PyPI - pulumi-vault - Versions diffs - 7.0.0a1750489873__py3-none-any.whl → 7.1.0a1752118888__py3-none-any.whl - Mend

pulumi-vault 7.0.0a1750489873py3-none-any.whl → 7.1.0a1752118888py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (20) hide show

pulumi_vault/__init__.py +17 -0
pulumi_vault/database/_inputs.py +48 -0
pulumi_vault/database/outputs.py +30 -0
pulumi_vault/database/secret_backend_connection.py +10 -0
pulumi_vault/pkisecret/__init__.py +2 -0
pulumi_vault/pkisecret/_inputs.py +94 -6
pulumi_vault/pkisecret/backend_config_scep.py +692 -0
pulumi_vault/pkisecret/get_backend_config_scep.py +252 -0
pulumi_vault/pkisecret/outputs.py +112 -8
pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +61 -14
pulumi_vault/pulumi-plugin.json +1 -1
pulumi_vault/quota_rate_limit.py +153 -3
pulumi_vault/scep_auth_backend_role.py +855 -0
pulumi_vault/transit/__init__.py +1 -0
pulumi_vault/transit/get_cmac.py +257 -0
pulumi_vault/transit/get_verify.py +16 -1
{pulumi_vault-7.0.0a1750489873.dist-info → pulumi_vault-7.1.0a1752118888.dist-info}/METADATA +1 -1
{pulumi_vault-7.0.0a1750489873.dist-info → pulumi_vault-7.1.0a1752118888.dist-info}/RECORD +20 -16
{pulumi_vault-7.0.0a1750489873.dist-info → pulumi_vault-7.1.0a1752118888.dist-info}/WHEEL +0 -0
{pulumi_vault-7.0.0a1750489873.dist-info → pulumi_vault-7.1.0a1752118888.dist-info}/top_level.txt +0 -0

pulumi_vault/scep_auth_backend_role.py ADDED Viewed

@@ -0,0 +1,855 @@
+# coding=utf-8
+# *** WARNING: this file was generated by pulumi-language-python. ***
+# *** Do not edit by hand unless you're certain you know what you are doing! ***
+import builtins
+import copy
+import warnings
+import sys
+import pulumi
+import pulumi.runtime
+from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
+from . import _utilities
+__all__ = ['ScepAuthBackendRoleArgs', 'ScepAuthBackendRole']
+@pulumi.input_type
+class ScepAuthBackendRoleArgs:
+    def __init__(__self__, *,
+                 auth_type: pulumi.Input[builtins.str],
+                 backend: Optional[pulumi.Input[builtins.str]] = None,
+                 challenge: Optional[pulumi.Input[builtins.str]] = None,
+                 display_name: Optional[pulumi.Input[builtins.str]] = None,
+                 name: Optional[pulumi.Input[builtins.str]] = None,
+                 namespace: Optional[pulumi.Input[builtins.str]] = None,
+                 token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
+                 token_explicit_max_ttl: Optional[pulumi.Input[builtins.int]] = None,
+                 token_max_ttl: Optional[pulumi.Input[builtins.int]] = None,
+                 token_no_default_policy: Optional[pulumi.Input[builtins.bool]] = None,
+                 token_num_uses: Optional[pulumi.Input[builtins.int]] = None,
+                 token_period: Optional[pulumi.Input[builtins.int]] = None,
+                 token_policies: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
+                 token_ttl: Optional[pulumi.Input[builtins.int]] = None,
+                 token_type: Optional[pulumi.Input[builtins.str]] = None):
+        """
+        The set of arguments for constructing a ScepAuthBackendRole resource.
+        :param pulumi.Input[builtins.str] auth_type: The authentication type to use. This can be either "static-challenge" or "intune".
+        :param pulumi.Input[builtins.str] backend: Path to the mounted SCEP auth backend.
+        :param pulumi.Input[builtins.str] challenge: The static challenge to use if auth_type is "static-challenge", not used for other auth types.
+        :param pulumi.Input[builtins.str] name: Name of the role.
+        :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
+               The value should not contain leading or trailing forward slashes.
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
+               *Available only for Vault Enterprise*.
