pulumi-vault 7.2.0a1755297899__py3-none-any.whl → 7.3.0a1755586140__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_vault/__init__.py +18 -0
- pulumi_vault/_inputs.py +201 -0
- pulumi_vault/aws/secret_backend.py +627 -49
- pulumi_vault/azure/backend.py +788 -15
- pulumi_vault/consul/secret_backend.py +660 -28
- pulumi_vault/database/secrets_mount.py +47 -0
- pulumi_vault/gcp/secret_backend.py +599 -56
- pulumi_vault/jwt/auth_backend.py +47 -0
- pulumi_vault/kmip/secret_backend.py +787 -7
- pulumi_vault/kubernetes/secret_backend.py +47 -0
- pulumi_vault/ldap/secret_backend.py +75 -35
- pulumi_vault/mount.py +47 -0
- pulumi_vault/nomad_secret_backend.py +660 -21
- pulumi_vault/oci_auth_backend.py +683 -0
- pulumi_vault/oci_auth_backend_role.py +798 -0
- pulumi_vault/outputs.py +153 -0
- pulumi_vault/pkisecret/backend_config_scep.py +68 -21
- pulumi_vault/pkisecret/get_backend_config_scep.py +21 -1
- pulumi_vault/pulumi-plugin.json +1 -1
- pulumi_vault/rabbitmq/secret_backend.py +707 -35
- pulumi_vault/ssh/secret_backend_ca.py +101 -7
- pulumi_vault/terraformcloud/secret_backend.py +707 -28
- pulumi_vault/transit/secret_backend_key.py +49 -21
- {pulumi_vault-7.2.0a1755297899.dist-info → pulumi_vault-7.3.0a1755586140.dist-info}/METADATA +1 -1
- {pulumi_vault-7.2.0a1755297899.dist-info → pulumi_vault-7.3.0a1755586140.dist-info}/RECORD +27 -25
- {pulumi_vault-7.2.0a1755297899.dist-info → pulumi_vault-7.3.0a1755586140.dist-info}/WHEEL +0 -0
- {pulumi_vault-7.2.0a1755297899.dist-info → pulumi_vault-7.3.0a1755586140.dist-info}/top_level.txt +0 -0
pulumi_vault/outputs.py
CHANGED
|
@@ -17,6 +17,7 @@ from . import outputs
|
|
|
17
17
|
|
|
18
18
|
__all__ = [
|
|
19
19
|
'AuthBackendTune',
|
|
20
|
+
'OciAuthBackendTune',
|
|
20
21
|
'GetPolicyDocumentRuleResult',
|
|
21
22
|
'GetPolicyDocumentRuleAllowedParameterResult',
|
|
22
23
|
'GetPolicyDocumentRuleDeniedParameterResult',
|
|
@@ -176,6 +177,158 @@ class AuthBackendTune(dict):
|
|
|
176
177
|
return pulumi.get(self, "token_type")
|
|
177
178
|
|
|
178
179
|
|
|
180
|
+
@pulumi.output_type
|
|
181
|
+
class OciAuthBackendTune(dict):
|
|
182
|
+
@staticmethod
|
|
183
|
+
def __key_warning(key: str):
|
|
184
|
+
suggest = None
|
|
185
|
+
if key == "allowedResponseHeaders":
|
|
186
|
+
suggest = "allowed_response_headers"
|
|
187
|
+
elif key == "auditNonHmacRequestKeys":
|
|
188
|
+
suggest = "audit_non_hmac_request_keys"
|
|
189
|
+
elif key == "auditNonHmacResponseKeys":
|
|
190
|
+
suggest = "audit_non_hmac_response_keys"
|
|
191
|
+
elif key == "defaultLeaseTtl":
|
|
192
|
+
suggest = "default_lease_ttl"
|
|
193
|
+
elif key == "listingVisibility":
|
|
194
|
+
suggest = "listing_visibility"
|
|
195
|
+
elif key == "maxLeaseTtl":
|
|
196
|
+
suggest = "max_lease_ttl"
|
|
197
|
+
elif key == "passthroughRequestHeaders":
|
|
198
|
+
suggest = "passthrough_request_headers"
|
|
199
|
+
elif key == "tokenType":
|
|
200
|
+
suggest = "token_type"
|
|
201
|
+
|
|
202
|
+
if suggest:
|
|
203
|
+
pulumi.log.warn(f"Key '{key}' not found in OciAuthBackendTune. Access the value via the '{suggest}' property getter instead.")
