diff --git a/provider/cmd/pulumi-resource-vault/bridge-metadata.json b/provider/cmd/pulumi-resource-vault/bridge-metadata.json new file mode 100644 index 000000000..187622b3e --- /dev/null +++ b/provider/cmd/pulumi-resource-vault/bridge-metadata.json @@ -0,0 +1,4325 @@ +{ + "auto-aliasing": { + "resources": { + "vault_ad_secret_backend": { + "current": "vault:ad/secretBackend:SecretBackend", + "majorVersion": 5 + }, + "vault_ad_secret_library": { + "current": "vault:ad/secretLibrary:SecretLibrary", + "majorVersion": 5, + "fields": { + "service_account_names": { + "maxItemsOne": false + } + } + }, + "vault_ad_secret_role": { + "current": "vault:ad/secretRole:SecretRole", + "majorVersion": 5 + }, + "vault_alicloud_auth_backend_role": { + "current": "vault:alicloud/authBackendRole:AuthBackendRole", + "majorVersion": 5, + "fields": { + "token_bound_cidrs": { + "maxItemsOne": false + }, + "token_policies": { + "maxItemsOne": false + } + } + }, + "vault_approle_auth_backend_login": { + "current": "vault:appRole/authBackendLogin:AuthBackendLogin", + "majorVersion": 5, + "fields": { + "policies": { + "maxItemsOne": false + } + } + }, + "vault_approle_auth_backend_role": { + "current": "vault:appRole/authBackendRole:AuthBackendRole", + "majorVersion": 5, + "fields": { + "secret_id_bound_cidrs": { + "maxItemsOne": false + }, + "token_bound_cidrs": { + "maxItemsOne": false + }, + "token_policies": { + "maxItemsOne": false + } + } + }, + "vault_approle_auth_backend_role_secret_id": { + "current": "vault:appRole/authBackendRoleSecretId:AuthBackendRoleSecretId", + "majorVersion": 5, + "fields": { + "cidr_list": { + "maxItemsOne": false + } + } + }, + "vault_audit": { + "current": "vault:index/audit:Audit", + "majorVersion": 5 + }, + "vault_audit_request_header": { + "current": "vault:index/auditRequestHeader:AuditRequestHeader", + "majorVersion": 5 + }, + "vault_auth_backend": { + "current": "vault:index/authBackend:AuthBackend", + "majorVersion": 5, + "fields": { + "tune": { + "maxItemsOne": true, + "elem": { + "fields": { + "allowed_response_headers": { + "maxItemsOne": false + }, + "audit_non_hmac_request_keys": { + "maxItemsOne": false + }, + "audit_non_hmac_response_keys": { + "maxItemsOne": false + }, + "passthrough_request_headers": { + "maxItemsOne": false + } + } + } + } + } + }, + "vault_aws_auth_backend_cert": { + "current": "vault:aws/authBackendCert:AuthBackendCert", + "majorVersion": 5 + }, + "vault_aws_auth_backend_client": { + "current": "vault:aws/authBackendClient:AuthBackendClient", + "majorVersion": 5 + }, + "vault_aws_auth_backend_config_identity": { + "current": "vault:aws/authBackendConfigIdentity:AuthBackendConfigIdentity", + "majorVersion": 5, + "fields": { + "ec2_metadata": { + "maxItemsOne": false + }, + "iam_metadata": { + "maxItemsOne": false + } + } + }, + "vault_aws_auth_backend_identity_whitelist": { + "current": "vault:aws/authBackendIdentityWhitelist:AuthBackendIdentityWhitelist", + "majorVersion": 5 + }, + "vault_aws_auth_backend_login": { + "current": "vault:aws/authBackendLogin:AuthBackendLogin", + "majorVersion": 5, + "fields": { + "policies": { + "maxItemsOne": false + } + } + }, + "vault_aws_auth_backend_role": { + "current": "vault:aws/authBackendRole:AuthBackendRole", + "majorVersion": 5, + "fields": { + "bound_account_ids": { + "maxItemsOne": false + }, + "bound_ami_ids": { + "maxItemsOne": false + }, + "bound_ec2_instance_ids": { + "maxItemsOne": false + }, + "bound_iam_instance_profile_arns": { + "maxItemsOne": false + }, + "bound_iam_principal_arns": { + "maxItemsOne": false + }, + "bound_iam_role_arns": { + "maxItemsOne": false + }, + "bound_regions": { + "maxItemsOne": false + }, + "bound_subnet_ids": { + "maxItemsOne": false + }, + "bound_vpc_ids": { + "maxItemsOne": false + }, + "token_bound_cidrs": { + "maxItemsOne": false + }, + "token_policies": { + "maxItemsOne": false + } + } + }, + "vault_aws_auth_backend_role_tag": { + "current": "vault:aws/authBackendRoleTag:AuthBackendRoleTag", + "majorVersion": 5, + "fields": { + "policies": { + "maxItemsOne": false + } + } + }, + "vault_aws_auth_backend_roletag_blacklist": { + "current": "vault:aws/authBackendRoletagBlacklist:AuthBackendRoletagBlacklist", + "majorVersion": 5 + }, + "vault_aws_auth_backend_sts_role": { + "current": "vault:aws/authBackendStsRole:AuthBackendStsRole", + "majorVersion": 5 + }, + "vault_aws_secret_backend": { + "current": "vault:aws/secretBackend:SecretBackend", + "majorVersion": 5 + }, + "vault_aws_secret_backend_role": { + "current": "vault:aws/secretBackendRole:SecretBackendRole", + "majorVersion": 5, + "fields": { + "iam_groups": { + "maxItemsOne": false + }, + "policy_arns": { + "maxItemsOne": false + }, + "role_arns": { + "maxItemsOne": false + } + } + }, + "vault_aws_secret_backend_static_role": { + "current": "vault:aws/secretBackendStaticRole:SecretBackendStaticRole", + "majorVersion": 5 + }, + "vault_azure_auth_backend_config": { + "current": "vault:azure/authBackendConfig:AuthBackendConfig", + "majorVersion": 5 + }, + "vault_azure_auth_backend_role": { + "current": "vault:azure/authBackendRole:AuthBackendRole", + "majorVersion": 5, + "fields": { + "bound_group_ids": { + "maxItemsOne": false + }, + "bound_locations": { + "maxItemsOne": false + }, + "bound_resource_groups": { + "maxItemsOne": false + }, + "bound_scale_sets": { + "maxItemsOne": false + }, + "bound_service_principal_ids": { + "maxItemsOne": false + }, + "bound_subscription_ids": { + "maxItemsOne": false + }, + "token_bound_cidrs": { + "maxItemsOne": false + }, + "token_policies": { + "maxItemsOne": false + } + } + }, + "vault_azure_secret_backend": { + "current": "vault:azure/backend:Backend", + "majorVersion": 5 + }, + "vault_azure_secret_backend_role": { + "current": "vault:azure/backendRole:BackendRole", + "majorVersion": 5, + "fields": { + "azure_groups": { + "maxItemsOne": false + }, + "azure_roles": { + "maxItemsOne": false + } + } + }, + "vault_cert_auth_backend_role": { + "current": "vault:index/certAuthBackendRole:CertAuthBackendRole", + "majorVersion": 5, + "fields": { + "allowed_common_names": { + "maxItemsOne": false + }, + "allowed_dns_sans": { + "maxItemsOne": false + }, + "allowed_email_sans": { + "maxItemsOne": false + }, + "allowed_names": { + "maxItemsOne": false + }, + "allowed_organization_units": { + "maxItemsOne": false + }, + "allowed_organizational_units": { + "maxItemsOne": false + }, + "allowed_uri_sans": { + "maxItemsOne": false + }, + "ocsp_servers_override": { + "maxItemsOne": false + }, + "required_extensions": { + "maxItemsOne": false + }, + "token_bound_cidrs": { + "maxItemsOne": false + }, + "token_policies": { + "maxItemsOne": false + } + } + }, + "vault_consul_secret_backend": { + "current": "vault:consul/secretBackend:SecretBackend", + "majorVersion": 5 + }, + "vault_consul_secret_backend_role": { + "current": "vault:consul/secretBackendRole:SecretBackendRole", + "majorVersion": 5, + "fields": { + "consul_policies": { + "maxItemsOne": false + }, + "consul_roles": { + "maxItemsOne": false + }, + "node_identities": { + "maxItemsOne": false + }, + "policies": { + "maxItemsOne": false + }, + "service_identities": { + "maxItemsOne": false + } + } + }, + "vault_database_secret_backend_connection": { + "current": "vault:database/secretBackendConnection:SecretBackendConnection", + "majorVersion": 5, + "fields": { + "allowed_roles": { + "maxItemsOne": false + }, + "cassandra": { + "maxItemsOne": true, + "elem": { + "fields": { + "hosts": { + "maxItemsOne": false + } + } + } + }, + "couchbase": { + "maxItemsOne": true, + "elem": { + "fields": { + "hosts": { + "maxItemsOne": false + } + } + } + }, + "elasticsearch": { + "maxItemsOne": true + }, + "hana": { + "maxItemsOne": true + }, + "influxdb": { + "maxItemsOne": true + }, + "mongodb": { + "maxItemsOne": true + }, + "mongodbatlas": { + "maxItemsOne": true + }, + "mssql": { + "maxItemsOne": true + }, + "mysql": { + "maxItemsOne": true + }, + "mysql_aurora": { + "maxItemsOne": true + }, + "mysql_legacy": { + "maxItemsOne": true + }, + "mysql_rds": { + "maxItemsOne": true + }, + "oracle": { + "maxItemsOne": true + }, + "postgresql": { + "maxItemsOne": true + }, + "redis": { + "maxItemsOne": true + }, + "redis_elasticache": { + "maxItemsOne": true + }, + "redshift": { + "maxItemsOne": true + }, + "root_rotation_statements": { + "maxItemsOne": false + }, + "snowflake": { + "maxItemsOne": true + } + } + }, + "vault_database_secret_backend_role": { + "current": "vault:database/secretBackendRole:SecretBackendRole", + "majorVersion": 5, + "fields": { + "creation_statements": { + "maxItemsOne": false + }, + "renew_statements": { + "maxItemsOne": false + }, + "revocation_statements": { + "maxItemsOne": false + }, + "rollback_statements": { + "maxItemsOne": false + } + } + }, + "vault_database_secret_backend_static_role": { + "current": "vault:database/secretBackendStaticRole:SecretBackendStaticRole", + "majorVersion": 5, + "fields": { + "rotation_statements": { + "maxItemsOne": false + } + } + }, + "vault_database_secrets_mount": { + "current": "vault:database/secretsMount:SecretsMount", + "majorVersion": 5, + "fields": { + "allowed_managed_keys": { + "maxItemsOne": false + }, + "audit_non_hmac_request_keys": { + "maxItemsOne": false + }, + "audit_non_hmac_response_keys": { + "maxItemsOne": false + }, + "cassandra": { + "maxItemsOne": false, + "elem": { + "fields": { + "allowed_roles": { + "maxItemsOne": false + }, + "hosts": { + "maxItemsOne": false + }, + "root_rotation_statements": { + "maxItemsOne": false + } + } + } + }, + "couchbase": { + "maxItemsOne": false, + "elem": { + "fields": { + "allowed_roles": { + "maxItemsOne": false + }, + "hosts": { + "maxItemsOne": false + }, + "root_rotation_statements": { + "maxItemsOne": false + } + } + } + }, + "elasticsearch": { + "maxItemsOne": false, + "elem": { + "fields": { + "allowed_roles": { + "maxItemsOne": false + }, + "root_rotation_statements": { + "maxItemsOne": false + } + } + } + }, + "hana": { + "maxItemsOne": false, + "elem": { + "fields": { + "allowed_roles": { + "maxItemsOne": false + }, + "root_rotation_statements": { + "maxItemsOne": false + } + } + } + }, + "influxdb": { + "maxItemsOne": false, + "elem": { + "fields": { + "allowed_roles": { + "maxItemsOne": false + }, + "root_rotation_statements": { + "maxItemsOne": false + } + } + } + }, + "mongodb": { + "maxItemsOne": false, + "elem": { + "fields": { + "allowed_roles": { + "maxItemsOne": false + }, + "root_rotation_statements": { + "maxItemsOne": false + } + } + } + }, + "mongodbatlas": { + "maxItemsOne": false, + "elem": { + "fields": { + "allowed_roles": { + "maxItemsOne": false + }, + "root_rotation_statements": { + "maxItemsOne": false + } + } + } + }, + "mssql": { + "maxItemsOne": false, + "elem": { + "fields": { + "allowed_roles": { + "maxItemsOne": false + }, + "root_rotation_statements": { + "maxItemsOne": false + } + } + } + }, + "mysql": { + "maxItemsOne": false, + "elem": { + "fields": { + "allowed_roles": { + "maxItemsOne": false + }, + "root_rotation_statements": { + "maxItemsOne": false + } + } + } + }, + "mysql_aurora": { + "maxItemsOne": false, + "elem": { + "fields": { + "allowed_roles": { + "maxItemsOne": false + }, + "root_rotation_statements": { + "maxItemsOne": false + } + } + } + }, + "mysql_legacy": { + "maxItemsOne": false, + "elem": { + "fields": { + "allowed_roles": { + "maxItemsOne": false + }, + "root_rotation_statements": { + "maxItemsOne": false + } + } + } + }, + "mysql_rds": { + "maxItemsOne": false, + "elem": { + "fields": { + "allowed_roles": { + "maxItemsOne": false + }, + "root_rotation_statements": { + "maxItemsOne": false + } + } + } + }, + "oracle": { + "maxItemsOne": false, + "elem": { + "fields": { + "allowed_roles": { + "maxItemsOne": false + }, + "root_rotation_statements": { + "maxItemsOne": false + } + } + } + }, + "postgresql": { + "maxItemsOne": false, + "elem": { + "fields": { + "allowed_roles": { + "maxItemsOne": false + }, + "root_rotation_statements": { + "maxItemsOne": false + } + } + } + }, + "redis": { + "maxItemsOne": false, + "elem": { + "fields": { + "allowed_roles": { + "maxItemsOne": false + }, + "root_rotation_statements": { + "maxItemsOne": false + } + } + } + }, + "redis_elasticache": { + "maxItemsOne": false, + "elem": { + "fields": { + "allowed_roles": { + "maxItemsOne": false + }, + "root_rotation_statements": { + "maxItemsOne": false + } + } + } + }, + "redshift": { + "maxItemsOne": false, + "elem": { + "fields": { + "allowed_roles": { + "maxItemsOne": false + }, + "root_rotation_statements": { + "maxItemsOne": false + } + } + } + }, + "snowflake": { + "maxItemsOne": false, + "elem": { + "fields": { + "allowed_roles": { + "maxItemsOne": false + }, + "root_rotation_statements": { + "maxItemsOne": false + } + } + } + } + } + }, + "vault_egp_policy": { + "current": "vault:index/egpPolicy:EgpPolicy", + "majorVersion": 5, + "fields": { + "paths": { + "maxItemsOne": false + } + } + }, + "vault_gcp_auth_backend": { + "current": "vault:gcp/authBackend:AuthBackend", + "majorVersion": 5, + "fields": { + "custom_endpoint": { + "maxItemsOne": true + } + } + }, + "vault_gcp_auth_backend_role": { + "current": "vault:gcp/authBackendRole:AuthBackendRole", + "majorVersion": 5, + "fields": { + "bound_instance_groups": { + "maxItemsOne": false + }, + "bound_labels": { + "maxItemsOne": false + }, + "bound_projects": { + "maxItemsOne": false + }, + "bound_regions": { + "maxItemsOne": false + }, + "bound_service_accounts": { + "maxItemsOne": false + }, + "bound_zones": { + "maxItemsOne": false + }, + "token_bound_cidrs": { + "maxItemsOne": false + }, + "token_policies": { + "maxItemsOne": false + } + } + }, + "vault_gcp_secret_backend": { + "current": "vault:gcp/secretBackend:SecretBackend", + "majorVersion": 5 + }, + "vault_gcp_secret_impersonated_account": { + "current": "vault:gcp/secretImpersonatedAccount:SecretImpersonatedAccount", + "majorVersion": 5, + "fields": { + "token_scopes": { + "maxItemsOne": false + } + } + }, + "vault_gcp_secret_roleset": { + "current": "vault:gcp/secretRoleset:SecretRoleset", + "majorVersion": 5, + "fields": { + "binding": { + "maxItemsOne": false, + "elem": { + "fields": { + "roles": { + "maxItemsOne": false + } + } + } + }, + "token_scopes": { + "maxItemsOne": false + } + } + }, + "vault_gcp_secret_static_account": { + "current": "vault:gcp/secretStaticAccount:SecretStaticAccount", + "majorVersion": 5, + "fields": { + "binding": { + "maxItemsOne": false, + "elem": { + "fields": { + "roles": { + "maxItemsOne": false + } + } + } + }, + "token_scopes": { + "maxItemsOne": false + } + } + }, + "vault_generic_endpoint": { + "current": "vault:generic/endpoint:Endpoint", + "majorVersion": 5, + "fields": { + "write_fields": { + "maxItemsOne": false + } + } + }, + "vault_generic_secret": { + "current": "vault:generic/secret:Secret", + "majorVersion": 5 + }, + "vault_github_auth_backend": { + "current": "vault:github/authBackend:AuthBackend", + "majorVersion": 5, + "fields": { + "token_bound_cidrs": { + "maxItemsOne": false + }, + "token_policies": { + "maxItemsOne": false + }, + "tune": { + "maxItemsOne": true, + "elem": { + "fields": { + "allowed_response_headers": { + "maxItemsOne": false + }, + "audit_non_hmac_request_keys": { + "maxItemsOne": false + }, + "audit_non_hmac_response_keys": { + "maxItemsOne": false + }, + "passthrough_request_headers": { + "maxItemsOne": false + } + } + } + } + } + }, + "vault_github_team": { + "current": "vault:github/team:Team", + "majorVersion": 5, + "fields": { + "policies": { + "maxItemsOne": false + } + } + }, + "vault_github_user": { + "current": "vault:github/user:User", + "majorVersion": 5, + "fields": { + "policies": { + "maxItemsOne": false + } + } + }, + "vault_identity_entity": { + "current": "vault:identity/entity:Entity", + "majorVersion": 5, + "fields": { + "policies": { + "maxItemsOne": false + } + } + }, + "vault_identity_entity_alias": { + "current": "vault:identity/entityAlias:EntityAlias", + "majorVersion": 5 + }, + "vault_identity_entity_policies": { + "current": "vault:identity/entityPolicies:EntityPolicies", + "majorVersion": 5, + "fields": { + "policies": { + "maxItemsOne": false + } + } + }, + "vault_identity_group": { + "current": "vault:identity/group:Group", + "majorVersion": 5, + "fields": { + "member_entity_ids": { + "maxItemsOne": false + }, + "member_group_ids": { + "maxItemsOne": false + }, + "policies": { + "maxItemsOne": false + } + } + }, + "vault_identity_group_alias": { + "current": "vault:identity/groupAlias:GroupAlias", + "majorVersion": 5 + }, + "vault_identity_group_member_entity_ids": { + "current": "vault:identity/groupMemberEntityIds:GroupMemberEntityIds", + "majorVersion": 5, + "fields": { + "member_entity_ids": { + "maxItemsOne": false + } + } + }, + "vault_identity_group_member_group_ids": { + "current": "vault:identity/groupMemberGroupIds:GroupMemberGroupIds", + "majorVersion": 5, + "fields": { + "member_group_ids": { + "maxItemsOne": false + } + } + }, + "vault_identity_group_policies": { + "current": "vault:identity/groupPolicies:GroupPolicies", + "majorVersion": 5, + "fields": { + "policies": { + "maxItemsOne": false + } + } + }, + "vault_identity_mfa_duo": { + "current": "vault:identity/mfaDuo:MfaDuo", + "majorVersion": 5 + }, + "vault_identity_mfa_login_enforcement": { + "current": "vault:identity/mfaLoginEnforcement:MfaLoginEnforcement", + "majorVersion": 5, + "fields": { + "auth_method_accessors": { + "maxItemsOne": false + }, + "auth_method_types": { + "maxItemsOne": false + }, + "identity_entity_ids": { + "maxItemsOne": false + }, + "identity_group_ids": { + "maxItemsOne": false + }, + "mfa_method_ids": { + "maxItemsOne": false + } + } + }, + "vault_identity_mfa_okta": { + "current": "vault:identity/mfaOkta:MfaOkta", + "majorVersion": 5 + }, + "vault_identity_mfa_pingid": { + "current": "vault:identity/mfaPingid:MfaPingid", + "majorVersion": 5 + }, + "vault_identity_mfa_totp": { + "current": "vault:identity/mfaTotp:MfaTotp", + "majorVersion": 5 + }, + "vault_identity_oidc": { + "current": "vault:identity/oidc:Oidc", + "majorVersion": 5 + }, + "vault_identity_oidc_assignment": { + "current": "vault:identity/oidcAssignment:OidcAssignment", + "majorVersion": 5, + "fields": { + "entity_ids": { + "maxItemsOne": false + }, + "group_ids": { + "maxItemsOne": false + } + } + }, + "vault_identity_oidc_client": { + "current": "vault:identity/oidcClient:OidcClient", + "majorVersion": 5, + "fields": { + "assignments": { + "maxItemsOne": false + }, + "redirect_uris": { + "maxItemsOne": false + } + } + }, + "vault_identity_oidc_key": { + "current": "vault:identity/oidcKey:OidcKey", + "majorVersion": 5, + "fields": { + "allowed_client_ids": { + "maxItemsOne": false + } + } + }, + "vault_identity_oidc_key_allowed_client_id": { + "current": "vault:identity/oidcKeyAllowedClientID:OidcKeyAllowedClientID", + "majorVersion": 5 + }, + "vault_identity_oidc_provider": { + "current": "vault:identity/oidcProvider:OidcProvider", + "majorVersion": 5, + "fields": { + "allowed_client_ids": { + "maxItemsOne": false + }, + "scopes_supported": { + "maxItemsOne": false + } + } + }, + "vault_identity_oidc_role": { + "current": "vault:identity/oidcRole:OidcRole", + "majorVersion": 5 + }, + "vault_identity_oidc_scope": { + "current": "vault:identity/oidcScope:OidcScope", + "majorVersion": 5 + }, + "vault_jwt_auth_backend": { + "current": "vault:jwt/authBackend:AuthBackend", + "majorVersion": 5, + "fields": { + "jwt_supported_algs": { + "maxItemsOne": false + }, + "jwt_validation_pubkeys": { + "maxItemsOne": false + }, + "oidc_response_types": { + "maxItemsOne": false + }, + "tune": { + "maxItemsOne": true, + "elem": { + "fields": { + "allowed_response_headers": { + "maxItemsOne": false + }, + "audit_non_hmac_request_keys": { + "maxItemsOne": false + }, + "audit_non_hmac_response_keys": { + "maxItemsOne": false + }, + "passthrough_request_headers": { + "maxItemsOne": false + } + } + } + } + } + }, + "vault_jwt_auth_backend_role": { + "current": "vault:jwt/authBackendRole:AuthBackendRole", + "majorVersion": 5, + "fields": { + "allowed_redirect_uris": { + "maxItemsOne": false + }, + "bound_audiences": { + "maxItemsOne": false + }, + "oidc_scopes": { + "maxItemsOne": false + }, + "token_bound_cidrs": { + "maxItemsOne": false + }, + "token_policies": { + "maxItemsOne": false + } + } + }, + "vault_kmip_secret_backend": { + "current": "vault:kmip/secretBackend:SecretBackend", + "majorVersion": 5, + "fields": { + "listen_addrs": { + "maxItemsOne": false + }, + "server_hostnames": { + "maxItemsOne": false + }, + "server_ips": { + "maxItemsOne": false + } + } + }, + "vault_kmip_secret_role": { + "current": "vault:kmip/secretRole:SecretRole", + "majorVersion": 5 + }, + "vault_kmip_secret_scope": { + "current": "vault:kmip/secretScope:SecretScope", + "majorVersion": 5 + }, + "vault_kubernetes_auth_backend_config": { + "current": "vault:kubernetes/authBackendConfig:AuthBackendConfig", + "majorVersion": 5, + "fields": { + "pem_keys": { + "maxItemsOne": false + } + } + }, + "vault_kubernetes_auth_backend_role": { + "current": "vault:kubernetes/authBackendRole:AuthBackendRole", + "majorVersion": 5, + "fields": { + "bound_service_account_names": { + "maxItemsOne": false + }, + "bound_service_account_namespaces": { + "maxItemsOne": false + }, + "token_bound_cidrs": { + "maxItemsOne": false + }, + "token_policies": { + "maxItemsOne": false + } + } + }, + "vault_kubernetes_secret_backend": { + "current": "vault:kubernetes/secretBackend:SecretBackend", + "majorVersion": 5, + "fields": { + "allowed_managed_keys": { + "maxItemsOne": false + }, + "audit_non_hmac_request_keys": { + "maxItemsOne": false + }, + "audit_non_hmac_response_keys": { + "maxItemsOne": false + } + } + }, + "vault_kubernetes_secret_backend_role": { + "current": "vault:kubernetes/secretBackendRole:SecretBackendRole", + "majorVersion": 5, + "fields": { + "allowed_kubernetes_namespaces": { + "maxItemsOne": false + } + } + }, + "vault_kv_secret": { + "current": "vault:kv/secret:Secret", + "majorVersion": 5 + }, + "vault_kv_secret_backend_v2": { + "current": "vault:kv/secretBackendV2:SecretBackendV2", + "majorVersion": 5 + }, + "vault_kv_secret_v2": { + "current": "vault:kv/secretV2:SecretV2", + "majorVersion": 5, + "fields": { + "custom_metadata": { + "maxItemsOne": true + } + } + }, + "vault_ldap_auth_backend": { + "current": "vault:ldap/authBackend:AuthBackend", + "majorVersion": 5, + "fields": { + "token_bound_cidrs": { + "maxItemsOne": false + }, + "token_policies": { + "maxItemsOne": false + } + } + }, + "vault_ldap_auth_backend_group": { + "current": "vault:ldap/authBackendGroup:AuthBackendGroup", + "majorVersion": 5, + "fields": { + "policies": { + "maxItemsOne": false + } + } + }, + "vault_ldap_auth_backend_user": { + "current": "vault:ldap/authBackendUser:AuthBackendUser", + "majorVersion": 5, + "fields": { + "groups": { + "maxItemsOne": false + }, + "policies": { + "maxItemsOne": false + } + } + }, + "vault_ldap_secret_backend": { + "current": "vault:ldap/secretBackend:SecretBackend", + "majorVersion": 5, + "fields": { + "allowed_managed_keys": { + "maxItemsOne": false + }, + "audit_non_hmac_request_keys": { + "maxItemsOne": false + }, + "audit_non_hmac_response_keys": { + "maxItemsOne": false + } + } + }, + "vault_ldap_secret_backend_dynamic_role": { + "current": "vault:ldap/secretBackendDynamicRole:SecretBackendDynamicRole", + "majorVersion": 5 + }, + "vault_ldap_secret_backend_library_set": { + "current": "vault:ldap/secretBackendLibrarySet:SecretBackendLibrarySet", + "majorVersion": 5, + "fields": { + "service_account_names": { + "maxItemsOne": false + } + } + }, + "vault_ldap_secret_backend_static_role": { + "current": "vault:ldap/secretBackendStaticRole:SecretBackendStaticRole", + "majorVersion": 5 + }, + "vault_managed_keys": { + "current": "vault:managed/keys:Keys", + "majorVersion": 5, + "fields": { + "aws": { + "maxItemsOne": false + }, + "azure": { + "maxItemsOne": false + }, + "pkcs": { + "maxItemsOne": false + } + } + }, + "vault_mfa_duo": { + "current": "vault:index/mfaDuo:MfaDuo", + "majorVersion": 5 + }, + "vault_mfa_okta": { + "current": "vault:index/mfaOkta:MfaOkta", + "majorVersion": 5 + }, + "vault_mfa_pingid": { + "current": "vault:index/mfaPingid:MfaPingid", + "majorVersion": 5 + }, + "vault_mfa_totp": { + "current": "vault:index/mfaTotp:MfaTotp", + "majorVersion": 5 + }, + "vault_mongodbatlas_secret_backend": { + "current": "vault:mongodbatlas/secretBackend:SecretBackend", + "majorVersion": 5 + }, + "vault_mongodbatlas_secret_role": { + "current": "vault:mongodbatlas/secretRole:SecretRole", + "majorVersion": 5, + "fields": { + "cidr_blocks": { + "maxItemsOne": false + }, + "ip_addresses": { + "maxItemsOne": false + }, + "project_roles": { + "maxItemsOne": false + }, + "roles": { + "maxItemsOne": false + } + } + }, + "vault_mount": { + "current": "vault:index/mount:Mount", + "majorVersion": 5, + "fields": { + "allowed_managed_keys": { + "maxItemsOne": false + }, + "audit_non_hmac_request_keys": { + "maxItemsOne": false + }, + "audit_non_hmac_response_keys": { + "maxItemsOne": false + } + } + }, + "vault_namespace": { + "current": "vault:index/namespace:Namespace", + "majorVersion": 5 + }, + "vault_nomad_secret_backend": { + "current": "vault:index/nomadSecretBackend:NomadSecretBackend", + "majorVersion": 5 + }, + "vault_nomad_secret_role": { + "current": "vault:index/nomadSecretRole:NomadSecretRole", + "majorVersion": 5, + "fields": { + "policies": { + "maxItemsOne": false + } + } + }, + "vault_okta_auth_backend": { + "current": "vault:okta/authBackend:AuthBackend", + "majorVersion": 5, + "fields": { + "group": { + "maxItemsOne": false, + "elem": { + "fields": { + "policies": { + "maxItemsOne": false + } + } + } + }, + "user": { + "maxItemsOne": false, + "elem": { + "fields": { + "groups": { + "maxItemsOne": false + }, + "policies": { + "maxItemsOne": false + } + } + } + } + } + }, + "vault_okta_auth_backend_group": { + "current": "vault:okta/authBackendGroup:AuthBackendGroup", + "majorVersion": 5, + "fields": { + "policies": { + "maxItemsOne": false + } + } + }, + "vault_okta_auth_backend_user": { + "current": "vault:okta/authBackendUser:AuthBackendUser", + "majorVersion": 5, + "fields": { + "groups": { + "maxItemsOne": false + }, + "policies": { + "maxItemsOne": false + } + } + }, + "vault_password_policy": { + "current": "vault:index/passwordPolicy:PasswordPolicy", + "majorVersion": 5 + }, + "vault_pki_secret_backend_cert": { + "current": "vault:pkiSecret/secretBackendCert:SecretBackendCert", + "majorVersion": 5, + "fields": { + "alt_names": { + "maxItemsOne": false + }, + "ip_sans": { + "maxItemsOne": false + }, + "other_sans": { + "maxItemsOne": false + }, + "uri_sans": { + "maxItemsOne": false + }, + "user_ids": { + "maxItemsOne": false + } + } + }, + "vault_pki_secret_backend_config_ca": { + "current": "vault:pkiSecret/secretBackendConfigCa:SecretBackendConfigCa", + "majorVersion": 5 + }, + "vault_pki_secret_backend_config_issuers": { + "current": "vault:pkiSecret/secretBackendConfigIssuers:SecretBackendConfigIssuers", + "majorVersion": 5 + }, + "vault_pki_secret_backend_config_urls": { + "current": "vault:pkiSecret/secretBackendConfigUrls:SecretBackendConfigUrls", + "majorVersion": 5, + "fields": { + "crl_distribution_points": { + "maxItemsOne": false + }, + "issuing_certificates": { + "maxItemsOne": false + }, + "ocsp_servers": { + "maxItemsOne": false + } + } + }, + "vault_pki_secret_backend_crl_config": { + "current": "vault:pkiSecret/secretBackendCrlConfig:SecretBackendCrlConfig", + "majorVersion": 5 + }, + "vault_pki_secret_backend_intermediate_cert_request": { + "current": "vault:pkiSecret/secretBackendIntermediateCertRequest:SecretBackendIntermediateCertRequest", + "majorVersion": 5, + "fields": { + "alt_names": { + "maxItemsOne": false + }, + "ip_sans": { + "maxItemsOne": false + }, + "other_sans": { + "maxItemsOne": false + }, + "uri_sans": { + "maxItemsOne": false + } + } + }, + "vault_pki_secret_backend_intermediate_set_signed": { + "current": "vault:pkiSecret/secretBackendIntermediateSetSigned:SecretBackendIntermediateSetSigned", + "majorVersion": 5, + "fields": { + "imported_issuers": { + "maxItemsOne": false + }, + "imported_keys": { + "maxItemsOne": false + } + } + }, + "vault_pki_secret_backend_issuer": { + "current": "vault:pkiSecret/secretBackendIssuer:SecretBackendIssuer", + "majorVersion": 5, + "fields": { + "crl_distribution_points": { + "maxItemsOne": false + }, + "issuing_certificates": { + "maxItemsOne": false + }, + "manual_chain": { + "maxItemsOne": false + }, + "ocsp_servers": { + "maxItemsOne": false + } + } + }, + "vault_pki_secret_backend_key": { + "current": "vault:pkiSecret/secretBackendKey:SecretBackendKey", + "majorVersion": 5 + }, + "vault_pki_secret_backend_role": { + "current": "vault:pkiSecret/secretBackendRole:SecretBackendRole", + "majorVersion": 5, + "fields": { + "allowed_domains": { + "maxItemsOne": false + }, + "allowed_other_sans": { + "maxItemsOne": false + }, + "allowed_serial_numbers": { + "maxItemsOne": false + }, + "allowed_uri_sans": { + "maxItemsOne": false + }, + "allowed_user_ids": { + "maxItemsOne": false + }, + "country": { + "maxItemsOne": false + }, + "ext_key_usage": { + "maxItemsOne": false + }, + "key_usage": { + "maxItemsOne": false + }, + "locality": { + "maxItemsOne": false + }, + "organization": { + "maxItemsOne": false + }, + "ou": { + "maxItemsOne": false + }, + "policy_identifier": { + "maxItemsOne": false + }, + "policy_identifiers": { + "maxItemsOne": false + }, + "postal_code": { + "maxItemsOne": false + }, + "province": { + "maxItemsOne": false + }, + "street_address": { + "maxItemsOne": false + } + } + }, + "vault_pki_secret_backend_root_cert": { + "current": "vault:pkiSecret/secretBackendRootCert:SecretBackendRootCert", + "majorVersion": 5, + "fields": { + "alt_names": { + "maxItemsOne": false + }, + "ip_sans": { + "maxItemsOne": false + }, + "other_sans": { + "maxItemsOne": false + }, + "permitted_dns_domains": { + "maxItemsOne": false + }, + "uri_sans": { + "maxItemsOne": false + } + } + }, + "vault_pki_secret_backend_root_sign_intermediate": { + "current": "vault:pkiSecret/secretBackendRootSignIntermediate:SecretBackendRootSignIntermediate", + "majorVersion": 5, + "fields": { + "alt_names": { + "maxItemsOne": false + }, + "ca_chain": { + "maxItemsOne": false + }, + "ip_sans": { + "maxItemsOne": false + }, + "other_sans": { + "maxItemsOne": false + }, + "permitted_dns_domains": { + "maxItemsOne": false + }, + "uri_sans": { + "maxItemsOne": false + } + } + }, + "vault_pki_secret_backend_sign": { + "current": "vault:pkiSecret/secretBackendSign:SecretBackendSign", + "majorVersion": 5, + "fields": { + "alt_names": { + "maxItemsOne": false + }, + "ca_chain": { + "maxItemsOne": false + }, + "ip_sans": { + "maxItemsOne": false + }, + "other_sans": { + "maxItemsOne": false + }, + "uri_sans": { + "maxItemsOne": false + } + } + }, + "vault_policy": { + "current": "vault:index/policy:Policy", + "majorVersion": 5 + }, + "vault_quota_lease_count": { + "current": "vault:index/quotaLeaseCount:QuotaLeaseCount", + "majorVersion": 5 + }, + "vault_quota_rate_limit": { + "current": "vault:index/quotaRateLimit:QuotaRateLimit", + "majorVersion": 5 + }, + "vault_rabbitmq_secret_backend": { + "current": "vault:rabbitMq/secretBackend:SecretBackend", + "majorVersion": 5 + }, + "vault_rabbitmq_secret_backend_role": { + "current": "vault:rabbitMq/secretBackendRole:SecretBackendRole", + "majorVersion": 5, + "fields": { + "vhost": { + "maxItemsOne": false + }, + "vhost_topic": { + "maxItemsOne": false, + "elem": { + "fields": { + "vhost": { + "maxItemsOne": false + } + } + } + } + } + }, + "vault_raft_autopilot": { + "current": "vault:index/raftAutopilot:RaftAutopilot", + "majorVersion": 5 + }, + "vault_raft_snapshot_agent_config": { + "current": "vault:index/raftSnapshotAgentConfig:RaftSnapshotAgentConfig", + "majorVersion": 5 + }, + "vault_rgp_policy": { + "current": "vault:index/rgpPolicy:RgpPolicy", + "majorVersion": 5 + }, + "vault_saml_auth_backend": { + "current": "vault:saml/authBackend:AuthBackend", + "majorVersion": 5, + "fields": { + "acs_urls": { + "maxItemsOne": false + } + } + }, + "vault_saml_auth_backend_role": { + "current": "vault:saml/authBackendRole:AuthBackendRole", + "majorVersion": 5, + "fields": { + "bound_subjects": { + "maxItemsOne": false + }, + "token_bound_cidrs": { + "maxItemsOne": false + }, + "token_policies": { + "maxItemsOne": false + } + } + }, + "vault_ssh_secret_backend_ca": { + "current": "vault:ssh/secretBackendCa:SecretBackendCa", + "majorVersion": 5 + }, + "vault_ssh_secret_backend_role": { + "current": "vault:ssh/secretBackendRole:SecretBackendRole", + "majorVersion": 5, + "fields": { + "allowed_user_key_config": { + "maxItemsOne": false, + "elem": { + "fields": { + "lengths": { + "maxItemsOne": false + } + } + } + } + } + }, + "vault_terraform_cloud_secret_backend": { + "current": "vault:terraformcloud/secretBackend:SecretBackend", + "majorVersion": 5 + }, + "vault_terraform_cloud_secret_creds": { + "current": "vault:terraformcloud/secretCreds:SecretCreds", + "majorVersion": 5 + }, + "vault_terraform_cloud_secret_role": { + "current": "vault:terraformcloud/secretRole:SecretRole", + "majorVersion": 5 + }, + "vault_token": { + "current": "vault:index/token:Token", + "majorVersion": 5, + "fields": { + "policies": { + "maxItemsOne": false + } + } + }, + "vault_token_auth_backend_role": { + "current": "vault:tokenauth/authBackendRole:AuthBackendRole", + "majorVersion": 5, + "fields": { + "allowed_entity_aliases": { + "maxItemsOne": false + }, + "allowed_policies": { + "maxItemsOne": false + }, + "allowed_policies_glob": { + "maxItemsOne": false + }, + "disallowed_policies": { + "maxItemsOne": false + }, + "disallowed_policies_glob": { + "maxItemsOne": false + }, + "token_bound_cidrs": { + "maxItemsOne": false + }, + "token_policies": { + "maxItemsOne": false + } + } + }, + "vault_transform_alphabet": { + "current": "vault:transform/alphabet:Alphabet", + "majorVersion": 5 + }, + "vault_transform_role": { + "current": "vault:transform/role:Role", + "majorVersion": 5, + "fields": { + "transformations": { + "maxItemsOne": false + } + } + }, + "vault_transform_template": { + "current": "vault:transform/template:Template", + "majorVersion": 5 + }, + "vault_transform_transformation": { + "current": "vault:transform/transformation:Transformation", + "majorVersion": 5, + "fields": { + "allowed_roles": { + "maxItemsOne": false + }, + "templates": { + "maxItemsOne": false + } + } + }, + "vault_transit_secret_backend_key": { + "current": "vault:transit/secretBackendKey:SecretBackendKey", + "majorVersion": 5, + "fields": { + "keys": { + "maxItemsOne": false + } + } + }, + "vault_transit_secret_cache_config": { + "current": "vault:transit/secretCacheConfig:SecretCacheConfig", + "majorVersion": 5 + } + }, + "datasources": { + "vault_ad_access_credentials": { + "current": "vault:ad/getAccessCredentials:getAccessCredentials", + "majorVersion": 5 + }, + "vault_approle_auth_backend_role_id": { + "current": "vault:appRole/getAuthBackendRoleId:getAuthBackendRoleId", + "majorVersion": 5 + }, + "vault_auth_backend": { + "current": "vault:index/getAuthBackend:getAuthBackend", + "majorVersion": 5 + }, + "vault_auth_backends": { + "current": "vault:index/getAuthBackends:getAuthBackends", + "majorVersion": 5, + "fields": { + "accessors": { + "maxItemsOne": false + }, + "paths": { + "maxItemsOne": false + } + } + }, + "vault_aws_access_credentials": { + "current": "vault:aws/getAccessCredentials:getAccessCredentials", + "majorVersion": 5 + }, + "vault_aws_static_access_credentials": { + "current": "vault:aws/getStaticAccessCredentials:getStaticAccessCredentials", + "majorVersion": 5 + }, + "vault_azure_access_credentials": { + "current": "vault:azure/getAccessCredentials:getAccessCredentials", + "majorVersion": 5 + }, + "vault_gcp_auth_backend_role": { + "current": "vault:gcp/getAuthBackendRole:getAuthBackendRole", + "majorVersion": 5, + "fields": { + "bound_instance_groups": { + "maxItemsOne": false + }, + "bound_labels": { + "maxItemsOne": false + }, + "bound_projects": { + "maxItemsOne": false + }, + "bound_regions": { + "maxItemsOne": false + }, + "bound_service_accounts": { + "maxItemsOne": false + }, + "bound_zones": { + "maxItemsOne": false + }, + "token_bound_cidrs": { + "maxItemsOne": false + }, + "token_policies": { + "maxItemsOne": false + } + } + }, + "vault_generic_secret": { + "current": "vault:generic/getSecret:getSecret", + "majorVersion": 5 + }, + "vault_identity_entity": { + "current": "vault:identity/getEntity:getEntity", + "majorVersion": 5, + "fields": { + "aliases": { + "maxItemsOne": false, + "elem": { + "fields": { + "merged_from_canonical_ids": { + "maxItemsOne": false + } + } + } + }, + "direct_group_ids": { + "maxItemsOne": false + }, + "group_ids": { + "maxItemsOne": false + }, + "inherited_group_ids": { + "maxItemsOne": false + }, + "merged_entity_ids": { + "maxItemsOne": false + }, + "policies": { + "maxItemsOne": false + } + } + }, + "vault_identity_group": { + "current": "vault:identity/getGroup:getGroup", + "majorVersion": 5, + "fields": { + "alias_merged_from_canonical_ids": { + "maxItemsOne": false + }, + "member_entity_ids": { + "maxItemsOne": false + }, + "member_group_ids": { + "maxItemsOne": false + }, + "parent_group_ids": { + "maxItemsOne": false + }, + "policies": { + "maxItemsOne": false + } + } + }, + "vault_identity_oidc_client_creds": { + "current": "vault:identity/getOidcClientCreds:getOidcClientCreds", + "majorVersion": 5 + }, + "vault_identity_oidc_openid_config": { + "current": "vault:identity/getOidcOpenidConfig:getOidcOpenidConfig", + "majorVersion": 5, + "fields": { + "grant_types_supported": { + "maxItemsOne": false + }, + "id_token_signing_alg_values_supported": { + "maxItemsOne": false + }, + "response_types_supported": { + "maxItemsOne": false + }, + "scopes_supported": { + "maxItemsOne": false + }, + "subject_types_supported": { + "maxItemsOne": false + }, + "token_endpoint_auth_methods_supported": { + "maxItemsOne": false + } + } + }, + "vault_identity_oidc_public_keys": { + "current": "vault:identity/getOidcPublicKeys:getOidcPublicKeys", + "majorVersion": 5, + "fields": { + "keys": { + "maxItemsOne": false + } + } + }, + "vault_kubernetes_auth_backend_config": { + "current": "vault:kubernetes/getAuthBackendConfig:getAuthBackendConfig", + "majorVersion": 5, + "fields": { + "pem_keys": { + "maxItemsOne": false + } + } + }, + "vault_kubernetes_auth_backend_role": { + "current": "vault:kubernetes/getAuthBackendRole:getAuthBackendRole", + "majorVersion": 5, + "fields": { + "bound_service_account_names": { + "maxItemsOne": false + }, + "bound_service_account_namespaces": { + "maxItemsOne": false + }, + "token_bound_cidrs": { + "maxItemsOne": false + }, + "token_policies": { + "maxItemsOne": false + } + } + }, + "vault_kubernetes_service_account_token": { + "current": "vault:kubernetes/getServiceAccountToken:getServiceAccountToken", + "majorVersion": 5 + }, + "vault_kv_secret": { + "current": "vault:kv/getSecret:getSecret", + "majorVersion": 5 + }, + "vault_kv_secret_subkeys_v2": { + "current": "vault:kv/getSecretSubkeysV2:getSecretSubkeysV2", + "majorVersion": 5 + }, + "vault_kv_secret_v2": { + "current": "vault:kv/getSecretV2:getSecretV2", + "majorVersion": 5 + }, + "vault_kv_secrets_list": { + "current": "vault:kv/getSecretsList:getSecretsList", + "majorVersion": 5, + "fields": { + "names": { + "maxItemsOne": false + } + } + }, + "vault_kv_secrets_list_v2": { + "current": "vault:kv/getSecretsListV2:getSecretsListV2", + "majorVersion": 5, + "fields": { + "names": { + "maxItemsOne": false + } + } + }, + "vault_ldap_dynamic_credentials": { + "current": "vault:ldap/getDynamicCredentials:getDynamicCredentials", + "majorVersion": 5, + "fields": { + "distinguished_names": { + "maxItemsOne": false + } + } + }, + "vault_ldap_static_credentials": { + "current": "vault:ldap/getStaticCredentials:getStaticCredentials", + "majorVersion": 5 + }, + "vault_nomad_access_token": { + "current": "vault:index/getNomadAccessToken:getNomadAccessToken", + "majorVersion": 5 + }, + "vault_pki_secret_backend_issuer": { + "current": "vault:pkiSecret/getBackendIssuer:getBackendIssuer", + "majorVersion": 5, + "fields": { + "ca_chain": { + "maxItemsOne": false + }, + "manual_chain": { + "maxItemsOne": false + } + } + }, + "vault_pki_secret_backend_issuers": { + "current": "vault:pkiSecret/getBackendIssuers:getBackendIssuers", + "majorVersion": 5, + "fields": { + "keys": { + "maxItemsOne": false + } + } + }, + "vault_pki_secret_backend_key": { + "current": "vault:pkiSecret/getBackendKey:getBackendKey", + "majorVersion": 5 + }, + "vault_pki_secret_backend_keys": { + "current": "vault:pkiSecret/getBackendKeys:getBackendKeys", + "majorVersion": 5, + "fields": { + "keys": { + "maxItemsOne": false + } + } + }, + "vault_policy_document": { + "current": "vault:index/getPolicyDocument:getPolicyDocument", + "majorVersion": 5, + "fields": { + "rule": { + "maxItemsOne": false, + "elem": { + "fields": { + "allowed_parameter": { + "maxItemsOne": false, + "elem": { + "fields": { + "value": { + "maxItemsOne": false + } + } + } + }, + "capabilities": { + "maxItemsOne": false + }, + "denied_parameter": { + "maxItemsOne": false, + "elem": { + "fields": { + "value": { + "maxItemsOne": false + } + } + } + }, + "required_parameters": { + "maxItemsOne": false + } + } + } + } + } + }, + "vault_raft_autopilot_state": { + "current": "vault:index/getRaftAutopilotState:getRaftAutopilotState", + "majorVersion": 5, + "fields": { + "voters": { + "maxItemsOne": false + } + } + }, + "vault_transform_decode": { + "current": "vault:transform/getDecode:getDecode", + "majorVersion": 5, + "fields": { + "batch_input": { + "maxItemsOne": false + }, + "batch_results": { + "maxItemsOne": false + } + } + }, + "vault_transform_encode": { + "current": "vault:transform/getEncode:getEncode", + "majorVersion": 5, + "fields": { + "batch_input": { + "maxItemsOne": false + }, + "batch_results": { + "maxItemsOne": false + } + } + }, + "vault_transit_decrypt": { + "current": "vault:transit/getDecrypt:getDecrypt", + "majorVersion": 5 + }, + "vault_transit_encrypt": { + "current": "vault:transit/getEncrypt:getEncrypt", + "majorVersion": 5 + } + } + }, + "renames": { + "resources": { + "vault:ad/secretBackend:SecretBackend": "vault_ad_secret_backend", + "vault:ad/secretLibrary:SecretLibrary": "vault_ad_secret_library", + "vault:ad/secretRole:SecretRole": "vault_ad_secret_role", + "vault:alicloud/authBackendRole:AuthBackendRole": "vault_alicloud_auth_backend_role", + "vault:appRole/authBackendLogin:AuthBackendLogin": "vault_approle_auth_backend_login", + "vault:appRole/authBackendRole:AuthBackendRole": "vault_approle_auth_backend_role", + "vault:appRole/authBackendRoleSecretId:AuthBackendRoleSecretId": "vault_approle_auth_backend_role_secret_id", + "vault:aws/authBackendCert:AuthBackendCert": "vault_aws_auth_backend_cert", + "vault:aws/authBackendClient:AuthBackendClient": "vault_aws_auth_backend_client", + "vault:aws/authBackendConfigIdentity:AuthBackendConfigIdentity": "vault_aws_auth_backend_config_identity", + "vault:aws/authBackendIdentityWhitelist:AuthBackendIdentityWhitelist": "vault_aws_auth_backend_identity_whitelist", + "vault:aws/authBackendLogin:AuthBackendLogin": "vault_aws_auth_backend_login", + "vault:aws/authBackendRole:AuthBackendRole": "vault_aws_auth_backend_role", + "vault:aws/authBackendRoleTag:AuthBackendRoleTag": "vault_aws_auth_backend_role_tag", + "vault:aws/authBackendRoletagBlacklist:AuthBackendRoletagBlacklist": "vault_aws_auth_backend_roletag_blacklist", + "vault:aws/authBackendStsRole:AuthBackendStsRole": "vault_aws_auth_backend_sts_role", + "vault:aws/secretBackend:SecretBackend": "vault_aws_secret_backend", + "vault:aws/secretBackendRole:SecretBackendRole": "vault_aws_secret_backend_role", + "vault:aws/secretBackendStaticRole:SecretBackendStaticRole": "vault_aws_secret_backend_static_role", + "vault:azure/authBackendConfig:AuthBackendConfig": "vault_azure_auth_backend_config", + "vault:azure/authBackendRole:AuthBackendRole": "vault_azure_auth_backend_role", + "vault:azure/backend:Backend": "vault_azure_secret_backend", + "vault:azure/backendRole:BackendRole": "vault_azure_secret_backend_role", + "vault:consul/secretBackend:SecretBackend": "vault_consul_secret_backend", + "vault:consul/secretBackendRole:SecretBackendRole": "vault_consul_secret_backend_role", + "vault:database/secretBackendConnection:SecretBackendConnection": "vault_database_secret_backend_connection", + "vault:database/secretBackendRole:SecretBackendRole": "vault_database_secret_backend_role", + "vault:database/secretBackendStaticRole:SecretBackendStaticRole": "vault_database_secret_backend_static_role", + "vault:database/secretsMount:SecretsMount": "vault_database_secrets_mount", + "vault:gcp/authBackend:AuthBackend": "vault_gcp_auth_backend", + "vault:gcp/authBackendRole:AuthBackendRole": "vault_gcp_auth_backend_role", + "vault:gcp/secretBackend:SecretBackend": "vault_gcp_secret_backend", + "vault:gcp/secretImpersonatedAccount:SecretImpersonatedAccount": "vault_gcp_secret_impersonated_account", + "vault:gcp/secretRoleset:SecretRoleset": "vault_gcp_secret_roleset", + "vault:gcp/secretStaticAccount:SecretStaticAccount": "vault_gcp_secret_static_account", + "vault:generic/endpoint:Endpoint": "vault_generic_endpoint", + "vault:generic/secret:Secret": "vault_generic_secret", + "vault:github/authBackend:AuthBackend": "vault_github_auth_backend", + "vault:github/team:Team": "vault_github_team", + "vault:github/user:User": "vault_github_user", + "vault:identity/entity:Entity": "vault_identity_entity", + "vault:identity/entityAlias:EntityAlias": "vault_identity_entity_alias", + "vault:identity/entityPolicies:EntityPolicies": "vault_identity_entity_policies", + "vault:identity/group:Group": "vault_identity_group", + "vault:identity/groupAlias:GroupAlias": "vault_identity_group_alias", + "vault:identity/groupMemberEntityIds:GroupMemberEntityIds": "vault_identity_group_member_entity_ids", + "vault:identity/groupMemberGroupIds:GroupMemberGroupIds": "vault_identity_group_member_group_ids", + "vault:identity/groupPolicies:GroupPolicies": "vault_identity_group_policies", + "vault:identity/mfaDuo:MfaDuo": "vault_identity_mfa_duo", + "vault:identity/mfaLoginEnforcement:MfaLoginEnforcement": "vault_identity_mfa_login_enforcement", + "vault:identity/mfaOkta:MfaOkta": "vault_identity_mfa_okta", + "vault:identity/mfaPingid:MfaPingid": "vault_identity_mfa_pingid", + "vault:identity/mfaTotp:MfaTotp": "vault_identity_mfa_totp", + "vault:identity/oidc:Oidc": "vault_identity_oidc", + "vault:identity/oidcAssignment:OidcAssignment": "vault_identity_oidc_assignment", + "vault:identity/oidcClient:OidcClient": "vault_identity_oidc_client", + "vault:identity/oidcKey:OidcKey": "vault_identity_oidc_key", + "vault:identity/oidcKeyAllowedClientID:OidcKeyAllowedClientID": "vault_identity_oidc_key_allowed_client_id", + "vault:identity/oidcProvider:OidcProvider": "vault_identity_oidc_provider", + "vault:identity/oidcRole:OidcRole": "vault_identity_oidc_role", + "vault:identity/oidcScope:OidcScope": "vault_identity_oidc_scope", + "vault:index/audit:Audit": "vault_audit", + "vault:index/auditRequestHeader:AuditRequestHeader": "vault_audit_request_header", + "vault:index/authBackend:AuthBackend": "vault_auth_backend", + "vault:index/certAuthBackendRole:CertAuthBackendRole": "vault_cert_auth_backend_role", + "vault:index/egpPolicy:EgpPolicy": "vault_egp_policy", + "vault:index/mfaDuo:MfaDuo": "vault_mfa_duo", + "vault:index/mfaOkta:MfaOkta": "vault_mfa_okta", + "vault:index/mfaPingid:MfaPingid": "vault_mfa_pingid", + "vault:index/mfaTotp:MfaTotp": "vault_mfa_totp", + "vault:index/mount:Mount": "vault_mount", + "vault:index/namespace:Namespace": "vault_namespace", + "vault:index/nomadSecretBackend:NomadSecretBackend": "vault_nomad_secret_backend", + "vault:index/nomadSecretRole:NomadSecretRole": "vault_nomad_secret_role", + "vault:index/passwordPolicy:PasswordPolicy": "vault_password_policy", + "vault:index/policy:Policy": "vault_policy", + "vault:index/quotaLeaseCount:QuotaLeaseCount": "vault_quota_lease_count", + "vault:index/quotaRateLimit:QuotaRateLimit": "vault_quota_rate_limit", + "vault:index/raftAutopilot:RaftAutopilot": "vault_raft_autopilot", + "vault:index/raftSnapshotAgentConfig:RaftSnapshotAgentConfig": "vault_raft_snapshot_agent_config", + "vault:index/rgpPolicy:RgpPolicy": "vault_rgp_policy", + "vault:index/token:Token": "vault_token", + "vault:jwt/authBackend:AuthBackend": "vault_jwt_auth_backend", + "vault:jwt/authBackendRole:AuthBackendRole": "vault_jwt_auth_backend_role", + "vault:kmip/secretBackend:SecretBackend": "vault_kmip_secret_backend", + "vault:kmip/secretRole:SecretRole": "vault_kmip_secret_role", + "vault:kmip/secretScope:SecretScope": "vault_kmip_secret_scope", + "vault:kubernetes/authBackendConfig:AuthBackendConfig": "vault_kubernetes_auth_backend_config", + "vault:kubernetes/authBackendRole:AuthBackendRole": "vault_kubernetes_auth_backend_role", + "vault:kubernetes/secretBackend:SecretBackend": "vault_kubernetes_secret_backend", + "vault:kubernetes/secretBackendRole:SecretBackendRole": "vault_kubernetes_secret_backend_role", + "vault:kv/secret:Secret": "vault_kv_secret", + "vault:kv/secretBackendV2:SecretBackendV2": "vault_kv_secret_backend_v2", + "vault:kv/secretV2:SecretV2": "vault_kv_secret_v2", + "vault:ldap/authBackend:AuthBackend": "vault_ldap_auth_backend", + "vault:ldap/authBackendGroup:AuthBackendGroup": "vault_ldap_auth_backend_group", + "vault:ldap/authBackendUser:AuthBackendUser": "vault_ldap_auth_backend_user", + "vault:ldap/secretBackend:SecretBackend": "vault_ldap_secret_backend", + "vault:ldap/secretBackendDynamicRole:SecretBackendDynamicRole": "vault_ldap_secret_backend_dynamic_role", + "vault:ldap/secretBackendLibrarySet:SecretBackendLibrarySet": "vault_ldap_secret_backend_library_set", + "vault:ldap/secretBackendStaticRole:SecretBackendStaticRole": "vault_ldap_secret_backend_static_role", + "vault:managed/keys:Keys": "vault_managed_keys", + "vault:mongodbatlas/secretBackend:SecretBackend": "vault_mongodbatlas_secret_backend", + "vault:mongodbatlas/secretRole:SecretRole": "vault_mongodbatlas_secret_role", + "vault:okta/authBackend:AuthBackend": "vault_okta_auth_backend", + "vault:okta/authBackendGroup:AuthBackendGroup": "vault_okta_auth_backend_group", + "vault:okta/authBackendUser:AuthBackendUser": "vault_okta_auth_backend_user", + "vault:pkiSecret/secretBackendCert:SecretBackendCert": "vault_pki_secret_backend_cert", + "vault:pkiSecret/secretBackendConfigCa:SecretBackendConfigCa": "vault_pki_secret_backend_config_ca", + "vault:pkiSecret/secretBackendConfigIssuers:SecretBackendConfigIssuers": "vault_pki_secret_backend_config_issuers", + "vault:pkiSecret/secretBackendConfigUrls:SecretBackendConfigUrls": "vault_pki_secret_backend_config_urls", + "vault:pkiSecret/secretBackendCrlConfig:SecretBackendCrlConfig": "vault_pki_secret_backend_crl_config", + "vault:pkiSecret/secretBackendIntermediateCertRequest:SecretBackendIntermediateCertRequest": "vault_pki_secret_backend_intermediate_cert_request", + "vault:pkiSecret/secretBackendIntermediateSetSigned:SecretBackendIntermediateSetSigned": "vault_pki_secret_backend_intermediate_set_signed", + "vault:pkiSecret/secretBackendIssuer:SecretBackendIssuer": "vault_pki_secret_backend_issuer", + "vault:pkiSecret/secretBackendKey:SecretBackendKey": "vault_pki_secret_backend_key", + "vault:pkiSecret/secretBackendRole:SecretBackendRole": "vault_pki_secret_backend_role", + "vault:pkiSecret/secretBackendRootCert:SecretBackendRootCert": "vault_pki_secret_backend_root_cert", + "vault:pkiSecret/secretBackendRootSignIntermediate:SecretBackendRootSignIntermediate": "vault_pki_secret_backend_root_sign_intermediate", + "vault:pkiSecret/secretBackendSign:SecretBackendSign": "vault_pki_secret_backend_sign", + "vault:rabbitMq/secretBackend:SecretBackend": "vault_rabbitmq_secret_backend", + "vault:rabbitMq/secretBackendRole:SecretBackendRole": "vault_rabbitmq_secret_backend_role", + "vault:saml/authBackend:AuthBackend": "vault_saml_auth_backend", + "vault:saml/authBackendRole:AuthBackendRole": "vault_saml_auth_backend_role", + "vault:ssh/secretBackendCa:SecretBackendCa": "vault_ssh_secret_backend_ca", + "vault:ssh/secretBackendRole:SecretBackendRole": "vault_ssh_secret_backend_role", + "vault:terraformcloud/secretBackend:SecretBackend": "vault_terraform_cloud_secret_backend", + "vault:terraformcloud/secretCreds:SecretCreds": "vault_terraform_cloud_secret_creds", + "vault:terraformcloud/secretRole:SecretRole": "vault_terraform_cloud_secret_role", + "vault:tokenauth/authBackendRole:AuthBackendRole": "vault_token_auth_backend_role", + "vault:transform/alphabet:Alphabet": "vault_transform_alphabet", + "vault:transform/role:Role": "vault_transform_role", + "vault:transform/template:Template": "vault_transform_template", + "vault:transform/transformation:Transformation": "vault_transform_transformation", + "vault:transit/secretBackendKey:SecretBackendKey": "vault_transit_secret_backend_key", + "vault:transit/secretCacheConfig:SecretCacheConfig": "vault_transit_secret_cache_config" + }, + "functions": { + "vault:ad/getAccessCredentials:getAccessCredentials": "vault_ad_access_credentials", + "vault:appRole/getAuthBackendRoleId:getAuthBackendRoleId": "vault_approle_auth_backend_role_id", + "vault:aws/getAccessCredentials:getAccessCredentials": "vault_aws_access_credentials", + "vault:aws/getStaticAccessCredentials:getStaticAccessCredentials": "vault_aws_static_access_credentials", + "vault:azure/getAccessCredentials:getAccessCredentials": "vault_azure_access_credentials", + "vault:gcp/getAuthBackendRole:getAuthBackendRole": "vault_gcp_auth_backend_role", + "vault:generic/getSecret:getSecret": "vault_generic_secret", + "vault:identity/getEntity:getEntity": "vault_identity_entity", + "vault:identity/getGroup:getGroup": "vault_identity_group", + "vault:identity/getOidcClientCreds:getOidcClientCreds": "vault_identity_oidc_client_creds", + "vault:identity/getOidcOpenidConfig:getOidcOpenidConfig": "vault_identity_oidc_openid_config", + "vault:identity/getOidcPublicKeys:getOidcPublicKeys": "vault_identity_oidc_public_keys", + "vault:index/getAuthBackend:getAuthBackend": "vault_auth_backend", + "vault:index/getAuthBackends:getAuthBackends": "vault_auth_backends", + "vault:index/getNomadAccessToken:getNomadAccessToken": "vault_nomad_access_token", + "vault:index/getPolicyDocument:getPolicyDocument": "vault_policy_document", + "vault:index/getRaftAutopilotState:getRaftAutopilotState": "vault_raft_autopilot_state", + "vault:kubernetes/getAuthBackendConfig:getAuthBackendConfig": "vault_kubernetes_auth_backend_config", + "vault:kubernetes/getAuthBackendRole:getAuthBackendRole": "vault_kubernetes_auth_backend_role", + "vault:kubernetes/getServiceAccountToken:getServiceAccountToken": "vault_kubernetes_service_account_token", + "vault:kv/getSecret:getSecret": "vault_kv_secret", + "vault:kv/getSecretSubkeysV2:getSecretSubkeysV2": "vault_kv_secret_subkeys_v2", + "vault:kv/getSecretV2:getSecretV2": "vault_kv_secret_v2", + "vault:kv/getSecretsList:getSecretsList": "vault_kv_secrets_list", + "vault:kv/getSecretsListV2:getSecretsListV2": "vault_kv_secrets_list_v2", + "vault:ldap/getDynamicCredentials:getDynamicCredentials": "vault_ldap_dynamic_credentials", + "vault:ldap/getStaticCredentials:getStaticCredentials": "vault_ldap_static_credentials", + "vault:pkiSecret/getBackendIssuer:getBackendIssuer": "vault_pki_secret_backend_issuer", + "vault:pkiSecret/getBackendIssuers:getBackendIssuers": "vault_pki_secret_backend_issuers", + "vault:pkiSecret/getBackendKey:getBackendKey": "vault_pki_secret_backend_key", + "vault:pkiSecret/getBackendKeys:getBackendKeys": "vault_pki_secret_backend_keys", + "vault:transform/getDecode:getDecode": "vault_transform_decode", + "vault:transform/getEncode:getEncode": "vault_transform_encode", + "vault:transit/getDecrypt:getDecrypt": "vault_transit_decrypt", + "vault:transit/getEncrypt:getEncrypt": "vault_transit_encrypt" + }, + "renamedProperties": { + "vault:ad/getAccessCredentials:getAccessCredentials": { + "currentPassword": "current_password", + "lastPassword": "last_password" + }, + "vault:ad/secretBackend:SecretBackend": { + "anonymousGroupSearch": "anonymous_group_search", + "caseSensitiveNames": "case_sensitive_names", + "clientTlsCert": "client_tls_cert", + "clientTlsKey": "client_tls_key", + "defaultLeaseTtlSeconds": "default_lease_ttl_seconds", + "denyNullBind": "deny_null_bind", + "disableRemount": "disable_remount", + "insecureTls": "insecure_tls", + "lastRotationTolerance": "last_rotation_tolerance", + "maxLeaseTtlSeconds": "max_lease_ttl_seconds", + "maxTtl": "max_ttl", + "passwordPolicy": "password_policy", + "requestTimeout": "request_timeout", + "tlsMaxVersion": "tls_max_version", + "tlsMinVersion": "tls_min_version", + "usePre111GroupCnBehavior": "use_pre111_group_cn_behavior", + "useTokenGroups": "use_token_groups" + }, + "vault:ad/secretLibrary:SecretLibrary": { + "disableCheckInEnforcement": "disable_check_in_enforcement", + "maxTtl": "max_ttl", + "serviceAccountNames": "service_account_names" + }, + "vault:ad/secretRole:SecretRole": { + "lastVaultRotation": "last_vault_rotation", + "passwordLastSet": "password_last_set", + "serviceAccountName": "service_account_name" + }, + "vault:alicloud/authBackendRole:AuthBackendRole": { + "tokenBoundCidrs": "token_bound_cidrs", + "tokenExplicitMaxTtl": "token_explicit_max_ttl", + "tokenMaxTtl": "token_max_ttl", + "tokenNoDefaultPolicy": "token_no_default_policy", + "tokenNumUses": "token_num_uses", + "tokenPeriod": "token_period", + "tokenPolicies": "token_policies", + "tokenTtl": "token_ttl", + "tokenType": "token_type" + }, + "vault:appRole/authBackendLogin:AuthBackendLogin": { + "clientToken": "client_token", + "leaseDuration": "lease_duration", + "leaseStarted": "lease_started", + "roleId": "role_id", + "secretId": "secret_id" + }, + "vault:appRole/authBackendRole:AuthBackendRole": { + "bindSecretId": "bind_secret_id", + "roleId": "role_id", + "roleName": "role_name", + "secretIdBoundCidrs": "secret_id_bound_cidrs", + "secretIdNumUses": "secret_id_num_uses", + "secretIdTtl": "secret_id_ttl", + "tokenBoundCidrs": "token_bound_cidrs", + "tokenExplicitMaxTtl": "token_explicit_max_ttl", + "tokenMaxTtl": "token_max_ttl", + "tokenNoDefaultPolicy": "token_no_default_policy", + "tokenNumUses": "token_num_uses", + "tokenPeriod": "token_period", + "tokenPolicies": "token_policies", + "tokenTtl": "token_ttl", + "tokenType": "token_type" + }, + "vault:appRole/authBackendRoleSecretId:AuthBackendRoleSecretId": { + "cidrLists": "cidr_list", + "roleName": "role_name", + "secretId": "secret_id", + "withWrappedAccessor": "with_wrapped_accessor", + "wrappingAccessor": "wrapping_accessor", + "wrappingToken": "wrapping_token", + "wrappingTtl": "wrapping_ttl" + }, + "vault:appRole/getAuthBackendRoleId:getAuthBackendRoleId": { + "roleId": "role_id", + "roleName": "role_name" + }, + "vault:aws/authBackendCert:AuthBackendCert": { + "awsPublicCert": "aws_public_cert", + "certName": "cert_name" + }, + "vault:aws/authBackendClient:AuthBackendClient": { + "accessKey": "access_key", + "ec2Endpoint": "ec2_endpoint", + "iamEndpoint": "iam_endpoint", + "iamServerIdHeaderValue": "iam_server_id_header_value", + "secretKey": "secret_key", + "stsEndpoint": "sts_endpoint", + "stsRegion": "sts_region", + "useStsRegionFromClient": "use_sts_region_from_client" + }, + "vault:aws/authBackendConfigIdentity:AuthBackendConfigIdentity": { + "ec2Alias": "ec2_alias", + "ec2Metadatas": "ec2_metadata", + "iamAlias": "iam_alias", + "iamMetadatas": "iam_metadata" + }, + "vault:aws/authBackendIdentityWhitelist:AuthBackendIdentityWhitelist": { + "disablePeriodicTidy": "disable_periodic_tidy", + "safetyBuffer": "safety_buffer" + }, + "vault:aws/authBackendLogin:AuthBackendLogin": { + "authType": "auth_type", + "clientToken": "client_token", + "iamHttpRequestMethod": "iam_http_request_method", + "iamRequestBody": "iam_request_body", + "iamRequestHeaders": "iam_request_headers", + "iamRequestUrl": "iam_request_url", + "leaseDuration": "lease_duration", + "leaseStartTime": "lease_start_time" + }, + "vault:aws/authBackendRole:AuthBackendRole": { + "allowInstanceMigration": "allow_instance_migration", + "authType": "auth_type", + "boundAccountIds": "bound_account_ids", + "boundAmiIds": "bound_ami_ids", + "boundEc2InstanceIds": "bound_ec2_instance_ids", + "boundIamInstanceProfileArns": "bound_iam_instance_profile_arns", + "boundIamPrincipalArns": "bound_iam_principal_arns", + "boundIamRoleArns": "bound_iam_role_arns", + "boundRegions": "bound_regions", + "boundSubnetIds": "bound_subnet_ids", + "boundVpcIds": "bound_vpc_ids", + "disallowReauthentication": "disallow_reauthentication", + "inferredAwsRegion": "inferred_aws_region", + "inferredEntityType": "inferred_entity_type", + "resolveAwsUniqueIds": "resolve_aws_unique_ids", + "roleId": "role_id", + "roleTag": "role_tag", + "tokenBoundCidrs": "token_bound_cidrs", + "tokenExplicitMaxTtl": "token_explicit_max_ttl", + "tokenMaxTtl": "token_max_ttl", + "tokenNoDefaultPolicy": "token_no_default_policy", + "tokenNumUses": "token_num_uses", + "tokenPeriod": "token_period", + "tokenPolicies": "token_policies", + "tokenTtl": "token_ttl", + "tokenType": "token_type" + }, + "vault:aws/authBackendRoleTag:AuthBackendRoleTag": { + "allowInstanceMigration": "allow_instance_migration", + "disallowReauthentication": "disallow_reauthentication", + "instanceId": "instance_id", + "maxTtl": "max_ttl", + "tagKey": "tag_key", + "tagValue": "tag_value" + }, + "vault:aws/authBackendRoletagBlacklist:AuthBackendRoletagBlacklist": { + "disablePeriodicTidy": "disable_periodic_tidy", + "safetyBuffer": "safety_buffer" + }, + "vault:aws/authBackendStsRole:AuthBackendStsRole": { + "accountId": "account_id", + "stsRole": "sts_role" + }, + "vault:aws/getAccessCredentials:getAccessCredentials": { + "accessKey": "access_key", + "leaseDuration": "lease_duration", + "leaseId": "lease_id", + "leaseRenewable": "lease_renewable", + "leaseStartTime": "lease_start_time", + "roleArn": "role_arn", + "secretKey": "secret_key", + "securityToken": "security_token" + }, + "vault:aws/getStaticAccessCredentials:getStaticAccessCredentials": { + "accessKey": "access_key", + "secretKey": "secret_key" + }, + "vault:aws/secretBackend:SecretBackend": { + "accessKey": "access_key", + "defaultLeaseTtlSeconds": "default_lease_ttl_seconds", + "disableRemount": "disable_remount", + "iamEndpoint": "iam_endpoint", + "maxLeaseTtlSeconds": "max_lease_ttl_seconds", + "secretKey": "secret_key", + "stsEndpoint": "sts_endpoint", + "usernameTemplate": "username_template" + }, + "vault:aws/secretBackendRole:SecretBackendRole": { + "credentialType": "credential_type", + "defaultStsTtl": "default_sts_ttl", + "iamGroups": "iam_groups", + "maxStsTtl": "max_sts_ttl", + "permissionsBoundaryArn": "permissions_boundary_arn", + "policyArns": "policy_arns", + "policyDocument": "policy_document", + "roleArns": "role_arns", + "userPath": "user_path" + }, + "vault:aws/secretBackendStaticRole:SecretBackendStaticRole": { + "rotationPeriod": "rotation_period" + }, + "vault:azure/BackendRoleAzureGroup:BackendRoleAzureGroup": { + "groupName": "group_name", + "objectId": "object_id" + }, + "vault:azure/BackendRoleAzureRole:BackendRoleAzureRole": { + "roleId": "role_id", + "roleName": "role_name" + }, + "vault:azure/authBackendConfig:AuthBackendConfig": { + "clientId": "client_id", + "clientSecret": "client_secret", + "tenantId": "tenant_id" + }, + "vault:azure/authBackendRole:AuthBackendRole": { + "boundGroupIds": "bound_group_ids", + "boundLocations": "bound_locations", + "boundResourceGroups": "bound_resource_groups", + "boundScaleSets": "bound_scale_sets", + "boundServicePrincipalIds": "bound_service_principal_ids", + "boundSubscriptionIds": "bound_subscription_ids", + "tokenBoundCidrs": "token_bound_cidrs", + "tokenExplicitMaxTtl": "token_explicit_max_ttl", + "tokenMaxTtl": "token_max_ttl", + "tokenNoDefaultPolicy": "token_no_default_policy", + "tokenNumUses": "token_num_uses", + "tokenPeriod": "token_period", + "tokenPolicies": "token_policies", + "tokenTtl": "token_ttl", + "tokenType": "token_type" + }, + "vault:azure/backend:Backend": { + "clientId": "client_id", + "clientSecret": "client_secret", + "disableRemount": "disable_remount", + "subscriptionId": "subscription_id", + "tenantId": "tenant_id", + "useMicrosoftGraphApi": "use_microsoft_graph_api" + }, + "vault:azure/backendRole:BackendRole": { + "applicationObjectId": "application_object_id", + "azureGroups": "azure_groups", + "azureRoles": "azure_roles", + "maxTtl": "max_ttl", + "permanentlyDelete": "permanently_delete" + }, + "vault:azure/getAccessCredentials:getAccessCredentials": { + "clientId": "client_id", + "clientSecret": "client_secret", + "leaseDuration": "lease_duration", + "leaseId": "lease_id", + "leaseRenewable": "lease_renewable", + "leaseStartTime": "lease_start_time", + "maxCredValidationSeconds": "max_cred_validation_seconds", + "numSecondsBetweenTests": "num_seconds_between_tests", + "numSequentialSuccesses": "num_sequential_successes", + "subscriptionId": "subscription_id", + "tenantId": "tenant_id", + "validateCreds": "validate_creds" + }, + "vault:config/authLogin:authLogin": { + "useRootNamespace": "use_root_namespace" + }, + "vault:config/authLoginAws:authLoginAws": { + "awsAccessKeyId": "aws_access_key_id", + "awsIamEndpoint": "aws_iam_endpoint", + "awsProfile": "aws_profile", + "awsRegion": "aws_region", + "awsRoleArn": "aws_role_arn", + "awsRoleSessionName": "aws_role_session_name", + "awsSecretAccessKey": "aws_secret_access_key", + "awsSessionToken": "aws_session_token", + "awsSharedCredentialsFile": "aws_shared_credentials_file", + "awsStsEndpoint": "aws_sts_endpoint", + "awsWebIdentityTokenFile": "aws_web_identity_token_file", + "headerValue": "header_value", + "useRootNamespace": "use_root_namespace" + }, + "vault:config/authLoginAzure:authLoginAzure": { + "clientId": "client_id", + "resourceGroupName": "resource_group_name", + "subscriptionId": "subscription_id", + "tenantId": "tenant_id", + "useRootNamespace": "use_root_namespace", + "vmName": "vm_name", + "vmssName": "vmss_name" + }, + "vault:config/authLoginCert:authLoginCert": { + "certFile": "cert_file", + "keyFile": "key_file", + "useRootNamespace": "use_root_namespace" + }, + "vault:config/authLoginGcp:authLoginGcp": { + "serviceAccount": "service_account", + "useRootNamespace": "use_root_namespace" + }, + "vault:config/authLoginJwt:authLoginJwt": { + "useRootNamespace": "use_root_namespace" + }, + "vault:config/authLoginKerberos:authLoginKerberos": { + "disableFastNegotiation": "disable_fast_negotiation", + "keytabPath": "keytab_path", + "krb5confPath": "krb5conf_path", + "removeInstanceName": "remove_instance_name", + "useRootNamespace": "use_root_namespace" + }, + "vault:config/authLoginOci:authLoginOci": { + "authType": "auth_type", + "useRootNamespace": "use_root_namespace" + }, + "vault:config/authLoginOidc:authLoginOidc": { + "callbackAddress": "callback_address", + "callbackListenerAddress": "callback_listener_address", + "useRootNamespace": "use_root_namespace" + }, + "vault:config/authLoginRadius:authLoginRadius": { + "useRootNamespace": "use_root_namespace" + }, + "vault:config/authLoginTokenFile:authLoginTokenFile": { + "useRootNamespace": "use_root_namespace" + }, + "vault:config/authLoginUserpass:authLoginUserpass": { + "passwordFile": "password_file", + "useRootNamespace": "use_root_namespace" + }, + "vault:config/clientAuth:clientAuth": { + "certFile": "cert_file", + "keyFile": "key_file" + }, + "vault:consul/secretBackend:SecretBackend": { + "caCert": "ca_cert", + "clientCert": "client_cert", + "clientKey": "client_key", + "defaultLeaseTtlSeconds": "default_lease_ttl_seconds", + "disableRemount": "disable_remount", + "maxLeaseTtlSeconds": "max_lease_ttl_seconds" + }, + "vault:consul/secretBackendRole:SecretBackendRole": { + "consulNamespace": "consul_namespace", + "consulPolicies": "consul_policies", + "consulRoles": "consul_roles", + "maxTtl": "max_ttl", + "nodeIdentities": "node_identities", + "serviceIdentities": "service_identities", + "tokenType": "token_type" + }, + "vault:database/SecretBackendConnectionCassandra:SecretBackendConnectionCassandra": { + "connectTimeout": "connect_timeout", + "insecureTls": "insecure_tls", + "pemBundle": "pem_bundle", + "pemJson": "pem_json", + "protocolVersion": "protocol_version" + }, + "vault:database/SecretBackendConnectionCouchbase:SecretBackendConnectionCouchbase": { + "base64Pem": "base64_pem", + "bucketName": "bucket_name", + "insecureTls": "insecure_tls", + "usernameTemplate": "username_template" + }, + "vault:database/SecretBackendConnectionElasticsearch:SecretBackendConnectionElasticsearch": { + "caCert": "ca_cert", + "caPath": "ca_path", + "clientCert": "client_cert", + "clientKey": "client_key", + "tlsServerName": "tls_server_name", + "usernameTemplate": "username_template" + }, + "vault:database/SecretBackendConnectionHana:SecretBackendConnectionHana": { + "connectionUrl": "connection_url", + "disableEscaping": "disable_escaping", + "maxConnectionLifetime": "max_connection_lifetime", + "maxIdleConnections": "max_idle_connections", + "maxOpenConnections": "max_open_connections" + }, + "vault:database/SecretBackendConnectionInfluxdb:SecretBackendConnectionInfluxdb": { + "connectTimeout": "connect_timeout", + "insecureTls": "insecure_tls", + "pemBundle": "pem_bundle", + "pemJson": "pem_json", + "usernameTemplate": "username_template" + }, + "vault:database/SecretBackendConnectionMongodb:SecretBackendConnectionMongodb": { + "connectionUrl": "connection_url", + "maxConnectionLifetime": "max_connection_lifetime", + "maxIdleConnections": "max_idle_connections", + "maxOpenConnections": "max_open_connections", + "usernameTemplate": "username_template" + }, + "vault:database/SecretBackendConnectionMongodbatlas:SecretBackendConnectionMongodbatlas": { + "privateKey": "private_key", + "projectId": "project_id", + "publicKey": "public_key" + }, + "vault:database/SecretBackendConnectionMssql:SecretBackendConnectionMssql": { + "connectionUrl": "connection_url", + "containedDb": "contained_db", + "disableEscaping": "disable_escaping", + "maxConnectionLifetime": "max_connection_lifetime", + "maxIdleConnections": "max_idle_connections", + "maxOpenConnections": "max_open_connections", + "usernameTemplate": "username_template" + }, + "vault:database/SecretBackendConnectionMysql:SecretBackendConnectionMysql": { + "authType": "auth_type", + "connectionUrl": "connection_url", + "maxConnectionLifetime": "max_connection_lifetime", + "maxIdleConnections": "max_idle_connections", + "maxOpenConnections": "max_open_connections", + "serviceAccountJson": "service_account_json", + "tlsCa": "tls_ca", + "tlsCertificateKey": "tls_certificate_key", + "usernameTemplate": "username_template" + }, + "vault:database/SecretBackendConnectionMysqlAurora:SecretBackendConnectionMysqlAurora": { + "connectionUrl": "connection_url", + "maxConnectionLifetime": "max_connection_lifetime", + "maxIdleConnections": "max_idle_connections", + "maxOpenConnections": "max_open_connections", + "usernameTemplate": "username_template" + }, + "vault:database/SecretBackendConnectionMysqlLegacy:SecretBackendConnectionMysqlLegacy": { + "connectionUrl": "connection_url", + "maxConnectionLifetime": "max_connection_lifetime", + "maxIdleConnections": "max_idle_connections", + "maxOpenConnections": "max_open_connections", + "usernameTemplate": "username_template" + }, + "vault:database/SecretBackendConnectionMysqlRds:SecretBackendConnectionMysqlRds": { + "connectionUrl": "connection_url", + "maxConnectionLifetime": "max_connection_lifetime", + "maxIdleConnections": "max_idle_connections", + "maxOpenConnections": "max_open_connections", + "usernameTemplate": "username_template" + }, + "vault:database/SecretBackendConnectionOracle:SecretBackendConnectionOracle": { + "connectionUrl": "connection_url", + "maxConnectionLifetime": "max_connection_lifetime", + "maxIdleConnections": "max_idle_connections", + "maxOpenConnections": "max_open_connections", + "usernameTemplate": "username_template" + }, + "vault:database/SecretBackendConnectionPostgresql:SecretBackendConnectionPostgresql": { + "authType": "auth_type", + "connectionUrl": "connection_url", + "disableEscaping": "disable_escaping", + "maxConnectionLifetime": "max_connection_lifetime", + "maxIdleConnections": "max_idle_connections", + "maxOpenConnections": "max_open_connections", + "serviceAccountJson": "service_account_json", + "usernameTemplate": "username_template" + }, + "vault:database/SecretBackendConnectionRedis:SecretBackendConnectionRedis": { + "caCert": "ca_cert", + "insecureTls": "insecure_tls" + }, + "vault:database/SecretBackendConnectionRedshift:SecretBackendConnectionRedshift": { + "connectionUrl": "connection_url", + "disableEscaping": "disable_escaping", + "maxConnectionLifetime": "max_connection_lifetime", + "maxIdleConnections": "max_idle_connections", + "maxOpenConnections": "max_open_connections", + "usernameTemplate": "username_template" + }, + "vault:database/SecretBackendConnectionSnowflake:SecretBackendConnectionSnowflake": { + "connectionUrl": "connection_url", + "maxConnectionLifetime": "max_connection_lifetime", + "maxIdleConnections": "max_idle_connections", + "maxOpenConnections": "max_open_connections", + "usernameTemplate": "username_template" + }, + "vault:database/SecretsMountCassandra:SecretsMountCassandra": { + "allowedRoles": "allowed_roles", + "connectTimeout": "connect_timeout", + "insecureTls": "insecure_tls", + "pemBundle": "pem_bundle", + "pemJson": "pem_json", + "pluginName": "plugin_name", + "protocolVersion": "protocol_version", + "rootRotationStatements": "root_rotation_statements", + "verifyConnection": "verify_connection" + }, + "vault:database/SecretsMountCouchbase:SecretsMountCouchbase": { + "allowedRoles": "allowed_roles", + "base64Pem": "base64_pem", + "bucketName": "bucket_name", + "insecureTls": "insecure_tls", + "pluginName": "plugin_name", + "rootRotationStatements": "root_rotation_statements", + "usernameTemplate": "username_template", + "verifyConnection": "verify_connection" + }, + "vault:database/SecretsMountElasticsearch:SecretsMountElasticsearch": { + "allowedRoles": "allowed_roles", + "caCert": "ca_cert", + "caPath": "ca_path", + "clientCert": "client_cert", + "clientKey": "client_key", + "pluginName": "plugin_name", + "rootRotationStatements": "root_rotation_statements", + "tlsServerName": "tls_server_name", + "usernameTemplate": "username_template", + "verifyConnection": "verify_connection" + }, + "vault:database/SecretsMountHana:SecretsMountHana": { + "allowedRoles": "allowed_roles", + "connectionUrl": "connection_url", + "disableEscaping": "disable_escaping", + "maxConnectionLifetime": "max_connection_lifetime", + "maxIdleConnections": "max_idle_connections", + "maxOpenConnections": "max_open_connections", + "pluginName": "plugin_name", + "rootRotationStatements": "root_rotation_statements", + "verifyConnection": "verify_connection" + }, + "vault:database/SecretsMountInfluxdb:SecretsMountInfluxdb": { + "allowedRoles": "allowed_roles", + "connectTimeout": "connect_timeout", + "insecureTls": "insecure_tls", + "pemBundle": "pem_bundle", + "pemJson": "pem_json", + "pluginName": "plugin_name", + "rootRotationStatements": "root_rotation_statements", + "usernameTemplate": "username_template", + "verifyConnection": "verify_connection" + }, + "vault:database/SecretsMountMongodb:SecretsMountMongodb": { + "allowedRoles": "allowed_roles", + "connectionUrl": "connection_url", + "maxConnectionLifetime": "max_connection_lifetime", + "maxIdleConnections": "max_idle_connections", + "maxOpenConnections": "max_open_connections", + "pluginName": "plugin_name", + "rootRotationStatements": "root_rotation_statements", + "usernameTemplate": "username_template", + "verifyConnection": "verify_connection" + }, + "vault:database/SecretsMountMongodbatla:SecretsMountMongodbatla": { + "allowedRoles": "allowed_roles", + "pluginName": "plugin_name", + "privateKey": "private_key", + "projectId": "project_id", + "publicKey": "public_key", + "rootRotationStatements": "root_rotation_statements", + "verifyConnection": "verify_connection" + }, + "vault:database/SecretsMountMssql:SecretsMountMssql": { + "allowedRoles": "allowed_roles", + "connectionUrl": "connection_url", + "containedDb": "contained_db", + "disableEscaping": "disable_escaping", + "maxConnectionLifetime": "max_connection_lifetime", + "maxIdleConnections": "max_idle_connections", + "maxOpenConnections": "max_open_connections", + "pluginName": "plugin_name", + "rootRotationStatements": "root_rotation_statements", + "usernameTemplate": "username_template", + "verifyConnection": "verify_connection" + }, + "vault:database/SecretsMountMysql:SecretsMountMysql": { + "allowedRoles": "allowed_roles", + "authType": "auth_type", + "connectionUrl": "connection_url", + "maxConnectionLifetime": "max_connection_lifetime", + "maxIdleConnections": "max_idle_connections", + "maxOpenConnections": "max_open_connections", + "pluginName": "plugin_name", + "rootRotationStatements": "root_rotation_statements", + "serviceAccountJson": "service_account_json", + "tlsCa": "tls_ca", + "tlsCertificateKey": "tls_certificate_key", + "usernameTemplate": "username_template", + "verifyConnection": "verify_connection" + }, + "vault:database/SecretsMountMysqlAurora:SecretsMountMysqlAurora": { + "allowedRoles": "allowed_roles", + "connectionUrl": "connection_url", + "maxConnectionLifetime": "max_connection_lifetime", + "maxIdleConnections": "max_idle_connections", + "maxOpenConnections": "max_open_connections", + "pluginName": "plugin_name", + "rootRotationStatements": "root_rotation_statements", + "usernameTemplate": "username_template", + "verifyConnection": "verify_connection" + }, + "vault:database/SecretsMountMysqlLegacy:SecretsMountMysqlLegacy": { + "allowedRoles": "allowed_roles", + "connectionUrl": "connection_url", + "maxConnectionLifetime": "max_connection_lifetime", + "maxIdleConnections": "max_idle_connections", + "maxOpenConnections": "max_open_connections", + "pluginName": "plugin_name", + "rootRotationStatements": "root_rotation_statements", + "usernameTemplate": "username_template", + "verifyConnection": "verify_connection" + }, + "vault:database/SecretsMountMysqlRd:SecretsMountMysqlRd": { + "allowedRoles": "allowed_roles", + "connectionUrl": "connection_url", + "maxConnectionLifetime": "max_connection_lifetime", + "maxIdleConnections": "max_idle_connections", + "maxOpenConnections": "max_open_connections", + "pluginName": "plugin_name", + "rootRotationStatements": "root_rotation_statements", + "usernameTemplate": "username_template", + "verifyConnection": "verify_connection" + }, + "vault:database/SecretsMountOracle:SecretsMountOracle": { + "allowedRoles": "allowed_roles", + "connectionUrl": "connection_url", + "maxConnectionLifetime": "max_connection_lifetime", + "maxIdleConnections": "max_idle_connections", + "maxOpenConnections": "max_open_connections", + "pluginName": "plugin_name", + "rootRotationStatements": "root_rotation_statements", + "usernameTemplate": "username_template", + "verifyConnection": "verify_connection" + }, + "vault:database/SecretsMountPostgresql:SecretsMountPostgresql": { + "allowedRoles": "allowed_roles", + "authType": "auth_type", + "connectionUrl": "connection_url", + "disableEscaping": "disable_escaping", + "maxConnectionLifetime": "max_connection_lifetime", + "maxIdleConnections": "max_idle_connections", + "maxOpenConnections": "max_open_connections", + "pluginName": "plugin_name", + "rootRotationStatements": "root_rotation_statements", + "serviceAccountJson": "service_account_json", + "usernameTemplate": "username_template", + "verifyConnection": "verify_connection" + }, + "vault:database/SecretsMountRedi:SecretsMountRedi": { + "allowedRoles": "allowed_roles", + "caCert": "ca_cert", + "insecureTls": "insecure_tls", + "pluginName": "plugin_name", + "rootRotationStatements": "root_rotation_statements", + "verifyConnection": "verify_connection" + }, + "vault:database/SecretsMountRedisElasticach:SecretsMountRedisElasticach": { + "allowedRoles": "allowed_roles", + "pluginName": "plugin_name", + "rootRotationStatements": "root_rotation_statements", + "verifyConnection": "verify_connection" + }, + "vault:database/SecretsMountRedshift:SecretsMountRedshift": { + "allowedRoles": "allowed_roles", + "connectionUrl": "connection_url", + "disableEscaping": "disable_escaping", + "maxConnectionLifetime": "max_connection_lifetime", + "maxIdleConnections": "max_idle_connections", + "maxOpenConnections": "max_open_connections", + "pluginName": "plugin_name", + "rootRotationStatements": "root_rotation_statements", + "usernameTemplate": "username_template", + "verifyConnection": "verify_connection" + }, + "vault:database/SecretsMountSnowflake:SecretsMountSnowflake": { + "allowedRoles": "allowed_roles", + "connectionUrl": "connection_url", + "maxConnectionLifetime": "max_connection_lifetime", + "maxIdleConnections": "max_idle_connections", + "maxOpenConnections": "max_open_connections", + "pluginName": "plugin_name", + "rootRotationStatements": "root_rotation_statements", + "usernameTemplate": "username_template", + "verifyConnection": "verify_connection" + }, + "vault:database/secretBackendConnection:SecretBackendConnection": { + "allowedRoles": "allowed_roles", + "mysqlAurora": "mysql_aurora", + "mysqlLegacy": "mysql_legacy", + "mysqlRds": "mysql_rds", + "pluginName": "plugin_name", + "redisElasticache": "redis_elasticache", + "rootRotationStatements": "root_rotation_statements", + "verifyConnection": "verify_connection" + }, + "vault:database/secretBackendRole:SecretBackendRole": { + "creationStatements": "creation_statements", + "credentialConfig": "credential_config", + "credentialType": "credential_type", + "dbName": "db_name", + "defaultTtl": "default_ttl", + "maxTtl": "max_ttl", + "renewStatements": "renew_statements", + "revocationStatements": "revocation_statements", + "rollbackStatements": "rollback_statements" + }, + "vault:database/secretBackendStaticRole:SecretBackendStaticRole": { + "dbName": "db_name", + "rotationPeriod": "rotation_period", + "rotationSchedule": "rotation_schedule", + "rotationStatements": "rotation_statements", + "rotationWindow": "rotation_window" + }, + "vault:database/secretsMount:SecretsMount": { + "allowedManagedKeys": "allowed_managed_keys", + "auditNonHmacRequestKeys": "audit_non_hmac_request_keys", + "auditNonHmacResponseKeys": "audit_non_hmac_response_keys", + "cassandras": "cassandra", + "couchbases": "couchbase", + "defaultLeaseTtlSeconds": "default_lease_ttl_seconds", + "elasticsearches": "elasticsearch", + "engineCount": "engine_count", + "externalEntropyAccess": "external_entropy_access", + "hanas": "hana", + "influxdbs": "influxdb", + "maxLeaseTtlSeconds": "max_lease_ttl_seconds", + "mongodbs": "mongodb", + "mssqls": "mssql", + "mysqlAuroras": "mysql_aurora", + "mysqlLegacies": "mysql_legacy", + "mysqlRds": "mysql_rds", + "mysqls": "mysql", + "oracles": "oracle", + "postgresqls": "postgresql", + "redisElasticaches": "redis_elasticache", + "redshifts": "redshift", + "sealWrap": "seal_wrap", + "snowflakes": "snowflake" + }, + "vault:gcp/authBackend:AuthBackend": { + "clientEmail": "client_email", + "clientId": "client_id", + "customEndpoint": "custom_endpoint", + "disableRemount": "disable_remount", + "privateKeyId": "private_key_id", + "projectId": "project_id" + }, + "vault:gcp/authBackendRole:AuthBackendRole": { + "addGroupAliases": "add_group_aliases", + "allowGceInference": "allow_gce_inference", + "boundInstanceGroups": "bound_instance_groups", + "boundLabels": "bound_labels", + "boundProjects": "bound_projects", + "boundRegions": "bound_regions", + "boundServiceAccounts": "bound_service_accounts", + "boundZones": "bound_zones", + "maxJwtExp": "max_jwt_exp", + "tokenBoundCidrs": "token_bound_cidrs", + "tokenExplicitMaxTtl": "token_explicit_max_ttl", + "tokenMaxTtl": "token_max_ttl", + "tokenNoDefaultPolicy": "token_no_default_policy", + "tokenNumUses": "token_num_uses", + "tokenPeriod": "token_period", + "tokenPolicies": "token_policies", + "tokenTtl": "token_ttl", + "tokenType": "token_type" + }, + "vault:gcp/getAuthBackendRole:getAuthBackendRole": { + "boundInstanceGroups": "bound_instance_groups", + "boundLabels": "bound_labels", + "boundProjects": "bound_projects", + "boundRegions": "bound_regions", + "boundServiceAccounts": "bound_service_accounts", + "boundZones": "bound_zones", + "roleId": "role_id", + "roleName": "role_name", + "tokenBoundCidrs": "token_bound_cidrs", + "tokenExplicitMaxTtl": "token_explicit_max_ttl", + "tokenMaxTtl": "token_max_ttl", + "tokenNoDefaultPolicy": "token_no_default_policy", + "tokenNumUses": "token_num_uses", + "tokenPeriod": "token_period", + "tokenPolicies": "token_policies", + "tokenTtl": "token_ttl", + "tokenType": "token_type" + }, + "vault:gcp/secretBackend:SecretBackend": { + "defaultLeaseTtlSeconds": "default_lease_ttl_seconds", + "disableRemount": "disable_remount", + "maxLeaseTtlSeconds": "max_lease_ttl_seconds" + }, + "vault:gcp/secretImpersonatedAccount:SecretImpersonatedAccount": { + "impersonatedAccount": "impersonated_account", + "serviceAccountEmail": "service_account_email", + "serviceAccountProject": "service_account_project", + "tokenScopes": "token_scopes" + }, + "vault:gcp/secretRoleset:SecretRoleset": { + "bindings": "binding", + "secretType": "secret_type", + "serviceAccountEmail": "service_account_email", + "tokenScopes": "token_scopes" + }, + "vault:gcp/secretStaticAccount:SecretStaticAccount": { + "bindings": "binding", + "secretType": "secret_type", + "serviceAccountEmail": "service_account_email", + "serviceAccountProject": "service_account_project", + "staticAccount": "static_account", + "tokenScopes": "token_scopes" + }, + "vault:generic/endpoint:Endpoint": { + "dataJson": "data_json", + "disableDelete": "disable_delete", + "disableRead": "disable_read", + "ignoreAbsentFields": "ignore_absent_fields", + "writeData": "write_data", + "writeDataJson": "write_data_json", + "writeFields": "write_fields" + }, + "vault:generic/getSecret:getSecret": { + "dataJson": "data_json", + "leaseDuration": "lease_duration", + "leaseId": "lease_id", + "leaseRenewable": "lease_renewable", + "leaseStartTime": "lease_start_time", + "withLeaseStartTime": "with_lease_start_time" + }, + "vault:generic/secret:Secret": { + "dataJson": "data_json", + "deleteAllVersions": "delete_all_versions", + "disableRead": "disable_read" + }, + "vault:github/AuthBackendTune:AuthBackendTune": { + "allowedResponseHeaders": "allowed_response_headers", + "auditNonHmacRequestKeys": "audit_non_hmac_request_keys", + "auditNonHmacResponseKeys": "audit_non_hmac_response_keys", + "defaultLeaseTtl": "default_lease_ttl", + "listingVisibility": "listing_visibility", + "maxLeaseTtl": "max_lease_ttl", + "passthroughRequestHeaders": "passthrough_request_headers", + "tokenType": "token_type" + }, + "vault:github/authBackend:AuthBackend": { + "baseUrl": "base_url", + "disableRemount": "disable_remount", + "organizationId": "organization_id", + "tokenBoundCidrs": "token_bound_cidrs", + "tokenExplicitMaxTtl": "token_explicit_max_ttl", + "tokenMaxTtl": "token_max_ttl", + "tokenNoDefaultPolicy": "token_no_default_policy", + "tokenNumUses": "token_num_uses", + "tokenPeriod": "token_period", + "tokenPolicies": "token_policies", + "tokenTtl": "token_ttl", + "tokenType": "token_type" + }, + "vault:identity/entity:Entity": { + "externalPolicies": "external_policies" + }, + "vault:identity/entityAlias:EntityAlias": { + "canonicalId": "canonical_id", + "customMetadata": "custom_metadata", + "mountAccessor": "mount_accessor" + }, + "vault:identity/entityPolicies:EntityPolicies": { + "entityId": "entity_id", + "entityName": "entity_name" + }, + "vault:identity/getEntity:getEntity": { + "aliasId": "alias_id", + "aliasMountAccessor": "alias_mount_accessor", + "aliasName": "alias_name", + "creationTime": "creation_time", + "dataJson": "data_json", + "directGroupIds": "direct_group_ids", + "entityId": "entity_id", + "entityName": "entity_name", + "groupIds": "group_ids", + "inheritedGroupIds": "inherited_group_ids", + "lastUpdateTime": "last_update_time", + "mergedEntityIds": "merged_entity_ids", + "namespaceId": "namespace_id" + }, + "vault:identity/getEntityAlias:getEntityAlias": { + "canonicalId": "canonical_id", + "creationTime": "creation_time", + "lastUpdateTime": "last_update_time", + "mergedFromCanonicalIds": "merged_from_canonical_ids", + "mountAccessor": "mount_accessor", + "mountPath": "mount_path", + "mountType": "mount_type" + }, + "vault:identity/getGroup:getGroup": { + "aliasCanonicalId": "alias_canonical_id", + "aliasCreationTime": "alias_creation_time", + "aliasId": "alias_id", + "aliasLastUpdateTime": "alias_last_update_time", + "aliasMergedFromCanonicalIds": "alias_merged_from_canonical_ids", + "aliasMetadata": "alias_metadata", + "aliasMountAccessor": "alias_mount_accessor", + "aliasMountPath": "alias_mount_path", + "aliasMountType": "alias_mount_type", + "aliasName": "alias_name", + "creationTime": "creation_time", + "dataJson": "data_json", + "groupId": "group_id", + "groupName": "group_name", + "lastUpdateTime": "last_update_time", + "memberEntityIds": "member_entity_ids", + "memberGroupIds": "member_group_ids", + "modifyIndex": "modify_index", + "namespaceId": "namespace_id", + "parentGroupIds": "parent_group_ids" + }, + "vault:identity/getOidcClientCreds:getOidcClientCreds": { + "clientId": "client_id", + "clientSecret": "client_secret" + }, + "vault:identity/getOidcOpenidConfig:getOidcOpenidConfig": { + "authorizationEndpoint": "authorization_endpoint", + "grantTypesSupporteds": "grant_types_supported", + "idTokenSigningAlgValuesSupporteds": "id_token_signing_alg_values_supported", + "jwksUri": "jwks_uri", + "requestUriParameterSupported": "request_uri_parameter_supported", + "responseTypesSupporteds": "response_types_supported", + "scopesSupporteds": "scopes_supported", + "subjectTypesSupporteds": "subject_types_supported", + "tokenEndpoint": "token_endpoint", + "tokenEndpointAuthMethodsSupporteds": "token_endpoint_auth_methods_supported", + "userinfoEndpoint": "userinfo_endpoint" + }, + "vault:identity/group:Group": { + "externalMemberEntityIds": "external_member_entity_ids", + "externalMemberGroupIds": "external_member_group_ids", + "externalPolicies": "external_policies", + "memberEntityIds": "member_entity_ids", + "memberGroupIds": "member_group_ids" + }, + "vault:identity/groupAlias:GroupAlias": { + "canonicalId": "canonical_id", + "mountAccessor": "mount_accessor" + }, + "vault:identity/groupMemberEntityIds:GroupMemberEntityIds": { + "groupId": "group_id", + "groupName": "group_name", + "memberEntityIds": "member_entity_ids" + }, + "vault:identity/groupMemberGroupIds:GroupMemberGroupIds": { + "groupId": "group_id", + "memberGroupIds": "member_group_ids" + }, + "vault:identity/groupPolicies:GroupPolicies": { + "groupId": "group_id", + "groupName": "group_name" + }, + "vault:identity/mfaDuo:MfaDuo": { + "apiHostname": "api_hostname", + "integrationKey": "integration_key", + "methodId": "method_id", + "mountAccessor": "mount_accessor", + "namespaceId": "namespace_id", + "namespacePath": "namespace_path", + "pushInfo": "push_info", + "secretKey": "secret_key", + "usePasscode": "use_passcode", + "usernameFormat": "username_format" + }, + "vault:identity/mfaLoginEnforcement:MfaLoginEnforcement": { + "authMethodAccessors": "auth_method_accessors", + "authMethodTypes": "auth_method_types", + "identityEntityIds": "identity_entity_ids", + "identityGroupIds": "identity_group_ids", + "mfaMethodIds": "mfa_method_ids", + "namespaceId": "namespace_id", + "namespacePath": "namespace_path" + }, + "vault:identity/mfaOkta:MfaOkta": { + "apiToken": "api_token", + "baseUrl": "base_url", + "methodId": "method_id", + "mountAccessor": "mount_accessor", + "namespaceId": "namespace_id", + "namespacePath": "namespace_path", + "orgName": "org_name", + "primaryEmail": "primary_email", + "usernameFormat": "username_format" + }, + "vault:identity/mfaPingid:MfaPingid": { + "adminUrl": "admin_url", + "authenticatorUrl": "authenticator_url", + "idpUrl": "idp_url", + "methodId": "method_id", + "mountAccessor": "mount_accessor", + "namespaceId": "namespace_id", + "namespacePath": "namespace_path", + "orgAlias": "org_alias", + "settingsFileBase64": "settings_file_base64", + "useSignature": "use_signature", + "usernameFormat": "username_format" + }, + "vault:identity/mfaTotp:MfaTotp": { + "keySize": "key_size", + "maxValidationAttempts": "max_validation_attempts", + "methodId": "method_id", + "mountAccessor": "mount_accessor", + "namespaceId": "namespace_id", + "namespacePath": "namespace_path", + "qrSize": "qr_size" + }, + "vault:identity/oidcAssignment:OidcAssignment": { + "entityIds": "entity_ids", + "groupIds": "group_ids" + }, + "vault:identity/oidcClient:OidcClient": { + "accessTokenTtl": "access_token_ttl", + "clientId": "client_id", + "clientSecret": "client_secret", + "clientType": "client_type", + "idTokenTtl": "id_token_ttl", + "redirectUris": "redirect_uris" + }, + "vault:identity/oidcKey:OidcKey": { + "allowedClientIds": "allowed_client_ids", + "rotationPeriod": "rotation_period", + "verificationTtl": "verification_ttl" + }, + "vault:identity/oidcKeyAllowedClientID:OidcKeyAllowedClientID": { + "allowedClientId": "allowed_client_id", + "keyName": "key_name" + }, + "vault:identity/oidcProvider:OidcProvider": { + "allowedClientIds": "allowed_client_ids", + "httpsEnabled": "https_enabled", + "issuerHost": "issuer_host", + "scopesSupporteds": "scopes_supported" + }, + "vault:identity/oidcRole:OidcRole": { + "clientId": "client_id" + }, + "vault:index/AuthBackendTune:AuthBackendTune": { + "allowedResponseHeaders": "allowed_response_headers", + "auditNonHmacRequestKeys": "audit_non_hmac_request_keys", + "auditNonHmacResponseKeys": "audit_non_hmac_response_keys", + "defaultLeaseTtl": "default_lease_ttl", + "listingVisibility": "listing_visibility", + "maxLeaseTtl": "max_lease_ttl", + "passthroughRequestHeaders": "passthrough_request_headers", + "tokenType": "token_type" + }, + "vault:index/ProviderAuthLogin:ProviderAuthLogin": { + "useRootNamespace": "use_root_namespace" + }, + "vault:index/ProviderAuthLoginAws:ProviderAuthLoginAws": { + "awsAccessKeyId": "aws_access_key_id", + "awsIamEndpoint": "aws_iam_endpoint", + "awsProfile": "aws_profile", + "awsRegion": "aws_region", + "awsRoleArn": "aws_role_arn", + "awsRoleSessionName": "aws_role_session_name", + "awsSecretAccessKey": "aws_secret_access_key", + "awsSessionToken": "aws_session_token", + "awsSharedCredentialsFile": "aws_shared_credentials_file", + "awsStsEndpoint": "aws_sts_endpoint", + "awsWebIdentityTokenFile": "aws_web_identity_token_file", + "headerValue": "header_value", + "useRootNamespace": "use_root_namespace" + }, + "vault:index/ProviderAuthLoginAzure:ProviderAuthLoginAzure": { + "clientId": "client_id", + "resourceGroupName": "resource_group_name", + "subscriptionId": "subscription_id", + "tenantId": "tenant_id", + "useRootNamespace": "use_root_namespace", + "vmName": "vm_name", + "vmssName": "vmss_name" + }, + "vault:index/ProviderAuthLoginCert:ProviderAuthLoginCert": { + "certFile": "cert_file", + "keyFile": "key_file", + "useRootNamespace": "use_root_namespace" + }, + "vault:index/ProviderAuthLoginGcp:ProviderAuthLoginGcp": { + "serviceAccount": "service_account", + "useRootNamespace": "use_root_namespace" + }, + "vault:index/ProviderAuthLoginJwt:ProviderAuthLoginJwt": { + "useRootNamespace": "use_root_namespace" + }, + "vault:index/ProviderAuthLoginKerberos:ProviderAuthLoginKerberos": { + "disableFastNegotiation": "disable_fast_negotiation", + "keytabPath": "keytab_path", + "krb5confPath": "krb5conf_path", + "removeInstanceName": "remove_instance_name", + "useRootNamespace": "use_root_namespace" + }, + "vault:index/ProviderAuthLoginOci:ProviderAuthLoginOci": { + "authType": "auth_type", + "useRootNamespace": "use_root_namespace" + }, + "vault:index/ProviderAuthLoginOidc:ProviderAuthLoginOidc": { + "callbackAddress": "callback_address", + "callbackListenerAddress": "callback_listener_address", + "useRootNamespace": "use_root_namespace" + }, + "vault:index/ProviderAuthLoginRadius:ProviderAuthLoginRadius": { + "useRootNamespace": "use_root_namespace" + }, + "vault:index/ProviderAuthLoginTokenFile:ProviderAuthLoginTokenFile": { + "useRootNamespace": "use_root_namespace" + }, + "vault:index/ProviderAuthLoginUserpass:ProviderAuthLoginUserpass": { + "passwordFile": "password_file", + "useRootNamespace": "use_root_namespace" + }, + "vault:index/ProviderClientAuth:ProviderClientAuth": { + "certFile": "cert_file", + "keyFile": "key_file" + }, + "vault:index/authBackend:AuthBackend": { + "disableRemount": "disable_remount" + }, + "vault:index/certAuthBackendRole:CertAuthBackendRole": { + "allowedCommonNames": "allowed_common_names", + "allowedDnsSans": "allowed_dns_sans", + "allowedEmailSans": "allowed_email_sans", + "allowedNames": "allowed_names", + "allowedOrganizationUnits": "allowed_organization_units", + "allowedOrganizationalUnits": "allowed_organizational_units", + "allowedUriSans": "allowed_uri_sans", + "displayName": "display_name", + "ocspCaCertificates": "ocsp_ca_certificates", + "ocspEnabled": "ocsp_enabled", + "ocspFailOpen": "ocsp_fail_open", + "ocspQueryAllServers": "ocsp_query_all_servers", + "ocspServersOverrides": "ocsp_servers_override", + "requiredExtensions": "required_extensions", + "tokenBoundCidrs": "token_bound_cidrs", + "tokenExplicitMaxTtl": "token_explicit_max_ttl", + "tokenMaxTtl": "token_max_ttl", + "tokenNoDefaultPolicy": "token_no_default_policy", + "tokenNumUses": "token_num_uses", + "tokenPeriod": "token_period", + "tokenPolicies": "token_policies", + "tokenTtl": "token_ttl", + "tokenType": "token_type" + }, + "vault:index/egpPolicy:EgpPolicy": { + "enforcementLevel": "enforcement_level" + }, + "vault:index/getAuthBackend:getAuthBackend": { + "defaultLeaseTtlSeconds": "default_lease_ttl_seconds", + "listingVisibility": "listing_visibility", + "maxLeaseTtlSeconds": "max_lease_ttl_seconds" + }, + "vault:index/getNomadAccessToken:getNomadAccessToken": { + "accessorId": "accessor_id", + "secretId": "secret_id" + }, + "vault:index/getPolicyDocument:getPolicyDocument": { + "rules": "rule" + }, + "vault:index/getPolicyDocumentRule:getPolicyDocumentRule": { + "allowedParameters": "allowed_parameter", + "deniedParameters": "denied_parameter", + "maxWrappingTtl": "max_wrapping_ttl", + "minWrappingTtl": "min_wrapping_ttl", + "requiredParameters": "required_parameters" + }, + "vault:index/getPolicyDocumentRuleAllowedParameter:getPolicyDocumentRuleAllowedParameter": { + "values": "value" + }, + "vault:index/getPolicyDocumentRuleDeniedParameter:getPolicyDocumentRuleDeniedParameter": { + "values": "value" + }, + "vault:index/getRaftAutopilotState:getRaftAutopilotState": { + "failureTolerance": "failure_tolerance", + "optimisticFailureTolerance": "optimistic_failure_tolerance", + "redundancyZones": "redundancy_zones", + "redundancyZonesJson": "redundancy_zones_json", + "serversJson": "servers_json", + "upgradeInfo": "upgrade_info", + "upgradeInfoJson": "upgrade_info_json" + }, + "vault:index/mfaDuo:MfaDuo": { + "apiHostname": "api_hostname", + "integrationKey": "integration_key", + "mountAccessor": "mount_accessor", + "pushInfo": "push_info", + "secretKey": "secret_key", + "usernameFormat": "username_format" + }, + "vault:index/mfaOkta:MfaOkta": { + "apiToken": "api_token", + "baseUrl": "base_url", + "mountAccessor": "mount_accessor", + "orgName": "org_name", + "primaryEmail": "primary_email", + "usernameFormat": "username_format" + }, + "vault:index/mfaPingid:MfaPingid": { + "adminUrl": "admin_url", + "authenticatorUrl": "authenticator_url", + "idpUrl": "idp_url", + "mountAccessor": "mount_accessor", + "namespaceId": "namespace_id", + "orgAlias": "org_alias", + "settingsFileBase64": "settings_file_base64", + "useSignature": "use_signature", + "usernameFormat": "username_format" + }, + "vault:index/mfaTotp:MfaTotp": { + "keySize": "key_size", + "qrSize": "qr_size" + }, + "vault:index/mount:Mount": { + "allowedManagedKeys": "allowed_managed_keys", + "auditNonHmacRequestKeys": "audit_non_hmac_request_keys", + "auditNonHmacResponseKeys": "audit_non_hmac_response_keys", + "defaultLeaseTtlSeconds": "default_lease_ttl_seconds", + "externalEntropyAccess": "external_entropy_access", + "maxLeaseTtlSeconds": "max_lease_ttl_seconds", + "sealWrap": "seal_wrap" + }, + "vault:index/namespace:Namespace": { + "customMetadata": "custom_metadata", + "namespaceId": "namespace_id", + "pathFq": "path_fq" + }, + "vault:index/nomadSecretBackend:NomadSecretBackend": { + "caCert": "ca_cert", + "clientCert": "client_cert", + "clientKey": "client_key", + "defaultLeaseTtlSeconds": "default_lease_ttl_seconds", + "disableRemount": "disable_remount", + "maxLeaseTtlSeconds": "max_lease_ttl_seconds", + "maxTokenNameLength": "max_token_name_length", + "maxTtl": "max_ttl" + }, + "vault:index/quotaLeaseCount:QuotaLeaseCount": { + "maxLeases": "max_leases" + }, + "vault:index/quotaRateLimit:QuotaRateLimit": { + "blockInterval": "block_interval" + }, + "vault:index/raftAutopilot:RaftAutopilot": { + "cleanupDeadServers": "cleanup_dead_servers", + "deadServerLastContactThreshold": "dead_server_last_contact_threshold", + "disableUpgradeMigration": "disable_upgrade_migration", + "lastContactThreshold": "last_contact_threshold", + "maxTrailingLogs": "max_trailing_logs", + "minQuorum": "min_quorum", + "serverStabilizationTime": "server_stabilization_time" + }, + "vault:index/raftSnapshotAgentConfig:RaftSnapshotAgentConfig": { + "awsAccessKeyId": "aws_access_key_id", + "awsS3Bucket": "aws_s3_bucket", + "awsS3DisableTls": "aws_s3_disable_tls", + "awsS3EnableKms": "aws_s3_enable_kms", + "awsS3Endpoint": "aws_s3_endpoint", + "awsS3ForcePathStyle": "aws_s3_force_path_style", + "awsS3KmsKey": "aws_s3_kms_key", + "awsS3Region": "aws_s3_region", + "awsS3ServerSideEncryption": "aws_s3_server_side_encryption", + "awsSecretAccessKey": "aws_secret_access_key", + "awsSessionToken": "aws_session_token", + "azureAccountKey": "azure_account_key", + "azureAccountName": "azure_account_name", + "azureBlobEnvironment": "azure_blob_environment", + "azureContainerName": "azure_container_name", + "azureEndpoint": "azure_endpoint", + "filePrefix": "file_prefix", + "googleDisableTls": "google_disable_tls", + "googleEndpoint": "google_endpoint", + "googleGcsBucket": "google_gcs_bucket", + "googleServiceAccountKey": "google_service_account_key", + "intervalSeconds": "interval_seconds", + "localMaxSpace": "local_max_space", + "pathPrefix": "path_prefix", + "storageType": "storage_type" + }, + "vault:index/rgpPolicy:RgpPolicy": { + "enforcementLevel": "enforcement_level" + }, + "vault:index/token:Token": { + "clientToken": "client_token", + "displayName": "display_name", + "explicitMaxTtl": "explicit_max_ttl", + "leaseDuration": "lease_duration", + "leaseStarted": "lease_started", + "noDefaultPolicy": "no_default_policy", + "noParent": "no_parent", + "numUses": "num_uses", + "renewIncrement": "renew_increment", + "renewMinLease": "renew_min_lease", + "roleName": "role_name", + "wrappedToken": "wrapped_token", + "wrappingAccessor": "wrapping_accessor", + "wrappingTtl": "wrapping_ttl" + }, + "vault:index:Provider": { + "addAddressToEnv": "add_address_to_env", + "authLogin": "auth_login", + "authLoginAws": "auth_login_aws", + "authLoginAzure": "auth_login_azure", + "authLoginCert": "auth_login_cert", + "authLoginGcp": "auth_login_gcp", + "authLoginJwt": "auth_login_jwt", + "authLoginKerberos": "auth_login_kerberos", + "authLoginOci": "auth_login_oci", + "authLoginOidc": "auth_login_oidc", + "authLoginRadius": "auth_login_radius", + "authLoginTokenFile": "auth_login_token_file", + "authLoginUserpass": "auth_login_userpass", + "caCertDir": "ca_cert_dir", + "caCertFile": "ca_cert_file", + "clientAuth": "client_auth", + "maxLeaseTtlSeconds": "max_lease_ttl_seconds", + "maxRetries": "max_retries", + "maxRetriesCcc": "max_retries_ccc", + "setNamespaceFromToken": "set_namespace_from_token", + "skipChildToken": "skip_child_token", + "skipGetVaultVersion": "skip_get_vault_version", + "skipTlsVerify": "skip_tls_verify", + "tlsServerName": "tls_server_name", + "tokenName": "token_name", + "vaultVersionOverride": "vault_version_override" + }, + "vault:jwt/AuthBackendTune:AuthBackendTune": { + "allowedResponseHeaders": "allowed_response_headers", + "auditNonHmacRequestKeys": "audit_non_hmac_request_keys", + "auditNonHmacResponseKeys": "audit_non_hmac_response_keys", + "defaultLeaseTtl": "default_lease_ttl", + "listingVisibility": "listing_visibility", + "maxLeaseTtl": "max_lease_ttl", + "passthroughRequestHeaders": "passthrough_request_headers", + "tokenType": "token_type" + }, + "vault:jwt/authBackend:AuthBackend": { + "boundIssuer": "bound_issuer", + "defaultRole": "default_role", + "disableRemount": "disable_remount", + "jwksCaPem": "jwks_ca_pem", + "jwksUrl": "jwks_url", + "jwtSupportedAlgs": "jwt_supported_algs", + "jwtValidationPubkeys": "jwt_validation_pubkeys", + "namespaceInState": "namespace_in_state", + "oidcClientId": "oidc_client_id", + "oidcClientSecret": "oidc_client_secret", + "oidcDiscoveryCaPem": "oidc_discovery_ca_pem", + "oidcDiscoveryUrl": "oidc_discovery_url", + "oidcResponseMode": "oidc_response_mode", + "oidcResponseTypes": "oidc_response_types", + "providerConfig": "provider_config" + }, + "vault:jwt/authBackendRole:AuthBackendRole": { + "allowedRedirectUris": "allowed_redirect_uris", + "boundAudiences": "bound_audiences", + "boundClaims": "bound_claims", + "boundClaimsType": "bound_claims_type", + "boundSubject": "bound_subject", + "claimMappings": "claim_mappings", + "clockSkewLeeway": "clock_skew_leeway", + "disableBoundClaimsParsing": "disable_bound_claims_parsing", + "expirationLeeway": "expiration_leeway", + "groupsClaim": "groups_claim", + "maxAge": "max_age", + "notBeforeLeeway": "not_before_leeway", + "oidcScopes": "oidc_scopes", + "roleName": "role_name", + "roleType": "role_type", + "tokenBoundCidrs": "token_bound_cidrs", + "tokenExplicitMaxTtl": "token_explicit_max_ttl", + "tokenMaxTtl": "token_max_ttl", + "tokenNoDefaultPolicy": "token_no_default_policy", + "tokenNumUses": "token_num_uses", + "tokenPeriod": "token_period", + "tokenPolicies": "token_policies", + "tokenTtl": "token_ttl", + "tokenType": "token_type", + "userClaim": "user_claim", + "userClaimJsonPointer": "user_claim_json_pointer", + "verboseOidcLogging": "verbose_oidc_logging" + }, + "vault:kmip/secretBackend:SecretBackend": { + "defaultTlsClientKeyBits": "default_tls_client_key_bits", + "defaultTlsClientKeyType": "default_tls_client_key_type", + "defaultTlsClientTtl": "default_tls_client_ttl", + "disableRemount": "disable_remount", + "listenAddrs": "listen_addrs", + "serverHostnames": "server_hostnames", + "serverIps": "server_ips", + "tlsCaKeyBits": "tls_ca_key_bits", + "tlsCaKeyType": "tls_ca_key_type", + "tlsMinVersion": "tls_min_version" + }, + "vault:kmip/secretRole:SecretRole": { + "operationActivate": "operation_activate", + "operationAddAttribute": "operation_add_attribute", + "operationAll": "operation_all", + "operationCreate": "operation_create", + "operationDestroy": "operation_destroy", + "operationDiscoverVersions": "operation_discover_versions", + "operationGet": "operation_get", + "operationGetAttributeList": "operation_get_attribute_list", + "operationGetAttributes": "operation_get_attributes", + "operationLocate": "operation_locate", + "operationNone": "operation_none", + "operationRegister": "operation_register", + "operationRekey": "operation_rekey", + "operationRevoke": "operation_revoke", + "tlsClientKeyBits": "tls_client_key_bits", + "tlsClientKeyType": "tls_client_key_type", + "tlsClientTtl": "tls_client_ttl" + }, + "vault:kubernetes/authBackendConfig:AuthBackendConfig": { + "disableIssValidation": "disable_iss_validation", + "disableLocalCaJwt": "disable_local_ca_jwt", + "kubernetesCaCert": "kubernetes_ca_cert", + "kubernetesHost": "kubernetes_host", + "pemKeys": "pem_keys", + "tokenReviewerJwt": "token_reviewer_jwt" + }, + "vault:kubernetes/authBackendRole:AuthBackendRole": { + "aliasNameSource": "alias_name_source", + "boundServiceAccountNames": "bound_service_account_names", + "boundServiceAccountNamespaces": "bound_service_account_namespaces", + "roleName": "role_name", + "tokenBoundCidrs": "token_bound_cidrs", + "tokenExplicitMaxTtl": "token_explicit_max_ttl", + "tokenMaxTtl": "token_max_ttl", + "tokenNoDefaultPolicy": "token_no_default_policy", + "tokenNumUses": "token_num_uses", + "tokenPeriod": "token_period", + "tokenPolicies": "token_policies", + "tokenTtl": "token_ttl", + "tokenType": "token_type" + }, + "vault:kubernetes/getAuthBackendConfig:getAuthBackendConfig": { + "disableIssValidation": "disable_iss_validation", + "disableLocalCaJwt": "disable_local_ca_jwt", + "kubernetesCaCert": "kubernetes_ca_cert", + "kubernetesHost": "kubernetes_host", + "pemKeys": "pem_keys" + }, + "vault:kubernetes/getAuthBackendRole:getAuthBackendRole": { + "aliasNameSource": "alias_name_source", + "boundServiceAccountNames": "bound_service_account_names", + "boundServiceAccountNamespaces": "bound_service_account_namespaces", + "roleName": "role_name", + "tokenBoundCidrs": "token_bound_cidrs", + "tokenExplicitMaxTtl": "token_explicit_max_ttl", + "tokenMaxTtl": "token_max_ttl", + "tokenNoDefaultPolicy": "token_no_default_policy", + "tokenNumUses": "token_num_uses", + "tokenPeriod": "token_period", + "tokenPolicies": "token_policies", + "tokenTtl": "token_ttl", + "tokenType": "token_type" + }, + "vault:kubernetes/getServiceAccountToken:getServiceAccountToken": { + "clusterRoleBinding": "cluster_role_binding", + "kubernetesNamespace": "kubernetes_namespace", + "leaseDuration": "lease_duration", + "leaseId": "lease_id", + "leaseRenewable": "lease_renewable", + "serviceAccountName": "service_account_name", + "serviceAccountNamespace": "service_account_namespace", + "serviceAccountToken": "service_account_token" + }, + "vault:kubernetes/secretBackend:SecretBackend": { + "allowedManagedKeys": "allowed_managed_keys", + "auditNonHmacRequestKeys": "audit_non_hmac_request_keys", + "auditNonHmacResponseKeys": "audit_non_hmac_response_keys", + "defaultLeaseTtlSeconds": "default_lease_ttl_seconds", + "disableLocalCaJwt": "disable_local_ca_jwt", + "externalEntropyAccess": "external_entropy_access", + "kubernetesCaCert": "kubernetes_ca_cert", + "kubernetesHost": "kubernetes_host", + "maxLeaseTtlSeconds": "max_lease_ttl_seconds", + "sealWrap": "seal_wrap", + "serviceAccountJwt": "service_account_jwt" + }, + "vault:kubernetes/secretBackendRole:SecretBackendRole": { + "allowedKubernetesNamespaces": "allowed_kubernetes_namespaces", + "extraAnnotations": "extra_annotations", + "extraLabels": "extra_labels", + "generatedRoleRules": "generated_role_rules", + "kubernetesRoleName": "kubernetes_role_name", + "kubernetesRoleType": "kubernetes_role_type", + "nameTemplate": "name_template", + "serviceAccountName": "service_account_name", + "tokenDefaultTtl": "token_default_ttl", + "tokenMaxTtl": "token_max_ttl" + }, + "vault:kv/SecretV2CustomMetadata:SecretV2CustomMetadata": { + "casRequired": "cas_required", + "deleteVersionAfter": "delete_version_after", + "maxVersions": "max_versions" + }, + "vault:kv/getSecret:getSecret": { + "dataJson": "data_json", + "leaseDuration": "lease_duration", + "leaseId": "lease_id", + "leaseRenewable": "lease_renewable" + }, + "vault:kv/getSecretSubkeysV2:getSecretSubkeysV2": { + "dataJson": "data_json" + }, + "vault:kv/getSecretV2:getSecretV2": { + "createdTime": "created_time", + "customMetadata": "custom_metadata", + "dataJson": "data_json", + "deletionTime": "deletion_time" + }, + "vault:kv/secret:Secret": { + "dataJson": "data_json" + }, + "vault:kv/secretBackendV2:SecretBackendV2": { + "casRequired": "cas_required", + "deleteVersionAfter": "delete_version_after", + "maxVersions": "max_versions" + }, + "vault:kv/secretV2:SecretV2": { + "customMetadata": "custom_metadata", + "dataJson": "data_json", + "deleteAllVersions": "delete_all_versions", + "disableRead": "disable_read" + }, + "vault:ldap/authBackend:AuthBackend": { + "caseSensitiveNames": "case_sensitive_names", + "clientTlsCert": "client_tls_cert", + "clientTlsKey": "client_tls_key", + "denyNullBind": "deny_null_bind", + "disableRemount": "disable_remount", + "insecureTls": "insecure_tls", + "maxPageSize": "max_page_size", + "tlsMaxVersion": "tls_max_version", + "tlsMinVersion": "tls_min_version", + "tokenBoundCidrs": "token_bound_cidrs", + "tokenExplicitMaxTtl": "token_explicit_max_ttl", + "tokenMaxTtl": "token_max_ttl", + "tokenNoDefaultPolicy": "token_no_default_policy", + "tokenNumUses": "token_num_uses", + "tokenPeriod": "token_period", + "tokenPolicies": "token_policies", + "tokenTtl": "token_ttl", + "tokenType": "token_type", + "useTokenGroups": "use_token_groups", + "usernameAsAlias": "username_as_alias" + }, + "vault:ldap/getDynamicCredentials:getDynamicCredentials": { + "distinguishedNames": "distinguished_names", + "leaseDuration": "lease_duration", + "leaseId": "lease_id", + "leaseRenewable": "lease_renewable", + "roleName": "role_name" + }, + "vault:ldap/getStaticCredentials:getStaticCredentials": { + "lastPassword": "last_password", + "lastVaultRotation": "last_vault_rotation", + "roleName": "role_name", + "rotationPeriod": "rotation_period" + }, + "vault:ldap/secretBackend:SecretBackend": { + "allowedManagedKeys": "allowed_managed_keys", + "auditNonHmacRequestKeys": "audit_non_hmac_request_keys", + "auditNonHmacResponseKeys": "audit_non_hmac_response_keys", + "clientTlsCert": "client_tls_cert", + "clientTlsKey": "client_tls_key", + "connectionTimeout": "connection_timeout", + "defaultLeaseTtlSeconds": "default_lease_ttl_seconds", + "disableRemount": "disable_remount", + "externalEntropyAccess": "external_entropy_access", + "insecureTls": "insecure_tls", + "maxLeaseTtlSeconds": "max_lease_ttl_seconds", + "passwordPolicy": "password_policy", + "requestTimeout": "request_timeout", + "sealWrap": "seal_wrap" + }, + "vault:ldap/secretBackendDynamicRole:SecretBackendDynamicRole": { + "creationLdif": "creation_ldif", + "defaultTtl": "default_ttl", + "deletionLdif": "deletion_ldif", + "maxTtl": "max_ttl", + "roleName": "role_name", + "rollbackLdif": "rollback_ldif", + "usernameTemplate": "username_template" + }, + "vault:ldap/secretBackendLibrarySet:SecretBackendLibrarySet": { + "disableCheckInEnforcement": "disable_check_in_enforcement", + "maxTtl": "max_ttl", + "serviceAccountNames": "service_account_names" + }, + "vault:ldap/secretBackendStaticRole:SecretBackendStaticRole": { + "roleName": "role_name", + "rotationPeriod": "rotation_period" + }, + "vault:managed/KeysAw:KeysAw": { + "accessKey": "access_key", + "allowGenerateKey": "allow_generate_key", + "allowReplaceKey": "allow_replace_key", + "allowStoreKey": "allow_store_key", + "anyMount": "any_mount", + "keyBits": "key_bits", + "keyType": "key_type", + "kmsKey": "kms_key", + "secretKey": "secret_key" + }, + "vault:managed/KeysAzure:KeysAzure": { + "allowGenerateKey": "allow_generate_key", + "allowReplaceKey": "allow_replace_key", + "allowStoreKey": "allow_store_key", + "anyMount": "any_mount", + "clientId": "client_id", + "clientSecret": "client_secret", + "keyBits": "key_bits", + "keyName": "key_name", + "keyType": "key_type", + "tenantId": "tenant_id", + "vaultName": "vault_name" + }, + "vault:managed/KeysPkc:KeysPkc": { + "allowGenerateKey": "allow_generate_key", + "allowReplaceKey": "allow_replace_key", + "allowStoreKey": "allow_store_key", + "anyMount": "any_mount", + "forceRwSession": "force_rw_session", + "keyBits": "key_bits", + "keyId": "key_id", + "keyLabel": "key_label", + "tokenLabel": "token_label" + }, + "vault:managed/keys:Keys": { + "azures": "azure" + }, + "vault:mongodbatlas/secretBackend:SecretBackend": { + "privateKey": "private_key", + "publicKey": "public_key" + }, + "vault:mongodbatlas/secretRole:SecretRole": { + "cidrBlocks": "cidr_blocks", + "ipAddresses": "ip_addresses", + "maxTtl": "max_ttl", + "organizationId": "organization_id", + "projectId": "project_id", + "projectRoles": "project_roles" + }, + "vault:okta/AuthBackendGroup:AuthBackendGroup": { + "groupName": "group_name" + }, + "vault:okta/authBackend:AuthBackend": { + "baseUrl": "base_url", + "bypassOktaMfa": "bypass_okta_mfa", + "disableRemount": "disable_remount", + "groups": "group", + "maxTtl": "max_ttl", + "users": "user" + }, + "vault:okta/authBackendGroup:AuthBackendGroup": { + "groupName": "group_name" + }, + "vault:pkiSecret/getBackendIssuer:getBackendIssuer": { + "caChains": "ca_chain", + "issuerId": "issuer_id", + "issuerName": "issuer_name", + "issuerRef": "issuer_ref", + "keyId": "key_id", + "leafNotAfterBehavior": "leaf_not_after_behavior", + "manualChains": "manual_chain" + }, + "vault:pkiSecret/getBackendIssuers:getBackendIssuers": { + "keyInfo": "key_info", + "keyInfoJson": "key_info_json" + }, + "vault:pkiSecret/getBackendKey:getBackendKey": { + "keyId": "key_id", + "keyName": "key_name", + "keyRef": "key_ref", + "keyType": "key_type" + }, + "vault:pkiSecret/getBackendKeys:getBackendKeys": { + "keyInfo": "key_info", + "keyInfoJson": "key_info_json" + }, + "vault:pkiSecret/secretBackendCert:SecretBackendCert": { + "altNames": "alt_names", + "autoRenew": "auto_renew", + "caChain": "ca_chain", + "commonName": "common_name", + "excludeCnFromSans": "exclude_cn_from_sans", + "ipSans": "ip_sans", + "issuerRef": "issuer_ref", + "issuingCa": "issuing_ca", + "minSecondsRemaining": "min_seconds_remaining", + "otherSans": "other_sans", + "privateKey": "private_key", + "privateKeyFormat": "private_key_format", + "privateKeyType": "private_key_type", + "renewPending": "renew_pending", + "serialNumber": "serial_number", + "uriSans": "uri_sans", + "userIds": "user_ids" + }, + "vault:pkiSecret/secretBackendConfigCa:SecretBackendConfigCa": { + "pemBundle": "pem_bundle" + }, + "vault:pkiSecret/secretBackendConfigIssuers:SecretBackendConfigIssuers": { + "defaultFollowsLatestIssuer": "default_follows_latest_issuer" + }, + "vault:pkiSecret/secretBackendConfigUrls:SecretBackendConfigUrls": { + "crlDistributionPoints": "crl_distribution_points", + "issuingCertificates": "issuing_certificates", + "ocspServers": "ocsp_servers" + }, + "vault:pkiSecret/secretBackendCrlConfig:SecretBackendCrlConfig": { + "autoRebuild": "auto_rebuild", + "autoRebuildGracePeriod": "auto_rebuild_grace_period", + "crossClusterRevocation": "cross_cluster_revocation", + "deltaRebuildInterval": "delta_rebuild_interval", + "enableDelta": "enable_delta", + "ocspDisable": "ocsp_disable", + "ocspExpiry": "ocsp_expiry", + "unifiedCrl": "unified_crl", + "unifiedCrlOnExistingPaths": "unified_crl_on_existing_paths" + }, + "vault:pkiSecret/secretBackendIntermediateCertRequest:SecretBackendIntermediateCertRequest": { + "addBasicConstraints": "add_basic_constraints", + "altNames": "alt_names", + "commonName": "common_name", + "excludeCnFromSans": "exclude_cn_from_sans", + "ipSans": "ip_sans", + "keyBits": "key_bits", + "keyId": "key_id", + "keyName": "key_name", + "keyRef": "key_ref", + "keyType": "key_type", + "managedKeyId": "managed_key_id", + "managedKeyName": "managed_key_name", + "otherSans": "other_sans", + "postalCode": "postal_code", + "privateKey": "private_key", + "privateKeyFormat": "private_key_format", + "privateKeyType": "private_key_type", + "streetAddress": "street_address", + "uriSans": "uri_sans" + }, + "vault:pkiSecret/secretBackendIntermediateSetSigned:SecretBackendIntermediateSetSigned": { + "importedIssuers": "imported_issuers", + "importedKeys": "imported_keys" + }, + "vault:pkiSecret/secretBackendIssuer:SecretBackendIssuer": { + "crlDistributionPoints": "crl_distribution_points", + "enableAiaUrlTemplating": "enable_aia_url_templating", + "issuerId": "issuer_id", + "issuerName": "issuer_name", + "issuerRef": "issuer_ref", + "issuingCertificates": "issuing_certificates", + "leafNotAfterBehavior": "leaf_not_after_behavior", + "manualChains": "manual_chain", + "ocspServers": "ocsp_servers", + "revocationSignatureAlgorithm": "revocation_signature_algorithm" + }, + "vault:pkiSecret/secretBackendKey:SecretBackendKey": { + "keyBits": "key_bits", + "keyId": "key_id", + "keyName": "key_name", + "keyType": "key_type", + "managedKeyId": "managed_key_id", + "managedKeyName": "managed_key_name" + }, + "vault:pkiSecret/secretBackendRole:SecretBackendRole": { + "allowAnyName": "allow_any_name", + "allowBareDomains": "allow_bare_domains", + "allowGlobDomains": "allow_glob_domains", + "allowIpSans": "allow_ip_sans", + "allowLocalhost": "allow_localhost", + "allowSubdomains": "allow_subdomains", + "allowWildcardCertificates": "allow_wildcard_certificates", + "allowedDomains": "allowed_domains", + "allowedDomainsTemplate": "allowed_domains_template", + "allowedOtherSans": "allowed_other_sans", + "allowedSerialNumbers": "allowed_serial_numbers", + "allowedUriSans": "allowed_uri_sans", + "allowedUriSansTemplate": "allowed_uri_sans_template", + "allowedUserIds": "allowed_user_ids", + "basicConstraintsValidForNonCa": "basic_constraints_valid_for_non_ca", + "clientFlag": "client_flag", + "codeSigningFlag": "code_signing_flag", + "countries": "country", + "emailProtectionFlag": "email_protection_flag", + "enforceHostnames": "enforce_hostnames", + "extKeyUsages": "ext_key_usage", + "generateLease": "generate_lease", + "issuerRef": "issuer_ref", + "keyBits": "key_bits", + "keyType": "key_type", + "keyUsages": "key_usage", + "localities": "locality", + "maxTtl": "max_ttl", + "noStore": "no_store", + "notBeforeDuration": "not_before_duration", + "organizationUnit": "ou", + "organizations": "organization", + "policyIdentifier": "policy_identifier", + "policyIdentifiers": "policy_identifiers", + "postalCodes": "postal_code", + "provinces": "province", + "requireCn": "require_cn", + "serverFlag": "server_flag", + "streetAddresses": "street_address", + "useCsrCommonName": "use_csr_common_name", + "useCsrSans": "use_csr_sans" + }, + "vault:pkiSecret/secretBackendRootCert:SecretBackendRootCert": { + "altNames": "alt_names", + "commonName": "common_name", + "excludeCnFromSans": "exclude_cn_from_sans", + "ipSans": "ip_sans", + "issuerId": "issuer_id", + "issuerName": "issuer_name", + "issuingCa": "issuing_ca", + "keyBits": "key_bits", + "keyId": "key_id", + "keyName": "key_name", + "keyRef": "key_ref", + "keyType": "key_type", + "managedKeyId": "managed_key_id", + "managedKeyName": "managed_key_name", + "maxPathLength": "max_path_length", + "otherSans": "other_sans", + "permittedDnsDomains": "permitted_dns_domains", + "postalCode": "postal_code", + "privateKeyFormat": "private_key_format", + "serialNumber": "serial_number", + "streetAddress": "street_address", + "uriSans": "uri_sans" + }, + "vault:pkiSecret/secretBackendRootSignIntermediate:SecretBackendRootSignIntermediate": { + "altNames": "alt_names", + "caChains": "ca_chain", + "certificateBundle": "certificate_bundle", + "commonName": "common_name", + "excludeCnFromSans": "exclude_cn_from_sans", + "ipSans": "ip_sans", + "issuerRef": "issuer_ref", + "issuingCa": "issuing_ca", + "maxPathLength": "max_path_length", + "otherSans": "other_sans", + "permittedDnsDomains": "permitted_dns_domains", + "postalCode": "postal_code", + "serialNumber": "serial_number", + "streetAddress": "street_address", + "uriSans": "uri_sans", + "useCsrValues": "use_csr_values" + }, + "vault:pkiSecret/secretBackendSign:SecretBackendSign": { + "altNames": "alt_names", + "autoRenew": "auto_renew", + "caChains": "ca_chain", + "commonName": "common_name", + "excludeCnFromSans": "exclude_cn_from_sans", + "ipSans": "ip_sans", + "issuerRef": "issuer_ref", + "issuingCa": "issuing_ca", + "minSecondsRemaining": "min_seconds_remaining", + "otherSans": "other_sans", + "renewPending": "renew_pending", + "serialNumber": "serial_number", + "uriSans": "uri_sans" + }, + "vault:rabbitMq/SecretBackendRoleVhostTopic:SecretBackendRoleVhostTopic": { + "vhosts": "vhost" + }, + "vault:rabbitMq/secretBackend:SecretBackend": { + "connectionUri": "connection_uri", + "defaultLeaseTtlSeconds": "default_lease_ttl_seconds", + "disableRemount": "disable_remount", + "maxLeaseTtlSeconds": "max_lease_ttl_seconds", + "passwordPolicy": "password_policy", + "usernameTemplate": "username_template", + "verifyConnection": "verify_connection" + }, + "vault:rabbitMq/secretBackendRole:SecretBackendRole": { + "vhostTopics": "vhost_topic", + "vhosts": "vhost" + }, + "vault:saml/authBackend:AuthBackend": { + "acsUrls": "acs_urls", + "defaultRole": "default_role", + "disableRemount": "disable_remount", + "entityId": "entity_id", + "idpCert": "idp_cert", + "idpEntityId": "idp_entity_id", + "idpMetadataUrl": "idp_metadata_url", + "idpSsoUrl": "idp_sso_url", + "verboseLogging": "verbose_logging" + }, + "vault:saml/authBackendRole:AuthBackendRole": { + "boundAttributes": "bound_attributes", + "boundAttributesType": "bound_attributes_type", + "boundSubjects": "bound_subjects", + "boundSubjectsType": "bound_subjects_type", + "groupsAttribute": "groups_attribute", + "tokenBoundCidrs": "token_bound_cidrs", + "tokenExplicitMaxTtl": "token_explicit_max_ttl", + "tokenMaxTtl": "token_max_ttl", + "tokenNoDefaultPolicy": "token_no_default_policy", + "tokenNumUses": "token_num_uses", + "tokenPeriod": "token_period", + "tokenPolicies": "token_policies", + "tokenTtl": "token_ttl", + "tokenType": "token_type" + }, + "vault:ssh/secretBackendCa:SecretBackendCa": { + "generateSigningKey": "generate_signing_key", + "privateKey": "private_key", + "publicKey": "public_key" + }, + "vault:ssh/secretBackendRole:SecretBackendRole": { + "algorithmSigner": "algorithm_signer", + "allowBareDomains": "allow_bare_domains", + "allowHostCertificates": "allow_host_certificates", + "allowSubdomains": "allow_subdomains", + "allowUserCertificates": "allow_user_certificates", + "allowUserKeyIds": "allow_user_key_ids", + "allowedCriticalOptions": "allowed_critical_options", + "allowedDomains": "allowed_domains", + "allowedDomainsTemplate": "allowed_domains_template", + "allowedExtensions": "allowed_extensions", + "allowedUserKeyConfigs": "allowed_user_key_config", + "allowedUserKeyLengths": "allowed_user_key_lengths", + "allowedUsers": "allowed_users", + "allowedUsersTemplate": "allowed_users_template", + "cidrList": "cidr_list", + "defaultCriticalOptions": "default_critical_options", + "defaultExtensions": "default_extensions", + "defaultUser": "default_user", + "defaultUserTemplate": "default_user_template", + "keyIdFormat": "key_id_format", + "keyType": "key_type", + "maxTtl": "max_ttl", + "notBeforeDuration": "not_before_duration" + }, + "vault:terraformcloud/secretBackend:SecretBackend": { + "basePath": "base_path", + "defaultLeaseTtlSeconds": "default_lease_ttl_seconds", + "disableRemount": "disable_remount", + "maxLeaseTtlSeconds": "max_lease_ttl_seconds" + }, + "vault:terraformcloud/secretCreds:SecretCreds": { + "leaseId": "lease_id", + "teamId": "team_id", + "tokenId": "token_id" + }, + "vault:terraformcloud/secretRole:SecretRole": { + "maxTtl": "max_ttl", + "teamId": "team_id", + "userId": "user_id" + }, + "vault:tokenauth/authBackendRole:AuthBackendRole": { + "allowedEntityAliases": "allowed_entity_aliases", + "allowedPolicies": "allowed_policies", + "allowedPoliciesGlobs": "allowed_policies_glob", + "disallowedPolicies": "disallowed_policies", + "disallowedPoliciesGlobs": "disallowed_policies_glob", + "pathSuffix": "path_suffix", + "roleName": "role_name", + "tokenBoundCidrs": "token_bound_cidrs", + "tokenExplicitMaxTtl": "token_explicit_max_ttl", + "tokenMaxTtl": "token_max_ttl", + "tokenNoDefaultPolicy": "token_no_default_policy", + "tokenNumUses": "token_num_uses", + "tokenPeriod": "token_period", + "tokenPolicies": "token_policies", + "tokenTtl": "token_ttl", + "tokenType": "token_type" + }, + "vault:transform/getDecode:getDecode": { + "batchInputs": "batch_input", + "batchResults": "batch_results", + "decodedValue": "decoded_value", + "roleName": "role_name" + }, + "vault:transform/getEncode:getEncode": { + "batchInputs": "batch_input", + "batchResults": "batch_results", + "encodedValue": "encoded_value", + "roleName": "role_name" + }, + "vault:transform/template:Template": { + "decodeFormats": "decode_formats", + "encodeFormat": "encode_format" + }, + "vault:transform/transformation:Transformation": { + "allowedRoles": "allowed_roles", + "deletionAllowed": "deletion_allowed", + "maskingCharacter": "masking_character", + "tweakSource": "tweak_source" + }, + "vault:transit/getEncrypt:getEncrypt": { + "keyVersion": "key_version" + }, + "vault:transit/secretBackendKey:SecretBackendKey": { + "allowPlaintextBackup": "allow_plaintext_backup", + "autoRotateInterval": "auto_rotate_interval", + "autoRotatePeriod": "auto_rotate_period", + "convergentEncryption": "convergent_encryption", + "deletionAllowed": "deletion_allowed", + "keySize": "key_size", + "latestVersion": "latest_version", + "minAvailableVersion": "min_available_version", + "minDecryptionVersion": "min_decryption_version", + "minEncryptionVersion": "min_encryption_version", + "supportsDecryption": "supports_decryption", + "supportsDerivation": "supports_derivation", + "supportsEncryption": "supports_encryption", + "supportsSigning": "supports_signing" + } + }, + "renamedConfigProperties": { + "addAddressToEnv": "add_address_to_env", + "authLogin": "auth_login", + "authLoginAws": "auth_login_aws", + "authLoginAzure": "auth_login_azure", + "authLoginCert": "auth_login_cert", + "authLoginGcp": "auth_login_gcp", + "authLoginJwt": "auth_login_jwt", + "authLoginKerberos": "auth_login_kerberos", + "authLoginOci": "auth_login_oci", + "authLoginOidc": "auth_login_oidc", + "authLoginRadius": "auth_login_radius", + "authLoginTokenFile": "auth_login_token_file", + "authLoginUserpass": "auth_login_userpass", + "caCertDir": "ca_cert_dir", + "caCertFile": "ca_cert_file", + "clientAuth": "client_auth", + "maxLeaseTtlSeconds": "max_lease_ttl_seconds", + "maxRetries": "max_retries", + "maxRetriesCcc": "max_retries_ccc", + "setNamespaceFromToken": "set_namespace_from_token", + "skipChildToken": "skip_child_token", + "skipGetVaultVersion": "skip_get_vault_version", + "skipTlsVerify": "skip_tls_verify", + "tlsServerName": "tls_server_name", + "tokenName": "token_name", + "vaultVersionOverride": "vault_version_override" + } + } +} \ No newline at end of file diff --git a/provider/cmd/pulumi-resource-vault/schema.json b/provider/cmd/pulumi-resource-vault/schema.json index 753724274..ca147bf70 100644 --- a/provider/cmd/pulumi-resource-vault/schema.json +++ b/provider/cmd/pulumi-resource-vault/schema.json @@ -15,7 +15,9 @@ }, "language": { "csharp": { - "compatibility": "tfbridge20", + "packageReferences": { + "Pulumi": "3.*" + }, "namespaces": { "ad": "AD", "alicloud": "AliCloud", @@ -39,6 +41,7 @@ "okta": "Okta", "pkiSecret": "PkiSecret", "rabbitMq": "RabbitMQ", + "saml": "Saml", "ssh": "Ssh", "terraformcloud": "TerraformCloud", "tokenauth": "TokenAuth", @@ -46,17 +49,16 @@ "transit": "Transit", "vault": "Vault" }, - "packageReferences": { - "Pulumi": "3.*" - } + "compatibility": "tfbridge20" }, "go": { - "generateExtraInputTypes": true, + "importBasePath": "github.com/pulumi/pulumi-vault/sdk/v5/go/vault", "generateResourceContainerTypes": true, - "importBasePath": "github.com/pulumi/pulumi-vault/sdk/v5/go/vault" + "generateExtraInputTypes": true }, "nodejs": { - "compatibility": "tfbridge20", + "packageDescription": "A Pulumi package for creating and managing HashiCorp Vault cloud resources.", + "readme": "\u003e This provider is a derived work of the [Terraform Provider](https://github.com/hashicorp/terraform-provider-vault)\n\u003e distributed under [MPL 2.0](https://www.mozilla.org/en-US/MPL/2.0/). If you encounter a bug or missing feature,\n\u003e first check the [`pulumi-vault` repo](https://github.com/pulumi/pulumi-vault/issues); however, if that doesn't turn up anything,\n\u003e please consult the source [`terraform-provider-vault` repo](https://github.com/hashicorp/terraform-provider-vault/issues).", "dependencies": { "@pulumi/pulumi": "^3.0.0" }, @@ -64,18 +66,16 @@ "@types/mime": "^2.0.0", "@types/node": "^10.0.0" }, - "disableUnionOutputTypes": true, - "packageDescription": "A Pulumi package for creating and managing HashiCorp Vault cloud resources.", - "packageName": "", - "readme": "\u003e This provider is a derived work of the [Terraform Provider](https://github.com/hashicorp/terraform-provider-vault)\n\u003e distributed under [MPL 2.0](https://www.mozilla.org/en-US/MPL/2.0/). If you encounter a bug or missing feature,\n\u003e first check the [`pulumi-vault` repo](https://github.com/pulumi/pulumi-vault/issues); however, if that doesn't turn up anything,\n\u003e please consult the source [`terraform-provider-vault` repo](https://github.com/hashicorp/terraform-provider-vault/issues).", - "typescriptVersion": "" + "compatibility": "tfbridge20", + "disableUnionOutputTypes": true }, "python": { - "compatibility": "tfbridge20", - "readme": "\u003e This provider is a derived work of the [Terraform Provider](https://github.com/hashicorp/terraform-provider-vault)\n\u003e distributed under [MPL 2.0](https://www.mozilla.org/en-US/MPL/2.0/). If you encounter a bug or missing feature,\n\u003e first check the [`pulumi-vault` repo](https://github.com/pulumi/pulumi-vault/issues); however, if that doesn't turn up anything,\n\u003e please consult the source [`terraform-provider-vault` repo](https://github.com/hashicorp/terraform-provider-vault/issues).", "requires": { "pulumi": "\u003e=3.0.0,\u003c4.0.0" - } + }, + "readme": "\u003e This provider is a derived work of the [Terraform Provider](https://github.com/hashicorp/terraform-provider-vault)\n\u003e distributed under [MPL 2.0](https://www.mozilla.org/en-US/MPL/2.0/). If you encounter a bug or missing feature,\n\u003e first check the [`pulumi-vault` repo](https://github.com/pulumi/pulumi-vault/issues); however, if that doesn't turn up anything,\n\u003e please consult the source [`terraform-provider-vault` repo](https://github.com/hashicorp/terraform-provider-vault/issues).", + "compatibility": "tfbridge20", + "pyproject": {} } }, "config": { @@ -154,7 +154,8 @@ "items": { "$ref": "#/types/vault:config/headers:headers" }, - "description": "The headers to send with each Vault request.\n" + "description": "The headers to send with each Vault request.\n", + "secret": true }, "maxLeaseTtlSeconds": { "type": "integer", @@ -184,6 +185,10 @@ "type": "string", "description": "The namespace to use. Available only for Vault Enterprise.\n" }, + "setNamespaceFromToken": { + "type": "boolean", + "description": "In the case where the Vault token is for a specific namespace and the provider namespace is not configured, use the\ntoken namespace as the root namespace for all resources.\n" + }, "skipChildToken": { "type": "boolean", "description": "Set this to true to prevent the creation of ephemeral child token used by this provider.\n" @@ -227,20 +232,10 @@ "vault:azure/BackendRoleAzureGroup:BackendRoleAzureGroup": { "properties": { "groupName": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "objectId": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" } }, "type": "object", @@ -259,28 +254,13 @@ "vault:azure/BackendRoleAzureRole:BackendRoleAzureRole": { "properties": { "roleId": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "roleName": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "scope": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" } }, "type": "object", @@ -309,10 +289,14 @@ "type": "object", "additionalProperties": { "type": "string" - } + }, + "secret": true }, "path": { "type": "string" + }, + "useRootNamespace": { + "type": "boolean" } }, "type": "object", @@ -371,6 +355,9 @@ }, "role": { "type": "string" + }, + "useRootNamespace": { + "type": "boolean" } }, "type": "object", @@ -412,6 +399,9 @@ "tenantId": { "type": "string" }, + "useRootNamespace": { + "type": "boolean" + }, "vmName": { "type": "string" }, @@ -447,6 +437,9 @@ }, "namespace": { "type": "string" + }, + "useRootNamespace": { + "type": "boolean" } }, "type": "object", @@ -479,6 +472,9 @@ }, "serviceAccount": { "type": "string" + }, + "useRootNamespace": { + "type": "boolean" } }, "type": "object", @@ -504,6 +500,9 @@ }, "role": { "type": "string" + }, + "useRootNamespace": { + "type": "boolean" } }, "type": "object", @@ -546,6 +545,9 @@ "token": { "type": "string" }, + "useRootNamespace": { + "type": "boolean" + }, "username": { "type": "string" } @@ -565,6 +567,9 @@ }, "role": { "type": "string" + }, + "useRootNamespace": { + "type": "boolean" } }, "type": "object", @@ -594,6 +599,9 @@ }, "role": { "type": "string" + }, + "useRootNamespace": { + "type": "boolean" } }, "type": "object", @@ -617,6 +625,9 @@ "password": { "type": "string" }, + "useRootNamespace": { + "type": "boolean" + }, "username": { "type": "string" } @@ -639,6 +650,9 @@ }, "namespace": { "type": "string" + }, + "useRootNamespace": { + "type": "boolean" } }, "type": "object", @@ -665,6 +679,9 @@ "passwordFile": { "type": "string" }, + "useRootNamespace": { + "type": "boolean" + }, "username": { "type": "string" } @@ -723,99 +740,49 @@ "properties": { "connectTimeout": { "type": "integer", - "description": "The number of seconds to use as a connection\ntimeout.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The number of seconds to use as a connection\ntimeout.\n" }, "hosts": { "type": "array", "items": { "type": "string" }, - "description": "A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The hosts to connect to.\n" }, "insecureTls": { "type": "boolean", - "description": "Whether to skip verification of the server\ncertificate when using TLS.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Whether to skip verification of the server\ncertificate when using TLS.\n" }, "password": { "type": "string", - "description": "The root credential password used in the connection URL.\n", - "language": { - "python": { - "mapCase": false - } - }, + "description": "The password to authenticate with.\n", "secret": true }, "pemBundle": { "type": "string", "description": "Concatenated PEM blocks configuring the certificate\nchain.\n", - "language": { - "python": { - "mapCase": false - } - }, "secret": true }, "pemJson": { "type": "string", "description": "A JSON structure configuring the certificate chain.\n", - "language": { - "python": { - "mapCase": false - } - }, "secret": true }, "port": { "type": "integer", - "description": "The default port to connect to if no port is specified as\npart of the host.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The default port to connect to if no port is specified as\npart of the host.\n" }, "protocolVersion": { "type": "integer", - "description": "The CQL protocol version to use.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The CQL protocol version to use.\n" }, "tls": { "type": "boolean", - "description": "Whether to use TLS when connecting to Redis.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Whether to use TLS when connecting to Cassandra.\n" }, "username": { "type": "string", - "description": "The root credential username used in the connection URL.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The username to authenticate with.\n" } }, "type": "object" @@ -825,79 +792,39 @@ "base64Pem": { "type": "string", "description": "Required if `tls` is `true`. Specifies the certificate authority of the Couchbase server, as a PEM certificate that has been base64 encoded.\n", - "language": { - "python": { - "mapCase": false - } - }, "secret": true }, "bucketName": { "type": "string", - "description": "Required for Couchbase versions prior to 6.5.0. This is only used to verify vault's connection to the server.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Required for Couchbase versions prior to 6.5.0. This is only used to verify vault's connection to the server.\n" }, "hosts": { "type": "array", "items": { "type": "string" }, - "description": "A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The hosts to connect to.\n" }, "insecureTls": { "type": "boolean", - "description": "Whether to skip verification of the server\ncertificate when using TLS.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Whether to skip verification of the server\ncertificate when using TLS.\n" }, "password": { "type": "string", - "description": "The root credential password used in the connection URL.\n", - "language": { - "python": { - "mapCase": false - } - }, + "description": "The password to authenticate with.\n", "secret": true }, "tls": { "type": "boolean", - "description": "Whether to use TLS when connecting to Redis.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Whether to use TLS when connecting to Cassandra.\n" }, "username": { "type": "string", - "description": "The root credential username used in the connection URL.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The username to authenticate with.\n" }, "usernameTemplate": { "type": "string", - "description": "- [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Template describing how dynamic usernames are generated.\n" } }, "type": "object", @@ -911,94 +838,44 @@ "properties": { "caCert": { "type": "string", - "description": "The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity.\n" }, "caPath": { "type": "string", - "description": "The path to a directory of PEM-encoded CA cert files to use to verify the Elasticsearch server's identity.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The path to a directory of PEM-encoded CA cert files to use to verify the Elasticsearch server's identity.\n" }, "clientCert": { "type": "string", - "description": "The path to the certificate for the Elasticsearch client to present for communication.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The path to the certificate for the Elasticsearch client to present for communication.\n" }, "clientKey": { "type": "string", - "description": "The path to the key for the Elasticsearch client to use for communication.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The path to the key for the Elasticsearch client to use for communication.\n" }, "insecure": { "type": "boolean", - "description": "Whether to disable certificate verification.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Whether to disable certificate verification.\n" }, "password": { "type": "string", - "description": "The root credential password used in the connection URL.\n", - "language": { - "python": { - "mapCase": false - } - }, + "description": "The password to authenticate with.\n", "secret": true }, "tlsServerName": { "type": "string", - "description": "This, if set, is used to set the SNI host when connecting via TLS.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "This, if set, is used to set the SNI host when connecting via TLS.\n" }, "url": { "type": "string", - "description": "The URL for Elasticsearch's API. https requires certificate\nby trusted CA if used.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The URL for Elasticsearch's API. https requires certificate\nby trusted CA if used.\n" }, "username": { "type": "string", - "description": "The root credential username used in the connection URL.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The username to authenticate with.\n" }, "usernameTemplate": { "type": "string", - "description": "- [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Template describing how dynamic usernames are generated.\n" } }, "type": "object", @@ -1012,67 +889,32 @@ "properties": { "connectionUrl": { "type": "string", - "description": "Specifies the Redshift DSN. See\nthe [Vault\ndocs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)\nfor an example.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A URL containing connection information. See\nthe [Vault\ndocs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload)\nfor an example.\n" }, "disableEscaping": { "type": "boolean", - "description": "Disable special character escaping in username and password.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Disable special character escaping in username and password.\n" }, "maxConnectionLifetime": { "type": "integer", - "description": "The maximum amount of time a connection may be reused.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of seconds to keep\na connection alive for.\n" }, "maxIdleConnections": { "type": "integer", - "description": "The maximum number of idle connections to\nthe database.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of idle connections to\nmaintain.\n" }, "maxOpenConnections": { "type": "integer", - "description": "The maximum number of open connections to\nthe database.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of open connections to\nuse.\n" }, "password": { "type": "string", - "description": "The root credential password used in the connection URL.\n", - "language": { - "python": { - "mapCase": false - } - }, + "description": "The password to authenticate with.\n", "secret": true }, "username": { "type": "string", - "description": "The root credential username used in the connection URL.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The username to authenticate with.\n" } }, "type": "object" @@ -1081,96 +923,46 @@ "properties": { "connectTimeout": { "type": "integer", - "description": "The number of seconds to use as a connection\ntimeout.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The number of seconds to use as a connection\ntimeout.\n" }, "host": { "type": "string", - "description": "The host to connect to.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The host to connect to.\n" }, "insecureTls": { "type": "boolean", - "description": "Whether to skip verification of the server\ncertificate when using TLS.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Whether to skip verification of the server\ncertificate when using TLS.\n" }, "password": { "type": "string", - "description": "The root credential password used in the connection URL.\n", - "language": { - "python": { - "mapCase": false - } - }, + "description": "The password to authenticate with.\n", "secret": true }, "pemBundle": { "type": "string", "description": "Concatenated PEM blocks configuring the certificate\nchain.\n", - "language": { - "python": { - "mapCase": false - } - }, "secret": true }, "pemJson": { "type": "string", "description": "A JSON structure configuring the certificate chain.\n", - "language": { - "python": { - "mapCase": false - } - }, "secret": true }, "port": { "type": "integer", - "description": "The default port to connect to if no port is specified as\npart of the host.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The default port to connect to if no port is specified as\npart of the host.\n" }, "tls": { "type": "boolean", - "description": "Whether to use TLS when connecting to Redis.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Whether to use TLS when connecting to Cassandra.\n" }, "username": { "type": "string", - "description": "The root credential username used in the connection URL.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The username to authenticate with.\n" }, "usernameTemplate": { "type": "string", - "description": "- [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Template describing how dynamic usernames are generated.\n" } }, "type": "object", @@ -1184,67 +976,32 @@ "properties": { "connectionUrl": { "type": "string", - "description": "Specifies the Redshift DSN. See\nthe [Vault\ndocs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)\nfor an example.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A URL containing connection information. See\nthe [Vault\ndocs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload)\nfor an example.\n" }, "maxConnectionLifetime": { "type": "integer", - "description": "The maximum amount of time a connection may be reused.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of seconds to keep\na connection alive for.\n" }, "maxIdleConnections": { "type": "integer", - "description": "The maximum number of idle connections to\nthe database.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of idle connections to\nmaintain.\n" }, "maxOpenConnections": { "type": "integer", - "description": "The maximum number of open connections to\nthe database.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of open connections to\nuse.\n" }, "password": { "type": "string", - "description": "The root credential password used in the connection URL.\n", - "language": { - "python": { - "mapCase": false - } - }, + "description": "The password to authenticate with.\n", "secret": true }, "username": { "type": "string", - "description": "The root credential username used in the connection URL.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The username to authenticate with.\n" }, "usernameTemplate": { "type": "string", - "description": "- [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Template describing how dynamic usernames are generated.\n" } }, "type": "object" @@ -1254,30 +1011,15 @@ "privateKey": { "type": "string", "description": "The Private Programmatic API Key used to connect with MongoDB Atlas API.\n", - "language": { - "python": { - "mapCase": false - } - }, "secret": true }, "projectId": { "type": "string", - "description": "The Project ID the Database User should be created within.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The Project ID the Database User should be created within.\n" }, "publicKey": { "type": "string", - "description": "The Public Programmatic API Key used to authenticate with the MongoDB Atlas API.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The Public Programmatic API Key used to authenticate with the MongoDB Atlas API.\n" } }, "type": "object", @@ -1291,85 +1033,40 @@ "properties": { "connectionUrl": { "type": "string", - "description": "Specifies the Redshift DSN. See\nthe [Vault\ndocs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)\nfor an example.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A URL containing connection information. See\nthe [Vault\ndocs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload)\nfor an example.\n" }, "containedDb": { "type": "boolean", - "description": "For Vault v1.9+. Set to true when the target is a\nContained Database, e.g. AzureSQL.\nSee the [Vault\ndocs](https://www.vaultproject.io/api/secret/databases/mssql#contained_db)\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "For Vault v1.9+. Set to true when the target is a\nContained Database, e.g. AzureSQL.\nSee the [Vault\ndocs](https://www.vaultproject.io/api/secret/databases/mssql#contained_db)\n" }, "disableEscaping": { "type": "boolean", - "description": "Disable special character escaping in username and password.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Disable special character escaping in username and password.\n" }, "maxConnectionLifetime": { "type": "integer", - "description": "The maximum amount of time a connection may be reused.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of seconds to keep\na connection alive for.\n" }, "maxIdleConnections": { "type": "integer", - "description": "The maximum number of idle connections to\nthe database.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of idle connections to\nmaintain.\n" }, "maxOpenConnections": { "type": "integer", - "description": "The maximum number of open connections to\nthe database.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of open connections to\nuse.\n" }, "password": { "type": "string", - "description": "The root credential password used in the connection URL.\n", - "language": { - "python": { - "mapCase": false - } - }, + "description": "The password to authenticate with.\n", "secret": true }, "username": { "type": "string", - "description": "The root credential username used in the connection URL.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The username to authenticate with.\n" }, "usernameTemplate": { "type": "string", - "description": "- [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Template describing how dynamic usernames are generated.\n" } }, "type": "object" @@ -1378,105 +1075,50 @@ "properties": { "authType": { "type": "string", - "description": "Enable IAM authentication to a Google Cloud instance when set to `gcp_iam`\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Enable IAM authentication to a Google Cloud instance when set to `gcp_iam`\n" }, "connectionUrl": { "type": "string", - "description": "Specifies the Redshift DSN. See\nthe [Vault\ndocs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)\nfor an example.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A URL containing connection information. See\nthe [Vault\ndocs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload)\nfor an example.\n" }, "maxConnectionLifetime": { "type": "integer", - "description": "The maximum amount of time a connection may be reused.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of seconds to keep\na connection alive for.\n" }, "maxIdleConnections": { "type": "integer", - "description": "The maximum number of idle connections to\nthe database.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of idle connections to\nmaintain.\n" }, "maxOpenConnections": { "type": "integer", - "description": "The maximum number of open connections to\nthe database.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of open connections to\nuse.\n" }, "password": { "type": "string", - "description": "The root credential password used in the connection URL.\n", - "language": { - "python": { - "mapCase": false - } - }, + "description": "The password to authenticate with.\n", "secret": true }, "serviceAccountJson": { "type": "string", "description": "JSON encoding of an IAM access key. Requires `auth_type` to be `gcp_iam`.\n", - "language": { - "python": { - "mapCase": false - } - }, "secret": true }, "tlsCa": { "type": "string", - "description": "x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.\n" }, "tlsCertificateKey": { "type": "string", "description": "x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.\n", - "language": { - "python": { - "mapCase": false - } - }, "secret": true }, "username": { "type": "string", - "description": "The root credential username used in the connection URL.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The username to authenticate with.\n" }, "usernameTemplate": { "type": "string", - "description": "- [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Template describing how dynamic usernames are generated.\n" } }, "type": "object" @@ -1485,67 +1127,32 @@ "properties": { "connectionUrl": { "type": "string", - "description": "Specifies the Redshift DSN. See\nthe [Vault\ndocs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)\nfor an example.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A URL containing connection information. See\nthe [Vault\ndocs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload)\nfor an example.\n" }, "maxConnectionLifetime": { "type": "integer", - "description": "The maximum amount of time a connection may be reused.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of seconds to keep\na connection alive for.\n" }, "maxIdleConnections": { "type": "integer", - "description": "The maximum number of idle connections to\nthe database.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of idle connections to\nmaintain.\n" }, "maxOpenConnections": { "type": "integer", - "description": "The maximum number of open connections to\nthe database.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of open connections to\nuse.\n" }, "password": { "type": "string", - "description": "The root credential password used in the connection URL.\n", - "language": { - "python": { - "mapCase": false - } - }, + "description": "The password to authenticate with.\n", "secret": true }, "username": { "type": "string", - "description": "The root credential username used in the connection URL.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The username to authenticate with.\n" }, "usernameTemplate": { "type": "string", - "description": "- [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Template describing how dynamic usernames are generated.\n" } }, "type": "object" @@ -1554,67 +1161,32 @@ "properties": { "connectionUrl": { "type": "string", - "description": "Specifies the Redshift DSN. See\nthe [Vault\ndocs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)\nfor an example.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A URL containing connection information. See\nthe [Vault\ndocs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload)\nfor an example.\n" }, "maxConnectionLifetime": { "type": "integer", - "description": "The maximum amount of time a connection may be reused.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of seconds to keep\na connection alive for.\n" }, "maxIdleConnections": { "type": "integer", - "description": "The maximum number of idle connections to\nthe database.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of idle connections to\nmaintain.\n" }, "maxOpenConnections": { "type": "integer", - "description": "The maximum number of open connections to\nthe database.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of open connections to\nuse.\n" }, "password": { "type": "string", - "description": "The root credential password used in the connection URL.\n", - "language": { - "python": { - "mapCase": false - } - }, + "description": "The password to authenticate with.\n", "secret": true }, "username": { "type": "string", - "description": "The root credential username used in the connection URL.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The username to authenticate with.\n" }, "usernameTemplate": { "type": "string", - "description": "- [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Template describing how dynamic usernames are generated.\n" } }, "type": "object" @@ -1623,67 +1195,32 @@ "properties": { "connectionUrl": { "type": "string", - "description": "Specifies the Redshift DSN. See\nthe [Vault\ndocs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)\nfor an example.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A URL containing connection information. See\nthe [Vault\ndocs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload)\nfor an example.\n" }, "maxConnectionLifetime": { "type": "integer", - "description": "The maximum amount of time a connection may be reused.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of seconds to keep\na connection alive for.\n" }, "maxIdleConnections": { "type": "integer", - "description": "The maximum number of idle connections to\nthe database.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of idle connections to\nmaintain.\n" }, "maxOpenConnections": { "type": "integer", - "description": "The maximum number of open connections to\nthe database.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of open connections to\nuse.\n" }, "password": { "type": "string", - "description": "The root credential password used in the connection URL.\n", - "language": { - "python": { - "mapCase": false - } - }, + "description": "The password to authenticate with.\n", "secret": true }, "username": { "type": "string", - "description": "The root credential username used in the connection URL.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The username to authenticate with.\n" }, "usernameTemplate": { "type": "string", - "description": "- [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Template describing how dynamic usernames are generated.\n" } }, "type": "object" @@ -1692,67 +1229,32 @@ "properties": { "connectionUrl": { "type": "string", - "description": "Specifies the Redshift DSN. See\nthe [Vault\ndocs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)\nfor an example.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A URL containing connection information. See\nthe [Vault\ndocs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload)\nfor an example.\n" }, "maxConnectionLifetime": { "type": "integer", - "description": "The maximum amount of time a connection may be reused.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of seconds to keep\na connection alive for.\n" }, "maxIdleConnections": { "type": "integer", - "description": "The maximum number of idle connections to\nthe database.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of idle connections to\nmaintain.\n" }, "maxOpenConnections": { "type": "integer", - "description": "The maximum number of open connections to\nthe database.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of open connections to\nuse.\n" }, "password": { "type": "string", - "description": "The root credential password used in the connection URL.\n", - "language": { - "python": { - "mapCase": false - } - }, + "description": "The password to authenticate with.\n", "secret": true }, "username": { "type": "string", - "description": "The root credential username used in the connection URL.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The username to authenticate with.\n" }, "usernameTemplate": { "type": "string", - "description": "- [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Template describing how dynamic usernames are generated.\n" } }, "type": "object" @@ -1761,95 +1263,45 @@ "properties": { "authType": { "type": "string", - "description": "Enable IAM authentication to a Google Cloud instance when set to `gcp_iam`\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Enable IAM authentication to a Google Cloud instance when set to `gcp_iam`\n" }, "connectionUrl": { "type": "string", - "description": "Specifies the Redshift DSN. See\nthe [Vault\ndocs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)\nfor an example.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A URL containing connection information. See\nthe [Vault\ndocs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload)\nfor an example.\n" }, "disableEscaping": { "type": "boolean", - "description": "Disable special character escaping in username and password.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Disable special character escaping in username and password.\n" }, "maxConnectionLifetime": { "type": "integer", - "description": "The maximum amount of time a connection may be reused.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of seconds to keep\na connection alive for.\n" }, "maxIdleConnections": { "type": "integer", - "description": "The maximum number of idle connections to\nthe database.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of idle connections to\nmaintain.\n" }, "maxOpenConnections": { "type": "integer", - "description": "The maximum number of open connections to\nthe database.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of open connections to\nuse.\n" }, "password": { "type": "string", - "description": "The root credential password used in the connection URL.\n", - "language": { - "python": { - "mapCase": false - } - }, + "description": "The password to authenticate with.\n", "secret": true }, "serviceAccountJson": { "type": "string", "description": "JSON encoding of an IAM access key. Requires `auth_type` to be `gcp_iam`.\n", - "language": { - "python": { - "mapCase": false - } - }, "secret": true }, "username": { "type": "string", - "description": "The root credential username used in the connection URL.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The username to authenticate with.\n" }, "usernameTemplate": { "type": "string", - "description": "- [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Template describing how dynamic usernames are generated.\n" } }, "type": "object" @@ -1858,67 +1310,32 @@ "properties": { "caCert": { "type": "string", - "description": "The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity.\n" }, "host": { "type": "string", - "description": "The host to connect to.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The host to connect to.\n" }, "insecureTls": { "type": "boolean", - "description": "Whether to skip verification of the server\ncertificate when using TLS.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Whether to skip verification of the server\ncertificate when using TLS.\n" }, "password": { "type": "string", - "description": "The root credential password used in the connection URL.\n", - "language": { - "python": { - "mapCase": false - } - }, + "description": "The password to authenticate with.\n", "secret": true }, "port": { "type": "integer", - "description": "The default port to connect to if no port is specified as\npart of the host.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The default port to connect to if no port is specified as\npart of the host.\n" }, "tls": { "type": "boolean", - "description": "Whether to use TLS when connecting to Redis.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Whether to use TLS when connecting to Cassandra.\n" }, "username": { "type": "string", - "description": "The root credential username used in the connection URL.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The username to authenticate with.\n" } }, "type": "object", @@ -1932,40 +1349,20 @@ "properties": { "password": { "type": "string", - "description": "The root credential password used in the connection URL.\n", - "language": { - "python": { - "mapCase": false - } - }, + "description": "The password to authenticate with.\n", "secret": true }, "region": { "type": "string", - "description": "The region where the ElastiCache cluster is hosted. If omitted Vault tries to infer from the environment instead.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The region where the ElastiCache cluster is hosted. If omitted Vault tries to infer from the environment instead.\n" }, "url": { "type": "string", - "description": "The URL for Elasticsearch's API. https requires certificate\nby trusted CA if used.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The URL for Elasticsearch's API. https requires certificate\nby trusted CA if used.\n" }, "username": { "type": "string", - "description": "The root credential username used in the connection URL.\n", - "language": { - "python": { - "mapCase": false - } - }, + "description": "The username to authenticate with.\n", "secret": true } }, @@ -1978,76 +1375,36 @@ "properties": { "connectionUrl": { "type": "string", - "description": "Specifies the Redshift DSN. See\nthe [Vault\ndocs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)\nfor an example.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A URL containing connection information. See\nthe [Vault\ndocs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload)\nfor an example.\n" }, "disableEscaping": { "type": "boolean", - "description": "Disable special character escaping in username and password.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Disable special character escaping in username and password.\n" }, "maxConnectionLifetime": { "type": "integer", - "description": "The maximum amount of time a connection may be reused.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of seconds to keep\na connection alive for.\n" }, "maxIdleConnections": { "type": "integer", - "description": "The maximum number of idle connections to\nthe database.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of idle connections to\nmaintain.\n" }, "maxOpenConnections": { "type": "integer", - "description": "The maximum number of open connections to\nthe database.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of open connections to\nuse.\n" }, "password": { "type": "string", - "description": "The root credential password used in the connection URL.\n", - "language": { - "python": { - "mapCase": false - } - }, + "description": "The password to authenticate with.\n", "secret": true }, "username": { "type": "string", - "description": "The root credential username used in the connection URL.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The username to authenticate with.\n" }, "usernameTemplate": { "type": "string", - "description": "- [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Template describing how dynamic usernames are generated.\n" } }, "type": "object" @@ -2056,67 +1413,32 @@ "properties": { "connectionUrl": { "type": "string", - "description": "Specifies the Redshift DSN. See\nthe [Vault\ndocs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)\nfor an example.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A URL containing connection information. See\nthe [Vault\ndocs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload)\nfor an example.\n" }, "maxConnectionLifetime": { "type": "integer", - "description": "The maximum amount of time a connection may be reused.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of seconds to keep\na connection alive for.\n" }, "maxIdleConnections": { "type": "integer", - "description": "The maximum number of idle connections to\nthe database.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of idle connections to\nmaintain.\n" }, "maxOpenConnections": { "type": "integer", - "description": "The maximum number of open connections to\nthe database.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of open connections to\nuse.\n" }, "password": { "type": "string", - "description": "The root credential password used in the connection URL.\n", - "language": { - "python": { - "mapCase": false - } - }, + "description": "The password to authenticate with.\n", "secret": true }, "username": { "type": "string", - "description": "The root credential username used in the connection URL.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The username to authenticate with.\n" }, "usernameTemplate": { "type": "string", - "description": "- [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Template describing how dynamic usernames are generated.\n" } }, "type": "object" @@ -2128,158 +1450,78 @@ "items": { "type": "string" }, - "description": "A list of roles that are allowed to use this\nconnection.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A list of roles that are allowed to use this\nconnection.\n" }, "connectTimeout": { "type": "integer", - "description": "The number of seconds to use as a connection\ntimeout.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The number of seconds to use as a connection\ntimeout.\n" }, "data": { "type": "object", "additionalProperties": { "$ref": "pulumi.json#/Any" }, - "description": "A map of sensitive data to pass to the endpoint. Useful for templated connection strings.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A map of sensitive data to pass to the endpoint. Useful for templated connection strings.\n\nSupported list of database secrets engines that can be configured:\n" }, "hosts": { "type": "array", "items": { "type": "string" }, - "description": "A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The hosts to connect to.\n" }, "insecureTls": { "type": "boolean", - "description": "Whether to skip verification of the server\ncertificate when using TLS.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Whether to skip verification of the server\ncertificate when using TLS.\n" }, "name": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "password": { "type": "string", - "description": "The password to be used in the connection.\n", - "language": { - "python": { - "mapCase": false - } - }, + "description": "The root credential password used in the connection URL.\n", "secret": true }, "pemBundle": { "type": "string", "description": "Concatenated PEM blocks configuring the certificate\nchain.\n", - "language": { - "python": { - "mapCase": false - } - }, "secret": true }, "pemJson": { "type": "string", "description": "A JSON structure configuring the certificate chain.\n", - "language": { - "python": { - "mapCase": false - } - }, "secret": true }, "pluginName": { "type": "string", - "description": "Specifies the name of the plugin to use.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the name of the plugin to use.\n" }, "port": { "type": "integer", - "description": "The default port to connect to if no port is specified as\npart of the host.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The default port to connect to if no port is specified as\npart of the host.\n" }, "protocolVersion": { "type": "integer", - "description": "The CQL protocol version to use.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The CQL protocol version to use.\n" }, "rootRotationStatements": { "type": "array", "items": { "type": "string" }, - "description": "A list of database statements to be executed to rotate the root user's credentials.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A list of database statements to be executed to rotate the root user's credentials.\n" }, "tls": { "type": "boolean", - "description": "Whether to use TLS when connecting to Redis.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Whether to use TLS when connecting to Cassandra.\n" }, "username": { "type": "string", - "description": "The username to be used in the connection (the account admin level).\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The root credential username used in the connection URL.\n" }, "verifyConnection": { "type": "boolean", - "description": "Whether the connection should be verified on\ninitial configuration or not.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Whether the connection should be verified on\ninitial configuration or not.\n" } }, "type": "object", @@ -2302,139 +1544,69 @@ "items": { "type": "string" }, - "description": "A list of roles that are allowed to use this\nconnection.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A list of roles that are allowed to use this\nconnection.\n" }, "base64Pem": { "type": "string", "description": "Required if `tls` is `true`. Specifies the certificate authority of the Couchbase server, as a PEM certificate that has been base64 encoded.\n", - "language": { - "python": { - "mapCase": false - } - }, "secret": true }, "bucketName": { "type": "string", - "description": "Required for Couchbase versions prior to 6.5.0. This is only used to verify vault's connection to the server.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Required for Couchbase versions prior to 6.5.0. This is only used to verify vault's connection to the server.\n" }, "data": { "type": "object", "additionalProperties": { "$ref": "pulumi.json#/Any" }, - "description": "A map of sensitive data to pass to the endpoint. Useful for templated connection strings.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A map of sensitive data to pass to the endpoint. Useful for templated connection strings.\n\nSupported list of database secrets engines that can be configured:\n" }, "hosts": { "type": "array", "items": { "type": "string" }, - "description": "A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The hosts to connect to.\n" }, "insecureTls": { "type": "boolean", - "description": "Whether to skip verification of the server\ncertificate when using TLS.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Whether to skip verification of the server\ncertificate when using TLS.\n" }, "name": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "password": { "type": "string", - "description": "The password to be used in the connection.\n", - "language": { - "python": { - "mapCase": false - } - }, + "description": "The root credential password used in the connection URL.\n", "secret": true }, "pluginName": { "type": "string", - "description": "Specifies the name of the plugin to use.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the name of the plugin to use.\n" }, "rootRotationStatements": { "type": "array", "items": { "type": "string" }, - "description": "A list of database statements to be executed to rotate the root user's credentials.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A list of database statements to be executed to rotate the root user's credentials.\n" }, "tls": { "type": "boolean", - "description": "Whether to use TLS when connecting to Redis.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Whether to use TLS when connecting to Cassandra.\n" }, "username": { "type": "string", - "description": "The username to be used in the connection (the account admin level).\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The root credential username used in the connection URL.\n" }, "usernameTemplate": { "type": "string", - "description": "- [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "[Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.\n" }, "verifyConnection": { "type": "boolean", - "description": "Whether the connection should be verified on\ninitial configuration or not.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Whether the connection should be verified on\ninitial configuration or not.\n" } }, "type": "object", @@ -2463,153 +1635,73 @@ "items": { "type": "string" }, - "description": "A list of roles that are allowed to use this\nconnection.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A list of roles that are allowed to use this\nconnection.\n" }, "caCert": { "type": "string", - "description": "The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity.\n" }, "caPath": { "type": "string", - "description": "The path to a directory of PEM-encoded CA cert files to use to verify the Elasticsearch server's identity.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The path to a directory of PEM-encoded CA cert files to use to verify the Elasticsearch server's identity.\n" }, "clientCert": { "type": "string", - "description": "The path to the certificate for the Elasticsearch client to present for communication.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The path to the certificate for the Elasticsearch client to present for communication.\n" }, "clientKey": { "type": "string", - "description": "The path to the key for the Elasticsearch client to use for communication.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The path to the key for the Elasticsearch client to use for communication.\n" }, "data": { "type": "object", "additionalProperties": { "$ref": "pulumi.json#/Any" }, - "description": "A map of sensitive data to pass to the endpoint. Useful for templated connection strings.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A map of sensitive data to pass to the endpoint. Useful for templated connection strings.\n\nSupported list of database secrets engines that can be configured:\n" }, "insecure": { "type": "boolean", - "description": "Whether to disable certificate verification.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Whether to disable certificate verification.\n" }, "name": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "password": { "type": "string", - "description": "The password to be used in the connection.\n", - "language": { - "python": { - "mapCase": false - } - }, + "description": "The root credential password used in the connection URL.\n", "secret": true }, "pluginName": { "type": "string", - "description": "Specifies the name of the plugin to use.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the name of the plugin to use.\n" }, "rootRotationStatements": { "type": "array", "items": { "type": "string" }, - "description": "A list of database statements to be executed to rotate the root user's credentials.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A list of database statements to be executed to rotate the root user's credentials.\n" }, "tlsServerName": { "type": "string", - "description": "This, if set, is used to set the SNI host when connecting via TLS.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "This, if set, is used to set the SNI host when connecting via TLS.\n" }, "url": { "type": "string", - "description": "The configuration endpoint for the ElastiCache cluster to connect to.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The URL for Elasticsearch's API. https requires certificate\nby trusted CA if used.\n" }, "username": { "type": "string", - "description": "The username to be used in the connection (the account admin level).\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The root credential username used in the connection URL.\n" }, "usernameTemplate": { "type": "string", - "description": "- [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "[Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.\n" }, "verifyConnection": { "type": "boolean", - "description": "Whether the connection should be verified on\ninitial configuration or not.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Whether the connection should be verified on\ninitial configuration or not.\n" } }, "type": "object", @@ -2638,126 +1730,61 @@ "items": { "type": "string" }, - "description": "A list of roles that are allowed to use this\nconnection.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A list of roles that are allowed to use this\nconnection.\n" }, "connectionUrl": { "type": "string", - "description": "A URL containing connection information. \nSee [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload)\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the Redshift DSN. \nSee [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)\n" }, "data": { "type": "object", "additionalProperties": { "$ref": "pulumi.json#/Any" }, - "description": "A map of sensitive data to pass to the endpoint. Useful for templated connection strings.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A map of sensitive data to pass to the endpoint. Useful for templated connection strings.\n\nSupported list of database secrets engines that can be configured:\n" }, "disableEscaping": { "type": "boolean", - "description": "Disable special character escaping in username and password.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Disable special character escaping in username and password.\n" }, "maxConnectionLifetime": { "type": "integer", - "description": "The maximum number of seconds to keep\na connection alive for.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum amount of time a connection may be reused.\n" }, "maxIdleConnections": { "type": "integer", - "description": "The maximum number of idle connections to\nmaintain.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of idle connections to\nthe database.\n" }, "maxOpenConnections": { "type": "integer", - "description": "The maximum number of open connections to\nuse.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of open connections to\nthe database.\n" }, "name": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "password": { "type": "string", - "description": "The password to be used in the connection.\n", - "language": { - "python": { - "mapCase": false - } - }, + "description": "The root credential password used in the connection URL.\n", "secret": true }, "pluginName": { "type": "string", - "description": "Specifies the name of the plugin to use.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the name of the plugin to use.\n" }, "rootRotationStatements": { "type": "array", "items": { "type": "string" }, - "description": "A list of database statements to be executed to rotate the root user's credentials.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A list of database statements to be executed to rotate the root user's credentials.\n" }, "username": { "type": "string", - "description": "The username to be used in the connection (the account admin level).\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The root credential username used in the connection URL.\n" }, "verifyConnection": { "type": "boolean", - "description": "Whether the connection should be verified on\ninitial configuration or not.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Whether the connection should be verified on\ninitial configuration or not.\n" } }, "type": "object", @@ -2780,155 +1807,75 @@ "items": { "type": "string" }, - "description": "A list of roles that are allowed to use this\nconnection.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A list of roles that are allowed to use this\nconnection.\n" }, "connectTimeout": { "type": "integer", - "description": "The number of seconds to use as a connection\ntimeout.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The number of seconds to use as a connection\ntimeout.\n" }, "data": { "type": "object", "additionalProperties": { "$ref": "pulumi.json#/Any" }, - "description": "A map of sensitive data to pass to the endpoint. Useful for templated connection strings.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A map of sensitive data to pass to the endpoint. Useful for templated connection strings.\n\nSupported list of database secrets engines that can be configured:\n" }, "host": { "type": "string", - "description": "The host to connect to.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The host to connect to.\n" }, "insecureTls": { "type": "boolean", - "description": "Whether to skip verification of the server\ncertificate when using TLS.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Whether to skip verification of the server\ncertificate when using TLS.\n" }, "name": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "password": { "type": "string", - "description": "The password to be used in the connection.\n", - "language": { - "python": { - "mapCase": false - } - }, + "description": "The root credential password used in the connection URL.\n", "secret": true }, "pemBundle": { "type": "string", "description": "Concatenated PEM blocks configuring the certificate\nchain.\n", - "language": { - "python": { - "mapCase": false - } - }, "secret": true }, "pemJson": { "type": "string", "description": "A JSON structure configuring the certificate chain.\n", - "language": { - "python": { - "mapCase": false - } - }, "secret": true }, "pluginName": { "type": "string", - "description": "Specifies the name of the plugin to use.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the name of the plugin to use.\n" }, "port": { "type": "integer", - "description": "The default port to connect to if no port is specified as\npart of the host.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The default port to connect to if no port is specified as\npart of the host.\n" }, "rootRotationStatements": { "type": "array", "items": { "type": "string" }, - "description": "A list of database statements to be executed to rotate the root user's credentials.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A list of database statements to be executed to rotate the root user's credentials.\n" }, "tls": { "type": "boolean", - "description": "Whether to use TLS when connecting to Redis.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Whether to use TLS when connecting to Cassandra.\n" }, "username": { "type": "string", - "description": "The username to be used in the connection (the account admin level).\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The root credential username used in the connection URL.\n" }, "usernameTemplate": { "type": "string", - "description": "- [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "[Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.\n" }, "verifyConnection": { "type": "boolean", - "description": "Whether the connection should be verified on\ninitial configuration or not.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Whether the connection should be verified on\ninitial configuration or not.\n" } }, "type": "object", @@ -2957,126 +1904,61 @@ "items": { "type": "string" }, - "description": "A list of roles that are allowed to use this\nconnection.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A list of roles that are allowed to use this\nconnection.\n" }, "connectionUrl": { "type": "string", - "description": "A URL containing connection information. \nSee [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload)\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the Redshift DSN. \nSee [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)\n" }, "data": { "type": "object", "additionalProperties": { "$ref": "pulumi.json#/Any" }, - "description": "A map of sensitive data to pass to the endpoint. Useful for templated connection strings.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A map of sensitive data to pass to the endpoint. Useful for templated connection strings.\n\nSupported list of database secrets engines that can be configured:\n" }, "maxConnectionLifetime": { "type": "integer", - "description": "The maximum number of seconds to keep\na connection alive for.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum amount of time a connection may be reused.\n" }, "maxIdleConnections": { "type": "integer", - "description": "The maximum number of idle connections to\nmaintain.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of idle connections to\nthe database.\n" }, "maxOpenConnections": { "type": "integer", - "description": "The maximum number of open connections to\nuse.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of open connections to\nthe database.\n" }, "name": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "password": { "type": "string", - "description": "The password to be used in the connection.\n", - "language": { - "python": { - "mapCase": false - } - }, + "description": "The root credential password used in the connection URL.\n", "secret": true }, "pluginName": { "type": "string", - "description": "Specifies the name of the plugin to use.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the name of the plugin to use.\n" }, "rootRotationStatements": { "type": "array", "items": { "type": "string" }, - "description": "A list of database statements to be executed to rotate the root user's credentials.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A list of database statements to be executed to rotate the root user's credentials.\n" }, "username": { "type": "string", - "description": "The username to be used in the connection (the account admin level).\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The root credential username used in the connection URL.\n" }, "usernameTemplate": { "type": "string", - "description": "- [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "[Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.\n" }, "verifyConnection": { "type": "boolean", - "description": "Whether the connection should be verified on\ninitial configuration or not.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Whether the connection should be verified on\ninitial configuration or not.\n" } }, "type": "object", @@ -3099,90 +1981,45 @@ "items": { "type": "string" }, - "description": "A list of roles that are allowed to use this\nconnection.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A list of roles that are allowed to use this\nconnection.\n" }, "data": { "type": "object", "additionalProperties": { "$ref": "pulumi.json#/Any" }, - "description": "A map of sensitive data to pass to the endpoint. Useful for templated connection strings.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A map of sensitive data to pass to the endpoint. Useful for templated connection strings.\n\nSupported list of database secrets engines that can be configured:\n" }, "name": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "pluginName": { "type": "string", - "description": "Specifies the name of the plugin to use.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the name of the plugin to use.\n" }, "privateKey": { "type": "string", "description": "The Private Programmatic API Key used to connect with MongoDB Atlas API.\n", - "language": { - "python": { - "mapCase": false - } - }, "secret": true }, "projectId": { "type": "string", - "description": "The Project ID the Database User should be created within.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The Project ID the Database User should be created within.\n" }, "publicKey": { "type": "string", - "description": "The Public Programmatic API Key used to authenticate with the MongoDB Atlas API.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The Public Programmatic API Key used to authenticate with the MongoDB Atlas API.\n" }, "rootRotationStatements": { "type": "array", "items": { "type": "string" }, - "description": "A list of database statements to be executed to rotate the root user's credentials.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A list of database statements to be executed to rotate the root user's credentials.\n" }, "verifyConnection": { "type": "boolean", - "description": "Whether the connection should be verified on\ninitial configuration or not.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Whether the connection should be verified on\ninitial configuration or not.\n" } }, "type": "object", @@ -3211,144 +2048,69 @@ "items": { "type": "string" }, - "description": "A list of roles that are allowed to use this\nconnection.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A list of roles that are allowed to use this\nconnection.\n" }, "connectionUrl": { "type": "string", - "description": "A URL containing connection information. \nSee [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload)\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the Redshift DSN. \nSee [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)\n" }, "containedDb": { "type": "boolean", - "description": "For Vault v1.9+. Set to true when the target is a\nContained Database, e.g. AzureSQL.\nSee [Vault docs](https://www.vaultproject.io/api/secret/databases/mssql#contained_db)\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "For Vault v1.9+. Set to true when the target is a\nContained Database, e.g. AzureSQL.\nSee [Vault docs](https://www.vaultproject.io/api/secret/databases/mssql#contained_db)\n" }, "data": { "type": "object", "additionalProperties": { "$ref": "pulumi.json#/Any" }, - "description": "A map of sensitive data to pass to the endpoint. Useful for templated connection strings.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A map of sensitive data to pass to the endpoint. Useful for templated connection strings.\n\nSupported list of database secrets engines that can be configured:\n" }, "disableEscaping": { "type": "boolean", - "description": "Disable special character escaping in username and password.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Disable special character escaping in username and password.\n" }, "maxConnectionLifetime": { "type": "integer", - "description": "The maximum number of seconds to keep\na connection alive for.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum amount of time a connection may be reused.\n" }, "maxIdleConnections": { "type": "integer", - "description": "The maximum number of idle connections to\nmaintain.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of idle connections to\nthe database.\n" }, "maxOpenConnections": { "type": "integer", - "description": "The maximum number of open connections to\nuse.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of open connections to\nthe database.\n" }, "name": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "password": { "type": "string", - "description": "The password to be used in the connection.\n", - "language": { - "python": { - "mapCase": false - } - }, + "description": "The root credential password used in the connection URL.\n", "secret": true }, "pluginName": { "type": "string", - "description": "Specifies the name of the plugin to use.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the name of the plugin to use.\n" }, "rootRotationStatements": { "type": "array", "items": { "type": "string" }, - "description": "A list of database statements to be executed to rotate the root user's credentials.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A list of database statements to be executed to rotate the root user's credentials.\n" }, "username": { "type": "string", - "description": "The username to be used in the connection (the account admin level).\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The root credential username used in the connection URL.\n" }, "usernameTemplate": { "type": "string", - "description": "- [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "[Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.\n" }, "verifyConnection": { "type": "boolean", - "description": "Whether the connection should be verified on\ninitial configuration or not.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Whether the connection should be verified on\ninitial configuration or not.\n" } }, "type": "object", @@ -3371,162 +2133,77 @@ "items": { "type": "string" }, - "description": "A list of roles that are allowed to use this\nconnection.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A list of roles that are allowed to use this\nconnection.\n" }, "authType": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "connectionUrl": { "type": "string", - "description": "A URL containing connection information. \nSee [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload)\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the Redshift DSN. \nSee [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)\n" }, "data": { "type": "object", "additionalProperties": { "$ref": "pulumi.json#/Any" }, - "description": "A map of sensitive data to pass to the endpoint. Useful for templated connection strings.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A map of sensitive data to pass to the endpoint. Useful for templated connection strings.\n\nSupported list of database secrets engines that can be configured:\n" }, "maxConnectionLifetime": { "type": "integer", - "description": "The maximum number of seconds to keep\na connection alive for.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum amount of time a connection may be reused.\n" }, "maxIdleConnections": { "type": "integer", - "description": "The maximum number of idle connections to\nmaintain.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of idle connections to\nthe database.\n" }, "maxOpenConnections": { "type": "integer", - "description": "The maximum number of open connections to\nuse.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of open connections to\nthe database.\n" }, "name": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "password": { "type": "string", - "description": "The password to be used in the connection.\n", - "language": { - "python": { - "mapCase": false - } - }, + "description": "The root credential password used in the connection URL.\n", "secret": true }, "pluginName": { "type": "string", - "description": "Specifies the name of the plugin to use.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the name of the plugin to use.\n" }, "rootRotationStatements": { "type": "array", "items": { "type": "string" }, - "description": "A list of database statements to be executed to rotate the root user's credentials.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A list of database statements to be executed to rotate the root user's credentials.\n" }, "serviceAccountJson": { "type": "string", - "language": { - "python": { - "mapCase": false - } - }, "secret": true }, "tlsCa": { "type": "string", - "description": "x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.\n" }, "tlsCertificateKey": { "type": "string", "description": "x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.\n", - "language": { - "python": { - "mapCase": false - } - }, "secret": true }, "username": { "type": "string", - "description": "The username to be used in the connection (the account admin level).\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The root credential username used in the connection URL.\n" }, "usernameTemplate": { "type": "string", - "description": "- [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "[Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.\n" }, "verifyConnection": { "type": "boolean", - "description": "Whether the connection should be verified on\ninitial configuration or not.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Whether the connection should be verified on\ninitial configuration or not.\n" } }, "type": "object", @@ -3549,126 +2226,61 @@ "items": { "type": "string" }, - "description": "A list of roles that are allowed to use this\nconnection.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A list of roles that are allowed to use this\nconnection.\n" }, "connectionUrl": { "type": "string", - "description": "A URL containing connection information. \nSee [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload)\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the Redshift DSN. \nSee [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)\n" }, "data": { "type": "object", "additionalProperties": { "$ref": "pulumi.json#/Any" }, - "description": "A map of sensitive data to pass to the endpoint. Useful for templated connection strings.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A map of sensitive data to pass to the endpoint. Useful for templated connection strings.\n\nSupported list of database secrets engines that can be configured:\n" }, "maxConnectionLifetime": { "type": "integer", - "description": "The maximum number of seconds to keep\na connection alive for.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum amount of time a connection may be reused.\n" }, "maxIdleConnections": { "type": "integer", - "description": "The maximum number of idle connections to\nmaintain.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of idle connections to\nthe database.\n" }, "maxOpenConnections": { "type": "integer", - "description": "The maximum number of open connections to\nuse.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of open connections to\nthe database.\n" }, "name": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "password": { "type": "string", - "description": "The password to be used in the connection.\n", - "language": { - "python": { - "mapCase": false - } - }, + "description": "The root credential password used in the connection URL.\n", "secret": true }, "pluginName": { "type": "string", - "description": "Specifies the name of the plugin to use.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the name of the plugin to use.\n" }, "rootRotationStatements": { "type": "array", "items": { "type": "string" }, - "description": "A list of database statements to be executed to rotate the root user's credentials.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A list of database statements to be executed to rotate the root user's credentials.\n" }, "username": { "type": "string", - "description": "The username to be used in the connection (the account admin level).\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The root credential username used in the connection URL.\n" }, "usernameTemplate": { "type": "string", - "description": "- [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "[Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.\n" }, "verifyConnection": { "type": "boolean", - "description": "Whether the connection should be verified on\ninitial configuration or not.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Whether the connection should be verified on\ninitial configuration or not.\n" } }, "type": "object", @@ -3691,126 +2303,61 @@ "items": { "type": "string" }, - "description": "A list of roles that are allowed to use this\nconnection.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A list of roles that are allowed to use this\nconnection.\n" }, "connectionUrl": { "type": "string", - "description": "A URL containing connection information. \nSee [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload)\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the Redshift DSN. \nSee [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)\n" }, "data": { "type": "object", "additionalProperties": { "$ref": "pulumi.json#/Any" }, - "description": "A map of sensitive data to pass to the endpoint. Useful for templated connection strings.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A map of sensitive data to pass to the endpoint. Useful for templated connection strings.\n\nSupported list of database secrets engines that can be configured:\n" }, "maxConnectionLifetime": { "type": "integer", - "description": "The maximum number of seconds to keep\na connection alive for.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum amount of time a connection may be reused.\n" }, "maxIdleConnections": { "type": "integer", - "description": "The maximum number of idle connections to\nmaintain.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of idle connections to\nthe database.\n" }, "maxOpenConnections": { "type": "integer", - "description": "The maximum number of open connections to\nuse.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of open connections to\nthe database.\n" }, "name": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "password": { "type": "string", - "description": "The password to be used in the connection.\n", - "language": { - "python": { - "mapCase": false - } - }, + "description": "The root credential password used in the connection URL.\n", "secret": true }, "pluginName": { "type": "string", - "description": "Specifies the name of the plugin to use.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the name of the plugin to use.\n" }, "rootRotationStatements": { "type": "array", "items": { "type": "string" }, - "description": "A list of database statements to be executed to rotate the root user's credentials.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A list of database statements to be executed to rotate the root user's credentials.\n" }, "username": { "type": "string", - "description": "The username to be used in the connection (the account admin level).\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The root credential username used in the connection URL.\n" }, "usernameTemplate": { "type": "string", - "description": "- [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "[Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.\n" }, "verifyConnection": { "type": "boolean", - "description": "Whether the connection should be verified on\ninitial configuration or not.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Whether the connection should be verified on\ninitial configuration or not.\n" } }, "type": "object", @@ -3833,126 +2380,61 @@ "items": { "type": "string" }, - "description": "A list of roles that are allowed to use this\nconnection.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A list of roles that are allowed to use this\nconnection.\n" }, "connectionUrl": { "type": "string", - "description": "A URL containing connection information. \nSee [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload)\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the Redshift DSN. \nSee [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)\n" }, "data": { "type": "object", "additionalProperties": { "$ref": "pulumi.json#/Any" }, - "description": "A map of sensitive data to pass to the endpoint. Useful for templated connection strings.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A map of sensitive data to pass to the endpoint. Useful for templated connection strings.\n\nSupported list of database secrets engines that can be configured:\n" }, "maxConnectionLifetime": { "type": "integer", - "description": "The maximum number of seconds to keep\na connection alive for.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum amount of time a connection may be reused.\n" }, "maxIdleConnections": { "type": "integer", - "description": "The maximum number of idle connections to\nmaintain.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of idle connections to\nthe database.\n" }, "maxOpenConnections": { "type": "integer", - "description": "The maximum number of open connections to\nuse.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of open connections to\nthe database.\n" }, "name": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "password": { "type": "string", - "description": "The password to be used in the connection.\n", - "language": { - "python": { - "mapCase": false - } - }, + "description": "The root credential password used in the connection URL.\n", "secret": true }, "pluginName": { "type": "string", - "description": "Specifies the name of the plugin to use.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the name of the plugin to use.\n" }, "rootRotationStatements": { "type": "array", "items": { "type": "string" }, - "description": "A list of database statements to be executed to rotate the root user's credentials.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A list of database statements to be executed to rotate the root user's credentials.\n" }, "username": { "type": "string", - "description": "The username to be used in the connection (the account admin level).\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The root credential username used in the connection URL.\n" }, "usernameTemplate": { "type": "string", - "description": "- [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "[Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.\n" }, "verifyConnection": { "type": "boolean", - "description": "Whether the connection should be verified on\ninitial configuration or not.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Whether the connection should be verified on\ninitial configuration or not.\n" } }, "type": "object", @@ -3975,126 +2457,61 @@ "items": { "type": "string" }, - "description": "A list of roles that are allowed to use this\nconnection.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A list of roles that are allowed to use this\nconnection.\n" }, "connectionUrl": { "type": "string", - "description": "A URL containing connection information. \nSee [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload)\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the Redshift DSN. \nSee [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)\n" }, "data": { "type": "object", "additionalProperties": { "$ref": "pulumi.json#/Any" }, - "description": "A map of sensitive data to pass to the endpoint. Useful for templated connection strings.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A map of sensitive data to pass to the endpoint. Useful for templated connection strings.\n\nSupported list of database secrets engines that can be configured:\n" }, "maxConnectionLifetime": { "type": "integer", - "description": "The maximum number of seconds to keep\na connection alive for.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum amount of time a connection may be reused.\n" }, "maxIdleConnections": { "type": "integer", - "description": "The maximum number of idle connections to\nmaintain.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of idle connections to\nthe database.\n" }, "maxOpenConnections": { "type": "integer", - "description": "The maximum number of open connections to\nuse.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of open connections to\nthe database.\n" }, "name": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "password": { "type": "string", - "description": "The password to be used in the connection.\n", - "language": { - "python": { - "mapCase": false - } - }, + "description": "The root credential password used in the connection URL.\n", "secret": true }, "pluginName": { "type": "string", - "description": "Specifies the name of the plugin to use.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the name of the plugin to use.\n" }, "rootRotationStatements": { "type": "array", "items": { "type": "string" }, - "description": "A list of database statements to be executed to rotate the root user's credentials.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A list of database statements to be executed to rotate the root user's credentials.\n" }, "username": { "type": "string", - "description": "The username to be used in the connection (the account admin level).\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The root credential username used in the connection URL.\n" }, "usernameTemplate": { "type": "string", - "description": "- [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "[Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.\n" }, "verifyConnection": { "type": "boolean", - "description": "Whether the connection should be verified on\ninitial configuration or not.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Whether the connection should be verified on\ninitial configuration or not.\n" } }, "type": "object", @@ -4117,152 +2534,72 @@ "items": { "type": "string" }, - "description": "A list of roles that are allowed to use this\nconnection.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A list of roles that are allowed to use this\nconnection.\n" }, "authType": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "connectionUrl": { "type": "string", - "description": "A URL containing connection information. \nSee [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload)\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the Redshift DSN. \nSee [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)\n" }, "data": { "type": "object", "additionalProperties": { "$ref": "pulumi.json#/Any" }, - "description": "A map of sensitive data to pass to the endpoint. Useful for templated connection strings.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A map of sensitive data to pass to the endpoint. Useful for templated connection strings.\n\nSupported list of database secrets engines that can be configured:\n" }, "disableEscaping": { "type": "boolean", - "description": "Disable special character escaping in username and password.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Disable special character escaping in username and password.\n" }, "maxConnectionLifetime": { "type": "integer", - "description": "The maximum number of seconds to keep\na connection alive for.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum amount of time a connection may be reused.\n" }, "maxIdleConnections": { "type": "integer", - "description": "The maximum number of idle connections to\nmaintain.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of idle connections to\nthe database.\n" }, "maxOpenConnections": { "type": "integer", - "description": "The maximum number of open connections to\nuse.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of open connections to\nthe database.\n" }, "name": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "password": { "type": "string", - "description": "The password to be used in the connection.\n", - "language": { - "python": { - "mapCase": false - } - }, + "description": "The root credential password used in the connection URL.\n", "secret": true }, "pluginName": { "type": "string", - "description": "Specifies the name of the plugin to use.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the name of the plugin to use.\n" }, "rootRotationStatements": { "type": "array", "items": { "type": "string" }, - "description": "A list of database statements to be executed to rotate the root user's credentials.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A list of database statements to be executed to rotate the root user's credentials.\n" }, "serviceAccountJson": { "type": "string", - "language": { - "python": { - "mapCase": false - } - }, "secret": true }, "username": { "type": "string", - "description": "The username to be used in the connection (the account admin level).\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The root credential username used in the connection URL.\n" }, "usernameTemplate": { "type": "string", - "description": "- [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "[Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.\n" }, "verifyConnection": { "type": "boolean", - "description": "Whether the connection should be verified on\ninitial configuration or not.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Whether the connection should be verified on\ninitial configuration or not.\n" } }, "type": "object", @@ -4285,126 +2622,61 @@ "items": { "type": "string" }, - "description": "A list of roles that are allowed to use this\nconnection.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A list of roles that are allowed to use this\nconnection.\n" }, "caCert": { "type": "string", - "description": "The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity.\n" }, "data": { "type": "object", "additionalProperties": { "$ref": "pulumi.json#/Any" }, - "description": "A map of sensitive data to pass to the endpoint. Useful for templated connection strings.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A map of sensitive data to pass to the endpoint. Useful for templated connection strings.\n\nSupported list of database secrets engines that can be configured:\n" }, "host": { "type": "string", - "description": "The host to connect to.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The host to connect to.\n" }, "insecureTls": { "type": "boolean", - "description": "Whether to skip verification of the server\ncertificate when using TLS.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Whether to skip verification of the server\ncertificate when using TLS.\n" }, "name": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "password": { "type": "string", - "description": "The password to be used in the connection.\n", - "language": { - "python": { - "mapCase": false - } - }, + "description": "The root credential password used in the connection URL.\n", "secret": true }, "pluginName": { "type": "string", - "description": "Specifies the name of the plugin to use.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the name of the plugin to use.\n" }, "port": { "type": "integer", - "description": "The default port to connect to if no port is specified as\npart of the host.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The default port to connect to if no port is specified as\npart of the host.\n" }, "rootRotationStatements": { "type": "array", "items": { "type": "string" }, - "description": "A list of database statements to be executed to rotate the root user's credentials.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A list of database statements to be executed to rotate the root user's credentials.\n" }, "tls": { "type": "boolean", - "description": "Whether to use TLS when connecting to Redis.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Whether to use TLS when connecting to Cassandra.\n" }, "username": { "type": "string", - "description": "The username to be used in the connection (the account admin level).\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The root credential username used in the connection URL.\n" }, "verifyConnection": { "type": "boolean", - "description": "Whether the connection should be verified on\ninitial configuration or not.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Whether the connection should be verified on\ninitial configuration or not.\n" } }, "type": "object", @@ -4433,100 +2705,50 @@ "items": { "type": "string" }, - "description": "A list of roles that are allowed to use this\nconnection.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A list of roles that are allowed to use this\nconnection.\n" }, "data": { "type": "object", "additionalProperties": { "$ref": "pulumi.json#/Any" }, - "description": "A map of sensitive data to pass to the endpoint. Useful for templated connection strings.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A map of sensitive data to pass to the endpoint. Useful for templated connection strings.\n\nSupported list of database secrets engines that can be configured:\n" }, "name": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "password": { "type": "string", - "description": "The password to be used in the connection.\n", - "language": { - "python": { - "mapCase": false - } - }, + "description": "The root credential password used in the connection URL.\n", "secret": true }, "pluginName": { "type": "string", - "description": "Specifies the name of the plugin to use.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the name of the plugin to use.\n" }, "region": { "type": "string", - "description": "The AWS region where the ElastiCache cluster is hosted.\nIf omitted the plugin tries to infer the region from the environment.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The AWS region where the ElastiCache cluster is hosted.\nIf omitted the plugin tries to infer the region from the environment.\n" }, "rootRotationStatements": { "type": "array", "items": { "type": "string" }, - "description": "A list of database statements to be executed to rotate the root user's credentials.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A list of database statements to be executed to rotate the root user's credentials.\n" }, "url": { "type": "string", - "description": "The configuration endpoint for the ElastiCache cluster to connect to.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The URL for Elasticsearch's API. https requires certificate\nby trusted CA if used.\n" }, "username": { "type": "string", - "description": "The username to be used in the connection (the account admin level).\n", - "language": { - "python": { - "mapCase": false - } - }, + "description": "The root credential username used in the connection URL.\n", "secret": true }, "verifyConnection": { "type": "boolean", - "description": "Whether the connection should be verified on\ninitial configuration or not.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Whether the connection should be verified on\ninitial configuration or not.\n" } }, "type": "object", @@ -4551,135 +2773,65 @@ "items": { "type": "string" }, - "description": "A list of roles that are allowed to use this\nconnection.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A list of roles that are allowed to use this\nconnection.\n" }, "connectionUrl": { "type": "string", - "description": "A URL containing connection information. \nSee [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload)\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the Redshift DSN. \nSee [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)\n" }, "data": { "type": "object", "additionalProperties": { "$ref": "pulumi.json#/Any" }, - "description": "A map of sensitive data to pass to the endpoint. Useful for templated connection strings.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A map of sensitive data to pass to the endpoint. Useful for templated connection strings.\n\nSupported list of database secrets engines that can be configured:\n" }, "disableEscaping": { "type": "boolean", - "description": "Disable special character escaping in username and password.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Disable special character escaping in username and password.\n" }, "maxConnectionLifetime": { "type": "integer", - "description": "The maximum number of seconds to keep\na connection alive for.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum amount of time a connection may be reused.\n" }, "maxIdleConnections": { "type": "integer", - "description": "The maximum number of idle connections to\nmaintain.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of idle connections to\nthe database.\n" }, "maxOpenConnections": { "type": "integer", - "description": "The maximum number of open connections to\nuse.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of open connections to\nthe database.\n" }, "name": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "password": { "type": "string", - "description": "The password to be used in the connection.\n", - "language": { - "python": { - "mapCase": false - } - }, + "description": "The root credential password used in the connection URL.\n", "secret": true }, "pluginName": { "type": "string", - "description": "Specifies the name of the plugin to use.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the name of the plugin to use.\n" }, "rootRotationStatements": { "type": "array", "items": { "type": "string" }, - "description": "A list of database statements to be executed to rotate the root user's credentials.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A list of database statements to be executed to rotate the root user's credentials.\n" }, "username": { "type": "string", - "description": "The username to be used in the connection (the account admin level).\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The root credential username used in the connection URL.\n" }, "usernameTemplate": { "type": "string", - "description": "- [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "[Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.\n" }, "verifyConnection": { "type": "boolean", - "description": "Whether the connection should be verified on\ninitial configuration or not.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Whether the connection should be verified on\ninitial configuration or not.\n" } }, "type": "object", @@ -4702,126 +2854,61 @@ "items": { "type": "string" }, - "description": "A list of roles that are allowed to use this\nconnection.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A list of roles that are allowed to use this\nconnection.\n" }, "connectionUrl": { "type": "string", - "description": "A URL containing connection information. \nSee [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload)\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the Redshift DSN. \nSee [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)\n" }, "data": { "type": "object", "additionalProperties": { "$ref": "pulumi.json#/Any" }, - "description": "A map of sensitive data to pass to the endpoint. Useful for templated connection strings.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A map of sensitive data to pass to the endpoint. Useful for templated connection strings.\n\nSupported list of database secrets engines that can be configured:\n" }, "maxConnectionLifetime": { "type": "integer", - "description": "The maximum number of seconds to keep\na connection alive for.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum amount of time a connection may be reused.\n" }, "maxIdleConnections": { "type": "integer", - "description": "The maximum number of idle connections to\nmaintain.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of idle connections to\nthe database.\n" }, "maxOpenConnections": { "type": "integer", - "description": "The maximum number of open connections to\nuse.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum number of open connections to\nthe database.\n" }, "name": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "password": { "type": "string", - "description": "The password to be used in the connection.\n", - "language": { - "python": { - "mapCase": false - } - }, + "description": "The root credential password used in the connection URL.\n", "secret": true }, "pluginName": { "type": "string", - "description": "Specifies the name of the plugin to use.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the name of the plugin to use.\n" }, "rootRotationStatements": { "type": "array", "items": { "type": "string" }, - "description": "A list of database statements to be executed to rotate the root user's credentials.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A list of database statements to be executed to rotate the root user's credentials.\n" }, "username": { "type": "string", - "description": "The username to be used in the connection (the account admin level).\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The root credential username used in the connection URL.\n" }, "usernameTemplate": { "type": "string", - "description": "- [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "[Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.\n" }, "verifyConnection": { "type": "boolean", - "description": "Whether the connection should be verified on\ninitial configuration or not.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Whether the connection should be verified on\ninitial configuration or not.\n" } }, "type": "object", @@ -4841,39 +2928,19 @@ "properties": { "api": { "type": "string", - "description": "Replaces the service endpoint used in API requests to `https://www.googleapis.com`.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Replaces the service endpoint used in API requests to `https://www.googleapis.com`.\n" }, "compute": { "type": "string", - "description": "Replaces the service endpoint used in API requests to `https://compute.googleapis.com`.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Replaces the service endpoint used in API requests to `https://compute.googleapis.com`.\n\nThe endpoint value provided for a given key has the form of `scheme://host:port`.\nThe `scheme://` and `:port` portions of the endpoint value are optional.\n\nFor more details on the usage of each argument consult the [Vault GCP API documentation](https://www.vaultproject.io/api-docs/auth/gcp#configure).\n" }, "crm": { "type": "string", - "description": "Replaces the service endpoint used in API requests to `https://cloudresourcemanager.googleapis.com`.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Replaces the service endpoint used in API requests to `https://cloudresourcemanager.googleapis.com`.\n" }, "iam": { "type": "string", - "description": "Replaces the service endpoint used in API requests to `https://iam.googleapis.com`.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Replaces the service endpoint used in API requests to `https://iam.googleapis.com`.\n" } }, "type": "object" @@ -4882,24 +2949,14 @@ "properties": { "resource": { "type": "string", - "description": "Resource or resource path for which IAM policy information will be bound. The resource path may be specified in a few different [formats](https://www.vaultproject.io/docs/secrets/gcp/index.html#roleset-bindings).\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Resource or resource path for which IAM policy information will be bound. The resource path may be specified in a few different [formats](https://www.vaultproject.io/docs/secrets/gcp/index.html#roleset-bindings).\n" }, "roles": { "type": "array", "items": { "type": "string" }, - "description": "List of [GCP IAM roles](https://cloud.google.com/iam/docs/understanding-roles) for the resource.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "List of [GCP IAM roles](https://cloud.google.com/iam/docs/understanding-roles) for the resource.\n" } }, "type": "object", @@ -4912,24 +2969,14 @@ "properties": { "resource": { "type": "string", - "description": "Resource or resource path for which IAM policy information will be bound. The resource path may be specified in a few different [formats](https://www.vaultproject.io/docs/secrets/gcp/index.html#bindings).\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Resource or resource path for which IAM policy information will be bound. The resource path may be specified in a few different [formats](https://www.vaultproject.io/docs/secrets/gcp/index.html#bindings).\n" }, "roles": { "type": "array", "items": { "type": "string" }, - "description": "List of [GCP IAM roles](https://cloud.google.com/iam/docs/understanding-roles) for the resource.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "List of [GCP IAM roles](https://cloud.google.com/iam/docs/understanding-roles) for the resource.\n" } }, "type": "object", @@ -4945,84 +2992,44 @@ "items": { "type": "string" }, - "description": "List of headers to whitelist and allowing\na plugin to include them in the response.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "List of headers to whitelist and allowing\na plugin to include them in the response.\n" }, "auditNonHmacRequestKeys": { "type": "array", "items": { "type": "string" }, - "description": "Specifies the list of keys that will\nnot be HMAC'd by audit devices in the request data object.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the list of keys that will\nnot be HMAC'd by audit devices in the request data object.\n" }, "auditNonHmacResponseKeys": { "type": "array", "items": { "type": "string" }, - "description": "Specifies the list of keys that will\nnot be HMAC'd by audit devices in the response data object.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the list of keys that will\nnot be HMAC'd by audit devices in the response data object.\n" }, "defaultLeaseTtl": { "type": "string", - "description": "Specifies the default time-to-live.\nIf set, this overrides the global default.\nMust be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the default time-to-live.\nIf set, this overrides the global default.\nMust be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)\n" }, "listingVisibility": { "type": "string", - "description": "Specifies whether to show this mount in\nthe UI-specific listing endpoint. Valid values are \"unauth\" or \"hidden\".\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies whether to show this mount in\nthe UI-specific listing endpoint. Valid values are \"unauth\" or \"hidden\".\n" }, "maxLeaseTtl": { "type": "string", - "description": "Specifies the maximum time-to-live.\nIf set, this overrides the global default.\nMust be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the maximum time-to-live.\nIf set, this overrides the global default.\nMust be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)\n" }, "passthroughRequestHeaders": { "type": "array", "items": { "type": "string" }, - "description": "List of headers to whitelist and\npass from the request to the backend.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "List of headers to whitelist and\npass from the request to the backend.\n" }, "tokenType": { "type": "string", - "description": "Specifies the type of tokens that should be returned by\nthe mount. Valid values are \"default-service\", \"default-batch\", \"service\", \"batch\".\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the type of tokens that should be returned by\nthe mount. Valid values are \"default-service\", \"default-batch\", \"service\", \"batch\".\n" } }, "type": "object" @@ -5031,99 +3038,49 @@ "properties": { "canonicalId": { "type": "string", - "description": "Canonical ID of the Alias\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Canonical ID of the Alias\n" }, "creationTime": { "type": "string", - "description": "Creation time of the Alias\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Creation time of the Alias\n" }, "id": { "type": "string", - "description": "ID of the alias\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "ID of the alias\n" }, "lastUpdateTime": { "type": "string", - "description": "Last update time of the alias\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Last update time of the alias\n" }, "mergedFromCanonicalIds": { "type": "array", "items": { "type": "string" }, - "description": "List of canonical IDs merged with this alias\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "List of canonical IDs merged with this alias\n" }, "metadata": { "type": "object", "additionalProperties": { "$ref": "pulumi.json#/Any" }, - "description": "Arbitrary metadata\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Arbitrary metadata\n" }, "mountAccessor": { "type": "string", - "description": "Authentication mount acccessor which this alias belongs to\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Authentication mount acccessor which this alias belongs to\n" }, "mountPath": { "type": "string", - "description": "Authentication mount path which this alias belongs to\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Authentication mount path which this alias belongs to\n" }, "mountType": { "type": "string", - "description": "Authentication mount type which this alias belongs to\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Authentication mount type which this alias belongs to\n" }, "name": { "type": "string", - "description": "Name of the alias\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Name of the alias\n" } }, "type": "object", @@ -5152,84 +3109,44 @@ "items": { "type": "string" }, - "description": "List of headers to whitelist and allowing\na plugin to include them in the response.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "List of headers to whitelist and allowing\na plugin to include them in the response.\n" }, "auditNonHmacRequestKeys": { "type": "array", "items": { "type": "string" }, - "description": "Specifies the list of keys that will\nnot be HMAC'd by audit devices in the request data object.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the list of keys that will\nnot be HMAC'd by audit devices in the request data object.\n" }, "auditNonHmacResponseKeys": { "type": "array", "items": { "type": "string" }, - "description": "Specifies the list of keys that will\nnot be HMAC'd by audit devices in the response data object.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the list of keys that will\nnot be HMAC'd by audit devices in the response data object.\n" }, "defaultLeaseTtl": { "type": "string", - "description": "Specifies the default time-to-live.\nIf set, this overrides the global default.\nMust be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the default time-to-live.\nIf set, this overrides the global default.\nMust be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)\n" }, "listingVisibility": { "type": "string", - "description": "Specifies whether to show this mount in\nthe UI-specific listing endpoint. Valid values are \"unauth\" or \"hidden\".\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies whether to show this mount in\nthe UI-specific listing endpoint. Valid values are \"unauth\" or \"hidden\".\n" }, "maxLeaseTtl": { "type": "string", - "description": "Specifies the maximum time-to-live.\nIf set, this overrides the global default.\nMust be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the maximum time-to-live.\nIf set, this overrides the global default.\nMust be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)\n" }, "passthroughRequestHeaders": { "type": "array", "items": { "type": "string" }, - "description": "List of headers to whitelist and\npass from the request to the backend.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "List of headers to whitelist and\npass from the request to the backend.\n" }, "tokenType": { "type": "string", - "description": "Specifies the type of tokens that should be returned by\nthe mount. Valid values are \"default-service\", \"default-batch\", \"service\", \"batch\".\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the type of tokens that should be returned by\nthe mount. Valid values are \"default-service\", \"default-batch\", \"service\", \"batch\".\n" } }, "type": "object" @@ -5237,39 +3154,23 @@ "vault:index/ProviderAuthLogin:ProviderAuthLogin": { "properties": { "method": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "namespace": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, - "language": { - "python": { - "mapCase": false - } - } + "secret": true }, "path": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" + }, + "useRootNamespace": { + "type": "boolean" } }, "type": "object", @@ -5285,124 +3186,52 @@ "vault:index/ProviderAuthLoginAws:ProviderAuthLoginAws": { "properties": { "awsAccessKeyId": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "awsIamEndpoint": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "awsProfile": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "awsRegion": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "awsRoleArn": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "awsRoleSessionName": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "awsSecretAccessKey": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "awsSessionToken": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "awsSharedCredentialsFile": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "awsStsEndpoint": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "awsWebIdentityTokenFile": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "headerValue": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "mount": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "namespace": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "role": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" + }, + "useRootNamespace": { + "type": "boolean" } }, "type": "object", @@ -5418,92 +3247,40 @@ "vault:index/ProviderAuthLoginAzure:ProviderAuthLoginAzure": { "properties": { "clientId": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "jwt": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "mount": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "namespace": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "resourceGroupName": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "role": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "scope": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "subscriptionId": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "tenantId": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" + }, + "useRootNamespace": { + "type": "boolean" }, "vmName": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "vmssName": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" } }, "type": "object", @@ -5521,44 +3298,22 @@ "vault:index/ProviderAuthLoginCert:ProviderAuthLoginCert": { "properties": { "certFile": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "keyFile": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "mount": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "name": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "namespace": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" + }, + "useRootNamespace": { + "type": "boolean" } }, "type": "object", @@ -5575,52 +3330,25 @@ "vault:index/ProviderAuthLoginGcp:ProviderAuthLoginGcp": { "properties": { "credentials": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "jwt": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "mount": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "namespace": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "role": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "serviceAccount": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" + }, + "useRootNamespace": { + "type": "boolean" } }, "type": "object", @@ -5636,36 +3364,19 @@ "vault:index/ProviderAuthLoginJwt:ProviderAuthLoginJwt": { "properties": { "jwt": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "mount": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "namespace": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "role": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" + }, + "useRootNamespace": { + "type": "boolean" } }, "type": "object", @@ -5682,84 +3393,37 @@ "vault:index/ProviderAuthLoginKerberos:ProviderAuthLoginKerberos": { "properties": { "disableFastNegotiation": { - "type": "boolean", - "language": { - "python": { - "mapCase": false - } - } + "type": "boolean" }, "keytabPath": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "krb5confPath": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "mount": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "namespace": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "realm": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "removeInstanceName": { - "type": "boolean", - "language": { - "python": { - "mapCase": false - } - } + "type": "boolean" }, "service": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "token": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" + }, + "useRootNamespace": { + "type": "boolean" }, "username": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" } }, "type": "object" @@ -5767,36 +3431,19 @@ "vault:index/ProviderAuthLoginOci:ProviderAuthLoginOci": { "properties": { "authType": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "mount": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "namespace": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "role": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" + }, + "useRootNamespace": { + "type": "boolean" } }, "type": "object", @@ -5813,44 +3460,22 @@ "vault:index/ProviderAuthLoginOidc:ProviderAuthLoginOidc": { "properties": { "callbackAddress": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "callbackListenerAddress": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "mount": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "namespace": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "role": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" + }, + "useRootNamespace": { + "type": "boolean" } }, "type": "object", @@ -5866,36 +3491,19 @@ "vault:index/ProviderAuthLoginRadius:ProviderAuthLoginRadius": { "properties": { "mount": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "namespace": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "password": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" + }, + "useRootNamespace": { + "type": "boolean" }, "username": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" } }, "type": "object", @@ -5912,20 +3520,13 @@ "vault:index/ProviderAuthLoginTokenFile:ProviderAuthLoginTokenFile": { "properties": { "filename": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "namespace": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" + }, + "useRootNamespace": { + "type": "boolean" } }, "type": "object", @@ -5941,44 +3542,22 @@ "vault:index/ProviderAuthLoginUserpass:ProviderAuthLoginUserpass": { "properties": { "mount": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "namespace": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "password": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "passwordFile": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" + }, + "useRootNamespace": { + "type": "boolean" }, "username": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" } }, "type": "object", @@ -5994,20 +3573,10 @@ "vault:index/ProviderClientAuth:ProviderClientAuth": { "properties": { "certFile": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "keyFile": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" } }, "type": "object", @@ -6024,20 +3593,10 @@ "vault:index/ProviderHeader:ProviderHeader": { "properties": { "name": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "value": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" } }, "type": "object", @@ -6058,84 +3617,44 @@ "items": { "$ref": "#/types/vault:index/getPolicyDocumentRuleAllowedParameter:getPolicyDocumentRuleAllowedParameter" }, - "description": "Whitelists a list of keys and values that are permitted on the given path. See Parameters below.