pulumi-venafi 1.11.0a1743490033__py3-none-any.whl → 1.11.0a1744267226__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of pulumi-venafi might be problematic. Click here for more details.
- pulumi_venafi/__init__.py +1 -0
- pulumi_venafi/certificate.py +364 -363
- pulumi_venafi/cloud_keystore_installation.py +71 -70
- pulumi_venafi/config/__init__.py +1 -0
- pulumi_venafi/config/__init__.pyi +1 -0
- pulumi_venafi/config/vars.py +1 -0
- pulumi_venafi/get_cloud_keystore.py +14 -13
- pulumi_venafi/get_cloud_provider.py +11 -10
- pulumi_venafi/policy.py +29 -28
- pulumi_venafi/provider.py +109 -108
- pulumi_venafi/pulumi-plugin.json +1 -1
- pulumi_venafi/ssh_certificate.py +281 -280
- pulumi_venafi/ssh_config.py +29 -28
- {pulumi_venafi-1.11.0a1743490033.dist-info → pulumi_venafi-1.11.0a1744267226.dist-info}/METADATA +1 -1
- pulumi_venafi-1.11.0a1744267226.dist-info/RECORD +19 -0
- pulumi_venafi-1.11.0a1743490033.dist-info/RECORD +0 -19
- {pulumi_venafi-1.11.0a1743490033.dist-info → pulumi_venafi-1.11.0a1744267226.dist-info}/WHEEL +0 -0
- {pulumi_venafi-1.11.0a1743490033.dist-info → pulumi_venafi-1.11.0a1744267226.dist-info}/top_level.txt +0 -0
pulumi_venafi/ssh_certificate.py
CHANGED
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
|
|
3
3
|
# *** Do not edit by hand unless you're certain you know what you are doing! ***
|
|
4
4
|
|
|
5
|
+
import builtins
|
|
5
6
|
import copy
|
|
6
7
|
import warnings
|
|
7
8
|
import sys
|
|
@@ -19,48 +20,48 @@ __all__ = ['SshCertificateArgs', 'SshCertificate']
|
|
|
19
20
|
@pulumi.input_type
|
|
20
21
|
class SshCertificateArgs:
|
|
21
22
|
def __init__(__self__, *,
|
|
22
|
-
key_id: pulumi.Input[str],
|
|
23
|
-
template: pulumi.Input[str],
|
|
24
|
-
destination_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
25
|
-
extensions: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
26
|
-
folder: Optional[pulumi.Input[str]] = None,
|
|
27
|
-
force_command: Optional[pulumi.Input[str]] = None,
|
|
28
|
-
key_passphrase: Optional[pulumi.Input[str]] = None,
|
|
29
|
-
key_size: Optional[pulumi.Input[int]] = None,
|
|
30
|
-
object_name: Optional[pulumi.Input[str]] = None,
|
|
31
|
-
principal: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
32
|
-
principals: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
33
|
-
public_key: Optional[pulumi.Input[str]] = None,
|
|
34
|
-
public_key_method: Optional[pulumi.Input[str]] = None,
|
|
35
|
-
source_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
36
|
-
valid_hours: Optional[pulumi.Input[int]] = None,
|
|
37
|
-
windows: Optional[pulumi.Input[bool]] = None):
|
|
23
|
+
key_id: pulumi.Input[builtins.str],
|
|
24
|
+
template: pulumi.Input[builtins.str],
|
|
25
|
+
destination_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
|
26
|
+
extensions: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
|
27
|
+
folder: Optional[pulumi.Input[builtins.str]] = None,
|
|
28
|
+
force_command: Optional[pulumi.Input[builtins.str]] = None,
|
|
29
|
+
key_passphrase: Optional[pulumi.Input[builtins.str]] = None,
|
|
30
|
+
key_size: Optional[pulumi.Input[builtins.int]] = None,
|
|
31
|
+
object_name: Optional[pulumi.Input[builtins.str]] = None,
|
|
32
|
+
principal: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
|
33
|
+
principals: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
|
34
|
+
public_key: Optional[pulumi.Input[builtins.str]] = None,
|
|
35
|
+
public_key_method: Optional[pulumi.Input[builtins.str]] = None,
|
|
36
|
+
source_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
|
37
|
+
valid_hours: Optional[pulumi.Input[builtins.int]] = None,
|
|
38
|
+
windows: Optional[pulumi.Input[builtins.bool]] = None):
|
|
38
39
|
"""
|
|
39
40
|
The set of arguments for constructing a SshCertificate resource.
|
|
40
|
-
:param pulumi.Input[str] key_id: The identifier of the requested SSH certificate.
|
|
41
|
-
:param pulumi.Input[str] template: The SSH certificate issuing template.
|
|
42
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] destination_addresses: A list of one or more valid IP or CIDR destination hosts where the
|
|
41
|
+
:param pulumi.Input[builtins.str] key_id: The identifier of the requested SSH certificate.
|
|
42
|
+
:param pulumi.Input[builtins.str] template: The SSH certificate issuing template.
|
|
43
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] destination_addresses: A list of one or more valid IP or CIDR destination hosts where the
|
|
43
44
|
certificate will authenticate.
|
|
44
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] extensions: A list of key-value pairs that contain certificate extensions from the CA
|
|
45
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] extensions: A list of key-value pairs that contain certificate extensions from the CA
|
|
45
46
|
template for client certificates. Allowed values (case-sensitive): `permit-X11-forwarding`, `permit-agent-forwarding`,
|
|
46
47
|
`permit-port-forwarding`, `permit-pty`, `permit-user-rc`.
|
|
47
|
-
:param pulumi.Input[str] folder: The DN of the policy folder where the SSH certificate object will be created.
|
|
48
|
-
:param pulumi.Input[str] force_command: A command to run after successful login.
|
|
49
|
-
:param pulumi.Input[str] key_passphrase: Passphrase for encrypting the private key.
|
|
50
|
-
:param pulumi.Input[int] key_size: Number of bits to use when creating a key pair. (e.g. `3072`).
|
|
51
|
-
:param pulumi.Input[str] object_name: The friendly name of the SSH certificate object. When not specified the `key_id`
|
|
48
|
+
:param pulumi.Input[builtins.str] folder: The DN of the policy folder where the SSH certificate object will be created.
|
|
49
|
+
:param pulumi.Input[builtins.str] force_command: A command to run after successful login.
|
|
50
|
+
:param pulumi.Input[builtins.str] key_passphrase: Passphrase for encrypting the private key.
|
|
51
|
+
:param pulumi.Input[builtins.int] key_size: Number of bits to use when creating a key pair. (e.g. `3072`).
|
|
52
|
+
:param pulumi.Input[builtins.str] object_name: The friendly name of the SSH certificate object. When not specified the `key_id`
|
|
52
53
|
is used for the friendly name. If the object already exists the old certificate is archived and the CA issues a new
|
|
53
54
|
certificate.
|
|
54
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] principal: [DEPRECATED] - (Optional, set of strings) Use "principals" instead. A list of usernames for whom the
|
|
55
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] principal: [DEPRECATED] - (Optional, set of strings) Use "principals" instead. A list of usernames for whom the
|
|
55
56
|
requested certificate will be valid.
|
|
56
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] principals: A list of usernames for whom the requested certificate will be valid.
|
|
57
|
-
:param pulumi.Input[str] public_key: The OpenSSH formatted public key that will be used to generate the SSH certificate.
|
|
58
|
-
:param pulumi.Input[str] public_key_method: Specifies whether the public key will be `local` (default), `file` or
|
|
57
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] principals: A list of usernames for whom the requested certificate will be valid.
|
|
58
|
+
:param pulumi.Input[builtins.str] public_key: The OpenSSH formatted public key that will be used to generate the SSH certificate.
|
|
59
|
+
:param pulumi.Input[builtins.str] public_key_method: Specifies whether the public key will be `local` (default), `file` or
|
|
59
60
|
`service` generated.
|
|
60
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] source_addresses: A list of one or more valid IP or CIDR addresses that can use the SSH
|
|
61
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] source_addresses: A list of one or more valid IP or CIDR addresses that can use the SSH
|
|
61
62
|
certificate.
|
|
62
|
-
:param pulumi.Input[int] valid_hours: Desired number of hours for which the certificate will be valid.
|
|
63
|
-
:param pulumi.Input[bool] windows: Specifies whether the private key will use Windows/DOS style line breaks.
|
|
63
|
+
:param pulumi.Input[builtins.int] valid_hours: Desired number of hours for which the certificate will be valid.
|
|
64
|
+
:param pulumi.Input[builtins.bool] windows: Specifies whether the private key will use Windows/DOS style line breaks.
|
|
64
65
|
"""
|
|
65
66
|
pulumi.set(__self__, "key_id", key_id)
|
|
66
67
|
pulumi.set(__self__, "template", template)
|
|
@@ -98,31 +99,31 @@ class SshCertificateArgs:
|
|
|
98
99
|
|
|
99
100
|
@property
|
|
100
101
|
@pulumi.getter(name="keyId")
|
|
101
|
-
def key_id(self) -> pulumi.Input[str]:
|
|
102
|
+
def key_id(self) -> pulumi.Input[builtins.str]:
|
|
102
103
|
"""
|
|
103
104
|
The identifier of the requested SSH certificate.
|
|
104
105
|
"""
|
|
105
106
|
return pulumi.get(self, "key_id")
|
|
106
107
|
|
|
107
108
|
@key_id.setter
|
|
108
|
-
def key_id(self, value: pulumi.Input[str]):
|
|
109
|
+
def key_id(self, value: pulumi.Input[builtins.str]):
|
|
109
110
|
pulumi.set(self, "key_id", value)
|
|
110
111
|
|
|
111
112
|
@property
|
|
112
113
|
@pulumi.getter
|
|
113
|
-
def template(self) -> pulumi.Input[str]:
|
|
114
|
+
def template(self) -> pulumi.Input[builtins.str]:
|
|
114
115
|
"""
|
|
115
116
|
The SSH certificate issuing template.
|
|
116
117
|
"""
|
|
117
118
|
return pulumi.get(self, "template")
|
|
118
119
|
|
|
119
120
|
@template.setter
|
|
120
|
-
def template(self, value: pulumi.Input[str]):
|
|
121
|
+
def template(self, value: pulumi.Input[builtins.str]):
|
|
121
122
|
pulumi.set(self, "template", value)
|
|
122
123
|
|
|
123
124
|
@property
|
|
124
125
|
@pulumi.getter(name="destinationAddresses")
|
|
125
|
-
def destination_addresses(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
|
126
|
+
def destination_addresses(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
|
126
127
|
"""
|
|
127
128
|
A list of one or more valid IP or CIDR destination hosts where the
|
|
128
129
|
certificate will authenticate.