+        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
+        :param pulumi.Input[builtins.int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
+        :param pulumi.Input[builtins.int] token_max_ttl: The maximum lifetime of the generated token
+        :param pulumi.Input[builtins.bool] token_no_default_policy: If true, the 'default' policy will not automatically be added to generated tokens
+        :param pulumi.Input[builtins.int] token_num_uses: The maximum number of times a token may be used, a value of zero means unlimited
+        :param pulumi.Input[builtins.int] token_period: Generated Token's Period
+        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] token_policies: Generated Token's Policies
+        :param pulumi.Input[builtins.int] token_ttl: The initial ttl of the token to generate in seconds
+        :param pulumi.Input[builtins.str] token_type: The type of token to generate, service or batch
+        """
+        pulumi.set(__self__, "auth_type", auth_type)
+        if backend is not None:
+            pulumi.set(__self__, "backend", backend)
+        if challenge is not None:
+            pulumi.set(__self__, "challenge", challenge)
+        if display_name is not None:
+            pulumi.set(__self__, "display_name", display_name)
+        if name is not None:
+            pulumi.set(__self__, "name", name)
+        if namespace is not None:
+            pulumi.set(__self__, "namespace", namespace)
+        if token_bound_cidrs is not None:
+            pulumi.set(__self__, "token_bound_cidrs", token_bound_cidrs)
+        if token_explicit_max_ttl is not None:
+            pulumi.set(__self__, "token_explicit_max_ttl", token_explicit_max_ttl)
+        if token_max_ttl is not None:
+            pulumi.set(__self__, "token_max_ttl", token_max_ttl)
+        if token_no_default_policy is not None:
+            pulumi.set(__self__, "token_no_default_policy", token_no_default_policy)
+        if token_num_uses is not None:
+            pulumi.set(__self__, "token_num_uses", token_num_uses)
+        if token_period is not None:
+            pulumi.set(__self__, "token_period", token_period)
+        if token_policies is not None:
+            pulumi.set(__self__, "token_policies", token_policies)
+        if token_ttl is not None:
+            pulumi.set(__self__, "token_ttl", token_ttl)
+        if token_type is not None:
+            pulumi.set(__self__, "token_type", token_type)
+    @property
+    @pulumi.getter(name="authType")
+    def auth_type(self) -> pulumi.Input[builtins.str]:
+        """
+        The authentication type to use. This can be either "static-challenge" or "intune".
+        """
+        return pulumi.get(self, "auth_type")
+    @auth_type.setter
+    def auth_type(self, value: pulumi.Input[builtins.str]):
+        pulumi.set(self, "auth_type", value)
+    @property
+    @pulumi.getter
+    def backend(self) -> Optional[pulumi.Input[builtins.str]]:
+        """
+        Path to the mounted SCEP auth backend.
+        """
+        return pulumi.get(self, "backend")
+    @backend.setter
+    def backend(self, value: Optional[pulumi.Input[builtins.str]]):
+        pulumi.set(self, "backend", value)
+    @property
+    @pulumi.getter
+    def challenge(self) -> Optional[pulumi.Input[builtins.str]]:
+        """
+        The static challenge to use if auth_type is "static-challenge", not used for other auth types.
+        """
+        return pulumi.get(self, "challenge")
+    @challenge.setter
+    def challenge(self, value: Optional[pulumi.Input[builtins.str]]):
+        pulumi.set(self, "challenge", value)
+    @property
+    @pulumi.getter(name="displayName")
+    def display_name(self) -> Optional[pulumi.Input[builtins.str]]:
+        return pulumi.get(self, "display_name")
+    @display_name.setter
+    def display_name(self, value: Optional[pulumi.Input[builtins.str]]):
+        pulumi.set(self, "display_name", value)
+    @property
+    @pulumi.getter
+    def name(self) -> Optional[pulumi.Input[builtins.str]]:
+        """
+        Name of the role.
+        """
+        return pulumi.get(self, "name")
+    @name.setter
+    def name(self, value: Optional[pulumi.Input[builtins.str]]):
+        pulumi.set(self, "name", value)
+    @property
+    @pulumi.getter
+    def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
+        """
+        The namespace to provision the resource in.
+        The value should not contain leading or trailing forward slashes.
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
+        *Available only for Vault Enterprise*.
