pulumi-vault 7.1.0__py3-none-any.whl → 7.2.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_vault/__init__.py +19 -1
- pulumi_vault/_inputs.py +873 -673
- pulumi_vault/ad/__init__.py +1 -1
- pulumi_vault/ad/get_access_credentials.py +27 -28
- pulumi_vault/ad/secret_backend.py +579 -580
- pulumi_vault/ad/secret_library.py +120 -121
- pulumi_vault/ad/secret_role.py +104 -105
- pulumi_vault/alicloud/__init__.py +1 -1
- pulumi_vault/alicloud/auth_backend_role.py +222 -223
- pulumi_vault/approle/__init__.py +1 -1
- pulumi_vault/approle/auth_backend_login.py +138 -139
- pulumi_vault/approle/auth_backend_role.py +292 -293
- pulumi_vault/approle/auth_backend_role_secret_id.py +202 -203
- pulumi_vault/approle/get_auth_backend_role_id.py +23 -24
- pulumi_vault/audit.py +103 -104
- pulumi_vault/audit_request_header.py +52 -53
- pulumi_vault/auth_backend.py +132 -133
- pulumi_vault/aws/__init__.py +1 -1
- pulumi_vault/aws/auth_backend_cert.py +86 -87
- pulumi_vault/aws/auth_backend_client.py +307 -308
- pulumi_vault/aws/auth_backend_config_identity.py +103 -104
- pulumi_vault/aws/auth_backend_identity_whitelist.py +69 -70
- pulumi_vault/aws/auth_backend_login.py +258 -259
- pulumi_vault/aws/auth_backend_role.py +486 -487
- pulumi_vault/aws/auth_backend_role_tag.py +155 -156
- pulumi_vault/aws/auth_backend_roletag_blacklist.py +69 -70
- pulumi_vault/aws/auth_backend_sts_role.py +86 -87
- pulumi_vault/aws/get_access_credentials.py +59 -60
- pulumi_vault/aws/get_static_access_credentials.py +19 -20
- pulumi_vault/aws/secret_backend.py +1016 -439
- pulumi_vault/aws/secret_backend_role.py +256 -257
- pulumi_vault/aws/secret_backend_static_role.py +137 -138
- pulumi_vault/azure/__init__.py +1 -1
- pulumi_vault/azure/_inputs.py +26 -27
- pulumi_vault/azure/auth_backend_config.py +222 -223
- pulumi_vault/azure/auth_backend_role.py +307 -308
- pulumi_vault/azure/backend.py +1057 -285
- pulumi_vault/azure/backend_role.py +194 -195
- pulumi_vault/azure/get_access_credentials.py +75 -76
- pulumi_vault/azure/outputs.py +16 -17
- pulumi_vault/cert_auth_backend_role.py +443 -444
- pulumi_vault/config/__init__.py +1 -1
- pulumi_vault/config/__init__.pyi +1 -2
- pulumi_vault/config/_inputs.py +13 -14
- pulumi_vault/config/outputs.py +380 -381
- pulumi_vault/config/ui_custom_message.py +140 -141
- pulumi_vault/config/vars.py +31 -32
- pulumi_vault/consul/__init__.py +1 -1
- pulumi_vault/consul/secret_backend.py +887 -256
- pulumi_vault/consul/secret_backend_role.py +222 -223
- pulumi_vault/database/__init__.py +1 -1
- pulumi_vault/database/_inputs.py +3167 -3168
- pulumi_vault/database/outputs.py +2123 -2124
- pulumi_vault/database/secret_backend_connection.py +259 -260
- pulumi_vault/database/secret_backend_role.py +205 -206
- pulumi_vault/database/secret_backend_static_role.py +218 -219
- pulumi_vault/database/secrets_mount.py +426 -380
- pulumi_vault/egp_policy.py +86 -87
- pulumi_vault/gcp/__init__.py +1 -1
- pulumi_vault/gcp/_inputs.py +98 -99
- pulumi_vault/gcp/auth_backend.py +322 -323
- pulumi_vault/gcp/auth_backend_role.py +347 -348
- pulumi_vault/gcp/get_auth_backend_role.py +91 -92
- pulumi_vault/gcp/outputs.py +66 -67
- pulumi_vault/gcp/secret_backend.py +878 -336
- pulumi_vault/gcp/secret_impersonated_account.py +112 -113
- pulumi_vault/gcp/secret_roleset.py +115 -116
- pulumi_vault/gcp/secret_static_account.py +115 -116
- pulumi_vault/generic/__init__.py +1 -1
- pulumi_vault/generic/endpoint.py +138 -139
- pulumi_vault/generic/get_secret.py +39 -40
- pulumi_vault/generic/secret.py +95 -96
- pulumi_vault/get_auth_backend.py +29 -30
- pulumi_vault/get_auth_backends.py +19 -20
- pulumi_vault/get_namespace.py +21 -22
- pulumi_vault/get_namespaces.py +19 -20
- pulumi_vault/get_nomad_access_token.py +25 -26
- pulumi_vault/get_policy_document.py +10 -11
- pulumi_vault/get_raft_autopilot_state.py +31 -32
- pulumi_vault/github/__init__.py +1 -1
- pulumi_vault/github/_inputs.py +50 -51
- pulumi_vault/github/auth_backend.py +285 -286
- pulumi_vault/github/outputs.py +34 -35
- pulumi_vault/github/team.py +69 -70
- pulumi_vault/github/user.py +69 -70
- pulumi_vault/identity/__init__.py +1 -1
- pulumi_vault/identity/entity.py +103 -104
- pulumi_vault/identity/entity_alias.py +86 -87
- pulumi_vault/identity/entity_policies.py +78 -79
- pulumi_vault/identity/get_entity.py +62 -63
- pulumi_vault/identity/get_group.py +75 -76
- pulumi_vault/identity/get_oidc_client_creds.py +19 -20
- pulumi_vault/identity/get_oidc_openid_config.py +39 -40
- pulumi_vault/identity/get_oidc_public_keys.py +17 -18
- pulumi_vault/identity/group.py +171 -172
- pulumi_vault/identity/group_alias.py +69 -70
- pulumi_vault/identity/group_member_entity_ids.py +69 -70
- pulumi_vault/identity/group_member_group_ids.py +69 -70
- pulumi_vault/identity/group_policies.py +78 -79
- pulumi_vault/identity/mfa_duo.py +183 -184
- pulumi_vault/identity/mfa_login_enforcement.py +147 -148
- pulumi_vault/identity/mfa_okta.py +166 -167
- pulumi_vault/identity/mfa_pingid.py +160 -161
- pulumi_vault/identity/mfa_totp.py +217 -218
- pulumi_vault/identity/oidc.py +35 -36
- pulumi_vault/identity/oidc_assignment.py +69 -70
- pulumi_vault/identity/oidc_client.py +155 -156
- pulumi_vault/identity/oidc_key.py +103 -104
- pulumi_vault/identity/oidc_key_allowed_client_id.py +52 -53
- pulumi_vault/identity/oidc_provider.py +112 -113
- pulumi_vault/identity/oidc_role.py +103 -104
- pulumi_vault/identity/oidc_scope.py +69 -70
- pulumi_vault/identity/outputs.py +42 -43
- pulumi_vault/jwt/__init__.py +1 -1
- pulumi_vault/jwt/_inputs.py +50 -51
- pulumi_vault/jwt/auth_backend.py +400 -354
- pulumi_vault/jwt/auth_backend_role.py +494 -495
- pulumi_vault/jwt/outputs.py +34 -35
- pulumi_vault/kmip/__init__.py +1 -1
- pulumi_vault/kmip/secret_backend.py +1006 -227
- pulumi_vault/kmip/secret_role.py +358 -359
- pulumi_vault/kmip/secret_scope.py +69 -70
- pulumi_vault/kubernetes/__init__.py +1 -1
- pulumi_vault/kubernetes/auth_backend_config.py +171 -172
- pulumi_vault/kubernetes/auth_backend_role.py +273 -274
- pulumi_vault/kubernetes/get_auth_backend_config.py +57 -58
- pulumi_vault/kubernetes/get_auth_backend_role.py +87 -88
- pulumi_vault/kubernetes/get_service_account_token.py +51 -52
- pulumi_vault/kubernetes/secret_backend.py +431 -385
- pulumi_vault/kubernetes/secret_backend_role.py +239 -240
- pulumi_vault/kv/__init__.py +1 -1
- pulumi_vault/kv/_inputs.py +25 -26
- pulumi_vault/kv/get_secret.py +25 -26
- pulumi_vault/kv/get_secret_subkeys_v2.py +39 -40
- pulumi_vault/kv/get_secret_v2.py +41 -42
- pulumi_vault/kv/get_secrets_list.py +17 -18
- pulumi_vault/kv/get_secrets_list_v2.py +25 -26
- pulumi_vault/kv/outputs.py +17 -18
- pulumi_vault/kv/secret.py +61 -62
- pulumi_vault/kv/secret_backend_v2.py +86 -87
- pulumi_vault/kv/secret_v2.py +184 -185
- pulumi_vault/ldap/__init__.py +1 -1
- pulumi_vault/ldap/auth_backend.py +716 -717
- pulumi_vault/ldap/auth_backend_group.py +69 -70
- pulumi_vault/ldap/auth_backend_user.py +86 -87
- pulumi_vault/ldap/get_dynamic_credentials.py +27 -28
- pulumi_vault/ldap/get_static_credentials.py +29 -30
- pulumi_vault/ldap/secret_backend.py +732 -693
- pulumi_vault/ldap/secret_backend_dynamic_role.py +154 -155
- pulumi_vault/ldap/secret_backend_library_set.py +120 -121
- pulumi_vault/ldap/secret_backend_static_role.py +120 -121
- pulumi_vault/managed/__init__.py +1 -1
- pulumi_vault/managed/_inputs.py +274 -275
- pulumi_vault/managed/keys.py +27 -28
- pulumi_vault/managed/outputs.py +184 -185
- pulumi_vault/mfa_duo.py +137 -138
- pulumi_vault/mfa_okta.py +137 -138
- pulumi_vault/mfa_pingid.py +149 -150
- pulumi_vault/mfa_totp.py +154 -155
- pulumi_vault/mongodbatlas/__init__.py +1 -1
- pulumi_vault/mongodbatlas/secret_backend.py +78 -79
- pulumi_vault/mongodbatlas/secret_role.py +188 -189
- pulumi_vault/mount.py +380 -334
- pulumi_vault/namespace.py +78 -79
- pulumi_vault/nomad_secret_backend.py +909 -271
- pulumi_vault/nomad_secret_role.py +103 -104
- pulumi_vault/oci_auth_backend.py +683 -0
- pulumi_vault/oci_auth_backend_role.py +798 -0
- pulumi_vault/okta/__init__.py +1 -1
- pulumi_vault/okta/_inputs.py +31 -32
- pulumi_vault/okta/auth_backend.py +305 -306
- pulumi_vault/okta/auth_backend_group.py +69 -70
- pulumi_vault/okta/auth_backend_user.py +86 -87
- pulumi_vault/okta/outputs.py +21 -22
- pulumi_vault/outputs.py +234 -82
- pulumi_vault/pkisecret/__init__.py +1 -1
- pulumi_vault/pkisecret/_inputs.py +55 -56
- pulumi_vault/pkisecret/backend_acme_eab.py +116 -117
- pulumi_vault/pkisecret/backend_config_acme.py +175 -176
- pulumi_vault/pkisecret/backend_config_auto_tidy.py +394 -395
- pulumi_vault/pkisecret/backend_config_cluster.py +71 -72
- pulumi_vault/pkisecret/backend_config_cmpv2.py +132 -133
- pulumi_vault/pkisecret/backend_config_est.py +149 -150
- pulumi_vault/pkisecret/backend_config_scep.py +205 -159
- pulumi_vault/pkisecret/get_backend_cert_metadata.py +37 -38
