pulumi-vault 7.6.0a1764657486__py3-none-any.whl

pulumi_vault/gcp/_inputs.py

@@ -0,0 +1,441 @@
+# coding=utf-8
+# *** WARNING: this file was generated by pulumi-language-python. ***
+# *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+import builtins as _builtins
+import warnings
+import sys
+import pulumi
+import pulumi.runtime
+from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
+from .. import _utilities
+
+__all__ = [
+    'AuthBackendCustomEndpointArgs',
+    'AuthBackendCustomEndpointArgsDict',
+    'AuthBackendTuneArgs',
+    'AuthBackendTuneArgsDict',
+    'SecretRolesetBindingArgs',
+    'SecretRolesetBindingArgsDict',
+    'SecretStaticAccountBindingArgs',
+    'SecretStaticAccountBindingArgsDict',
+]
+
+MYPY = False
+
+if not MYPY:
+    class AuthBackendCustomEndpointArgsDict(TypedDict):
+        api: NotRequired[pulumi.Input[_builtins.str]]
+        """
+        Replaces the service endpoint used in API requests to `https://www.googleapis.com`.
+        """
+        compute: NotRequired[pulumi.Input[_builtins.str]]
+        """
+        Replaces the service endpoint used in API requests to `https://compute.googleapis.com`.
+
+        The endpoint value provided for a given key has the form of `scheme://host:port`.
+        The `scheme://` and `:port` portions of the endpoint value are optional.
+        """
+        crm: NotRequired[pulumi.Input[_builtins.str]]
+        """
+        Replaces the service endpoint used in API requests to `https://cloudresourcemanager.googleapis.com`.
+        """
+        iam: NotRequired[pulumi.Input[_builtins.str]]
+        """
+        Replaces the service endpoint used in API requests to `https://iam.googleapis.com`.
+        """
+elif False:
+    AuthBackendCustomEndpointArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class AuthBackendCustomEndpointArgs:
+    def __init__(__self__, *,
+                 api: Optional[pulumi.Input[_builtins.str]] = None,
+                 compute: Optional[pulumi.Input[_builtins.str]] = None,
+                 crm: Optional[pulumi.Input[_builtins.str]] = None,
+                 iam: Optional[pulumi.Input[_builtins.str]] = None):
+        """
+        :param pulumi.Input[_builtins.str] api: Replaces the service endpoint used in API requests to `https://www.googleapis.com`.
+        :param pulumi.Input[_builtins.str] compute: Replaces the service endpoint used in API requests to `https://compute.googleapis.com`.
+               
+               The endpoint value provided for a given key has the form of `scheme://host:port`.
+               The `scheme://` and `:port` portions of the endpoint value are optional.
+        :param pulumi.Input[_builtins.str] crm: Replaces the service endpoint used in API requests to `https://cloudresourcemanager.googleapis.com`.
+        :param pulumi.Input[_builtins.str] iam: Replaces the service endpoint used in API requests to `https://iam.googleapis.com`.
+        """
+        if api is not None:
+            pulumi.set(__self__, "api", api)
+        if compute is not None:
+            pulumi.set(__self__, "compute", compute)
+        if crm is not None:
+            pulumi.set(__self__, "crm", crm)
+        if iam is not None:
+            pulumi.set(__self__, "iam", iam)
+
+    @_builtins.property
+    @pulumi.getter
+    def api(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        Replaces the service endpoint used in API requests to `https://www.googleapis.com`.
+        """
+        return pulumi.get(self, "api")
+
+    @api.setter
+    def api(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "api", value)
+
+    @_builtins.property
+    @pulumi.getter
+    def compute(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        Replaces the service endpoint used in API requests to `https://compute.googleapis.com`.
+
+        The endpoint value provided for a given key has the form of `scheme://host:port`.
+        The `scheme://` and `:port` portions of the endpoint value are optional.
+        """
+        return pulumi.get(self, "compute")
+
+    @compute.setter
+    def compute(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "compute", value)
+
+    @_builtins.property
+    @pulumi.getter
+    def crm(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        Replaces the service endpoint used in API requests to `https://cloudresourcemanager.googleapis.com`.