+        """
+        return pulumi.get(self, "namespace")
+    @namespace.setter
+    def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
+        pulumi.set(self, "namespace", value)
+    @property
+    @pulumi.getter(name="tokenBoundCidrs")
+    def token_bound_cidrs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
+        """
+        Specifies the blocks of IP addresses which are allowed to use the generated token
+        """
+        return pulumi.get(self, "token_bound_cidrs")
+    @token_bound_cidrs.setter
+    def token_bound_cidrs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
+        pulumi.set(self, "token_bound_cidrs", value)
+    @property
+    @pulumi.getter(name="tokenExplicitMaxTtl")
+    def token_explicit_max_ttl(self) -> Optional[pulumi.Input[builtins.int]]:
+        """
+        Generated Token's Explicit Maximum TTL in seconds
+        """
+        return pulumi.get(self, "token_explicit_max_ttl")
+    @token_explicit_max_ttl.setter
+    def token_explicit_max_ttl(self, value: Optional[pulumi.Input[builtins.int]]):
+        pulumi.set(self, "token_explicit_max_ttl", value)
+    @property
+    @pulumi.getter(name="tokenMaxTtl")
+    def token_max_ttl(self) -> Optional[pulumi.Input[builtins.int]]:
+        """
+        The maximum lifetime of the generated token
+        """
+        return pulumi.get(self, "token_max_ttl")
+    @token_max_ttl.setter
+    def token_max_ttl(self, value: Optional[pulumi.Input[builtins.int]]):
+        pulumi.set(self, "token_max_ttl", value)
+    @property
+    @pulumi.getter(name="tokenNoDefaultPolicy")
+    def token_no_default_policy(self) -> Optional[pulumi.Input[builtins.bool]]:
+        """
+        If true, the 'default' policy will not automatically be added to generated tokens
+        """
+        return pulumi.get(self, "token_no_default_policy")
+    @token_no_default_policy.setter
+    def token_no_default_policy(self, value: Optional[pulumi.Input[builtins.bool]]):
+        pulumi.set(self, "token_no_default_policy", value)
+    @property
+    @pulumi.getter(name="tokenNumUses")
+    def token_num_uses(self) -> Optional[pulumi.Input[builtins.int]]:
+        """
+        The maximum number of times a token may be used, a value of zero means unlimited
+        """
+        return pulumi.get(self, "token_num_uses")
+    @token_num_uses.setter
+    def token_num_uses(self, value: Optional[pulumi.Input[builtins.int]]):
+        pulumi.set(self, "token_num_uses", value)
+    @property
+    @pulumi.getter(name="tokenPeriod")
+    def token_period(self) -> Optional[pulumi.Input[builtins.int]]:
+        """
+        Generated Token's Period
+        """
+        return pulumi.get(self, "token_period")
+    @token_period.setter
+    def token_period(self, value: Optional[pulumi.Input[builtins.int]]):
+        pulumi.set(self, "token_period", value)
+    @property
+    @pulumi.getter(name="tokenPolicies")
+    def token_policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
+        """
+        Generated Token's Policies
+        """
+        return pulumi.get(self, "token_policies")
+    @token_policies.setter
+    def token_policies(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
+        pulumi.set(self, "token_policies", value)
+    @property
+    @pulumi.getter(name="tokenTtl")
+    def token_ttl(self) -> Optional[pulumi.Input[builtins.int]]:
+        """
+        The initial ttl of the token to generate in seconds
+        """
+        return pulumi.get(self, "token_ttl")
+    @token_ttl.setter
+    def token_ttl(self, value: Optional[pulumi.Input[builtins.int]]):
+        pulumi.set(self, "token_ttl", value)
+    @property
+    @pulumi.getter(name="tokenType")
+    def token_type(self) -> Optional[pulumi.Input[builtins.str]]:
+        """
+        The type of token to generate, service or batch
+        """
+        return pulumi.get(self, "token_type")
+    @token_type.setter
+    def token_type(self, value: Optional[pulumi.Input[builtins.str]]):
+        pulumi.set(self, "token_type", value)
+@pulumi.input_type
+class _ScepAuthBackendRoleState:
+    def __init__(__self__, *,
+                 auth_type: Optional[pulumi.Input[builtins.str]] = None,
+                 backend: Optional[pulumi.Input[builtins.str]] = None,
+                 challenge: Optional[pulumi.Input[builtins.str]] = None,
+                 display_name: Optional[pulumi.Input[builtins.str]] = None,
+                 name: Optional[pulumi.Input[builtins.str]] = None,
+                 namespace: Optional[pulumi.Input[builtins.str]] = None,
+                 token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
+                 token_explicit_max_ttl: Optional[pulumi.Input[builtins.int]] = None,
+                 token_max_ttl: Optional[pulumi.Input[builtins.int]] = None,
+                 token_no_default_policy: Optional[pulumi.Input[builtins.bool]] = None,
+                 token_num_uses: Optional[pulumi.Input[builtins.int]] = None,
+                 token_period: Optional[pulumi.Input[builtins.int]] = None,
+                 token_policies: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
+                 token_ttl: Optional[pulumi.Input[builtins.int]] = None,
+                 token_type: Optional[pulumi.Input[builtins.str]] = None):
+        """
+        Input properties used for looking up and filtering ScepAuthBackendRole resources.
+        :param pulumi.Input[builtins.str] auth_type: The authentication type to use. This can be either "static-challenge" or "intune".
+        :param pulumi.Input[builtins.str] backend: Path to the mounted SCEP auth backend.
+        :param pulumi.Input[builtins.str] challenge: The static challenge to use if auth_type is "static-challenge", not used for other auth types.
+        :param pulumi.Input[builtins.str] name: Name of the role.
+        :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
+               The value should not contain leading or trailing forward slashes.
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
+               *Available only for Vault Enterprise*.