- pulumi_vault/pkisecret/get_backend_config_cmpv2.py +32 -33
- pulumi_vault/pkisecret/get_backend_config_est.py +30 -31
- pulumi_vault/pkisecret/get_backend_config_scep.py +50 -31
- pulumi_vault/pkisecret/get_backend_issuer.py +63 -64
- pulumi_vault/pkisecret/get_backend_issuers.py +23 -24
- pulumi_vault/pkisecret/get_backend_key.py +29 -30
- pulumi_vault/pkisecret/get_backend_keys.py +23 -24
- pulumi_vault/pkisecret/outputs.py +61 -62
- pulumi_vault/pkisecret/secret_backend_cert.py +415 -416
- pulumi_vault/pkisecret/secret_backend_config_ca.py +54 -55
- pulumi_vault/pkisecret/secret_backend_config_issuers.py +75 -76
- pulumi_vault/pkisecret/secret_backend_config_urls.py +105 -106
- pulumi_vault/pkisecret/secret_backend_crl_config.py +241 -242
- pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +515 -516
- pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +78 -79
- pulumi_vault/pkisecret/secret_backend_issuer.py +286 -287
- pulumi_vault/pkisecret/secret_backend_key.py +146 -147
- pulumi_vault/pkisecret/secret_backend_role.py +873 -874
- pulumi_vault/pkisecret/secret_backend_root_cert.py +677 -678
- pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +660 -661
- pulumi_vault/pkisecret/secret_backend_sign.py +346 -347
- pulumi_vault/plugin.py +154 -155
- pulumi_vault/plugin_pinned_version.py +52 -53
- pulumi_vault/policy.py +52 -53
- pulumi_vault/provider.py +160 -161
- pulumi_vault/pulumi-plugin.json +1 -1
- pulumi_vault/quota_lease_count.py +103 -104
- pulumi_vault/quota_rate_limit.py +171 -172
- pulumi_vault/rabbitmq/__init__.py +1 -1
- pulumi_vault/rabbitmq/_inputs.py +50 -51
- pulumi_vault/rabbitmq/outputs.py +34 -35
- pulumi_vault/rabbitmq/secret_backend.py +902 -231
- pulumi_vault/rabbitmq/secret_backend_role.py +79 -80
- pulumi_vault/raft_autopilot.py +137 -138
- pulumi_vault/raft_snapshot_agent_config.py +477 -478
- pulumi_vault/rgp_policy.py +69 -70
- pulumi_vault/saml/__init__.py +1 -1
- pulumi_vault/saml/auth_backend.py +188 -189
- pulumi_vault/saml/auth_backend_role.py +290 -291
- pulumi_vault/scep_auth_backend_role.py +252 -253
- pulumi_vault/secrets/__init__.py +1 -1
- pulumi_vault/secrets/_inputs.py +19 -20
- pulumi_vault/secrets/outputs.py +13 -14
- pulumi_vault/secrets/sync_association.py +88 -89
- pulumi_vault/secrets/sync_aws_destination.py +180 -181
- pulumi_vault/secrets/sync_azure_destination.py +180 -181
- pulumi_vault/secrets/sync_config.py +52 -53
- pulumi_vault/secrets/sync_gcp_destination.py +129 -130
- pulumi_vault/secrets/sync_gh_destination.py +163 -164
- pulumi_vault/secrets/sync_github_apps.py +78 -79
- pulumi_vault/secrets/sync_vercel_destination.py +146 -147
- pulumi_vault/ssh/__init__.py +1 -1
- pulumi_vault/ssh/_inputs.py +13 -14
- pulumi_vault/ssh/get_secret_backend_sign.py +65 -66
- pulumi_vault/ssh/outputs.py +9 -10
- pulumi_vault/ssh/secret_backend_ca.py +217 -124
- pulumi_vault/ssh/secret_backend_role.py +446 -447
- pulumi_vault/terraformcloud/__init__.py +1 -1
- pulumi_vault/terraformcloud/secret_backend.py +833 -155
- pulumi_vault/terraformcloud/secret_creds.py +93 -94
- pulumi_vault/terraformcloud/secret_role.py +117 -118
- pulumi_vault/token.py +301 -302
- pulumi_vault/tokenauth/__init__.py +1 -1
- pulumi_vault/tokenauth/auth_backend_role.py +324 -325
- pulumi_vault/transform/__init__.py +1 -1
- pulumi_vault/transform/alphabet.py +69 -70
- pulumi_vault/transform/get_decode.py +57 -58
- pulumi_vault/transform/get_encode.py +57 -58
- pulumi_vault/transform/role.py +69 -70
- pulumi_vault/transform/template.py +137 -138
- pulumi_vault/transform/transformation.py +171 -172
- pulumi_vault/transit/__init__.py +1 -1
- pulumi_vault/transit/get_cmac.py +47 -48
- pulumi_vault/transit/get_decrypt.py +25 -26
- pulumi_vault/transit/get_encrypt.py +29 -30
- pulumi_vault/transit/get_sign.py +71 -72
- pulumi_vault/transit/get_verify.py +83 -84
- pulumi_vault/transit/secret_backend_key.py +377 -350
- pulumi_vault/transit/secret_cache_config.py +52 -53
- {pulumi_vault-7.1.0.dist-info → pulumi_vault-7.2.0.dist-info}/METADATA +1 -1
- pulumi_vault-7.2.0.dist-info/RECORD +270 -0
- pulumi_vault-7.1.0.dist-info/RECORD +0 -268
- {pulumi_vault-7.1.0.dist-info → pulumi_vault-7.2.0.dist-info}/WHEEL +0 -0
- {pulumi_vault-7.1.0.dist-info → pulumi_vault-7.2.0.dist-info}/top_level.txt +0 -0
|
@@ -2,8 +2,7 @@
|
|
|
2
2
|
# *** WARNING: this file was generated by pulumi-language-python. ***
|
|
3
3
|
# *** Do not edit by hand unless you're certain you know what you are doing! ***
|
|
4
4
|
|
|
5
|
-
import builtins
|
|
6
|
-
import copy
|
|
5
|
+
import builtins as _builtins
|
|
7
6
|
import warnings
|
|
8
7
|
import sys
|
|
9
8
|
import pulumi
|
|
@@ -20,49 +19,49 @@ __all__ = ['AuthBackendRoleArgs', 'AuthBackendRole']
|
|
|
20
19
|
@pulumi.input_type
|
|
21
20
|
class AuthBackendRoleArgs:
|
|
22
21
|
def __init__(__self__, *,
|
|
23
|
-
role_name: pulumi.Input[
|
|
24
|
-
allowed_entity_aliases: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
25
|
-
allowed_policies: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
26
|
-
allowed_policies_globs: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
27
|
-
disallowed_policies: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
28
|
-
disallowed_policies_globs: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
29
|
-
namespace: Optional[pulumi.Input[
|
|
30
|
-
orphan: Optional[pulumi.Input[
|
|
31
|
-
path_suffix: Optional[pulumi.Input[
|
|
32
|
-
renewable: Optional[pulumi.Input[
|
|
33
|
-
token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
34
|
-
token_explicit_max_ttl: Optional[pulumi.Input[
|
|
35
|
-
token_max_ttl: Optional[pulumi.Input[
|
|
36
|
-
token_no_default_policy: Optional[pulumi.Input[
|
|
37
|
-
token_num_uses: Optional[pulumi.Input[
|
|
38
|
-
token_period: Optional[pulumi.Input[
|
|
39
|
-
token_policies: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
40
|
-
token_ttl: Optional[pulumi.Input[
|
|
41
|
-
token_type: Optional[pulumi.Input[
|
|
22
|
+
role_name: pulumi.Input[_builtins.str],
|
|
23
|
+
allowed_entity_aliases: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
24
|
+
allowed_policies: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
25
|
+
allowed_policies_globs: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
26
|
+
disallowed_policies: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
27
|
+
disallowed_policies_globs: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
28
|
+
namespace: Optional[pulumi.Input[_builtins.str]] = None,
|
|
29
|
+
orphan: Optional[pulumi.Input[_builtins.bool]] = None,
|
|
30
|
+
path_suffix: Optional[pulumi.Input[_builtins.str]] = None,
|
|
31
|
+
renewable: Optional[pulumi.Input[_builtins.bool]] = None,
|
|
32
|
+
token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
33
|
+
token_explicit_max_ttl: Optional[pulumi.Input[_builtins.int]] = None,
|
|
34
|
+
token_max_ttl: Optional[pulumi.Input[_builtins.int]] = None,
|
|
35
|
+
token_no_default_policy: Optional[pulumi.Input[_builtins.bool]] = None,
|
|
36
|
+
token_num_uses: Optional[pulumi.Input[_builtins.int]] = None,
|
|
37
|
+
token_period: Optional[pulumi.Input[_builtins.int]] = None,
|
|
38
|
+
token_policies: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
39
|
+
token_ttl: Optional[pulumi.Input[_builtins.int]] = None,
|
|
40
|
+
token_type: Optional[pulumi.Input[_builtins.str]] = None):
|
|
42
41
|
"""
|
|
43
42
|
The set of arguments for constructing a AuthBackendRole resource.
|
|
44
|
-
:param pulumi.Input[
|
|
45
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
46
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
47
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
48
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
49
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
50
|
-
:param pulumi.Input[
|
|
43
|
+
:param pulumi.Input[_builtins.str] role_name: The name of the role.
|
|
44
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] allowed_entity_aliases: List of allowed entity aliases.
|
|
45
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] allowed_policies: List of allowed policies for given role.
|
|
46
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] allowed_policies_globs: Set of allowed policies with glob match for given role.
|
|
47
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] disallowed_policies: List of disallowed policies for given role.
|
|
48
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] disallowed_policies_globs: Set of disallowed policies with glob match for given role.
|
|
49
|
+
:param pulumi.Input[_builtins.str] namespace: The namespace to provision the resource in.
|
|
51
50
|
The value should not contain leading or trailing forward slashes.
|
|
52
51
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
|
53
52
|
*Available only for Vault Enterprise*.