|
|
@@ -130,12 +131,12 @@ class SshCertificateArgs:
|
|
|
130
131
|
return pulumi.get(self, "destination_addresses")
|
|
131
132
|
|
|
132
133
|
@destination_addresses.setter
|
|
133
|
-
def destination_addresses(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
|
134
|
+
def destination_addresses(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
|
134
135
|
pulumi.set(self, "destination_addresses", value)
|
|
135
136
|
|
|
136
137
|
@property
|
|
137
138
|
@pulumi.getter
|
|
138
|
-
def extensions(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
|
139
|
+
def extensions(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
|
139
140
|
"""
|
|
140
141
|
A list of key-value pairs that contain certificate extensions from the CA
|
|
141
142
|
template for client certificates. Allowed values (case-sensitive): `permit-X11-forwarding`, `permit-agent-forwarding`,
|
|
@@ -144,60 +145,60 @@ class SshCertificateArgs:
|
|
|
144
145
|
return pulumi.get(self, "extensions")
|
|
145
146
|
|
|
146
147
|
@extensions.setter
|
|
147
|
-
def extensions(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
|
148
|
+
def extensions(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
|
148
149
|
pulumi.set(self, "extensions", value)
|
|
149
150
|
|
|
150
151
|
@property
|
|
151
152
|
@pulumi.getter
|
|
152
|
-
def folder(self) -> Optional[pulumi.Input[str]]:
|
|
153
|
+
def folder(self) -> Optional[pulumi.Input[builtins.str]]:
|
|
153
154
|
"""
|
|
154
155
|
The DN of the policy folder where the SSH certificate object will be created.
|
|
155
156
|
"""
|
|
156
157
|
return pulumi.get(self, "folder")
|
|
157
158
|
|
|
158
159
|
@folder.setter
|
|
159
|
-
def folder(self, value: Optional[pulumi.Input[str]]):
|
|
160
|
+
def folder(self, value: Optional[pulumi.Input[builtins.str]]):
|
|
160
161
|
pulumi.set(self, "folder", value)
|
|
161
162
|
|
|
162
163
|
@property
|
|
163
164
|
@pulumi.getter(name="forceCommand")
|
|
164
|
-
def force_command(self) -> Optional[pulumi.Input[str]]:
|
|
165
|
+
def force_command(self) -> Optional[pulumi.Input[builtins.str]]:
|
|
165
166
|
"""
|
|
166
167
|
A command to run after successful login.
|
|
167
168
|
"""
|
|
168
169
|
return pulumi.get(self, "force_command")
|
|
169
170
|
|
|
170
171
|
@force_command.setter
|
|
171
|
-
def force_command(self, value: Optional[pulumi.Input[str]]):
|
|
172
|
+
def force_command(self, value: Optional[pulumi.Input[builtins.str]]):
|
|
172
173
|
pulumi.set(self, "force_command", value)
|
|
173
174
|
|
|
174
175
|
@property
|
|
175
176
|
@pulumi.getter(name="keyPassphrase")
|
|
176
|
-
def key_passphrase(self) -> Optional[pulumi.Input[str]]:
|
|
177
|
+
def key_passphrase(self) -> Optional[pulumi.Input[builtins.str]]:
|
|
177
178
|
"""
|
|
178
179
|
Passphrase for encrypting the private key.
|
|
179
180
|
"""
|
|
180
181
|
return pulumi.get(self, "key_passphrase")
|
|
181
182
|
|
|
182
183
|
@key_passphrase.setter
|
|
183
|
-
def key_passphrase(self, value: Optional[pulumi.Input[str]]):
|
|
184
|
+
def key_passphrase(self, value: Optional[pulumi.Input[builtins.str]]):
|
|
184
185
|
pulumi.set(self, "key_passphrase", value)
|
|
185
186
|
|
|
186
187
|
@property
|
|
187
188
|
@pulumi.getter(name="keySize")
|
|
188
|
-
def key_size(self) -> Optional[pulumi.Input[int]]:
|
|
189
|
+
def key_size(self) -> Optional[pulumi.Input[builtins.int]]:
|
|
189
190
|
"""
|
|
190
191
|
Number of bits to use when creating a key pair. (e.g. `3072`).
|
|
191
192
|
"""
|
|
192
193
|
return pulumi.get(self, "key_size")
|
|
193
194
|
|
|
194
195
|
@key_size.setter
|
|
195
|
-
def key_size(self, value: Optional[pulumi.Input[int]]):
|
|
196
|
+
def key_size(self, value: Optional[pulumi.Input[builtins.int]]):
|
|
196
197
|
pulumi.set(self, "key_size", value)
|
|
197
198
|
|
|
198
199
|
@property
|
|
199
200
|
@pulumi.getter(name="objectName")
|
|
200
|
-
def object_name(self) -> Optional[pulumi.Input[str]]:
|
|
201
|
+
def object_name(self) -> Optional[pulumi.Input[builtins.str]]:
|
|
201
202
|
"""
|
|
202
203
|
The friendly name of the SSH certificate object. When not specified the `key_id`
|
|
203
204
|
is used for the friendly name. If the object already exists the old certificate is archived and the CA issues a new
|
|
@@ -206,13 +207,13 @@ class SshCertificateArgs:
|
|
|
206
207
|
return pulumi.get(self, "object_name")
|
|
207
208
|
|
|
208
209
|
@object_name.setter
|
|
209
|
-
def object_name(self, value: Optional[pulumi.Input[str]]):
|
|
210
|
+
def object_name(self, value: Optional[pulumi.Input[builtins.str]]):
|
|
210
211
|
pulumi.set(self, "object_name", value)
|
|
211
212
|
|
|
212
213
|
@property
|
|
213
214
|
@pulumi.getter
|
|
214
215
|
@_utilities.deprecated("""This will be removed in the future. Use \"principals\" instead""")
|
|
215
|
-
def principal(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
|
216
|
+
def principal(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
|
216
217
|
"""
|
|
217
218
|
[DEPRECATED] - (Optional, set of strings) Use "principals" instead. A list of usernames for whom the
|
|
218
219
|
requested certificate will be valid.
|
|
@@ -220,36 +221,36 @@ class SshCertificateArgs:
|
|
|
220
221
|
return pulumi.get(self, "principal")
|
|
221
222
|
|
|
222
223
|
@principal.setter
|
|
223
|
-
def principal(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
|
224
|
+
def principal(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
|
224
225
|
pulumi.set(self, "principal", value)
|
|
225
226
|
|
|
226
227
|
@property
|
|
227
228
|
@pulumi.getter
|
|
228
|
-
def principals(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
|
229
|
+
def principals(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
|
229
230
|
"""
|
|
230
231
|
A list of usernames for whom the requested certificate will be valid.
|
|
231
232
|
"""
|
|
232
233
|
return pulumi.get(self, "principals")
|
|
233
234
|
|
|
234
235
|
@principals.setter
|
|
235
|
-
def principals(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
|
236
|
+
def principals(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
|
236
237
|
pulumi.set(self, "principals", value)
|
|
237
238
|
|
|
238
239
|
@property
|
|
239
240
|
@pulumi.getter(name="publicKey")
|
|
240
|
-
def public_key(self) -> Optional[pulumi.Input[str]]:
|
|
241
|
+
def public_key(self) -> Optional[pulumi.Input[builtins.str]]:
|
|
241
242
|
"""
|
|
242
243
|
The OpenSSH formatted public key that will be used to generate the SSH certificate.
|
|
243
244
|
"""
|
|
244
245
|
return pulumi.get(self, "public_key")
|
|
245
246
|
|
|
246
247
|
@public_key.setter
|
|
247
|
-
def public_key(self, value: Optional[pulumi.Input[str]]):
|
|
248
|
+
def public_key(self, value: Optional[pulumi.Input[builtins.str]]):
|
|
248
249
|
pulumi.set(self, "public_key", value)
|
|
249
250
|
|
|
250
251
|
@property
|
|
251
252
|
@pulumi.getter(name="publicKeyMethod")
|
|
252
|
-
def public_key_method(self) -> Optional[pulumi.Input[str]]:
|
|
253
|
+
def public_key_method(self) -> Optional[pulumi.Input[builtins.str]]:
|
|
253
254
|
"""
|
|
254
255
|
Specifies whether the public key will be `local` (default), `file` or
|
|
255
256
|
`service` generated.
|
|
@@ -257,12 +258,12 @@ class SshCertificateArgs:
|
|
|
257
258
|
return pulumi.get(self, "public_key_method")
|
|
258
259
|
|
|
259
260
|
@public_key_method.setter
|
|
260
|
-
def public_key_method(self, value: Optional[pulumi.Input[str]]):
|
|
261
|
+
def public_key_method(self, value: Optional[pulumi.Input[builtins.str]]):
|
|
261
262
|
pulumi.set(self, "public_key_method", value)
|
|
262
263
|
|
|
263
264
|
@property
|
|
264
265
|
@pulumi.getter(name="sourceAddresses")
|
|
265
|
-
def source_addresses(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
|
266
|
+
def source_addresses(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
|
266
267
|
"""
|
|
267
268
|
A list of one or more valid IP or CIDR addresses that can use the SSH
|
|
268
269
|
certificate.
|
|
@@ -270,95 +271,95 @@ class SshCertificateArgs:
|
|
|
270
271
|
return pulumi.get(self, "source_addresses")
|
|
271
272
|
|
|
272
273
|
@source_addresses.setter
|
|
273
|
-
def source_addresses(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
|
274
|
+
def source_addresses(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
|
274
275
|
pulumi.set(self, "source_addresses", value)
|
|
275
276
|
|
|
276
277
|
@property
|
|
277
278
|
@pulumi.getter(name="validHours")
|
|
278
|
-
def valid_hours(self) -> Optional[pulumi.Input[int]]:
|
|
279
|
+
def valid_hours(self) -> Optional[pulumi.Input[builtins.int]]:
|
|
279
280
|
"""
|
|
280
281
|
Desired number of hours for which the certificate will be valid.
|
|
281
282
|
"""
|
|
282
283
|
return pulumi.get(self, "valid_hours")
|
|
283
284
|
|
|
284
285
|
@valid_hours.setter
|
|
285
|
-
def valid_hours(self, value: Optional[pulumi.Input[int]]):
|
|
286
|
+
def valid_hours(self, value: Optional[pulumi.Input[builtins.int]]):
|
|
286
287
|
pulumi.set(self, "valid_hours", value)
|
|
287
288
|
|
|
288
289
|
@property
|
|
289
290
|
@pulumi.getter
|
|
290
|
-
def windows(self) -> Optional[pulumi.Input[bool]]:
|
|
291
|
+
def windows(self) -> Optional[pulumi.Input[builtins.bool]]:
|
|
291
292
|
"""
|
|
292
293
|
Specifies whether the private key will use Windows/DOS style line breaks.
