pulumi-vault 7.6.0a1764657486__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pulumi_vault/__init__.py +1399 -0
- pulumi_vault/_inputs.py +2701 -0
- pulumi_vault/_utilities.py +331 -0
- pulumi_vault/ad/__init__.py +12 -0
- pulumi_vault/ad/get_access_credentials.py +177 -0
- pulumi_vault/ad/secret_backend.py +1916 -0
- pulumi_vault/ad/secret_library.py +546 -0
- pulumi_vault/ad/secret_role.py +499 -0
- pulumi_vault/alicloud/__init__.py +9 -0
- pulumi_vault/alicloud/auth_backend_role.py +866 -0
- pulumi_vault/approle/__init__.py +12 -0
- pulumi_vault/approle/auth_backend_login.py +571 -0
- pulumi_vault/approle/auth_backend_role.py +1082 -0
- pulumi_vault/approle/auth_backend_role_secret_id.py +796 -0
- pulumi_vault/approle/get_auth_backend_role_id.py +169 -0
- pulumi_vault/audit.py +499 -0
- pulumi_vault/audit_request_header.py +277 -0
- pulumi_vault/auth_backend.py +565 -0
- pulumi_vault/aws/__init__.py +22 -0
- pulumi_vault/aws/auth_backend_cert.py +420 -0
- pulumi_vault/aws/auth_backend_client.py +1259 -0
- pulumi_vault/aws/auth_backend_config_identity.py +494 -0
- pulumi_vault/aws/auth_backend_identity_whitelist.py +380 -0
- pulumi_vault/aws/auth_backend_login.py +1046 -0
- pulumi_vault/aws/auth_backend_role.py +1961 -0
- pulumi_vault/aws/auth_backend_role_tag.py +638 -0
- pulumi_vault/aws/auth_backend_roletag_blacklist.py +366 -0
- pulumi_vault/aws/auth_backend_sts_role.py +414 -0
- pulumi_vault/aws/get_access_credentials.py +369 -0
- pulumi_vault/aws/get_static_access_credentials.py +137 -0
- pulumi_vault/aws/secret_backend.py +2018 -0
- pulumi_vault/aws/secret_backend_role.py +1188 -0
- pulumi_vault/aws/secret_backend_static_role.py +639 -0
- pulumi_vault/azure/__init__.py +15 -0
- pulumi_vault/azure/_inputs.py +108 -0
- pulumi_vault/azure/auth_backend_config.py +1096 -0
- pulumi_vault/azure/auth_backend_role.py +1176 -0
- pulumi_vault/azure/backend.py +1793 -0
- pulumi_vault/azure/backend_role.py +883 -0
- pulumi_vault/azure/get_access_credentials.py +400 -0
- pulumi_vault/azure/outputs.py +107 -0
- pulumi_vault/cert_auth_backend_role.py +1539 -0
- pulumi_vault/config/__init__.py +9 -0
- pulumi_vault/config/__init__.pyi +164 -0
- pulumi_vault/config/_inputs.py +73 -0
- pulumi_vault/config/outputs.py +1225 -0
- pulumi_vault/config/ui_custom_message.py +530 -0
- pulumi_vault/config/vars.py +230 -0
- pulumi_vault/consul/__init__.py +10 -0
- pulumi_vault/consul/secret_backend.py +1517 -0
- pulumi_vault/consul/secret_backend_role.py +847 -0
- pulumi_vault/database/__init__.py +14 -0
- pulumi_vault/database/_inputs.py +11907 -0
- pulumi_vault/database/outputs.py +8496 -0
- pulumi_vault/database/secret_backend_connection.py +1676 -0
- pulumi_vault/database/secret_backend_role.py +840 -0
- pulumi_vault/database/secret_backend_static_role.py +881 -0
- pulumi_vault/database/secrets_mount.py +2160 -0
- pulumi_vault/egp_policy.py +399 -0
- pulumi_vault/gcp/__init__.py +17 -0
- pulumi_vault/gcp/_inputs.py +441 -0
- pulumi_vault/gcp/auth_backend.py +1486 -0
- pulumi_vault/gcp/auth_backend_role.py +1235 -0
- pulumi_vault/gcp/get_auth_backend_role.py +514 -0
- pulumi_vault/gcp/outputs.py +302 -0
- pulumi_vault/gcp/secret_backend.py +1807 -0
- pulumi_vault/gcp/secret_impersonated_account.py +484 -0
- pulumi_vault/gcp/secret_roleset.py +554 -0
- pulumi_vault/gcp/secret_static_account.py +557 -0
- pulumi_vault/generic/__init__.py +11 -0
- pulumi_vault/generic/endpoint.py +786 -0
- pulumi_vault/generic/get_secret.py +306 -0
- pulumi_vault/generic/secret.py +486 -0
- pulumi_vault/get_auth_backend.py +226 -0
- pulumi_vault/get_auth_backends.py +170 -0
- pulumi_vault/get_namespace.py +226 -0
- pulumi_vault/get_namespaces.py +202 -0
- pulumi_vault/get_nomad_access_token.py +210 -0
- pulumi_vault/get_policy_document.py +160 -0
- pulumi_vault/get_raft_autopilot_state.py +267 -0
- pulumi_vault/github/__init__.py +13 -0
- pulumi_vault/github/_inputs.py +225 -0
