pulumi-vault 7.6.0a1764657486__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_vault/__init__.py +1399 -0
- pulumi_vault/_inputs.py +2701 -0
- pulumi_vault/_utilities.py +331 -0
- pulumi_vault/ad/__init__.py +12 -0
- pulumi_vault/ad/get_access_credentials.py +177 -0
- pulumi_vault/ad/secret_backend.py +1916 -0
- pulumi_vault/ad/secret_library.py +546 -0
- pulumi_vault/ad/secret_role.py +499 -0
- pulumi_vault/alicloud/__init__.py +9 -0
- pulumi_vault/alicloud/auth_backend_role.py +866 -0
- pulumi_vault/approle/__init__.py +12 -0
- pulumi_vault/approle/auth_backend_login.py +571 -0
- pulumi_vault/approle/auth_backend_role.py +1082 -0
- pulumi_vault/approle/auth_backend_role_secret_id.py +796 -0
- pulumi_vault/approle/get_auth_backend_role_id.py +169 -0
- pulumi_vault/audit.py +499 -0
- pulumi_vault/audit_request_header.py +277 -0
- pulumi_vault/auth_backend.py +565 -0
- pulumi_vault/aws/__init__.py +22 -0
- pulumi_vault/aws/auth_backend_cert.py +420 -0
- pulumi_vault/aws/auth_backend_client.py +1259 -0
- pulumi_vault/aws/auth_backend_config_identity.py +494 -0
- pulumi_vault/aws/auth_backend_identity_whitelist.py +380 -0
- pulumi_vault/aws/auth_backend_login.py +1046 -0
- pulumi_vault/aws/auth_backend_role.py +1961 -0
- pulumi_vault/aws/auth_backend_role_tag.py +638 -0
- pulumi_vault/aws/auth_backend_roletag_blacklist.py +366 -0
- pulumi_vault/aws/auth_backend_sts_role.py +414 -0
- pulumi_vault/aws/get_access_credentials.py +369 -0
- pulumi_vault/aws/get_static_access_credentials.py +137 -0
- pulumi_vault/aws/secret_backend.py +2018 -0
- pulumi_vault/aws/secret_backend_role.py +1188 -0
- pulumi_vault/aws/secret_backend_static_role.py +639 -0
- pulumi_vault/azure/__init__.py +15 -0
- pulumi_vault/azure/_inputs.py +108 -0
- pulumi_vault/azure/auth_backend_config.py +1096 -0
- pulumi_vault/azure/auth_backend_role.py +1176 -0
- pulumi_vault/azure/backend.py +1793 -0
- pulumi_vault/azure/backend_role.py +883 -0
- pulumi_vault/azure/get_access_credentials.py +400 -0
- pulumi_vault/azure/outputs.py +107 -0
- pulumi_vault/cert_auth_backend_role.py +1539 -0
- pulumi_vault/config/__init__.py +9 -0
- pulumi_vault/config/__init__.pyi +164 -0
- pulumi_vault/config/_inputs.py +73 -0
- pulumi_vault/config/outputs.py +1225 -0
- pulumi_vault/config/ui_custom_message.py +530 -0
- pulumi_vault/config/vars.py +230 -0
- pulumi_vault/consul/__init__.py +10 -0
- pulumi_vault/consul/secret_backend.py +1517 -0
- pulumi_vault/consul/secret_backend_role.py +847 -0
- pulumi_vault/database/__init__.py +14 -0
- pulumi_vault/database/_inputs.py +11907 -0
- pulumi_vault/database/outputs.py +8496 -0
- pulumi_vault/database/secret_backend_connection.py +1676 -0
- pulumi_vault/database/secret_backend_role.py +840 -0
- pulumi_vault/database/secret_backend_static_role.py +881 -0
- pulumi_vault/database/secrets_mount.py +2160 -0
- pulumi_vault/egp_policy.py +399 -0
- pulumi_vault/gcp/__init__.py +17 -0
- pulumi_vault/gcp/_inputs.py +441 -0
- pulumi_vault/gcp/auth_backend.py +1486 -0
- pulumi_vault/gcp/auth_backend_role.py +1235 -0
- pulumi_vault/gcp/get_auth_backend_role.py +514 -0
- pulumi_vault/gcp/outputs.py +302 -0
- pulumi_vault/gcp/secret_backend.py +1807 -0
- pulumi_vault/gcp/secret_impersonated_account.py +484 -0
- pulumi_vault/gcp/secret_roleset.py +554 -0
- pulumi_vault/gcp/secret_static_account.py +557 -0
- pulumi_vault/generic/__init__.py +11 -0
- pulumi_vault/generic/endpoint.py +786 -0
- pulumi_vault/generic/get_secret.py +306 -0
- pulumi_vault/generic/secret.py +486 -0
- pulumi_vault/get_auth_backend.py +226 -0
- pulumi_vault/get_auth_backends.py +170 -0
- pulumi_vault/get_namespace.py +226 -0
- pulumi_vault/get_namespaces.py +202 -0
- pulumi_vault/get_nomad_access_token.py +210 -0
- pulumi_vault/get_policy_document.py +160 -0
- pulumi_vault/get_raft_autopilot_state.py +267 -0
- pulumi_vault/github/__init__.py +13 -0
- pulumi_vault/github/_inputs.py +225 -0
- pulumi_vault/github/auth_backend.py +1194 -0
- pulumi_vault/github/outputs.py +174 -0
- pulumi_vault/github/team.py +380 -0
- pulumi_vault/github/user.py +380 -0
- pulumi_vault/identity/__init__.py +35 -0
- pulumi_vault/identity/entity.py +447 -0
- pulumi_vault/identity/entity_alias.py +398 -0
- pulumi_vault/identity/entity_policies.py +455 -0
- pulumi_vault/identity/get_entity.py +384 -0
- pulumi_vault/identity/get_group.py +467 -0
- pulumi_vault/identity/get_oidc_client_creds.py +175 -0
- pulumi_vault/identity/get_oidc_openid_config.py +334 -0
- pulumi_vault/identity/get_oidc_public_keys.py +179 -0
- pulumi_vault/identity/group.py +805 -0
- pulumi_vault/identity/group_alias.py +386 -0
- pulumi_vault/identity/group_member_entity_ids.py +444 -0
- pulumi_vault/identity/group_member_group_ids.py +467 -0
- pulumi_vault/identity/group_policies.py +471 -0
- pulumi_vault/identity/mfa_duo.py +674 -0
- pulumi_vault/identity/mfa_login_enforcement.py +566 -0
- pulumi_vault/identity/mfa_okta.py +626 -0
- pulumi_vault/identity/mfa_pingid.py +616 -0
- pulumi_vault/identity/mfa_totp.py +758 -0
- pulumi_vault/identity/oidc.py +268 -0
- pulumi_vault/identity/oidc_assignment.py +375 -0
- pulumi_vault/identity/oidc_client.py +667 -0
- pulumi_vault/identity/oidc_key.py +474 -0