|
|
293
294
|
"""
|
|
294
295
|
return pulumi.get(self, "windows")
|
|
295
296
|
|
|
296
297
|
@windows.setter
|
|
297
|
-
def windows(self, value: Optional[pulumi.Input[bool]]):
|
|
298
|
+
def windows(self, value: Optional[pulumi.Input[builtins.bool]]):
|
|
298
299
|
pulumi.set(self, "windows", value)
|
|
299
300
|
|
|
300
301
|
|
|
301
302
|
@pulumi.input_type
|
|
302
303
|
class _SshCertificateState:
|
|
303
304
|
def __init__(__self__, *,
|
|
304
|
-
certificate: Optional[pulumi.Input[str]] = None,
|
|
305
|
-
certificate_type: Optional[pulumi.Input[str]] = None,
|
|
306
|
-
destination_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
307
|
-
extensions: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
308
|
-
folder: Optional[pulumi.Input[str]] = None,
|
|
309
|
-
force_command: Optional[pulumi.Input[str]] = None,
|
|
310
|
-
key_id: Optional[pulumi.Input[str]] = None,
|
|
311
|
-
key_passphrase: Optional[pulumi.Input[str]] = None,
|
|
312
|
-
key_size: Optional[pulumi.Input[int]] = None,
|
|
313
|
-
object_name: Optional[pulumi.Input[str]] = None,
|
|
314
|
-
principal: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
315
|
-
principals: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
316
|
-
private_key: Optional[pulumi.Input[str]] = None,
|
|
317
|
-
public_key: Optional[pulumi.Input[str]] = None,
|
|
318
|
-
public_key_fingerprint: Optional[pulumi.Input[str]] = None,
|
|
319
|
-
public_key_method: Optional[pulumi.Input[str]] = None,
|
|
320
|
-
serial: Optional[pulumi.Input[str]] = None,
|
|
321
|
-
signing_ca: Optional[pulumi.Input[str]] = None,
|
|
322
|
-
source_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
323
|
-
template: Optional[pulumi.Input[str]] = None,
|
|
324
|
-
valid_from: Optional[pulumi.Input[str]] = None,
|
|
325
|
-
valid_hours: Optional[pulumi.Input[int]] = None,
|
|
326
|
-
valid_to: Optional[pulumi.Input[str]] = None,
|
|
327
|
-
windows: Optional[pulumi.Input[bool]] = None):
|
|
305
|
+
certificate: Optional[pulumi.Input[builtins.str]] = None,
|
|
306
|
+
certificate_type: Optional[pulumi.Input[builtins.str]] = None,
|
|
307
|
+
destination_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
|
308
|
+
extensions: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
|
309
|
+
folder: Optional[pulumi.Input[builtins.str]] = None,
|
|
310
|
+
force_command: Optional[pulumi.Input[builtins.str]] = None,
|
|
311
|
+
key_id: Optional[pulumi.Input[builtins.str]] = None,
|
|
312
|
+
key_passphrase: Optional[pulumi.Input[builtins.str]] = None,
|
|
313
|
+
key_size: Optional[pulumi.Input[builtins.int]] = None,
|
|
314
|
+
object_name: Optional[pulumi.Input[builtins.str]] = None,
|
|
315
|
+
principal: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
|
316
|
+
principals: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
|
317
|
+
private_key: Optional[pulumi.Input[builtins.str]] = None,
|
|
318
|
+
public_key: Optional[pulumi.Input[builtins.str]] = None,
|
|
319
|
+
public_key_fingerprint: Optional[pulumi.Input[builtins.str]] = None,
|
|
320
|
+
public_key_method: Optional[pulumi.Input[builtins.str]] = None,
|
|
321
|
+
serial: Optional[pulumi.Input[builtins.str]] = None,
|
|
322
|
+
signing_ca: Optional[pulumi.Input[builtins.str]] = None,
|
|
323
|
+
source_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
|
324
|
+
template: Optional[pulumi.Input[builtins.str]] = None,
|
|
325
|
+
valid_from: Optional[pulumi.Input[builtins.str]] = None,
|
|
326
|
+
valid_hours: Optional[pulumi.Input[builtins.int]] = None,
|
|
327
|
+
valid_to: Optional[pulumi.Input[builtins.str]] = None,
|
|
328
|
+
windows: Optional[pulumi.Input[builtins.bool]] = None):
|
|
328
329
|
"""
|
|
329
330
|
Input properties used for looking up and filtering SshCertificate resources.
|
|
330
|
-
:param pulumi.Input[str] certificate: The issued SSH certificate.
|
|
331
|
-
:param pulumi.Input[str] certificate_type: Indicates whether the SSH certificate is for client or server authentication.
|
|
332
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] destination_addresses: A list of one or more valid IP or CIDR destination hosts where the
|
|
331
|
+
:param pulumi.Input[builtins.str] certificate: The issued SSH certificate.
|
|
332
|
+
:param pulumi.Input[builtins.str] certificate_type: Indicates whether the SSH certificate is for client or server authentication.
|
|
333
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] destination_addresses: A list of one or more valid IP or CIDR destination hosts where the
|
|
333
334
|
certificate will authenticate.
|
|
334
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] extensions: A list of key-value pairs that contain certificate extensions from the CA
|
|
335
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] extensions: A list of key-value pairs that contain certificate extensions from the CA
|
|
335
336
|
template for client certificates. Allowed values (case-sensitive): `permit-X11-forwarding`, `permit-agent-forwarding`,
|
|
336
337
|
`permit-port-forwarding`, `permit-pty`, `permit-user-rc`.
|
|
337
|
-
:param pulumi.Input[str] folder: The DN of the policy folder where the SSH certificate object will be created.
|
|
338
|
-
:param pulumi.Input[str] force_command: A command to run after successful login.
|
|
339
|
-
:param pulumi.Input[str] key_id: The identifier of the requested SSH certificate.
|
|
340
|
-
:param pulumi.Input[str] key_passphrase: Passphrase for encrypting the private key.
|
|
341
|
-
:param pulumi.Input[int] key_size: Number of bits to use when creating a key pair. (e.g. `3072`).
|
|
342
|
-
:param pulumi.Input[str] object_name: The friendly name of the SSH certificate object. When not specified the `key_id`
|
|
338
|
+
:param pulumi.Input[builtins.str] folder: The DN of the policy folder where the SSH certificate object will be created.
|
|
339
|
+
:param pulumi.Input[builtins.str] force_command: A command to run after successful login.
|
|
340
|
+
:param pulumi.Input[builtins.str] key_id: The identifier of the requested SSH certificate.
|
|
341
|
+
:param pulumi.Input[builtins.str] key_passphrase: Passphrase for encrypting the private key.
|
|
342
|
+
:param pulumi.Input[builtins.int] key_size: Number of bits to use when creating a key pair. (e.g. `3072`).
|
|
343
|
+
:param pulumi.Input[builtins.str] object_name: The friendly name of the SSH certificate object. When not specified the `key_id`
|
|
343
344
|
is used for the friendly name. If the object already exists the old certificate is archived and the CA issues a new
|
|
344
345
|
certificate.
|
|
345
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] principal: [DEPRECATED] - (Optional, set of strings) Use "principals" instead. A list of usernames for whom the
|
|
346
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] principal: [DEPRECATED] - (Optional, set of strings) Use "principals" instead. A list of usernames for whom the
|
|
346
347
|
requested certificate will be valid.
|
|
347
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] principals: A list of usernames for whom the requested certificate will be valid.
|
|
348
|
-
:param pulumi.Input[str] private_key: The private key for the SSH certificate if generated by Venafi.
|
|
349
|
-
:param pulumi.Input[str] public_key: The OpenSSH formatted public key that will be used to generate the SSH certificate.
|
|
350
|
-
:param pulumi.Input[str] public_key_fingerprint: The SHA256 fingerprint of the SSH certificate's public key.
|
|
351
|
-
:param pulumi.Input[str] public_key_method: Specifies whether the public key will be `local` (default), `file` or
|
|
348
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] principals: A list of usernames for whom the requested certificate will be valid.
|
|
349
|
+
:param pulumi.Input[builtins.str] private_key: The private key for the SSH certificate if generated by Venafi.
|
|
350
|
+
:param pulumi.Input[builtins.str] public_key: The OpenSSH formatted public key that will be used to generate the SSH certificate.
|
|
351
|
+
:param pulumi.Input[builtins.str] public_key_fingerprint: The SHA256 fingerprint of the SSH certificate's public key.
|
|
352
|
+
:param pulumi.Input[builtins.str] public_key_method: Specifies whether the public key will be `local` (default), `file` or
|
|
352
353
|
`service` generated.
|
|
353
|
-
:param pulumi.Input[str] serial: The serial number of the SSH certificate.
|
|
354
|
-
:param pulumi.Input[str] signing_ca: The SHA256 fingerprint of the CA that signed the SSH certificate.
|
|
355
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] source_addresses: A list of one or more valid IP or CIDR addresses that can use the SSH
|
|
354
|
+
:param pulumi.Input[builtins.str] serial: The serial number of the SSH certificate.
|
|
355
|
+
:param pulumi.Input[builtins.str] signing_ca: The SHA256 fingerprint of the CA that signed the SSH certificate.
|
|
356
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] source_addresses: A list of one or more valid IP or CIDR addresses that can use the SSH
|
|
356
357
|
certificate.
|
|
357
|
-
:param pulumi.Input[str] template: The SSH certificate issuing template.
|
|
358
|
-
:param pulumi.Input[str] valid_from: The date the SSH certificate was issued.
|
|
359
|
-
:param pulumi.Input[int] valid_hours: Desired number of hours for which the certificate will be valid.
|
|
360
|
-
:param pulumi.Input[str] valid_to: The date the SSH certificate will expire.
|
|
361
|
-
:param pulumi.Input[bool] windows: Specifies whether the private key will use Windows/DOS style line breaks.
|
|
358
|
+
:param pulumi.Input[builtins.str] template: The SSH certificate issuing template.
|
|
359
|
+
:param pulumi.Input[builtins.str] valid_from: The date the SSH certificate was issued.
|
|
360
|
+
:param pulumi.Input[builtins.int] valid_hours: Desired number of hours for which the certificate will be valid.
|
|
361
|
+
:param pulumi.Input[builtins.str] valid_to: The date the SSH certificate will expire.
|
|
362
|
+
:param pulumi.Input[builtins.bool] windows: Specifies whether the private key will use Windows/DOS style line breaks.
|
|
362
363
|
"""
|
|
363
364
|
if certificate is not None:
|
|
364
365
|
pulumi.set(__self__, "certificate", certificate)
|
|
@@ -414,31 +415,31 @@ class _SshCertificateState:
|
|
|
414
415
|
|
|
415
416
|
@property
|
|
416
417
|
@pulumi.getter
|
|
417
|
-
def certificate(self) -> Optional[pulumi.Input[str]]:
|
|
418
|
+
def certificate(self) -> Optional[pulumi.Input[builtins.str]]:
|
|
418
419
|
"""
|
|
419
420
|
The issued SSH certificate.
