtins.str]] = None,
|
246
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None,
|
247
|
+
permanently_delete: Optional[pulumi.Input[builtins.bool]] = None,
|
248
|
+
role: Optional[pulumi.Input[builtins.str]] = None,
|
249
|
+
sign_in_audience: Optional[pulumi.Input[builtins.str]] = None,
|
250
|
+
tags: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
251
|
+
ttl: Optional[pulumi.Input[builtins.str]] = None):
|
251
252
|
"""
|
252
253
|
Input properties used for looking up and filtering BackendRole resources.
|
253
|
-
:param pulumi.Input[str] application_object_id: Application Object ID for an existing service principal that will
|
254
|
+
:param pulumi.Input[builtins.str] application_object_id: Application Object ID for an existing service principal that will
|
254
255
|
be used instead of creating dynamic service principals. If present, `azure_roles` and `permanently_delete` will be ignored.
|
255
256
|
:param pulumi.Input[Sequence[pulumi.Input['BackendRoleAzureGroupArgs']]] azure_groups: List of Azure groups to be assigned to the generated service principal.
|
256
257
|
:param pulumi.Input[Sequence[pulumi.Input['BackendRoleAzureRoleArgs']]] azure_roles: List of Azure roles to be assigned to the generated service principal.
|
257
|
-
:param pulumi.Input[str] backend: Path to the mounted Azure auth backend
|
258
|
-
:param pulumi.Input[str] description: Human-friendly description of the mount for the backend.
|
259
|
-
:param pulumi.Input[str] max_ttl: Specifies the maximum TTL for service principals generated using this role. Accepts time
|
258
|
+
:param pulumi.Input[builtins.str] backend: Path to the mounted Azure auth backend
|
259
|
+
:param pulumi.Input[builtins.str] description: Human-friendly description of the mount for the backend.
|
260
|
+
:param pulumi.Input[builtins.str] max_ttl: Specifies the maximum TTL for service principals generated using this role. Accepts time
|
260
261
|
suffixed strings ("1h") or an integer number of seconds. Defaults to the system/engine max TTL time.
|
261
|
-
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
262
|
+
:param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
|
262
263
|
The value should not contain leading or trailing forward slashes.
|
263
264
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
264
265
|
*Available only for Vault Enterprise*.
|
265
|
-
:param pulumi.Input[bool] permanently_delete: Indicates whether the applications and service principals created by Vault will be permanently
|
266
|
+
:param pulumi.Input[builtins.bool] permanently_delete: Indicates whether the applications and service principals created by Vault will be permanently
|
266
267
|
deleted when the corresponding leases expire. Defaults to `false`. For Vault v1.12+.
|
267
|
-
:param pulumi.Input[str] role: Name of the Azure role
|
268
|
-
:param pulumi.Input[str] sign_in_audience: Specifies the security principal types that are allowed to sign in to the application.
|
268
|
+
:param pulumi.Input[builtins.str] role: Name of the Azure role
|
269
|
+
:param pulumi.Input[builtins.str] sign_in_audience: Specifies the security principal types that are allowed to sign in to the application.
|
269
270
|
Valid values are: AzureADMyOrg, AzureADMultipleOrgs, AzureADandPersonalMicrosoftAccount, PersonalMicrosoftAccount. Requires Vault 1.16+.
|
270
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] tags: A list of Azure tags to attach to an application. Requires Vault 1.16+.
|
271
|
-
:param pulumi.Input[str] ttl: Specifies the default TTL for service principals generated using this role.
|
271
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] tags: A list of Azure tags to attach to an application. Requires Vault 1.16+.
|
272
|
+
:param pulumi.Input[builtins.str] ttl: Specifies the default TTL for service principals generated using this role.
|
272
273
|
Accepts time suffixed strings ("1h") or an integer number of seconds. Defaults to the system/engine default TTL time.