+        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
+        :param pulumi.Input[builtins.int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
+        :param pulumi.Input[builtins.int] token_max_ttl: The maximum lifetime of the generated token
+        :param pulumi.Input[builtins.bool] token_no_default_policy: If true, the 'default' policy will not automatically be added to generated tokens
+        :param pulumi.Input[builtins.int] token_num_uses: The maximum number of times a token may be used, a value of zero means unlimited
+        :param pulumi.Input[builtins.int] token_period: Generated Token's Period
+        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] token_policies: Generated Token's Policies
+        :param pulumi.Input[builtins.int] token_ttl: The initial ttl of the token to generate in seconds
+        :param pulumi.Input[builtins.str] token_type: The type of token to generate, service or batch
+        """
+        if auth_type is not None:
+            pulumi.set(__self__, "auth_type", auth_type)
+        if backend is not None:
+            pulumi.set(__self__, "backend", backend)
+        if challenge is not None:
+            pulumi.set(__self__, "challenge", challenge)
+        if display_name is not None:
+            pulumi.set(__self__, "display_name", display_name)
+        if name is not None:
+            pulumi.set(__self__, "name", name)
+        if namespace is not None:
+            pulumi.set(__self__, "namespace", namespace)
+        if token_bound_cidrs is not None:
+            pulumi.set(__self__, "token_bound_cidrs", token_bound_cidrs)
+        if token_explicit_max_ttl is not None:
+            pulumi.set(__self__, "token_explicit_max_ttl", token_explicit_max_ttl)
+        if token_max_ttl is not None:
+            pulumi.set(__self__, "token_max_ttl", token_max_ttl)
+        if token_no_default_policy is not None:
+            pulumi.set(__self__, "token_no_default_policy", token_no_default_policy)
+        if token_num_uses is not None:
+            pulumi.set(__self__, "token_num_uses", token_num_uses)
+        if token_period is not None:
+            pulumi.set(__self__, "token_period", token_period)
+        if token_policies is not None:
+            pulumi.set(__self__, "token_policies", token_policies)
+        if token_ttl is not None:
+            pulumi.set(__self__, "token_ttl", token_ttl)
+        if token_type is not None:
+            pulumi.set(__self__, "token_type", token_type)
+    @property
+    @pulumi.getter(name="authType")
+    def auth_type(self) -> Optional[pulumi.Input[builtins.str]]:
+        """
+        The authentication type to use. This can be either "static-challenge" or "intune".
+        """
+        return pulumi.get(self, "auth_type")
+    @auth_type.setter
+    def auth_type(self, value: Optional[pulumi.Input[builtins.str]]):
+        pulumi.set(self, "auth_type", value)
+    @property
+    @pulumi.getter
+    def backend(self) -> Optional[pulumi.Input[builtins.str]]:
+        """
+        Path to the mounted SCEP auth backend.
+        """
+        return pulumi.get(self, "backend")
+    @backend.setter
+    def backend(self, value: Optional[pulumi.Input[builtins.str]]):
+        pulumi.set(self, "backend", value)
+    @property
+    @pulumi.getter
+    def challenge(self) -> Optional[pulumi.Input[builtins.str]]:
+        """
+        The static challenge to use if auth_type is "static-challenge", not used for other auth types.
+        """
+        return pulumi.get(self, "challenge")
+    @challenge.setter
+    def challenge(self, value: Optional[pulumi.Input[builtins.str]]):
+        pulumi.set(self, "challenge", value)
+    @property
+    @pulumi.getter(name="displayName")
+    def display_name(self) -> Optional[pulumi.Input[builtins.str]]:
+        return pulumi.get(self, "display_name")
+    @display_name.setter
+    def display_name(self, value: Optional[pulumi.Input[builtins.str]]):
+        pulumi.set(self, "display_name", value)
+    @property
+    @pulumi.getter
+    def name(self) -> Optional[pulumi.Input[builtins.str]]:
+        """
+        Name of the role.
+        """
+        return pulumi.get(self, "name")
+    @name.setter
+    def name(self, value: Optional[pulumi.Input[builtins.str]]):
+        pulumi.set(self, "name", value)
+    @property
+    @pulumi.getter
+    def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
+        """
+        The namespace to provision the resource in.
+        The value should not contain leading or trailing forward slashes.
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
+        *Available only for Vault Enterprise*.