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Whitelists a list of keys and values that are permitted on the given path. See Parameters below.\n" }, "capabilities": { "type": "array", "items": { "type": "string" }, - "description": "A list of capabilities that this rule apply to `path`. For example, [\"read\", \"write\"].\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A list of capabilities that this rule apply to `path`. For example, [\"read\", \"write\"].\n" }, "deniedParameters": { "type": "array", "items": { "$ref": "#/types/vault:index/getPolicyDocumentRuleDeniedParameter:getPolicyDocumentRuleDeniedParameter" }, - "description": "Blacklists a list of parameter and values. Any values specified here take precedence over `allowed_parameter`. See Parameters below.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Blacklists a list of parameter and values. Any values specified here take precedence over `allowed_parameter`. See Parameters below.\n" }, "description": { "type": "string", - "description": "Description of the rule. Will be added as a comment to rendered rule.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Description of the rule. Will be added as a comment to rendered rule.\n" }, "maxWrappingTtl": { "type": "string", - "description": "The maximum allowed TTL that clients can specify for a wrapped response.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The maximum allowed TTL that clients can specify for a wrapped response.\n" }, "minWrappingTtl": { "type": "string", - "description": "The minimum allowed TTL that clients can specify for a wrapped response.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The minimum allowed TTL that clients can specify for a wrapped response.\n" }, "path": { "type": "string", - "description": "A path in Vault that this rule applies to.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A path in Vault that this rule applies to.\n" }, "requiredParameters": { "type": "array", "items": { "type": "string" }, - "description": "A list of parameters that must be specified.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A list of parameters that must be specified.\n" } }, "type": "object", @@ -6148,24 +3667,14 @@ "properties": { "key": { "type": "string", - "description": "name of permitted or denied parameter.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "name of permitted or denied parameter.\n" }, "values": { "type": "array", "items": { "type": "string" }, - "description": "list of values what are permitted or denied by policy rule.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "list of values what are permitted or denied by policy rule.\n" } }, "type": "object", @@ -6178,24 +3687,14 @@ "properties": { "key": { "type": "string", - "description": "name of permitted or denied parameter.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "name of permitted or denied parameter.\n" }, "values": { "type": "array", "items": { "type": "string" }, - "description": "list of values what are permitted or denied by policy rule.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "list of values what are permitted or denied by policy rule.\n" } }, "type": "object", @@ -6211,84 +3710,44 @@ "items": { "type": "string" }, - "description": "List of headers to whitelist and allowing\na plugin to include them in the response.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "List of headers to whitelist and allowing\na plugin to include them in the response.\n" }, "auditNonHmacRequestKeys": { "type": "array", "items": { "type": "string" }, - "description": "Specifies the list of keys that will\nnot be HMAC'd by audit devices in the request data object.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the list of keys that will\nnot be HMAC'd by audit devices in the request data object.\n" }, "auditNonHmacResponseKeys": { "type": "array", "items": { "type": "string" }, - "description": "Specifies the list of keys that will\nnot be HMAC'd by audit devices in the response data object.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the list of keys that will\nnot be HMAC'd by audit devices in the response data object.\n" }, "defaultLeaseTtl": { "type": "string", - "description": "Specifies the default time-to-live.\nIf set, this overrides the global default.\nMust be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the default time-to-live.\nIf set, this overrides the global default.\nMust be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)\n" }, "listingVisibility": { "type": "string", - "description": "Specifies whether to show this mount in\nthe UI-specific listing endpoint. Valid values are \"unauth\" or \"hidden\".\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies whether to show this mount in\nthe UI-specific listing endpoint. Valid values are \"unauth\" or \"hidden\".\n" }, "maxLeaseTtl": { "type": "string", - "description": "Specifies the maximum time-to-live.\nIf set, this overrides the global default.\nMust be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the maximum time-to-live.\nIf set, this overrides the global default.\nMust be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)\n" }, "passthroughRequestHeaders": { "type": "array", "items": { "type": "string" }, - "description": "List of headers to whitelist and\npass from the request to the backend.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "List of headers to whitelist and\npass from the request to the backend.\n" }, "tokenType": { "type": "string", - "description": "Specifies the type of tokens that should be returned by\nthe mount. Valid values are \"default-service\", \"default-batch\", \"service\", \"batch\".\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies the type of tokens that should be returned by\nthe mount. Valid values are \"default-service\", \"default-batch\", \"service\", \"batch\".\n" } }, "type": "object" @@ -6296,40 +3755,20 @@ "vault:kv/SecretV2CustomMetadata:SecretV2CustomMetadata": { "properties": { "casRequired": { - "type": "boolean", - "language": { - "python": { - "mapCase": false - } - } + "type": "boolean" }, "data": { "type": "object", "additionalProperties": { "$ref": "pulumi.json#/Any" }, - "description": "A mapping whose keys are the top-level data keys returned from\nVault and whose values are the corresponding values. This map can only\nrepresent string data, so any non-string values returned from Vault are\nserialized as JSON.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A mapping whose keys are the top-level data keys returned from\nVault and whose values are the corresponding values. This map can only\nrepresent string data, so any non-string values returned from Vault are\nserialized as JSON.\n" }, "deleteVersionAfter": { - "type": "integer", - "language": { - "python": { - "mapCase": false - } - } + "type": "integer" }, "maxVersions": { - "type": "integer", - "language": { - "python": { - "mapCase": false - } - } + "type": "integer" } }, "type": "object" @@ -6338,128 +3777,58 @@ "properties": { "accessKey": { "type": "string", - "description": "The AWS access key to use.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The AWS access key to use.\n" }, "allowGenerateKey": { "type": "boolean", - "description": "If no existing key can be found in \nthe referenced backend, instructs Vault to generate a key within the backend.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "If no existing key can be found in \nthe referenced backend, instructs Vault to generate a key within the backend.\n" }, "allowReplaceKey": { "type": "boolean", - "description": "Controls the ability for Vault to replace through\ngeneration or importing a key into the configured backend even\nif a key is present, if set to `false` those operations are forbidden\nif a key exists.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Controls the ability for Vault to replace through\ngeneration or importing a key into the configured backend even\nif a key is present, if set to `false` those operations are forbidden\nif a key exists.\n" }, "allowStoreKey": { "type": "boolean", - "description": "Controls the ability for Vault to import a key to the\nconfigured backend, if `false`, those operations will be forbidden.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Controls the ability for Vault to import a key to the\nconfigured backend, if `false`, those operations will be forbidden.\n" }, "anyMount": { "type": "boolean", - "description": "If `true`, allows usage from any mount point within the\nnamespace.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "If `true`, allows usage from any mount point within the\nnamespace.\n" }, "curve": { "type": "string", - "description": "Supplies the curve value when using the `CKM_ECDSA` mechanism.\nRequired if `allow_generate_key` is `true`.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The curve to use for an ECDSA key. Used when `key_type` \nis `ECDSA`. Required if `allow_generate_key` is `true`.\n" }, "endpoint": { "type": "string", - "description": "Used to specify a custom AWS endpoint.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Used to specify a custom AWS endpoint.\n" }, "keyBits": { "type": "string", - "description": "Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`,\n`CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if\n`allow_generate_key` is `true`.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The size in bits for an RSA key.\n" }, "keyType": { "type": "string", - "description": "The type of key to use.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The type of key to use.\n" }, "kmsKey": { "type": "string", - "description": "An identifier for the key.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "An identifier for the key.\n" }, "name": { "type": "string", - "description": "A unique lowercase name that serves as identifying the key.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A unique lowercase name that serves as identifying the key.\n" }, "region": { "type": "string", - "description": "The AWS region where the keys are stored (or will be stored).\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The AWS region where the keys are stored (or will be stored).\n" }, "secretKey": { "type": "string", - "description": "The AWS access key to use.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The AWS access key to use.\n" }, "uuid": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" } }, "type": "object", @@ -6494,137 +3863,62 @@ "properties": { "allowGenerateKey": { "type": "boolean", - "description": "If no existing key can be found in \nthe referenced backend, instructs Vault to generate a key within the backend.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "If no existing key can be found in \nthe referenced backend, instructs Vault to generate a key within the backend.\n" }, "allowReplaceKey": { "type": "boolean", - "description": "Controls the ability for Vault to replace through\ngeneration or importing a key into the configured backend even\nif a key is present, if set to `false` those operations are forbidden\nif a key exists.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Controls the ability for Vault to replace through\ngeneration or importing a key into the configured backend even\nif a key is present, if set to `false` those operations are forbidden\nif a key exists.\n" }, "allowStoreKey": { "type": "boolean", - "description": "Controls the ability for Vault to import a key to the\nconfigured backend, if `false`, those operations will be forbidden.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Controls the ability for Vault to import a key to the\nconfigured backend, if `false`, those operations will be forbidden.\n" }, "anyMount": { "type": "boolean", - "description": "If `true`, allows usage from any mount point within the\nnamespace.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "If `true`, allows usage from any mount point within the\nnamespace.\n" }, "clientId": { "type": "string", - "description": "The client id for credentials to query the Azure APIs.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The client id for credentials to query the Azure APIs.\n" }, "clientSecret": { "type": "string", - "description": "The client secret for credentials to query the Azure APIs.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The client secret for credentials to query the Azure APIs.\n" }, "environment": { "type": "string", - "description": "The Azure Cloud environment API endpoints to use.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The Azure Cloud environment API endpoints to use.\n" }, "keyBits": { "type": "string", - "description": "Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`,\n`CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if\n`allow_generate_key` is `true`.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The size in bits for an RSA key.\n" }, "keyName": { "type": "string", - "description": "The Key Vault key to use for encryption and decryption.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The Key Vault key to use for encryption and decryption.\n" }, "keyType": { "type": "string", - "description": "The type of key to use.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The type of key to use.\n" }, "name": { "type": "string", - "description": "A unique lowercase name that serves as identifying the key.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A unique lowercase name that serves as identifying the key.\n" }, "resource": { "type": "string", - "description": "The Azure Key Vault resource's DNS Suffix to connect to.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The Azure Key Vault resource's DNS Suffix to connect to.\n" }, "tenantId": { "type": "string", - "description": "The tenant id for the Azure Active Directory organization.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The tenant id for the Azure Active Directory organization.\n" }, "uuid": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "vaultName": { "type": "string", - "description": "The Key Vault vault to use for encryption and decryption.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The Key Vault vault to use for encryption and decryption.\n" } }, "type": "object", @@ -6662,146 +3956,66 @@ "properties": { "allowGenerateKey": { "type": "boolean", - "description": "If no existing key can be found in \nthe referenced backend, instructs Vault to generate a key within the backend.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "If no existing key can be found in \nthe referenced backend, instructs Vault to generate a key within the backend.\n" }, "allowReplaceKey": { "type": "boolean", - "description": "Controls the ability for Vault to replace through\ngeneration or importing a key into the configured backend even\nif a key is present, if set to `false` those operations are forbidden\nif a key exists.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Controls the ability for Vault to replace through\ngeneration or importing a key into the configured backend even\nif a key is present, if set to `false` those operations are forbidden\nif a key exists.\n" }, "allowStoreKey": { "type": "boolean", - "description": "Controls the ability for Vault to import a key to the\nconfigured backend, if `false`, those operations will be forbidden.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Controls the ability for Vault to import a key to the\nconfigured backend, if `false`, those operations will be forbidden.\n" }, "anyMount": { "type": "boolean", - "description": "If `true`, allows usage from any mount point within the\nnamespace.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "If `true`, allows usage from any mount point within the\nnamespace.\n" }, "curve": { "type": "string", - "description": "Supplies the curve value when using the `CKM_ECDSA` mechanism.\nRequired if `allow_generate_key` is `true`.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The curve to use for an ECDSA key. Used when `key_type` \nis `ECDSA`. Required if `allow_generate_key` is `true`.\n" }, "forceRwSession": { "type": "string", - "description": "Force all operations to open up a read-write session to\nthe HSM.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Force all operations to open up a read-write session to\nthe HSM.\n" }, "keyBits": { "type": "string", - "description": "Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`,\n`CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if\n`allow_generate_key` is `true`.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The size in bits for an RSA key.\n" }, "keyId": { "type": "string", - "description": "The id of a PKCS#11 key to use.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The id of a PKCS#11 key to use.\n" }, "keyLabel": { "type": "string", - "description": "The label of the key to use.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The label of the key to use.\n" }, "library": { "type": "string", - "description": "The name of the kms_library stanza to use from Vault's config\nto lookup the local library path.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The name of the kms_library stanza to use from Vault's config\nto lookup the local library path.\n" }, "mechanism": { "type": "string", - "description": "The encryption/decryption mechanism to use, specified as a\nhexadecimal (prefixed by 0x) string.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The encryption/decryption mechanism to use, specified as a\nhexadecimal (prefixed by 0x) string.\n" }, "name": { "type": "string", - "description": "A unique lowercase name that serves as identifying the key.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A unique lowercase name that serves as identifying the key.\n" }, "pin": { "type": "string", - "description": "The PIN for login.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The PIN for login.\n" }, "slot": { "type": "string", - "description": "The slot number to use, specified as a string in a decimal format\n(e.g. `2305843009213693953`).\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The slot number to use, specified as a string in a decimal format\n(e.g. `2305843009213693953`).\n" }, "tokenLabel": { "type": "string", - "description": "The slot token label to use.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The slot token label to use.\n" }, "uuid": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" } }, "type": "object", @@ -6835,24 +4049,14 @@ "properties": { "groupName": { "type": "string", - "description": "Name of the group within the Okta\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Name of the group within the Okta\n" }, "policies": { "type": "array", "items": { "type": "string" }, - "description": "List of Vault policies to associate with this user\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Vault policies to associate with this group\n" } }, "type": "object", @@ -6868,33 +4072,18 @@ "items": { "type": "string" }, - "description": "List of Okta groups to associate with this user\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "List of Okta groups to associate with this user\n" }, "policies": { "type": "array", "items": { "type": "string" }, - "description": "List of Vault policies to associate with this user\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Vault policies to associate with this group\n" }, "username": { "type": "string", - "description": "Name of the user within Okta\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Name of the user within Okta\n" } }, "type": "object", @@ -6906,30 +4095,15 @@ "properties": { "cps": { "type": "string", - "description": "The URL of the CPS for the policy identifier\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The URL of the CPS for the policy identifier\n\nExample usage:\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.pkiSecret.SecretBackendRole;\nimport com.pulumi.vault.pkiSecret.SecretBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var pki = new Mount(\"pki\", MountArgs.builder() \n .path(\"pki\")\n .type(\"pki\")\n .defaultLeaseTtlSeconds(3600)\n .maxLeaseTtlSeconds(86400)\n .build());\n\n var role = new SecretBackendRole(\"role\", SecretBackendRoleArgs.builder() \n .backend(pki.path())\n .ttl(3600)\n .allowIpSans(true)\n .keyType(\"rsa\")\n .keyBits(4096)\n .allowedDomains( \n \"example.com\",\n \"my.domain\")\n .allowSubdomains(true)\n .policyIdentifiers( \n Map.ofEntries(\n Map.entry(\"oid\", \"1.3.6.1.4.1.7.8\"),\n Map.entry(\"notice\", \"I am a user Notice\")\n ),\n Map.ofEntries(\n Map.entry(\"oid\", \"1.3.6.1.4.1.44947.1.2.4\"),\n Map.entry(\"cps\", \"https://example.com\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n pki:\n type: vault:Mount\n properties:\n path: pki\n type: pki\n defaultLeaseTtlSeconds: 3600\n maxLeaseTtlSeconds: 86400\n role:\n type: vault:pkiSecret:SecretBackendRole\n properties:\n backend: ${pki.path}\n ttl: 3600\n allowIpSans: true\n keyType: rsa\n keyBits: 4096\n allowedDomains:\n - example.com\n - my.domain\n allowSubdomains: true\n policyIdentifiers:\n - oid: 1.3.6.1.4.1.7.8\n notice: I am a user Notice\n - oid: 1.3.6.1.4.1.44947.1.2.4\n cps: https://example.com\n```\n" }, "notice": { "type": "string", - "description": "A notice for the policy identifier\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A notice for the policy identifier\n" }, "oid": { "type": "string", - "description": "The OID for the policy identifier\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The OID for the policy identifier\n" } }, "type": "object", @@ -6940,36 +4114,16 @@ "vault:rabbitMq/SecretBackendRoleVhost:SecretBackendRoleVhost": { "properties": { "configure": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "host": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "read": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "write": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" } }, "type": "object", @@ -6983,24 +4137,14 @@ "vault:rabbitMq/SecretBackendRoleVhostTopic:SecretBackendRoleVhostTopic": { "properties": { "host": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "vhosts": { "type": "array", "items": { "$ref": "#/types/vault:rabbitMq/SecretBackendRoleVhostTopicVhost:SecretBackendRoleVhostTopicVhost" }, - "description": "Specifies a map of virtual hosts to permissions.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "Specifies a map of virtual hosts to permissions.\n" } }, "type": "object", @@ -7011,28 +4155,13 @@ "vault:rabbitMq/SecretBackendRoleVhostTopicVhost:SecretBackendRoleVhostTopicVhost": { "properties": { "read": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "topic": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" }, "write": { - "type": "string", - "language": { - "python": { - "mapCase": false - } - } + "type": "string" } }, "type": "object", @@ -7049,21 +4178,11 @@ "items": { "type": "integer" }, - "description": "A list of allowed key lengths as integers. \nFor key types that do not support setting the length a value of `[0]` should be used.\nSetting multiple lengths is only supported on Vault 1.10+. For prior releases `length`\nmust be set to a single element list.\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "A list of allowed key lengths as integers. \nFor key types that do not support setting the length a value of `[0]` should be used.\nSetting multiple lengths is only supported on Vault 1.10+. For prior releases `length`\nmust be set to a single element list.\n\nExample configuration blocks that might be included in the `vault.ssh.SecretBackendRole`\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\n```\n```python\nimport pulumi\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n }\n}\n```\n```yaml\n{}\n```\n" }, "type": { "type": "string", - "description": "The SSH public key type. \n*Supported key types are:*\n`rsa`, `ecdsa`, `ec`, `dsa`, `ed25519`, `ssh-rsa`, `ssh-dss`, `ssh-ed25519`,\n`ecdsa-sha2-nistp256`, `ecdsa-sha2-nistp384`, `ecdsa-sha2-nistp521`\n", - "language": { - "python": { - "mapCase": false - } - } + "description": "The SSH public key type. \n*Supported key types are:*\n`rsa`, `ecdsa`, `ec`, `dsa`, `ed25519`, `ssh-rsa`, `ssh-dss`, `ssh-ed25519`,\n`ecdsa-sha2-nistp256`, `ecdsa-sha2-nistp384`, `ecdsa-sha2-nistp521`\n" } }, "type": "object", @@ -7150,7 +4269,8 @@ "items": { "$ref": "#/types/vault:index/ProviderHeader:ProviderHeader" }, - "description": "The headers to send with each Vault request.\n" + "description": "The headers to send with each Vault request.\n", + "secret": true }, "maxLeaseTtlSeconds": { "type": "integer", @@ -7168,6 +4288,10 @@ "type": "string", "description": "The namespace to use. Available only for Vault Enterprise.\n" }, + "setNamespaceFromToken": { + "type": "boolean", + "description": "In the case where the Vault token is for a specific namespace and the provider namespace is not configured, use the\ntoken namespace as the root namespace for all resources.\n" + }, "skipChildToken": { "type": "boolean", "description": "Set this to true to prevent the creation of ephemeral child token used by this provider.\n" @@ -7276,7 +4400,8 @@ "items": { "$ref": "#/types/vault:index/ProviderHeader:ProviderHeader" }, - "description": "The headers to send with each Vault request.\n" + "description": "The headers to send with each Vault request.\n", + "secret": true }, "maxLeaseTtlSeconds": { "type": "integer", @@ -7306,6 +4431,10 @@ "type": "string", "description": "The namespace to use. Available only for Vault Enterprise.\n" }, + "setNamespaceFromToken": { + "type": "boolean", + "description": "In the case where the Vault token is for a specific namespace and the provider namespace is not configured, use the\ntoken namespace as the root namespace for all resources.\n" + }, "skipChildToken": { "type": "boolean", "description": "Set this to true to prevent the creation of ephemeral child token used by this provider.\n" @@ -7347,7 +4476,7 @@ }, "resources": { "vault:ad/secretBackend:SecretBackend": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new vault.ad.SecretBackend(\"config\", {\n backend: \"ad\",\n binddn: \"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n bindpass: \"SuperSecretPassw0rd\",\n insecureTls: true,\n url: \"ldaps://ad\",\n userdn: \"CN=Users,DC=corp,DC=example,DC=net\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nconfig = vault.ad.SecretBackend(\"config\",\n backend=\"ad\",\n binddn=\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n bindpass=\"SuperSecretPassw0rd\",\n insecure_tls=True,\n url=\"ldaps://ad\",\n userdn=\"CN=Users,DC=corp,DC=example,DC=net\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Vault.AD.SecretBackend(\"config\", new()\n {\n Backend = \"ad\",\n Binddn = \"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n Bindpass = \"SuperSecretPassw0rd\",\n InsecureTls = true,\n Url = \"ldaps://ad\",\n Userdn = \"CN=Users,DC=corp,DC=example,DC=net\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/ad\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ad.NewSecretBackend(ctx, \"config\", \u0026ad.SecretBackendArgs{\n\t\t\tBackend: pulumi.String(\"ad\"),\n\t\t\tBinddn: pulumi.String(\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\"),\n\t\t\tBindpass: pulumi.String(\"SuperSecretPassw0rd\"),\n\t\t\tInsecureTls: pulumi.Bool(true),\n\t\t\tUrl: pulumi.String(\"ldaps://ad\"),\n\t\t\tUserdn: pulumi.String(\"CN=Users,DC=corp,DC=example,DC=net\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.ad.SecretBackend;\nimport com.pulumi.vault.ad.SecretBackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var config = new SecretBackend(\"config\", SecretBackendArgs.builder() \n .backend(\"ad\")\n .binddn(\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\")\n .bindpass(\"SuperSecretPassw0rd\")\n .insecureTls(\"true\")\n .url(\"ldaps://ad\")\n .userdn(\"CN=Users,DC=corp,DC=example,DC=net\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n config:\n type: vault:ad:SecretBackend\n properties:\n backend: ad\n binddn: CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\n bindpass: SuperSecretPassw0rd\n insecureTls: true\n url: ldaps://ad\n userdn: CN=Users,DC=corp,DC=example,DC=net\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAD secret backend can be imported using the `backend`, e.g.\n\n```sh\n $ pulumi import vault:ad/secretBackend:SecretBackend ad ad\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new vault.ad.SecretBackend(\"config\", {\n backend: \"ad\",\n binddn: \"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n bindpass: \"SuperSecretPassw0rd\",\n insecureTls: true,\n url: \"ldaps://ad\",\n userdn: \"CN=Users,DC=corp,DC=example,DC=net\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nconfig = vault.ad.SecretBackend(\"config\",\n backend=\"ad\",\n binddn=\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n bindpass=\"SuperSecretPassw0rd\",\n insecure_tls=True,\n url=\"ldaps://ad\",\n userdn=\"CN=Users,DC=corp,DC=example,DC=net\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Vault.AD.SecretBackend(\"config\", new()\n {\n Backend = \"ad\",\n Binddn = \"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n Bindpass = \"SuperSecretPassw0rd\",\n InsecureTls = true,\n Url = \"ldaps://ad\",\n Userdn = \"CN=Users,DC=corp,DC=example,DC=net\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/ad\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ad.NewSecretBackend(ctx, \"config\", \u0026ad.SecretBackendArgs{\n\t\t\tBackend: pulumi.String(\"ad\"),\n\t\t\tBinddn: pulumi.String(\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\"),\n\t\t\tBindpass: pulumi.String(\"SuperSecretPassw0rd\"),\n\t\t\tInsecureTls: pulumi.Bool(true),\n\t\t\tUrl: pulumi.String(\"ldaps://ad\"),\n\t\t\tUserdn: pulumi.String(\"CN=Users,DC=corp,DC=example,DC=net\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.ad.SecretBackend;\nimport com.pulumi.vault.ad.SecretBackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var config = new SecretBackend(\"config\", SecretBackendArgs.builder() \n .backend(\"ad\")\n .binddn(\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\")\n .bindpass(\"SuperSecretPassw0rd\")\n .insecureTls(\"true\")\n .url(\"ldaps://ad\")\n .userdn(\"CN=Users,DC=corp,DC=example,DC=net\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n config:\n type: vault:ad:SecretBackend\n properties:\n backend: ad\n binddn: CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\n bindpass: SuperSecretPassw0rd\n insecureTls: 'true'\n url: ldaps://ad\n userdn: CN=Users,DC=corp,DC=example,DC=net\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAD secret backend can be imported using the `backend`, e.g.\n\n```sh\n $ pulumi import vault:ad/secretBackend:SecretBackend ad ad\n```\n ", "properties": { "anonymousGroupSearch": { "type": "boolean", @@ -7829,7 +4958,7 @@ } }, "vault:ad/secretLibrary:SecretLibrary": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new vault.ad.SecretBackend(\"config\", {\n backend: \"ad\",\n binddn: \"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n bindpass: \"SuperSecretPassw0rd\",\n url: \"ldaps://ad\",\n insecureTls: true,\n userdn: \"CN=Users,DC=corp,DC=example,DC=net\",\n});\nconst qa = new vault.ad.SecretLibrary(\"qa\", {\n backend: config.backend,\n serviceAccountNames: [\n \"Bob\",\n \"Mary\",\n ],\n ttl: 60,\n disableCheckInEnforcement: true,\n maxTtl: 120,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nconfig = vault.ad.SecretBackend(\"config\",\n backend=\"ad\",\n binddn=\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n bindpass=\"SuperSecretPassw0rd\",\n url=\"ldaps://ad\",\n insecure_tls=True,\n userdn=\"CN=Users,DC=corp,DC=example,DC=net\")\nqa = vault.ad.SecretLibrary(\"qa\",\n backend=config.backend,\n service_account_names=[\n \"Bob\",\n \"Mary\",\n ],\n ttl=60,\n disable_check_in_enforcement=True,\n max_ttl=120)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Vault.AD.SecretBackend(\"config\", new()\n {\n Backend = \"ad\",\n Binddn = \"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n Bindpass = \"SuperSecretPassw0rd\",\n Url = \"ldaps://ad\",\n InsecureTls = true,\n Userdn = \"CN=Users,DC=corp,DC=example,DC=net\",\n });\n\n var qa = new Vault.AD.SecretLibrary(\"qa\", new()\n {\n Backend = config.Backend,\n ServiceAccountNames = new[]\n {\n \"Bob\",\n \"Mary\",\n },\n Ttl = 60,\n DisableCheckInEnforcement = true,\n MaxTtl = 120,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/ad\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tconfig, err := ad.NewSecretBackend(ctx, \"config\", \u0026ad.SecretBackendArgs{\n\t\t\tBackend: pulumi.String(\"ad\"),\n\t\t\tBinddn: pulumi.String(\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\"),\n\t\t\tBindpass: pulumi.String(\"SuperSecretPassw0rd\"),\n\t\t\tUrl: pulumi.String(\"ldaps://ad\"),\n\t\t\tInsecureTls: pulumi.Bool(true),\n\t\t\tUserdn: pulumi.String(\"CN=Users,DC=corp,DC=example,DC=net\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ad.NewSecretLibrary(ctx, \"qa\", \u0026ad.SecretLibraryArgs{\n\t\t\tBackend: config.Backend,\n\t\t\tServiceAccountNames: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"Bob\"),\n\t\t\t\tpulumi.String(\"Mary\"),\n\t\t\t},\n\t\t\tTtl: pulumi.Int(60),\n\t\t\tDisableCheckInEnforcement: pulumi.Bool(true),\n\t\t\tMaxTtl: pulumi.Int(120),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.ad.SecretBackend;\nimport com.pulumi.vault.ad.SecretBackendArgs;\nimport com.pulumi.vault.ad.SecretLibrary;\nimport com.pulumi.vault.ad.SecretLibraryArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var config = new SecretBackend(\"config\", SecretBackendArgs.builder() \n .backend(\"ad\")\n .binddn(\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\")\n .bindpass(\"SuperSecretPassw0rd\")\n .url(\"ldaps://ad\")\n .insecureTls(\"true\")\n .userdn(\"CN=Users,DC=corp,DC=example,DC=net\")\n .build());\n\n var qa = new SecretLibrary(\"qa\", SecretLibraryArgs.builder() \n .backend(config.backend())\n .serviceAccountNames( \n \"Bob\",\n \"Mary\")\n .ttl(60)\n .disableCheckInEnforcement(true)\n .maxTtl(120)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n config:\n type: vault:ad:SecretBackend\n properties:\n backend: ad\n binddn: CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\n bindpass: SuperSecretPassw0rd\n url: ldaps://ad\n insecureTls: true\n userdn: CN=Users,DC=corp,DC=example,DC=net\n qa:\n type: vault:ad:SecretLibrary\n properties:\n backend: ${config.backend}\n serviceAccountNames:\n - Bob\n - Mary\n ttl: 60\n disableCheckInEnforcement: true\n maxTtl: 120\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAD secret backend libraries can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:ad/secretLibrary:SecretLibrary role ad/library/bob\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new vault.ad.SecretBackend(\"config\", {\n backend: \"ad\",\n binddn: \"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n bindpass: \"SuperSecretPassw0rd\",\n url: \"ldaps://ad\",\n insecureTls: true,\n userdn: \"CN=Users,DC=corp,DC=example,DC=net\",\n});\nconst qa = new vault.ad.SecretLibrary(\"qa\", {\n backend: config.backend,\n serviceAccountNames: [\n \"Bob\",\n \"Mary\",\n ],\n ttl: 60,\n disableCheckInEnforcement: true,\n maxTtl: 120,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nconfig = vault.ad.SecretBackend(\"config\",\n backend=\"ad\",\n binddn=\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n bindpass=\"SuperSecretPassw0rd\",\n url=\"ldaps://ad\",\n insecure_tls=True,\n userdn=\"CN=Users,DC=corp,DC=example,DC=net\")\nqa = vault.ad.SecretLibrary(\"qa\",\n backend=config.backend,\n service_account_names=[\n \"Bob\",\n \"Mary\",\n ],\n ttl=60,\n disable_check_in_enforcement=True,\n max_ttl=120)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Vault.AD.SecretBackend(\"config\", new()\n {\n Backend = \"ad\",\n Binddn = \"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n Bindpass = \"SuperSecretPassw0rd\",\n Url = \"ldaps://ad\",\n InsecureTls = true,\n Userdn = \"CN=Users,DC=corp,DC=example,DC=net\",\n });\n\n var qa = new Vault.AD.SecretLibrary(\"qa\", new()\n {\n Backend = config.Backend,\n ServiceAccountNames = new[]\n {\n \"Bob\",\n \"Mary\",\n },\n Ttl = 60,\n DisableCheckInEnforcement = true,\n MaxTtl = 120,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/ad\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tconfig, err := ad.NewSecretBackend(ctx, \"config\", \u0026ad.SecretBackendArgs{\n\t\t\tBackend: pulumi.String(\"ad\"),\n\t\t\tBinddn: pulumi.String(\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\"),\n\t\t\tBindpass: pulumi.String(\"SuperSecretPassw0rd\"),\n\t\t\tUrl: pulumi.String(\"ldaps://ad\"),\n\t\t\tInsecureTls: pulumi.Bool(true),\n\t\t\tUserdn: pulumi.String(\"CN=Users,DC=corp,DC=example,DC=net\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ad.NewSecretLibrary(ctx, \"qa\", \u0026ad.SecretLibraryArgs{\n\t\t\tBackend: config.Backend,\n\t\t\tServiceAccountNames: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"Bob\"),\n\t\t\t\tpulumi.String(\"Mary\"),\n\t\t\t},\n\t\t\tTtl: pulumi.Int(60),\n\t\t\tDisableCheckInEnforcement: pulumi.Bool(true),\n\t\t\tMaxTtl: pulumi.Int(120),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.ad.SecretBackend;\nimport com.pulumi.vault.ad.SecretBackendArgs;\nimport com.pulumi.vault.ad.SecretLibrary;\nimport com.pulumi.vault.ad.SecretLibraryArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var config = new SecretBackend(\"config\", SecretBackendArgs.builder() \n .backend(\"ad\")\n .binddn(\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\")\n .bindpass(\"SuperSecretPassw0rd\")\n .url(\"ldaps://ad\")\n .insecureTls(\"true\")\n .userdn(\"CN=Users,DC=corp,DC=example,DC=net\")\n .build());\n\n var qa = new SecretLibrary(\"qa\", SecretLibraryArgs.builder() \n .backend(config.backend())\n .serviceAccountNames( \n \"Bob\",\n \"Mary\")\n .ttl(60)\n .disableCheckInEnforcement(true)\n .maxTtl(120)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n config:\n type: vault:ad:SecretBackend\n properties:\n backend: ad\n binddn: CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\n bindpass: SuperSecretPassw0rd\n url: ldaps://ad\n insecureTls: 'true'\n userdn: CN=Users,DC=corp,DC=example,DC=net\n qa:\n type: vault:ad:SecretLibrary\n properties:\n backend: ${config.backend}\n serviceAccountNames:\n - Bob\n - Mary\n ttl: 60\n disableCheckInEnforcement: true\n maxTtl: 120\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAD secret backend libraries can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:ad/secretLibrary:SecretLibrary role ad/library/bob\n```\n ", "properties": { "backend": { "type": "string", @@ -7954,7 +5083,7 @@ } }, "vault:ad/secretRole:SecretRole": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new vault.ad.SecretBackend(\"config\", {\n backend: \"ad\",\n binddn: \"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n bindpass: \"SuperSecretPassw0rd\",\n url: \"ldaps://ad\",\n insecureTls: true,\n userdn: \"CN=Users,DC=corp,DC=example,DC=net\",\n});\nconst role = new vault.ad.SecretRole(\"role\", {\n backend: config.backend,\n role: \"bob\",\n serviceAccountName: \"Bob\",\n ttl: 60,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nconfig = vault.ad.SecretBackend(\"config\",\n backend=\"ad\",\n binddn=\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n bindpass=\"SuperSecretPassw0rd\",\n url=\"ldaps://ad\",\n insecure_tls=True,\n userdn=\"CN=Users,DC=corp,DC=example,DC=net\")\nrole = vault.ad.SecretRole(\"role\",\n backend=config.backend,\n role=\"bob\",\n service_account_name=\"Bob\",\n ttl=60)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Vault.AD.SecretBackend(\"config\", new()\n {\n Backend = \"ad\",\n Binddn = \"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n Bindpass = \"SuperSecretPassw0rd\",\n Url = \"ldaps://ad\",\n InsecureTls = true,\n Userdn = \"CN=Users,DC=corp,DC=example,DC=net\",\n });\n\n var role = new Vault.AD.SecretRole(\"role\", new()\n {\n Backend = config.Backend,\n Role = \"bob\",\n ServiceAccountName = \"Bob\",\n Ttl = 60,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/ad\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tconfig, err := ad.NewSecretBackend(ctx, \"config\", \u0026ad.SecretBackendArgs{\n\t\t\tBackend: pulumi.String(\"ad\"),\n\t\t\tBinddn: pulumi.String(\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\"),\n\t\t\tBindpass: pulumi.String(\"SuperSecretPassw0rd\"),\n\t\t\tUrl: pulumi.String(\"ldaps://ad\"),\n\t\t\tInsecureTls: pulumi.Bool(true),\n\t\t\tUserdn: pulumi.String(\"CN=Users,DC=corp,DC=example,DC=net\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ad.NewSecretRole(ctx, \"role\", \u0026ad.SecretRoleArgs{\n\t\t\tBackend: config.Backend,\n\t\t\tRole: pulumi.String(\"bob\"),\n\t\t\tServiceAccountName: pulumi.String(\"Bob\"),\n\t\t\tTtl: pulumi.Int(60),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.ad.SecretBackend;\nimport com.pulumi.vault.ad.SecretBackendArgs;\nimport com.pulumi.vault.ad.SecretRole;\nimport com.pulumi.vault.ad.SecretRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var config = new SecretBackend(\"config\", SecretBackendArgs.builder() \n .backend(\"ad\")\n .binddn(\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\")\n .bindpass(\"SuperSecretPassw0rd\")\n .url(\"ldaps://ad\")\n .insecureTls(\"true\")\n .userdn(\"CN=Users,DC=corp,DC=example,DC=net\")\n .build());\n\n var role = new SecretRole(\"role\", SecretRoleArgs.builder() \n .backend(config.backend())\n .role(\"bob\")\n .serviceAccountName(\"Bob\")\n .ttl(60)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n config:\n type: vault:ad:SecretBackend\n properties:\n backend: ad\n binddn: CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\n bindpass: SuperSecretPassw0rd\n url: ldaps://ad\n insecureTls: true\n userdn: CN=Users,DC=corp,DC=example,DC=net\n role:\n type: vault:ad:SecretRole\n properties:\n backend: ${config.backend}\n role: bob\n serviceAccountName: Bob\n ttl: 60\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAD secret backend roles can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:ad/secretRole:SecretRole role ad/roles/bob\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new vault.ad.SecretBackend(\"config\", {\n backend: \"ad\",\n binddn: \"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n bindpass: \"SuperSecretPassw0rd\",\n url: \"ldaps://ad\",\n insecureTls: true,\n userdn: \"CN=Users,DC=corp,DC=example,DC=net\",\n});\nconst role = new vault.ad.SecretRole(\"role\", {\n backend: config.backend,\n role: \"bob\",\n serviceAccountName: \"Bob\",\n ttl: 60,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nconfig = vault.ad.SecretBackend(\"config\",\n backend=\"ad\",\n binddn=\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n bindpass=\"SuperSecretPassw0rd\",\n url=\"ldaps://ad\",\n insecure_tls=True,\n userdn=\"CN=Users,DC=corp,DC=example,DC=net\")\nrole = vault.ad.SecretRole(\"role\",\n backend=config.backend,\n role=\"bob\",\n service_account_name=\"Bob\",\n ttl=60)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Vault.AD.SecretBackend(\"config\", new()\n {\n Backend = \"ad\",\n Binddn = \"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n Bindpass = \"SuperSecretPassw0rd\",\n Url = \"ldaps://ad\",\n InsecureTls = true,\n Userdn = \"CN=Users,DC=corp,DC=example,DC=net\",\n });\n\n var role = new Vault.AD.SecretRole(\"role\", new()\n {\n Backend = config.Backend,\n Role = \"bob\",\n ServiceAccountName = \"Bob\",\n Ttl = 60,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/ad\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tconfig, err := ad.NewSecretBackend(ctx, \"config\", \u0026ad.SecretBackendArgs{\n\t\t\tBackend: pulumi.String(\"ad\"),\n\t\t\tBinddn: pulumi.String(\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\"),\n\t\t\tBindpass: pulumi.String(\"SuperSecretPassw0rd\"),\n\t\t\tUrl: pulumi.String(\"ldaps://ad\"),\n\t\t\tInsecureTls: pulumi.Bool(true),\n\t\t\tUserdn: pulumi.String(\"CN=Users,DC=corp,DC=example,DC=net\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ad.NewSecretRole(ctx, \"role\", \u0026ad.SecretRoleArgs{\n\t\t\tBackend: config.Backend,\n\t\t\tRole: pulumi.String(\"bob\"),\n\t\t\tServiceAccountName: pulumi.String(\"Bob\"),\n\t\t\tTtl: pulumi.Int(60),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.ad.SecretBackend;\nimport com.pulumi.vault.ad.SecretBackendArgs;\nimport com.pulumi.vault.ad.SecretRole;\nimport com.pulumi.vault.ad.SecretRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var config = new SecretBackend(\"config\", SecretBackendArgs.builder() \n .backend(\"ad\")\n .binddn(\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\")\n .bindpass(\"SuperSecretPassw0rd\")\n .url(\"ldaps://ad\")\n .insecureTls(\"true\")\n .userdn(\"CN=Users,DC=corp,DC=example,DC=net\")\n .build());\n\n var role = new SecretRole(\"role\", SecretRoleArgs.builder() \n .backend(config.backend())\n .role(\"bob\")\n .serviceAccountName(\"Bob\")\n .ttl(60)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n config:\n type: vault:ad:SecretBackend\n properties:\n backend: ad\n binddn: CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\n bindpass: SuperSecretPassw0rd\n url: ldaps://ad\n insecureTls: 'true'\n userdn: CN=Users,DC=corp,DC=example,DC=net\n role:\n type: vault:ad:SecretRole\n properties:\n backend: ${config.backend}\n role: bob\n serviceAccountName: Bob\n ttl: 60\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAD secret backend roles can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:ad/secretRole:SecretRole role ad/roles/bob\n```\n ", "properties": { "backend": { "type": "string", @@ -8061,7 +5190,7 @@ } }, "vault:alicloud/authBackendRole:AuthBackendRole": { - "description": "Provides a resource to create a role in an [AliCloud auth backend within Vault](https://www.vaultproject.io/docs/auth/alicloud.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst alicloudAuthBackend = new vault.AuthBackend(\"alicloudAuthBackend\", {\n type: \"alicloud\",\n path: \"alicloud\",\n});\nconst alicloudAuthBackendRole = new vault.alicloud.AuthBackendRole(\"alicloudAuthBackendRole\", {\n backend: alicloudAuthBackend.path,\n role: \"example\",\n arn: \"acs:ram:123456:tf:role/foobar\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nalicloud_auth_backend = vault.AuthBackend(\"alicloudAuthBackend\",\n type=\"alicloud\",\n path=\"alicloud\")\nalicloud_auth_backend_role = vault.alicloud.AuthBackendRole(\"alicloudAuthBackendRole\",\n backend=alicloud_auth_backend.path,\n role=\"example\",\n arn=\"acs:ram:123456:tf:role/foobar\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var alicloudAuthBackend = new Vault.AuthBackend(\"alicloudAuthBackend\", new()\n {\n Type = \"alicloud\",\n Path = \"alicloud\",\n });\n\n var alicloudAuthBackendRole = new Vault.AliCloud.AuthBackendRole(\"alicloudAuthBackendRole\", new()\n {\n Backend = alicloudAuthBackend.Path,\n Role = \"example\",\n Arn = \"acs:ram:123456:tf:role/foobar\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/alicloud\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\talicloudAuthBackend, err := vault.NewAuthBackend(ctx, \"alicloudAuthBackend\", \u0026vault.AuthBackendArgs{\n\t\t\tType: pulumi.String(\"alicloud\"),\n\t\t\tPath: pulumi.String(\"alicloud\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = alicloud.NewAuthBackendRole(ctx, \"alicloudAuthBackendRole\", \u0026alicloud.AuthBackendRoleArgs{\n\t\t\tBackend: alicloudAuthBackend.Path,\n\t\t\tRole: pulumi.String(\"example\"),\n\t\t\tArn: pulumi.String(\"acs:ram:123456:tf:role/foobar\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.alicloud.AuthBackendRole;\nimport com.pulumi.vault.alicloud.AuthBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var alicloudAuthBackend = new AuthBackend(\"alicloudAuthBackend\", AuthBackendArgs.builder() \n .type(\"alicloud\")\n .path(\"alicloud\")\n .build());\n\n var alicloudAuthBackendRole = new AuthBackendRole(\"alicloudAuthBackendRole\", AuthBackendRoleArgs.builder() \n .backend(alicloudAuthBackend.path())\n .role(\"example\")\n .arn(\"acs:ram:123456:tf:role/foobar\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n alicloudAuthBackend:\n type: vault:AuthBackend\n properties:\n type: alicloud\n path: alicloud\n alicloudAuthBackendRole:\n type: vault:alicloud:AuthBackendRole\n properties:\n backend: ${alicloudAuthBackend.path}\n role: example\n arn: acs:ram:123456:tf:role/foobar\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAlicloud authentication roles can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:alicloud/authBackendRole:AuthBackendRole my_role auth/alicloud/role/my_role\n```\n\n ", + "description": "Provides a resource to create a role in an [AliCloud auth backend within Vault](https://www.vaultproject.io/docs/auth/alicloud.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst alicloudAuthBackend = new vault.AuthBackend(\"alicloudAuthBackend\", {\n type: \"alicloud\",\n path: \"alicloud\",\n});\nconst alicloudAuthBackendRole = new vault.alicloud.AuthBackendRole(\"alicloudAuthBackendRole\", {\n backend: alicloudAuthBackend.path,\n role: \"example\",\n arn: \"acs:ram:123456:tf:role/foobar\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nalicloud_auth_backend = vault.AuthBackend(\"alicloudAuthBackend\",\n type=\"alicloud\",\n path=\"alicloud\")\nalicloud_auth_backend_role = vault.alicloud.AuthBackendRole(\"alicloudAuthBackendRole\",\n backend=alicloud_auth_backend.path,\n role=\"example\",\n arn=\"acs:ram:123456:tf:role/foobar\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var alicloudAuthBackend = new Vault.AuthBackend(\"alicloudAuthBackend\", new()\n {\n Type = \"alicloud\",\n Path = \"alicloud\",\n });\n\n var alicloudAuthBackendRole = new Vault.AliCloud.AuthBackendRole(\"alicloudAuthBackendRole\", new()\n {\n Backend = alicloudAuthBackend.Path,\n Role = \"example\",\n Arn = \"acs:ram:123456:tf:role/foobar\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/alicloud\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\talicloudAuthBackend, err := vault.NewAuthBackend(ctx, \"alicloudAuthBackend\", \u0026vault.AuthBackendArgs{\n\t\t\tType: pulumi.String(\"alicloud\"),\n\t\t\tPath: pulumi.String(\"alicloud\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = alicloud.NewAuthBackendRole(ctx, \"alicloudAuthBackendRole\", \u0026alicloud.AuthBackendRoleArgs{\n\t\t\tBackend: alicloudAuthBackend.Path,\n\t\t\tRole: pulumi.String(\"example\"),\n\t\t\tArn: pulumi.String(\"acs:ram:123456:tf:role/foobar\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.alicloud.AuthBackendRole;\nimport com.pulumi.vault.alicloud.AuthBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var alicloudAuthBackend = new AuthBackend(\"alicloudAuthBackend\", AuthBackendArgs.builder() \n .type(\"alicloud\")\n .path(\"alicloud\")\n .build());\n\n var alicloudAuthBackendRole = new AuthBackendRole(\"alicloudAuthBackendRole\", AuthBackendRoleArgs.builder() \n .backend(alicloudAuthBackend.path())\n .role(\"example\")\n .arn(\"acs:ram:123456:tf:role/foobar\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n alicloudAuthBackend:\n type: vault:AuthBackend\n properties:\n type: alicloud\n path: alicloud\n alicloudAuthBackendRole:\n type: vault:alicloud:AuthBackendRole\n properties:\n backend: ${alicloudAuthBackend.path}\n role: example\n arn: acs:ram:123456:tf:role/foobar\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAlicloud authentication roles can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:alicloud/authBackendRole:AuthBackendRole my_role auth/alicloud/role/my_role\n```\n ", "properties": { "arn": { "type": "string", @@ -8069,7 +5198,7 @@ }, "backend": { "type": "string", - "description": "Path to the mounted AliCloud auth backend.\nDefaults to `alicloud`\n" + "description": "Path to the mounted AliCloud auth backend.\nDefaults to `alicloud`\n\nFor more details on the usage of each argument consult the [Vault AliCloud API documentation](https://www.vaultproject.io/api-docs/auth/alicloud).\n" }, "namespace": { "type": "string", @@ -8133,7 +5262,7 @@ }, "backend": { "type": "string", - "description": "Path to the mounted AliCloud auth backend.\nDefaults to `alicloud`\n", + "description": "Path to the mounted AliCloud auth backend.\nDefaults to `alicloud`\n\nFor more details on the usage of each argument consult the [Vault AliCloud API documentation](https://www.vaultproject.io/api-docs/auth/alicloud).\n", "willReplaceOnChanges": true }, "namespace": { @@ -8202,7 +5331,7 @@ }, "backend": { "type": "string", - "description": "Path to the mounted AliCloud auth backend.\nDefaults to `alicloud`\n", + "description": "Path to the mounted AliCloud auth backend.\nDefaults to `alicloud`\n\nFor more details on the usage of each argument consult the [Vault AliCloud API documentation](https://www.vaultproject.io/api-docs/auth/alicloud).\n", "willReplaceOnChanges": true }, "namespace": { @@ -8262,7 +5391,7 @@ } }, "vault:appRole/authBackendLogin:AuthBackendLogin": { - "description": "Logs into Vault using the AppRole auth backend. See the [Vault\ndocumentation](https://www.vaultproject.io/docs/auth/approle) for more\ninformation.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst approle = new vault.AuthBackend(\"approle\", {type: \"approle\"});\nconst example = new vault.approle.AuthBackendRole(\"example\", {\n backend: approle.path,\n roleName: \"test-role\",\n tokenPolicies: [\n \"default\",\n \"dev\",\n \"prod\",\n ],\n});\nconst id = new vault.approle.AuthBackendRoleSecretId(\"id\", {\n backend: approle.path,\n roleName: example.roleName,\n});\nconst login = new vault.approle.AuthBackendLogin(\"login\", {\n backend: approle.path,\n roleId: example.roleId,\n secretId: id.secretId,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\napprole = vault.AuthBackend(\"approle\", type=\"approle\")\nexample = vault.app_role.AuthBackendRole(\"example\",\n backend=approle.path,\n role_name=\"test-role\",\n token_policies=[\n \"default\",\n \"dev\",\n \"prod\",\n ])\nid = vault.app_role.AuthBackendRoleSecretId(\"id\",\n backend=approle.path,\n role_name=example.role_name)\nlogin = vault.app_role.AuthBackendLogin(\"login\",\n backend=approle.path,\n role_id=example.role_id,\n secret_id=id.secret_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var approle = new Vault.AuthBackend(\"approle\", new()\n {\n Type = \"approle\",\n });\n\n var example = new Vault.AppRole.AuthBackendRole(\"example\", new()\n {\n Backend = approle.Path,\n RoleName = \"test-role\",\n TokenPolicies = new[]\n {\n \"default\",\n \"dev\",\n \"prod\",\n },\n });\n\n var id = new Vault.AppRole.AuthBackendRoleSecretId(\"id\", new()\n {\n Backend = approle.Path,\n RoleName = example.RoleName,\n });\n\n var login = new Vault.AppRole.AuthBackendLogin(\"login\", new()\n {\n Backend = approle.Path,\n RoleId = example.RoleId,\n SecretId = id.SecretId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/appRole\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tapprole, err := vault.NewAuthBackend(ctx, \"approle\", \u0026vault.AuthBackendArgs{\n\t\t\tType: pulumi.String(\"approle\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := appRole.NewAuthBackendRole(ctx, \"example\", \u0026appRole.AuthBackendRoleArgs{\n\t\t\tBackend: approle.Path,\n\t\t\tRoleName: pulumi.String(\"test-role\"),\n\t\t\tTokenPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"default\"),\n\t\t\t\tpulumi.String(\"dev\"),\n\t\t\t\tpulumi.String(\"prod\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tid, err := appRole.NewAuthBackendRoleSecretId(ctx, \"id\", \u0026appRole.AuthBackendRoleSecretIdArgs{\n\t\t\tBackend: approle.Path,\n\t\t\tRoleName: example.RoleName,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appRole.NewAuthBackendLogin(ctx, \"login\", \u0026appRole.AuthBackendLoginArgs{\n\t\t\tBackend: approle.Path,\n\t\t\tRoleId: example.RoleId,\n\t\t\tSecretId: id.SecretId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.appRole.AuthBackendRole;\nimport com.pulumi.vault.appRole.AuthBackendRoleArgs;\nimport com.pulumi.vault.appRole.AuthBackendRoleSecretId;\nimport com.pulumi.vault.appRole.AuthBackendRoleSecretIdArgs;\nimport com.pulumi.vault.appRole.AuthBackendLogin;\nimport com.pulumi.vault.appRole.AuthBackendLoginArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var approle = new AuthBackend(\"approle\", AuthBackendArgs.builder() \n .type(\"approle\")\n .build());\n\n var example = new AuthBackendRole(\"example\", AuthBackendRoleArgs.builder() \n .backend(approle.path())\n .roleName(\"test-role\")\n .tokenPolicies( \n \"default\",\n \"dev\",\n \"prod\")\n .build());\n\n var id = new AuthBackendRoleSecretId(\"id\", AuthBackendRoleSecretIdArgs.builder() \n .backend(approle.path())\n .roleName(example.roleName())\n .build());\n\n var login = new AuthBackendLogin(\"login\", AuthBackendLoginArgs.builder() \n .backend(approle.path())\n .roleId(example.roleId())\n .secretId(id.secretId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n approle:\n type: vault:AuthBackend\n properties:\n type: approle\n example:\n type: vault:appRole:AuthBackendRole\n properties:\n backend: ${approle.path}\n roleName: test-role\n tokenPolicies:\n - default\n - dev\n - prod\n id:\n type: vault:appRole:AuthBackendRoleSecretId\n properties:\n backend: ${approle.path}\n roleName: ${example.roleName}\n login:\n type: vault:appRole:AuthBackendLogin\n properties:\n backend: ${approle.path}\n roleId: ${example.roleId}\n secretId: ${id.secretId}\n```\n{{% /example %}}\n{{% /examples %}}", + "description": "Logs into Vault using the AppRole auth backend. See the [Vault\ndocumentation](https://www.vaultproject.io/docs/auth/approle) for more\ninformation.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst approle = new vault.AuthBackend(\"approle\", {type: \"approle\"});\nconst example = new vault.approle.AuthBackendRole(\"example\", {\n backend: approle.path,\n roleName: \"test-role\",\n tokenPolicies: [\n \"default\",\n \"dev\",\n \"prod\",\n ],\n});\nconst id = new vault.approle.AuthBackendRoleSecretId(\"id\", {\n backend: approle.path,\n roleName: example.roleName,\n});\nconst login = new vault.approle.AuthBackendLogin(\"login\", {\n backend: approle.path,\n roleId: example.roleId,\n secretId: id.secretId,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\napprole = vault.AuthBackend(\"approle\", type=\"approle\")\nexample = vault.app_role.AuthBackendRole(\"example\",\n backend=approle.path,\n role_name=\"test-role\",\n token_policies=[\n \"default\",\n \"dev\",\n \"prod\",\n ])\nid = vault.app_role.AuthBackendRoleSecretId(\"id\",\n backend=approle.path,\n role_name=example.role_name)\nlogin = vault.app_role.AuthBackendLogin(\"login\",\n backend=approle.path,\n role_id=example.role_id,\n secret_id=id.secret_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var approle = new Vault.AuthBackend(\"approle\", new()\n {\n Type = \"approle\",\n });\n\n var example = new Vault.AppRole.AuthBackendRole(\"example\", new()\n {\n Backend = approle.Path,\n RoleName = \"test-role\",\n TokenPolicies = new[]\n {\n \"default\",\n \"dev\",\n \"prod\",\n },\n });\n\n var id = new Vault.AppRole.AuthBackendRoleSecretId(\"id\", new()\n {\n Backend = approle.Path,\n RoleName = example.RoleName,\n });\n\n var login = new Vault.AppRole.AuthBackendLogin(\"login\", new()\n {\n Backend = approle.Path,\n RoleId = example.RoleId,\n SecretId = id.SecretId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/appRole\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tapprole, err := vault.NewAuthBackend(ctx, \"approle\", \u0026vault.AuthBackendArgs{\n\t\t\tType: pulumi.String(\"approle\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := appRole.NewAuthBackendRole(ctx, \"example\", \u0026appRole.AuthBackendRoleArgs{\n\t\t\tBackend: approle.Path,\n\t\t\tRoleName: pulumi.String(\"test-role\"),\n\t\t\tTokenPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"default\"),\n\t\t\t\tpulumi.String(\"dev\"),\n\t\t\t\tpulumi.String(\"prod\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tid, err := appRole.NewAuthBackendRoleSecretId(ctx, \"id\", \u0026appRole.AuthBackendRoleSecretIdArgs{\n\t\t\tBackend: approle.Path,\n\t\t\tRoleName: example.RoleName,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appRole.NewAuthBackendLogin(ctx, \"login\", \u0026appRole.AuthBackendLoginArgs{\n\t\t\tBackend: approle.Path,\n\t\t\tRoleId: example.RoleId,\n\t\t\tSecretId: id.SecretId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.appRole.AuthBackendRole;\nimport com.pulumi.vault.appRole.AuthBackendRoleArgs;\nimport com.pulumi.vault.appRole.AuthBackendRoleSecretId;\nimport com.pulumi.vault.appRole.AuthBackendRoleSecretIdArgs;\nimport com.pulumi.vault.appRole.AuthBackendLogin;\nimport com.pulumi.vault.appRole.AuthBackendLoginArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var approle = new AuthBackend(\"approle\", AuthBackendArgs.builder() \n .type(\"approle\")\n .build());\n\n var example = new AuthBackendRole(\"example\", AuthBackendRoleArgs.builder() \n .backend(approle.path())\n .roleName(\"test-role\")\n .tokenPolicies( \n \"default\",\n \"dev\",\n \"prod\")\n .build());\n\n var id = new AuthBackendRoleSecretId(\"id\", AuthBackendRoleSecretIdArgs.builder() \n .backend(approle.path())\n .roleName(example.roleName())\n .build());\n\n var login = new AuthBackendLogin(\"login\", AuthBackendLoginArgs.builder() \n .backend(approle.path())\n .roleId(example.roleId())\n .secretId(id.secretId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n approle:\n type: vault:AuthBackend\n properties:\n type: approle\n example:\n type: vault:appRole:AuthBackendRole\n properties:\n backend: ${approle.path}\n roleName: test-role\n tokenPolicies:\n - default\n - dev\n - prod\n id:\n type: vault:appRole:AuthBackendRoleSecretId\n properties:\n backend: ${approle.path}\n roleName: ${example.roleName}\n login:\n type: vault:appRole:AuthBackendLogin\n properties:\n backend: ${approle.path}\n roleId: ${example.roleId}\n secretId: ${id.secretId}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "accessor": { "type": "string", @@ -8417,7 +5546,7 @@ } }, "vault:appRole/authBackendRole:AuthBackendRole": { - "description": "Manages an AppRole auth backend role in a Vault server. See the [Vault\ndocumentation](https://www.vaultproject.io/docs/auth/approle) for more\ninformation.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst approle = new vault.AuthBackend(\"approle\", {type: \"approle\"});\nconst example = new vault.approle.AuthBackendRole(\"example\", {\n backend: approle.path,\n roleName: \"test-role\",\n tokenPolicies: [\n \"default\",\n \"dev\",\n \"prod\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\napprole = vault.AuthBackend(\"approle\", type=\"approle\")\nexample = vault.app_role.AuthBackendRole(\"example\",\n backend=approle.path,\n role_name=\"test-role\",\n token_policies=[\n \"default\",\n \"dev\",\n \"prod\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var approle = new Vault.AuthBackend(\"approle\", new()\n {\n Type = \"approle\",\n });\n\n var example = new Vault.AppRole.AuthBackendRole(\"example\", new()\n {\n Backend = approle.Path,\n RoleName = \"test-role\",\n TokenPolicies = new[]\n {\n \"default\",\n \"dev\",\n \"prod\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/appRole\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tapprole, err := vault.NewAuthBackend(ctx, \"approle\", \u0026vault.AuthBackendArgs{\n\t\t\tType: pulumi.String(\"approle\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appRole.NewAuthBackendRole(ctx, \"example\", \u0026appRole.AuthBackendRoleArgs{\n\t\t\tBackend: approle.Path,\n\t\t\tRoleName: pulumi.String(\"test-role\"),\n\t\t\tTokenPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"default\"),\n\t\t\t\tpulumi.String(\"dev\"),\n\t\t\t\tpulumi.String(\"prod\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.appRole.AuthBackendRole;\nimport com.pulumi.vault.appRole.AuthBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var approle = new AuthBackend(\"approle\", AuthBackendArgs.builder() \n .type(\"approle\")\n .build());\n\n var example = new AuthBackendRole(\"example\", AuthBackendRoleArgs.builder() \n .backend(approle.path())\n .roleName(\"test-role\")\n .tokenPolicies( \n \"default\",\n \"dev\",\n \"prod\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n approle:\n type: vault:AuthBackend\n properties:\n type: approle\n example:\n type: vault:appRole:AuthBackendRole\n properties:\n backend: ${approle.path}\n roleName: test-role\n tokenPolicies:\n - default\n - dev\n - prod\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAppRole authentication backend roles can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:appRole/authBackendRole:AuthBackendRole example auth/approle/role/test-role\n```\n\n ", + "description": "Manages an AppRole auth backend role in a Vault server. See the [Vault\ndocumentation](https://www.vaultproject.io/docs/auth/approle) for more\ninformation.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst approle = new vault.AuthBackend(\"approle\", {type: \"approle\"});\nconst example = new vault.approle.AuthBackendRole(\"example\", {\n backend: approle.path,\n roleName: \"test-role\",\n tokenPolicies: [\n \"default\",\n \"dev\",\n \"prod\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\napprole = vault.AuthBackend(\"approle\", type=\"approle\")\nexample = vault.app_role.AuthBackendRole(\"example\",\n backend=approle.path,\n role_name=\"test-role\",\n token_policies=[\n \"default\",\n \"dev\",\n \"prod\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var approle = new Vault.AuthBackend(\"approle\", new()\n {\n Type = \"approle\",\n });\n\n var example = new Vault.AppRole.AuthBackendRole(\"example\", new()\n {\n Backend = approle.Path,\n RoleName = \"test-role\",\n TokenPolicies = new[]\n {\n \"default\",\n \"dev\",\n \"prod\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/appRole\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tapprole, err := vault.NewAuthBackend(ctx, \"approle\", \u0026vault.AuthBackendArgs{\n\t\t\tType: pulumi.String(\"approle\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appRole.NewAuthBackendRole(ctx, \"example\", \u0026appRole.AuthBackendRoleArgs{\n\t\t\tBackend: approle.Path,\n\t\t\tRoleName: pulumi.String(\"test-role\"),\n\t\t\tTokenPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"default\"),\n\t\t\t\tpulumi.String(\"dev\"),\n\t\t\t\tpulumi.String(\"prod\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.appRole.AuthBackendRole;\nimport com.pulumi.vault.appRole.AuthBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var approle = new AuthBackend(\"approle\", AuthBackendArgs.builder() \n .type(\"approle\")\n .build());\n\n var example = new AuthBackendRole(\"example\", AuthBackendRoleArgs.builder() \n .backend(approle.path())\n .roleName(\"test-role\")\n .tokenPolicies( \n \"default\",\n \"dev\",\n \"prod\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n approle:\n type: vault:AuthBackend\n properties:\n type: approle\n example:\n type: vault:appRole:AuthBackendRole\n properties:\n backend: ${approle.path}\n roleName: test-role\n tokenPolicies:\n - default\n - dev\n - prod\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAppRole authentication backend roles can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:appRole/authBackendRole:AuthBackendRole example auth/approle/role/test-role\n```\n ", "properties": { "backend": { "type": "string", @@ -8674,7 +5803,7 @@ } }, "vault:appRole/authBackendRoleSecretId:AuthBackendRoleSecretId": { - "description": "Manages an AppRole auth backend SecretID in a Vault server. See the [Vault\ndocumentation](https://www.vaultproject.io/docs/auth/approle) for more\ninformation.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst approle = new vault.AuthBackend(\"approle\", {type: \"approle\"});\nconst example = new vault.approle.AuthBackendRole(\"example\", {\n backend: approle.path,\n roleName: \"test-role\",\n tokenPolicies: [\n \"default\",\n \"dev\",\n \"prod\",\n ],\n});\nconst id = new vault.approle.AuthBackendRoleSecretId(\"id\", {\n backend: approle.path,\n roleName: example.roleName,\n metadata: JSON.stringify({\n hello: \"world\",\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_vault as vault\n\napprole = vault.AuthBackend(\"approle\", type=\"approle\")\nexample = vault.app_role.AuthBackendRole(\"example\",\n backend=approle.path,\n role_name=\"test-role\",\n token_policies=[\n \"default\",\n \"dev\",\n \"prod\",\n ])\nid = vault.app_role.AuthBackendRoleSecretId(\"id\",\n backend=approle.path,\n role_name=example.role_name,\n metadata=json.dumps({\n \"hello\": \"world\",\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Text.Json;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var approle = new Vault.AuthBackend(\"approle\", new()\n {\n Type = \"approle\",\n });\n\n var example = new Vault.AppRole.AuthBackendRole(\"example\", new()\n {\n Backend = approle.Path,\n RoleName = \"test-role\",\n TokenPolicies = new[]\n {\n \"default\",\n \"dev\",\n \"prod\",\n },\n });\n\n var id = new Vault.AppRole.AuthBackendRoleSecretId(\"id\", new()\n {\n Backend = approle.Path,\n RoleName = example.RoleName,\n Metadata = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"hello\"] = \"world\",\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/appRole\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tapprole, err := vault.NewAuthBackend(ctx, \"approle\", \u0026vault.AuthBackendArgs{\n\t\t\tType: pulumi.String(\"approle\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := appRole.NewAuthBackendRole(ctx, \"example\", \u0026appRole.AuthBackendRoleArgs{\n\t\t\tBackend: approle.Path,\n\t\t\tRoleName: pulumi.String(\"test-role\"),\n\t\t\tTokenPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"default\"),\n\t\t\t\tpulumi.String(\"dev\"),\n\t\t\t\tpulumi.String(\"prod\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"hello\": \"world\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = appRole.NewAuthBackendRoleSecretId(ctx, \"id\", \u0026appRole.AuthBackendRoleSecretIdArgs{\n\t\t\tBackend: approle.Path,\n\t\t\tRoleName: example.RoleName,\n\t\t\tMetadata: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.appRole.AuthBackendRole;\nimport com.pulumi.vault.appRole.AuthBackendRoleArgs;\nimport com.pulumi.vault.appRole.AuthBackendRoleSecretId;\nimport com.pulumi.vault.appRole.AuthBackendRoleSecretIdArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var approle = new AuthBackend(\"approle\", AuthBackendArgs.builder() \n .type(\"approle\")\n .build());\n\n var example = new AuthBackendRole(\"example\", AuthBackendRoleArgs.builder() \n .backend(approle.path())\n .roleName(\"test-role\")\n .tokenPolicies( \n \"default\",\n \"dev\",\n \"prod\")\n .build());\n\n var id = new AuthBackendRoleSecretId(\"id\", AuthBackendRoleSecretIdArgs.builder() \n .backend(approle.path())\n .roleName(example.roleName())\n .metadata(serializeJson(\n jsonObject(\n jsonProperty(\"hello\", \"world\")\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n approle:\n type: vault:AuthBackend\n properties:\n type: approle\n example:\n type: vault:appRole:AuthBackendRole\n properties:\n backend: ${approle.path}\n roleName: test-role\n tokenPolicies:\n - default\n - dev\n - prod\n id:\n type: vault:appRole:AuthBackendRoleSecretId\n properties:\n backend: ${approle.path}\n roleName: ${example.roleName}\n metadata:\n Fn::ToJSON:\n hello: world\n```\n{{% /example %}}\n{{% /examples %}}", + "description": "Manages an AppRole auth backend SecretID in a Vault server. See the [Vault\ndocumentation](https://www.vaultproject.io/docs/auth/approle) for more\ninformation.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst approle = new vault.AuthBackend(\"approle\", {type: \"approle\"});\nconst example = new vault.approle.AuthBackendRole(\"example\", {\n backend: approle.path,\n roleName: \"test-role\",\n tokenPolicies: [\n \"default\",\n \"dev\",\n \"prod\",\n ],\n});\nconst id = new vault.approle.AuthBackendRoleSecretId(\"id\", {\n backend: approle.path,\n roleName: example.roleName,\n metadata: JSON.stringify({\n hello: \"world\",\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_vault as vault\n\napprole = vault.AuthBackend(\"approle\", type=\"approle\")\nexample = vault.app_role.AuthBackendRole(\"example\",\n backend=approle.path,\n role_name=\"test-role\",\n token_policies=[\n \"default\",\n \"dev\",\n \"prod\",\n ])\nid = vault.app_role.AuthBackendRoleSecretId(\"id\",\n backend=approle.path,\n role_name=example.role_name,\n metadata=json.dumps({\n \"hello\": \"world\",\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var approle = new Vault.AuthBackend(\"approle\", new()\n {\n Type = \"approle\",\n });\n\n var example = new Vault.AppRole.AuthBackendRole(\"example\", new()\n {\n Backend = approle.Path,\n RoleName = \"test-role\",\n TokenPolicies = new[]\n {\n \"default\",\n \"dev\",\n \"prod\",\n },\n });\n\n var id = new Vault.AppRole.AuthBackendRoleSecretId(\"id\", new()\n {\n Backend = approle.Path,\n RoleName = example.RoleName,\n Metadata = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"hello\"] = \"world\",\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/appRole\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tapprole, err := vault.NewAuthBackend(ctx, \"approle\", \u0026vault.AuthBackendArgs{\n\t\t\tType: pulumi.String(\"approle\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := appRole.NewAuthBackendRole(ctx, \"example\", \u0026appRole.AuthBackendRoleArgs{\n\t\t\tBackend: approle.Path,\n\t\t\tRoleName: pulumi.String(\"test-role\"),\n\t\t\tTokenPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"default\"),\n\t\t\t\tpulumi.String(\"dev\"),\n\t\t\t\tpulumi.String(\"prod\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"hello\": \"world\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = appRole.NewAuthBackendRoleSecretId(ctx, \"id\", \u0026appRole.AuthBackendRoleSecretIdArgs{\n\t\t\tBackend: approle.Path,\n\t\t\tRoleName: example.RoleName,\n\t\t\tMetadata: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.appRole.AuthBackendRole;\nimport com.pulumi.vault.appRole.AuthBackendRoleArgs;\nimport com.pulumi.vault.appRole.AuthBackendRoleSecretId;\nimport com.pulumi.vault.appRole.AuthBackendRoleSecretIdArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var approle = new AuthBackend(\"approle\", AuthBackendArgs.builder() \n .type(\"approle\")\n .build());\n\n var example = new AuthBackendRole(\"example\", AuthBackendRoleArgs.builder() \n .backend(approle.path())\n .roleName(\"test-role\")\n .tokenPolicies( \n \"default\",\n \"dev\",\n \"prod\")\n .build());\n\n var id = new AuthBackendRoleSecretId(\"id\", AuthBackendRoleSecretIdArgs.builder() \n .backend(approle.path())\n .roleName(example.roleName())\n .metadata(serializeJson(\n jsonObject(\n jsonProperty(\"hello\", \"world\")\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n approle:\n type: vault:AuthBackend\n properties:\n type: approle\n example:\n type: vault:appRole:AuthBackendRole\n properties:\n backend: ${approle.path}\n roleName: test-role\n tokenPolicies:\n - default\n - dev\n - prod\n id:\n type: vault:appRole:AuthBackendRoleSecretId\n properties:\n backend: ${approle.path}\n roleName: ${example.roleName}\n metadata:\n fn::toJSON:\n hello: world\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "accessor": { "type": "string", @@ -8852,7 +5981,7 @@ ] }, "vault:aws/authBackendCert:AuthBackendCert": { - "description": "\n\n## Import\n\nAWS auth backend certificates can be imported using `auth/`, the `backend` path, `/config/certificate/`, and the `cert_name` e.g.\n\n```sh\n $ pulumi import vault:aws/authBackendCert:AuthBackendCert example auth/aws/config/certificate/my-cert\n```\n\n ", + "description": "\n\n## Import\n\nAWS auth backend certificates can be imported using `auth/`, the `backend` path, `/config/certificate/`, and the `cert_name` e.g.\n\n```sh\n $ pulumi import vault:aws/authBackendCert:AuthBackendCert example auth/aws/config/certificate/my-cert\n```\n ", "properties": { "awsPublicCert": { "type": "string", @@ -8943,7 +6072,7 @@ } }, "vault:aws/authBackendClient:AuthBackendClient": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst exampleAuthBackend = new vault.AuthBackend(\"exampleAuthBackend\", {type: \"aws\"});\nconst exampleAuthBackendClient = new vault.aws.AuthBackendClient(\"exampleAuthBackendClient\", {\n backend: exampleAuthBackend.path,\n accessKey: \"INSERT_AWS_ACCESS_KEY\",\n secretKey: \"INSERT_AWS_SECRET_KEY\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample_auth_backend = vault.AuthBackend(\"exampleAuthBackend\", type=\"aws\")\nexample_auth_backend_client = vault.aws.AuthBackendClient(\"exampleAuthBackendClient\",\n backend=example_auth_backend.path,\n access_key=\"INSERT_AWS_ACCESS_KEY\",\n secret_key=\"INSERT_AWS_SECRET_KEY\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleAuthBackend = new Vault.AuthBackend(\"exampleAuthBackend\", new()\n {\n Type = \"aws\",\n });\n\n var exampleAuthBackendClient = new Vault.Aws.AuthBackendClient(\"exampleAuthBackendClient\", new()\n {\n Backend = exampleAuthBackend.Path,\n AccessKey = \"INSERT_AWS_ACCESS_KEY\",\n SecretKey = \"INSERT_AWS_SECRET_KEY\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleAuthBackend, err := vault.NewAuthBackend(ctx, \"exampleAuthBackend\", \u0026vault.AuthBackendArgs{\n\t\t\tType: pulumi.String(\"aws\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = aws.NewAuthBackendClient(ctx, \"exampleAuthBackendClient\", \u0026aws.AuthBackendClientArgs{\n\t\t\tBackend: exampleAuthBackend.Path,\n\t\t\tAccessKey: pulumi.String(\"INSERT_AWS_ACCESS_KEY\"),\n\t\t\tSecretKey: pulumi.String(\"INSERT_AWS_SECRET_KEY\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.aws.AuthBackendClient;\nimport com.pulumi.vault.aws.AuthBackendClientArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleAuthBackend = new AuthBackend(\"exampleAuthBackend\", AuthBackendArgs.builder() \n .type(\"aws\")\n .build());\n\n var exampleAuthBackendClient = new AuthBackendClient(\"exampleAuthBackendClient\", AuthBackendClientArgs.builder() \n .backend(exampleAuthBackend.path())\n .accessKey(\"INSERT_AWS_ACCESS_KEY\")\n .secretKey(\"INSERT_AWS_SECRET_KEY\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleAuthBackend:\n type: vault:AuthBackend\n properties:\n type: aws\n exampleAuthBackendClient:\n type: vault:aws:AuthBackendClient\n properties:\n backend: ${exampleAuthBackend.path}\n accessKey: INSERT_AWS_ACCESS_KEY\n secretKey: INSERT_AWS_SECRET_KEY\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAWS auth backend clients can be imported using `auth/`, the `backend` path, and `/config/client` e.g.\n\n```sh\n $ pulumi import vault:aws/authBackendClient:AuthBackendClient example auth/aws/config/client\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst exampleAuthBackend = new vault.AuthBackend(\"exampleAuthBackend\", {type: \"aws\"});\nconst exampleAuthBackendClient = new vault.aws.AuthBackendClient(\"exampleAuthBackendClient\", {\n backend: exampleAuthBackend.path,\n accessKey: \"INSERT_AWS_ACCESS_KEY\",\n secretKey: \"INSERT_AWS_SECRET_KEY\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample_auth_backend = vault.AuthBackend(\"exampleAuthBackend\", type=\"aws\")\nexample_auth_backend_client = vault.aws.AuthBackendClient(\"exampleAuthBackendClient\",\n backend=example_auth_backend.path,\n access_key=\"INSERT_AWS_ACCESS_KEY\",\n secret_key=\"INSERT_AWS_SECRET_KEY\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleAuthBackend = new Vault.AuthBackend(\"exampleAuthBackend\", new()\n {\n Type = \"aws\",\n });\n\n var exampleAuthBackendClient = new Vault.Aws.AuthBackendClient(\"exampleAuthBackendClient\", new()\n {\n Backend = exampleAuthBackend.Path,\n AccessKey = \"INSERT_AWS_ACCESS_KEY\",\n SecretKey = \"INSERT_AWS_SECRET_KEY\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleAuthBackend, err := vault.NewAuthBackend(ctx, \"exampleAuthBackend\", \u0026vault.AuthBackendArgs{\n\t\t\tType: pulumi.String(\"aws\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = aws.NewAuthBackendClient(ctx, \"exampleAuthBackendClient\", \u0026aws.AuthBackendClientArgs{\n\t\t\tBackend: exampleAuthBackend.Path,\n\t\t\tAccessKey: pulumi.String(\"INSERT_AWS_ACCESS_KEY\"),\n\t\t\tSecretKey: pulumi.String(\"INSERT_AWS_SECRET_KEY\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.aws.AuthBackendClient;\nimport com.pulumi.vault.aws.AuthBackendClientArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleAuthBackend = new AuthBackend(\"exampleAuthBackend\", AuthBackendArgs.builder() \n .type(\"aws\")\n .build());\n\n var exampleAuthBackendClient = new AuthBackendClient(\"exampleAuthBackendClient\", AuthBackendClientArgs.builder() \n .backend(exampleAuthBackend.path())\n .accessKey(\"INSERT_AWS_ACCESS_KEY\")\n .secretKey(\"INSERT_AWS_SECRET_KEY\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleAuthBackend:\n type: vault:AuthBackend\n properties:\n type: aws\n exampleAuthBackendClient:\n type: vault:aws:AuthBackendClient\n properties:\n backend: ${exampleAuthBackend.path}\n accessKey: INSERT_AWS_ACCESS_KEY\n secretKey: INSERT_AWS_SECRET_KEY\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAWS auth backend clients can be imported using `auth/`, the `backend` path, and `/config/client` e.g.\n\n```sh\n $ pulumi import vault:aws/authBackendClient:AuthBackendClient example auth/aws/config/client\n```\n ", "properties": { "accessKey": { "type": "string", @@ -9089,7 +6218,7 @@ } }, "vault:aws/authBackendConfigIdentity:AuthBackendConfigIdentity": { - "description": "Manages an AWS auth backend identity configuration in a Vault server. This configuration defines how Vault interacts\nwith the identity store. See the [Vault documentation](https://www.vaultproject.io/docs/auth/aws.html) for more\ninformation.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst aws = new vault.AuthBackend(\"aws\", {type: \"aws\"});\nconst example = new vault.aws.AuthBackendConfigIdentity(\"example\", {\n backend: aws.path,\n iamAlias: \"full_arn\",\n iamMetadatas: [\n \"canonical_arn\",\n \"account_id\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\naws = vault.AuthBackend(\"aws\", type=\"aws\")\nexample = vault.aws.AuthBackendConfigIdentity(\"example\",\n backend=aws.path,\n iam_alias=\"full_arn\",\n iam_metadatas=[\n \"canonical_arn\",\n \"account_id\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var aws = new Vault.AuthBackend(\"aws\", new()\n {\n Type = \"aws\",\n });\n\n var example = new Vault.Aws.AuthBackendConfigIdentity(\"example\", new()\n {\n Backend = aws.Path,\n IamAlias = \"full_arn\",\n IamMetadatas = new[]\n {\n \"canonical_arn\",\n \"account_id\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\taws, err := vault.NewAuthBackend(ctx, \"aws\", \u0026vault.AuthBackendArgs{\n\t\t\tType: pulumi.String(\"aws\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = aws.NewAuthBackendConfigIdentity(ctx, \"example\", \u0026aws.AuthBackendConfigIdentityArgs{\n\t\t\tBackend: aws.Path,\n\t\t\tIamAlias: pulumi.String(\"full_arn\"),\n\t\t\tIamMetadatas: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"canonical_arn\"),\n\t\t\t\tpulumi.String(\"account_id\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.aws.AuthBackendConfigIdentity;\nimport com.pulumi.vault.aws.AuthBackendConfigIdentityArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var aws = new AuthBackend(\"aws\", AuthBackendArgs.builder() \n .type(\"aws\")\n .build());\n\n var example = new AuthBackendConfigIdentity(\"example\", AuthBackendConfigIdentityArgs.builder() \n .backend(aws.path())\n .iamAlias(\"full_arn\")\n .iamMetadatas( \n \"canonical_arn\",\n \"account_id\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n aws:\n type: vault:AuthBackend\n properties:\n type: aws\n example:\n type: vault:aws:AuthBackendConfigIdentity\n properties:\n backend: ${aws.path}\n iamAlias: full_arn\n iamMetadatas:\n - canonical_arn\n - account_id\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAWS auth backend identity config can be imported using `auth/`, the `backend` path, and `/config/identity` e.g.\n\n```sh\n $ pulumi import vault:aws/authBackendConfigIdentity:AuthBackendConfigIdentity example auth/aws/config/identity\n```\n\n ", + "description": "Manages an AWS auth backend identity configuration in a Vault server. This configuration defines how Vault interacts\nwith the identity store. See the [Vault documentation](https://www.vaultproject.io/docs/auth/aws.html) for more\ninformation.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst aws = new vault.AuthBackend(\"aws\", {type: \"aws\"});\nconst example = new vault.aws.AuthBackendConfigIdentity(\"example\", {\n backend: aws.path,\n iamAlias: \"full_arn\",\n iamMetadatas: [\n \"canonical_arn\",\n \"account_id\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\naws = vault.AuthBackend(\"aws\", type=\"aws\")\nexample = vault.aws.AuthBackendConfigIdentity(\"example\",\n backend=aws.path,\n iam_alias=\"full_arn\",\n iam_metadatas=[\n \"canonical_arn\",\n \"account_id\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var aws = new Vault.AuthBackend(\"aws\", new()\n {\n Type = \"aws\",\n });\n\n var example = new Vault.Aws.AuthBackendConfigIdentity(\"example\", new()\n {\n Backend = aws.Path,\n IamAlias = \"full_arn\",\n IamMetadatas = new[]\n {\n \"canonical_arn\",\n \"account_id\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\taws, err := vault.NewAuthBackend(ctx, \"aws\", \u0026vault.AuthBackendArgs{\n\t\t\tType: pulumi.String(\"aws\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = aws.NewAuthBackendConfigIdentity(ctx, \"example\", \u0026aws.AuthBackendConfigIdentityArgs{\n\t\t\tBackend: aws.Path,\n\t\t\tIamAlias: pulumi.String(\"full_arn\"),\n\t\t\tIamMetadatas: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"canonical_arn\"),\n\t\t\t\tpulumi.String(\"account_id\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.aws.AuthBackendConfigIdentity;\nimport com.pulumi.vault.aws.AuthBackendConfigIdentityArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var aws = new AuthBackend(\"aws\", AuthBackendArgs.builder() \n .type(\"aws\")\n .build());\n\n var example = new AuthBackendConfigIdentity(\"example\", AuthBackendConfigIdentityArgs.builder() \n .backend(aws.path())\n .iamAlias(\"full_arn\")\n .iamMetadatas( \n \"canonical_arn\",\n \"account_id\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n aws:\n type: vault:AuthBackend\n properties:\n type: aws\n example:\n type: vault:aws:AuthBackendConfigIdentity\n properties:\n backend: ${aws.path}\n iamAlias: full_arn\n iamMetadatas:\n - canonical_arn\n - account_id\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAWS auth backend identity config can be imported using `auth/`, the `backend` path, and `/config/identity` e.g.\n\n```sh\n $ pulumi import vault:aws/authBackendConfigIdentity:AuthBackendConfigIdentity example auth/aws/config/identity\n```\n ", "properties": { "backend": { "type": "string", @@ -9196,7 +6325,7 @@ } }, "vault:aws/authBackendIdentityWhitelist:AuthBackendIdentityWhitelist": { - "description": "Configures the periodic tidying operation of the whitelisted identity entries.\n\nFor more information, see the\n[Vault docs](https://www.vaultproject.io/api-docs/auth/aws#configure-identity-whitelist-tidy-operation).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst exampleAuthBackend = new vault.AuthBackend(\"exampleAuthBackend\", {type: \"aws\"});\nconst exampleAuthBackendIdentityWhitelist = new vault.aws.AuthBackendIdentityWhitelist(\"exampleAuthBackendIdentityWhitelist\", {\n backend: exampleAuthBackend.path,\n safetyBuffer: 3600,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample_auth_backend = vault.AuthBackend(\"exampleAuthBackend\", type=\"aws\")\nexample_auth_backend_identity_whitelist = vault.aws.AuthBackendIdentityWhitelist(\"exampleAuthBackendIdentityWhitelist\",\n backend=example_auth_backend.path,\n safety_buffer=3600)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleAuthBackend = new Vault.AuthBackend(\"exampleAuthBackend\", new()\n {\n Type = \"aws\",\n });\n\n var exampleAuthBackendIdentityWhitelist = new Vault.Aws.AuthBackendIdentityWhitelist(\"exampleAuthBackendIdentityWhitelist\", new()\n {\n Backend = exampleAuthBackend.Path,\n SafetyBuffer = 3600,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleAuthBackend, err := vault.NewAuthBackend(ctx, \"exampleAuthBackend\", \u0026vault.AuthBackendArgs{\n\t\t\tType: pulumi.String(\"aws\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = aws.NewAuthBackendIdentityWhitelist(ctx, \"exampleAuthBackendIdentityWhitelist\", \u0026aws.AuthBackendIdentityWhitelistArgs{\n\t\t\tBackend: exampleAuthBackend.Path,\n\t\t\tSafetyBuffer: pulumi.Int(3600),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.aws.AuthBackendIdentityWhitelist;\nimport com.pulumi.vault.aws.AuthBackendIdentityWhitelistArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleAuthBackend = new AuthBackend(\"exampleAuthBackend\", AuthBackendArgs.builder() \n .type(\"aws\")\n .build());\n\n var exampleAuthBackendIdentityWhitelist = new AuthBackendIdentityWhitelist(\"exampleAuthBackendIdentityWhitelist\", AuthBackendIdentityWhitelistArgs.builder() \n .backend(exampleAuthBackend.path())\n .safetyBuffer(3600)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleAuthBackend:\n type: vault:AuthBackend\n properties:\n type: aws\n exampleAuthBackendIdentityWhitelist:\n type: vault:aws:AuthBackendIdentityWhitelist\n properties:\n backend: ${exampleAuthBackend.path}\n safetyBuffer: 3600\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAWS auth backend identity whitelists can be imported using `auth/`, the `backend` path, and `/config/tidy/identity-whitelist` e.g.\n\n```sh\n $ pulumi import vault:aws/authBackendIdentityWhitelist:AuthBackendIdentityWhitelist example auth/aws/config/tidy/identity-whitelist\n```\n\n ", + "description": "Configures the periodic tidying operation of the whitelisted identity entries.\n\nFor more information, see the\n[Vault docs](https://www.vaultproject.io/api-docs/auth/aws#configure-identity-whitelist-tidy-operation).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst exampleAuthBackend = new vault.AuthBackend(\"exampleAuthBackend\", {type: \"aws\"});\nconst exampleAuthBackendIdentityWhitelist = new vault.aws.AuthBackendIdentityWhitelist(\"exampleAuthBackendIdentityWhitelist\", {\n backend: exampleAuthBackend.path,\n safetyBuffer: 3600,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample_auth_backend = vault.AuthBackend(\"exampleAuthBackend\", type=\"aws\")\nexample_auth_backend_identity_whitelist = vault.aws.AuthBackendIdentityWhitelist(\"exampleAuthBackendIdentityWhitelist\",\n backend=example_auth_backend.path,\n safety_buffer=3600)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleAuthBackend = new Vault.AuthBackend(\"exampleAuthBackend\", new()\n {\n Type = \"aws\",\n });\n\n var exampleAuthBackendIdentityWhitelist = new Vault.Aws.AuthBackendIdentityWhitelist(\"exampleAuthBackendIdentityWhitelist\", new()\n {\n Backend = exampleAuthBackend.Path,\n SafetyBuffer = 3600,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleAuthBackend, err := vault.NewAuthBackend(ctx, \"exampleAuthBackend\", \u0026vault.AuthBackendArgs{\n\t\t\tType: pulumi.String(\"aws\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = aws.NewAuthBackendIdentityWhitelist(ctx, \"exampleAuthBackendIdentityWhitelist\", \u0026aws.AuthBackendIdentityWhitelistArgs{\n\t\t\tBackend: exampleAuthBackend.Path,\n\t\t\tSafetyBuffer: pulumi.Int(3600),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.aws.AuthBackendIdentityWhitelist;\nimport com.pulumi.vault.aws.AuthBackendIdentityWhitelistArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleAuthBackend = new AuthBackend(\"exampleAuthBackend\", AuthBackendArgs.builder() \n .type(\"aws\")\n .build());\n\n var exampleAuthBackendIdentityWhitelist = new AuthBackendIdentityWhitelist(\"exampleAuthBackendIdentityWhitelist\", AuthBackendIdentityWhitelistArgs.builder() \n .backend(exampleAuthBackend.path())\n .safetyBuffer(3600)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleAuthBackend:\n type: vault:AuthBackend\n properties:\n type: aws\n exampleAuthBackendIdentityWhitelist:\n type: vault:aws:AuthBackendIdentityWhitelist\n properties:\n backend: ${exampleAuthBackend.path}\n safetyBuffer: 3600\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAWS auth backend identity whitelists can be imported using `auth/`, the `backend` path, and `/config/tidy/identity-whitelist` e.g.\n\n```sh\n $ pulumi import vault:aws/authBackendIdentityWhitelist:AuthBackendIdentityWhitelist example auth/aws/config/tidy/identity-whitelist\n```\n ", "properties": { "backend": { "type": "string", @@ -9261,7 +6390,7 @@ } }, "vault:aws/authBackendLogin:AuthBackendLogin": { - "description": "Logs into a Vault server using an AWS auth backend. Login can be\naccomplished using a signed identity request from IAM or using ec2\ninstance metadata. For more information, see the [Vault\ndocumentation](https://www.vaultproject.io/docs/auth/aws.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.aws.AuthBackendClient;\nimport com.pulumi.vault.aws.AuthBackendClientArgs;\nimport com.pulumi.vault.aws.AuthBackendRole;\nimport com.pulumi.vault.aws.AuthBackendRoleArgs;\nimport com.pulumi.vault.aws.AuthBackendLogin;\nimport com.pulumi.vault.aws.AuthBackendLoginArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var aws = new AuthBackend(\"aws\", AuthBackendArgs.builder() \n .type(\"aws\")\n .path(\"aws\")\n .build());\n\n var exampleAuthBackendClient = new AuthBackendClient(\"exampleAuthBackendClient\", AuthBackendClientArgs.builder() \n .backend(aws.path())\n .accessKey(\"123456789012\")\n .secretKey(\"AWSSECRETKEYGOESHERE\")\n .build());\n\n var exampleAuthBackendRole = new AuthBackendRole(\"exampleAuthBackendRole\", AuthBackendRoleArgs.builder() \n .backend(aws.path())\n .role(\"test-role\")\n .authType(\"ec2\")\n .boundAmiId(\"ami-8c1be5f6\")\n .boundAccountId(\"123456789012\")\n .boundVpcId(\"vpc-b61106d4\")\n .boundSubnetId(\"vpc-133128f1\")\n .boundIamInstanceProfileArns(\"arn:aws:iam::123456789012:instance-profile/MyProfile\")\n .ttl(60)\n .maxTtl(120)\n .tokenPolicies( \n \"default\",\n \"dev\",\n \"prod\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(\"vault_aws_auth_backend_client.example\")\n .build());\n\n var exampleAuthBackendLogin = new AuthBackendLogin(\"exampleAuthBackendLogin\", AuthBackendLoginArgs.builder() \n .backend(vault_auth_backend.example().path())\n .role(exampleAuthBackendRole.role())\n .identity(\"BASE64ENCODEDIDENTITYDOCUMENT\")\n .signature(\"BASE64ENCODEDSHA256IDENTITYDOCUMENTSIGNATURE\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n aws:\n type: vault:AuthBackend\n properties:\n type: aws\n path: aws\n exampleAuthBackendClient:\n type: vault:aws:AuthBackendClient\n properties:\n backend: ${aws.path}\n accessKey: 123456789012\n secretKey: AWSSECRETKEYGOESHERE\n exampleAuthBackendRole:\n type: vault:aws:AuthBackendRole\n properties:\n backend: ${aws.path}\n role: test-role\n authType: ec2\n boundAmiId: ami-8c1be5f6\n boundAccountId: 123456789012\n boundVpcId: vpc-b61106d4\n boundSubnetId: vpc-133128f1\n boundIamInstanceProfileArns:\n - arn:aws:iam::123456789012:instance-profile/MyProfile\n ttl: 60\n maxTtl: 120\n tokenPolicies:\n - default\n - dev\n - prod\n options:\n dependson:\n - vault_aws_auth_backend_client.example\n exampleAuthBackendLogin:\n type: vault:aws:AuthBackendLogin\n properties:\n backend: ${vault_auth_backend.example.path}\n role: ${exampleAuthBackendRole.role}\n identity: BASE64ENCODEDIDENTITYDOCUMENT\n signature: BASE64ENCODEDSHA256IDENTITYDOCUMENTSIGNATURE\n```\n{{% /example %}}\n{{% /examples %}}", + "description": "Logs into a Vault server using an AWS auth backend. Login can be\naccomplished using a signed identity request from IAM or using ec2\ninstance metadata. For more information, see the [Vault\ndocumentation](https://www.vaultproject.io/docs/auth/aws.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.aws.AuthBackendClient;\nimport com.pulumi.vault.aws.AuthBackendClientArgs;\nimport com.pulumi.vault.aws.AuthBackendRole;\nimport com.pulumi.vault.aws.AuthBackendRoleArgs;\nimport com.pulumi.vault.aws.AuthBackendLogin;\nimport com.pulumi.vault.aws.AuthBackendLoginArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var aws = new AuthBackend(\"aws\", AuthBackendArgs.builder() \n .type(\"aws\")\n .path(\"aws\")\n .build());\n\n var exampleAuthBackendClient = new AuthBackendClient(\"exampleAuthBackendClient\", AuthBackendClientArgs.builder() \n .backend(aws.path())\n .accessKey(\"123456789012\")\n .secretKey(\"AWSSECRETKEYGOESHERE\")\n .build());\n\n var exampleAuthBackendRole = new AuthBackendRole(\"exampleAuthBackendRole\", AuthBackendRoleArgs.builder() \n .backend(aws.path())\n .role(\"test-role\")\n .authType(\"ec2\")\n .boundAmiId(\"ami-8c1be5f6\")\n .boundAccountId(\"123456789012\")\n .boundVpcId(\"vpc-b61106d4\")\n .boundSubnetId(\"vpc-133128f1\")\n .boundIamInstanceProfileArns(\"arn:aws:iam::123456789012:instance-profile/MyProfile\")\n .ttl(60)\n .maxTtl(120)\n .tokenPolicies( \n \"default\",\n \"dev\",\n \"prod\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(\"vault_aws_auth_backend_client.example\")\n .build());\n\n var exampleAuthBackendLogin = new AuthBackendLogin(\"exampleAuthBackendLogin\", AuthBackendLoginArgs.builder() \n .backend(vault_auth_backend.example().path())\n .role(exampleAuthBackendRole.role())\n .identity(\"BASE64ENCODEDIDENTITYDOCUMENT\")\n .signature(\"BASE64ENCODEDSHA256IDENTITYDOCUMENTSIGNATURE\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n aws:\n type: vault:AuthBackend\n properties:\n type: aws\n path: aws\n exampleAuthBackendClient:\n type: vault:aws:AuthBackendClient\n properties:\n backend: ${aws.path}\n accessKey: '123456789012'\n secretKey: AWSSECRETKEYGOESHERE\n exampleAuthBackendRole:\n type: vault:aws:AuthBackendRole\n properties:\n backend: ${aws.path}\n role: test-role\n authType: ec2\n boundAmiId: ami-8c1be5f6\n boundAccountId: '123456789012'\n boundVpcId: vpc-b61106d4\n boundSubnetId: vpc-133128f1\n boundIamInstanceProfileArns:\n - arn:aws:iam::123456789012:instance-profile/MyProfile\n ttl: 60\n maxTtl: 120\n tokenPolicies:\n - default\n - dev\n - prod\n options:\n dependson:\n - vault_aws_auth_backend_client.example\n exampleAuthBackendLogin:\n type: vault:aws:AuthBackendLogin\n properties:\n backend: ${vault_auth_backend.example.path}\n role: ${exampleAuthBackendRole.role}\n identity: BASE64ENCODEDIDENTITYDOCUMENT\n signature: BASE64ENCODEDSHA256IDENTITYDOCUMENTSIGNATURE\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "accessor": { "type": "string", @@ -9518,7 +6647,7 @@ } }, "vault:aws/authBackendRole:AuthBackendRole": { - "description": "Manages an AWS auth backend role in a Vault server. Roles constrain the\ninstances or principals that can perform the login operation against the\nbackend. See the [Vault\ndocumentation](https://www.vaultproject.io/docs/auth/aws.html) for more\ninformation.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst aws = new vault.AuthBackend(\"aws\", {type: \"aws\"});\nconst example = new vault.aws.AuthBackendRole(\"example\", {\n backend: aws.path,\n role: \"test-role\",\n authType: \"iam\",\n boundAmiIds: [\"ami-8c1be5f6\"],\n boundAccountIds: [\"123456789012\"],\n boundVpcIds: [\"vpc-b61106d4\"],\n boundSubnetIds: [\"vpc-133128f1\"],\n boundIamRoleArns: [\"arn:aws:iam::123456789012:role/MyRole\"],\n boundIamInstanceProfileArns: [\"arn:aws:iam::123456789012:instance-profile/MyProfile\"],\n inferredEntityType: \"ec2_instance\",\n inferredAwsRegion: \"us-east-1\",\n tokenTtl: 60,\n tokenMaxTtl: 120,\n tokenPolicies: [\n \"default\",\n \"dev\",\n \"prod\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\naws = vault.AuthBackend(\"aws\", type=\"aws\")\nexample = vault.aws.AuthBackendRole(\"example\",\n backend=aws.path,\n role=\"test-role\",\n auth_type=\"iam\",\n bound_ami_ids=[\"ami-8c1be5f6\"],\n bound_account_ids=[\"123456789012\"],\n bound_vpc_ids=[\"vpc-b61106d4\"],\n bound_subnet_ids=[\"vpc-133128f1\"],\n bound_iam_role_arns=[\"arn:aws:iam::123456789012:role/MyRole\"],\n bound_iam_instance_profile_arns=[\"arn:aws:iam::123456789012:instance-profile/MyProfile\"],\n inferred_entity_type=\"ec2_instance\",\n inferred_aws_region=\"us-east-1\",\n token_ttl=60,\n token_max_ttl=120,\n token_policies=[\n \"default\",\n \"dev\",\n \"prod\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var aws = new Vault.AuthBackend(\"aws\", new()\n {\n Type = \"aws\",\n });\n\n var example = new Vault.Aws.AuthBackendRole(\"example\", new()\n {\n Backend = aws.Path,\n Role = \"test-role\",\n AuthType = \"iam\",\n BoundAmiIds = new[]\n {\n \"ami-8c1be5f6\",\n },\n BoundAccountIds = new[]\n {\n \"123456789012\",\n },\n BoundVpcIds = new[]\n {\n \"vpc-b61106d4\",\n },\n BoundSubnetIds = new[]\n {\n \"vpc-133128f1\",\n },\n BoundIamRoleArns = new[]\n {\n \"arn:aws:iam::123456789012:role/MyRole\",\n },\n BoundIamInstanceProfileArns = new[]\n {\n \"arn:aws:iam::123456789012:instance-profile/MyProfile\",\n },\n InferredEntityType = \"ec2_instance\",\n InferredAwsRegion = \"us-east-1\",\n TokenTtl = 60,\n TokenMaxTtl = 120,\n TokenPolicies = new[]\n {\n \"default\",\n \"dev\",\n \"prod\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\taws, err := vault.NewAuthBackend(ctx, \"aws\", \u0026vault.AuthBackendArgs{\n\t\t\tType: pulumi.String(\"aws\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = aws.NewAuthBackendRole(ctx, \"example\", \u0026aws.AuthBackendRoleArgs{\n\t\t\tBackend: aws.Path,\n\t\t\tRole: pulumi.String(\"test-role\"),\n\t\t\tAuthType: pulumi.String(\"iam\"),\n\t\t\tBoundAmiIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"ami-8c1be5f6\"),\n\t\t\t},\n\t\t\tBoundAccountIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"123456789012\"),\n\t\t\t},\n\t\t\tBoundVpcIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"vpc-b61106d4\"),\n\t\t\t},\n\t\t\tBoundSubnetIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"vpc-133128f1\"),\n\t\t\t},\n\t\t\tBoundIamRoleArns: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"arn:aws:iam::123456789012:role/MyRole\"),\n\t\t\t},\n\t\t\tBoundIamInstanceProfileArns: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"arn:aws:iam::123456789012:instance-profile/MyProfile\"),\n\t\t\t},\n\t\t\tInferredEntityType: pulumi.String(\"ec2_instance\"),\n\t\t\tInferredAwsRegion: pulumi.String(\"us-east-1\"),\n\t\t\tTokenTtl: pulumi.Int(60),\n\t\t\tTokenMaxTtl: pulumi.Int(120),\n\t\t\tTokenPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"default\"),\n\t\t\t\tpulumi.String(\"dev\"),\n\t\t\t\tpulumi.String(\"prod\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.aws.AuthBackendRole;\nimport com.pulumi.vault.aws.AuthBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var aws = new AuthBackend(\"aws\", AuthBackendArgs.builder() \n .type(\"aws\")\n .build());\n\n var example = new AuthBackendRole(\"example\", AuthBackendRoleArgs.builder() \n .backend(aws.path())\n .role(\"test-role\")\n .authType(\"iam\")\n .boundAmiIds(\"ami-8c1be5f6\")\n .boundAccountIds(\"123456789012\")\n .boundVpcIds(\"vpc-b61106d4\")\n .boundSubnetIds(\"vpc-133128f1\")\n .boundIamRoleArns(\"arn:aws:iam::123456789012:role/MyRole\")\n .boundIamInstanceProfileArns(\"arn:aws:iam::123456789012:instance-profile/MyProfile\")\n .inferredEntityType(\"ec2_instance\")\n .inferredAwsRegion(\"us-east-1\")\n .tokenTtl(60)\n .tokenMaxTtl(120)\n .tokenPolicies( \n \"default\",\n \"dev\",\n \"prod\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n aws:\n type: vault:AuthBackend\n properties:\n type: aws\n example:\n type: vault:aws:AuthBackendRole\n properties:\n backend: ${aws.path}\n role: test-role\n authType: iam\n boundAmiIds:\n - ami-8c1be5f6\n boundAccountIds:\n - 123456789012\n boundVpcIds:\n - vpc-b61106d4\n boundSubnetIds:\n - vpc-133128f1\n boundIamRoleArns:\n - arn:aws:iam::123456789012:role/MyRole\n boundIamInstanceProfileArns:\n - arn:aws:iam::123456789012:instance-profile/MyProfile\n inferredEntityType: ec2_instance\n inferredAwsRegion: us-east-1\n tokenTtl: 60\n tokenMaxTtl: 120\n tokenPolicies:\n - default\n - dev\n - prod\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAWS auth backend roles can be imported using `auth/`, the `backend` path, `/role/`, and the `role` name e.g.\n\n```sh\n $ pulumi import vault:aws/authBackendRole:AuthBackendRole example auth/aws/role/test-role\n```\n\n ", + "description": "Manages an AWS auth backend role in a Vault server. Roles constrain the\ninstances or principals that can perform the login operation against the\nbackend. See the [Vault\ndocumentation](https://www.vaultproject.io/docs/auth/aws.html) for more\ninformation.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst aws = new vault.AuthBackend(\"aws\", {type: \"aws\"});\nconst example = new vault.aws.AuthBackendRole(\"example\", {\n backend: aws.path,\n role: \"test-role\",\n authType: \"iam\",\n boundAmiIds: [\"ami-8c1be5f6\"],\n boundAccountIds: [\"123456789012\"],\n boundVpcIds: [\"vpc-b61106d4\"],\n boundSubnetIds: [\"vpc-133128f1\"],\n boundIamRoleArns: [\"arn:aws:iam::123456789012:role/MyRole\"],\n boundIamInstanceProfileArns: [\"arn:aws:iam::123456789012:instance-profile/MyProfile\"],\n inferredEntityType: \"ec2_instance\",\n inferredAwsRegion: \"us-east-1\",\n tokenTtl: 60,\n tokenMaxTtl: 120,\n tokenPolicies: [\n \"default\",\n \"dev\",\n \"prod\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\naws = vault.AuthBackend(\"aws\", type=\"aws\")\nexample = vault.aws.AuthBackendRole(\"example\",\n backend=aws.path,\n role=\"test-role\",\n auth_type=\"iam\",\n bound_ami_ids=[\"ami-8c1be5f6\"],\n bound_account_ids=[\"123456789012\"],\n bound_vpc_ids=[\"vpc-b61106d4\"],\n bound_subnet_ids=[\"vpc-133128f1\"],\n bound_iam_role_arns=[\"arn:aws:iam::123456789012:role/MyRole\"],\n bound_iam_instance_profile_arns=[\"arn:aws:iam::123456789012:instance-profile/MyProfile\"],\n inferred_entity_type=\"ec2_instance\",\n inferred_aws_region=\"us-east-1\",\n token_ttl=60,\n token_max_ttl=120,\n token_policies=[\n \"default\",\n \"dev\",\n \"prod\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var aws = new Vault.AuthBackend(\"aws\", new()\n {\n Type = \"aws\",\n });\n\n var example = new Vault.Aws.AuthBackendRole(\"example\", new()\n {\n Backend = aws.Path,\n Role = \"test-role\",\n AuthType = \"iam\",\n BoundAmiIds = new[]\n {\n \"ami-8c1be5f6\",\n },\n BoundAccountIds = new[]\n {\n \"123456789012\",\n },\n BoundVpcIds = new[]\n {\n \"vpc-b61106d4\",\n },\n BoundSubnetIds = new[]\n {\n \"vpc-133128f1\",\n },\n BoundIamRoleArns = new[]\n {\n \"arn:aws:iam::123456789012:role/MyRole\",\n },\n BoundIamInstanceProfileArns = new[]\n {\n \"arn:aws:iam::123456789012:instance-profile/MyProfile\",\n },\n InferredEntityType = \"ec2_instance\",\n InferredAwsRegion = \"us-east-1\",\n TokenTtl = 60,\n TokenMaxTtl = 120,\n TokenPolicies = new[]\n {\n \"default\",\n \"dev\",\n \"prod\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\taws, err := vault.NewAuthBackend(ctx, \"aws\", \u0026vault.AuthBackendArgs{\n\t\t\tType: pulumi.String(\"aws\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = aws.NewAuthBackendRole(ctx, \"example\", \u0026aws.AuthBackendRoleArgs{\n\t\t\tBackend: aws.Path,\n\t\t\tRole: pulumi.String(\"test-role\"),\n\t\t\tAuthType: pulumi.String(\"iam\"),\n\t\t\tBoundAmiIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"ami-8c1be5f6\"),\n\t\t\t},\n\t\t\tBoundAccountIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"123456789012\"),\n\t\t\t},\n\t\t\tBoundVpcIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"vpc-b61106d4\"),\n\t\t\t},\n\t\t\tBoundSubnetIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"vpc-133128f1\"),\n\t\t\t},\n\t\t\tBoundIamRoleArns: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"arn:aws:iam::123456789012:role/MyRole\"),\n\t\t\t},\n\t\t\tBoundIamInstanceProfileArns: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"arn:aws:iam::123456789012:instance-profile/MyProfile\"),\n\t\t\t},\n\t\t\tInferredEntityType: pulumi.String(\"ec2_instance\"),\n\t\t\tInferredAwsRegion: pulumi.String(\"us-east-1\"),\n\t\t\tTokenTtl: pulumi.Int(60),\n\t\t\tTokenMaxTtl: pulumi.Int(120),\n\t\t\tTokenPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"default\"),\n\t\t\t\tpulumi.String(\"dev\"),\n\t\t\t\tpulumi.String(\"prod\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.aws.AuthBackendRole;\nimport com.pulumi.vault.aws.AuthBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var aws = new AuthBackend(\"aws\", AuthBackendArgs.builder() \n .type(\"aws\")\n .build());\n\n var example = new AuthBackendRole(\"example\", AuthBackendRoleArgs.builder() \n .backend(aws.path())\n .role(\"test-role\")\n .authType(\"iam\")\n .boundAmiIds(\"ami-8c1be5f6\")\n .boundAccountIds(\"123456789012\")\n .boundVpcIds(\"vpc-b61106d4\")\n .boundSubnetIds(\"vpc-133128f1\")\n .boundIamRoleArns(\"arn:aws:iam::123456789012:role/MyRole\")\n .boundIamInstanceProfileArns(\"arn:aws:iam::123456789012:instance-profile/MyProfile\")\n .inferredEntityType(\"ec2_instance\")\n .inferredAwsRegion(\"us-east-1\")\n .tokenTtl(60)\n .tokenMaxTtl(120)\n .tokenPolicies( \n \"default\",\n \"dev\",\n \"prod\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n aws:\n type: vault:AuthBackend\n properties:\n type: aws\n example:\n type: vault:aws:AuthBackendRole\n properties:\n backend: ${aws.path}\n role: test-role\n authType: iam\n boundAmiIds:\n - ami-8c1be5f6\n boundAccountIds:\n - '123456789012'\n boundVpcIds:\n - vpc-b61106d4\n boundSubnetIds:\n - vpc-133128f1\n boundIamRoleArns:\n - arn:aws:iam::123456789012:role/MyRole\n boundIamInstanceProfileArns:\n - arn:aws:iam::123456789012:instance-profile/MyProfile\n inferredEntityType: ec2_instance\n inferredAwsRegion: us-east-1\n tokenTtl: 60\n tokenMaxTtl: 120\n tokenPolicies:\n - default\n - dev\n - prod\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAWS auth backend roles can be imported using `auth/`, the `backend` path, `/role/`, and the `role` name e.g.\n\n```sh\n $ pulumi import vault:aws/authBackendRole:AuthBackendRole example auth/aws/role/test-role\n```\n ", "properties": { "allowInstanceMigration": { "type": "boolean", @@ -9989,7 +7118,7 @@ } }, "vault:aws/authBackendRoleTag:AuthBackendRoleTag": { - "description": "Reads role tag information from an AWS auth backend in Vault. \n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.aws.AuthBackendRole;\nimport com.pulumi.vault.aws.AuthBackendRoleArgs;\nimport com.pulumi.vault.aws.AuthBackendRoleTag;\nimport com.pulumi.vault.aws.AuthBackendRoleTagArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var aws = new AuthBackend(\"aws\", AuthBackendArgs.builder() \n .path(\"%s\")\n .type(\"aws\")\n .build());\n\n var role = new AuthBackendRole(\"role\", AuthBackendRoleArgs.builder() \n .backend(aws.path())\n .role(\"%s\")\n .authType(\"ec2\")\n .boundAccountId(\"123456789012\")\n .policies( \n \"dev\",\n \"prod\",\n \"qa\",\n \"test\")\n .roleTag(\"VaultRoleTag\")\n .build());\n\n var test = new AuthBackendRoleTag(\"test\", AuthBackendRoleTagArgs.builder() \n .backend(aws.path())\n .role(role.role())\n .policies( \n \"prod\",\n \"dev\",\n \"test\")\n .maxTtl(\"1h\")\n .instanceId(\"i-1234567\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n aws:\n type: vault:AuthBackend\n properties:\n path: '%s'\n type: aws\n role:\n type: vault:aws:AuthBackendRole\n properties:\n backend: ${aws.path}\n role: '%s'\n authType: ec2\n boundAccountId: 123456789012\n policies:\n - dev\n - prod\n - qa\n - test\n roleTag: VaultRoleTag\n test:\n type: vault:aws:AuthBackendRoleTag\n properties:\n backend: ${aws.path}\n role: ${role.role}\n policies:\n - prod\n - dev\n - test\n maxTtl: 1h\n instanceId: i-1234567\n```\n{{% /example %}}\n{{% /examples %}}", + "description": "Reads role tag information from an AWS auth backend in Vault. \n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.aws.AuthBackendRole;\nimport com.pulumi.vault.aws.AuthBackendRoleArgs;\nimport com.pulumi.vault.aws.AuthBackendRoleTag;\nimport com.pulumi.vault.aws.AuthBackendRoleTagArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var aws = new AuthBackend(\"aws\", AuthBackendArgs.builder() \n .path(\"%s\")\n .type(\"aws\")\n .build());\n\n var role = new AuthBackendRole(\"role\", AuthBackendRoleArgs.builder() \n .backend(aws.path())\n .role(\"%s\")\n .authType(\"ec2\")\n .boundAccountId(\"123456789012\")\n .policies( \n \"dev\",\n \"prod\",\n \"qa\",\n \"test\")\n .roleTag(\"VaultRoleTag\")\n .build());\n\n var test = new AuthBackendRoleTag(\"test\", AuthBackendRoleTagArgs.builder() \n .backend(aws.path())\n .role(role.role())\n .policies( \n \"prod\",\n \"dev\",\n \"test\")\n .maxTtl(\"1h\")\n .instanceId(\"i-1234567\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n aws:\n type: vault:AuthBackend\n properties:\n path: '%s'\n type: aws\n role:\n type: vault:aws:AuthBackendRole\n properties:\n backend: ${aws.path}\n role: '%s'\n authType: ec2\n boundAccountId: '123456789012'\n policies:\n - dev\n - prod\n - qa\n - test\n roleTag: VaultRoleTag\n test:\n type: vault:aws:AuthBackendRoleTag\n properties:\n backend: ${aws.path}\n role: ${role.role}\n policies:\n - prod\n - dev\n - test\n maxTtl: 1h\n instanceId: i-1234567\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "allowInstanceMigration": { "type": "boolean", @@ -10147,7 +7276,7 @@ } }, "vault:aws/authBackendRoletagBlacklist:AuthBackendRoletagBlacklist": { - "description": "Configures the periodic tidying operation of the blacklisted role tag entries.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst exampleAuthBackend = new vault.AuthBackend(\"exampleAuthBackend\", {type: \"aws\"});\nconst exampleAuthBackendRoletagBlacklist = new vault.aws.AuthBackendRoletagBlacklist(\"exampleAuthBackendRoletagBlacklist\", {\n backend: exampleAuthBackend.path,\n safetyBuffer: 360,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample_auth_backend = vault.AuthBackend(\"exampleAuthBackend\", type=\"aws\")\nexample_auth_backend_roletag_blacklist = vault.aws.AuthBackendRoletagBlacklist(\"exampleAuthBackendRoletagBlacklist\",\n backend=example_auth_backend.path,\n safety_buffer=360)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleAuthBackend = new Vault.AuthBackend(\"exampleAuthBackend\", new()\n {\n Type = \"aws\",\n });\n\n var exampleAuthBackendRoletagBlacklist = new Vault.Aws.AuthBackendRoletagBlacklist(\"exampleAuthBackendRoletagBlacklist\", new()\n {\n Backend = exampleAuthBackend.Path,\n SafetyBuffer = 360,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleAuthBackend, err := vault.NewAuthBackend(ctx, \"exampleAuthBackend\", \u0026vault.AuthBackendArgs{\n\t\t\tType: pulumi.String(\"aws\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = aws.NewAuthBackendRoletagBlacklist(ctx, \"exampleAuthBackendRoletagBlacklist\", \u0026aws.AuthBackendRoletagBlacklistArgs{\n\t\t\tBackend: exampleAuthBackend.Path,\n\t\t\tSafetyBuffer: pulumi.Int(360),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.aws.AuthBackendRoletagBlacklist;\nimport com.pulumi.vault.aws.AuthBackendRoletagBlacklistArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleAuthBackend = new AuthBackend(\"exampleAuthBackend\", AuthBackendArgs.builder() \n .type(\"aws\")\n .build());\n\n var exampleAuthBackendRoletagBlacklist = new AuthBackendRoletagBlacklist(\"exampleAuthBackendRoletagBlacklist\", AuthBackendRoletagBlacklistArgs.builder() \n .backend(exampleAuthBackend.path())\n .safetyBuffer(360)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleAuthBackend:\n type: vault:AuthBackend\n properties:\n type: aws\n exampleAuthBackendRoletagBlacklist:\n type: vault:aws:AuthBackendRoletagBlacklist\n properties:\n backend: ${exampleAuthBackend.path}\n safetyBuffer: 360\n```\n{{% /example %}}\n{{% /examples %}}", + "description": "Configures the periodic tidying operation of the blacklisted role tag entries.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst exampleAuthBackend = new vault.AuthBackend(\"exampleAuthBackend\", {type: \"aws\"});\nconst exampleAuthBackendRoletagBlacklist = new vault.aws.AuthBackendRoletagBlacklist(\"exampleAuthBackendRoletagBlacklist\", {\n backend: exampleAuthBackend.path,\n safetyBuffer: 360,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample_auth_backend = vault.AuthBackend(\"exampleAuthBackend\", type=\"aws\")\nexample_auth_backend_roletag_blacklist = vault.aws.AuthBackendRoletagBlacklist(\"exampleAuthBackendRoletagBlacklist\",\n backend=example_auth_backend.path,\n safety_buffer=360)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleAuthBackend = new Vault.AuthBackend(\"exampleAuthBackend\", new()\n {\n Type = \"aws\",\n });\n\n var exampleAuthBackendRoletagBlacklist = new Vault.Aws.AuthBackendRoletagBlacklist(\"exampleAuthBackendRoletagBlacklist\", new()\n {\n Backend = exampleAuthBackend.Path,\n SafetyBuffer = 360,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleAuthBackend, err := vault.NewAuthBackend(ctx, \"exampleAuthBackend\", \u0026vault.AuthBackendArgs{\n\t\t\tType: pulumi.String(\"aws\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = aws.NewAuthBackendRoletagBlacklist(ctx, \"exampleAuthBackendRoletagBlacklist\", \u0026aws.AuthBackendRoletagBlacklistArgs{\n\t\t\tBackend: exampleAuthBackend.Path,\n\t\t\tSafetyBuffer: pulumi.Int(360),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.aws.AuthBackendRoletagBlacklist;\nimport com.pulumi.vault.aws.AuthBackendRoletagBlacklistArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleAuthBackend = new AuthBackend(\"exampleAuthBackend\", AuthBackendArgs.builder() \n .type(\"aws\")\n .build());\n\n var exampleAuthBackendRoletagBlacklist = new AuthBackendRoletagBlacklist(\"exampleAuthBackendRoletagBlacklist\", AuthBackendRoletagBlacklistArgs.builder() \n .backend(exampleAuthBackend.path())\n .safetyBuffer(360)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleAuthBackend:\n type: vault:AuthBackend\n properties:\n type: aws\n exampleAuthBackendRoletagBlacklist:\n type: vault:aws:AuthBackendRoletagBlacklist\n properties:\n backend: ${exampleAuthBackend.path}\n safetyBuffer: 360\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "backend": { "type": "string", @@ -10218,7 +7347,7 @@ } }, "vault:aws/authBackendStsRole:AuthBackendStsRole": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst aws = new vault.AuthBackend(\"aws\", {type: \"aws\"});\nconst role = new vault.aws.AuthBackendStsRole(\"role\", {\n backend: aws.path,\n accountId: \"1234567890\",\n stsRole: \"arn:aws:iam::1234567890:role/my-role\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\naws = vault.AuthBackend(\"aws\", type=\"aws\")\nrole = vault.aws.AuthBackendStsRole(\"role\",\n backend=aws.path,\n account_id=\"1234567890\",\n sts_role=\"arn:aws:iam::1234567890:role/my-role\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var aws = new Vault.AuthBackend(\"aws\", new()\n {\n Type = \"aws\",\n });\n\n var role = new Vault.Aws.AuthBackendStsRole(\"role\", new()\n {\n Backend = aws.Path,\n AccountId = \"1234567890\",\n StsRole = \"arn:aws:iam::1234567890:role/my-role\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\taws, err := vault.NewAuthBackend(ctx, \"aws\", \u0026vault.AuthBackendArgs{\n\t\t\tType: pulumi.String(\"aws\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = aws.NewAuthBackendStsRole(ctx, \"role\", \u0026aws.AuthBackendStsRoleArgs{\n\t\t\tBackend: aws.Path,\n\t\t\tAccountId: pulumi.String(\"1234567890\"),\n\t\t\tStsRole: pulumi.String(\"arn:aws:iam::1234567890:role/my-role\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.aws.AuthBackendStsRole;\nimport com.pulumi.vault.aws.AuthBackendStsRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var aws = new AuthBackend(\"aws\", AuthBackendArgs.builder() \n .type(\"aws\")\n .build());\n\n var role = new AuthBackendStsRole(\"role\", AuthBackendStsRoleArgs.builder() \n .backend(aws.path())\n .accountId(\"1234567890\")\n .stsRole(\"arn:aws:iam::1234567890:role/my-role\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n aws:\n type: vault:AuthBackend\n properties:\n type: aws\n role:\n type: vault:aws:AuthBackendStsRole\n properties:\n backend: ${aws.path}\n accountId: 1234567890\n stsRole: arn:aws:iam::1234567890:role/my-role\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAWS auth backend STS roles can be imported using `auth/`, the `backend` path, `/config/sts/`, and the `account_id` e.g.\n\n```sh\n $ pulumi import vault:aws/authBackendStsRole:AuthBackendStsRole example auth/aws/config/sts/1234567890\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst aws = new vault.AuthBackend(\"aws\", {type: \"aws\"});\nconst role = new vault.aws.AuthBackendStsRole(\"role\", {\n backend: aws.path,\n accountId: \"1234567890\",\n stsRole: \"arn:aws:iam::1234567890:role/my-role\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\naws = vault.AuthBackend(\"aws\", type=\"aws\")\nrole = vault.aws.AuthBackendStsRole(\"role\",\n backend=aws.path,\n account_id=\"1234567890\",\n sts_role=\"arn:aws:iam::1234567890:role/my-role\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var aws = new Vault.AuthBackend(\"aws\", new()\n {\n Type = \"aws\",\n });\n\n var role = new Vault.Aws.AuthBackendStsRole(\"role\", new()\n {\n Backend = aws.Path,\n AccountId = \"1234567890\",\n StsRole = \"arn:aws:iam::1234567890:role/my-role\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\taws, err := vault.NewAuthBackend(ctx, \"aws\", \u0026vault.AuthBackendArgs{\n\t\t\tType: pulumi.String(\"aws\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = aws.NewAuthBackendStsRole(ctx, \"role\", \u0026aws.AuthBackendStsRoleArgs{\n\t\t\tBackend: aws.Path,\n\t\t\tAccountId: pulumi.String(\"1234567890\"),\n\t\t\tStsRole: pulumi.String(\"arn:aws:iam::1234567890:role/my-role\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.aws.AuthBackendStsRole;\nimport com.pulumi.vault.aws.AuthBackendStsRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var aws = new AuthBackend(\"aws\", AuthBackendArgs.builder() \n .type(\"aws\")\n .build());\n\n var role = new AuthBackendStsRole(\"role\", AuthBackendStsRoleArgs.builder() \n .backend(aws.path())\n .accountId(\"1234567890\")\n .stsRole(\"arn:aws:iam::1234567890:role/my-role\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n aws:\n type: vault:AuthBackend\n properties:\n type: aws\n role:\n type: vault:aws:AuthBackendStsRole\n properties:\n backend: ${aws.path}\n accountId: '1234567890'\n stsRole: arn:aws:iam::1234567890:role/my-role\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAWS auth backend STS roles can be imported using `auth/`, the `backend` path, `/config/sts/`, and the `account_id` e.g.\n\n```sh\n $ pulumi import vault:aws/authBackendStsRole:AuthBackendStsRole example auth/aws/config/sts/1234567890\n```\n ", "properties": { "accountId": { "type": "string", @@ -10291,7 +7420,7 @@ } }, "vault:aws/secretBackend:SecretBackend": { - "description": "\n\n\n## Import\n\nAWS secret backends can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:aws/secretBackend:SecretBackend aws aws\n```\n\n ", + "description": "\n\n\n## Import\n\nAWS secret backends can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:aws/secretBackend:SecretBackend aws aws\n```\n ", "properties": { "accessKey": { "type": "string", @@ -10316,7 +7445,7 @@ }, "local": { "type": "boolean", - "description": "Specifies whether the secrets mount will be marked as local. Local mounts are not replicated to performance replicas.\n" + "description": "Specifies whether the secrets mount will be marked as local. Local mounts are not replicated to performance replicas.\n\n" }, "maxLeaseTtlSeconds": { "type": "integer", @@ -10332,11 +7461,11 @@ }, "region": { "type": "string", - "description": "The AWS region for API calls. Defaults to `us-east-1`.\n" + "description": "The AWS region to make API calls against. Defaults to us-east-1.\n" }, "secretKey": { "type": "string", - "description": "The AWS Secret Key this backend should use to\nissue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials.\n", + "description": "The AWS Secret Access Key to use when generating new credentials.\n", "secret": true }, "stsEndpoint": { @@ -10378,7 +7507,7 @@ }, "local": { "type": "boolean", - "description": "Specifies whether the secrets mount will be marked as local. Local mounts are not replicated to performance replicas.\n", + "description": "Specifies whether the secrets mount will be marked as local. Local mounts are not replicated to performance replicas.\n\n", "willReplaceOnChanges": true }, "maxLeaseTtlSeconds": { @@ -10396,11 +7525,11 @@ }, "region": { "type": "string", - "description": "The AWS region for API calls. Defaults to `us-east-1`.\n" + "description": "The AWS region to make API calls against. Defaults to us-east-1.\n" }, "secretKey": { "type": "string", - "description": "The AWS Secret Key this backend should use to\nissue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials.\n", + "description": "The AWS Secret Access Key to use when generating new credentials.\n", "secret": true }, "stsEndpoint": { @@ -10438,7 +7567,7 @@ }, "local": { "type": "boolean", - "description": "Specifies whether the secrets mount will be marked as local. Local mounts are not replicated to performance replicas.\n", + "description": "Specifies whether the secrets mount will be marked as local. Local mounts are not replicated to performance replicas.\n\n", "willReplaceOnChanges": true }, "maxLeaseTtlSeconds": { @@ -10456,11 +7585,11 @@ }, "region": { "type": "string", - "description": "The AWS region for API calls. Defaults to `us-east-1`.\n" + "description": "The AWS region to make API calls against. Defaults to us-east-1.\n" }, "secretKey": { "type": "string", - "description": "The AWS Secret Key this backend should use to\nissue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials.\n", + "description": "The AWS Secret Access Key to use when generating new credentials.\n", "secret": true }, "stsEndpoint": { @@ -10476,7 +7605,7 @@ } }, "vault:aws/secretBackendRole:SecretBackendRole": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst aws = new vault.aws.SecretBackend(\"aws\", {\n accessKey: \"AKIA.....\",\n secretKey: \"AWS secret key\",\n});\nconst role = new vault.aws.SecretBackendRole(\"role\", {\n backend: aws.path,\n credentialType: \"iam_user\",\n policyDocument: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": \"iam:*\",\n \"Resource\": \"*\"\n }\n ]\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\naws = vault.aws.SecretBackend(\"aws\",\n access_key=\"AKIA.....\",\n secret_key=\"AWS secret key\")\nrole = vault.aws.SecretBackendRole(\"role\",\n backend=aws.path,\n credential_type=\"iam_user\",\n policy_document=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": \"iam:*\",\n \"Resource\": \"*\"\n }\n ]\n}\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var aws = new Vault.Aws.SecretBackend(\"aws\", new()\n {\n AccessKey = \"AKIA.....\",\n SecretKey = \"AWS secret key\",\n });\n\n var role = new Vault.Aws.SecretBackendRole(\"role\", new()\n {\n Backend = aws.Path,\n CredentialType = \"iam_user\",\n PolicyDocument = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Action\"\": \"\"iam:*\"\",\n \"\"Resource\"\": \"\"*\"\"\n }\n ]\n}\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\taws, err := aws.NewSecretBackend(ctx, \"aws\", \u0026aws.SecretBackendArgs{\n\t\t\tAccessKey: pulumi.String(\"AKIA.....\"),\n\t\t\tSecretKey: pulumi.String(\"AWS secret key\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = aws.NewSecretBackendRole(ctx, \"role\", \u0026aws.SecretBackendRoleArgs{\n\t\t\tBackend: aws.Path,\n\t\t\tCredentialType: pulumi.String(\"iam_user\"),\n\t\t\tPolicyDocument: pulumi.String(\"{\\n \\\"Version\\\": \\\"2012-10-17\\\",\\n \\\"Statement\\\": [\\n {\\n \\\"Effect\\\": \\\"Allow\\\",\\n \\\"Action\\\": \\\"iam:*\\\",\\n \\\"Resource\\\": \\\"*\\\"\\n }\\n ]\\n}\\n\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.aws.SecretBackend;\nimport com.pulumi.vault.aws.SecretBackendArgs;\nimport com.pulumi.vault.aws.SecretBackendRole;\nimport com.pulumi.vault.aws.SecretBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var aws = new SecretBackend(\"aws\", SecretBackendArgs.builder() \n .accessKey(\"AKIA.....\")\n .secretKey(\"AWS secret key\")\n .build());\n\n var role = new SecretBackendRole(\"role\", SecretBackendRoleArgs.builder() \n .backend(aws.path())\n .credentialType(\"iam_user\")\n .policyDocument(\"\"\"\n{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": \"iam:*\",\n \"Resource\": \"*\"\n }\n ]\n}\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n aws:\n type: vault:aws:SecretBackend\n properties:\n accessKey: AKIA.....\n secretKey: AWS secret key\n role:\n type: vault:aws:SecretBackendRole\n properties:\n backend: ${aws.path}\n credentialType: iam_user\n policyDocument: |\n {\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": \"iam:*\",\n \"Resource\": \"*\"\n }\n ]\n }\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAWS secret backend roles can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:aws/secretBackendRole:SecretBackendRole role aws/roles/deploy\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst aws = new vault.aws.SecretBackend(\"aws\", {\n accessKey: \"AKIA.....\",\n secretKey: \"AWS secret key\",\n});\nconst role = new vault.aws.SecretBackendRole(\"role\", {\n backend: aws.path,\n credentialType: \"iam_user\",\n policyDocument: `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": \"iam:*\",\n \"Resource\": \"*\"\n }\n ]\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\naws = vault.aws.SecretBackend(\"aws\",\n access_key=\"AKIA.....\",\n secret_key=\"AWS secret key\")\nrole = vault.aws.SecretBackendRole(\"role\",\n backend=aws.path,\n credential_type=\"iam_user\",\n policy_document=\"\"\"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": \"iam:*\",\n \"Resource\": \"*\"\n }\n ]\n}\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var aws = new Vault.Aws.SecretBackend(\"aws\", new()\n {\n AccessKey = \"AKIA.....\",\n SecretKey = \"AWS secret key\",\n });\n\n var role = new Vault.Aws.SecretBackendRole(\"role\", new()\n {\n Backend = aws.Path,\n CredentialType = \"iam_user\",\n PolicyDocument = @\"{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Action\"\": \"\"iam:*\"\",\n \"\"Resource\"\": \"\"*\"\"\n }\n ]\n}\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\taws, err := aws.NewSecretBackend(ctx, \"aws\", \u0026aws.SecretBackendArgs{\n\t\t\tAccessKey: pulumi.String(\"AKIA.....\"),\n\t\t\tSecretKey: pulumi.String(\"AWS secret key\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = aws.NewSecretBackendRole(ctx, \"role\", \u0026aws.SecretBackendRoleArgs{\n\t\t\tBackend: aws.Path,\n\t\t\tCredentialType: pulumi.String(\"iam_user\"),\n\t\t\tPolicyDocument: pulumi.String(`{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": \"iam:*\",\n \"Resource\": \"*\"\n }\n ]\n}\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.aws.SecretBackend;\nimport com.pulumi.vault.aws.SecretBackendArgs;\nimport com.pulumi.vault.aws.SecretBackendRole;\nimport com.pulumi.vault.aws.SecretBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var aws = new SecretBackend(\"aws\", SecretBackendArgs.builder() \n .accessKey(\"AKIA.....\")\n .secretKey(\"AWS secret key\")\n .build());\n\n var role = new SecretBackendRole(\"role\", SecretBackendRoleArgs.builder() \n .backend(aws.path())\n .credentialType(\"iam_user\")\n .policyDocument(\"\"\"\n{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": \"iam:*\",\n \"Resource\": \"*\"\n }\n ]\n}\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n aws:\n type: vault:aws:SecretBackend\n properties:\n accessKey: AKIA.....\n secretKey: AWS secret key\n role:\n type: vault:aws:SecretBackendRole\n properties:\n backend: ${aws.path}\n credentialType: iam_user\n policyDocument: |\n {\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": \"iam:*\",\n \"Resource\": \"*\"\n }\n ]\n }\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAWS secret backend roles can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:aws/secretBackendRole:SecretBackendRole role aws/roles/deploy\n```\n ", "properties": { "backend": { "type": "string", @@ -10679,7 +7808,7 @@ } }, "vault:aws/secretBackendStaticRole:SecretBackendStaticRole": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst aws = new vault.aws.SecretBackend(\"aws\", {\n path: \"my-aws\",\n description: \"Obtain AWS credentials.\",\n});\nconst role = new vault.aws.SecretBackendStaticRole(\"role\", {\n backend: aws.path,\n username: \"my-test-user\",\n rotationPeriod: 3600,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\naws = vault.aws.SecretBackend(\"aws\",\n path=\"my-aws\",\n description=\"Obtain AWS credentials.\")\nrole = vault.aws.SecretBackendStaticRole(\"role\",\n backend=aws.path,\n username=\"my-test-user\",\n rotation_period=3600)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var aws = new Vault.Aws.SecretBackend(\"aws\", new()\n {\n Path = \"my-aws\",\n Description = \"Obtain AWS credentials.\",\n });\n\n var role = new Vault.Aws.SecretBackendStaticRole(\"role\", new()\n {\n Backend = aws.Path,\n Username = \"my-test-user\",\n RotationPeriod = 3600,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\taws, err := aws.NewSecretBackend(ctx, \"aws\", \u0026aws.SecretBackendArgs{\n\t\t\tPath: pulumi.String(\"my-aws\"),\n\t\t\tDescription: pulumi.String(\"Obtain AWS credentials.\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = aws.NewSecretBackendStaticRole(ctx, \"role\", \u0026aws.SecretBackendStaticRoleArgs{\n\t\t\tBackend: aws.Path,\n\t\t\tUsername: pulumi.String(\"my-test-user\"),\n\t\t\tRotationPeriod: pulumi.Int(3600),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.aws.SecretBackend;\nimport com.pulumi.vault.aws.SecretBackendArgs;\nimport com.pulumi.vault.aws.SecretBackendStaticRole;\nimport com.pulumi.vault.aws.SecretBackendStaticRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var aws = new SecretBackend(\"aws\", SecretBackendArgs.builder() \n .path(\"my-aws\")\n .description(\"Obtain AWS credentials.\")\n .build());\n\n var role = new SecretBackendStaticRole(\"role\", SecretBackendStaticRoleArgs.builder() \n .backend(aws.path())\n .username(\"my-test-user\")\n .rotationPeriod(\"3600\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n aws:\n type: vault:aws:SecretBackend\n properties:\n path: my-aws\n description: Obtain AWS credentials.\n role:\n type: vault:aws:SecretBackendStaticRole\n properties:\n backend: ${aws.path}\n username: my-test-user\n rotationPeriod: 3600\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAWS secret backend static role can be imported using the full path to the role of the form`\u003cmount_path\u003e/static-roles/\u003crole_name\u003e` e.g.\n\n```sh\n $ pulumi import vault:aws/secretBackendStaticRole:SecretBackendStaticRole role aws/static-roles/example-role\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst aws = new vault.aws.SecretBackend(\"aws\", {\n path: \"my-aws\",\n description: \"Obtain AWS credentials.\",\n});\nconst role = new vault.aws.SecretBackendStaticRole(\"role\", {\n backend: aws.path,\n username: \"my-test-user\",\n rotationPeriod: 3600,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\naws = vault.aws.SecretBackend(\"aws\",\n path=\"my-aws\",\n description=\"Obtain AWS credentials.\")\nrole = vault.aws.SecretBackendStaticRole(\"role\",\n backend=aws.path,\n username=\"my-test-user\",\n rotation_period=3600)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var aws = new Vault.Aws.SecretBackend(\"aws\", new()\n {\n Path = \"my-aws\",\n Description = \"Obtain AWS credentials.\",\n });\n\n var role = new Vault.Aws.SecretBackendStaticRole(\"role\", new()\n {\n Backend = aws.Path,\n Username = \"my-test-user\",\n RotationPeriod = 3600,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/aws\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\taws, err := aws.NewSecretBackend(ctx, \"aws\", \u0026aws.SecretBackendArgs{\n\t\t\tPath: pulumi.String(\"my-aws\"),\n\t\t\tDescription: pulumi.String(\"Obtain AWS credentials.\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = aws.NewSecretBackendStaticRole(ctx, \"role\", \u0026aws.SecretBackendStaticRoleArgs{\n\t\t\tBackend: aws.Path,\n\t\t\tUsername: pulumi.String(\"my-test-user\"),\n\t\t\tRotationPeriod: pulumi.Int(3600),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.aws.SecretBackend;\nimport com.pulumi.vault.aws.SecretBackendArgs;\nimport com.pulumi.vault.aws.SecretBackendStaticRole;\nimport com.pulumi.vault.aws.SecretBackendStaticRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var aws = new SecretBackend(\"aws\", SecretBackendArgs.builder() \n .path(\"my-aws\")\n .description(\"Obtain AWS credentials.\")\n .build());\n\n var role = new SecretBackendStaticRole(\"role\", SecretBackendStaticRoleArgs.builder() \n .backend(aws.path())\n .username(\"my-test-user\")\n .rotationPeriod(\"3600\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n aws:\n type: vault:aws:SecretBackend\n properties:\n path: my-aws\n description: Obtain AWS credentials.\n role:\n type: vault:aws:SecretBackendStaticRole\n properties:\n backend: ${aws.path}\n username: my-test-user\n rotationPeriod: '3600'\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAWS secret backend static role can be imported using the full path to the role of the form`\u003cmount_path\u003e/static-roles/\u003crole_name\u003e` e.g.\n\n```sh\n $ pulumi import vault:aws/secretBackendStaticRole:SecretBackendStaticRole role aws/static-roles/example-role\n```\n ", "properties": { "backend": { "type": "string", @@ -10767,7 +7896,7 @@ } }, "vault:azure/authBackendConfig:AuthBackendConfig": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst exampleAuthBackend = new vault.AuthBackend(\"exampleAuthBackend\", {type: \"azure\"});\nconst exampleAuthBackendConfig = new vault.azure.AuthBackendConfig(\"exampleAuthBackendConfig\", {\n backend: exampleAuthBackend.path,\n tenantId: \"11111111-2222-3333-4444-555555555555\",\n clientId: \"11111111-2222-3333-4444-555555555555\",\n clientSecret: \"01234567890123456789\",\n resource: \"https://vault.hashicorp.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample_auth_backend = vault.AuthBackend(\"exampleAuthBackend\", type=\"azure\")\nexample_auth_backend_config = vault.azure.AuthBackendConfig(\"exampleAuthBackendConfig\",\n backend=example_auth_backend.path,\n tenant_id=\"11111111-2222-3333-4444-555555555555\",\n client_id=\"11111111-2222-3333-4444-555555555555\",\n client_secret=\"01234567890123456789\",\n resource=\"https://vault.hashicorp.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleAuthBackend = new Vault.AuthBackend(\"exampleAuthBackend\", new()\n {\n Type = \"azure\",\n });\n\n var exampleAuthBackendConfig = new Vault.Azure.AuthBackendConfig(\"exampleAuthBackendConfig\", new()\n {\n Backend = exampleAuthBackend.Path,\n TenantId = \"11111111-2222-3333-4444-555555555555\",\n ClientId = \"11111111-2222-3333-4444-555555555555\",\n ClientSecret = \"01234567890123456789\",\n Resource = \"https://vault.hashicorp.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/azure\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleAuthBackend, err := vault.NewAuthBackend(ctx, \"exampleAuthBackend\", \u0026vault.AuthBackendArgs{\n\t\t\tType: pulumi.String(\"azure\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azure.NewAuthBackendConfig(ctx, \"exampleAuthBackendConfig\", \u0026azure.AuthBackendConfigArgs{\n\t\t\tBackend: exampleAuthBackend.Path,\n\t\t\tTenantId: pulumi.String(\"11111111-2222-3333-4444-555555555555\"),\n\t\t\tClientId: pulumi.String(\"11111111-2222-3333-4444-555555555555\"),\n\t\t\tClientSecret: pulumi.String(\"01234567890123456789\"),\n\t\t\tResource: pulumi.String(\"https://vault.hashicorp.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.azure.AuthBackendConfig;\nimport com.pulumi.vault.azure.AuthBackendConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleAuthBackend = new AuthBackend(\"exampleAuthBackend\", AuthBackendArgs.builder() \n .type(\"azure\")\n .build());\n\n var exampleAuthBackendConfig = new AuthBackendConfig(\"exampleAuthBackendConfig\", AuthBackendConfigArgs.builder() \n .backend(exampleAuthBackend.path())\n .tenantId(\"11111111-2222-3333-4444-555555555555\")\n .clientId(\"11111111-2222-3333-4444-555555555555\")\n .clientSecret(\"01234567890123456789\")\n .resource(\"https://vault.hashicorp.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleAuthBackend:\n type: vault:AuthBackend\n properties:\n type: azure\n exampleAuthBackendConfig:\n type: vault:azure:AuthBackendConfig\n properties:\n backend: ${exampleAuthBackend.path}\n tenantId: 11111111-2222-3333-4444-555555555555\n clientId: 11111111-2222-3333-4444-555555555555\n clientSecret: 01234567890123456789\n resource: https://vault.hashicorp.com\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAzure auth backends can be imported using `auth/`, the `backend` path, and `/config` e.g.\n\n```sh\n $ pulumi import vault:azure/authBackendConfig:AuthBackendConfig example auth/azure/config\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst exampleAuthBackend = new vault.AuthBackend(\"exampleAuthBackend\", {type: \"azure\"});\nconst exampleAuthBackendConfig = new vault.azure.AuthBackendConfig(\"exampleAuthBackendConfig\", {\n backend: exampleAuthBackend.path,\n tenantId: \"11111111-2222-3333-4444-555555555555\",\n clientId: \"11111111-2222-3333-4444-555555555555\",\n clientSecret: \"01234567890123456789\",\n resource: \"https://vault.hashicorp.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample_auth_backend = vault.AuthBackend(\"exampleAuthBackend\", type=\"azure\")\nexample_auth_backend_config = vault.azure.AuthBackendConfig(\"exampleAuthBackendConfig\",\n backend=example_auth_backend.path,\n tenant_id=\"11111111-2222-3333-4444-555555555555\",\n client_id=\"11111111-2222-3333-4444-555555555555\",\n client_secret=\"01234567890123456789\",\n resource=\"https://vault.hashicorp.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleAuthBackend = new Vault.AuthBackend(\"exampleAuthBackend\", new()\n {\n Type = \"azure\",\n });\n\n var exampleAuthBackendConfig = new Vault.Azure.AuthBackendConfig(\"exampleAuthBackendConfig\", new()\n {\n Backend = exampleAuthBackend.Path,\n TenantId = \"11111111-2222-3333-4444-555555555555\",\n ClientId = \"11111111-2222-3333-4444-555555555555\",\n ClientSecret = \"01234567890123456789\",\n Resource = \"https://vault.hashicorp.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/azure\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleAuthBackend, err := vault.NewAuthBackend(ctx, \"exampleAuthBackend\", \u0026vault.AuthBackendArgs{\n\t\t\tType: pulumi.String(\"azure\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azure.NewAuthBackendConfig(ctx, \"exampleAuthBackendConfig\", \u0026azure.AuthBackendConfigArgs{\n\t\t\tBackend: exampleAuthBackend.Path,\n\t\t\tTenantId: pulumi.String(\"11111111-2222-3333-4444-555555555555\"),\n\t\t\tClientId: pulumi.String(\"11111111-2222-3333-4444-555555555555\"),\n\t\t\tClientSecret: pulumi.String(\"01234567890123456789\"),\n\t\t\tResource: pulumi.String(\"https://vault.hashicorp.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.azure.AuthBackendConfig;\nimport com.pulumi.vault.azure.AuthBackendConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleAuthBackend = new AuthBackend(\"exampleAuthBackend\", AuthBackendArgs.builder() \n .type(\"azure\")\n .build());\n\n var exampleAuthBackendConfig = new AuthBackendConfig(\"exampleAuthBackendConfig\", AuthBackendConfigArgs.builder() \n .backend(exampleAuthBackend.path())\n .tenantId(\"11111111-2222-3333-4444-555555555555\")\n .clientId(\"11111111-2222-3333-4444-555555555555\")\n .clientSecret(\"01234567890123456789\")\n .resource(\"https://vault.hashicorp.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleAuthBackend:\n type: vault:AuthBackend\n properties:\n type: azure\n exampleAuthBackendConfig:\n type: vault:azure:AuthBackendConfig\n properties:\n backend: ${exampleAuthBackend.path}\n tenantId: 11111111-2222-3333-4444-555555555555\n clientId: 11111111-2222-3333-4444-555555555555\n clientSecret: '01234567890123456789'\n resource: https://vault.hashicorp.com\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAzure auth backends can be imported using `auth/`, the `backend` path, and `/config` e.g.\n\n```sh\n $ pulumi import vault:azure/authBackendConfig:AuthBackendConfig example auth/azure/config\n```\n ", "properties": { "backend": { "type": "string", @@ -10885,7 +8014,7 @@ } }, "vault:azure/authBackendRole:AuthBackendRole": { - "description": "Manages an Azure auth backend role in a Vault server. Roles constrain the\ninstances or principals that can perform the login operation against the\nbackend. See the [Vault\ndocumentation](https://www.vaultproject.io/docs/auth/azure.html) for more\ninformation.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst azure = new vault.AuthBackend(\"azure\", {type: \"azure\"});\nconst example = new vault.azure.AuthBackendRole(\"example\", {\n backend: azure.path,\n role: \"test-role\",\n boundSubscriptionIds: [\"11111111-2222-3333-4444-555555555555\"],\n boundResourceGroups: [\"123456789012\"],\n tokenTtl: 60,\n tokenMaxTtl: 120,\n tokenPolicies: [\n \"default\",\n \"dev\",\n \"prod\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nazure = vault.AuthBackend(\"azure\", type=\"azure\")\nexample = vault.azure.AuthBackendRole(\"example\",\n backend=azure.path,\n role=\"test-role\",\n bound_subscription_ids=[\"11111111-2222-3333-4444-555555555555\"],\n bound_resource_groups=[\"123456789012\"],\n token_ttl=60,\n token_max_ttl=120,\n token_policies=[\n \"default\",\n \"dev\",\n \"prod\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var azure = new Vault.AuthBackend(\"azure\", new()\n {\n Type = \"azure\",\n });\n\n var example = new Vault.Azure.AuthBackendRole(\"example\", new()\n {\n Backend = azure.Path,\n Role = \"test-role\",\n BoundSubscriptionIds = new[]\n {\n \"11111111-2222-3333-4444-555555555555\",\n },\n BoundResourceGroups = new[]\n {\n \"123456789012\",\n },\n TokenTtl = 60,\n TokenMaxTtl = 120,\n TokenPolicies = new[]\n {\n \"default\",\n \"dev\",\n \"prod\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/azure\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tazure, err := vault.NewAuthBackend(ctx, \"azure\", \u0026vault.AuthBackendArgs{\n\t\t\tType: pulumi.String(\"azure\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azure.NewAuthBackendRole(ctx, \"example\", \u0026azure.AuthBackendRoleArgs{\n\t\t\tBackend: azure.Path,\n\t\t\tRole: pulumi.String(\"test-role\"),\n\t\t\tBoundSubscriptionIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"11111111-2222-3333-4444-555555555555\"),\n\t\t\t},\n\t\t\tBoundResourceGroups: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"123456789012\"),\n\t\t\t},\n\t\t\tTokenTtl: pulumi.Int(60),\n\t\t\tTokenMaxTtl: pulumi.Int(120),\n\t\t\tTokenPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"default\"),\n\t\t\t\tpulumi.String(\"dev\"),\n\t\t\t\tpulumi.String(\"prod\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.azure.AuthBackendRole;\nimport com.pulumi.vault.azure.AuthBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var azure = new AuthBackend(\"azure\", AuthBackendArgs.builder() \n .type(\"azure\")\n .build());\n\n var example = new AuthBackendRole(\"example\", AuthBackendRoleArgs.builder() \n .backend(azure.path())\n .role(\"test-role\")\n .boundSubscriptionIds(\"11111111-2222-3333-4444-555555555555\")\n .boundResourceGroups(\"123456789012\")\n .tokenTtl(60)\n .tokenMaxTtl(120)\n .tokenPolicies( \n \"default\",\n \"dev\",\n \"prod\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n azure:\n type: vault:AuthBackend\n properties:\n type: azure\n example:\n type: vault:azure:AuthBackendRole\n properties:\n backend: ${azure.path}\n role: test-role\n boundSubscriptionIds:\n - 11111111-2222-3333-4444-555555555555\n boundResourceGroups:\n - 123456789012\n tokenTtl: 60\n tokenMaxTtl: 120\n tokenPolicies:\n - default\n - dev\n - prod\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAzure auth backend roles can be imported using `auth/`, the `backend` path, `/role/`, and the `role` name e.g.\n\n```sh\n $ pulumi import vault:azure/authBackendRole:AuthBackendRole example auth/azure/role/test-role\n```\n\n ", + "description": "Manages an Azure auth backend role in a Vault server. Roles constrain the\ninstances or principals that can perform the login operation against the\nbackend. See the [Vault\ndocumentation](https://www.vaultproject.io/docs/auth/azure.html) for more\ninformation.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst azure = new vault.AuthBackend(\"azure\", {type: \"azure\"});\nconst example = new vault.azure.AuthBackendRole(\"example\", {\n backend: azure.path,\n role: \"test-role\",\n boundSubscriptionIds: [\"11111111-2222-3333-4444-555555555555\"],\n boundResourceGroups: [\"123456789012\"],\n tokenTtl: 60,\n tokenMaxTtl: 120,\n tokenPolicies: [\n \"default\",\n \"dev\",\n \"prod\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nazure = vault.AuthBackend(\"azure\", type=\"azure\")\nexample = vault.azure.AuthBackendRole(\"example\",\n backend=azure.path,\n role=\"test-role\",\n bound_subscription_ids=[\"11111111-2222-3333-4444-555555555555\"],\n bound_resource_groups=[\"123456789012\"],\n token_ttl=60,\n token_max_ttl=120,\n token_policies=[\n \"default\",\n \"dev\",\n \"prod\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var azure = new Vault.AuthBackend(\"azure\", new()\n {\n Type = \"azure\",\n });\n\n var example = new Vault.Azure.AuthBackendRole(\"example\", new()\n {\n Backend = azure.Path,\n Role = \"test-role\",\n BoundSubscriptionIds = new[]\n {\n \"11111111-2222-3333-4444-555555555555\",\n },\n BoundResourceGroups = new[]\n {\n \"123456789012\",\n },\n TokenTtl = 60,\n TokenMaxTtl = 120,\n TokenPolicies = new[]\n {\n \"default\",\n \"dev\",\n \"prod\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/azure\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tazure, err := vault.NewAuthBackend(ctx, \"azure\", \u0026vault.AuthBackendArgs{\n\t\t\tType: pulumi.String(\"azure\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azure.NewAuthBackendRole(ctx, \"example\", \u0026azure.AuthBackendRoleArgs{\n\t\t\tBackend: azure.Path,\n\t\t\tRole: pulumi.String(\"test-role\"),\n\t\t\tBoundSubscriptionIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"11111111-2222-3333-4444-555555555555\"),\n\t\t\t},\n\t\t\tBoundResourceGroups: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"123456789012\"),\n\t\t\t},\n\t\t\tTokenTtl: pulumi.Int(60),\n\t\t\tTokenMaxTtl: pulumi.Int(120),\n\t\t\tTokenPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"default\"),\n\t\t\t\tpulumi.String(\"dev\"),\n\t\t\t\tpulumi.String(\"prod\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.azure.AuthBackendRole;\nimport com.pulumi.vault.azure.AuthBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var azure = new AuthBackend(\"azure\", AuthBackendArgs.builder() \n .type(\"azure\")\n .build());\n\n var example = new AuthBackendRole(\"example\", AuthBackendRoleArgs.builder() \n .backend(azure.path())\n .role(\"test-role\")\n .boundSubscriptionIds(\"11111111-2222-3333-4444-555555555555\")\n .boundResourceGroups(\"123456789012\")\n .tokenTtl(60)\n .tokenMaxTtl(120)\n .tokenPolicies( \n \"default\",\n \"dev\",\n \"prod\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n azure:\n type: vault:AuthBackend\n properties:\n type: azure\n example:\n type: vault:azure:AuthBackendRole\n properties:\n backend: ${azure.path}\n role: test-role\n boundSubscriptionIds:\n - 11111111-2222-3333-4444-555555555555\n boundResourceGroups:\n - '123456789012'\n tokenTtl: 60\n tokenMaxTtl: 120\n tokenPolicies:\n - default\n - dev\n - prod\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAzure auth backend roles can be imported using `auth/`, the `backend` path, `/role/`, and the `role` name e.g.\n\n```sh\n $ pulumi import vault:azure/authBackendRole:AuthBackendRole example auth/azure/role/test-role\n```\n ", "properties": { "backend": { "type": "string", @@ -11198,16 +8327,16 @@ } }, "vault:azure/backend:Backend": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n### *Vault-1.9 And Above*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst azure = new vault.azure.Backend(\"azure\", {\n clientId: \"11111111-2222-3333-4444-333333333333\",\n clientSecret: \"12345678901234567890\",\n environment: \"AzurePublicCloud\",\n subscriptionId: \"11111111-2222-3333-4444-111111111111\",\n tenantId: \"11111111-2222-3333-4444-222222222222\",\n useMicrosoftGraphApi: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nazure = vault.azure.Backend(\"azure\",\n client_id=\"11111111-2222-3333-4444-333333333333\",\n client_secret=\"12345678901234567890\",\n environment=\"AzurePublicCloud\",\n subscription_id=\"11111111-2222-3333-4444-111111111111\",\n tenant_id=\"11111111-2222-3333-4444-222222222222\",\n use_microsoft_graph_api=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var azure = new Vault.Azure.Backend(\"azure\", new()\n {\n ClientId = \"11111111-2222-3333-4444-333333333333\",\n ClientSecret = \"12345678901234567890\",\n Environment = \"AzurePublicCloud\",\n SubscriptionId = \"11111111-2222-3333-4444-111111111111\",\n TenantId = \"11111111-2222-3333-4444-222222222222\",\n UseMicrosoftGraphApi = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/azure\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azure.NewBackend(ctx, \"azure\", \u0026azure.BackendArgs{\n\t\t\tClientId: pulumi.String(\"11111111-2222-3333-4444-333333333333\"),\n\t\t\tClientSecret: pulumi.String(\"12345678901234567890\"),\n\t\t\tEnvironment: pulumi.String(\"AzurePublicCloud\"),\n\t\t\tSubscriptionId: pulumi.String(\"11111111-2222-3333-4444-111111111111\"),\n\t\t\tTenantId: pulumi.String(\"11111111-2222-3333-4444-222222222222\"),\n\t\t\tUseMicrosoftGraphApi: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.azure.Backend;\nimport com.pulumi.vault.azure.BackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var azure = new Backend(\"azure\", BackendArgs.builder() \n .clientId(\"11111111-2222-3333-4444-333333333333\")\n .clientSecret(\"12345678901234567890\")\n .environment(\"AzurePublicCloud\")\n .subscriptionId(\"11111111-2222-3333-4444-111111111111\")\n .tenantId(\"11111111-2222-3333-4444-222222222222\")\n .useMicrosoftGraphApi(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n azure:\n type: vault:azure:Backend\n properties:\n clientId: 11111111-2222-3333-4444-333333333333\n clientSecret: 12345678901234567890\n environment: AzurePublicCloud\n subscriptionId: 11111111-2222-3333-4444-111111111111\n tenantId: 11111111-2222-3333-4444-222222222222\n useMicrosoftGraphApi: true\n```\n\n{{% /example %}}\n{{% example %}}\n### *Vault-1.8 And Below*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst azure = new vault.azure.Backend(\"azure\", {\n clientId: \"11111111-2222-3333-4444-333333333333\",\n clientSecret: \"12345678901234567890\",\n environment: \"AzurePublicCloud\",\n subscriptionId: \"11111111-2222-3333-4444-111111111111\",\n tenantId: \"11111111-2222-3333-4444-222222222222\",\n useMicrosoftGraphApi: false,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nazure = vault.azure.Backend(\"azure\",\n client_id=\"11111111-2222-3333-4444-333333333333\",\n client_secret=\"12345678901234567890\",\n environment=\"AzurePublicCloud\",\n subscription_id=\"11111111-2222-3333-4444-111111111111\",\n tenant_id=\"11111111-2222-3333-4444-222222222222\",\n use_microsoft_graph_api=False)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var azure = new Vault.Azure.Backend(\"azure\", new()\n {\n ClientId = \"11111111-2222-3333-4444-333333333333\",\n ClientSecret = \"12345678901234567890\",\n Environment = \"AzurePublicCloud\",\n SubscriptionId = \"11111111-2222-3333-4444-111111111111\",\n TenantId = \"11111111-2222-3333-4444-222222222222\",\n UseMicrosoftGraphApi = false,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/azure\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azure.NewBackend(ctx, \"azure\", \u0026azure.BackendArgs{\n\t\t\tClientId: pulumi.String(\"11111111-2222-3333-4444-333333333333\"),\n\t\t\tClientSecret: pulumi.String(\"12345678901234567890\"),\n\t\t\tEnvironment: pulumi.String(\"AzurePublicCloud\"),\n\t\t\tSubscriptionId: pulumi.String(\"11111111-2222-3333-4444-111111111111\"),\n\t\t\tTenantId: pulumi.String(\"11111111-2222-3333-4444-222222222222\"),\n\t\t\tUseMicrosoftGraphApi: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.azure.Backend;\nimport com.pulumi.vault.azure.BackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var azure = new Backend(\"azure\", BackendArgs.builder() \n .clientId(\"11111111-2222-3333-4444-333333333333\")\n .clientSecret(\"12345678901234567890\")\n .environment(\"AzurePublicCloud\")\n .subscriptionId(\"11111111-2222-3333-4444-111111111111\")\n .tenantId(\"11111111-2222-3333-4444-222222222222\")\n .useMicrosoftGraphApi(false)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n azure:\n type: vault:azure:Backend\n properties:\n clientId: 11111111-2222-3333-4444-333333333333\n clientSecret: 12345678901234567890\n environment: AzurePublicCloud\n subscriptionId: 11111111-2222-3333-4444-111111111111\n tenantId: 11111111-2222-3333-4444-222222222222\n useMicrosoftGraphApi: false\n```\n{{% /example %}}\n{{% /examples %}}", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n### *Vault-1.9 And Above*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst azure = new vault.azure.Backend(\"azure\", {\n clientId: \"11111111-2222-3333-4444-333333333333\",\n clientSecret: \"12345678901234567890\",\n environment: \"AzurePublicCloud\",\n subscriptionId: \"11111111-2222-3333-4444-111111111111\",\n tenantId: \"11111111-2222-3333-4444-222222222222\",\n useMicrosoftGraphApi: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nazure = vault.azure.Backend(\"azure\",\n client_id=\"11111111-2222-3333-4444-333333333333\",\n client_secret=\"12345678901234567890\",\n environment=\"AzurePublicCloud\",\n subscription_id=\"11111111-2222-3333-4444-111111111111\",\n tenant_id=\"11111111-2222-3333-4444-222222222222\",\n use_microsoft_graph_api=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var azure = new Vault.Azure.Backend(\"azure\", new()\n {\n ClientId = \"11111111-2222-3333-4444-333333333333\",\n ClientSecret = \"12345678901234567890\",\n Environment = \"AzurePublicCloud\",\n SubscriptionId = \"11111111-2222-3333-4444-111111111111\",\n TenantId = \"11111111-2222-3333-4444-222222222222\",\n UseMicrosoftGraphApi = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/azure\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azure.NewBackend(ctx, \"azure\", \u0026azure.BackendArgs{\n\t\t\tClientId: pulumi.String(\"11111111-2222-3333-4444-333333333333\"),\n\t\t\tClientSecret: pulumi.String(\"12345678901234567890\"),\n\t\t\tEnvironment: pulumi.String(\"AzurePublicCloud\"),\n\t\t\tSubscriptionId: pulumi.String(\"11111111-2222-3333-4444-111111111111\"),\n\t\t\tTenantId: pulumi.String(\"11111111-2222-3333-4444-222222222222\"),\n\t\t\tUseMicrosoftGraphApi: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.azure.Backend;\nimport com.pulumi.vault.azure.BackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var azure = new Backend(\"azure\", BackendArgs.builder() \n .clientId(\"11111111-2222-3333-4444-333333333333\")\n .clientSecret(\"12345678901234567890\")\n .environment(\"AzurePublicCloud\")\n .subscriptionId(\"11111111-2222-3333-4444-111111111111\")\n .tenantId(\"11111111-2222-3333-4444-222222222222\")\n .useMicrosoftGraphApi(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n azure:\n type: vault:azure:Backend\n properties:\n clientId: 11111111-2222-3333-4444-333333333333\n clientSecret: '12345678901234567890'\n environment: AzurePublicCloud\n subscriptionId: 11111111-2222-3333-4444-111111111111\n tenantId: 11111111-2222-3333-4444-222222222222\n useMicrosoftGraphApi: true\n```\n\n{{% /example %}}\n{{% example %}}\n### *Vault-1.8 And Below*\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst azure = new vault.azure.Backend(\"azure\", {\n clientId: \"11111111-2222-3333-4444-333333333333\",\n clientSecret: \"12345678901234567890\",\n environment: \"AzurePublicCloud\",\n subscriptionId: \"11111111-2222-3333-4444-111111111111\",\n tenantId: \"11111111-2222-3333-4444-222222222222\",\n useMicrosoftGraphApi: false,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nazure = vault.azure.Backend(\"azure\",\n client_id=\"11111111-2222-3333-4444-333333333333\",\n client_secret=\"12345678901234567890\",\n environment=\"AzurePublicCloud\",\n subscription_id=\"11111111-2222-3333-4444-111111111111\",\n tenant_id=\"11111111-2222-3333-4444-222222222222\",\n use_microsoft_graph_api=False)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var azure = new Vault.Azure.Backend(\"azure\", new()\n {\n ClientId = \"11111111-2222-3333-4444-333333333333\",\n ClientSecret = \"12345678901234567890\",\n Environment = \"AzurePublicCloud\",\n SubscriptionId = \"11111111-2222-3333-4444-111111111111\",\n TenantId = \"11111111-2222-3333-4444-222222222222\",\n UseMicrosoftGraphApi = false,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/azure\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azure.NewBackend(ctx, \"azure\", \u0026azure.BackendArgs{\n\t\t\tClientId: pulumi.String(\"11111111-2222-3333-4444-333333333333\"),\n\t\t\tClientSecret: pulumi.String(\"12345678901234567890\"),\n\t\t\tEnvironment: pulumi.String(\"AzurePublicCloud\"),\n\t\t\tSubscriptionId: pulumi.String(\"11111111-2222-3333-4444-111111111111\"),\n\t\t\tTenantId: pulumi.String(\"11111111-2222-3333-4444-222222222222\"),\n\t\t\tUseMicrosoftGraphApi: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.azure.Backend;\nimport com.pulumi.vault.azure.BackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var azure = new Backend(\"azure\", BackendArgs.builder() \n .clientId(\"11111111-2222-3333-4444-333333333333\")\n .clientSecret(\"12345678901234567890\")\n .environment(\"AzurePublicCloud\")\n .subscriptionId(\"11111111-2222-3333-4444-111111111111\")\n .tenantId(\"11111111-2222-3333-4444-222222222222\")\n .useMicrosoftGraphApi(false)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n azure:\n type: vault:azure:Backend\n properties:\n clientId: 11111111-2222-3333-4444-333333333333\n clientSecret: '12345678901234567890'\n environment: AzurePublicCloud\n subscriptionId: 11111111-2222-3333-4444-111111111111\n tenantId: 11111111-2222-3333-4444-222222222222\n useMicrosoftGraphApi: false\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "clientId": { "type": "string", - "description": "- The OAuth2 client id to connect to Azure.\n", + "description": "The OAuth2 client id to connect to Azure.\n", "secret": true }, "clientSecret": { "type": "string", - "description": "- The OAuth2 client secret to connect to Azure.\n", + "description": "The OAuth2 client secret to connect to Azure.\n", "secret": true }, "description": { @@ -11220,7 +8349,7 @@ }, "environment": { "type": "string", - "description": "- The Azure environment.\n" + "description": "The Azure environment.\n" }, "namespace": { "type": "string", @@ -11228,21 +8357,21 @@ }, "path": { "type": "string", - "description": "- The unique path this backend should be mounted at. Defaults to `azure`.\n" + "description": "The unique path this backend should be mounted at. Defaults to `azure`.\n" }, "subscriptionId": { "type": "string", - "description": "- The subscription id for the Azure Active Directory.\n", + "description": "The subscription id for the Azure Active Directory.\n", "secret": true }, "tenantId": { "type": "string", - "description": "- The tenant id for the Azure Active Directory.\n", + "description": "The tenant id for the Azure Active Directory.\n", "secret": true }, "useMicrosoftGraphApi": { "type": "boolean", - "description": "- Indicates whether the secrets engine should use \nthe Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`.\nFor more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api)\n" + "description": "Indicates whether the secrets engine should use \nthe Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`.\nFor more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api)\n" } }, "required": [ @@ -11253,12 +8382,12 @@ "inputProperties": { "clientId": { "type": "string", - "description": "- The OAuth2 client id to connect to Azure.\n", + "description": "The OAuth2 client id to connect to Azure.\n", "secret": true }, "clientSecret": { "type": "string", - "description": "- The OAuth2 client secret to connect to Azure.\n", + "description": "The OAuth2 client secret to connect to Azure.\n", "secret": true }, "description": { @@ -11271,7 +8400,7 @@ }, "environment": { "type": "string", - "description": "- The Azure environment.\n" + "description": "The Azure environment.\n" }, "namespace": { "type": "string", @@ -11280,22 +8409,22 @@ }, "path": { "type": "string", - "description": "- The unique path this backend should be mounted at. Defaults to `azure`.\n" + "description": "The unique path this backend should be mounted at. Defaults to `azure`.\n" }, "subscriptionId": { "type": "string", - "description": "- The subscription id for the Azure Active Directory.\n", + "description": "The subscription id for the Azure Active Directory.\n", "secret": true, "willReplaceOnChanges": true }, "tenantId": { "type": "string", - "description": "- The tenant id for the Azure Active Directory.\n", + "description": "The tenant id for the Azure Active Directory.\n", "secret": true }, "useMicrosoftGraphApi": { "type": "boolean", - "description": "- Indicates whether the secrets engine should use \nthe Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`.\nFor more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api)\n" + "description": "Indicates whether the secrets engine should use \nthe Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`.\nFor more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api)\n" } }, "requiredInputs": [ @@ -11307,12 +8436,12 @@ "properties": { "clientId": { "type": "string", - "description": "- The OAuth2 client id to connect to Azure.\n", + "description": "The OAuth2 client id to connect to Azure.\n", "secret": true }, "clientSecret": { "type": "string", - "description": "- The OAuth2 client secret to connect to Azure.\n", + "description": "The OAuth2 client secret to connect to Azure.\n", "secret": true }, "description": { @@ -11325,7 +8454,7 @@ }, "environment": { "type": "string", - "description": "- The Azure environment.\n" + "description": "The Azure environment.\n" }, "namespace": { "type": "string", @@ -11334,29 +8463,29 @@ }, "path": { "type": "string", - "description": "- The unique path this backend should be mounted at. Defaults to `azure`.\n" + "description": "The unique path this backend should be mounted at. Defaults to `azure`.\n" }, "subscriptionId": { "type": "string", - "description": "- The subscription id for the Azure Active Directory.\n", + "description": "The subscription id for the Azure Active Directory.\n", "secret": true, "willReplaceOnChanges": true }, "tenantId": { "type": "string", - "description": "- The tenant id for the Azure Active Directory.\n", + "description": "The tenant id for the Azure Active Directory.\n", "secret": true }, "useMicrosoftGraphApi": { "type": "boolean", - "description": "- Indicates whether the secrets engine should use \nthe Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`.\nFor more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api)\n" + "description": "Indicates whether the secrets engine should use \nthe Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`.\nFor more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api)\n" } }, "type": "object" } }, "vault:azure/backendRole:BackendRole": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst azure = new vault.azure.Backend(\"azure\", {\n subscriptionId: _var.subscription_id,\n tenantId: _var.tenant_id,\n clientSecret: _var.client_secret,\n clientId: _var.client_id,\n});\nconst generatedRole = new vault.azure.BackendRole(\"generatedRole\", {\n backend: azure.path,\n role: \"generated_role\",\n ttl: \"300\",\n maxTtl: \"600\",\n azureRoles: [{\n roleName: \"Reader\",\n scope: `/subscriptions/${_var.subscription_id}/resourceGroups/azure-vault-group`,\n }],\n});\nconst existingObjectId = new vault.azure.BackendRole(\"existingObjectId\", {\n backend: azure.path,\n role: \"existing_object_id\",\n applicationObjectId: \"11111111-2222-3333-4444-44444444444\",\n ttl: \"300\",\n maxTtl: \"600\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nazure = vault.azure.Backend(\"azure\",\n subscription_id=var[\"subscription_id\"],\n tenant_id=var[\"tenant_id\"],\n client_secret=var[\"client_secret\"],\n client_id=var[\"client_id\"])\ngenerated_role = vault.azure.BackendRole(\"generatedRole\",\n backend=azure.path,\n role=\"generated_role\",\n ttl=\"300\",\n max_ttl=\"600\",\n azure_roles=[vault.azure.BackendRoleAzureRoleArgs(\n role_name=\"Reader\",\n scope=f\"/subscriptions/{var['subscription_id']}/resourceGroups/azure-vault-group\",\n )])\nexisting_object_id = vault.azure.BackendRole(\"existingObjectId\",\n backend=azure.path,\n role=\"existing_object_id\",\n application_object_id=\"11111111-2222-3333-4444-44444444444\",\n ttl=\"300\",\n max_ttl=\"600\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var azure = new Vault.Azure.Backend(\"azure\", new()\n {\n SubscriptionId = @var.Subscription_id,\n TenantId = @var.Tenant_id,\n ClientSecret = @var.Client_secret,\n ClientId = @var.Client_id,\n });\n\n var generatedRole = new Vault.Azure.BackendRole(\"generatedRole\", new()\n {\n Backend = azure.Path,\n Role = \"generated_role\",\n Ttl = \"300\",\n MaxTtl = \"600\",\n AzureRoles = new[]\n {\n new Vault.Azure.Inputs.BackendRoleAzureRoleArgs\n {\n RoleName = \"Reader\",\n Scope = $\"/subscriptions/{@var.Subscription_id}/resourceGroups/azure-vault-group\",\n },\n },\n });\n\n var existingObjectId = new Vault.Azure.BackendRole(\"existingObjectId\", new()\n {\n Backend = azure.Path,\n Role = \"existing_object_id\",\n ApplicationObjectId = \"11111111-2222-3333-4444-44444444444\",\n Ttl = \"300\",\n MaxTtl = \"600\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/azure\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tazure, err := azure.NewBackend(ctx, \"azure\", \u0026azure.BackendArgs{\n\t\t\tSubscriptionId: pulumi.Any(_var.Subscription_id),\n\t\t\tTenantId: pulumi.Any(_var.Tenant_id),\n\t\t\tClientSecret: pulumi.Any(_var.Client_secret),\n\t\t\tClientId: pulumi.Any(_var.Client_id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azure.NewBackendRole(ctx, \"generatedRole\", \u0026azure.BackendRoleArgs{\n\t\t\tBackend: azure.Path,\n\t\t\tRole: pulumi.String(\"generated_role\"),\n\t\t\tTtl: pulumi.String(\"300\"),\n\t\t\tMaxTtl: pulumi.String(\"600\"),\n\t\t\tAzureRoles: azure.BackendRoleAzureRoleArray{\n\t\t\t\t\u0026azure.BackendRoleAzureRoleArgs{\n\t\t\t\t\tRoleName: pulumi.String(\"Reader\"),\n\t\t\t\t\tScope: pulumi.String(fmt.Sprintf(\"/subscriptions/%v/resourceGroups/azure-vault-group\", _var.Subscription_id)),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azure.NewBackendRole(ctx, \"existingObjectId\", \u0026azure.BackendRoleArgs{\n\t\t\tBackend: azure.Path,\n\t\t\tRole: pulumi.String(\"existing_object_id\"),\n\t\t\tApplicationObjectId: pulumi.String(\"11111111-2222-3333-4444-44444444444\"),\n\t\t\tTtl: pulumi.String(\"300\"),\n\t\t\tMaxTtl: pulumi.String(\"600\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.azure.Backend;\nimport com.pulumi.vault.azure.BackendArgs;\nimport com.pulumi.vault.azure.BackendRole;\nimport com.pulumi.vault.azure.BackendRoleArgs;\nimport com.pulumi.vault.azure.inputs.BackendRoleAzureRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var azure = new Backend(\"azure\", BackendArgs.builder() \n .subscriptionId(var_.subscription_id())\n .tenantId(var_.tenant_id())\n .clientSecret(var_.client_secret())\n .clientId(var_.client_id())\n .build());\n\n var generatedRole = new BackendRole(\"generatedRole\", BackendRoleArgs.builder() \n .backend(azure.path())\n .role(\"generated_role\")\n .ttl(300)\n .maxTtl(600)\n .azureRoles(BackendRoleAzureRoleArgs.builder()\n .roleName(\"Reader\")\n .scope(String.format(\"/subscriptions/%s/resourceGroups/azure-vault-group\", var_.subscription_id()))\n .build())\n .build());\n\n var existingObjectId = new BackendRole(\"existingObjectId\", BackendRoleArgs.builder() \n .backend(azure.path())\n .role(\"existing_object_id\")\n .applicationObjectId(\"11111111-2222-3333-4444-44444444444\")\n .ttl(300)\n .maxTtl(600)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n azure:\n type: vault:azure:Backend\n properties:\n subscriptionId: ${var.subscription_id}\n tenantId: ${var.tenant_id}\n clientSecret: ${var.client_secret}\n clientId: ${var.client_id}\n generatedRole:\n type: vault:azure:BackendRole\n properties:\n backend: ${azure.path}\n role: generated_role\n ttl: 300\n maxTtl: 600\n azureRoles:\n - roleName: Reader\n scope: /subscriptions/${var.subscription_id}/resourceGroups/azure-vault-group\n existingObjectId:\n type: vault:azure:BackendRole\n properties:\n backend: ${azure.path}\n role: existing_object_id\n applicationObjectId: 11111111-2222-3333-4444-44444444444\n ttl: 300\n maxTtl: 600\n```\n{{% /example %}}\n{{% /examples %}}", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst azure = new vault.azure.Backend(\"azure\", {\n subscriptionId: _var.subscription_id,\n tenantId: _var.tenant_id,\n clientSecret: _var.client_secret,\n clientId: _var.client_id,\n});\nconst generatedRole = new vault.azure.BackendRole(\"generatedRole\", {\n backend: azure.path,\n role: \"generated_role\",\n ttl: \"300\",\n maxTtl: \"600\",\n azureRoles: [{\n roleName: \"Reader\",\n scope: `/subscriptions/${_var.subscription_id}/resourceGroups/azure-vault-group`,\n }],\n});\nconst existingObjectId = new vault.azure.BackendRole(\"existingObjectId\", {\n backend: azure.path,\n role: \"existing_object_id\",\n applicationObjectId: \"11111111-2222-3333-4444-44444444444\",\n ttl: \"300\",\n maxTtl: \"600\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nazure = vault.azure.Backend(\"azure\",\n subscription_id=var[\"subscription_id\"],\n tenant_id=var[\"tenant_id\"],\n client_secret=var[\"client_secret\"],\n client_id=var[\"client_id\"])\ngenerated_role = vault.azure.BackendRole(\"generatedRole\",\n backend=azure.path,\n role=\"generated_role\",\n ttl=\"300\",\n max_ttl=\"600\",\n azure_roles=[vault.azure.BackendRoleAzureRoleArgs(\n role_name=\"Reader\",\n scope=f\"/subscriptions/{var['subscription_id']}/resourceGroups/azure-vault-group\",\n )])\nexisting_object_id = vault.azure.BackendRole(\"existingObjectId\",\n backend=azure.path,\n role=\"existing_object_id\",\n application_object_id=\"11111111-2222-3333-4444-44444444444\",\n ttl=\"300\",\n max_ttl=\"600\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var azure = new Vault.Azure.Backend(\"azure\", new()\n {\n SubscriptionId = @var.Subscription_id,\n TenantId = @var.Tenant_id,\n ClientSecret = @var.Client_secret,\n ClientId = @var.Client_id,\n });\n\n var generatedRole = new Vault.Azure.BackendRole(\"generatedRole\", new()\n {\n Backend = azure.Path,\n Role = \"generated_role\",\n Ttl = \"300\",\n MaxTtl = \"600\",\n AzureRoles = new[]\n {\n new Vault.Azure.Inputs.BackendRoleAzureRoleArgs\n {\n RoleName = \"Reader\",\n Scope = $\"/subscriptions/{@var.Subscription_id}/resourceGroups/azure-vault-group\",\n },\n },\n });\n\n var existingObjectId = new Vault.Azure.BackendRole(\"existingObjectId\", new()\n {\n Backend = azure.Path,\n Role = \"existing_object_id\",\n ApplicationObjectId = \"11111111-2222-3333-4444-44444444444\",\n Ttl = \"300\",\n MaxTtl = \"600\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/azure\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tazure, err := azure.NewBackend(ctx, \"azure\", \u0026azure.BackendArgs{\n\t\t\tSubscriptionId: pulumi.Any(_var.Subscription_id),\n\t\t\tTenantId: pulumi.Any(_var.Tenant_id),\n\t\t\tClientSecret: pulumi.Any(_var.Client_secret),\n\t\t\tClientId: pulumi.Any(_var.Client_id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azure.NewBackendRole(ctx, \"generatedRole\", \u0026azure.BackendRoleArgs{\n\t\t\tBackend: azure.Path,\n\t\t\tRole: pulumi.String(\"generated_role\"),\n\t\t\tTtl: pulumi.String(\"300\"),\n\t\t\tMaxTtl: pulumi.String(\"600\"),\n\t\t\tAzureRoles: azure.BackendRoleAzureRoleArray{\n\t\t\t\t\u0026azure.BackendRoleAzureRoleArgs{\n\t\t\t\t\tRoleName: pulumi.String(\"Reader\"),\n\t\t\t\t\tScope: pulumi.String(fmt.Sprintf(\"/subscriptions/%v/resourceGroups/azure-vault-group\", _var.Subscription_id)),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = azure.NewBackendRole(ctx, \"existingObjectId\", \u0026azure.BackendRoleArgs{\n\t\t\tBackend: azure.Path,\n\t\t\tRole: pulumi.String(\"existing_object_id\"),\n\t\t\tApplicationObjectId: pulumi.String(\"11111111-2222-3333-4444-44444444444\"),\n\t\t\tTtl: pulumi.String(\"300\"),\n\t\t\tMaxTtl: pulumi.String(\"600\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.azure.Backend;\nimport com.pulumi.vault.azure.BackendArgs;\nimport com.pulumi.vault.azure.BackendRole;\nimport com.pulumi.vault.azure.BackendRoleArgs;\nimport com.pulumi.vault.azure.inputs.BackendRoleAzureRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var azure = new Backend(\"azure\", BackendArgs.builder() \n .subscriptionId(var_.subscription_id())\n .tenantId(var_.tenant_id())\n .clientSecret(var_.client_secret())\n .clientId(var_.client_id())\n .build());\n\n var generatedRole = new BackendRole(\"generatedRole\", BackendRoleArgs.builder() \n .backend(azure.path())\n .role(\"generated_role\")\n .ttl(300)\n .maxTtl(600)\n .azureRoles(BackendRoleAzureRoleArgs.builder()\n .roleName(\"Reader\")\n .scope(String.format(\"/subscriptions/%s/resourceGroups/azure-vault-group\", var_.subscription_id()))\n .build())\n .build());\n\n var existingObjectId = new BackendRole(\"existingObjectId\", BackendRoleArgs.builder() \n .backend(azure.path())\n .role(\"existing_object_id\")\n .applicationObjectId(\"11111111-2222-3333-4444-44444444444\")\n .ttl(300)\n .maxTtl(600)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n azure:\n type: vault:azure:Backend\n properties:\n subscriptionId: ${var.subscription_id}\n tenantId: ${var.tenant_id}\n clientSecret: ${var.client_secret}\n clientId: ${var.client_id}\n generatedRole:\n type: vault:azure:BackendRole\n properties:\n backend: ${azure.path}\n role: generated_role\n ttl: 300\n maxTtl: 600\n azureRoles:\n - roleName: Reader\n scope: /subscriptions/${var.subscription_id}/resourceGroups/azure-vault-group\n existingObjectId:\n type: vault:azure:BackendRole\n properties:\n backend: ${azure.path}\n role: existing_object_id\n applicationObjectId: 11111111-2222-3333-4444-44444444444\n ttl: 300\n maxTtl: 600\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "applicationObjectId": { "type": "string", @@ -11520,7 +8649,7 @@ } }, "vault:consul/secretBackend:SecretBackend": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n### Creating a standard backend resource:\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst test = new vault.consul.SecretBackend(\"test\", {\n address: \"127.0.0.1:8500\",\n description: \"Manages the Consul backend\",\n path: \"consul\",\n token: \"4240861b-ce3d-8530-115a-521ff070dd29\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest = vault.consul.SecretBackend(\"test\",\n address=\"127.0.0.1:8500\",\n description=\"Manages the Consul backend\",\n path=\"consul\",\n token=\"4240861b-ce3d-8530-115a-521ff070dd29\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Vault.Consul.SecretBackend(\"test\", new()\n {\n Address = \"127.0.0.1:8500\",\n Description = \"Manages the Consul backend\",\n Path = \"consul\",\n Token = \"4240861b-ce3d-8530-115a-521ff070dd29\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/consul\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := consul.NewSecretBackend(ctx, \"test\", \u0026consul.SecretBackendArgs{\n\t\t\tAddress: pulumi.String(\"127.0.0.1:8500\"),\n\t\t\tDescription: pulumi.String(\"Manages the Consul backend\"),\n\t\t\tPath: pulumi.String(\"consul\"),\n\t\t\tToken: pulumi.String(\"4240861b-ce3d-8530-115a-521ff070dd29\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.consul.SecretBackend;\nimport com.pulumi.vault.consul.SecretBackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new SecretBackend(\"test\", SecretBackendArgs.builder() \n .address(\"127.0.0.1:8500\")\n .description(\"Manages the Consul backend\")\n .path(\"consul\")\n .token(\"4240861b-ce3d-8530-115a-521ff070dd29\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: vault:consul:SecretBackend\n properties:\n address: 127.0.0.1:8500\n description: Manages the Consul backend\n path: consul\n token: 4240861b-ce3d-8530-115a-521ff070dd29\n```\n{{% /example %}}\n{{% example %}}\n### Creating a backend resource to bootstrap a new Consul instance:\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst test = new vault.consul.SecretBackend(\"test\", {\n address: \"127.0.0.1:8500\",\n bootstrap: true,\n description: \"Bootstrap the Consul backend\",\n path: \"consul\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest = vault.consul.SecretBackend(\"test\",\n address=\"127.0.0.1:8500\",\n bootstrap=True,\n description=\"Bootstrap the Consul backend\",\n path=\"consul\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Vault.Consul.SecretBackend(\"test\", new()\n {\n Address = \"127.0.0.1:8500\",\n Bootstrap = true,\n Description = \"Bootstrap the Consul backend\",\n Path = \"consul\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/consul\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := consul.NewSecretBackend(ctx, \"test\", \u0026consul.SecretBackendArgs{\n\t\t\tAddress: pulumi.String(\"127.0.0.1:8500\"),\n\t\t\tBootstrap: pulumi.Bool(true),\n\t\t\tDescription: pulumi.String(\"Bootstrap the Consul backend\"),\n\t\t\tPath: pulumi.String(\"consul\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.consul.SecretBackend;\nimport com.pulumi.vault.consul.SecretBackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new SecretBackend(\"test\", SecretBackendArgs.builder() \n .address(\"127.0.0.1:8500\")\n .bootstrap(true)\n .description(\"Bootstrap the Consul backend\")\n .path(\"consul\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: vault:consul:SecretBackend\n properties:\n address: 127.0.0.1:8500\n bootstrap: true\n description: Bootstrap the Consul backend\n path: consul\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nConsul secret backends can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:consul/secretBackend:SecretBackend example consul\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n### Creating a standard backend resource:\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst test = new vault.consul.SecretBackend(\"test\", {\n address: \"127.0.0.1:8500\",\n description: \"Manages the Consul backend\",\n path: \"consul\",\n token: \"4240861b-ce3d-8530-115a-521ff070dd29\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest = vault.consul.SecretBackend(\"test\",\n address=\"127.0.0.1:8500\",\n description=\"Manages the Consul backend\",\n path=\"consul\",\n token=\"4240861b-ce3d-8530-115a-521ff070dd29\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Vault.Consul.SecretBackend(\"test\", new()\n {\n Address = \"127.0.0.1:8500\",\n Description = \"Manages the Consul backend\",\n Path = \"consul\",\n Token = \"4240861b-ce3d-8530-115a-521ff070dd29\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/consul\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := consul.NewSecretBackend(ctx, \"test\", \u0026consul.SecretBackendArgs{\n\t\t\tAddress: pulumi.String(\"127.0.0.1:8500\"),\n\t\t\tDescription: pulumi.String(\"Manages the Consul backend\"),\n\t\t\tPath: pulumi.String(\"consul\"),\n\t\t\tToken: pulumi.String(\"4240861b-ce3d-8530-115a-521ff070dd29\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.consul.SecretBackend;\nimport com.pulumi.vault.consul.SecretBackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new SecretBackend(\"test\", SecretBackendArgs.builder() \n .address(\"127.0.0.1:8500\")\n .description(\"Manages the Consul backend\")\n .path(\"consul\")\n .token(\"4240861b-ce3d-8530-115a-521ff070dd29\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: vault:consul:SecretBackend\n properties:\n address: 127.0.0.1:8500\n description: Manages the Consul backend\n path: consul\n token: 4240861b-ce3d-8530-115a-521ff070dd29\n```\n{{% /example %}}\n{{% example %}}\n### Creating a backend resource to bootstrap a new Consul instance:\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst test = new vault.consul.SecretBackend(\"test\", {\n address: \"127.0.0.1:8500\",\n bootstrap: true,\n description: \"Bootstrap the Consul backend\",\n path: \"consul\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest = vault.consul.SecretBackend(\"test\",\n address=\"127.0.0.1:8500\",\n bootstrap=True,\n description=\"Bootstrap the Consul backend\",\n path=\"consul\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Vault.Consul.SecretBackend(\"test\", new()\n {\n Address = \"127.0.0.1:8500\",\n Bootstrap = true,\n Description = \"Bootstrap the Consul backend\",\n Path = \"consul\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/consul\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := consul.NewSecretBackend(ctx, \"test\", \u0026consul.SecretBackendArgs{\n\t\t\tAddress: pulumi.String(\"127.0.0.1:8500\"),\n\t\t\tBootstrap: pulumi.Bool(true),\n\t\t\tDescription: pulumi.String(\"Bootstrap the Consul backend\"),\n\t\t\tPath: pulumi.String(\"consul\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.consul.SecretBackend;\nimport com.pulumi.vault.consul.SecretBackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new SecretBackend(\"test\", SecretBackendArgs.builder() \n .address(\"127.0.0.1:8500\")\n .bootstrap(true)\n .description(\"Bootstrap the Consul backend\")\n .path(\"consul\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: vault:consul:SecretBackend\n properties:\n address: 127.0.0.1:8500\n bootstrap: true\n description: Bootstrap the Consul backend\n path: consul\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nConsul secret backends can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:consul/secretBackend:SecretBackend example consul\n```\n ", "properties": { "address": { "type": "string", @@ -11528,7 +8657,7 @@ }, "bootstrap": { "type": "boolean", - "description": "Denotes that the resource is used to bootstrap the Consul ACL system.\n" + "description": "Denotes that the resource is used to bootstrap the Consul ACL system.\n\n\u003e **Important** When `bootstrap` is true, Vault will attempt to bootstrap the Consul server. The token returned from\nthis operation will only ever be known to Vault. If the resource is ever destroyed, the bootstrap token will be lost\nand a [Consul reset may be required.](https://learn.hashicorp.com/tutorials/consul/access-control-troubleshoot#reset-the-acl-system)\n" }, "caCert": { "type": "string", @@ -11578,7 +8707,7 @@ }, "token": { "type": "string", - "description": "The Consul management token this backend should use to issue new tokens. This field is required\nwhen `bootstrap` is false.\n", + "description": "Specifies the Consul token to use when managing or issuing new tokens.\n", "secret": true } }, @@ -11592,7 +8721,7 @@ }, "bootstrap": { "type": "boolean", - "description": "Denotes that the resource is used to bootstrap the Consul ACL system.\n" + "description": "Denotes that the resource is used to bootstrap the Consul ACL system.\n\n\u003e **Important** When `bootstrap` is true, Vault will attempt to bootstrap the Consul server. The token returned from\nthis operation will only ever be known to Vault. If the resource is ever destroyed, the bootstrap token will be lost\nand a [Consul reset may be required.](https://learn.hashicorp.com/tutorials/consul/access-control-troubleshoot#reset-the-acl-system)\n" }, "caCert": { "type": "string", @@ -11644,7 +8773,7 @@ }, "token": { "type": "string", - "description": "The Consul management token this backend should use to issue new tokens. This field is required\nwhen `bootstrap` is false.\n", + "description": "Specifies the Consul token to use when managing or issuing new tokens.\n", "secret": true } }, @@ -11660,7 +8789,7 @@ }, "bootstrap": { "type": "boolean", - "description": "Denotes that the resource is used to bootstrap the Consul ACL system.\n" + "description": "Denotes that the resource is used to bootstrap the Consul ACL system.\n\n\u003e **Important** When `bootstrap` is true, Vault will attempt to bootstrap the Consul server. The token returned from\nthis operation will only ever be known to Vault. If the resource is ever destroyed, the bootstrap token will be lost\nand a [Consul reset may be required.](https://learn.hashicorp.com/tutorials/consul/access-control-troubleshoot#reset-the-acl-system)\n" }, "caCert": { "type": "string", @@ -11712,7 +8841,7 @@ }, "token": { "type": "string", - "description": "The Consul management token this backend should use to issue new tokens. This field is required\nwhen `bootstrap` is false.\n", + "description": "Specifies the Consul token to use when managing or issuing new tokens.\n", "secret": true } }, @@ -11720,7 +8849,7 @@ } }, "vault:consul/secretBackendRole:SecretBackendRole": { - "description": "Manages a Consul secrets role for a Consul secrets engine in Vault. Consul secret backends can then issue Consul tokens.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst test = new vault.consul.SecretBackend(\"test\", {\n path: \"consul\",\n description: \"Manages the Consul backend\",\n address: \"127.0.0.1:8500\",\n token: \"4240861b-ce3d-8530-115a-521ff070dd29\",\n});\nconst example = new vault.consul.SecretBackendRole(\"example\", {\n backend: test.path,\n consulPolicies: [\"example-policy\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest = vault.consul.SecretBackend(\"test\",\n path=\"consul\",\n description=\"Manages the Consul backend\",\n address=\"127.0.0.1:8500\",\n token=\"4240861b-ce3d-8530-115a-521ff070dd29\")\nexample = vault.consul.SecretBackendRole(\"example\",\n backend=test.path,\n consul_policies=[\"example-policy\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Vault.Consul.SecretBackend(\"test\", new()\n {\n Path = \"consul\",\n Description = \"Manages the Consul backend\",\n Address = \"127.0.0.1:8500\",\n Token = \"4240861b-ce3d-8530-115a-521ff070dd29\",\n });\n\n var example = new Vault.Consul.SecretBackendRole(\"example\", new()\n {\n Backend = test.Path,\n ConsulPolicies = new[]\n {\n \"example-policy\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/consul\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := consul.NewSecretBackend(ctx, \"test\", \u0026consul.SecretBackendArgs{\n\t\t\tPath: pulumi.String(\"consul\"),\n\t\t\tDescription: pulumi.String(\"Manages the Consul backend\"),\n\t\t\tAddress: pulumi.String(\"127.0.0.1:8500\"),\n\t\t\tToken: pulumi.String(\"4240861b-ce3d-8530-115a-521ff070dd29\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = consul.NewSecretBackendRole(ctx, \"example\", \u0026consul.SecretBackendRoleArgs{\n\t\t\tBackend: test.Path,\n\t\t\tConsulPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"example-policy\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.consul.SecretBackend;\nimport com.pulumi.vault.consul.SecretBackendArgs;\nimport com.pulumi.vault.consul.SecretBackendRole;\nimport com.pulumi.vault.consul.SecretBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new SecretBackend(\"test\", SecretBackendArgs.builder() \n .path(\"consul\")\n .description(\"Manages the Consul backend\")\n .address(\"127.0.0.1:8500\")\n .token(\"4240861b-ce3d-8530-115a-521ff070dd29\")\n .build());\n\n var example = new SecretBackendRole(\"example\", SecretBackendRoleArgs.builder() \n .backend(test.path())\n .consulPolicies(\"example-policy\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: vault:consul:SecretBackend\n properties:\n path: consul\n description: Manages the Consul backend\n address: 127.0.0.1:8500\n token: 4240861b-ce3d-8530-115a-521ff070dd29\n example:\n type: vault:consul:SecretBackendRole\n properties:\n backend: ${test.path}\n consulPolicies:\n - example-policy\n```\n{{% /example %}}\n{{% /examples %}}\n## Note About Required Arguments\n\n*At least one* of the four arguments `consul_policies`, `consul_roles`, `service_identities`, or\n`node_identities` is required for a token. If desired, any combination of the four arguments up-to and\nincluding all four, is valid.\n\n\n## Import\n\nConsul secret backend roles can be imported using the `backend`, `/roles/`, and the `name` e.g.\n\n```sh\n $ pulumi import vault:consul/secretBackendRole:SecretBackendRole example consul/roles/my-role\n```\n\n ", + "description": "Manages a Consul secrets role for a Consul secrets engine in Vault. Consul secret backends can then issue Consul tokens.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst test = new vault.consul.SecretBackend(\"test\", {\n path: \"consul\",\n description: \"Manages the Consul backend\",\n address: \"127.0.0.1:8500\",\n token: \"4240861b-ce3d-8530-115a-521ff070dd29\",\n});\nconst example = new vault.consul.SecretBackendRole(\"example\", {\n backend: test.path,\n consulPolicies: [\"example-policy\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest = vault.consul.SecretBackend(\"test\",\n path=\"consul\",\n description=\"Manages the Consul backend\",\n address=\"127.0.0.1:8500\",\n token=\"4240861b-ce3d-8530-115a-521ff070dd29\")\nexample = vault.consul.SecretBackendRole(\"example\",\n backend=test.path,\n consul_policies=[\"example-policy\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Vault.Consul.SecretBackend(\"test\", new()\n {\n Path = \"consul\",\n Description = \"Manages the Consul backend\",\n Address = \"127.0.0.1:8500\",\n Token = \"4240861b-ce3d-8530-115a-521ff070dd29\",\n });\n\n var example = new Vault.Consul.SecretBackendRole(\"example\", new()\n {\n Backend = test.Path,\n ConsulPolicies = new[]\n {\n \"example-policy\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/consul\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := consul.NewSecretBackend(ctx, \"test\", \u0026consul.SecretBackendArgs{\n\t\t\tPath: pulumi.String(\"consul\"),\n\t\t\tDescription: pulumi.String(\"Manages the Consul backend\"),\n\t\t\tAddress: pulumi.String(\"127.0.0.1:8500\"),\n\t\t\tToken: pulumi.String(\"4240861b-ce3d-8530-115a-521ff070dd29\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = consul.NewSecretBackendRole(ctx, \"example\", \u0026consul.SecretBackendRoleArgs{\n\t\t\tBackend: test.Path,\n\t\t\tConsulPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"example-policy\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.consul.SecretBackend;\nimport com.pulumi.vault.consul.SecretBackendArgs;\nimport com.pulumi.vault.consul.SecretBackendRole;\nimport com.pulumi.vault.consul.SecretBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new SecretBackend(\"test\", SecretBackendArgs.builder() \n .path(\"consul\")\n .description(\"Manages the Consul backend\")\n .address(\"127.0.0.1:8500\")\n .token(\"4240861b-ce3d-8530-115a-521ff070dd29\")\n .build());\n\n var example = new SecretBackendRole(\"example\", SecretBackendRoleArgs.builder() \n .backend(test.path())\n .consulPolicies(\"example-policy\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: vault:consul:SecretBackend\n properties:\n path: consul\n description: Manages the Consul backend\n address: 127.0.0.1:8500\n token: 4240861b-ce3d-8530-115a-521ff070dd29\n example:\n type: vault:consul:SecretBackendRole\n properties:\n backend: ${test.path}\n consulPolicies:\n - example-policy\n```\n{{% /example %}}\n{{% /examples %}}\n## Note About Required Arguments\n\n*At least one* of the four arguments `consul_policies`, `consul_roles`, `service_identities`, or\n`node_identities` is required for a token. If desired, any combination of the four arguments up-to and\nincluding all four, is valid.\n\n\n## Import\n\nConsul secret backend roles can be imported using the `backend`, `/roles/`, and the `name` e.g.\n\n```sh\n $ pulumi import vault:consul/secretBackendRole:SecretBackendRole example consul/roles/my-role\n```\n ", "properties": { "backend": { "type": "string", @@ -11960,7 +9089,7 @@ } }, "vault:database/secretBackendConnection:SecretBackendConnection": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst db = new vault.Mount(\"db\", {\n path: \"postgres\",\n type: \"database\",\n});\nconst postgres = new vault.database.SecretBackendConnection(\"postgres\", {\n backend: db.path,\n allowedRoles: [\n \"dev\",\n \"prod\",\n ],\n postgresql: {\n connectionUrl: \"postgres://username:password@host:port/database\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ndb = vault.Mount(\"db\",\n path=\"postgres\",\n type=\"database\")\npostgres = vault.database.SecretBackendConnection(\"postgres\",\n backend=db.path,\n allowed_roles=[\n \"dev\",\n \"prod\",\n ],\n postgresql=vault.database.SecretBackendConnectionPostgresqlArgs(\n connection_url=\"postgres://username:password@host:port/database\",\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var db = new Vault.Mount(\"db\", new()\n {\n Path = \"postgres\",\n Type = \"database\",\n });\n\n var postgres = new Vault.Database.SecretBackendConnection(\"postgres\", new()\n {\n Backend = db.Path,\n AllowedRoles = new[]\n {\n \"dev\",\n \"prod\",\n },\n Postgresql = new Vault.Database.Inputs.SecretBackendConnectionPostgresqlArgs\n {\n ConnectionUrl = \"postgres://username:password@host:port/database\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/database\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdb, err := vault.NewMount(ctx, \"db\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"postgres\"),\n\t\t\tType: pulumi.String(\"database\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = database.NewSecretBackendConnection(ctx, \"postgres\", \u0026database.SecretBackendConnectionArgs{\n\t\t\tBackend: db.Path,\n\t\t\tAllowedRoles: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"dev\"),\n\t\t\t\tpulumi.String(\"prod\"),\n\t\t\t},\n\t\t\tPostgresql: \u0026database.SecretBackendConnectionPostgresqlArgs{\n\t\t\t\tConnectionUrl: pulumi.String(\"postgres://username:password@host:port/database\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.database.SecretBackendConnection;\nimport com.pulumi.vault.database.SecretBackendConnectionArgs;\nimport com.pulumi.vault.database.inputs.SecretBackendConnectionPostgresqlArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var db = new Mount(\"db\", MountArgs.builder() \n .path(\"postgres\")\n .type(\"database\")\n .build());\n\n var postgres = new SecretBackendConnection(\"postgres\", SecretBackendConnectionArgs.builder() \n .backend(db.path())\n .allowedRoles( \n \"dev\",\n \"prod\")\n .postgresql(SecretBackendConnectionPostgresqlArgs.builder()\n .connectionUrl(\"postgres://username:password@host:port/database\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n db:\n type: vault:Mount\n properties:\n path: postgres\n type: database\n postgres:\n type: vault:database:SecretBackendConnection\n properties:\n backend: ${db.path}\n allowedRoles:\n - dev\n - prod\n postgresql:\n connectionUrl: postgres://username:password@host:port/database\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nDatabase secret backend connections can be imported using the `backend`, `/config/`, and the `name` e.g.\n\n```sh\n $ pulumi import vault:database/secretBackendConnection:SecretBackendConnection example postgres/config/postgres\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst db = new vault.Mount(\"db\", {\n path: \"postgres\",\n type: \"database\",\n});\nconst postgres = new vault.database.SecretBackendConnection(\"postgres\", {\n backend: db.path,\n allowedRoles: [\n \"dev\",\n \"prod\",\n ],\n postgresql: {\n connectionUrl: \"postgres://username:password@host:port/database\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ndb = vault.Mount(\"db\",\n path=\"postgres\",\n type=\"database\")\npostgres = vault.database.SecretBackendConnection(\"postgres\",\n backend=db.path,\n allowed_roles=[\n \"dev\",\n \"prod\",\n ],\n postgresql=vault.database.SecretBackendConnectionPostgresqlArgs(\n connection_url=\"postgres://username:password@host:port/database\",\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var db = new Vault.Mount(\"db\", new()\n {\n Path = \"postgres\",\n Type = \"database\",\n });\n\n var postgres = new Vault.Database.SecretBackendConnection(\"postgres\", new()\n {\n Backend = db.Path,\n AllowedRoles = new[]\n {\n \"dev\",\n \"prod\",\n },\n Postgresql = new Vault.Database.Inputs.SecretBackendConnectionPostgresqlArgs\n {\n ConnectionUrl = \"postgres://username:password@host:port/database\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/database\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdb, err := vault.NewMount(ctx, \"db\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"postgres\"),\n\t\t\tType: pulumi.String(\"database\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = database.NewSecretBackendConnection(ctx, \"postgres\", \u0026database.SecretBackendConnectionArgs{\n\t\t\tBackend: db.Path,\n\t\t\tAllowedRoles: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"dev\"),\n\t\t\t\tpulumi.String(\"prod\"),\n\t\t\t},\n\t\t\tPostgresql: \u0026database.SecretBackendConnectionPostgresqlArgs{\n\t\t\t\tConnectionUrl: pulumi.String(\"postgres://username:password@host:port/database\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.database.SecretBackendConnection;\nimport com.pulumi.vault.database.SecretBackendConnectionArgs;\nimport com.pulumi.vault.database.inputs.SecretBackendConnectionPostgresqlArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var db = new Mount(\"db\", MountArgs.builder() \n .path(\"postgres\")\n .type(\"database\")\n .build());\n\n var postgres = new SecretBackendConnection(\"postgres\", SecretBackendConnectionArgs.builder() \n .backend(db.path())\n .allowedRoles( \n \"dev\",\n \"prod\")\n .postgresql(SecretBackendConnectionPostgresqlArgs.builder()\n .connectionUrl(\"postgres://username:password@host:port/database\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n db:\n type: vault:Mount\n properties:\n path: postgres\n type: database\n postgres:\n type: vault:database:SecretBackendConnection\n properties:\n backend: ${db.path}\n allowedRoles:\n - dev\n - prod\n postgresql:\n connectionUrl: postgres://username:password@host:port/database\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nDatabase secret backend connections can be imported using the `backend`, `/config/`, and the `name` e.g.\n\n```sh\n $ pulumi import vault:database/secretBackendConnection:SecretBackendConnection example postgres/config/postgres\n```\n ", "properties": { "allowedRoles": { "type": "array", @@ -12054,7 +9183,7 @@ }, "redisElasticache": { "$ref": "#/types/vault:database/SecretBackendConnectionRedisElasticache:SecretBackendConnectionRedisElasticache", - "description": "A nested block containing configuration options for Redis ElastiCache connections.\n" + "description": "A nested block containing configuration options for Redis ElastiCache connections.\n\nExactly one of the nested blocks of configuration options must be supplied.\n" }, "redshift": { "$ref": "#/types/vault:database/SecretBackendConnectionRedshift:SecretBackendConnectionRedshift", @@ -12176,7 +9305,7 @@ }, "redisElasticache": { "$ref": "#/types/vault:database/SecretBackendConnectionRedisElasticache:SecretBackendConnectionRedisElasticache", - "description": "A nested block containing configuration options for Redis ElastiCache connections.\n" + "description": "A nested block containing configuration options for Redis ElastiCache connections.\n\nExactly one of the nested blocks of configuration options must be supplied.\n" }, "redshift": { "$ref": "#/types/vault:database/SecretBackendConnectionRedshift:SecretBackendConnectionRedshift", @@ -12298,7 +9427,7 @@ }, "redisElasticache": { "$ref": "#/types/vault:database/SecretBackendConnectionRedisElasticache:SecretBackendConnectionRedisElasticache", - "description": "A nested block containing configuration options for Redis ElastiCache connections.\n" + "description": "A nested block containing configuration options for Redis ElastiCache connections.\n\nExactly one of the nested blocks of configuration options must be supplied.\n" }, "redshift": { "$ref": "#/types/vault:database/SecretBackendConnectionRedshift:SecretBackendConnectionRedshift", @@ -12324,7 +9453,7 @@ } }, "vault:database/secretBackendRole:SecretBackendRole": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst db = new vault.Mount(\"db\", {\n path: \"postgres\",\n type: \"database\",\n});\nconst postgres = new vault.database.SecretBackendConnection(\"postgres\", {\n backend: db.path,\n allowedRoles: [\n \"dev\",\n \"prod\",\n ],\n postgresql: {\n connectionUrl: \"postgres://username:password@host:port/database\",\n },\n});\nconst role = new vault.database.SecretBackendRole(\"role\", {\n backend: db.path,\n dbName: postgres.name,\n creationStatements: [\"CREATE ROLE \\\"{{name}}\\\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ndb = vault.Mount(\"db\",\n path=\"postgres\",\n type=\"database\")\npostgres = vault.database.SecretBackendConnection(\"postgres\",\n backend=db.path,\n allowed_roles=[\n \"dev\",\n \"prod\",\n ],\n postgresql=vault.database.SecretBackendConnectionPostgresqlArgs(\n connection_url=\"postgres://username:password@host:port/database\",\n ))\nrole = vault.database.SecretBackendRole(\"role\",\n backend=db.path,\n db_name=postgres.name,\n creation_statements=[\"CREATE ROLE \\\"{{name}}\\\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var db = new Vault.Mount(\"db\", new()\n {\n Path = \"postgres\",\n Type = \"database\",\n });\n\n var postgres = new Vault.Database.SecretBackendConnection(\"postgres\", new()\n {\n Backend = db.Path,\n AllowedRoles = new[]\n {\n \"dev\",\n \"prod\",\n },\n Postgresql = new Vault.Database.Inputs.SecretBackendConnectionPostgresqlArgs\n {\n ConnectionUrl = \"postgres://username:password@host:port/database\",\n },\n });\n\n var role = new Vault.Database.SecretBackendRole(\"role\", new()\n {\n Backend = db.Path,\n DbName = postgres.Name,\n CreationStatements = new[]\n {\n \"CREATE ROLE \\\"{{name}}\\\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/database\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdb, err := vault.NewMount(ctx, \"db\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"postgres\"),\n\t\t\tType: pulumi.String(\"database\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tpostgres, err := database.NewSecretBackendConnection(ctx, \"postgres\", \u0026database.SecretBackendConnectionArgs{\n\t\t\tBackend: db.Path,\n\t\t\tAllowedRoles: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"dev\"),\n\t\t\t\tpulumi.String(\"prod\"),\n\t\t\t},\n\t\t\tPostgresql: \u0026database.SecretBackendConnectionPostgresqlArgs{\n\t\t\t\tConnectionUrl: pulumi.String(\"postgres://username:password@host:port/database\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = database.NewSecretBackendRole(ctx, \"role\", \u0026database.SecretBackendRoleArgs{\n\t\t\tBackend: db.Path,\n\t\t\tDbName: postgres.Name,\n\t\t\tCreationStatements: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"CREATE ROLE \\\"{{name}}\\\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.database.SecretBackendConnection;\nimport com.pulumi.vault.database.SecretBackendConnectionArgs;\nimport com.pulumi.vault.database.inputs.SecretBackendConnectionPostgresqlArgs;\nimport com.pulumi.vault.database.SecretBackendRole;\nimport com.pulumi.vault.database.SecretBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var db = new Mount(\"db\", MountArgs.builder() \n .path(\"postgres\")\n .type(\"database\")\n .build());\n\n var postgres = new SecretBackendConnection(\"postgres\", SecretBackendConnectionArgs.builder() \n .backend(db.path())\n .allowedRoles( \n \"dev\",\n \"prod\")\n .postgresql(SecretBackendConnectionPostgresqlArgs.builder()\n .connectionUrl(\"postgres://username:password@host:port/database\")\n .build())\n .build());\n\n var role = new SecretBackendRole(\"role\", SecretBackendRoleArgs.builder() \n .backend(db.path())\n .dbName(postgres.name())\n .creationStatements(\"CREATE ROLE \\\"{{name}}\\\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n db:\n type: vault:Mount\n properties:\n path: postgres\n type: database\n postgres:\n type: vault:database:SecretBackendConnection\n properties:\n backend: ${db.path}\n allowedRoles:\n - dev\n - prod\n postgresql:\n connectionUrl: postgres://username:password@host:port/database\n role:\n type: vault:database:SecretBackendRole\n properties:\n backend: ${db.path}\n dbName: ${postgres.name}\n creationStatements:\n - CREATE ROLE \"{{name}}\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nDatabase secret backend roles can be imported using the `backend`, `/roles/`, and the `name` e.g.\n\n```sh\n $ pulumi import vault:database/secretBackendRole:SecretBackendRole example postgres/roles/my-role\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst db = new vault.Mount(\"db\", {\n path: \"postgres\",\n type: \"database\",\n});\nconst postgres = new vault.database.SecretBackendConnection(\"postgres\", {\n backend: db.path,\n allowedRoles: [\n \"dev\",\n \"prod\",\n ],\n postgresql: {\n connectionUrl: \"postgres://username:password@host:port/database\",\n },\n});\nconst role = new vault.database.SecretBackendRole(\"role\", {\n backend: db.path,\n dbName: postgres.name,\n creationStatements: [\"CREATE ROLE \\\"{{name}}\\\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ndb = vault.Mount(\"db\",\n path=\"postgres\",\n type=\"database\")\npostgres = vault.database.SecretBackendConnection(\"postgres\",\n backend=db.path,\n allowed_roles=[\n \"dev\",\n \"prod\",\n ],\n postgresql=vault.database.SecretBackendConnectionPostgresqlArgs(\n connection_url=\"postgres://username:password@host:port/database\",\n ))\nrole = vault.database.SecretBackendRole(\"role\",\n backend=db.path,\n db_name=postgres.name,\n creation_statements=[\"CREATE ROLE \\\"{{name}}\\\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var db = new Vault.Mount(\"db\", new()\n {\n Path = \"postgres\",\n Type = \"database\",\n });\n\n var postgres = new Vault.Database.SecretBackendConnection(\"postgres\", new()\n {\n Backend = db.Path,\n AllowedRoles = new[]\n {\n \"dev\",\n \"prod\",\n },\n Postgresql = new Vault.Database.Inputs.SecretBackendConnectionPostgresqlArgs\n {\n ConnectionUrl = \"postgres://username:password@host:port/database\",\n },\n });\n\n var role = new Vault.Database.SecretBackendRole(\"role\", new()\n {\n Backend = db.Path,\n DbName = postgres.Name,\n CreationStatements = new[]\n {\n \"CREATE ROLE \\\"{{name}}\\\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/database\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdb, err := vault.NewMount(ctx, \"db\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"postgres\"),\n\t\t\tType: pulumi.String(\"database\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tpostgres, err := database.NewSecretBackendConnection(ctx, \"postgres\", \u0026database.SecretBackendConnectionArgs{\n\t\t\tBackend: db.Path,\n\t\t\tAllowedRoles: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"dev\"),\n\t\t\t\tpulumi.String(\"prod\"),\n\t\t\t},\n\t\t\tPostgresql: \u0026database.SecretBackendConnectionPostgresqlArgs{\n\t\t\t\tConnectionUrl: pulumi.String(\"postgres://username:password@host:port/database\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = database.NewSecretBackendRole(ctx, \"role\", \u0026database.SecretBackendRoleArgs{\n\t\t\tBackend: db.Path,\n\t\t\tDbName: postgres.Name,\n\t\t\tCreationStatements: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"CREATE ROLE \\\"{{name}}\\\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.database.SecretBackendConnection;\nimport com.pulumi.vault.database.SecretBackendConnectionArgs;\nimport com.pulumi.vault.database.inputs.SecretBackendConnectionPostgresqlArgs;\nimport com.pulumi.vault.database.SecretBackendRole;\nimport com.pulumi.vault.database.SecretBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var db = new Mount(\"db\", MountArgs.builder() \n .path(\"postgres\")\n .type(\"database\")\n .build());\n\n var postgres = new SecretBackendConnection(\"postgres\", SecretBackendConnectionArgs.builder() \n .backend(db.path())\n .allowedRoles( \n \"dev\",\n \"prod\")\n .postgresql(SecretBackendConnectionPostgresqlArgs.builder()\n .connectionUrl(\"postgres://username:password@host:port/database\")\n .build())\n .build());\n\n var role = new SecretBackendRole(\"role\", SecretBackendRoleArgs.builder() \n .backend(db.path())\n .dbName(postgres.name())\n .creationStatements(\"CREATE ROLE \\\"{{name}}\\\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n db:\n type: vault:Mount\n properties:\n path: postgres\n type: database\n postgres:\n type: vault:database:SecretBackendConnection\n properties:\n backend: ${db.path}\n allowedRoles:\n - dev\n - prod\n postgresql:\n connectionUrl: postgres://username:password@host:port/database\n role:\n type: vault:database:SecretBackendRole\n properties:\n backend: ${db.path}\n dbName: ${postgres.name}\n creationStatements:\n - CREATE ROLE \"{{name}}\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nDatabase secret backend roles can be imported using the `backend`, `/roles/`, and the `name` e.g.\n\n```sh\n $ pulumi import vault:database/secretBackendRole:SecretBackendRole example postgres/roles/my-role\n```\n ", "properties": { "backend": { "type": "string", @@ -12342,7 +9471,7 @@ "additionalProperties": { "$ref": "pulumi.json#/Any" }, - "description": "Specifies the configuration\nfor the given `credential_type`.\n" + "description": "Specifies the configuration\nfor the given `credential_type`.\n\nThe following options are available for each `credential_type` value:\n" }, "credentialType": { "type": "string", @@ -12415,7 +9544,7 @@ "additionalProperties": { "$ref": "pulumi.json#/Any" }, - "description": "Specifies the configuration\nfor the given `credential_type`.\n" + "description": "Specifies the configuration\nfor the given `credential_type`.\n\nThe following options are available for each `credential_type` value:\n" }, "credentialType": { "type": "string", @@ -12491,7 +9620,7 @@ "additionalProperties": { "$ref": "pulumi.json#/Any" }, - "description": "Specifies the configuration\nfor the given `credential_type`.\n" + "description": "Specifies the configuration\nfor the given `credential_type`.\n\nThe following options are available for each `credential_type` value:\n" }, "credentialType": { "type": "string", @@ -12546,7 +9675,7 @@ } }, "vault:database/secretBackendStaticRole:SecretBackendStaticRole": { - "description": "Creates a Database Secret Backend static role in Vault. Database secret backend\nstatic roles can be used to manage 1-to-1 mapping of a Vault Role to a user in a\ndatabase for the database.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst db = new vault.Mount(\"db\", {\n path: \"postgres\",\n type: \"database\",\n});\nconst postgres = new vault.database.SecretBackendConnection(\"postgres\", {\n backend: db.path,\n allowedRoles: [\"*\"],\n postgresql: {\n connectionUrl: \"postgres://username:password@host:port/database\",\n },\n});\n// configure a static role with period-based rotations\nconst periodRole = new vault.database.SecretBackendStaticRole(\"periodRole\", {\n backend: db.path,\n dbName: postgres.name,\n username: \"example\",\n rotationPeriod: 3600,\n rotationStatements: [\"ALTER USER \\\"{{name}}\\\" WITH PASSWORD '{{password}}';\"],\n});\n// configure a static role with schedule-based rotations\nconst scheduleRole = new vault.database.SecretBackendStaticRole(\"scheduleRole\", {\n backend: db.path,\n dbName: postgres.name,\n username: \"example\",\n rotationSchedule: \"0 0 * * SAT\",\n rotationWindow: 172800,\n rotationStatements: [\"ALTER USER \\\"{{name}}\\\" WITH PASSWORD '{{password}}';\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ndb = vault.Mount(\"db\",\n path=\"postgres\",\n type=\"database\")\npostgres = vault.database.SecretBackendConnection(\"postgres\",\n backend=db.path,\n allowed_roles=[\"*\"],\n postgresql=vault.database.SecretBackendConnectionPostgresqlArgs(\n connection_url=\"postgres://username:password@host:port/database\",\n ))\n# configure a static role with period-based rotations\nperiod_role = vault.database.SecretBackendStaticRole(\"periodRole\",\n backend=db.path,\n db_name=postgres.name,\n username=\"example\",\n rotation_period=3600,\n rotation_statements=[\"ALTER USER \\\"{{name}}\\\" WITH PASSWORD '{{password}}';\"])\n# configure a static role with schedule-based rotations\nschedule_role = vault.database.SecretBackendStaticRole(\"scheduleRole\",\n backend=db.path,\n db_name=postgres.name,\n username=\"example\",\n rotation_schedule=\"0 0 * * SAT\",\n rotation_window=172800,\n rotation_statements=[\"ALTER USER \\\"{{name}}\\\" WITH PASSWORD '{{password}}';\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var db = new Vault.Mount(\"db\", new()\n {\n Path = \"postgres\",\n Type = \"database\",\n });\n\n var postgres = new Vault.Database.SecretBackendConnection(\"postgres\", new()\n {\n Backend = db.Path,\n AllowedRoles = new[]\n {\n \"*\",\n },\n Postgresql = new Vault.Database.Inputs.SecretBackendConnectionPostgresqlArgs\n {\n ConnectionUrl = \"postgres://username:password@host:port/database\",\n },\n });\n\n // configure a static role with period-based rotations\n var periodRole = new Vault.Database.SecretBackendStaticRole(\"periodRole\", new()\n {\n Backend = db.Path,\n DbName = postgres.Name,\n Username = \"example\",\n RotationPeriod = 3600,\n RotationStatements = new[]\n {\n \"ALTER USER \\\"{{name}}\\\" WITH PASSWORD '{{password}}';\",\n },\n });\n\n // configure a static role with schedule-based rotations\n var scheduleRole = new Vault.Database.SecretBackendStaticRole(\"scheduleRole\", new()\n {\n Backend = db.Path,\n DbName = postgres.Name,\n Username = \"example\",\n RotationSchedule = \"0 0 * * SAT\",\n RotationWindow = 172800,\n RotationStatements = new[]\n {\n \"ALTER USER \\\"{{name}}\\\" WITH PASSWORD '{{password}}';\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/database\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdb, err := vault.NewMount(ctx, \"db\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"postgres\"),\n\t\t\tType: pulumi.String(\"database\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tpostgres, err := database.NewSecretBackendConnection(ctx, \"postgres\", \u0026database.SecretBackendConnectionArgs{\n\t\t\tBackend: db.Path,\n\t\t\tAllowedRoles: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"*\"),\n\t\t\t},\n\t\t\tPostgresql: \u0026database.SecretBackendConnectionPostgresqlArgs{\n\t\t\t\tConnectionUrl: pulumi.String(\"postgres://username:password@host:port/database\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = database.NewSecretBackendStaticRole(ctx, \"periodRole\", \u0026database.SecretBackendStaticRoleArgs{\n\t\t\tBackend: db.Path,\n\t\t\tDbName: postgres.Name,\n\t\t\tUsername: pulumi.String(\"example\"),\n\t\t\tRotationPeriod: pulumi.Int(3600),\n\t\t\tRotationStatements: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"ALTER USER \\\"{{name}}\\\" WITH PASSWORD '{{password}}';\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = database.NewSecretBackendStaticRole(ctx, \"scheduleRole\", \u0026database.SecretBackendStaticRoleArgs{\n\t\t\tBackend: db.Path,\n\t\t\tDbName: postgres.Name,\n\t\t\tUsername: pulumi.String(\"example\"),\n\t\t\tRotationSchedule: pulumi.String(\"0 0 * * SAT\"),\n\t\t\tRotationWindow: pulumi.Int(172800),\n\t\t\tRotationStatements: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"ALTER USER \\\"{{name}}\\\" WITH PASSWORD '{{password}}';\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.database.SecretBackendConnection;\nimport com.pulumi.vault.database.SecretBackendConnectionArgs;\nimport com.pulumi.vault.database.inputs.SecretBackendConnectionPostgresqlArgs;\nimport com.pulumi.vault.database.SecretBackendStaticRole;\nimport com.pulumi.vault.database.SecretBackendStaticRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var db = new Mount(\"db\", MountArgs.builder() \n .path(\"postgres\")\n .type(\"database\")\n .build());\n\n var postgres = new SecretBackendConnection(\"postgres\", SecretBackendConnectionArgs.builder() \n .backend(db.path())\n .allowedRoles(\"*\")\n .postgresql(SecretBackendConnectionPostgresqlArgs.builder()\n .connectionUrl(\"postgres://username:password@host:port/database\")\n .build())\n .build());\n\n var periodRole = new SecretBackendStaticRole(\"periodRole\", SecretBackendStaticRoleArgs.builder() \n .backend(db.path())\n .dbName(postgres.name())\n .username(\"example\")\n .rotationPeriod(\"3600\")\n .rotationStatements(\"ALTER USER \\\"{{name}}\\\" WITH PASSWORD '{{password}}';\")\n .build());\n\n var scheduleRole = new SecretBackendStaticRole(\"scheduleRole\", SecretBackendStaticRoleArgs.builder() \n .backend(db.path())\n .dbName(postgres.name())\n .username(\"example\")\n .rotationSchedule(\"0 0 * * SAT\")\n .rotationWindow(\"172800\")\n .rotationStatements(\"ALTER USER \\\"{{name}}\\\" WITH PASSWORD '{{password}}';\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n db:\n type: vault:Mount\n properties:\n path: postgres\n type: database\n postgres:\n type: vault:database:SecretBackendConnection\n properties:\n backend: ${db.path}\n allowedRoles:\n - '*'\n postgresql:\n connectionUrl: postgres://username:password@host:port/database\n # configure a static role with period-based rotations\n periodRole:\n type: vault:database:SecretBackendStaticRole\n properties:\n backend: ${db.path}\n dbName: ${postgres.name}\n username: example\n rotationPeriod: 3600\n rotationStatements:\n - ALTER USER \"{{name}}\" WITH PASSWORD '{{password}}';\n # configure a static role with schedule-based rotations\n scheduleRole:\n type: vault:database:SecretBackendStaticRole\n properties:\n backend: ${db.path}\n dbName: ${postgres.name}\n username: example\n rotationSchedule: 0 0 * * SAT\n rotationWindow: 172800\n rotationStatements:\n - ALTER USER \"{{name}}\" WITH PASSWORD '{{password}}';\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nDatabase secret backend static roles can be imported using the `backend`, `/static-roles/`, and the `name` e.g.\n\n```sh\n $ pulumi import vault:database/secretBackendStaticRole:SecretBackendStaticRole example postgres/static-roles/my-role\n```\n\n ", + "description": "Creates a Database Secret Backend static role in Vault. Database secret backend\nstatic roles can be used to manage 1-to-1 mapping of a Vault Role to a user in a\ndatabase for the database.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst db = new vault.Mount(\"db\", {\n path: \"postgres\",\n type: \"database\",\n});\nconst postgres = new vault.database.SecretBackendConnection(\"postgres\", {\n backend: db.path,\n allowedRoles: [\"*\"],\n postgresql: {\n connectionUrl: \"postgres://username:password@host:port/database\",\n },\n});\n// configure a static role with period-based rotations\nconst periodRole = new vault.database.SecretBackendStaticRole(\"periodRole\", {\n backend: db.path,\n dbName: postgres.name,\n username: \"example\",\n rotationPeriod: 3600,\n rotationStatements: [\"ALTER USER \\\"{{name}}\\\" WITH PASSWORD '{{password}}';\"],\n});\n// configure a static role with schedule-based rotations\nconst scheduleRole = new vault.database.SecretBackendStaticRole(\"scheduleRole\", {\n backend: db.path,\n dbName: postgres.name,\n username: \"example\",\n rotationSchedule: \"0 0 * * SAT\",\n rotationWindow: 172800,\n rotationStatements: [\"ALTER USER \\\"{{name}}\\\" WITH PASSWORD '{{password}}';\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ndb = vault.Mount(\"db\",\n path=\"postgres\",\n type=\"database\")\npostgres = vault.database.SecretBackendConnection(\"postgres\",\n backend=db.path,\n allowed_roles=[\"*\"],\n postgresql=vault.database.SecretBackendConnectionPostgresqlArgs(\n connection_url=\"postgres://username:password@host:port/database\",\n ))\n# configure a static role with period-based rotations\nperiod_role = vault.database.SecretBackendStaticRole(\"periodRole\",\n backend=db.path,\n db_name=postgres.name,\n username=\"example\",\n rotation_period=3600,\n rotation_statements=[\"ALTER USER \\\"{{name}}\\\" WITH PASSWORD '{{password}}';\"])\n# configure a static role with schedule-based rotations\nschedule_role = vault.database.SecretBackendStaticRole(\"scheduleRole\",\n backend=db.path,\n db_name=postgres.name,\n username=\"example\",\n rotation_schedule=\"0 0 * * SAT\",\n rotation_window=172800,\n rotation_statements=[\"ALTER USER \\\"{{name}}\\\" WITH PASSWORD '{{password}}';\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var db = new Vault.Mount(\"db\", new()\n {\n Path = \"postgres\",\n Type = \"database\",\n });\n\n var postgres = new Vault.Database.SecretBackendConnection(\"postgres\", new()\n {\n Backend = db.Path,\n AllowedRoles = new[]\n {\n \"*\",\n },\n Postgresql = new Vault.Database.Inputs.SecretBackendConnectionPostgresqlArgs\n {\n ConnectionUrl = \"postgres://username:password@host:port/database\",\n },\n });\n\n // configure a static role with period-based rotations\n var periodRole = new Vault.Database.SecretBackendStaticRole(\"periodRole\", new()\n {\n Backend = db.Path,\n DbName = postgres.Name,\n Username = \"example\",\n RotationPeriod = 3600,\n RotationStatements = new[]\n {\n \"ALTER USER \\\"{{name}}\\\" WITH PASSWORD '{{password}}';\",\n },\n });\n\n // configure a static role with schedule-based rotations\n var scheduleRole = new Vault.Database.SecretBackendStaticRole(\"scheduleRole\", new()\n {\n Backend = db.Path,\n DbName = postgres.Name,\n Username = \"example\",\n RotationSchedule = \"0 0 * * SAT\",\n RotationWindow = 172800,\n RotationStatements = new[]\n {\n \"ALTER USER \\\"{{name}}\\\" WITH PASSWORD '{{password}}';\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/database\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdb, err := vault.NewMount(ctx, \"db\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"postgres\"),\n\t\t\tType: pulumi.String(\"database\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tpostgres, err := database.NewSecretBackendConnection(ctx, \"postgres\", \u0026database.SecretBackendConnectionArgs{\n\t\t\tBackend: db.Path,\n\t\t\tAllowedRoles: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"*\"),\n\t\t\t},\n\t\t\tPostgresql: \u0026database.SecretBackendConnectionPostgresqlArgs{\n\t\t\t\tConnectionUrl: pulumi.String(\"postgres://username:password@host:port/database\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = database.NewSecretBackendStaticRole(ctx, \"periodRole\", \u0026database.SecretBackendStaticRoleArgs{\n\t\t\tBackend: db.Path,\n\t\t\tDbName: postgres.Name,\n\t\t\tUsername: pulumi.String(\"example\"),\n\t\t\tRotationPeriod: pulumi.Int(3600),\n\t\t\tRotationStatements: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"ALTER USER \\\"{{name}}\\\" WITH PASSWORD '{{password}}';\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = database.NewSecretBackendStaticRole(ctx, \"scheduleRole\", \u0026database.SecretBackendStaticRoleArgs{\n\t\t\tBackend: db.Path,\n\t\t\tDbName: postgres.Name,\n\t\t\tUsername: pulumi.String(\"example\"),\n\t\t\tRotationSchedule: pulumi.String(\"0 0 * * SAT\"),\n\t\t\tRotationWindow: pulumi.Int(172800),\n\t\t\tRotationStatements: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"ALTER USER \\\"{{name}}\\\" WITH PASSWORD '{{password}}';\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.database.SecretBackendConnection;\nimport com.pulumi.vault.database.SecretBackendConnectionArgs;\nimport com.pulumi.vault.database.inputs.SecretBackendConnectionPostgresqlArgs;\nimport com.pulumi.vault.database.SecretBackendStaticRole;\nimport com.pulumi.vault.database.SecretBackendStaticRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var db = new Mount(\"db\", MountArgs.builder() \n .path(\"postgres\")\n .type(\"database\")\n .build());\n\n var postgres = new SecretBackendConnection(\"postgres\", SecretBackendConnectionArgs.builder() \n .backend(db.path())\n .allowedRoles(\"*\")\n .postgresql(SecretBackendConnectionPostgresqlArgs.builder()\n .connectionUrl(\"postgres://username:password@host:port/database\")\n .build())\n .build());\n\n var periodRole = new SecretBackendStaticRole(\"periodRole\", SecretBackendStaticRoleArgs.builder() \n .backend(db.path())\n .dbName(postgres.name())\n .username(\"example\")\n .rotationPeriod(\"3600\")\n .rotationStatements(\"ALTER USER \\\"{{name}}\\\" WITH PASSWORD '{{password}}';\")\n .build());\n\n var scheduleRole = new SecretBackendStaticRole(\"scheduleRole\", SecretBackendStaticRoleArgs.builder() \n .backend(db.path())\n .dbName(postgres.name())\n .username(\"example\")\n .rotationSchedule(\"0 0 * * SAT\")\n .rotationWindow(\"172800\")\n .rotationStatements(\"ALTER USER \\\"{{name}}\\\" WITH PASSWORD '{{password}}';\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n db:\n type: vault:Mount\n properties:\n path: postgres\n type: database\n postgres:\n type: vault:database:SecretBackendConnection\n properties:\n backend: ${db.path}\n allowedRoles:\n - '*'\n postgresql:\n connectionUrl: postgres://username:password@host:port/database\n # configure a static role with period-based rotations\n periodRole:\n type: vault:database:SecretBackendStaticRole\n properties:\n backend: ${db.path}\n dbName: ${postgres.name}\n username: example\n rotationPeriod: '3600'\n rotationStatements:\n - ALTER USER \"{{name}}\" WITH PASSWORD '{{password}}';\n # configure a static role with schedule-based rotations\n scheduleRole:\n type: vault:database:SecretBackendStaticRole\n properties:\n backend: ${db.path}\n dbName: ${postgres.name}\n username: example\n rotationSchedule: 0 0 * * SAT\n rotationWindow: '172800'\n rotationStatements:\n - ALTER USER \"{{name}}\" WITH PASSWORD '{{password}}';\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nDatabase secret backend static roles can be imported using the `backend`, `/static-roles/`, and the `name` e.g.\n\n```sh\n $ pulumi import vault:database/secretBackendStaticRole:SecretBackendStaticRole example postgres/static-roles/my-role\n```\n ", "properties": { "backend": { "type": "string", @@ -12570,7 +9699,7 @@ }, "rotationSchedule": { "type": "string", - "description": "A cron-style string that will define the schedule on which rotations should occur.\nMutually exclusive with `rotation_period`.\n" + "description": "A cron-style string that will define the schedule on which rotations should occur.\nMutually exclusive with `rotation_period`.\n\n**Warning**: The `rotation_period` and `rotation_schedule` fields are\nmutually exclusive. One of them must be set but not both.\n" }, "rotationStatements": { "type": "array", @@ -12621,7 +9750,7 @@ }, "rotationSchedule": { "type": "string", - "description": "A cron-style string that will define the schedule on which rotations should occur.\nMutually exclusive with `rotation_period`.\n" + "description": "A cron-style string that will define the schedule on which rotations should occur.\nMutually exclusive with `rotation_period`.\n\n**Warning**: The `rotation_period` and `rotation_schedule` fields are\nmutually exclusive. One of them must be set but not both.\n" }, "rotationStatements": { "type": "array", @@ -12674,7 +9803,7 @@ }, "rotationSchedule": { "type": "string", - "description": "A cron-style string that will define the schedule on which rotations should occur.\nMutually exclusive with `rotation_period`.\n" + "description": "A cron-style string that will define the schedule on which rotations should occur.\nMutually exclusive with `rotation_period`.\n\n**Warning**: The `rotation_period` and `rotation_schedule` fields are\nmutually exclusive. One of them must be set but not both.\n" }, "rotationStatements": { "type": "array", @@ -12697,7 +9826,7 @@ } }, "vault:database/secretsMount:SecretsMount": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst db = new vault.database.SecretsMount(\"db\", {\n path: \"db\",\n mssqls: [{\n name: \"db1\",\n username: \"sa\",\n password: \"super_secret_1\",\n connectionUrl: \"sqlserver://{{username}}:{{password}}@127.0.0.1:1433\",\n allowedRoles: [\"dev1\"],\n }],\n postgresqls: [{\n name: \"db2\",\n username: \"postgres\",\n password: \"super_secret_2\",\n connectionUrl: \"postgresql://{{username}}:{{password}}@127.0.0.1:5432/postgres\",\n verifyConnection: true,\n allowedRoles: [\"dev2\"],\n }],\n});\nconst dev1 = new vault.database.SecretBackendRole(\"dev1\", {\n backend: db.path,\n dbName: db.mssqls.apply(mssqls =\u003e mssqls?[0]?.name),\n creationStatements: [\n \"CREATE LOGIN [{{name}}] WITH PASSWORD = '{{password}}';\",\n \"CREATE USER [{{name}}] FOR LOGIN [{{name}}];\",\n \"GRANT SELECT ON SCHEMA::dbo TO [{{name}}];\",\n ],\n});\nconst dev2 = new vault.database.SecretBackendRole(\"dev2\", {\n backend: db.path,\n dbName: db.postgresqls.apply(postgresqls =\u003e postgresqls?[0]?.name),\n creationStatements: [\n \"CREATE ROLE \\\"{{name}}\\\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';\",\n \"GRANT SELECT ON ALL TABLES IN SCHEMA public TO \\\"{{name}}\\\";\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ndb = vault.database.SecretsMount(\"db\",\n path=\"db\",\n mssqls=[vault.database.SecretsMountMssqlArgs(\n name=\"db1\",\n username=\"sa\",\n password=\"super_secret_1\",\n connection_url=\"sqlserver://{{username}}:{{password}}@127.0.0.1:1433\",\n allowed_roles=[\"dev1\"],\n )],\n postgresqls=[vault.database.SecretsMountPostgresqlArgs(\n name=\"db2\",\n username=\"postgres\",\n password=\"super_secret_2\",\n connection_url=\"postgresql://{{username}}:{{password}}@127.0.0.1:5432/postgres\",\n verify_connection=True,\n allowed_roles=[\"dev2\"],\n )])\ndev1 = vault.database.SecretBackendRole(\"dev1\",\n backend=db.path,\n db_name=db.mssqls[0].name,\n creation_statements=[\n \"CREATE LOGIN [{{name}}] WITH PASSWORD = '{{password}}';\",\n \"CREATE USER [{{name}}] FOR LOGIN [{{name}}];\",\n \"GRANT SELECT ON SCHEMA::dbo TO [{{name}}];\",\n ])\ndev2 = vault.database.SecretBackendRole(\"dev2\",\n backend=db.path,\n db_name=db.postgresqls[0].name,\n creation_statements=[\n \"CREATE ROLE \\\"{{name}}\\\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';\",\n \"GRANT SELECT ON ALL TABLES IN SCHEMA public TO \\\"{{name}}\\\";\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var db = new Vault.Database.SecretsMount(\"db\", new()\n {\n Path = \"db\",\n Mssqls = new[]\n {\n new Vault.Database.Inputs.SecretsMountMssqlArgs\n {\n Name = \"db1\",\n Username = \"sa\",\n Password = \"super_secret_1\",\n ConnectionUrl = \"sqlserver://{{username}}:{{password}}@127.0.0.1:1433\",\n AllowedRoles = new[]\n {\n \"dev1\",\n },\n },\n },\n Postgresqls = new[]\n {\n new Vault.Database.Inputs.SecretsMountPostgresqlArgs\n {\n Name = \"db2\",\n Username = \"postgres\",\n Password = \"super_secret_2\",\n ConnectionUrl = \"postgresql://{{username}}:{{password}}@127.0.0.1:5432/postgres\",\n VerifyConnection = true,\n AllowedRoles = new[]\n {\n \"dev2\",\n },\n },\n },\n });\n\n var dev1 = new Vault.Database.SecretBackendRole(\"dev1\", new()\n {\n Backend = db.Path,\n DbName = db.Mssqls.Apply(mssqls =\u003e mssqls[0]?.Name),\n CreationStatements = new[]\n {\n \"CREATE LOGIN [{{name}}] WITH PASSWORD = '{{password}}';\",\n \"CREATE USER [{{name}}] FOR LOGIN [{{name}}];\",\n \"GRANT SELECT ON SCHEMA::dbo TO [{{name}}];\",\n },\n });\n\n var dev2 = new Vault.Database.SecretBackendRole(\"dev2\", new()\n {\n Backend = db.Path,\n DbName = db.Postgresqls.Apply(postgresqls =\u003e postgresqls[0]?.Name),\n CreationStatements = new[]\n {\n \"CREATE ROLE \\\"{{name}}\\\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';\",\n \"GRANT SELECT ON ALL TABLES IN SCHEMA public TO \\\"{{name}}\\\";\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/database\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdb, err := database.NewSecretsMount(ctx, \"db\", \u0026database.SecretsMountArgs{\n\t\t\tPath: pulumi.String(\"db\"),\n\t\t\tMssqls: database.SecretsMountMssqlArray{\n\t\t\t\t\u0026database.SecretsMountMssqlArgs{\n\t\t\t\t\tName: pulumi.String(\"db1\"),\n\t\t\t\t\tUsername: pulumi.String(\"sa\"),\n\t\t\t\t\tPassword: pulumi.String(\"super_secret_1\"),\n\t\t\t\t\tConnectionUrl: pulumi.String(\"sqlserver://{{username}}:{{password}}@127.0.0.1:1433\"),\n\t\t\t\t\tAllowedRoles: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"dev1\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tPostgresqls: database.SecretsMountPostgresqlArray{\n\t\t\t\t\u0026database.SecretsMountPostgresqlArgs{\n\t\t\t\t\tName: pulumi.String(\"db2\"),\n\t\t\t\t\tUsername: pulumi.String(\"postgres\"),\n\t\t\t\t\tPassword: pulumi.String(\"super_secret_2\"),\n\t\t\t\t\tConnectionUrl: pulumi.String(\"postgresql://{{username}}:{{password}}@127.0.0.1:5432/postgres\"),\n\t\t\t\t\tVerifyConnection: pulumi.Bool(true),\n\t\t\t\t\tAllowedRoles: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"dev2\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = database.NewSecretBackendRole(ctx, \"dev1\", \u0026database.SecretBackendRoleArgs{\n\t\t\tBackend: db.Path,\n\t\t\tDbName: db.Mssqls.ApplyT(func(mssqls []database.SecretsMountMssql) (string, error) {\n\t\t\t\treturn mssqls[0].Name, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tCreationStatements: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"CREATE LOGIN [{{name}}] WITH PASSWORD = '{{password}}';\"),\n\t\t\t\tpulumi.String(\"CREATE USER [{{name}}] FOR LOGIN [{{name}}];\"),\n\t\t\t\tpulumi.String(\"GRANT SELECT ON SCHEMA::dbo TO [{{name}}];\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = database.NewSecretBackendRole(ctx, \"dev2\", \u0026database.SecretBackendRoleArgs{\n\t\t\tBackend: db.Path,\n\t\t\tDbName: db.Postgresqls.ApplyT(func(postgresqls []database.SecretsMountPostgresql) (string, error) {\n\t\t\t\treturn postgresqls[0].Name, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tCreationStatements: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"CREATE ROLE \\\"{{name}}\\\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';\"),\n\t\t\t\tpulumi.String(\"GRANT SELECT ON ALL TABLES IN SCHEMA public TO \\\"{{name}}\\\";\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.database.SecretsMount;\nimport com.pulumi.vault.database.SecretsMountArgs;\nimport com.pulumi.vault.database.inputs.SecretsMountMssqlArgs;\nimport com.pulumi.vault.database.inputs.SecretsMountPostgresqlArgs;\nimport com.pulumi.vault.database.SecretBackendRole;\nimport com.pulumi.vault.database.SecretBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var db = new SecretsMount(\"db\", SecretsMountArgs.builder() \n .path(\"db\")\n .mssqls(SecretsMountMssqlArgs.builder()\n .name(\"db1\")\n .username(\"sa\")\n .password(\"super_secret_1\")\n .connectionUrl(\"sqlserver://{{username}}:{{password}}@127.0.0.1:1433\")\n .allowedRoles(\"dev1\")\n .build())\n .postgresqls(SecretsMountPostgresqlArgs.builder()\n .name(\"db2\")\n .username(\"postgres\")\n .password(\"super_secret_2\")\n .connectionUrl(\"postgresql://{{username}}:{{password}}@127.0.0.1:5432/postgres\")\n .verifyConnection(true)\n .allowedRoles(\"dev2\")\n .build())\n .build());\n\n var dev1 = new SecretBackendRole(\"dev1\", SecretBackendRoleArgs.builder() \n .backend(db.path())\n .dbName(db.mssqls().applyValue(mssqls -\u003e mssqls[0].name()))\n .creationStatements( \n \"CREATE LOGIN [{{name}}] WITH PASSWORD = '{{password}}';\",\n \"CREATE USER [{{name}}] FOR LOGIN [{{name}}];\",\n \"GRANT SELECT ON SCHEMA::dbo TO [{{name}}];\")\n .build());\n\n var dev2 = new SecretBackendRole(\"dev2\", SecretBackendRoleArgs.builder() \n .backend(db.path())\n .dbName(db.postgresqls().applyValue(postgresqls -\u003e postgresqls[0].name()))\n .creationStatements( \n \"CREATE ROLE \\\"{{name}}\\\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';\",\n \"GRANT SELECT ON ALL TABLES IN SCHEMA public TO \\\"{{name}}\\\";\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n db:\n type: vault:database:SecretsMount\n properties:\n path: db\n mssqls:\n - name: db1\n username: sa\n password: super_secret_1\n connectionUrl: sqlserver://{{username}}:{{password}}@127.0.0.1:1433\n allowedRoles:\n - dev1\n postgresqls:\n - name: db2\n username: postgres\n password: super_secret_2\n connectionUrl: postgresql://{{username}}:{{password}}@127.0.0.1:5432/postgres\n verifyConnection: true\n allowedRoles:\n - dev2\n dev1:\n type: vault:database:SecretBackendRole\n properties:\n backend: ${db.path}\n dbName: ${db.mssqls[0].name}\n creationStatements:\n - CREATE LOGIN [{{name}}] WITH PASSWORD = '{{password}}';\n - CREATE USER [{{name}}] FOR LOGIN [{{name}}];\n - GRANT SELECT ON SCHEMA::dbo TO [{{name}}];\n dev2:\n type: vault:database:SecretBackendRole\n properties:\n backend: ${db.path}\n dbName: ${db.postgresqls[0].name}\n creationStatements:\n - CREATE ROLE \"{{name}}\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';\n - GRANT SELECT ON ALL TABLES IN SCHEMA public TO \"{{name}}\";\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nDatabase secret backend connections can be imported using the `path` e.g.