|
|
204
|
+
|
|
205
|
+
def __getitem__(self, key: str) -> Any:
|
|
206
|
+
OciAuthBackendTune.__key_warning(key)
|
|
207
|
+
return super().__getitem__(key)
|
|
208
|
+
|
|
209
|
+
def get(self, key: str, default = None) -> Any:
|
|
210
|
+
OciAuthBackendTune.__key_warning(key)
|
|
211
|
+
return super().get(key, default)
|
|
212
|
+
|
|
213
|
+
def __init__(__self__, *,
|
|
214
|
+
allowed_response_headers: Optional[Sequence[_builtins.str]] = None,
|
|
215
|
+
audit_non_hmac_request_keys: Optional[Sequence[_builtins.str]] = None,
|
|
216
|
+
audit_non_hmac_response_keys: Optional[Sequence[_builtins.str]] = None,
|
|
217
|
+
default_lease_ttl: Optional[_builtins.str] = None,
|
|
218
|
+
listing_visibility: Optional[_builtins.str] = None,
|
|
219
|
+
max_lease_ttl: Optional[_builtins.str] = None,
|
|
220
|
+
passthrough_request_headers: Optional[Sequence[_builtins.str]] = None,
|
|
221
|
+
token_type: Optional[_builtins.str] = None):
|
|
222
|
+
"""
|
|
223
|
+
:param Sequence[_builtins.str] allowed_response_headers: List of headers to whitelist and allowing
|
|
224
|
+
a plugin to include them in the response.
|
|
225
|
+
:param Sequence[_builtins.str] audit_non_hmac_request_keys: Specifies the list of keys that will
|
|
226
|
+
not be HMAC'd by audit devices in the request data object.
|
|
227
|
+
:param Sequence[_builtins.str] audit_non_hmac_response_keys: Specifies the list of keys that will
|
|
228
|
+
not be HMAC'd by audit devices in the response data object.
|
|
229
|
+
:param _builtins.str default_lease_ttl: Specifies the default time-to-live.
|
|
230
|
+
If set, this overrides the global default.
|
|
231
|
+
Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)
|
|
232
|
+
:param _builtins.str listing_visibility: Specifies whether to show this mount in
|
|
233
|
+
the UI-specific listing endpoint. Valid values are "unauth" or "hidden".
|
|
234
|
+
:param _builtins.str max_lease_ttl: Specifies the maximum time-to-live.
|
|
235
|
+
If set, this overrides the global default.
|
|
236
|
+
Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)
|
|
237
|
+
:param Sequence[_builtins.str] passthrough_request_headers: List of headers to whitelist and
|
|
238
|
+
pass from the request to the backend.
|
|
239
|
+
:param _builtins.str token_type: Specifies the type of tokens that should be returned by the mount.
|
|
240
|
+
"""
|
|
241
|
+
if allowed_response_headers is not None:
|
|
242
|
+
pulumi.set(__self__, "allowed_response_headers", allowed_response_headers)
|
|
243
|
+
if audit_non_hmac_request_keys is not None:
|
|
244
|
+
pulumi.set(__self__, "audit_non_hmac_request_keys", audit_non_hmac_request_keys)
|
|
245
|
+
if audit_non_hmac_response_keys is not None:
|
|
246
|
+
pulumi.set(__self__, "audit_non_hmac_response_keys", audit_non_hmac_response_keys)
|
|
247
|
+
if default_lease_ttl is not None:
|
|
248
|
+
pulumi.set(__self__, "default_lease_ttl", default_lease_ttl)
|
|
249
|
+
if listing_visibility is not None:
|
|
250
|
+
pulumi.set(__self__, "listing_visibility", listing_visibility)
|
|
251
|
+
if max_lease_ttl is not None:
|
|
252
|
+
pulumi.set(__self__, "max_lease_ttl", max_lease_ttl)
|
|
253
|
+
if passthrough_request_headers is not None:
|
|
254
|
+
pulumi.set(__self__, "passthrough_request_headers", passthrough_request_headers)
|
|
255
|
+
if token_type is not None:
|
|
256
|
+
pulumi.set(__self__, "token_type", token_type)
|
|
257
|
+
|
|
258
|
+
@_builtins.property
|
|
259
|
+
@pulumi.getter(name="allowedResponseHeaders")
|
|
260
|
+
def allowed_response_headers(self) -> Optional[Sequence[_builtins.str]]:
|
|
261
|
+
"""
|
|
262
|
+
List of headers to whitelist and allowing
|
|
263
|
+
a plugin to include them in the response.
|
|
264
|
+
"""
|
|
265
|
+
return pulumi.get(self, "allowed_response_headers")
|
|
266
|
+
|
|
267
|
+
@_builtins.property
|
|
268
|
+
@pulumi.getter(name="auditNonHmacRequestKeys")
|
|
269
|
+
def audit_non_hmac_request_keys(self) -> Optional[Sequence[_builtins.str]]:
|
|
270
|
+
"""
|
|
271
|
+
Specifies the list of keys that will
|
|
272
|
+
not be HMAC'd by audit devices in the request data object.
|
|
273
|
+
"""
|
|
274
|
+
return pulumi.get(self, "audit_non_hmac_request_keys")
|
|
275
|
+
|
|
276
|
+
@_builtins.property
|
|
277
|
+
@pulumi.getter(name="auditNonHmacResponseKeys")
|
|
278
|
+
def audit_non_hmac_response_keys(self) -> Optional[Sequence[_builtins.str]]:
|
|
279
|
+
"""
|
|
280
|
+
Specifies the list of keys that will
|
|
281
|
+
not be HMAC'd by audit devices in the response data object.