|
|
420
421
|
"""
|
|
421
422
|
return pulumi.get(self, "certificate")
|
|
422
423
|
|
|
423
424
|
@certificate.setter
|
|
424
|
-
def certificate(self, value: Optional[pulumi.Input[str]]):
|
|
425
|
+
def certificate(self, value: Optional[pulumi.Input[builtins.str]]):
|
|
425
426
|
pulumi.set(self, "certificate", value)
|
|
426
427
|
|
|
427
428
|
@property
|
|
428
429
|
@pulumi.getter(name="certificateType")
|
|
429
|
-
def certificate_type(self) -> Optional[pulumi.Input[str]]:
|
|
430
|
+
def certificate_type(self) -> Optional[pulumi.Input[builtins.str]]:
|
|
430
431
|
"""
|
|
431
432
|
Indicates whether the SSH certificate is for client or server authentication.
|
|
432
433
|
"""
|
|
433
434
|
return pulumi.get(self, "certificate_type")
|
|
434
435
|
|
|
435
436
|
@certificate_type.setter
|
|
436
|
-
def certificate_type(self, value: Optional[pulumi.Input[str]]):
|
|
437
|
+
def certificate_type(self, value: Optional[pulumi.Input[builtins.str]]):
|
|
437
438
|
pulumi.set(self, "certificate_type", value)
|
|
438
439
|
|
|
439
440
|
@property
|
|
440
441
|
@pulumi.getter(name="destinationAddresses")
|
|
441
|
-
def destination_addresses(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
|
442
|
+
def destination_addresses(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
|
442
443
|
"""
|
|
443
444
|
A list of one or more valid IP or CIDR destination hosts where the
|
|
444
445
|
certificate will authenticate.
|
|
@@ -446,12 +447,12 @@ class _SshCertificateState:
|
|
|
446
447
|
return pulumi.get(self, "destination_addresses")
|
|
447
448
|
|
|
448
449
|
@destination_addresses.setter
|
|
449
|
-
def destination_addresses(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
|
450
|
+
def destination_addresses(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
|
450
451
|
pulumi.set(self, "destination_addresses", value)
|
|
451
452
|
|
|
452
453
|
@property
|
|
453
454
|
@pulumi.getter
|
|
454
|
-
def extensions(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
|
455
|
+
def extensions(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
|
455
456
|
"""
|
|
456
457
|
A list of key-value pairs that contain certificate extensions from the CA
|
|
457
458
|
template for client certificates. Allowed values (case-sensitive): `permit-X11-forwarding`, `permit-agent-forwarding`,
|
|
@@ -460,72 +461,72 @@ class _SshCertificateState:
|
|
|
460
461
|
return pulumi.get(self, "extensions")
|
|
461
462
|
|
|
462
463
|
@extensions.setter
|
|
463
|
-
def extensions(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
|
464
|
+
def extensions(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
|
464
465
|
pulumi.set(self, "extensions", value)
|
|
465
466
|
|
|
466
467
|
@property
|
|
467
468
|
@pulumi.getter
|
|
468
|
-
def folder(self) -> Optional[pulumi.Input[str]]:
|
|
469
|
+
def folder(self) -> Optional[pulumi.Input[builtins.str]]:
|
|
469
470
|
"""
|
|
470
471
|
The DN of the policy folder where the SSH certificate object will be created.
|
|
471
472
|
"""
|
|
472
473
|
return pulumi.get(self, "folder")
|
|
473
474
|
|
|
474
475
|
@folder.setter
|
|
475
|
-
def folder(self, value: Optional[pulumi.Input[str]]):
|
|
476
|
+
def folder(self, value: Optional[pulumi.Input[builtins.str]]):
|
|
476
477
|
pulumi.set(self, "folder", value)
|
|
477
478
|
|
|
478
479
|
@property
|
|
479
480
|
@pulumi.getter(name="forceCommand")
|
|
480
|
-
def force_command(self) -> Optional[pulumi.Input[str]]:
|
|
481
|
+
def force_command(self) -> Optional[pulumi.Input[builtins.str]]:
|
|
481
482
|
"""
|
|
482
483
|
A command to run after successful login.
|
|
483
484
|
"""
|
|
484
485
|
return pulumi.get(self, "force_command")
|
|
485
486
|
|
|
486
487
|
@force_command.setter
|
|
487
|
-
def force_command(self, value: Optional[pulumi.Input[str]]):
|
|
488
|
+
def force_command(self, value: Optional[pulumi.Input[builtins.str]]):
|
|
488
489
|
pulumi.set(self, "force_command", value)
|
|
489
490
|
|
|
490
491
|
@property
|
|
491
492
|
@pulumi.getter(name="keyId")
|
|
492
|
-
def key_id(self) -> Optional[pulumi.Input[str]]:
|
|
493
|
+
def key_id(self) -> Optional[pulumi.Input[builtins.str]]:
|
|
493
494
|
"""
|
|
494
495
|
The identifier of the requested SSH certificate.
|
|
495
496
|
"""
|
|
496
497
|
return pulumi.get(self, "key_id")
|
|
497
498
|
|
|
498
499
|
@key_id.setter
|
|
499
|
-
def key_id(self, value: Optional[pulumi.Input[str]]):
|
|
500
|
+
def key_id(self, value: Optional[pulumi.Input[builtins.str]]):
|
|
500
501
|
pulumi.set(self, "key_id", value)
|
|
501
502
|
|
|
502
503
|
@property
|
|
503
504
|
@pulumi.getter(name="keyPassphrase")
|
|
504
|
-
def key_passphrase(self) -> Optional[pulumi.Input[str]]:
|
|
505
|
+
def key_passphrase(self) -> Optional[pulumi.Input[builtins.str]]:
|
|
505
506
|
"""
|
|
506
507
|
Passphrase for encrypting the private key.
|
|
507
508
|
"""
|
|
508
509
|
return pulumi.get(self, "key_passphrase")
|
|
509
510
|
|
|
510
511
|
@key_passphrase.setter
|
|
511
|
-
def key_passphrase(self, value: Optional[pulumi.Input[str]]):
|
|
512
|
+
def key_passphrase(self, value: Optional[pulumi.Input[builtins.str]]):
|
|
512
513
|
pulumi.set(self, "key_passphrase", value)
|
|
513
514
|
|
|
514
515
|
@property
|
|
515
516
|
@pulumi.getter(name="keySize")
|
|
516
|
-
def key_size(self) -> Optional[pulumi.Input[int]]:
|
|
517
|
+
def key_size(self) -> Optional[pulumi.Input[builtins.int]]:
|
|
517
518
|
"""
|
|
518
519
|
Number of bits to use when creating a key pair. (e.g. `3072`).
|
|
519
520
|
"""
|
|
520
521
|
return pulumi.get(self, "key_size")
|
|
521
522
|
|
|
522
523
|
@key_size.setter
|
|
523
|
-
def key_size(self, value: Optional[pulumi.Input[int]]):
|
|
524
|
+
def key_size(self, value: Optional[pulumi.Input[builtins.int]]):
|
|
524
525
|
pulumi.set(self, "key_size", value)
|
|
525
526
|
|
|
526
527
|
@property
|
|
527
528
|
@pulumi.getter(name="objectName")
|
|
528
|
-
def object_name(self) -> Optional[pulumi.Input[str]]:
|
|
529
|
+
def object_name(self) -> Optional[pulumi.Input[builtins.str]]:
|
|
529
530
|
"""
|
|
530
531
|
The friendly name of the SSH certificate object. When not specified the `key_id`
|
|
531
532
|
is used for the friendly name. If the object already exists the old certificate is archived and the CA issues a new
|
|
@@ -534,13 +535,13 @@ class _SshCertificateState:
|
|
|
534
535
|
return pulumi.get(self, "object_name")
|
|
535
536
|
|
|
536
537
|
@object_name.setter
|
|
537
|
-
def object_name(self, value: Optional[pulumi.Input[str]]):
|
|
538
|
+
def object_name(self, value: Optional[pulumi.Input[builtins.str]]):
|
|
538
539
|
pulumi.set(self, "object_name", value)
|
|
539
540
|
|
|
540
541
|
@property
|
|
541
542
|
@pulumi.getter
|
|
542
543
|
@_utilities.deprecated("""This will be removed in the future. Use \"principals\" instead""")
|
|
543
|
-
def principal(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
|
544
|
+
def principal(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
|
544
545
|
"""
|
|
545
546
|
[DEPRECATED] - (Optional, set of strings) Use "principals" instead. A list of usernames for whom the
|
|
546
547
|
requested certificate will be valid.
|
|
@@ -548,60 +549,60 @@ class _SshCertificateState:
|
|
|
548
549
|
return pulumi.get(self, "principal")
|
|
549
550
|
|
|
550
551
|
@principal.setter
|
|
551
|
-
def principal(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
|
552
|
+
def principal(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
|
552
553
|
pulumi.set(self, "principal", value)
|
|
553
554
|
|
|
554
555
|
@property
|
|
555
556
|
@pulumi.getter
|
|
556
|
-
def principals(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
|
557
|
+
def principals(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
|
557
558
|
"""
|
|
558
559
|
A list of usernames for whom the requested certificate will be valid.
|
|
559
560
|
"""
|
|
560
561
|
return pulumi.get(self, "principals")
|
|
561
562
|
|
|
562
563
|
@principals.setter
|
|
563
|
-
def principals(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
|
564
|
+
def principals(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
|
564
565
|
pulumi.set(self, "principals", value)
|
|
565
566
|
|
|
566
567
|
@property
|
|
567
568
|
@pulumi.getter(name="privateKey")
|
|
568
|
-
def private_key(self) -> Optional[pulumi.Input[str]]:
|
|
569
|
+
def private_key(self) -> Optional[pulumi.Input[builtins.str]]:
|
|
569
570
|
"""
|
|
570
571
|
The private key for the SSH certificate if generated by Venafi.
|
|
571
572
|
"""
|
|
572
573
|
return pulumi.get(self, "private_key")
|
|
573
574
|
|
|
574
575
|
@private_key.setter
|
|
575
|
-
def private_key(self, value: Optional[pulumi.Input[str]]):
|
|
576
|
+
def private_key(self, value: Optional[pulumi.Input[builtins.str]]):
|
|
576
577
|
pulumi.set(self, "private_key", value)
|
|
577
578
|
|
|
578
579
|
@property
|
|
579
580
|
@pulumi.getter(name="publicKey")
|
|
580
|
-
def public_key(self) -> Optional[pulumi.Input[str]]:
|
|
581
|
+
def public_key(self) -> Optional[pulumi.Input[builtins.str]]:
|
|
581
582
|
"""
|
|
582
583
|
The OpenSSH formatted public key that will be used to generate the SSH certificate.
