PyPI - pulumi-vault - Versions diffs - 7.2.0a1755297899__py3-none-any.whl → 7.3.0a1755586140__py3-none-any.whl - Mend

pulumi-vault 7.2.0a1755297899py3-none-any.whl → 7.3.0a1755586140py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (27) hide show

pulumi_vault/__init__.py +18 -0
pulumi_vault/_inputs.py +201 -0
pulumi_vault/aws/secret_backend.py +627 -49
pulumi_vault/azure/backend.py +788 -15
pulumi_vault/consul/secret_backend.py +660 -28
pulumi_vault/database/secrets_mount.py +47 -0
pulumi_vault/gcp/secret_backend.py +599 -56
pulumi_vault/jwt/auth_backend.py +47 -0
pulumi_vault/kmip/secret_backend.py +787 -7
pulumi_vault/kubernetes/secret_backend.py +47 -0
pulumi_vault/ldap/secret_backend.py +75 -35
pulumi_vault/mount.py +47 -0
pulumi_vault/nomad_secret_backend.py +660 -21
pulumi_vault/oci_auth_backend.py +683 -0
pulumi_vault/oci_auth_backend_role.py +798 -0
pulumi_vault/outputs.py +153 -0
pulumi_vault/pkisecret/backend_config_scep.py +68 -21
pulumi_vault/pkisecret/get_backend_config_scep.py +21 -1
pulumi_vault/pulumi-plugin.json +1 -1
pulumi_vault/rabbitmq/secret_backend.py +707 -35
pulumi_vault/ssh/secret_backend_ca.py +101 -7
pulumi_vault/terraformcloud/secret_backend.py +707 -28
pulumi_vault/transit/secret_backend_key.py +49 -21
{pulumi_vault-7.2.0a1755297899.dist-info → pulumi_vault-7.3.0a1755586140.dist-info}/METADATA +1 -1
{pulumi_vault-7.2.0a1755297899.dist-info → pulumi_vault-7.3.0a1755586140.dist-info}/RECORD +27 -25
{pulumi_vault-7.2.0a1755297899.dist-info → pulumi_vault-7.3.0a1755586140.dist-info}/WHEEL +0 -0
{pulumi_vault-7.2.0a1755297899.dist-info → pulumi_vault-7.3.0a1755586140.dist-info}/top_level.txt +0 -0

pulumi_vault/kubernetes/secret_backend.py CHANGED Viewed

@@ -29,6 +29,7 @@ class SecretBackendArgs:
                  description: Optional[pulumi.Input[_builtins.str]] = None,
                  disable_local_ca_jwt: Optional[pulumi.Input[_builtins.bool]] = None,
                  external_entropy_access: Optional[pulumi.Input[_builtins.bool]] = None,
+                 force_no_cache: Optional[pulumi.Input[_builtins.bool]] = None,
                  identity_token_key: Optional[pulumi.Input[_builtins.str]] = None,
                  kubernetes_ca_cert: Optional[pulumi.Input[_builtins.str]] = None,
                  kubernetes_host: Optional[pulumi.Input[_builtins.str]] = None,
@@ -54,6 +55,7 @@ class SecretBackendArgs:
         :param pulumi.Input[_builtins.bool] disable_local_ca_jwt: Disable defaulting to the local CA certificate and
                service account JWT when Vault is running in a Kubernetes pod.
         :param pulumi.Input[_builtins.bool] external_entropy_access: Enable the secrets engine to access Vault's external entropy source
+        :param pulumi.Input[_builtins.bool] force_no_cache: If set to true, disables caching.
         :param pulumi.Input[_builtins.str] identity_token_key: The key to use for signing plugin workload identity tokens
         :param pulumi.Input[_builtins.str] kubernetes_ca_cert: A PEM-encoded CA certificate used by the
                secrets engine to verify the Kubernetes API server certificate. Defaults to the local
@@ -96,6 +98,8 @@ class SecretBackendArgs:
             pulumi.set(__self__, "disable_local_ca_jwt", disable_local_ca_jwt)
         if external_entropy_access is not None:
             pulumi.set(__self__, "external_entropy_access", external_entropy_access)
+        if force_no_cache is not None:
+            pulumi.set(__self__, "force_no_cache", force_no_cache)
         if identity_token_key is not None:
             pulumi.set(__self__, "identity_token_key", identity_token_key)
         if kubernetes_ca_cert is not None:
@@ -242,6 +246,18 @@ class SecretBackendArgs:
     def external_entropy_access(self, value: Optional[pulumi.Input[_builtins.bool]]):
         pulumi.set(self, "external_entropy_access", value)
+    @_builtins.property
+    @pulumi.getter(name="forceNoCache")
+    def force_no_cache(self) -> Optional[pulumi.Input[_builtins.bool]]:
+        """
+        If set to true, disables caching.