\n\n```sh\n $ pulumi import vault:database/secretsMount:SecretsMount db db\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst db = new vault.database.SecretsMount(\"db\", {\n path: \"db\",\n mssqls: [{\n name: \"db1\",\n username: \"sa\",\n password: \"super_secret_1\",\n connectionUrl: \"sqlserver://{{username}}:{{password}}@127.0.0.1:1433\",\n allowedRoles: [\"dev1\"],\n }],\n postgresqls: [{\n name: \"db2\",\n username: \"postgres\",\n password: \"super_secret_2\",\n connectionUrl: \"postgresql://{{username}}:{{password}}@127.0.0.1:5432/postgres\",\n verifyConnection: true,\n allowedRoles: [\"dev2\"],\n }],\n});\nconst dev1 = new vault.database.SecretBackendRole(\"dev1\", {\n backend: db.path,\n dbName: db.mssqls.apply(mssqls =\u003e mssqls?.[0]?.name),\n creationStatements: [\n \"CREATE LOGIN [{{name}}] WITH PASSWORD = '{{password}}';\",\n \"CREATE USER [{{name}}] FOR LOGIN [{{name}}];\",\n \"GRANT SELECT ON SCHEMA::dbo TO [{{name}}];\",\n ],\n});\nconst dev2 = new vault.database.SecretBackendRole(\"dev2\", {\n backend: db.path,\n dbName: db.postgresqls.apply(postgresqls =\u003e postgresqls?.[0]?.name),\n creationStatements: [\n \"CREATE ROLE \\\"{{name}}\\\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';\",\n \"GRANT SELECT ON ALL TABLES IN SCHEMA public TO \\\"{{name}}\\\";\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ndb = vault.database.SecretsMount(\"db\",\n path=\"db\",\n mssqls=[vault.database.SecretsMountMssqlArgs(\n name=\"db1\",\n username=\"sa\",\n password=\"super_secret_1\",\n connection_url=\"sqlserver://{{username}}:{{password}}@127.0.0.1:1433\",\n allowed_roles=[\"dev1\"],\n )],\n postgresqls=[vault.database.SecretsMountPostgresqlArgs(\n name=\"db2\",\n username=\"postgres\",\n password=\"super_secret_2\",\n connection_url=\"postgresql://{{username}}:{{password}}@127.0.0.1:5432/postgres\",\n verify_connection=True,\n allowed_roles=[\"dev2\"],\n )])\ndev1 = vault.database.SecretBackendRole(\"dev1\",\n backend=db.path,\n db_name=db.mssqls[0].name,\n creation_statements=[\n \"CREATE LOGIN [{{name}}] WITH PASSWORD = '{{password}}';\",\n \"CREATE USER [{{name}}] FOR LOGIN [{{name}}];\",\n \"GRANT SELECT ON SCHEMA::dbo TO [{{name}}];\",\n ])\ndev2 = vault.database.SecretBackendRole(\"dev2\",\n backend=db.path,\n db_name=db.postgresqls[0].name,\n creation_statements=[\n \"CREATE ROLE \\\"{{name}}\\\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';\",\n \"GRANT SELECT ON ALL TABLES IN SCHEMA public TO \\\"{{name}}\\\";\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var db = new Vault.Database.SecretsMount(\"db\", new()\n {\n Path = \"db\",\n Mssqls = new[]\n {\n new Vault.Database.Inputs.SecretsMountMssqlArgs\n {\n Name = \"db1\",\n Username = \"sa\",\n Password = \"super_secret_1\",\n ConnectionUrl = \"sqlserver://{{username}}:{{password}}@127.0.0.1:1433\",\n AllowedRoles = new[]\n {\n \"dev1\",\n },\n },\n },\n Postgresqls = new[]\n {\n new Vault.Database.Inputs.SecretsMountPostgresqlArgs\n {\n Name = \"db2\",\n Username = \"postgres\",\n Password = \"super_secret_2\",\n ConnectionUrl = \"postgresql://{{username}}:{{password}}@127.0.0.1:5432/postgres\",\n VerifyConnection = true,\n AllowedRoles = new[]\n {\n \"dev2\",\n },\n },\n },\n });\n\n var dev1 = new Vault.Database.SecretBackendRole(\"dev1\", new()\n {\n Backend = db.Path,\n DbName = db.Mssqls.Apply(mssqls =\u003e mssqls[0]?.Name),\n CreationStatements = new[]\n {\n \"CREATE LOGIN [{{name}}] WITH PASSWORD = '{{password}}';\",\n \"CREATE USER [{{name}}] FOR LOGIN [{{name}}];\",\n \"GRANT SELECT ON SCHEMA::dbo TO [{{name}}];\",\n },\n });\n\n var dev2 = new Vault.Database.SecretBackendRole(\"dev2\", new()\n {\n Backend = db.Path,\n DbName = db.Postgresqls.Apply(postgresqls =\u003e postgresqls[0]?.Name),\n CreationStatements = new[]\n {\n \"CREATE ROLE \\\"{{name}}\\\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';\",\n \"GRANT SELECT ON ALL TABLES IN SCHEMA public TO \\\"{{name}}\\\";\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/database\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdb, err := database.NewSecretsMount(ctx, \"db\", \u0026database.SecretsMountArgs{\n\t\t\tPath: pulumi.String(\"db\"),\n\t\t\tMssqls: database.SecretsMountMssqlArray{\n\t\t\t\t\u0026database.SecretsMountMssqlArgs{\n\t\t\t\t\tName: pulumi.String(\"db1\"),\n\t\t\t\t\tUsername: pulumi.String(\"sa\"),\n\t\t\t\t\tPassword: pulumi.String(\"super_secret_1\"),\n\t\t\t\t\tConnectionUrl: pulumi.String(\"sqlserver://{{username}}:{{password}}@127.0.0.1:1433\"),\n\t\t\t\t\tAllowedRoles: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"dev1\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tPostgresqls: database.SecretsMountPostgresqlArray{\n\t\t\t\t\u0026database.SecretsMountPostgresqlArgs{\n\t\t\t\t\tName: pulumi.String(\"db2\"),\n\t\t\t\t\tUsername: pulumi.String(\"postgres\"),\n\t\t\t\t\tPassword: pulumi.String(\"super_secret_2\"),\n\t\t\t\t\tConnectionUrl: pulumi.String(\"postgresql://{{username}}:{{password}}@127.0.0.1:5432/postgres\"),\n\t\t\t\t\tVerifyConnection: pulumi.Bool(true),\n\t\t\t\t\tAllowedRoles: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"dev2\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = database.NewSecretBackendRole(ctx, \"dev1\", \u0026database.SecretBackendRoleArgs{\n\t\t\tBackend: db.Path,\n\t\t\tDbName: db.Mssqls.ApplyT(func(mssqls []database.SecretsMountMssql) (*string, error) {\n\t\t\t\treturn \u0026mssqls[0].Name, nil\n\t\t\t}).(pulumi.StringPtrOutput),\n\t\t\tCreationStatements: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"CREATE LOGIN [{{name}}] WITH PASSWORD = '{{password}}';\"),\n\t\t\t\tpulumi.String(\"CREATE USER [{{name}}] FOR LOGIN [{{name}}];\"),\n\t\t\t\tpulumi.String(\"GRANT SELECT ON SCHEMA::dbo TO [{{name}}];\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = database.NewSecretBackendRole(ctx, \"dev2\", \u0026database.SecretBackendRoleArgs{\n\t\t\tBackend: db.Path,\n\t\t\tDbName: db.Postgresqls.ApplyT(func(postgresqls []database.SecretsMountPostgresql) (*string, error) {\n\t\t\t\treturn \u0026postgresqls[0].Name, nil\n\t\t\t}).(pulumi.StringPtrOutput),\n\t\t\tCreationStatements: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"CREATE ROLE \\\"{{name}}\\\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';\"),\n\t\t\t\tpulumi.String(\"GRANT SELECT ON ALL TABLES IN SCHEMA public TO \\\"{{name}}\\\";\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.database.SecretsMount;\nimport com.pulumi.vault.database.SecretsMountArgs;\nimport com.pulumi.vault.database.inputs.SecretsMountMssqlArgs;\nimport com.pulumi.vault.database.inputs.SecretsMountPostgresqlArgs;\nimport com.pulumi.vault.database.SecretBackendRole;\nimport com.pulumi.vault.database.SecretBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var db = new SecretsMount(\"db\", SecretsMountArgs.builder() \n .path(\"db\")\n .mssqls(SecretsMountMssqlArgs.builder()\n .name(\"db1\")\n .username(\"sa\")\n .password(\"super_secret_1\")\n .connectionUrl(\"sqlserver://{{username}}:{{password}}@127.0.0.1:1433\")\n .allowedRoles(\"dev1\")\n .build())\n .postgresqls(SecretsMountPostgresqlArgs.builder()\n .name(\"db2\")\n .username(\"postgres\")\n .password(\"super_secret_2\")\n .connectionUrl(\"postgresql://{{username}}:{{password}}@127.0.0.1:5432/postgres\")\n .verifyConnection(true)\n .allowedRoles(\"dev2\")\n .build())\n .build());\n\n var dev1 = new SecretBackendRole(\"dev1\", SecretBackendRoleArgs.builder() \n .backend(db.path())\n .dbName(db.mssqls().applyValue(mssqls -\u003e mssqls[0].name()))\n .creationStatements( \n \"CREATE LOGIN [{{name}}] WITH PASSWORD = '{{password}}';\",\n \"CREATE USER [{{name}}] FOR LOGIN [{{name}}];\",\n \"GRANT SELECT ON SCHEMA::dbo TO [{{name}}];\")\n .build());\n\n var dev2 = new SecretBackendRole(\"dev2\", SecretBackendRoleArgs.builder() \n .backend(db.path())\n .dbName(db.postgresqls().applyValue(postgresqls -\u003e postgresqls[0].name()))\n .creationStatements( \n \"CREATE ROLE \\\"{{name}}\\\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';\",\n \"GRANT SELECT ON ALL TABLES IN SCHEMA public TO \\\"{{name}}\\\";\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n db:\n type: vault:database:SecretsMount\n properties:\n path: db\n mssqls:\n - name: db1\n username: sa\n password: super_secret_1\n connectionUrl: sqlserver://{{username}}:{{password}}@127.0.0.1:1433\n allowedRoles:\n - dev1\n postgresqls:\n - name: db2\n username: postgres\n password: super_secret_2\n connectionUrl: postgresql://{{username}}:{{password}}@127.0.0.1:5432/postgres\n verifyConnection: true\n allowedRoles:\n - dev2\n dev1:\n type: vault:database:SecretBackendRole\n properties:\n backend: ${db.path}\n dbName: ${db.mssqls[0].name}\n creationStatements:\n - CREATE LOGIN [{{name}}] WITH PASSWORD = '{{password}}';\n - CREATE USER [{{name}}] FOR LOGIN [{{name}}];\n - GRANT SELECT ON SCHEMA::dbo TO [{{name}}];\n dev2:\n type: vault:database:SecretBackendRole\n properties:\n backend: ${db.path}\n dbName: ${db.postgresqls[0].name}\n creationStatements:\n - CREATE ROLE \"{{name}}\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';\n - GRANT SELECT ON ALL TABLES IN SCHEMA public TO \"{{name}}\";\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nDatabase secret backend connections can be imported using the `path` e.g.\n\n```sh\n $ pulumi import vault:database/secretsMount:SecretsMount db db\n```\n ", "properties": { "accessor": { "type": "string", @@ -12708,7 +9837,7 @@ "items": { "type": "string" }, - "description": "Set of managed key registry entry names that the mount in question is allowed to access\n" + "description": "Set of managed key registry entry names that the mount in question is allowed to access\n\nThe following arguments are common to all database engines:\n" }, "auditNonHmacRequestKeys": { "type": "array", @@ -12910,7 +10039,7 @@ "items": { "type": "string" }, - "description": "Set of managed key registry entry names that the mount in question is allowed to access\n", + "description": "Set of managed key registry entry names that the mount in question is allowed to access\n\nThe following arguments are common to all database engines:\n", "willReplaceOnChanges": true }, "auditNonHmacRequestKeys": { @@ -13112,7 +10241,7 @@ "items": { "type": "string" }, - "description": "Set of managed key registry entry names that the mount in question is allowed to access\n", + "description": "Set of managed key registry entry names that the mount in question is allowed to access\n\nThe following arguments are common to all database engines:\n", "willReplaceOnChanges": true }, "auditNonHmacRequestKeys": { @@ -13307,7 +10436,7 @@ } }, "vault:gcp/authBackend:AuthBackend": { - "description": "Provides a resource to configure the [GCP auth backend within Vault](https://www.vaultproject.io/docs/auth/gcp.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as fs from \"fs\";\nimport * as vault from \"@pulumi/vault\";\n\nconst gcp = new vault.gcp.AuthBackend(\"gcp\", {\n credentials: fs.readFileSync(\"vault-gcp-credentials.json\"),\n customEndpoint: {\n api: \"www.googleapis.com\",\n iam: \"iam.googleapis.com\",\n crm: \"cloudresourcemanager.googleapis.com\",\n compute: \"compute.googleapis.com\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ngcp = vault.gcp.AuthBackend(\"gcp\",\n credentials=(lambda path: open(path).read())(\"vault-gcp-credentials.json\"),\n custom_endpoint=vault.gcp.AuthBackendCustomEndpointArgs(\n api=\"www.googleapis.com\",\n iam=\"iam.googleapis.com\",\n crm=\"cloudresourcemanager.googleapis.com\",\n compute=\"compute.googleapis.com\",\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.IO;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var gcp = new Vault.Gcp.AuthBackend(\"gcp\", new()\n {\n Credentials = File.ReadAllText(\"vault-gcp-credentials.json\"),\n CustomEndpoint = new Vault.Gcp.Inputs.AuthBackendCustomEndpointArgs\n {\n Api = \"www.googleapis.com\",\n Iam = \"iam.googleapis.com\",\n Crm = \"cloudresourcemanager.googleapis.com\",\n Compute = \"compute.googleapis.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"io/ioutil\"\n\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/gcp\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc readFileOrPanic(path string) pulumi.StringPtrInput {\n\tdata, err := ioutil.ReadFile(path)\n\tif err != nil {\n\t\tpanic(err.Error())\n\t}\n\treturn pulumi.String(string(data))\n}\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := gcp.NewAuthBackend(ctx, \"gcp\", \u0026gcp.AuthBackendArgs{\n\t\t\tCredentials: readFileOrPanic(\"vault-gcp-credentials.json\"),\n\t\t\tCustomEndpoint: \u0026gcp.AuthBackendCustomEndpointArgs{\n\t\t\t\tApi: pulumi.String(\"www.googleapis.com\"),\n\t\t\t\tIam: pulumi.String(\"iam.googleapis.com\"),\n\t\t\t\tCrm: pulumi.String(\"cloudresourcemanager.googleapis.com\"),\n\t\t\t\tCompute: pulumi.String(\"compute.googleapis.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.gcp.AuthBackend;\nimport com.pulumi.vault.gcp.AuthBackendArgs;\nimport com.pulumi.vault.gcp.inputs.AuthBackendCustomEndpointArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var gcp = new AuthBackend(\"gcp\", AuthBackendArgs.builder() \n .credentials(Files.readString(Paths.get(\"vault-gcp-credentials.json\")))\n .customEndpoint(AuthBackendCustomEndpointArgs.builder()\n .api(\"www.googleapis.com\")\n .iam(\"iam.googleapis.com\")\n .crm(\"cloudresourcemanager.googleapis.com\")\n .compute(\"compute.googleapis.com\")\n .build())\n .build());\n\n }\n}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nGCP authentication backends can be imported using the backend name, e.g.\n\n```sh\n $ pulumi import vault:gcp/authBackend:AuthBackend gcp gcp\n```\n\n ", + "description": "Provides a resource to configure the [GCP auth backend within Vault](https://www.vaultproject.io/docs/auth/gcp.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as fs from \"fs\";\nimport * as vault from \"@pulumi/vault\";\n\nconst gcp = new vault.gcp.AuthBackend(\"gcp\", {\n credentials: fs.readFileSync(\"vault-gcp-credentials.json\"),\n customEndpoint: {\n api: \"www.googleapis.com\",\n iam: \"iam.googleapis.com\",\n crm: \"cloudresourcemanager.googleapis.com\",\n compute: \"compute.googleapis.com\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ngcp = vault.gcp.AuthBackend(\"gcp\",\n credentials=(lambda path: open(path).read())(\"vault-gcp-credentials.json\"),\n custom_endpoint=vault.gcp.AuthBackendCustomEndpointArgs(\n api=\"www.googleapis.com\",\n iam=\"iam.googleapis.com\",\n crm=\"cloudresourcemanager.googleapis.com\",\n compute=\"compute.googleapis.com\",\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.IO;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var gcp = new Vault.Gcp.AuthBackend(\"gcp\", new()\n {\n Credentials = File.ReadAllText(\"vault-gcp-credentials.json\"),\n CustomEndpoint = new Vault.Gcp.Inputs.AuthBackendCustomEndpointArgs\n {\n Api = \"www.googleapis.com\",\n Iam = \"iam.googleapis.com\",\n Crm = \"cloudresourcemanager.googleapis.com\",\n Compute = \"compute.googleapis.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"os\"\n\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/gcp\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc readFileOrPanic(path string) pulumi.StringPtrInput {\n\tdata, err := os.ReadFile(path)\n\tif err != nil {\n\t\tpanic(err.Error())\n\t}\n\treturn pulumi.String(string(data))\n}\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := gcp.NewAuthBackend(ctx, \"gcp\", \u0026gcp.AuthBackendArgs{\n\t\t\tCredentials: readFileOrPanic(\"vault-gcp-credentials.json\"),\n\t\t\tCustomEndpoint: \u0026gcp.AuthBackendCustomEndpointArgs{\n\t\t\t\tApi: pulumi.String(\"www.googleapis.com\"),\n\t\t\t\tIam: pulumi.String(\"iam.googleapis.com\"),\n\t\t\t\tCrm: pulumi.String(\"cloudresourcemanager.googleapis.com\"),\n\t\t\t\tCompute: pulumi.String(\"compute.googleapis.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.gcp.AuthBackend;\nimport com.pulumi.vault.gcp.AuthBackendArgs;\nimport com.pulumi.vault.gcp.inputs.AuthBackendCustomEndpointArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var gcp = new AuthBackend(\"gcp\", AuthBackendArgs.builder() \n .credentials(Files.readString(Paths.get(\"vault-gcp-credentials.json\")))\n .customEndpoint(AuthBackendCustomEndpointArgs.builder()\n .api(\"www.googleapis.com\")\n .iam(\"iam.googleapis.com\")\n .crm(\"cloudresourcemanager.googleapis.com\")\n .compute(\"compute.googleapis.com\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n gcp:\n type: vault:gcp:AuthBackend\n properties:\n credentials:\n fn::readFile: vault-gcp-credentials.json\n customEndpoint:\n api: www.googleapis.com\n iam: iam.googleapis.com\n crm: cloudresourcemanager.googleapis.com\n compute: compute.googleapis.com\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nGCP authentication backends can be imported using the backend name, e.g.\n\n```sh\n $ pulumi import vault:gcp/authBackend:AuthBackend gcp gcp\n```\n ", "properties": { "accessor": { "type": "string", @@ -13328,7 +10457,7 @@ }, "customEndpoint": { "$ref": "#/types/vault:gcp/AuthBackendCustomEndpoint:AuthBackendCustomEndpoint", - "description": "Specifies overrides to\n[service endpoints](https://cloud.google.com/apis/design/glossary#api_service_endpoint)\nused when making API requests. This allows specific requests made during authentication\nto target alternative service endpoints for use in [Private Google Access](https://cloud.google.com/vpc/docs/configure-private-google-access)\nenvironments. Requires Vault 1.11+.\n" + "description": "Specifies overrides to\n[service endpoints](https://cloud.google.com/apis/design/glossary#api_service_endpoint)\nused when making API requests. This allows specific requests made during authentication\nto target alternative service endpoints for use in [Private Google Access](https://cloud.google.com/vpc/docs/configure-private-google-access)\nenvironments. Requires Vault 1.11+.\n\nOverrides are set at the subdomain level using the following keys:\n" }, "description": { "type": "string", @@ -13382,7 +10511,7 @@ }, "customEndpoint": { "$ref": "#/types/vault:gcp/AuthBackendCustomEndpoint:AuthBackendCustomEndpoint", - "description": "Specifies overrides to\n[service endpoints](https://cloud.google.com/apis/design/glossary#api_service_endpoint)\nused when making API requests. This allows specific requests made during authentication\nto target alternative service endpoints for use in [Private Google Access](https://cloud.google.com/vpc/docs/configure-private-google-access)\nenvironments. Requires Vault 1.11+.\n" + "description": "Specifies overrides to\n[service endpoints](https://cloud.google.com/apis/design/glossary#api_service_endpoint)\nused when making API requests. This allows specific requests made during authentication\nto target alternative service endpoints for use in [Private Google Access](https://cloud.google.com/vpc/docs/configure-private-google-access)\nenvironments. Requires Vault 1.11+.\n\nOverrides are set at the subdomain level using the following keys:\n" }, "description": { "type": "string", @@ -13437,7 +10566,7 @@ }, "customEndpoint": { "$ref": "#/types/vault:gcp/AuthBackendCustomEndpoint:AuthBackendCustomEndpoint", - "description": "Specifies overrides to\n[service endpoints](https://cloud.google.com/apis/design/glossary#api_service_endpoint)\nused when making API requests. This allows specific requests made during authentication\nto target alternative service endpoints for use in [Private Google Access](https://cloud.google.com/vpc/docs/configure-private-google-access)\nenvironments. Requires Vault 1.11+.\n" + "description": "Specifies overrides to\n[service endpoints](https://cloud.google.com/apis/design/glossary#api_service_endpoint)\nused when making API requests. This allows specific requests made during authentication\nto target alternative service endpoints for use in [Private Google Access](https://cloud.google.com/vpc/docs/configure-private-google-access)\nenvironments. Requires Vault 1.11+.\n\nOverrides are set at the subdomain level using the following keys:\n" }, "description": { "type": "string", @@ -13474,7 +10603,7 @@ } }, "vault:gcp/authBackendRole:AuthBackendRole": { - "description": "Provides a resource to create a role in an [GCP auth backend within Vault](https://www.vaultproject.io/docs/auth/gcp.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst gcp = new vault.AuthBackend(\"gcp\", {\n path: \"gcp\",\n type: \"gcp\",\n});\nconst test = new vault.gcp.AuthBackendRole(\"test\", {\n backend: gcp.path,\n role: \"test\",\n type: \"iam\",\n boundServiceAccounts: [\"test\"],\n boundProjects: [\"test\"],\n tokenTtl: 300,\n tokenMaxTtl: 600,\n tokenPolicies: [\n \"policy_a\",\n \"policy_b\",\n ],\n addGroupAliases: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ngcp = vault.AuthBackend(\"gcp\",\n path=\"gcp\",\n type=\"gcp\")\ntest = vault.gcp.AuthBackendRole(\"test\",\n backend=gcp.path,\n role=\"test\",\n type=\"iam\",\n bound_service_accounts=[\"test\"],\n bound_projects=[\"test\"],\n token_ttl=300,\n token_max_ttl=600,\n token_policies=[\n \"policy_a\",\n \"policy_b\",\n ],\n add_group_aliases=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var gcp = new Vault.AuthBackend(\"gcp\", new()\n {\n Path = \"gcp\",\n Type = \"gcp\",\n });\n\n var test = new Vault.Gcp.AuthBackendRole(\"test\", new()\n {\n Backend = gcp.Path,\n Role = \"test\",\n Type = \"iam\",\n BoundServiceAccounts = new[]\n {\n \"test\",\n },\n BoundProjects = new[]\n {\n \"test\",\n },\n TokenTtl = 300,\n TokenMaxTtl = 600,\n TokenPolicies = new[]\n {\n \"policy_a\",\n \"policy_b\",\n },\n AddGroupAliases = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/gcp\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tgcp, err := vault.NewAuthBackend(ctx, \"gcp\", \u0026vault.AuthBackendArgs{\n\t\t\tPath: pulumi.String(\"gcp\"),\n\t\t\tType: pulumi.String(\"gcp\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = gcp.NewAuthBackendRole(ctx, \"test\", \u0026gcp.AuthBackendRoleArgs{\n\t\t\tBackend: gcp.Path,\n\t\t\tRole: pulumi.String(\"test\"),\n\t\t\tType: pulumi.String(\"iam\"),\n\t\t\tBoundServiceAccounts: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"test\"),\n\t\t\t},\n\t\t\tBoundProjects: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"test\"),\n\t\t\t},\n\t\t\tTokenTtl: pulumi.Int(300),\n\t\t\tTokenMaxTtl: pulumi.Int(600),\n\t\t\tTokenPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"policy_a\"),\n\t\t\t\tpulumi.String(\"policy_b\"),\n\t\t\t},\n\t\t\tAddGroupAliases: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.gcp.AuthBackendRole;\nimport com.pulumi.vault.gcp.AuthBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var gcp = new AuthBackend(\"gcp\", AuthBackendArgs.builder() \n .path(\"gcp\")\n .type(\"gcp\")\n .build());\n\n var test = new AuthBackendRole(\"test\", AuthBackendRoleArgs.builder() \n .backend(gcp.path())\n .role(\"test\")\n .type(\"iam\")\n .boundServiceAccounts(\"test\")\n .boundProjects(\"test\")\n .tokenTtl(300)\n .tokenMaxTtl(600)\n .tokenPolicies( \n \"policy_a\",\n \"policy_b\")\n .addGroupAliases(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n gcp:\n type: vault:AuthBackend\n properties:\n path: gcp\n type: gcp\n test:\n type: vault:gcp:AuthBackendRole\n properties:\n backend: ${gcp.path}\n role: test\n type: iam\n boundServiceAccounts:\n - test\n boundProjects:\n - test\n tokenTtl: 300\n tokenMaxTtl: 600\n tokenPolicies:\n - policy_a\n - policy_b\n addGroupAliases: true\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nGCP authentication roles can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:gcp/authBackendRole:AuthBackendRole my_role auth/gcp/role/my_role\n```\n\n ", + "description": "Provides a resource to create a role in an [GCP auth backend within Vault](https://www.vaultproject.io/docs/auth/gcp.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst gcp = new vault.AuthBackend(\"gcp\", {\n path: \"gcp\",\n type: \"gcp\",\n});\nconst test = new vault.gcp.AuthBackendRole(\"test\", {\n backend: gcp.path,\n role: \"test\",\n type: \"iam\",\n boundServiceAccounts: [\"test\"],\n boundProjects: [\"test\"],\n tokenTtl: 300,\n tokenMaxTtl: 600,\n tokenPolicies: [\n \"policy_a\",\n \"policy_b\",\n ],\n addGroupAliases: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ngcp = vault.AuthBackend(\"gcp\",\n path=\"gcp\",\n type=\"gcp\")\ntest = vault.gcp.AuthBackendRole(\"test\",\n backend=gcp.path,\n role=\"test\",\n type=\"iam\",\n bound_service_accounts=[\"test\"],\n bound_projects=[\"test\"],\n token_ttl=300,\n token_max_ttl=600,\n token_policies=[\n \"policy_a\",\n \"policy_b\",\n ],\n add_group_aliases=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var gcp = new Vault.AuthBackend(\"gcp\", new()\n {\n Path = \"gcp\",\n Type = \"gcp\",\n });\n\n var test = new Vault.Gcp.AuthBackendRole(\"test\", new()\n {\n Backend = gcp.Path,\n Role = \"test\",\n Type = \"iam\",\n BoundServiceAccounts = new[]\n {\n \"test\",\n },\n BoundProjects = new[]\n {\n \"test\",\n },\n TokenTtl = 300,\n TokenMaxTtl = 600,\n TokenPolicies = new[]\n {\n \"policy_a\",\n \"policy_b\",\n },\n AddGroupAliases = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/gcp\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tgcp, err := vault.NewAuthBackend(ctx, \"gcp\", \u0026vault.AuthBackendArgs{\n\t\t\tPath: pulumi.String(\"gcp\"),\n\t\t\tType: pulumi.String(\"gcp\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = gcp.NewAuthBackendRole(ctx, \"test\", \u0026gcp.AuthBackendRoleArgs{\n\t\t\tBackend: gcp.Path,\n\t\t\tRole: pulumi.String(\"test\"),\n\t\t\tType: pulumi.String(\"iam\"),\n\t\t\tBoundServiceAccounts: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"test\"),\n\t\t\t},\n\t\t\tBoundProjects: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"test\"),\n\t\t\t},\n\t\t\tTokenTtl: pulumi.Int(300),\n\t\t\tTokenMaxTtl: pulumi.Int(600),\n\t\t\tTokenPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"policy_a\"),\n\t\t\t\tpulumi.String(\"policy_b\"),\n\t\t\t},\n\t\t\tAddGroupAliases: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.gcp.AuthBackendRole;\nimport com.pulumi.vault.gcp.AuthBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var gcp = new AuthBackend(\"gcp\", AuthBackendArgs.builder() \n .path(\"gcp\")\n .type(\"gcp\")\n .build());\n\n var test = new AuthBackendRole(\"test\", AuthBackendRoleArgs.builder() \n .backend(gcp.path())\n .role(\"test\")\n .type(\"iam\")\n .boundServiceAccounts(\"test\")\n .boundProjects(\"test\")\n .tokenTtl(300)\n .tokenMaxTtl(600)\n .tokenPolicies( \n \"policy_a\",\n \"policy_b\")\n .addGroupAliases(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n gcp:\n type: vault:AuthBackend\n properties:\n path: gcp\n type: gcp\n test:\n type: vault:gcp:AuthBackendRole\n properties:\n backend: ${gcp.path}\n role: test\n type: iam\n boundServiceAccounts:\n - test\n boundProjects:\n - test\n tokenTtl: 300\n tokenMaxTtl: 600\n tokenPolicies:\n - policy_a\n - policy_b\n addGroupAliases: true\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nGCP authentication roles can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:gcp/authBackendRole:AuthBackendRole my_role auth/gcp/role/my_role\n```\n ", "properties": { "addGroupAliases": { "type": "boolean" @@ -13506,7 +10635,7 @@ "items": { "type": "string" }, - "description": "GCP Projects that the role exists within\n" + "description": "An array of GCP project IDs. Only entities belonging to this project can authenticate under the role.\n" }, "boundRegions": { "type": "array", @@ -13632,7 +10761,7 @@ "items": { "type": "string" }, - "description": "GCP Projects that the role exists within\n", + "description": "An array of GCP project IDs. Only entities belonging to this project can authenticate under the role.\n", "willReplaceOnChanges": true }, "boundRegions": { @@ -13756,7 +10885,7 @@ "items": { "type": "string" }, - "description": "GCP Projects that the role exists within\n", + "description": "An array of GCP project IDs. Only entities belonging to this project can authenticate under the role.\n", "willReplaceOnChanges": true }, "boundRegions": { @@ -13846,11 +10975,11 @@ } }, "vault:gcp/secretBackend:SecretBackend": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as fs from \"fs\";\nimport * as vault from \"@pulumi/vault\";\n\nconst gcp = new vault.gcp.SecretBackend(\"gcp\", {credentials: fs.readFileSync(\"credentials.json\")});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ngcp = vault.gcp.SecretBackend(\"gcp\", credentials=(lambda path: open(path).read())(\"credentials.json\"))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.IO;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var gcp = new Vault.Gcp.SecretBackend(\"gcp\", new()\n {\n Credentials = File.ReadAllText(\"credentials.json\"),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"io/ioutil\"\n\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/gcp\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc readFileOrPanic(path string) pulumi.StringPtrInput {\n\tdata, err := ioutil.ReadFile(path)\n\tif err != nil {\n\t\tpanic(err.Error())\n\t}\n\treturn pulumi.String(string(data))\n}\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := gcp.NewSecretBackend(ctx, \"gcp\", \u0026gcp.SecretBackendArgs{\n\t\t\tCredentials: readFileOrPanic(\"credentials.json\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.gcp.SecretBackend;\nimport com.pulumi.vault.gcp.SecretBackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var gcp = new SecretBackend(\"gcp\", SecretBackendArgs.builder() \n .credentials(Files.readString(Paths.get(\"credentials.json\")))\n .build());\n\n }\n}\n```\n{{% /example %}}\n{{% /examples %}}", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as fs from \"fs\";\nimport * as vault from \"@pulumi/vault\";\n\nconst gcp = new vault.gcp.SecretBackend(\"gcp\", {credentials: fs.readFileSync(\"credentials.json\")});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ngcp = vault.gcp.SecretBackend(\"gcp\", credentials=(lambda path: open(path).read())(\"credentials.json\"))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.IO;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var gcp = new Vault.Gcp.SecretBackend(\"gcp\", new()\n {\n Credentials = File.ReadAllText(\"credentials.json\"),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"os\"\n\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/gcp\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc readFileOrPanic(path string) pulumi.StringPtrInput {\n\tdata, err := os.ReadFile(path)\n\tif err != nil {\n\t\tpanic(err.Error())\n\t}\n\treturn pulumi.String(string(data))\n}\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := gcp.NewSecretBackend(ctx, \"gcp\", \u0026gcp.SecretBackendArgs{\n\t\t\tCredentials: readFileOrPanic(\"credentials.json\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.gcp.SecretBackend;\nimport com.pulumi.vault.gcp.SecretBackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var gcp = new SecretBackend(\"gcp\", SecretBackendArgs.builder() \n .credentials(Files.readString(Paths.get(\"credentials.json\")))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n gcp:\n type: vault:gcp:SecretBackend\n properties:\n credentials:\n fn::readFile: credentials.json\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "credentials": { "type": "string", - "description": "The GCP service account credentials in JSON format.\n", + "description": "JSON-encoded credentials to use to connect to GCP\n", "secret": true }, "defaultLeaseTtlSeconds": { @@ -13885,7 +11014,7 @@ "inputProperties": { "credentials": { "type": "string", - "description": "The GCP service account credentials in JSON format.\n", + "description": "JSON-encoded credentials to use to connect to GCP\n", "secret": true }, "defaultLeaseTtlSeconds": { @@ -13924,7 +11053,7 @@ "properties": { "credentials": { "type": "string", - "description": "The GCP service account credentials in JSON format.\n", + "description": "JSON-encoded credentials to use to connect to GCP\n", "secret": true }, "defaultLeaseTtlSeconds": { @@ -13962,7 +11091,7 @@ } }, "vault:gcp/secretImpersonatedAccount:SecretImpersonatedAccount": { - "description": "Creates a Impersonated Account in the [GCP Secrets Engine](https://www.vaultproject.io/docs/secrets/gcp/index.html) for Vault.\n\nEach [impersonated account](https://www.vaultproject.io/docs/secrets/gcp/index.html#impersonated-accounts) is tied to a separately managed\nService Account.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as fs from \"fs\";\nimport * as gcp from \"@pulumi/gcp\";\nimport * as vault from \"@pulumi/vault\";\n\nconst _this = new gcp.serviceaccount.Account(\"this\", {accountId: \"my-awesome-account\"});\nconst gcp = new vault.gcp.SecretBackend(\"gcp\", {\n path: \"gcp\",\n credentials: fs.readFileSync(\"credentials.json\"),\n});\nconst impersonatedAccount = new vault.gcp.SecretImpersonatedAccount(\"impersonatedAccount\", {\n backend: gcp.path,\n impersonatedAccount: \"this\",\n serviceAccountEmail: _this.email,\n tokenScopes: [\"https://www.googleapis.com/auth/cloud-platform\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\nimport pulumi_vault as vault\n\nthis = gcp.service_account.Account(\"this\", account_id=\"my-awesome-account\")\ngcp = vault.gcp.SecretBackend(\"gcp\",\n path=\"gcp\",\n credentials=(lambda path: open(path).read())(\"credentials.json\"))\nimpersonated_account = vault.gcp.SecretImpersonatedAccount(\"impersonatedAccount\",\n backend=gcp.path,\n impersonated_account=\"this\",\n service_account_email=this.email,\n token_scopes=[\"https://www.googleapis.com/auth/cloud-platform\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.IO;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @this = new Gcp.ServiceAccount.Account(\"this\", new()\n {\n AccountId = \"my-awesome-account\",\n });\n\n var gcp = new Vault.Gcp.SecretBackend(\"gcp\", new()\n {\n Path = \"gcp\",\n Credentials = File.ReadAllText(\"credentials.json\"),\n });\n\n var impersonatedAccount = new Vault.Gcp.SecretImpersonatedAccount(\"impersonatedAccount\", new()\n {\n Backend = gcp.Path,\n ImpersonatedAccount = \"this\",\n ServiceAccountEmail = @this.Email,\n TokenScopes = new[]\n {\n \"https://www.googleapis.com/auth/cloud-platform\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"io/ioutil\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v5/go/gcp/serviceAccount\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/gcp\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc readFileOrPanic(path string) pulumi.StringPtrInput {\n\tdata, err := ioutil.ReadFile(path)\n\tif err != nil {\n\t\tpanic(err.Error())\n\t}\n\treturn pulumi.String(string(data))\n}\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tthis, err := serviceAccount.NewAccount(ctx, \"this\", \u0026serviceAccount.AccountArgs{\n\t\t\tAccountId: pulumi.String(\"my-awesome-account\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tgcp, err := gcp.NewSecretBackend(ctx, \"gcp\", \u0026gcp.SecretBackendArgs{\n\t\t\tPath: pulumi.String(\"gcp\"),\n\t\t\tCredentials: readFileOrPanic(\"credentials.json\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = gcp.NewSecretImpersonatedAccount(ctx, \"impersonatedAccount\", \u0026gcp.SecretImpersonatedAccountArgs{\n\t\t\tBackend: gcp.Path,\n\t\t\tImpersonatedAccount: pulumi.String(\"this\"),\n\t\t\tServiceAccountEmail: this.Email,\n\t\t\tTokenScopes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"https://www.googleapis.com/auth/cloud-platform\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.serviceAccount.Account;\nimport com.pulumi.gcp.serviceAccount.AccountArgs;\nimport com.pulumi.vault.gcp.SecretBackend;\nimport com.pulumi.vault.gcp.SecretBackendArgs;\nimport com.pulumi.vault.gcp.SecretImpersonatedAccount;\nimport com.pulumi.vault.gcp.SecretImpersonatedAccountArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var this_ = new Account(\"this\", AccountArgs.builder() \n .accountId(\"my-awesome-account\")\n .build());\n\n var gcp = new SecretBackend(\"gcp\", SecretBackendArgs.builder() \n .path(\"gcp\")\n .credentials(Files.readString(Paths.get(\"credentials.json\")))\n .build());\n\n var impersonatedAccount = new SecretImpersonatedAccount(\"impersonatedAccount\", SecretImpersonatedAccountArgs.builder() \n .backend(gcp.path())\n .impersonatedAccount(\"this\")\n .serviceAccountEmail(this_.email())\n .tokenScopes(\"https://www.googleapis.com/auth/cloud-platform\")\n .build());\n\n }\n}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nA impersonated account can be imported using its Vault Path. For example, referencing the example above,\n\n```sh\n $ pulumi import vault:gcp/secretImpersonatedAccount:SecretImpersonatedAccount impersonated_account gcp/impersonated-account/project_viewer\n```\n\n ", + "description": "Creates a Impersonated Account in the [GCP Secrets Engine](https://www.vaultproject.io/docs/secrets/gcp/index.html) for Vault.\n\nEach [impersonated account](https://www.vaultproject.io/docs/secrets/gcp/index.html#impersonated-accounts) is tied to a separately managed\nService Account.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as fs from \"fs\";\nimport * as gcp from \"@pulumi/gcp\";\nimport * as vault from \"@pulumi/vault\";\n\nconst _this = new gcp.serviceaccount.Account(\"this\", {accountId: \"my-awesome-account\"});\nconst gcp = new vault.gcp.SecretBackend(\"gcp\", {\n path: \"gcp\",\n credentials: fs.readFileSync(\"credentials.json\"),\n});\nconst impersonatedAccount = new vault.gcp.SecretImpersonatedAccount(\"impersonatedAccount\", {\n backend: gcp.path,\n impersonatedAccount: \"this\",\n serviceAccountEmail: _this.email,\n tokenScopes: [\"https://www.googleapis.com/auth/cloud-platform\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\nimport pulumi_vault as vault\n\nthis = gcp.service_account.Account(\"this\", account_id=\"my-awesome-account\")\ngcp = vault.gcp.SecretBackend(\"gcp\",\n path=\"gcp\",\n credentials=(lambda path: open(path).read())(\"credentials.json\"))\nimpersonated_account = vault.gcp.SecretImpersonatedAccount(\"impersonatedAccount\",\n backend=gcp.path,\n impersonated_account=\"this\",\n service_account_email=this.email,\n token_scopes=[\"https://www.googleapis.com/auth/cloud-platform\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.IO;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @this = new Gcp.ServiceAccount.Account(\"this\", new()\n {\n AccountId = \"my-awesome-account\",\n });\n\n var gcp = new Vault.Gcp.SecretBackend(\"gcp\", new()\n {\n Path = \"gcp\",\n Credentials = File.ReadAllText(\"credentials.json\"),\n });\n\n var impersonatedAccount = new Vault.Gcp.SecretImpersonatedAccount(\"impersonatedAccount\", new()\n {\n Backend = gcp.Path,\n ImpersonatedAccount = \"this\",\n ServiceAccountEmail = @this.Email,\n TokenScopes = new[]\n {\n \"https://www.googleapis.com/auth/cloud-platform\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"os\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v5/go/gcp/serviceAccount\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/gcp\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc readFileOrPanic(path string) pulumi.StringPtrInput {\n\tdata, err := os.ReadFile(path)\n\tif err != nil {\n\t\tpanic(err.Error())\n\t}\n\treturn pulumi.String(string(data))\n}\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tthis, err := serviceAccount.NewAccount(ctx, \"this\", \u0026serviceAccount.AccountArgs{\n\t\t\tAccountId: pulumi.String(\"my-awesome-account\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tgcp, err := gcp.NewSecretBackend(ctx, \"gcp\", \u0026gcp.SecretBackendArgs{\n\t\t\tPath: pulumi.String(\"gcp\"),\n\t\t\tCredentials: readFileOrPanic(\"credentials.json\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = gcp.NewSecretImpersonatedAccount(ctx, \"impersonatedAccount\", \u0026gcp.SecretImpersonatedAccountArgs{\n\t\t\tBackend: gcp.Path,\n\t\t\tImpersonatedAccount: pulumi.String(\"this\"),\n\t\t\tServiceAccountEmail: this.Email,\n\t\t\tTokenScopes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"https://www.googleapis.com/auth/cloud-platform\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.serviceAccount.Account;\nimport com.pulumi.gcp.serviceAccount.AccountArgs;\nimport com.pulumi.vault.gcp.SecretBackend;\nimport com.pulumi.vault.gcp.SecretBackendArgs;\nimport com.pulumi.vault.gcp.SecretImpersonatedAccount;\nimport com.pulumi.vault.gcp.SecretImpersonatedAccountArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var this_ = new Account(\"this\", AccountArgs.builder() \n .accountId(\"my-awesome-account\")\n .build());\n\n var gcp = new SecretBackend(\"gcp\", SecretBackendArgs.builder() \n .path(\"gcp\")\n .credentials(Files.readString(Paths.get(\"credentials.json\")))\n .build());\n\n var impersonatedAccount = new SecretImpersonatedAccount(\"impersonatedAccount\", SecretImpersonatedAccountArgs.builder() \n .backend(gcp.path())\n .impersonatedAccount(\"this\")\n .serviceAccountEmail(this_.email())\n .tokenScopes(\"https://www.googleapis.com/auth/cloud-platform\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n this:\n type: gcp:serviceAccount:Account\n properties:\n accountId: my-awesome-account\n gcp:\n type: vault:gcp:SecretBackend\n properties:\n path: gcp\n credentials:\n fn::readFile: credentials.json\n impersonatedAccount:\n type: vault:gcp:SecretImpersonatedAccount\n properties:\n backend: ${gcp.path}\n impersonatedAccount: this\n serviceAccountEmail: ${this.email}\n tokenScopes:\n - https://www.googleapis.com/auth/cloud-platform\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nA impersonated account can be imported using its Vault Path. For example, referencing the example above,\n\n```sh\n $ pulumi import vault:gcp/secretImpersonatedAccount:SecretImpersonatedAccount impersonated_account gcp/impersonated-account/project_viewer\n```\n ", "properties": { "backend": { "type": "string", @@ -14071,7 +11200,7 @@ } }, "vault:gcp/secretRoleset:SecretRoleset": { - "description": "Creates a Roleset in the [GCP Secrets Engine](https://www.vaultproject.io/docs/secrets/gcp/index.html) for Vault.\n\nEach Roleset is [tied](https://www.vaultproject.io/docs/secrets/gcp/index.html#service-accounts-are-tied-to-rolesets) to a Service Account, and can have one or more [bindings](https://www.vaultproject.io/docs/secrets/gcp/index.html#roleset-bindings) associated with it.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as fs from \"fs\";\nimport * as vault from \"@pulumi/vault\";\n\nconst project = \"my-awesome-project\";\nconst gcp = new vault.gcp.SecretBackend(\"gcp\", {\n path: \"gcp\",\n credentials: fs.readFileSync(\"credentials.json\"),\n});\nconst roleset = new vault.gcp.SecretRoleset(\"roleset\", {\n backend: gcp.path,\n roleset: \"project_viewer\",\n secretType: \"access_token\",\n project: project,\n tokenScopes: [\"https://www.googleapis.com/auth/cloud-platform\"],\n bindings: [{\n resource: `//cloudresourcemanager.googleapis.com/projects/${project}`,\n roles: [\"roles/viewer\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nproject = \"my-awesome-project\"\ngcp = vault.gcp.SecretBackend(\"gcp\",\n path=\"gcp\",\n credentials=(lambda path: open(path).read())(\"credentials.json\"))\nroleset = vault.gcp.SecretRoleset(\"roleset\",\n backend=gcp.path,\n roleset=\"project_viewer\",\n secret_type=\"access_token\",\n project=project,\n token_scopes=[\"https://www.googleapis.com/auth/cloud-platform\"],\n bindings=[vault.gcp.SecretRolesetBindingArgs(\n resource=f\"//cloudresourcemanager.googleapis.com/projects/{project}\",\n roles=[\"roles/viewer\"],\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.IO;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var project = \"my-awesome-project\";\n\n var gcp = new Vault.Gcp.SecretBackend(\"gcp\", new()\n {\n Path = \"gcp\",\n Credentials = File.ReadAllText(\"credentials.json\"),\n });\n\n var roleset = new Vault.Gcp.SecretRoleset(\"roleset\", new()\n {\n Backend = gcp.Path,\n Roleset = \"project_viewer\",\n SecretType = \"access_token\",\n Project = project,\n TokenScopes = new[]\n {\n \"https://www.googleapis.com/auth/cloud-platform\",\n },\n Bindings = new[]\n {\n new Vault.Gcp.Inputs.SecretRolesetBindingArgs\n {\n Resource = $\"//cloudresourcemanager.googleapis.com/projects/{project}\",\n Roles = new[]\n {\n \"roles/viewer\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\t\"io/ioutil\"\n\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/gcp\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc readFileOrPanic(path string) pulumi.StringPtrInput {\n\tdata, err := ioutil.ReadFile(path)\n\tif err != nil {\n\t\tpanic(err.Error())\n\t}\n\treturn pulumi.String(string(data))\n}\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tproject := \"my-awesome-project\"\n\t\tgcp, err := gcp.NewSecretBackend(ctx, \"gcp\", \u0026gcp.SecretBackendArgs{\n\t\t\tPath: pulumi.String(\"gcp\"),\n\t\t\tCredentials: readFileOrPanic(\"credentials.json\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = gcp.NewSecretRoleset(ctx, \"roleset\", \u0026gcp.SecretRolesetArgs{\n\t\t\tBackend: gcp.Path,\n\t\t\tRoleset: pulumi.String(\"project_viewer\"),\n\t\t\tSecretType: pulumi.String(\"access_token\"),\n\t\t\tProject: pulumi.String(project),\n\t\t\tTokenScopes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"https://www.googleapis.com/auth/cloud-platform\"),\n\t\t\t},\n\t\t\tBindings: gcp.SecretRolesetBindingArray{\n\t\t\t\t\u0026gcp.SecretRolesetBindingArgs{\n\t\t\t\t\tResource: pulumi.String(fmt.Sprintf(\"//cloudresourcemanager.googleapis.com/projects/%v\", project)),\n\t\t\t\t\tRoles: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"roles/viewer\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.gcp.SecretBackend;\nimport com.pulumi.vault.gcp.SecretBackendArgs;\nimport com.pulumi.vault.gcp.SecretRoleset;\nimport com.pulumi.vault.gcp.SecretRolesetArgs;\nimport com.pulumi.vault.gcp.inputs.SecretRolesetBindingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var project = \"my-awesome-project\";\n\n var gcp = new SecretBackend(\"gcp\", SecretBackendArgs.builder() \n .path(\"gcp\")\n .credentials(Files.readString(Paths.get(\"credentials.json\")))\n .build());\n\n var roleset = new SecretRoleset(\"roleset\", SecretRolesetArgs.builder() \n .backend(gcp.path())\n .roleset(\"project_viewer\")\n .secretType(\"access_token\")\n .project(project)\n .tokenScopes(\"https://www.googleapis.com/auth/cloud-platform\")\n .bindings(SecretRolesetBindingArgs.builder()\n .resource(String.format(\"//cloudresourcemanager.googleapis.com/projects/%s\", project))\n .roles(\"roles/viewer\")\n .build())\n .build());\n\n }\n}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nA roleset can be imported using its Vault Path. For example, referencing the example above,\n\n```sh\n $ pulumi import vault:gcp/secretRoleset:SecretRoleset roleset gcp/roleset/project_viewer\n```\n\n ", + "description": "Creates a Roleset in the [GCP Secrets Engine](https://www.vaultproject.io/docs/secrets/gcp/index.html) for Vault.\n\nEach Roleset is [tied](https://www.vaultproject.io/docs/secrets/gcp/index.html#service-accounts-are-tied-to-rolesets) to a Service Account, and can have one or more [bindings](https://www.vaultproject.io/docs/secrets/gcp/index.html#roleset-bindings) associated with it.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as fs from \"fs\";\nimport * as vault from \"@pulumi/vault\";\n\nconst project = \"my-awesome-project\";\nconst gcp = new vault.gcp.SecretBackend(\"gcp\", {\n path: \"gcp\",\n credentials: fs.readFileSync(\"credentials.json\"),\n});\nconst roleset = new vault.gcp.SecretRoleset(\"roleset\", {\n backend: gcp.path,\n roleset: \"project_viewer\",\n secretType: \"access_token\",\n project: project,\n tokenScopes: [\"https://www.googleapis.com/auth/cloud-platform\"],\n bindings: [{\n resource: `//cloudresourcemanager.googleapis.com/projects/${project}`,\n roles: [\"roles/viewer\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nproject = \"my-awesome-project\"\ngcp = vault.gcp.SecretBackend(\"gcp\",\n path=\"gcp\",\n credentials=(lambda path: open(path).read())(\"credentials.json\"))\nroleset = vault.gcp.SecretRoleset(\"roleset\",\n backend=gcp.path,\n roleset=\"project_viewer\",\n secret_type=\"access_token\",\n project=project,\n token_scopes=[\"https://www.googleapis.com/auth/cloud-platform\"],\n bindings=[vault.gcp.SecretRolesetBindingArgs(\n resource=f\"//cloudresourcemanager.googleapis.com/projects/{project}\",\n roles=[\"roles/viewer\"],\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.IO;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var project = \"my-awesome-project\";\n\n var gcp = new Vault.Gcp.SecretBackend(\"gcp\", new()\n {\n Path = \"gcp\",\n Credentials = File.ReadAllText(\"credentials.json\"),\n });\n\n var roleset = new Vault.Gcp.SecretRoleset(\"roleset\", new()\n {\n Backend = gcp.Path,\n Roleset = \"project_viewer\",\n SecretType = \"access_token\",\n Project = project,\n TokenScopes = new[]\n {\n \"https://www.googleapis.com/auth/cloud-platform\",\n },\n Bindings = new[]\n {\n new Vault.Gcp.Inputs.SecretRolesetBindingArgs\n {\n Resource = $\"//cloudresourcemanager.googleapis.com/projects/{project}\",\n Roles = new[]\n {\n \"roles/viewer\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\t\"os\"\n\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/gcp\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc readFileOrPanic(path string) pulumi.StringPtrInput {\n\tdata, err := os.ReadFile(path)\n\tif err != nil {\n\t\tpanic(err.Error())\n\t}\n\treturn pulumi.String(string(data))\n}\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tproject := \"my-awesome-project\"\n\t\tgcp, err := gcp.NewSecretBackend(ctx, \"gcp\", \u0026gcp.SecretBackendArgs{\n\t\t\tPath: pulumi.String(\"gcp\"),\n\t\t\tCredentials: readFileOrPanic(\"credentials.json\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = gcp.NewSecretRoleset(ctx, \"roleset\", \u0026gcp.SecretRolesetArgs{\n\t\t\tBackend: gcp.Path,\n\t\t\tRoleset: pulumi.String(\"project_viewer\"),\n\t\t\tSecretType: pulumi.String(\"access_token\"),\n\t\t\tProject: pulumi.String(project),\n\t\t\tTokenScopes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"https://www.googleapis.com/auth/cloud-platform\"),\n\t\t\t},\n\t\t\tBindings: gcp.SecretRolesetBindingArray{\n\t\t\t\t\u0026gcp.SecretRolesetBindingArgs{\n\t\t\t\t\tResource: pulumi.String(fmt.Sprintf(\"//cloudresourcemanager.googleapis.com/projects/%v\", project)),\n\t\t\t\t\tRoles: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"roles/viewer\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.gcp.SecretBackend;\nimport com.pulumi.vault.gcp.SecretBackendArgs;\nimport com.pulumi.vault.gcp.SecretRoleset;\nimport com.pulumi.vault.gcp.SecretRolesetArgs;\nimport com.pulumi.vault.gcp.inputs.SecretRolesetBindingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var project = \"my-awesome-project\";\n\n var gcp = new SecretBackend(\"gcp\", SecretBackendArgs.builder() \n .path(\"gcp\")\n .credentials(Files.readString(Paths.get(\"credentials.json\")))\n .build());\n\n var roleset = new SecretRoleset(\"roleset\", SecretRolesetArgs.builder() \n .backend(gcp.path())\n .roleset(\"project_viewer\")\n .secretType(\"access_token\")\n .project(project)\n .tokenScopes(\"https://www.googleapis.com/auth/cloud-platform\")\n .bindings(SecretRolesetBindingArgs.builder()\n .resource(String.format(\"//cloudresourcemanager.googleapis.com/projects/%s\", project))\n .roles(\"roles/viewer\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n gcp:\n type: vault:gcp:SecretBackend\n properties:\n path: gcp\n credentials:\n fn::readFile: credentials.json\n roleset:\n type: vault:gcp:SecretRoleset\n properties:\n backend: ${gcp.path}\n roleset: project_viewer\n secretType: access_token\n project: ${project}\n tokenScopes:\n - https://www.googleapis.com/auth/cloud-platform\n bindings:\n - resource: //cloudresourcemanager.googleapis.com/projects/${project}\n roles:\n - roles/viewer\nvariables:\n project: my-awesome-project\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nA roleset can be imported using its Vault Path. For example, referencing the example above,\n\n```sh\n $ pulumi import vault:gcp/secretRoleset:SecretRoleset roleset gcp/roleset/project_viewer\n```\n ", "properties": { "backend": { "type": "string", @@ -14102,7 +11231,7 @@ }, "serviceAccountEmail": { "type": "string", - "description": "Email of the service account created by Vault for this Roleset\n" + "description": "Email of the service account created by Vault for this Roleset.\n" }, "tokenScopes": { "type": "array", @@ -14204,7 +11333,7 @@ }, "serviceAccountEmail": { "type": "string", - "description": "Email of the service account created by Vault for this Roleset\n" + "description": "Email of the service account created by Vault for this Roleset.\n" }, "tokenScopes": { "type": "array", @@ -14218,7 +11347,7 @@ } }, "vault:gcp/secretStaticAccount:SecretStaticAccount": { - "description": "Creates a Static Account in the [GCP Secrets Engine](https://www.vaultproject.io/docs/secrets/gcp/index.html) for Vault.\n\nEach [static account](https://www.vaultproject.io/docs/secrets/gcp/index.html#static-accounts) is tied to a separately managed\nService Account, and can have one or more [bindings](https://www.vaultproject.io/docs/secrets/gcp/index.html#bindings) associated with it.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as fs from \"fs\";\nimport * as gcp from \"@pulumi/gcp\";\nimport * as vault from \"@pulumi/vault\";\n\nconst _this = new gcp.serviceaccount.Account(\"this\", {accountId: \"my-awesome-account\"});\nconst gcp = new vault.gcp.SecretBackend(\"gcp\", {\n path: \"gcp\",\n credentials: fs.readFileSync(\"credentials.json\"),\n});\nconst staticAccount = new vault.gcp.SecretStaticAccount(\"staticAccount\", {\n backend: gcp.path,\n staticAccount: \"project_viewer\",\n secretType: \"access_token\",\n tokenScopes: [\"https://www.googleapis.com/auth/cloud-platform\"],\n serviceAccountEmail: _this.email,\n bindings: [{\n resource: pulumi.interpolate`//cloudresourcemanager.googleapis.com/projects/${_this.project}`,\n roles: [\"roles/viewer\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\nimport pulumi_vault as vault\n\nthis = gcp.service_account.Account(\"this\", account_id=\"my-awesome-account\")\ngcp = vault.gcp.SecretBackend(\"gcp\",\n path=\"gcp\",\n credentials=(lambda path: open(path).read())(\"credentials.json\"))\nstatic_account = vault.gcp.SecretStaticAccount(\"staticAccount\",\n backend=gcp.path,\n static_account=\"project_viewer\",\n secret_type=\"access_token\",\n token_scopes=[\"https://www.googleapis.com/auth/cloud-platform\"],\n service_account_email=this.email,\n bindings=[vault.gcp.SecretStaticAccountBindingArgs(\n resource=this.project.apply(lambda project: f\"//cloudresourcemanager.googleapis.com/projects/{project}\"),\n roles=[\"roles/viewer\"],\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.IO;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @this = new Gcp.ServiceAccount.Account(\"this\", new()\n {\n AccountId = \"my-awesome-account\",\n });\n\n var gcp = new Vault.Gcp.SecretBackend(\"gcp\", new()\n {\n Path = \"gcp\",\n Credentials = File.ReadAllText(\"credentials.json\"),\n });\n\n var staticAccount = new Vault.Gcp.SecretStaticAccount(\"staticAccount\", new()\n {\n Backend = gcp.Path,\n StaticAccount = \"project_viewer\",\n SecretType = \"access_token\",\n TokenScopes = new[]\n {\n \"https://www.googleapis.com/auth/cloud-platform\",\n },\n ServiceAccountEmail = @this.Email,\n Bindings = new[]\n {\n new Vault.Gcp.Inputs.SecretStaticAccountBindingArgs\n {\n Resource = @this.Project.Apply(project =\u003e $\"//cloudresourcemanager.googleapis.com/projects/{project}\"),\n Roles = new[]\n {\n \"roles/viewer\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\t\"io/ioutil\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v5/go/gcp/serviceAccount\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/gcp\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc readFileOrPanic(path string) pulumi.StringPtrInput {\n\tdata, err := ioutil.ReadFile(path)\n\tif err != nil {\n\t\tpanic(err.Error())\n\t}\n\treturn pulumi.String(string(data))\n}\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tthis, err := serviceAccount.NewAccount(ctx, \"this\", \u0026serviceAccount.AccountArgs{\n\t\t\tAccountId: pulumi.String(\"my-awesome-account\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tgcp, err := gcp.NewSecretBackend(ctx, \"gcp\", \u0026gcp.SecretBackendArgs{\n\t\t\tPath: pulumi.String(\"gcp\"),\n\t\t\tCredentials: readFileOrPanic(\"credentials.json\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = gcp.NewSecretStaticAccount(ctx, \"staticAccount\", \u0026gcp.SecretStaticAccountArgs{\n\t\t\tBackend: gcp.Path,\n\t\t\tStaticAccount: pulumi.String(\"project_viewer\"),\n\t\t\tSecretType: pulumi.String(\"access_token\"),\n\t\t\tTokenScopes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"https://www.googleapis.com/auth/cloud-platform\"),\n\t\t\t},\n\t\t\tServiceAccountEmail: this.Email,\n\t\t\tBindings: gcp.SecretStaticAccountBindingArray{\n\t\t\t\t\u0026gcp.SecretStaticAccountBindingArgs{\n\t\t\t\t\tResource: this.Project.ApplyT(func(project string) (string, error) {\n\t\t\t\t\t\treturn fmt.Sprintf(\"//cloudresourcemanager.googleapis.com/projects/%v\", project), nil\n\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\tRoles: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"roles/viewer\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.serviceAccount.Account;\nimport com.pulumi.gcp.serviceAccount.AccountArgs;\nimport com.pulumi.vault.gcp.SecretBackend;\nimport com.pulumi.vault.gcp.SecretBackendArgs;\nimport com.pulumi.vault.gcp.SecretStaticAccount;\nimport com.pulumi.vault.gcp.SecretStaticAccountArgs;\nimport com.pulumi.vault.gcp.inputs.SecretStaticAccountBindingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var this_ = new Account(\"this\", AccountArgs.builder() \n .accountId(\"my-awesome-account\")\n .build());\n\n var gcp = new SecretBackend(\"gcp\", SecretBackendArgs.builder() \n .path(\"gcp\")\n .credentials(Files.readString(Paths.get(\"credentials.json\")))\n .build());\n\n var staticAccount = new SecretStaticAccount(\"staticAccount\", SecretStaticAccountArgs.builder() \n .backend(gcp.path())\n .staticAccount(\"project_viewer\")\n .secretType(\"access_token\")\n .tokenScopes(\"https://www.googleapis.com/auth/cloud-platform\")\n .serviceAccountEmail(this_.email())\n .bindings(SecretStaticAccountBindingArgs.builder()\n .resource(this_.project().applyValue(project -\u003e String.format(\"//cloudresourcemanager.googleapis.com/projects/%s\", project)))\n .roles(\"roles/viewer\")\n .build())\n .build());\n\n }\n}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nA static account can be imported using its Vault Path. For example, referencing the example above,\n\n```sh\n $ pulumi import vault:gcp/secretStaticAccount:SecretStaticAccount static_account gcp/static-account/project_viewer\n```\n\n ", + "description": "Creates a Static Account in the [GCP Secrets Engine](https://www.vaultproject.io/docs/secrets/gcp/index.html) for Vault.\n\nEach [static account](https://www.vaultproject.io/docs/secrets/gcp/index.html#static-accounts) is tied to a separately managed\nService Account, and can have one or more [bindings](https://www.vaultproject.io/docs/secrets/gcp/index.html#bindings) associated with it.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as fs from \"fs\";\nimport * as gcp from \"@pulumi/gcp\";\nimport * as vault from \"@pulumi/vault\";\n\nconst _this = new gcp.serviceaccount.Account(\"this\", {accountId: \"my-awesome-account\"});\nconst gcp = new vault.gcp.SecretBackend(\"gcp\", {\n path: \"gcp\",\n credentials: fs.readFileSync(\"credentials.json\"),\n});\nconst staticAccount = new vault.gcp.SecretStaticAccount(\"staticAccount\", {\n backend: gcp.path,\n staticAccount: \"project_viewer\",\n secretType: \"access_token\",\n tokenScopes: [\"https://www.googleapis.com/auth/cloud-platform\"],\n serviceAccountEmail: _this.email,\n bindings: [{\n resource: pulumi.interpolate`//cloudresourcemanager.googleapis.com/projects/${_this.project}`,\n roles: [\"roles/viewer\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\nimport pulumi_vault as vault\n\nthis = gcp.service_account.Account(\"this\", account_id=\"my-awesome-account\")\ngcp = vault.gcp.SecretBackend(\"gcp\",\n path=\"gcp\",\n credentials=(lambda path: open(path).read())(\"credentials.json\"))\nstatic_account = vault.gcp.SecretStaticAccount(\"staticAccount\",\n backend=gcp.path,\n static_account=\"project_viewer\",\n secret_type=\"access_token\",\n token_scopes=[\"https://www.googleapis.com/auth/cloud-platform\"],\n service_account_email=this.email,\n bindings=[vault.gcp.SecretStaticAccountBindingArgs(\n resource=this.project.apply(lambda project: f\"//cloudresourcemanager.googleapis.com/projects/{project}\"),\n roles=[\"roles/viewer\"],\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.IO;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @this = new Gcp.ServiceAccount.Account(\"this\", new()\n {\n AccountId = \"my-awesome-account\",\n });\n\n var gcp = new Vault.Gcp.SecretBackend(\"gcp\", new()\n {\n Path = \"gcp\",\n Credentials = File.ReadAllText(\"credentials.json\"),\n });\n\n var staticAccount = new Vault.Gcp.SecretStaticAccount(\"staticAccount\", new()\n {\n Backend = gcp.Path,\n StaticAccount = \"project_viewer\",\n SecretType = \"access_token\",\n TokenScopes = new[]\n {\n \"https://www.googleapis.com/auth/cloud-platform\",\n },\n ServiceAccountEmail = @this.Email,\n Bindings = new[]\n {\n new Vault.Gcp.Inputs.SecretStaticAccountBindingArgs\n {\n Resource = @this.Project.Apply(project =\u003e $\"//cloudresourcemanager.googleapis.com/projects/{project}\"),\n Roles = new[]\n {\n \"roles/viewer\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\t\"os\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v5/go/gcp/serviceAccount\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/gcp\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc readFileOrPanic(path string) pulumi.StringPtrInput {\n\tdata, err := os.ReadFile(path)\n\tif err != nil {\n\t\tpanic(err.Error())\n\t}\n\treturn pulumi.String(string(data))\n}\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tthis, err := serviceAccount.NewAccount(ctx, \"this\", \u0026serviceAccount.AccountArgs{\n\t\t\tAccountId: pulumi.String(\"my-awesome-account\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tgcp, err := gcp.NewSecretBackend(ctx, \"gcp\", \u0026gcp.SecretBackendArgs{\n\t\t\tPath: pulumi.String(\"gcp\"),\n\t\t\tCredentials: readFileOrPanic(\"credentials.json\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = gcp.NewSecretStaticAccount(ctx, \"staticAccount\", \u0026gcp.SecretStaticAccountArgs{\n\t\t\tBackend: gcp.Path,\n\t\t\tStaticAccount: pulumi.String(\"project_viewer\"),\n\t\t\tSecretType: pulumi.String(\"access_token\"),\n\t\t\tTokenScopes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"https://www.googleapis.com/auth/cloud-platform\"),\n\t\t\t},\n\t\t\tServiceAccountEmail: this.Email,\n\t\t\tBindings: gcp.SecretStaticAccountBindingArray{\n\t\t\t\t\u0026gcp.SecretStaticAccountBindingArgs{\n\t\t\t\t\tResource: this.Project.ApplyT(func(project string) (string, error) {\n\t\t\t\t\t\treturn fmt.Sprintf(\"//cloudresourcemanager.googleapis.com/projects/%v\", project), nil\n\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\tRoles: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"roles/viewer\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.serviceAccount.Account;\nimport com.pulumi.gcp.serviceAccount.AccountArgs;\nimport com.pulumi.vault.gcp.SecretBackend;\nimport com.pulumi.vault.gcp.SecretBackendArgs;\nimport com.pulumi.vault.gcp.SecretStaticAccount;\nimport com.pulumi.vault.gcp.SecretStaticAccountArgs;\nimport com.pulumi.vault.gcp.inputs.SecretStaticAccountBindingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var this_ = new Account(\"this\", AccountArgs.builder() \n .accountId(\"my-awesome-account\")\n .build());\n\n var gcp = new SecretBackend(\"gcp\", SecretBackendArgs.builder() \n .path(\"gcp\")\n .credentials(Files.readString(Paths.get(\"credentials.json\")))\n .build());\n\n var staticAccount = new SecretStaticAccount(\"staticAccount\", SecretStaticAccountArgs.builder() \n .backend(gcp.path())\n .staticAccount(\"project_viewer\")\n .secretType(\"access_token\")\n .tokenScopes(\"https://www.googleapis.com/auth/cloud-platform\")\n .serviceAccountEmail(this_.email())\n .bindings(SecretStaticAccountBindingArgs.builder()\n .resource(this_.project().applyValue(project -\u003e String.format(\"//cloudresourcemanager.googleapis.com/projects/%s\", project)))\n .roles(\"roles/viewer\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n this:\n type: gcp:serviceAccount:Account\n properties:\n accountId: my-awesome-account\n gcp:\n type: vault:gcp:SecretBackend\n properties:\n path: gcp\n credentials:\n fn::readFile: credentials.json\n staticAccount:\n type: vault:gcp:SecretStaticAccount\n properties:\n backend: ${gcp.path}\n staticAccount: project_viewer\n secretType: access_token\n tokenScopes:\n - https://www.googleapis.com/auth/cloud-platform\n serviceAccountEmail: ${this.email}\n # Optional\n bindings:\n - resource: //cloudresourcemanager.googleapis.com/projects/${this.project}\n roles:\n - roles/viewer\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nA static account can be imported using its Vault Path. For example, referencing the example above,\n\n```sh\n $ pulumi import vault:gcp/secretStaticAccount:SecretStaticAccount static_account gcp/static-account/project_viewer\n```\n ", "properties": { "backend": { "type": "string", @@ -14363,7 +11492,7 @@ } }, "vault:generic/endpoint:Endpoint": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst userpass = new vault.AuthBackend(\"userpass\", {type: \"userpass\"});\nconst u1 = new vault.generic.Endpoint(\"u1\", {\n path: \"auth/userpass/users/u1\",\n ignoreAbsentFields: true,\n dataJson: `{\n \"policies\": [\"p1\"],\n \"password\": \"changeme\"\n}\n`,\n}, {\n dependsOn: [userpass],\n});\nconst u1Token = new vault.generic.Endpoint(\"u1Token\", {\n path: \"auth/userpass/login/u1\",\n disableRead: true,\n disableDelete: true,\n dataJson: `{\n \"password\": \"changeme\"\n}\n`,\n}, {\n dependsOn: [u1],\n});\nconst u1Entity = new vault.generic.Endpoint(\"u1Entity\", {\n disableRead: true,\n disableDelete: true,\n path: \"identity/lookup/entity\",\n ignoreAbsentFields: true,\n writeFields: [\"id\"],\n dataJson: `{\n \"alias_name\": \"u1\",\n \"alias_mount_accessor\": vault_auth_backend.userpass.accessor\n}\n`,\n}, {\n dependsOn: [u1Token],\n});\nexport const u1Id = u1Entity.writeData.id;\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var userpass = new Vault.AuthBackend(\"userpass\", new()\n {\n Type = \"userpass\",\n });\n\n var u1 = new Vault.Generic.Endpoint(\"u1\", new()\n {\n Path = \"auth/userpass/users/u1\",\n IgnoreAbsentFields = true,\n DataJson = @\"{\n \"\"policies\"\": [\"\"p1\"\"],\n \"\"password\"\": \"\"changeme\"\"\n}\n\",\n }, new CustomResourceOptions\n {\n DependsOn = new[]\n {\n userpass,\n },\n });\n\n var u1Token = new Vault.Generic.Endpoint(\"u1Token\", new()\n {\n Path = \"auth/userpass/login/u1\",\n DisableRead = true,\n DisableDelete = true,\n DataJson = @\"{\n \"\"password\"\": \"\"changeme\"\"\n}\n\",\n }, new CustomResourceOptions\n {\n DependsOn = new[]\n {\n u1,\n },\n });\n\n var u1Entity = new Vault.Generic.Endpoint(\"u1Entity\", new()\n {\n DisableRead = true,\n DisableDelete = true,\n Path = \"identity/lookup/entity\",\n IgnoreAbsentFields = true,\n WriteFields = new[]\n {\n \"id\",\n },\n DataJson = @\"{\n \"\"alias_name\"\": \"\"u1\"\",\n \"\"alias_mount_accessor\"\": vault_auth_backend.userpass.accessor\n}\n\",\n }, new CustomResourceOptions\n {\n DependsOn = new[]\n {\n u1Token,\n },\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"u1Id\"] = u1Entity.WriteData.Apply(writeData =\u003e writeData.Id),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/generic\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tuserpass, err := vault.NewAuthBackend(ctx, \"userpass\", \u0026vault.AuthBackendArgs{\n\t\t\tType: pulumi.String(\"userpass\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tu1, err := generic.NewEndpoint(ctx, \"u1\", \u0026generic.EndpointArgs{\n\t\t\tPath: pulumi.String(\"auth/userpass/users/u1\"),\n\t\t\tIgnoreAbsentFields: pulumi.Bool(true),\n\t\t\tDataJson: pulumi.String(\"{\\n \\\"policies\\\": [\\\"p1\\\"],\\n \\\"password\\\": \\\"changeme\\\"\\n}\\n\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tuserpass,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tu1Token, err := generic.NewEndpoint(ctx, \"u1Token\", \u0026generic.EndpointArgs{\n\t\t\tPath: pulumi.String(\"auth/userpass/login/u1\"),\n\t\t\tDisableRead: pulumi.Bool(true),\n\t\t\tDisableDelete: pulumi.Bool(true),\n\t\t\tDataJson: pulumi.String(\"{\\n \\\"password\\\": \\\"changeme\\\"\\n}\\n\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tu1,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tu1Entity, err := generic.NewEndpoint(ctx, \"u1Entity\", \u0026generic.EndpointArgs{\n\t\t\tDisableRead: pulumi.Bool(true),\n\t\t\tDisableDelete: pulumi.Bool(true),\n\t\t\tPath: pulumi.String(\"identity/lookup/entity\"),\n\t\t\tIgnoreAbsentFields: pulumi.Bool(true),\n\t\t\tWriteFields: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"id\"),\n\t\t\t},\n\t\t\tDataJson: pulumi.String(\"{\\n \\\"alias_name\\\": \\\"u1\\\",\\n \\\"alias_mount_accessor\\\": vault_auth_backend.userpass.accessor\\n}\\n\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tu1Token,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"u1Id\", u1Entity.WriteData.ApplyT(func(writeData map[string]string) (string, error) {\n\t\t\treturn writeData.Id, nil\n\t\t}).(pulumi.StringOutput))\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.generic.Endpoint;\nimport com.pulumi.vault.generic.EndpointArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var userpass = new AuthBackend(\"userpass\", AuthBackendArgs.builder() \n .type(\"userpass\")\n .build());\n\n var u1 = new Endpoint(\"u1\", EndpointArgs.builder() \n .path(\"auth/userpass/users/u1\")\n .ignoreAbsentFields(true)\n .dataJson(\"\"\"\n{\n \"policies\": [\"p1\"],\n \"password\": \"changeme\"\n}\n \"\"\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(userpass)\n .build());\n\n var u1Token = new Endpoint(\"u1Token\", EndpointArgs.builder() \n .path(\"auth/userpass/login/u1\")\n .disableRead(true)\n .disableDelete(true)\n .dataJson(\"\"\"\n{\n \"password\": \"changeme\"\n}\n \"\"\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(u1)\n .build());\n\n var u1Entity = new Endpoint(\"u1Entity\", EndpointArgs.builder() \n .disableRead(true)\n .disableDelete(true)\n .path(\"identity/lookup/entity\")\n .ignoreAbsentFields(true)\n .writeFields(\"id\")\n .dataJson(\"\"\"\n{\n \"alias_name\": \"u1\",\n \"alias_mount_accessor\": vault_auth_backend.userpass.accessor\n}\n \"\"\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(u1Token)\n .build());\n\n ctx.export(\"u1Id\", u1Entity.writeData().applyValue(writeData -\u003e writeData.id()));\n }\n}\n```\n```yaml\nresources:\n userpass:\n type: vault:AuthBackend\n properties:\n type: userpass\n u1:\n type: vault:generic:Endpoint\n properties:\n path: auth/userpass/users/u1\n ignoreAbsentFields: true\n dataJson: |\n {\n \"policies\": [\"p1\"],\n \"password\": \"changeme\"\n }\n options:\n dependson:\n - ${userpass}\n u1Token:\n type: vault:generic:Endpoint\n properties:\n path: auth/userpass/login/u1\n disableRead: true\n disableDelete: true\n dataJson: |\n {\n \"password\": \"changeme\"\n }\n options:\n dependson:\n - ${u1}\n u1Entity:\n type: vault:generic:Endpoint\n properties:\n disableRead: true\n disableDelete: true\n path: identity/lookup/entity\n ignoreAbsentFields: true\n writeFields:\n - id\n dataJson: |\n {\n \"alias_name\": \"u1\",\n \"alias_mount_accessor\": vault_auth_backend.userpass.accessor\n }\n options:\n dependson:\n - ${u1Token}\noutputs:\n u1Id: ${u1Entity.writeData.id}\n```\n{{% /example %}}\n{{% /examples %}}\n## Required Vault Capabilities\n\nUse of this resource requires the `create` or `update` capability\n(depending on whether the resource already exists) on the given path. If\n`disable_delete` is false, the `delete` capability is also required. If\n`disable_read` is false, the `read` capability is required.\n\n\n## Import\n\nImport is not supported for this resource. ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst userpass = new vault.AuthBackend(\"userpass\", {type: \"userpass\"});\nconst u1 = new vault.generic.Endpoint(\"u1\", {\n path: \"auth/userpass/users/u1\",\n ignoreAbsentFields: true,\n dataJson: `{\n \"policies\": [\"p1\"],\n \"password\": \"changeme\"\n}\n`,\n}, {\n dependsOn: [userpass],\n});\nconst u1Token = new vault.generic.Endpoint(\"u1Token\", {\n path: \"auth/userpass/login/u1\",\n disableRead: true,\n disableDelete: true,\n dataJson: `{\n \"password\": \"changeme\"\n}\n`,\n}, {\n dependsOn: [u1],\n});\nconst u1Entity = new vault.generic.Endpoint(\"u1Entity\", {\n disableRead: true,\n disableDelete: true,\n path: \"identity/lookup/entity\",\n ignoreAbsentFields: true,\n writeFields: [\"id\"],\n dataJson: `{\n \"alias_name\": \"u1\",\n \"alias_mount_accessor\": vault_auth_backend.userpass.accessor\n}\n`,\n}, {\n dependsOn: [u1Token],\n});\nexport const u1Id = u1Entity.writeData.id;\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nuserpass = vault.AuthBackend(\"userpass\", type=\"userpass\")\nu1 = vault.generic.Endpoint(\"u1\",\n path=\"auth/userpass/users/u1\",\n ignore_absent_fields=True,\n data_json=\"\"\"{\n \"policies\": [\"p1\"],\n \"password\": \"changeme\"\n}\n\"\"\",\n opts=pulumi.ResourceOptions(depends_on=[userpass]))\nu1_token = vault.generic.Endpoint(\"u1Token\",\n path=\"auth/userpass/login/u1\",\n disable_read=True,\n disable_delete=True,\n data_json=\"\"\"{\n \"password\": \"changeme\"\n}\n\"\"\",\n opts=pulumi.ResourceOptions(depends_on=[u1]))\nu1_entity = vault.generic.Endpoint(\"u1Entity\",\n disable_read=True,\n disable_delete=True,\n path=\"identity/lookup/entity\",\n ignore_absent_fields=True,\n write_fields=[\"id\"],\n data_json=\"\"\"{\n \"alias_name\": \"u1\",\n \"alias_mount_accessor\": vault_auth_backend.userpass.accessor\n}\n\"\"\",\n opts=pulumi.ResourceOptions(depends_on=[u1_token]))\npulumi.export(\"u1Id\", u1_entity.write_data[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var userpass = new Vault.AuthBackend(\"userpass\", new()\n {\n Type = \"userpass\",\n });\n\n var u1 = new Vault.Generic.Endpoint(\"u1\", new()\n {\n Path = \"auth/userpass/users/u1\",\n IgnoreAbsentFields = true,\n DataJson = @\"{\n \"\"policies\"\": [\"\"p1\"\"],\n \"\"password\"\": \"\"changeme\"\"\n}\n\",\n }, new CustomResourceOptions\n {\n DependsOn = new[]\n {\n userpass,\n },\n });\n\n var u1Token = new Vault.Generic.Endpoint(\"u1Token\", new()\n {\n Path = \"auth/userpass/login/u1\",\n DisableRead = true,\n DisableDelete = true,\n DataJson = @\"{\n \"\"password\"\": \"\"changeme\"\"\n}\n\",\n }, new CustomResourceOptions\n {\n DependsOn = new[]\n {\n u1,\n },\n });\n\n var u1Entity = new Vault.Generic.Endpoint(\"u1Entity\", new()\n {\n DisableRead = true,\n DisableDelete = true,\n Path = \"identity/lookup/entity\",\n IgnoreAbsentFields = true,\n WriteFields = new[]\n {\n \"id\",\n },\n DataJson = @\"{\n \"\"alias_name\"\": \"\"u1\"\",\n \"\"alias_mount_accessor\"\": vault_auth_backend.userpass.accessor\n}\n\",\n }, new CustomResourceOptions\n {\n DependsOn = new[]\n {\n u1Token,\n },\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"u1Id\"] = u1Entity.WriteData.Apply(writeData =\u003e writeData.Id),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/generic\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tuserpass, err := vault.NewAuthBackend(ctx, \"userpass\", \u0026vault.AuthBackendArgs{\n\t\t\tType: pulumi.String(\"userpass\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tu1, err := generic.NewEndpoint(ctx, \"u1\", \u0026generic.EndpointArgs{\n\t\t\tPath: pulumi.String(\"auth/userpass/users/u1\"),\n\t\t\tIgnoreAbsentFields: pulumi.Bool(true),\n\t\t\tDataJson: pulumi.String(\"{\\n \\\"policies\\\": [\\\"p1\\\"],\\n \\\"password\\\": \\\"changeme\\\"\\n}\\n\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tuserpass,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tu1Token, err := generic.NewEndpoint(ctx, \"u1Token\", \u0026generic.EndpointArgs{\n\t\t\tPath: pulumi.String(\"auth/userpass/login/u1\"),\n\t\t\tDisableRead: pulumi.Bool(true),\n\t\t\tDisableDelete: pulumi.Bool(true),\n\t\t\tDataJson: pulumi.String(\"{\\n \\\"password\\\": \\\"changeme\\\"\\n}\\n\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tu1,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tu1Entity, err := generic.NewEndpoint(ctx, \"u1Entity\", \u0026generic.EndpointArgs{\n\t\t\tDisableRead: pulumi.Bool(true),\n\t\t\tDisableDelete: pulumi.Bool(true),\n\t\t\tPath: pulumi.String(\"identity/lookup/entity\"),\n\t\t\tIgnoreAbsentFields: pulumi.Bool(true),\n\t\t\tWriteFields: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"id\"),\n\t\t\t},\n\t\t\tDataJson: pulumi.String(\"{\\n \\\"alias_name\\\": \\\"u1\\\",\\n \\\"alias_mount_accessor\\\": vault_auth_backend.userpass.accessor\\n}\\n\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tu1Token,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"u1Id\", u1Entity.WriteData.ApplyT(func(writeData map[string]string) (string, error) {\n\t\t\treturn writeData.Id, nil\n\t\t}).(pulumi.StringOutput))\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.generic.Endpoint;\nimport com.pulumi.vault.generic.EndpointArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var userpass = new AuthBackend(\"userpass\", AuthBackendArgs.builder() \n .type(\"userpass\")\n .build());\n\n var u1 = new Endpoint(\"u1\", EndpointArgs.builder() \n .path(\"auth/userpass/users/u1\")\n .ignoreAbsentFields(true)\n .dataJson(\"\"\"\n{\n \"policies\": [\"p1\"],\n \"password\": \"changeme\"\n}\n \"\"\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(userpass)\n .build());\n\n var u1Token = new Endpoint(\"u1Token\", EndpointArgs.builder() \n .path(\"auth/userpass/login/u1\")\n .disableRead(true)\n .disableDelete(true)\n .dataJson(\"\"\"\n{\n \"password\": \"changeme\"\n}\n \"\"\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(u1)\n .build());\n\n var u1Entity = new Endpoint(\"u1Entity\", EndpointArgs.builder() \n .disableRead(true)\n .disableDelete(true)\n .path(\"identity/lookup/entity\")\n .ignoreAbsentFields(true)\n .writeFields(\"id\")\n .dataJson(\"\"\"\n{\n \"alias_name\": \"u1\",\n \"alias_mount_accessor\": vault_auth_backend.userpass.accessor\n}\n \"\"\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(u1Token)\n .build());\n\n ctx.export(\"u1Id\", u1Entity.writeData().applyValue(writeData -\u003e writeData.id()));\n }\n}\n```\n```yaml\nresources:\n userpass:\n type: vault:AuthBackend\n properties:\n type: userpass\n u1:\n type: vault:generic:Endpoint\n properties:\n path: auth/userpass/users/u1\n ignoreAbsentFields: true\n dataJson: |\n {\n \"policies\": [\"p1\"],\n \"password\": \"changeme\"\n }\n options:\n dependson:\n - ${userpass}\n u1Token:\n type: vault:generic:Endpoint\n properties:\n path: auth/userpass/login/u1\n disableRead: true\n disableDelete: true\n dataJson: |\n {\n \"password\": \"changeme\"\n }\n options:\n dependson:\n - ${u1}\n u1Entity:\n type: vault:generic:Endpoint\n properties:\n disableRead: true\n disableDelete: true\n path: identity/lookup/entity\n ignoreAbsentFields: true\n writeFields:\n - id\n dataJson: |\n {\n \"alias_name\": \"u1\",\n \"alias_mount_accessor\": vault_auth_backend.userpass.accessor\n }\n options:\n dependson:\n - ${u1Token}\noutputs:\n u1Id: ${u1Entity.writeData.id}\n```\n{{% /example %}}\n{{% /examples %}}\n## Required Vault Capabilities\n\nUse of this resource requires the `create` or `update` capability\n(depending on whether the resource already exists) on the given path. If\n`disable_delete` is false, the `delete` capability is also required. If\n`disable_read` is false, the `read` capability is required.\n\n\n## Import\n\nImport is not supported for this resource. ", "properties": { "dataJson": { "type": "string", @@ -14372,7 +11501,7 @@ }, "disableDelete": { "type": "boolean", - "description": "Don't attempt to delete the path from Vault if true\n" + "description": "- (Optional) True/false. Set this to true if your\nvault authentication is not able to delete the data or if the endpoint\ndoes not support the `DELETE` method. Defaults to false.\n" }, "disableRead": { "type": "boolean", @@ -14380,7 +11509,7 @@ }, "ignoreAbsentFields": { "type": "boolean", - "description": "When reading, disregard fields not present in data_json\n" + "description": "- (Optional) True/false. If set to true,\nignore any fields present when the endpoint is read but that were not\nin `data_json`. Also, if a field that was written is not returned when\nthe endpoint is read, treat that field as being up to date. You should\nset this to `true` when writing to endpoint that, when read, returns a\ndifferent set of fields from the ones you wrote, as is common with\nmany configuration endpoints. Defaults to false.\n" }, "namespace": { "type": "string", @@ -14395,18 +11524,18 @@ "additionalProperties": { "type": "string" }, - "description": "Map of strings returned by write operation\n" + "description": "- A map whose keys are the top-level data keys\nreturned from Vault by the write operation and whose values are the\ncorresponding values. This map can only represent string data, so\nany non-string values returned from Vault are serialized as JSON.\nOnly fields set in `write_fields` are present in the JSON data.\n" }, "writeDataJson": { "type": "string", - "description": "JSON data returned by write operation\n" + "description": "- The JSON data returned by the write operation.\nOnly fields set in `write_fields` are present in the JSON data.\n" }, "writeFields": { "type": "array", "items": { "type": "string" }, - "description": "Top-level fields returned by write to persist in state\n" + "description": "- (Optional). A list of fields that should be returned\nin `write_data_json` and `write_data`. If omitted, data returned by\nthe write operation is not available to the resource or included in\nstate. This helps to avoid accidental storage of sensitive values in\nstate. Some endpoints, such as many dynamic secrets endpoints, return\ndata from writing to an endpoint rather than reading it. You should\nuse `write_fields` if you need information returned in this way.\n" } }, "required": [ @@ -14423,7 +11552,7 @@ }, "disableDelete": { "type": "boolean", - "description": "Don't attempt to delete the path from Vault if true\n" + "description": "- (Optional) True/false. Set this to true if your\nvault authentication is not able to delete the data or if the endpoint\ndoes not support the `DELETE` method. Defaults to false.\n" }, "disableRead": { "type": "boolean", @@ -14431,7 +11560,7 @@ }, "ignoreAbsentFields": { "type": "boolean", - "description": "When reading, disregard fields not present in data_json\n" + "description": "- (Optional) True/false. If set to true,\nignore any fields present when the endpoint is read but that were not\nin `data_json`. Also, if a field that was written is not returned when\nthe endpoint is read, treat that field as being up to date. You should\nset this to `true` when writing to endpoint that, when read, returns a\ndifferent set of fields from the ones you wrote, as is common with\nmany configuration endpoints. Defaults to false.\n" }, "namespace": { "type": "string", @@ -14448,7 +11577,7 @@ "items": { "type": "string" }, - "description": "Top-level fields returned by write to persist in state\n" + "description": "- (Optional). A list of fields that should be returned\nin `write_data_json` and `write_data`. If omitted, data returned by\nthe write operation is not available to the resource or included in\nstate. This helps to avoid accidental storage of sensitive values in\nstate. Some endpoints, such as many dynamic secrets endpoints, return\ndata from writing to an endpoint rather than reading it. You should\nuse `write_fields` if you need information returned in this way.\n" } }, "requiredInputs": [ @@ -14465,7 +11594,7 @@ }, "disableDelete": { "type": "boolean", - "description": "Don't attempt to delete the path from Vault if true\n" + "description": "- (Optional) True/false. Set this to true if your\nvault authentication is not able to delete the data or if the endpoint\ndoes not support the `DELETE` method. Defaults to false.\n" }, "disableRead": { "type": "boolean", @@ -14473,7 +11602,7 @@ }, "ignoreAbsentFields": { "type": "boolean", - "description": "When reading, disregard fields not present in data_json\n" + "description": "- (Optional) True/false. If set to true,\nignore any fields present when the endpoint is read but that were not\nin `data_json`. Also, if a field that was written is not returned when\nthe endpoint is read, treat that field as being up to date. You should\nset this to `true` when writing to endpoint that, when read, returns a\ndifferent set of fields from the ones you wrote, as is common with\nmany configuration endpoints. Defaults to false.\n" }, "namespace": { "type": "string", @@ -14490,25 +11619,25 @@ "additionalProperties": { "type": "string" }, - "description": "Map of strings returned by write operation\n" + "description": "- A map whose keys are the top-level data keys\nreturned from Vault by the write operation and whose values are the\ncorresponding values. This map can only represent string data, so\nany non-string values returned from Vault are serialized as JSON.\nOnly fields set in `write_fields` are present in the JSON data.\n" }, "writeDataJson": { "type": "string", - "description": "JSON data returned by write operation\n" + "description": "- The JSON data returned by the write operation.\nOnly fields set in `write_fields` are present in the JSON data.\n" }, "writeFields": { "type": "array", "items": { "type": "string" }, - "description": "Top-level fields returned by write to persist in state\n" + "description": "- (Optional). A list of fields that should be returned\nin `write_data_json` and `write_data`. If omitted, data returned by\nthe write operation is not available to the resource or included in\nstate. This helps to avoid accidental storage of sensitive values in\nstate. Some endpoints, such as many dynamic secrets endpoints, return\ndata from writing to an endpoint rather than reading it. You should\nuse `write_fields` if you need information returned in this way.\n" } }, "type": "object" } }, "vault:generic/secret:Secret": { - "description": "\n\n\n## Import\n\nGeneric secrets can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:generic/secret:Secret example secret/foo\n```\n\n ", + "description": "\n\n\n## Import\n\nGeneric secrets can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:generic/secret:Secret example secret/foo\n```\n ", "properties": { "data": { "type": "object", @@ -14613,7 +11742,7 @@ } }, "vault:github/authBackend:AuthBackend": { - "description": "Manages a GitHub Auth mount in a Vault server. See the [Vault\ndocumentation](https://www.vaultproject.io/docs/auth/github/) for more\ninformation.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst example = new vault.github.AuthBackend(\"example\", {\n organization: \"myorg\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample = vault.github.AuthBackend(\"example\", organization=\"myorg\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Vault.GitHub.AuthBackend(\"example\", new()\n {\n Organization = \"myorg\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/github\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := github.NewAuthBackend(ctx, \"example\", \u0026github.AuthBackendArgs{\n\t\t\tOrganization: pulumi.String(\"myorg\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.github.AuthBackend;\nimport com.pulumi.vault.github.AuthBackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AuthBackend(\"example\", AuthBackendArgs.builder() \n .organization(\"myorg\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: vault:github:AuthBackend\n properties:\n organization: myorg\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nGitHub authentication mounts can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:github/authBackend:AuthBackend example github\n```\n\n ", + "description": "Manages a GitHub Auth mount in a Vault server. See the [Vault\ndocumentation](https://www.vaultproject.io/docs/auth/github/) for more\ninformation.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst example = new vault.github.AuthBackend(\"example\", {organization: \"myorg\"});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample = vault.github.AuthBackend(\"example\", organization=\"myorg\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Vault.GitHub.AuthBackend(\"example\", new()\n {\n Organization = \"myorg\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/github\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := github.NewAuthBackend(ctx, \"example\", \u0026github.AuthBackendArgs{\n\t\t\tOrganization: pulumi.String(\"myorg\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.github.AuthBackend;\nimport com.pulumi.vault.github.AuthBackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AuthBackend(\"example\", AuthBackendArgs.builder() \n .organization(\"myorg\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: vault:github:AuthBackend\n properties:\n organization: myorg\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nGitHub authentication mounts can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:github/authBackend:AuthBackend example github\n```\n ", "properties": { "accessor": { "type": "string", @@ -14691,7 +11820,7 @@ }, "tune": { "$ref": "#/types/vault:github/AuthBackendTune:AuthBackendTune", - "description": "Extra configuration block. Structure is documented below.\n" + "description": "Extra configuration block. Structure is documented below.\n\nThe `tune` block is used to tune the auth backend:\n" } }, "required": [ @@ -14774,7 +11903,7 @@ }, "tune": { "$ref": "#/types/vault:github/AuthBackendTune:AuthBackendTune", - "description": "Extra configuration block. Structure is documented below.\n" + "description": "Extra configuration block. Structure is documented below.\n\nThe `tune` block is used to tune the auth backend:\n" } }, "requiredInputs": [ @@ -14860,14 +11989,14 @@ }, "tune": { "$ref": "#/types/vault:github/AuthBackendTune:AuthBackendTune", - "description": "Extra configuration block. Structure is documented below.\n" + "description": "Extra configuration block. Structure is documented below.\n\nThe `tune` block is used to tune the auth backend:\n" } }, "type": "object" } }, "vault:github/team:Team": { - "description": "Manages policy mappings for Github Teams authenticated via Github. See the [Vault\ndocumentation](https://www.vaultproject.io/docs/auth/github/) for more\ninformation.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst example = new vault.github.AuthBackend(\"example\", {organization: \"myorg\"});\nconst tfDevs = new vault.github.Team(\"tfDevs\", {\n backend: example.id,\n team: \"terraform-developers\",\n policies: [\n \"developer\",\n \"read-only\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample = vault.github.AuthBackend(\"example\", organization=\"myorg\")\ntf_devs = vault.github.Team(\"tfDevs\",\n backend=example.id,\n team=\"terraform-developers\",\n policies=[\n \"developer\",\n \"read-only\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Vault.GitHub.AuthBackend(\"example\", new()\n {\n Organization = \"myorg\",\n });\n\n var tfDevs = new Vault.GitHub.Team(\"tfDevs\", new()\n {\n Backend = example.Id,\n TeamCity = \"terraform-developers\",\n Policies = new[]\n {\n \"developer\",\n \"read-only\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/github\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := github.NewAuthBackend(ctx, \"example\", \u0026github.AuthBackendArgs{\n\t\t\tOrganization: pulumi.String(\"myorg\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = github.NewTeam(ctx, \"tfDevs\", \u0026github.TeamArgs{\n\t\t\tBackend: example.ID(),\n\t\t\tTeam: pulumi.String(\"terraform-developers\"),\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"developer\"),\n\t\t\t\tpulumi.String(\"read-only\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.github.AuthBackend;\nimport com.pulumi.vault.github.AuthBackendArgs;\nimport com.pulumi.vault.github.Team;\nimport com.pulumi.vault.github.TeamArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AuthBackend(\"example\", AuthBackendArgs.builder() \n .organization(\"myorg\")\n .build());\n\n var tfDevs = new Team(\"tfDevs\", TeamArgs.builder() \n .backend(example.id())\n .team(\"terraform-developers\")\n .policies( \n \"developer\",\n \"read-only\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: vault:github:AuthBackend\n properties:\n organization: myorg\n tfDevs:\n type: vault:github:Team\n properties:\n backend: ${example.id}\n team: terraform-developers\n policies:\n - developer\n - read-only\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nGithub team mappings can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:github/team:Team tf_devs auth/github/map/teams/terraform-developers\n```\n\n ", + "description": "Manages policy mappings for Github Teams authenticated via Github. See the [Vault\ndocumentation](https://www.vaultproject.io/docs/auth/github/) for more\ninformation.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst example = new vault.github.AuthBackend(\"example\", {organization: \"myorg\"});\nconst tfDevs = new vault.github.Team(\"tfDevs\", {\n backend: example.id,\n team: \"terraform-developers\",\n policies: [\n \"developer\",\n \"read-only\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample = vault.github.AuthBackend(\"example\", organization=\"myorg\")\ntf_devs = vault.github.Team(\"tfDevs\",\n backend=example.id,\n team=\"terraform-developers\",\n policies=[\n \"developer\",\n \"read-only\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Vault.GitHub.AuthBackend(\"example\", new()\n {\n Organization = \"myorg\",\n });\n\n var tfDevs = new Vault.GitHub.Team(\"tfDevs\", new()\n {\n Backend = example.Id,\n TeamCity = \"terraform-developers\",\n Policies = new[]\n {\n \"developer\",\n \"read-only\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/github\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := github.NewAuthBackend(ctx, \"example\", \u0026github.AuthBackendArgs{\n\t\t\tOrganization: pulumi.String(\"myorg\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = github.NewTeam(ctx, \"tfDevs\", \u0026github.TeamArgs{\n\t\t\tBackend: example.ID(),\n\t\t\tTeam: pulumi.String(\"terraform-developers\"),\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"developer\"),\n\t\t\t\tpulumi.String(\"read-only\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.github.AuthBackend;\nimport com.pulumi.vault.github.AuthBackendArgs;\nimport com.pulumi.vault.github.Team;\nimport com.pulumi.vault.github.TeamArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AuthBackend(\"example\", AuthBackendArgs.builder() \n .organization(\"myorg\")\n .build());\n\n var tfDevs = new Team(\"tfDevs\", TeamArgs.builder() \n .backend(example.id())\n .team(\"terraform-developers\")\n .policies( \n \"developer\",\n \"read-only\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: vault:github:AuthBackend\n properties:\n organization: myorg\n tfDevs:\n type: vault:github:Team\n properties:\n backend: ${example.id}\n team: terraform-developers\n policies:\n - developer\n - read-only\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nGithub team mappings can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:github/team:Team tf_devs auth/github/map/teams/terraform-developers\n```\n ", "properties": { "backend": { "type": "string", @@ -14964,7 +12093,7 @@ } }, "vault:github/user:User": { - "description": "Manages policy mappings for Github Users authenticated via Github. See the [Vault\ndocumentation](https://www.vaultproject.io/docs/auth/github/) for more\ninformation.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst example = new vault.github.AuthBackend(\"example\", {organization: \"myorg\"});\nconst tfUser = new vault.github.User(\"tfUser\", {\n backend: example.id,\n user: \"john.doe\",\n policies: [\n \"developer\",\n \"read-only\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample = vault.github.AuthBackend(\"example\", organization=\"myorg\")\ntf_user = vault.github.User(\"tfUser\",\n backend=example.id,\n user=\"john.doe\",\n policies=[\n \"developer\",\n \"read-only\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Vault.GitHub.AuthBackend(\"example\", new()\n {\n Organization = \"myorg\",\n });\n\n var tfUser = new Vault.GitHub.User(\"tfUser\", new()\n {\n Backend = example.Id,\n UserName = \"john.doe\",\n Policies = new[]\n {\n \"developer\",\n \"read-only\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/github\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := github.NewAuthBackend(ctx, \"example\", \u0026github.AuthBackendArgs{\n\t\t\tOrganization: pulumi.String(\"myorg\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = github.NewUser(ctx, \"tfUser\", \u0026github.UserArgs{\n\t\t\tBackend: example.ID(),\n\t\t\tUser: pulumi.String(\"john.doe\"),\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"developer\"),\n\t\t\t\tpulumi.String(\"read-only\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.github.AuthBackend;\nimport com.pulumi.vault.github.AuthBackendArgs;\nimport com.pulumi.vault.github.User;\nimport com.pulumi.vault.github.UserArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AuthBackend(\"example\", AuthBackendArgs.builder() \n .organization(\"myorg\")\n .build());\n\n var tfUser = new User(\"tfUser\", UserArgs.builder() \n .backend(example.id())\n .user(\"john.doe\")\n .policies( \n \"developer\",\n \"read-only\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: vault:github:AuthBackend\n properties:\n organization: myorg\n tfUser:\n type: vault:github:User\n properties:\n backend: ${example.id}\n user: john.doe\n policies:\n - developer\n - read-only\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nGithub user mappings can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:github/user:User tf_user auth/github/map/users/john.doe\n```\n\n ", + "description": "Manages policy mappings for Github Users authenticated via Github. See the [Vault\ndocumentation](https://www.vaultproject.io/docs/auth/github/) for more\ninformation.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst example = new vault.github.AuthBackend(\"example\", {organization: \"myorg\"});\nconst tfUser = new vault.github.User(\"tfUser\", {\n backend: example.id,\n user: \"john.doe\",\n policies: [\n \"developer\",\n \"read-only\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample = vault.github.AuthBackend(\"example\", organization=\"myorg\")\ntf_user = vault.github.User(\"tfUser\",\n backend=example.id,\n user=\"john.doe\",\n policies=[\n \"developer\",\n \"read-only\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Vault.GitHub.AuthBackend(\"example\", new()\n {\n Organization = \"myorg\",\n });\n\n var tfUser = new Vault.GitHub.User(\"tfUser\", new()\n {\n Backend = example.Id,\n UserName = \"john.doe\",\n Policies = new[]\n {\n \"developer\",\n \"read-only\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/github\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := github.NewAuthBackend(ctx, \"example\", \u0026github.AuthBackendArgs{\n\t\t\tOrganization: pulumi.String(\"myorg\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = github.NewUser(ctx, \"tfUser\", \u0026github.UserArgs{\n\t\t\tBackend: example.ID(),\n\t\t\tUser: pulumi.String(\"john.doe\"),\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"developer\"),\n\t\t\t\tpulumi.String(\"read-only\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.github.AuthBackend;\nimport com.pulumi.vault.github.AuthBackendArgs;\nimport com.pulumi.vault.github.User;\nimport com.pulumi.vault.github.UserArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AuthBackend(\"example\", AuthBackendArgs.builder() \n .organization(\"myorg\")\n .build());\n\n var tfUser = new User(\"tfUser\", UserArgs.builder() \n .backend(example.id())\n .user(\"john.doe\")\n .policies( \n \"developer\",\n \"read-only\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: vault:github:AuthBackend\n properties:\n organization: myorg\n tfUser:\n type: vault:github:User\n properties:\n backend: ${example.id}\n user: john.doe\n policies:\n - developer\n - read-only\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nGithub user mappings can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:github/user:User tf_user auth/github/map/users/john.doe\n```\n ", "properties": { "backend": { "type": "string", @@ -15061,7 +12190,7 @@ } }, "vault:identity/entity:Entity": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst test = new vault.identity.Entity(\"test\", {\n metadata: {\n foo: \"bar\",\n },\n policies: [\"test\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest = vault.identity.Entity(\"test\",\n metadata={\n \"foo\": \"bar\",\n },\n policies=[\"test\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Vault.Identity.Entity(\"test\", new()\n {\n Metadata = \n {\n { \"foo\", \"bar\" },\n },\n Policies = new[]\n {\n \"test\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := identity.NewEntity(ctx, \"test\", \u0026identity.EntityArgs{\n\t\t\tMetadata: pulumi.StringMap{\n\t\t\t\t\"foo\": pulumi.String(\"bar\"),\n\t\t\t},\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"test\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.Entity;\nimport com.pulumi.vault.identity.EntityArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Entity(\"test\", EntityArgs.builder() \n .metadata(Map.of(\"foo\", \"bar\"))\n .policies(\"test\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: vault:identity:Entity\n properties:\n metadata:\n foo: bar\n policies:\n - test\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nIdentity entity can be imported using the `id`, e.g.\n\n```sh\n $ pulumi import vault:identity/entity:Entity test \"ae6f8ued-0f1a-9f6b-2915-1a2be20dc053\"\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst test = new vault.identity.Entity(\"test\", {\n metadata: {\n foo: \"bar\",\n },\n policies: [\"test\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest = vault.identity.Entity(\"test\",\n metadata={\n \"foo\": \"bar\",\n },\n policies=[\"test\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Vault.Identity.Entity(\"test\", new()\n {\n Metadata = \n {\n { \"foo\", \"bar\" },\n },\n Policies = new[]\n {\n \"test\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := identity.NewEntity(ctx, \"test\", \u0026identity.EntityArgs{\n\t\t\tMetadata: pulumi.StringMap{\n\t\t\t\t\"foo\": pulumi.String(\"bar\"),\n\t\t\t},\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"test\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.Entity;\nimport com.pulumi.vault.identity.EntityArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Entity(\"test\", EntityArgs.builder() \n .metadata(Map.of(\"foo\", \"bar\"))\n .policies(\"test\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: vault:identity:Entity\n properties:\n metadata:\n foo: bar\n policies:\n - test\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nIdentity entity can be imported using the `id`, e.g.\n\n```sh\n $ pulumi import vault:identity/entity:Entity test \"ae6f8ued-0f1a-9f6b-2915-1a2be20dc053\"\n```\n ", "properties": { "disabled": { "type": "boolean", @@ -15169,7 +12298,7 @@ } }, "vault:identity/entityAlias:EntityAlias": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst test = new vault.identity.EntityAlias(\"test\", {\n canonicalId: \"49877D63-07AD-4B85-BDA8-B61626C477E8\",\n mountAccessor: \"token_1f2bd5\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest = vault.identity.EntityAlias(\"test\",\n canonical_id=\"49877D63-07AD-4B85-BDA8-B61626C477E8\",\n mount_accessor=\"token_1f2bd5\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Vault.Identity.EntityAlias(\"test\", new()\n {\n CanonicalId = \"49877D63-07AD-4B85-BDA8-B61626C477E8\",\n MountAccessor = \"token_1f2bd5\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := identity.NewEntityAlias(ctx, \"test\", \u0026identity.EntityAliasArgs{\n\t\t\tCanonicalId: pulumi.String(\"49877D63-07AD-4B85-BDA8-B61626C477E8\"),\n\t\t\tMountAccessor: pulumi.String(\"token_1f2bd5\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.EntityAlias;\nimport com.pulumi.vault.identity.EntityAliasArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new EntityAlias(\"test\", EntityAliasArgs.builder() \n .canonicalId(\"49877D63-07AD-4B85-BDA8-B61626C477E8\")\n .mountAccessor(\"token_1f2bd5\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: vault:identity:EntityAlias\n properties:\n canonicalId: 49877D63-07AD-4B85-BDA8-B61626C477E8\n mountAccessor: token_1f2bd5\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nIdentity entity alias can be imported using the `id`, e.g.\n\n```sh\n $ pulumi import vault:identity/entityAlias:EntityAlias test \"3856fb4d-3c91-dcaf-2401-68f446796bfb\"\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst test = new vault.identity.EntityAlias(\"test\", {\n canonicalId: \"49877D63-07AD-4B85-BDA8-B61626C477E8\",\n mountAccessor: \"token_1f2bd5\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest = vault.identity.EntityAlias(\"test\",\n canonical_id=\"49877D63-07AD-4B85-BDA8-B61626C477E8\",\n mount_accessor=\"token_1f2bd5\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Vault.Identity.EntityAlias(\"test\", new()\n {\n CanonicalId = \"49877D63-07AD-4B85-BDA8-B61626C477E8\",\n MountAccessor = \"token_1f2bd5\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := identity.NewEntityAlias(ctx, \"test\", \u0026identity.EntityAliasArgs{\n\t\t\tCanonicalId: pulumi.String(\"49877D63-07AD-4B85-BDA8-B61626C477E8\"),\n\t\t\tMountAccessor: pulumi.String(\"token_1f2bd5\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.EntityAlias;\nimport com.pulumi.vault.identity.EntityAliasArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new EntityAlias(\"test\", EntityAliasArgs.builder() \n .canonicalId(\"49877D63-07AD-4B85-BDA8-B61626C477E8\")\n .mountAccessor(\"token_1f2bd5\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: vault:identity:EntityAlias\n properties:\n canonicalId: 49877D63-07AD-4B85-BDA8-B61626C477E8\n mountAccessor: token_1f2bd5\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nIdentity entity alias can be imported using the `id`, e.g.\n\n```sh\n $ pulumi import vault:identity/entityAlias:EntityAlias test \"3856fb4d-3c91-dcaf-2401-68f446796bfb\"\n```\n ", "properties": { "canonicalId": { "type": "string", @@ -15262,7 +12391,7 @@ } }, "vault:identity/entityPolicies:EntityPolicies": { - "description": "Manages policies for an Identity Entity for Vault. The [Identity secrets engine](https://www.vaultproject.io/docs/secrets/identity/index.html) is the identity management solution for Vault.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Exclusive Policies\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst entity = new vault.identity.Entity(\"entity\", {externalPolicies: true});\nconst policies = new vault.identity.EntityPolicies(\"policies\", {\n policies: [\n \"default\",\n \"test\",\n ],\n exclusive: true,\n entityId: entity.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nentity = vault.identity.Entity(\"entity\", external_policies=True)\npolicies = vault.identity.EntityPolicies(\"policies\",\n policies=[\n \"default\",\n \"test\",\n ],\n exclusive=True,\n entity_id=entity.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var entity = new Vault.Identity.Entity(\"entity\", new()\n {\n ExternalPolicies = true,\n });\n\n var policies = new Vault.Identity.EntityPolicies(\"policies\", new()\n {\n Policies = new[]\n {\n \"default\",\n \"test\",\n },\n Exclusive = true,\n EntityId = entity.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tentity, err := identity.NewEntity(ctx, \"entity\", \u0026identity.EntityArgs{\n\t\t\tExternalPolicies: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewEntityPolicies(ctx, \"policies\", \u0026identity.EntityPoliciesArgs{\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"default\"),\n\t\t\t\tpulumi.String(\"test\"),\n\t\t\t},\n\t\t\tExclusive: pulumi.Bool(true),\n\t\t\tEntityId: entity.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.Entity;\nimport com.pulumi.vault.identity.EntityArgs;\nimport com.pulumi.vault.identity.EntityPolicies;\nimport com.pulumi.vault.identity.EntityPoliciesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var entity = new Entity(\"entity\", EntityArgs.builder() \n .externalPolicies(true)\n .build());\n\n var policies = new EntityPolicies(\"policies\", EntityPoliciesArgs.builder() \n .policies( \n \"default\",\n \"test\")\n .exclusive(true)\n .entityId(entity.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n entity:\n type: vault:identity:Entity\n properties:\n externalPolicies: true\n policies:\n type: vault:identity:EntityPolicies\n properties:\n policies:\n - default\n - test\n exclusive: true\n entityId: ${entity.id}\n```\n{{% /example %}}\n{{% example %}}\n### Non-exclusive Policies\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst entity = new vault.identity.Entity(\"entity\", {externalPolicies: true});\nconst _default = new vault.identity.EntityPolicies(\"default\", {\n policies: [\n \"default\",\n \"test\",\n ],\n exclusive: false,\n entityId: entity.id,\n});\nconst others = new vault.identity.EntityPolicies(\"others\", {\n policies: [\"others\"],\n exclusive: false,\n entityId: entity.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nentity = vault.identity.Entity(\"entity\", external_policies=True)\ndefault = vault.identity.EntityPolicies(\"default\",\n policies=[\n \"default\",\n \"test\",\n ],\n exclusive=False,\n entity_id=entity.id)\nothers = vault.identity.EntityPolicies(\"others\",\n policies=[\"others\"],\n exclusive=False,\n entity_id=entity.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var entity = new Vault.Identity.Entity(\"entity\", new()\n {\n ExternalPolicies = true,\n });\n\n var @default = new Vault.Identity.EntityPolicies(\"default\", new()\n {\n Policies = new[]\n {\n \"default\",\n \"test\",\n },\n Exclusive = false,\n EntityId = entity.Id,\n });\n\n var others = new Vault.Identity.EntityPolicies(\"others\", new()\n {\n Policies = new[]\n {\n \"others\",\n },\n Exclusive = false,\n EntityId = entity.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tentity, err := identity.NewEntity(ctx, \"entity\", \u0026identity.EntityArgs{\n\t\t\tExternalPolicies: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewEntityPolicies(ctx, \"default\", \u0026identity.EntityPoliciesArgs{\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"default\"),\n\t\t\t\tpulumi.String(\"test\"),\n\t\t\t},\n\t\t\tExclusive: pulumi.Bool(false),\n\t\t\tEntityId: entity.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewEntityPolicies(ctx, \"others\", \u0026identity.EntityPoliciesArgs{\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"others\"),\n\t\t\t},\n\t\t\tExclusive: pulumi.Bool(false),\n\t\t\tEntityId: entity.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.Entity;\nimport com.pulumi.vault.identity.EntityArgs;\nimport com.pulumi.vault.identity.EntityPolicies;\nimport com.pulumi.vault.identity.EntityPoliciesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var entity = new Entity(\"entity\", EntityArgs.builder() \n .externalPolicies(true)\n .build());\n\n var default_ = new EntityPolicies(\"default\", EntityPoliciesArgs.builder() \n .policies( \n \"default\",\n \"test\")\n .exclusive(false)\n .entityId(entity.id())\n .build());\n\n var others = new EntityPolicies(\"others\", EntityPoliciesArgs.builder() \n .policies(\"others\")\n .exclusive(false)\n .entityId(entity.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n entity:\n type: vault:identity:Entity\n properties:\n externalPolicies: true\n default:\n type: vault:identity:EntityPolicies\n properties:\n policies:\n - default\n - test\n exclusive: false\n entityId: ${entity.id}\n others:\n type: vault:identity:EntityPolicies\n properties:\n policies:\n - others\n exclusive: false\n entityId: ${entity.id}\n```\n{{% /example %}}\n{{% /examples %}}", + "description": "Manages policies for an Identity Entity for Vault. The [Identity secrets engine](https://www.vaultproject.io/docs/secrets/identity/index.html) is the identity management solution for Vault.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Exclusive Policies\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst entity = new vault.identity.Entity(\"entity\", {externalPolicies: true});\nconst policies = new vault.identity.EntityPolicies(\"policies\", {\n policies: [\n \"default\",\n \"test\",\n ],\n exclusive: true,\n entityId: entity.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nentity = vault.identity.Entity(\"entity\", external_policies=True)\npolicies = vault.identity.EntityPolicies(\"policies\",\n policies=[\n \"default\",\n \"test\",\n ],\n exclusive=True,\n entity_id=entity.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var entity = new Vault.Identity.Entity(\"entity\", new()\n {\n ExternalPolicies = true,\n });\n\n var policies = new Vault.Identity.EntityPolicies(\"policies\", new()\n {\n Policies = new[]\n {\n \"default\",\n \"test\",\n },\n Exclusive = true,\n EntityId = entity.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tentity, err := identity.NewEntity(ctx, \"entity\", \u0026identity.EntityArgs{\n\t\t\tExternalPolicies: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewEntityPolicies(ctx, \"policies\", \u0026identity.EntityPoliciesArgs{\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"default\"),\n\t\t\t\tpulumi.String(\"test\"),\n\t\t\t},\n\t\t\tExclusive: pulumi.Bool(true),\n\t\t\tEntityId: entity.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.Entity;\nimport com.pulumi.vault.identity.EntityArgs;\nimport com.pulumi.vault.identity.EntityPolicies;\nimport com.pulumi.vault.identity.EntityPoliciesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var entity = new Entity(\"entity\", EntityArgs.builder() \n .externalPolicies(true)\n .build());\n\n var policies = new EntityPolicies(\"policies\", EntityPoliciesArgs.builder() \n .policies( \n \"default\",\n \"test\")\n .exclusive(true)\n .entityId(entity.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n entity:\n type: vault:identity:Entity\n properties:\n externalPolicies: true\n policies:\n type: vault:identity:EntityPolicies\n properties:\n policies:\n - default\n - test\n exclusive: true\n entityId: ${entity.id}\n```\n{{% /example %}}\n{{% example %}}\n### Non-exclusive Policies\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst entity = new vault.identity.Entity(\"entity\", {externalPolicies: true});\nconst _default = new vault.identity.EntityPolicies(\"default\", {\n policies: [\n \"default\",\n \"test\",\n ],\n exclusive: false,\n entityId: entity.id,\n});\nconst others = new vault.identity.EntityPolicies(\"others\", {\n policies: [\"others\"],\n exclusive: false,\n entityId: entity.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nentity = vault.identity.Entity(\"entity\", external_policies=True)\ndefault = vault.identity.EntityPolicies(\"default\",\n policies=[\n \"default\",\n \"test\",\n ],\n exclusive=False,\n entity_id=entity.id)\nothers = vault.identity.EntityPolicies(\"others\",\n policies=[\"others\"],\n exclusive=False,\n entity_id=entity.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var entity = new Vault.Identity.Entity(\"entity\", new()\n {\n ExternalPolicies = true,\n });\n\n var @default = new Vault.Identity.EntityPolicies(\"default\", new()\n {\n Policies = new[]\n {\n \"default\",\n \"test\",\n },\n Exclusive = false,\n EntityId = entity.Id,\n });\n\n var others = new Vault.Identity.EntityPolicies(\"others\", new()\n {\n Policies = new[]\n {\n \"others\",\n },\n Exclusive = false,\n EntityId = entity.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tentity, err := identity.NewEntity(ctx, \"entity\", \u0026identity.EntityArgs{\n\t\t\tExternalPolicies: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewEntityPolicies(ctx, \"default\", \u0026identity.EntityPoliciesArgs{\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"default\"),\n\t\t\t\tpulumi.String(\"test\"),\n\t\t\t},\n\t\t\tExclusive: pulumi.Bool(false),\n\t\t\tEntityId: entity.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewEntityPolicies(ctx, \"others\", \u0026identity.EntityPoliciesArgs{\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"others\"),\n\t\t\t},\n\t\t\tExclusive: pulumi.Bool(false),\n\t\t\tEntityId: entity.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.Entity;\nimport com.pulumi.vault.identity.EntityArgs;\nimport com.pulumi.vault.identity.EntityPolicies;\nimport com.pulumi.vault.identity.EntityPoliciesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var entity = new Entity(\"entity\", EntityArgs.builder() \n .externalPolicies(true)\n .build());\n\n var default_ = new EntityPolicies(\"default\", EntityPoliciesArgs.builder() \n .policies( \n \"default\",\n \"test\")\n .exclusive(false)\n .entityId(entity.id())\n .build());\n\n var others = new EntityPolicies(\"others\", EntityPoliciesArgs.builder() \n .policies(\"others\")\n .exclusive(false)\n .entityId(entity.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n entity:\n type: vault:identity:Entity\n properties:\n externalPolicies: true\n default:\n type: vault:identity:EntityPolicies\n properties:\n policies:\n - default\n - test\n exclusive: false\n entityId: ${entity.id}\n others:\n type: vault:identity:EntityPolicies\n properties:\n policies:\n - others\n exclusive: false\n entityId: ${entity.id}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "entityId": { "type": "string", @@ -15274,7 +12403,7 @@ }, "exclusive": { "type": "boolean", - "description": "Defaults to `true`.\n" + "description": "Defaults to `true`.\n\nIf `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource.\n\nIf set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed.\n" }, "namespace": { "type": "string", @@ -15300,7 +12429,7 @@ }, "exclusive": { "type": "boolean", - "description": "Defaults to `true`.\n" + "description": "Defaults to `true`.\n\nIf `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource.\n\nIf set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed.\n" }, "namespace": { "type": "string", @@ -15332,7 +12461,7 @@ }, "exclusive": { "type": "boolean", - "description": "Defaults to `true`.\n" + "description": "Defaults to `true`.\n\nIf `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource.\n\nIf set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed.\n" }, "namespace": { "type": "string", @@ -15351,7 +12480,7 @@ } }, "vault:identity/group:Group": { - "description": "Creates an Identity Group for Vault. The [Identity secrets engine](https://www.vaultproject.io/docs/secrets/identity/index.html) is the identity management solution for Vault.\n\nA group can contain multiple entities as its members. A group can also have subgroups. Policies set on the group is granted to all members of the group. During request time, when the token's entity ID is being evaluated for the policies that it has access to; along with the policies on the entity itself, policies that are inherited due to group memberships are also granted.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Internal Group\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst internal = new vault.identity.Group(\"internal\", {\n metadata: {\n version: \"2\",\n },\n policies: [\n \"dev\",\n \"test\",\n ],\n type: \"internal\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ninternal = vault.identity.Group(\"internal\",\n metadata={\n \"version\": \"2\",\n },\n policies=[\n \"dev\",\n \"test\",\n ],\n type=\"internal\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @internal = new Vault.Identity.Group(\"internal\", new()\n {\n Metadata = \n {\n { \"version\", \"2\" },\n },\n Policies = new[]\n {\n \"dev\",\n \"test\",\n },\n Type = \"internal\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := identity.NewGroup(ctx, \"internal\", \u0026identity.GroupArgs{\n\t\t\tMetadata: pulumi.StringMap{\n\t\t\t\t\"version\": pulumi.String(\"2\"),\n\t\t\t},\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"dev\"),\n\t\t\t\tpulumi.String(\"test\"),\n\t\t\t},\n\t\t\tType: pulumi.String(\"internal\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.Group;\nimport com.pulumi.vault.identity.GroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var internal = new Group(\"internal\", GroupArgs.builder() \n .metadata(Map.of(\"version\", \"2\"))\n .policies( \n \"dev\",\n \"test\")\n .type(\"internal\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n internal:\n type: vault:identity:Group\n properties:\n metadata:\n version: 2\n policies:\n - dev\n - test\n type: internal\n```\n{{% /example %}}\n{{% example %}}\n### External Group\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst group = new vault.identity.Group(\"group\", {\n metadata: {\n version: \"1\",\n },\n policies: [\"test\"],\n type: \"external\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ngroup = vault.identity.Group(\"group\",\n metadata={\n \"version\": \"1\",\n },\n policies=[\"test\"],\n type=\"external\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @group = new Vault.Identity.Group(\"group\", new()\n {\n Metadata = \n {\n { \"version\", \"1\" },\n },\n Policies = new[]\n {\n \"test\",\n },\n Type = \"external\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := identity.NewGroup(ctx, \"group\", \u0026identity.GroupArgs{\n\t\t\tMetadata: pulumi.StringMap{\n\t\t\t\t\"version\": pulumi.String(\"1\"),\n\t\t\t},\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"test\"),\n\t\t\t},\n\t\t\tType: pulumi.String(\"external\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.Group;\nimport com.pulumi.vault.identity.GroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var group = new Group(\"group\", GroupArgs.builder() \n .metadata(Map.of(\"version\", \"1\"))\n .policies(\"test\")\n .type(\"external\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n group:\n type: vault:identity:Group\n properties:\n metadata:\n version: 1\n policies:\n - test\n type: external\n```\n{{% /example %}}\n{{% /examples %}}\n## Caveats\n\nIt's important to note that Vault identity groups names are *case-insensitive*. For example the following resources would be equivalent.\nApplying this configuration would result in the provider failing to create one of the identity groups, since the resources share the same `name`.\n\nThis sort of pattern should be avoided:\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst internalIdentityGroup = new vault.identity.Group(\"internal\", {\n metadata: {\n version: \"2\",\n },\n policies: [\n \"dev\",\n \"test\",\n ],\n type: \"internal\",\n});\nconst internalGroup = new vault.identity.Group(\"Internal\", {\n metadata: {\n version: \"2\",\n },\n policies: [\n \"dev\",\n \"test\",\n ],\n type: \"internal\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ninternal_identity_group_group = vault.identity.Group(\"internalIdentity/groupGroup\",\n metadata={\n \"version\": \"2\",\n },\n policies=[\n \"dev\",\n \"test\",\n ],\n type=\"internal\")\ninternal_group = vault.identity.Group(\"internalGroup\",\n metadata={\n \"version\": \"2\",\n },\n policies=[\n \"dev\",\n \"test\",\n ],\n type=\"internal\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var internalIdentity_groupGroup = new Vault.Identity.Group(\"internalIdentity/groupGroup\", new()\n {\n Metadata = \n {\n { \"version\", \"2\" },\n },\n Policies = new[]\n {\n \"dev\",\n \"test\",\n },\n Type = \"internal\",\n });\n\n var internalGroup = new Vault.Identity.Group(\"internalGroup\", new()\n {\n Metadata = \n {\n { \"version\", \"2\" },\n },\n Policies = new[]\n {\n \"dev\",\n \"test\",\n },\n Type = \"internal\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := identity.NewGroup(ctx, \"internalIdentity/groupGroup\", \u0026identity.GroupArgs{\n\t\t\tMetadata: pulumi.StringMap{\n\t\t\t\t\"version\": pulumi.String(\"2\"),\n\t\t\t},\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"dev\"),\n\t\t\t\tpulumi.String(\"test\"),\n\t\t\t},\n\t\t\tType: pulumi.String(\"internal\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewGroup(ctx, \"internalGroup\", \u0026identity.GroupArgs{\n\t\t\tMetadata: pulumi.StringMap{\n\t\t\t\t\"version\": pulumi.String(\"2\"),\n\t\t\t},\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"dev\"),\n\t\t\t\tpulumi.String(\"test\"),\n\t\t\t},\n\t\t\tType: pulumi.String(\"internal\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.Group;\nimport com.pulumi.vault.identity.GroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var internalIdentity_groupGroup = new Group(\"internalIdentity/groupGroup\", GroupArgs.builder() \n .metadata(Map.of(\"version\", \"2\"))\n .policies( \n \"dev\",\n \"test\")\n .type(\"internal\")\n .build());\n\n var internalGroup = new Group(\"internalGroup\", GroupArgs.builder() \n .metadata(Map.of(\"version\", \"2\"))\n .policies( \n \"dev\",\n \"test\")\n .type(\"internal\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n internalIdentity/groupGroup:\n type: vault:identity:Group\n properties:\n metadata:\n version: 2\n policies:\n - dev\n - test\n type: internal\n internalGroup:\n type: vault:identity:Group\n properties:\n metadata:\n version: 2\n policies:\n - dev\n - test\n type: internal\n```\n\n\n## Import\n\nIdentity group can be imported using the `id`, e.g.\n\n```sh\n $ pulumi import vault:identity/group:Group test 'fcbf1efb-2b69-4209-bed8-811e3475dad3'\n```\n\n ", + "description": "Creates an Identity Group for Vault. The [Identity secrets engine](https://www.vaultproject.io/docs/secrets/identity/index.html) is the identity management solution for Vault.\n\nA group can contain multiple entities as its members. A group can also have subgroups. Policies set on the group is granted to all members of the group. During request time, when the token's entity ID is being evaluated for the policies that it has access to; along with the policies on the entity itself, policies that are inherited due to group memberships are also granted.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Internal Group\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst internal = new vault.identity.Group(\"internal\", {\n metadata: {\n version: \"2\",\n },\n policies: [\n \"dev\",\n \"test\",\n ],\n type: \"internal\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ninternal = vault.identity.Group(\"internal\",\n metadata={\n \"version\": \"2\",\n },\n policies=[\n \"dev\",\n \"test\",\n ],\n type=\"internal\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @internal = new Vault.Identity.Group(\"internal\", new()\n {\n Metadata = \n {\n { \"version\", \"2\" },\n },\n Policies = new[]\n {\n \"dev\",\n \"test\",\n },\n Type = \"internal\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := identity.NewGroup(ctx, \"internal\", \u0026identity.GroupArgs{\n\t\t\tMetadata: pulumi.StringMap{\n\t\t\t\t\"version\": pulumi.String(\"2\"),\n\t\t\t},\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"dev\"),\n\t\t\t\tpulumi.String(\"test\"),\n\t\t\t},\n\t\t\tType: pulumi.String(\"internal\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.Group;\nimport com.pulumi.vault.identity.GroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var internal = new Group(\"internal\", GroupArgs.builder() \n .metadata(Map.of(\"version\", \"2\"))\n .policies( \n \"dev\",\n \"test\")\n .type(\"internal\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n internal:\n type: vault:identity:Group\n properties:\n metadata:\n version: '2'\n policies:\n - dev\n - test\n type: internal\n```\n{{% /example %}}\n{{% example %}}\n### External Group\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst group = new vault.identity.Group(\"group\", {\n metadata: {\n version: \"1\",\n },\n policies: [\"test\"],\n type: \"external\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ngroup = vault.identity.Group(\"group\",\n metadata={\n \"version\": \"1\",\n },\n policies=[\"test\"],\n type=\"external\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @group = new Vault.Identity.Group(\"group\", new()\n {\n Metadata = \n {\n { \"version\", \"1\" },\n },\n Policies = new[]\n {\n \"test\",\n },\n Type = \"external\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := identity.NewGroup(ctx, \"group\", \u0026identity.GroupArgs{\n\t\t\tMetadata: pulumi.StringMap{\n\t\t\t\t\"version\": pulumi.String(\"1\"),\n\t\t\t},\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"test\"),\n\t\t\t},\n\t\t\tType: pulumi.String(\"external\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.Group;\nimport com.pulumi.vault.identity.GroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var group = new Group(\"group\", GroupArgs.builder() \n .metadata(Map.of(\"version\", \"1\"))\n .policies(\"test\")\n .type(\"external\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n group:\n type: vault:identity:Group\n properties:\n metadata:\n version: '1'\n policies:\n - test\n type: external\n```\n{{% /example %}}\n{{% /examples %}}\n## Caveats\n\nIt's important to note that Vault identity groups names are *case-insensitive*. For example the following resources would be equivalent.\nApplying this configuration would result in the provider failing to create one of the identity groups, since the resources share the same `name`.\n\nThis sort of pattern should be avoided:\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst internalIdentity_groupGroup = new vault.identity.Group(\"internalIdentity/groupGroup\", {\n metadata: {\n version: \"2\",\n },\n policies: [\n \"dev\",\n \"test\",\n ],\n type: \"internal\",\n});\nconst internalGroup = new vault.identity.Group(\"internalGroup\", {\n metadata: {\n version: \"2\",\n },\n policies: [\n \"dev\",\n \"test\",\n ],\n type: \"internal\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ninternal_identity_group_group = vault.identity.Group(\"internalIdentity/groupGroup\",\n metadata={\n \"version\": \"2\",\n },\n policies=[\n \"dev\",\n \"test\",\n ],\n type=\"internal\")\ninternal_group = vault.identity.Group(\"internalGroup\",\n metadata={\n \"version\": \"2\",\n },\n policies=[\n \"dev\",\n \"test\",\n ],\n type=\"internal\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var internalIdentity_groupGroup = new Vault.Identity.Group(\"internalIdentity/groupGroup\", new()\n {\n Metadata = \n {\n { \"version\", \"2\" },\n },\n Policies = new[]\n {\n \"dev\",\n \"test\",\n },\n Type = \"internal\",\n });\n\n var internalGroup = new Vault.Identity.Group(\"internalGroup\", new()\n {\n Metadata = \n {\n { \"version\", \"2\" },\n },\n Policies = new[]\n {\n \"dev\",\n \"test\",\n },\n Type = \"internal\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := identity.NewGroup(ctx, \"internalIdentity/groupGroup\", \u0026identity.GroupArgs{\n\t\t\tMetadata: pulumi.StringMap{\n\t\t\t\t\"version\": pulumi.String(\"2\"),\n\t\t\t},\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"dev\"),\n\t\t\t\tpulumi.String(\"test\"),\n\t\t\t},\n\t\t\tType: pulumi.String(\"internal\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewGroup(ctx, \"internalGroup\", \u0026identity.GroupArgs{\n\t\t\tMetadata: pulumi.StringMap{\n\t\t\t\t\"version\": pulumi.String(\"2\"),\n\t\t\t},\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"dev\"),\n\t\t\t\tpulumi.String(\"test\"),\n\t\t\t},\n\t\t\tType: pulumi.String(\"internal\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.Group;\nimport com.pulumi.vault.identity.GroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var internalIdentity_groupGroup = new Group(\"internalIdentity/groupGroup\", GroupArgs.builder() \n .metadata(Map.of(\"version\", \"2\"))\n .policies( \n \"dev\",\n \"test\")\n .type(\"internal\")\n .build());\n\n var internalGroup = new Group(\"internalGroup\", GroupArgs.builder() \n .metadata(Map.of(\"version\", \"2\"))\n .policies( \n \"dev\",\n \"test\")\n .type(\"internal\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n internalIdentity/groupGroup:\n type: vault:identity:Group\n properties:\n metadata:\n version: '2'\n policies:\n - dev\n - test\n type: internal\n internalGroup:\n type: vault:identity:Group\n properties:\n metadata:\n version: '2'\n policies:\n - dev\n - test\n type: internal\n```\n\n\n## Import\n\nIdentity group can be imported using the `id`, e.g.\n\n```sh\n $ pulumi import vault:identity/group:Group test 'fcbf1efb-2b69-4209-bed8-811e3475dad3'\n```\n ", "properties": { "externalMemberEntityIds": { "type": "boolean", @@ -15527,7 +12656,7 @@ } }, "vault:identity/groupAlias:GroupAlias": { - "description": "Creates an Identity Group Alias for Vault. The [Identity secrets engine](https://www.vaultproject.io/docs/secrets/identity/index.html) is the identity management solution for Vault.\n\nGroup aliases allows entity membership in external groups to be managed semi-automatically. External group serves as a mapping to a group that is outside of the identity store. External groups can have one (and only one) alias. This alias should map to a notion of group that is outside of the identity store. For example, groups in LDAP, and teams in GitHub. A username in LDAP, belonging to a group in LDAP, can get its entity ID added as a member of a group in Vault automatically during logins and token renewals. This works only if the group in Vault is an external group and has an alias that maps to the group in LDAP. If the user is removed from the group in LDAP, that change gets reflected in Vault only upon the subsequent login or renewal operation.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst group = new vault.identity.Group(\"group\", {\n type: \"external\",\n policies: [\"test\"],\n});\nconst github = new vault.AuthBackend(\"github\", {\n type: \"github\",\n path: \"github\",\n});\nconst group_alias = new vault.identity.GroupAlias(\"group-alias\", {\n name: \"Github_Team_Slug\",\n mountAccessor: github.accessor,\n canonicalId: group.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ngroup = vault.identity.Group(\"group\",\n type=\"external\",\n policies=[\"test\"])\ngithub = vault.AuthBackend(\"github\",\n type=\"github\",\n path=\"github\")\ngroup_alias = vault.identity.GroupAlias(\"group-alias\",\n name=\"Github_Team_Slug\",\n mount_accessor=github.accessor,\n canonical_id=group.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @group = new Vault.Identity.Group(\"group\", new()\n {\n Type = \"external\",\n Policies = new[]\n {\n \"test\",\n },\n });\n\n var github = new Vault.AuthBackend(\"github\", new()\n {\n Type = \"github\",\n Path = \"github\",\n });\n\n var group_alias = new Vault.Identity.GroupAlias(\"group-alias\", new()\n {\n Name = \"Github_Team_Slug\",\n MountAccessor = github.Accessor,\n CanonicalId = @group.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tgroup, err := identity.NewGroup(ctx, \"group\", \u0026identity.GroupArgs{\n\t\t\tType: pulumi.String(\"external\"),\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"test\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tgithub, err := vault.NewAuthBackend(ctx, \"github\", \u0026vault.AuthBackendArgs{\n\t\t\tType: pulumi.String(\"github\"),\n\t\t\tPath: pulumi.String(\"github\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewGroupAlias(ctx, \"group-alias\", \u0026identity.GroupAliasArgs{\n\t\t\tName: pulumi.String(\"Github_Team_Slug\"),\n\t\t\tMountAccessor: github.Accessor,\n\t\t\tCanonicalId: group.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.Group;\nimport com.pulumi.vault.identity.GroupArgs;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.identity.GroupAlias;\nimport com.pulumi.vault.identity.GroupAliasArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var group = new Group(\"group\", GroupArgs.builder() \n .type(\"external\")\n .policies(\"test\")\n .build());\n\n var github = new AuthBackend(\"github\", AuthBackendArgs.builder() \n .type(\"github\")\n .path(\"github\")\n .build());\n\n var group_alias = new GroupAlias(\"group-alias\", GroupAliasArgs.builder() \n .name(\"Github_Team_Slug\")\n .mountAccessor(github.accessor())\n .canonicalId(group.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n group:\n type: vault:identity:Group\n properties:\n type: external\n policies:\n - test\n github:\n type: vault:AuthBackend\n properties:\n type: github\n path: github\n group-alias:\n type: vault:identity:GroupAlias\n properties:\n name: Github_Team_Slug\n mountAccessor: ${github.accessor}\n canonicalId: ${group.id}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nThe group alias can be imported with the group alias `id`, for example\n\n```sh\n $ pulumi import vault:identity/groupAlias:GroupAlias group-alias id\n```\n\n Group aliases can also be imported using the UUID of the alias record, e.g.\n\n```sh\n $ pulumi import vault:identity/groupAlias:GroupAlias alias_name 63104e20-88e4-11eb-8d04-cf7ac9d60157\n```\n\n ", + "description": "Creates an Identity Group Alias for Vault. The [Identity secrets engine](https://www.vaultproject.io/docs/secrets/identity/index.html) is the identity management solution for Vault.\n\nGroup aliases allows entity membership in external groups to be managed semi-automatically. External group serves as a mapping to a group that is outside of the identity store. External groups can have one (and only one) alias. This alias should map to a notion of group that is outside of the identity store. For example, groups in LDAP, and teams in GitHub. A username in LDAP, belonging to a group in LDAP, can get its entity ID added as a member of a group in Vault automatically during logins and token renewals. This works only if the group in Vault is an external group and has an alias that maps to the group in LDAP. If the user is removed from the group in LDAP, that change gets reflected in Vault only upon the subsequent login or renewal operation.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst group = new vault.identity.Group(\"group\", {\n type: \"external\",\n policies: [\"test\"],\n});\nconst github = new vault.AuthBackend(\"github\", {\n type: \"github\",\n path: \"github\",\n});\nconst group_alias = new vault.identity.GroupAlias(\"group-alias\", {\n name: \"Github_Team_Slug\",\n mountAccessor: github.accessor,\n canonicalId: group.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ngroup = vault.identity.Group(\"group\",\n type=\"external\",\n policies=[\"test\"])\ngithub = vault.AuthBackend(\"github\",\n type=\"github\",\n path=\"github\")\ngroup_alias = vault.identity.GroupAlias(\"group-alias\",\n name=\"Github_Team_Slug\",\n mount_accessor=github.accessor,\n canonical_id=group.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @group = new Vault.Identity.Group(\"group\", new()\n {\n Type = \"external\",\n Policies = new[]\n {\n \"test\",\n },\n });\n\n var github = new Vault.AuthBackend(\"github\", new()\n {\n Type = \"github\",\n Path = \"github\",\n });\n\n var group_alias = new Vault.Identity.GroupAlias(\"group-alias\", new()\n {\n Name = \"Github_Team_Slug\",\n MountAccessor = github.Accessor,\n CanonicalId = @group.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tgroup, err := identity.NewGroup(ctx, \"group\", \u0026identity.GroupArgs{\n\t\t\tType: pulumi.String(\"external\"),\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"test\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tgithub, err := vault.NewAuthBackend(ctx, \"github\", \u0026vault.AuthBackendArgs{\n\t\t\tType: pulumi.String(\"github\"),\n\t\t\tPath: pulumi.String(\"github\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewGroupAlias(ctx, \"group-alias\", \u0026identity.GroupAliasArgs{\n\t\t\tName: pulumi.String(\"Github_Team_Slug\"),\n\t\t\tMountAccessor: github.Accessor,\n\t\t\tCanonicalId: group.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.Group;\nimport com.pulumi.vault.identity.GroupArgs;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.identity.GroupAlias;\nimport com.pulumi.vault.identity.GroupAliasArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var group = new Group(\"group\", GroupArgs.builder() \n .type(\"external\")\n .policies(\"test\")\n .build());\n\n var github = new AuthBackend(\"github\", AuthBackendArgs.builder() \n .type(\"github\")\n .path(\"github\")\n .build());\n\n var group_alias = new GroupAlias(\"group-alias\", GroupAliasArgs.builder() \n .name(\"Github_Team_Slug\")\n .mountAccessor(github.accessor())\n .canonicalId(group.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n group:\n type: vault:identity:Group\n properties:\n type: external\n policies:\n - test\n github:\n type: vault:AuthBackend\n properties:\n type: github\n path: github\n group-alias:\n type: vault:identity:GroupAlias\n properties:\n name: Github_Team_Slug\n mountAccessor: ${github.accessor}\n canonicalId: ${group.id}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nThe group alias can be imported with the group alias `id`, for example\n\n```sh\n $ pulumi import vault:identity/groupAlias:GroupAlias group-alias id\n```\n\n Group aliases can also be imported using the UUID of the alias record, e.g.\n\n```sh\n $ pulumi import vault:identity/groupAlias:GroupAlias alias_name 63104e20-88e4-11eb-8d04-cf7ac9d60157\n```\n\n ", "properties": { "canonicalId": { "type": "string", @@ -15600,11 +12729,11 @@ } }, "vault:identity/groupMemberEntityIds:GroupMemberEntityIds": { - "description": "Manages member entities for an Identity Group for Vault. The [Identity secrets engine](https://www.vaultproject.io/docs/secrets/identity/index.html) is the identity management solution for Vault.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Exclusive Member Entities\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst internal = new vault.identity.Group(\"internal\", {\n type: \"internal\",\n externalMemberEntityIds: true,\n metadata: {\n version: \"2\",\n },\n});\nconst user = new vault.identity.Entity(\"user\", {});\nconst members = new vault.identity.GroupMemberEntityIds(\"members\", {\n exclusive: true,\n memberEntityIds: [user.id],\n groupId: internal.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ninternal = vault.identity.Group(\"internal\",\n type=\"internal\",\n external_member_entity_ids=True,\n metadata={\n \"version\": \"2\",\n })\nuser = vault.identity.Entity(\"user\")\nmembers = vault.identity.GroupMemberEntityIds(\"members\",\n exclusive=True,\n member_entity_ids=[user.id],\n group_id=internal.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @internal = new Vault.Identity.Group(\"internal\", new()\n {\n Type = \"internal\",\n ExternalMemberEntityIds = true,\n Metadata = \n {\n { \"version\", \"2\" },\n },\n });\n\n var user = new Vault.Identity.Entity(\"user\");\n\n var members = new Vault.Identity.GroupMemberEntityIds(\"members\", new()\n {\n Exclusive = true,\n MemberEntityIds = new[]\n {\n user.Id,\n },\n GroupId = @internal.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinternal, err := identity.NewGroup(ctx, \"internal\", \u0026identity.GroupArgs{\n\t\t\tType: pulumi.String(\"internal\"),\n\t\t\tExternalMemberEntityIds: pulumi.Bool(true),\n\t\t\tMetadata: pulumi.StringMap{\n\t\t\t\t\"version\": pulumi.String(\"2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tuser, err := identity.NewEntity(ctx, \"user\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewGroupMemberEntityIds(ctx, \"members\", \u0026identity.GroupMemberEntityIdsArgs{\n\t\t\tExclusive: pulumi.Bool(true),\n\t\t\tMemberEntityIds: pulumi.StringArray{\n\t\t\t\tuser.ID(),\n\t\t\t},\n\t\t\tGroupId: internal.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.Group;\nimport com.pulumi.vault.identity.GroupArgs;\nimport com.pulumi.vault.identity.Entity;\nimport com.pulumi.vault.identity.GroupMemberEntityIds;\nimport com.pulumi.vault.identity.GroupMemberEntityIdsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var internal = new Group(\"internal\", GroupArgs.builder() \n .type(\"internal\")\n .externalMemberEntityIds(true)\n .metadata(Map.of(\"version\", \"2\"))\n .build());\n\n var user = new Entity(\"user\");\n\n var members = new GroupMemberEntityIds(\"members\", GroupMemberEntityIdsArgs.builder() \n .exclusive(true)\n .memberEntityIds(user.id())\n .groupId(internal.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n internal:\n type: vault:identity:Group\n properties:\n type: internal\n externalMemberEntityIds: true\n metadata:\n version: 2\n user:\n type: vault:identity:Entity\n members:\n type: vault:identity:GroupMemberEntityIds\n properties:\n exclusive: true\n memberEntityIds:\n - ${user.id}\n groupId: ${internal.id}\n```\n{{% /example %}}\n{{% example %}}\n### Non-exclusive Member Entities\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst internal = new vault.identity.Group(\"internal\", {\n type: \"internal\",\n externalMemberEntityIds: true,\n metadata: {\n version: \"2\",\n },\n});\nconst testUser = new vault.identity.Entity(\"testUser\", {});\nconst secondTestUser = new vault.identity.Entity(\"secondTestUser\", {});\nconst devUser = new vault.identity.Entity(\"devUser\", {});\nconst test = new vault.identity.GroupMemberEntityIds(\"test\", {\n memberEntityIds: [\n testUser.id,\n secondTestUser.id,\n ],\n exclusive: false,\n groupId: internal.id,\n});\nconst others = new vault.identity.GroupMemberEntityIds(\"others\", {\n memberEntityIds: [devUser.id],\n exclusive: false,\n groupId: internal.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ninternal = vault.identity.Group(\"internal\",\n type=\"internal\",\n external_member_entity_ids=True,\n metadata={\n \"version\": \"2\",\n })\ntest_user = vault.identity.Entity(\"testUser\")\nsecond_test_user = vault.identity.Entity(\"secondTestUser\")\ndev_user = vault.identity.Entity(\"devUser\")\ntest = vault.identity.GroupMemberEntityIds(\"test\",\n member_entity_ids=[\n test_user.id,\n second_test_user.id,\n ],\n exclusive=False,\n group_id=internal.id)\nothers = vault.identity.GroupMemberEntityIds(\"others\",\n member_entity_ids=[dev_user.id],\n exclusive=False,\n group_id=internal.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @internal = new Vault.Identity.Group(\"internal\", new()\n {\n Type = \"internal\",\n ExternalMemberEntityIds = true,\n Metadata = \n {\n { \"version\", \"2\" },\n },\n });\n\n var testUser = new Vault.Identity.Entity(\"testUser\");\n\n var secondTestUser = new Vault.Identity.Entity(\"secondTestUser\");\n\n var devUser = new Vault.Identity.Entity(\"devUser\");\n\n var test = new Vault.Identity.GroupMemberEntityIds(\"test\", new()\n {\n MemberEntityIds = new[]\n {\n testUser.Id,\n secondTestUser.Id,\n },\n Exclusive = false,\n GroupId = @internal.Id,\n });\n\n var others = new Vault.Identity.GroupMemberEntityIds(\"others\", new()\n {\n MemberEntityIds = new[]\n {\n devUser.Id,\n },\n Exclusive = false,\n GroupId = @internal.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinternal, err := identity.NewGroup(ctx, \"internal\", \u0026identity.GroupArgs{\n\t\t\tType: pulumi.String(\"internal\"),\n\t\t\tExternalMemberEntityIds: pulumi.Bool(true),\n\t\t\tMetadata: pulumi.StringMap{\n\t\t\t\t\"version\": pulumi.String(\"2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestUser, err := identity.NewEntity(ctx, \"testUser\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecondTestUser, err := identity.NewEntity(ctx, \"secondTestUser\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdevUser, err := identity.NewEntity(ctx, \"devUser\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewGroupMemberEntityIds(ctx, \"test\", \u0026identity.GroupMemberEntityIdsArgs{\n\t\t\tMemberEntityIds: pulumi.StringArray{\n\t\t\t\ttestUser.ID(),\n\t\t\t\tsecondTestUser.ID(),\n\t\t\t},\n\t\t\tExclusive: pulumi.Bool(false),\n\t\t\tGroupId: internal.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewGroupMemberEntityIds(ctx, \"others\", \u0026identity.GroupMemberEntityIdsArgs{\n\t\t\tMemberEntityIds: pulumi.StringArray{\n\t\t\t\tdevUser.ID(),\n\t\t\t},\n\t\t\tExclusive: pulumi.Bool(false),\n\t\t\tGroupId: internal.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.Group;\nimport com.pulumi.vault.identity.GroupArgs;\nimport com.pulumi.vault.identity.Entity;\nimport com.pulumi.vault.identity.GroupMemberEntityIds;\nimport com.pulumi.vault.identity.GroupMemberEntityIdsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var internal = new Group(\"internal\", GroupArgs.builder() \n .type(\"internal\")\n .externalMemberEntityIds(true)\n .metadata(Map.of(\"version\", \"2\"))\n .build());\n\n var testUser = new Entity(\"testUser\");\n\n var secondTestUser = new Entity(\"secondTestUser\");\n\n var devUser = new Entity(\"devUser\");\n\n var test = new GroupMemberEntityIds(\"test\", GroupMemberEntityIdsArgs.builder() \n .memberEntityIds( \n testUser.id(),\n secondTestUser.id())\n .exclusive(false)\n .groupId(internal.id())\n .build());\n\n var others = new GroupMemberEntityIds(\"others\", GroupMemberEntityIdsArgs.builder() \n .memberEntityIds(devUser.id())\n .exclusive(false)\n .groupId(internal.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n internal:\n type: vault:identity:Group\n properties:\n type: internal\n externalMemberEntityIds: true\n metadata:\n version: 2\n testUser:\n type: vault:identity:Entity\n secondTestUser:\n type: vault:identity:Entity\n devUser:\n type: vault:identity:Entity\n test:\n type: vault:identity:GroupMemberEntityIds\n properties:\n memberEntityIds:\n - ${testUser.id}\n - ${secondTestUser.id}\n exclusive: false\n groupId: ${internal.id}\n others:\n type: vault:identity:GroupMemberEntityIds\n properties:\n memberEntityIds:\n - ${devUser.id}\n exclusive: false\n groupId: ${internal.id}\n```\n{{% /example %}}\n{{% /examples %}}", + "description": "Manages member entities for an Identity Group for Vault. The [Identity secrets engine](https://www.vaultproject.io/docs/secrets/identity/index.html) is the identity management solution for Vault.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Exclusive Member Entities\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst internal = new vault.identity.Group(\"internal\", {\n type: \"internal\",\n externalMemberEntityIds: true,\n metadata: {\n version: \"2\",\n },\n});\nconst user = new vault.identity.Entity(\"user\", {});\nconst members = new vault.identity.GroupMemberEntityIds(\"members\", {\n exclusive: true,\n memberEntityIds: [user.id],\n groupId: internal.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ninternal = vault.identity.Group(\"internal\",\n type=\"internal\",\n external_member_entity_ids=True,\n metadata={\n \"version\": \"2\",\n })\nuser = vault.identity.Entity(\"user\")\nmembers = vault.identity.GroupMemberEntityIds(\"members\",\n exclusive=True,\n member_entity_ids=[user.id],\n group_id=internal.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @internal = new Vault.Identity.Group(\"internal\", new()\n {\n Type = \"internal\",\n ExternalMemberEntityIds = true,\n Metadata = \n {\n { \"version\", \"2\" },\n },\n });\n\n var user = new Vault.Identity.Entity(\"user\");\n\n var members = new Vault.Identity.GroupMemberEntityIds(\"members\", new()\n {\n Exclusive = true,\n MemberEntityIds = new[]\n {\n user.Id,\n },\n GroupId = @internal.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinternal, err := identity.NewGroup(ctx, \"internal\", \u0026identity.GroupArgs{\n\t\t\tType: pulumi.String(\"internal\"),\n\t\t\tExternalMemberEntityIds: pulumi.Bool(true),\n\t\t\tMetadata: pulumi.StringMap{\n\t\t\t\t\"version\": pulumi.String(\"2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tuser, err := identity.NewEntity(ctx, \"user\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewGroupMemberEntityIds(ctx, \"members\", \u0026identity.GroupMemberEntityIdsArgs{\n\t\t\tExclusive: pulumi.Bool(true),\n\t\t\tMemberEntityIds: pulumi.StringArray{\n\t\t\t\tuser.ID(),\n\t\t\t},\n\t\t\tGroupId: internal.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.Group;\nimport com.pulumi.vault.identity.GroupArgs;\nimport com.pulumi.vault.identity.Entity;\nimport com.pulumi.vault.identity.GroupMemberEntityIds;\nimport com.pulumi.vault.identity.GroupMemberEntityIdsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var internal = new Group(\"internal\", GroupArgs.builder() \n .type(\"internal\")\n .externalMemberEntityIds(true)\n .metadata(Map.of(\"version\", \"2\"))\n .build());\n\n var user = new Entity(\"user\");\n\n var members = new GroupMemberEntityIds(\"members\", GroupMemberEntityIdsArgs.builder() \n .exclusive(true)\n .memberEntityIds(user.id())\n .groupId(internal.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n internal:\n type: vault:identity:Group\n properties:\n type: internal\n externalMemberEntityIds: true\n metadata:\n version: '2'\n user:\n type: vault:identity:Entity\n members:\n type: vault:identity:GroupMemberEntityIds\n properties:\n exclusive: true\n memberEntityIds:\n - ${user.id}\n groupId: ${internal.id}\n```\n{{% /example %}}\n{{% example %}}\n### Non-exclusive Member Entities\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst internal = new vault.identity.Group(\"internal\", {\n type: \"internal\",\n externalMemberEntityIds: true,\n metadata: {\n version: \"2\",\n },\n});\nconst testUser = new vault.identity.Entity(\"testUser\", {});\nconst secondTestUser = new vault.identity.Entity(\"secondTestUser\", {});\nconst devUser = new vault.identity.Entity(\"devUser\", {});\nconst test = new vault.identity.GroupMemberEntityIds(\"test\", {\n memberEntityIds: [\n testUser.id,\n secondTestUser.id,\n ],\n exclusive: false,\n groupId: internal.id,\n});\nconst others = new vault.identity.GroupMemberEntityIds(\"others\", {\n memberEntityIds: [devUser.id],\n exclusive: false,\n groupId: internal.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ninternal = vault.identity.Group(\"internal\",\n type=\"internal\",\n external_member_entity_ids=True,\n metadata={\n \"version\": \"2\",\n })\ntest_user = vault.identity.Entity(\"testUser\")\nsecond_test_user = vault.identity.Entity(\"secondTestUser\")\ndev_user = vault.identity.Entity(\"devUser\")\ntest = vault.identity.GroupMemberEntityIds(\"test\",\n member_entity_ids=[\n test_user.id,\n second_test_user.id,\n ],\n exclusive=False,\n group_id=internal.id)\nothers = vault.identity.GroupMemberEntityIds(\"others\",\n member_entity_ids=[dev_user.id],\n exclusive=False,\n group_id=internal.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @internal = new Vault.Identity.Group(\"internal\", new()\n {\n Type = \"internal\",\n ExternalMemberEntityIds = true,\n Metadata = \n {\n { \"version\", \"2\" },\n },\n });\n\n var testUser = new Vault.Identity.Entity(\"testUser\");\n\n var secondTestUser = new Vault.Identity.Entity(\"secondTestUser\");\n\n var devUser = new Vault.Identity.Entity(\"devUser\");\n\n var test = new Vault.Identity.GroupMemberEntityIds(\"test\", new()\n {\n MemberEntityIds = new[]\n {\n testUser.Id,\n secondTestUser.Id,\n },\n Exclusive = false,\n GroupId = @internal.Id,\n });\n\n var others = new Vault.Identity.GroupMemberEntityIds(\"others\", new()\n {\n MemberEntityIds = new[]\n {\n devUser.Id,\n },\n Exclusive = false,\n GroupId = @internal.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinternal, err := identity.NewGroup(ctx, \"internal\", \u0026identity.GroupArgs{\n\t\t\tType: pulumi.String(\"internal\"),\n\t\t\tExternalMemberEntityIds: pulumi.Bool(true),\n\t\t\tMetadata: pulumi.StringMap{\n\t\t\t\t\"version\": pulumi.String(\"2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestUser, err := identity.NewEntity(ctx, \"testUser\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecondTestUser, err := identity.NewEntity(ctx, \"secondTestUser\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdevUser, err := identity.NewEntity(ctx, \"devUser\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewGroupMemberEntityIds(ctx, \"test\", \u0026identity.GroupMemberEntityIdsArgs{\n\t\t\tMemberEntityIds: pulumi.StringArray{\n\t\t\t\ttestUser.ID(),\n\t\t\t\tsecondTestUser.ID(),\n\t\t\t},\n\t\t\tExclusive: pulumi.Bool(false),\n\t\t\tGroupId: internal.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewGroupMemberEntityIds(ctx, \"others\", \u0026identity.GroupMemberEntityIdsArgs{\n\t\t\tMemberEntityIds: pulumi.StringArray{\n\t\t\t\tdevUser.ID(),\n\t\t\t},\n\t\t\tExclusive: pulumi.Bool(false),\n\t\t\tGroupId: internal.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.Group;\nimport com.pulumi.vault.identity.GroupArgs;\nimport com.pulumi.vault.identity.Entity;\nimport com.pulumi.vault.identity.GroupMemberEntityIds;\nimport com.pulumi.vault.identity.GroupMemberEntityIdsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var internal = new Group(\"internal\", GroupArgs.builder() \n .type(\"internal\")\n .externalMemberEntityIds(true)\n .metadata(Map.of(\"version\", \"2\"))\n .build());\n\n var testUser = new Entity(\"testUser\");\n\n var secondTestUser = new Entity(\"secondTestUser\");\n\n var devUser = new Entity(\"devUser\");\n\n var test = new GroupMemberEntityIds(\"test\", GroupMemberEntityIdsArgs.builder() \n .memberEntityIds( \n testUser.id(),\n secondTestUser.id())\n .exclusive(false)\n .groupId(internal.id())\n .build());\n\n var others = new GroupMemberEntityIds(\"others\", GroupMemberEntityIdsArgs.builder() \n .memberEntityIds(devUser.id())\n .exclusive(false)\n .groupId(internal.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n internal:\n type: vault:identity:Group\n properties:\n type: internal\n externalMemberEntityIds: true\n metadata:\n version: '2'\n testUser:\n type: vault:identity:Entity\n secondTestUser:\n type: vault:identity:Entity\n devUser:\n type: vault:identity:Entity\n test:\n type: vault:identity:GroupMemberEntityIds\n properties:\n memberEntityIds:\n - ${testUser.id}\n - ${secondTestUser.id}\n exclusive: false\n groupId: ${internal.id}\n others:\n type: vault:identity:GroupMemberEntityIds\n properties:\n memberEntityIds:\n - ${devUser.id}\n exclusive: false\n groupId: ${internal.id}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "exclusive": { "type": "boolean", - "description": "Defaults to `true`.\n" + "description": "Defaults to `true`.\n\nIf `true`, this resource will take exclusive control of the member entities that belong to the group and will set it equal to what is specified in the resource.\n\nIf set to `false`, this resource will simply ensure that the member entities specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member entities specified in the resource are removed.\n" }, "groupId": { "type": "string", @@ -15634,7 +12763,7 @@ "inputProperties": { "exclusive": { "type": "boolean", - "description": "Defaults to `true`.\n" + "description": "Defaults to `true`.\n\nIf `true`, this resource will take exclusive control of the member entities that belong to the group and will set it equal to what is specified in the resource.\n\nIf set to `false`, this resource will simply ensure that the member entities specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member entities specified in the resource are removed.\n" }, "groupId": { "type": "string", @@ -15662,7 +12791,7 @@ "properties": { "exclusive": { "type": "boolean", - "description": "Defaults to `true`.\n" + "description": "Defaults to `true`.\n\nIf `true`, this resource will take exclusive control of the member entities that belong to the group and will set it equal to what is specified in the resource.\n\nIf set to `false`, this resource will simply ensure that the member entities specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member entities specified in the resource are removed.\n" }, "groupId": { "type": "string", @@ -15691,11 +12820,11 @@ } }, "vault:identity/groupMemberGroupIds:GroupMemberGroupIds": { - "description": "Manages member groups for an Identity Group for Vault. The\n[Identity secrets engine](https://www.vaultproject.io/docs/secrets/identity/index.html)\nis the identity management solution for Vault.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Exclusive Member Groups\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst internal = new vault.identity.Group(\"internal\", {\n type: \"internal\",\n externalMemberGroupIds: true,\n metadata: {\n version: \"2\",\n },\n});\nconst users = new vault.identity.Group(\"users\", {metadata: {\n version: \"2\",\n}});\nconst members = new vault.identity.GroupMemberGroupIds(\"members\", {\n exclusive: true,\n memberGroupIds: [users.id],\n groupId: internal.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ninternal = vault.identity.Group(\"internal\",\n type=\"internal\",\n external_member_group_ids=True,\n metadata={\n \"version\": \"2\",\n })\nusers = vault.identity.Group(\"users\", metadata={\n \"version\": \"2\",\n})\nmembers = vault.identity.GroupMemberGroupIds(\"members\",\n exclusive=True,\n member_group_ids=[users.id],\n group_id=internal.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @internal = new Vault.Identity.Group(\"internal\", new()\n {\n Type = \"internal\",\n ExternalMemberGroupIds = true,\n Metadata = \n {\n { \"version\", \"2\" },\n },\n });\n\n var users = new Vault.Identity.Group(\"users\", new()\n {\n Metadata = \n {\n { \"version\", \"2\" },\n },\n });\n\n var members = new Vault.Identity.GroupMemberGroupIds(\"members\", new()\n {\n Exclusive = true,\n MemberGroupIds = new[]\n {\n users.Id,\n },\n GroupId = @internal.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinternal, err := identity.NewGroup(ctx, \"internal\", \u0026identity.GroupArgs{\n\t\t\tType: pulumi.String(\"internal\"),\n\t\t\tExternalMemberGroupIds: pulumi.Bool(true),\n\t\t\tMetadata: pulumi.StringMap{\n\t\t\t\t\"version\": pulumi.String(\"2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tusers, err := identity.NewGroup(ctx, \"users\", \u0026identity.GroupArgs{\n\t\t\tMetadata: pulumi.StringMap{\n\t\t\t\t\"version\": pulumi.String(\"2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewGroupMemberGroupIds(ctx, \"members\", \u0026identity.GroupMemberGroupIdsArgs{\n\t\t\tExclusive: pulumi.Bool(true),\n\t\t\tMemberGroupIds: pulumi.StringArray{\n\t\t\t\tusers.ID(),\n\t\t\t},\n\t\t\tGroupId: internal.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.Group;\nimport com.pulumi.vault.identity.GroupArgs;\nimport com.pulumi.vault.identity.GroupMemberGroupIds;\nimport com.pulumi.vault.identity.GroupMemberGroupIdsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var internal = new Group(\"internal\", GroupArgs.builder() \n .type(\"internal\")\n .externalMemberGroupIds(true)\n .metadata(Map.of(\"version\", \"2\"))\n .build());\n\n var users = new Group(\"users\", GroupArgs.builder() \n .metadata(Map.of(\"version\", \"2\"))\n .build());\n\n var members = new GroupMemberGroupIds(\"members\", GroupMemberGroupIdsArgs.builder() \n .exclusive(true)\n .memberGroupIds(users.id())\n .groupId(internal.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n internal:\n type: vault:identity:Group\n properties:\n type: internal\n externalMemberGroupIds: true\n metadata:\n version: 2\n users:\n type: vault:identity:Group\n properties:\n metadata:\n version: 2\n members:\n type: vault:identity:GroupMemberGroupIds\n properties:\n exclusive: true\n memberGroupIds:\n - ${users.id}\n groupId: ${internal.id}\n```\n{{% /example %}}\n{{% example %}}\n### Non-Exclusive Member Groups\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst internal = new vault.identity.Group(\"internal\", {\n type: \"internal\",\n externalMemberGroupIds: true,\n metadata: {\n version: \"2\",\n },\n});\nconst users = new vault.identity.Group(\"users\", {metadata: {\n version: \"2\",\n}});\nconst members = new vault.identity.GroupMemberGroupIds(\"members\", {\n exclusive: false,\n memberGroupIds: [users.id],\n groupId: internal.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ninternal = vault.identity.Group(\"internal\",\n type=\"internal\",\n external_member_group_ids=True,\n metadata={\n \"version\": \"2\",\n })\nusers = vault.identity.Group(\"users\", metadata={\n \"version\": \"2\",\n})\nmembers = vault.identity.GroupMemberGroupIds(\"members\",\n exclusive=False,\n member_group_ids=[users.id],\n group_id=internal.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @internal = new Vault.Identity.Group(\"internal\", new()\n {\n Type = \"internal\",\n ExternalMemberGroupIds = true,\n Metadata = \n {\n { \"version\", \"2\" },\n },\n });\n\n var users = new Vault.Identity.Group(\"users\", new()\n {\n Metadata = \n {\n { \"version\", \"2\" },\n },\n });\n\n var members = new Vault.Identity.GroupMemberGroupIds(\"members\", new()\n {\n Exclusive = false,\n MemberGroupIds = new[]\n {\n users.Id,\n },\n GroupId = @internal.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinternal, err := identity.NewGroup(ctx, \"internal\", \u0026identity.GroupArgs{\n\t\t\tType: pulumi.String(\"internal\"),\n\t\t\tExternalMemberGroupIds: pulumi.Bool(true),\n\t\t\tMetadata: pulumi.StringMap{\n\t\t\t\t\"version\": pulumi.String(\"2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tusers, err := identity.NewGroup(ctx, \"users\", \u0026identity.GroupArgs{\n\t\t\tMetadata: pulumi.StringMap{\n\t\t\t\t\"version\": pulumi.String(\"2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewGroupMemberGroupIds(ctx, \"members\", \u0026identity.GroupMemberGroupIdsArgs{\n\t\t\tExclusive: pulumi.Bool(false),\n\t\t\tMemberGroupIds: pulumi.StringArray{\n\t\t\t\tusers.ID(),\n\t\t\t},\n\t\t\tGroupId: internal.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.Group;\nimport com.pulumi.vault.identity.GroupArgs;\nimport com.pulumi.vault.identity.GroupMemberGroupIds;\nimport com.pulumi.vault.identity.GroupMemberGroupIdsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var internal = new Group(\"internal\", GroupArgs.builder() \n .type(\"internal\")\n .externalMemberGroupIds(true)\n .metadata(Map.of(\"version\", \"2\"))\n .build());\n\n var users = new Group(\"users\", GroupArgs.builder() \n .metadata(Map.of(\"version\", \"2\"))\n .build());\n\n var members = new GroupMemberGroupIds(\"members\", GroupMemberGroupIdsArgs.builder() \n .exclusive(false)\n .memberGroupIds(users.id())\n .groupId(internal.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n internal:\n type: vault:identity:Group\n properties:\n type: internal\n externalMemberGroupIds: true\n metadata:\n version: 2\n users:\n type: vault:identity:Group\n properties:\n metadata:\n version: 2\n members:\n type: vault:identity:GroupMemberGroupIds\n properties:\n exclusive: false\n memberGroupIds:\n - ${users.id}\n groupId: ${internal.id}\n```\n{{% /example %}}\n{{% /examples %}}", + "description": "Manages member groups for an Identity Group for Vault. The\n[Identity secrets engine](https://www.vaultproject.io/docs/secrets/identity/index.html)\nis the identity management solution for Vault.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Exclusive Member Groups\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst internal = new vault.identity.Group(\"internal\", {\n type: \"internal\",\n externalMemberGroupIds: true,\n metadata: {\n version: \"2\",\n },\n});\nconst users = new vault.identity.Group(\"users\", {metadata: {\n version: \"2\",\n}});\nconst members = new vault.identity.GroupMemberGroupIds(\"members\", {\n exclusive: true,\n memberGroupIds: [users.id],\n groupId: internal.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ninternal = vault.identity.Group(\"internal\",\n type=\"internal\",\n external_member_group_ids=True,\n metadata={\n \"version\": \"2\",\n })\nusers = vault.identity.Group(\"users\", metadata={\n \"version\": \"2\",\n})\nmembers = vault.identity.GroupMemberGroupIds(\"members\",\n exclusive=True,\n member_group_ids=[users.id],\n group_id=internal.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @internal = new Vault.Identity.Group(\"internal\", new()\n {\n Type = \"internal\",\n ExternalMemberGroupIds = true,\n Metadata = \n {\n { \"version\", \"2\" },\n },\n });\n\n var users = new Vault.Identity.Group(\"users\", new()\n {\n Metadata = \n {\n { \"version\", \"2\" },\n },\n });\n\n var members = new Vault.Identity.GroupMemberGroupIds(\"members\", new()\n {\n Exclusive = true,\n MemberGroupIds = new[]\n {\n users.Id,\n },\n GroupId = @internal.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinternal, err := identity.NewGroup(ctx, \"internal\", \u0026identity.GroupArgs{\n\t\t\tType: pulumi.String(\"internal\"),\n\t\t\tExternalMemberGroupIds: pulumi.Bool(true),\n\t\t\tMetadata: pulumi.StringMap{\n\t\t\t\t\"version\": pulumi.String(\"2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tusers, err := identity.NewGroup(ctx, \"users\", \u0026identity.GroupArgs{\n\t\t\tMetadata: pulumi.StringMap{\n\t\t\t\t\"version\": pulumi.String(\"2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewGroupMemberGroupIds(ctx, \"members\", \u0026identity.GroupMemberGroupIdsArgs{\n\t\t\tExclusive: pulumi.Bool(true),\n\t\t\tMemberGroupIds: pulumi.StringArray{\n\t\t\t\tusers.ID(),\n\t\t\t},\n\t\t\tGroupId: internal.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.Group;\nimport com.pulumi.vault.identity.GroupArgs;\nimport com.pulumi.vault.identity.GroupMemberGroupIds;\nimport com.pulumi.vault.identity.GroupMemberGroupIdsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var internal = new Group(\"internal\", GroupArgs.builder() \n .type(\"internal\")\n .externalMemberGroupIds(true)\n .metadata(Map.of(\"version\", \"2\"))\n .build());\n\n var users = new Group(\"users\", GroupArgs.builder() \n .metadata(Map.of(\"version\", \"2\"))\n .build());\n\n var members = new GroupMemberGroupIds(\"members\", GroupMemberGroupIdsArgs.builder() \n .exclusive(true)\n .memberGroupIds(users.id())\n .groupId(internal.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n internal:\n type: vault:identity:Group\n properties:\n type: internal\n externalMemberGroupIds: true\n metadata:\n version: '2'\n users:\n type: vault:identity:Group\n properties:\n metadata:\n version: '2'\n members:\n type: vault:identity:GroupMemberGroupIds\n properties:\n exclusive: true\n memberGroupIds:\n - ${users.id}\n groupId: ${internal.id}\n```\n{{% /example %}}\n{{% example %}}\n### Non-Exclusive Member Groups\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst internal = new vault.identity.Group(\"internal\", {\n type: \"internal\",\n externalMemberGroupIds: true,\n metadata: {\n version: \"2\",\n },\n});\nconst users = new vault.identity.Group(\"users\", {metadata: {\n version: \"2\",\n}});\nconst members = new vault.identity.GroupMemberGroupIds(\"members\", {\n exclusive: false,\n memberGroupIds: [users.id],\n groupId: internal.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ninternal = vault.identity.Group(\"internal\",\n type=\"internal\",\n external_member_group_ids=True,\n metadata={\n \"version\": \"2\",\n })\nusers = vault.identity.Group(\"users\", metadata={\n \"version\": \"2\",\n})\nmembers = vault.identity.GroupMemberGroupIds(\"members\",\n exclusive=False,\n member_group_ids=[users.id],\n group_id=internal.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @internal = new Vault.Identity.Group(\"internal\", new()\n {\n Type = \"internal\",\n ExternalMemberGroupIds = true,\n Metadata = \n {\n { \"version\", \"2\" },\n },\n });\n\n var users = new Vault.Identity.Group(\"users\", new()\n {\n Metadata = \n {\n { \"version\", \"2\" },\n },\n });\n\n var members = new Vault.Identity.GroupMemberGroupIds(\"members\", new()\n {\n Exclusive = false,\n MemberGroupIds = new[]\n {\n users.Id,\n },\n GroupId = @internal.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinternal, err := identity.NewGroup(ctx, \"internal\", \u0026identity.GroupArgs{\n\t\t\tType: pulumi.String(\"internal\"),\n\t\t\tExternalMemberGroupIds: pulumi.Bool(true),\n\t\t\tMetadata: pulumi.StringMap{\n\t\t\t\t\"version\": pulumi.String(\"2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tusers, err := identity.NewGroup(ctx, \"users\", \u0026identity.GroupArgs{\n\t\t\tMetadata: pulumi.StringMap{\n\t\t\t\t\"version\": pulumi.String(\"2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewGroupMemberGroupIds(ctx, \"members\", \u0026identity.GroupMemberGroupIdsArgs{\n\t\t\tExclusive: pulumi.Bool(false),\n\t\t\tMemberGroupIds: pulumi.StringArray{\n\t\t\t\tusers.ID(),\n\t\t\t},\n\t\t\tGroupId: internal.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.Group;\nimport com.pulumi.vault.identity.GroupArgs;\nimport com.pulumi.vault.identity.GroupMemberGroupIds;\nimport com.pulumi.vault.identity.GroupMemberGroupIdsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var internal = new Group(\"internal\", GroupArgs.builder() \n .type(\"internal\")\n .externalMemberGroupIds(true)\n .metadata(Map.of(\"version\", \"2\"))\n .build());\n\n var users = new Group(\"users\", GroupArgs.builder() \n .metadata(Map.of(\"version\", \"2\"))\n .build());\n\n var members = new GroupMemberGroupIds(\"members\", GroupMemberGroupIdsArgs.builder() \n .exclusive(false)\n .memberGroupIds(users.id())\n .groupId(internal.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n internal:\n type: vault:identity:Group\n properties:\n type: internal\n externalMemberGroupIds: true\n metadata:\n version: '2'\n users:\n type: vault:identity:Group\n properties:\n metadata:\n version: '2'\n members:\n type: vault:identity:GroupMemberGroupIds\n properties:\n exclusive: false\n memberGroupIds:\n - ${users.id}\n groupId: ${internal.id}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "exclusive": { "type": "boolean", - "description": "Defaults to `true`.\n" + "description": "Defaults to `true`.\n\nIf `true`, this resource will take exclusive control of the member groups that belong to the group and will set\nit equal to what is specified in the resource.\n\nIf set to `false`, this resource will simply ensure that the member groups specified in the resource are present\nin the group. When destroying the resource, the resource will ensure that the member groups specified in the resource\nare removed.\n" }, "groupId": { "type": "string", @@ -15719,7 +12848,7 @@ "inputProperties": { "exclusive": { "type": "boolean", - "description": "Defaults to `true`.\n" + "description": "Defaults to `true`.\n\nIf `true`, this resource will take exclusive control of the member groups that belong to the group and will set\nit equal to what is specified in the resource.\n\nIf set to `false`, this resource will simply ensure that the member groups specified in the resource are present\nin the group. When destroying the resource, the resource will ensure that the member groups specified in the resource\nare removed.\n" }, "groupId": { "type": "string", @@ -15747,7 +12876,7 @@ "properties": { "exclusive": { "type": "boolean", - "description": "Defaults to `true`.\n" + "description": "Defaults to `true`.\n\nIf `true`, this resource will take exclusive control of the member groups that belong to the group and will set\nit equal to what is specified in the resource.\n\nIf set to `false`, this resource will simply ensure that the member groups specified in the resource are present\nin the group. When destroying the resource, the resource will ensure that the member groups specified in the resource\nare removed.\n" }, "groupId": { "type": "string", @@ -15771,11 +12900,11 @@ } }, "vault:identity/groupPolicies:GroupPolicies": { - "description": "Manages policies for an Identity Group for Vault. The [Identity secrets engine](https://www.vaultproject.io/docs/secrets/identity/index.html) is the identity management solution for Vault.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Exclusive Policies\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst internal = new vault.identity.Group(\"internal\", {\n type: \"internal\",\n externalPolicies: true,\n metadata: {\n version: \"2\",\n },\n});\nconst policies = new vault.identity.GroupPolicies(\"policies\", {\n policies: [\n \"default\",\n \"test\",\n ],\n exclusive: true,\n groupId: internal.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ninternal = vault.identity.Group(\"internal\",\n type=\"internal\",\n external_policies=True,\n metadata={\n \"version\": \"2\",\n })\npolicies = vault.identity.GroupPolicies(\"policies\",\n policies=[\n \"default\",\n \"test\",\n ],\n exclusive=True,\n group_id=internal.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @internal = new Vault.Identity.Group(\"internal\", new()\n {\n Type = \"internal\",\n ExternalPolicies = true,\n Metadata = \n {\n { \"version\", \"2\" },\n },\n });\n\n var policies = new Vault.Identity.GroupPolicies(\"policies\", new()\n {\n Policies = new[]\n {\n \"default\",\n \"test\",\n },\n Exclusive = true,\n GroupId = @internal.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinternal, err := identity.NewGroup(ctx, \"internal\", \u0026identity.GroupArgs{\n\t\t\tType: pulumi.String(\"internal\"),\n\t\t\tExternalPolicies: pulumi.Bool(true),\n\t\t\tMetadata: pulumi.StringMap{\n\t\t\t\t\"version\": pulumi.String(\"2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewGroupPolicies(ctx, \"policies\", \u0026identity.GroupPoliciesArgs{\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"default\"),\n\t\t\t\tpulumi.String(\"test\"),\n\t\t\t},\n\t\t\tExclusive: pulumi.Bool(true),\n\t\t\tGroupId: internal.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.Group;\nimport com.pulumi.vault.identity.GroupArgs;\nimport com.pulumi.vault.identity.GroupPolicies;\nimport com.pulumi.vault.identity.GroupPoliciesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var internal = new Group(\"internal\", GroupArgs.builder() \n .type(\"internal\")\n .externalPolicies(true)\n .metadata(Map.of(\"version\", \"2\"))\n .build());\n\n var policies = new GroupPolicies(\"policies\", GroupPoliciesArgs.builder() \n .policies( \n \"default\",\n \"test\")\n .exclusive(true)\n .groupId(internal.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n internal:\n type: vault:identity:Group\n properties:\n type: internal\n externalPolicies: true\n metadata:\n version: 2\n policies:\n type: vault:identity:GroupPolicies\n properties:\n policies:\n - default\n - test\n exclusive: true\n groupId: ${internal.id}\n```\n{{% /example %}}\n{{% example %}}\n### Non-exclusive Policies\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst internal = new vault.identity.Group(\"internal\", {\n type: \"internal\",\n externalPolicies: true,\n metadata: {\n version: \"2\",\n },\n});\nconst _default = new vault.identity.GroupPolicies(\"default\", {\n policies: [\n \"default\",\n \"test\",\n ],\n exclusive: false,\n groupId: internal.id,\n});\nconst others = new vault.identity.GroupPolicies(\"others\", {\n policies: [\"others\"],\n exclusive: false,\n groupId: internal.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ninternal = vault.identity.Group(\"internal\",\n type=\"internal\",\n external_policies=True,\n metadata={\n \"version\": \"2\",\n })\ndefault = vault.identity.GroupPolicies(\"default\",\n policies=[\n \"default\",\n \"test\",\n ],\n exclusive=False,\n group_id=internal.id)\nothers = vault.identity.GroupPolicies(\"others\",\n policies=[\"others\"],\n exclusive=False,\n group_id=internal.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @internal = new Vault.Identity.Group(\"internal\", new()\n {\n Type = \"internal\",\n ExternalPolicies = true,\n Metadata = \n {\n { \"version\", \"2\" },\n },\n });\n\n var @default = new Vault.Identity.GroupPolicies(\"default\", new()\n {\n Policies = new[]\n {\n \"default\",\n \"test\",\n },\n Exclusive = false,\n GroupId = @internal.Id,\n });\n\n var others = new Vault.Identity.GroupPolicies(\"others\", new()\n {\n Policies = new[]\n {\n \"others\",\n },\n Exclusive = false,\n GroupId = @internal.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinternal, err := identity.NewGroup(ctx, \"internal\", \u0026identity.GroupArgs{\n\t\t\tType: pulumi.String(\"internal\"),\n\t\t\tExternalPolicies: pulumi.Bool(true),\n\t\t\tMetadata: pulumi.StringMap{\n\t\t\t\t\"version\": pulumi.String(\"2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewGroupPolicies(ctx, \"default\", \u0026identity.GroupPoliciesArgs{\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"default\"),\n\t\t\t\tpulumi.String(\"test\"),\n\t\t\t},\n\t\t\tExclusive: pulumi.Bool(false),\n\t\t\tGroupId: internal.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewGroupPolicies(ctx, \"others\", \u0026identity.GroupPoliciesArgs{\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"others\"),\n\t\t\t},\n\t\t\tExclusive: pulumi.Bool(false),\n\t\t\tGroupId: internal.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.Group;\nimport com.pulumi.vault.identity.GroupArgs;\nimport com.pulumi.vault.identity.GroupPolicies;\nimport com.pulumi.vault.identity.GroupPoliciesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var internal = new Group(\"internal\", GroupArgs.builder() \n .type(\"internal\")\n .externalPolicies(true)\n .metadata(Map.of(\"version\", \"2\"))\n .build());\n\n var default_ = new GroupPolicies(\"default\", GroupPoliciesArgs.builder() \n .policies( \n \"default\",\n \"test\")\n .exclusive(false)\n .groupId(internal.id())\n .build());\n\n var others = new GroupPolicies(\"others\", GroupPoliciesArgs.builder() \n .policies(\"others\")\n .exclusive(false)\n .groupId(internal.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n internal:\n type: vault:identity:Group\n properties:\n type: internal\n externalPolicies: true\n metadata:\n version: 2\n default:\n type: vault:identity:GroupPolicies\n properties:\n policies:\n - default\n - test\n exclusive: false\n groupId: ${internal.id}\n others:\n type: vault:identity:GroupPolicies\n properties:\n policies:\n - others\n exclusive: false\n groupId: ${internal.id}\n```\n{{% /example %}}\n{{% /examples %}}", + "description": "Manages policies for an Identity Group for Vault. The [Identity secrets engine](https://www.vaultproject.io/docs/secrets/identity/index.html) is the identity management solution for Vault.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n### Exclusive Policies\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst internal = new vault.identity.Group(\"internal\", {\n type: \"internal\",\n externalPolicies: true,\n metadata: {\n version: \"2\",\n },\n});\nconst policies = new vault.identity.GroupPolicies(\"policies\", {\n policies: [\n \"default\",\n \"test\",\n ],\n exclusive: true,\n groupId: internal.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ninternal = vault.identity.Group(\"internal\",\n type=\"internal\",\n external_policies=True,\n metadata={\n \"version\": \"2\",\n })\npolicies = vault.identity.GroupPolicies(\"policies\",\n policies=[\n \"default\",\n \"test\",\n ],\n exclusive=True,\n group_id=internal.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @internal = new Vault.Identity.Group(\"internal\", new()\n {\n Type = \"internal\",\n ExternalPolicies = true,\n Metadata = \n {\n { \"version\", \"2\" },\n },\n });\n\n var policies = new Vault.Identity.GroupPolicies(\"policies\", new()\n {\n Policies = new[]\n {\n \"default\",\n \"test\",\n },\n Exclusive = true,\n GroupId = @internal.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinternal, err := identity.NewGroup(ctx, \"internal\", \u0026identity.GroupArgs{\n\t\t\tType: pulumi.String(\"internal\"),\n\t\t\tExternalPolicies: pulumi.Bool(true),\n\t\t\tMetadata: pulumi.StringMap{\n\t\t\t\t\"version\": pulumi.String(\"2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewGroupPolicies(ctx, \"policies\", \u0026identity.GroupPoliciesArgs{\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"default\"),\n\t\t\t\tpulumi.String(\"test\"),\n\t\t\t},\n\t\t\tExclusive: pulumi.Bool(true),\n\t\t\tGroupId: internal.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.Group;\nimport com.pulumi.vault.identity.GroupArgs;\nimport com.pulumi.vault.identity.GroupPolicies;\nimport com.pulumi.vault.identity.GroupPoliciesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var internal = new Group(\"internal\", GroupArgs.builder() \n .type(\"internal\")\n .externalPolicies(true)\n .metadata(Map.of(\"version\", \"2\"))\n .build());\n\n var policies = new GroupPolicies(\"policies\", GroupPoliciesArgs.builder() \n .policies( \n \"default\",\n \"test\")\n .exclusive(true)\n .groupId(internal.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n internal:\n type: vault:identity:Group\n properties:\n type: internal\n externalPolicies: true\n metadata:\n version: '2'\n policies:\n type: vault:identity:GroupPolicies\n properties:\n policies:\n - default\n - test\n exclusive: true\n groupId: ${internal.id}\n```\n{{% /example %}}\n{{% example %}}\n### Non-exclusive Policies\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst internal = new vault.identity.Group(\"internal\", {\n type: \"internal\",\n externalPolicies: true,\n metadata: {\n version: \"2\",\n },\n});\nconst _default = new vault.identity.GroupPolicies(\"default\", {\n policies: [\n \"default\",\n \"test\",\n ],\n exclusive: false,\n groupId: internal.id,\n});\nconst others = new vault.identity.GroupPolicies(\"others\", {\n policies: [\"others\"],\n exclusive: false,\n groupId: internal.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ninternal = vault.identity.Group(\"internal\",\n type=\"internal\",\n external_policies=True,\n metadata={\n \"version\": \"2\",\n })\ndefault = vault.identity.GroupPolicies(\"default\",\n policies=[\n \"default\",\n \"test\",\n ],\n exclusive=False,\n group_id=internal.id)\nothers = vault.identity.GroupPolicies(\"others\",\n policies=[\"others\"],\n exclusive=False,\n group_id=internal.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @internal = new Vault.Identity.Group(\"internal\", new()\n {\n Type = \"internal\",\n ExternalPolicies = true,\n Metadata = \n {\n { \"version\", \"2\" },\n },\n });\n\n var @default = new Vault.Identity.GroupPolicies(\"default\", new()\n {\n Policies = new[]\n {\n \"default\",\n \"test\",\n },\n Exclusive = false,\n GroupId = @internal.Id,\n });\n\n var others = new Vault.Identity.GroupPolicies(\"others\", new()\n {\n Policies = new[]\n {\n \"others\",\n },\n Exclusive = false,\n GroupId = @internal.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinternal, err := identity.NewGroup(ctx, \"internal\", \u0026identity.GroupArgs{\n\t\t\tType: pulumi.String(\"internal\"),\n\t\t\tExternalPolicies: pulumi.Bool(true),\n\t\t\tMetadata: pulumi.StringMap{\n\t\t\t\t\"version\": pulumi.String(\"2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewGroupPolicies(ctx, \"default\", \u0026identity.GroupPoliciesArgs{\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"default\"),\n\t\t\t\tpulumi.String(\"test\"),\n\t\t\t},\n\t\t\tExclusive: pulumi.Bool(false),\n\t\t\tGroupId: internal.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewGroupPolicies(ctx, \"others\", \u0026identity.GroupPoliciesArgs{\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"others\"),\n\t\t\t},\n\t\t\tExclusive: pulumi.Bool(false),\n\t\t\tGroupId: internal.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.Group;\nimport com.pulumi.vault.identity.GroupArgs;\nimport com.pulumi.vault.identity.GroupPolicies;\nimport com.pulumi.vault.identity.GroupPoliciesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var internal = new Group(\"internal\", GroupArgs.builder() \n .type(\"internal\")\n .externalPolicies(true)\n .metadata(Map.of(\"version\", \"2\"))\n .build());\n\n var default_ = new GroupPolicies(\"default\", GroupPoliciesArgs.builder() \n .policies( \n \"default\",\n \"test\")\n .exclusive(false)\n .groupId(internal.id())\n .build());\n\n var others = new GroupPolicies(\"others\", GroupPoliciesArgs.builder() \n .policies(\"others\")\n .exclusive(false)\n .groupId(internal.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n internal:\n type: vault:identity:Group\n properties:\n type: internal\n externalPolicies: true\n metadata:\n version: '2'\n default:\n type: vault:identity:GroupPolicies\n properties:\n policies:\n - default\n - test\n exclusive: false\n groupId: ${internal.id}\n others:\n type: vault:identity:GroupPolicies\n properties:\n policies:\n - others\n exclusive: false\n groupId: ${internal.id}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "exclusive": { "type": "boolean", - "description": "Defaults to `true`.\n" + "description": "Defaults to `true`.\n\nIf `true`, this resource will take exclusive control of the policies assigned to the group and will set it equal to what is specified in the resource.\n\nIf set to `false`, this resource will simply ensure that the policies specified in the resource are present in the group. When destroying the resource, the resource will ensure that the policies specified in the resource are removed.\n" }, "groupId": { "type": "string", @@ -15805,7 +12934,7 @@ "inputProperties": { "exclusive": { "type": "boolean", - "description": "Defaults to `true`.\n" + "description": "Defaults to `true`.\n\nIf `true`, this resource will take exclusive control of the policies assigned to the group and will set it equal to what is specified in the resource.\n\nIf set to `false`, this resource will simply ensure that the policies specified in the resource are present in the group. When destroying the resource, the resource will ensure that the policies specified in the resource are removed.\n" }, "groupId": { "type": "string", @@ -15833,7 +12962,7 @@ "properties": { "exclusive": { "type": "boolean", - "description": "Defaults to `true`.\n" + "description": "Defaults to `true`.\n\nIf `true`, this resource will take exclusive control of the policies assigned to the group and will set it equal to what is specified in the resource.\n\nIf set to `false`, this resource will simply ensure that the policies specified in the resource are present in the group. When destroying the resource, the resource will ensure that the policies specified in the resource are removed.\n" }, "groupId": { "type": "string", @@ -15860,7 +12989,7 @@ } }, "vault:identity/mfaDuo:MfaDuo": { - "description": "Resource for configuring the duo MFA method.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst example = new vault.identity.MfaDuo(\"example\", {\n apiHostname: \"api-xxxxxxxx.duosecurity.com\",\n integrationKey: \"secret-int-key\",\n secretKey: \"secret-key\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample = vault.identity.MfaDuo(\"example\",\n api_hostname=\"api-xxxxxxxx.duosecurity.com\",\n integration_key=\"secret-int-key\",\n secret_key=\"secret-key\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Vault.Identity.MfaDuo(\"example\", new()\n {\n ApiHostname = \"api-xxxxxxxx.duosecurity.com\",\n IntegrationKey = \"secret-int-key\",\n SecretKey = \"secret-key\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := identity.NewMfaDuo(ctx, \"example\", \u0026identity.MfaDuoArgs{\n\t\t\tApiHostname: pulumi.String(\"api-xxxxxxxx.duosecurity.com\"),\n\t\t\tIntegrationKey: pulumi.String(\"secret-int-key\"),\n\t\t\tSecretKey: pulumi.String(\"secret-key\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.MfaDuo;\nimport com.pulumi.vault.identity.MfaDuoArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new MfaDuo(\"example\", MfaDuoArgs.builder() \n .apiHostname(\"api-xxxxxxxx.duosecurity.com\")\n .integrationKey(\"secret-int-key\")\n .secretKey(\"secret-key\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: vault:identity:MfaDuo\n properties:\n apiHostname: api-xxxxxxxx.duosecurity.com\n integrationKey: secret-int-key\n secretKey: secret-key\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nResource can be imported using its `uuid` field, e.g.\n\n```sh\n $ pulumi import vault:identity/mfaDuo:MfaDuo example 0d89c36a-4ff5-4d70-8749-bb6a5598aeec\n```\n\n ", + "description": "Resource for configuring the duo MFA method.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst example = new vault.identity.MfaDuo(\"example\", {\n apiHostname: \"api-xxxxxxxx.duosecurity.com\",\n integrationKey: \"secret-int-key\",\n secretKey: \"secret-key\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample = vault.identity.MfaDuo(\"example\",\n api_hostname=\"api-xxxxxxxx.duosecurity.com\",\n integration_key=\"secret-int-key\",\n secret_key=\"secret-key\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Vault.Identity.MfaDuo(\"example\", new()\n {\n ApiHostname = \"api-xxxxxxxx.duosecurity.com\",\n IntegrationKey = \"secret-int-key\",\n SecretKey = \"secret-key\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := identity.NewMfaDuo(ctx, \"example\", \u0026identity.MfaDuoArgs{\n\t\t\tApiHostname: pulumi.String(\"api-xxxxxxxx.duosecurity.com\"),\n\t\t\tIntegrationKey: pulumi.String(\"secret-int-key\"),\n\t\t\tSecretKey: pulumi.String(\"secret-key\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.MfaDuo;\nimport com.pulumi.vault.identity.MfaDuoArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new MfaDuo(\"example\", MfaDuoArgs.builder() \n .apiHostname(\"api-xxxxxxxx.duosecurity.com\")\n .integrationKey(\"secret-int-key\")\n .secretKey(\"secret-key\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: vault:identity:MfaDuo\n properties:\n apiHostname: api-xxxxxxxx.duosecurity.com\n integrationKey: secret-int-key\n secretKey: secret-key\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nResource can be imported using its `uuid` field, e.g.\n\n```sh\n $ pulumi import vault:identity/mfaDuo:MfaDuo example 0d89c36a-4ff5-4d70-8749-bb6a5598aeec\n```\n ", "properties": { "apiHostname": { "type": "string", @@ -16038,7 +13167,7 @@ } }, "vault:identity/mfaLoginEnforcement:MfaLoginEnforcement": { - "description": "Resource for configuring MFA login-enforcement\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst exampleMfaDuo = new vault.identity.MfaDuo(\"exampleMfaDuo\", {\n secretKey: \"secret-key\",\n integrationKey: \"int-key\",\n apiHostname: \"foo.baz\",\n pushInfo: \"push-info\",\n});\nconst exampleMfaLoginEnforcement = new vault.identity.MfaLoginEnforcement(\"exampleMfaLoginEnforcement\", {mfaMethodIds: [exampleMfaDuo.methodId]});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample_mfa_duo = vault.identity.MfaDuo(\"exampleMfaDuo\",\n secret_key=\"secret-key\",\n integration_key=\"int-key\",\n api_hostname=\"foo.baz\",\n push_info=\"push-info\")\nexample_mfa_login_enforcement = vault.identity.MfaLoginEnforcement(\"exampleMfaLoginEnforcement\", mfa_method_ids=[example_mfa_duo.method_id])\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleMfaDuo = new Vault.Identity.MfaDuo(\"exampleMfaDuo\", new()\n {\n SecretKey = \"secret-key\",\n IntegrationKey = \"int-key\",\n ApiHostname = \"foo.baz\",\n PushInfo = \"push-info\",\n });\n\n var exampleMfaLoginEnforcement = new Vault.Identity.MfaLoginEnforcement(\"exampleMfaLoginEnforcement\", new()\n {\n MfaMethodIds = new[]\n {\n exampleMfaDuo.MethodId,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleMfaDuo, err := identity.NewMfaDuo(ctx, \"exampleMfaDuo\", \u0026identity.MfaDuoArgs{\n\t\t\tSecretKey: pulumi.String(\"secret-key\"),\n\t\t\tIntegrationKey: pulumi.String(\"int-key\"),\n\t\t\tApiHostname: pulumi.String(\"foo.baz\"),\n\t\t\tPushInfo: pulumi.String(\"push-info\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewMfaLoginEnforcement(ctx, \"exampleMfaLoginEnforcement\", \u0026identity.MfaLoginEnforcementArgs{\n\t\t\tMfaMethodIds: pulumi.StringArray{\n\t\t\t\texampleMfaDuo.MethodId,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.MfaDuo;\nimport com.pulumi.vault.identity.MfaDuoArgs;\nimport com.pulumi.vault.identity.MfaLoginEnforcement;\nimport com.pulumi.vault.identity.MfaLoginEnforcementArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleMfaDuo = new MfaDuo(\"exampleMfaDuo\", MfaDuoArgs.builder() \n .secretKey(\"secret-key\")\n .integrationKey(\"int-key\")\n .apiHostname(\"foo.baz\")\n .pushInfo(\"push-info\")\n .build());\n\n var exampleMfaLoginEnforcement = new MfaLoginEnforcement(\"exampleMfaLoginEnforcement\", MfaLoginEnforcementArgs.builder() \n .mfaMethodIds(exampleMfaDuo.methodId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleMfaDuo:\n type: vault:identity:MfaDuo\n properties:\n secretKey: secret-key\n integrationKey: int-key\n apiHostname: foo.baz\n pushInfo: push-info\n exampleMfaLoginEnforcement:\n type: vault:identity:MfaLoginEnforcement\n properties:\n mfaMethodIds:\n - ${exampleMfaDuo.methodId}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nResource can be imported using its `name` field, e.g.\n\n```sh\n $ pulumi import vault:identity/mfaLoginEnforcement:MfaLoginEnforcement example default\n```\n\n ", + "description": "Resource for configuring MFA login-enforcement\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst exampleMfaDuo = new vault.identity.MfaDuo(\"exampleMfaDuo\", {\n secretKey: \"secret-key\",\n integrationKey: \"int-key\",\n apiHostname: \"foo.baz\",\n pushInfo: \"push-info\",\n});\nconst exampleMfaLoginEnforcement = new vault.identity.MfaLoginEnforcement(\"exampleMfaLoginEnforcement\", {mfaMethodIds: [exampleMfaDuo.methodId]});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample_mfa_duo = vault.identity.MfaDuo(\"exampleMfaDuo\",\n secret_key=\"secret-key\",\n integration_key=\"int-key\",\n api_hostname=\"foo.baz\",\n push_info=\"push-info\")\nexample_mfa_login_enforcement = vault.identity.MfaLoginEnforcement(\"exampleMfaLoginEnforcement\", mfa_method_ids=[example_mfa_duo.method_id])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleMfaDuo = new Vault.Identity.MfaDuo(\"exampleMfaDuo\", new()\n {\n SecretKey = \"secret-key\",\n IntegrationKey = \"int-key\",\n ApiHostname = \"foo.baz\",\n PushInfo = \"push-info\",\n });\n\n var exampleMfaLoginEnforcement = new Vault.Identity.MfaLoginEnforcement(\"exampleMfaLoginEnforcement\", new()\n {\n MfaMethodIds = new[]\n {\n exampleMfaDuo.MethodId,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleMfaDuo, err := identity.NewMfaDuo(ctx, \"exampleMfaDuo\", \u0026identity.MfaDuoArgs{\n\t\t\tSecretKey: pulumi.String(\"secret-key\"),\n\t\t\tIntegrationKey: pulumi.String(\"int-key\"),\n\t\t\tApiHostname: pulumi.String(\"foo.baz\"),\n\t\t\tPushInfo: pulumi.String(\"push-info\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewMfaLoginEnforcement(ctx, \"exampleMfaLoginEnforcement\", \u0026identity.MfaLoginEnforcementArgs{\n\t\t\tMfaMethodIds: pulumi.StringArray{\n\t\t\t\texampleMfaDuo.MethodId,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.MfaDuo;\nimport com.pulumi.vault.identity.MfaDuoArgs;\nimport com.pulumi.vault.identity.MfaLoginEnforcement;\nimport com.pulumi.vault.identity.MfaLoginEnforcementArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleMfaDuo = new MfaDuo(\"exampleMfaDuo\", MfaDuoArgs.builder() \n .secretKey(\"secret-key\")\n .integrationKey(\"int-key\")\n .apiHostname(\"foo.baz\")\n .pushInfo(\"push-info\")\n .build());\n\n var exampleMfaLoginEnforcement = new MfaLoginEnforcement(\"exampleMfaLoginEnforcement\", MfaLoginEnforcementArgs.builder() \n .mfaMethodIds(exampleMfaDuo.methodId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleMfaDuo:\n type: vault:identity:MfaDuo\n properties:\n secretKey: secret-key\n integrationKey: int-key\n apiHostname: foo.baz\n pushInfo: push-info\n exampleMfaLoginEnforcement:\n type: vault:identity:MfaLoginEnforcement\n properties:\n mfaMethodIds:\n - ${exampleMfaDuo.methodId}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nResource can be imported using its `name` field, e.g.\n\n```sh\n $ pulumi import vault:identity/mfaLoginEnforcement:MfaLoginEnforcement example default\n```\n ", "properties": { "authMethodAccessors": { "type": "array", @@ -16219,7 +13348,7 @@ } }, "vault:identity/mfaOkta:MfaOkta": { - "description": "Resource for configuring the okta MFA method.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst example = new vault.identity.MfaOkta(\"example\", {\n apiToken: \"token1\",\n baseUrl: \"qux.baz.com\",\n orgName: \"org1\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample = vault.identity.MfaOkta(\"example\",\n api_token=\"token1\",\n base_url=\"qux.baz.com\",\n org_name=\"org1\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Vault.Identity.MfaOkta(\"example\", new()\n {\n ApiToken = \"token1\",\n BaseUrl = \"qux.baz.com\",\n OrgName = \"org1\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := identity.NewMfaOkta(ctx, \"example\", \u0026identity.MfaOktaArgs{\n\t\t\tApiToken: pulumi.String(\"token1\"),\n\t\t\tBaseUrl: pulumi.String(\"qux.baz.com\"),\n\t\t\tOrgName: pulumi.String(\"org1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.MfaOkta;\nimport com.pulumi.vault.identity.MfaOktaArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new MfaOkta(\"example\", MfaOktaArgs.builder() \n .apiToken(\"token1\")\n .baseUrl(\"qux.baz.com\")\n .orgName(\"org1\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: vault:identity:MfaOkta\n properties:\n apiToken: token1\n baseUrl: qux.baz.com\n orgName: org1\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nResource can be imported using its `uuid` field, e.g.\n\n```sh\n $ pulumi import vault:identity/mfaOkta:MfaOkta example 0d89c36a-4ff5-4d70-8749-bb6a5598aeec\n```\n\n ", + "description": "Resource for configuring the okta MFA method.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst example = new vault.identity.MfaOkta(\"example\", {\n apiToken: \"token1\",\n baseUrl: \"qux.baz.com\",\n orgName: \"org1\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample = vault.identity.MfaOkta(\"example\",\n api_token=\"token1\",\n base_url=\"qux.baz.com\",\n org_name=\"org1\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Vault.Identity.MfaOkta(\"example\", new()\n {\n ApiToken = \"token1\",\n BaseUrl = \"qux.baz.com\",\n OrgName = \"org1\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := identity.NewMfaOkta(ctx, \"example\", \u0026identity.MfaOktaArgs{\n\t\t\tApiToken: pulumi.String(\"token1\"),\n\t\t\tBaseUrl: pulumi.String(\"qux.baz.com\"),\n\t\t\tOrgName: pulumi.String(\"org1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.MfaOkta;\nimport com.pulumi.vault.identity.MfaOktaArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new MfaOkta(\"example\", MfaOktaArgs.builder() \n .apiToken(\"token1\")\n .baseUrl(\"qux.baz.com\")\n .orgName(\"org1\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: vault:identity:MfaOkta\n properties:\n apiToken: token1\n baseUrl: qux.baz.com\n orgName: org1\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nResource can be imported using its `uuid` field, e.g.\n\n```sh\n $ pulumi import vault:identity/mfaOkta:MfaOkta example 0d89c36a-4ff5-4d70-8749-bb6a5598aeec\n```\n ", "properties": { "apiToken": { "type": "string", @@ -16380,7 +13509,7 @@ } }, "vault:identity/mfaPingid:MfaPingid": { - "description": "Resource for configuring the pingid MFA method.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst example = new vault.identity.MfaPingid(\"example\", {\n settingsFileBase64: \"CnVzZV9iYXNlNjR[...]HBtCg==\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample = vault.identity.MfaPingid(\"example\", settings_file_base64=\"CnVzZV9iYXNlNjR[...]HBtCg==\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Vault.Identity.MfaPingid(\"example\", new()\n {\n SettingsFileBase64 = \"CnVzZV9iYXNlNjR[...]HBtCg==\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := identity.NewMfaPingid(ctx, \"example\", \u0026identity.MfaPingidArgs{\n\t\t\tSettingsFileBase64: pulumi.String(\"CnVzZV9iYXNlNjR[...]HBtCg==\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.MfaPingid;\nimport com.pulumi.vault.identity.MfaPingidArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new MfaPingid(\"example\", MfaPingidArgs.builder() \n .settingsFileBase64(\"CnVzZV9iYXNlNjR[...]HBtCg==\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: vault:identity:MfaPingid\n properties:\n settingsFileBase64: CnVzZV9iYXNlNjR[...]HBtCg==\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nResource can be imported using its `uuid` field, e.g.\n\n```sh\n $ pulumi import vault:identity/mfaPingid:MfaPingid example 0d89c36a-4ff5-4d70-8749-bb6a5598aeec\n```\n\n ", + "description": "Resource for configuring the pingid MFA method.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst example = new vault.identity.MfaPingid(\"example\", {settingsFileBase64: \"CnVzZV9iYXNlNjR[...]HBtCg==\"});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample = vault.identity.MfaPingid(\"example\", settings_file_base64=\"CnVzZV9iYXNlNjR[...]HBtCg==\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Vault.Identity.MfaPingid(\"example\", new()\n {\n SettingsFileBase64 = \"CnVzZV9iYXNlNjR[...]HBtCg==\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := identity.NewMfaPingid(ctx, \"example\", \u0026identity.MfaPingidArgs{\n\t\t\tSettingsFileBase64: pulumi.String(\"CnVzZV9iYXNlNjR[...]HBtCg==\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.MfaPingid;\nimport com.pulumi.vault.identity.MfaPingidArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new MfaPingid(\"example\", MfaPingidArgs.builder() \n .settingsFileBase64(\"CnVzZV9iYXNlNjR[...]HBtCg==\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: vault:identity:MfaPingid\n properties:\n settingsFileBase64: CnVzZV9iYXNlNjR[...]HBtCg==\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nResource can be imported using its `uuid` field, e.g.\n\n```sh\n $ pulumi import vault:identity/mfaPingid:MfaPingid example 0d89c36a-4ff5-4d70-8749-bb6a5598aeec\n```\n ", "properties": { "adminUrl": { "type": "string", @@ -16550,7 +13679,7 @@ } }, "vault:identity/mfaTotp:MfaTotp": { - "description": "Resource for configuring the totp MFA method.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst example = new vault.identity.MfaTotp(\"example\", {\n issuer: \"issuer1\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample = vault.identity.MfaTotp(\"example\", issuer=\"issuer1\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Vault.Identity.MfaTotp(\"example\", new()\n {\n Issuer = \"issuer1\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := identity.NewMfaTotp(ctx, \"example\", \u0026identity.MfaTotpArgs{\n\t\t\tIssuer: pulumi.String(\"issuer1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.MfaTotp;\nimport com.pulumi.vault.identity.MfaTotpArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new MfaTotp(\"example\", MfaTotpArgs.builder() \n .issuer(\"issuer1\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: vault:identity:MfaTotp\n properties:\n issuer: issuer1\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nResource can be imported using its `uuid` field, e.g.\n\n```sh\n $ pulumi import vault:identity/mfaTotp:MfaTotp example 0d89c36a-4ff5-4d70-8749-bb6a5598aeec\n```\n\n ", + "description": "Resource for configuring the totp MFA method.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst example = new vault.identity.MfaTotp(\"example\", {issuer: \"issuer1\"});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample = vault.identity.MfaTotp(\"example\", issuer=\"issuer1\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Vault.Identity.MfaTotp(\"example\", new()\n {\n Issuer = \"issuer1\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := identity.NewMfaTotp(ctx, \"example\", \u0026identity.MfaTotpArgs{\n\t\t\tIssuer: pulumi.String(\"issuer1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.MfaTotp;\nimport com.pulumi.vault.identity.MfaTotpArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new MfaTotp(\"example\", MfaTotpArgs.builder() \n .issuer(\"issuer1\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: vault:identity:MfaTotp\n properties:\n issuer: issuer1\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nResource can be imported using its `uuid` field, e.g.\n\n```sh\n $ pulumi import vault:identity/mfaTotp:MfaTotp example 0d89c36a-4ff5-4d70-8749-bb6a5598aeec\n```\n ", "properties": { "algorithm": { "type": "string", @@ -16743,7 +13872,7 @@ } }, "vault:identity/oidc:Oidc": { - "description": "Configure the [Identity Tokens Backend](https://www.vaultproject.io/docs/secrets/identity/index.html#identity-tokens).\n\nThe Identity secrets engine is the identity management solution for Vault. It internally maintains\nthe clients who are recognized by Vault.\n\n\u003e **NOTE:** Each Vault server may only have one Identity Tokens Backend configuration. Multiple configurations of the resource against the same Vault server will cause a perpetual difference.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst server = new vault.identity.Oidc(\"server\", {\n issuer: \"https://www.acme.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nserver = vault.identity.Oidc(\"server\", issuer=\"https://www.acme.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var server = new Vault.Identity.Oidc(\"server\", new()\n {\n Issuer = \"https://www.acme.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := identity.NewOidc(ctx, \"server\", \u0026identity.OidcArgs{\n\t\t\tIssuer: pulumi.String(\"https://www.acme.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.Oidc;\nimport com.pulumi.vault.identity.OidcArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var server = new Oidc(\"server\", OidcArgs.builder() \n .issuer(\"https://www.acme.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n server:\n type: vault:identity:Oidc\n properties:\n issuer: https://www.acme.com\n```\n{{% /example %}}\n{{% /examples %}}", + "description": "Configure the [Identity Tokens Backend](https://www.vaultproject.io/docs/secrets/identity/index.html#identity-tokens).\n\nThe Identity secrets engine is the identity management solution for Vault. It internally maintains\nthe clients who are recognized by Vault.\n\n\u003e **NOTE:** Each Vault server may only have one Identity Tokens Backend configuration. Multiple configurations of the resource against the same Vault server will cause a perpetual difference.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst server = new vault.identity.Oidc(\"server\", {issuer: \"https://www.acme.com\"});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nserver = vault.identity.Oidc(\"server\", issuer=\"https://www.acme.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var server = new Vault.Identity.Oidc(\"server\", new()\n {\n Issuer = \"https://www.acme.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := identity.NewOidc(ctx, \"server\", \u0026identity.OidcArgs{\n\t\t\tIssuer: pulumi.String(\"https://www.acme.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.Oidc;\nimport com.pulumi.vault.identity.OidcArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var server = new Oidc(\"server\", OidcArgs.builder() \n .issuer(\"https://www.acme.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n server:\n type: vault:identity:Oidc\n properties:\n issuer: https://www.acme.com\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "issuer": { "type": "string", @@ -16785,7 +13914,7 @@ } }, "vault:identity/oidcAssignment:OidcAssignment": { - "description": "Manages OIDC Assignments in a Vault server. See the [Vault documentation](https://www.vaultproject.io/api-docs/secret/identity/oidc-provider#create-or-update-an-assignment)\nfor more information.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst internal = new vault.identity.Group(\"internal\", {\n type: \"internal\",\n policies: [\n \"dev\",\n \"test\",\n ],\n});\nconst test = new vault.identity.Entity(\"test\", {policies: [\"test\"]});\nconst _default = new vault.identity.OidcAssignment(\"default\", {\n entityIds: [test.id],\n groupIds: [internal.id],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ninternal = vault.identity.Group(\"internal\",\n type=\"internal\",\n policies=[\n \"dev\",\n \"test\",\n ])\ntest = vault.identity.Entity(\"test\", policies=[\"test\"])\ndefault = vault.identity.OidcAssignment(\"default\",\n entity_ids=[test.id],\n group_ids=[internal.id])\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @internal = new Vault.Identity.Group(\"internal\", new()\n {\n Type = \"internal\",\n Policies = new[]\n {\n \"dev\",\n \"test\",\n },\n });\n\n var test = new Vault.Identity.Entity(\"test\", new()\n {\n Policies = new[]\n {\n \"test\",\n },\n });\n\n var @default = new Vault.Identity.OidcAssignment(\"default\", new()\n {\n EntityIds = new[]\n {\n test.Id,\n },\n GroupIds = new[]\n {\n @internal.Id,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinternal, err := identity.NewGroup(ctx, \"internal\", \u0026identity.GroupArgs{\n\t\t\tType: pulumi.String(\"internal\"),\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"dev\"),\n\t\t\t\tpulumi.String(\"test\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttest, err := identity.NewEntity(ctx, \"test\", \u0026identity.EntityArgs{\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"test\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewOidcAssignment(ctx, \"default\", \u0026identity.OidcAssignmentArgs{\n\t\t\tEntityIds: pulumi.StringArray{\n\t\t\t\ttest.ID(),\n\t\t\t},\n\t\t\tGroupIds: pulumi.StringArray{\n\t\t\t\tinternal.ID(),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.Group;\nimport com.pulumi.vault.identity.GroupArgs;\nimport com.pulumi.vault.identity.Entity;\nimport com.pulumi.vault.identity.EntityArgs;\nimport com.pulumi.vault.identity.OidcAssignment;\nimport com.pulumi.vault.identity.OidcAssignmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var internal = new Group(\"internal\", GroupArgs.builder() \n .type(\"internal\")\n .policies( \n \"dev\",\n \"test\")\n .build());\n\n var test = new Entity(\"test\", EntityArgs.builder() \n .policies(\"test\")\n .build());\n\n var default_ = new OidcAssignment(\"default\", OidcAssignmentArgs.builder() \n .entityIds(test.id())\n .groupIds(internal.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n internal:\n type: vault:identity:Group\n properties:\n type: internal\n policies:\n - dev\n - test\n test:\n type: vault:identity:Entity\n properties:\n policies:\n - test\n default:\n type: vault:identity:OidcAssignment\n properties:\n entityIds:\n - ${test.id}\n groupIds:\n - ${internal.id}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nOIDC Assignments can be imported using the `name`, e.g.\n\n```sh\n $ pulumi import vault:identity/oidcAssignment:OidcAssignment default assignment\n```\n\n ", + "description": "Manages OIDC Assignments in a Vault server. See the [Vault documentation](https://www.vaultproject.io/api-docs/secret/identity/oidc-provider#create-or-update-an-assignment)\nfor more information.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst internal = new vault.identity.Group(\"internal\", {\n type: \"internal\",\n policies: [\n \"dev\",\n \"test\",\n ],\n});\nconst test = new vault.identity.Entity(\"test\", {policies: [\"test\"]});\nconst _default = new vault.identity.OidcAssignment(\"default\", {\n entityIds: [test.id],\n groupIds: [internal.id],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ninternal = vault.identity.Group(\"internal\",\n type=\"internal\",\n policies=[\n \"dev\",\n \"test\",\n ])\ntest = vault.identity.Entity(\"test\", policies=[\"test\"])\ndefault = vault.identity.OidcAssignment(\"default\",\n entity_ids=[test.id],\n group_ids=[internal.id])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @internal = new Vault.Identity.Group(\"internal\", new()\n {\n Type = \"internal\",\n Policies = new[]\n {\n \"dev\",\n \"test\",\n },\n });\n\n var test = new Vault.Identity.Entity(\"test\", new()\n {\n Policies = new[]\n {\n \"test\",\n },\n });\n\n var @default = new Vault.Identity.OidcAssignment(\"default\", new()\n {\n EntityIds = new[]\n {\n test.Id,\n },\n GroupIds = new[]\n {\n @internal.Id,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinternal, err := identity.NewGroup(ctx, \"internal\", \u0026identity.GroupArgs{\n\t\t\tType: pulumi.String(\"internal\"),\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"dev\"),\n\t\t\t\tpulumi.String(\"test\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttest, err := identity.NewEntity(ctx, \"test\", \u0026identity.EntityArgs{\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"test\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewOidcAssignment(ctx, \"default\", \u0026identity.OidcAssignmentArgs{\n\t\t\tEntityIds: pulumi.StringArray{\n\t\t\t\ttest.ID(),\n\t\t\t},\n\t\t\tGroupIds: pulumi.StringArray{\n\t\t\t\tinternal.ID(),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.Group;\nimport com.pulumi.vault.identity.GroupArgs;\nimport com.pulumi.vault.identity.Entity;\nimport com.pulumi.vault.identity.EntityArgs;\nimport com.pulumi.vault.identity.OidcAssignment;\nimport com.pulumi.vault.identity.OidcAssignmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var internal = new Group(\"internal\", GroupArgs.builder() \n .type(\"internal\")\n .policies( \n \"dev\",\n \"test\")\n .build());\n\n var test = new Entity(\"test\", EntityArgs.builder() \n .policies(\"test\")\n .build());\n\n var default_ = new OidcAssignment(\"default\", OidcAssignmentArgs.builder() \n .entityIds(test.id())\n .groupIds(internal.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n internal:\n type: vault:identity:Group\n properties:\n type: internal\n policies:\n - dev\n - test\n test:\n type: vault:identity:Entity\n properties:\n policies:\n - test\n default:\n type: vault:identity:OidcAssignment\n properties:\n entityIds:\n - ${test.id}\n groupIds:\n - ${internal.id}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nOIDC Assignments can be imported using the `name`, e.g.\n\n```sh\n $ pulumi import vault:identity/oidcAssignment:OidcAssignment default assignment\n```\n ", "properties": { "entityIds": { "type": "array", @@ -16871,7 +14000,7 @@ } }, "vault:identity/oidcClient:OidcClient": { - "description": "Manages OIDC Clients in a Vault server. See the [Vault documentation](https://www.vaultproject.io/api-docs/secret/identity/oidc-provider#create-or-update-an-assignment)\nfor more information.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst testOidcAssignment = new vault.identity.OidcAssignment(\"testOidcAssignment\", {\n entityIds: [\"ascbascas-2231a-sdfaa\"],\n groupIds: [\"sajkdsad-32414-sfsada\"],\n});\nconst testOidcClient = new vault.identity.OidcClient(\"testOidcClient\", {\n redirectUris: [\n \"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\",\n \"http://127.0.0.1:8251/callback\",\n \"http://127.0.0.1:8080/callback\",\n ],\n assignments: [testOidcAssignment.name],\n idTokenTtl: 2400,\n accessTokenTtl: 7200,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest_oidc_assignment = vault.identity.OidcAssignment(\"testOidcAssignment\",\n entity_ids=[\"ascbascas-2231a-sdfaa\"],\n group_ids=[\"sajkdsad-32414-sfsada\"])\ntest_oidc_client = vault.identity.OidcClient(\"testOidcClient\",\n redirect_uris=[\n \"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\",\n \"http://127.0.0.1:8251/callback\",\n \"http://127.0.0.1:8080/callback\",\n ],\n assignments=[test_oidc_assignment.name],\n id_token_ttl=2400,\n access_token_ttl=7200)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testOidcAssignment = new Vault.Identity.OidcAssignment(\"testOidcAssignment\", new()\n {\n EntityIds = new[]\n {\n \"ascbascas-2231a-sdfaa\",\n },\n GroupIds = new[]\n {\n \"sajkdsad-32414-sfsada\",\n },\n });\n\n var testOidcClient = new Vault.Identity.OidcClient(\"testOidcClient\", new()\n {\n RedirectUris = new[]\n {\n \"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\",\n \"http://127.0.0.1:8251/callback\",\n \"http://127.0.0.1:8080/callback\",\n },\n Assignments = new[]\n {\n testOidcAssignment.Name,\n },\n IdTokenTtl = 2400,\n AccessTokenTtl = 7200,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestOidcAssignment, err := identity.NewOidcAssignment(ctx, \"testOidcAssignment\", \u0026identity.OidcAssignmentArgs{\n\t\t\tEntityIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"ascbascas-2231a-sdfaa\"),\n\t\t\t},\n\t\t\tGroupIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"sajkdsad-32414-sfsada\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewOidcClient(ctx, \"testOidcClient\", \u0026identity.OidcClientArgs{\n\t\t\tRedirectUris: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\"),\n\t\t\t\tpulumi.String(\"http://127.0.0.1:8251/callback\"),\n\t\t\t\tpulumi.String(\"http://127.0.0.1:8080/callback\"),\n\t\t\t},\n\t\t\tAssignments: pulumi.StringArray{\n\t\t\t\ttestOidcAssignment.Name,\n\t\t\t},\n\t\t\tIdTokenTtl: pulumi.Int(2400),\n\t\t\tAccessTokenTtl: pulumi.Int(7200),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.OidcAssignment;\nimport com.pulumi.vault.identity.OidcAssignmentArgs;\nimport com.pulumi.vault.identity.OidcClient;\nimport com.pulumi.vault.identity.OidcClientArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testOidcAssignment = new OidcAssignment(\"testOidcAssignment\", OidcAssignmentArgs.builder() \n .entityIds(\"ascbascas-2231a-sdfaa\")\n .groupIds(\"sajkdsad-32414-sfsada\")\n .build());\n\n var testOidcClient = new OidcClient(\"testOidcClient\", OidcClientArgs.builder() \n .redirectUris( \n \"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\",\n \"http://127.0.0.1:8251/callback\",\n \"http://127.0.0.1:8080/callback\")\n .assignments(testOidcAssignment.name())\n .idTokenTtl(2400)\n .accessTokenTtl(7200)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testOidcAssignment:\n type: vault:identity:OidcAssignment\n properties:\n entityIds:\n - ascbascas-2231a-sdfaa\n groupIds:\n - sajkdsad-32414-sfsada\n testOidcClient:\n type: vault:identity:OidcClient\n properties:\n redirectUris:\n - http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\n - http://127.0.0.1:8251/callback\n - http://127.0.0.1:8080/callback\n assignments:\n - ${testOidcAssignment.name}\n idTokenTtl: 2400\n accessTokenTtl: 7200\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nOIDC Clients can be imported using the `name`, e.g.\n\n```sh\n $ pulumi import vault:identity/oidcClient:OidcClient test my-app\n```\n\n ", + "description": "Manages OIDC Clients in a Vault server. See the [Vault documentation](https://www.vaultproject.io/api-docs/secret/identity/oidc-provider#create-or-update-an-assignment)\nfor more information.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst testOidcAssignment = new vault.identity.OidcAssignment(\"testOidcAssignment\", {\n entityIds: [\"ascbascas-2231a-sdfaa\"],\n groupIds: [\"sajkdsad-32414-sfsada\"],\n});\nconst testOidcClient = new vault.identity.OidcClient(\"testOidcClient\", {\n redirectUris: [\n \"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\",\n \"http://127.0.0.1:8251/callback\",\n \"http://127.0.0.1:8080/callback\",\n ],\n assignments: [testOidcAssignment.name],\n idTokenTtl: 2400,\n accessTokenTtl: 7200,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest_oidc_assignment = vault.identity.OidcAssignment(\"testOidcAssignment\",\n entity_ids=[\"ascbascas-2231a-sdfaa\"],\n group_ids=[\"sajkdsad-32414-sfsada\"])\ntest_oidc_client = vault.identity.OidcClient(\"testOidcClient\",\n redirect_uris=[\n \"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\",\n \"http://127.0.0.1:8251/callback\",\n \"http://127.0.0.1:8080/callback\",\n ],\n assignments=[test_oidc_assignment.name],\n id_token_ttl=2400,\n access_token_ttl=7200)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testOidcAssignment = new Vault.Identity.OidcAssignment(\"testOidcAssignment\", new()\n {\n EntityIds = new[]\n {\n \"ascbascas-2231a-sdfaa\",\n },\n GroupIds = new[]\n {\n \"sajkdsad-32414-sfsada\",\n },\n });\n\n var testOidcClient = new Vault.Identity.OidcClient(\"testOidcClient\", new()\n {\n RedirectUris = new[]\n {\n \"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\",\n \"http://127.0.0.1:8251/callback\",\n \"http://127.0.0.1:8080/callback\",\n },\n Assignments = new[]\n {\n testOidcAssignment.Name,\n },\n IdTokenTtl = 2400,\n AccessTokenTtl = 7200,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestOidcAssignment, err := identity.NewOidcAssignment(ctx, \"testOidcAssignment\", \u0026identity.OidcAssignmentArgs{\n\t\t\tEntityIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"ascbascas-2231a-sdfaa\"),\n\t\t\t},\n\t\t\tGroupIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"sajkdsad-32414-sfsada\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewOidcClient(ctx, \"testOidcClient\", \u0026identity.OidcClientArgs{\n\t\t\tRedirectUris: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\"),\n\t\t\t\tpulumi.String(\"http://127.0.0.1:8251/callback\"),\n\t\t\t\tpulumi.String(\"http://127.0.0.1:8080/callback\"),\n\t\t\t},\n\t\t\tAssignments: pulumi.StringArray{\n\t\t\t\ttestOidcAssignment.Name,\n\t\t\t},\n\t\t\tIdTokenTtl: pulumi.Int(2400),\n\t\t\tAccessTokenTtl: pulumi.Int(7200),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.OidcAssignment;\nimport com.pulumi.vault.identity.OidcAssignmentArgs;\nimport com.pulumi.vault.identity.OidcClient;\nimport com.pulumi.vault.identity.OidcClientArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testOidcAssignment = new OidcAssignment(\"testOidcAssignment\", OidcAssignmentArgs.builder() \n .entityIds(\"ascbascas-2231a-sdfaa\")\n .groupIds(\"sajkdsad-32414-sfsada\")\n .build());\n\n var testOidcClient = new OidcClient(\"testOidcClient\", OidcClientArgs.builder() \n .redirectUris( \n \"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\",\n \"http://127.0.0.1:8251/callback\",\n \"http://127.0.0.1:8080/callback\")\n .assignments(testOidcAssignment.name())\n .idTokenTtl(2400)\n .accessTokenTtl(7200)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testOidcAssignment:\n type: vault:identity:OidcAssignment\n properties:\n entityIds:\n - ascbascas-2231a-sdfaa\n groupIds:\n - sajkdsad-32414-sfsada\n testOidcClient:\n type: vault:identity:OidcClient\n properties:\n redirectUris:\n - http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\n - http://127.0.0.1:8251/callback\n - http://127.0.0.1:8080/callback\n assignments:\n - ${testOidcAssignment.name}\n idTokenTtl: 2400\n accessTokenTtl: 7200\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nOIDC Clients can be imported using the `name`, e.g.\n\n```sh\n $ pulumi import vault:identity/oidcClient:OidcClient test my-app\n```\n ", "properties": { "accessTokenTtl": { "type": "integer", @@ -17031,7 +14160,7 @@ } }, "vault:identity/oidcKey:OidcKey": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst key = new vault.identity.OidcKey(\"key\", {algorithm: \"RS256\"});\nconst roleOidcRole = new vault.identity.OidcRole(\"roleOidcRole\", {key: key.name});\nconst roleOidcKeyAllowedClientID = new vault.identity.OidcKeyAllowedClientID(\"roleOidcKeyAllowedClientID\", {\n keyName: key.name,\n allowedClientId: roleOidcRole.clientId,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nkey = vault.identity.OidcKey(\"key\", algorithm=\"RS256\")\nrole_oidc_role = vault.identity.OidcRole(\"roleOidcRole\", key=key.name)\nrole_oidc_key_allowed_client_id = vault.identity.OidcKeyAllowedClientID(\"roleOidcKeyAllowedClientID\",\n key_name=key.name,\n allowed_client_id=role_oidc_role.client_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var key = new Vault.Identity.OidcKey(\"key\", new()\n {\n Algorithm = \"RS256\",\n });\n\n var roleOidcRole = new Vault.Identity.OidcRole(\"roleOidcRole\", new()\n {\n Key = key.Name,\n });\n\n var roleOidcKeyAllowedClientID = new Vault.Identity.OidcKeyAllowedClientID(\"roleOidcKeyAllowedClientID\", new()\n {\n KeyName = key.Name,\n AllowedClientId = roleOidcRole.ClientId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tkey, err := identity.NewOidcKey(ctx, \"key\", \u0026identity.OidcKeyArgs{\n\t\t\tAlgorithm: pulumi.String(\"RS256\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\troleOidcRole, err := identity.NewOidcRole(ctx, \"roleOidcRole\", \u0026identity.OidcRoleArgs{\n\t\t\tKey: key.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewOidcKeyAllowedClientID(ctx, \"roleOidcKeyAllowedClientID\", \u0026identity.OidcKeyAllowedClientIDArgs{\n\t\t\tKeyName: key.Name,\n\t\t\tAllowedClientId: roleOidcRole.ClientId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.OidcKey;\nimport com.pulumi.vault.identity.OidcKeyArgs;\nimport com.pulumi.vault.identity.OidcRole;\nimport com.pulumi.vault.identity.OidcRoleArgs;\nimport com.pulumi.vault.identity.OidcKeyAllowedClientID;\nimport com.pulumi.vault.identity.OidcKeyAllowedClientIDArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var key = new OidcKey(\"key\", OidcKeyArgs.builder() \n .algorithm(\"RS256\")\n .build());\n\n var roleOidcRole = new OidcRole(\"roleOidcRole\", OidcRoleArgs.builder() \n .key(key.name())\n .build());\n\n var roleOidcKeyAllowedClientID = new OidcKeyAllowedClientID(\"roleOidcKeyAllowedClientID\", OidcKeyAllowedClientIDArgs.builder() \n .keyName(key.name())\n .allowedClientId(roleOidcRole.clientId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n key:\n type: vault:identity:OidcKey\n properties:\n algorithm: RS256\n roleOidcRole:\n type: vault:identity:OidcRole\n properties:\n key: ${key.name}\n roleOidcKeyAllowedClientID:\n type: vault:identity:OidcKeyAllowedClientID\n properties:\n keyName: ${key.name}\n allowedClientId: ${roleOidcRole.clientId}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nThe key can be imported with the key name, for example\n\n```sh\n $ pulumi import vault:identity/oidcKey:OidcKey key key\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst key = new vault.identity.OidcKey(\"key\", {algorithm: \"RS256\"});\nconst roleOidcRole = new vault.identity.OidcRole(\"roleOidcRole\", {key: key.name});\nconst roleOidcKeyAllowedClientID = new vault.identity.OidcKeyAllowedClientID(\"roleOidcKeyAllowedClientID\", {\n keyName: key.name,\n allowedClientId: roleOidcRole.clientId,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nkey = vault.identity.OidcKey(\"key\", algorithm=\"RS256\")\nrole_oidc_role = vault.identity.OidcRole(\"roleOidcRole\", key=key.name)\nrole_oidc_key_allowed_client_id = vault.identity.OidcKeyAllowedClientID(\"roleOidcKeyAllowedClientID\",\n key_name=key.name,\n allowed_client_id=role_oidc_role.client_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var key = new Vault.Identity.OidcKey(\"key\", new()\n {\n Algorithm = \"RS256\",\n });\n\n var roleOidcRole = new Vault.Identity.OidcRole(\"roleOidcRole\", new()\n {\n Key = key.Name,\n });\n\n var roleOidcKeyAllowedClientID = new Vault.Identity.OidcKeyAllowedClientID(\"roleOidcKeyAllowedClientID\", new()\n {\n KeyName = key.Name,\n AllowedClientId = roleOidcRole.ClientId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tkey, err := identity.NewOidcKey(ctx, \"key\", \u0026identity.OidcKeyArgs{\n\t\t\tAlgorithm: pulumi.String(\"RS256\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\troleOidcRole, err := identity.NewOidcRole(ctx, \"roleOidcRole\", \u0026identity.OidcRoleArgs{\n\t\t\tKey: key.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewOidcKeyAllowedClientID(ctx, \"roleOidcKeyAllowedClientID\", \u0026identity.OidcKeyAllowedClientIDArgs{\n\t\t\tKeyName: key.Name,\n\t\t\tAllowedClientId: roleOidcRole.ClientId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.OidcKey;\nimport com.pulumi.vault.identity.OidcKeyArgs;\nimport com.pulumi.vault.identity.OidcRole;\nimport com.pulumi.vault.identity.OidcRoleArgs;\nimport com.pulumi.vault.identity.OidcKeyAllowedClientID;\nimport com.pulumi.vault.identity.OidcKeyAllowedClientIDArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var key = new OidcKey(\"key\", OidcKeyArgs.builder() \n .algorithm(\"RS256\")\n .build());\n\n var roleOidcRole = new OidcRole(\"roleOidcRole\", OidcRoleArgs.builder() \n .key(key.name())\n .build());\n\n var roleOidcKeyAllowedClientID = new OidcKeyAllowedClientID(\"roleOidcKeyAllowedClientID\", OidcKeyAllowedClientIDArgs.builder() \n .keyName(key.name())\n .allowedClientId(roleOidcRole.clientId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n key:\n type: vault:identity:OidcKey\n properties:\n algorithm: RS256\n roleOidcRole:\n type: vault:identity:OidcRole\n properties:\n key: ${key.name}\n roleOidcKeyAllowedClientID:\n type: vault:identity:OidcKeyAllowedClientID\n properties:\n keyName: ${key.name}\n allowedClientId: ${roleOidcRole.clientId}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nThe key can be imported with the key name, for example:\n\n```sh\n $ pulumi import vault:identity/oidcKey:OidcKey key key\n```\n ", "properties": { "algorithm": { "type": "string", @@ -17042,7 +14171,7 @@ "items": { "type": "string" }, - "description": "Array of role client ids allowed to use this key for signing. If empty, no roles are allowed. If \"*\", all roles are\nallowed.\n" + "description": "Array of role client ID allowed to use this key for signing. If\nempty, no roles are allowed. If `[\"*\"]`, all roles are allowed.\n" }, "name": { "type": "string", @@ -17075,7 +14204,7 @@ "items": { "type": "string" }, - "description": "Array of role client ids allowed to use this key for signing. If empty, no roles are allowed. If \"*\", all roles are\nallowed.\n" + "description": "Array of role client ID allowed to use this key for signing. If\nempty, no roles are allowed. If `[\"*\"]`, all roles are allowed.\n" }, "name": { "type": "string", @@ -17108,7 +14237,7 @@ "items": { "type": "string" }, - "description": "Array of role client ids allowed to use this key for signing. If empty, no roles are allowed. If \"*\", all roles are\nallowed.\n" + "description": "Array of role client ID allowed to use this key for signing. If\nempty, no roles are allowed. If `[\"*\"]`, all roles are allowed.\n" }, "name": { "type": "string", @@ -17133,7 +14262,7 @@ } }, "vault:identity/oidcKeyAllowedClientID:OidcKeyAllowedClientID": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst key = new vault.identity.OidcKey(\"key\", {algorithm: \"RS256\"});\nconst roleOidcRole = new vault.identity.OidcRole(\"roleOidcRole\", {key: key.name});\nconst roleOidcKeyAllowedClientID = new vault.identity.OidcKeyAllowedClientID(\"roleOidcKeyAllowedClientID\", {\n keyName: key.name,\n allowedClientId: roleOidcRole.clientId,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nkey = vault.identity.OidcKey(\"key\", algorithm=\"RS256\")\nrole_oidc_role = vault.identity.OidcRole(\"roleOidcRole\", key=key.name)\nrole_oidc_key_allowed_client_id = vault.identity.OidcKeyAllowedClientID(\"roleOidcKeyAllowedClientID\",\n key_name=key.name,\n allowed_client_id=role_oidc_role.client_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var key = new Vault.Identity.OidcKey(\"key\", new()\n {\n Algorithm = \"RS256\",\n });\n\n var roleOidcRole = new Vault.Identity.OidcRole(\"roleOidcRole\", new()\n {\n Key = key.Name,\n });\n\n var roleOidcKeyAllowedClientID = new Vault.Identity.OidcKeyAllowedClientID(\"roleOidcKeyAllowedClientID\", new()\n {\n KeyName = key.Name,\n AllowedClientId = roleOidcRole.ClientId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tkey, err := identity.NewOidcKey(ctx, \"key\", \u0026identity.OidcKeyArgs{\n\t\t\tAlgorithm: pulumi.String(\"RS256\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\troleOidcRole, err := identity.NewOidcRole(ctx, \"roleOidcRole\", \u0026identity.OidcRoleArgs{\n\t\t\tKey: key.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewOidcKeyAllowedClientID(ctx, \"roleOidcKeyAllowedClientID\", \u0026identity.OidcKeyAllowedClientIDArgs{\n\t\t\tKeyName: key.Name,\n\t\t\tAllowedClientId: roleOidcRole.ClientId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.OidcKey;\nimport com.pulumi.vault.identity.OidcKeyArgs;\nimport com.pulumi.vault.identity.OidcRole;\nimport com.pulumi.vault.identity.OidcRoleArgs;\nimport com.pulumi.vault.identity.OidcKeyAllowedClientID;\nimport com.pulumi.vault.identity.OidcKeyAllowedClientIDArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var key = new OidcKey(\"key\", OidcKeyArgs.builder() \n .algorithm(\"RS256\")\n .build());\n\n var roleOidcRole = new OidcRole(\"roleOidcRole\", OidcRoleArgs.builder() \n .key(key.name())\n .build());\n\n var roleOidcKeyAllowedClientID = new OidcKeyAllowedClientID(\"roleOidcKeyAllowedClientID\", OidcKeyAllowedClientIDArgs.builder() \n .keyName(key.name())\n .allowedClientId(roleOidcRole.clientId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n key:\n type: vault:identity:OidcKey\n properties:\n algorithm: RS256\n roleOidcRole:\n type: vault:identity:OidcRole\n properties:\n key: ${key.name}\n roleOidcKeyAllowedClientID:\n type: vault:identity:OidcKeyAllowedClientID\n properties:\n keyName: ${key.name}\n allowedClientId: ${roleOidcRole.clientId}\n```\n{{% /example %}}\n{{% /examples %}}", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst key = new vault.identity.OidcKey(\"key\", {algorithm: \"RS256\"});\nconst roleOidcRole = new vault.identity.OidcRole(\"roleOidcRole\", {key: key.name});\nconst roleOidcKeyAllowedClientID = new vault.identity.OidcKeyAllowedClientID(\"roleOidcKeyAllowedClientID\", {\n keyName: key.name,\n allowedClientId: roleOidcRole.clientId,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nkey = vault.identity.OidcKey(\"key\", algorithm=\"RS256\")\nrole_oidc_role = vault.identity.OidcRole(\"roleOidcRole\", key=key.name)\nrole_oidc_key_allowed_client_id = vault.identity.OidcKeyAllowedClientID(\"roleOidcKeyAllowedClientID\",\n key_name=key.name,\n allowed_client_id=role_oidc_role.client_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var key = new Vault.Identity.OidcKey(\"key\", new()\n {\n Algorithm = \"RS256\",\n });\n\n var roleOidcRole = new Vault.Identity.OidcRole(\"roleOidcRole\", new()\n {\n Key = key.Name,\n });\n\n var roleOidcKeyAllowedClientID = new Vault.Identity.OidcKeyAllowedClientID(\"roleOidcKeyAllowedClientID\", new()\n {\n KeyName = key.Name,\n AllowedClientId = roleOidcRole.ClientId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tkey, err := identity.NewOidcKey(ctx, \"key\", \u0026identity.OidcKeyArgs{\n\t\t\tAlgorithm: pulumi.String(\"RS256\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\troleOidcRole, err := identity.NewOidcRole(ctx, \"roleOidcRole\", \u0026identity.OidcRoleArgs{\n\t\t\tKey: key.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewOidcKeyAllowedClientID(ctx, \"roleOidcKeyAllowedClientID\", \u0026identity.OidcKeyAllowedClientIDArgs{\n\t\t\tKeyName: key.Name,\n\t\t\tAllowedClientId: roleOidcRole.ClientId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.OidcKey;\nimport com.pulumi.vault.identity.OidcKeyArgs;\nimport com.pulumi.vault.identity.OidcRole;\nimport com.pulumi.vault.identity.OidcRoleArgs;\nimport com.pulumi.vault.identity.OidcKeyAllowedClientID;\nimport com.pulumi.vault.identity.OidcKeyAllowedClientIDArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var key = new OidcKey(\"key\", OidcKeyArgs.builder() \n .algorithm(\"RS256\")\n .build());\n\n var roleOidcRole = new OidcRole(\"roleOidcRole\", OidcRoleArgs.builder() \n .key(key.name())\n .build());\n\n var roleOidcKeyAllowedClientID = new OidcKeyAllowedClientID(\"roleOidcKeyAllowedClientID\", OidcKeyAllowedClientIDArgs.builder() \n .keyName(key.name())\n .allowedClientId(roleOidcRole.clientId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n key:\n type: vault:identity:OidcKey\n properties:\n algorithm: RS256\n roleOidcRole:\n type: vault:identity:OidcRole\n properties:\n key: ${key.name}\n roleOidcKeyAllowedClientID:\n type: vault:identity:OidcKeyAllowedClientID\n properties:\n keyName: ${key.name}\n allowedClientId: ${roleOidcRole.clientId}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "allowedClientId": { "type": "string", @@ -17196,7 +14325,7 @@ } }, "vault:identity/oidcProvider:OidcProvider": { - "description": "Manages OIDC Providers in a Vault server. See the [Vault documentation](https://www.vaultproject.io/api-docs/secret/identity/oidc-provider#create-or-update-an-assignment)\nfor more information.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst testOidcKey = new vault.identity.OidcKey(\"testOidcKey\", {\n allowedClientIds: [\"*\"],\n rotationPeriod: 3600,\n verificationTtl: 3600,\n});\nconst testOidcAssignment = new vault.identity.OidcAssignment(\"testOidcAssignment\", {\n entityIds: [\"fake-ascbascas-2231a-sdfaa\"],\n groupIds: [\"fake-sajkdsad-32414-sfsada\"],\n});\nconst testOidcClient = new vault.identity.OidcClient(\"testOidcClient\", {\n key: testOidcKey.name,\n redirectUris: [\n \"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\",\n \"http://127.0.0.1:8251/callback\",\n \"http://127.0.0.1:8080/callback\",\n ],\n assignments: [testOidcAssignment.name],\n idTokenTtl: 2400,\n accessTokenTtl: 7200,\n});\nconst testOidcScope = new vault.identity.OidcScope(\"testOidcScope\", {\n template: JSON.stringify({\n groups: \"{{identity.entity.groups.names}}\",\n }),\n description: \"Groups scope.\",\n});\nconst testOidcProvider = new vault.identity.OidcProvider(\"testOidcProvider\", {\n httpsEnabled: false,\n issuerHost: \"127.0.0.1:8200\",\n allowedClientIds: [testOidcClient.clientId],\n scopesSupporteds: [testOidcScope.name],\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_vault as vault\n\ntest_oidc_key = vault.identity.OidcKey(\"testOidcKey\",\n allowed_client_ids=[\"*\"],\n rotation_period=3600,\n verification_ttl=3600)\ntest_oidc_assignment = vault.identity.OidcAssignment(\"testOidcAssignment\",\n entity_ids=[\"fake-ascbascas-2231a-sdfaa\"],\n group_ids=[\"fake-sajkdsad-32414-sfsada\"])\ntest_oidc_client = vault.identity.OidcClient(\"testOidcClient\",\n key=test_oidc_key.name,\n redirect_uris=[\n \"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\",\n \"http://127.0.0.1:8251/callback\",\n \"http://127.0.0.1:8080/callback\",\n ],\n assignments=[test_oidc_assignment.name],\n id_token_ttl=2400,\n access_token_ttl=7200)\ntest_oidc_scope = vault.identity.OidcScope(\"testOidcScope\",\n template=json.dumps({\n \"groups\": \"{{identity.entity.groups.names}}\",\n }),\n description=\"Groups scope.\")\ntest_oidc_provider = vault.identity.OidcProvider(\"testOidcProvider\",\n https_enabled=False,\n issuer_host=\"127.0.0.1:8200\",\n allowed_client_ids=[test_oidc_client.client_id],\n scopes_supporteds=[test_oidc_scope.name])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Text.Json;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testOidcKey = new Vault.Identity.OidcKey(\"testOidcKey\", new()\n {\n AllowedClientIds = new[]\n {\n \"*\",\n },\n RotationPeriod = 3600,\n VerificationTtl = 3600,\n });\n\n var testOidcAssignment = new Vault.Identity.OidcAssignment(\"testOidcAssignment\", new()\n {\n EntityIds = new[]\n {\n \"fake-ascbascas-2231a-sdfaa\",\n },\n GroupIds = new[]\n {\n \"fake-sajkdsad-32414-sfsada\",\n },\n });\n\n var testOidcClient = new Vault.Identity.OidcClient(\"testOidcClient\", new()\n {\n Key = testOidcKey.Name,\n RedirectUris = new[]\n {\n \"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\",\n \"http://127.0.0.1:8251/callback\",\n \"http://127.0.0.1:8080/callback\",\n },\n Assignments = new[]\n {\n testOidcAssignment.Name,\n },\n IdTokenTtl = 2400,\n AccessTokenTtl = 7200,\n });\n\n var testOidcScope = new Vault.Identity.OidcScope(\"testOidcScope\", new()\n {\n Template = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"groups\"] = \"{{identity.entity.groups.names}}\",\n }),\n Description = \"Groups scope.