|
|
583
584
|
"""
|
|
584
585
|
return pulumi.get(self, "public_key")
|
|
585
586
|
|
|
586
587
|
@public_key.setter
|
|
587
|
-
def public_key(self, value: Optional[pulumi.Input[str]]):
|
|
588
|
+
def public_key(self, value: Optional[pulumi.Input[builtins.str]]):
|
|
588
589
|
pulumi.set(self, "public_key", value)
|
|
589
590
|
|
|
590
591
|
@property
|
|
591
592
|
@pulumi.getter(name="publicKeyFingerprint")
|
|
592
|
-
def public_key_fingerprint(self) -> Optional[pulumi.Input[str]]:
|
|
593
|
+
def public_key_fingerprint(self) -> Optional[pulumi.Input[builtins.str]]:
|
|
593
594
|
"""
|
|
594
595
|
The SHA256 fingerprint of the SSH certificate's public key.
|
|
595
596
|
"""
|
|
596
597
|
return pulumi.get(self, "public_key_fingerprint")
|
|
597
598
|
|
|
598
599
|
@public_key_fingerprint.setter
|
|
599
|
-
def public_key_fingerprint(self, value: Optional[pulumi.Input[str]]):
|
|
600
|
+
def public_key_fingerprint(self, value: Optional[pulumi.Input[builtins.str]]):
|
|
600
601
|
pulumi.set(self, "public_key_fingerprint", value)
|
|
601
602
|
|
|
602
603
|
@property
|
|
603
604
|
@pulumi.getter(name="publicKeyMethod")
|
|
604
|
-
def public_key_method(self) -> Optional[pulumi.Input[str]]:
|
|
605
|
+
def public_key_method(self) -> Optional[pulumi.Input[builtins.str]]:
|
|
605
606
|
"""
|
|
606
607
|
Specifies whether the public key will be `local` (default), `file` or
|
|
607
608
|
`service` generated.
|
|
@@ -609,36 +610,36 @@ class _SshCertificateState:
|
|
|
609
610
|
return pulumi.get(self, "public_key_method")
|
|
610
611
|
|
|
611
612
|
@public_key_method.setter
|
|
612
|
-
def public_key_method(self, value: Optional[pulumi.Input[str]]):
|
|
613
|
+
def public_key_method(self, value: Optional[pulumi.Input[builtins.str]]):
|
|
613
614
|
pulumi.set(self, "public_key_method", value)
|
|
614
615
|
|
|
615
616
|
@property
|
|
616
617
|
@pulumi.getter
|
|
617
|
-
def serial(self) -> Optional[pulumi.Input[str]]:
|
|
618
|
+
def serial(self) -> Optional[pulumi.Input[builtins.str]]:
|
|
618
619
|
"""
|
|
619
620
|
The serial number of the SSH certificate.
|
|
620
621
|
"""
|
|
621
622
|
return pulumi.get(self, "serial")
|
|
622
623
|
|
|
623
624
|
@serial.setter
|
|
624
|
-
def serial(self, value: Optional[pulumi.Input[str]]):
|
|
625
|
+
def serial(self, value: Optional[pulumi.Input[builtins.str]]):
|
|
625
626
|
pulumi.set(self, "serial", value)
|
|
626
627
|
|
|
627
628
|
@property
|
|
628
629
|
@pulumi.getter(name="signingCa")
|
|
629
|
-
def signing_ca(self) -> Optional[pulumi.Input[str]]:
|
|
630
|
+
def signing_ca(self) -> Optional[pulumi.Input[builtins.str]]:
|
|
630
631
|
"""
|
|
631
632
|
The SHA256 fingerprint of the CA that signed the SSH certificate.
|
|
632
633
|
"""
|
|
633
634
|
return pulumi.get(self, "signing_ca")
|
|
634
635
|
|
|
635
636
|
@signing_ca.setter
|
|
636
|
-
def signing_ca(self, value: Optional[pulumi.Input[str]]):
|
|
637
|
+
def signing_ca(self, value: Optional[pulumi.Input[builtins.str]]):
|
|
637
638
|
pulumi.set(self, "signing_ca", value)
|
|
638
639
|
|
|
639
640
|
@property
|
|
640
641
|
@pulumi.getter(name="sourceAddresses")
|
|
641
|
-
def source_addresses(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
|
642
|
+
def source_addresses(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
|
|
642
643
|
"""
|
|
643
644
|
A list of one or more valid IP or CIDR addresses that can use the SSH
|
|
644
645
|
certificate.
|
|
@@ -646,67 +647,67 @@ class _SshCertificateState:
|
|
|
646
647
|
return pulumi.get(self, "source_addresses")
|
|
647
648
|
|
|
648
649
|
@source_addresses.setter
|
|
649
|
-
def source_addresses(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
|
650
|
+
def source_addresses(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
|
|
650
651
|
pulumi.set(self, "source_addresses", value)
|
|
651
652
|
|
|
652
653
|
@property
|
|
653
654
|
@pulumi.getter
|
|
654
|
-
def template(self) -> Optional[pulumi.Input[str]]:
|
|
655
|
+
def template(self) -> Optional[pulumi.Input[builtins.str]]:
|
|
655
656
|
"""
|
|
656
657
|
The SSH certificate issuing template.
|
|
657
658
|
"""
|
|
658
659
|
return pulumi.get(self, "template")
|
|
659
660
|
|
|
660
661
|
@template.setter
|
|
661
|
-
def template(self, value: Optional[pulumi.Input[str]]):
|
|
662
|
+
def template(self, value: Optional[pulumi.Input[builtins.str]]):
|
|
662
663
|
pulumi.set(self, "template", value)
|
|
663
664
|
|
|
664
665
|
@property
|
|
665
666
|
@pulumi.getter(name="validFrom")
|
|
666
|
-
def valid_from(self) -> Optional[pulumi.Input[str]]:
|
|
667
|
+
def valid_from(self) -> Optional[pulumi.Input[builtins.str]]:
|
|
667
668
|
"""
|
|
668
669
|
The date the SSH certificate was issued.
|
|
669
670
|
"""
|
|
670
671
|
return pulumi.get(self, "valid_from")
|
|
671
672
|
|
|
672
673
|
@valid_from.setter
|
|
673
|
-
def valid_from(self, value: Optional[pulumi.Input[str]]):
|
|
674
|
+
def valid_from(self, value: Optional[pulumi.Input[builtins.str]]):
|
|
674
675
|
pulumi.set(self, "valid_from", value)
|
|
675
676
|
|
|
676
677
|
@property
|
|
677
678
|
@pulumi.getter(name="validHours")
|
|
678
|
-
def valid_hours(self) -> Optional[pulumi.Input[int]]:
|
|
679
|
+
def valid_hours(self) -> Optional[pulumi.Input[builtins.int]]:
|
|
679
680
|
"""
|
|
680
681
|
Desired number of hours for which the certificate will be valid.
|
|
681
682
|
"""
|
|
682
683
|
return pulumi.get(self, "valid_hours")
|
|
683
684
|
|
|
684
685
|
@valid_hours.setter
|
|
685
|
-
def valid_hours(self, value: Optional[pulumi.Input[int]]):
|
|
686
|
+
def valid_hours(self, value: Optional[pulumi.Input[builtins.int]]):
|
|
686
687
|
pulumi.set(self, "valid_hours", value)
|
|
687
688
|
|
|
688
689
|
@property
|
|
689
690
|
@pulumi.getter(name="validTo")
|
|
690
|
-
def valid_to(self) -> Optional[pulumi.Input[str]]:
|
|
691
|
+
def valid_to(self) -> Optional[pulumi.Input[builtins.str]]:
|
|
691
692
|
"""
|
|
692
693
|
The date the SSH certificate will expire.
|
|
693
694
|
"""
|
|
694
695
|
return pulumi.get(self, "valid_to")
|
|
695
696
|
|
|
696
697
|
@valid_to.setter
|
|
697
|
-
def valid_to(self, value: Optional[pulumi.Input[str]]):
|
|
698
|
+
def valid_to(self, value: Optional[pulumi.Input[builtins.str]]):
|
|
698
699
|
pulumi.set(self, "valid_to", value)
|
|
699
700
|
|
|
700
701
|
@property
|
|
701
702
|
@pulumi.getter
|
|
702
|
-
def windows(self) -> Optional[pulumi.Input[bool]]:
|
|
703
|
+
def windows(self) -> Optional[pulumi.Input[builtins.bool]]:
|
|
703
704
|
"""
|
|
704
705
|
Specifies whether the private key will use Windows/DOS style line breaks.
|
|
705
706
|
"""
|
|
706
707
|
return pulumi.get(self, "windows")
|
|
707
708
|
|
|
708
709
|
@windows.setter
|
|
709
|
-
def windows(self, value: Optional[pulumi.Input[bool]]):
|
|
710
|
+
def windows(self, value: Optional[pulumi.Input[builtins.bool]]):
|
|
710
711
|
pulumi.set(self, "windows", value)
|
|
711
712
|
|
|
712
713
|
|
|
@@ -715,22 +716,22 @@ class SshCertificate(pulumi.CustomResource):
|
|
|
715
716
|
def __init__(__self__,
|
|
716
717
|
resource_name: str,
|
|
717
718
|
opts: Optional[pulumi.ResourceOptions] = None,
|
|
718
|
-
destination_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
719
|
-
extensions: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
720
|
-
folder: Optional[pulumi.Input[str]] = None,
|
|
721
|
-
force_command: Optional[pulumi.Input[str]] = None,
|
|
722
|
-
key_id: Optional[pulumi.Input[str]] = None,
|
|
723
|
-
key_passphrase: Optional[pulumi.Input[str]] = None,
|
|
724
|
-
key_size: Optional[pulumi.Input[int]] = None,
|
|
725
|
-
object_name: Optional[pulumi.Input[str]] = None,
|
|
726
|
-
principal: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
727
|
-
principals: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
728
|
-
public_key: Optional[pulumi.Input[str]] = None,
|
|
729
|
-
public_key_method: Optional[pulumi.Input[str]] = None,
|
|
730
|
-
source_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
731
|
-
template: Optional[pulumi.Input[str]] = None,
|
|
732
|
-
valid_hours: Optional[pulumi.Input[int]] = None,
|
|
733
|
-
windows: Optional[pulumi.Input[bool]] = None,
|
|
719
|
+
destination_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
|
720
|
+
extensions: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
|
721
|
+
folder: Optional[pulumi.Input[builtins.str]] = None,
|
|
722
|
+
force_command: Optional[pulumi.Input[builtins.str]] = None,
|
|
723
|
+
key_id: Optional[pulumi.Input[builtins.str]] = None,
|
|
724
|
+
key_passphrase: Optional[pulumi.Input[builtins.str]] = None,
|
|
725
|
+
key_size: Optional[pulumi.Input[builtins.int]] = None,
|
|
726
|
+
object_name: Optional[pulumi.Input[builtins.str]] = None,
|
|
727
|
+
principal: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
|
728
|
+
principals: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
|
729
|
+
public_key: Optional[pulumi.Input[builtins.str]] = None,
|
|
730
|
+
public_key_method: Optional[pulumi.Input[builtins.str]] = None,
|
|
731
|
+
source_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
|
732
|
+
template: Optional[pulumi.Input[builtins.str]] = None,
|
|
733
|
+
valid_hours: Optional[pulumi.Input[builtins.int]] = None,
|
|
734
|
+
windows: Optional[pulumi.Input[builtins.bool]] = None,
|
|
734
735
|
__props__=None):
|
|
735
736
|
"""
|
|
736
737
|
Provides access to request and retrieve SSH certificates from *Venafi Trust Protection Platform*.