- pulumi_vault/identity/oidc_key_allowed_client_id.py +298 -0
- pulumi_vault/identity/oidc_provider.py +550 -0
- pulumi_vault/identity/oidc_role.py +543 -0
- pulumi_vault/identity/oidc_scope.py +355 -0
- pulumi_vault/identity/outputs.py +137 -0
- pulumi_vault/jwt/__init__.py +12 -0
- pulumi_vault/jwt/_inputs.py +225 -0
- pulumi_vault/jwt/auth_backend.py +1347 -0
- pulumi_vault/jwt/auth_backend_role.py +1847 -0
- pulumi_vault/jwt/outputs.py +174 -0
- pulumi_vault/kmip/__init__.py +11 -0
- pulumi_vault/kmip/secret_backend.py +1591 -0
- pulumi_vault/kmip/secret_role.py +1194 -0
- pulumi_vault/kmip/secret_scope.py +372 -0
- pulumi_vault/kubernetes/__init__.py +15 -0
- pulumi_vault/kubernetes/auth_backend_config.py +654 -0
- pulumi_vault/kubernetes/auth_backend_role.py +1031 -0
- pulumi_vault/kubernetes/get_auth_backend_config.py +280 -0
- pulumi_vault/kubernetes/get_auth_backend_role.py +470 -0
- pulumi_vault/kubernetes/get_service_account_token.py +344 -0
- pulumi_vault/kubernetes/secret_backend.py +1341 -0
- pulumi_vault/kubernetes/secret_backend_role.py +1140 -0
- pulumi_vault/kv/__init__.py +18 -0
- pulumi_vault/kv/_inputs.py +124 -0
- pulumi_vault/kv/get_secret.py +240 -0
- pulumi_vault/kv/get_secret_subkeys_v2.py +275 -0
- pulumi_vault/kv/get_secret_v2.py +315 -0
- pulumi_vault/kv/get_secrets_list.py +186 -0
- pulumi_vault/kv/get_secrets_list_v2.py +243 -0
- pulumi_vault/kv/outputs.py +102 -0
- pulumi_vault/kv/secret.py +397 -0
- pulumi_vault/kv/secret_backend_v2.py +455 -0
- pulumi_vault/kv/secret_v2.py +970 -0
- pulumi_vault/ldap/__init__.py +19 -0
- pulumi_vault/ldap/_inputs.py +225 -0
- pulumi_vault/ldap/auth_backend.py +2520 -0
- pulumi_vault/ldap/auth_backend_group.py +386 -0
- pulumi_vault/ldap/auth_backend_user.py +439 -0
- pulumi_vault/ldap/get_dynamic_credentials.py +181 -0
- pulumi_vault/ldap/get_static_credentials.py +192 -0
- pulumi_vault/ldap/outputs.py +174 -0
- pulumi_vault/ldap/secret_backend.py +2207 -0
- pulumi_vault/ldap/secret_backend_dynamic_role.py +767 -0
- pulumi_vault/ldap/secret_backend_library_set.py +552 -0
- pulumi_vault/ldap/secret_backend_static_role.py +541 -0
- pulumi_vault/managed/__init__.py +11 -0
- pulumi_vault/managed/_inputs.py +944 -0
- pulumi_vault/managed/keys.py +398 -0
- pulumi_vault/managed/outputs.py +667 -0
- pulumi_vault/mfa_duo.py +589 -0
- pulumi_vault/mfa_okta.py +623 -0
- pulumi_vault/mfa_pingid.py +670 -0
- pulumi_vault/mfa_totp.py +620 -0
- pulumi_vault/mongodbatlas/__init__.py +10 -0
- pulumi_vault/mongodbatlas/secret_backend.py +388 -0
- pulumi_vault/mongodbatlas/secret_role.py +726 -0
- pulumi_vault/mount.py +1262 -0
- pulumi_vault/namespace.py +452 -0
- pulumi_vault/nomad_secret_backend.py +1559 -0
- pulumi_vault/nomad_secret_role.py +489 -0
- pulumi_vault/oci_auth_backend.py +676 -0
- pulumi_vault/oci_auth_backend_role.py +852 -0
- pulumi_vault/okta/__init__.py +13 -0
- pulumi_vault/okta/_inputs.py +320 -0
- pulumi_vault/okta/auth_backend.py +1231 -0
- pulumi_vault/okta/auth_backend_group.py +369 -0
- pulumi_vault/okta/auth_backend_user.py +416 -0
- pulumi_vault/okta/outputs.py +244 -0
- pulumi_vault/outputs.py +502 -0
- pulumi_vault/pkisecret/__init__.py +38 -0
- pulumi_vault/pkisecret/_inputs.py +270 -0
- pulumi_vault/pkisecret/backend_acme_eab.py +550 -0
- pulumi_vault/pkisecret/backend_config_acme.py +690 -0
- pulumi_vault/pkisecret/backend_config_auto_tidy.py +1370 -0
- pulumi_vault/pkisecret/backend_config_cluster.py +370 -0
- pulumi_vault/pkisecret/backend_config_cmpv2.py +693 -0
- pulumi_vault/pkisecret/backend_config_est.py +756 -0
- pulumi_vault/pkisecret/backend_config_scep.py +738 -0
- pulumi_vault/pkisecret/get_backend_cert_metadata.py +277 -0
- pulumi_vault/pkisecret/get_backend_config_cmpv2.py +226 -0
- pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
- pulumi_vault/pkisecret/get_backend_config_scep.py +271 -0
- pulumi_vault/pkisecret/get_backend_issuer.py +395 -0
- pulumi_vault/pkisecret/get_backend_issuers.py +192 -0
- pulumi_vault/pkisecret/get_backend_key.py +211 -0
- pulumi_vault/pkisecret/get_backend_keys.py +192 -0
- pulumi_vault/pkisecret/outputs.py +270 -0
- pulumi_vault/pkisecret/secret_backend_cert.py +1315 -0
- pulumi_vault/pkisecret/secret_backend_config_ca.py +386 -0
- pulumi_vault/pkisecret/secret_backend_config_issuers.py +392 -0
- pulumi_vault/pkisecret/secret_backend_config_urls.py +462 -0
- pulumi_vault/pkisecret/secret_backend_crl_config.py +846 -0
- pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +1629 -0
- pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +444 -0
- pulumi_vault/pkisecret/secret_backend_issuer.py +1089 -0
- pulumi_vault/pkisecret/secret_backend_key.py +613 -0
- pulumi_vault/pkisecret/secret_backend_role.py +2694 -0
- pulumi_vault/pkisecret/secret_backend_root_cert.py +2134 -0
- pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +2031 -0
- pulumi_vault/pkisecret/secret_backend_sign.py +1194 -0
- pulumi_vault/plugin.py +596 -0
- pulumi_vault/plugin_pinned_version.py +299 -0
- pulumi_vault/policy.py +279 -0
- pulumi_vault/provider.py +781 -0
- pulumi_vault/pulumi-plugin.json +5 -0
- pulumi_vault/py.typed +0 -0
- pulumi_vault/quota_lease_count.py +504 -0
- pulumi_vault/quota_rate_limit.py +751 -0
- pulumi_vault/rabbitmq/__init__.py +12 -0