- pulumi_vault/github/auth_backend.py +1194 -0
- pulumi_vault/github/outputs.py +174 -0
- pulumi_vault/github/team.py +380 -0
- pulumi_vault/github/user.py +380 -0
- pulumi_vault/identity/__init__.py +35 -0
- pulumi_vault/identity/entity.py +447 -0
- pulumi_vault/identity/entity_alias.py +398 -0
- pulumi_vault/identity/entity_policies.py +455 -0
- pulumi_vault/identity/get_entity.py +384 -0
- pulumi_vault/identity/get_group.py +467 -0
- pulumi_vault/identity/get_oidc_client_creds.py +175 -0
- pulumi_vault/identity/get_oidc_openid_config.py +334 -0
- pulumi_vault/identity/get_oidc_public_keys.py +179 -0
- pulumi_vault/identity/group.py +805 -0
- pulumi_vault/identity/group_alias.py +386 -0
- pulumi_vault/identity/group_member_entity_ids.py +444 -0
- pulumi_vault/identity/group_member_group_ids.py +467 -0
- pulumi_vault/identity/group_policies.py +471 -0
- pulumi_vault/identity/mfa_duo.py +674 -0
- pulumi_vault/identity/mfa_login_enforcement.py +566 -0
- pulumi_vault/identity/mfa_okta.py +626 -0
- pulumi_vault/identity/mfa_pingid.py +616 -0
- pulumi_vault/identity/mfa_totp.py +758 -0
- pulumi_vault/identity/oidc.py +268 -0
- pulumi_vault/identity/oidc_assignment.py +375 -0
- pulumi_vault/identity/oidc_client.py +667 -0
- pulumi_vault/identity/oidc_key.py +474 -0
- pulumi_vault/identity/oidc_key_allowed_client_id.py +298 -0
- pulumi_vault/identity/oidc_provider.py +550 -0
- pulumi_vault/identity/oidc_role.py +543 -0
- pulumi_vault/identity/oidc_scope.py +355 -0
- pulumi_vault/identity/outputs.py +137 -0
- pulumi_vault/jwt/__init__.py +12 -0
- pulumi_vault/jwt/_inputs.py +225 -0
- pulumi_vault/jwt/auth_backend.py +1347 -0
- pulumi_vault/jwt/auth_backend_role.py +1847 -0
- pulumi_vault/jwt/outputs.py +174 -0
- pulumi_vault/kmip/__init__.py +11 -0
- pulumi_vault/kmip/secret_backend.py +1591 -0
- pulumi_vault/kmip/secret_role.py +1194 -0
- pulumi_vault/kmip/secret_scope.py +372 -0
- pulumi_vault/kubernetes/__init__.py +15 -0
- pulumi_vault/kubernetes/auth_backend_config.py +654 -0
- pulumi_vault/kubernetes/auth_backend_role.py +1031 -0
- pulumi_vault/kubernetes/get_auth_backend_config.py +280 -0
- pulumi_vault/kubernetes/get_auth_backend_role.py +470 -0
- pulumi_vault/kubernetes/get_service_account_token.py +344 -0
- pulumi_vault/kubernetes/secret_backend.py +1341 -0
- pulumi_vault/kubernetes/secret_backend_role.py +1140 -0
- pulumi_vault/kv/__init__.py +18 -0
- pulumi_vault/kv/_inputs.py +124 -0
- pulumi_vault/kv/get_secret.py +240 -0
- pulumi_vault/kv/get_secret_subkeys_v2.py +275 -0
- pulumi_vault/kv/get_secret_v2.py +315 -0
- pulumi_vault/kv/get_secrets_list.py +186 -0
- pulumi_vault/kv/get_secrets_list_v2.py +243 -0
- pulumi_vault/kv/outputs.py +102 -0
- pulumi_vault/kv/secret.py +397 -0
- pulumi_vault/kv/secret_backend_v2.py +455 -0
- pulumi_vault/kv/secret_v2.py +970 -0
- pulumi_vault/ldap/__init__.py +19 -0
- pulumi_vault/ldap/_inputs.py +225 -0
- pulumi_vault/ldap/auth_backend.py +2520 -0
- pulumi_vault/ldap/auth_backend_group.py +386 -0
- pulumi_vault/ldap/auth_backend_user.py +439 -0
- pulumi_vault/ldap/get_dynamic_credentials.py +181 -0
- pulumi_vault/ldap/get_static_credentials.py +192 -0
- pulumi_vault/ldap/outputs.py +174 -0
- pulumi_vault/ldap/secret_backend.py +2207 -0
- pulumi_vault/ldap/secret_backend_dynamic_role.py +767 -0
- pulumi_vault/ldap/secret_backend_library_set.py +552 -0
- pulumi_vault/ldap/secret_backend_static_role.py +541 -0
- pulumi_vault/managed/__init__.py +11 -0
- pulumi_vault/managed/_inputs.py +944 -0
- pulumi_vault/managed/keys.py +398 -0
- pulumi_vault/managed/outputs.py +667 -0
- pulumi_vault/mfa_duo.py +589 -0
- pulumi_vault/mfa_okta.py +623 -0
- pulumi_vault/mfa_pingid.py +670 -0
- pulumi_vault/mfa_totp.py +620 -0
- pulumi_vault/mongodbatlas/__init__.py +10 -0
- pulumi_vault/mongodbatlas/secret_backend.py +388 -0
- pulumi_vault/mongodbatlas/secret_role.py +726 -0
- pulumi_vault/mount.py +1262 -0
