pulumi-vault 7.6.0a1764657486__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_vault/__init__.py +1399 -0
- pulumi_vault/_inputs.py +2701 -0
- pulumi_vault/_utilities.py +331 -0
- pulumi_vault/ad/__init__.py +12 -0
- pulumi_vault/ad/get_access_credentials.py +177 -0
- pulumi_vault/ad/secret_backend.py +1916 -0
- pulumi_vault/ad/secret_library.py +546 -0
- pulumi_vault/ad/secret_role.py +499 -0
- pulumi_vault/alicloud/__init__.py +9 -0
- pulumi_vault/alicloud/auth_backend_role.py +866 -0
- pulumi_vault/approle/__init__.py +12 -0
- pulumi_vault/approle/auth_backend_login.py +571 -0
- pulumi_vault/approle/auth_backend_role.py +1082 -0
- pulumi_vault/approle/auth_backend_role_secret_id.py +796 -0
- pulumi_vault/approle/get_auth_backend_role_id.py +169 -0
- pulumi_vault/audit.py +499 -0
- pulumi_vault/audit_request_header.py +277 -0
- pulumi_vault/auth_backend.py +565 -0
- pulumi_vault/aws/__init__.py +22 -0
- pulumi_vault/aws/auth_backend_cert.py +420 -0
- pulumi_vault/aws/auth_backend_client.py +1259 -0
- pulumi_vault/aws/auth_backend_config_identity.py +494 -0
- pulumi_vault/aws/auth_backend_identity_whitelist.py +380 -0
- pulumi_vault/aws/auth_backend_login.py +1046 -0
- pulumi_vault/aws/auth_backend_role.py +1961 -0
- pulumi_vault/aws/auth_backend_role_tag.py +638 -0
- pulumi_vault/aws/auth_backend_roletag_blacklist.py +366 -0
- pulumi_vault/aws/auth_backend_sts_role.py +414 -0
- pulumi_vault/aws/get_access_credentials.py +369 -0
- pulumi_vault/aws/get_static_access_credentials.py +137 -0
- pulumi_vault/aws/secret_backend.py +2018 -0
- pulumi_vault/aws/secret_backend_role.py +1188 -0
- pulumi_vault/aws/secret_backend_static_role.py +639 -0
- pulumi_vault/azure/__init__.py +15 -0
- pulumi_vault/azure/_inputs.py +108 -0
- pulumi_vault/azure/auth_backend_config.py +1096 -0
- pulumi_vault/azure/auth_backend_role.py +1176 -0
- pulumi_vault/azure/backend.py +1793 -0
- pulumi_vault/azure/backend_role.py +883 -0
- pulumi_vault/azure/get_access_credentials.py +400 -0
- pulumi_vault/azure/outputs.py +107 -0
- pulumi_vault/cert_auth_backend_role.py +1539 -0
- pulumi_vault/config/__init__.py +9 -0
- pulumi_vault/config/__init__.pyi +164 -0
- pulumi_vault/config/_inputs.py +73 -0
- pulumi_vault/config/outputs.py +1225 -0
- pulumi_vault/config/ui_custom_message.py +530 -0
- pulumi_vault/config/vars.py +230 -0
- pulumi_vault/consul/__init__.py +10 -0
- pulumi_vault/consul/secret_backend.py +1517 -0
- pulumi_vault/consul/secret_backend_role.py +847 -0
- pulumi_vault/database/__init__.py +14 -0
- pulumi_vault/database/_inputs.py +11907 -0
- pulumi_vault/database/outputs.py +8496 -0
- pulumi_vault/database/secret_backend_connection.py +1676 -0
- pulumi_vault/database/secret_backend_role.py +840 -0
- pulumi_vault/database/secret_backend_static_role.py +881 -0
- pulumi_vault/database/secrets_mount.py +2160 -0
- pulumi_vault/egp_policy.py +399 -0
- pulumi_vault/gcp/__init__.py +17 -0
- pulumi_vault/gcp/_inputs.py +441 -0
- pulumi_vault/gcp/auth_backend.py +1486 -0
- pulumi_vault/gcp/auth_backend_role.py +1235 -0
- pulumi_vault/gcp/get_auth_backend_role.py +514 -0
- pulumi_vault/gcp/outputs.py +302 -0
- pulumi_vault/gcp/secret_backend.py +1807 -0
- pulumi_vault/gcp/secret_impersonated_account.py +484 -0
- pulumi_vault/gcp/secret_roleset.py +554 -0
- pulumi_vault/gcp/secret_static_account.py +557 -0
- pulumi_vault/generic/__init__.py +11 -0
- pulumi_vault/generic/endpoint.py +786 -0
- pulumi_vault/generic/get_secret.py +306 -0
- pulumi_vault/generic/secret.py +486 -0
- pulumi_vault/get_auth_backend.py +226 -0
- pulumi_vault/get_auth_backends.py +170 -0
- pulumi_vault/get_namespace.py +226 -0
- pulumi_vault/get_namespaces.py +202 -0
- pulumi_vault/get_nomad_access_token.py +210 -0
- pulumi_vault/get_policy_document.py +160 -0
- pulumi_vault/get_raft_autopilot_state.py +267 -0
- pulumi_vault/github/__init__.py +13 -0
- pulumi_vault/github/_inputs.py +225 -0
- pulumi_vault/github/auth_backend.py +1194 -0
- pulumi_vault/github/outputs.py +174 -0
- pulumi_vault/github/team.py +380 -0
- pulumi_vault/github/user.py +380 -0
- pulumi_vault/identity/__init__.py +35 -0
- pulumi_vault/identity/entity.py +447 -0
- pulumi_vault/identity/entity_alias.py +398 -0
- pulumi_vault/identity/entity_policies.py +455 -0
- pulumi_vault/identity/get_entity.py +384 -0
- pulumi_vault/identity/get_group.py +467 -0
- pulumi_vault/identity/get_oidc_client_creds.py +175 -0
- pulumi_vault/identity/get_oidc_openid_config.py +334 -0
- pulumi_vault/identity/get_oidc_public_keys.py +179 -0
- pulumi_vault/identity/group.py +805 -0
- pulumi_vault/identity/group_alias.py +386 -0
- pulumi_vault/identity/group_member_entity_ids.py +444 -0
- pulumi_vault/identity/group_member_group_ids.py +467 -0