|
273
274
|
"""
|
274
275
|
if application_object_id is not None:
|
@@ -298,7 +299,7 @@ class _BackendRoleState:
|
|
298
299
|
|
299
300
|
@property
|
300
301
|
@pulumi.getter(name="applicationObjectId")
|
301
|
-
def application_object_id(self) -> Optional[pulumi.Input[str]]:
|
302
|
+
def application_object_id(self) -> Optional[pulumi.Input[builtins.str]]:
|
302
303
|
"""
|
303
304
|
Application Object ID for an existing service principal that will
|
304
305
|
be used instead of creating dynamic service principals. If present, `azure_roles` and `permanently_delete` will be ignored.
|
@@ -306,7 +307,7 @@ class _BackendRoleState:
|
|
306
307
|
return pulumi.get(self, "application_object_id")
|
307
308
|
|
308
309
|
@application_object_id.setter
|
309
|
-
def application_object_id(self, value: Optional[pulumi.Input[str]]):
|
310
|
+
def application_object_id(self, value: Optional[pulumi.Input[builtins.str]]):
|
310
311
|
pulumi.set(self, "application_object_id", value)
|
311
312
|
|
312
313
|
@property
|
@@ -335,31 +336,31 @@ class _BackendRoleState:
|
|
335
336
|
|
336
337
|
@property
|
337
338
|
@pulumi.getter
|
338
|
-
def backend(self) -> Optional[pulumi.Input[str]]:
|
339
|
+
def backend(self) -> Optional[pulumi.Input[builtins.str]]:
|
339
340
|
"""
|
340
341
|
Path to the mounted Azure auth backend
|
341
342
|
"""
|
342
343
|
return pulumi.get(self, "backend")
|
343
344
|
|
344
345
|
@backend.setter
|
345
|
-
def backend(self, value: Optional[pulumi.Input[str]]):
|
346
|
+
def backend(self, value: Optional[pulumi.Input[builtins.str]]):
|
346
347
|
pulumi.set(self, "backend", value)
|
347
348
|
|
348
349
|
@property
|
349
350
|
@pulumi.getter
|
350
|
-
def description(self) -> Optional[pulumi.Input[str]]:
|
351
|
+
def description(self) -> Optional[pulumi.Input[builtins.str]]:
|
351
352
|
"""
|
352
353
|
Human-friendly description of the mount for the backend.
|
353
354
|
"""
|
354
355
|
return pulumi.get(self, "description")
|
355
356
|
|
356
357
|
@description.setter
|
357
|
-
def description(self, value: Optional[pulumi.Input[str]]):
|
358
|
+
def description(self, value: Optional[pulumi.Input[builtins.str]]):
|
358
359
|
pulumi.set(self, "description", value)
|
359
360
|
|
360
361
|
@property
|
361
362
|
@pulumi.getter(name="maxTtl")
|
362
|
-
def max_ttl(self) -> Optional[pulumi.Input[str]]:
|
363
|
+
def max_ttl(self) -> Optional[pulumi.Input[builtins.str]]:
|
363
364
|
"""
|
364
365
|
Specifies the maximum TTL for service principals generated using this role. Accepts time
|
365
366
|
suffixed strings ("1h") or an integer number of seconds. Defaults to the system/engine max TTL time.
|
@@ -367,12 +368,12 @@ class _BackendRoleState:
|
|
367
368
|
return pulumi.get(self, "max_ttl")
|
368
369
|
|
369
370
|
@max_ttl.setter
|
370
|
-
def max_ttl(self, value: Optional[pulumi.Input[str]]):
|
371
|
+
def max_ttl(self, value: Optional[pulumi.Input[builtins.str]]):
|
371
372
|
pulumi.set(self, "max_ttl", value)
|
372
373
|
|
373
374
|
@property
|
374
375
|
@pulumi.getter
|
375
|
-
def namespace(self) -> Optional[pulumi.Input[str]]:
|
376
|
+
def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
|
376
377
|
"""
|
377
378
|
The namespace to provision the resource in.
|
378
379
|
The value should not contain leading or trailing forward slashes.