+        """
+        return pulumi.get(self, "namespace")
+    @namespace.setter
+    def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
+        pulumi.set(self, "namespace", value)
+    @property
+    @pulumi.getter(name="tokenBoundCidrs")
+    def token_bound_cidrs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
+        """
+        Specifies the blocks of IP addresses which are allowed to use the generated token
+        """
+        return pulumi.get(self, "token_bound_cidrs")
+    @token_bound_cidrs.setter
+    def token_bound_cidrs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
+        pulumi.set(self, "token_bound_cidrs", value)
+    @property
+    @pulumi.getter(name="tokenExplicitMaxTtl")
+    def token_explicit_max_ttl(self) -> Optional[pulumi.Input[builtins.int]]:
+        """
+        Generated Token's Explicit Maximum TTL in seconds
+        """
+        return pulumi.get(self, "token_explicit_max_ttl")
+    @token_explicit_max_ttl.setter
+    def token_explicit_max_ttl(self, value: Optional[pulumi.Input[builtins.int]]):
+        pulumi.set(self, "token_explicit_max_ttl", value)
+    @property
+    @pulumi.getter(name="tokenMaxTtl")
+    def token_max_ttl(self) -> Optional[pulumi.Input[builtins.int]]:
+        """
+        The maximum lifetime of the generated token
+        """
+        return pulumi.get(self, "token_max_ttl")
+    @token_max_ttl.setter
+    def token_max_ttl(self, value: Optional[pulumi.Input[builtins.int]]):
+        pulumi.set(self, "token_max_ttl", value)
+    @property
+    @pulumi.getter(name="tokenNoDefaultPolicy")
+    def token_no_default_policy(self) -> Optional[pulumi.Input[builtins.bool]]:
+        """
+        If true, the 'default' policy will not automatically be added to generated tokens
+        """
+        return pulumi.get(self, "token_no_default_policy")
+    @token_no_default_policy.setter
+    def token_no_default_policy(self, value: Optional[pulumi.Input[builtins.bool]]):
+        pulumi.set(self, "token_no_default_policy", value)
+    @property
+    @pulumi.getter(name="tokenNumUses")
+    def token_num_uses(self) -> Optional[pulumi.Input[builtins.int]]:
+        """
+        The maximum number of times a token may be used, a value of zero means unlimited
+        """
+        return pulumi.get(self, "token_num_uses")
+    @token_num_uses.setter
+    def token_num_uses(self, value: Optional[pulumi.Input[builtins.int]]):
+        pulumi.set(self, "token_num_uses", value)
+    @property
+    @pulumi.getter(name="tokenPeriod")
+    def token_period(self) -> Optional[pulumi.Input[builtins.int]]:
+        """
+        Generated Token's Period
+        """
+        return pulumi.get(self, "token_period")
+    @token_period.setter
+    def token_period(self, value: Optional[pulumi.Input[builtins.int]]):
+        pulumi.set(self, "token_period", value)
+    @property
+    @pulumi.getter(name="tokenPolicies")
+    def token_policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
+        """
+        Generated Token's Policies
+        """
+        return pulumi.get(self, "token_policies")
+    @token_policies.setter
+    def token_policies(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
+        pulumi.set(self, "token_policies", value)
+    @property
+    @pulumi.getter(name="tokenTtl")
+    def token_ttl(self) -> Optional[pulumi.Input[builtins.int]]:
+        """
+        The initial ttl of the token to generate in seconds
+        """
+        return pulumi.get(self, "token_ttl")
+    @token_ttl.setter
+    def token_ttl(self, value: Optional[pulumi.Input[builtins.int]]):
+        pulumi.set(self, "token_ttl", value)
+    @property
+    @pulumi.getter(name="tokenType")
+    def token_type(self) -> Optional[pulumi.Input[builtins.str]]:
+        """
+        The type of token to generate, service or batch
+        """
+        return pulumi.get(self, "token_type")
+    @token_type.setter
+    def token_type(self, value: Optional[pulumi.Input[builtins.str]]):
+        pulumi.set(self, "token_type", value)
+@pulumi.type_token("vault:index/scepAuthBackendRole:ScepAuthBackendRole")
+class ScepAuthBackendRole(pulumi.CustomResource):
+    @overload
+    def __init__(__self__,
+                 resource_name: str,
+                 opts: Optional[pulumi.ResourceOptions] = None,
+                 auth_type: Optional[pulumi.Input[builtins.str]] = None,
+                 backend: Optional[pulumi.Input[builtins.str]] = None,
+                 challenge: Optional[pulumi.Input[builtins.str]] = None,
+                 display_name: Optional[pulumi.Input[builtins.str]] = None,
+                 name: Optional[pulumi.Input[builtins.str]] = None,
+                 namespace: Optional[pulumi.Input[builtins.str]] = None,
+                 token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
+                 token_explicit_max_ttl: Optional[pulumi.Input[builtins.int]] = None,
+                 token_max_ttl: Optional[pulumi.Input[builtins.int]] = None,
+                 token_no_default_policy: Optional[pulumi.Input[builtins.bool]] = None,
+                 token_num_uses: Optional[pulumi.Input[builtins.int]] = None,
+                 token_period: Optional[pulumi.Input[builtins.int]] = None,
+                 token_policies: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
+                 token_ttl: Optional[pulumi.Input[builtins.int]] = None,
+                 token_type: Optional[pulumi.Input[builtins.str]] = None,
+                 __props__=None):
+        """
+        ## Example Usage
+        ```python
+        import pulumi
+        import pulumi_vault as vault
+        scep = vault.AuthBackend("scep",
+            path="scep",
+            type="scep")
+        scep_scep_auth_backend_role = vault.ScepAuthBackendRole("scep",
+            backend=scep.path,
+            name="scep_challenge",
+            auth_type="static-challenge",
+            challenge="well known secret",
+            token_type="batch",
+            token_ttl=300,
+            token_max_ttl=600,
+            token_policies=["scep-clients"])
+        ```
+        :param str resource_name: The name of the resource.