- pulumi_vault/identity/group_policies.py +471 -0
- pulumi_vault/identity/mfa_duo.py +674 -0
- pulumi_vault/identity/mfa_login_enforcement.py +566 -0
- pulumi_vault/identity/mfa_okta.py +626 -0
- pulumi_vault/identity/mfa_pingid.py +616 -0
- pulumi_vault/identity/mfa_totp.py +758 -0
- pulumi_vault/identity/oidc.py +268 -0
- pulumi_vault/identity/oidc_assignment.py +375 -0
- pulumi_vault/identity/oidc_client.py +667 -0
- pulumi_vault/identity/oidc_key.py +474 -0
- pulumi_vault/identity/oidc_key_allowed_client_id.py +298 -0
- pulumi_vault/identity/oidc_provider.py +550 -0
- pulumi_vault/identity/oidc_role.py +543 -0
- pulumi_vault/identity/oidc_scope.py +355 -0
- pulumi_vault/identity/outputs.py +137 -0
- pulumi_vault/jwt/__init__.py +12 -0
- pulumi_vault/jwt/_inputs.py +225 -0
- pulumi_vault/jwt/auth_backend.py +1347 -0
- pulumi_vault/jwt/auth_backend_role.py +1847 -0
- pulumi_vault/jwt/outputs.py +174 -0
- pulumi_vault/kmip/__init__.py +11 -0
- pulumi_vault/kmip/secret_backend.py +1591 -0
- pulumi_vault/kmip/secret_role.py +1194 -0
- pulumi_vault/kmip/secret_scope.py +372 -0
- pulumi_vault/kubernetes/__init__.py +15 -0
- pulumi_vault/kubernetes/auth_backend_config.py +654 -0
- pulumi_vault/kubernetes/auth_backend_role.py +1031 -0
- pulumi_vault/kubernetes/get_auth_backend_config.py +280 -0
- pulumi_vault/kubernetes/get_auth_backend_role.py +470 -0
- pulumi_vault/kubernetes/get_service_account_token.py +344 -0
- pulumi_vault/kubernetes/secret_backend.py +1341 -0
- pulumi_vault/kubernetes/secret_backend_role.py +1140 -0
- pulumi_vault/kv/__init__.py +18 -0
- pulumi_vault/kv/_inputs.py +124 -0
- pulumi_vault/kv/get_secret.py +240 -0
- pulumi_vault/kv/get_secret_subkeys_v2.py +275 -0
- pulumi_vault/kv/get_secret_v2.py +315 -0
- pulumi_vault/kv/get_secrets_list.py +186 -0
- pulumi_vault/kv/get_secrets_list_v2.py +243 -0
- pulumi_vault/kv/outputs.py +102 -0
- pulumi_vault/kv/secret.py +397 -0
- pulumi_vault/kv/secret_backend_v2.py +455 -0
- pulumi_vault/kv/secret_v2.py +970 -0
- pulumi_vault/ldap/__init__.py +19 -0
- pulumi_vault/ldap/_inputs.py +225 -0
- pulumi_vault/ldap/auth_backend.py +2520 -0
- pulumi_vault/ldap/auth_backend_group.py +386 -0
- pulumi_vault/ldap/auth_backend_user.py +439 -0
- pulumi_vault/ldap/get_dynamic_credentials.py +181 -0
- pulumi_vault/ldap/get_static_credentials.py +192 -0
- pulumi_vault/ldap/outputs.py +174 -0
- pulumi_vault/ldap/secret_backend.py +2207 -0
- pulumi_vault/ldap/secret_backend_dynamic_role.py +767 -0
- pulumi_vault/ldap/secret_backend_library_set.py +552 -0
- pulumi_vault/ldap/secret_backend_static_role.py +541 -0
- pulumi_vault/managed/__init__.py +11 -0
- pulumi_vault/managed/_inputs.py +944 -0
- pulumi_vault/managed/keys.py +398 -0
- pulumi_vault/managed/outputs.py +667 -0
- pulumi_vault/mfa_duo.py +589 -0
- pulumi_vault/mfa_okta.py +623 -0
- pulumi_vault/mfa_pingid.py +670 -0
- pulumi_vault/mfa_totp.py +620 -0
- pulumi_vault/mongodbatlas/__init__.py +10 -0
- pulumi_vault/mongodbatlas/secret_backend.py +388 -0
- pulumi_vault/mongodbatlas/secret_role.py +726 -0
- pulumi_vault/mount.py +1262 -0
- pulumi_vault/namespace.py +452 -0
- pulumi_vault/nomad_secret_backend.py +1559 -0
- pulumi_vault/nomad_secret_role.py +489 -0
- pulumi_vault/oci_auth_backend.py +676 -0
- pulumi_vault/oci_auth_backend_role.py +852 -0
- pulumi_vault/okta/__init__.py +13 -0
- pulumi_vault/okta/_inputs.py +320 -0
- pulumi_vault/okta/auth_backend.py +1231 -0
- pulumi_vault/okta/auth_backend_group.py +369 -0
- pulumi_vault/okta/auth_backend_user.py +416 -0
- pulumi_vault/okta/outputs.py +244 -0
- pulumi_vault/outputs.py +502 -0
- pulumi_vault/pkisecret/__init__.py +38 -0
- pulumi_vault/pkisecret/_inputs.py +270 -0
- pulumi_vault/pkisecret/backend_acme_eab.py +550 -0
- pulumi_vault/pkisecret/backend_config_acme.py +690 -0
- pulumi_vault/pkisecret/backend_config_auto_tidy.py +1370 -0
- pulumi_vault/pkisecret/backend_config_cluster.py +370 -0
- pulumi_vault/pkisecret/backend_config_cmpv2.py +693 -0
- pulumi_vault/pkisecret/backend_config_est.py +756 -0
- pulumi_vault/pkisecret/backend_config_scep.py +738 -0
- pulumi_vault/pkisecret/get_backend_cert_metadata.py +277 -0
- pulumi_vault/pkisecret/get_backend_config_cmpv2.py +226 -0
- pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
- pulumi_vault/pkisecret/get_backend_config_scep.py +271 -0
- pulumi_vault/pkisecret/get_backend_issuer.py +395 -0
- pulumi_vault/pkisecret/get_backend_issuers.py +192 -0
- pulumi_vault/pkisecret/get_backend_key.py +211 -0
- pulumi_vault/pkisecret/get_backend_keys.py +192 -0
- pulumi_vault/pkisecret/outputs.py +270 -0
- pulumi_vault/pkisecret/secret_backend_cert.py +1315 -0
- pulumi_vault/pkisecret/secret_backend_config_ca.py +386 -0