- pulumi_vault/namespace.py +452 -0
- pulumi_vault/nomad_secret_backend.py +1559 -0
- pulumi_vault/nomad_secret_role.py +489 -0
- pulumi_vault/oci_auth_backend.py +676 -0
- pulumi_vault/oci_auth_backend_role.py +852 -0
- pulumi_vault/okta/__init__.py +13 -0
- pulumi_vault/okta/_inputs.py +320 -0
- pulumi_vault/okta/auth_backend.py +1231 -0
- pulumi_vault/okta/auth_backend_group.py +369 -0
- pulumi_vault/okta/auth_backend_user.py +416 -0
- pulumi_vault/okta/outputs.py +244 -0
- pulumi_vault/outputs.py +502 -0
- pulumi_vault/pkisecret/__init__.py +38 -0
- pulumi_vault/pkisecret/_inputs.py +270 -0
- pulumi_vault/pkisecret/backend_acme_eab.py +550 -0
- pulumi_vault/pkisecret/backend_config_acme.py +690 -0
- pulumi_vault/pkisecret/backend_config_auto_tidy.py +1370 -0
- pulumi_vault/pkisecret/backend_config_cluster.py +370 -0
- pulumi_vault/pkisecret/backend_config_cmpv2.py +693 -0
- pulumi_vault/pkisecret/backend_config_est.py +756 -0
- pulumi_vault/pkisecret/backend_config_scep.py +738 -0
- pulumi_vault/pkisecret/get_backend_cert_metadata.py +277 -0
- pulumi_vault/pkisecret/get_backend_config_cmpv2.py +226 -0
- pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
- pulumi_vault/pkisecret/get_backend_config_scep.py +271 -0
- pulumi_vault/pkisecret/get_backend_issuer.py +395 -0
- pulumi_vault/pkisecret/get_backend_issuers.py +192 -0
- pulumi_vault/pkisecret/get_backend_key.py +211 -0
- pulumi_vault/pkisecret/get_backend_keys.py +192 -0
- pulumi_vault/pkisecret/outputs.py +270 -0
- pulumi_vault/pkisecret/secret_backend_cert.py +1315 -0
- pulumi_vault/pkisecret/secret_backend_config_ca.py +386 -0
- pulumi_vault/pkisecret/secret_backend_config_issuers.py +392 -0
- pulumi_vault/pkisecret/secret_backend_config_urls.py +462 -0
- pulumi_vault/pkisecret/secret_backend_crl_config.py +846 -0
- pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +1629 -0
- pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +444 -0
- pulumi_vault/pkisecret/secret_backend_issuer.py +1089 -0
- pulumi_vault/pkisecret/secret_backend_key.py +613 -0
- pulumi_vault/pkisecret/secret_backend_role.py +2694 -0
- pulumi_vault/pkisecret/secret_backend_root_cert.py +2134 -0
- pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +2031 -0
- pulumi_vault/pkisecret/secret_backend_sign.py +1194 -0
- pulumi_vault/plugin.py +596 -0
- pulumi_vault/plugin_pinned_version.py +299 -0
- pulumi_vault/policy.py +279 -0
- pulumi_vault/provider.py +781 -0
- pulumi_vault/pulumi-plugin.json +5 -0
- pulumi_vault/py.typed +0 -0
- pulumi_vault/quota_lease_count.py +504 -0
- pulumi_vault/quota_rate_limit.py +751 -0
- pulumi_vault/rabbitmq/__init__.py +12 -0
- pulumi_vault/rabbitmq/_inputs.py +235 -0
- pulumi_vault/rabbitmq/outputs.py +144 -0
- pulumi_vault/rabbitmq/secret_backend.py +1437 -0
- pulumi_vault/rabbitmq/secret_backend_role.py +496 -0
- pulumi_vault/raft_autopilot.py +609 -0
- pulumi_vault/raft_snapshot_agent_config.py +1591 -0
- pulumi_vault/rgp_policy.py +349 -0
- pulumi_vault/saml/__init__.py +12 -0
- pulumi_vault/saml/_inputs.py +225 -0
- pulumi_vault/saml/auth_backend.py +811 -0
- pulumi_vault/saml/auth_backend_role.py +1068 -0
- pulumi_vault/saml/outputs.py +174 -0
- pulumi_vault/scep_auth_backend_role.py +908 -0
- pulumi_vault/secrets/__init__.py +18 -0
- pulumi_vault/secrets/_inputs.py +110 -0
- pulumi_vault/secrets/outputs.py +94 -0
- pulumi_vault/secrets/sync_association.py +450 -0
- pulumi_vault/secrets/sync_aws_destination.py +780 -0
- pulumi_vault/secrets/sync_azure_destination.py +736 -0
- pulumi_vault/secrets/sync_config.py +303 -0
- pulumi_vault/secrets/sync_gcp_destination.py +572 -0
- pulumi_vault/secrets/sync_gh_destination.py +688 -0
- pulumi_vault/secrets/sync_github_apps.py +376 -0
- pulumi_vault/secrets/sync_vercel_destination.py +603 -0
- pulumi_vault/ssh/__init__.py +13 -0
- pulumi_vault/ssh/_inputs.py +76 -0
- pulumi_vault/ssh/get_secret_backend_sign.py +294 -0