+        """
+        return pulumi.get(self, "crm")
+
+    @crm.setter
+    def crm(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "crm", value)
+
+    @_builtins.property
+    @pulumi.getter
+    def iam(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        Replaces the service endpoint used in API requests to `https://iam.googleapis.com`.
+        """
+        return pulumi.get(self, "iam")
+
+    @iam.setter
+    def iam(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "iam", value)
+
+
+if not MYPY:
+    class AuthBackendTuneArgsDict(TypedDict):
+        allowed_response_headers: NotRequired[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]
+        """
+        List of headers to whitelist and allowing
+        a plugin to include them in the response.
+        """
+        audit_non_hmac_request_keys: NotRequired[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]
+        """
+        Specifies the list of keys that will
+        not be HMAC'd by audit devices in the request data object.
+        """
+        audit_non_hmac_response_keys: NotRequired[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]
+        """
+        Specifies the list of keys that will
+        not be HMAC'd by audit devices in the response data object.
+        """
+        default_lease_ttl: NotRequired[pulumi.Input[_builtins.str]]
+        """
+        Specifies the default time-to-live.
+        If set, this overrides the global default.
+        Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)
+        """
+        listing_visibility: NotRequired[pulumi.Input[_builtins.str]]
+        """
+        Specifies whether to show this mount in
+        the UI-specific listing endpoint. Valid values are "unauth" or "hidden".
+        """
+        max_lease_ttl: NotRequired[pulumi.Input[_builtins.str]]
+        """
+        Specifies the maximum time-to-live.
+        If set, this overrides the global default.
+        Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)
+        """
+        passthrough_request_headers: NotRequired[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]
+        """
+        List of headers to whitelist and
+        pass from the request to the backend.
+        """
+        token_type: NotRequired[pulumi.Input[_builtins.str]]
+        """
+        Specifies the type of tokens that should be returned by
+        the mount. Valid values are "default-service", "default-batch", "service", "batch".
+
+
+        For more details on the usage of each argument consult the [Vault GCP API documentation](https://www.vaultproject.io/api-docs/auth/gcp#configure).
+        """
+elif False:
+    AuthBackendTuneArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class AuthBackendTuneArgs:
+    def __init__(__self__, *,
+                 allowed_response_headers: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 audit_non_hmac_request_keys: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 audit_non_hmac_response_keys: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 default_lease_ttl: Optional[pulumi.Input[_builtins.str]] = None,
+                 listing_visibility: Optional[pulumi.Input[_builtins.str]] = None,
+                 max_lease_ttl: Optional[pulumi.Input[_builtins.str]] = None,
+                 passthrough_request_headers: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 token_type: Optional[pulumi.Input[_builtins.str]] = None):
+        """
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] allowed_response_headers: List of headers to whitelist and allowing
+               a plugin to include them in the response.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] audit_non_hmac_request_keys: Specifies the list of keys that will
+               not be HMAC'd by audit devices in the request data object.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] audit_non_hmac_response_keys: Specifies the list of keys that will
+               not be HMAC'd by audit devices in the response data object.
+        :param pulumi.Input[_builtins.str] default_lease_ttl: Specifies the default time-to-live.
+               If set, this overrides the global default.
+               Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)
+        :param pulumi.Input[_builtins.str] listing_visibility: Specifies whether to show this mount in
+               the UI-specific listing endpoint. Valid values are "unauth" or "hidden".
+        :param pulumi.Input[_builtins.str] max_lease_ttl: Specifies the maximum time-to-live.
+               If set, this overrides the global default.
+               Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] passthrough_request_headers: List of headers to whitelist and
+               pass from the request to the backend.
+        :param pulumi.Input[_builtins.str] token_type: Specifies the type of tokens that should be returned by
+               the mount. Valid values are "default-service", "default-batch", "service", "batch".
+               
+               
+               For more details on the usage of each argument consult the [Vault GCP API documentation](https://www.vaultproject.io/api-docs/auth/gcp#configure).