- pulumi_vault/pkisecret/secret_backend_config_issuers.py +392 -0
- pulumi_vault/pkisecret/secret_backend_config_urls.py +462 -0
- pulumi_vault/pkisecret/secret_backend_crl_config.py +846 -0
- pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +1629 -0
- pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +444 -0
- pulumi_vault/pkisecret/secret_backend_issuer.py +1089 -0
- pulumi_vault/pkisecret/secret_backend_key.py +613 -0
- pulumi_vault/pkisecret/secret_backend_role.py +2694 -0
- pulumi_vault/pkisecret/secret_backend_root_cert.py +2134 -0
- pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +2031 -0
- pulumi_vault/pkisecret/secret_backend_sign.py +1194 -0
- pulumi_vault/plugin.py +596 -0
- pulumi_vault/plugin_pinned_version.py +299 -0
- pulumi_vault/policy.py +279 -0
- pulumi_vault/provider.py +781 -0
- pulumi_vault/pulumi-plugin.json +5 -0
- pulumi_vault/py.typed +0 -0
- pulumi_vault/quota_lease_count.py +504 -0
- pulumi_vault/quota_rate_limit.py +751 -0
- pulumi_vault/rabbitmq/__init__.py +12 -0
- pulumi_vault/rabbitmq/_inputs.py +235 -0
- pulumi_vault/rabbitmq/outputs.py +144 -0
- pulumi_vault/rabbitmq/secret_backend.py +1437 -0
- pulumi_vault/rabbitmq/secret_backend_role.py +496 -0
- pulumi_vault/raft_autopilot.py +609 -0
- pulumi_vault/raft_snapshot_agent_config.py +1591 -0
- pulumi_vault/rgp_policy.py +349 -0
- pulumi_vault/saml/__init__.py +12 -0
- pulumi_vault/saml/_inputs.py +225 -0
- pulumi_vault/saml/auth_backend.py +811 -0
- pulumi_vault/saml/auth_backend_role.py +1068 -0
- pulumi_vault/saml/outputs.py +174 -0
- pulumi_vault/scep_auth_backend_role.py +908 -0
- pulumi_vault/secrets/__init__.py +18 -0
- pulumi_vault/secrets/_inputs.py +110 -0
- pulumi_vault/secrets/outputs.py +94 -0
- pulumi_vault/secrets/sync_association.py +450 -0
- pulumi_vault/secrets/sync_aws_destination.py +780 -0
- pulumi_vault/secrets/sync_azure_destination.py +736 -0
- pulumi_vault/secrets/sync_config.py +303 -0
- pulumi_vault/secrets/sync_gcp_destination.py +572 -0
- pulumi_vault/secrets/sync_gh_destination.py +688 -0
- pulumi_vault/secrets/sync_github_apps.py +376 -0
- pulumi_vault/secrets/sync_vercel_destination.py +603 -0
- pulumi_vault/ssh/__init__.py +13 -0
- pulumi_vault/ssh/_inputs.py +76 -0
- pulumi_vault/ssh/get_secret_backend_sign.py +294 -0
- pulumi_vault/ssh/outputs.py +51 -0
- pulumi_vault/ssh/secret_backend_ca.py +588 -0
- pulumi_vault/ssh/secret_backend_role.py +1493 -0
- pulumi_vault/terraformcloud/__init__.py +11 -0
- pulumi_vault/terraformcloud/secret_backend.py +1321 -0
- pulumi_vault/terraformcloud/secret_creds.py +445 -0
- pulumi_vault/terraformcloud/secret_role.py +563 -0
- pulumi_vault/token.py +1026 -0
- pulumi_vault/tokenauth/__init__.py +9 -0
- pulumi_vault/tokenauth/auth_backend_role.py +1135 -0
- pulumi_vault/transform/__init__.py +14 -0
- pulumi_vault/transform/alphabet.py +348 -0
- pulumi_vault/transform/get_decode.py +287 -0
- pulumi_vault/transform/get_encode.py +291 -0
- pulumi_vault/transform/role.py +350 -0
- pulumi_vault/transform/template.py +592 -0
- pulumi_vault/transform/transformation.py +608 -0
- pulumi_vault/transit/__init__.py +15 -0
- pulumi_vault/transit/get_cmac.py +256 -0
- pulumi_vault/transit/get_decrypt.py +181 -0
- pulumi_vault/transit/get_encrypt.py +174 -0
- pulumi_vault/transit/get_sign.py +328 -0
- pulumi_vault/transit/get_verify.py +373 -0
- pulumi_vault/transit/secret_backend_key.py +1202 -0
- pulumi_vault/transit/secret_cache_config.py +302 -0
- pulumi_vault-7.6.0a1764657486.dist-info/METADATA +92 -0
- pulumi_vault-7.6.0a1764657486.dist-info/RECORD +274 -0
- pulumi_vault-7.6.0a1764657486.dist-info/WHEEL +5 -0
- pulumi_vault-7.6.0a1764657486.dist-info/top_level.txt +1 -0
|
@@ -0,0 +1,202 @@
|
|
|
1
|
+
# coding=utf-8
|
|
2
|
+
# *** WARNING: this file was generated by pulumi-language-python. ***
|
|
3
|
+
# *** Do not edit by hand unless you're certain you know what you are doing! ***
|
|
4
|
+
|
|
5
|
+
import builtins as _builtins
|
|
6
|
+
import warnings
|
|
7
|
+
import sys
|
|
8
|
+
import pulumi
|
|
9
|
+
import pulumi.runtime
|
|
10
|
+
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
|
11
|
+
if sys.version_info >= (3, 11):
|
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
|
13
|
+
else:
|
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
|
15
|
+
from . import _utilities
|
|
16
|
+
|
|
17
|
+
__all__ = [
|
|
18
|
+
'GetNamespacesResult',
|
|
19
|
+
'AwaitableGetNamespacesResult',
|
|
20
|
+
'get_namespaces',
|
|
21
|
+
'get_namespaces_output',
|
|
22
|
+
]
|
|
23
|
+
|
|
24
|
+
@pulumi.output_type
|
|
25
|
+
class GetNamespacesResult:
|
|
26
|
+
"""
|
|
27
|
+
A collection of values returned by getNamespaces.