\",\n });\n\n var testOidcProvider = new Vault.Identity.OidcProvider(\"testOidcProvider\", new()\n {\n HttpsEnabled = false,\n IssuerHost = \"127.0.0.1:8200\",\n AllowedClientIds = new[]\n {\n testOidcClient.ClientId,\n },\n ScopesSupporteds = new[]\n {\n testOidcScope.Name,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestOidcKey, err := identity.NewOidcKey(ctx, \"testOidcKey\", \u0026identity.OidcKeyArgs{\n\t\t\tAllowedClientIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"*\"),\n\t\t\t},\n\t\t\tRotationPeriod: pulumi.Int(3600),\n\t\t\tVerificationTtl: pulumi.Int(3600),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestOidcAssignment, err := identity.NewOidcAssignment(ctx, \"testOidcAssignment\", \u0026identity.OidcAssignmentArgs{\n\t\t\tEntityIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"fake-ascbascas-2231a-sdfaa\"),\n\t\t\t},\n\t\t\tGroupIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"fake-sajkdsad-32414-sfsada\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestOidcClient, err := identity.NewOidcClient(ctx, \"testOidcClient\", \u0026identity.OidcClientArgs{\n\t\t\tKey: testOidcKey.Name,\n\t\t\tRedirectUris: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\"),\n\t\t\t\tpulumi.String(\"http://127.0.0.1:8251/callback\"),\n\t\t\t\tpulumi.String(\"http://127.0.0.1:8080/callback\"),\n\t\t\t},\n\t\t\tAssignments: pulumi.StringArray{\n\t\t\t\ttestOidcAssignment.Name,\n\t\t\t},\n\t\t\tIdTokenTtl: pulumi.Int(2400),\n\t\t\tAccessTokenTtl: pulumi.Int(7200),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"groups\": \"{{identity.entity.groups.names}}\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\ttestOidcScope, err := identity.NewOidcScope(ctx, \"testOidcScope\", \u0026identity.OidcScopeArgs{\n\t\t\tTemplate: pulumi.String(json0),\n\t\t\tDescription: pulumi.String(\"Groups scope.\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewOidcProvider(ctx, \"testOidcProvider\", \u0026identity.OidcProviderArgs{\n\t\t\tHttpsEnabled: pulumi.Bool(false),\n\t\t\tIssuerHost: pulumi.String(\"127.0.0.1:8200\"),\n\t\t\tAllowedClientIds: pulumi.StringArray{\n\t\t\t\ttestOidcClient.ClientId,\n\t\t\t},\n\t\t\tScopesSupporteds: pulumi.StringArray{\n\t\t\t\ttestOidcScope.Name,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.OidcKey;\nimport com.pulumi.vault.identity.OidcKeyArgs;\nimport com.pulumi.vault.identity.OidcAssignment;\nimport com.pulumi.vault.identity.OidcAssignmentArgs;\nimport com.pulumi.vault.identity.OidcClient;\nimport com.pulumi.vault.identity.OidcClientArgs;\nimport com.pulumi.vault.identity.OidcScope;\nimport com.pulumi.vault.identity.OidcScopeArgs;\nimport com.pulumi.vault.identity.OidcProvider;\nimport com.pulumi.vault.identity.OidcProviderArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testOidcKey = new OidcKey(\"testOidcKey\", OidcKeyArgs.builder() \n .allowedClientIds(\"*\")\n .rotationPeriod(3600)\n .verificationTtl(3600)\n .build());\n\n var testOidcAssignment = new OidcAssignment(\"testOidcAssignment\", OidcAssignmentArgs.builder() \n .entityIds(\"fake-ascbascas-2231a-sdfaa\")\n .groupIds(\"fake-sajkdsad-32414-sfsada\")\n .build());\n\n var testOidcClient = new OidcClient(\"testOidcClient\", OidcClientArgs.builder() \n .key(testOidcKey.name())\n .redirectUris( \n \"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\",\n \"http://127.0.0.1:8251/callback\",\n \"http://127.0.0.1:8080/callback\")\n .assignments(testOidcAssignment.name())\n .idTokenTtl(2400)\n .accessTokenTtl(7200)\n .build());\n\n var testOidcScope = new OidcScope(\"testOidcScope\", OidcScopeArgs.builder() \n .template(serializeJson(\n jsonObject(\n jsonProperty(\"groups\", \"{{identity.entity.groups.names}}\")\n )))\n .description(\"Groups scope.\")\n .build());\n\n var testOidcProvider = new OidcProvider(\"testOidcProvider\", OidcProviderArgs.builder() \n .httpsEnabled(false)\n .issuerHost(\"127.0.0.1:8200\")\n .allowedClientIds(testOidcClient.clientId())\n .scopesSupporteds(testOidcScope.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testOidcKey:\n type: vault:identity:OidcKey\n properties:\n allowedClientIds:\n - '*'\n rotationPeriod: 3600\n verificationTtl: 3600\n testOidcAssignment:\n type: vault:identity:OidcAssignment\n properties:\n entityIds:\n - fake-ascbascas-2231a-sdfaa\n groupIds:\n - fake-sajkdsad-32414-sfsada\n testOidcClient:\n type: vault:identity:OidcClient\n properties:\n key: ${testOidcKey.name}\n redirectUris:\n - http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\n - http://127.0.0.1:8251/callback\n - http://127.0.0.1:8080/callback\n assignments:\n - ${testOidcAssignment.name}\n idTokenTtl: 2400\n accessTokenTtl: 7200\n testOidcScope:\n type: vault:identity:OidcScope\n properties:\n template:\n Fn::ToJSON:\n groups: '{{identity.entity.groups.names}}'\n description: Groups scope.\n testOidcProvider:\n type: vault:identity:OidcProvider\n properties:\n httpsEnabled: false\n issuerHost: 127.0.0.1:8200\n allowedClientIds:\n - ${testOidcClient.clientId}\n scopesSupporteds:\n - ${testOidcScope.name}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nOIDC Providers can be imported using the `name`, e.g.\n\n```sh\n $ pulumi import vault:identity/oidcProvider:OidcProvider test my-provider\n```\n\n ", + "description": "Manages OIDC Providers in a Vault server. See the [Vault documentation](https://www.vaultproject.io/api-docs/secret/identity/oidc-provider#create-or-update-an-assignment)\nfor more information.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst testOidcKey = new vault.identity.OidcKey(\"testOidcKey\", {\n allowedClientIds: [\"*\"],\n rotationPeriod: 3600,\n verificationTtl: 3600,\n});\nconst testOidcAssignment = new vault.identity.OidcAssignment(\"testOidcAssignment\", {\n entityIds: [\"fake-ascbascas-2231a-sdfaa\"],\n groupIds: [\"fake-sajkdsad-32414-sfsada\"],\n});\nconst testOidcClient = new vault.identity.OidcClient(\"testOidcClient\", {\n key: testOidcKey.name,\n redirectUris: [\n \"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\",\n \"http://127.0.0.1:8251/callback\",\n \"http://127.0.0.1:8080/callback\",\n ],\n assignments: [testOidcAssignment.name],\n idTokenTtl: 2400,\n accessTokenTtl: 7200,\n});\nconst testOidcScope = new vault.identity.OidcScope(\"testOidcScope\", {\n template: JSON.stringify({\n groups: \"{{identity.entity.groups.names}}\",\n }),\n description: \"Groups scope.\",\n});\nconst testOidcProvider = new vault.identity.OidcProvider(\"testOidcProvider\", {\n httpsEnabled: false,\n issuerHost: \"127.0.0.1:8200\",\n allowedClientIds: [testOidcClient.clientId],\n scopesSupporteds: [testOidcScope.name],\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_vault as vault\n\ntest_oidc_key = vault.identity.OidcKey(\"testOidcKey\",\n allowed_client_ids=[\"*\"],\n rotation_period=3600,\n verification_ttl=3600)\ntest_oidc_assignment = vault.identity.OidcAssignment(\"testOidcAssignment\",\n entity_ids=[\"fake-ascbascas-2231a-sdfaa\"],\n group_ids=[\"fake-sajkdsad-32414-sfsada\"])\ntest_oidc_client = vault.identity.OidcClient(\"testOidcClient\",\n key=test_oidc_key.name,\n redirect_uris=[\n \"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\",\n \"http://127.0.0.1:8251/callback\",\n \"http://127.0.0.1:8080/callback\",\n ],\n assignments=[test_oidc_assignment.name],\n id_token_ttl=2400,\n access_token_ttl=7200)\ntest_oidc_scope = vault.identity.OidcScope(\"testOidcScope\",\n template=json.dumps({\n \"groups\": \"{{identity.entity.groups.names}}\",\n }),\n description=\"Groups scope.\")\ntest_oidc_provider = vault.identity.OidcProvider(\"testOidcProvider\",\n https_enabled=False,\n issuer_host=\"127.0.0.1:8200\",\n allowed_client_ids=[test_oidc_client.client_id],\n scopes_supporteds=[test_oidc_scope.name])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testOidcKey = new Vault.Identity.OidcKey(\"testOidcKey\", new()\n {\n AllowedClientIds = new[]\n {\n \"*\",\n },\n RotationPeriod = 3600,\n VerificationTtl = 3600,\n });\n\n var testOidcAssignment = new Vault.Identity.OidcAssignment(\"testOidcAssignment\", new()\n {\n EntityIds = new[]\n {\n \"fake-ascbascas-2231a-sdfaa\",\n },\n GroupIds = new[]\n {\n \"fake-sajkdsad-32414-sfsada\",\n },\n });\n\n var testOidcClient = new Vault.Identity.OidcClient(\"testOidcClient\", new()\n {\n Key = testOidcKey.Name,\n RedirectUris = new[]\n {\n \"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\",\n \"http://127.0.0.1:8251/callback\",\n \"http://127.0.0.1:8080/callback\",\n },\n Assignments = new[]\n {\n testOidcAssignment.Name,\n },\n IdTokenTtl = 2400,\n AccessTokenTtl = 7200,\n });\n\n var testOidcScope = new Vault.Identity.OidcScope(\"testOidcScope\", new()\n {\n Template = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"groups\"] = \"{{identity.entity.groups.names}}\",\n }),\n Description = \"Groups scope.\",\n });\n\n var testOidcProvider = new Vault.Identity.OidcProvider(\"testOidcProvider\", new()\n {\n HttpsEnabled = false,\n IssuerHost = \"127.0.0.1:8200\",\n AllowedClientIds = new[]\n {\n testOidcClient.ClientId,\n },\n ScopesSupporteds = new[]\n {\n testOidcScope.Name,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestOidcKey, err := identity.NewOidcKey(ctx, \"testOidcKey\", \u0026identity.OidcKeyArgs{\n\t\t\tAllowedClientIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"*\"),\n\t\t\t},\n\t\t\tRotationPeriod: pulumi.Int(3600),\n\t\t\tVerificationTtl: pulumi.Int(3600),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestOidcAssignment, err := identity.NewOidcAssignment(ctx, \"testOidcAssignment\", \u0026identity.OidcAssignmentArgs{\n\t\t\tEntityIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"fake-ascbascas-2231a-sdfaa\"),\n\t\t\t},\n\t\t\tGroupIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"fake-sajkdsad-32414-sfsada\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestOidcClient, err := identity.NewOidcClient(ctx, \"testOidcClient\", \u0026identity.OidcClientArgs{\n\t\t\tKey: testOidcKey.Name,\n\t\t\tRedirectUris: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\"),\n\t\t\t\tpulumi.String(\"http://127.0.0.1:8251/callback\"),\n\t\t\t\tpulumi.String(\"http://127.0.0.1:8080/callback\"),\n\t\t\t},\n\t\t\tAssignments: pulumi.StringArray{\n\t\t\t\ttestOidcAssignment.Name,\n\t\t\t},\n\t\t\tIdTokenTtl: pulumi.Int(2400),\n\t\t\tAccessTokenTtl: pulumi.Int(7200),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"groups\": \"{{identity.entity.groups.names}}\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\ttestOidcScope, err := identity.NewOidcScope(ctx, \"testOidcScope\", \u0026identity.OidcScopeArgs{\n\t\t\tTemplate: pulumi.String(json0),\n\t\t\tDescription: pulumi.String(\"Groups scope.\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewOidcProvider(ctx, \"testOidcProvider\", \u0026identity.OidcProviderArgs{\n\t\t\tHttpsEnabled: pulumi.Bool(false),\n\t\t\tIssuerHost: pulumi.String(\"127.0.0.1:8200\"),\n\t\t\tAllowedClientIds: pulumi.StringArray{\n\t\t\t\ttestOidcClient.ClientId,\n\t\t\t},\n\t\t\tScopesSupporteds: pulumi.StringArray{\n\t\t\t\ttestOidcScope.Name,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.OidcKey;\nimport com.pulumi.vault.identity.OidcKeyArgs;\nimport com.pulumi.vault.identity.OidcAssignment;\nimport com.pulumi.vault.identity.OidcAssignmentArgs;\nimport com.pulumi.vault.identity.OidcClient;\nimport com.pulumi.vault.identity.OidcClientArgs;\nimport com.pulumi.vault.identity.OidcScope;\nimport com.pulumi.vault.identity.OidcScopeArgs;\nimport com.pulumi.vault.identity.OidcProvider;\nimport com.pulumi.vault.identity.OidcProviderArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testOidcKey = new OidcKey(\"testOidcKey\", OidcKeyArgs.builder() \n .allowedClientIds(\"*\")\n .rotationPeriod(3600)\n .verificationTtl(3600)\n .build());\n\n var testOidcAssignment = new OidcAssignment(\"testOidcAssignment\", OidcAssignmentArgs.builder() \n .entityIds(\"fake-ascbascas-2231a-sdfaa\")\n .groupIds(\"fake-sajkdsad-32414-sfsada\")\n .build());\n\n var testOidcClient = new OidcClient(\"testOidcClient\", OidcClientArgs.builder() \n .key(testOidcKey.name())\n .redirectUris( \n \"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\",\n \"http://127.0.0.1:8251/callback\",\n \"http://127.0.0.1:8080/callback\")\n .assignments(testOidcAssignment.name())\n .idTokenTtl(2400)\n .accessTokenTtl(7200)\n .build());\n\n var testOidcScope = new OidcScope(\"testOidcScope\", OidcScopeArgs.builder() \n .template(serializeJson(\n jsonObject(\n jsonProperty(\"groups\", \"{{identity.entity.groups.names}}\")\n )))\n .description(\"Groups scope.\")\n .build());\n\n var testOidcProvider = new OidcProvider(\"testOidcProvider\", OidcProviderArgs.builder() \n .httpsEnabled(false)\n .issuerHost(\"127.0.0.1:8200\")\n .allowedClientIds(testOidcClient.clientId())\n .scopesSupporteds(testOidcScope.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testOidcKey:\n type: vault:identity:OidcKey\n properties:\n allowedClientIds:\n - '*'\n rotationPeriod: 3600\n verificationTtl: 3600\n testOidcAssignment:\n type: vault:identity:OidcAssignment\n properties:\n entityIds:\n - fake-ascbascas-2231a-sdfaa\n groupIds:\n - fake-sajkdsad-32414-sfsada\n testOidcClient:\n type: vault:identity:OidcClient\n properties:\n key: ${testOidcKey.name}\n redirectUris:\n - http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\n - http://127.0.0.1:8251/callback\n - http://127.0.0.1:8080/callback\n assignments:\n - ${testOidcAssignment.name}\n idTokenTtl: 2400\n accessTokenTtl: 7200\n testOidcScope:\n type: vault:identity:OidcScope\n properties:\n template:\n fn::toJSON:\n groups: '{{identity.entity.groups.names}}'\n description: Groups scope.\n testOidcProvider:\n type: vault:identity:OidcProvider\n properties:\n httpsEnabled: false\n issuerHost: 127.0.0.1:8200\n allowedClientIds:\n - ${testOidcClient.clientId}\n scopesSupporteds:\n - ${testOidcScope.name}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nOIDC Providers can be imported using the `name`, e.g.\n\n```sh\n $ pulumi import vault:identity/oidcProvider:OidcProvider test my-provider\n```\n ", "properties": { "allowedClientIds": { "type": "array", @@ -17315,7 +14444,7 @@ } }, "vault:identity/oidcRole:OidcRole": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\nYou need to create a role with a named key.\nAt creation time, the key can be created independently of the role. However, the key must\nexist before the role can be used to issue tokens. You must also configure the key with the\nrole's Client ID to allow the role to use the key.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new pulumi.Config();\nconst key = config.get(\"key\") || \"key\";\nconst role = new vault.identity.OidcRole(\"role\", {key: key});\nconst keyOidcKey = new vault.identity.OidcKey(\"keyOidcKey\", {\n algorithm: \"RS256\",\n allowedClientIds: [role.clientId],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nconfig = pulumi.Config()\nkey = config.get(\"key\")\nif key is None:\n key = \"key\"\nrole = vault.identity.OidcRole(\"role\", key=key)\nkey_oidc_key = vault.identity.OidcKey(\"keyOidcKey\",\n algorithm=\"RS256\",\n allowed_client_ids=[role.client_id])\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var key = config.Get(\"key\") ?? \"key\";\n var role = new Vault.Identity.OidcRole(\"role\", new()\n {\n Key = key,\n });\n\n var keyOidcKey = new Vault.Identity.OidcKey(\"keyOidcKey\", new()\n {\n Algorithm = \"RS256\",\n AllowedClientIds = new[]\n {\n role.ClientId,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tkey := \"key\"\n\t\tif param := cfg.Get(\"key\"); param != \"\" {\n\t\t\tkey = param\n\t\t}\n\t\trole, err := identity.NewOidcRole(ctx, \"role\", \u0026identity.OidcRoleArgs{\n\t\t\tKey: pulumi.String(key),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewOidcKey(ctx, \"keyOidcKey\", \u0026identity.OidcKeyArgs{\n\t\t\tAlgorithm: pulumi.String(\"RS256\"),\n\t\t\tAllowedClientIds: pulumi.StringArray{\n\t\t\t\trole.ClientId,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.OidcRole;\nimport com.pulumi.vault.identity.OidcRoleArgs;\nimport com.pulumi.vault.identity.OidcKey;\nimport com.pulumi.vault.identity.OidcKeyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var key = config.get(\"key\").orElse(\"key\");\n var role = new OidcRole(\"role\", OidcRoleArgs.builder() \n .key(key)\n .build());\n\n var keyOidcKey = new OidcKey(\"keyOidcKey\", OidcKeyArgs.builder() \n .algorithm(\"RS256\")\n .allowedClientIds(role.clientId())\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n key:\n type: string\n default: key\nresources:\n keyOidcKey:\n type: vault:identity:OidcKey\n properties:\n algorithm: RS256\n allowedClientIds:\n - ${role.clientId}\n role:\n type: vault:identity:OidcRole\n properties:\n key: ${key}\n```\n\nIf you want to create the key first before creating the role, you can use a separate\nresource to configure the allowed Client ID on\nthe key.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst key = new vault.identity.OidcKey(\"key\", {algorithm: \"RS256\"});\nconst roleOidcRole = new vault.identity.OidcRole(\"roleOidcRole\", {key: key.name});\nconst roleOidcKeyAllowedClientID = new vault.identity.OidcKeyAllowedClientID(\"roleOidcKeyAllowedClientID\", {\n keyName: key.name,\n allowedClientId: roleOidcRole.clientId,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nkey = vault.identity.OidcKey(\"key\", algorithm=\"RS256\")\nrole_oidc_role = vault.identity.OidcRole(\"roleOidcRole\", key=key.name)\nrole_oidc_key_allowed_client_id = vault.identity.OidcKeyAllowedClientID(\"roleOidcKeyAllowedClientID\",\n key_name=key.name,\n allowed_client_id=role_oidc_role.client_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var key = new Vault.Identity.OidcKey(\"key\", new()\n {\n Algorithm = \"RS256\",\n });\n\n var roleOidcRole = new Vault.Identity.OidcRole(\"roleOidcRole\", new()\n {\n Key = key.Name,\n });\n\n var roleOidcKeyAllowedClientID = new Vault.Identity.OidcKeyAllowedClientID(\"roleOidcKeyAllowedClientID\", new()\n {\n KeyName = key.Name,\n AllowedClientId = roleOidcRole.ClientId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tkey, err := identity.NewOidcKey(ctx, \"key\", \u0026identity.OidcKeyArgs{\n\t\t\tAlgorithm: pulumi.String(\"RS256\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\troleOidcRole, err := identity.NewOidcRole(ctx, \"roleOidcRole\", \u0026identity.OidcRoleArgs{\n\t\t\tKey: key.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewOidcKeyAllowedClientID(ctx, \"roleOidcKeyAllowedClientID\", \u0026identity.OidcKeyAllowedClientIDArgs{\n\t\t\tKeyName: key.Name,\n\t\t\tAllowedClientId: roleOidcRole.ClientId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.OidcKey;\nimport com.pulumi.vault.identity.OidcKeyArgs;\nimport com.pulumi.vault.identity.OidcRole;\nimport com.pulumi.vault.identity.OidcRoleArgs;\nimport com.pulumi.vault.identity.OidcKeyAllowedClientID;\nimport com.pulumi.vault.identity.OidcKeyAllowedClientIDArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var key = new OidcKey(\"key\", OidcKeyArgs.builder() \n .algorithm(\"RS256\")\n .build());\n\n var roleOidcRole = new OidcRole(\"roleOidcRole\", OidcRoleArgs.builder() \n .key(key.name())\n .build());\n\n var roleOidcKeyAllowedClientID = new OidcKeyAllowedClientID(\"roleOidcKeyAllowedClientID\", OidcKeyAllowedClientIDArgs.builder() \n .keyName(key.name())\n .allowedClientId(roleOidcRole.clientId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n key:\n type: vault:identity:OidcKey\n properties:\n algorithm: RS256\n roleOidcRole:\n type: vault:identity:OidcRole\n properties:\n key: ${key.name}\n roleOidcKeyAllowedClientID:\n type: vault:identity:OidcKeyAllowedClientID\n properties:\n keyName: ${key.name}\n allowedClientId: ${roleOidcRole.clientId}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nThe key can be imported with the role name, for example\n\n```sh\n $ pulumi import vault:identity/oidcRole:OidcRole role role\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\nYou need to create a role with a named key.\nAt creation time, the key can be created independently of the role. However, the key must\nexist before the role can be used to issue tokens. You must also configure the key with the\nrole's Client ID to allow the role to use the key.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new pulumi.Config();\nconst key = config.get(\"key\") || \"key\";\nconst role = new vault.identity.OidcRole(\"role\", {key: key});\nconst keyOidcKey = new vault.identity.OidcKey(\"keyOidcKey\", {\n algorithm: \"RS256\",\n allowedClientIds: [role.clientId],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nconfig = pulumi.Config()\nkey = config.get(\"key\")\nif key is None:\n key = \"key\"\nrole = vault.identity.OidcRole(\"role\", key=key)\nkey_oidc_key = vault.identity.OidcKey(\"keyOidcKey\",\n algorithm=\"RS256\",\n allowed_client_ids=[role.client_id])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var key = config.Get(\"key\") ?? \"key\";\n var role = new Vault.Identity.OidcRole(\"role\", new()\n {\n Key = key,\n });\n\n var keyOidcKey = new Vault.Identity.OidcKey(\"keyOidcKey\", new()\n {\n Algorithm = \"RS256\",\n AllowedClientIds = new[]\n {\n role.ClientId,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tkey := \"key\"\n\t\tif param := cfg.Get(\"key\"); param != \"\" {\n\t\t\tkey = param\n\t\t}\n\t\trole, err := identity.NewOidcRole(ctx, \"role\", \u0026identity.OidcRoleArgs{\n\t\t\tKey: pulumi.String(key),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewOidcKey(ctx, \"keyOidcKey\", \u0026identity.OidcKeyArgs{\n\t\t\tAlgorithm: pulumi.String(\"RS256\"),\n\t\t\tAllowedClientIds: pulumi.StringArray{\n\t\t\t\trole.ClientId,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.OidcRole;\nimport com.pulumi.vault.identity.OidcRoleArgs;\nimport com.pulumi.vault.identity.OidcKey;\nimport com.pulumi.vault.identity.OidcKeyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var key = config.get(\"key\").orElse(\"key\");\n var role = new OidcRole(\"role\", OidcRoleArgs.builder() \n .key(key)\n .build());\n\n var keyOidcKey = new OidcKey(\"keyOidcKey\", OidcKeyArgs.builder() \n .algorithm(\"RS256\")\n .allowedClientIds(role.clientId())\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n key:\n type: string\n default: key\nresources:\n keyOidcKey:\n type: vault:identity:OidcKey\n properties:\n algorithm: RS256\n allowedClientIds:\n - ${role.clientId}\n role:\n type: vault:identity:OidcRole\n properties:\n key: ${key}\n```\n\nIf you want to create the key first before creating the role, you can use a separate\nresource to configure the allowed Client ID on\nthe key.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst key = new vault.identity.OidcKey(\"key\", {algorithm: \"RS256\"});\nconst roleOidcRole = new vault.identity.OidcRole(\"roleOidcRole\", {key: key.name});\nconst roleOidcKeyAllowedClientID = new vault.identity.OidcKeyAllowedClientID(\"roleOidcKeyAllowedClientID\", {\n keyName: key.name,\n allowedClientId: roleOidcRole.clientId,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nkey = vault.identity.OidcKey(\"key\", algorithm=\"RS256\")\nrole_oidc_role = vault.identity.OidcRole(\"roleOidcRole\", key=key.name)\nrole_oidc_key_allowed_client_id = vault.identity.OidcKeyAllowedClientID(\"roleOidcKeyAllowedClientID\",\n key_name=key.name,\n allowed_client_id=role_oidc_role.client_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var key = new Vault.Identity.OidcKey(\"key\", new()\n {\n Algorithm = \"RS256\",\n });\n\n var roleOidcRole = new Vault.Identity.OidcRole(\"roleOidcRole\", new()\n {\n Key = key.Name,\n });\n\n var roleOidcKeyAllowedClientID = new Vault.Identity.OidcKeyAllowedClientID(\"roleOidcKeyAllowedClientID\", new()\n {\n KeyName = key.Name,\n AllowedClientId = roleOidcRole.ClientId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tkey, err := identity.NewOidcKey(ctx, \"key\", \u0026identity.OidcKeyArgs{\n\t\t\tAlgorithm: pulumi.String(\"RS256\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\troleOidcRole, err := identity.NewOidcRole(ctx, \"roleOidcRole\", \u0026identity.OidcRoleArgs{\n\t\t\tKey: key.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewOidcKeyAllowedClientID(ctx, \"roleOidcKeyAllowedClientID\", \u0026identity.OidcKeyAllowedClientIDArgs{\n\t\t\tKeyName: key.Name,\n\t\t\tAllowedClientId: roleOidcRole.ClientId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.OidcKey;\nimport com.pulumi.vault.identity.OidcKeyArgs;\nimport com.pulumi.vault.identity.OidcRole;\nimport com.pulumi.vault.identity.OidcRoleArgs;\nimport com.pulumi.vault.identity.OidcKeyAllowedClientID;\nimport com.pulumi.vault.identity.OidcKeyAllowedClientIDArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var key = new OidcKey(\"key\", OidcKeyArgs.builder() \n .algorithm(\"RS256\")\n .build());\n\n var roleOidcRole = new OidcRole(\"roleOidcRole\", OidcRoleArgs.builder() \n .key(key.name())\n .build());\n\n var roleOidcKeyAllowedClientID = new OidcKeyAllowedClientID(\"roleOidcKeyAllowedClientID\", OidcKeyAllowedClientIDArgs.builder() \n .keyName(key.name())\n .allowedClientId(roleOidcRole.clientId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n key:\n type: vault:identity:OidcKey\n properties:\n algorithm: RS256\n roleOidcRole:\n type: vault:identity:OidcRole\n properties:\n key: ${key.name}\n roleOidcKeyAllowedClientID:\n type: vault:identity:OidcKeyAllowedClientID\n properties:\n keyName: ${key.name}\n allowedClientId: ${roleOidcRole.clientId}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nThe key can be imported with the role name, for example:\n\n```sh\n $ pulumi import vault:identity/oidcRole:OidcRole role role\n```\n ", "properties": { "clientId": { "type": "string", @@ -17414,7 +14543,7 @@ } }, "vault:identity/oidcScope:OidcScope": { - "description": "Manages OIDC Scopes in a Vault server. See the [Vault documentation](https://www.vaultproject.io/api-docs/secret/identity/oidc-provider#create-or-update-a-scope)\nfor more information.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst groups = new vault.identity.OidcScope(\"groups\", {\n description: \"Vault OIDC Groups Scope\",\n template: \"{\\\"groups\\\":{{identity.entity.groups.names}}}\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ngroups = vault.identity.OidcScope(\"groups\",\n description=\"Vault OIDC Groups Scope\",\n template=\"{\\\"groups\\\":{{identity.entity.groups.names}}}\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var groups = new Vault.Identity.OidcScope(\"groups\", new()\n {\n Description = \"Vault OIDC Groups Scope\",\n Template = \"{\\\"groups\\\":{{identity.entity.groups.names}}}\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := identity.NewOidcScope(ctx, \"groups\", \u0026identity.OidcScopeArgs{\n\t\t\tDescription: pulumi.String(\"Vault OIDC Groups Scope\"),\n\t\t\tTemplate: pulumi.String(\"{\\\"groups\\\":{{identity.entity.groups.names}}}\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.OidcScope;\nimport com.pulumi.vault.identity.OidcScopeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var groups = new OidcScope(\"groups\", OidcScopeArgs.builder() \n .description(\"Vault OIDC Groups Scope\")\n .template(\"{\\\"groups\\\":{{identity.entity.groups.names}}}\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n groups:\n type: vault:identity:OidcScope\n properties:\n description: Vault OIDC Groups Scope\n template: '{\"groups\":{{identity.entity.groups.names}}}'\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nOIDC Scopes can be imported using the `name`, e.g.\n\n```sh\n $ pulumi import vault:identity/oidcScope:OidcScope groups groups\n```\n\n ", + "description": "Manages OIDC Scopes in a Vault server. See the [Vault documentation](https://www.vaultproject.io/api-docs/secret/identity/oidc-provider#create-or-update-a-scope)\nfor more information.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst groups = new vault.identity.OidcScope(\"groups\", {\n description: \"Vault OIDC Groups Scope\",\n template: \"{\\\"groups\\\":{{identity.entity.groups.names}}}\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ngroups = vault.identity.OidcScope(\"groups\",\n description=\"Vault OIDC Groups Scope\",\n template=\"{\\\"groups\\\":{{identity.entity.groups.names}}}\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var groups = new Vault.Identity.OidcScope(\"groups\", new()\n {\n Description = \"Vault OIDC Groups Scope\",\n Template = \"{\\\"groups\\\":{{identity.entity.groups.names}}}\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := identity.NewOidcScope(ctx, \"groups\", \u0026identity.OidcScopeArgs{\n\t\t\tDescription: pulumi.String(\"Vault OIDC Groups Scope\"),\n\t\t\tTemplate: pulumi.String(\"{\\\"groups\\\":{{identity.entity.groups.names}}}\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.OidcScope;\nimport com.pulumi.vault.identity.OidcScopeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var groups = new OidcScope(\"groups\", OidcScopeArgs.builder() \n .description(\"Vault OIDC Groups Scope\")\n .template(\"{\\\"groups\\\":{{identity.entity.groups.names}}}\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n groups:\n type: vault:identity:OidcScope\n properties:\n description: Vault OIDC Groups Scope\n template: '{\"groups\":{{identity.entity.groups.names}}}'\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nOIDC Scopes can be imported using the `name`, e.g.\n\n```sh\n $ pulumi import vault:identity/oidcScope:OidcScope groups groups\n```\n ", "properties": { "description": { "type": "string", @@ -17482,7 +14611,7 @@ } }, "vault:index/audit:Audit": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n### File Audit Device)\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst test = new vault.Audit(\"test\", {\n options: {\n file_path: \"C:/temp/audit.txt\",\n },\n type: \"file\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest = vault.Audit(\"test\",\n options={\n \"file_path\": \"C:/temp/audit.txt\",\n },\n type=\"file\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Vault.Audit(\"test\", new()\n {\n Options = \n {\n { \"file_path\", \"C:/temp/audit.txt\" },\n },\n Type = \"file\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewAudit(ctx, \"test\", \u0026vault.AuditArgs{\n\t\t\tOptions: pulumi.StringMap{\n\t\t\t\t\"file_path\": pulumi.String(\"C:/temp/audit.txt\"),\n\t\t\t},\n\t\t\tType: pulumi.String(\"file\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Audit;\nimport com.pulumi.vault.AuditArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Audit(\"test\", AuditArgs.builder() \n .options(Map.of(\"file_path\", \"C:/temp/audit.txt\"))\n .type(\"file\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: vault:Audit\n properties:\n options:\n file_path: C:/temp/audit.txt\n type: file\n```\n\n{{% /example %}}\n{{% example %}}\n### Socket Audit Device)\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst test = new vault.Audit(\"test\", {\n local: false,\n options: {\n address: \"127.0.0.1:8000\",\n description: \"application x socket\",\n socket_type: \"tcp\",\n },\n path: \"app_socket\",\n type: \"socket\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest = vault.Audit(\"test\",\n local=False,\n options={\n \"address\": \"127.0.0.1:8000\",\n \"description\": \"application x socket\",\n \"socket_type\": \"tcp\",\n },\n path=\"app_socket\",\n type=\"socket\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Vault.Audit(\"test\", new()\n {\n Local = false,\n Options = \n {\n { \"address\", \"127.0.0.1:8000\" },\n { \"description\", \"application x socket\" },\n { \"socket_type\", \"tcp\" },\n },\n Path = \"app_socket\",\n Type = \"socket\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewAudit(ctx, \"test\", \u0026vault.AuditArgs{\n\t\t\tLocal: pulumi.Bool(false),\n\t\t\tOptions: pulumi.StringMap{\n\t\t\t\t\"address\": pulumi.String(\"127.0.0.1:8000\"),\n\t\t\t\t\"description\": pulumi.String(\"application x socket\"),\n\t\t\t\t\"socket_type\": pulumi.String(\"tcp\"),\n\t\t\t},\n\t\t\tPath: pulumi.String(\"app_socket\"),\n\t\t\tType: pulumi.String(\"socket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Audit;\nimport com.pulumi.vault.AuditArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Audit(\"test\", AuditArgs.builder() \n .local(false)\n .options(Map.ofEntries(\n Map.entry(\"address\", \"127.0.0.1:8000\"),\n Map.entry(\"description\", \"application x socket\"),\n Map.entry(\"socket_type\", \"tcp\")\n ))\n .path(\"app_socket\")\n .type(\"socket\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: vault:Audit\n properties:\n local: false\n options:\n address: 127.0.0.1:8000\n description: application x socket\n socket_type: tcp\n path: app_socket\n type: socket\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAudit devices can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:index/audit:Audit test syslog\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n### File Audit Device)\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst test = new vault.Audit(\"test\", {\n options: {\n file_path: \"C:/temp/audit.txt\",\n },\n type: \"file\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest = vault.Audit(\"test\",\n options={\n \"file_path\": \"C:/temp/audit.txt\",\n },\n type=\"file\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Vault.Audit(\"test\", new()\n {\n Options = \n {\n { \"file_path\", \"C:/temp/audit.txt\" },\n },\n Type = \"file\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewAudit(ctx, \"test\", \u0026vault.AuditArgs{\n\t\t\tOptions: pulumi.StringMap{\n\t\t\t\t\"file_path\": pulumi.String(\"C:/temp/audit.txt\"),\n\t\t\t},\n\t\t\tType: pulumi.String(\"file\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Audit;\nimport com.pulumi.vault.AuditArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Audit(\"test\", AuditArgs.builder() \n .options(Map.of(\"file_path\", \"C:/temp/audit.txt\"))\n .type(\"file\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: vault:Audit\n properties:\n options:\n file_path: C:/temp/audit.txt\n type: file\n```\n\n{{% /example %}}\n{{% example %}}\n### Socket Audit Device)\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst test = new vault.Audit(\"test\", {\n local: false,\n options: {\n address: \"127.0.0.1:8000\",\n description: \"application x socket\",\n socket_type: \"tcp\",\n },\n path: \"app_socket\",\n type: \"socket\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest = vault.Audit(\"test\",\n local=False,\n options={\n \"address\": \"127.0.0.1:8000\",\n \"description\": \"application x socket\",\n \"socket_type\": \"tcp\",\n },\n path=\"app_socket\",\n type=\"socket\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Vault.Audit(\"test\", new()\n {\n Local = false,\n Options = \n {\n { \"address\", \"127.0.0.1:8000\" },\n { \"description\", \"application x socket\" },\n { \"socket_type\", \"tcp\" },\n },\n Path = \"app_socket\",\n Type = \"socket\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewAudit(ctx, \"test\", \u0026vault.AuditArgs{\n\t\t\tLocal: pulumi.Bool(false),\n\t\t\tOptions: pulumi.StringMap{\n\t\t\t\t\"address\": pulumi.String(\"127.0.0.1:8000\"),\n\t\t\t\t\"description\": pulumi.String(\"application x socket\"),\n\t\t\t\t\"socket_type\": pulumi.String(\"tcp\"),\n\t\t\t},\n\t\t\tPath: pulumi.String(\"app_socket\"),\n\t\t\tType: pulumi.String(\"socket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Audit;\nimport com.pulumi.vault.AuditArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Audit(\"test\", AuditArgs.builder() \n .local(false)\n .options(Map.ofEntries(\n Map.entry(\"address\", \"127.0.0.1:8000\"),\n Map.entry(\"description\", \"application x socket\"),\n Map.entry(\"socket_type\", \"tcp\")\n ))\n .path(\"app_socket\")\n .type(\"socket\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: vault:Audit\n properties:\n local: false\n options:\n address: 127.0.0.1:8000\n description: application x socket\n socket_type: tcp\n path: app_socket\n type: socket\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nAudit devices can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:index/audit:Audit test syslog\n```\n ", "properties": { "description": { "type": "string", @@ -17501,7 +14630,7 @@ "additionalProperties": { "type": "string" }, - "description": "Configuration options to pass to the audit device itself.\n" + "description": "Configuration options to pass to the audit device itself.\n\nFor a reference of the device types and their options, consult the [Vault documentation.](https://www.vaultproject.io/docs/audit/index.html)\n" }, "path": { "type": "string", @@ -17538,7 +14667,7 @@ "additionalProperties": { "type": "string" }, - "description": "Configuration options to pass to the audit device itself.\n", + "description": "Configuration options to pass to the audit device itself.\n\nFor a reference of the device types and their options, consult the [Vault documentation.](https://www.vaultproject.io/docs/audit/index.html)\n", "willReplaceOnChanges": true }, "path": { @@ -17579,7 +14708,7 @@ "additionalProperties": { "type": "string" }, - "description": "Configuration options to pass to the audit device itself.\n", + "description": "Configuration options to pass to the audit device itself.\n\nFor a reference of the device types and their options, consult the [Vault documentation.](https://www.vaultproject.io/docs/audit/index.html)\n", "willReplaceOnChanges": true }, "path": { @@ -17597,7 +14726,7 @@ } }, "vault:index/auditRequestHeader:AuditRequestHeader": { - "description": "Manages additional request headers that appear in audited requests.\n\n\u003e **Note**\nBecause of the way the [sys/config/auditing/request-headers API](https://www.vaultproject.io/api-docs/system/config-auditing)\nis implemented in Vault, this resource will manage existing audited headers with\nmatching names without requiring import.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst xForwardedFor = new vault.AuditRequestHeader(\"x_forwarded_for\", {\n hmac: false,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nx_forwarded_for = vault.AuditRequestHeader(\"xForwardedFor\", hmac=False)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var xForwardedFor = new Vault.AuditRequestHeader(\"xForwardedFor\", new()\n {\n Hmac = false,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewAuditRequestHeader(ctx, \"xForwardedFor\", \u0026vault.AuditRequestHeaderArgs{\n\t\t\tHmac: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuditRequestHeader;\nimport com.pulumi.vault.AuditRequestHeaderArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var xForwardedFor = new AuditRequestHeader(\"xForwardedFor\", AuditRequestHeaderArgs.builder() \n .hmac(false)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n xForwardedFor:\n type: vault:AuditRequestHeader\n properties:\n hmac: false\n```\n{{% /example %}}\n{{% /examples %}}", + "description": "Manages additional request headers that appear in audited requests.\n\n\u003e **Note**\nBecause of the way the [sys/config/auditing/request-headers API](https://www.vaultproject.io/api-docs/system/config-auditing)\nis implemented in Vault, this resource will manage existing audited headers with\nmatching names without requiring import.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst xForwardedFor = new vault.AuditRequestHeader(\"xForwardedFor\", {hmac: false});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nx_forwarded_for = vault.AuditRequestHeader(\"xForwardedFor\", hmac=False)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var xForwardedFor = new Vault.AuditRequestHeader(\"xForwardedFor\", new()\n {\n Hmac = false,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewAuditRequestHeader(ctx, \"xForwardedFor\", \u0026vault.AuditRequestHeaderArgs{\n\t\t\tHmac: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuditRequestHeader;\nimport com.pulumi.vault.AuditRequestHeaderArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var xForwardedFor = new AuditRequestHeader(\"xForwardedFor\", AuditRequestHeaderArgs.builder() \n .hmac(false)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n xForwardedFor:\n type: vault:AuditRequestHeader\n properties:\n hmac: false\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "hmac": { "type": "boolean", @@ -17653,7 +14782,7 @@ } }, "vault:index/authBackend:AuthBackend": { - "description": "\n\n\n## Import\n\nAuth methods can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:index/authBackend:AuthBackend example github\n```\n\n ", + "description": "\n\n\n## Import\n\nAuth methods can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:index/authBackend:AuthBackend example github\n```\n ", "properties": { "accessor": { "type": "string", @@ -17681,7 +14810,7 @@ }, "tune": { "$ref": "#/types/vault:index/AuthBackendTune:AuthBackendTune", - "description": "Extra configuration block. Structure is documented below.\n" + "description": "Extra configuration block. Structure is documented below.\n\nThe `tune` block is used to tune the auth backend:\n" }, "type": { "type": "string", @@ -17719,7 +14848,7 @@ }, "tune": { "$ref": "#/types/vault:index/AuthBackendTune:AuthBackendTune", - "description": "Extra configuration block. Structure is documented below.\n" + "description": "Extra configuration block. Structure is documented below.\n\nThe `tune` block is used to tune the auth backend:\n" }, "type": { "type": "string", @@ -17761,7 +14890,7 @@ }, "tune": { "$ref": "#/types/vault:index/AuthBackendTune:AuthBackendTune", - "description": "Extra configuration block. Structure is documented below.\n" + "description": "Extra configuration block. Structure is documented below.\n\nThe `tune` block is used to tune the auth backend:\n" }, "type": { "type": "string", @@ -17773,7 +14902,7 @@ } }, "vault:index/certAuthBackendRole:CertAuthBackendRole": { - "description": "Provides a resource to create a role in an [Cert auth backend within Vault](https://www.vaultproject.io/docs/auth/cert.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as fs from \"fs\";\nimport * as vault from \"@pulumi/vault\";\n\nconst certAuthBackend = new vault.AuthBackend(\"certAuthBackend\", {\n path: \"cert\",\n type: \"cert\",\n});\nconst certCertAuthBackendRole = new vault.CertAuthBackendRole(\"certCertAuthBackendRole\", {\n certificate: fs.readFileSync(\"/path/to/certs/ca-cert.pem\"),\n backend: certAuthBackend.path,\n allowedNames: [\n \"foo.example.org\",\n \"baz.example.org\",\n ],\n tokenTtl: 300,\n tokenMaxTtl: 600,\n tokenPolicies: [\"foo\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ncert_auth_backend = vault.AuthBackend(\"certAuthBackend\",\n path=\"cert\",\n type=\"cert\")\ncert_cert_auth_backend_role = vault.CertAuthBackendRole(\"certCertAuthBackendRole\",\n certificate=(lambda path: open(path).read())(\"/path/to/certs/ca-cert.pem\"),\n backend=cert_auth_backend.path,\n allowed_names=[\n \"foo.example.org\",\n \"baz.example.org\",\n ],\n token_ttl=300,\n token_max_ttl=600,\n token_policies=[\"foo\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.IO;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var certAuthBackend = new Vault.AuthBackend(\"certAuthBackend\", new()\n {\n Path = \"cert\",\n Type = \"cert\",\n });\n\n var certCertAuthBackendRole = new Vault.CertAuthBackendRole(\"certCertAuthBackendRole\", new()\n {\n Certificate = File.ReadAllText(\"/path/to/certs/ca-cert.pem\"),\n Backend = certAuthBackend.Path,\n AllowedNames = new[]\n {\n \"foo.example.org\",\n \"baz.example.org\",\n },\n TokenTtl = 300,\n TokenMaxTtl = 600,\n TokenPolicies = new[]\n {\n \"foo\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"io/ioutil\"\n\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc readFileOrPanic(path string) pulumi.StringPtrInput {\n\tdata, err := ioutil.ReadFile(path)\n\tif err != nil {\n\t\tpanic(err.Error())\n\t}\n\treturn pulumi.String(string(data))\n}\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcertAuthBackend, err := vault.NewAuthBackend(ctx, \"certAuthBackend\", \u0026vault.AuthBackendArgs{\n\t\t\tPath: pulumi.String(\"cert\"),\n\t\t\tType: pulumi.String(\"cert\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = vault.NewCertAuthBackendRole(ctx, \"certCertAuthBackendRole\", \u0026vault.CertAuthBackendRoleArgs{\n\t\t\tCertificate: readFileOrPanic(\"/path/to/certs/ca-cert.pem\"),\n\t\t\tBackend: certAuthBackend.Path,\n\t\t\tAllowedNames: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"foo.example.org\"),\n\t\t\t\tpulumi.String(\"baz.example.org\"),\n\t\t\t},\n\t\t\tTokenTtl: pulumi.Int(300),\n\t\t\tTokenMaxTtl: pulumi.Int(600),\n\t\t\tTokenPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"foo\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.CertAuthBackendRole;\nimport com.pulumi.vault.CertAuthBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var certAuthBackend = new AuthBackend(\"certAuthBackend\", AuthBackendArgs.builder() \n .path(\"cert\")\n .type(\"cert\")\n .build());\n\n var certCertAuthBackendRole = new CertAuthBackendRole(\"certCertAuthBackendRole\", CertAuthBackendRoleArgs.builder() \n .certificate(Files.readString(Paths.get(\"/path/to/certs/ca-cert.pem\")))\n .backend(certAuthBackend.path())\n .allowedNames( \n \"foo.example.org\",\n \"baz.example.org\")\n .tokenTtl(300)\n .tokenMaxTtl(600)\n .tokenPolicies(\"foo\")\n .build());\n\n }\n}\n```\n{{% /example %}}\n{{% /examples %}}", + "description": "Provides a resource to create a role in an [Cert auth backend within Vault](https://www.vaultproject.io/docs/auth/cert.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as fs from \"fs\";\nimport * as vault from \"@pulumi/vault\";\n\nconst certAuthBackend = new vault.AuthBackend(\"certAuthBackend\", {\n path: \"cert\",\n type: \"cert\",\n});\nconst certCertAuthBackendRole = new vault.CertAuthBackendRole(\"certCertAuthBackendRole\", {\n certificate: fs.readFileSync(\"/path/to/certs/ca-cert.pem\"),\n backend: certAuthBackend.path,\n allowedNames: [\n \"foo.example.org\",\n \"baz.example.org\",\n ],\n tokenTtl: 300,\n tokenMaxTtl: 600,\n tokenPolicies: [\"foo\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ncert_auth_backend = vault.AuthBackend(\"certAuthBackend\",\n path=\"cert\",\n type=\"cert\")\ncert_cert_auth_backend_role = vault.CertAuthBackendRole(\"certCertAuthBackendRole\",\n certificate=(lambda path: open(path).read())(\"/path/to/certs/ca-cert.pem\"),\n backend=cert_auth_backend.path,\n allowed_names=[\n \"foo.example.org\",\n \"baz.example.org\",\n ],\n token_ttl=300,\n token_max_ttl=600,\n token_policies=[\"foo\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.IO;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var certAuthBackend = new Vault.AuthBackend(\"certAuthBackend\", new()\n {\n Path = \"cert\",\n Type = \"cert\",\n });\n\n var certCertAuthBackendRole = new Vault.CertAuthBackendRole(\"certCertAuthBackendRole\", new()\n {\n Certificate = File.ReadAllText(\"/path/to/certs/ca-cert.pem\"),\n Backend = certAuthBackend.Path,\n AllowedNames = new[]\n {\n \"foo.example.org\",\n \"baz.example.org\",\n },\n TokenTtl = 300,\n TokenMaxTtl = 600,\n TokenPolicies = new[]\n {\n \"foo\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"os\"\n\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc readFileOrPanic(path string) pulumi.StringPtrInput {\n\tdata, err := os.ReadFile(path)\n\tif err != nil {\n\t\tpanic(err.Error())\n\t}\n\treturn pulumi.String(string(data))\n}\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcertAuthBackend, err := vault.NewAuthBackend(ctx, \"certAuthBackend\", \u0026vault.AuthBackendArgs{\n\t\t\tPath: pulumi.String(\"cert\"),\n\t\t\tType: pulumi.String(\"cert\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = vault.NewCertAuthBackendRole(ctx, \"certCertAuthBackendRole\", \u0026vault.CertAuthBackendRoleArgs{\n\t\t\tCertificate: readFileOrPanic(\"/path/to/certs/ca-cert.pem\"),\n\t\t\tBackend: certAuthBackend.Path,\n\t\t\tAllowedNames: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"foo.example.org\"),\n\t\t\t\tpulumi.String(\"baz.example.org\"),\n\t\t\t},\n\t\t\tTokenTtl: pulumi.Int(300),\n\t\t\tTokenMaxTtl: pulumi.Int(600),\n\t\t\tTokenPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"foo\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.CertAuthBackendRole;\nimport com.pulumi.vault.CertAuthBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var certAuthBackend = new AuthBackend(\"certAuthBackend\", AuthBackendArgs.builder() \n .path(\"cert\")\n .type(\"cert\")\n .build());\n\n var certCertAuthBackendRole = new CertAuthBackendRole(\"certCertAuthBackendRole\", CertAuthBackendRoleArgs.builder() \n .certificate(Files.readString(Paths.get(\"/path/to/certs/ca-cert.pem\")))\n .backend(certAuthBackend.path())\n .allowedNames( \n \"foo.example.org\",\n \"baz.example.org\")\n .tokenTtl(300)\n .tokenMaxTtl(600)\n .tokenPolicies(\"foo\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n certAuthBackend:\n type: vault:AuthBackend\n properties:\n path: cert\n type: cert\n certCertAuthBackendRole:\n type: vault:CertAuthBackendRole\n properties:\n certificate:\n fn::readFile: /path/to/certs/ca-cert.pem\n backend: ${certAuthBackend.path}\n allowedNames:\n - foo.example.org\n - baz.example.org\n tokenTtl: 300\n tokenMaxTtl: 600\n tokenPolicies:\n - foo\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "allowedCommonNames": { "type": "array", @@ -17844,12 +14973,35 @@ "type": "string", "description": "The namespace to provision the resource in.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n" }, + "ocspCaCertificates": { + "type": "string", + "description": "Any additional CA certificates\nneeded to verify OCSP responses. Provided as base64 encoded PEM data.\nRequires Vault version 1.13+.\n" + }, + "ocspEnabled": { + "type": "boolean", + "description": "If enabled, validate certificates'\nrevocation status using OCSP. Requires Vault version 1.13+.\n" + }, + "ocspFailOpen": { + "type": "boolean", + "description": "If true and an OCSP response cannot\nbe fetched or is of an unknown status, the login will proceed as if the\ncertificate has not been revoked.\nRequires Vault version 1.13+.\n" + }, + "ocspQueryAllServers": { + "type": "boolean", + "description": "If set to true, rather than\naccepting the first successful OCSP response, query all servers and consider\nthe certificate valid only if all servers agree.\nRequires Vault version 1.13+.\n" + }, + "ocspServersOverrides": { + "type": "array", + "items": { + "type": "string" + }, + "description": ": A comma-separated list of OCSP\nserver addresses. If unset, the OCSP server is determined from the\nAuthorityInformationAccess extension on the certificate being inspected.\nRequires Vault version 1.13+.\n" + }, "requiredExtensions": { "type": "array", "items": { "type": "string" }, - "description": "TLS extensions required on client certificates\n" + "description": "TLS extensions required on\nclient certificates\n" }, "tokenBoundCidrs": { "type": "array", @@ -17891,7 +15043,7 @@ }, "tokenType": { "type": "string", - "description": "The type of token that should be generated. Can be `service`,\n`batch`, or `default` to use the mount's tuned default (which unless changed will be\n`service` tokens). For token store roles, there are two additional possibilities:\n`default-service` and `default-batch` which specify the type to return unless the client\nrequests a different type at generation time.\n" + "description": "The type of token that should be generated. Can be `service`,\n`batch`, or `default` to use the mount's tuned default (which unless changed will be\n`service` tokens). For token store roles, there are two additional possibilities:\n`default-service` and `default-batch` which specify the type to return unless the client\nrequests a different type at generation time.\n\nFor more details on the usage of each argument consult the [Vault Cert API documentation](https://www.vaultproject.io/api-docs/auth/cert).\n" } }, "required": [ @@ -17904,6 +15056,9 @@ "certificate", "displayName", "name", + "ocspEnabled", + "ocspFailOpen", + "ocspQueryAllServers", "requiredExtensions" ], "inputProperties": { @@ -17980,12 +15135,35 @@ "description": "The namespace to provision the resource in.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n", "willReplaceOnChanges": true }, + "ocspCaCertificates": { + "type": "string", + "description": "Any additional CA certificates\nneeded to verify OCSP responses. Provided as base64 encoded PEM data.\nRequires Vault version 1.13+.\n" + }, + "ocspEnabled": { + "type": "boolean", + "description": "If enabled, validate certificates'\nrevocation status using OCSP. Requires Vault version 1.13+.\n" + }, + "ocspFailOpen": { + "type": "boolean", + "description": "If true and an OCSP response cannot\nbe fetched or is of an unknown status, the login will proceed as if the\ncertificate has not been revoked.\nRequires Vault version 1.13+.\n" + }, + "ocspQueryAllServers": { + "type": "boolean", + "description": "If set to true, rather than\naccepting the first successful OCSP response, query all servers and consider\nthe certificate valid only if all servers agree.\nRequires Vault version 1.13+.\n" + }, + "ocspServersOverrides": { + "type": "array", + "items": { + "type": "string" + }, + "description": ": A comma-separated list of OCSP\nserver addresses. If unset, the OCSP server is determined from the\nAuthorityInformationAccess extension on the certificate being inspected.\nRequires Vault version 1.13+.\n" + }, "requiredExtensions": { "type": "array", "items": { "type": "string" }, - "description": "TLS extensions required on client certificates\n" + "description": "TLS extensions required on\nclient certificates\n" }, "tokenBoundCidrs": { "type": "array", @@ -18027,7 +15205,7 @@ }, "tokenType": { "type": "string", - "description": "The type of token that should be generated. Can be `service`,\n`batch`, or `default` to use the mount's tuned default (which unless changed will be\n`service` tokens). For token store roles, there are two additional possibilities:\n`default-service` and `default-batch` which specify the type to return unless the client\nrequests a different type at generation time.\n" + "description": "The type of token that should be generated. Can be `service`,\n`batch`, or `default` to use the mount's tuned default (which unless changed will be\n`service` tokens). For token store roles, there are two additional possibilities:\n`default-service` and `default-batch` which specify the type to return unless the client\nrequests a different type at generation time.\n\nFor more details on the usage of each argument consult the [Vault Cert API documentation](https://www.vaultproject.io/api-docs/auth/cert).\n" } }, "requiredInputs": [ @@ -18109,12 +15287,35 @@ "description": "The namespace to provision the resource in.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n", "willReplaceOnChanges": true }, + "ocspCaCertificates": { + "type": "string", + "description": "Any additional CA certificates\nneeded to verify OCSP responses. Provided as base64 encoded PEM data.\nRequires Vault version 1.13+.\n" + }, + "ocspEnabled": { + "type": "boolean", + "description": "If enabled, validate certificates'\nrevocation status using OCSP. Requires Vault version 1.13+.\n" + }, + "ocspFailOpen": { + "type": "boolean", + "description": "If true and an OCSP response cannot\nbe fetched or is of an unknown status, the login will proceed as if the\ncertificate has not been revoked.\nRequires Vault version 1.13+.\n" + }, + "ocspQueryAllServers": { + "type": "boolean", + "description": "If set to true, rather than\naccepting the first successful OCSP response, query all servers and consider\nthe certificate valid only if all servers agree.\nRequires Vault version 1.13+.\n" + }, + "ocspServersOverrides": { + "type": "array", + "items": { + "type": "string" + }, + "description": ": A comma-separated list of OCSP\nserver addresses. If unset, the OCSP server is determined from the\nAuthorityInformationAccess extension on the certificate being inspected.\nRequires Vault version 1.13+.\n" + }, "requiredExtensions": { "type": "array", "items": { "type": "string" }, - "description": "TLS extensions required on client certificates\n" + "description": "TLS extensions required on\nclient certificates\n" }, "tokenBoundCidrs": { "type": "array", @@ -18156,14 +15357,14 @@ }, "tokenType": { "type": "string", - "description": "The type of token that should be generated. Can be `service`,\n`batch`, or `default` to use the mount's tuned default (which unless changed will be\n`service` tokens). For token store roles, there are two additional possibilities:\n`default-service` and `default-batch` which specify the type to return unless the client\nrequests a different type at generation time.\n" + "description": "The type of token that should be generated. Can be `service`,\n`batch`, or `default` to use the mount's tuned default (which unless changed will be\n`service` tokens). For token store roles, there are two additional possibilities:\n`default-service` and `default-batch` which specify the type to return unless the client\nrequests a different type at generation time.\n\nFor more details on the usage of each argument consult the [Vault Cert API documentation](https://www.vaultproject.io/api-docs/auth/cert).\n" } }, "type": "object" } }, "vault:index/egpPolicy:EgpPolicy": { - "description": "Provides a resource to manage Endpoint Governing Policy (EGP) via [Sentinel](https://www.vaultproject.io/docs/enterprise/sentinel/index.html).\n\n**Note** this feature is available only with Vault Enterprise.\n\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst allow_all = new vault.EgpPolicy(\"allow-all\", {\n enforcementLevel: \"soft-mandatory\",\n paths: [\"*\"],\n policy: `main = rule {\n true\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nallow_all = vault.EgpPolicy(\"allow-all\",\n enforcement_level=\"soft-mandatory\",\n paths=[\"*\"],\n policy=\"\"\"main = rule {\n true\n}\n\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var allow_all = new Vault.EgpPolicy(\"allow-all\", new()\n {\n EnforcementLevel = \"soft-mandatory\",\n Paths = new[]\n {\n \"*\",\n },\n Policy = @\"main = rule {\n true\n}\n\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewEgpPolicy(ctx, \"allow-all\", \u0026vault.EgpPolicyArgs{\n\t\t\tEnforcementLevel: pulumi.String(\"soft-mandatory\"),\n\t\t\tPaths: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"*\"),\n\t\t\t},\n\t\t\tPolicy: pulumi.String(\"main = rule {\\n true\\n}\\n\\n\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.EgpPolicy;\nimport com.pulumi.vault.EgpPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var allow_all = new EgpPolicy(\"allow-all\", EgpPolicyArgs.builder() \n .enforcementLevel(\"soft-mandatory\")\n .paths(\"*\")\n .policy(\"\"\"\nmain = rule {\n true\n}\n\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n allow-all:\n type: vault:EgpPolicy\n properties:\n enforcementLevel: soft-mandatory\n paths:\n - '*'\n policy: |+\n main = rule {\n true\n }\n```\n{{% /example %}}\n{{% /examples %}}", + "description": "Provides a resource to manage Endpoint Governing Policy (EGP) via [Sentinel](https://www.vaultproject.io/docs/enterprise/sentinel/index.html).\n\n**Note** this feature is available only with Vault Enterprise.\n\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst allow_all = new vault.EgpPolicy(\"allow-all\", {\n enforcementLevel: \"soft-mandatory\",\n paths: [\"*\"],\n policy: `main = rule {\n true\n}\n\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nallow_all = vault.EgpPolicy(\"allow-all\",\n enforcement_level=\"soft-mandatory\",\n paths=[\"*\"],\n policy=\"\"\"main = rule {\n true\n}\n\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var allow_all = new Vault.EgpPolicy(\"allow-all\", new()\n {\n EnforcementLevel = \"soft-mandatory\",\n Paths = new[]\n {\n \"*\",\n },\n Policy = @\"main = rule {\n true\n}\n\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewEgpPolicy(ctx, \"allow-all\", \u0026vault.EgpPolicyArgs{\n\t\t\tEnforcementLevel: pulumi.String(\"soft-mandatory\"),\n\t\t\tPaths: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"*\"),\n\t\t\t},\n\t\t\tPolicy: pulumi.String(\"main = rule {\\n true\\n}\\n\\n\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.EgpPolicy;\nimport com.pulumi.vault.EgpPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var allow_all = new EgpPolicy(\"allow-all\", EgpPolicyArgs.builder() \n .enforcementLevel(\"soft-mandatory\")\n .paths(\"*\")\n .policy(\"\"\"\nmain = rule {\n true\n}\n\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n allow-all:\n type: vault:EgpPolicy\n properties:\n enforcementLevel: soft-mandatory\n paths:\n - '*'\n policy: |+\n main = rule {\n true\n }\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "enforcementLevel": { "type": "string", @@ -18260,7 +15461,7 @@ } }, "vault:index/mfaDuo:MfaDuo": { - "description": "Provides a resource to manage [Duo MFA](https://www.vaultproject.io/docs/enterprise/mfa/mfa-duo.html).\n\n**Note** this feature is available only with Vault Enterprise.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst userpass = new vault.AuthBackend(\"userpass\", {\n type: \"userpass\",\n path: \"userpass\",\n});\nconst myDuo = new vault.MfaDuo(\"myDuo\", {\n mountAccessor: userpass.accessor,\n secretKey: \"8C7THtrIigh2rPZQMbguugt8IUftWhMRCOBzbuyz\",\n integrationKey: \"BIACEUEAXI20BNWTEYXT\",\n apiHostname: \"api-2b5c39f5.duosecurity.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nuserpass = vault.AuthBackend(\"userpass\",\n type=\"userpass\",\n path=\"userpass\")\nmy_duo = vault.MfaDuo(\"myDuo\",\n mount_accessor=userpass.accessor,\n secret_key=\"8C7THtrIigh2rPZQMbguugt8IUftWhMRCOBzbuyz\",\n integration_key=\"BIACEUEAXI20BNWTEYXT\",\n api_hostname=\"api-2b5c39f5.duosecurity.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var userpass = new Vault.AuthBackend(\"userpass\", new()\n {\n Type = \"userpass\",\n Path = \"userpass\",\n });\n\n var myDuo = new Vault.MfaDuo(\"myDuo\", new()\n {\n MountAccessor = userpass.Accessor,\n SecretKey = \"8C7THtrIigh2rPZQMbguugt8IUftWhMRCOBzbuyz\",\n IntegrationKey = \"BIACEUEAXI20BNWTEYXT\",\n ApiHostname = \"api-2b5c39f5.duosecurity.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tuserpass, err := vault.NewAuthBackend(ctx, \"userpass\", \u0026vault.AuthBackendArgs{\n\t\t\tType: pulumi.String(\"userpass\"),\n\t\t\tPath: pulumi.String(\"userpass\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = vault.NewMfaDuo(ctx, \"myDuo\", \u0026vault.MfaDuoArgs{\n\t\t\tMountAccessor: userpass.Accessor,\n\t\t\tSecretKey: pulumi.String(\"8C7THtrIigh2rPZQMbguugt8IUftWhMRCOBzbuyz\"),\n\t\t\tIntegrationKey: pulumi.String(\"BIACEUEAXI20BNWTEYXT\"),\n\t\t\tApiHostname: pulumi.String(\"api-2b5c39f5.duosecurity.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.MfaDuo;\nimport com.pulumi.vault.MfaDuoArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var userpass = new AuthBackend(\"userpass\", AuthBackendArgs.builder() \n .type(\"userpass\")\n .path(\"userpass\")\n .build());\n\n var myDuo = new MfaDuo(\"myDuo\", MfaDuoArgs.builder() \n .mountAccessor(userpass.accessor())\n .secretKey(\"8C7THtrIigh2rPZQMbguugt8IUftWhMRCOBzbuyz\")\n .integrationKey(\"BIACEUEAXI20BNWTEYXT\")\n .apiHostname(\"api-2b5c39f5.duosecurity.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n userpass:\n type: vault:AuthBackend\n properties:\n type: userpass\n path: userpass\n myDuo:\n type: vault:MfaDuo\n properties:\n mountAccessor: ${userpass.accessor}\n secretKey: 8C7THtrIigh2rPZQMbguugt8IUftWhMRCOBzbuyz\n integrationKey: BIACEUEAXI20BNWTEYXT\n apiHostname: api-2b5c39f5.duosecurity.com\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nMounts can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:index/mfaDuo:MfaDuo my_duo my_duo\n```\n\n ", + "description": "Provides a resource to manage [Duo MFA](https://www.vaultproject.io/docs/enterprise/mfa/mfa-duo.html).\n\n**Note** this feature is available only with Vault Enterprise.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst userpass = new vault.AuthBackend(\"userpass\", {\n type: \"userpass\",\n path: \"userpass\",\n});\nconst myDuo = new vault.MfaDuo(\"myDuo\", {\n mountAccessor: userpass.accessor,\n secretKey: \"8C7THtrIigh2rPZQMbguugt8IUftWhMRCOBzbuyz\",\n integrationKey: \"BIACEUEAXI20BNWTEYXT\",\n apiHostname: \"api-2b5c39f5.duosecurity.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nuserpass = vault.AuthBackend(\"userpass\",\n type=\"userpass\",\n path=\"userpass\")\nmy_duo = vault.MfaDuo(\"myDuo\",\n mount_accessor=userpass.accessor,\n secret_key=\"8C7THtrIigh2rPZQMbguugt8IUftWhMRCOBzbuyz\",\n integration_key=\"BIACEUEAXI20BNWTEYXT\",\n api_hostname=\"api-2b5c39f5.duosecurity.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var userpass = new Vault.AuthBackend(\"userpass\", new()\n {\n Type = \"userpass\",\n Path = \"userpass\",\n });\n\n var myDuo = new Vault.MfaDuo(\"myDuo\", new()\n {\n MountAccessor = userpass.Accessor,\n SecretKey = \"8C7THtrIigh2rPZQMbguugt8IUftWhMRCOBzbuyz\",\n IntegrationKey = \"BIACEUEAXI20BNWTEYXT\",\n ApiHostname = \"api-2b5c39f5.duosecurity.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tuserpass, err := vault.NewAuthBackend(ctx, \"userpass\", \u0026vault.AuthBackendArgs{\n\t\t\tType: pulumi.String(\"userpass\"),\n\t\t\tPath: pulumi.String(\"userpass\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = vault.NewMfaDuo(ctx, \"myDuo\", \u0026vault.MfaDuoArgs{\n\t\t\tMountAccessor: userpass.Accessor,\n\t\t\tSecretKey: pulumi.String(\"8C7THtrIigh2rPZQMbguugt8IUftWhMRCOBzbuyz\"),\n\t\t\tIntegrationKey: pulumi.String(\"BIACEUEAXI20BNWTEYXT\"),\n\t\t\tApiHostname: pulumi.String(\"api-2b5c39f5.duosecurity.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.MfaDuo;\nimport com.pulumi.vault.MfaDuoArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var userpass = new AuthBackend(\"userpass\", AuthBackendArgs.builder() \n .type(\"userpass\")\n .path(\"userpass\")\n .build());\n\n var myDuo = new MfaDuo(\"myDuo\", MfaDuoArgs.builder() \n .mountAccessor(userpass.accessor())\n .secretKey(\"8C7THtrIigh2rPZQMbguugt8IUftWhMRCOBzbuyz\")\n .integrationKey(\"BIACEUEAXI20BNWTEYXT\")\n .apiHostname(\"api-2b5c39f5.duosecurity.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n userpass:\n type: vault:AuthBackend\n properties:\n type: userpass\n path: userpass\n myDuo:\n type: vault:MfaDuo\n properties:\n mountAccessor: ${userpass.accessor}\n secretKey: 8C7THtrIigh2rPZQMbguugt8IUftWhMRCOBzbuyz\n integrationKey: BIACEUEAXI20BNWTEYXT\n apiHostname: api-2b5c39f5.duosecurity.com\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nMounts can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:index/mfaDuo:MfaDuo my_duo my_duo\n```\n ", "properties": { "apiHostname": { "type": "string", @@ -18390,7 +15591,7 @@ } }, "vault:index/mfaOkta:MfaOkta": { - "description": "Provides a resource to manage [Okta MFA](https://www.vaultproject.io/docs/enterprise/mfa/mfa-okta).\n\n**Note** this feature is available only with Vault Enterprise.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst userpass = new vault.AuthBackend(\"userpass\", {\n type: \"userpass\",\n path: \"userpass\",\n});\nconst myOkta = new vault.MfaOkta(\"myOkta\", {\n mountAccessor: userpass.accessor,\n usernameFormat: \"user@example.com\",\n orgName: \"hashicorp\",\n apiToken: \"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nuserpass = vault.AuthBackend(\"userpass\",\n type=\"userpass\",\n path=\"userpass\")\nmy_okta = vault.MfaOkta(\"myOkta\",\n mount_accessor=userpass.accessor,\n username_format=\"user@example.com\",\n org_name=\"hashicorp\",\n api_token=\"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var userpass = new Vault.AuthBackend(\"userpass\", new()\n {\n Type = \"userpass\",\n Path = \"userpass\",\n });\n\n var myOkta = new Vault.MfaOkta(\"myOkta\", new()\n {\n MountAccessor = userpass.Accessor,\n UsernameFormat = \"user@example.com\",\n OrgName = \"hashicorp\",\n ApiToken = \"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tuserpass, err := vault.NewAuthBackend(ctx, \"userpass\", \u0026vault.AuthBackendArgs{\n\t\t\tType: pulumi.String(\"userpass\"),\n\t\t\tPath: pulumi.String(\"userpass\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = vault.NewMfaOkta(ctx, \"myOkta\", \u0026vault.MfaOktaArgs{\n\t\t\tMountAccessor: userpass.Accessor,\n\t\t\tUsernameFormat: pulumi.String(\"user@example.com\"),\n\t\t\tOrgName: pulumi.String(\"hashicorp\"),\n\t\t\tApiToken: pulumi.String(\"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.MfaOkta;\nimport com.pulumi.vault.MfaOktaArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var userpass = new AuthBackend(\"userpass\", AuthBackendArgs.builder() \n .type(\"userpass\")\n .path(\"userpass\")\n .build());\n\n var myOkta = new MfaOkta(\"myOkta\", MfaOktaArgs.builder() \n .mountAccessor(userpass.accessor())\n .usernameFormat(\"user@example.com\")\n .orgName(\"hashicorp\")\n .apiToken(\"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n userpass:\n type: vault:AuthBackend\n properties:\n type: userpass\n path: userpass\n myOkta:\n type: vault:MfaOkta\n properties:\n mountAccessor: ${userpass.accessor}\n usernameFormat: user@example.com\n orgName: hashicorp\n apiToken: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nMounts can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:index/mfaOkta:MfaOkta my_okta my_okta\n```\n\n ", + "description": "Provides a resource to manage [Okta MFA](https://www.vaultproject.io/docs/enterprise/mfa/mfa-okta).\n\n**Note** this feature is available only with Vault Enterprise.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst userpass = new vault.AuthBackend(\"userpass\", {\n type: \"userpass\",\n path: \"userpass\",\n});\nconst myOkta = new vault.MfaOkta(\"myOkta\", {\n mountAccessor: userpass.accessor,\n usernameFormat: \"user@example.com\",\n orgName: \"hashicorp\",\n apiToken: \"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nuserpass = vault.AuthBackend(\"userpass\",\n type=\"userpass\",\n path=\"userpass\")\nmy_okta = vault.MfaOkta(\"myOkta\",\n mount_accessor=userpass.accessor,\n username_format=\"user@example.com\",\n org_name=\"hashicorp\",\n api_token=\"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var userpass = new Vault.AuthBackend(\"userpass\", new()\n {\n Type = \"userpass\",\n Path = \"userpass\",\n });\n\n var myOkta = new Vault.MfaOkta(\"myOkta\", new()\n {\n MountAccessor = userpass.Accessor,\n UsernameFormat = \"user@example.com\",\n OrgName = \"hashicorp\",\n ApiToken = \"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tuserpass, err := vault.NewAuthBackend(ctx, \"userpass\", \u0026vault.AuthBackendArgs{\n\t\t\tType: pulumi.String(\"userpass\"),\n\t\t\tPath: pulumi.String(\"userpass\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = vault.NewMfaOkta(ctx, \"myOkta\", \u0026vault.MfaOktaArgs{\n\t\t\tMountAccessor: userpass.Accessor,\n\t\t\tUsernameFormat: pulumi.String(\"user@example.com\"),\n\t\t\tOrgName: pulumi.String(\"hashicorp\"),\n\t\t\tApiToken: pulumi.String(\"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.MfaOkta;\nimport com.pulumi.vault.MfaOktaArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var userpass = new AuthBackend(\"userpass\", AuthBackendArgs.builder() \n .type(\"userpass\")\n .path(\"userpass\")\n .build());\n\n var myOkta = new MfaOkta(\"myOkta\", MfaOktaArgs.builder() \n .mountAccessor(userpass.accessor())\n .usernameFormat(\"user@example.com\")\n .orgName(\"hashicorp\")\n .apiToken(\"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n userpass:\n type: vault:AuthBackend\n properties:\n type: userpass\n path: userpass\n myOkta:\n type: vault:MfaOkta\n properties:\n mountAccessor: ${userpass.accessor}\n usernameFormat: user@example.com\n orgName: hashicorp\n apiToken: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nMounts can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:index/mfaOkta:MfaOkta my_okta my_okta\n```\n ", "properties": { "apiToken": { "type": "string", @@ -18529,19 +15730,19 @@ } }, "vault:index/mfaPingid:MfaPingid": { - "description": "Provides a resource to manage [PingID MFA](https://www.vaultproject.io/docs/enterprise/mfa/mfa-pingid).\n\n**Note** this feature is available only with Vault Enterprise.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new pulumi.Config();\nconst settingsFile = config.requireObject(\"settingsFile\");\nconst userpass = new vault.AuthBackend(\"userpass\", {\n type: \"userpass\",\n path: \"userpass\",\n});\nconst myPingid = new vault.MfaPingid(\"myPingid\", {\n mountAccessor: userpass.accessor,\n usernameFormat: \"user@example.com\",\n settingsFileBase64: settingsFile,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nconfig = pulumi.Config()\nsettings_file = config.require_object(\"settingsFile\")\nuserpass = vault.AuthBackend(\"userpass\",\n type=\"userpass\",\n path=\"userpass\")\nmy_pingid = vault.MfaPingid(\"myPingid\",\n mount_accessor=userpass.accessor,\n username_format=\"user@example.com\",\n settings_file_base64=settings_file)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var settingsFile = config.RequireObject\u003cdynamic\u003e(\"settingsFile\");\n var userpass = new Vault.AuthBackend(\"userpass\", new()\n {\n Type = \"userpass\",\n Path = \"userpass\",\n });\n\n var myPingid = new Vault.MfaPingid(\"myPingid\", new()\n {\n MountAccessor = userpass.Accessor,\n UsernameFormat = \"user@example.com\",\n SettingsFileBase64 = settingsFile,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tsettingsFile := cfg.RequireObject(\"settingsFile\")\n\t\tuserpass, err := vault.NewAuthBackend(ctx, \"userpass\", \u0026vault.AuthBackendArgs{\n\t\t\tType: pulumi.String(\"userpass\"),\n\t\t\tPath: pulumi.String(\"userpass\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = vault.NewMfaPingid(ctx, \"myPingid\", \u0026vault.MfaPingidArgs{\n\t\t\tMountAccessor: userpass.Accessor,\n\t\t\tUsernameFormat: pulumi.String(\"user@example.com\"),\n\t\t\tSettingsFileBase64: pulumi.Any(settingsFile),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.MfaPingid;\nimport com.pulumi.vault.MfaPingidArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var settingsFile = config.get(\"settingsFile\");\n var userpass = new AuthBackend(\"userpass\", AuthBackendArgs.builder() \n .type(\"userpass\")\n .path(\"userpass\")\n .build());\n\n var myPingid = new MfaPingid(\"myPingid\", MfaPingidArgs.builder() \n .mountAccessor(userpass.accessor())\n .usernameFormat(\"user@example.com\")\n .settingsFileBase64(settingsFile)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n settingsFile:\n type: dynamic\nresources:\n userpass:\n type: vault:AuthBackend\n properties:\n type: userpass\n path: userpass\n myPingid:\n type: vault:MfaPingid\n properties:\n mountAccessor: ${userpass.accessor}\n usernameFormat: user@example.com\n settingsFileBase64: ${settingsFile}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nMounts can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:index/mfaPingid:MfaPingid my_pingid my_pingid\n```\n\n ", + "description": "Provides a resource to manage [PingID MFA](https://www.vaultproject.io/docs/enterprise/mfa/mfa-pingid).\n\n**Note** this feature is available only with Vault Enterprise.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new pulumi.Config();\nconst settingsFile = config.requireObject(\"settingsFile\");\nconst userpass = new vault.AuthBackend(\"userpass\", {\n type: \"userpass\",\n path: \"userpass\",\n});\nconst myPingid = new vault.MfaPingid(\"myPingid\", {\n mountAccessor: userpass.accessor,\n usernameFormat: \"user@example.com\",\n settingsFileBase64: settingsFile,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nconfig = pulumi.Config()\nsettings_file = config.require_object(\"settingsFile\")\nuserpass = vault.AuthBackend(\"userpass\",\n type=\"userpass\",\n path=\"userpass\")\nmy_pingid = vault.MfaPingid(\"myPingid\",\n mount_accessor=userpass.accessor,\n username_format=\"user@example.com\",\n settings_file_base64=settings_file)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var settingsFile = config.RequireObject\u003cdynamic\u003e(\"settingsFile\");\n var userpass = new Vault.AuthBackend(\"userpass\", new()\n {\n Type = \"userpass\",\n Path = \"userpass\",\n });\n\n var myPingid = new Vault.MfaPingid(\"myPingid\", new()\n {\n MountAccessor = userpass.Accessor,\n UsernameFormat = \"user@example.com\",\n SettingsFileBase64 = settingsFile,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tsettingsFile := cfg.RequireObject(\"settingsFile\")\n\t\tuserpass, err := vault.NewAuthBackend(ctx, \"userpass\", \u0026vault.AuthBackendArgs{\n\t\t\tType: pulumi.String(\"userpass\"),\n\t\t\tPath: pulumi.String(\"userpass\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = vault.NewMfaPingid(ctx, \"myPingid\", \u0026vault.MfaPingidArgs{\n\t\t\tMountAccessor: userpass.Accessor,\n\t\t\tUsernameFormat: pulumi.String(\"user@example.com\"),\n\t\t\tSettingsFileBase64: pulumi.Any(settingsFile),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.MfaPingid;\nimport com.pulumi.vault.MfaPingidArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var settingsFile = config.get(\"settingsFile\");\n var userpass = new AuthBackend(\"userpass\", AuthBackendArgs.builder() \n .type(\"userpass\")\n .path(\"userpass\")\n .build());\n\n var myPingid = new MfaPingid(\"myPingid\", MfaPingidArgs.builder() \n .mountAccessor(userpass.accessor())\n .usernameFormat(\"user@example.com\")\n .settingsFileBase64(settingsFile)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n settingsFile:\n type: dynamic\nresources:\n userpass:\n type: vault:AuthBackend\n properties:\n type: userpass\n path: userpass\n myPingid:\n type: vault:MfaPingid\n properties:\n mountAccessor: ${userpass.accessor}\n usernameFormat: user@example.com\n settingsFileBase64: ${settingsFile}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nMounts can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:index/mfaPingid:MfaPingid my_pingid my_pingid\n```\n ", "properties": { "adminUrl": { "type": "string", - "description": "Admin URL computed by Vault.\n" + "description": "`(string)` – Admin URL computed by Vault\n" }, "authenticatorUrl": { "type": "string", - "description": "Authenticator URL computed by Vault.\n" + "description": "`(string)` – Authenticator URL computed by Vault\n" }, "idpUrl": { "type": "string", - "description": "IDP URL computed by Vault.\n" + "description": "`(string)` – IDP URL computed by Vault\n" }, "mountAccessor": { "type": "string", @@ -18557,11 +15758,11 @@ }, "namespaceId": { "type": "string", - "description": "Namespace ID computed by Vault.\n" + "description": "`(string)` – Namespace ID computed by Vault\n" }, "orgAlias": { "type": "string", - "description": "Org Alias computed by Vault.\n" + "description": "`(string)` – Org Alias computed by Vault\n" }, "settingsFileBase64": { "type": "string", @@ -18569,11 +15770,11 @@ }, "type": { "type": "string", - "description": "Type of configuration computed by Vault.\n" + "description": "`(string)` – Type of configuration computed by Vault\n" }, "useSignature": { "type": "boolean", - "description": "If set, enables use of PingID signature. Computed by Vault\n" + "description": "`(string)` – If set to true, enables use of PingID signature. Computed by Vault\n" }, "usernameFormat": { "type": "string", @@ -18628,15 +15829,15 @@ "properties": { "adminUrl": { "type": "string", - "description": "Admin URL computed by Vault.\n" + "description": "`(string)` – Admin URL computed by Vault\n" }, "authenticatorUrl": { "type": "string", - "description": "Authenticator URL computed by Vault.\n" + "description": "`(string)` – Authenticator URL computed by Vault\n" }, "idpUrl": { "type": "string", - "description": "IDP URL computed by Vault.\n" + "description": "`(string)` – IDP URL computed by Vault\n" }, "mountAccessor": { "type": "string", @@ -18655,11 +15856,11 @@ }, "namespaceId": { "type": "string", - "description": "Namespace ID computed by Vault.\n" + "description": "`(string)` – Namespace ID computed by Vault\n" }, "orgAlias": { "type": "string", - "description": "Org Alias computed by Vault.\n" + "description": "`(string)` – Org Alias computed by Vault\n" }, "settingsFileBase64": { "type": "string", @@ -18668,11 +15869,11 @@ }, "type": { "type": "string", - "description": "Type of configuration computed by Vault.\n" + "description": "`(string)` – Type of configuration computed by Vault\n" }, "useSignature": { "type": "boolean", - "description": "If set, enables use of PingID signature. Computed by Vault\n" + "description": "`(string)` – If set to true, enables use of PingID signature. Computed by Vault\n" }, "usernameFormat": { "type": "string", @@ -18684,7 +15885,7 @@ } }, "vault:index/mfaTotp:MfaTotp": { - "description": "Provides a resource to manage [TOTP MFA](https://www.vaultproject.io/docs/enterprise/mfa/mfa-totp).\n\n**Note** this feature is available only with Vault Enterprise.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst myTotp = new vault.MfaTotp(\"my_totp\", {\n algorithm: \"SHA256\",\n digits: 8,\n issuer: \"hashicorp\",\n keySize: 20,\n period: 60,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nmy_totp = vault.MfaTotp(\"myTotp\",\n algorithm=\"SHA256\",\n digits=8,\n issuer=\"hashicorp\",\n key_size=20,\n period=60)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myTotp = new Vault.MfaTotp(\"myTotp\", new()\n {\n Algorithm = \"SHA256\",\n Digits = 8,\n Issuer = \"hashicorp\",\n KeySize = 20,\n Period = 60,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewMfaTotp(ctx, \"myTotp\", \u0026vault.MfaTotpArgs{\n\t\t\tAlgorithm: pulumi.String(\"SHA256\"),\n\t\t\tDigits: pulumi.Int(8),\n\t\t\tIssuer: pulumi.String(\"hashicorp\"),\n\t\t\tKeySize: pulumi.Int(20),\n\t\t\tPeriod: pulumi.Int(60),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.MfaTotp;\nimport com.pulumi.vault.MfaTotpArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myTotp = new MfaTotp(\"myTotp\", MfaTotpArgs.builder() \n .algorithm(\"SHA256\")\n .digits(8)\n .issuer(\"hashicorp\")\n .keySize(20)\n .period(60)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myTotp:\n type: vault:MfaTotp\n properties:\n algorithm: SHA256\n digits: 8\n issuer: hashicorp\n keySize: 20\n period: 60\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nMounts can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:index/mfaTotp:MfaTotp my_totp my_totp\n```\n\n ", + "description": "Provides a resource to manage [TOTP MFA](https://www.vaultproject.io/docs/enterprise/mfa/mfa-totp).\n\n**Note** this feature is available only with Vault Enterprise.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst myTotp = new vault.MfaTotp(\"myTotp\", {\n algorithm: \"SHA256\",\n digits: 8,\n issuer: \"hashicorp\",\n keySize: 20,\n period: 60,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nmy_totp = vault.MfaTotp(\"myTotp\",\n algorithm=\"SHA256\",\n digits=8,\n issuer=\"hashicorp\",\n key_size=20,\n period=60)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myTotp = new Vault.MfaTotp(\"myTotp\", new()\n {\n Algorithm = \"SHA256\",\n Digits = 8,\n Issuer = \"hashicorp\",\n KeySize = 20,\n Period = 60,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewMfaTotp(ctx, \"myTotp\", \u0026vault.MfaTotpArgs{\n\t\t\tAlgorithm: pulumi.String(\"SHA256\"),\n\t\t\tDigits: pulumi.Int(8),\n\t\t\tIssuer: pulumi.String(\"hashicorp\"),\n\t\t\tKeySize: pulumi.Int(20),\n\t\t\tPeriod: pulumi.Int(60),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.MfaTotp;\nimport com.pulumi.vault.MfaTotpArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myTotp = new MfaTotp(\"myTotp\", MfaTotpArgs.builder() \n .algorithm(\"SHA256\")\n .digits(8)\n .issuer(\"hashicorp\")\n .keySize(20)\n .period(60)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myTotp:\n type: vault:MfaTotp\n properties:\n algorithm: SHA256\n digits: 8\n issuer: hashicorp\n keySize: 20\n period: 60\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nMounts can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:index/mfaTotp:MfaTotp my_totp my_totp\n```\n ", "properties": { "algorithm": { "type": "string", @@ -18830,7 +16031,7 @@ } }, "vault:index/mount:Mount": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst example = new vault.Mount(\"example\", {\n description: \"This is an example mount\",\n path: \"dummy\",\n type: \"generic\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample = vault.Mount(\"example\",\n description=\"This is an example mount\",\n path=\"dummy\",\n type=\"generic\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Vault.Mount(\"example\", new()\n {\n Description = \"This is an example mount\",\n Path = \"dummy\",\n Type = \"generic\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewMount(ctx, \"example\", \u0026vault.MountArgs{\n\t\t\tDescription: pulumi.String(\"This is an example mount\"),\n\t\t\tPath: pulumi.String(\"dummy\"),\n\t\t\tType: pulumi.String(\"generic\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Mount(\"example\", MountArgs.builder() \n .description(\"This is an example mount\")\n .path(\"dummy\")\n .type(\"generic\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: vault:Mount\n properties:\n description: This is an example mount\n path: dummy\n type: generic\n```\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst kvv2_example = new vault.Mount(\"kvv2-example\", {\n description: \"This is an example KV Version 2 secret engine mount\",\n options: {\n type: \"kv-v2\",\n version: \"2\",\n },\n path: \"version2-example\",\n type: \"kv-v2\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nkvv2_example = vault.Mount(\"kvv2-example\",\n description=\"This is an example KV Version 2 secret engine mount\",\n options={\n \"type\": \"kv-v2\",\n \"version\": \"2\",\n },\n path=\"version2-example\",\n type=\"kv-v2\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var kvv2_example = new Vault.Mount(\"kvv2-example\", new()\n {\n Description = \"This is an example KV Version 2 secret engine mount\",\n Options = \n {\n { \"type\", \"kv-v2\" },\n { \"version\", \"2\" },\n },\n Path = \"version2-example\",\n Type = \"kv-v2\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewMount(ctx, \"kvv2-example\", \u0026vault.MountArgs{\n\t\t\tDescription: pulumi.String(\"This is an example KV Version 2 secret engine mount\"),\n\t\t\tOptions: pulumi.AnyMap{\n\t\t\t\t\"type\": pulumi.Any(\"kv-v2\"),\n\t\t\t\t\"version\": pulumi.Any(\"2\"),\n\t\t\t},\n\t\t\tPath: pulumi.String(\"version2-example\"),\n\t\t\tType: pulumi.String(\"kv-v2\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var kvv2_example = new Mount(\"kvv2-example\", MountArgs.builder() \n .description(\"This is an example KV Version 2 secret engine mount\")\n .options(Map.ofEntries(\n Map.entry(\"type\", \"kv-v2\"),\n Map.entry(\"version\", \"2\")\n ))\n .path(\"version2-example\")\n .type(\"kv-v2\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n kvv2-example:\n type: vault:Mount\n properties:\n description: This is an example KV Version 2 secret engine mount\n options:\n type: kv-v2\n version: 2\n path: version2-example\n type: kv-v2\n```\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst transit_example = new vault.Mount(\"transit-example\", {\n description: \"This is an example transit secret engine mount\",\n options: {\n convergent_encryption: false,\n },\n path: \"transit-example\",\n type: \"transit\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntransit_example = vault.Mount(\"transit-example\",\n description=\"This is an example transit secret engine mount\",\n options={\n \"convergent_encryption\": False,\n },\n path=\"transit-example\",\n type=\"transit\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var transit_example = new Vault.Mount(\"transit-example\", new()\n {\n Description = \"This is an example transit secret engine mount\",\n Options = \n {\n { \"convergent_encryption\", false },\n },\n Path = \"transit-example\",\n Type = \"transit\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewMount(ctx, \"transit-example\", \u0026vault.MountArgs{\n\t\t\tDescription: pulumi.String(\"This is an example transit secret engine mount\"),\n\t\t\tOptions: pulumi.AnyMap{\n\t\t\t\t\"convergent_encryption\": pulumi.Any(false),\n\t\t\t},\n\t\t\tPath: pulumi.String(\"transit-example\"),\n\t\t\tType: pulumi.String(\"transit\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var transit_example = new Mount(\"transit-example\", MountArgs.builder() \n .description(\"This is an example transit secret engine mount\")\n .options(Map.of(\"convergent_encryption\", false))\n .path(\"transit-example\")\n .type(\"transit\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n transit-example:\n type: vault:Mount\n properties:\n description: This is an example transit secret engine mount\n options:\n convergent_encryption: false\n path: transit-example\n type: transit\n```\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst pki_example = new vault.Mount(\"pki-example\", {\n defaultLeaseTtlSeconds: 3600,\n description: \"This is an example PKI mount\",\n maxLeaseTtlSeconds: 86400,\n path: \"pki-example\",\n type: \"pki\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\npki_example = vault.Mount(\"pki-example\",\n default_lease_ttl_seconds=3600,\n description=\"This is an example PKI mount\",\n max_lease_ttl_seconds=86400,\n path=\"pki-example\",\n type=\"pki\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var pki_example = new Vault.Mount(\"pki-example\", new()\n {\n DefaultLeaseTtlSeconds = 3600,\n Description = \"This is an example PKI mount\",\n MaxLeaseTtlSeconds = 86400,\n Path = \"pki-example\",\n Type = \"pki\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewMount(ctx, \"pki-example\", \u0026vault.MountArgs{\n\t\t\tDefaultLeaseTtlSeconds: pulumi.Int(3600),\n\t\t\tDescription: pulumi.String(\"This is an example PKI mount\"),\n\t\t\tMaxLeaseTtlSeconds: pulumi.Int(86400),\n\t\t\tPath: pulumi.String(\"pki-example\"),\n\t\t\tType: pulumi.String(\"pki\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var pki_example = new Mount(\"pki-example\", MountArgs.builder() \n .defaultLeaseTtlSeconds(3600)\n .description(\"This is an example PKI mount\")\n .maxLeaseTtlSeconds(86400)\n .path(\"pki-example\")\n .type(\"pki\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n pki-example:\n type: vault:Mount\n properties:\n defaultLeaseTtlSeconds: 3600\n description: This is an example PKI mount\n maxLeaseTtlSeconds: 86400\n path: pki-example\n type: pki\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nMounts can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:index/mount:Mount example dummy\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst example = new vault.Mount(\"example\", {\n description: \"This is an example mount\",\n path: \"dummy\",\n type: \"generic\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample = vault.Mount(\"example\",\n description=\"This is an example mount\",\n path=\"dummy\",\n type=\"generic\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Vault.Mount(\"example\", new()\n {\n Description = \"This is an example mount\",\n Path = \"dummy\",\n Type = \"generic\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewMount(ctx, \"example\", \u0026vault.MountArgs{\n\t\t\tDescription: pulumi.String(\"This is an example mount\"),\n\t\t\tPath: pulumi.String(\"dummy\"),\n\t\t\tType: pulumi.String(\"generic\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Mount(\"example\", MountArgs.builder() \n .description(\"This is an example mount\")\n .path(\"dummy\")\n .type(\"generic\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: vault:Mount\n properties:\n description: This is an example mount\n path: dummy\n type: generic\n```\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst kvv2_example = new vault.Mount(\"kvv2-example\", {\n description: \"This is an example KV Version 2 secret engine mount\",\n options: {\n type: \"kv-v2\",\n version: \"2\",\n },\n path: \"version2-example\",\n type: \"kv-v2\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nkvv2_example = vault.Mount(\"kvv2-example\",\n description=\"This is an example KV Version 2 secret engine mount\",\n options={\n \"type\": \"kv-v2\",\n \"version\": \"2\",\n },\n path=\"version2-example\",\n type=\"kv-v2\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var kvv2_example = new Vault.Mount(\"kvv2-example\", new()\n {\n Description = \"This is an example KV Version 2 secret engine mount\",\n Options = \n {\n { \"type\", \"kv-v2\" },\n { \"version\", \"2\" },\n },\n Path = \"version2-example\",\n Type = \"kv-v2\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewMount(ctx, \"kvv2-example\", \u0026vault.MountArgs{\n\t\t\tDescription: pulumi.String(\"This is an example KV Version 2 secret engine mount\"),\n\t\t\tOptions: pulumi.Map{\n\t\t\t\t\"type\": pulumi.Any(\"kv-v2\"),\n\t\t\t\t\"version\": pulumi.Any(\"2\"),\n\t\t\t},\n\t\t\tPath: pulumi.String(\"version2-example\"),\n\t\t\tType: pulumi.String(\"kv-v2\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var kvv2_example = new Mount(\"kvv2-example\", MountArgs.builder() \n .description(\"This is an example KV Version 2 secret engine mount\")\n .options(Map.ofEntries(\n Map.entry(\"type\", \"kv-v2\"),\n Map.entry(\"version\", \"2\")\n ))\n .path(\"version2-example\")\n .type(\"kv-v2\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n kvv2-example:\n type: vault:Mount\n properties:\n description: This is an example KV Version 2 secret engine mount\n options:\n type: kv-v2\n version: '2'\n path: version2-example\n type: kv-v2\n```\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst transit_example = new vault.Mount(\"transit-example\", {\n description: \"This is an example transit secret engine mount\",\n options: {\n convergent_encryption: false,\n },\n path: \"transit-example\",\n type: \"transit\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntransit_example = vault.Mount(\"transit-example\",\n description=\"This is an example transit secret engine mount\",\n options={\n \"convergent_encryption\": False,\n },\n path=\"transit-example\",\n type=\"transit\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var transit_example = new Vault.Mount(\"transit-example\", new()\n {\n Description = \"This is an example transit secret engine mount\",\n Options = \n {\n { \"convergent_encryption\", false },\n },\n Path = \"transit-example\",\n Type = \"transit\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewMount(ctx, \"transit-example\", \u0026vault.MountArgs{\n\t\t\tDescription: pulumi.String(\"This is an example transit secret engine mount\"),\n\t\t\tOptions: pulumi.Map{\n\t\t\t\t\"convergent_encryption\": pulumi.Any(false),\n\t\t\t},\n\t\t\tPath: pulumi.String(\"transit-example\"),\n\t\t\tType: pulumi.String(\"transit\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var transit_example = new Mount(\"transit-example\", MountArgs.builder() \n .description(\"This is an example transit secret engine mount\")\n .options(Map.of(\"convergent_encryption\", false))\n .path(\"transit-example\")\n .type(\"transit\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n transit-example:\n type: vault:Mount\n properties:\n description: This is an example transit secret engine mount\n options:\n convergent_encryption: false\n path: transit-example\n type: transit\n```\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst pki_example = new vault.Mount(\"pki-example\", {\n defaultLeaseTtlSeconds: 3600,\n description: \"This is an example PKI mount\",\n maxLeaseTtlSeconds: 86400,\n path: \"pki-example\",\n type: \"pki\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\npki_example = vault.Mount(\"pki-example\",\n default_lease_ttl_seconds=3600,\n description=\"This is an example PKI mount\",\n max_lease_ttl_seconds=86400,\n path=\"pki-example\",\n type=\"pki\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var pki_example = new Vault.Mount(\"pki-example\", new()\n {\n DefaultLeaseTtlSeconds = 3600,\n Description = \"This is an example PKI mount\",\n MaxLeaseTtlSeconds = 86400,\n Path = \"pki-example\",\n Type = \"pki\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewMount(ctx, \"pki-example\", \u0026vault.MountArgs{\n\t\t\tDefaultLeaseTtlSeconds: pulumi.Int(3600),\n\t\t\tDescription: pulumi.String(\"This is an example PKI mount\"),\n\t\t\tMaxLeaseTtlSeconds: pulumi.Int(86400),\n\t\t\tPath: pulumi.String(\"pki-example\"),\n\t\t\tType: pulumi.String(\"pki\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var pki_example = new Mount(\"pki-example\", MountArgs.builder() \n .defaultLeaseTtlSeconds(3600)\n .description(\"This is an example PKI mount\")\n .maxLeaseTtlSeconds(86400)\n .path(\"pki-example\")\n .type(\"pki\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n pki-example:\n type: vault:Mount\n properties:\n defaultLeaseTtlSeconds: 3600\n description: This is an example PKI mount\n maxLeaseTtlSeconds: 86400\n path: pki-example\n type: pki\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nMounts can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:index/mount:Mount example dummy\n```\n ", "properties": { "accessor": { "type": "string", @@ -19071,6 +16272,13 @@ "vault:index/namespace:Namespace": { "description": "\n\n\n## Import\n\nNamespaces can be imported using its `name` as accessor id\n\n```sh\n $ pulumi import vault:index/namespace:Namespace example \u003cname\u003e\n```\n\n If the declared resource is imported and intends to support namespaces using a provider alias, then the name is relative to the namespace path. hcl provider \"vault\" {\n\n # Configuration options\n\n namespace = \"example\"\n\n alias\n\n\n\n = \"example\" } resource \"vault_namespace\" \"example2\" {\n\n provider = vault.example\n\n path\n\n\n\n = \"example2\" }\n\n```sh\n $ pulumi import vault:index/namespace:Namespace example2 example2\n```\n\n $ terraform state show vault_namespace.example2 vault_namespace.example2resource \"vault_namespace\" \"example2\" {\n\n\n\n id\n\n\n\n\n\n\n\n\n\n = \"example/example2/\"\n\n\n\n namespace_id = \u003cknown after import\u003e\n\n\n\n path\n\n\n\n\n\n\n\n = \"example2\"\n\n\n\n path_fq\n\n\n\n\n\n= \"example2\" } ", "properties": { + "customMetadata": { + "type": "object", + "additionalProperties": { + "$ref": "pulumi.json#/Any" + }, + "description": "Custom metadata describing this namespace. Value type\nis `map[string]string`. Requires Vault version 1.12+.\n" + }, "namespace": { "type": "string", "description": "The namespace to provision the resource in.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n", @@ -19094,11 +16302,19 @@ } }, "required": [ + "customMetadata", "namespaceId", "path", "pathFq" ], "inputProperties": { + "customMetadata": { + "type": "object", + "additionalProperties": { + "$ref": "pulumi.json#/Any" + }, + "description": "Custom metadata describing this namespace. Value type\nis `map[string]string`. Requires Vault version 1.12+.\n" + }, "namespace": { "type": "string", "description": "The namespace to provision the resource in.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n", @@ -19125,6 +16341,13 @@ "stateInputs": { "description": "Input properties used for looking up and filtering Namespace resources.\n", "properties": { + "customMetadata": { + "type": "object", + "additionalProperties": { + "$ref": "pulumi.json#/Any" + }, + "description": "Custom metadata describing this namespace. Value type\nis `map[string]string`. Requires Vault version 1.12+.\n" + }, "namespace": { "type": "string", "description": "The namespace to provision the resource in.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n", @@ -19153,7 +16376,7 @@ } }, "vault:index/nomadSecretBackend:NomadSecretBackend": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new vault.NomadSecretBackend(\"config\", {\n address: \"https://127.0.0.1:4646\",\n backend: \"nomad\",\n defaultLeaseTtlSeconds: 3600,\n description: \"test description\",\n maxLeaseTtlSeconds: 7200,\n maxTtl: 240,\n token: \"ae20ceaa-...\",\n ttl: 120,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nconfig = vault.NomadSecretBackend(\"config\",\n address=\"https://127.0.0.1:4646\",\n backend=\"nomad\",\n default_lease_ttl_seconds=3600,\n description=\"test description\",\n max_lease_ttl_seconds=7200,\n max_ttl=240,\n token=\"ae20ceaa-...\",\n ttl=120)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Vault.NomadSecretBackend(\"config\", new()\n {\n Address = \"https://127.0.0.1:4646\",\n Backend = \"nomad\",\n DefaultLeaseTtlSeconds = 3600,\n Description = \"test description\",\n MaxLeaseTtlSeconds = 7200,\n MaxTtl = 240,\n Token = \"ae20ceaa-...\",\n Ttl = 120,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewNomadSecretBackend(ctx, \"config\", \u0026vault.NomadSecretBackendArgs{\n\t\t\tAddress: pulumi.String(\"https://127.0.0.1:4646\"),\n\t\t\tBackend: pulumi.String(\"nomad\"),\n\t\t\tDefaultLeaseTtlSeconds: pulumi.Int(3600),\n\t\t\tDescription: pulumi.String(\"test description\"),\n\t\t\tMaxLeaseTtlSeconds: pulumi.Int(7200),\n\t\t\tMaxTtl: pulumi.Int(240),\n\t\t\tToken: pulumi.String(\"ae20ceaa-...\"),\n\t\t\tTtl: pulumi.Int(120),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.NomadSecretBackend;\nimport com.pulumi.vault.NomadSecretBackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var config = new NomadSecretBackend(\"config\", NomadSecretBackendArgs.builder() \n .address(\"https://127.0.0.1:4646\")\n .backend(\"nomad\")\n .defaultLeaseTtlSeconds(\"3600\")\n .description(\"test description\")\n .maxLeaseTtlSeconds(\"7200\")\n .maxTtl(\"240\")\n .token(\"ae20ceaa-...\")\n .ttl(\"120\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n config:\n type: vault:NomadSecretBackend\n properties:\n address: https://127.0.0.1:4646\n backend: nomad\n defaultLeaseTtlSeconds: 3600\n description: test description\n maxLeaseTtlSeconds: 7200\n maxTtl: 240\n token: ae20ceaa-...\n ttl: 120\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nNomad secret backend can be imported using the `backend`, e.g.\n\n```sh\n $ pulumi import vault:index/nomadSecretBackend:NomadSecretBackend nomad nomad\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new vault.NomadSecretBackend(\"config\", {\n address: \"https://127.0.0.1:4646\",\n backend: \"nomad\",\n defaultLeaseTtlSeconds: 3600,\n description: \"test description\",\n maxLeaseTtlSeconds: 7200,\n maxTtl: 240,\n token: \"ae20ceaa-...\",\n ttl: 120,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nconfig = vault.NomadSecretBackend(\"config\",\n address=\"https://127.0.0.1:4646\",\n backend=\"nomad\",\n default_lease_ttl_seconds=3600,\n description=\"test description\",\n max_lease_ttl_seconds=7200,\n max_ttl=240,\n token=\"ae20ceaa-...\",\n ttl=120)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Vault.NomadSecretBackend(\"config\", new()\n {\n Address = \"https://127.0.0.1:4646\",\n Backend = \"nomad\",\n DefaultLeaseTtlSeconds = 3600,\n Description = \"test description\",\n MaxLeaseTtlSeconds = 7200,\n MaxTtl = 240,\n Token = \"ae20ceaa-...\",\n Ttl = 120,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewNomadSecretBackend(ctx, \"config\", \u0026vault.NomadSecretBackendArgs{\n\t\t\tAddress: pulumi.String(\"https://127.0.0.1:4646\"),\n\t\t\tBackend: pulumi.String(\"nomad\"),\n\t\t\tDefaultLeaseTtlSeconds: pulumi.Int(3600),\n\t\t\tDescription: pulumi.String(\"test description\"),\n\t\t\tMaxLeaseTtlSeconds: pulumi.Int(7200),\n\t\t\tMaxTtl: pulumi.Int(240),\n\t\t\tToken: pulumi.String(\"ae20ceaa-...\"),\n\t\t\tTtl: pulumi.Int(120),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.NomadSecretBackend;\nimport com.pulumi.vault.NomadSecretBackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var config = new NomadSecretBackend(\"config\", NomadSecretBackendArgs.builder() \n .address(\"https://127.0.0.1:4646\")\n .backend(\"nomad\")\n .defaultLeaseTtlSeconds(\"3600\")\n .description(\"test description\")\n .maxLeaseTtlSeconds(\"7200\")\n .maxTtl(\"240\")\n .token(\"ae20ceaa-...\")\n .ttl(\"120\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n config:\n type: vault:NomadSecretBackend\n properties:\n address: https://127.0.0.1:4646\n backend: nomad\n defaultLeaseTtlSeconds: '3600'\n description: test description\n maxLeaseTtlSeconds: '7200'\n maxTtl: '240'\n token: ae20ceaa-...\n ttl: '120'\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nNomad secret backend can be imported using the `backend`, e.g.\n\n```sh\n $ pulumi import vault:index/nomadSecretBackend:NomadSecretBackend nomad nomad\n```\n ", "properties": { "address": { "type": "string", @@ -19364,7 +16587,7 @@ } }, "vault:index/nomadSecretRole:NomadSecretRole": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new vault.NomadSecretBackend(\"config\", {\n backend: \"nomad\",\n description: \"test description\",\n defaultLeaseTtlSeconds: 3600,\n maxLeaseTtlSeconds: 7200,\n address: \"https://127.0.0.1:4646\",\n token: \"ae20ceaa-...\",\n});\nconst test = new vault.NomadSecretRole(\"test\", {\n backend: config.backend,\n role: \"test\",\n type: \"client\",\n policies: [\"readonly\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nconfig = vault.NomadSecretBackend(\"config\",\n backend=\"nomad\",\n description=\"test description\",\n default_lease_ttl_seconds=3600,\n max_lease_ttl_seconds=7200,\n address=\"https://127.0.0.1:4646\",\n token=\"ae20ceaa-...\")\ntest = vault.NomadSecretRole(\"test\",\n backend=config.backend,\n role=\"test\",\n type=\"client\",\n policies=[\"readonly\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Vault.NomadSecretBackend(\"config\", new()\n {\n Backend = \"nomad\",\n Description = \"test description\",\n DefaultLeaseTtlSeconds = 3600,\n MaxLeaseTtlSeconds = 7200,\n Address = \"https://127.0.0.1:4646\",\n Token = \"ae20ceaa-...\",\n });\n\n var test = new Vault.NomadSecretRole(\"test\", new()\n {\n Backend = config.Backend,\n Role = \"test\",\n Type = \"client\",\n Policies = new[]\n {\n \"readonly\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tconfig, err := vault.NewNomadSecretBackend(ctx, \"config\", \u0026vault.NomadSecretBackendArgs{\n\t\t\tBackend: pulumi.String(\"nomad\"),\n\t\t\tDescription: pulumi.String(\"test description\"),\n\t\t\tDefaultLeaseTtlSeconds: pulumi.Int(3600),\n\t\t\tMaxLeaseTtlSeconds: pulumi.Int(7200),\n\t\t\tAddress: pulumi.String(\"https://127.0.0.1:4646\"),\n\t\t\tToken: pulumi.String(\"ae20ceaa-...\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = vault.NewNomadSecretRole(ctx, \"test\", \u0026vault.NomadSecretRoleArgs{\n\t\t\tBackend: config.Backend,\n\t\t\tRole: pulumi.String(\"test\"),\n\t\t\tType: pulumi.String(\"client\"),\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"readonly\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.NomadSecretBackend;\nimport com.pulumi.vault.NomadSecretBackendArgs;\nimport com.pulumi.vault.NomadSecretRole;\nimport com.pulumi.vault.NomadSecretRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var config = new NomadSecretBackend(\"config\", NomadSecretBackendArgs.builder() \n .backend(\"nomad\")\n .description(\"test description\")\n .defaultLeaseTtlSeconds(\"3600\")\n .maxLeaseTtlSeconds(\"7200\")\n .address(\"https://127.0.0.1:4646\")\n .token(\"ae20ceaa-...\")\n .build());\n\n var test = new NomadSecretRole(\"test\", NomadSecretRoleArgs.builder() \n .backend(config.backend())\n .role(\"test\")\n .type(\"client\")\n .policies(\"readonly\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n config:\n type: vault:NomadSecretBackend\n properties:\n backend: nomad\n description: test description\n defaultLeaseTtlSeconds: 3600\n maxLeaseTtlSeconds: 7200\n address: https://127.0.0.1:4646\n token: ae20ceaa-...\n test:\n type: vault:NomadSecretRole\n properties:\n backend: ${config.backend}\n role: test\n type: client\n policies:\n - readonly\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nNomad secret role can be imported using the `backend`, e.g.\n\n```sh\n $ pulumi import vault:index/nomadSecretRole:NomadSecretRole bob nomad/role/bob\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new vault.NomadSecretBackend(\"config\", {\n backend: \"nomad\",\n description: \"test description\",\n defaultLeaseTtlSeconds: 3600,\n maxLeaseTtlSeconds: 7200,\n address: \"https://127.0.0.1:4646\",\n token: \"ae20ceaa-...\",\n});\nconst test = new vault.NomadSecretRole(\"test\", {\n backend: config.backend,\n role: \"test\",\n type: \"client\",\n policies: [\"readonly\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nconfig = vault.NomadSecretBackend(\"config\",\n backend=\"nomad\",\n description=\"test description\",\n default_lease_ttl_seconds=3600,\n max_lease_ttl_seconds=7200,\n address=\"https://127.0.0.1:4646\",\n token=\"ae20ceaa-...\")\ntest = vault.NomadSecretRole(\"test\",\n backend=config.backend,\n role=\"test\",\n type=\"client\",\n policies=[\"readonly\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Vault.NomadSecretBackend(\"config\", new()\n {\n Backend = \"nomad\",\n Description = \"test description\",\n DefaultLeaseTtlSeconds = 3600,\n MaxLeaseTtlSeconds = 7200,\n Address = \"https://127.0.0.1:4646\",\n Token = \"ae20ceaa-...\",\n });\n\n var test = new Vault.NomadSecretRole(\"test\", new()\n {\n Backend = config.Backend,\n Role = \"test\",\n Type = \"client\",\n Policies = new[]\n {\n \"readonly\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tconfig, err := vault.NewNomadSecretBackend(ctx, \"config\", \u0026vault.NomadSecretBackendArgs{\n\t\t\tBackend: pulumi.String(\"nomad\"),\n\t\t\tDescription: pulumi.String(\"test description\"),\n\t\t\tDefaultLeaseTtlSeconds: pulumi.Int(3600),\n\t\t\tMaxLeaseTtlSeconds: pulumi.Int(7200),\n\t\t\tAddress: pulumi.String(\"https://127.0.0.1:4646\"),\n\t\t\tToken: pulumi.String(\"ae20ceaa-...\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = vault.NewNomadSecretRole(ctx, \"test\", \u0026vault.NomadSecretRoleArgs{\n\t\t\tBackend: config.Backend,\n\t\t\tRole: pulumi.String(\"test\"),\n\t\t\tType: pulumi.String(\"client\"),\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"readonly\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.NomadSecretBackend;\nimport com.pulumi.vault.NomadSecretBackendArgs;\nimport com.pulumi.vault.NomadSecretRole;\nimport com.pulumi.vault.NomadSecretRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var config = new NomadSecretBackend(\"config\", NomadSecretBackendArgs.builder() \n .backend(\"nomad\")\n .description(\"test description\")\n .defaultLeaseTtlSeconds(\"3600\")\n .maxLeaseTtlSeconds(\"7200\")\n .address(\"https://127.0.0.1:4646\")\n .token(\"ae20ceaa-...\")\n .build());\n\n var test = new NomadSecretRole(\"test\", NomadSecretRoleArgs.builder() \n .backend(config.backend())\n .role(\"test\")\n .type(\"client\")\n .policies(\"readonly\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n config:\n type: vault:NomadSecretBackend\n properties:\n backend: nomad\n description: test description\n defaultLeaseTtlSeconds: '3600'\n maxLeaseTtlSeconds: '7200'\n address: https://127.0.0.1:4646\n token: ae20ceaa-...\n test:\n type: vault:NomadSecretRole\n properties:\n backend: ${config.backend}\n role: test\n type: client\n policies:\n - readonly\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nNomad secret role can be imported using the `backend`, e.g.\n\n```sh\n $ pulumi import vault:index/nomadSecretRole:NomadSecretRole bob nomad/role/bob\n```\n ", "properties": { "backend": { "type": "string", @@ -19475,7 +16698,7 @@ } }, "vault:index/passwordPolicy:PasswordPolicy": { - "description": "Provides a resource to manage Password Policies \n\n**Note** this feature is available only Vault 1.5+ \n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst alphanumeric = new vault.PasswordPolicy(\"alphanumeric\", {\n policy: ` length = 20\n rule \"charset\" {\n charset = \"abcdefghijklmnopqrstuvwxyz0123456789\"\n }\n `,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nalphanumeric = vault.PasswordPolicy(\"alphanumeric\", policy=\"\"\" length = 20\n rule \"charset\" {\n charset = \"abcdefghijklmnopqrstuvwxyz0123456789\"\n }\n \n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var alphanumeric = new Vault.PasswordPolicy(\"alphanumeric\", new()\n {\n Policy = @\" length = 20\n rule \"\"charset\"\" {\n charset = \"\"abcdefghijklmnopqrstuvwxyz0123456789\"\"\n }\n \n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewPasswordPolicy(ctx, \"alphanumeric\", \u0026vault.PasswordPolicyArgs{\n\t\t\tPolicy: pulumi.String(\" length = 20\\n rule \\\"charset\\\" {\\n charset = \\\"abcdefghijklmnopqrstuvwxyz0123456789\\\"\\n }\\n \\n\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.PasswordPolicy;\nimport com.pulumi.vault.PasswordPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var alphanumeric = new PasswordPolicy(\"alphanumeric\", PasswordPolicyArgs.builder() \n .policy(\"\"\"\n length = 20\n rule \"charset\" {\n charset = \"abcdefghijklmnopqrstuvwxyz0123456789\"\n }\n \n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n alphanumeric:\n type: vault:PasswordPolicy\n properties:\n policy: \" length = 20\\n rule \\\"charset\\\" {\\n charset = \\\"abcdefghijklmnopqrstuvwxyz0123456789\\\"\\n }\\n \\n\"\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nPassword policies can be imported using the `name`, e.g.\n\n```sh\n $ pulumi import vault:index/passwordPolicy:PasswordPolicy alphanumeric alphanumeric\n```\n\n ", + "description": "Provides a resource to manage Password Policies \n\n**Note** this feature is available only Vault 1.5+ \n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst alphanumeric = new vault.PasswordPolicy(\"alphanumeric\", {policy: ` length = 20\n rule \"charset\" {\n charset = \"abcdefghijklmnopqrstuvwxyz0123456789\"\n }\n \n`});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nalphanumeric = vault.PasswordPolicy(\"alphanumeric\", policy=\"\"\" length = 20\n rule \"charset\" {\n charset = \"abcdefghijklmnopqrstuvwxyz0123456789\"\n }\n \n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var alphanumeric = new Vault.PasswordPolicy(\"alphanumeric\", new()\n {\n Policy = @\" length = 20\n rule \"\"charset\"\" {\n charset = \"\"abcdefghijklmnopqrstuvwxyz0123456789\"\"\n }\n \n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewPasswordPolicy(ctx, \"alphanumeric\", \u0026vault.PasswordPolicyArgs{\n\t\t\tPolicy: pulumi.String(` length = 20\n rule \"charset\" {\n charset = \"abcdefghijklmnopqrstuvwxyz0123456789\"\n }\n \n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.PasswordPolicy;\nimport com.pulumi.vault.PasswordPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var alphanumeric = new PasswordPolicy(\"alphanumeric\", PasswordPolicyArgs.builder() \n .policy(\"\"\"\n length = 20\n rule \"charset\" {\n charset = \"abcdefghijklmnopqrstuvwxyz0123456789\"\n }\n \n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n alphanumeric:\n type: vault:PasswordPolicy\n properties:\n policy: \" length = 20\\n rule \\\"charset\\\" {\\n charset = \\\"abcdefghijklmnopqrstuvwxyz0123456789\\\"\\n }\\n \\n\"\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nPassword policies can be imported using the `name`, e.g.\n\n```sh\n $ pulumi import vault:index/passwordPolicy:PasswordPolicy alphanumeric alphanumeric\n```\n ", "properties": { "name": { "type": "string", @@ -19535,7 +16758,7 @@ } }, "vault:index/policy:Policy": { - "description": "\n\n\n## Import\n\nPolicies can be imported using the `name`, e.g.\n\n```sh\n $ pulumi import vault:index/policy:Policy example dev-team\n```\n\n ", + "description": "\n\n\n## Import\n\nPolicies can be imported using the `name`, e.g.\n\n```sh\n $ pulumi import vault:index/policy:Policy example dev-team\n```\n ", "properties": { "name": { "type": "string", @@ -19610,7 +16833,7 @@ } }, "vault:index/quotaLeaseCount:QuotaLeaseCount": { - "description": "Manage lease count quotas which enforce the number of leases that can be created.\nA lease count quota can be created at the root level or defined on a namespace or mount by\nspecifying a path when creating the quota.\n\nSee [Vault's Documentation](https://www.vaultproject.io/docs/enterprise/lease-count-quotas) for more\ninformation. \n\n**Note** this feature is available only with Vault Enterprise.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst global = new vault.QuotaLeaseCount(\"global\", {\n maxLeases: 100,\n path: \"\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nglobal_ = vault.QuotaLeaseCount(\"global\",\n max_leases=100,\n path=\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @global = new Vault.QuotaLeaseCount(\"global\", new()\n {\n MaxLeases = 100,\n Path = \"\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewQuotaLeaseCount(ctx, \"global\", \u0026vault.QuotaLeaseCountArgs{\n\t\t\tMaxLeases: pulumi.Int(100),\n\t\t\tPath: pulumi.String(\"\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.QuotaLeaseCount;\nimport com.pulumi.vault.QuotaLeaseCountArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var global = new QuotaLeaseCount(\"global\", QuotaLeaseCountArgs.builder() \n .maxLeases(100)\n .path(\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n global:\n type: vault:QuotaLeaseCount\n properties:\n maxLeases: 100\n path:\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nLease count quotas can be imported using their names\n\n```sh\n $ pulumi import vault:index/quotaLeaseCount:QuotaLeaseCount global global\n```\n\n ", + "description": "Manage lease count quotas which enforce the number of leases that can be created.\nA lease count quota can be created at the root level or defined on a namespace or mount by\nspecifying a path when creating the quota.\n\nSee [Vault's Documentation](https://www.vaultproject.io/docs/enterprise/lease-count-quotas) for more\ninformation. \n\n**Note** this feature is available only with Vault Enterprise.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst global = new vault.QuotaLeaseCount(\"global\", {\n maxLeases: 100,\n path: \"\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nglobal_ = vault.QuotaLeaseCount(\"global\",\n max_leases=100,\n path=\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @global = new Vault.QuotaLeaseCount(\"global\", new()\n {\n MaxLeases = 100,\n Path = \"\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewQuotaLeaseCount(ctx, \"global\", \u0026vault.QuotaLeaseCountArgs{\n\t\t\tMaxLeases: pulumi.Int(100),\n\t\t\tPath: pulumi.String(\"\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.QuotaLeaseCount;\nimport com.pulumi.vault.QuotaLeaseCountArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var global = new QuotaLeaseCount(\"global\", QuotaLeaseCountArgs.builder() \n .maxLeases(100)\n .path(\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n global:\n type: vault:QuotaLeaseCount\n properties:\n maxLeases: 100\n path:\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nLease count quotas can be imported using their names\n\n```sh\n $ pulumi import vault:index/quotaLeaseCount:QuotaLeaseCount global global\n```\n ", "properties": { "maxLeases": { "type": "integer", @@ -19694,7 +16917,7 @@ } }, "vault:index/quotaRateLimit:QuotaRateLimit": { - "description": "Manage rate limit quotas which enforce API rate limiting using a token bucket algorithm.\nA rate limit quota can be created at the root level or defined on a namespace or mount by\nspecifying a path when creating the quota.\n\nSee [Vault's Documentation](https://www.vaultproject.io/docs/concepts/resource-quotas) for more\ninformation.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst global = new vault.QuotaRateLimit(\"global\", {\n path: \"\",\n rate: 100,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nglobal_ = vault.QuotaRateLimit(\"global\",\n path=\"\",\n rate=100)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @global = new Vault.QuotaRateLimit(\"global\", new()\n {\n Path = \"\",\n Rate = 100,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewQuotaRateLimit(ctx, \"global\", \u0026vault.QuotaRateLimitArgs{\n\t\t\tPath: pulumi.String(\"\"),\n\t\t\tRate: pulumi.Float64(100),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.QuotaRateLimit;\nimport com.pulumi.vault.QuotaRateLimitArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var global = new QuotaRateLimit(\"global\", QuotaRateLimitArgs.builder() \n .path(\"\")\n .rate(100)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n global:\n type: vault:QuotaRateLimit\n properties:\n path:\n rate: 100\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nRate limit quotas can be imported using their names\n\n```sh\n $ pulumi import vault:index/quotaRateLimit:QuotaRateLimit global global\n```\n\n ", + "description": "Manage rate limit quotas which enforce API rate limiting using a token bucket algorithm.\nA rate limit quota can be created at the root level or defined on a namespace or mount by\nspecifying a path when creating the quota.\n\nSee [Vault's Documentation](https://www.vaultproject.io/docs/concepts/resource-quotas) for more\ninformation.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst global = new vault.QuotaRateLimit(\"global\", {\n path: \"\",\n rate: 100,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nglobal_ = vault.QuotaRateLimit(\"global\",\n path=\"\",\n rate=100)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @global = new Vault.QuotaRateLimit(\"global\", new()\n {\n Path = \"\",\n Rate = 100,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewQuotaRateLimit(ctx, \"global\", \u0026vault.QuotaRateLimitArgs{\n\t\t\tPath: pulumi.String(\"\"),\n\t\t\tRate: pulumi.Float64(100),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.QuotaRateLimit;\nimport com.pulumi.vault.QuotaRateLimitArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var global = new QuotaRateLimit(\"global\", QuotaRateLimitArgs.builder() \n .path(\"\")\n .rate(100)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n global:\n type: vault:QuotaRateLimit\n properties:\n path:\n rate: 100\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nRate limit quotas can be imported using their names\n\n```sh\n $ pulumi import vault:index/quotaRateLimit:QuotaRateLimit global global\n```\n ", "properties": { "blockInterval": { "type": "integer", @@ -19805,7 +17028,7 @@ } }, "vault:index/raftAutopilot:RaftAutopilot": { - "description": "Autopilot enables automated workflows for managing Raft clusters. The \ncurrent feature set includes 3 main features: Server Stabilization, Dead \nServer Cleanup and State API. **These three features are introduced in \nVault 1.7.**\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst autopilot = new vault.RaftAutopilot(\"autopilot\", {\n cleanupDeadServers: true,\n deadServerLastContactThreshold: \"24h0m0s\",\n lastContactThreshold: \"10s\",\n maxTrailingLogs: 1000,\n minQuorum: 3,\n serverStabilizationTime: \"10s\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nautopilot = vault.RaftAutopilot(\"autopilot\",\n cleanup_dead_servers=True,\n dead_server_last_contact_threshold=\"24h0m0s\",\n last_contact_threshold=\"10s\",\n max_trailing_logs=1000,\n min_quorum=3,\n server_stabilization_time=\"10s\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var autopilot = new Vault.RaftAutopilot(\"autopilot\", new()\n {\n CleanupDeadServers = true,\n DeadServerLastContactThreshold = \"24h0m0s\",\n LastContactThreshold = \"10s\",\n MaxTrailingLogs = 1000,\n MinQuorum = 3,\n ServerStabilizationTime = \"10s\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewRaftAutopilot(ctx, \"autopilot\", \u0026vault.RaftAutopilotArgs{\n\t\t\tCleanupDeadServers: pulumi.Bool(true),\n\t\t\tDeadServerLastContactThreshold: pulumi.String(\"24h0m0s\"),\n\t\t\tLastContactThreshold: pulumi.String(\"10s\"),\n\t\t\tMaxTrailingLogs: pulumi.Int(1000),\n\t\t\tMinQuorum: pulumi.Int(3),\n\t\t\tServerStabilizationTime: pulumi.String(\"10s\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.RaftAutopilot;\nimport com.pulumi.vault.RaftAutopilotArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var autopilot = new RaftAutopilot(\"autopilot\", RaftAutopilotArgs.builder() \n .cleanupDeadServers(true)\n .deadServerLastContactThreshold(\"24h0m0s\")\n .lastContactThreshold(\"10s\")\n .maxTrailingLogs(1000)\n .minQuorum(3)\n .serverStabilizationTime(\"10s\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n autopilot:\n type: vault:RaftAutopilot\n properties:\n cleanupDeadServers: true\n deadServerLastContactThreshold: 24h0m0s\n lastContactThreshold: 10s\n maxTrailingLogs: 1000\n minQuorum: 3\n serverStabilizationTime: 10s\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nRaft Autopilot config can be imported using the ID, e.g.\n\n```sh\n $ pulumi import vault:index/raftAutopilot:RaftAutopilot autopilot sys/storage/raft/autopilot/configuration\n```\n\n ", + "description": "Autopilot enables automated workflows for managing Raft clusters. The \ncurrent feature set includes 3 main features: Server Stabilization, Dead \nServer Cleanup and State API. **These three features are introduced in \nVault 1.7.**\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst autopilot = new vault.RaftAutopilot(\"autopilot\", {\n cleanupDeadServers: true,\n deadServerLastContactThreshold: \"24h0m0s\",\n lastContactThreshold: \"10s\",\n maxTrailingLogs: 1000,\n minQuorum: 3,\n serverStabilizationTime: \"10s\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nautopilot = vault.RaftAutopilot(\"autopilot\",\n cleanup_dead_servers=True,\n dead_server_last_contact_threshold=\"24h0m0s\",\n last_contact_threshold=\"10s\",\n max_trailing_logs=1000,\n min_quorum=3,\n server_stabilization_time=\"10s\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var autopilot = new Vault.RaftAutopilot(\"autopilot\", new()\n {\n CleanupDeadServers = true,\n DeadServerLastContactThreshold = \"24h0m0s\",\n LastContactThreshold = \"10s\",\n MaxTrailingLogs = 1000,\n MinQuorum = 3,\n ServerStabilizationTime = \"10s\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewRaftAutopilot(ctx, \"autopilot\", \u0026vault.RaftAutopilotArgs{\n\t\t\tCleanupDeadServers: pulumi.Bool(true),\n\t\t\tDeadServerLastContactThreshold: pulumi.String(\"24h0m0s\"),\n\t\t\tLastContactThreshold: pulumi.String(\"10s\"),\n\t\t\tMaxTrailingLogs: pulumi.Int(1000),\n\t\t\tMinQuorum: pulumi.Int(3),\n\t\t\tServerStabilizationTime: pulumi.String(\"10s\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.RaftAutopilot;\nimport com.pulumi.vault.RaftAutopilotArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var autopilot = new RaftAutopilot(\"autopilot\", RaftAutopilotArgs.builder() \n .cleanupDeadServers(true)\n .deadServerLastContactThreshold(\"24h0m0s\")\n .lastContactThreshold(\"10s\")\n .maxTrailingLogs(1000)\n .minQuorum(3)\n .serverStabilizationTime(\"10s\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n autopilot:\n type: vault:RaftAutopilot\n properties:\n cleanupDeadServers: true\n deadServerLastContactThreshold: 24h0m0s\n lastContactThreshold: 10s\n maxTrailingLogs: 1000\n minQuorum: 3\n serverStabilizationTime: 10s\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nRaft Autopilot config can be imported using the ID, e.g.\n\n```sh\n $ pulumi import vault:index/raftAutopilot:RaftAutopilot autopilot sys/storage/raft/autopilot/configuration\n```\n ", "properties": { "cleanupDeadServers": { "type": "boolean", @@ -19916,7 +17139,7 @@ } }, "vault:index/raftSnapshotAgentConfig:RaftSnapshotAgentConfig": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n### Local Storage\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst localBackups = new vault.RaftSnapshotAgentConfig(\"local_backups\", {\n intervalSeconds: 86400, // 24h\n // Storage Type Configuration\n localMaxSpace: 10000000,\n pathPrefix: \"/opt/vault/snapshots/\",\n retain: 7,\n storageType: \"local\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nlocal_backups = vault.RaftSnapshotAgentConfig(\"localBackups\",\n interval_seconds=86400,\n local_max_space=10000000,\n path_prefix=\"/opt/vault/snapshots/\",\n retain=7,\n storage_type=\"local\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var localBackups = new Vault.RaftSnapshotAgentConfig(\"localBackups\", new()\n {\n IntervalSeconds = 86400,\n LocalMaxSpace = 10000000,\n PathPrefix = \"/opt/vault/snapshots/\",\n Retain = 7,\n StorageType = \"local\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewRaftSnapshotAgentConfig(ctx, \"localBackups\", \u0026vault.RaftSnapshotAgentConfigArgs{\n\t\t\tIntervalSeconds: pulumi.Int(86400),\n\t\t\tLocalMaxSpace: pulumi.Int(10000000),\n\t\t\tPathPrefix: pulumi.String(\"/opt/vault/snapshots/\"),\n\t\t\tRetain: pulumi.Int(7),\n\t\t\tStorageType: pulumi.String(\"local\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.RaftSnapshotAgentConfig;\nimport com.pulumi.vault.RaftSnapshotAgentConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var localBackups = new RaftSnapshotAgentConfig(\"localBackups\", RaftSnapshotAgentConfigArgs.builder() \n .intervalSeconds(86400)\n .localMaxSpace(10000000)\n .pathPrefix(\"/opt/vault/snapshots/\")\n .retain(7)\n .storageType(\"local\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n localBackups:\n type: vault:RaftSnapshotAgentConfig\n properties:\n intervalSeconds: 86400\n # 24h\n # // Storage Type Configuration\n localMaxSpace: 1e+07\n pathPrefix: /opt/vault/snapshots/\n retain: 7\n storageType: local\n```\n{{% /example %}}\n{{% example %}}\n### AWS S3\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new pulumi.Config();\nconst awsAccessKeyId = config.requireObject(\"awsAccessKeyId\");\nconst awsSecretAccessKey = config.requireObject(\"awsSecretAccessKey\");\nconst current = aws.getRegion({});\nconst s3Backups = new vault.RaftSnapshotAgentConfig(\"s3Backups\", {\n intervalSeconds: 86400,\n retain: 7,\n pathPrefix: \"/path/in/bucket\",\n storageType: \"aws-s3\",\n awsS3Bucket: \"my-bucket\",\n awsS3Region: current.then(current =\u003e current.name),\n awsAccessKeyId: awsAccessKeyId,\n awsSecretAccessKey: awsSecretAccessKey,\n awsS3EnableKms: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_vault as vault\n\nconfig = pulumi.Config()\naws_access_key_id = config.require_object(\"awsAccessKeyId\")\naws_secret_access_key = config.require_object(\"awsSecretAccessKey\")\ncurrent = aws.get_region()\ns3_backups = vault.RaftSnapshotAgentConfig(\"s3Backups\",\n interval_seconds=86400,\n retain=7,\n path_prefix=\"/path/in/bucket\",\n storage_type=\"aws-s3\",\n aws_s3_bucket=\"my-bucket\",\n aws_s3_region=current.name,\n aws_access_key_id=aws_access_key_id,\n aws_secret_access_key=aws_secret_access_key,\n aws_s3_enable_kms=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var awsAccessKeyId = config.RequireObject\u003cdynamic\u003e(\"awsAccessKeyId\");\n var awsSecretAccessKey = config.RequireObject\u003cdynamic\u003e(\"awsSecretAccessKey\");\n var current = Aws.GetRegion.Invoke();\n\n var s3Backups = new Vault.RaftSnapshotAgentConfig(\"s3Backups\", new()\n {\n IntervalSeconds = 86400,\n Retain = 7,\n PathPrefix = \"/path/in/bucket\",\n StorageType = \"aws-s3\",\n AwsS3Bucket = \"my-bucket\",\n AwsS3Region = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n AwsAccessKeyId = awsAccessKeyId,\n AwsSecretAccessKey = awsSecretAccessKey,\n AwsS3EnableKms = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v5/go/aws\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tawsAccessKeyId := cfg.RequireObject(\"awsAccessKeyId\")\n\t\tawsSecretAccessKey := cfg.RequireObject(\"awsSecretAccessKey\")\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = vault.NewRaftSnapshotAgentConfig(ctx, \"s3Backups\", \u0026vault.RaftSnapshotAgentConfigArgs{\n\t\t\tIntervalSeconds: pulumi.Int(86400),\n\t\t\tRetain: pulumi.Int(7),\n\t\t\tPathPrefix: pulumi.String(\"/path/in/bucket\"),\n\t\t\tStorageType: pulumi.String(\"aws-s3\"),\n\t\t\tAwsS3Bucket: pulumi.String(\"my-bucket\"),\n\t\t\tAwsS3Region: pulumi.String(current.Name),\n\t\t\tAwsAccessKeyId: pulumi.Any(awsAccessKeyId),\n\t\t\tAwsSecretAccessKey: pulumi.Any(awsSecretAccessKey),\n\t\t\tAwsS3EnableKms: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.vault.RaftSnapshotAgentConfig;\nimport com.pulumi.vault.RaftSnapshotAgentConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var awsAccessKeyId = config.get(\"awsAccessKeyId\");\n final var awsSecretAccessKey = config.get(\"awsSecretAccessKey\");\n final var current = AwsFunctions.getRegion();\n\n var s3Backups = new RaftSnapshotAgentConfig(\"s3Backups\", RaftSnapshotAgentConfigArgs.builder() \n .intervalSeconds(86400)\n .retain(7)\n .pathPrefix(\"/path/in/bucket\")\n .storageType(\"aws-s3\")\n .awsS3Bucket(\"my-bucket\")\n .awsS3Region(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .awsAccessKeyId(awsAccessKeyId)\n .awsSecretAccessKey(awsSecretAccessKey)\n .awsS3EnableKms(true)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n awsAccessKeyId:\n type: dynamic\n awsSecretAccessKey:\n type: dynamic\nresources:\n s3Backups:\n type: vault:RaftSnapshotAgentConfig\n properties:\n intervalSeconds: 86400\n # 24h\n retain: 7\n pathPrefix: /path/in/bucket\n storageType: aws-s3\n # Storage Type Configuration\n awsS3Bucket: my-bucket\n awsS3Region: ${current.name}\n awsAccessKeyId: ${awsAccessKeyId}\n awsSecretAccessKey: ${awsSecretAccessKey}\n awsS3EnableKms: true\nvariables:\n current:\n Fn::Invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n{{% /example %}}\n{{% example %}}\n### Azure BLOB\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new pulumi.Config();\nconst azureAccountName = config.requireObject(\"azureAccountName\");\nconst azureAccountKey = config.requireObject(\"azureAccountKey\");\nconst azureBackups = new vault.RaftSnapshotAgentConfig(\"azureBackups\", {\n intervalSeconds: 86400,\n retain: 7,\n pathPrefix: \"/\",\n storageType: \"azure-blob\",\n azureContainerName: \"vault-blob\",\n azureAccountName: azureAccountName,\n azureAccountKey: azureAccountKey,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nconfig = pulumi.Config()\nazure_account_name = config.require_object(\"azureAccountName\")\nazure_account_key = config.require_object(\"azureAccountKey\")\nazure_backups = vault.RaftSnapshotAgentConfig(\"azureBackups\",\n interval_seconds=86400,\n retain=7,\n path_prefix=\"/\",\n storage_type=\"azure-blob\",\n azure_container_name=\"vault-blob\",\n azure_account_name=azure_account_name,\n azure_account_key=azure_account_key)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var azureAccountName = config.RequireObject\u003cdynamic\u003e(\"azureAccountName\");\n var azureAccountKey = config.RequireObject\u003cdynamic\u003e(\"azureAccountKey\");\n var azureBackups = new Vault.RaftSnapshotAgentConfig(\"azureBackups\", new()\n {\n IntervalSeconds = 86400,\n Retain = 7,\n PathPrefix = \"/\",\n StorageType = \"azure-blob\",\n AzureContainerName = \"vault-blob\",\n AzureAccountName = azureAccountName,\n AzureAccountKey = azureAccountKey,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tazureAccountName := cfg.RequireObject(\"azureAccountName\")\n\t\tazureAccountKey := cfg.RequireObject(\"azureAccountKey\")\n\t\t_, err := vault.NewRaftSnapshotAgentConfig(ctx, \"azureBackups\", \u0026vault.RaftSnapshotAgentConfigArgs{\n\t\t\tIntervalSeconds: pulumi.Int(86400),\n\t\t\tRetain: pulumi.Int(7),\n\t\t\tPathPrefix: pulumi.String(\"/\"),\n\t\t\tStorageType: pulumi.String(\"azure-blob\"),\n\t\t\tAzureContainerName: pulumi.String(\"vault-blob\"),\n\t\t\tAzureAccountName: pulumi.Any(azureAccountName),\n\t\t\tAzureAccountKey: pulumi.Any(azureAccountKey),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.RaftSnapshotAgentConfig;\nimport com.pulumi.vault.RaftSnapshotAgentConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var azureAccountName = config.get(\"azureAccountName\");\n final var azureAccountKey = config.get(\"azureAccountKey\");\n var azureBackups = new RaftSnapshotAgentConfig(\"azureBackups\", RaftSnapshotAgentConfigArgs.builder() \n .intervalSeconds(86400)\n .retain(7)\n .pathPrefix(\"/\")\n .storageType(\"azure-blob\")\n .azureContainerName(\"vault-blob\")\n .azureAccountName(azureAccountName)\n .azureAccountKey(azureAccountKey)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n azureAccountName:\n type: dynamic\n azureAccountKey:\n type: dynamic\nresources:\n azureBackups:\n type: vault:RaftSnapshotAgentConfig\n properties:\n intervalSeconds: 86400\n # 24h\n retain: 7\n pathPrefix: /\n storageType: azure-blob\n # Storage Type Configuration\n azureContainerName: vault-blob\n azureAccountName: ${azureAccountName}\n azureAccountKey: ${azureAccountKey}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nRaft Snapshot Agent Configurations can be imported using the `name`, e.g.\n\n```sh\n $ pulumi import vault:index/raftSnapshotAgentConfig:RaftSnapshotAgentConfig local local\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n### Local Storage\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst localBackups = new vault.RaftSnapshotAgentConfig(\"localBackups\", {\n intervalSeconds: 86400,\n localMaxSpace: 10000000,\n pathPrefix: \"/opt/vault/snapshots/\",\n retain: 7,\n storageType: \"local\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nlocal_backups = vault.RaftSnapshotAgentConfig(\"localBackups\",\n interval_seconds=86400,\n local_max_space=10000000,\n path_prefix=\"/opt/vault/snapshots/\",\n retain=7,\n storage_type=\"local\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var localBackups = new Vault.RaftSnapshotAgentConfig(\"localBackups\", new()\n {\n IntervalSeconds = 86400,\n LocalMaxSpace = 10000000,\n PathPrefix = \"/opt/vault/snapshots/\",\n Retain = 7,\n StorageType = \"local\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewRaftSnapshotAgentConfig(ctx, \"localBackups\", \u0026vault.RaftSnapshotAgentConfigArgs{\n\t\t\tIntervalSeconds: pulumi.Int(86400),\n\t\t\tLocalMaxSpace: pulumi.Int(10000000),\n\t\t\tPathPrefix: pulumi.String(\"/opt/vault/snapshots/\"),\n\t\t\tRetain: pulumi.Int(7),\n\t\t\tStorageType: pulumi.String(\"local\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.RaftSnapshotAgentConfig;\nimport com.pulumi.vault.RaftSnapshotAgentConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var localBackups = new RaftSnapshotAgentConfig(\"localBackups\", RaftSnapshotAgentConfigArgs.builder() \n .intervalSeconds(86400)\n .localMaxSpace(10000000)\n .pathPrefix(\"/opt/vault/snapshots/\")\n .retain(7)\n .storageType(\"local\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n localBackups:\n type: vault:RaftSnapshotAgentConfig\n properties:\n intervalSeconds: 86400\n # 24h\n # // Storage Type Configuration\n localMaxSpace: 1e+07\n pathPrefix: /opt/vault/snapshots/\n retain: 7\n storageType: local\n```\n{{% /example %}}\n{{% example %}}\n### AWS S3\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new pulumi.Config();\nconst awsAccessKeyId = config.requireObject(\"awsAccessKeyId\");\nconst awsSecretAccessKey = config.requireObject(\"awsSecretAccessKey\");\nconst current = aws.getRegion({});\nconst s3Backups = new vault.RaftSnapshotAgentConfig(\"s3Backups\", {\n intervalSeconds: 86400,\n retain: 7,\n pathPrefix: \"/path/in/bucket\",\n storageType: \"aws-s3\",\n awsS3Bucket: \"my-bucket\",\n awsS3Region: current.then(current =\u003e current.name),\n awsAccessKeyId: awsAccessKeyId,\n awsSecretAccessKey: awsSecretAccessKey,\n awsS3EnableKms: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_vault as vault\n\nconfig = pulumi.Config()\naws_access_key_id = config.require_object(\"awsAccessKeyId\")\naws_secret_access_key = config.require_object(\"awsSecretAccessKey\")\ncurrent = aws.get_region()\ns3_backups = vault.RaftSnapshotAgentConfig(\"s3Backups\",\n interval_seconds=86400,\n retain=7,\n path_prefix=\"/path/in/bucket\",\n storage_type=\"aws-s3\",\n aws_s3_bucket=\"my-bucket\",\n aws_s3_region=current.name,\n aws_access_key_id=aws_access_key_id,\n aws_secret_access_key=aws_secret_access_key,\n aws_s3_enable_kms=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var awsAccessKeyId = config.RequireObject\u003cdynamic\u003e(\"awsAccessKeyId\");\n var awsSecretAccessKey = config.RequireObject\u003cdynamic\u003e(\"awsSecretAccessKey\");\n var current = Aws.GetRegion.Invoke();\n\n var s3Backups = new Vault.RaftSnapshotAgentConfig(\"s3Backups\", new()\n {\n IntervalSeconds = 86400,\n Retain = 7,\n PathPrefix = \"/path/in/bucket\",\n StorageType = \"aws-s3\",\n AwsS3Bucket = \"my-bucket\",\n AwsS3Region = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n AwsAccessKeyId = awsAccessKeyId,\n AwsSecretAccessKey = awsSecretAccessKey,\n AwsS3EnableKms = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v5/go/aws\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tawsAccessKeyId := cfg.RequireObject(\"awsAccessKeyId\")\n\t\tawsSecretAccessKey := cfg.RequireObject(\"awsSecretAccessKey\")\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = vault.NewRaftSnapshotAgentConfig(ctx, \"s3Backups\", \u0026vault.RaftSnapshotAgentConfigArgs{\n\t\t\tIntervalSeconds: pulumi.Int(86400),\n\t\t\tRetain: pulumi.Int(7),\n\t\t\tPathPrefix: pulumi.String(\"/path/in/bucket\"),\n\t\t\tStorageType: pulumi.String(\"aws-s3\"),\n\t\t\tAwsS3Bucket: pulumi.String(\"my-bucket\"),\n\t\t\tAwsS3Region: *pulumi.String(current.Name),\n\t\t\tAwsAccessKeyId: pulumi.Any(awsAccessKeyId),\n\t\t\tAwsSecretAccessKey: pulumi.Any(awsSecretAccessKey),\n\t\t\tAwsS3EnableKms: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.vault.RaftSnapshotAgentConfig;\nimport com.pulumi.vault.RaftSnapshotAgentConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var awsAccessKeyId = config.get(\"awsAccessKeyId\");\n final var awsSecretAccessKey = config.get(\"awsSecretAccessKey\");\n final var current = AwsFunctions.getRegion();\n\n var s3Backups = new RaftSnapshotAgentConfig(\"s3Backups\", RaftSnapshotAgentConfigArgs.builder() \n .intervalSeconds(86400)\n .retain(7)\n .pathPrefix(\"/path/in/bucket\")\n .storageType(\"aws-s3\")\n .awsS3Bucket(\"my-bucket\")\n .awsS3Region(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .awsAccessKeyId(awsAccessKeyId)\n .awsSecretAccessKey(awsSecretAccessKey)\n .awsS3EnableKms(true)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n awsAccessKeyId:\n type: dynamic\n awsSecretAccessKey:\n type: dynamic\nresources:\n s3Backups:\n type: vault:RaftSnapshotAgentConfig\n properties:\n intervalSeconds: 86400\n # 24h\n retain: 7\n pathPrefix: /path/in/bucket\n storageType: aws-s3\n # Storage Type Configuration\n awsS3Bucket: my-bucket\n awsS3Region: ${current.name}\n awsAccessKeyId: ${awsAccessKeyId}\n awsSecretAccessKey: ${awsSecretAccessKey}\n awsS3EnableKms: true\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n{{% /example %}}\n{{% example %}}\n### Azure BLOB\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new pulumi.Config();\nconst azureAccountName = config.requireObject(\"azureAccountName\");\nconst azureAccountKey = config.requireObject(\"azureAccountKey\");\nconst azureBackups = new vault.RaftSnapshotAgentConfig(\"azureBackups\", {\n intervalSeconds: 86400,\n retain: 7,\n pathPrefix: \"/\",\n storageType: \"azure-blob\",\n azureContainerName: \"vault-blob\",\n azureAccountName: azureAccountName,\n azureAccountKey: azureAccountKey,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nconfig = pulumi.Config()\nazure_account_name = config.require_object(\"azureAccountName\")\nazure_account_key = config.require_object(\"azureAccountKey\")\nazure_backups = vault.RaftSnapshotAgentConfig(\"azureBackups\",\n interval_seconds=86400,\n retain=7,\n path_prefix=\"/\",\n storage_type=\"azure-blob\",\n azure_container_name=\"vault-blob\",\n azure_account_name=azure_account_name,\n azure_account_key=azure_account_key)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var azureAccountName = config.RequireObject\u003cdynamic\u003e(\"azureAccountName\");\n var azureAccountKey = config.RequireObject\u003cdynamic\u003e(\"azureAccountKey\");\n var azureBackups = new Vault.RaftSnapshotAgentConfig(\"azureBackups\", new()\n {\n IntervalSeconds = 86400,\n Retain = 7,\n PathPrefix = \"/\",\n StorageType = \"azure-blob\",\n AzureContainerName = \"vault-blob\",\n AzureAccountName = azureAccountName,\n AzureAccountKey = azureAccountKey,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tazureAccountName := cfg.RequireObject(\"azureAccountName\")\n\t\tazureAccountKey := cfg.RequireObject(\"azureAccountKey\")\n\t\t_, err := vault.NewRaftSnapshotAgentConfig(ctx, \"azureBackups\", \u0026vault.RaftSnapshotAgentConfigArgs{\n\t\t\tIntervalSeconds: pulumi.Int(86400),\n\t\t\tRetain: pulumi.Int(7),\n\t\t\tPathPrefix: pulumi.String(\"/\"),\n\t\t\tStorageType: pulumi.String(\"azure-blob\"),\n\t\t\tAzureContainerName: pulumi.String(\"vault-blob\"),\n\t\t\tAzureAccountName: pulumi.Any(azureAccountName),\n\t\t\tAzureAccountKey: pulumi.Any(azureAccountKey),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.RaftSnapshotAgentConfig;\nimport com.pulumi.vault.RaftSnapshotAgentConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var azureAccountName = config.get(\"azureAccountName\");\n final var azureAccountKey = config.get(\"azureAccountKey\");\n var azureBackups = new RaftSnapshotAgentConfig(\"azureBackups\", RaftSnapshotAgentConfigArgs.builder() \n .intervalSeconds(86400)\n .retain(7)\n .pathPrefix(\"/\")\n .storageType(\"azure-blob\")\n .azureContainerName(\"vault-blob\")\n .azureAccountName(azureAccountName)\n .azureAccountKey(azureAccountKey)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n azureAccountName:\n type: dynamic\n azureAccountKey:\n type: dynamic\nresources:\n azureBackups:\n type: vault:RaftSnapshotAgentConfig\n properties:\n intervalSeconds: 86400\n # 24h\n retain: 7\n pathPrefix: /\n storageType: azure-blob\n # Storage Type Configuration\n azureContainerName: vault-blob\n azureAccountName: ${azureAccountName}\n azureAccountKey: ${azureAccountKey}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nRaft Snapshot Agent Configurations can be imported using the `name`, e.g.\n\n```sh\n $ pulumi import vault:index/raftSnapshotAgentConfig:RaftSnapshotAgentConfig local local\n```\n ", "properties": { "awsAccessKeyId": { "type": "string", @@ -20000,7 +17223,7 @@ }, "googleServiceAccountKey": { "type": "string", - "description": "Google service account key in JSON format. \nThe raw value looks like this:\n" + "description": "Google service account key in JSON format. \nThe raw value looks like this:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\n```\n```python\nimport pulumi\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n }\n}\n```\n```yaml\n{}\n```\n" }, "intervalSeconds": { "type": "integer", @@ -20120,7 +17343,7 @@ }, "googleServiceAccountKey": { "type": "string", - "description": "Google service account key in JSON format. \nThe raw value looks like this:\n" + "description": "Google service account key in JSON format. \nThe raw value looks like this:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\n```\n```python\nimport pulumi\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n }\n}\n```\n```yaml\n{}\n```\n" }, "intervalSeconds": { "type": "integer", @@ -20244,7 +17467,7 @@ }, "googleServiceAccountKey": { "type": "string", - "description": "Google service account key in JSON format. \nThe raw value looks like this:\n" + "description": "Google service account key in JSON format. \nThe raw value looks like this:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\n```\n```python\nimport pulumi\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n }\n}\n```\n```yaml\n{}\n```\n" }, "intervalSeconds": { "type": "integer", @@ -20282,7 +17505,7 @@ } }, "vault:index/rgpPolicy:RgpPolicy": { - "description": "Provides a resource to manage Role Governing Policy (RGP) via [Sentinel](https://www.vaultproject.io/docs/enterprise/sentinel/index.html).\n\n**Note** this feature is available only with Vault Enterprise.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst allow_all = new vault.RgpPolicy(\"allow-all\", {\n enforcementLevel: \"soft-mandatory\",\n policy: `main = rule {\n true\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nallow_all = vault.RgpPolicy(\"allow-all\",\n enforcement_level=\"soft-mandatory\",\n policy=\"\"\"main = rule {\n true\n}\n\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var allow_all = new Vault.RgpPolicy(\"allow-all\", new()\n {\n EnforcementLevel = \"soft-mandatory\",\n Policy = @\"main = rule {\n true\n}\n\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewRgpPolicy(ctx, \"allow-all\", \u0026vault.RgpPolicyArgs{\n\t\t\tEnforcementLevel: pulumi.String(\"soft-mandatory\"),\n\t\t\tPolicy: pulumi.String(\"main = rule {\\n true\\n}\\n\\n\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.RgpPolicy;\nimport com.pulumi.vault.RgpPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var allow_all = new RgpPolicy(\"allow-all\", RgpPolicyArgs.builder() \n .enforcementLevel(\"soft-mandatory\")\n .policy(\"\"\"\nmain = rule {\n true\n}\n\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n allow-all:\n type: vault:RgpPolicy\n properties:\n enforcementLevel: soft-mandatory\n policy: |+\n main = rule {\n true\n }\n```\n{{% /example %}}\n{{% /examples %}}", + "description": "Provides a resource to manage Role Governing Policy (RGP) via [Sentinel](https://www.vaultproject.io/docs/enterprise/sentinel/index.html).\n\n**Note** this feature is available only with Vault Enterprise.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst allow_all = new vault.RgpPolicy(\"allow-all\", {\n enforcementLevel: \"soft-mandatory\",\n policy: `main = rule {\n true\n}\n\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nallow_all = vault.RgpPolicy(\"allow-all\",\n enforcement_level=\"soft-mandatory\",\n policy=\"\"\"main = rule {\n true\n}\n\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var allow_all = new Vault.RgpPolicy(\"allow-all\", new()\n {\n EnforcementLevel = \"soft-mandatory\",\n Policy = @\"main = rule {\n true\n}\n\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewRgpPolicy(ctx, \"allow-all\", \u0026vault.RgpPolicyArgs{\n\t\t\tEnforcementLevel: pulumi.String(\"soft-mandatory\"),\n\t\t\tPolicy: pulumi.String(\"main = rule {\\n true\\n}\\n\\n\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.RgpPolicy;\nimport com.pulumi.vault.RgpPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var allow_all = new RgpPolicy(\"allow-all\", RgpPolicyArgs.builder() \n .enforcementLevel(\"soft-mandatory\")\n .policy(\"\"\"\nmain = rule {\n true\n}\n\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n allow-all:\n type: vault:RgpPolicy\n properties:\n enforcementLevel: soft-mandatory\n policy: |+\n main = rule {\n true\n }\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "enforcementLevel": { "type": "string", @@ -20356,7 +17579,7 @@ } }, "vault:index/token:Token": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst example = new vault.Token(\"example\", {\n metadata: {\n purpose: \"service-account\",\n },\n policies: [\n \"policy1\",\n \"policy2\",\n ],\n renewIncrement: 86400,\n renewMinLease: 43200,\n renewable: true,\n roleName: \"app\",\n ttl: \"24h\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample = vault.Token(\"example\",\n metadata={\n \"purpose\": \"service-account\",\n },\n policies=[\n \"policy1\",\n \"policy2\",\n ],\n renew_increment=86400,\n renew_min_lease=43200,\n renewable=True,\n role_name=\"app\",\n ttl=\"24h\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Vault.Token(\"example\", new()\n {\n Metadata = \n {\n { \"purpose\", \"service-account\" },\n },\n Policies = new[]\n {\n \"policy1\",\n \"policy2\",\n },\n RenewIncrement = 86400,\n RenewMinLease = 43200,\n Renewable = true,\n RoleName = \"app\",\n Ttl = \"24h\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewToken(ctx, \"example\", \u0026vault.TokenArgs{\n\t\t\tMetadata: pulumi.StringMap{\n\t\t\t\t\"purpose\": pulumi.String(\"service-account\"),\n\t\t\t},\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"policy1\"),\n\t\t\t\tpulumi.String(\"policy2\"),\n\t\t\t},\n\t\t\tRenewIncrement: pulumi.Int(86400),\n\t\t\tRenewMinLease: pulumi.Int(43200),\n\t\t\tRenewable: pulumi.Bool(true),\n\t\t\tRoleName: pulumi.String(\"app\"),\n\t\t\tTtl: pulumi.String(\"24h\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Token;\nimport com.pulumi.vault.TokenArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Token(\"example\", TokenArgs.builder() \n .metadata(Map.of(\"purpose\", \"service-account\"))\n .policies( \n \"policy1\",\n \"policy2\")\n .renewIncrement(86400)\n .renewMinLease(43200)\n .renewable(true)\n .roleName(\"app\")\n .ttl(\"24h\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: vault:Token\n properties:\n metadata:\n purpose: service-account\n policies:\n - policy1\n - policy2\n renewIncrement: 86400\n renewMinLease: 43200\n renewable: true\n roleName: app\n ttl: 24h\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nTokens can be imported using its `id` as accessor id, e.g.\n\n```sh\n $ pulumi import vault:index/token:Token example \u003caccessor_id\u003e\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst example = new vault.Token(\"example\", {\n metadata: {\n purpose: \"service-account\",\n },\n policies: [\n \"policy1\",\n \"policy2\",\n ],\n renewIncrement: 86400,\n renewMinLease: 43200,\n renewable: true,\n roleName: \"app\",\n ttl: \"24h\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample = vault.Token(\"example\",\n metadata={\n \"purpose\": \"service-account\",\n },\n policies=[\n \"policy1\",\n \"policy2\",\n ],\n renew_increment=86400,\n renew_min_lease=43200,\n renewable=True,\n role_name=\"app\",\n ttl=\"24h\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Vault.Token(\"example\", new()\n {\n Metadata = \n {\n { \"purpose\", \"service-account\" },\n },\n Policies = new[]\n {\n \"policy1\",\n \"policy2\",\n },\n RenewIncrement = 86400,\n RenewMinLease = 43200,\n Renewable = true,\n RoleName = \"app\",\n Ttl = \"24h\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewToken(ctx, \"example\", \u0026vault.TokenArgs{\n\t\t\tMetadata: pulumi.StringMap{\n\t\t\t\t\"purpose\": pulumi.String(\"service-account\"),\n\t\t\t},\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"policy1\"),\n\t\t\t\tpulumi.String(\"policy2\"),\n\t\t\t},\n\t\t\tRenewIncrement: pulumi.Int(86400),\n\t\t\tRenewMinLease: pulumi.Int(43200),\n\t\t\tRenewable: pulumi.Bool(true),\n\t\t\tRoleName: pulumi.String(\"app\"),\n\t\t\tTtl: pulumi.String(\"24h\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Token;\nimport com.pulumi.vault.TokenArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Token(\"example\", TokenArgs.builder() \n .metadata(Map.of(\"purpose\", \"service-account\"))\n .policies( \n \"policy1\",\n \"policy2\")\n .renewIncrement(86400)\n .renewMinLease(43200)\n .renewable(true)\n .roleName(\"app\")\n .ttl(\"24h\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: vault:Token\n properties:\n metadata:\n purpose: service-account\n policies:\n - policy1\n - policy2\n renewIncrement: 86400\n renewMinLease: 43200\n renewable: true\n roleName: app\n ttl: 24h\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nTokens can be imported using its `id` as accessor id, e.g.\n\n```sh\n $ pulumi import vault:index/token:Token example \u003caccessor_id\u003e\n```\n ", "properties": { "clientToken": { "type": "string", @@ -20647,7 +17870,7 @@ } }, "vault:jwt/authBackend:AuthBackend": { - "description": "Provides a resource for managing an\n[JWT auth backend within Vault](https://www.vaultproject.io/docs/auth/jwt.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nManage JWT auth backend:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst example = new vault.jwt.AuthBackend(\"example\", {\n boundIssuer: \"https://myco.auth0.com/\",\n description: \"Demonstration of the Terraform JWT auth backend\",\n oidcDiscoveryUrl: \"https://myco.auth0.com/\",\n path: \"jwt\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample = vault.jwt.AuthBackend(\"example\",\n bound_issuer=\"https://myco.auth0.com/\",\n description=\"Demonstration of the Terraform JWT auth backend\",\n oidc_discovery_url=\"https://myco.auth0.com/\",\n path=\"jwt\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Vault.Jwt.AuthBackend(\"example\", new()\n {\n BoundIssuer = \"https://myco.auth0.com/\",\n Description = \"Demonstration of the Terraform JWT auth backend\",\n OidcDiscoveryUrl = \"https://myco.auth0.com/\",\n Path = \"jwt\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/jwt\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := jwt.NewAuthBackend(ctx, \"example\", \u0026jwt.AuthBackendArgs{\n\t\t\tBoundIssuer: pulumi.String(\"https://myco.auth0.com/\"),\n\t\t\tDescription: pulumi.String(\"Demonstration of the Terraform JWT auth backend\"),\n\t\t\tOidcDiscoveryUrl: pulumi.String(\"https://myco.auth0.com/\"),\n\t\t\tPath: pulumi.String(\"jwt\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.jwt.AuthBackend;\nimport com.pulumi.vault.jwt.AuthBackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AuthBackend(\"example\", AuthBackendArgs.builder() \n .boundIssuer(\"https://myco.auth0.com/\")\n .description(\"Demonstration of the Terraform JWT auth backend\")\n .oidcDiscoveryUrl(\"https://myco.auth0.com/\")\n .path(\"jwt\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: vault:jwt:AuthBackend\n properties:\n boundIssuer: https://myco.auth0.com/\n description: Demonstration of the Terraform JWT auth backend\n oidcDiscoveryUrl: https://myco.auth0.com/\n path: jwt\n```\n\nManage OIDC auth backend:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst example = new vault.jwt.AuthBackend(\"example\", {\n boundIssuer: \"https://myco.auth0.com/\",\n description: \"Demonstration of the Terraform JWT auth backend\",\n oidcClientId: \"1234567890\",\n oidcClientSecret: \"secret123456\",\n oidcDiscoveryUrl: \"https://myco.auth0.com/\",\n path: \"oidc\",\n tune: {\n listingVisibility: \"unauth\",\n },\n type: \"oidc\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample = vault.jwt.AuthBackend(\"example\",\n bound_issuer=\"https://myco.auth0.com/\",\n description=\"Demonstration of the Terraform JWT auth backend\",\n oidc_client_id=\"1234567890\",\n oidc_client_secret=\"secret123456\",\n oidc_discovery_url=\"https://myco.auth0.com/\",\n path=\"oidc\",\n tune=vault.jwt.AuthBackendTuneArgs(\n listing_visibility=\"unauth\",\n ),\n type=\"oidc\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Vault.Jwt.AuthBackend(\"example\", new()\n {\n BoundIssuer = \"https://myco.auth0.com/\",\n Description = \"Demonstration of the Terraform JWT auth backend\",\n OidcClientId = \"1234567890\",\n OidcClientSecret = \"secret123456\",\n OidcDiscoveryUrl = \"https://myco.auth0.com/\",\n Path = \"oidc\",\n Tune = new Vault.Jwt.Inputs.AuthBackendTuneArgs\n {\n ListingVisibility = \"unauth\",\n },\n Type = \"oidc\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/jwt\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := jwt.NewAuthBackend(ctx, \"example\", \u0026jwt.AuthBackendArgs{\n\t\t\tBoundIssuer: pulumi.String(\"https://myco.auth0.com/\"),\n\t\t\tDescription: pulumi.String(\"Demonstration of the Terraform JWT auth backend\"),\n\t\t\tOidcClientId: pulumi.String(\"1234567890\"),\n\t\t\tOidcClientSecret: pulumi.String(\"secret123456\"),\n\t\t\tOidcDiscoveryUrl: pulumi.String(\"https://myco.auth0.com/\"),\n\t\t\tPath: pulumi.String(\"oidc\"),\n\t\t\tTune: \u0026jwt.AuthBackendTuneArgs{\n\t\t\t\tListingVisibility: pulumi.String(\"unauth\"),\n\t\t\t},\n\t\t\tType: pulumi.String(\"oidc\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.jwt.AuthBackend;\nimport com.pulumi.vault.jwt.AuthBackendArgs;\nimport com.pulumi.vault.jwt.inputs.AuthBackendTuneArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AuthBackend(\"example\", AuthBackendArgs.builder() \n .boundIssuer(\"https://myco.auth0.com/\")\n .description(\"Demonstration of the Terraform JWT auth backend\")\n .oidcClientId(\"1234567890\")\n .oidcClientSecret(\"secret123456\")\n .oidcDiscoveryUrl(\"https://myco.auth0.com/\")\n .path(\"oidc\")\n .tune(AuthBackendTuneArgs.builder()\n .listingVisibility(\"unauth\")\n .build())\n .type(\"oidc\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: vault:jwt:AuthBackend\n properties:\n boundIssuer: https://myco.auth0.com/\n description: Demonstration of the Terraform JWT auth backend\n oidcClientId: 1234567890\n oidcClientSecret: secret123456\n oidcDiscoveryUrl: https://myco.auth0.com/\n path: oidc\n tune:\n listingVisibility: unauth\n type: oidc\n```\n\nConfiguring the auth backend with a `provider_config:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst gsuite = new vault.jwt.AuthBackend(\"gsuite\", {\n description: \"OIDC backend\",\n oidcDiscoveryUrl: \"https://accounts.google.com\",\n path: \"oidc\",\n providerConfig: {\n fetch_groups: true,\n fetch_user_info: true,\n groups_recurse_max_depth: 1,\n provider: \"gsuite\",\n },\n type: \"oidc\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ngsuite = vault.jwt.AuthBackend(\"gsuite\",\n description=\"OIDC backend\",\n oidc_discovery_url=\"https://accounts.google.com\",\n path=\"oidc\",\n provider_config={\n \"fetch_groups\": \"true\",\n \"fetch_user_info\": \"true\",\n \"groups_recurse_max_depth\": \"1\",\n \"provider\": \"gsuite\",\n },\n type=\"oidc\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var gsuite = new Vault.Jwt.AuthBackend(\"gsuite\", new()\n {\n Description = \"OIDC backend\",\n OidcDiscoveryUrl = \"https://accounts.google.com\",\n Path = \"oidc\",\n ProviderConfig = \n {\n { \"fetch_groups\", \"true\" },\n { \"fetch_user_info\", \"true\" },\n { \"groups_recurse_max_depth\", \"1\" },\n { \"provider\", \"gsuite\" },\n },\n Type = \"oidc\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/jwt\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := jwt.NewAuthBackend(ctx, \"gsuite\", \u0026jwt.AuthBackendArgs{\n\t\t\tDescription: pulumi.String(\"OIDC backend\"),\n\t\t\tOidcDiscoveryUrl: pulumi.String(\"https://accounts.google.com\"),\n\t\t\tPath: pulumi.String(\"oidc\"),\n\t\t\tProviderConfig: pulumi.StringMap{\n\t\t\t\t\"fetch_groups\": pulumi.String(\"true\"),\n\t\t\t\t\"fetch_user_info\": pulumi.String(\"true\"),\n\t\t\t\t\"groups_recurse_max_depth\": pulumi.String(\"1\"),\n\t\t\t\t\"provider\": pulumi.String(\"gsuite\"),\n\t\t\t},\n\t\t\tType: pulumi.String(\"oidc\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.jwt.AuthBackend;\nimport com.pulumi.vault.jwt.AuthBackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var gsuite = new AuthBackend(\"gsuite\", AuthBackendArgs.builder() \n .description(\"OIDC backend\")\n .oidcDiscoveryUrl(\"https://accounts.google.com\")\n .path(\"oidc\")\n .providerConfig(Map.ofEntries(\n Map.entry(\"fetch_groups\", true),\n Map.entry(\"fetch_user_info\", true),\n Map.entry(\"groups_recurse_max_depth\", 1),\n Map.entry(\"provider\", \"gsuite\")\n ))\n .type(\"oidc\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n gsuite:\n type: vault:jwt:AuthBackend\n properties:\n description: OIDC backend\n oidcDiscoveryUrl: https://accounts.google.com\n path: oidc\n providerConfig:\n fetch_groups: true\n fetch_user_info: true\n groups_recurse_max_depth: 1\n provider: gsuite\n type: oidc\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nJWT auth backend can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:jwt/authBackend:AuthBackend oidc oidc\n```\n\n or\n\n```sh\n $ pulumi import vault:jwt/authBackend:AuthBackend jwt jwt\n```\n\n ", + "description": "Provides a resource for managing an\n[JWT auth backend within Vault](https://www.vaultproject.io/docs/auth/jwt.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nManage JWT auth backend:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst example = new vault.jwt.AuthBackend(\"example\", {\n boundIssuer: \"https://myco.auth0.com/\",\n description: \"Demonstration of the Terraform JWT auth backend\",\n oidcDiscoveryUrl: \"https://myco.auth0.com/\",\n path: \"jwt\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample = vault.jwt.AuthBackend(\"example\",\n bound_issuer=\"https://myco.auth0.com/\",\n description=\"Demonstration of the Terraform JWT auth backend\",\n oidc_discovery_url=\"https://myco.auth0.com/\",\n path=\"jwt\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Vault.Jwt.AuthBackend(\"example\", new()\n {\n BoundIssuer = \"https://myco.auth0.com/\",\n Description = \"Demonstration of the Terraform JWT auth backend\",\n OidcDiscoveryUrl = \"https://myco.auth0.com/\",\n Path = \"jwt\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/jwt\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := jwt.NewAuthBackend(ctx, \"example\", \u0026jwt.AuthBackendArgs{\n\t\t\tBoundIssuer: pulumi.String(\"https://myco.auth0.com/\"),\n\t\t\tDescription: pulumi.String(\"Demonstration of the Terraform JWT auth backend\"),\n\t\t\tOidcDiscoveryUrl: pulumi.String(\"https://myco.auth0.com/\"),\n\t\t\tPath: pulumi.String(\"jwt\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.jwt.AuthBackend;\nimport com.pulumi.vault.jwt.AuthBackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AuthBackend(\"example\", AuthBackendArgs.builder() \n .boundIssuer(\"https://myco.auth0.com/\")\n .description(\"Demonstration of the Terraform JWT auth backend\")\n .oidcDiscoveryUrl(\"https://myco.auth0.com/\")\n .path(\"jwt\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: vault:jwt:AuthBackend\n properties:\n boundIssuer: https://myco.auth0.com/\n description: Demonstration of the Terraform JWT auth backend\n oidcDiscoveryUrl: https://myco.auth0.com/\n path: jwt\n```\n\nManage OIDC auth backend:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst example = new vault.jwt.AuthBackend(\"example\", {\n boundIssuer: \"https://myco.auth0.com/\",\n description: \"Demonstration of the Terraform JWT auth backend\",\n oidcClientId: \"1234567890\",\n oidcClientSecret: \"secret123456\",\n oidcDiscoveryUrl: \"https://myco.auth0.com/\",\n path: \"oidc\",\n tune: {\n listingVisibility: \"unauth\",\n },\n type: \"oidc\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample = vault.jwt.AuthBackend(\"example\",\n bound_issuer=\"https://myco.auth0.com/\",\n description=\"Demonstration of the Terraform JWT auth backend\",\n oidc_client_id=\"1234567890\",\n oidc_client_secret=\"secret123456\",\n oidc_discovery_url=\"https://myco.auth0.com/\",\n path=\"oidc\",\n tune=vault.jwt.AuthBackendTuneArgs(\n listing_visibility=\"unauth\",\n ),\n type=\"oidc\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Vault.Jwt.AuthBackend(\"example\", new()\n {\n BoundIssuer = \"https://myco.auth0.com/\",\n Description = \"Demonstration of the Terraform JWT auth backend\",\n OidcClientId = \"1234567890\",\n OidcClientSecret = \"secret123456\",\n OidcDiscoveryUrl = \"https://myco.auth0.com/\",\n Path = \"oidc\",\n Tune = new Vault.Jwt.Inputs.AuthBackendTuneArgs\n {\n ListingVisibility = \"unauth\",\n },\n Type = \"oidc\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/jwt\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := jwt.NewAuthBackend(ctx, \"example\", \u0026jwt.AuthBackendArgs{\n\t\t\tBoundIssuer: pulumi.String(\"https://myco.auth0.com/\"),\n\t\t\tDescription: pulumi.String(\"Demonstration of the Terraform JWT auth backend\"),\n\t\t\tOidcClientId: pulumi.String(\"1234567890\"),\n\t\t\tOidcClientSecret: pulumi.String(\"secret123456\"),\n\t\t\tOidcDiscoveryUrl: pulumi.String(\"https://myco.auth0.com/\"),\n\t\t\tPath: pulumi.String(\"oidc\"),\n\t\t\tTune: \u0026jwt.AuthBackendTuneArgs{\n\t\t\t\tListingVisibility: pulumi.String(\"unauth\"),\n\t\t\t},\n\t\t\tType: pulumi.String(\"oidc\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.jwt.AuthBackend;\nimport com.pulumi.vault.jwt.AuthBackendArgs;\nimport com.pulumi.vault.jwt.inputs.AuthBackendTuneArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AuthBackend(\"example\", AuthBackendArgs.builder() \n .boundIssuer(\"https://myco.auth0.com/\")\n .description(\"Demonstration of the Terraform JWT auth backend\")\n .oidcClientId(\"1234567890\")\n .oidcClientSecret(\"secret123456\")\n .oidcDiscoveryUrl(\"https://myco.auth0.com/\")\n .path(\"oidc\")\n .tune(AuthBackendTuneArgs.builder()\n .listingVisibility(\"unauth\")\n .build())\n .type(\"oidc\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: vault:jwt:AuthBackend\n properties:\n boundIssuer: https://myco.auth0.com/\n description: Demonstration of the Terraform JWT auth backend\n oidcClientId: '1234567890'\n oidcClientSecret: secret123456\n oidcDiscoveryUrl: https://myco.auth0.com/\n path: oidc\n tune:\n listingVisibility: unauth\n type: oidc\n```\n\nConfiguring the auth backend with a `provider_config:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst gsuite = new vault.jwt.AuthBackend(\"gsuite\", {\n description: \"OIDC backend\",\n oidcDiscoveryUrl: \"https://accounts.google.com\",\n path: \"oidc\",\n providerConfig: {\n fetch_groups: \"true\",\n fetch_user_info: \"true\",\n groups_recurse_max_depth: \"1\",\n provider: \"gsuite\",\n },\n type: \"oidc\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ngsuite = vault.jwt.AuthBackend(\"gsuite\",\n description=\"OIDC backend\",\n oidc_discovery_url=\"https://accounts.google.com\",\n path=\"oidc\",\n provider_config={\n \"fetch_groups\": \"true\",\n \"fetch_user_info\": \"true\",\n \"groups_recurse_max_depth\": \"1\",\n \"provider\": \"gsuite\",\n },\n type=\"oidc\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var gsuite = new Vault.Jwt.AuthBackend(\"gsuite\", new()\n {\n Description = \"OIDC backend\",\n OidcDiscoveryUrl = \"https://accounts.google.com\",\n Path = \"oidc\",\n ProviderConfig = \n {\n { \"fetch_groups\", \"true\" },\n { \"fetch_user_info\", \"true\" },\n { \"groups_recurse_max_depth\", \"1\" },\n { \"provider\", \"gsuite\" },\n },\n Type = \"oidc\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/jwt\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := jwt.NewAuthBackend(ctx, \"gsuite\", \u0026jwt.AuthBackendArgs{\n\t\t\tDescription: pulumi.String(\"OIDC backend\"),\n\t\t\tOidcDiscoveryUrl: pulumi.String(\"https://accounts.google.com\"),\n\t\t\tPath: pulumi.String(\"oidc\"),\n\t\t\tProviderConfig: pulumi.StringMap{\n\t\t\t\t\"fetch_groups\": pulumi.String(\"true\"),\n\t\t\t\t\"fetch_user_info\": pulumi.String(\"true\"),\n\t\t\t\t\"groups_recurse_max_depth\": pulumi.String(\"1\"),\n\t\t\t\t\"provider\": pulumi.String(\"gsuite\"),\n\t\t\t},\n\t\t\tType: pulumi.String(\"oidc\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.jwt.AuthBackend;\nimport com.pulumi.vault.jwt.AuthBackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var gsuite = new AuthBackend(\"gsuite\", AuthBackendArgs.builder() \n .description(\"OIDC backend\")\n .oidcDiscoveryUrl(\"https://accounts.google.com\")\n .path(\"oidc\")\n .providerConfig(Map.ofEntries(\n Map.entry(\"fetch_groups\", true),\n Map.entry(\"fetch_user_info\", true),\n Map.entry(\"groups_recurse_max_depth\", 1),\n Map.entry(\"provider\", \"gsuite\")\n ))\n .type(\"oidc\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n gsuite:\n type: vault:jwt:AuthBackend\n properties:\n description: OIDC backend\n oidcDiscoveryUrl: https://accounts.google.com\n path: oidc\n providerConfig:\n fetch_groups: true\n fetch_user_info: true\n groups_recurse_max_depth: 1\n provider: gsuite\n type: oidc\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nJWT auth backend can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:jwt/authBackend:AuthBackend oidc oidc\n```\n or\n\n```sh\n $ pulumi import vault:jwt/authBackend:AuthBackend jwt jwt\n```\n ", "properties": { "accessor": { "type": "string", @@ -20701,7 +17924,7 @@ }, "namespaceInState": { "type": "boolean", - "description": "Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs\n" + "description": "Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs\n\n* tune - (Optional) Extra configuration block. Structure is documented below.\n\nThe `tune` block is used to tune the auth backend:\n" }, "oidcClientId": { "type": "string", @@ -20805,7 +18028,7 @@ }, "namespaceInState": { "type": "boolean", - "description": "Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs\n" + "description": "Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs\n\n* tune - (Optional) Extra configuration block. Structure is documented below.\n\nThe `tune` block is used to tune the auth backend:\n" }, "oidcClientId": { "type": "string", @@ -20912,7 +18135,7 @@ }, "namespaceInState": { "type": "boolean", - "description": "Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs\n" + "description": "Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs\n\n* tune - (Optional) Extra configuration block. Structure is documented below.\n\nThe `tune` block is used to tune the auth backend:\n" }, "oidcClientId": { "type": "string", @@ -20966,7 +18189,7 @@ } }, "vault:jwt/authBackendRole:AuthBackendRole": { - "description": "Manages an JWT/OIDC auth backend role in a Vault server. See the [Vault\ndocumentation](https://www.vaultproject.io/docs/auth/jwt.html) for more\ninformation.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nRole for JWT backend:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst jwt = new vault.jwt.AuthBackend(\"jwt\", {path: \"jwt\"});\nconst example = new vault.jwt.AuthBackendRole(\"example\", {\n backend: jwt.path,\n roleName: \"test-role\",\n tokenPolicies: [\n \"default\",\n \"dev\",\n \"prod\",\n ],\n boundAudiences: [\"https://myco.test\"],\n boundClaims: {\n color: \"red,green,blue\",\n },\n userClaim: \"https://vault/user\",\n roleType: \"jwt\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\njwt = vault.jwt.AuthBackend(\"jwt\", path=\"jwt\")\nexample = vault.jwt.AuthBackendRole(\"example\",\n backend=jwt.path,\n role_name=\"test-role\",\n token_policies=[\n \"default\",\n \"dev\",\n \"prod\",\n ],\n bound_audiences=[\"https://myco.test\"],\n bound_claims={\n \"color\": \"red,green,blue\",\n },\n user_claim=\"https://vault/user\",\n role_type=\"jwt\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var jwt = new Vault.Jwt.AuthBackend(\"jwt\", new()\n {\n Path = \"jwt\",\n });\n\n var example = new Vault.Jwt.AuthBackendRole(\"example\", new()\n {\n Backend = jwt.Path,\n RoleName = \"test-role\",\n TokenPolicies = new[]\n {\n \"default\",\n \"dev\",\n \"prod\",\n },\n BoundAudiences = new[]\n {\n \"https://myco.test\",\n },\n BoundClaims = \n {\n { \"color\", \"red,green,blue\" },\n },\n UserClaim = \"https://vault/user\",\n RoleType = \"jwt\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/jwt\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tjwt, err := jwt.NewAuthBackend(ctx, \"jwt\", \u0026jwt.AuthBackendArgs{\n\t\t\tPath: pulumi.String(\"jwt\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = jwt.NewAuthBackendRole(ctx, \"example\", \u0026jwt.AuthBackendRoleArgs{\n\t\t\tBackend: jwt.Path,\n\t\t\tRoleName: pulumi.String(\"test-role\"),\n\t\t\tTokenPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"default\"),\n\t\t\t\tpulumi.String(\"dev\"),\n\t\t\t\tpulumi.String(\"prod\"),\n\t\t\t},\n\t\t\tBoundAudiences: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"https://myco.test\"),\n\t\t\t},\n\t\t\tBoundClaims: pulumi.AnyMap{\n\t\t\t\t\"color\": pulumi.Any(\"red,green,blue\"),\n\t\t\t},\n\t\t\tUserClaim: pulumi.String(\"https://vault/user\"),\n\t\t\tRoleType: pulumi.String(\"jwt\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.jwt.AuthBackend;\nimport com.pulumi.vault.jwt.AuthBackendArgs;\nimport com.pulumi.vault.jwt.AuthBackendRole;\nimport com.pulumi.vault.jwt.AuthBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var jwt = new AuthBackend(\"jwt\", AuthBackendArgs.builder() \n .path(\"jwt\")\n .build());\n\n var example = new AuthBackendRole(\"example\", AuthBackendRoleArgs.builder() \n .backend(jwt.path())\n .roleName(\"test-role\")\n .tokenPolicies( \n \"default\",\n \"dev\",\n \"prod\")\n .boundAudiences(\"https://myco.test\")\n .boundClaims(Map.of(\"color\", \"red,green,blue\"))\n .userClaim(\"https://vault/user\")\n .roleType(\"jwt\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n jwt:\n type: vault:jwt:AuthBackend\n properties:\n path: jwt\n example:\n type: vault:jwt:AuthBackendRole\n properties:\n backend: ${jwt.path}\n roleName: test-role\n tokenPolicies:\n - default\n - dev\n - prod\n boundAudiences:\n - https://myco.test\n boundClaims:\n color: red,green,blue\n userClaim: https://vault/user\n roleType: jwt\n```\n\nRole for OIDC backend:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst oidc = new vault.jwt.AuthBackend(\"oidc\", {\n path: \"oidc\",\n defaultRole: \"test-role\",\n});\nconst example = new vault.jwt.AuthBackendRole(\"example\", {\n backend: oidc.path,\n roleName: \"test-role\",\n tokenPolicies: [\n \"default\",\n \"dev\",\n \"prod\",\n ],\n userClaim: \"https://vault/user\",\n roleType: \"oidc\",\n allowedRedirectUris: [\"http://localhost:8200/ui/vault/auth/oidc/oidc/callback\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\noidc = vault.jwt.AuthBackend(\"oidc\",\n path=\"oidc\",\n default_role=\"test-role\")\nexample = vault.jwt.AuthBackendRole(\"example\",\n backend=oidc.path,\n role_name=\"test-role\",\n token_policies=[\n \"default\",\n \"dev\",\n \"prod\",\n ],\n user_claim=\"https://vault/user\",\n role_type=\"oidc\",\n allowed_redirect_uris=[\"http://localhost:8200/ui/vault/auth/oidc/oidc/callback\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var oidc = new Vault.Jwt.AuthBackend(\"oidc\", new()\n {\n Path = \"oidc\",\n DefaultRole = \"test-role\",\n });\n\n var example = new Vault.Jwt.AuthBackendRole(\"example\", new()\n {\n Backend = oidc.Path,\n RoleName = \"test-role\",\n TokenPolicies = new[]\n {\n \"default\",\n \"dev\",\n \"prod\",\n },\n UserClaim = \"https://vault/user\",\n RoleType = \"oidc\",\n AllowedRedirectUris = new[]\n {\n \"http://localhost:8200/ui/vault/auth/oidc/oidc/callback\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/jwt\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\toidc, err := jwt.NewAuthBackend(ctx, \"oidc\", \u0026jwt.AuthBackendArgs{\n\t\t\tPath: pulumi.String(\"oidc\"),\n\t\t\tDefaultRole: pulumi.String(\"test-role\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = jwt.NewAuthBackendRole(ctx, \"example\", \u0026jwt.AuthBackendRoleArgs{\n\t\t\tBackend: oidc.Path,\n\t\t\tRoleName: pulumi.String(\"test-role\"),\n\t\t\tTokenPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"default\"),\n\t\t\t\tpulumi.String(\"dev\"),\n\t\t\t\tpulumi.String(\"prod\"),\n\t\t\t},\n\t\t\tUserClaim: pulumi.String(\"https://vault/user\"),\n\t\t\tRoleType: pulumi.String(\"oidc\"),\n\t\t\tAllowedRedirectUris: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"http://localhost:8200/ui/vault/auth/oidc/oidc/callback\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.jwt.AuthBackend;\nimport com.pulumi.vault.jwt.AuthBackendArgs;\nimport com.pulumi.vault.jwt.AuthBackendRole;\nimport com.pulumi.vault.jwt.AuthBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var oidc = new AuthBackend(\"oidc\", AuthBackendArgs.builder() \n .path(\"oidc\")\n .defaultRole(\"test-role\")\n .build());\n\n var example = new AuthBackendRole(\"example\", AuthBackendRoleArgs.builder() \n .backend(oidc.path())\n .roleName(\"test-role\")\n .tokenPolicies( \n \"default\",\n \"dev\",\n \"prod\")\n .userClaim(\"https://vault/user\")\n .roleType(\"oidc\")\n .allowedRedirectUris(\"http://localhost:8200/ui/vault/auth/oidc/oidc/callback\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n oidc:\n type: vault:jwt:AuthBackend\n properties:\n path: oidc\n defaultRole: test-role\n example:\n type: vault:jwt:AuthBackendRole\n properties:\n backend: ${oidc.path}\n roleName: test-role\n tokenPolicies:\n - default\n - dev\n - prod\n userClaim: https://vault/user\n roleType: oidc\n allowedRedirectUris:\n - http://localhost:8200/ui/vault/auth/oidc/oidc/callback\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nJWT authentication backend roles can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:jwt/authBackendRole:AuthBackendRole example auth/jwt/role/test-role\n```\n\n ", + "description": "Manages an JWT/OIDC auth backend role in a Vault server. See the [Vault\ndocumentation](https://www.vaultproject.io/docs/auth/jwt.html) for more\ninformation.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nRole for JWT backend:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst jwt = new vault.jwt.AuthBackend(\"jwt\", {path: \"jwt\"});\nconst example = new vault.jwt.AuthBackendRole(\"example\", {\n backend: jwt.path,\n roleName: \"test-role\",\n tokenPolicies: [\n \"default\",\n \"dev\",\n \"prod\",\n ],\n boundAudiences: [\"https://myco.test\"],\n boundClaims: {\n color: \"red,green,blue\",\n },\n userClaim: \"https://vault/user\",\n roleType: \"jwt\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\njwt = vault.jwt.AuthBackend(\"jwt\", path=\"jwt\")\nexample = vault.jwt.AuthBackendRole(\"example\",\n backend=jwt.path,\n role_name=\"test-role\",\n token_policies=[\n \"default\",\n \"dev\",\n \"prod\",\n ],\n bound_audiences=[\"https://myco.test\"],\n bound_claims={\n \"color\": \"red,green,blue\",\n },\n user_claim=\"https://vault/user\",\n role_type=\"jwt\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var jwt = new Vault.Jwt.AuthBackend(\"jwt\", new()\n {\n Path = \"jwt\",\n });\n\n var example = new Vault.Jwt.AuthBackendRole(\"example\", new()\n {\n Backend = jwt.Path,\n RoleName = \"test-role\",\n TokenPolicies = new[]\n {\n \"default\",\n \"dev\",\n \"prod\",\n },\n BoundAudiences = new[]\n {\n \"https://myco.test\",\n },\n BoundClaims = \n {\n { \"color\", \"red,green,blue\" },\n },\n UserClaim = \"https://vault/user\",\n RoleType = \"jwt\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/jwt\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tjwt, err := jwt.NewAuthBackend(ctx, \"jwt\", \u0026jwt.AuthBackendArgs{\n\t\t\tPath: pulumi.String(\"jwt\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = jwt.NewAuthBackendRole(ctx, \"example\", \u0026jwt.AuthBackendRoleArgs{\n\t\t\tBackend: jwt.Path,\n\t\t\tRoleName: pulumi.String(\"test-role\"),\n\t\t\tTokenPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"default\"),\n\t\t\t\tpulumi.String(\"dev\"),\n\t\t\t\tpulumi.String(\"prod\"),\n\t\t\t},\n\t\t\tBoundAudiences: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"https://myco.test\"),\n\t\t\t},\n\t\t\tBoundClaims: pulumi.Map{\n\t\t\t\t\"color\": pulumi.Any(\"red,green,blue\"),\n\t\t\t},\n\t\t\tUserClaim: pulumi.String(\"https://vault/user\"),\n\t\t\tRoleType: pulumi.String(\"jwt\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.jwt.AuthBackend;\nimport com.pulumi.vault.jwt.AuthBackendArgs;\nimport com.pulumi.vault.jwt.AuthBackendRole;\nimport com.pulumi.vault.jwt.AuthBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var jwt = new AuthBackend(\"jwt\", AuthBackendArgs.builder() \n .path(\"jwt\")\n .build());\n\n var example = new AuthBackendRole(\"example\", AuthBackendRoleArgs.builder() \n .backend(jwt.path())\n .roleName(\"test-role\")\n .tokenPolicies( \n \"default\",\n \"dev\",\n \"prod\")\n .boundAudiences(\"https://myco.test\")\n .boundClaims(Map.of(\"color\", \"red,green,blue\"))\n .userClaim(\"https://vault/user\")\n .roleType(\"jwt\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n jwt:\n type: vault:jwt:AuthBackend\n properties:\n path: jwt\n example:\n type: vault:jwt:AuthBackendRole\n properties:\n backend: ${jwt.path}\n roleName: test-role\n tokenPolicies:\n - default\n - dev\n - prod\n boundAudiences:\n - https://myco.test\n boundClaims:\n color: red,green,blue\n userClaim: https://vault/user\n roleType: jwt\n```\n\nRole for OIDC backend:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst oidc = new vault.jwt.AuthBackend(\"oidc\", {\n path: \"oidc\",\n defaultRole: \"test-role\",\n});\nconst example = new vault.jwt.AuthBackendRole(\"example\", {\n backend: oidc.path,\n roleName: \"test-role\",\n tokenPolicies: [\n \"default\",\n \"dev\",\n \"prod\",\n ],\n userClaim: \"https://vault/user\",\n roleType: \"oidc\",\n allowedRedirectUris: [\"http://localhost:8200/ui/vault/auth/oidc/oidc/callback\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\noidc = vault.jwt.AuthBackend(\"oidc\",\n path=\"oidc\",\n default_role=\"test-role\")\nexample = vault.jwt.AuthBackendRole(\"example\",\n backend=oidc.path,\n role_name=\"test-role\",\n token_policies=[\n \"default\",\n \"dev\",\n \"prod\",\n ],\n user_claim=\"https://vault/user\",\n role_type=\"oidc\",\n allowed_redirect_uris=[\"http://localhost:8200/ui/vault/auth/oidc/oidc/callback\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var oidc = new Vault.Jwt.AuthBackend(\"oidc\", new()\n {\n Path = \"oidc\",\n DefaultRole = \"test-role\",\n });\n\n var example = new Vault.Jwt.AuthBackendRole(\"example\", new()\n {\n Backend = oidc.Path,\n RoleName = \"test-role\",\n TokenPolicies = new[]\n {\n \"default\",\n \"dev\",\n \"prod\",\n },\n UserClaim = \"https://vault/user\",\n RoleType = \"oidc\",\n AllowedRedirectUris = new[]\n {\n \"http://localhost:8200/ui/vault/auth/oidc/oidc/callback\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/jwt\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\toidc, err := jwt.NewAuthBackend(ctx, \"oidc\", \u0026jwt.AuthBackendArgs{\n\t\t\tPath: pulumi.String(\"oidc\"),\n\t\t\tDefaultRole: pulumi.String(\"test-role\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = jwt.NewAuthBackendRole(ctx, \"example\", \u0026jwt.AuthBackendRoleArgs{\n\t\t\tBackend: oidc.Path,\n\t\t\tRoleName: pulumi.String(\"test-role\"),\n\t\t\tTokenPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"default\"),\n\t\t\t\tpulumi.String(\"dev\"),\n\t\t\t\tpulumi.String(\"prod\"),\n\t\t\t},\n\t\t\tUserClaim: pulumi.String(\"https://vault/user\"),\n\t\t\tRoleType: pulumi.String(\"oidc\"),\n\t\t\tAllowedRedirectUris: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"http://localhost:8200/ui/vault/auth/oidc/oidc/callback\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.jwt.AuthBackend;\nimport com.pulumi.vault.jwt.AuthBackendArgs;\nimport com.pulumi.vault.jwt.AuthBackendRole;\nimport com.pulumi.vault.jwt.AuthBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var oidc = new AuthBackend(\"oidc\", AuthBackendArgs.builder() \n .path(\"oidc\")\n .defaultRole(\"test-role\")\n .build());\n\n var example = new AuthBackendRole(\"example\", AuthBackendRoleArgs.builder() \n .backend(oidc.path())\n .roleName(\"test-role\")\n .tokenPolicies( \n \"default\",\n \"dev\",\n \"prod\")\n .userClaim(\"https://vault/user\")\n .roleType(\"oidc\")\n .allowedRedirectUris(\"http://localhost:8200/ui/vault/auth/oidc/oidc/callback\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n oidc:\n type: vault:jwt:AuthBackend\n properties:\n path: oidc\n defaultRole: test-role\n example:\n type: vault:jwt:AuthBackendRole\n properties:\n backend: ${oidc.path}\n roleName: test-role\n tokenPolicies:\n - default\n - dev\n - prod\n userClaim: https://vault/user\n roleType: oidc\n allowedRedirectUris:\n - http://localhost:8200/ui/vault/auth/oidc/oidc/callback\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nJWT authentication backend roles can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:jwt/authBackendRole:AuthBackendRole example auth/jwt/role/test-role\n```\n ", "properties": { "allowedRedirectUris": { "type": "array", @@ -21408,7 +18631,7 @@ } }, "vault:kmip/secretBackend:SecretBackend": { - "description": "Manages KMIP Secret backends in a Vault server. This feature requires\nVault Enterprise. See the [Vault documentation](https://www.vaultproject.io/docs/secrets/kmip)\nfor more information.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst defaultSecretBackend = new vault.kmip.SecretBackend(\"default\", {\n defaultTlsClientKeyBits: 4096,\n defaultTlsClientKeyType: \"rsa\",\n defaultTlsClientTtl: 86400,\n description: \"Vault KMIP backend\",\n listenAddrs: [\n \"127.0.0.1:5696\",\n \"127.0.0.1:8080\",\n ],\n path: \"kmip\",\n tlsCaKeyBits: 4096,\n tlsCaKeyType: \"rsa\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ndefault = vault.kmip.SecretBackend(\"default\",\n default_tls_client_key_bits=4096,\n default_tls_client_key_type=\"rsa\",\n default_tls_client_ttl=86400,\n description=\"Vault KMIP backend\",\n listen_addrs=[\n \"127.0.0.1:5696\",\n \"127.0.0.1:8080\",\n ],\n path=\"kmip\",\n tls_ca_key_bits=4096,\n tls_ca_key_type=\"rsa\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Vault.Kmip.SecretBackend(\"default\", new()\n {\n DefaultTlsClientKeyBits = 4096,\n DefaultTlsClientKeyType = \"rsa\",\n DefaultTlsClientTtl = 86400,\n Description = \"Vault KMIP backend\",\n ListenAddrs = new[]\n {\n \"127.0.0.1:5696\",\n \"127.0.0.1:8080\",\n },\n Path = \"kmip\",\n TlsCaKeyBits = 4096,\n TlsCaKeyType = \"rsa\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/kmip\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kmip.NewSecretBackend(ctx, \"default\", \u0026kmip.SecretBackendArgs{\n\t\t\tDefaultTlsClientKeyBits: pulumi.Int(4096),\n\t\t\tDefaultTlsClientKeyType: pulumi.String(\"rsa\"),\n\t\t\tDefaultTlsClientTtl: pulumi.Int(86400),\n\t\t\tDescription: pulumi.String(\"Vault KMIP backend\"),\n\t\t\tListenAddrs: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"127.0.0.1:5696\"),\n\t\t\t\tpulumi.String(\"127.0.0.1:8080\"),\n\t\t\t},\n\t\t\tPath: pulumi.String(\"kmip\"),\n\t\t\tTlsCaKeyBits: pulumi.Int(4096),\n\t\t\tTlsCaKeyType: pulumi.String(\"rsa\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.kmip.SecretBackend;\nimport com.pulumi.vault.kmip.SecretBackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new SecretBackend(\"default\", SecretBackendArgs.builder() \n .defaultTlsClientKeyBits(4096)\n .defaultTlsClientKeyType(\"rsa\")\n .defaultTlsClientTtl(86400)\n .description(\"Vault KMIP backend\")\n .listenAddrs( \n \"127.0.0.1:5696\",\n \"127.0.0.1:8080\")\n .path(\"kmip\")\n .tlsCaKeyBits(4096)\n .tlsCaKeyType(\"rsa\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: vault:kmip:SecretBackend\n properties:\n defaultTlsClientKeyBits: 4096\n defaultTlsClientKeyType: rsa\n defaultTlsClientTtl: 86400\n description: Vault KMIP backend\n listenAddrs:\n - 127.0.0.1:5696\n - 127.0.0.1:8080\n path: kmip\n tlsCaKeyBits: 4096\n tlsCaKeyType: rsa\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nKMIP Secret backend can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:kmip/secretBackend:SecretBackend default kmip\n```\n\n ", + "description": "Manages KMIP Secret backends in a Vault server. This feature requires\nVault Enterprise. See the [Vault documentation](https://www.vaultproject.io/docs/secrets/kmip)\nfor more information.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst _default = new vault.kmip.SecretBackend(\"default\", {\n defaultTlsClientKeyBits: 4096,\n defaultTlsClientKeyType: \"rsa\",\n defaultTlsClientTtl: 86400,\n description: \"Vault KMIP backend\",\n listenAddrs: [\n \"127.0.0.1:5696\",\n \"127.0.0.1:8080\",\n ],\n path: \"kmip\",\n tlsCaKeyBits: 4096,\n tlsCaKeyType: \"rsa\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ndefault = vault.kmip.SecretBackend(\"default\",\n default_tls_client_key_bits=4096,\n default_tls_client_key_type=\"rsa\",\n default_tls_client_ttl=86400,\n description=\"Vault KMIP backend\",\n listen_addrs=[\n \"127.0.0.1:5696\",\n \"127.0.0.1:8080\",\n ],\n path=\"kmip\",\n tls_ca_key_bits=4096,\n tls_ca_key_type=\"rsa\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Vault.Kmip.SecretBackend(\"default\", new()\n {\n DefaultTlsClientKeyBits = 4096,\n DefaultTlsClientKeyType = \"rsa\",\n DefaultTlsClientTtl = 86400,\n Description = \"Vault KMIP backend\",\n ListenAddrs = new[]\n {\n \"127.0.0.1:5696\",\n \"127.0.0.1:8080\",\n },\n Path = \"kmip\",\n TlsCaKeyBits = 4096,\n TlsCaKeyType = \"rsa\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/kmip\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kmip.NewSecretBackend(ctx, \"default\", \u0026kmip.SecretBackendArgs{\n\t\t\tDefaultTlsClientKeyBits: pulumi.Int(4096),\n\t\t\tDefaultTlsClientKeyType: pulumi.String(\"rsa\"),\n\t\t\tDefaultTlsClientTtl: pulumi.Int(86400),\n\t\t\tDescription: pulumi.String(\"Vault KMIP backend\"),\n\t\t\tListenAddrs: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"127.0.0.1:5696\"),\n\t\t\t\tpulumi.String(\"127.0.0.1:8080\"),\n\t\t\t},\n\t\t\tPath: pulumi.String(\"kmip\"),\n\t\t\tTlsCaKeyBits: pulumi.Int(4096),\n\t\t\tTlsCaKeyType: pulumi.String(\"rsa\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.kmip.SecretBackend;\nimport com.pulumi.vault.kmip.SecretBackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new SecretBackend(\"default\", SecretBackendArgs.builder() \n .defaultTlsClientKeyBits(4096)\n .defaultTlsClientKeyType(\"rsa\")\n .defaultTlsClientTtl(86400)\n .description(\"Vault KMIP backend\")\n .listenAddrs( \n \"127.0.0.1:5696\",\n \"127.0.0.1:8080\")\n .path(\"kmip\")\n .tlsCaKeyBits(4096)\n .tlsCaKeyType(\"rsa\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: vault:kmip:SecretBackend\n properties:\n defaultTlsClientKeyBits: 4096\n defaultTlsClientKeyType: rsa\n defaultTlsClientTtl: 86400\n description: Vault KMIP backend\n listenAddrs:\n - 127.0.0.1:5696\n - 127.0.0.1:8080\n path: kmip\n tlsCaKeyBits: 4096\n tlsCaKeyType: rsa\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nKMIP Secret backend can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:kmip/secretBackend:SecretBackend default kmip\n```\n ", "properties": { "defaultTlsClientKeyBits": { "type": "integer", @@ -21621,7 +18844,7 @@ } }, "vault:kmip/secretRole:SecretRole": { - "description": "Manages KMIP Secret roles in a Vault server. This feature requires\nVault Enterprise. See the [Vault documentation](https://www.vaultproject.io/docs/secrets/kmip)\nfor more information.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst _default = new vault.kmip.SecretBackend(\"default\", {\n path: \"kmip\",\n description: \"Vault KMIP backend\",\n});\nconst dev = new vault.kmip.SecretScope(\"dev\", {\n path: _default.path,\n scope: \"dev\",\n force: true,\n});\nconst admin = new vault.kmip.SecretRole(\"admin\", {\n path: dev.path,\n scope: dev.scope,\n role: \"admin\",\n tlsClientKeyType: \"ec\",\n tlsClientKeyBits: 256,\n operationActivate: true,\n operationGet: true,\n operationGetAttributes: true,\n operationCreate: true,\n operationDestroy: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ndefault = vault.kmip.SecretBackend(\"default\",\n path=\"kmip\",\n description=\"Vault KMIP backend\")\ndev = vault.kmip.SecretScope(\"dev\",\n path=default.path,\n scope=\"dev\",\n force=True)\nadmin = vault.kmip.SecretRole(\"admin\",\n path=dev.path,\n scope=dev.scope,\n role=\"admin\",\n tls_client_key_type=\"ec\",\n tls_client_key_bits=256,\n operation_activate=True,\n operation_get=True,\n operation_get_attributes=True,\n operation_create=True,\n operation_destroy=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Vault.Kmip.SecretBackend(\"default\", new()\n {\n Path = \"kmip\",\n Description = \"Vault KMIP backend\",\n });\n\n var dev = new Vault.Kmip.SecretScope(\"dev\", new()\n {\n Path = @default.Path,\n Scope = \"dev\",\n Force = true,\n });\n\n var admin = new Vault.Kmip.SecretRole(\"admin\", new()\n {\n Path = dev.Path,\n Scope = dev.Scope,\n Role = \"admin\",\n TlsClientKeyType = \"ec\",\n TlsClientKeyBits = 256,\n OperationActivate = true,\n OperationGet = true,\n OperationGetAttributes = true,\n OperationCreate = true,\n OperationDestroy = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/kmip\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kmip.NewSecretBackend(ctx, \"default\", \u0026kmip.SecretBackendArgs{\n\t\t\tPath: pulumi.String(\"kmip\"),\n\t\t\tDescription: pulumi.String(\"Vault KMIP backend\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdev, err := kmip.NewSecretScope(ctx, \"dev\", \u0026kmip.SecretScopeArgs{\n\t\t\tPath: _default.Path,\n\t\t\tScope: pulumi.String(\"dev\"),\n\t\t\tForce: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kmip.NewSecretRole(ctx, \"admin\", \u0026kmip.SecretRoleArgs{\n\t\t\tPath: dev.Path,\n\t\t\tScope: dev.Scope,\n\t\t\tRole: pulumi.String(\"admin\"),\n\t\t\tTlsClientKeyType: pulumi.String(\"ec\"),\n\t\t\tTlsClientKeyBits: pulumi.Int(256),\n\t\t\tOperationActivate: pulumi.Bool(true),\n\t\t\tOperationGet: pulumi.Bool(true),\n\t\t\tOperationGetAttributes: pulumi.Bool(true),\n\t\t\tOperationCreate: pulumi.Bool(true),\n\t\t\tOperationDestroy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.kmip.SecretBackend;\nimport com.pulumi.vault.kmip.SecretBackendArgs;\nimport com.pulumi.vault.kmip.SecretScope;\nimport com.pulumi.vault.kmip.SecretScopeArgs;\nimport com.pulumi.vault.kmip.SecretRole;\nimport com.pulumi.vault.kmip.SecretRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new SecretBackend(\"default\", SecretBackendArgs.builder() \n .path(\"kmip\")\n .description(\"Vault KMIP backend\")\n .build());\n\n var dev = new SecretScope(\"dev\", SecretScopeArgs.builder() \n .path(default_.path())\n .scope(\"dev\")\n .force(true)\n .build());\n\n var admin = new SecretRole(\"admin\", SecretRoleArgs.builder() \n .path(dev.path())\n .scope(dev.scope())\n .role(\"admin\")\n .tlsClientKeyType(\"ec\")\n .tlsClientKeyBits(256)\n .operationActivate(true)\n .operationGet(true)\n .operationGetAttributes(true)\n .operationCreate(true)\n .operationDestroy(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: vault:kmip:SecretBackend\n properties:\n path: kmip\n description: Vault KMIP backend\n dev:\n type: vault:kmip:SecretScope\n properties:\n path: ${default.path}\n scope: dev\n force: true\n admin:\n type: vault:kmip:SecretRole\n properties:\n path: ${dev.path}\n scope: ${dev.scope}\n role: admin\n tlsClientKeyType: ec\n tlsClientKeyBits: 256\n operationActivate: true\n operationGet: true\n operationGetAttributes: true\n operationCreate: true\n operationDestroy: true\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nKMIP Secret role can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:kmip/secretRole:SecretRole admin kmip\n```\n\n ", + "description": "Manages KMIP Secret roles in a Vault server. This feature requires\nVault Enterprise. See the [Vault documentation](https://www.vaultproject.io/docs/secrets/kmip)\nfor more information.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst _default = new vault.kmip.SecretBackend(\"default\", {\n path: \"kmip\",\n description: \"Vault KMIP backend\",\n});\nconst dev = new vault.kmip.SecretScope(\"dev\", {\n path: _default.path,\n scope: \"dev\",\n force: true,\n});\nconst admin = new vault.kmip.SecretRole(\"admin\", {\n path: dev.path,\n scope: dev.scope,\n role: \"admin\",\n tlsClientKeyType: \"ec\",\n tlsClientKeyBits: 256,\n operationActivate: true,\n operationGet: true,\n operationGetAttributes: true,\n operationCreate: true,\n operationDestroy: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ndefault = vault.kmip.SecretBackend(\"default\",\n path=\"kmip\",\n description=\"Vault KMIP backend\")\ndev = vault.kmip.SecretScope(\"dev\",\n path=default.path,\n scope=\"dev\",\n force=True)\nadmin = vault.kmip.SecretRole(\"admin\",\n path=dev.path,\n scope=dev.scope,\n role=\"admin\",\n tls_client_key_type=\"ec\",\n tls_client_key_bits=256,\n operation_activate=True,\n operation_get=True,\n operation_get_attributes=True,\n operation_create=True,\n operation_destroy=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Vault.Kmip.SecretBackend(\"default\", new()\n {\n Path = \"kmip\",\n Description = \"Vault KMIP backend\",\n });\n\n var dev = new Vault.Kmip.SecretScope(\"dev\", new()\n {\n Path = @default.Path,\n Scope = \"dev\",\n Force = true,\n });\n\n var admin = new Vault.Kmip.SecretRole(\"admin\", new()\n {\n Path = dev.Path,\n Scope = dev.Scope,\n Role = \"admin\",\n TlsClientKeyType = \"ec\",\n TlsClientKeyBits = 256,\n OperationActivate = true,\n OperationGet = true,\n OperationGetAttributes = true,\n OperationCreate = true,\n OperationDestroy = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/kmip\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kmip.NewSecretBackend(ctx, \"default\", \u0026kmip.SecretBackendArgs{\n\t\t\tPath: pulumi.String(\"kmip\"),\n\t\t\tDescription: pulumi.String(\"Vault KMIP backend\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdev, err := kmip.NewSecretScope(ctx, \"dev\", \u0026kmip.SecretScopeArgs{\n\t\t\tPath: _default.Path,\n\t\t\tScope: pulumi.String(\"dev\"),\n\t\t\tForce: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kmip.NewSecretRole(ctx, \"admin\", \u0026kmip.SecretRoleArgs{\n\t\t\tPath: dev.Path,\n\t\t\tScope: dev.Scope,\n\t\t\tRole: pulumi.String(\"admin\"),\n\t\t\tTlsClientKeyType: pulumi.String(\"ec\"),\n\t\t\tTlsClientKeyBits: pulumi.Int(256),\n\t\t\tOperationActivate: pulumi.Bool(true),\n\t\t\tOperationGet: pulumi.Bool(true),\n\t\t\tOperationGetAttributes: pulumi.Bool(true),\n\t\t\tOperationCreate: pulumi.Bool(true),\n\t\t\tOperationDestroy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.kmip.SecretBackend;\nimport com.pulumi.vault.kmip.SecretBackendArgs;\nimport com.pulumi.vault.kmip.SecretScope;\nimport com.pulumi.vault.kmip.SecretScopeArgs;\nimport com.pulumi.vault.kmip.SecretRole;\nimport com.pulumi.vault.kmip.SecretRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new SecretBackend(\"default\", SecretBackendArgs.builder() \n .path(\"kmip\")\n .description(\"Vault KMIP backend\")\n .build());\n\n var dev = new SecretScope(\"dev\", SecretScopeArgs.builder() \n .path(default_.path())\n .scope(\"dev\")\n .force(true)\n .build());\n\n var admin = new SecretRole(\"admin\", SecretRoleArgs.builder() \n .path(dev.path())\n .scope(dev.scope())\n .role(\"admin\")\n .tlsClientKeyType(\"ec\")\n .tlsClientKeyBits(256)\n .operationActivate(true)\n .operationGet(true)\n .operationGetAttributes(true)\n .operationCreate(true)\n .operationDestroy(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: vault:kmip:SecretBackend\n properties:\n path: kmip\n description: Vault KMIP backend\n dev:\n type: vault:kmip:SecretScope\n properties:\n path: ${default.path}\n scope: dev\n force: true\n admin:\n type: vault:kmip:SecretRole\n properties:\n path: ${dev.path}\n scope: ${dev.scope}\n role: admin\n tlsClientKeyType: ec\n tlsClientKeyBits: 256\n operationActivate: true\n operationGet: true\n operationGetAttributes: true\n operationCreate: true\n operationDestroy: true\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nKMIP Secret role can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:kmip/secretRole:SecretRole admin kmip\n```\n ", "properties": { "namespace": { "type": "string", @@ -21916,7 +19139,7 @@ } }, "vault:kmip/secretScope:SecretScope": { - "description": "Manages KMIP Secret Scopes in a Vault server. This feature requires\nVault Enterprise. See the [Vault documentation](https://www.vaultproject.io/docs/secrets/kmip)\nfor more information.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst _default = new vault.kmip.SecretBackend(\"default\", {\n path: \"kmip\",\n description: \"Vault KMIP backend\",\n});\nconst dev = new vault.kmip.SecretScope(\"dev\", {\n path: _default.path,\n scope: \"dev\",\n force: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ndefault = vault.kmip.SecretBackend(\"default\",\n path=\"kmip\",\n description=\"Vault KMIP backend\")\ndev = vault.kmip.SecretScope(\"dev\",\n path=default.path,\n scope=\"dev\",\n force=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Vault.Kmip.SecretBackend(\"default\", new()\n {\n Path = \"kmip\",\n Description = \"Vault KMIP backend\",\n });\n\n var dev = new Vault.Kmip.SecretScope(\"dev\", new()\n {\n Path = @default.Path,\n Scope = \"dev\",\n Force = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/kmip\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kmip.NewSecretBackend(ctx, \"default\", \u0026kmip.SecretBackendArgs{\n\t\t\tPath: pulumi.String(\"kmip\"),\n\t\t\tDescription: pulumi.String(\"Vault KMIP backend\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kmip.NewSecretScope(ctx, \"dev\", \u0026kmip.SecretScopeArgs{\n\t\t\tPath: _default.Path,\n\t\t\tScope: pulumi.String(\"dev\"),\n\t\t\tForce: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.kmip.SecretBackend;\nimport com.pulumi.vault.kmip.SecretBackendArgs;\nimport com.pulumi.vault.kmip.SecretScope;\nimport com.pulumi.vault.kmip.SecretScopeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new SecretBackend(\"default\", SecretBackendArgs.builder() \n .path(\"kmip\")\n .description(\"Vault KMIP backend\")\n .build());\n\n var dev = new SecretScope(\"dev\", SecretScopeArgs.builder() \n .path(default_.path())\n .scope(\"dev\")\n .force(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: vault:kmip:SecretBackend\n properties:\n path: kmip\n description: Vault KMIP backend\n dev:\n type: vault:kmip:SecretScope\n properties:\n path: ${default.path}\n scope: dev\n force: true\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nKMIP Secret scope can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:kmip/secretScope:SecretScope dev kmip\n```\n\n ", + "description": "Manages KMIP Secret Scopes in a Vault server. This feature requires\nVault Enterprise. See the [Vault documentation](https://www.vaultproject.io/docs/secrets/kmip)\nfor more information.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst _default = new vault.kmip.SecretBackend(\"default\", {\n path: \"kmip\",\n description: \"Vault KMIP backend\",\n});\nconst dev = new vault.kmip.SecretScope(\"dev\", {\n path: _default.path,\n scope: \"dev\",\n force: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ndefault = vault.kmip.SecretBackend(\"default\",\n path=\"kmip\",\n description=\"Vault KMIP backend\")\ndev = vault.kmip.SecretScope(\"dev\",\n path=default.path,\n scope=\"dev\",\n force=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Vault.Kmip.SecretBackend(\"default\", new()\n {\n Path = \"kmip\",\n Description = \"Vault KMIP backend\",\n });\n\n var dev = new Vault.Kmip.SecretScope(\"dev\", new()\n {\n Path = @default.Path,\n Scope = \"dev\",\n Force = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/kmip\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kmip.NewSecretBackend(ctx, \"default\", \u0026kmip.SecretBackendArgs{\n\t\t\tPath: pulumi.String(\"kmip\"),\n\t\t\tDescription: pulumi.String(\"Vault KMIP backend\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kmip.NewSecretScope(ctx, \"dev\", \u0026kmip.SecretScopeArgs{\n\t\t\tPath: _default.Path,\n\t\t\tScope: pulumi.String(\"dev\"),\n\t\t\tForce: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.kmip.SecretBackend;\nimport com.pulumi.vault.kmip.SecretBackendArgs;\nimport com.pulumi.vault.kmip.SecretScope;\nimport com.pulumi.vault.kmip.SecretScopeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new SecretBackend(\"default\", SecretBackendArgs.builder() \n .path(\"kmip\")\n .description(\"Vault KMIP backend\")\n .build());\n\n var dev = new SecretScope(\"dev\", SecretScopeArgs.builder() \n .path(default_.path())\n .scope(\"dev\")\n .force(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: vault:kmip:SecretBackend\n properties:\n path: kmip\n description: Vault KMIP backend\n dev:\n type: vault:kmip:SecretScope\n properties:\n path: ${default.path}\n scope: dev\n force: true\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nKMIP Secret scope can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:kmip/secretScope:SecretScope dev kmip\n```\n ", "properties": { "force": { "type": "boolean", @@ -21989,7 +19212,7 @@ } }, "vault:kubernetes/authBackendConfig:AuthBackendConfig": { - "description": "Manages an Kubernetes auth backend config in a Vault server. See the [Vault\ndocumentation](https://www.vaultproject.io/docs/auth/kubernetes.html) for more\ninformation.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst kubernetes = new vault.AuthBackend(\"kubernetes\", {type: \"kubernetes\"});\nconst example = new vault.kubernetes.AuthBackendConfig(\"example\", {\n backend: kubernetes.path,\n kubernetesHost: \"http://example.com:443\",\n kubernetesCaCert: `-----BEGIN CERTIFICATE-----\nexample\n-----END CERTIFICATE-----`,\n tokenReviewerJwt: \"ZXhhbXBsZQo=\",\n issuer: \"api\",\n disableIssValidation: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nkubernetes = vault.AuthBackend(\"kubernetes\", type=\"kubernetes\")\nexample = vault.kubernetes.AuthBackendConfig(\"example\",\n backend=kubernetes.path,\n kubernetes_host=\"http://example.com:443\",\n kubernetes_ca_cert=\"\"\"-----BEGIN CERTIFICATE-----\nexample\n-----END CERTIFICATE-----\"\"\",\n token_reviewer_jwt=\"ZXhhbXBsZQo=\",\n issuer=\"api\",\n disable_iss_validation=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var kubernetes = new Vault.AuthBackend(\"kubernetes\", new()\n {\n Type = \"kubernetes\",\n });\n\n var example = new Vault.Kubernetes.AuthBackendConfig(\"example\", new()\n {\n Backend = kubernetes.Path,\n KubernetesHost = \"http://example.com:443\",\n KubernetesCaCert = @\"-----BEGIN CERTIFICATE-----\nexample\n-----END CERTIFICATE-----\",\n TokenReviewerJwt = \"ZXhhbXBsZQo=\",\n Issuer = \"api\",\n DisableIssValidation = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/kubernetes\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tkubernetes, err := vault.NewAuthBackend(ctx, \"kubernetes\", \u0026vault.AuthBackendArgs{\n\t\t\tType: pulumi.String(\"kubernetes\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kubernetes.NewAuthBackendConfig(ctx, \"example\", \u0026kubernetes.AuthBackendConfigArgs{\n\t\t\tBackend: kubernetes.Path,\n\t\t\tKubernetesHost: pulumi.String(\"http://example.com:443\"),\n\t\t\tKubernetesCaCert: pulumi.String(\"-----BEGIN CERTIFICATE-----\\nexample\\n-----END CERTIFICATE-----\"),\n\t\t\tTokenReviewerJwt: pulumi.String(\"ZXhhbXBsZQo=\"),\n\t\t\tIssuer: pulumi.String(\"api\"),\n\t\t\tDisableIssValidation: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.kubernetes.AuthBackendConfig;\nimport com.pulumi.vault.kubernetes.AuthBackendConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var kubernetes = new AuthBackend(\"kubernetes\", AuthBackendArgs.builder() \n .type(\"kubernetes\")\n .build());\n\n var example = new AuthBackendConfig(\"example\", AuthBackendConfigArgs.builder() \n .backend(kubernetes.path())\n .kubernetesHost(\"http://example.com:443\")\n .kubernetesCaCert(\"\"\"\n-----BEGIN CERTIFICATE-----\nexample\n-----END CERTIFICATE----- \"\"\")\n .tokenReviewerJwt(\"ZXhhbXBsZQo=\")\n .issuer(\"api\")\n .disableIssValidation(\"true\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n kubernetes:\n type: vault:AuthBackend\n properties:\n type: kubernetes\n example:\n type: vault:kubernetes:AuthBackendConfig\n properties:\n backend: ${kubernetes.path}\n kubernetesHost: http://example.com:443\n kubernetesCaCert: |-\n -----BEGIN CERTIFICATE-----\n example\n -----END CERTIFICATE-----\n tokenReviewerJwt: ZXhhbXBsZQo=\n issuer: api\n disableIssValidation: true\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nKubernetes authentication backend can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:kubernetes/authBackendConfig:AuthBackendConfig config auth/kubernetes/config\n```\n\n ", + "description": "Manages an Kubernetes auth backend config in a Vault server. See the [Vault\ndocumentation](https://www.vaultproject.io/docs/auth/kubernetes.html) for more\ninformation.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst kubernetes = new vault.AuthBackend(\"kubernetes\", {type: \"kubernetes\"});\nconst example = new vault.kubernetes.AuthBackendConfig(\"example\", {\n backend: kubernetes.path,\n kubernetesHost: \"http://example.com:443\",\n kubernetesCaCert: `-----BEGIN CERTIFICATE-----\nexample\n-----END CERTIFICATE-----`,\n tokenReviewerJwt: \"ZXhhbXBsZQo=\",\n issuer: \"api\",\n disableIssValidation: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nkubernetes = vault.AuthBackend(\"kubernetes\", type=\"kubernetes\")\nexample = vault.kubernetes.AuthBackendConfig(\"example\",\n backend=kubernetes.path,\n kubernetes_host=\"http://example.com:443\",\n kubernetes_ca_cert=\"\"\"-----BEGIN CERTIFICATE-----\nexample\n-----END CERTIFICATE-----\"\"\",\n token_reviewer_jwt=\"ZXhhbXBsZQo=\",\n issuer=\"api\",\n disable_iss_validation=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var kubernetes = new Vault.AuthBackend(\"kubernetes\", new()\n {\n Type = \"kubernetes\",\n });\n\n var example = new Vault.Kubernetes.AuthBackendConfig(\"example\", new()\n {\n Backend = kubernetes.Path,\n KubernetesHost = \"http://example.com:443\",\n KubernetesCaCert = @\"-----BEGIN CERTIFICATE-----\nexample\n-----END CERTIFICATE-----\",\n TokenReviewerJwt = \"ZXhhbXBsZQo=\",\n Issuer = \"api\",\n DisableIssValidation = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/kubernetes\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tkubernetes, err := vault.NewAuthBackend(ctx, \"kubernetes\", \u0026vault.AuthBackendArgs{\n\t\t\tType: pulumi.String(\"kubernetes\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kubernetes.NewAuthBackendConfig(ctx, \"example\", \u0026kubernetes.AuthBackendConfigArgs{\n\t\t\tBackend: kubernetes.Path,\n\t\t\tKubernetesHost: pulumi.String(\"http://example.com:443\"),\n\t\t\tKubernetesCaCert: pulumi.String(\"-----BEGIN CERTIFICATE-----\\nexample\\n-----END CERTIFICATE-----\"),\n\t\t\tTokenReviewerJwt: pulumi.String(\"ZXhhbXBsZQo=\"),\n\t\t\tIssuer: pulumi.String(\"api\"),\n\t\t\tDisableIssValidation: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.kubernetes.AuthBackendConfig;\nimport com.pulumi.vault.kubernetes.AuthBackendConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var kubernetes = new AuthBackend(\"kubernetes\", AuthBackendArgs.builder() \n .type(\"kubernetes\")\n .build());\n\n var example = new AuthBackendConfig(\"example\", AuthBackendConfigArgs.builder() \n .backend(kubernetes.path())\n .kubernetesHost(\"http://example.com:443\")\n .kubernetesCaCert(\"\"\"\n-----BEGIN CERTIFICATE-----\nexample\n-----END CERTIFICATE----- \"\"\")\n .tokenReviewerJwt(\"ZXhhbXBsZQo=\")\n .issuer(\"api\")\n .disableIssValidation(\"true\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n kubernetes:\n type: vault:AuthBackend\n properties:\n type: kubernetes\n example:\n type: vault:kubernetes:AuthBackendConfig\n properties:\n backend: ${kubernetes.path}\n kubernetesHost: http://example.com:443\n kubernetesCaCert: |-\n -----BEGIN CERTIFICATE-----\n example\n -----END CERTIFICATE-----\n tokenReviewerJwt: ZXhhbXBsZQo=\n issuer: api\n disableIssValidation: 'true'\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nKubernetes authentication backend can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:kubernetes/authBackendConfig:AuthBackendConfig config auth/kubernetes/config\n```\n ", "properties": { "backend": { "type": "string", @@ -22135,7 +19358,7 @@ } }, "vault:kubernetes/authBackendRole:AuthBackendRole": { - "description": "Manages an Kubernetes auth backend role in a Vault server. See the [Vault\ndocumentation](https://www.vaultproject.io/docs/auth/kubernetes.html) for more\ninformation.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst kubernetes = new vault.AuthBackend(\"kubernetes\", {type: \"kubernetes\"});\nconst example = new vault.kubernetes.AuthBackendRole(\"example\", {\n backend: kubernetes.path,\n roleName: \"example-role\",\n boundServiceAccountNames: [\"example\"],\n boundServiceAccountNamespaces: [\"example\"],\n tokenTtl: 3600,\n tokenPolicies: [\n \"default\",\n \"dev\",\n \"prod\",\n ],\n audience: \"vault\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nkubernetes = vault.AuthBackend(\"kubernetes\", type=\"kubernetes\")\nexample = vault.kubernetes.AuthBackendRole(\"example\",\n backend=kubernetes.path,\n role_name=\"example-role\",\n bound_service_account_names=[\"example\"],\n bound_service_account_namespaces=[\"example\"],\n token_ttl=3600,\n token_policies=[\n \"default\",\n \"dev\",\n \"prod\",\n ],\n audience=\"vault\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var kubernetes = new Vault.AuthBackend(\"kubernetes\", new()\n {\n Type = \"kubernetes\",\n });\n\n var example = new Vault.Kubernetes.AuthBackendRole(\"example\", new()\n {\n Backend = kubernetes.Path,\n RoleName = \"example-role\",\n BoundServiceAccountNames = new[]\n {\n \"example\",\n },\n BoundServiceAccountNamespaces = new[]\n {\n \"example\",\n },\n TokenTtl = 3600,\n TokenPolicies = new[]\n {\n \"default\",\n \"dev\",\n \"prod\",\n },\n Audience = \"vault\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/kubernetes\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tkubernetes, err := vault.NewAuthBackend(ctx, \"kubernetes\", \u0026vault.AuthBackendArgs{\n\t\t\tType: pulumi.String(\"kubernetes\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kubernetes.NewAuthBackendRole(ctx, \"example\", \u0026kubernetes.AuthBackendRoleArgs{\n\t\t\tBackend: kubernetes.Path,\n\t\t\tRoleName: pulumi.String(\"example-role\"),\n\t\t\tBoundServiceAccountNames: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"example\"),\n\t\t\t},\n\t\t\tBoundServiceAccountNamespaces: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"example\"),\n\t\t\t},\n\t\t\tTokenTtl: pulumi.Int(3600),\n\t\t\tTokenPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"default\"),\n\t\t\t\tpulumi.String(\"dev\"),\n\t\t\t\tpulumi.String(\"prod\"),\n\t\t\t},\n\t\t\tAudience: pulumi.String(\"vault\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.kubernetes.AuthBackendRole;\nimport com.pulumi.vault.kubernetes.AuthBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var kubernetes = new AuthBackend(\"kubernetes\", AuthBackendArgs.builder() \n .type(\"kubernetes\")\n .build());\n\n var example = new AuthBackendRole(\"example\", AuthBackendRoleArgs.builder() \n .backend(kubernetes.path())\n .roleName(\"example-role\")\n .boundServiceAccountNames(\"example\")\n .boundServiceAccountNamespaces(\"example\")\n .tokenTtl(3600)\n .tokenPolicies( \n \"default\",\n \"dev\",\n \"prod\")\n .audience(\"vault\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n kubernetes:\n type: vault:AuthBackend\n properties:\n type: kubernetes\n example:\n type: vault:kubernetes:AuthBackendRole\n properties:\n backend: ${kubernetes.path}\n roleName: example-role\n boundServiceAccountNames:\n - example\n boundServiceAccountNamespaces:\n - example\n tokenTtl: 3600\n tokenPolicies:\n - default\n - dev\n - prod\n audience: vault\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nKubernetes auth backend role can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:kubernetes/authBackendRole:AuthBackendRole foo auth/kubernetes/role/foo\n```\n\n ", + "description": "Manages an Kubernetes auth backend role in a Vault server. See the [Vault\ndocumentation](https://www.vaultproject.io/docs/auth/kubernetes.html) for more\ninformation.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst kubernetes = new vault.AuthBackend(\"kubernetes\", {type: \"kubernetes\"});\nconst example = new vault.kubernetes.AuthBackendRole(\"example\", {\n backend: kubernetes.path,\n roleName: \"example-role\",\n boundServiceAccountNames: [\"example\"],\n boundServiceAccountNamespaces: [\"example\"],\n tokenTtl: 3600,\n tokenPolicies: [\n \"default\",\n \"dev\",\n \"prod\",\n ],\n audience: \"vault\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nkubernetes = vault.AuthBackend(\"kubernetes\", type=\"kubernetes\")\nexample = vault.kubernetes.AuthBackendRole(\"example\",\n backend=kubernetes.path,\n role_name=\"example-role\",\n bound_service_account_names=[\"example\"],\n bound_service_account_namespaces=[\"example\"],\n token_ttl=3600,\n token_policies=[\n \"default\",\n \"dev\",\n \"prod\",\n ],\n audience=\"vault\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var kubernetes = new Vault.AuthBackend(\"kubernetes\", new()\n {\n Type = \"kubernetes\",\n });\n\n var example = new Vault.Kubernetes.AuthBackendRole(\"example\", new()\n {\n Backend = kubernetes.Path,\n RoleName = \"example-role\",\n BoundServiceAccountNames = new[]\n {\n \"example\",\n },\n BoundServiceAccountNamespaces = new[]\n {\n \"example\",\n },\n TokenTtl = 3600,\n TokenPolicies = new[]\n {\n \"default\",\n \"dev\",\n \"prod\",\n },\n Audience = \"vault\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/kubernetes\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tkubernetes, err := vault.NewAuthBackend(ctx, \"kubernetes\", \u0026vault.AuthBackendArgs{\n\t\t\tType: pulumi.String(\"kubernetes\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kubernetes.NewAuthBackendRole(ctx, \"example\", \u0026kubernetes.AuthBackendRoleArgs{\n\t\t\tBackend: kubernetes.Path,\n\t\t\tRoleName: pulumi.String(\"example-role\"),\n\t\t\tBoundServiceAccountNames: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"example\"),\n\t\t\t},\n\t\t\tBoundServiceAccountNamespaces: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"example\"),\n\t\t\t},\n\t\t\tTokenTtl: pulumi.Int(3600),\n\t\t\tTokenPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"default\"),\n\t\t\t\tpulumi.String(\"dev\"),\n\t\t\t\tpulumi.String(\"prod\"),\n\t\t\t},\n\t\t\tAudience: pulumi.String(\"vault\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.AuthBackend;\nimport com.pulumi.vault.AuthBackendArgs;\nimport com.pulumi.vault.kubernetes.AuthBackendRole;\nimport com.pulumi.vault.kubernetes.AuthBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var kubernetes = new AuthBackend(\"kubernetes\", AuthBackendArgs.builder() \n .type(\"kubernetes\")\n .build());\n\n var example = new AuthBackendRole(\"example\", AuthBackendRoleArgs.builder() \n .backend(kubernetes.path())\n .roleName(\"example-role\")\n .boundServiceAccountNames(\"example\")\n .boundServiceAccountNamespaces(\"example\")\n .tokenTtl(3600)\n .tokenPolicies( \n \"default\",\n \"dev\",\n \"prod\")\n .audience(\"vault\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n kubernetes:\n type: vault:AuthBackend\n properties:\n type: kubernetes\n example:\n type: vault:kubernetes:AuthBackendRole\n properties:\n backend: ${kubernetes.path}\n roleName: example-role\n boundServiceAccountNames:\n - example\n boundServiceAccountNamespaces:\n - example\n tokenTtl: 3600\n tokenPolicies:\n - default\n - dev\n - prod\n audience: vault\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nKubernetes auth backend role can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:kubernetes/authBackendRole:AuthBackendRole foo auth/kubernetes/role/foo\n```\n ", "properties": { "aliasNameSource": { "type": "string", @@ -22143,7 +19366,7 @@ }, "audience": { "type": "string", - "description": "Audience claim to verify in the JWT.\n" + "description": "Audience claim to verify in the JWT.\n\n\u003e Please see [alias_name_source](https://www.vaultproject.io/api-docs/auth/kubernetes#alias_name_source)\nbefore setting this to something other its default value. There are **important** security\nimplications to be aware of.\n" }, "backend": { "type": "string", @@ -22227,7 +19450,7 @@ }, "audience": { "type": "string", - "description": "Audience claim to verify in the JWT.\n" + "description": "Audience claim to verify in the JWT.\n\n\u003e Please see [alias_name_source](https://www.vaultproject.io/api-docs/auth/kubernetes#alias_name_source)\nbefore setting this to something other its default value. There are **important** security\nimplications to be aware of.\n" }, "backend": { "type": "string", @@ -22315,7 +19538,7 @@ }, "audience": { "type": "string", - "description": "Audience claim to verify in the JWT.\n" + "description": "Audience claim to verify in the JWT.\n\n\u003e Please see [alias_name_source](https://www.vaultproject.io/api-docs/auth/kubernetes#alias_name_source)\nbefore setting this to something other its default value. There are **important** security\nimplications to be aware of.\n" }, "backend": { "type": "string", @@ -22393,7 +19616,7 @@ } }, "vault:kubernetes/secretBackend:SecretBackend": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as fs from \"fs\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new vault.kubernetes.SecretBackend(\"config\", {\n path: \"kubernetes\",\n description: \"kubernetes secrets engine description\",\n defaultLeaseTtlSeconds: 43200,\n maxLeaseTtlSeconds: 86400,\n kubernetesHost: \"https://127.0.0.1:61233\",\n kubernetesCaCert: fs.readFileSync(\"/path/to/cert\"),\n serviceAccountJwt: fs.readFileSync(\"/path/to/token\"),\n disableLocalCaJwt: false,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nconfig = vault.kubernetes.SecretBackend(\"config\",\n path=\"kubernetes\",\n description=\"kubernetes secrets engine description\",\n default_lease_ttl_seconds=43200,\n max_lease_ttl_seconds=86400,\n kubernetes_host=\"https://127.0.0.1:61233\",\n kubernetes_ca_cert=(lambda path: open(path).read())(\"/path/to/cert\"),\n service_account_jwt=(lambda path: open(path).read())(\"/path/to/token\"),\n disable_local_ca_jwt=False)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.IO;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Vault.Kubernetes.SecretBackend(\"config\", new()\n {\n Path = \"kubernetes\",\n Description = \"kubernetes secrets engine description\",\n DefaultLeaseTtlSeconds = 43200,\n MaxLeaseTtlSeconds = 86400,\n KubernetesHost = \"https://127.0.0.1:61233\",\n KubernetesCaCert = File.ReadAllText(\"/path/to/cert\"),\n ServiceAccountJwt = File.ReadAllText(\"/path/to/token\"),\n DisableLocalCaJwt = false,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"io/ioutil\"\n\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/kubernetes\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc readFileOrPanic(path string) pulumi.StringPtrInput {\n\tdata, err := ioutil.ReadFile(path)\n\tif err != nil {\n\t\tpanic(err.Error())\n\t}\n\treturn pulumi.String(string(data))\n}\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kubernetes.NewSecretBackend(ctx, \"config\", \u0026kubernetes.SecretBackendArgs{\n\t\t\tPath: pulumi.String(\"kubernetes\"),\n\t\t\tDescription: pulumi.String(\"kubernetes secrets engine description\"),\n\t\t\tDefaultLeaseTtlSeconds: pulumi.Int(43200),\n\t\t\tMaxLeaseTtlSeconds: pulumi.Int(86400),\n\t\t\tKubernetesHost: pulumi.String(\"https://127.0.0.1:61233\"),\n\t\t\tKubernetesCaCert: readFileOrPanic(\"/path/to/cert\"),\n\t\t\tServiceAccountJwt: readFileOrPanic(\"/path/to/token\"),\n\t\t\tDisableLocalCaJwt: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.kubernetes.SecretBackend;\nimport com.pulumi.vault.kubernetes.SecretBackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var config = new SecretBackend(\"config\", SecretBackendArgs.builder() \n .path(\"kubernetes\")\n .description(\"kubernetes secrets engine description\")\n .defaultLeaseTtlSeconds(43200)\n .maxLeaseTtlSeconds(86400)\n .kubernetesHost(\"https://127.0.0.1:61233\")\n .kubernetesCaCert(Files.readString(Paths.get(\"/path/to/cert\")))\n .serviceAccountJwt(Files.readString(Paths.get(\"/path/to/token\")))\n .disableLocalCaJwt(false)\n .build());\n\n }\n}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nThe Kubernetes secret backend can be imported using its `path` e.g.\n\n```sh\n $ pulumi import vault:kubernetes/secretBackend:SecretBackend config kubernetes\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as fs from \"fs\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new vault.kubernetes.SecretBackend(\"config\", {\n path: \"kubernetes\",\n description: \"kubernetes secrets engine description\",\n defaultLeaseTtlSeconds: 43200,\n maxLeaseTtlSeconds: 86400,\n kubernetesHost: \"https://127.0.0.1:61233\",\n kubernetesCaCert: fs.readFileSync(\"/path/to/cert\"),\n serviceAccountJwt: fs.readFileSync(\"/path/to/token\"),\n disableLocalCaJwt: false,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nconfig = vault.kubernetes.SecretBackend(\"config\",\n path=\"kubernetes\",\n description=\"kubernetes secrets engine description\",\n default_lease_ttl_seconds=43200,\n max_lease_ttl_seconds=86400,\n kubernetes_host=\"https://127.0.0.1:61233\",\n kubernetes_ca_cert=(lambda path: open(path).read())(\"/path/to/cert\"),\n service_account_jwt=(lambda path: open(path).read())(\"/path/to/token\"),\n disable_local_ca_jwt=False)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.IO;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Vault.Kubernetes.SecretBackend(\"config\", new()\n {\n Path = \"kubernetes\",\n Description = \"kubernetes secrets engine description\",\n DefaultLeaseTtlSeconds = 43200,\n MaxLeaseTtlSeconds = 86400,\n KubernetesHost = \"https://127.0.0.1:61233\",\n KubernetesCaCert = File.ReadAllText(\"/path/to/cert\"),\n ServiceAccountJwt = File.ReadAllText(\"/path/to/token\"),\n DisableLocalCaJwt = false,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"os\"\n\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/kubernetes\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc readFileOrPanic(path string) pulumi.StringPtrInput {\n\tdata, err := os.ReadFile(path)\n\tif err != nil {\n\t\tpanic(err.Error())\n\t}\n\treturn pulumi.String(string(data))\n}\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kubernetes.NewSecretBackend(ctx, \"config\", \u0026kubernetes.SecretBackendArgs{\n\t\t\tPath: pulumi.String(\"kubernetes\"),\n\t\t\tDescription: pulumi.String(\"kubernetes secrets engine description\"),\n\t\t\tDefaultLeaseTtlSeconds: pulumi.Int(43200),\n\t\t\tMaxLeaseTtlSeconds: pulumi.Int(86400),\n\t\t\tKubernetesHost: pulumi.String(\"https://127.0.0.1:61233\"),\n\t\t\tKubernetesCaCert: readFileOrPanic(\"/path/to/cert\"),\n\t\t\tServiceAccountJwt: readFileOrPanic(\"/path/to/token\"),\n\t\t\tDisableLocalCaJwt: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.kubernetes.SecretBackend;\nimport com.pulumi.vault.kubernetes.SecretBackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var config = new SecretBackend(\"config\", SecretBackendArgs.builder() \n .path(\"kubernetes\")\n .description(\"kubernetes secrets engine description\")\n .defaultLeaseTtlSeconds(43200)\n .maxLeaseTtlSeconds(86400)\n .kubernetesHost(\"https://127.0.0.1:61233\")\n .kubernetesCaCert(Files.readString(Paths.get(\"/path/to/cert\")))\n .serviceAccountJwt(Files.readString(Paths.get(\"/path/to/token\")))\n .disableLocalCaJwt(false)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n config:\n type: vault:kubernetes:SecretBackend\n properties:\n path: kubernetes\n description: kubernetes secrets engine description\n defaultLeaseTtlSeconds: 43200\n maxLeaseTtlSeconds: 86400\n kubernetesHost: https://127.0.0.1:61233\n kubernetesCaCert:\n fn::readFile: /path/to/cert\n serviceAccountJwt:\n fn::readFile: /path/to/token\n disableLocalCaJwt: false\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nThe Kubernetes secret backend can be imported using its `path` e.g.\n\n```sh\n $ pulumi import vault:kubernetes/secretBackend:SecretBackend config kubernetes\n```\n ", "properties": { "accessor": { "type": "string", @@ -22667,7 +19890,7 @@ } }, "vault:kubernetes/secretBackendRole:SecretBackendRole": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\nExample using `service_account_name` mode:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as fs from \"fs\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new vault.kubernetes.SecretBackend(\"config\", {\n path: \"kubernetes\",\n description: \"kubernetes secrets engine description\",\n kubernetesHost: \"https://127.0.0.1:61233\",\n kubernetesCaCert: fs.readFileSync(\"/path/to/cert\"),\n serviceAccountJwt: fs.readFileSync(\"/path/to/token\"),\n disableLocalCaJwt: false,\n});\nconst sa_example = new vault.kubernetes.SecretBackendRole(\"sa-example\", {\n backend: config.path,\n allowedKubernetesNamespaces: [\"*\"],\n tokenMaxTtl: 43200,\n tokenDefaultTtl: 21600,\n serviceAccountName: \"test-service-account-with-generated-token\",\n extraLabels: {\n id: \"abc123\",\n name: \"some_name\",\n },\n extraAnnotations: {\n env: \"development\",\n location: \"earth\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nconfig = vault.kubernetes.SecretBackend(\"config\",\n path=\"kubernetes\",\n description=\"kubernetes secrets engine description\",\n kubernetes_host=\"https://127.0.0.1:61233\",\n kubernetes_ca_cert=(lambda path: open(path).read())(\"/path/to/cert\"),\n service_account_jwt=(lambda path: open(path).read())(\"/path/to/token\"),\n disable_local_ca_jwt=False)\nsa_example = vault.kubernetes.SecretBackendRole(\"sa-example\",\n backend=config.path,\n allowed_kubernetes_namespaces=[\"*\"],\n token_max_ttl=43200,\n token_default_ttl=21600,\n service_account_name=\"test-service-account-with-generated-token\",\n extra_labels={\n \"id\": \"abc123\",\n \"name\": \"some_name\",\n },\n extra_annotations={\n \"env\": \"development\",\n \"location\": \"earth\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.IO;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Vault.Kubernetes.SecretBackend(\"config\", new()\n {\n Path = \"kubernetes\",\n Description = \"kubernetes secrets engine description\",\n KubernetesHost = \"https://127.0.0.1:61233\",\n KubernetesCaCert = File.ReadAllText(\"/path/to/cert\"),\n ServiceAccountJwt = File.ReadAllText(\"/path/to/token\"),\n DisableLocalCaJwt = false,\n });\n\n var sa_example = new Vault.Kubernetes.SecretBackendRole(\"sa-example\", new()\n {\n Backend = config.Path,\n AllowedKubernetesNamespaces = new[]\n {\n \"*\",\n },\n TokenMaxTtl = 43200,\n TokenDefaultTtl = 21600,\n ServiceAccountName = \"test-service-account-with-generated-token\",\n ExtraLabels = \n {\n { \"id\", \"abc123\" },\n { \"name\", \"some_name\" },\n },\n ExtraAnnotations = \n {\n { \"env\", \"development\" },\n { \"location\", \"earth\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"io/ioutil\"\n\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/kubernetes\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc readFileOrPanic(path string) pulumi.StringPtrInput {\n\tdata, err := ioutil.ReadFile(path)\n\tif err != nil {\n\t\tpanic(err.Error())\n\t}\n\treturn pulumi.String(string(data))\n}\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tconfig, err := kubernetes.NewSecretBackend(ctx, \"config\", \u0026kubernetes.SecretBackendArgs{\n\t\t\tPath: pulumi.String(\"kubernetes\"),\n\t\t\tDescription: pulumi.String(\"kubernetes secrets engine description\"),\n\t\t\tKubernetesHost: pulumi.String(\"https://127.0.0.1:61233\"),\n\t\t\tKubernetesCaCert: readFileOrPanic(\"/path/to/cert\"),\n\t\t\tServiceAccountJwt: readFileOrPanic(\"/path/to/token\"),\n\t\t\tDisableLocalCaJwt: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kubernetes.NewSecretBackendRole(ctx, \"sa-example\", \u0026kubernetes.SecretBackendRoleArgs{\n\t\t\tBackend: config.Path,\n\t\t\tAllowedKubernetesNamespaces: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"*\"),\n\t\t\t},\n\t\t\tTokenMaxTtl: pulumi.Int(43200),\n\t\t\tTokenDefaultTtl: pulumi.Int(21600),\n\t\t\tServiceAccountName: pulumi.String(\"test-service-account-with-generated-token\"),\n\t\t\tExtraLabels: pulumi.StringMap{\n\t\t\t\t\"id\": pulumi.String(\"abc123\"),\n\t\t\t\t\"name\": pulumi.String(\"some_name\"),\n\t\t\t},\n\t\t\tExtraAnnotations: pulumi.StringMap{\n\t\t\t\t\"env\": pulumi.String(\"development\"),\n\t\t\t\t\"location\": pulumi.String(\"earth\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.kubernetes.SecretBackend;\nimport com.pulumi.vault.kubernetes.SecretBackendArgs;\nimport com.pulumi.vault.kubernetes.SecretBackendRole;\nimport com.pulumi.vault.kubernetes.SecretBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var config = new SecretBackend(\"config\", SecretBackendArgs.builder() \n .path(\"kubernetes\")\n .description(\"kubernetes secrets engine description\")\n .kubernetesHost(\"https://127.0.0.1:61233\")\n .kubernetesCaCert(Files.readString(Paths.get(\"/path/to/cert\")))\n .serviceAccountJwt(Files.readString(Paths.get(\"/path/to/token\")))\n .disableLocalCaJwt(false)\n .build());\n\n var sa_example = new SecretBackendRole(\"sa-example\", SecretBackendRoleArgs.builder() \n .backend(config.path())\n .allowedKubernetesNamespaces(\"*\")\n .tokenMaxTtl(43200)\n .tokenDefaultTtl(21600)\n .serviceAccountName(\"test-service-account-with-generated-token\")\n .extraLabels(Map.ofEntries(\n Map.entry(\"id\", \"abc123\"),\n Map.entry(\"name\", \"some_name\")\n ))\n .extraAnnotations(Map.ofEntries(\n Map.entry(\"env\", \"development\"),\n Map.entry(\"location\", \"earth\")\n ))\n .build());\n\n }\n}\n```\n\nExample using `kubernetes_role_name` mode:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as fs from \"fs\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new vault.kubernetes.SecretBackend(\"config\", {\n path: \"kubernetes\",\n description: \"kubernetes secrets engine description\",\n kubernetesHost: \"https://127.0.0.1:61233\",\n kubernetesCaCert: fs.readFileSync(\"/path/to/cert\"),\n serviceAccountJwt: fs.readFileSync(\"/path/to/token\"),\n disableLocalCaJwt: false,\n});\nconst name_example = new vault.kubernetes.SecretBackendRole(\"name-example\", {\n backend: config.path,\n allowedKubernetesNamespaces: [\"*\"],\n tokenMaxTtl: 43200,\n tokenDefaultTtl: 21600,\n kubernetesRoleName: \"vault-k8s-secrets-role\",\n extraLabels: {\n id: \"abc123\",\n name: \"some_name\",\n },\n extraAnnotations: {\n env: \"development\",\n location: \"earth\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nconfig = vault.kubernetes.SecretBackend(\"config\",\n path=\"kubernetes\",\n description=\"kubernetes secrets engine description\",\n kubernetes_host=\"https://127.0.0.1:61233\",\n kubernetes_ca_cert=(lambda path: open(path).read())(\"/path/to/cert\"),\n service_account_jwt=(lambda path: open(path).read())(\"/path/to/token\"),\n disable_local_ca_jwt=False)\nname_example = vault.kubernetes.SecretBackendRole(\"name-example\",\n backend=config.path,\n allowed_kubernetes_namespaces=[\"*\"],\n token_max_ttl=43200,\n token_default_ttl=21600,\n kubernetes_role_name=\"vault-k8s-secrets-role\",\n extra_labels={\n \"id\": \"abc123\",\n \"name\": \"some_name\",\n },\n extra_annotations={\n \"env\": \"development\",\n \"location\": \"earth\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.IO;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Vault.Kubernetes.SecretBackend(\"config\", new()\n {\n Path = \"kubernetes\",\n Description = \"kubernetes secrets engine description\",\n KubernetesHost = \"https://127.0.0.1:61233\",\n KubernetesCaCert = File.ReadAllText(\"/path/to/cert\"),\n ServiceAccountJwt = File.ReadAllText(\"/path/to/token\"),\n DisableLocalCaJwt = false,\n });\n\n var name_example = new Vault.Kubernetes.SecretBackendRole(\"name-example\", new()\n {\n Backend = config.Path,\n AllowedKubernetesNamespaces = new[]\n {\n \"*\",\n },\n TokenMaxTtl = 43200,\n TokenDefaultTtl = 21600,\n KubernetesRoleName = \"vault-k8s-secrets-role\",\n ExtraLabels = \n {\n { \"id\", \"abc123\" },\n { \"name\", \"some_name\" },\n },\n ExtraAnnotations = \n {\n { \"env\", \"development\" },\n { \"location\", \"earth\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"io/ioutil\"\n\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/kubernetes\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc readFileOrPanic(path string) pulumi.StringPtrInput {\n\tdata, err := ioutil.ReadFile(path)\n\tif err != nil {\n\t\tpanic(err.Error())\n\t}\n\treturn pulumi.String(string(data))\n}\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tconfig, err := kubernetes.NewSecretBackend(ctx, \"config\", \u0026kubernetes.SecretBackendArgs{\n\t\t\tPath: pulumi.String(\"kubernetes\"),\n\t\t\tDescription: pulumi.String(\"kubernetes secrets engine description\"),\n\t\t\tKubernetesHost: pulumi.String(\"https://127.0.0.1:61233\"),\n\t\t\tKubernetesCaCert: readFileOrPanic(\"/path/to/cert\"),\n\t\t\tServiceAccountJwt: readFileOrPanic(\"/path/to/token\"),\n\t\t\tDisableLocalCaJwt: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kubernetes.NewSecretBackendRole(ctx, \"name-example\", \u0026kubernetes.SecretBackendRoleArgs{\n\t\t\tBackend: config.Path,\n\t\t\tAllowedKubernetesNamespaces: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"*\"),\n\t\t\t},\n\t\t\tTokenMaxTtl: pulumi.Int(43200),\n\t\t\tTokenDefaultTtl: pulumi.Int(21600),\n\t\t\tKubernetesRoleName: pulumi.String(\"vault-k8s-secrets-role\"),\n\t\t\tExtraLabels: pulumi.StringMap{\n\t\t\t\t\"id\": pulumi.String(\"abc123\"),\n\t\t\t\t\"name\": pulumi.String(\"some_name\"),\n\t\t\t},\n\t\t\tExtraAnnotations: pulumi.StringMap{\n\t\t\t\t\"env\": pulumi.String(\"development\"),\n\t\t\t\t\"location\": pulumi.String(\"earth\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.kubernetes.SecretBackend;\nimport com.pulumi.vault.kubernetes.SecretBackendArgs;\nimport com.pulumi.vault.kubernetes.SecretBackendRole;\nimport com.pulumi.vault.kubernetes.SecretBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var config = new SecretBackend(\"config\", SecretBackendArgs.builder() \n .path(\"kubernetes\")\n .description(\"kubernetes secrets engine description\")\n .kubernetesHost(\"https://127.0.0.1:61233\")\n .kubernetesCaCert(Files.readString(Paths.get(\"/path/to/cert\")))\n .serviceAccountJwt(Files.readString(Paths.get(\"/path/to/token\")))\n .disableLocalCaJwt(false)\n .build());\n\n var name_example = new SecretBackendRole(\"name-example\", SecretBackendRoleArgs.builder() \n .backend(config.path())\n .allowedKubernetesNamespaces(\"*\")\n .tokenMaxTtl(43200)\n .tokenDefaultTtl(21600)\n .kubernetesRoleName(\"vault-k8s-secrets-role\")\n .extraLabels(Map.ofEntries(\n Map.entry(\"id\", \"abc123\"),\n Map.entry(\"name\", \"some_name\")\n ))\n .extraAnnotations(Map.ofEntries(\n Map.entry(\"env\", \"development\"),\n Map.entry(\"location\", \"earth\")\n ))\n .build());\n\n }\n}\n```\n\nExample using `generated_role_rules` mode:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as fs from \"fs\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new vault.kubernetes.SecretBackend(\"config\", {\n path: \"kubernetes\",\n description: \"kubernetes secrets engine description\",\n kubernetesHost: \"https://127.0.0.1:61233\",\n kubernetesCaCert: fs.readFileSync(\"/path/to/cert\"),\n serviceAccountJwt: fs.readFileSync(\"/path/to/token\"),\n disableLocalCaJwt: false,\n});\nconst rules_example = new vault.kubernetes.SecretBackendRole(\"rules-example\", {\n backend: config.path,\n allowedKubernetesNamespaces: [\"*\"],\n tokenMaxTtl: 43200,\n tokenDefaultTtl: 21600,\n kubernetesRoleType: \"Role\",\n generatedRoleRules: `rules:\n- apiGroups: [\"\"]\n resources: [\"pods\"]\n verbs: [\"list\"]\n`,\n extraLabels: {\n id: \"abc123\",\n name: \"some_name\",\n },\n extraAnnotations: {\n env: \"development\",\n location: \"earth\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nconfig = vault.kubernetes.SecretBackend(\"config\",\n path=\"kubernetes\",\n description=\"kubernetes secrets engine description\",\n kubernetes_host=\"https://127.0.0.1:61233\",\n kubernetes_ca_cert=(lambda path: open(path).read())(\"/path/to/cert\"),\n service_account_jwt=(lambda path: open(path).read())(\"/path/to/token\"),\n disable_local_ca_jwt=False)\nrules_example = vault.kubernetes.SecretBackendRole(\"rules-example\",\n backend=config.path,\n allowed_kubernetes_namespaces=[\"*\"],\n token_max_ttl=43200,\n token_default_ttl=21600,\n kubernetes_role_type=\"Role\",\n generated_role_rules=\"\"\"rules:\n- apiGroups: [\"\"]\n resources: [\"pods\"]\n verbs: [\"list\"]\n\"\"\",\n extra_labels={\n \"id\": \"abc123\",\n \"name\": \"some_name\",\n },\n extra_annotations={\n \"env\": \"development\",\n \"location\": \"earth\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.IO;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Vault.Kubernetes.SecretBackend(\"config\", new()\n {\n Path = \"kubernetes\",\n Description = \"kubernetes secrets engine description\",\n KubernetesHost = \"https://127.0.0.1:61233\",\n KubernetesCaCert = File.ReadAllText(\"/path/to/cert\"),\n ServiceAccountJwt = File.ReadAllText(\"/path/to/token\"),\n DisableLocalCaJwt = false,\n });\n\n var rules_example = new Vault.Kubernetes.SecretBackendRole(\"rules-example\", new()\n {\n Backend = config.Path,\n AllowedKubernetesNamespaces = new[]\n {\n \"*\",\n },\n TokenMaxTtl = 43200,\n TokenDefaultTtl = 21600,\n KubernetesRoleType = \"Role\",\n GeneratedRoleRules = @\"rules:\n- apiGroups: [\"\"\"\"]\n resources: [\"\"pods\"\"]\n verbs: [\"\"list\"\"]\n\",\n ExtraLabels = \n {\n { \"id\", \"abc123\" },\n { \"name\", \"some_name\" },\n },\n ExtraAnnotations = \n {\n { \"env\", \"development\" },\n { \"location\", \"earth\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"io/ioutil\"\n\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/kubernetes\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc readFileOrPanic(path string) pulumi.StringPtrInput {\n\tdata, err := ioutil.ReadFile(path)\n\tif err != nil {\n\t\tpanic(err.Error())\n\t}\n\treturn pulumi.String(string(data))\n}\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tconfig, err := kubernetes.NewSecretBackend(ctx, \"config\", \u0026kubernetes.SecretBackendArgs{\n\t\t\tPath: pulumi.String(\"kubernetes\"),\n\t\t\tDescription: pulumi.String(\"kubernetes secrets engine description\"),\n\t\t\tKubernetesHost: pulumi.String(\"https://127.0.0.1:61233\"),\n\t\t\tKubernetesCaCert: readFileOrPanic(\"/path/to/cert\"),\n\t\t\tServiceAccountJwt: readFileOrPanic(\"/path/to/token\"),\n\t\t\tDisableLocalCaJwt: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kubernetes.NewSecretBackendRole(ctx, \"rules-example\", \u0026kubernetes.SecretBackendRoleArgs{\n\t\t\tBackend: config.Path,\n\t\t\tAllowedKubernetesNamespaces: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"*\"),\n\t\t\t},\n\t\t\tTokenMaxTtl: pulumi.Int(43200),\n\t\t\tTokenDefaultTtl: pulumi.Int(21600),\n\t\t\tKubernetesRoleType: pulumi.String(\"Role\"),\n\t\t\tGeneratedRoleRules: pulumi.String(\"rules:\\n- apiGroups: [\\\"\\\"]\\n resources: [\\\"pods\\\"]\\n verbs: [\\\"list\\\"]\\n\"),\n\t\t\tExtraLabels: pulumi.StringMap{\n\t\t\t\t\"id\": pulumi.String(\"abc123\"),\n\t\t\t\t\"name\": pulumi.String(\"some_name\"),\n\t\t\t},\n\t\t\tExtraAnnotations: pulumi.StringMap{\n\t\t\t\t\"env\": pulumi.String(\"development\"),\n\t\t\t\t\"location\": pulumi.String(\"earth\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.kubernetes.SecretBackend;\nimport com.pulumi.vault.kubernetes.SecretBackendArgs;\nimport com.pulumi.vault.kubernetes.SecretBackendRole;\nimport com.pulumi.vault.kubernetes.SecretBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var config = new SecretBackend(\"config\", SecretBackendArgs.builder() \n .path(\"kubernetes\")\n .description(\"kubernetes secrets engine description\")\n .kubernetesHost(\"https://127.0.0.1:61233\")\n .kubernetesCaCert(Files.readString(Paths.get(\"/path/to/cert\")))\n .serviceAccountJwt(Files.readString(Paths.get(\"/path/to/token\")))\n .disableLocalCaJwt(false)\n .build());\n\n var rules_example = new SecretBackendRole(\"rules-example\", SecretBackendRoleArgs.builder() \n .backend(config.path())\n .allowedKubernetesNamespaces(\"*\")\n .tokenMaxTtl(43200)\n .tokenDefaultTtl(21600)\n .kubernetesRoleType(\"Role\")\n .generatedRoleRules(\"\"\"\nrules:\n- apiGroups: [\"\"]\n resources: [\"pods\"]\n verbs: [\"list\"]\n \"\"\")\n .extraLabels(Map.ofEntries(\n Map.entry(\"id\", \"abc123\"),\n Map.entry(\"name\", \"some_name\")\n ))\n .extraAnnotations(Map.ofEntries(\n Map.entry(\"env\", \"development\"),\n Map.entry(\"location\", \"earth\")\n ))\n .build());\n\n }\n}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nThe Kubernetes secret backend role can be imported using the full path to the role of the form`\u003cbackend_path\u003e/roles/\u003crole_name\u003e` e.g.