|
|
@@ -753,30 +754,30 @@ class SshCertificate(pulumi.CustomResource):
|
|
|
753
754
|
|
|
754
755
|
:param str resource_name: The name of the resource.
|
|
755
756
|
:param pulumi.ResourceOptions opts: Options for the resource.
|
|
756
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] destination_addresses: A list of one or more valid IP or CIDR destination hosts where the
|
|
757
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] destination_addresses: A list of one or more valid IP or CIDR destination hosts where the
|
|
757
758
|
certificate will authenticate.
|
|
758
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] extensions: A list of key-value pairs that contain certificate extensions from the CA
|
|
759
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] extensions: A list of key-value pairs that contain certificate extensions from the CA
|
|
759
760
|
template for client certificates. Allowed values (case-sensitive): `permit-X11-forwarding`, `permit-agent-forwarding`,
|
|
760
761
|
`permit-port-forwarding`, `permit-pty`, `permit-user-rc`.
|
|
761
|
-
:param pulumi.Input[str] folder: The DN of the policy folder where the SSH certificate object will be created.
|
|
762
|
-
:param pulumi.Input[str] force_command: A command to run after successful login.
|
|
763
|
-
:param pulumi.Input[str] key_id: The identifier of the requested SSH certificate.
|
|
764
|
-
:param pulumi.Input[str] key_passphrase: Passphrase for encrypting the private key.
|
|
765
|
-
:param pulumi.Input[int] key_size: Number of bits to use when creating a key pair. (e.g. `3072`).
|
|
766
|
-
:param pulumi.Input[str] object_name: The friendly name of the SSH certificate object. When not specified the `key_id`
|
|
762
|
+
:param pulumi.Input[builtins.str] folder: The DN of the policy folder where the SSH certificate object will be created.
|
|
763
|
+
:param pulumi.Input[builtins.str] force_command: A command to run after successful login.
|
|
764
|
+
:param pulumi.Input[builtins.str] key_id: The identifier of the requested SSH certificate.
|
|
765
|
+
:param pulumi.Input[builtins.str] key_passphrase: Passphrase for encrypting the private key.
|
|
766
|
+
:param pulumi.Input[builtins.int] key_size: Number of bits to use when creating a key pair. (e.g. `3072`).
|
|
767
|
+
:param pulumi.Input[builtins.str] object_name: The friendly name of the SSH certificate object. When not specified the `key_id`
|
|
767
768
|
is used for the friendly name. If the object already exists the old certificate is archived and the CA issues a new
|
|
768
769
|
certificate.
|
|
769
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] principal: [DEPRECATED] - (Optional, set of strings) Use "principals" instead. A list of usernames for whom the
|
|
770
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] principal: [DEPRECATED] - (Optional, set of strings) Use "principals" instead. A list of usernames for whom the
|
|
770
771
|
requested certificate will be valid.
|
|
771
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] principals: A list of usernames for whom the requested certificate will be valid.
|
|
772
|
-
:param pulumi.Input[str] public_key: The OpenSSH formatted public key that will be used to generate the SSH certificate.
|
|
773
|
-
:param pulumi.Input[str] public_key_method: Specifies whether the public key will be `local` (default), `file` or
|
|
772
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] principals: A list of usernames for whom the requested certificate will be valid.
|
|
773
|
+
:param pulumi.Input[builtins.str] public_key: The OpenSSH formatted public key that will be used to generate the SSH certificate.
|
|
774
|
+
:param pulumi.Input[builtins.str] public_key_method: Specifies whether the public key will be `local` (default), `file` or
|
|
774
775
|
`service` generated.
|
|
775
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] source_addresses: A list of one or more valid IP or CIDR addresses that can use the SSH
|
|
776
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] source_addresses: A list of one or more valid IP or CIDR addresses that can use the SSH
|
|
776
777
|
certificate.
|
|
777
|
-
:param pulumi.Input[str] template: The SSH certificate issuing template.
|
|
778
|
-
:param pulumi.Input[int] valid_hours: Desired number of hours for which the certificate will be valid.
|
|
779
|
-
:param pulumi.Input[bool] windows: Specifies whether the private key will use Windows/DOS style line breaks.
|
|
778
|
+
:param pulumi.Input[builtins.str] template: The SSH certificate issuing template.
|
|
779
|
+
:param pulumi.Input[builtins.int] valid_hours: Desired number of hours for which the certificate will be valid.
|
|
780
|
+
:param pulumi.Input[builtins.bool] windows: Specifies whether the private key will use Windows/DOS style line breaks.
|
|
780
781
|
"""
|
|
781
782
|
...
|
|
782
783
|
@overload
|
|
@@ -818,22 +819,22 @@ class SshCertificate(pulumi.CustomResource):
|
|
|
818
819
|
def _internal_init(__self__,
|
|
819
820
|
resource_name: str,
|
|
820
821
|
opts: Optional[pulumi.ResourceOptions] = None,
|
|
821
|
-
destination_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
822
|
-
extensions: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
823
|
-
folder: Optional[pulumi.Input[str]] = None,
|
|
824
|
-
force_command: Optional[pulumi.Input[str]] = None,
|
|
825
|
-
key_id: Optional[pulumi.Input[str]] = None,
|
|
826
|
-
key_passphrase: Optional[pulumi.Input[str]] = None,
|
|
827
|
-
key_size: Optional[pulumi.Input[int]] = None,
|
|
828
|
-
object_name: Optional[pulumi.Input[str]] = None,
|
|
829
|
-
principal: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
830
|
-
principals: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
831
|
-
public_key: Optional[pulumi.Input[str]] = None,
|
|
832
|
-
public_key_method: Optional[pulumi.Input[str]] = None,
|
|
833
|
-
source_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
834
|
-
template: Optional[pulumi.Input[str]] = None,
|
|
835
|
-
valid_hours: Optional[pulumi.Input[int]] = None,
|
|
836
|
-
windows: Optional[pulumi.Input[bool]] = None,
|
|
822
|
+
destination_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
|
823
|
+
extensions: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
|
824
|
+
folder: Optional[pulumi.Input[builtins.str]] = None,
|
|
825
|
+
force_command: Optional[pulumi.Input[builtins.str]] = None,
|
|
826
|
+
key_id: Optional[pulumi.Input[builtins.str]] = None,
|
|
827
|
+
key_passphrase: Optional[pulumi.Input[builtins.str]] = None,
|
|
828
|
+
key_size: Optional[pulumi.Input[builtins.int]] = None,
|
|
829
|
+
object_name: Optional[pulumi.Input[builtins.str]] = None,
|
|
830
|
+
principal: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
|
831
|
+
principals: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
|
832
|
+
public_key: Optional[pulumi.Input[builtins.str]] = None,
|
|
833
|
+
public_key_method: Optional[pulumi.Input[builtins.str]] = None,
|
|
834
|
+
source_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
|
835
|
+
template: Optional[pulumi.Input[builtins.str]] = None,
|
|
836
|
+
valid_hours: Optional[pulumi.Input[builtins.int]] = None,
|
|
837
|
+
windows: Optional[pulumi.Input[builtins.bool]] = None,
|
|
837
838
|
__props__=None):
|
|
838
839
|
opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
|
|
839
840
|
if not isinstance(opts, pulumi.ResourceOptions):
|
|
@@ -883,30 +884,30 @@ class SshCertificate(pulumi.CustomResource):
|
|
|
883
884
|
def get(resource_name: str,
|
|
884
885
|
id: pulumi.Input[str],
|
|
885
886
|
opts: Optional[pulumi.ResourceOptions] = None,
|
|
886
|
-
certificate: Optional[pulumi.Input[str]] = None,
|
|
887
|
-
certificate_type: Optional[pulumi.Input[str]] = None,
|
|
888
|
-
destination_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
889
|
-
extensions: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
890
|
-
folder: Optional[pulumi.Input[str]] = None,
|
|
891
|
-
force_command: Optional[pulumi.Input[str]] = None,
|
|
892
|
-
key_id: Optional[pulumi.Input[str]] = None,
|
|
893
|
-
key_passphrase: Optional[pulumi.Input[str]] = None,
|
|
894
|
-
key_size: Optional[pulumi.Input[int]] = None,
|
|
895
|
-
object_name: Optional[pulumi.Input[str]] = None,
|
|
896
|
-
principal: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
897
|
-
principals: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
898
|
-
private_key: Optional[pulumi.Input[str]] = None,
|
|
899
|
-
public_key: Optional[pulumi.Input[str]] = None,
|
|
900
|
-
public_key_fingerprint: Optional[pulumi.Input[str]] = None,
|
|
901
|
-
public_key_method: Optional[pulumi.Input[str]] = None,
|
|
902
|
-
serial: Optional[pulumi.Input[str]] = None,
|
|
903
|
-
signing_ca: Optional[pulumi.Input[str]] = None,
|
|
904
|
-
source_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
|
905
|
-
template: Optional[pulumi.Input[str]] = None,
|
|
906
|
-
valid_from: Optional[pulumi.Input[str]] = None,
|
|
907
|
-
valid_hours: Optional[pulumi.Input[int]] = None,
|
|
908
|
-
valid_to: Optional[pulumi.Input[str]] = None,
|
|
909
|
-
windows: Optional[pulumi.Input[bool]] = None) -> 'SshCertificate':
|
|
887
|
+
certificate: Optional[pulumi.Input[builtins.str]] = None,
|
|
888
|
+
certificate_type: Optional[pulumi.Input[builtins.str]] = None,
|
|
889
|
+
destination_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
|
890
|
+
extensions: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
|
891
|
+
folder: Optional[pulumi.Input[builtins.str]] = None,
|
|
892
|
+
force_command: Optional[pulumi.Input[builtins.str]] = None,
|
|
893
|
+
key_id: Optional[pulumi.Input[builtins.str]] = None,
|
|
894
|
+
key_passphrase: Optional[pulumi.Input[builtins.str]] = None,
|
|
895
|
+
key_size: Optional[pulumi.Input[builtins.int]] = None,
|
|
896
|
+
object_name: Optional[pulumi.Input[builtins.str]] = None,
|
|
897
|
+
principal: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
|
898
|
+
principals: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
|
899
|
+
private_key: Optional[pulumi.Input[builtins.str]] = None,
|
|
900
|
+
public_key: Optional[pulumi.Input[builtins.str]] = None,
|
|
901
|
+
public_key_fingerprint: Optional[pulumi.Input[builtins.str]] = None,
|
|
902
|
+
public_key_method: Optional[pulumi.Input[builtins.str]] = None,
|
|
903
|
+
serial: Optional[pulumi.Input[builtins.str]] = None,
|
|
904
|
+
signing_ca: Optional[pulumi.Input[builtins.str]] = None,
|
|
905
|
+
source_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
|
|
906
|
+
template: Optional[pulumi.Input[builtins.str]] = None,
|
|
907
|
+
valid_from: Optional[pulumi.Input[builtins.str]] = None,
|
|
908
|
+
valid_hours: Optional[pulumi.Input[builtins.int]] = None,
|
|
909
|
+
valid_to: Optional[pulumi.Input[builtins.str]] = None,
|
|
910
|
+
windows: Optional[pulumi.Input[builtins.bool]] = None) -> 'SshCertificate':
|
|
910
911
|
"""
|
|
911
912
|
Get an existing SshCertificate resource's state with the given name, id, and optional extra
|
|
912
913
|
properties used to qualify the lookup.