|
|
282
|
+
"""
|
|
283
|
+
return pulumi.get(self, "audit_non_hmac_response_keys")
|
|
284
|
+
|
|
285
|
+
@_builtins.property
|
|
286
|
+
@pulumi.getter(name="defaultLeaseTtl")
|
|
287
|
+
def default_lease_ttl(self) -> Optional[_builtins.str]:
|
|
288
|
+
"""
|
|
289
|
+
Specifies the default time-to-live.
|
|
290
|
+
If set, this overrides the global default.
|
|
291
|
+
Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)
|
|
292
|
+
"""
|
|
293
|
+
return pulumi.get(self, "default_lease_ttl")
|
|
294
|
+
|
|
295
|
+
@_builtins.property
|
|
296
|
+
@pulumi.getter(name="listingVisibility")
|
|
297
|
+
def listing_visibility(self) -> Optional[_builtins.str]:
|
|
298
|
+
"""
|
|
299
|
+
Specifies whether to show this mount in
|
|
300
|
+
the UI-specific listing endpoint. Valid values are "unauth" or "hidden".
|
|
301
|
+
"""
|
|
302
|
+
return pulumi.get(self, "listing_visibility")
|
|
303
|
+
|
|
304
|
+
@_builtins.property
|
|
305
|
+
@pulumi.getter(name="maxLeaseTtl")
|
|
306
|
+
def max_lease_ttl(self) -> Optional[_builtins.str]:
|
|
307
|
+
"""
|
|
308
|
+
Specifies the maximum time-to-live.
|
|
309
|
+
If set, this overrides the global default.
|
|
310
|
+
Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)
|
|
311
|
+
"""
|
|
312
|
+
return pulumi.get(self, "max_lease_ttl")
|
|
313
|
+
|
|
314
|
+
@_builtins.property
|
|
315
|
+
@pulumi.getter(name="passthroughRequestHeaders")
|
|
316
|
+
def passthrough_request_headers(self) -> Optional[Sequence[_builtins.str]]:
|
|
317
|
+
"""
|
|
318
|
+
List of headers to whitelist and
|
|
319
|
+
pass from the request to the backend.
|
|
320
|
+
"""
|
|
321
|
+
return pulumi.get(self, "passthrough_request_headers")
|
|
322
|
+
|
|
323
|
+
@_builtins.property
|
|
324
|
+
@pulumi.getter(name="tokenType")
|
|
325
|
+
def token_type(self) -> Optional[_builtins.str]:
|
|
326
|
+
"""
|
|
327
|
+
Specifies the type of tokens that should be returned by the mount.
|
|
328
|
+
"""
|
|
329
|
+
return pulumi.get(self, "token_type")
|
|
330
|
+
|
|
331
|
+
|
|
179
332
|
@pulumi.output_type
|
|
180
333
|
class GetPolicyDocumentRuleResult(dict):
|
|
181
334
|
def __init__(__self__, *,
|
|
@@ -28,6 +28,7 @@ class BackendConfigScepArgs:
|
|
|
28
28
|
default_path_policy: Optional[pulumi.Input[_builtins.str]] = None,
|
|
29
29
|
enabled: Optional[pulumi.Input[_builtins.bool]] = None,
|
|
30
30
|
external_validations: Optional[pulumi.Input[Sequence[pulumi.Input['BackendConfigScepExternalValidationArgs']]]] = None,
|
|
31
|
+
log_level: Optional[pulumi.Input[_builtins.str]] = None,
|
|
31
32
|
namespace: Optional[pulumi.Input[_builtins.str]] = None,
|
|
32
33
|
restrict_ca_chain_to_issuer: Optional[pulumi.Input[_builtins.bool]] = None):
|
|
33
34
|
"""
|
|
@@ -40,14 +41,15 @@ class BackendConfigScepArgs:
|
|
|
40
41
|
:param pulumi.Input[_builtins.str] default_path_policy: Specifies the policy to be used for non-role-qualified SCEP requests; valid values are 'sign-verbatim', or "role:<role_name>" to specify a role to use as this policy.
|
|
41
42
|
:param pulumi.Input[_builtins.bool] enabled: Specifies whether SCEP is enabled.
|
|
42
43
|
:param pulumi.Input[Sequence[pulumi.Input['BackendConfigScepExternalValidationArgs']]] external_validations: Lists the 3rd party validation of SCEP requests (see below for nested schema).
|
|
44
|
+
:param pulumi.Input[_builtins.str] log_level: The level of logging verbosity, affects only SCEP logs on this mount.
|
|
45
|
+
|
|
46
|
+
|
|
47
|
+
<a id="nestedatt--authenticators"></a>
|
|
43
48
|
:param pulumi.Input[_builtins.str] namespace: The namespace of the target resource.
|
|
44
49
|
The value should not contain leading or trailing forward slashes.
|
|
45
50
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
|
46
51
|
*Available only for Vault Enterprise*.
|
|
47
52
|
:param pulumi.Input[_builtins.bool] restrict_ca_chain_to_issuer: If true, only return the issuer CA, otherwise the entire CA certificate chain will be returned if available from the PKI mount.