|
|
54
|
-
:param pulumi.Input[
|
|
55
|
-
:param pulumi.Input[
|
|
56
|
-
:param pulumi.Input[
|
|
57
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
58
|
-
:param pulumi.Input[
|
|
59
|
-
:param pulumi.Input[
|
|
60
|
-
:param pulumi.Input[
|
|
61
|
-
:param pulumi.Input[
|
|
62
|
-
:param pulumi.Input[
|
|
63
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
64
|
-
:param pulumi.Input[
|
|
65
|
-
:param pulumi.Input[
|
|
53
|
+
:param pulumi.Input[_builtins.bool] orphan: If true, tokens created against this policy will be orphan tokens.
|
|
54
|
+
:param pulumi.Input[_builtins.str] path_suffix: Tokens created against this role will have the given suffix as part of their path in addition to the role name.
|
|
55
|
+
:param pulumi.Input[_builtins.bool] renewable: Whether to disable the ability of the token to be renewed past its initial TTL.
|
|
56
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
|
|
57
|
+
:param pulumi.Input[_builtins.int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
|
|
58
|
+
:param pulumi.Input[_builtins.int] token_max_ttl: The maximum lifetime of the generated token
|
|
59
|
+
:param pulumi.Input[_builtins.bool] token_no_default_policy: If true, the 'default' policy will not automatically be added to generated tokens
|
|
60
|
+
:param pulumi.Input[_builtins.int] token_num_uses: The maximum number of times a token may be used, a value of zero means unlimited
|
|
61
|
+
:param pulumi.Input[_builtins.int] token_period: Generated Token's Period
|
|
62
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] token_policies: Generated Token's Policies
|
|
63
|
+
:param pulumi.Input[_builtins.int] token_ttl: The initial ttl of the token to generate in seconds
|
|
64
|
+
:param pulumi.Input[_builtins.str] token_type: The type of token to generate, service or batch
|
|
66
65
|
"""
|
|
67
66
|
pulumi.set(__self__, "role_name", role_name)
|
|
68
67
|
if allowed_entity_aliases is not None:
|
|
@@ -102,81 +101,81 @@ class AuthBackendRoleArgs:
|
|
|
102
101
|
if token_type is not None:
|
|
103
102
|
pulumi.set(__self__, "token_type", token_type)
|
|
104
103
|
|
|
105
|
-
@property
|
|
104
|
+
@_builtins.property
|
|
106
105
|
@pulumi.getter(name="roleName")
|
|
107
|
-
def role_name(self) -> pulumi.Input[
|
|
106
|
+
def role_name(self) -> pulumi.Input[_builtins.str]:
|
|
108
107
|
"""
|
|
109
108
|
The name of the role.
|
|
110
109
|
"""
|
|
111
110
|
return pulumi.get(self, "role_name")
|
|
112
111
|
|
|
113
112
|
@role_name.setter
|
|
114
|
-
def role_name(self, value: pulumi.Input[
|
|
113
|
+
def role_name(self, value: pulumi.Input[_builtins.str]):
|
|
115
114
|
pulumi.set(self, "role_name", value)
|
|
116
115
|
|
|
117
|
-
@property
|
|
116
|
+
@_builtins.property
|
|
118
117
|
@pulumi.getter(name="allowedEntityAliases")
|
|
119
|
-
def allowed_entity_aliases(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
118
|
+
def allowed_entity_aliases(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
|
|
120
119
|
"""
|
|
121
120
|
List of allowed entity aliases.
|
|
122
121
|
"""
|
|
123
122
|
return pulumi.get(self, "allowed_entity_aliases")
|
|
124
123
|
|
|
125
124
|
@allowed_entity_aliases.setter
|
|
126
|
-
def allowed_entity_aliases(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
125
|
+
def allowed_entity_aliases(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
|
|
127
126
|
pulumi.set(self, "allowed_entity_aliases", value)
|
|
128
127
|
|
|
129
|
-
@property
|
|
128
|
+
@_builtins.property
|
|
130
129
|
@pulumi.getter(name="allowedPolicies")
|
|
131
|
-
def allowed_policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
130
|
+
def allowed_policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
|
|
132
131
|
"""
|
|
133
132
|
List of allowed policies for given role.
|
|
134
133
|
"""
|
|
135
134
|
return pulumi.get(self, "allowed_policies")
|
|
136
135
|
|
|
137
136
|
@allowed_policies.setter
|
|
138
|
-
def allowed_policies(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
137
|
+
def allowed_policies(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
|
|
139
138
|
pulumi.set(self, "allowed_policies", value)
|
|
140
139
|
|
|
141
|
-
@property
|
|
140
|
+
@_builtins.property
|
|
142
141
|
@pulumi.getter(name="allowedPoliciesGlobs")
|
|
143
|
-
def allowed_policies_globs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
142
|
+
def allowed_policies_globs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
|
|
144
143
|
"""
|
|
145
144
|
Set of allowed policies with glob match for given role.
|
|
146
145
|
"""
|
|
147
146
|
return pulumi.get(self, "allowed_policies_globs")
|
|
148
147
|
|
|
149
148
|
@allowed_policies_globs.setter
|
|
150
|
-
def allowed_policies_globs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
149
|
+
def allowed_policies_globs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
|
|
151
150
|
pulumi.set(self, "allowed_policies_globs", value)
|
|
152
151
|
|
|
153
|
-
@property
|
|
152
|
+
@_builtins.property
|
|
154
153
|
@pulumi.getter(name="disallowedPolicies")
|
|
155
|
-
def disallowed_policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
154
|
+
def disallowed_policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
|
|
156
155
|
"""
|
|
157
156
|
List of disallowed policies for given role.
|
|
158
157
|
"""
|
|
159
158
|
return pulumi.get(self, "disallowed_policies")
|
|
160
159
|
|
|
161
160
|
@disallowed_policies.setter
|
|
162
|
-
def disallowed_policies(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
161
|
+
def disallowed_policies(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
|
|
163
162
|
pulumi.set(self, "disallowed_policies", value)
|
|
164
163
|
|
|
165
|
-
@property
|
|
164
|
+
@_builtins.property
|
|
166
165
|
@pulumi.getter(name="disallowedPoliciesGlobs")
|
|
167
|
-
def disallowed_policies_globs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
166
|
+
def disallowed_policies_globs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
|
|
168
167
|
"""
|
|
169
168
|
Set of disallowed policies with glob match for given role.
|
|
170
169
|
"""
|
|
171
170
|
return pulumi.get(self, "disallowed_policies_globs")
|
|
172
171
|
|
|
173
172
|
@disallowed_policies_globs.setter
|
|
174
|
-
def disallowed_policies_globs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
173
|
+
def disallowed_policies_globs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
|
|
175
174
|
pulumi.set(self, "disallowed_policies_globs", value)
|
|
176
175
|
|
|
177
|
-
@property
|
|
176
|
+
@_builtins.property
|
|
178
177
|
@pulumi.getter
|
|
179
|
-
def namespace(self) -> Optional[pulumi.Input[
|
|
178
|
+
def namespace(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
180
179
|
"""
|
|
181
180
|
The namespace to provision the resource in.
|
|
182
181
|
The value should not contain leading or trailing forward slashes.
|
|
@@ -186,200 +185,200 @@ class AuthBackendRoleArgs:
|
|
|
186
185
|
return pulumi.get(self, "namespace")
|
|
187
186
|
|
|
188
187
|
@namespace.setter
|
|
189
|
-
def namespace(self, value: Optional[pulumi.Input[
|
|
188
|
+
def namespace(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
190
189
|
pulumi.set(self, "namespace", value)
|
|
191
190
|
|
|
192
|
-
@property
|
|
191
|
+
@_builtins.property
|
|
193
192
|
@pulumi.getter
|
|
194
|
-
def orphan(self) -> Optional[pulumi.Input[
|
|
193
|
+
def orphan(self) -> Optional[pulumi.Input[_builtins.bool]]:
|
|
195
194
|
"""
|
|
196
195
|
If true, tokens created against this policy will be orphan tokens.
|
|
197
196
|
"""
|
|
198
197
|
return pulumi.get(self, "orphan")
|
|
199
198
|
|
|
200
199
|
@orphan.setter
|
|
201
|
-
def orphan(self, value: Optional[pulumi.Input[
|
|
200
|
+
def orphan(self, value: Optional[pulumi.Input[_builtins.bool]]):
|
|
202
201
|
pulumi.set(self, "orphan", value)
|
|
203
202
|
|
|
204
|
-
@property
|
|
203
|
+
@_builtins.property
|
|
205
204
|
@pulumi.getter(name="pathSuffix")
|
|
206
|
-
def path_suffix(self) -> Optional[pulumi.Input[
|
|
205
|
+
def path_suffix(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
207
206
|
"""
|
|
208
207
|
Tokens created against this role will have the given suffix as part of their path in addition to the role name.
|
|
209
208
|
"""
|
|
210
209
|
return pulumi.get(self, "path_suffix")
|
|
211
210
|
|
|
212
211
|
@path_suffix.setter
|
|
213
|
-
def path_suffix(self, value: Optional[pulumi.Input[
|
|
212
|
+
def path_suffix(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
214
213
|
pulumi.set(self, "path_suffix", value)
|
|
215
214
|
|
|
216
|
-
@property
|
|
215
|
+
@_builtins.property
|
|
217
216
|
@pulumi.getter
|
|
218
|
-
def renewable(self) -> Optional[pulumi.Input[
|
|
217
|
+
def renewable(self) -> Optional[pulumi.Input[_builtins.bool]]:
|
|
219
218
|
"""
|
|
220
219
|
Whether to disable the ability of the token to be renewed past its initial TTL.