+        """
+        return pulumi.get(self, "force_no_cache")
+    @force_no_cache.setter
+    def force_no_cache(self, value: Optional[pulumi.Input[_builtins.bool]]):
+        pulumi.set(self, "force_no_cache", value)
     @_builtins.property
     @pulumi.getter(name="identityTokenKey")
     def identity_token_key(self) -> Optional[pulumi.Input[_builtins.str]]:
@@ -410,6 +426,7 @@ class _SecretBackendState:
                  description: Optional[pulumi.Input[_builtins.str]] = None,
                  disable_local_ca_jwt: Optional[pulumi.Input[_builtins.bool]] = None,
                  external_entropy_access: Optional[pulumi.Input[_builtins.bool]] = None,
+                 force_no_cache: Optional[pulumi.Input[_builtins.bool]] = None,
                  identity_token_key: Optional[pulumi.Input[_builtins.str]] = None,
                  kubernetes_ca_cert: Optional[pulumi.Input[_builtins.str]] = None,
                  kubernetes_host: Optional[pulumi.Input[_builtins.str]] = None,
@@ -436,6 +453,7 @@ class _SecretBackendState:
         :param pulumi.Input[_builtins.bool] disable_local_ca_jwt: Disable defaulting to the local CA certificate and
                service account JWT when Vault is running in a Kubernetes pod.
         :param pulumi.Input[_builtins.bool] external_entropy_access: Enable the secrets engine to access Vault's external entropy source
+        :param pulumi.Input[_builtins.bool] force_no_cache: If set to true, disables caching.
         :param pulumi.Input[_builtins.str] identity_token_key: The key to use for signing plugin workload identity tokens
         :param pulumi.Input[_builtins.str] kubernetes_ca_cert: A PEM-encoded CA certificate used by the
                secrets engine to verify the Kubernetes API server certificate. Defaults to the local
@@ -480,6 +498,8 @@ class _SecretBackendState:
             pulumi.set(__self__, "disable_local_ca_jwt", disable_local_ca_jwt)
         if external_entropy_access is not None:
             pulumi.set(__self__, "external_entropy_access", external_entropy_access)
+        if force_no_cache is not None:
+            pulumi.set(__self__, "force_no_cache", force_no_cache)
         if identity_token_key is not None:
             pulumi.set(__self__, "identity_token_key", identity_token_key)
         if kubernetes_ca_cert is not None:
@@ -628,6 +648,18 @@ class _SecretBackendState:
     def external_entropy_access(self, value: Optional[pulumi.Input[_builtins.bool]]):
         pulumi.set(self, "external_entropy_access", value)
+    @_builtins.property
+    @pulumi.getter(name="forceNoCache")
+    def force_no_cache(self) -> Optional[pulumi.Input[_builtins.bool]]:
+        """
+        If set to true, disables caching.
+        """
+        return pulumi.get(self, "force_no_cache")
+    @force_no_cache.setter
+    def force_no_cache(self, value: Optional[pulumi.Input[_builtins.bool]]):
+        pulumi.set(self, "force_no_cache", value)
     @_builtins.property
     @pulumi.getter(name="identityTokenKey")
     def identity_token_key(self) -> Optional[pulumi.Input[_builtins.str]]:
@@ -810,6 +842,7 @@ class SecretBackend(pulumi.CustomResource):
                  description: Optional[pulumi.Input[_builtins.str]] = None,
                  disable_local_ca_jwt: Optional[pulumi.Input[_builtins.bool]] = None,
                  external_entropy_access: Optional[pulumi.Input[_builtins.bool]] = None,
+                 force_no_cache: Optional[pulumi.Input[_builtins.bool]] = None,
                  identity_token_key: Optional[pulumi.Input[_builtins.str]] = None,
                  kubernetes_ca_cert: Optional[pulumi.Input[_builtins.str]] = None,
                  kubernetes_host: Optional[pulumi.Input[_builtins.str]] = None,
@@ -863,6 +896,7 @@ class SecretBackend(pulumi.CustomResource):
         :param pulumi.Input[_builtins.bool] disable_local_ca_jwt: Disable defaulting to the local CA certificate and
                service account JWT when Vault is running in a Kubernetes pod.