- pulumi_vault/ssh/outputs.py +51 -0
- pulumi_vault/ssh/secret_backend_ca.py +588 -0
- pulumi_vault/ssh/secret_backend_role.py +1493 -0
- pulumi_vault/terraformcloud/__init__.py +11 -0
- pulumi_vault/terraformcloud/secret_backend.py +1321 -0
- pulumi_vault/terraformcloud/secret_creds.py +445 -0
- pulumi_vault/terraformcloud/secret_role.py +563 -0
- pulumi_vault/token.py +1026 -0
- pulumi_vault/tokenauth/__init__.py +9 -0
- pulumi_vault/tokenauth/auth_backend_role.py +1135 -0
- pulumi_vault/transform/__init__.py +14 -0
- pulumi_vault/transform/alphabet.py +348 -0
- pulumi_vault/transform/get_decode.py +287 -0
- pulumi_vault/transform/get_encode.py +291 -0
- pulumi_vault/transform/role.py +350 -0
- pulumi_vault/transform/template.py +592 -0
- pulumi_vault/transform/transformation.py +608 -0
- pulumi_vault/transit/__init__.py +15 -0
- pulumi_vault/transit/get_cmac.py +256 -0
- pulumi_vault/transit/get_decrypt.py +181 -0
- pulumi_vault/transit/get_encrypt.py +174 -0
- pulumi_vault/transit/get_sign.py +328 -0
- pulumi_vault/transit/get_verify.py +373 -0
- pulumi_vault/transit/secret_backend_key.py +1202 -0
- pulumi_vault/transit/secret_cache_config.py +302 -0
- pulumi_vault-7.6.0a1764657486.dist-info/METADATA +92 -0
- pulumi_vault-7.6.0a1764657486.dist-info/RECORD +274 -0
- pulumi_vault-7.6.0a1764657486.dist-info/WHEEL +5 -0
- pulumi_vault-7.6.0a1764657486.dist-info/top_level.txt +1 -0
|
@@ -0,0 +1,455 @@
|
|
|
1
|
+
# coding=utf-8
|
|
2
|
+
# *** WARNING: this file was generated by pulumi-language-python. ***
|
|
3
|
+
# *** Do not edit by hand unless you're certain you know what you are doing! ***
|
|
4
|
+
|
|
5
|
+
import builtins as _builtins
|
|
6
|
+
import warnings
|
|
7
|
+
import sys
|
|
8
|
+
import pulumi
|
|
9
|
+
import pulumi.runtime
|
|
10
|
+
from typing import Any, Mapping, Optional, Sequence, Union, overload
|
|
11
|
+
if sys.version_info >= (3, 11):
|
|
12
|
+
from typing import NotRequired, TypedDict, TypeAlias
|
|
13
|
+
else:
|
|
14
|
+
from typing_extensions import NotRequired, TypedDict, TypeAlias
|
|
15
|
+
from .. import _utilities
|
|
16
|
+
|
|
17
|
+
__all__ = ['EntityPoliciesArgs', 'EntityPolicies']
|
|
18
|
+
|
|
19
|
+
@pulumi.input_type
|
|
20
|
+
class EntityPoliciesArgs:
|
|
21
|
+
def __init__(__self__, *,
|
|
22
|
+
entity_id: pulumi.Input[_builtins.str],
|
|
23
|
+
policies: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]],
|
|
24
|
+
exclusive: Optional[pulumi.Input[_builtins.bool]] = None,
|
|
25
|
+
namespace: Optional[pulumi.Input[_builtins.str]] = None):
|
|
26
|
+
"""
|
|
27
|
+
The set of arguments for constructing a EntityPolicies resource.
|
|
28
|
+
:param pulumi.Input[_builtins.str] entity_id: Entity ID to assign policies to.
|
|
29
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] policies: List of policies to assign to the entity
|
|
30
|
+
:param pulumi.Input[_builtins.bool] exclusive: Defaults to `true`.
|
|
31
|
+
|
|
32
|
+
If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource.
|
|
33
|
+
|
|
34
|
+
If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed.
|
|
35
|
+
:param pulumi.Input[_builtins.str] namespace: The namespace to provision the resource in.
|
|
36
|
+
The value should not contain leading or trailing forward slashes.
|
|
37
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
|
38
|
+
*Available only for Vault Enterprise*.
|
|
39
|
+
"""
|
|
40
|
+
pulumi.set(__self__, "entity_id", entity_id)
|
|
41
|
+
pulumi.set(__self__, "policies", policies)
|
|
42
|
+
if exclusive is not None:
|
|
43
|
+
pulumi.set(__self__, "exclusive", exclusive)
|
|
44
|
+
if namespace is not None:
|
|
45
|
+
pulumi.set(__self__, "namespace", namespace)
|
|
46
|
+
|
|
47
|
+
@_builtins.property
|
|
48
|
+
@pulumi.getter(name="entityId")
|
|
49
|
+
def entity_id(self) -> pulumi.Input[_builtins.str]:
|
|
50
|
+
"""
|
|
51
|
+
Entity ID to assign policies to.