|
|
221
220
|
"""
|
|
222
221
|
return pulumi.get(self, "renewable")
|
|
223
222
|
|
|
224
223
|
@renewable.setter
|
|
225
|
-
def renewable(self, value: Optional[pulumi.Input[
|
|
224
|
+
def renewable(self, value: Optional[pulumi.Input[_builtins.bool]]):
|
|
226
225
|
pulumi.set(self, "renewable", value)
|
|
227
226
|
|
|
228
|
-
@property
|
|
227
|
+
@_builtins.property
|
|
229
228
|
@pulumi.getter(name="tokenBoundCidrs")
|
|
230
|
-
def token_bound_cidrs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
229
|
+
def token_bound_cidrs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
|
|
231
230
|
"""
|
|
232
231
|
Specifies the blocks of IP addresses which are allowed to use the generated token
|
|
233
232
|
"""
|
|
234
233
|
return pulumi.get(self, "token_bound_cidrs")
|
|
235
234
|
|
|
236
235
|
@token_bound_cidrs.setter
|
|
237
|
-
def token_bound_cidrs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
236
|
+
def token_bound_cidrs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
|
|
238
237
|
pulumi.set(self, "token_bound_cidrs", value)
|
|
239
238
|
|
|
240
|
-
@property
|
|
239
|
+
@_builtins.property
|
|
241
240
|
@pulumi.getter(name="tokenExplicitMaxTtl")
|
|
242
|
-
def token_explicit_max_ttl(self) -> Optional[pulumi.Input[
|
|
241
|
+
def token_explicit_max_ttl(self) -> Optional[pulumi.Input[_builtins.int]]:
|
|
243
242
|
"""
|
|
244
243
|
Generated Token's Explicit Maximum TTL in seconds
|
|
245
244
|
"""
|
|
246
245
|
return pulumi.get(self, "token_explicit_max_ttl")
|
|
247
246
|
|
|
248
247
|
@token_explicit_max_ttl.setter
|
|
249
|
-
def token_explicit_max_ttl(self, value: Optional[pulumi.Input[
|
|
248
|
+
def token_explicit_max_ttl(self, value: Optional[pulumi.Input[_builtins.int]]):
|
|
250
249
|
pulumi.set(self, "token_explicit_max_ttl", value)
|
|
251
250
|
|
|
252
|
-
@property
|
|
251
|
+
@_builtins.property
|
|
253
252
|
@pulumi.getter(name="tokenMaxTtl")
|
|
254
|
-
def token_max_ttl(self) -> Optional[pulumi.Input[
|
|
253
|
+
def token_max_ttl(self) -> Optional[pulumi.Input[_builtins.int]]:
|
|
255
254
|
"""
|
|
256
255
|
The maximum lifetime of the generated token
|
|
257
256
|
"""
|
|
258
257
|
return pulumi.get(self, "token_max_ttl")
|
|
259
258
|
|
|
260
259
|
@token_max_ttl.setter
|
|
261
|
-
def token_max_ttl(self, value: Optional[pulumi.Input[
|
|
260
|
+
def token_max_ttl(self, value: Optional[pulumi.Input[_builtins.int]]):
|
|
262
261
|
pulumi.set(self, "token_max_ttl", value)
|
|
263
262
|
|
|
264
|
-
@property
|
|
263
|
+
@_builtins.property
|
|
265
264
|
@pulumi.getter(name="tokenNoDefaultPolicy")
|
|
266
|
-
def token_no_default_policy(self) -> Optional[pulumi.Input[
|
|
265
|
+
def token_no_default_policy(self) -> Optional[pulumi.Input[_builtins.bool]]:
|
|
267
266
|
"""
|
|
268
267
|
If true, the 'default' policy will not automatically be added to generated tokens
|
|
269
268
|
"""
|
|
270
269
|
return pulumi.get(self, "token_no_default_policy")
|
|
271
270
|
|
|
272
271
|
@token_no_default_policy.setter
|
|
273
|
-
def token_no_default_policy(self, value: Optional[pulumi.Input[
|
|
272
|
+
def token_no_default_policy(self, value: Optional[pulumi.Input[_builtins.bool]]):
|
|
274
273
|
pulumi.set(self, "token_no_default_policy", value)
|
|
275
274
|
|
|
276
|
-
@property
|
|
275
|
+
@_builtins.property
|
|
277
276
|
@pulumi.getter(name="tokenNumUses")
|
|
278
|
-
def token_num_uses(self) -> Optional[pulumi.Input[
|
|
277
|
+
def token_num_uses(self) -> Optional[pulumi.Input[_builtins.int]]:
|
|
279
278
|
"""
|
|
280
279
|
The maximum number of times a token may be used, a value of zero means unlimited
|
|
281
280
|
"""
|
|
282
281
|
return pulumi.get(self, "token_num_uses")
|
|
283
282
|
|
|
284
283
|
@token_num_uses.setter
|
|
285
|
-
def token_num_uses(self, value: Optional[pulumi.Input[
|
|
284
|
+
def token_num_uses(self, value: Optional[pulumi.Input[_builtins.int]]):
|
|
286
285
|
pulumi.set(self, "token_num_uses", value)
|
|
287
286
|
|
|
288
|
-
@property
|
|
287
|
+
@_builtins.property
|
|
289
288
|
@pulumi.getter(name="tokenPeriod")
|
|
290
|
-
def token_period(self) -> Optional[pulumi.Input[
|
|
289
|
+
def token_period(self) -> Optional[pulumi.Input[_builtins.int]]:
|
|
291
290
|
"""
|
|
292
291
|
Generated Token's Period
|
|
293
292
|
"""
|
|
294
293
|
return pulumi.get(self, "token_period")
|
|
295
294
|
|
|
296
295
|
@token_period.setter
|
|
297
|
-
def token_period(self, value: Optional[pulumi.Input[
|
|
296
|
+
def token_period(self, value: Optional[pulumi.Input[_builtins.int]]):
|
|
298
297
|
pulumi.set(self, "token_period", value)
|
|
299
298
|
|
|
300
|
-
@property
|
|
299
|
+
@_builtins.property
|
|
301
300
|
@pulumi.getter(name="tokenPolicies")
|
|
302
|
-
def token_policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
301
|
+
def token_policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
|
|
303
302
|
"""
|
|
304
303
|
Generated Token's Policies
|
|
305
304
|
"""
|
|
306
305
|
return pulumi.get(self, "token_policies")
|
|
307
306
|
|
|
308
307
|
@token_policies.setter
|
|
309
|
-
def token_policies(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
308
|
+
def token_policies(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
|
|
310
309
|
pulumi.set(self, "token_policies", value)
|
|
311
310
|
|
|
312
|
-
@property
|
|
311
|
+
@_builtins.property
|
|
313
312
|
@pulumi.getter(name="tokenTtl")
|
|
314
|
-
def token_ttl(self) -> Optional[pulumi.Input[
|
|
313
|
+
def token_ttl(self) -> Optional[pulumi.Input[_builtins.int]]:
|
|
315
314
|
"""
|
|
316
315
|
The initial ttl of the token to generate in seconds
|
|
317
316
|
"""
|
|
318
317
|
return pulumi.get(self, "token_ttl")
|
|
319
318
|
|
|
320
319
|
@token_ttl.setter
|
|
321
|
-
def token_ttl(self, value: Optional[pulumi.Input[
|
|
320
|
+
def token_ttl(self, value: Optional[pulumi.Input[_builtins.int]]):
|
|
322
321
|
pulumi.set(self, "token_ttl", value)
|
|
323
322
|
|
|
324
|
-
@property
|
|
323
|
+
@_builtins.property
|
|
325
324
|
@pulumi.getter(name="tokenType")
|
|
326
|
-
def token_type(self) -> Optional[pulumi.Input[
|
|
325
|
+
def token_type(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
327
326
|
"""
|
|
328
327
|
The type of token to generate, service or batch
|
|
329
328
|
"""
|
|
330
329
|
return pulumi.get(self, "token_type")
|
|
331
330
|
|
|
332
331
|
@token_type.setter
|
|
333
|
-
def token_type(self, value: Optional[pulumi.Input[
|
|
332
|
+
def token_type(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
334
333
|
pulumi.set(self, "token_type", value)
|
|
335
334
|
|
|
336
335
|
|
|
337
336
|
@pulumi.input_type
|
|
338
337
|
class _AuthBackendRoleState:
|
|
339
338
|
def __init__(__self__, *,
|
|
340
|
-
allowed_entity_aliases: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
341
|
-
allowed_policies: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
342
|
-
allowed_policies_globs: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
343
|
-
disallowed_policies: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
344
|
-
disallowed_policies_globs: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
345
|
-
namespace: Optional[pulumi.Input[
|
|
346
|
-
orphan: Optional[pulumi.Input[
|
|
347
|
-
path_suffix: Optional[pulumi.Input[
|
|
348
|
-
renewable: Optional[pulumi.Input[
|
|
349
|
-
role_name: Optional[pulumi.Input[
|
|
350
|
-
token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
351
|
-
token_explicit_max_ttl: Optional[pulumi.Input[
|
|
352
|
-
token_max_ttl: Optional[pulumi.Input[
|
|
353
|
-
token_no_default_policy: Optional[pulumi.Input[
|
|
354
|
-
token_num_uses: Optional[pulumi.Input[
|
|
355
|
-
token_period: Optional[pulumi.Input[
|
|
356
|
-
token_policies: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
357
|
-
token_ttl: Optional[pulumi.Input[
|
|
358
|
-
token_type: Optional[pulumi.Input[
|
|
339
|
+
allowed_entity_aliases: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
340
|
+
allowed_policies: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
341
|
+
allowed_policies_globs: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
342
|
+
disallowed_policies: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
343
|
+
disallowed_policies_globs: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
344
|
+
namespace: Optional[pulumi.Input[_builtins.str]] = None,
|
|
345
|
+
orphan: Optional[pulumi.Input[_builtins.bool]] = None,
|
|
346
|
+
path_suffix: Optional[pulumi.Input[_builtins.str]] = None,
|
|
347
|
+
renewable: Optional[pulumi.Input[_builtins.bool]] = None,
|
|
348
|
+
role_name: Optional[pulumi.Input[_builtins.str]] = None,
|
|
349
|
+
token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
350
|
+
token_explicit_max_ttl: Optional[pulumi.Input[_builtins.int]] = None,
|
|
351
|
+
token_max_ttl: Optional[pulumi.Input[_builtins.int]] = None,
|
|
352
|
+
token_no_default_policy: Optional[pulumi.Input[_builtins.bool]] = None,
|
|
353
|
+
token_num_uses: Optional[pulumi.Input[_builtins.int]] = None,
|
|
354
|
+
token_period: Optional[pulumi.Input[_builtins.int]] = None,
|
|
355
|
+
token_policies: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
356
|
+
token_ttl: Optional[pulumi.Input[_builtins.int]] = None,
|
|
357
|
+
token_type: Optional[pulumi.Input[_builtins.str]] = None):
|
|
359
358
|
"""
|
|
360
359
|
Input properties used for looking up and filtering AuthBackendRole resources.
|
|
361
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
362
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
363
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
364
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
365
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
366
|
-
:param pulumi.Input[
|
|
360
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] allowed_entity_aliases: List of allowed entity aliases.
|
|
361
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] allowed_policies: List of allowed policies for given role.
|
|
362
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] allowed_policies_globs: Set of allowed policies with glob match for given role.
|
|
363
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] disallowed_policies: List of disallowed policies for given role.
|
|
364
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] disallowed_policies_globs: Set of disallowed policies with glob match for given role.
|
|
365
|
+
:param pulumi.Input[_builtins.str] namespace: The namespace to provision the resource in.
|
|
367
366
|
The value should not contain leading or trailing forward slashes.
|
|
368
367
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
|
369
368
|
*Available only for Vault Enterprise*.
|
|
370
|
-
:param pulumi.Input[
|
|
371
|
-
:param pulumi.Input[
|
|
372
|
-
:param pulumi.Input[
|
|
373
|
-
:param pulumi.Input[
|
|
374
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
375
|
-
:param pulumi.Input[
|
|
376
|
-
:param pulumi.Input[
|
|
377
|
-
:param pulumi.Input[
|
|
378
|
-
:param pulumi.Input[
|
|
379
|
-
:param pulumi.Input[
|
|
380
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
381
|
-
:param pulumi.Input[
|
|
382
|
-
:param pulumi.Input[
|
|
369
|
+
:param pulumi.Input[_builtins.bool] orphan: If true, tokens created against this policy will be orphan tokens.
|
|
370
|
+
:param pulumi.Input[_builtins.str] path_suffix: Tokens created against this role will have the given suffix as part of their path in addition to the role name.
|
|
371
|
+
:param pulumi.Input[_builtins.bool] renewable: Whether to disable the ability of the token to be renewed past its initial TTL.