\n\n```sh\n $ pulumi import vault:kubernetes/secretBackendRole:SecretBackendRole example kubernetes kubernetes/roles/example-role\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\nExample using `service_account_name` mode:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as fs from \"fs\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new vault.kubernetes.SecretBackend(\"config\", {\n path: \"kubernetes\",\n description: \"kubernetes secrets engine description\",\n kubernetesHost: \"https://127.0.0.1:61233\",\n kubernetesCaCert: fs.readFileSync(\"/path/to/cert\"),\n serviceAccountJwt: fs.readFileSync(\"/path/to/token\"),\n disableLocalCaJwt: false,\n});\nconst sa_example = new vault.kubernetes.SecretBackendRole(\"sa-example\", {\n backend: config.path,\n allowedKubernetesNamespaces: [\"*\"],\n tokenMaxTtl: 43200,\n tokenDefaultTtl: 21600,\n serviceAccountName: \"test-service-account-with-generated-token\",\n extraLabels: {\n id: \"abc123\",\n name: \"some_name\",\n },\n extraAnnotations: {\n env: \"development\",\n location: \"earth\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nconfig = vault.kubernetes.SecretBackend(\"config\",\n path=\"kubernetes\",\n description=\"kubernetes secrets engine description\",\n kubernetes_host=\"https://127.0.0.1:61233\",\n kubernetes_ca_cert=(lambda path: open(path).read())(\"/path/to/cert\"),\n service_account_jwt=(lambda path: open(path).read())(\"/path/to/token\"),\n disable_local_ca_jwt=False)\nsa_example = vault.kubernetes.SecretBackendRole(\"sa-example\",\n backend=config.path,\n allowed_kubernetes_namespaces=[\"*\"],\n token_max_ttl=43200,\n token_default_ttl=21600,\n service_account_name=\"test-service-account-with-generated-token\",\n extra_labels={\n \"id\": \"abc123\",\n \"name\": \"some_name\",\n },\n extra_annotations={\n \"env\": \"development\",\n \"location\": \"earth\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.IO;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Vault.Kubernetes.SecretBackend(\"config\", new()\n {\n Path = \"kubernetes\",\n Description = \"kubernetes secrets engine description\",\n KubernetesHost = \"https://127.0.0.1:61233\",\n KubernetesCaCert = File.ReadAllText(\"/path/to/cert\"),\n ServiceAccountJwt = File.ReadAllText(\"/path/to/token\"),\n DisableLocalCaJwt = false,\n });\n\n var sa_example = new Vault.Kubernetes.SecretBackendRole(\"sa-example\", new()\n {\n Backend = config.Path,\n AllowedKubernetesNamespaces = new[]\n {\n \"*\",\n },\n TokenMaxTtl = 43200,\n TokenDefaultTtl = 21600,\n ServiceAccountName = \"test-service-account-with-generated-token\",\n ExtraLabels = \n {\n { \"id\", \"abc123\" },\n { \"name\", \"some_name\" },\n },\n ExtraAnnotations = \n {\n { \"env\", \"development\" },\n { \"location\", \"earth\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"os\"\n\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/kubernetes\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc readFileOrPanic(path string) pulumi.StringPtrInput {\n\tdata, err := os.ReadFile(path)\n\tif err != nil {\n\t\tpanic(err.Error())\n\t}\n\treturn pulumi.String(string(data))\n}\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tconfig, err := kubernetes.NewSecretBackend(ctx, \"config\", \u0026kubernetes.SecretBackendArgs{\n\t\t\tPath: pulumi.String(\"kubernetes\"),\n\t\t\tDescription: pulumi.String(\"kubernetes secrets engine description\"),\n\t\t\tKubernetesHost: pulumi.String(\"https://127.0.0.1:61233\"),\n\t\t\tKubernetesCaCert: readFileOrPanic(\"/path/to/cert\"),\n\t\t\tServiceAccountJwt: readFileOrPanic(\"/path/to/token\"),\n\t\t\tDisableLocalCaJwt: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kubernetes.NewSecretBackendRole(ctx, \"sa-example\", \u0026kubernetes.SecretBackendRoleArgs{\n\t\t\tBackend: config.Path,\n\t\t\tAllowedKubernetesNamespaces: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"*\"),\n\t\t\t},\n\t\t\tTokenMaxTtl: pulumi.Int(43200),\n\t\t\tTokenDefaultTtl: pulumi.Int(21600),\n\t\t\tServiceAccountName: pulumi.String(\"test-service-account-with-generated-token\"),\n\t\t\tExtraLabels: pulumi.StringMap{\n\t\t\t\t\"id\": pulumi.String(\"abc123\"),\n\t\t\t\t\"name\": pulumi.String(\"some_name\"),\n\t\t\t},\n\t\t\tExtraAnnotations: pulumi.StringMap{\n\t\t\t\t\"env\": pulumi.String(\"development\"),\n\t\t\t\t\"location\": pulumi.String(\"earth\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.kubernetes.SecretBackend;\nimport com.pulumi.vault.kubernetes.SecretBackendArgs;\nimport com.pulumi.vault.kubernetes.SecretBackendRole;\nimport com.pulumi.vault.kubernetes.SecretBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var config = new SecretBackend(\"config\", SecretBackendArgs.builder() \n .path(\"kubernetes\")\n .description(\"kubernetes secrets engine description\")\n .kubernetesHost(\"https://127.0.0.1:61233\")\n .kubernetesCaCert(Files.readString(Paths.get(\"/path/to/cert\")))\n .serviceAccountJwt(Files.readString(Paths.get(\"/path/to/token\")))\n .disableLocalCaJwt(false)\n .build());\n\n var sa_example = new SecretBackendRole(\"sa-example\", SecretBackendRoleArgs.builder() \n .backend(config.path())\n .allowedKubernetesNamespaces(\"*\")\n .tokenMaxTtl(43200)\n .tokenDefaultTtl(21600)\n .serviceAccountName(\"test-service-account-with-generated-token\")\n .extraLabels(Map.ofEntries(\n Map.entry(\"id\", \"abc123\"),\n Map.entry(\"name\", \"some_name\")\n ))\n .extraAnnotations(Map.ofEntries(\n Map.entry(\"env\", \"development\"),\n Map.entry(\"location\", \"earth\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n config:\n type: vault:kubernetes:SecretBackend\n properties:\n path: kubernetes\n description: kubernetes secrets engine description\n kubernetesHost: https://127.0.0.1:61233\n kubernetesCaCert:\n fn::readFile: /path/to/cert\n serviceAccountJwt:\n fn::readFile: /path/to/token\n disableLocalCaJwt: false\n sa-example:\n type: vault:kubernetes:SecretBackendRole\n properties:\n backend: ${config.path}\n allowedKubernetesNamespaces:\n - '*'\n tokenMaxTtl: 43200\n tokenDefaultTtl: 21600\n serviceAccountName: test-service-account-with-generated-token\n extraLabels:\n id: abc123\n name: some_name\n extraAnnotations:\n env: development\n location: earth\n```\n\nExample using `kubernetes_role_name` mode:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as fs from \"fs\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new vault.kubernetes.SecretBackend(\"config\", {\n path: \"kubernetes\",\n description: \"kubernetes secrets engine description\",\n kubernetesHost: \"https://127.0.0.1:61233\",\n kubernetesCaCert: fs.readFileSync(\"/path/to/cert\"),\n serviceAccountJwt: fs.readFileSync(\"/path/to/token\"),\n disableLocalCaJwt: false,\n});\nconst name_example = new vault.kubernetes.SecretBackendRole(\"name-example\", {\n backend: config.path,\n allowedKubernetesNamespaces: [\"*\"],\n tokenMaxTtl: 43200,\n tokenDefaultTtl: 21600,\n kubernetesRoleName: \"vault-k8s-secrets-role\",\n extraLabels: {\n id: \"abc123\",\n name: \"some_name\",\n },\n extraAnnotations: {\n env: \"development\",\n location: \"earth\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nconfig = vault.kubernetes.SecretBackend(\"config\",\n path=\"kubernetes\",\n description=\"kubernetes secrets engine description\",\n kubernetes_host=\"https://127.0.0.1:61233\",\n kubernetes_ca_cert=(lambda path: open(path).read())(\"/path/to/cert\"),\n service_account_jwt=(lambda path: open(path).read())(\"/path/to/token\"),\n disable_local_ca_jwt=False)\nname_example = vault.kubernetes.SecretBackendRole(\"name-example\",\n backend=config.path,\n allowed_kubernetes_namespaces=[\"*\"],\n token_max_ttl=43200,\n token_default_ttl=21600,\n kubernetes_role_name=\"vault-k8s-secrets-role\",\n extra_labels={\n \"id\": \"abc123\",\n \"name\": \"some_name\",\n },\n extra_annotations={\n \"env\": \"development\",\n \"location\": \"earth\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.IO;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Vault.Kubernetes.SecretBackend(\"config\", new()\n {\n Path = \"kubernetes\",\n Description = \"kubernetes secrets engine description\",\n KubernetesHost = \"https://127.0.0.1:61233\",\n KubernetesCaCert = File.ReadAllText(\"/path/to/cert\"),\n ServiceAccountJwt = File.ReadAllText(\"/path/to/token\"),\n DisableLocalCaJwt = false,\n });\n\n var name_example = new Vault.Kubernetes.SecretBackendRole(\"name-example\", new()\n {\n Backend = config.Path,\n AllowedKubernetesNamespaces = new[]\n {\n \"*\",\n },\n TokenMaxTtl = 43200,\n TokenDefaultTtl = 21600,\n KubernetesRoleName = \"vault-k8s-secrets-role\",\n ExtraLabels = \n {\n { \"id\", \"abc123\" },\n { \"name\", \"some_name\" },\n },\n ExtraAnnotations = \n {\n { \"env\", \"development\" },\n { \"location\", \"earth\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"os\"\n\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/kubernetes\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc readFileOrPanic(path string) pulumi.StringPtrInput {\n\tdata, err := os.ReadFile(path)\n\tif err != nil {\n\t\tpanic(err.Error())\n\t}\n\treturn pulumi.String(string(data))\n}\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tconfig, err := kubernetes.NewSecretBackend(ctx, \"config\", \u0026kubernetes.SecretBackendArgs{\n\t\t\tPath: pulumi.String(\"kubernetes\"),\n\t\t\tDescription: pulumi.String(\"kubernetes secrets engine description\"),\n\t\t\tKubernetesHost: pulumi.String(\"https://127.0.0.1:61233\"),\n\t\t\tKubernetesCaCert: readFileOrPanic(\"/path/to/cert\"),\n\t\t\tServiceAccountJwt: readFileOrPanic(\"/path/to/token\"),\n\t\t\tDisableLocalCaJwt: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kubernetes.NewSecretBackendRole(ctx, \"name-example\", \u0026kubernetes.SecretBackendRoleArgs{\n\t\t\tBackend: config.Path,\n\t\t\tAllowedKubernetesNamespaces: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"*\"),\n\t\t\t},\n\t\t\tTokenMaxTtl: pulumi.Int(43200),\n\t\t\tTokenDefaultTtl: pulumi.Int(21600),\n\t\t\tKubernetesRoleName: pulumi.String(\"vault-k8s-secrets-role\"),\n\t\t\tExtraLabels: pulumi.StringMap{\n\t\t\t\t\"id\": pulumi.String(\"abc123\"),\n\t\t\t\t\"name\": pulumi.String(\"some_name\"),\n\t\t\t},\n\t\t\tExtraAnnotations: pulumi.StringMap{\n\t\t\t\t\"env\": pulumi.String(\"development\"),\n\t\t\t\t\"location\": pulumi.String(\"earth\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.kubernetes.SecretBackend;\nimport com.pulumi.vault.kubernetes.SecretBackendArgs;\nimport com.pulumi.vault.kubernetes.SecretBackendRole;\nimport com.pulumi.vault.kubernetes.SecretBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var config = new SecretBackend(\"config\", SecretBackendArgs.builder() \n .path(\"kubernetes\")\n .description(\"kubernetes secrets engine description\")\n .kubernetesHost(\"https://127.0.0.1:61233\")\n .kubernetesCaCert(Files.readString(Paths.get(\"/path/to/cert\")))\n .serviceAccountJwt(Files.readString(Paths.get(\"/path/to/token\")))\n .disableLocalCaJwt(false)\n .build());\n\n var name_example = new SecretBackendRole(\"name-example\", SecretBackendRoleArgs.builder() \n .backend(config.path())\n .allowedKubernetesNamespaces(\"*\")\n .tokenMaxTtl(43200)\n .tokenDefaultTtl(21600)\n .kubernetesRoleName(\"vault-k8s-secrets-role\")\n .extraLabels(Map.ofEntries(\n Map.entry(\"id\", \"abc123\"),\n Map.entry(\"name\", \"some_name\")\n ))\n .extraAnnotations(Map.ofEntries(\n Map.entry(\"env\", \"development\"),\n Map.entry(\"location\", \"earth\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n config:\n type: vault:kubernetes:SecretBackend\n properties:\n path: kubernetes\n description: kubernetes secrets engine description\n kubernetesHost: https://127.0.0.1:61233\n kubernetesCaCert:\n fn::readFile: /path/to/cert\n serviceAccountJwt:\n fn::readFile: /path/to/token\n disableLocalCaJwt: false\n name-example:\n type: vault:kubernetes:SecretBackendRole\n properties:\n backend: ${config.path}\n allowedKubernetesNamespaces:\n - '*'\n tokenMaxTtl: 43200\n tokenDefaultTtl: 21600\n kubernetesRoleName: vault-k8s-secrets-role\n extraLabels:\n id: abc123\n name: some_name\n extraAnnotations:\n env: development\n location: earth\n```\n\nExample using `generated_role_rules` mode:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as fs from \"fs\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new vault.kubernetes.SecretBackend(\"config\", {\n path: \"kubernetes\",\n description: \"kubernetes secrets engine description\",\n kubernetesHost: \"https://127.0.0.1:61233\",\n kubernetesCaCert: fs.readFileSync(\"/path/to/cert\"),\n serviceAccountJwt: fs.readFileSync(\"/path/to/token\"),\n disableLocalCaJwt: false,\n});\nconst rules_example = new vault.kubernetes.SecretBackendRole(\"rules-example\", {\n backend: config.path,\n allowedKubernetesNamespaces: [\"*\"],\n tokenMaxTtl: 43200,\n tokenDefaultTtl: 21600,\n kubernetesRoleType: \"Role\",\n generatedRoleRules: `rules:\n- apiGroups: [\"\"]\n resources: [\"pods\"]\n verbs: [\"list\"]\n`,\n extraLabels: {\n id: \"abc123\",\n name: \"some_name\",\n },\n extraAnnotations: {\n env: \"development\",\n location: \"earth\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nconfig = vault.kubernetes.SecretBackend(\"config\",\n path=\"kubernetes\",\n description=\"kubernetes secrets engine description\",\n kubernetes_host=\"https://127.0.0.1:61233\",\n kubernetes_ca_cert=(lambda path: open(path).read())(\"/path/to/cert\"),\n service_account_jwt=(lambda path: open(path).read())(\"/path/to/token\"),\n disable_local_ca_jwt=False)\nrules_example = vault.kubernetes.SecretBackendRole(\"rules-example\",\n backend=config.path,\n allowed_kubernetes_namespaces=[\"*\"],\n token_max_ttl=43200,\n token_default_ttl=21600,\n kubernetes_role_type=\"Role\",\n generated_role_rules=\"\"\"rules:\n- apiGroups: [\"\"]\n resources: [\"pods\"]\n verbs: [\"list\"]\n\"\"\",\n extra_labels={\n \"id\": \"abc123\",\n \"name\": \"some_name\",\n },\n extra_annotations={\n \"env\": \"development\",\n \"location\": \"earth\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.IO;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Vault.Kubernetes.SecretBackend(\"config\", new()\n {\n Path = \"kubernetes\",\n Description = \"kubernetes secrets engine description\",\n KubernetesHost = \"https://127.0.0.1:61233\",\n KubernetesCaCert = File.ReadAllText(\"/path/to/cert\"),\n ServiceAccountJwt = File.ReadAllText(\"/path/to/token\"),\n DisableLocalCaJwt = false,\n });\n\n var rules_example = new Vault.Kubernetes.SecretBackendRole(\"rules-example\", new()\n {\n Backend = config.Path,\n AllowedKubernetesNamespaces = new[]\n {\n \"*\",\n },\n TokenMaxTtl = 43200,\n TokenDefaultTtl = 21600,\n KubernetesRoleType = \"Role\",\n GeneratedRoleRules = @\"rules:\n- apiGroups: [\"\"\"\"]\n resources: [\"\"pods\"\"]\n verbs: [\"\"list\"\"]\n\",\n ExtraLabels = \n {\n { \"id\", \"abc123\" },\n { \"name\", \"some_name\" },\n },\n ExtraAnnotations = \n {\n { \"env\", \"development\" },\n { \"location\", \"earth\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"os\"\n\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/kubernetes\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc readFileOrPanic(path string) pulumi.StringPtrInput {\n\tdata, err := os.ReadFile(path)\n\tif err != nil {\n\t\tpanic(err.Error())\n\t}\n\treturn pulumi.String(string(data))\n}\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tconfig, err := kubernetes.NewSecretBackend(ctx, \"config\", \u0026kubernetes.SecretBackendArgs{\n\t\t\tPath: pulumi.String(\"kubernetes\"),\n\t\t\tDescription: pulumi.String(\"kubernetes secrets engine description\"),\n\t\t\tKubernetesHost: pulumi.String(\"https://127.0.0.1:61233\"),\n\t\t\tKubernetesCaCert: readFileOrPanic(\"/path/to/cert\"),\n\t\t\tServiceAccountJwt: readFileOrPanic(\"/path/to/token\"),\n\t\t\tDisableLocalCaJwt: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kubernetes.NewSecretBackendRole(ctx, \"rules-example\", \u0026kubernetes.SecretBackendRoleArgs{\n\t\t\tBackend: config.Path,\n\t\t\tAllowedKubernetesNamespaces: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"*\"),\n\t\t\t},\n\t\t\tTokenMaxTtl: pulumi.Int(43200),\n\t\t\tTokenDefaultTtl: pulumi.Int(21600),\n\t\t\tKubernetesRoleType: pulumi.String(\"Role\"),\n\t\t\tGeneratedRoleRules: pulumi.String(\"rules:\\n- apiGroups: [\\\"\\\"]\\n resources: [\\\"pods\\\"]\\n verbs: [\\\"list\\\"]\\n\"),\n\t\t\tExtraLabels: pulumi.StringMap{\n\t\t\t\t\"id\": pulumi.String(\"abc123\"),\n\t\t\t\t\"name\": pulumi.String(\"some_name\"),\n\t\t\t},\n\t\t\tExtraAnnotations: pulumi.StringMap{\n\t\t\t\t\"env\": pulumi.String(\"development\"),\n\t\t\t\t\"location\": pulumi.String(\"earth\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.kubernetes.SecretBackend;\nimport com.pulumi.vault.kubernetes.SecretBackendArgs;\nimport com.pulumi.vault.kubernetes.SecretBackendRole;\nimport com.pulumi.vault.kubernetes.SecretBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var config = new SecretBackend(\"config\", SecretBackendArgs.builder() \n .path(\"kubernetes\")\n .description(\"kubernetes secrets engine description\")\n .kubernetesHost(\"https://127.0.0.1:61233\")\n .kubernetesCaCert(Files.readString(Paths.get(\"/path/to/cert\")))\n .serviceAccountJwt(Files.readString(Paths.get(\"/path/to/token\")))\n .disableLocalCaJwt(false)\n .build());\n\n var rules_example = new SecretBackendRole(\"rules-example\", SecretBackendRoleArgs.builder() \n .backend(config.path())\n .allowedKubernetesNamespaces(\"*\")\n .tokenMaxTtl(43200)\n .tokenDefaultTtl(21600)\n .kubernetesRoleType(\"Role\")\n .generatedRoleRules(\"\"\"\nrules:\n- apiGroups: [\"\"]\n resources: [\"pods\"]\n verbs: [\"list\"]\n \"\"\")\n .extraLabels(Map.ofEntries(\n Map.entry(\"id\", \"abc123\"),\n Map.entry(\"name\", \"some_name\")\n ))\n .extraAnnotations(Map.ofEntries(\n Map.entry(\"env\", \"development\"),\n Map.entry(\"location\", \"earth\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n config:\n type: vault:kubernetes:SecretBackend\n properties:\n path: kubernetes\n description: kubernetes secrets engine description\n kubernetesHost: https://127.0.0.1:61233\n kubernetesCaCert:\n fn::readFile: /path/to/cert\n serviceAccountJwt:\n fn::readFile: /path/to/token\n disableLocalCaJwt: false\n rules-example:\n type: vault:kubernetes:SecretBackendRole\n properties:\n backend: ${config.path}\n allowedKubernetesNamespaces:\n - '*'\n tokenMaxTtl: 43200\n tokenDefaultTtl: 21600\n kubernetesRoleType: Role\n generatedRoleRules: |\n rules:\n - apiGroups: [\"\"]\n resources: [\"pods\"]\n verbs: [\"list\"]\n extraLabels:\n id: abc123\n name: some_name\n extraAnnotations:\n env: development\n location: earth\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nThe Kubernetes secret backend role can be imported using the full path to the role of the form`\u003cbackend_path\u003e/roles/\u003crole_name\u003e` e.g.\n\n```sh\n $ pulumi import vault:kubernetes/secretBackendRole:SecretBackendRole example kubernetes kubernetes/roles/example-role\n```\n\n ", "properties": { "allowedKubernetesNamespaces": { "type": "array", @@ -22692,7 +19915,7 @@ "additionalProperties": { "type": "string" }, - "description": "Additional labels to apply to all generated Kubernetes \nobjects.\n" + "description": "Additional labels to apply to all generated Kubernetes \nobjects.\n\nThis resource also directly accepts all vault.Mount fields.\n" }, "generatedRoleRules": { "type": "string", @@ -22761,7 +19984,7 @@ "additionalProperties": { "type": "string" }, - "description": "Additional labels to apply to all generated Kubernetes \nobjects.\n" + "description": "Additional labels to apply to all generated Kubernetes \nobjects.\n\nThis resource also directly accepts all vault.Mount fields.\n" }, "generatedRoleRules": { "type": "string", @@ -22833,7 +20056,7 @@ "additionalProperties": { "type": "string" }, - "description": "Additional labels to apply to all generated Kubernetes \nobjects.\n" + "description": "Additional labels to apply to all generated Kubernetes \nobjects.\n\nThis resource also directly accepts all vault.Mount fields.\n" }, "generatedRoleRules": { "type": "string", @@ -22878,7 +20101,7 @@ } }, "vault:kv/secret:Secret": { - "description": "Writes a KV-V1 secret to a given path in Vault.\n\nFor more information on Vault's KV-V1 secret backend\n[see here](https://www.vaultproject.io/docs/secrets/kv/kv-v1).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst kvv1 = new vault.Mount(\"kvv1\", {\n path: \"kvv1\",\n type: \"kv\",\n options: {\n version: \"1\",\n },\n description: \"KV Version 1 secret engine mount\",\n});\nconst secret = new vault.kv.Secret(\"secret\", {\n path: pulumi.interpolate`${kvv1.path}/secret`,\n dataJson: JSON.stringify({\n zip: \"zap\",\n foo: \"bar\",\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_vault as vault\n\nkvv1 = vault.Mount(\"kvv1\",\n path=\"kvv1\",\n type=\"kv\",\n options={\n \"version\": \"1\",\n },\n description=\"KV Version 1 secret engine mount\")\nsecret = vault.kv.Secret(\"secret\",\n path=kvv1.path.apply(lambda path: f\"{path}/secret\"),\n data_json=json.dumps({\n \"zip\": \"zap\",\n \"foo\": \"bar\",\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Text.Json;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var kvv1 = new Vault.Mount(\"kvv1\", new()\n {\n Path = \"kvv1\",\n Type = \"kv\",\n Options = \n {\n { \"version\", \"1\" },\n },\n Description = \"KV Version 1 secret engine mount\",\n });\n\n var secret = new Vault.Kv.Secret(\"secret\", new()\n {\n Path = kvv1.Path.Apply(path =\u003e $\"{path}/secret\"),\n DataJson = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"zip\"] = \"zap\",\n [\"foo\"] = \"bar\",\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/kv\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tkvv1, err := vault.NewMount(ctx, \"kvv1\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"kvv1\"),\n\t\t\tType: pulumi.String(\"kv\"),\n\t\t\tOptions: pulumi.AnyMap{\n\t\t\t\t\"version\": pulumi.Any(\"1\"),\n\t\t\t},\n\t\t\tDescription: pulumi.String(\"KV Version 1 secret engine mount\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"zip\": \"zap\",\n\t\t\t\"foo\": \"bar\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = kv.NewSecret(ctx, \"secret\", \u0026kv.SecretArgs{\n\t\t\tPath: kvv1.Path.ApplyT(func(path string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"%v/secret\", path), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tDataJson: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.kv.Secret;\nimport com.pulumi.vault.kv.SecretArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var kvv1 = new Mount(\"kvv1\", MountArgs.builder() \n .path(\"kvv1\")\n .type(\"kv\")\n .options(Map.of(\"version\", \"1\"))\n .description(\"KV Version 1 secret engine mount\")\n .build());\n\n var secret = new Secret(\"secret\", SecretArgs.builder() \n .path(kvv1.path().applyValue(path -\u003e String.format(\"%s/secret\", path)))\n .dataJson(serializeJson(\n jsonObject(\n jsonProperty(\"zip\", \"zap\"),\n jsonProperty(\"foo\", \"bar\")\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n kvv1:\n type: vault:Mount\n properties:\n path: kvv1\n type: kv\n options:\n version: 1\n description: KV Version 1 secret engine mount\n secret:\n type: vault:kv:Secret\n properties:\n path: ${kvv1.path}/secret\n dataJson:\n Fn::ToJSON:\n zip: zap\n foo: bar\n```\n{{% /example %}}\n{{% /examples %}}\n## Required Vault Capabilities\n\nUse of this resource requires the `create` or `update` capability\n(depending on whether the resource already exists) on the given path,\nthe `delete` capability if the resource is removed from configuration,\nand the `read` capability for drift detection (by default).\n\n\n## Import\n\nKV-V1 secrets can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:kv/secret:Secret secret kvv1/secret\n```\n\n ", + "description": "Writes a KV-V1 secret to a given path in Vault.\n\nFor more information on Vault's KV-V1 secret backend\n[see here](https://www.vaultproject.io/docs/secrets/kv/kv-v1).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst kvv1 = new vault.Mount(\"kvv1\", {\n path: \"kvv1\",\n type: \"kv\",\n options: {\n version: \"1\",\n },\n description: \"KV Version 1 secret engine mount\",\n});\nconst secret = new vault.kv.Secret(\"secret\", {\n path: pulumi.interpolate`${kvv1.path}/secret`,\n dataJson: JSON.stringify({\n zip: \"zap\",\n foo: \"bar\",\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_vault as vault\n\nkvv1 = vault.Mount(\"kvv1\",\n path=\"kvv1\",\n type=\"kv\",\n options={\n \"version\": \"1\",\n },\n description=\"KV Version 1 secret engine mount\")\nsecret = vault.kv.Secret(\"secret\",\n path=kvv1.path.apply(lambda path: f\"{path}/secret\"),\n data_json=json.dumps({\n \"zip\": \"zap\",\n \"foo\": \"bar\",\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var kvv1 = new Vault.Mount(\"kvv1\", new()\n {\n Path = \"kvv1\",\n Type = \"kv\",\n Options = \n {\n { \"version\", \"1\" },\n },\n Description = \"KV Version 1 secret engine mount\",\n });\n\n var secret = new Vault.Kv.Secret(\"secret\", new()\n {\n Path = kvv1.Path.Apply(path =\u003e $\"{path}/secret\"),\n DataJson = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"zip\"] = \"zap\",\n [\"foo\"] = \"bar\",\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/kv\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tkvv1, err := vault.NewMount(ctx, \"kvv1\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"kvv1\"),\n\t\t\tType: pulumi.String(\"kv\"),\n\t\t\tOptions: pulumi.Map{\n\t\t\t\t\"version\": pulumi.Any(\"1\"),\n\t\t\t},\n\t\t\tDescription: pulumi.String(\"KV Version 1 secret engine mount\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"zip\": \"zap\",\n\t\t\t\"foo\": \"bar\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = kv.NewSecret(ctx, \"secret\", \u0026kv.SecretArgs{\n\t\t\tPath: kvv1.Path.ApplyT(func(path string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"%v/secret\", path), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tDataJson: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.kv.Secret;\nimport com.pulumi.vault.kv.SecretArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var kvv1 = new Mount(\"kvv1\", MountArgs.builder() \n .path(\"kvv1\")\n .type(\"kv\")\n .options(Map.of(\"version\", \"1\"))\n .description(\"KV Version 1 secret engine mount\")\n .build());\n\n var secret = new Secret(\"secret\", SecretArgs.builder() \n .path(kvv1.path().applyValue(path -\u003e String.format(\"%s/secret\", path)))\n .dataJson(serializeJson(\n jsonObject(\n jsonProperty(\"zip\", \"zap\"),\n jsonProperty(\"foo\", \"bar\")\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n kvv1:\n type: vault:Mount\n properties:\n path: kvv1\n type: kv\n options:\n version: '1'\n description: KV Version 1 secret engine mount\n secret:\n type: vault:kv:Secret\n properties:\n path: ${kvv1.path}/secret\n dataJson:\n fn::toJSON:\n zip: zap\n foo: bar\n```\n{{% /example %}}\n{{% /examples %}}\n## Required Vault Capabilities\n\nUse of this resource requires the `create` or `update` capability\n(depending on whether the resource already exists) on the given path,\nthe `delete` capability if the resource is removed from configuration,\nand the `read` capability for drift detection (by default).\n\n\n## Import\n\nKV-V1 secrets can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:kv/secret:Secret secret kvv1/secret\n```\n ", "properties": { "data": { "type": "object", @@ -22959,7 +20182,7 @@ } }, "vault:kv/secretBackendV2:SecretBackendV2": { - "description": "Configures KV-V2 backend level settings that are applied to\nevery key in the key-value store.\n\nFor more information on Vault's KV-V2 secret backend\n[see here](https://www.vaultproject.io/docs/secrets/kv/kv-v2).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst kvv2 = new vault.Mount(\"kvv2\", {\n path: \"kvv2\",\n type: \"kv\",\n options: {\n version: \"2\",\n },\n description: \"KV Version 2 secret engine mount\",\n});\nconst example = new vault.kv.SecretBackendV2(\"example\", {\n mount: kvv2.path,\n maxVersions: 5,\n deleteVersionAfter: 12600,\n casRequired: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nkvv2 = vault.Mount(\"kvv2\",\n path=\"kvv2\",\n type=\"kv\",\n options={\n \"version\": \"2\",\n },\n description=\"KV Version 2 secret engine mount\")\nexample = vault.kv.SecretBackendV2(\"example\",\n mount=kvv2.path,\n max_versions=5,\n delete_version_after=12600,\n cas_required=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var kvv2 = new Vault.Mount(\"kvv2\", new()\n {\n Path = \"kvv2\",\n Type = \"kv\",\n Options = \n {\n { \"version\", \"2\" },\n },\n Description = \"KV Version 2 secret engine mount\",\n });\n\n var example = new Vault.Kv.SecretBackendV2(\"example\", new()\n {\n Mount = kvv2.Path,\n MaxVersions = 5,\n DeleteVersionAfter = 12600,\n CasRequired = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/kv\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tkvv2, err := vault.NewMount(ctx, \"kvv2\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"kvv2\"),\n\t\t\tType: pulumi.String(\"kv\"),\n\t\t\tOptions: pulumi.AnyMap{\n\t\t\t\t\"version\": pulumi.Any(\"2\"),\n\t\t\t},\n\t\t\tDescription: pulumi.String(\"KV Version 2 secret engine mount\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kv.NewSecretBackendV2(ctx, \"example\", \u0026kv.SecretBackendV2Args{\n\t\t\tMount: kvv2.Path,\n\t\t\tMaxVersions: pulumi.Int(5),\n\t\t\tDeleteVersionAfter: pulumi.Int(12600),\n\t\t\tCasRequired: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.kv.SecretBackendV2;\nimport com.pulumi.vault.kv.SecretBackendV2Args;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var kvv2 = new Mount(\"kvv2\", MountArgs.builder() \n .path(\"kvv2\")\n .type(\"kv\")\n .options(Map.of(\"version\", \"2\"))\n .description(\"KV Version 2 secret engine mount\")\n .build());\n\n var example = new SecretBackendV2(\"example\", SecretBackendV2Args.builder() \n .mount(kvv2.path())\n .maxVersions(5)\n .deleteVersionAfter(12600)\n .casRequired(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n kvv2:\n type: vault:Mount\n properties:\n path: kvv2\n type: kv\n options:\n version: 2\n description: KV Version 2 secret engine mount\n example:\n type: vault:kv:SecretBackendV2\n properties:\n mount: ${kvv2.path}\n maxVersions: 5\n deleteVersionAfter: 12600\n casRequired: true\n```\n{{% /example %}}\n{{% /examples %}}\n## Required Vault Capabilities\n\nUse of this resource requires the `create` or `update` capability\n(depending on whether the resource already exists) on the given path,\nthe `delete` capability if the resource is removed from configuration,\nand the `read` capability for drift detection (by default).\n\n\n## Import\n\nThe KV-V2 secret backend can be imported using its unique ID, the `${mount}/config`, e.g.\n\n```sh\n $ pulumi import vault:kv/secretBackendV2:SecretBackendV2 example kvv2/config\n```\n\n ", + "description": "Configures KV-V2 backend level settings that are applied to\nevery key in the key-value store.\n\nFor more information on Vault's KV-V2 secret backend\n[see here](https://www.vaultproject.io/docs/secrets/kv/kv-v2).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst kvv2 = new vault.Mount(\"kvv2\", {\n path: \"kvv2\",\n type: \"kv\",\n options: {\n version: \"2\",\n },\n description: \"KV Version 2 secret engine mount\",\n});\nconst example = new vault.kv.SecretBackendV2(\"example\", {\n mount: kvv2.path,\n maxVersions: 5,\n deleteVersionAfter: 12600,\n casRequired: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nkvv2 = vault.Mount(\"kvv2\",\n path=\"kvv2\",\n type=\"kv\",\n options={\n \"version\": \"2\",\n },\n description=\"KV Version 2 secret engine mount\")\nexample = vault.kv.SecretBackendV2(\"example\",\n mount=kvv2.path,\n max_versions=5,\n delete_version_after=12600,\n cas_required=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var kvv2 = new Vault.Mount(\"kvv2\", new()\n {\n Path = \"kvv2\",\n Type = \"kv\",\n Options = \n {\n { \"version\", \"2\" },\n },\n Description = \"KV Version 2 secret engine mount\",\n });\n\n var example = new Vault.Kv.SecretBackendV2(\"example\", new()\n {\n Mount = kvv2.Path,\n MaxVersions = 5,\n DeleteVersionAfter = 12600,\n CasRequired = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/kv\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tkvv2, err := vault.NewMount(ctx, \"kvv2\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"kvv2\"),\n\t\t\tType: pulumi.String(\"kv\"),\n\t\t\tOptions: pulumi.Map{\n\t\t\t\t\"version\": pulumi.Any(\"2\"),\n\t\t\t},\n\t\t\tDescription: pulumi.String(\"KV Version 2 secret engine mount\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kv.NewSecretBackendV2(ctx, \"example\", \u0026kv.SecretBackendV2Args{\n\t\t\tMount: kvv2.Path,\n\t\t\tMaxVersions: pulumi.Int(5),\n\t\t\tDeleteVersionAfter: pulumi.Int(12600),\n\t\t\tCasRequired: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.kv.SecretBackendV2;\nimport com.pulumi.vault.kv.SecretBackendV2Args;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var kvv2 = new Mount(\"kvv2\", MountArgs.builder() \n .path(\"kvv2\")\n .type(\"kv\")\n .options(Map.of(\"version\", \"2\"))\n .description(\"KV Version 2 secret engine mount\")\n .build());\n\n var example = new SecretBackendV2(\"example\", SecretBackendV2Args.builder() \n .mount(kvv2.path())\n .maxVersions(5)\n .deleteVersionAfter(12600)\n .casRequired(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n kvv2:\n type: vault:Mount\n properties:\n path: kvv2\n type: kv\n options:\n version: '2'\n description: KV Version 2 secret engine mount\n example:\n type: vault:kv:SecretBackendV2\n properties:\n mount: ${kvv2.path}\n maxVersions: 5\n deleteVersionAfter: 12600\n casRequired: true\n```\n{{% /example %}}\n{{% /examples %}}\n## Required Vault Capabilities\n\nUse of this resource requires the `create` or `update` capability\n(depending on whether the resource already exists) on the given path,\nthe `delete` capability if the resource is removed from configuration,\nand the `read` capability for drift detection (by default).\n\n\n## Import\n\nThe KV-V2 secret backend can be imported using its unique ID, the `${mount}/config`, e.g.\n\n```sh\n $ pulumi import vault:kv/secretBackendV2:SecretBackendV2 example kvv2/config\n```\n ", "properties": { "casRequired": { "type": "boolean", @@ -23044,7 +20267,7 @@ } }, "vault:kv/secretV2:SecretV2": { - "description": "Writes a KV-V2 secret to a given path in Vault.\n\nFor more information on Vault's KV-V2 secret backend\n[see here](https://www.vaultproject.io/docs/secrets/kv/kv-v2).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst kvv2 = new vault.Mount(\"kvv2\", {\n path: \"kvv2\",\n type: \"kv\",\n options: {\n version: \"2\",\n },\n description: \"KV Version 2 secret engine mount\",\n});\nconst example = new vault.kv.SecretV2(\"example\", {\n mount: kvv2.path,\n cas: 1,\n deleteAllVersions: true,\n dataJson: JSON.stringify({\n zip: \"zap\",\n foo: \"bar\",\n }),\n customMetadata: {\n maxVersions: 5,\n data: {\n foo: \"vault@example.com\",\n bar: \"12345\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_vault as vault\n\nkvv2 = vault.Mount(\"kvv2\",\n path=\"kvv2\",\n type=\"kv\",\n options={\n \"version\": \"2\",\n },\n description=\"KV Version 2 secret engine mount\")\nexample = vault.kv.SecretV2(\"example\",\n mount=kvv2.path,\n cas=1,\n delete_all_versions=True,\n data_json=json.dumps({\n \"zip\": \"zap\",\n \"foo\": \"bar\",\n }),\n custom_metadata=vault.kv.SecretV2CustomMetadataArgs(\n max_versions=5,\n data={\n \"foo\": \"vault@example.com\",\n \"bar\": \"12345\",\n },\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Text.Json;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var kvv2 = new Vault.Mount(\"kvv2\", new()\n {\n Path = \"kvv2\",\n Type = \"kv\",\n Options = \n {\n { \"version\", \"2\" },\n },\n Description = \"KV Version 2 secret engine mount\",\n });\n\n var example = new Vault.Kv.SecretV2(\"example\", new()\n {\n Mount = kvv2.Path,\n Cas = 1,\n DeleteAllVersions = true,\n DataJson = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"zip\"] = \"zap\",\n [\"foo\"] = \"bar\",\n }),\n CustomMetadata = new Vault.kv.Inputs.SecretV2CustomMetadataArgs\n {\n MaxVersions = 5,\n Data = \n {\n { \"foo\", \"vault@example.com\" },\n { \"bar\", \"12345\" },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/kv\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tkvv2, err := vault.NewMount(ctx, \"kvv2\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"kvv2\"),\n\t\t\tType: pulumi.String(\"kv\"),\n\t\t\tOptions: pulumi.AnyMap{\n\t\t\t\t\"version\": pulumi.Any(\"2\"),\n\t\t\t},\n\t\t\tDescription: pulumi.String(\"KV Version 2 secret engine mount\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"zip\": \"zap\",\n\t\t\t\"foo\": \"bar\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = kv.NewSecretV2(ctx, \"example\", \u0026kv.SecretV2Args{\n\t\t\tMount: kvv2.Path,\n\t\t\tCas: pulumi.Int(1),\n\t\t\tDeleteAllVersions: pulumi.Bool(true),\n\t\t\tDataJson: pulumi.String(json0),\n\t\t\tCustomMetadata: \u0026kv.SecretV2CustomMetadataArgs{\n\t\t\t\tMaxVersions: pulumi.Int(5),\n\t\t\t\tData: pulumi.AnyMap{\n\t\t\t\t\t\"foo\": pulumi.Any(\"vault@example.com\"),\n\t\t\t\t\t\"bar\": pulumi.Any(\"12345\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.kv.SecretV2;\nimport com.pulumi.vault.kv.SecretV2Args;\nimport com.pulumi.vault.kv.inputs.SecretV2CustomMetadataArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var kvv2 = new Mount(\"kvv2\", MountArgs.builder() \n .path(\"kvv2\")\n .type(\"kv\")\n .options(Map.of(\"version\", \"2\"))\n .description(\"KV Version 2 secret engine mount\")\n .build());\n\n var example = new SecretV2(\"example\", SecretV2Args.builder() \n .mount(kvv2.path())\n .cas(1)\n .deleteAllVersions(true)\n .dataJson(serializeJson(\n jsonObject(\n jsonProperty(\"zip\", \"zap\"),\n jsonProperty(\"foo\", \"bar\")\n )))\n .customMetadata(SecretV2CustomMetadataArgs.builder()\n .maxVersions(5)\n .data(Map.ofEntries(\n Map.entry(\"foo\", \"vault@example.com\"),\n Map.entry(\"bar\", \"12345\")\n ))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n kvv2:\n type: vault:Mount\n properties:\n path: kvv2\n type: kv\n options:\n version: 2\n description: KV Version 2 secret engine mount\n example:\n type: vault:kv:SecretV2\n properties:\n mount: ${kvv2.path}\n cas: 1\n deleteAllVersions: true\n dataJson:\n Fn::ToJSON:\n zip: zap\n foo: bar\n customMetadata:\n maxVersions: 5\n data:\n foo: vault@example.com\n bar: 12345\n```\n{{% /example %}}\n{{% /examples %}}\n## Required Vault Capabilities\n\nUse of this resource requires the `create` or `update` capability\n(depending on whether the resource already exists) on the given path,\nthe `delete` capability if the resource is removed from configuration,\nand the `read` capability for drift detection (by default).\n\n### Custom Metadata Configuration Options\n\n* `max_versions` - (Optional) The number of versions to keep per key.\n\n* `cas_required` - (Optional) If true, all keys will require the cas\n parameter to be set on all write requests.\n\n* `delete_version_after` - (Optional) If set, specifies the length of time before\n a version is deleted. Accepts duration in integer seconds.\n\n* `data` - (Optional) A string to string map describing the secret.\n\n\n## Import\n\nKV-V2 secrets can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:kv/secretV2:SecretV2 example kvv2/data/secret\n```\n\n ", + "description": "Writes a KV-V2 secret to a given path in Vault.\n\nFor more information on Vault's KV-V2 secret backend\n[see here](https://www.vaultproject.io/docs/secrets/kv/kv-v2).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst kvv2 = new vault.Mount(\"kvv2\", {\n path: \"kvv2\",\n type: \"kv\",\n options: {\n version: \"2\",\n },\n description: \"KV Version 2 secret engine mount\",\n});\nconst example = new vault.kv.SecretV2(\"example\", {\n mount: kvv2.path,\n cas: 1,\n deleteAllVersions: true,\n dataJson: JSON.stringify({\n zip: \"zap\",\n foo: \"bar\",\n }),\n customMetadata: {\n maxVersions: 5,\n data: {\n foo: \"vault@example.com\",\n bar: \"12345\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_vault as vault\n\nkvv2 = vault.Mount(\"kvv2\",\n path=\"kvv2\",\n type=\"kv\",\n options={\n \"version\": \"2\",\n },\n description=\"KV Version 2 secret engine mount\")\nexample = vault.kv.SecretV2(\"example\",\n mount=kvv2.path,\n cas=1,\n delete_all_versions=True,\n data_json=json.dumps({\n \"zip\": \"zap\",\n \"foo\": \"bar\",\n }),\n custom_metadata=vault.kv.SecretV2CustomMetadataArgs(\n max_versions=5,\n data={\n \"foo\": \"vault@example.com\",\n \"bar\": \"12345\",\n },\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var kvv2 = new Vault.Mount(\"kvv2\", new()\n {\n Path = \"kvv2\",\n Type = \"kv\",\n Options = \n {\n { \"version\", \"2\" },\n },\n Description = \"KV Version 2 secret engine mount\",\n });\n\n var example = new Vault.Kv.SecretV2(\"example\", new()\n {\n Mount = kvv2.Path,\n Cas = 1,\n DeleteAllVersions = true,\n DataJson = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"zip\"] = \"zap\",\n [\"foo\"] = \"bar\",\n }),\n CustomMetadata = new Vault.kv.Inputs.SecretV2CustomMetadataArgs\n {\n MaxVersions = 5,\n Data = \n {\n { \"foo\", \"vault@example.com\" },\n { \"bar\", \"12345\" },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/kv\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tkvv2, err := vault.NewMount(ctx, \"kvv2\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"kvv2\"),\n\t\t\tType: pulumi.String(\"kv\"),\n\t\t\tOptions: pulumi.Map{\n\t\t\t\t\"version\": pulumi.Any(\"2\"),\n\t\t\t},\n\t\t\tDescription: pulumi.String(\"KV Version 2 secret engine mount\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"zip\": \"zap\",\n\t\t\t\"foo\": \"bar\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = kv.NewSecretV2(ctx, \"example\", \u0026kv.SecretV2Args{\n\t\t\tMount: kvv2.Path,\n\t\t\tCas: pulumi.Int(1),\n\t\t\tDeleteAllVersions: pulumi.Bool(true),\n\t\t\tDataJson: pulumi.String(json0),\n\t\t\tCustomMetadata: \u0026kv.SecretV2CustomMetadataArgs{\n\t\t\t\tMaxVersions: pulumi.Int(5),\n\t\t\t\tData: pulumi.Map{\n\t\t\t\t\t\"foo\": pulumi.Any(\"vault@example.com\"),\n\t\t\t\t\t\"bar\": pulumi.Any(\"12345\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.kv.SecretV2;\nimport com.pulumi.vault.kv.SecretV2Args;\nimport com.pulumi.vault.kv.inputs.SecretV2CustomMetadataArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var kvv2 = new Mount(\"kvv2\", MountArgs.builder() \n .path(\"kvv2\")\n .type(\"kv\")\n .options(Map.of(\"version\", \"2\"))\n .description(\"KV Version 2 secret engine mount\")\n .build());\n\n var example = new SecretV2(\"example\", SecretV2Args.builder() \n .mount(kvv2.path())\n .cas(1)\n .deleteAllVersions(true)\n .dataJson(serializeJson(\n jsonObject(\n jsonProperty(\"zip\", \"zap\"),\n jsonProperty(\"foo\", \"bar\")\n )))\n .customMetadata(SecretV2CustomMetadataArgs.builder()\n .maxVersions(5)\n .data(Map.ofEntries(\n Map.entry(\"foo\", \"vault@example.com\"),\n Map.entry(\"bar\", \"12345\")\n ))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n kvv2:\n type: vault:Mount\n properties:\n path: kvv2\n type: kv\n options:\n version: '2'\n description: KV Version 2 secret engine mount\n example:\n type: vault:kv:SecretV2\n properties:\n mount: ${kvv2.path}\n cas: 1\n deleteAllVersions: true\n dataJson:\n fn::toJSON:\n zip: zap\n foo: bar\n customMetadata:\n maxVersions: 5\n data:\n foo: vault@example.com\n bar: '12345'\n```\n{{% /example %}}\n{{% /examples %}}\n## Required Vault Capabilities\n\nUse of this resource requires the `create` or `update` capability\n(depending on whether the resource already exists) on the given path,\nthe `delete` capability if the resource is removed from configuration,\nand the `read` capability for drift detection (by default).\n\n### Custom Metadata Configuration Options\n\n* `max_versions` - (Optional) The number of versions to keep per key.\n\n* `cas_required` - (Optional) If true, all keys will require the cas\n parameter to be set on all write requests.\n\n* `delete_version_after` - (Optional) If set, specifies the length of time before\n a version is deleted. Accepts duration in integer seconds.\n\n* `data` - (Optional) A string to string map describing the secret.\n\n\n## Import\n\nKV-V2 secrets can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:kv/secretV2:SecretV2 example kvv2/data/secret\n```\n ", "properties": { "cas": { "type": "integer", @@ -23234,7 +20457,7 @@ } }, "vault:ldap/authBackend:AuthBackend": { - "description": "Provides a resource for managing an [LDAP auth backend within Vault](https://www.vaultproject.io/docs/auth/ldap.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst ldap = new vault.ldap.AuthBackend(\"ldap\", {\n discoverdn: false,\n groupdn: \"OU=Groups,DC=example,DC=org\",\n groupfilter: \"(\u0026(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))\",\n path: \"ldap\",\n upndomain: \"EXAMPLE.ORG\",\n url: \"ldaps://dc-01.example.org\",\n userattr: \"sAMAccountName\",\n userdn: \"OU=Users,OU=Accounts,DC=example,DC=org\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nldap = vault.ldap.AuthBackend(\"ldap\",\n discoverdn=False,\n groupdn=\"OU=Groups,DC=example,DC=org\",\n groupfilter=\"(\u0026(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))\",\n path=\"ldap\",\n upndomain=\"EXAMPLE.ORG\",\n url=\"ldaps://dc-01.example.org\",\n userattr=\"sAMAccountName\",\n userdn=\"OU=Users,OU=Accounts,DC=example,DC=org\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ldap = new Vault.Ldap.AuthBackend(\"ldap\", new()\n {\n Discoverdn = false,\n Groupdn = \"OU=Groups,DC=example,DC=org\",\n Groupfilter = \"(\u0026(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))\",\n Path = \"ldap\",\n Upndomain = \"EXAMPLE.ORG\",\n Url = \"ldaps://dc-01.example.org\",\n Userattr = \"sAMAccountName\",\n Userdn = \"OU=Users,OU=Accounts,DC=example,DC=org\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/ldap\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ldap.NewAuthBackend(ctx, \"ldap\", \u0026ldap.AuthBackendArgs{\n\t\t\tDiscoverdn: pulumi.Bool(false),\n\t\t\tGroupdn: pulumi.String(\"OU=Groups,DC=example,DC=org\"),\n\t\t\tGroupfilter: pulumi.String(\"(\u0026(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))\"),\n\t\t\tPath: pulumi.String(\"ldap\"),\n\t\t\tUpndomain: pulumi.String(\"EXAMPLE.ORG\"),\n\t\t\tUrl: pulumi.String(\"ldaps://dc-01.example.org\"),\n\t\t\tUserattr: pulumi.String(\"sAMAccountName\"),\n\t\t\tUserdn: pulumi.String(\"OU=Users,OU=Accounts,DC=example,DC=org\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.ldap.AuthBackend;\nimport com.pulumi.vault.ldap.AuthBackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var ldap = new AuthBackend(\"ldap\", AuthBackendArgs.builder() \n .discoverdn(false)\n .groupdn(\"OU=Groups,DC=example,DC=org\")\n .groupfilter(\"(\u0026(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))\")\n .path(\"ldap\")\n .upndomain(\"EXAMPLE.ORG\")\n .url(\"ldaps://dc-01.example.org\")\n .userattr(\"sAMAccountName\")\n .userdn(\"OU=Users,OU=Accounts,DC=example,DC=org\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ldap:\n type: vault:ldap:AuthBackend\n properties:\n discoverdn: false\n groupdn: OU=Groups,DC=example,DC=org\n groupfilter: (\u0026(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))\n path: ldap\n upndomain: EXAMPLE.ORG\n url: ldaps://dc-01.example.org\n userattr: sAMAccountName\n userdn: OU=Users,OU=Accounts,DC=example,DC=org\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nLDAP authentication backends can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:ldap/authBackend:AuthBackend ldap ldap\n```\n\n ", + "description": "Provides a resource for managing an [LDAP auth backend within Vault](https://www.vaultproject.io/docs/auth/ldap.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst ldap = new vault.ldap.AuthBackend(\"ldap\", {\n discoverdn: false,\n groupdn: \"OU=Groups,DC=example,DC=org\",\n groupfilter: \"(\u0026(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))\",\n path: \"ldap\",\n upndomain: \"EXAMPLE.ORG\",\n url: \"ldaps://dc-01.example.org\",\n userattr: \"sAMAccountName\",\n userdn: \"OU=Users,OU=Accounts,DC=example,DC=org\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nldap = vault.ldap.AuthBackend(\"ldap\",\n discoverdn=False,\n groupdn=\"OU=Groups,DC=example,DC=org\",\n groupfilter=\"(\u0026(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))\",\n path=\"ldap\",\n upndomain=\"EXAMPLE.ORG\",\n url=\"ldaps://dc-01.example.org\",\n userattr=\"sAMAccountName\",\n userdn=\"OU=Users,OU=Accounts,DC=example,DC=org\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ldap = new Vault.Ldap.AuthBackend(\"ldap\", new()\n {\n Discoverdn = false,\n Groupdn = \"OU=Groups,DC=example,DC=org\",\n Groupfilter = \"(\u0026(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))\",\n Path = \"ldap\",\n Upndomain = \"EXAMPLE.ORG\",\n Url = \"ldaps://dc-01.example.org\",\n Userattr = \"sAMAccountName\",\n Userdn = \"OU=Users,OU=Accounts,DC=example,DC=org\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/ldap\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ldap.NewAuthBackend(ctx, \"ldap\", \u0026ldap.AuthBackendArgs{\n\t\t\tDiscoverdn: pulumi.Bool(false),\n\t\t\tGroupdn: pulumi.String(\"OU=Groups,DC=example,DC=org\"),\n\t\t\tGroupfilter: pulumi.String(\"(\u0026(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))\"),\n\t\t\tPath: pulumi.String(\"ldap\"),\n\t\t\tUpndomain: pulumi.String(\"EXAMPLE.ORG\"),\n\t\t\tUrl: pulumi.String(\"ldaps://dc-01.example.org\"),\n\t\t\tUserattr: pulumi.String(\"sAMAccountName\"),\n\t\t\tUserdn: pulumi.String(\"OU=Users,OU=Accounts,DC=example,DC=org\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.ldap.AuthBackend;\nimport com.pulumi.vault.ldap.AuthBackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var ldap = new AuthBackend(\"ldap\", AuthBackendArgs.builder() \n .discoverdn(false)\n .groupdn(\"OU=Groups,DC=example,DC=org\")\n .groupfilter(\"(\u0026(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))\")\n .path(\"ldap\")\n .upndomain(\"EXAMPLE.ORG\")\n .url(\"ldaps://dc-01.example.org\")\n .userattr(\"sAMAccountName\")\n .userdn(\"OU=Users,OU=Accounts,DC=example,DC=org\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ldap:\n type: vault:ldap:AuthBackend\n properties:\n discoverdn: false\n groupdn: OU=Groups,DC=example,DC=org\n groupfilter: (\u0026(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))\n path: ldap\n upndomain: EXAMPLE.ORG\n url: ldaps://dc-01.example.org\n userattr: sAMAccountName\n userdn: OU=Users,OU=Accounts,DC=example,DC=org\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nLDAP authentication backends can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:ldap/authBackend:AuthBackend ldap ldap\n```\n ", "properties": { "accessor": { "type": "string", @@ -23265,7 +20488,8 @@ "secret": true }, "denyNullBind": { - "type": "boolean" + "type": "boolean", + "description": "Prevents users from bypassing authentication when providing an empty password.\n" }, "description": { "type": "string", @@ -23276,7 +20500,8 @@ "description": "If set, opts out of mount migration on path updates.\nSee here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)\n" }, "discoverdn": { - "type": "boolean" + "type": "boolean", + "description": "Use anonymous bind to discover the bind DN of a user.\n" }, "groupattr": { "type": "string", @@ -23362,11 +20587,11 @@ }, "tokenType": { "type": "string", - "description": "The type of token that should be generated. Can be `service`,\n`batch`, or `default` to use the mount's tuned default (which unless changed will be\n`service` tokens). For token store roles, there are two additional possibilities:\n`default-service` and `default-batch` which specify the type to return unless the client\nrequests a different type at generation time.\n" + "description": "The type of token to generate, service or batch\n" }, "upndomain": { "type": "string", - "description": "The userPrincipalDomain used to construct UPN string\n" + "description": "The `userPrincipalDomain` used to construct the UPN string for the authenticating user.\n" }, "url": { "type": "string", @@ -23445,7 +20670,8 @@ "secret": true }, "denyNullBind": { - "type": "boolean" + "type": "boolean", + "description": "Prevents users from bypassing authentication when providing an empty password.\n" }, "description": { "type": "string", @@ -23456,7 +20682,8 @@ "description": "If set, opts out of mount migration on path updates.\nSee here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)\n" }, "discoverdn": { - "type": "boolean" + "type": "boolean", + "description": "Use anonymous bind to discover the bind DN of a user.\n" }, "groupattr": { "type": "string", @@ -23544,11 +20771,11 @@ }, "tokenType": { "type": "string", - "description": "The type of token that should be generated. Can be `service`,\n`batch`, or `default` to use the mount's tuned default (which unless changed will be\n`service` tokens). For token store roles, there are two additional possibilities:\n`default-service` and `default-batch` which specify the type to return unless the client\nrequests a different type at generation time.\n" + "description": "The type of token to generate, service or batch\n" }, "upndomain": { "type": "string", - "description": "The userPrincipalDomain used to construct UPN string\n" + "description": "The `userPrincipalDomain` used to construct the UPN string for the authenticating user.\n" }, "url": { "type": "string", @@ -23610,7 +20837,8 @@ "secret": true }, "denyNullBind": { - "type": "boolean" + "type": "boolean", + "description": "Prevents users from bypassing authentication when providing an empty password.\n" }, "description": { "type": "string", @@ -23621,7 +20849,8 @@ "description": "If set, opts out of mount migration on path updates.\nSee here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)\n" }, "discoverdn": { - "type": "boolean" + "type": "boolean", + "description": "Use anonymous bind to discover the bind DN of a user.\n" }, "groupattr": { "type": "string", @@ -23709,11 +20938,11 @@ }, "tokenType": { "type": "string", - "description": "The type of token that should be generated. Can be `service`,\n`batch`, or `default` to use the mount's tuned default (which unless changed will be\n`service` tokens). For token store roles, there are two additional possibilities:\n`default-service` and `default-batch` which specify the type to return unless the client\nrequests a different type at generation time.\n" + "description": "The type of token to generate, service or batch\n" }, "upndomain": { "type": "string", - "description": "The userPrincipalDomain used to construct UPN string\n" + "description": "The `userPrincipalDomain` used to construct the UPN string for the authenticating user.\n" }, "url": { "type": "string", @@ -23744,11 +20973,11 @@ } }, "vault:ldap/authBackendGroup:AuthBackendGroup": { - "description": "Provides a resource to create a group in an [LDAP auth backend within Vault](https://www.vaultproject.io/docs/auth/ldap.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst ldap = new vault.ldap.AuthBackend(\"ldap\", {\n path: \"ldap\",\n url: \"ldaps://dc-01.example.org\",\n userdn: \"OU=Users,OU=Accounts,DC=example,DC=org\",\n userattr: \"sAMAccountName\",\n upndomain: \"EXAMPLE.ORG\",\n discoverdn: false,\n groupdn: \"OU=Groups,DC=example,DC=org\",\n groupfilter: \"(\u0026(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))\",\n});\nconst group = new vault.ldap.AuthBackendGroup(\"group\", {\n groupname: \"dba\",\n policies: [\"dba\"],\n backend: ldap.path,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nldap = vault.ldap.AuthBackend(\"ldap\",\n path=\"ldap\",\n url=\"ldaps://dc-01.example.org\",\n userdn=\"OU=Users,OU=Accounts,DC=example,DC=org\",\n userattr=\"sAMAccountName\",\n upndomain=\"EXAMPLE.ORG\",\n discoverdn=False,\n groupdn=\"OU=Groups,DC=example,DC=org\",\n groupfilter=\"(\u0026(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))\")\ngroup = vault.ldap.AuthBackendGroup(\"group\",\n groupname=\"dba\",\n policies=[\"dba\"],\n backend=ldap.path)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ldap = new Vault.Ldap.AuthBackend(\"ldap\", new()\n {\n Path = \"ldap\",\n Url = \"ldaps://dc-01.example.org\",\n Userdn = \"OU=Users,OU=Accounts,DC=example,DC=org\",\n Userattr = \"sAMAccountName\",\n Upndomain = \"EXAMPLE.ORG\",\n Discoverdn = false,\n Groupdn = \"OU=Groups,DC=example,DC=org\",\n Groupfilter = \"(\u0026(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))\",\n });\n\n var @group = new Vault.Ldap.AuthBackendGroup(\"group\", new()\n {\n Groupname = \"dba\",\n Policies = new[]\n {\n \"dba\",\n },\n Backend = ldap.Path,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/ldap\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tldap, err := ldap.NewAuthBackend(ctx, \"ldap\", \u0026ldap.AuthBackendArgs{\n\t\t\tPath: pulumi.String(\"ldap\"),\n\t\t\tUrl: pulumi.String(\"ldaps://dc-01.example.org\"),\n\t\t\tUserdn: pulumi.String(\"OU=Users,OU=Accounts,DC=example,DC=org\"),\n\t\t\tUserattr: pulumi.String(\"sAMAccountName\"),\n\t\t\tUpndomain: pulumi.String(\"EXAMPLE.ORG\"),\n\t\t\tDiscoverdn: pulumi.Bool(false),\n\t\t\tGroupdn: pulumi.String(\"OU=Groups,DC=example,DC=org\"),\n\t\t\tGroupfilter: pulumi.String(\"(\u0026(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ldap.NewAuthBackendGroup(ctx, \"group\", \u0026ldap.AuthBackendGroupArgs{\n\t\t\tGroupname: pulumi.String(\"dba\"),\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"dba\"),\n\t\t\t},\n\t\t\tBackend: ldap.Path,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.ldap.AuthBackend;\nimport com.pulumi.vault.ldap.AuthBackendArgs;\nimport com.pulumi.vault.ldap.AuthBackendGroup;\nimport com.pulumi.vault.ldap.AuthBackendGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var ldap = new AuthBackend(\"ldap\", AuthBackendArgs.builder() \n .path(\"ldap\")\n .url(\"ldaps://dc-01.example.org\")\n .userdn(\"OU=Users,OU=Accounts,DC=example,DC=org\")\n .userattr(\"sAMAccountName\")\n .upndomain(\"EXAMPLE.ORG\")\n .discoverdn(false)\n .groupdn(\"OU=Groups,DC=example,DC=org\")\n .groupfilter(\"(\u0026(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))\")\n .build());\n\n var group = new AuthBackendGroup(\"group\", AuthBackendGroupArgs.builder() \n .groupname(\"dba\")\n .policies(\"dba\")\n .backend(ldap.path())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ldap:\n type: vault:ldap:AuthBackend\n properties:\n path: ldap\n url: ldaps://dc-01.example.org\n userdn: OU=Users,OU=Accounts,DC=example,DC=org\n userattr: sAMAccountName\n upndomain: EXAMPLE.ORG\n discoverdn: false\n groupdn: OU=Groups,DC=example,DC=org\n groupfilter: (\u0026(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))\n group:\n type: vault:ldap:AuthBackendGroup\n properties:\n groupname: dba\n policies:\n - dba\n backend: ${ldap.path}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nLDAP authentication backend groups can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:ldap/authBackendGroup:AuthBackendGroup foo auth/ldap/groups/foo\n```\n\n ", + "description": "Provides a resource to create a group in an [LDAP auth backend within Vault](https://www.vaultproject.io/docs/auth/ldap.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst ldap = new vault.ldap.AuthBackend(\"ldap\", {\n path: \"ldap\",\n url: \"ldaps://dc-01.example.org\",\n userdn: \"OU=Users,OU=Accounts,DC=example,DC=org\",\n userattr: \"sAMAccountName\",\n upndomain: \"EXAMPLE.ORG\",\n discoverdn: false,\n groupdn: \"OU=Groups,DC=example,DC=org\",\n groupfilter: \"(\u0026(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))\",\n});\nconst group = new vault.ldap.AuthBackendGroup(\"group\", {\n groupname: \"dba\",\n policies: [\"dba\"],\n backend: ldap.path,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nldap = vault.ldap.AuthBackend(\"ldap\",\n path=\"ldap\",\n url=\"ldaps://dc-01.example.org\",\n userdn=\"OU=Users,OU=Accounts,DC=example,DC=org\",\n userattr=\"sAMAccountName\",\n upndomain=\"EXAMPLE.ORG\",\n discoverdn=False,\n groupdn=\"OU=Groups,DC=example,DC=org\",\n groupfilter=\"(\u0026(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))\")\ngroup = vault.ldap.AuthBackendGroup(\"group\",\n groupname=\"dba\",\n policies=[\"dba\"],\n backend=ldap.path)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ldap = new Vault.Ldap.AuthBackend(\"ldap\", new()\n {\n Path = \"ldap\",\n Url = \"ldaps://dc-01.example.org\",\n Userdn = \"OU=Users,OU=Accounts,DC=example,DC=org\",\n Userattr = \"sAMAccountName\",\n Upndomain = \"EXAMPLE.ORG\",\n Discoverdn = false,\n Groupdn = \"OU=Groups,DC=example,DC=org\",\n Groupfilter = \"(\u0026(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))\",\n });\n\n var @group = new Vault.Ldap.AuthBackendGroup(\"group\", new()\n {\n Groupname = \"dba\",\n Policies = new[]\n {\n \"dba\",\n },\n Backend = ldap.Path,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/ldap\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tldap, err := ldap.NewAuthBackend(ctx, \"ldap\", \u0026ldap.AuthBackendArgs{\n\t\t\tPath: pulumi.String(\"ldap\"),\n\t\t\tUrl: pulumi.String(\"ldaps://dc-01.example.org\"),\n\t\t\tUserdn: pulumi.String(\"OU=Users,OU=Accounts,DC=example,DC=org\"),\n\t\t\tUserattr: pulumi.String(\"sAMAccountName\"),\n\t\t\tUpndomain: pulumi.String(\"EXAMPLE.ORG\"),\n\t\t\tDiscoverdn: pulumi.Bool(false),\n\t\t\tGroupdn: pulumi.String(\"OU=Groups,DC=example,DC=org\"),\n\t\t\tGroupfilter: pulumi.String(\"(\u0026(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ldap.NewAuthBackendGroup(ctx, \"group\", \u0026ldap.AuthBackendGroupArgs{\n\t\t\tGroupname: pulumi.String(\"dba\"),\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"dba\"),\n\t\t\t},\n\t\t\tBackend: ldap.Path,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.ldap.AuthBackend;\nimport com.pulumi.vault.ldap.AuthBackendArgs;\nimport com.pulumi.vault.ldap.AuthBackendGroup;\nimport com.pulumi.vault.ldap.AuthBackendGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var ldap = new AuthBackend(\"ldap\", AuthBackendArgs.builder() \n .path(\"ldap\")\n .url(\"ldaps://dc-01.example.org\")\n .userdn(\"OU=Users,OU=Accounts,DC=example,DC=org\")\n .userattr(\"sAMAccountName\")\n .upndomain(\"EXAMPLE.ORG\")\n .discoverdn(false)\n .groupdn(\"OU=Groups,DC=example,DC=org\")\n .groupfilter(\"(\u0026(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))\")\n .build());\n\n var group = new AuthBackendGroup(\"group\", AuthBackendGroupArgs.builder() \n .groupname(\"dba\")\n .policies(\"dba\")\n .backend(ldap.path())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ldap:\n type: vault:ldap:AuthBackend\n properties:\n path: ldap\n url: ldaps://dc-01.example.org\n userdn: OU=Users,OU=Accounts,DC=example,DC=org\n userattr: sAMAccountName\n upndomain: EXAMPLE.ORG\n discoverdn: false\n groupdn: OU=Groups,DC=example,DC=org\n groupfilter: (\u0026(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))\n group:\n type: vault:ldap:AuthBackendGroup\n properties:\n groupname: dba\n policies:\n - dba\n backend: ${ldap.path}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nLDAP authentication backend groups can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:ldap/authBackendGroup:AuthBackendGroup foo auth/ldap/groups/foo\n```\n ", "properties": { "backend": { "type": "string", - "description": "Path to the authentication backend\n" + "description": "Path to the authentication backend\n\nFor more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap).\n" }, "groupname": { "type": "string", @@ -23773,7 +21002,7 @@ "inputProperties": { "backend": { "type": "string", - "description": "Path to the authentication backend\n", + "description": "Path to the authentication backend\n\nFor more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap).\n", "willReplaceOnChanges": true }, "groupname": { @@ -23802,7 +21031,7 @@ "properties": { "backend": { "type": "string", - "description": "Path to the authentication backend\n", + "description": "Path to the authentication backend\n\nFor more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap).\n", "willReplaceOnChanges": true }, "groupname": { @@ -23827,11 +21056,11 @@ } }, "vault:ldap/authBackendUser:AuthBackendUser": { - "description": "Provides a resource to create a user in an [LDAP auth backend within Vault](https://www.vaultproject.io/docs/auth/ldap.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst ldap = new vault.ldap.AuthBackend(\"ldap\", {\n path: \"ldap\",\n url: \"ldaps://dc-01.example.org\",\n userdn: \"OU=Users,OU=Accounts,DC=example,DC=org\",\n userattr: \"sAMAccountName\",\n upndomain: \"EXAMPLE.ORG\",\n discoverdn: false,\n groupdn: \"OU=Groups,DC=example,DC=org\",\n groupfilter: \"(\u0026(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))\",\n});\nconst user = new vault.ldap.AuthBackendUser(\"user\", {\n username: \"test-user\",\n policies: [\n \"dba\",\n \"sysops\",\n ],\n backend: ldap.path,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nldap = vault.ldap.AuthBackend(\"ldap\",\n path=\"ldap\",\n url=\"ldaps://dc-01.example.org\",\n userdn=\"OU=Users,OU=Accounts,DC=example,DC=org\",\n userattr=\"sAMAccountName\",\n upndomain=\"EXAMPLE.ORG\",\n discoverdn=False,\n groupdn=\"OU=Groups,DC=example,DC=org\",\n groupfilter=\"(\u0026(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))\")\nuser = vault.ldap.AuthBackendUser(\"user\",\n username=\"test-user\",\n policies=[\n \"dba\",\n \"sysops\",\n ],\n backend=ldap.path)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ldap = new Vault.Ldap.AuthBackend(\"ldap\", new()\n {\n Path = \"ldap\",\n Url = \"ldaps://dc-01.example.org\",\n Userdn = \"OU=Users,OU=Accounts,DC=example,DC=org\",\n Userattr = \"sAMAccountName\",\n Upndomain = \"EXAMPLE.ORG\",\n Discoverdn = false,\n Groupdn = \"OU=Groups,DC=example,DC=org\",\n Groupfilter = \"(\u0026(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))\",\n });\n\n var user = new Vault.Ldap.AuthBackendUser(\"user\", new()\n {\n Username = \"test-user\",\n Policies = new[]\n {\n \"dba\",\n \"sysops\",\n },\n Backend = ldap.Path,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/ldap\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tldap, err := ldap.NewAuthBackend(ctx, \"ldap\", \u0026ldap.AuthBackendArgs{\n\t\t\tPath: pulumi.String(\"ldap\"),\n\t\t\tUrl: pulumi.String(\"ldaps://dc-01.example.org\"),\n\t\t\tUserdn: pulumi.String(\"OU=Users,OU=Accounts,DC=example,DC=org\"),\n\t\t\tUserattr: pulumi.String(\"sAMAccountName\"),\n\t\t\tUpndomain: pulumi.String(\"EXAMPLE.ORG\"),\n\t\t\tDiscoverdn: pulumi.Bool(false),\n\t\t\tGroupdn: pulumi.String(\"OU=Groups,DC=example,DC=org\"),\n\t\t\tGroupfilter: pulumi.String(\"(\u0026(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ldap.NewAuthBackendUser(ctx, \"user\", \u0026ldap.AuthBackendUserArgs{\n\t\t\tUsername: pulumi.String(\"test-user\"),\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"dba\"),\n\t\t\t\tpulumi.String(\"sysops\"),\n\t\t\t},\n\t\t\tBackend: ldap.Path,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.ldap.AuthBackend;\nimport com.pulumi.vault.ldap.AuthBackendArgs;\nimport com.pulumi.vault.ldap.AuthBackendUser;\nimport com.pulumi.vault.ldap.AuthBackendUserArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var ldap = new AuthBackend(\"ldap\", AuthBackendArgs.builder() \n .path(\"ldap\")\n .url(\"ldaps://dc-01.example.org\")\n .userdn(\"OU=Users,OU=Accounts,DC=example,DC=org\")\n .userattr(\"sAMAccountName\")\n .upndomain(\"EXAMPLE.ORG\")\n .discoverdn(false)\n .groupdn(\"OU=Groups,DC=example,DC=org\")\n .groupfilter(\"(\u0026(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))\")\n .build());\n\n var user = new AuthBackendUser(\"user\", AuthBackendUserArgs.builder() \n .username(\"test-user\")\n .policies( \n \"dba\",\n \"sysops\")\n .backend(ldap.path())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ldap:\n type: vault:ldap:AuthBackend\n properties:\n path: ldap\n url: ldaps://dc-01.example.org\n userdn: OU=Users,OU=Accounts,DC=example,DC=org\n userattr: sAMAccountName\n upndomain: EXAMPLE.ORG\n discoverdn: false\n groupdn: OU=Groups,DC=example,DC=org\n groupfilter: (\u0026(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))\n user:\n type: vault:ldap:AuthBackendUser\n properties:\n username: test-user\n policies:\n - dba\n - sysops\n backend: ${ldap.path}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nLDAP authentication backend users can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:ldap/authBackendUser:AuthBackendUser foo auth/ldap/users/foo\n```\n\n ", + "description": "Provides a resource to create a user in an [LDAP auth backend within Vault](https://www.vaultproject.io/docs/auth/ldap.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst ldap = new vault.ldap.AuthBackend(\"ldap\", {\n path: \"ldap\",\n url: \"ldaps://dc-01.example.org\",\n userdn: \"OU=Users,OU=Accounts,DC=example,DC=org\",\n userattr: \"sAMAccountName\",\n upndomain: \"EXAMPLE.ORG\",\n discoverdn: false,\n groupdn: \"OU=Groups,DC=example,DC=org\",\n groupfilter: \"(\u0026(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))\",\n});\nconst user = new vault.ldap.AuthBackendUser(\"user\", {\n username: \"test-user\",\n policies: [\n \"dba\",\n \"sysops\",\n ],\n backend: ldap.path,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nldap = vault.ldap.AuthBackend(\"ldap\",\n path=\"ldap\",\n url=\"ldaps://dc-01.example.org\",\n userdn=\"OU=Users,OU=Accounts,DC=example,DC=org\",\n userattr=\"sAMAccountName\",\n upndomain=\"EXAMPLE.ORG\",\n discoverdn=False,\n groupdn=\"OU=Groups,DC=example,DC=org\",\n groupfilter=\"(\u0026(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))\")\nuser = vault.ldap.AuthBackendUser(\"user\",\n username=\"test-user\",\n policies=[\n \"dba\",\n \"sysops\",\n ],\n backend=ldap.path)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ldap = new Vault.Ldap.AuthBackend(\"ldap\", new()\n {\n Path = \"ldap\",\n Url = \"ldaps://dc-01.example.org\",\n Userdn = \"OU=Users,OU=Accounts,DC=example,DC=org\",\n Userattr = \"sAMAccountName\",\n Upndomain = \"EXAMPLE.ORG\",\n Discoverdn = false,\n Groupdn = \"OU=Groups,DC=example,DC=org\",\n Groupfilter = \"(\u0026(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))\",\n });\n\n var user = new Vault.Ldap.AuthBackendUser(\"user\", new()\n {\n Username = \"test-user\",\n Policies = new[]\n {\n \"dba\",\n \"sysops\",\n },\n Backend = ldap.Path,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/ldap\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tldap, err := ldap.NewAuthBackend(ctx, \"ldap\", \u0026ldap.AuthBackendArgs{\n\t\t\tPath: pulumi.String(\"ldap\"),\n\t\t\tUrl: pulumi.String(\"ldaps://dc-01.example.org\"),\n\t\t\tUserdn: pulumi.String(\"OU=Users,OU=Accounts,DC=example,DC=org\"),\n\t\t\tUserattr: pulumi.String(\"sAMAccountName\"),\n\t\t\tUpndomain: pulumi.String(\"EXAMPLE.ORG\"),\n\t\t\tDiscoverdn: pulumi.Bool(false),\n\t\t\tGroupdn: pulumi.String(\"OU=Groups,DC=example,DC=org\"),\n\t\t\tGroupfilter: pulumi.String(\"(\u0026(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ldap.NewAuthBackendUser(ctx, \"user\", \u0026ldap.AuthBackendUserArgs{\n\t\t\tUsername: pulumi.String(\"test-user\"),\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"dba\"),\n\t\t\t\tpulumi.String(\"sysops\"),\n\t\t\t},\n\t\t\tBackend: ldap.Path,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.ldap.AuthBackend;\nimport com.pulumi.vault.ldap.AuthBackendArgs;\nimport com.pulumi.vault.ldap.AuthBackendUser;\nimport com.pulumi.vault.ldap.AuthBackendUserArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var ldap = new AuthBackend(\"ldap\", AuthBackendArgs.builder() \n .path(\"ldap\")\n .url(\"ldaps://dc-01.example.org\")\n .userdn(\"OU=Users,OU=Accounts,DC=example,DC=org\")\n .userattr(\"sAMAccountName\")\n .upndomain(\"EXAMPLE.ORG\")\n .discoverdn(false)\n .groupdn(\"OU=Groups,DC=example,DC=org\")\n .groupfilter(\"(\u0026(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))\")\n .build());\n\n var user = new AuthBackendUser(\"user\", AuthBackendUserArgs.builder() \n .username(\"test-user\")\n .policies( \n \"dba\",\n \"sysops\")\n .backend(ldap.path())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ldap:\n type: vault:ldap:AuthBackend\n properties:\n path: ldap\n url: ldaps://dc-01.example.org\n userdn: OU=Users,OU=Accounts,DC=example,DC=org\n userattr: sAMAccountName\n upndomain: EXAMPLE.ORG\n discoverdn: false\n groupdn: OU=Groups,DC=example,DC=org\n groupfilter: (\u0026(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))\n user:\n type: vault:ldap:AuthBackendUser\n properties:\n username: test-user\n policies:\n - dba\n - sysops\n backend: ${ldap.path}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nLDAP authentication backend users can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:ldap/authBackendUser:AuthBackendUser foo auth/ldap/users/foo\n```\n ", "properties": { "backend": { "type": "string", - "description": "Path to the authentication backend\n" + "description": "Path to the authentication backend\n\nFor more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap).\n" }, "groups": { "type": "array", @@ -23864,7 +21093,7 @@ "inputProperties": { "backend": { "type": "string", - "description": "Path to the authentication backend\n", + "description": "Path to the authentication backend\n\nFor more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap).\n", "willReplaceOnChanges": true }, "groups": { @@ -23899,7 +21128,7 @@ "properties": { "backend": { "type": "string", - "description": "Path to the authentication backend\n", + "description": "Path to the authentication backend\n\nFor more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap).\n", "willReplaceOnChanges": true }, "groups": { @@ -23930,7 +21159,7 @@ } }, "vault:ldap/secretBackend:SecretBackend": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new vault.ldap.SecretBackend(\"config\", {\n binddn: \"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n bindpass: \"SuperSecretPassw0rd\",\n insecureTls: true,\n path: \"my-custom-ldap\",\n url: \"ldaps://localhost\",\n userdn: \"CN=Users,DC=corp,DC=example,DC=net\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nconfig = vault.ldap.SecretBackend(\"config\",\n binddn=\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n bindpass=\"SuperSecretPassw0rd\",\n insecure_tls=True,\n path=\"my-custom-ldap\",\n url=\"ldaps://localhost\",\n userdn=\"CN=Users,DC=corp,DC=example,DC=net\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Vault.Ldap.SecretBackend(\"config\", new()\n {\n Binddn = \"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n Bindpass = \"SuperSecretPassw0rd\",\n InsecureTls = true,\n Path = \"my-custom-ldap\",\n Url = \"ldaps://localhost\",\n Userdn = \"CN=Users,DC=corp,DC=example,DC=net\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/ldap\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ldap.NewSecretBackend(ctx, \"config\", \u0026ldap.SecretBackendArgs{\n\t\t\tBinddn: pulumi.String(\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\"),\n\t\t\tBindpass: pulumi.String(\"SuperSecretPassw0rd\"),\n\t\t\tInsecureTls: pulumi.Bool(true),\n\t\t\tPath: pulumi.String(\"my-custom-ldap\"),\n\t\t\tUrl: pulumi.String(\"ldaps://localhost\"),\n\t\t\tUserdn: pulumi.String(\"CN=Users,DC=corp,DC=example,DC=net\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.ldap.SecretBackend;\nimport com.pulumi.vault.ldap.SecretBackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var config = new SecretBackend(\"config\", SecretBackendArgs.builder() \n .binddn(\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\")\n .bindpass(\"SuperSecretPassw0rd\")\n .insecureTls(\"true\")\n .path(\"my-custom-ldap\")\n .url(\"ldaps://localhost\")\n .userdn(\"CN=Users,DC=corp,DC=example,DC=net\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n config:\n type: vault:ldap:SecretBackend\n properties:\n binddn: CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\n bindpass: SuperSecretPassw0rd\n insecureTls: true\n path: my-custom-ldap\n url: ldaps://localhost\n userdn: CN=Users,DC=corp,DC=example,DC=net\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nLDAP secret backend can be imported using the `${mount}/config`, e.g.\n\n```sh\n $ pulumi import vault:ldap/secretBackend:SecretBackend config ldap/config\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new vault.ldap.SecretBackend(\"config\", {\n binddn: \"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n bindpass: \"SuperSecretPassw0rd\",\n insecureTls: true,\n path: \"my-custom-ldap\",\n url: \"ldaps://localhost\",\n userdn: \"CN=Users,DC=corp,DC=example,DC=net\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nconfig = vault.ldap.SecretBackend(\"config\",\n binddn=\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n bindpass=\"SuperSecretPassw0rd\",\n insecure_tls=True,\n path=\"my-custom-ldap\",\n url=\"ldaps://localhost\",\n userdn=\"CN=Users,DC=corp,DC=example,DC=net\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Vault.Ldap.SecretBackend(\"config\", new()\n {\n Binddn = \"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n Bindpass = \"SuperSecretPassw0rd\",\n InsecureTls = true,\n Path = \"my-custom-ldap\",\n Url = \"ldaps://localhost\",\n Userdn = \"CN=Users,DC=corp,DC=example,DC=net\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/ldap\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ldap.NewSecretBackend(ctx, \"config\", \u0026ldap.SecretBackendArgs{\n\t\t\tBinddn: pulumi.String(\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\"),\n\t\t\tBindpass: pulumi.String(\"SuperSecretPassw0rd\"),\n\t\t\tInsecureTls: pulumi.Bool(true),\n\t\t\tPath: pulumi.String(\"my-custom-ldap\"),\n\t\t\tUrl: pulumi.String(\"ldaps://localhost\"),\n\t\t\tUserdn: pulumi.String(\"CN=Users,DC=corp,DC=example,DC=net\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.ldap.SecretBackend;\nimport com.pulumi.vault.ldap.SecretBackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var config = new SecretBackend(\"config\", SecretBackendArgs.builder() \n .binddn(\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\")\n .bindpass(\"SuperSecretPassw0rd\")\n .insecureTls(\"true\")\n .path(\"my-custom-ldap\")\n .url(\"ldaps://localhost\")\n .userdn(\"CN=Users,DC=corp,DC=example,DC=net\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n config:\n type: vault:ldap:SecretBackend\n properties:\n binddn: CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\n bindpass: SuperSecretPassw0rd\n insecureTls: 'true'\n path: my-custom-ldap\n url: ldaps://localhost\n userdn: CN=Users,DC=corp,DC=example,DC=net\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nLDAP secret backend can be imported using the `${mount}/config`, e.g.\n\n```sh\n $ pulumi import vault:ldap/secretBackend:SecretBackend config ldap/config\n```\n ", "properties": { "accessor": { "type": "string", @@ -24378,7 +21607,7 @@ } }, "vault:ldap/secretBackendDynamicRole:SecretBackendDynamicRole": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new vault.ldap.SecretBackend(\"config\", {\n path: \"my-custom-ldap\",\n binddn: \"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n bindpass: \"SuperSecretPassw0rd\",\n url: \"ldaps://localhost\",\n userdn: \"CN=Users,DC=corp,DC=example,DC=net\",\n});\nconst role = new vault.ldap.SecretBackendDynamicRole(\"role\", {\n mount: config.path,\n roleName: \"alice\",\n creationLdif: `dn: cn={{.Username}},ou=users,dc=learn,dc=example\nobjectClass: person\nobjectClass: top\ncn: learn\nsn: {{.Password | utf16le | base64}}\nmemberOf: cn=dev,ou=groups,dc=learn,dc=example\nuserPassword: {{.Password}}\n`,\n deletionLdif: `dn: cn={{.Username}},ou=users,dc=learn,dc=example\nchangetype: delete\n rollback_ldif = \u003c\u003cEOT\ndn: cn={{.Username}},ou=users,dc=learn,dc=example\nchangetype: delete\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nconfig = vault.ldap.SecretBackend(\"config\",\n path=\"my-custom-ldap\",\n binddn=\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n bindpass=\"SuperSecretPassw0rd\",\n url=\"ldaps://localhost\",\n userdn=\"CN=Users,DC=corp,DC=example,DC=net\")\nrole = vault.ldap.SecretBackendDynamicRole(\"role\",\n mount=config.path,\n role_name=\"alice\",\n creation_ldif=\"\"\"dn: cn={{.Username}},ou=users,dc=learn,dc=example\nobjectClass: person\nobjectClass: top\ncn: learn\nsn: {{.Password | utf16le | base64}}\nmemberOf: cn=dev,ou=groups,dc=learn,dc=example\nuserPassword: {{.Password}}\n\"\"\",\n deletion_ldif=\"\"\"dn: cn={{.Username}},ou=users,dc=learn,dc=example\nchangetype: delete\n rollback_ldif = \u003c\u003cEOT\ndn: cn={{.Username}},ou=users,dc=learn,dc=example\nchangetype: delete\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Vault.Ldap.SecretBackend(\"config\", new()\n {\n Path = \"my-custom-ldap\",\n Binddn = \"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n Bindpass = \"SuperSecretPassw0rd\",\n Url = \"ldaps://localhost\",\n Userdn = \"CN=Users,DC=corp,DC=example,DC=net\",\n });\n\n var role = new Vault.Ldap.SecretBackendDynamicRole(\"role\", new()\n {\n Mount = config.Path,\n RoleName = \"alice\",\n CreationLdif = @\"dn: cn={{.Username}},ou=users,dc=learn,dc=example\nobjectClass: person\nobjectClass: top\ncn: learn\nsn: {{.Password | utf16le | base64}}\nmemberOf: cn=dev,ou=groups,dc=learn,dc=example\nuserPassword: {{.Password}}\n\",\n DeletionLdif = @\"dn: cn={{.Username}},ou=users,dc=learn,dc=example\nchangetype: delete\n rollback_ldif = \u003c\u003cEOT\ndn: cn={{.Username}},ou=users,dc=learn,dc=example\nchangetype: delete\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/ldap\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tconfig, err := ldap.NewSecretBackend(ctx, \"config\", \u0026ldap.SecretBackendArgs{\n\t\t\tPath: pulumi.String(\"my-custom-ldap\"),\n\t\t\tBinddn: pulumi.String(\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\"),\n\t\t\tBindpass: pulumi.String(\"SuperSecretPassw0rd\"),\n\t\t\tUrl: pulumi.String(\"ldaps://localhost\"),\n\t\t\tUserdn: pulumi.String(\"CN=Users,DC=corp,DC=example,DC=net\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ldap.NewSecretBackendDynamicRole(ctx, \"role\", \u0026ldap.SecretBackendDynamicRoleArgs{\n\t\t\tMount: config.Path,\n\t\t\tRoleName: pulumi.String(\"alice\"),\n\t\t\tCreationLdif: pulumi.String(\"dn: cn={{.Username}},ou=users,dc=learn,dc=example\\nobjectClass: person\\nobjectClass: top\\ncn: learn\\nsn: {{.Password | utf16le | base64}}\\nmemberOf: cn=dev,ou=groups,dc=learn,dc=example\\nuserPassword: {{.Password}}\\n\"),\n\t\t\tDeletionLdif: pulumi.String(\"dn: cn={{.Username}},ou=users,dc=learn,dc=example\\nchangetype: delete\\n rollback_ldif = \u003c\u003cEOT\\ndn: cn={{.Username}},ou=users,dc=learn,dc=example\\nchangetype: delete\\n\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.ldap.SecretBackend;\nimport com.pulumi.vault.ldap.SecretBackendArgs;\nimport com.pulumi.vault.ldap.SecretBackendDynamicRole;\nimport com.pulumi.vault.ldap.SecretBackendDynamicRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var config = new SecretBackend(\"config\", SecretBackendArgs.builder() \n .path(\"my-custom-ldap\")\n .binddn(\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\")\n .bindpass(\"SuperSecretPassw0rd\")\n .url(\"ldaps://localhost\")\n .userdn(\"CN=Users,DC=corp,DC=example,DC=net\")\n .build());\n\n var role = new SecretBackendDynamicRole(\"role\", SecretBackendDynamicRoleArgs.builder() \n .mount(config.path())\n .roleName(\"alice\")\n .creationLdif(\"\"\"\ndn: cn={{.Username}},ou=users,dc=learn,dc=example\nobjectClass: person\nobjectClass: top\ncn: learn\nsn: {{.Password | utf16le | base64}}\nmemberOf: cn=dev,ou=groups,dc=learn,dc=example\nuserPassword: {{.Password}}\n \"\"\")\n .deletionLdif(\"\"\"\ndn: cn={{.Username}},ou=users,dc=learn,dc=example\nchangetype: delete\n rollback_ldif = \u003c\u003cEOT\ndn: cn={{.Username}},ou=users,dc=learn,dc=example\nchangetype: delete\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n config:\n type: vault:ldap:SecretBackend\n properties:\n path: my-custom-ldap\n binddn: CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\n bindpass: SuperSecretPassw0rd\n url: ldaps://localhost\n userdn: CN=Users,DC=corp,DC=example,DC=net\n role:\n type: vault:ldap:SecretBackendDynamicRole\n properties:\n mount: ${config.path}\n roleName: alice\n creationLdif: |\n dn: cn={{.Username}},ou=users,dc=learn,dc=example\n objectClass: person\n objectClass: top\n cn: learn\n sn: {{.Password | utf16le | base64}}\n memberOf: cn=dev,ou=groups,dc=learn,dc=example\n userPassword: {{.Password}}\n deletionLdif: |\n dn: cn={{.Username}},ou=users,dc=learn,dc=example\n changetype: delete\n rollback_ldif = \u003c\u003cEOT\n dn: cn={{.Username}},ou=users,dc=learn,dc=example\n changetype: delete\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nLDAP secret backend dynamic role can be imported using the full path to the role of the form`\u003cmount_path\u003e/dynamic-role/\u003crole_name\u003e` e.g.\n\n```sh\n $ pulumi import vault:ldap/secretBackendDynamicRole:SecretBackendDynamicRole role ldap/role/dynamic-role\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new vault.ldap.SecretBackend(\"config\", {\n path: \"my-custom-ldap\",\n binddn: \"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n bindpass: \"SuperSecretPassw0rd\",\n url: \"ldaps://localhost\",\n userdn: \"CN=Users,DC=corp,DC=example,DC=net\",\n});\nconst role = new vault.ldap.SecretBackendDynamicRole(\"role\", {\n mount: config.path,\n roleName: \"alice\",\n creationLdif: `dn: cn={{.Username}},ou=users,dc=learn,dc=example\nobjectClass: person\nobjectClass: top\ncn: learn\nsn: {{.Password | utf16le | base64}}\nmemberOf: cn=dev,ou=groups,dc=learn,dc=example\nuserPassword: {{.Password}}\n`,\n deletionLdif: `dn: cn={{.Username}},ou=users,dc=learn,dc=example\nchangetype: delete\n rollback_ldif = \u003c\u003cEOT\ndn: cn={{.Username}},ou=users,dc=learn,dc=example\nchangetype: delete\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nconfig = vault.ldap.SecretBackend(\"config\",\n path=\"my-custom-ldap\",\n binddn=\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n bindpass=\"SuperSecretPassw0rd\",\n url=\"ldaps://localhost\",\n userdn=\"CN=Users,DC=corp,DC=example,DC=net\")\nrole = vault.ldap.SecretBackendDynamicRole(\"role\",\n mount=config.path,\n role_name=\"alice\",\n creation_ldif=\"\"\"dn: cn={{.Username}},ou=users,dc=learn,dc=example\nobjectClass: person\nobjectClass: top\ncn: learn\nsn: {{.Password | utf16le | base64}}\nmemberOf: cn=dev,ou=groups,dc=learn,dc=example\nuserPassword: {{.Password}}\n\"\"\",\n deletion_ldif=\"\"\"dn: cn={{.Username}},ou=users,dc=learn,dc=example\nchangetype: delete\n rollback_ldif = \u003c\u003cEOT\ndn: cn={{.Username}},ou=users,dc=learn,dc=example\nchangetype: delete\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Vault.Ldap.SecretBackend(\"config\", new()\n {\n Path = \"my-custom-ldap\",\n Binddn = \"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n Bindpass = \"SuperSecretPassw0rd\",\n Url = \"ldaps://localhost\",\n Userdn = \"CN=Users,DC=corp,DC=example,DC=net\",\n });\n\n var role = new Vault.Ldap.SecretBackendDynamicRole(\"role\", new()\n {\n Mount = config.Path,\n RoleName = \"alice\",\n CreationLdif = @\"dn: cn={{.Username}},ou=users,dc=learn,dc=example\nobjectClass: person\nobjectClass: top\ncn: learn\nsn: {{.Password | utf16le | base64}}\nmemberOf: cn=dev,ou=groups,dc=learn,dc=example\nuserPassword: {{.Password}}\n\",\n DeletionLdif = @\"dn: cn={{.Username}},ou=users,dc=learn,dc=example\nchangetype: delete\n rollback_ldif = \u003c\u003cEOT\ndn: cn={{.Username}},ou=users,dc=learn,dc=example\nchangetype: delete\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/ldap\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tconfig, err := ldap.NewSecretBackend(ctx, \"config\", \u0026ldap.SecretBackendArgs{\n\t\t\tPath: pulumi.String(\"my-custom-ldap\"),\n\t\t\tBinddn: pulumi.String(\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\"),\n\t\t\tBindpass: pulumi.String(\"SuperSecretPassw0rd\"),\n\t\t\tUrl: pulumi.String(\"ldaps://localhost\"),\n\t\t\tUserdn: pulumi.String(\"CN=Users,DC=corp,DC=example,DC=net\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ldap.NewSecretBackendDynamicRole(ctx, \"role\", \u0026ldap.SecretBackendDynamicRoleArgs{\n\t\t\tMount: config.Path,\n\t\t\tRoleName: pulumi.String(\"alice\"),\n\t\t\tCreationLdif: pulumi.String(`dn: cn={{.Username}},ou=users,dc=learn,dc=example\nobjectClass: person\nobjectClass: top\ncn: learn\nsn: {{.Password | utf16le | base64}}\nmemberOf: cn=dev,ou=groups,dc=learn,dc=example\nuserPassword: {{.Password}}\n`),\n\t\t\tDeletionLdif: pulumi.String(`dn: cn={{.Username}},ou=users,dc=learn,dc=example\nchangetype: delete\n rollback_ldif = \u003c\u003cEOT\ndn: cn={{.Username}},ou=users,dc=learn,dc=example\nchangetype: delete\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.ldap.SecretBackend;\nimport com.pulumi.vault.ldap.SecretBackendArgs;\nimport com.pulumi.vault.ldap.SecretBackendDynamicRole;\nimport com.pulumi.vault.ldap.SecretBackendDynamicRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var config = new SecretBackend(\"config\", SecretBackendArgs.builder() \n .path(\"my-custom-ldap\")\n .binddn(\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\")\n .bindpass(\"SuperSecretPassw0rd\")\n .url(\"ldaps://localhost\")\n .userdn(\"CN=Users,DC=corp,DC=example,DC=net\")\n .build());\n\n var role = new SecretBackendDynamicRole(\"role\", SecretBackendDynamicRoleArgs.builder() \n .mount(config.path())\n .roleName(\"alice\")\n .creationLdif(\"\"\"\ndn: cn={{.Username}},ou=users,dc=learn,dc=example\nobjectClass: person\nobjectClass: top\ncn: learn\nsn: {{.Password | utf16le | base64}}\nmemberOf: cn=dev,ou=groups,dc=learn,dc=example\nuserPassword: {{.Password}}\n \"\"\")\n .deletionLdif(\"\"\"\ndn: cn={{.Username}},ou=users,dc=learn,dc=example\nchangetype: delete\n rollback_ldif = \u003c\u003cEOT\ndn: cn={{.Username}},ou=users,dc=learn,dc=example\nchangetype: delete\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n config:\n type: vault:ldap:SecretBackend\n properties:\n path: my-custom-ldap\n binddn: CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\n bindpass: SuperSecretPassw0rd\n url: ldaps://localhost\n userdn: CN=Users,DC=corp,DC=example,DC=net\n role:\n type: vault:ldap:SecretBackendDynamicRole\n properties:\n mount: ${config.path}\n roleName: alice\n creationLdif: |\n dn: cn={{.Username}},ou=users,dc=learn,dc=example\n objectClass: person\n objectClass: top\n cn: learn\n sn: {{.Password | utf16le | base64}}\n memberOf: cn=dev,ou=groups,dc=learn,dc=example\n userPassword: {{.Password}}\n deletionLdif: |\n dn: cn={{.Username}},ou=users,dc=learn,dc=example\n changetype: delete\n rollback_ldif = \u003c\u003cEOT\n dn: cn={{.Username}},ou=users,dc=learn,dc=example\n changetype: delete\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nLDAP secret backend dynamic role can be imported using the full path to the role of the form`\u003cmount_path\u003e/dynamic-role/\u003crole_name\u003e` e.g.\n\n```sh\n $ pulumi import vault:ldap/secretBackendDynamicRole:SecretBackendDynamicRole role ldap/role/dynamic-role\n```\n ", "properties": { "creationLdif": { "type": "string", @@ -24513,7 +21742,7 @@ } }, "vault:ldap/secretBackendLibrarySet:SecretBackendLibrarySet": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new vault.ldap.SecretBackend(\"config\", {\n path: \"ldap\",\n binddn: \"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n bindpass: \"SuperSecretPassw0rd\",\n url: \"ldaps://localhost\",\n insecureTls: true,\n userdn: \"CN=Users,DC=corp,DC=example,DC=net\",\n});\nconst qa = new vault.ldap.SecretBackendLibrarySet(\"qa\", {\n mount: config.path,\n serviceAccountNames: [\n \"Bob\",\n \"Mary\",\n ],\n ttl: 60,\n disableCheckInEnforcement: true,\n maxTtl: 120,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nconfig = vault.ldap.SecretBackend(\"config\",\n path=\"ldap\",\n binddn=\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n bindpass=\"SuperSecretPassw0rd\",\n url=\"ldaps://localhost\",\n insecure_tls=True,\n userdn=\"CN=Users,DC=corp,DC=example,DC=net\")\nqa = vault.ldap.SecretBackendLibrarySet(\"qa\",\n mount=config.path,\n service_account_names=[\n \"Bob\",\n \"Mary\",\n ],\n ttl=60,\n disable_check_in_enforcement=True,\n max_ttl=120)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Vault.Ldap.SecretBackend(\"config\", new()\n {\n Path = \"ldap\",\n Binddn = \"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n Bindpass = \"SuperSecretPassw0rd\",\n Url = \"ldaps://localhost\",\n InsecureTls = true,\n Userdn = \"CN=Users,DC=corp,DC=example,DC=net\",\n });\n\n var qa = new Vault.Ldap.SecretBackendLibrarySet(\"qa\", new()\n {\n Mount = config.Path,\n ServiceAccountNames = new[]\n {\n \"Bob\",\n \"Mary\",\n },\n Ttl = 60,\n DisableCheckInEnforcement = true,\n MaxTtl = 120,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/ldap\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tconfig, err := ldap.NewSecretBackend(ctx, \"config\", \u0026ldap.SecretBackendArgs{\n\t\t\tPath: pulumi.String(\"ldap\"),\n\t\t\tBinddn: pulumi.String(\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\"),\n\t\t\tBindpass: pulumi.String(\"SuperSecretPassw0rd\"),\n\t\t\tUrl: pulumi.String(\"ldaps://localhost\"),\n\t\t\tInsecureTls: pulumi.Bool(true),\n\t\t\tUserdn: pulumi.String(\"CN=Users,DC=corp,DC=example,DC=net\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ldap.NewSecretBackendLibrarySet(ctx, \"qa\", \u0026ldap.SecretBackendLibrarySetArgs{\n\t\t\tMount: config.Path,\n\t\t\tServiceAccountNames: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"Bob\"),\n\t\t\t\tpulumi.String(\"Mary\"),\n\t\t\t},\n\t\t\tTtl: pulumi.Int(60),\n\t\t\tDisableCheckInEnforcement: pulumi.Bool(true),\n\t\t\tMaxTtl: pulumi.Int(120),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.ldap.SecretBackend;\nimport com.pulumi.vault.ldap.SecretBackendArgs;\nimport com.pulumi.vault.ldap.SecretBackendLibrarySet;\nimport com.pulumi.vault.ldap.SecretBackendLibrarySetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var config = new SecretBackend(\"config\", SecretBackendArgs.builder() \n .path(\"ldap\")\n .binddn(\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\")\n .bindpass(\"SuperSecretPassw0rd\")\n .url(\"ldaps://localhost\")\n .insecureTls(\"true\")\n .userdn(\"CN=Users,DC=corp,DC=example,DC=net\")\n .build());\n\n var qa = new SecretBackendLibrarySet(\"qa\", SecretBackendLibrarySetArgs.builder() \n .mount(config.path())\n .serviceAccountNames( \n \"Bob\",\n \"Mary\")\n .ttl(60)\n .disableCheckInEnforcement(true)\n .maxTtl(120)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n config:\n type: vault:ldap:SecretBackend\n properties:\n path: ldap\n binddn: CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\n bindpass: SuperSecretPassw0rd\n url: ldaps://localhost\n insecureTls: true\n userdn: CN=Users,DC=corp,DC=example,DC=net\n qa:\n type: vault:ldap:SecretBackendLibrarySet\n properties:\n mount: ${config.path}\n serviceAccountNames:\n - Bob\n - Mary\n ttl: 60\n disableCheckInEnforcement: true\n maxTtl: 120\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nLDAP secret backend libraries can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:ldap/secretBackendLibrarySet:SecretBackendLibrarySet qa ldap/library/bob\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new vault.ldap.SecretBackend(\"config\", {\n path: \"ldap\",\n binddn: \"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n bindpass: \"SuperSecretPassw0rd\",\n url: \"ldaps://localhost\",\n insecureTls: true,\n userdn: \"CN=Users,DC=corp,DC=example,DC=net\",\n});\nconst qa = new vault.ldap.SecretBackendLibrarySet(\"qa\", {\n mount: config.path,\n serviceAccountNames: [\n \"Bob\",\n \"Mary\",\n ],\n ttl: 60,\n disableCheckInEnforcement: true,\n maxTtl: 120,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nconfig = vault.ldap.SecretBackend(\"config\",\n path=\"ldap\",\n binddn=\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n bindpass=\"SuperSecretPassw0rd\",\n url=\"ldaps://localhost\",\n insecure_tls=True,\n userdn=\"CN=Users,DC=corp,DC=example,DC=net\")\nqa = vault.ldap.SecretBackendLibrarySet(\"qa\",\n mount=config.path,\n service_account_names=[\n \"Bob\",\n \"Mary\",\n ],\n ttl=60,\n disable_check_in_enforcement=True,\n max_ttl=120)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Vault.Ldap.SecretBackend(\"config\", new()\n {\n Path = \"ldap\",\n Binddn = \"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n Bindpass = \"SuperSecretPassw0rd\",\n Url = \"ldaps://localhost\",\n InsecureTls = true,\n Userdn = \"CN=Users,DC=corp,DC=example,DC=net\",\n });\n\n var qa = new Vault.Ldap.SecretBackendLibrarySet(\"qa\", new()\n {\n Mount = config.Path,\n ServiceAccountNames = new[]\n {\n \"Bob\",\n \"Mary\",\n },\n Ttl = 60,\n DisableCheckInEnforcement = true,\n MaxTtl = 120,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/ldap\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tconfig, err := ldap.NewSecretBackend(ctx, \"config\", \u0026ldap.SecretBackendArgs{\n\t\t\tPath: pulumi.String(\"ldap\"),\n\t\t\tBinddn: pulumi.String(\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\"),\n\t\t\tBindpass: pulumi.String(\"SuperSecretPassw0rd\"),\n\t\t\tUrl: pulumi.String(\"ldaps://localhost\"),\n\t\t\tInsecureTls: pulumi.Bool(true),\n\t\t\tUserdn: pulumi.String(\"CN=Users,DC=corp,DC=example,DC=net\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ldap.NewSecretBackendLibrarySet(ctx, \"qa\", \u0026ldap.SecretBackendLibrarySetArgs{\n\t\t\tMount: config.Path,\n\t\t\tServiceAccountNames: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"Bob\"),\n\t\t\t\tpulumi.String(\"Mary\"),\n\t\t\t},\n\t\t\tTtl: pulumi.Int(60),\n\t\t\tDisableCheckInEnforcement: pulumi.Bool(true),\n\t\t\tMaxTtl: pulumi.Int(120),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.ldap.SecretBackend;\nimport com.pulumi.vault.ldap.SecretBackendArgs;\nimport com.pulumi.vault.ldap.SecretBackendLibrarySet;\nimport com.pulumi.vault.ldap.SecretBackendLibrarySetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var config = new SecretBackend(\"config\", SecretBackendArgs.builder() \n .path(\"ldap\")\n .binddn(\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\")\n .bindpass(\"SuperSecretPassw0rd\")\n .url(\"ldaps://localhost\")\n .insecureTls(\"true\")\n .userdn(\"CN=Users,DC=corp,DC=example,DC=net\")\n .build());\n\n var qa = new SecretBackendLibrarySet(\"qa\", SecretBackendLibrarySetArgs.builder() \n .mount(config.path())\n .serviceAccountNames( \n \"Bob\",\n \"Mary\")\n .ttl(60)\n .disableCheckInEnforcement(true)\n .maxTtl(120)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n config:\n type: vault:ldap:SecretBackend\n properties:\n path: ldap\n binddn: CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\n bindpass: SuperSecretPassw0rd\n url: ldaps://localhost\n insecureTls: 'true'\n userdn: CN=Users,DC=corp,DC=example,DC=net\n qa:\n type: vault:ldap:SecretBackendLibrarySet\n properties:\n mount: ${config.path}\n serviceAccountNames:\n - Bob\n - Mary\n ttl: 60\n disableCheckInEnforcement: true\n maxTtl: 120\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nLDAP secret backend libraries can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:ldap/secretBackendLibrarySet:SecretBackendLibrarySet qa ldap/library/bob\n```\n ", "properties": { "disableCheckInEnforcement": { "type": "boolean", @@ -24634,7 +21863,7 @@ } }, "vault:ldap/secretBackendStaticRole:SecretBackendStaticRole": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new vault.ldap.SecretBackend(\"config\", {\n path: \"my-custom-ldap\",\n binddn: \"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n bindpass: \"SuperSecretPassw0rd\",\n url: \"ldaps://localhost\",\n insecureTls: true,\n userdn: \"CN=Users,DC=corp,DC=example,DC=net\",\n});\nconst role = new vault.ldap.SecretBackendStaticRole(\"role\", {\n mount: config.path,\n username: \"alice\",\n dn: \"cn=alice,ou=Users,DC=corp,DC=example,DC=net\",\n roleName: \"alice\",\n rotationPeriod: 60,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nconfig = vault.ldap.SecretBackend(\"config\",\n path=\"my-custom-ldap\",\n binddn=\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n bindpass=\"SuperSecretPassw0rd\",\n url=\"ldaps://localhost\",\n insecure_tls=True,\n userdn=\"CN=Users,DC=corp,DC=example,DC=net\")\nrole = vault.ldap.SecretBackendStaticRole(\"role\",\n mount=config.path,\n username=\"alice\",\n dn=\"cn=alice,ou=Users,DC=corp,DC=example,DC=net\",\n role_name=\"alice\",\n rotation_period=60)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Vault.Ldap.SecretBackend(\"config\", new()\n {\n Path = \"my-custom-ldap\",\n Binddn = \"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n Bindpass = \"SuperSecretPassw0rd\",\n Url = \"ldaps://localhost\",\n InsecureTls = true,\n Userdn = \"CN=Users,DC=corp,DC=example,DC=net\",\n });\n\n var role = new Vault.Ldap.SecretBackendStaticRole(\"role\", new()\n {\n Mount = config.Path,\n Username = \"alice\",\n Dn = \"cn=alice,ou=Users,DC=corp,DC=example,DC=net\",\n RoleName = \"alice\",\n RotationPeriod = 60,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/ldap\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tconfig, err := ldap.NewSecretBackend(ctx, \"config\", \u0026ldap.SecretBackendArgs{\n\t\t\tPath: pulumi.String(\"my-custom-ldap\"),\n\t\t\tBinddn: pulumi.String(\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\"),\n\t\t\tBindpass: pulumi.String(\"SuperSecretPassw0rd\"),\n\t\t\tUrl: pulumi.String(\"ldaps://localhost\"),\n\t\t\tInsecureTls: pulumi.Bool(true),\n\t\t\tUserdn: pulumi.String(\"CN=Users,DC=corp,DC=example,DC=net\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ldap.NewSecretBackendStaticRole(ctx, \"role\", \u0026ldap.SecretBackendStaticRoleArgs{\n\t\t\tMount: config.Path,\n\t\t\tUsername: pulumi.String(\"alice\"),\n\t\t\tDn: pulumi.String(\"cn=alice,ou=Users,DC=corp,DC=example,DC=net\"),\n\t\t\tRoleName: pulumi.String(\"alice\"),\n\t\t\tRotationPeriod: pulumi.Int(60),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.ldap.SecretBackend;\nimport com.pulumi.vault.ldap.SecretBackendArgs;\nimport com.pulumi.vault.ldap.SecretBackendStaticRole;\nimport com.pulumi.vault.ldap.SecretBackendStaticRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var config = new SecretBackend(\"config\", SecretBackendArgs.builder() \n .path(\"my-custom-ldap\")\n .binddn(\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\")\n .bindpass(\"SuperSecretPassw0rd\")\n .url(\"ldaps://localhost\")\n .insecureTls(\"true\")\n .userdn(\"CN=Users,DC=corp,DC=example,DC=net\")\n .build());\n\n var role = new SecretBackendStaticRole(\"role\", SecretBackendStaticRoleArgs.builder() \n .mount(config.path())\n .username(\"alice\")\n .dn(\"cn=alice,ou=Users,DC=corp,DC=example,DC=net\")\n .roleName(\"alice\")\n .rotationPeriod(60)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n config:\n type: vault:ldap:SecretBackend\n properties:\n path: my-custom-ldap\n binddn: CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\n bindpass: SuperSecretPassw0rd\n url: ldaps://localhost\n insecureTls: true\n userdn: CN=Users,DC=corp,DC=example,DC=net\n role:\n type: vault:ldap:SecretBackendStaticRole\n properties:\n mount: ${config.path}\n username: alice\n dn: cn=alice,ou=Users,DC=corp,DC=example,DC=net\n roleName: alice\n rotationPeriod: 60\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nLDAP secret backend static role can be imported using the full path to the role of the form`\u003cmount_path\u003e/static-role/\u003crole_name\u003e` e.g.\n\n```sh\n $ pulumi import vault:ldap/secretBackendStaticRole:SecretBackendStaticRole role ldap/static-role/example-role\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new vault.ldap.SecretBackend(\"config\", {\n path: \"my-custom-ldap\",\n binddn: \"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n bindpass: \"SuperSecretPassw0rd\",\n url: \"ldaps://localhost\",\n insecureTls: true,\n userdn: \"CN=Users,DC=corp,DC=example,DC=net\",\n});\nconst role = new vault.ldap.SecretBackendStaticRole(\"role\", {\n mount: config.path,\n username: \"alice\",\n dn: \"cn=alice,ou=Users,DC=corp,DC=example,DC=net\",\n roleName: \"alice\",\n rotationPeriod: 60,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nconfig = vault.ldap.SecretBackend(\"config\",\n path=\"my-custom-ldap\",\n binddn=\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n bindpass=\"SuperSecretPassw0rd\",\n url=\"ldaps://localhost\",\n insecure_tls=True,\n userdn=\"CN=Users,DC=corp,DC=example,DC=net\")\nrole = vault.ldap.SecretBackendStaticRole(\"role\",\n mount=config.path,\n username=\"alice\",\n dn=\"cn=alice,ou=Users,DC=corp,DC=example,DC=net\",\n role_name=\"alice\",\n rotation_period=60)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Vault.Ldap.SecretBackend(\"config\", new()\n {\n Path = \"my-custom-ldap\",\n Binddn = \"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\",\n Bindpass = \"SuperSecretPassw0rd\",\n Url = \"ldaps://localhost\",\n InsecureTls = true,\n Userdn = \"CN=Users,DC=corp,DC=example,DC=net\",\n });\n\n var role = new Vault.Ldap.SecretBackendStaticRole(\"role\", new()\n {\n Mount = config.Path,\n Username = \"alice\",\n Dn = \"cn=alice,ou=Users,DC=corp,DC=example,DC=net\",\n RoleName = \"alice\",\n RotationPeriod = 60,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/ldap\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tconfig, err := ldap.NewSecretBackend(ctx, \"config\", \u0026ldap.SecretBackendArgs{\n\t\t\tPath: pulumi.String(\"my-custom-ldap\"),\n\t\t\tBinddn: pulumi.String(\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\"),\n\t\t\tBindpass: pulumi.String(\"SuperSecretPassw0rd\"),\n\t\t\tUrl: pulumi.String(\"ldaps://localhost\"),\n\t\t\tInsecureTls: pulumi.Bool(true),\n\t\t\tUserdn: pulumi.String(\"CN=Users,DC=corp,DC=example,DC=net\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ldap.NewSecretBackendStaticRole(ctx, \"role\", \u0026ldap.SecretBackendStaticRoleArgs{\n\t\t\tMount: config.Path,\n\t\t\tUsername: pulumi.String(\"alice\"),\n\t\t\tDn: pulumi.String(\"cn=alice,ou=Users,DC=corp,DC=example,DC=net\"),\n\t\t\tRoleName: pulumi.String(\"alice\"),\n\t\t\tRotationPeriod: pulumi.Int(60),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.ldap.SecretBackend;\nimport com.pulumi.vault.ldap.SecretBackendArgs;\nimport com.pulumi.vault.ldap.SecretBackendStaticRole;\nimport com.pulumi.vault.ldap.SecretBackendStaticRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var config = new SecretBackend(\"config\", SecretBackendArgs.builder() \n .path(\"my-custom-ldap\")\n .binddn(\"CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\")\n .bindpass(\"SuperSecretPassw0rd\")\n .url(\"ldaps://localhost\")\n .insecureTls(\"true\")\n .userdn(\"CN=Users,DC=corp,DC=example,DC=net\")\n .build());\n\n var role = new SecretBackendStaticRole(\"role\", SecretBackendStaticRoleArgs.builder() \n .mount(config.path())\n .username(\"alice\")\n .dn(\"cn=alice,ou=Users,DC=corp,DC=example,DC=net\")\n .roleName(\"alice\")\n .rotationPeriod(60)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n config:\n type: vault:ldap:SecretBackend\n properties:\n path: my-custom-ldap\n binddn: CN=Administrator,CN=Users,DC=corp,DC=example,DC=net\n bindpass: SuperSecretPassw0rd\n url: ldaps://localhost\n insecureTls: 'true'\n userdn: CN=Users,DC=corp,DC=example,DC=net\n role:\n type: vault:ldap:SecretBackendStaticRole\n properties:\n mount: ${config.path}\n username: alice\n dn: cn=alice,ou=Users,DC=corp,DC=example,DC=net\n roleName: alice\n rotationPeriod: 60\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nLDAP secret backend static role can be imported using the full path to the role of the form`\u003cmount_path\u003e/static-role/\u003crole_name\u003e` e.g.\n\n```sh\n $ pulumi import vault:ldap/secretBackendStaticRole:SecretBackendStaticRole role ldap/static-role/example-role\n```\n ", "properties": { "dn": { "type": "string", @@ -24735,7 +21964,7 @@ } }, "vault:managed/keys:Keys": { - "description": "\n\n\n## Import\n\nMounts can be imported using the `id` of `default`, e.g.\n\n```sh\n $ pulumi import vault:managed/keys:Keys keys default\n```\n\n ", + "description": "\n\n\n## Import\n\nMounts can be imported using the `id` of `default`, e.g.\n\n```sh\n $ pulumi import vault:managed/keys:Keys keys default\n```\n ", "properties": { "aws": { "type": "array", @@ -24825,7 +22054,7 @@ } }, "vault:mongodbatlas/secretBackend:SecretBackend": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst mongo = new vault.Mount(\"mongo\", {\n description: \"MongoDB Atlas secret engine mount\",\n path: \"mongodbatlas\",\n type: \"mongodbatlas\",\n});\nconst config = new vault.mongodbatlas.SecretBackend(\"config\", {\n mount: \"vault_mount.mongo.path\",\n privateKey: \"privateKey\",\n publicKey: \"publicKey\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nmongo = vault.Mount(\"mongo\",\n description=\"MongoDB Atlas secret engine mount\",\n path=\"mongodbatlas\",\n type=\"mongodbatlas\")\nconfig = vault.mongodbatlas.SecretBackend(\"config\",\n mount=\"vault_mount.mongo.path\",\n private_key=\"privateKey\",\n public_key=\"publicKey\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var mongo = new Vault.Mount(\"mongo\", new()\n {\n Description = \"MongoDB Atlas secret engine mount\",\n Path = \"mongodbatlas\",\n Type = \"mongodbatlas\",\n });\n\n var config = new Vault.MongoDBAtlas.SecretBackend(\"config\", new()\n {\n Mount = \"vault_mount.mongo.path\",\n PrivateKey = \"privateKey\",\n PublicKey = \"publicKey\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/mongodbatlas\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewMount(ctx, \"mongo\", \u0026vault.MountArgs{\n\t\t\tDescription: pulumi.String(\"MongoDB Atlas secret engine mount\"),\n\t\t\tPath: pulumi.String(\"mongodbatlas\"),\n\t\t\tType: pulumi.String(\"mongodbatlas\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = mongodbatlas.NewSecretBackend(ctx, \"config\", \u0026mongodbatlas.SecretBackendArgs{\n\t\t\tMount: pulumi.String(\"vault_mount.mongo.path\"),\n\t\t\tPrivateKey: pulumi.String(\"privateKey\"),\n\t\t\tPublicKey: pulumi.String(\"publicKey\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.mongodbatlas.SecretBackend;\nimport com.pulumi.vault.mongodbatlas.SecretBackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var mongo = new Mount(\"mongo\", MountArgs.builder() \n .description(\"MongoDB Atlas secret engine mount\")\n .path(\"mongodbatlas\")\n .type(\"mongodbatlas\")\n .build());\n\n var config = new SecretBackend(\"config\", SecretBackendArgs.builder() \n .mount(\"vault_mount.mongo.path\")\n .privateKey(\"privateKey\")\n .publicKey(\"publicKey\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n mongo:\n type: vault:Mount\n properties:\n description: MongoDB Atlas secret engine mount\n path: mongodbatlas\n type: mongodbatlas\n config:\n type: vault:mongodbatlas:SecretBackend\n properties:\n mount: vault_mount.mongo.path\n privateKey: privateKey\n publicKey: publicKey\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nMongoDB Atlas secret backends can be imported using the `${mount}/config`, e.g.\n\n```sh\n $ pulumi import vault:mongodbatlas/secretBackend:SecretBackend config mongodbatlas/config\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst mongo = new vault.Mount(\"mongo\", {\n description: \"MongoDB Atlas secret engine mount\",\n path: \"mongodbatlas\",\n type: \"mongodbatlas\",\n});\nconst config = new vault.mongodbatlas.SecretBackend(\"config\", {\n mount: \"vault_mount.mongo.path\",\n privateKey: \"privateKey\",\n publicKey: \"publicKey\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nmongo = vault.Mount(\"mongo\",\n description=\"MongoDB Atlas secret engine mount\",\n path=\"mongodbatlas\",\n type=\"mongodbatlas\")\nconfig = vault.mongodbatlas.SecretBackend(\"config\",\n mount=\"vault_mount.mongo.path\",\n private_key=\"privateKey\",\n public_key=\"publicKey\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var mongo = new Vault.Mount(\"mongo\", new()\n {\n Description = \"MongoDB Atlas secret engine mount\",\n Path = \"mongodbatlas\",\n Type = \"mongodbatlas\",\n });\n\n var config = new Vault.MongoDBAtlas.SecretBackend(\"config\", new()\n {\n Mount = \"vault_mount.mongo.path\",\n PrivateKey = \"privateKey\",\n PublicKey = \"publicKey\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/mongodbatlas\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.NewMount(ctx, \"mongo\", \u0026vault.MountArgs{\n\t\t\tDescription: pulumi.String(\"MongoDB Atlas secret engine mount\"),\n\t\t\tPath: pulumi.String(\"mongodbatlas\"),\n\t\t\tType: pulumi.String(\"mongodbatlas\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = mongodbatlas.NewSecretBackend(ctx, \"config\", \u0026mongodbatlas.SecretBackendArgs{\n\t\t\tMount: pulumi.String(\"vault_mount.mongo.path\"),\n\t\t\tPrivateKey: pulumi.String(\"privateKey\"),\n\t\t\tPublicKey: pulumi.String(\"publicKey\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.mongodbatlas.SecretBackend;\nimport com.pulumi.vault.mongodbatlas.SecretBackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var mongo = new Mount(\"mongo\", MountArgs.builder() \n .description(\"MongoDB Atlas secret engine mount\")\n .path(\"mongodbatlas\")\n .type(\"mongodbatlas\")\n .build());\n\n var config = new SecretBackend(\"config\", SecretBackendArgs.builder() \n .mount(\"vault_mount.mongo.path\")\n .privateKey(\"privateKey\")\n .publicKey(\"publicKey\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n mongo:\n type: vault:Mount\n properties:\n description: MongoDB Atlas secret engine mount\n path: mongodbatlas\n type: mongodbatlas\n config:\n type: vault:mongodbatlas:SecretBackend\n properties:\n mount: vault_mount.mongo.path\n privateKey: privateKey\n publicKey: publicKey\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nMongoDB Atlas secret backends can be imported using the `${mount}/config`, e.g.\n\n```sh\n $ pulumi import vault:mongodbatlas/secretBackend:SecretBackend config mongodbatlas/config\n```\n ", "properties": { "mount": { "type": "string", @@ -24907,7 +22136,7 @@ } }, "vault:mongodbatlas/secretRole:SecretRole": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst mongo = new vault.Mount(\"mongo\", {\n path: \"%s\",\n type: \"mongodbatlas\",\n description: \"MongoDB Atlas secret engine mount\",\n});\nconst config = new vault.mongodbatlas.SecretBackend(\"config\", {\n mount: \"vault_mount.mongo.path\",\n privateKey: \"privateKey\",\n publicKey: \"publicKey\",\n});\nconst role = new vault.mongodbatlas.SecretRole(\"role\", {\n mount: mongo.path,\n organizationId: \"7cf5a45a9ccf6400e60981b7\",\n projectId: \"5cf5a45a9ccf6400e60981b6\",\n roles: \"ORG_READ_ONLY\",\n ipAddresses: \"192.168.1.5, 192.168.1.6\",\n cidrBlocks: \"192.168.1.3/35\",\n projectRoles: \"GROUP_READ_ONLY\",\n ttl: \"60\",\n maxTtl: \"120\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nmongo = vault.Mount(\"mongo\",\n path=\"%s\",\n type=\"mongodbatlas\",\n description=\"MongoDB Atlas secret engine mount\")\nconfig = vault.mongodbatlas.SecretBackend(\"config\",\n mount=\"vault_mount.mongo.path\",\n private_key=\"privateKey\",\n public_key=\"publicKey\")\nrole = vault.mongodbatlas.SecretRole(\"role\",\n mount=mongo.path,\n organization_id=\"7cf5a45a9ccf6400e60981b7\",\n project_id=\"5cf5a45a9ccf6400e60981b6\",\n roles=\"ORG_READ_ONLY\",\n ip_addresses=\"192.168.1.5, 192.168.1.6\",\n cidr_blocks=\"192.168.1.3/35\",\n project_roles=\"GROUP_READ_ONLY\",\n ttl=\"60\",\n max_ttl=\"120\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var mongo = new Vault.Mount(\"mongo\", new()\n {\n Path = \"%s\",\n Type = \"mongodbatlas\",\n Description = \"MongoDB Atlas secret engine mount\",\n });\n\n var config = new Vault.MongoDBAtlas.SecretBackend(\"config\", new()\n {\n Mount = \"vault_mount.mongo.path\",\n PrivateKey = \"privateKey\",\n PublicKey = \"publicKey\",\n });\n\n var role = new Vault.MongoDBAtlas.SecretRole(\"role\", new()\n {\n Mount = mongo.Path,\n OrganizationId = \"7cf5a45a9ccf6400e60981b7\",\n ProjectId = \"5cf5a45a9ccf6400e60981b6\",\n Roles = \"ORG_READ_ONLY\",\n IpAddresses = \"192.168.1.5, 192.168.1.6\",\n CidrBlocks = \"192.168.1.3/35\",\n ProjectRoles = \"GROUP_READ_ONLY\",\n Ttl = \"60\",\n MaxTtl = \"120\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/mongodbatlas\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmongo, err := vault.NewMount(ctx, \"mongo\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"%s\"),\n\t\t\tType: pulumi.String(\"mongodbatlas\"),\n\t\t\tDescription: pulumi.String(\"MongoDB Atlas secret engine mount\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = mongodbatlas.NewSecretBackend(ctx, \"config\", \u0026mongodbatlas.SecretBackendArgs{\n\t\t\tMount: pulumi.String(\"vault_mount.mongo.path\"),\n\t\t\tPrivateKey: pulumi.String(\"privateKey\"),\n\t\t\tPublicKey: pulumi.String(\"publicKey\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = mongodbatlas.NewSecretRole(ctx, \"role\", \u0026mongodbatlas.SecretRoleArgs{\n\t\t\tMount: mongo.Path,\n\t\t\tOrganizationId: pulumi.String(\"7cf5a45a9ccf6400e60981b7\"),\n\t\t\tProjectId: pulumi.String(\"5cf5a45a9ccf6400e60981b6\"),\n\t\t\tRoles: pulumi.StringArray(\"ORG_READ_ONLY\"),\n\t\t\tIpAddresses: pulumi.StringArray(\"192.168.1.5, 192.168.1.6\"),\n\t\t\tCidrBlocks: pulumi.StringArray(\"192.168.1.3/35\"),\n\t\t\tProjectRoles: pulumi.StringArray(\"GROUP_READ_ONLY\"),\n\t\t\tTtl: pulumi.String(\"60\"),\n\t\t\tMaxTtl: pulumi.String(\"120\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.mongodbatlas.SecretBackend;\nimport com.pulumi.vault.mongodbatlas.SecretBackendArgs;\nimport com.pulumi.vault.mongodbatlas.SecretRole;\nimport com.pulumi.vault.mongodbatlas.SecretRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var mongo = new Mount(\"mongo\", MountArgs.builder() \n .path(\"%s\")\n .type(\"mongodbatlas\")\n .description(\"MongoDB Atlas secret engine mount\")\n .build());\n\n var config = new SecretBackend(\"config\", SecretBackendArgs.builder() \n .mount(\"vault_mount.mongo.path\")\n .privateKey(\"privateKey\")\n .publicKey(\"publicKey\")\n .build());\n\n var role = new SecretRole(\"role\", SecretRoleArgs.builder() \n .mount(mongo.path())\n .organizationId(\"7cf5a45a9ccf6400e60981b7\")\n .projectId(\"5cf5a45a9ccf6400e60981b6\")\n .roles(\"ORG_READ_ONLY\")\n .ipAddresses(\"192.168.1.5, 192.168.1.6\")\n .cidrBlocks(\"192.168.1.3/35\")\n .projectRoles(\"GROUP_READ_ONLY\")\n .ttl(\"60\")\n .maxTtl(\"120\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n mongo:\n type: vault:Mount\n properties:\n path: '%s'\n type: mongodbatlas\n description: MongoDB Atlas secret engine mount\n config:\n type: vault:mongodbatlas:SecretBackend\n properties:\n mount: vault_mount.mongo.path\n privateKey: privateKey\n publicKey: publicKey\n role:\n type: vault:mongodbatlas:SecretRole\n properties:\n mount: ${mongo.path}\n organizationId: 7cf5a45a9ccf6400e60981b7\n projectId: 5cf5a45a9ccf6400e60981b6\n roles: ORG_READ_ONLY\n ipAddresses: 192.168.1.5, 192.168.1.6\n cidrBlocks: 192.168.1.3/35\n projectRoles: GROUP_READ_ONLY\n ttl: 60\n maxTtl: 120\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nThe MongoDB Atlas secret role can be imported using the full path to the role of the form`\u003cmount_path\u003e/roles/\u003crole_name\u003e` e.g.\n\n```sh\n $ pulumi import vault:mongodbatlas/secretRole:SecretRole example mongodbatlas/roles/example-role\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst mongo = new vault.Mount(\"mongo\", {\n path: \"%s\",\n type: \"mongodbatlas\",\n description: \"MongoDB Atlas secret engine mount\",\n});\nconst config = new vault.mongodbatlas.SecretBackend(\"config\", {\n mount: \"vault_mount.mongo.path\",\n privateKey: \"privateKey\",\n publicKey: \"publicKey\",\n});\nconst role = new vault.mongodbatlas.SecretRole(\"role\", {\n mount: mongo.path,\n organizationId: \"7cf5a45a9ccf6400e60981b7\",\n projectId: \"5cf5a45a9ccf6400e60981b6\",\n roles: \"ORG_READ_ONLY\",\n ipAddresses: \"192.168.1.5, 192.168.1.6\",\n cidrBlocks: \"192.168.1.3/35\",\n projectRoles: \"GROUP_READ_ONLY\",\n ttl: \"60\",\n maxTtl: \"120\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nmongo = vault.Mount(\"mongo\",\n path=\"%s\",\n type=\"mongodbatlas\",\n description=\"MongoDB Atlas secret engine mount\")\nconfig = vault.mongodbatlas.SecretBackend(\"config\",\n mount=\"vault_mount.mongo.path\",\n private_key=\"privateKey\",\n public_key=\"publicKey\")\nrole = vault.mongodbatlas.SecretRole(\"role\",\n mount=mongo.path,\n organization_id=\"7cf5a45a9ccf6400e60981b7\",\n project_id=\"5cf5a45a9ccf6400e60981b6\",\n roles=\"ORG_READ_ONLY\",\n ip_addresses=\"192.168.1.5, 192.168.1.6\",\n cidr_blocks=\"192.168.1.3/35\",\n project_roles=\"GROUP_READ_ONLY\",\n ttl=\"60\",\n max_ttl=\"120\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var mongo = new Vault.Mount(\"mongo\", new()\n {\n Path = \"%s\",\n Type = \"mongodbatlas\",\n Description = \"MongoDB Atlas secret engine mount\",\n });\n\n var config = new Vault.MongoDBAtlas.SecretBackend(\"config\", new()\n {\n Mount = \"vault_mount.mongo.path\",\n PrivateKey = \"privateKey\",\n PublicKey = \"publicKey\",\n });\n\n var role = new Vault.MongoDBAtlas.SecretRole(\"role\", new()\n {\n Mount = mongo.Path,\n OrganizationId = \"7cf5a45a9ccf6400e60981b7\",\n ProjectId = \"5cf5a45a9ccf6400e60981b6\",\n Roles = \"ORG_READ_ONLY\",\n IpAddresses = \"192.168.1.5, 192.168.1.6\",\n CidrBlocks = \"192.168.1.3/35\",\n ProjectRoles = \"GROUP_READ_ONLY\",\n Ttl = \"60\",\n MaxTtl = \"120\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/mongodbatlas\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmongo, err := vault.NewMount(ctx, \"mongo\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"%s\"),\n\t\t\tType: pulumi.String(\"mongodbatlas\"),\n\t\t\tDescription: pulumi.String(\"MongoDB Atlas secret engine mount\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = mongodbatlas.NewSecretBackend(ctx, \"config\", \u0026mongodbatlas.SecretBackendArgs{\n\t\t\tMount: pulumi.String(\"vault_mount.mongo.path\"),\n\t\t\tPrivateKey: pulumi.String(\"privateKey\"),\n\t\t\tPublicKey: pulumi.String(\"publicKey\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = mongodbatlas.NewSecretRole(ctx, \"role\", \u0026mongodbatlas.SecretRoleArgs{\n\t\t\tMount: mongo.Path,\n\t\t\tOrganizationId: pulumi.String(\"7cf5a45a9ccf6400e60981b7\"),\n\t\t\tProjectId: pulumi.String(\"5cf5a45a9ccf6400e60981b6\"),\n\t\t\tRoles: pulumi.StringArray(\"ORG_READ_ONLY\"),\n\t\t\tIpAddresses: pulumi.StringArray(\"192.168.1.5, 192.168.1.6\"),\n\t\t\tCidrBlocks: pulumi.StringArray(\"192.168.1.3/35\"),\n\t\t\tProjectRoles: pulumi.StringArray(\"GROUP_READ_ONLY\"),\n\t\t\tTtl: pulumi.String(\"60\"),\n\t\t\tMaxTtl: pulumi.String(\"120\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.mongodbatlas.SecretBackend;\nimport com.pulumi.vault.mongodbatlas.SecretBackendArgs;\nimport com.pulumi.vault.mongodbatlas.SecretRole;\nimport com.pulumi.vault.mongodbatlas.SecretRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var mongo = new Mount(\"mongo\", MountArgs.builder() \n .path(\"%s\")\n .type(\"mongodbatlas\")\n .description(\"MongoDB Atlas secret engine mount\")\n .build());\n\n var config = new SecretBackend(\"config\", SecretBackendArgs.builder() \n .mount(\"vault_mount.mongo.path\")\n .privateKey(\"privateKey\")\n .publicKey(\"publicKey\")\n .build());\n\n var role = new SecretRole(\"role\", SecretRoleArgs.builder() \n .mount(mongo.path())\n .organizationId(\"7cf5a45a9ccf6400e60981b7\")\n .projectId(\"5cf5a45a9ccf6400e60981b6\")\n .roles(\"ORG_READ_ONLY\")\n .ipAddresses(\"192.168.1.5, 192.168.1.6\")\n .cidrBlocks(\"192.168.1.3/35\")\n .projectRoles(\"GROUP_READ_ONLY\")\n .ttl(\"60\")\n .maxTtl(\"120\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n mongo:\n type: vault:Mount\n properties:\n path: '%s'\n type: mongodbatlas\n description: MongoDB Atlas secret engine mount\n config:\n type: vault:mongodbatlas:SecretBackend\n properties:\n mount: vault_mount.mongo.path\n privateKey: privateKey\n publicKey: publicKey\n role:\n type: vault:mongodbatlas:SecretRole\n properties:\n mount: ${mongo.path}\n organizationId: 7cf5a45a9ccf6400e60981b7\n projectId: 5cf5a45a9ccf6400e60981b6\n roles: ORG_READ_ONLY\n ipAddresses: 192.168.1.5, 192.168.1.6\n cidrBlocks: 192.168.1.3/35\n projectRoles: GROUP_READ_ONLY\n ttl: '60'\n maxTtl: '120'\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nThe MongoDB Atlas secret role can be imported using the full path to the role of the form`\u003cmount_path\u003e/roles/\u003crole_name\u003e` e.g.\n\n```sh\n $ pulumi import vault:mongodbatlas/secretRole:SecretRole example mongodbatlas/roles/example-role\n```\n ", "properties": { "cidrBlocks": { "type": "array", @@ -25101,7 +22330,7 @@ } }, "vault:okta/authBackend:AuthBackend": { - "description": "Provides a resource for managing an\n[Okta auth backend within Vault](https://www.vaultproject.io/docs/auth/okta.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst example = new vault.okta.AuthBackend(\"example\", {\n description: \"Demonstration of the Terraform Okta auth backend\",\n groups: [{\n groupName: \"foo\",\n policies: [\n \"one\",\n \"two\",\n ],\n }],\n organization: \"example\",\n token: \"something that should be kept secret\",\n users: [{\n groups: [\"foo\"],\n username: \"bar\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample = vault.okta.AuthBackend(\"example\",\n description=\"Demonstration of the Terraform Okta auth backend\",\n groups=[vault.okta.AuthBackendGroupArgs(\n group_name=\"foo\",\n policies=[\n \"one\",\n \"two\",\n ],\n )],\n organization=\"example\",\n token=\"something that should be kept secret\",\n users=[vault.okta.AuthBackendUserArgs(\n groups=[\"foo\"],\n username=\"bar\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Vault.Okta.AuthBackend(\"example\", new()\n {\n Description = \"Demonstration of the Terraform Okta auth backend\",\n Groups = new[]\n {\n new Vault.Okta.Inputs.AuthBackendGroupArgs\n {\n GroupName = \"foo\",\n Policies = new[]\n {\n \"one\",\n \"two\",\n },\n },\n },\n Organization = \"example\",\n Token = \"something that should be kept secret\",\n Users = new[]\n {\n new Vault.Okta.Inputs.AuthBackendUserArgs\n {\n Groups = new[]\n {\n \"foo\",\n },\n Username = \"bar\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewAuthBackend(ctx, \"example\", \u0026okta.AuthBackendArgs{\n\t\t\tDescription: pulumi.String(\"Demonstration of the Terraform Okta auth backend\"),\n\t\t\tGroups: okta.AuthBackendGroupTypeArray{\n\t\t\t\t\u0026okta.AuthBackendGroupTypeArgs{\n\t\t\t\t\tGroupName: pulumi.String(\"foo\"),\n\t\t\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"one\"),\n\t\t\t\t\t\tpulumi.String(\"two\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tOrganization: pulumi.String(\"example\"),\n\t\t\tToken: pulumi.String(\"something that should be kept secret\"),\n\t\t\tUsers: okta.AuthBackendUserTypeArray{\n\t\t\t\t\u0026okta.AuthBackendUserTypeArgs{\n\t\t\t\t\tGroups: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"foo\"),\n\t\t\t\t\t},\n\t\t\t\t\tUsername: pulumi.String(\"bar\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.okta.AuthBackend;\nimport com.pulumi.vault.okta.AuthBackendArgs;\nimport com.pulumi.vault.okta.inputs.AuthBackendGroupArgs;\nimport com.pulumi.vault.okta.inputs.AuthBackendUserArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AuthBackend(\"example\", AuthBackendArgs.builder() \n .description(\"Demonstration of the Terraform Okta auth backend\")\n .groups(AuthBackendGroupArgs.builder()\n .groupName(\"foo\")\n .policies( \n \"one\",\n \"two\")\n .build())\n .organization(\"example\")\n .token(\"something that should be kept secret\")\n .users(AuthBackendUserArgs.builder()\n .groups(\"foo\")\n .username(\"bar\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: vault:okta:AuthBackend\n properties:\n description: Demonstration of the Terraform Okta auth backend\n groups:\n - groupName: foo\n policies:\n - one\n - two\n organization: example\n token: something that should be kept secret\n users:\n - groups:\n - foo\n username: bar\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nOkta authentication backends can be imported using its `path`, e.g.\n\n```sh\n $ pulumi import vault:okta/authBackend:AuthBackend example okta\n```\n\n ", + "description": "Provides a resource for managing an\n[Okta auth backend within Vault](https://www.vaultproject.io/docs/auth/okta.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst example = new vault.okta.AuthBackend(\"example\", {\n description: \"Demonstration of the Terraform Okta auth backend\",\n groups: [{\n groupName: \"foo\",\n policies: [\n \"one\",\n \"two\",\n ],\n }],\n organization: \"example\",\n token: \"something that should be kept secret\",\n users: [{\n groups: [\"foo\"],\n username: \"bar\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample = vault.okta.AuthBackend(\"example\",\n description=\"Demonstration of the Terraform Okta auth backend\",\n groups=[vault.okta.AuthBackendGroupArgs(\n group_name=\"foo\",\n policies=[\n \"one\",\n \"two\",\n ],\n )],\n organization=\"example\",\n token=\"something that should be kept secret\",\n users=[vault.okta.AuthBackendUserArgs(\n groups=[\"foo\"],\n username=\"bar\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Vault.Okta.AuthBackend(\"example\", new()\n {\n Description = \"Demonstration of the Terraform Okta auth backend\",\n Groups = new[]\n {\n new Vault.Okta.Inputs.AuthBackendGroupArgs\n {\n GroupName = \"foo\",\n Policies = new[]\n {\n \"one\",\n \"two\",\n },\n },\n },\n Organization = \"example\",\n Token = \"something that should be kept secret\",\n Users = new[]\n {\n new Vault.Okta.Inputs.AuthBackendUserArgs\n {\n Groups = new[]\n {\n \"foo\",\n },\n Username = \"bar\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := okta.NewAuthBackend(ctx, \"example\", \u0026okta.AuthBackendArgs{\n\t\t\tDescription: pulumi.String(\"Demonstration of the Terraform Okta auth backend\"),\n\t\t\tGroups: okta.AuthBackendGroupTypeArray{\n\t\t\t\t\u0026okta.AuthBackendGroupTypeArgs{\n\t\t\t\t\tGroupName: pulumi.String(\"foo\"),\n\t\t\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"one\"),\n\t\t\t\t\t\tpulumi.String(\"two\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tOrganization: pulumi.String(\"example\"),\n\t\t\tToken: pulumi.String(\"something that should be kept secret\"),\n\t\t\tUsers: okta.AuthBackendUserTypeArray{\n\t\t\t\t\u0026okta.AuthBackendUserTypeArgs{\n\t\t\t\t\tGroups: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"foo\"),\n\t\t\t\t\t},\n\t\t\t\t\tUsername: pulumi.String(\"bar\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.okta.AuthBackend;\nimport com.pulumi.vault.okta.AuthBackendArgs;\nimport com.pulumi.vault.okta.inputs.AuthBackendGroupArgs;\nimport com.pulumi.vault.okta.inputs.AuthBackendUserArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AuthBackend(\"example\", AuthBackendArgs.builder() \n .description(\"Demonstration of the Terraform Okta auth backend\")\n .groups(AuthBackendGroupArgs.builder()\n .groupName(\"foo\")\n .policies( \n \"one\",\n \"two\")\n .build())\n .organization(\"example\")\n .token(\"something that should be kept secret\")\n .users(AuthBackendUserArgs.builder()\n .groups(\"foo\")\n .username(\"bar\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: vault:okta:AuthBackend\n properties:\n description: Demonstration of the Terraform Okta auth backend\n groups:\n - groupName: foo\n policies:\n - one\n - two\n organization: example\n token: something that should be kept secret\n users:\n - groups:\n - foo\n username: bar\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nOkta authentication backends can be imported using its `path`, e.g.\n\n```sh\n $ pulumi import vault:okta/authBackend:AuthBackend example okta\n```\n ", "properties": { "accessor": { "type": "string", @@ -25298,7 +22527,7 @@ } }, "vault:okta/authBackendGroup:AuthBackendGroup": { - "description": "Provides a resource to create a group in an\n[Okta auth backend within Vault](https://www.vaultproject.io/docs/auth/okta.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst example = new vault.okta.AuthBackend(\"example\", {\n path: \"group_okta\",\n organization: \"dummy\",\n});\nconst foo = new vault.okta.AuthBackendGroup(\"foo\", {\n path: example.path,\n groupName: \"foo\",\n policies: [\n \"one\",\n \"two\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample = vault.okta.AuthBackend(\"example\",\n path=\"group_okta\",\n organization=\"dummy\")\nfoo = vault.okta.AuthBackendGroup(\"foo\",\n path=example.path,\n group_name=\"foo\",\n policies=[\n \"one\",\n \"two\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Vault.Okta.AuthBackend(\"example\", new()\n {\n Path = \"group_okta\",\n Organization = \"dummy\",\n });\n\n var foo = new Vault.Okta.AuthBackendGroup(\"foo\", new()\n {\n Path = example.Path,\n GroupName = \"foo\",\n Policies = new[]\n {\n \"one\",\n \"two\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := okta.NewAuthBackend(ctx, \"example\", \u0026okta.AuthBackendArgs{\n\t\t\tPath: pulumi.String(\"group_okta\"),\n\t\t\tOrganization: pulumi.String(\"dummy\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = okta.NewAuthBackendGroup(ctx, \"foo\", \u0026okta.AuthBackendGroupArgs{\n\t\t\tPath: example.Path,\n\t\t\tGroupName: pulumi.String(\"foo\"),\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"one\"),\n\t\t\t\tpulumi.String(\"two\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.okta.AuthBackend;\nimport com.pulumi.vault.okta.AuthBackendArgs;\nimport com.pulumi.vault.okta.AuthBackendGroup;\nimport com.pulumi.vault.okta.AuthBackendGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AuthBackend(\"example\", AuthBackendArgs.builder() \n .path(\"group_okta\")\n .organization(\"dummy\")\n .build());\n\n var foo = new AuthBackendGroup(\"foo\", AuthBackendGroupArgs.builder() \n .path(example.path())\n .groupName(\"foo\")\n .policies( \n \"one\",\n \"two\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: vault:okta:AuthBackend\n properties:\n path: group_okta\n organization: dummy\n foo:\n type: vault:okta:AuthBackendGroup\n properties:\n path: ${example.path}\n groupName: foo\n policies:\n - one\n - two\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nOkta authentication backend groups can be imported using the format `backend/groupName` e.g.\n\n```sh\n $ pulumi import vault:okta/authBackendGroup:AuthBackendGroup foo okta/foo\n```\n\n ", + "description": "Provides a resource to create a group in an\n[Okta auth backend within Vault](https://www.vaultproject.io/docs/auth/okta.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst example = new vault.okta.AuthBackend(\"example\", {\n path: \"group_okta\",\n organization: \"dummy\",\n});\nconst foo = new vault.okta.AuthBackendGroup(\"foo\", {\n path: example.path,\n groupName: \"foo\",\n policies: [\n \"one\",\n \"two\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample = vault.okta.AuthBackend(\"example\",\n path=\"group_okta\",\n organization=\"dummy\")\nfoo = vault.okta.AuthBackendGroup(\"foo\",\n path=example.path,\n group_name=\"foo\",\n policies=[\n \"one\",\n \"two\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Vault.Okta.AuthBackend(\"example\", new()\n {\n Path = \"group_okta\",\n Organization = \"dummy\",\n });\n\n var foo = new Vault.Okta.AuthBackendGroup(\"foo\", new()\n {\n Path = example.Path,\n GroupName = \"foo\",\n Policies = new[]\n {\n \"one\",\n \"two\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := okta.NewAuthBackend(ctx, \"example\", \u0026okta.AuthBackendArgs{\n\t\t\tPath: pulumi.String(\"group_okta\"),\n\t\t\tOrganization: pulumi.String(\"dummy\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = okta.NewAuthBackendGroup(ctx, \"foo\", \u0026okta.AuthBackendGroupArgs{\n\t\t\tPath: example.Path,\n\t\t\tGroupName: pulumi.String(\"foo\"),\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"one\"),\n\t\t\t\tpulumi.String(\"two\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.okta.AuthBackend;\nimport com.pulumi.vault.okta.AuthBackendArgs;\nimport com.pulumi.vault.okta.AuthBackendGroup;\nimport com.pulumi.vault.okta.AuthBackendGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AuthBackend(\"example\", AuthBackendArgs.builder() \n .path(\"group_okta\")\n .organization(\"dummy\")\n .build());\n\n var foo = new AuthBackendGroup(\"foo\", AuthBackendGroupArgs.builder() \n .path(example.path())\n .groupName(\"foo\")\n .policies( \n \"one\",\n \"two\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: vault:okta:AuthBackend\n properties:\n path: group_okta\n organization: dummy\n foo:\n type: vault:okta:AuthBackendGroup\n properties:\n path: ${example.path}\n groupName: foo\n policies:\n - one\n - two\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nOkta authentication backend groups can be imported using the format `backend/groupName` e.g.\n\n```sh\n $ pulumi import vault:okta/authBackendGroup:AuthBackendGroup foo okta/foo\n```\n ", "properties": { "groupName": { "type": "string", @@ -25382,7 +22611,7 @@ } }, "vault:okta/authBackendUser:AuthBackendUser": { - "description": "Provides a resource to create a user in an\n[Okta auth backend within Vault](https://www.vaultproject.io/docs/auth/okta.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst example = new vault.okta.AuthBackend(\"example\", {\n path: \"user_okta\",\n organization: \"dummy\",\n});\nconst foo = new vault.okta.AuthBackendUser(\"foo\", {\n path: example.path,\n username: \"foo\",\n groups: [\n \"one\",\n \"two\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample = vault.okta.AuthBackend(\"example\",\n path=\"user_okta\",\n organization=\"dummy\")\nfoo = vault.okta.AuthBackendUser(\"foo\",\n path=example.path,\n username=\"foo\",\n groups=[\n \"one\",\n \"two\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Vault.Okta.AuthBackend(\"example\", new()\n {\n Path = \"user_okta\",\n Organization = \"dummy\",\n });\n\n var foo = new Vault.Okta.AuthBackendUser(\"foo\", new()\n {\n Path = example.Path,\n Username = \"foo\",\n Groups = new[]\n {\n \"one\",\n \"two\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := okta.NewAuthBackend(ctx, \"example\", \u0026okta.AuthBackendArgs{\n\t\t\tPath: pulumi.String(\"user_okta\"),\n\t\t\tOrganization: pulumi.String(\"dummy\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = okta.NewAuthBackendUser(ctx, \"foo\", \u0026okta.AuthBackendUserArgs{\n\t\t\tPath: example.Path,\n\t\t\tUsername: pulumi.String(\"foo\"),\n\t\t\tGroups: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"one\"),\n\t\t\t\tpulumi.String(\"two\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.okta.AuthBackend;\nimport com.pulumi.vault.okta.AuthBackendArgs;\nimport com.pulumi.vault.okta.AuthBackendUser;\nimport com.pulumi.vault.okta.AuthBackendUserArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AuthBackend(\"example\", AuthBackendArgs.builder() \n .path(\"user_okta\")\n .organization(\"dummy\")\n .build());\n\n var foo = new AuthBackendUser(\"foo\", AuthBackendUserArgs.builder() \n .path(example.path())\n .username(\"foo\")\n .groups( \n \"one\",\n \"two\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: vault:okta:AuthBackend\n properties:\n path: user_okta\n organization: dummy\n foo:\n type: vault:okta:AuthBackendUser\n properties:\n path: ${example.path}\n username: foo\n groups:\n - one\n - two\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nOkta authentication backend users can be imported using its `path/user` ID format, e.g.\n\n```sh\n $ pulumi import vault:okta/authBackendUser:AuthBackendUser example okta/foo\n```\n\n ", + "description": "Provides a resource to create a user in an\n[Okta auth backend within Vault](https://www.vaultproject.io/docs/auth/okta.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst example = new vault.okta.AuthBackend(\"example\", {\n path: \"user_okta\",\n organization: \"dummy\",\n});\nconst foo = new vault.okta.AuthBackendUser(\"foo\", {\n path: example.path,\n username: \"foo\",\n groups: [\n \"one\",\n \"two\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample = vault.okta.AuthBackend(\"example\",\n path=\"user_okta\",\n organization=\"dummy\")\nfoo = vault.okta.AuthBackendUser(\"foo\",\n path=example.path,\n username=\"foo\",\n groups=[\n \"one\",\n \"two\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Vault.Okta.AuthBackend(\"example\", new()\n {\n Path = \"user_okta\",\n Organization = \"dummy\",\n });\n\n var foo = new Vault.Okta.AuthBackendUser(\"foo\", new()\n {\n Path = example.Path,\n Username = \"foo\",\n Groups = new[]\n {\n \"one\",\n \"two\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/okta\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := okta.NewAuthBackend(ctx, \"example\", \u0026okta.AuthBackendArgs{\n\t\t\tPath: pulumi.String(\"user_okta\"),\n\t\t\tOrganization: pulumi.String(\"dummy\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = okta.NewAuthBackendUser(ctx, \"foo\", \u0026okta.AuthBackendUserArgs{\n\t\t\tPath: example.Path,\n\t\t\tUsername: pulumi.String(\"foo\"),\n\t\t\tGroups: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"one\"),\n\t\t\t\tpulumi.String(\"two\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.okta.AuthBackend;\nimport com.pulumi.vault.okta.AuthBackendArgs;\nimport com.pulumi.vault.okta.AuthBackendUser;\nimport com.pulumi.vault.okta.AuthBackendUserArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AuthBackend(\"example\", AuthBackendArgs.builder() \n .path(\"user_okta\")\n .organization(\"dummy\")\n .build());\n\n var foo = new AuthBackendUser(\"foo\", AuthBackendUserArgs.builder() \n .path(example.path())\n .username(\"foo\")\n .groups( \n \"one\",\n \"two\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: vault:okta:AuthBackend\n properties:\n path: user_okta\n organization: dummy\n foo:\n type: vault:okta:AuthBackendUser\n properties:\n path: ${example.path}\n username: foo\n groups:\n - one\n - two\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nOkta authentication backend users can be imported using its `path/user` ID format, e.g.\n\n```sh\n $ pulumi import vault:okta/authBackendUser:AuthBackendUser example okta/foo\n```\n ", "properties": { "groups": { "type": "array", @@ -25487,7 +22716,7 @@ } }, "vault:pkiSecret/secretBackendCert:SecretBackendCert": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst app = new vault.pkisecret.SecretBackendCert(\"app\", {\n backend: vault_mount.intermediate.path,\n commonName: \"app.my.domain\",\n}, {\n dependsOn: [vault_pki_secret_backend_role.admin],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\napp = vault.pki_secret.SecretBackendCert(\"app\",\n backend=vault_mount[\"intermediate\"][\"path\"],\n common_name=\"app.my.domain\",\n opts=pulumi.ResourceOptions(depends_on=[vault_pki_secret_backend_role[\"admin\"]]))\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var app = new Vault.PkiSecret.SecretBackendCert(\"app\", new()\n {\n Backend = vault_mount.Intermediate.Path,\n CommonName = \"app.my.domain\",\n }, new CustomResourceOptions\n {\n DependsOn = new[]\n {\n vault_pki_secret_backend_role.Admin,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/pkiSecret\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := pkiSecret.NewSecretBackendCert(ctx, \"app\", \u0026pkiSecret.SecretBackendCertArgs{\n\t\t\tBackend: pulumi.Any(vault_mount.Intermediate.Path),\n\t\t\tCommonName: pulumi.String(\"app.my.domain\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tvault_pki_secret_backend_role.Admin,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.pkiSecret.SecretBackendCert;\nimport com.pulumi.vault.pkiSecret.SecretBackendCertArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var app = new SecretBackendCert(\"app\", SecretBackendCertArgs.builder() \n .backend(vault_mount.intermediate().path())\n .commonName(\"app.my.domain\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(vault_pki_secret_backend_role.admin())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n app:\n type: vault:pkiSecret:SecretBackendCert\n properties:\n backend: ${vault_mount.intermediate.path}\n commonName: app.my.domain\n options:\n dependson:\n - ${vault_pki_secret_backend_role.admin}\n```\n{{% /example %}}\n{{% /examples %}}", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst app = new vault.pkisecret.SecretBackendCert(\"app\", {\n backend: vault_mount.intermediate.path,\n commonName: \"app.my.domain\",\n}, {\n dependsOn: [vault_pki_secret_backend_role.admin],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\napp = vault.pki_secret.SecretBackendCert(\"app\",\n backend=vault_mount[\"intermediate\"][\"path\"],\n common_name=\"app.my.domain\",\n opts=pulumi.ResourceOptions(depends_on=[vault_pki_secret_backend_role[\"admin\"]]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var app = new Vault.PkiSecret.SecretBackendCert(\"app\", new()\n {\n Backend = vault_mount.Intermediate.Path,\n CommonName = \"app.my.domain\",\n }, new CustomResourceOptions\n {\n DependsOn = new[]\n {\n vault_pki_secret_backend_role.Admin,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/pkiSecret\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := pkiSecret.NewSecretBackendCert(ctx, \"app\", \u0026pkiSecret.SecretBackendCertArgs{\n\t\t\tBackend: pulumi.Any(vault_mount.Intermediate.Path),\n\t\t\tCommonName: pulumi.String(\"app.my.domain\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tvault_pki_secret_backend_role.Admin,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.pkiSecret.SecretBackendCert;\nimport com.pulumi.vault.pkiSecret.SecretBackendCertArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var app = new SecretBackendCert(\"app\", SecretBackendCertArgs.builder() \n .backend(vault_mount.intermediate().path())\n .commonName(\"app.my.domain\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(vault_pki_secret_backend_role.admin())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n app:\n type: vault:pkiSecret:SecretBackendCert\n properties:\n backend: ${vault_mount.intermediate.path}\n commonName: app.my.domain\n options:\n dependson:\n - ${vault_pki_secret_backend_role.admin}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "altNames": { "type": "array", @@ -25856,7 +23085,7 @@ } }, "vault:pkiSecret/secretBackendConfigCa:SecretBackendConfigCa": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst intermediate = new vault.pkisecret.SecretBackendConfigCa(\"intermediate\", {\n backend: vault_mount.intermediate.path,\n pemBundle: `-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAwvEHeJCXnFgi88rE1dTX6FHdBPK0wSjedh0ywVnCZxLWbBv/\n5PytjTcCPdrfW7g2sfbPwOge/WF3X2KeYSP8SxZA0czmz6QDspeG921JkZWtyp5o\n++N0leLTIUAhq339p3O1onAOUO1k4sHfmCwfrDpTn2hcx4URa5Pzzb1fHigusjIH\n1mcGdncaA6Z2CzO1w4E8kPOUukIDrcZT4faOZrWUIQZKQw2JzTyKJ+ZMDCZq2TFz\nWwpL3eG48wB7J7mibFQ/9nFvxpIflBjDAZ8QiqkwYr5N0DNsTxcfTCSeubfJDCUf\nIWwFZhLitzwOxazazUQKXX/SPMQ1l/L9o3nnHwIDAQABAoIBAAQidJQcDPsl62fc\nTxxx7TpiMhvewfKu2TkMGX18V+EzxxR364+BxHSQTB3fvIkHeTGBGJrw0WdyX8PI\nJa/NwZYeHLXWcLbKtcFd8WDiEoNh91Oq1HMzOc/MBcpYv94RSAX7MEkHs2YIAvHE\nRufFV86hVhC1d/JLYjkz5CHi+Fd9XTYjBK78tHhJd4IJPu5LYvwlmzC1zeS7s1Tg\nQW1FQuVDV8tWa4PMTrQHwfaGqn95AKc+tbg+ubpCiWl5bBNI3Ghuh4sAC9dMdAkd\nw27i29O9/Y3XJSSGUZlZqDBP4YU388RgHpzLDUxgRcaQt9vdeEz6frULPW67e9D2\nmPPDzjECgYEA4aPOwvnSwGoOKsS6vANGy4Ajsq09PR+1ltMJUR5kDlXGuZWI72eX\n3/GAnovDuCp0tbYt0r7Fmkfel0Ore7SYM18TH5QGpPddcZLvKUf7AchCIOYY0Te3\npS9+7S1lEGrLXyuox4N26Ov6wHVrmZTcQoZsDWbjYxNNsNACsiQNjGMCgYEA3SvQ\nJets9e9SgNVvao2TijX+/vcNKRfcWB71T9Xc4BuSNEu5+ZLtptlwaSnVCVu1Xilk\nsWDh+3EhByl4EteENPvE/7A2s1sfcDOprvg0r52aBZKeTp0AukrT8+Ad4hap7g1x\n2Lz11MFDkhRqt2KqQaIL+5Mq5WfptbBJ0YI7ARUCgYAD6iSfK1hlsDFYupsGwgPL\nagi0g97pHZC38idaOe3AdeqBs79xb9mpr/XsSj52Bn6J3IRFALxK5e5Nr4XdGo/9\nbCvXw2iuGgCMBOGTVMVdDY1gJr3Ne2r7Oay5Dq2PMFsg5pACDhzVA6sRBbh9LKD5\non1jaiKNyHrzk1hIoOl/QwKBgA+Ov2uLbfS2yvTpDpdOMiyss603r6NOXF+Ofe8J\nuinBhr1K/mAB59muveuH18Z6vv1KqByaFgtb39jjH+Eja9dWRns95/sh08pOuAbo\nyrv3uBfgQmaBQMXZ8aLcBv4aXgWyyGlYkWpP1fL2oLMZq6RGQ9WEeqX8c0ImjmrA\nYGopAoGBAJZPFlZi2Rfq4MfFZp/X1/zM09hphZwkxkSI+RnsjDUjTgB8CuQul5ep\nKWE98yLw4C25Cqw5fKKQ2addizLnZCAIfJKVNRjYLWlWyGQydDEUzqwXlSLS9LVX\nLxLkWDajIyjeFn21Ttb42L9pBo3TAQIxUenom/lP2SQTvCKBiPai\n-----END RSA PRIVATE KEY-----\n-----BEGIN CERTIFICATE-----\nMIIDazCCAlOgAwIBAgIUahce2sCO7Bom/Rznd5HsNAlr1NgwDQYJKoZIhvcNAQEL\nBQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM\nGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0xODEyMDIwMTAxNDRaFw00NjEy\nMTUwMTAxNDRaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw\nHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB\nAQUAA4IBDwAwggEKAoIBAQDC8Qd4kJecWCLzysTV1NfoUd0E8rTBKN52HTLBWcJn\nEtZsG//k/K2NNwI92t9buDax9s/A6B79YXdfYp5hI/xLFkDRzObPpAOyl4b3bUmR\nla3Knmj743SV4tMhQCGrff2nc7WicA5Q7WTiwd+YLB+sOlOfaFzHhRFrk/PNvV8e\nKC6yMgfWZwZ2dxoDpnYLM7XDgTyQ85S6QgOtxlPh9o5mtZQhBkpDDYnNPIon5kwM\nJmrZMXNbCkvd4bjzAHsnuaJsVD/2cW/Gkh+UGMMBnxCKqTBivk3QM2xPFx9MJJ65\nt8kMJR8hbAVmEuK3PA7FrNrNRApdf9I8xDWX8v2jeecfAgMBAAGjUzBRMB0GA1Ud\nDgQWBBQXGfrns8OqxTGKsXG5pDZS/WyyYDAfBgNVHSMEGDAWgBQXGfrns8OqxTGK\nsXG5pDZS/WyyYDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCt\n8aUX26cl2PgdIEByZSHAX5G+2b0IEtTclPkl4uDyyKRY4dVq6gK3ueVSU5eUmBip\nJbV5aRetovGOcV//8vbxkZm/ntQ8Oo+2sfGR5lIzd0UdlOr5pkD6g3bFy/zJ+4DR\nDAe8fklUacfz6CFmD+H8GyHm+fKmF+mjr4oOGQW6OegRDJHuiipUk2lJyuXdlPSa\nFpNRO2sGbjn000ANinFgnFiVzGDnx0/G1Kii/6GWrI6rrdVmXioQzF+8AloWckeB\n+hbmbwkwQa/JrLb5SWcBDOXSgtn1Li3XF5AQQBBjA3pOlyBXqnI94Irw89Lv9uPT\nMUR4qFxeUOW/GJGccMUd\n-----END CERTIFICATE-----\n`,\n}, {\n dependsOn: [vault_mount.intermediate],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nintermediate = vault.pki_secret.SecretBackendConfigCa(\"intermediate\",\n backend=vault_mount[\"intermediate\"][\"path\"],\n pem_bundle=\"\"\"-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAwvEHeJCXnFgi88rE1dTX6FHdBPK0wSjedh0ywVnCZxLWbBv/\n5PytjTcCPdrfW7g2sfbPwOge/WF3X2KeYSP8SxZA0czmz6QDspeG921JkZWtyp5o\n++N0leLTIUAhq339p3O1onAOUO1k4sHfmCwfrDpTn2hcx4URa5Pzzb1fHigusjIH\n1mcGdncaA6Z2CzO1w4E8kPOUukIDrcZT4faOZrWUIQZKQw2JzTyKJ+ZMDCZq2TFz\nWwpL3eG48wB7J7mibFQ/9nFvxpIflBjDAZ8QiqkwYr5N0DNsTxcfTCSeubfJDCUf\nIWwFZhLitzwOxazazUQKXX/SPMQ1l/L9o3nnHwIDAQABAoIBAAQidJQcDPsl62fc\nTxxx7TpiMhvewfKu2TkMGX18V+EzxxR364+BxHSQTB3fvIkHeTGBGJrw0WdyX8PI\nJa/NwZYeHLXWcLbKtcFd8WDiEoNh91Oq1HMzOc/MBcpYv94RSAX7MEkHs2YIAvHE\nRufFV86hVhC1d/JLYjkz5CHi+Fd9XTYjBK78tHhJd4IJPu5LYvwlmzC1zeS7s1Tg\nQW1FQuVDV8tWa4PMTrQHwfaGqn95AKc+tbg+ubpCiWl5bBNI3Ghuh4sAC9dMdAkd\nw27i29O9/Y3XJSSGUZlZqDBP4YU388RgHpzLDUxgRcaQt9vdeEz6frULPW67e9D2\nmPPDzjECgYEA4aPOwvnSwGoOKsS6vANGy4Ajsq09PR+1ltMJUR5kDlXGuZWI72eX\n3/GAnovDuCp0tbYt0r7Fmkfel0Ore7SYM18TH5QGpPddcZLvKUf7AchCIOYY0Te3\npS9+7S1lEGrLXyuox4N26Ov6wHVrmZTcQoZsDWbjYxNNsNACsiQNjGMCgYEA3SvQ\nJets9e9SgNVvao2TijX+/vcNKRfcWB71T9Xc4BuSNEu5+ZLtptlwaSnVCVu1Xilk\nsWDh+3EhByl4EteENPvE/7A2s1sfcDOprvg0r52aBZKeTp0AukrT8+Ad4hap7g1x\n2Lz11MFDkhRqt2KqQaIL+5Mq5WfptbBJ0YI7ARUCgYAD6iSfK1hlsDFYupsGwgPL\nagi0g97pHZC38idaOe3AdeqBs79xb9mpr/XsSj52Bn6J3IRFALxK5e5Nr4XdGo/9\nbCvXw2iuGgCMBOGTVMVdDY1gJr3Ne2r7Oay5Dq2PMFsg5pACDhzVA6sRBbh9LKD5\non1jaiKNyHrzk1hIoOl/QwKBgA+Ov2uLbfS2yvTpDpdOMiyss603r6NOXF+Ofe8J\nuinBhr1K/mAB59muveuH18Z6vv1KqByaFgtb39jjH+Eja9dWRns95/sh08pOuAbo\nyrv3uBfgQmaBQMXZ8aLcBv4aXgWyyGlYkWpP1fL2oLMZq6RGQ9WEeqX8c0ImjmrA\nYGopAoGBAJZPFlZi2Rfq4MfFZp/X1/zM09hphZwkxkSI+RnsjDUjTgB8CuQul5ep\nKWE98yLw4C25Cqw5fKKQ2addizLnZCAIfJKVNRjYLWlWyGQydDEUzqwXlSLS9LVX\nLxLkWDajIyjeFn21Ttb42L9pBo3TAQIxUenom/lP2SQTvCKBiPai\n-----END RSA PRIVATE KEY-----\n-----BEGIN CERTIFICATE-----\nMIIDazCCAlOgAwIBAgIUahce2sCO7Bom/Rznd5HsNAlr1NgwDQYJKoZIhvcNAQEL\nBQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM\nGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0xODEyMDIwMTAxNDRaFw00NjEy\nMTUwMTAxNDRaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw\nHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB\nAQUAA4IBDwAwggEKAoIBAQDC8Qd4kJecWCLzysTV1NfoUd0E8rTBKN52HTLBWcJn\nEtZsG//k/K2NNwI92t9buDax9s/A6B79YXdfYp5hI/xLFkDRzObPpAOyl4b3bUmR\nla3Knmj743SV4tMhQCGrff2nc7WicA5Q7WTiwd+YLB+sOlOfaFzHhRFrk/PNvV8e\nKC6yMgfWZwZ2dxoDpnYLM7XDgTyQ85S6QgOtxlPh9o5mtZQhBkpDDYnNPIon5kwM\nJmrZMXNbCkvd4bjzAHsnuaJsVD/2cW/Gkh+UGMMBnxCKqTBivk3QM2xPFx9MJJ65\nt8kMJR8hbAVmEuK3PA7FrNrNRApdf9I8xDWX8v2jeecfAgMBAAGjUzBRMB0GA1Ud\nDgQWBBQXGfrns8OqxTGKsXG5pDZS/WyyYDAfBgNVHSMEGDAWgBQXGfrns8OqxTGK\nsXG5pDZS/WyyYDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCt\n8aUX26cl2PgdIEByZSHAX5G+2b0IEtTclPkl4uDyyKRY4dVq6gK3ueVSU5eUmBip\nJbV5aRetovGOcV//8vbxkZm/ntQ8Oo+2sfGR5lIzd0UdlOr5pkD6g3bFy/zJ+4DR\nDAe8fklUacfz6CFmD+H8GyHm+fKmF+mjr4oOGQW6OegRDJHuiipUk2lJyuXdlPSa\nFpNRO2sGbjn000ANinFgnFiVzGDnx0/G1Kii/6GWrI6rrdVmXioQzF+8AloWckeB\n+hbmbwkwQa/JrLb5SWcBDOXSgtn1Li3XF5AQQBBjA3pOlyBXqnI94Irw89Lv9uPT\nMUR4qFxeUOW/GJGccMUd\n-----END CERTIFICATE-----\n\"\"\",\n opts=pulumi.ResourceOptions(depends_on=[vault_mount[\"intermediate\"]]))\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var intermediate = new Vault.PkiSecret.SecretBackendConfigCa(\"intermediate\", new()\n {\n Backend = vault_mount.Intermediate.Path,\n PemBundle = @\"-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAwvEHeJCXnFgi88rE1dTX6FHdBPK0wSjedh0ywVnCZxLWbBv/\n5PytjTcCPdrfW7g2sfbPwOge/WF3X2KeYSP8SxZA0czmz6QDspeG921JkZWtyp5o\n++N0leLTIUAhq339p3O1onAOUO1k4sHfmCwfrDpTn2hcx4URa5Pzzb1fHigusjIH\n1mcGdncaA6Z2CzO1w4E8kPOUukIDrcZT4faOZrWUIQZKQw2JzTyKJ+ZMDCZq2TFz\nWwpL3eG48wB7J7mibFQ/9nFvxpIflBjDAZ8QiqkwYr5N0DNsTxcfTCSeubfJDCUf\nIWwFZhLitzwOxazazUQKXX/SPMQ1l/L9o3nnHwIDAQABAoIBAAQidJQcDPsl62fc\nTxxx7TpiMhvewfKu2TkMGX18V+EzxxR364+BxHSQTB3fvIkHeTGBGJrw0WdyX8PI\nJa/NwZYeHLXWcLbKtcFd8WDiEoNh91Oq1HMzOc/MBcpYv94RSAX7MEkHs2YIAvHE\nRufFV86hVhC1d/JLYjkz5CHi+Fd9XTYjBK78tHhJd4IJPu5LYvwlmzC1zeS7s1Tg\nQW1FQuVDV8tWa4PMTrQHwfaGqn95AKc+tbg+ubpCiWl5bBNI3Ghuh4sAC9dMdAkd\nw27i29O9/Y3XJSSGUZlZqDBP4YU388RgHpzLDUxgRcaQt9vdeEz6frULPW67e9D2\nmPPDzjECgYEA4aPOwvnSwGoOKsS6vANGy4Ajsq09PR+1ltMJUR5kDlXGuZWI72eX\n3/GAnovDuCp0tbYt0r7Fmkfel0Ore7SYM18TH5QGpPddcZLvKUf7AchCIOYY0Te3\npS9+7S1lEGrLXyuox4N26Ov6wHVrmZTcQoZsDWbjYxNNsNACsiQNjGMCgYEA3SvQ\nJets9e9SgNVvao2TijX+/vcNKRfcWB71T9Xc4BuSNEu5+ZLtptlwaSnVCVu1Xilk\nsWDh+3EhByl4EteENPvE/7A2s1sfcDOprvg0r52aBZKeTp0AukrT8+Ad4hap7g1x\n2Lz11MFDkhRqt2KqQaIL+5Mq5WfptbBJ0YI7ARUCgYAD6iSfK1hlsDFYupsGwgPL\nagi0g97pHZC38idaOe3AdeqBs79xb9mpr/XsSj52Bn6J3IRFALxK5e5Nr4XdGo/9\nbCvXw2iuGgCMBOGTVMVdDY1gJr3Ne2r7Oay5Dq2PMFsg5pACDhzVA6sRBbh9LKD5\non1jaiKNyHrzk1hIoOl/QwKBgA+Ov2uLbfS2yvTpDpdOMiyss603r6NOXF+Ofe8J\nuinBhr1K/mAB59muveuH18Z6vv1KqByaFgtb39jjH+Eja9dWRns95/sh08pOuAbo\nyrv3uBfgQmaBQMXZ8aLcBv4aXgWyyGlYkWpP1fL2oLMZq6RGQ9WEeqX8c0ImjmrA\nYGopAoGBAJZPFlZi2Rfq4MfFZp/X1/zM09hphZwkxkSI+RnsjDUjTgB8CuQul5ep\nKWE98yLw4C25Cqw5fKKQ2addizLnZCAIfJKVNRjYLWlWyGQydDEUzqwXlSLS9LVX\nLxLkWDajIyjeFn21Ttb42L9pBo3TAQIxUenom/lP2SQTvCKBiPai\n-----END RSA PRIVATE KEY-----\n-----BEGIN CERTIFICATE-----\nMIIDazCCAlOgAwIBAgIUahce2sCO7Bom/Rznd5HsNAlr1NgwDQYJKoZIhvcNAQEL\nBQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM\nGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0xODEyMDIwMTAxNDRaFw00NjEy\nMTUwMTAxNDRaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw\nHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB\nAQUAA4IBDwAwggEKAoIBAQDC8Qd4kJecWCLzysTV1NfoUd0E8rTBKN52HTLBWcJn\nEtZsG//k/K2NNwI92t9buDax9s/A6B79YXdfYp5hI/xLFkDRzObPpAOyl4b3bUmR\nla3Knmj743SV4tMhQCGrff2nc7WicA5Q7WTiwd+YLB+sOlOfaFzHhRFrk/PNvV8e\nKC6yMgfWZwZ2dxoDpnYLM7XDgTyQ85S6QgOtxlPh9o5mtZQhBkpDDYnNPIon5kwM\nJmrZMXNbCkvd4bjzAHsnuaJsVD/2cW/Gkh+UGMMBnxCKqTBivk3QM2xPFx9MJJ65\nt8kMJR8hbAVmEuK3PA7FrNrNRApdf9I8xDWX8v2jeecfAgMBAAGjUzBRMB0GA1Ud\nDgQWBBQXGfrns8OqxTGKsXG5pDZS/WyyYDAfBgNVHSMEGDAWgBQXGfrns8OqxTGK\nsXG5pDZS/WyyYDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCt\n8aUX26cl2PgdIEByZSHAX5G+2b0IEtTclPkl4uDyyKRY4dVq6gK3ueVSU5eUmBip\nJbV5aRetovGOcV//8vbxkZm/ntQ8Oo+2sfGR5lIzd0UdlOr5pkD6g3bFy/zJ+4DR\nDAe8fklUacfz6CFmD+H8GyHm+fKmF+mjr4oOGQW6OegRDJHuiipUk2lJyuXdlPSa\nFpNRO2sGbjn000ANinFgnFiVzGDnx0/G1Kii/6GWrI6rrdVmXioQzF+8AloWckeB\n+hbmbwkwQa/JrLb5SWcBDOXSgtn1Li3XF5AQQBBjA3pOlyBXqnI94Irw89Lv9uPT\nMUR4qFxeUOW/GJGccMUd\n-----END CERTIFICATE-----\n\",\n }, new CustomResourceOptions\n {\n DependsOn = new[]\n {\n vault_mount.Intermediate,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/pkiSecret\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := pkiSecret.NewSecretBackendConfigCa(ctx, \"intermediate\", \u0026pkiSecret.SecretBackendConfigCaArgs{\n\t\t\tBackend: pulumi.Any(vault_mount.Intermediate.Path),\n\t\t\tPemBundle: pulumi.String(\"-----BEGIN RSA PRIVATE KEY-----\\nMIIEowIBAAKCAQEAwvEHeJCXnFgi88rE1dTX6FHdBPK0wSjedh0ywVnCZxLWbBv/\\n5PytjTcCPdrfW7g2sfbPwOge/WF3X2KeYSP8SxZA0czmz6QDspeG921JkZWtyp5o\\n++N0leLTIUAhq339p3O1onAOUO1k4sHfmCwfrDpTn2hcx4URa5Pzzb1fHigusjIH\\n1mcGdncaA6Z2CzO1w4E8kPOUukIDrcZT4faOZrWUIQZKQw2JzTyKJ+ZMDCZq2TFz\\nWwpL3eG48wB7J7mibFQ/9nFvxpIflBjDAZ8QiqkwYr5N0DNsTxcfTCSeubfJDCUf\\nIWwFZhLitzwOxazazUQKXX/SPMQ1l/L9o3nnHwIDAQABAoIBAAQidJQcDPsl62fc\\nTxxx7TpiMhvewfKu2TkMGX18V+EzxxR364+BxHSQTB3fvIkHeTGBGJrw0WdyX8PI\\nJa/NwZYeHLXWcLbKtcFd8WDiEoNh91Oq1HMzOc/MBcpYv94RSAX7MEkHs2YIAvHE\\nRufFV86hVhC1d/JLYjkz5CHi+Fd9XTYjBK78tHhJd4IJPu5LYvwlmzC1zeS7s1Tg\\nQW1FQuVDV8tWa4PMTrQHwfaGqn95AKc+tbg+ubpCiWl5bBNI3Ghuh4sAC9dMdAkd\\nw27i29O9/Y3XJSSGUZlZqDBP4YU388RgHpzLDUxgRcaQt9vdeEz6frULPW67e9D2\\nmPPDzjECgYEA4aPOwvnSwGoOKsS6vANGy4Ajsq09PR+1ltMJUR5kDlXGuZWI72eX\\n3/GAnovDuCp0tbYt0r7Fmkfel0Ore7SYM18TH5QGpPddcZLvKUf7AchCIOYY0Te3\\npS9+7S1lEGrLXyuox4N26Ov6wHVrmZTcQoZsDWbjYxNNsNACsiQNjGMCgYEA3SvQ\\nJets9e9SgNVvao2TijX+/vcNKRfcWB71T9Xc4BuSNEu5+ZLtptlwaSnVCVu1Xilk\\nsWDh+3EhByl4EteENPvE/7A2s1sfcDOprvg0r52aBZKeTp0AukrT8+Ad4hap7g1x\\n2Lz11MFDkhRqt2KqQaIL+5Mq5WfptbBJ0YI7ARUCgYAD6iSfK1hlsDFYupsGwgPL\\nagi0g97pHZC38idaOe3AdeqBs79xb9mpr/XsSj52Bn6J3IRFALxK5e5Nr4XdGo/9\\nbCvXw2iuGgCMBOGTVMVdDY1gJr3Ne2r7Oay5Dq2PMFsg5pACDhzVA6sRBbh9LKD5\\non1jaiKNyHrzk1hIoOl/QwKBgA+Ov2uLbfS2yvTpDpdOMiyss603r6NOXF+Ofe8J\\nuinBhr1K/mAB59muveuH18Z6vv1KqByaFgtb39jjH+Eja9dWRns95/sh08pOuAbo\\nyrv3uBfgQmaBQMXZ8aLcBv4aXgWyyGlYkWpP1fL2oLMZq6RGQ9WEeqX8c0ImjmrA\\nYGopAoGBAJZPFlZi2Rfq4MfFZp/X1/zM09hphZwkxkSI+RnsjDUjTgB8CuQul5ep\\nKWE98yLw4C25Cqw5fKKQ2addizLnZCAIfJKVNRjYLWlWyGQydDEUzqwXlSLS9LVX\\nLxLkWDajIyjeFn21Ttb42L9pBo3TAQIxUenom/lP2SQTvCKBiPai\\n-----END RSA PRIVATE KEY-----\\n-----BEGIN CERTIFICATE-----\\nMIIDazCCAlOgAwIBAgIUahce2sCO7Bom/Rznd5HsNAlr1NgwDQYJKoZIhvcNAQEL\\nBQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM\\nGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0xODEyMDIwMTAxNDRaFw00NjEy\\nMTUwMTAxNDRaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw\\nHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB\\nAQUAA4IBDwAwggEKAoIBAQDC8Qd4kJecWCLzysTV1NfoUd0E8rTBKN52HTLBWcJn\\nEtZsG//k/K2NNwI92t9buDax9s/A6B79YXdfYp5hI/xLFkDRzObPpAOyl4b3bUmR\\nla3Knmj743SV4tMhQCGrff2nc7WicA5Q7WTiwd+YLB+sOlOfaFzHhRFrk/PNvV8e\\nKC6yMgfWZwZ2dxoDpnYLM7XDgTyQ85S6QgOtxlPh9o5mtZQhBkpDDYnNPIon5kwM\\nJmrZMXNbCkvd4bjzAHsnuaJsVD/2cW/Gkh+UGMMBnxCKqTBivk3QM2xPFx9MJJ65\\nt8kMJR8hbAVmEuK3PA7FrNrNRApdf9I8xDWX8v2jeecfAgMBAAGjUzBRMB0GA1Ud\\nDgQWBBQXGfrns8OqxTGKsXG5pDZS/WyyYDAfBgNVHSMEGDAWgBQXGfrns8OqxTGK\\nsXG5pDZS/WyyYDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCt\\n8aUX26cl2PgdIEByZSHAX5G+2b0IEtTclPkl4uDyyKRY4dVq6gK3ueVSU5eUmBip\\nJbV5aRetovGOcV//8vbxkZm/ntQ8Oo+2sfGR5lIzd0UdlOr5pkD6g3bFy/zJ+4DR\\nDAe8fklUacfz6CFmD+H8GyHm+fKmF+mjr4oOGQW6OegRDJHuiipUk2lJyuXdlPSa\\nFpNRO2sGbjn000ANinFgnFiVzGDnx0/G1Kii/6GWrI6rrdVmXioQzF+8AloWckeB\\n+hbmbwkwQa/JrLb5SWcBDOXSgtn1Li3XF5AQQBBjA3pOlyBXqnI94Irw89Lv9uPT\\nMUR4qFxeUOW/GJGccMUd\\n-----END CERTIFICATE-----\\n\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tvault_mount.Intermediate,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.pkiSecret.SecretBackendConfigCa;\nimport com.pulumi.vault.pkiSecret.SecretBackendConfigCaArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var intermediate = new SecretBackendConfigCa(\"intermediate\", SecretBackendConfigCaArgs.builder() \n .backend(vault_mount.intermediate().path())\n .pemBundle(\"\"\"\n-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAwvEHeJCXnFgi88rE1dTX6FHdBPK0wSjedh0ywVnCZxLWbBv/\n5PytjTcCPdrfW7g2sfbPwOge/WF3X2KeYSP8SxZA0czmz6QDspeG921JkZWtyp5o\n++N0leLTIUAhq339p3O1onAOUO1k4sHfmCwfrDpTn2hcx4URa5Pzzb1fHigusjIH\n1mcGdncaA6Z2CzO1w4E8kPOUukIDrcZT4faOZrWUIQZKQw2JzTyKJ+ZMDCZq2TFz\nWwpL3eG48wB7J7mibFQ/9nFvxpIflBjDAZ8QiqkwYr5N0DNsTxcfTCSeubfJDCUf\nIWwFZhLitzwOxazazUQKXX/SPMQ1l/L9o3nnHwIDAQABAoIBAAQidJQcDPsl62fc\nTxxx7TpiMhvewfKu2TkMGX18V+EzxxR364+BxHSQTB3fvIkHeTGBGJrw0WdyX8PI\nJa/NwZYeHLXWcLbKtcFd8WDiEoNh91Oq1HMzOc/MBcpYv94RSAX7MEkHs2YIAvHE\nRufFV86hVhC1d/JLYjkz5CHi+Fd9XTYjBK78tHhJd4IJPu5LYvwlmzC1zeS7s1Tg\nQW1FQuVDV8tWa4PMTrQHwfaGqn95AKc+tbg+ubpCiWl5bBNI3Ghuh4sAC9dMdAkd\nw27i29O9/Y3XJSSGUZlZqDBP4YU388RgHpzLDUxgRcaQt9vdeEz6frULPW67e9D2\nmPPDzjECgYEA4aPOwvnSwGoOKsS6vANGy4Ajsq09PR+1ltMJUR5kDlXGuZWI72eX\n3/GAnovDuCp0tbYt0r7Fmkfel0Ore7SYM18TH5QGpPddcZLvKUf7AchCIOYY0Te3\npS9+7S1lEGrLXyuox4N26Ov6wHVrmZTcQoZsDWbjYxNNsNACsiQNjGMCgYEA3SvQ\nJets9e9SgNVvao2TijX+/vcNKRfcWB71T9Xc4BuSNEu5+ZLtptlwaSnVCVu1Xilk\nsWDh+3EhByl4EteENPvE/7A2s1sfcDOprvg0r52aBZKeTp0AukrT8+Ad4hap7g1x\n2Lz11MFDkhRqt2KqQaIL+5Mq5WfptbBJ0YI7ARUCgYAD6iSfK1hlsDFYupsGwgPL\nagi0g97pHZC38idaOe3AdeqBs79xb9mpr/XsSj52Bn6J3IRFALxK5e5Nr4XdGo/9\nbCvXw2iuGgCMBOGTVMVdDY1gJr3Ne2r7Oay5Dq2PMFsg5pACDhzVA6sRBbh9LKD5\non1jaiKNyHrzk1hIoOl/QwKBgA+Ov2uLbfS2yvTpDpdOMiyss603r6NOXF+Ofe8J\nuinBhr1K/mAB59muveuH18Z6vv1KqByaFgtb39jjH+Eja9dWRns95/sh08pOuAbo\nyrv3uBfgQmaBQMXZ8aLcBv4aXgWyyGlYkWpP1fL2oLMZq6RGQ9WEeqX8c0ImjmrA\nYGopAoGBAJZPFlZi2Rfq4MfFZp/X1/zM09hphZwkxkSI+RnsjDUjTgB8CuQul5ep\nKWE98yLw4C25Cqw5fKKQ2addizLnZCAIfJKVNRjYLWlWyGQydDEUzqwXlSLS9LVX\nLxLkWDajIyjeFn21Ttb42L9pBo3TAQIxUenom/lP2SQTvCKBiPai\n-----END RSA PRIVATE KEY-----\n-----BEGIN CERTIFICATE-----\nMIIDazCCAlOgAwIBAgIUahce2sCO7Bom/Rznd5HsNAlr1NgwDQYJKoZIhvcNAQEL\nBQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM\nGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0xODEyMDIwMTAxNDRaFw00NjEy\nMTUwMTAxNDRaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw\nHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB\nAQUAA4IBDwAwggEKAoIBAQDC8Qd4kJecWCLzysTV1NfoUd0E8rTBKN52HTLBWcJn\nEtZsG//k/K2NNwI92t9buDax9s/A6B79YXdfYp5hI/xLFkDRzObPpAOyl4b3bUmR\nla3Knmj743SV4tMhQCGrff2nc7WicA5Q7WTiwd+YLB+sOlOfaFzHhRFrk/PNvV8e\nKC6yMgfWZwZ2dxoDpnYLM7XDgTyQ85S6QgOtxlPh9o5mtZQhBkpDDYnNPIon5kwM\nJmrZMXNbCkvd4bjzAHsnuaJsVD/2cW/Gkh+UGMMBnxCKqTBivk3QM2xPFx9MJJ65\nt8kMJR8hbAVmEuK3PA7FrNrNRApdf9I8xDWX8v2jeecfAgMBAAGjUzBRMB0GA1Ud\nDgQWBBQXGfrns8OqxTGKsXG5pDZS/WyyYDAfBgNVHSMEGDAWgBQXGfrns8OqxTGK\nsXG5pDZS/WyyYDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCt\n8aUX26cl2PgdIEByZSHAX5G+2b0IEtTclPkl4uDyyKRY4dVq6gK3ueVSU5eUmBip\nJbV5aRetovGOcV//8vbxkZm/ntQ8Oo+2sfGR5lIzd0UdlOr5pkD6g3bFy/zJ+4DR\nDAe8fklUacfz6CFmD+H8GyHm+fKmF+mjr4oOGQW6OegRDJHuiipUk2lJyuXdlPSa\nFpNRO2sGbjn000ANinFgnFiVzGDnx0/G1Kii/6GWrI6rrdVmXioQzF+8AloWckeB\n+hbmbwkwQa/JrLb5SWcBDOXSgtn1Li3XF5AQQBBjA3pOlyBXqnI94Irw89Lv9uPT\nMUR4qFxeUOW/GJGccMUd\n-----END CERTIFICATE-----\n \"\"\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(vault_mount.intermediate())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n intermediate:\n type: vault:pkiSecret:SecretBackendConfigCa\n properties:\n backend: ${vault_mount.intermediate.path}\n pemBundle: |\n -----BEGIN RSA PRIVATE KEY-----\n MIIEowIBAAKCAQEAwvEHeJCXnFgi88rE1dTX6FHdBPK0wSjedh0ywVnCZxLWbBv/\n 5PytjTcCPdrfW7g2sfbPwOge/WF3X2KeYSP8SxZA0czmz6QDspeG921JkZWtyp5o\n ++N0leLTIUAhq339p3O1onAOUO1k4sHfmCwfrDpTn2hcx4URa5Pzzb1fHigusjIH\n 1mcGdncaA6Z2CzO1w4E8kPOUukIDrcZT4faOZrWUIQZKQw2JzTyKJ+ZMDCZq2TFz\n WwpL3eG48wB7J7mibFQ/9nFvxpIflBjDAZ8QiqkwYr5N0DNsTxcfTCSeubfJDCUf\n IWwFZhLitzwOxazazUQKXX/SPMQ1l/L9o3nnHwIDAQABAoIBAAQidJQcDPsl62fc\n Txxx7TpiMhvewfKu2TkMGX18V+EzxxR364+BxHSQTB3fvIkHeTGBGJrw0WdyX8PI\n Ja/NwZYeHLXWcLbKtcFd8WDiEoNh91Oq1HMzOc/MBcpYv94RSAX7MEkHs2YIAvHE\n RufFV86hVhC1d/JLYjkz5CHi+Fd9XTYjBK78tHhJd4IJPu5LYvwlmzC1zeS7s1Tg\n QW1FQuVDV8tWa4PMTrQHwfaGqn95AKc+tbg+ubpCiWl5bBNI3Ghuh4sAC9dMdAkd\n w27i29O9/Y3XJSSGUZlZqDBP4YU388RgHpzLDUxgRcaQt9vdeEz6frULPW67e9D2\n mPPDzjECgYEA4aPOwvnSwGoOKsS6vANGy4Ajsq09PR+1ltMJUR5kDlXGuZWI72eX\n 3/GAnovDuCp0tbYt0r7Fmkfel0Ore7SYM18TH5QGpPddcZLvKUf7AchCIOYY0Te3\n pS9+7S1lEGrLXyuox4N26Ov6wHVrmZTcQoZsDWbjYxNNsNACsiQNjGMCgYEA3SvQ\n Jets9e9SgNVvao2TijX+/vcNKRfcWB71T9Xc4BuSNEu5+ZLtptlwaSnVCVu1Xilk\n sWDh+3EhByl4EteENPvE/7A2s1sfcDOprvg0r52aBZKeTp0AukrT8+Ad4hap7g1x\n 2Lz11MFDkhRqt2KqQaIL+5Mq5WfptbBJ0YI7ARUCgYAD6iSfK1hlsDFYupsGwgPL\n agi0g97pHZC38idaOe3AdeqBs79xb9mpr/XsSj52Bn6J3IRFALxK5e5Nr4XdGo/9\n bCvXw2iuGgCMBOGTVMVdDY1gJr3Ne2r7Oay5Dq2PMFsg5pACDhzVA6sRBbh9LKD5\n on1jaiKNyHrzk1hIoOl/QwKBgA+Ov2uLbfS2yvTpDpdOMiyss603r6NOXF+Ofe8J\n uinBhr1K/mAB59muveuH18Z6vv1KqByaFgtb39jjH+Eja9dWRns95/sh08pOuAbo\n yrv3uBfgQmaBQMXZ8aLcBv4aXgWyyGlYkWpP1fL2oLMZq6RGQ9WEeqX8c0ImjmrA\n YGopAoGBAJZPFlZi2Rfq4MfFZp/X1/zM09hphZwkxkSI+RnsjDUjTgB8CuQul5ep\n KWE98yLw4C25Cqw5fKKQ2addizLnZCAIfJKVNRjYLWlWyGQydDEUzqwXlSLS9LVX\n LxLkWDajIyjeFn21Ttb42L9pBo3TAQIxUenom/lP2SQTvCKBiPai\n -----END RSA PRIVATE KEY-----\n -----BEGIN CERTIFICATE-----\n MIIDazCCAlOgAwIBAgIUahce2sCO7Bom/Rznd5HsNAlr1NgwDQYJKoZIhvcNAQEL\n BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM\n GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0xODEyMDIwMTAxNDRaFw00NjEy\n MTUwMTAxNDRaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw\n HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB\n AQUAA4IBDwAwggEKAoIBAQDC8Qd4kJecWCLzysTV1NfoUd0E8rTBKN52HTLBWcJn\n EtZsG//k/K2NNwI92t9buDax9s/A6B79YXdfYp5hI/xLFkDRzObPpAOyl4b3bUmR\n la3Knmj743SV4tMhQCGrff2nc7WicA5Q7WTiwd+YLB+sOlOfaFzHhRFrk/PNvV8e\n KC6yMgfWZwZ2dxoDpnYLM7XDgTyQ85S6QgOtxlPh9o5mtZQhBkpDDYnNPIon5kwM\n JmrZMXNbCkvd4bjzAHsnuaJsVD/2cW/Gkh+UGMMBnxCKqTBivk3QM2xPFx9MJJ65\n t8kMJR8hbAVmEuK3PA7FrNrNRApdf9I8xDWX8v2jeecfAgMBAAGjUzBRMB0GA1Ud\n DgQWBBQXGfrns8OqxTGKsXG5pDZS/WyyYDAfBgNVHSMEGDAWgBQXGfrns8OqxTGK\n sXG5pDZS/WyyYDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCt\n 8aUX26cl2PgdIEByZSHAX5G+2b0IEtTclPkl4uDyyKRY4dVq6gK3ueVSU5eUmBip\n JbV5aRetovGOcV//8vbxkZm/ntQ8Oo+2sfGR5lIzd0UdlOr5pkD6g3bFy/zJ+4DR\n DAe8fklUacfz6CFmD+H8GyHm+fKmF+mjr4oOGQW6OegRDJHuiipUk2lJyuXdlPSa\n FpNRO2sGbjn000ANinFgnFiVzGDnx0/G1Kii/6GWrI6rrdVmXioQzF+8AloWckeB\n +hbmbwkwQa/JrLb5SWcBDOXSgtn1Li3XF5AQQBBjA3pOlyBXqnI94Irw89Lv9uPT\n MUR4qFxeUOW/GJGccMUd\n -----END CERTIFICATE-----\n options:\n dependson:\n - ${vault_mount.intermediate}\n```\n{{% /example %}}\n{{% /examples %}}", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst intermediate = new vault.pkisecret.SecretBackendConfigCa(\"intermediate\", {\n backend: vault_mount.intermediate.path,\n pemBundle: `-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAwvEHeJCXnFgi88rE1dTX6FHdBPK0wSjedh0ywVnCZxLWbBv/\n5PytjTcCPdrfW7g2sfbPwOge/WF3X2KeYSP8SxZA0czmz6QDspeG921JkZWtyp5o\n++N0leLTIUAhq339p3O1onAOUO1k4sHfmCwfrDpTn2hcx4URa5Pzzb1fHigusjIH\n1mcGdncaA6Z2CzO1w4E8kPOUukIDrcZT4faOZrWUIQZKQw2JzTyKJ+ZMDCZq2TFz\nWwpL3eG48wB7J7mibFQ/9nFvxpIflBjDAZ8QiqkwYr5N0DNsTxcfTCSeubfJDCUf\nIWwFZhLitzwOxazazUQKXX/SPMQ1l/L9o3nnHwIDAQABAoIBAAQidJQcDPsl62fc\nTxxx7TpiMhvewfKu2TkMGX18V+EzxxR364+BxHSQTB3fvIkHeTGBGJrw0WdyX8PI\nJa/NwZYeHLXWcLbKtcFd8WDiEoNh91Oq1HMzOc/MBcpYv94RSAX7MEkHs2YIAvHE\nRufFV86hVhC1d/JLYjkz5CHi+Fd9XTYjBK78tHhJd4IJPu5LYvwlmzC1zeS7s1Tg\nQW1FQuVDV8tWa4PMTrQHwfaGqn95AKc+tbg+ubpCiWl5bBNI3Ghuh4sAC9dMdAkd\nw27i29O9/Y3XJSSGUZlZqDBP4YU388RgHpzLDUxgRcaQt9vdeEz6frULPW67e9D2\nmPPDzjECgYEA4aPOwvnSwGoOKsS6vANGy4Ajsq09PR+1ltMJUR5kDlXGuZWI72eX\n3/GAnovDuCp0tbYt0r7Fmkfel0Ore7SYM18TH5QGpPddcZLvKUf7AchCIOYY0Te3\npS9+7S1lEGrLXyuox4N26Ov6wHVrmZTcQoZsDWbjYxNNsNACsiQNjGMCgYEA3SvQ\nJets9e9SgNVvao2TijX+/vcNKRfcWB71T9Xc4BuSNEu5+ZLtptlwaSnVCVu1Xilk\nsWDh+3EhByl4EteENPvE/7A2s1sfcDOprvg0r52aBZKeTp0AukrT8+Ad4hap7g1x\n2Lz11MFDkhRqt2KqQaIL+5Mq5WfptbBJ0YI7ARUCgYAD6iSfK1hlsDFYupsGwgPL\nagi0g97pHZC38idaOe3AdeqBs79xb9mpr/XsSj52Bn6J3IRFALxK5e5Nr4XdGo/9\nbCvXw2iuGgCMBOGTVMVdDY1gJr3Ne2r7Oay5Dq2PMFsg5pACDhzVA6sRBbh9LKD5\non1jaiKNyHrzk1hIoOl/QwKBgA+Ov2uLbfS2yvTpDpdOMiyss603r6NOXF+Ofe8J\nuinBhr1K/mAB59muveuH18Z6vv1KqByaFgtb39jjH+Eja9dWRns95/sh08pOuAbo\nyrv3uBfgQmaBQMXZ8aLcBv4aXgWyyGlYkWpP1fL2oLMZq6RGQ9WEeqX8c0ImjmrA\nYGopAoGBAJZPFlZi2Rfq4MfFZp/X1/zM09hphZwkxkSI+RnsjDUjTgB8CuQul5ep\nKWE98yLw4C25Cqw5fKKQ2addizLnZCAIfJKVNRjYLWlWyGQydDEUzqwXlSLS9LVX\nLxLkWDajIyjeFn21Ttb42L9pBo3TAQIxUenom/lP2SQTvCKBiPai\n-----END RSA PRIVATE KEY-----\n-----BEGIN CERTIFICATE-----\nMIIDazCCAlOgAwIBAgIUahce2sCO7Bom/Rznd5HsNAlr1NgwDQYJKoZIhvcNAQEL\nBQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM\nGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0xODEyMDIwMTAxNDRaFw00NjEy\nMTUwMTAxNDRaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw\nHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB\nAQUAA4IBDwAwggEKAoIBAQDC8Qd4kJecWCLzysTV1NfoUd0E8rTBKN52HTLBWcJn\nEtZsG//k/K2NNwI92t9buDax9s/A6B79YXdfYp5hI/xLFkDRzObPpAOyl4b3bUmR\nla3Knmj743SV4tMhQCGrff2nc7WicA5Q7WTiwd+YLB+sOlOfaFzHhRFrk/PNvV8e\nKC6yMgfWZwZ2dxoDpnYLM7XDgTyQ85S6QgOtxlPh9o5mtZQhBkpDDYnNPIon5kwM\nJmrZMXNbCkvd4bjzAHsnuaJsVD/2cW/Gkh+UGMMBnxCKqTBivk3QM2xPFx9MJJ65\nt8kMJR8hbAVmEuK3PA7FrNrNRApdf9I8xDWX8v2jeecfAgMBAAGjUzBRMB0GA1Ud\nDgQWBBQXGfrns8OqxTGKsXG5pDZS/WyyYDAfBgNVHSMEGDAWgBQXGfrns8OqxTGK\nsXG5pDZS/WyyYDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCt\n8aUX26cl2PgdIEByZSHAX5G+2b0IEtTclPkl4uDyyKRY4dVq6gK3ueVSU5eUmBip\nJbV5aRetovGOcV//8vbxkZm/ntQ8Oo+2sfGR5lIzd0UdlOr5pkD6g3bFy/zJ+4DR\nDAe8fklUacfz6CFmD+H8GyHm+fKmF+mjr4oOGQW6OegRDJHuiipUk2lJyuXdlPSa\nFpNRO2sGbjn000ANinFgnFiVzGDnx0/G1Kii/6GWrI6rrdVmXioQzF+8AloWckeB\n+hbmbwkwQa/JrLb5SWcBDOXSgtn1Li3XF5AQQBBjA3pOlyBXqnI94Irw89Lv9uPT\nMUR4qFxeUOW/GJGccMUd\n-----END CERTIFICATE-----\n`,\n}, {\n dependsOn: [vault_mount.intermediate],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nintermediate = vault.pki_secret.SecretBackendConfigCa(\"intermediate\",\n backend=vault_mount[\"intermediate\"][\"path\"],\n pem_bundle=\"\"\"-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAwvEHeJCXnFgi88rE1dTX6FHdBPK0wSjedh0ywVnCZxLWbBv/\n5PytjTcCPdrfW7g2sfbPwOge/WF3X2KeYSP8SxZA0czmz6QDspeG921JkZWtyp5o\n++N0leLTIUAhq339p3O1onAOUO1k4sHfmCwfrDpTn2hcx4URa5Pzzb1fHigusjIH\n1mcGdncaA6Z2CzO1w4E8kPOUukIDrcZT4faOZrWUIQZKQw2JzTyKJ+ZMDCZq2TFz\nWwpL3eG48wB7J7mibFQ/9nFvxpIflBjDAZ8QiqkwYr5N0DNsTxcfTCSeubfJDCUf\nIWwFZhLitzwOxazazUQKXX/SPMQ1l/L9o3nnHwIDAQABAoIBAAQidJQcDPsl62fc\nTxxx7TpiMhvewfKu2TkMGX18V+EzxxR364+BxHSQTB3fvIkHeTGBGJrw0WdyX8PI\nJa/NwZYeHLXWcLbKtcFd8WDiEoNh91Oq1HMzOc/MBcpYv94RSAX7MEkHs2YIAvHE\nRufFV86hVhC1d/JLYjkz5CHi+Fd9XTYjBK78tHhJd4IJPu5LYvwlmzC1zeS7s1Tg\nQW1FQuVDV8tWa4PMTrQHwfaGqn95AKc+tbg+ubpCiWl5bBNI3Ghuh4sAC9dMdAkd\nw27i29O9/Y3XJSSGUZlZqDBP4YU388RgHpzLDUxgRcaQt9vdeEz6frULPW67e9D2\nmPPDzjECgYEA4aPOwvnSwGoOKsS6vANGy4Ajsq09PR+1ltMJUR5kDlXGuZWI72eX\n3/GAnovDuCp0tbYt0r7Fmkfel0Ore7SYM18TH5QGpPddcZLvKUf7AchCIOYY0Te3\npS9+7S1lEGrLXyuox4N26Ov6wHVrmZTcQoZsDWbjYxNNsNACsiQNjGMCgYEA3SvQ\nJets9e9SgNVvao2TijX+/vcNKRfcWB71T9Xc4BuSNEu5+ZLtptlwaSnVCVu1Xilk\nsWDh+3EhByl4EteENPvE/7A2s1sfcDOprvg0r52aBZKeTp0AukrT8+Ad4hap7g1x\n2Lz11MFDkhRqt2KqQaIL+5Mq5WfptbBJ0YI7ARUCgYAD6iSfK1hlsDFYupsGwgPL\nagi0g97pHZC38idaOe3AdeqBs79xb9mpr/XsSj52Bn6J3IRFALxK5e5Nr4XdGo/9\nbCvXw2iuGgCMBOGTVMVdDY1gJr3Ne2r7Oay5Dq2PMFsg5pACDhzVA6sRBbh9LKD5\non1jaiKNyHrzk1hIoOl/QwKBgA+Ov2uLbfS2yvTpDpdOMiyss603r6NOXF+Ofe8J\nuinBhr1K/mAB59muveuH18Z6vv1KqByaFgtb39jjH+Eja9dWRns95/sh08pOuAbo\nyrv3uBfgQmaBQMXZ8aLcBv4aXgWyyGlYkWpP1fL2oLMZq6RGQ9WEeqX8c0ImjmrA\nYGopAoGBAJZPFlZi2Rfq4MfFZp/X1/zM09hphZwkxkSI+RnsjDUjTgB8CuQul5ep\nKWE98yLw4C25Cqw5fKKQ2addizLnZCAIfJKVNRjYLWlWyGQydDEUzqwXlSLS9LVX\nLxLkWDajIyjeFn21Ttb42L9pBo3TAQIxUenom/lP2SQTvCKBiPai\n-----END RSA PRIVATE KEY-----\n-----BEGIN CERTIFICATE-----\nMIIDazCCAlOgAwIBAgIUahce2sCO7Bom/Rznd5HsNAlr1NgwDQYJKoZIhvcNAQEL\nBQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM\nGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0xODEyMDIwMTAxNDRaFw00NjEy\nMTUwMTAxNDRaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw\nHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB\nAQUAA4IBDwAwggEKAoIBAQDC8Qd4kJecWCLzysTV1NfoUd0E8rTBKN52HTLBWcJn\nEtZsG//k/K2NNwI92t9buDax9s/A6B79YXdfYp5hI/xLFkDRzObPpAOyl4b3bUmR\nla3Knmj743SV4tMhQCGrff2nc7WicA5Q7WTiwd+YLB+sOlOfaFzHhRFrk/PNvV8e\nKC6yMgfWZwZ2dxoDpnYLM7XDgTyQ85S6QgOtxlPh9o5mtZQhBkpDDYnNPIon5kwM\nJmrZMXNbCkvd4bjzAHsnuaJsVD/2cW/Gkh+UGMMBnxCKqTBivk3QM2xPFx9MJJ65\nt8kMJR8hbAVmEuK3PA7FrNrNRApdf9I8xDWX8v2jeecfAgMBAAGjUzBRMB0GA1Ud\nDgQWBBQXGfrns8OqxTGKsXG5pDZS/WyyYDAfBgNVHSMEGDAWgBQXGfrns8OqxTGK\nsXG5pDZS/WyyYDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCt\n8aUX26cl2PgdIEByZSHAX5G+2b0IEtTclPkl4uDyyKRY4dVq6gK3ueVSU5eUmBip\nJbV5aRetovGOcV//8vbxkZm/ntQ8Oo+2sfGR5lIzd0UdlOr5pkD6g3bFy/zJ+4DR\nDAe8fklUacfz6CFmD+H8GyHm+fKmF+mjr4oOGQW6OegRDJHuiipUk2lJyuXdlPSa\nFpNRO2sGbjn000ANinFgnFiVzGDnx0/G1Kii/6GWrI6rrdVmXioQzF+8AloWckeB\n+hbmbwkwQa/JrLb5SWcBDOXSgtn1Li3XF5AQQBBjA3pOlyBXqnI94Irw89Lv9uPT\nMUR4qFxeUOW/GJGccMUd\n-----END CERTIFICATE-----\n\"\"\",\n opts=pulumi.ResourceOptions(depends_on=[vault_mount[\"intermediate\"]]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var intermediate = new Vault.PkiSecret.SecretBackendConfigCa(\"intermediate\", new()\n {\n Backend = vault_mount.Intermediate.Path,\n PemBundle = @\"-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAwvEHeJCXnFgi88rE1dTX6FHdBPK0wSjedh0ywVnCZxLWbBv/\n5PytjTcCPdrfW7g2sfbPwOge/WF3X2KeYSP8SxZA0czmz6QDspeG921JkZWtyp5o\n++N0leLTIUAhq339p3O1onAOUO1k4sHfmCwfrDpTn2hcx4URa5Pzzb1fHigusjIH\n1mcGdncaA6Z2CzO1w4E8kPOUukIDrcZT4faOZrWUIQZKQw2JzTyKJ+ZMDCZq2TFz\nWwpL3eG48wB7J7mibFQ/9nFvxpIflBjDAZ8QiqkwYr5N0DNsTxcfTCSeubfJDCUf\nIWwFZhLitzwOxazazUQKXX/SPMQ1l/L9o3nnHwIDAQABAoIBAAQidJQcDPsl62fc\nTxxx7TpiMhvewfKu2TkMGX18V+EzxxR364+BxHSQTB3fvIkHeTGBGJrw0WdyX8PI\nJa/NwZYeHLXWcLbKtcFd8WDiEoNh91Oq1HMzOc/MBcpYv94RSAX7MEkHs2YIAvHE\nRufFV86hVhC1d/JLYjkz5CHi+Fd9XTYjBK78tHhJd4IJPu5LYvwlmzC1zeS7s1Tg\nQW1FQuVDV8tWa4PMTrQHwfaGqn95AKc+tbg+ubpCiWl5bBNI3Ghuh4sAC9dMdAkd\nw27i29O9/Y3XJSSGUZlZqDBP4YU388RgHpzLDUxgRcaQt9vdeEz6frULPW67e9D2\nmPPDzjECgYEA4aPOwvnSwGoOKsS6vANGy4Ajsq09PR+1ltMJUR5kDlXGuZWI72eX\n3/GAnovDuCp0tbYt0r7Fmkfel0Ore7SYM18TH5QGpPddcZLvKUf7AchCIOYY0Te3\npS9+7S1lEGrLXyuox4N26Ov6wHVrmZTcQoZsDWbjYxNNsNACsiQNjGMCgYEA3SvQ\nJets9e9SgNVvao2TijX+/vcNKRfcWB71T9Xc4BuSNEu5+ZLtptlwaSnVCVu1Xilk\nsWDh+3EhByl4EteENPvE/7A2s1sfcDOprvg0r52aBZKeTp0AukrT8+Ad4hap7g1x\n2Lz11MFDkhRqt2KqQaIL+5Mq5WfptbBJ0YI7ARUCgYAD6iSfK1hlsDFYupsGwgPL\nagi0g97pHZC38idaOe3AdeqBs79xb9mpr/XsSj52Bn6J3IRFALxK5e5Nr4XdGo/9\nbCvXw2iuGgCMBOGTVMVdDY1gJr3Ne2r7Oay5Dq2PMFsg5pACDhzVA6sRBbh9LKD5\non1jaiKNyHrzk1hIoOl/QwKBgA+Ov2uLbfS2yvTpDpdOMiyss603r6NOXF+Ofe8J\nuinBhr1K/mAB59muveuH18Z6vv1KqByaFgtb39jjH+Eja9dWRns95/sh08pOuAbo\nyrv3uBfgQmaBQMXZ8aLcBv4aXgWyyGlYkWpP1fL2oLMZq6RGQ9WEeqX8c0ImjmrA\nYGopAoGBAJZPFlZi2Rfq4MfFZp/X1/zM09hphZwkxkSI+RnsjDUjTgB8CuQul5ep\nKWE98yLw4C25Cqw5fKKQ2addizLnZCAIfJKVNRjYLWlWyGQydDEUzqwXlSLS9LVX\nLxLkWDajIyjeFn21Ttb42L9pBo3TAQIxUenom/lP2SQTvCKBiPai\n-----END RSA PRIVATE KEY-----\n-----BEGIN CERTIFICATE-----\nMIIDazCCAlOgAwIBAgIUahce2sCO7Bom/Rznd5HsNAlr1NgwDQYJKoZIhvcNAQEL\nBQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM\nGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0xODEyMDIwMTAxNDRaFw00NjEy\nMTUwMTAxNDRaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw\nHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB\nAQUAA4IBDwAwggEKAoIBAQDC8Qd4kJecWCLzysTV1NfoUd0E8rTBKN52HTLBWcJn\nEtZsG//k/K2NNwI92t9buDax9s/A6B79YXdfYp5hI/xLFkDRzObPpAOyl4b3bUmR\nla3Knmj743SV4tMhQCGrff2nc7WicA5Q7WTiwd+YLB+sOlOfaFzHhRFrk/PNvV8e\nKC6yMgfWZwZ2dxoDpnYLM7XDgTyQ85S6QgOtxlPh9o5mtZQhBkpDDYnNPIon5kwM\nJmrZMXNbCkvd4bjzAHsnuaJsVD/2cW/Gkh+UGMMBnxCKqTBivk3QM2xPFx9MJJ65\nt8kMJR8hbAVmEuK3PA7FrNrNRApdf9I8xDWX8v2jeecfAgMBAAGjUzBRMB0GA1Ud\nDgQWBBQXGfrns8OqxTGKsXG5pDZS/WyyYDAfBgNVHSMEGDAWgBQXGfrns8OqxTGK\nsXG5pDZS/WyyYDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCt\n8aUX26cl2PgdIEByZSHAX5G+2b0IEtTclPkl4uDyyKRY4dVq6gK3ueVSU5eUmBip\nJbV5aRetovGOcV//8vbxkZm/ntQ8Oo+2sfGR5lIzd0UdlOr5pkD6g3bFy/zJ+4DR\nDAe8fklUacfz6CFmD+H8GyHm+fKmF+mjr4oOGQW6OegRDJHuiipUk2lJyuXdlPSa\nFpNRO2sGbjn000ANinFgnFiVzGDnx0/G1Kii/6GWrI6rrdVmXioQzF+8AloWckeB\n+hbmbwkwQa/JrLb5SWcBDOXSgtn1Li3XF5AQQBBjA3pOlyBXqnI94Irw89Lv9uPT\nMUR4qFxeUOW/GJGccMUd\n-----END CERTIFICATE-----\n\",\n }, new CustomResourceOptions\n {\n DependsOn = new[]\n {\n vault_mount.Intermediate,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/pkiSecret\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := pkiSecret.NewSecretBackendConfigCa(ctx, \"intermediate\", \u0026pkiSecret.SecretBackendConfigCaArgs{\n\t\t\tBackend: pulumi.Any(vault_mount.Intermediate.Path),\n\t\t\tPemBundle: pulumi.String(`-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAwvEHeJCXnFgi88rE1dTX6FHdBPK0wSjedh0ywVnCZxLWbBv/\n5PytjTcCPdrfW7g2sfbPwOge/WF3X2KeYSP8SxZA0czmz6QDspeG921JkZWtyp5o\n++N0leLTIUAhq339p3O1onAOUO1k4sHfmCwfrDpTn2hcx4URa5Pzzb1fHigusjIH\n1mcGdncaA6Z2CzO1w4E8kPOUukIDrcZT4faOZrWUIQZKQw2JzTyKJ+ZMDCZq2TFz\nWwpL3eG48wB7J7mibFQ/9nFvxpIflBjDAZ8QiqkwYr5N0DNsTxcfTCSeubfJDCUf\nIWwFZhLitzwOxazazUQKXX/SPMQ1l/L9o3nnHwIDAQABAoIBAAQidJQcDPsl62fc\nTxxx7TpiMhvewfKu2TkMGX18V+EzxxR364+BxHSQTB3fvIkHeTGBGJrw0WdyX8PI\nJa/NwZYeHLXWcLbKtcFd8WDiEoNh91Oq1HMzOc/MBcpYv94RSAX7MEkHs2YIAvHE\nRufFV86hVhC1d/JLYjkz5CHi+Fd9XTYjBK78tHhJd4IJPu5LYvwlmzC1zeS7s1Tg\nQW1FQuVDV8tWa4PMTrQHwfaGqn95AKc+tbg+ubpCiWl5bBNI3Ghuh4sAC9dMdAkd\nw27i29O9/Y3XJSSGUZlZqDBP4YU388RgHpzLDUxgRcaQt9vdeEz6frULPW67e9D2\nmPPDzjECgYEA4aPOwvnSwGoOKsS6vANGy4Ajsq09PR+1ltMJUR5kDlXGuZWI72eX\n3/GAnovDuCp0tbYt0r7Fmkfel0Ore7SYM18TH5QGpPddcZLvKUf7AchCIOYY0Te3\npS9+7S1lEGrLXyuox4N26Ov6wHVrmZTcQoZsDWbjYxNNsNACsiQNjGMCgYEA3SvQ\nJets9e9SgNVvao2TijX+/vcNKRfcWB71T9Xc4BuSNEu5+ZLtptlwaSnVCVu1Xilk\nsWDh+3EhByl4EteENPvE/7A2s1sfcDOprvg0r52aBZKeTp0AukrT8+Ad4hap7g1x\n2Lz11MFDkhRqt2KqQaIL+5Mq5WfptbBJ0YI7ARUCgYAD6iSfK1hlsDFYupsGwgPL\nagi0g97pHZC38idaOe3AdeqBs79xb9mpr/XsSj52Bn6J3IRFALxK5e5Nr4XdGo/9\nbCvXw2iuGgCMBOGTVMVdDY1gJr3Ne2r7Oay5Dq2PMFsg5pACDhzVA6sRBbh9LKD5\non1jaiKNyHrzk1hIoOl/QwKBgA+Ov2uLbfS2yvTpDpdOMiyss603r6NOXF+Ofe8J\nuinBhr1K/mAB59muveuH18Z6vv1KqByaFgtb39jjH+Eja9dWRns95/sh08pOuAbo\nyrv3uBfgQmaBQMXZ8aLcBv4aXgWyyGlYkWpP1fL2oLMZq6RGQ9WEeqX8c0ImjmrA\nYGopAoGBAJZPFlZi2Rfq4MfFZp/X1/zM09hphZwkxkSI+RnsjDUjTgB8CuQul5ep\nKWE98yLw4C25Cqw5fKKQ2addizLnZCAIfJKVNRjYLWlWyGQydDEUzqwXlSLS9LVX\nLxLkWDajIyjeFn21Ttb42L9pBo3TAQIxUenom/lP2SQTvCKBiPai\n-----END RSA PRIVATE KEY-----\n-----BEGIN CERTIFICATE-----\nMIIDazCCAlOgAwIBAgIUahce2sCO7Bom/Rznd5HsNAlr1NgwDQYJKoZIhvcNAQEL\nBQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM\nGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0xODEyMDIwMTAxNDRaFw00NjEy\nMTUwMTAxNDRaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw\nHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB\nAQUAA4IBDwAwggEKAoIBAQDC8Qd4kJecWCLzysTV1NfoUd0E8rTBKN52HTLBWcJn\nEtZsG//k/K2NNwI92t9buDax9s/A6B79YXdfYp5hI/xLFkDRzObPpAOyl4b3bUmR\nla3Knmj743SV4tMhQCGrff2nc7WicA5Q7WTiwd+YLB+sOlOfaFzHhRFrk/PNvV8e\nKC6yMgfWZwZ2dxoDpnYLM7XDgTyQ85S6QgOtxlPh9o5mtZQhBkpDDYnNPIon5kwM\nJmrZMXNbCkvd4bjzAHsnuaJsVD/2cW/Gkh+UGMMBnxCKqTBivk3QM2xPFx9MJJ65\nt8kMJR8hbAVmEuK3PA7FrNrNRApdf9I8xDWX8v2jeecfAgMBAAGjUzBRMB0GA1Ud\nDgQWBBQXGfrns8OqxTGKsXG5pDZS/WyyYDAfBgNVHSMEGDAWgBQXGfrns8OqxTGK\nsXG5pDZS/WyyYDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCt\n8aUX26cl2PgdIEByZSHAX5G+2b0IEtTclPkl4uDyyKRY4dVq6gK3ueVSU5eUmBip\nJbV5aRetovGOcV//8vbxkZm/ntQ8Oo+2sfGR5lIzd0UdlOr5pkD6g3bFy/zJ+4DR\nDAe8fklUacfz6CFmD+H8GyHm+fKmF+mjr4oOGQW6OegRDJHuiipUk2lJyuXdlPSa\nFpNRO2sGbjn000ANinFgnFiVzGDnx0/G1Kii/6GWrI6rrdVmXioQzF+8AloWckeB\n+hbmbwkwQa/JrLb5SWcBDOXSgtn1Li3XF5AQQBBjA3pOlyBXqnI94Irw89Lv9uPT\nMUR4qFxeUOW/GJGccMUd\n-----END CERTIFICATE-----\n`),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tvault_mount.Intermediate,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.pkiSecret.SecretBackendConfigCa;\nimport com.pulumi.vault.pkiSecret.SecretBackendConfigCaArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var intermediate = new SecretBackendConfigCa(\"intermediate\", SecretBackendConfigCaArgs.builder() \n .backend(vault_mount.intermediate().path())\n .pemBundle(\"\"\"\n-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAwvEHeJCXnFgi88rE1dTX6FHdBPK0wSjedh0ywVnCZxLWbBv/\n5PytjTcCPdrfW7g2sfbPwOge/WF3X2KeYSP8SxZA0czmz6QDspeG921JkZWtyp5o\n++N0leLTIUAhq339p3O1onAOUO1k4sHfmCwfrDpTn2hcx4URa5Pzzb1fHigusjIH\n1mcGdncaA6Z2CzO1w4E8kPOUukIDrcZT4faOZrWUIQZKQw2JzTyKJ+ZMDCZq2TFz\nWwpL3eG48wB7J7mibFQ/9nFvxpIflBjDAZ8QiqkwYr5N0DNsTxcfTCSeubfJDCUf\nIWwFZhLitzwOxazazUQKXX/SPMQ1l/L9o3nnHwIDAQABAoIBAAQidJQcDPsl62fc\nTxxx7TpiMhvewfKu2TkMGX18V+EzxxR364+BxHSQTB3fvIkHeTGBGJrw0WdyX8PI\nJa/NwZYeHLXWcLbKtcFd8WDiEoNh91Oq1HMzOc/MBcpYv94RSAX7MEkHs2YIAvHE\nRufFV86hVhC1d/JLYjkz5CHi+Fd9XTYjBK78tHhJd4IJPu5LYvwlmzC1zeS7s1Tg\nQW1FQuVDV8tWa4PMTrQHwfaGqn95AKc+tbg+ubpCiWl5bBNI3Ghuh4sAC9dMdAkd\nw27i29O9/Y3XJSSGUZlZqDBP4YU388RgHpzLDUxgRcaQt9vdeEz6frULPW67e9D2\nmPPDzjECgYEA4aPOwvnSwGoOKsS6vANGy4Ajsq09PR+1ltMJUR5kDlXGuZWI72eX\n3/GAnovDuCp0tbYt0r7Fmkfel0Ore7SYM18TH5QGpPddcZLvKUf7AchCIOYY0Te3\npS9+7S1lEGrLXyuox4N26Ov6wHVrmZTcQoZsDWbjYxNNsNACsiQNjGMCgYEA3SvQ\nJets9e9SgNVvao2TijX+/vcNKRfcWB71T9Xc4BuSNEu5+ZLtptlwaSnVCVu1Xilk\nsWDh+3EhByl4EteENPvE/7A2s1sfcDOprvg0r52aBZKeTp0AukrT8+Ad4hap7g1x\n2Lz11MFDkhRqt2KqQaIL+5Mq5WfptbBJ0YI7ARUCgYAD6iSfK1hlsDFYupsGwgPL\nagi0g97pHZC38idaOe3AdeqBs79xb9mpr/XsSj52Bn6J3IRFALxK5e5Nr4XdGo/9\nbCvXw2iuGgCMBOGTVMVdDY1gJr3Ne2r7Oay5Dq2PMFsg5pACDhzVA6sRBbh9LKD5\non1jaiKNyHrzk1hIoOl/QwKBgA+Ov2uLbfS2yvTpDpdOMiyss603r6NOXF+Ofe8J\nuinBhr1K/mAB59muveuH18Z6vv1KqByaFgtb39jjH+Eja9dWRns95/sh08pOuAbo\nyrv3uBfgQmaBQMXZ8aLcBv4aXgWyyGlYkWpP1fL2oLMZq6RGQ9WEeqX8c0ImjmrA\nYGopAoGBAJZPFlZi2Rfq4MfFZp/X1/zM09hphZwkxkSI+RnsjDUjTgB8CuQul5ep\nKWE98yLw4C25Cqw5fKKQ2addizLnZCAIfJKVNRjYLWlWyGQydDEUzqwXlSLS9LVX\nLxLkWDajIyjeFn21Ttb42L9pBo3TAQIxUenom/lP2SQTvCKBiPai\n-----END RSA PRIVATE KEY-----\n-----BEGIN CERTIFICATE-----\nMIIDazCCAlOgAwIBAgIUahce2sCO7Bom/Rznd5HsNAlr1NgwDQYJKoZIhvcNAQEL\nBQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM\nGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0xODEyMDIwMTAxNDRaFw00NjEy\nMTUwMTAxNDRaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw\nHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB\nAQUAA4IBDwAwggEKAoIBAQDC8Qd4kJecWCLzysTV1NfoUd0E8rTBKN52HTLBWcJn\nEtZsG//k/K2NNwI92t9buDax9s/A6B79YXdfYp5hI/xLFkDRzObPpAOyl4b3bUmR\nla3Knmj743SV4tMhQCGrff2nc7WicA5Q7WTiwd+YLB+sOlOfaFzHhRFrk/PNvV8e\nKC6yMgfWZwZ2dxoDpnYLM7XDgTyQ85S6QgOtxlPh9o5mtZQhBkpDDYnNPIon5kwM\nJmrZMXNbCkvd4bjzAHsnuaJsVD/2cW/Gkh+UGMMBnxCKqTBivk3QM2xPFx9MJJ65\nt8kMJR8hbAVmEuK3PA7FrNrNRApdf9I8xDWX8v2jeecfAgMBAAGjUzBRMB0GA1Ud\nDgQWBBQXGfrns8OqxTGKsXG5pDZS/WyyYDAfBgNVHSMEGDAWgBQXGfrns8OqxTGK\nsXG5pDZS/WyyYDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCt\n8aUX26cl2PgdIEByZSHAX5G+2b0IEtTclPkl4uDyyKRY4dVq6gK3ueVSU5eUmBip\nJbV5aRetovGOcV//8vbxkZm/ntQ8Oo+2sfGR5lIzd0UdlOr5pkD6g3bFy/zJ+4DR\nDAe8fklUacfz6CFmD+H8GyHm+fKmF+mjr4oOGQW6OegRDJHuiipUk2lJyuXdlPSa\nFpNRO2sGbjn000ANinFgnFiVzGDnx0/G1Kii/6GWrI6rrdVmXioQzF+8AloWckeB\n+hbmbwkwQa/JrLb5SWcBDOXSgtn1Li3XF5AQQBBjA3pOlyBXqnI94Irw89Lv9uPT\nMUR4qFxeUOW/GJGccMUd\n-----END CERTIFICATE-----\n \"\"\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(vault_mount.intermediate())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n intermediate:\n type: vault:pkiSecret:SecretBackendConfigCa\n properties:\n backend: ${vault_mount.intermediate.path}\n pemBundle: |\n -----BEGIN RSA PRIVATE KEY-----\n MIIEowIBAAKCAQEAwvEHeJCXnFgi88rE1dTX6FHdBPK0wSjedh0ywVnCZxLWbBv/\n 5PytjTcCPdrfW7g2sfbPwOge/WF3X2KeYSP8SxZA0czmz6QDspeG921JkZWtyp5o\n ++N0leLTIUAhq339p3O1onAOUO1k4sHfmCwfrDpTn2hcx4URa5Pzzb1fHigusjIH\n 1mcGdncaA6Z2CzO1w4E8kPOUukIDrcZT4faOZrWUIQZKQw2JzTyKJ+ZMDCZq2TFz\n WwpL3eG48wB7J7mibFQ/9nFvxpIflBjDAZ8QiqkwYr5N0DNsTxcfTCSeubfJDCUf\n IWwFZhLitzwOxazazUQKXX/SPMQ1l/L9o3nnHwIDAQABAoIBAAQidJQcDPsl62fc\n Txxx7TpiMhvewfKu2TkMGX18V+EzxxR364+BxHSQTB3fvIkHeTGBGJrw0WdyX8PI\n Ja/NwZYeHLXWcLbKtcFd8WDiEoNh91Oq1HMzOc/MBcpYv94RSAX7MEkHs2YIAvHE\n RufFV86hVhC1d/JLYjkz5CHi+Fd9XTYjBK78tHhJd4IJPu5LYvwlmzC1zeS7s1Tg\n QW1FQuVDV8tWa4PMTrQHwfaGqn95AKc+tbg+ubpCiWl5bBNI3Ghuh4sAC9dMdAkd\n w27i29O9/Y3XJSSGUZlZqDBP4YU388RgHpzLDUxgRcaQt9vdeEz6frULPW67e9D2\n mPPDzjECgYEA4aPOwvnSwGoOKsS6vANGy4Ajsq09PR+1ltMJUR5kDlXGuZWI72eX\n 3/GAnovDuCp0tbYt0r7Fmkfel0Ore7SYM18TH5QGpPddcZLvKUf7AchCIOYY0Te3\n pS9+7S1lEGrLXyuox4N26Ov6wHVrmZTcQoZsDWbjYxNNsNACsiQNjGMCgYEA3SvQ\n Jets9e9SgNVvao2TijX+/vcNKRfcWB71T9Xc4BuSNEu5+ZLtptlwaSnVCVu1Xilk\n sWDh+3EhByl4EteENPvE/7A2s1sfcDOprvg0r52aBZKeTp0AukrT8+Ad4hap7g1x\n 2Lz11MFDkhRqt2KqQaIL+5Mq5WfptbBJ0YI7ARUCgYAD6iSfK1hlsDFYupsGwgPL\n agi0g97pHZC38idaOe3AdeqBs79xb9mpr/XsSj52Bn6J3IRFALxK5e5Nr4XdGo/9\n bCvXw2iuGgCMBOGTVMVdDY1gJr3Ne2r7Oay5Dq2PMFsg5pACDhzVA6sRBbh9LKD5\n on1jaiKNyHrzk1hIoOl/QwKBgA+Ov2uLbfS2yvTpDpdOMiyss603r6NOXF+Ofe8J\n uinBhr1K/mAB59muveuH18Z6vv1KqByaFgtb39jjH+Eja9dWRns95/sh08pOuAbo\n yrv3uBfgQmaBQMXZ8aLcBv4aXgWyyGlYkWpP1fL2oLMZq6RGQ9WEeqX8c0ImjmrA\n YGopAoGBAJZPFlZi2Rfq4MfFZp/X1/zM09hphZwkxkSI+RnsjDUjTgB8CuQul5ep\n KWE98yLw4C25Cqw5fKKQ2addizLnZCAIfJKVNRjYLWlWyGQydDEUzqwXlSLS9LVX\n LxLkWDajIyjeFn21Ttb42L9pBo3TAQIxUenom/lP2SQTvCKBiPai\n -----END RSA PRIVATE KEY-----\n -----BEGIN CERTIFICATE-----\n MIIDazCCAlOgAwIBAgIUahce2sCO7Bom/Rznd5HsNAlr1NgwDQYJKoZIhvcNAQEL\n BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM\n GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0xODEyMDIwMTAxNDRaFw00NjEy\n MTUwMTAxNDRaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw\n HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB\n AQUAA4IBDwAwggEKAoIBAQDC8Qd4kJecWCLzysTV1NfoUd0E8rTBKN52HTLBWcJn\n EtZsG//k/K2NNwI92t9buDax9s/A6B79YXdfYp5hI/xLFkDRzObPpAOyl4b3bUmR\n la3Knmj743SV4tMhQCGrff2nc7WicA5Q7WTiwd+YLB+sOlOfaFzHhRFrk/PNvV8e\n KC6yMgfWZwZ2dxoDpnYLM7XDgTyQ85S6QgOtxlPh9o5mtZQhBkpDDYnNPIon5kwM\n JmrZMXNbCkvd4bjzAHsnuaJsVD/2cW/Gkh+UGMMBnxCKqTBivk3QM2xPFx9MJJ65\n t8kMJR8hbAVmEuK3PA7FrNrNRApdf9I8xDWX8v2jeecfAgMBAAGjUzBRMB0GA1Ud\n DgQWBBQXGfrns8OqxTGKsXG5pDZS/WyyYDAfBgNVHSMEGDAWgBQXGfrns8OqxTGK\n sXG5pDZS/WyyYDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCt\n 8aUX26cl2PgdIEByZSHAX5G+2b0IEtTclPkl4uDyyKRY4dVq6gK3ueVSU5eUmBip\n JbV5aRetovGOcV//8vbxkZm/ntQ8Oo+2sfGR5lIzd0UdlOr5pkD6g3bFy/zJ+4DR\n DAe8fklUacfz6CFmD+H8GyHm+fKmF+mjr4oOGQW6OegRDJHuiipUk2lJyuXdlPSa\n FpNRO2sGbjn000ANinFgnFiVzGDnx0/G1Kii/6GWrI6rrdVmXioQzF+8AloWckeB\n +hbmbwkwQa/JrLb5SWcBDOXSgtn1Li3XF5AQQBBjA3pOlyBXqnI94Irw89Lv9uPT\n MUR4qFxeUOW/GJGccMUd\n -----END CERTIFICATE-----\n options:\n dependson:\n - ${vault_mount.intermediate}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "backend": { "type": "string", @@ -25922,7 +23151,7 @@ } }, "vault:pkiSecret/secretBackendConfigIssuers:SecretBackendConfigIssuers": { - "description": "Allows setting the value of the default issuer. For more information, see the\n[Vault documentation](https://developer.hashicorp.com/vault/api-docs/secret/pki#set-issuers-configuration)\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst pki = new vault.Mount(\"pki\", {\n path: \"pki\",\n type: \"pki\",\n defaultLeaseTtlSeconds: 3600,\n maxLeaseTtlSeconds: 86400,\n});\nconst root = new vault.pkisecret.SecretBackendRootCert(\"root\", {\n backend: pki.path,\n type: \"internal\",\n commonName: \"test\",\n ttl: \"86400\",\n});\nconst example = new vault.pkisecret.SecretBackendIssuer(\"example\", {\n backend: root.backend,\n issuerRef: root.issuerId,\n issuerName: \"example-issuer\",\n});\nconst config = new vault.pkisecret.SecretBackendConfigIssuers(\"config\", {\n backend: pki.path,\n \"default\": example.issuerId,\n defaultFollowsLatestIssuer: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\npki = vault.Mount(\"pki\",\n path=\"pki\",\n type=\"pki\",\n default_lease_ttl_seconds=3600,\n max_lease_ttl_seconds=86400)\nroot = vault.pki_secret.SecretBackendRootCert(\"root\",\n backend=pki.path,\n type=\"internal\",\n common_name=\"test\",\n ttl=\"86400\")\nexample = vault.pki_secret.SecretBackendIssuer(\"example\",\n backend=root.backend,\n issuer_ref=root.issuer_id,\n issuer_name=\"example-issuer\")\nconfig = vault.pki_secret.SecretBackendConfigIssuers(\"config\",\n backend=pki.path,\n default=example.issuer_id,\n default_follows_latest_issuer=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var pki = new Vault.Mount(\"pki\", new()\n {\n Path = \"pki\",\n Type = \"pki\",\n DefaultLeaseTtlSeconds = 3600,\n MaxLeaseTtlSeconds = 86400,\n });\n\n var root = new Vault.PkiSecret.SecretBackendRootCert(\"root\", new()\n {\n Backend = pki.Path,\n Type = \"internal\",\n CommonName = \"test\",\n Ttl = \"86400\",\n });\n\n var example = new Vault.PkiSecret.SecretBackendIssuer(\"example\", new()\n {\n Backend = root.Backend,\n IssuerRef = root.IssuerId,\n IssuerName = \"example-issuer\",\n });\n\n var config = new Vault.PkiSecret.SecretBackendConfigIssuers(\"config\", new()\n {\n Backend = pki.Path,\n Default = example.IssuerId,\n DefaultFollowsLatestIssuer = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/pkiSecret\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tpki, err := vault.NewMount(ctx, \"pki\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"pki\"),\n\t\t\tType: pulumi.String(\"pki\"),\n\t\t\tDefaultLeaseTtlSeconds: pulumi.Int(3600),\n\t\t\tMaxLeaseTtlSeconds: pulumi.Int(86400),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\troot, err := pkiSecret.NewSecretBackendRootCert(ctx, \"root\", \u0026pkiSecret.SecretBackendRootCertArgs{\n\t\t\tBackend: pki.Path,\n\t\t\tType: pulumi.String(\"internal\"),\n\t\t\tCommonName: pulumi.String(\"test\"),\n\t\t\tTtl: pulumi.String(\"86400\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := pkiSecret.NewSecretBackendIssuer(ctx, \"example\", \u0026pkiSecret.SecretBackendIssuerArgs{\n\t\t\tBackend: root.Backend,\n\t\t\tIssuerRef: root.IssuerId,\n\t\t\tIssuerName: pulumi.String(\"example-issuer\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pkiSecret.NewSecretBackendConfigIssuers(ctx, \"config\", \u0026pkiSecret.SecretBackendConfigIssuersArgs{\n\t\t\tBackend: pki.Path,\n\t\t\tDefault: example.IssuerId,\n\t\t\tDefaultFollowsLatestIssuer: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.pkiSecret.SecretBackendRootCert;\nimport com.pulumi.vault.pkiSecret.SecretBackendRootCertArgs;\nimport com.pulumi.vault.pkiSecret.SecretBackendIssuer;\nimport com.pulumi.vault.pkiSecret.SecretBackendIssuerArgs;\nimport com.pulumi.vault.pkiSecret.SecretBackendConfigIssuers;\nimport com.pulumi.vault.pkiSecret.SecretBackendConfigIssuersArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var pki = new Mount(\"pki\", MountArgs.builder() \n .path(\"pki\")\n .type(\"pki\")\n .defaultLeaseTtlSeconds(3600)\n .maxLeaseTtlSeconds(86400)\n .build());\n\n var root = new SecretBackendRootCert(\"root\", SecretBackendRootCertArgs.builder() \n .backend(pki.path())\n .type(\"internal\")\n .commonName(\"test\")\n .ttl(\"86400\")\n .build());\n\n var example = new SecretBackendIssuer(\"example\", SecretBackendIssuerArgs.builder() \n .backend(root.backend())\n .issuerRef(root.issuerId())\n .issuerName(\"example-issuer\")\n .build());\n\n var config = new SecretBackendConfigIssuers(\"config\", SecretBackendConfigIssuersArgs.builder() \n .backend(pki.path())\n .default_(example.issuerId())\n .defaultFollowsLatestIssuer(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n pki:\n type: vault:Mount\n properties:\n path: pki\n type: pki\n defaultLeaseTtlSeconds: 3600\n maxLeaseTtlSeconds: 86400\n root:\n type: vault:pkiSecret:SecretBackendRootCert\n properties:\n backend: ${pki.path}\n type: internal\n commonName: test\n ttl: 86400\n example:\n type: vault:pkiSecret:SecretBackendIssuer\n properties:\n backend: ${root.backend}\n issuerRef: ${root.issuerId}\n issuerName: example-issuer\n config:\n type: vault:pkiSecret:SecretBackendConfigIssuers\n properties:\n backend: ${pki.path}\n default: ${example.issuerId}\n defaultFollowsLatestIssuer: true\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nPKI secret backend config issuers can be imported using the path, e.g.\n\n```sh\n $ pulumi import vault:pkiSecret/secretBackendConfigIssuers:SecretBackendConfigIssuers config pki/config/issuers\n```\n\n ", + "description": "Allows setting the value of the default issuer. For more information, see the\n[Vault documentation](https://developer.hashicorp.com/vault/api-docs/secret/pki#set-issuers-configuration)\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst pki = new vault.Mount(\"pki\", {\n path: \"pki\",\n type: \"pki\",\n defaultLeaseTtlSeconds: 3600,\n maxLeaseTtlSeconds: 86400,\n});\nconst root = new vault.pkisecret.SecretBackendRootCert(\"root\", {\n backend: pki.path,\n type: \"internal\",\n commonName: \"test\",\n ttl: \"86400\",\n});\nconst example = new vault.pkisecret.SecretBackendIssuer(\"example\", {\n backend: root.backend,\n issuerRef: root.issuerId,\n issuerName: \"example-issuer\",\n});\nconst config = new vault.pkisecret.SecretBackendConfigIssuers(\"config\", {\n backend: pki.path,\n \"default\": example.issuerId,\n defaultFollowsLatestIssuer: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\npki = vault.Mount(\"pki\",\n path=\"pki\",\n type=\"pki\",\n default_lease_ttl_seconds=3600,\n max_lease_ttl_seconds=86400)\nroot = vault.pki_secret.SecretBackendRootCert(\"root\",\n backend=pki.path,\n type=\"internal\",\n common_name=\"test\",\n ttl=\"86400\")\nexample = vault.pki_secret.SecretBackendIssuer(\"example\",\n backend=root.backend,\n issuer_ref=root.issuer_id,\n issuer_name=\"example-issuer\")\nconfig = vault.pki_secret.SecretBackendConfigIssuers(\"config\",\n backend=pki.path,\n default=example.issuer_id,\n default_follows_latest_issuer=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var pki = new Vault.Mount(\"pki\", new()\n {\n Path = \"pki\",\n Type = \"pki\",\n DefaultLeaseTtlSeconds = 3600,\n MaxLeaseTtlSeconds = 86400,\n });\n\n var root = new Vault.PkiSecret.SecretBackendRootCert(\"root\", new()\n {\n Backend = pki.Path,\n Type = \"internal\",\n CommonName = \"test\",\n Ttl = \"86400\",\n });\n\n var example = new Vault.PkiSecret.SecretBackendIssuer(\"example\", new()\n {\n Backend = root.Backend,\n IssuerRef = root.IssuerId,\n IssuerName = \"example-issuer\",\n });\n\n var config = new Vault.PkiSecret.SecretBackendConfigIssuers(\"config\", new()\n {\n Backend = pki.Path,\n Default = example.IssuerId,\n DefaultFollowsLatestIssuer = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/pkiSecret\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tpki, err := vault.NewMount(ctx, \"pki\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"pki\"),\n\t\t\tType: pulumi.String(\"pki\"),\n\t\t\tDefaultLeaseTtlSeconds: pulumi.Int(3600),\n\t\t\tMaxLeaseTtlSeconds: pulumi.Int(86400),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\troot, err := pkiSecret.NewSecretBackendRootCert(ctx, \"root\", \u0026pkiSecret.SecretBackendRootCertArgs{\n\t\t\tBackend: pki.Path,\n\t\t\tType: pulumi.String(\"internal\"),\n\t\t\tCommonName: pulumi.String(\"test\"),\n\t\t\tTtl: pulumi.String(\"86400\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := pkiSecret.NewSecretBackendIssuer(ctx, \"example\", \u0026pkiSecret.SecretBackendIssuerArgs{\n\t\t\tBackend: root.Backend,\n\t\t\tIssuerRef: root.IssuerId,\n\t\t\tIssuerName: pulumi.String(\"example-issuer\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pkiSecret.NewSecretBackendConfigIssuers(ctx, \"config\", \u0026pkiSecret.SecretBackendConfigIssuersArgs{\n\t\t\tBackend: pki.Path,\n\t\t\tDefault: example.IssuerId,\n\t\t\tDefaultFollowsLatestIssuer: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.pkiSecret.SecretBackendRootCert;\nimport com.pulumi.vault.pkiSecret.SecretBackendRootCertArgs;\nimport com.pulumi.vault.pkiSecret.SecretBackendIssuer;\nimport com.pulumi.vault.pkiSecret.SecretBackendIssuerArgs;\nimport com.pulumi.vault.pkiSecret.SecretBackendConfigIssuers;\nimport com.pulumi.vault.pkiSecret.SecretBackendConfigIssuersArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var pki = new Mount(\"pki\", MountArgs.builder() \n .path(\"pki\")\n .type(\"pki\")\n .defaultLeaseTtlSeconds(3600)\n .maxLeaseTtlSeconds(86400)\n .build());\n\n var root = new SecretBackendRootCert(\"root\", SecretBackendRootCertArgs.builder() \n .backend(pki.path())\n .type(\"internal\")\n .commonName(\"test\")\n .ttl(\"86400\")\n .build());\n\n var example = new SecretBackendIssuer(\"example\", SecretBackendIssuerArgs.builder() \n .backend(root.backend())\n .issuerRef(root.issuerId())\n .issuerName(\"example-issuer\")\n .build());\n\n var config = new SecretBackendConfigIssuers(\"config\", SecretBackendConfigIssuersArgs.builder() \n .backend(pki.path())\n .default_(example.issuerId())\n .defaultFollowsLatestIssuer(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n pki:\n type: vault:Mount\n properties:\n path: pki\n type: pki\n defaultLeaseTtlSeconds: 3600\n maxLeaseTtlSeconds: 86400\n root:\n type: vault:pkiSecret:SecretBackendRootCert\n properties:\n backend: ${pki.path}\n type: internal\n commonName: test\n ttl: '86400'\n example:\n type: vault:pkiSecret:SecretBackendIssuer\n properties:\n backend: ${root.backend}\n issuerRef: ${root.issuerId}\n issuerName: example-issuer\n config:\n type: vault:pkiSecret:SecretBackendConfigIssuers\n properties:\n backend: ${pki.path}\n default: ${example.issuerId}\n defaultFollowsLatestIssuer: true\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nPKI secret backend config issuers can be imported using the path, e.g.\n\n```sh\n $ pulumi import vault:pkiSecret/secretBackendConfigIssuers:SecretBackendConfigIssuers config pki/config/issuers\n```\n ", "properties": { "backend": { "type": "string", @@ -25992,7 +23221,7 @@ } }, "vault:pkiSecret/secretBackendConfigUrls:SecretBackendConfigUrls": { - "description": "Allows setting the issuing certificate endpoints, CRL distribution points, and OCSP server endpoints that will be encoded into issued certificates.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst root = new vault.Mount(\"root\", {\n path: \"pki-root\",\n type: \"pki\",\n description: \"root PKI\",\n defaultLeaseTtlSeconds: 8640000,\n maxLeaseTtlSeconds: 8640000,\n});\nconst example = new vault.pkisecret.SecretBackendConfigUrls(\"example\", {\n backend: root.path,\n issuingCertificates: [\"http://127.0.0.1:8200/v1/pki/ca\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nroot = vault.Mount(\"root\",\n path=\"pki-root\",\n type=\"pki\",\n description=\"root PKI\",\n default_lease_ttl_seconds=8640000,\n max_lease_ttl_seconds=8640000)\nexample = vault.pki_secret.SecretBackendConfigUrls(\"example\",\n backend=root.path,\n issuing_certificates=[\"http://127.0.0.1:8200/v1/pki/ca\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var root = new Vault.Mount(\"root\", new()\n {\n Path = \"pki-root\",\n Type = \"pki\",\n Description = \"root PKI\",\n DefaultLeaseTtlSeconds = 8640000,\n MaxLeaseTtlSeconds = 8640000,\n });\n\n var example = new Vault.PkiSecret.SecretBackendConfigUrls(\"example\", new()\n {\n Backend = root.Path,\n IssuingCertificates = new[]\n {\n \"http://127.0.0.1:8200/v1/pki/ca\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/pkiSecret\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\troot, err := vault.NewMount(ctx, \"root\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"pki-root\"),\n\t\t\tType: pulumi.String(\"pki\"),\n\t\t\tDescription: pulumi.String(\"root PKI\"),\n\t\t\tDefaultLeaseTtlSeconds: pulumi.Int(8640000),\n\t\t\tMaxLeaseTtlSeconds: pulumi.Int(8640000),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pkiSecret.NewSecretBackendConfigUrls(ctx, \"example\", \u0026pkiSecret.SecretBackendConfigUrlsArgs{\n\t\t\tBackend: root.Path,\n\t\t\tIssuingCertificates: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"http://127.0.0.1:8200/v1/pki/ca\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.pkiSecret.SecretBackendConfigUrls;\nimport com.pulumi.vault.pkiSecret.SecretBackendConfigUrlsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var root = new Mount(\"root\", MountArgs.builder() \n .path(\"pki-root\")\n .type(\"pki\")\n .description(\"root PKI\")\n .defaultLeaseTtlSeconds(8640000)\n .maxLeaseTtlSeconds(8640000)\n .build());\n\n var example = new SecretBackendConfigUrls(\"example\", SecretBackendConfigUrlsArgs.builder() \n .backend(root.path())\n .issuingCertificates(\"http://127.0.0.1:8200/v1/pki/ca\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n root:\n type: vault:Mount\n properties:\n path: pki-root\n type: pki\n description: root PKI\n defaultLeaseTtlSeconds: 8.64e+06\n maxLeaseTtlSeconds: 8.64e+06\n example:\n type: vault:pkiSecret:SecretBackendConfigUrls\n properties:\n backend: ${root.path}\n issuingCertificates:\n - http://127.0.0.1:8200/v1/pki/ca\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nThe PKI config URLs can be imported using the resource's `id`.\n\nIn the case of the example above the `id` would be `pki-root/config/urls`,\n\nwhere the `pki-root` component is the resource's `backend`, e.g.\n\n```sh\n $ pulumi import vault:pkiSecret/secretBackendConfigUrls:SecretBackendConfigUrls example pki-root/config/urls\n```\n\n ", + "description": "Allows setting the issuing certificate endpoints, CRL distribution points, and OCSP server endpoints that will be encoded into issued certificates.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst root = new vault.Mount(\"root\", {\n path: \"pki-root\",\n type: \"pki\",\n description: \"root PKI\",\n defaultLeaseTtlSeconds: 8640000,\n maxLeaseTtlSeconds: 8640000,\n});\nconst example = new vault.pkisecret.SecretBackendConfigUrls(\"example\", {\n backend: root.path,\n issuingCertificates: [\"http://127.0.0.1:8200/v1/pki/ca\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nroot = vault.Mount(\"root\",\n path=\"pki-root\",\n type=\"pki\",\n description=\"root PKI\",\n default_lease_ttl_seconds=8640000,\n max_lease_ttl_seconds=8640000)\nexample = vault.pki_secret.SecretBackendConfigUrls(\"example\",\n backend=root.path,\n issuing_certificates=[\"http://127.0.0.1:8200/v1/pki/ca\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var root = new Vault.Mount(\"root\", new()\n {\n Path = \"pki-root\",\n Type = \"pki\",\n Description = \"root PKI\",\n DefaultLeaseTtlSeconds = 8640000,\n MaxLeaseTtlSeconds = 8640000,\n });\n\n var example = new Vault.PkiSecret.SecretBackendConfigUrls(\"example\", new()\n {\n Backend = root.Path,\n IssuingCertificates = new[]\n {\n \"http://127.0.0.1:8200/v1/pki/ca\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/pkiSecret\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\troot, err := vault.NewMount(ctx, \"root\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"pki-root\"),\n\t\t\tType: pulumi.String(\"pki\"),\n\t\t\tDescription: pulumi.String(\"root PKI\"),\n\t\t\tDefaultLeaseTtlSeconds: pulumi.Int(8640000),\n\t\t\tMaxLeaseTtlSeconds: pulumi.Int(8640000),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pkiSecret.NewSecretBackendConfigUrls(ctx, \"example\", \u0026pkiSecret.SecretBackendConfigUrlsArgs{\n\t\t\tBackend: root.Path,\n\t\t\tIssuingCertificates: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"http://127.0.0.1:8200/v1/pki/ca\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.pkiSecret.SecretBackendConfigUrls;\nimport com.pulumi.vault.pkiSecret.SecretBackendConfigUrlsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var root = new Mount(\"root\", MountArgs.builder() \n .path(\"pki-root\")\n .type(\"pki\")\n .description(\"root PKI\")\n .defaultLeaseTtlSeconds(8640000)\n .maxLeaseTtlSeconds(8640000)\n .build());\n\n var example = new SecretBackendConfigUrls(\"example\", SecretBackendConfigUrlsArgs.builder() \n .backend(root.path())\n .issuingCertificates(\"http://127.0.0.1:8200/v1/pki/ca\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n root:\n type: vault:Mount\n properties:\n path: pki-root\n type: pki\n description: root PKI\n defaultLeaseTtlSeconds: 8.64e+06\n maxLeaseTtlSeconds: 8.64e+06\n example:\n type: vault:pkiSecret:SecretBackendConfigUrls\n properties:\n backend: ${root.path}\n issuingCertificates:\n - http://127.0.0.1:8200/v1/pki/ca\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nThe PKI config URLs can be imported using the resource's `id`. In the case of the example above the `id` would be `pki-root/config/urls`, where the `pki-root` component is the resource's `backend`, e.g.\n\n```sh\n $ pulumi import vault:pkiSecret/secretBackendConfigUrls:SecretBackendConfigUrls example pki-root/config/urls\n```\n ", "properties": { "backend": { "type": "string", @@ -26100,7 +23329,7 @@ } }, "vault:pkiSecret/secretBackendCrlConfig:SecretBackendCrlConfig": { - "description": "Allows setting the duration for which the generated CRL should be marked valid. If the CRL is disabled, it will return a signed but zero-length CRL for any request. If enabled, it will re-build the CRL.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst pki = new vault.Mount(\"pki\", {\n path: \"%s\",\n type: \"pki\",\n defaultLeaseTtlSeconds: 3600,\n maxLeaseTtlSeconds: 86400,\n});\nconst crlConfig = new vault.pkisecret.SecretBackendCrlConfig(\"crlConfig\", {\n backend: pki.path,\n expiry: \"72h\",\n disable: false,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\npki = vault.Mount(\"pki\",\n path=\"%s\",\n type=\"pki\",\n default_lease_ttl_seconds=3600,\n max_lease_ttl_seconds=86400)\ncrl_config = vault.pki_secret.SecretBackendCrlConfig(\"crlConfig\",\n backend=pki.path,\n expiry=\"72h\",\n disable=False)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var pki = new Vault.Mount(\"pki\", new()\n {\n Path = \"%s\",\n Type = \"pki\",\n DefaultLeaseTtlSeconds = 3600,\n MaxLeaseTtlSeconds = 86400,\n });\n\n var crlConfig = new Vault.PkiSecret.SecretBackendCrlConfig(\"crlConfig\", new()\n {\n Backend = pki.Path,\n Expiry = \"72h\",\n Disable = false,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/pkiSecret\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tpki, err := vault.NewMount(ctx, \"pki\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"%s\"),\n\t\t\tType: pulumi.String(\"pki\"),\n\t\t\tDefaultLeaseTtlSeconds: pulumi.Int(3600),\n\t\t\tMaxLeaseTtlSeconds: pulumi.Int(86400),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pkiSecret.NewSecretBackendCrlConfig(ctx, \"crlConfig\", \u0026pkiSecret.SecretBackendCrlConfigArgs{\n\t\t\tBackend: pki.Path,\n\t\t\tExpiry: pulumi.String(\"72h\"),\n\t\t\tDisable: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.pkiSecret.SecretBackendCrlConfig;\nimport com.pulumi.vault.pkiSecret.SecretBackendCrlConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var pki = new Mount(\"pki\", MountArgs.builder() \n .path(\"%s\")\n .type(\"pki\")\n .defaultLeaseTtlSeconds(3600)\n .maxLeaseTtlSeconds(86400)\n .build());\n\n var crlConfig = new SecretBackendCrlConfig(\"crlConfig\", SecretBackendCrlConfigArgs.builder() \n .backend(pki.path())\n .expiry(\"72h\")\n .disable(false)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n pki:\n type: vault:Mount\n properties:\n path: '%s'\n type: pki\n defaultLeaseTtlSeconds: 3600\n maxLeaseTtlSeconds: 86400\n crlConfig:\n type: vault:pkiSecret:SecretBackendCrlConfig\n properties:\n backend: ${pki.path}\n expiry: 72h\n disable: false\n```\n{{% /example %}}\n{{% /examples %}}", + "description": "Allows setting the duration for which the generated CRL should be marked valid. If the CRL is disabled, it will return a signed but zero-length CRL for any request. If enabled, it will re-build the CRL.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst pki = new vault.Mount(\"pki\", {\n path: \"%s\",\n type: \"pki\",\n defaultLeaseTtlSeconds: 3600,\n maxLeaseTtlSeconds: 86400,\n});\nconst crlConfig = new vault.pkisecret.SecretBackendCrlConfig(\"crlConfig\", {\n backend: pki.path,\n expiry: \"72h\",\n disable: false,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\npki = vault.Mount(\"pki\",\n path=\"%s\",\n type=\"pki\",\n default_lease_ttl_seconds=3600,\n max_lease_ttl_seconds=86400)\ncrl_config = vault.pki_secret.SecretBackendCrlConfig(\"crlConfig\",\n backend=pki.path,\n expiry=\"72h\",\n disable=False)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var pki = new Vault.Mount(\"pki\", new()\n {\n Path = \"%s\",\n Type = \"pki\",\n DefaultLeaseTtlSeconds = 3600,\n MaxLeaseTtlSeconds = 86400,\n });\n\n var crlConfig = new Vault.PkiSecret.SecretBackendCrlConfig(\"crlConfig\", new()\n {\n Backend = pki.Path,\n Expiry = \"72h\",\n Disable = false,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/pkiSecret\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tpki, err := vault.NewMount(ctx, \"pki\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"%s\"),\n\t\t\tType: pulumi.String(\"pki\"),\n\t\t\tDefaultLeaseTtlSeconds: pulumi.Int(3600),\n\t\t\tMaxLeaseTtlSeconds: pulumi.Int(86400),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pkiSecret.NewSecretBackendCrlConfig(ctx, \"crlConfig\", \u0026pkiSecret.SecretBackendCrlConfigArgs{\n\t\t\tBackend: pki.Path,\n\t\t\tExpiry: pulumi.String(\"72h\"),\n\t\t\tDisable: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.pkiSecret.SecretBackendCrlConfig;\nimport com.pulumi.vault.pkiSecret.SecretBackendCrlConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var pki = new Mount(\"pki\", MountArgs.builder() \n .path(\"%s\")\n .type(\"pki\")\n .defaultLeaseTtlSeconds(3600)\n .maxLeaseTtlSeconds(86400)\n .build());\n\n var crlConfig = new SecretBackendCrlConfig(\"crlConfig\", SecretBackendCrlConfigArgs.builder() \n .backend(pki.path())\n .expiry(\"72h\")\n .disable(false)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n pki:\n type: vault:Mount\n properties:\n path: '%s'\n type: pki\n defaultLeaseTtlSeconds: 3600\n maxLeaseTtlSeconds: 86400\n crlConfig:\n type: vault:pkiSecret:SecretBackendCrlConfig\n properties:\n backend: ${pki.path}\n expiry: 72h\n disable: false\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "autoRebuild": { "type": "boolean", @@ -26285,7 +23514,7 @@ } }, "vault:pkiSecret/secretBackendIntermediateCertRequest:SecretBackendIntermediateCertRequest": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst test = new vault.pkisecret.SecretBackendIntermediateCertRequest(\"test\", {\n backend: vault_mount.pki.path,\n type: \"internal\",\n commonName: \"app.my.domain\",\n}, {\n dependsOn: [vault_mount.pki],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest = vault.pki_secret.SecretBackendIntermediateCertRequest(\"test\",\n backend=vault_mount[\"pki\"][\"path\"],\n type=\"internal\",\n common_name=\"app.my.domain\",\n opts=pulumi.ResourceOptions(depends_on=[vault_mount[\"pki\"]]))\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Vault.PkiSecret.SecretBackendIntermediateCertRequest(\"test\", new()\n {\n Backend = vault_mount.Pki.Path,\n Type = \"internal\",\n CommonName = \"app.my.domain\",\n }, new CustomResourceOptions\n {\n DependsOn = new[]\n {\n vault_mount.Pki,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/pkiSecret\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := pkiSecret.NewSecretBackendIntermediateCertRequest(ctx, \"test\", \u0026pkiSecret.SecretBackendIntermediateCertRequestArgs{\n\t\t\tBackend: pulumi.Any(vault_mount.Pki.Path),\n\t\t\tType: pulumi.String(\"internal\"),\n\t\t\tCommonName: pulumi.String(\"app.my.domain\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tvault_mount.Pki,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.pkiSecret.SecretBackendIntermediateCertRequest;\nimport com.pulumi.vault.pkiSecret.SecretBackendIntermediateCertRequestArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new SecretBackendIntermediateCertRequest(\"test\", SecretBackendIntermediateCertRequestArgs.builder() \n .backend(vault_mount.pki().path())\n .type(\"internal\")\n .commonName(\"app.my.domain\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(vault_mount.pki())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: vault:pkiSecret:SecretBackendIntermediateCertRequest\n properties:\n backend: ${vault_mount.pki.path}\n type: internal\n commonName: app.my.domain\n options:\n dependson:\n - ${vault_mount.pki}\n```\n{{% /example %}}\n{{% /examples %}}", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst test = new vault.pkisecret.SecretBackendIntermediateCertRequest(\"test\", {\n backend: vault_mount.pki.path,\n type: \"internal\",\n commonName: \"app.my.domain\",\n}, {\n dependsOn: [vault_mount.pki],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest = vault.pki_secret.SecretBackendIntermediateCertRequest(\"test\",\n backend=vault_mount[\"pki\"][\"path\"],\n type=\"internal\",\n common_name=\"app.my.domain\",\n opts=pulumi.ResourceOptions(depends_on=[vault_mount[\"pki\"]]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Vault.PkiSecret.SecretBackendIntermediateCertRequest(\"test\", new()\n {\n Backend = vault_mount.Pki.Path,\n Type = \"internal\",\n CommonName = \"app.my.domain\",\n }, new CustomResourceOptions\n {\n DependsOn = new[]\n {\n vault_mount.Pki,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/pkiSecret\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := pkiSecret.NewSecretBackendIntermediateCertRequest(ctx, \"test\", \u0026pkiSecret.SecretBackendIntermediateCertRequestArgs{\n\t\t\tBackend: pulumi.Any(vault_mount.Pki.Path),\n\t\t\tType: pulumi.String(\"internal\"),\n\t\t\tCommonName: pulumi.String(\"app.my.domain\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tvault_mount.Pki,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.pkiSecret.SecretBackendIntermediateCertRequest;\nimport com.pulumi.vault.pkiSecret.SecretBackendIntermediateCertRequestArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new SecretBackendIntermediateCertRequest(\"test\", SecretBackendIntermediateCertRequestArgs.builder() \n .backend(vault_mount.pki().path())\n .type(\"internal\")\n .commonName(\"app.my.domain\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(vault_mount.pki())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: vault:pkiSecret:SecretBackendIntermediateCertRequest\n properties:\n backend: ${vault_mount.pki.path}\n type: internal\n commonName: app.my.domain\n options:\n dependson:\n - ${vault_mount.pki}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "addBasicConstraints": { "type": "boolean", @@ -26735,7 +23964,7 @@ } }, "vault:pkiSecret/secretBackendIntermediateSetSigned:SecretBackendIntermediateSetSigned": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst root = new vault.Mount(\"root\", {\n path: \"pki-root\",\n type: \"pki\",\n description: \"root\",\n defaultLeaseTtlSeconds: 8640000,\n maxLeaseTtlSeconds: 8640000,\n});\nconst intermediate = new vault.Mount(\"intermediate\", {\n path: \"pki-int\",\n type: root.type,\n description: \"intermediate\",\n defaultLeaseTtlSeconds: 86400,\n maxLeaseTtlSeconds: 86400,\n});\nconst exampleSecretBackendRootCert = new vault.pkisecret.SecretBackendRootCert(\"exampleSecretBackendRootCert\", {\n backend: root.path,\n type: \"internal\",\n commonName: \"RootOrg Root CA\",\n ttl: \"86400\",\n format: \"pem\",\n privateKeyFormat: \"der\",\n keyType: \"rsa\",\n keyBits: 4096,\n excludeCnFromSans: true,\n ou: \"Organizational Unit\",\n organization: \"RootOrg\",\n country: \"US\",\n locality: \"San Francisco\",\n province: \"CA\",\n});\nconst exampleSecretBackendIntermediateCertRequest = new vault.pkisecret.SecretBackendIntermediateCertRequest(\"exampleSecretBackendIntermediateCertRequest\", {\n backend: intermediate.path,\n type: exampleSecretBackendRootCert.type,\n commonName: \"SubOrg Intermediate CA\",\n});\nconst exampleSecretBackendRootSignIntermediate = new vault.pkisecret.SecretBackendRootSignIntermediate(\"exampleSecretBackendRootSignIntermediate\", {\n backend: root.path,\n csr: exampleSecretBackendIntermediateCertRequest.csr,\n commonName: \"SubOrg Intermediate CA\",\n excludeCnFromSans: true,\n ou: \"SubUnit\",\n organization: \"SubOrg\",\n country: \"US\",\n locality: \"San Francisco\",\n province: \"CA\",\n revoke: true,\n});\nconst exampleSecretBackendIntermediateSetSigned = new vault.pkisecret.SecretBackendIntermediateSetSigned(\"exampleSecretBackendIntermediateSetSigned\", {\n backend: intermediate.path,\n certificate: exampleSecretBackendRootSignIntermediate.certificate,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nroot = vault.Mount(\"root\",\n path=\"pki-root\",\n type=\"pki\",\n description=\"root\",\n default_lease_ttl_seconds=8640000,\n max_lease_ttl_seconds=8640000)\nintermediate = vault.Mount(\"intermediate\",\n path=\"pki-int\",\n type=root.type,\n description=\"intermediate\",\n default_lease_ttl_seconds=86400,\n max_lease_ttl_seconds=86400)\nexample_secret_backend_root_cert = vault.pki_secret.SecretBackendRootCert(\"exampleSecretBackendRootCert\",\n backend=root.path,\n type=\"internal\",\n common_name=\"RootOrg Root CA\",\n ttl=\"86400\",\n format=\"pem\",\n private_key_format=\"der\",\n key_type=\"rsa\",\n key_bits=4096,\n exclude_cn_from_sans=True,\n ou=\"Organizational Unit\",\n organization=\"RootOrg\",\n country=\"US\",\n locality=\"San Francisco\",\n province=\"CA\")\nexample_secret_backend_intermediate_cert_request = vault.pki_secret.SecretBackendIntermediateCertRequest(\"exampleSecretBackendIntermediateCertRequest\",\n backend=intermediate.path,\n type=example_secret_backend_root_cert.type,\n common_name=\"SubOrg Intermediate CA\")\nexample_secret_backend_root_sign_intermediate = vault.pki_secret.SecretBackendRootSignIntermediate(\"exampleSecretBackendRootSignIntermediate\",\n backend=root.path,\n csr=example_secret_backend_intermediate_cert_request.csr,\n common_name=\"SubOrg Intermediate CA\",\n exclude_cn_from_sans=True,\n ou=\"SubUnit\",\n organization=\"SubOrg\",\n country=\"US\",\n locality=\"San Francisco\",\n province=\"CA\",\n revoke=True)\nexample_secret_backend_intermediate_set_signed = vault.pki_secret.SecretBackendIntermediateSetSigned(\"exampleSecretBackendIntermediateSetSigned\",\n backend=intermediate.path,\n certificate=example_secret_backend_root_sign_intermediate.certificate)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var root = new Vault.Mount(\"root\", new()\n {\n Path = \"pki-root\",\n Type = \"pki\",\n Description = \"root\",\n DefaultLeaseTtlSeconds = 8640000,\n MaxLeaseTtlSeconds = 8640000,\n });\n\n var intermediate = new Vault.Mount(\"intermediate\", new()\n {\n Path = \"pki-int\",\n Type = root.Type,\n Description = \"intermediate\",\n DefaultLeaseTtlSeconds = 86400,\n MaxLeaseTtlSeconds = 86400,\n });\n\n var exampleSecretBackendRootCert = new Vault.PkiSecret.SecretBackendRootCert(\"exampleSecretBackendRootCert\", new()\n {\n Backend = root.Path,\n Type = \"internal\",\n CommonName = \"RootOrg Root CA\",\n Ttl = \"86400\",\n Format = \"pem\",\n PrivateKeyFormat = \"der\",\n KeyType = \"rsa\",\n KeyBits = 4096,\n ExcludeCnFromSans = true,\n Ou = \"Organizational Unit\",\n Organization = \"RootOrg\",\n Country = \"US\",\n Locality = \"San Francisco\",\n Province = \"CA\",\n });\n\n var exampleSecretBackendIntermediateCertRequest = new Vault.PkiSecret.SecretBackendIntermediateCertRequest(\"exampleSecretBackendIntermediateCertRequest\", new()\n {\n Backend = intermediate.Path,\n Type = exampleSecretBackendRootCert.Type,\n CommonName = \"SubOrg Intermediate CA\",\n });\n\n var exampleSecretBackendRootSignIntermediate = new Vault.PkiSecret.SecretBackendRootSignIntermediate(\"exampleSecretBackendRootSignIntermediate\", new()\n {\n Backend = root.Path,\n Csr = exampleSecretBackendIntermediateCertRequest.Csr,\n CommonName = \"SubOrg Intermediate CA\",\n ExcludeCnFromSans = true,\n Ou = \"SubUnit\",\n Organization = \"SubOrg\",\n Country = \"US\",\n Locality = \"San Francisco\",\n Province = \"CA\",\n Revoke = true,\n });\n\n var exampleSecretBackendIntermediateSetSigned = new Vault.PkiSecret.SecretBackendIntermediateSetSigned(\"exampleSecretBackendIntermediateSetSigned\", new()\n {\n Backend = intermediate.Path,\n Certificate = exampleSecretBackendRootSignIntermediate.Certificate,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/pkiSecret\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\troot, err := vault.NewMount(ctx, \"root\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"pki-root\"),\n\t\t\tType: pulumi.String(\"pki\"),\n\t\t\tDescription: pulumi.String(\"root\"),\n\t\t\tDefaultLeaseTtlSeconds: pulumi.Int(8640000),\n\t\t\tMaxLeaseTtlSeconds: pulumi.Int(8640000),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tintermediate, err := vault.NewMount(ctx, \"intermediate\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"pki-int\"),\n\t\t\tType: root.Type,\n\t\t\tDescription: pulumi.String(\"intermediate\"),\n\t\t\tDefaultLeaseTtlSeconds: pulumi.Int(86400),\n\t\t\tMaxLeaseTtlSeconds: pulumi.Int(86400),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleSecretBackendRootCert, err := pkiSecret.NewSecretBackendRootCert(ctx, \"exampleSecretBackendRootCert\", \u0026pkiSecret.SecretBackendRootCertArgs{\n\t\t\tBackend: root.Path,\n\t\t\tType: pulumi.String(\"internal\"),\n\t\t\tCommonName: pulumi.String(\"RootOrg Root CA\"),\n\t\t\tTtl: pulumi.String(\"86400\"),\n\t\t\tFormat: pulumi.String(\"pem\"),\n\t\t\tPrivateKeyFormat: pulumi.String(\"der\"),\n\t\t\tKeyType: pulumi.String(\"rsa\"),\n\t\t\tKeyBits: pulumi.Int(4096),\n\t\t\tExcludeCnFromSans: pulumi.Bool(true),\n\t\t\tOu: pulumi.String(\"Organizational Unit\"),\n\t\t\tOrganization: pulumi.String(\"RootOrg\"),\n\t\t\tCountry: pulumi.String(\"US\"),\n\t\t\tLocality: pulumi.String(\"San Francisco\"),\n\t\t\tProvince: pulumi.String(\"CA\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleSecretBackendIntermediateCertRequest, err := pkiSecret.NewSecretBackendIntermediateCertRequest(ctx, \"exampleSecretBackendIntermediateCertRequest\", \u0026pkiSecret.SecretBackendIntermediateCertRequestArgs{\n\t\t\tBackend: intermediate.Path,\n\t\t\tType: exampleSecretBackendRootCert.Type,\n\t\t\tCommonName: pulumi.String(\"SubOrg Intermediate CA\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleSecretBackendRootSignIntermediate, err := pkiSecret.NewSecretBackendRootSignIntermediate(ctx, \"exampleSecretBackendRootSignIntermediate\", \u0026pkiSecret.SecretBackendRootSignIntermediateArgs{\n\t\t\tBackend: root.Path,\n\t\t\tCsr: exampleSecretBackendIntermediateCertRequest.Csr,\n\t\t\tCommonName: pulumi.String(\"SubOrg Intermediate CA\"),\n\t\t\tExcludeCnFromSans: pulumi.Bool(true),\n\t\t\tOu: pulumi.String(\"SubUnit\"),\n\t\t\tOrganization: pulumi.String(\"SubOrg\"),\n\t\t\tCountry: pulumi.String(\"US\"),\n\t\t\tLocality: pulumi.String(\"San Francisco\"),\n\t\t\tProvince: pulumi.String(\"CA\"),\n\t\t\tRevoke: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pkiSecret.NewSecretBackendIntermediateSetSigned(ctx, \"exampleSecretBackendIntermediateSetSigned\", \u0026pkiSecret.SecretBackendIntermediateSetSignedArgs{\n\t\t\tBackend: intermediate.Path,\n\t\t\tCertificate: exampleSecretBackendRootSignIntermediate.Certificate,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.pkiSecret.SecretBackendRootCert;\nimport com.pulumi.vault.pkiSecret.SecretBackendRootCertArgs;\nimport com.pulumi.vault.pkiSecret.SecretBackendIntermediateCertRequest;\nimport com.pulumi.vault.pkiSecret.SecretBackendIntermediateCertRequestArgs;\nimport com.pulumi.vault.pkiSecret.SecretBackendRootSignIntermediate;\nimport com.pulumi.vault.pkiSecret.SecretBackendRootSignIntermediateArgs;\nimport com.pulumi.vault.pkiSecret.SecretBackendIntermediateSetSigned;\nimport com.pulumi.vault.pkiSecret.SecretBackendIntermediateSetSignedArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var root = new Mount(\"root\", MountArgs.builder() \n .path(\"pki-root\")\n .type(\"pki\")\n .description(\"root\")\n .defaultLeaseTtlSeconds(8640000)\n .maxLeaseTtlSeconds(8640000)\n .build());\n\n var intermediate = new Mount(\"intermediate\", MountArgs.builder() \n .path(\"pki-int\")\n .type(root.type())\n .description(\"intermediate\")\n .defaultLeaseTtlSeconds(86400)\n .maxLeaseTtlSeconds(86400)\n .build());\n\n var exampleSecretBackendRootCert = new SecretBackendRootCert(\"exampleSecretBackendRootCert\", SecretBackendRootCertArgs.builder() \n .backend(root.path())\n .type(\"internal\")\n .commonName(\"RootOrg Root CA\")\n .ttl(86400)\n .format(\"pem\")\n .privateKeyFormat(\"der\")\n .keyType(\"rsa\")\n .keyBits(4096)\n .excludeCnFromSans(true)\n .ou(\"Organizational Unit\")\n .organization(\"RootOrg\")\n .country(\"US\")\n .locality(\"San Francisco\")\n .province(\"CA\")\n .build());\n\n var exampleSecretBackendIntermediateCertRequest = new SecretBackendIntermediateCertRequest(\"exampleSecretBackendIntermediateCertRequest\", SecretBackendIntermediateCertRequestArgs.builder() \n .backend(intermediate.path())\n .type(exampleSecretBackendRootCert.type())\n .commonName(\"SubOrg Intermediate CA\")\n .build());\n\n var exampleSecretBackendRootSignIntermediate = new SecretBackendRootSignIntermediate(\"exampleSecretBackendRootSignIntermediate\", SecretBackendRootSignIntermediateArgs.builder() \n .backend(root.path())\n .csr(exampleSecretBackendIntermediateCertRequest.csr())\n .commonName(\"SubOrg Intermediate CA\")\n .excludeCnFromSans(true)\n .ou(\"SubUnit\")\n .organization(\"SubOrg\")\n .country(\"US\")\n .locality(\"San Francisco\")\n .province(\"CA\")\n .revoke(true)\n .build());\n\n var exampleSecretBackendIntermediateSetSigned = new SecretBackendIntermediateSetSigned(\"exampleSecretBackendIntermediateSetSigned\", SecretBackendIntermediateSetSignedArgs.builder() \n .backend(intermediate.path())\n .certificate(exampleSecretBackendRootSignIntermediate.certificate())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n root:\n type: vault:Mount\n properties:\n path: pki-root\n type: pki\n description: root\n defaultLeaseTtlSeconds: 8.64e+06\n maxLeaseTtlSeconds: 8.64e+06\n intermediate:\n type: vault:Mount\n properties:\n path: pki-int\n type: ${root.type}\n description: intermediate\n defaultLeaseTtlSeconds: 86400\n maxLeaseTtlSeconds: 86400\n exampleSecretBackendRootCert:\n type: vault:pkiSecret:SecretBackendRootCert\n properties:\n backend: ${root.path}\n type: internal\n commonName: RootOrg Root CA\n ttl: 86400\n format: pem\n privateKeyFormat: der\n keyType: rsa\n keyBits: 4096\n excludeCnFromSans: true\n ou: Organizational Unit\n organization: RootOrg\n country: US\n locality: San Francisco\n province: CA\n exampleSecretBackendIntermediateCertRequest:\n type: vault:pkiSecret:SecretBackendIntermediateCertRequest\n properties:\n backend: ${intermediate.path}\n type: ${exampleSecretBackendRootCert.type}\n commonName: SubOrg Intermediate CA\n exampleSecretBackendRootSignIntermediate:\n type: vault:pkiSecret:SecretBackendRootSignIntermediate\n properties:\n backend: ${root.path}\n csr: ${exampleSecretBackendIntermediateCertRequest.csr}\n commonName: SubOrg Intermediate CA\n excludeCnFromSans: true\n ou: SubUnit\n organization: SubOrg\n country: US\n locality: San Francisco\n province: CA\n revoke: true\n exampleSecretBackendIntermediateSetSigned:\n type: vault:pkiSecret:SecretBackendIntermediateSetSigned\n properties:\n backend: ${intermediate.path}\n certificate: ${exampleSecretBackendRootSignIntermediate.certificate}\n```\n{{% /example %}}\n{{% /examples %}}", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst root = new vault.Mount(\"root\", {\n path: \"pki-root\",\n type: \"pki\",\n description: \"root\",\n defaultLeaseTtlSeconds: 8640000,\n maxLeaseTtlSeconds: 8640000,\n});\nconst intermediate = new vault.Mount(\"intermediate\", {\n path: \"pki-int\",\n type: root.type,\n description: \"intermediate\",\n defaultLeaseTtlSeconds: 86400,\n maxLeaseTtlSeconds: 86400,\n});\nconst exampleSecretBackendRootCert = new vault.pkisecret.SecretBackendRootCert(\"exampleSecretBackendRootCert\", {\n backend: root.path,\n type: \"internal\",\n commonName: \"RootOrg Root CA\",\n ttl: \"86400\",\n format: \"pem\",\n privateKeyFormat: \"der\",\n keyType: \"rsa\",\n keyBits: 4096,\n excludeCnFromSans: true,\n ou: \"Organizational Unit\",\n organization: \"RootOrg\",\n country: \"US\",\n locality: \"San Francisco\",\n province: \"CA\",\n});\nconst exampleSecretBackendIntermediateCertRequest = new vault.pkisecret.SecretBackendIntermediateCertRequest(\"exampleSecretBackendIntermediateCertRequest\", {\n backend: intermediate.path,\n type: exampleSecretBackendRootCert.type,\n commonName: \"SubOrg Intermediate CA\",\n});\nconst exampleSecretBackendRootSignIntermediate = new vault.pkisecret.SecretBackendRootSignIntermediate(\"exampleSecretBackendRootSignIntermediate\", {\n backend: root.path,\n csr: exampleSecretBackendIntermediateCertRequest.csr,\n commonName: \"SubOrg Intermediate CA\",\n excludeCnFromSans: true,\n ou: \"SubUnit\",\n organization: \"SubOrg\",\n country: \"US\",\n locality: \"San Francisco\",\n province: \"CA\",\n revoke: true,\n});\nconst exampleSecretBackendIntermediateSetSigned = new vault.pkisecret.SecretBackendIntermediateSetSigned(\"exampleSecretBackendIntermediateSetSigned\", {\n backend: intermediate.path,\n certificate: exampleSecretBackendRootSignIntermediate.certificate,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nroot = vault.Mount(\"root\",\n path=\"pki-root\",\n type=\"pki\",\n description=\"root\",\n default_lease_ttl_seconds=8640000,\n max_lease_ttl_seconds=8640000)\nintermediate = vault.Mount(\"intermediate\",\n path=\"pki-int\",\n type=root.type,\n description=\"intermediate\",\n default_lease_ttl_seconds=86400,\n max_lease_ttl_seconds=86400)\nexample_secret_backend_root_cert = vault.pki_secret.SecretBackendRootCert(\"exampleSecretBackendRootCert\",\n backend=root.path,\n type=\"internal\",\n common_name=\"RootOrg Root CA\",\n ttl=\"86400\",\n format=\"pem\",\n private_key_format=\"der\",\n key_type=\"rsa\",\n key_bits=4096,\n exclude_cn_from_sans=True,\n ou=\"Organizational Unit\",\n organization=\"RootOrg\",\n country=\"US\",\n locality=\"San Francisco\",\n province=\"CA\")\nexample_secret_backend_intermediate_cert_request = vault.pki_secret.SecretBackendIntermediateCertRequest(\"exampleSecretBackendIntermediateCertRequest\",\n backend=intermediate.path,\n type=example_secret_backend_root_cert.type,\n common_name=\"SubOrg Intermediate CA\")\nexample_secret_backend_root_sign_intermediate = vault.pki_secret.SecretBackendRootSignIntermediate(\"exampleSecretBackendRootSignIntermediate\",\n backend=root.path,\n csr=example_secret_backend_intermediate_cert_request.csr,\n common_name=\"SubOrg Intermediate CA\",\n exclude_cn_from_sans=True,\n ou=\"SubUnit\",\n organization=\"SubOrg\",\n country=\"US\",\n locality=\"San Francisco\",\n province=\"CA\",\n revoke=True)\nexample_secret_backend_intermediate_set_signed = vault.pki_secret.SecretBackendIntermediateSetSigned(\"exampleSecretBackendIntermediateSetSigned\",\n backend=intermediate.path,\n certificate=example_secret_backend_root_sign_intermediate.certificate)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var root = new Vault.Mount(\"root\", new()\n {\n Path = \"pki-root\",\n Type = \"pki\",\n Description = \"root\",\n DefaultLeaseTtlSeconds = 8640000,\n MaxLeaseTtlSeconds = 8640000,\n });\n\n var intermediate = new Vault.Mount(\"intermediate\", new()\n {\n Path = \"pki-int\",\n Type = root.Type,\n Description = \"intermediate\",\n DefaultLeaseTtlSeconds = 86400,\n MaxLeaseTtlSeconds = 86400,\n });\n\n var exampleSecretBackendRootCert = new Vault.PkiSecret.SecretBackendRootCert(\"exampleSecretBackendRootCert\", new()\n {\n Backend = root.Path,\n Type = \"internal\",\n CommonName = \"RootOrg Root CA\",\n Ttl = \"86400\",\n Format = \"pem\",\n PrivateKeyFormat = \"der\",\n KeyType = \"rsa\",\n KeyBits = 4096,\n ExcludeCnFromSans = true,\n Ou = \"Organizational Unit\",\n Organization = \"RootOrg\",\n Country = \"US\",\n Locality = \"San Francisco\",\n Province = \"CA\",\n });\n\n var exampleSecretBackendIntermediateCertRequest = new Vault.PkiSecret.SecretBackendIntermediateCertRequest(\"exampleSecretBackendIntermediateCertRequest\", new()\n {\n Backend = intermediate.Path,\n Type = exampleSecretBackendRootCert.Type,\n CommonName = \"SubOrg Intermediate CA\",\n });\n\n var exampleSecretBackendRootSignIntermediate = new Vault.PkiSecret.SecretBackendRootSignIntermediate(\"exampleSecretBackendRootSignIntermediate\", new()\n {\n Backend = root.Path,\n Csr = exampleSecretBackendIntermediateCertRequest.Csr,\n CommonName = \"SubOrg Intermediate CA\",\n ExcludeCnFromSans = true,\n Ou = \"SubUnit\",\n Organization = \"SubOrg\",\n Country = \"US\",\n Locality = \"San Francisco\",\n Province = \"CA\",\n Revoke = true,\n });\n\n var exampleSecretBackendIntermediateSetSigned = new Vault.PkiSecret.SecretBackendIntermediateSetSigned(\"exampleSecretBackendIntermediateSetSigned\", new()\n {\n Backend = intermediate.Path,\n Certificate = exampleSecretBackendRootSignIntermediate.Certificate,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/pkiSecret\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\troot, err := vault.NewMount(ctx, \"root\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"pki-root\"),\n\t\t\tType: pulumi.String(\"pki\"),\n\t\t\tDescription: pulumi.String(\"root\"),\n\t\t\tDefaultLeaseTtlSeconds: pulumi.Int(8640000),\n\t\t\tMaxLeaseTtlSeconds: pulumi.Int(8640000),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tintermediate, err := vault.NewMount(ctx, \"intermediate\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"pki-int\"),\n\t\t\tType: root.Type,\n\t\t\tDescription: pulumi.String(\"intermediate\"),\n\t\t\tDefaultLeaseTtlSeconds: pulumi.Int(86400),\n\t\t\tMaxLeaseTtlSeconds: pulumi.Int(86400),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleSecretBackendRootCert, err := pkiSecret.NewSecretBackendRootCert(ctx, \"exampleSecretBackendRootCert\", \u0026pkiSecret.SecretBackendRootCertArgs{\n\t\t\tBackend: root.Path,\n\t\t\tType: pulumi.String(\"internal\"),\n\t\t\tCommonName: pulumi.String(\"RootOrg Root CA\"),\n\t\t\tTtl: pulumi.String(\"86400\"),\n\t\t\tFormat: pulumi.String(\"pem\"),\n\t\t\tPrivateKeyFormat: pulumi.String(\"der\"),\n\t\t\tKeyType: pulumi.String(\"rsa\"),\n\t\t\tKeyBits: pulumi.Int(4096),\n\t\t\tExcludeCnFromSans: pulumi.Bool(true),\n\t\t\tOu: pulumi.String(\"Organizational Unit\"),\n\t\t\tOrganization: pulumi.String(\"RootOrg\"),\n\t\t\tCountry: pulumi.String(\"US\"),\n\t\t\tLocality: pulumi.String(\"San Francisco\"),\n\t\t\tProvince: pulumi.String(\"CA\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleSecretBackendIntermediateCertRequest, err := pkiSecret.NewSecretBackendIntermediateCertRequest(ctx, \"exampleSecretBackendIntermediateCertRequest\", \u0026pkiSecret.SecretBackendIntermediateCertRequestArgs{\n\t\t\tBackend: intermediate.Path,\n\t\t\tType: exampleSecretBackendRootCert.Type,\n\t\t\tCommonName: pulumi.String(\"SubOrg Intermediate CA\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleSecretBackendRootSignIntermediate, err := pkiSecret.NewSecretBackendRootSignIntermediate(ctx, \"exampleSecretBackendRootSignIntermediate\", \u0026pkiSecret.SecretBackendRootSignIntermediateArgs{\n\t\t\tBackend: root.Path,\n\t\t\tCsr: exampleSecretBackendIntermediateCertRequest.Csr,\n\t\t\tCommonName: pulumi.String(\"SubOrg Intermediate CA\"),\n\t\t\tExcludeCnFromSans: pulumi.Bool(true),\n\t\t\tOu: pulumi.String(\"SubUnit\"),\n\t\t\tOrganization: pulumi.String(\"SubOrg\"),\n\t\t\tCountry: pulumi.String(\"US\"),\n\t\t\tLocality: pulumi.String(\"San Francisco\"),\n\t\t\tProvince: pulumi.String(\"CA\"),\n\t\t\tRevoke: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pkiSecret.NewSecretBackendIntermediateSetSigned(ctx, \"exampleSecretBackendIntermediateSetSigned\", \u0026pkiSecret.SecretBackendIntermediateSetSignedArgs{\n\t\t\tBackend: intermediate.Path,\n\t\t\tCertificate: exampleSecretBackendRootSignIntermediate.Certificate,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.pkiSecret.SecretBackendRootCert;\nimport com.pulumi.vault.pkiSecret.SecretBackendRootCertArgs;\nimport com.pulumi.vault.pkiSecret.SecretBackendIntermediateCertRequest;\nimport com.pulumi.vault.pkiSecret.SecretBackendIntermediateCertRequestArgs;\nimport com.pulumi.vault.pkiSecret.SecretBackendRootSignIntermediate;\nimport com.pulumi.vault.pkiSecret.SecretBackendRootSignIntermediateArgs;\nimport com.pulumi.vault.pkiSecret.SecretBackendIntermediateSetSigned;\nimport com.pulumi.vault.pkiSecret.SecretBackendIntermediateSetSignedArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var root = new Mount(\"root\", MountArgs.builder() \n .path(\"pki-root\")\n .type(\"pki\")\n .description(\"root\")\n .defaultLeaseTtlSeconds(8640000)\n .maxLeaseTtlSeconds(8640000)\n .build());\n\n var intermediate = new Mount(\"intermediate\", MountArgs.builder() \n .path(\"pki-int\")\n .type(root.type())\n .description(\"intermediate\")\n .defaultLeaseTtlSeconds(86400)\n .maxLeaseTtlSeconds(86400)\n .build());\n\n var exampleSecretBackendRootCert = new SecretBackendRootCert(\"exampleSecretBackendRootCert\", SecretBackendRootCertArgs.builder() \n .backend(root.path())\n .type(\"internal\")\n .commonName(\"RootOrg Root CA\")\n .ttl(86400)\n .format(\"pem\")\n .privateKeyFormat(\"der\")\n .keyType(\"rsa\")\n .keyBits(4096)\n .excludeCnFromSans(true)\n .ou(\"Organizational Unit\")\n .organization(\"RootOrg\")\n .country(\"US\")\n .locality(\"San Francisco\")\n .province(\"CA\")\n .build());\n\n var exampleSecretBackendIntermediateCertRequest = new SecretBackendIntermediateCertRequest(\"exampleSecretBackendIntermediateCertRequest\", SecretBackendIntermediateCertRequestArgs.builder() \n .backend(intermediate.path())\n .type(exampleSecretBackendRootCert.type())\n .commonName(\"SubOrg Intermediate CA\")\n .build());\n\n var exampleSecretBackendRootSignIntermediate = new SecretBackendRootSignIntermediate(\"exampleSecretBackendRootSignIntermediate\", SecretBackendRootSignIntermediateArgs.builder() \n .backend(root.path())\n .csr(exampleSecretBackendIntermediateCertRequest.csr())\n .commonName(\"SubOrg Intermediate CA\")\n .excludeCnFromSans(true)\n .ou(\"SubUnit\")\n .organization(\"SubOrg\")\n .country(\"US\")\n .locality(\"San Francisco\")\n .province(\"CA\")\n .revoke(true)\n .build());\n\n var exampleSecretBackendIntermediateSetSigned = new SecretBackendIntermediateSetSigned(\"exampleSecretBackendIntermediateSetSigned\", SecretBackendIntermediateSetSignedArgs.builder() \n .backend(intermediate.path())\n .certificate(exampleSecretBackendRootSignIntermediate.certificate())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n root:\n type: vault:Mount\n properties:\n path: pki-root\n type: pki\n description: root\n defaultLeaseTtlSeconds: 8.64e+06\n maxLeaseTtlSeconds: 8.64e+06\n intermediate:\n type: vault:Mount\n properties:\n path: pki-int\n type: ${root.type}\n description: intermediate\n defaultLeaseTtlSeconds: 86400\n maxLeaseTtlSeconds: 86400\n exampleSecretBackendRootCert:\n type: vault:pkiSecret:SecretBackendRootCert\n properties:\n backend: ${root.path}\n type: internal\n commonName: RootOrg Root CA\n ttl: 86400\n format: pem\n privateKeyFormat: der\n keyType: rsa\n keyBits: 4096\n excludeCnFromSans: true\n ou: Organizational Unit\n organization: RootOrg\n country: US\n locality: San Francisco\n province: CA\n exampleSecretBackendIntermediateCertRequest:\n type: vault:pkiSecret:SecretBackendIntermediateCertRequest\n properties:\n backend: ${intermediate.path}\n type: ${exampleSecretBackendRootCert.type}\n commonName: SubOrg Intermediate CA\n exampleSecretBackendRootSignIntermediate:\n type: vault:pkiSecret:SecretBackendRootSignIntermediate\n properties:\n backend: ${root.path}\n csr: ${exampleSecretBackendIntermediateCertRequest.csr}\n commonName: SubOrg Intermediate CA\n excludeCnFromSans: true\n ou: SubUnit\n organization: SubOrg\n country: US\n locality: San Francisco\n province: CA\n revoke: true\n exampleSecretBackendIntermediateSetSigned:\n type: vault:pkiSecret:SecretBackendIntermediateSetSigned\n properties:\n backend: ${intermediate.path}\n certificate: ${exampleSecretBackendRootSignIntermediate.certificate}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "backend": { "type": "string", @@ -26830,7 +24059,7 @@ } }, "vault:pkiSecret/secretBackendIssuer:SecretBackendIssuer": { - "description": "Manages the lifecycle of an existing issuer on a PKI Secret Backend. This resource does not\ncreate issuers. It instead tracks and performs updates made to an existing issuer that was\ncreated by one of the PKI generate endpoints. For more information, see the \n[Vault documentation](https://developer.hashicorp.com/vault/api-docs/secret/pki#managing-keys-and-issuers)\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst pki = new vault.Mount(\"pki\", {\n path: \"pki\",\n type: \"pki\",\n defaultLeaseTtlSeconds: 3600,\n maxLeaseTtlSeconds: 86400,\n});\nconst root = new vault.pkisecret.SecretBackendRootCert(\"root\", {\n backend: pki.path,\n type: \"internal\",\n commonName: \"test\",\n ttl: \"86400\",\n});\nconst example = new vault.pkisecret.SecretBackendIssuer(\"example\", {\n backend: root.backend,\n issuerRef: root.issuerId,\n issuerName: \"example-issuer\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\npki = vault.Mount(\"pki\",\n path=\"pki\",\n type=\"pki\",\n default_lease_ttl_seconds=3600,\n max_lease_ttl_seconds=86400)\nroot = vault.pki_secret.SecretBackendRootCert(\"root\",\n backend=pki.path,\n type=\"internal\",\n common_name=\"test\",\n ttl=\"86400\")\nexample = vault.pki_secret.SecretBackendIssuer(\"example\",\n backend=root.backend,\n issuer_ref=root.issuer_id,\n issuer_name=\"example-issuer\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var pki = new Vault.Mount(\"pki\", new()\n {\n Path = \"pki\",\n Type = \"pki\",\n DefaultLeaseTtlSeconds = 3600,\n MaxLeaseTtlSeconds = 86400,\n });\n\n var root = new Vault.PkiSecret.SecretBackendRootCert(\"root\", new()\n {\n Backend = pki.Path,\n Type = \"internal\",\n CommonName = \"test\",\n Ttl = \"86400\",\n });\n\n var example = new Vault.PkiSecret.SecretBackendIssuer(\"example\", new()\n {\n Backend = root.Backend,\n IssuerRef = root.IssuerId,\n IssuerName = \"example-issuer\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/pkiSecret\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tpki, err := vault.NewMount(ctx, \"pki\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"pki\"),\n\t\t\tType: pulumi.String(\"pki\"),\n\t\t\tDefaultLeaseTtlSeconds: pulumi.Int(3600),\n\t\t\tMaxLeaseTtlSeconds: pulumi.Int(86400),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\troot, err := pkiSecret.NewSecretBackendRootCert(ctx, \"root\", \u0026pkiSecret.SecretBackendRootCertArgs{\n\t\t\tBackend: pki.Path,\n\t\t\tType: pulumi.String(\"internal\"),\n\t\t\tCommonName: pulumi.String(\"test\"),\n\t\t\tTtl: pulumi.String(\"86400\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pkiSecret.NewSecretBackendIssuer(ctx, \"example\", \u0026pkiSecret.SecretBackendIssuerArgs{\n\t\t\tBackend: root.Backend,\n\t\t\tIssuerRef: root.IssuerId,\n\t\t\tIssuerName: pulumi.String(\"example-issuer\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.pkiSecret.SecretBackendRootCert;\nimport com.pulumi.vault.pkiSecret.SecretBackendRootCertArgs;\nimport com.pulumi.vault.pkiSecret.SecretBackendIssuer;\nimport com.pulumi.vault.pkiSecret.SecretBackendIssuerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var pki = new Mount(\"pki\", MountArgs.builder() \n .path(\"pki\")\n .type(\"pki\")\n .defaultLeaseTtlSeconds(3600)\n .maxLeaseTtlSeconds(86400)\n .build());\n\n var root = new SecretBackendRootCert(\"root\", SecretBackendRootCertArgs.builder() \n .backend(pki.path())\n .type(\"internal\")\n .commonName(\"test\")\n .ttl(\"86400\")\n .build());\n\n var example = new SecretBackendIssuer(\"example\", SecretBackendIssuerArgs.builder() \n .backend(root.backend())\n .issuerRef(root.issuerId())\n .issuerName(\"example-issuer\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n pki:\n type: vault:Mount\n properties:\n path: pki\n type: pki\n defaultLeaseTtlSeconds: 3600\n maxLeaseTtlSeconds: 86400\n root:\n type: vault:pkiSecret:SecretBackendRootCert\n properties:\n backend: ${pki.path}\n type: internal\n commonName: test\n ttl: 86400\n example:\n type: vault:pkiSecret:SecretBackendIssuer\n properties:\n backend: ${root.backend}\n issuerRef: ${root.issuerId}\n issuerName: example-issuer\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nPKI secret backend issuer can be imported using the `id`, e.g.