- pulumi_vault/rabbitmq/_inputs.py +235 -0
- pulumi_vault/rabbitmq/outputs.py +144 -0
- pulumi_vault/rabbitmq/secret_backend.py +1437 -0
- pulumi_vault/rabbitmq/secret_backend_role.py +496 -0
- pulumi_vault/raft_autopilot.py +609 -0
- pulumi_vault/raft_snapshot_agent_config.py +1591 -0
- pulumi_vault/rgp_policy.py +349 -0
- pulumi_vault/saml/__init__.py +12 -0
- pulumi_vault/saml/_inputs.py +225 -0
- pulumi_vault/saml/auth_backend.py +811 -0
- pulumi_vault/saml/auth_backend_role.py +1068 -0
- pulumi_vault/saml/outputs.py +174 -0
- pulumi_vault/scep_auth_backend_role.py +908 -0
- pulumi_vault/secrets/__init__.py +18 -0
- pulumi_vault/secrets/_inputs.py +110 -0
- pulumi_vault/secrets/outputs.py +94 -0
- pulumi_vault/secrets/sync_association.py +450 -0
- pulumi_vault/secrets/sync_aws_destination.py +780 -0
- pulumi_vault/secrets/sync_azure_destination.py +736 -0
- pulumi_vault/secrets/sync_config.py +303 -0
- pulumi_vault/secrets/sync_gcp_destination.py +572 -0
- pulumi_vault/secrets/sync_gh_destination.py +688 -0
- pulumi_vault/secrets/sync_github_apps.py +376 -0
- pulumi_vault/secrets/sync_vercel_destination.py +603 -0
- pulumi_vault/ssh/__init__.py +13 -0
- pulumi_vault/ssh/_inputs.py +76 -0
- pulumi_vault/ssh/get_secret_backend_sign.py +294 -0
- pulumi_vault/ssh/outputs.py +51 -0
- pulumi_vault/ssh/secret_backend_ca.py +588 -0
- pulumi_vault/ssh/secret_backend_role.py +1493 -0
- pulumi_vault/terraformcloud/__init__.py +11 -0
- pulumi_vault/terraformcloud/secret_backend.py +1321 -0
- pulumi_vault/terraformcloud/secret_creds.py +445 -0
- pulumi_vault/terraformcloud/secret_role.py +563 -0
- pulumi_vault/token.py +1026 -0
- pulumi_vault/tokenauth/__init__.py +9 -0
- pulumi_vault/tokenauth/auth_backend_role.py +1135 -0
- pulumi_vault/transform/__init__.py +14 -0
- pulumi_vault/transform/alphabet.py +348 -0
- pulumi_vault/transform/get_decode.py +287 -0
- pulumi_vault/transform/get_encode.py +291 -0
- pulumi_vault/transform/role.py +350 -0
- pulumi_vault/transform/template.py +592 -0
- pulumi_vault/transform/transformation.py +608 -0
- pulumi_vault/transit/__init__.py +15 -0
- pulumi_vault/transit/get_cmac.py +256 -0
- pulumi_vault/transit/get_decrypt.py +181 -0
- pulumi_vault/transit/get_encrypt.py +174 -0
- pulumi_vault/transit/get_sign.py +328 -0
- pulumi_vault/transit/get_verify.py +373 -0
- pulumi_vault/transit/secret_backend_key.py +1202 -0
- pulumi_vault/transit/secret_cache_config.py +302 -0
- pulumi_vault-7.6.0a1764657486.dist-info/METADATA +92 -0
- pulumi_vault-7.6.0a1764657486.dist-info/RECORD +274 -0
- pulumi_vault-7.6.0a1764657486.dist-info/WHEEL +5 -0
- pulumi_vault-7.6.0a1764657486.dist-info/top_level.txt +1 -0
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
# coding=utf-8
|
|
2
|
+
# *** WARNING: this file was generated by pulumi-language-python. ***
|
|
3
|
+
# *** Do not edit by hand unless you're certain you know what you are doing! ***
|
|
4
|
+
|
|
5
|
+
import builtins as _builtins
|
|
6
|
+
from .. import _utilities
|
|
7
|
+
import typing
|
|
8
|
+
# Export this package's modules as members:
|
|
9
|
+
from .get_secret import *
|
|
10
|
+
from .get_secret_subkeys_v2 import *
|
|
11
|
+
from .get_secret_v2 import *
|
|
12
|
+
from .get_secrets_list import *
|
|
13
|
+
from .get_secrets_list_v2 import *
|
|
14
|
+
from .secret import *
|
|
15
|
+
from .secret_backend_v2 import *
|
|
16
|
+
from .secret_v2 import *
|
|
17
|
+
from ._inputs import *
|
|
18
|
+
from . import outputs
|
|
@@ -0,0 +1,124 @@
|
|
|
1
|
+
# coding=utf-8
|
|
2
|
+
# *** WARNING: this file was generated by pulumi-language-python. ***
|
|
3
|
+
# *** Do not edit by hand unless you're certain you know what you are doing! ***
|
|
4
|
+
|
|
5
|
+
import builtins as _builtins
|
|
6
|
+
import warnings
|
|
7
|
+
import sys
|
|
8
|
+
import pulumi
|
|
9
|
+
import pulumi.runtime
|
|
10
|
+
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
|
11
|
+
if sys.version_info >= (3, 11):
|
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
|
13
|
+
else:
|
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
|
15
|
+
from .. import _utilities
|
|
16
|
+
|
|
17
|
+
__all__ = [
|
|
18
|
+
'SecretV2CustomMetadataArgs',
|
|
19
|
+
'SecretV2CustomMetadataArgsDict',
|
|
20
|
+
]
|
|
21
|
+
|
|
22
|
+
MYPY = False
|
|
23
|
+
|
|
24
|
+
if not MYPY:
|
|
25
|
+
class SecretV2CustomMetadataArgsDict(TypedDict):
|
|
26
|
+
cas_required: NotRequired[pulumi.Input[_builtins.bool]]
|
|
27
|
+
"""
|
|
28
|
+
If true, all keys will require the cas parameter to be set on all write requests.
|
|
29
|
+
"""
|
|
30
|
+
data: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]]
|
|
31
|
+
"""
|
|
32
|
+
**Deprecated. Please use new ephemeral resource `kv.SecretV2` to read back
|
|
33
|
+
secret data from Vault**. A mapping whose keys are the top-level data keys returned from
|
|
34
|
+
Vault and whose values are the corresponding values. This map can only represent string data,
|
|
35
|
+
so any non-string values returned from Vault are serialized as JSON.
|
|
36
|
+
"""
|
|
37
|
+
delete_version_after: NotRequired[pulumi.Input[_builtins.int]]
|
|
38
|
+
"""
|
|
39
|
+
If set, specifies the length of time before a version is deleted.