|
|
372
|
+
:param pulumi.Input[_builtins.str] role_name: The name of the role.
|
|
373
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
|
|
374
|
+
:param pulumi.Input[_builtins.int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
|
|
375
|
+
:param pulumi.Input[_builtins.int] token_max_ttl: The maximum lifetime of the generated token
|
|
376
|
+
:param pulumi.Input[_builtins.bool] token_no_default_policy: If true, the 'default' policy will not automatically be added to generated tokens
|
|
377
|
+
:param pulumi.Input[_builtins.int] token_num_uses: The maximum number of times a token may be used, a value of zero means unlimited
|
|
378
|
+
:param pulumi.Input[_builtins.int] token_period: Generated Token's Period
|
|
379
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] token_policies: Generated Token's Policies
|
|
380
|
+
:param pulumi.Input[_builtins.int] token_ttl: The initial ttl of the token to generate in seconds
|
|
381
|
+
:param pulumi.Input[_builtins.str] token_type: The type of token to generate, service or batch
|
|
383
382
|
"""
|
|
384
383
|
if allowed_entity_aliases is not None:
|
|
385
384
|
pulumi.set(__self__, "allowed_entity_aliases", allowed_entity_aliases)
|
|
@@ -420,69 +419,69 @@ class _AuthBackendRoleState:
|
|
|
420
419
|
if token_type is not None:
|
|
421
420
|
pulumi.set(__self__, "token_type", token_type)
|
|
422
421
|
|
|
423
|
-
@property
|
|
422
|
+
@_builtins.property
|
|
424
423
|
@pulumi.getter(name="allowedEntityAliases")
|
|
425
|
-
def allowed_entity_aliases(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
424
|
+
def allowed_entity_aliases(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
|
|
426
425
|
"""
|
|
427
426
|
List of allowed entity aliases.
|
|
428
427
|
"""
|
|
429
428
|
return pulumi.get(self, "allowed_entity_aliases")
|
|
430
429
|
|
|
431
430
|
@allowed_entity_aliases.setter
|
|
432
|
-
def allowed_entity_aliases(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
431
|
+
def allowed_entity_aliases(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
|
|
433
432
|
pulumi.set(self, "allowed_entity_aliases", value)
|
|
434
433
|
|
|
435
|
-
@property
|
|
434
|
+
@_builtins.property
|
|
436
435
|
@pulumi.getter(name="allowedPolicies")
|
|
437
|
-
def allowed_policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
436
|
+
def allowed_policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
|
|
438
437
|
"""
|
|
439
438
|
List of allowed policies for given role.
|
|
440
439
|
"""
|
|
441
440
|
return pulumi.get(self, "allowed_policies")
|
|
442
441
|
|
|
443
442
|
@allowed_policies.setter
|
|
444
|
-
def allowed_policies(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
443
|
+
def allowed_policies(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
|
|
445
444
|
pulumi.set(self, "allowed_policies", value)
|
|
446
445
|
|
|
447
|
-
@property
|
|
446
|
+
@_builtins.property
|
|
448
447
|
@pulumi.getter(name="allowedPoliciesGlobs")
|
|
449
|
-
def allowed_policies_globs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
448
|
+
def allowed_policies_globs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
|
|
450
449
|
"""
|
|
451
450
|
Set of allowed policies with glob match for given role.
|
|
452
451
|
"""
|
|
453
452
|
return pulumi.get(self, "allowed_policies_globs")
|
|
454
453
|
|
|
455
454
|
@allowed_policies_globs.setter
|
|
456
|
-
def allowed_policies_globs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
455
|
+
def allowed_policies_globs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
|
|
457
456
|
pulumi.set(self, "allowed_policies_globs", value)
|
|
458
457
|
|
|
459
|
-
@property
|
|
458
|
+
@_builtins.property
|
|
460
459
|
@pulumi.getter(name="disallowedPolicies")
|
|
461
|
-
def disallowed_policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
460
|
+
def disallowed_policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
|
|
462
461
|
"""
|
|
463
462
|
List of disallowed policies for given role.
|
|
464
463
|
"""
|
|
465
464
|
return pulumi.get(self, "disallowed_policies")
|
|
466
465
|
|
|
467
466
|
@disallowed_policies.setter
|
|
468
|
-
def disallowed_policies(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
467
|
+
def disallowed_policies(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
|
|
469
468
|
pulumi.set(self, "disallowed_policies", value)
|
|
470
469
|
|
|
471
|
-
@property
|
|
470
|
+
@_builtins.property
|
|
472
471
|
@pulumi.getter(name="disallowedPoliciesGlobs")
|
|
473
|
-
def disallowed_policies_globs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
472
|
+
def disallowed_policies_globs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
|
|
474
473
|
"""
|
|
475
474
|
Set of disallowed policies with glob match for given role.
|
|
476
475
|
"""
|
|
477
476
|
return pulumi.get(self, "disallowed_policies_globs")
|
|
478
477
|
|
|
479
478
|
@disallowed_policies_globs.setter
|
|
480
|
-
def disallowed_policies_globs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
479
|
+
def disallowed_policies_globs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
|
|
481
480
|
pulumi.set(self, "disallowed_policies_globs", value)
|
|
482
481
|
|
|
483
|
-
@property
|
|
482
|
+
@_builtins.property
|
|
484
483
|
@pulumi.getter
|
|
485
|
-
def namespace(self) -> Optional[pulumi.Input[
|
|
484
|
+
def namespace(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
486
485
|
"""
|
|
487
486
|
The namespace to provision the resource in.
|
|
488
487
|
The value should not contain leading or trailing forward slashes.
|
|
@@ -492,163 +491,163 @@ class _AuthBackendRoleState:
|
|
|
492
491
|
return pulumi.get(self, "namespace")
|
|
493
492
|
|
|
494
493
|
@namespace.setter
|
|
495
|
-
def namespace(self, value: Optional[pulumi.Input[
|
|
494
|
+
def namespace(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
496
495
|
pulumi.set(self, "namespace", value)
|
|
497
496
|
|
|
498
|
-
@property
|
|
497
|
+
@_builtins.property
|
|
499
498
|
@pulumi.getter
|
|
500
|
-
def orphan(self) -> Optional[pulumi.Input[
|
|
499
|
+
def orphan(self) -> Optional[pulumi.Input[_builtins.bool]]:
|
|
501
500
|
"""
|
|
502
501
|
If true, tokens created against this policy will be orphan tokens.
|
|
503
502
|
"""
|
|
504
503
|
return pulumi.get(self, "orphan")
|
|
505
504
|
|
|
506
505
|
@orphan.setter
|
|
507
|
-
def orphan(self, value: Optional[pulumi.Input[
|
|
506
|
+
def orphan(self, value: Optional[pulumi.Input[_builtins.bool]]):
|
|
508
507
|
pulumi.set(self, "orphan", value)
|
|
509
508
|
|
|
510
|
-
@property
|
|
509
|
+
@_builtins.property
|
|
511
510
|
@pulumi.getter(name="pathSuffix")
|
|
512
|
-
def path_suffix(self) -> Optional[pulumi.Input[
|
|
511
|
+
def path_suffix(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
513
512
|
"""
|
|
514
513
|
Tokens created against this role will have the given suffix as part of their path in addition to the role name.
|
|
515
514
|
"""
|
|
516
515
|
return pulumi.get(self, "path_suffix")
|
|
517
516
|
|
|
518
517
|
@path_suffix.setter
|
|
519
|
-
def path_suffix(self, value: Optional[pulumi.Input[
|
|
518
|
+
def path_suffix(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
520
519
|
pulumi.set(self, "path_suffix", value)
|
|
521
520
|
|
|
522
|
-
@property
|
|
521
|
+
@_builtins.property
|
|
523
522
|
@pulumi.getter
|
|
524
|
-
def renewable(self) -> Optional[pulumi.Input[
|
|
523
|
+
def renewable(self) -> Optional[pulumi.Input[_builtins.bool]]:
|
|
525
524
|
"""
|
|
526
525
|
Whether to disable the ability of the token to be renewed past its initial TTL.
|
|
527
526
|
"""
|
|
528
527
|
return pulumi.get(self, "renewable")
|
|
529
528
|
|
|
530
529
|
@renewable.setter
|
|
531
|
-
def renewable(self, value: Optional[pulumi.Input[
|
|
530
|
+
def renewable(self, value: Optional[pulumi.Input[_builtins.bool]]):
|
|
532
531
|
pulumi.set(self, "renewable", value)
|
|
533
532
|
|
|
534
|
-
@property
|
|
533
|
+
@_builtins.property
|
|
535
534
|
@pulumi.getter(name="roleName")
|
|
536
|
-
def role_name(self) -> Optional[pulumi.Input[
|
|
535
|
+
def role_name(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
537
536
|
"""
|
|
538
537
|
The name of the role.