         :param pulumi.Input[_builtins.bool] external_entropy_access: Enable the secrets engine to access Vault's external entropy source
+        :param pulumi.Input[_builtins.bool] force_no_cache: If set to true, disables caching.
         :param pulumi.Input[_builtins.str] identity_token_key: The key to use for signing plugin workload identity tokens
         :param pulumi.Input[_builtins.str] kubernetes_ca_cert: A PEM-encoded CA certificate used by the
                secrets engine to verify the Kubernetes API server certificate. Defaults to the local
@@ -944,6 +978,7 @@ class SecretBackend(pulumi.CustomResource):
                  description: Optional[pulumi.Input[_builtins.str]] = None,
                  disable_local_ca_jwt: Optional[pulumi.Input[_builtins.bool]] = None,
                  external_entropy_access: Optional[pulumi.Input[_builtins.bool]] = None,
+                 force_no_cache: Optional[pulumi.Input[_builtins.bool]] = None,
                  identity_token_key: Optional[pulumi.Input[_builtins.str]] = None,
                  kubernetes_ca_cert: Optional[pulumi.Input[_builtins.str]] = None,
                  kubernetes_host: Optional[pulumi.Input[_builtins.str]] = None,
@@ -975,6 +1010,7 @@ class SecretBackend(pulumi.CustomResource):
             __props__.__dict__["description"] = description
             __props__.__dict__["disable_local_ca_jwt"] = disable_local_ca_jwt
             __props__.__dict__["external_entropy_access"] = external_entropy_access
+            __props__.__dict__["force_no_cache"] = force_no_cache
             __props__.__dict__["identity_token_key"] = identity_token_key
             __props__.__dict__["kubernetes_ca_cert"] = kubernetes_ca_cert
             __props__.__dict__["kubernetes_host"] = kubernetes_host
@@ -1013,6 +1049,7 @@ class SecretBackend(pulumi.CustomResource):
             description: Optional[pulumi.Input[_builtins.str]] = None,
             disable_local_ca_jwt: Optional[pulumi.Input[_builtins.bool]] = None,
             external_entropy_access: Optional[pulumi.Input[_builtins.bool]] = None,
+            force_no_cache: Optional[pulumi.Input[_builtins.bool]] = None,
             identity_token_key: Optional[pulumi.Input[_builtins.str]] = None,
             kubernetes_ca_cert: Optional[pulumi.Input[_builtins.str]] = None,
             kubernetes_host: Optional[pulumi.Input[_builtins.str]] = None,
@@ -1044,6 +1081,7 @@ class SecretBackend(pulumi.CustomResource):
         :param pulumi.Input[_builtins.bool] disable_local_ca_jwt: Disable defaulting to the local CA certificate and
                service account JWT when Vault is running in a Kubernetes pod.
         :param pulumi.Input[_builtins.bool] external_entropy_access: Enable the secrets engine to access Vault's external entropy source
+        :param pulumi.Input[_builtins.bool] force_no_cache: If set to true, disables caching.
         :param pulumi.Input[_builtins.str] identity_token_key: The key to use for signing plugin workload identity tokens
         :param pulumi.Input[_builtins.str] kubernetes_ca_cert: A PEM-encoded CA certificate used by the
                secrets engine to verify the Kubernetes API server certificate. Defaults to the local
@@ -1082,6 +1120,7 @@ class SecretBackend(pulumi.CustomResource):
         __props__.__dict__["description"] = description
         __props__.__dict__["disable_local_ca_jwt"] = disable_local_ca_jwt
         __props__.__dict__["external_entropy_access"] = external_entropy_access
+        __props__.__dict__["force_no_cache"] = force_no_cache
         __props__.__dict__["identity_token_key"] = identity_token_key
         __props__.__dict__["kubernetes_ca_cert"] = kubernetes_ca_cert
         __props__.__dict__["kubernetes_host"] = kubernetes_host
@@ -1178,6 +1217,14 @@ class SecretBackend(pulumi.CustomResource):
         """
         return pulumi.get(self, "external_entropy_access")
+    @_builtins.property
+    @pulumi.getter(name="forceNoCache")
+    def force_no_cache(self) -> pulumi.Output[_builtins.bool]:
+        """
+        If set to true, disables caching.