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
<a id="nestedatt--authenticators"></a>
|
|
51
53
|
"""
|
|
52
54
|
pulumi.set(__self__, "backend", backend)
|
|
53
55
|
if allowed_digest_algorithms is not None:
|
|
@@ -62,6 +64,8 @@ class BackendConfigScepArgs:
|
|
|
62
64
|
pulumi.set(__self__, "enabled", enabled)
|
|
63
65
|
if external_validations is not None:
|
|
64
66
|
pulumi.set(__self__, "external_validations", external_validations)
|
|
67
|
+
if log_level is not None:
|
|
68
|
+
pulumi.set(__self__, "log_level", log_level)
|
|
65
69
|
if namespace is not None:
|
|
66
70
|
pulumi.set(__self__, "namespace", namespace)
|
|
67
71
|
if restrict_ca_chain_to_issuer is not None:
|
|
@@ -152,6 +156,21 @@ class BackendConfigScepArgs:
|
|
|
152
156
|
def external_validations(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['BackendConfigScepExternalValidationArgs']]]]):
|
|
153
157
|
pulumi.set(self, "external_validations", value)
|
|
154
158
|
|
|
159
|
+
@_builtins.property
|
|
160
|
+
@pulumi.getter(name="logLevel")
|
|
161
|
+
def log_level(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
162
|
+
"""
|
|
163
|
+
The level of logging verbosity, affects only SCEP logs on this mount.
|
|
164
|
+
|
|
165
|
+
|
|
166
|
+
<a id="nestedatt--authenticators"></a>
|
|
167
|
+
"""
|
|
168
|
+
return pulumi.get(self, "log_level")
|
|
169
|
+
|
|
170
|
+
@log_level.setter
|
|
171
|
+
def log_level(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
172
|
+
pulumi.set(self, "log_level", value)
|
|
173
|
+
|
|
155
174
|
@_builtins.property
|
|
156
175
|
@pulumi.getter
|
|
157
176
|
def namespace(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
@@ -172,9 +191,6 @@ class BackendConfigScepArgs:
|
|
|
172
191
|
def restrict_ca_chain_to_issuer(self) -> Optional[pulumi.Input[_builtins.bool]]:
|
|
173
192
|
"""
|
|
174
193
|
If true, only return the issuer CA, otherwise the entire CA certificate chain will be returned if available from the PKI mount.
|
|
175
|
-
|
|
176
|
-
|
|
177
|
-
<a id="nestedatt--authenticators"></a>
|
|
178
194
|
"""
|
|
179
195
|
return pulumi.get(self, "restrict_ca_chain_to_issuer")
|
|
180
196
|
|
|
@@ -194,6 +210,7 @@ class _BackendConfigScepState:
|
|
|
194
210
|
enabled: Optional[pulumi.Input[_builtins.bool]] = None,
|
|
195
211
|
external_validations: Optional[pulumi.Input[Sequence[pulumi.Input['BackendConfigScepExternalValidationArgs']]]] = None,
|
|
196
212
|
last_updated: Optional[pulumi.Input[_builtins.str]] = None,
|
|
213
|
+
log_level: Optional[pulumi.Input[_builtins.str]] = None,
|
|
197
214
|
namespace: Optional[pulumi.Input[_builtins.str]] = None,
|
|
198
215
|
restrict_ca_chain_to_issuer: Optional[pulumi.Input[_builtins.bool]] = None):
|
|
199
216
|
"""
|
|
@@ -207,14 +224,15 @@ class _BackendConfigScepState:
|
|
|
207
224
|
:param pulumi.Input[_builtins.bool] enabled: Specifies whether SCEP is enabled.
|
|
208
225
|
:param pulumi.Input[Sequence[pulumi.Input['BackendConfigScepExternalValidationArgs']]] external_validations: Lists the 3rd party validation of SCEP requests (see below for nested schema).
|
|
209
226
|
:param pulumi.Input[_builtins.str] last_updated: A read-only timestamp representing the last time the configuration was updated.
|
|
227
|
+
:param pulumi.Input[_builtins.str] log_level: The level of logging verbosity, affects only SCEP logs on this mount.
|
|
228
|
+
|
|
229
|
+
|
|
230
|
+
<a id="nestedatt--authenticators"></a>
|
|
210
231
|
:param pulumi.Input[_builtins.str] namespace: The namespace of the target resource.
|
|
211
232
|
The value should not contain leading or trailing forward slashes.
|
|
212
233
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
|
213
234
|
*Available only for Vault Enterprise*.
|
|
214
235
|
:param pulumi.Input[_builtins.bool] restrict_ca_chain_to_issuer: If true, only return the issuer CA, otherwise the entire CA certificate chain will be returned if available from the PKI mount.