|
|
@@ -914,38 +915,38 @@ class SshCertificate(pulumi.CustomResource):
|
|
|
914
915
|
:param str resource_name: The unique name of the resulting resource.
|
|
915
916
|
:param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
|
|
916
917
|
:param pulumi.ResourceOptions opts: Options for the resource.
|
|
917
|
-
:param pulumi.Input[str] certificate: The issued SSH certificate.
|
|
918
|
-
:param pulumi.Input[str] certificate_type: Indicates whether the SSH certificate is for client or server authentication.
|
|
919
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] destination_addresses: A list of one or more valid IP or CIDR destination hosts where the
|
|
918
|
+
:param pulumi.Input[builtins.str] certificate: The issued SSH certificate.
|
|
919
|
+
:param pulumi.Input[builtins.str] certificate_type: Indicates whether the SSH certificate is for client or server authentication.
|
|
920
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] destination_addresses: A list of one or more valid IP or CIDR destination hosts where the
|
|
920
921
|
certificate will authenticate.
|
|
921
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] extensions: A list of key-value pairs that contain certificate extensions from the CA
|
|
922
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] extensions: A list of key-value pairs that contain certificate extensions from the CA
|
|
922
923
|
template for client certificates. Allowed values (case-sensitive): `permit-X11-forwarding`, `permit-agent-forwarding`,
|
|
923
924
|
`permit-port-forwarding`, `permit-pty`, `permit-user-rc`.
|
|
924
|
-
:param pulumi.Input[str] folder: The DN of the policy folder where the SSH certificate object will be created.
|
|
925
|
-
:param pulumi.Input[str] force_command: A command to run after successful login.
|
|
926
|
-
:param pulumi.Input[str] key_id: The identifier of the requested SSH certificate.
|
|
927
|
-
:param pulumi.Input[str] key_passphrase: Passphrase for encrypting the private key.
|
|
928
|
-
:param pulumi.Input[int] key_size: Number of bits to use when creating a key pair. (e.g. `3072`).
|
|
929
|
-
:param pulumi.Input[str] object_name: The friendly name of the SSH certificate object. When not specified the `key_id`
|
|
925
|
+
:param pulumi.Input[builtins.str] folder: The DN of the policy folder where the SSH certificate object will be created.
|
|
926
|
+
:param pulumi.Input[builtins.str] force_command: A command to run after successful login.
|
|
927
|
+
:param pulumi.Input[builtins.str] key_id: The identifier of the requested SSH certificate.
|
|
928
|
+
:param pulumi.Input[builtins.str] key_passphrase: Passphrase for encrypting the private key.
|
|
929
|
+
:param pulumi.Input[builtins.int] key_size: Number of bits to use when creating a key pair. (e.g. `3072`).
|
|
930
|
+
:param pulumi.Input[builtins.str] object_name: The friendly name of the SSH certificate object. When not specified the `key_id`
|
|
930
931
|
is used for the friendly name. If the object already exists the old certificate is archived and the CA issues a new
|
|
931
932
|
certificate.
|
|
932
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] principal: [DEPRECATED] - (Optional, set of strings) Use "principals" instead. A list of usernames for whom the
|
|
933
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] principal: [DEPRECATED] - (Optional, set of strings) Use "principals" instead. A list of usernames for whom the
|
|
933
934
|
requested certificate will be valid.
|
|
934
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] principals: A list of usernames for whom the requested certificate will be valid.
|
|
935
|
-
:param pulumi.Input[str] private_key: The private key for the SSH certificate if generated by Venafi.
|
|
936
|
-
:param pulumi.Input[str] public_key: The OpenSSH formatted public key that will be used to generate the SSH certificate.
|
|
937
|
-
:param pulumi.Input[str] public_key_fingerprint: The SHA256 fingerprint of the SSH certificate's public key.
|
|
938
|
-
:param pulumi.Input[str] public_key_method: Specifies whether the public key will be `local` (default), `file` or
|
|
935
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] principals: A list of usernames for whom the requested certificate will be valid.
|
|
936
|
+
:param pulumi.Input[builtins.str] private_key: The private key for the SSH certificate if generated by Venafi.
|
|
937
|
+
:param pulumi.Input[builtins.str] public_key: The OpenSSH formatted public key that will be used to generate the SSH certificate.
|
|
938
|
+
:param pulumi.Input[builtins.str] public_key_fingerprint: The SHA256 fingerprint of the SSH certificate's public key.
|
|
939
|
+
:param pulumi.Input[builtins.str] public_key_method: Specifies whether the public key will be `local` (default), `file` or
|
|
939
940
|
`service` generated.
|
|
940
|
-
:param pulumi.Input[str] serial: The serial number of the SSH certificate.
|
|
941
|
-
:param pulumi.Input[str] signing_ca: The SHA256 fingerprint of the CA that signed the SSH certificate.
|
|
942
|
-
:param pulumi.Input[Sequence[pulumi.Input[str]]] source_addresses: A list of one or more valid IP or CIDR addresses that can use the SSH
|
|
941
|
+
:param pulumi.Input[builtins.str] serial: The serial number of the SSH certificate.
|
|
942
|
+
:param pulumi.Input[builtins.str] signing_ca: The SHA256 fingerprint of the CA that signed the SSH certificate.
|
|
943
|
+
:param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] source_addresses: A list of one or more valid IP or CIDR addresses that can use the SSH
|
|
943
944
|
certificate.
|
|
944
|
-
:param pulumi.Input[str] template: The SSH certificate issuing template.
|
|
945
|
-
:param pulumi.Input[str] valid_from: The date the SSH certificate was issued.
|
|
946
|
-
:param pulumi.Input[int] valid_hours: Desired number of hours for which the certificate will be valid.
|
|
947
|
-
:param pulumi.Input[str] valid_to: The date the SSH certificate will expire.
|
|
948
|
-
:param pulumi.Input[bool] windows: Specifies whether the private key will use Windows/DOS style line breaks.
|
|
945
|
+
:param pulumi.Input[builtins.str] template: The SSH certificate issuing template.
|
|
946
|
+
:param pulumi.Input[builtins.str] valid_from: The date the SSH certificate was issued.
|
|
947
|
+
:param pulumi.Input[builtins.int] valid_hours: Desired number of hours for which the certificate will be valid.
|
|
948
|
+
:param pulumi.Input[builtins.str] valid_to: The date the SSH certificate will expire.
|
|
949
|
+
:param pulumi.Input[builtins.bool] windows: Specifies whether the private key will use Windows/DOS style line breaks.
|
|
949
950
|
"""
|
|
950
951
|
opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
|
|
951
952
|
|
|
@@ -979,7 +980,7 @@ class SshCertificate(pulumi.CustomResource):
|
|
|
979
980
|
|
|
980
981
|
@property
|
|
981
982
|
@pulumi.getter
|
|
982
|
-
def certificate(self) -> pulumi.Output[str]:
|
|
983
|
+
def certificate(self) -> pulumi.Output[builtins.str]:
|
|
983
984
|
"""
|
|
984
985
|
The issued SSH certificate.
|
|
985
986
|
"""
|
|
@@ -987,7 +988,7 @@ class SshCertificate(pulumi.CustomResource):
|
|
|
987
988
|
|
|
988
989
|
@property
|
|
989
990
|
@pulumi.getter(name="certificateType")
|
|
990
|
-
def certificate_type(self) -> pulumi.Output[str]:
|
|
991
|
+
def certificate_type(self) -> pulumi.Output[builtins.str]:
|
|
991
992
|
"""
|
|
992
993
|
Indicates whether the SSH certificate is for client or server authentication.
|
|
993
994
|
"""
|
|
@@ -995,7 +996,7 @@ class SshCertificate(pulumi.CustomResource):
|
|
|
995
996
|
|
|
996
997
|
@property
|
|
997
998
|
@pulumi.getter(name="destinationAddresses")
|
|
998
|
-
def destination_addresses(self) -> pulumi.Output[Optional[Sequence[str]]]:
|
|
999
|
+
def destination_addresses(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
|
|
999
1000
|
"""
|
|
1000
1001
|
A list of one or more valid IP or CIDR destination hosts where the
|
|
1001
1002
|
certificate will authenticate.
|
|
@@ -1004,7 +1005,7 @@ class SshCertificate(pulumi.CustomResource):
|
|
|
1004
1005
|
|
|
1005
1006
|
@property
|
|
1006
1007
|
@pulumi.getter
|
|
1007
|
-
def extensions(self) -> pulumi.Output[Optional[Sequence[str]]]:
|
|
1008
|
+
def extensions(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
|
|
1008
1009
|
"""
|
|
1009
1010
|
A list of key-value pairs that contain certificate extensions from the CA
|
|
1010
1011
|
template for client certificates. Allowed values (case-sensitive): `permit-X11-forwarding`, `permit-agent-forwarding`,
|
|
@@ -1014,7 +1015,7 @@ class SshCertificate(pulumi.CustomResource):
|
|
|
1014
1015
|
|
|
1015
1016
|
@property
|
|
1016
1017
|
@pulumi.getter
|
|
1017
|
-
def folder(self) -> pulumi.Output[Optional[str]]:
|
|
1018
|
+
def folder(self) -> pulumi.Output[Optional[builtins.str]]:
|
|
1018
1019
|
"""
|
|
1019
1020
|
The DN of the policy folder where the SSH certificate object will be created.
|
|
1020
1021
|
"""
|
|
@@ -1022,7 +1023,7 @@ class SshCertificate(pulumi.CustomResource):
|
|
|
1022
1023
|
|
|
1023
1024
|
@property
|
|
1024
1025
|
@pulumi.getter(name="forceCommand")
|
|
1025
|
-
def force_command(self) -> pulumi.Output[Optional[str]]:
|
|
1026
|
+
def force_command(self) -> pulumi.Output[Optional[builtins.str]]:
|
|
1026
1027
|
"""
|
|
1027
1028
|
A command to run after successful login.