|
|
52
|
+
"""
|
|
53
|
+
return pulumi.get(self, "entity_id")
|
|
54
|
+
|
|
55
|
+
@entity_id.setter
|
|
56
|
+
def entity_id(self, value: pulumi.Input[_builtins.str]):
|
|
57
|
+
pulumi.set(self, "entity_id", value)
|
|
58
|
+
|
|
59
|
+
@_builtins.property
|
|
60
|
+
@pulumi.getter
|
|
61
|
+
def policies(self) -> pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]:
|
|
62
|
+
"""
|
|
63
|
+
List of policies to assign to the entity
|
|
64
|
+
"""
|
|
65
|
+
return pulumi.get(self, "policies")
|
|
66
|
+
|
|
67
|
+
@policies.setter
|
|
68
|
+
def policies(self, value: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]):
|
|
69
|
+
pulumi.set(self, "policies", value)
|
|
70
|
+
|
|
71
|
+
@_builtins.property
|
|
72
|
+
@pulumi.getter
|
|
73
|
+
def exclusive(self) -> Optional[pulumi.Input[_builtins.bool]]:
|
|
74
|
+
"""
|
|
75
|
+
Defaults to `true`.
|
|
76
|
+
|
|
77
|
+
If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource.
|
|
78
|
+
|
|
79
|
+
If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed.
|
|
80
|
+
"""
|
|
81
|
+
return pulumi.get(self, "exclusive")
|
|
82
|
+
|
|
83
|
+
@exclusive.setter
|
|
84
|
+
def exclusive(self, value: Optional[pulumi.Input[_builtins.bool]]):
|
|
85
|
+
pulumi.set(self, "exclusive", value)
|
|
86
|
+
|
|
87
|
+
@_builtins.property
|
|
88
|
+
@pulumi.getter
|
|
89
|
+
def namespace(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
90
|
+
"""
|
|
91
|
+
The namespace to provision the resource in.
|
|
92
|
+
The value should not contain leading or trailing forward slashes.
|
|
93
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
|
94
|
+
*Available only for Vault Enterprise*.
|
|
95
|
+
"""
|
|
96
|
+
return pulumi.get(self, "namespace")
|
|
97
|
+
|
|
98
|
+
@namespace.setter
|
|
99
|
+
def namespace(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
100
|
+
pulumi.set(self, "namespace", value)
|
|
101
|
+
|
|
102
|
+
|
|
103
|
+
@pulumi.input_type
|
|
104
|
+
class _EntityPoliciesState:
|
|
105
|
+
def __init__(__self__, *,
|
|
106
|
+
entity_id: Optional[pulumi.Input[_builtins.str]] = None,
|
|
107
|
+
entity_name: Optional[pulumi.Input[_builtins.str]] = None,
|
|
108
|
+
exclusive: Optional[pulumi.Input[_builtins.bool]] = None,
|
|
109
|
+
namespace: Optional[pulumi.Input[_builtins.str]] = None,
|
|
110
|
+
policies: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None):
|
|
111
|
+
"""
|
|
112
|
+
Input properties used for looking up and filtering EntityPolicies resources.
|
|
113
|
+
:param pulumi.Input[_builtins.str] entity_id: Entity ID to assign policies to.
|
|
114
|
+
:param pulumi.Input[_builtins.str] entity_name: The name of the entity that are assigned the policies.
|
|
115
|
+
:param pulumi.Input[_builtins.bool] exclusive: Defaults to `true`.
|
|
116
|
+
|
|
117
|
+
If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource.
|
|
118
|
+
|
|
119
|
+
If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed.
|
|
120
|
+
:param pulumi.Input[_builtins.str] namespace: The namespace to provision the resource in.
|
|
121
|
+
The value should not contain leading or trailing forward slashes.
|
|
122
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
|
123
|
+
*Available only for Vault Enterprise*.
|
|
124
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] policies: List of policies to assign to the entity
|
|
125
|
+
"""
|
|
126
|
+
if entity_id is not None:
|
|
127
|
+
pulumi.set(__self__, "entity_id", entity_id)
|
|
128
|
+
if entity_name is not None:
|
|
129
|
+
pulumi.set(__self__, "entity_name", entity_name)
|
|
130
|
+
if exclusive is not None:
|
|
131
|
+
pulumi.set(__self__, "exclusive", exclusive)
|
|
132
|
+
if namespace is not None:
|
|
133
|
+
pulumi.set(__self__, "namespace", namespace)
|
|
134
|
+
if policies is not None:
|
|
135
|
+
pulumi.set(__self__, "policies", policies)
|
|
136
|
+
|
|
137
|
+
@_builtins.property
|
|
138
|
+
@pulumi.getter(name="entityId")
|
|
139
|
+
def entity_id(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
140
|
+
"""
|
|
141
|
+
Entity ID to assign policies to.
|
|
142
|
+
"""
|
|
143
|
+
return pulumi.get(self, "entity_id")
|
|
144
|
+
|
|
145
|
+
@entity_id.setter
|
|
146
|
+
def entity_id(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
147
|
+
pulumi.set(self, "entity_id", value)
|
|
148
|
+
|
|
149
|
+
@_builtins.property
|
|
150
|
+
@pulumi.getter(name="entityName")
|
|
151
|
+
def entity_name(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
152
|
+
"""
|
|
153
|
+
The name of the entity that are assigned the policies.