|
|
215
|
-
|
|
216
|
-
|
|
217
|
-
<a id="nestedatt--authenticators"></a>
|
|
218
236
|
"""
|
|
219
237
|
if allowed_digest_algorithms is not None:
|
|
220
238
|
pulumi.set(__self__, "allowed_digest_algorithms", allowed_digest_algorithms)
|
|
@@ -232,6 +250,8 @@ class _BackendConfigScepState:
|
|
|
232
250
|
pulumi.set(__self__, "external_validations", external_validations)
|
|
233
251
|
if last_updated is not None:
|
|
234
252
|
pulumi.set(__self__, "last_updated", last_updated)
|
|
253
|
+
if log_level is not None:
|
|
254
|
+
pulumi.set(__self__, "log_level", log_level)
|
|
235
255
|
if namespace is not None:
|
|
236
256
|
pulumi.set(__self__, "namespace", namespace)
|
|
237
257
|
if restrict_ca_chain_to_issuer is not None:
|
|
@@ -334,6 +354,21 @@ class _BackendConfigScepState:
|
|
|
334
354
|
def last_updated(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
335
355
|
pulumi.set(self, "last_updated", value)
|
|
336
356
|
|
|
357
|
+
@_builtins.property
|
|
358
|
+
@pulumi.getter(name="logLevel")
|
|
359
|
+
def log_level(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
360
|
+
"""
|
|
361
|
+
The level of logging verbosity, affects only SCEP logs on this mount.
|
|
362
|
+
|
|
363
|
+
|
|
364
|
+
<a id="nestedatt--authenticators"></a>
|
|
365
|
+
"""
|
|
366
|
+
return pulumi.get(self, "log_level")
|
|
367
|
+
|
|
368
|
+
@log_level.setter
|
|
369
|
+
def log_level(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
370
|
+
pulumi.set(self, "log_level", value)
|
|
371
|
+
|
|
337
372
|
@_builtins.property
|
|
338
373
|
@pulumi.getter
|
|
339
374
|
def namespace(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
@@ -354,9 +389,6 @@ class _BackendConfigScepState:
|
|
|
354
389
|
def restrict_ca_chain_to_issuer(self) -> Optional[pulumi.Input[_builtins.bool]]:
|
|
355
390
|
"""
|
|
356
391
|
If true, only return the issuer CA, otherwise the entire CA certificate chain will be returned if available from the PKI mount.
|
|
357
|
-
|
|
358
|
-
|
|
359
|
-
<a id="nestedatt--authenticators"></a>
|
|
360
392
|
"""
|
|
361
393
|
return pulumi.get(self, "restrict_ca_chain_to_issuer")
|
|
362
394
|
|
|
@@ -378,6 +410,7 @@ class BackendConfigScep(pulumi.CustomResource):
|
|
|
378
410
|
default_path_policy: Optional[pulumi.Input[_builtins.str]] = None,
|
|
379
411
|
enabled: Optional[pulumi.Input[_builtins.bool]] = None,
|
|
380
412
|
external_validations: Optional[pulumi.Input[Sequence[pulumi.Input[Union['BackendConfigScepExternalValidationArgs', 'BackendConfigScepExternalValidationArgsDict']]]]] = None,
|
|
413
|
+
log_level: Optional[pulumi.Input[_builtins.str]] = None,
|
|
381
414
|
namespace: Optional[pulumi.Input[_builtins.str]] = None,
|
|
382
415
|
restrict_ca_chain_to_issuer: Optional[pulumi.Input[_builtins.bool]] = None,
|
|
383
416
|
__props__=None):
|
|
@@ -436,14 +469,15 @@ class BackendConfigScep(pulumi.CustomResource):
|
|
|
436
469
|
:param pulumi.Input[_builtins.str] default_path_policy: Specifies the policy to be used for non-role-qualified SCEP requests; valid values are 'sign-verbatim', or "role:<role_name>" to specify a role to use as this policy.
|
|
437
470
|
:param pulumi.Input[_builtins.bool] enabled: Specifies whether SCEP is enabled.
|
|
438
471
|
:param pulumi.Input[Sequence[pulumi.Input[Union['BackendConfigScepExternalValidationArgs', 'BackendConfigScepExternalValidationArgsDict']]]] external_validations: Lists the 3rd party validation of SCEP requests (see below for nested schema).
|
|
472
|
+
:param pulumi.Input[_builtins.str] log_level: The level of logging verbosity, affects only SCEP logs on this mount.
|
|
473
|
+
|
|
474
|
+
|
|
475
|
+
<a id="nestedatt--authenticators"></a>
|
|
439
476
|
:param pulumi.Input[_builtins.str] namespace: The namespace of the target resource.
|
|
440
477
|
The value should not contain leading or trailing forward slashes.
|
|
441
478
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
|
442
479
|
*Available only for Vault Enterprise*.
|
|
443
480
|
:param pulumi.Input[_builtins.bool] restrict_ca_chain_to_issuer: If true, only return the issuer CA, otherwise the entire CA certificate chain will be returned if available from the PKI mount.