|
@@ -382,12 +383,12 @@ class _BackendRoleState:
|
|
382
383
|
return pulumi.get(self, "namespace")
|
383
384
|
|
384
385
|
@namespace.setter
|
385
|
-
def namespace(self, value: Optional[pulumi.Input[str]]):
|
386
|
+
def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
|
386
387
|
pulumi.set(self, "namespace", value)
|
387
388
|
|
388
389
|
@property
|
389
390
|
@pulumi.getter(name="permanentlyDelete")
|
390
|
-
def permanently_delete(self) -> Optional[pulumi.Input[bool]]:
|
391
|
+
def permanently_delete(self) -> Optional[pulumi.Input[builtins.bool]]:
|
391
392
|
"""
|
392
393
|
Indicates whether the applications and service principals created by Vault will be permanently
|
393
394
|
deleted when the corresponding leases expire. Defaults to `false`. For Vault v1.12+.
|
@@ -395,24 +396,24 @@ class _BackendRoleState:
|
|
395
396
|
return pulumi.get(self, "permanently_delete")
|
396
397
|
|
397
398
|
@permanently_delete.setter
|
398
|
-
def permanently_delete(self, value: Optional[pulumi.Input[bool]]):
|
399
|
+
def permanently_delete(self, value: Optional[pulumi.Input[builtins.bool]]):
|
399
400
|
pulumi.set(self, "permanently_delete", value)
|
400
401
|
|
401
402
|
@property
|
402
403
|
@pulumi.getter
|
403
|
-
def role(self) -> Optional[pulumi.Input[str]]:
|
404
|
+
def role(self) -> Optional[pulumi.Input[builtins.str]]:
|
404
405
|
"""
|
405
406
|
Name of the Azure role
|
406
407
|
"""
|
407
408
|
return pulumi.get(self, "role")
|
408
409
|
|
409
410
|
@role.setter
|
410
|
-
def role(self, value: Optional[pulumi.Input[str]]):
|
411
|
+
def role(self, value: Optional[pulumi.Input[builtins.str]]):
|
411
412
|
pulumi.set(self, "role", value)
|
412
413
|
|
413
414
|
@property
|
414
415
|
@pulumi.getter(name="signInAudience")
|
415
|
-
def sign_in_audience(self) -> Optional[pulumi.Input[str]]:
|
416
|
+
def sign_in_audience(self) -> Optional[pulumi.Input[builtins.str]]:
|
416
417
|
"""
|
417
418
|
Specifies the security principal types that are allowed to sign in to the application.
|
418
419
|
Valid values are: AzureADMyOrg, AzureADMultipleOrgs, AzureADandPersonalMicrosoftAccount, PersonalMicrosoftAccount. Requires Vault 1.16+.
|
@@ -420,24 +421,24 @@ class _BackendRoleState:
|
|
420
421
|
return pulumi.get(self, "sign_in_audience")
|
421
422
|
|
422
423
|
@sign_in_audience.setter
|
423
|
-
def sign_in_audience(self, value: Optional[pulumi.Input[str]]):
|
424
|
+
def sign_in_audience(self, value: Optional[pulumi.Input[builtins.str]]):
|
424
425
|
pulumi.set(self, "sign_in_audience", value)
|
425
426
|
|
426
427
|
@property
|
427
428
|
@pulumi.getter
|
428
|
-
def tags(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
429
|
+
def tags(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
429
430
|
"""
|
430
431
|
A list of Azure tags to attach to an application. Requires Vault 1.16+.
|
431
432
|
"""
|
432
433
|
return pulumi.get(self, "tags")
|
433
434
|
|
434
435
|
@tags.setter
|
435
|
-
def tags(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
436
|
+
def tags(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
436
437
|
pulumi.set(self, "tags", value)
|
437
438
|
|
438
439
|
@property
|
439
440
|
@pulumi.getter
|
440
|
-
def ttl(self) -> Optional[pulumi.Input[str]]:
|
441
|
+
def ttl(self) -> Optional[pulumi.Input[builtins.str]]:
|
441
442
|
"""
|
442
443
|
Specifies the default TTL for service principals generated using this role.
|
443
444
|
Accepts time suffixed strings ("1h") or an integer number of seconds. Defaults to the system/engine default TTL time.