\n\n```sh\n $ pulumi import vault:pkiSecret/secretBackendIssuer:SecretBackendIssuer example pki/issuer/bf9b0d48-d0dd-652c-30be-77d04fc7e94d\n```\n\n ", + "description": "Manages the lifecycle of an existing issuer on a PKI Secret Backend. This resource does not\ncreate issuers. It instead tracks and performs updates made to an existing issuer that was\ncreated by one of the PKI generate endpoints. For more information, see the \n[Vault documentation](https://developer.hashicorp.com/vault/api-docs/secret/pki#managing-keys-and-issuers)\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst pki = new vault.Mount(\"pki\", {\n path: \"pki\",\n type: \"pki\",\n defaultLeaseTtlSeconds: 3600,\n maxLeaseTtlSeconds: 86400,\n});\nconst root = new vault.pkisecret.SecretBackendRootCert(\"root\", {\n backend: pki.path,\n type: \"internal\",\n commonName: \"test\",\n ttl: \"86400\",\n});\nconst example = new vault.pkisecret.SecretBackendIssuer(\"example\", {\n backend: root.backend,\n issuerRef: root.issuerId,\n issuerName: \"example-issuer\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\npki = vault.Mount(\"pki\",\n path=\"pki\",\n type=\"pki\",\n default_lease_ttl_seconds=3600,\n max_lease_ttl_seconds=86400)\nroot = vault.pki_secret.SecretBackendRootCert(\"root\",\n backend=pki.path,\n type=\"internal\",\n common_name=\"test\",\n ttl=\"86400\")\nexample = vault.pki_secret.SecretBackendIssuer(\"example\",\n backend=root.backend,\n issuer_ref=root.issuer_id,\n issuer_name=\"example-issuer\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var pki = new Vault.Mount(\"pki\", new()\n {\n Path = \"pki\",\n Type = \"pki\",\n DefaultLeaseTtlSeconds = 3600,\n MaxLeaseTtlSeconds = 86400,\n });\n\n var root = new Vault.PkiSecret.SecretBackendRootCert(\"root\", new()\n {\n Backend = pki.Path,\n Type = \"internal\",\n CommonName = \"test\",\n Ttl = \"86400\",\n });\n\n var example = new Vault.PkiSecret.SecretBackendIssuer(\"example\", new()\n {\n Backend = root.Backend,\n IssuerRef = root.IssuerId,\n IssuerName = \"example-issuer\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/pkiSecret\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tpki, err := vault.NewMount(ctx, \"pki\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"pki\"),\n\t\t\tType: pulumi.String(\"pki\"),\n\t\t\tDefaultLeaseTtlSeconds: pulumi.Int(3600),\n\t\t\tMaxLeaseTtlSeconds: pulumi.Int(86400),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\troot, err := pkiSecret.NewSecretBackendRootCert(ctx, \"root\", \u0026pkiSecret.SecretBackendRootCertArgs{\n\t\t\tBackend: pki.Path,\n\t\t\tType: pulumi.String(\"internal\"),\n\t\t\tCommonName: pulumi.String(\"test\"),\n\t\t\tTtl: pulumi.String(\"86400\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pkiSecret.NewSecretBackendIssuer(ctx, \"example\", \u0026pkiSecret.SecretBackendIssuerArgs{\n\t\t\tBackend: root.Backend,\n\t\t\tIssuerRef: root.IssuerId,\n\t\t\tIssuerName: pulumi.String(\"example-issuer\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.pkiSecret.SecretBackendRootCert;\nimport com.pulumi.vault.pkiSecret.SecretBackendRootCertArgs;\nimport com.pulumi.vault.pkiSecret.SecretBackendIssuer;\nimport com.pulumi.vault.pkiSecret.SecretBackendIssuerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var pki = new Mount(\"pki\", MountArgs.builder() \n .path(\"pki\")\n .type(\"pki\")\n .defaultLeaseTtlSeconds(3600)\n .maxLeaseTtlSeconds(86400)\n .build());\n\n var root = new SecretBackendRootCert(\"root\", SecretBackendRootCertArgs.builder() \n .backend(pki.path())\n .type(\"internal\")\n .commonName(\"test\")\n .ttl(\"86400\")\n .build());\n\n var example = new SecretBackendIssuer(\"example\", SecretBackendIssuerArgs.builder() \n .backend(root.backend())\n .issuerRef(root.issuerId())\n .issuerName(\"example-issuer\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n pki:\n type: vault:Mount\n properties:\n path: pki\n type: pki\n defaultLeaseTtlSeconds: 3600\n maxLeaseTtlSeconds: 86400\n root:\n type: vault:pkiSecret:SecretBackendRootCert\n properties:\n backend: ${pki.path}\n type: internal\n commonName: test\n ttl: '86400'\n example:\n type: vault:pkiSecret:SecretBackendIssuer\n properties:\n backend: ${root.backend}\n issuerRef: ${root.issuerId}\n issuerName: example-issuer\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nPKI secret backend issuer can be imported using the `id`, e.g.\n\n```sh\n $ pulumi import vault:pkiSecret/secretBackendIssuer:SecretBackendIssuer example pki/issuer/bf9b0d48-d0dd-652c-30be-77d04fc7e94d\n```\n ", "properties": { "backend": { "type": "string", @@ -27047,7 +24276,7 @@ } }, "vault:pkiSecret/secretBackendKey:SecretBackendKey": { - "description": "Creates a key on a PKI Secret Backend for Vault.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.pkiSecret.SecretBackendKey;\nimport com.pulumi.vault.pkiSecret.SecretBackendKeyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var pki = new Mount(\"pki\", MountArgs.builder() \n .path(\"pki\")\n .type(\"pki\")\n .defaultLeaseTtlSeconds(3600)\n .maxLeaseTtlSeconds(86400)\n .build());\n\n var key = new SecretBackendKey(\"key\", SecretBackendKeyArgs.builder() \n .mount(pki.path())\n .type(\"exported\")\n .keyName(\"example-key\")\n .keyType(\"rsa\")\n .keyBits(\"2048\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n pki:\n type: vault:Mount\n properties:\n path: pki\n type: pki\n defaultLeaseTtlSeconds: 3600\n maxLeaseTtlSeconds: 86400\n key:\n type: vault:pkiSecret:SecretBackendKey\n properties:\n mount: ${pki.path}\n type: exported\n keyName: example-key\n keyType: rsa\n keyBits: 2048\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nPKI secret backend key can be imported using the `id`, e.g.\n\n```sh\n $ pulumi import vault:pkiSecret/secretBackendKey:SecretBackendKey key pki/key/bf9b0d48-d0dd-652c-30be-77d04fc7e94d\n```\n\n ", + "description": "Creates a key on a PKI Secret Backend for Vault.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.pkiSecret.SecretBackendKey;\nimport com.pulumi.vault.pkiSecret.SecretBackendKeyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var pki = new Mount(\"pki\", MountArgs.builder() \n .path(\"pki\")\n .type(\"pki\")\n .defaultLeaseTtlSeconds(3600)\n .maxLeaseTtlSeconds(86400)\n .build());\n\n var key = new SecretBackendKey(\"key\", SecretBackendKeyArgs.builder() \n .mount(pki.path())\n .type(\"exported\")\n .keyName(\"example-key\")\n .keyType(\"rsa\")\n .keyBits(\"2048\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n pki:\n type: vault:Mount\n properties:\n path: pki\n type: pki\n defaultLeaseTtlSeconds: 3600\n maxLeaseTtlSeconds: 86400\n key:\n type: vault:pkiSecret:SecretBackendKey\n properties:\n mount: ${pki.path}\n type: exported\n keyName: example-key\n keyType: rsa\n keyBits: '2048'\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nPKI secret backend key can be imported using the `id`, e.g.\n\n```sh\n $ pulumi import vault:pkiSecret/secretBackendKey:SecretBackendKey key pki/key/bf9b0d48-d0dd-652c-30be-77d04fc7e94d\n```\n ", "properties": { "backend": { "type": "string", @@ -27185,7 +24414,7 @@ } }, "vault:pkiSecret/secretBackendRole:SecretBackendRole": { - "description": "Creates a role on an PKI Secret Backend for Vault.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst pki = new vault.Mount(\"pki\", {\n path: \"pki\",\n type: \"pki\",\n defaultLeaseTtlSeconds: 3600,\n maxLeaseTtlSeconds: 86400,\n});\nconst role = new vault.pkisecret.SecretBackendRole(\"role\", {\n backend: pki.path,\n ttl: \"3600\",\n allowIpSans: true,\n keyType: \"rsa\",\n keyBits: 4096,\n allowedDomains: [\n \"example.com\",\n \"my.domain\",\n ],\n allowSubdomains: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\npki = vault.Mount(\"pki\",\n path=\"pki\",\n type=\"pki\",\n default_lease_ttl_seconds=3600,\n max_lease_ttl_seconds=86400)\nrole = vault.pki_secret.SecretBackendRole(\"role\",\n backend=pki.path,\n ttl=\"3600\",\n allow_ip_sans=True,\n key_type=\"rsa\",\n key_bits=4096,\n allowed_domains=[\n \"example.com\",\n \"my.domain\",\n ],\n allow_subdomains=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var pki = new Vault.Mount(\"pki\", new()\n {\n Path = \"pki\",\n Type = \"pki\",\n DefaultLeaseTtlSeconds = 3600,\n MaxLeaseTtlSeconds = 86400,\n });\n\n var role = new Vault.PkiSecret.SecretBackendRole(\"role\", new()\n {\n Backend = pki.Path,\n Ttl = \"3600\",\n AllowIpSans = true,\n KeyType = \"rsa\",\n KeyBits = 4096,\n AllowedDomains = new[]\n {\n \"example.com\",\n \"my.domain\",\n },\n AllowSubdomains = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/pkiSecret\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tpki, err := vault.NewMount(ctx, \"pki\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"pki\"),\n\t\t\tType: pulumi.String(\"pki\"),\n\t\t\tDefaultLeaseTtlSeconds: pulumi.Int(3600),\n\t\t\tMaxLeaseTtlSeconds: pulumi.Int(86400),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pkiSecret.NewSecretBackendRole(ctx, \"role\", \u0026pkiSecret.SecretBackendRoleArgs{\n\t\t\tBackend: pki.Path,\n\t\t\tTtl: pulumi.String(\"3600\"),\n\t\t\tAllowIpSans: pulumi.Bool(true),\n\t\t\tKeyType: pulumi.String(\"rsa\"),\n\t\t\tKeyBits: pulumi.Int(4096),\n\t\t\tAllowedDomains: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"example.com\"),\n\t\t\t\tpulumi.String(\"my.domain\"),\n\t\t\t},\n\t\t\tAllowSubdomains: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.pkiSecret.SecretBackendRole;\nimport com.pulumi.vault.pkiSecret.SecretBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var pki = new Mount(\"pki\", MountArgs.builder() \n .path(\"pki\")\n .type(\"pki\")\n .defaultLeaseTtlSeconds(3600)\n .maxLeaseTtlSeconds(86400)\n .build());\n\n var role = new SecretBackendRole(\"role\", SecretBackendRoleArgs.builder() \n .backend(pki.path())\n .ttl(3600)\n .allowIpSans(true)\n .keyType(\"rsa\")\n .keyBits(4096)\n .allowedDomains( \n \"example.com\",\n \"my.domain\")\n .allowSubdomains(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n pki:\n type: vault:Mount\n properties:\n path: pki\n type: pki\n defaultLeaseTtlSeconds: 3600\n maxLeaseTtlSeconds: 86400\n role:\n type: vault:pkiSecret:SecretBackendRole\n properties:\n backend: ${pki.path}\n ttl: 3600\n allowIpSans: true\n keyType: rsa\n keyBits: 4096\n allowedDomains:\n - example.com\n - my.domain\n allowSubdomains: true\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nPKI secret backend roles can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:pkiSecret/secretBackendRole:SecretBackendRole role pki/roles/my_role\n```\n\n ", + "description": "Creates a role on an PKI Secret Backend for Vault.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst pki = new vault.Mount(\"pki\", {\n path: \"pki\",\n type: \"pki\",\n defaultLeaseTtlSeconds: 3600,\n maxLeaseTtlSeconds: 86400,\n});\nconst role = new vault.pkisecret.SecretBackendRole(\"role\", {\n backend: pki.path,\n ttl: \"3600\",\n allowIpSans: true,\n keyType: \"rsa\",\n keyBits: 4096,\n allowedDomains: [\n \"example.com\",\n \"my.domain\",\n ],\n allowSubdomains: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\npki = vault.Mount(\"pki\",\n path=\"pki\",\n type=\"pki\",\n default_lease_ttl_seconds=3600,\n max_lease_ttl_seconds=86400)\nrole = vault.pki_secret.SecretBackendRole(\"role\",\n backend=pki.path,\n ttl=\"3600\",\n allow_ip_sans=True,\n key_type=\"rsa\",\n key_bits=4096,\n allowed_domains=[\n \"example.com\",\n \"my.domain\",\n ],\n allow_subdomains=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var pki = new Vault.Mount(\"pki\", new()\n {\n Path = \"pki\",\n Type = \"pki\",\n DefaultLeaseTtlSeconds = 3600,\n MaxLeaseTtlSeconds = 86400,\n });\n\n var role = new Vault.PkiSecret.SecretBackendRole(\"role\", new()\n {\n Backend = pki.Path,\n Ttl = \"3600\",\n AllowIpSans = true,\n KeyType = \"rsa\",\n KeyBits = 4096,\n AllowedDomains = new[]\n {\n \"example.com\",\n \"my.domain\",\n },\n AllowSubdomains = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/pkiSecret\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tpki, err := vault.NewMount(ctx, \"pki\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"pki\"),\n\t\t\tType: pulumi.String(\"pki\"),\n\t\t\tDefaultLeaseTtlSeconds: pulumi.Int(3600),\n\t\t\tMaxLeaseTtlSeconds: pulumi.Int(86400),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pkiSecret.NewSecretBackendRole(ctx, \"role\", \u0026pkiSecret.SecretBackendRoleArgs{\n\t\t\tBackend: pki.Path,\n\t\t\tTtl: pulumi.String(\"3600\"),\n\t\t\tAllowIpSans: pulumi.Bool(true),\n\t\t\tKeyType: pulumi.String(\"rsa\"),\n\t\t\tKeyBits: pulumi.Int(4096),\n\t\t\tAllowedDomains: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"example.com\"),\n\t\t\t\tpulumi.String(\"my.domain\"),\n\t\t\t},\n\t\t\tAllowSubdomains: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.pkiSecret.SecretBackendRole;\nimport com.pulumi.vault.pkiSecret.SecretBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var pki = new Mount(\"pki\", MountArgs.builder() \n .path(\"pki\")\n .type(\"pki\")\n .defaultLeaseTtlSeconds(3600)\n .maxLeaseTtlSeconds(86400)\n .build());\n\n var role = new SecretBackendRole(\"role\", SecretBackendRoleArgs.builder() \n .backend(pki.path())\n .ttl(3600)\n .allowIpSans(true)\n .keyType(\"rsa\")\n .keyBits(4096)\n .allowedDomains( \n \"example.com\",\n \"my.domain\")\n .allowSubdomains(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n pki:\n type: vault:Mount\n properties:\n path: pki\n type: pki\n defaultLeaseTtlSeconds: 3600\n maxLeaseTtlSeconds: 86400\n role:\n type: vault:pkiSecret:SecretBackendRole\n properties:\n backend: ${pki.path}\n ttl: 3600\n allowIpSans: true\n keyType: rsa\n keyBits: 4096\n allowedDomains:\n - example.com\n - my.domain\n allowSubdomains: true\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nPKI secret backend roles can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:pkiSecret/secretBackendRole:SecretBackendRole role pki/roles/my_role\n```\n ", "properties": { "allowAnyName": { "type": "boolean", @@ -27360,6 +24589,13 @@ }, "description": "The organization of generated certificates\n" }, + "policyIdentifier": { + "type": "array", + "items": { + "$ref": "#/types/vault:pkiSecret/SecretBackendRolePolicyIdentifier:SecretBackendRolePolicyIdentifier" + }, + "description": "(Vault 1.11+ only) A block for specifying policy identifers. The `policy_identifier` block can be repeated, and supports the following arguments:\n" + }, "policyIdentifiers": { "type": "array", "items": { @@ -27596,6 +24832,13 @@ }, "description": "The organization of generated certificates\n" }, + "policyIdentifier": { + "type": "array", + "items": { + "$ref": "#/types/vault:pkiSecret/SecretBackendRolePolicyIdentifier:SecretBackendRolePolicyIdentifier" + }, + "description": "(Vault 1.11+ only) A block for specifying policy identifers. The `policy_identifier` block can be repeated, and supports the following arguments:\n" + }, "policyIdentifiers": { "type": "array", "items": { @@ -27827,6 +25070,13 @@ }, "description": "The organization of generated certificates\n" }, + "policyIdentifier": { + "type": "array", + "items": { + "$ref": "#/types/vault:pkiSecret/SecretBackendRolePolicyIdentifier:SecretBackendRolePolicyIdentifier" + }, + "description": "(Vault 1.11+ only) A block for specifying policy identifers. The `policy_identifier` block can be repeated, and supports the following arguments:\n" + }, "policyIdentifiers": { "type": "array", "items": { @@ -27880,7 +25130,7 @@ } }, "vault:pkiSecret/secretBackendRootCert:SecretBackendRootCert": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst test = new vault.pkisecret.SecretBackendRootCert(\"test\", {\n backend: vault_mount.pki.path,\n type: \"internal\",\n commonName: \"Root CA\",\n ttl: \"315360000\",\n format: \"pem\",\n privateKeyFormat: \"der\",\n keyType: \"rsa\",\n keyBits: 4096,\n excludeCnFromSans: true,\n ou: \"My OU\",\n organization: \"My organization\",\n}, {\n dependsOn: [vault_mount.pki],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest = vault.pki_secret.SecretBackendRootCert(\"test\",\n backend=vault_mount[\"pki\"][\"path\"],\n type=\"internal\",\n common_name=\"Root CA\",\n ttl=\"315360000\",\n format=\"pem\",\n private_key_format=\"der\",\n key_type=\"rsa\",\n key_bits=4096,\n exclude_cn_from_sans=True,\n ou=\"My OU\",\n organization=\"My organization\",\n opts=pulumi.ResourceOptions(depends_on=[vault_mount[\"pki\"]]))\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Vault.PkiSecret.SecretBackendRootCert(\"test\", new()\n {\n Backend = vault_mount.Pki.Path,\n Type = \"internal\",\n CommonName = \"Root CA\",\n Ttl = \"315360000\",\n Format = \"pem\",\n PrivateKeyFormat = \"der\",\n KeyType = \"rsa\",\n KeyBits = 4096,\n ExcludeCnFromSans = true,\n Ou = \"My OU\",\n Organization = \"My organization\",\n }, new CustomResourceOptions\n {\n DependsOn = new[]\n {\n vault_mount.Pki,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/pkiSecret\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := pkiSecret.NewSecretBackendRootCert(ctx, \"test\", \u0026pkiSecret.SecretBackendRootCertArgs{\n\t\t\tBackend: pulumi.Any(vault_mount.Pki.Path),\n\t\t\tType: pulumi.String(\"internal\"),\n\t\t\tCommonName: pulumi.String(\"Root CA\"),\n\t\t\tTtl: pulumi.String(\"315360000\"),\n\t\t\tFormat: pulumi.String(\"pem\"),\n\t\t\tPrivateKeyFormat: pulumi.String(\"der\"),\n\t\t\tKeyType: pulumi.String(\"rsa\"),\n\t\t\tKeyBits: pulumi.Int(4096),\n\t\t\tExcludeCnFromSans: pulumi.Bool(true),\n\t\t\tOu: pulumi.String(\"My OU\"),\n\t\t\tOrganization: pulumi.String(\"My organization\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tvault_mount.Pki,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.pkiSecret.SecretBackendRootCert;\nimport com.pulumi.vault.pkiSecret.SecretBackendRootCertArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new SecretBackendRootCert(\"test\", SecretBackendRootCertArgs.builder() \n .backend(vault_mount.pki().path())\n .type(\"internal\")\n .commonName(\"Root CA\")\n .ttl(\"315360000\")\n .format(\"pem\")\n .privateKeyFormat(\"der\")\n .keyType(\"rsa\")\n .keyBits(4096)\n .excludeCnFromSans(true)\n .ou(\"My OU\")\n .organization(\"My organization\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(vault_mount.pki())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: vault:pkiSecret:SecretBackendRootCert\n properties:\n backend: ${vault_mount.pki.path}\n type: internal\n commonName: Root CA\n ttl: 315360000\n format: pem\n privateKeyFormat: der\n keyType: rsa\n keyBits: 4096\n excludeCnFromSans: true\n ou: My OU\n organization: My organization\n options:\n dependson:\n - ${vault_mount.pki}\n```\n{{% /example %}}\n{{% /examples %}}", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst test = new vault.pkisecret.SecretBackendRootCert(\"test\", {\n backend: vault_mount.pki.path,\n type: \"internal\",\n commonName: \"Root CA\",\n ttl: \"315360000\",\n format: \"pem\",\n privateKeyFormat: \"der\",\n keyType: \"rsa\",\n keyBits: 4096,\n excludeCnFromSans: true,\n ou: \"My OU\",\n organization: \"My organization\",\n}, {\n dependsOn: [vault_mount.pki],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest = vault.pki_secret.SecretBackendRootCert(\"test\",\n backend=vault_mount[\"pki\"][\"path\"],\n type=\"internal\",\n common_name=\"Root CA\",\n ttl=\"315360000\",\n format=\"pem\",\n private_key_format=\"der\",\n key_type=\"rsa\",\n key_bits=4096,\n exclude_cn_from_sans=True,\n ou=\"My OU\",\n organization=\"My organization\",\n opts=pulumi.ResourceOptions(depends_on=[vault_mount[\"pki\"]]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Vault.PkiSecret.SecretBackendRootCert(\"test\", new()\n {\n Backend = vault_mount.Pki.Path,\n Type = \"internal\",\n CommonName = \"Root CA\",\n Ttl = \"315360000\",\n Format = \"pem\",\n PrivateKeyFormat = \"der\",\n KeyType = \"rsa\",\n KeyBits = 4096,\n ExcludeCnFromSans = true,\n Ou = \"My OU\",\n Organization = \"My organization\",\n }, new CustomResourceOptions\n {\n DependsOn = new[]\n {\n vault_mount.Pki,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/pkiSecret\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := pkiSecret.NewSecretBackendRootCert(ctx, \"test\", \u0026pkiSecret.SecretBackendRootCertArgs{\n\t\t\tBackend: pulumi.Any(vault_mount.Pki.Path),\n\t\t\tType: pulumi.String(\"internal\"),\n\t\t\tCommonName: pulumi.String(\"Root CA\"),\n\t\t\tTtl: pulumi.String(\"315360000\"),\n\t\t\tFormat: pulumi.String(\"pem\"),\n\t\t\tPrivateKeyFormat: pulumi.String(\"der\"),\n\t\t\tKeyType: pulumi.String(\"rsa\"),\n\t\t\tKeyBits: pulumi.Int(4096),\n\t\t\tExcludeCnFromSans: pulumi.Bool(true),\n\t\t\tOu: pulumi.String(\"My OU\"),\n\t\t\tOrganization: pulumi.String(\"My organization\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tvault_mount.Pki,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.pkiSecret.SecretBackendRootCert;\nimport com.pulumi.vault.pkiSecret.SecretBackendRootCertArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new SecretBackendRootCert(\"test\", SecretBackendRootCertArgs.builder() \n .backend(vault_mount.pki().path())\n .type(\"internal\")\n .commonName(\"Root CA\")\n .ttl(\"315360000\")\n .format(\"pem\")\n .privateKeyFormat(\"der\")\n .keyType(\"rsa\")\n .keyBits(4096)\n .excludeCnFromSans(true)\n .ou(\"My OU\")\n .organization(\"My organization\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(vault_mount.pki())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: vault:pkiSecret:SecretBackendRootCert\n properties:\n backend: ${vault_mount.pki.path}\n type: internal\n commonName: Root CA\n ttl: '315360000'\n format: pem\n privateKeyFormat: der\n keyType: rsa\n keyBits: 4096\n excludeCnFromSans: true\n ou: My OU\n organization: My organization\n options:\n dependson:\n - ${vault_mount.pki}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "altNames": { "type": "array", @@ -28401,7 +25651,7 @@ } }, "vault:pkiSecret/secretBackendRootSignIntermediate:SecretBackendRootSignIntermediate": { - "description": "Creates PKI certificate.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst root = new vault.pkisecret.SecretBackendRootSignIntermediate(\"root\", {\n backend: vault_mount.root.path,\n csr: vault_pki_secret_backend_intermediate_cert_request.intermediate.csr,\n commonName: \"Intermediate CA\",\n excludeCnFromSans: true,\n ou: \"My OU\",\n organization: \"My organization\",\n}, {\n dependsOn: [vault_pki_secret_backend_intermediate_cert_request.intermediate],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nroot = vault.pki_secret.SecretBackendRootSignIntermediate(\"root\",\n backend=vault_mount[\"root\"][\"path\"],\n csr=vault_pki_secret_backend_intermediate_cert_request[\"intermediate\"][\"csr\"],\n common_name=\"Intermediate CA\",\n exclude_cn_from_sans=True,\n ou=\"My OU\",\n organization=\"My organization\",\n opts=pulumi.ResourceOptions(depends_on=[vault_pki_secret_backend_intermediate_cert_request[\"intermediate\"]]))\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var root = new Vault.PkiSecret.SecretBackendRootSignIntermediate(\"root\", new()\n {\n Backend = vault_mount.Root.Path,\n Csr = vault_pki_secret_backend_intermediate_cert_request.Intermediate.Csr,\n CommonName = \"Intermediate CA\",\n ExcludeCnFromSans = true,\n Ou = \"My OU\",\n Organization = \"My organization\",\n }, new CustomResourceOptions\n {\n DependsOn = new[]\n {\n vault_pki_secret_backend_intermediate_cert_request.Intermediate,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/pkiSecret\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := pkiSecret.NewSecretBackendRootSignIntermediate(ctx, \"root\", \u0026pkiSecret.SecretBackendRootSignIntermediateArgs{\n\t\t\tBackend: pulumi.Any(vault_mount.Root.Path),\n\t\t\tCsr: pulumi.Any(vault_pki_secret_backend_intermediate_cert_request.Intermediate.Csr),\n\t\t\tCommonName: pulumi.String(\"Intermediate CA\"),\n\t\t\tExcludeCnFromSans: pulumi.Bool(true),\n\t\t\tOu: pulumi.String(\"My OU\"),\n\t\t\tOrganization: pulumi.String(\"My organization\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tvault_pki_secret_backend_intermediate_cert_request.Intermediate,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.pkiSecret.SecretBackendRootSignIntermediate;\nimport com.pulumi.vault.pkiSecret.SecretBackendRootSignIntermediateArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var root = new SecretBackendRootSignIntermediate(\"root\", SecretBackendRootSignIntermediateArgs.builder() \n .backend(vault_mount.root().path())\n .csr(vault_pki_secret_backend_intermediate_cert_request.intermediate().csr())\n .commonName(\"Intermediate CA\")\n .excludeCnFromSans(true)\n .ou(\"My OU\")\n .organization(\"My organization\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(vault_pki_secret_backend_intermediate_cert_request.intermediate())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n root:\n type: vault:pkiSecret:SecretBackendRootSignIntermediate\n properties:\n backend: ${vault_mount.root.path}\n csr: ${vault_pki_secret_backend_intermediate_cert_request.intermediate.csr}\n commonName: Intermediate CA\n excludeCnFromSans: true\n ou: My OU\n organization: My organization\n options:\n dependson:\n - ${vault_pki_secret_backend_intermediate_cert_request.intermediate}\n```\n{{% /example %}}\n{{% /examples %}}\n## Deprecations\n\n* `serial` - Use `serial_number` instead.\n", + "description": "Creates PKI certificate.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst root = new vault.pkisecret.SecretBackendRootSignIntermediate(\"root\", {\n backend: vault_mount.root.path,\n csr: vault_pki_secret_backend_intermediate_cert_request.intermediate.csr,\n commonName: \"Intermediate CA\",\n excludeCnFromSans: true,\n ou: \"My OU\",\n organization: \"My organization\",\n}, {\n dependsOn: [vault_pki_secret_backend_intermediate_cert_request.intermediate],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nroot = vault.pki_secret.SecretBackendRootSignIntermediate(\"root\",\n backend=vault_mount[\"root\"][\"path\"],\n csr=vault_pki_secret_backend_intermediate_cert_request[\"intermediate\"][\"csr\"],\n common_name=\"Intermediate CA\",\n exclude_cn_from_sans=True,\n ou=\"My OU\",\n organization=\"My organization\",\n opts=pulumi.ResourceOptions(depends_on=[vault_pki_secret_backend_intermediate_cert_request[\"intermediate\"]]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var root = new Vault.PkiSecret.SecretBackendRootSignIntermediate(\"root\", new()\n {\n Backend = vault_mount.Root.Path,\n Csr = vault_pki_secret_backend_intermediate_cert_request.Intermediate.Csr,\n CommonName = \"Intermediate CA\",\n ExcludeCnFromSans = true,\n Ou = \"My OU\",\n Organization = \"My organization\",\n }, new CustomResourceOptions\n {\n DependsOn = new[]\n {\n vault_pki_secret_backend_intermediate_cert_request.Intermediate,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/pkiSecret\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := pkiSecret.NewSecretBackendRootSignIntermediate(ctx, \"root\", \u0026pkiSecret.SecretBackendRootSignIntermediateArgs{\n\t\t\tBackend: pulumi.Any(vault_mount.Root.Path),\n\t\t\tCsr: pulumi.Any(vault_pki_secret_backend_intermediate_cert_request.Intermediate.Csr),\n\t\t\tCommonName: pulumi.String(\"Intermediate CA\"),\n\t\t\tExcludeCnFromSans: pulumi.Bool(true),\n\t\t\tOu: pulumi.String(\"My OU\"),\n\t\t\tOrganization: pulumi.String(\"My organization\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tvault_pki_secret_backend_intermediate_cert_request.Intermediate,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.pkiSecret.SecretBackendRootSignIntermediate;\nimport com.pulumi.vault.pkiSecret.SecretBackendRootSignIntermediateArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var root = new SecretBackendRootSignIntermediate(\"root\", SecretBackendRootSignIntermediateArgs.builder() \n .backend(vault_mount.root().path())\n .csr(vault_pki_secret_backend_intermediate_cert_request.intermediate().csr())\n .commonName(\"Intermediate CA\")\n .excludeCnFromSans(true)\n .ou(\"My OU\")\n .organization(\"My organization\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(vault_pki_secret_backend_intermediate_cert_request.intermediate())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n root:\n type: vault:pkiSecret:SecretBackendRootSignIntermediate\n properties:\n backend: ${vault_mount.root.path}\n csr: ${vault_pki_secret_backend_intermediate_cert_request.intermediate.csr}\n commonName: Intermediate CA\n excludeCnFromSans: true\n ou: My OU\n organization: My organization\n options:\n dependson:\n - ${vault_pki_secret_backend_intermediate_cert_request.intermediate}\n```\n{{% /example %}}\n{{% /examples %}}\n## Deprecations\n\n* `serial` - Use `serial_number` instead.\n", "properties": { "altNames": { "type": "array", @@ -28847,7 +26097,7 @@ } }, "vault:pkiSecret/secretBackendSign:SecretBackendSign": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst test = new vault.pkisecret.SecretBackendSign(\"test\", {\n backend: vault_mount.pki.path,\n csr: `-----BEGIN CERTIFICATE REQUEST-----\nMIIEqDCCApACAQAwYzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx\nITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEcMBoGA1UEAwwTY2Vy\ndC50ZXN0Lm15LmRvbWFpbjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB\nAJupYCQ8UVCWII1Zof1c6YcSSaM9hEaDU78cfKP5RoSeH10BvrWRfT+mzCONVpNP\nCW9Iabtvk6hm0ot6ilnndEyVJbc0g7hdDLBX5BM25D+DGZGJRKUz1V+uBrWmXtIt\nVonj7JTDTe7ViH0GDsB7CvqXFGXO2a2cDYBchLkL6vQiFPshxvUsLtwxuy/qdYgy\nX6ya+AUoZcoQGy1XxNjfH6cPtWSWQGEp1oPR6vL9hU3laTZb3C+VV4jZem+he8/0\nV+qV6fLG92WTXm2hmf8nrtUqqJ+C7mW/RJod+TviviBadIX0OHXW7k5HVsZood01\nte8vMRUNJNiZfa9EMIK5oncbQn0LcM3Wo9VrjpL7jREb/4HCS2gswYGv7hzk9cCS\nkVY4rDucchKbApuI3kfzmO7GFOF5eiSkYZpY/czNn7VVM3WCu6dpOX4+3rhgrZQw\nkY14L930DaLVRUgve/zKVP2D2GHdEOs+MbV7s96UgigT9pXly/yHPj+1sSYqmnaD\n5b7jSeJusmzO/nrwXVGLsnezR87VzHl9Ux9g5s6zh+R+PrZuVxYsLvoUpaasH47O\ngIcBzSb/6pSGZKAUizmYsHsR1k88dAvsQ+FsUDaNokdi9VndEB4QPmiFmjyLV+0I\n1TFoXop4sW11NPz1YCq+IxnYrEaIN3PyhY0GvBJDFY1/AgMBAAGgADANBgkqhkiG\n9w0BAQsFAAOCAgEActuqnqS8Y9UF7e08w7tR3FPzGecWreuvxILrlFEZJxiLPFqL\nIt7uJvtypCVQvz6UQzKdBYO7tMpRaWViB8DrWzXNZjLMrg+QHcpveg8C0Ett4scG\nfnvLk6fTDFYrnGvwHTqiHos5i0y3bFLyS1BGwSpdLAykGtvC+VM8mRyw/Y7CPcKN\n77kebY/9xduW1g2uxWLr0x90RuQDv9psPojT+59tRLGSp5Kt0IeD3QtnAZEFE4aN\nvt+Pd69eg3BgZ8ZeDgoqAw3yppvOkpAFiE5pw2qPZaM4SRphl4d2Lek2zNIMyZqv\ndo5zh356HOgXtDaSg0POnRGrN/Ua+LMCRTg6GEPUnx9uQb/zt8Zu0hIexDGyykp1\nOGqtWlv/Nc8UYuS38v0BeB6bMPeoqQUjkqs8nHlAEFn0KlgYdtDC+7SdQx6wS4te\ndBKRNDfC4lS3jYJgs55jHqonZgkpSi3bamlxpfpW0ukGBcmq91wRe4bOw/4uD/vf\nUwqMWOdCYcU3mdYNjTWy22ORW3SGFQxMBwpUEURCSoeqWr6aJeQ7KAYkx1PrB5T8\nOTEc13lWf+B0PU9UJuGTsmpIuImPDVd0EVDayr3mT5dDbqTVDbe8ppf2IswABmf0\no3DybUeUmknYjl109rdSf+76nuREICHatxXgN3xCMFuBaN4WLO+ksd6Y1Ys=\n-----END CERTIFICATE REQUEST-----\n`,\n commonName: \"test.my.domain\",\n}, {\n dependsOn: [vault_pki_secret_backend_role.admin],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest = vault.pki_secret.SecretBackendSign(\"test\",\n backend=vault_mount[\"pki\"][\"path\"],\n csr=\"\"\"-----BEGIN CERTIFICATE REQUEST-----\nMIIEqDCCApACAQAwYzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx\nITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEcMBoGA1UEAwwTY2Vy\ndC50ZXN0Lm15LmRvbWFpbjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB\nAJupYCQ8UVCWII1Zof1c6YcSSaM9hEaDU78cfKP5RoSeH10BvrWRfT+mzCONVpNP\nCW9Iabtvk6hm0ot6ilnndEyVJbc0g7hdDLBX5BM25D+DGZGJRKUz1V+uBrWmXtIt\nVonj7JTDTe7ViH0GDsB7CvqXFGXO2a2cDYBchLkL6vQiFPshxvUsLtwxuy/qdYgy\nX6ya+AUoZcoQGy1XxNjfH6cPtWSWQGEp1oPR6vL9hU3laTZb3C+VV4jZem+he8/0\nV+qV6fLG92WTXm2hmf8nrtUqqJ+C7mW/RJod+TviviBadIX0OHXW7k5HVsZood01\nte8vMRUNJNiZfa9EMIK5oncbQn0LcM3Wo9VrjpL7jREb/4HCS2gswYGv7hzk9cCS\nkVY4rDucchKbApuI3kfzmO7GFOF5eiSkYZpY/czNn7VVM3WCu6dpOX4+3rhgrZQw\nkY14L930DaLVRUgve/zKVP2D2GHdEOs+MbV7s96UgigT9pXly/yHPj+1sSYqmnaD\n5b7jSeJusmzO/nrwXVGLsnezR87VzHl9Ux9g5s6zh+R+PrZuVxYsLvoUpaasH47O\ngIcBzSb/6pSGZKAUizmYsHsR1k88dAvsQ+FsUDaNokdi9VndEB4QPmiFmjyLV+0I\n1TFoXop4sW11NPz1YCq+IxnYrEaIN3PyhY0GvBJDFY1/AgMBAAGgADANBgkqhkiG\n9w0BAQsFAAOCAgEActuqnqS8Y9UF7e08w7tR3FPzGecWreuvxILrlFEZJxiLPFqL\nIt7uJvtypCVQvz6UQzKdBYO7tMpRaWViB8DrWzXNZjLMrg+QHcpveg8C0Ett4scG\nfnvLk6fTDFYrnGvwHTqiHos5i0y3bFLyS1BGwSpdLAykGtvC+VM8mRyw/Y7CPcKN\n77kebY/9xduW1g2uxWLr0x90RuQDv9psPojT+59tRLGSp5Kt0IeD3QtnAZEFE4aN\nvt+Pd69eg3BgZ8ZeDgoqAw3yppvOkpAFiE5pw2qPZaM4SRphl4d2Lek2zNIMyZqv\ndo5zh356HOgXtDaSg0POnRGrN/Ua+LMCRTg6GEPUnx9uQb/zt8Zu0hIexDGyykp1\nOGqtWlv/Nc8UYuS38v0BeB6bMPeoqQUjkqs8nHlAEFn0KlgYdtDC+7SdQx6wS4te\ndBKRNDfC4lS3jYJgs55jHqonZgkpSi3bamlxpfpW0ukGBcmq91wRe4bOw/4uD/vf\nUwqMWOdCYcU3mdYNjTWy22ORW3SGFQxMBwpUEURCSoeqWr6aJeQ7KAYkx1PrB5T8\nOTEc13lWf+B0PU9UJuGTsmpIuImPDVd0EVDayr3mT5dDbqTVDbe8ppf2IswABmf0\no3DybUeUmknYjl109rdSf+76nuREICHatxXgN3xCMFuBaN4WLO+ksd6Y1Ys=\n-----END CERTIFICATE REQUEST-----\n\"\"\",\n common_name=\"test.my.domain\",\n opts=pulumi.ResourceOptions(depends_on=[vault_pki_secret_backend_role[\"admin\"]]))\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Vault.PkiSecret.SecretBackendSign(\"test\", new()\n {\n Backend = vault_mount.Pki.Path,\n Csr = @\"-----BEGIN CERTIFICATE REQUEST-----\nMIIEqDCCApACAQAwYzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx\nITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEcMBoGA1UEAwwTY2Vy\ndC50ZXN0Lm15LmRvbWFpbjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB\nAJupYCQ8UVCWII1Zof1c6YcSSaM9hEaDU78cfKP5RoSeH10BvrWRfT+mzCONVpNP\nCW9Iabtvk6hm0ot6ilnndEyVJbc0g7hdDLBX5BM25D+DGZGJRKUz1V+uBrWmXtIt\nVonj7JTDTe7ViH0GDsB7CvqXFGXO2a2cDYBchLkL6vQiFPshxvUsLtwxuy/qdYgy\nX6ya+AUoZcoQGy1XxNjfH6cPtWSWQGEp1oPR6vL9hU3laTZb3C+VV4jZem+he8/0\nV+qV6fLG92WTXm2hmf8nrtUqqJ+C7mW/RJod+TviviBadIX0OHXW7k5HVsZood01\nte8vMRUNJNiZfa9EMIK5oncbQn0LcM3Wo9VrjpL7jREb/4HCS2gswYGv7hzk9cCS\nkVY4rDucchKbApuI3kfzmO7GFOF5eiSkYZpY/czNn7VVM3WCu6dpOX4+3rhgrZQw\nkY14L930DaLVRUgve/zKVP2D2GHdEOs+MbV7s96UgigT9pXly/yHPj+1sSYqmnaD\n5b7jSeJusmzO/nrwXVGLsnezR87VzHl9Ux9g5s6zh+R+PrZuVxYsLvoUpaasH47O\ngIcBzSb/6pSGZKAUizmYsHsR1k88dAvsQ+FsUDaNokdi9VndEB4QPmiFmjyLV+0I\n1TFoXop4sW11NPz1YCq+IxnYrEaIN3PyhY0GvBJDFY1/AgMBAAGgADANBgkqhkiG\n9w0BAQsFAAOCAgEActuqnqS8Y9UF7e08w7tR3FPzGecWreuvxILrlFEZJxiLPFqL\nIt7uJvtypCVQvz6UQzKdBYO7tMpRaWViB8DrWzXNZjLMrg+QHcpveg8C0Ett4scG\nfnvLk6fTDFYrnGvwHTqiHos5i0y3bFLyS1BGwSpdLAykGtvC+VM8mRyw/Y7CPcKN\n77kebY/9xduW1g2uxWLr0x90RuQDv9psPojT+59tRLGSp5Kt0IeD3QtnAZEFE4aN\nvt+Pd69eg3BgZ8ZeDgoqAw3yppvOkpAFiE5pw2qPZaM4SRphl4d2Lek2zNIMyZqv\ndo5zh356HOgXtDaSg0POnRGrN/Ua+LMCRTg6GEPUnx9uQb/zt8Zu0hIexDGyykp1\nOGqtWlv/Nc8UYuS38v0BeB6bMPeoqQUjkqs8nHlAEFn0KlgYdtDC+7SdQx6wS4te\ndBKRNDfC4lS3jYJgs55jHqonZgkpSi3bamlxpfpW0ukGBcmq91wRe4bOw/4uD/vf\nUwqMWOdCYcU3mdYNjTWy22ORW3SGFQxMBwpUEURCSoeqWr6aJeQ7KAYkx1PrB5T8\nOTEc13lWf+B0PU9UJuGTsmpIuImPDVd0EVDayr3mT5dDbqTVDbe8ppf2IswABmf0\no3DybUeUmknYjl109rdSf+76nuREICHatxXgN3xCMFuBaN4WLO+ksd6Y1Ys=\n-----END CERTIFICATE REQUEST-----\n\",\n CommonName = \"test.my.domain\",\n }, new CustomResourceOptions\n {\n DependsOn = new[]\n {\n vault_pki_secret_backend_role.Admin,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/pkiSecret\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := pkiSecret.NewSecretBackendSign(ctx, \"test\", \u0026pkiSecret.SecretBackendSignArgs{\n\t\t\tBackend: pulumi.Any(vault_mount.Pki.Path),\n\t\t\tCsr: pulumi.String(\"-----BEGIN CERTIFICATE REQUEST-----\\nMIIEqDCCApACAQAwYzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx\\nITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEcMBoGA1UEAwwTY2Vy\\ndC50ZXN0Lm15LmRvbWFpbjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB\\nAJupYCQ8UVCWII1Zof1c6YcSSaM9hEaDU78cfKP5RoSeH10BvrWRfT+mzCONVpNP\\nCW9Iabtvk6hm0ot6ilnndEyVJbc0g7hdDLBX5BM25D+DGZGJRKUz1V+uBrWmXtIt\\nVonj7JTDTe7ViH0GDsB7CvqXFGXO2a2cDYBchLkL6vQiFPshxvUsLtwxuy/qdYgy\\nX6ya+AUoZcoQGy1XxNjfH6cPtWSWQGEp1oPR6vL9hU3laTZb3C+VV4jZem+he8/0\\nV+qV6fLG92WTXm2hmf8nrtUqqJ+C7mW/RJod+TviviBadIX0OHXW7k5HVsZood01\\nte8vMRUNJNiZfa9EMIK5oncbQn0LcM3Wo9VrjpL7jREb/4HCS2gswYGv7hzk9cCS\\nkVY4rDucchKbApuI3kfzmO7GFOF5eiSkYZpY/czNn7VVM3WCu6dpOX4+3rhgrZQw\\nkY14L930DaLVRUgve/zKVP2D2GHdEOs+MbV7s96UgigT9pXly/yHPj+1sSYqmnaD\\n5b7jSeJusmzO/nrwXVGLsnezR87VzHl9Ux9g5s6zh+R+PrZuVxYsLvoUpaasH47O\\ngIcBzSb/6pSGZKAUizmYsHsR1k88dAvsQ+FsUDaNokdi9VndEB4QPmiFmjyLV+0I\\n1TFoXop4sW11NPz1YCq+IxnYrEaIN3PyhY0GvBJDFY1/AgMBAAGgADANBgkqhkiG\\n9w0BAQsFAAOCAgEActuqnqS8Y9UF7e08w7tR3FPzGecWreuvxILrlFEZJxiLPFqL\\nIt7uJvtypCVQvz6UQzKdBYO7tMpRaWViB8DrWzXNZjLMrg+QHcpveg8C0Ett4scG\\nfnvLk6fTDFYrnGvwHTqiHos5i0y3bFLyS1BGwSpdLAykGtvC+VM8mRyw/Y7CPcKN\\n77kebY/9xduW1g2uxWLr0x90RuQDv9psPojT+59tRLGSp5Kt0IeD3QtnAZEFE4aN\\nvt+Pd69eg3BgZ8ZeDgoqAw3yppvOkpAFiE5pw2qPZaM4SRphl4d2Lek2zNIMyZqv\\ndo5zh356HOgXtDaSg0POnRGrN/Ua+LMCRTg6GEPUnx9uQb/zt8Zu0hIexDGyykp1\\nOGqtWlv/Nc8UYuS38v0BeB6bMPeoqQUjkqs8nHlAEFn0KlgYdtDC+7SdQx6wS4te\\ndBKRNDfC4lS3jYJgs55jHqonZgkpSi3bamlxpfpW0ukGBcmq91wRe4bOw/4uD/vf\\nUwqMWOdCYcU3mdYNjTWy22ORW3SGFQxMBwpUEURCSoeqWr6aJeQ7KAYkx1PrB5T8\\nOTEc13lWf+B0PU9UJuGTsmpIuImPDVd0EVDayr3mT5dDbqTVDbe8ppf2IswABmf0\\no3DybUeUmknYjl109rdSf+76nuREICHatxXgN3xCMFuBaN4WLO+ksd6Y1Ys=\\n-----END CERTIFICATE REQUEST-----\\n\"),\n\t\t\tCommonName: pulumi.String(\"test.my.domain\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tvault_pki_secret_backend_role.Admin,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.pkiSecret.SecretBackendSign;\nimport com.pulumi.vault.pkiSecret.SecretBackendSignArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new SecretBackendSign(\"test\", SecretBackendSignArgs.builder() \n .backend(vault_mount.pki().path())\n .csr(\"\"\"\n-----BEGIN CERTIFICATE REQUEST-----\nMIIEqDCCApACAQAwYzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx\nITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEcMBoGA1UEAwwTY2Vy\ndC50ZXN0Lm15LmRvbWFpbjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB\nAJupYCQ8UVCWII1Zof1c6YcSSaM9hEaDU78cfKP5RoSeH10BvrWRfT+mzCONVpNP\nCW9Iabtvk6hm0ot6ilnndEyVJbc0g7hdDLBX5BM25D+DGZGJRKUz1V+uBrWmXtIt\nVonj7JTDTe7ViH0GDsB7CvqXFGXO2a2cDYBchLkL6vQiFPshxvUsLtwxuy/qdYgy\nX6ya+AUoZcoQGy1XxNjfH6cPtWSWQGEp1oPR6vL9hU3laTZb3C+VV4jZem+he8/0\nV+qV6fLG92WTXm2hmf8nrtUqqJ+C7mW/RJod+TviviBadIX0OHXW7k5HVsZood01\nte8vMRUNJNiZfa9EMIK5oncbQn0LcM3Wo9VrjpL7jREb/4HCS2gswYGv7hzk9cCS\nkVY4rDucchKbApuI3kfzmO7GFOF5eiSkYZpY/czNn7VVM3WCu6dpOX4+3rhgrZQw\nkY14L930DaLVRUgve/zKVP2D2GHdEOs+MbV7s96UgigT9pXly/yHPj+1sSYqmnaD\n5b7jSeJusmzO/nrwXVGLsnezR87VzHl9Ux9g5s6zh+R+PrZuVxYsLvoUpaasH47O\ngIcBzSb/6pSGZKAUizmYsHsR1k88dAvsQ+FsUDaNokdi9VndEB4QPmiFmjyLV+0I\n1TFoXop4sW11NPz1YCq+IxnYrEaIN3PyhY0GvBJDFY1/AgMBAAGgADANBgkqhkiG\n9w0BAQsFAAOCAgEActuqnqS8Y9UF7e08w7tR3FPzGecWreuvxILrlFEZJxiLPFqL\nIt7uJvtypCVQvz6UQzKdBYO7tMpRaWViB8DrWzXNZjLMrg+QHcpveg8C0Ett4scG\nfnvLk6fTDFYrnGvwHTqiHos5i0y3bFLyS1BGwSpdLAykGtvC+VM8mRyw/Y7CPcKN\n77kebY/9xduW1g2uxWLr0x90RuQDv9psPojT+59tRLGSp5Kt0IeD3QtnAZEFE4aN\nvt+Pd69eg3BgZ8ZeDgoqAw3yppvOkpAFiE5pw2qPZaM4SRphl4d2Lek2zNIMyZqv\ndo5zh356HOgXtDaSg0POnRGrN/Ua+LMCRTg6GEPUnx9uQb/zt8Zu0hIexDGyykp1\nOGqtWlv/Nc8UYuS38v0BeB6bMPeoqQUjkqs8nHlAEFn0KlgYdtDC+7SdQx6wS4te\ndBKRNDfC4lS3jYJgs55jHqonZgkpSi3bamlxpfpW0ukGBcmq91wRe4bOw/4uD/vf\nUwqMWOdCYcU3mdYNjTWy22ORW3SGFQxMBwpUEURCSoeqWr6aJeQ7KAYkx1PrB5T8\nOTEc13lWf+B0PU9UJuGTsmpIuImPDVd0EVDayr3mT5dDbqTVDbe8ppf2IswABmf0\no3DybUeUmknYjl109rdSf+76nuREICHatxXgN3xCMFuBaN4WLO+ksd6Y1Ys=\n-----END CERTIFICATE REQUEST-----\n \"\"\")\n .commonName(\"test.my.domain\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(vault_pki_secret_backend_role.admin())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: vault:pkiSecret:SecretBackendSign\n properties:\n backend: ${vault_mount.pki.path}\n csr: |\n -----BEGIN CERTIFICATE REQUEST-----\n MIIEqDCCApACAQAwYzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx\n ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEcMBoGA1UEAwwTY2Vy\n dC50ZXN0Lm15LmRvbWFpbjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB\n AJupYCQ8UVCWII1Zof1c6YcSSaM9hEaDU78cfKP5RoSeH10BvrWRfT+mzCONVpNP\n CW9Iabtvk6hm0ot6ilnndEyVJbc0g7hdDLBX5BM25D+DGZGJRKUz1V+uBrWmXtIt\n Vonj7JTDTe7ViH0GDsB7CvqXFGXO2a2cDYBchLkL6vQiFPshxvUsLtwxuy/qdYgy\n X6ya+AUoZcoQGy1XxNjfH6cPtWSWQGEp1oPR6vL9hU3laTZb3C+VV4jZem+he8/0\n V+qV6fLG92WTXm2hmf8nrtUqqJ+C7mW/RJod+TviviBadIX0OHXW7k5HVsZood01\n te8vMRUNJNiZfa9EMIK5oncbQn0LcM3Wo9VrjpL7jREb/4HCS2gswYGv7hzk9cCS\n kVY4rDucchKbApuI3kfzmO7GFOF5eiSkYZpY/czNn7VVM3WCu6dpOX4+3rhgrZQw\n kY14L930DaLVRUgve/zKVP2D2GHdEOs+MbV7s96UgigT9pXly/yHPj+1sSYqmnaD\n 5b7jSeJusmzO/nrwXVGLsnezR87VzHl9Ux9g5s6zh+R+PrZuVxYsLvoUpaasH47O\n gIcBzSb/6pSGZKAUizmYsHsR1k88dAvsQ+FsUDaNokdi9VndEB4QPmiFmjyLV+0I\n 1TFoXop4sW11NPz1YCq+IxnYrEaIN3PyhY0GvBJDFY1/AgMBAAGgADANBgkqhkiG\n 9w0BAQsFAAOCAgEActuqnqS8Y9UF7e08w7tR3FPzGecWreuvxILrlFEZJxiLPFqL\n It7uJvtypCVQvz6UQzKdBYO7tMpRaWViB8DrWzXNZjLMrg+QHcpveg8C0Ett4scG\n fnvLk6fTDFYrnGvwHTqiHos5i0y3bFLyS1BGwSpdLAykGtvC+VM8mRyw/Y7CPcKN\n 77kebY/9xduW1g2uxWLr0x90RuQDv9psPojT+59tRLGSp5Kt0IeD3QtnAZEFE4aN\n vt+Pd69eg3BgZ8ZeDgoqAw3yppvOkpAFiE5pw2qPZaM4SRphl4d2Lek2zNIMyZqv\n do5zh356HOgXtDaSg0POnRGrN/Ua+LMCRTg6GEPUnx9uQb/zt8Zu0hIexDGyykp1\n OGqtWlv/Nc8UYuS38v0BeB6bMPeoqQUjkqs8nHlAEFn0KlgYdtDC+7SdQx6wS4te\n dBKRNDfC4lS3jYJgs55jHqonZgkpSi3bamlxpfpW0ukGBcmq91wRe4bOw/4uD/vf\n UwqMWOdCYcU3mdYNjTWy22ORW3SGFQxMBwpUEURCSoeqWr6aJeQ7KAYkx1PrB5T8\n OTEc13lWf+B0PU9UJuGTsmpIuImPDVd0EVDayr3mT5dDbqTVDbe8ppf2IswABmf0\n o3DybUeUmknYjl109rdSf+76nuREICHatxXgN3xCMFuBaN4WLO+ksd6Y1Ys=\n -----END CERTIFICATE REQUEST-----\n commonName: test.my.domain\n options:\n dependson:\n - ${vault_pki_secret_backend_role.admin}\n```\n{{% /example %}}\n{{% /examples %}}\n## Deprecations\n\n* `serial` - Use `serial_number` instead.\n", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst test = new vault.pkisecret.SecretBackendSign(\"test\", {\n backend: vault_mount.pki.path,\n csr: `-----BEGIN CERTIFICATE REQUEST-----\nMIIEqDCCApACAQAwYzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx\nITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEcMBoGA1UEAwwTY2Vy\ndC50ZXN0Lm15LmRvbWFpbjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB\nAJupYCQ8UVCWII1Zof1c6YcSSaM9hEaDU78cfKP5RoSeH10BvrWRfT+mzCONVpNP\nCW9Iabtvk6hm0ot6ilnndEyVJbc0g7hdDLBX5BM25D+DGZGJRKUz1V+uBrWmXtIt\nVonj7JTDTe7ViH0GDsB7CvqXFGXO2a2cDYBchLkL6vQiFPshxvUsLtwxuy/qdYgy\nX6ya+AUoZcoQGy1XxNjfH6cPtWSWQGEp1oPR6vL9hU3laTZb3C+VV4jZem+he8/0\nV+qV6fLG92WTXm2hmf8nrtUqqJ+C7mW/RJod+TviviBadIX0OHXW7k5HVsZood01\nte8vMRUNJNiZfa9EMIK5oncbQn0LcM3Wo9VrjpL7jREb/4HCS2gswYGv7hzk9cCS\nkVY4rDucchKbApuI3kfzmO7GFOF5eiSkYZpY/czNn7VVM3WCu6dpOX4+3rhgrZQw\nkY14L930DaLVRUgve/zKVP2D2GHdEOs+MbV7s96UgigT9pXly/yHPj+1sSYqmnaD\n5b7jSeJusmzO/nrwXVGLsnezR87VzHl9Ux9g5s6zh+R+PrZuVxYsLvoUpaasH47O\ngIcBzSb/6pSGZKAUizmYsHsR1k88dAvsQ+FsUDaNokdi9VndEB4QPmiFmjyLV+0I\n1TFoXop4sW11NPz1YCq+IxnYrEaIN3PyhY0GvBJDFY1/AgMBAAGgADANBgkqhkiG\n9w0BAQsFAAOCAgEActuqnqS8Y9UF7e08w7tR3FPzGecWreuvxILrlFEZJxiLPFqL\nIt7uJvtypCVQvz6UQzKdBYO7tMpRaWViB8DrWzXNZjLMrg+QHcpveg8C0Ett4scG\nfnvLk6fTDFYrnGvwHTqiHos5i0y3bFLyS1BGwSpdLAykGtvC+VM8mRyw/Y7CPcKN\n77kebY/9xduW1g2uxWLr0x90RuQDv9psPojT+59tRLGSp5Kt0IeD3QtnAZEFE4aN\nvt+Pd69eg3BgZ8ZeDgoqAw3yppvOkpAFiE5pw2qPZaM4SRphl4d2Lek2zNIMyZqv\ndo5zh356HOgXtDaSg0POnRGrN/Ua+LMCRTg6GEPUnx9uQb/zt8Zu0hIexDGyykp1\nOGqtWlv/Nc8UYuS38v0BeB6bMPeoqQUjkqs8nHlAEFn0KlgYdtDC+7SdQx6wS4te\ndBKRNDfC4lS3jYJgs55jHqonZgkpSi3bamlxpfpW0ukGBcmq91wRe4bOw/4uD/vf\nUwqMWOdCYcU3mdYNjTWy22ORW3SGFQxMBwpUEURCSoeqWr6aJeQ7KAYkx1PrB5T8\nOTEc13lWf+B0PU9UJuGTsmpIuImPDVd0EVDayr3mT5dDbqTVDbe8ppf2IswABmf0\no3DybUeUmknYjl109rdSf+76nuREICHatxXgN3xCMFuBaN4WLO+ksd6Y1Ys=\n-----END CERTIFICATE REQUEST-----\n`,\n commonName: \"test.my.domain\",\n}, {\n dependsOn: [vault_pki_secret_backend_role.admin],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest = vault.pki_secret.SecretBackendSign(\"test\",\n backend=vault_mount[\"pki\"][\"path\"],\n csr=\"\"\"-----BEGIN CERTIFICATE REQUEST-----\nMIIEqDCCApACAQAwYzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx\nITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEcMBoGA1UEAwwTY2Vy\ndC50ZXN0Lm15LmRvbWFpbjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB\nAJupYCQ8UVCWII1Zof1c6YcSSaM9hEaDU78cfKP5RoSeH10BvrWRfT+mzCONVpNP\nCW9Iabtvk6hm0ot6ilnndEyVJbc0g7hdDLBX5BM25D+DGZGJRKUz1V+uBrWmXtIt\nVonj7JTDTe7ViH0GDsB7CvqXFGXO2a2cDYBchLkL6vQiFPshxvUsLtwxuy/qdYgy\nX6ya+AUoZcoQGy1XxNjfH6cPtWSWQGEp1oPR6vL9hU3laTZb3C+VV4jZem+he8/0\nV+qV6fLG92WTXm2hmf8nrtUqqJ+C7mW/RJod+TviviBadIX0OHXW7k5HVsZood01\nte8vMRUNJNiZfa9EMIK5oncbQn0LcM3Wo9VrjpL7jREb/4HCS2gswYGv7hzk9cCS\nkVY4rDucchKbApuI3kfzmO7GFOF5eiSkYZpY/czNn7VVM3WCu6dpOX4+3rhgrZQw\nkY14L930DaLVRUgve/zKVP2D2GHdEOs+MbV7s96UgigT9pXly/yHPj+1sSYqmnaD\n5b7jSeJusmzO/nrwXVGLsnezR87VzHl9Ux9g5s6zh+R+PrZuVxYsLvoUpaasH47O\ngIcBzSb/6pSGZKAUizmYsHsR1k88dAvsQ+FsUDaNokdi9VndEB4QPmiFmjyLV+0I\n1TFoXop4sW11NPz1YCq+IxnYrEaIN3PyhY0GvBJDFY1/AgMBAAGgADANBgkqhkiG\n9w0BAQsFAAOCAgEActuqnqS8Y9UF7e08w7tR3FPzGecWreuvxILrlFEZJxiLPFqL\nIt7uJvtypCVQvz6UQzKdBYO7tMpRaWViB8DrWzXNZjLMrg+QHcpveg8C0Ett4scG\nfnvLk6fTDFYrnGvwHTqiHos5i0y3bFLyS1BGwSpdLAykGtvC+VM8mRyw/Y7CPcKN\n77kebY/9xduW1g2uxWLr0x90RuQDv9psPojT+59tRLGSp5Kt0IeD3QtnAZEFE4aN\nvt+Pd69eg3BgZ8ZeDgoqAw3yppvOkpAFiE5pw2qPZaM4SRphl4d2Lek2zNIMyZqv\ndo5zh356HOgXtDaSg0POnRGrN/Ua+LMCRTg6GEPUnx9uQb/zt8Zu0hIexDGyykp1\nOGqtWlv/Nc8UYuS38v0BeB6bMPeoqQUjkqs8nHlAEFn0KlgYdtDC+7SdQx6wS4te\ndBKRNDfC4lS3jYJgs55jHqonZgkpSi3bamlxpfpW0ukGBcmq91wRe4bOw/4uD/vf\nUwqMWOdCYcU3mdYNjTWy22ORW3SGFQxMBwpUEURCSoeqWr6aJeQ7KAYkx1PrB5T8\nOTEc13lWf+B0PU9UJuGTsmpIuImPDVd0EVDayr3mT5dDbqTVDbe8ppf2IswABmf0\no3DybUeUmknYjl109rdSf+76nuREICHatxXgN3xCMFuBaN4WLO+ksd6Y1Ys=\n-----END CERTIFICATE REQUEST-----\n\"\"\",\n common_name=\"test.my.domain\",\n opts=pulumi.ResourceOptions(depends_on=[vault_pki_secret_backend_role[\"admin\"]]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Vault.PkiSecret.SecretBackendSign(\"test\", new()\n {\n Backend = vault_mount.Pki.Path,\n Csr = @\"-----BEGIN CERTIFICATE REQUEST-----\nMIIEqDCCApACAQAwYzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx\nITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEcMBoGA1UEAwwTY2Vy\ndC50ZXN0Lm15LmRvbWFpbjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB\nAJupYCQ8UVCWII1Zof1c6YcSSaM9hEaDU78cfKP5RoSeH10BvrWRfT+mzCONVpNP\nCW9Iabtvk6hm0ot6ilnndEyVJbc0g7hdDLBX5BM25D+DGZGJRKUz1V+uBrWmXtIt\nVonj7JTDTe7ViH0GDsB7CvqXFGXO2a2cDYBchLkL6vQiFPshxvUsLtwxuy/qdYgy\nX6ya+AUoZcoQGy1XxNjfH6cPtWSWQGEp1oPR6vL9hU3laTZb3C+VV4jZem+he8/0\nV+qV6fLG92WTXm2hmf8nrtUqqJ+C7mW/RJod+TviviBadIX0OHXW7k5HVsZood01\nte8vMRUNJNiZfa9EMIK5oncbQn0LcM3Wo9VrjpL7jREb/4HCS2gswYGv7hzk9cCS\nkVY4rDucchKbApuI3kfzmO7GFOF5eiSkYZpY/czNn7VVM3WCu6dpOX4+3rhgrZQw\nkY14L930DaLVRUgve/zKVP2D2GHdEOs+MbV7s96UgigT9pXly/yHPj+1sSYqmnaD\n5b7jSeJusmzO/nrwXVGLsnezR87VzHl9Ux9g5s6zh+R+PrZuVxYsLvoUpaasH47O\ngIcBzSb/6pSGZKAUizmYsHsR1k88dAvsQ+FsUDaNokdi9VndEB4QPmiFmjyLV+0I\n1TFoXop4sW11NPz1YCq+IxnYrEaIN3PyhY0GvBJDFY1/AgMBAAGgADANBgkqhkiG\n9w0BAQsFAAOCAgEActuqnqS8Y9UF7e08w7tR3FPzGecWreuvxILrlFEZJxiLPFqL\nIt7uJvtypCVQvz6UQzKdBYO7tMpRaWViB8DrWzXNZjLMrg+QHcpveg8C0Ett4scG\nfnvLk6fTDFYrnGvwHTqiHos5i0y3bFLyS1BGwSpdLAykGtvC+VM8mRyw/Y7CPcKN\n77kebY/9xduW1g2uxWLr0x90RuQDv9psPojT+59tRLGSp5Kt0IeD3QtnAZEFE4aN\nvt+Pd69eg3BgZ8ZeDgoqAw3yppvOkpAFiE5pw2qPZaM4SRphl4d2Lek2zNIMyZqv\ndo5zh356HOgXtDaSg0POnRGrN/Ua+LMCRTg6GEPUnx9uQb/zt8Zu0hIexDGyykp1\nOGqtWlv/Nc8UYuS38v0BeB6bMPeoqQUjkqs8nHlAEFn0KlgYdtDC+7SdQx6wS4te\ndBKRNDfC4lS3jYJgs55jHqonZgkpSi3bamlxpfpW0ukGBcmq91wRe4bOw/4uD/vf\nUwqMWOdCYcU3mdYNjTWy22ORW3SGFQxMBwpUEURCSoeqWr6aJeQ7KAYkx1PrB5T8\nOTEc13lWf+B0PU9UJuGTsmpIuImPDVd0EVDayr3mT5dDbqTVDbe8ppf2IswABmf0\no3DybUeUmknYjl109rdSf+76nuREICHatxXgN3xCMFuBaN4WLO+ksd6Y1Ys=\n-----END CERTIFICATE REQUEST-----\n\",\n CommonName = \"test.my.domain\",\n }, new CustomResourceOptions\n {\n DependsOn = new[]\n {\n vault_pki_secret_backend_role.Admin,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/pkiSecret\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := pkiSecret.NewSecretBackendSign(ctx, \"test\", \u0026pkiSecret.SecretBackendSignArgs{\n\t\t\tBackend: pulumi.Any(vault_mount.Pki.Path),\n\t\t\tCsr: pulumi.String(`-----BEGIN CERTIFICATE REQUEST-----\nMIIEqDCCApACAQAwYzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx\nITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEcMBoGA1UEAwwTY2Vy\ndC50ZXN0Lm15LmRvbWFpbjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB\nAJupYCQ8UVCWII1Zof1c6YcSSaM9hEaDU78cfKP5RoSeH10BvrWRfT+mzCONVpNP\nCW9Iabtvk6hm0ot6ilnndEyVJbc0g7hdDLBX5BM25D+DGZGJRKUz1V+uBrWmXtIt\nVonj7JTDTe7ViH0GDsB7CvqXFGXO2a2cDYBchLkL6vQiFPshxvUsLtwxuy/qdYgy\nX6ya+AUoZcoQGy1XxNjfH6cPtWSWQGEp1oPR6vL9hU3laTZb3C+VV4jZem+he8/0\nV+qV6fLG92WTXm2hmf8nrtUqqJ+C7mW/RJod+TviviBadIX0OHXW7k5HVsZood01\nte8vMRUNJNiZfa9EMIK5oncbQn0LcM3Wo9VrjpL7jREb/4HCS2gswYGv7hzk9cCS\nkVY4rDucchKbApuI3kfzmO7GFOF5eiSkYZpY/czNn7VVM3WCu6dpOX4+3rhgrZQw\nkY14L930DaLVRUgve/zKVP2D2GHdEOs+MbV7s96UgigT9pXly/yHPj+1sSYqmnaD\n5b7jSeJusmzO/nrwXVGLsnezR87VzHl9Ux9g5s6zh+R+PrZuVxYsLvoUpaasH47O\ngIcBzSb/6pSGZKAUizmYsHsR1k88dAvsQ+FsUDaNokdi9VndEB4QPmiFmjyLV+0I\n1TFoXop4sW11NPz1YCq+IxnYrEaIN3PyhY0GvBJDFY1/AgMBAAGgADANBgkqhkiG\n9w0BAQsFAAOCAgEActuqnqS8Y9UF7e08w7tR3FPzGecWreuvxILrlFEZJxiLPFqL\nIt7uJvtypCVQvz6UQzKdBYO7tMpRaWViB8DrWzXNZjLMrg+QHcpveg8C0Ett4scG\nfnvLk6fTDFYrnGvwHTqiHos5i0y3bFLyS1BGwSpdLAykGtvC+VM8mRyw/Y7CPcKN\n77kebY/9xduW1g2uxWLr0x90RuQDv9psPojT+59tRLGSp5Kt0IeD3QtnAZEFE4aN\nvt+Pd69eg3BgZ8ZeDgoqAw3yppvOkpAFiE5pw2qPZaM4SRphl4d2Lek2zNIMyZqv\ndo5zh356HOgXtDaSg0POnRGrN/Ua+LMCRTg6GEPUnx9uQb/zt8Zu0hIexDGyykp1\nOGqtWlv/Nc8UYuS38v0BeB6bMPeoqQUjkqs8nHlAEFn0KlgYdtDC+7SdQx6wS4te\ndBKRNDfC4lS3jYJgs55jHqonZgkpSi3bamlxpfpW0ukGBcmq91wRe4bOw/4uD/vf\nUwqMWOdCYcU3mdYNjTWy22ORW3SGFQxMBwpUEURCSoeqWr6aJeQ7KAYkx1PrB5T8\nOTEc13lWf+B0PU9UJuGTsmpIuImPDVd0EVDayr3mT5dDbqTVDbe8ppf2IswABmf0\no3DybUeUmknYjl109rdSf+76nuREICHatxXgN3xCMFuBaN4WLO+ksd6Y1Ys=\n-----END CERTIFICATE REQUEST-----\n`),\n\t\t\tCommonName: pulumi.String(\"test.my.domain\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tvault_pki_secret_backend_role.Admin,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.pkiSecret.SecretBackendSign;\nimport com.pulumi.vault.pkiSecret.SecretBackendSignArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new SecretBackendSign(\"test\", SecretBackendSignArgs.builder() \n .backend(vault_mount.pki().path())\n .csr(\"\"\"\n-----BEGIN CERTIFICATE REQUEST-----\nMIIEqDCCApACAQAwYzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx\nITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEcMBoGA1UEAwwTY2Vy\ndC50ZXN0Lm15LmRvbWFpbjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB\nAJupYCQ8UVCWII1Zof1c6YcSSaM9hEaDU78cfKP5RoSeH10BvrWRfT+mzCONVpNP\nCW9Iabtvk6hm0ot6ilnndEyVJbc0g7hdDLBX5BM25D+DGZGJRKUz1V+uBrWmXtIt\nVonj7JTDTe7ViH0GDsB7CvqXFGXO2a2cDYBchLkL6vQiFPshxvUsLtwxuy/qdYgy\nX6ya+AUoZcoQGy1XxNjfH6cPtWSWQGEp1oPR6vL9hU3laTZb3C+VV4jZem+he8/0\nV+qV6fLG92WTXm2hmf8nrtUqqJ+C7mW/RJod+TviviBadIX0OHXW7k5HVsZood01\nte8vMRUNJNiZfa9EMIK5oncbQn0LcM3Wo9VrjpL7jREb/4HCS2gswYGv7hzk9cCS\nkVY4rDucchKbApuI3kfzmO7GFOF5eiSkYZpY/czNn7VVM3WCu6dpOX4+3rhgrZQw\nkY14L930DaLVRUgve/zKVP2D2GHdEOs+MbV7s96UgigT9pXly/yHPj+1sSYqmnaD\n5b7jSeJusmzO/nrwXVGLsnezR87VzHl9Ux9g5s6zh+R+PrZuVxYsLvoUpaasH47O\ngIcBzSb/6pSGZKAUizmYsHsR1k88dAvsQ+FsUDaNokdi9VndEB4QPmiFmjyLV+0I\n1TFoXop4sW11NPz1YCq+IxnYrEaIN3PyhY0GvBJDFY1/AgMBAAGgADANBgkqhkiG\n9w0BAQsFAAOCAgEActuqnqS8Y9UF7e08w7tR3FPzGecWreuvxILrlFEZJxiLPFqL\nIt7uJvtypCVQvz6UQzKdBYO7tMpRaWViB8DrWzXNZjLMrg+QHcpveg8C0Ett4scG\nfnvLk6fTDFYrnGvwHTqiHos5i0y3bFLyS1BGwSpdLAykGtvC+VM8mRyw/Y7CPcKN\n77kebY/9xduW1g2uxWLr0x90RuQDv9psPojT+59tRLGSp5Kt0IeD3QtnAZEFE4aN\nvt+Pd69eg3BgZ8ZeDgoqAw3yppvOkpAFiE5pw2qPZaM4SRphl4d2Lek2zNIMyZqv\ndo5zh356HOgXtDaSg0POnRGrN/Ua+LMCRTg6GEPUnx9uQb/zt8Zu0hIexDGyykp1\nOGqtWlv/Nc8UYuS38v0BeB6bMPeoqQUjkqs8nHlAEFn0KlgYdtDC+7SdQx6wS4te\ndBKRNDfC4lS3jYJgs55jHqonZgkpSi3bamlxpfpW0ukGBcmq91wRe4bOw/4uD/vf\nUwqMWOdCYcU3mdYNjTWy22ORW3SGFQxMBwpUEURCSoeqWr6aJeQ7KAYkx1PrB5T8\nOTEc13lWf+B0PU9UJuGTsmpIuImPDVd0EVDayr3mT5dDbqTVDbe8ppf2IswABmf0\no3DybUeUmknYjl109rdSf+76nuREICHatxXgN3xCMFuBaN4WLO+ksd6Y1Ys=\n-----END CERTIFICATE REQUEST-----\n \"\"\")\n .commonName(\"test.my.domain\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(vault_pki_secret_backend_role.admin())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: vault:pkiSecret:SecretBackendSign\n properties:\n backend: ${vault_mount.pki.path}\n csr: |\n -----BEGIN CERTIFICATE REQUEST-----\n MIIEqDCCApACAQAwYzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx\n ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEcMBoGA1UEAwwTY2Vy\n dC50ZXN0Lm15LmRvbWFpbjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB\n AJupYCQ8UVCWII1Zof1c6YcSSaM9hEaDU78cfKP5RoSeH10BvrWRfT+mzCONVpNP\n CW9Iabtvk6hm0ot6ilnndEyVJbc0g7hdDLBX5BM25D+DGZGJRKUz1V+uBrWmXtIt\n Vonj7JTDTe7ViH0GDsB7CvqXFGXO2a2cDYBchLkL6vQiFPshxvUsLtwxuy/qdYgy\n X6ya+AUoZcoQGy1XxNjfH6cPtWSWQGEp1oPR6vL9hU3laTZb3C+VV4jZem+he8/0\n V+qV6fLG92WTXm2hmf8nrtUqqJ+C7mW/RJod+TviviBadIX0OHXW7k5HVsZood01\n te8vMRUNJNiZfa9EMIK5oncbQn0LcM3Wo9VrjpL7jREb/4HCS2gswYGv7hzk9cCS\n kVY4rDucchKbApuI3kfzmO7GFOF5eiSkYZpY/czNn7VVM3WCu6dpOX4+3rhgrZQw\n kY14L930DaLVRUgve/zKVP2D2GHdEOs+MbV7s96UgigT9pXly/yHPj+1sSYqmnaD\n 5b7jSeJusmzO/nrwXVGLsnezR87VzHl9Ux9g5s6zh+R+PrZuVxYsLvoUpaasH47O\n gIcBzSb/6pSGZKAUizmYsHsR1k88dAvsQ+FsUDaNokdi9VndEB4QPmiFmjyLV+0I\n 1TFoXop4sW11NPz1YCq+IxnYrEaIN3PyhY0GvBJDFY1/AgMBAAGgADANBgkqhkiG\n 9w0BAQsFAAOCAgEActuqnqS8Y9UF7e08w7tR3FPzGecWreuvxILrlFEZJxiLPFqL\n It7uJvtypCVQvz6UQzKdBYO7tMpRaWViB8DrWzXNZjLMrg+QHcpveg8C0Ett4scG\n fnvLk6fTDFYrnGvwHTqiHos5i0y3bFLyS1BGwSpdLAykGtvC+VM8mRyw/Y7CPcKN\n 77kebY/9xduW1g2uxWLr0x90RuQDv9psPojT+59tRLGSp5Kt0IeD3QtnAZEFE4aN\n vt+Pd69eg3BgZ8ZeDgoqAw3yppvOkpAFiE5pw2qPZaM4SRphl4d2Lek2zNIMyZqv\n do5zh356HOgXtDaSg0POnRGrN/Ua+LMCRTg6GEPUnx9uQb/zt8Zu0hIexDGyykp1\n OGqtWlv/Nc8UYuS38v0BeB6bMPeoqQUjkqs8nHlAEFn0KlgYdtDC+7SdQx6wS4te\n dBKRNDfC4lS3jYJgs55jHqonZgkpSi3bamlxpfpW0ukGBcmq91wRe4bOw/4uD/vf\n UwqMWOdCYcU3mdYNjTWy22ORW3SGFQxMBwpUEURCSoeqWr6aJeQ7KAYkx1PrB5T8\n OTEc13lWf+B0PU9UJuGTsmpIuImPDVd0EVDayr3mT5dDbqTVDbe8ppf2IswABmf0\n o3DybUeUmknYjl109rdSf+76nuREICHatxXgN3xCMFuBaN4WLO+ksd6Y1Ys=\n -----END CERTIFICATE REQUEST-----\n commonName: test.my.domain\n options:\n dependson:\n - ${vault_pki_secret_backend_role.admin}\n```\n{{% /example %}}\n{{% /examples %}}\n## Deprecations\n\n* `serial` - Use `serial_number` instead.\n", "properties": { "altNames": { "type": "array", @@ -29180,7 +26430,7 @@ } }, "vault:rabbitMq/secretBackend:SecretBackend": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst rabbitmq = new vault.rabbitMq.SecretBackend(\"rabbitmq\", {\n connectionUri: \"https://.....\",\n password: \"password\",\n username: \"user\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nrabbitmq = vault.rabbit_mq.SecretBackend(\"rabbitmq\",\n connection_uri=\"https://.....\",\n password=\"password\",\n username=\"user\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var rabbitmq = new Vault.RabbitMQ.SecretBackend(\"rabbitmq\", new()\n {\n ConnectionUri = \"https://.....\",\n Password = \"password\",\n Username = \"user\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/rabbitMq\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rabbitMq.NewSecretBackend(ctx, \"rabbitmq\", \u0026rabbitMq.SecretBackendArgs{\n\t\t\tConnectionUri: pulumi.String(\"https://.....\"),\n\t\t\tPassword: pulumi.String(\"password\"),\n\t\t\tUsername: pulumi.String(\"user\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.rabbitMq.SecretBackend;\nimport com.pulumi.vault.rabbitMq.SecretBackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var rabbitmq = new SecretBackend(\"rabbitmq\", SecretBackendArgs.builder() \n .connectionUri(\"https://.....\")\n .password(\"password\")\n .username(\"user\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n rabbitmq:\n type: vault:rabbitMq:SecretBackend\n properties:\n connectionUri: https://.....\n password: password\n username: user\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nRabbitMQ secret backends can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:rabbitMq/secretBackend:SecretBackend rabbitmq rabbitmq\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst rabbitmq = new vault.rabbitmq.SecretBackend(\"rabbitmq\", {\n connectionUri: \"https://.....\",\n password: \"password\",\n username: \"user\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nrabbitmq = vault.rabbit_mq.SecretBackend(\"rabbitmq\",\n connection_uri=\"https://.....\",\n password=\"password\",\n username=\"user\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var rabbitmq = new Vault.RabbitMQ.SecretBackend(\"rabbitmq\", new()\n {\n ConnectionUri = \"https://.....\",\n Password = \"password\",\n Username = \"user\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/rabbitMq\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rabbitMq.NewSecretBackend(ctx, \"rabbitmq\", \u0026rabbitMq.SecretBackendArgs{\n\t\t\tConnectionUri: pulumi.String(\"https://.....\"),\n\t\t\tPassword: pulumi.String(\"password\"),\n\t\t\tUsername: pulumi.String(\"user\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.rabbitMq.SecretBackend;\nimport com.pulumi.vault.rabbitMq.SecretBackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var rabbitmq = new SecretBackend(\"rabbitmq\", SecretBackendArgs.builder() \n .connectionUri(\"https://.....\")\n .password(\"password\")\n .username(\"user\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n rabbitmq:\n type: vault:rabbitMq:SecretBackend\n properties:\n connectionUri: https://.....\n password: password\n username: user\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nRabbitMQ secret backends can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:rabbitMq/secretBackend:SecretBackend rabbitmq rabbitmq\n```\n ", "properties": { "connectionUri": { "type": "string", @@ -29357,7 +26607,7 @@ } }, "vault:rabbitMq/secretBackendRole:SecretBackendRole": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst rabbitmq = new vault.rabbitmq.SecretBackend(\"rabbitmq\", {\n connectionUri: \"https://.....\",\n username: \"user\",\n password: \"password\",\n});\nconst role = new vault.rabbitmq.SecretBackendRole(\"role\", {\n backend: rabbitmq.path,\n tags: \"tag1,tag2\",\n vhosts: [{\n host: \"/\",\n configure: \"\",\n read: \".*\",\n write: \"\",\n }],\n vhostTopics: [{\n vhosts: [{\n topic: \"amq.topic\",\n read: \".*\",\n write: \"\",\n }],\n host: \"/\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nrabbitmq = vault.rabbit_mq.SecretBackend(\"rabbitmq\",\n connection_uri=\"https://.....\",\n username=\"user\",\n password=\"password\")\nrole = vault.rabbit_mq.SecretBackendRole(\"role\",\n backend=rabbitmq.path,\n tags=\"tag1,tag2\",\n vhosts=[vault.rabbit_mq.SecretBackendRoleVhostArgs(\n host=\"/\",\n configure=\"\",\n read=\".*\",\n write=\"\",\n )],\n vhost_topics=[vault.rabbit_mq.SecretBackendRoleVhostTopicArgs(\n vhosts=[vault.rabbit_mq.SecretBackendRoleVhostTopicVhostArgs(\n topic=\"amq.topic\",\n read=\".*\",\n write=\"\",\n )],\n host=\"/\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var rabbitmq = new Vault.RabbitMQ.SecretBackend(\"rabbitmq\", new()\n {\n ConnectionUri = \"https://.....\",\n Username = \"user\",\n Password = \"password\",\n });\n\n var role = new Vault.RabbitMQ.SecretBackendRole(\"role\", new()\n {\n Backend = rabbitmq.Path,\n Tags = \"tag1,tag2\",\n Vhosts = new[]\n {\n new Vault.RabbitMQ.Inputs.SecretBackendRoleVhostArgs\n {\n Host = \"/\",\n Configure = \"\",\n Read = \".*\",\n Write = \"\",\n },\n },\n VhostTopics = new[]\n {\n new Vault.RabbitMQ.Inputs.SecretBackendRoleVhostTopicArgs\n {\n Vhosts = new[]\n {\n new Vault.RabbitMQ.Inputs.SecretBackendRoleVhostTopicVhostArgs\n {\n Topic = \"amq.topic\",\n Read = \".*\",\n Write = \"\",\n },\n },\n Host = \"/\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/rabbitMq\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\trabbitmq, err := rabbitMq.NewSecretBackend(ctx, \"rabbitmq\", \u0026rabbitMq.SecretBackendArgs{\n\t\t\tConnectionUri: pulumi.String(\"https://.....\"),\n\t\t\tUsername: pulumi.String(\"user\"),\n\t\t\tPassword: pulumi.String(\"password\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rabbitMq.NewSecretBackendRole(ctx, \"role\", \u0026rabbitMq.SecretBackendRoleArgs{\n\t\t\tBackend: rabbitmq.Path,\n\t\t\tTags: pulumi.String(\"tag1,tag2\"),\n\t\t\tVhosts: rabbitmq.SecretBackendRoleVhostArray{\n\t\t\t\t\u0026rabbitmq.SecretBackendRoleVhostArgs{\n\t\t\t\t\tHost: pulumi.String(\"/\"),\n\t\t\t\t\tConfigure: pulumi.String(\"\"),\n\t\t\t\t\tRead: pulumi.String(\".*\"),\n\t\t\t\t\tWrite: pulumi.String(\"\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tVhostTopics: rabbitmq.SecretBackendRoleVhostTopicArray{\n\t\t\t\t\u0026rabbitmq.SecretBackendRoleVhostTopicArgs{\n\t\t\t\t\tVhosts: rabbitmq.SecretBackendRoleVhostTopicVhostArray{\n\t\t\t\t\t\t\u0026rabbitmq.SecretBackendRoleVhostTopicVhostArgs{\n\t\t\t\t\t\t\tTopic: pulumi.String(\"amq.topic\"),\n\t\t\t\t\t\t\tRead: pulumi.String(\".*\"),\n\t\t\t\t\t\t\tWrite: pulumi.String(\"\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tHost: pulumi.String(\"/\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.rabbitMq.SecretBackend;\nimport com.pulumi.vault.rabbitMq.SecretBackendArgs;\nimport com.pulumi.vault.rabbitMq.SecretBackendRole;\nimport com.pulumi.vault.rabbitMq.SecretBackendRoleArgs;\nimport com.pulumi.vault.rabbitMq.inputs.SecretBackendRoleVhostArgs;\nimport com.pulumi.vault.rabbitMq.inputs.SecretBackendRoleVhostTopicArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var rabbitmq = new SecretBackend(\"rabbitmq\", SecretBackendArgs.builder() \n .connectionUri(\"https://.....\")\n .username(\"user\")\n .password(\"password\")\n .build());\n\n var role = new SecretBackendRole(\"role\", SecretBackendRoleArgs.builder() \n .backend(rabbitmq.path())\n .tags(\"tag1,tag2\")\n .vhosts(SecretBackendRoleVhostArgs.builder()\n .host(\"/\")\n .configure(\"\")\n .read(\".*\")\n .write(\"\")\n .build())\n .vhostTopics(SecretBackendRoleVhostTopicArgs.builder()\n .vhosts(SecretBackendRoleVhostTopicVhostArgs.builder()\n .topic(\"amq.topic\")\n .read(\".*\")\n .write(\"\")\n .build())\n .host(\"/\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n rabbitmq:\n type: vault:rabbitMq:SecretBackend\n properties:\n connectionUri: https://.....\n username: user\n password: password\n role:\n type: vault:rabbitMq:SecretBackendRole\n properties:\n backend: ${rabbitmq.path}\n tags: tag1,tag2\n vhosts:\n - host: /\n configure:\n read: .*\n write:\n vhostTopics:\n - vhosts:\n - topic: amq.topic\n read: .*\n write:\n host: /\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nRabbitMQ secret backend roles can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:rabbitMq/secretBackendRole:SecretBackendRole role rabbitmq/roles/deploy\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst rabbitmq = new vault.rabbitmq.SecretBackend(\"rabbitmq\", {\n connectionUri: \"https://.....\",\n username: \"user\",\n password: \"password\",\n});\nconst role = new vault.rabbitmq.SecretBackendRole(\"role\", {\n backend: rabbitmq.path,\n tags: \"tag1,tag2\",\n vhosts: [{\n host: \"/\",\n configure: \"\",\n read: \".*\",\n write: \"\",\n }],\n vhostTopics: [{\n vhosts: [{\n topic: \"amq.topic\",\n read: \".*\",\n write: \"\",\n }],\n host: \"/\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nrabbitmq = vault.rabbit_mq.SecretBackend(\"rabbitmq\",\n connection_uri=\"https://.....\",\n username=\"user\",\n password=\"password\")\nrole = vault.rabbit_mq.SecretBackendRole(\"role\",\n backend=rabbitmq.path,\n tags=\"tag1,tag2\",\n vhosts=[vault.rabbit_mq.SecretBackendRoleVhostArgs(\n host=\"/\",\n configure=\"\",\n read=\".*\",\n write=\"\",\n )],\n vhost_topics=[vault.rabbit_mq.SecretBackendRoleVhostTopicArgs(\n vhosts=[vault.rabbit_mq.SecretBackendRoleVhostTopicVhostArgs(\n topic=\"amq.topic\",\n read=\".*\",\n write=\"\",\n )],\n host=\"/\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var rabbitmq = new Vault.RabbitMQ.SecretBackend(\"rabbitmq\", new()\n {\n ConnectionUri = \"https://.....\",\n Username = \"user\",\n Password = \"password\",\n });\n\n var role = new Vault.RabbitMQ.SecretBackendRole(\"role\", new()\n {\n Backend = rabbitmq.Path,\n Tags = \"tag1,tag2\",\n Vhosts = new[]\n {\n new Vault.RabbitMQ.Inputs.SecretBackendRoleVhostArgs\n {\n Host = \"/\",\n Configure = \"\",\n Read = \".*\",\n Write = \"\",\n },\n },\n VhostTopics = new[]\n {\n new Vault.RabbitMQ.Inputs.SecretBackendRoleVhostTopicArgs\n {\n Vhosts = new[]\n {\n new Vault.RabbitMQ.Inputs.SecretBackendRoleVhostTopicVhostArgs\n {\n Topic = \"amq.topic\",\n Read = \".*\",\n Write = \"\",\n },\n },\n Host = \"/\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/rabbitMq\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\trabbitmq, err := rabbitMq.NewSecretBackend(ctx, \"rabbitmq\", \u0026rabbitMq.SecretBackendArgs{\n\t\t\tConnectionUri: pulumi.String(\"https://.....\"),\n\t\t\tUsername: pulumi.String(\"user\"),\n\t\t\tPassword: pulumi.String(\"password\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rabbitMq.NewSecretBackendRole(ctx, \"role\", \u0026rabbitMq.SecretBackendRoleArgs{\n\t\t\tBackend: rabbitmq.Path,\n\t\t\tTags: pulumi.String(\"tag1,tag2\"),\n\t\t\tVhosts: rabbitmq.SecretBackendRoleVhostArray{\n\t\t\t\t\u0026rabbitmq.SecretBackendRoleVhostArgs{\n\t\t\t\t\tHost: pulumi.String(\"/\"),\n\t\t\t\t\tConfigure: pulumi.String(\"\"),\n\t\t\t\t\tRead: pulumi.String(\".*\"),\n\t\t\t\t\tWrite: pulumi.String(\"\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tVhostTopics: rabbitmq.SecretBackendRoleVhostTopicArray{\n\t\t\t\t\u0026rabbitmq.SecretBackendRoleVhostTopicArgs{\n\t\t\t\t\tVhosts: rabbitmq.SecretBackendRoleVhostTopicVhostArray{\n\t\t\t\t\t\t\u0026rabbitmq.SecretBackendRoleVhostTopicVhostArgs{\n\t\t\t\t\t\t\tTopic: pulumi.String(\"amq.topic\"),\n\t\t\t\t\t\t\tRead: pulumi.String(\".*\"),\n\t\t\t\t\t\t\tWrite: pulumi.String(\"\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tHost: pulumi.String(\"/\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.rabbitMq.SecretBackend;\nimport com.pulumi.vault.rabbitMq.SecretBackendArgs;\nimport com.pulumi.vault.rabbitMq.SecretBackendRole;\nimport com.pulumi.vault.rabbitMq.SecretBackendRoleArgs;\nimport com.pulumi.vault.rabbitMq.inputs.SecretBackendRoleVhostArgs;\nimport com.pulumi.vault.rabbitMq.inputs.SecretBackendRoleVhostTopicArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var rabbitmq = new SecretBackend(\"rabbitmq\", SecretBackendArgs.builder() \n .connectionUri(\"https://.....\")\n .username(\"user\")\n .password(\"password\")\n .build());\n\n var role = new SecretBackendRole(\"role\", SecretBackendRoleArgs.builder() \n .backend(rabbitmq.path())\n .tags(\"tag1,tag2\")\n .vhosts(SecretBackendRoleVhostArgs.builder()\n .host(\"/\")\n .configure(\"\")\n .read(\".*\")\n .write(\"\")\n .build())\n .vhostTopics(SecretBackendRoleVhostTopicArgs.builder()\n .vhosts(SecretBackendRoleVhostTopicVhostArgs.builder()\n .topic(\"amq.topic\")\n .read(\".*\")\n .write(\"\")\n .build())\n .host(\"/\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n rabbitmq:\n type: vault:rabbitMq:SecretBackend\n properties:\n connectionUri: https://.....\n username: user\n password: password\n role:\n type: vault:rabbitMq:SecretBackendRole\n properties:\n backend: ${rabbitmq.path}\n tags: tag1,tag2\n vhosts:\n - host: /\n configure:\n read: .*\n write:\n vhostTopics:\n - vhosts:\n - topic: amq.topic\n read: .*\n write:\n host: /\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nRabbitMQ secret backend roles can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:rabbitMq/secretBackendRole:SecretBackendRole role rabbitmq/roles/deploy\n```\n ", "properties": { "backend": { "type": "string", @@ -29472,232 +26722,534 @@ "type": "object" } }, - "vault:ssh/secretBackendCa:SecretBackendCa": { - "description": "Provides a resource to manage CA information in an SSH secret backend\n[SSH secret backend within Vault](https://www.vaultproject.io/docs/secrets/ssh/index.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst example = new vault.Mount(\"example\", {type: \"ssh\"});\nconst foo = new vault.ssh.SecretBackendCa(\"foo\", {backend: example.path});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample = vault.Mount(\"example\", type=\"ssh\")\nfoo = vault.ssh.SecretBackendCa(\"foo\", backend=example.path)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Vault.Mount(\"example\", new()\n {\n Type = \"ssh\",\n });\n\n var foo = new Vault.Ssh.SecretBackendCa(\"foo\", new()\n {\n Backend = example.Path,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/ssh\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := vault.NewMount(ctx, \"example\", \u0026vault.MountArgs{\n\t\t\tType: pulumi.String(\"ssh\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssh.NewSecretBackendCa(ctx, \"foo\", \u0026ssh.SecretBackendCaArgs{\n\t\t\tBackend: example.Path,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.ssh.SecretBackendCa;\nimport com.pulumi.vault.ssh.SecretBackendCaArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Mount(\"example\", MountArgs.builder() \n .type(\"ssh\")\n .build());\n\n var foo = new SecretBackendCa(\"foo\", SecretBackendCaArgs.builder() \n .backend(example.path())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: vault:Mount\n properties:\n type: ssh\n foo:\n type: vault:ssh:SecretBackendCa\n properties:\n backend: ${example.path}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nSSH secret backend CAs can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:ssh/secretBackendCa:SecretBackendCa foo ssh\n```\n\n ", + "vault:saml/authBackend:AuthBackend": { + "description": "Manages a SAML Auth mount in a Vault server. See the [Vault\ndocumentation](https://www.vaultproject.io/docs/auth/saml/) for more\ninformation.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst test = new vault.saml.AuthBackend(\"test\", {\n acsUrls: [\"https://my.vault.primary/v1/auth/saml/callback\"],\n defaultRole: \"admin\",\n entityId: \"https://my.vault/v1/auth/saml\",\n idpMetadataUrl: \"https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata\",\n path: \"saml\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest = vault.saml.AuthBackend(\"test\",\n acs_urls=[\"https://my.vault.primary/v1/auth/saml/callback\"],\n default_role=\"admin\",\n entity_id=\"https://my.vault/v1/auth/saml\",\n idp_metadata_url=\"https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata\",\n path=\"saml\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Vault.Saml.AuthBackend(\"test\", new()\n {\n AcsUrls = new[]\n {\n \"https://my.vault.primary/v1/auth/saml/callback\",\n },\n DefaultRole = \"admin\",\n EntityId = \"https://my.vault/v1/auth/saml\",\n IdpMetadataUrl = \"https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata\",\n Path = \"saml\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/saml\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := saml.NewAuthBackend(ctx, \"test\", \u0026saml.AuthBackendArgs{\n\t\t\tAcsUrls: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"https://my.vault.primary/v1/auth/saml/callback\"),\n\t\t\t},\n\t\t\tDefaultRole: pulumi.String(\"admin\"),\n\t\t\tEntityId: pulumi.String(\"https://my.vault/v1/auth/saml\"),\n\t\t\tIdpMetadataUrl: pulumi.String(\"https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata\"),\n\t\t\tPath: pulumi.String(\"saml\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.saml.AuthBackend;\nimport com.pulumi.vault.saml.AuthBackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new AuthBackend(\"test\", AuthBackendArgs.builder() \n .acsUrls(\"https://my.vault.primary/v1/auth/saml/callback\")\n .defaultRole(\"admin\")\n .entityId(\"https://my.vault/v1/auth/saml\")\n .idpMetadataUrl(\"https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata\")\n .path(\"saml\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: vault:saml:AuthBackend\n properties:\n acsUrls:\n - https://my.vault.primary/v1/auth/saml/callback\n defaultRole: admin\n entityId: https://my.vault/v1/auth/saml\n idpMetadataUrl: https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata\n path: saml\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nSAML authentication mounts can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:saml/authBackend:AuthBackend example saml\n```\n ", "properties": { - "backend": { + "acsUrls": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The well-formatted URLs of your Assertion Consumer Service (ACS)\nthat should receive a response from the identity provider.\n" + }, + "defaultRole": { "type": "string", - "description": "The path where the SSH secret backend is mounted. Defaults to 'ssh'\n" + "description": "The role to use if no role is provided during login.\n" }, - "generateSigningKey": { + "disableRemount": { "type": "boolean", - "description": "Whether Vault should generate the signing key pair internally. Defaults to true\n" + "description": "If set to `true`, opts out of mount migration on path updates.\nSee here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)\n" + }, + "entityId": { + "type": "string", + "description": "The entity ID of the SAML authentication service provider.\n" + }, + "idpCert": { + "type": "string", + "description": "The PEM encoded certificate of the identity provider. Mutually exclusive\nwith `idp_metadata_url`.\n" + }, + "idpEntityId": { + "type": "string", + "description": "The entity ID of the identity provider. Mutually exclusive with\n`idp_metadata_url`.\n" + }, + "idpMetadataUrl": { + "type": "string", + "description": "The metadata URL of the identity provider.\n" + }, + "idpSsoUrl": { + "type": "string", + "description": "The SSO URL of the identity provider. Mutually exclusive with \n`idp_metadata_url`.\n" }, "namespace": { "type": "string", "description": "The namespace to provision the resource in.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n" }, - "privateKey": { + "path": { "type": "string", - "description": "The private key part the SSH CA key pair; required if generate_signing_key is false.\n", - "secret": true + "description": "Path where the auth backend will be mounted. Defaults to `auth/saml`\nif not specified.\n" }, - "publicKey": { - "type": "string", - "description": "The public key part the SSH CA key pair; required if generate_signing_key is false.\n" + "verboseLogging": { + "type": "boolean", + "description": "If set to `true`, logs additional, potentially sensitive\ninformation during the SAML exchange according to the current logging level. Not\nrecommended for production.\n" } }, "required": [ - "privateKey", - "publicKey" + "acsUrls", + "entityId", + "verboseLogging" ], "inputProperties": { - "backend": { + "acsUrls": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The well-formatted URLs of your Assertion Consumer Service (ACS)\nthat should receive a response from the identity provider.\n" + }, + "defaultRole": { "type": "string", - "description": "The path where the SSH secret backend is mounted. Defaults to 'ssh'\n", - "willReplaceOnChanges": true + "description": "The role to use if no role is provided during login.\n" }, - "generateSigningKey": { + "disableRemount": { "type": "boolean", - "description": "Whether Vault should generate the signing key pair internally. Defaults to true\n", - "willReplaceOnChanges": true + "description": "If set to `true`, opts out of mount migration on path updates.\nSee here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)\n" + }, + "entityId": { + "type": "string", + "description": "The entity ID of the SAML authentication service provider.\n" + }, + "idpCert": { + "type": "string", + "description": "The PEM encoded certificate of the identity provider. Mutually exclusive\nwith `idp_metadata_url`.\n" + }, + "idpEntityId": { + "type": "string", + "description": "The entity ID of the identity provider. Mutually exclusive with\n`idp_metadata_url`.\n" + }, + "idpMetadataUrl": { + "type": "string", + "description": "The metadata URL of the identity provider.\n" + }, + "idpSsoUrl": { + "type": "string", + "description": "The SSO URL of the identity provider. Mutually exclusive with \n`idp_metadata_url`.\n" }, "namespace": { "type": "string", "description": "The namespace to provision the resource in.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n", "willReplaceOnChanges": true }, - "privateKey": { + "path": { "type": "string", - "description": "The private key part the SSH CA key pair; required if generate_signing_key is false.\n", - "secret": true, + "description": "Path where the auth backend will be mounted. Defaults to `auth/saml`\nif not specified.\n", "willReplaceOnChanges": true }, - "publicKey": { - "type": "string", - "description": "The public key part the SSH CA key pair; required if generate_signing_key is false.\n", - "willReplaceOnChanges": true + "verboseLogging": { + "type": "boolean", + "description": "If set to `true`, logs additional, potentially sensitive\ninformation during the SAML exchange according to the current logging level. Not\nrecommended for production.\n" } }, + "requiredInputs": [ + "acsUrls", + "entityId" + ], "stateInputs": { - "description": "Input properties used for looking up and filtering SecretBackendCa resources.\n", + "description": "Input properties used for looking up and filtering AuthBackend resources.\n", "properties": { - "backend": { + "acsUrls": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The well-formatted URLs of your Assertion Consumer Service (ACS)\nthat should receive a response from the identity provider.\n" + }, + "defaultRole": { "type": "string", - "description": "The path where the SSH secret backend is mounted. Defaults to 'ssh'\n", - "willReplaceOnChanges": true + "description": "The role to use if no role is provided during login.\n" }, - "generateSigningKey": { + "disableRemount": { "type": "boolean", - "description": "Whether Vault should generate the signing key pair internally. Defaults to true\n", - "willReplaceOnChanges": true + "description": "If set to `true`, opts out of mount migration on path updates.\nSee here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)\n" + }, + "entityId": { + "type": "string", + "description": "The entity ID of the SAML authentication service provider.\n" + }, + "idpCert": { + "type": "string", + "description": "The PEM encoded certificate of the identity provider. Mutually exclusive\nwith `idp_metadata_url`.\n" + }, + "idpEntityId": { + "type": "string", + "description": "The entity ID of the identity provider. Mutually exclusive with\n`idp_metadata_url`.\n" + }, + "idpMetadataUrl": { + "type": "string", + "description": "The metadata URL of the identity provider.\n" + }, + "idpSsoUrl": { + "type": "string", + "description": "The SSO URL of the identity provider. Mutually exclusive with \n`idp_metadata_url`.\n" }, "namespace": { "type": "string", "description": "The namespace to provision the resource in.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n", "willReplaceOnChanges": true }, - "privateKey": { + "path": { "type": "string", - "description": "The private key part the SSH CA key pair; required if generate_signing_key is false.\n", - "secret": true, + "description": "Path where the auth backend will be mounted. Defaults to `auth/saml`\nif not specified.\n", "willReplaceOnChanges": true }, - "publicKey": { - "type": "string", - "description": "The public key part the SSH CA key pair; required if generate_signing_key is false.\n", - "willReplaceOnChanges": true + "verboseLogging": { + "type": "boolean", + "description": "If set to `true`, logs additional, potentially sensitive\ninformation during the SAML exchange according to the current logging level. Not\nrecommended for production.\n" } }, "type": "object" } }, - "vault:ssh/secretBackendRole:SecretBackendRole": { - "description": "Provides a resource to manage roles in an SSH secret backend\n[SSH secret backend within Vault](https://www.vaultproject.io/docs/secrets/ssh/index.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst example = new vault.Mount(\"example\", {type: \"ssh\"});\nconst foo = new vault.ssh.SecretBackendRole(\"foo\", {\n backend: example.path,\n keyType: \"ca\",\n allowUserCertificates: true,\n});\nconst bar = new vault.ssh.SecretBackendRole(\"bar\", {\n backend: example.path,\n keyType: \"otp\",\n defaultUser: \"default\",\n allowedUsers: \"default,baz\",\n cidrList: \"0.0.0.0/0\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample = vault.Mount(\"example\", type=\"ssh\")\nfoo = vault.ssh.SecretBackendRole(\"foo\",\n backend=example.path,\n key_type=\"ca\",\n allow_user_certificates=True)\nbar = vault.ssh.SecretBackendRole(\"bar\",\n backend=example.path,\n key_type=\"otp\",\n default_user=\"default\",\n allowed_users=\"default,baz\",\n cidr_list=\"0.0.0.0/0\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Vault.Mount(\"example\", new()\n {\n Type = \"ssh\",\n });\n\n var foo = new Vault.Ssh.SecretBackendRole(\"foo\", new()\n {\n Backend = example.Path,\n KeyType = \"ca\",\n AllowUserCertificates = true,\n });\n\n var bar = new Vault.Ssh.SecretBackendRole(\"bar\", new()\n {\n Backend = example.Path,\n KeyType = \"otp\",\n DefaultUser = \"default\",\n AllowedUsers = \"default,baz\",\n CidrList = \"0.0.0.0/0\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/ssh\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := vault.NewMount(ctx, \"example\", \u0026vault.MountArgs{\n\t\t\tType: pulumi.String(\"ssh\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssh.NewSecretBackendRole(ctx, \"foo\", \u0026ssh.SecretBackendRoleArgs{\n\t\t\tBackend: example.Path,\n\t\t\tKeyType: pulumi.String(\"ca\"),\n\t\t\tAllowUserCertificates: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssh.NewSecretBackendRole(ctx, \"bar\", \u0026ssh.SecretBackendRoleArgs{\n\t\t\tBackend: example.Path,\n\t\t\tKeyType: pulumi.String(\"otp\"),\n\t\t\tDefaultUser: pulumi.String(\"default\"),\n\t\t\tAllowedUsers: pulumi.String(\"default,baz\"),\n\t\t\tCidrList: pulumi.String(\"0.0.0.0/0\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.ssh.SecretBackendRole;\nimport com.pulumi.vault.ssh.SecretBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Mount(\"example\", MountArgs.builder() \n .type(\"ssh\")\n .build());\n\n var foo = new SecretBackendRole(\"foo\", SecretBackendRoleArgs.builder() \n .backend(example.path())\n .keyType(\"ca\")\n .allowUserCertificates(true)\n .build());\n\n var bar = new SecretBackendRole(\"bar\", SecretBackendRoleArgs.builder() \n .backend(example.path())\n .keyType(\"otp\")\n .defaultUser(\"default\")\n .allowedUsers(\"default,baz\")\n .cidrList(\"0.0.0.0/0\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: vault:Mount\n properties:\n type: ssh\n foo:\n type: vault:ssh:SecretBackendRole\n properties:\n backend: ${example.path}\n keyType: ca\n allowUserCertificates: true\n bar:\n type: vault:ssh:SecretBackendRole\n properties:\n backend: ${example.path}\n keyType: otp\n defaultUser: default\n allowedUsers: default,baz\n cidrList: 0.0.0.0/0\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nSSH secret backend roles can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:ssh/secretBackendRole:SecretBackendRole foo ssh/roles/my-role\n```\n\n ", + "vault:saml/authBackendRole:AuthBackendRole": { + "description": "Manages an SAML auth backend role in a Vault server. See the [Vault\ndocumentation](https://www.vaultproject.io/docs/auth/saml.html) for more\ninformation.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst exampleAuthBackend = new vault.saml.AuthBackend(\"exampleAuthBackend\", {\n path: \"saml\",\n idpMetadataUrl: \"https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata\",\n entityId: \"https://my.vault/v1/auth/saml\",\n acsUrls: [\"https://my.vault.primary/v1/auth/saml/callback\"],\n defaultRole: \"default-role\",\n});\nconst exampleAuthBackendRole = new vault.saml.AuthBackendRole(\"exampleAuthBackendRole\", {\n path: exampleAuthBackend.path,\n groupsAttribute: \"groups\",\n boundAttributes: {\n group: \"admin\",\n },\n boundSubjects: [\"*example.com\"],\n tokenPolicies: [\"writer\"],\n tokenTtl: 86400,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample_auth_backend = vault.saml.AuthBackend(\"exampleAuthBackend\",\n path=\"saml\",\n idp_metadata_url=\"https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata\",\n entity_id=\"https://my.vault/v1/auth/saml\",\n acs_urls=[\"https://my.vault.primary/v1/auth/saml/callback\"],\n default_role=\"default-role\")\nexample_auth_backend_role = vault.saml.AuthBackendRole(\"exampleAuthBackendRole\",\n path=example_auth_backend.path,\n groups_attribute=\"groups\",\n bound_attributes={\n \"group\": \"admin\",\n },\n bound_subjects=[\"*example.com\"],\n token_policies=[\"writer\"],\n token_ttl=86400)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleAuthBackend = new Vault.Saml.AuthBackend(\"exampleAuthBackend\", new()\n {\n Path = \"saml\",\n IdpMetadataUrl = \"https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata\",\n EntityId = \"https://my.vault/v1/auth/saml\",\n AcsUrls = new[]\n {\n \"https://my.vault.primary/v1/auth/saml/callback\",\n },\n DefaultRole = \"default-role\",\n });\n\n var exampleAuthBackendRole = new Vault.Saml.AuthBackendRole(\"exampleAuthBackendRole\", new()\n {\n Path = exampleAuthBackend.Path,\n GroupsAttribute = \"groups\",\n BoundAttributes = \n {\n { \"group\", \"admin\" },\n },\n BoundSubjects = new[]\n {\n \"*example.com\",\n },\n TokenPolicies = new[]\n {\n \"writer\",\n },\n TokenTtl = 86400,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/saml\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleAuthBackend, err := saml.NewAuthBackend(ctx, \"exampleAuthBackend\", \u0026saml.AuthBackendArgs{\n\t\t\tPath: pulumi.String(\"saml\"),\n\t\t\tIdpMetadataUrl: pulumi.String(\"https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata\"),\n\t\t\tEntityId: pulumi.String(\"https://my.vault/v1/auth/saml\"),\n\t\t\tAcsUrls: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"https://my.vault.primary/v1/auth/saml/callback\"),\n\t\t\t},\n\t\t\tDefaultRole: pulumi.String(\"default-role\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = saml.NewAuthBackendRole(ctx, \"exampleAuthBackendRole\", \u0026saml.AuthBackendRoleArgs{\n\t\t\tPath: exampleAuthBackend.Path,\n\t\t\tGroupsAttribute: pulumi.String(\"groups\"),\n\t\t\tBoundAttributes: pulumi.Map{\n\t\t\t\t\"group\": pulumi.Any(\"admin\"),\n\t\t\t},\n\t\t\tBoundSubjects: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"*example.com\"),\n\t\t\t},\n\t\t\tTokenPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"writer\"),\n\t\t\t},\n\t\t\tTokenTtl: pulumi.Int(86400),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.saml.AuthBackend;\nimport com.pulumi.vault.saml.AuthBackendArgs;\nimport com.pulumi.vault.saml.AuthBackendRole;\nimport com.pulumi.vault.saml.AuthBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleAuthBackend = new AuthBackend(\"exampleAuthBackend\", AuthBackendArgs.builder() \n .path(\"saml\")\n .idpMetadataUrl(\"https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata\")\n .entityId(\"https://my.vault/v1/auth/saml\")\n .acsUrls(\"https://my.vault.primary/v1/auth/saml/callback\")\n .defaultRole(\"default-role\")\n .build());\n\n var exampleAuthBackendRole = new AuthBackendRole(\"exampleAuthBackendRole\", AuthBackendRoleArgs.builder() \n .path(exampleAuthBackend.path())\n .groupsAttribute(\"groups\")\n .boundAttributes(Map.of(\"group\", \"admin\"))\n .boundSubjects(\"*example.com\")\n .tokenPolicies(\"writer\")\n .tokenTtl(86400)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleAuthBackend:\n type: vault:saml:AuthBackend\n properties:\n path: saml\n idpMetadataUrl: https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata\n entityId: https://my.vault/v1/auth/saml\n acsUrls:\n - https://my.vault.primary/v1/auth/saml/callback\n defaultRole: default-role\n exampleAuthBackendRole:\n type: vault:saml:AuthBackendRole\n properties:\n path: ${exampleAuthBackend.path}\n groupsAttribute: groups\n boundAttributes:\n group: admin\n boundSubjects:\n - '*example.com'\n tokenPolicies:\n - writer\n tokenTtl: 86400\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nSAML authentication backend roles can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:saml/authBackendRole:AuthBackendRole example auth/saml/role/my-role\n```\n ", "properties": { - "algorithmSigner": { - "type": "string", - "description": "When supplied, this value specifies a signing algorithm for the key. Possible values: ssh-rsa, rsa-sha2-256, rsa-sha2-512.\n" - }, - "allowBareDomains": { - "type": "boolean", - "description": "Specifies if host certificates that are requested are allowed to use the base domains listed in `allowed_domains`.\n" - }, - "allowHostCertificates": { - "type": "boolean", - "description": "Specifies if certificates are allowed to be signed for use as a 'host'.\n" + "boundAttributes": { + "type": "object", + "additionalProperties": { + "$ref": "pulumi.json#/Any" + }, + "description": "Mapping of attribute names to values that are expected to\nexist in the SAML assertion.\n" }, - "allowSubdomains": { - "type": "boolean", - "description": "Specifies if host certificates that are requested are allowed to be subdomains of those listed in `allowed_domains`.\n" + "boundAttributesType": { + "type": "string", + "description": "The type of matching assertion to perform on\n`bound_attributes_type`.\n" }, - "allowUserCertificates": { - "type": "boolean", - "description": "Specifies if certificates are allowed to be signed for use as a 'user'.\n" + "boundSubjects": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of subjects being asserted for SAML authentication.\n" }, - "allowUserKeyIds": { - "type": "boolean", - "description": "Specifies if users can override the key ID for a signed certificate with the `key_id` field.\n" + "boundSubjectsType": { + "type": "string", + "description": "The type of matching assertion to perform on `bound_subjects`.\n" }, - "allowedCriticalOptions": { + "groupsAttribute": { "type": "string", - "description": "Specifies a comma-separated list of critical options that certificates can have when signed.\n" + "description": "The attribute to use to identify the set of groups to which the\nuser belongs.\n" }, - "allowedDomains": { + "name": { "type": "string", - "description": "The list of domains for which a client can request a host certificate.\n" + "description": "Unique name of the role.\n" }, - "allowedDomainsTemplate": { - "type": "boolean", - "description": "Specifies if `allowed_domains` can be declared using\nidentity template policies. Non-templated domains are also permitted.\n" + "namespace": { + "type": "string", + "description": "The namespace to provision the resource in.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n" }, - "allowedExtensions": { + "path": { "type": "string", - "description": "Specifies a comma-separated list of extensions that certificates can have when signed.\n" + "description": "Path where the auth backend is mounted.\n" }, - "allowedUserKeyConfigs": { + "tokenBoundCidrs": { "type": "array", "items": { - "$ref": "#/types/vault:ssh/SecretBackendRoleAllowedUserKeyConfig:SecretBackendRoleAllowedUserKeyConfig" + "type": "string" }, - "description": "Set of configuration blocks to define allowed \nuser key configuration, like key type and their lengths. Can be specified multiple times.\n*See Configuration-Options for more info*\n" + "description": "List of CIDR blocks; if set, specifies blocks of IP\naddresses which can authenticate successfully, and ties the resulting token to these blocks\nas well.\n" }, - "allowedUserKeyLengths": { - "type": "object", - "additionalProperties": { - "type": "integer" - }, - "description": "Specifies a map of ssh key types and their expected sizes which \nare allowed to be signed by the CA type.\n*Deprecated: use* allowed_user_key_config *instead*\n", - "deprecationMessage": "Set in allowed_user_key_config" + "tokenExplicitMaxTtl": { + "type": "integer", + "description": "If set, will encode an\n[explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls)\nonto the token in number of seconds. This is a hard cap even if `token_ttl` and\n`token_max_ttl` would otherwise allow a renewal.\n" }, - "allowedUsers": { - "type": "string", - "description": "Specifies a comma-separated list of usernames that are to be allowed, only if certain usernames are to be allowed.\n" + "tokenMaxTtl": { + "type": "integer", + "description": "The maximum lifetime for generated tokens in number of seconds.\nIts current value will be referenced at renewal time.\n" }, - "allowedUsersTemplate": { + "tokenNoDefaultPolicy": { "type": "boolean", - "description": "Specifies if `allowed_users` can be declared using identity template policies. Non-templated users are also permitted.\n" + "description": "If set, the default policy will not be set on\ngenerated tokens; otherwise it will be added to the policies set in token_policies.\n" }, - "backend": { - "type": "string", - "description": "The path where the SSH secret backend is mounted.\n" + "tokenNumUses": { + "type": "integer", + "description": "The [maximum number](https://developer.hashicorp.com/vault/api-docs/auth/saml#token_num_uses)\nof times a generated token may be used (within its lifetime); 0 means unlimited.\n" }, - "cidrList": { - "type": "string", - "description": "The comma-separated string of CIDR blocks for which this role is applicable.\n" + "tokenPeriod": { + "type": "integer", + "description": "If set, indicates that the\ntoken generated using this role should never expire. The token should be renewed within the\nduration specified by this value. At each renewal, the token's TTL will be set to the\nvalue of this field. Specified in seconds.\n" }, - "defaultCriticalOptions": { - "type": "object", - "additionalProperties": { - "$ref": "pulumi.json#/Any" + "tokenPolicies": { + "type": "array", + "items": { + "type": "string" }, - "description": "Specifies a map of critical options that certificates have when signed.\n" + "description": "List of policies to encode onto generated tokens. Depending\non the auth method, this list may be supplemented by user/group/other values.\n" }, - "defaultExtensions": { + "tokenTtl": { + "type": "integer", + "description": "The incremental lifetime for generated tokens in number of seconds.\nIts current value will be referenced at renewal time.\n" + }, + "tokenType": { + "type": "string", + "description": "The type of token that should be generated. Can be `service`,\n`batch`, or `default` to use the mount's tuned default (which unless changed will be\n`service` tokens). For token store roles, there are two additional possibilities:\n`default-service` and `default-batch` which specify the type to return unless the client\nrequests a different type at generation time.\n" + } + }, + "required": [ + "boundAttributesType", + "boundSubjectsType", + "name", + "path" + ], + "inputProperties": { + "boundAttributes": { "type": "object", "additionalProperties": { "$ref": "pulumi.json#/Any" }, - "description": "Specifies a map of extensions that certificates have when signed.\n" + "description": "Mapping of attribute names to values that are expected to\nexist in the SAML assertion.\n" }, - "defaultUser": { + "boundAttributesType": { "type": "string", - "description": "Specifies the default username for which a credential will be generated.\n" - }, - "defaultUserTemplate": { - "type": "boolean", - "description": "If set, `default_users` can be specified using identity template values. A non-templated user is also permitted.\n" + "description": "The type of matching assertion to perform on\n`bound_attributes_type`.\n" }, - "keyIdFormat": { - "type": "string", - "description": "Specifies a custom format for the key id of a signed certificate.\n" + "boundSubjects": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of subjects being asserted for SAML authentication.\n" }, - "keyType": { + "boundSubjectsType": { "type": "string", - "description": "Specifies the type of credentials generated by this role. This can be either `otp`, `dynamic` or `ca`.\n" + "description": "The type of matching assertion to perform on `bound_subjects`.\n" }, - "maxTtl": { + "groupsAttribute": { "type": "string", - "description": "Specifies the maximum Time To Live value.\n" + "description": "The attribute to use to identify the set of groups to which the\nuser belongs.\n" }, "name": { "type": "string", - "description": "Specifies the name of the role to create.\n" + "description": "Unique name of the role.\n", + "willReplaceOnChanges": true }, "namespace": { "type": "string", - "description": "The namespace to provision the resource in.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n" + "description": "The namespace to provision the resource in.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n", + "willReplaceOnChanges": true }, - "notBeforeDuration": { + "path": { "type": "string", - "description": "Specifies the duration by which to backdate the ValidAfter property.\nUses [duration format strings](https://developer.hashicorp.com/vault/docs/concepts/duration-format).\n" + "description": "Path where the auth backend is mounted.\n", + "willReplaceOnChanges": true }, - "ttl": { + "tokenBoundCidrs": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of CIDR blocks; if set, specifies blocks of IP\naddresses which can authenticate successfully, and ties the resulting token to these blocks\nas well.\n" + }, + "tokenExplicitMaxTtl": { + "type": "integer", + "description": "If set, will encode an\n[explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls)\nonto the token in number of seconds. This is a hard cap even if `token_ttl` and\n`token_max_ttl` would otherwise allow a renewal.\n" + }, + "tokenMaxTtl": { + "type": "integer", + "description": "The maximum lifetime for generated tokens in number of seconds.\nIts current value will be referenced at renewal time.\n" + }, + "tokenNoDefaultPolicy": { + "type": "boolean", + "description": "If set, the default policy will not be set on\ngenerated tokens; otherwise it will be added to the policies set in token_policies.\n" + }, + "tokenNumUses": { + "type": "integer", + "description": "The [maximum number](https://developer.hashicorp.com/vault/api-docs/auth/saml#token_num_uses)\nof times a generated token may be used (within its lifetime); 0 means unlimited.\n" + }, + "tokenPeriod": { + "type": "integer", + "description": "If set, indicates that the\ntoken generated using this role should never expire. The token should be renewed within the\nduration specified by this value. At each renewal, the token's TTL will be set to the\nvalue of this field. Specified in seconds.\n" + }, + "tokenPolicies": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of policies to encode onto generated tokens. Depending\non the auth method, this list may be supplemented by user/group/other values.\n" + }, + "tokenTtl": { + "type": "integer", + "description": "The incremental lifetime for generated tokens in number of seconds.\nIts current value will be referenced at renewal time.\n" + }, + "tokenType": { "type": "string", - "description": "Specifies the Time To Live value.\n" + "description": "The type of token that should be generated. Can be `service`,\n`batch`, or `default` to use the mount's tuned default (which unless changed will be\n`service` tokens). For token store roles, there are two additional possibilities:\n`default-service` and `default-batch` which specify the type to return unless the client\nrequests a different type at generation time.\n" + } + }, + "requiredInputs": [ + "path" + ], + "stateInputs": { + "description": "Input properties used for looking up and filtering AuthBackendRole resources.\n", + "properties": { + "boundAttributes": { + "type": "object", + "additionalProperties": { + "$ref": "pulumi.json#/Any" + }, + "description": "Mapping of attribute names to values that are expected to\nexist in the SAML assertion.\n" + }, + "boundAttributesType": { + "type": "string", + "description": "The type of matching assertion to perform on\n`bound_attributes_type`.\n" + }, + "boundSubjects": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of subjects being asserted for SAML authentication.\n" + }, + "boundSubjectsType": { + "type": "string", + "description": "The type of matching assertion to perform on `bound_subjects`.\n" + }, + "groupsAttribute": { + "type": "string", + "description": "The attribute to use to identify the set of groups to which the\nuser belongs.\n" + }, + "name": { + "type": "string", + "description": "Unique name of the role.\n", + "willReplaceOnChanges": true + }, + "namespace": { + "type": "string", + "description": "The namespace to provision the resource in.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n", + "willReplaceOnChanges": true + }, + "path": { + "type": "string", + "description": "Path where the auth backend is mounted.\n", + "willReplaceOnChanges": true + }, + "tokenBoundCidrs": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of CIDR blocks; if set, specifies blocks of IP\naddresses which can authenticate successfully, and ties the resulting token to these blocks\nas well.\n" + }, + "tokenExplicitMaxTtl": { + "type": "integer", + "description": "If set, will encode an\n[explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls)\nonto the token in number of seconds. This is a hard cap even if `token_ttl` and\n`token_max_ttl` would otherwise allow a renewal.\n" + }, + "tokenMaxTtl": { + "type": "integer", + "description": "The maximum lifetime for generated tokens in number of seconds.\nIts current value will be referenced at renewal time.\n" + }, + "tokenNoDefaultPolicy": { + "type": "boolean", + "description": "If set, the default policy will not be set on\ngenerated tokens; otherwise it will be added to the policies set in token_policies.\n" + }, + "tokenNumUses": { + "type": "integer", + "description": "The [maximum number](https://developer.hashicorp.com/vault/api-docs/auth/saml#token_num_uses)\nof times a generated token may be used (within its lifetime); 0 means unlimited.\n" + }, + "tokenPeriod": { + "type": "integer", + "description": "If set, indicates that the\ntoken generated using this role should never expire. The token should be renewed within the\nduration specified by this value. At each renewal, the token's TTL will be set to the\nvalue of this field. Specified in seconds.\n" + }, + "tokenPolicies": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of policies to encode onto generated tokens. Depending\non the auth method, this list may be supplemented by user/group/other values.\n" + }, + "tokenTtl": { + "type": "integer", + "description": "The incremental lifetime for generated tokens in number of seconds.\nIts current value will be referenced at renewal time.\n" + }, + "tokenType": { + "type": "string", + "description": "The type of token that should be generated. Can be `service`,\n`batch`, or `default` to use the mount's tuned default (which unless changed will be\n`service` tokens). For token store roles, there are two additional possibilities:\n`default-service` and `default-batch` which specify the type to return unless the client\nrequests a different type at generation time.\n" + } + }, + "type": "object" + } + }, + "vault:ssh/secretBackendCa:SecretBackendCa": { + "description": "Provides a resource to manage CA information in an SSH secret backend\n[SSH secret backend within Vault](https://www.vaultproject.io/docs/secrets/ssh/index.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst example = new vault.Mount(\"example\", {type: \"ssh\"});\nconst foo = new vault.ssh.SecretBackendCa(\"foo\", {backend: example.path});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample = vault.Mount(\"example\", type=\"ssh\")\nfoo = vault.ssh.SecretBackendCa(\"foo\", backend=example.path)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Vault.Mount(\"example\", new()\n {\n Type = \"ssh\",\n });\n\n var foo = new Vault.Ssh.SecretBackendCa(\"foo\", new()\n {\n Backend = example.Path,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/ssh\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := vault.NewMount(ctx, \"example\", \u0026vault.MountArgs{\n\t\t\tType: pulumi.String(\"ssh\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssh.NewSecretBackendCa(ctx, \"foo\", \u0026ssh.SecretBackendCaArgs{\n\t\t\tBackend: example.Path,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.ssh.SecretBackendCa;\nimport com.pulumi.vault.ssh.SecretBackendCaArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Mount(\"example\", MountArgs.builder() \n .type(\"ssh\")\n .build());\n\n var foo = new SecretBackendCa(\"foo\", SecretBackendCaArgs.builder() \n .backend(example.path())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: vault:Mount\n properties:\n type: ssh\n foo:\n type: vault:ssh:SecretBackendCa\n properties:\n backend: ${example.path}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nSSH secret backend CAs can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:ssh/secretBackendCa:SecretBackendCa foo ssh\n```\n ", + "properties": { + "backend": { + "type": "string", + "description": "The path where the SSH secret backend is mounted. Defaults to 'ssh'\n" + }, + "generateSigningKey": { + "type": "boolean", + "description": "Whether Vault should generate the signing key pair internally. Defaults to true\n" + }, + "namespace": { + "type": "string", + "description": "The namespace to provision the resource in.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n" + }, + "privateKey": { + "type": "string", + "description": "Private key part the SSH CA key pair; required if generate_signing_key is false.\n", + "secret": true + }, + "publicKey": { + "type": "string", + "description": "The public key part the SSH CA key pair; required if generate_signing_key is false.\n" } }, "required": [ - "algorithmSigner", - "allowedDomainsTemplate", - "backend", - "keyType", - "maxTtl", - "name", - "notBeforeDuration", - "ttl" + "privateKey", + "publicKey" ], "inputProperties": { + "backend": { + "type": "string", + "description": "The path where the SSH secret backend is mounted. Defaults to 'ssh'\n", + "willReplaceOnChanges": true + }, + "generateSigningKey": { + "type": "boolean", + "description": "Whether Vault should generate the signing key pair internally. Defaults to true\n", + "willReplaceOnChanges": true + }, + "namespace": { + "type": "string", + "description": "The namespace to provision the resource in.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n", + "willReplaceOnChanges": true + }, + "privateKey": { + "type": "string", + "description": "Private key part the SSH CA key pair; required if generate_signing_key is false.\n", + "secret": true, + "willReplaceOnChanges": true + }, + "publicKey": { + "type": "string", + "description": "The public key part the SSH CA key pair; required if generate_signing_key is false.\n", + "willReplaceOnChanges": true + } + }, + "stateInputs": { + "description": "Input properties used for looking up and filtering SecretBackendCa resources.\n", + "properties": { + "backend": { + "type": "string", + "description": "The path where the SSH secret backend is mounted. Defaults to 'ssh'\n", + "willReplaceOnChanges": true + }, + "generateSigningKey": { + "type": "boolean", + "description": "Whether Vault should generate the signing key pair internally. Defaults to true\n", + "willReplaceOnChanges": true + }, + "namespace": { + "type": "string", + "description": "The namespace to provision the resource in.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n", + "willReplaceOnChanges": true + }, + "privateKey": { + "type": "string", + "description": "Private key part the SSH CA key pair; required if generate_signing_key is false.\n", + "secret": true, + "willReplaceOnChanges": true + }, + "publicKey": { + "type": "string", + "description": "The public key part the SSH CA key pair; required if generate_signing_key is false.\n", + "willReplaceOnChanges": true + } + }, + "type": "object" + } + }, + "vault:ssh/secretBackendRole:SecretBackendRole": { + "description": "Provides a resource to manage roles in an SSH secret backend\n[SSH secret backend within Vault](https://www.vaultproject.io/docs/secrets/ssh/index.html).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst example = new vault.Mount(\"example\", {type: \"ssh\"});\nconst foo = new vault.ssh.SecretBackendRole(\"foo\", {\n backend: example.path,\n keyType: \"ca\",\n allowUserCertificates: true,\n});\nconst bar = new vault.ssh.SecretBackendRole(\"bar\", {\n backend: example.path,\n keyType: \"otp\",\n defaultUser: \"default\",\n allowedUsers: \"default,baz\",\n cidrList: \"0.0.0.0/0\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample = vault.Mount(\"example\", type=\"ssh\")\nfoo = vault.ssh.SecretBackendRole(\"foo\",\n backend=example.path,\n key_type=\"ca\",\n allow_user_certificates=True)\nbar = vault.ssh.SecretBackendRole(\"bar\",\n backend=example.path,\n key_type=\"otp\",\n default_user=\"default\",\n allowed_users=\"default,baz\",\n cidr_list=\"0.0.0.0/0\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Vault.Mount(\"example\", new()\n {\n Type = \"ssh\",\n });\n\n var foo = new Vault.Ssh.SecretBackendRole(\"foo\", new()\n {\n Backend = example.Path,\n KeyType = \"ca\",\n AllowUserCertificates = true,\n });\n\n var bar = new Vault.Ssh.SecretBackendRole(\"bar\", new()\n {\n Backend = example.Path,\n KeyType = \"otp\",\n DefaultUser = \"default\",\n AllowedUsers = \"default,baz\",\n CidrList = \"0.0.0.0/0\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/ssh\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := vault.NewMount(ctx, \"example\", \u0026vault.MountArgs{\n\t\t\tType: pulumi.String(\"ssh\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssh.NewSecretBackendRole(ctx, \"foo\", \u0026ssh.SecretBackendRoleArgs{\n\t\t\tBackend: example.Path,\n\t\t\tKeyType: pulumi.String(\"ca\"),\n\t\t\tAllowUserCertificates: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssh.NewSecretBackendRole(ctx, \"bar\", \u0026ssh.SecretBackendRoleArgs{\n\t\t\tBackend: example.Path,\n\t\t\tKeyType: pulumi.String(\"otp\"),\n\t\t\tDefaultUser: pulumi.String(\"default\"),\n\t\t\tAllowedUsers: pulumi.String(\"default,baz\"),\n\t\t\tCidrList: pulumi.String(\"0.0.0.0/0\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.ssh.SecretBackendRole;\nimport com.pulumi.vault.ssh.SecretBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Mount(\"example\", MountArgs.builder() \n .type(\"ssh\")\n .build());\n\n var foo = new SecretBackendRole(\"foo\", SecretBackendRoleArgs.builder() \n .backend(example.path())\n .keyType(\"ca\")\n .allowUserCertificates(true)\n .build());\n\n var bar = new SecretBackendRole(\"bar\", SecretBackendRoleArgs.builder() \n .backend(example.path())\n .keyType(\"otp\")\n .defaultUser(\"default\")\n .allowedUsers(\"default,baz\")\n .cidrList(\"0.0.0.0/0\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: vault:Mount\n properties:\n type: ssh\n foo:\n type: vault:ssh:SecretBackendRole\n properties:\n backend: ${example.path}\n keyType: ca\n allowUserCertificates: true\n bar:\n type: vault:ssh:SecretBackendRole\n properties:\n backend: ${example.path}\n keyType: otp\n defaultUser: default\n allowedUsers: default,baz\n cidrList: 0.0.0.0/0\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nSSH secret backend roles can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:ssh/secretBackendRole:SecretBackendRole foo ssh/roles/my-role\n```\n ", + "properties": { "algorithmSigner": { "type": "string", "description": "When supplied, this value specifies a signing algorithm for the key. Possible values: ssh-rsa, rsa-sha2-256, rsa-sha2-512.\n" @@ -29763,8 +27315,7 @@ }, "backend": { "type": "string", - "description": "The path where the SSH secret backend is mounted.\n", - "willReplaceOnChanges": true + "description": "The path where the SSH secret backend is mounted.\n" }, "cidrList": { "type": "string", @@ -29806,13 +27357,11 @@ }, "name": { "type": "string", - "description": "Specifies the name of the role to create.\n", - "willReplaceOnChanges": true + "description": "Specifies the name of the role to create.\n" }, "namespace": { "type": "string", - "description": "The namespace to provision the resource in.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n", - "willReplaceOnChanges": true + "description": "The namespace to provision the resource in.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n" }, "notBeforeDuration": { "type": "string", @@ -29823,32 +27372,168 @@ "description": "Specifies the Time To Live value.\n" } }, - "requiredInputs": [ + "required": [ + "algorithmSigner", + "allowedDomainsTemplate", "backend", - "keyType" + "keyType", + "maxTtl", + "name", + "notBeforeDuration", + "ttl" ], - "stateInputs": { - "description": "Input properties used for looking up and filtering SecretBackendRole resources.\n", - "properties": { - "algorithmSigner": { - "type": "string", - "description": "When supplied, this value specifies a signing algorithm for the key. Possible values: ssh-rsa, rsa-sha2-256, rsa-sha2-512.\n" - }, - "allowBareDomains": { - "type": "boolean", - "description": "Specifies if host certificates that are requested are allowed to use the base domains listed in `allowed_domains`.\n" - }, - "allowHostCertificates": { - "type": "boolean", - "description": "Specifies if certificates are allowed to be signed for use as a 'host'.\n" - }, - "allowSubdomains": { - "type": "boolean", - "description": "Specifies if host certificates that are requested are allowed to be subdomains of those listed in `allowed_domains`.\n" - }, - "allowUserCertificates": { - "type": "boolean", - "description": "Specifies if certificates are allowed to be signed for use as a 'user'.\n" + "inputProperties": { + "algorithmSigner": { + "type": "string", + "description": "When supplied, this value specifies a signing algorithm for the key. Possible values: ssh-rsa, rsa-sha2-256, rsa-sha2-512.\n" + }, + "allowBareDomains": { + "type": "boolean", + "description": "Specifies if host certificates that are requested are allowed to use the base domains listed in `allowed_domains`.\n" + }, + "allowHostCertificates": { + "type": "boolean", + "description": "Specifies if certificates are allowed to be signed for use as a 'host'.\n" + }, + "allowSubdomains": { + "type": "boolean", + "description": "Specifies if host certificates that are requested are allowed to be subdomains of those listed in `allowed_domains`.\n" + }, + "allowUserCertificates": { + "type": "boolean", + "description": "Specifies if certificates are allowed to be signed for use as a 'user'.\n" + }, + "allowUserKeyIds": { + "type": "boolean", + "description": "Specifies if users can override the key ID for a signed certificate with the `key_id` field.\n" + }, + "allowedCriticalOptions": { + "type": "string", + "description": "Specifies a comma-separated list of critical options that certificates can have when signed.\n" + }, + "allowedDomains": { + "type": "string", + "description": "The list of domains for which a client can request a host certificate.\n" + }, + "allowedDomainsTemplate": { + "type": "boolean", + "description": "Specifies if `allowed_domains` can be declared using\nidentity template policies. Non-templated domains are also permitted.\n" + }, + "allowedExtensions": { + "type": "string", + "description": "Specifies a comma-separated list of extensions that certificates can have when signed.\n" + }, + "allowedUserKeyConfigs": { + "type": "array", + "items": { + "$ref": "#/types/vault:ssh/SecretBackendRoleAllowedUserKeyConfig:SecretBackendRoleAllowedUserKeyConfig" + }, + "description": "Set of configuration blocks to define allowed \nuser key configuration, like key type and their lengths. Can be specified multiple times.\n*See Configuration-Options for more info*\n" + }, + "allowedUserKeyLengths": { + "type": "object", + "additionalProperties": { + "type": "integer" + }, + "description": "Specifies a map of ssh key types and their expected sizes which \nare allowed to be signed by the CA type.\n*Deprecated: use* allowed_user_key_config *instead*\n", + "deprecationMessage": "Set in allowed_user_key_config" + }, + "allowedUsers": { + "type": "string", + "description": "Specifies a comma-separated list of usernames that are to be allowed, only if certain usernames are to be allowed.\n" + }, + "allowedUsersTemplate": { + "type": "boolean", + "description": "Specifies if `allowed_users` can be declared using identity template policies. Non-templated users are also permitted.\n" + }, + "backend": { + "type": "string", + "description": "The path where the SSH secret backend is mounted.\n", + "willReplaceOnChanges": true + }, + "cidrList": { + "type": "string", + "description": "The comma-separated string of CIDR blocks for which this role is applicable.\n" + }, + "defaultCriticalOptions": { + "type": "object", + "additionalProperties": { + "$ref": "pulumi.json#/Any" + }, + "description": "Specifies a map of critical options that certificates have when signed.\n" + }, + "defaultExtensions": { + "type": "object", + "additionalProperties": { + "$ref": "pulumi.json#/Any" + }, + "description": "Specifies a map of extensions that certificates have when signed.\n" + }, + "defaultUser": { + "type": "string", + "description": "Specifies the default username for which a credential will be generated.\n" + }, + "defaultUserTemplate": { + "type": "boolean", + "description": "If set, `default_users` can be specified using identity template values. A non-templated user is also permitted.\n" + }, + "keyIdFormat": { + "type": "string", + "description": "Specifies a custom format for the key id of a signed certificate.\n" + }, + "keyType": { + "type": "string", + "description": "Specifies the type of credentials generated by this role. This can be either `otp`, `dynamic` or `ca`.\n" + }, + "maxTtl": { + "type": "string", + "description": "Specifies the maximum Time To Live value.\n" + }, + "name": { + "type": "string", + "description": "Specifies the name of the role to create.\n", + "willReplaceOnChanges": true + }, + "namespace": { + "type": "string", + "description": "The namespace to provision the resource in.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n", + "willReplaceOnChanges": true + }, + "notBeforeDuration": { + "type": "string", + "description": "Specifies the duration by which to backdate the ValidAfter property.\nUses [duration format strings](https://developer.hashicorp.com/vault/docs/concepts/duration-format).\n" + }, + "ttl": { + "type": "string", + "description": "Specifies the Time To Live value.\n" + } + }, + "requiredInputs": [ + "backend", + "keyType" + ], + "stateInputs": { + "description": "Input properties used for looking up and filtering SecretBackendRole resources.\n", + "properties": { + "algorithmSigner": { + "type": "string", + "description": "When supplied, this value specifies a signing algorithm for the key. Possible values: ssh-rsa, rsa-sha2-256, rsa-sha2-512.\n" + }, + "allowBareDomains": { + "type": "boolean", + "description": "Specifies if host certificates that are requested are allowed to use the base domains listed in `allowed_domains`.\n" + }, + "allowHostCertificates": { + "type": "boolean", + "description": "Specifies if certificates are allowed to be signed for use as a 'host'.\n" + }, + "allowSubdomains": { + "type": "boolean", + "description": "Specifies if host certificates that are requested are allowed to be subdomains of those listed in `allowed_domains`.\n" + }, + "allowUserCertificates": { + "type": "boolean", + "description": "Specifies if certificates are allowed to be signed for use as a 'user'.\n" }, "allowUserKeyIds": { "type": "boolean", @@ -29959,7 +27644,7 @@ } }, "vault:terraformcloud/secretBackend:SecretBackend": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst test = new vault.terraformcloud.SecretBackend(\"test\", {\n backend: \"terraform\",\n description: \"Manages the Terraform Cloud backend\",\n token: \"V0idfhi2iksSDU234ucdbi2nidsi...\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest = vault.terraformcloud.SecretBackend(\"test\",\n backend=\"terraform\",\n description=\"Manages the Terraform Cloud backend\",\n token=\"V0idfhi2iksSDU234ucdbi2nidsi...\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Vault.TerraformCloud.SecretBackend(\"test\", new()\n {\n Backend = \"terraform\",\n Description = \"Manages the Terraform Cloud backend\",\n Token = \"V0idfhi2iksSDU234ucdbi2nidsi...\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/terraformcloud\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := terraformcloud.NewSecretBackend(ctx, \"test\", \u0026terraformcloud.SecretBackendArgs{\n\t\t\tBackend: pulumi.String(\"terraform\"),\n\t\t\tDescription: pulumi.String(\"Manages the Terraform Cloud backend\"),\n\t\t\tToken: pulumi.String(\"V0idfhi2iksSDU234ucdbi2nidsi...\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.terraformcloud.SecretBackend;\nimport com.pulumi.vault.terraformcloud.SecretBackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new SecretBackend(\"test\", SecretBackendArgs.builder() \n .backend(\"terraform\")\n .description(\"Manages the Terraform Cloud backend\")\n .token(\"V0idfhi2iksSDU234ucdbi2nidsi...\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: vault:terraformcloud:SecretBackend\n properties:\n backend: terraform\n description: Manages the Terraform Cloud backend\n token: V0idfhi2iksSDU234ucdbi2nidsi...\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nTerraform Cloud secret backends can be imported using the `backend`, e.g.\n\n```sh\n $ pulumi import vault:terraformcloud/secretBackend:SecretBackend example terraform\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst test = new vault.terraformcloud.SecretBackend(\"test\", {\n backend: \"terraform\",\n description: \"Manages the Terraform Cloud backend\",\n token: \"V0idfhi2iksSDU234ucdbi2nidsi...\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest = vault.terraformcloud.SecretBackend(\"test\",\n backend=\"terraform\",\n description=\"Manages the Terraform Cloud backend\",\n token=\"V0idfhi2iksSDU234ucdbi2nidsi...\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Vault.TerraformCloud.SecretBackend(\"test\", new()\n {\n Backend = \"terraform\",\n Description = \"Manages the Terraform Cloud backend\",\n Token = \"V0idfhi2iksSDU234ucdbi2nidsi...\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/terraformcloud\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := terraformcloud.NewSecretBackend(ctx, \"test\", \u0026terraformcloud.SecretBackendArgs{\n\t\t\tBackend: pulumi.String(\"terraform\"),\n\t\t\tDescription: pulumi.String(\"Manages the Terraform Cloud backend\"),\n\t\t\tToken: pulumi.String(\"V0idfhi2iksSDU234ucdbi2nidsi...\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.terraformcloud.SecretBackend;\nimport com.pulumi.vault.terraformcloud.SecretBackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new SecretBackend(\"test\", SecretBackendArgs.builder() \n .backend(\"terraform\")\n .description(\"Manages the Terraform Cloud backend\")\n .token(\"V0idfhi2iksSDU234ucdbi2nidsi...\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: vault:terraformcloud:SecretBackend\n properties:\n backend: terraform\n description: Manages the Terraform Cloud backend\n token: V0idfhi2iksSDU234ucdbi2nidsi...\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nTerraform Cloud secret backends can be imported using the `backend`, e.g.\n\n```sh\n $ pulumi import vault:terraformcloud/secretBackend:SecretBackend example terraform\n```\n ", "properties": { "address": { "type": "string", @@ -30085,7 +27770,7 @@ } }, "vault:terraformcloud/secretCreds:SecretCreds": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst test = new vault.terraformcloud.SecretBackend(\"test\", {\n backend: \"terraform\",\n description: \"Manages the Terraform Cloud backend\",\n token: \"V0idfhi2iksSDU234ucdbi2nidsi...\",\n});\nconst example = new vault.terraformcloud.SecretRole(\"example\", {\n backend: test.backend,\n organization: \"example-organization-name\",\n teamId: \"team-ieF4isC...\",\n});\nconst token = new vault.terraformcloud.SecretCreds(\"token\", {\n backend: test.backend,\n role: example.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest = vault.terraformcloud.SecretBackend(\"test\",\n backend=\"terraform\",\n description=\"Manages the Terraform Cloud backend\",\n token=\"V0idfhi2iksSDU234ucdbi2nidsi...\")\nexample = vault.terraformcloud.SecretRole(\"example\",\n backend=test.backend,\n organization=\"example-organization-name\",\n team_id=\"team-ieF4isC...\")\ntoken = vault.terraformcloud.SecretCreds(\"token\",\n backend=test.backend,\n role=example.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Vault.TerraformCloud.SecretBackend(\"test\", new()\n {\n Backend = \"terraform\",\n Description = \"Manages the Terraform Cloud backend\",\n Token = \"V0idfhi2iksSDU234ucdbi2nidsi...\",\n });\n\n var example = new Vault.TerraformCloud.SecretRole(\"example\", new()\n {\n Backend = test.Backend,\n Organization = \"example-organization-name\",\n TeamId = \"team-ieF4isC...\",\n });\n\n var token = new Vault.TerraformCloud.SecretCreds(\"token\", new()\n {\n Backend = test.Backend,\n Role = example.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/terraformcloud\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := terraformcloud.NewSecretBackend(ctx, \"test\", \u0026terraformcloud.SecretBackendArgs{\n\t\t\tBackend: pulumi.String(\"terraform\"),\n\t\t\tDescription: pulumi.String(\"Manages the Terraform Cloud backend\"),\n\t\t\tToken: pulumi.String(\"V0idfhi2iksSDU234ucdbi2nidsi...\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := terraformcloud.NewSecretRole(ctx, \"example\", \u0026terraformcloud.SecretRoleArgs{\n\t\t\tBackend: test.Backend,\n\t\t\tOrganization: pulumi.String(\"example-organization-name\"),\n\t\t\tTeamId: pulumi.String(\"team-ieF4isC...\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = terraformcloud.NewSecretCreds(ctx, \"token\", \u0026terraformcloud.SecretCredsArgs{\n\t\t\tBackend: test.Backend,\n\t\t\tRole: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.terraformcloud.SecretBackend;\nimport com.pulumi.vault.terraformcloud.SecretBackendArgs;\nimport com.pulumi.vault.terraformcloud.SecretRole;\nimport com.pulumi.vault.terraformcloud.SecretRoleArgs;\nimport com.pulumi.vault.terraformcloud.SecretCreds;\nimport com.pulumi.vault.terraformcloud.SecretCredsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new SecretBackend(\"test\", SecretBackendArgs.builder() \n .backend(\"terraform\")\n .description(\"Manages the Terraform Cloud backend\")\n .token(\"V0idfhi2iksSDU234ucdbi2nidsi...\")\n .build());\n\n var example = new SecretRole(\"example\", SecretRoleArgs.builder() \n .backend(test.backend())\n .organization(\"example-organization-name\")\n .teamId(\"team-ieF4isC...\")\n .build());\n\n var token = new SecretCreds(\"token\", SecretCredsArgs.builder() \n .backend(test.backend())\n .role(example.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: vault:terraformcloud:SecretBackend\n properties:\n backend: terraform\n description: Manages the Terraform Cloud backend\n token: V0idfhi2iksSDU234ucdbi2nidsi...\n example:\n type: vault:terraformcloud:SecretRole\n properties:\n backend: ${test.backend}\n organization: example-organization-name\n teamId: team-ieF4isC...\n token:\n type: vault:terraformcloud:SecretCreds\n properties:\n backend: ${test.backend}\n role: ${example.name}\n```\n{{% /example %}}\n{{% /examples %}}", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst test = new vault.terraformcloud.SecretBackend(\"test\", {\n backend: \"terraform\",\n description: \"Manages the Terraform Cloud backend\",\n token: \"V0idfhi2iksSDU234ucdbi2nidsi...\",\n});\nconst example = new vault.terraformcloud.SecretRole(\"example\", {\n backend: test.backend,\n organization: \"example-organization-name\",\n teamId: \"team-ieF4isC...\",\n});\nconst token = new vault.terraformcloud.SecretCreds(\"token\", {\n backend: test.backend,\n role: example.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest = vault.terraformcloud.SecretBackend(\"test\",\n backend=\"terraform\",\n description=\"Manages the Terraform Cloud backend\",\n token=\"V0idfhi2iksSDU234ucdbi2nidsi...\")\nexample = vault.terraformcloud.SecretRole(\"example\",\n backend=test.backend,\n organization=\"example-organization-name\",\n team_id=\"team-ieF4isC...\")\ntoken = vault.terraformcloud.SecretCreds(\"token\",\n backend=test.backend,\n role=example.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Vault.TerraformCloud.SecretBackend(\"test\", new()\n {\n Backend = \"terraform\",\n Description = \"Manages the Terraform Cloud backend\",\n Token = \"V0idfhi2iksSDU234ucdbi2nidsi...\",\n });\n\n var example = new Vault.TerraformCloud.SecretRole(\"example\", new()\n {\n Backend = test.Backend,\n Organization = \"example-organization-name\",\n TeamId = \"team-ieF4isC...\",\n });\n\n var token = new Vault.TerraformCloud.SecretCreds(\"token\", new()\n {\n Backend = test.Backend,\n Role = example.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/terraformcloud\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := terraformcloud.NewSecretBackend(ctx, \"test\", \u0026terraformcloud.SecretBackendArgs{\n\t\t\tBackend: pulumi.String(\"terraform\"),\n\t\t\tDescription: pulumi.String(\"Manages the Terraform Cloud backend\"),\n\t\t\tToken: pulumi.String(\"V0idfhi2iksSDU234ucdbi2nidsi...\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := terraformcloud.NewSecretRole(ctx, \"example\", \u0026terraformcloud.SecretRoleArgs{\n\t\t\tBackend: test.Backend,\n\t\t\tOrganization: pulumi.String(\"example-organization-name\"),\n\t\t\tTeamId: pulumi.String(\"team-ieF4isC...\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = terraformcloud.NewSecretCreds(ctx, \"token\", \u0026terraformcloud.SecretCredsArgs{\n\t\t\tBackend: test.Backend,\n\t\t\tRole: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.terraformcloud.SecretBackend;\nimport com.pulumi.vault.terraformcloud.SecretBackendArgs;\nimport com.pulumi.vault.terraformcloud.SecretRole;\nimport com.pulumi.vault.terraformcloud.SecretRoleArgs;\nimport com.pulumi.vault.terraformcloud.SecretCreds;\nimport com.pulumi.vault.terraformcloud.SecretCredsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new SecretBackend(\"test\", SecretBackendArgs.builder() \n .backend(\"terraform\")\n .description(\"Manages the Terraform Cloud backend\")\n .token(\"V0idfhi2iksSDU234ucdbi2nidsi...\")\n .build());\n\n var example = new SecretRole(\"example\", SecretRoleArgs.builder() \n .backend(test.backend())\n .organization(\"example-organization-name\")\n .teamId(\"team-ieF4isC...\")\n .build());\n\n var token = new SecretCreds(\"token\", SecretCredsArgs.builder() \n .backend(test.backend())\n .role(example.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: vault:terraformcloud:SecretBackend\n properties:\n backend: terraform\n description: Manages the Terraform Cloud backend\n token: V0idfhi2iksSDU234ucdbi2nidsi...\n example:\n type: vault:terraformcloud:SecretRole\n properties:\n backend: ${test.backend}\n organization: example-organization-name\n teamId: team-ieF4isC...\n token:\n type: vault:terraformcloud:SecretCreds\n properties:\n backend: ${test.backend}\n role: ${example.name}\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "backend": { "type": "string", @@ -30195,7 +27880,7 @@ } }, "vault:terraformcloud/secretRole:SecretRole": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst test = new vault.terraformcloud.SecretBackend(\"test\", {\n backend: \"terraform\",\n description: \"Manages the Terraform Cloud backend\",\n token: \"V0idfhi2iksSDU234ucdbi2nidsi...\",\n});\nconst example = new vault.terraformcloud.SecretRole(\"example\", {\n backend: test.backend,\n organization: \"example-organization-name\",\n teamId: \"team-ieF4isC...\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest = vault.terraformcloud.SecretBackend(\"test\",\n backend=\"terraform\",\n description=\"Manages the Terraform Cloud backend\",\n token=\"V0idfhi2iksSDU234ucdbi2nidsi...\")\nexample = vault.terraformcloud.SecretRole(\"example\",\n backend=test.backend,\n organization=\"example-organization-name\",\n team_id=\"team-ieF4isC...\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Vault.TerraformCloud.SecretBackend(\"test\", new()\n {\n Backend = \"terraform\",\n Description = \"Manages the Terraform Cloud backend\",\n Token = \"V0idfhi2iksSDU234ucdbi2nidsi...\",\n });\n\n var example = new Vault.TerraformCloud.SecretRole(\"example\", new()\n {\n Backend = test.Backend,\n Organization = \"example-organization-name\",\n TeamId = \"team-ieF4isC...\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/terraformcloud\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := terraformcloud.NewSecretBackend(ctx, \"test\", \u0026terraformcloud.SecretBackendArgs{\n\t\t\tBackend: pulumi.String(\"terraform\"),\n\t\t\tDescription: pulumi.String(\"Manages the Terraform Cloud backend\"),\n\t\t\tToken: pulumi.String(\"V0idfhi2iksSDU234ucdbi2nidsi...\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = terraformcloud.NewSecretRole(ctx, \"example\", \u0026terraformcloud.SecretRoleArgs{\n\t\t\tBackend: test.Backend,\n\t\t\tOrganization: pulumi.String(\"example-organization-name\"),\n\t\t\tTeamId: pulumi.String(\"team-ieF4isC...\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.terraformcloud.SecretBackend;\nimport com.pulumi.vault.terraformcloud.SecretBackendArgs;\nimport com.pulumi.vault.terraformcloud.SecretRole;\nimport com.pulumi.vault.terraformcloud.SecretRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new SecretBackend(\"test\", SecretBackendArgs.builder() \n .backend(\"terraform\")\n .description(\"Manages the Terraform Cloud backend\")\n .token(\"V0idfhi2iksSDU234ucdbi2nidsi...\")\n .build());\n\n var example = new SecretRole(\"example\", SecretRoleArgs.builder() \n .backend(test.backend())\n .organization(\"example-organization-name\")\n .teamId(\"team-ieF4isC...\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: vault:terraformcloud:SecretBackend\n properties:\n backend: terraform\n description: Manages the Terraform Cloud backend\n token: V0idfhi2iksSDU234ucdbi2nidsi...\n example:\n type: vault:terraformcloud:SecretRole\n properties:\n backend: ${test.backend}\n organization: example-organization-name\n teamId: team-ieF4isC...\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nTerraform Cloud secret backend roles can be imported using the `backend`, `/roles/`, and the `name` e.g.\n\n```sh\n $ pulumi import vault:terraformcloud/secretRole:SecretRole example terraform/roles/my-role\n```\n\n ", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst test = new vault.terraformcloud.SecretBackend(\"test\", {\n backend: \"terraform\",\n description: \"Manages the Terraform Cloud backend\",\n token: \"V0idfhi2iksSDU234ucdbi2nidsi...\",\n});\nconst example = new vault.terraformcloud.SecretRole(\"example\", {\n backend: test.backend,\n organization: \"example-organization-name\",\n teamId: \"team-ieF4isC...\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest = vault.terraformcloud.SecretBackend(\"test\",\n backend=\"terraform\",\n description=\"Manages the Terraform Cloud backend\",\n token=\"V0idfhi2iksSDU234ucdbi2nidsi...\")\nexample = vault.terraformcloud.SecretRole(\"example\",\n backend=test.backend,\n organization=\"example-organization-name\",\n team_id=\"team-ieF4isC...\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Vault.TerraformCloud.SecretBackend(\"test\", new()\n {\n Backend = \"terraform\",\n Description = \"Manages the Terraform Cloud backend\",\n Token = \"V0idfhi2iksSDU234ucdbi2nidsi...\",\n });\n\n var example = new Vault.TerraformCloud.SecretRole(\"example\", new()\n {\n Backend = test.Backend,\n Organization = \"example-organization-name\",\n TeamId = \"team-ieF4isC...\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/terraformcloud\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := terraformcloud.NewSecretBackend(ctx, \"test\", \u0026terraformcloud.SecretBackendArgs{\n\t\t\tBackend: pulumi.String(\"terraform\"),\n\t\t\tDescription: pulumi.String(\"Manages the Terraform Cloud backend\"),\n\t\t\tToken: pulumi.String(\"V0idfhi2iksSDU234ucdbi2nidsi...\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = terraformcloud.NewSecretRole(ctx, \"example\", \u0026terraformcloud.SecretRoleArgs{\n\t\t\tBackend: test.Backend,\n\t\t\tOrganization: pulumi.String(\"example-organization-name\"),\n\t\t\tTeamId: pulumi.String(\"team-ieF4isC...\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.terraformcloud.SecretBackend;\nimport com.pulumi.vault.terraformcloud.SecretBackendArgs;\nimport com.pulumi.vault.terraformcloud.SecretRole;\nimport com.pulumi.vault.terraformcloud.SecretRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new SecretBackend(\"test\", SecretBackendArgs.builder() \n .backend(\"terraform\")\n .description(\"Manages the Terraform Cloud backend\")\n .token(\"V0idfhi2iksSDU234ucdbi2nidsi...\")\n .build());\n\n var example = new SecretRole(\"example\", SecretRoleArgs.builder() \n .backend(test.backend())\n .organization(\"example-organization-name\")\n .teamId(\"team-ieF4isC...\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: vault:terraformcloud:SecretBackend\n properties:\n backend: terraform\n description: Manages the Terraform Cloud backend\n token: V0idfhi2iksSDU234ucdbi2nidsi...\n example:\n type: vault:terraformcloud:SecretRole\n properties:\n backend: ${test.backend}\n organization: example-organization-name\n teamId: team-ieF4isC...\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nTerraform Cloud secret backend roles can be imported using the `backend`, `/roles/`, and the `name` e.g.\n\n```sh\n $ pulumi import vault:terraformcloud/secretRole:SecretRole example terraform/roles/my-role\n```\n ", "properties": { "backend": { "type": "string", @@ -30313,7 +27998,7 @@ } }, "vault:tokenauth/authBackendRole:AuthBackendRole": { - "description": "Manages Token auth backend role in a Vault server. See the [Vault\ndocumentation](https://www.vaultproject.io/docs/auth/token.html) for more\ninformation.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst example = new vault.tokenauth.AuthBackendRole(\"example\", {\n allowedEntityAliases: [\"test_entity\"],\n allowedPolicies: [\n \"dev\",\n \"test\",\n ],\n disallowedPolicies: [\"default\"],\n orphan: true,\n pathSuffix: \"path-suffix\",\n renewable: true,\n roleName: \"my-role\",\n tokenExplicitMaxTtl: 115200,\n tokenPeriod: 86400,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample = vault.tokenauth.AuthBackendRole(\"example\",\n allowed_entity_aliases=[\"test_entity\"],\n allowed_policies=[\n \"dev\",\n \"test\",\n ],\n disallowed_policies=[\"default\"],\n orphan=True,\n path_suffix=\"path-suffix\",\n renewable=True,\n role_name=\"my-role\",\n token_explicit_max_ttl=115200,\n token_period=86400)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Vault.TokenAuth.AuthBackendRole(\"example\", new()\n {\n AllowedEntityAliases = new[]\n {\n \"test_entity\",\n },\n AllowedPolicies = new[]\n {\n \"dev\",\n \"test\",\n },\n DisallowedPolicies = new[]\n {\n \"default\",\n },\n Orphan = true,\n PathSuffix = \"path-suffix\",\n Renewable = true,\n RoleName = \"my-role\",\n TokenExplicitMaxTtl = 115200,\n TokenPeriod = 86400,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/tokenauth\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := tokenauth.NewAuthBackendRole(ctx, \"example\", \u0026tokenauth.AuthBackendRoleArgs{\n\t\t\tAllowedEntityAliases: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"test_entity\"),\n\t\t\t},\n\t\t\tAllowedPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"dev\"),\n\t\t\t\tpulumi.String(\"test\"),\n\t\t\t},\n\t\t\tDisallowedPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"default\"),\n\t\t\t},\n\t\t\tOrphan: pulumi.Bool(true),\n\t\t\tPathSuffix: pulumi.String(\"path-suffix\"),\n\t\t\tRenewable: pulumi.Bool(true),\n\t\t\tRoleName: pulumi.String(\"my-role\"),\n\t\t\tTokenExplicitMaxTtl: pulumi.Int(115200),\n\t\t\tTokenPeriod: pulumi.Int(86400),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.tokenauth.AuthBackendRole;\nimport com.pulumi.vault.tokenauth.AuthBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AuthBackendRole(\"example\", AuthBackendRoleArgs.builder() \n .allowedEntityAliases(\"test_entity\")\n .allowedPolicies( \n \"dev\",\n \"test\")\n .disallowedPolicies(\"default\")\n .orphan(true)\n .pathSuffix(\"path-suffix\")\n .renewable(true)\n .roleName(\"my-role\")\n .tokenExplicitMaxTtl(\"115200\")\n .tokenPeriod(\"86400\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: vault:tokenauth:AuthBackendRole\n properties:\n allowedEntityAliases:\n - test_entity\n allowedPolicies:\n - dev\n - test\n disallowedPolicies:\n - default\n orphan: true\n pathSuffix: path-suffix\n renewable: true\n roleName: my-role\n tokenExplicitMaxTtl: 115200\n tokenPeriod: 86400\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nToken auth backend roles can be imported with `auth/token/roles/` followed by the `role_name`, e.g.\n\n```sh\n $ pulumi import vault:tokenauth/authBackendRole:AuthBackendRole example auth/token/roles/my-role\n```\n\n ", + "description": "Manages Token auth backend role in a Vault server. See the [Vault\ndocumentation](https://www.vaultproject.io/docs/auth/token.html) for more\ninformation.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst example = new vault.tokenauth.AuthBackendRole(\"example\", {\n allowedEntityAliases: [\"test_entity\"],\n allowedPolicies: [\n \"dev\",\n \"test\",\n ],\n disallowedPolicies: [\"default\"],\n orphan: true,\n pathSuffix: \"path-suffix\",\n renewable: true,\n roleName: \"my-role\",\n tokenExplicitMaxTtl: 115200,\n tokenPeriod: 86400,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample = vault.tokenauth.AuthBackendRole(\"example\",\n allowed_entity_aliases=[\"test_entity\"],\n allowed_policies=[\n \"dev\",\n \"test\",\n ],\n disallowed_policies=[\"default\"],\n orphan=True,\n path_suffix=\"path-suffix\",\n renewable=True,\n role_name=\"my-role\",\n token_explicit_max_ttl=115200,\n token_period=86400)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Vault.TokenAuth.AuthBackendRole(\"example\", new()\n {\n AllowedEntityAliases = new[]\n {\n \"test_entity\",\n },\n AllowedPolicies = new[]\n {\n \"dev\",\n \"test\",\n },\n DisallowedPolicies = new[]\n {\n \"default\",\n },\n Orphan = true,\n PathSuffix = \"path-suffix\",\n Renewable = true,\n RoleName = \"my-role\",\n TokenExplicitMaxTtl = 115200,\n TokenPeriod = 86400,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/tokenauth\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := tokenauth.NewAuthBackendRole(ctx, \"example\", \u0026tokenauth.AuthBackendRoleArgs{\n\t\t\tAllowedEntityAliases: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"test_entity\"),\n\t\t\t},\n\t\t\tAllowedPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"dev\"),\n\t\t\t\tpulumi.String(\"test\"),\n\t\t\t},\n\t\t\tDisallowedPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"default\"),\n\t\t\t},\n\t\t\tOrphan: pulumi.Bool(true),\n\t\t\tPathSuffix: pulumi.String(\"path-suffix\"),\n\t\t\tRenewable: pulumi.Bool(true),\n\t\t\tRoleName: pulumi.String(\"my-role\"),\n\t\t\tTokenExplicitMaxTtl: pulumi.Int(115200),\n\t\t\tTokenPeriod: pulumi.Int(86400),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.tokenauth.AuthBackendRole;\nimport com.pulumi.vault.tokenauth.AuthBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AuthBackendRole(\"example\", AuthBackendRoleArgs.builder() \n .allowedEntityAliases(\"test_entity\")\n .allowedPolicies( \n \"dev\",\n \"test\")\n .disallowedPolicies(\"default\")\n .orphan(true)\n .pathSuffix(\"path-suffix\")\n .renewable(true)\n .roleName(\"my-role\")\n .tokenExplicitMaxTtl(\"115200\")\n .tokenPeriod(\"86400\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: vault:tokenauth:AuthBackendRole\n properties:\n allowedEntityAliases:\n - test_entity\n allowedPolicies:\n - dev\n - test\n disallowedPolicies:\n - default\n orphan: true\n pathSuffix: path-suffix\n renewable: true\n roleName: my-role\n tokenExplicitMaxTtl: '115200'\n tokenPeriod: '86400'\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nToken auth backend roles can be imported with `auth/token/roles/` followed by the `role_name`, e.g.\n\n```sh\n $ pulumi import vault:tokenauth/authBackendRole:AuthBackendRole example auth/token/roles/my-role\n```\n ", "properties": { "allowedEntityAliases": { "type": "array", @@ -30360,7 +28045,7 @@ }, "pathSuffix": { "type": "string", - "description": "Tokens created against this role will have the given suffix as part of their path in addition to the role name.\n" + "description": "Tokens created against this role will have the given suffix as part of their path in addition to the role name.\n\n\u003e Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked.\n" }, "renewable": { "type": "boolean", @@ -30463,7 +28148,7 @@ }, "pathSuffix": { "type": "string", - "description": "Tokens created against this role will have the given suffix as part of their path in addition to the role name.\n" + "description": "Tokens created against this role will have the given suffix as part of their path in addition to the role name.\n\n\u003e Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked.\n" }, "renewable": { "type": "boolean", @@ -30569,7 +28254,7 @@ }, "pathSuffix": { "type": "string", - "description": "Tokens created against this role will have the given suffix as part of their path in addition to the role name.\n" + "description": "Tokens created against this role will have the given suffix as part of their path in addition to the role name.\n\n\u003e Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked.\n" }, "renewable": { "type": "boolean", @@ -30627,7 +28312,7 @@ } }, "vault:transform/alphabet:Alphabet": { - "description": "This resource supports the \"/transform/alphabet/{name}\" Vault endpoint.\n\nIt queries an existing alphabet by the given name.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst mountTransform = new vault.Mount(\"mountTransform\", {\n path: \"transform\",\n type: \"transform\",\n});\nconst test = new vault.transform.Alphabet(\"test\", {\n path: mountTransform.path,\n alphabet: \"0123456789\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nmount_transform = vault.Mount(\"mountTransform\",\n path=\"transform\",\n type=\"transform\")\ntest = vault.transform.Alphabet(\"test\",\n path=mount_transform.path,\n alphabet=\"0123456789\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var mountTransform = new Vault.Mount(\"mountTransform\", new()\n {\n Path = \"transform\",\n Type = \"transform\",\n });\n\n var test = new Vault.Transform.Alphabet(\"test\", new()\n {\n Path = mountTransform.Path,\n AlphabetSet = \"0123456789\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/transform\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmountTransform, err := vault.NewMount(ctx, \"mountTransform\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"transform\"),\n\t\t\tType: pulumi.String(\"transform\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = transform.NewAlphabet(ctx, \"test\", \u0026transform.AlphabetArgs{\n\t\t\tPath: mountTransform.Path,\n\t\t\tAlphabet: pulumi.String(\"0123456789\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.transform.Alphabet;\nimport com.pulumi.vault.transform.AlphabetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var mountTransform = new Mount(\"mountTransform\", MountArgs.builder() \n .path(\"transform\")\n .type(\"transform\")\n .build());\n\n var test = new Alphabet(\"test\", AlphabetArgs.builder() \n .path(mountTransform.path())\n .alphabet(\"0123456789\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n mountTransform:\n type: vault:Mount\n properties:\n path: transform\n type: transform\n test:\n type: vault:transform:Alphabet\n properties:\n path: ${mountTransform.path}\n alphabet: 0123456789\n```\n{{% /example %}}\n{{% /examples %}}", + "description": "This resource supports the \"/transform/alphabet/{name}\" Vault endpoint.\n\nIt queries an existing alphabet by the given name.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst mountTransform = new vault.Mount(\"mountTransform\", {\n path: \"transform\",\n type: \"transform\",\n});\nconst test = new vault.transform.Alphabet(\"test\", {\n path: mountTransform.path,\n alphabet: \"0123456789\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nmount_transform = vault.Mount(\"mountTransform\",\n path=\"transform\",\n type=\"transform\")\ntest = vault.transform.Alphabet(\"test\",\n path=mount_transform.path,\n alphabet=\"0123456789\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var mountTransform = new Vault.Mount(\"mountTransform\", new()\n {\n Path = \"transform\",\n Type = \"transform\",\n });\n\n var test = new Vault.Transform.Alphabet(\"test\", new()\n {\n Path = mountTransform.Path,\n AlphabetSet = \"0123456789\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/transform\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmountTransform, err := vault.NewMount(ctx, \"mountTransform\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"transform\"),\n\t\t\tType: pulumi.String(\"transform\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = transform.NewAlphabet(ctx, \"test\", \u0026transform.AlphabetArgs{\n\t\t\tPath: mountTransform.Path,\n\t\t\tAlphabet: pulumi.String(\"0123456789\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.transform.Alphabet;\nimport com.pulumi.vault.transform.AlphabetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var mountTransform = new Mount(\"mountTransform\", MountArgs.builder() \n .path(\"transform\")\n .type(\"transform\")\n .build());\n\n var test = new Alphabet(\"test\", AlphabetArgs.builder() \n .path(mountTransform.path())\n .alphabet(\"0123456789\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n mountTransform:\n type: vault:Mount\n properties:\n path: transform\n type: transform\n test:\n type: vault:transform:Alphabet\n properties:\n path: ${mountTransform.path}\n alphabet: '0123456789'\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "alphabet": { "type": "string", @@ -30642,6 +28327,10 @@ "type": "string", "description": "The name of the alphabet.\n" }, + "namespace": { + "type": "string", + "description": "The namespace to provision the resource in.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n" + }, "path": { "type": "string", "description": "Path to where the back-end is mounted within Vault.\n" @@ -30666,6 +28355,11 @@ "description": "The name of the alphabet.\n", "willReplaceOnChanges": true }, + "namespace": { + "type": "string", + "description": "The namespace to provision the resource in.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n", + "willReplaceOnChanges": true + }, "path": { "type": "string", "description": "Path to where the back-end is mounted within Vault.\n", @@ -30692,6 +28386,11 @@ "description": "The name of the alphabet.\n", "willReplaceOnChanges": true }, + "namespace": { + "type": "string", + "description": "The namespace to provision the resource in.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n", + "willReplaceOnChanges": true + }, "path": { "type": "string", "description": "Path to where the back-end is mounted within Vault.\n", @@ -30702,12 +28401,16 @@ } }, "vault:transform/role:Role": { - "description": "This resource supports the \"/transform/role/{name}\" Vault endpoint.\n\nIt creates or updates the role with the given name. If a role with the name does not exist, it will be created.\nIf the role exists, it will be updated with the new attributes.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst mountTransform = new vault.Mount(\"mountTransform\", {\n path: \"transform\",\n type: \"transform\",\n});\nconst test = new vault.transform.Role(\"test\", {\n path: mountTransform.path,\n transformations: [\"ccn-fpe\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nmount_transform = vault.Mount(\"mountTransform\",\n path=\"transform\",\n type=\"transform\")\ntest = vault.transform.Role(\"test\",\n path=mount_transform.path,\n transformations=[\"ccn-fpe\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var mountTransform = new Vault.Mount(\"mountTransform\", new()\n {\n Path = \"transform\",\n Type = \"transform\",\n });\n\n var test = new Vault.Transform.Role(\"test\", new()\n {\n Path = mountTransform.Path,\n Transformations = new[]\n {\n \"ccn-fpe\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/transform\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmountTransform, err := vault.NewMount(ctx, \"mountTransform\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"transform\"),\n\t\t\tType: pulumi.String(\"transform\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = transform.NewRole(ctx, \"test\", \u0026transform.RoleArgs{\n\t\t\tPath: mountTransform.Path,\n\t\t\tTransformations: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"ccn-fpe\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.transform.Role;\nimport com.pulumi.vault.transform.RoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var mountTransform = new Mount(\"mountTransform\", MountArgs.builder() \n .path(\"transform\")\n .type(\"transform\")\n .build());\n\n var test = new Role(\"test\", RoleArgs.builder() \n .path(mountTransform.path())\n .transformations(\"ccn-fpe\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n mountTransform:\n type: vault:Mount\n properties:\n path: transform\n type: transform\n test:\n type: vault:transform:Role\n properties:\n path: ${mountTransform.path}\n transformations:\n - ccn-fpe\n```\n{{% /example %}}\n{{% /examples %}}", + "description": "This resource supports the \"/transform/role/{name}\" Vault endpoint.\n\nIt creates or updates the role with the given name. If a role with the name does not exist, it will be created.\nIf the role exists, it will be updated with the new attributes.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst mountTransform = new vault.Mount(\"mountTransform\", {\n path: \"transform\",\n type: \"transform\",\n});\nconst test = new vault.transform.Role(\"test\", {\n path: mountTransform.path,\n transformations: [\"ccn-fpe\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nmount_transform = vault.Mount(\"mountTransform\",\n path=\"transform\",\n type=\"transform\")\ntest = vault.transform.Role(\"test\",\n path=mount_transform.path,\n transformations=[\"ccn-fpe\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var mountTransform = new Vault.Mount(\"mountTransform\", new()\n {\n Path = \"transform\",\n Type = \"transform\",\n });\n\n var test = new Vault.Transform.Role(\"test\", new()\n {\n Path = mountTransform.Path,\n Transformations = new[]\n {\n \"ccn-fpe\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/transform\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmountTransform, err := vault.NewMount(ctx, \"mountTransform\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"transform\"),\n\t\t\tType: pulumi.String(\"transform\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = transform.NewRole(ctx, \"test\", \u0026transform.RoleArgs{\n\t\t\tPath: mountTransform.Path,\n\t\t\tTransformations: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"ccn-fpe\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.transform.Role;\nimport com.pulumi.vault.transform.RoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var mountTransform = new Mount(\"mountTransform\", MountArgs.builder() \n .path(\"transform\")\n .type(\"transform\")\n .build());\n\n var test = new Role(\"test\", RoleArgs.builder() \n .path(mountTransform.path())\n .transformations(\"ccn-fpe\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n mountTransform:\n type: vault:Mount\n properties:\n path: transform\n type: transform\n test:\n type: vault:transform:Role\n properties:\n path: ${mountTransform.path}\n transformations:\n - ccn-fpe\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "name": { "type": "string", "description": "The name of the role.\n" }, + "namespace": { + "type": "string", + "description": "The namespace to provision the resource in.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n" + }, "path": { "type": "string", "description": "Path to where the back-end is mounted within Vault.\n" @@ -30730,6 +28433,11 @@ "description": "The name of the role.\n", "willReplaceOnChanges": true }, + "namespace": { + "type": "string", + "description": "The namespace to provision the resource in.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n", + "willReplaceOnChanges": true + }, "path": { "type": "string", "description": "Path to where the back-end is mounted within Vault.\n", @@ -30754,6 +28462,11 @@ "description": "The name of the role.\n", "willReplaceOnChanges": true }, + "namespace": { + "type": "string", + "description": "The namespace to provision the resource in.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n", + "willReplaceOnChanges": true + }, "path": { "type": "string", "description": "Path to where the back-end is mounted within Vault.\n", @@ -30771,6 +28484,7 @@ } }, "vault:transform/template:Template": { + "description": "This resource supports the `/transform/template/{name}` Vault endpoint.\n\nIt creates or updates a template with the given name. If a template with the name does not exist,\nit will be created. If the template exists, it will be updated with the new attributes.\n\n\u003e Requires _Vault Enterprise with the Advanced Data Protection Transform Module_.\nSee [Transform Secrets Engine](https://www.vaultproject.io/docs/secrets/transform)\nfor more information.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nPlease note that the `pattern` below holds a regex. The regex shown\nis identical to the one in our [Setup](https://www.vaultproject.io/docs/secrets/transform#setup)\ndocs, `(\\d{4})-(\\d{4})-(\\d{4})-(\\d{4})`. However, due to HCL, the\nbackslashes must be escaped to appear correctly in Vault. For further\nassistance escaping your own custom regex, see String Literals.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst transform = new vault.Mount(\"transform\", {\n path: \"transform\",\n type: \"transform\",\n});\nconst numerics = new vault.transform.Alphabet(\"numerics\", {\n path: transform.path,\n alphabet: \"0123456789\",\n});\nconst test = new vault.transform.Template(\"test\", {\n path: numerics.path,\n type: \"regex\",\n pattern: \"(\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})\",\n alphabet: \"numerics\",\n encodeFormat: \"$1-$2-$3-$4\",\n decodeFormats: {\n \"last-four-digits\": \"$4\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntransform = vault.Mount(\"transform\",\n path=\"transform\",\n type=\"transform\")\nnumerics = vault.transform.Alphabet(\"numerics\",\n path=transform.path,\n alphabet=\"0123456789\")\ntest = vault.transform.Template(\"test\",\n path=numerics.path,\n type=\"regex\",\n pattern=\"(\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})\",\n alphabet=\"numerics\",\n encode_format=\"$1-$2-$3-$4\",\n decode_formats={\n \"last-four-digits\": \"$4\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var transform = new Vault.Mount(\"transform\", new()\n {\n Path = \"transform\",\n Type = \"transform\",\n });\n\n var numerics = new Vault.Transform.Alphabet(\"numerics\", new()\n {\n Path = transform.Path,\n AlphabetSet = \"0123456789\",\n });\n\n var test = new Vault.Transform.Template(\"test\", new()\n {\n Path = numerics.Path,\n Type = \"regex\",\n Pattern = \"(\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})\",\n Alphabet = \"numerics\",\n EncodeFormat = \"$1-$2-$3-$4\",\n DecodeFormats = \n {\n { \"last-four-digits\", \"$4\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/transform\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttransform, err := vault.NewMount(ctx, \"transform\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"transform\"),\n\t\t\tType: pulumi.String(\"transform\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tnumerics, err := transform.NewAlphabet(ctx, \"numerics\", \u0026transform.AlphabetArgs{\n\t\t\tPath: transform.Path,\n\t\t\tAlphabet: pulumi.String(\"0123456789\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = transform.NewTemplate(ctx, \"test\", \u0026transform.TemplateArgs{\n\t\t\tPath: numerics.Path,\n\t\t\tType: pulumi.String(\"regex\"),\n\t\t\tPattern: pulumi.String(\"(\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})\"),\n\t\t\tAlphabet: pulumi.String(\"numerics\"),\n\t\t\tEncodeFormat: pulumi.String(\"$1-$2-$3-$4\"),\n\t\t\tDecodeFormats: pulumi.Map{\n\t\t\t\t\"last-four-digits\": pulumi.Any(\"$4\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.transform.Alphabet;\nimport com.pulumi.vault.transform.AlphabetArgs;\nimport com.pulumi.vault.transform.Template;\nimport com.pulumi.vault.transform.TemplateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var transform = new Mount(\"transform\", MountArgs.builder() \n .path(\"transform\")\n .type(\"transform\")\n .build());\n\n var numerics = new Alphabet(\"numerics\", AlphabetArgs.builder() \n .path(transform.path())\n .alphabet(\"0123456789\")\n .build());\n\n var test = new Template(\"test\", TemplateArgs.builder() \n .path(numerics.path())\n .type(\"regex\")\n .pattern(\"(\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})\")\n .alphabet(\"numerics\")\n .encodeFormat(\"$1-$2-$3-$4\")\n .decodeFormats(Map.of(\"last-four-digits\", \"$4\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n transform:\n type: vault:Mount\n properties:\n path: transform\n type: transform\n numerics:\n type: vault:transform:Alphabet\n properties:\n path: ${transform.path}\n alphabet: '0123456789'\n test:\n type: vault:transform:Template\n properties:\n path: ${numerics.path}\n type: regex\n pattern: (\\d{4})[- ](\\d{4})[- ](\\d{4})[- ](\\d{4})\n alphabet: numerics\n encodeFormat: $1-$2-$3-$4\n decodeFormats:\n last-four-digits: $4\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "alphabet": { "type": "string", @@ -30781,16 +28495,20 @@ "additionalProperties": { "$ref": "pulumi.json#/Any" }, - "description": "- Optional mapping of name to regular expression template, used to customize\nthe decoded output. (requires Vault Enterprise 1.9+)\n" + "description": "Optional mapping of name to regular expression template, used to customize\nthe decoded output. (requires Vault Enterprise 1.9+)\n" }, "encodeFormat": { "type": "string", - "description": "- The regular expression template used to format encoded values.\n(requires Vault Enterprise 1.9+)\n" + "description": "The regular expression template used to format encoded values.\n(requires Vault Enterprise 1.9+)\n" }, "name": { "type": "string", "description": "The name of the template.\n" }, + "namespace": { + "type": "string", + "description": "The namespace to provision the resource in.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n" + }, "path": { "type": "string", "description": "Path to where the back-end is mounted within Vault.\n" @@ -30818,17 +28536,22 @@ "additionalProperties": { "$ref": "pulumi.json#/Any" }, - "description": "- Optional mapping of name to regular expression template, used to customize\nthe decoded output. (requires Vault Enterprise 1.9+)\n" + "description": "Optional mapping of name to regular expression template, used to customize\nthe decoded output. (requires Vault Enterprise 1.9+)\n" }, "encodeFormat": { "type": "string", - "description": "- The regular expression template used to format encoded values.\n(requires Vault Enterprise 1.9+)\n" + "description": "The regular expression template used to format encoded values.\n(requires Vault Enterprise 1.9+)\n" }, "name": { "type": "string", "description": "The name of the template.\n", "willReplaceOnChanges": true }, + "namespace": { + "type": "string", + "description": "The namespace to provision the resource in.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n", + "willReplaceOnChanges": true + }, "path": { "type": "string", "description": "Path to where the back-end is mounted within Vault.\n", @@ -30858,17 +28581,22 @@ "additionalProperties": { "$ref": "pulumi.json#/Any" }, - "description": "- Optional mapping of name to regular expression template, used to customize\nthe decoded output. (requires Vault Enterprise 1.9+)\n" + "description": "Optional mapping of name to regular expression template, used to customize\nthe decoded output. (requires Vault Enterprise 1.9+)\n" }, "encodeFormat": { "type": "string", - "description": "- The regular expression template used to format encoded values.\n(requires Vault Enterprise 1.9+)\n" + "description": "The regular expression template used to format encoded values.\n(requires Vault Enterprise 1.9+)\n" }, "name": { "type": "string", "description": "The name of the template.\n", "willReplaceOnChanges": true }, + "namespace": { + "type": "string", + "description": "The namespace to provision the resource in.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n", + "willReplaceOnChanges": true + }, "path": { "type": "string", "description": "Path to where the back-end is mounted within Vault.\n", @@ -30907,6 +28635,10 @@ "type": "string", "description": "The name of the transformation.\n" }, + "namespace": { + "type": "string", + "description": "The namespace to provision the resource in.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n" + }, "path": { "type": "string", "description": "Path to where the back-end is mounted within Vault.\n" @@ -30957,6 +28689,11 @@ "description": "The name of the transformation.\n", "willReplaceOnChanges": true }, + "namespace": { + "type": "string", + "description": "The namespace to provision the resource in.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n", + "willReplaceOnChanges": true + }, "path": { "type": "string", "description": "Path to where the back-end is mounted within Vault.\n", @@ -31008,6 +28745,11 @@ "description": "The name of the transformation.\n", "willReplaceOnChanges": true }, + "namespace": { + "type": "string", + "description": "The namespace to provision the resource in.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n", + "willReplaceOnChanges": true + }, "path": { "type": "string", "description": "Path to where the back-end is mounted within Vault.\n", @@ -31037,7 +28779,7 @@ } }, "vault:transit/secretBackendKey:SecretBackendKey": { - "description": "Creates an Encryption Keyring on a Transit Secret Backend for Vault.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst transit = new vault.Mount(\"transit\", {\n path: \"transit\",\n type: \"transit\",\n description: \"Example description\",\n defaultLeaseTtlSeconds: 3600,\n maxLeaseTtlSeconds: 86400,\n});\nconst key = new vault.transit.SecretBackendKey(\"key\", {backend: transit.path});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntransit = vault.Mount(\"transit\",\n path=\"transit\",\n type=\"transit\",\n description=\"Example description\",\n default_lease_ttl_seconds=3600,\n max_lease_ttl_seconds=86400)\nkey = vault.transit.SecretBackendKey(\"key\", backend=transit.path)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var transit = new Vault.Mount(\"transit\", new()\n {\n Path = \"transit\",\n Type = \"transit\",\n Description = \"Example description\",\n DefaultLeaseTtlSeconds = 3600,\n MaxLeaseTtlSeconds = 86400,\n });\n\n var key = new Vault.Transit.SecretBackendKey(\"key\", new()\n {\n Backend = transit.Path,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/transit\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttransit, err := vault.NewMount(ctx, \"transit\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"transit\"),\n\t\t\tType: pulumi.String(\"transit\"),\n\t\t\tDescription: pulumi.String(\"Example description\"),\n\t\t\tDefaultLeaseTtlSeconds: pulumi.Int(3600),\n\t\t\tMaxLeaseTtlSeconds: pulumi.Int(86400),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = transit.NewSecretBackendKey(ctx, \"key\", \u0026transit.SecretBackendKeyArgs{\n\t\t\tBackend: transit.Path,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.transit.SecretBackendKey;\nimport com.pulumi.vault.transit.SecretBackendKeyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var transit = new Mount(\"transit\", MountArgs.builder() \n .path(\"transit\")\n .type(\"transit\")\n .description(\"Example description\")\n .defaultLeaseTtlSeconds(3600)\n .maxLeaseTtlSeconds(86400)\n .build());\n\n var key = new SecretBackendKey(\"key\", SecretBackendKeyArgs.builder() \n .backend(transit.path())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n transit:\n type: vault:Mount\n properties:\n path: transit\n type: transit\n description: Example description\n defaultLeaseTtlSeconds: 3600\n maxLeaseTtlSeconds: 86400\n key:\n type: vault:transit:SecretBackendKey\n properties:\n backend: ${transit.path}\n```\n{{% /example %}}\n{{% /examples %}}\n## Deprecations\n\n* `auto_rotate_interval` - Replaced by `auto_rotate_period`.\n\n\n## Import\n\nTransit secret backend keys can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:transit/secretBackendKey:SecretBackendKey key transit/keys/my_key\n```\n\n ", + "description": "Creates an Encryption Keyring on a Transit Secret Backend for Vault.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst transit = new vault.Mount(\"transit\", {\n path: \"transit\",\n type: \"transit\",\n description: \"Example description\",\n defaultLeaseTtlSeconds: 3600,\n maxLeaseTtlSeconds: 86400,\n});\nconst key = new vault.transit.SecretBackendKey(\"key\", {backend: transit.path});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntransit = vault.Mount(\"transit\",\n path=\"transit\",\n type=\"transit\",\n description=\"Example description\",\n default_lease_ttl_seconds=3600,\n max_lease_ttl_seconds=86400)\nkey = vault.transit.SecretBackendKey(\"key\", backend=transit.path)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var transit = new Vault.Mount(\"transit\", new()\n {\n Path = \"transit\",\n Type = \"transit\",\n Description = \"Example description\",\n DefaultLeaseTtlSeconds = 3600,\n MaxLeaseTtlSeconds = 86400,\n });\n\n var key = new Vault.Transit.SecretBackendKey(\"key\", new()\n {\n Backend = transit.Path,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/transit\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttransit, err := vault.NewMount(ctx, \"transit\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"transit\"),\n\t\t\tType: pulumi.String(\"transit\"),\n\t\t\tDescription: pulumi.String(\"Example description\"),\n\t\t\tDefaultLeaseTtlSeconds: pulumi.Int(3600),\n\t\t\tMaxLeaseTtlSeconds: pulumi.Int(86400),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = transit.NewSecretBackendKey(ctx, \"key\", \u0026transit.SecretBackendKeyArgs{\n\t\t\tBackend: transit.Path,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.transit.SecretBackendKey;\nimport com.pulumi.vault.transit.SecretBackendKeyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var transit = new Mount(\"transit\", MountArgs.builder() \n .path(\"transit\")\n .type(\"transit\")\n .description(\"Example description\")\n .defaultLeaseTtlSeconds(3600)\n .maxLeaseTtlSeconds(86400)\n .build());\n\n var key = new SecretBackendKey(\"key\", SecretBackendKeyArgs.builder() \n .backend(transit.path())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n transit:\n type: vault:Mount\n properties:\n path: transit\n type: transit\n description: Example description\n defaultLeaseTtlSeconds: 3600\n maxLeaseTtlSeconds: 86400\n key:\n type: vault:transit:SecretBackendKey\n properties:\n backend: ${transit.path}\n```\n{{% /example %}}\n{{% /examples %}}\n## Deprecations\n\n* `auto_rotate_interval` - Replaced by `auto_rotate_period`.\n\n\n## Import\n\nTransit secret backend keys can be imported using the `path`, e.g.\n\n```sh\n $ pulumi import vault:transit/secretBackendKey:SecretBackendKey key transit/keys/my_key\n```\n ", "properties": { "allowPlaintextBackup": { "type": "boolean", @@ -31317,7 +29059,7 @@ } }, "vault:transit/secretCacheConfig:SecretCacheConfig": { - "description": "Configure the cache for the Transit Secret Backend in Vault.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst transit = new vault.Mount(\"transit\", {\n path: \"transit\",\n type: \"transit\",\n description: \"Example description\",\n defaultLeaseTtlSeconds: 3600,\n maxLeaseTtlSeconds: 86400,\n});\nconst cfg = new vault.transit.SecretCacheConfig(\"cfg\", {\n backend: transit.path,\n size: 500,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntransit = vault.Mount(\"transit\",\n path=\"transit\",\n type=\"transit\",\n description=\"Example description\",\n default_lease_ttl_seconds=3600,\n max_lease_ttl_seconds=86400)\ncfg = vault.transit.SecretCacheConfig(\"cfg\",\n backend=transit.path,\n size=500)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var transit = new Vault.Mount(\"transit\", new()\n {\n Path = \"transit\",\n Type = \"transit\",\n Description = \"Example description\",\n DefaultLeaseTtlSeconds = 3600,\n MaxLeaseTtlSeconds = 86400,\n });\n\n var cfg = new Vault.Transit.SecretCacheConfig(\"cfg\", new()\n {\n Backend = transit.Path,\n Size = 500,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/transit\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttransit, err := vault.NewMount(ctx, \"transit\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"transit\"),\n\t\t\tType: pulumi.String(\"transit\"),\n\t\t\tDescription: pulumi.String(\"Example description\"),\n\t\t\tDefaultLeaseTtlSeconds: pulumi.Int(3600),\n\t\t\tMaxLeaseTtlSeconds: pulumi.Int(86400),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = transit.NewSecretCacheConfig(ctx, \"cfg\", \u0026transit.SecretCacheConfigArgs{\n\t\t\tBackend: transit.Path,\n\t\t\tSize: pulumi.Int(500),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.transit.SecretCacheConfig;\nimport com.pulumi.vault.transit.SecretCacheConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var transit = new Mount(\"transit\", MountArgs.builder() \n .path(\"transit\")\n .type(\"transit\")\n .description(\"Example description\")\n .defaultLeaseTtlSeconds(3600)\n .maxLeaseTtlSeconds(86400)\n .build());\n\n var cfg = new SecretCacheConfig(\"cfg\", SecretCacheConfigArgs.builder() \n .backend(transit.path())\n .size(500)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n transit:\n type: vault:Mount\n properties:\n path: transit\n type: transit\n description: Example description\n defaultLeaseTtlSeconds: 3600\n maxLeaseTtlSeconds: 86400\n cfg:\n type: vault:transit:SecretCacheConfig\n properties:\n backend: ${transit.path}\n size: 500\n```\n{{% /example %}}\n{{% /examples %}}", + "description": "Configure the cache for the Transit Secret Backend in Vault.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst transit = new vault.Mount(\"transit\", {\n path: \"transit\",\n type: \"transit\",\n description: \"Example description\",\n defaultLeaseTtlSeconds: 3600,\n maxLeaseTtlSeconds: 86400,\n});\nconst cfg = new vault.transit.SecretCacheConfig(\"cfg\", {\n backend: transit.path,\n size: 500,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntransit = vault.Mount(\"transit\",\n path=\"transit\",\n type=\"transit\",\n description=\"Example description\",\n default_lease_ttl_seconds=3600,\n max_lease_ttl_seconds=86400)\ncfg = vault.transit.SecretCacheConfig(\"cfg\",\n backend=transit.path,\n size=500)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var transit = new Vault.Mount(\"transit\", new()\n {\n Path = \"transit\",\n Type = \"transit\",\n Description = \"Example description\",\n DefaultLeaseTtlSeconds = 3600,\n MaxLeaseTtlSeconds = 86400,\n });\n\n var cfg = new Vault.Transit.SecretCacheConfig(\"cfg\", new()\n {\n Backend = transit.Path,\n Size = 500,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/transit\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttransit, err := vault.NewMount(ctx, \"transit\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"transit\"),\n\t\t\tType: pulumi.String(\"transit\"),\n\t\t\tDescription: pulumi.String(\"Example description\"),\n\t\t\tDefaultLeaseTtlSeconds: pulumi.Int(3600),\n\t\t\tMaxLeaseTtlSeconds: pulumi.Int(86400),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = transit.NewSecretCacheConfig(ctx, \"cfg\", \u0026transit.SecretCacheConfigArgs{\n\t\t\tBackend: transit.Path,\n\t\t\tSize: pulumi.Int(500),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.transit.SecretCacheConfig;\nimport com.pulumi.vault.transit.SecretCacheConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var transit = new Mount(\"transit\", MountArgs.builder() \n .path(\"transit\")\n .type(\"transit\")\n .description(\"Example description\")\n .defaultLeaseTtlSeconds(3600)\n .maxLeaseTtlSeconds(86400)\n .build());\n\n var cfg = new SecretCacheConfig(\"cfg\", SecretCacheConfigArgs.builder() \n .backend(transit.path())\n .size(500)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n transit:\n type: vault:Mount\n properties:\n path: transit\n type: transit\n description: Example description\n defaultLeaseTtlSeconds: 3600\n maxLeaseTtlSeconds: 86400\n cfg:\n type: vault:transit:SecretCacheConfig\n properties:\n backend: ${transit.path}\n size: 500\n```\n{{% /example %}}\n{{% /examples %}}", "properties": { "backend": { "type": "string", @@ -31447,7 +29189,7 @@ } }, "vault:appRole/getAuthBackendRoleId:getAuthBackendRoleId": { - "description": "Reads the Role ID of an AppRole from a Vault server.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nexport = async () =\u003e {\n const role = await vault.appRole.getAuthBackendRoleId({\n backend: \"my-approle-backend\",\n roleName: \"my-role\",\n });\n const role_id = role.roleId;\n return {\n \"role-id\": role_id,\n };\n}\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nrole = vault.appRole.get_auth_backend_role_id(backend=\"my-approle-backend\",\n role_name=\"my-role\")\npulumi.export(\"role-id\", role.role_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var role = Vault.AppRole.GetAuthBackendRoleId.Invoke(new()\n {\n Backend = \"my-approle-backend\",\n RoleName = \"my-role\",\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"role-id\"] = role.Apply(getAuthBackendRoleIdResult =\u003e getAuthBackendRoleIdResult.RoleId),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/appRole\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\trole, err := appRole.GetAuthBackendRoleId(ctx, \u0026approle.GetAuthBackendRoleIdArgs{\n\t\t\tBackend: pulumi.StringRef(\"my-approle-backend\"),\n\t\t\tRoleName: \"my-role\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"role-id\", role.RoleId)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.appRole.AppRoleFunctions;\nimport com.pulumi.vault.appRole.inputs.GetAuthBackendRoleIdArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var role = AppRoleFunctions.getAuthBackendRoleId(GetAuthBackendRoleIdArgs.builder()\n .backend(\"my-approle-backend\")\n .roleName(\"my-role\")\n .build());\n\n ctx.export(\"role-id\", role.applyValue(getAuthBackendRoleIdResult -\u003e getAuthBackendRoleIdResult.roleId()));\n }\n}\n```\n```yaml\nvariables:\n role:\n Fn::Invoke:\n Function: vault:appRole:getAuthBackendRoleId\n Arguments:\n backend: my-approle-backend\n roleName: my-role\noutputs:\n role-id: ${role.roleId}\n```\n{{% /example %}}\n{{% /examples %}}", + "description": "Reads the Role ID of an AppRole from a Vault server.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nexport = async () =\u003e {\n const role = await vault.appRole.getAuthBackendRoleId({\n backend: \"my-approle-backend\",\n roleName: \"my-role\",\n });\n return {\n \"role-id\": role.roleId,\n };\n}\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nrole = vault.appRole.get_auth_backend_role_id(backend=\"my-approle-backend\",\n role_name=\"my-role\")\npulumi.export(\"role-id\", role.role_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var role = Vault.AppRole.GetAuthBackendRoleId.Invoke(new()\n {\n Backend = \"my-approle-backend\",\n RoleName = \"my-role\",\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"role-id\"] = role.Apply(getAuthBackendRoleIdResult =\u003e getAuthBackendRoleIdResult.RoleId),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/appRole\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\trole, err := appRole.GetAuthBackendRoleId(ctx, \u0026approle.GetAuthBackendRoleIdArgs{\n\t\t\tBackend: pulumi.StringRef(\"my-approle-backend\"),\n\t\t\tRoleName: \"my-role\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"role-id\", role.RoleId)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.appRole.AppRoleFunctions;\nimport com.pulumi.vault.appRole.inputs.GetAuthBackendRoleIdArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var role = AppRoleFunctions.getAuthBackendRoleId(GetAuthBackendRoleIdArgs.builder()\n .backend(\"my-approle-backend\")\n .roleName(\"my-role\")\n .build());\n\n ctx.export(\"role-id\", role.applyValue(getAuthBackendRoleIdResult -\u003e getAuthBackendRoleIdResult.roleId()));\n }\n}\n```\n```yaml\nvariables:\n role:\n fn::invoke:\n Function: vault:appRole:getAuthBackendRoleId\n Arguments:\n backend: my-approle-backend\n roleName: my-role\noutputs:\n role-id: ${role.roleId}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getAuthBackendRoleId.\n", "properties": { @@ -31502,7 +29244,7 @@ } }, "vault:aws/getAccessCredentials:getAccessCredentials": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.aws.SecretBackend;\nimport com.pulumi.vault.aws.SecretBackendArgs;\nimport com.pulumi.vault.aws.SecretBackendRole;\nimport com.pulumi.vault.aws.SecretBackendRoleArgs;\nimport com.pulumi.vault.aws.AwsFunctions;\nimport com.pulumi.vault.ad.inputs.GetAccessCredentialsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var aws = new SecretBackend(\"aws\", SecretBackendArgs.builder() \n .accessKey(\"AKIA.....\")\n .secretKey(\"SECRETKEYFROMAWS\")\n .build());\n\n var role = new SecretBackendRole(\"role\", SecretBackendRoleArgs.builder() \n .backend(aws.path())\n .policy(\"\"\"\n{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": \"iam:*\",\n \"Resource\": \"*\"\n }\n ]\n}\n \"\"\")\n .build());\n\n final var creds = AwsFunctions.getAccessCredentials(GetAccessCredentialsArgs.builder()\n .backend(aws.path())\n .role(role.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n aws:\n type: vault:aws:SecretBackend\n properties:\n accessKey: AKIA.....\n secretKey: SECRETKEYFROMAWS\n role:\n type: vault:aws:SecretBackendRole\n properties:\n backend: ${aws.path}\n policy: |\n {\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": \"iam:*\",\n \"Resource\": \"*\"\n }\n ]\n }\nvariables:\n creds:\n Fn::Invoke:\n Function: vault:aws:getAccessCredentials\n Arguments:\n backend: ${aws.path}\n role: ${role.name}\n```\n{{% /example %}}\n{{% /examples %}}", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.aws.SecretBackend;\nimport com.pulumi.vault.aws.SecretBackendArgs;\nimport com.pulumi.vault.aws.SecretBackendRole;\nimport com.pulumi.vault.aws.SecretBackendRoleArgs;\nimport com.pulumi.vault.aws.AwsFunctions;\nimport com.pulumi.vault.aws.inputs.GetAccessCredentialsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var aws = new SecretBackend(\"aws\", SecretBackendArgs.builder() \n .accessKey(\"AKIA.....\")\n .secretKey(\"SECRETKEYFROMAWS\")\n .build());\n\n var role = new SecretBackendRole(\"role\", SecretBackendRoleArgs.builder() \n .backend(aws.path())\n .policy(\"\"\"\n{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": \"iam:*\",\n \"Resource\": \"*\"\n }\n ]\n}\n \"\"\")\n .build());\n\n final var creds = AwsFunctions.getAccessCredentials(GetAccessCredentialsArgs.builder()\n .backend(aws.path())\n .role(role.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n aws:\n type: vault:aws:SecretBackend\n properties:\n accessKey: AKIA.....\n secretKey: SECRETKEYFROMAWS\n role:\n type: vault:aws:SecretBackendRole\n properties:\n backend: ${aws.path}\n policy: |\n {\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": \"iam:*\",\n \"Resource\": \"*\"\n }\n ]\n }\nvariables:\n creds:\n fn::invoke:\n Function: vault:aws:getAccessCredentials\n Arguments:\n backend: ${aws.path}\n role: ${role.name}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getAccessCredentials.\n", "properties": { @@ -31615,68 +29357,125 @@ ] } }, - "vault:azure/getAccessCredentials:getAccessCredentials": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst creds = vault.azure.getAccessCredentials({\n role: \"my-role\",\n validateCreds: true,\n numSequentialSuccesses: 8,\n numSecondsBetweenTests: 1,\n maxCredValidationSeconds: 300,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ncreds = vault.azure.get_access_credentials(role=\"my-role\",\n validate_creds=True,\n num_sequential_successes=8,\n num_seconds_between_tests=1,\n max_cred_validation_seconds=300)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var creds = Vault.Azure.GetAccessCredentials.Invoke(new()\n {\n Role = \"my-role\",\n ValidateCreds = true,\n NumSequentialSuccesses = 8,\n NumSecondsBetweenTests = 1,\n MaxCredValidationSeconds = 300,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/azure\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azure.GetAccessCredentials(ctx, \u0026azure.GetAccessCredentialsArgs{\n\t\t\tRole: \"my-role\",\n\t\t\tValidateCreds: pulumi.BoolRef(true),\n\t\t\tNumSequentialSuccesses: pulumi.IntRef(8),\n\t\t\tNumSecondsBetweenTests: pulumi.IntRef(1),\n\t\t\tMaxCredValidationSeconds: pulumi.IntRef(300),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.azure.AzureFunctions;\nimport com.pulumi.vault.ad.inputs.GetAccessCredentialsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var creds = AzureFunctions.getAccessCredentials(GetAccessCredentialsArgs.builder()\n .role(\"my-role\")\n .validateCreds(true)\n .numSequentialSuccesses(8)\n .numSecondsBetweenTests(1)\n .maxCredValidationSeconds(300)\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n creds:\n Fn::Invoke:\n Function: vault:azure:getAccessCredentials\n Arguments:\n role: my-role\n validateCreds: true\n numSequentialSuccesses: 8\n numSecondsBetweenTests: 1\n maxCredValidationSeconds: 300\n```\n{{% /example %}}\n{{% /examples %}}\n## Caveats\n\nThe `validate_creds` option requires read-access to the `backend` config endpoint.\nIf the effective Vault role does not have the required permissions then valid values \nare required to be set for: `subscription_id`, `tenant_id`, `environment`.\n", + "vault:aws/getStaticAccessCredentials:getStaticAccessCredentials": { "inputs": { - "description": "A collection of arguments for invoking getAccessCredentials.\n", + "description": "A collection of arguments for invoking getStaticAccessCredentials.\n", "properties": { "backend": { - "type": "string", - "description": "The path to the Azure secret backend to\nread credentials from, with no leading or trailing `/`s.\n" + "type": "string" }, - "environment": { + "name": { "type": "string", - "description": "The Azure environment to use during credential validation.\nDefaults to the environment configured in the Vault backend.\nSome possible values: `AzurePublicCloud`, `AzureGovernmentCloud`\n*See the caveats section for more information on this field.*\n" - }, - "maxCredValidationSeconds": { - "type": "integer", - "description": "If 'validate_creds' is true, \nthe number of seconds after which to give up validating credentials. Defaults\nto 300.\n" + "willReplaceOnChanges": true }, "namespace": { "type": "string", - "description": "The namespace of the target resource.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n", "willReplaceOnChanges": true - }, - "numSecondsBetweenTests": { - "type": "integer", - "description": "If 'validate_creds' is true, \nthe number of seconds to wait between each test of generated credentials.\nDefaults to 1.\n" - }, - "numSequentialSuccesses": { - "type": "integer", - "description": "If 'validate_creds' is true, \nthe number of sequential successes required to validate generated\ncredentials. Defaults to 8.\n" - }, - "role": { - "type": "string", - "description": "The name of the Azure secret backend role to read\ncredentials from, with no leading or trailing `/`s.\n" - }, - "subscriptionId": { - "type": "string", - "description": "The subscription ID to use during credential\nvalidation. Defaults to the subscription ID configured in the Vault `backend`.\n*See the caveats section for more information on this field.*\n" - }, - "tenantId": { - "type": "string", - "description": "The tenant ID to use during credential validation.\nDefaults to the tenant ID configured in the Vault `backend`.\n*See the caveats section for more information on this field.*\n" - }, - "validateCreds": { - "type": "boolean", - "description": "Whether generated credentials should be \nvalidated before being returned. Defaults to `false`, which returns\ncredentials without checking whether they have fully propagated throughout\nAzure Active Directory. Designating `true` activates testing.\n" } }, "type": "object", "required": [ "backend", - "role" + "name" ] }, "outputs": { - "description": "A collection of values returned by getAccessCredentials.\n", + "description": "A collection of values returned by getStaticAccessCredentials.\n", "properties": { + "accessKey": { + "type": "string", + "secret": true + }, "backend": { "type": "string" }, - "clientId": { + "id": { "type": "string", - "description": "The client id for credentials to query the Azure APIs.\n" + "description": "The provider-assigned unique ID for this managed resource.\n" + }, + "name": { + "type": "string" + }, + "namespace": { + "type": "string" + }, + "secretKey": { + "type": "string", + "secret": true + } + }, + "type": "object", + "required": [ + "accessKey", + "backend", + "name", + "secretKey", + "id" + ] + } + }, + "vault:azure/getAccessCredentials:getAccessCredentials": { + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst creds = vault.azure.getAccessCredentials({\n role: \"my-role\",\n validateCreds: true,\n numSequentialSuccesses: 8,\n numSecondsBetweenTests: 1,\n maxCredValidationSeconds: 300,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ncreds = vault.azure.get_access_credentials(role=\"my-role\",\n validate_creds=True,\n num_sequential_successes=8,\n num_seconds_between_tests=1,\n max_cred_validation_seconds=300)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var creds = Vault.Azure.GetAccessCredentials.Invoke(new()\n {\n Role = \"my-role\",\n ValidateCreds = true,\n NumSequentialSuccesses = 8,\n NumSecondsBetweenTests = 1,\n MaxCredValidationSeconds = 300,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/azure\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := azure.GetAccessCredentials(ctx, \u0026azure.GetAccessCredentialsArgs{\n\t\t\tRole: \"my-role\",\n\t\t\tValidateCreds: pulumi.BoolRef(true),\n\t\t\tNumSequentialSuccesses: pulumi.IntRef(8),\n\t\t\tNumSecondsBetweenTests: pulumi.IntRef(1),\n\t\t\tMaxCredValidationSeconds: pulumi.IntRef(300),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.azure.AzureFunctions;\nimport com.pulumi.vault.azure.inputs.GetAccessCredentialsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var creds = AzureFunctions.getAccessCredentials(GetAccessCredentialsArgs.builder()\n .role(\"my-role\")\n .validateCreds(true)\n .numSequentialSuccesses(8)\n .numSecondsBetweenTests(1)\n .maxCredValidationSeconds(300)\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n creds:\n fn::invoke:\n Function: vault:azure:getAccessCredentials\n Arguments:\n role: my-role\n validateCreds: true\n numSequentialSuccesses: 8\n numSecondsBetweenTests: 1\n maxCredValidationSeconds: 300\n```\n{{% /example %}}\n{{% /examples %}}\n## Caveats\n\nThe `validate_creds` option requires read-access to the `backend` config endpoint.\nIf the effective Vault role does not have the required permissions then valid values \nare required to be set for: `subscription_id`, `tenant_id`, `environment`.\n", + "inputs": { + "description": "A collection of arguments for invoking getAccessCredentials.\n", + "properties": { + "backend": { + "type": "string", + "description": "The path to the Azure secret backend to\nread credentials from, with no leading or trailing `/`s.\n" + }, + "environment": { + "type": "string", + "description": "The Azure environment to use during credential validation.\nDefaults to the environment configured in the Vault backend.\nSome possible values: `AzurePublicCloud`, `AzureGovernmentCloud`\n*See the caveats section for more information on this field.*\n" + }, + "maxCredValidationSeconds": { + "type": "integer", + "description": "If 'validate_creds' is true, \nthe number of seconds after which to give up validating credentials. Defaults\nto 300.\n" + }, + "namespace": { + "type": "string", + "description": "The namespace of the target resource.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n", + "willReplaceOnChanges": true + }, + "numSecondsBetweenTests": { + "type": "integer", + "description": "If 'validate_creds' is true, \nthe number of seconds to wait between each test of generated credentials.\nDefaults to 1.\n" + }, + "numSequentialSuccesses": { + "type": "integer", + "description": "If 'validate_creds' is true, \nthe number of sequential successes required to validate generated\ncredentials. Defaults to 8.\n" + }, + "role": { + "type": "string", + "description": "The name of the Azure secret backend role to read\ncredentials from, with no leading or trailing `/`s.\n" + }, + "subscriptionId": { + "type": "string", + "description": "The subscription ID to use during credential\nvalidation. Defaults to the subscription ID configured in the Vault `backend`.\n*See the caveats section for more information on this field.*\n" + }, + "tenantId": { + "type": "string", + "description": "The tenant ID to use during credential validation.\nDefaults to the tenant ID configured in the Vault `backend`.\n*See the caveats section for more information on this field.*\n" + }, + "validateCreds": { + "type": "boolean", + "description": "Whether generated credentials should be \nvalidated before being returned. Defaults to `false`, which returns\ncredentials without checking whether they have fully propagated throughout\nAzure Active Directory. Designating `true` activates testing.\n" + } + }, + "type": "object", + "required": [ + "backend", + "role" + ] + }, + "outputs": { + "description": "A collection of values returned by getAccessCredentials.\n", + "properties": { + "backend": { + "type": "string" + }, + "clientId": { + "type": "string", + "description": "The client id for credentials to query the Azure APIs.\n" }, "clientSecret": { "type": "string", @@ -31744,7 +29543,7 @@ } }, "vault:gcp/getAuthBackendRole:getAuthBackendRole": { - "description": "Reads a GCP auth role from a Vault server.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst role = pulumi.output(vault.gcp.getAuthBackendRole({\n backend: \"my-gcp-backend\",\n roleName: \"my-role\",\n}));\n\nexport const role_id = role.roleId;\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nrole = vault.gcp.get_auth_backend_role(backend=\"my-gcp-backend\",\n role_name=\"my-role\")\npulumi.export(\"role-id\", role.role_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var role = Vault.Gcp.GetAuthBackendRole.Invoke(new()\n {\n Backend = \"my-gcp-backend\",\n RoleName = \"my-role\",\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"role-id\"] = role.Apply(getAuthBackendRoleResult =\u003e getAuthBackendRoleResult.RoleId),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/gcp\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\trole, err := gcp.LookupAuthBackendRole(ctx, \u0026gcp.LookupAuthBackendRoleArgs{\n\t\t\tBackend: pulumi.StringRef(\"my-gcp-backend\"),\n\t\t\tRoleName: \"my-role\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"role-id\", role.RoleId)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.gcp.GcpFunctions;\nimport com.pulumi.vault.gcp.inputs.GetAuthBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var role = GcpFunctions.getAuthBackendRole(GetAuthBackendRoleArgs.builder()\n .backend(\"my-gcp-backend\")\n .roleName(\"my-role\")\n .build());\n\n ctx.export(\"role-id\", role.applyValue(getAuthBackendRoleResult -\u003e getAuthBackendRoleResult.roleId()));\n }\n}\n```\n```yaml\nvariables:\n role:\n Fn::Invoke:\n Function: vault:gcp:getAuthBackendRole\n Arguments:\n backend: my-gcp-backend\n roleName: my-role\noutputs:\n role-id: ${role.roleId}\n```\n{{% /example %}}\n{{% /examples %}}", + "description": "Reads a GCP auth role from a Vault server.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nexport = async () =\u003e {\n const role = await vault.gcp.getAuthBackendRole({\n backend: \"my-gcp-backend\",\n roleName: \"my-role\",\n });\n return {\n \"role-id\": role.roleId,\n };\n}\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nrole = vault.gcp.get_auth_backend_role(backend=\"my-gcp-backend\",\n role_name=\"my-role\")\npulumi.export(\"role-id\", role.role_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var role = Vault.Gcp.GetAuthBackendRole.Invoke(new()\n {\n Backend = \"my-gcp-backend\",\n RoleName = \"my-role\",\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"role-id\"] = role.Apply(getAuthBackendRoleResult =\u003e getAuthBackendRoleResult.RoleId),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/gcp\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\trole, err := gcp.LookupAuthBackendRole(ctx, \u0026gcp.LookupAuthBackendRoleArgs{\n\t\t\tBackend: pulumi.StringRef(\"my-gcp-backend\"),\n\t\t\tRoleName: \"my-role\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"role-id\", role.RoleId)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.gcp.GcpFunctions;\nimport com.pulumi.vault.gcp.inputs.GetAuthBackendRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var role = GcpFunctions.getAuthBackendRole(GetAuthBackendRoleArgs.builder()\n .backend(\"my-gcp-backend\")\n .roleName(\"my-role\")\n .build());\n\n ctx.export(\"role-id\", role.applyValue(getAuthBackendRoleResult -\u003e getAuthBackendRoleResult.roleId()));\n }\n}\n```\n```yaml\nvariables:\n role:\n fn::invoke:\n Function: vault:gcp:getAuthBackendRole\n Arguments:\n backend: my-gcp-backend\n roleName: my-role\noutputs:\n role-id: ${role.roleId}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getAuthBackendRole.\n", "properties": { @@ -31936,7 +29735,7 @@ } }, "vault:generic/getSecret:getSecret": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n### Generic secret\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst rundeckAuth = vault.generic.getSecret({\n path: \"secret/rundeck_auth\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nrundeck_auth = vault.generic.get_secret(path=\"secret/rundeck_auth\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var rundeckAuth = Vault.Generic.GetSecret.Invoke(new()\n {\n Path = \"secret/rundeck_auth\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/generic\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := generic.LookupSecret(ctx, \u0026generic.LookupSecretArgs{\n\t\t\tPath: \"secret/rundeck_auth\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.generic.GenericFunctions;\nimport com.pulumi.vault.generic.inputs.GetSecretArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var rundeckAuth = GenericFunctions.getSecret(GetSecretArgs.builder()\n .path(\"secret/rundeck_auth\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n rundeckAuth: # Rundeck Provider, for example\n # For this example, in Vault there is a key named \"auth_token\" and the value is the token we need to keep secret.\n # In general usage, replace \"auth_token\" with the key you wish to extract from Vault.\n Fn::Invoke:\n Function: vault:generic:getSecret\n Arguments:\n path: secret/rundeck_auth\n```\n{{% /example %}}\n{{% /examples %}}\n## Required Vault Capabilities\n\nUse of this resource requires the `read` capability on the given path.\n", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n### Generic secret\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst rundeckAuth = vault.generic.getSecret({\n path: \"secret/rundeck_auth\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nrundeck_auth = vault.generic.get_secret(path=\"secret/rundeck_auth\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var rundeckAuth = Vault.Generic.GetSecret.Invoke(new()\n {\n Path = \"secret/rundeck_auth\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/generic\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := generic.LookupSecret(ctx, \u0026generic.LookupSecretArgs{\n\t\t\tPath: \"secret/rundeck_auth\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.generic.GenericFunctions;\nimport com.pulumi.vault.generic.inputs.GetSecretArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var rundeckAuth = GenericFunctions.getSecret(GetSecretArgs.builder()\n .path(\"secret/rundeck_auth\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n rundeckAuth: # Rundeck Provider, for example\n # For this example, in Vault there is a key named \"auth_token\" and the value is the token we need to keep secret.\n # In general usage, replace \"auth_token\" with the key you wish to extract from Vault.\n fn::invoke:\n Function: vault:generic:getSecret\n Arguments:\n path: secret/rundeck_auth\n```\n{{% /example %}}\n{{% /examples %}}\n## Required Vault Capabilities\n\nUse of this resource requires the `read` capability on the given path.\n", "inputs": { "description": "A collection of arguments for invoking getSecret.\n", "properties": { @@ -31954,7 +29753,8 @@ "description": "The version of the secret to read. This is used by the\nVault KV secrets engine - version 2 to indicate which version of the secret\nto read.\n" }, "withLeaseStartTime": { - "type": "boolean" + "type": "boolean", + "description": "If set to true, stores `lease_start_time` in the TF state.\nNote that storing the `lease_start_time` in the TF state will cause a persistent drift\non every `pulumi preview` and will require a `pulumi up`.\n" } }, "type": "object", @@ -32023,7 +29823,7 @@ } }, "vault:identity/getEntity:getEntity": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst entity = pulumi.output(vault.identity.getEntity({\n entityName: \"entity_12345\",\n}));\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nentity = vault.identity.get_entity(entity_name=\"entity_12345\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var entity = Vault.Identity.GetEntity.Invoke(new()\n {\n EntityName = \"entity_12345\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := identity.LookupEntity(ctx, \u0026identity.LookupEntityArgs{\n\t\t\tEntityName: pulumi.StringRef(\"entity_12345\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.IdentityFunctions;\nimport com.pulumi.vault.identity.inputs.GetEntityArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var entity = IdentityFunctions.getEntity(GetEntityArgs.builder()\n .entityName(\"entity_12345\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n entity:\n Fn::Invoke:\n Function: vault:identity:getEntity\n Arguments:\n entityName: entity_12345\n```\n{{% /example %}}\n{{% /examples %}}\n## Required Vault Capabilities\n\nUse of this resource requires the `create` capability on `/identity/lookup/entity`.\n", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst entity = vault.identity.getEntity({\n entityName: \"entity_12345\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nentity = vault.identity.get_entity(entity_name=\"entity_12345\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var entity = Vault.Identity.GetEntity.Invoke(new()\n {\n EntityName = \"entity_12345\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := identity.LookupEntity(ctx, \u0026identity.LookupEntityArgs{\n\t\t\tEntityName: pulumi.StringRef(\"entity_12345\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.IdentityFunctions;\nimport com.pulumi.vault.identity.inputs.GetEntityArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var entity = IdentityFunctions.getEntity(GetEntityArgs.builder()\n .entityName(\"entity_12345\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n entity:\n fn::invoke:\n Function: vault:identity:getEntity\n Arguments:\n entityName: entity_12345\n```\n{{% /example %}}\n{{% /examples %}}\n## Required Vault Capabilities\n\nUse of this resource requires the `create` capability on `/identity/lookup/entity`.\n", "inputs": { "description": "A collection of arguments for invoking getEntity.\n", "properties": { @@ -32033,7 +29833,7 @@ }, "aliasMountAccessor": { "type": "string", - "description": "Accessor of the mount to which the alias belongs to.\nThis should be supplied in conjunction with `alias_name`.\n" + "description": "Accessor of the mount to which the alias belongs to.\nThis should be supplied in conjunction with `alias_name`.\n\nThe lookup criteria can be `entity_name`, `entity_id`, `alias_id`, or a combination of\n`alias_name` and `alias_mount_accessor`.\n" }, "aliasName": { "type": "string", @@ -32174,7 +29974,7 @@ } }, "vault:identity/getGroup:getGroup": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst group = pulumi.output(vault.identity.getGroup({\n groupName: \"user\",\n}));\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ngroup = vault.identity.get_group(group_name=\"user\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @group = Vault.Identity.GetGroup.Invoke(new()\n {\n GroupName = \"user\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := identity.LookupGroup(ctx, \u0026identity.LookupGroupArgs{\n\t\t\tGroupName: pulumi.StringRef(\"user\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.IdentityFunctions;\nimport com.pulumi.vault.identity.inputs.GetGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var group = IdentityFunctions.getGroup(GetGroupArgs.builder()\n .groupName(\"user\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n group:\n Fn::Invoke:\n Function: vault:identity:getGroup\n Arguments:\n groupName: user\n```\n{{% /example %}}\n{{% /examples %}}\n## Required Vault Capabilities\n\nUse of this resource requires the `create` capability on `/identity/lookup/group`.\n", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst group = vault.identity.getGroup({\n groupName: \"user\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ngroup = vault.identity.get_group(group_name=\"user\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @group = Vault.Identity.GetGroup.Invoke(new()\n {\n GroupName = \"user\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := identity.LookupGroup(ctx, \u0026identity.LookupGroupArgs{\n\t\t\tGroupName: pulumi.StringRef(\"user\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.IdentityFunctions;\nimport com.pulumi.vault.identity.inputs.GetGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var group = IdentityFunctions.getGroup(GetGroupArgs.builder()\n .groupName(\"user\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n group:\n fn::invoke:\n Function: vault:identity:getGroup\n Arguments:\n groupName: user\n```\n{{% /example %}}\n{{% /examples %}}\n## Required Vault Capabilities\n\nUse of this resource requires the `create` capability on `/identity/lookup/group`.\n", "inputs": { "description": "A collection of arguments for invoking getGroup.\n", "properties": { @@ -32184,7 +29984,7 @@ }, "aliasMountAccessor": { "type": "string", - "description": "Accessor of the mount to which the alias belongs to.\nThis should be supplied in conjunction with `alias_name`.\n" + "description": "Accessor of the mount to which the alias belongs to.\nThis should be supplied in conjunction with `alias_name`.\n\nThe lookup criteria can be `group_name`, `group_id`, `alias_id`, or a combination of\n`alias_name` and `alias_mount_accessor`.\n" }, "aliasName": { "type": "string", @@ -32355,7 +30155,7 @@ } }, "vault:identity/getOidcClientCreds:getOidcClientCreds": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst app = new vault.identity.OidcClient(\"app\", {\n redirectUris: [\n \"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\",\n \"http://127.0.0.1:8251/callback\",\n \"http://127.0.0.1:8080/callback\",\n ],\n idTokenTtl: 2400,\n accessTokenTtl: 7200,\n});\nconst creds = vault.identity.getOidcClientCredsOutput({\n name: app.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\napp = vault.identity.OidcClient(\"app\",\n redirect_uris=[\n \"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\",\n \"http://127.0.0.1:8251/callback\",\n \"http://127.0.0.1:8080/callback\",\n ],\n id_token_ttl=2400,\n access_token_ttl=7200)\ncreds = vault.identity.get_oidc_client_creds_output(name=app.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var app = new Vault.Identity.OidcClient(\"app\", new()\n {\n RedirectUris = new[]\n {\n \"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\",\n \"http://127.0.0.1:8251/callback\",\n \"http://127.0.0.1:8080/callback\",\n },\n IdTokenTtl = 2400,\n AccessTokenTtl = 7200,\n });\n\n var creds = Vault.Identity.GetOidcClientCreds.Invoke(new()\n {\n Name = app.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tapp, err := identity.NewOidcClient(ctx, \"app\", \u0026identity.OidcClientArgs{\n\t\t\tRedirectUris: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\"),\n\t\t\t\tpulumi.String(\"http://127.0.0.1:8251/callback\"),\n\t\t\t\tpulumi.String(\"http://127.0.0.1:8080/callback\"),\n\t\t\t},\n\t\t\tIdTokenTtl: pulumi.Int(2400),\n\t\t\tAccessTokenTtl: pulumi.Int(7200),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_ = identity.GetOidcClientCredsOutput(ctx, identity.GetOidcClientCredsOutputArgs{\n\t\t\tName: app.Name,\n\t\t}, nil)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.OidcClient;\nimport com.pulumi.vault.identity.OidcClientArgs;\nimport com.pulumi.vault.identity.IdentityFunctions;\nimport com.pulumi.vault.identity.inputs.GetOidcClientCredsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var app = new OidcClient(\"app\", OidcClientArgs.builder() \n .redirectUris( \n \"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\",\n \"http://127.0.0.1:8251/callback\",\n \"http://127.0.0.1:8080/callback\")\n .idTokenTtl(2400)\n .accessTokenTtl(7200)\n .build());\n\n final var creds = IdentityFunctions.getOidcClientCreds(GetOidcClientCredsArgs.builder()\n .name(app.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n app:\n type: vault:identity:OidcClient\n properties:\n redirectUris:\n - http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\n - http://127.0.0.1:8251/callback\n - http://127.0.0.1:8080/callback\n idTokenTtl: 2400\n accessTokenTtl: 7200\nvariables:\n creds:\n Fn::Invoke:\n Function: vault:identity:getOidcClientCreds\n Arguments:\n name: ${app.name}\n```\n{{% /example %}}\n{{% /examples %}}", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst app = new vault.identity.OidcClient(\"app\", {\n redirectUris: [\n \"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\",\n \"http://127.0.0.1:8251/callback\",\n \"http://127.0.0.1:8080/callback\",\n ],\n idTokenTtl: 2400,\n accessTokenTtl: 7200,\n});\nconst creds = vault.identity.getOidcClientCredsOutput({\n name: app.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\napp = vault.identity.OidcClient(\"app\",\n redirect_uris=[\n \"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\",\n \"http://127.0.0.1:8251/callback\",\n \"http://127.0.0.1:8080/callback\",\n ],\n id_token_ttl=2400,\n access_token_ttl=7200)\ncreds = vault.identity.get_oidc_client_creds_output(name=app.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var app = new Vault.Identity.OidcClient(\"app\", new()\n {\n RedirectUris = new[]\n {\n \"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\",\n \"http://127.0.0.1:8251/callback\",\n \"http://127.0.0.1:8080/callback\",\n },\n IdTokenTtl = 2400,\n AccessTokenTtl = 7200,\n });\n\n var creds = Vault.Identity.GetOidcClientCreds.Invoke(new()\n {\n Name = app.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tapp, err := identity.NewOidcClient(ctx, \"app\", \u0026identity.OidcClientArgs{\n\t\t\tRedirectUris: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\"),\n\t\t\t\tpulumi.String(\"http://127.0.0.1:8251/callback\"),\n\t\t\t\tpulumi.String(\"http://127.0.0.1:8080/callback\"),\n\t\t\t},\n\t\t\tIdTokenTtl: pulumi.Int(2400),\n\t\t\tAccessTokenTtl: pulumi.Int(7200),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_ = identity.GetOidcClientCredsOutput(ctx, identity.GetOidcClientCredsOutputArgs{\n\t\t\tName: app.Name,\n\t\t}, nil)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.OidcClient;\nimport com.pulumi.vault.identity.OidcClientArgs;\nimport com.pulumi.vault.identity.IdentityFunctions;\nimport com.pulumi.vault.identity.inputs.GetOidcClientCredsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var app = new OidcClient(\"app\", OidcClientArgs.builder() \n .redirectUris( \n \"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\",\n \"http://127.0.0.1:8251/callback\",\n \"http://127.0.0.1:8080/callback\")\n .idTokenTtl(2400)\n .accessTokenTtl(7200)\n .build());\n\n final var creds = IdentityFunctions.getOidcClientCreds(GetOidcClientCredsArgs.builder()\n .name(app.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n app:\n type: vault:identity:OidcClient\n properties:\n redirectUris:\n - http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\n - http://127.0.0.1:8251/callback\n - http://127.0.0.1:8080/callback\n idTokenTtl: 2400\n accessTokenTtl: 7200\nvariables:\n creds:\n fn::invoke:\n Function: vault:identity:getOidcClientCreds\n Arguments:\n name: ${app.name}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getOidcClientCreds.\n", "properties": { @@ -32383,7 +30183,7 @@ }, "clientSecret": { "type": "string", - "description": "The Client Secret Key returned by Vault.\n", + "description": "The Client Secret Key returned by Vault.\nFor public OpenID Clients `client_secret` is set to an empty string `\"\"`\n", "secret": true }, "id": { @@ -32407,7 +30207,7 @@ } }, "vault:identity/getOidcOpenidConfig:getOidcOpenidConfig": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst key = new vault.identity.OidcKey(\"key\", {\n allowedClientIds: [\"*\"],\n rotationPeriod: 3600,\n verificationTtl: 3600,\n});\nconst app = new vault.identity.OidcClient(\"app\", {\n key: key.name,\n redirectUris: [\n \"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\",\n \"http://127.0.0.1:8251/callback\",\n \"http://127.0.0.1:8080/callback\",\n ],\n idTokenTtl: 2400,\n accessTokenTtl: 7200,\n});\nconst provider = new vault.identity.OidcProvider(\"provider\", {allowedClientIds: [vault_identity_oidc_client.test.client_id]});\nconst config = vault.identity.getOidcOpenidConfigOutput({\n name: provider.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nkey = vault.identity.OidcKey(\"key\",\n allowed_client_ids=[\"*\"],\n rotation_period=3600,\n verification_ttl=3600)\napp = vault.identity.OidcClient(\"app\",\n key=key.name,\n redirect_uris=[\n \"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\",\n \"http://127.0.0.1:8251/callback\",\n \"http://127.0.0.1:8080/callback\",\n ],\n id_token_ttl=2400,\n access_token_ttl=7200)\nprovider = vault.identity.OidcProvider(\"provider\", allowed_client_ids=[vault_identity_oidc_client[\"test\"][\"client_id\"]])\nconfig = vault.identity.get_oidc_openid_config_output(name=provider.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var key = new Vault.Identity.OidcKey(\"key\", new()\n {\n AllowedClientIds = new[]\n {\n \"*\",\n },\n RotationPeriod = 3600,\n VerificationTtl = 3600,\n });\n\n var app = new Vault.Identity.OidcClient(\"app\", new()\n {\n Key = key.Name,\n RedirectUris = new[]\n {\n \"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\",\n \"http://127.0.0.1:8251/callback\",\n \"http://127.0.0.1:8080/callback\",\n },\n IdTokenTtl = 2400,\n AccessTokenTtl = 7200,\n });\n\n var provider = new Vault.Identity.OidcProvider(\"provider\", new()\n {\n AllowedClientIds = new[]\n {\n vault_identity_oidc_client.Test.Client_id,\n },\n });\n\n var config = Vault.Identity.GetOidcOpenidConfig.Invoke(new()\n {\n Name = provider.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tkey, err := identity.NewOidcKey(ctx, \"key\", \u0026identity.OidcKeyArgs{\n\t\t\tAllowedClientIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"*\"),\n\t\t\t},\n\t\t\tRotationPeriod: pulumi.Int(3600),\n\t\t\tVerificationTtl: pulumi.Int(3600),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewOidcClient(ctx, \"app\", \u0026identity.OidcClientArgs{\n\t\t\tKey: key.Name,\n\t\t\tRedirectUris: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\"),\n\t\t\t\tpulumi.String(\"http://127.0.0.1:8251/callback\"),\n\t\t\t\tpulumi.String(\"http://127.0.0.1:8080/callback\"),\n\t\t\t},\n\t\t\tIdTokenTtl: pulumi.Int(2400),\n\t\t\tAccessTokenTtl: pulumi.Int(7200),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tprovider, err := identity.NewOidcProvider(ctx, \"provider\", \u0026identity.OidcProviderArgs{\n\t\t\tAllowedClientIds: pulumi.StringArray{\n\t\t\t\tpulumi.Any(vault_identity_oidc_client.Test.Client_id),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_ = identity.GetOidcOpenidConfigOutput(ctx, identity.GetOidcOpenidConfigOutputArgs{\n\t\t\tName: provider.Name,\n\t\t}, nil)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.OidcKey;\nimport com.pulumi.vault.identity.OidcKeyArgs;\nimport com.pulumi.vault.identity.OidcClient;\nimport com.pulumi.vault.identity.OidcClientArgs;\nimport com.pulumi.vault.identity.OidcProvider;\nimport com.pulumi.vault.identity.OidcProviderArgs;\nimport com.pulumi.vault.identity.IdentityFunctions;\nimport com.pulumi.vault.identity.inputs.GetOidcOpenidConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var key = new OidcKey(\"key\", OidcKeyArgs.builder() \n .allowedClientIds(\"*\")\n .rotationPeriod(3600)\n .verificationTtl(3600)\n .build());\n\n var app = new OidcClient(\"app\", OidcClientArgs.builder() \n .key(key.name())\n .redirectUris( \n \"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\",\n \"http://127.0.0.1:8251/callback\",\n \"http://127.0.0.1:8080/callback\")\n .idTokenTtl(2400)\n .accessTokenTtl(7200)\n .build());\n\n var provider = new OidcProvider(\"provider\", OidcProviderArgs.builder() \n .allowedClientIds(vault_identity_oidc_client.test().client_id())\n .build());\n\n final var config = IdentityFunctions.getOidcOpenidConfig(GetOidcOpenidConfigArgs.builder()\n .name(provider.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n key:\n type: vault:identity:OidcKey\n properties:\n allowedClientIds:\n - '*'\n rotationPeriod: 3600\n verificationTtl: 3600\n app:\n type: vault:identity:OidcClient\n properties:\n key: ${key.name}\n redirectUris:\n - http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\n - http://127.0.0.1:8251/callback\n - http://127.0.0.1:8080/callback\n idTokenTtl: 2400\n accessTokenTtl: 7200\n provider:\n type: vault:identity:OidcProvider\n properties:\n allowedClientIds:\n - ${vault_identity_oidc_client.test.client_id}\nvariables:\n config:\n Fn::Invoke:\n Function: vault:identity:getOidcOpenidConfig\n Arguments:\n name: ${provider.name}\n```\n{{% /example %}}\n{{% /examples %}}", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst key = new vault.identity.OidcKey(\"key\", {\n allowedClientIds: [\"*\"],\n rotationPeriod: 3600,\n verificationTtl: 3600,\n});\nconst app = new vault.identity.OidcClient(\"app\", {\n key: key.name,\n redirectUris: [\n \"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\",\n \"http://127.0.0.1:8251/callback\",\n \"http://127.0.0.1:8080/callback\",\n ],\n idTokenTtl: 2400,\n accessTokenTtl: 7200,\n});\nconst provider = new vault.identity.OidcProvider(\"provider\", {allowedClientIds: [vault_identity_oidc_client.test.client_id]});\nconst config = vault.identity.getOidcOpenidConfigOutput({\n name: provider.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nkey = vault.identity.OidcKey(\"key\",\n allowed_client_ids=[\"*\"],\n rotation_period=3600,\n verification_ttl=3600)\napp = vault.identity.OidcClient(\"app\",\n key=key.name,\n redirect_uris=[\n \"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\",\n \"http://127.0.0.1:8251/callback\",\n \"http://127.0.0.1:8080/callback\",\n ],\n id_token_ttl=2400,\n access_token_ttl=7200)\nprovider = vault.identity.OidcProvider(\"provider\", allowed_client_ids=[vault_identity_oidc_client[\"test\"][\"client_id\"]])\nconfig = vault.identity.get_oidc_openid_config_output(name=provider.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var key = new Vault.Identity.OidcKey(\"key\", new()\n {\n AllowedClientIds = new[]\n {\n \"*\",\n },\n RotationPeriod = 3600,\n VerificationTtl = 3600,\n });\n\n var app = new Vault.Identity.OidcClient(\"app\", new()\n {\n Key = key.Name,\n RedirectUris = new[]\n {\n \"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\",\n \"http://127.0.0.1:8251/callback\",\n \"http://127.0.0.1:8080/callback\",\n },\n IdTokenTtl = 2400,\n AccessTokenTtl = 7200,\n });\n\n var provider = new Vault.Identity.OidcProvider(\"provider\", new()\n {\n AllowedClientIds = new[]\n {\n vault_identity_oidc_client.Test.Client_id,\n },\n });\n\n var config = Vault.Identity.GetOidcOpenidConfig.Invoke(new()\n {\n Name = provider.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tkey, err := identity.NewOidcKey(ctx, \"key\", \u0026identity.OidcKeyArgs{\n\t\t\tAllowedClientIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"*\"),\n\t\t\t},\n\t\t\tRotationPeriod: pulumi.Int(3600),\n\t\t\tVerificationTtl: pulumi.Int(3600),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewOidcClient(ctx, \"app\", \u0026identity.OidcClientArgs{\n\t\t\tKey: key.Name,\n\t\t\tRedirectUris: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\"),\n\t\t\t\tpulumi.String(\"http://127.0.0.1:8251/callback\"),\n\t\t\t\tpulumi.String(\"http://127.0.0.1:8080/callback\"),\n\t\t\t},\n\t\t\tIdTokenTtl: pulumi.Int(2400),\n\t\t\tAccessTokenTtl: pulumi.Int(7200),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tprovider, err := identity.NewOidcProvider(ctx, \"provider\", \u0026identity.OidcProviderArgs{\n\t\t\tAllowedClientIds: pulumi.StringArray{\n\t\t\t\tvault_identity_oidc_client.Test.Client_id,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_ = identity.GetOidcOpenidConfigOutput(ctx, identity.GetOidcOpenidConfigOutputArgs{\n\t\t\tName: provider.Name,\n\t\t}, nil)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.OidcKey;\nimport com.pulumi.vault.identity.OidcKeyArgs;\nimport com.pulumi.vault.identity.OidcClient;\nimport com.pulumi.vault.identity.OidcClientArgs;\nimport com.pulumi.vault.identity.OidcProvider;\nimport com.pulumi.vault.identity.OidcProviderArgs;\nimport com.pulumi.vault.identity.IdentityFunctions;\nimport com.pulumi.vault.identity.inputs.GetOidcOpenidConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var key = new OidcKey(\"key\", OidcKeyArgs.builder() \n .allowedClientIds(\"*\")\n .rotationPeriod(3600)\n .verificationTtl(3600)\n .build());\n\n var app = new OidcClient(\"app\", OidcClientArgs.builder() \n .key(key.name())\n .redirectUris( \n \"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\",\n \"http://127.0.0.1:8251/callback\",\n \"http://127.0.0.1:8080/callback\")\n .idTokenTtl(2400)\n .accessTokenTtl(7200)\n .build());\n\n var provider = new OidcProvider(\"provider\", OidcProviderArgs.builder() \n .allowedClientIds(vault_identity_oidc_client.test().client_id())\n .build());\n\n final var config = IdentityFunctions.getOidcOpenidConfig(GetOidcOpenidConfigArgs.builder()\n .name(provider.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n key:\n type: vault:identity:OidcKey\n properties:\n allowedClientIds:\n - '*'\n rotationPeriod: 3600\n verificationTtl: 3600\n app:\n type: vault:identity:OidcClient\n properties:\n key: ${key.name}\n redirectUris:\n - http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\n - http://127.0.0.1:8251/callback\n - http://127.0.0.1:8080/callback\n idTokenTtl: 2400\n accessTokenTtl: 7200\n provider:\n type: vault:identity:OidcProvider\n properties:\n allowedClientIds:\n - ${vault_identity_oidc_client.test.client_id}\nvariables:\n config:\n fn::invoke:\n Function: vault:identity:getOidcOpenidConfig\n Arguments:\n name: ${provider.name}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getOidcOpenidConfig.\n", "properties": { @@ -32526,7 +30326,7 @@ } }, "vault:identity/getOidcPublicKeys:getOidcPublicKeys": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst key = new vault.identity.OidcKey(\"key\", {\n allowedClientIds: [\"*\"],\n rotationPeriod: 3600,\n verificationTtl: 3600,\n});\nconst app = new vault.identity.OidcClient(\"app\", {\n key: key.name,\n redirectUris: [\n \"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\",\n \"http://127.0.0.1:8251/callback\",\n \"http://127.0.0.1:8080/callback\",\n ],\n idTokenTtl: 2400,\n accessTokenTtl: 7200,\n});\nconst provider = new vault.identity.OidcProvider(\"provider\", {allowedClientIds: [vault_identity_oidc_client.test.client_id]});\nconst publicKeys = vault.identity.getOidcPublicKeysOutput({\n name: provider.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nkey = vault.identity.OidcKey(\"key\",\n allowed_client_ids=[\"*\"],\n rotation_period=3600,\n verification_ttl=3600)\napp = vault.identity.OidcClient(\"app\",\n key=key.name,\n redirect_uris=[\n \"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\",\n \"http://127.0.0.1:8251/callback\",\n \"http://127.0.0.1:8080/callback\",\n ],\n id_token_ttl=2400,\n access_token_ttl=7200)\nprovider = vault.identity.OidcProvider(\"provider\", allowed_client_ids=[vault_identity_oidc_client[\"test\"][\"client_id\"]])\npublic_keys = vault.identity.get_oidc_public_keys_output(name=provider.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var key = new Vault.Identity.OidcKey(\"key\", new()\n {\n AllowedClientIds = new[]\n {\n \"*\",\n },\n RotationPeriod = 3600,\n VerificationTtl = 3600,\n });\n\n var app = new Vault.Identity.OidcClient(\"app\", new()\n {\n Key = key.Name,\n RedirectUris = new[]\n {\n \"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\",\n \"http://127.0.0.1:8251/callback\",\n \"http://127.0.0.1:8080/callback\",\n },\n IdTokenTtl = 2400,\n AccessTokenTtl = 7200,\n });\n\n var provider = new Vault.Identity.OidcProvider(\"provider\", new()\n {\n AllowedClientIds = new[]\n {\n vault_identity_oidc_client.Test.Client_id,\n },\n });\n\n var publicKeys = Vault.Identity.GetOidcPublicKeys.Invoke(new()\n {\n Name = provider.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tkey, err := identity.NewOidcKey(ctx, \"key\", \u0026identity.OidcKeyArgs{\n\t\t\tAllowedClientIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"*\"),\n\t\t\t},\n\t\t\tRotationPeriod: pulumi.Int(3600),\n\t\t\tVerificationTtl: pulumi.Int(3600),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewOidcClient(ctx, \"app\", \u0026identity.OidcClientArgs{\n\t\t\tKey: key.Name,\n\t\t\tRedirectUris: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\"),\n\t\t\t\tpulumi.String(\"http://127.0.0.1:8251/callback\"),\n\t\t\t\tpulumi.String(\"http://127.0.0.1:8080/callback\"),\n\t\t\t},\n\t\t\tIdTokenTtl: pulumi.Int(2400),\n\t\t\tAccessTokenTtl: pulumi.Int(7200),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tprovider, err := identity.NewOidcProvider(ctx, \"provider\", \u0026identity.OidcProviderArgs{\n\t\t\tAllowedClientIds: pulumi.StringArray{\n\t\t\t\tpulumi.Any(vault_identity_oidc_client.Test.Client_id),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_ = identity.GetOidcPublicKeysOutput(ctx, identity.GetOidcPublicKeysOutputArgs{\n\t\t\tName: provider.Name,\n\t\t}, nil)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.OidcKey;\nimport com.pulumi.vault.identity.OidcKeyArgs;\nimport com.pulumi.vault.identity.OidcClient;\nimport com.pulumi.vault.identity.OidcClientArgs;\nimport com.pulumi.vault.identity.OidcProvider;\nimport com.pulumi.vault.identity.OidcProviderArgs;\nimport com.pulumi.vault.identity.IdentityFunctions;\nimport com.pulumi.vault.identity.inputs.GetOidcPublicKeysArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var key = new OidcKey(\"key\", OidcKeyArgs.builder() \n .allowedClientIds(\"*\")\n .rotationPeriod(3600)\n .verificationTtl(3600)\n .build());\n\n var app = new OidcClient(\"app\", OidcClientArgs.builder() \n .key(key.name())\n .redirectUris( \n \"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\",\n \"http://127.0.0.1:8251/callback\",\n \"http://127.0.0.1:8080/callback\")\n .idTokenTtl(2400)\n .accessTokenTtl(7200)\n .build());\n\n var provider = new OidcProvider(\"provider\", OidcProviderArgs.builder() \n .allowedClientIds(vault_identity_oidc_client.test().client_id())\n .build());\n\n final var publicKeys = IdentityFunctions.getOidcPublicKeys(GetOidcPublicKeysArgs.builder()\n .name(provider.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n key:\n type: vault:identity:OidcKey\n properties:\n allowedClientIds:\n - '*'\n rotationPeriod: 3600\n verificationTtl: 3600\n app:\n type: vault:identity:OidcClient\n properties:\n key: ${key.name}\n redirectUris:\n - http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\n - http://127.0.0.1:8251/callback\n - http://127.0.0.1:8080/callback\n idTokenTtl: 2400\n accessTokenTtl: 7200\n provider:\n type: vault:identity:OidcProvider\n properties:\n allowedClientIds:\n - ${vault_identity_oidc_client.test.client_id}\nvariables:\n publicKeys:\n Fn::Invoke:\n Function: vault:identity:getOidcPublicKeys\n Arguments:\n name: ${provider.name}\n```\n{{% /example %}}\n{{% /examples %}}", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst key = new vault.identity.OidcKey(\"key\", {\n allowedClientIds: [\"*\"],\n rotationPeriod: 3600,\n verificationTtl: 3600,\n});\nconst app = new vault.identity.OidcClient(\"app\", {\n key: key.name,\n redirectUris: [\n \"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\",\n \"http://127.0.0.1:8251/callback\",\n \"http://127.0.0.1:8080/callback\",\n ],\n idTokenTtl: 2400,\n accessTokenTtl: 7200,\n});\nconst provider = new vault.identity.OidcProvider(\"provider\", {allowedClientIds: [vault_identity_oidc_client.test.client_id]});\nconst publicKeys = vault.identity.getOidcPublicKeysOutput({\n name: provider.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nkey = vault.identity.OidcKey(\"key\",\n allowed_client_ids=[\"*\"],\n rotation_period=3600,\n verification_ttl=3600)\napp = vault.identity.OidcClient(\"app\",\n key=key.name,\n redirect_uris=[\n \"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\",\n \"http://127.0.0.1:8251/callback\",\n \"http://127.0.0.1:8080/callback\",\n ],\n id_token_ttl=2400,\n access_token_ttl=7200)\nprovider = vault.identity.OidcProvider(\"provider\", allowed_client_ids=[vault_identity_oidc_client[\"test\"][\"client_id\"]])\npublic_keys = vault.identity.get_oidc_public_keys_output(name=provider.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var key = new Vault.Identity.OidcKey(\"key\", new()\n {\n AllowedClientIds = new[]\n {\n \"*\",\n },\n RotationPeriod = 3600,\n VerificationTtl = 3600,\n });\n\n var app = new Vault.Identity.OidcClient(\"app\", new()\n {\n Key = key.Name,\n RedirectUris = new[]\n {\n \"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\",\n \"http://127.0.0.1:8251/callback\",\n \"http://127.0.0.1:8080/callback\",\n },\n IdTokenTtl = 2400,\n AccessTokenTtl = 7200,\n });\n\n var provider = new Vault.Identity.OidcProvider(\"provider\", new()\n {\n AllowedClientIds = new[]\n {\n vault_identity_oidc_client.Test.Client_id,\n },\n });\n\n var publicKeys = Vault.Identity.GetOidcPublicKeys.Invoke(new()\n {\n Name = provider.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/identity\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tkey, err := identity.NewOidcKey(ctx, \"key\", \u0026identity.OidcKeyArgs{\n\t\t\tAllowedClientIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"*\"),\n\t\t\t},\n\t\t\tRotationPeriod: pulumi.Int(3600),\n\t\t\tVerificationTtl: pulumi.Int(3600),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = identity.NewOidcClient(ctx, \"app\", \u0026identity.OidcClientArgs{\n\t\t\tKey: key.Name,\n\t\t\tRedirectUris: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\"),\n\t\t\t\tpulumi.String(\"http://127.0.0.1:8251/callback\"),\n\t\t\t\tpulumi.String(\"http://127.0.0.1:8080/callback\"),\n\t\t\t},\n\t\t\tIdTokenTtl: pulumi.Int(2400),\n\t\t\tAccessTokenTtl: pulumi.Int(7200),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tprovider, err := identity.NewOidcProvider(ctx, \"provider\", \u0026identity.OidcProviderArgs{\n\t\t\tAllowedClientIds: pulumi.StringArray{\n\t\t\t\tvault_identity_oidc_client.Test.Client_id,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_ = identity.GetOidcPublicKeysOutput(ctx, identity.GetOidcPublicKeysOutputArgs{\n\t\t\tName: provider.Name,\n\t\t}, nil)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.identity.OidcKey;\nimport com.pulumi.vault.identity.OidcKeyArgs;\nimport com.pulumi.vault.identity.OidcClient;\nimport com.pulumi.vault.identity.OidcClientArgs;\nimport com.pulumi.vault.identity.OidcProvider;\nimport com.pulumi.vault.identity.OidcProviderArgs;\nimport com.pulumi.vault.identity.IdentityFunctions;\nimport com.pulumi.vault.identity.inputs.GetOidcPublicKeysArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var key = new OidcKey(\"key\", OidcKeyArgs.builder() \n .allowedClientIds(\"*\")\n .rotationPeriod(3600)\n .verificationTtl(3600)\n .build());\n\n var app = new OidcClient(\"app\", OidcClientArgs.builder() \n .key(key.name())\n .redirectUris( \n \"http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\",\n \"http://127.0.0.1:8251/callback\",\n \"http://127.0.0.1:8080/callback\")\n .idTokenTtl(2400)\n .accessTokenTtl(7200)\n .build());\n\n var provider = new OidcProvider(\"provider\", OidcProviderArgs.builder() \n .allowedClientIds(vault_identity_oidc_client.test().client_id())\n .build());\n\n final var publicKeys = IdentityFunctions.getOidcPublicKeys(GetOidcPublicKeysArgs.builder()\n .name(provider.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n key:\n type: vault:identity:OidcKey\n properties:\n allowedClientIds:\n - '*'\n rotationPeriod: 3600\n verificationTtl: 3600\n app:\n type: vault:identity:OidcClient\n properties:\n key: ${key.name}\n redirectUris:\n - http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback\n - http://127.0.0.1:8251/callback\n - http://127.0.0.1:8080/callback\n idTokenTtl: 2400\n accessTokenTtl: 7200\n provider:\n type: vault:identity:OidcProvider\n properties:\n allowedClientIds:\n - ${vault_identity_oidc_client.test.client_id}\nvariables:\n publicKeys:\n fn::invoke:\n Function: vault:identity:getOidcPublicKeys\n Arguments:\n name: ${provider.name}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getOidcPublicKeys.\n", "properties": { @@ -32578,7 +30378,7 @@ } }, "vault:index/getAuthBackend:getAuthBackend": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst example = pulumi.output(vault.getAuthBackend({\n path: \"userpass\",\n}));\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample = vault.get_auth_backend(path=\"userpass\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Vault.GetAuthBackend.Invoke(new()\n {\n Path = \"userpass\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.LookupAuthBackend(ctx, \u0026GetAuthBackendArgs{\n\t\t\tPath: \"userpass\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.VaultFunctions;\nimport com.pulumi.vault.inputs.GetAuthBackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = VaultFunctions.getAuthBackend(GetAuthBackendArgs.builder()\n .path(\"userpass\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n Fn::Invoke:\n Function: vault:getAuthBackend\n Arguments:\n path: userpass\n```\n{{% /example %}}\n{{% /examples %}}", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst example = vault.getAuthBackend({\n path: \"userpass\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample = vault.get_auth_backend(path=\"userpass\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Vault.GetAuthBackend.Invoke(new()\n {\n Path = \"userpass\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vault.LookupAuthBackend(ctx, \u0026vault.LookupAuthBackendArgs{\n\t\t\tPath: \"userpass\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.VaultFunctions;\nimport com.pulumi.vault.inputs.GetAuthBackendArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = VaultFunctions.getAuthBackend(GetAuthBackendArgs.builder()\n .path(\"userpass\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n example:\n fn::invoke:\n Function: vault:getAuthBackend\n Arguments:\n path: userpass\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getAuthBackend.\n", "properties": { @@ -32653,8 +30453,60 @@ ] } }, + "vault:index/getAuthBackends:getAuthBackends": { + "inputs": { + "description": "A collection of arguments for invoking getAuthBackends.\n", + "properties": { + "namespace": { + "type": "string", + "description": "The namespace of the target resource.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n", + "willReplaceOnChanges": true + }, + "type": { + "type": "string", + "description": "The name of the auth method type. Allows filtering of backends returned by type.\n" + } + }, + "type": "object" + }, + "outputs": { + "description": "A collection of values returned by getAuthBackends.\n", + "properties": { + "accessors": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The accessor IDs for the auth methods.\n" + }, + "id": { + "type": "string", + "description": "The provider-assigned unique ID for this managed resource.\n" + }, + "namespace": { + "type": "string" + }, + "paths": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of auth backend mount points.\n" + }, + "type": { + "type": "string" + } + }, + "type": "object", + "required": [ + "accessors", + "paths", + "id" + ] + } + }, "vault:index/getNomadAccessToken:getNomadAccessToken": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new vault.NomadSecretBackend(\"config\", {\n backend: \"nomad\",\n description: \"test description\",\n defaultLeaseTtlSeconds: 3600,\n maxLeaseTtlSeconds: 7200,\n address: \"https://127.0.0.1:4646\",\n token: \"ae20ceaa-...\",\n});\nconst test = new vault.NomadSecretRole(\"test\", {\n backend: config.backend,\n role: \"test\",\n type: \"client\",\n policies: [\"readonly\"],\n});\nconst token = pulumi.all([config.backend, test.role]).apply(([backend, role]) =\u003e vault.getNomadAccessTokenOutput({\n backend: backend,\n role: role,\n}));\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nconfig = vault.NomadSecretBackend(\"config\",\n backend=\"nomad\",\n description=\"test description\",\n default_lease_ttl_seconds=3600,\n max_lease_ttl_seconds=7200,\n address=\"https://127.0.0.1:4646\",\n token=\"ae20ceaa-...\")\ntest = vault.NomadSecretRole(\"test\",\n backend=config.backend,\n role=\"test\",\n type=\"client\",\n policies=[\"readonly\"])\ntoken = pulumi.Output.all(config.backend, test.role).apply(lambda backend, role: vault.get_nomad_access_token_output(backend=backend,\n role=role))\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Vault.NomadSecretBackend(\"config\", new()\n {\n Backend = \"nomad\",\n Description = \"test description\",\n DefaultLeaseTtlSeconds = 3600,\n MaxLeaseTtlSeconds = 7200,\n Address = \"https://127.0.0.1:4646\",\n Token = \"ae20ceaa-...\",\n });\n\n var test = new Vault.NomadSecretRole(\"test\", new()\n {\n Backend = config.Backend,\n Role = \"test\",\n Type = \"client\",\n Policies = new[]\n {\n \"readonly\",\n },\n });\n\n var token = Vault.GetNomadAccessToken.Invoke(new()\n {\n Backend = config.Backend,\n Role = test.Role,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tconfig, err := vault.NewNomadSecretBackend(ctx, \"config\", \u0026vault.NomadSecretBackendArgs{\n\t\t\tBackend: pulumi.String(\"nomad\"),\n\t\t\tDescription: pulumi.String(\"test description\"),\n\t\t\tDefaultLeaseTtlSeconds: pulumi.Int(3600),\n\t\t\tMaxLeaseTtlSeconds: pulumi.Int(7200),\n\t\t\tAddress: pulumi.String(\"https://127.0.0.1:4646\"),\n\t\t\tToken: pulumi.String(\"ae20ceaa-...\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttest, err := vault.NewNomadSecretRole(ctx, \"test\", \u0026vault.NomadSecretRoleArgs{\n\t\t\tBackend: config.Backend,\n\t\t\tRole: pulumi.String(\"test\"),\n\t\t\tType: pulumi.String(\"client\"),\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"readonly\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.NomadSecretBackend;\nimport com.pulumi.vault.NomadSecretBackendArgs;\nimport com.pulumi.vault.NomadSecretRole;\nimport com.pulumi.vault.NomadSecretRoleArgs;\nimport com.pulumi.vault.VaultFunctions;\nimport com.pulumi.vault.inputs.GetNomadAccessTokenArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var config = new NomadSecretBackend(\"config\", NomadSecretBackendArgs.builder() \n .backend(\"nomad\")\n .description(\"test description\")\n .defaultLeaseTtlSeconds(\"3600\")\n .maxLeaseTtlSeconds(\"7200\")\n .address(\"https://127.0.0.1:4646\")\n .token(\"ae20ceaa-...\")\n .build());\n\n var test = new NomadSecretRole(\"test\", NomadSecretRoleArgs.builder() \n .backend(config.backend())\n .role(\"test\")\n .type(\"client\")\n .policies(\"readonly\")\n .build());\n\n final var token = VaultFunctions.getNomadAccessToken(GetNomadAccessTokenArgs.builder()\n .backend(config.backend())\n .role(test.role())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n config:\n type: vault:NomadSecretBackend\n properties:\n backend: nomad\n description: test description\n defaultLeaseTtlSeconds: 3600\n maxLeaseTtlSeconds: 7200\n address: https://127.0.0.1:4646\n token: ae20ceaa-...\n test:\n type: vault:NomadSecretRole\n properties:\n backend: ${config.backend}\n role: test\n type: client\n policies:\n - readonly\nvariables:\n token:\n Fn::Invoke:\n Function: vault:getNomadAccessToken\n Arguments:\n backend: ${config.backend}\n role: ${test.role}\n```\n{{% /example %}}\n{{% /examples %}}", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new vault.NomadSecretBackend(\"config\", {\n backend: \"nomad\",\n description: \"test description\",\n defaultLeaseTtlSeconds: 3600,\n maxLeaseTtlSeconds: 7200,\n address: \"https://127.0.0.1:4646\",\n token: \"ae20ceaa-...\",\n});\nconst test = new vault.NomadSecretRole(\"test\", {\n backend: config.backend,\n role: \"test\",\n type: \"client\",\n policies: [\"readonly\"],\n});\nconst token = pulumi.all([config.backend, test.role]).apply(([backend, role]) =\u003e vault.getNomadAccessTokenOutput({\n backend: backend,\n role: role,\n}));\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nconfig = vault.NomadSecretBackend(\"config\",\n backend=\"nomad\",\n description=\"test description\",\n default_lease_ttl_seconds=3600,\n max_lease_ttl_seconds=7200,\n address=\"https://127.0.0.1:4646\",\n token=\"ae20ceaa-...