+        """
+        return pulumi.get(self, "force_no_cache")
     @_builtins.property
     @pulumi.getter(name="identityTokenKey")
     def identity_token_key(self) -> pulumi.Output[Optional[_builtins.str]]:

pulumi_vault/ldap/secret_backend.py CHANGED Viewed

@@ -35,6 +35,7 @@ class SecretBackendArgs:
                  disable_automated_rotation: Optional[pulumi.Input[_builtins.bool]] = None,
                  disable_remount: Optional[pulumi.Input[_builtins.bool]] = None,
                  external_entropy_access: Optional[pulumi.Input[_builtins.bool]] = None,
+                 force_no_cache: Optional[pulumi.Input[_builtins.bool]] = None,
                  identity_token_key: Optional[pulumi.Input[_builtins.str]] = None,
                  insecure_tls: Optional[pulumi.Input[_builtins.bool]] = None,
                  listing_visibility: Optional[pulumi.Input[_builtins.str]] = None,
@@ -72,19 +73,19 @@ class SecretBackendArgs:
         :param pulumi.Input[_builtins.str] client_tls_key: Client certificate key to provide to the LDAP server, must be x509 PEM encoded.
         :param pulumi.Input[_builtins.int] connection_timeout: Timeout, in seconds, when attempting to connect to the LDAP server before trying
                the next URL in the configuration.
-        :param pulumi.Input[_builtins.int] default_lease_ttl_seconds: Default lease duration for secrets in seconds.
+        :param pulumi.Input[_builtins.int] default_lease_ttl_seconds: Default lease duration for tokens and secrets in seconds
         :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] delegated_auth_accessors: List of headers to allow and pass from the request to the plugin
-        :param pulumi.Input[_builtins.str] description: Human-friendly description of the mount for the Active Directory backend.
+        :param pulumi.Input[_builtins.str] description: Human-friendly description of the mount
         :param pulumi.Input[_builtins.bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
         :param pulumi.Input[_builtins.bool] disable_remount: If set, opts out of mount migration on path updates.
         :param pulumi.Input[_builtins.bool] external_entropy_access: Enable the secrets engine to access Vault's external entropy source
+        :param pulumi.Input[_builtins.bool] force_no_cache: If set to true, disables caching.
         :param pulumi.Input[_builtins.str] identity_token_key: The key to use for signing plugin workload identity tokens
         :param pulumi.Input[_builtins.bool] insecure_tls: Skip LDAP server SSL Certificate verification. This is not recommended for production.
                Defaults to `false`.
         :param pulumi.Input[_builtins.str] listing_visibility: Specifies whether to show this mount in the UI-specific listing endpoint
-        :param pulumi.Input[_builtins.bool] local: Mark the secrets engine as local-only. Local engines are not replicated or removed by
-               replication.Tolerance duration to use when checking the last rotation time.
-        :param pulumi.Input[_builtins.int] max_lease_ttl_seconds: Maximum possible lease duration for secrets in seconds.
+        :param pulumi.Input[_builtins.bool] local: Local mount flag that can be explicitly set to true to enforce local mount in HA environment
+        :param pulumi.Input[_builtins.int] max_lease_ttl_seconds: Maximum possible lease duration for tokens and secrets in seconds
         :param pulumi.Input[_builtins.str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
@@ -145,6 +146,8 @@ class SecretBackendArgs:
             pulumi.set(__self__, "disable_remount", disable_remount)
         if external_entropy_access is not None:
             pulumi.set(__self__, "external_entropy_access", external_entropy_access)
+        if force_no_cache is not None:
+            pulumi.set(__self__, "force_no_cache", force_no_cache)
         if identity_token_key is not None:
             pulumi.set(__self__, "identity_token_key", identity_token_key)
         if insecure_tls is not None:
@@ -318,7 +321,7 @@ class SecretBackendArgs:
     @pulumi.getter(name="defaultLeaseTtlSeconds")
     def default_lease_ttl_seconds(self) -> Optional[pulumi.Input[_builtins.int]]:
         """
-        Default lease duration for secrets in seconds.
+        Default lease duration for tokens and secrets in seconds
         """
         return pulumi.get(self, "default_lease_ttl_seconds")
@@ -342,7 +345,7 @@ class SecretBackendArgs:
     @pulumi.getter
     def description(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
-        Human-friendly description of the mount for the Active Directory backend.