|
@@ -445,7 +446,7 @@ class _BackendRoleState:
|
|
445
446
|
return pulumi.get(self, "ttl")
|
446
447
|
|
447
448
|
@ttl.setter
|
448
|
-
def ttl(self, value: Optional[pulumi.Input[str]]):
|
449
|
+
def ttl(self, value: Optional[pulumi.Input[builtins.str]]):
|
449
450
|
pulumi.set(self, "ttl", value)
|
450
451
|
|
451
452
|
|
@@ -454,18 +455,18 @@ class BackendRole(pulumi.CustomResource):
|
|
454
455
|
def __init__(__self__,
|
455
456
|
resource_name: str,
|
456
457
|
opts: Optional[pulumi.ResourceOptions] = None,
|
457
|
-
application_object_id: Optional[pulumi.Input[str]] = None,
|
458
|
+
application_object_id: Optional[pulumi.Input[builtins.str]] = None,
|
458
459
|
azure_groups: Optional[pulumi.Input[Sequence[pulumi.Input[Union['BackendRoleAzureGroupArgs', 'BackendRoleAzureGroupArgsDict']]]]] = None,
|
459
460
|
azure_roles: Optional[pulumi.Input[Sequence[pulumi.Input[Union['BackendRoleAzureRoleArgs', 'BackendRoleAzureRoleArgsDict']]]]] = None,
|
460
|
-
backend: Optional[pulumi.Input[str]] = None,
|
461
|
-
description: Optional[pulumi.Input[str]] = None,
|
462
|
-
max_ttl: Optional[pulumi.Input[str]] = None,
|
463
|
-
namespace: Optional[pulumi.Input[str]] = None,
|
464
|
-
permanently_delete: Optional[pulumi.Input[bool]] = None,
|
465
|
-
role: Optional[pulumi.Input[str]] = None,
|
466
|
-
sign_in_audience: Optional[pulumi.Input[str]] = None,
|
467
|
-
tags: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
468
|
-
ttl: Optional[pulumi.Input[str]] = None,
|
461
|
+
backend: Optional[pulumi.Input[builtins.str]] = None,
|
462
|
+
description: Optional[pulumi.Input[builtins.str]] = None,
|
463
|
+
max_ttl: Optional[pulumi.Input[builtins.str]] = None,
|
464
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None,
|
465
|
+
permanently_delete: Optional[pulumi.Input[builtins.bool]] = None,
|
466
|
+
role: Optional[pulumi.Input[builtins.str]] = None,
|
467
|
+
sign_in_audience: Optional[pulumi.Input[builtins.str]] = None,
|
468
|
+
tags: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
469
|
+
ttl: Optional[pulumi.Input[builtins.str]] = None,
|
469
470
|
__props__=None):
|
470
471
|
"""
|
471
472
|
## Example Usage
|
@@ -503,25 +504,25 @@ class BackendRole(pulumi.CustomResource):
|
|
503
504
|
|
504
505
|
:param str resource_name: The name of the resource.
|
505
506
|
:param pulumi.ResourceOptions opts: Options for the resource.
|
506
|
-
:param pulumi.Input[str] application_object_id: Application Object ID for an existing service principal that will
|
507
|
+
:param pulumi.Input[builtins.str] application_object_id: Application Object ID for an existing service principal that will
|
507
508
|
be used instead of creating dynamic service principals. If present, `azure_roles` and `permanently_delete` will be ignored.
|
508
509
|
:param pulumi.Input[Sequence[pulumi.Input[Union['BackendRoleAzureGroupArgs', 'BackendRoleAzureGroupArgsDict']]]] azure_groups: List of Azure groups to be assigned to the generated service principal.
|
509
510
|
:param pulumi.Input[Sequence[pulumi.Input[Union['BackendRoleAzureRoleArgs', 'BackendRoleAzureRoleArgsDict']]]] azure_roles: List of Azure roles to be assigned to the generated service principal.
|
510
|
-
:param pulumi.Input[str] backend: Path to the mounted Azure auth backend
|
511
|
-
:param pulumi.Input[str] description: Human-friendly description of the mount for the backend.
|
512
|
-
:param pulumi.Input[str] max_ttl: Specifies the maximum TTL for service principals generated using this role. Accepts time
|
511
|
+
:param pulumi.Input[builtins.str] backend: Path to the mounted Azure auth backend
|
512
|
+
:param pulumi.Input[builtins.str] description: Human-friendly description of the mount for the backend.