\")\ntest = vault.NomadSecretRole(\"test\",\n backend=config.backend,\n role=\"test\",\n type=\"client\",\n policies=[\"readonly\"])\ntoken = pulumi.Output.all(config.backend, test.role).apply(lambda backend, role: vault.get_nomad_access_token_output(backend=backend,\n role=role))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Vault.NomadSecretBackend(\"config\", new()\n {\n Backend = \"nomad\",\n Description = \"test description\",\n DefaultLeaseTtlSeconds = 3600,\n MaxLeaseTtlSeconds = 7200,\n Address = \"https://127.0.0.1:4646\",\n Token = \"ae20ceaa-...\",\n });\n\n var test = new Vault.NomadSecretRole(\"test\", new()\n {\n Backend = config.Backend,\n Role = \"test\",\n Type = \"client\",\n Policies = new[]\n {\n \"readonly\",\n },\n });\n\n var token = Vault.GetNomadAccessToken.Invoke(new()\n {\n Backend = config.Backend,\n Role = test.Role,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tconfig, err := vault.NewNomadSecretBackend(ctx, \"config\", \u0026vault.NomadSecretBackendArgs{\n\t\t\tBackend: pulumi.String(\"nomad\"),\n\t\t\tDescription: pulumi.String(\"test description\"),\n\t\t\tDefaultLeaseTtlSeconds: pulumi.Int(3600),\n\t\t\tMaxLeaseTtlSeconds: pulumi.Int(7200),\n\t\t\tAddress: pulumi.String(\"https://127.0.0.1:4646\"),\n\t\t\tToken: pulumi.String(\"ae20ceaa-...\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttest, err := vault.NewNomadSecretRole(ctx, \"test\", \u0026vault.NomadSecretRoleArgs{\n\t\t\tBackend: config.Backend,\n\t\t\tRole: pulumi.String(\"test\"),\n\t\t\tType: pulumi.String(\"client\"),\n\t\t\tPolicies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"readonly\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_ = pulumi.All(config.Backend, test.Role).ApplyT(func(_args []interface{}) (vault.GetNomadAccessTokenResult, error) {\n\t\t\tbackend := _args[0].(*string)\n\t\t\trole := _args[1].(string)\n\t\t\treturn vault.GetNomadAccessTokenOutput(ctx, vault.GetNomadAccessTokenOutputArgs{\n\t\t\t\tBackend: backend,\n\t\t\t\tRole: role,\n\t\t\t}, nil), nil\n\t\t}).(vault.GetNomadAccessTokenResultOutput)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.NomadSecretBackend;\nimport com.pulumi.vault.NomadSecretBackendArgs;\nimport com.pulumi.vault.NomadSecretRole;\nimport com.pulumi.vault.NomadSecretRoleArgs;\nimport com.pulumi.vault.VaultFunctions;\nimport com.pulumi.vault.inputs.GetNomadAccessTokenArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var config = new NomadSecretBackend(\"config\", NomadSecretBackendArgs.builder() \n .backend(\"nomad\")\n .description(\"test description\")\n .defaultLeaseTtlSeconds(\"3600\")\n .maxLeaseTtlSeconds(\"7200\")\n .address(\"https://127.0.0.1:4646\")\n .token(\"ae20ceaa-...\")\n .build());\n\n var test = new NomadSecretRole(\"test\", NomadSecretRoleArgs.builder() \n .backend(config.backend())\n .role(\"test\")\n .type(\"client\")\n .policies(\"readonly\")\n .build());\n\n final var token = VaultFunctions.getNomadAccessToken(GetNomadAccessTokenArgs.builder()\n .backend(config.backend())\n .role(test.role())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n config:\n type: vault:NomadSecretBackend\n properties:\n backend: nomad\n description: test description\n defaultLeaseTtlSeconds: '3600'\n maxLeaseTtlSeconds: '7200'\n address: https://127.0.0.1:4646\n token: ae20ceaa-...\n test:\n type: vault:NomadSecretRole\n properties:\n backend: ${config.backend}\n role: test\n type: client\n policies:\n - readonly\nvariables:\n token:\n fn::invoke:\n Function: vault:getNomadAccessToken\n Arguments:\n backend: ${config.backend}\n role: ${test.role}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getNomadAccessToken.\n", "properties": { @@ -32716,7 +30568,7 @@ } }, "vault:index/getPolicyDocument:getPolicyDocument": { - "description": "This is a data source which can be used to construct a HCL representation of an Vault policy document, for use with resources which expect policy documents, such as the `vault.Policy` resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst examplePolicyDocument = vault.getPolicyDocument({\n rules: [{\n path: \"secret/*\",\n capabilities: [\n \"create\",\n \"read\",\n \"update\",\n \"delete\",\n \"list\",\n ],\n description: \"allow all on secrets\",\n }],\n});\nconst examplePolicy = new vault.Policy(\"examplePolicy\", {policy: examplePolicyDocument.then(examplePolicyDocument =\u003e examplePolicyDocument.hcl)});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample_policy_document = vault.get_policy_document(rules=[vault.GetPolicyDocumentRuleArgs(\n path=\"secret/*\",\n capabilities=[\n \"create\",\n \"read\",\n \"update\",\n \"delete\",\n \"list\",\n ],\n description=\"allow all on secrets\",\n)])\nexample_policy = vault.Policy(\"examplePolicy\", policy=example_policy_document.hcl)\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var examplePolicyDocument = Vault.GetPolicyDocument.Invoke(new()\n {\n Rules = new[]\n {\n new Vault.Inputs.GetPolicyDocumentRuleInputArgs\n {\n Path = \"secret/*\",\n Capabilities = new[]\n {\n \"create\",\n \"read\",\n \"update\",\n \"delete\",\n \"list\",\n },\n Description = \"allow all on secrets\",\n },\n },\n });\n\n var examplePolicy = new Vault.Policy(\"examplePolicy\", new()\n {\n PolicyContents = examplePolicyDocument.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Hcl),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texamplePolicyDocument, err := vault.GetPolicyDocument(ctx, \u0026GetPolicyDocumentArgs{\n\t\t\tRules: []GetPolicyDocumentRule{\n\t\t\t\tGetPolicyDocumentRule{\n\t\t\t\t\tPath: \"secret/*\",\n\t\t\t\t\tCapabilities: []string{\n\t\t\t\t\t\t\"create\",\n\t\t\t\t\t\t\"read\",\n\t\t\t\t\t\t\"update\",\n\t\t\t\t\t\t\"delete\",\n\t\t\t\t\t\t\"list\",\n\t\t\t\t\t},\n\t\t\t\t\tDescription: pulumi.StringRef(\"allow all on secrets\"),\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = vault.NewPolicy(ctx, \"examplePolicy\", \u0026vault.PolicyArgs{\n\t\t\tPolicy: pulumi.String(examplePolicyDocument.Hcl),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.VaultFunctions;\nimport com.pulumi.vault.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.vault.Policy;\nimport com.pulumi.vault.PolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var examplePolicyDocument = VaultFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .rules(GetPolicyDocumentRuleArgs.builder()\n .path(\"secret/*\")\n .capabilities( \n \"create\",\n \"read\",\n \"update\",\n \"delete\",\n \"list\")\n .description(\"allow all on secrets\")\n .build())\n .build());\n\n var examplePolicy = new Policy(\"examplePolicy\", PolicyArgs.builder() \n .policy(examplePolicyDocument.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.hcl()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplePolicy:\n type: vault:Policy\n properties:\n policy: ${examplePolicyDocument.hcl}\nvariables:\n examplePolicyDocument:\n Fn::Invoke:\n Function: vault:getPolicyDocument\n Arguments:\n rules:\n - path: secret/*\n capabilities:\n - create\n - read\n - update\n - delete\n - list\n description: allow all on secrets\n```\n{{% /example %}}\n{{% /examples %}}", + "description": "This is a data source which can be used to construct a HCL representation of an Vault policy document, for use with resources which expect policy documents, such as the `vault.Policy` resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst examplePolicyDocument = vault.getPolicyDocument({\n rules: [{\n path: \"secret/*\",\n capabilities: [\n \"create\",\n \"read\",\n \"update\",\n \"delete\",\n \"list\",\n ],\n description: \"allow all on secrets\",\n }],\n});\nconst examplePolicy = new vault.Policy(\"examplePolicy\", {policy: examplePolicyDocument.then(examplePolicyDocument =\u003e examplePolicyDocument.hcl)});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nexample_policy_document = vault.get_policy_document(rules=[vault.GetPolicyDocumentRuleArgs(\n path=\"secret/*\",\n capabilities=[\n \"create\",\n \"read\",\n \"update\",\n \"delete\",\n \"list\",\n ],\n description=\"allow all on secrets\",\n)])\nexample_policy = vault.Policy(\"examplePolicy\", policy=example_policy_document.hcl)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var examplePolicyDocument = Vault.GetPolicyDocument.Invoke(new()\n {\n Rules = new[]\n {\n new Vault.Inputs.GetPolicyDocumentRuleInputArgs\n {\n Path = \"secret/*\",\n Capabilities = new[]\n {\n \"create\",\n \"read\",\n \"update\",\n \"delete\",\n \"list\",\n },\n Description = \"allow all on secrets\",\n },\n },\n });\n\n var examplePolicy = new Vault.Policy(\"examplePolicy\", new()\n {\n PolicyContents = examplePolicyDocument.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Hcl),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texamplePolicyDocument, err := vault.GetPolicyDocument(ctx, \u0026vault.GetPolicyDocumentArgs{\n\t\t\tRules: []vault.GetPolicyDocumentRule{\n\t\t\t\t{\n\t\t\t\t\tPath: \"secret/*\",\n\t\t\t\t\tCapabilities: []string{\n\t\t\t\t\t\t\"create\",\n\t\t\t\t\t\t\"read\",\n\t\t\t\t\t\t\"update\",\n\t\t\t\t\t\t\"delete\",\n\t\t\t\t\t\t\"list\",\n\t\t\t\t\t},\n\t\t\t\t\tDescription: pulumi.StringRef(\"allow all on secrets\"),\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = vault.NewPolicy(ctx, \"examplePolicy\", \u0026vault.PolicyArgs{\n\t\t\tPolicy: *pulumi.String(examplePolicyDocument.Hcl),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.VaultFunctions;\nimport com.pulumi.vault.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.vault.Policy;\nimport com.pulumi.vault.PolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var examplePolicyDocument = VaultFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .rules(GetPolicyDocumentRuleArgs.builder()\n .path(\"secret/*\")\n .capabilities( \n \"create\",\n \"read\",\n \"update\",\n \"delete\",\n \"list\")\n .description(\"allow all on secrets\")\n .build())\n .build());\n\n var examplePolicy = new Policy(\"examplePolicy\", PolicyArgs.builder() \n .policy(examplePolicyDocument.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.hcl()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplePolicy:\n type: vault:Policy\n properties:\n policy: ${examplePolicyDocument.hcl}\nvariables:\n examplePolicyDocument:\n fn::invoke:\n Function: vault:getPolicyDocument\n Arguments:\n rules:\n - path: secret/*\n capabilities:\n - create\n - read\n - update\n - delete\n - list\n description: allow all on secrets\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getPolicyDocument.\n", "properties": { @@ -32762,6 +30614,103 @@ ] } }, + "vault:index/getRaftAutopilotState:getRaftAutopilotState": { + "description": "Displays the state of the raft cluster under integrated storage as seen by\nautopilot. It shows whether autopilot thinks the cluster is healthy or not, and\nhow many nodes could fail before the cluster becomes unhealthy (\"Failure\nTolerance\"). For more information, please refer to the\n[Vault documentation](https://developer.hashicorp.com/vault/api-docs/system/storage/raftautopilot#get-cluster-state).\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nexport = async () =\u003e {\n const main = await vault.getRaftAutopilotState({});\n return {\n \"failure-tolerance\": main.failureTolerance,\n };\n}\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nmain = vault.get_raft_autopilot_state()\npulumi.export(\"failure-tolerance\", main.failure_tolerance)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = Vault.GetRaftAutopilotState.Invoke();\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"failure-tolerance\"] = main.Apply(getRaftAutopilotStateResult =\u003e getRaftAutopilotStateResult.FailureTolerance),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := vault.GetRaftAutopilotState(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"failure-tolerance\", main.FailureTolerance)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.VaultFunctions;\nimport com.pulumi.vault.inputs.GetRaftAutopilotStateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var main = VaultFunctions.getRaftAutopilotState();\n\n ctx.export(\"failure-tolerance\", main.applyValue(getRaftAutopilotStateResult -\u003e getRaftAutopilotStateResult.failureTolerance()));\n }\n}\n```\n```yaml\nvariables:\n main:\n fn::invoke:\n Function: vault:getRaftAutopilotState\n Arguments: {}\noutputs:\n failure-tolerance: ${main.failureTolerance}\n```\n{{% /example %}}\n{{% /examples %}}", + "inputs": { + "description": "A collection of arguments for invoking getRaftAutopilotState.\n", + "properties": { + "namespace": { + "type": "string", + "description": "The namespace of the target resource.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n", + "willReplaceOnChanges": true + } + }, + "type": "object" + }, + "outputs": { + "description": "A collection of values returned by getRaftAutopilotState.\n", + "properties": { + "failureTolerance": { + "type": "integer", + "description": "How many nodes could fail before the cluster becomes unhealthy.\n" + }, + "healthy": { + "type": "boolean", + "description": "Cluster health status.\n" + }, + "id": { + "type": "string", + "description": "The provider-assigned unique ID for this managed resource.\n" + }, + "leader": { + "type": "string", + "description": "The current leader of Vault.\n" + }, + "namespace": { + "type": "string" + }, + "optimisticFailureTolerance": { + "type": "integer", + "description": "The cluster-level optimistic failure tolerance.\n" + }, + "redundancyZones": { + "type": "object", + "additionalProperties": { + "$ref": "pulumi.json#/Any" + }, + "description": "Additional output related to redundancy zones stored as a serialized map of strings.\n" + }, + "redundancyZonesJson": { + "type": "string", + "description": "Additional output related to redundancy zones.\n" + }, + "servers": { + "type": "object", + "additionalProperties": { + "$ref": "pulumi.json#/Any" + }, + "description": "Additionaly output related to servers in the cluster stored as a serialized map of strings.\n" + }, + "serversJson": { + "type": "string", + "description": "Additionaly output related to servers in the cluster.\n" + }, + "upgradeInfo": { + "type": "object", + "additionalProperties": { + "$ref": "pulumi.json#/Any" + }, + "description": "Additional output related to upgrade information stored as a serialized map of strings.\n" + }, + "upgradeInfoJson": { + "type": "string", + "description": "Additional output related to upgrade information.\n" + }, + "voters": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The voters in the Vault cluster.\n" + } + }, + "type": "object", + "required": [ + "failureTolerance", + "healthy", + "leader", + "optimisticFailureTolerance", + "redundancyZones", + "redundancyZonesJson", + "servers", + "serversJson", + "upgradeInfo", + "upgradeInfoJson", + "voters", + "id" + ] + } + }, "vault:kubernetes/getAuthBackendConfig:getAuthBackendConfig": { "description": "Reads the Role of an Kubernetes from a Vault server. See the [Vault\ndocumentation](https://www.vaultproject.io/api-docs/auth/kubernetes#read-config) for more\ninformation.\n", "inputs": { @@ -33020,7 +30969,7 @@ } }, "vault:kubernetes/getServiceAccountToken:getServiceAccountToken": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as fs from \"fs\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new vault.kubernetes.SecretBackend(\"config\", {\n path: \"kubernetes\",\n description: \"kubernetes secrets engine description\",\n kubernetesHost: \"https://127.0.0.1:61233\",\n kubernetesCaCert: fs.readFileSync(\"/path/to/cert\"),\n serviceAccountJwt: fs.readFileSync(\"/path/to/token\"),\n disableLocalCaJwt: false,\n});\nconst role = new vault.kubernetes.SecretBackendRole(\"role\", {\n backend: config.path,\n allowedKubernetesNamespaces: [\"*\"],\n tokenMaxTtl: 43200,\n tokenDefaultTtl: 21600,\n serviceAccountName: \"test-service-account-with-generated-token\",\n extraLabels: {\n id: \"abc123\",\n name: \"some_name\",\n },\n extraAnnotations: {\n env: \"development\",\n location: \"earth\",\n },\n});\nconst token = vault.kubernetes.getServiceAccountTokenOutput({\n backend: config.path,\n role: role.name,\n kubernetesNamespace: \"test\",\n clusterRoleBinding: false,\n ttl: \"1h\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nconfig = vault.kubernetes.SecretBackend(\"config\",\n path=\"kubernetes\",\n description=\"kubernetes secrets engine description\",\n kubernetes_host=\"https://127.0.0.1:61233\",\n kubernetes_ca_cert=(lambda path: open(path).read())(\"/path/to/cert\"),\n service_account_jwt=(lambda path: open(path).read())(\"/path/to/token\"),\n disable_local_ca_jwt=False)\nrole = vault.kubernetes.SecretBackendRole(\"role\",\n backend=config.path,\n allowed_kubernetes_namespaces=[\"*\"],\n token_max_ttl=43200,\n token_default_ttl=21600,\n service_account_name=\"test-service-account-with-generated-token\",\n extra_labels={\n \"id\": \"abc123\",\n \"name\": \"some_name\",\n },\n extra_annotations={\n \"env\": \"development\",\n \"location\": \"earth\",\n })\ntoken = vault.kubernetes.get_service_account_token_output(backend=config.path,\n role=role.name,\n kubernetes_namespace=\"test\",\n cluster_role_binding=False,\n ttl=\"1h\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.IO;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Vault.Kubernetes.SecretBackend(\"config\", new()\n {\n Path = \"kubernetes\",\n Description = \"kubernetes secrets engine description\",\n KubernetesHost = \"https://127.0.0.1:61233\",\n KubernetesCaCert = File.ReadAllText(\"/path/to/cert\"),\n ServiceAccountJwt = File.ReadAllText(\"/path/to/token\"),\n DisableLocalCaJwt = false,\n });\n\n var role = new Vault.Kubernetes.SecretBackendRole(\"role\", new()\n {\n Backend = config.Path,\n AllowedKubernetesNamespaces = new[]\n {\n \"*\",\n },\n TokenMaxTtl = 43200,\n TokenDefaultTtl = 21600,\n ServiceAccountName = \"test-service-account-with-generated-token\",\n ExtraLabels = \n {\n { \"id\", \"abc123\" },\n { \"name\", \"some_name\" },\n },\n ExtraAnnotations = \n {\n { \"env\", \"development\" },\n { \"location\", \"earth\" },\n },\n });\n\n var token = Vault.Kubernetes.GetServiceAccountToken.Invoke(new()\n {\n Backend = config.Path,\n Role = role.Name,\n KubernetesNamespace = \"test\",\n ClusterRoleBinding = false,\n Ttl = \"1h\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"io/ioutil\"\n\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/kubernetes\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc readFileOrPanic(path string) pulumi.StringPtrInput {\n\tdata, err := ioutil.ReadFile(path)\n\tif err != nil {\n\t\tpanic(err.Error())\n\t}\n\treturn pulumi.String(string(data))\n}\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tconfig, err := kubernetes.NewSecretBackend(ctx, \"config\", \u0026kubernetes.SecretBackendArgs{\n\t\t\tPath: pulumi.String(\"kubernetes\"),\n\t\t\tDescription: pulumi.String(\"kubernetes secrets engine description\"),\n\t\t\tKubernetesHost: pulumi.String(\"https://127.0.0.1:61233\"),\n\t\t\tKubernetesCaCert: readFileOrPanic(\"/path/to/cert\"),\n\t\t\tServiceAccountJwt: readFileOrPanic(\"/path/to/token\"),\n\t\t\tDisableLocalCaJwt: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\trole, err := kubernetes.NewSecretBackendRole(ctx, \"role\", \u0026kubernetes.SecretBackendRoleArgs{\n\t\t\tBackend: config.Path,\n\t\t\tAllowedKubernetesNamespaces: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"*\"),\n\t\t\t},\n\t\t\tTokenMaxTtl: pulumi.Int(43200),\n\t\t\tTokenDefaultTtl: pulumi.Int(21600),\n\t\t\tServiceAccountName: pulumi.String(\"test-service-account-with-generated-token\"),\n\t\t\tExtraLabels: pulumi.StringMap{\n\t\t\t\t\"id\": pulumi.String(\"abc123\"),\n\t\t\t\t\"name\": pulumi.String(\"some_name\"),\n\t\t\t},\n\t\t\tExtraAnnotations: pulumi.StringMap{\n\t\t\t\t\"env\": pulumi.String(\"development\"),\n\t\t\t\t\"location\": pulumi.String(\"earth\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_ = kubernetes.GetServiceAccountTokenOutput(ctx, kubernetes.GetServiceAccountTokenOutputArgs{\n\t\t\tBackend: config.Path,\n\t\t\tRole: role.Name,\n\t\t\tKubernetesNamespace: pulumi.String(\"test\"),\n\t\t\tClusterRoleBinding: pulumi.Bool(false),\n\t\t\tTtl: pulumi.String(\"1h\"),\n\t\t}, nil)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.kubernetes.SecretBackend;\nimport com.pulumi.vault.kubernetes.SecretBackendArgs;\nimport com.pulumi.vault.kubernetes.SecretBackendRole;\nimport com.pulumi.vault.kubernetes.SecretBackendRoleArgs;\nimport com.pulumi.vault.kubernetes.KubernetesFunctions;\nimport com.pulumi.vault.kubernetes.inputs.GetServiceAccountTokenArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var config = new SecretBackend(\"config\", SecretBackendArgs.builder() \n .path(\"kubernetes\")\n .description(\"kubernetes secrets engine description\")\n .kubernetesHost(\"https://127.0.0.1:61233\")\n .kubernetesCaCert(Files.readString(Paths.get(\"/path/to/cert\")))\n .serviceAccountJwt(Files.readString(Paths.get(\"/path/to/token\")))\n .disableLocalCaJwt(false)\n .build());\n\n var role = new SecretBackendRole(\"role\", SecretBackendRoleArgs.builder() \n .backend(config.path())\n .allowedKubernetesNamespaces(\"*\")\n .tokenMaxTtl(43200)\n .tokenDefaultTtl(21600)\n .serviceAccountName(\"test-service-account-with-generated-token\")\n .extraLabels(Map.ofEntries(\n Map.entry(\"id\", \"abc123\"),\n Map.entry(\"name\", \"some_name\")\n ))\n .extraAnnotations(Map.ofEntries(\n Map.entry(\"env\", \"development\"),\n Map.entry(\"location\", \"earth\")\n ))\n .build());\n\n final var token = KubernetesFunctions.getServiceAccountToken(GetServiceAccountTokenArgs.builder()\n .backend(config.path())\n .role(role.name())\n .kubernetesNamespace(\"test\")\n .clusterRoleBinding(false)\n .ttl(\"1h\")\n .build());\n\n }\n}\n```\n{{% /example %}}\n{{% /examples %}}", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as fs from \"fs\";\nimport * as vault from \"@pulumi/vault\";\n\nconst config = new vault.kubernetes.SecretBackend(\"config\", {\n path: \"kubernetes\",\n description: \"kubernetes secrets engine description\",\n kubernetesHost: \"https://127.0.0.1:61233\",\n kubernetesCaCert: fs.readFileSync(\"/path/to/cert\"),\n serviceAccountJwt: fs.readFileSync(\"/path/to/token\"),\n disableLocalCaJwt: false,\n});\nconst role = new vault.kubernetes.SecretBackendRole(\"role\", {\n backend: config.path,\n allowedKubernetesNamespaces: [\"*\"],\n tokenMaxTtl: 43200,\n tokenDefaultTtl: 21600,\n serviceAccountName: \"test-service-account-with-generated-token\",\n extraLabels: {\n id: \"abc123\",\n name: \"some_name\",\n },\n extraAnnotations: {\n env: \"development\",\n location: \"earth\",\n },\n});\nconst token = vault.kubernetes.getServiceAccountTokenOutput({\n backend: config.path,\n role: role.name,\n kubernetesNamespace: \"test\",\n clusterRoleBinding: false,\n ttl: \"1h\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\nconfig = vault.kubernetes.SecretBackend(\"config\",\n path=\"kubernetes\",\n description=\"kubernetes secrets engine description\",\n kubernetes_host=\"https://127.0.0.1:61233\",\n kubernetes_ca_cert=(lambda path: open(path).read())(\"/path/to/cert\"),\n service_account_jwt=(lambda path: open(path).read())(\"/path/to/token\"),\n disable_local_ca_jwt=False)\nrole = vault.kubernetes.SecretBackendRole(\"role\",\n backend=config.path,\n allowed_kubernetes_namespaces=[\"*\"],\n token_max_ttl=43200,\n token_default_ttl=21600,\n service_account_name=\"test-service-account-with-generated-token\",\n extra_labels={\n \"id\": \"abc123\",\n \"name\": \"some_name\",\n },\n extra_annotations={\n \"env\": \"development\",\n \"location\": \"earth\",\n })\ntoken = vault.kubernetes.get_service_account_token_output(backend=config.path,\n role=role.name,\n kubernetes_namespace=\"test\",\n cluster_role_binding=False,\n ttl=\"1h\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.IO;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Vault.Kubernetes.SecretBackend(\"config\", new()\n {\n Path = \"kubernetes\",\n Description = \"kubernetes secrets engine description\",\n KubernetesHost = \"https://127.0.0.1:61233\",\n KubernetesCaCert = File.ReadAllText(\"/path/to/cert\"),\n ServiceAccountJwt = File.ReadAllText(\"/path/to/token\"),\n DisableLocalCaJwt = false,\n });\n\n var role = new Vault.Kubernetes.SecretBackendRole(\"role\", new()\n {\n Backend = config.Path,\n AllowedKubernetesNamespaces = new[]\n {\n \"*\",\n },\n TokenMaxTtl = 43200,\n TokenDefaultTtl = 21600,\n ServiceAccountName = \"test-service-account-with-generated-token\",\n ExtraLabels = \n {\n { \"id\", \"abc123\" },\n { \"name\", \"some_name\" },\n },\n ExtraAnnotations = \n {\n { \"env\", \"development\" },\n { \"location\", \"earth\" },\n },\n });\n\n var token = Vault.Kubernetes.GetServiceAccountToken.Invoke(new()\n {\n Backend = config.Path,\n Role = role.Name,\n KubernetesNamespace = \"test\",\n ClusterRoleBinding = false,\n Ttl = \"1h\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"os\"\n\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/kubernetes\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc readFileOrPanic(path string) pulumi.StringPtrInput {\n\tdata, err := os.ReadFile(path)\n\tif err != nil {\n\t\tpanic(err.Error())\n\t}\n\treturn pulumi.String(string(data))\n}\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tconfig, err := kubernetes.NewSecretBackend(ctx, \"config\", \u0026kubernetes.SecretBackendArgs{\n\t\t\tPath: pulumi.String(\"kubernetes\"),\n\t\t\tDescription: pulumi.String(\"kubernetes secrets engine description\"),\n\t\t\tKubernetesHost: pulumi.String(\"https://127.0.0.1:61233\"),\n\t\t\tKubernetesCaCert: readFileOrPanic(\"/path/to/cert\"),\n\t\t\tServiceAccountJwt: readFileOrPanic(\"/path/to/token\"),\n\t\t\tDisableLocalCaJwt: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\trole, err := kubernetes.NewSecretBackendRole(ctx, \"role\", \u0026kubernetes.SecretBackendRoleArgs{\n\t\t\tBackend: config.Path,\n\t\t\tAllowedKubernetesNamespaces: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"*\"),\n\t\t\t},\n\t\t\tTokenMaxTtl: pulumi.Int(43200),\n\t\t\tTokenDefaultTtl: pulumi.Int(21600),\n\t\t\tServiceAccountName: pulumi.String(\"test-service-account-with-generated-token\"),\n\t\t\tExtraLabels: pulumi.StringMap{\n\t\t\t\t\"id\": pulumi.String(\"abc123\"),\n\t\t\t\t\"name\": pulumi.String(\"some_name\"),\n\t\t\t},\n\t\t\tExtraAnnotations: pulumi.StringMap{\n\t\t\t\t\"env\": pulumi.String(\"development\"),\n\t\t\t\t\"location\": pulumi.String(\"earth\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_ = kubernetes.GetServiceAccountTokenOutput(ctx, kubernetes.GetServiceAccountTokenOutputArgs{\n\t\t\tBackend: config.Path,\n\t\t\tRole: role.Name,\n\t\t\tKubernetesNamespace: pulumi.String(\"test\"),\n\t\t\tClusterRoleBinding: pulumi.Bool(false),\n\t\t\tTtl: pulumi.String(\"1h\"),\n\t\t}, nil)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.kubernetes.SecretBackend;\nimport com.pulumi.vault.kubernetes.SecretBackendArgs;\nimport com.pulumi.vault.kubernetes.SecretBackendRole;\nimport com.pulumi.vault.kubernetes.SecretBackendRoleArgs;\nimport com.pulumi.vault.kubernetes.KubernetesFunctions;\nimport com.pulumi.vault.kubernetes.inputs.GetServiceAccountTokenArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var config = new SecretBackend(\"config\", SecretBackendArgs.builder() \n .path(\"kubernetes\")\n .description(\"kubernetes secrets engine description\")\n .kubernetesHost(\"https://127.0.0.1:61233\")\n .kubernetesCaCert(Files.readString(Paths.get(\"/path/to/cert\")))\n .serviceAccountJwt(Files.readString(Paths.get(\"/path/to/token\")))\n .disableLocalCaJwt(false)\n .build());\n\n var role = new SecretBackendRole(\"role\", SecretBackendRoleArgs.builder() \n .backend(config.path())\n .allowedKubernetesNamespaces(\"*\")\n .tokenMaxTtl(43200)\n .tokenDefaultTtl(21600)\n .serviceAccountName(\"test-service-account-with-generated-token\")\n .extraLabels(Map.ofEntries(\n Map.entry(\"id\", \"abc123\"),\n Map.entry(\"name\", \"some_name\")\n ))\n .extraAnnotations(Map.ofEntries(\n Map.entry(\"env\", \"development\"),\n Map.entry(\"location\", \"earth\")\n ))\n .build());\n\n final var token = KubernetesFunctions.getServiceAccountToken(GetServiceAccountTokenArgs.builder()\n .backend(config.path())\n .role(role.name())\n .kubernetesNamespace(\"test\")\n .clusterRoleBinding(false)\n .ttl(\"1h\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n config:\n type: vault:kubernetes:SecretBackend\n properties:\n path: kubernetes\n description: kubernetes secrets engine description\n kubernetesHost: https://127.0.0.1:61233\n kubernetesCaCert:\n fn::readFile: /path/to/cert\n serviceAccountJwt:\n fn::readFile: /path/to/token\n disableLocalCaJwt: false\n role:\n type: vault:kubernetes:SecretBackendRole\n properties:\n backend: ${config.path}\n allowedKubernetesNamespaces:\n - '*'\n tokenMaxTtl: 43200\n tokenDefaultTtl: 21600\n serviceAccountName: test-service-account-with-generated-token\n extraLabels:\n id: abc123\n name: some_name\n extraAnnotations:\n env: development\n location: earth\nvariables:\n token:\n fn::invoke:\n Function: vault:kubernetes:getServiceAccountToken\n Arguments:\n backend: ${config.path}\n role: ${role.name}\n kubernetesNamespace: test\n clusterRoleBinding: false\n ttl: 1h\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getServiceAccountToken.\n", "properties": { @@ -33124,7 +31073,7 @@ } }, "vault:kv/getSecret:getSecret": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst kvv1 = new vault.Mount(\"kvv1\", {\n path: \"kvv1\",\n type: \"kv\",\n options: {\n version: \"1\",\n },\n description: \"KV Version 1 secret engine mount\",\n});\nconst secret = new vault.kv.Secret(\"secret\", {\n path: pulumi.interpolate`${kvv1.path}/secret`,\n dataJson: JSON.stringify({\n zip: \"zap\",\n foo: \"bar\",\n }),\n});\nconst secretData = vault.kv.getSecretOutput({\n path: secret.path,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_vault as vault\n\nkvv1 = vault.Mount(\"kvv1\",\n path=\"kvv1\",\n type=\"kv\",\n options={\n \"version\": \"1\",\n },\n description=\"KV Version 1 secret engine mount\")\nsecret = vault.kv.Secret(\"secret\",\n path=kvv1.path.apply(lambda path: f\"{path}/secret\"),\n data_json=json.dumps({\n \"zip\": \"zap\",\n \"foo\": \"bar\",\n }))\nsecret_data = vault.kv.get_secret_output(path=secret.path)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Text.Json;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var kvv1 = new Vault.Mount(\"kvv1\", new()\n {\n Path = \"kvv1\",\n Type = \"kv\",\n Options = \n {\n { \"version\", \"1\" },\n },\n Description = \"KV Version 1 secret engine mount\",\n });\n\n var secret = new Vault.Kv.Secret(\"secret\", new()\n {\n Path = kvv1.Path.Apply(path =\u003e $\"{path}/secret\"),\n DataJson = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"zip\"] = \"zap\",\n [\"foo\"] = \"bar\",\n }),\n });\n\n var secretData = Vault.kv.GetSecret.Invoke(new()\n {\n Path = secret.Path,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/kv\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tkvv1, err := vault.NewMount(ctx, \"kvv1\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"kvv1\"),\n\t\t\tType: pulumi.String(\"kv\"),\n\t\t\tOptions: pulumi.AnyMap{\n\t\t\t\t\"version\": pulumi.Any(\"1\"),\n\t\t\t},\n\t\t\tDescription: pulumi.String(\"KV Version 1 secret engine mount\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"zip\": \"zap\",\n\t\t\t\"foo\": \"bar\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\tsecret, err := kv.NewSecret(ctx, \"secret\", \u0026kv.SecretArgs{\n\t\t\tPath: kvv1.Path.ApplyT(func(path string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"%v/secret\", path), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tDataJson: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_ = kv.LookupSecretOutput(ctx, kv.GetSecretOutputArgs{\n\t\t\tPath: secret.Path,\n\t\t}, nil)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.kv.Secret;\nimport com.pulumi.vault.kv.SecretArgs;\nimport com.pulumi.vault.kv.KvFunctions;\nimport com.pulumi.vault.generic.inputs.GetSecretArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var kvv1 = new Mount(\"kvv1\", MountArgs.builder() \n .path(\"kvv1\")\n .type(\"kv\")\n .options(Map.of(\"version\", \"1\"))\n .description(\"KV Version 1 secret engine mount\")\n .build());\n\n var secret = new Secret(\"secret\", SecretArgs.builder() \n .path(kvv1.path().applyValue(path -\u003e String.format(\"%s/secret\", path)))\n .dataJson(serializeJson(\n jsonObject(\n jsonProperty(\"zip\", \"zap\"),\n jsonProperty(\"foo\", \"bar\")\n )))\n .build());\n\n final var secretData = KvFunctions.getSecret(GetSecretArgs.builder()\n .path(secret.path())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n kvv1:\n type: vault:Mount\n properties:\n path: kvv1\n type: kv\n options:\n version: 1\n description: KV Version 1 secret engine mount\n secret:\n type: vault:kv:Secret\n properties:\n path: ${kvv1.path}/secret\n dataJson:\n Fn::ToJSON:\n zip: zap\n foo: bar\nvariables:\n secretData:\n Fn::Invoke:\n Function: vault:kv:getSecret\n Arguments:\n path: ${secret.path}\n```\n{{% /example %}}\n{{% /examples %}}\n## Required Vault Capabilities\n\nUse of this resource requires the `read` capability on the given path.\n", + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst kvv1 = new vault.Mount(\"kvv1\", {\n path: \"kvv1\",\n type: \"kv\",\n options: {\n version: \"1\",\n },\n description: \"KV Version 1 secret engine mount\",\n});\nconst secret = new vault.kv.Secret(\"secret\", {\n path: pulumi.interpolate`${kvv1.path}/secret`,\n dataJson: JSON.stringify({\n zip: \"zap\",\n foo: \"bar\",\n }),\n});\nconst secretData = vault.kv.getSecretOutput({\n path: secret.path,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_vault as vault\n\nkvv1 = vault.Mount(\"kvv1\",\n path=\"kvv1\",\n type=\"kv\",\n options={\n \"version\": \"1\",\n },\n description=\"KV Version 1 secret engine mount\")\nsecret = vault.kv.Secret(\"secret\",\n path=kvv1.path.apply(lambda path: f\"{path}/secret\"),\n data_json=json.dumps({\n \"zip\": \"zap\",\n \"foo\": \"bar\",\n }))\nsecret_data = vault.kv.get_secret_output(path=secret.path)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var kvv1 = new Vault.Mount(\"kvv1\", new()\n {\n Path = \"kvv1\",\n Type = \"kv\",\n Options = \n {\n { \"version\", \"1\" },\n },\n Description = \"KV Version 1 secret engine mount\",\n });\n\n var secret = new Vault.Kv.Secret(\"secret\", new()\n {\n Path = kvv1.Path.Apply(path =\u003e $\"{path}/secret\"),\n DataJson = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"zip\"] = \"zap\",\n [\"foo\"] = \"bar\",\n }),\n });\n\n var secretData = Vault.kv.GetSecret.Invoke(new()\n {\n Path = secret.Path,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/kv\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tkvv1, err := vault.NewMount(ctx, \"kvv1\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"kvv1\"),\n\t\t\tType: pulumi.String(\"kv\"),\n\t\t\tOptions: pulumi.Map{\n\t\t\t\t\"version\": pulumi.Any(\"1\"),\n\t\t\t},\n\t\t\tDescription: pulumi.String(\"KV Version 1 secret engine mount\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"zip\": \"zap\",\n\t\t\t\"foo\": \"bar\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\tsecret, err := kv.NewSecret(ctx, \"secret\", \u0026kv.SecretArgs{\n\t\t\tPath: kvv1.Path.ApplyT(func(path string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"%v/secret\", path), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tDataJson: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_ = kv.LookupSecretOutput(ctx, kv.GetSecretOutputArgs{\n\t\t\tPath: secret.Path,\n\t\t}, nil)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.kv.Secret;\nimport com.pulumi.vault.kv.SecretArgs;\nimport com.pulumi.vault.kv.KvFunctions;\nimport com.pulumi.vault.kv.inputs.GetSecretArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var kvv1 = new Mount(\"kvv1\", MountArgs.builder() \n .path(\"kvv1\")\n .type(\"kv\")\n .options(Map.of(\"version\", \"1\"))\n .description(\"KV Version 1 secret engine mount\")\n .build());\n\n var secret = new Secret(\"secret\", SecretArgs.builder() \n .path(kvv1.path().applyValue(path -\u003e String.format(\"%s/secret\", path)))\n .dataJson(serializeJson(\n jsonObject(\n jsonProperty(\"zip\", \"zap\"),\n jsonProperty(\"foo\", \"bar\")\n )))\n .build());\n\n final var secretData = KvFunctions.getSecret(GetSecretArgs.builder()\n .path(secret.path())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n kvv1:\n type: vault:Mount\n properties:\n path: kvv1\n type: kv\n options:\n version: '1'\n description: KV Version 1 secret engine mount\n secret:\n type: vault:kv:Secret\n properties:\n path: ${kvv1.path}/secret\n dataJson:\n fn::toJSON:\n zip: zap\n foo: bar\nvariables:\n secretData:\n fn::invoke:\n Function: vault:kv:getSecret\n Arguments:\n path: ${secret.path}\n```\n{{% /example %}}\n{{% /examples %}}\n## Required Vault Capabilities\n\nUse of this resource requires the `read` capability on the given path.\n", "inputs": { "description": "A collection of arguments for invoking getSecret.\n", "properties": { @@ -33195,251 +31144,689 @@ ] } }, - "vault:kv/getSecretSubkeysV2:getSecretSubkeysV2": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst kvv2 = new vault.Mount(\"kvv2\", {\n path: \"kvv2\",\n type: \"kv\",\n options: {\n version: \"2\",\n },\n description: \"KV Version 2 secret engine mount\",\n});\nconst awsSecret = new vault.kv.SecretV2(\"awsSecret\", {\n mount: kvv2.path,\n dataJson: JSON.stringify({\n zip: \"zap\",\n foo: \"bar\",\n }),\n});\nconst test = vault.kv.getSecretSubkeysV2Output({\n mount: kvv2.path,\n name: awsSecret.name,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_vault as vault\n\nkvv2 = vault.Mount(\"kvv2\",\n path=\"kvv2\",\n type=\"kv\",\n options={\n \"version\": \"2\",\n },\n description=\"KV Version 2 secret engine mount\")\naws_secret = vault.kv.SecretV2(\"awsSecret\",\n mount=kvv2.path,\n data_json=json.dumps({\n \"zip\": \"zap\",\n \"foo\": \"bar\",\n }))\ntest = vault.kv.get_secret_subkeys_v2_output(mount=kvv2.path,\n name=aws_secret.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Text.Json;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var kvv2 = new Vault.Mount(\"kvv2\", new()\n {\n Path = \"kvv2\",\n Type = \"kv\",\n Options = \n {\n { \"version\", \"2\" },\n },\n Description = \"KV Version 2 secret engine mount\",\n });\n\n var awsSecret = new Vault.Kv.SecretV2(\"awsSecret\", new()\n {\n Mount = kvv2.Path,\n DataJson = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"zip\"] = \"zap\",\n [\"foo\"] = \"bar\",\n }),\n });\n\n var test = Vault.kv.GetSecretSubkeysV2.Invoke(new()\n {\n Mount = kvv2.Path,\n Name = awsSecret.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/kv\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tkvv2, err := vault.NewMount(ctx, \"kvv2\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"kvv2\"),\n\t\t\tType: pulumi.String(\"kv\"),\n\t\t\tOptions: pulumi.AnyMap{\n\t\t\t\t\"version\": pulumi.Any(\"2\"),\n\t\t\t},\n\t\t\tDescription: pulumi.String(\"KV Version 2 secret engine mount\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"zip\": \"zap\",\n\t\t\t\"foo\": \"bar\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\tawsSecret, err := kv.NewSecretV2(ctx, \"awsSecret\", \u0026kv.SecretV2Args{\n\t\t\tMount: kvv2.Path,\n\t\t\tDataJson: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_ = kv.GetSecretSubkeysV2Output(ctx, kv.GetSecretSubkeysV2OutputArgs{\n\t\t\tMount: kvv2.Path,\n\t\t\tName: awsSecret.Name,\n\t\t}, nil)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.kv.SecretV2;\nimport com.pulumi.vault.kv.SecretV2Args;\nimport com.pulumi.vault.kv.KvFunctions;\nimport com.pulumi.vault.kv.inputs.GetSecretSubkeysV2Args;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var kvv2 = new Mount(\"kvv2\", MountArgs.builder() \n .path(\"kvv2\")\n .type(\"kv\")\n .options(Map.of(\"version\", \"2\"))\n .description(\"KV Version 2 secret engine mount\")\n .build());\n\n var awsSecret = new SecretV2(\"awsSecret\", SecretV2Args.builder() \n .mount(kvv2.path())\n .dataJson(serializeJson(\n jsonObject(\n jsonProperty(\"zip\", \"zap\"),\n jsonProperty(\"foo\", \"bar\")\n )))\n .build());\n\n final var test = KvFunctions.getSecretSubkeysV2(GetSecretSubkeysV2Args.builder()\n .mount(kvv2.path())\n .name(awsSecret.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n kvv2:\n type: vault:Mount\n properties:\n path: kvv2\n type: kv\n options:\n version: 2\n description: KV Version 2 secret engine mount\n awsSecret:\n type: vault:kv:SecretV2\n properties:\n mount: ${kvv2.path}\n dataJson:\n Fn::ToJSON:\n zip: zap\n foo: bar\nvariables:\n test:\n Fn::Invoke:\n Function: vault:kv:getSecretSubkeysV2\n Arguments:\n mount: ${kvv2.path}\n name: ${awsSecret.name}\n```\n{{% /example %}}\n{{% /examples %}}\n## Required Vault Capabilities\n\nUse of this resource requires the `read` capability on the given path.\n", + "vault:kv/getSecretSubkeysV2:getSecretSubkeysV2": { + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst kvv2 = new vault.Mount(\"kvv2\", {\n path: \"kvv2\",\n type: \"kv\",\n options: {\n version: \"2\",\n },\n description: \"KV Version 2 secret engine mount\",\n});\nconst awsSecret = new vault.kv.SecretV2(\"awsSecret\", {\n mount: kvv2.path,\n dataJson: JSON.stringify({\n zip: \"zap\",\n foo: \"bar\",\n }),\n});\nconst test = vault.kv.getSecretSubkeysV2Output({\n mount: kvv2.path,\n name: awsSecret.name,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_vault as vault\n\nkvv2 = vault.Mount(\"kvv2\",\n path=\"kvv2\",\n type=\"kv\",\n options={\n \"version\": \"2\",\n },\n description=\"KV Version 2 secret engine mount\")\naws_secret = vault.kv.SecretV2(\"awsSecret\",\n mount=kvv2.path,\n data_json=json.dumps({\n \"zip\": \"zap\",\n \"foo\": \"bar\",\n }))\ntest = vault.kv.get_secret_subkeys_v2_output(mount=kvv2.path,\n name=aws_secret.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var kvv2 = new Vault.Mount(\"kvv2\", new()\n {\n Path = \"kvv2\",\n Type = \"kv\",\n Options = \n {\n { \"version\", \"2\" },\n },\n Description = \"KV Version 2 secret engine mount\",\n });\n\n var awsSecret = new Vault.Kv.SecretV2(\"awsSecret\", new()\n {\n Mount = kvv2.Path,\n DataJson = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"zip\"] = \"zap\",\n [\"foo\"] = \"bar\",\n }),\n });\n\n var test = Vault.kv.GetSecretSubkeysV2.Invoke(new()\n {\n Mount = kvv2.Path,\n Name = awsSecret.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/kv\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tkvv2, err := vault.NewMount(ctx, \"kvv2\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"kvv2\"),\n\t\t\tType: pulumi.String(\"kv\"),\n\t\t\tOptions: pulumi.Map{\n\t\t\t\t\"version\": pulumi.Any(\"2\"),\n\t\t\t},\n\t\t\tDescription: pulumi.String(\"KV Version 2 secret engine mount\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"zip\": \"zap\",\n\t\t\t\"foo\": \"bar\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\tawsSecret, err := kv.NewSecretV2(ctx, \"awsSecret\", \u0026kv.SecretV2Args{\n\t\t\tMount: kvv2.Path,\n\t\t\tDataJson: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_ = kv.GetSecretSubkeysV2Output(ctx, kv.GetSecretSubkeysV2OutputArgs{\n\t\t\tMount: kvv2.Path,\n\t\t\tName: awsSecret.Name,\n\t\t}, nil)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.kv.SecretV2;\nimport com.pulumi.vault.kv.SecretV2Args;\nimport com.pulumi.vault.kv.KvFunctions;\nimport com.pulumi.vault.kv.inputs.GetSecretSubkeysV2Args;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var kvv2 = new Mount(\"kvv2\", MountArgs.builder() \n .path(\"kvv2\")\n .type(\"kv\")\n .options(Map.of(\"version\", \"2\"))\n .description(\"KV Version 2 secret engine mount\")\n .build());\n\n var awsSecret = new SecretV2(\"awsSecret\", SecretV2Args.builder() \n .mount(kvv2.path())\n .dataJson(serializeJson(\n jsonObject(\n jsonProperty(\"zip\", \"zap\"),\n jsonProperty(\"foo\", \"bar\")\n )))\n .build());\n\n final var test = KvFunctions.getSecretSubkeysV2(GetSecretSubkeysV2Args.builder()\n .mount(kvv2.path())\n .name(awsSecret.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n kvv2:\n type: vault:Mount\n properties:\n path: kvv2\n type: kv\n options:\n version: '2'\n description: KV Version 2 secret engine mount\n awsSecret:\n type: vault:kv:SecretV2\n properties:\n mount: ${kvv2.path}\n dataJson:\n fn::toJSON:\n zip: zap\n foo: bar\nvariables:\n test:\n fn::invoke:\n Function: vault:kv:getSecretSubkeysV2\n Arguments:\n mount: ${kvv2.path}\n name: ${awsSecret.name}\n```\n{{% /example %}}\n{{% /examples %}}\n## Required Vault Capabilities\n\nUse of this resource requires the `read` capability on the given path.\n", + "inputs": { + "description": "A collection of arguments for invoking getSecretSubkeysV2.\n", + "properties": { + "depth": { + "type": "integer", + "description": "Specifies the deepest nesting level to provide in the output.\nIf non-zero, keys that reside at the specified depth value will be\nartificially treated as leaves and will thus be `null` even if further\nunderlying sub-keys exist.\n" + }, + "mount": { + "type": "string", + "description": "Path where KV-V2 engine is mounted.\n" + }, + "name": { + "type": "string", + "description": "Full name of the secret. For a nested secret\nthe name is the nested path excluding the mount and data\nprefix. For example, for a secret at `kvv2/data/foo/bar/baz`\nthe name is `foo/bar/baz`.\n" + }, + "namespace": { + "type": "string", + "description": "The namespace of the target resource.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n", + "willReplaceOnChanges": true + }, + "version": { + "type": "integer", + "description": "Specifies the version to return. If not \nset the latest version is returned.\n" + } + }, + "type": "object", + "required": [ + "mount", + "name" + ] + }, + "outputs": { + "description": "A collection of values returned by getSecretSubkeysV2.\n", + "properties": { + "data": { + "type": "object", + "additionalProperties": { + "$ref": "pulumi.json#/Any" + }, + "description": "Subkeys for the KV-V2 secret stored as a serialized map of strings.\n", + "secret": true + }, + "dataJson": { + "type": "string", + "description": "Subkeys for the KV-V2 secret read from Vault.\n" + }, + "depth": { + "type": "integer" + }, + "id": { + "type": "string", + "description": "The provider-assigned unique ID for this managed resource.\n" + }, + "mount": { + "type": "string" + }, + "name": { + "type": "string" + }, + "namespace": { + "type": "string" + }, + "path": { + "type": "string", + "description": "Full path where the KV-V2 secrets are listed.\n" + }, + "version": { + "type": "integer" + } + }, + "type": "object", + "required": [ + "data", + "dataJson", + "mount", + "name", + "path", + "id" + ] + } + }, + "vault:kv/getSecretV2:getSecretV2": { + "description": "## Required Vault Capabilities\n\nUse of this resource requires the `read` capability on the given path.\n", + "inputs": { + "description": "A collection of arguments for invoking getSecretV2.\n", + "properties": { + "mount": { + "type": "string", + "description": "Path where KV-V2 engine is mounted.\n" + }, + "name": { + "type": "string", + "description": "Full name of the secret. For a nested secret\nthe name is the nested path excluding the mount and data\nprefix. For example, for a secret at `kvv2/data/foo/bar/baz`\nthe name is `foo/bar/baz`.\n" + }, + "namespace": { + "type": "string", + "description": "The namespace of the target resource.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n", + "willReplaceOnChanges": true + }, + "version": { + "type": "integer", + "description": "Version of the secret to retrieve.\n" + } + }, + "type": "object", + "required": [ + "mount", + "name" + ] + }, + "outputs": { + "description": "A collection of values returned by getSecretV2.\n", + "properties": { + "createdTime": { + "type": "string", + "description": "Time at which secret was created.\n" + }, + "customMetadata": { + "type": "object", + "additionalProperties": { + "$ref": "pulumi.json#/Any" + }, + "description": "Custom metadata for the secret.\n" + }, + "data": { + "type": "object", + "additionalProperties": { + "$ref": "pulumi.json#/Any" + }, + "description": "A mapping whose keys are the top-level data keys returned from\nVault and whose values are the corresponding values. This map can only\nrepresent string data, so any non-string values returned from Vault are\nserialized as JSON.\n", + "secret": true + }, + "dataJson": { + "type": "string", + "description": "JSON-encoded string that that is\nread as the secret data at the given path.\n", + "secret": true + }, + "deletionTime": { + "type": "string", + "description": "Deletion time for the secret.\n" + }, + "destroyed": { + "type": "boolean", + "description": "Indicates whether the secret has been destroyed.\n" + }, + "id": { + "type": "string", + "description": "The provider-assigned unique ID for this managed resource.\n" + }, + "mount": { + "type": "string" + }, + "name": { + "type": "string" + }, + "namespace": { + "type": "string" + }, + "path": { + "type": "string", + "description": "Full path where the KVV2 secret is written.\n" + }, + "version": { + "type": "integer" + } + }, + "type": "object", + "required": [ + "createdTime", + "customMetadata", + "data", + "dataJson", + "deletionTime", + "destroyed", + "mount", + "name", + "path", + "id" + ] + } + }, + "vault:kv/getSecretsList:getSecretsList": { + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst kvv1 = new vault.Mount(\"kvv1\", {\n path: \"kvv1\",\n type: \"kv\",\n options: {\n version: \"1\",\n },\n description: \"KV Version 1 secret engine mount\",\n});\nconst awsSecret = new vault.kv.Secret(\"awsSecret\", {\n path: pulumi.interpolate`${kvv1.path}/aws-secret`,\n dataJson: JSON.stringify({\n zip: \"zap\",\n }),\n});\nconst azureSecret = new vault.kv.Secret(\"azureSecret\", {\n path: pulumi.interpolate`${kvv1.path}/azure-secret`,\n dataJson: JSON.stringify({\n foo: \"bar\",\n }),\n});\nconst secrets = vault.kv.getSecretsListOutput({\n path: kvv1.path,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_vault as vault\n\nkvv1 = vault.Mount(\"kvv1\",\n path=\"kvv1\",\n type=\"kv\",\n options={\n \"version\": \"1\",\n },\n description=\"KV Version 1 secret engine mount\")\naws_secret = vault.kv.Secret(\"awsSecret\",\n path=kvv1.path.apply(lambda path: f\"{path}/aws-secret\"),\n data_json=json.dumps({\n \"zip\": \"zap\",\n }))\nazure_secret = vault.kv.Secret(\"azureSecret\",\n path=kvv1.path.apply(lambda path: f\"{path}/azure-secret\"),\n data_json=json.dumps({\n \"foo\": \"bar\",\n }))\nsecrets = vault.kv.get_secrets_list_output(path=kvv1.path)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var kvv1 = new Vault.Mount(\"kvv1\", new()\n {\n Path = \"kvv1\",\n Type = \"kv\",\n Options = \n {\n { \"version\", \"1\" },\n },\n Description = \"KV Version 1 secret engine mount\",\n });\n\n var awsSecret = new Vault.Kv.Secret(\"awsSecret\", new()\n {\n Path = kvv1.Path.Apply(path =\u003e $\"{path}/aws-secret\"),\n DataJson = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"zip\"] = \"zap\",\n }),\n });\n\n var azureSecret = new Vault.Kv.Secret(\"azureSecret\", new()\n {\n Path = kvv1.Path.Apply(path =\u003e $\"{path}/azure-secret\"),\n DataJson = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"foo\"] = \"bar\",\n }),\n });\n\n var secrets = Vault.kv.GetSecretsList.Invoke(new()\n {\n Path = kvv1.Path,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/kv\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tkvv1, err := vault.NewMount(ctx, \"kvv1\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"kvv1\"),\n\t\t\tType: pulumi.String(\"kv\"),\n\t\t\tOptions: pulumi.Map{\n\t\t\t\t\"version\": pulumi.Any(\"1\"),\n\t\t\t},\n\t\t\tDescription: pulumi.String(\"KV Version 1 secret engine mount\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"zip\": \"zap\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = kv.NewSecret(ctx, \"awsSecret\", \u0026kv.SecretArgs{\n\t\t\tPath: kvv1.Path.ApplyT(func(path string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"%v/aws-secret\", path), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tDataJson: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON1, err := json.Marshal(map[string]interface{}{\n\t\t\t\"foo\": \"bar\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson1 := string(tmpJSON1)\n\t\t_, err = kv.NewSecret(ctx, \"azureSecret\", \u0026kv.SecretArgs{\n\t\t\tPath: kvv1.Path.ApplyT(func(path string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"%v/azure-secret\", path), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tDataJson: pulumi.String(json1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_ = kv.GetSecretsListOutput(ctx, kv.GetSecretsListOutputArgs{\n\t\t\tPath: kvv1.Path,\n\t\t}, nil)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.kv.Secret;\nimport com.pulumi.vault.kv.SecretArgs;\nimport com.pulumi.vault.kv.KvFunctions;\nimport com.pulumi.vault.kv.inputs.GetSecretsListArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var kvv1 = new Mount(\"kvv1\", MountArgs.builder() \n .path(\"kvv1\")\n .type(\"kv\")\n .options(Map.of(\"version\", \"1\"))\n .description(\"KV Version 1 secret engine mount\")\n .build());\n\n var awsSecret = new Secret(\"awsSecret\", SecretArgs.builder() \n .path(kvv1.path().applyValue(path -\u003e String.format(\"%s/aws-secret\", path)))\n .dataJson(serializeJson(\n jsonObject(\n jsonProperty(\"zip\", \"zap\")\n )))\n .build());\n\n var azureSecret = new Secret(\"azureSecret\", SecretArgs.builder() \n .path(kvv1.path().applyValue(path -\u003e String.format(\"%s/azure-secret\", path)))\n .dataJson(serializeJson(\n jsonObject(\n jsonProperty(\"foo\", \"bar\")\n )))\n .build());\n\n final var secrets = KvFunctions.getSecretsList(GetSecretsListArgs.builder()\n .path(kvv1.path())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n kvv1:\n type: vault:Mount\n properties:\n path: kvv1\n type: kv\n options:\n version: '1'\n description: KV Version 1 secret engine mount\n awsSecret:\n type: vault:kv:Secret\n properties:\n path: ${kvv1.path}/aws-secret\n dataJson:\n fn::toJSON:\n zip: zap\n azureSecret:\n type: vault:kv:Secret\n properties:\n path: ${kvv1.path}/azure-secret\n dataJson:\n fn::toJSON:\n foo: bar\nvariables:\n secrets:\n fn::invoke:\n Function: vault:kv:getSecretsList\n Arguments:\n path: ${kvv1.path}\n```\n{{% /example %}}\n{{% /examples %}}\n## Required Vault Capabilities\n\nUse of this resource requires the `read` capability on the given path.\n", + "inputs": { + "description": "A collection of arguments for invoking getSecretsList.\n", + "properties": { + "namespace": { + "type": "string", + "description": "The namespace of the target resource.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n", + "willReplaceOnChanges": true + }, + "path": { + "type": "string", + "description": "Full KV-V1 path where secrets will be listed.\n" + } + }, + "type": "object", + "required": [ + "path" + ] + }, + "outputs": { + "description": "A collection of values returned by getSecretsList.\n", + "properties": { + "id": { + "type": "string", + "description": "The provider-assigned unique ID for this managed resource.\n" + }, + "names": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of all secret names listed under the given path.\n", + "secret": true + }, + "namespace": { + "type": "string" + }, + "path": { + "type": "string" + } + }, + "type": "object", + "required": [ + "names", + "path", + "id" + ] + } + }, + "vault:kv/getSecretsListV2:getSecretsListV2": { + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst kvv2 = new vault.Mount(\"kvv2\", {\n path: \"kvv2\",\n type: \"kv\",\n options: {\n version: \"2\",\n },\n description: \"KV Version 2 secret engine mount\",\n});\nconst awsSecret = new vault.kv.SecretV2(\"awsSecret\", {\n mount: kvv2.path,\n dataJson: JSON.stringify({\n zip: \"zap\",\n }),\n});\nconst azureSecret = new vault.kv.SecretV2(\"azureSecret\", {\n mount: kvv2.path,\n dataJson: JSON.stringify({\n foo: \"bar\",\n }),\n});\nconst nestedSecret = new vault.kv.SecretV2(\"nestedSecret\", {\n mount: kvv2.path,\n dataJson: JSON.stringify({\n password: \"test\",\n }),\n});\nconst secrets = vault.kv.getSecretsListV2Output({\n mount: kvv2.path,\n});\nconst nestedSecrets = kvv2.path.apply(path =\u003e vault.kv.getSecretsListV2Output({\n mount: path,\n name: vault_kv_secret_v2.test_2.name,\n}));\n```\n```python\nimport pulumi\nimport json\nimport pulumi_vault as vault\n\nkvv2 = vault.Mount(\"kvv2\",\n path=\"kvv2\",\n type=\"kv\",\n options={\n \"version\": \"2\",\n },\n description=\"KV Version 2 secret engine mount\")\naws_secret = vault.kv.SecretV2(\"awsSecret\",\n mount=kvv2.path,\n data_json=json.dumps({\n \"zip\": \"zap\",\n }))\nazure_secret = vault.kv.SecretV2(\"azureSecret\",\n mount=kvv2.path,\n data_json=json.dumps({\n \"foo\": \"bar\",\n }))\nnested_secret = vault.kv.SecretV2(\"nestedSecret\",\n mount=kvv2.path,\n data_json=json.dumps({\n \"password\": \"test\",\n }))\nsecrets = vault.kv.get_secrets_list_v2_output(mount=kvv2.path)\nnested_secrets = kvv2.path.apply(lambda path: vault.kv.get_secrets_list_v2_output(mount=path,\n name=vault_kv_secret_v2[\"test_2\"][\"name\"]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var kvv2 = new Vault.Mount(\"kvv2\", new()\n {\n Path = \"kvv2\",\n Type = \"kv\",\n Options = \n {\n { \"version\", \"2\" },\n },\n Description = \"KV Version 2 secret engine mount\",\n });\n\n var awsSecret = new Vault.Kv.SecretV2(\"awsSecret\", new()\n {\n Mount = kvv2.Path,\n DataJson = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"zip\"] = \"zap\",\n }),\n });\n\n var azureSecret = new Vault.Kv.SecretV2(\"azureSecret\", new()\n {\n Mount = kvv2.Path,\n DataJson = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"foo\"] = \"bar\",\n }),\n });\n\n var nestedSecret = new Vault.Kv.SecretV2(\"nestedSecret\", new()\n {\n Mount = kvv2.Path,\n DataJson = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"password\"] = \"test\",\n }),\n });\n\n var secrets = Vault.kv.GetSecretsListV2.Invoke(new()\n {\n Mount = kvv2.Path,\n });\n\n var nestedSecrets = Vault.kv.GetSecretsListV2.Invoke(new()\n {\n Mount = kvv2.Path,\n Name = vault_kv_secret_v2.Test_2.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/kv\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tkvv2, err := vault.NewMount(ctx, \"kvv2\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"kvv2\"),\n\t\t\tType: pulumi.String(\"kv\"),\n\t\t\tOptions: pulumi.Map{\n\t\t\t\t\"version\": pulumi.Any(\"2\"),\n\t\t\t},\n\t\t\tDescription: pulumi.String(\"KV Version 2 secret engine mount\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"zip\": \"zap\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = kv.NewSecretV2(ctx, \"awsSecret\", \u0026kv.SecretV2Args{\n\t\t\tMount: kvv2.Path,\n\t\t\tDataJson: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON1, err := json.Marshal(map[string]interface{}{\n\t\t\t\"foo\": \"bar\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson1 := string(tmpJSON1)\n\t\t_, err = kv.NewSecretV2(ctx, \"azureSecret\", \u0026kv.SecretV2Args{\n\t\t\tMount: kvv2.Path,\n\t\t\tDataJson: pulumi.String(json1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON2, err := json.Marshal(map[string]interface{}{\n\t\t\t\"password\": \"test\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson2 := string(tmpJSON2)\n\t\t_, err = kv.NewSecretV2(ctx, \"nestedSecret\", \u0026kv.SecretV2Args{\n\t\t\tMount: kvv2.Path,\n\t\t\tDataJson: pulumi.String(json2),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_ = kv.GetSecretsListV2Output(ctx, kv.GetSecretsListV2OutputArgs{\n\t\t\tMount: kvv2.Path,\n\t\t}, nil)\n\t\t_ = kvv2.Path.ApplyT(func(path string) (kv.GetSecretsListV2Result, error) {\n\t\t\treturn kv.GetSecretsListV2Output(ctx, kv.GetSecretsListV2OutputArgs{\n\t\t\t\tMount: path,\n\t\t\t\tName: vault_kv_secret_v2.Test_2.Name,\n\t\t\t}, nil), nil\n\t\t}).(kv.GetSecretsListV2ResultOutput)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.kv.SecretV2;\nimport com.pulumi.vault.kv.SecretV2Args;\nimport com.pulumi.vault.kv.KvFunctions;\nimport com.pulumi.vault.kv.inputs.GetSecretsListV2Args;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var kvv2 = new Mount(\"kvv2\", MountArgs.builder() \n .path(\"kvv2\")\n .type(\"kv\")\n .options(Map.of(\"version\", \"2\"))\n .description(\"KV Version 2 secret engine mount\")\n .build());\n\n var awsSecret = new SecretV2(\"awsSecret\", SecretV2Args.builder() \n .mount(kvv2.path())\n .dataJson(serializeJson(\n jsonObject(\n jsonProperty(\"zip\", \"zap\")\n )))\n .build());\n\n var azureSecret = new SecretV2(\"azureSecret\", SecretV2Args.builder() \n .mount(kvv2.path())\n .dataJson(serializeJson(\n jsonObject(\n jsonProperty(\"foo\", \"bar\")\n )))\n .build());\n\n var nestedSecret = new SecretV2(\"nestedSecret\", SecretV2Args.builder() \n .mount(kvv2.path())\n .dataJson(serializeJson(\n jsonObject(\n jsonProperty(\"password\", \"test\")\n )))\n .build());\n\n final var secrets = KvFunctions.getSecretsListV2(GetSecretsListV2Args.builder()\n .mount(kvv2.path())\n .build());\n\n final var nestedSecrets = KvFunctions.getSecretsListV2(GetSecretsListV2Args.builder()\n .mount(kvv2.path())\n .name(vault_kv_secret_v2.test_2().name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n kvv2:\n type: vault:Mount\n properties:\n path: kvv2\n type: kv\n options:\n version: '2'\n description: KV Version 2 secret engine mount\n awsSecret:\n type: vault:kv:SecretV2\n properties:\n mount: ${kvv2.path}\n dataJson:\n fn::toJSON:\n zip: zap\n azureSecret:\n type: vault:kv:SecretV2\n properties:\n mount: ${kvv2.path}\n dataJson:\n fn::toJSON:\n foo: bar\n nestedSecret:\n type: vault:kv:SecretV2\n properties:\n mount: ${kvv2.path}\n dataJson:\n fn::toJSON:\n password: test\nvariables:\n secrets:\n fn::invoke:\n Function: vault:kv:getSecretsListV2\n Arguments:\n mount: ${kvv2.path}\n nestedSecrets:\n fn::invoke:\n Function: vault:kv:getSecretsListV2\n Arguments:\n mount: ${kvv2.path}\n name: ${vault_kv_secret_v2.test_2.name}\n```\n{{% /example %}}\n{{% /examples %}}\n## Required Vault Capabilities\n\nUse of this resource requires the `read` capability on the given path.\n", + "inputs": { + "description": "A collection of arguments for invoking getSecretsListV2.\n", + "properties": { + "mount": { + "type": "string", + "description": "Path where KV-V2 engine is mounted.\n" + }, + "name": { + "type": "string", + "description": "Full name of the secret. For a nested secret\nthe name is the nested path excluding the mount and data\nprefix. For example, for a secret at `kvv2/data/foo/bar/baz`\nthe name is `foo/bar/baz`.\n" + }, + "namespace": { + "type": "string", + "description": "The namespace of the target resource.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n", + "willReplaceOnChanges": true + } + }, + "type": "object", + "required": [ + "mount" + ] + }, + "outputs": { + "description": "A collection of values returned by getSecretsListV2.\n", + "properties": { + "id": { + "type": "string", + "description": "The provider-assigned unique ID for this managed resource.\n" + }, + "mount": { + "type": "string" + }, + "name": { + "type": "string" + }, + "names": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of all secret names listed under the given path.\n", + "secret": true + }, + "namespace": { + "type": "string" + }, + "path": { + "type": "string", + "description": "Full path where the KV-V2 secrets are listed.\n" + } + }, + "type": "object", + "required": [ + "mount", + "names", + "path", + "id" + ] + } + }, + "vault:ldap/getDynamicCredentials:getDynamicCredentials": { + "inputs": { + "description": "A collection of arguments for invoking getDynamicCredentials.\n", + "properties": { + "mount": { + "type": "string" + }, + "namespace": { + "type": "string", + "willReplaceOnChanges": true + }, + "roleName": { + "type": "string", + "willReplaceOnChanges": true + } + }, + "type": "object", + "required": [ + "mount", + "roleName" + ] + }, + "outputs": { + "description": "A collection of values returned by getDynamicCredentials.\n", + "properties": { + "distinguishedNames": { + "type": "array", + "items": { + "type": "string" + } + }, + "id": { + "type": "string", + "description": "The provider-assigned unique ID for this managed resource.\n" + }, + "leaseDuration": { + "type": "integer" + }, + "leaseId": { + "type": "string" + }, + "leaseRenewable": { + "type": "boolean" + }, + "mount": { + "type": "string" + }, + "namespace": { + "type": "string" + }, + "password": { + "type": "string", + "secret": true + }, + "roleName": { + "type": "string" + }, + "username": { + "type": "string" + } + }, + "type": "object", + "required": [ + "distinguishedNames", + "leaseDuration", + "leaseId", + "leaseRenewable", + "mount", + "password", + "roleName", + "username", + "id" + ] + } + }, + "vault:ldap/getStaticCredentials:getStaticCredentials": { + "inputs": { + "description": "A collection of arguments for invoking getStaticCredentials.\n", + "properties": { + "mount": { + "type": "string" + }, + "namespace": { + "type": "string", + "willReplaceOnChanges": true + }, + "roleName": { + "type": "string", + "willReplaceOnChanges": true + } + }, + "type": "object", + "required": [ + "mount", + "roleName" + ] + }, + "outputs": { + "description": "A collection of values returned by getStaticCredentials.\n", + "properties": { + "dn": { + "type": "string" + }, + "id": { + "type": "string", + "description": "The provider-assigned unique ID for this managed resource.\n" + }, + "lastPassword": { + "type": "string", + "secret": true + }, + "lastVaultRotation": { + "type": "string" + }, + "mount": { + "type": "string" + }, + "namespace": { + "type": "string" + }, + "password": { + "type": "string", + "secret": true + }, + "roleName": { + "type": "string" + }, + "rotationPeriod": { + "type": "integer" + }, + "ttl": { + "type": "integer" + }, + "username": { + "type": "string" + } + }, + "type": "object", + "required": [ + "dn", + "lastPassword", + "lastVaultRotation", + "mount", + "password", + "roleName", + "rotationPeriod", + "ttl", + "username", + "id" + ] + } + }, + "vault:pkiSecret/getBackendIssuer:getBackendIssuer": { "inputs": { - "description": "A collection of arguments for invoking getSecretSubkeysV2.\n", + "description": "A collection of arguments for invoking getBackendIssuer.\n", "properties": { - "depth": { - "type": "integer", - "description": "Specifies the deepest nesting level to provide in the output.\nIf non-zero, keys that reside at the specified depth value will be\nartificially treated as leaves and will thus be `null` even if further\nunderlying sub-keys exist.\n" - }, - "mount": { + "backend": { "type": "string", - "description": "Path where KV-V2 engine is mounted.\n" + "description": "The path to the PKI secret backend to\nread the issuer from, with no leading or trailing `/`s.\n", + "willReplaceOnChanges": true }, - "name": { + "issuerRef": { "type": "string", - "description": "Full name of the secret. For a nested secret\nthe name is the nested path excluding the mount and data\nprefix. For example, for a secret at `kvv2/data/foo/bar/baz`\nthe name is `foo/bar/baz`.\n" + "description": "Reference to an existing issuer.\n", + "willReplaceOnChanges": true }, "namespace": { "type": "string", "description": "The namespace of the target resource.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n", "willReplaceOnChanges": true - }, - "version": { - "type": "integer", - "description": "Specifies the version to return. If not \nset the latest version is returned.\n" } }, "type": "object", "required": [ - "mount", - "name" + "backend", + "issuerRef" ] }, "outputs": { - "description": "A collection of values returned by getSecretSubkeysV2.\n", + "description": "A collection of values returned by getBackendIssuer.\n", "properties": { - "data": { - "type": "object", - "additionalProperties": { - "$ref": "pulumi.json#/Any" + "backend": { + "type": "string" + }, + "caChains": { + "type": "array", + "items": { + "type": "string" }, - "description": "Subkeys for the KV-V2 secret stored as a serialized map of strings.\n", - "secret": true + "description": "The CA chain as a list of format specific certificates.\n" }, - "dataJson": { + "certificate": { "type": "string", - "description": "Subkeys for the KV-V2 secret read from Vault.\n" - }, - "depth": { - "type": "integer" + "description": "Certificate associated with this issuer.\n" }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, - "mount": { - "type": "string" + "issuerId": { + "type": "string", + "description": "ID of the issuer.\n" }, - "name": { + "issuerName": { + "type": "string", + "description": "Name of the issuer.\n" + }, + "issuerRef": { "type": "string" }, + "keyId": { + "type": "string", + "description": "ID of the key used by the issuer.\n" + }, + "leafNotAfterBehavior": { + "type": "string", + "description": "Behavior of a leaf's NotAfter field during issuance.\n" + }, + "manualChains": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Chain of issuer references to build this issuer's computed \nCAChain field from, when non-empty.\n" + }, "namespace": { "type": "string" }, - "path": { + "usage": { "type": "string", - "description": "Full path where the KV-V2 secrets are listed.\n" - }, - "version": { - "type": "integer" + "description": "Allowed usages for this issuer.\n" } }, "type": "object", "required": [ - "data", - "dataJson", - "mount", - "name", - "path", + "backend", + "caChains", + "certificate", + "issuerId", + "issuerName", + "issuerRef", + "keyId", + "leafNotAfterBehavior", + "manualChains", + "usage", "id" ] } }, - "vault:kv/getSecretV2:getSecretV2": { - "description": "## Required Vault Capabilities\n\nUse of this resource requires the `read` capability on the given path.\n", + "vault:pkiSecret/getBackendIssuers:getBackendIssuers": { + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst pki = new vault.Mount(\"pki\", {\n path: \"pki\",\n type: \"pki\",\n description: \"PKI secret engine mount\",\n});\nconst root = new vault.pkisecret.SecretBackendRootCert(\"root\", {\n backend: pki.path,\n type: \"internal\",\n commonName: \"example\",\n ttl: \"86400\",\n issuerName: \"example\",\n});\nconst test = vault.pkiSecret.getBackendIssuersOutput({\n backend: root.backend,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\npki = vault.Mount(\"pki\",\n path=\"pki\",\n type=\"pki\",\n description=\"PKI secret engine mount\")\nroot = vault.pki_secret.SecretBackendRootCert(\"root\",\n backend=pki.path,\n type=\"internal\",\n common_name=\"example\",\n ttl=\"86400\",\n issuer_name=\"example\")\ntest = vault.pkiSecret.get_backend_issuers_output(backend=root.backend)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var pki = new Vault.Mount(\"pki\", new()\n {\n Path = \"pki\",\n Type = \"pki\",\n Description = \"PKI secret engine mount\",\n });\n\n var root = new Vault.PkiSecret.SecretBackendRootCert(\"root\", new()\n {\n Backend = pki.Path,\n Type = \"internal\",\n CommonName = \"example\",\n Ttl = \"86400\",\n IssuerName = \"example\",\n });\n\n var test = Vault.PkiSecret.GetBackendIssuers.Invoke(new()\n {\n Backend = root.Backend,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/pkiSecret\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tpki, err := vault.NewMount(ctx, \"pki\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"pki\"),\n\t\t\tType: pulumi.String(\"pki\"),\n\t\t\tDescription: pulumi.String(\"PKI secret engine mount\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\troot, err := pkiSecret.NewSecretBackendRootCert(ctx, \"root\", \u0026pkiSecret.SecretBackendRootCertArgs{\n\t\t\tBackend: pki.Path,\n\t\t\tType: pulumi.String(\"internal\"),\n\t\t\tCommonName: pulumi.String(\"example\"),\n\t\t\tTtl: pulumi.String(\"86400\"),\n\t\t\tIssuerName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_ = pkiSecret.GetBackendIssuersOutput(ctx, pkisecret.GetBackendIssuersOutputArgs{\n\t\t\tBackend: root.Backend,\n\t\t}, nil)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.pkiSecret.SecretBackendRootCert;\nimport com.pulumi.vault.pkiSecret.SecretBackendRootCertArgs;\nimport com.pulumi.vault.pkiSecret.PkiSecretFunctions;\nimport com.pulumi.vault.pkiSecret.inputs.GetBackendIssuersArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var pki = new Mount(\"pki\", MountArgs.builder() \n .path(\"pki\")\n .type(\"pki\")\n .description(\"PKI secret engine mount\")\n .build());\n\n var root = new SecretBackendRootCert(\"root\", SecretBackendRootCertArgs.builder() \n .backend(pki.path())\n .type(\"internal\")\n .commonName(\"example\")\n .ttl(\"86400\")\n .issuerName(\"example\")\n .build());\n\n final var test = PkiSecretFunctions.getBackendIssuers(GetBackendIssuersArgs.builder()\n .backend(root.backend())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n pki:\n type: vault:Mount\n properties:\n path: pki\n type: pki\n description: PKI secret engine mount\n root:\n type: vault:pkiSecret:SecretBackendRootCert\n properties:\n backend: ${pki.path}\n type: internal\n commonName: example\n ttl: '86400'\n issuerName: example\nvariables:\n test:\n fn::invoke:\n Function: vault:pkiSecret:getBackendIssuers\n Arguments:\n backend: ${root.backend}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { - "description": "A collection of arguments for invoking getSecretV2.\n", + "description": "A collection of arguments for invoking getBackendIssuers.\n", "properties": { - "mount": { - "type": "string", - "description": "Path where KV-V2 engine is mounted.\n" - }, - "name": { + "backend": { "type": "string", - "description": "Full name of the secret. For a nested secret\nthe name is the nested path excluding the mount and data\nprefix. For example, for a secret at `kvv2/data/foo/bar/baz`\nthe name is `foo/bar/baz`.\n" + "description": "The path to the PKI secret backend to\nread the issuers from, with no leading or trailing `/`s.\n", + "willReplaceOnChanges": true }, "namespace": { "type": "string", "description": "The namespace of the target resource.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n", "willReplaceOnChanges": true - }, - "version": { - "type": "integer", - "description": "Version of the secret to retrieve.\n" } }, "type": "object", "required": [ - "mount", - "name" + "backend" ] }, "outputs": { - "description": "A collection of values returned by getSecretV2.\n", + "description": "A collection of values returned by getBackendIssuers.\n", "properties": { - "createdTime": { - "type": "string", - "description": "Time at which secret was created.\n" + "backend": { + "type": "string" }, - "customMetadata": { - "type": "object", - "additionalProperties": { - "$ref": "pulumi.json#/Any" - }, - "description": "Custom metadata for the secret.\n" + "id": { + "type": "string", + "description": "The provider-assigned unique ID for this managed resource.\n" }, - "data": { + "keyInfo": { "type": "object", "additionalProperties": { "$ref": "pulumi.json#/Any" }, - "description": "A mapping whose keys are the top-level data keys returned from\nVault and whose values are the corresponding values. This map can only\nrepresent string data, so any non-string values returned from Vault are\nserialized as JSON.\n", - "secret": true - }, - "dataJson": { - "type": "string", - "description": "JSON-encoded string that that is\nread as the secret data at the given path.\n", - "secret": true - }, - "deletionTime": { - "type": "string", - "description": "Deletion time for the secret.\n" - }, - "destroyed": { - "type": "boolean", - "description": "Indicates whether the secret has been destroyed.\n" + "description": "Map of issuer strings read from Vault.\n" }, - "id": { + "keyInfoJson": { "type": "string", - "description": "The provider-assigned unique ID for this managed resource.\n" - }, - "mount": { - "type": "string" + "description": "JSON-encoded issuer data read from Vault.\n" }, - "name": { - "type": "string" + "keys": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Keys used by issuers under the backend path.\n" }, "namespace": { "type": "string" - }, - "path": { - "type": "string", - "description": "Full path where the KVV2 secret is written.\n" - }, - "version": { - "type": "integer" } }, "type": "object", "required": [ - "createdTime", - "customMetadata", - "data", - "dataJson", - "deletionTime", - "destroyed", - "mount", - "name", - "path", + "backend", + "keyInfo", + "keyInfoJson", + "keys", "id" ] } }, - "vault:kv/getSecretsList:getSecretsList": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst kvv1 = new vault.Mount(\"kvv1\", {\n path: \"kvv1\",\n type: \"kv\",\n options: {\n version: \"1\",\n },\n description: \"KV Version 1 secret engine mount\",\n});\nconst awsSecret = new vault.kv.Secret(\"awsSecret\", {\n path: pulumi.interpolate`${kvv1.path}/aws-secret`,\n dataJson: JSON.stringify({\n zip: \"zap\",\n }),\n});\nconst azureSecret = new vault.kv.Secret(\"azureSecret\", {\n path: pulumi.interpolate`${kvv1.path}/azure-secret`,\n dataJson: JSON.stringify({\n foo: \"bar\",\n }),\n});\nconst secrets = vault.kv.getSecretsListOutput({\n path: kvv1.path,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_vault as vault\n\nkvv1 = vault.Mount(\"kvv1\",\n path=\"kvv1\",\n type=\"kv\",\n options={\n \"version\": \"1\",\n },\n description=\"KV Version 1 secret engine mount\")\naws_secret = vault.kv.Secret(\"awsSecret\",\n path=kvv1.path.apply(lambda path: f\"{path}/aws-secret\"),\n data_json=json.dumps({\n \"zip\": \"zap\",\n }))\nazure_secret = vault.kv.Secret(\"azureSecret\",\n path=kvv1.path.apply(lambda path: f\"{path}/azure-secret\"),\n data_json=json.dumps({\n \"foo\": \"bar\",\n }))\nsecrets = vault.kv.get_secrets_list_output(path=kvv1.path)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Text.Json;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var kvv1 = new Vault.Mount(\"kvv1\", new()\n {\n Path = \"kvv1\",\n Type = \"kv\",\n Options = \n {\n { \"version\", \"1\" },\n },\n Description = \"KV Version 1 secret engine mount\",\n });\n\n var awsSecret = new Vault.Kv.Secret(\"awsSecret\", new()\n {\n Path = kvv1.Path.Apply(path =\u003e $\"{path}/aws-secret\"),\n DataJson = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"zip\"] = \"zap\",\n }),\n });\n\n var azureSecret = new Vault.Kv.Secret(\"azureSecret\", new()\n {\n Path = kvv1.Path.Apply(path =\u003e $\"{path}/azure-secret\"),\n DataJson = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"foo\"] = \"bar\",\n }),\n });\n\n var secrets = Vault.kv.GetSecretsList.Invoke(new()\n {\n Path = kvv1.Path,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/kv\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tkvv1, err := vault.NewMount(ctx, \"kvv1\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"kvv1\"),\n\t\t\tType: pulumi.String(\"kv\"),\n\t\t\tOptions: pulumi.AnyMap{\n\t\t\t\t\"version\": pulumi.Any(\"1\"),\n\t\t\t},\n\t\t\tDescription: pulumi.String(\"KV Version 1 secret engine mount\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"zip\": \"zap\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = kv.NewSecret(ctx, \"awsSecret\", \u0026kv.SecretArgs{\n\t\t\tPath: kvv1.Path.ApplyT(func(path string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"%v/aws-secret\", path), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tDataJson: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON1, err := json.Marshal(map[string]interface{}{\n\t\t\t\"foo\": \"bar\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson1 := string(tmpJSON1)\n\t\t_, err = kv.NewSecret(ctx, \"azureSecret\", \u0026kv.SecretArgs{\n\t\t\tPath: kvv1.Path.ApplyT(func(path string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"%v/azure-secret\", path), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tDataJson: pulumi.String(json1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_ = kv.GetSecretsListOutput(ctx, kv.GetSecretsListOutputArgs{\n\t\t\tPath: kvv1.Path,\n\t\t}, nil)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.kv.Secret;\nimport com.pulumi.vault.kv.SecretArgs;\nimport com.pulumi.vault.kv.KvFunctions;\nimport com.pulumi.vault.kv.inputs.GetSecretsListArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var kvv1 = new Mount(\"kvv1\", MountArgs.builder() \n .path(\"kvv1\")\n .type(\"kv\")\n .options(Map.of(\"version\", \"1\"))\n .description(\"KV Version 1 secret engine mount\")\n .build());\n\n var awsSecret = new Secret(\"awsSecret\", SecretArgs.builder() \n .path(kvv1.path().applyValue(path -\u003e String.format(\"%s/aws-secret\", path)))\n .dataJson(serializeJson(\n jsonObject(\n jsonProperty(\"zip\", \"zap\")\n )))\n .build());\n\n var azureSecret = new Secret(\"azureSecret\", SecretArgs.builder() \n .path(kvv1.path().applyValue(path -\u003e String.format(\"%s/azure-secret\", path)))\n .dataJson(serializeJson(\n jsonObject(\n jsonProperty(\"foo\", \"bar\")\n )))\n .build());\n\n final var secrets = KvFunctions.getSecretsList(GetSecretsListArgs.builder()\n .path(kvv1.path())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n kvv1:\n type: vault:Mount\n properties:\n path: kvv1\n type: kv\n options:\n version: 1\n description: KV Version 1 secret engine mount\n awsSecret:\n type: vault:kv:Secret\n properties:\n path: ${kvv1.path}/aws-secret\n dataJson:\n Fn::ToJSON:\n zip: zap\n azureSecret:\n type: vault:kv:Secret\n properties:\n path: ${kvv1.path}/azure-secret\n dataJson:\n Fn::ToJSON:\n foo: bar\nvariables:\n secrets:\n Fn::Invoke:\n Function: vault:kv:getSecretsList\n Arguments:\n path: ${kvv1.path}\n```\n{{% /example %}}\n{{% /examples %}}\n## Required Vault Capabilities\n\nUse of this resource requires the `read` capability on the given path.\n", + "vault:pkiSecret/getBackendKey:getBackendKey": { + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst pki = new vault.Mount(\"pki\", {\n path: \"pki\",\n type: \"pki\",\n description: \"PKI secret engine mount\",\n});\nconst key = new vault.pkisecret.SecretBackendKey(\"key\", {\n backend: pki.path,\n type: \"internal\",\n keyName: \"example\",\n keyType: \"rsa\",\n keyBits: 4096,\n});\nconst example = key.keyId.apply(keyId =\u003e vault.pkiSecret.getBackendKeyOutput({\n backend: vault_mount.key.path,\n keyRef: keyId,\n}));\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\npki = vault.Mount(\"pki\",\n path=\"pki\",\n type=\"pki\",\n description=\"PKI secret engine mount\")\nkey = vault.pki_secret.SecretBackendKey(\"key\",\n backend=pki.path,\n type=\"internal\",\n key_name=\"example\",\n key_type=\"rsa\",\n key_bits=4096)\nexample = key.key_id.apply(lambda key_id: vault.pkiSecret.get_backend_key_output(backend=vault_mount[\"key\"][\"path\"],\n key_ref=key_id))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var pki = new Vault.Mount(\"pki\", new()\n {\n Path = \"pki\",\n Type = \"pki\",\n Description = \"PKI secret engine mount\",\n });\n\n var key = new Vault.PkiSecret.SecretBackendKey(\"key\", new()\n {\n Backend = pki.Path,\n Type = \"internal\",\n KeyName = \"example\",\n KeyType = \"rsa\",\n KeyBits = 4096,\n });\n\n var example = Vault.PkiSecret.GetBackendKey.Invoke(new()\n {\n Backend = vault_mount.Key.Path,\n KeyRef = key.KeyId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/pkiSecret\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tpki, err := vault.NewMount(ctx, \"pki\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"pki\"),\n\t\t\tType: pulumi.String(\"pki\"),\n\t\t\tDescription: pulumi.String(\"PKI secret engine mount\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tkey, err := pkiSecret.NewSecretBackendKey(ctx, \"key\", \u0026pkiSecret.SecretBackendKeyArgs{\n\t\t\tBackend: pki.Path,\n\t\t\tType: pulumi.String(\"internal\"),\n\t\t\tKeyName: pulumi.String(\"example\"),\n\t\t\tKeyType: pulumi.String(\"rsa\"),\n\t\t\tKeyBits: pulumi.Int(4096),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_ = key.KeyId.ApplyT(func(keyId string) (pkisecret.GetBackendKeyResult, error) {\n\t\t\treturn pkiSecret.GetBackendKeyOutput(ctx, pkisecret.GetBackendKeyOutputArgs{\n\t\t\t\tBackend: vault_mount.Key.Path,\n\t\t\t\tKeyRef: keyId,\n\t\t\t}, nil), nil\n\t\t}).(pkisecret.GetBackendKeyResultOutput)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.pkiSecret.SecretBackendKey;\nimport com.pulumi.vault.pkiSecret.SecretBackendKeyArgs;\nimport com.pulumi.vault.pkiSecret.PkiSecretFunctions;\nimport com.pulumi.vault.pkiSecret.inputs.GetBackendKeyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var pki = new Mount(\"pki\", MountArgs.builder() \n .path(\"pki\")\n .type(\"pki\")\n .description(\"PKI secret engine mount\")\n .build());\n\n var key = new SecretBackendKey(\"key\", SecretBackendKeyArgs.builder() \n .backend(pki.path())\n .type(\"internal\")\n .keyName(\"example\")\n .keyType(\"rsa\")\n .keyBits(\"4096\")\n .build());\n\n final var example = PkiSecretFunctions.getBackendKey(GetBackendKeyArgs.builder()\n .backend(vault_mount.key().path())\n .keyRef(key.keyId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n pki:\n type: vault:Mount\n properties:\n path: pki\n type: pki\n description: PKI secret engine mount\n key:\n type: vault:pkiSecret:SecretBackendKey\n properties:\n backend: ${pki.path}\n type: internal\n keyName: example\n keyType: rsa\n keyBits: '4096'\nvariables:\n example:\n fn::invoke:\n Function: vault:pkiSecret:getBackendKey\n Arguments:\n backend: ${vault_mount.key.path}\n keyRef: ${key.keyId}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { - "description": "A collection of arguments for invoking getSecretsList.\n", + "description": "A collection of arguments for invoking getBackendKey.\n", "properties": { - "namespace": { + "backend": { "type": "string", - "description": "The namespace of the target resource.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n", + "description": "The path to the PKI secret backend to\nread the key from, with no leading or trailing `/`s.\n", "willReplaceOnChanges": true }, - "path": { + "keyRef": { "type": "string", - "description": "Full KV-V1 path where secrets will be listed.\n" + "description": "Reference to an existing key.\n", + "willReplaceOnChanges": true + }, + "namespace": { + "type": "string", + "description": "The namespace of the target resource.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n", + "willReplaceOnChanges": true } }, "type": "object", "required": [ - "path" + "backend", + "keyRef" ] }, "outputs": { - "description": "A collection of values returned by getSecretsList.\n", + "description": "A collection of values returned by getBackendKey.\n", "properties": { + "backend": { + "type": "string" + }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, - "names": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of all secret names listed under the given path.\n", - "secret": true + "keyId": { + "type": "string", + "description": "ID of the key.\n" }, - "namespace": { + "keyName": { + "type": "string", + "description": "Name of the key.\n" + }, + "keyRef": { "type": "string" }, - "path": { + "keyType": { + "type": "string", + "description": "Type of the key.\n" + }, + "namespace": { "type": "string" } }, "type": "object", "required": [ - "names", - "path", + "backend", + "keyId", + "keyName", + "keyRef", + "keyType", "id" ] } }, - "vault:kv/getSecretsListV2:getSecretsListV2": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst kvv2 = new vault.Mount(\"kvv2\", {\n path: \"kvv2\",\n type: \"kv\",\n options: {\n version: \"2\",\n },\n description: \"KV Version 2 secret engine mount\",\n});\nconst awsSecret = new vault.kv.SecretV2(\"awsSecret\", {\n mount: kvv2.path,\n dataJson: JSON.stringify({\n zip: \"zap\",\n }),\n});\nconst azureSecret = new vault.kv.SecretV2(\"azureSecret\", {\n mount: kvv2.path,\n dataJson: JSON.stringify({\n foo: \"bar\",\n }),\n});\nconst nestedSecret = new vault.kv.SecretV2(\"nestedSecret\", {\n mount: kvv2.path,\n dataJson: JSON.stringify({\n password: \"test\",\n }),\n});\nconst secrets = vault.kv.getSecretsListV2Output({\n mount: kvv2.path,\n});\nconst nestedSecrets = kvv2.path.apply(path =\u003e vault.kv.getSecretsListV2Output({\n mount: path,\n name: vault_kv_secret_v2.test_2.name,\n}));\n```\n```python\nimport pulumi\nimport json\nimport pulumi_vault as vault\n\nkvv2 = vault.Mount(\"kvv2\",\n path=\"kvv2\",\n type=\"kv\",\n options={\n \"version\": \"2\",\n },\n description=\"KV Version 2 secret engine mount\")\naws_secret = vault.kv.SecretV2(\"awsSecret\",\n mount=kvv2.path,\n data_json=json.dumps({\n \"zip\": \"zap\",\n }))\nazure_secret = vault.kv.SecretV2(\"azureSecret\",\n mount=kvv2.path,\n data_json=json.dumps({\n \"foo\": \"bar\",\n }))\nnested_secret = vault.kv.SecretV2(\"nestedSecret\",\n mount=kvv2.path,\n data_json=json.dumps({\n \"password\": \"test\",\n }))\nsecrets = vault.kv.get_secrets_list_v2_output(mount=kvv2.path)\nnested_secrets = kvv2.path.apply(lambda path: vault.kv.get_secrets_list_v2_output(mount=path,\n name=vault_kv_secret_v2[\"test_2\"][\"name\"]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Text.Json;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var kvv2 = new Vault.Mount(\"kvv2\", new()\n {\n Path = \"kvv2\",\n Type = \"kv\",\n Options = \n {\n { \"version\", \"2\" },\n },\n Description = \"KV Version 2 secret engine mount\",\n });\n\n var awsSecret = new Vault.Kv.SecretV2(\"awsSecret\", new()\n {\n Mount = kvv2.Path,\n DataJson = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"zip\"] = \"zap\",\n }),\n });\n\n var azureSecret = new Vault.Kv.SecretV2(\"azureSecret\", new()\n {\n Mount = kvv2.Path,\n DataJson = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"foo\"] = \"bar\",\n }),\n });\n\n var nestedSecret = new Vault.Kv.SecretV2(\"nestedSecret\", new()\n {\n Mount = kvv2.Path,\n DataJson = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"password\"] = \"test\",\n }),\n });\n\n var secrets = Vault.kv.GetSecretsListV2.Invoke(new()\n {\n Mount = kvv2.Path,\n });\n\n var nestedSecrets = Vault.kv.GetSecretsListV2.Invoke(new()\n {\n Mount = kvv2.Path,\n Name = vault_kv_secret_v2.Test_2.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/kv\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tkvv2, err := vault.NewMount(ctx, \"kvv2\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"kvv2\"),\n\t\t\tType: pulumi.String(\"kv\"),\n\t\t\tOptions: pulumi.AnyMap{\n\t\t\t\t\"version\": pulumi.Any(\"2\"),\n\t\t\t},\n\t\t\tDescription: pulumi.String(\"KV Version 2 secret engine mount\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"zip\": \"zap\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = kv.NewSecretV2(ctx, \"awsSecret\", \u0026kv.SecretV2Args{\n\t\t\tMount: kvv2.Path,\n\t\t\tDataJson: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON1, err := json.Marshal(map[string]interface{}{\n\t\t\t\"foo\": \"bar\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson1 := string(tmpJSON1)\n\t\t_, err = kv.NewSecretV2(ctx, \"azureSecret\", \u0026kv.SecretV2Args{\n\t\t\tMount: kvv2.Path,\n\t\t\tDataJson: pulumi.String(json1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON2, err := json.Marshal(map[string]interface{}{\n\t\t\t\"password\": \"test\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson2 := string(tmpJSON2)\n\t\t_, err = kv.NewSecretV2(ctx, \"nestedSecret\", \u0026kv.SecretV2Args{\n\t\t\tMount: kvv2.Path,\n\t\t\tDataJson: pulumi.String(json2),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_ = kv.GetSecretsListV2Output(ctx, kv.GetSecretsListV2OutputArgs{\n\t\t\tMount: kvv2.Path,\n\t\t}, nil)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.kv.SecretV2;\nimport com.pulumi.vault.kv.SecretV2Args;\nimport com.pulumi.vault.kv.KvFunctions;\nimport com.pulumi.vault.kv.inputs.GetSecretsListV2Args;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var kvv2 = new Mount(\"kvv2\", MountArgs.builder() \n .path(\"kvv2\")\n .type(\"kv\")\n .options(Map.of(\"version\", \"2\"))\n .description(\"KV Version 2 secret engine mount\")\n .build());\n\n var awsSecret = new SecretV2(\"awsSecret\", SecretV2Args.builder() \n .mount(kvv2.path())\n .dataJson(serializeJson(\n jsonObject(\n jsonProperty(\"zip\", \"zap\")\n )))\n .build());\n\n var azureSecret = new SecretV2(\"azureSecret\", SecretV2Args.builder() \n .mount(kvv2.path())\n .dataJson(serializeJson(\n jsonObject(\n jsonProperty(\"foo\", \"bar\")\n )))\n .build());\n\n var nestedSecret = new SecretV2(\"nestedSecret\", SecretV2Args.builder() \n .mount(kvv2.path())\n .dataJson(serializeJson(\n jsonObject(\n jsonProperty(\"password\", \"test\")\n )))\n .build());\n\n final var secrets = KvFunctions.getSecretsListV2(GetSecretsListV2Args.builder()\n .mount(kvv2.path())\n .build());\n\n final var nestedSecrets = KvFunctions.getSecretsListV2(GetSecretsListV2Args.builder()\n .mount(kvv2.path())\n .name(vault_kv_secret_v2.test_2().name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n kvv2:\n type: vault:Mount\n properties:\n path: kvv2\n type: kv\n options:\n version: 2\n description: KV Version 2 secret engine mount\n awsSecret:\n type: vault:kv:SecretV2\n properties:\n mount: ${kvv2.path}\n dataJson:\n Fn::ToJSON:\n zip: zap\n azureSecret:\n type: vault:kv:SecretV2\n properties:\n mount: ${kvv2.path}\n dataJson:\n Fn::ToJSON:\n foo: bar\n nestedSecret:\n type: vault:kv:SecretV2\n properties:\n mount: ${kvv2.path}\n dataJson:\n Fn::ToJSON:\n password: test\nvariables:\n secrets:\n Fn::Invoke:\n Function: vault:kv:getSecretsListV2\n Arguments:\n mount: ${kvv2.path}\n nestedSecrets:\n Fn::Invoke:\n Function: vault:kv:getSecretsListV2\n Arguments:\n mount: ${kvv2.path}\n name: ${vault_kv_secret_v2.test_2.name}\n```\n{{% /example %}}\n{{% /examples %}}\n## Required Vault Capabilities\n\nUse of this resource requires the `read` capability on the given path.\n", + "vault:pkiSecret/getBackendKeys:getBackendKeys": { + "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst pki = new vault.Mount(\"pki\", {\n path: \"pki\",\n type: \"pki\",\n description: \"PKI secret engine mount\",\n});\nconst root = new vault.pkisecret.SecretBackendRootCert(\"root\", {\n backend: pki.path,\n type: \"internal\",\n commonName: \"example\",\n ttl: \"86400\",\n keyName: \"example\",\n});\nconst example = vault.pkiSecret.getBackendKeysOutput({\n backend: root.backend,\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\npki = vault.Mount(\"pki\",\n path=\"pki\",\n type=\"pki\",\n description=\"PKI secret engine mount\")\nroot = vault.pki_secret.SecretBackendRootCert(\"root\",\n backend=pki.path,\n type=\"internal\",\n common_name=\"example\",\n ttl=\"86400\",\n key_name=\"example\")\nexample = vault.pkiSecret.get_backend_keys_output(backend=root.backend)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var pki = new Vault.Mount(\"pki\", new()\n {\n Path = \"pki\",\n Type = \"pki\",\n Description = \"PKI secret engine mount\",\n });\n\n var root = new Vault.PkiSecret.SecretBackendRootCert(\"root\", new()\n {\n Backend = pki.Path,\n Type = \"internal\",\n CommonName = \"example\",\n Ttl = \"86400\",\n KeyName = \"example\",\n });\n\n var example = Vault.PkiSecret.GetBackendKeys.Invoke(new()\n {\n Backend = root.Backend,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/pkiSecret\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tpki, err := vault.NewMount(ctx, \"pki\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"pki\"),\n\t\t\tType: pulumi.String(\"pki\"),\n\t\t\tDescription: pulumi.String(\"PKI secret engine mount\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\troot, err := pkiSecret.NewSecretBackendRootCert(ctx, \"root\", \u0026pkiSecret.SecretBackendRootCertArgs{\n\t\t\tBackend: pki.Path,\n\t\t\tType: pulumi.String(\"internal\"),\n\t\t\tCommonName: pulumi.String(\"example\"),\n\t\t\tTtl: pulumi.String(\"86400\"),\n\t\t\tKeyName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_ = pkiSecret.GetBackendKeysOutput(ctx, pkisecret.GetBackendKeysOutputArgs{\n\t\t\tBackend: root.Backend,\n\t\t}, nil)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.pkiSecret.SecretBackendRootCert;\nimport com.pulumi.vault.pkiSecret.SecretBackendRootCertArgs;\nimport com.pulumi.vault.pkiSecret.PkiSecretFunctions;\nimport com.pulumi.vault.pkiSecret.inputs.GetBackendKeysArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var pki = new Mount(\"pki\", MountArgs.builder() \n .path(\"pki\")\n .type(\"pki\")\n .description(\"PKI secret engine mount\")\n .build());\n\n var root = new SecretBackendRootCert(\"root\", SecretBackendRootCertArgs.builder() \n .backend(pki.path())\n .type(\"internal\")\n .commonName(\"example\")\n .ttl(\"86400\")\n .keyName(\"example\")\n .build());\n\n final var example = PkiSecretFunctions.getBackendKeys(GetBackendKeysArgs.builder()\n .backend(root.backend())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n pki:\n type: vault:Mount\n properties:\n path: pki\n type: pki\n description: PKI secret engine mount\n root:\n type: vault:pkiSecret:SecretBackendRootCert\n properties:\n backend: ${pki.path}\n type: internal\n commonName: example\n ttl: '86400'\n keyName: example\nvariables:\n example:\n fn::invoke:\n Function: vault:pkiSecret:getBackendKeys\n Arguments:\n backend: ${root.backend}\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { - "description": "A collection of arguments for invoking getSecretsListV2.\n", + "description": "A collection of arguments for invoking getBackendKeys.\n", "properties": { - "mount": { - "type": "string", - "description": "Path where KV-V2 engine is mounted.\n" - }, - "name": { + "backend": { "type": "string", - "description": "Full name of the secret. For a nested secret\nthe name is the nested path excluding the mount and data\nprefix. For example, for a secret at `kvv2/data/foo/bar/baz`\nthe name is `foo/bar/baz`.\n" + "description": "The path to the PKI secret backend to\nread the keys from, with no leading or trailing `/`s.\n", + "willReplaceOnChanges": true }, "namespace": { "type": "string", @@ -33449,49 +31836,53 @@ }, "type": "object", "required": [ - "mount" + "backend" ] }, "outputs": { - "description": "A collection of values returned by getSecretsListV2.\n", + "description": "A collection of values returned by getBackendKeys.\n", "properties": { + "backend": { + "type": "string" + }, "id": { "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, - "mount": { - "type": "string" + "keyInfo": { + "type": "object", + "additionalProperties": { + "$ref": "pulumi.json#/Any" + }, + "description": "Map of key strings read from Vault.\n" }, - "name": { - "type": "string" + "keyInfoJson": { + "type": "string", + "description": "JSON-encoded key data read from Vault.\n" }, - "names": { + "keys": { "type": "array", "items": { "type": "string" }, - "description": "List of all secret names listed under the given path.\n", - "secret": true + "description": "Keys used under the backend path.\n" }, "namespace": { "type": "string" - }, - "path": { - "type": "string", - "description": "Full path where the KV-V2 secrets are listed.\n" } }, "type": "object", "required": [ - "mount", - "names", - "path", + "backend", + "keyInfo", + "keyInfoJson", + "keys", "id" ] } }, "vault:transform/getDecode:getDecode": { - "description": "This data source supports the \"/transform/decode/{role_name}\" Vault endpoint.\n\nIt decodes the provided value using a named role.\n", + "description": "This data source supports the \"/transform/decode/{role_name}\" Vault endpoint.\n\nIt decodes the provided value using a named role.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst transform = new vault.Mount(\"transform\", {\n path: \"transform\",\n type: \"transform\",\n});\nconst ccn_fpe = new vault.transform.Transformation(\"ccn-fpe\", {\n path: transform.path,\n type: \"fpe\",\n template: \"builtin/creditcardnumber\",\n tweakSource: \"internal\",\n allowedRoles: [\"payments\"],\n});\nconst payments = new vault.transform.Role(\"payments\", {\n path: ccn_fpe.path,\n transformations: [\"ccn-fpe\"],\n});\nconst test = vault.transform.getDecodeOutput({\n path: payments.path,\n roleName: \"payments\",\n value: \"9300-3376-4943-8903\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntransform = vault.Mount(\"transform\",\n path=\"transform\",\n type=\"transform\")\nccn_fpe = vault.transform.Transformation(\"ccn-fpe\",\n path=transform.path,\n type=\"fpe\",\n template=\"builtin/creditcardnumber\",\n tweak_source=\"internal\",\n allowed_roles=[\"payments\"])\npayments = vault.transform.Role(\"payments\",\n path=ccn_fpe.path,\n transformations=[\"ccn-fpe\"])\ntest = vault.transform.get_decode_output(path=payments.path,\n role_name=\"payments\",\n value=\"9300-3376-4943-8903\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var transform = new Vault.Mount(\"transform\", new()\n {\n Path = \"transform\",\n Type = \"transform\",\n });\n\n var ccn_fpe = new Vault.Transform.Transformation(\"ccn-fpe\", new()\n {\n Path = transform.Path,\n Type = \"fpe\",\n Template = \"builtin/creditcardnumber\",\n TweakSource = \"internal\",\n AllowedRoles = new[]\n {\n \"payments\",\n },\n });\n\n var payments = new Vault.Transform.Role(\"payments\", new()\n {\n Path = ccn_fpe.Path,\n Transformations = new[]\n {\n \"ccn-fpe\",\n },\n });\n\n var test = Vault.Transform.GetDecode.Invoke(new()\n {\n Path = payments.Path,\n RoleName = \"payments\",\n Value = \"9300-3376-4943-8903\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/transform\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttransform, err := vault.NewMount(ctx, \"transform\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"transform\"),\n\t\t\tType: pulumi.String(\"transform\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = transform.NewTransformation(ctx, \"ccn-fpe\", \u0026transform.TransformationArgs{\n\t\t\tPath: transform.Path,\n\t\t\tType: pulumi.String(\"fpe\"),\n\t\t\tTemplate: pulumi.String(\"builtin/creditcardnumber\"),\n\t\t\tTweakSource: pulumi.String(\"internal\"),\n\t\t\tAllowedRoles: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"payments\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tpayments, err := transform.NewRole(ctx, \"payments\", \u0026transform.RoleArgs{\n\t\t\tPath: ccn_fpe.Path,\n\t\t\tTransformations: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"ccn-fpe\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_ = transform.GetDecodeOutput(ctx, transform.GetDecodeOutputArgs{\n\t\t\tPath: payments.Path,\n\t\t\tRoleName: pulumi.String(\"payments\"),\n\t\t\tValue: pulumi.String(\"9300-3376-4943-8903\"),\n\t\t}, nil)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.transform.Transformation;\nimport com.pulumi.vault.transform.TransformationArgs;\nimport com.pulumi.vault.transform.Role;\nimport com.pulumi.vault.transform.RoleArgs;\nimport com.pulumi.vault.transform.TransformFunctions;\nimport com.pulumi.vault.transform.inputs.GetDecodeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var transform = new Mount(\"transform\", MountArgs.builder() \n .path(\"transform\")\n .type(\"transform\")\n .build());\n\n var ccn_fpe = new Transformation(\"ccn-fpe\", TransformationArgs.builder() \n .path(transform.path())\n .type(\"fpe\")\n .template(\"builtin/creditcardnumber\")\n .tweakSource(\"internal\")\n .allowedRoles(\"payments\")\n .build());\n\n var payments = new Role(\"payments\", RoleArgs.builder() \n .path(ccn_fpe.path())\n .transformations(\"ccn-fpe\")\n .build());\n\n final var test = TransformFunctions.getDecode(GetDecodeArgs.builder()\n .path(payments.path())\n .roleName(\"payments\")\n .value(\"9300-3376-4943-8903\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n transform:\n type: vault:Mount\n properties:\n path: transform\n type: transform\n ccn-fpe:\n type: vault:transform:Transformation\n properties:\n path: ${transform.path}\n type: fpe\n template: builtin/creditcardnumber\n tweakSource: internal\n allowedRoles:\n - payments\n payments:\n type: vault:transform:Role\n properties:\n path: ${[\"ccn-fpe\"].path}\n transformations:\n - ccn-fpe\nvariables:\n test:\n fn::invoke:\n Function: vault:transform:getDecode\n Arguments:\n path: ${payments.path}\n roleName: payments\n value: 9300-3376-4943-8903\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getDecode.\n", "properties": { @@ -33519,6 +31910,11 @@ "type": "string", "description": "The result of decoding a value.\n" }, + "namespace": { + "type": "string", + "description": "The namespace of the target resource.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n", + "willReplaceOnChanges": true + }, "path": { "type": "string", "description": "Path to where the back-end is mounted within Vault.\n", @@ -33576,6 +31972,9 @@ "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, + "namespace": { + "type": "string" + }, "path": { "type": "string" }, @@ -33603,7 +32002,7 @@ } }, "vault:transform/getEncode:getEncode": { - "description": "This data source supports the \"/transform/encode/{role_name}\" Vault endpoint.\n\nIt encodes the provided value using a named role.\n", + "description": "This data source supports the \"/transform/encode/{role_name}\" Vault endpoint.\n\nIt encodes the provided value using a named role.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst transform = new vault.Mount(\"transform\", {\n path: \"transform\",\n type: \"transform\",\n});\nconst ccn_fpe = new vault.transform.Transformation(\"ccn-fpe\", {\n path: transform.path,\n type: \"fpe\",\n template: \"builtin/creditcardnumber\",\n tweakSource: \"internal\",\n allowedRoles: [\"payments\"],\n});\nconst payments = new vault.transform.Role(\"payments\", {\n path: ccn_fpe.path,\n transformations: [\"ccn-fpe\"],\n});\nconst test = vault.transform.getEncodeOutput({\n path: payments.path,\n roleName: \"payments\",\n batchInputs: [{\n value: \"1111-2222-3333-4444\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntransform = vault.Mount(\"transform\",\n path=\"transform\",\n type=\"transform\")\nccn_fpe = vault.transform.Transformation(\"ccn-fpe\",\n path=transform.path,\n type=\"fpe\",\n template=\"builtin/creditcardnumber\",\n tweak_source=\"internal\",\n allowed_roles=[\"payments\"])\npayments = vault.transform.Role(\"payments\",\n path=ccn_fpe.path,\n transformations=[\"ccn-fpe\"])\ntest = vault.transform.get_encode_output(path=payments.path,\n role_name=\"payments\",\n batch_inputs=[{\n \"value\": \"1111-2222-3333-4444\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var transform = new Vault.Mount(\"transform\", new()\n {\n Path = \"transform\",\n Type = \"transform\",\n });\n\n var ccn_fpe = new Vault.Transform.Transformation(\"ccn-fpe\", new()\n {\n Path = transform.Path,\n Type = \"fpe\",\n Template = \"builtin/creditcardnumber\",\n TweakSource = \"internal\",\n AllowedRoles = new[]\n {\n \"payments\",\n },\n });\n\n var payments = new Vault.Transform.Role(\"payments\", new()\n {\n Path = ccn_fpe.Path,\n Transformations = new[]\n {\n \"ccn-fpe\",\n },\n });\n\n var test = Vault.Transform.GetEncode.Invoke(new()\n {\n Path = payments.Path,\n RoleName = \"payments\",\n BatchInputs = new[]\n {\n \n {\n { \"value\", \"1111-2222-3333-4444\" },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/transform\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttransform, err := vault.NewMount(ctx, \"transform\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"transform\"),\n\t\t\tType: pulumi.String(\"transform\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = transform.NewTransformation(ctx, \"ccn-fpe\", \u0026transform.TransformationArgs{\n\t\t\tPath: transform.Path,\n\t\t\tType: pulumi.String(\"fpe\"),\n\t\t\tTemplate: pulumi.String(\"builtin/creditcardnumber\"),\n\t\t\tTweakSource: pulumi.String(\"internal\"),\n\t\t\tAllowedRoles: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"payments\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tpayments, err := transform.NewRole(ctx, \"payments\", \u0026transform.RoleArgs{\n\t\t\tPath: ccn_fpe.Path,\n\t\t\tTransformations: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"ccn-fpe\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_ = transform.GetEncodeOutput(ctx, transform.GetEncodeOutputArgs{\n\t\t\tPath: payments.Path,\n\t\t\tRoleName: pulumi.String(\"payments\"),\n\t\t\tBatchInputs: pulumi.MapArray{\n\t\t\t\tpulumi.Map{\n\t\t\t\t\t\"value\": pulumi.Any(\"1111-2222-3333-4444\"),\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.transform.Transformation;\nimport com.pulumi.vault.transform.TransformationArgs;\nimport com.pulumi.vault.transform.Role;\nimport com.pulumi.vault.transform.RoleArgs;\nimport com.pulumi.vault.transform.TransformFunctions;\nimport com.pulumi.vault.transform.inputs.GetEncodeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var transform = new Mount(\"transform\", MountArgs.builder() \n .path(\"transform\")\n .type(\"transform\")\n .build());\n\n var ccn_fpe = new Transformation(\"ccn-fpe\", TransformationArgs.builder() \n .path(transform.path())\n .type(\"fpe\")\n .template(\"builtin/creditcardnumber\")\n .tweakSource(\"internal\")\n .allowedRoles(\"payments\")\n .build());\n\n var payments = new Role(\"payments\", RoleArgs.builder() \n .path(ccn_fpe.path())\n .transformations(\"ccn-fpe\")\n .build());\n\n final var test = TransformFunctions.getEncode(GetEncodeArgs.builder()\n .path(payments.path())\n .roleName(\"payments\")\n .batchInputs(Map.of(\"value\", \"1111-2222-3333-4444\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n transform:\n type: vault:Mount\n properties:\n path: transform\n type: transform\n ccn-fpe:\n type: vault:transform:Transformation\n properties:\n path: ${transform.path}\n type: fpe\n template: builtin/creditcardnumber\n tweakSource: internal\n allowedRoles:\n - payments\n payments:\n type: vault:transform:Role\n properties:\n path: ${[\"ccn-fpe\"].path}\n transformations:\n - ccn-fpe\nvariables:\n test:\n fn::invoke:\n Function: vault:transform:getEncode\n Arguments:\n path: ${payments.path}\n roleName: payments\n batchInputs:\n - value: 1111-2222-3333-4444\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getEncode.\n", "properties": { @@ -33631,6 +32030,11 @@ "type": "string", "description": "The result of encoding a value.\n" }, + "namespace": { + "type": "string", + "description": "The namespace of the target resource.\nThe value should not contain leading or trailing forward slashes.\nThe `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).\n*Available only for Vault Enterprise*.\n", + "willReplaceOnChanges": true + }, "path": { "type": "string", "description": "Path to where the back-end is mounted within Vault.\n", @@ -33688,6 +32092,9 @@ "type": "string", "description": "The provider-assigned unique ID for this managed resource.\n" }, + "namespace": { + "type": "string" + }, "path": { "type": "string" }, @@ -33715,7 +32122,7 @@ } }, "vault:transit/getDecrypt:getDecrypt": { - "description": "This is a data source which can be used to decrypt ciphertext using a Vault Transit key.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst test = pulumi.output(vault.transit.getDecrypt({\n backend: \"transit\",\n ciphertext: \"vault:v1:S3GtnJ5GUNCWV+/pdL9+g1Feu/nzAv+RlmTmE91Tu0rBkeIU8MEb2nSspC/1IQ==\",\n key: \"test\",\n}));\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest = vault.transit.get_decrypt(backend=\"transit\",\n ciphertext=\"vault:v1:S3GtnJ5GUNCWV+/pdL9+g1Feu/nzAv+RlmTmE91Tu0rBkeIU8MEb2nSspC/1IQ==\",\n key=\"test\")\n```\n```csharp\nusing System.Collections.Generic;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Vault.Transit.GetDecrypt.Invoke(new()\n {\n Backend = \"transit\",\n Ciphertext = \"vault:v1:S3GtnJ5GUNCWV+/pdL9+g1Feu/nzAv+RlmTmE91Tu0rBkeIU8MEb2nSspC/1IQ==\",\n Key = \"test\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/transit\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := transit.GetDecrypt(ctx, \u0026transit.GetDecryptArgs{\n\t\t\tBackend: \"transit\",\n\t\t\tCiphertext: \"vault:v1:S3GtnJ5GUNCWV+/pdL9+g1Feu/nzAv+RlmTmE91Tu0rBkeIU8MEb2nSspC/1IQ==\",\n\t\t\tKey: \"test\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.transit.TransitFunctions;\nimport com.pulumi.vault.transit.inputs.GetDecryptArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = TransitFunctions.getDecrypt(GetDecryptArgs.builder()\n .backend(\"transit\")\n .ciphertext(\"vault:v1:S3GtnJ5GUNCWV+/pdL9+g1Feu/nzAv+RlmTmE91Tu0rBkeIU8MEb2nSspC/1IQ==\")\n .key(\"test\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n Fn::Invoke:\n Function: vault:transit:getDecrypt\n Arguments:\n backend: transit\n ciphertext: vault:v1:S3GtnJ5GUNCWV+/pdL9+g1Feu/nzAv+RlmTmE91Tu0rBkeIU8MEb2nSspC/1IQ==\n key: test\n```\n{{% /example %}}\n{{% /examples %}}", + "description": "This is a data source which can be used to decrypt ciphertext using a Vault Transit key.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst test = vault.transit.getDecrypt({\n backend: \"transit\",\n ciphertext: \"vault:v1:S3GtnJ5GUNCWV+/pdL9+g1Feu/nzAv+RlmTmE91Tu0rBkeIU8MEb2nSspC/1IQ==\",\n key: \"test\",\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ntest = vault.transit.get_decrypt(backend=\"transit\",\n ciphertext=\"vault:v1:S3GtnJ5GUNCWV+/pdL9+g1Feu/nzAv+RlmTmE91Tu0rBkeIU8MEb2nSspC/1IQ==\",\n key=\"test\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = Vault.Transit.GetDecrypt.Invoke(new()\n {\n Backend = \"transit\",\n Ciphertext = \"vault:v1:S3GtnJ5GUNCWV+/pdL9+g1Feu/nzAv+RlmTmE91Tu0rBkeIU8MEb2nSspC/1IQ==\",\n Key = \"test\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/transit\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := transit.GetDecrypt(ctx, \u0026transit.GetDecryptArgs{\n\t\t\tBackend: \"transit\",\n\t\t\tCiphertext: \"vault:v1:S3GtnJ5GUNCWV+/pdL9+g1Feu/nzAv+RlmTmE91Tu0rBkeIU8MEb2nSspC/1IQ==\",\n\t\t\tKey: \"test\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.transit.TransitFunctions;\nimport com.pulumi.vault.transit.inputs.GetDecryptArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var test = TransitFunctions.getDecrypt(GetDecryptArgs.builder()\n .backend(\"transit\")\n .ciphertext(\"vault:v1:S3GtnJ5GUNCWV+/pdL9+g1Feu/nzAv+RlmTmE91Tu0rBkeIU8MEb2nSspC/1IQ==\")\n .key(\"test\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n test:\n fn::invoke:\n Function: vault:transit:getDecrypt\n Arguments:\n backend: transit\n ciphertext: vault:v1:S3GtnJ5GUNCWV+/pdL9+g1Feu/nzAv+RlmTmE91Tu0rBkeIU8MEb2nSspC/1IQ==\n key: test\n```\n{{% /example %}}\n{{% /examples %}}", "inputs": { "description": "A collection of arguments for invoking getDecrypt.\n", "properties": { diff --git a/provider/go.mod b/provider/go.mod index 5d22d95cd..aa0e29b68 100644 --- a/provider/go.mod +++ b/provider/go.mod @@ -1,11 +1,13 @@ module github.com/pulumi/pulumi-vault/provider/v5 -go 1.21 +go 1.21.3 + +toolchain go1.21.4 require ( github.com/hashicorp/terraform-provider-vault v0.0.0 - github.com/pulumi/pulumi-terraform-bridge/v3 v3.32.0 - github.com/pulumi/pulumi/sdk/v3 v3.42.0 + github.com/pulumi/pulumi-terraform-bridge/v3 v3.63.2 + github.com/pulumi/pulumi/sdk/v3 v3.91.1 ) require ( @@ -17,56 +19,64 @@ require ( cloud.google.com/go/logging v1.8.1 // indirect cloud.google.com/go/longrunning v0.5.1 // indirect cloud.google.com/go/storage v1.30.1 // indirect - github.com/Azure/azure-pipeline-go v0.2.3 // indirect - github.com/Azure/azure-sdk-for-go v61.4.0+incompatible // indirect - github.com/Azure/azure-sdk-for-go/sdk/azcore v0.22.0 // indirect - github.com/Azure/azure-sdk-for-go/sdk/azidentity v0.13.2 // indirect - github.com/Azure/azure-sdk-for-go/sdk/internal v0.9.1 // indirect - github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/resources/armresources v0.3.1 // indirect - github.com/Azure/azure-storage-blob-go v0.14.0 // indirect - github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect + dario.cat/mergo v1.0.0 // indirect + github.com/Azure/azure-sdk-for-go v66.0.0+incompatible // indirect + github.com/Azure/azure-sdk-for-go/sdk/azcore v1.8.0 // indirect + github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.4.0 // indirect + github.com/Azure/azure-sdk-for-go/sdk/internal v1.3.0 // indirect + github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/resources/armresources v1.1.1 // indirect github.com/Azure/go-autorest v14.2.0+incompatible // indirect github.com/Azure/go-autorest/autorest v0.11.29 // indirect github.com/Azure/go-autorest/autorest/adal v0.9.22 // indirect github.com/Azure/go-autorest/autorest/azure/auth v0.5.11 // indirect - github.com/Azure/go-autorest/autorest/azure/cli v0.4.5 // indirect + github.com/Azure/go-autorest/autorest/azure/cli v0.4.6 // indirect github.com/Azure/go-autorest/autorest/date v0.3.0 // indirect github.com/Azure/go-autorest/autorest/to v0.4.0 // indirect github.com/Azure/go-autorest/autorest/validation v0.3.1 // indirect github.com/Azure/go-autorest/logger v0.2.1 // indirect github.com/Azure/go-autorest/tracing v0.6.0 // indirect github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 // indirect - github.com/AzureAD/microsoft-authentication-library-for-go v0.4.0 // indirect + github.com/AzureAD/microsoft-authentication-library-for-go v1.1.1 // indirect + github.com/BurntSushi/toml v1.2.1 // indirect github.com/Masterminds/goutils v1.1.1 // indirect + github.com/Masterminds/semver v1.5.0 // indirect github.com/Masterminds/semver/v3 v3.1.1 // indirect - github.com/Masterminds/sprig/v3 v3.2.1 // indirect + github.com/Masterminds/sprig/v3 v3.2.2 // indirect github.com/Microsoft/go-winio v0.6.1 // indirect - github.com/ProtonMail/go-crypto v0.0.0-20230217124315-7d5c6f04bbb8 // indirect + github.com/ProtonMail/go-crypto v0.0.0-20230717121422-5aa5874ade95 // indirect github.com/acomagu/bufpipe v1.0.4 // indirect github.com/aead/chacha20 v0.0.0-20180709150244-8b13a72661da // indirect github.com/agext/levenshtein v1.2.3 // indirect github.com/apparentlymart/go-cidr v1.1.0 // indirect - github.com/apparentlymart/go-textseg/v13 v13.0.0 // indirect + github.com/apparentlymart/go-textseg/v15 v15.0.0 // indirect github.com/armon/go-metrics v0.4.1 // indirect github.com/armon/go-radix v1.0.0 // indirect - github.com/aws/aws-sdk-go v1.44.214 // indirect - github.com/aws/aws-sdk-go-v2 v1.9.0 // indirect - github.com/aws/aws-sdk-go-v2/config v1.7.0 // indirect - github.com/aws/aws-sdk-go-v2/credentials v1.4.0 // indirect - github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.5.0 // indirect - github.com/aws/aws-sdk-go-v2/internal/ini v1.2.2 // indirect - github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.3.0 // indirect - github.com/aws/aws-sdk-go-v2/service/kms v1.5.0 // indirect - github.com/aws/aws-sdk-go-v2/service/sso v1.4.0 // indirect - github.com/aws/aws-sdk-go-v2/service/sts v1.7.0 // indirect - github.com/aws/smithy-go v1.8.0 // indirect + github.com/atotto/clipboard v0.1.4 // indirect + github.com/aws/aws-sdk-go v1.45.24 // indirect + github.com/aws/aws-sdk-go-v2 v1.17.3 // indirect + github.com/aws/aws-sdk-go-v2/config v1.15.15 // indirect + github.com/aws/aws-sdk-go-v2/credentials v1.12.10 // indirect + github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.9 // indirect + github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.27 // indirect + github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.21 // indirect + github.com/aws/aws-sdk-go-v2/internal/ini v1.3.16 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.9 // indirect + github.com/aws/aws-sdk-go-v2/service/kms v1.18.1 // indirect + github.com/aws/aws-sdk-go-v2/service/sso v1.11.13 // indirect + github.com/aws/aws-sdk-go-v2/service/sts v1.16.10 // indirect + github.com/aws/smithy-go v1.13.5 // indirect + github.com/aymanbagabas/go-osc52/v2 v2.0.1 // indirect github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d // indirect github.com/bgentry/speakeasy v0.1.0 // indirect github.com/blang/semver v3.5.1+incompatible // indirect github.com/cenkalti/backoff/v3 v3.2.2 // indirect github.com/cenkalti/backoff/v4 v4.2.1 // indirect + github.com/charmbracelet/bubbles v0.16.1 // indirect + github.com/charmbracelet/bubbletea v0.24.2 // indirect + github.com/charmbracelet/lipgloss v0.7.1 // indirect github.com/cheggaaa/pb v1.0.29 // indirect github.com/cloudflare/circl v1.3.3 // indirect + github.com/containerd/console v1.0.4-0.20230313162750-1ae8d489ac81 // indirect github.com/coreos/go-oidc/v3 v3.5.0 // indirect github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/dimchansky/utfbom v1.1.1 // indirect @@ -75,7 +85,6 @@ require ( github.com/docker/docker v24.0.5+incompatible // indirect github.com/docker/go-connections v0.4.0 // indirect github.com/docker/go-units v0.5.0 // indirect - github.com/dustin/go-humanize v1.0.1 // indirect github.com/edsrzf/mmap-go v1.1.0 // indirect github.com/emirpasic/gods v1.18.1 // indirect github.com/ettle/strcase v0.1.1 // indirect @@ -83,15 +92,15 @@ require ( github.com/fatih/color v1.14.1 // indirect github.com/gedex/inflector v0.0.0-20170307190818-16278e9db813 // indirect github.com/go-asn1-ber/asn1-ber v1.5.4 // indirect - github.com/go-git/gcfg v1.5.0 // indirect + github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect github.com/go-git/go-billy/v5 v5.4.1 // indirect - github.com/go-git/go-git/v5 v5.6.1 // indirect + github.com/go-git/go-git/v5 v5.8.1 // indirect github.com/go-jose/go-jose/v3 v3.0.0 // indirect github.com/go-ldap/ldap/v3 v3.4.4 // indirect github.com/gofrs/uuid v4.2.0+incompatible // indirect github.com/gogo/protobuf v1.3.2 // indirect - github.com/golang-jwt/jwt v3.2.1+incompatible // indirect github.com/golang-jwt/jwt/v4 v4.5.0 // indirect + github.com/golang-jwt/jwt/v5 v5.0.0 // indirect github.com/golang/glog v1.1.0 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/protobuf v1.5.3 // indirect @@ -113,13 +122,13 @@ require ( github.com/hashicorp/go-checkpoint v0.5.0 // indirect github.com/hashicorp/go-cleanhttp v0.5.2 // indirect github.com/hashicorp/go-cty v1.4.1-0.20200723130312-85980079f637 // indirect - github.com/hashicorp/go-getter v1.6.1 // indirect + github.com/hashicorp/go-getter v1.7.1 // indirect github.com/hashicorp/go-hclog v1.5.0 // indirect github.com/hashicorp/go-immutable-radix v1.3.1 // indirect github.com/hashicorp/go-kms-wrapping/entropy/v2 v2.0.0 // indirect github.com/hashicorp/go-kms-wrapping/v2 v2.0.8 // indirect github.com/hashicorp/go-multierror v1.1.1 // indirect - github.com/hashicorp/go-plugin v1.5.0 // indirect + github.com/hashicorp/go-plugin v1.5.1 // indirect github.com/hashicorp/go-retryablehttp v0.7.4 // indirect github.com/hashicorp/go-rootcerts v1.0.2 // indirect github.com/hashicorp/go-safetemp v1.0.0 // indirect @@ -134,17 +143,17 @@ require ( github.com/hashicorp/go-uuid v1.0.3 // indirect github.com/hashicorp/go-version v1.6.0 // indirect github.com/hashicorp/golang-lru v0.5.4 // indirect - github.com/hashicorp/hc-install v0.5.2 // indirect + github.com/hashicorp/hc-install v0.6.0 // indirect github.com/hashicorp/hcl v1.0.1-vault-5 // indirect - github.com/hashicorp/hcl/v2 v2.17.0 // indirect + github.com/hashicorp/hcl/v2 v2.18.0 // indirect github.com/hashicorp/hil v0.0.0-20190212132231-97b3a9cdfa93 // indirect github.com/hashicorp/logutils v1.0.0 // indirect - github.com/hashicorp/terraform-exec v0.18.1 // indirect - github.com/hashicorp/terraform-json v0.17.0 // indirect - github.com/hashicorp/terraform-plugin-go v0.16.0 // indirect + github.com/hashicorp/terraform-exec v0.19.0 // indirect + github.com/hashicorp/terraform-json v0.17.1 // indirect + github.com/hashicorp/terraform-plugin-go v0.19.0 // indirect github.com/hashicorp/terraform-plugin-log v0.9.0 // indirect github.com/hashicorp/terraform-plugin-sdk/v2 v2.29.0 // indirect - github.com/hashicorp/terraform-registry-address v0.2.1 // indirect + github.com/hashicorp/terraform-registry-address v0.2.2 // indirect github.com/hashicorp/terraform-svchost v0.1.1 // indirect github.com/hashicorp/vault-plugin-auth-jwt v0.17.0 // indirect github.com/hashicorp/vault-plugin-auth-kerberos v0.10.1 // indirect @@ -154,9 +163,8 @@ require ( github.com/hashicorp/yamux v0.1.1 // indirect github.com/huandu/xstrings v1.3.2 // indirect github.com/iancoleman/strcase v0.2.0 // indirect - github.com/ijc/Gotty v0.0.0-20170406111628-a8b993ba6abd // indirect - github.com/imdario/mergo v0.3.13 // indirect - github.com/inconshreveable/mousetrap v1.0.1 // indirect + github.com/imdario/mergo v0.3.15 // indirect + github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect github.com/jcmturner/aescts/v2 v2.0.0 // indirect github.com/jcmturner/dnsutils/v2 v2.0.0 // indirect @@ -166,14 +174,13 @@ require ( github.com/jcmturner/rpc/v2 v2.0.3 // indirect github.com/jmespath/go-jmespath v0.4.0 // indirect github.com/json-iterator/go v1.1.12 // indirect - github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 // indirect github.com/kevinburke/ssh_config v1.2.0 // indirect github.com/kylelemons/godebug v1.1.0 // indirect + github.com/lucasb-eyer/go-colorful v1.2.0 // indirect github.com/mattn/go-colorable v0.1.13 // indirect - github.com/mattn/go-ieproxy v0.0.1 // indirect - github.com/mattn/go-isatty v0.0.17 // indirect - github.com/mattn/go-runewidth v0.0.13 // indirect - github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b // indirect + github.com/mattn/go-isatty v0.0.18 // indirect + github.com/mattn/go-localereader v0.0.1 // indirect + github.com/mattn/go-runewidth v0.0.14 // indirect github.com/mitchellh/cli v1.1.5 // indirect github.com/mitchellh/copystructure v1.2.0 // indirect github.com/mitchellh/go-homedir v1.1.0 // indirect @@ -184,9 +191,12 @@ require ( github.com/mitchellh/mapstructure v1.5.0 // indirect github.com/mitchellh/pointerstructure v1.2.1 // indirect github.com/mitchellh/reflectwalk v1.0.2 // indirect - github.com/moby/term v0.5.0 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect + github.com/muesli/ansi v0.0.0-20211018074035-2e021307bc4b // indirect + github.com/muesli/cancelreader v0.2.2 // indirect + github.com/muesli/reflow v0.3.0 // indirect + github.com/muesli/termenv v0.15.1 // indirect github.com/natefinch/atomic v1.0.1 // indirect github.com/oklog/run v1.1.0 // indirect github.com/opencontainers/go-digest v1.0.0 // indirect @@ -203,25 +213,27 @@ require ( github.com/pkg/term v1.1.0 // indirect github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect github.com/posener/complete v1.2.3 // indirect - github.com/pulumi/pulumi-java/pkg v0.6.0 // indirect - github.com/pulumi/pulumi-yaml v0.5.8 // indirect - github.com/pulumi/pulumi/pkg/v3 v3.40.2 // indirect - github.com/pulumi/schema-tools v0.1.0 // indirect - github.com/pulumi/terraform-diff-reader v0.0.0-20201211191010-ad4715e9285e // indirect - github.com/rivo/uniseg v0.2.0 // indirect - github.com/rogpeppe/go-internal v1.9.0 // indirect + github.com/pulumi/esc v0.5.6 // indirect + github.com/pulumi/pulumi-java/pkg v0.9.8 // indirect + github.com/pulumi/pulumi-terraform-bridge/x/muxer v0.0.4 // indirect + github.com/pulumi/pulumi-yaml v1.2.2 // indirect + github.com/pulumi/pulumi/pkg/v3 v3.91.1 // indirect + github.com/pulumi/schema-tools v0.1.2 // indirect + github.com/pulumi/terraform-diff-reader v0.0.2 // indirect + github.com/rivo/uniseg v0.4.4 // indirect + github.com/rogpeppe/go-internal v1.11.0 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect github.com/ryanuber/go-glob v1.0.0 // indirect github.com/sabhiram/go-gitignore v0.0.0-20210923224102-525f6e181f06 // indirect github.com/santhosh-tekuri/jsonschema/v5 v5.0.0 // indirect github.com/segmentio/asm v1.1.3 // indirect github.com/segmentio/encoding v0.3.5 // indirect - github.com/sergi/go-diff v1.2.0 // indirect - github.com/shopspring/decimal v1.2.0 // indirect - github.com/skeema/knownhosts v1.1.0 // indirect - github.com/spf13/afero v1.9.2 // indirect - github.com/spf13/cast v1.4.1 // indirect - github.com/spf13/cobra v1.6.0 // indirect + github.com/sergi/go-diff v1.3.1 // indirect + github.com/shopspring/decimal v1.3.1 // indirect + github.com/skeema/knownhosts v1.2.0 // indirect + github.com/spf13/afero v1.9.5 // indirect + github.com/spf13/cast v1.5.0 // indirect + github.com/spf13/cobra v1.7.0 // indirect github.com/spf13/pflag v1.0.5 // indirect github.com/stretchr/testify v1.8.4 // indirect github.com/texttheater/golang-levenshtein v1.0.1 // indirect @@ -236,21 +248,22 @@ require ( github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect github.com/xeipuuv/gojsonschema v1.2.0 // indirect - github.com/zclconf/go-cty v1.13.2 // indirect + github.com/zclconf/go-cty v1.14.0 // indirect go.opencensus.io v0.24.0 // indirect go.uber.org/atomic v1.10.0 // indirect - gocloud.dev v0.24.0 // indirect - gocloud.dev/secrets/hashivault v0.24.0 // indirect + gocloud.dev v0.27.0 // indirect + gocloud.dev/secrets/hashivault v0.27.0 // indirect golang.org/x/crypto v0.14.0 // indirect - golang.org/x/mod v0.11.0 // indirect + golang.org/x/exp v0.0.0-20231006140011-7918f672742d // indirect + golang.org/x/mod v0.13.0 // indirect golang.org/x/net v0.17.0 // indirect golang.org/x/oauth2 v0.12.0 // indirect - golang.org/x/sync v0.3.0 // indirect + golang.org/x/sync v0.4.0 // indirect golang.org/x/sys v0.13.0 // indirect golang.org/x/term v0.13.0 // indirect golang.org/x/text v0.13.0 // indirect golang.org/x/time v0.3.0 // indirect - golang.org/x/tools v0.10.0 // indirect + golang.org/x/tools v0.14.0 // indirect golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect google.golang.org/api v0.144.0 // indirect google.golang.org/appengine v1.6.7 // indirect @@ -259,11 +272,9 @@ require ( google.golang.org/genproto/googleapis/rpc v0.0.0-20230920204549-e6e6cdab5c13 // indirect google.golang.org/grpc v1.58.2 // indirect google.golang.org/protobuf v1.31.0 // indirect - gopkg.in/AlecAivazis/survey.v1 v1.8.9-0.20200217094205-6773bdf39b7f // indirect gopkg.in/jcmturner/goidentity.v3 v3.0.0 // indirect gopkg.in/square/go-jose.v2 v2.6.0 // indirect gopkg.in/warnings.v0 v0.1.2 // indirect - gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect lukechampine.com/frand v1.4.2 // indirect @@ -273,6 +284,6 @@ require ( replace ( github.com/hashicorp/go-getter => github.com/hashicorp/go-getter v1.4.0 - github.com/hashicorp/terraform-plugin-sdk/v2 => github.com/pulumi/terraform-plugin-sdk/v2 v2.0.0-20230710100801-03a71d0fca3d - github.com/hashicorp/terraform-provider-vault => github.com/pulumi/terraform-provider-vault v1.9.1-0.20231012211048-cc8060e32cc4 + github.com/hashicorp/terraform-plugin-sdk/v2 => github.com/pulumi/terraform-plugin-sdk/v2 v2.0.0-20230912190043-e6d96b3b8f7e + github.com/hashicorp/terraform-provider-vault => github.com/pulumi/terraform-provider-vault v1.9.1-0.20231108235540-710122092170 ) diff --git a/provider/go.sum b/provider/go.sum index 0b23ffd69..c34390287 100644 --- a/provider/go.sum +++ b/provider/go.sum @@ -1,5 +1,4 @@ bazil.org/fuse v0.0.0-20160811212531-371fbbdaa898/go.mod h1:Xbm+BRKSBEpa4q4hTSxohYNQpsxXPbPry4JJWOB3LB8= -bazil.org/fuse v0.0.0-20180421153158-65cc252bf669/go.mod h1:Xbm+BRKSBEpa4q4hTSxohYNQpsxXPbPry4JJWOB3LB8= bazil.org/fuse v0.0.0-20200407214033-5883e5a4b512/go.mod h1:FbcW6z/2VytnFDhZfumh8Ss8zxHE6qpMP5sHTRe0EaM= cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= @@ -27,13 +26,8 @@ cloud.google.com/go v0.82.0/go.mod h1:vlKccHJGuFBFufnAnuB08dfEH9Y3H7dzDzRECFdC2T cloud.google.com/go v0.83.0/go.mod h1:Z7MJUsANfY0pYPdw0lbnivPx4/vhy/e2FEkSkF7vAVY= cloud.google.com/go v0.84.0/go.mod h1:RazrYuxIK6Kb7YrzzhPoLmCVzl7Sup4NrbKPg8KHSUM= cloud.google.com/go v0.87.0/go.mod h1:TpDYlFy7vuLzZMMZ+B6iRiELaY7z/gJPaqbMx6mlWcY= -cloud.google.com/go v0.88.0/go.mod h1:dnKwfYbP9hQhefiUvpbcAyoGSHUrOxR20JVElLiUvEY= -cloud.google.com/go v0.89.0/go.mod h1:kRX0mNRHe0e2rC6oNakvwQqzyDmg57xJ+SZU1eT2aDQ= cloud.google.com/go v0.90.0/go.mod h1:kRX0mNRHe0e2rC6oNakvwQqzyDmg57xJ+SZU1eT2aDQ= -cloud.google.com/go v0.92.2/go.mod h1:8utlLll2EF5XMAV15woO4lSbWQlk8rer9aLOfLh7+YI= -cloud.google.com/go v0.92.3/go.mod h1:8utlLll2EF5XMAV15woO4lSbWQlk8rer9aLOfLh7+YI= cloud.google.com/go v0.93.3/go.mod h1:8utlLll2EF5XMAV15woO4lSbWQlk8rer9aLOfLh7+YI= -cloud.google.com/go v0.94.0/go.mod h1:qAlAugsXlC+JWO+Bke5vCtc9ONxjQT3drlTTnAplMW4= cloud.google.com/go v0.94.1/go.mod h1:qAlAugsXlC+JWO+Bke5vCtc9ONxjQT3drlTTnAplMW4= cloud.google.com/go v0.97.0/go.mod h1:GF7l59pYBVlXQIBLx3a761cZ41F9bBH3JUlihCt2Udc= cloud.google.com/go v0.99.0/go.mod h1:w0Xx2nLzqWJPuozYQX+hFfCSI8WioryfRDzkoI/Y2ZA= @@ -41,54 +35,40 @@ cloud.google.com/go v0.100.1/go.mod h1:fs4QogzfH5n2pBXBP9vRiU+eCny7lD2vmFZy79Iuw cloud.google.com/go v0.100.2/go.mod h1:4Xra9TjzAeYHrl5+oeLlzbM2k3mjVhZh4UqTZ//w99A= cloud.google.com/go v0.102.0/go.mod h1:oWcCzKlqJ5zgHQt9YsaeTY9KzIvjyy0ArmiBUgpQ+nc= cloud.google.com/go v0.102.1/go.mod h1:XZ77E9qnTEnrgEOvr4xzfdX5TRo7fB4T2F4O6+34hIU= +cloud.google.com/go v0.103.0/go.mod h1:vwLx1nqLrzLX/fpwSMOXmFIqBOyHsvHbnAdbGSJ+mKk= cloud.google.com/go v0.104.0/go.mod h1:OO6xxXdJyvuJPcEPBLN9BJPD+jep5G1+2U5B5gkRYtA= cloud.google.com/go v0.105.0/go.mod h1:PrLgOJNe5nfE9UMxKxgXj4mD3voiP+YQ6gdt6KMFOKM= cloud.google.com/go v0.107.0/go.mod h1:wpc2eNrD7hXUTy8EKS10jkxpZBjASrORK7goS+3YX2I= cloud.google.com/go v0.110.0/go.mod h1:SJnCLqQ0FCFGSZMUNUf84MV3Aia54kn7pi8st7tMzaY= -cloud.google.com/go v0.110.2/go.mod h1:k04UEeEtb6ZBRTv3dZz4CeJC3jKGxyhl0sAiVVquxiw= -cloud.google.com/go v0.110.4/go.mod h1:+EYjdK8e5RME/VY/qLCAtuyALQ9q67dvuum8i+H5xsI= -cloud.google.com/go v0.110.6/go.mod h1:+EYjdK8e5RME/VY/qLCAtuyALQ9q67dvuum8i+H5xsI= -cloud.google.com/go v0.110.7/go.mod h1:+EYjdK8e5RME/VY/qLCAtuyALQ9q67dvuum8i+H5xsI= cloud.google.com/go v0.110.8 h1:tyNdfIxjzaWctIiLYOTalaLKZ17SI44SKFW26QbOhME= cloud.google.com/go v0.110.8/go.mod h1:Iz8AkXJf1qmxC3Oxoep8R1T36w8B92yU29PcBhHO5fk= cloud.google.com/go/accessapproval v1.4.0/go.mod h1:zybIuC3KpDOvotz59lFe5qxRZx6C75OtwbisN56xYB4= cloud.google.com/go/accessapproval v1.5.0/go.mod h1:HFy3tuiGvMdcd/u+Cu5b9NkO1pEICJ46IR82PoUdplw= cloud.google.com/go/accessapproval v1.6.0/go.mod h1:R0EiYnwV5fsRFiKZkPHr6mwyk2wxUJ30nL4j2pcFY2E= -cloud.google.com/go/accessapproval v1.7.1/go.mod h1:JYczztsHRMK7NTXb6Xw+dwbs/WnOJxbo/2mTI+Kgg68= cloud.google.com/go/accesscontextmanager v1.3.0/go.mod h1:TgCBehyr5gNMz7ZaH9xubp+CE8dkrszb4oK9CWyvD4o= cloud.google.com/go/accesscontextmanager v1.4.0/go.mod h1:/Kjh7BBu/Gh83sv+K60vN9QE5NJcd80sU33vIe2IFPE= cloud.google.com/go/accesscontextmanager v1.6.0/go.mod h1:8XCvZWfYw3K/ji0iVnp+6pu7huxoQTLmxAbVjbloTtM= cloud.google.com/go/accesscontextmanager v1.7.0/go.mod h1:CEGLewx8dwa33aDAZQujl7Dx+uYhS0eay198wB/VumQ= -cloud.google.com/go/accesscontextmanager v1.8.0/go.mod h1:uI+AI/r1oyWK99NN8cQ3UK76AMelMzgZCvJfsi2c+ps= -cloud.google.com/go/accesscontextmanager v1.8.1/go.mod h1:JFJHfvuaTC+++1iL1coPiG1eu5D24db2wXCDWDjIrxo= cloud.google.com/go/aiplatform v1.22.0/go.mod h1:ig5Nct50bZlzV6NvKaTwmplLLddFx0YReh9WfTO5jKw= cloud.google.com/go/aiplatform v1.24.0/go.mod h1:67UUvRBKG6GTayHKV8DBv2RtR1t93YRu5B1P3x99mYY= cloud.google.com/go/aiplatform v1.27.0/go.mod h1:Bvxqtl40l0WImSb04d0hXFU7gDOiq9jQmorivIiWcKg= cloud.google.com/go/aiplatform v1.35.0/go.mod h1:7MFT/vCaOyZT/4IIFfxH4ErVg/4ku6lKv3w0+tFTgXQ= cloud.google.com/go/aiplatform v1.36.1/go.mod h1:WTm12vJRPARNvJ+v6P52RDHCNe4AhvjcIZ/9/RRHy/k= cloud.google.com/go/aiplatform v1.37.0/go.mod h1:IU2Cv29Lv9oCn/9LkFiiuKfwrRTq+QQMbW+hPCxJGZw= -cloud.google.com/go/aiplatform v1.45.0/go.mod h1:Iu2Q7sC7QGhXUeOhAj/oCK9a+ULz1O4AotZiqjQ8MYA= -cloud.google.com/go/aiplatform v1.48.0/go.mod h1:Iu2Q7sC7QGhXUeOhAj/oCK9a+ULz1O4AotZiqjQ8MYA= -cloud.google.com/go/aiplatform v1.50.0/go.mod h1:IRc2b8XAMTa9ZmfJV1BCCQbieWWvDnP1A8znyz5N7y4= cloud.google.com/go/analytics v0.11.0/go.mod h1:DjEWCu41bVbYcKyvlws9Er60YE4a//bK6mnhWvQeFNI= cloud.google.com/go/analytics v0.12.0/go.mod h1:gkfj9h6XRf9+TS4bmuhPEShsh3hH8PAZzm/41OOhQd4= cloud.google.com/go/analytics v0.17.0/go.mod h1:WXFa3WSym4IZ+JiKmavYdJwGG/CvpqiqczmL59bTD9M= cloud.google.com/go/analytics v0.18.0/go.mod h1:ZkeHGQlcIPkw0R/GW+boWHhCOR43xz9RN/jn7WcqfIE= cloud.google.com/go/analytics v0.19.0/go.mod h1:k8liqf5/HCnOUkbawNtrWWc+UAzyDlW89doe8TtoDsE= -cloud.google.com/go/analytics v0.21.2/go.mod h1:U8dcUtmDmjrmUTnnnRnI4m6zKn/yaA5N9RlEkYFHpQo= -cloud.google.com/go/analytics v0.21.3/go.mod h1:U8dcUtmDmjrmUTnnnRnI4m6zKn/yaA5N9RlEkYFHpQo= cloud.google.com/go/apigateway v1.3.0/go.mod h1:89Z8Bhpmxu6AmUxuVRg/ECRGReEdiP3vQtk4Z1J9rJk= cloud.google.com/go/apigateway v1.4.0/go.mod h1:pHVY9MKGaH9PQ3pJ4YLzoj6U5FUDeDFBllIz7WmzJoc= cloud.google.com/go/apigateway v1.5.0/go.mod h1:GpnZR3Q4rR7LVu5951qfXPJCHquZt02jf7xQx7kpqN8= -cloud.google.com/go/apigateway v1.6.1/go.mod h1:ufAS3wpbRjqfZrzpvLC2oh0MFlpRJm2E/ts25yyqmXA= cloud.google.com/go/apigeeconnect v1.3.0/go.mod h1:G/AwXFAKo0gIXkPTVfZDd2qA1TxBXJ3MgMRBQkIi9jc= cloud.google.com/go/apigeeconnect v1.4.0/go.mod h1:kV4NwOKqjvt2JYR0AoIWo2QGfoRtn/pkS3QlHp0Ni04= cloud.google.com/go/apigeeconnect v1.5.0/go.mod h1:KFaCqvBRU6idyhSNyn3vlHXc8VMDJdRmwDF6JyFRqZ8= -cloud.google.com/go/apigeeconnect v1.6.1/go.mod h1:C4awq7x0JpLtrlQCr8AzVIzAaYgngRqWf9S5Uhg+wWs= cloud.google.com/go/apigeeregistry v0.4.0/go.mod h1:EUG4PGcsZvxOXAdyEghIdXwAEi/4MEaoqLMLDMIwKXY= cloud.google.com/go/apigeeregistry v0.5.0/go.mod h1:YR5+s0BVNZfVOUkMa5pAR2xGd0A473vA5M7j247o1wM= cloud.google.com/go/apigeeregistry v0.6.0/go.mod h1:BFNzW7yQVLZ3yj0TKcwzb8n25CFBri51GVGOEUcgQsc= -cloud.google.com/go/apigeeregistry v0.7.1/go.mod h1:1XgyjZye4Mqtw7T9TsY4NW10U7BojBvG4RMD+vRDrIw= cloud.google.com/go/apikeys v0.4.0/go.mod h1:XATS/yqZbaBK0HOssf+ALHp8jAlNHUgyfprvNcBIszU= cloud.google.com/go/apikeys v0.5.0/go.mod h1:5aQfwY4D+ewMMWScd3hm2en3hCj+BROlyrt3ytS7KLI= cloud.google.com/go/apikeys v0.6.0/go.mod h1:kbpXu5upyiAlGkKrJgQl8A0rKNNJ7dQ377pdroRSSi8= @@ -97,12 +77,10 @@ cloud.google.com/go/appengine v1.5.0/go.mod h1:TfasSozdkFI0zeoxW3PTBLiNqRmzraodC cloud.google.com/go/appengine v1.6.0/go.mod h1:hg6i0J/BD2cKmDJbaFSYHFyZkgBEfQrDg/X0V5fJn84= cloud.google.com/go/appengine v1.7.0/go.mod h1:eZqpbHFCqRGa2aCdope7eC0SWLV1j0neb/QnMJVWx6A= cloud.google.com/go/appengine v1.7.1/go.mod h1:IHLToyb/3fKutRysUlFO0BPt5j7RiQ45nrzEJmKTo6E= -cloud.google.com/go/appengine v1.8.1/go.mod h1:6NJXGLVhZCN9aQ/AEDvmfzKEfoYBlfB80/BHiKVputY= cloud.google.com/go/area120 v0.5.0/go.mod h1:DE/n4mp+iqVyvxHN41Vf1CR602GiHQjFPusMFW6bGR4= cloud.google.com/go/area120 v0.6.0/go.mod h1:39yFJqWVgm0UZqWTOdqkLhjoC7uFfgXRC8g/ZegeAh0= cloud.google.com/go/area120 v0.7.0/go.mod h1:a3+8EUD1SX5RUcCs3MY5YasiO1z6yLiNLRiFrykbynY= cloud.google.com/go/area120 v0.7.1/go.mod h1:j84i4E1RboTWjKtZVWXPqvK5VHQFJRF2c1Nm69pWm9k= -cloud.google.com/go/area120 v0.8.1/go.mod h1:BVfZpGpB7KFVNxPiQBuHkX6Ed0rS51xIgmGyjrAfzsg= cloud.google.com/go/artifactregistry v1.6.0/go.mod h1:IYt0oBPSAGYj/kprzsBjZ/4LnG/zOcHyFHjWPCi6SAQ= cloud.google.com/go/artifactregistry v1.7.0/go.mod h1:mqTOFOnGZx8EtSqK/ZWcsm/4U8B77rbcLP6ruDU2Ixk= cloud.google.com/go/artifactregistry v1.8.0/go.mod h1:w3GQXkJX8hiKN0v+at4b0qotwijQbYUqF2GWkZzAhC0= @@ -111,7 +89,6 @@ cloud.google.com/go/artifactregistry v1.11.1/go.mod h1:lLYghw+Itq9SONbCa1YWBoWs1 cloud.google.com/go/artifactregistry v1.11.2/go.mod h1:nLZns771ZGAwVLzTX/7Al6R9ehma4WUEhZGWV6CeQNQ= cloud.google.com/go/artifactregistry v1.12.0/go.mod h1:o6P3MIvtzTOnmvGagO9v/rOjjA0HmhJ+/6KAXrmYDCI= cloud.google.com/go/artifactregistry v1.13.0/go.mod h1:uy/LNfoOIivepGhooAUpL1i30Hgee3Cu0l4VTWHUC08= -cloud.google.com/go/artifactregistry v1.14.1/go.mod h1:nxVdG19jTaSTu7yA7+VbWL346r3rIdkZ142BSQqhn5E= cloud.google.com/go/asset v1.5.0/go.mod h1:5mfs8UvcM5wHhqtSv8J1CtxxaQq3AdBxxQi2jGW/K4o= cloud.google.com/go/asset v1.7.0/go.mod h1:YbENsRK4+xTiL+Ofoj5Ckf+O17kJtgp3Y3nn4uzZz5s= cloud.google.com/go/asset v1.8.0/go.mod h1:mUNGKhiqIdbr8X7KNayoYvyc4HbbFO9URsjbytpUaW0= @@ -120,36 +97,27 @@ cloud.google.com/go/asset v1.10.0/go.mod h1:pLz7uokL80qKhzKr4xXGvBQXnzHn5evJAEAt cloud.google.com/go/asset v1.11.1/go.mod h1:fSwLhbRvC9p9CXQHJ3BgFeQNM4c9x10lqlrdEUYXlJo= cloud.google.com/go/asset v1.12.0/go.mod h1:h9/sFOa4eDIyKmH6QMpm4eUK3pDojWnUhTgJlk762Hg= cloud.google.com/go/asset v1.13.0/go.mod h1:WQAMyYek/b7NBpYq/K4KJWcRqzoalEsxz/t/dTk4THw= -cloud.google.com/go/asset v1.14.1/go.mod h1:4bEJ3dnHCqWCDbWJ/6Vn7GVI9LerSi7Rfdi03hd+WTQ= cloud.google.com/go/assuredworkloads v1.5.0/go.mod h1:n8HOZ6pff6re5KYfBXcFvSViQjDwxFkAkmUFffJRbbY= cloud.google.com/go/assuredworkloads v1.6.0/go.mod h1:yo2YOk37Yc89Rsd5QMVECvjaMKymF9OP+QXWlKXUkXw= cloud.google.com/go/assuredworkloads v1.7.0/go.mod h1:z/736/oNmtGAyU47reJgGN+KVoYoxeLBoj4XkKYscNI= cloud.google.com/go/assuredworkloads v1.8.0/go.mod h1:AsX2cqyNCOvEQC8RMPnoc0yEarXQk6WEKkxYfL6kGIo= cloud.google.com/go/assuredworkloads v1.9.0/go.mod h1:kFuI1P78bplYtT77Tb1hi0FMxM0vVpRC7VVoJC3ZoT0= cloud.google.com/go/assuredworkloads v1.10.0/go.mod h1:kwdUQuXcedVdsIaKgKTp9t0UJkE5+PAVNhdQm4ZVq2E= -cloud.google.com/go/assuredworkloads v1.11.1/go.mod h1:+F04I52Pgn5nmPG36CWFtxmav6+7Q+c5QyJoL18Lry0= cloud.google.com/go/automl v1.5.0/go.mod h1:34EjfoFGMZ5sgJ9EoLsRtdPSNZLcfflJR39VbVNS2M0= cloud.google.com/go/automl v1.6.0/go.mod h1:ugf8a6Fx+zP0D59WLhqgTDsQI9w07o64uf/Is3Nh5p8= cloud.google.com/go/automl v1.7.0/go.mod h1:RL9MYCCsJEOmt0Wf3z9uzG0a7adTT1fe+aObgSpkCt8= cloud.google.com/go/automl v1.8.0/go.mod h1:xWx7G/aPEe/NP+qzYXktoBSDfjO+vnKMGgsApGJJquM= cloud.google.com/go/automl v1.12.0/go.mod h1:tWDcHDp86aMIuHmyvjuKeeHEGq76lD7ZqfGLN6B0NuU= -cloud.google.com/go/automl v1.13.1/go.mod h1:1aowgAHWYZU27MybSCFiukPO7xnyawv7pt3zK4bheQE= cloud.google.com/go/baremetalsolution v0.3.0/go.mod h1:XOrocE+pvK1xFfleEnShBlNAXf+j5blPPxrhjKgnIFc= cloud.google.com/go/baremetalsolution v0.4.0/go.mod h1:BymplhAadOO/eBa7KewQ0Ppg4A4Wplbn+PsFKRLo0uI= cloud.google.com/go/baremetalsolution v0.5.0/go.mod h1:dXGxEkmR9BMwxhzBhV0AioD0ULBmuLZI8CdwalUxuss= -cloud.google.com/go/baremetalsolution v1.1.1/go.mod h1:D1AV6xwOksJMV4OSlWHtWuFNZZYujJknMAP4Qa27QIA= -cloud.google.com/go/baremetalsolution v1.2.0/go.mod h1:68wi9AwPYkEWIUT4SvSGS9UJwKzNpshjHsH4lzk8iOw= cloud.google.com/go/batch v0.3.0/go.mod h1:TR18ZoAekj1GuirsUsR1ZTKN3FC/4UDnScjT8NXImFE= cloud.google.com/go/batch v0.4.0/go.mod h1:WZkHnP43R/QCGQsZ+0JyG4i79ranE2u8xvjq/9+STPE= cloud.google.com/go/batch v0.7.0/go.mod h1:vLZN95s6teRUqRQ4s3RLDsH8PvboqBK+rn1oevL159g= -cloud.google.com/go/batch v1.3.1/go.mod h1:VguXeQKXIYaeeIYbuozUmBR13AfL4SJP7IltNPS+A4A= -cloud.google.com/go/batch v1.4.1/go.mod h1:KdBmDD61K0ovcxoRHGrN6GmOBWeAOyCgKD0Mugx4Fkk= cloud.google.com/go/beyondcorp v0.2.0/go.mod h1:TB7Bd+EEtcw9PCPQhCJtJGjk/7TC6ckmnSFS+xwTfm4= cloud.google.com/go/beyondcorp v0.3.0/go.mod h1:E5U5lcrcXMsCuoDNyGrpyTm/hn7ne941Jz2vmksAxW8= cloud.google.com/go/beyondcorp v0.4.0/go.mod h1:3ApA0mbhHx6YImmuubf5pyW8srKnCEPON32/5hj+RmM= cloud.google.com/go/beyondcorp v0.5.0/go.mod h1:uFqj9X+dSfrheVp7ssLTaRHd2EHqSL4QZmH4e8WXGGU= -cloud.google.com/go/beyondcorp v0.6.1/go.mod h1:YhxDWw946SCbmcWo3fAhw3V4XZMSpQ/VYfcKGAEU8/4= -cloud.google.com/go/beyondcorp v1.0.0/go.mod h1:YhxDWw946SCbmcWo3fAhw3V4XZMSpQ/VYfcKGAEU8/4= cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc= @@ -163,55 +131,38 @@ cloud.google.com/go/bigquery v1.47.0/go.mod h1:sA9XOgy0A8vQK9+MWhEQTY6Tix87M/Zur cloud.google.com/go/bigquery v1.48.0/go.mod h1:QAwSz+ipNgfL5jxiaK7weyOhzdoAy1zFm0Nf1fysJac= cloud.google.com/go/bigquery v1.49.0/go.mod h1:Sv8hMmTFFYBlt/ftw2uN6dFdQPzBlREY9yBh7Oy7/4Q= cloud.google.com/go/bigquery v1.50.0/go.mod h1:YrleYEh2pSEbgTBZYMJ5SuSr0ML3ypjRB1zgf7pvQLU= -cloud.google.com/go/bigquery v1.52.0/go.mod h1:3b/iXjRQGU4nKa87cXeg6/gogLjO8C6PmuM8i5Bi/u4= -cloud.google.com/go/bigquery v1.53.0/go.mod h1:3b/iXjRQGU4nKa87cXeg6/gogLjO8C6PmuM8i5Bi/u4= -cloud.google.com/go/bigquery v1.55.0/go.mod h1:9Y5I3PN9kQWuid6183JFhOGOW3GcirA5LpsKCUn+2ec= cloud.google.com/go/billing v1.4.0/go.mod h1:g9IdKBEFlItS8bTtlrZdVLWSSdSyFUZKXNS02zKMOZY= cloud.google.com/go/billing v1.5.0/go.mod h1:mztb1tBc3QekhjSgmpf/CV4LzWXLzCArwpLmP2Gm88s= cloud.google.com/go/billing v1.6.0/go.mod h1:WoXzguj+BeHXPbKfNWkqVtDdzORazmCjraY+vrxcyvI= cloud.google.com/go/billing v1.7.0/go.mod h1:q457N3Hbj9lYwwRbnlD7vUpyjq6u5U1RAOArInEiD5Y= cloud.google.com/go/billing v1.12.0/go.mod h1:yKrZio/eu+okO/2McZEbch17O5CB5NpZhhXG6Z766ss= cloud.google.com/go/billing v1.13.0/go.mod h1:7kB2W9Xf98hP9Sr12KfECgfGclsH3CQR0R08tnRlRbc= -cloud.google.com/go/billing v1.16.0/go.mod h1:y8vx09JSSJG02k5QxbycNRrN7FGZB6F3CAcgum7jvGA= -cloud.google.com/go/billing v1.17.0/go.mod h1:Z9+vZXEq+HwH7bhJkyI4OQcR6TSbeMrjlpEjO2vzY64= cloud.google.com/go/binaryauthorization v1.1.0/go.mod h1:xwnoWu3Y84jbuHa0zd526MJYmtnVXn0syOjaJgy4+dM= cloud.google.com/go/binaryauthorization v1.2.0/go.mod h1:86WKkJHtRcv5ViNABtYMhhNWRrD1Vpi//uKEy7aYEfI= cloud.google.com/go/binaryauthorization v1.3.0/go.mod h1:lRZbKgjDIIQvzYQS1p99A7/U1JqvqeZg0wiI5tp6tg0= cloud.google.com/go/binaryauthorization v1.4.0/go.mod h1:tsSPQrBd77VLplV70GUhBf/Zm3FsKmgSqgm4UmiDItk= cloud.google.com/go/binaryauthorization v1.5.0/go.mod h1:OSe4OU1nN/VswXKRBmciKpo9LulY41gch5c68htf3/Q= -cloud.google.com/go/binaryauthorization v1.6.1/go.mod h1:TKt4pa8xhowwffiBmbrbcxijJRZED4zrqnwZ1lKH51U= -cloud.google.com/go/binaryauthorization v1.7.0/go.mod h1:Zn+S6QqTMn6odcMU1zDZCJxPjU2tZPV1oDl45lWY154= cloud.google.com/go/certificatemanager v1.3.0/go.mod h1:n6twGDvcUBFu9uBgt4eYvvf3sQ6My8jADcOVwHmzadg= cloud.google.com/go/certificatemanager v1.4.0/go.mod h1:vowpercVFyqs8ABSmrdV+GiFf2H/ch3KyudYQEMM590= cloud.google.com/go/certificatemanager v1.6.0/go.mod h1:3Hh64rCKjRAX8dXgRAyOcY5vQ/fE1sh8o+Mdd6KPgY8= -cloud.google.com/go/certificatemanager v1.7.1/go.mod h1:iW8J3nG6SaRYImIa+wXQ0g8IgoofDFRp5UMzaNk1UqI= cloud.google.com/go/channel v1.8.0/go.mod h1:W5SwCXDJsq/rg3tn3oG0LOxpAo6IMxNa09ngphpSlnk= cloud.google.com/go/channel v1.9.0/go.mod h1:jcu05W0my9Vx4mt3/rEHpfxc9eKi9XwsdDL8yBMbKUk= cloud.google.com/go/channel v1.11.0/go.mod h1:IdtI0uWGqhEeatSB62VOoJ8FSUhJ9/+iGkJVqp74CGE= cloud.google.com/go/channel v1.12.0/go.mod h1:VkxCGKASi4Cq7TbXxlaBezonAYpp1GCnKMY6tnMQnLU= -cloud.google.com/go/channel v1.16.0/go.mod h1:eN/q1PFSl5gyu0dYdmxNXscY/4Fi7ABmeHCJNf/oHmc= -cloud.google.com/go/channel v1.17.0/go.mod h1:RpbhJsGi/lXWAUM1eF4IbQGbsfVlg2o8Iiy2/YLfVT0= cloud.google.com/go/cloudbuild v1.3.0/go.mod h1:WequR4ULxlqvMsjDEEEFnOG5ZSRSgWOywXYDb1vPE6U= cloud.google.com/go/cloudbuild v1.4.0/go.mod h1:5Qwa40LHiOXmz3386FrjrYM93rM/hdRr7b53sySrTqA= cloud.google.com/go/cloudbuild v1.6.0/go.mod h1:UIbc/w9QCbH12xX+ezUsgblrWv+Cv4Tw83GiSMHOn9M= cloud.google.com/go/cloudbuild v1.7.0/go.mod h1:zb5tWh2XI6lR9zQmsm1VRA+7OCuve5d8S+zJUul8KTg= cloud.google.com/go/cloudbuild v1.9.0/go.mod h1:qK1d7s4QlO0VwfYn5YuClDGg2hfmLZEb4wQGAbIgL1s= -cloud.google.com/go/cloudbuild v1.10.1/go.mod h1:lyJg7v97SUIPq4RC2sGsz/9tNczhyv2AjML/ci4ulzU= -cloud.google.com/go/cloudbuild v1.13.0/go.mod h1:lyJg7v97SUIPq4RC2sGsz/9tNczhyv2AjML/ci4ulzU= -cloud.google.com/go/cloudbuild v1.14.0/go.mod h1:lyJg7v97SUIPq4RC2sGsz/9tNczhyv2AjML/ci4ulzU= cloud.google.com/go/clouddms v1.3.0/go.mod h1:oK6XsCDdW4Ib3jCCBugx+gVjevp2TMXFtgxvPSee3OM= cloud.google.com/go/clouddms v1.4.0/go.mod h1:Eh7sUGCC+aKry14O1NRljhjyrr0NFC0G2cjwX0cByRk= cloud.google.com/go/clouddms v1.5.0/go.mod h1:QSxQnhikCLUw13iAbffF2CZxAER3xDGNHjsTAkQJcQA= -cloud.google.com/go/clouddms v1.6.1/go.mod h1:Ygo1vL52Ov4TBZQquhz5fiw2CQ58gvu+PlS6PVXCpZI= -cloud.google.com/go/clouddms v1.7.0/go.mod h1:MW1dC6SOtI/tPNCciTsXtsGNEM0i0OccykPvv3hiYeM= cloud.google.com/go/cloudtasks v1.5.0/go.mod h1:fD92REy1x5woxkKEkLdvavGnPJGEn8Uic9nWuLzqCpY= cloud.google.com/go/cloudtasks v1.6.0/go.mod h1:C6Io+sxuke9/KNRkbQpihnW93SWDU3uXt92nu85HkYI= cloud.google.com/go/cloudtasks v1.7.0/go.mod h1:ImsfdYWwlWNJbdgPIIGJWC+gemEGTBK/SunNQQNCAb4= cloud.google.com/go/cloudtasks v1.8.0/go.mod h1:gQXUIwCSOI4yPVK7DgTVFiiP0ZW/eQkydWzwVMdHxrI= cloud.google.com/go/cloudtasks v1.9.0/go.mod h1:w+EyLsVkLWHcOaqNEyvcKAsWp9p29dL6uL9Nst1cI7Y= cloud.google.com/go/cloudtasks v1.10.0/go.mod h1:NDSoTLkZ3+vExFEWu2UJV1arUyzVDAiZtdWcsUyNwBs= -cloud.google.com/go/cloudtasks v1.11.1/go.mod h1:a9udmnou9KO2iulGscKR0qBYjreuX8oHwpmFsKspEvM= -cloud.google.com/go/cloudtasks v1.12.1/go.mod h1:a9udmnou9KO2iulGscKR0qBYjreuX8oHwpmFsKspEvM= cloud.google.com/go/compute v0.1.0/go.mod h1:GAesmwr110a34z04OlxYkATPBEfVhkymfTBXtfbBFow= cloud.google.com/go/compute v1.3.0/go.mod h1:cCZiE1NHEtai4wiufUhW8I8S1JKkAnhnQJWM7YD99wM= cloud.google.com/go/compute v1.5.0/go.mod h1:9SMHyhJlzhlkJqrPAc839t2BZFTSk6Jdj6mkzQJeu0M= @@ -227,9 +178,6 @@ cloud.google.com/go/compute v1.15.1/go.mod h1:bjjoF/NtFUrkD/urWfdHaKuOPDR5nWIs63 cloud.google.com/go/compute v1.18.0/go.mod h1:1X7yHxec2Ga+Ss6jPyjxRxpu2uu7PLgsOVXvgU0yacs= cloud.google.com/go/compute v1.19.0/go.mod h1:rikpw2y+UMidAe9tISo04EHNOIf42RLYF/q8Bs93scU= cloud.google.com/go/compute v1.19.1/go.mod h1:6ylj3a05WF8leseCdIf77NK0g1ey+nj5IKd5/kvShxE= -cloud.google.com/go/compute v1.19.3/go.mod h1:qxvISKp/gYnXkSAD1ppcSOveRAmzxicEv/JlizULFrI= -cloud.google.com/go/compute v1.20.1/go.mod h1:4tCnrn48xsqlwSAiLf1HXMQk8CONslYbdiEZc9FEIbM= -cloud.google.com/go/compute v1.21.0/go.mod h1:4tCnrn48xsqlwSAiLf1HXMQk8CONslYbdiEZc9FEIbM= cloud.google.com/go/compute v1.23.0 h1:tP41Zoavr8ptEqaW6j+LQOnyBBhO7OkOMAGrgLopTwY= cloud.google.com/go/compute v1.23.0/go.mod h1:4tCnrn48xsqlwSAiLf1HXMQk8CONslYbdiEZc9FEIbM= cloud.google.com/go/compute/metadata v0.1.0/go.mod h1:Z1VN+bulIf6bt4P/C37K4DyZYZEXYonfTBHHFPO/4UU= @@ -240,22 +188,15 @@ cloud.google.com/go/compute/metadata v0.2.3/go.mod h1:VAV5nSsACxMJvgaAuX6Pk2Aawl cloud.google.com/go/contactcenterinsights v1.3.0/go.mod h1:Eu2oemoePuEFc/xKFPjbTuPSj0fYJcPls9TFlPNnHHY= cloud.google.com/go/contactcenterinsights v1.4.0/go.mod h1:L2YzkGbPsv+vMQMCADxJoT9YiTTnSEd6fEvCeHTYVck= cloud.google.com/go/contactcenterinsights v1.6.0/go.mod h1:IIDlT6CLcDoyv79kDv8iWxMSTZhLxSCofVV5W6YFM/w= -cloud.google.com/go/contactcenterinsights v1.9.1/go.mod h1:bsg/R7zGLYMVxFFzfh9ooLTruLRCG9fnzhH9KznHhbM= -cloud.google.com/go/contactcenterinsights v1.10.0/go.mod h1:bsg/R7zGLYMVxFFzfh9ooLTruLRCG9fnzhH9KznHhbM= cloud.google.com/go/container v1.6.0/go.mod h1:Xazp7GjJSeUYo688S+6J5V+n/t+G5sKBTFkKNudGRxg= cloud.google.com/go/container v1.7.0/go.mod h1:Dp5AHtmothHGX3DwwIHPgq45Y8KmNsgN3amoYfxVkLo= cloud.google.com/go/container v1.13.1/go.mod h1:6wgbMPeQRw9rSnKBCAJXnds3Pzj03C4JHamr8asWKy4= cloud.google.com/go/container v1.14.0/go.mod h1:3AoJMPhHfLDxLvrlVWaK57IXzaPnLaZq63WX59aQBfM= cloud.google.com/go/container v1.15.0/go.mod h1:ft+9S0WGjAyjDggg5S06DXj+fHJICWg8L7isCQe9pQA= -cloud.google.com/go/container v1.22.1/go.mod h1:lTNExE2R7f+DLbAN+rJiKTisauFCaoDq6NURZ83eVH4= -cloud.google.com/go/container v1.24.0/go.mod h1:lTNExE2R7f+DLbAN+rJiKTisauFCaoDq6NURZ83eVH4= -cloud.google.com/go/container v1.26.0/go.mod h1:YJCmRet6+6jnYYRS000T6k0D0xUXQgBSaJ7VwI8FBj4= cloud.google.com/go/containeranalysis v0.5.1/go.mod h1:1D92jd8gRR/c0fGMlymRgxWD3Qw9C1ff6/T7mLgVL8I= cloud.google.com/go/containeranalysis v0.6.0/go.mod h1:HEJoiEIu+lEXM+k7+qLCci0h33lX3ZqoYFdmPcoO7s4= cloud.google.com/go/containeranalysis v0.7.0/go.mod h1:9aUL+/vZ55P2CXfuZjS4UjQ9AgXoSw8Ts6lemfmxBxI= cloud.google.com/go/containeranalysis v0.9.0/go.mod h1:orbOANbwk5Ejoom+s+DUCTTJ7IBdBQJDcSylAx/on9s= -cloud.google.com/go/containeranalysis v0.10.1/go.mod h1:Ya2jiILITMY68ZLPaogjmOMNkwsDrWBSTyBubGXO7j0= -cloud.google.com/go/containeranalysis v0.11.0/go.mod h1:4n2e99ZwpGxpNcz+YsFT1dfOHPQFGcAC8FN2M2/ne/U= cloud.google.com/go/datacatalog v1.3.0/go.mod h1:g9svFY6tuR+j+hrTw3J2dNcmI0dzmSiyOzm8kpLq0a0= cloud.google.com/go/datacatalog v1.5.0/go.mod h1:M7GPLNQeLfWqeIm3iuiruhPzkt65+Bx8dAKvScX8jvs= cloud.google.com/go/datacatalog v1.6.0/go.mod h1:+aEyF8JKg+uXcIdAmmaMUmZ3q1b/lKLtXCmXdnc0lbc= @@ -264,66 +205,44 @@ cloud.google.com/go/datacatalog v1.8.0/go.mod h1:KYuoVOv9BM8EYz/4eMFxrr4DUKhGIOX cloud.google.com/go/datacatalog v1.8.1/go.mod h1:RJ58z4rMp3gvETA465Vg+ag8BGgBdnRPEMMSTr5Uv+M= cloud.google.com/go/datacatalog v1.12.0/go.mod h1:CWae8rFkfp6LzLumKOnmVh4+Zle4A3NXLzVJ1d1mRm0= cloud.google.com/go/datacatalog v1.13.0/go.mod h1:E4Rj9a5ZtAxcQJlEBTLgMTphfP11/lNaAshpoBgemX8= -cloud.google.com/go/datacatalog v1.14.0/go.mod h1:h0PrGtlihoutNMp/uvwhawLQ9+c63Kz65UFqh49Yo+E= -cloud.google.com/go/datacatalog v1.14.1/go.mod h1:d2CevwTG4yedZilwe+v3E3ZBDRMobQfSG/a6cCCN5R4= -cloud.google.com/go/datacatalog v1.16.0/go.mod h1:d2CevwTG4yedZilwe+v3E3ZBDRMobQfSG/a6cCCN5R4= -cloud.google.com/go/datacatalog v1.17.1/go.mod h1:nCSYFHgtxh2MiEktWIz71s/X+7ds/UT9kp0PC7waCzE= cloud.google.com/go/dataflow v0.6.0/go.mod h1:9QwV89cGoxjjSR9/r7eFDqqjtvbKxAK2BaYU6PVk9UM= cloud.google.com/go/dataflow v0.7.0/go.mod h1:PX526vb4ijFMesO1o202EaUmouZKBpjHsTlCtB4parQ= cloud.google.com/go/dataflow v0.8.0/go.mod h1:Rcf5YgTKPtQyYz8bLYhFoIV/vP39eL7fWNcSOyFfLJE= -cloud.google.com/go/dataflow v0.9.1/go.mod h1:Wp7s32QjYuQDWqJPFFlnBKhkAtiFpMTdg00qGbnIHVw= cloud.google.com/go/dataform v0.3.0/go.mod h1:cj8uNliRlHpa6L3yVhDOBrUXH+BPAO1+KFMQQNSThKo= cloud.google.com/go/dataform v0.4.0/go.mod h1:fwV6Y4Ty2yIFL89huYlEkwUPtS7YZinZbzzj5S9FzCE= cloud.google.com/go/dataform v0.5.0/go.mod h1:GFUYRe8IBa2hcomWplodVmUx/iTL0FrsauObOM3Ipr0= cloud.google.com/go/dataform v0.6.0/go.mod h1:QPflImQy33e29VuapFdf19oPbE4aYTJxr31OAPV+ulA= cloud.google.com/go/dataform v0.7.0/go.mod h1:7NulqnVozfHvWUBpMDfKMUESr+85aJsC/2O0o3jWPDE= -cloud.google.com/go/dataform v0.8.1/go.mod h1:3BhPSiw8xmppbgzeBbmDvmSWlwouuJkXsXsb8UBih9M= cloud.google.com/go/datafusion v1.4.0/go.mod h1:1Zb6VN+W6ALo85cXnM1IKiPw+yQMKMhB9TsTSRDo/38= cloud.google.com/go/datafusion v1.5.0/go.mod h1:Kz+l1FGHB0J+4XF2fud96WMmRiq/wj8N9u007vyXZ2w= cloud.google.com/go/datafusion v1.6.0/go.mod h1:WBsMF8F1RhSXvVM8rCV3AeyWVxcC2xY6vith3iw3S+8= -cloud.google.com/go/datafusion v1.7.1/go.mod h1:KpoTBbFmoToDExJUso/fcCiguGDk7MEzOWXUsJo0wsI= cloud.google.com/go/datalabeling v0.5.0/go.mod h1:TGcJ0G2NzcsXSE/97yWjIZO0bXj0KbVlINXMG9ud42I= cloud.google.com/go/datalabeling v0.6.0/go.mod h1:WqdISuk/+WIGeMkpw/1q7bK/tFEZxsrFJOJdY2bXvTQ= cloud.google.com/go/datalabeling v0.7.0/go.mod h1:WPQb1y08RJbmpM3ww0CSUAGweL0SxByuW2E+FU+wXcM= -cloud.google.com/go/datalabeling v0.8.1/go.mod h1:XS62LBSVPbYR54GfYQsPXZjTW8UxCK2fkDciSrpRFdY= cloud.google.com/go/dataplex v1.3.0/go.mod h1:hQuRtDg+fCiFgC8j0zV222HvzFQdRd+SVX8gdmFcZzA= cloud.google.com/go/dataplex v1.4.0/go.mod h1:X51GfLXEMVJ6UN47ESVqvlsRplbLhcsAt0kZCCKsU0A= cloud.google.com/go/dataplex v1.5.2/go.mod h1:cVMgQHsmfRoI5KFYq4JtIBEUbYwc3c7tXmIDhRmNNVQ= cloud.google.com/go/dataplex v1.6.0/go.mod h1:bMsomC/aEJOSpHXdFKFGQ1b0TDPIeL28nJObeO1ppRs= -cloud.google.com/go/dataplex v1.8.1/go.mod h1:7TyrDT6BCdI8/38Uvp0/ZxBslOslP2X2MPDucliyvSE= -cloud.google.com/go/dataplex v1.9.0/go.mod h1:7TyrDT6BCdI8/38Uvp0/ZxBslOslP2X2MPDucliyvSE= -cloud.google.com/go/dataplex v1.9.1/go.mod h1:7TyrDT6BCdI8/38Uvp0/ZxBslOslP2X2MPDucliyvSE= cloud.google.com/go/dataproc v1.7.0/go.mod h1:CKAlMjII9H90RXaMpSxQ8EU6dQx6iAYNPcYPOkSbi8s= cloud.google.com/go/dataproc v1.8.0/go.mod h1:5OW+zNAH0pMpw14JVrPONsxMQYMBqJuzORhIBfBn9uI= cloud.google.com/go/dataproc v1.12.0/go.mod h1:zrF3aX0uV3ikkMz6z4uBbIKyhRITnxvr4i3IjKsKrw4= -cloud.google.com/go/dataproc/v2 v2.0.1/go.mod h1:7Ez3KRHdFGcfY7GcevBbvozX+zyWGcwLJvvAMwCaoZ4= -cloud.google.com/go/dataproc/v2 v2.2.0/go.mod h1:lZR7AQtwZPvmINx5J87DSOOpTfof9LVZju6/Qo4lmcY= cloud.google.com/go/dataqna v0.5.0/go.mod h1:90Hyk596ft3zUQ8NkFfvICSIfHFh1Bc7C4cK3vbhkeo= cloud.google.com/go/dataqna v0.6.0/go.mod h1:1lqNpM7rqNLVgWBJyk5NF6Uen2PHym0jtVJonplVsDA= cloud.google.com/go/dataqna v0.7.0/go.mod h1:Lx9OcIIeqCrw1a6KdO3/5KMP1wAmTc0slZWwP12Qq3c= -cloud.google.com/go/dataqna v0.8.1/go.mod h1:zxZM0Bl6liMePWsHA8RMGAfmTG34vJMapbHAxQ5+WA8= cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE= cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk= cloud.google.com/go/datastore v1.10.0/go.mod h1:PC5UzAmDEkAmkfaknstTYbNpgE49HAgW2J1gcgUfmdM= cloud.google.com/go/datastore v1.11.0/go.mod h1:TvGxBIHCS50u8jzG+AW/ppf87v1of8nwzFNgEZU1D3c= -cloud.google.com/go/datastore v1.12.0/go.mod h1:KjdB88W897MRITkvWWJrg2OUtrR5XVj1EoLgSp6/N70= -cloud.google.com/go/datastore v1.12.1/go.mod h1:KjdB88W897MRITkvWWJrg2OUtrR5XVj1EoLgSp6/N70= -cloud.google.com/go/datastore v1.13.0/go.mod h1:KjdB88W897MRITkvWWJrg2OUtrR5XVj1EoLgSp6/N70= -cloud.google.com/go/datastore v1.14.0/go.mod h1:GAeStMBIt9bPS7jMJA85kgkpsMkvseWWXiaHya9Jes8= cloud.google.com/go/datastream v1.2.0/go.mod h1:i/uTP8/fZwgATHS/XFu0TcNUhuA0twZxxQ3EyCUQMwo= cloud.google.com/go/datastream v1.3.0/go.mod h1:cqlOX8xlyYF/uxhiKn6Hbv6WjwPPuI9W2M9SAXwaLLQ= cloud.google.com/go/datastream v1.4.0/go.mod h1:h9dpzScPhDTs5noEMQVWP8Wx8AFBRyS0s8KWPx/9r0g= cloud.google.com/go/datastream v1.5.0/go.mod h1:6TZMMNPwjUqZHBKPQ1wwXpb0d5VDVPl2/XoS5yi88q4= cloud.google.com/go/datastream v1.6.0/go.mod h1:6LQSuswqLa7S4rPAOZFVjHIG3wJIjZcZrw8JDEDJuIs= cloud.google.com/go/datastream v1.7.0/go.mod h1:uxVRMm2elUSPuh65IbZpzJNMbuzkcvu5CjMqVIUHrww= -cloud.google.com/go/datastream v1.9.1/go.mod h1:hqnmr8kdUBmrnk65k5wNRoHSCYksvpdZIcZIEl8h43Q= -cloud.google.com/go/datastream v1.10.0/go.mod h1:hqnmr8kdUBmrnk65k5wNRoHSCYksvpdZIcZIEl8h43Q= cloud.google.com/go/deploy v1.4.0/go.mod h1:5Xghikd4VrmMLNaF6FiRFDlHb59VM59YoDQnOUdsH/c= cloud.google.com/go/deploy v1.5.0/go.mod h1:ffgdD0B89tToyW/U/D2eL0jN2+IEV/3EMuXHA0l4r+s= cloud.google.com/go/deploy v1.6.0/go.mod h1:f9PTHehG/DjCom3QH0cntOVRm93uGBDt2vKzAPwpXQI= cloud.google.com/go/deploy v1.8.0/go.mod h1:z3myEJnA/2wnB4sgjqdMfgxCA0EqC3RBTNcVPs93mtQ= -cloud.google.com/go/deploy v1.11.0/go.mod h1:tKuSUV5pXbn67KiubiUNUejqLs4f5cxxiCNCeyl0F2g= -cloud.google.com/go/deploy v1.13.0/go.mod h1:tKuSUV5pXbn67KiubiUNUejqLs4f5cxxiCNCeyl0F2g= cloud.google.com/go/dialogflow v1.15.0/go.mod h1:HbHDWs33WOGJgn6rfzBW1Kv807BE3O1+xGbn59zZWI4= cloud.google.com/go/dialogflow v1.16.1/go.mod h1:po6LlzGfK+smoSmTBnbkIZY2w8ffjz/RcGSS+sh1el0= cloud.google.com/go/dialogflow v1.17.0/go.mod h1:YNP09C/kXA1aZdBgC/VtXX74G/TKn7XVCcVumTflA+8= @@ -332,53 +251,37 @@ cloud.google.com/go/dialogflow v1.19.0/go.mod h1:JVmlG1TwykZDtxtTXujec4tQ+D8SBFM cloud.google.com/go/dialogflow v1.29.0/go.mod h1:b+2bzMe+k1s9V+F2jbJwpHPzrnIyHihAdRFMtn2WXuM= cloud.google.com/go/dialogflow v1.31.0/go.mod h1:cuoUccuL1Z+HADhyIA7dci3N5zUssgpBJmCzI6fNRB4= cloud.google.com/go/dialogflow v1.32.0/go.mod h1:jG9TRJl8CKrDhMEcvfcfFkkpp8ZhgPz3sBGmAUYJ2qE= -cloud.google.com/go/dialogflow v1.38.0/go.mod h1:L7jnH+JL2mtmdChzAIcXQHXMvQkE3U4hTaNltEuxXn4= -cloud.google.com/go/dialogflow v1.40.0/go.mod h1:L7jnH+JL2mtmdChzAIcXQHXMvQkE3U4hTaNltEuxXn4= -cloud.google.com/go/dialogflow v1.43.0/go.mod h1:pDUJdi4elL0MFmt1REMvFkdsUTYSHq+rTCS8wg0S3+M= cloud.google.com/go/dlp v1.6.0/go.mod h1:9eyB2xIhpU0sVwUixfBubDoRwP+GjeUoxxeueZmqvmM= cloud.google.com/go/dlp v1.7.0/go.mod h1:68ak9vCiMBjbasxeVD17hVPxDEck+ExiHavX8kiHG+Q= cloud.google.com/go/dlp v1.9.0/go.mod h1:qdgmqgTyReTz5/YNSSuueR8pl7hO0o9bQ39ZhtgkWp4= -cloud.google.com/go/dlp v1.10.1/go.mod h1:IM8BWz1iJd8njcNcG0+Kyd9OPnqnRNkDV8j42VT5KOI= cloud.google.com/go/documentai v1.7.0/go.mod h1:lJvftZB5NRiFSX4moiye1SMxHx0Bc3x1+p9e/RfXYiU= cloud.google.com/go/documentai v1.8.0/go.mod h1:xGHNEB7CtsnySCNrCFdCyyMz44RhFEEX2Q7UD0c5IhU= cloud.google.com/go/documentai v1.9.0/go.mod h1:FS5485S8R00U10GhgBC0aNGrJxBP8ZVpEeJ7PQDZd6k= cloud.google.com/go/documentai v1.10.0/go.mod h1:vod47hKQIPeCfN2QS/jULIvQTugbmdc0ZvxxfQY1bg4= cloud.google.com/go/documentai v1.16.0/go.mod h1:o0o0DLTEZ+YnJZ+J4wNfTxmDVyrkzFvttBXXtYRMHkM= cloud.google.com/go/documentai v1.18.0/go.mod h1:F6CK6iUH8J81FehpskRmhLq/3VlwQvb7TvwOceQ2tbs= -cloud.google.com/go/documentai v1.20.0/go.mod h1:yJkInoMcK0qNAEdRnqY/D5asy73tnPe88I1YTZT+a8E= -cloud.google.com/go/documentai v1.22.0/go.mod h1:yJkInoMcK0qNAEdRnqY/D5asy73tnPe88I1YTZT+a8E= -cloud.google.com/go/documentai v1.22.1/go.mod h1:LKs22aDHbJv7ufXuPypzRO7rG3ALLJxzdCXDPutw4Qc= cloud.google.com/go/domains v0.6.0/go.mod h1:T9Rz3GasrpYk6mEGHh4rymIhjlnIuB4ofT1wTxDeT4Y= cloud.google.com/go/domains v0.7.0/go.mod h1:PtZeqS1xjnXuRPKE/88Iru/LdfoRyEHYA9nFQf4UKpg= cloud.google.com/go/domains v0.8.0/go.mod h1:M9i3MMDzGFXsydri9/vW+EWz9sWb4I6WyHqdlAk0idE= -cloud.google.com/go/domains v0.9.1/go.mod h1:aOp1c0MbejQQ2Pjf1iJvnVyT+z6R6s8pX66KaCSDYfE= cloud.google.com/go/edgecontainer v0.1.0/go.mod h1:WgkZ9tp10bFxqO8BLPqv2LlfmQF1X8lZqwW4r1BTajk= cloud.google.com/go/edgecontainer v0.2.0/go.mod h1:RTmLijy+lGpQ7BXuTDa4C4ssxyXT34NIuHIgKuP4s5w= cloud.google.com/go/edgecontainer v0.3.0/go.mod h1:FLDpP4nykgwwIfcLt6zInhprzw0lEi2P1fjO6Ie0qbc= cloud.google.com/go/edgecontainer v1.0.0/go.mod h1:cttArqZpBB2q58W/upSG++ooo6EsblxDIolxa3jSjbY= -cloud.google.com/go/edgecontainer v1.1.1/go.mod h1:O5bYcS//7MELQZs3+7mabRqoWQhXCzenBu0R8bz2rwk= cloud.google.com/go/errorreporting v0.3.0/go.mod h1:xsP2yaAp+OAW4OIm60An2bbLpqIhKXdWR/tawvl7QzU= cloud.google.com/go/essentialcontacts v1.3.0/go.mod h1:r+OnHa5jfj90qIfZDO/VztSFqbQan7HV75p8sA+mdGI= cloud.google.com/go/essentialcontacts v1.4.0/go.mod h1:8tRldvHYsmnBCHdFpvU+GL75oWiBKl80BiqlFh9tp+8= cloud.google.com/go/essentialcontacts v1.5.0/go.mod h1:ay29Z4zODTuwliK7SnX8E86aUF2CTzdNtvv42niCX0M= -cloud.google.com/go/essentialcontacts v1.6.2/go.mod h1:T2tB6tX+TRak7i88Fb2N9Ok3PvY3UNbUsMag9/BARh4= cloud.google.com/go/eventarc v1.7.0/go.mod h1:6ctpF3zTnaQCxUjHUdcfgcA1A2T309+omHZth7gDfmc= cloud.google.com/go/eventarc v1.8.0/go.mod h1:imbzxkyAU4ubfsaKYdQg04WS1NvncblHEup4kvF+4gw= cloud.google.com/go/eventarc v1.10.0/go.mod h1:u3R35tmZ9HvswGRBnF48IlYgYeBcPUCjkr4BTdem2Kw= cloud.google.com/go/eventarc v1.11.0/go.mod h1:PyUjsUKPWoRBCHeOxZd/lbOOjahV41icXyUY5kSTvVY= -cloud.google.com/go/eventarc v1.12.1/go.mod h1:mAFCW6lukH5+IZjkvrEss+jmt2kOdYlN8aMx3sRJiAI= -cloud.google.com/go/eventarc v1.13.0/go.mod h1:mAFCW6lukH5+IZjkvrEss+jmt2kOdYlN8aMx3sRJiAI= cloud.google.com/go/filestore v1.3.0/go.mod h1:+qbvHGvXU1HaKX2nD0WEPo92TP/8AQuCVEBXNY9z0+w= cloud.google.com/go/filestore v1.4.0/go.mod h1:PaG5oDfo9r224f8OYXURtAsY+Fbyq/bLYoINEK8XQAI= cloud.google.com/go/filestore v1.5.0/go.mod h1:FqBXDWBp4YLHqRnVGveOkHDf8svj9r5+mUDLupOWEDs= cloud.google.com/go/filestore v1.6.0/go.mod h1:di5unNuss/qfZTw2U9nhFqo8/ZDSc466dre85Kydllg= -cloud.google.com/go/filestore v1.7.1/go.mod h1:y10jsorq40JJnjR/lQ8AfFbbcGlw3g+Dp8oN7i7FjV4= cloud.google.com/go/firestore v1.1.0/go.mod h1:ulACoGHTpvq5r8rxGJ4ddJZBZqakUQqClKRT5SZwBmk= -cloud.google.com/go/firestore v1.5.0/go.mod h1:c4nNYR1qdq7eaZ+jSc5fonrQN2k3M7sWATcYTiakjEo= +cloud.google.com/go/firestore v1.6.1/go.mod h1:asNXNOzBdyVQmEU+ggO8UPodTkEVFW5Qx+rwHnAz+EY= cloud.google.com/go/firestore v1.9.0/go.mod h1:HMkjKHNTtRyZNiMzu7YAsLr9K3X2udY2AMwDaMEQiiE= -cloud.google.com/go/firestore v1.11.0/go.mod h1:b38dKhgzlmNNGTNZZwe7ZRFEuRab1Hay3/DBsIGKKy4= -cloud.google.com/go/firestore v1.12.0/go.mod h1:b38dKhgzlmNNGTNZZwe7ZRFEuRab1Hay3/DBsIGKKy4= -cloud.google.com/go/firestore v1.13.0/go.mod h1:QojqqOh8IntInDUSTAh0c8ZsPYAr68Ma8c5DWOy8xb8= cloud.google.com/go/functions v1.6.0/go.mod h1:3H1UA3qiIPRWD7PeZKLvHZ9SaQhR26XIJcC0A5GbvAk= cloud.google.com/go/functions v1.7.0/go.mod h1:+d+QBcWM+RsrgZfV9xo6KfA1GlzJfxcfZcRPEhDDfzg= cloud.google.com/go/functions v1.8.0/go.mod h1:RTZ4/HsQjIqIYP9a9YPbU+QFoQsAlYgrwOXJWHn1POY= @@ -386,38 +289,28 @@ cloud.google.com/go/functions v1.9.0/go.mod h1:Y+Dz8yGguzO3PpIjhLTbnqV1CWmgQ5Uwt cloud.google.com/go/functions v1.10.0/go.mod h1:0D3hEOe3DbEvCXtYOZHQZmD+SzYsi1YbI7dGvHfldXw= cloud.google.com/go/functions v1.12.0/go.mod h1:AXWGrF3e2C/5ehvwYo/GH6O5s09tOPksiKhz+hH8WkA= cloud.google.com/go/functions v1.13.0/go.mod h1:EU4O007sQm6Ef/PwRsI8N2umygGqPBS/IZQKBQBcJ3c= -cloud.google.com/go/functions v1.15.1/go.mod h1:P5yNWUTkyU+LvW/S9O6V+V423VZooALQlqoXdoPz5AE= cloud.google.com/go/gaming v1.5.0/go.mod h1:ol7rGcxP/qHTRQE/RO4bxkXq+Fix0j6D4LFPzYTIrDM= cloud.google.com/go/gaming v1.6.0/go.mod h1:YMU1GEvA39Qt3zWGyAVA9bpYz/yAhTvaQ1t2sK4KPUA= cloud.google.com/go/gaming v1.7.0/go.mod h1:LrB8U7MHdGgFG851iHAfqUdLcKBdQ55hzXy9xBJz0+w= cloud.google.com/go/gaming v1.8.0/go.mod h1:xAqjS8b7jAVW0KFYeRUxngo9My3f33kFmua++Pi+ggM= cloud.google.com/go/gaming v1.9.0/go.mod h1:Fc7kEmCObylSWLO334NcO+O9QMDyz+TKC4v1D7X+Bc0= -cloud.google.com/go/gaming v1.10.1/go.mod h1:XQQvtfP8Rb9Rxnxm5wFVpAp9zCQkJi2bLIb7iHGwB3s= cloud.google.com/go/gkebackup v0.2.0/go.mod h1:XKvv/4LfG829/B8B7xRkk8zRrOEbKtEam6yNfuQNH60= cloud.google.com/go/gkebackup v0.3.0/go.mod h1:n/E671i1aOQvUxT541aTkCwExO/bTer2HDlj4TsBRAo= cloud.google.com/go/gkebackup v0.4.0/go.mod h1:byAyBGUwYGEEww7xsbnUTBHIYcOPy/PgUWUtOeRm9Vg= -cloud.google.com/go/gkebackup v1.3.0/go.mod h1:vUDOu++N0U5qs4IhG1pcOnD1Mac79xWy6GoBFlWCWBU= -cloud.google.com/go/gkebackup v1.3.1/go.mod h1:vUDOu++N0U5qs4IhG1pcOnD1Mac79xWy6GoBFlWCWBU= cloud.google.com/go/gkeconnect v0.5.0/go.mod h1:c5lsNAg5EwAy7fkqX/+goqFsU1Da/jQFqArp+wGNr/o= cloud.google.com/go/gkeconnect v0.6.0/go.mod h1:Mln67KyU/sHJEBY8kFZ0xTeyPtzbq9StAVvEULYK16A= cloud.google.com/go/gkeconnect v0.7.0/go.mod h1:SNfmVqPkaEi3bF/B3CNZOAYPYdg7sU+obZ+QTky2Myw= -cloud.google.com/go/gkeconnect v0.8.1/go.mod h1:KWiK1g9sDLZqhxB2xEuPV8V9NYzrqTUmQR9shJHpOZw= cloud.google.com/go/gkehub v0.9.0/go.mod h1:WYHN6WG8w9bXU0hqNxt8rm5uxnk8IH+lPY9J2TV7BK0= cloud.google.com/go/gkehub v0.10.0/go.mod h1:UIPwxI0DsrpsVoWpLB0stwKCP+WFVG9+y977wO+hBH0= cloud.google.com/go/gkehub v0.11.0/go.mod h1:JOWHlmN+GHyIbuWQPl47/C2RFhnFKH38jH9Ascu3n0E= cloud.google.com/go/gkehub v0.12.0/go.mod h1:djiIwwzTTBrF5NaXCGv3mf7klpEMcST17VBTVVDcuaw= -cloud.google.com/go/gkehub v0.14.1/go.mod h1:VEXKIJZ2avzrbd7u+zeMtW00Y8ddk/4V9511C9CQGTY= cloud.google.com/go/gkemulticloud v0.3.0/go.mod h1:7orzy7O0S+5kq95e4Hpn7RysVA7dPs8W/GgfUtsPbrA= cloud.google.com/go/gkemulticloud v0.4.0/go.mod h1:E9gxVBnseLWCk24ch+P9+B2CoDFJZTyIgLKSalC7tuI= cloud.google.com/go/gkemulticloud v0.5.0/go.mod h1:W0JDkiyi3Tqh0TJr//y19wyb1yf8llHVto2Htf2Ja3Y= -cloud.google.com/go/gkemulticloud v0.6.1/go.mod h1:kbZ3HKyTsiwqKX7Yw56+wUGwwNZViRnxWK2DVknXWfw= -cloud.google.com/go/gkemulticloud v1.0.0/go.mod h1:kbZ3HKyTsiwqKX7Yw56+wUGwwNZViRnxWK2DVknXWfw= cloud.google.com/go/grafeas v0.2.0/go.mod h1:KhxgtF2hb0P191HlY5besjYm6MqTSTj3LSI+M+ByZHc= -cloud.google.com/go/grafeas v0.3.0/go.mod h1:P7hgN24EyONOTMyeJH6DxG4zD7fwiYa5Q6GUgyFSOU8= cloud.google.com/go/gsuiteaddons v1.3.0/go.mod h1:EUNK/J1lZEZO8yPtykKxLXI6JSVN2rg9bN8SXOa0bgM= cloud.google.com/go/gsuiteaddons v1.4.0/go.mod h1:rZK5I8hht7u7HxFQcFei0+AtfS9uSushomRlg+3ua1o= cloud.google.com/go/gsuiteaddons v1.5.0/go.mod h1:TFCClYLd64Eaa12sFVmUyG62tk4mdIsI7pAnSXRkcFo= -cloud.google.com/go/gsuiteaddons v1.6.1/go.mod h1:CodrdOqRZcLp5WOwejHWYBjZvfY0kOphkAKpF/3qdZY= cloud.google.com/go/iam v0.1.0/go.mod h1:vcUNEa0pEm0qRVpmWepWaFMIAI8/hjB9mO8rNCJtF6c= cloud.google.com/go/iam v0.3.0/go.mod h1:XzJPvDayI+9zsASAFO68Hk07u3z+f+JrT2xXNdp4bnY= cloud.google.com/go/iam v0.5.0/go.mod h1:wPU9Vt0P4UmCux7mqtRu6jcpPAb74cP1fh50J3QpkUc= @@ -427,9 +320,6 @@ cloud.google.com/go/iam v0.8.0/go.mod h1:lga0/y3iH6CX7sYqypWJ33hf7kkfXJag67naqGE cloud.google.com/go/iam v0.11.0/go.mod h1:9PiLDanza5D+oWFZiH1uG+RnRCfEGKoyl6yo4cgWZGY= cloud.google.com/go/iam v0.12.0/go.mod h1:knyHGviacl11zrtZUoDuYpDgLjvr28sLQaG0YB2GYAY= cloud.google.com/go/iam v0.13.0/go.mod h1:ljOg+rcNfzZ5d6f1nAUJ8ZIxOaZUVoS14bKCtaLZ/D0= -cloud.google.com/go/iam v1.0.1/go.mod h1:yR3tmSL8BcZB4bxByRv2jkSIahVmCtfKZwLYGBalRE8= -cloud.google.com/go/iam v1.1.0/go.mod h1:nxdHjaKfCr7fNYx/HJMM8LgiMugmveWlkatear5gVyk= -cloud.google.com/go/iam v1.1.1/go.mod h1:A5avdyVL2tCppe4unb0951eI9jreack+RJ0/d+KUZOU= cloud.google.com/go/iam v1.1.2 h1:gacbrBdWcoVmGLozRuStX45YKvJtzIjJdAolzUs1sm4= cloud.google.com/go/iam v1.1.2/go.mod h1:A5avdyVL2tCppe4unb0951eI9jreack+RJ0/d+KUZOU= cloud.google.com/go/iap v1.4.0/go.mod h1:RGFwRJdihTINIe4wZ2iCP0zF/qu18ZwyKxrhMhygBEc= @@ -437,18 +327,13 @@ cloud.google.com/go/iap v1.5.0/go.mod h1:UH/CGgKd4KyohZL5Pt0jSKE4m3FR51qg6FKQ/z/ cloud.google.com/go/iap v1.6.0/go.mod h1:NSuvI9C/j7UdjGjIde7t7HBz+QTwBcapPE07+sSRcLk= cloud.google.com/go/iap v1.7.0/go.mod h1:beqQx56T9O1G1yNPph+spKpNibDlYIiIixiqsQXxLIo= cloud.google.com/go/iap v1.7.1/go.mod h1:WapEwPc7ZxGt2jFGB/C/bm+hP0Y6NXzOYGjpPnmMS74= -cloud.google.com/go/iap v1.8.1/go.mod h1:sJCbeqg3mvWLqjZNsI6dfAtbbV1DL2Rl7e1mTyXYREQ= -cloud.google.com/go/iap v1.9.0/go.mod h1:01OFxd1R+NFrg78S+hoPV5PxEzv22HXaNqUUlmNHFuY= cloud.google.com/go/ids v1.1.0/go.mod h1:WIuwCaYVOzHIj2OhN9HAwvW+DBdmUAdcWlFxRl+KubM= cloud.google.com/go/ids v1.2.0/go.mod h1:5WXvp4n25S0rA/mQWAg1YEEBBq6/s+7ml1RDCW1IrcY= cloud.google.com/go/ids v1.3.0/go.mod h1:JBdTYwANikFKaDP6LtW5JAi4gubs57SVNQjemdt6xV4= -cloud.google.com/go/ids v1.4.1/go.mod h1:np41ed8YMU8zOgv53MMMoCntLTn2lF+SUzlM+O3u/jw= cloud.google.com/go/iot v1.3.0/go.mod h1:r7RGh2B61+B8oz0AGE+J72AhA0G7tdXItODWsaA2oLs= cloud.google.com/go/iot v1.4.0/go.mod h1:dIDxPOn0UvNDUMD8Ger7FIaTuvMkj+aGk94RPP0iV+g= cloud.google.com/go/iot v1.5.0/go.mod h1:mpz5259PDl3XJthEmh9+ap0affn/MqNSP4My77Qql9o= cloud.google.com/go/iot v1.6.0/go.mod h1:IqdAsmE2cTYYNO1Fvjfzo9po179rAtJeVGUvkLN3rLE= -cloud.google.com/go/iot v1.7.1/go.mod h1:46Mgw7ev1k9KqK1ao0ayW9h0lI+3hxeanz+L1zmbbbk= -cloud.google.com/go/kms v0.1.0/go.mod h1:8Qp8PCAypHg4FdmlyW1QRAv09BGQ9Uzh7JnmIZxPk+c= cloud.google.com/go/kms v1.4.0/go.mod h1:fajBHndQ+6ubNw6Ss2sSd+SWvjL26RNo/dr7uxsnnOA= cloud.google.com/go/kms v1.5.0/go.mod h1:QJS2YY0eJGBg3mnDfuaCyLauWwBJiHRboYxJ++1xJNg= cloud.google.com/go/kms v1.6.0/go.mod h1:Jjy850yySiasBUDi6KFUwUv2n1+o7QZFyuUJg6OgjA0= @@ -456,9 +341,6 @@ cloud.google.com/go/kms v1.8.0/go.mod h1:4xFEhYFqvW+4VMELtZyxomGSYtSQKzM178ylFW4 cloud.google.com/go/kms v1.9.0/go.mod h1:qb1tPTgfF9RQP8e1wq4cLFErVuTJv7UsSC915J8dh3w= cloud.google.com/go/kms v1.10.0/go.mod h1:ng3KTUtQQU9bPX3+QGLsflZIHlkbn8amFAMY63m8d24= cloud.google.com/go/kms v1.10.1/go.mod h1:rIWk/TryCkR59GMC3YtHtXeLzd634lBbKenvyySAyYI= -cloud.google.com/go/kms v1.11.0/go.mod h1:hwdiYC0xjnWsKQQCQQmIQnS9asjYVSK6jtXm+zFqXLM= -cloud.google.com/go/kms v1.12.1/go.mod h1:c9J991h5DTl+kg7gi3MYomh12YEENGrf48ee/N/2CDM= -cloud.google.com/go/kms v1.15.0/go.mod h1:c9J991h5DTl+kg7gi3MYomh12YEENGrf48ee/N/2CDM= cloud.google.com/go/kms v1.15.2 h1:lh6qra6oC4AyWe5fUUUBe/S27k12OHAleOOOw6KakdE= cloud.google.com/go/kms v1.15.2/go.mod h1:3hopT4+7ooWRCjc2DxgnpESFxhIraaI2IpAVUEhbT/w= cloud.google.com/go/language v1.4.0/go.mod h1:F9dRpNFQmJbkaop6g0JhSBXCNlO90e1KWx5iDdxbWic= @@ -466,12 +348,9 @@ cloud.google.com/go/language v1.6.0/go.mod h1:6dJ8t3B+lUYfStgls25GusK04NLh3eDLQn cloud.google.com/go/language v1.7.0/go.mod h1:DJ6dYN/W+SQOjF8e1hLQXMF21AkH2w9wiPzPCJa2MIE= cloud.google.com/go/language v1.8.0/go.mod h1:qYPVHf7SPoNNiCL2Dr0FfEFNil1qi3pQEyygwpgVKB8= cloud.google.com/go/language v1.9.0/go.mod h1:Ns15WooPM5Ad/5no/0n81yUetis74g3zrbeJBE+ptUY= -cloud.google.com/go/language v1.10.1/go.mod h1:CPp94nsdVNiQEt1CNjF5WkTcisLiHPyIbMhvR8H2AW0= -cloud.google.com/go/language v1.11.0/go.mod h1:uDx+pFDdAKTY8ehpWbiXyQdz8tDSYLJbQcXsCkjYyvQ= cloud.google.com/go/lifesciences v0.5.0/go.mod h1:3oIKy8ycWGPUyZDR/8RNnTOYevhaMLqh5vLUXs9zvT8= cloud.google.com/go/lifesciences v0.6.0/go.mod h1:ddj6tSX/7BOnhxCSd3ZcETvtNr8NZ6t/iPhY2Tyfu08= cloud.google.com/go/lifesciences v0.8.0/go.mod h1:lFxiEOMqII6XggGbOnKiyZ7IBwoIqA84ClvoezaA/bo= -cloud.google.com/go/lifesciences v0.9.1/go.mod h1:hACAOd1fFbCGLr/+weUKRAJas82Y4vrL3O5326N//Wc= cloud.google.com/go/logging v1.6.1/go.mod h1:5ZO0mHHbvm8gEmeEUHrmDlTDSu5imF6MUP9OfilNXBw= cloud.google.com/go/logging v1.7.0/go.mod h1:3xjP2CjkM3ZkO73aj4ASA5wRPGGCRrPIAeNqVNkzY8M= cloud.google.com/go/logging v1.8.1 h1:26skQWPeYhvIasWKm48+Eq7oUqdcdbwsCVwz5Ys0FvU= @@ -479,127 +358,94 @@ cloud.google.com/go/logging v1.8.1/go.mod h1:TJjR+SimHwuC8MZ9cjByQulAMgni+RkXeI3 cloud.google.com/go/longrunning v0.1.1/go.mod h1:UUFxuDWkv22EuY93jjmDMFT5GPQKeFVJBIF6QlTqdsE= cloud.google.com/go/longrunning v0.3.0/go.mod h1:qth9Y41RRSUE69rDcOn6DdK3HfQfsUI0YSmW3iIlLJc= cloud.google.com/go/longrunning v0.4.1/go.mod h1:4iWDqhBZ70CvZ6BfETbvam3T8FMvLK+eFj0E6AaRQTo= -cloud.google.com/go/longrunning v0.4.2/go.mod h1:OHrnaYyLUV6oqwh0xiS7e5sLQhP1m0QU9R+WhGDMgIQ= -cloud.google.com/go/longrunning v0.5.0/go.mod h1:0JNuqRShmscVAhIACGtskSAWtqtOoPkwP0YF1oVEchc= cloud.google.com/go/longrunning v0.5.1 h1:Fr7TXftcqTudoyRJa113hyaqlGdiBQkp0Gq7tErFDWI= cloud.google.com/go/longrunning v0.5.1/go.mod h1:spvimkwdz6SPWKEt/XBij79E9fiTkHSQl/fRUUQJYJc= cloud.google.com/go/managedidentities v1.3.0/go.mod h1:UzlW3cBOiPrzucO5qWkNkh0w33KFtBJU281hacNvsdE= cloud.google.com/go/managedidentities v1.4.0/go.mod h1:NWSBYbEMgqmbZsLIyKvxrYbtqOsxY1ZrGM+9RgDqInM= cloud.google.com/go/managedidentities v1.5.0/go.mod h1:+dWcZ0JlUmpuxpIDfyP5pP5y0bLdRwOS4Lp7gMni/LA= -cloud.google.com/go/managedidentities v1.6.1/go.mod h1:h/irGhTN2SkZ64F43tfGPMbHnypMbu4RB3yl8YcuEak= cloud.google.com/go/maps v0.1.0/go.mod h1:BQM97WGyfw9FWEmQMpZ5T6cpovXXSd1cGmFma94eubI= cloud.google.com/go/maps v0.6.0/go.mod h1:o6DAMMfb+aINHz/p/jbcY+mYeXBoZoxTfdSQ8VAJaCw= cloud.google.com/go/maps v0.7.0/go.mod h1:3GnvVl3cqeSvgMcpRlQidXsPYuDGQ8naBis7MVzpXsY= -cloud.google.com/go/maps v1.3.0/go.mod h1:6mWTUv+WhnOwAgjVsSW2QPPECmW+s3PcRyOa9vgG/5s= -cloud.google.com/go/maps v1.4.0/go.mod h1:6mWTUv+WhnOwAgjVsSW2QPPECmW+s3PcRyOa9vgG/5s= cloud.google.com/go/mediatranslation v0.5.0/go.mod h1:jGPUhGTybqsPQn91pNXw0xVHfuJ3leR1wj37oU3y1f4= cloud.google.com/go/mediatranslation v0.6.0/go.mod h1:hHdBCTYNigsBxshbznuIMFNe5QXEowAuNmmC7h8pu5w= cloud.google.com/go/mediatranslation v0.7.0/go.mod h1:LCnB/gZr90ONOIQLgSXagp8XUW1ODs2UmUMvcgMfI2I= -cloud.google.com/go/mediatranslation v0.8.1/go.mod h1:L/7hBdEYbYHQJhX2sldtTO5SZZ1C1vkapubj0T2aGig= cloud.google.com/go/memcache v1.4.0/go.mod h1:rTOfiGZtJX1AaFUrOgsMHX5kAzaTQ8azHiuDoTPzNsE= cloud.google.com/go/memcache v1.5.0/go.mod h1:dk3fCK7dVo0cUU2c36jKb4VqKPS22BTkf81Xq617aWM= cloud.google.com/go/memcache v1.6.0/go.mod h1:XS5xB0eQZdHtTuTF9Hf8eJkKtR3pVRCcvJwtm68T3rA= cloud.google.com/go/memcache v1.7.0/go.mod h1:ywMKfjWhNtkQTxrWxCkCFkoPjLHPW6A7WOTVI8xy3LY= cloud.google.com/go/memcache v1.9.0/go.mod h1:8oEyzXCu+zo9RzlEaEjHl4KkgjlNDaXbCQeQWlzNFJM= -cloud.google.com/go/memcache v1.10.1/go.mod h1:47YRQIarv4I3QS5+hoETgKO40InqzLP6kpNLvyXuyaA= cloud.google.com/go/metastore v1.5.0/go.mod h1:2ZNrDcQwghfdtCwJ33nM0+GrBGlVuh8rakL3vdPY3XY= cloud.google.com/go/metastore v1.6.0/go.mod h1:6cyQTls8CWXzk45G55x57DVQ9gWg7RiH65+YgPsNh9s= cloud.google.com/go/metastore v1.7.0/go.mod h1:s45D0B4IlsINu87/AsWiEVYbLaIMeUSoxlKKDqBGFS8= cloud.google.com/go/metastore v1.8.0/go.mod h1:zHiMc4ZUpBiM7twCIFQmJ9JMEkDSyZS9U12uf7wHqSI= cloud.google.com/go/metastore v1.10.0/go.mod h1:fPEnH3g4JJAk+gMRnrAnoqyv2lpUCqJPWOodSaf45Eo= -cloud.google.com/go/metastore v1.11.1/go.mod h1:uZuSo80U3Wd4zi6C22ZZliOUJ3XeM/MlYi/z5OAOWRA= -cloud.google.com/go/metastore v1.12.0/go.mod h1:uZuSo80U3Wd4zi6C22ZZliOUJ3XeM/MlYi/z5OAOWRA= -cloud.google.com/go/monitoring v0.1.0/go.mod h1:Hpm3XfzJv+UTiXzCG5Ffp0wijzHTC7Cv4eR7o3x/fEE= +cloud.google.com/go/monitoring v1.1.0/go.mod h1:L81pzz7HKn14QCMaCs6NTQkdBnE87TElyanS95vIcl4= +cloud.google.com/go/monitoring v1.5.0/go.mod h1:/o9y8NYX5j91JjD/JvGLYbi86kL11OjyJXq2XziLJu4= cloud.google.com/go/monitoring v1.7.0/go.mod h1:HpYse6kkGo//7p6sT0wsIC6IBDET0RhIsnmlA53dvEk= cloud.google.com/go/monitoring v1.8.0/go.mod h1:E7PtoMJ1kQXWxPjB6mv2fhC5/15jInuulFdYYtlcvT4= cloud.google.com/go/monitoring v1.12.0/go.mod h1:yx8Jj2fZNEkL/GYZyTLS4ZtZEZN8WtDEiEqG4kLK50w= cloud.google.com/go/monitoring v1.13.0/go.mod h1:k2yMBAB1H9JT/QETjNkgdCGD9bPF712XiLTVr+cBrpw= -cloud.google.com/go/monitoring v1.15.1/go.mod h1:lADlSAlFdbqQuwwpaImhsJXu1QSdd3ojypXrFSMr2rM= -cloud.google.com/go/monitoring v1.16.0/go.mod h1:Ptp15HgAyM1fNICAojDMoNc/wUmn67mLHQfyqbw+poY= cloud.google.com/go/networkconnectivity v1.4.0/go.mod h1:nOl7YL8odKyAOtzNX73/M5/mGZgqqMeryi6UPZTk/rA= cloud.google.com/go/networkconnectivity v1.5.0/go.mod h1:3GzqJx7uhtlM3kln0+x5wyFvuVH1pIBJjhCpjzSt75o= cloud.google.com/go/networkconnectivity v1.6.0/go.mod h1:OJOoEXW+0LAxHh89nXd64uGG+FbQoeH8DtxCHVOMlaM= cloud.google.com/go/networkconnectivity v1.7.0/go.mod h1:RMuSbkdbPwNMQjB5HBWD5MpTBnNm39iAVpC3TmsExt8= cloud.google.com/go/networkconnectivity v1.10.0/go.mod h1:UP4O4sWXJG13AqrTdQCD9TnLGEbtNRqjuaaA7bNjF5E= cloud.google.com/go/networkconnectivity v1.11.0/go.mod h1:iWmDD4QF16VCDLXUqvyspJjIEtBR/4zq5hwnY2X3scM= -cloud.google.com/go/networkconnectivity v1.12.1/go.mod h1:PelxSWYM7Sh9/guf8CFhi6vIqf19Ir/sbfZRUwXh92E= -cloud.google.com/go/networkconnectivity v1.13.0/go.mod h1:SAnGPes88pl7QRLUen2HmcBSE9AowVAcdug8c0RSBFk= cloud.google.com/go/networkmanagement v1.4.0/go.mod h1:Q9mdLLRn60AsOrPc8rs8iNV6OHXaGcDdsIQe1ohekq8= cloud.google.com/go/networkmanagement v1.5.0/go.mod h1:ZnOeZ/evzUdUsnvRt792H0uYEnHQEMaz+REhhzJRcf4= cloud.google.com/go/networkmanagement v1.6.0/go.mod h1:5pKPqyXjB/sgtvB5xqOemumoQNB7y95Q7S+4rjSOPYY= -cloud.google.com/go/networkmanagement v1.8.0/go.mod h1:Ho/BUGmtyEqrttTgWEe7m+8vDdK74ibQc+Be0q7Fof0= -cloud.google.com/go/networkmanagement v1.9.0/go.mod h1:UTUaEU9YwbCAhhz3jEOHr+2/K/MrBk2XxOLS89LQzFw= cloud.google.com/go/networksecurity v0.5.0/go.mod h1:xS6fOCoqpVC5zx15Z/MqkfDwH4+m/61A3ODiDV1xmiQ= cloud.google.com/go/networksecurity v0.6.0/go.mod h1:Q5fjhTr9WMI5mbpRYEbiexTzROf7ZbDzvzCrNl14nyU= cloud.google.com/go/networksecurity v0.7.0/go.mod h1:mAnzoxx/8TBSyXEeESMy9OOYwo1v+gZ5eMRnsT5bC8k= cloud.google.com/go/networksecurity v0.8.0/go.mod h1:B78DkqsxFG5zRSVuwYFRZ9Xz8IcQ5iECsNrPn74hKHU= -cloud.google.com/go/networksecurity v0.9.1/go.mod h1:MCMdxOKQ30wsBI1eI659f9kEp4wuuAueoC9AJKSPWZQ= cloud.google.com/go/notebooks v1.2.0/go.mod h1:9+wtppMfVPUeJ8fIWPOq1UnATHISkGXGqTkxeieQ6UY= cloud.google.com/go/notebooks v1.3.0/go.mod h1:bFR5lj07DtCPC7YAAJ//vHskFBxA5JzYlH68kXVdk34= cloud.google.com/go/notebooks v1.4.0/go.mod h1:4QPMngcwmgb6uw7Po99B2xv5ufVoIQ7nOGDyL4P8AgA= cloud.google.com/go/notebooks v1.5.0/go.mod h1:q8mwhnP9aR8Hpfnrc5iN5IBhrXUy8S2vuYs+kBJ/gu0= cloud.google.com/go/notebooks v1.7.0/go.mod h1:PVlaDGfJgj1fl1S3dUwhFMXFgfYGhYQt2164xOMONmE= cloud.google.com/go/notebooks v1.8.0/go.mod h1:Lq6dYKOYOWUCTvw5t2q1gp1lAp0zxAxRycayS0iJcqQ= -cloud.google.com/go/notebooks v1.9.1/go.mod h1:zqG9/gk05JrzgBt4ghLzEepPHNwE5jgPcHZRKhlC1A8= -cloud.google.com/go/notebooks v1.10.0/go.mod h1:SOPYMZnttHxqot0SGSFSkRrwE29eqnKPBJFqgWmiK2k= cloud.google.com/go/optimization v1.1.0/go.mod h1:5po+wfvX5AQlPznyVEZjGJTMr4+CAkJf2XSTQOOl9l4= cloud.google.com/go/optimization v1.2.0/go.mod h1:Lr7SOHdRDENsh+WXVmQhQTrzdu9ybg0NecjHidBq6xs= cloud.google.com/go/optimization v1.3.1/go.mod h1:IvUSefKiwd1a5p0RgHDbWCIbDFgKuEdB+fPPuP0IDLI= -cloud.google.com/go/optimization v1.4.1/go.mod h1:j64vZQP7h9bO49m2rVaTVoNM0vEBEN5eKPUPbZyXOrk= -cloud.google.com/go/optimization v1.5.0/go.mod h1:evo1OvTxeBRBu6ydPlrIRizKY/LJKo/drDMMRKqGEUU= cloud.google.com/go/orchestration v1.3.0/go.mod h1:Sj5tq/JpWiB//X/q3Ngwdl5K7B7Y0KZ7bfv0wL6fqVA= cloud.google.com/go/orchestration v1.4.0/go.mod h1:6W5NLFWs2TlniBphAViZEVhrXRSMgUGDfW7vrWKvsBk= cloud.google.com/go/orchestration v1.6.0/go.mod h1:M62Bevp7pkxStDfFfTuCOaXgaaqRAga1yKyoMtEoWPQ= -cloud.google.com/go/orchestration v1.8.1/go.mod h1:4sluRF3wgbYVRqz7zJ1/EUNc90TTprliq9477fGobD8= cloud.google.com/go/orgpolicy v1.4.0/go.mod h1:xrSLIV4RePWmP9P3tBl8S93lTmlAxjm06NSm2UTmKvE= cloud.google.com/go/orgpolicy v1.5.0/go.mod h1:hZEc5q3wzwXJaKrsx5+Ewg0u1LxJ51nNFlext7Tanwc= cloud.google.com/go/orgpolicy v1.10.0/go.mod h1:w1fo8b7rRqlXlIJbVhOMPrwVljyuW5mqssvBtU18ONc= -cloud.google.com/go/orgpolicy v1.11.0/go.mod h1:2RK748+FtVvnfuynxBzdnyu7sygtoZa1za/0ZfpOs1M= -cloud.google.com/go/orgpolicy v1.11.1/go.mod h1:8+E3jQcpZJQliP+zaFfayC2Pg5bmhuLK755wKhIIUCE= cloud.google.com/go/osconfig v1.7.0/go.mod h1:oVHeCeZELfJP7XLxcBGTMBvRO+1nQ5tFG9VQTmYS2Fs= cloud.google.com/go/osconfig v1.8.0/go.mod h1:EQqZLu5w5XA7eKizepumcvWx+m8mJUhEwiPqWiZeEdg= cloud.google.com/go/osconfig v1.9.0/go.mod h1:Yx+IeIZJ3bdWmzbQU4fxNl8xsZ4amB+dygAwFPlvnNo= cloud.google.com/go/osconfig v1.10.0/go.mod h1:uMhCzqC5I8zfD9zDEAfvgVhDS8oIjySWh+l4WK6GnWw= cloud.google.com/go/osconfig v1.11.0/go.mod h1:aDICxrur2ogRd9zY5ytBLV89KEgT2MKB2L/n6x1ooPw= -cloud.google.com/go/osconfig v1.12.0/go.mod h1:8f/PaYzoS3JMVfdfTubkowZYGmAhUCjjwnjqWI7NVBc= -cloud.google.com/go/osconfig v1.12.1/go.mod h1:4CjBxND0gswz2gfYRCUoUzCm9zCABp91EeTtWXyz0tE= cloud.google.com/go/oslogin v1.4.0/go.mod h1:YdgMXWRaElXz/lDk1Na6Fh5orF7gvmJ0FGLIs9LId4E= cloud.google.com/go/oslogin v1.5.0/go.mod h1:D260Qj11W2qx/HVF29zBg+0fd6YCSjSqLUkY/qEenQU= cloud.google.com/go/oslogin v1.6.0/go.mod h1:zOJ1O3+dTU8WPlGEkFSh7qeHPPSoxrcMbbK1Nm2iX70= cloud.google.com/go/oslogin v1.7.0/go.mod h1:e04SN0xO1UNJ1M5GP0vzVBFicIe4O53FOfcixIqTyXo= cloud.google.com/go/oslogin v1.9.0/go.mod h1:HNavntnH8nzrn8JCTT5fj18FuJLFJc4NaZJtBnQtKFs= -cloud.google.com/go/oslogin v1.10.1/go.mod h1:x692z7yAue5nE7CsSnoG0aaMbNoRJRXO4sn73R+ZqAs= cloud.google.com/go/phishingprotection v0.5.0/go.mod h1:Y3HZknsK9bc9dMi+oE8Bim0lczMU6hrX0UpADuMefr0= cloud.google.com/go/phishingprotection v0.6.0/go.mod h1:9Y3LBLgy0kDTcYET8ZH3bq/7qni15yVUoAxiFxnlSUA= cloud.google.com/go/phishingprotection v0.7.0/go.mod h1:8qJI4QKHoda/sb/7/YmMQ2omRLSLYSu9bU0EKCNI+Lk= -cloud.google.com/go/phishingprotection v0.8.1/go.mod h1:AxonW7GovcA8qdEk13NfHq9hNx5KPtfxXNeUxTDxB6I= cloud.google.com/go/policytroubleshooter v1.3.0/go.mod h1:qy0+VwANja+kKrjlQuOzmlvscn4RNsAc0e15GGqfMxg= cloud.google.com/go/policytroubleshooter v1.4.0/go.mod h1:DZT4BcRw3QoO8ota9xw/LKtPa8lKeCByYeKTIf/vxdE= cloud.google.com/go/policytroubleshooter v1.5.0/go.mod h1:Rz1WfV+1oIpPdN2VvvuboLVRsB1Hclg3CKQ53j9l8vw= cloud.google.com/go/policytroubleshooter v1.6.0/go.mod h1:zYqaPTsmfvpjm5ULxAyD/lINQxJ0DDsnWOP/GZ7xzBc= -cloud.google.com/go/policytroubleshooter v1.7.1/go.mod h1:0NaT5v3Ag1M7U5r0GfDCpUFkWd9YqpubBWsQlhanRv0= -cloud.google.com/go/policytroubleshooter v1.8.0/go.mod h1:tmn5Ir5EToWe384EuboTcVQT7nTag2+DuH3uHmKd1HU= -cloud.google.com/go/policytroubleshooter v1.9.0/go.mod h1:+E2Lga7TycpeSTj2FsH4oXxTnrbHJGRlKhVZBLGgU64= cloud.google.com/go/privatecatalog v0.5.0/go.mod h1:XgosMUvvPyxDjAVNDYxJ7wBW8//hLDDYmnsNcMGq1K0= cloud.google.com/go/privatecatalog v0.6.0/go.mod h1:i/fbkZR0hLN29eEWiiwue8Pb+GforiEIBnV9yrRUOKI= cloud.google.com/go/privatecatalog v0.7.0/go.mod h1:2s5ssIFO69F5csTXcwBP7NPFTZvps26xGzvQ2PQaBYg= cloud.google.com/go/privatecatalog v0.8.0/go.mod h1:nQ6pfaegeDAq/Q5lrfCQzQLhubPiZhSaNhIgfJlnIXs= -cloud.google.com/go/privatecatalog v0.9.1/go.mod h1:0XlDXW2unJXdf9zFz968Hp35gl/bhF4twwpXZAW50JA= cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I= cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw= cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA= cloud.google.com/go/pubsub v1.3.1/go.mod h1:i+ucay31+CNRpDW4Lu78I4xXG+O1r/MAHgjpRVR+TSU= -cloud.google.com/go/pubsub v1.16.0/go.mod h1:6A8EfoWZ/lUvCWStKGwAWauJZSiuV0Mkmu6WilK/TxQ= +cloud.google.com/go/pubsub v1.24.0/go.mod h1:rWv09Te1SsRpRGPiWOMDKraMQTJyJps4MkUCoMGUgqw= cloud.google.com/go/pubsub v1.26.0/go.mod h1:QgBH3U/jdJy/ftjPhTkyXNj543Tin1pRYcdcPRnFIRI= cloud.google.com/go/pubsub v1.27.1/go.mod h1:hQN39ymbV9geqBnfQq6Xf63yNhUAhv9CZhzp5O6qsW0= cloud.google.com/go/pubsub v1.28.0/go.mod h1:vuXFpwaVoIPQMGXqRyUQigu/AX1S3IWugR9xznmcXX8= cloud.google.com/go/pubsub v1.30.0/go.mod h1:qWi1OPS0B+b5L+Sg6Gmc9zD1Y+HaM0MdUr7LsupY1P4= -cloud.google.com/go/pubsub v1.32.0/go.mod h1:f+w71I33OMyxf9VpMVcZbnG5KSUkCOUHYpFd5U1GdRc= -cloud.google.com/go/pubsub v1.33.0/go.mod h1:f+w71I33OMyxf9VpMVcZbnG5KSUkCOUHYpFd5U1GdRc= cloud.google.com/go/pubsublite v1.5.0/go.mod h1:xapqNQ1CuLfGi23Yda/9l4bBCKz/wC3KIJ5gKcxveZg= cloud.google.com/go/pubsublite v1.6.0/go.mod h1:1eFCS0U11xlOuMFV/0iBqw3zP12kddMeCbj/F3FSj9k= cloud.google.com/go/pubsublite v1.7.0/go.mod h1:8hVMwRXfDfvGm3fahVbtDbiLePT3gpoiJYJY+vxWxVM= -cloud.google.com/go/pubsublite v1.8.1/go.mod h1:fOLdU4f5xldK4RGJrBMm+J7zMWNj/k4PxwEZXy39QS0= cloud.google.com/go/recaptchaenterprise v1.3.1/go.mod h1:OdD+q+y4XGeAlxRaMn1Y7/GveP6zmq76byL6tjPE7d4= cloud.google.com/go/recaptchaenterprise/v2 v2.1.0/go.mod h1:w9yVqajwroDNTfGuhmOjPDN//rZGySaf6PtFVcSCa7o= cloud.google.com/go/recaptchaenterprise/v2 v2.2.0/go.mod h1:/Zu5jisWGeERrd5HnlS3EUGb/D335f9k51B/FVil0jk= @@ -608,58 +454,47 @@ cloud.google.com/go/recaptchaenterprise/v2 v2.4.0/go.mod h1:Am3LHfOuBstrLrNCBrlI cloud.google.com/go/recaptchaenterprise/v2 v2.5.0/go.mod h1:O8LzcHXN3rz0j+LBC91jrwI3R+1ZSZEWrfL7XHgNo9U= cloud.google.com/go/recaptchaenterprise/v2 v2.6.0/go.mod h1:RPauz9jeLtB3JVzg6nCbe12qNoaa8pXc4d/YukAmcnA= cloud.google.com/go/recaptchaenterprise/v2 v2.7.0/go.mod h1:19wVj/fs5RtYtynAPJdDTb69oW0vNHYDBTbB4NvMD9c= -cloud.google.com/go/recaptchaenterprise/v2 v2.7.2/go.mod h1:kR0KjsJS7Jt1YSyWFkseQ756D45kaYNTlDPPaRAvDBU= cloud.google.com/go/recommendationengine v0.5.0/go.mod h1:E5756pJcVFeVgaQv3WNpImkFP8a+RptV6dDLGPILjvg= cloud.google.com/go/recommendationengine v0.6.0/go.mod h1:08mq2umu9oIqc7tDy8sx+MNJdLG0fUi3vaSVbztHgJ4= cloud.google.com/go/recommendationengine v0.7.0/go.mod h1:1reUcE3GIu6MeBz/h5xZJqNLuuVjNg1lmWMPyjatzac= -cloud.google.com/go/recommendationengine v0.8.1/go.mod h1:MrZihWwtFYWDzE6Hz5nKcNz3gLizXVIDI/o3G1DLcrE= cloud.google.com/go/recommender v1.5.0/go.mod h1:jdoeiBIVrJe9gQjwd759ecLJbxCDED4A6p+mqoqDvTg= cloud.google.com/go/recommender v1.6.0/go.mod h1:+yETpm25mcoiECKh9DEScGzIRyDKpZ0cEhWGo+8bo+c= cloud.google.com/go/recommender v1.7.0/go.mod h1:XLHs/W+T8olwlGOgfQenXBTbIseGclClff6lhFVe9Bs= cloud.google.com/go/recommender v1.8.0/go.mod h1:PkjXrTT05BFKwxaUxQmtIlrtj0kph108r02ZZQ5FE70= cloud.google.com/go/recommender v1.9.0/go.mod h1:PnSsnZY7q+VL1uax2JWkt/UegHssxjUVVCrX52CuEmQ= -cloud.google.com/go/recommender v1.10.1/go.mod h1:XFvrE4Suqn5Cq0Lf+mCP6oBHD/yRMA8XxP5sb7Q7gpA= -cloud.google.com/go/recommender v1.11.0/go.mod h1:kPiRQhPyTJ9kyXPCG6u/dlPLbYfFlkwHNRwdzPVAoII= cloud.google.com/go/redis v1.7.0/go.mod h1:V3x5Jq1jzUcg+UNsRvdmsfuFnit1cfe3Z/PGyq/lm4Y= cloud.google.com/go/redis v1.8.0/go.mod h1:Fm2szCDavWzBk2cDKxrkmWBqoCiL1+Ctwq7EyqBCA/A= cloud.google.com/go/redis v1.9.0/go.mod h1:HMYQuajvb2D0LvMgZmLDZW8V5aOC/WxstZHiy4g8OiA= cloud.google.com/go/redis v1.10.0/go.mod h1:ThJf3mMBQtW18JzGgh41/Wld6vnDDc/F/F35UolRZPM= cloud.google.com/go/redis v1.11.0/go.mod h1:/X6eicana+BWcUda5PpwZC48o37SiFVTFSs0fWAJ7uQ= -cloud.google.com/go/redis v1.13.1/go.mod h1:VP7DGLpE91M6bcsDdMuyCm2hIpB6Vp2hI090Mfd1tcg= cloud.google.com/go/resourcemanager v1.3.0/go.mod h1:bAtrTjZQFJkiWTPDb1WBjzvc6/kifjj4QBYuKCCoqKA= cloud.google.com/go/resourcemanager v1.4.0/go.mod h1:MwxuzkumyTX7/a3n37gmsT3py7LIXwrShilPh3P1tR0= cloud.google.com/go/resourcemanager v1.5.0/go.mod h1:eQoXNAiAvCf5PXxWxXjhKQoTMaUSNrEfg+6qdf/wots= cloud.google.com/go/resourcemanager v1.6.0/go.mod h1:YcpXGRs8fDzcUl1Xw8uOVmI8JEadvhRIkoXXUNVYcVo= cloud.google.com/go/resourcemanager v1.7.0/go.mod h1:HlD3m6+bwhzj9XCouqmeiGuni95NTrExfhoSrkC/3EI= -cloud.google.com/go/resourcemanager v1.9.1/go.mod h1:dVCuosgrh1tINZ/RwBufr8lULmWGOkPS8gL5gqyjdT8= cloud.google.com/go/resourcesettings v1.3.0/go.mod h1:lzew8VfESA5DQ8gdlHwMrqZs1S9V87v3oCnKCWoOuQU= cloud.google.com/go/resourcesettings v1.4.0/go.mod h1:ldiH9IJpcrlC3VSuCGvjR5of/ezRrOxFtpJoJo5SmXg= cloud.google.com/go/resourcesettings v1.5.0/go.mod h1:+xJF7QSG6undsQDfsCJyqWXyBwUoJLhetkRMDRnIoXA= -cloud.google.com/go/resourcesettings v1.6.1/go.mod h1:M7mk9PIZrC5Fgsu1kZJci6mpgN8o0IUzVx3eJU3y4Jw= cloud.google.com/go/retail v1.8.0/go.mod h1:QblKS8waDmNUhghY2TI9O3JLlFk8jybHeV4BF19FrE4= cloud.google.com/go/retail v1.9.0/go.mod h1:g6jb6mKuCS1QKnH/dpu7isX253absFl6iE92nHwlBUY= cloud.google.com/go/retail v1.10.0/go.mod h1:2gDk9HsL4HMS4oZwz6daui2/jmKvqShXKQuB2RZ+cCc= cloud.google.com/go/retail v1.11.0/go.mod h1:MBLk1NaWPmh6iVFSz9MeKG/Psyd7TAgm6y/9L2B4x9Y= cloud.google.com/go/retail v1.12.0/go.mod h1:UMkelN/0Z8XvKymXFbD4EhFJlYKRx1FGhQkVPU5kF14= -cloud.google.com/go/retail v1.14.1/go.mod h1:y3Wv3Vr2k54dLNIrCzenyKG8g8dhvhncT2NcNjb/6gE= cloud.google.com/go/run v0.2.0/go.mod h1:CNtKsTA1sDcnqqIFR3Pb5Tq0usWxJJvsWOCPldRU3Do= cloud.google.com/go/run v0.3.0/go.mod h1:TuyY1+taHxTjrD0ZFk2iAR+xyOXEA0ztb7U3UNA0zBo= cloud.google.com/go/run v0.8.0/go.mod h1:VniEnuBwqjigv0A7ONfQUaEItaiCRVujlMqerPPiktM= cloud.google.com/go/run v0.9.0/go.mod h1:Wwu+/vvg8Y+JUApMwEDfVfhetv30hCG4ZwDR/IXl2Qg= -cloud.google.com/go/run v1.2.0/go.mod h1:36V1IlDzQ0XxbQjUx6IYbw8H3TJnWvhii963WW3B/bo= cloud.google.com/go/scheduler v1.4.0/go.mod h1:drcJBmxF3aqZJRhmkHQ9b3uSSpQoltBPGPxGAWROx6s= cloud.google.com/go/scheduler v1.5.0/go.mod h1:ri073ym49NW3AfT6DZi21vLZrG07GXr5p3H1KxN5QlI= cloud.google.com/go/scheduler v1.6.0/go.mod h1:SgeKVM7MIwPn3BqtcBntpLyrIJftQISRrYB5ZtT+KOk= cloud.google.com/go/scheduler v1.7.0/go.mod h1:jyCiBqWW956uBjjPMMuX09n3x37mtyPJegEWKxRsn44= cloud.google.com/go/scheduler v1.8.0/go.mod h1:TCET+Y5Gp1YgHT8py4nlg2Sew8nUHMqcpousDgXJVQc= cloud.google.com/go/scheduler v1.9.0/go.mod h1:yexg5t+KSmqu+njTIh3b7oYPheFtBWGcbVUYF1GGMIc= -cloud.google.com/go/scheduler v1.10.1/go.mod h1:R63Ldltd47Bs4gnhQkmNDse5w8gBRrhObZ54PxgR2Oo= -cloud.google.com/go/secretmanager v0.1.0/go.mod h1:3nGKHvnzDUVit7U0S9KAKJ4aOsO1xtwRG+7ey5LK1bM= +cloud.google.com/go/secretmanager v1.5.0/go.mod h1:5C9kM+RwSpkURNovKySkNvGQLUaOgyoR5W0RUx2SyHQ= cloud.google.com/go/secretmanager v1.6.0/go.mod h1:awVa/OXF6IiyaU1wQ34inzQNc4ISIDIrId8qE5QGgKA= cloud.google.com/go/secretmanager v1.8.0/go.mod h1:hnVgi/bN5MYHd3Gt0SPuTPPp5ENina1/LxM+2W9U9J4= cloud.google.com/go/secretmanager v1.9.0/go.mod h1:b71qH2l1yHmWQHt9LC80akm86mX8AL6X1MA01dW8ht4= cloud.google.com/go/secretmanager v1.10.0/go.mod h1:MfnrdvKMPNra9aZtQFvBcvRU54hbPD8/HayQdlUgJpU= -cloud.google.com/go/secretmanager v1.11.1/go.mod h1:znq9JlXgTNdBeQk9TBW/FnR/W4uChEKGeqQWAJ8SXFw= cloud.google.com/go/security v1.5.0/go.mod h1:lgxGdyOKKjHL4YG3/YwIL2zLqMFCKs0UbQwgyZmfJl4= cloud.google.com/go/security v1.7.0/go.mod h1:mZklORHl6Bg7CNnnjLH//0UlAlaXqiG7Lb9PsPXLfD0= cloud.google.com/go/security v1.8.0/go.mod h1:hAQOwgmaHhztFhiQ41CjDODdWP0+AE1B3sX4OFlq+GU= @@ -667,14 +502,12 @@ cloud.google.com/go/security v1.9.0/go.mod h1:6Ta1bO8LXI89nZnmnsZGp9lVoVWXqsVbIq cloud.google.com/go/security v1.10.0/go.mod h1:QtOMZByJVlibUT2h9afNDWRZ1G96gVywH8T5GUSb9IA= cloud.google.com/go/security v1.12.0/go.mod h1:rV6EhrpbNHrrxqlvW0BWAIawFWq3X90SduMJdFwtLB8= cloud.google.com/go/security v1.13.0/go.mod h1:Q1Nvxl1PAgmeW0y3HTt54JYIvUdtcpYKVfIB8AOMZ+0= -cloud.google.com/go/security v1.15.1/go.mod h1:MvTnnbsWnehoizHi09zoiZob0iCHVcL4AUBj76h9fXA= cloud.google.com/go/securitycenter v1.13.0/go.mod h1:cv5qNAqjY84FCN6Y9z28WlkKXyWsgLO832YiWwkCWcU= cloud.google.com/go/securitycenter v1.14.0/go.mod h1:gZLAhtyKv85n52XYWt6RmeBdydyxfPeTrpToDPw4Auc= cloud.google.com/go/securitycenter v1.15.0/go.mod h1:PeKJ0t8MoFmmXLXWm41JidyzI3PJjd8sXWaVqg43WWk= cloud.google.com/go/securitycenter v1.16.0/go.mod h1:Q9GMaLQFUD+5ZTabrbujNWLtSLZIZF7SAR0wWECrjdk= cloud.google.com/go/securitycenter v1.18.1/go.mod h1:0/25gAzCM/9OL9vVx4ChPeM/+DlfGQJDwBy/UC8AKK0= cloud.google.com/go/securitycenter v1.19.0/go.mod h1:LVLmSg8ZkkyaNy4u7HCIshAngSQ8EcIRREP3xBnyfag= -cloud.google.com/go/securitycenter v1.23.0/go.mod h1:8pwQ4n+Y9WCWM278R8W3nF65QtY172h4S8aXyI9/hsQ= cloud.google.com/go/servicecontrol v1.4.0/go.mod h1:o0hUSJ1TXJAmi/7fLJAedOovnujSEvjKCAFNXPQ1RaU= cloud.google.com/go/servicecontrol v1.5.0/go.mod h1:qM0CnXHhyqKVuiZnGKrIurvVImCs8gmqWsDoqe9sU1s= cloud.google.com/go/servicecontrol v1.10.0/go.mod h1:pQvyvSRh7YzUF2efw7H87V92mxU8FnFDawMClGCNuAA= @@ -686,8 +519,6 @@ cloud.google.com/go/servicedirectory v1.6.0/go.mod h1:pUlbnWsLH9c13yGkxCmfumWEPj cloud.google.com/go/servicedirectory v1.7.0/go.mod h1:5p/U5oyvgYGYejufvxhgwjL8UVXjkuw7q5XcG10wx1U= cloud.google.com/go/servicedirectory v1.8.0/go.mod h1:srXodfhY1GFIPvltunswqXpVxFPpZjf8nkKQT7XcXaY= cloud.google.com/go/servicedirectory v1.9.0/go.mod h1:29je5JjiygNYlmsGz8k6o+OZ8vd4f//bQLtvzkPPT/s= -cloud.google.com/go/servicedirectory v1.10.1/go.mod h1:Xv0YVH8s4pVOwfM/1eMTl0XJ6bzIOSLDt8f8eLaGOxQ= -cloud.google.com/go/servicedirectory v1.11.0/go.mod h1:Xv0YVH8s4pVOwfM/1eMTl0XJ6bzIOSLDt8f8eLaGOxQ= cloud.google.com/go/servicemanagement v1.4.0/go.mod h1:d8t8MDbezI7Z2R1O/wu8oTggo3BI2GKYbdG4y/SJTco= cloud.google.com/go/servicemanagement v1.5.0/go.mod h1:XGaCRe57kfqu4+lRxaFEAuqmjzF0r+gWHjWqKqBvKFo= cloud.google.com/go/servicemanagement v1.6.0/go.mod h1:aWns7EeeCOtGEX4OvZUWCCJONRZeFKiptqKf1D0l/Jc= @@ -699,29 +530,24 @@ cloud.google.com/go/serviceusage v1.6.0/go.mod h1:R5wwQcbOWsyuOfbP9tGdAnCAc6B9DR cloud.google.com/go/shell v1.3.0/go.mod h1:VZ9HmRjZBsjLGXusm7K5Q5lzzByZmJHf1d0IWHEN5X4= cloud.google.com/go/shell v1.4.0/go.mod h1:HDxPzZf3GkDdhExzD/gs8Grqk+dmYcEjGShZgYa9URw= cloud.google.com/go/shell v1.6.0/go.mod h1:oHO8QACS90luWgxP3N9iZVuEiSF84zNyLytb+qE2f9A= -cloud.google.com/go/shell v1.7.1/go.mod h1:u1RaM+huXFaTojTbW4g9P5emOrrmLE69KrxqQahKn4g= cloud.google.com/go/spanner v1.41.0/go.mod h1:MLYDBJR/dY4Wt7ZaMIQ7rXOTLjYrmxLE/5ve9vFfWos= cloud.google.com/go/spanner v1.44.0/go.mod h1:G8XIgYdOK+Fbcpbs7p2fiprDw4CaZX63whnSMLVBxjk= cloud.google.com/go/spanner v1.45.0/go.mod h1:FIws5LowYz8YAE1J8fOS7DJup8ff7xJeetWEo5REA2M= -cloud.google.com/go/spanner v1.47.0/go.mod h1:IXsJwVW2j4UKs0eYDqodab6HgGuA1bViSqW4uH9lfUI= -cloud.google.com/go/spanner v1.49.0/go.mod h1:eGj9mQGK8+hkgSVbHNQ06pQ4oS+cyc4tXXd6Dif1KoM= cloud.google.com/go/speech v1.6.0/go.mod h1:79tcr4FHCimOp56lwC01xnt/WPJZc4v3gzyT7FoBkCM= cloud.google.com/go/speech v1.7.0/go.mod h1:KptqL+BAQIhMsj1kOP2la5DSEEerPDuOP/2mmkhHhZQ= cloud.google.com/go/speech v1.8.0/go.mod h1:9bYIl1/tjsAnMgKGHKmBZzXKEkGgtU+MpdDPTE9f7y0= cloud.google.com/go/speech v1.9.0/go.mod h1:xQ0jTcmnRFFM2RfX/U+rk6FQNUF6DQlydUSyoooSpco= cloud.google.com/go/speech v1.14.1/go.mod h1:gEosVRPJ9waG7zqqnsHpYTOoAS4KouMRLDFMekpJ0J0= cloud.google.com/go/speech v1.15.0/go.mod h1:y6oH7GhqCaZANH7+Oe0BhgIogsNInLlz542tg3VqeYI= -cloud.google.com/go/speech v1.17.1/go.mod h1:8rVNzU43tQvxDaGvqOhpDqgkJTFowBpDvCJ14kGlJYo= -cloud.google.com/go/speech v1.19.0/go.mod h1:8rVNzU43tQvxDaGvqOhpDqgkJTFowBpDvCJ14kGlJYo= cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiyrjsg+URw= cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0ZeosJ0Rtdos= cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk= cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs= cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0= cloud.google.com/go/storage v1.14.0/go.mod h1:GrKmX003DSIwi9o29oFT7YDnHYwZoctc3fOKtUw0Xmo= -cloud.google.com/go/storage v1.16.1/go.mod h1:LaNorbty3ehnU3rEjXSNV/NRgQA0O8Y+uh6bPe5UOk4= cloud.google.com/go/storage v1.22.1/go.mod h1:S8N1cAStu7BOeFfE8KAQzmyyLkK8p/vmRq6kuBTW58Y= cloud.google.com/go/storage v1.23.0/go.mod h1:vOEEDNFnciUMhBeT6hsJIn3ieU5cFRmzeLgDvXzfIXc= +cloud.google.com/go/storage v1.24.0/go.mod h1:3xrJEFMXBsQLgxwThyjuD3aYlroL0TMRec1ypGUQ0KE= cloud.google.com/go/storage v1.27.0/go.mod h1:x9DOL8TK/ygDUMieqwfhdpQryTeEkhGKMi80i/iqR2s= cloud.google.com/go/storage v1.28.1/go.mod h1:Qnisd4CqDdo6BGs2AD5LLnEsmSQ80wQ5ogcBBKhU86Y= cloud.google.com/go/storage v1.29.0/go.mod h1:4puEjyTKnku6gfKoTfNOU/W+a9JyuVNxjpS5GBrB8h4= @@ -731,50 +557,39 @@ cloud.google.com/go/storagetransfer v1.5.0/go.mod h1:dxNzUopWy7RQevYFHewchb29POF cloud.google.com/go/storagetransfer v1.6.0/go.mod h1:y77xm4CQV/ZhFZH75PLEXY0ROiS7Gh6pSKrM8dJyg6I= cloud.google.com/go/storagetransfer v1.7.0/go.mod h1:8Giuj1QNb1kfLAiWM1bN6dHzfdlDAVC9rv9abHot2W4= cloud.google.com/go/storagetransfer v1.8.0/go.mod h1:JpegsHHU1eXg7lMHkvf+KE5XDJ7EQu0GwNJbbVGanEw= -cloud.google.com/go/storagetransfer v1.10.0/go.mod h1:DM4sTlSmGiNczmV6iZyceIh2dbs+7z2Ayg6YAiQlYfA= cloud.google.com/go/talent v1.1.0/go.mod h1:Vl4pt9jiHKvOgF9KoZo6Kob9oV4lwd/ZD5Cto54zDRw= cloud.google.com/go/talent v1.2.0/go.mod h1:MoNF9bhFQbiJ6eFD3uSsg0uBALw4n4gaCaEjBw9zo8g= cloud.google.com/go/talent v1.3.0/go.mod h1:CmcxwJ/PKfRgd1pBjQgU6W3YBwiewmUzQYH5HHmSCmM= cloud.google.com/go/talent v1.4.0/go.mod h1:ezFtAgVuRf8jRsvyE6EwmbTK5LKciD4KVnHuDEFmOOA= cloud.google.com/go/talent v1.5.0/go.mod h1:G+ODMj9bsasAEJkQSzO2uHQWXHHXUomArjWQQYkqK6c= -cloud.google.com/go/talent v1.6.2/go.mod h1:CbGvmKCG61mkdjcqTcLOkb2ZN1SrQI8MDyma2l7VD24= cloud.google.com/go/texttospeech v1.4.0/go.mod h1:FX8HQHA6sEpJ7rCMSfXuzBcysDAuWusNNNvN9FELDd8= cloud.google.com/go/texttospeech v1.5.0/go.mod h1:oKPLhR4n4ZdQqWKURdwxMy0uiTS1xU161C8W57Wkea4= cloud.google.com/go/texttospeech v1.6.0/go.mod h1:YmwmFT8pj1aBblQOI3TfKmwibnsfvhIBzPXcW4EBovc= -cloud.google.com/go/texttospeech v1.7.1/go.mod h1:m7QfG5IXxeneGqTapXNxv2ItxP/FS0hCZBwXYqucgSk= cloud.google.com/go/tpu v1.3.0/go.mod h1:aJIManG0o20tfDQlRIej44FcwGGl/cD0oiRyMKG19IQ= cloud.google.com/go/tpu v1.4.0/go.mod h1:mjZaX8p0VBgllCzF6wcU2ovUXN9TONFLd7iz227X2Xg= cloud.google.com/go/tpu v1.5.0/go.mod h1:8zVo1rYDFuW2l4yZVY0R0fb/v44xLh3llq7RuV61fPM= -cloud.google.com/go/tpu v1.6.1/go.mod h1:sOdcHVIgDEEOKuqUoi6Fq53MKHJAtOwtz0GuKsWSH3E= -cloud.google.com/go/trace v0.1.0/go.mod h1:wxEwsoeRVPbeSkt7ZC9nWCgmoKQRAoySN7XHW2AmI7g= +cloud.google.com/go/trace v1.0.0/go.mod h1:4iErSByzxkyHWzzlAj63/Gmjz0NH1ASqhJguHpGcr6A= +cloud.google.com/go/trace v1.2.0/go.mod h1:Wc8y/uYyOhPy12KEnXG9XGrvfMz5F5SrYecQlbW1rwM= cloud.google.com/go/trace v1.3.0/go.mod h1:FFUE83d9Ca57C+K8rDl/Ih8LwOzWIV1krKgxg6N0G28= cloud.google.com/go/trace v1.4.0/go.mod h1:UG0v8UBqzusp+z63o7FK74SdFE+AXpCLdFb1rshXG+Y= cloud.google.com/go/trace v1.8.0/go.mod h1:zH7vcsbAhklH8hWFig58HvxcxyQbaIqMarMg9hn5ECA= cloud.google.com/go/trace v1.9.0/go.mod h1:lOQqpE5IaWY0Ixg7/r2SjixMuc6lfTFeO4QGM4dQWOk= -cloud.google.com/go/trace v1.10.1/go.mod h1:gbtL94KE5AJLH3y+WVpfWILmqgc6dXcqgNXdOPAQTYk= cloud.google.com/go/translate v1.3.0/go.mod h1:gzMUwRjvOqj5i69y/LYLd8RrNQk+hOmIXTi9+nb3Djs= cloud.google.com/go/translate v1.4.0/go.mod h1:06Dn/ppvLD6WvA5Rhdp029IX2Mi3Mn7fpMRLPvXT5Wg= cloud.google.com/go/translate v1.5.0/go.mod h1:29YDSYveqqpA1CQFD7NQuP49xymq17RXNaUDdc0mNu0= cloud.google.com/go/translate v1.6.0/go.mod h1:lMGRudH1pu7I3n3PETiOB2507gf3HnfLV8qlkHZEyos= cloud.google.com/go/translate v1.7.0/go.mod h1:lMGRudH1pu7I3n3PETiOB2507gf3HnfLV8qlkHZEyos= -cloud.google.com/go/translate v1.8.1/go.mod h1:d1ZH5aaOA0CNhWeXeC8ujd4tdCFw8XoNWRljklu5RHs= -cloud.google.com/go/translate v1.8.2/go.mod h1:d1ZH5aaOA0CNhWeXeC8ujd4tdCFw8XoNWRljklu5RHs= -cloud.google.com/go/translate v1.9.0/go.mod h1:d1ZH5aaOA0CNhWeXeC8ujd4tdCFw8XoNWRljklu5RHs= cloud.google.com/go/video v1.8.0/go.mod h1:sTzKFc0bUSByE8Yoh8X0mn8bMymItVGPfTuUBUyRgxk= cloud.google.com/go/video v1.9.0/go.mod h1:0RhNKFRF5v92f8dQt0yhaHrEuH95m068JYOvLZYnJSw= cloud.google.com/go/video v1.12.0/go.mod h1:MLQew95eTuaNDEGriQdcYn0dTwf9oWiA4uYebxM5kdg= cloud.google.com/go/video v1.13.0/go.mod h1:ulzkYlYgCp15N2AokzKjy7MQ9ejuynOJdf1tR5lGthk= cloud.google.com/go/video v1.14.0/go.mod h1:SkgaXwT+lIIAKqWAJfktHT/RbgjSuY6DobxEp0C5yTQ= cloud.google.com/go/video v1.15.0/go.mod h1:SkgaXwT+lIIAKqWAJfktHT/RbgjSuY6DobxEp0C5yTQ= -cloud.google.com/go/video v1.17.1/go.mod h1:9qmqPqw/Ib2tLqaeHgtakU+l5TcJxCJbhFXM7UJjVzU= -cloud.google.com/go/video v1.19.0/go.mod h1:9qmqPqw/Ib2tLqaeHgtakU+l5TcJxCJbhFXM7UJjVzU= -cloud.google.com/go/video v1.20.0/go.mod h1:U3G3FTnsvAGqglq9LxgqzOiBc/Nt8zis8S+850N2DUM= cloud.google.com/go/videointelligence v1.6.0/go.mod h1:w0DIDlVRKtwPCn/C4iwZIJdvC69yInhW0cfi+p546uU= cloud.google.com/go/videointelligence v1.7.0/go.mod h1:k8pI/1wAhjznARtVT9U1llUaFNPh7muw8QyOUpavru4= cloud.google.com/go/videointelligence v1.8.0/go.mod h1:dIcCn4gVDdS7yte/w+koiXn5dWVplOZkE+xwG9FgK+M= cloud.google.com/go/videointelligence v1.9.0/go.mod h1:29lVRMPDYHikk3v8EdPSaL8Ku+eMzDljjuvRs105XoU= cloud.google.com/go/videointelligence v1.10.0/go.mod h1:LHZngX1liVtUhZvi2uNS0VQuOzNi2TkY1OakiuoUOjU= -cloud.google.com/go/videointelligence v1.11.1/go.mod h1:76xn/8InyQHarjTWsBR058SmlPCwQjgcvoW0aZykOvo= cloud.google.com/go/vision v1.2.0/go.mod h1:SmNwgObm5DpFBme2xpyOyasvBc1aPdjvMk2bBk0tKD0= cloud.google.com/go/vision/v2 v2.2.0/go.mod h1:uCdV4PpN1S0jyCyq8sIM42v2Y6zOLkZs+4R9LrGYwFo= cloud.google.com/go/vision/v2 v2.3.0/go.mod h1:UO61abBx9QRMFkNBbf1D8B1LXdS2cGiiCRx0vSpZoUo= @@ -782,41 +597,35 @@ cloud.google.com/go/vision/v2 v2.4.0/go.mod h1:VtI579ll9RpVTrdKdkMzckdnwMyX2JILb cloud.google.com/go/vision/v2 v2.5.0/go.mod h1:MmaezXOOE+IWa+cS7OhRRLK2cNv1ZL98zhqFFZaaH2E= cloud.google.com/go/vision/v2 v2.6.0/go.mod h1:158Hes0MvOS9Z/bDMSFpjwsUrZ5fPrdwuyyvKSGAGMY= cloud.google.com/go/vision/v2 v2.7.0/go.mod h1:H89VysHy21avemp6xcf9b9JvZHVehWbET0uT/bcuY/0= -cloud.google.com/go/vision/v2 v2.7.2/go.mod h1:jKa8oSYBWhYiXarHPvP4USxYANYUEdEsQrloLjrSwJU= cloud.google.com/go/vmmigration v1.2.0/go.mod h1:IRf0o7myyWFSmVR1ItrBSFLFD/rJkfDCUTO4vLlJvsE= cloud.google.com/go/vmmigration v1.3.0/go.mod h1:oGJ6ZgGPQOFdjHuocGcLqX4lc98YQ7Ygq8YQwHh9A7g= cloud.google.com/go/vmmigration v1.5.0/go.mod h1:E4YQ8q7/4W9gobHjQg4JJSgXXSgY21nA5r8swQV+Xxc= cloud.google.com/go/vmmigration v1.6.0/go.mod h1:bopQ/g4z+8qXzichC7GW1w2MjbErL54rk3/C843CjfY= -cloud.google.com/go/vmmigration v1.7.1/go.mod h1:WD+5z7a/IpZ5bKK//YmT9E047AD+rjycCAvyMxGJbro= cloud.google.com/go/vmwareengine v0.1.0/go.mod h1:RsdNEf/8UDvKllXhMz5J40XxDrNJNN4sagiox+OI208= cloud.google.com/go/vmwareengine v0.2.2/go.mod h1:sKdctNJxb3KLZkE/6Oui94iw/xs9PRNC2wnNLXsHvH8= cloud.google.com/go/vmwareengine v0.3.0/go.mod h1:wvoyMvNWdIzxMYSpH/R7y2h5h3WFkx6d+1TIsP39WGY= -cloud.google.com/go/vmwareengine v0.4.1/go.mod h1:Px64x+BvjPZwWuc4HdmVhoygcXqEkGHXoa7uyfTgSI0= -cloud.google.com/go/vmwareengine v1.0.0/go.mod h1:Px64x+BvjPZwWuc4HdmVhoygcXqEkGHXoa7uyfTgSI0= cloud.google.com/go/vpcaccess v1.4.0/go.mod h1:aQHVbTWDYUR1EbTApSVvMq1EnT57ppDmQzZ3imqIk4w= cloud.google.com/go/vpcaccess v1.5.0/go.mod h1:drmg4HLk9NkZpGfCmZ3Tz0Bwnm2+DKqViEpeEpOq0m8= cloud.google.com/go/vpcaccess v1.6.0/go.mod h1:wX2ILaNhe7TlVa4vC5xce1bCnqE3AeH27RV31lnmZes= -cloud.google.com/go/vpcaccess v1.7.1/go.mod h1:FogoD46/ZU+JUBX9D606X21EnxiszYi2tArQwLY4SXs= cloud.google.com/go/webrisk v1.4.0/go.mod h1:Hn8X6Zr+ziE2aNd8SliSDWpEnSS1u4R9+xXZmFiHmGE= cloud.google.com/go/webrisk v1.5.0/go.mod h1:iPG6fr52Tv7sGk0H6qUFzmL3HHZev1htXuWDEEsqMTg= cloud.google.com/go/webrisk v1.6.0/go.mod h1:65sW9V9rOosnc9ZY7A7jsy1zoHS5W9IAXv6dGqhMQMc= cloud.google.com/go/webrisk v1.7.0/go.mod h1:mVMHgEYH0r337nmt1JyLthzMr6YxwN1aAIEc2fTcq7A= cloud.google.com/go/webrisk v1.8.0/go.mod h1:oJPDuamzHXgUc+b8SiHRcVInZQuybnvEW72PqTc7sSg= -cloud.google.com/go/webrisk v1.9.1/go.mod h1:4GCmXKcOa2BZcZPn6DCEvE7HypmEJcJkr4mtM+sqYPc= cloud.google.com/go/websecurityscanner v1.3.0/go.mod h1:uImdKm2wyeXQevQJXeh8Uun/Ym1VqworNDlBXQevGMo= cloud.google.com/go/websecurityscanner v1.4.0/go.mod h1:ebit/Fp0a+FWu5j4JOmJEV8S8CzdTkAS77oDsiSqYWQ= cloud.google.com/go/websecurityscanner v1.5.0/go.mod h1:Y6xdCPy81yi0SQnDY1xdNTNpfY1oAgXUlcfN3B3eSng= -cloud.google.com/go/websecurityscanner v1.6.1/go.mod h1:Njgaw3rttgRHXzwCB8kgCYqv5/rGpFCsBOvPbYgszpg= cloud.google.com/go/workflows v1.6.0/go.mod h1:6t9F5h/unJz41YqfBmqSASJSXccBLtD1Vwf+KmJENM0= cloud.google.com/go/workflows v1.7.0/go.mod h1:JhSrZuVZWuiDfKEFxU0/F1PQjmpnpcoISEXH2bcHC3M= cloud.google.com/go/workflows v1.8.0/go.mod h1:ysGhmEajwZxGn1OhGOGKsTXc5PyxOc0vfKf5Af+to4M= cloud.google.com/go/workflows v1.9.0/go.mod h1:ZGkj1aFIOd9c8Gerkjjq7OW7I5+l6cSvT3ujaO/WwSA= cloud.google.com/go/workflows v1.10.0/go.mod h1:fZ8LmRmZQWacon9UCX1r/g/DfAXx5VcPALq2CxzdePw= -cloud.google.com/go/workflows v1.11.1/go.mod h1:Z+t10G1wF7h8LgdY/EmRcQY8ptBD/nvofaL6FqlET6g= -cloud.google.com/go/workflows v1.12.0/go.mod h1:PYhSk2b6DhZ508tj8HXKaBh+OFe+xdl0dHF/tJdzPQM= +code.cloudfoundry.org/clock v0.0.0-20180518195852-02e53af36e6c/go.mod h1:QD9Lzhd/ux6eNQVUDVRJX/RKTigpewimNYBi7ivZKY8= contrib.go.opencensus.io/exporter/aws v0.0.0-20200617204711-c478e41e60e9/go.mod h1:uu1P0UCM/6RbsMrgPa98ll8ZcHM858i/AD06a9aLRCA= -contrib.go.opencensus.io/exporter/stackdriver v0.13.8/go.mod h1:huNtlWx75MwO7qMs0KrMxPZXzNNWebav1Sq/pm02JdQ= +contrib.go.opencensus.io/exporter/stackdriver v0.13.13/go.mod h1:5pSSGY0Bhuk7waTHuDf4aQ8D2DrhgETRo9fy6k3Xlzc= contrib.go.opencensus.io/integrations/ocsql v0.1.7/go.mod h1:8DsSdjz3F+APR+0z0WkU1aRorQCFfRxvqjUUPMbF3fE= +dario.cat/mergo v1.0.0 h1:AGCNq9Evsj31mOgNPcLyXc+4PNABt905YmuqPYYpBWk= +dario.cat/mergo v1.0.0/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk= dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= gioui.org v0.0.0-20210308172011-57750fc8a0a6/go.mod h1:RSH6KIUZ0p2xy5zHDxgAM4zumjgTw83q2ge/PI+yyw8= git.sr.ht/~sbinet/gg v0.3.1/go.mod h1:KGYtlADtqsqANL9ueOFkWymvzUvLMQllU5Ixo+8v3pc= @@ -824,37 +633,36 @@ github.com/AdaLogics/go-fuzz-headers v0.0.0-20210715213245-6c3934b029d8/go.mod h github.com/AdaLogics/go-fuzz-headers v0.0.0-20221206110420-d395f97c4830/go.mod h1:VzwV+t+dZ9j/H867F1M2ziD+yLHtB46oM35FxxMJ4d0= github.com/AdaLogics/go-fuzz-headers v0.0.0-20230106234847-43070de90fa1/go.mod h1:VzwV+t+dZ9j/H867F1M2ziD+yLHtB46oM35FxxMJ4d0= github.com/AdamKorcz/go-118-fuzz-build v0.0.0-20221215162035-5330a85ea652/go.mod h1:OahwfttHWG6eJ0clwcfBAHoDI6X/LV/15hx/wlMZSrU= -github.com/AlecAivazis/survey/v2 v2.0.5/go.mod h1:WYBhg6f0y/fNYUuesWQc0PKbJcEliGcYHB9sNT3Bg74= -github.com/Azure/azure-amqp-common-go/v3 v3.1.0/go.mod h1:PBIGdzcO1teYoufTKMcGibdKaYZv4avS+O6LNIp8bq0= -github.com/Azure/azure-amqp-common-go/v3 v3.1.1/go.mod h1:YsDaPfaO9Ub2XeSKdIy2DfwuiQlHQCauHJwSqtrkECI= -github.com/Azure/azure-pipeline-go v0.2.3 h1:7U9HBg1JFK3jHl5qmo4CTZKFTVgMwdFHMVtCdfBE21U= -github.com/Azure/azure-pipeline-go v0.2.3/go.mod h1:x841ezTBIMG6O3lAcl8ATHnsOPVl2bqk7S3ta6S6u4k= +github.com/Azure/azure-amqp-common-go/v3 v3.2.3/go.mod h1:7rPmbSfszeovxGfc5fSAXE4ehlXQZHpMja2OtxC2Tas= github.com/Azure/azure-sdk-for-go v16.2.1+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= -github.com/Azure/azure-sdk-for-go v51.1.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= github.com/Azure/azure-sdk-for-go v56.3.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= -github.com/Azure/azure-sdk-for-go v57.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= -github.com/Azure/azure-sdk-for-go v61.4.0+incompatible h1:BF2Pm3aQWIa6q9KmxyF1JYKYXtVw67vtvu2Wd54NGuY= -github.com/Azure/azure-sdk-for-go v61.4.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= +github.com/Azure/azure-sdk-for-go v63.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= +github.com/Azure/azure-sdk-for-go v65.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= +github.com/Azure/azure-sdk-for-go v66.0.0+incompatible h1:bmmC38SlE8/E81nNADlgmVGurPWMHDX2YNXVQMrBpEE= +github.com/Azure/azure-sdk-for-go v66.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= github.com/Azure/azure-sdk-for-go/sdk/azcore v0.19.0/go.mod h1:h6H6c8enJmmocHUbLiiGY6sx7f9i+X3m1CHdd5c6Rdw= -github.com/Azure/azure-sdk-for-go/sdk/azcore v0.21.0/go.mod h1:fBF9PQNqB8scdgpZ3ufzaLntG0AG7C1WjPMsiFOmfHM= -github.com/Azure/azure-sdk-for-go/sdk/azcore v0.22.0 h1:zBJcBJwte0x6PcPK7XaWDMvK2o2ZM2f1sMaqNNavQ5g= -github.com/Azure/azure-sdk-for-go/sdk/azcore v0.22.0/go.mod h1:fBF9PQNqB8scdgpZ3ufzaLntG0AG7C1WjPMsiFOmfHM= +github.com/Azure/azure-sdk-for-go/sdk/azcore v1.0.0/go.mod h1:uGG2W01BaETf0Ozp+QxxKJdMBNRWPdstHG0Fmdwn1/U= +github.com/Azure/azure-sdk-for-go/sdk/azcore v1.1.1/go.mod h1:uGG2W01BaETf0Ozp+QxxKJdMBNRWPdstHG0Fmdwn1/U= +github.com/Azure/azure-sdk-for-go/sdk/azcore v1.8.0 h1:9kDVnTz3vbfweTqAUmk/a/pH5pWFCHtvRpHYC0G/dcA= +github.com/Azure/azure-sdk-for-go/sdk/azcore v1.8.0/go.mod h1:3Ug6Qzto9anB6mGlEdgYMDF5zHQ+wwhEaYR4s17PHMw= github.com/Azure/azure-sdk-for-go/sdk/azidentity v0.11.0/go.mod h1:HcM1YX14R7CJcghJGOYCgdezslRSVzqwLf/q+4Y2r/0= -github.com/Azure/azure-sdk-for-go/sdk/azidentity v0.13.0/go.mod h1:TmXReXZ9yPp5D5TBRMTAtyz+UyOl15Py4hL5E5p6igQ= -github.com/Azure/azure-sdk-for-go/sdk/azidentity v0.13.2 h1:mM/yraAumqMMIYev6zX0oxHqX6hreUs5wXf76W47r38= -github.com/Azure/azure-sdk-for-go/sdk/azidentity v0.13.2/go.mod h1:+nVKciyKD2J9TyVcEQ82Bo9b+3F92PiQfHrIE/zqLqM= +github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.0.0/go.mod h1:+6sju8gk8FRmSajX3Oz4G5Gm7P+mbqE9FVaXXFYTkCM= +github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.4.0 h1:BMAjVKJM0U/CYF27gA0ZMmXGkOcvfFtD0oHVZ1TIPRI= +github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.4.0/go.mod h1:1fXstnBMas5kzG+S3q8UoJcmyU6nUeunJcMDHcRYHhs= github.com/Azure/azure-sdk-for-go/sdk/internal v0.7.0/go.mod h1:yqy467j36fJxcRV2TzfVZ1pCb5vxm4BtZPUdYWe/Xo8= -github.com/Azure/azure-sdk-for-go/sdk/internal v0.8.3/go.mod h1:KLF4gFr6DcKFZwSuH8w8yEK6DpFl3LP5rhdvAb7Yz5I= -github.com/Azure/azure-sdk-for-go/sdk/internal v0.9.1 h1:sLZ/Y+P/5RRtsXWylBjB5lkgixYfm0MQPiwrSX//JSo= -github.com/Azure/azure-sdk-for-go/sdk/internal v0.9.1/go.mod h1:KLF4gFr6DcKFZwSuH8w8yEK6DpFl3LP5rhdvAb7Yz5I= -github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/resources/armresources v0.3.1 h1:EXTDtCSTfPauGawsG+Ae/W46B1PkrgzuKNrcFqy4ljM= -github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/resources/armresources v0.3.1/go.mod h1:PoA99xQAlN13MyUjzgIPWMZEr0etHpYSuT25LmhR3zQ= -github.com/Azure/azure-service-bus-go v0.10.16/go.mod h1:MlkLwGGf1ewcx5jZadn0gUEty+tTg0RaElr6bPf+QhI= -github.com/Azure/azure-storage-blob-go v0.14.0 h1:1BCg74AmVdYwO3dlKwtFU1V0wU2PZdREkXvAmZJRUlM= -github.com/Azure/azure-storage-blob-go v0.14.0/go.mod h1:SMqIBi+SuiQH32bvyjngEewEeXoPfKMgWlBDaYf6fck= -github.com/Azure/go-amqp v0.13.0/go.mod h1:qj+o8xPCz9tMSbQ83Vp8boHahuRDl5mkNHyt1xlxUTs= -github.com/Azure/go-amqp v0.13.11/go.mod h1:D5ZrjQqB1dyp1A+G73xeL/kNn7D5qHJIIsNNps7YNmk= -github.com/Azure/go-amqp v0.13.12/go.mod h1:D5ZrjQqB1dyp1A+G73xeL/kNn7D5qHJIIsNNps7YNmk= +github.com/Azure/azure-sdk-for-go/sdk/internal v1.0.0/go.mod h1:eWRD7oawr1Mu1sLCawqVc0CUiF43ia3qQMxLscsKQ9w= +github.com/Azure/azure-sdk-for-go/sdk/internal v1.3.0 h1:sXr+ck84g/ZlZUOZiNELInmMgOsuGwdjjVkEIde0OtY= +github.com/Azure/azure-sdk-for-go/sdk/internal v1.3.0/go.mod h1:okt5dMMTOFjX/aovMlrjvvXoPMBVSPzk9185BT0+eZM= +github.com/Azure/azure-sdk-for-go/sdk/messaging/azservicebus v1.0.2/go.mod h1:LH9XQnMr2ZYxQdVdCrzLO9mxeDyrDFa6wbSI3x5zCZk= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/internal v1.1.2 h1:mLY+pNLjCUeKhgnAJWAKhEUQM+RJQo2H1fuGSw1Ky1E= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/internal v1.1.2/go.mod h1:FbdwsQ2EzwvXxOPcMFYO8ogEc9uMMIj3YkmCdXdAFmk= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/managementgroups/armmanagementgroups v1.0.0 h1:pPvTJ1dY0sA35JOeFq6TsY2xj6Z85Yo23Pj4wCCvu4o= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/managementgroups/armmanagementgroups v1.0.0/go.mod h1:mLfWfj8v3jfWKsL9G4eoBoXVcsqcIUTapmdKy7uGOp0= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/resources/armresources v1.1.1 h1:7CBQ+Ei8SP2c6ydQTGCCrS35bDxgTMfoP2miAwK++OU= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/resources/armresources v1.1.1/go.mod h1:c/wcGeGx5FUPbM/JltUYHZcKmigwyVLJlDq+4HdtXaw= +github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v0.4.1/go.mod h1:eZ4g6GUvXiGulfIbbhh1Xr4XwUYaYaWMqzGD/284wCA= +github.com/Azure/go-amqp v0.17.0/go.mod h1:9YJ3RhxRT1gquYnzpZO1vcYMMpAdJT+QEg6fwmw9Zlg= +github.com/Azure/go-amqp v0.17.5/go.mod h1:9YJ3RhxRT1gquYnzpZO1vcYMMpAdJT+QEg6fwmw9Zlg= github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8= github.com/Azure/go-ansiterm v0.0.0-20210608223527-2377c96fe795/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8= github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 h1:UQHMgLO+TxOElx5B5HZ4hJQsoJ/PvUvKRhJHDQXO8P8= @@ -863,29 +671,26 @@ github.com/Azure/go-autorest v10.8.1+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSW github.com/Azure/go-autorest v14.2.0+incompatible h1:V5VMDjClD3GiElqLWO7mz2MxNAK/vTfRHdAubSIPRgs= github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= github.com/Azure/go-autorest/autorest v0.11.1/go.mod h1:JFgpikqFJ/MleTTxwepExTKnFUKKszPS8UavbQYUMuw= -github.com/Azure/go-autorest/autorest v0.11.3/go.mod h1:JFgpikqFJ/MleTTxwepExTKnFUKKszPS8UavbQYUMuw= -github.com/Azure/go-autorest/autorest v0.11.17/go.mod h1:eipySxLmqSyC5s5k1CLupqet0PSENBEDP93LQ9a8QYw= github.com/Azure/go-autorest/autorest v0.11.18/go.mod h1:dSiJPy22c3u0OtOKDNttNgqpNFY/GeWa7GH/Pz56QRA= -github.com/Azure/go-autorest/autorest v0.11.20/go.mod h1:o3tqFY+QR40VOlk+pV4d77mORO64jOXSgEnPQgLK6JY= github.com/Azure/go-autorest/autorest v0.11.24/go.mod h1:G6kyRlFnTuSbEYkQGawPfsCswgme4iYf6rfSKUDzbCc= +github.com/Azure/go-autorest/autorest v0.11.25/go.mod h1:7l8ybrIdUmGqZMTD0sRtAr8NvbHjfofbf8RSP2q7w7U= +github.com/Azure/go-autorest/autorest v0.11.27/go.mod h1:7l8ybrIdUmGqZMTD0sRtAr8NvbHjfofbf8RSP2q7w7U= +github.com/Azure/go-autorest/autorest v0.11.28/go.mod h1:MrkzG3Y3AH668QyF9KRk5neJnGgmhQ6krbhR8Q5eMvA= github.com/Azure/go-autorest/autorest v0.11.29 h1:I4+HL/JDvErx2LjyzaVxllw2lRDB5/BT2Bm4g20iqYw= github.com/Azure/go-autorest/autorest v0.11.29/go.mod h1:ZtEzC4Jy2JDrZLxvWs8LrBWEBycl1hbT1eknI8MtfAs= github.com/Azure/go-autorest/autorest/adal v0.9.0/go.mod h1:/c022QCutn2P7uY+/oQWWNcK9YU+MH96NgK+jErpbcg= github.com/Azure/go-autorest/autorest/adal v0.9.5/go.mod h1:B7KF7jKIeC9Mct5spmyCB/A8CG/sEz1vwIRGv/bbw7A= -github.com/Azure/go-autorest/autorest/adal v0.9.11/go.mod h1:nBKAnTomx8gDtl+3ZCJv2v0KACFHWTB2drffI1B68Pk= github.com/Azure/go-autorest/autorest/adal v0.9.13/go.mod h1:W/MM4U6nLxnIskrw4UwWzlHfGjwUS50aOsc/I3yuU8M= -github.com/Azure/go-autorest/autorest/adal v0.9.14/go.mod h1:W/MM4U6nLxnIskrw4UwWzlHfGjwUS50aOsc/I3yuU8M= -github.com/Azure/go-autorest/autorest/adal v0.9.15/go.mod h1:tGMin8I49Yij6AQ+rvV+Xa/zwxYQB5hmsd6DkfAx2+A= github.com/Azure/go-autorest/autorest/adal v0.9.18/go.mod h1:XVVeme+LZwABT8K5Lc3hA4nAe8LDBVle26gTrguhhPQ= +github.com/Azure/go-autorest/autorest/adal v0.9.20/go.mod h1:XVVeme+LZwABT8K5Lc3hA4nAe8LDBVle26gTrguhhPQ= +github.com/Azure/go-autorest/autorest/adal v0.9.21/go.mod h1:zua7mBUaCc5YnSLKYgGJR/w5ePdMDA6H56upLsHzA9U= github.com/Azure/go-autorest/autorest/adal v0.9.22 h1:/GblQdIudfEM3AWWZ0mrYJQSd7JS4S/Mbzh6F0ov0Xc= github.com/Azure/go-autorest/autorest/adal v0.9.22/go.mod h1:XuAbAEUv2Tta//+voMI038TrJBqjKam0me7qR+L8Cmk= -github.com/Azure/go-autorest/autorest/azure/auth v0.5.8/go.mod h1:kxyKZTSfKh8OVFWPAgOgQ/frrJgeYQJPyR5fLFmXko4= github.com/Azure/go-autorest/autorest/azure/auth v0.5.11 h1:P6bYXFoao05z5uhOQzbC3Qd8JqF3jUoocoTeIxkp2cA= github.com/Azure/go-autorest/autorest/azure/auth v0.5.11/go.mod h1:84w/uV8E37feW2NCJ08uT9VBfjfUHpgLVnG2InYD6cg= -github.com/Azure/go-autorest/autorest/azure/cli v0.4.2/go.mod h1:7qkJkT+j6b+hIpzMOwPChJhTqS8VbsqqgULzMNRugoM= -github.com/Azure/go-autorest/autorest/azure/cli v0.4.3/go.mod h1:yAQ2b6eP/CmLPnmLvxtT1ALIY3OR1oFcCqVBi8vHiTc= -github.com/Azure/go-autorest/autorest/azure/cli v0.4.5 h1:0W/yGmFdTIT77fvdlGZ0LMISoLHFJ7Tx4U0yeB+uFs4= github.com/Azure/go-autorest/autorest/azure/cli v0.4.5/go.mod h1:ADQAXrkgm7acgWVUNamOgh8YNrv4p27l3Wc55oVfpzg= +github.com/Azure/go-autorest/autorest/azure/cli v0.4.6 h1:w77/uPk80ZET2F+AfQExZyEWtn+0Rk/uw17m9fv5Ajc= +github.com/Azure/go-autorest/autorest/azure/cli v0.4.6/go.mod h1:piCfgPho7BiIDdEQ1+g4VmKyD5y+p/XtSNqE6Hc4QD0= github.com/Azure/go-autorest/autorest/date v0.3.0 h1:7gUk1U5M/CQbp9WoqinNzJar+8KY+LPI6wiWrP/myHw= github.com/Azure/go-autorest/autorest/date v0.3.0/go.mod h1:BI0uouVdmngYNUzGWeSYnokU+TrmwEsOqdt8Y6sso74= github.com/Azure/go-autorest/autorest/mocks v0.4.0/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= @@ -905,22 +710,28 @@ github.com/Azure/go-ntlmssp v0.0.0-20200615164410-66371956d46c/go.mod h1:chxPXzS github.com/Azure/go-ntlmssp v0.0.0-20220621081337-cb9428e4ac1e/go.mod h1:chxPXzSsl7ZWRAuOIE23GDNzjWuZquvFlgA8xmpunjU= github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 h1:mFRzDkZVAjdal+s7s0MwaRv9igoPqLRdzOLzw/8Xvq8= github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358/go.mod h1:chxPXzSsl7ZWRAuOIE23GDNzjWuZquvFlgA8xmpunjU= -github.com/AzureAD/microsoft-authentication-library-for-go v0.4.0 h1:WVsrXCnHlDDX8ls+tootqRE87/hL9S/g4ewig9RsD/c= github.com/AzureAD/microsoft-authentication-library-for-go v0.4.0/go.mod h1:Vt9sXTKwMyGcOxSmLDMnGPgqsUg7m8pe215qMLrDXw4= +github.com/AzureAD/microsoft-authentication-library-for-go v1.1.1 h1:WpB/QDNLpMw72xHJc34BNNykqSOeEJDAWkhf0u12/Jk= +github.com/AzureAD/microsoft-authentication-library-for-go v1.1.1/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/BurntSushi/toml v1.2.1 h1:9F2/+DoOYIOksmaJFPw1tGFy1eDnIJXg+UHjuD8lTak= github.com/BurntSushi/toml v1.2.1/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= github.com/DataDog/datadog-go v3.2.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ= -github.com/GoogleCloudPlatform/cloudsql-proxy v1.24.0/go.mod h1:3tx938GhY4FC+E1KT/jNjDw7Z5qxAEtIiERJ2sXjnII= +github.com/GoogleCloudPlatform/cloudsql-proxy v1.31.2/go.mod h1:qR6jVnZTKDCW3j+fC9mOEPHm++1nKDMkqbbkD6KNsfo= github.com/HdrHistogram/hdrhistogram-go v1.1.2 h1:5IcZpTvzydCQeHzK4Ef/D5rrSqwxob0t8PQPMybUNFM= github.com/HdrHistogram/hdrhistogram-go v1.1.2/go.mod h1:yDgFjdqOqDEKOvasDdhWNXYg9BVp4O+o5f6V/ehm6Oo= github.com/JohnCGriffin/overflow v0.0.0-20211019200055-46fa312c352c/go.mod h1:X0CRv0ky0k6m906ixxpzmDRLvX58TFUKS2eePweuyxk= +github.com/Knetic/govaluate v3.0.1-0.20171022003610-9aa49832a739+incompatible/go.mod h1:r7JcOSlj0wfOMncg0iLm8Leh48TZaKVeNIfJntJ2wa0= github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI= github.com/Masterminds/goutils v1.1.1/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU= +github.com/Masterminds/semver v1.5.0 h1:H65muMkzWKEuNDnfl9d70GUjFniHKHRbFPGBuZ3QEww= +github.com/Masterminds/semver v1.5.0/go.mod h1:MB6lktGJrhw8PrUyiEoblNEGEQ+RzHPF078ddwwvV3Y= github.com/Masterminds/semver/v3 v3.1.1 h1:hLg3sBzpNErnxhQtUy/mmLR2I9foDujNK030IGemrRc= github.com/Masterminds/semver/v3 v3.1.1/go.mod h1:VPu/7SZ7ePZ3QOrcuXROw5FAcLl4a0cBrbBpGY/8hQs= -github.com/Masterminds/sprig/v3 v3.2.1 h1:n6EPaDyLSvCEa3frruQvAiHuNp2dhBlMSmkEr+HuzGc= github.com/Masterminds/sprig/v3 v3.2.1/go.mod h1:UoaO7Yp8KlPnJIYWTFkMaqPUYKTfGFPhxNuwnnxkKlk= +github.com/Masterminds/sprig/v3 v3.2.2 h1:17jRggJu518dr3QaafizSXOjKYp94wKfABxUmyxvxX8= +github.com/Masterminds/sprig/v3 v3.2.2/go.mod h1:UoaO7Yp8KlPnJIYWTFkMaqPUYKTfGFPhxNuwnnxkKlk= github.com/Microsoft/go-winio v0.4.11/go.mod h1:VhR8bwka0BXejwEJY73c50VrPtXAaKcyvVC4A4RozmA= github.com/Microsoft/go-winio v0.4.14/go.mod h1:qXqCSQ3Xa7+6tgxaGTIe4Kpcdsi+P8jBhyzoq1bpyYA= github.com/Microsoft/go-winio v0.4.15-0.20190919025122-fc70bd9a86b5/go.mod h1:tTuCMEN+UleMWgg9dVx4Hu52b1bJo+59jBh3ajtinzw= @@ -953,26 +764,25 @@ github.com/Microsoft/hcsshim/test v0.0.0-20201218223536-d3e5debf77da/go.mod h1:5 github.com/Microsoft/hcsshim/test v0.0.0-20210227013316-43a75bb4edd3/go.mod h1:mw7qgWloBUl75W/gVH3cQszUg1+gUITj7D6NY7ywVnY= github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= github.com/NYTimes/gziphandler v1.1.1/go.mod h1:n/CVRwUEOgIxrgPvAQhUUr9oeUtvrhMomdKFjzJNB0c= -github.com/Netflix/go-expect v0.0.0-20180615182759-c93bf25de8e8/go.mod h1:oX5x61PbNXchhh0oikYAH+4Pcfw5LKv21+Jnpr6r6Pc= -github.com/Netflix/go-expect v0.0.0-20220104043353-73e0943537d2 h1:+vx7roKuyA63nhn5WAunQHLTznkw5W8b1Xc0dNjp83s= -github.com/Netflix/go-expect v0.0.0-20220104043353-73e0943537d2/go.mod h1:HBCaDeC1lPdgDeDbhX8XFpy1jqjK0IBG8W5K+xYqA0w= github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5 h1:TngWCqHvy9oXAN6lEVMRuU21PR1EtLVZJmdB18Gu3Rw= github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5/go.mod h1:lmUJ/7eu/Q8D7ML55dXQrVaamCz2vxCfdQBasLZfHKk= github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= github.com/OneOfOne/xxhash v1.2.8/go.mod h1:eZbhyaAYD41SGSSsnmcpxVoRiQ/MPUTjUdIIOT9Um7Q= -github.com/ProtonMail/go-crypto v0.0.0-20210428141323-04723f9f07d7/go.mod h1:z4/9nQmJSSwwds7ejkxaJwO37dru3geImFUdJlaLzQo= -github.com/ProtonMail/go-crypto v0.0.0-20230217124315-7d5c6f04bbb8 h1:wPbRQzjjwFc0ih8puEVAOFGELsn1zoIIYdxvML7mDxA= -github.com/ProtonMail/go-crypto v0.0.0-20230217124315-7d5c6f04bbb8/go.mod h1:I0gYDMZ6Z5GRU7l58bNFSkPTFN6Yl12dsUlAZ8xy98g= +github.com/ProtonMail/go-crypto v0.0.0-20230717121422-5aa5874ade95 h1:KLq8BE0KwCL+mmXnjLWEAOYO+2l2AE4YMmqG1ZpZHBs= +github.com/ProtonMail/go-crypto v0.0.0-20230717121422-5aa5874ade95/go.mod h1:EjAoLdwvbIOoOQr3ihjnSoLZRtE8azugULFRteWMNc0= github.com/PuerkitoBio/purell v1.0.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= github.com/PuerkitoBio/urlesc v0.0.0-20160726150825-5bd2802263f2/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d/go.mod h1:HI8ITrYtUY+O+ZhtlqUnD8+KwNPOyugEhfP9fdUIaEQ= -github.com/acomagu/bufpipe v1.0.3/go.mod h1:mxdxdup/WdsKVreO5GpW4+M/1CE2sMG4jeGJ2sYmHc4= +github.com/Shopify/sarama v1.19.0/go.mod h1:FVkBWblsNy7DGZRfXLU0O9RCGt5g3g3yEuWXgklEdEo= +github.com/Shopify/toxiproxy v2.1.4+incompatible/go.mod h1:OXgGpZ6Cli1/URJOF1DMxUHB2q5Ap20/P/eIdh4G0pI= +github.com/VividCortex/gohistogram v1.0.0/go.mod h1:Pf5mBqqDxYaXu3hDrrU+w6nw50o/4+TcAqDqk/vUH7g= github.com/acomagu/bufpipe v1.0.4 h1:e3H4WUzM3npvo5uv95QuJM3cQspFNtFBzvJ2oNjKIDQ= github.com/acomagu/bufpipe v1.0.4/go.mod h1:mxdxdup/WdsKVreO5GpW4+M/1CE2sMG4jeGJ2sYmHc4= github.com/aead/chacha20 v0.0.0-20180709150244-8b13a72661da h1:KjTM2ks9d14ZYCvmHS9iAKVt9AyzRSqNU1qabPih5BY= github.com/aead/chacha20 v0.0.0-20180709150244-8b13a72661da/go.mod h1:eHEWzANqSiWQsof+nXEI9bUVUyV6F53Fp89EuCh2EAA= +github.com/afex/hystrix-go v0.0.0-20180502004556-fa1af6a1f4f5/go.mod h1:SkGFH1ia65gfNATL8TAiHDNxPzPdmEL5uirI2Uyuz6c= github.com/agext/levenshtein v1.2.1/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= github.com/agext/levenshtein v1.2.2/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= github.com/agext/levenshtein v1.2.3 h1:YB2fHEn0UJagG8T1rrWknE3ZQzWM06O8AMAatNn7lmo= @@ -988,12 +798,12 @@ github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuy github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho= +github.com/alecthomas/units v0.0.0-20211218093645-b94a6e3cc137/go.mod h1:OMCwj8VM1Kc9e19TLln2VL61YJF0x1XFtfdL4JdbSyE= github.com/alexflint/go-filemutex v0.0.0-20171022225611-72bdc8eae2ae/go.mod h1:CgnQgUtFrFz9mxFNtED3jI5tLDjKlOM+oUF/sTk6ps0= github.com/alexflint/go-filemutex v1.1.0/go.mod h1:7P4iRhttt/nUvUOrYIhcpMzv2G6CY9UnI16Z+UJqRyk= github.com/alexflint/go-filemutex v1.2.0/go.mod h1:mYyQSWvw9Tx2/H2n9qXPb52tTYfE0pZAWcBq5mK025c= github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883/go.mod h1:rCTlJbsFo29Kk6CurOXKm700vrz8f0KW0JNfpkRJY/8= github.com/andybalholm/brotli v1.0.4/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig= -github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239/go.mod h1:2FmKhYUyUczH0OGQWaF5ceTx0UBShxjsH6f8oGKYe2c= github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be h1:9AeTilPcZAjCFIImctFaOjnTIavg87rW78vTPkQqLI8= github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be/go.mod h1:ySMOLuWl6zY27l47sB3qLNK6tF2fkHG55UZxx8oIVo4= github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= @@ -1001,23 +811,26 @@ github.com/antlr/antlr4/runtime/Go/antlr v0.0.0-20220418222510-f25a4f6275ed/go.m github.com/antlr/antlr4/runtime/Go/antlr v1.4.10/go.mod h1:F7bn7fEU90QkQ3tnmaTx3LTKLEDqnwWODIYppRQ5hnY= github.com/apache/arrow/go/v10 v10.0.1/go.mod h1:YvhnlEePVnBS4+0z3fhPfUy7W1Ikj0Ih0vcRo/gZ1M0= github.com/apache/arrow/go/v11 v11.0.0/go.mod h1:Eg5OsL5H+e299f7u5ssuXsuHQVEGC4xei5aX110hRiI= -github.com/apache/arrow/go/v12 v12.0.0/go.mod h1:d+tV/eHZZ7Dz7RPrFKtPK02tpr+c9/PEd/zm8mDS9Vg= +github.com/apache/thrift v0.12.0/go.mod h1:cp2SuWMxlEZw2r+iP2GNCdIi4C1qmUzdZFSVb+bacwQ= +github.com/apache/thrift v0.13.0/go.mod h1:cp2SuWMxlEZw2r+iP2GNCdIi4C1qmUzdZFSVb+bacwQ= github.com/apache/thrift v0.16.0/go.mod h1:PHK3hniurgQaNMZYaCLEqXKsYK8upmhPbmdP2FXSqgU= github.com/apparentlymart/go-cidr v1.0.1/go.mod h1:EBcsNrHc3zQeuaeCeCtQruQm+n9/YjEn/vI25Lg7Gwc= github.com/apparentlymart/go-cidr v1.1.0 h1:2mAhrMoF+nhXqxTzSZMUzDHkLjmIHC+Zzn4tdgBZjnU= github.com/apparentlymart/go-cidr v1.1.0/go.mod h1:EBcsNrHc3zQeuaeCeCtQruQm+n9/YjEn/vI25Lg7Gwc= github.com/apparentlymart/go-dump v0.0.0-20180507223929-23540a00eaa3/go.mod h1:oL81AME2rN47vu18xqj1S1jPIPuN7afo62yKTNn3XMM= +github.com/apparentlymart/go-dump v0.0.0-20190214190832-042adf3cf4a0 h1:MzVXffFUye+ZcSR6opIgz9Co7WcDx6ZcY+RjfFHoA0I= github.com/apparentlymart/go-dump v0.0.0-20190214190832-042adf3cf4a0/go.mod h1:oL81AME2rN47vu18xqj1S1jPIPuN7afo62yKTNn3XMM= github.com/apparentlymart/go-textseg v1.0.0/go.mod h1:z96Txxhf3xSFMPmb5X/1W05FF/Nj9VFpLOpjS5yuumk= github.com/apparentlymart/go-textseg/v12 v12.0.0/go.mod h1:S/4uRK2UtaQttw1GenVJEynmyUenKwP++x/+DdGV/Ec= -github.com/apparentlymart/go-textseg/v13 v13.0.0 h1:Y+KvPE1NYz0xl601PVImeQfFyEy6iT90AvPUL1NNfNw= github.com/apparentlymart/go-textseg/v13 v13.0.0/go.mod h1:ZK2fH7c4NqDTLtiYLvIkEghdlcqw7yxLeM89kiTRPUo= +github.com/apparentlymart/go-textseg/v15 v15.0.0 h1:uYvfpb3DyLSCGWnctWKGj857c6ew1u1fNQOlOtuGxQY= +github.com/apparentlymart/go-textseg/v15 v15.0.0/go.mod h1:K8XmNZdhEBkdlyDdvbmmsvpAG721bKi0joRfFdHIWJ4= github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o= github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8= github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmVTwzkszR9V5SSuryQ31EELlFMUz1kKyl939pY= -github.com/armon/go-metrics v0.3.0/go.mod h1:zXjbSimjXTd7vOpY8B0/2LpvNvDoXBuplAD+gJD3GYs= github.com/armon/go-metrics v0.3.3/go.mod h1:4O98XIr/9W0sxpJ8UaYkvjk10Iff7SnFrb4QAOwNTFc= github.com/armon/go-metrics v0.3.9/go.mod h1:4O98XIr/9W0sxpJ8UaYkvjk10Iff7SnFrb4QAOwNTFc= +github.com/armon/go-metrics v0.4.0/go.mod h1:E6amYzXo6aW1tqzoZGT755KkbgrJsSdpwZ+3JqfkOG4= github.com/armon/go-metrics v0.4.1 h1:hR91U9KYmb6bLBYLQjyM+3j+rcd/UhE+G78SFnF8gJA= github.com/armon/go-metrics v0.4.1/go.mod h1:E6amYzXo6aW1tqzoZGT755KkbgrJsSdpwZ+3JqfkOG4= github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= @@ -1025,43 +838,79 @@ github.com/armon/go-radix v1.0.0 h1:F4z6KzEeeQIMeLFa97iZU6vupzoecKdU5TX24SNppXI= github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= +github.com/aryann/difflib v0.0.0-20170710044230-e206f873d14a/go.mod h1:DAHtR1m6lCRdSC2Tm3DSWRPvIPr6xNKyeHdqDQSQT+A= github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= +github.com/asaskevich/govalidator v0.0.0-20200907205600-7a23bdc65eef/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= +github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= +github.com/atotto/clipboard v0.1.4 h1:EH0zSVneZPSuFR11BlR9YppQTVDbh5+16AmcJi4g1z4= +github.com/atotto/clipboard v0.1.4/go.mod h1:ZY9tmq7sm5xIbd9bOK4onWV4S6X0u6GY7Vn0Yu86PYI= +github.com/aws/aws-lambda-go v1.13.3/go.mod h1:4UKl9IzQMoD+QF79YdCuzCwp8VbmG4VAQwij/eHl5CU= github.com/aws/aws-sdk-go v1.15.11/go.mod h1:mFuSZ37Z9YOHbQEwBWztmVzqXrEkub65tZoCYDt7FT0= github.com/aws/aws-sdk-go v1.15.27/go.mod h1:mFuSZ37Z9YOHbQEwBWztmVzqXrEkub65tZoCYDt7FT0= github.com/aws/aws-sdk-go v1.15.78/go.mod h1:E3/ieXAlvM0XWO57iftYVDLLvQ824smPP3ATZkfNZeM= github.com/aws/aws-sdk-go v1.25.3/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= -github.com/aws/aws-sdk-go v1.25.37/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= -github.com/aws/aws-sdk-go v1.30.27/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0= +github.com/aws/aws-sdk-go v1.27.0/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= github.com/aws/aws-sdk-go v1.34.0/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0= -github.com/aws/aws-sdk-go v1.37.0/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro= -github.com/aws/aws-sdk-go v1.40.34/go.mod h1:585smgzpB/KqRA+K3y/NL/oYRqQvpNJYvLm+LY1U59Q= +github.com/aws/aws-sdk-go v1.38.35/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro= github.com/aws/aws-sdk-go v1.43.9/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo= +github.com/aws/aws-sdk-go v1.43.11/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo= github.com/aws/aws-sdk-go v1.43.16/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo= -github.com/aws/aws-sdk-go v1.44.106/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo= -github.com/aws/aws-sdk-go v1.44.214 h1:YzDuC+9UtrAOUkItlK7l3BvKI9o6qAog9X8i289HORc= -github.com/aws/aws-sdk-go v1.44.214/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI= -github.com/aws/aws-sdk-go-v2 v1.9.0 h1:+S+dSqQCN3MSU5vJRu1HqHrq00cJn6heIMU7X9hcsoo= -github.com/aws/aws-sdk-go-v2 v1.9.0/go.mod h1:cK/D0BBs0b/oWPIcX/Z/obahJK1TT7IPVjy53i/mX/4= -github.com/aws/aws-sdk-go-v2/config v1.7.0 h1:J2cZ7qe+3IpqBEXnHUrFrOjoB9BlsXg7j53vxcl5IVg= -github.com/aws/aws-sdk-go-v2/config v1.7.0/go.mod h1:w9+nMZ7soXCe5nT46Ri354SNhXDQ6v+V5wqDjnZE+GY= -github.com/aws/aws-sdk-go-v2/credentials v1.4.0 h1:kmvesfjY861FzlCU9mvAfe01D9aeXcG2ZuC+k9F2YLM= -github.com/aws/aws-sdk-go-v2/credentials v1.4.0/go.mod h1:dgGR+Qq7Wjcd4AOAW5Rf5Tnv3+x7ed6kETXyS9WCuAY= -github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.5.0 h1:OxTAgH8Y4BXHD6PGCJ8DHx2kaZPCQfSTqmDsdRZFezE= -github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.5.0/go.mod h1:CpNzHK9VEFUCknu50kkB8z58AH2B5DvPP7ea1LHve/Y= -github.com/aws/aws-sdk-go-v2/internal/ini v1.2.2 h1:d95cddM3yTm4qffj3P6EnP+TzX1SSkWaQypXSgT/hpA= -github.com/aws/aws-sdk-go-v2/internal/ini v1.2.2/go.mod h1:BQV0agm+JEhqR+2RT5e1XTFIDcAAV0eW6z2trp+iduw= -github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.3.0 h1:VNJ5NLBteVXEwE2F1zEXVmyIH58mZ6kIQGJoC7C+vkg= -github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.3.0/go.mod h1:R1KK+vY8AfalhG1AOu5e35pOD2SdoPKQCFLTvnxiohk= -github.com/aws/aws-sdk-go-v2/service/kms v1.5.0 h1:10e9mzaaYIIePEuxUzW5YJ8LKHNG/NX63evcvS3ux9U= -github.com/aws/aws-sdk-go-v2/service/kms v1.5.0/go.mod h1:w7JuP9Oq1IKMFQPkNe3V6s9rOssXzOVEMNEqK1L1bao= -github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.6.0/go.mod h1:B+7C5UKdVq1ylkI/A6O8wcurFtaux0R1njePNPtKwoA= -github.com/aws/aws-sdk-go-v2/service/ssm v1.10.0/go.mod h1:4dXS5YNqI3SNbetQ7X7vfsMlX6ZnboJA2dulBwJx7+g= -github.com/aws/aws-sdk-go-v2/service/sso v1.4.0 h1:sHXMIKYS6YiLPzmKSvDpPmOpJDHxmAUgbiF49YNVztg= -github.com/aws/aws-sdk-go-v2/service/sso v1.4.0/go.mod h1:+1fpWnL96DL23aXPpMGbsmKe8jLTEfbjuQoA4WS1VaA= -github.com/aws/aws-sdk-go-v2/service/sts v1.7.0 h1:1at4e5P+lvHNl2nUktdM2/v+rpICg/QSEr9TO/uW9vU= -github.com/aws/aws-sdk-go-v2/service/sts v1.7.0/go.mod h1:0qcSMCyASQPN2sk/1KQLQ2Fh6yq8wm0HSDAimPhzCoM= -github.com/aws/smithy-go v1.8.0 h1:AEwwwXQZtUwP5Mz506FeXXrKBe0jA8gVM+1gEcSRooc= -github.com/aws/smithy-go v1.8.0/go.mod h1:SObp3lf9smib00L/v3U2eAKG8FyQ7iLrJnQiAmR5n+E= +github.com/aws/aws-sdk-go v1.43.31/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo= +github.com/aws/aws-sdk-go v1.44.45/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo= +github.com/aws/aws-sdk-go v1.44.68/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo= +github.com/aws/aws-sdk-go v1.45.24 h1:TZx/CizkmCQn8Rtsb11iLYutEQVGK5PK9wAhwouELBo= +github.com/aws/aws-sdk-go v1.45.24/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI= +github.com/aws/aws-sdk-go-v2 v0.18.0/go.mod h1:JWVYvqSMppoMJC0x5wdwiImzgXTI9FuZwxzkQq9wy+g= +github.com/aws/aws-sdk-go-v2 v1.16.8/go.mod h1:6CpKuLXg2w7If3ABZCl/qZ6rEgwtjZTn4eAf4RcEyuw= +github.com/aws/aws-sdk-go-v2 v1.17.3 h1:shN7NlnVzvDUgPQ+1rLMSxY8OWRNDRYtiqe0p/PgrhY= +github.com/aws/aws-sdk-go-v2 v1.17.3/go.mod h1:uzbQtefpm44goOPmdKyAlXSNcwlRgF3ePWVW6EtJvvw= +github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.3 h1:S/ZBwevQkr7gv5YxONYpGQxlMFFYSRfz3RMcjsC9Qhk= +github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.3/go.mod h1:gNsR5CaXKmQSSzrmGxmwmct/r+ZBfbxorAuXYsj/M5Y= +github.com/aws/aws-sdk-go-v2/config v1.15.15 h1:yBV+J7Au5KZwOIrIYhYkTGJbifZPCkAnCFSvGsF3ui8= +github.com/aws/aws-sdk-go-v2/config v1.15.15/go.mod h1:A1Lzyy/o21I5/s2FbyX5AevQfSVXpvvIDCoVFD0BC4E= +github.com/aws/aws-sdk-go-v2/credentials v1.12.10 h1:7gGcMQePejwiKoDWjB9cWnpfVdnz/e5JwJFuT6OrroI= +github.com/aws/aws-sdk-go-v2/credentials v1.12.10/go.mod h1:g5eIM5XRs/OzIIK81QMBl+dAuDyoLN0VYaLP+tBqEOk= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.9 h1:hz8tc+OW17YqxyFFPSkvfSikbqWcyyHRyPVSTzC0+aI= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.9/go.mod h1:KDCCm4ONIdHtUloDcFvK2+vshZvx4Zmj7UMDfusuz5s= +github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.11.21 h1:bpiKFJ9aC0xTVpygSRRRL/YHC1JZ+pHQHENATHuoiwo= +github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.11.21/go.mod h1:iIYPrQ2rYfZiB/iADYlhj9HHZ9TTi6PqKQPAqygohbE= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.15/go.mod h1:pWrr2OoHlT7M/Pd2y4HV3gJyPb3qj5qMmnPkKSNPYK4= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.27 h1:I3cakv2Uy1vNmmhRQmFptYDxOvBnwCdNwyw63N0RaRU= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.27/go.mod h1:a1/UpzeyBBerajpnP5nGZa9mGzsBn5cOKxm6NWQsvoI= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.9/go.mod h1:08tUpeSGN33QKSO7fwxXczNfiwCpbj+GxK6XKwqWVv0= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.21 h1:5NbbMrIzmUn/TXFqAle6mgrH5m9cOvMLRGL7pnG8tRE= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.21/go.mod h1:+Gxn8jYn5k9ebfHEqlhrMirFjSW0v0C9fI+KN5vk2kE= +github.com/aws/aws-sdk-go-v2/internal/ini v1.3.16 h1:f0ySVcmQhwmzn7zQozd8wBM3yuGBfzdpsOaKQ0/Epzw= +github.com/aws/aws-sdk-go-v2/internal/ini v1.3.16/go.mod h1:CYmI+7x03jjJih8kBEEFKRQc40UjUokT0k7GbvrhhTc= +github.com/aws/aws-sdk-go-v2/internal/v4a v1.0.6 h1:3L8pcjvgaSOs0zzZcMKzxDSkYKEpwJ2dNVDdxm68jAY= +github.com/aws/aws-sdk-go-v2/internal/v4a v1.0.6/go.mod h1:O7Oc4peGZDEKlddivslfYFvAbgzvl/GH3J8j3JIGBXc= +github.com/aws/aws-sdk-go-v2/service/iam v1.19.0 h1:9vCynoqC+dgxZKrsjvAniyIopsv3RZFsZ6wkQ+yxtj8= +github.com/aws/aws-sdk-go-v2/service/iam v1.19.0/go.mod h1:OyAuvpFeSVNppcSsp1hFOVQcaTRc1LE24YIR7pMbbAA= +github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.9.3 h1:4n4KCtv5SUoT5Er5XV41huuzrCqepxlW3SDI9qHQebc= +github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.9.3/go.mod h1:gkb2qADY+OHaGLKNTYxMaQNacfeyQpZ4csDTQMeFmcw= +github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.1.10 h1:7LJcuRalaLw+GYQTMGmVUl4opg2HrDZkvn/L3KvIQfw= +github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.1.10/go.mod h1:Qks+dxK3O+Z2deAhNo6cJ8ls1bam3tUGUAcgxQP1c70= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.9 h1:sHfDuhbOuuWSIAEDd3pma6p0JgUcR2iePxtCE8gfCxQ= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.9/go.mod h1:yQowTpvdZkFVuHrLBXmczat4W+WJKg/PafBZnGBLga0= +github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.13.9 h1:sJdKvydGYDML9LTFcp6qq6Z5fIjN0Rdq2Gvw1hUg8tc= +github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.13.9/go.mod h1:Rc5+wn2k8gFSi3V1Ch4mhxOzjMh+bYSXVFfVaqowQOY= +github.com/aws/aws-sdk-go-v2/service/kms v1.18.1 h1:y07kzPdcjuuyDVYWf1CCsQQ6kcAWMbFy+yIJ71xQBS0= +github.com/aws/aws-sdk-go-v2/service/kms v1.18.1/go.mod h1:4PZMUkc9rXHWGVB5J9vKaZy3D7Nai79ORworQ3ASMiM= +github.com/aws/aws-sdk-go-v2/service/s3 v1.27.2 h1:NvzGue25jKnuAsh6yQ+TZ4ResMcnp49AWgWGm2L4b5o= +github.com/aws/aws-sdk-go-v2/service/s3 v1.27.2/go.mod h1:u+566cosFI+d+motIz3USXEh6sN8Nq4GrNXSg2RXVMo= +github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.15.14/go.mod h1:xakbH8KMsQQKqzX87uyyzTHshc/0/Df8bsTneTS5pFU= +github.com/aws/aws-sdk-go-v2/service/sns v1.17.10/go.mod h1:uITsRNVMeCB3MkWpXxXw0eDz8pW4TYLzj+eyQtbhSxM= +github.com/aws/aws-sdk-go-v2/service/sqs v1.19.1/go.mod h1:A94o564Gj+Yn+7QO1eLFeI7UVv3riy/YBFOfICVqFvU= +github.com/aws/aws-sdk-go-v2/service/ssm v1.27.6/go.mod h1:fiFzQgj4xNOg4/wqmAiPvzgDMXPD+cUEplX/CYn+0j0= +github.com/aws/aws-sdk-go-v2/service/sso v1.11.13 h1:DQpf+al+aWozOEmVEdml67qkVZ6vdtGUi71BZZWw40k= +github.com/aws/aws-sdk-go-v2/service/sso v1.11.13/go.mod h1:d7ptRksDDgvXaUvxyHZ9SYh+iMDymm94JbVcgvSYSzU= +github.com/aws/aws-sdk-go-v2/service/sts v1.16.10 h1:7tquJrhjYz2EsCBvA9VTl+sBAAh1bv7h/sGASdZOGGo= +github.com/aws/aws-sdk-go-v2/service/sts v1.16.10/go.mod h1:cftkHYN6tCDNfkSasAmclSfl4l7cySoay8vz7p/ce0E= +github.com/aws/smithy-go v1.12.0/go.mod h1:Tg+OJXh4MB2R/uN61Ko2f6hTZwB/ZYGOtib8J3gBHzA= +github.com/aws/smithy-go v1.13.5 h1:hgz0X/DX0dGqTYpGALqXJoRKRj5oQ7150i5FdTePzO8= +github.com/aws/smithy-go v1.13.5/go.mod h1:Tg+OJXh4MB2R/uN61Ko2f6hTZwB/ZYGOtib8J3gBHzA= +github.com/aymanbagabas/go-osc52/v2 v2.0.1 h1:HwpRHbFMcZLEVr42D4p7XBqjyuxQH5SMiErDT4WkJ2k= +github.com/aymanbagabas/go-osc52/v2 v2.0.1/go.mod h1:uYgXzlJ7ZpABp8OJ+exZzJJhRNQ2ASbcXHWsFqH8hp8= github.com/benbjohnson/clock v1.0.3/go.mod h1:bGMdMPoPVvcYyt1gHDf4J2KE153Yf9BuiUKYMaxlTDM= github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= github.com/beorn7/perks v0.0.0-20160804104726-4c0e84591b9a/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= @@ -1091,9 +940,10 @@ github.com/buger/jsonparser v1.1.1/go.mod h1:6RYKKt7H4d4+iWqouImQ9R2FZql3VbhNgx2 github.com/bugsnag/bugsnag-go v0.0.0-20141110184014-b1d153021fcd/go.mod h1:2oa8nejYd4cQ/b0hMIopN0lCRxU0bueqREvZLWFrtK8= github.com/bugsnag/osext v0.0.0-20130617224835-0dd3f918b21b/go.mod h1:obH5gd0BsqsP2LwDJ9aOkm/6J86V6lyAXCoQWGw3K50= github.com/bugsnag/panicwrap v0.0.0-20151223152923-e2c28503fcd0/go.mod h1:D/8v3kj0zr8ZAKg1AQ6crr+5VwKN5eIywRkfhyM/+dE= -github.com/bwesterb/go-ristretto v1.2.0/go.mod h1:fUIoIZaG73pV5biE2Blr2xEzDoMj7NFEuV9ekS419A0= github.com/bwesterb/go-ristretto v1.2.3/go.mod h1:fUIoIZaG73pV5biE2Blr2xEzDoMj7NFEuV9ekS419A0= github.com/bytecodealliance/wasmtime-go v0.36.0/go.mod h1:q320gUxqyI8yB+ZqRuaJOEnGkAnHh6WtJjMaT2CW4wI= +github.com/casbin/casbin/v2 v2.1.2/go.mod h1:YcPU1XXisHhLzuxH9coDNf2FbKpjGlbCg3n9yuLkIJQ= +github.com/cenkalti/backoff v2.2.1+incompatible/go.mod h1:90ReRw6GdpyfrHakVjL/QHaoyV4aDUVVkXQJJJ3NXXM= github.com/cenkalti/backoff/v3 v3.0.0/go.mod h1:cIeZDE3IrqwwJl6VUwCN6trj1oXrTS4rc0ij+ULvLYs= github.com/cenkalti/backoff/v3 v3.2.2 h1:cfUAAO3yvKMYKPrvhDuHSwQnhZNk/RMHKdZqKTxfm6M= github.com/cenkalti/backoff/v3 v3.2.2/go.mod h1:cIeZDE3IrqwwJl6VUwCN6trj1oXrTS4rc0ij+ULvLYs= @@ -1112,6 +962,12 @@ github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghf github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/cespare/xxhash/v2 v2.1.2/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= +github.com/charmbracelet/bubbles v0.16.1 h1:6uzpAAaT9ZqKssntbvZMlksWHruQLNxg49H5WdeuYSY= +github.com/charmbracelet/bubbles v0.16.1/go.mod h1:2QCp9LFlEsBQMvIYERr7Ww2H2bA7xen1idUDIzm/+Xc= +github.com/charmbracelet/bubbletea v0.24.2 h1:uaQIKx9Ai6Gdh5zpTbGiWpytMU+CfsPp06RaW2cx/SY= +github.com/charmbracelet/bubbletea v0.24.2/go.mod h1:XdrNrV4J8GiyshTtx3DNuYkR1FDaJmO3l2nejekbsgg= +github.com/charmbracelet/lipgloss v0.7.1 h1:17WMwi7N1b1rVWOjMT+rCh7sQkvDU75B2hbZpc5Kc1E= +github.com/charmbracelet/lipgloss v0.7.1/go.mod h1:yG0k3giv8Qj8edTCbbg6AlQ5e8KNWpFujkNawKNhE2c= github.com/checkpoint-restore/go-criu/v4 v4.1.0/go.mod h1:xUQBLp4RLc5zJtWY++yjOoMoB5lihDt7fai+75m+rGw= github.com/checkpoint-restore/go-criu/v5 v5.0.0/go.mod h1:cfwC0EG7HMUenopBsUf9d89JlCLQIfgVcNsNN0t6T2M= github.com/checkpoint-restore/go-criu/v5 v5.3.0/go.mod h1:E/eQpaFtUKGOOSEBZgmKAcn+zUUwWxqcaKZlF54wK8E= @@ -1119,8 +975,11 @@ github.com/cheggaaa/pb v1.0.27/go.mod h1:pQciLPpbU0oxA0h+VJYYLxO+XeDQb5pZijXscXH github.com/cheggaaa/pb v1.0.29 h1:FckUN5ngEk2LpvuG0fw1GEFx6LtyY2pWI/Z2QgCnEYo= github.com/cheggaaa/pb v1.0.29/go.mod h1:W40334L7FMC5JKWldsTWbdGjLo0RxUKK73K+TuPxX30= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= +github.com/chzyer/logex v1.2.0/go.mod h1:9+9sk7u7pGNWYMkh0hdiL++6OeibzJccyQU4p4MedaY= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= +github.com/chzyer/readline v1.5.0/go.mod h1:x22KAscuvRqlLoK9CsoYsmxoXZMMFVyOl86cAH8qUic= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= +github.com/chzyer/test v0.0.0-20210722231415-061457976a23/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= github.com/cilium/ebpf v0.0.0-20200110133405-4032b1d8aae3/go.mod h1:MA5e5Lr8slmEg9bt0VpxxWqJlO4iwu3FBdHUzV7wQVg= github.com/cilium/ebpf v0.0.0-20200702112145-1c8d4c9ef775/go.mod h1:7cR51M8ViRLIdUjrmSXlK9pkrsDlLHbO8jiB8X8JnOc= github.com/cilium/ebpf v0.2.0/go.mod h1:To2CFviqOWL/M0gIMsvSMlqe7em/l1ALkX1PyjrX2Qs= @@ -1130,8 +989,8 @@ github.com/cilium/ebpf v0.7.0/go.mod h1:/oI2+1shJiTGAMgl6/RgJr36Eo1jzrRcAWbcXO2u github.com/cilium/ebpf v0.9.1/go.mod h1:+OhNOIXx/Fnu1IE8bJz2dzOA+VSfyTfdNUVdlQnxUFY= github.com/circonus-labs/circonus-gometrics v2.3.1+incompatible/go.mod h1:nmEj6Dob7S7YxXgwXpfOuvO54S+tGdZdw9fuRZt25Ag= github.com/circonus-labs/circonusllhist v0.1.3/go.mod h1:kMXHVDlOchFAehlya5ePtbp5jckzBHf4XRpQvBOLI+I= +github.com/clbanning/x2j v0.0.0-20191024224557-825249438eec/go.mod h1:jMjuTZXRI4dUb/I5gc9Hdhagfvm9+RyrPryS/auMzxE= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= -github.com/cloudflare/circl v1.1.0/go.mod h1:prBCrKB9DV4poKZY1l9zBXg2QJY7mvgRvtMxxK7fi4I= github.com/cloudflare/circl v1.3.3 h1:fE/Qz0QdIGqeWfnwq0RE0R7MI51s0M2E4Ga9kq5AEMs= github.com/cloudflare/circl v1.3.3/go.mod h1:5XYMA4rFBvNIrhs50XuiBJ15vF2pZn4nnUKZrLbUZFA= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= @@ -1146,13 +1005,13 @@ github.com/cncf/xds/go v0.0.0-20211001041855-01bcc9b48dfe/go.mod h1:eXthEFrGJvWH github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cncf/xds/go v0.0.0-20220314180256-7f1daf1720fc/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cncf/xds/go v0.0.0-20230105202645-06c439db220b/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= -github.com/cncf/xds/go v0.0.0-20230310173818-32f1caf87195/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= -github.com/cncf/xds/go v0.0.0-20230428030218-4003588d1b74/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cncf/xds/go v0.0.0-20230607035331-e9ce68804cb4/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cockroachdb/apd v1.1.0/go.mod h1:8Sl8LxpKi29FqWXR16WEFZRNSz3SoPzUzeMeY4+DwBQ= github.com/cockroachdb/datadriven v0.0.0-20190809214429-80d97fb3cbaa/go.mod h1:zn76sxSg3SzpJ0PPJaLDCu+Bu0Lg3sKTORVIj19EIF8= github.com/cockroachdb/datadriven v0.0.0-20200714090401-bf6692d28da5/go.mod h1:h6jFvWxBdQXxjopDMZyH2UVceIRfR84bdzbkoKrsWNo= github.com/cockroachdb/errors v1.2.4/go.mod h1:rQD95gz6FARkaKkQXUksEje/d9a6wBJoCr5oaCLELYA= github.com/cockroachdb/logtags v0.0.0-20190617123548-eb05cc24525f/go.mod h1:i/u985jwjWRlyHXQbwatDASoW0RMlZ/3i9yJHE2xLkI= +github.com/codahale/hdrhistogram v0.0.0-20161010025455-3a0bb77429bd/go.mod h1:sE/e/2PUdi/liOCUjSTXgM1o87ZssimdTWN964YiIeI= github.com/container-orchestrated-devices/container-device-interface v0.5.4/go.mod h1:DjE95rfPiiSmG7uVXtg0z6MnPm/Lx4wxKCIts0ZE0vg= github.com/containerd/aufs v0.0.0-20200908144142-dab0cbea06f4/go.mod h1:nukgQABAEopAHvB6j7cnP5zJ+/3aVcE7hCYqvIwAHyE= github.com/containerd/aufs v0.0.0-20201003224125-76a6863f2989/go.mod h1:AkGGQs9NM2vtYHaUen+NljV0/baGCAPELGm2q9ZXpWU= @@ -1178,12 +1037,13 @@ github.com/containerd/console v0.0.0-20191206165004-02ecf6a7291e/go.mod h1:8Pf4g github.com/containerd/console v1.0.1/go.mod h1:XUsP6YE/mKtz6bxc+I8UiKKTP04qjQL4qcS3XoQ5xkw= github.com/containerd/console v1.0.2/go.mod h1:ytZPjGgY2oeTkAONYafi2kSj0aYggsf8acV1PGKCbzQ= github.com/containerd/console v1.0.3/go.mod h1:7LqA/THxQ86k76b8c/EMSiaJ3h1eZkMkXar0TQ1gf3U= +github.com/containerd/console v1.0.4-0.20230313162750-1ae8d489ac81 h1:q2hJAaP1k2wIvVRd/hEHD7lacgqrCPS+k8g1MndzfWY= +github.com/containerd/console v1.0.4-0.20230313162750-1ae8d489ac81/go.mod h1:YynlIjWYF8myEu6sdkwKIvGQq+cOckRm6So2avqoYAk= github.com/containerd/containerd v1.2.10/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= github.com/containerd/containerd v1.3.0-beta.2.0.20190828155532-0293cbd26c69/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= github.com/containerd/containerd v1.3.0/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= github.com/containerd/containerd v1.3.1-0.20191213020239-082f7e3aed57/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= github.com/containerd/containerd v1.3.2/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.3.4/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= github.com/containerd/containerd v1.4.0-beta.2.0.20200729163537-40b22ef07410/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= github.com/containerd/containerd v1.4.1/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= github.com/containerd/containerd v1.4.3/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= @@ -1203,7 +1063,6 @@ github.com/containerd/containerd v1.7.0/go.mod h1:QfR7Efgb/6X2BDpTPJRvPTYDE9rsF0 github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= github.com/containerd/continuity v0.0.0-20190815185530-f2a389ac0a02/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= github.com/containerd/continuity v0.0.0-20191127005431-f65d91d395eb/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= -github.com/containerd/continuity v0.0.0-20200709052629-daa8e1ccc0bc/go.mod h1:cECdGN1O8G9bgKTlLhuPJimka6Xb/Gg7vYzCTNVxhvo= github.com/containerd/continuity v0.0.0-20200710164510-efbc4488d8fe/go.mod h1:cECdGN1O8G9bgKTlLhuPJimka6Xb/Gg7vYzCTNVxhvo= github.com/containerd/continuity v0.0.0-20201208142359-180525291bb7/go.mod h1:kR3BEg7bDFaEddKm54WSmrol1fKWDU1nKYkgrcgZT7Y= github.com/containerd/continuity v0.0.0-20210208174643-50096c924a4e/go.mod h1:EXlVlkqNba9rJe3j7w3Xa924itAMLgZH4UD/Q4PExuQ= @@ -1285,7 +1144,6 @@ github.com/coreos/go-iptables v0.4.5/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmeka github.com/coreos/go-iptables v0.5.0/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU= github.com/coreos/go-iptables v0.6.0/go.mod h1:Qe8Bv2Xik5FyTXwgIbLAnv2sWSBmvWdFETJConOQ//Q= github.com/coreos/go-oidc v2.1.0+incompatible/go.mod h1:CgnwVTmzoESiwO9qyAFEMiHoZ1nMCKZlZ9V6mm3/LKc= -github.com/coreos/go-oidc v2.2.1+incompatible/go.mod h1:CgnwVTmzoESiwO9qyAFEMiHoZ1nMCKZlZ9V6mm3/LKc= github.com/coreos/go-oidc/v3 v3.5.0 h1:VxKtbccHZxs8juq7RdJntSqtXFtde9YpNpGn0yqgEHw= github.com/coreos/go-oidc/v3 v3.5.0/go.mod h1:ecXRtV4romGPeO6ieExAsUK9cb/3fp9hXNz1tlv8PIM= github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= @@ -1293,6 +1151,7 @@ github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3Ee github.com/coreos/go-systemd v0.0.0-20161114122254-48702e0da86b/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= github.com/coreos/go-systemd v0.0.0-20180511133405-39ca1b05acc7/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= +github.com/coreos/go-systemd v0.0.0-20190719114852-fd7a80b32e1f/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= github.com/coreos/go-systemd/v22 v22.0.0/go.mod h1:xO0FLkIi5MaZafQlIrOotqXZ90ih+1atmu1JpKERPPk= github.com/coreos/go-systemd/v22 v22.1.0/go.mod h1:xO0FLkIi5MaZafQlIrOotqXZ90ih+1atmu1JpKERPPk= github.com/coreos/go-systemd/v22 v22.3.2/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= @@ -1309,7 +1168,6 @@ github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46t github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/creack/pty v1.1.11/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= -github.com/creack/pty v1.1.18 h1:n56/Zwd5o6whRC5PMGretI4IdRLlmBXYNjScPaBgsbY= github.com/creack/pty v1.1.18/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4= github.com/cyphar/filepath-securejoin v0.2.2/go.mod h1:FpkQEhXnPnOthhzymB7CGsFk2G9VLXONKD9G7QGMM+4= github.com/cyphar/filepath-securejoin v0.2.3/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4= @@ -1325,9 +1183,10 @@ github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1 github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/decred/dcrd/crypto/blake256 v1.0.0/go.mod h1:sQl2p6Y26YV+ZOcSTP6thNdn47hh8kt6rqSlvmrXFAc= github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.0-20210816181553-5444fa50b93d/go.mod h1:tmAIfUFEirG/Y8jhZ9M+h36obRZAk/1fcSpXwAVlfqE= -github.com/denisenkom/go-mssqldb v0.9.0/go.mod h1:xbL0rPBG9cCiLr28tMa8zpbdarY27NDyej4t/EjAShU= +github.com/denisenkom/go-mssqldb v0.12.2/go.mod h1:lnIw1mZukFRZDJYQ0Pb833QS2IaC3l5HkEfra2LJ+sk= github.com/denisenkom/go-mssqldb v0.12.3 h1:pBSGx9Tq67pBOTLmxNuirNTeB8Vjmf886Kx+8Y+8shw= github.com/denisenkom/go-mssqldb v0.12.3/go.mod h1:k0mtMFOnU+AihqFxPMiF05rtiDrorD1Vrm1KEz5hxDo= +github.com/dennwc/varint v1.0.0/go.mod h1:hnItb35rvZvJrbTALZtY/iQfDs48JKRG1RPpgziApxA= github.com/denverdino/aliyungo v0.0.0-20190125010748-a747050bb1ba/go.mod h1:dV8lFg6daOBZbT6/BDGIz6Y3WFGn8juu6G+CQ6LHtl0= github.com/devigned/tab v0.1.1/go.mod h1:XG9mPq0dFghrYvoBF3xdRrJzSTX1b7IQrvaL9mzjeJY= github.com/dgraph-io/badger/v3 v3.2103.2/go.mod h1:RHo4/GmYcKKh5Lxu63wLEMHJ70Pac2JqZRYGhlyAo2M= @@ -1337,7 +1196,9 @@ github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZm github.com/dgryski/go-farm v0.0.0-20190423205320-6a90982ecee2/go.mod h1:SqUrOPUnsFjfmXRMNPybcSiG0BgUW2AuFH8PAnS2iTw= github.com/dgryski/go-farm v0.0.0-20200201041132-a6ae2369ad13/go.mod h1:SqUrOPUnsFjfmXRMNPybcSiG0BgUW2AuFH8PAnS2iTw= github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no= -github.com/dimchansky/utfbom v1.1.0/go.mod h1:rO41eb7gLfo8SF1jd9F8HplJm1Fewwi4mQvIirEdv+8= +github.com/dgryski/go-sip13 v0.0.0-20200911182023-62edffca9245/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no= +github.com/digitalocean/godo v1.78.0/go.mod h1:GBmu8MkjZmNARE7IXRPmkbbnocNN8+uBm0xbEVw2LCs= +github.com/digitalocean/godo v1.81.0/go.mod h1:BPCqvwbjbGqxuUnIKB4EvS/AX7IDnNmt5fwvIkWo+ew= github.com/dimchansky/utfbom v1.1.1 h1:vV6w1AhK4VMnhBno/TPVCoK9U/LP0PkLCS9tbxHdi/U= github.com/dimchansky/utfbom v1.1.1/go.mod h1:SxdoEBH5qIqFocHMyGOXVAybYJdr71b1Q/j0mACtrfE= github.com/distribution/distribution/v3 v3.0.0-20220526142353-ffbd94cbe269/go.mod h1:28YO/VJk9/64+sTGNuYaBjWxrXTPrj0C0XmgTIOjxX4= @@ -1358,8 +1219,8 @@ github.com/docker/distribution v2.8.