|
|
539
538
|
"""
|
|
540
539
|
return pulumi.get(self, "role_name")
|
|
541
540
|
|
|
542
541
|
@role_name.setter
|
|
543
|
-
def role_name(self, value: Optional[pulumi.Input[
|
|
542
|
+
def role_name(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
544
543
|
pulumi.set(self, "role_name", value)
|
|
545
544
|
|
|
546
|
-
@property
|
|
545
|
+
@_builtins.property
|
|
547
546
|
@pulumi.getter(name="tokenBoundCidrs")
|
|
548
|
-
def token_bound_cidrs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
547
|
+
def token_bound_cidrs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
|
|
549
548
|
"""
|
|
550
549
|
Specifies the blocks of IP addresses which are allowed to use the generated token
|
|
551
550
|
"""
|
|
552
551
|
return pulumi.get(self, "token_bound_cidrs")
|
|
553
552
|
|
|
554
553
|
@token_bound_cidrs.setter
|
|
555
|
-
def token_bound_cidrs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
554
|
+
def token_bound_cidrs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
|
|
556
555
|
pulumi.set(self, "token_bound_cidrs", value)
|
|
557
556
|
|
|
558
|
-
@property
|
|
557
|
+
@_builtins.property
|
|
559
558
|
@pulumi.getter(name="tokenExplicitMaxTtl")
|
|
560
|
-
def token_explicit_max_ttl(self) -> Optional[pulumi.Input[
|
|
559
|
+
def token_explicit_max_ttl(self) -> Optional[pulumi.Input[_builtins.int]]:
|
|
561
560
|
"""
|
|
562
561
|
Generated Token's Explicit Maximum TTL in seconds
|
|
563
562
|
"""
|
|
564
563
|
return pulumi.get(self, "token_explicit_max_ttl")
|
|
565
564
|
|
|
566
565
|
@token_explicit_max_ttl.setter
|
|
567
|
-
def token_explicit_max_ttl(self, value: Optional[pulumi.Input[
|
|
566
|
+
def token_explicit_max_ttl(self, value: Optional[pulumi.Input[_builtins.int]]):
|
|
568
567
|
pulumi.set(self, "token_explicit_max_ttl", value)
|
|
569
568
|
|
|
570
|
-
@property
|
|
569
|
+
@_builtins.property
|
|
571
570
|
@pulumi.getter(name="tokenMaxTtl")
|
|
572
|
-
def token_max_ttl(self) -> Optional[pulumi.Input[
|
|
571
|
+
def token_max_ttl(self) -> Optional[pulumi.Input[_builtins.int]]:
|
|
573
572
|
"""
|
|
574
573
|
The maximum lifetime of the generated token
|
|
575
574
|
"""
|
|
576
575
|
return pulumi.get(self, "token_max_ttl")
|
|
577
576
|
|
|
578
577
|
@token_max_ttl.setter
|
|
579
|
-
def token_max_ttl(self, value: Optional[pulumi.Input[
|
|
578
|
+
def token_max_ttl(self, value: Optional[pulumi.Input[_builtins.int]]):
|
|
580
579
|
pulumi.set(self, "token_max_ttl", value)
|
|
581
580
|
|
|
582
|
-
@property
|
|
581
|
+
@_builtins.property
|
|
583
582
|
@pulumi.getter(name="tokenNoDefaultPolicy")
|
|
584
|
-
def token_no_default_policy(self) -> Optional[pulumi.Input[
|
|
583
|
+
def token_no_default_policy(self) -> Optional[pulumi.Input[_builtins.bool]]:
|
|
585
584
|
"""
|
|
586
585
|
If true, the 'default' policy will not automatically be added to generated tokens
|
|
587
586
|
"""
|
|
588
587
|
return pulumi.get(self, "token_no_default_policy")
|
|
589
588
|
|
|
590
589
|
@token_no_default_policy.setter
|
|
591
|
-
def token_no_default_policy(self, value: Optional[pulumi.Input[
|
|
590
|
+
def token_no_default_policy(self, value: Optional[pulumi.Input[_builtins.bool]]):
|
|
592
591
|
pulumi.set(self, "token_no_default_policy", value)
|
|
593
592
|
|
|
594
|
-
@property
|
|
593
|
+
@_builtins.property
|
|
595
594
|
@pulumi.getter(name="tokenNumUses")
|
|
596
|
-
def token_num_uses(self) -> Optional[pulumi.Input[
|
|
595
|
+
def token_num_uses(self) -> Optional[pulumi.Input[_builtins.int]]:
|
|
597
596
|
"""
|
|
598
597
|
The maximum number of times a token may be used, a value of zero means unlimited
|
|
599
598
|
"""
|
|
600
599
|
return pulumi.get(self, "token_num_uses")
|
|
601
600
|
|
|
602
601
|
@token_num_uses.setter
|
|
603
|
-
def token_num_uses(self, value: Optional[pulumi.Input[
|
|
602
|
+
def token_num_uses(self, value: Optional[pulumi.Input[_builtins.int]]):
|
|
604
603
|
pulumi.set(self, "token_num_uses", value)
|
|
605
604
|
|
|
606
|
-
@property
|
|
605
|
+
@_builtins.property
|
|
607
606
|
@pulumi.getter(name="tokenPeriod")
|
|
608
|
-
def token_period(self) -> Optional[pulumi.Input[
|
|
607
|
+
def token_period(self) -> Optional[pulumi.Input[_builtins.int]]:
|
|
609
608
|
"""
|
|
610
609
|
Generated Token's Period
|
|
611
610
|
"""
|
|
612
611
|
return pulumi.get(self, "token_period")
|
|
613
612
|
|
|
614
613
|
@token_period.setter
|
|
615
|
-
def token_period(self, value: Optional[pulumi.Input[
|
|
614
|
+
def token_period(self, value: Optional[pulumi.Input[_builtins.int]]):
|
|
616
615
|
pulumi.set(self, "token_period", value)
|
|
617
616
|
|
|
618
|
-
@property
|
|
617
|
+
@_builtins.property
|
|
619
618
|
@pulumi.getter(name="tokenPolicies")
|
|
620
|
-
def token_policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
619
|
+
def token_policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
|
|
621
620
|
"""
|
|
622
621
|
Generated Token's Policies
|
|
623
622
|
"""
|
|
624
623
|
return pulumi.get(self, "token_policies")
|
|
625
624
|
|
|
626
625
|
@token_policies.setter
|
|
627
|
-
def token_policies(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
626
|
+
def token_policies(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
|
|
628
627
|
pulumi.set(self, "token_policies", value)
|
|
629
628
|
|
|
630
|
-
@property
|
|
629
|
+
@_builtins.property
|
|
631
630
|
@pulumi.getter(name="tokenTtl")
|
|
632
|
-
def token_ttl(self) -> Optional[pulumi.Input[
|
|
631
|
+
def token_ttl(self) -> Optional[pulumi.Input[_builtins.int]]:
|
|
633
632
|
"""
|
|
634
633
|
The initial ttl of the token to generate in seconds
|
|
635
634
|
"""
|
|
636
635
|
return pulumi.get(self, "token_ttl")
|
|
637
636
|
|
|
638
637
|
@token_ttl.setter
|
|
639
|
-
def token_ttl(self, value: Optional[pulumi.Input[
|
|
638
|
+
def token_ttl(self, value: Optional[pulumi.Input[_builtins.int]]):
|
|
640
639
|
pulumi.set(self, "token_ttl", value)
|
|
641
640
|
|
|
642
|
-
@property
|
|
641
|
+
@_builtins.property
|
|
643
642
|
@pulumi.getter(name="tokenType")
|
|
644
|
-
def token_type(self) -> Optional[pulumi.Input[
|
|
643
|
+
def token_type(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
645
644
|
"""
|
|
646
645
|
The type of token to generate, service or batch
|
|
647
646
|
"""
|
|
648
647
|
return pulumi.get(self, "token_type")
|
|
649
648
|
|
|
650
649
|
@token_type.setter
|
|
651
|
-
def token_type(self, value: Optional[pulumi.Input[
|
|
650
|
+
def token_type(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
652
651
|
pulumi.set(self, "token_type", value)
|
|
653
652
|
|
|
654
653
|
|
|
@@ -658,25 +657,25 @@ class AuthBackendRole(pulumi.CustomResource):
|
|
|
658
657
|
def __init__(__self__,
|
|
659
658
|
resource_name: str,
|
|
660
659
|
opts: Optional[pulumi.ResourceOptions] = None,
|
|
661
|
-
allowed_entity_aliases: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
662
|
-
allowed_policies: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
663
|
-
allowed_policies_globs: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
664
|
-
disallowed_policies: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
665
|
-
disallowed_policies_globs: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
666
|
-
namespace: Optional[pulumi.Input[
|
|
667
|
-
orphan: Optional[pulumi.Input[
|
|
668
|
-
path_suffix: Optional[pulumi.Input[
|
|
669
|
-
renewable: Optional[pulumi.Input[
|
|
670
|
-
role_name: Optional[pulumi.Input[
|
|
671
|
-
token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
672
|
-
token_explicit_max_ttl: Optional[pulumi.Input[
|
|
673
|
-
token_max_ttl: Optional[pulumi.Input[
|
|
674
|
-
token_no_default_policy: Optional[pulumi.Input[
|
|
675
|
-
token_num_uses: Optional[pulumi.Input[
|
|
676
|
-
token_period: Optional[pulumi.Input[
|
|
677
|
-
token_policies: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
678
|
-
token_ttl: Optional[pulumi.Input[
|
|
679
|
-
token_type: Optional[pulumi.Input[
|
|
660
|
+
allowed_entity_aliases: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
661
|
+
allowed_policies: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
662
|
+
allowed_policies_globs: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
663
|
+
disallowed_policies: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
664
|
+
disallowed_policies_globs: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
665
|
+
namespace: Optional[pulumi.Input[_builtins.str]] = None,
|
|
666
|
+
orphan: Optional[pulumi.Input[_builtins.bool]] = None,
|
|
667
|
+
path_suffix: Optional[pulumi.Input[_builtins.str]] = None,
|
|
668
|
+
renewable: Optional[pulumi.Input[_builtins.bool]] = None,
|
|
669
|
+
role_name: Optional[pulumi.Input[_builtins.str]] = None,
|
|
670
|
+
token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
671
|
+
token_explicit_max_ttl: Optional[pulumi.Input[_builtins.int]] = None,
|
|
672
|
+
token_max_ttl: Optional[pulumi.Input[_builtins.int]] = None,
|
|
673
|
+
token_no_default_policy: Optional[pulumi.Input[_builtins.bool]] = None,
|
|
674
|
+
token_num_uses: Optional[pulumi.Input[_builtins.int]] = None,
|
|
675
|
+
token_period: Optional[pulumi.Input[_builtins.int]] = None,
|
|
676
|
+
token_policies: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
677
|
+
token_ttl: Optional[pulumi.Input[_builtins.int]] = None,
|
|
678
|
+
token_type: Optional[pulumi.Input[_builtins.str]] = None,
|
|
680
679
|
__props__=None):
|
|
681
680
|
"""
|
|
682
681
|
Manages Token auth backend role in a Vault server. See the [Vault
|
|
@@ -714,28 +713,28 @@ class AuthBackendRole(pulumi.CustomResource):
|
|
|
714
713
|
|
|
715
714
|
:param str resource_name: The name of the resource.
|
|
716
715
|
:param pulumi.ResourceOptions opts: Options for the resource.
|
|
717
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
718
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
719
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
720
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
721
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
722
|
-
:param pulumi.Input[
|
|
716
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] allowed_entity_aliases: List of allowed entity aliases.
|
|
717
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] allowed_policies: List of allowed policies for given role.
|
|
718
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] allowed_policies_globs: Set of allowed policies with glob match for given role.
|
|
719
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] disallowed_policies: List of disallowed policies for given role.
|
|
720
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] disallowed_policies_globs: Set of disallowed policies with glob match for given role.
|
|
721
|
+
:param pulumi.Input[_builtins.str] namespace: The namespace to provision the resource in.
|
|
723
722
|
The value should not contain leading or trailing forward slashes.
|
|
724
723
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
|
725
724
|
*Available only for Vault Enterprise*.
|
|
726
|
-
:param pulumi.Input[
|
|
727
|
-
:param pulumi.Input[
|
|
728
|
-
:param pulumi.Input[
|
|
729
|
-
:param pulumi.Input[
|
|
730
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
731
|
-
:param pulumi.Input[
|
|
732
|
-
:param pulumi.Input[
|
|
733
|
-
:param pulumi.Input[
|
|
734
|
-
:param pulumi.Input[
|
|
735
|
-
:param pulumi.Input[
|
|
736
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
737
|
-
:param pulumi.Input[
|
|
738
|
-
:param pulumi.Input[
|
|
725
|
+
:param pulumi.Input[_builtins.bool] orphan: If true, tokens created against this policy will be orphan tokens.
|
|
726
|
+
:param pulumi.Input[_builtins.str] path_suffix: Tokens created against this role will have the given suffix as part of their path in addition to the role name.
|
|
727
|
+
:param pulumi.Input[_builtins.bool] renewable: Whether to disable the ability of the token to be renewed past its initial TTL.
|
|
728
|
+
:param pulumi.Input[_builtins.str] role_name: The name of the role.