|
513
|
+
:param pulumi.Input[builtins.str] max_ttl: Specifies the maximum TTL for service principals generated using this role. Accepts time
|
513
514
|
suffixed strings ("1h") or an integer number of seconds. Defaults to the system/engine max TTL time.
|
514
|
-
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
515
|
+
:param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
|
515
516
|
The value should not contain leading or trailing forward slashes.
|
516
517
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
517
518
|
*Available only for Vault Enterprise*.
|
518
|
-
:param pulumi.Input[bool] permanently_delete: Indicates whether the applications and service principals created by Vault will be permanently
|
519
|
+
:param pulumi.Input[builtins.bool] permanently_delete: Indicates whether the applications and service principals created by Vault will be permanently
|
519
520
|
deleted when the corresponding leases expire. Defaults to `false`. For Vault v1.12+.
|
520
|
-
:param pulumi.Input[str] role: Name of the Azure role
|
521
|
-
:param pulumi.Input[str] sign_in_audience: Specifies the security principal types that are allowed to sign in to the application.
|
521
|
+
:param pulumi.Input[builtins.str] role: Name of the Azure role
|
522
|
+
:param pulumi.Input[builtins.str] sign_in_audience: Specifies the security principal types that are allowed to sign in to the application.
|
522
523
|
Valid values are: AzureADMyOrg, AzureADMultipleOrgs, AzureADandPersonalMicrosoftAccount, PersonalMicrosoftAccount. Requires Vault 1.16+.
|
523
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] tags: A list of Azure tags to attach to an application. Requires Vault 1.16+.
|
524
|
-
:param pulumi.Input[str] ttl: Specifies the default TTL for service principals generated using this role.
|
524
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] tags: A list of Azure tags to attach to an application. Requires Vault 1.16+.
|
525
|
+
:param pulumi.Input[builtins.str] ttl: Specifies the default TTL for service principals generated using this role.
|
525
526
|
Accepts time suffixed strings ("1h") or an integer number of seconds. Defaults to the system/engine default TTL time.
|
526
527
|
"""
|
527
528
|
...
|
@@ -579,18 +580,18 @@ class BackendRole(pulumi.CustomResource):
|
|
579
580
|
def _internal_init(__self__,
|
580
581
|
resource_name: str,
|
581
582
|
opts: Optional[pulumi.ResourceOptions] = None,
|
582
|
-
application_object_id: Optional[pulumi.Input[str]] = None,
|
583
|
+
application_object_id: Optional[pulumi.Input[builtins.str]] = None,
|
583
584
|
azure_groups: Optional[pulumi.Input[Sequence[pulumi.Input[Union['BackendRoleAzureGroupArgs', 'BackendRoleAzureGroupArgsDict']]]]] = None,
|
584
585
|
azure_roles: Optional[pulumi.Input[Sequence[pulumi.Input[Union['BackendRoleAzureRoleArgs', 'BackendRoleAzureRoleArgsDict']]]]] = None,
|
585
|
-
backend: Optional[pulumi.Input[str]] = None,
|
586
|
-
description: Optional[pulumi.Input[str]] = None,
|
587
|
-
max_ttl: Optional[pulumi.Input[str]] = None,
|
588
|
-
namespace: Optional[pulumi.Input[str]] = None,
|
589
|
-
permanently_delete: Optional[pulumi.Input[bool]] = None,
|
590
|
-
role: Optional[pulumi.Input[str]] = None,
|
591
|
-
sign_in_audience: Optional[pulumi.Input[str]] = None,
|
592
|
-
tags: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
593
|
-
ttl: Optional[pulumi.Input[str]] = None,
|
586
|
+
backend: Optional[pulumi.Input[builtins.str]] = None,
|
587
|
+
description: Optional[pulumi.Input[builtins.str]] = None,
|
588
|
+
max_ttl: Optional[pulumi.Input[builtins.str]] = None,
|
589