+        :param pulumi.ResourceOptions opts: Options for the resource.
+        :param pulumi.Input[builtins.str] auth_type: The authentication type to use. This can be either "static-challenge" or "intune".
+        :param pulumi.Input[builtins.str] backend: Path to the mounted SCEP auth backend.
+        :param pulumi.Input[builtins.str] challenge: The static challenge to use if auth_type is "static-challenge", not used for other auth types.
+        :param pulumi.Input[builtins.str] name: Name of the role.
+        :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
+               The value should not contain leading or trailing forward slashes.
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
+               *Available only for Vault Enterprise*.
+        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
+        :param pulumi.Input[builtins.int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
+        :param pulumi.Input[builtins.int] token_max_ttl: The maximum lifetime of the generated token
+        :param pulumi.Input[builtins.bool] token_no_default_policy: If true, the 'default' policy will not automatically be added to generated tokens
+        :param pulumi.Input[builtins.int] token_num_uses: The maximum number of times a token may be used, a value of zero means unlimited
+        :param pulumi.Input[builtins.int] token_period: Generated Token's Period
+        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] token_policies: Generated Token's Policies
+        :param pulumi.Input[builtins.int] token_ttl: The initial ttl of the token to generate in seconds
+        :param pulumi.Input[builtins.str] token_type: The type of token to generate, service or batch
+        """
+        ...
+    @overload
+    def __init__(__self__,
+                 resource_name: str,
+                 args: ScepAuthBackendRoleArgs,
+                 opts: Optional[pulumi.ResourceOptions] = None):
+        """
+        ## Example Usage
+        ```python
+        import pulumi
+        import pulumi_vault as vault
+        scep = vault.AuthBackend("scep",
+            path="scep",
+            type="scep")
+        scep_scep_auth_backend_role = vault.ScepAuthBackendRole("scep",
+            backend=scep.path,
+            name="scep_challenge",
+            auth_type="static-challenge",
+            challenge="well known secret",
+            token_type="batch",
+            token_ttl=300,
+            token_max_ttl=600,
+            token_policies=["scep-clients"])
+        ```
+        :param str resource_name: The name of the resource.
+        :param ScepAuthBackendRoleArgs args: The arguments to use to populate this resource's properties.
+        :param pulumi.ResourceOptions opts: Options for the resource.
+        """
+        ...
+    def __init__(__self__, resource_name: str, *args, **kwargs):
+        resource_args, opts = _utilities.get_resource_args_opts(ScepAuthBackendRoleArgs, pulumi.ResourceOptions, *args, **kwargs)
+        if resource_args is not None:
+            __self__._internal_init(resource_name, opts, **resource_args.__dict__)
+        else:
+            __self__._internal_init(resource_name, *args, **kwargs)
+    def _internal_init(__self__,
+                 resource_name: str,
+                 opts: Optional[pulumi.ResourceOptions] = None,
+                 auth_type: Optional[pulumi.Input[builtins.str]] = None,
+                 backend: Optional[pulumi.Input[builtins.str]] = None,
+                 challenge: Optional[pulumi.Input[builtins.str]] = None,
+                 display_name: Optional[pulumi.Input[builtins.str]] = None,
+                 name: Optional[pulumi.Input[builtins.str]] = None,
+                 namespace: Optional[pulumi.Input[builtins.str]] = None,
+                 token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
+                 token_explicit_max_ttl: Optional[pulumi.Input[builtins.int]] = None,
+                 token_max_ttl: Optional[pulumi.Input[builtins.int]] = None,
+                 token_no_default_policy: Optional[pulumi.Input[builtins.bool]] = None,
+                 token_num_uses: Optional[pulumi.Input[builtins.int]] = None,
+                 token_period: Optional[pulumi.Input[builtins.int]] = None,
+                 token_policies: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
+                 token_ttl: Optional[pulumi.Input[builtins.int]] = None,
+                 token_type: Optional[pulumi.Input[builtins.str]] = None,
+                 __props__=None):
+        opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
+        if not isinstance(opts, pulumi.ResourceOptions):
+            raise TypeError('Expected resource options to be a ResourceOptions instance')
+        if opts.id is None:
+            if __props__ is not None:
+                raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource')
+            __props__ = ScepAuthBackendRoleArgs.__new__(ScepAuthBackendRoleArgs)
+            if auth_type is None and not opts.urn:
+                raise TypeError("Missing required property 'auth_type'")
+            __props__.__dict__["auth_type"] = auth_type
+            __props__.__dict__["backend"] = backend
+            __props__.__dict__["challenge"] = challenge
+            __props__.__dict__["display_name"] = display_name
+            __props__.__dict__["name"] = name
+            __props__.__dict__["namespace"] = namespace