|
|
154
|
+
"""
|
|
155
|
+
return pulumi.get(self, "entity_name")
|
|
156
|
+
|
|
157
|
+
@entity_name.setter
|
|
158
|
+
def entity_name(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
159
|
+
pulumi.set(self, "entity_name", value)
|
|
160
|
+
|
|
161
|
+
@_builtins.property
|
|
162
|
+
@pulumi.getter
|
|
163
|
+
def exclusive(self) -> Optional[pulumi.Input[_builtins.bool]]:
|
|
164
|
+
"""
|
|
165
|
+
Defaults to `true`.
|
|
166
|
+
|
|
167
|
+
If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource.
|
|
168
|
+
|
|
169
|
+
If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed.
|
|
170
|
+
"""
|
|
171
|
+
return pulumi.get(self, "exclusive")
|
|
172
|
+
|
|
173
|
+
@exclusive.setter
|
|
174
|
+
def exclusive(self, value: Optional[pulumi.Input[_builtins.bool]]):
|
|
175
|
+
pulumi.set(self, "exclusive", value)
|
|
176
|
+
|
|
177
|
+
@_builtins.property
|
|
178
|
+
@pulumi.getter
|
|
179
|
+
def namespace(self) -> Optional[pulumi.Input[_builtins.str]]:
|
|
180
|
+
"""
|
|
181
|
+
The namespace to provision the resource in.
|
|
182
|
+
The value should not contain leading or trailing forward slashes.
|
|
183
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
|
184
|
+
*Available only for Vault Enterprise*.
|
|
185
|
+
"""
|
|
186
|
+
return pulumi.get(self, "namespace")
|
|
187
|
+
|
|
188
|
+
@namespace.setter
|
|
189
|
+
def namespace(self, value: Optional[pulumi.Input[_builtins.str]]):
|
|
190
|
+
pulumi.set(self, "namespace", value)
|
|
191
|
+
|
|
192
|
+
@_builtins.property
|
|
193
|
+
@pulumi.getter
|
|
194
|
+
def policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
|
|
195
|
+
"""
|
|
196
|
+
List of policies to assign to the entity
|
|
197
|
+
"""
|
|
198
|
+
return pulumi.get(self, "policies")
|
|
199
|
+
|
|
200
|
+
@policies.setter
|
|
201
|
+
def policies(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
|
|
202
|
+
pulumi.set(self, "policies", value)
|
|
203
|
+
|
|
204
|
+
|
|
205
|
+
@pulumi.type_token("vault:identity/entityPolicies:EntityPolicies")
|
|
206
|
+
class EntityPolicies(pulumi.CustomResource):
|
|
207
|
+
@overload
|
|
208
|
+
def __init__(__self__,
|
|
209
|
+
resource_name: str,
|
|
210
|
+
opts: Optional[pulumi.ResourceOptions] = None,
|
|
211
|
+
entity_id: Optional[pulumi.Input[_builtins.str]] = None,
|
|
212
|
+
exclusive: Optional[pulumi.Input[_builtins.bool]] = None,
|
|
213
|
+
namespace: Optional[pulumi.Input[_builtins.str]] = None,
|
|
214
|
+
policies: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
215
|
+
__props__=None):
|
|
216
|
+
"""
|
|
217
|
+
Manages policies for an Identity Entity for Vault. The [Identity secrets engine](https://www.vaultproject.io/docs/secrets/identity/index.html) is the identity management solution for Vault.
|
|
218
|
+
|
|
219
|
+
## Example Usage
|
|
220
|
+
|
|
221
|
+
### Exclusive Policies
|
|
222
|
+
|
|
223
|
+
```python
|
|
224
|
+
import pulumi
|
|
225
|
+
import pulumi_vault as vault
|
|
226
|
+
|
|
227
|
+
entity = vault.identity.Entity("entity",
|
|
228
|
+
name="entity",
|
|
229
|
+
external_policies=True)
|
|
230
|
+
policies = vault.identity.EntityPolicies("policies",
|
|
231
|
+
policies=[
|
|
232
|
+
"default",
|
|
233
|
+
"test",
|
|
234
|
+
],
|
|
235
|
+
exclusive=True,
|
|
236
|
+
entity_id=entity.id)
|
|
237
|
+
```
|
|
238
|
+
|
|
239
|
+
### Non-exclusive Policies
|
|
240
|
+
|
|
241
|
+
```python
|
|
242
|
+
import pulumi
|
|
243
|
+
import pulumi_vault as vault
|
|
244
|
+
|
|
245
|
+
entity = vault.identity.Entity("entity",
|
|
246
|
+
name="entity",
|
|
247
|
+
external_policies=True)
|
|
248
|
+
default = vault.identity.EntityPolicies("default",
|
|
249
|
+
policies=[
|
|
250
|
+
"default",
|
|
251
|
+
"test",
|
|
252
|
+
],
|
|
253
|
+
exclusive=False,
|
|
254
|
+
entity_id=entity.id)
|
|
255
|
+
others = vault.identity.EntityPolicies("others",
|
|
256
|
+
policies=["others"],
|
|
257
|
+
exclusive=False,
|
|
258
|
+
entity_id=entity.id)
|
|
259
|
+
```
|
|
260
|
+
|
|
261
|
+
:param str resource_name: The name of the resource.
|
|
262
|
+
:param pulumi.ResourceOptions opts: Options for the resource.
|
|
263
|
+
:param pulumi.Input[_builtins.str] entity_id: Entity ID to assign policies to.
|
|
264
|
+
:param pulumi.Input[_builtins.bool] exclusive: Defaults to `true`.