|
|
729
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
|
|
730
|
+
:param pulumi.Input[_builtins.int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
|
|
731
|
+
:param pulumi.Input[_builtins.int] token_max_ttl: The maximum lifetime of the generated token
|
|
732
|
+
:param pulumi.Input[_builtins.bool] token_no_default_policy: If true, the 'default' policy will not automatically be added to generated tokens
|
|
733
|
+
:param pulumi.Input[_builtins.int] token_num_uses: The maximum number of times a token may be used, a value of zero means unlimited
|
|
734
|
+
:param pulumi.Input[_builtins.int] token_period: Generated Token's Period
|
|
735
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] token_policies: Generated Token's Policies
|
|
736
|
+
:param pulumi.Input[_builtins.int] token_ttl: The initial ttl of the token to generate in seconds
|
|
737
|
+
:param pulumi.Input[_builtins.str] token_type: The type of token to generate, service or batch
|
|
739
738
|
"""
|
|
740
739
|
...
|
|
741
740
|
@overload
|
|
@@ -792,25 +791,25 @@ class AuthBackendRole(pulumi.CustomResource):
|
|
|
792
791
|
def _internal_init(__self__,
|
|
793
792
|
resource_name: str,
|
|
794
793
|
opts: Optional[pulumi.ResourceOptions] = None,
|
|
795
|
-
allowed_entity_aliases: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
796
|
-
allowed_policies: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
797
|
-
allowed_policies_globs: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
798
|
-
disallowed_policies: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
799
|
-
disallowed_policies_globs: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
800
|
-
namespace: Optional[pulumi.Input[
|
|
801
|
-
orphan: Optional[pulumi.Input[
|
|
802
|
-
path_suffix: Optional[pulumi.Input[
|
|
803
|
-
renewable: Optional[pulumi.Input[
|
|
804
|
-
role_name: Optional[pulumi.Input[
|
|
805
|
-
token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
806
|
-
token_explicit_max_ttl: Optional[pulumi.Input[
|
|
807
|
-
token_max_ttl: Optional[pulumi.Input[
|
|
808
|
-
token_no_default_policy: Optional[pulumi.Input[
|
|
809
|
-
token_num_uses: Optional[pulumi.Input[
|
|
810
|
-
token_period: Optional[pulumi.Input[
|
|
811
|
-
token_policies: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
812
|
-
token_ttl: Optional[pulumi.Input[
|
|
813
|
-
token_type: Optional[pulumi.Input[
|
|
794
|
+
allowed_entity_aliases: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
795
|
+
allowed_policies: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
796
|
+
allowed_policies_globs: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
797
|
+
disallowed_policies: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
798
|
+
disallowed_policies_globs: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
799
|
+
namespace: Optional[pulumi.Input[_builtins.str]] = None,
|
|
800
|
+
orphan: Optional[pulumi.Input[_builtins.bool]] = None,
|
|
801
|
+
path_suffix: Optional[pulumi.Input[_builtins.str]] = None,
|
|
802
|
+
renewable: Optional[pulumi.Input[_builtins.bool]] = None,
|
|
803
|
+
role_name: Optional[pulumi.Input[_builtins.str]] = None,
|
|
804
|
+
token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
805
|
+
token_explicit_max_ttl: Optional[pulumi.Input[_builtins.int]] = None,
|
|
806
|
+
token_max_ttl: Optional[pulumi.Input[_builtins.int]] = None,
|
|
807
|
+
token_no_default_policy: Optional[pulumi.Input[_builtins.bool]] = None,
|
|
808
|
+
token_num_uses: Optional[pulumi.Input[_builtins.int]] = None,
|
|
809
|
+
token_period: Optional[pulumi.Input[_builtins.int]] = None,
|
|
810
|
+
token_policies: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
811
|
+
token_ttl: Optional[pulumi.Input[_builtins.int]] = None,
|
|
812
|
+
token_type: Optional[pulumi.Input[_builtins.str]] = None,
|
|
814
813
|
__props__=None):
|
|
815
814
|
opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
|
|
816
815
|
if not isinstance(opts, pulumi.ResourceOptions):
|
|
@@ -851,25 +850,25 @@ class AuthBackendRole(pulumi.CustomResource):
|
|
|
851
850
|
def get(resource_name: str,
|
|
852
851
|
id: pulumi.Input[str],
|
|
853
852
|
opts: Optional[pulumi.ResourceOptions] = None,
|
|
854
|
-
allowed_entity_aliases: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
855
|
-
allowed_policies: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
856
|
-
allowed_policies_globs: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
857
|
-
disallowed_policies: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
858
|
-
disallowed_policies_globs: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
859
|
-
namespace: Optional[pulumi.Input[
|
|
860
|
-
orphan: Optional[pulumi.Input[
|
|
861
|
-
path_suffix: Optional[pulumi.Input[
|
|
862
|
-
renewable: Optional[pulumi.Input[
|
|
863
|
-
role_name: Optional[pulumi.Input[
|
|
864
|
-
token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
865
|
-
token_explicit_max_ttl: Optional[pulumi.Input[
|
|
866
|
-
token_max_ttl: Optional[pulumi.Input[
|
|
867
|
-
token_no_default_policy: Optional[pulumi.Input[
|
|
868
|
-
token_num_uses: Optional[pulumi.Input[
|
|
869
|
-
token_period: Optional[pulumi.Input[
|
|
870
|
-
token_policies: Optional[pulumi.Input[Sequence[pulumi.Input[
|
|
871
|
-
token_ttl: Optional[pulumi.Input[
|
|
872
|
-
token_type: Optional[pulumi.Input[
|
|
853
|
+
allowed_entity_aliases: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
854
|
+
allowed_policies: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
855
|
+
allowed_policies_globs: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
856
|
+
disallowed_policies: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
857
|
+
disallowed_policies_globs: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
858
|
+
namespace: Optional[pulumi.Input[_builtins.str]] = None,
|
|
859
|
+
orphan: Optional[pulumi.Input[_builtins.bool]] = None,
|
|
860
|
+
path_suffix: Optional[pulumi.Input[_builtins.str]] = None,
|
|
861
|
+
renewable: Optional[pulumi.Input[_builtins.bool]] = None,
|
|
862
|
+
role_name: Optional[pulumi.Input[_builtins.str]] = None,
|
|
863
|
+
token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
864
|
+
token_explicit_max_ttl: Optional[pulumi.Input[_builtins.int]] = None,
|
|
865
|
+
token_max_ttl: Optional[pulumi.Input[_builtins.int]] = None,
|
|
866
|
+
token_no_default_policy: Optional[pulumi.Input[_builtins.bool]] = None,
|
|
867
|
+
token_num_uses: Optional[pulumi.Input[_builtins.int]] = None,
|
|
868
|
+
token_period: Optional[pulumi.Input[_builtins.int]] = None,
|
|
869
|
+
token_policies: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
870
|
+
token_ttl: Optional[pulumi.Input[_builtins.int]] = None,
|
|
871
|
+
token_type: Optional[pulumi.Input[_builtins.str]] = None) -> 'AuthBackendRole':
|
|
873
872
|
"""
|
|
874
873
|
Get an existing AuthBackendRole resource's state with the given name, id, and optional extra
|
|
875
874
|
properties used to qualify the lookup.
|
|
@@ -877,28 +876,28 @@ class AuthBackendRole(pulumi.CustomResource):
|
|
|
877
876
|
:param str resource_name: The unique name of the resulting resource.
|
|
878
877
|
:param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
|
|
879
878
|
:param pulumi.ResourceOptions opts: Options for the resource.
|
|
880
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
881
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
882
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
883
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
884
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
885
|
-
:param pulumi.Input[
|
|
879
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] allowed_entity_aliases: List of allowed entity aliases.
|
|
880
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] allowed_policies: List of allowed policies for given role.
|
|
881
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] allowed_policies_globs: Set of allowed policies with glob match for given role.
|
|
882
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] disallowed_policies: List of disallowed policies for given role.
|
|
883
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] disallowed_policies_globs: Set of disallowed policies with glob match for given role.
|
|
884
|
+
:param pulumi.Input[_builtins.str] namespace: The namespace to provision the resource in.
|
|
886
885
|
The value should not contain leading or trailing forward slashes.
|
|
887
886
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
|
888
887
|
*Available only for Vault Enterprise*.
|
|
889
|
-
:param pulumi.Input[
|
|
890
|
-
:param pulumi.Input[
|
|
891
|
-
:param pulumi.Input[
|
|
892
|
-
:param pulumi.Input[
|
|
893
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
894
|
-
:param pulumi.Input[
|
|
895
|
-
:param pulumi.Input[
|
|
896
|
-
:param pulumi.Input[
|
|
897
|
-
:param pulumi.Input[
|
|
898
|
-
:param pulumi.Input[
|
|
899
|
-
:param pulumi.Input[Sequence[pulumi.Input[
|
|
900
|
-
:param pulumi.Input[
|
|
901
|
-
:param pulumi.Input[
|
|
888
|
+
:param pulumi.Input[_builtins.bool] orphan: If true, tokens created against this policy will be orphan tokens.
|
|
889
|
+
:param pulumi.Input[_builtins.str] path_suffix: Tokens created against this role will have the given suffix as part of their path in addition to the role name.
|
|
890
|
+
:param pulumi.Input[_builtins.bool] renewable: Whether to disable the ability of the token to be renewed past its initial TTL.
|
|
891
|
+
:param pulumi.Input[_builtins.str] role_name: The name of the role.
|
|
892
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
|
|
893
|
+
:param pulumi.Input[_builtins.int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
|
|
894
|
+
:param pulumi.Input[_builtins.int] token_max_ttl: The maximum lifetime of the generated token
|
|
895
|
+
:param pulumi.Input[_builtins.bool] token_no_default_policy: If true, the 'default' policy will not automatically be added to generated tokens
|
|
896
|
+
:param pulumi.Input[_builtins.int] token_num_uses: The maximum number of times a token may be used, a value of zero means unlimited
|
|
897
|
+
:param pulumi.Input[_builtins.int] token_period: Generated Token's Period
|
|
898
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] token_policies: Generated Token's Policies
|
|
899
|
+
:param pulumi.Input[_builtins.int] token_ttl: The initial ttl of the token to generate in seconds
|
|
900
|
+
:param pulumi.Input[_builtins.str] token_type: The type of token to generate, service or batch
|
|
902
901
|
"""
|
|
903
902
|
opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
|
|
904
903
|
|
|
@@ -925,49 +924,49 @@ class AuthBackendRole(pulumi.CustomResource):
|
|
|
925
924
|
__props__.__dict__["token_type"] = token_type
|
|
926
925
|
return AuthBackendRole(resource_name, opts=opts, __props__=__props__)
|
|
927
926
|
|
|
928
|
-
@property
|
|
927
|
+
@_builtins.property
|
|
929
928
|
@pulumi.getter(name="allowedEntityAliases")
|
|
930
|
-
def allowed_entity_aliases(self) -> pulumi.Output[Optional[Sequence[
|
|
929
|
+
def allowed_entity_aliases(self) -> pulumi.Output[Optional[Sequence[_builtins.str]]]:
|
|
931
930
|
"""
|
|
932
931
|
List of allowed entity aliases.