+            __props__.__dict__["token_bound_cidrs"] = token_bound_cidrs
+            __props__.__dict__["token_explicit_max_ttl"] = token_explicit_max_ttl
+            __props__.__dict__["token_max_ttl"] = token_max_ttl
+            __props__.__dict__["token_no_default_policy"] = token_no_default_policy
+            __props__.__dict__["token_num_uses"] = token_num_uses
+            __props__.__dict__["token_period"] = token_period
+            __props__.__dict__["token_policies"] = token_policies
+            __props__.__dict__["token_ttl"] = token_ttl
+            __props__.__dict__["token_type"] = token_type
+        super(ScepAuthBackendRole, __self__).__init__(
+            'vault:index/scepAuthBackendRole:ScepAuthBackendRole',
+            resource_name,
+            __props__,
+            opts)
+    @staticmethod
+    def get(resource_name: str,
+            id: pulumi.Input[str],
+            opts: Optional[pulumi.ResourceOptions] = None,
+            auth_type: Optional[pulumi.Input[builtins.str]] = None,
+            backend: Optional[pulumi.Input[builtins.str]] = None,
+            challenge: Optional[pulumi.Input[builtins.str]] = None,
+            display_name: Optional[pulumi.Input[builtins.str]] = None,
+            name: Optional[pulumi.Input[builtins.str]] = None,
+            namespace: Optional[pulumi.Input[builtins.str]] = None,
+            token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
+            token_explicit_max_ttl: Optional[pulumi.Input[builtins.int]] = None,
+            token_max_ttl: Optional[pulumi.Input[builtins.int]] = None,
+            token_no_default_policy: Optional[pulumi.Input[builtins.bool]] = None,
+            token_num_uses: Optional[pulumi.Input[builtins.int]] = None,
+            token_period: Optional[pulumi.Input[builtins.int]] = None,
+            token_policies: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
+            token_ttl: Optional[pulumi.Input[builtins.int]] = None,
+            token_type: Optional[pulumi.Input[builtins.str]] = None) -> 'ScepAuthBackendRole':
+        """
+        Get an existing ScepAuthBackendRole resource's state with the given name, id, and optional extra
+        properties used to qualify the lookup.
+        :param str resource_name: The unique name of the resulting resource.
+        :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
+        :param pulumi.ResourceOptions opts: Options for the resource.
+        :param pulumi.Input[builtins.str] auth_type: The authentication type to use. This can be either "static-challenge" or "intune".
+        :param pulumi.Input[builtins.str] backend: Path to the mounted SCEP auth backend.
+        :param pulumi.Input[builtins.str] challenge: The static challenge to use if auth_type is "static-challenge", not used for other auth types.
+        :param pulumi.Input[builtins.str] name: Name of the role.
+        :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
+               The value should not contain leading or trailing forward slashes.
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
+               *Available only for Vault Enterprise*.
+        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
+        :param pulumi.Input[builtins.int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
+        :param pulumi.Input[builtins.int] token_max_ttl: The maximum lifetime of the generated token
+        :param pulumi.Input[builtins.bool] token_no_default_policy: If true, the 'default' policy will not automatically be added to generated tokens
+        :param pulumi.Input[builtins.int] token_num_uses: The maximum number of times a token may be used, a value of zero means unlimited
+        :param pulumi.Input[builtins.int] token_period: Generated Token's Period
+        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] token_policies: Generated Token's Policies
+        :param pulumi.Input[builtins.int] token_ttl: The initial ttl of the token to generate in seconds
+        :param pulumi.Input[builtins.str] token_type: The type of token to generate, service or batch
+        """
+        opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
+        __props__ = _ScepAuthBackendRoleState.__new__(_ScepAuthBackendRoleState)
+        __props__.__dict__["auth_type"] = auth_type
+        __props__.__dict__["backend"] = backend
+        __props__.__dict__["challenge"] = challenge
+        __props__.__dict__["display_name"] = display_name
+        __props__.__dict__["name"] = name
+        __props__.__dict__["namespace"] = namespace
+        __props__.__dict__["token_bound_cidrs"] = token_bound_cidrs
+        __props__.__dict__["token_explicit_max_ttl"] = token_explicit_max_ttl
+        __props__.__dict__["token_max_ttl"] = token_max_ttl
+        __props__.__dict__["token_no_default_policy"] = token_no_default_policy
+        __props__.__dict__["token_num_uses"] = token_num_uses
+        __props__.__dict__["token_period"] = token_period
+        __props__.__dict__["token_policies"] = token_policies
+        __props__.__dict__["token_ttl"] = token_ttl
+        __props__.__dict__["token_type"] = token_type
+        return ScepAuthBackendRole(resource_name, opts=opts, __props__=__props__)
+    @property
+    @pulumi.getter(name="authType")
+    def auth_type(self) -> pulumi.Output[builtins.str]:
+        """
+        The authentication type to use. This can be either "static-challenge" or "intune".