|
|
28
|
+
"""
|
|
29
|
+
def __init__(__self__, id=None, namespace=None, paths=None, paths_fqs=None, recursive=None):
|
|
30
|
+
if id and not isinstance(id, str):
|
|
31
|
+
raise TypeError("Expected argument 'id' to be a str")
|
|
32
|
+
pulumi.set(__self__, "id", id)
|
|
33
|
+
if namespace and not isinstance(namespace, str):
|
|
34
|
+
raise TypeError("Expected argument 'namespace' to be a str")
|
|
35
|
+
pulumi.set(__self__, "namespace", namespace)
|
|
36
|
+
if paths and not isinstance(paths, list):
|
|
37
|
+
raise TypeError("Expected argument 'paths' to be a list")
|
|
38
|
+
pulumi.set(__self__, "paths", paths)
|
|
39
|
+
if paths_fqs and not isinstance(paths_fqs, list):
|
|
40
|
+
raise TypeError("Expected argument 'paths_fqs' to be a list")
|
|
41
|
+
pulumi.set(__self__, "paths_fqs", paths_fqs)
|
|
42
|
+
if recursive and not isinstance(recursive, bool):
|
|
43
|
+
raise TypeError("Expected argument 'recursive' to be a bool")
|
|
44
|
+
pulumi.set(__self__, "recursive", recursive)
|
|
45
|
+
|
|
46
|
+
@_builtins.property
|
|
47
|
+
@pulumi.getter
|
|
48
|
+
def id(self) -> _builtins.str:
|
|
49
|
+
"""
|
|
50
|
+
The provider-assigned unique ID for this managed resource.
|
|
51
|
+
"""
|
|
52
|
+
return pulumi.get(self, "id")
|
|
53
|
+
|
|
54
|
+
@_builtins.property
|
|
55
|
+
@pulumi.getter
|
|
56
|
+
def namespace(self) -> Optional[_builtins.str]:
|
|
57
|
+
return pulumi.get(self, "namespace")
|
|
58
|
+
|
|
59
|
+
@_builtins.property
|
|
60
|
+
@pulumi.getter
|
|
61
|
+
def paths(self) -> Sequence[_builtins.str]:
|
|
62
|
+
"""
|
|
63
|
+
Set of the paths of child namespaces.
|
|
64
|
+
"""
|
|
65
|
+
return pulumi.get(self, "paths")
|
|
66
|
+
|
|
67
|
+
@_builtins.property
|
|
68
|
+
@pulumi.getter(name="pathsFqs")
|
|
69
|
+
def paths_fqs(self) -> Sequence[_builtins.str]:
|
|
70
|
+
"""
|
|
71
|
+
Set of the fully qualified paths of child namespaces.
|
|
72
|
+
"""
|
|
73
|
+
return pulumi.get(self, "paths_fqs")
|
|
74
|
+
|
|
75
|
+
@_builtins.property
|
|
76
|
+
@pulumi.getter
|
|
77
|
+
def recursive(self) -> Optional[_builtins.bool]:
|
|
78
|
+
return pulumi.get(self, "recursive")
|
|
79
|
+
|
|
80
|
+
|
|
81
|
+
class AwaitableGetNamespacesResult(GetNamespacesResult):
|
|
82
|
+
# pylint: disable=using-constant-test
|
|
83
|
+
def __await__(self):
|
|
84
|
+
if False:
|
|
85
|
+
yield self
|
|
86
|
+
return GetNamespacesResult(
|
|
87
|
+
id=self.id,
|
|
88
|
+
namespace=self.namespace,
|
|
89
|
+
paths=self.paths,
|
|
90
|
+
paths_fqs=self.paths_fqs,
|
|
91
|
+
recursive=self.recursive)
|
|
92
|
+
|
|
93
|
+
|
|
94
|
+
def get_namespaces(namespace: Optional[_builtins.str] = None,
|
|
95
|
+
recursive: Optional[_builtins.bool] = None,
|
|
96
|
+
opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetNamespacesResult:
|
|
97
|
+
"""
|
|
98
|
+
## Example Usage
|
|
99
|
+
|
|
100
|
+
### Direct child namespaces
|
|
101
|
+
|
|
102
|
+
```python
|
|
103
|
+
import pulumi
|
|
104
|
+
import pulumi_vault as vault
|
|
105
|
+
|
|
106
|
+
children = vault.get_namespaces()
|
|
107
|
+
```
|
|
108
|
+
|
|
109
|
+
### All child namespaces
|
|
110
|
+
|
|
111
|
+
```python
|
|
112
|
+
import pulumi
|
|
113
|
+
import pulumi_vault as vault
|
|
114
|
+
|
|
115
|
+
children = vault.get_namespaces(recursive=True)
|
|
116
|
+
```
|
|
117
|
+
|
|
118
|
+
### Child namespace details
|
|
119
|
+
|
|
120
|
+
To fetch the details of child namespaces:
|
|
121
|
+
|
|
122
|
+
```python
|
|
123
|
+
import pulumi
|
|
124
|
+
import pulumi_vault as vault
|
|
125
|
+
|
|
126
|
+
children = vault.get_namespaces(namespace="parent")
|
|
127
|
+
child = {__key: vault.get_namespace(namespace=children.namespace,
|
|
128
|
+
path=__key) for __key, __value in children.paths}
|
|
129
|
+
```
|
|
130
|
+
|
|
131
|
+
|
|
132
|
+
:param _builtins.str namespace: The namespace to provision the resource in.
|
|
133
|
+
The value should not contain leading or trailing forward slashes.
|
|
134
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
|
135
|
+
:param _builtins.bool recursive: If `true`, it will returns all child namespaces of the given namespace. Defaults to `false`, which returns only direct child namespaces.