|
|
444
|
-
|
|
445
|
-
|
|
446
|
-
<a id="nestedatt--authenticators"></a>
|
|
447
481
|
"""
|
|
448
482
|
...
|
|
449
483
|
@overload
|
|
@@ -518,6 +552,7 @@ class BackendConfigScep(pulumi.CustomResource):
|
|
|
518
552
|
default_path_policy: Optional[pulumi.Input[_builtins.str]] = None,
|
|
519
553
|
enabled: Optional[pulumi.Input[_builtins.bool]] = None,
|
|
520
554
|
external_validations: Optional[pulumi.Input[Sequence[pulumi.Input[Union['BackendConfigScepExternalValidationArgs', 'BackendConfigScepExternalValidationArgsDict']]]]] = None,
|
|
555
|
+
log_level: Optional[pulumi.Input[_builtins.str]] = None,
|
|
521
556
|
namespace: Optional[pulumi.Input[_builtins.str]] = None,
|
|
522
557
|
restrict_ca_chain_to_issuer: Optional[pulumi.Input[_builtins.bool]] = None,
|
|
523
558
|
__props__=None):
|
|
@@ -538,6 +573,7 @@ class BackendConfigScep(pulumi.CustomResource):
|
|
|
538
573
|
__props__.__dict__["default_path_policy"] = default_path_policy
|
|
539
574
|
__props__.__dict__["enabled"] = enabled
|
|
540
575
|
__props__.__dict__["external_validations"] = external_validations
|
|
576
|
+
__props__.__dict__["log_level"] = log_level
|
|
541
577
|
__props__.__dict__["namespace"] = namespace
|
|
542
578
|
__props__.__dict__["restrict_ca_chain_to_issuer"] = restrict_ca_chain_to_issuer
|
|
543
579
|
__props__.__dict__["last_updated"] = None
|
|
@@ -559,6 +595,7 @@ class BackendConfigScep(pulumi.CustomResource):
|
|
|
559
595
|
enabled: Optional[pulumi.Input[_builtins.bool]] = None,
|
|
560
596
|
external_validations: Optional[pulumi.Input[Sequence[pulumi.Input[Union['BackendConfigScepExternalValidationArgs', 'BackendConfigScepExternalValidationArgsDict']]]]] = None,
|
|
561
597
|
last_updated: Optional[pulumi.Input[_builtins.str]] = None,
|
|
598
|
+
log_level: Optional[pulumi.Input[_builtins.str]] = None,
|
|
562
599
|
namespace: Optional[pulumi.Input[_builtins.str]] = None,
|
|
563
600
|
restrict_ca_chain_to_issuer: Optional[pulumi.Input[_builtins.bool]] = None) -> 'BackendConfigScep':
|
|
564
601
|
"""
|
|
@@ -577,14 +614,15 @@ class BackendConfigScep(pulumi.CustomResource):
|
|
|
577
614
|
:param pulumi.Input[_builtins.bool] enabled: Specifies whether SCEP is enabled.
|
|
578
615
|
:param pulumi.Input[Sequence[pulumi.Input[Union['BackendConfigScepExternalValidationArgs', 'BackendConfigScepExternalValidationArgsDict']]]] external_validations: Lists the 3rd party validation of SCEP requests (see below for nested schema).
|
|
579
616
|
:param pulumi.Input[_builtins.str] last_updated: A read-only timestamp representing the last time the configuration was updated.
|
|
617
|
+
:param pulumi.Input[_builtins.str] log_level: The level of logging verbosity, affects only SCEP logs on this mount.
|
|
618
|
+
|
|
619
|
+
|
|
620
|
+
<a id="nestedatt--authenticators"></a>
|
|
580
621
|
:param pulumi.Input[_builtins.str] namespace: The namespace of the target resource.
|
|
581
622
|
The value should not contain leading or trailing forward slashes.
|
|
582
623
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
|
583
624
|
*Available only for Vault Enterprise*.
|
|
584
625
|
:param pulumi.Input[_builtins.bool] restrict_ca_chain_to_issuer: If true, only return the issuer CA, otherwise the entire CA certificate chain will be returned if available from the PKI mount.
|
|
585
|
-
|
|
586
|
-
|
|
587
|
-
<a id="nestedatt--authenticators"></a>
|
|
588
626
|
"""
|
|
589
627
|
opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
|
|
590
628
|
|
|
@@ -598,6 +636,7 @@ class BackendConfigScep(pulumi.CustomResource):
|
|
|
598
636
|
__props__.__dict__["enabled"] = enabled
|
|
599
637
|
__props__.__dict__["external_validations"] = external_validations
|
|
600
638
|
__props__.__dict__["last_updated"] = last_updated
|
|
639
|
+
__props__.__dict__["log_level"] = log_level
|
|
601
640
|
__props__.__dict__["namespace"] = namespace
|
|
602
641
|
__props__.__dict__["restrict_ca_chain_to_issuer"] = restrict_ca_chain_to_issuer
|
|
603
642
|
return BackendConfigScep(resource_name, opts=opts, __props__=__props__)
|
|
@@ -667,6 +706,17 @@ class BackendConfigScep(pulumi.CustomResource):
|
|
|
667
706
|
"""
|
|
668
707
|
return pulumi.get(self, "last_updated")
|
|
669
708
|
|
|
709
|
+
@_builtins.property
|
|
710
|
+
@pulumi.getter(name="logLevel")
|
|
711
|
+
def log_level(self) -> pulumi.Output[_builtins.str]:
|
|
712
|
+
"""
|
|
713
|
+
The level of logging verbosity, affects only SCEP logs on this mount.