|
|
265
|
+
|
|
266
|
+
If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource.
|
|
267
|
+
|
|
268
|
+
If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed.
|
|
269
|
+
:param pulumi.Input[_builtins.str] namespace: The namespace to provision the resource in.
|
|
270
|
+
The value should not contain leading or trailing forward slashes.
|
|
271
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
|
272
|
+
*Available only for Vault Enterprise*.
|
|
273
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] policies: List of policies to assign to the entity
|
|
274
|
+
"""
|
|
275
|
+
...
|
|
276
|
+
@overload
|
|
277
|
+
def __init__(__self__,
|
|
278
|
+
resource_name: str,
|
|
279
|
+
args: EntityPoliciesArgs,
|
|
280
|
+
opts: Optional[pulumi.ResourceOptions] = None):
|
|
281
|
+
"""
|
|
282
|
+
Manages policies for an Identity Entity for Vault. The [Identity secrets engine](https://www.vaultproject.io/docs/secrets/identity/index.html) is the identity management solution for Vault.
|
|
283
|
+
|
|
284
|
+
## Example Usage
|
|
285
|
+
|
|
286
|
+
### Exclusive Policies
|
|
287
|
+
|
|
288
|
+
```python
|
|
289
|
+
import pulumi
|
|
290
|
+
import pulumi_vault as vault
|
|
291
|
+
|
|
292
|
+
entity = vault.identity.Entity("entity",
|
|
293
|
+
name="entity",
|
|
294
|
+
external_policies=True)
|
|
295
|
+
policies = vault.identity.EntityPolicies("policies",
|
|
296
|
+
policies=[
|
|
297
|
+
"default",
|
|
298
|
+
"test",
|
|
299
|
+
],
|
|
300
|
+
exclusive=True,
|
|
301
|
+
entity_id=entity.id)
|
|
302
|
+
```
|
|
303
|
+
|
|
304
|
+
### Non-exclusive Policies
|
|
305
|
+
|
|
306
|
+
```python
|
|
307
|
+
import pulumi
|
|
308
|
+
import pulumi_vault as vault
|
|
309
|
+
|
|
310
|
+
entity = vault.identity.Entity("entity",
|
|
311
|
+
name="entity",
|
|
312
|
+
external_policies=True)
|
|
313
|
+
default = vault.identity.EntityPolicies("default",
|
|
314
|
+
policies=[
|
|
315
|
+
"default",
|
|
316
|
+
"test",
|
|
317
|
+
],
|
|
318
|
+
exclusive=False,
|
|
319
|
+
entity_id=entity.id)
|
|
320
|
+
others = vault.identity.EntityPolicies("others",
|
|
321
|
+
policies=["others"],
|
|
322
|
+
exclusive=False,
|
|
323
|
+
entity_id=entity.id)
|
|
324
|
+
```
|
|
325
|
+
|
|
326
|
+
:param str resource_name: The name of the resource.
|
|
327
|
+
:param EntityPoliciesArgs args: The arguments to use to populate this resource's properties.
|
|
328
|
+
:param pulumi.ResourceOptions opts: Options for the resource.
|
|
329
|
+
"""
|
|
330
|
+
...
|
|
331
|
+
def __init__(__self__, resource_name: str, *args, **kwargs):
|
|
332
|
+
resource_args, opts = _utilities.get_resource_args_opts(EntityPoliciesArgs, pulumi.ResourceOptions, *args, **kwargs)
|
|
333
|
+
if resource_args is not None:
|
|
334
|
+
__self__._internal_init(resource_name, opts, **resource_args.__dict__)
|
|
335
|
+
else:
|
|
336
|
+
__self__._internal_init(resource_name, *args, **kwargs)
|
|
337
|
+
|
|
338
|
+
def _internal_init(__self__,
|
|
339
|
+
resource_name: str,
|
|
340
|
+
opts: Optional[pulumi.ResourceOptions] = None,
|
|
341
|
+
entity_id: Optional[pulumi.Input[_builtins.str]] = None,
|
|
342
|
+
exclusive: Optional[pulumi.Input[_builtins.bool]] = None,
|
|
343
|
+
namespace: Optional[pulumi.Input[_builtins.str]] = None,
|
|
344
|
+
policies: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
|
|
345
|
+
__props__=None):
|
|
346
|
+
opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
|
|
347
|
+
if not isinstance(opts, pulumi.ResourceOptions):
|
|
348
|
+
raise TypeError('Expected resource options to be a ResourceOptions instance')
|
|
349
|
+
if opts.id is None:
|
|
350
|
+
if __props__ is not None:
|
|
351
|
+
raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource')
|
|
352
|
+
__props__ = EntityPoliciesArgs.__new__(EntityPoliciesArgs)
|
|
353
|
+
|
|
354
|
+
if entity_id is None and not opts.urn:
|
|
355
|
+
raise TypeError("Missing required property 'entity_id'")
|
|
356
|
+
__props__.__dict__["entity_id"] = entity_id
|
|
357
|
+
__props__.__dict__["exclusive"] = exclusive
|
|
358
|
+
__props__.__dict__["namespace"] = namespace
|
|
359
|
+
if policies is None and not opts.urn:
|
|
360
|
+
raise TypeError("Missing required property 'policies'")
|
|
361
|
+
__props__.__dict__["policies"] = policies
|
|
362
|
+
__props__.__dict__["entity_name"] = None
|
|
363
|
+
super(EntityPolicies, __self__).__init__(
|
|
364
|
+
'vault:identity/entityPolicies:EntityPolicies',
|
|
365
|
+
resource_name,
|
|
366
|
+
__props__,
|
|
367
|
+
opts)
|
|
368
|
+
|
|
369
|
+
@staticmethod
|
|
370
|
+
def get(resource_name: str,
|
|
371
|
+
id: pulumi.Input[str],
|
|
372
|
+
opts: Optional[pulumi.ResourceOptions] = None,
|
|
373
|
+
entity_id: Optional[pulumi.Input[_builtins.str]] = None,
|
|
374
|
+
entity_name: Optional[pulumi.Input[_builtins.str]] = None,
|
|
375
|
+
exclusive: Optional[pulumi.Input[_builtins.bool]] = None,
|
|
376
|
+
namespace: Optional[pulumi.Input[_builtins.str]] = None,
|
|
377
|
+
policies: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None) -> 'EntityPolicies':
|
|
378
|
+
"""
|
|
379
|
+
Get an existing EntityPolicies resource's state with the given name, id, and optional extra
|
|
380
|
+
properties used to qualify the lookup.