|
|
933
932
|
"""
|
|
934
933
|
return pulumi.get(self, "allowed_entity_aliases")
|
|
935
934
|
|
|
936
|
-
@property
|
|
935
|
+
@_builtins.property
|
|
937
936
|
@pulumi.getter(name="allowedPolicies")
|
|
938
|
-
def allowed_policies(self) -> pulumi.Output[Optional[Sequence[
|
|
937
|
+
def allowed_policies(self) -> pulumi.Output[Optional[Sequence[_builtins.str]]]:
|
|
939
938
|
"""
|
|
940
939
|
List of allowed policies for given role.
|
|
941
940
|
"""
|
|
942
941
|
return pulumi.get(self, "allowed_policies")
|
|
943
942
|
|
|
944
|
-
@property
|
|
943
|
+
@_builtins.property
|
|
945
944
|
@pulumi.getter(name="allowedPoliciesGlobs")
|
|
946
|
-
def allowed_policies_globs(self) -> pulumi.Output[Optional[Sequence[
|
|
945
|
+
def allowed_policies_globs(self) -> pulumi.Output[Optional[Sequence[_builtins.str]]]:
|
|
947
946
|
"""
|
|
948
947
|
Set of allowed policies with glob match for given role.
|
|
949
948
|
"""
|
|
950
949
|
return pulumi.get(self, "allowed_policies_globs")
|
|
951
950
|
|
|
952
|
-
@property
|
|
951
|
+
@_builtins.property
|
|
953
952
|
@pulumi.getter(name="disallowedPolicies")
|
|
954
|
-
def disallowed_policies(self) -> pulumi.Output[Optional[Sequence[
|
|
953
|
+
def disallowed_policies(self) -> pulumi.Output[Optional[Sequence[_builtins.str]]]:
|
|
955
954
|
"""
|
|
956
955
|
List of disallowed policies for given role.
|
|
957
956
|
"""
|
|
958
957
|
return pulumi.get(self, "disallowed_policies")
|
|
959
958
|
|
|
960
|
-
@property
|
|
959
|
+
@_builtins.property
|
|
961
960
|
@pulumi.getter(name="disallowedPoliciesGlobs")
|
|
962
|
-
def disallowed_policies_globs(self) -> pulumi.Output[Optional[Sequence[
|
|
961
|
+
def disallowed_policies_globs(self) -> pulumi.Output[Optional[Sequence[_builtins.str]]]:
|
|
963
962
|
"""
|
|
964
963
|
Set of disallowed policies with glob match for given role.
|
|
965
964
|
"""
|
|
966
965
|
return pulumi.get(self, "disallowed_policies_globs")
|
|
967
966
|
|
|
968
|
-
@property
|
|
967
|
+
@_builtins.property
|
|
969
968
|
@pulumi.getter
|
|
970
|
-
def namespace(self) -> pulumi.Output[Optional[
|
|
969
|
+
def namespace(self) -> pulumi.Output[Optional[_builtins.str]]:
|
|
971
970
|
"""
|
|
972
971
|
The namespace to provision the resource in.
|
|
973
972
|
The value should not contain leading or trailing forward slashes.
|
|
@@ -976,105 +975,105 @@ class AuthBackendRole(pulumi.CustomResource):
|
|
|
976
975
|
"""
|
|
977
976
|
return pulumi.get(self, "namespace")
|
|
978
977
|
|
|
979
|
-
@property
|
|
978
|
+
@_builtins.property
|
|
980
979
|
@pulumi.getter
|
|
981
|
-
def orphan(self) -> pulumi.Output[Optional[
|
|
980
|
+
def orphan(self) -> pulumi.Output[Optional[_builtins.bool]]:
|
|
982
981
|
"""
|
|
983
982
|
If true, tokens created against this policy will be orphan tokens.
|
|
984
983
|
"""
|
|
985
984
|
return pulumi.get(self, "orphan")
|
|
986
985
|
|
|
987
|
-
@property
|
|
986
|
+
@_builtins.property
|
|
988
987
|
@pulumi.getter(name="pathSuffix")
|
|
989
|
-
def path_suffix(self) -> pulumi.Output[Optional[
|
|
988
|
+
def path_suffix(self) -> pulumi.Output[Optional[_builtins.str]]:
|
|
990
989
|
"""
|
|
991
990
|
Tokens created against this role will have the given suffix as part of their path in addition to the role name.
|
|
992
991
|
"""
|
|
993
992
|
return pulumi.get(self, "path_suffix")
|
|
994
993
|
|
|
995
|
-
@property
|
|
994
|
+
@_builtins.property
|
|
996
995
|
@pulumi.getter
|
|
997
|
-
def renewable(self) -> pulumi.Output[Optional[
|
|
996
|
+
def renewable(self) -> pulumi.Output[Optional[_builtins.bool]]:
|
|
998
997
|
"""
|
|
999
998
|
Whether to disable the ability of the token to be renewed past its initial TTL.
|
|
1000
999
|
"""
|
|
1001
1000
|
return pulumi.get(self, "renewable")
|
|
1002
1001
|
|
|
1003
|
-
@property
|
|
1002
|
+
@_builtins.property
|
|
1004
1003
|
@pulumi.getter(name="roleName")
|
|
1005
|
-
def role_name(self) -> pulumi.Output[
|
|
1004
|
+
def role_name(self) -> pulumi.Output[_builtins.str]:
|
|
1006
1005
|
"""
|
|
1007
1006
|
The name of the role.
|
|
1008
1007
|
"""
|
|
1009
1008
|
return pulumi.get(self, "role_name")
|
|
1010
1009
|
|
|
1011
|
-
@property
|
|
1010
|
+
@_builtins.property
|
|
1012
1011
|
@pulumi.getter(name="tokenBoundCidrs")
|
|
1013
|
-
def token_bound_cidrs(self) -> pulumi.Output[Optional[Sequence[
|
|
1012
|
+
def token_bound_cidrs(self) -> pulumi.Output[Optional[Sequence[_builtins.str]]]:
|
|
1014
1013
|
"""
|
|
1015
1014
|
Specifies the blocks of IP addresses which are allowed to use the generated token
|
|
1016
1015
|
"""
|
|
1017
1016
|
return pulumi.get(self, "token_bound_cidrs")
|
|
1018
1017
|
|
|
1019
|
-
@property
|
|
1018
|
+
@_builtins.property
|
|
1020
1019
|
@pulumi.getter(name="tokenExplicitMaxTtl")
|
|
1021
|
-
def token_explicit_max_ttl(self) -> pulumi.Output[Optional[
|
|
1020
|
+
def token_explicit_max_ttl(self) -> pulumi.Output[Optional[_builtins.int]]:
|
|
1022
1021
|
"""
|
|
1023
1022
|
Generated Token's Explicit Maximum TTL in seconds
|
|
1024
1023
|
"""
|
|
1025
1024
|
return pulumi.get(self, "token_explicit_max_ttl")
|
|
1026
1025
|
|
|
1027
|
-
@property
|
|
1026
|
+
@_builtins.property
|
|
1028
1027
|
@pulumi.getter(name="tokenMaxTtl")
|
|
1029
|
-
def token_max_ttl(self) -> pulumi.Output[Optional[
|
|
1028
|
+
def token_max_ttl(self) -> pulumi.Output[Optional[_builtins.int]]:
|
|
1030
1029
|
"""
|
|
1031
1030
|
The maximum lifetime of the generated token
|
|
1032
1031
|
"""
|
|
1033
1032
|
return pulumi.get(self, "token_max_ttl")
|
|
1034
1033
|
|
|
1035
|
-
@property
|
|
1034
|
+
@_builtins.property
|
|
1036
1035
|
@pulumi.getter(name="tokenNoDefaultPolicy")
|
|
1037
|
-
def token_no_default_policy(self) -> pulumi.Output[Optional[
|
|
1036
|
+
def token_no_default_policy(self) -> pulumi.Output[Optional[_builtins.bool]]:
|
|
1038
1037
|
"""
|
|
1039
1038
|
If true, the 'default' policy will not automatically be added to generated tokens
|
|
1040
1039
|
"""
|
|
1041
1040
|
return pulumi.get(self, "token_no_default_policy")
|
|
1042
1041
|
|
|
1043
|
-
@property
|
|
1042
|
+
@_builtins.property
|
|
1044
1043
|
@pulumi.getter(name="tokenNumUses")
|
|
1045
|
-
def token_num_uses(self) -> pulumi.Output[Optional[
|
|
1044
|
+
def token_num_uses(self) -> pulumi.Output[Optional[_builtins.int]]:
|
|
1046
1045
|
"""
|
|
1047
1046
|
The maximum number of times a token may be used, a value of zero means unlimited
|
|
1048
1047
|
"""
|
|
1049
1048
|
return pulumi.get(self, "token_num_uses")
|
|
1050
1049
|
|
|
1051
|
-
@property
|
|
1050
|
+
@_builtins.property
|
|
1052
1051
|
@pulumi.getter(name="tokenPeriod")
|
|
1053
|
-
def token_period(self) -> pulumi.Output[Optional[
|
|
1052
|
+
def token_period(self) -> pulumi.Output[Optional[_builtins.int]]:
|
|
1054
1053
|
"""
|
|
1055
1054
|
Generated Token's Period
|
|
1056
1055
|
"""
|
|
1057
1056
|
return pulumi.get(self, "token_period")
|
|
1058
1057
|
|
|
1059
|
-
@property
|
|
1058
|
+
@_builtins.property
|
|
1060
1059
|
@pulumi.getter(name="tokenPolicies")
|
|
1061
|
-
def token_policies(self) -> pulumi.Output[Optional[Sequence[
|
|
1060
|
+
def token_policies(self) -> pulumi.Output[Optional[Sequence[_builtins.str]]]:
|
|
1062
1061
|
"""
|
|
1063
1062
|
Generated Token's Policies
|
|
1064
1063
|
"""
|
|
1065
1064
|
return pulumi.get(self, "token_policies")
|
|
1066
1065
|
|
|
1067
|
-
@property
|
|
1066
|
+
@_builtins.property
|
|
1068
1067
|
@pulumi.getter(name="tokenTtl")
|
|
1069
|
-
def token_ttl(self) -> pulumi.Output[Optional[
|
|
1068
|
+
def token_ttl(self) -> pulumi.Output[Optional[_builtins.int]]:
|
|
1070
1069
|
"""
|
|
1071
1070
|
The initial ttl of the token to generate in seconds
|
|
1072
1071
|
"""
|
|
1073
1072
|
return pulumi.get(self, "token_ttl")
|
|
1074
1073
|
|
|
1075
|
-
@property
|
|
1074
|
+
@_builtins.property
|
|
1076
1075
|
@pulumi.getter(name="tokenType")
|
|
1077
|
-
def token_type(self) -> pulumi.Output[Optional[
|
|
1076
|
+
def token_type(self) -> pulumi.Output[Optional[_builtins.str]]:
|
|
1078
1077
|
"""
|
|
1079
1078
|
The type of token to generate, service or batch
|
|
1080
1079
|
"""
|