|
|
136
|
+
"""
|
|
137
|
+
__args__ = dict()
|
|
138
|
+
__args__['namespace'] = namespace
|
|
139
|
+
__args__['recursive'] = recursive
|
|
140
|
+
opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
|
|
141
|
+
__ret__ = pulumi.runtime.invoke('vault:index/getNamespaces:getNamespaces', __args__, opts=opts, typ=GetNamespacesResult).value
|
|
142
|
+
|
|
143
|
+
return AwaitableGetNamespacesResult(
|
|
144
|
+
id=pulumi.get(__ret__, 'id'),
|
|
145
|
+
namespace=pulumi.get(__ret__, 'namespace'),
|
|
146
|
+
paths=pulumi.get(__ret__, 'paths'),
|
|
147
|
+
paths_fqs=pulumi.get(__ret__, 'paths_fqs'),
|
|
148
|
+
recursive=pulumi.get(__ret__, 'recursive'))
|
|
149
|
+
def get_namespaces_output(namespace: Optional[pulumi.Input[Optional[_builtins.str]]] = None,
|
|
150
|
+
recursive: Optional[pulumi.Input[Optional[_builtins.bool]]] = None,
|
|
151
|
+
opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetNamespacesResult]:
|
|
152
|
+
"""
|
|
153
|
+
## Example Usage
|
|
154
|
+
|
|
155
|
+
### Direct child namespaces
|
|
156
|
+
|
|
157
|
+
```python
|
|
158
|
+
import pulumi
|
|
159
|
+
import pulumi_vault as vault
|
|
160
|
+
|
|
161
|
+
children = vault.get_namespaces()
|
|
162
|
+
```
|
|
163
|
+
|
|
164
|
+
### All child namespaces
|
|
165
|
+
|
|
166
|
+
```python
|
|
167
|
+
import pulumi
|
|
168
|
+
import pulumi_vault as vault
|
|
169
|
+
|
|
170
|
+
children = vault.get_namespaces(recursive=True)
|
|
171
|
+
```
|
|
172
|
+
|
|
173
|
+
### Child namespace details
|
|
174
|
+
|
|
175
|
+
To fetch the details of child namespaces:
|
|
176
|
+
|
|
177
|
+
```python
|
|
178
|
+
import pulumi
|
|
179
|
+
import pulumi_vault as vault
|
|
180
|
+
|
|
181
|
+
children = vault.get_namespaces(namespace="parent")
|
|
182
|
+
child = {__key: vault.get_namespace(namespace=children.namespace,
|
|
183
|
+
path=__key) for __key, __value in children.paths}
|
|
184
|
+
```
|
|
185
|
+
|
|
186
|
+
|
|
187
|
+
:param _builtins.str namespace: The namespace to provision the resource in.
|
|
188
|
+
The value should not contain leading or trailing forward slashes.
|
|
189
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
|
|
190
|
+
:param _builtins.bool recursive: If `true`, it will returns all child namespaces of the given namespace. Defaults to `false`, which returns only direct child namespaces.
|
|
191
|
+
"""
|
|
192
|
+
__args__ = dict()
|
|
193
|
+
__args__['namespace'] = namespace
|
|
194
|
+
__args__['recursive'] = recursive
|
|
195
|
+
opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
|
|
196
|
+
__ret__ = pulumi.runtime.invoke_output('vault:index/getNamespaces:getNamespaces', __args__, opts=opts, typ=GetNamespacesResult)
|
|
197
|
+
return __ret__.apply(lambda __response__: GetNamespacesResult(
|
|
198
|
+
id=pulumi.get(__response__, 'id'),
|
|
199
|
+
namespace=pulumi.get(__response__, 'namespace'),
|
|
200
|
+
paths=pulumi.get(__response__, 'paths'),
|
|
201
|
+
paths_fqs=pulumi.get(__response__, 'paths_fqs'),
|
|
202
|
+
recursive=pulumi.get(__response__, 'recursive')))
|
|
@@ -0,0 +1,210 @@
|
|
|
1
|
+
# coding=utf-8
|
|
2
|
+
# *** WARNING: this file was generated by pulumi-language-python. ***
|
|
3
|
+
# *** Do not edit by hand unless you're certain you know what you are doing! ***
|
|
4
|
+
|
|
5
|
+
import builtins as _builtins
|
|
6
|
+
import warnings
|
|
7
|
+
import sys
|
|
8
|
+
import pulumi
|
|
9
|
+
import pulumi.runtime
|
|
10
|
+
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
|
11
|
+
if sys.version_info >= (3, 11):
|
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
|
13
|
+
else:
|
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
|
15
|
+
from . import _utilities
|
|
16
|
+
|
|
17
|
+
__all__ = [
|
|
18
|
+
'GetNomadAccessTokenResult',
|
|
19
|
+
'AwaitableGetNomadAccessTokenResult',
|
|
20
|
+
'get_nomad_access_token',
|
|
21
|
+
'get_nomad_access_token_output',
|
|
22
|
+
]
|
|
23
|
+
|
|
24
|
+
@pulumi.output_type
|
|
25
|
+
class GetNomadAccessTokenResult:
|
|
26
|
+
"""
|
|
27
|
+
A collection of values returned by getNomadAccessToken.
|
|
28
|
+
"""
|
|
29
|
+
def __init__(__self__, accessor_id=None, backend=None, id=None, namespace=None, role=None, secret_id=None):
|
|
30
|
+
if accessor_id and not isinstance(accessor_id, str):
|
|
31
|
+
raise TypeError("Expected argument 'accessor_id' to be a str")
|
|
32
|
+
pulumi.set(__self__, "accessor_id", accessor_id)
|
|
33
|
+
if backend and not isinstance(backend, str):
|
|
34
|
+
raise TypeError("Expected argument 'backend' to be a str")
|
|
35
|
+
pulumi.set(__self__, "backend", backend)
|
|
36
|
+
if id and not isinstance(id, str):
|
|
37
|
+
raise TypeError("Expected argument 'id' to be a str")
|
|
38
|
+
pulumi.set(__self__, "id", id)
|
|
39
|
+
if namespace and not isinstance(namespace, str):
|
|
40
|
+
raise TypeError("Expected argument 'namespace' to be a str")
|
|
41
|
+
pulumi.set(__self__, "namespace", namespace)
|
|
42
|
+
if role and not isinstance(role, str):
|
|
43
|
+
raise TypeError("Expected argument 'role' to be a str")
|
|
44
|
+
pulumi.set(__self__, "role", role)
|
|
45
|
+
if secret_id and not isinstance(secret_id, str):
|
|
46
|
+
raise TypeError("Expected argument 'secret_id' to be a str")
|
|
47
|
+
pulumi.set(__self__, "secret_id", secret_id)
|
|
48
|
+
|
|
49
|
+
@_builtins.property
|
|
50
|
+
@pulumi.getter(name="accessorId")
|
|
51
|
+
def accessor_id(self) -> _builtins.str:
|
|
52
|
+
"""
|
|
53
|
+
The public identifier for a specific token. It can be used
|
|
54
|
+
to look up information about a token or to revoke a token.