|
|
1028
1029
|
"""
|
|
@@ -1030,7 +1031,7 @@ class SshCertificate(pulumi.CustomResource):
|
|
|
1030
1031
|
|
|
1031
1032
|
@property
|
|
1032
1033
|
@pulumi.getter(name="keyId")
|
|
1033
|
-
def key_id(self) -> pulumi.Output[str]:
|
|
1034
|
+
def key_id(self) -> pulumi.Output[builtins.str]:
|
|
1034
1035
|
"""
|
|
1035
1036
|
The identifier of the requested SSH certificate.
|
|
1036
1037
|
"""
|
|
@@ -1038,7 +1039,7 @@ class SshCertificate(pulumi.CustomResource):
|
|
|
1038
1039
|
|
|
1039
1040
|
@property
|
|
1040
1041
|
@pulumi.getter(name="keyPassphrase")
|
|
1041
|
-
def key_passphrase(self) -> pulumi.Output[Optional[str]]:
|
|
1042
|
+
def key_passphrase(self) -> pulumi.Output[Optional[builtins.str]]:
|
|
1042
1043
|
"""
|
|
1043
1044
|
Passphrase for encrypting the private key.
|
|
1044
1045
|
"""
|
|
@@ -1046,7 +1047,7 @@ class SshCertificate(pulumi.CustomResource):
|
|
|
1046
1047
|
|
|
1047
1048
|
@property
|
|
1048
1049
|
@pulumi.getter(name="keySize")
|
|
1049
|
-
def key_size(self) -> pulumi.Output[Optional[int]]:
|
|
1050
|
+
def key_size(self) -> pulumi.Output[Optional[builtins.int]]:
|
|
1050
1051
|
"""
|
|
1051
1052
|
Number of bits to use when creating a key pair. (e.g. `3072`).
|
|
1052
1053
|
"""
|
|
@@ -1054,7 +1055,7 @@ class SshCertificate(pulumi.CustomResource):
|
|
|
1054
1055
|
|
|
1055
1056
|
@property
|
|
1056
1057
|
@pulumi.getter(name="objectName")
|
|
1057
|
-
def object_name(self) -> pulumi.Output[Optional[str]]:
|
|
1058
|
+
def object_name(self) -> pulumi.Output[Optional[builtins.str]]:
|
|
1058
1059
|
"""
|
|
1059
1060
|
The friendly name of the SSH certificate object. When not specified the `key_id`
|
|
1060
1061
|
is used for the friendly name. If the object already exists the old certificate is archived and the CA issues a new
|
|
@@ -1065,7 +1066,7 @@ class SshCertificate(pulumi.CustomResource):
|
|
|
1065
1066
|
@property
|
|
1066
1067
|
@pulumi.getter
|
|
1067
1068
|
@_utilities.deprecated("""This will be removed in the future. Use \"principals\" instead""")
|
|
1068
|
-
def principal(self) -> pulumi.Output[Optional[Sequence[str]]]:
|
|
1069
|
+
def principal(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
|
|
1069
1070
|
"""
|
|
1070
1071
|
[DEPRECATED] - (Optional, set of strings) Use "principals" instead. A list of usernames for whom the
|
|
1071
1072
|
requested certificate will be valid.
|
|
@@ -1074,7 +1075,7 @@ class SshCertificate(pulumi.CustomResource):
|
|
|
1074
1075
|
|
|
1075
1076
|
@property
|
|
1076
1077
|
@pulumi.getter
|
|
1077
|
-
def principals(self) -> pulumi.Output[Optional[Sequence[str]]]:
|
|
1078
|
+
def principals(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
|
|
1078
1079
|
"""
|
|
1079
1080
|
A list of usernames for whom the requested certificate will be valid.
|
|
1080
1081
|
"""
|
|
@@ -1082,7 +1083,7 @@ class SshCertificate(pulumi.CustomResource):
|
|
|
1082
1083
|
|
|
1083
1084
|
@property
|
|
1084
1085
|
@pulumi.getter(name="privateKey")
|
|
1085
|
-
def private_key(self) -> pulumi.Output[str]:
|
|
1086
|
+
def private_key(self) -> pulumi.Output[builtins.str]:
|
|
1086
1087
|
"""
|
|
1087
1088
|
The private key for the SSH certificate if generated by Venafi.
|
|
1088
1089
|
"""
|
|
@@ -1090,7 +1091,7 @@ class SshCertificate(pulumi.CustomResource):
|
|
|
1090
1091
|
|
|
1091
1092
|
@property
|
|
1092
1093
|
@pulumi.getter(name="publicKey")
|
|
1093
|
-
def public_key(self) -> pulumi.Output[Optional[str]]:
|
|
1094
|
+
def public_key(self) -> pulumi.Output[Optional[builtins.str]]:
|
|
1094
1095
|
"""
|
|
1095
1096
|
The OpenSSH formatted public key that will be used to generate the SSH certificate.
|
|
1096
1097
|
"""
|
|
@@ -1098,7 +1099,7 @@ class SshCertificate(pulumi.CustomResource):
|
|
|
1098
1099
|
|
|
1099
1100
|
@property
|
|
1100
1101
|
@pulumi.getter(name="publicKeyFingerprint")
|
|
1101
|
-
def public_key_fingerprint(self) -> pulumi.Output[str]:
|
|
1102
|
+
def public_key_fingerprint(self) -> pulumi.Output[builtins.str]:
|
|
1102
1103
|
"""
|
|
1103
1104
|
The SHA256 fingerprint of the SSH certificate's public key.
|
|
1104
1105
|
"""
|
|
@@ -1106,7 +1107,7 @@ class SshCertificate(pulumi.CustomResource):
|
|
|
1106
1107
|
|
|
1107
1108
|
@property
|
|
1108
1109
|
@pulumi.getter(name="publicKeyMethod")
|
|
1109
|
-
def public_key_method(self) -> pulumi.Output[Optional[str]]:
|
|
1110
|
+
def public_key_method(self) -> pulumi.Output[Optional[builtins.str]]:
|
|
1110
1111
|
"""
|
|
1111
1112
|
Specifies whether the public key will be `local` (default), `file` or
|
|
1112
1113
|
`service` generated.
|
|
@@ -1115,7 +1116,7 @@ class SshCertificate(pulumi.CustomResource):
|
|
|
1115
1116
|
|
|
1116
1117
|
@property
|
|
1117
1118
|
@pulumi.getter
|
|
1118
|
-
def serial(self) -> pulumi.Output[str]:
|
|
1119
|
+
def serial(self) -> pulumi.Output[builtins.str]:
|
|
1119
1120
|
"""
|
|
1120
1121
|
The serial number of the SSH certificate.
|
|
1121
1122
|
"""
|
|
@@ -1123,7 +1124,7 @@ class SshCertificate(pulumi.CustomResource):
|
|
|
1123
1124
|
|
|
1124
1125
|
@property
|
|
1125
1126
|
@pulumi.getter(name="signingCa")
|
|
1126
|
-
def signing_ca(self) -> pulumi.Output[str]:
|
|
1127
|
+
def signing_ca(self) -> pulumi.Output[builtins.str]:
|
|
1127
1128
|
"""
|
|
1128
1129
|
The SHA256 fingerprint of the CA that signed the SSH certificate.
|
|
1129
1130
|
"""
|
|
@@ -1131,7 +1132,7 @@ class SshCertificate(pulumi.CustomResource):
|
|
|
1131
1132
|
|
|
1132
1133
|
@property
|
|
1133
1134
|
@pulumi.getter(name="sourceAddresses")
|
|
1134
|
-
def source_addresses(self) -> pulumi.Output[Optional[Sequence[str]]]:
|
|
1135
|
+
def source_addresses(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
|
|
1135
1136
|
"""
|
|
1136
1137
|
A list of one or more valid IP or CIDR addresses that can use the SSH
|
|
1137
1138
|
certificate.
|
|
@@ -1140,7 +1141,7 @@ class SshCertificate(pulumi.CustomResource):
|
|
|
1140
1141
|
|
|
1141
1142
|
@property
|
|
1142
1143
|
@pulumi.getter
|
|
1143
|
-
def template(self) -> pulumi.Output[str]:
|
|
1144
|
+
def template(self) -> pulumi.Output[builtins.str]:
|
|
1144
1145
|
"""
|
|
1145
1146
|
The SSH certificate issuing template.
|
|
1146
1147
|
"""
|
|
@@ -1148,7 +1149,7 @@ class SshCertificate(pulumi.CustomResource):
|
|
|
1148
1149
|
|
|
1149
1150
|
@property
|
|
1150
1151
|
@pulumi.getter(name="validFrom")
|
|
1151
|
-
def valid_from(self) -> pulumi.Output[str]:
|
|
1152
|
+
def valid_from(self) -> pulumi.Output[builtins.str]:
|
|
1152
1153
|
"""
|
|
1153
1154
|
The date the SSH certificate was issued.
|
|
1154
1155
|
"""
|
|
@@ -1156,7 +1157,7 @@ class SshCertificate(pulumi.CustomResource):
|
|
|
1156
1157
|
|
|
1157
1158
|
@property
|
|
1158
1159
|
@pulumi.getter(name="validHours")
|
|
1159
|
-
def valid_hours(self) -> pulumi.Output[Optional[int]]:
|
|
1160
|
+
def valid_hours(self) -> pulumi.Output[Optional[builtins.int]]:
|
|
1160
1161
|
"""
|
|
1161
1162
|
Desired number of hours for which the certificate will be valid.
|
|
1162
1163
|
"""
|
|
@@ -1164,7 +1165,7 @@ class SshCertificate(pulumi.CustomResource):
|
|
|
1164
1165
|
|
|
1165
1166
|
@property
|
|
1166
1167
|
@pulumi.getter(name="validTo")
|
|
1167
|
-
def valid_to(self) -> pulumi.Output[str]:
|
|
1168
|
+
def valid_to(self) -> pulumi.Output[builtins.str]:
|
|
1168
1169
|
"""
|
|
1169
1170
|
The date the SSH certificate will expire.
|
|
1170
1171
|
"""
|
|
@@ -1172,7 +1173,7 @@ class SshCertificate(pulumi.CustomResource):
|
|
|
1172
1173
|
|
|
1173
1174
|
@property
|
|
1174
1175
|
@pulumi.getter
|
|
1175
|
-
def windows(self) -> pulumi.Output[Optional[bool]]:
|
|
1176
|
+
def windows(self) -> pulumi.Output[Optional[builtins.bool]]:
|
|
1176
1177
|
"""
|
|
1177
1178
|
Specifies whether the private key will use Windows/DOS style line breaks.
|
|
1178
1179
|
"""
|