pulumi-vault 7.6.0a1764657486__py3-none-any.whl

pulumi_vault/kv/get_secrets_list_v2.py

@@ -0,0 +1,243 @@
+# coding=utf-8
+# *** WARNING: this file was generated by pulumi-language-python. ***
+# *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+import builtins as _builtins
+import warnings
+import sys
+import pulumi
+import pulumi.runtime
+from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
+from .. import _utilities
+
+__all__ = [
+    'GetSecretsListV2Result',
+    'AwaitableGetSecretsListV2Result',
+    'get_secrets_list_v2',
+    'get_secrets_list_v2_output',
+]
+
+@pulumi.output_type
+class GetSecretsListV2Result:
+    """
+    A collection of values returned by getSecretsListV2.
+    """
+    def __init__(__self__, id=None, mount=None, name=None, names=None, namespace=None, path=None):
+        if id and not isinstance(id, str):
+            raise TypeError("Expected argument 'id' to be a str")
+        pulumi.set(__self__, "id", id)
+        if mount and not isinstance(mount, str):
+            raise TypeError("Expected argument 'mount' to be a str")
+        pulumi.set(__self__, "mount", mount)
+        if name and not isinstance(name, str):
+            raise TypeError("Expected argument 'name' to be a str")
+        pulumi.set(__self__, "name", name)
+        if names and not isinstance(names, list):
+            raise TypeError("Expected argument 'names' to be a list")
+        pulumi.set(__self__, "names", names)
+        if namespace and not isinstance(namespace, str):
+            raise TypeError("Expected argument 'namespace' to be a str")
+        pulumi.set(__self__, "namespace", namespace)
+        if path and not isinstance(path, str):
+            raise TypeError("Expected argument 'path' to be a str")
+        pulumi.set(__self__, "path", path)
+
+    @_builtins.property
+    @pulumi.getter
+    def id(self) -> _builtins.str:
+        """
+        The provider-assigned unique ID for this managed resource.
+        """
+        return pulumi.get(self, "id")
+
+    @_builtins.property
+    @pulumi.getter
+    def mount(self) -> _builtins.str:
+        return pulumi.get(self, "mount")
+
+    @_builtins.property
+    @pulumi.getter
+    def name(self) -> Optional[_builtins.str]:
+        return pulumi.get(self, "name")
+
+    @_builtins.property
+    @pulumi.getter
+    def names(self) -> Sequence[_builtins.str]:
+        """
+        List of all secret names listed under the given path.
+        """
+        return pulumi.get(self, "names")
+
+    @_builtins.property
+    @pulumi.getter
+    def namespace(self) -> Optional[_builtins.str]:
+        return pulumi.get(self, "namespace")
+
+    @_builtins.property
+    @pulumi.getter
+    def path(self) -> _builtins.str:
+        """
+        Full path where the KV-V2 secrets are listed.
+        """
+        return pulumi.get(self, "path")
+
+
+class AwaitableGetSecretsListV2Result(GetSecretsListV2Result):
+    # pylint: disable=using-constant-test
+    def __await__(self):
+        if False:
+            yield self
+        return GetSecretsListV2Result(
+            id=self.id,
+            mount=self.mount,
+            name=self.name,
+            names=self.names,
+            namespace=self.namespace,
+            path=self.path)
+
+
+def get_secrets_list_v2(mount: Optional[_builtins.str] = None,
+                        name: Optional[_builtins.str] = None,
+                        namespace: Optional[_builtins.str] = None,
+                        opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetSecretsListV2Result:
+    """
+    ## Example Usage
+
+    ```python
+    import pulumi
+    import json
+    import pulumi_vault as vault
+
+    kvv2 = vault.Mount("kvv2",
+        path="kvv2",
+        type="kv",
+        options={
+            "version": "2",
+        },
+        description="KV Version 2 secret engine mount")
+    aws_secret = vault.kv.SecretV2("aws_secret",
+        mount=kvv2.path,
+        name="aws_secret",
+        data_json=json.dumps({
+            "zip": "zap",
+        }))
+    azure_secret = vault.kv.SecretV2("azure_secret",
+        mount=kvv2.path,
+        name="azure_secret",
+        data_json=json.dumps({
+            "foo": "bar",
+        }))
+    nested_secret = vault.kv.SecretV2("nested_secret",
+        mount=kvv2.path,
+        name=azure_secret.name.apply(lambda name: f"{name}/dev"),
+        data_json=json.dumps({
+            "password": "test",
+        }))
+    secrets = vault.kv.get_secrets_list_v2_output(mount=kvv2.path)
+    nested_secrets = kvv2.path.apply(lambda path: vault.kv.get_secrets_list_v2_output(mount=path,
+        name=test2["name"]))
+    ```
+
+    ## Required Vault Capabilities
+
+    Use of this resource requires the `read` capability on the given path.