|
|
55
|
+
"""
|
|
56
|
+
return pulumi.get(self, "accessor_id")
|
|
57
|
+
|
|
58
|
+
@_builtins.property
|
|
59
|
+
@pulumi.getter
|
|
60
|
+
def backend(self) -> _builtins.str:
|
|
61
|
+
return pulumi.get(self, "backend")
|
|
62
|
+
|
|
63
|
+
@_builtins.property
|
|
64
|
+
@pulumi.getter
|
|
65
|
+
def id(self) -> _builtins.str:
|
|
66
|
+
"""
|
|
67
|
+
The provider-assigned unique ID for this managed resource.
|
|
68
|
+
"""
|
|
69
|
+
return pulumi.get(self, "id")
|
|
70
|
+
|
|
71
|
+
@_builtins.property
|
|
72
|
+
@pulumi.getter
|
|
73
|
+
def namespace(self) -> Optional[_builtins.str]:
|
|
74
|
+
return pulumi.get(self, "namespace")
|
|
75
|
+
|
|
76
|
+
@_builtins.property
|
|
77
|
+
@pulumi.getter
|
|
78
|
+
def role(self) -> _builtins.str:
|
|
79
|
+
return pulumi.get(self, "role")
|
|
80
|
+
|
|
81
|
+
@_builtins.property
|
|
82
|
+
@pulumi.getter(name="secretId")
|
|
83
|
+
def secret_id(self) -> _builtins.str:
|
|
84
|
+
"""
|
|
85
|
+
The token to be used when making requests to Nomad and should be kept private.
|
|
86
|
+
"""
|
|
87
|
+
return pulumi.get(self, "secret_id")
|
|
88
|
+
|
|
89
|
+
|
|
90
|
+
class AwaitableGetNomadAccessTokenResult(GetNomadAccessTokenResult):
|
|
91
|
+
# pylint: disable=using-constant-test
|
|
92
|
+
def __await__(self):
|
|
93
|
+
if False:
|
|
94
|
+
yield self
|
|
95
|
+
return GetNomadAccessTokenResult(
|
|
96
|
+
accessor_id=self.accessor_id,
|
|
97
|
+
backend=self.backend,
|
|
98
|
+
id=self.id,
|
|
99
|
+
namespace=self.namespace,
|
|
100
|
+
role=self.role,
|
|
101
|
+
secret_id=self.secret_id)
|
|
102
|
+
|
|
103
|
+
|
|
104
|
+
def get_nomad_access_token(backend: Optional[_builtins.str] = None,
|
|
105
|
+
namespace: Optional[_builtins.str] = None,
|
|
106
|
+
role: Optional[_builtins.str] = None,
|
|
107
|
+
opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetNomadAccessTokenResult:
|
|
108
|
+
"""
|
|
109
|
+
## Example Usage
|
|
110
|
+
|
|
111
|
+
```python
|
|
112
|
+
import pulumi
|
|
113
|
+
import pulumi_vault as vault
|
|
114
|
+
|
|
115
|
+
config = vault.NomadSecretBackend("config",
|
|
116
|
+
backend="nomad",
|
|
117
|
+
description="test description",
|
|
118
|
+
default_lease_ttl_seconds=3600,
|
|
119
|
+
max_lease_ttl_seconds=7200,
|
|
120
|
+
address="https://127.0.0.1:4646",
|
|
121
|
+
token="ae20ceaa-...")
|
|
122
|
+
test = vault.NomadSecretRole("test",
|
|
123
|
+
backend=config.backend,
|
|
124
|
+
role="test",
|
|
125
|
+
type="client",
|
|
126
|
+
policies=["readonly"])
|
|
127
|
+
token = pulumi.Output.all(
|
|
128
|
+
backend=config.backend,
|
|
129
|
+
role=test.role
|
|
130
|
+
).apply(lambda resolved_outputs: vault.get_nomad_access_token_output(backend=resolved_outputs['backend'],
|
|
131
|
+
role=resolved_outputs['role']))
|
|
132
|
+
```
|
|
133
|
+
|
|
134
|
+
|
|
135
|
+
:param _builtins.str backend: The path to the Nomad secret backend to
|
|
136
|
+
read credentials from, with no leading or trailing `/`s.
|
|
137
|
+
:param _builtins.str namespace: The namespace of the target resource.
|
|
138
|
+
The value should not contain leading or trailing forward slashes.
|
|
139
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
|
140
|
+
*Available only for Vault Enterprise*.
|
|
141
|
+
:param _builtins.str role: The name of the Nomad secret backend role to generate
|
|
142
|
+
a token for, with no leading or trailing `/`s.