+        Human-friendly description of the mount
         """
         return pulumi.get(self, "description")
@@ -386,6 +389,18 @@ class SecretBackendArgs:
     def external_entropy_access(self, value: Optional[pulumi.Input[_builtins.bool]]):
         pulumi.set(self, "external_entropy_access", value)
+    @_builtins.property
+    @pulumi.getter(name="forceNoCache")
+    def force_no_cache(self) -> Optional[pulumi.Input[_builtins.bool]]:
+        """
+        If set to true, disables caching.
+        """
+        return pulumi.get(self, "force_no_cache")
+    @force_no_cache.setter
+    def force_no_cache(self, value: Optional[pulumi.Input[_builtins.bool]]):
+        pulumi.set(self, "force_no_cache", value)
     @_builtins.property
     @pulumi.getter(name="identityTokenKey")
     def identity_token_key(self) -> Optional[pulumi.Input[_builtins.str]]:
@@ -427,8 +442,7 @@ class SecretBackendArgs:
     @pulumi.getter
     def local(self) -> Optional[pulumi.Input[_builtins.bool]]:
         """
-        Mark the secrets engine as local-only. Local engines are not replicated or removed by
-        replication.Tolerance duration to use when checking the last rotation time.
+        Local mount flag that can be explicitly set to true to enforce local mount in HA environment
         """
         return pulumi.get(self, "local")
@@ -440,7 +454,7 @@ class SecretBackendArgs:
     @pulumi.getter(name="maxLeaseTtlSeconds")
     def max_lease_ttl_seconds(self) -> Optional[pulumi.Input[_builtins.int]]:
         """
-        Maximum possible lease duration for secrets in seconds.
+        Maximum possible lease duration for tokens and secrets in seconds
         """
         return pulumi.get(self, "max_lease_ttl_seconds")
@@ -696,6 +710,7 @@ class _SecretBackendState:
                  disable_automated_rotation: Optional[pulumi.Input[_builtins.bool]] = None,
                  disable_remount: Optional[pulumi.Input[_builtins.bool]] = None,
                  external_entropy_access: Optional[pulumi.Input[_builtins.bool]] = None,
+                 force_no_cache: Optional[pulumi.Input[_builtins.bool]] = None,
                  identity_token_key: Optional[pulumi.Input[_builtins.str]] = None,
                  insecure_tls: Optional[pulumi.Input[_builtins.bool]] = None,
                  listing_visibility: Optional[pulumi.Input[_builtins.str]] = None,
@@ -734,19 +749,19 @@ class _SecretBackendState:
         :param pulumi.Input[_builtins.str] client_tls_key: Client certificate key to provide to the LDAP server, must be x509 PEM encoded.
         :param pulumi.Input[_builtins.int] connection_timeout: Timeout, in seconds, when attempting to connect to the LDAP server before trying
                the next URL in the configuration.
-        :param pulumi.Input[_builtins.int] default_lease_ttl_seconds: Default lease duration for secrets in seconds.
+        :param pulumi.Input[_builtins.int] default_lease_ttl_seconds: Default lease duration for tokens and secrets in seconds
         :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] delegated_auth_accessors: List of headers to allow and pass from the request to the plugin
-        :param pulumi.Input[_builtins.str] description: Human-friendly description of the mount for the Active Directory backend.
+        :param pulumi.Input[_builtins.str] description: Human-friendly description of the mount
         :param pulumi.Input[_builtins.bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
         :param pulumi.Input[_builtins.bool] disable_remount: If set, opts out of mount migration on path updates.
         :param pulumi.Input[_builtins.bool] external_entropy_access: Enable the secrets engine to access Vault's external entropy source
+        :param pulumi.Input[_builtins.bool] force_no_cache: If set to true, disables caching.
         :param pulumi.Input[_builtins.str] identity_token_key: The key to use for signing plugin workload identity tokens
         :param pulumi.Input[_builtins.bool] insecure_tls: Skip LDAP server SSL Certificate verification. This is not recommended for production.
                Defaults to `false`.
         :param pulumi.Input[_builtins.str] listing_visibility: Specifies whether to show this mount in the UI-specific listing endpoint
-        :param pulumi.Input[_builtins.bool] local: Mark the secrets engine as local-only. Local engines are not replicated or removed by
-               replication.Tolerance duration to use when checking the last rotation time.
-        :param pulumi.Input[_builtins.int] max_lease_ttl_seconds: Maximum possible lease duration for secrets in seconds.