|
|
40
|
+
"""
|
|
41
|
+
max_versions: NotRequired[pulumi.Input[_builtins.int]]
|
|
42
|
+
"""
|
|
43
|
+
The number of versions to keep per key.
|
|
44
|
+
"""
|
|
45
|
+
elif False:
|
|
46
|
+
SecretV2CustomMetadataArgsDict: TypeAlias = Mapping[str, Any]
|
|
47
|
+
|
|
48
|
+
@pulumi.input_type
|
|
49
|
+
class SecretV2CustomMetadataArgs:
|
|
50
|
+
def __init__(__self__, *,
|
|
51
|
+
cas_required: Optional[pulumi.Input[_builtins.bool]] = None,
|
|
52
|
+
data: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]] = None,
|
|
53
|
+
delete_version_after: Optional[pulumi.Input[_builtins.int]] = None,
|
|
54
|
+
max_versions: Optional[pulumi.Input[_builtins.int]] = None):
|
|
55
|
+
"""
|
|
56
|
+
:param pulumi.Input[_builtins.bool] cas_required: If true, all keys will require the cas parameter to be set on all write requests.
|
|
57
|
+
:param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] data: **Deprecated. Please use new ephemeral resource `kv.SecretV2` to read back
|
|
58
|
+
secret data from Vault**. A mapping whose keys are the top-level data keys returned from
|
|
59
|
+
Vault and whose values are the corresponding values. This map can only represent string data,
|
|
60
|
+
so any non-string values returned from Vault are serialized as JSON.
|
|
61
|
+
:param pulumi.Input[_builtins.int] delete_version_after: If set, specifies the length of time before a version is deleted.
|
|
62
|
+
:param pulumi.Input[_builtins.int] max_versions: The number of versions to keep per key.
|
|
63
|
+
"""
|
|
64
|
+
if cas_required is not None:
|
|
65
|
+
pulumi.set(__self__, "cas_required", cas_required)
|
|
66
|
+
if data is not None:
|
|
67
|
+
pulumi.set(__self__, "data", data)
|
|
68
|
+
if delete_version_after is not None:
|
|
69
|
+
pulumi.set(__self__, "delete_version_after", delete_version_after)
|
|
70
|
+
if max_versions is not None:
|
|
71
|
+
pulumi.set(__self__, "max_versions", max_versions)
|
|
72
|
+
|
|
73
|
+
@_builtins.property
|
|
74
|
+
@pulumi.getter(name="casRequired")
|
|
75
|
+
def cas_required(self) -> Optional[pulumi.Input[_builtins.bool]]:
|
|
76
|
+
"""
|
|
77
|
+
If true, all keys will require the cas parameter to be set on all write requests.
|
|
78
|
+
"""
|
|
79
|
+
return pulumi.get(self, "cas_required")
|
|
80
|
+
|
|
81
|
+
@cas_required.setter
|
|
82
|
+
def cas_required(self, value: Optional[pulumi.Input[_builtins.bool]]):
|
|
83
|
+
pulumi.set(self, "cas_required", value)
|
|
84
|
+
|
|
85
|
+
@_builtins.property
|
|
86
|
+
@pulumi.getter
|
|
87
|
+
def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]]:
|
|
88
|
+
"""
|
|
89
|
+
**Deprecated. Please use new ephemeral resource `kv.SecretV2` to read back
|
|
90
|
+
secret data from Vault**. A mapping whose keys are the top-level data keys returned from
|
|
91
|
+
Vault and whose values are the corresponding values. This map can only represent string data,
|
|
92
|
+
so any non-string values returned from Vault are serialized as JSON.
|
|
93
|
+
"""
|
|
94
|
+
return pulumi.get(self, "data")
|
|
95
|
+
|
|
96
|
+
@data.setter
|
|
97
|
+
def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]]):
|
|
98
|
+
pulumi.set(self, "data", value)
|
|
99
|
+
|
|
100
|
+
@_builtins.property
|
|
101
|
+
@pulumi.getter(name="deleteVersionAfter")
|
|
102
|
+
def delete_version_after(self) -> Optional[pulumi.Input[_builtins.int]]:
|
|
103
|
+
"""
|
|
104
|
+
If set, specifies the length of time before a version is deleted.
|
|
105
|
+
"""
|
|
106
|
+
return pulumi.get(self, "delete_version_after")
|
|
107
|
+
|
|
108
|
+
@delete_version_after.setter
|
|
109
|
+
def delete_version_after(self, value: Optional[pulumi.Input[_builtins.int]]):
|
|
110
|
+
pulumi.set(self, "delete_version_after", value)
|
|
111
|
+
|
|
112
|
+
@_builtins.property
|
|
113
|
+
@pulumi.getter(name="maxVersions")
|
|
114
|
+
def max_versions(self) -> Optional[pulumi.Input[_builtins.int]]:
|
|
115
|
+
"""
|
|
116
|
+
The number of versions to keep per key.
|
|
117
|
+
"""
|
|
118
|
+
return pulumi.get(self, "max_versions")
|
|
119
|
+
|
|
120
|
+
@max_versions.setter
|
|
121
|
+
def max_versions(self, value: Optional[pulumi.Input[_builtins.int]]):
|
|
122
|
+
pulumi.set(self, "max_versions", value)
|
|
123
|
+
|
|
124
|
+
|
|
@@ -0,0 +1,240 @@
|
|
|
1
|
+
# coding=utf-8
|
|
2
|
+
# *** WARNING: this file was generated by pulumi-language-python. ***
|
|
3
|
+
# *** Do not edit by hand unless you're certain you know what you are doing! ***
|
|
4
|
+
|
|
5
|
+
import builtins as _builtins
|
|
6
|
+
import warnings
|
|
7
|
+
import sys
|
|
8
|
+
import pulumi
|
|
9
|
+
import pulumi.runtime
|
|
10
|
+
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
|
11
|
+
if sys.version_info >= (3, 11):
|
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
|
13
|
+
else:
|
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
|
15
|
+
from .. import _utilities
|
|
16
|
+
|
|
17
|
+
__all__ = [
|
|
18
|
+
'GetSecretResult',
|
|
19
|
+
'AwaitableGetSecretResult',
|
|
20
|
+
'get_secret',
|
|
21
|
+
'get_secret_output',
|
|
22
|
+
]
|
|
23
|
+
|
|
24
|
+
@pulumi.output_type
|
|
25
|
+
class GetSecretResult:
|
|
26
|
+
"""
|
|
27
|
+
A collection of values returned by getSecret.