|
|
714
|
+
|
|
715
|
+
|
|
716
|
+
<a id="nestedatt--authenticators"></a>
|
|
717
|
+
"""
|
|
718
|
+
return pulumi.get(self, "log_level")
|
|
719
|
+
|
|
670
720
|
@_builtins.property
|
|
671
721
|
@pulumi.getter
|
|
672
722
|
def namespace(self) -> pulumi.Output[Optional[_builtins.str]]:
|
|
@@ -683,9 +733,6 @@ class BackendConfigScep(pulumi.CustomResource):
|
|
|
683
733
|
def restrict_ca_chain_to_issuer(self) -> pulumi.Output[Optional[_builtins.bool]]:
|
|
684
734
|
"""
|
|
685
735
|
If true, only return the issuer CA, otherwise the entire CA certificate chain will be returned if available from the PKI mount.
|
|
686
|
-
|
|
687
|
-
|
|
688
|
-
<a id="nestedatt--authenticators"></a>
|
|
689
736
|
"""
|
|
690
737
|
return pulumi.get(self, "restrict_ca_chain_to_issuer")
|
|
691
738
|
|
|
@@ -27,7 +27,7 @@ class GetBackendConfigScepResult:
|
|
|
27
27
|
"""
|
|
28
28
|
A collection of values returned by getBackendConfigScep.
|
|
29
29
|
"""
|
|
30
|
-
def __init__(__self__, allowed_digest_algorithms=None, allowed_encryption_algorithms=None, authenticators=None, backend=None, default_path_policy=None, enabled=None, external_validations=None, id=None, last_updated=None, namespace=None, restrict_ca_chain_to_issuer=None):
|
|
30
|
+
def __init__(__self__, allowed_digest_algorithms=None, allowed_encryption_algorithms=None, authenticators=None, backend=None, default_path_policy=None, enabled=None, external_validations=None, id=None, last_updated=None, log_level=None, namespace=None, restrict_ca_chain_to_issuer=None):
|
|
31
31
|
if allowed_digest_algorithms and not isinstance(allowed_digest_algorithms, list):
|
|
32
32
|
raise TypeError("Expected argument 'allowed_digest_algorithms' to be a list")
|
|
33
33
|
pulumi.set(__self__, "allowed_digest_algorithms", allowed_digest_algorithms)
|
|
@@ -55,6 +55,9 @@ class GetBackendConfigScepResult:
|
|
|
55
55
|
if last_updated and not isinstance(last_updated, str):
|
|
56
56
|
raise TypeError("Expected argument 'last_updated' to be a str")
|
|
57
57
|
pulumi.set(__self__, "last_updated", last_updated)
|
|
58
|
+
if log_level and not isinstance(log_level, str):
|
|
59
|
+
raise TypeError("Expected argument 'log_level' to be a str")
|
|
60
|
+
pulumi.set(__self__, "log_level", log_level)
|
|
58
61
|
if namespace and not isinstance(namespace, str):
|
|
59
62
|
raise TypeError("Expected argument 'namespace' to be a str")
|
|
60
63
|
pulumi.set(__self__, "namespace", namespace)
|
|
@@ -131,6 +134,14 @@ class GetBackendConfigScepResult:
|
|
|
131
134
|
"""
|
|
132
135
|
return pulumi.get(self, "last_updated")
|
|
133
136
|
|
|
137
|
+
@_builtins.property
|
|
138
|
+
@pulumi.getter(name="logLevel")
|
|
139
|
+
def log_level(self) -> Optional[_builtins.str]:
|
|
140
|
+
"""
|
|
141
|
+
The level of logging verbosity, affects only SCEP logs on this mount.