+        """
+        return pulumi.get(self, "auth_type")
+    @property
+    @pulumi.getter
+    def backend(self) -> pulumi.Output[Optional[builtins.str]]:
+        """
+        Path to the mounted SCEP auth backend.
+        """
+        return pulumi.get(self, "backend")
+    @property
+    @pulumi.getter
+    def challenge(self) -> pulumi.Output[Optional[builtins.str]]:
+        """
+        The static challenge to use if auth_type is "static-challenge", not used for other auth types.
+        """
+        return pulumi.get(self, "challenge")
+    @property
+    @pulumi.getter(name="displayName")
+    def display_name(self) -> pulumi.Output[builtins.str]:
+        return pulumi.get(self, "display_name")
+    @property
+    @pulumi.getter
+    def name(self) -> pulumi.Output[builtins.str]:
+        """
+        Name of the role.
+        """
+        return pulumi.get(self, "name")
+    @property
+    @pulumi.getter
+    def namespace(self) -> pulumi.Output[Optional[builtins.str]]:
+        """
+        The namespace to provision the resource in.
+        The value should not contain leading or trailing forward slashes.
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
+        *Available only for Vault Enterprise*.
+        """
+        return pulumi.get(self, "namespace")
+    @property
+    @pulumi.getter(name="tokenBoundCidrs")
+    def token_bound_cidrs(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
+        """
+        Specifies the blocks of IP addresses which are allowed to use the generated token
+        """
+        return pulumi.get(self, "token_bound_cidrs")
+    @property
+    @pulumi.getter(name="tokenExplicitMaxTtl")
+    def token_explicit_max_ttl(self) -> pulumi.Output[Optional[builtins.int]]:
+        """
+        Generated Token's Explicit Maximum TTL in seconds
+        """
+        return pulumi.get(self, "token_explicit_max_ttl")
+    @property
+    @pulumi.getter(name="tokenMaxTtl")
+    def token_max_ttl(self) -> pulumi.Output[Optional[builtins.int]]:
+        """
+        The maximum lifetime of the generated token
+        """
+        return pulumi.get(self, "token_max_ttl")
+    @property
+    @pulumi.getter(name="tokenNoDefaultPolicy")
+    def token_no_default_policy(self) -> pulumi.Output[Optional[builtins.bool]]:
+        """
+        If true, the 'default' policy will not automatically be added to generated tokens
+        """
+        return pulumi.get(self, "token_no_default_policy")
+    @property
+    @pulumi.getter(name="tokenNumUses")
+    def token_num_uses(self) -> pulumi.Output[Optional[builtins.int]]:
+        """
+        The maximum number of times a token may be used, a value of zero means unlimited
+        """
+        return pulumi.get(self, "token_num_uses")
+    @property
+    @pulumi.getter(name="tokenPeriod")
+    def token_period(self) -> pulumi.Output[Optional[builtins.int]]:
+        """
+        Generated Token's Period
+        """
+        return pulumi.get(self, "token_period")
+    @property
+    @pulumi.getter(name="tokenPolicies")
+    def token_policies(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
+        """
+        Generated Token's Policies
+        """
+        return pulumi.get(self, "token_policies")
+    @property
+    @pulumi.getter(name="tokenTtl")
+    def token_ttl(self) -> pulumi.Output[Optional[builtins.int]]:
+        """
+        The initial ttl of the token to generate in seconds
+        """
+        return pulumi.get(self, "token_ttl")
+    @property
+    @pulumi.getter(name="tokenType")
+    def token_type(self) -> pulumi.Output[Optional[builtins.str]]:
+        """
+        The type of token to generate, service or batch
+        """
+        return pulumi.get(self, "token_type")

pulumi-vault 7.0.0a1750489873__py3-none-any.whl → 7.1.0a1752118888__py3-none-any.whl

pulumi-vault 7.0.0a1750489873py3-none-any.whl → 7.1.0a1752118888py3-none-any.whl