|
|
28
|
+
"""
|
|
29
|
+
def __init__(__self__, data=None, data_json=None, id=None, lease_duration=None, lease_id=None, lease_renewable=None, namespace=None, path=None):
|
|
30
|
+
if data and not isinstance(data, dict):
|
|
31
|
+
raise TypeError("Expected argument 'data' to be a dict")
|
|
32
|
+
pulumi.set(__self__, "data", data)
|
|
33
|
+
if data_json and not isinstance(data_json, str):
|
|
34
|
+
raise TypeError("Expected argument 'data_json' to be a str")
|
|
35
|
+
pulumi.set(__self__, "data_json", data_json)
|
|
36
|
+
if id and not isinstance(id, str):
|
|
37
|
+
raise TypeError("Expected argument 'id' to be a str")
|
|
38
|
+
pulumi.set(__self__, "id", id)
|
|
39
|
+
if lease_duration and not isinstance(lease_duration, int):
|
|
40
|
+
raise TypeError("Expected argument 'lease_duration' to be a int")
|
|
41
|
+
pulumi.set(__self__, "lease_duration", lease_duration)
|
|
42
|
+
if lease_id and not isinstance(lease_id, str):
|
|
43
|
+
raise TypeError("Expected argument 'lease_id' to be a str")
|
|
44
|
+
pulumi.set(__self__, "lease_id", lease_id)
|
|
45
|
+
if lease_renewable and not isinstance(lease_renewable, bool):
|
|
46
|
+
raise TypeError("Expected argument 'lease_renewable' to be a bool")
|
|
47
|
+
pulumi.set(__self__, "lease_renewable", lease_renewable)
|
|
48
|
+
if namespace and not isinstance(namespace, str):
|
|
49
|
+
raise TypeError("Expected argument 'namespace' to be a str")
|
|
50
|
+
pulumi.set(__self__, "namespace", namespace)
|
|
51
|
+
if path and not isinstance(path, str):
|
|
52
|
+
raise TypeError("Expected argument 'path' to be a str")
|
|
53
|
+
pulumi.set(__self__, "path", path)
|
|
54
|
+
|
|
55
|
+
@_builtins.property
|
|
56
|
+
@pulumi.getter
|
|
57
|
+
def data(self) -> Mapping[str, _builtins.str]:
|
|
58
|
+
"""
|
|
59
|
+
A mapping whose keys are the top-level data keys returned from
|
|
60
|
+
Vault and whose values are the corresponding values. This map can only
|
|
61
|
+
represent string data, so any non-string values returned from Vault are
|
|
62
|
+
serialized as JSON.
|
|
63
|
+
"""
|
|
64
|
+
return pulumi.get(self, "data")
|
|
65
|
+
|
|
66
|
+
@_builtins.property
|
|
67
|
+
@pulumi.getter(name="dataJson")
|
|
68
|
+
def data_json(self) -> _builtins.str:
|
|
69
|
+
"""
|
|
70
|
+
JSON-encoded string that that is
|
|
71
|
+
read as the secret data at the given path.
|
|
72
|
+
"""
|
|
73
|
+
return pulumi.get(self, "data_json")
|
|
74
|
+
|
|
75
|
+
@_builtins.property
|
|
76
|
+
@pulumi.getter
|
|
77
|
+
def id(self) -> _builtins.str:
|
|
78
|
+
"""
|
|
79
|
+
The provider-assigned unique ID for this managed resource.
|
|
80
|
+
"""
|
|
81
|
+
return pulumi.get(self, "id")
|
|
82
|
+
|
|
83
|
+
@_builtins.property
|
|
84
|
+
@pulumi.getter(name="leaseDuration")
|
|
85
|
+
def lease_duration(self) -> _builtins.int:
|
|
86
|
+
"""
|
|
87
|
+
The duration of the secret lease, in seconds. Once
|
|
88
|
+
this time has passed any plan generated with this data may fail to apply.
|
|
89
|
+
"""
|
|
90
|
+
return pulumi.get(self, "lease_duration")
|
|
91
|
+
|
|
92
|
+
@_builtins.property
|
|
93
|
+
@pulumi.getter(name="leaseId")
|
|
94
|
+
def lease_id(self) -> _builtins.str:
|
|
95
|
+
"""
|
|
96
|
+
The lease identifier assigned by Vault, if any.
|
|
97
|
+
"""
|
|
98
|
+
return pulumi.get(self, "lease_id")
|
|
99
|
+
|
|
100
|
+
@_builtins.property
|
|
101
|
+
@pulumi.getter(name="leaseRenewable")
|
|
102
|
+
def lease_renewable(self) -> _builtins.bool:
|
|
103
|
+
"""
|
|
104
|
+
True if the duration of this lease can be extended
|
|
105
|
+
through renewal.
|
|
106
|
+
"""
|
|
107
|
+
return pulumi.get(self, "lease_renewable")
|
|
108
|
+
|
|
109
|
+
@_builtins.property
|
|
110
|
+
@pulumi.getter
|
|
111
|
+
def namespace(self) -> Optional[_builtins.str]:
|
|
112
|
+
return pulumi.get(self, "namespace")
|
|
113
|
+
|
|
114
|
+
@_builtins.property
|
|
115
|
+
@pulumi.getter
|
|
116
|
+
def path(self) -> _builtins.str:
|
|
117
|
+
return pulumi.get(self, "path")
|
|
118
|
+
|
|
119
|
+
|
|
120
|
+
class AwaitableGetSecretResult(GetSecretResult):
|
|
121
|
+
# pylint: disable=using-constant-test
|
|
122
|
+
def __await__(self):
|
|
123
|
+
if False:
|
|
124
|
+
yield self
|
|
125
|
+
return GetSecretResult(
|
|
126
|
+
data=self.data,
|
|
127
|
+
data_json=self.data_json,
|
|
128
|
+
id=self.id,
|
|
129
|
+
lease_duration=self.lease_duration,
|
|
130
|
+
lease_id=self.lease_id,
|
|
131
|
+
lease_renewable=self.lease_renewable,
|
|
132
|
+
namespace=self.namespace,
|
|
133
|
+
path=self.path)
|
|
134
|
+
|
|
135
|
+
|
|
136
|
+
def get_secret(namespace: Optional[_builtins.str] = None,
|
|
137
|
+
path: Optional[_builtins.str] = None,
|
|
138
|
+
opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetSecretResult:
|
|
139
|
+
"""
|
|
140
|
+
## Example Usage
|
|
141
|
+
|
|
142
|
+
```python
|
|
143
|
+
import pulumi
|
|
144
|
+
import json
|
|
145
|
+
import pulumi_vault as vault
|
|
146
|
+
|
|
147
|
+
kvv1 = vault.Mount("kvv1",
|
|
148
|
+
path="kvv1",
|
|
149
|
+
type="kv",
|
|
150
|
+
options={
|
|
151
|
+
"version": "1",
|
|
152
|
+
},
|
|
153
|
+
description="KV Version 1 secret engine mount")
|
|
154
|
+
secret = vault.kv.Secret("secret",
|
|
155
|
+
path=kvv1.path.apply(lambda path: f"{path}/secret"),
|
|
156
|
+
data_json=json.dumps({
|
|
157
|
+
"zip": "zap",
|
|
158
|
+
"foo": "bar",
|
|
159
|
+
}))
|
|
160
|
+
secret_data = vault.kv.get_secret_output(path=secret.path)
|
|
161
|
+
```
|
|
162
|
+
|
|
163
|
+
## Required Vault Capabilities
|
|
164
|
+
|
|
165
|
+
Use of this resource requires the `read` capability on the given path.