|
|
142
|
+
"""
|
|
143
|
+
return pulumi.get(self, "log_level")
|
|
144
|
+
|
|
134
145
|
@_builtins.property
|
|
135
146
|
@pulumi.getter
|
|
136
147
|
def namespace(self) -> Optional[_builtins.str]:
|
|
@@ -160,11 +171,13 @@ class AwaitableGetBackendConfigScepResult(GetBackendConfigScepResult):
|
|
|
160
171
|
external_validations=self.external_validations,
|
|
161
172
|
id=self.id,
|
|
162
173
|
last_updated=self.last_updated,
|
|
174
|
+
log_level=self.log_level,
|
|
163
175
|
namespace=self.namespace,
|
|
164
176
|
restrict_ca_chain_to_issuer=self.restrict_ca_chain_to_issuer)
|
|
165
177
|
|
|
166
178
|
|
|
167
179
|
def get_backend_config_scep(backend: Optional[_builtins.str] = None,
|
|
180
|
+
log_level: Optional[_builtins.str] = None,
|
|
168
181
|
namespace: Optional[_builtins.str] = None,
|
|
169
182
|
opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetBackendConfigScepResult:
|
|
170
183
|
"""
|
|
@@ -184,6 +197,7 @@ def get_backend_config_scep(backend: Optional[_builtins.str] = None,
|
|
|
184
197
|
|
|
185
198
|
:param _builtins.str backend: The path to the PKI secret backend to
|
|
186
199
|
read the SCEP configuration from, with no leading or trailing `/`s.
|
|
200
|
+
:param _builtins.str log_level: The level of logging verbosity, affects only SCEP logs on this mount.
|
|
187
201
|
:param _builtins.str namespace: The namespace of the target resource.
|
|
188
202
|
The value should not contain leading or trailing forward slashes.
|
|
189
203
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
|
@@ -191,6 +205,7 @@ def get_backend_config_scep(backend: Optional[_builtins.str] = None,
|
|
|
191
205
|
"""
|
|
192
206
|
__args__ = dict()
|
|
193
207
|
__args__['backend'] = backend
|
|
208
|
+
__args__['logLevel'] = log_level
|
|
194
209
|
__args__['namespace'] = namespace
|
|
195
210
|
opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
|
|
196
211
|
__ret__ = pulumi.runtime.invoke('vault:pkiSecret/getBackendConfigScep:getBackendConfigScep', __args__, opts=opts, typ=GetBackendConfigScepResult).value
|
|
@@ -205,9 +220,11 @@ def get_backend_config_scep(backend: Optional[_builtins.str] = None,
|
|
|
205
220
|
external_validations=pulumi.get(__ret__, 'external_validations'),
|
|
206
221
|
id=pulumi.get(__ret__, 'id'),
|
|
207
222
|
last_updated=pulumi.get(__ret__, 'last_updated'),
|
|
223
|
+
log_level=pulumi.get(__ret__, 'log_level'),
|
|
208
224
|
namespace=pulumi.get(__ret__, 'namespace'),
|
|
209
225
|
restrict_ca_chain_to_issuer=pulumi.get(__ret__, 'restrict_ca_chain_to_issuer'))
|
|
210
226
|
def get_backend_config_scep_output(backend: Optional[pulumi.Input[_builtins.str]] = None,
|
|
227
|
+
log_level: Optional[pulumi.Input[Optional[_builtins.str]]] = None,
|
|
211
228
|
namespace: Optional[pulumi.Input[Optional[_builtins.str]]] = None,
|
|
212
229
|
opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetBackendConfigScepResult]:
|
|
213
230
|
"""
|
|
@@ -227,6 +244,7 @@ def get_backend_config_scep_output(backend: Optional[pulumi.Input[_builtins.str]
|
|
|
227
244
|
|
|
228
245
|
:param _builtins.str backend: The path to the PKI secret backend to
|
|
229
246
|
read the SCEP configuration from, with no leading or trailing `/`s.
|
|
247
|
+
:param _builtins.str log_level: The level of logging verbosity, affects only SCEP logs on this mount.
|
|
230
248
|
:param _builtins.str namespace: The namespace of the target resource.
|
|
231
249
|
The value should not contain leading or trailing forward slashes.
|
|
232
250
|
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
|
@@ -234,6 +252,7 @@ def get_backend_config_scep_output(backend: Optional[pulumi.Input[_builtins.str]
|
|
|
234
252
|
"""
|
|
235
253
|
__args__ = dict()
|
|
236
254
|
__args__['backend'] = backend
|
|
255
|
+
__args__['logLevel'] = log_level
|
|
237
256
|
__args__['namespace'] = namespace
|
|
238
257
|
opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
|
|
239
258
|
__ret__ = pulumi.runtime.invoke_output('vault:pkiSecret/getBackendConfigScep:getBackendConfigScep', __args__, opts=opts, typ=GetBackendConfigScepResult)
|
|
@@ -247,5 +266,6 @@ def get_backend_config_scep_output(backend: Optional[pulumi.Input[_builtins.str]
|
|
|
247
266
|
external_validations=pulumi.get(__response__, 'external_validations'),
|
|
248
267
|
id=pulumi.get(__response__, 'id'),
|
|
249
268
|
last_updated=pulumi.get(__response__, 'last_updated'),
|
|
269
|
+
log_level=pulumi.get(__response__, 'log_level'),
|
|
250
270
|
namespace=pulumi.get(__response__, 'namespace'),
|
|
251
271
|
restrict_ca_chain_to_issuer=pulumi.get(__response__, 'restrict_ca_chain_to_issuer')))
|
pulumi_vault/pulumi-plugin.json
CHANGED