+
+
+    :param _builtins.str mount: Path where KV-V2 engine is mounted.
+    :param _builtins.str name: Full name of the secret. For a nested secret
+           the name is the nested path excluding the mount and data
+           prefix. For example, for a secret at `kvv2/data/foo/bar/baz`
+           the name is `foo/bar/baz`.
+    :param _builtins.str namespace: The namespace of the target resource.
+           The value should not contain leading or trailing forward slashes.
+           The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
+           *Available only for Vault Enterprise*.
+    """
+    __args__ = dict()
+    __args__['mount'] = mount
+    __args__['name'] = name
+    __args__['namespace'] = namespace
+    opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
+    __ret__ = pulumi.runtime.invoke('vault:kv/getSecretsListV2:getSecretsListV2', __args__, opts=opts, typ=GetSecretsListV2Result).value
+
+    return AwaitableGetSecretsListV2Result(
+        id=pulumi.get(__ret__, 'id'),
+        mount=pulumi.get(__ret__, 'mount'),
+        name=pulumi.get(__ret__, 'name'),
+        names=pulumi.get(__ret__, 'names'),
+        namespace=pulumi.get(__ret__, 'namespace'),
+        path=pulumi.get(__ret__, 'path'))
+def get_secrets_list_v2_output(mount: Optional[pulumi.Input[_builtins.str]] = None,
+                               name: Optional[pulumi.Input[Optional[_builtins.str]]] = None,
+                               namespace: Optional[pulumi.Input[Optional[_builtins.str]]] = None,
+                               opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetSecretsListV2Result]:
+    """
+    ## Example Usage
+
+    ```python
+    import pulumi
+    import json
+    import pulumi_vault as vault
+
+    kvv2 = vault.Mount("kvv2",
+        path="kvv2",
+        type="kv",
+        options={
+            "version": "2",
+        },
+        description="KV Version 2 secret engine mount")
+    aws_secret = vault.kv.SecretV2("aws_secret",
+        mount=kvv2.path,
+        name="aws_secret",
+        data_json=json.dumps({
+            "zip": "zap",
+        }))
+    azure_secret = vault.kv.SecretV2("azure_secret",
+        mount=kvv2.path,
+        name="azure_secret",
+        data_json=json.dumps({
+            "foo": "bar",
+        }))
+    nested_secret = vault.kv.SecretV2("nested_secret",
+        mount=kvv2.path,
+        name=azure_secret.name.apply(lambda name: f"{name}/dev"),
+        data_json=json.dumps({
+            "password": "test",
+        }))
+    secrets = vault.kv.get_secrets_list_v2_output(mount=kvv2.path)
+    nested_secrets = kvv2.path.apply(lambda path: vault.kv.get_secrets_list_v2_output(mount=path,
+        name=test2["name"]))
+    ```
+
+    ## Required Vault Capabilities
+
+    Use of this resource requires the `read` capability on the given path.
+
+
+    :param _builtins.str mount: Path where KV-V2 engine is mounted.
+    :param _builtins.str name: Full name of the secret. For a nested secret
+           the name is the nested path excluding the mount and data
+           prefix. For example, for a secret at `kvv2/data/foo/bar/baz`
+           the name is `foo/bar/baz`.
+    :param _builtins.str namespace: The namespace of the target resource.
+           The value should not contain leading or trailing forward slashes.
+           The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
+           *Available only for Vault Enterprise*.