|
|
143
|
+
"""
|
|
144
|
+
__args__ = dict()
|
|
145
|
+
__args__['backend'] = backend
|
|
146
|
+
__args__['namespace'] = namespace
|
|
147
|
+
__args__['role'] = role
|
|
148
|
+
opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
|
|
149
|
+
__ret__ = pulumi.runtime.invoke('vault:index/getNomadAccessToken:getNomadAccessToken', __args__, opts=opts, typ=GetNomadAccessTokenResult).value
|
|
150
|
+
|
|
151
|
+
return AwaitableGetNomadAccessTokenResult(
|
|
152
|
+
accessor_id=pulumi.get(__ret__, 'accessor_id'),
|
|
153
|
+
backend=pulumi.get(__ret__, 'backend'),
|
|
154
|
+
id=pulumi.get(__ret__, 'id'),
|
|
155
|
+
namespace=pulumi.get(__ret__, 'namespace'),
|
|
156
|
+
role=pulumi.get(__ret__, 'role'),
|
|
157
|
+
secret_id=pulumi.get(__ret__, 'secret_id'))
|
|
158
|
+
def get_nomad_access_token_output(backend: Optional[pulumi.Input[_builtins.str]] = None,
|
|
159
|
+
namespace: Optional[pulumi.Input[Optional[_builtins.str]]] = None,
|
|
160
|
+
role: Optional[pulumi.Input[_builtins.str]] = None,
|
|
161
|
+
opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetNomadAccessTokenResult]:
|
|
162
|
+
"""
|
|
163
|
+
## Example Usage
|
|
164
|
+
|
|
165
|
+
```python
|
|
166
|
+
import pulumi
|
|
167
|
+
import pulumi_vault as vault
|
|
168
|
+
|
|
169
|
+
config = vault.NomadSecretBackend("config",
|
|
170
|
+
backend="nomad",
|
|
171
|
+
description="test description",
|
|
172
|
+
default_lease_ttl_seconds=3600,
|
|
173
|
+
max_lease_ttl_seconds=7200,
|
|
174
|
+
address="https://127.0.0.1:4646",
|
|
175
|
+
token="ae20ceaa-...")
|
|
176
|
+
test = vault.NomadSecretRole("test",
|
|
177
|
+
backend=config.backend,
|
|
178
|
+
role="test",
|
|
179
|
+
type="client",
|
|
180
|
+
policies=["readonly"])
|
|
181
|
+
token = pulumi.Output.all(
|
|
182
|
+
backend=config.backend,
|
|
183
|
+
role=test.role
|
|
184
|
+
).apply(lambda resolved_outputs: vault.get_nomad_access_token_output(backend=resolved_outputs['backend'],
|
|
185
|
+
role=resolved_outputs['role']))
|
|
186
|
+
```
|
|
187
|
+
|
|
188
|
+
|
|
189
|
+
:param _builtins.str backend: The path to the Nomad secret backend to
|
|
190
|
+
read credentials from, with no leading or trailing `/`s.
|
|
191
|
+
:param _builtins.str namespace: The namespace of the target resource.
|
|
192
|
+
The value should not contain leading or trailing forward slashes.
|
|
193
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
|
194
|
+
*Available only for Vault Enterprise*.
|
|
195
|
+
:param _builtins.str role: The name of the Nomad secret backend role to generate
|
|
196
|
+
a token for, with no leading or trailing `/`s.
|
|
197
|
+
"""
|
|
198
|
+
__args__ = dict()
|
|
199
|
+
__args__['backend'] = backend
|
|
200
|
+
__args__['namespace'] = namespace
|
|
201
|
+
__args__['role'] = role
|
|
202
|
+
opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
|
|
203
|
+
__ret__ = pulumi.runtime.invoke_output('vault:index/getNomadAccessToken:getNomadAccessToken', __args__, opts=opts, typ=GetNomadAccessTokenResult)
|
|
204
|
+
return __ret__.apply(lambda __response__: GetNomadAccessTokenResult(
|
|
205
|
+
accessor_id=pulumi.get(__response__, 'accessor_id'),
|
|
206
|
+
backend=pulumi.get(__response__, 'backend'),
|
|
207
|
+
id=pulumi.get(__response__, 'id'),
|
|
208
|
+
namespace=pulumi.get(__response__, 'namespace'),
|
|
209
|
+
role=pulumi.get(__response__, 'role'),
|
|
210
|
+
secret_id=pulumi.get(__response__, 'secret_id')))
|
|
@@ -0,0 +1,160 @@
|
|
|
1
|
+
# coding=utf-8
|
|
2
|
+
# *** WARNING: this file was generated by pulumi-language-python. ***
|
|
3
|
+
# *** Do not edit by hand unless you're certain you know what you are doing! ***
|
|
4
|
+
|
|
5
|
+
import builtins as _builtins
|
|
6
|
+
import warnings
|
|
7
|
+
import sys
|
|
8
|
+
import pulumi
|
|
9
|
+
import pulumi.runtime
|
|
10
|
+
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
|
11
|
+
if sys.version_info >= (3, 11):
|
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
|
13
|
+
else:
|
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
|
15
|
+
from . import _utilities
|
|
16
|
+
from . import outputs
|
|
17
|
+
from ._inputs import *
|
|
18
|
+
|
|
19
|
+
__all__ = [
|
|
20
|
+
'GetPolicyDocumentResult',
|
|
21
|
+
'AwaitableGetPolicyDocumentResult',
|
|
22
|
+
'get_policy_document',
|
|
23
|
+
'get_policy_document_output',
|
|
24
|
+
]
|
|
25
|
+
|
|
26
|
+
@pulumi.output_type
|
|
27
|
+
class GetPolicyDocumentResult:
|
|
28
|
+
"""
|
|
29
|
+
A collection of values returned by getPolicyDocument.
|
|
30
|
+
"""
|
|
31
|
+
def __init__(__self__, hcl=None, id=None, namespace=None, rules=None):
|
|
32
|
+
if hcl and not isinstance(hcl, str):
|
|
33
|
+
raise TypeError("Expected argument 'hcl' to be a str")
|
|
34
|
+
pulumi.set(__self__, "hcl", hcl)
|
|
35
|
+
if id and not isinstance(id, str):
|
|
36
|
+
raise TypeError("Expected argument 'id' to be a str")
|
|
37
|
+
pulumi.set(__self__, "id", id)
|
|
38
|
+
if namespace and not isinstance(namespace, str):
|
|
39
|
+
raise TypeError("Expected argument 'namespace' to be a str")
|
|
40
|
+
pulumi.set(__self__, "namespace", namespace)
|
|
41
|
+
if rules and not isinstance(rules, list):
|
|
42
|
+
raise TypeError("Expected argument 'rules' to be a list")
|
|
43
|
+
pulumi.set(__self__, "rules", rules)
|
|
44
|
+
|
|
45
|
+
@_builtins.property
|
|
46
|
+
@pulumi.getter
|
|
47
|
+
def hcl(self) -> _builtins.str:
|
|
48
|
+
"""
|
|
49
|
+
The above arguments serialized as a standard Vault HCL policy document.