+        """
+        if allowed_response_headers is not None:
+            pulumi.set(__self__, "allowed_response_headers", allowed_response_headers)
+        if audit_non_hmac_request_keys is not None:
+            pulumi.set(__self__, "audit_non_hmac_request_keys", audit_non_hmac_request_keys)
+        if audit_non_hmac_response_keys is not None:
+            pulumi.set(__self__, "audit_non_hmac_response_keys", audit_non_hmac_response_keys)
+        if default_lease_ttl is not None:
+            pulumi.set(__self__, "default_lease_ttl", default_lease_ttl)
+        if listing_visibility is not None:
+            pulumi.set(__self__, "listing_visibility", listing_visibility)
+        if max_lease_ttl is not None:
+            pulumi.set(__self__, "max_lease_ttl", max_lease_ttl)
+        if passthrough_request_headers is not None:
+            pulumi.set(__self__, "passthrough_request_headers", passthrough_request_headers)
+        if token_type is not None:
+            pulumi.set(__self__, "token_type", token_type)
+
+    @_builtins.property
+    @pulumi.getter(name="allowedResponseHeaders")
+    def allowed_response_headers(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
+        """
+        List of headers to whitelist and allowing
+        a plugin to include them in the response.
+        """
+        return pulumi.get(self, "allowed_response_headers")
+
+    @allowed_response_headers.setter
+    def allowed_response_headers(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
+        pulumi.set(self, "allowed_response_headers", value)
+
+    @_builtins.property
+    @pulumi.getter(name="auditNonHmacRequestKeys")
+    def audit_non_hmac_request_keys(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
+        """
+        Specifies the list of keys that will
+        not be HMAC'd by audit devices in the request data object.
+        """
+        return pulumi.get(self, "audit_non_hmac_request_keys")
+
+    @audit_non_hmac_request_keys.setter
+    def audit_non_hmac_request_keys(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
+        pulumi.set(self, "audit_non_hmac_request_keys", value)
+
+    @_builtins.property
+    @pulumi.getter(name="auditNonHmacResponseKeys")
+    def audit_non_hmac_response_keys(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
+        """
+        Specifies the list of keys that will
+        not be HMAC'd by audit devices in the response data object.
+        """
+        return pulumi.get(self, "audit_non_hmac_response_keys")
+
+    @audit_non_hmac_response_keys.setter
+    def audit_non_hmac_response_keys(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
+        pulumi.set(self, "audit_non_hmac_response_keys", value)
+
+    @_builtins.property
+    @pulumi.getter(name="defaultLeaseTtl")
+    def default_lease_ttl(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        Specifies the default time-to-live.
+        If set, this overrides the global default.
+        Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)
+        """
+        return pulumi.get(self, "default_lease_ttl")
+
+    @default_lease_ttl.setter
+    def default_lease_ttl(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "default_lease_ttl", value)
+
+    @_builtins.property
+    @pulumi.getter(name="listingVisibility")
+    def listing_visibility(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        Specifies whether to show this mount in
+        the UI-specific listing endpoint. Valid values are "unauth" or "hidden".
+        """
+        return pulumi.get(self, "listing_visibility")
+
+    @listing_visibility.setter
+    def listing_visibility(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "listing_visibility", value)
+
+    @_builtins.property
+    @pulumi.getter(name="maxLeaseTtl")
+    def max_lease_ttl(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        Specifies the maximum time-to-live.
+        If set, this overrides the global default.
+        Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)
+        """
+        return pulumi.get(self, "max_lease_ttl")
+
+    @max_lease_ttl.setter
+    def max_lease_ttl(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "max_lease_ttl", value)
+
+    @_builtins.property
+    @pulumi.getter(name="passthroughRequestHeaders")
+    def passthrough_request_headers(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
+        """
+        List of headers to whitelist and
+        pass from the request to the backend.
+        """
+        return pulumi.get(self, "passthrough_request_headers")
+
+    @passthrough_request_headers.setter
+    def passthrough_request_headers(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
+        pulumi.set(self, "passthrough_request_headers", value)
+
+    @_builtins.property
+    @pulumi.getter(name="tokenType")
+    def token_type(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        Specifies the type of tokens that should be returned by
+        the mount. Valid values are "default-service", "default-batch", "service", "batch".
+
+
+        For more details on the usage of each argument consult the [Vault GCP API documentation](https://www.vaultproject.io/api-docs/auth/gcp#configure).