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None,
|
590
|
+
permanently_delete: Optional[pulumi.Input[builtins.bool]] = None,
|
591
|
+
role: Optional[pulumi.Input[builtins.str]] = None,
|
592
|
+
sign_in_audience: Optional[pulumi.Input[builtins.str]] = None,
|
593
|
+
tags: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
594
|
+
ttl: Optional[pulumi.Input[builtins.str]] = None,
|
594
595
|
__props__=None):
|
595
596
|
opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
|
596
597
|
if not isinstance(opts, pulumi.ResourceOptions):
|
@@ -624,18 +625,18 @@ class BackendRole(pulumi.CustomResource):
|
|
624
625
|
def get(resource_name: str,
|
625
626
|
id: pulumi.Input[str],
|
626
627
|
opts: Optional[pulumi.ResourceOptions] = None,
|
627
|
-
application_object_id: Optional[pulumi.Input[str]] = None,
|
628
|
+
application_object_id: Optional[pulumi.Input[builtins.str]] = None,
|
628
629
|
azure_groups: Optional[pulumi.Input[Sequence[pulumi.Input[Union['BackendRoleAzureGroupArgs', 'BackendRoleAzureGroupArgsDict']]]]] = None,
|
629
630
|
azure_roles: Optional[pulumi.Input[Sequence[pulumi.Input[Union['BackendRoleAzureRoleArgs', 'BackendRoleAzureRoleArgsDict']]]]] = None,
|
630
|
-
backend: Optional[pulumi.Input[str]] = None,
|
631
|
-
description: Optional[pulumi.Input[str]] = None,
|
632
|
-
max_ttl: Optional[pulumi.Input[str]] = None,
|
633
|
-
namespace: Optional[pulumi.Input[str]] = None,
|
634
|
-
permanently_delete: Optional[pulumi.Input[bool]] = None,
|
635
|
-
role: Optional[pulumi.Input[str]] = None,
|
636
|
-
sign_in_audience: Optional[pulumi.Input[str]] = None,
|
637
|
-
tags: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
638
|
-
ttl: Optional[pulumi.Input[str]] = None) -> 'BackendRole':
|
631
|
+
backend: Optional[pulumi.Input[builtins.str]] = None,
|
632
|
+
description: Optional[pulumi.Input[builtins.str]] = None,
|
633
|
+
max_ttl: Optional[pulumi.Input[builtins.str]] = None,
|
634
|
+
namespace: Optional[pulumi.Input[builtins.str]] = None,
|
635
|
+
permanently_delete: Optional[pulumi.Input[builtins.bool]] = None,
|
636
|
+
role: Optional[pulumi.Input[builtins.str]] = None,
|
637
|
+
sign_in_audience: Optional[pulumi.Input[builtins.str]] = None,
|
638
|
+
tags: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
639
|
+
ttl: Optional[pulumi.Input[builtins.str]] = None) -> 'BackendRole':
|
639
640
|
"""
|
640
641
|
Get an existing BackendRole resource's state with the given name, id, and optional extra
|
641
642
|
properties used to qualify the lookup.
|
@@ -643,25 +644,25 @@ class BackendRole(pulumi.CustomResource):
|
|
643
644
|
:param str resource_name: The unique name of the resulting resource.
|
644
645
|
:param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
|
645
646
|
:param pulumi.ResourceOptions opts: Options for the resource.
|
646
|
-
:param pulumi.Input[str] application_object_id: Application Object ID for an existing service principal that will
|
647
|
+
:param pulumi.Input[builtins.str] application_object_id: Application Object ID for an existing service principal that will
|
647
648
|
be used instead of creating dynamic service principals. If present, `azure_roles` and `permanently_delete` will be ignored.
|
648
649
|
:param pulumi.Input[Sequence[pulumi.Input[Union['BackendRoleAzureGroupArgs', 'BackendRoleAzureGroupArgsDict']]]] azure_groups: List of Azure groups to be assigned to the generated service principal.
|
649
650
|
:param pulumi.Input[Sequence[pulumi.Input[Union['BackendRoleAzureRoleArgs', 'BackendRoleAzureRoleArgsDict']]]] azure_roles: List of Azure roles to be assigned to the generated service principal.