+    """
+    __args__ = dict()
+    __args__['mount'] = mount
+    __args__['name'] = name
+    __args__['namespace'] = namespace
+    opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
+    __ret__ = pulumi.runtime.invoke_output('vault:kv/getSecretsListV2:getSecretsListV2', __args__, opts=opts, typ=GetSecretsListV2Result)
+    return __ret__.apply(lambda __response__: GetSecretsListV2Result(
+        id=pulumi.get(__response__, 'id'),
+        mount=pulumi.get(__response__, 'mount'),
+        name=pulumi.get(__response__, 'name'),
+        names=pulumi.get(__response__, 'names'),
+        namespace=pulumi.get(__response__, 'namespace'),
+        path=pulumi.get(__response__, 'path')))

pulumi_vault/kv/outputs.py

@@ -0,0 +1,102 @@
+# coding=utf-8
+# *** WARNING: this file was generated by pulumi-language-python. ***
+# *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+import builtins as _builtins
+import warnings
+import sys
+import pulumi
+import pulumi.runtime
+from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
+from .. import _utilities
+
+__all__ = [
+    'SecretV2CustomMetadata',
+]
+
+@pulumi.output_type
+class SecretV2CustomMetadata(dict):
+    @staticmethod
+    def __key_warning(key: str):
+        suggest = None
+        if key == "casRequired":
+            suggest = "cas_required"
+        elif key == "deleteVersionAfter":
+            suggest = "delete_version_after"
+        elif key == "maxVersions":
+            suggest = "max_versions"
+
+        if suggest:
+            pulumi.log.warn(f"Key '{key}' not found in SecretV2CustomMetadata. Access the value via the '{suggest}' property getter instead.")
+
+    def __getitem__(self, key: str) -> Any:
+        SecretV2CustomMetadata.__key_warning(key)
+        return super().__getitem__(key)
+
+    def get(self, key: str, default = None) -> Any:
+        SecretV2CustomMetadata.__key_warning(key)
+        return super().get(key, default)
+
+    def __init__(__self__, *,
+                 cas_required: Optional[_builtins.bool] = None,
+                 data: Optional[Mapping[str, _builtins.str]] = None,
+                 delete_version_after: Optional[_builtins.int] = None,
+                 max_versions: Optional[_builtins.int] = None):
+        """
+        :param _builtins.bool cas_required: If true, all keys will require the cas parameter to be set on all write requests.
+        :param Mapping[str, _builtins.str] data: **Deprecated. Please use new ephemeral resource `kv.SecretV2` to read back
+               secret data from Vault**. A mapping whose keys are the top-level data keys returned from
+               Vault and whose values are the corresponding values. This map can only represent string data,
+               so any non-string values returned from Vault are serialized as JSON.
+        :param _builtins.int delete_version_after: If set, specifies the length of time before a version is deleted.
+        :param _builtins.int max_versions: The number of versions to keep per key.
+        """
+        if cas_required is not None:
+            pulumi.set(__self__, "cas_required", cas_required)
+        if data is not None:
+            pulumi.set(__self__, "data", data)
+        if delete_version_after is not None:
+            pulumi.set(__self__, "delete_version_after", delete_version_after)
+        if max_versions is not None:
+            pulumi.set(__self__, "max_versions", max_versions)
+
+    @_builtins.property
+    @pulumi.getter(name="casRequired")
+    def cas_required(self) -> Optional[_builtins.bool]:
+        """
+        If true, all keys will require the cas parameter to be set on all write requests.
+        """
+        return pulumi.get(self, "cas_required")
+
+    @_builtins.property
+    @pulumi.getter
+    def data(self) -> Optional[Mapping[str, _builtins.str]]:
+        """
+        **Deprecated. Please use new ephemeral resource `kv.SecretV2` to read back
+        secret data from Vault**. A mapping whose keys are the top-level data keys returned from
+        Vault and whose values are the corresponding values. This map can only represent string data,
+        so any non-string values returned from Vault are serialized as JSON.
+        """
+        return pulumi.get(self, "data")
+
+    @_builtins.property
+    @pulumi.getter(name="deleteVersionAfter")
+    def delete_version_after(self) -> Optional[_builtins.int]:
+        """
+        If set, specifies the length of time before a version is deleted.
+        """
+        return pulumi.get(self, "delete_version_after")
+
+    @_builtins.property
+    @pulumi.getter(name="maxVersions")
+    def max_versions(self) -> Optional[_builtins.int]:
+        """
+        The number of versions to keep per key.
+        """
+        return pulumi.get(self, "max_versions")
+
+