+        :param pulumi.Input[_builtins.bool] local: Local mount flag that can be explicitly set to true to enforce local mount in HA environment
+        :param pulumi.Input[_builtins.int] max_lease_ttl_seconds: Maximum possible lease duration for tokens and secrets in seconds
         :param pulumi.Input[_builtins.str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
@@ -811,6 +826,8 @@ class _SecretBackendState:
             pulumi.set(__self__, "disable_remount", disable_remount)
         if external_entropy_access is not None:
             pulumi.set(__self__, "external_entropy_access", external_entropy_access)
+        if force_no_cache is not None:
+            pulumi.set(__self__, "force_no_cache", force_no_cache)
         if identity_token_key is not None:
             pulumi.set(__self__, "identity_token_key", identity_token_key)
         if insecure_tls is not None:
@@ -996,7 +1013,7 @@ class _SecretBackendState:
     @pulumi.getter(name="defaultLeaseTtlSeconds")
     def default_lease_ttl_seconds(self) -> Optional[pulumi.Input[_builtins.int]]:
         """
-        Default lease duration for secrets in seconds.
+        Default lease duration for tokens and secrets in seconds
         """
         return pulumi.get(self, "default_lease_ttl_seconds")
@@ -1020,7 +1037,7 @@ class _SecretBackendState:
     @pulumi.getter
     def description(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
-        Human-friendly description of the mount for the Active Directory backend.
+        Human-friendly description of the mount
         """
         return pulumi.get(self, "description")
@@ -1064,6 +1081,18 @@ class _SecretBackendState:
     def external_entropy_access(self, value: Optional[pulumi.Input[_builtins.bool]]):
         pulumi.set(self, "external_entropy_access", value)
+    @_builtins.property
+    @pulumi.getter(name="forceNoCache")
+    def force_no_cache(self) -> Optional[pulumi.Input[_builtins.bool]]:
+        """
+        If set to true, disables caching.
+        """
+        return pulumi.get(self, "force_no_cache")
+    @force_no_cache.setter
+    def force_no_cache(self, value: Optional[pulumi.Input[_builtins.bool]]):
+        pulumi.set(self, "force_no_cache", value)
     @_builtins.property
     @pulumi.getter(name="identityTokenKey")
     def identity_token_key(self) -> Optional[pulumi.Input[_builtins.str]]:
@@ -1105,8 +1134,7 @@ class _SecretBackendState:
     @pulumi.getter
     def local(self) -> Optional[pulumi.Input[_builtins.bool]]:
         """
-        Mark the secrets engine as local-only. Local engines are not replicated or removed by
-        replication.Tolerance duration to use when checking the last rotation time.
+        Local mount flag that can be explicitly set to true to enforce local mount in HA environment
         """
         return pulumi.get(self, "local")
@@ -1118,7 +1146,7 @@ class _SecretBackendState:
     @pulumi.getter(name="maxLeaseTtlSeconds")
     def max_lease_ttl_seconds(self) -> Optional[pulumi.Input[_builtins.int]]:
         """
-        Maximum possible lease duration for secrets in seconds.
+        Maximum possible lease duration for tokens and secrets in seconds
         """
         return pulumi.get(self, "max_lease_ttl_seconds")
@@ -1376,6 +1404,7 @@ class SecretBackend(pulumi.CustomResource):
                  disable_automated_rotation: Optional[pulumi.Input[_builtins.bool]] = None,
                  disable_remount: Optional[pulumi.Input[_builtins.bool]] = None,
                  external_entropy_access: Optional[pulumi.Input[_builtins.bool]] = None,
+                 force_no_cache: Optional[pulumi.Input[_builtins.bool]] = None,
                  identity_token_key: Optional[pulumi.Input[_builtins.str]] = None,
                  insecure_tls: Optional[pulumi.Input[_builtins.bool]] = None,
                  listing_visibility: Optional[pulumi.Input[_builtins.str]] = None,
@@ -1440,19 +1469,19 @@ class SecretBackend(pulumi.CustomResource):
         :param pulumi.Input[_builtins.str] client_tls_key: Client certificate key to provide to the LDAP server, must be x509 PEM encoded.
         :param pulumi.Input[_builtins.int] connection_timeout: Timeout, in seconds, when attempting to connect to the LDAP server before trying
                the next URL in the configuration.
-        :param pulumi.Input[_builtins.int] default_lease_ttl_seconds: Default lease duration for secrets in seconds.
+        :param pulumi.Input[_builtins.int] default_lease_ttl_seconds: Default lease duration for tokens and secrets in seconds
         :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] delegated_auth_accessors: List of headers to allow and pass from the request to the plugin
-        :param pulumi.Input[_builtins.str] description: Human-friendly description of the mount for the Active Directory backend.