|
|
381
|
+
|
|
382
|
+
:param str resource_name: The unique name of the resulting resource.
|
|
383
|
+
:param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
|
|
384
|
+
:param pulumi.ResourceOptions opts: Options for the resource.
|
|
385
|
+
:param pulumi.Input[_builtins.str] entity_id: Entity ID to assign policies to.
|
|
386
|
+
:param pulumi.Input[_builtins.str] entity_name: The name of the entity that are assigned the policies.
|
|
387
|
+
:param pulumi.Input[_builtins.bool] exclusive: Defaults to `true`.
|
|
388
|
+
|
|
389
|
+
If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource.
|
|
390
|
+
|
|
391
|
+
If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed.
|
|
392
|
+
:param pulumi.Input[_builtins.str] namespace: The namespace to provision the resource in.
|
|
393
|
+
The value should not contain leading or trailing forward slashes.
|
|
394
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
|
395
|
+
*Available only for Vault Enterprise*.
|
|
396
|
+
:param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] policies: List of policies to assign to the entity
|
|
397
|
+
"""
|
|
398
|
+
opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
|
|
399
|
+
|
|
400
|
+
__props__ = _EntityPoliciesState.__new__(_EntityPoliciesState)
|
|
401
|
+
|
|
402
|
+
__props__.__dict__["entity_id"] = entity_id
|
|
403
|
+
__props__.__dict__["entity_name"] = entity_name
|
|
404
|
+
__props__.__dict__["exclusive"] = exclusive
|
|
405
|
+
__props__.__dict__["namespace"] = namespace
|
|
406
|
+
__props__.__dict__["policies"] = policies
|
|
407
|
+
return EntityPolicies(resource_name, opts=opts, __props__=__props__)
|
|
408
|
+
|
|
409
|
+
@_builtins.property
|
|
410
|
+
@pulumi.getter(name="entityId")
|
|
411
|
+
def entity_id(self) -> pulumi.Output[_builtins.str]:
|
|
412
|
+
"""
|
|
413
|
+
Entity ID to assign policies to.
|
|
414
|
+
"""
|
|
415
|
+
return pulumi.get(self, "entity_id")
|
|
416
|
+
|
|
417
|
+
@_builtins.property
|
|
418
|
+
@pulumi.getter(name="entityName")
|
|
419
|
+
def entity_name(self) -> pulumi.Output[_builtins.str]:
|
|
420
|
+
"""
|
|
421
|
+
The name of the entity that are assigned the policies.
|
|
422
|
+
"""
|
|
423
|
+
return pulumi.get(self, "entity_name")
|
|
424
|
+
|
|
425
|
+
@_builtins.property
|
|
426
|
+
@pulumi.getter
|
|
427
|
+
def exclusive(self) -> pulumi.Output[Optional[_builtins.bool]]:
|
|
428
|
+
"""
|
|
429
|
+
Defaults to `true`.
|
|
430
|
+
|
|
431
|
+
If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource.
|
|
432
|
+
|
|
433
|
+
If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed.
|
|
434
|
+
"""
|
|
435
|
+
return pulumi.get(self, "exclusive")
|
|
436
|
+
|
|
437
|
+
@_builtins.property
|
|
438
|
+
@pulumi.getter
|
|
439
|
+
def namespace(self) -> pulumi.Output[Optional[_builtins.str]]:
|
|
440
|
+
"""
|
|
441
|
+
The namespace to provision the resource in.
|
|
442
|
+
The value should not contain leading or trailing forward slashes.
|
|
443
|
+
The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
|
|
444
|
+
*Available only for Vault Enterprise*.
|
|
445
|
+
"""
|
|
446
|
+
return pulumi.get(self, "namespace")
|
|
447
|
+
|
|
448
|
+
@_builtins.property
|
|
449
|
+
@pulumi.getter
|
|
450
|
+
def policies(self) -> pulumi.Output[Sequence[_builtins.str]]:
|
|
451
|
+
"""
|
|
452
|
+
List of policies to assign to the entity
|
|
453
|
+
"""
|
|
454
|
+
return pulumi.get(self, "policies")
|
|
455
|
+
|