|
|
166
|
+
|
|
167
|
+
|
|
168
|
+
:param _builtins.str namespace: The namespace of the target resource.
|
|
169
|
+
The value should not contain leading or trailing forward slashes.
|
|
170
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
|
171
|
+
*Available only for Vault Enterprise*.
|
|
172
|
+
:param _builtins.str path: Full path of the KV-V1 secret.
|
|
173
|
+
"""
|
|
174
|
+
__args__ = dict()
|
|
175
|
+
__args__['namespace'] = namespace
|
|
176
|
+
__args__['path'] = path
|
|
177
|
+
opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
|
|
178
|
+
__ret__ = pulumi.runtime.invoke('vault:kv/getSecret:getSecret', __args__, opts=opts, typ=GetSecretResult).value
|
|
179
|
+
|
|
180
|
+
return AwaitableGetSecretResult(
|
|
181
|
+
data=pulumi.get(__ret__, 'data'),
|
|
182
|
+
data_json=pulumi.get(__ret__, 'data_json'),
|
|
183
|
+
id=pulumi.get(__ret__, 'id'),
|
|
184
|
+
lease_duration=pulumi.get(__ret__, 'lease_duration'),
|
|
185
|
+
lease_id=pulumi.get(__ret__, 'lease_id'),
|
|
186
|
+
lease_renewable=pulumi.get(__ret__, 'lease_renewable'),
|
|
187
|
+
namespace=pulumi.get(__ret__, 'namespace'),
|
|
188
|
+
path=pulumi.get(__ret__, 'path'))
|
|
189
|
+
def get_secret_output(namespace: Optional[pulumi.Input[Optional[_builtins.str]]] = None,
|
|
190
|
+
path: Optional[pulumi.Input[_builtins.str]] = None,
|
|
191
|
+
opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetSecretResult]:
|
|
192
|
+
"""
|
|
193
|
+
## Example Usage
|
|
194
|
+
|
|
195
|
+
```python
|
|
196
|
+
import pulumi
|
|
197
|
+
import json
|
|
198
|
+
import pulumi_vault as vault
|
|
199
|
+
|
|
200
|
+
kvv1 = vault.Mount("kvv1",
|
|
201
|
+
path="kvv1",
|
|
202
|
+
type="kv",
|
|
203
|
+
options={
|
|
204
|
+
"version": "1",
|
|
205
|
+
},
|
|
206
|
+
description="KV Version 1 secret engine mount")
|
|
207
|
+
secret = vault.kv.Secret("secret",
|
|
208
|
+
path=kvv1.path.apply(lambda path: f"{path}/secret"),
|
|
209
|
+
data_json=json.dumps({
|
|
210
|
+
"zip": "zap",
|
|
211
|
+
"foo": "bar",
|
|
212
|
+
}))
|
|
213
|
+
secret_data = vault.kv.get_secret_output(path=secret.path)
|
|
214
|
+
```
|
|
215
|
+
|
|
216
|
+
## Required Vault Capabilities
|
|
217
|
+
|
|
218
|
+
Use of this resource requires the `read` capability on the given path.
|
|
219
|
+
|
|
220
|
+
|
|
221
|
+
:param _builtins.str namespace: The namespace of the target resource.
|
|
222
|
+
The value should not contain leading or trailing forward slashes.
|
|
223
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
|
224
|
+
*Available only for Vault Enterprise*.
|
|
225
|
+
:param _builtins.str path: Full path of the KV-V1 secret.
|
|
226
|
+
"""
|
|
227
|
+
__args__ = dict()
|
|
228
|
+
__args__['namespace'] = namespace
|
|
229
|
+
__args__['path'] = path
|
|
230
|
+
opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
|
|
231
|
+
__ret__ = pulumi.runtime.invoke_output('vault:kv/getSecret:getSecret', __args__, opts=opts, typ=GetSecretResult)
|
|
232
|
+
return __ret__.apply(lambda __response__: GetSecretResult(
|
|
233
|
+
data=pulumi.get(__response__, 'data'),
|
|
234
|
+
data_json=pulumi.get(__response__, 'data_json'),
|
|
235
|
+
id=pulumi.get(__response__, 'id'),
|
|
236
|
+
lease_duration=pulumi.get(__response__, 'lease_duration'),
|
|
237
|
+
lease_id=pulumi.get(__response__, 'lease_id'),
|
|
238
|
+
lease_renewable=pulumi.get(__response__, 'lease_renewable'),
|
|
239
|
+
namespace=pulumi.get(__response__, 'namespace'),
|
|
240
|
+
path=pulumi.get(__response__, 'path')))
|
|
@@ -0,0 +1,275 @@
|
|
|
1
|
+
# coding=utf-8
|
|
2
|
+
# *** WARNING: this file was generated by pulumi-language-python. ***
|
|
3
|
+
# *** Do not edit by hand unless you're certain you know what you are doing! ***
|
|
4
|
+
|
|
5
|
+
import builtins as _builtins
|
|
6
|
+
import warnings
|
|
7
|
+
import sys
|
|
8
|
+
import pulumi
|
|
9
|
+
import pulumi.runtime
|
|
10
|
+
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
|
11
|
+
if sys.version_info >= (3, 11):
|
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
|
13
|
+
else:
|
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
|
15
|
+
from .. import _utilities
|
|
16
|
+
|
|
17
|
+
__all__ = [
|
|
18
|
+
'GetSecretSubkeysV2Result',
|
|
19
|
+
'AwaitableGetSecretSubkeysV2Result',
|
|
20
|
+
'get_secret_subkeys_v2',
|
|
21
|
+
'get_secret_subkeys_v2_output',
|
|
22
|
+
]
|
|
23
|
+
|
|
24
|
+
@pulumi.output_type
|
|
25
|
+
class GetSecretSubkeysV2Result:
|
|
26
|
+
"""
|
|
27
|
+
A collection of values returned by getSecretSubkeysV2.