+        :param pulumi.Input[_builtins.str] description: Human-friendly description of the mount
         :param pulumi.Input[_builtins.bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
         :param pulumi.Input[_builtins.bool] disable_remount: If set, opts out of mount migration on path updates.
         :param pulumi.Input[_builtins.bool] external_entropy_access: Enable the secrets engine to access Vault's external entropy source
+        :param pulumi.Input[_builtins.bool] force_no_cache: If set to true, disables caching.
         :param pulumi.Input[_builtins.str] identity_token_key: The key to use for signing plugin workload identity tokens
         :param pulumi.Input[_builtins.bool] insecure_tls: Skip LDAP server SSL Certificate verification. This is not recommended for production.
                Defaults to `false`.
         :param pulumi.Input[_builtins.str] listing_visibility: Specifies whether to show this mount in the UI-specific listing endpoint
-        :param pulumi.Input[_builtins.bool] local: Mark the secrets engine as local-only. Local engines are not replicated or removed by
-               replication.Tolerance duration to use when checking the last rotation time.
-        :param pulumi.Input[_builtins.int] max_lease_ttl_seconds: Maximum possible lease duration for secrets in seconds.
+        :param pulumi.Input[_builtins.bool] local: Local mount flag that can be explicitly set to true to enforce local mount in HA environment
+        :param pulumi.Input[_builtins.int] max_lease_ttl_seconds: Maximum possible lease duration for tokens and secrets in seconds
         :param pulumi.Input[_builtins.str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
@@ -1546,6 +1575,7 @@ class SecretBackend(pulumi.CustomResource):
                  disable_automated_rotation: Optional[pulumi.Input[_builtins.bool]] = None,
                  disable_remount: Optional[pulumi.Input[_builtins.bool]] = None,
                  external_entropy_access: Optional[pulumi.Input[_builtins.bool]] = None,
+                 force_no_cache: Optional[pulumi.Input[_builtins.bool]] = None,
                  identity_token_key: Optional[pulumi.Input[_builtins.str]] = None,
                  insecure_tls: Optional[pulumi.Input[_builtins.bool]] = None,
                  listing_visibility: Optional[pulumi.Input[_builtins.str]] = None,
@@ -1598,6 +1628,7 @@ class SecretBackend(pulumi.CustomResource):
             __props__.__dict__["disable_automated_rotation"] = disable_automated_rotation
             __props__.__dict__["disable_remount"] = disable_remount
             __props__.__dict__["external_entropy_access"] = external_entropy_access
+            __props__.__dict__["force_no_cache"] = force_no_cache
             __props__.__dict__["identity_token_key"] = identity_token_key
             __props__.__dict__["insecure_tls"] = insecure_tls
             __props__.__dict__["listing_visibility"] = listing_visibility
@@ -1651,6 +1682,7 @@ class SecretBackend(pulumi.CustomResource):
             disable_automated_rotation: Optional[pulumi.Input[_builtins.bool]] = None,
             disable_remount: Optional[pulumi.Input[_builtins.bool]] = None,
             external_entropy_access: Optional[pulumi.Input[_builtins.bool]] = None,
+            force_no_cache: Optional[pulumi.Input[_builtins.bool]] = None,
             identity_token_key: Optional[pulumi.Input[_builtins.str]] = None,
             insecure_tls: Optional[pulumi.Input[_builtins.bool]] = None,
             listing_visibility: Optional[pulumi.Input[_builtins.str]] = None,
@@ -1694,19 +1726,19 @@ class SecretBackend(pulumi.CustomResource):
         :param pulumi.Input[_builtins.str] client_tls_key: Client certificate key to provide to the LDAP server, must be x509 PEM encoded.
         :param pulumi.Input[_builtins.int] connection_timeout: Timeout, in seconds, when attempting to connect to the LDAP server before trying
                the next URL in the configuration.
-        :param pulumi.Input[_builtins.int] default_lease_ttl_seconds: Default lease duration for secrets in seconds.
+        :param pulumi.Input[_builtins.int] default_lease_ttl_seconds: Default lease duration for tokens and secrets in seconds
         :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] delegated_auth_accessors: List of headers to allow and pass from the request to the plugin
-        :param pulumi.Input[_builtins.str] description: Human-friendly description of the mount for the Active Directory backend.