+        """
+        return pulumi.get(self, "token_type")
+
+    @token_type.setter
+    def token_type(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "token_type", value)
+
+
+if not MYPY:
+    class SecretRolesetBindingArgsDict(TypedDict):
+        resource: pulumi.Input[_builtins.str]
+        """
+        Resource or resource path for which IAM policy information will be bound. The resource path may be specified in a few different [formats](https://www.vaultproject.io/docs/secrets/gcp/index.html#roleset-bindings).
+        """
+        roles: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]
+        """
+        List of [GCP IAM roles](https://cloud.google.com/iam/docs/understanding-roles) for the resource.
+        """
+elif False:
+    SecretRolesetBindingArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class SecretRolesetBindingArgs:
+    def __init__(__self__, *,
+                 resource: pulumi.Input[_builtins.str],
+                 roles: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]):
+        """
+        :param pulumi.Input[_builtins.str] resource: Resource or resource path for which IAM policy information will be bound. The resource path may be specified in a few different [formats](https://www.vaultproject.io/docs/secrets/gcp/index.html#roleset-bindings).
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] roles: List of [GCP IAM roles](https://cloud.google.com/iam/docs/understanding-roles) for the resource.
+        """
+        pulumi.set(__self__, "resource", resource)
+        pulumi.set(__self__, "roles", roles)
+
+    @_builtins.property
+    @pulumi.getter
+    def resource(self) -> pulumi.Input[_builtins.str]:
+        """
+        Resource or resource path for which IAM policy information will be bound. The resource path may be specified in a few different [formats](https://www.vaultproject.io/docs/secrets/gcp/index.html#roleset-bindings).
+        """
+        return pulumi.get(self, "resource")
+
+    @resource.setter
+    def resource(self, value: pulumi.Input[_builtins.str]):
+        pulumi.set(self, "resource", value)
+
+    @_builtins.property
+    @pulumi.getter
+    def roles(self) -> pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]:
+        """
+        List of [GCP IAM roles](https://cloud.google.com/iam/docs/understanding-roles) for the resource.
+        """
+        return pulumi.get(self, "roles")
+
+    @roles.setter
+    def roles(self, value: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]):
+        pulumi.set(self, "roles", value)
+
+
+if not MYPY:
+    class SecretStaticAccountBindingArgsDict(TypedDict):
+        resource: pulumi.Input[_builtins.str]
+        """
+        Resource or resource path for which IAM policy information will be bound. The resource path may be specified in a few different [formats](https://www.vaultproject.io/docs/secrets/gcp/index.html#bindings).
+        """
+        roles: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]
+        """
+        List of [GCP IAM roles](https://cloud.google.com/iam/docs/understanding-roles) for the resource.
+        """
+elif False:
+    SecretStaticAccountBindingArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class SecretStaticAccountBindingArgs:
+    def __init__(__self__, *,
+                 resource: pulumi.Input[_builtins.str],
+                 roles: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]):
+        """
+        :param pulumi.Input[_builtins.str] resource: Resource or resource path for which IAM policy information will be bound. The resource path may be specified in a few different [formats](https://www.vaultproject.io/docs/secrets/gcp/index.html#bindings).
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] roles: List of [GCP IAM roles](https://cloud.google.com/iam/docs/understanding-roles) for the resource.
+        """
+        pulumi.set(__self__, "resource", resource)
+        pulumi.set(__self__, "roles", roles)
+
+    @_builtins.property
+    @pulumi.getter
+    def resource(self) -> pulumi.Input[_builtins.str]:
+        """
+        Resource or resource path for which IAM policy information will be bound. The resource path may be specified in a few different [formats](https://www.vaultproject.io/docs/secrets/gcp/index.html#bindings).
+        """
+        return pulumi.get(self, "resource")
+
+    @resource.setter
+    def resource(self, value: pulumi.Input[_builtins.str]):
+        pulumi.set(self, "resource", value)
+
+    @_builtins.property
+    @pulumi.getter
+    def roles(self) -> pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]:
+        """
+        List of [GCP IAM roles](https://cloud.google.com/iam/docs/understanding-roles) for the resource.
+        """
+        return pulumi.get(self, "roles")
+
+    @roles.setter
+    def roles(self, value: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]):
+        pulumi.set(self, "roles", value)
+
+