|
|
28
|
+
"""
|
|
29
|
+
def __init__(__self__, data=None, data_json=None, depth=None, id=None, mount=None, name=None, namespace=None, path=None, version=None):
|
|
30
|
+
if data and not isinstance(data, dict):
|
|
31
|
+
raise TypeError("Expected argument 'data' to be a dict")
|
|
32
|
+
pulumi.set(__self__, "data", data)
|
|
33
|
+
if data_json and not isinstance(data_json, str):
|
|
34
|
+
raise TypeError("Expected argument 'data_json' to be a str")
|
|
35
|
+
pulumi.set(__self__, "data_json", data_json)
|
|
36
|
+
if depth and not isinstance(depth, int):
|
|
37
|
+
raise TypeError("Expected argument 'depth' to be a int")
|
|
38
|
+
pulumi.set(__self__, "depth", depth)
|
|
39
|
+
if id and not isinstance(id, str):
|
|
40
|
+
raise TypeError("Expected argument 'id' to be a str")
|
|
41
|
+
pulumi.set(__self__, "id", id)
|
|
42
|
+
if mount and not isinstance(mount, str):
|
|
43
|
+
raise TypeError("Expected argument 'mount' to be a str")
|
|
44
|
+
pulumi.set(__self__, "mount", mount)
|
|
45
|
+
if name and not isinstance(name, str):
|
|
46
|
+
raise TypeError("Expected argument 'name' to be a str")
|
|
47
|
+
pulumi.set(__self__, "name", name)
|
|
48
|
+
if namespace and not isinstance(namespace, str):
|
|
49
|
+
raise TypeError("Expected argument 'namespace' to be a str")
|
|
50
|
+
pulumi.set(__self__, "namespace", namespace)
|
|
51
|
+
if path and not isinstance(path, str):
|
|
52
|
+
raise TypeError("Expected argument 'path' to be a str")
|
|
53
|
+
pulumi.set(__self__, "path", path)
|
|
54
|
+
if version and not isinstance(version, int):
|
|
55
|
+
raise TypeError("Expected argument 'version' to be a int")
|
|
56
|
+
pulumi.set(__self__, "version", version)
|
|
57
|
+
|
|
58
|
+
@_builtins.property
|
|
59
|
+
@pulumi.getter
|
|
60
|
+
def data(self) -> Mapping[str, _builtins.str]:
|
|
61
|
+
"""
|
|
62
|
+
Subkeys for the KV-V2 secret stored as a serialized map of strings.
|
|
63
|
+
"""
|
|
64
|
+
return pulumi.get(self, "data")
|
|
65
|
+
|
|
66
|
+
@_builtins.property
|
|
67
|
+
@pulumi.getter(name="dataJson")
|
|
68
|
+
def data_json(self) -> _builtins.str:
|
|
69
|
+
"""
|
|
70
|
+
Subkeys for the KV-V2 secret read from Vault.
|
|
71
|
+
"""
|
|
72
|
+
return pulumi.get(self, "data_json")
|
|
73
|
+
|
|
74
|
+
@_builtins.property
|
|
75
|
+
@pulumi.getter
|
|
76
|
+
def depth(self) -> Optional[_builtins.int]:
|
|
77
|
+
return pulumi.get(self, "depth")
|
|
78
|
+
|
|
79
|
+
@_builtins.property
|
|
80
|
+
@pulumi.getter
|
|
81
|
+
def id(self) -> _builtins.str:
|
|
82
|
+
"""
|
|
83
|
+
The provider-assigned unique ID for this managed resource.
|
|
84
|
+
"""
|
|
85
|
+
return pulumi.get(self, "id")
|
|
86
|
+
|
|
87
|
+
@_builtins.property
|
|
88
|
+
@pulumi.getter
|
|
89
|
+
def mount(self) -> _builtins.str:
|
|
90
|
+
return pulumi.get(self, "mount")
|
|
91
|
+
|
|
92
|
+
@_builtins.property
|
|
93
|
+
@pulumi.getter
|
|
94
|
+
def name(self) -> _builtins.str:
|
|
95
|
+
return pulumi.get(self, "name")
|
|
96
|
+
|
|
97
|
+
@_builtins.property
|
|
98
|
+
@pulumi.getter
|
|
99
|
+
def namespace(self) -> Optional[_builtins.str]:
|
|
100
|
+
return pulumi.get(self, "namespace")
|
|
101
|
+
|
|
102
|
+
@_builtins.property
|
|
103
|
+
@pulumi.getter
|
|
104
|
+
def path(self) -> _builtins.str:
|
|
105
|
+
"""
|
|
106
|
+
Full path where the KV-V2 secrets are listed.
|
|
107
|
+
"""
|
|
108
|
+
return pulumi.get(self, "path")
|
|
109
|
+
|
|
110
|
+
@_builtins.property
|
|
111
|
+
@pulumi.getter
|
|
112
|
+
def version(self) -> Optional[_builtins.int]:
|
|
113
|
+
return pulumi.get(self, "version")
|
|
114
|
+
|
|
115
|
+
|
|
116
|
+
class AwaitableGetSecretSubkeysV2Result(GetSecretSubkeysV2Result):
|
|
117
|
+
# pylint: disable=using-constant-test
|
|
118
|
+
def __await__(self):
|
|
119
|
+
if False:
|
|
120
|
+
yield self
|
|
121
|
+
return GetSecretSubkeysV2Result(
|
|
122
|
+
data=self.data,
|
|
123
|
+
data_json=self.data_json,
|
|
124
|
+
depth=self.depth,
|
|
125
|
+
id=self.id,
|
|
126
|
+
mount=self.mount,
|
|
127
|
+
name=self.name,
|
|
128
|
+
namespace=self.namespace,
|
|
129
|
+
path=self.path,
|
|
130
|
+
version=self.version)
|
|
131
|
+
|
|
132
|
+
|
|
133
|
+
def get_secret_subkeys_v2(depth: Optional[_builtins.int] = None,
|
|
134
|
+
mount: Optional[_builtins.str] = None,
|
|
135
|
+
name: Optional[_builtins.str] = None,
|
|
136
|
+
namespace: Optional[_builtins.str] = None,
|
|
137
|
+
version: Optional[_builtins.int] = None,
|
|
138
|
+
opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetSecretSubkeysV2Result:
|
|
139
|
+
"""
|
|
140
|
+
## Example Usage
|
|
141
|
+
|
|
142
|
+
```python
|
|
143
|
+
import pulumi
|
|
144
|
+
import json
|
|
145
|
+
import pulumi_vault as vault
|
|
146
|
+
|
|
147
|
+
kvv2 = vault.Mount("kvv2",
|
|
148
|
+
path="kvv2",
|
|
149
|
+
type="kv",
|
|
150
|
+
options={
|
|
151
|
+
"version": "2",
|
|
152
|
+
},
|
|
153
|
+
description="KV Version 2 secret engine mount")
|
|
154
|
+
aws_secret = vault.kv.SecretV2("aws_secret",
|
|
155
|
+
mount=kvv2.path,
|
|
156
|
+
name="aws_secret",
|
|
157
|
+
data_json=json.dumps({
|
|
158
|
+
"zip": "zap",
|
|
159
|
+
"foo": "bar",
|
|
160
|
+
}))
|
|
161
|
+
test = vault.kv.get_secret_subkeys_v2_output(mount=kvv2.path,
|
|
162
|
+
name=aws_secret.name)
|
|
163
|
+
```
|
|
164
|
+
|
|
165
|
+
## Required Vault Capabilities
|
|
166
|
+
|
|
167
|
+
Use of this resource requires the `read` capability on the given path.