+        :param pulumi.Input[_builtins.str] description: Human-friendly description of the mount
         :param pulumi.Input[_builtins.bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
         :param pulumi.Input[_builtins.bool] disable_remount: If set, opts out of mount migration on path updates.
         :param pulumi.Input[_builtins.bool] external_entropy_access: Enable the secrets engine to access Vault's external entropy source
+        :param pulumi.Input[_builtins.bool] force_no_cache: If set to true, disables caching.
         :param pulumi.Input[_builtins.str] identity_token_key: The key to use for signing plugin workload identity tokens
         :param pulumi.Input[_builtins.bool] insecure_tls: Skip LDAP server SSL Certificate verification. This is not recommended for production.
                Defaults to `false`.
         :param pulumi.Input[_builtins.str] listing_visibility: Specifies whether to show this mount in the UI-specific listing endpoint
-        :param pulumi.Input[_builtins.bool] local: Mark the secrets engine as local-only. Local engines are not replicated or removed by
-               replication.Tolerance duration to use when checking the last rotation time.
-        :param pulumi.Input[_builtins.int] max_lease_ttl_seconds: Maximum possible lease duration for secrets in seconds.
+        :param pulumi.Input[_builtins.bool] local: Local mount flag that can be explicitly set to true to enforce local mount in HA environment
+        :param pulumi.Input[_builtins.int] max_lease_ttl_seconds: Maximum possible lease duration for tokens and secrets in seconds
         :param pulumi.Input[_builtins.str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
@@ -1758,6 +1790,7 @@ class SecretBackend(pulumi.CustomResource):
         __props__.__dict__["disable_automated_rotation"] = disable_automated_rotation
         __props__.__dict__["disable_remount"] = disable_remount
         __props__.__dict__["external_entropy_access"] = external_entropy_access
+        __props__.__dict__["force_no_cache"] = force_no_cache
         __props__.__dict__["identity_token_key"] = identity_token_key
         __props__.__dict__["insecure_tls"] = insecure_tls
         __props__.__dict__["listing_visibility"] = listing_visibility
@@ -1877,7 +1910,7 @@ class SecretBackend(pulumi.CustomResource):
     @pulumi.getter(name="defaultLeaseTtlSeconds")
     def default_lease_ttl_seconds(self) -> pulumi.Output[_builtins.int]:
         """
-        Default lease duration for secrets in seconds.
+        Default lease duration for tokens and secrets in seconds
         """
         return pulumi.get(self, "default_lease_ttl_seconds")
@@ -1893,7 +1926,7 @@ class SecretBackend(pulumi.CustomResource):
     @pulumi.getter
     def description(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
-        Human-friendly description of the mount for the Active Directory backend.
+        Human-friendly description of the mount
         """
         return pulumi.get(self, "description")
@@ -1921,6 +1954,14 @@ class SecretBackend(pulumi.CustomResource):
         """
         return pulumi.get(self, "external_entropy_access")
+    @_builtins.property
+    @pulumi.getter(name="forceNoCache")
+    def force_no_cache(self) -> pulumi.Output[_builtins.bool]:
+        """
+        If set to true, disables caching.
+        """
+        return pulumi.get(self, "force_no_cache")
     @_builtins.property
     @pulumi.getter(name="identityTokenKey")
     def identity_token_key(self) -> pulumi.Output[Optional[_builtins.str]]:
@@ -1950,8 +1991,7 @@ class SecretBackend(pulumi.CustomResource):
     @pulumi.getter
     def local(self) -> pulumi.Output[Optional[_builtins.bool]]:
         """
-        Mark the secrets engine as local-only. Local engines are not replicated or removed by
-        replication.Tolerance duration to use when checking the last rotation time.
+        Local mount flag that can be explicitly set to true to enforce local mount in HA environment
         """
         return pulumi.get(self, "local")
@@ -1959,7 +1999,7 @@ class SecretBackend(pulumi.CustomResource):
     @pulumi.getter(name="maxLeaseTtlSeconds")
     def max_lease_ttl_seconds(self) -> pulumi.Output[_builtins.int]:
         """
-        Maximum possible lease duration for secrets in seconds.
+        Maximum possible lease duration for tokens and secrets in seconds
         """
         return pulumi.get(self, "max_lease_ttl_seconds")

pulumi-vault 7.2.0a1755297899__py3-none-any.whl → 7.3.0a1755586140__py3-none-any.whl

pulumi-vault 7.2.0a1755297899py3-none-any.whl → 7.3.0a1755586140py3-none-any.whl