|
650
|
-
:param pulumi.Input[str] backend: Path to the mounted Azure auth backend
|
651
|
-
:param pulumi.Input[str] description: Human-friendly description of the mount for the backend.
|
652
|
-
:param pulumi.Input[str] max_ttl: Specifies the maximum TTL for service principals generated using this role. Accepts time
|
651
|
+
:param pulumi.Input[builtins.str] backend: Path to the mounted Azure auth backend
|
652
|
+
:param pulumi.Input[builtins.str] description: Human-friendly description of the mount for the backend.
|
653
|
+
:param pulumi.Input[builtins.str] max_ttl: Specifies the maximum TTL for service principals generated using this role. Accepts time
|
653
654
|
suffixed strings ("1h") or an integer number of seconds. Defaults to the system/engine max TTL time.
|
654
|
-
:param pulumi.Input[str] namespace: The namespace to provision the resource in.
|
655
|
+
:param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
|
655
656
|
The value should not contain leading or trailing forward slashes.
|
656
657
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
657
658
|
*Available only for Vault Enterprise*.
|
658
|
-
:param pulumi.Input[bool] permanently_delete: Indicates whether the applications and service principals created by Vault will be permanently
|
659
|
+
:param pulumi.Input[builtins.bool] permanently_delete: Indicates whether the applications and service principals created by Vault will be permanently
|
659
660
|
deleted when the corresponding leases expire. Defaults to `false`. For Vault v1.12+.
|
660
|
-
:param pulumi.Input[str] role: Name of the Azure role
|
661
|
-
:param pulumi.Input[str] sign_in_audience: Specifies the security principal types that are allowed to sign in to the application.
|
661
|
+
:param pulumi.Input[builtins.str] role: Name of the Azure role
|
662
|
+
:param pulumi.Input[builtins.str] sign_in_audience: Specifies the security principal types that are allowed to sign in to the application.
|
662
663
|
Valid values are: AzureADMyOrg, AzureADMultipleOrgs, AzureADandPersonalMicrosoftAccount, PersonalMicrosoftAccount. Requires Vault 1.16+.
|
663
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] tags: A list of Azure tags to attach to an application. Requires Vault 1.16+.
|
664
|
-
:param pulumi.Input[str] ttl: Specifies the default TTL for service principals generated using this role.
|
664
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] tags: A list of Azure tags to attach to an application. Requires Vault 1.16+.
|
665
|
+
:param pulumi.Input[builtins.str] ttl: Specifies the default TTL for service principals generated using this role.
|
665
666
|
Accepts time suffixed strings ("1h") or an integer number of seconds. Defaults to the system/engine default TTL time.
|
666
667
|
"""
|
667
668
|
opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
|
@@ -684,7 +685,7 @@ class BackendRole(pulumi.CustomResource):
|
|
684
685
|
|
685
686
|
@property
|
686
687
|
@pulumi.getter(name="applicationObjectId")
|
687
|
-
def application_object_id(self) -> pulumi.Output[Optional[str]]:
|
688
|
+
def application_object_id(self) -> pulumi.Output[Optional[builtins.str]]:
|
688
689
|
"""
|
689
690
|
Application Object ID for an existing service principal that will
|
690
691
|
be used instead of creating dynamic service principals. If present, `azure_roles` and `permanently_delete` will be ignored.
|
@@ -709,7 +710,7 @@ class BackendRole(pulumi.CustomResource):
|
|
709
710
|
|
710
711
|
@property
|
711
712
|
@pulumi.getter
|
712
|
-
def backend(self) -> pulumi.Output[Optional[str]]:
|
713
|
+
def backend(self) -> pulumi.Output[Optional[builtins.str]]:
|
713
714
|
"""
|
714
715
|
Path to the mounted Azure auth backend
|
715
716
|
"""
|
@@ -717,7 +718,7 @@ class BackendRole(pulumi.CustomResource):
|
|
717
718
|
|
718
719
|
@property
|
719
720
|
@pulumi.getter
|
720
|
-
def description(self) -> pulumi.Output[Optional[str]]:
|
721
|
+
def description(self) -> pulumi.Output[Optional[builtins.str]]:
|
721
722
|
"""
|
722
723
|
Human-friendly description of the mount for the backend.