|
|
168
|
+
|
|
169
|
+
|
|
170
|
+
:param _builtins.int depth: Specifies the deepest nesting level to provide in the output.
|
|
171
|
+
If non-zero, keys that reside at the specified depth value will be
|
|
172
|
+
artificially treated as leaves and will thus be `null` even if further
|
|
173
|
+
underlying sub-keys exist.
|
|
174
|
+
:param _builtins.str mount: Path where KV-V2 engine is mounted.
|
|
175
|
+
:param _builtins.str name: Full name of the secret. For a nested secret
|
|
176
|
+
the name is the nested path excluding the mount and data
|
|
177
|
+
prefix. For example, for a secret at `kvv2/data/foo/bar/baz`
|
|
178
|
+
the name is `foo/bar/baz`.
|
|
179
|
+
:param _builtins.str namespace: The namespace of the target resource.
|
|
180
|
+
The value should not contain leading or trailing forward slashes.
|
|
181
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
|
182
|
+
*Available only for Vault Enterprise*.
|
|
183
|
+
:param _builtins.int version: Specifies the version to return. If not
|
|
184
|
+
set the latest version is returned.
|
|
185
|
+
"""
|
|
186
|
+
__args__ = dict()
|
|
187
|
+
__args__['depth'] = depth
|
|
188
|
+
__args__['mount'] = mount
|
|
189
|
+
__args__['name'] = name
|
|
190
|
+
__args__['namespace'] = namespace
|
|
191
|
+
__args__['version'] = version
|
|
192
|
+
opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
|
|
193
|
+
__ret__ = pulumi.runtime.invoke('vault:kv/getSecretSubkeysV2:getSecretSubkeysV2', __args__, opts=opts, typ=GetSecretSubkeysV2Result).value
|
|
194
|
+
|
|
195
|
+
return AwaitableGetSecretSubkeysV2Result(
|
|
196
|
+
data=pulumi.get(__ret__, 'data'),
|
|
197
|
+
data_json=pulumi.get(__ret__, 'data_json'),
|
|
198
|
+
depth=pulumi.get(__ret__, 'depth'),
|
|
199
|
+
id=pulumi.get(__ret__, 'id'),
|
|
200
|
+
mount=pulumi.get(__ret__, 'mount'),
|
|
201
|
+
name=pulumi.get(__ret__, 'name'),
|
|
202
|
+
namespace=pulumi.get(__ret__, 'namespace'),
|
|
203
|
+
path=pulumi.get(__ret__, 'path'),
|
|
204
|
+
version=pulumi.get(__ret__, 'version'))
|
|
205
|
+
def get_secret_subkeys_v2_output(depth: Optional[pulumi.Input[Optional[_builtins.int]]] = None,
|
|
206
|
+
mount: Optional[pulumi.Input[_builtins.str]] = None,
|
|
207
|
+
name: Optional[pulumi.Input[_builtins.str]] = None,
|
|
208
|
+
namespace: Optional[pulumi.Input[Optional[_builtins.str]]] = None,
|
|
209
|
+
version: Optional[pulumi.Input[Optional[_builtins.int]]] = None,
|
|
210
|
+
opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetSecretSubkeysV2Result]:
|
|
211
|
+
"""
|
|
212
|
+
## Example Usage
|
|
213
|
+
|
|
214
|
+
```python
|
|
215
|
+
import pulumi
|
|
216
|
+
import json
|
|
217
|
+
import pulumi_vault as vault
|
|
218
|
+
|
|
219
|
+
kvv2 = vault.Mount("kvv2",
|
|
220
|
+
path="kvv2",
|
|
221
|
+
type="kv",
|
|
222
|
+
options={
|
|
223
|
+
"version": "2",
|
|
224
|
+
},
|
|
225
|
+
description="KV Version 2 secret engine mount")
|
|
226
|
+
aws_secret = vault.kv.SecretV2("aws_secret",
|
|
227
|
+
mount=kvv2.path,
|
|
228
|
+
name="aws_secret",
|
|
229
|
+
data_json=json.dumps({
|
|
230
|
+
"zip": "zap",
|
|
231
|
+
"foo": "bar",
|
|
232
|
+
}))
|
|
233
|
+
test = vault.kv.get_secret_subkeys_v2_output(mount=kvv2.path,
|
|
234
|
+
name=aws_secret.name)
|
|
235
|
+
```
|
|
236
|
+
|
|
237
|
+
## Required Vault Capabilities
|
|
238
|
+
|
|
239
|
+
Use of this resource requires the `read` capability on the given path.
|
|
240
|
+
|
|
241
|
+
|
|
242
|
+
:param _builtins.int depth: Specifies the deepest nesting level to provide in the output.
|
|
243
|
+
If non-zero, keys that reside at the specified depth value will be
|
|
244
|
+
artificially treated as leaves and will thus be `null` even if further
|
|
245
|
+
underlying sub-keys exist.
|
|
246
|
+
:param _builtins.str mount: Path where KV-V2 engine is mounted.
|
|
247
|
+
:param _builtins.str name: Full name of the secret. For a nested secret
|
|
248
|
+
the name is the nested path excluding the mount and data
|
|
249
|
+
prefix. For example, for a secret at `kvv2/data/foo/bar/baz`
|
|
250
|
+
the name is `foo/bar/baz`.
|
|
251
|
+
:param _builtins.str namespace: The namespace of the target resource.
|
|
252
|
+
The value should not contain leading or trailing forward slashes.
|
|
253
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
|
254
|
+
*Available only for Vault Enterprise*.
|
|
255
|
+
:param _builtins.int version: Specifies the version to return. If not
|
|
256
|
+
set the latest version is returned.
|
|
257
|
+
"""
|
|
258
|
+
__args__ = dict()
|
|
259
|
+
__args__['depth'] = depth
|
|
260
|
+
__args__['mount'] = mount
|
|
261
|
+
__args__['name'] = name
|
|
262
|
+
__args__['namespace'] = namespace
|
|
263
|
+
__args__['version'] = version
|
|
264
|
+
opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
|
|
265
|
+
__ret__ = pulumi.runtime.invoke_output('vault:kv/getSecretSubkeysV2:getSecretSubkeysV2', __args__, opts=opts, typ=GetSecretSubkeysV2Result)
|
|
266
|
+
return __ret__.apply(lambda __response__: GetSecretSubkeysV2Result(
|
|
267
|
+
data=pulumi.get(__response__, 'data'),
|
|
268
|
+
data_json=pulumi.get(__response__, 'data_json'),
|
|
269
|
+
depth=pulumi.get(__response__, 'depth'),
|
|
270
|
+
id=pulumi.get(__response__, 'id'),
|
|
271
|
+
mount=pulumi.get(__response__, 'mount'),
|
|
272
|
+
name=pulumi.get(__response__, 'name'),
|
|
273
|
+
namespace=pulumi.get(__response__, 'namespace'),
|
|
274
|
+
path=pulumi.get(__response__, 'path'),
|
|
275
|
+
version=pulumi.get(__response__, 'version')))
|