|
|
50
|
+
"""
|
|
51
|
+
return pulumi.get(self, "hcl")
|
|
52
|
+
|
|
53
|
+
@_builtins.property
|
|
54
|
+
@pulumi.getter
|
|
55
|
+
def id(self) -> _builtins.str:
|
|
56
|
+
"""
|
|
57
|
+
The provider-assigned unique ID for this managed resource.
|
|
58
|
+
"""
|
|
59
|
+
return pulumi.get(self, "id")
|
|
60
|
+
|
|
61
|
+
@_builtins.property
|
|
62
|
+
@pulumi.getter
|
|
63
|
+
def namespace(self) -> Optional[_builtins.str]:
|
|
64
|
+
return pulumi.get(self, "namespace")
|
|
65
|
+
|
|
66
|
+
@_builtins.property
|
|
67
|
+
@pulumi.getter
|
|
68
|
+
def rules(self) -> Sequence['outputs.GetPolicyDocumentRuleResult']:
|
|
69
|
+
return pulumi.get(self, "rules")
|
|
70
|
+
|
|
71
|
+
|
|
72
|
+
class AwaitableGetPolicyDocumentResult(GetPolicyDocumentResult):
|
|
73
|
+
# pylint: disable=using-constant-test
|
|
74
|
+
def __await__(self):
|
|
75
|
+
if False:
|
|
76
|
+
yield self
|
|
77
|
+
return GetPolicyDocumentResult(
|
|
78
|
+
hcl=self.hcl,
|
|
79
|
+
id=self.id,
|
|
80
|
+
namespace=self.namespace,
|
|
81
|
+
rules=self.rules)
|
|
82
|
+
|
|
83
|
+
|
|
84
|
+
def get_policy_document(namespace: Optional[_builtins.str] = None,
|
|
85
|
+
rules: Optional[Sequence[Union['GetPolicyDocumentRuleArgs', 'GetPolicyDocumentRuleArgsDict']]] = None,
|
|
86
|
+
opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetPolicyDocumentResult:
|
|
87
|
+
"""
|
|
88
|
+
This is a data source which can be used to construct a HCL representation of an Vault policy document, for use with resources which expect policy documents, such as the `Policy` resource.
|
|
89
|
+
|
|
90
|
+
## Example Usage
|
|
91
|
+
|
|
92
|
+
```python
|
|
93
|
+
import pulumi
|
|
94
|
+
import pulumi_vault as vault
|
|
95
|
+
|
|
96
|
+
example = vault.get_policy_document(rules=[{
|
|
97
|
+
"path": "secret/*",
|
|
98
|
+
"capabilities": [
|
|
99
|
+
"create",
|
|
100
|
+
"read",
|
|
101
|
+
"update",
|
|
102
|
+
"delete",
|
|
103
|
+
"list",
|
|
104
|
+
],
|
|
105
|
+
"description": "allow all on secrets",
|
|
106
|
+
}])
|
|
107
|
+
example_policy = vault.Policy("example",
|
|
108
|
+
name="example_policy",
|
|
109
|
+
policy=example.hcl)
|
|
110
|
+
```
|
|
111
|
+
"""
|
|
112
|
+
__args__ = dict()
|
|
113
|
+
__args__['namespace'] = namespace
|
|
114
|
+
__args__['rules'] = rules
|
|
115
|
+
opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
|
|
116
|
+
__ret__ = pulumi.runtime.invoke('vault:index/getPolicyDocument:getPolicyDocument', __args__, opts=opts, typ=GetPolicyDocumentResult).value
|
|
117
|
+
|
|
118
|
+
return AwaitableGetPolicyDocumentResult(
|
|
119
|
+
hcl=pulumi.get(__ret__, 'hcl'),
|
|
120
|
+
id=pulumi.get(__ret__, 'id'),
|
|
121
|
+
namespace=pulumi.get(__ret__, 'namespace'),
|
|
122
|
+
rules=pulumi.get(__ret__, 'rules'))
|
|
123
|
+
def get_policy_document_output(namespace: Optional[pulumi.Input[Optional[_builtins.str]]] = None,
|
|
124
|
+
rules: Optional[pulumi.Input[Optional[Sequence[Union['GetPolicyDocumentRuleArgs', 'GetPolicyDocumentRuleArgsDict']]]]] = None,
|
|
125
|
+
opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetPolicyDocumentResult]:
|
|
126
|
+
"""
|
|
127
|
+
This is a data source which can be used to construct a HCL representation of an Vault policy document, for use with resources which expect policy documents, such as the `Policy` resource.
|
|
128
|
+
|
|
129
|
+
## Example Usage
|
|
130
|
+
|
|
131
|
+
```python
|
|
132
|
+
import pulumi
|
|
133
|
+
import pulumi_vault as vault
|
|
134
|
+
|
|
135
|
+
example = vault.get_policy_document(rules=[{
|
|
136
|
+
"path": "secret/*",
|
|
137
|
+
"capabilities": [
|
|
138
|
+
"create",
|
|
139
|
+
"read",
|
|
140
|
+
"update",
|
|
141
|
+
"delete",
|
|
142
|
+
"list",
|
|
143
|
+
],
|
|
144
|
+
"description": "allow all on secrets",
|
|
145
|
+
}])
|
|
146
|
+
example_policy = vault.Policy("example",
|
|
147
|
+
name="example_policy",
|
|
148
|
+
policy=example.hcl)
|
|
149
|
+
```
|
|
150
|
+
"""
|
|
151
|
+
__args__ = dict()
|
|
152
|
+
__args__['namespace'] = namespace
|
|
153
|
+
__args__['rules'] = rules
|
|
154
|
+
opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts)
|
|
155
|
+
__ret__ = pulumi.runtime.invoke_output('vault:index/getPolicyDocument:getPolicyDocument', __args__, opts=opts, typ=GetPolicyDocumentResult)
|
|
156
|
+
return __ret__.apply(lambda __response__: GetPolicyDocumentResult(
|
|
157
|
+
hcl=pulumi.get(__response__, 'hcl'),
|
|
158
|
+
id=pulumi.get(__response__, 'id'),
|
|
159
|
+
namespace=pulumi.get(__response__, 'namespace'),
|
|
160
|
+
rules=pulumi.get(__response__, 'rules')))
|