|
723
724
|
"""
|
@@ -725,7 +726,7 @@ class BackendRole(pulumi.CustomResource):
|
|
725
726
|
|
726
727
|
@property
|
727
728
|
@pulumi.getter(name="maxTtl")
|
728
|
-
def max_ttl(self) -> pulumi.Output[Optional[str]]:
|
729
|
+
def max_ttl(self) -> pulumi.Output[Optional[builtins.str]]:
|
729
730
|
"""
|
730
731
|
Specifies the maximum TTL for service principals generated using this role. Accepts time
|
731
732
|
suffixed strings ("1h") or an integer number of seconds. Defaults to the system/engine max TTL time.
|
@@ -734,7 +735,7 @@ class BackendRole(pulumi.CustomResource):
|
|
734
735
|
|
735
736
|
@property
|
736
737
|
@pulumi.getter
|
737
|
-
def namespace(self) -> pulumi.Output[Optional[str]]:
|
738
|
+
def namespace(self) -> pulumi.Output[Optional[builtins.str]]:
|
738
739
|
"""
|
739
740
|
The namespace to provision the resource in.
|
740
741
|
The value should not contain leading or trailing forward slashes.
|
@@ -745,7 +746,7 @@ class BackendRole(pulumi.CustomResource):
|
|
745
746
|
|
746
747
|
@property
|
747
748
|
@pulumi.getter(name="permanentlyDelete")
|
748
|
-
def permanently_delete(self) -> pulumi.Output[bool]:
|
749
|
+
def permanently_delete(self) -> pulumi.Output[builtins.bool]:
|
749
750
|
"""
|
750
751
|
Indicates whether the applications and service principals created by Vault will be permanently
|
751
752
|
deleted when the corresponding leases expire. Defaults to `false`. For Vault v1.12+.
|
@@ -754,7 +755,7 @@ class BackendRole(pulumi.CustomResource):
|
|
754
755
|
|
755
756
|
@property
|
756
757
|
@pulumi.getter
|
757
|
-
def role(self) -> pulumi.Output[str]:
|
758
|
+
def role(self) -> pulumi.Output[builtins.str]:
|
758
759
|
"""
|
759
760
|
Name of the Azure role
|
760
761
|
"""
|
@@ -762,7 +763,7 @@ class BackendRole(pulumi.CustomResource):
|
|
762
763
|
|
763
764
|
@property
|
764
765
|
@pulumi.getter(name="signInAudience")
|
765
|
-
def sign_in_audience(self) -> pulumi.Output[Optional[str]]:
|
766
|
+
def sign_in_audience(self) -> pulumi.Output[Optional[builtins.str]]:
|
766
767
|
"""
|
767
768
|
Specifies the security principal types that are allowed to sign in to the application.
|
768
769
|
Valid values are: AzureADMyOrg, AzureADMultipleOrgs, AzureADandPersonalMicrosoftAccount, PersonalMicrosoftAccount. Requires Vault 1.16+.
|
@@ -771,7 +772,7 @@ class BackendRole(pulumi.CustomResource):
|
|
771
772
|
|
772
773
|
@property
|
773
774
|
@pulumi.getter
|
774
|
-
def tags(self) -> pulumi.Output[Optional[Sequence[str]]]:
|
775
|
+
def tags(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
|
775
776
|
"""
|
776
777
|
A list of Azure tags to attach to an application. Requires Vault 1.16+.
|
777
778
|
"""
|
@@ -779,7 +780,7 @@ class BackendRole(pulumi.CustomResource):
|
|
779
780
|
|
780
781
|
@property
|
781
782
|
@pulumi.getter
|
782
|
-
def ttl(self) -> pulumi.Output[Optional[str]]:
|
783
|
+
def ttl(self) -> pulumi.Output[Optional[builtins.str]]:
|
783
784
|
"""
|
784
785
|
Specifies the default TTL for service principals generated using this role.
|
785
786
|
Accepts time suffixed strings ("1h") or an integer number of seconds. Defaults to the system/engine default TTL time.
|