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4Kfc github.com/docker/distribution v2.8.2+incompatible h1:T3de5rq0dB1j30rp0sA2rER+m322EBzniBPB6ZIzuh8= github.com/docker/distribution v2.8.2+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= github.com/docker/docker v1.4.2-0.20190924003213-a8608b5b67c7/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= -github.com/docker/docker v1.4.2-0.20200319182547-c7ad2b866182/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/docker v20.10.7+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= +github.com/docker/docker v20.10.14+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/docker v20.10.17+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/docker v20.10.20+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/docker v23.0.4+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= @@ -1374,6 +1235,7 @@ github.com/docker/go-events v0.0.0-20170721190031-9461782956ad/go.mod h1:Uw6Uezg github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c/go.mod h1:Uw6UezgYA44ePAFQYUehOuCzmy5zmg/+nl2ZfMWGkpA= github.com/docker/go-metrics v0.0.0-20180209012529-399ea8c73916/go.mod h1:/u0gXw0Gay3ceNrsHubL3BtdOL2fHf93USgMTe0W5dI= github.com/docker/go-metrics v0.0.1/go.mod h1:cG1hvH2utMXtqgqqYE9plW6lDxS3/5ayHzueweSI3Vw= +github.com/docker/go-units v0.3.3/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= github.com/docker/go-units v0.4.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4= github.com/docker/go-units v0.5.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= @@ -1382,19 +1244,24 @@ github.com/docker/spdystream v0.0.0-20160310174837-449fdfce4d96/go.mod h1:Qh8CwZ github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= github.com/dustin/go-humanize v0.0.0-20171111073723-bb3d318650d4/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= -github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY= -github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto= +github.com/eapache/go-resiliency v1.1.0/go.mod h1:kFI+JgMyC7bLPUVY133qvEBtVayf5mFgVsvEsIPBvNs= +github.com/eapache/go-xerial-snappy v0.0.0-20180814174437-776d5712da21/go.mod h1:+020luEh2TKB4/GOp8oxxtq0Daoen/Cii55CzbTV6DU= +github.com/eapache/queue v1.1.0/go.mod h1:6eCeP0CKFpHLu8blIFXhExK/dRa7WDZfr6jVFPTqq+I= +github.com/edsrzf/mmap-go v1.0.0/go.mod h1:YO35OhQPt3KJa3ryjFM5Bs14WD66h8eGKpfaBNrHW5M= github.com/edsrzf/mmap-go v1.1.0 h1:6EUwBLQ/Mcr1EYLE4Tn1VdW1A4ckqCQWZBw8Hr0kjpQ= github.com/edsrzf/mmap-go v1.1.0/go.mod h1:19H/e8pUPLicwkyNgOykDXkJ9F0MHE+Z52B8EIth78Q= github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= +github.com/elazarl/goproxy v0.0.0-20221015165544-a0805db90819 h1:RIB4cRk+lBqKK3Oy0r2gRX4ui7tuhiZq2SuTtTCi0/0= +github.com/elazarl/goproxy v0.0.0-20221015165544-a0805db90819/go.mod h1:Ro8st/ElPeALwNFlcTpWmkr6IoMFfkjXAvTHpevnDsM= +github.com/elazarl/goproxy/ext v0.0.0-20190711103511-473e67f1d7d2/go.mod h1:gNh8nYJoAm43RfaxurUnxr+N1PwuFV3ZMl/efxlIlY8= github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= github.com/emicklei/go-restful v2.9.5+incompatible/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= github.com/emicklei/go-restful/v3 v3.8.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/emicklei/go-restful/v3 v3.9.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/emicklei/go-restful/v3 v3.10.1/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= -github.com/emirpasic/gods v1.12.0/go.mod h1:YfzfFFoVP/catgzJb4IKIqXjX78Ha8FMSDh3ymbK86o= github.com/emirpasic/gods v1.18.1 h1:FXtiHYKDGKCW2KzwZKx0iC0PQmdlorYgdFG9jPXJ1Bc= github.com/emirpasic/gods v1.18.1/go.mod h1:8tpGGwCnJ5H4r6BWwaV6OrWmMoPhUl5jm/FMNAnJvWQ= +github.com/envoyproxy/go-control-plane v0.6.9/go.mod h1:SBwIajubJHhxtWwsL9s8ss4safvEdbitLhGGK48rN6g= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= @@ -1403,18 +1270,14 @@ github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.m github.com/envoyproxy/go-control-plane v0.9.9-0.20210217033140-668b12f5399d/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.mod h1:hliV/p42l8fGbc6Y9bQ70uLwIvmJyVE5k4iMKlh8wCQ= github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0= +github.com/envoyproxy/go-control-plane v0.10.1/go.mod h1:AY7fTTXNdv/aJ2O5jwpxAPOWUZ7hQAEvzN5Pf27BkQQ= github.com/envoyproxy/go-control-plane v0.10.2-0.20220325020618-49ff273808a1/go.mod h1:KJwIaB5Mv44NWtYuAOFCVOjcI94vtpEz2JU/D2v6IjE= github.com/envoyproxy/go-control-plane v0.10.3/go.mod h1:fJJn/j26vwOu972OllsvAgJJM//w9BV6Fxbg2LuVd34= -github.com/envoyproxy/go-control-plane v0.11.0/go.mod h1:VnHyVMpzcLvCFt9yUz1UnCwHLhwx1WguiVDV7pTG/tI= github.com/envoyproxy/go-control-plane v0.11.1-0.20230524094728-9239064ad72f/go.mod h1:sfYdkwUW4BA3PbKjySwjJy+O4Pu0h62rlqCMHNk+K+Q= -github.com/envoyproxy/go-control-plane v0.11.1/go.mod h1:uhMcXKCQMEJHiAb0w+YGefQLaTEw+YhGluxZkrTmD0g= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= github.com/envoyproxy/protoc-gen-validate v0.6.7/go.mod h1:dyJXwwfPK2VSqiB9Klm1J6romD608Ba7Hij42vrOBCo= github.com/envoyproxy/protoc-gen-validate v0.9.1/go.mod h1:OKNgG7TCp5pF4d6XftA0++PMirau2/yoOwVac3AbF2w= -github.com/envoyproxy/protoc-gen-validate v0.10.0/go.mod h1:DRjgyB0I43LtJapqN6NiRwroiAU2PaFuvk/vjgh61ss= github.com/envoyproxy/protoc-gen-validate v0.10.1/go.mod h1:DRjgyB0I43LtJapqN6NiRwroiAU2PaFuvk/vjgh61ss= -github.com/envoyproxy/protoc-gen-validate v1.0.1/go.mod h1:0vj8bNkYbSTNS2PIyH87KZaeN4x9zpL9Qt8fQC7d+vs= -github.com/envoyproxy/protoc-gen-validate v1.0.2/go.mod h1:GpiZQP3dDbg4JouG/NNS7QWXpgx6x8QiMKdmN72jogE= github.com/ettle/strcase v0.1.1 h1:htFueZyVeE1XNnMEfbqp5r67qAN/4r6ya1ysq8Q+Zcw= github.com/ettle/strcase v0.1.1/go.mod h1:hzDLsPC7/lwKyBOywSHEP89nt2pDgdy+No1NBA9o9VY= github.com/evanphx/json-patch v4.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= @@ -1425,6 +1288,7 @@ github.com/evanphx/json-patch/v5 v5.6.0 h1:b91NhWfaz02IuVxO9faSllyAtNXHMPkC5J8sJ github.com/evanphx/json-patch/v5 v5.6.0/go.mod h1:G79N1coSVB93tBe7j6PhzjmR3/2VvlbKOFpnXhI9Bw4= github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= github.com/fatih/color v1.9.0/go.mod h1:eQcE1qtQxscV5RaZvpXrrb8Drkc3/DdQ+uUYCNjL+zU= +github.com/fatih/color v1.10.0/go.mod h1:ELkj/draVOlAH/xkhN6mQ50Qd0MPOk5AAr3maGEBuJM= github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= github.com/fatih/color v1.14.1 h1:qfhVLaG5s+nCROl1zJsZRxFeYrHLqWroPOQ8BWiNb4w= github.com/fatih/color v1.14.1/go.mod h1:2oHN61fhTpgcxD3TSWCgKDiH1+x4OiDVVGH8WlgGZGg= @@ -1433,18 +1297,20 @@ github.com/fatih/structs v1.1.0/go.mod h1:9NiDSp5zOcgEDl+j00MP/WkGVPOlPRLejGD8Ga github.com/felixge/httpsnoop v1.0.1/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= github.com/felixge/httpsnoop v1.0.2/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= github.com/felixge/httpsnoop v1.0.3/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= -github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI435gkrCt3MPfRiAkVrwSbHsst4LCFVfpJc= github.com/fogleman/gg v1.2.1-0.20190220221249-0403632d5b90/go.mod h1:R/bRT+9gY/C5z7JzPU0zXsXHKM4/ayA+zqcVNZzPa1k= github.com/fogleman/gg v1.3.0/go.mod h1:R/bRT+9gY/C5z7JzPU0zXsXHKM4/ayA+zqcVNZzPa1k= github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= github.com/form3tech-oss/jwt-go v3.2.3+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= github.com/fortytw2/leaktest v1.3.0/go.mod h1:jDsjWgpAGjm2CA7WthBh/CdZYEPF31XHquHwclZch5g= github.com/foxcpp/go-mockdns v0.0.0-20210729171921-fb145fc6f897/go.mod h1:lgRN6+KxQBawyIghpnl5CezHFGS9VLzvtVlwxvzXTQ4= +github.com/franela/goblin v0.0.0-20200105215937-c9ffbefa60db/go.mod h1:7dvUGVsVBjqR7JHJk0brhHOZYGmfBYOrK0ZhYMEtBr4= +github.com/franela/goreq v0.0.0-20171204163338-bcd34c9993f8/go.mod h1:ZhphrRTfi2rbfLwlschooIH4+wKKDR4Pdxhh+TRoA20= github.com/frankban/quicktest v1.10.0/go.mod h1:ui7WezCLWMWxVWr1GETZY3smRy0G4KWq9vcPtJmFl7Y= github.com/frankban/quicktest v1.11.3/go.mod h1:wRf/ReqHper53s+kmmSZizM8NamnL3IM0I9ntUbOk+k= github.com/frankban/quicktest v1.13.0/go.mod h1:qLE0fzW0VuyUAJgPU19zByoIr0HtCHN/r/VLSOOIySU= -github.com/frankban/quicktest v1.14.0 h1:+cqqvzZV87b4adx/5ayVOaYZ2CrvM4ejQvUdBzPPUss= github.com/frankban/quicktest v1.14.0/go.mod h1:NeW+ay9A/U67EYXNFA1nPE8e/tnQv/09mUdL/ijj8og= +github.com/frankban/quicktest v1.14.3 h1:FJKSZTDHjyhriyC81FLQ0LY93eSai0ZyR/ZIkd3ZUKE= +github.com/frankban/quicktest v1.14.3/go.mod h1:mgiwOwqx65TmIk1wJ6Q7wvnVMocbUorkibMOrVTHZps= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= github.com/fsnotify/fsnotify v1.5.1/go.mod h1:T3375wBYaZdLLcVNkcVbzGHY7f1l/uK5T5Ai1i3InKU= @@ -1461,7 +1327,7 @@ github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2H github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/gin-contrib/sse v0.1.0/go.mod h1:RHrZQHXnP2xjPF+u1gW/2HnVO7nvIa9PG3Gm+fLHvGI= github.com/gin-gonic/gin v1.6.3/go.mod h1:75u5sXoLsGZoRN5Sgbi1eraJ4GU3++wFwWzhwvtwp4M= -github.com/gliderlabs/ssh v0.2.2/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0= +github.com/gin-gonic/gin v1.7.7/go.mod h1:axIBovoeJpVj8S3BwE0uPMTeReE4+AfFtqpqaZ1qq1U= github.com/gliderlabs/ssh v0.3.5 h1:OcaySEmAQJgyYcArR+gGGTHCyE7nvhEMTlYY+Dp8CpY= github.com/gliderlabs/ssh v0.3.5/go.mod h1:8XB4KraRrX39qHhT6yxPsHedjA08I/uBVwj4xC+/+z4= github.com/go-asn1-ber/asn1-ber v1.3.1/go.mod h1:hEBeB/ic+5LoWskz+yKT7vGhhPYkProFKoKdwZRWMe0= @@ -1473,18 +1339,15 @@ github.com/go-fonts/latin-modern v0.2.0/go.mod h1:rQVLdDMK+mK1xscDwsqM5J8U2jrRa3 github.com/go-fonts/liberation v0.1.1/go.mod h1:K6qoJYypsmfVjWg8KOVDQhLc8UDgIK2HYqyqAO9z7GY= github.com/go-fonts/liberation v0.2.0/go.mod h1:K6qoJYypsmfVjWg8KOVDQhLc8UDgIK2HYqyqAO9z7GY= github.com/go-fonts/stix v0.1.0/go.mod h1:w/c1f0ldAUlJmLBvlbkvVXLAD+tAMqobIIQpmnUIzUY= -github.com/go-git/gcfg v1.5.0 h1:Q5ViNfGF8zFgyJWPqYwA7qGFoMTEiBmdlkcfRmpIMa4= -github.com/go-git/gcfg v1.5.0/go.mod h1:5m20vg6GwYabIxaOonVkTdrILxQMpEShl1xiMF4ua+E= -github.com/go-git/go-billy/v5 v5.2.0/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0= +github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 h1:+zs/tPmkDkHx3U66DAb0lQFJrpS6731Oaa12ikc+DiI= +github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376/go.mod h1:an3vInlBmSxCcxctByoQdvwPiA7DTK7jaaFDBTtu0ic= github.com/go-git/go-billy/v5 v5.3.1/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0= github.com/go-git/go-billy/v5 v5.4.1 h1:Uwp5tDRkPr+l/TnbHOQzp+tmJfLceOlbVucgpTz8ix4= github.com/go-git/go-billy/v5 v5.4.1/go.mod h1:vjbugF6Fz7JIflbVpl1hJsGjSHNltrSw45YK/ukIvQg= -github.com/go-git/go-git-fixtures/v4 v4.2.1/go.mod h1:K8zd3kDUAykwTdDCr+I0per6Y6vMiRR/nnVTBtavnB0= -github.com/go-git/go-git-fixtures/v4 v4.3.1 h1:y5z6dd3qi8Hl+stezc8p3JxDkoTRqMAlKnXHuzrfjTQ= -github.com/go-git/go-git-fixtures/v4 v4.3.1/go.mod h1:8LHG1a3SRW71ettAD/jW13h8c6AqjVSeL11RAdgaqpo= -github.com/go-git/go-git/v5 v5.4.2/go.mod h1:gQ1kArt6d+n+BGd+/B/I74HwRTLhth2+zti4ihgckDc= -github.com/go-git/go-git/v5 v5.6.1 h1:q4ZRqQl4pR/ZJHc1L5CFjGA1a10u76aV1iC+nh+bHsk= -github.com/go-git/go-git/v5 v5.6.1/go.mod h1:mvyoL6Unz0PiTQrGQfSfiLFhBH1c1e84ylC2MDs4ee8= +github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20230305113008-0c11038e723f h1:Pz0DHeFij3XFhoBRGUDPzSJ+w2UcK5/0JvF8DRI58r8= +github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20230305113008-0c11038e723f/go.mod h1:8LHG1a3SRW71ettAD/jW13h8c6AqjVSeL11RAdgaqpo= +github.com/go-git/go-git/v5 v5.8.1 h1:Zo79E4p7TRk0xoRgMq0RShiTHGKcKI4+DI6BfJc/Q+A= +github.com/go-git/go-git/v5 v5.8.1/go.mod h1:FHFuoD6yGz5OSKEBK+aWN9Oah0q54Jxl0abmj6GnqAo= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= @@ -1494,11 +1357,12 @@ github.com/go-jose/go-jose/v3 v3.0.0 h1:s6rrhirfEP/CGIoc6p+PZAeogN2SxKav6Wp7+dyM github.com/go-jose/go-jose/v3 v3.0.0/go.mod h1:RNkWWRld676jZEYoV3+XK8L2ZnNSvIsxFMht0mSX+u8= github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= +github.com/go-kit/kit v0.10.0/go.mod h1:xUsJbQ/Fp4kEt7AFgCuvyX4a71u8h9jB8tj/ORgOZ7o= github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY= github.com/go-kit/log v0.2.0/go.mod h1:NwTd00d/i8cPZ3xOwwiv2PO5MOcx78fFErGNcVmBjv0= +github.com/go-kit/log v0.2.1/go.mod h1:NwTd00d/i8cPZ3xOwwiv2PO5MOcx78fFErGNcVmBjv0= github.com/go-latex/latex v0.0.0-20210118124228-b3d85cf34e07/go.mod h1:CO1AlKB2CSIqUrmQPqA0gdRIlnLEY0gK5JGjh37zN5U= github.com/go-latex/latex v0.0.0-20210823091927-c0d11ff05a81/go.mod h1:SX0U8uGpxhq9o2S/CELCSUxEWWAuoCUcVCQWv7G2OCk= -github.com/go-ldap/ldap/v3 v3.1.3/go.mod h1:3rbOH3jRS2u6jg2rJnKAMLE/xQyCKIveG2Sa/Cohzb8= github.com/go-ldap/ldap/v3 v3.1.10/go.mod h1:5Zun81jBTabRaI8lzN7E1JjyEl1g6zI6u9pd8luAK4Q= github.com/go-ldap/ldap/v3 v3.4.1/go.mod h1:iYS1MdmrmceOJ1QOTnRXrIs7i3kloqtmGQjRvjKpyMg= github.com/go-ldap/ldap/v3 v3.4.4 h1:qPjipEpt+qDa6SI/h1fzuGWoRUY+qqQ9sOZq67/PYUs= @@ -1517,6 +1381,10 @@ github.com/go-logr/logr v1.2.3/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbV github.com/go-logr/stdr v1.2.0/go.mod h1:YkVgnZu1ZjjL7xTxrfm/LLZBfkhTqSR1ydtm6jTKKwI= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= github.com/go-logr/zapr v1.2.3/go.mod h1:eIauM6P8qSvTw5o2ez6UEAfGjQKrxQTl5EoK+Qa2oG4= +github.com/go-openapi/analysis v0.21.2/go.mod h1:HZwRk4RRisyG8vx2Oe6aqeSQcoxRp47Xkp3+K6q+LdY= +github.com/go-openapi/errors v0.19.8/go.mod h1:cM//ZKUKyO06HSwqAelJ5NsEMMcpa6VpXe8DOa1Mi1M= +github.com/go-openapi/errors v0.19.9/go.mod h1:cM//ZKUKyO06HSwqAelJ5NsEMMcpa6VpXe8DOa1Mi1M= +github.com/go-openapi/errors v0.20.2/go.mod h1:cM//ZKUKyO06HSwqAelJ5NsEMMcpa6VpXe8DOa1Mi1M= github.com/go-openapi/jsonpointer v0.0.0-20160704185906-46af16f9f7b1/go.mod h1:+35s3my2LFTysnkMfxsJBAMHj/DoqoB9knIWoYG/Vk0= github.com/go-openapi/jsonpointer v0.19.2/go.mod h1:3akKfEdA7DF1sugOqz1dVQHBcuDBPKZGEoHC/NkiQRg= github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= @@ -1525,36 +1393,75 @@ github.com/go-openapi/jsonreference v0.0.0-20160704190145-13c6e3589ad9/go.mod h1 github.com/go-openapi/jsonreference v0.19.2/go.mod h1:jMjeRr2HHw6nAVajTXJ4eiUwohSTlpa0o73RUL1owJc= github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL98+wF9xc8zWvFonSJ8= github.com/go-openapi/jsonreference v0.19.5/go.mod h1:RdybgQwPxbL4UEjuAruzK1x3nE69AqPYEJeo/TWfEeg= +github.com/go-openapi/jsonreference v0.19.6/go.mod h1:diGHMEHg2IqXZGKxqyvWdfWU/aim5Dprw5bqpKkTvns= github.com/go-openapi/jsonreference v0.20.0/go.mod h1:Ag74Ico3lPc+zR+qjn4XBUmXymS4zJbYVCZmcgkasdo= +github.com/go-openapi/loads v0.21.1/go.mod h1:/DtAMXXneXFjbQMGEtbamCZb+4x7eGwkvZCvBmwUG+g= +github.com/go-openapi/runtime v0.23.1/go.mod h1:AKurw9fNre+h3ELZfk6ILsfvPN+bvvlaU/M9q/r9hpk= github.com/go-openapi/spec v0.0.0-20160808142527-6aced65f8501/go.mod h1:J8+jY1nAiCcj+friV/PDoE1/3eeccG9LYBs0tYvLOWc= github.com/go-openapi/spec v0.19.3/go.mod h1:FpwSN1ksY1eteniUU7X0N/BgJ7a4WvBFVA8Lj9mJglo= +github.com/go-openapi/spec v0.20.4/go.mod h1:faYFR1CvsJZ0mNsmsphTMSoRrNV3TEDoAM7FOEWeq8I= +github.com/go-openapi/strfmt v0.21.0/go.mod h1:ZRQ409bWMj+SOgXofQAGTIo2Ebu72Gs+WaRADcS5iNg= +github.com/go-openapi/strfmt v0.21.1/go.mod h1:I/XVKeLc5+MM5oPNN7P6urMOpuLXEcNrCX/rPGuWb0k= +github.com/go-openapi/strfmt v0.21.2/go.mod h1:I/XVKeLc5+MM5oPNN7P6urMOpuLXEcNrCX/rPGuWb0k= github.com/go-openapi/swag v0.0.0-20160704191624-1d0bd113de87/go.mod h1:DXUve3Dpr1UfpPtxFw+EFuQ41HhCWZfha5jSVRG7C7I= github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= github.com/go-openapi/swag v0.19.14/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= +github.com/go-openapi/swag v0.19.15/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= +github.com/go-openapi/swag v0.21.1/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= +github.com/go-openapi/validate v0.21.0/go.mod h1:rjnrwK57VJ7A8xqfpAOEKRH8yQSGUriMu5/zuPSQ1hg= github.com/go-pdf/fpdf v0.5.0/go.mod h1:HzcnA+A23uwogo0tp9yU+l3V+KXhiESpt1PMayhOh5M= github.com/go-pdf/fpdf v0.6.0/go.mod h1:HzcnA+A23uwogo0tp9yU+l3V+KXhiESpt1PMayhOh5M= github.com/go-playground/assert/v2 v2.0.1/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4= github.com/go-playground/locales v0.13.0/go.mod h1:taPMhCMXrRLJO55olJkUXHZBHCxTMfnGwq/HNwmWNS8= github.com/go-playground/universal-translator v0.17.0/go.mod h1:UkSxE5sNxxRwHyU+Scu5vgOQjsIJAF8j9muTVoKLVtA= github.com/go-playground/validator/v10 v10.2.0/go.mod h1:uOYAAleCW8F/7oMFd6aG0GOhaH6EGOAJShg8Id5JGkI= +github.com/go-playground/validator/v10 v10.4.1/go.mod h1:nlOn6nFhuKACm19sB/8EGNn9GlaMV7XkbRSipzJ0Ii4= +github.com/go-resty/resty/v2 v2.1.1-0.20191201195748-d7b97669fe48/go.mod h1:dZGr0i9PLlaaTD4H/hoZIDjQ+r6xq8mgbRzHZf7f2J8= +github.com/go-sql-driver/mysql v1.4.0/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w= github.com/go-sql-driver/mysql v1.5.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= github.com/go-sql-driver/mysql v1.7.1 h1:lUIinVbN1DY0xBg0eMOzmmtGoHwWBbvnWubQUrtU8EI= github.com/go-sql-driver/mysql v1.7.1/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9S1MCJN5yJMI= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= +github.com/go-stack/stack v1.8.1/go.mod h1:dcoOX6HbPZSZptuspn9bctJ+N/CnF5gGygcUP3XYfe4= github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE= -github.com/go-test/deep v1.0.2-0.20181118220953-042da051cf31/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= github.com/go-test/deep v1.0.2/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= github.com/go-test/deep v1.0.3/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= github.com/go-test/deep v1.1.0 h1:WOcxcdHcvdgThNXjw0t76K42FXTU7HpNQWHpA2HHNlg= github.com/go-test/deep v1.1.0/go.mod h1:5C2ZWiW0ErCdrYzpqxLbTX7MG14M9iiw8DgHncVwcsE= +github.com/go-zookeeper/zk v1.0.2/go.mod h1:nOB03cncLtlp4t+UAkGSV+9beXP/akpekBwL+UX1Qcw= +github.com/gobuffalo/attrs v0.0.0-20190224210810-a9411de4debd/go.mod h1:4duuawTqi2wkkpB4ePgWMaai6/Kc6WEz83bhFwpHzj0= +github.com/gobuffalo/depgen v0.0.0-20190329151759-d478694a28d3/go.mod h1:3STtPUQYuzV0gBVOY3vy6CfMm/ljR4pABfrTeHNLHUY= +github.com/gobuffalo/depgen v0.1.0/go.mod h1:+ifsuy7fhi15RWncXQQKjWS9JPkdah5sZvtHc2RXGlg= +github.com/gobuffalo/envy v1.6.15/go.mod h1:n7DRkBerg/aorDM8kbduw5dN3oXGswK5liaSCx4T5NI= +github.com/gobuffalo/envy v1.7.0/go.mod h1:n7DRkBerg/aorDM8kbduw5dN3oXGswK5liaSCx4T5NI= +github.com/gobuffalo/flect v0.1.0/go.mod h1:d2ehjJqGOH/Kjqcoz+F7jHTBbmDb38yXA598Hb50EGs= +github.com/gobuffalo/flect v0.1.1/go.mod h1:8JCgGVbRjJhVgD6399mQr4fx5rRfGKVzFjbj6RE/9UI= +github.com/gobuffalo/flect v0.1.3/go.mod h1:8JCgGVbRjJhVgD6399mQr4fx5rRfGKVzFjbj6RE/9UI= +github.com/gobuffalo/genny v0.0.0-20190329151137-27723ad26ef9/go.mod h1:rWs4Z12d1Zbf19rlsn0nurr75KqhYp52EAGGxTbBhNk= +github.com/gobuffalo/genny v0.0.0-20190403191548-3ca520ef0d9e/go.mod h1:80lIj3kVJWwOrXWWMRzzdhW3DsrdjILVil/SFKBzF28= +github.com/gobuffalo/genny v0.1.0/go.mod h1:XidbUqzak3lHdS//TPu2OgiFB+51Ur5f7CSnXZ/JDvo= +github.com/gobuffalo/genny v0.1.1/go.mod h1:5TExbEyY48pfunL4QSXxlDOmdsD44RRq4mVZ0Ex28Xk= +github.com/gobuffalo/gitgen v0.0.0-20190315122116-cc086187d211/go.mod h1:vEHJk/E9DmhejeLeNt7UVvlSGv3ziL+djtTr3yyzcOw= +github.com/gobuffalo/gogen v0.0.0-20190315121717-8f38393713f5/go.mod h1:V9QVDIxsgKNZs6L2IYiGR8datgMhB577vzTDqypH360= +github.com/gobuffalo/gogen v0.1.0/go.mod h1:8NTelM5qd8RZ15VjQTFkAW6qOMx5wBbW4dSCS3BY8gg= +github.com/gobuffalo/gogen v0.1.1/go.mod h1:y8iBtmHmGc4qa3urIyo1shvOD8JftTtfcKi+71xfDNE= +github.com/gobuffalo/logger v0.0.0-20190315122211-86e12af44bc2/go.mod h1:QdxcLw541hSGtBnhUc4gaNIXRjiDppFGaDqzbrBd3v8= +github.com/gobuffalo/mapi v1.0.1/go.mod h1:4VAGh89y6rVOvm5A8fKFxYG+wIW6LO1FMTG9hnKStFc= +github.com/gobuffalo/mapi v1.0.2/go.mod h1:4VAGh89y6rVOvm5A8fKFxYG+wIW6LO1FMTG9hnKStFc= +github.com/gobuffalo/packd v0.0.0-20190315124812-a385830c7fc0/go.mod h1:M2Juc+hhDXf/PnmBANFCqx4DM3wRbgDvnVWeG2RIxq4= +github.com/gobuffalo/packd v0.1.0/go.mod h1:M2Juc+hhDXf/PnmBANFCqx4DM3wRbgDvnVWeG2RIxq4= +github.com/gobuffalo/packr/v2 v2.0.9/go.mod h1:emmyGweYTm6Kdper+iywB6YK5YzuKchGtJQZ0Odn4pQ= +github.com/gobuffalo/packr/v2 v2.2.0/go.mod h1:CaAwI0GPIAv+5wKLtv8Afwl+Cm78K/I/VCm/3ptBN+0= +github.com/gobuffalo/syncx v0.0.0-20190224160051-33c29581e754/go.mod h1:HhnNqWY95UYwwW3uSASeV7vtgYkT2t16hJgV3AEPUpw= github.com/gobwas/glob v0.2.3/go.mod h1:d3Ez4x06l9bZtSvzIay5+Yzi0fmZzPgnTbPcKjJAkT8= github.com/gobwas/httphead v0.0.0-20180130184737-2c6c146eadee/go.mod h1:L0fX3K22YWvt/FAX9NnzrNzcI4wNYi9Yku4O0LKYflo= github.com/gobwas/pool v0.2.0/go.mod h1:q8bcK0KcYlCgd9e7WYLm9LpyS+YeLd8JVDW6WezmKEw= github.com/gobwas/ws v1.0.2/go.mod h1:szmBTxLgaFppYjEmNtny/v3w89xOydFnnZMcgRRu/EM= github.com/goccy/go-json v0.9.7/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I= github.com/goccy/go-json v0.9.11/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I= +github.com/goccy/go-yaml v1.9.5/go.mod h1:U/jl18uSupI5rdI2jmuCswEA2htH9eXfferR3KfscvA= github.com/godbus/dbus v0.0.0-20151105175453-c7fdd8b5cd55/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw= github.com/godbus/dbus v0.0.0-20180201030542-885f9cc04c9c/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw= github.com/godbus/dbus v0.0.0-20190422162347-ade71ed3457e/go.mod h1:bBOAhwG1umN6/6ZUMtDFBMQR8jRg9O75tm9K00oMsK4= @@ -1562,24 +1469,29 @@ github.com/godbus/dbus/v5 v5.0.3/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5x github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/godbus/dbus/v5 v5.0.6/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/godbus/dbus/v5 v5.1.0/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= +github.com/gofrs/uuid v3.3.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM= github.com/gofrs/uuid v4.0.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM= github.com/gofrs/uuid v4.2.0+incompatible h1:yyYWMnhkhrKwwr8gAOcOCYxOOscHgDS9yZgBrnJfGa0= github.com/gofrs/uuid v4.2.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM= +github.com/gogo/googleapis v1.1.0/go.mod h1:gf4bu3Q80BeJ6H1S1vYPm8/ELATdvryBaNFGgqEef3s= github.com/gogo/googleapis v1.2.0/go.mod h1:Njal3psf3qN6dwBtQfUmBZh2ybovJ0tlu3o/AC7HYjU= github.com/gogo/googleapis v1.4.0/go.mod h1:5YRNX2z1oM5gXdAkurHa942MDgEJyk02w4OecKY87+c= github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= +github.com/gogo/protobuf v1.2.0/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4= github.com/gogo/protobuf v1.2.2-0.20190723190241-65acae22fc9d/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= github.com/gogo/protobuf v1.3.0/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= -github.com/golang-jwt/jwt v3.2.1+incompatible h1:73Z+4BJcrTC+KczS6WvTPvRGOp1WmfEP4Q1lOd9Z/+c= github.com/golang-jwt/jwt v3.2.1+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I= github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= github.com/golang-jwt/jwt/v4 v4.2.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= +github.com/golang-jwt/jwt/v4 v4.4.2/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg= github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= +github.com/golang-jwt/jwt/v5 v5.0.0 h1:1n1XNM9hk7O9mnQoNBGolZvzebBQ7p93ULHRc28XJUE= +github.com/golang-jwt/jwt/v5 v5.0.0/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe h1:lXe2qZdvpiX5WZkZR4hgp4KJVfY3nMkvmwbVkpv1rVY= github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0= github.com/golang-sql/sqlexp v0.1.0 h1:ZCD6MBpcuOVfGVqsEmY5/4FtYiKz6tSyUv9LPEDei6A= @@ -1625,6 +1537,7 @@ github.com/golang/protobuf v1.5.1/go.mod h1:DopwsBzvsk0Fs44TXzsVbJyPhcCPeIwnvohx github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= +github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/golang/snappy v0.0.1/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM= @@ -1655,14 +1568,13 @@ github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-containerregistry v0.5.1/go.mod h1:Ct15B4yir3PLOP5jsy0GNeYVaIZs/MK/Jz5any1wFW0= github.com/google/go-containerregistry v0.13.0/go.mod h1:J9FQ+eSS4a1aC2GNZxvNpbWhgp0487v+cgiilB4FqDo= -github.com/google/go-pkcs11 v0.2.0/go.mod h1:6eQoGcuNJpa7jnd5pMGdkSaQpNDYvPlXWMcjXXThLlY= -github.com/google/go-pkcs11 v0.2.1-0.20230907215043-c6f79328ddf9/go.mod h1:6eQoGcuNJpa7jnd5pMGdkSaQpNDYvPlXWMcjXXThLlY= +github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck= github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8= github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU= github.com/google/go-replayers/grpcreplay v1.1.0 h1:S5+I3zYyZ+GQz68OfbURDdt/+cSMqCK1wrvNx7WBzTE= github.com/google/go-replayers/grpcreplay v1.1.0/go.mod h1:qzAvJ8/wi57zq7gWqaE6AwLM6miiXUQwP1S+I9icmhk= -github.com/google/go-replayers/httpreplay v1.0.0 h1:8SmT8fUYM4nueF+UnXIX8LJxNTb1vpPuknXz+yTWzL4= -github.com/google/go-replayers/httpreplay v1.0.0/go.mod h1:LJhKoTwS5Wy5Ld/peq8dFFG5OfJyHEz7ft+DsTUv25M= +github.com/google/go-replayers/httpreplay v1.1.1 h1:H91sIMlt1NZzN7R+/ASswyouLJfW0WLW7fhyUFvDEkY= +github.com/google/go-replayers/httpreplay v1.1.1/go.mod h1:gN9GeLIs7l6NUoVaSSnv2RiqK1NiwAmD0MrKeC9IIks= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= @@ -1690,13 +1602,10 @@ github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38/go.mod h1:kpwsk12EmLe github.com/google/pprof v0.0.0-20210506205249-923b5ab0fc1a/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20210601050228-01bbb1931b22/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20210609004039-a478d1d731e9/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20210715191844-86eeefc3e471/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20220318212150-b2ab0324ddda/go.mod h1:KgnwoLYCZ8IQu3XUZ8Nc/bM9CCZFOyjUNOSygVozoDg= +github.com/google/pprof v0.0.0-20220608213341-c488b8fa1db3/go.mod h1:gSuNB+gJaOiQKLEZ+q+PK9Mq3SOzhRcw2GsGS/FhYDk= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= -github.com/google/s2a-go v0.1.0/go.mod h1:OJpEgntRZo8ugHpF9hkoLJbS5dSI20XZeXJ9JVywLlM= -github.com/google/s2a-go v0.1.3/go.mod h1:Ej+mSEMGRnqRzjc7VtF+jdBwYG5fuJfiZ8ELkjEwM0A= -github.com/google/s2a-go v0.1.4/go.mod h1:Ej+mSEMGRnqRzjc7VtF+jdBwYG5fuJfiZ8ELkjEwM0A= -github.com/google/s2a-go v0.1.5/go.mod h1:Ej+mSEMGRnqRzjc7VtF+jdBwYG5fuJfiZ8ELkjEwM0A= github.com/google/s2a-go v0.1.7 h1:60BLSyTrOV4/haCDW4zb1guZItoSq8foHCXrAnjBo/o= github.com/google/s2a-go v0.1.7/go.mod h1:50CgR4k1jNlWBu4UfS4AcfhVe1r6pdZPygJ3R8F0Qdw= github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 h1:El6M4kTTCOh6aBiKaUGG7oYTSPP8MxqL4YI3kZKwcP4= @@ -1717,8 +1626,6 @@ github.com/googleapis/enterprise-certificate-proxy v0.1.0/go.mod h1:17drOmN3MwGY github.com/googleapis/enterprise-certificate-proxy v0.2.0/go.mod h1:8C0jb7/mgJe/9KK8Lm7X9ctZC2t60YyIpYEI16jx0Qg= github.com/googleapis/enterprise-certificate-proxy v0.2.1/go.mod h1:AwSRAtLfXpU5Nm3pW+v7rGDHp09LsPtGY9MduiEsR9k= github.com/googleapis/enterprise-certificate-proxy v0.2.3/go.mod h1:AwSRAtLfXpU5Nm3pW+v7rGDHp09LsPtGY9MduiEsR9k= -github.com/googleapis/enterprise-certificate-proxy v0.2.4/go.mod h1:AwSRAtLfXpU5Nm3pW+v7rGDHp09LsPtGY9MduiEsR9k= -github.com/googleapis/enterprise-certificate-proxy v0.2.5/go.mod h1:RxW0N9901Cko1VOCW3SXCpWP+mlIEkk2tP7jnHy9a3w= github.com/googleapis/enterprise-certificate-proxy v0.3.1 h1:SBWmZhjUDRorQxrN0nwzf+AHBxnbFjViHQS4P0yVpmQ= github.com/googleapis/enterprise-certificate-proxy v0.3.1/go.mod h1:VLSiSSBs/ksPL8kq3OBOQ6WRI2QnaFynd1DCjZ62+V0= github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= @@ -1732,9 +1639,6 @@ github.com/googleapis/gax-go/v2 v2.5.1/go.mod h1:h6B0KMMFNtI2ddbGJn3T3ZbwkeT6yqE github.com/googleapis/gax-go/v2 v2.6.0/go.mod h1:1mjbznJAPHFpesgE5ucqfYEscaz5kMdcIDwU/6+DDoY= github.com/googleapis/gax-go/v2 v2.7.0/go.mod h1:TEop28CZZQ2y+c0VxMUmu1lV+fQx57QpBWsYpwqHJx8= github.com/googleapis/gax-go/v2 v2.7.1/go.mod h1:4orTrqY6hXxxaUL4LHIPl6lGo8vAE38/qKbhSAKP6QI= -github.com/googleapis/gax-go/v2 v2.8.0/go.mod h1:4orTrqY6hXxxaUL4LHIPl6lGo8vAE38/qKbhSAKP6QI= -github.com/googleapis/gax-go/v2 v2.10.0/go.mod h1:4UOEnMCrxsSqQ940WnTiD6qJ63le2ev3xfyagutxiPw= -github.com/googleapis/gax-go/v2 v2.11.0/go.mod h1:DxmR61SGKkGLa2xigwuZIQpkCI2S5iydzRfb3peWZJI= github.com/googleapis/gax-go/v2 v2.12.0 h1:A+gCJKdRfqXkr+BIRGtZLibNXf0m1f9E4HG56etFpas= github.com/googleapis/gax-go/v2 v2.12.0/go.mod h1:y+aIqrI5eb1YGMVJfuV3185Ts/D7qKpsEkdD5+I6QGU= github.com/googleapis/gnostic v0.4.1/go.mod h1:LRhVm6pbyptWbWbuZ38d1eyptfvIytN3ir6b65WBswg= @@ -1742,12 +1646,15 @@ github.com/googleapis/gnostic v0.5.1/go.mod h1:6U4PtQXGIEt/Z3h5MAT7FNofLnw9vXk2c github.com/googleapis/gnostic v0.5.5/go.mod h1:7+EbHbldMins07ALC74bsA81Ovc97DwqyJO1AENw9kA= github.com/googleapis/go-type-adapters v1.0.0/go.mod h1:zHW75FOG2aur7gAO2B+MLby+cLsWGBF62rFAi7WjWO4= github.com/googleapis/google-cloud-go-testing v0.0.0-20200911160855-bcd43fbb19e8/go.mod h1:dvDLG8qkwmyD9a/MJJN3XJcT3xFxOKAvTZGvuZmac9g= +github.com/gophercloud/gophercloud v0.24.0/go.mod h1:Q8fZtyi5zZxPS/j9aj3sSxtvj41AdQMDwyo1myduD5c= +github.com/gophercloud/gophercloud v0.25.0/go.mod h1:Q8fZtyi5zZxPS/j9aj3sSxtvj41AdQMDwyo1myduD5c= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= +github.com/gorilla/context v1.1.1/go.mod h1:kBGZzfjB9CEq2AlWe17Uuf7NDRt0dE0s8S51q0aT7Yg= github.com/gorilla/handlers v0.0.0-20150720190736-60c7bfde3e33/go.mod h1:Qkdc/uu4tH4g6mTK6auzZ766c4CA0Ng8+o/OAirnOIQ= github.com/gorilla/handlers v1.5.1/go.mod h1:t8XrUpc4KVXb7HGyJ4/cEnwQiaxrX/hz1Zv/4g96P1Q= +github.com/gorilla/mux v1.6.2/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= github.com/gorilla/mux v1.7.2/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= github.com/gorilla/mux v1.7.3/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= -github.com/gorilla/mux v1.7.4/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So= github.com/gorilla/mux v1.8.0 h1:i40aqfkR1h2SlN9hojwV5ZA91wcXFOvkdNIeFDP5koI= github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So= github.com/gorilla/securecookie v1.1.1 h1:miw7JPhV+b/lAHSXz4qd/nN9jRiAFV5FwjeKyCS8BvQ= @@ -1762,6 +1669,7 @@ github.com/gosimple/slug v1.13.1 h1:bQ+kpX9Qa6tHRaK+fZR0A0M2Kd7Pa5eHPPsb1JpHD+Q= github.com/gosimple/slug v1.13.1/go.mod h1:UiRaFH+GEilHstLUmcBgWcI42viBN7mAb818JrYOeFQ= github.com/gosimple/unidecode v1.0.1 h1:hZzFTMMqSswvf0LBJZCZgThIZrpDHFXux9KeGmn6T/o= github.com/gosimple/unidecode v1.0.1/go.mod h1:CP0Cr1Y1kogOtx0bJblKzsVWrqYaqfNOnHzpgWw4Awc= +github.com/grafana/regexp v0.0.0-20220304095617-2e8d9baf4ac2/go.mod h1:M5qHK+eWfAv8VR/265dIuEpL3fNfeC21tXXp9itM24A= github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= github.com/grpc-ecosystem/go-grpc-middleware v1.0.1-0.20190118093823-f849b5445de4/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= @@ -1771,13 +1679,22 @@ github.com/grpc-ecosystem/grpc-gateway v1.9.0/go.mod h1:vNeuVxBJEsws4ogUvrchl83t github.com/grpc-ecosystem/grpc-gateway v1.9.5/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= github.com/grpc-ecosystem/grpc-gateway/v2 v2.7.0/go.mod h1:hgWBS7lorOAVIJEQMi4ZsPv9hVvWI6+ch50m39Pf2Ks= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.10.2/go.mod h1:chrfS3YoLAlKTRE5cFWvCbt8uGAjshktT4PveTUpsFQ= github.com/grpc-ecosystem/grpc-gateway/v2 v2.11.3/go.mod h1:o//XUCC/F+yRGJoPO/VU0GSB0f8Nhgmxx0VIRUvaC0w= github.com/grpc-ecosystem/grpc-opentracing v0.0.0-20180507213350-8e809c8a8645 h1:MJG/KsmcqMwFAkh8mTnAwhyKoB+sTAnY4CACC110tbU= github.com/grpc-ecosystem/grpc-opentracing v0.0.0-20180507213350-8e809c8a8645/go.mod h1:6iZfnjpejD4L/4DwD7NryNaJyCQdzwWwH2MWhCA90Kw= +github.com/hanwen/go-fuse v1.0.0/go.mod h1:unqXarDXqzAk0rt98O2tVndEPIpUgLD9+rwFisZH3Ok= +github.com/hanwen/go-fuse/v2 v2.1.0/go.mod h1:oRyA5eK+pvJyv5otpO/DgccS8y/RvYMaO00GgRLGryc= github.com/hashicorp/cap v0.3.4 h1:RoqWYqr6LaDLuvnBCpod1sZtvuEhehIhu0GncmoHW40= github.com/hashicorp/cap v0.3.4/go.mod h1:dHTmyMIVbzT981XxRoci5G//dfWmd/HhuNiCH6J5+IA= github.com/hashicorp/consul/api v1.1.0/go.mod h1:VmuI/Lkw1nC05EYQWNKwWGbkg+FbDBtguAZLlVdkD9Q= +github.com/hashicorp/consul/api v1.3.0/go.mod h1:MmDNSzIMUjNpY/mQ398R4bk2FnqQLoPndWW5VkKPlCE= +github.com/hashicorp/consul/api v1.12.0/go.mod h1:6pVBMo0ebnYdt2S3H87XhekM/HHrUoTD2XXb/VrZVy0= +github.com/hashicorp/consul/api v1.13.0/go.mod h1:ZlVrynguJKcYr54zGaDbaL3fOvKC9m72FhPvA8T35KQ= github.com/hashicorp/consul/sdk v0.1.1/go.mod h1:VKf9jXwCTEY1QZP2MOLRhb5i/I/ssyNV1vwHyQBF0x8= +github.com/hashicorp/consul/sdk v0.3.0/go.mod h1:VKf9jXwCTEY1QZP2MOLRhb5i/I/ssyNV1vwHyQBF0x8= +github.com/hashicorp/consul/sdk v0.8.0/go.mod h1:GBvyrGALthsZObzUGsfgHZQDXjg4lOjagTIwIR1vPms= +github.com/hashicorp/cronexpr v1.1.1/go.mod h1:P4wA0KBl9C5q2hABiMO7cp6jcIg96CDh1Efb3g1PWA4= github.com/hashicorp/errwrap v0.0.0-20141028054710-7554cd9344ce/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= @@ -1796,14 +1713,15 @@ github.com/hashicorp/go-getter v1.4.0/go.mod h1:7qxyCd8rBfcShwsvxgIguu4KbS3l8bUC github.com/hashicorp/go-hclog v0.0.0-20180709165350-ff2cf002a8dd/go.mod h1:9bjs9uLqI8l75knNv3lV1kA55veR+WUPSiKIWcQHudI= github.com/hashicorp/go-hclog v0.9.2/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ= github.com/hashicorp/go-hclog v0.12.0/go.mod h1:whpDNt7SSdeAju8AWKIWsul05p54N/39EeqMAyrmvFQ= +github.com/hashicorp/go-hclog v0.12.2/go.mod h1:whpDNt7SSdeAju8AWKIWsul05p54N/39EeqMAyrmvFQ= github.com/hashicorp/go-hclog v0.14.1/go.mod h1:whpDNt7SSdeAju8AWKIWsul05p54N/39EeqMAyrmvFQ= -github.com/hashicorp/go-hclog v0.16.1/go.mod h1:whpDNt7SSdeAju8AWKIWsul05p54N/39EeqMAyrmvFQ= github.com/hashicorp/go-hclog v0.16.2/go.mod h1:whpDNt7SSdeAju8AWKIWsul05p54N/39EeqMAyrmvFQ= +github.com/hashicorp/go-hclog v1.2.2/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= github.com/hashicorp/go-hclog v1.4.0/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+13c= github.com/hashicorp/go-hclog v1.5.0/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= github.com/hashicorp/go-immutable-radix v1.0.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60= -github.com/hashicorp/go-immutable-radix v1.1.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60= +github.com/hashicorp/go-immutable-radix v1.2.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60= github.com/hashicorp/go-immutable-radix v1.3.1 h1:DKHmCUm2hRBK510BaiZlwvpD40f8bJFeZnpfm2KLowc= github.com/hashicorp/go-immutable-radix v1.3.1/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60= github.com/hashicorp/go-kms-wrapping/entropy v0.1.0/go.mod h1:d1g9WGtAunDNpek8jUIEJnBlbgKS1N2Q61QkHiZyR1g= @@ -1819,19 +1737,17 @@ github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+l github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= github.com/hashicorp/go-plugin v1.0.1/go.mod h1:++UyYGoz3o5w9ZzAdZxtQKrWWP+iqPBn3cQptSMzBuY= github.com/hashicorp/go-plugin v1.4.3/go.mod h1:5fGEH17QVwTTcR0zV7yhDPLLmFX9YSZ38b18Udy6vYQ= +github.com/hashicorp/go-plugin v1.4.4/go.mod h1:viDMjcLJuDui6pXb8U4HVfb8AamCWhHGUjr2IrTF67s= github.com/hashicorp/go-plugin v1.4.8/go.mod h1:viDMjcLJuDui6pXb8U4HVfb8AamCWhHGUjr2IrTF67s= -github.com/hashicorp/go-plugin v1.4.10/go.mod h1:6/1TEzT0eQznvI/gV2CM29DLSkAK/e58mUWKVsPaph0= -github.com/hashicorp/go-plugin v1.5.0 h1:g6Lj3USwF5LaB8HlvCxPjN2X4nFE08ko2BJNVpl7TIE= github.com/hashicorp/go-plugin v1.5.0/go.mod h1:w1sAEES3g3PuV/RzUrgow20W2uErMly84hhD3um1WL4= +github.com/hashicorp/go-plugin v1.5.1 h1:oGm7cWBaYIp3lJpx1RUEfLWophprE2EV/KUeqBYo+6k= +github.com/hashicorp/go-plugin v1.5.1/go.mod h1:w1sAEES3g3PuV/RzUrgow20W2uErMly84hhD3um1WL4= github.com/hashicorp/go-retryablehttp v0.5.3/go.mod h1:9B5zBasrRhHXnJnui7y6sL7es7NDiJgTc6Er0maI1Xs= -github.com/hashicorp/go-retryablehttp v0.6.2/go.mod h1:gEx6HMUGxYYhJScX7W1Il64m6cc2C1mDaW3NQ9sY1FY= github.com/hashicorp/go-retryablehttp v0.6.6/go.mod h1:vAew36LZh98gCBJNLH42IQ1ER/9wtLZZ8meHqQvEYWY= -github.com/hashicorp/go-retryablehttp v0.7.0/go.mod h1:vAew36LZh98gCBJNLH42IQ1ER/9wtLZZ8meHqQvEYWY= github.com/hashicorp/go-retryablehttp v0.7.1/go.mod h1:vAew36LZh98gCBJNLH42IQ1ER/9wtLZZ8meHqQvEYWY= github.com/hashicorp/go-retryablehttp v0.7.4 h1:ZQgVdpTdAL7WpMIwLzCfbalOcSUdkDZnpUv3/+BxzFA= github.com/hashicorp/go-retryablehttp v0.7.4/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8= github.com/hashicorp/go-rootcerts v1.0.0/go.mod h1:K6zTfqpRlCUIjkwsN4Z+hiSfzSTQa6eBIzfwKfwNnHU= -github.com/hashicorp/go-rootcerts v1.0.1/go.mod h1:pqUvnprVnM5bf7AOirdbb01K4ccR319Vf4pU3K5EGc8= github.com/hashicorp/go-rootcerts v1.0.2 h1:jzhAVGtqPKbwpyCPELlgNWhE1znq+qwJtW5Oi2viEzc= github.com/hashicorp/go-rootcerts v1.0.2/go.mod h1:pqUvnprVnM5bf7AOirdbb01K4ccR319Vf4pU3K5EGc8= github.com/hashicorp/go-safetemp v1.0.0 h1:2HR189eFNrjHQyENnQMMpCiBAsRxzbTMIgBhEyExpmo= @@ -1873,42 +1789,44 @@ github.com/hashicorp/go-version v1.6.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09 github.com/hashicorp/go.net v0.0.1/go.mod h1:hjKkEWcCURg++eb33jQU7oqQcI9XDCnUzHA0oac0k90= github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= -github.com/hashicorp/golang-lru v0.5.3/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4= github.com/hashicorp/golang-lru v0.5.4 h1:YDjusn29QI/Das2iO9M0BHnIbxPeyuCHsjMW+lJfyTc= github.com/hashicorp/golang-lru v0.5.4/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4= -github.com/hashicorp/hc-install v0.5.0/go.mod h1:JyzMfbzfSBSjoDCRPna1vi/24BEDxFaCPfdHtM5SCdo= -github.com/hashicorp/hc-install v0.5.2 h1:SfwMFnEXVVirpwkDuSF5kymUOhrUxrTq3udEseZdOD0= -github.com/hashicorp/hc-install v0.5.2/go.mod h1:9QISwe6newMWIfEiXpzuu1k9HAGtQYgnSH8H9T8wmoI= +github.com/hashicorp/hc-install v0.6.0 h1:fDHnU7JNFNSQebVKYhHZ0va1bC6SrPQ8fpebsvNr2w4= +github.com/hashicorp/hc-install v0.6.0/go.mod h1:10I912u3nntx9Umo1VAeYPUUuehk0aRQJYpMwbX5wQA= github.com/hashicorp/hcl v0.0.0-20170504190234-a4b07c25de5f/go.mod h1:oZtUIOe8dh44I2q6ScRibXws4Ajl+d+nod3AaR9vL5w= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= github.com/hashicorp/hcl v1.0.1-vault-5 h1:kI3hhbbyzr4dldA8UdTb7ZlVVlI2DACdCfz31RPDgJM= github.com/hashicorp/hcl v1.0.1-vault-5/go.mod h1:XYhtn6ijBSAj6n4YqAaf7RBPS4I06AItNorpy+MoQNM= github.com/hashicorp/hcl/v2 v2.0.0/go.mod h1:oVVDG71tEinNGYCxinCYadcmKU9bglqW9pV3txagJ90= -github.com/hashicorp/hcl/v2 v2.17.0 h1:z1XvSUyXd1HP10U4lrLg5e0JMVz6CPaJvAgxM0KNZVY= -github.com/hashicorp/hcl/v2 v2.17.0/go.mod h1:gJyW2PTShkJqQBKpAmPO3yxMxIuoXkOF2TpqXzrQyx4= +github.com/hashicorp/hcl/v2 v2.18.0 h1:wYnG7Lt31t2zYkcquwgKo6MWXzRUDIeIVU5naZwHLl8= +github.com/hashicorp/hcl/v2 v2.18.0/go.mod h1:ThLC89FV4p9MPW804KVbe/cEXoQ8NZEh+JtMeeGErHE= github.com/hashicorp/hil v0.0.0-20190212132231-97b3a9cdfa93 h1:T1Q6ag9tCwun16AW+XK3tAql24P4uTGUMIn1/92WsQQ= github.com/hashicorp/hil v0.0.0-20190212132231-97b3a9cdfa93/go.mod h1:n2TSygSNwsLJ76m8qFXTSc7beTb+auJxYdqrnoqwZWE= github.com/hashicorp/logutils v1.0.0 h1:dLEQVugN8vlakKOUE3ihGLTZJRB4j+M2cdTm/ORI65Y= github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64= github.com/hashicorp/mdns v1.0.0/go.mod h1:tL+uN++7HEJ6SQLQ2/p+z2pH24WQKWjBPkE0mNTz8vQ= +github.com/hashicorp/mdns v1.0.4/go.mod h1:mtBihi+LeNXGtG8L9dX59gAEa12BDtBQSp4v/YAJqrc= github.com/hashicorp/memberlist v0.1.3/go.mod h1:ajVTdAv/9Im8oMAAj5G31PhhMCZJV2pPBoIllUwCN7I= +github.com/hashicorp/memberlist v0.3.0/go.mod h1:MS2lj3INKhZjWNqd3N0m3J+Jxf3DAOnAH9VT3Sh9MUE= +github.com/hashicorp/memberlist v0.3.1/go.mod h1:MS2lj3INKhZjWNqd3N0m3J+Jxf3DAOnAH9VT3Sh9MUE= +github.com/hashicorp/nomad/api v0.0.0-20220629141207-c2428e1673ec/go.mod h1:jP79oXjopTyH6E8LF0CEMq67STgrlmBRIyijA0tuR5o= github.com/hashicorp/serf v0.8.2/go.mod h1:6hOLApaqBFA1NXqRQAsxw9QxuDEvNxSQRwA/JwenrHc= +github.com/hashicorp/serf v0.9.6/go.mod h1:TXZNMjZQijwlDvp+r0b63xZ45H7JmCmgg4gpTwn9UV4= github.com/hashicorp/terraform-config-inspect v0.0.0-20191115094559-17f92b0546e8/go.mod h1:p+ivJws3dpqbp1iP84+npOyAmTTOLMgCzrXd3GSdn/A= -github.com/hashicorp/terraform-exec v0.18.1 h1:LAbfDvNQU1l0NOQlTuudjczVhHj061fNX5H8XZxHlH4= -github.com/hashicorp/terraform-exec v0.18.1/go.mod h1:58wg4IeuAJ6LVsLUeD2DWZZoc/bYi6dzhLHzxM41980= +github.com/hashicorp/terraform-exec v0.19.0 h1:FpqZ6n50Tk95mItTSS9BjeOVUb4eg81SpgVtZNNtFSM= +github.com/hashicorp/terraform-exec v0.19.0/go.mod h1:tbxUpe3JKruE9Cuf65mycSIT8KiNPZ0FkuTE3H4urQg= github.com/hashicorp/terraform-json v0.4.0/go.mod h1:eAbqb4w0pSlRmdvl8fOyHAi/+8jnkVYN28gJkSJrLhU= -github.com/hashicorp/terraform-json v0.15.0/go.mod h1:+L1RNzjDU5leLFZkHTFTbJXaoqUC6TqXlFgDoOXrtvk= -github.com/hashicorp/terraform-json v0.17.0 h1:EiA1Wp07nknYQAiv+jIt4dX4Cq5crgP+TsTE45MjMmM= -github.com/hashicorp/terraform-json v0.17.0/go.mod h1:Huy6zt6euxaY9knPAFKjUITn8QxUFIe9VuSzb4zn/0o= -github.com/hashicorp/terraform-plugin-go v0.16.0 h1:DSOQ0rz5FUiVO4NUzMs8ln9gsPgHMTsfns7Nk+6gPuE= -github.com/hashicorp/terraform-plugin-go v0.16.0/go.mod h1:4sn8bFuDbt+2+Yztt35IbOrvZc0zyEi87gJzsTgCES8= +github.com/hashicorp/terraform-json v0.17.1 h1:eMfvh/uWggKmY7Pmb3T85u86E2EQg6EQHgyRwf3RkyA= +github.com/hashicorp/terraform-json v0.17.1/go.mod h1:Huy6zt6euxaY9knPAFKjUITn8QxUFIe9VuSzb4zn/0o= +github.com/hashicorp/terraform-plugin-go v0.19.0 h1:BuZx/6Cp+lkmiG0cOBk6Zps0Cb2tmqQpDM3iAtnhDQU= +github.com/hashicorp/terraform-plugin-go v0.19.0/go.mod h1:EhRSkEPNoylLQntYsk5KrDHTZJh9HQoumZXbOGOXmec= github.com/hashicorp/terraform-plugin-log v0.9.0 h1:i7hOA+vdAItN1/7UrfBqBwvYPQ9TFvymaRGZED3FCV0= github.com/hashicorp/terraform-plugin-log v0.9.0/go.mod h1:rKL8egZQ/eXSyDqzLUuwUYLVdlYeamldAHSxjUFADow= github.com/hashicorp/terraform-plugin-sdk v1.7.0 h1:B//oq0ZORG+EkVrIJy0uPGSonvmXqxSzXe8+GhknoW0= github.com/hashicorp/terraform-plugin-sdk v1.7.0/go.mod h1:OjgQmey5VxnPej/buEhe+YqKm0KNvV3QqU4hkqHqPCY= github.com/hashicorp/terraform-plugin-test v1.2.0/go.mod h1:QIJHYz8j+xJtdtLrFTlzQVC0ocr3rf/OjIpgZLK56Hs= -github.com/hashicorp/terraform-registry-address v0.2.1 h1:QuTf6oJ1+WSflJw6WYOHhLgwUiQ0FrROpHPYFtwTYWM= -github.com/hashicorp/terraform-registry-address v0.2.1/go.mod h1:BSE9fIFzp0qWsJUUyGquo4ldV9k2n+psif6NYkBRS3Y= +github.com/hashicorp/terraform-registry-address v0.2.2 h1:lPQBg403El8PPicg/qONZJDC6YlgCVbWDtNmmZKtBno= +github.com/hashicorp/terraform-registry-address v0.2.2/go.mod h1:LtwNbCihUoUZ3RYriyS2wF/lGPB6gF9ICLRtuDk7hSo= github.com/hashicorp/terraform-svchost v0.0.0-20191011084731-65d371908596/go.mod h1:kNDNcF7sN4DocDLBkQYz73HGKwN1ANB1blq4lIYLYvg= github.com/hashicorp/terraform-svchost v0.1.1 h1:EZZimZ1GxdqFRinZ1tpJwVxxt49xc/S52uzrw4x0jKQ= github.com/hashicorp/terraform-svchost v0.1.1/go.mod h1:mNsjQfZyf/Jhz35v6/0LWcv26+X7JPS+buii2c9/ctc= @@ -1918,16 +1836,15 @@ github.com/hashicorp/vault-plugin-auth-kerberos v0.10.1 h1:nXni7zfOyhOWJBC42iWqI github.com/hashicorp/vault-plugin-auth-kerberos v0.10.1/go.mod h1:S0XEzmbUO+iuC44a8wqnL869l6WH0DUMVqxTIEkITys= github.com/hashicorp/vault-plugin-auth-oci v0.14.2 h1:NcTn5LPRL6lVusPjqGkav+C8LRsy46QKdEk9HElQ5B0= github.com/hashicorp/vault-plugin-auth-oci v0.14.2/go.mod h1:FaLJvP+AUbeo4yop49aVit4JW/I9GfajFqI8wpX+b0w= -github.com/hashicorp/vault/api v1.0.5-0.20200519221902-385fac77e20f/go.mod h1:euTFbi2YJgwcju3imEt919lhJKF68nN1cQPq3aA+kBE= -github.com/hashicorp/vault/api v1.1.1/go.mod h1:29UXcn/1cLOPHQNMWA7bCz2By4PSd0VKPAydKXS5yN0= github.com/hashicorp/vault/api v1.4.1/go.mod h1:LkMdrZnWNrFaQyYYazWVn7KshilfDidgVBq6YiTq/bM= +github.com/hashicorp/vault/api v1.7.2/go.mod h1:xbfA+1AvxFseDzxxdWaL0uO99n1+tndus4GCrtouy0M= github.com/hashicorp/vault/api v1.9.1/go.mod h1:78kktNcQYbBGSrOjQfHjXN32OhhxXnbYl3zxpd2uPUs= github.com/hashicorp/vault/api v1.9.2/go.mod h1:jo5Y/ET+hNyz+JnKDt8XLAdKs+AM0G5W0Vp1IrFI8N8= github.com/hashicorp/vault/api v1.10.0 h1:/US7sIjWN6Imp4o/Rj1Ce2Nr5bki/AXi9vAW3p2tOJQ= github.com/hashicorp/vault/api v1.10.0/go.mod h1:jo5Y/ET+hNyz+JnKDt8XLAdKs+AM0G5W0Vp1IrFI8N8= -github.com/hashicorp/vault/sdk v0.1.14-0.20200519221530-14615acda45f/go.mod h1:WX57W2PwkrOPQ6rVQk+dy5/htHIaB4aBM70EwKThu10= -github.com/hashicorp/vault/sdk v0.2.1/go.mod h1:WfUiO1vYzfBkz1TmoE4ZGU7HD0T0Cl/rZwaxjBkgN4U= github.com/hashicorp/vault/sdk v0.4.1/go.mod h1:aZ3fNuL5VNydQk8GcLJ2TV8YCRVvyaakYkhZRoVuhj0= +github.com/hashicorp/vault/sdk v0.5.1/go.mod h1:DoGraE9kKGNcVgPmTuX357Fm6WAx1Okvde8Vp3dPDoU= +github.com/hashicorp/vault/sdk v0.5.3/go.mod h1:DoGraE9kKGNcVgPmTuX357Fm6WAx1Okvde8Vp3dPDoU= github.com/hashicorp/vault/sdk v0.9.2/go.mod h1:gG0lA7P++KefplzvcD3vrfCmgxVAM7Z/SqX5NeOL/98= github.com/hashicorp/vault/sdk v0.10.0 h1:dDAe1mMG7Qqor1h3i7TU70ykwJy8ijyWeZZkN2CB0j4= github.com/hashicorp/vault/sdk v0.10.0/go.mod h1:s9F8+FF/Q9HuChoi1OWnIPoHRU6V675qHhCYkXVPPQE= @@ -1936,40 +1853,82 @@ github.com/hashicorp/yamux v0.0.0-20181012175058-2f1d1f20f75d/go.mod h1:+NfK9FKe github.com/hashicorp/yamux v0.0.0-20211028200310-0bc27b27de87/go.mod h1:CtWFDAQgb7dxtzFs4tWbplKIe2jSi3+5vKbgIO0SLnQ= github.com/hashicorp/yamux v0.1.1 h1:yrQxtgseBDrq9Y652vSRDvsKCJKOUD+GzTS4Y0Y8pvE= github.com/hashicorp/yamux v0.1.1/go.mod h1:CtWFDAQgb7dxtzFs4tWbplKIe2jSi3+5vKbgIO0SLnQ= +github.com/hetznercloud/hcloud-go v1.33.1/go.mod h1:XX/TQub3ge0yWR2yHWmnDVIrB+MQbda1pHxkUmDlUME= +github.com/hetznercloud/hcloud-go v1.35.0/go.mod h1:mepQwR6va27S3UQthaEPGS86jtzSY9xWL1e9dyxXpgA= github.com/hexops/autogold v1.3.0 h1:IEtGNPxBeBu8RMn8eKWh/Ll9dVNgSnJ7bp/qHgMQ14o= github.com/hexops/autogold v1.3.0/go.mod h1:d4hwi2rid66Sag+BVuHgwakW/EmaFr8vdTSbWDbrDRI= github.com/hexops/gotextdiff v1.0.3 h1:gitA9+qJrrTCsiCl7+kh75nPqQt1cx4ZkudSTLoUqJM= github.com/hexops/gotextdiff v1.0.3/go.mod h1:pSWU5MAI3yDq+fZBTazCSJysOMbxWL1BSow5/V2vxeg= github.com/hexops/valast v1.4.0 h1:sFzyxPDP0riFQUzSBXTCCrAbbIndHPWMndxuEjXdZlc= github.com/hexops/valast v1.4.0/go.mod h1:uVjKZ0smVuYlgCSPz9NRi5A04sl7lp6GtFWsROKDgEs= -github.com/hinshun/vt10x v0.0.0-20180616224451-1954e6464174/go.mod h1:DqJ97dSdRW1W22yXSB90986pcOyQ7r45iio1KN2ez1A= -github.com/hinshun/vt10x v0.0.0-20220119200601-820417d04eec h1:qv2VnGeEQHchGaZ/u7lxST/RaJw+cv273q79D81Xbog= -github.com/hinshun/vt10x v0.0.0-20220119200601-820417d04eec/go.mod h1:Q48J4R4DvxnHolD5P8pOtXigYlRuPLGl6moFx3ulM68= github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= github.com/huandu/xstrings v1.3.1/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= github.com/huandu/xstrings v1.3.2 h1:L18LIDzqlW6xN2rEkpdV8+oL/IXWJ1APd+vsdYy4Wdw= github.com/huandu/xstrings v1.3.2/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= +github.com/hudl/fargo v1.3.0/go.mod h1:y3CKSmjA+wD2gak7sUSXTAoopbhU08POFhmITJgmKTg= github.com/iancoleman/strcase v0.2.0 h1:05I4QRnGpI0m37iZQRuskXh+w77mr6Z41lwQzuHLwW0= github.com/iancoleman/strcase v0.2.0/go.mod h1:iwCmte+B7n89clKwxIoIXy/HfoL7AsD47ZCWhYzw7ho= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= -github.com/ijc/Gotty v0.0.0-20170406111628-a8b993ba6abd h1:anPrsicrIi2ColgWTVPk+TrN42hJIWlfPHSBP9S0ZkM= -github.com/ijc/Gotty v0.0.0-20170406111628-a8b993ba6abd/go.mod h1:3LVOLeyx9XVvwPgrt2be44XgSqndprz1G18rSk8KD84= +github.com/ianlancetaylor/demangle v0.0.0-20210905161508-09a460cdf81d/go.mod h1:aYm2/VgdVmcIU8iMfdMvDMsRAQjcfZSKFby6HOFvi/w= +github.com/ianlancetaylor/demangle v0.0.0-20220319035150-800ac71e25c2/go.mod h1:aYm2/VgdVmcIU8iMfdMvDMsRAQjcfZSKFby6HOFvi/w= github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= github.com/imdario/mergo v0.3.6/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= github.com/imdario/mergo v0.3.8/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= github.com/imdario/mergo v0.3.10/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= -github.com/imdario/mergo v0.3.13 h1:lFzP57bqS/wsqKssCGmtLAb8A0wKjLGrve2q3PPVcBk= github.com/imdario/mergo v0.3.13/go.mod h1:4lJ1jqUDcsbIECGy0RUJAXNIhg+6ocWgb1ALK2O4oXg= +github.com/imdario/mergo v0.3.15 h1:M8XP7IuFNsqUx6VPK2P9OSmsYsI/YFaGil0uD21V3dM= +github.com/imdario/mergo v0.3.15/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY= github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= -github.com/inconshreveable/mousetrap v1.0.1 h1:U3uMjPSQEBMNp1lFxmllqCPM6P5u/Xq7Pgzkat/bFNc= github.com/inconshreveable/mousetrap v1.0.1/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= +github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= +github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= +github.com/influxdata/influxdb1-client v0.0.0-20191209144304-8bf82d3c094d/go.mod h1:qj24IKcXYK6Iy9ceXlo3Tc+vtHo9lIhSX5JddghvEPo= github.com/intel/goresctrl v0.2.0/go.mod h1:+CZdzouYFn5EsxgqAQTEzMfwKwuc0fVdMrT9FCCAVRQ= github.com/intel/goresctrl v0.3.0/go.mod h1:fdz3mD85cmP9sHD8JUlrNWAxvwM86CrbmVXltEKd7zk= +github.com/ionos-cloud/sdk-go/v6 v6.1.0/go.mod h1:Ox3W0iiEz0GHnfY9e5LmAxwklsxguuNFEUSu0gVRTME= github.com/j-keck/arping v0.0.0-20160618110441-2cf9dc699c56/go.mod h1:ymszkNOg6tORTn+6F6j+Jc8TOr5osrynvN6ivFWZ2GA= github.com/j-keck/arping v1.0.2/go.mod h1:aJbELhR92bSk7tp79AWM/ftfc90EfEi2bQJrbBFOsPw= +github.com/jackc/chunkreader v1.0.0/go.mod h1:RT6O25fNZIuasFJRyZ4R/Y2BbhasbmZXF9QQ7T3kePo= +github.com/jackc/chunkreader/v2 v2.0.0/go.mod h1:odVSm741yZoC3dpHEUXIqA9tQRhFrgOHwnPIn9lDKlk= +github.com/jackc/chunkreader/v2 v2.0.1/go.mod h1:odVSm741yZoC3dpHEUXIqA9tQRhFrgOHwnPIn9lDKlk= +github.com/jackc/pgconn v0.0.0-20190420214824-7e0022ef6ba3/go.mod h1:jkELnwuX+w9qN5YIfX0fl88Ehu4XC3keFuOJJk9pcnA= +github.com/jackc/pgconn v0.0.0-20190824142844-760dd75542eb/go.mod h1:lLjNuW/+OfW9/pnVKPazfWOgNfH2aPem8YQ7ilXGvJE= +github.com/jackc/pgconn v0.0.0-20190831204454-2fabfa3c18b7/go.mod h1:ZJKsE/KZfsUgOEh9hBm+xYTstcNHg7UPMVJqRfQxq4s= +github.com/jackc/pgconn v1.8.0/go.mod h1:1C2Pb36bGIP9QHGBYCjnyhqu7Rv3sGshaQUvmfGIB/o= +github.com/jackc/pgconn v1.9.0/go.mod h1:YctiPyvzfU11JFxoXokUOOKQXQmDMoJL9vJzHH8/2JY= +github.com/jackc/pgconn v1.9.1-0.20210724152538-d89c8390a530/go.mod h1:4z2w8XhRbP1hYxkpTuBjTS3ne3J48K83+u0zoyvg2pI= +github.com/jackc/pgconn v1.12.1/go.mod h1:ZkhRC59Llhrq3oSfrikvwQ5NaxYExr6twkdkMLaKono= +github.com/jackc/pgio v1.0.0/go.mod h1:oP+2QK2wFfUWgr+gxjoBH9KGBb31Eio69xUb0w5bYf8= +github.com/jackc/pgmock v0.0.0-20190831213851-13a1b77aafa2/go.mod h1:fGZlG77KXmcq05nJLRkk0+p82V8B8Dw8KN2/V9c/OAE= +github.com/jackc/pgmock v0.0.0-20201204152224-4fe30f7445fd/go.mod h1:hrBW0Enj2AZTNpt/7Y5rr2xe/9Mn757Wtb2xeBzPv2c= +github.com/jackc/pgmock v0.0.0-20210724152146-4ad1a8207f65/go.mod h1:5R2h2EEX+qri8jOWMbJCtaPWkrrNc7OHwsp2TCqp7ak= +github.com/jackc/pgpassfile v1.0.0/go.mod h1:CEx0iS5ambNFdcRtxPj5JhEz+xB6uRky5eyVu/W2HEg= +github.com/jackc/pgproto3 v1.1.0/go.mod h1:eR5FA3leWg7p9aeAqi37XOTgTIbkABlvcPB3E5rlc78= +github.com/jackc/pgproto3/v2 v2.0.0-alpha1.0.20190420180111-c116219b62db/go.mod h1:bhq50y+xrl9n5mRYyCBFKkpRVTLYJVWeCc+mEAI3yXA= +github.com/jackc/pgproto3/v2 v2.0.0-alpha1.0.20190609003834-432c2951c711/go.mod h1:uH0AWtUmuShn0bcesswc4aBTWGvw0cAxIJp+6OB//Wg= +github.com/jackc/pgproto3/v2 v2.0.0-rc3/go.mod h1:ryONWYqW6dqSg1Lw6vXNMXoBJhpzvWKnT95C46ckYeM= +github.com/jackc/pgproto3/v2 v2.0.0-rc3.0.20190831210041-4c03ce451f29/go.mod h1:ryONWYqW6dqSg1Lw6vXNMXoBJhpzvWKnT95C46ckYeM= +github.com/jackc/pgproto3/v2 v2.0.6/go.mod h1:WfJCnwN3HIg9Ish/j3sgWXnAfK8A9Y0bwXYU5xKaEdA= +github.com/jackc/pgproto3/v2 v2.1.1/go.mod h1:WfJCnwN3HIg9Ish/j3sgWXnAfK8A9Y0bwXYU5xKaEdA= +github.com/jackc/pgproto3/v2 v2.3.0/go.mod h1:WfJCnwN3HIg9Ish/j3sgWXnAfK8A9Y0bwXYU5xKaEdA= +github.com/jackc/pgservicefile v0.0.0-20200714003250-2b9c44734f2b/go.mod h1:vsD4gTJCa9TptPL8sPkXrLZ+hDuNrZCnj29CQpr4X1E= +github.com/jackc/pgtype v0.0.0-20190421001408-4ed0de4755e0/go.mod h1:hdSHsc1V01CGwFsrv11mJRHWJ6aifDLfdV3aVjFF0zg= +github.com/jackc/pgtype v0.0.0-20190824184912-ab885b375b90/go.mod h1:KcahbBH1nCMSo2DXpzsoWOAfFkdEtEJpPbVLq8eE+mc= +github.com/jackc/pgtype v0.0.0-20190828014616-a8802b16cc59/go.mod h1:MWlu30kVJrUS8lot6TQqcg7mtthZ9T0EoIBFiJcmcyw= +github.com/jackc/pgtype v1.8.1-0.20210724151600-32e20a603178/go.mod h1:C516IlIV9NKqfsMCXTdChteoXmwgUceqaLfjg2e3NlM= +github.com/jackc/pgtype v1.11.0/go.mod h1:LUMuVrfsFfdKGLw+AFFVv6KtHOFMwRgDDzBt76IqCA4= +github.com/jackc/pgx/v4 v4.0.0-20190420224344-cc3461e65d96/go.mod h1:mdxmSJJuR08CZQyj1PVQBHy9XOp5p8/SHH6a0psbY9Y= +github.com/jackc/pgx/v4 v4.0.0-20190421002000-1b8f0016e912/go.mod h1:no/Y67Jkk/9WuGR0JG/JseM9irFbnEPbuWV2EELPNuM= +github.com/jackc/pgx/v4 v4.0.0-pre1.0.20190824185557-6972a5742186/go.mod h1:X+GQnOEnf1dqHGpw7JmHqHc1NxDoalibchSk9/RWuDc= +github.com/jackc/pgx/v4 v4.12.1-0.20210724153913-640aa07df17c/go.mod h1:1QD0+tgSXP7iUjYm9C1NxKhny7lq6ee99u/z+IHFcgs= +github.com/jackc/pgx/v4 v4.16.1/go.mod h1:SIhx0D5hoADaiXZVyv+3gSm3LCIIINTVO0PficsvWGQ= +github.com/jackc/puddle v0.0.0-20190413234325-e4ced69a3a2b/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk= +github.com/jackc/puddle v0.0.0-20190608224051-11cab39313c9/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk= +github.com/jackc/puddle v1.1.3/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk= +github.com/jackc/puddle v1.2.1/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk= github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 h1:BQSFePA1RWJOlocH6Fxy8MmwDt+yVQYULKfN0RoTN8A= github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i6rXxKeerYnT8Nvf0QmHCRC1n8sfWVwXF2Frvo= github.com/jcmturner/aescts/v2 v2.0.0 h1:9YKLH6ey7H4eDBXW8khjYslgyqG2xZikXP0EQFKrle8= @@ -2009,6 +1968,7 @@ github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFF github.com/jpillora/backoff v1.0.0/go.mod h1:J/6gKK9jxlEcS3zixgDgUAsiuZ7yrSoa/FX5e0EB2j4= github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= +github.com/json-iterator/go v1.1.8/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/json-iterator/go v1.1.9/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/json-iterator/go v1.1.11/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= @@ -2021,9 +1981,9 @@ github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7V github.com/julienschmidt/httprouter v1.3.0/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8IZAc4RVcycCCAKdM= github.com/jung-kurt/gofpdf v1.0.0/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes= github.com/jung-kurt/gofpdf v1.0.3-0.20190309125859-24315acbbda5/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes= -github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 h1:Z9n2FFNUXsshfwJMBgNA0RU6/i7WVaAegv3PtuIHPMs= +github.com/karrick/godirwalk v1.8.0/go.mod h1:H5KPZjojv4lE+QYImBI8xVtrBRgYrIVsaRPx4tDPEn4= +github.com/karrick/godirwalk v1.10.3/go.mod h1:RoGL9dQei4vP9ilrpETWE8CLOZ1kiN0LhBygSwrAsHA= github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51/go.mod h1:CzGEWj7cYgsdH8dAjBGEr58BoE7ScuLd+fwFZ44+/x8= -github.com/kevinburke/ssh_config v0.0.0-20201106050909-4977a11b4351/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM= github.com/kevinburke/ssh_config v1.2.0 h1:x584FjTGwHzMwvHx18PXxbBVzfnxogHaAReU4gf13a4= github.com/kevinburke/ssh_config v1.2.0/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM= github.com/keybase/go-crypto v0.0.0-20161004153544-93f5b35093ba/go.mod h1:ghbZscTyKdM07+Fw3KSi0hcJm+AlEUWj8QLlPtijN/M= @@ -2036,14 +1996,15 @@ github.com/klauspost/compress v1.10.3/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYs github.com/klauspost/compress v1.11.3/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= github.com/klauspost/compress v1.11.13/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= github.com/klauspost/compress v1.12.3/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg= -github.com/klauspost/compress v1.13.5/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk= github.com/klauspost/compress v1.13.6/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk= +github.com/klauspost/compress v1.15.1/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk= github.com/klauspost/compress v1.15.9/go.mod h1:PhcZ0MbTNciWF3rruxRgKxI5NkcHHrHUDtV4Yw2GlzU= github.com/klauspost/compress v1.15.11/go.mod h1:QPwzmACJjUTFsnSHH934V6woptycfrDDJnH7hvFVbGM= github.com/klauspost/compress v1.16.0/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQskQzEyD//IeE= github.com/klauspost/compress v1.16.5/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQskQzEyD//IeE= github.com/klauspost/cpuid/v2 v2.0.4/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg= github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg= +github.com/kolo/xmlrpc v0.0.0-20201022064351-38db28db192b/go.mod h1:pcaDhQK0/NJZEvtCO0qQPPropqV0sJOJ6YW7X+9kRwM= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= @@ -2052,11 +2013,12 @@ github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFB github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= -github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0= github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk= +github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= +github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/pty v1.1.4/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/pty v1.1.5/go.mod h1:9r2w37qlBe7rQ6e1fg1S/9xpWHSnaqNdHD3WcMdbPDA= +github.com/kr/pty v1.1.8/go.mod h1:O1sed60cT9XZ5uDucP5qwvh+TE3NnUj51EiZO/lmSfw= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= @@ -2071,13 +2033,22 @@ github.com/lestrrat-go/iter v1.0.1/go.mod h1:zIdgO1mRKhn8l9vrZJZz9TUMMFbQbLeTsbq github.com/lestrrat-go/jwx v1.2.25/go.mod h1:zoNuZymNl5lgdcu6P7K6ie2QRll5HVfF4xwxBBK1NxY= github.com/lestrrat-go/option v1.0.0/go.mod h1:5ZHFbivi4xwXxhxY9XHDe2FHo6/Z7WWmtT7T5nBBp3I= github.com/lib/pq v0.0.0-20180327071824-d34b9ff171c2/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= +github.com/lib/pq v1.0.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= +github.com/lib/pq v1.1.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= github.com/lib/pq v1.2.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= github.com/lib/pq v1.10.2/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= +github.com/lib/pq v1.10.6/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= +github.com/lightstep/lightstep-tracer-common/golang/gogo v0.0.0-20190605223551-bc2310a04743/go.mod h1:qklhhLq1aX+mtWk9cPHPzaBjWImj5ULL6C7HFJtXQMM= +github.com/lightstep/lightstep-tracer-go v0.18.1/go.mod h1:jlF1pusYV4pidLvZ+XD0UBX0ZE6WURAspgAczcDHrL4= +github.com/linode/linodego v1.4.0/go.mod h1:PVsRxSlOiJyvG4/scTszpmZDTdgS+to3X6eS8pRrWI8= +github.com/linode/linodego v1.8.0/go.mod h1:heqhl91D8QTPVm2k9qZHP78zzbOdTFLXE9NJc3bcc50= github.com/linuxkit/virtsock v0.0.0-20201010232012-f8cee7dfc7a3/go.mod h1:3r6x7q95whyfWQpmGZTu3gk3v2YkMi05HEzl7Tf7YEo= +github.com/lucasb-eyer/go-colorful v1.2.0 h1:1nnpGOrhyZZuNyfu1QjKiUICQ74+3FNCN69Aj6K7nkY= +github.com/lucasb-eyer/go-colorful v1.2.0/go.mod h1:R4dSotOR9KMtayYi1e77YzuveK+i7ruzyGqttikkLy0= github.com/lyft/protoc-gen-star v0.6.0/go.mod h1:TGAoBVkt8w7MPG72TrKIu85MIdXwDuzJYeZuUPFPNwA= github.com/lyft/protoc-gen-star v0.6.1/go.mod h1:TGAoBVkt8w7MPG72TrKIu85MIdXwDuzJYeZuUPFPNwA= github.com/lyft/protoc-gen-star/v2 v2.0.1/go.mod h1:RcCdONR2ScXaYnQC5tUzxzlpA3WVYF7/opLeUgcQs/o= -github.com/lyft/protoc-gen-star/v2 v2.0.3/go.mod h1:amey7yeodaJhXSbf/TlLvWiqQfLOSpEk//mLlc+axEk= +github.com/lyft/protoc-gen-validate v0.0.13/go.mod h1:XbGvPuh87YZc5TdIa2/I4pLk0QoUACkjt2znoq26NVQ= github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= github.com/mailru/easyjson v0.0.0-20160728113105-d5b7844b561a/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= @@ -2085,51 +2056,59 @@ github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.7.0/go.mod h1:KAzv3t3aY1NaHWoQz1+4F1ccyAH66Jk7yos7ldAVICs= github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= +github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= +github.com/markbates/oncer v0.0.0-20181203154359-bf2de49a0be2/go.mod h1:Ld9puTsIW75CHf65OeIOkyKbteujpZVXDpWK6YGZbxE= +github.com/markbates/safe v1.0.1/go.mod h1:nAqgmRi7cY2nqMc92/bSEeQA+R4OheNU2T1kNSCBdG0= github.com/marstr/guid v1.1.0/go.mod h1:74gB1z2wpxxInTG6yaqA7KrtM0NZ+RbrcqDvYHefzho= github.com/matryer/is v1.2.0 h1:92UTHpy8CDwaJ08GqLDzhhuixiBUUD1p3AU6PHddz4A= github.com/matryer/is v1.2.0/go.mod h1:2fLPjFQM9rhQ15aVEtbuwhJinnOqrmgXPNdZsdwlWXA= github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= github.com/mattn/go-colorable v0.1.1/go.mod h1:FuOcm+DKB9mbwrcAfNl7/TZVBZ6rcnceauSikq3lYCQ= -github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE= github.com/mattn/go-colorable v0.1.4/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE= github.com/mattn/go-colorable v0.1.6/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= +github.com/mattn/go-colorable v0.1.8/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4= github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= -github.com/mattn/go-ieproxy v0.0.1 h1:qiyop7gCflfhwCzGyeT0gro3sF9AIg9HU98JORTkqfI= -github.com/mattn/go-ieproxy v0.0.1/go.mod h1:pYabZ6IHcRpFh7vIaLfK7rdcWgFEb3SFJ6/gNWuh88E= github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= github.com/mattn/go-isatty v0.0.5/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= +github.com/mattn/go-isatty v0.0.7/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= github.com/mattn/go-isatty v0.0.10/go.mod h1:qgIWMr58cqv1PHHyhnkY9lrL7etaEgOFcMEpPG5Rm84= github.com/mattn/go-isatty v0.0.11/go.mod h1:PhnuNfih5lzO57/f3n+odYbM4JtupLOxQOAqxQCu2WE= github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= -github.com/mattn/go-isatty v0.0.17 h1:BTarxUcIeDqL27Mc+vyvdWYSL28zpIhv3RoTdsLMPng= github.com/mattn/go-isatty v0.0.17/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= +github.com/mattn/go-isatty v0.0.18 h1:DOKFKCQ7FNG2L1rbrmstDN4QVRdS89Nkh85u68Uwp98= +github.com/mattn/go-isatty v0.0.18/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= +github.com/mattn/go-localereader v0.0.1 h1:ygSAOl7ZXTx4RdPYinUpg6W99U8jWvWi9Ye2JC/oIi4= +github.com/mattn/go-localereader v0.0.1/go.mod h1:8fBrzywKY7BI3czFoHkuzRoWE9C+EiG4R1k4Cjx5p88= github.com/mattn/go-runewidth v0.0.2/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= github.com/mattn/go-runewidth v0.0.4/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= github.com/mattn/go-runewidth v0.0.9/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= -github.com/mattn/go-runewidth v0.0.13 h1:lTGmDsbAYt5DmK6OnoV7EuIF1wEIFAcxld6ypU4OSgU= -github.com/mattn/go-runewidth v0.0.13/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= +github.com/mattn/go-runewidth v0.0.12/go.mod h1:RAqKPSqVFrSLVXbA8x7dzmKdmGzieGRCM46jaSJTDAk= +github.com/mattn/go-runewidth v0.0.14 h1:+xnbZSEeDbOIg5/mE6JF0w6n9duR1l3/WmbinWVwUuU= +github.com/mattn/go-runewidth v0.0.14/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= github.com/mattn/go-shellwords v1.0.3/go.mod h1:3xCvwCdWdlDJUrvuMn7Wuy9eWs4pE8vqg+NOMyg4B2o= github.com/mattn/go-shellwords v1.0.6/go.mod h1:3xCvwCdWdlDJUrvuMn7Wuy9eWs4pE8vqg+NOMyg4B2o= github.com/mattn/go-shellwords v1.0.12/go.mod h1:EZzvwXDESEeg03EKmM+RmDnNOPKG4lLtQsUlTZDWQ8Y= github.com/mattn/go-sqlite3 v1.14.14/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU= -github.com/mattn/go-sqlite3 v1.14.15/go.mod h1:2eHXhiwb8IkHr+BDWZGa96P6+rkvnG63S2DGjv9HUNg= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= github.com/matttproud/golang_protobuf_extensions v1.0.2/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= github.com/maxbrunsfeld/counterfeiter/v6 v6.2.2/go.mod h1:eD9eIE7cdwcMi9rYluz88Jz2VyhSmden33/aXg4oVIY= -github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b h1:j7+1HpAFS1zy5+Q4qx1fWh90gTKwiN4QCGoY9TWyyO4= -github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b/go.mod h1:01TrycV0kFyexm33Z7vhZRXopbI8J3TDReVlkTgMUxE= +github.com/microsoft/ApplicationInsights-Go v0.4.4/go.mod h1:fKRUseBqkw6bDiXTs3ESTiU/4YTIHsQS4W3fP2ieF4U= github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg= github.com/miekg/dns v1.1.25/go.mod h1:bPDLeHnStXmXAq1m/Ch/hvfNHr14JKNPMBo3VZKjuso= +github.com/miekg/dns v1.1.26/go.mod h1:bPDLeHnStXmXAq1m/Ch/hvfNHr14JKNPMBo3VZKjuso= +github.com/miekg/dns v1.1.41/go.mod h1:p6aan82bvRIyn+zDIv9xYNUpwa73JcSh9BKwknJysuI= github.com/miekg/dns v1.1.43/go.mod h1:+evo5L0630/F6ca/Z9+GAqzhjGyn8/c+TBaOyfEl0V4= +github.com/miekg/dns v1.1.48/go.mod h1:e3IlAVfNqAllflbibAZEWOXOQ+Ynzk/dDozDxY7XnME= +github.com/miekg/dns v1.1.50/go.mod h1:e3IlAVfNqAllflbibAZEWOXOQ+Ynzk/dDozDxY7XnME= github.com/miekg/pkcs11 v1.0.3/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs= github.com/miekg/pkcs11 v1.1.1/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs= github.com/minio/asm2plan9s v0.0.0-20200509001527-cdd76441f9d8/go.mod h1:mC1jAcsrzbxHt8iiaC+zU4b1ylILSosueou12R++wfY= @@ -2137,6 +2116,7 @@ github.com/minio/c2goasm v0.0.0-20190812172519-36a3d3bbc4f3/go.mod h1:RagcQ7I8Ie github.com/minio/sha256-simd v1.0.0/go.mod h1:OuYzVNI5vcoYIAmbIvHPl3N3jUzVedXbKy5RFepssQM= github.com/mistifyio/go-zfs v2.1.2-0.20190413222219-f784269be439+incompatible/go.mod h1:8AuVvqP/mXw1px98n46wfvcGfQ4ci2FwoAjKYxuo3Z4= github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc= +github.com/mitchellh/cli v1.1.0/go.mod h1:xcISNoH86gajksDmfB23e/pu+B+GeFRMYmoHXxx3xhI= github.com/mitchellh/cli v1.1.5 h1:OxRIeJXpAMztws/XHlN2vu6imG5Dpq+j61AzAX5fLng= github.com/mitchellh/cli v1.1.5/go.mod h1:v8+iFts2sPIKUV1ltktPXMCC8fumSKFItNcD2cLtRR4= github.com/mitchellh/colorstring v0.0.0-20190213212951-d06e56a500db/go.mod h1:l0dey0ia/Uv7NcFFVbCLtqEBQbrT4OCwCSKTEv6enCw= @@ -2162,11 +2142,11 @@ github.com/mitchellh/hashstructure v1.1.0/go.mod h1:xUDAozZz0Wmdiufv0uyhnHkUTN6/ github.com/mitchellh/iochan v1.0.0/go.mod h1:JwYml1nuB7xOzsp52dPpHFffvOCDupsG0QubkSMEySY= github.com/mitchellh/mapstructure v0.0.0-20160808181253-ca63d7c062ee/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= -github.com/mitchellh/mapstructure v1.3.2/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/mapstructure v1.3.3/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/mapstructure v1.4.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/mapstructure v1.4.1/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/mapstructure v1.4.2/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= +github.com/mitchellh/mapstructure v1.4.3/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/osext v0.0.0-20151018003038-5e2d6d41470f/go.mod h1:OkQIRizQZAeMln+1tSwduZz7+Af5oFlKirV/MSYes2A= @@ -2193,6 +2173,7 @@ github.com/moby/sys/symlink v0.2.0/go.mod h1:7uZVF2dqJjG/NsClqul95CqKOBRQyYSNnJ6 github.com/moby/term v0.0.0-20200312100748-672ec06f55cd/go.mod h1:DdlQx2hp0Ss5/fLikoLlEeIYiATotOjgB//nb973jeo= github.com/moby/term v0.0.0-20201216013528-df9cb8a40635/go.mod h1:FBS0z0QWA44HXygs7VXDUOGoN/1TV3RuWkLO04am3wc= github.com/moby/term v0.0.0-20210610120745-9d4ed1856297/go.mod h1:vgPCkQMyxTZ7IDy8SXRufE172gr8+K/JE/7hHFxHW3A= +github.com/moby/term v0.0.0-20210619224110-3f7ff695adc6/go.mod h1:E2VnQOmVuvZB6UYnnDB0qG5Nq/1tD9acaOpo6xmt0Kw= github.com/moby/term v0.0.0-20220808134915-39b0c02b01ae/go.mod h1:E2VnQOmVuvZB6UYnnDB0qG5Nq/1tD9acaOpo6xmt0Kw= github.com/moby/term v0.0.0-20221205130635-1aeaba878587/go.mod h1:8FzsFHVUBGZdbDsJw/ot+X+d5HLUbvklYLJ9uGfcI3Y= github.com/moby/term v0.5.0 h1:xt8Q1nalod/v7BqbG21f8mQPqH+xAaC9C3N3wfWbVP0= @@ -2205,11 +2186,20 @@ github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3Rllmb github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/modocache/gover v0.0.0-20171022184752-b58185e213c5/go.mod h1:caMODM3PzxT8aQXRPkAt8xlV/e7d7w8GM5g0fa5F0D8= +github.com/montanaflynn/stats v0.0.0-20171201202039-1bf9dbcd8cbe/go.mod h1:wL8QJuTMNUDYhXwkmfOly8iTdp5TEcJFWZD2D7SIkUc= github.com/montanaflynn/stats v0.6.6/go.mod h1:etXPPgVO6n31NxCd9KQUMvCM+ve0ruNzt6R8Bnaayow= github.com/morikuni/aec v1.0.0 h1:nP9CBfwrvYnBRgY6qfDQkygYDmYwOilePFkwzv4dU8A= github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc= github.com/mr-tron/base58 v1.2.0/go.mod h1:BinMc/sQntlIE1frQmRFPUoPA1Zkr8VRgBdjWI2mNwc= github.com/mrunalp/fileutils v0.5.0/go.mod h1:M1WthSahJixYnrXQl/DFQuteStB1weuxD2QJNHXfbSQ= +github.com/muesli/ansi v0.0.0-20211018074035-2e021307bc4b h1:1XF24mVaiu7u+CFywTdcDo2ie1pzzhwjt6RHqzpMU34= +github.com/muesli/ansi v0.0.0-20211018074035-2e021307bc4b/go.mod h1:fQuZ0gauxyBcmsdE3ZT4NasjaRdxmbCS0jRHsrWu3Ho= +github.com/muesli/cancelreader v0.2.2 h1:3I4Kt4BQjOR54NavqnDogx/MIoWBFa0StPA8ELUXHmA= +github.com/muesli/cancelreader v0.2.2/go.mod h1:3XuTXfFS2VjM+HTLZY9Ak0l6eUKfijIfMUZ4EgX0QYo= +github.com/muesli/reflow v0.3.0 h1:IFsN6K9NfGtjeggFP+68I4chLZV2yIKsXJFNZ+eWh6s= +github.com/muesli/reflow v0.3.0/go.mod h1:pbwTDkVPibjO2kyvBQRBxTWEEGDGq0FlB1BIKtnHY/8= +github.com/muesli/termenv v0.15.1 h1:UzuTb/+hhlBugQz28rpzey4ZuKcZ03MeKsoG7IJZIxs= +github.com/muesli/termenv v0.15.1/go.mod h1:HeAQPTzpfs016yGtA4g00CsdYnVLJvxsS4ANqrZs2sQ= github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= @@ -2217,6 +2207,13 @@ github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRW github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= github.com/natefinch/atomic v1.0.1 h1:ZPYKxkqQOx3KZ+RsbnP/YsgvxWQPGxjC0oBt2AhwV0A= github.com/natefinch/atomic v1.0.1/go.mod h1:N/D/ELrljoqDyT3rZrsUmtsuzvHkeB/wWjHV22AZRbM= +github.com/nats-io/jwt v0.3.0/go.mod h1:fRYCDE99xlTsqUzISS1Bi75UBJ6ljOJQOAAu5VglpSg= +github.com/nats-io/jwt v0.3.2/go.mod h1:/euKqTS1ZD+zzjYrY7pseZrTtWQSjujC7xjPc8wL6eU= +github.com/nats-io/nats-server/v2 v2.1.2/go.mod h1:Afk+wRZqkMQs/p45uXdrVLuab3gwv3Z8C4HTBu8GD/k= +github.com/nats-io/nats.go v1.9.1/go.mod h1:ZjDU1L/7fJ09jvUSRVBR2e7+RnLiiIQyqyzEE/Zbp4w= +github.com/nats-io/nkeys v0.1.0/go.mod h1:xpnFELMwJABBLVhffcfd1MZx6VsNRFpEugbxziKVo7w= +github.com/nats-io/nkeys v0.1.3/go.mod h1:xpnFELMwJABBLVhffcfd1MZx6VsNRFpEugbxziKVo7w= +github.com/nats-io/nuid v1.0.1/go.mod h1:19wcPz3Ph3q0Jbyiqsd0kePYG7A95tJPxeL+1OSON2c= github.com/ncw/swift v1.0.47/go.mod h1:23YIA4yWVnGwv2dQlN4bB7egfYX6YLn0Yo/S6zZO/ZM= github.com/networkplumbing/go-nft v0.2.0/go.mod h1:HnnM+tYvlGAsMU7yoYwXEVLLiDW9gdMmb5HoGcwpuQs= github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= @@ -2224,6 +2221,7 @@ github.com/nightlyone/lockfile v1.0.0 h1:RHep2cFKK4PonZJDdEl4GmkabuhbsRMgk/k3uAm github.com/nightlyone/lockfile v1.0.0/go.mod h1:rywoIealpdNse2r832aiD9jRk8ErCatROs6LzC841CI= github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= +github.com/oklog/oklog v0.3.2/go.mod h1:FCV+B7mhrz4o+ueLpx+KqkyXRGMWOYEvfiXtdGtbWGs= github.com/oklog/run v1.0.0/go.mod h1:dlhp/R75TPv97u0XWUtDeV/lRKWPKSdTuV0TZvrmrQA= github.com/oklog/run v1.1.0 h1:GEenZ1cK0+q0+wsJew9qUg/DyD8k3JzYsZAi5gYi2mA= github.com/oklog/run v1.1.0/go.mod h1:sVPdnTZT1zYwAJeCMu2Th4T21pA3FPOQRfWjQlk7DVU= @@ -2233,6 +2231,7 @@ github.com/olekukonko/tablewriter v0.0.5/go.mod h1:hPp6KlRPjbx+hW8ykQs1w3UBbZlj6 github.com/onsi/ginkgo v0.0.0-20151202141238-7f8ab55aaf3b/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/ginkgo v1.7.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.8.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.10.1/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.10.3/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= @@ -2252,6 +2251,7 @@ github.com/onsi/ginkgo/v2 v2.5.0/go.mod h1:Luc4sArBICYCS8THh8v3i3i5CuSZO+RaQRaJo github.com/onsi/ginkgo/v2 v2.6.1/go.mod h1:yjiuMwPokqY1XauOgju45q3sJt6VzQ/Fict1LFVcsAo= github.com/onsi/gomega v0.0.0-20151007035656-2152b45fa28a/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= +github.com/onsi/gomega v1.4.3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= github.com/onsi/gomega v1.5.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= @@ -2268,6 +2268,7 @@ github.com/onsi/gomega v1.23.0/go.mod h1:Z/NWtiqwBrwUt4/2loMmHL63EDLnYHmVbuBpDr2 github.com/onsi/gomega v1.24.0/go.mod h1:Z/NWtiqwBrwUt4/2loMmHL63EDLnYHmVbuBpDr2vQAg= github.com/onsi/gomega v1.24.1/go.mod h1:3AOiACssS3/MajrniINInwbfOOtfZvplPzuRSmvt1jM= github.com/onsi/gomega v1.24.2/go.mod h1:gs3J10IS7Z7r7eXRoNJIrNqU4ToQukCJhFtKrWgHWnk= +github.com/op/go-logging v0.0.0-20160315200505-970db520ece7/go.mod h1:HzydrMdWErDVzsI23lYNej1Htcns9BCg93Dk0bBINWk= github.com/open-policy-agent/opa v0.42.2/go.mod h1:MrmoTi/BsKWT58kXlVayBb+rYVeaMwuBm3nYAN3923s= github.com/opencontainers/go-digest v0.0.0-20170106003457-a6d0ee40d420/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= github.com/opencontainers/go-digest v0.0.0-20180430190053-c9281466c8b2/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= @@ -2313,24 +2314,35 @@ github.com/opencontainers/selinux v1.9.1/go.mod h1:2i0OySw99QjzBBQByd1Gr9gSjvuho github.com/opencontainers/selinux v1.10.0/go.mod h1:2i0OySw99QjzBBQByd1Gr9gSjvuho1lHsJxIJ3gGbJI= github.com/opencontainers/selinux v1.10.1/go.mod h1:2i0OySw99QjzBBQByd1Gr9gSjvuho1lHsJxIJ3gGbJI= github.com/opencontainers/selinux v1.11.0/go.mod h1:E5dMC3VPuVvVHDYmi78qvhJp8+M586T4DlDRYpFkyec= +github.com/opentracing-contrib/go-observer v0.0.0-20170622124052-a52f23424492/go.mod h1:Ngi6UdF0k5OKD5t5wlmGhe/EDKPoUM3BXZSSfIuJbis= +github.com/opentracing/basictracer-go v1.0.0/go.mod h1:QfBfYuafItcjQuMwinw9GhYKwFXS9KnPs5lxoYwgW74= github.com/opentracing/basictracer-go v1.1.0 h1:Oa1fTSBvAl8pa3U+IJYqrKm0NALwH9OsgwOqDv4xJW0= github.com/opentracing/basictracer-go v1.1.0/go.mod h1:V2HZueSJEp879yv285Aap1BS69fQMD+MNP1mRs6mBQc= +github.com/opentracing/opentracing-go v1.0.2/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs= github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc= +github.com/openzipkin-contrib/zipkin-go-opentracing v0.4.5/go.mod h1:/wsWhb9smxSfWAKL3wpBW7V8scJMt8N8gnaMCS9E/cA= +github.com/openzipkin/zipkin-go v0.1.6/go.mod h1:QgAqvLzwWbR/WpD4A3cGpPtJrZXNIiJc5AZX7/PBEpw= +github.com/openzipkin/zipkin-go v0.2.1/go.mod h1:NaW6tEwdmWMaCDZzg8sh+IBNOxHMPnhQw8ySjnjRyN4= +github.com/openzipkin/zipkin-go v0.2.2/go.mod h1:NaW6tEwdmWMaCDZzg8sh+IBNOxHMPnhQw8ySjnjRyN4= github.com/oracle/oci-go-sdk v24.3.0+incompatible h1:x4mcfb4agelf1O4/1/auGlZ1lr97jXRSSN5MxTgG/zU= github.com/oracle/oci-go-sdk v24.3.0+incompatible/go.mod h1:VQb79nF8Z2cwLkLS35ukwStZIg5F66tcBccjip/j888= github.com/ory/dockertest/v3 v3.10.0 h1:4K3z2VMe8Woe++invjaTB7VRyQXQy5UY+loujO4aNE4= github.com/ory/dockertest/v3 v3.10.0/go.mod h1:nr57ZbRWMqfsdGdFNLHz5jjNdDb7VVFnzAeW1n5N1Lg= +github.com/pact-foundation/pact-go v1.0.4/go.mod h1:uExwJY4kCzNPcHRj+hCR/HBbOOIwwtUjcrb0b5/5kLM= github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= github.com/pascaldekloe/goe v0.1.0 h1:cBOtyMzM9HTpWjXfbbunk26uA6nG3a8n06Wieeh0MwY= github.com/pascaldekloe/goe v0.1.0/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= github.com/patrickmn/go-cache v2.1.0+incompatible h1:HRMgzkcYKYpi3C8ajMPV8OFXaaRUnok+kx1WdO15EQc= github.com/patrickmn/go-cache v2.1.0+incompatible/go.mod h1:3Qf8kWWT7OJRJbdiICTKqZju1ZixQ/KpMGzzAfe6+WQ= +github.com/pborman/uuid v1.2.0/go.mod h1:X/NO0urCmaxf9VXbdlT7C2Yzkj2IKimNn4k+gtPdI/k= github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= +github.com/pelletier/go-toml v1.7.0/go.mod h1:vwGMzjaWMwyfHwgIBhI2YUM4fB6nL6lVAvS1LBMMhTE= github.com/pelletier/go-toml v1.8.1/go.mod h1:T2/BmBdy8dvIRq1a/8aqjN41wvWlN4lrapLU/GW4pbc= github.com/pelletier/go-toml v1.9.3/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= github.com/pelletier/go-toml v1.9.5/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= +github.com/performancecopilot/speed v3.0.0+incompatible/go.mod h1:/CLtqpZ5gBg1M9iaPbIdPPGyKcA8hKdoy6hAWba7Yac= github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= github.com/peterh/liner v0.0.0-20170211195444-bf27d3ba8e1d/go.mod h1:xIteQHvHuaLYG9IFj6mSxM0fCKrs34IrEQUhOYuGPHc= github.com/pgavlin/goldmark v1.1.33-0.20200616210433-b5eb04559386 h1:LoCV5cscNVWyK5ChN/uCoIFJz8jZD63VQiGJIRgr6uo= @@ -2339,6 +2351,7 @@ github.com/phayes/freeport v0.0.0-20220201140144-74d24b5ae9f5/go.mod h1:iIss55rK github.com/phpdave11/gofpdf v1.4.2/go.mod h1:zpO6xFn9yxo3YLyMvW8HcKWVdbNqgIfOOp2dXMnm1mY= github.com/phpdave11/gofpdi v1.0.12/go.mod h1:vBmVV0Do6hSBHC8uKUQ71JGW+ZGQq74llk/7bXwjDoI= github.com/phpdave11/gofpdi v1.0.13/go.mod h1:vBmVV0Do6hSBHC8uKUQ71JGW+ZGQq74llk/7bXwjDoI= +github.com/pierrec/lz4 v1.0.2-0.20190131084431-473cd7ce01a1/go.mod h1:3/3N9NVKO0jef7pBehbT1qWhCMrIgbYNnFAZCqQ5LRc= github.com/pierrec/lz4 v2.0.5+incompatible/go.mod h1:pdkljMzZIN41W+lC3N2tnIh5sFi+IEE17M5jbnwPHcY= github.com/pierrec/lz4 v2.5.2+incompatible/go.mod h1:pdkljMzZIN41W+lC3N2tnIh5sFi+IEE17M5jbnwPHcY= github.com/pierrec/lz4 v2.6.1+incompatible h1:9UY3+iC23yxF0UfGaYrGplQ+79Rg+h/q9FV9ix19jjM= @@ -2356,6 +2369,7 @@ github.com/pkg/errors v0.8.1-0.20171018195549-f15c970de5b7/go.mod h1:bwawxfHBFNV github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pkg/profile v1.2.1/go.mod h1:hJw3o1OdXxsrSjjVksARp5W95eeEaEfptyVZyv6JUPA= github.com/pkg/sftp v1.10.1/go.mod h1:lYOWFsE0bwd1+KfKJaKeuokY15vzFx25BLbzYYoAxZI= github.com/pkg/sftp v1.13.1/go.mod h1:3HaPG6Dq1ILlpPZRO0HVMrsydcdLt6HRDccSgb87qRg= github.com/pkg/term v1.1.0 h1:xIAAdCMh3QIAy+5FrE8Ad8XoDhEU4ufwbaSozViP9kk= @@ -2370,12 +2384,14 @@ github.com/posener/complete v1.2.3/go.mod h1:WZIdtGGp+qx0sLrYKtIRAruyNpv6hFCicSg github.com/pquerna/cachecontrol v0.0.0-20171018203845-0dec1b30a021/go.mod h1:prYjPmNq4d1NPVmpShWobRqXY3q7Vp+80DqgxxUrUIA= github.com/pquerna/cachecontrol v0.1.0/go.mod h1:NrUG3Z7Rdu85UNR3vm7SOsl1nFIeSiQnrHV5K9mBcUI= github.com/prashantv/gostub v1.1.0/go.mod h1:A5zLQHz7ieHGG7is6LLXLz7I8+3LZzsrV0P1IAHhP5U= +github.com/prometheus/alertmanager v0.24.0/go.mod h1:r6fy/D7FRuZh5YbnX6J3MBY0eI4Pb5yPYS7/bPSXXqI= github.com/prometheus/client_golang v0.0.0-20180209125602-c332b6f63c06/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= -github.com/prometheus/client_golang v0.9.2/go.mod h1:OsXs2jCmiKlQ1lTBmv21f2mNfw4xf/QclQDMrYNZzcM= +github.com/prometheus/client_golang v0.9.3-0.20190127221311-3c4408c8b829/go.mod h1:p2iRAGwDERtqlqzRXnrOVns+ignqQo//hLXqYxZYVNs= github.com/prometheus/client_golang v0.9.3/go.mod h1:/TN21ttK/J9q6uSwhBd54HahCDft0ttaMvbicHlPoso= github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= github.com/prometheus/client_golang v1.1.0/go.mod h1:I1FGZT9+L76gKKOs5djB6ezCbFQP1xR9D75/vuwEF3g= +github.com/prometheus/client_golang v1.3.0/go.mod h1:hJaj2vgQTGQmVCsAACORcieXFeDPbaTKGT+JTgUa3og= github.com/prometheus/client_golang v1.4.0/go.mod h1:e9GMxYsXl05ICDXkRhurwBS4Q3OK1iX/F2sw+iXX5zU= github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M= github.com/prometheus/client_golang v1.11.0/go.mod h1:Z6t4BnS23TR94PD6BsDNk8yVqroYurpAkEiz0P2BEV0= @@ -2386,26 +2402,34 @@ github.com/prometheus/client_golang v1.13.0/go.mod h1:vTeo+zgvILHsnnj/39Ou/1fPN5 github.com/prometheus/client_golang v1.14.0/go.mod h1:8vpkKitgIVNcqrRBWh1C4TIUQgYNtG/XQE4E/Zae36Y= github.com/prometheus/client_model v0.0.0-20171117100541-99fa1f4be8e5/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= +github.com/prometheus/client_model v0.0.0-20190115171406-56726106282f/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= +github.com/prometheus/client_model v0.1.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.3.0/go.mod h1:LDGWKZIo7rky3hgvBe+caln+Dr3dPggB5dvjtD7w9+w= -github.com/prometheus/client_model v0.4.0/go.mod h1:oMQmHW1/JoDwqLtg57MGgP/Fb1CJEYF2imWWhWtMkYU= github.com/prometheus/common v0.0.0-20180110214958-89604d197083/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= github.com/prometheus/common v0.0.0-20181113130724-41aa239b4cce/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= -github.com/prometheus/common v0.0.0-20181126121408-4724e9255275/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= +github.com/prometheus/common v0.2.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= github.com/prometheus/common v0.4.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= github.com/prometheus/common v0.6.0/go.mod h1:eBmuwkDJBwy6iBfxCBob6t6dR6ENT/y+J+Zk0j9GMYc= +github.com/prometheus/common v0.7.0/go.mod h1:DjGbpBbp5NYNiECxcL/VnbXCCaQpKd3tt26CguLLsqA= github.com/prometheus/common v0.9.1/go.mod h1:yhUN8i9wzaXS3w1O07YhxHEBxD+W35wd8bs7vj7HSQ4= github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo= github.com/prometheus/common v0.26.0/go.mod h1:M7rCNAaPfAosfx8veZJCuw84e35h3Cfd9VFqTh1DIvc= +github.com/prometheus/common v0.29.0/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls= github.com/prometheus/common v0.30.0/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls= github.com/prometheus/common v0.32.1/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls= +github.com/prometheus/common v0.34.0/go.mod h1:gB3sOl7P0TvJabZpLY5uQMpUqRCPPCyRLCZYc7JZTNE= github.com/prometheus/common v0.37.0/go.mod h1:phzohg0JFMnBEFGxTDbfu3QyL5GI8gTQJFhYO5B3mfA= +github.com/prometheus/common/assets v0.1.0/go.mod h1:D17UVUE12bHbim7HzwUvtqm6gwBEaDQ0F+hIGbFbccI= +github.com/prometheus/common/assets v0.2.0/go.mod h1:D17UVUE12bHbim7HzwUvtqm6gwBEaDQ0F+hIGbFbccI= +github.com/prometheus/common/sigv4 v0.1.0/go.mod h1:2Jkxxk9yYvCkE5G1sQT7GuEXm57JrvHu9k5YwTjsNtI= +github.com/prometheus/exporter-toolkit v0.7.1/go.mod h1:ZUBIj498ePooX9t/2xtDjeQYwvRpiPP2lh5u4iblj2g= github.com/prometheus/procfs v0.0.0-20180125133057-cb4147076ac7/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= -github.com/prometheus/procfs v0.0.0-20181204211112-1dc9a6cbc91a/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= +github.com/prometheus/procfs v0.0.0-20190117184657-bf6a532e95b1/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= github.com/prometheus/procfs v0.0.0-20190507164030-5867b95ac084/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= github.com/prometheus/procfs v0.0.0-20190522114515-bc1a522cf7b1/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= @@ -2417,38 +2441,57 @@ github.com/prometheus/procfs v0.2.0/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4O github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= github.com/prometheus/procfs v0.7.3/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= github.com/prometheus/procfs v0.8.0/go.mod h1:z7EfXMXOkbkqb9IINtpCn86r/to3BnA0uaxHdg830/4= +github.com/prometheus/prometheus v0.35.0/go.mod h1:7HaLx5kEPKJ0GDgbODG0fZgXbQ8K/XjZNJXQmbmgQlY= +github.com/prometheus/prometheus v0.37.0/go.mod h1:egARUgz+K93zwqsVIAneFlLZefyGOON44WyAp4Xqbbk= github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU= -github.com/pulumi/pulumi-java/pkg v0.6.0 h1:haiSQJlhrQIBBcR0r0aQCIF8i69e4znzRnHpaNQUchE= -github.com/pulumi/pulumi-java/pkg v0.6.0/go.mod h1:xSK2B792P8zjwYZTHYapMM1RJdue2BpRFQNYObWO0C8= -github.com/pulumi/pulumi-terraform-bridge/v3 v3.32.0 h1:6L5HOeLAL8hHTpilpN8MXiLwkOQ8EvQDbAvf92nXG1c= -github.com/pulumi/pulumi-terraform-bridge/v3 v3.32.0/go.mod h1:A9zPf7L/1wX6qVBdLmPKLFO9cS27KED5OjkS7s2p3Mc= -github.com/pulumi/pulumi-yaml v0.5.8 h1:bJp8g6A0wU+5c56Cft8GEQ7/8prGggBlZuDTcgTS40o= -github.com/pulumi/pulumi-yaml v0.5.8/go.mod h1:rJCp0HXvJGG+hs40wII9yYxuCeBBr2+e8FytW0YnINM= -github.com/pulumi/pulumi/pkg/v3 v3.40.2 h1:0uDJHd74nM5tvp9JrRr2ODGirpOPH9DRa6WpvlXrlEY= -github.com/pulumi/pulumi/pkg/v3 v3.40.2/go.mod h1:2deaFjnn816pgaHr4pyrHGgQjIBq2Vyv47wReijquTQ= -github.com/pulumi/pulumi/sdk/v3 v3.42.0 h1:S1e1dBo5BLCMtp6AYsE08USwEKMgZNe9oAOL74OjKFA= -github.com/pulumi/pulumi/sdk/v3 v3.42.0/go.mod h1:N5jL+cw5KiOeMn9bwvRuPQEAhbE3KPq2wSb/Kw+6HuY= -github.com/pulumi/schema-tools v0.1.0 h1:o1nVQaJEnmcA+3trxe+0sIDlrILxEIOvgUQ2Ze4OFsk= -github.com/pulumi/schema-tools v0.1.0/go.mod h1:feL1siLWdcCNUm+irXoHyNHbGaqoX7pfYojpGZe2ziY= -github.com/pulumi/terraform-diff-reader v0.0.0-20201211191010-ad4715e9285e h1:Dik4Qe/+xguB8JagPyXNlbOnRiXGmq/PSPQTGunYnTk= -github.com/pulumi/terraform-diff-reader v0.0.0-20201211191010-ad4715e9285e/go.mod h1:sZ9FUzGO+yM41hsQHs/yIcj/Y993qMdBxBU5mpDmAfQ= -github.com/pulumi/terraform-plugin-sdk/v2 v2.0.0-20230710100801-03a71d0fca3d h1:DfAVBLi3G5hXbqiWs9wIGYZXF1VZu6+9kbl2CQO6cOE= -github.com/pulumi/terraform-plugin-sdk/v2 v2.0.0-20230710100801-03a71d0fca3d/go.mod h1:cUEP4ly/nxlHy5HzD6YRrHydtlheGvGRJDhiWqqVik4= -github.com/pulumi/terraform-provider-vault v1.9.1-0.20231012211048-cc8060e32cc4 h1:Wt/Os3ndhbACarYbHSOhIXa0kgTHnyXT1QNZHChU6ks= -github.com/pulumi/terraform-provider-vault v1.9.1-0.20231012211048-cc8060e32cc4/go.mod h1:ZABewIastwPOOa9w43JSNCygxKWJkeystrYml6tGbYU= +github.com/pulumi/esc v0.5.6 h1:4WV3X7OEVcChIwbSG+JxhZDdmq/q7lFPaSjHRYlPwmI= +github.com/pulumi/esc v0.5.6/go.mod h1:wpwNfVS5fV7Kd51j4dJ6FWYlKfxdqyppgp0gtkzqH04= +github.com/pulumi/pulumi-java/pkg v0.9.8 h1:c8mYsalnRXA2Ibgvv6scefOn6mW1Vb0UT0mcDqjsivQ= +github.com/pulumi/pulumi-java/pkg v0.9.8/go.mod h1:c6rSw/+q4O0IImgJ9axxoC6QesbPYWBaG5gimbHouUQ= +github.com/pulumi/pulumi-terraform-bridge/testing v0.0.1 h1:SCg1gjfY9N4yn8U8peIUYATifjoDABkyR7H9lmefsfc= +github.com/pulumi/pulumi-terraform-bridge/testing v0.0.1/go.mod h1:7OeUPH8rpt5ipyj9EFcnXpuzQ8SHL0dyqdfa8nOacdk= +github.com/pulumi/pulumi-terraform-bridge/v3 v3.63.2 h1:6JRJz3Wk7O9OhNFbxCrNvPVQAK+prBm6XBuSlIVqRnU= +github.com/pulumi/pulumi-terraform-bridge/v3 v3.63.2/go.mod h1:ye7JUFqTNbBh6ohcr1KpyXNv+kYFYvZAIqXqts4Ialc= +github.com/pulumi/pulumi-terraform-bridge/x/muxer v0.0.4 h1:rIzMmtcVpPX8ynaz6/nW5AHNY63DiNfCohqmxWvMpM4= +github.com/pulumi/pulumi-terraform-bridge/x/muxer v0.0.4/go.mod h1:Kt8RIZWa/N8rW3+0g6NrqCBmF3o+HuIhFaZpssEkG6w= +github.com/pulumi/pulumi-yaml v1.2.2 h1:W6BeUBLhDrJ2GSU0em1AUVelG9PBI4ABY61DdhJOO3E= +github.com/pulumi/pulumi-yaml v1.2.2/go.mod h1:EgakC7b/4+VBNnlgM1RZIea2gUstV8s/7bdFJZt0P64= +github.com/pulumi/pulumi/pkg/v3 v3.91.1 h1:xHnyEwJO9we2zCiM9gHTkJxjZ6a6yi5vYCwWHCYRj9Y= +github.com/pulumi/pulumi/pkg/v3 v3.91.1/go.mod h1:dzBQDJyCOEhtBVN5INA5/i9yG9DZlsStl/mAkrhs9II= +github.com/pulumi/pulumi/sdk/v3 v3.91.1 h1:6I9GMmHv23X+G6hoduU1XE6hBWSNtB+zcb1MX17YvlA= +github.com/pulumi/pulumi/sdk/v3 v3.91.1/go.mod h1:zYaQQibB2pYKy/uG4c4YkX7lQIBpZ0KsuMaq/3HsIBQ= +github.com/pulumi/schema-tools v0.1.2 h1:Fd9xvUjgck4NA+7/jSk7InqCUT4Kj940+EcnbQKpfZo= +github.com/pulumi/schema-tools v0.1.2/go.mod h1:62lgj52Tzq11eqWTIaKd+EVyYAu5dEcDJxMhTjvMO/k= +github.com/pulumi/terraform-diff-reader v0.0.2 h1:kTE4nEXU3/SYXESvAIem+wyHMI3abqkI3OhJ0G04LLI= +github.com/pulumi/terraform-diff-reader v0.0.2/go.mod h1:sZ9FUzGO+yM41hsQHs/yIcj/Y993qMdBxBU5mpDmAfQ= +github.com/pulumi/terraform-plugin-sdk/v2 v2.0.0-20230912190043-e6d96b3b8f7e h1:blSirnXqvm8JXLxwxelsBroUNRhOHakDO7cgJUYTdpQ= +github.com/pulumi/terraform-plugin-sdk/v2 v2.0.0-20230912190043-e6d96b3b8f7e/go.mod h1:qH/34G25Ugdj5FcM95cSoXzUgIbgfhVLXCcEcYaMwq8= +github.com/pulumi/terraform-provider-vault v1.9.1-0.20231108235540-710122092170 h1:zpAmrthkSwpXOrardc5gM8zN/E6KOSTCdkdUbG1Ogn4= +github.com/pulumi/terraform-provider-vault v1.9.1-0.20231108235540-710122092170/go.mod h1:cJPMAqq32ao3lEZKaszPu/lOttyMkuxD24s+Ow2kihE= +github.com/rakyll/embedmd v0.0.0-20171029212350-c8060a0752a2/go.mod h1:7jOTMgqac46PZcF54q6l2hkLEG8op93fZu61KmxWDV4= +github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4= github.com/rcrowley/go-metrics v0.0.0-20200313005456-10cdbea86bc0/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4= github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo= -github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo= -github.com/rivo/uniseg v0.2.0 h1:S1pD9weZBuJdFmowNwbpi7BJ8TNftyUImj/0WQi72jY= +github.com/rivo/uniseg v0.1.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= +github.com/rivo/uniseg v0.4.4 h1:8TfxU8dW6PdqD27gjM8MVNuicgxIjxpm4K7x4jp8sis= +github.com/rivo/uniseg v0.4.4/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= +github.com/rogpeppe/go-charset v0.0.0-20180617210344-2471d30d28b4/go.mod h1:qgYeAmZ5ZIpBWTGllZSQnw97Dj+woV0toclVaRGI8pc= +github.com/rogpeppe/go-internal v1.1.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= +github.com/rogpeppe/go-internal v1.2.2/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc= github.com/rogpeppe/go-internal v1.6.2/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc= github.com/rogpeppe/go-internal v1.8.1/go.mod h1:JeRgkft04UBgHMgCIwADu4Pn6Mtm5d4nPKWu0nJ5d+o= -github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8= github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs= +github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M= +github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUzkipdSkR5nkCZA= +github.com/rs/cors v1.8.2/go.mod h1:XyqrcTp5zjWr1wsJ8PIRZssZ8b/WMcMf71DJnit4EMU= +github.com/rs/xid v1.2.1/go.mod h1:+uKXf+4Djp6Md1KODXJxgGQPKngRmWyn10oCKFzNHOQ= +github.com/rs/zerolog v1.13.0/go.mod h1:YbFCdg8HfsridGWAh22vktObvhZbQsZXe4/zB0OKkWU= +github.com/rs/zerolog v1.15.0/go.mod h1:xYTKnLHcpfU2225ny5qZjxnj9NvkumZYjJHlAThCjNc= github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= github.com/russross/blackfriday v1.6.0/go.mod h1:ti0ldHuxg49ri4ksnFxlkCfN+hvslNlmVHqNRXXJNAY= github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= @@ -2465,9 +2508,11 @@ github.com/sabhiram/go-gitignore v0.0.0-20210923224102-525f6e181f06/go.mod h1:+e github.com/safchain/ethtool v0.0.0-20190326074333-42ed695e3de8/go.mod h1:Z0q5wiBQGYcxhMZ6gUqHn6pYNLypFAvaL3UvgZLR0U4= github.com/safchain/ethtool v0.0.0-20210803160452-9aa261dae9b1/go.mod h1:Z0q5wiBQGYcxhMZ6gUqHn6pYNLypFAvaL3UvgZLR0U4= github.com/safchain/ethtool v0.2.0/go.mod h1:WkKB1DnNtvsMlDmQ50sgwowDJV/hGbJSOvJoEXs1AJQ= +github.com/samuel/go-zookeeper v0.0.0-20190923202752-2cc03de413da/go.mod h1:gi+0XIa01GRL2eRQVjQkKGqKF3SF9vZR/HnPullcV2E= github.com/santhosh-tekuri/jsonschema/v5 v5.0.0 h1:TToq11gyfNlrMFZiYujSekIsPd9AmsA2Bj/iv+s4JHE= github.com/santhosh-tekuri/jsonschema/v5 v5.0.0/go.mod h1:FKdcjfQW6rpZSnxxUvEA5H/cDPdvJ/SZJQLWWXWGrZ0= github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0= +github.com/scaleway/scaleway-sdk-go v1.0.0-beta.9/go.mod h1:fCa7OJZ/9DRTnOKmxvT6pn+LPWUptQAmHF/SBJUGEcg= github.com/sclevine/agouti v3.0.0+incompatible/go.mod h1:b4WX9W9L1sfQKXeJf1mUTLZKJ48R1S7H23Ji7oFO5Bw= github.com/sclevine/spec v1.2.0/go.mod h1:W4J29eT/Kzv7/b9IWLB055Z+qvVC9vt0Arko24q7p+U= github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc= @@ -2481,16 +2526,22 @@ github.com/segmentio/encoding v0.3.5 h1:UZEiaZ55nlXGDL92scoVuw00RmiRCazIEmvPSbSv github.com/segmentio/encoding v0.3.5/go.mod h1:n0JeuIqEQrQoPDGsjo8UNd1iA0U8d8+oHAA4E3G3OxM= github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo= github.com/sergi/go-diff v1.1.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= -github.com/sergi/go-diff v1.2.0 h1:XU+rvMAioB0UC3q1MFrIQy4Vo5/4VsRDQQXHsEya6xQ= github.com/sergi/go-diff v1.2.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= -github.com/shopspring/decimal v1.2.0 h1:abSATXmQEYyShuxI4/vyW3tV1MrKAJzCZ/0zLUXYbsQ= +github.com/sergi/go-diff v1.3.1 h1:xkr+Oxo4BOQKmkn/B9eMK0g5Kg/983T9DqqPHwYqD+8= +github.com/sergi/go-diff v1.3.1/go.mod h1:aMJSSKb2lpPvRNec0+w3fl7LP9IOFzdc9Pa4NFbPK1I= +github.com/shopspring/decimal v0.0.0-20180709203117-cd690d0c9e24/go.mod h1:M+9NzErvs504Cn4c5DxATwIqPbtswREoFCre64PpcG4= github.com/shopspring/decimal v1.2.0/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o= +github.com/shopspring/decimal v1.3.1 h1:2Usl1nmF/WZucqkFZhnfFYxxxu8LG21F6nPQBE5gKV8= +github.com/shopspring/decimal v1.3.1/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o= github.com/shurcooL/go-goon v0.0.0-20210110234559-7585751d9a17 h1:lRAUE0dIvigSSFAmaM2dfg7OH8T+a8zJ5smEh09a/GI= github.com/shurcooL/go-goon v0.0.0-20210110234559-7585751d9a17/go.mod h1:N5mDOmsrJOB+vfqUK+7DmDyjhSLIIBnXo9lvZJj3MWQ= +github.com/shurcooL/httpfs v0.0.0-20190707220628-8d4bc4ba7749/go.mod h1:ZY1cvUeJuFPAdZ/B6v7RHavJWZn2YPVFQ1OSXhCGOkg= github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= +github.com/shurcooL/vfsgen v0.0.0-20200824052919-0d455de96546/go.mod h1:TrYk7fJVaAttu97ZZKrO9UbRa8izdowaMIZcxYMbVaw= github.com/sirupsen/logrus v1.0.4-0.20170822132746-89742aefa4b2/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc= github.com/sirupsen/logrus v1.0.6/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc= github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= +github.com/sirupsen/logrus v1.4.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q= github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88= @@ -2498,25 +2549,27 @@ github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= github.com/sirupsen/logrus v1.9.0 h1:trlNQbNUG3OdDrDil03MCb1H2o9nJ1x4/5LYw7byDE0= github.com/sirupsen/logrus v1.9.0/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= -github.com/skeema/knownhosts v1.1.0 h1:Wvr9V0MxhjRbl3f9nMnKnFfiWTJmtECJ9Njkea3ysW0= -github.com/skeema/knownhosts v1.1.0/go.mod h1:sKFq3RD6/TKZkSWn8boUbDC7Qkgcv+8XXijpFO6roag= +github.com/skeema/knownhosts v1.2.0 h1:h9r9cf0+u7wSE+M183ZtMGgOJKiL96brpaz5ekfJCpM= +github.com/skeema/knownhosts v1.2.0/go.mod h1:g4fPeYpque7P0xefxtGzV81ihjC8sX2IqpAoNkjxbMo= github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= github.com/smartystreets/goconvey v0.0.0-20190330032615-68dc04aab96a/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= github.com/soheilhy/cmux v0.1.5/go.mod h1:T7TcVDs9LWfQgPlPsdngu6I6QIoyIFZDDC6sNE1GqG0= +github.com/sony/gobreaker v0.4.1/go.mod h1:ZKptC7FHNvhBz7dN2LGjPVBz2sZJmc0/PkyDJOjmxWY= github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= github.com/spaolacci/murmur3 v1.1.0/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= github.com/spf13/afero v1.3.3/go.mod h1:5KUK8ByomD5Ti5Artl0RtHeI5pTF7MIDuXL3yY520V4= github.com/spf13/afero v1.6.0/go.mod h1:Ai8FlHk4v/PARR026UzYexafAt9roJ7LcLMAmO6Z93I= -github.com/spf13/afero v1.9.2 h1:j49Hj62F0n+DaZ1dDCvhABaPNSGNkt32oRFxI33IEMw= github.com/spf13/afero v1.9.2/go.mod h1:iUV7ddyEEZPO5gA3zD4fJt6iStLlL+Lg4m2cihcDf8Y= +github.com/spf13/afero v1.9.5 h1:stMpOSZFs//0Lv29HduCmli3GUfpFoF3Y1Q/aXj/wVM= +github.com/spf13/afero v1.9.5/go.mod h1:UBogFpq8E9Hx+xc5CNTTEpTnuHVmXDwZcZcE1eb/UhQ= github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= -github.com/spf13/cast v1.4.1 h1:s0hze+J0196ZfEMTs80N7UlFt0BDuQ7Q+JDnHiMWKdA= -github.com/spf13/cast v1.4.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= +github.com/spf13/cast v1.5.0 h1:rj3WzYc11XZaIZMPKmwP96zkFEnnAmV8s6XbB2aY32w= +github.com/spf13/cast v1.5.0/go.mod h1:SpXXQ5YoyJw6s3/6cMTQuxvgRl3PCJiyaX9p6b155UU= github.com/spf13/cobra v0.0.2-0.20171109065643-2da4a54c5cee/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= github.com/spf13/cobra v0.0.5/go.mod h1:3K3wKZymM7VvHMDS9+Akkh4K60UwM26emMESw8tLCHU= @@ -2524,8 +2577,9 @@ github.com/spf13/cobra v1.0.0/go.mod h1:/6GTrnGXV9HjY+aR4k0oJ5tcvakLuG6EuKReYlHN github.com/spf13/cobra v1.1.3/go.mod h1:pGADOWyqRD/YMrPZigI/zbliZ2wVD/23d+is3pSWzOo= github.com/spf13/cobra v1.4.0/go.mod h1:Wo4iy3BUC+X2Fybo0PDqwJIv3dNRiZLHQymsfxlB84g= github.com/spf13/cobra v1.5.0/go.mod h1:dWXEIy2H428czQCjInthrTRUg7yKbok+2Qi/yBIJoUM= -github.com/spf13/cobra v1.6.0 h1:42a0n6jwCot1pUmomAp4T7DeMD+20LFv4Q54pxLf2LI= github.com/spf13/cobra v1.6.0/go.mod h1:IOw/AERYS7UzyrGinqmz6HLUo219MORXGxhbaJUqzrY= +github.com/spf13/cobra v1.7.0 h1:hyqWnYt1ZQShIddO5kBpj3vu05/++x6tJ6dg8EC572I= +github.com/spf13/cobra v1.7.0/go.mod h1:uLxZILRyS/50WlhOIKD7W6V5bgeIt+4sICxh6uRMrb0= github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= github.com/spf13/pflag v0.0.0-20170130214245-9ff6c6923cff/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/pflag v1.0.1-0.20171106142849-4c012f6dcd95/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= @@ -2539,6 +2593,9 @@ github.com/spf13/viper v1.4.0/go.mod h1:PTJ7Z/lr49W6bUbkmS1V3by4uWynFiR9p7+dSq/y github.com/spf13/viper v1.7.0/go.mod h1:8WkrPz2fc9jxqZNCJI/76HCieCp4Q8HaLFoCha5qpdg= github.com/stefanberger/go-pkcs11uri v0.0.0-20201008174630-78d3cae3a980/go.mod h1:AO3tvPzVZ/ayst6UlUKUv6rcPQInYe3IknH3jYhAKu8= github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8= +github.com/streadway/amqp v0.0.0-20190404075320-75d898a42a94/go.mod h1:AZpEONHx3DKn8O/DFsRAY58/XVQiIPMTMB1SddzLXVw= +github.com/streadway/amqp v0.0.0-20190827072141-edfb9018d271/go.mod h1:AZpEONHx3DKn8O/DFsRAY58/XVQiIPMTMB1SddzLXVw= +github.com/streadway/handy v0.0.0-20190108123426-d5acb3125c2a/go.mod h1:qNTQ5P5JnDBl6z3cMAg/SywNDC5ABu5ApDIw6lUbRmI= github.com/stretchr/objx v0.0.0-20180129172003-8a3f7159479f/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= @@ -2547,7 +2604,6 @@ github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSS github.com/stretchr/objx v0.5.0 h1:1zr/of2m5FGMsad5YfcqgdqdWrIhu+EBEJRhR1U7z/c= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v0.0.0-20180303142811-b89eecf5ca5d/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= -github.com/stretchr/testify v1.2.1/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= @@ -2556,6 +2612,7 @@ github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals= +github.com/stretchr/testify v1.7.5/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= @@ -2568,8 +2625,10 @@ github.com/syndtr/gocapability v0.0.0-20180916011248-d98352740cb2/go.mod h1:hkRG github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= github.com/tchap/go-patricia v2.2.6+incompatible/go.mod h1:bmLyhP68RS6kStMGxByiQ23RP/odRBOTVjwp2cDyi6I= github.com/tchap/go-patricia/v2 v2.3.1/go.mod h1:VZRHKAb53DLaG+nA9EaYYiaEx6YztwDlLElMsnSHD4k= +github.com/tedsuo/ifrit v0.0.0-20180802180643-bea94bb476cc/go.mod h1:eyZnKCc955uh98WQvzOm0dgAeLnf2O0Rz0LPoC5ze+0= github.com/texttheater/golang-levenshtein v1.0.1 h1:+cRNoVrfiwufQPhoMzB6N0Yf/Mqajr6t1lOv8GyGE2U= github.com/texttheater/golang-levenshtein v1.0.1/go.mod h1:PYAKrbF5sAiq9wd+H82hs7gNaen0CplQ9uvm6+enD/8= +github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/tmc/grpc-websocket-proxy v0.0.0-20201229170055-e5319fda7802/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= @@ -2611,18 +2670,19 @@ github.com/vmihailenco/msgpack v3.3.3+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6Ac github.com/vmihailenco/msgpack v4.0.1+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk= github.com/vmihailenco/msgpack v4.0.4+incompatible h1:dSLoQfGFAo3F6OoNhwUmLwVgaUXK79GlxNBwueZn0xI= github.com/vmihailenco/msgpack v4.0.4+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk= -github.com/vmihailenco/msgpack/v4 v4.3.12/go.mod h1:gborTTJjAo/GWTqqRjrLCn9pgNN+NXzzngzBKDPIqw4= github.com/vmihailenco/msgpack/v5 v5.3.5 h1:5gO0H1iULLWGhs2H5tbAHIZTV8/cYafcFOr9znI5mJU= github.com/vmihailenco/msgpack/v5 v5.3.5/go.mod h1:7xyJ9e+0+9SaZT0Wt1RGleJXzli6Q/V5KbhBonMG9jc= -github.com/vmihailenco/tagparser v0.1.1/go.mod h1:OeAg3pn3UbLjkWt+rN9oFYB6u/cQgqMEUPoW2WPyhdI= github.com/vmihailenco/tagparser/v2 v2.0.0 h1:y09buUbR+b5aycVFQs/g70pqKVZNBmxwAhO7/IwNM9g= github.com/vmihailenco/tagparser/v2 v2.0.0/go.mod h1:Wri+At7QHww0WTrCBeu4J6bNtoV6mEfg5OIWRZA9qds= +github.com/vultr/govultr/v2 v2.17.2/go.mod h1:ZFOKGWmgjytfyjeyAdhQlSWwTjh2ig+X49cAp50dzXI= github.com/willf/bitset v1.1.11-0.20200630133818-d5bec3311243/go.mod h1:RjeCKbqT1RxIR/KWY6phxZiaY1IyutSBfGjNPySAYV4= github.com/willf/bitset v1.1.11/go.mod h1:83CECat5yLh5zVOf4P1ErAgKA5UDvKtgyUABdr3+MjI= github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= -github.com/xanzy/ssh-agent v0.3.0/go.mod h1:3s9xbODqPuuhK9JV1R321M/FlMZSBvE5aY6eAcqrDh0= github.com/xanzy/ssh-agent v0.3.3 h1:+/15pJfg/RsTxqYcX6fHqOXZwwMP+2VyYWJeWM2qQFM= github.com/xanzy/ssh-agent v0.3.3/go.mod h1:6dzNDKs0J9rVPHPhaGCukekBHKqfl+L3KghI1Bc68Uw= +github.com/xdg-go/pbkdf2 v1.0.0/go.mod h1:jrpuAogTd400dnrH08LKmI/xc1MbPOebTwRqcT5RDeI= +github.com/xdg-go/scram v1.0.2/go.mod h1:1WAq6h33pAW+iRreB34OORO2Nf7qel3VV3fjBj+hCSs= +github.com/xdg-go/stringprep v1.0.2/go.mod h1:8F9zXuvzgwmyT5DUm4GUfZGDdT3W+LCvS6+da4O5kxM= github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb h1:zGWFAtiMcyryUHoUjUJX0/lt1H2+i2Ka2n+D3DImSNo= github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= @@ -2632,9 +2692,10 @@ github.com/xeipuuv/gojsonschema v0.0.0-20180618132009-1d523034197f/go.mod h1:5yf github.com/xeipuuv/gojsonschema v1.2.0 h1:LhYJRs+L4fBtjZUfuSZIKGeVu0QRy8e5Xi7D17UxZ74= github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y= github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= +github.com/xlab/treeprint v1.1.0/go.mod h1:gj5Gd3gPdKtR1ikdDK6fnFLdmIS0X30kTTuNd/WEJu0= github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q= github.com/yashtewari/glob-intersection v0.1.0/go.mod h1:LK7pIC3piUjovexikBbJ26Yml7g8xa5bsjfx2v1fwok= -github.com/yhat/scrape v0.0.0-20161128144610-24b7890b0945/go.mod h1:4vRFPPNYllgCacoj+0FoKOjTW68rUhEfqPLiEJaK2w8= +github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d/go.mod h1:rHwXgn7JulP+udvsHwJoVG1YGAP6VLg4y9I5dyZdqmA= github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= @@ -2649,21 +2710,24 @@ github.com/zclconf/go-cty v1.0.0/go.mod h1:xnAOWiHeOqg2nWS62VtQ7pbOu17FtxJNW8RLE github.com/zclconf/go-cty v1.1.0/go.mod h1:xnAOWiHeOqg2nWS62VtQ7pbOu17FtxJNW8RLEih+O3s= github.com/zclconf/go-cty v1.2.0/go.mod h1:hOPWgoHbaTUnI5k4D2ld+GRpFJSCe6bCM7m1q/N4PQ8= github.com/zclconf/go-cty v1.2.1/go.mod h1:hOPWgoHbaTUnI5k4D2ld+GRpFJSCe6bCM7m1q/N4PQ8= -github.com/zclconf/go-cty v1.10.0/go.mod h1:vVKLxnk3puL4qRAv72AO+W99LUD4da90g3uUAzyuvAk= github.com/zclconf/go-cty v1.13.0/go.mod h1:YKQzy/7pZ7iq2jNFzy5go57xdxdWoLLpaEp4u238AE0= github.com/zclconf/go-cty v1.13.1/go.mod h1:YKQzy/7pZ7iq2jNFzy5go57xdxdWoLLpaEp4u238AE0= -github.com/zclconf/go-cty v1.13.2 h1:4GvrUxe/QUDYuJKAav4EYqdM47/kZa672LwmXFmEKT0= github.com/zclconf/go-cty v1.13.2/go.mod h1:YKQzy/7pZ7iq2jNFzy5go57xdxdWoLLpaEp4u238AE0= +github.com/zclconf/go-cty v1.14.0 h1:/Xrd39K7DXbHzlisFP9c4pHao4yyf+/Ug9LEz+Y/yhc= +github.com/zclconf/go-cty v1.14.0/go.mod h1:VvMs5i0vgZdhYawQNq5kePSpLAoz8u1xvZgrPIxfnZE= +github.com/zclconf/go-cty-debug v0.0.0-20191215020915-b22d67c1ba0b h1:FosyBZYxY34Wul7O/MSKey3txpPYyCqVO5ZyceuQJEI= github.com/zclconf/go-cty-debug v0.0.0-20191215020915-b22d67c1ba0b/go.mod h1:ZRKQfBXbGkpdV6QMzT3rU1kSTAnfu1dO8dPKjYprgj8= github.com/zclconf/go-cty-yaml v1.0.1 h1:up11wlgAaDvlAGENcFDnZgkn0qUJurso7k6EpURKNF8= github.com/zclconf/go-cty-yaml v1.0.1/go.mod h1:IP3Ylp0wQpYm50IHK8OZWKMu6sPJIUgKa8XhiVHura0= github.com/zeebo/assert v1.3.0/go.mod h1:Pq9JiuJQpG8JLJdtkwrJESF0Foym2/D9XMU5ciN/wJ0= github.com/zeebo/xxh3 v1.0.2/go.mod h1:5NWz9Sef7zIDm2JHfFlcQvNekmcEl9ekUZQQKCYaDcA= +github.com/zenazn/goji v0.9.0/go.mod h1:7S9M489iMyHBNxwZnk9/EHS098H4/F6TATF2mIxtB1Q= go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= go.etcd.io/bbolt v1.3.5/go.mod h1:G5EMThwa9y8QZGBClrRx5EY+Yw9kAhnjy3bSjsnlVTQ= go.etcd.io/bbolt v1.3.6/go.mod h1:qXsaaIqmgQH0T+OPdb99Bf+PKfBBQVAdyD6TY9G8XM4= go.etcd.io/bbolt v1.3.7/go.mod h1:N9Mkw9X8x5fupy0IKsmuqVtoGDyxsaDlbk4Rd05IAQw= +go.etcd.io/etcd v0.0.0-20191023171146-3cf2f69b5738/go.mod h1:dnLIgRNXwCJa5e+c6mIZCrds/GIG4ncV9HhK5PX7jPg= go.etcd.io/etcd v0.5.0-alpha.5.0.20200910180754-dd1b699fc489/go.mod h1:yVHk9ub3CSBatqGNg7GRmsnfLWtoW60w4eDYfh7vHDg= go.etcd.io/etcd/api/v3 v3.5.0/go.mod h1:cbVKeC6lCfl7j/8jBhAK6aIYO9XOjdptoxU/nLQcPvs= go.etcd.io/etcd/api/v3 v3.5.5/go.mod h1:KFtNaxGDw4Yx/BA4iPPwevUTAuqcsPxzyX8PHydchN8= @@ -2680,15 +2744,19 @@ go.etcd.io/etcd/raft/v3 v3.5.5/go.mod h1:76TA48q03g1y1VpTue92jZLr9lIHKUNcYdZOOGy go.etcd.io/etcd/server/v3 v3.5.0/go.mod h1:3Ah5ruV+M+7RZr0+Y/5mNLwC+eQlni+mQmOVdCRJoS4= go.etcd.io/etcd/server/v3 v3.5.5/go.mod h1:rZ95vDw/jrvsbj9XpTqPrTAB9/kzchVdhRirySPkUBc= go.etcd.io/gofail v0.1.0/go.mod h1:VZBCXYGZhHAinaBiiqYvuDynvahNsAyLFwB3kEHKz1M= +go.mongodb.org/mongo-driver v1.7.3/go.mod h1:NqaYOwnXWr5Pm7AOpO5QFxKJ503nbMse/R79oO62zWg= +go.mongodb.org/mongo-driver v1.7.5/go.mod h1:VXEWRZ6URJIkUq2SCAyapmhH0ZLRBP+FT4xhp5Zvxng= +go.mongodb.org/mongo-driver v1.8.3/go.mod h1:0sQWfOeY63QTntERDJJ/0SuKK0T1uVSgKCuAROlKEPY= go.mozilla.org/pkcs7 v0.0.0-20200128120323-432b2356ecb1/go.mod h1:SNgMg+EgDFwmvSmLRTNKC5fegJjB7v23qTQ0XLGUNHk= go.opencensus.io v0.15.0/go.mod h1:UffZAU+4sDEINUGP/B7UfBBkq4fqLu9zXAX7ke6CHW0= +go.opencensus.io v0.20.1/go.mod h1:6WKK9ahsWS3RSO+PY9ZHZUfv2irvY6gN279GOPZjmmk= +go.opencensus.io v0.20.2/go.mod h1:6WKK9ahsWS3RSO+PY9ZHZUfv2irvY6gN279GOPZjmmk= go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk= -go.opencensus.io v0.22.6/go.mod h1:XItmlyltB5F7CS4xOC1DcqMoFqwtC6OG2xF7mCv7P7E= go.opencensus.io v0.23.0/go.mod h1:XItmlyltB5F7CS4xOC1DcqMoFqwtC6OG2xF7mCv7P7E= go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0= go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo= @@ -2699,33 +2767,42 @@ go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.2 go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.35.0/go.mod h1:h8TWwRAhQpOd0aM5nYsRD8+flnkj+526GEIVlarH7eY= go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.40.0/go.mod h1:UMklln0+MRhZC4e3PwmN3pCtq4DyIadWw4yikh6bNrw= go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.20.0/go.mod h1:2AboqHi0CiIZU0qwhtUfCYD1GeUzvvIXWNkhDt7ZMG4= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.31.0/go.mod h1:PFmBsWbldL1kiWZk9+0LBZz2brhByaGsvp6pRICMlPE= go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.32.0/go.mod h1:5eCOqeGphOyz6TsY3ZDNjE33SM/TFAK3RGuCL2naTgY= go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.35.0/go.mod h1:9NiG9I2aHTKkcxqCILhjtyNA1QEiCjdBACv4IvrFQ+c= go.opentelemetry.io/otel v0.20.0/go.mod h1:Y3ugLH2oa81t5QO+Lty+zXf8zC9L26ax4Nzoxm/dooo= go.opentelemetry.io/otel v1.0.1/go.mod h1:OPEOD4jIT2SlZPMmwT6FqZz2C0ZNdQqiWcoK6M0SNFU= go.opentelemetry.io/otel v1.3.0/go.mod h1:PWIKzi6JCp7sM0k9yZ43VX+T345uNbAkDKwHVjb2PTs= +go.opentelemetry.io/otel v1.6.0/go.mod h1:bfJD2DZVw0LBxghOTlgnlI0CV3hLDu9XF/QKOUXMTQQ= +go.opentelemetry.io/otel v1.6.1/go.mod h1:blzUabWHkX6LJewxvadmzafgh/wnvBSDBdOuwkAtrWQ= go.opentelemetry.io/otel v1.7.0/go.mod h1:5BdUoMIz5WEs0vt0CUEMtSSaTSHBBVwrhnz7+nrD5xk= go.opentelemetry.io/otel v1.8.0/go.mod h1:2pkj+iMj0o03Y+cW6/m8Y4WkRdYN3AvCXCnzRMp9yvM= go.opentelemetry.io/otel v1.10.0/go.mod h1:NbvWjCthWHKBEUMpf0/v8ZRZlni86PpGFEMA9pnQSnQ= go.opentelemetry.io/otel v1.14.0/go.mod h1:o4buv+dJzx8rohcUeRmWUZhqupFvzWis188WlggnNeU= go.opentelemetry.io/otel/exporters/otlp v0.20.0/go.mod h1:YIieizyaN77rtLJra0buKiNBOm9XQfkPEKBeuhoMwAM= go.opentelemetry.io/otel/exporters/otlp/internal/retry v1.3.0/go.mod h1:VpP4/RMn8bv8gNo9uK7/IMY4mtWLELsS+JIP0inH0h4= +go.opentelemetry.io/otel/exporters/otlp/internal/retry v1.6.1/go.mod h1:NEu79Xo32iVb+0gVNV8PMd7GoWqnyDXRlj04yFjqz40= go.opentelemetry.io/otel/exporters/otlp/internal/retry v1.7.0/go.mod h1:M1hVZHNxcbkAlcvrOMlpQ4YOO3Awf+4N2dxkZL3xm04= go.opentelemetry.io/otel/exporters/otlp/internal/retry v1.10.0/go.mod h1:78XhIg8Ht9vR4tbLNUhXsiOnE2HOuSeKAiAcoVQEpOY= go.opentelemetry.io/otel/exporters/otlp/internal/retry v1.14.0/go.mod h1:UFG7EBMRdXyFstOwH028U0sVf+AvukSGhF0g8+dmNG8= go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.0.1/go.mod h1:Kv8liBeVNFkkkbilbgWRpV+wWuu+H5xdOT6HAgd30iw= go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.3.0/go.mod h1:hO1KLR7jcKaDDKDkvI9dP/FIhpmna5lkqPUQdEjFAM8= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.6.1/go.mod h1:YJ/JbY5ag/tSQFXzH3mtDmHqzF3aFn3DI/aB1n7pt4w= go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.7.0/go.mod h1:ceUgdyfNv4h4gLxHR0WNfDiiVmZFodZhZSbOLhpxqXE= go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.10.0/go.mod h1:Krqnjl22jUJ0HgMzw5eveuCvFDXY4nSYb4F8t5gdrag= go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.14.0/go.mod h1:HrbCVv40OOLTABmOn1ZWty6CHXkU8DK/Urc43tHug70= go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.0.1/go.mod h1:xOvWoTOrQjxjW61xtOmD/WKGRYb/P4NzRo3bs65U6Rk= go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.3.0/go.mod h1:keUU7UfnwWTWpJ+FWnyqmogPa82nuU5VUANFq49hlMY= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.6.1/go.mod h1:UJJXJj0rltNIemDMwkOJyggsvyMG9QHfJeFH0HS5JjM= go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.7.0/go.mod h1:E+/KKhwOSw8yoPxSSuUHG6vKppkvhN+S1Jc7Nib3k3o= go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.10.0/go.mod h1:OfUCyyIiDvNXHWpcWgbF+MWvqPZiNa3YDEnivcnYsV0= go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.14.0/go.mod h1:5w41DY6S9gZrbjuq6Y+753e96WfPha5IcsOSZTtullM= go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.3.0/go.mod h1:QNX1aly8ehqqX1LEa6YniTU7VY9I6R3X/oPxhGdTceE= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.6.1/go.mod h1:DAKwdo06hFLc0U88O10x4xnb5sc7dDRDqRuiN+io8JE= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.7.0/go.mod h1:aFXT9Ng2seM9eizF+LfKiyPBGy8xIZKwhusC1gIu3hA= go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.14.0/go.mod h1:+N7zNjIJv4K+DeX67XXET0P+eIciESgaFDBqh+ZJFS4= go.opentelemetry.io/otel/metric v0.20.0/go.mod h1:598I5tYlH1vzBjn+BTuhzTCSb/9debfNp6R3s7Pr1eU= +go.opentelemetry.io/otel/metric v0.28.0/go.mod h1:TrzsfQAmQaB1PDcdhBauLMk7nyyg9hm+GoQq/ekE9Iw= go.opentelemetry.io/otel/metric v0.30.0/go.mod h1:/ShZ7+TS4dHzDFmfi1kSXMhMVubNoP0oIaBp70J6UXU= go.opentelemetry.io/otel/metric v0.31.0/go.mod h1:ohmwj9KTSIeBnDBm/ZwH2PSZxZzoOaG2xZeekTRzL5A= go.opentelemetry.io/otel/metric v0.37.0/go.mod h1:DmdaHfGt54iV6UKxsV9slj2bBRJcKC1B1uvDLIioc1s= @@ -2733,6 +2810,7 @@ go.opentelemetry.io/otel/oteltest v0.20.0/go.mod h1:L7bgKf9ZB7qCwT9Up7i9/pn0PWIa go.opentelemetry.io/otel/sdk v0.20.0/go.mod h1:g/IcepuwNsoiX5Byy2nNV0ySUF1em498m7hBWC279Yc= go.opentelemetry.io/otel/sdk v1.0.1/go.mod h1:HrdXne+BiwsOHYYkBE5ysIcv2bvdZstxzmCQhxTcZkI= go.opentelemetry.io/otel/sdk v1.3.0/go.mod h1:rIo4suHNhQwBIPg9axF8V9CA72Wz2mKF1teNrup8yzs= +go.opentelemetry.io/otel/sdk v1.6.1/go.mod h1:IVYrddmFZ+eJqu2k38qD3WezFR2pymCzm8tdxyh3R4E= go.opentelemetry.io/otel/sdk v1.7.0/go.mod h1:uTEOTwaqIVuTGiJN7ii13Ibp75wJmYUDe374q6cZwUU= go.opentelemetry.io/otel/sdk v1.10.0/go.mod h1:vO06iKzD5baltJz1zarxMCNHFpUlUiOy4s65ECtn6kE= go.opentelemetry.io/otel/sdk v1.14.0/go.mod h1:bwIC5TjrNG6QDCHNWvW4HLHtUQ4I+VQDsnjhvyZCALM= @@ -2741,6 +2819,8 @@ go.opentelemetry.io/otel/sdk/metric v0.20.0/go.mod h1:knxiS8Xd4E/N+ZqKmUPf3gTTZ4 go.opentelemetry.io/otel/trace v0.20.0/go.mod h1:6GjCW8zgDjwGHGa6GkyeB8+/5vjT16gUEi0Nf1iBdgw= go.opentelemetry.io/otel/trace v1.0.1/go.mod h1:5g4i4fKLaX2BQpSBsxw8YYcgKpMMSW3x7ZTuYBr3sUk= go.opentelemetry.io/otel/trace v1.3.0/go.mod h1:c/VDhno8888bvQYmbYLqe41/Ldmr/KKunbvWM4/fEjk= +go.opentelemetry.io/otel/trace v1.6.0/go.mod h1:qs7BrU5cZ8dXQHBGxHMOxwME/27YH2qEp4/+tZLLwJE= +go.opentelemetry.io/otel/trace v1.6.1/go.mod h1:RkFRM1m0puWIq10oxImnGEduNBzxiN7TXluRBtE+5j0= go.opentelemetry.io/otel/trace v1.7.0/go.mod h1:fzLSB9nqR2eXzxPXb2JW9IKE+ScyXA48yyE4TNvoHqU= go.opentelemetry.io/otel/trace v1.8.0/go.mod h1:0Bt3PXY8w+3pheS3hQUt+wow8b1ojPaTBoTCh2zIFI4= go.opentelemetry.io/otel/trace v1.10.0/go.mod h1:Sij3YYczqAdz+EhmGhE6TpTxUO5/F/AzrK+kxfGqySM= @@ -2748,11 +2828,13 @@ go.opentelemetry.io/otel/trace v1.14.0/go.mod h1:8avnQLK+CG77yNLUae4ea2JDQ6iT+go go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= go.opentelemetry.io/proto/otlp v0.9.0/go.mod h1:1vKfU9rv61e9EVGthD1zNvUbiwPcimSsOPU9brfSHJg= go.opentelemetry.io/proto/otlp v0.11.0/go.mod h1:QpEjXPrNQzrFDZgoTo49dgHR9RYRSrg3NAKnUGl9YpQ= +go.opentelemetry.io/proto/otlp v0.12.1/go.mod h1:H7XAot3MsfNsj7EXtrA2q5xSNQ10UqI405h3+duxN4U= go.opentelemetry.io/proto/otlp v0.15.0/go.mod h1:H7XAot3MsfNsj7EXtrA2q5xSNQ10UqI405h3+duxN4U= go.opentelemetry.io/proto/otlp v0.16.0/go.mod h1:H7XAot3MsfNsj7EXtrA2q5xSNQ10UqI405h3+duxN4U= go.opentelemetry.io/proto/otlp v0.19.0/go.mod h1:H7XAot3MsfNsj7EXtrA2q5xSNQ10UqI405h3+duxN4U= go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= +go.uber.org/atomic v1.5.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ= go.uber.org/atomic v1.6.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ= go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= go.uber.org/atomic v1.9.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= @@ -2760,32 +2842,36 @@ go.uber.org/atomic v1.10.0 h1:9qC72Qh0+3MqyJbAn8YU5xVq1frD8bn3JtD2oXtafVQ= go.uber.org/atomic v1.10.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0= go.uber.org/automaxprocs v1.5.1/go.mod h1:BF4eumQw0P9GtnuxxovUd06vwm1o18oMzFtK66vU6XU= go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A= +go.uber.org/goleak v1.1.11/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ= go.uber.org/goleak v1.1.12/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ= go.uber.org/goleak v1.2.1/go.mod h1:qlT2yGI9QafXHhZZLxlSuNsMw3FFLxBr+tBRlmO1xH4= go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= +go.uber.org/multierr v1.3.0/go.mod h1:VgVr7evmIr6uPjLBxg28wmKNXyqE9akIJ5XnfpiKl+4= +go.uber.org/multierr v1.5.0/go.mod h1:FeouvMocqHpRaaGuG9EjoKcStLC43Zu/fmqdUMPcKYU= go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= -go.uber.org/multierr v1.7.0/go.mod h1:7EAYxJLBy9rStEaz58O2t4Uvip6FSURkq8/ppBp95ak= +go.uber.org/multierr v1.8.0/go.mod h1:7EAYxJLBy9rStEaz58O2t4Uvip6FSURkq8/ppBp95ak= +go.uber.org/tools v0.0.0-20190618225709-2cfd321de3ee/go.mod h1:vJERXedbb3MVM5f9Ejo0C68/HhF8uaILCdgjnY+goOA= +go.uber.org/zap v1.9.1/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= +go.uber.org/zap v1.13.0/go.mod h1:zwrFLgMcdUuIBviXEYEH1YKNaOBnKXsx2IPda5bBwHM= go.uber.org/zap v1.17.0/go.mod h1:MXVU+bhUf/A7Xi2HNOnopQOrmycQ5Ih87HtOu4q5SSo= -go.uber.org/zap v1.18.1/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI= go.uber.org/zap v1.19.0/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI= -gocloud.dev v0.24.0 h1:cNtHD07zQQiv02OiwwDyVMuHmR7iQt2RLkzoAgz7wBs= -gocloud.dev v0.24.0/go.mod h1:uA+als++iBX5ShuG4upQo/3Zoz49iIPlYUWHV5mM8w8= -gocloud.dev/secrets/hashivault v0.24.0 h1:rutqnevHcRze+92YMGmjCH3gX+qES8IArg5qPhr8ZnM= -gocloud.dev/secrets/hashivault v0.24.0/go.mod h1:I4EieZgy8VTp5iVK2jSPlTidjENujhKq2Y/wXz8r8V0= +go.uber.org/zap v1.21.0/go.mod h1:wjWOCqI0f2ZZrJF/UufIOkiC8ii6tm1iqIsLo76RfJw= +gocloud.dev v0.27.0 h1:j0WTUsnKTxCsWO7y8T+YCiBZUmLl9w/WIowqAY3yo0g= +gocloud.dev v0.27.0/go.mod h1:YlYKhYsY5/1JdHGWQDkAuqkezVKowu7qbe9aIeUF6p0= +gocloud.dev/secrets/hashivault v0.27.0 h1:AAeGJXr0tiHHJgg5tL8atOGktB4eK9EJAqkZbPKAcOo= +gocloud.dev/secrets/hashivault v0.27.0/go.mod h1:offqsI5oj0B0bVHZdfk/88uIb3NnN93ia8py0yvRlHY= golang.org/x/arch v0.1.0/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8= golang.org/x/crypto v0.0.0-20171113213409-9f005a07e0d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20181009213950-7c1a557ab941/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20181029021203-45a5f77698d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20190219172222-a4c6cb3142f2/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20190325154230-a5d413f7728c/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20190418165655-df01cb2cc480/go.mod h1:WFFai1msRO1wXaEeE5yQxYXgSfI8pQAWXbQop6sCtWE= +golang.org/x/crypto v0.0.0-20190411191339-88737f569e3a/go.mod h1:WFFai1msRO1wXaEeE5yQxYXgSfI8pQAWXbQop6sCtWE= +golang.org/x/crypto v0.0.0-20190422162423-af44ce270edf/go.mod h1:WFFai1msRO1wXaEeE5yQxYXgSfI8pQAWXbQop6sCtWE= golang.org/x/crypto v0.0.0-20190426145343-a29dc8fdc734/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190530122614-20be4c3c3ed5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= @@ -2793,6 +2879,7 @@ golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.0.0-20190911031432-227b76d455e7/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190923035154-9ee001bba392/go.mod h1:/lpIB1dKB+9EgE3H3cr1v9wB50oz8l4C4h62xy7jSTY= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20200302210943-78000ba7a073/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200414173820-0848c9571904/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200604202706-70a84ac30bf9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= @@ -2800,21 +2887,24 @@ golang.org/x/crypto v0.0.0-20200728195943-123391ffb6de/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.0.0-20200820211705-5c72a883971a/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20201016220609-9e8e0b390897/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20201203163018-be400aefbc4c/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= +golang.org/x/crypto v0.0.0-20201216223049-8b5274cf687f/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= -golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a/go.mod h1:P+XmwS30IXTQdn5tA2iutPOUgjI07+tq3H3K9MVA1s8= +golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20210817164053-32db794688a5/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20211108221036-ceb1ce70b4fa/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= +golang.org/x/crypto v0.0.0-20211202192323-5770296d904e/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220214200702-86341886e292/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220313003712-b769efc7c000/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.0.0-20220314234659-1baeb1ce4c0b/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220411220226-7b82a4e95df4/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220427172511-eb4f295cb31f/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= +golang.org/x/crypto v0.0.0-20220511200225-c6db032c6c88/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220517005047-85d78b3ac167/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220525230936-793ad666bf5e/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= @@ -2822,14 +2912,10 @@ golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0 golang.org/x/crypto v0.0.0-20220826181053-bd7e27e6170d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw= golang.org/x/crypto v0.3.1-0.20221117191849-2c476679df9a/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= -golang.org/x/crypto v0.5.0/go.mod h1:NK/OQwhpMQP3MwtdjgLlYHnH9ebylxKWv3e0fK+mkQU= golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58= golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU= golang.org/x/crypto v0.8.0/go.mod h1:mRqEX+O9/h5TFCrQhkgjo2yKi0yYA+9ecGkdQoHrywE= -golang.org/x/crypto v0.9.0/go.mod h1:yrmDGqONDYtNj3tH8X9dzUun2m2lzPa9ngI6/RUPGR0= -golang.org/x/crypto v0.10.0/go.mod h1:o4eNf7Ede1fv+hwOwZsTHl9EsPFO6q6ZvYR8vYfY45I= golang.org/x/crypto v0.11.0/go.mod h1:xgJhtzW8F9jGdVFWZESrid1U1bjeNy4zgy5cRr/CIio= -golang.org/x/crypto v0.12.0/go.mod h1:NF0Gs7EO5K4qLn+Ylc+fih8BSTeIjAP05siRnAh98yw= golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc= golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc= golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= @@ -2848,6 +2934,8 @@ golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u0 golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= golang.org/x/exp v0.0.0-20220827204233-334a2380cb91/go.mod h1:cyybsKvd6eL0RnXn6p/Grxp8F5bW7iYuBgsNCOHpMYE= +golang.org/x/exp v0.0.0-20231006140011-7918f672742d h1:jtJma62tbqLibJ5sFQz8bKtEM8rJBtfilJ2qTU199MI= +golang.org/x/exp v0.0.0-20231006140011-7918f672742d/go.mod h1:ldy0pHrwJyGW56pPQzzkH36rKxoZW1tw7ZJpeKx+hdo= golang.org/x/image v0.0.0-20180708004352-c73c2afc3b81/go.mod h1:ux5Hcp/YLpHSI86hEcLt0YII63i6oz57MZXIpbrjZUs= golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= @@ -2892,9 +2980,9 @@ golang.org/x/mod v0.6.0/go.mod h1:4mET923SAdbXp2ki8ey+zGs1SLqsuM2Y0uvdZR/fUNI= golang.org/x/mod v0.7.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.9.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/mod v0.10.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/mod v0.11.0 h1:bUO06HqtnRcc/7l71XBe4WcqTZ+3AH1J59zWDDwLKgU= -golang.org/x/mod v0.11.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= +golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= +golang.org/x/mod v0.13.0 h1:I/DsJXRlw/8l/0c24sM9yb0T4z9liZTduXvdAWYiysY= +golang.org/x/mod v0.13.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.0.0-20180530234432-1e491301e022/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180811021610-c39426892332/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -2906,6 +2994,7 @@ golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73r golang.org/x/net v0.0.0-20181201002055-351d144fa1fc/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190125091013-d26f9f9a57f3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= @@ -2923,7 +3012,6 @@ golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLL golang.org/x/net v0.0.0-20190923162816-aa69164e4478/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20191004110552-13f9640d40b9/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20191009170851-d66e71096ffb/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20191112182307-2180aed22343/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= @@ -2937,7 +3025,6 @@ golang.org/x/net v0.0.0-20200506145744-7e3656a0809f/go.mod h1:qpuaurCH72eLCgpAm/ golang.org/x/net v0.0.0-20200513185701-a91f0712d120/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20200520182314-0ba52f642ac2/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200602114024-627f9648deb9/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= @@ -2952,14 +3039,14 @@ golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v golang.org/x/net v0.0.0-20210119194325-5f4716e94777/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4/go.mod h1:RBQZq4jEuRlivfhVLdyRGr576XBO4/greRjx4P4O3yc= -golang.org/x/net v0.0.0-20210326060303-6b1517762897/go.mod h1:uSPa2vr4CLtc/ILN5odXGNXS6mhrKVzTaCXzk9m6W3k= golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= +golang.org/x/net v0.0.0-20210410081132-afb366fc7cd1/go.mod h1:9tjilg8BloeKEkVJvy7fQ90B1CfIiPueXVOjqfkSzI8= +golang.org/x/net v0.0.0-20210421230115-4e50805a0758/go.mod h1:72T/g9IO56b78aLF+1Kcs5dz7/ng1VjMUvfKvpfy+jM= golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk= golang.org/x/net v0.0.0-20210503060351-7fd8e65b6420/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210520170846-37e1c6afe023/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210610132358-84b48f89b13b/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20210614182718-04defd469f4e/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210726213435-c6fcb2dbf985/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210813160813-60bc85c4be6d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210825183410-e898025ed96a/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= @@ -2976,6 +3063,7 @@ golang.org/x/net v0.0.0-20220607020251-c690dde0001d/go.mod h1:XRhObCWvk6IyKnWLug golang.org/x/net v0.0.0-20220617184016-355a448f1bc9/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.0.0-20220624214902-1bab6f366d9e/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= +golang.org/x/net v0.0.0-20220802222814-0bcc04d9c69b/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= golang.org/x/net v0.0.0-20220826154423-83b083e8dc8b/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= golang.org/x/net v0.0.0-20220909164309-bea034e7d591/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= golang.org/x/net v0.0.0-20221012135044-0b7e1fb9d458/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= @@ -2990,9 +3078,8 @@ golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns= golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= -golang.org/x/net v0.11.0/go.mod h1:2L/ixqYpgIVXmeoSA/4Lu7BzTG4KIyPIryS4IsOd1oQ= golang.org/x/net v0.12.0/go.mod h1:zEVYFnQC7m/vmpQFELhcD1EWkZlX69l4oqgmer6hfKA= -golang.org/x/net v0.14.0/go.mod h1:PpSgVXXLK0OxS0F31C1/tv6XNguvCrnXIDrFMspZIUI= +golang.org/x/net v0.13.0/go.mod h1:zEVYFnQC7m/vmpQFELhcD1EWkZlX69l4oqgmer6hfKA= golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk= golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= @@ -3004,7 +3091,6 @@ golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4Iltr golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20201109201403-9fd604954f58/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210126194326-f9ce19ea3013/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210220000619-9bb904979d93/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210313182246-cd4f82c27b84/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= @@ -3013,12 +3099,15 @@ golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ golang.org/x/oauth2 v0.0.0-20210628180205-a41e5a781914/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210805134026-6f1e6394065a/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210819190943-2bc19b11175f/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20211005180243-6b3c2da341f1/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= golang.org/x/oauth2 v0.0.0-20220309155454-6242fa91716a/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= golang.org/x/oauth2 v0.0.0-20220411215720-9780585627b5/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= golang.org/x/oauth2 v0.0.0-20220608161450-d0670ef3b1eb/go.mod h1:jaDAt6Dkxork7LmZnYtzbRWj0W47D86a3TGe0YHBvmE= golang.org/x/oauth2 v0.0.0-20220622183110-fd043fe589d2/go.mod h1:jaDAt6Dkxork7LmZnYtzbRWj0W47D86a3TGe0YHBvmE= +golang.org/x/oauth2 v0.0.0-20220628200809-02e64fa58f26/go.mod h1:jaDAt6Dkxork7LmZnYtzbRWj0W47D86a3TGe0YHBvmE= +golang.org/x/oauth2 v0.0.0-20220722155238-128564f6959c/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg= golang.org/x/oauth2 v0.0.0-20220822191816-0ebed06d0094/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg= golang.org/x/oauth2 v0.0.0-20220909003341-f21342109be1/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg= golang.org/x/oauth2 v0.0.0-20221006150949-b44042a4b9c1/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg= @@ -3029,15 +3118,13 @@ golang.org/x/oauth2 v0.4.0/go.mod h1:RznEsdpjGAINPTOF0UH/t+xJ75L18YO3Ho6Pyn+uRec golang.org/x/oauth2 v0.5.0/go.mod h1:9/XBHVqLaWO3/BRHs5jbpYCnOZVjj5V0ndyaAM7KB4I= golang.org/x/oauth2 v0.6.0/go.mod h1:ycmewcwgD4Rpr3eZJLSB4Kyyljb3qDh40vJ8STE5HKw= golang.org/x/oauth2 v0.7.0/go.mod h1:hPLQkd9LyjfXTiRohC/41GhcFqxisoUQ99sCUOHO9x4= -golang.org/x/oauth2 v0.8.0/go.mod h1:yr7u4HXZRm1R1kBWqr/xKNqewf0plRYoB7sla+BCIXE= -golang.org/x/oauth2 v0.10.0/go.mod h1:kTpgurOux7LqtuxjuyZa4Gj2gdezIt/jQtGnNFfypQI= -golang.org/x/oauth2 v0.11.0/go.mod h1:LdF7O/8bLR/qWK9DrpXmbHLTouvRHK0SgJl0GmDBchk= golang.org/x/oauth2 v0.12.0 h1:smVPGxink+n1ZI5pkQa8y6fZT0RW0MgCO5bFpepy4B4= golang.org/x/oauth2 v0.12.0/go.mod h1:A74bZ3aGXgCY0qaIC9Ahg6Lglin4AMAco8cIv9baba4= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190412183630-56d357773e84/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -3050,9 +3137,8 @@ golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20220819030929-7fc1605a5dde/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220929204114-8fcdb60fdcc0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.2.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.3.0 h1:ftCYgMx6zT/asHUrPw8BLLscYtGznsLAnjq5RH9P66E= -golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= +golang.org/x/sync v0.4.0 h1:zxkM55ReGkDlKSM+Fu41A+zmbZuaPVbGMzvvdUPznYQ= +golang.org/x/sync v0.4.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -3060,6 +3146,7 @@ golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5h golang.org/x/sys v0.0.0-20181026203630-95b1ffbd15a5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20181122145206-62eef0e2fa9b/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181205085412-a5c9d58dba9a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190129075346-302c3dd5f1cc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -3067,13 +3154,14 @@ golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5h golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190403152447-81d4e9dc473e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190419153524-e8e3143a4f4a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190502175342-a43fa875dd82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190514135907-3a4b5fb9f71f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190522044717-8097e1b27ff5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190530182044-ad28b68e88f1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190531175056-4c3a928424d2/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190602015325-4c4f7f33c9ed/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190606203320-7fc4e5ec1444/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -3084,6 +3172,7 @@ golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20190801041406-cbf593c0f2f3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190804053845-51ab0e2deafa/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190812073006-9eafafc0a87e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -3094,11 +3183,11 @@ golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20191008105621-543471e840be/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191022100944-742c48ecaeb7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191112214154-59a1497f0cea/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191115151921-52ab43148777/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191210023423-ac6580df4449/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191220142924-d4481acd189f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200106162015-b016eb3dc98e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200113162924-86b910548bc1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -3118,14 +3207,12 @@ golang.org/x/sys v0.0.0-20200511232937-7e40ca221e25/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20200515095857-1151b9dac4a9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200519105757-fe76b779f299/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200602225109-6fdc65e7d980/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200622214017-ed371f2e16b4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200625212154-ddb9806d33ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200728102440-3e129f6d46b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200817155316-9781c653f443/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200828194041-157a740278f4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200831180312-196b9ba8737a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200905004654-be1d3432aa8f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200909081042-eff7692f9009/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -3143,7 +3230,6 @@ golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210220050731-9a76102bfb43/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210223095934-7937bea0104d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210225134936-a50acf3fe073/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210303074136-134d130e1a04/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210304124612-50617c2ba197/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -3153,10 +3239,10 @@ golang.org/x/sys v0.0.0-20210320140829-1e4c9ba3b0c4/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210324051608-47abb6519492/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210403161142-5e06dd20ab57/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210420072515-93ed5bcd2bfe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423185535-09eb48e85fd7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210426230700-d19ff857e887/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210502180810-71e4cd670f79/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210503080704-8803ae5d1324/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210514084401-e8d321eab015/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= @@ -3175,6 +3261,7 @@ golang.org/x/sys v0.0.0-20210831042530-f4d43177bf5e/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20210903071746-97244b99971b/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210906170528-6f6e22806c34/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210908233432-aa78b53d3365/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210917161153-d61c044b1678/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211007075335-d3039528d8ac/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211019181941-9d821ace8654/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= @@ -3188,6 +3275,7 @@ golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220128215802-99c3d69c2c27/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220209214540-3681064d5158/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220227234510-4e6760a101f9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220310020820-b874c991c1a5/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220319134239-a9b59b0215f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220328115105-d36c6a25d886/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220405210540-1e041c57c461/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= @@ -3199,9 +3287,11 @@ golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220610221304-9f5ed59c137d/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220615213510-4f61da869c0c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220624220833-87e55d714810/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220627191245-f75cf1eec38b/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220728004956-3c1f35247d10/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220731174439-a90be440212d/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220825204002-c680a09ffe64/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220829200755-d48e67d00261/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= @@ -3214,9 +3304,7 @@ golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.9.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE= golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= @@ -3234,9 +3322,7 @@ golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U= golang.org/x/term v0.7.0/go.mod h1:P32HKFT3hSsZrRxla30E9HqToFYAQPCMs/zFMBUFqPY= golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= -golang.org/x/term v0.9.0/go.mod h1:M6DEAAIenWoTxdKrOltXcmDY3rSplQUkrvaDU5FcQyo= golang.org/x/term v0.10.0/go.mod h1:lpqdcUyK/oCiQxvxVrppt5ggO2KCZ5QblwqPnfZ6d5o= -golang.org/x/term v0.11.0/go.mod h1:zC9APTIj3jG3FdV/Ons+XE1riIZXG4aZ4GTHiPZJPIU= golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU= golang.org/x/term v0.13.0 h1:bb+I9cTfFazGW51MZqBVmZy7+JEJMouUHTUSKVQLBek= golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= @@ -3256,9 +3342,7 @@ golang.org/x/text v0.6.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= -golang.org/x/text v0.10.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/text v0.11.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= -golang.org/x/text v0.12.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k= golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -3270,13 +3354,17 @@ golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e/go.mod h1:tRJNPiyCQ0inRvYxb golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20220210224613-90d013bbcef8/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20220224211638-0e9765cccd65/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20220411224347-583f2d630306/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20220609170525-579cf78fd858/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20220722155302-e5dcc9cfc0b9/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20220922220347-f3bd1da661af/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.1.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180525024113-a5b4c53f6e8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20180828015842-6cd1fcedba52/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20181011042414-1f849cf54d09/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= @@ -3287,10 +3375,15 @@ golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3 golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190329151228-23e29df326fe/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190416151739-9c9e1878f421/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190420181800-aa740d480789/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190422233926-fe54fb35175b/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/tools v0.0.0-20190425163242-31fd60d6bfdc/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/tools v0.0.0-20190531172133-b3315ee88b7d/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190614205625-5aca471b1d59/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= @@ -3298,11 +3391,13 @@ golang.org/x/tools v0.0.0-20190624222133-a101b041ded4/go.mod h1:/rFqwRUd4F7ZHNgw golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190706070813-72ffa07ba3db/go.mod h1:jcCCGcm9btYwXyDqrUWc6MKQKKGJCWEQ3AfLSRIbEuI= golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20190823170909-c4a336ef6a2f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20190907020128-2ca718005c18/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20190927191325-030b2cf1153e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191029041327-9cc4af7d6b2c/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191029190741-b9c20aec41a5/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191108193012-7d206e10da11/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191112195655-aa38f8e97acc/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= @@ -3312,6 +3407,7 @@ golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtn golang.org/x/tools v0.0.0-20191130070609-6e064ea0cf2d/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191216173652-a0e659d51361/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200103221440-774c71fcf114/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200117161641-43d50277825c/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200122220014-bf1340f18c4a/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= @@ -3350,8 +3446,10 @@ golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.3/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.1.6-0.20210726203631-07bc1bf47fb2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.9/go.mod h1:nABZi5QlRsZVlzPpHl034qft6wpY4eDcsTt5AaioBiU= golang.org/x/tools v0.1.10/go.mod h1:Uh6Zz+xoGYZom868N8YTex3t7RhtHDBrE8Gzo9bV56E= +golang.org/x/tools v0.1.11/go.mod h1:SgwaegtQh8clINPpECJMqnxLv9I09HLqnW3RMqW0CA4= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/tools v0.2.0/go.mod h1:y4OqIKeOV/fWJetJ8bXPU1sEVniLMIyDAZWeHdV+NTA= golang.org/x/tools v0.3.0/go.mod h1:/rWhSS2+zyEVwoJf8YAX6L2f0ntZ7Kn/mGgAWcipA5k= @@ -3359,10 +3457,10 @@ golang.org/x/tools v0.4.0/go.mod h1:UE5sM2OK9E/d67R0ANs2xJizIymRP5gJU295PvKXxjQ= golang.org/x/tools v0.5.0/go.mod h1:N+Kgy78s5I24c24dU8OfWNEotWjutIs8SnJvn5IDq+k= golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= golang.org/x/tools v0.7.0/go.mod h1:4pg6aUX35JBAogB10C9AtvVL+qowtN4pT3CGSQex14s= -golang.org/x/tools v0.8.0/go.mod h1:JxBZ99ISMI5ViVkT1tr6tdNmXeTrcpVSD3vZ1RsRdN4= -golang.org/x/tools v0.9.1/go.mod h1:owI94Op576fPu3cIGQeHs3joujW/2Oc6MtlxbF5dfNc= -golang.org/x/tools v0.10.0 h1:tvDr/iQoUqNdohiYm0LmmKcBk+q86lb9EprIUFhHHGg= -golang.org/x/tools v0.10.0/go.mod h1:UJwyiVBsOA2uwvK/e5OY3GTpDUJriEd+/YlqAwLPmyM= +golang.org/x/tools v0.14.0 h1:jvNa2pY0M4r62jkRQ6RwEZZyPcymeL9XZMLBbV7U2nc= +golang.org/x/tools v0.14.0/go.mod h1:uYBEerGOWcJyEORxN+Ek8+TT266gXkNlHdJBwexUsBg= +golang.org/x/xerrors v0.0.0-20190410155217-1f06c39b4373/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20190513163551-3ee3066db522/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -3381,6 +3479,7 @@ gonum.org/v1/plot v0.0.0-20190515093506-e2840ee46a6b/go.mod h1:Wt8AAjI+ypCyYX3nZ gonum.org/v1/plot v0.9.0/go.mod h1:3Pcqqmp6RHvJI72kgb8fThyUnav364FOsdDo2aGW5lY= gonum.org/v1/plot v0.10.1/go.mod h1:VZW5OlhkL1mysU9vaqNHnsy86inf6Ot+jB3r+BczCEo= google.golang.org/api v0.0.0-20160322025152-9bf6e6e569ff/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0= +google.golang.org/api v0.3.1/go.mod h1:6wY9I6uQWHQ8EM57III9mq/AjF+i8G65rmVagqKMtkk= google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M= google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= @@ -3399,7 +3498,6 @@ google.golang.org/api v0.29.0/go.mod h1:Lcubydp8VUV7KeIHD9z2Bys/sm/vGKnG1UHuDBSr google.golang.org/api v0.30.0/go.mod h1:QGmEvQ87FHZNiUVJkT14jQNYJ4ZJjdRF23ZXz5138Fc= google.golang.org/api v0.35.0/go.mod h1:/XrVsuzM0rZmrsbjJutiuftIzeuTQcEeaYcSk/mQ1dg= google.golang.org/api v0.36.0/go.mod h1:+z5ficQTmoYpPn8LCUNVpK5I7hwkpjbcgqA7I34qYtE= -google.golang.org/api v0.37.0/go.mod h1:fYKFpnQN0DsDSKRVRcQSDQNtqWPfM9i+zNPxepjRCQ8= google.golang.org/api v0.40.0/go.mod h1:fYKFpnQN0DsDSKRVRcQSDQNtqWPfM9i+zNPxepjRCQ8= google.golang.org/api v0.41.0/go.mod h1:RkxM5lITDfTzmyKFPt+wGrCJbVfniCr2ool8kTBzRTU= google.golang.org/api v0.43.0/go.mod h1:nQsDGjRXMo4lvh5hP0TKqF244gqhGcr/YSIykhUk/94= @@ -3408,11 +3506,12 @@ google.golang.org/api v0.47.0/go.mod h1:Wbvgpq1HddcWVtzsVLyfLp8lDg6AA241LmgIL59t google.golang.org/api v0.48.0/go.mod h1:71Pr1vy+TAZRPkPs/xlCf5SsU8WjuAWv1Pfjbtukyy4= google.golang.org/api v0.50.0/go.mod h1:4bNT5pAuq5ji4SRZm+5QIkjny9JAyVD/3gaSihNefaw= google.golang.org/api v0.51.0/go.mod h1:t4HdrdoNgyN5cbEfm7Lum0lcLDLiise1F8qDKX00sOU= -google.golang.org/api v0.52.0/go.mod h1:Him/adpjt0sxtkWViy0b6xyKW/SD71CwdJ7HqJo7SrU= google.golang.org/api v0.54.0/go.mod h1:7C4bFFOvVDGXjfDTAsgGwDgAxRDeQ4X8NvUedIt6z3k= google.golang.org/api v0.55.0/go.mod h1:38yMfeP1kfjsl8isn0tliTjIb1rJXcQi4UXlbqivdVE= google.golang.org/api v0.56.0/go.mod h1:38yMfeP1kfjsl8isn0tliTjIb1rJXcQi4UXlbqivdVE= google.golang.org/api v0.57.0/go.mod h1:dVPlbZyBo2/OjBpmvNdpn2GRm6rPy75jyU7bmhdrMgI= +google.golang.org/api v0.58.0/go.mod h1:cAbP2FsxoGVNwtgNAmmn3y5G1TWAiVYRmg4yku3lv+E= +google.golang.org/api v0.59.0/go.mod h1:sT2boj7M9YJxZzgeZqXogmhfmRWDtPzT31xkieUbuZU= google.golang.org/api v0.61.0/go.mod h1:xQRti5UdCmoCEqFxcz93fTl338AVqDgyaDRuOZ3hg9I= google.golang.org/api v0.63.0/go.mod h1:gs4ij2ffTRXwuzzgJl/56BdwJaA194ijkfn++9tDuPo= google.golang.org/api v0.67.0/go.mod h1:ShHKP8E60yPsKNw/w8w+VYaj9H6buA5UqDp8dhbQZ6g= @@ -3425,7 +3524,9 @@ google.golang.org/api v0.78.0/go.mod h1:1Sg78yoMLOhlQTeF+ARBoytAcH1NNyyl390YMy6r google.golang.org/api v0.80.0/go.mod h1:xY3nI94gbvBrE0J6NHXhxOmW97HG7Khjkku6AFB3Hyg= google.golang.org/api v0.84.0/go.mod h1:NTsGnUFJMYROtiquksZHBWtHfeMC7iYthki7Eq3pa8o= google.golang.org/api v0.85.0/go.mod h1:AqZf8Ep9uZ2pyTvgL+x0D3Zt0eoT9b5E8fmzfu6FO2g= +google.golang.org/api v0.86.0/go.mod h1:+Sem1dnrKlrXMR/X0bPnMWyluQe4RsNoYfmNLhOIkzw= google.golang.org/api v0.90.0/go.mod h1:+Sem1dnrKlrXMR/X0bPnMWyluQe4RsNoYfmNLhOIkzw= +google.golang.org/api v0.91.0/go.mod h1:+Sem1dnrKlrXMR/X0bPnMWyluQe4RsNoYfmNLhOIkzw= google.golang.org/api v0.93.0/go.mod h1:+Sem1dnrKlrXMR/X0bPnMWyluQe4RsNoYfmNLhOIkzw= google.golang.org/api v0.95.0/go.mod h1:eADj+UBuxkh5zlrSntJghuNeg8HwQ1w5lTKkuqaETEI= google.golang.org/api v0.96.0/go.mod h1:w7wJQLTM+wvQpNf5JyEcBoxK0RH7EDrh/L4qfsuJ13s= @@ -3441,16 +3542,10 @@ google.golang.org/api v0.108.0/go.mod h1:2Ts0XTHNVWxypznxWOYUeI4g3WdP9Pk2Qk58+a/ google.golang.org/api v0.110.0/go.mod h1:7FC4Vvx1Mooxh8C5HWjzZHcavuS2f6pmJpZx60ca7iI= google.golang.org/api v0.111.0/go.mod h1:qtFHvU9mhgTJegR31csQ+rwxyUTHOKFqCKWp1J0fdw0= google.golang.org/api v0.114.0/go.mod h1:ifYI2ZsFK6/uGddGfAD5BMxlnkBqCmqHSDUVi45N5Yg= -google.golang.org/api v0.118.0/go.mod h1:76TtD3vkgmZ66zZzp72bUUklpmQmKlhh6sYtIjYK+5E= -google.golang.org/api v0.122.0/go.mod h1:gcitW0lvnyWjSp9nKxAbdHKIZ6vF4aajGueeslZOyms= -google.golang.org/api v0.124.0/go.mod h1:xu2HQurE5gi/3t1aFCvhPD781p0a3p11sdunTJ2BlP4= -google.golang.org/api v0.125.0/go.mod h1:mBwVAtz+87bEN6CbA1GtZPDOqY2R5ONPqJeIlvyo4Aw= -google.golang.org/api v0.126.0/go.mod h1:mBwVAtz+87bEN6CbA1GtZPDOqY2R5ONPqJeIlvyo4Aw= -google.golang.org/api v0.128.0/go.mod h1:Y611qgqaE92On/7g65MQgxYul3c0rEB894kniWLY750= -google.golang.org/api v0.138.0/go.mod h1:4xyob8CxC+0GChNBvEUAk8VBKNvYOTWM9T3v3UfRxuY= google.golang.org/api v0.144.0 h1:01xgplvIwdMpnrlenPHMgRAAgAH9N5Zv21Qu6XwJxSU= google.golang.org/api v0.144.0/go.mod h1:OARJqIfoYjXJj4C1AiBSXYZt03qsoz8FQYU6fBEfrHM= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= +google.golang.org/appengine v1.2.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0= @@ -3466,6 +3561,7 @@ google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRn google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= google.golang.org/genproto v0.0.0-20190522204451-c2c4e71fbf69/go.mod h1:z3L6/3dTEVtUr6QSP8miRzeRqwQOioJ9I66odjN4I7s= +google.golang.org/genproto v0.0.0-20190530194941-fb225487d101/go.mod h1:z3L6/3dTEVtUr6QSP8miRzeRqwQOioJ9I66odjN4I7s= google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8= @@ -3502,7 +3598,6 @@ google.golang.org/genproto v0.0.0-20201201144952-b05cb90ed32e/go.mod h1:FWY/as6D google.golang.org/genproto v0.0.0-20201210142538-e3217bee35cc/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20201214200347-8c77b98c765d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20210108203827-ffc7fda8c3d7/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20210126160654-44e461bb6506/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20210222152913-aa3ee6e6a81c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20210226172003-ab064af71705/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20210303154014-9728d6b83eeb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= @@ -3519,18 +3614,20 @@ google.golang.org/genproto v0.0.0-20210608205507-b6d2f5bf0d7d/go.mod h1:UODoCrxH google.golang.org/genproto v0.0.0-20210624195500-8bfb893ecb84/go.mod h1:SzzZ/N+nwJDaO1kznhnlzqS8ocJICar6hYhVyhi++24= google.golang.org/genproto v0.0.0-20210713002101-d411969a0d9a/go.mod h1:AxrInvYm1dci+enl5hChSFPOmmUF1+uAa/UsgNRWd7k= google.golang.org/genproto v0.0.0-20210716133855-ce7ef5c701ea/go.mod h1:AxrInvYm1dci+enl5hChSFPOmmUF1+uAa/UsgNRWd7k= -google.golang.org/genproto v0.0.0-20210721163202-f1cecdd8b78a/go.mod h1:ob2IJxKrgPT52GcgX759i1sleT07tiKowYBGbczaW48= -google.golang.org/genproto v0.0.0-20210722135532-667f2b7c528f/go.mod h1:ob2IJxKrgPT52GcgX759i1sleT07tiKowYBGbczaW48= google.golang.org/genproto v0.0.0-20210728212813-7823e685a01f/go.mod h1:ob2IJxKrgPT52GcgX759i1sleT07tiKowYBGbczaW48= google.golang.org/genproto v0.0.0-20210805201207-89edb61ffb67/go.mod h1:ob2IJxKrgPT52GcgX759i1sleT07tiKowYBGbczaW48= google.golang.org/genproto v0.0.0-20210813162853-db860fec028c/go.mod h1:cFeNkxwySK631ADgubI+/XFU/xp8FD5KIVV4rj8UC5w= google.golang.org/genproto v0.0.0-20210821163610-241b8fcbd6c8/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= -google.golang.org/genproto v0.0.0-20210825212027-de86158e7fda/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= google.golang.org/genproto v0.0.0-20210828152312-66f60bf46e71/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= google.golang.org/genproto v0.0.0-20210831024726-fe130286e0e2/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= google.golang.org/genproto v0.0.0-20210903162649-d08c68adba83/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= google.golang.org/genproto v0.0.0-20210909211513-a8c4777a87af/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= +google.golang.org/genproto v0.0.0-20210917145530-b395a37504d4/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= +google.golang.org/genproto v0.0.0-20210921142501-181ce0d877f6/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= google.golang.org/genproto v0.0.0-20210924002016-3dee208752a0/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20211008145708-270636b82663/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20211018162055-cf77aa76bad2/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20211028162531-8db9c33dc351/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= google.golang.org/genproto v0.0.0-20211118181313-81c1377c94b1/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= google.golang.org/genproto v0.0.0-20211206160659-862468c7d6e0/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= google.golang.org/genproto v0.0.0-20211208223120-3a66f561d7aa/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= @@ -3552,6 +3649,7 @@ google.golang.org/genproto v0.0.0-20220429170224-98d788798c3e/go.mod h1:8w6bsBMX google.golang.org/genproto v0.0.0-20220502173005-c8bf987b8c21/go.mod h1:RAyBrSAP7Fh3Nc84ghnVLDPuV51xc9agzmm4Ph6i0Q4= google.golang.org/genproto v0.0.0-20220505152158-f39f71e6c8f3/go.mod h1:RAyBrSAP7Fh3Nc84ghnVLDPuV51xc9agzmm4Ph6i0Q4= google.golang.org/genproto v0.0.0-20220518221133-4f43b3371335/go.mod h1:RAyBrSAP7Fh3Nc84ghnVLDPuV51xc9agzmm4Ph6i0Q4= +google.golang.org/genproto v0.0.0-20220519153652-3a47de7e79bd/go.mod h1:RAyBrSAP7Fh3Nc84ghnVLDPuV51xc9agzmm4Ph6i0Q4= google.golang.org/genproto v0.0.0-20220523171625-347a074981d8/go.mod h1:RAyBrSAP7Fh3Nc84ghnVLDPuV51xc9agzmm4Ph6i0Q4= google.golang.org/genproto v0.0.0-20220608133413-ed9918b62aac/go.mod h1:KEWEmljWE5zPzLBa/oHl6DaEt9LmfH6WtH1OHIvleBA= google.golang.org/genproto v0.0.0-20220616135557-88e70c0c3a90/go.mod h1:KEWEmljWE5zPzLBa/oHl6DaEt9LmfH6WtH1OHIvleBA= @@ -3560,6 +3658,7 @@ google.golang.org/genproto v0.0.0-20220624142145-8cd45d7dbd1f/go.mod h1:KEWEmljW google.golang.org/genproto v0.0.0-20220628213854-d9e0b6570c03/go.mod h1:KEWEmljWE5zPzLBa/oHl6DaEt9LmfH6WtH1OHIvleBA= google.golang.org/genproto v0.0.0-20220722212130-b98a9ff5e252/go.mod h1:GkXuJDJ6aQ7lnJcRF+SJVgFdQhypqgl3LB1C9vabdRE= google.golang.org/genproto v0.0.0-20220801145646-83ce21fca29f/go.mod h1:iHe1svFLAZg9VWz891+QbRMwUv9O/1Ww+/mngYeThbc= +google.golang.org/genproto v0.0.0-20220802133213-ce4fa296bf78/go.mod h1:iHe1svFLAZg9VWz891+QbRMwUv9O/1Ww+/mngYeThbc= google.golang.org/genproto v0.0.0-20220815135757-37a418bb8959/go.mod h1:dbqgFATTzChvnt+ujMdZwITVAJHFtfyN1qUhDqEiIlk= google.golang.org/genproto v0.0.0-20220817144833-d7fd3f11b9b1/go.mod h1:dbqgFATTzChvnt+ujMdZwITVAJHFtfyN1qUhDqEiIlk= google.golang.org/genproto v0.0.0-20220822174746-9e6da59bd2fc/go.mod h1:dbqgFATTzChvnt+ujMdZwITVAJHFtfyN1qUhDqEiIlk= @@ -3604,58 +3703,28 @@ google.golang.org/genproto v0.0.0-20230320184635-7606e756e683/go.mod h1:NWraEVix google.golang.org/genproto v0.0.0-20230323212658-478b75c54725/go.mod h1:UUQDJDOlWu4KYeJZffbWgBkS1YFobzKbLVfK69pe0Ak= google.golang.org/genproto v0.0.0-20230330154414-c0448cd141ea/go.mod h1:UUQDJDOlWu4KYeJZffbWgBkS1YFobzKbLVfK69pe0Ak= google.golang.org/genproto v0.0.0-20230331144136-dcfb400f0633/go.mod h1:UUQDJDOlWu4KYeJZffbWgBkS1YFobzKbLVfK69pe0Ak= -google.golang.org/genproto v0.0.0-20230403163135-c38d8f061ccd/go.mod h1:UUQDJDOlWu4KYeJZffbWgBkS1YFobzKbLVfK69pe0Ak= -google.golang.org/genproto v0.0.0-20230410155749-daa745c078e1/go.mod h1:nKE/iIaLqn2bQwXBg8f1g2Ylh6r5MN5CmZvuzZCgsCU= google.golang.org/genproto v0.0.0-20230525234025-438c736192d0/go.mod h1:9ExIQyXL5hZrHzQceCwuSYwZZ5QZBazOcprJ5rgs3lY= google.golang.org/genproto v0.0.0-20230526161137-0005af68ea54/go.mod h1:zqTuNwFlFRsw5zIts5VnzLQxSRqh+CGOTVMlYbY0Eyk= -google.golang.org/genproto v0.0.0-20230526203410-71b5a4ffd15e/go.mod h1:zqTuNwFlFRsw5zIts5VnzLQxSRqh+CGOTVMlYbY0Eyk= -google.golang.org/genproto v0.0.0-20230530153820-e85fd2cbaebc/go.mod h1:xZnkP7mREFX5MORlOPEzLMr+90PPZQ2QWzrVTWfAq64= -google.golang.org/genproto v0.0.0-20230629202037-9506855d4529/go.mod h1:xZnkP7mREFX5MORlOPEzLMr+90PPZQ2QWzrVTWfAq64= -google.golang.org/genproto v0.0.0-20230706204954-ccb25ca9f130/go.mod h1:O9kGHb51iE/nOGvQaDUuadVYqovW56s5emA88lQnj6Y= -google.golang.org/genproto v0.0.0-20230711160842-782d3b101e98/go.mod h1:S7mY02OqCJTD0E1OiQy1F72PWFB4bZJ87cAtLPYgDR0= -google.golang.org/genproto v0.0.0-20230726155614-23370e0ffb3e/go.mod h1:0ggbjUrZYpy1q+ANUS30SEoGZ53cdfwtbuG7Ptgy108= -google.golang.org/genproto v0.0.0-20230803162519-f966b187b2e5/go.mod h1:oH/ZOT02u4kWEp7oYBGYFFkCdKS/uYR9Z7+0/xuuFp8= -google.golang.org/genproto v0.0.0-20230821184602-ccc8af3d0e93/go.mod h1:yZTlhN0tQnXo3h00fuXNCxJdLdIdnVFVBaRJ5LWBbw4= -google.golang.org/genproto v0.0.0-20230913181813-007df8e322eb/go.mod h1:yZTlhN0tQnXo3h00fuXNCxJdLdIdnVFVBaRJ5LWBbw4= google.golang.org/genproto v0.0.0-20231002182017-d307bd883b97 h1:SeZZZx0cP0fqUyA+oRzP9k7cSwJlvDFiROO72uwD6i0= google.golang.org/genproto v0.0.0-20231002182017-d307bd883b97/go.mod h1:t1VqOqqvce95G3hIDCT5FeO3YUc6Q4Oe24L/+rNMxRk= google.golang.org/genproto/googleapis/api v0.0.0-20230525234020-1aefcd67740a/go.mod h1:ts19tUU+Z0ZShN1y3aPyq2+O3d5FUNNgT6FtOzmrNn8= google.golang.org/genproto/googleapis/api v0.0.0-20230525234035-dd9d682886f9/go.mod h1:vHYtlOoi6TsQ3Uk2yxR7NI5z8uoV+3pZtR4jmHIkRig= -google.golang.org/genproto/googleapis/api v0.0.0-20230526203410-71b5a4ffd15e/go.mod h1:vHYtlOoi6TsQ3Uk2yxR7NI5z8uoV+3pZtR4jmHIkRig= -google.golang.org/genproto/googleapis/api v0.0.0-20230530153820-e85fd2cbaebc/go.mod h1:vHYtlOoi6TsQ3Uk2yxR7NI5z8uoV+3pZtR4jmHIkRig= -google.golang.org/genproto/googleapis/api v0.0.0-20230629202037-9506855d4529/go.mod h1:vHYtlOoi6TsQ3Uk2yxR7NI5z8uoV+3pZtR4jmHIkRig= -google.golang.org/genproto/googleapis/api v0.0.0-20230706204954-ccb25ca9f130/go.mod h1:mPBs5jNgx2GuQGvFwUvVKqtn6HsUw9nP64BedgvqEsQ= -google.golang.org/genproto/googleapis/api v0.0.0-20230711160842-782d3b101e98/go.mod h1:rsr7RhLuwsDKL7RmgDDCUc6yaGr1iqceVb5Wv6f6YvQ= -google.golang.org/genproto/googleapis/api v0.0.0-20230726155614-23370e0ffb3e/go.mod h1:rsr7RhLuwsDKL7RmgDDCUc6yaGr1iqceVb5Wv6f6YvQ= -google.golang.org/genproto/googleapis/api v0.0.0-20230803162519-f966b187b2e5/go.mod h1:5DZzOUPCLYL3mNkQ0ms0F3EuUNZ7py1Bqeq6sxzI7/Q= -google.golang.org/genproto/googleapis/api v0.0.0-20230913181813-007df8e322eb/go.mod h1:KjSP20unUpOx5kyQUFa7k4OJg0qeJ7DEZflGDu2p6Bk= google.golang.org/genproto/googleapis/api v0.0.0-20230920204549-e6e6cdab5c13 h1:U7+wNaVuSTaUqNvK2+osJ9ejEZxbjHHk8F2b6Hpx0AE= google.golang.org/genproto/googleapis/api v0.0.0-20230920204549-e6e6cdab5c13/go.mod h1:RdyHbowztCGQySiCvQPgWQWgWhGnouTdCflKoDBt32U= -google.golang.org/genproto/googleapis/bytestream v0.0.0-20230530153820-e85fd2cbaebc/go.mod h1:ylj+BE99M198VPbBh6A8d9n3w8fChvyLK3wwBOjXBFA= -google.golang.org/genproto/googleapis/bytestream v0.0.0-20230807174057-1744710a1577/go.mod h1:NjCQG/D8JandXxM57PZbAJL1DCNL6EypA0vPPwfsc7c= -google.golang.org/genproto/googleapis/bytestream v0.0.0-20230920204549-e6e6cdab5c13/go.mod h1:qDbnxtViX5J6CvFbxeNUSzKgVlDLJ/6L+caxye9+Flo= google.golang.org/genproto/googleapis/rpc v0.0.0-20230525234015-3fc162c6f38a/go.mod h1:xURIpW9ES5+/GZhnV6beoEtxQrnkRGIfP5VQG2tCBLc= google.golang.org/genproto/googleapis/rpc v0.0.0-20230525234030-28d5490b6b19/go.mod h1:66JfowdXAEgad5O9NnYcsNPLCPZJD++2L9X0PCMODrA= -google.golang.org/genproto/googleapis/rpc v0.0.0-20230526203410-71b5a4ffd15e/go.mod h1:66JfowdXAEgad5O9NnYcsNPLCPZJD++2L9X0PCMODrA= -google.golang.org/genproto/googleapis/rpc v0.0.0-20230530153820-e85fd2cbaebc/go.mod h1:66JfowdXAEgad5O9NnYcsNPLCPZJD++2L9X0PCMODrA= -google.golang.org/genproto/googleapis/rpc v0.0.0-20230629202037-9506855d4529/go.mod h1:66JfowdXAEgad5O9NnYcsNPLCPZJD++2L9X0PCMODrA= -google.golang.org/genproto/googleapis/rpc v0.0.0-20230706204954-ccb25ca9f130/go.mod h1:8mL13HKkDa+IuJ8yruA3ci0q+0vsUz4m//+ottjwS5o= -google.golang.org/genproto/googleapis/rpc v0.0.0-20230711160842-782d3b101e98/go.mod h1:TUfxEVdsvPg18p6AslUXFoLdpED4oBnGwyqk3dV1XzM= -google.golang.org/genproto/googleapis/rpc v0.0.0-20230731190214-cbb8c96f2d6d/go.mod h1:TUfxEVdsvPg18p6AslUXFoLdpED4oBnGwyqk3dV1XzM= -google.golang.org/genproto/googleapis/rpc v0.0.0-20230803162519-f966b187b2e5/go.mod h1:zBEcrKX2ZOcEkHWxBPAIvYUWOKKMIhYcmNiUIu2ji3I= -google.golang.org/genproto/googleapis/rpc v0.0.0-20230807174057-1744710a1577/go.mod h1:+Bk1OCOj40wS2hwAMA+aCW9ypzm63QTBBHp6lQ3p+9M= -google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d/go.mod h1:+Bk1OCOj40wS2hwAMA+aCW9ypzm63QTBBHp6lQ3p+9M= -google.golang.org/genproto/googleapis/rpc v0.0.0-20230920183334-c177e329c48b/go.mod h1:+Bk1OCOj40wS2hwAMA+aCW9ypzm63QTBBHp6lQ3p+9M= google.golang.org/genproto/googleapis/rpc v0.0.0-20230920204549-e6e6cdab5c13 h1:N3bU/SQDCDyD6R528GJ/PwW9KjYcJA3dgyH+MovAkIM= google.golang.org/genproto/googleapis/rpc v0.0.0-20230920204549-e6e6cdab5c13/go.mod h1:KSqppvjFjtoCI+KGd4PELB0qLNxdJHRGqRI09mB6pQA= google.golang.org/grpc v0.0.0-20160317175043-d3ddb4469d5a/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= google.golang.org/grpc v1.8.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= google.golang.org/grpc v1.14.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= +google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= +google.golang.org/grpc v1.20.0/go.mod h1:chYK+tFQF0nDUGJgXMSgLCQk3phJEuONr2DCgLDdAQM= google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= google.golang.org/grpc v1.21.0/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= -google.golang.org/grpc v1.22.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= +google.golang.org/grpc v1.22.1/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= google.golang.org/grpc v1.23.1/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= google.golang.org/grpc v1.24.0/go.mod h1:XDChyiUovWa60DnaeDeZmSW86xtLtjtZbwvSiRnRtcA= @@ -3694,14 +3763,9 @@ google.golang.org/grpc v1.49.0/go.mod h1:ZgQEeidpAuNRZ8iRrlBKXZQP1ghovWIVhdJRyCD google.golang.org/grpc v1.50.0/go.mod h1:ZgQEeidpAuNRZ8iRrlBKXZQP1ghovWIVhdJRyCDK+GI= google.golang.org/grpc v1.50.1/go.mod h1:ZgQEeidpAuNRZ8iRrlBKXZQP1ghovWIVhdJRyCDK+GI= google.golang.org/grpc v1.51.0/go.mod h1:wgNDFcnuBGmxLKI/qn4T+m5BtEBYXJPvibbUPsAIPww= -google.golang.org/grpc v1.52.0/go.mod h1:pu6fVzoFb+NBYNAvQL08ic+lvB2IojljRYuun5vorUY= google.golang.org/grpc v1.52.3/go.mod h1:pu6fVzoFb+NBYNAvQL08ic+lvB2IojljRYuun5vorUY= google.golang.org/grpc v1.53.0/go.mod h1:OnIrk0ipVdj4N5d9IUoFUx72/VlD7+jUsHwZgwSMQpw= google.golang.org/grpc v1.54.0/go.mod h1:PUSEXI6iWghWaB6lXM4knEgpJNu2qUcKfDtNci3EC2g= -google.golang.org/grpc v1.55.0/go.mod h1:iYEXKGkEBhg1PjZQvoYEVPTDkHo1/bjTnfwTeGONTY8= -google.golang.org/grpc v1.56.0/go.mod h1:I9bI3vqKfayGqPUAwGdOSu7kt6oIJLixfffKrpXqQ9s= -google.golang.org/grpc v1.56.1/go.mod h1:I9bI3vqKfayGqPUAwGdOSu7kt6oIJLixfffKrpXqQ9s= -google.golang.org/grpc v1.56.2/go.mod h1:I9bI3vqKfayGqPUAwGdOSu7kt6oIJLixfffKrpXqQ9s= google.golang.org/grpc v1.57.0/go.mod h1:Sd+9RMTACXwmub0zcNY2c4arhtrbBYD1AUHI/dt16Mo= google.golang.org/grpc v1.58.2 h1:SXUpjxeVF3FKrTYQI4f4KvbGD5u2xccdYdurwowix5I= google.golang.org/grpc v1.58.2/go.mod h1:tgX3ZQDlNJGU96V6yHh1T/JeoBQ2TXdr43YbYSsCJk0= @@ -3726,8 +3790,6 @@ google.golang.org/protobuf v1.29.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqw google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= -gopkg.in/AlecAivazis/survey.v1 v1.8.9-0.20200217094205-6773bdf39b7f h1:AQkMzsSzHWrgZWqGRpuRaRPDmyNibcXlpGcnQJ7HxZw= -gopkg.in/AlecAivazis/survey.v1 v1.8.9-0.20200217094205-6773bdf39b7f/go.mod h1:CaHjv79TCgAvXMSFJSVgonHXYWxnhzI3eoHtnX5UgUo= gopkg.in/airbrake/gobrake.v2 v2.0.9/go.mod h1:/h5ZAUhDkGaJfjzjKLSjv6zCL6O0LLBxU4K+aSYdM/U= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= @@ -3741,9 +3803,12 @@ gopkg.in/cheggaaa/pb.v1 v1.0.25/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qS gopkg.in/cheggaaa/pb.v1 v1.0.27/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= +gopkg.in/gcfg.v1 v1.2.3/go.mod h1:yesOnuUOFQAhST5vPY4nbZsb/huCgGGXlipJsBn0b3o= gopkg.in/gemnasium/logrus-airbrake-hook.v2 v2.1.2/go.mod h1:Xk6kEKp8OKb+X14hQBKWaSkCsqBpgog8nAV2xsGOxlo= +gopkg.in/inconshreveable/log15.v2 v2.0.0-20180818164646-67afb5ed74ec/go.mod h1:aPpfJ7XW+gOuirDoZ8gHhLh3kZ1B08FtV2bbmy7Jv3s= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/ini.v1 v1.51.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= +gopkg.in/ini.v1 v1.66.4/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/jcmturner/goidentity.v3 v3.0.0 h1:1duIyWiTaYvVx3YX2CYtpJbUFd7/UuPYCfgXtQ3VTbI= gopkg.in/jcmturner/goidentity.v3 v3.0.0/go.mod h1:oG2kH0IvSYNIu80dVAyu/yoefjq1mNfM5bm88whjWx4= gopkg.in/natefinch/lumberjack.v2 v2.0.0/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24xpD6X8LsfU/+k= @@ -3753,6 +3818,7 @@ gopkg.in/square/go-jose.v2 v2.3.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76 gopkg.in/square/go-jose.v2 v2.5.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= gopkg.in/square/go-jose.v2 v2.6.0 h1:NGk74WTnPKBNUhNzQX7PYcTLUjoq7mzKk2OKbvwk2iI= gopkg.in/square/go-jose.v2 v2.6.0/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= +gopkg.in/telebot.v3 v3.0.0/go.mod h1:7rExV8/0mDDNu9epSrDm/8j22KLaActH1Tbee6YjzWg= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= gopkg.in/warnings.v0 v0.1.2 h1:wFXVbFY8DY5/xOe1ECiWdKCzZlxgshcYVNkBHstARME= gopkg.in/warnings.v0 v0.1.2/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI= @@ -3767,6 +3833,7 @@ gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.0-20200605160147-a5ece683394c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.0/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= @@ -3780,6 +3847,7 @@ gotest.tools/v3 v3.3.0/go.mod h1:Mcr9QNxkg0uMvy/YElmo4SpXgJKWgQvYrT7Kw5RzJ1A= gotest.tools/v3 v3.4.0/go.mod h1:CtbdzLSsqVhDgMtKsx03ird5YTGB3ar27v0u/yKBW5g= gotest.tools/v3 v3.5.0 h1:Ljk6PdHdOhAb5aDMWXjDLMMhph+BpztA4v1QdqEW2eY= gotest.tools/v3 v3.5.0/go.mod h1:isy3WKz7GK6uNw/sbHzfKBLvlvXwUyV06n6brMxxopU= +honnef.co/go/tools v0.0.0-20180728063816-88497007e858/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= @@ -3792,12 +3860,16 @@ k8s.io/api v0.20.1/go.mod h1:KqwcCVogGxQY3nBlRpwt+wpAMF/KjaCc7RpywacvqUo= k8s.io/api v0.20.4/go.mod h1:++lNL1AJMkDymriNniQsWRkMDzRaX2Y/POTUi8yvqYQ= k8s.io/api v0.20.6/go.mod h1:X9e8Qag6JV/bL5G6bU8sdVRltWKmdHsFUGS3eVndqE8= k8s.io/api v0.22.5/go.mod h1:mEhXyLaSD1qTOf40rRiKXkc+2iCem09rWLlFwhCEiAs= +k8s.io/api v0.23.5/go.mod h1:Na4XuKng8PXJ2JsploYYrivXrINeTaycCGcYgF91Xm8= +k8s.io/api v0.24.2/go.mod h1:AHqbSkTm6YrQ0ObxjO3Pmp/ubFF/KuM7jU+3khoBsOg= k8s.io/api v0.26.2/go.mod h1:1kjMQsFE+QHPfskEcVNgL3+Hp88B80uj0QtSOlj8itU= k8s.io/apimachinery v0.20.1/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU= k8s.io/apimachinery v0.20.4/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU= k8s.io/apimachinery v0.20.6/go.mod h1:ejZXtW1Ra6V1O5H8xPBGz+T3+4gfkTCeExAHKU57MAc= k8s.io/apimachinery v0.22.1/go.mod h1:O3oNtNadZdeOMxHFVxOreoznohCpy0z6mocxbZr7oJ0= k8s.io/apimachinery v0.22.5/go.mod h1:xziclGKwuuJ2RM5/rSFQSYAj0zdbci3DH8kj+WvyN0U= +k8s.io/apimachinery v0.23.5/go.mod h1:BEuFMMBaIbcOqVIJqNZJXGFTP4W6AycEpb5+m/97hrM= +k8s.io/apimachinery v0.24.2/go.mod h1:82Bi4sCzVBdpYjyI4jY6aHX+YCUchUIrZrXKedjd2UM= k8s.io/apimachinery v0.25.0/go.mod h1:qMx9eAk0sZQGsXGu86fab8tZdffHbwUfsvzqKn4mfB0= k8s.io/apimachinery v0.26.2/go.mod h1:ats7nN1LExKHvJ9TmwootT00Yz05MuYqPXEXaVeOy5I= k8s.io/apiserver v0.20.1/go.mod h1:ro5QHeQkgMS7ZGpvf4tSMx6bBOgPfE+f52KwvXfScaU= @@ -3809,6 +3881,8 @@ k8s.io/client-go v0.20.1/go.mod h1:/zcHdt1TeWSd5HoUe6elJmHSQ6uLLgp4bIJHVEuy+/Y= k8s.io/client-go v0.20.4/go.mod h1:LiMv25ND1gLUdBeYxBIwKpkSC5IsozMMmOOeSJboP+k= k8s.io/client-go v0.20.6/go.mod h1:nNQMnOvEUEsOzRRFIIkdmYOjAZrC8bgq0ExboWSU1I0= k8s.io/client-go v0.22.5/go.mod h1:cs6yf/61q2T1SdQL5Rdcjg9J1ElXSwbjSrW2vFImM4Y= +k8s.io/client-go v0.23.5/go.mod h1:flkeinTO1CirYgzMPRWxUCnV0G4Fbu2vLhYCObnt/r4= +k8s.io/client-go v0.24.2/go.mod h1:zg4Xaoo+umDsfCWr4fCnmLEtQXyCNXCvJuSsglNcV30= k8s.io/client-go v0.26.2/go.mod h1:u5EjOuSyBa09yqqyY7m3abZeovO/7D/WehVVlZ2qcqU= k8s.io/code-generator v0.19.7/go.mod h1:lwEq3YnLYb/7uVXLorOJfxg+cUu2oihFhHZ0n9NIla0= k8s.io/component-base v0.20.1/go.mod h1:guxkoJnNoh8LNrbtiQOlyp2Y2XFCZQmrcg2n/DeYNLk= @@ -3828,11 +3902,15 @@ k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8 k8s.io/gengo v0.0.0-20200428234225-8167cfdcfc14/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= k8s.io/gengo v0.0.0-20201113003025-83324d819ded/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= k8s.io/gengo v0.0.0-20210813121822-485abfe95c7c/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= +k8s.io/klog v1.0.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I= k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= k8s.io/klog/v2 v2.4.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= k8s.io/klog/v2 v2.9.0/go.mod h1:hy9LJ/NvuK+iVyP4Ehqva4HxZG/oXyIS3n3Jmire4Ec= k8s.io/klog/v2 v2.30.0/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= +k8s.io/klog/v2 v2.40.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= +k8s.io/klog/v2 v2.60.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= +k8s.io/klog/v2 v2.70.0/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= k8s.io/klog/v2 v2.70.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= k8s.io/klog/v2 v2.80.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= k8s.io/klog/v2 v2.90.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= @@ -3841,6 +3919,8 @@ k8s.io/kube-openapi v0.0.0-20200805222855-6aeccd4b50c6/go.mod h1:UuqjUnNftUyPE5H k8s.io/kube-openapi v0.0.0-20201113171705-d219536bb9fd/go.mod h1:WOJ3KddDSol4tAGcJo0Tvi+dK12EcqSLqcWsryKMpfM= k8s.io/kube-openapi v0.0.0-20210421082810-95288971da7e/go.mod h1:vHXdDvt9+2spS2Rx9ql3I8tycm3H9FDfdUoIuKCefvw= k8s.io/kube-openapi v0.0.0-20211109043538-20434351676c/go.mod h1:vHXdDvt9+2spS2Rx9ql3I8tycm3H9FDfdUoIuKCefvw= +k8s.io/kube-openapi v0.0.0-20211115234752-e816edb12b65/go.mod h1:sX9MT8g7NVZM5lVL/j8QyCCJe8YSMW30QvGZWaCIDIk= +k8s.io/kube-openapi v0.0.0-20220328201542-3ee0da9b0b42/go.mod h1:Z/45zLw8lUo4wdiUkI+v/ImEGAvu3WatcZl3lPMR4Rk= k8s.io/kube-openapi v0.0.0-20220803162953-67bda5d908f1/go.mod h1:C/N6wCaBHeBHkHUesQOQy2/MZqGgMAFPqGsGQLdbZBU= k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280/go.mod h1:+Axhij7bCpeqhklhUTe3xmOn6bWxolyZEeyaFpjGtl4= k8s.io/kubernetes v1.13.0/go.mod h1:ocZa8+6APFNC2tX1DZASIbocyYT5jHzqFVsY5aoB7Jk= @@ -3848,6 +3928,8 @@ k8s.io/utils v0.0.0-20201110183641-67b214c5f920/go.mod h1:jPW/WVKK9YHAvNhRxK0md/ k8s.io/utils v0.0.0-20210802155522-efc7438f0176/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20210819203725-bdf08cb9a70a/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20210930125809-cb0fa318a74b/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= +k8s.io/utils v0.0.0-20211116205334-6203023598ed/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= +k8s.io/utils v0.0.0-20220210201930-3a6ce19ff2f9/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20220728103510-ee6ede2d64ed/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20221107191617-1a15be271d1d/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= k8s.io/utils v0.0.0-20230220204549-a5ecb0141aa5/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= @@ -3860,17 +3942,12 @@ lukechampine.com/uint128 v1.2.0/go.mod h1:c4eWIwlEGaxC/+H1VguhU4PHXNWDCDMUlWdIWl modernc.org/cc/v3 v3.36.0/go.mod h1:NFUHyPn4ekoC/JHeZFfZurN6ixxawE1BnVonP/oahEI= modernc.org/cc/v3 v3.36.2/go.mod h1:NFUHyPn4ekoC/JHeZFfZurN6ixxawE1BnVonP/oahEI= modernc.org/cc/v3 v3.36.3/go.mod h1:NFUHyPn4ekoC/JHeZFfZurN6ixxawE1BnVonP/oahEI= -modernc.org/cc/v3 v3.37.0/go.mod h1:vtL+3mdHx/wcj3iEGz84rQa8vEqR6XM84v5Lcvfph20= -modernc.org/cc/v3 v3.40.0/go.mod h1:/bTg4dnWkSXowUO6ssQKnOV0yMVxDYNIsIrzqTFDGH0= modernc.org/ccgo/v3 v3.0.0-20220428102840-41399a37e894/go.mod h1:eI31LL8EwEBKPpNpA4bU1/i+sKOwOrQy8D87zWUcRZc= modernc.org/ccgo/v3 v3.0.0-20220430103911-bc99d88307be/go.mod h1:bwdAnOoaIt8Ax9YdWGjxWsdkPcZyRPHqrOvJxaKAKGw= -modernc.org/ccgo/v3 v3.0.0-20220904174949-82d86e1b6d56/go.mod h1:YSXjPL62P2AMSxBphRHPn7IkzhVHqkvOnRKAKh+W6ZI= modernc.org/ccgo/v3 v3.16.4/go.mod h1:tGtX0gE9Jn7hdZFeU88slbTh1UtCYKusWOoCJuvkWsQ= modernc.org/ccgo/v3 v3.16.6/go.mod h1:tGtX0gE9Jn7hdZFeU88slbTh1UtCYKusWOoCJuvkWsQ= modernc.org/ccgo/v3 v3.16.8/go.mod h1:zNjwkizS+fIFDrDjIAgBSCLkWbJuHF+ar3QRn+Z9aws= modernc.org/ccgo/v3 v3.16.9/go.mod h1:zNMzC9A9xeNUepy6KuZBbugn3c0Mc9TeiJO4lgvkJDo= -modernc.org/ccgo/v3 v3.16.13-0.20221017192402-261537637ce8/go.mod h1:fUB3Vn0nVPReA+7IG7yZDfjv1TMWjhQP8gCxrFAtL5g= -modernc.org/ccgo/v3 v3.16.13/go.mod h1:2Quk+5YgpImhPjv2Qsob1DnZ/4som1lJTodubIcoUkY= modernc.org/ccorpus v1.11.6/go.mod h1:2gEUTrWqdpH2pXsmTM1ZkjeSrUWDpjMu2T6m29L/ErQ= modernc.org/httpfs v1.0.6/go.mod h1:7dosgurJGp0sPaRanU53W4xZYKh14wfzX420oZADeHM= modernc.org/libc v0.0.0-20220428101251-2d5f3daf273b/go.mod h1:p7Mg4+koNjc8jkqwcoFBJx7tXkpj00G77X7A72jXPXA= @@ -3880,39 +3957,26 @@ modernc.org/libc v1.16.17/go.mod h1:hYIV5VZczAmGZAnG15Vdngn5HSF5cSkbvfz2B7GRuVU= modernc.org/libc v1.16.19/go.mod h1:p7Mg4+koNjc8jkqwcoFBJx7tXkpj00G77X7A72jXPXA= modernc.org/libc v1.17.0/go.mod h1:XsgLldpP4aWlPlsjqKRdHPqCxCjISdHfM/yeWC5GyW0= modernc.org/libc v1.17.1/go.mod h1:FZ23b+8LjxZs7XtFMbSzL/EhPxNbfZbErxEHc7cbD9s= -modernc.org/libc v1.17.4/go.mod h1:WNg2ZH56rDEwdropAJeZPQkXmDwh+JCA1s/htl6r2fA= -modernc.org/libc v1.18.0/go.mod h1:vj6zehR5bfc98ipowQOM2nIDUZnVew/wNC/2tOGS+q0= -modernc.org/libc v1.20.3/go.mod h1:ZRfIaEkgrYgZDl6pa4W39HgN5G/yDW+NRmNKZBDFrk0= -modernc.org/libc v1.21.4/go.mod h1:przBsL5RDOZajTVslkugzLBj1evTue36jEomFQOoYuI= -modernc.org/libc v1.22.2/go.mod h1:uvQavJ1pZ0hIoC/jfqNoMLURIMhKzINIWypNM17puug= modernc.org/mathutil v1.2.2/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E= modernc.org/mathutil v1.4.1/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E= modernc.org/mathutil v1.5.0/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E= modernc.org/memory v1.1.1/go.mod h1:/0wo5ibyrQiaoUoH7f9D8dnglAmILJ5/cxZlRECf+Nw= modernc.org/memory v1.2.0/go.mod h1:/0wo5ibyrQiaoUoH7f9D8dnglAmILJ5/cxZlRECf+Nw= modernc.org/memory v1.2.1/go.mod h1:PkUhL0Mugw21sHPeskwZW4D6VscE/GQJOnIpCnW6pSU= -modernc.org/memory v1.3.0/go.mod h1:PkUhL0Mugw21sHPeskwZW4D6VscE/GQJOnIpCnW6pSU= -modernc.org/memory v1.4.0/go.mod h1:PkUhL0Mugw21sHPeskwZW4D6VscE/GQJOnIpCnW6pSU= -modernc.org/memory v1.5.0/go.mod h1:PkUhL0Mugw21sHPeskwZW4D6VscE/GQJOnIpCnW6pSU= modernc.org/opt v0.1.1/go.mod h1:WdSiB5evDcignE70guQKxYUl14mgWtbClRi5wmkkTX0= modernc.org/opt v0.1.3/go.mod h1:WdSiB5evDcignE70guQKxYUl14mgWtbClRi5wmkkTX0= modernc.org/sqlite v1.18.1/go.mod h1:6ho+Gow7oX5V+OiOQ6Tr4xeqbx13UZ6t+Fw9IRUG4d4= -modernc.org/sqlite v1.18.2/go.mod h1:kvrTLEWgxUcHa2GfHBQtanR1H9ht3hTJNtKpzH9k1u0= modernc.org/strutil v1.1.1/go.mod h1:DE+MQQ/hjKBZS2zNInV5hhcipt5rLPWkmpbGeW5mmdw= modernc.org/strutil v1.1.3/go.mod h1:MEHNA7PdEnEwLvspRMtWTNnp2nnyvMfkimT1NKNAGbw= modernc.org/tcl v1.13.1/go.mod h1:XOLfOwzhkljL4itZkK6T72ckMgvj0BDsnKNdZVUOecw= -modernc.org/tcl v1.13.2/go.mod h1:7CLiGIPo1M8Rv1Mitpv5akc2+8fxUd2y2UzC/MfMzy0= modernc.org/token v1.0.0/go.mod h1:UGzOrNV1mAFSEB63lOFHIpNRUVMvYTc6yu1SMY/XTDM= -modernc.org/token v1.0.1/go.mod h1:UGzOrNV1mAFSEB63lOFHIpNRUVMvYTc6yu1SMY/XTDM= -modernc.org/token v1.1.0/go.mod h1:UGzOrNV1mAFSEB63lOFHIpNRUVMvYTc6yu1SMY/XTDM= modernc.org/z v1.5.1/go.mod h1:eWFB510QWW5Th9YGZT81s+LwvaAs3Q2yr4sP0rmLkv8= mvdan.cc/gofumpt v0.1.1 h1:bi/1aS/5W00E2ny5q65w9SnKpWEF/UIOqDYBILpo9rA= mvdan.cc/gofumpt v0.1.1/go.mod h1:yXG1r1WqZVKWbVRtBWKWX9+CxGYfA51nSomhM0woR48= nhooyr.io/websocket v1.8.6/go.mod h1:B70DZP8IakI65RVQ51MsWP/8jndNma26DVA/nFSCgW0= -nhooyr.io/websocket v1.8.7/go.mod h1:B70DZP8IakI65RVQ51MsWP/8jndNma26DVA/nFSCgW0= oras.land/oras-go v1.2.0/go.mod h1:pFNs7oHp2dYsYMSS82HaX5l4mpnGO7hbpPN6EWH2ltc= -pgregory.net/rapid v0.4.7 h1:MTNRktPuv5FNqOO151TM9mDTa+XHcX6ypYeISDVD14g= -pgregory.net/rapid v0.4.7/go.mod h1:UYpPVyjFHzYBGHIxLFoupi8vwk6rXNzRY9OMvVxFIOU= +pgregory.net/rapid v0.6.1 h1:4eyrDxyht86tT4Ztm+kvlyNBLIk071gR+ZQdhphc9dQ= +pgregory.net/rapid v0.6.1/go.mod h1:PY5XlDGj0+V1FCq0o192FdRhpKHGTRIWBgqjDBTrq04= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/pdf v0.1.1/go.mod h1:n8OzWcQ6Sp37PL01nO98y4iUCRdTGarVfzxY20ICaU4= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= @@ -3921,14 +3985,18 @@ sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.14/go.mod h1:LEScyz sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.15/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.22/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.35/go.mod h1:WxjusMwXlKzfAs4p9km6XJRndVt2FROgMVCE4cdohFo= +sigs.k8s.io/json v0.0.0-20211020170558-c049b76a60c6/go.mod h1:p4QtZmO4uMYipTQNzagwnNoseA6OxSUutVw05NhYDRs= +sigs.k8s.io/json v0.0.0-20211208200746-9f7c6b3444d2/go.mod h1:B+TnT182UBxE84DiCz4CVE26eOSDAeYCpfDnC2kdKMY= sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= sigs.k8s.io/structured-merge-diff/v4 v4.0.1/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= sigs.k8s.io/structured-merge-diff/v4 v4.0.3/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= sigs.k8s.io/structured-merge-diff/v4 v4.1.2/go.mod h1:j/nl6xW8vLS49O8YvXW1ocPhZawJtm+Yrr7PPRQ0Vg4= +sigs.k8s.io/structured-merge-diff/v4 v4.2.1/go.mod h1:j/nl6xW8vLS49O8YvXW1ocPhZawJtm+Yrr7PPRQ0Vg4= sigs.k8s.io/structured-merge-diff/v4 v4.2.3/go.mod h1:qjx8mGObPmV2aSZepjQjbmb2ihdVs8cGKBraizNC69E= sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o= sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8= +sourcegraph.com/sourcegraph/appdash v0.0.0-20190731080439-ebfcffb1b5c0/go.mod h1:hI742Nqp5OhwiqlzhgfbWU4mW4yO10fP+LoT9WOswdU= sourcegraph.com/sourcegraph/appdash v0.0.0-20211028080628-e2786a622600 h1:hfyJ5ku9yFtLVOiSxa3IN+dx5eBQT9mPmKFypAmg8XM= sourcegraph.com/sourcegraph/appdash v0.0.0-20211028080628-e2786a622600/go.mod h1:hI742Nqp5OhwiqlzhgfbWU4mW4yO10fP+LoT9WOswdU= diff --git a/provider/resources.go b/provider/resources.go index b260c59ed..276ca5038 100644 --- a/provider/resources.go +++ b/provider/resources.go @@ -19,15 +19,15 @@ import ( "path/filepath" "strings" "unicode" + // embed is used to store bridge-metadata.json in the compiled binary + _ "embed" - "github.com/hashicorp/terraform-provider-vault/generated" "github.com/hashicorp/terraform-provider-vault/schema" "github.com/hashicorp/terraform-provider-vault/vault" "github.com/pulumi/pulumi-terraform-bridge/v3/pkg/tfbridge" - shim "github.com/pulumi/pulumi-terraform-bridge/v3/pkg/tfshim" + tks "github.com/pulumi/pulumi-terraform-bridge/v3/pkg/tfbridge/tokens" shimv2 "github.com/pulumi/pulumi-terraform-bridge/v3/pkg/tfshim/sdk-v2" "github.com/pulumi/pulumi-vault/provider/v5/pkg/version" - "github.com/pulumi/pulumi/sdk/v3/go/common/resource" "github.com/pulumi/pulumi/sdk/v3/go/common/tokens" ) @@ -38,9 +38,9 @@ const ( // modules: mainMod = "index" - appRoleMod = "AppRole" adMod = "AD" aliCloudMod = "AliCloud" + appRoleMod = "AppRole" awsMod = "Aws" azureMod = "Azure" consulMod = "Consul" @@ -59,6 +59,7 @@ const ( oktaMod = "Okta" pkiSecretMod = "PkiSecret" rabbitMqMod = "RabbitMQ" + samlMod = "Saml" sshMod = "Ssh" terraformCloudMod = "TerraformCloud" tokenMod = "TokenAuth" @@ -66,6 +67,36 @@ const ( transitMod = "Transit" ) +var moduleMap = map[string]string{ + "ad": adMod, + "alicloud": aliCloudMod, + "approle": appRoleMod, + "aws": awsMod, + "azure": azureMod, + "consul": consulMod, + "database": databaseMod, + "gcp": gcpMod, + "generic": genericMod, + "github": githubMod, + "identity": identityMod, + "jwt": jwtMod, + "kmip": kmipMod, + "kubernetes": kubernetesMod, + "kv": kvMod, + "ldap": ldapMod, + "managed": managedMod, + "mongodbatlas": mongoDBAtlasMod, + "okta": oktaMod, + "pki_secret": pkiSecretMod, + "rabbitmq": rabbitMqMod, + "saml": samlMod, + "ssh": sshMod, + "terraform_cloud": terraformCloudMod, + "token": tokenMod, + "transform": transformMod, + "transit": transitMod, +} + var namespaceMap = map[string]string{ mainPkg: "Vault", } @@ -100,39 +131,26 @@ func makeResource(mod string, res string) tokens.Type { return makeType(mod, res) } -func preConfigureCallback(vars resource.PropertyMap, c shim.ResourceConfig) error { - return nil -} +func ref[T any](v T) *T { return &v } -func stringRef(s string) *string { - return &s -} +//go:embed cmd/pulumi-resource-vault/bridge-metadata.json +var metadata []byte // Provider returns additional overlaid schema and metadata associated with the provider. func Provider() tfbridge.ProviderInfo { - provider := vault.Provider() - generatedProvider := schema.NewProvider(provider) - for name, resource := range generated.DataSourceRegistry { - generatedProvider.RegisterDataSource(name, resource) - } - for name, resource := range generated.ResourceRegistry { - generatedProvider.RegisterResource(name, resource) - } - p := shimv2.NewProvider(generatedProvider.SchemaProvider()) - - // Temporarily override the secretness of `headers` field. - // https://github.com/pulumi/pulumi/issues/11278 - overrideSecretFlagForHeaders := false prov := tfbridge.ProviderInfo{ - P: p, - Name: "vault", - DisplayName: "HashiCorp Vault", - Description: "A Pulumi package for creating and managing HashiCorp Vault cloud resources.", - Keywords: []string{"pulumi", "vault"}, - License: "Apache-2.0", - Homepage: "https://pulumi.io", - GitHubOrg: "hashicorp", - Repository: "https://github.com/pulumi/pulumi-vault", + P: shimv2.NewProvider(schema.NewProvider(vault.Provider()).SchemaProvider()), + Name: "vault", + DisplayName: "HashiCorp Vault", + Description: "A Pulumi package for creating and managing HashiCorp Vault cloud resources.", + Keywords: []string{"pulumi", "vault"}, + License: "Apache-2.0", + Homepage: "https://pulumi.io", + GitHubOrg: "hashicorp", + Repository: "https://github.com/pulumi/pulumi-vault", + Version: version.Version, + MetadataInfo: tfbridge.NewProviderMetadata(metadata), + Config: map[string]*tfbridge.SchemaInfo{ "skip_tls_verify": { Default: &tfbridge.DefaultInfo{ @@ -157,11 +175,7 @@ func Provider() tfbridge.ProviderInfo { Value: 2, }, }, - "headers": { - Secret: &overrideSecretFlagForHeaders, - }, }, - PreConfigureCallback: preConfigureCallback, Resources: map[string]*tfbridge.ResourceInfo{ // Main "vault_audit": {Tok: makeResource(mainMod, "Audit")}, @@ -213,37 +227,14 @@ func Provider() tfbridge.ProviderInfo { "vault_approle_auth_backend_role_secret_id": { Tok: makeResource(appRoleMod, "AuthBackendRoleSecretId"), Aliases: []tfbridge.AliasInfo{ - {Type: stringRef(makeResource(appRoleMod, "AuthBackendRoleSecretID").String())}, + {Type: ref(makeResource(appRoleMod, "AuthBackendRoleSecretID").String())}, }, }, - // AliCloud - "vault_alicloud_auth_backend_role": {Tok: makeResource(aliCloudMod, "AuthBackendRole")}, - - // AWS - "vault_aws_auth_backend_cert": {Tok: makeResource(awsMod, "AuthBackendCert")}, - "vault_aws_auth_backend_client": {Tok: makeResource(awsMod, "AuthBackendClient")}, - "vault_aws_auth_backend_config_identity": {Tok: makeResource(awsMod, "AuthBackendConfigIdentity")}, - "vault_aws_auth_backend_identity_whitelist": {Tok: makeResource(awsMod, "AuthBackendIdentityWhitelist")}, - "vault_aws_auth_backend_login": {Tok: makeResource(awsMod, "AuthBackendLogin")}, - "vault_aws_auth_backend_role": {Tok: makeResource(awsMod, "AuthBackendRole")}, - "vault_aws_auth_backend_role_tag": {Tok: makeResource(awsMod, "AuthBackendRoleTag")}, - "vault_aws_auth_backend_roletag_blacklist": {Tok: makeResource(awsMod, "AuthBackendRoletagBlacklist")}, - "vault_aws_auth_backend_sts_role": {Tok: makeResource(awsMod, "AuthBackendStsRole")}, - "vault_aws_secret_backend": {Tok: makeResource(awsMod, "SecretBackend")}, - "vault_aws_secret_backend_role": {Tok: makeResource(awsMod, "SecretBackendRole")}, - "vault_aws_secret_backend_static_role": {Tok: makeResource(awsMod, "SecretBackendStaticRole")}, - // Azure - "vault_azure_auth_backend_config": {Tok: makeResource(azureMod, "AuthBackendConfig")}, - "vault_azure_auth_backend_role": {Tok: makeResource(azureMod, "AuthBackendRole")}, "vault_azure_secret_backend": {Tok: makeResource(azureMod, "Backend")}, "vault_azure_secret_backend_role": {Tok: makeResource(azureMod, "BackendRole")}, - // Consul - "vault_consul_secret_backend": {Tok: makeResource(consulMod, "SecretBackend")}, - "vault_consul_secret_backend_role": {Tok: makeResource(consulMod, "SecretBackendRole")}, - // Database "vault_database_secret_backend_connection": { Tok: makeResource(databaseMod, "SecretBackendConnection"), @@ -296,6 +287,10 @@ func Provider() tfbridge.ProviderInfo { }, }, + // SAML + "vault_saml_auth_backend": {Tok: makeResource(samlMod, "AuthBackend")}, + "vault_saml_auth_backend_role": {Tok: makeResource(samlMod, "AuthBackendRole")}, + // Identity "vault_identity_entity": {Tok: makeResource(identityMod, "Entity")}, "vault_identity_entity_alias": {Tok: makeResource(identityMod, "EntityAlias")}, @@ -421,22 +416,6 @@ func Provider() tfbridge.ProviderInfo { "vault_pki_secret_backend_sign": {Tok: makeResource(pkiSecretMod, "SecretBackendSign")}, "vault_pki_secret_backend_crl_config": {Tok: makeResource(pkiSecretMod, "SecretBackendCrlConfig")}, - // Token - "vault_token_auth_backend_role": {Tok: makeResource(tokenMod, "AuthBackendRole")}, - - // SSH - "vault_ssh_secret_backend_ca": {Tok: makeResource(sshMod, "SecretBackendCa")}, - "vault_ssh_secret_backend_role": {Tok: makeResource(sshMod, "SecretBackendRole")}, - - // RabbitMQ - "vault_rabbitmq_secret_backend": {Tok: makeResource(rabbitMqMod, "SecretBackend")}, - "vault_rabbitmq_secret_backend_role": {Tok: makeResource(rabbitMqMod, "SecretBackendRole")}, - - // Terraform Cloud - "vault_terraform_cloud_secret_backend": {Tok: makeResource(terraformCloudMod, "SecretBackend")}, - "vault_terraform_cloud_secret_creds": {Tok: makeResource(terraformCloudMod, "SecretCreds")}, - "vault_terraform_cloud_secret_role": {Tok: makeResource(terraformCloudMod, "SecretRole")}, - // Transform "vault_transform_alphabet": { Tok: makeResource(transformMod, "Alphabet"), @@ -446,14 +425,9 @@ func Provider() tfbridge.ProviderInfo { }, }, }, - "vault_transform_role": {Tok: makeResource(transformMod, "Role")}, - "vault_transform_template": {Tok: makeResource(transformMod, "Template")}, - "vault_transform_transformation": {Tok: makeResource(transformMod, "Transformation")}, // Transit - "vault_transit_secret_backend_key": {Tok: makeResource(transitMod, "SecretBackendKey")}, "vault_transit_secret_cache_config": { - Tok: makeResource(transitMod, "SecretCacheConfig"), Docs: &tfbridge.DocInfo{ Source: "transit_secret_backend_cache_config.html.md", }, @@ -473,77 +447,34 @@ func Provider() tfbridge.ProviderInfo { Source: "auth_backend.html.md", }, }, - "vault_nomad_access_token": {Tok: makeDataSource(mainMod, "getNomadAccessToken")}, - - // AD - "vault_ad_access_credentials": {Tok: makeDataSource(adMod, "getAccessCredentials")}, + "vault_nomad_access_token": {Tok: makeDataSource(mainMod, "getNomadAccessToken")}, + "vault_auth_backends": {Tok: makeDataSource(mainMod, "getAuthBackends")}, + "vault_raft_autopilot_state": {Tok: makeDataSource(mainMod, "getRaftAutopilotState")}, // AppRole "vault_approle_auth_backend_role_id": { - Tok: makeDataSource(appRoleMod, "getAuthBackendRoleId"), - Docs: &tfbridge.DocInfo{ - Source: "approle_auth_backend_role_id.md", - }, + Docs: &tfbridge.DocInfo{Source: "approle_auth_backend_role_id.md"}, }, - // AWS - "vault_aws_access_credentials": {Tok: makeDataSource(awsMod, "getAccessCredentials")}, - - // Azure - "vault_azure_access_credentials": {Tok: makeDataSource(azureMod, "getAccessCredentials")}, - - // Generic - "vault_generic_secret": {Tok: makeDataSource(genericMod, "getSecret")}, - - // GCP - "vault_gcp_auth_backend_role": {Tok: makeDataSource(gcpMod, "getAuthBackendRole")}, - - // Identity - "vault_identity_group": {Tok: makeDataSource(identityMod, "getGroup")}, - "vault_identity_entity": {Tok: makeDataSource(identityMod, "getEntity")}, - "vault_identity_oidc_client_creds": {Tok: makeDataSource(identityMod, "getOidcClientCreds")}, - "vault_identity_oidc_openid_config": {Tok: makeDataSource(identityMod, "getOidcOpenidConfig")}, - "vault_identity_oidc_public_keys": {Tok: makeDataSource(identityMod, "getOidcPublicKeys")}, - // Kubernetes "vault_kubernetes_auth_backend_config": { - Tok: makeDataSource(kubernetesMod, "getAuthBackendConfig"), Docs: &tfbridge.DocInfo{ Source: "kubernetes_auth_backend_config.md", }, }, "vault_kubernetes_auth_backend_role": { - Tok: makeDataSource(kubernetesMod, "getAuthBackendRole"), Docs: &tfbridge.DocInfo{ Source: "kubernetes_auth_backend_role.md", }, }, "vault_kubernetes_service_account_token": { - Tok: makeDataSource(kubernetesMod, "getServiceAccountToken"), - Docs: &tfbridge.DocInfo{ - Source: "kubernetes_credentials.html.md", - }, + Docs: &tfbridge.DocInfo{Source: "kubernetes_credentials.html.md"}, }, // KV - "vault_kv_secret": {Tok: makeDataSource(kvMod, "getSecret")}, "vault_kv_secret_subkeys_v2": { - Tok: makeDataSource(kvMod, "getSecretSubkeysV2"), - Docs: &tfbridge.DocInfo{ - Source: "kv_subkeys_v2.html.md", - }, + Docs: &tfbridge.DocInfo{Source: "kv_subkeys_v2.html.md"}, }, - "vault_kv_secret_v2": {Tok: makeDataSource(kvMod, "getSecretV2")}, - "vault_kv_secrets_list": {Tok: makeDataSource(kvMod, "getSecretsList")}, - "vault_kv_secrets_list_v2": {Tok: makeDataSource(kvMod, "getSecretsListV2")}, - - // Transform - "vault_transform_encode": {Tok: makeDataSource(transformMod, "getEncode")}, - "vault_transform_decode": {Tok: makeDataSource(transformMod, "getDecode")}, - - // Transit - "vault_transit_decrypt": {Tok: makeDataSource(transitMod, "getDecrypt")}, - "vault_transit_encrypt": {Tok: makeDataSource(transitMod, "getEncrypt")}, }, JavaScript: &tfbridge.JavaScriptInfo{ Dependencies: map[string]string{ @@ -576,7 +507,13 @@ func Provider() tfbridge.ProviderInfo { }, } + prov.MustComputeTokens(tks.MappedModules("vault_", "", moduleMap, + func(module, name string) (string, error) { + return string(makeResource(module, name)), nil + })) prov.SetAutonaming(255, "-") + prov.MustApplyAutoAliases() + return prov } diff --git a/sdk/dotnet/AD/SecretBackend.cs b/sdk/dotnet/AD/SecretBackend.cs index bafed9466..43f77517d 100644 --- a/sdk/dotnet/AD/SecretBackend.cs +++ b/sdk/dotnet/AD/SecretBackend.cs @@ -14,6 +14,7 @@ namespace Pulumi.Vault.AD /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/AD/SecretLibrary.cs b/sdk/dotnet/AD/SecretLibrary.cs index 41402b8d5..3f5d12554 100644 --- a/sdk/dotnet/AD/SecretLibrary.cs +++ b/sdk/dotnet/AD/SecretLibrary.cs @@ -14,6 +14,7 @@ namespace Pulumi.Vault.AD /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/AD/SecretRole.cs b/sdk/dotnet/AD/SecretRole.cs index fdbb68550..fd74c998c 100644 --- a/sdk/dotnet/AD/SecretRole.cs +++ b/sdk/dotnet/AD/SecretRole.cs @@ -14,6 +14,7 @@ namespace Pulumi.Vault.AD /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/AliCloud/AuthBackendRole.cs b/sdk/dotnet/AliCloud/AuthBackendRole.cs index df7240ab4..1e5ffc846 100644 --- a/sdk/dotnet/AliCloud/AuthBackendRole.cs +++ b/sdk/dotnet/AliCloud/AuthBackendRole.cs @@ -16,6 +16,7 @@ namespace Pulumi.Vault.AliCloud /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -57,6 +58,8 @@ public partial class AuthBackendRole : global::Pulumi.CustomResource /// /// Path to the mounted AliCloud auth backend. /// Defaults to `alicloud` + /// + /// For more details on the usage of each argument consult the [Vault AliCloud API documentation](https://www.vaultproject.io/api-docs/auth/alicloud). /// [Output("backend")] public Output Backend { get; private set; } = null!; @@ -203,6 +206,8 @@ public sealed class AuthBackendRoleArgs : global::Pulumi.ResourceArgs /// /// Path to the mounted AliCloud auth backend. /// Defaults to `alicloud` + /// + /// For more details on the usage of each argument consult the [Vault AliCloud API documentation](https://www.vaultproject.io/api-docs/auth/alicloud). /// [Input("backend")] public Input? Backend { get; set; } @@ -323,6 +328,8 @@ public sealed class AuthBackendRoleState : global::Pulumi.ResourceArgs /// /// Path to the mounted AliCloud auth backend. /// Defaults to `alicloud` + /// + /// For more details on the usage of each argument consult the [Vault AliCloud API documentation](https://www.vaultproject.io/api-docs/auth/alicloud). /// [Input("backend")] public Input? Backend { get; set; } diff --git a/sdk/dotnet/AppRole/AuthBackendLogin.cs b/sdk/dotnet/AppRole/AuthBackendLogin.cs index 9e740a970..d4bae8529 100644 --- a/sdk/dotnet/AppRole/AuthBackendLogin.cs +++ b/sdk/dotnet/AppRole/AuthBackendLogin.cs @@ -18,6 +18,7 @@ namespace Pulumi.Vault.AppRole /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/AppRole/AuthBackendRole.cs b/sdk/dotnet/AppRole/AuthBackendRole.cs index dddc6f0fc..9c5efa229 100644 --- a/sdk/dotnet/AppRole/AuthBackendRole.cs +++ b/sdk/dotnet/AppRole/AuthBackendRole.cs @@ -18,6 +18,7 @@ namespace Pulumi.Vault.AppRole /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/AppRole/AuthBackendRoleSecretId.cs b/sdk/dotnet/AppRole/AuthBackendRoleSecretId.cs index d7ce1bc0c..398fd1c57 100644 --- a/sdk/dotnet/AppRole/AuthBackendRoleSecretId.cs +++ b/sdk/dotnet/AppRole/AuthBackendRoleSecretId.cs @@ -18,6 +18,7 @@ namespace Pulumi.Vault.AppRole /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using System.Text.Json; /// using Pulumi; /// using Vault = Pulumi.Vault; diff --git a/sdk/dotnet/AppRole/GetAuthBackendRoleId.cs b/sdk/dotnet/AppRole/GetAuthBackendRoleId.cs index dc525e233..fd1926e2f 100644 --- a/sdk/dotnet/AppRole/GetAuthBackendRoleId.cs +++ b/sdk/dotnet/AppRole/GetAuthBackendRoleId.cs @@ -20,6 +20,7 @@ public static class GetAuthBackendRoleId /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -52,6 +53,7 @@ public static Task InvokeAsync(GetAuthBackendRoleIdA /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Audit.cs b/sdk/dotnet/Audit.cs index a3f5fa96e..308c1ffdc 100644 --- a/sdk/dotnet/Audit.cs +++ b/sdk/dotnet/Audit.cs @@ -15,6 +15,7 @@ namespace Pulumi.Vault /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -35,6 +36,7 @@ namespace Pulumi.Vault /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -90,6 +92,8 @@ public partial class Audit : global::Pulumi.CustomResource /// /// Configuration options to pass to the audit device itself. + /// + /// For a reference of the device types and their options, consult the [Vault documentation.](https://www.vaultproject.io/docs/audit/index.html) /// [Output("options")] public Output> Options { get; private set; } = null!; @@ -178,6 +182,8 @@ public sealed class AuditArgs : global::Pulumi.ResourceArgs /// /// Configuration options to pass to the audit device itself. + /// + /// For a reference of the device types and their options, consult the [Vault documentation.](https://www.vaultproject.io/docs/audit/index.html) /// public InputMap Options { @@ -231,6 +237,8 @@ public sealed class AuditState : global::Pulumi.ResourceArgs /// /// Configuration options to pass to the audit device itself. + /// + /// For a reference of the device types and their options, consult the [Vault documentation.](https://www.vaultproject.io/docs/audit/index.html) /// public InputMap Options { diff --git a/sdk/dotnet/AuditRequestHeader.cs b/sdk/dotnet/AuditRequestHeader.cs index 88917b348..03784bdac 100644 --- a/sdk/dotnet/AuditRequestHeader.cs +++ b/sdk/dotnet/AuditRequestHeader.cs @@ -21,6 +21,7 @@ namespace Pulumi.Vault /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/AuthBackend.cs b/sdk/dotnet/AuthBackend.cs index 202c8814a..441f7fd01 100644 --- a/sdk/dotnet/AuthBackend.cs +++ b/sdk/dotnet/AuthBackend.cs @@ -63,6 +63,8 @@ public partial class AuthBackend : global::Pulumi.CustomResource /// /// Extra configuration block. Structure is documented below. + /// + /// The `tune` block is used to tune the auth backend: /// [Output("tune")] public Output Tune { get; private set; } = null!; @@ -155,6 +157,8 @@ public sealed class AuthBackendArgs : global::Pulumi.ResourceArgs /// /// Extra configuration block. Structure is documented below. + /// + /// The `tune` block is used to tune the auth backend: /// [Input("tune")] public Input? Tune { get; set; } @@ -215,6 +219,8 @@ public sealed class AuthBackendState : global::Pulumi.ResourceArgs /// /// Extra configuration block. Structure is documented below. + /// + /// The `tune` block is used to tune the auth backend: /// [Input("tune")] public Input? Tune { get; set; } diff --git a/sdk/dotnet/Aws/AuthBackendClient.cs b/sdk/dotnet/Aws/AuthBackendClient.cs index 86125c3b2..9d51b69f8 100644 --- a/sdk/dotnet/Aws/AuthBackendClient.cs +++ b/sdk/dotnet/Aws/AuthBackendClient.cs @@ -14,6 +14,7 @@ namespace Pulumi.Vault.Aws /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Aws/AuthBackendConfigIdentity.cs b/sdk/dotnet/Aws/AuthBackendConfigIdentity.cs index d18286dc1..308a6d183 100644 --- a/sdk/dotnet/Aws/AuthBackendConfigIdentity.cs +++ b/sdk/dotnet/Aws/AuthBackendConfigIdentity.cs @@ -18,6 +18,7 @@ namespace Pulumi.Vault.Aws /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Aws/AuthBackendIdentityWhitelist.cs b/sdk/dotnet/Aws/AuthBackendIdentityWhitelist.cs index 0248f8c91..71ff1cf0c 100644 --- a/sdk/dotnet/Aws/AuthBackendIdentityWhitelist.cs +++ b/sdk/dotnet/Aws/AuthBackendIdentityWhitelist.cs @@ -19,6 +19,7 @@ namespace Pulumi.Vault.Aws /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Aws/AuthBackendRole.cs b/sdk/dotnet/Aws/AuthBackendRole.cs index de85675c2..a49b699bf 100644 --- a/sdk/dotnet/Aws/AuthBackendRole.cs +++ b/sdk/dotnet/Aws/AuthBackendRole.cs @@ -20,6 +20,7 @@ namespace Pulumi.Vault.Aws /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Aws/AuthBackendRoletagBlacklist.cs b/sdk/dotnet/Aws/AuthBackendRoletagBlacklist.cs index 6a1254ecc..637486bbf 100644 --- a/sdk/dotnet/Aws/AuthBackendRoletagBlacklist.cs +++ b/sdk/dotnet/Aws/AuthBackendRoletagBlacklist.cs @@ -16,6 +16,7 @@ namespace Pulumi.Vault.Aws /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Aws/AuthBackendStsRole.cs b/sdk/dotnet/Aws/AuthBackendStsRole.cs index 17155e610..8d56d5799 100644 --- a/sdk/dotnet/Aws/AuthBackendStsRole.cs +++ b/sdk/dotnet/Aws/AuthBackendStsRole.cs @@ -14,6 +14,7 @@ namespace Pulumi.Vault.Aws /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Aws/GetStaticAccessCredentials.cs b/sdk/dotnet/Aws/GetStaticAccessCredentials.cs new file mode 100644 index 000000000..c63973d96 --- /dev/null +++ b/sdk/dotnet/Aws/GetStaticAccessCredentials.cs @@ -0,0 +1,92 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Vault.Aws +{ + public static class GetStaticAccessCredentials + { + public static Task InvokeAsync(GetStaticAccessCredentialsArgs args, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.InvokeAsync("vault:aws/getStaticAccessCredentials:getStaticAccessCredentials", args ?? new GetStaticAccessCredentialsArgs(), options.WithDefaults()); + + public static Output Invoke(GetStaticAccessCredentialsInvokeArgs args, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.Invoke("vault:aws/getStaticAccessCredentials:getStaticAccessCredentials", args ?? new GetStaticAccessCredentialsInvokeArgs(), options.WithDefaults()); + } + + + public sealed class GetStaticAccessCredentialsArgs : global::Pulumi.InvokeArgs + { + [Input("backend", required: true)] + public string Backend { get; set; } = null!; + + [Input("name", required: true)] + public string Name { get; set; } = null!; + + [Input("namespace")] + public string? Namespace { get; set; } + + public GetStaticAccessCredentialsArgs() + { + } + public static new GetStaticAccessCredentialsArgs Empty => new GetStaticAccessCredentialsArgs(); + } + + public sealed class GetStaticAccessCredentialsInvokeArgs : global::Pulumi.InvokeArgs + { + [Input("backend", required: true)] + public Input Backend { get; set; } = null!; + + [Input("name", required: true)] + public Input Name { get; set; } = null!; + + [Input("namespace")] + public Input? Namespace { get; set; } + + public GetStaticAccessCredentialsInvokeArgs() + { + } + public static new GetStaticAccessCredentialsInvokeArgs Empty => new GetStaticAccessCredentialsInvokeArgs(); + } + + + [OutputType] + public sealed class GetStaticAccessCredentialsResult + { + public readonly string AccessKey; + public readonly string Backend; + /// + /// The provider-assigned unique ID for this managed resource. + /// + public readonly string Id; + public readonly string Name; + public readonly string? Namespace; + public readonly string SecretKey; + + [OutputConstructor] + private GetStaticAccessCredentialsResult( + string accessKey, + + string backend, + + string id, + + string name, + + string? @namespace, + + string secretKey) + { + AccessKey = accessKey; + Backend = backend; + Id = id; + Name = name; + Namespace = @namespace; + SecretKey = secretKey; + } + } +} diff --git a/sdk/dotnet/Aws/SecretBackend.cs b/sdk/dotnet/Aws/SecretBackend.cs index 588aecb1e..d6a1f7478 100644 --- a/sdk/dotnet/Aws/SecretBackend.cs +++ b/sdk/dotnet/Aws/SecretBackend.cs @@ -84,14 +84,13 @@ public partial class SecretBackend : global::Pulumi.CustomResource public Output Path { get; private set; } = null!; /// - /// The AWS region for API calls. Defaults to `us-east-1`. + /// The AWS region to make API calls against. Defaults to us-east-1. /// [Output("region")] public Output Region { get; private set; } = null!; /// - /// The AWS Secret Key this backend should use to - /// issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials. + /// The AWS Secret Access Key to use when generating new credentials. /// [Output("secretKey")] public Output SecretKey { get; private set; } = null!; @@ -232,7 +231,7 @@ public Input? AccessKey public Input? Path { get; set; } /// - /// The AWS region for API calls. Defaults to `us-east-1`. + /// The AWS region to make API calls against. Defaults to us-east-1. /// [Input("region")] public Input? Region { get; set; } @@ -241,8 +240,7 @@ public Input? AccessKey private Input? _secretKey; /// - /// The AWS Secret Key this backend should use to - /// issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials. + /// The AWS Secret Access Key to use when generating new credentials. /// public Input? SecretKey { @@ -347,7 +345,7 @@ public Input? AccessKey public Input? Path { get; set; } /// - /// The AWS region for API calls. Defaults to `us-east-1`. + /// The AWS region to make API calls against. Defaults to us-east-1. /// [Input("region")] public Input? Region { get; set; } @@ -356,8 +354,7 @@ public Input? AccessKey private Input? _secretKey; /// - /// The AWS Secret Key this backend should use to - /// issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials. + /// The AWS Secret Access Key to use when generating new credentials. /// public Input? SecretKey { diff --git a/sdk/dotnet/Aws/SecretBackendRole.cs b/sdk/dotnet/Aws/SecretBackendRole.cs index 0f71d6b84..523b79d86 100644 --- a/sdk/dotnet/Aws/SecretBackendRole.cs +++ b/sdk/dotnet/Aws/SecretBackendRole.cs @@ -14,6 +14,7 @@ namespace Pulumi.Vault.Aws /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Aws/SecretBackendStaticRole.cs b/sdk/dotnet/Aws/SecretBackendStaticRole.cs index f00fcee1e..b335f9e2a 100644 --- a/sdk/dotnet/Aws/SecretBackendStaticRole.cs +++ b/sdk/dotnet/Aws/SecretBackendStaticRole.cs @@ -14,6 +14,7 @@ namespace Pulumi.Vault.Aws /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Azure/AuthBackendConfig.cs b/sdk/dotnet/Azure/AuthBackendConfig.cs index 040039451..b502b8e9b 100644 --- a/sdk/dotnet/Azure/AuthBackendConfig.cs +++ b/sdk/dotnet/Azure/AuthBackendConfig.cs @@ -14,6 +14,7 @@ namespace Pulumi.Vault.Azure /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Azure/AuthBackendRole.cs b/sdk/dotnet/Azure/AuthBackendRole.cs index 1d9ec1c31..14a6c15a4 100644 --- a/sdk/dotnet/Azure/AuthBackendRole.cs +++ b/sdk/dotnet/Azure/AuthBackendRole.cs @@ -20,6 +20,7 @@ namespace Pulumi.Vault.Azure /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Azure/Backend.cs b/sdk/dotnet/Azure/Backend.cs index 874f4c8df..151dc956d 100644 --- a/sdk/dotnet/Azure/Backend.cs +++ b/sdk/dotnet/Azure/Backend.cs @@ -15,6 +15,7 @@ namespace Pulumi.Vault.Azure /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -36,6 +37,7 @@ namespace Pulumi.Vault.Azure /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -58,13 +60,13 @@ namespace Pulumi.Vault.Azure public partial class Backend : global::Pulumi.CustomResource { /// - /// - The OAuth2 client id to connect to Azure. + /// The OAuth2 client id to connect to Azure. /// [Output("clientId")] public Output ClientId { get; private set; } = null!; /// - /// - The OAuth2 client secret to connect to Azure. + /// The OAuth2 client secret to connect to Azure. /// [Output("clientSecret")] public Output ClientSecret { get; private set; } = null!; @@ -83,7 +85,7 @@ public partial class Backend : global::Pulumi.CustomResource public Output DisableRemount { get; private set; } = null!; /// - /// - The Azure environment. + /// The Azure environment. /// [Output("environment")] public Output Environment { get; private set; } = null!; @@ -98,25 +100,25 @@ public partial class Backend : global::Pulumi.CustomResource public Output Namespace { get; private set; } = null!; /// - /// - The unique path this backend should be mounted at. Defaults to `azure`. + /// The unique path this backend should be mounted at. Defaults to `azure`. /// [Output("path")] public Output Path { get; private set; } = null!; /// - /// - The subscription id for the Azure Active Directory. + /// The subscription id for the Azure Active Directory. /// [Output("subscriptionId")] public Output SubscriptionId { get; private set; } = null!; /// - /// - The tenant id for the Azure Active Directory. + /// The tenant id for the Azure Active Directory. /// [Output("tenantId")] public Output TenantId { get; private set; } = null!; /// - /// - Indicates whether the secrets engine should use + /// Indicates whether the secrets engine should use /// the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. /// For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) /// @@ -180,7 +182,7 @@ public sealed class BackendArgs : global::Pulumi.ResourceArgs private Input? _clientId; /// - /// - The OAuth2 client id to connect to Azure. + /// The OAuth2 client id to connect to Azure. /// public Input? ClientId { @@ -196,7 +198,7 @@ public Input? ClientId private Input? _clientSecret; /// - /// - The OAuth2 client secret to connect to Azure. + /// The OAuth2 client secret to connect to Azure. /// public Input? ClientSecret { @@ -222,7 +224,7 @@ public Input? ClientSecret public Input? DisableRemount { get; set; } /// - /// - The Azure environment. + /// The Azure environment. /// [Input("environment")] public Input? Environment { get; set; } @@ -237,7 +239,7 @@ public Input? ClientSecret public Input? Namespace { get; set; } /// - /// - The unique path this backend should be mounted at. Defaults to `azure`. + /// The unique path this backend should be mounted at. Defaults to `azure`. /// [Input("path")] public Input? Path { get; set; } @@ -246,7 +248,7 @@ public Input? ClientSecret private Input? _subscriptionId; /// - /// - The subscription id for the Azure Active Directory. + /// The subscription id for the Azure Active Directory. /// public Input? SubscriptionId { @@ -262,7 +264,7 @@ public Input? SubscriptionId private Input? _tenantId; /// - /// - The tenant id for the Azure Active Directory. + /// The tenant id for the Azure Active Directory. /// public Input? TenantId { @@ -275,7 +277,7 @@ public Input? TenantId } /// - /// - Indicates whether the secrets engine should use + /// Indicates whether the secrets engine should use /// the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. /// For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) /// @@ -294,7 +296,7 @@ public sealed class BackendState : global::Pulumi.ResourceArgs private Input? _clientId; /// - /// - The OAuth2 client id to connect to Azure. + /// The OAuth2 client id to connect to Azure. /// public Input? ClientId { @@ -310,7 +312,7 @@ public Input? ClientId private Input? _clientSecret; /// - /// - The OAuth2 client secret to connect to Azure. + /// The OAuth2 client secret to connect to Azure. /// public Input? ClientSecret { @@ -336,7 +338,7 @@ public Input? ClientSecret public Input? DisableRemount { get; set; } /// - /// - The Azure environment. + /// The Azure environment. /// [Input("environment")] public Input? Environment { get; set; } @@ -351,7 +353,7 @@ public Input? ClientSecret public Input? Namespace { get; set; } /// - /// - The unique path this backend should be mounted at. Defaults to `azure`. + /// The unique path this backend should be mounted at. Defaults to `azure`. /// [Input("path")] public Input? Path { get; set; } @@ -360,7 +362,7 @@ public Input? ClientSecret private Input? _subscriptionId; /// - /// - The subscription id for the Azure Active Directory. + /// The subscription id for the Azure Active Directory. /// public Input? SubscriptionId { @@ -376,7 +378,7 @@ public Input? SubscriptionId private Input? _tenantId; /// - /// - The tenant id for the Azure Active Directory. + /// The tenant id for the Azure Active Directory. /// public Input? TenantId { @@ -389,7 +391,7 @@ public Input? TenantId } /// - /// - Indicates whether the secrets engine should use + /// Indicates whether the secrets engine should use /// the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. /// For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) /// diff --git a/sdk/dotnet/Azure/BackendRole.cs b/sdk/dotnet/Azure/BackendRole.cs index 827df81a0..c1ec29773 100644 --- a/sdk/dotnet/Azure/BackendRole.cs +++ b/sdk/dotnet/Azure/BackendRole.cs @@ -14,6 +14,7 @@ namespace Pulumi.Vault.Azure /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Azure/GetAccessCredentials.cs b/sdk/dotnet/Azure/GetAccessCredentials.cs index 2ae0dbbdf..f616efef8 100644 --- a/sdk/dotnet/Azure/GetAccessCredentials.cs +++ b/sdk/dotnet/Azure/GetAccessCredentials.cs @@ -18,6 +18,7 @@ public static class GetAccessCredentials /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -52,6 +53,7 @@ public static Task InvokeAsync(GetAccessCredentialsA /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/CertAuthBackendRole.cs b/sdk/dotnet/CertAuthBackendRole.cs index 0b8046ee3..84c05e858 100644 --- a/sdk/dotnet/CertAuthBackendRole.cs +++ b/sdk/dotnet/CertAuthBackendRole.cs @@ -17,6 +17,7 @@ namespace Pulumi.Vault /// ```csharp /// using System.Collections.Generic; /// using System.IO; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -125,7 +126,50 @@ public partial class CertAuthBackendRole : global::Pulumi.CustomResource public Output Namespace { get; private set; } = null!; /// - /// TLS extensions required on client certificates + /// Any additional CA certificates + /// needed to verify OCSP responses. Provided as base64 encoded PEM data. + /// Requires Vault version 1.13+. + /// + [Output("ocspCaCertificates")] + public Output OcspCaCertificates { get; private set; } = null!; + + /// + /// If enabled, validate certificates' + /// revocation status using OCSP. Requires Vault version 1.13+. + /// + [Output("ocspEnabled")] + public Output OcspEnabled { get; private set; } = null!; + + /// + /// If true and an OCSP response cannot + /// be fetched or is of an unknown status, the login will proceed as if the + /// certificate has not been revoked. + /// Requires Vault version 1.13+. + /// + [Output("ocspFailOpen")] + public Output OcspFailOpen { get; private set; } = null!; + + /// + /// If set to true, rather than + /// accepting the first successful OCSP response, query all servers and consider + /// the certificate valid only if all servers agree. + /// Requires Vault version 1.13+. + /// + [Output("ocspQueryAllServers")] + public Output OcspQueryAllServers { get; private set; } = null!; + + /// + /// : A comma-separated list of OCSP + /// server addresses. If unset, the OCSP server is determined from the + /// AuthorityInformationAccess extension on the certificate being inspected. + /// Requires Vault version 1.13+. + /// + [Output("ocspServersOverrides")] + public Output> OcspServersOverrides { get; private set; } = null!; + + /// + /// TLS extensions required on + /// client certificates /// [Output("requiredExtensions")] public Output> RequiredExtensions { get; private set; } = null!; @@ -197,6 +241,8 @@ public partial class CertAuthBackendRole : global::Pulumi.CustomResource /// `service` tokens). For token store roles, there are two additional possibilities: /// `default-service` and `default-batch` which specify the type to return unless the client /// requests a different type at generation time. + /// + /// For more details on the usage of each argument consult the [Vault Cert API documentation](https://www.vaultproject.io/api-docs/auth/cert). /// [Output("tokenType")] public Output TokenType { get; private set; } = null!; @@ -362,11 +408,60 @@ public InputList AllowedUriSans [Input("namespace")] public Input? Namespace { get; set; } + /// + /// Any additional CA certificates + /// needed to verify OCSP responses. Provided as base64 encoded PEM data. + /// Requires Vault version 1.13+. + /// + [Input("ocspCaCertificates")] + public Input? OcspCaCertificates { get; set; } + + /// + /// If enabled, validate certificates' + /// revocation status using OCSP. Requires Vault version 1.13+. + /// + [Input("ocspEnabled")] + public Input? OcspEnabled { get; set; } + + /// + /// If true and an OCSP response cannot + /// be fetched or is of an unknown status, the login will proceed as if the + /// certificate has not been revoked. + /// Requires Vault version 1.13+. + /// + [Input("ocspFailOpen")] + public Input? OcspFailOpen { get; set; } + + /// + /// If set to true, rather than + /// accepting the first successful OCSP response, query all servers and consider + /// the certificate valid only if all servers agree. + /// Requires Vault version 1.13+. + /// + [Input("ocspQueryAllServers")] + public Input? OcspQueryAllServers { get; set; } + + [Input("ocspServersOverrides")] + private InputList? _ocspServersOverrides; + + /// + /// : A comma-separated list of OCSP + /// server addresses. If unset, the OCSP server is determined from the + /// AuthorityInformationAccess extension on the certificate being inspected. + /// Requires Vault version 1.13+. + /// + public InputList OcspServersOverrides + { + get => _ocspServersOverrides ?? (_ocspServersOverrides = new InputList()); + set => _ocspServersOverrides = value; + } + [Input("requiredExtensions")] private InputList? _requiredExtensions; /// - /// TLS extensions required on client certificates + /// TLS extensions required on + /// client certificates /// public InputList RequiredExtensions { @@ -453,6 +548,8 @@ public InputList TokenPolicies /// `service` tokens). For token store roles, there are two additional possibilities: /// `default-service` and `default-batch` which specify the type to return unless the client /// requests a different type at generation time. + /// + /// For more details on the usage of each argument consult the [Vault Cert API documentation](https://www.vaultproject.io/api-docs/auth/cert). /// [Input("tokenType")] public Input? TokenType { get; set; } @@ -580,11 +677,60 @@ public InputList AllowedUriSans [Input("namespace")] public Input? Namespace { get; set; } + /// + /// Any additional CA certificates + /// needed to verify OCSP responses. Provided as base64 encoded PEM data. + /// Requires Vault version 1.13+. + /// + [Input("ocspCaCertificates")] + public Input? OcspCaCertificates { get; set; } + + /// + /// If enabled, validate certificates' + /// revocation status using OCSP. Requires Vault version 1.13+. + /// + [Input("ocspEnabled")] + public Input? OcspEnabled { get; set; } + + /// + /// If true and an OCSP response cannot + /// be fetched or is of an unknown status, the login will proceed as if the + /// certificate has not been revoked. + /// Requires Vault version 1.13+. + /// + [Input("ocspFailOpen")] + public Input? OcspFailOpen { get; set; } + + /// + /// If set to true, rather than + /// accepting the first successful OCSP response, query all servers and consider + /// the certificate valid only if all servers agree. + /// Requires Vault version 1.13+. + /// + [Input("ocspQueryAllServers")] + public Input? OcspQueryAllServers { get; set; } + + [Input("ocspServersOverrides")] + private InputList? _ocspServersOverrides; + + /// + /// : A comma-separated list of OCSP + /// server addresses. If unset, the OCSP server is determined from the + /// AuthorityInformationAccess extension on the certificate being inspected. + /// Requires Vault version 1.13+. + /// + public InputList OcspServersOverrides + { + get => _ocspServersOverrides ?? (_ocspServersOverrides = new InputList()); + set => _ocspServersOverrides = value; + } + [Input("requiredExtensions")] private InputList? _requiredExtensions; /// - /// TLS extensions required on client certificates + /// TLS extensions required on + /// client certificates /// public InputList RequiredExtensions { @@ -671,6 +817,8 @@ public InputList TokenPolicies /// `service` tokens). For token store roles, there are two additional possibilities: /// `default-service` and `default-batch` which specify the type to return unless the client /// requests a different type at generation time. + /// + /// For more details on the usage of each argument consult the [Vault Cert API documentation](https://www.vaultproject.io/api-docs/auth/cert). /// [Input("tokenType")] public Input? TokenType { get; set; } diff --git a/sdk/dotnet/Config/Config.cs b/sdk/dotnet/Config/Config.cs index 50a873652..3f0872367 100644 --- a/sdk/dotnet/Config/Config.cs +++ b/sdk/dotnet/Config/Config.cs @@ -8,7 +8,7 @@ namespace Pulumi.Vault { public static class Config { - [System.Diagnostics.CodeAnalysis.SuppressMessage("Microsoft.Design", "IDE1006", Justification = + [global::System.Diagnostics.CodeAnalysis.SuppressMessage("Microsoft.Design", "IDE1006", Justification = "Double underscore prefix used to avoid conflicts with variable names.")] private sealed class __Value { @@ -252,6 +252,17 @@ public static string? Namespace set => _namespace.Set(value); } + private static readonly __Value _setNamespaceFromToken = new __Value(() => __config.GetBoolean("setNamespaceFromToken")); + /// + /// In the case where the Vault token is for a specific namespace and the provider namespace is not configured, use the + /// token namespace as the root namespace for all resources. + /// + public static bool? SetNamespaceFromToken + { + get => _setNamespaceFromToken.Get(); + set => _setNamespaceFromToken.Set(value); + } + private static readonly __Value _skipChildToken = new __Value(() => __config.GetBoolean("skipChildToken")); /// /// Set this to true to prevent the creation of ephemeral child token used by this provider. @@ -331,6 +342,7 @@ public class AuthLogin public string? Namespace { get; set; } = null!; public ImmutableDictionary? Parameters { get; set; } = null!; public string Path { get; set; } + public bool? UseRootNamespace { get; set; } } public class AuthLoginAws @@ -350,6 +362,7 @@ public class AuthLoginAws public string? Mount { get; set; } = null!; public string? Namespace { get; set; } = null!; public string Role { get; set; } + public bool? UseRootNamespace { get; set; } } public class AuthLoginAzure @@ -363,6 +376,7 @@ public class AuthLoginAzure public string? Scope { get; set; } = null!; public string SubscriptionId { get; set; } public string? TenantId { get; set; } = null!; + public bool? UseRootNamespace { get; set; } public string? VmName { get; set; } = null!; public string? VmssName { get; set; } = null!; } @@ -374,6 +388,7 @@ public class AuthLoginCert public string? Mount { get; set; } = null!; public string? Name { get; set; } = null!; public string? Namespace { get; set; } = null!; + public bool? UseRootNamespace { get; set; } } public class AuthLoginGcp @@ -384,6 +399,7 @@ public class AuthLoginGcp public string? Namespace { get; set; } = null!; public string Role { get; set; } public string? ServiceAccount { get; set; } = null!; + public bool? UseRootNamespace { get; set; } } public class AuthLoginJwt @@ -392,6 +408,7 @@ public class AuthLoginJwt public string? Mount { get; set; } = null!; public string? Namespace { get; set; } = null!; public string Role { get; set; } + public bool? UseRootNamespace { get; set; } } public class AuthLoginKerberos @@ -405,6 +422,7 @@ public class AuthLoginKerberos public bool? RemoveInstanceName { get; set; } public string? Service { get; set; } = null!; public string? Token { get; set; } = null!; + public bool? UseRootNamespace { get; set; } public string? Username { get; set; } = null!; } @@ -414,6 +432,7 @@ public class AuthLoginOci public string? Mount { get; set; } = null!; public string? Namespace { get; set; } = null!; public string Role { get; set; } + public bool? UseRootNamespace { get; set; } } public class AuthLoginOidc @@ -423,6 +442,7 @@ public class AuthLoginOidc public string? Mount { get; set; } = null!; public string? Namespace { get; set; } = null!; public string Role { get; set; } + public bool? UseRootNamespace { get; set; } } public class AuthLoginRadius @@ -430,6 +450,7 @@ public class AuthLoginRadius public string? Mount { get; set; } = null!; public string? Namespace { get; set; } = null!; public string Password { get; set; } + public bool? UseRootNamespace { get; set; } public string Username { get; set; } } @@ -437,6 +458,7 @@ public class AuthLoginTokenFile { public string Filename { get; set; } public string? Namespace { get; set; } = null!; + public bool? UseRootNamespace { get; set; } } public class AuthLoginUserpass @@ -445,6 +467,7 @@ public class AuthLoginUserpass public string? Namespace { get; set; } = null!; public string? Password { get; set; } = null!; public string? PasswordFile { get; set; } = null!; + public bool? UseRootNamespace { get; set; } public string Username { get; set; } } diff --git a/sdk/dotnet/Consul/SecretBackend.cs b/sdk/dotnet/Consul/SecretBackend.cs index d9ee45d10..d1eceb0bb 100644 --- a/sdk/dotnet/Consul/SecretBackend.cs +++ b/sdk/dotnet/Consul/SecretBackend.cs @@ -14,6 +14,7 @@ namespace Pulumi.Vault.Consul /// ### Creating a standard backend resource: /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -32,6 +33,7 @@ namespace Pulumi.Vault.Consul /// ### Creating a backend resource to bootstrap a new Consul instance: /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -67,6 +69,10 @@ public partial class SecretBackend : global::Pulumi.CustomResource /// /// Denotes that the resource is used to bootstrap the Consul ACL system. + /// + /// > **Important** When `bootstrap` is true, Vault will attempt to bootstrap the Consul server. The token returned from + /// this operation will only ever be known to Vault. If the resource is ever destroyed, the bootstrap token will be lost + /// and a [Consul reset may be required.](https://learn.hashicorp.com/tutorials/consul/access-control-troubleshoot#reset-the-acl-system) /// [Output("bootstrap")] public Output Bootstrap { get; private set; } = null!; @@ -146,8 +152,7 @@ public partial class SecretBackend : global::Pulumi.CustomResource public Output Scheme { get; private set; } = null!; /// - /// The Consul management token this backend should use to issue new tokens. This field is required - /// when `bootstrap` is false. + /// Specifies the Consul token to use when managing or issuing new tokens. /// [Output("token")] public Output Token { get; private set; } = null!; @@ -212,6 +217,10 @@ public sealed class SecretBackendArgs : global::Pulumi.ResourceArgs /// /// Denotes that the resource is used to bootstrap the Consul ACL system. + /// + /// > **Important** When `bootstrap` is true, Vault will attempt to bootstrap the Consul server. The token returned from + /// this operation will only ever be known to Vault. If the resource is ever destroyed, the bootstrap token will be lost + /// and a [Consul reset may be required.](https://learn.hashicorp.com/tutorials/consul/access-control-troubleshoot#reset-the-acl-system) /// [Input("bootstrap")] public Input? Bootstrap { get; set; } @@ -314,8 +323,7 @@ public Input? ClientKey private Input? _token; /// - /// The Consul management token this backend should use to issue new tokens. This field is required - /// when `bootstrap` is false. + /// Specifies the Consul token to use when managing or issuing new tokens. /// public Input? Token { @@ -343,6 +351,10 @@ public sealed class SecretBackendState : global::Pulumi.ResourceArgs /// /// Denotes that the resource is used to bootstrap the Consul ACL system. + /// + /// > **Important** When `bootstrap` is true, Vault will attempt to bootstrap the Consul server. The token returned from + /// this operation will only ever be known to Vault. If the resource is ever destroyed, the bootstrap token will be lost + /// and a [Consul reset may be required.](https://learn.hashicorp.com/tutorials/consul/access-control-troubleshoot#reset-the-acl-system) /// [Input("bootstrap")] public Input? Bootstrap { get; set; } @@ -445,8 +457,7 @@ public Input? ClientKey private Input? _token; /// - /// The Consul management token this backend should use to issue new tokens. This field is required - /// when `bootstrap` is false. + /// Specifies the Consul token to use when managing or issuing new tokens. /// public Input? Token { diff --git a/sdk/dotnet/Consul/SecretBackendRole.cs b/sdk/dotnet/Consul/SecretBackendRole.cs index 08623253d..f0a7c39b8 100644 --- a/sdk/dotnet/Consul/SecretBackendRole.cs +++ b/sdk/dotnet/Consul/SecretBackendRole.cs @@ -16,6 +16,7 @@ namespace Pulumi.Vault.Consul /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Database/Inputs/SecretBackendConnectionCassandraArgs.cs b/sdk/dotnet/Database/Inputs/SecretBackendConnectionCassandraArgs.cs index 0bd9cd576..625569742 100644 --- a/sdk/dotnet/Database/Inputs/SecretBackendConnectionCassandraArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretBackendConnectionCassandraArgs.cs @@ -23,7 +23,7 @@ public sealed class SecretBackendConnectionCassandraArgs : global::Pulumi.Resour private InputList? _hosts; /// - /// A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + /// The hosts to connect to. /// public InputList Hosts { @@ -42,7 +42,7 @@ public InputList Hosts private Input? _password; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public Input? Password { @@ -101,13 +101,13 @@ public Input? PemJson public Input? ProtocolVersion { get; set; } /// - /// Whether to use TLS when connecting to Redis. + /// Whether to use TLS when connecting to Cassandra. /// [Input("tls")] public Input? Tls { get; set; } /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// [Input("username")] public Input? Username { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretBackendConnectionCassandraGetArgs.cs b/sdk/dotnet/Database/Inputs/SecretBackendConnectionCassandraGetArgs.cs index ea75b8c5a..9faab5741 100644 --- a/sdk/dotnet/Database/Inputs/SecretBackendConnectionCassandraGetArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretBackendConnectionCassandraGetArgs.cs @@ -23,7 +23,7 @@ public sealed class SecretBackendConnectionCassandraGetArgs : global::Pulumi.Res private InputList? _hosts; /// - /// A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + /// The hosts to connect to. /// public InputList Hosts { @@ -42,7 +42,7 @@ public InputList Hosts private Input? _password; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public Input? Password { @@ -101,13 +101,13 @@ public Input? PemJson public Input? ProtocolVersion { get; set; } /// - /// Whether to use TLS when connecting to Redis. + /// Whether to use TLS when connecting to Cassandra. /// [Input("tls")] public Input? Tls { get; set; } /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// [Input("username")] public Input? Username { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretBackendConnectionCouchbaseArgs.cs b/sdk/dotnet/Database/Inputs/SecretBackendConnectionCouchbaseArgs.cs index 360437ac3..16edbbaa8 100644 --- a/sdk/dotnet/Database/Inputs/SecretBackendConnectionCouchbaseArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretBackendConnectionCouchbaseArgs.cs @@ -38,7 +38,7 @@ public Input? Base64Pem private InputList? _hosts; /// - /// A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + /// The hosts to connect to. /// public InputList Hosts { @@ -57,7 +57,7 @@ public InputList Hosts private Input? _password; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public Input? Password { @@ -70,19 +70,19 @@ public Input? Password } /// - /// Whether to use TLS when connecting to Redis. + /// Whether to use TLS when connecting to Cassandra. /// [Input("tls")] public Input? Tls { get; set; } /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// [Input("username", required: true)] public Input Username { get; set; } = null!; /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// Template describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretBackendConnectionCouchbaseGetArgs.cs b/sdk/dotnet/Database/Inputs/SecretBackendConnectionCouchbaseGetArgs.cs index 1209544fa..ccaf2348b 100644 --- a/sdk/dotnet/Database/Inputs/SecretBackendConnectionCouchbaseGetArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretBackendConnectionCouchbaseGetArgs.cs @@ -38,7 +38,7 @@ public Input? Base64Pem private InputList? _hosts; /// - /// A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + /// The hosts to connect to. /// public InputList Hosts { @@ -57,7 +57,7 @@ public InputList Hosts private Input? _password; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public Input? Password { @@ -70,19 +70,19 @@ public Input? Password } /// - /// Whether to use TLS when connecting to Redis. + /// Whether to use TLS when connecting to Cassandra. /// [Input("tls")] public Input? Tls { get; set; } /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// [Input("username", required: true)] public Input Username { get; set; } = null!; /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// Template describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretBackendConnectionElasticsearchArgs.cs b/sdk/dotnet/Database/Inputs/SecretBackendConnectionElasticsearchArgs.cs index 9c5cebd5f..b1ab00c30 100644 --- a/sdk/dotnet/Database/Inputs/SecretBackendConnectionElasticsearchArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretBackendConnectionElasticsearchArgs.cs @@ -46,7 +46,7 @@ public sealed class SecretBackendConnectionElasticsearchArgs : global::Pulumi.Re private Input? _password; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public Input? Password { @@ -72,13 +72,13 @@ public Input? Password public Input Url { get; set; } = null!; /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// [Input("username", required: true)] public Input Username { get; set; } = null!; /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// Template describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretBackendConnectionElasticsearchGetArgs.cs b/sdk/dotnet/Database/Inputs/SecretBackendConnectionElasticsearchGetArgs.cs index 3d09b0d7f..ea6a1ddd2 100644 --- a/sdk/dotnet/Database/Inputs/SecretBackendConnectionElasticsearchGetArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretBackendConnectionElasticsearchGetArgs.cs @@ -46,7 +46,7 @@ public sealed class SecretBackendConnectionElasticsearchGetArgs : global::Pulumi private Input? _password; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public Input? Password { @@ -72,13 +72,13 @@ public Input? Password public Input Url { get; set; } = null!; /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// [Input("username", required: true)] public Input Username { get; set; } = null!; /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// Template describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretBackendConnectionHanaArgs.cs b/sdk/dotnet/Database/Inputs/SecretBackendConnectionHanaArgs.cs index 93936f5b4..4094ae337 100644 --- a/sdk/dotnet/Database/Inputs/SecretBackendConnectionHanaArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretBackendConnectionHanaArgs.cs @@ -13,9 +13,9 @@ namespace Pulumi.Vault.Database.Inputs public sealed class SecretBackendConnectionHanaArgs : global::Pulumi.ResourceArgs { /// - /// Specifies the Redshift DSN. See + /// A URL containing connection information. See /// the [Vault - /// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + /// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) /// for an example. /// [Input("connectionUrl")] @@ -28,21 +28,22 @@ public sealed class SecretBackendConnectionHanaArgs : global::Pulumi.ResourceArg public Input? DisableEscaping { get; set; } /// - /// The maximum amount of time a connection may be reused. + /// The maximum number of seconds to keep + /// a connection alive for. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// the database. + /// maintain. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// the database. + /// use. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -51,7 +52,7 @@ public sealed class SecretBackendConnectionHanaArgs : global::Pulumi.ResourceArg private Input? _password; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public Input? Password { @@ -64,7 +65,7 @@ public Input? Password } /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// [Input("username")] public Input? Username { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretBackendConnectionHanaGetArgs.cs b/sdk/dotnet/Database/Inputs/SecretBackendConnectionHanaGetArgs.cs index b098d8fac..f0f6a7215 100644 --- a/sdk/dotnet/Database/Inputs/SecretBackendConnectionHanaGetArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretBackendConnectionHanaGetArgs.cs @@ -13,9 +13,9 @@ namespace Pulumi.Vault.Database.Inputs public sealed class SecretBackendConnectionHanaGetArgs : global::Pulumi.ResourceArgs { /// - /// Specifies the Redshift DSN. See + /// A URL containing connection information. See /// the [Vault - /// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + /// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) /// for an example. /// [Input("connectionUrl")] @@ -28,21 +28,22 @@ public sealed class SecretBackendConnectionHanaGetArgs : global::Pulumi.Resource public Input? DisableEscaping { get; set; } /// - /// The maximum amount of time a connection may be reused. + /// The maximum number of seconds to keep + /// a connection alive for. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// the database. + /// maintain. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// the database. + /// use. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -51,7 +52,7 @@ public sealed class SecretBackendConnectionHanaGetArgs : global::Pulumi.Resource private Input? _password; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public Input? Password { @@ -64,7 +65,7 @@ public Input? Password } /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// [Input("username")] public Input? Username { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretBackendConnectionInfluxdbArgs.cs b/sdk/dotnet/Database/Inputs/SecretBackendConnectionInfluxdbArgs.cs index f86cf5763..d5a6cce68 100644 --- a/sdk/dotnet/Database/Inputs/SecretBackendConnectionInfluxdbArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretBackendConnectionInfluxdbArgs.cs @@ -36,7 +36,7 @@ public sealed class SecretBackendConnectionInfluxdbArgs : global::Pulumi.Resourc private Input? _password; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public Input? Password { @@ -89,19 +89,19 @@ public Input? PemJson public Input? Port { get; set; } /// - /// Whether to use TLS when connecting to Redis. + /// Whether to use TLS when connecting to Cassandra. /// [Input("tls")] public Input? Tls { get; set; } /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// [Input("username", required: true)] public Input Username { get; set; } = null!; /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// Template describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretBackendConnectionInfluxdbGetArgs.cs b/sdk/dotnet/Database/Inputs/SecretBackendConnectionInfluxdbGetArgs.cs index 6d80f0fa0..b8ecf4e83 100644 --- a/sdk/dotnet/Database/Inputs/SecretBackendConnectionInfluxdbGetArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretBackendConnectionInfluxdbGetArgs.cs @@ -36,7 +36,7 @@ public sealed class SecretBackendConnectionInfluxdbGetArgs : global::Pulumi.Reso private Input? _password; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public Input? Password { @@ -89,19 +89,19 @@ public Input? PemJson public Input? Port { get; set; } /// - /// Whether to use TLS when connecting to Redis. + /// Whether to use TLS when connecting to Cassandra. /// [Input("tls")] public Input? Tls { get; set; } /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// [Input("username", required: true)] public Input Username { get; set; } = null!; /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// Template describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretBackendConnectionMongodbArgs.cs b/sdk/dotnet/Database/Inputs/SecretBackendConnectionMongodbArgs.cs index 1ffeba9aa..f399fdb39 100644 --- a/sdk/dotnet/Database/Inputs/SecretBackendConnectionMongodbArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretBackendConnectionMongodbArgs.cs @@ -13,30 +13,31 @@ namespace Pulumi.Vault.Database.Inputs public sealed class SecretBackendConnectionMongodbArgs : global::Pulumi.ResourceArgs { /// - /// Specifies the Redshift DSN. See + /// A URL containing connection information. See /// the [Vault - /// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + /// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) /// for an example. /// [Input("connectionUrl")] public Input? ConnectionUrl { get; set; } /// - /// The maximum amount of time a connection may be reused. + /// The maximum number of seconds to keep + /// a connection alive for. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// the database. + /// maintain. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// the database. + /// use. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -45,7 +46,7 @@ public sealed class SecretBackendConnectionMongodbArgs : global::Pulumi.Resource private Input? _password; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public Input? Password { @@ -58,13 +59,13 @@ public Input? Password } /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// [Input("username")] public Input? Username { get; set; } /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// Template describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretBackendConnectionMongodbGetArgs.cs b/sdk/dotnet/Database/Inputs/SecretBackendConnectionMongodbGetArgs.cs index 2758a4d86..824c4ff69 100644 --- a/sdk/dotnet/Database/Inputs/SecretBackendConnectionMongodbGetArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretBackendConnectionMongodbGetArgs.cs @@ -13,30 +13,31 @@ namespace Pulumi.Vault.Database.Inputs public sealed class SecretBackendConnectionMongodbGetArgs : global::Pulumi.ResourceArgs { /// - /// Specifies the Redshift DSN. See + /// A URL containing connection information. See /// the [Vault - /// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + /// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) /// for an example. /// [Input("connectionUrl")] public Input? ConnectionUrl { get; set; } /// - /// The maximum amount of time a connection may be reused. + /// The maximum number of seconds to keep + /// a connection alive for. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// the database. + /// maintain. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// the database. + /// use. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -45,7 +46,7 @@ public sealed class SecretBackendConnectionMongodbGetArgs : global::Pulumi.Resou private Input? _password; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public Input? Password { @@ -58,13 +59,13 @@ public Input? Password } /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// [Input("username")] public Input? Username { get; set; } /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// Template describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretBackendConnectionMssqlArgs.cs b/sdk/dotnet/Database/Inputs/SecretBackendConnectionMssqlArgs.cs index 86a6cca2a..70e47f677 100644 --- a/sdk/dotnet/Database/Inputs/SecretBackendConnectionMssqlArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretBackendConnectionMssqlArgs.cs @@ -13,9 +13,9 @@ namespace Pulumi.Vault.Database.Inputs public sealed class SecretBackendConnectionMssqlArgs : global::Pulumi.ResourceArgs { /// - /// Specifies the Redshift DSN. See + /// A URL containing connection information. See /// the [Vault - /// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + /// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) /// for an example. /// [Input("connectionUrl")] @@ -37,21 +37,22 @@ public sealed class SecretBackendConnectionMssqlArgs : global::Pulumi.ResourceAr public Input? DisableEscaping { get; set; } /// - /// The maximum amount of time a connection may be reused. + /// The maximum number of seconds to keep + /// a connection alive for. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// the database. + /// maintain. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// the database. + /// use. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -60,7 +61,7 @@ public sealed class SecretBackendConnectionMssqlArgs : global::Pulumi.ResourceAr private Input? _password; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public Input? Password { @@ -73,13 +74,13 @@ public Input? Password } /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// [Input("username")] public Input? Username { get; set; } /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// Template describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretBackendConnectionMssqlGetArgs.cs b/sdk/dotnet/Database/Inputs/SecretBackendConnectionMssqlGetArgs.cs index cbfb85d6c..62f3001df 100644 --- a/sdk/dotnet/Database/Inputs/SecretBackendConnectionMssqlGetArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretBackendConnectionMssqlGetArgs.cs @@ -13,9 +13,9 @@ namespace Pulumi.Vault.Database.Inputs public sealed class SecretBackendConnectionMssqlGetArgs : global::Pulumi.ResourceArgs { /// - /// Specifies the Redshift DSN. See + /// A URL containing connection information. See /// the [Vault - /// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + /// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) /// for an example. /// [Input("connectionUrl")] @@ -37,21 +37,22 @@ public sealed class SecretBackendConnectionMssqlGetArgs : global::Pulumi.Resourc public Input? DisableEscaping { get; set; } /// - /// The maximum amount of time a connection may be reused. + /// The maximum number of seconds to keep + /// a connection alive for. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// the database. + /// maintain. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// the database. + /// use. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -60,7 +61,7 @@ public sealed class SecretBackendConnectionMssqlGetArgs : global::Pulumi.Resourc private Input? _password; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public Input? Password { @@ -73,13 +74,13 @@ public Input? Password } /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// [Input("username")] public Input? Username { get; set; } /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// Template describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretBackendConnectionMysqlArgs.cs b/sdk/dotnet/Database/Inputs/SecretBackendConnectionMysqlArgs.cs index 137dabb22..bb79f3db3 100644 --- a/sdk/dotnet/Database/Inputs/SecretBackendConnectionMysqlArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretBackendConnectionMysqlArgs.cs @@ -19,30 +19,31 @@ public sealed class SecretBackendConnectionMysqlArgs : global::Pulumi.ResourceAr public Input? AuthType { get; set; } /// - /// Specifies the Redshift DSN. See + /// A URL containing connection information. See /// the [Vault - /// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + /// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) /// for an example. /// [Input("connectionUrl")] public Input? ConnectionUrl { get; set; } /// - /// The maximum amount of time a connection may be reused. + /// The maximum number of seconds to keep + /// a connection alive for. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// the database. + /// maintain. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// the database. + /// use. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -51,7 +52,7 @@ public sealed class SecretBackendConnectionMysqlArgs : global::Pulumi.ResourceAr private Input? _password; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public Input? Password { @@ -102,13 +103,13 @@ public Input? TlsCertificateKey } /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// [Input("username")] public Input? Username { get; set; } /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// Template describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretBackendConnectionMysqlAuroraArgs.cs b/sdk/dotnet/Database/Inputs/SecretBackendConnectionMysqlAuroraArgs.cs index 1fd1a3a74..10ed3b9f7 100644 --- a/sdk/dotnet/Database/Inputs/SecretBackendConnectionMysqlAuroraArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretBackendConnectionMysqlAuroraArgs.cs @@ -13,30 +13,31 @@ namespace Pulumi.Vault.Database.Inputs public sealed class SecretBackendConnectionMysqlAuroraArgs : global::Pulumi.ResourceArgs { /// - /// Specifies the Redshift DSN. See + /// A URL containing connection information. See /// the [Vault - /// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + /// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) /// for an example. /// [Input("connectionUrl")] public Input? ConnectionUrl { get; set; } /// - /// The maximum amount of time a connection may be reused. + /// The maximum number of seconds to keep + /// a connection alive for. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// the database. + /// maintain. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// the database. + /// use. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -45,7 +46,7 @@ public sealed class SecretBackendConnectionMysqlAuroraArgs : global::Pulumi.Reso private Input? _password; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public Input? Password { @@ -58,13 +59,13 @@ public Input? Password } /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// [Input("username")] public Input? Username { get; set; } /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// Template describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretBackendConnectionMysqlAuroraGetArgs.cs b/sdk/dotnet/Database/Inputs/SecretBackendConnectionMysqlAuroraGetArgs.cs index 13b306b4e..7731f031b 100644 --- a/sdk/dotnet/Database/Inputs/SecretBackendConnectionMysqlAuroraGetArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretBackendConnectionMysqlAuroraGetArgs.cs @@ -13,30 +13,31 @@ namespace Pulumi.Vault.Database.Inputs public sealed class SecretBackendConnectionMysqlAuroraGetArgs : global::Pulumi.ResourceArgs { /// - /// Specifies the Redshift DSN. See + /// A URL containing connection information. See /// the [Vault - /// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + /// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) /// for an example. /// [Input("connectionUrl")] public Input? ConnectionUrl { get; set; } /// - /// The maximum amount of time a connection may be reused. + /// The maximum number of seconds to keep + /// a connection alive for. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// the database. + /// maintain. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// the database. + /// use. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -45,7 +46,7 @@ public sealed class SecretBackendConnectionMysqlAuroraGetArgs : global::Pulumi.R private Input? _password; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public Input? Password { @@ -58,13 +59,13 @@ public Input? Password } /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// [Input("username")] public Input? Username { get; set; } /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// Template describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretBackendConnectionMysqlGetArgs.cs b/sdk/dotnet/Database/Inputs/SecretBackendConnectionMysqlGetArgs.cs index 67c9fcd79..0cb45d7c2 100644 --- a/sdk/dotnet/Database/Inputs/SecretBackendConnectionMysqlGetArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretBackendConnectionMysqlGetArgs.cs @@ -19,30 +19,31 @@ public sealed class SecretBackendConnectionMysqlGetArgs : global::Pulumi.Resourc public Input? AuthType { get; set; } /// - /// Specifies the Redshift DSN. See + /// A URL containing connection information. See /// the [Vault - /// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + /// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) /// for an example. /// [Input("connectionUrl")] public Input? ConnectionUrl { get; set; } /// - /// The maximum amount of time a connection may be reused. + /// The maximum number of seconds to keep + /// a connection alive for. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// the database. + /// maintain. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// the database. + /// use. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -51,7 +52,7 @@ public sealed class SecretBackendConnectionMysqlGetArgs : global::Pulumi.Resourc private Input? _password; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public Input? Password { @@ -102,13 +103,13 @@ public Input? TlsCertificateKey } /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// [Input("username")] public Input? Username { get; set; } /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// Template describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretBackendConnectionMysqlLegacyArgs.cs b/sdk/dotnet/Database/Inputs/SecretBackendConnectionMysqlLegacyArgs.cs index de96bff26..c6b68b598 100644 --- a/sdk/dotnet/Database/Inputs/SecretBackendConnectionMysqlLegacyArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretBackendConnectionMysqlLegacyArgs.cs @@ -13,30 +13,31 @@ namespace Pulumi.Vault.Database.Inputs public sealed class SecretBackendConnectionMysqlLegacyArgs : global::Pulumi.ResourceArgs { /// - /// Specifies the Redshift DSN. See + /// A URL containing connection information. See /// the [Vault - /// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + /// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) /// for an example. /// [Input("connectionUrl")] public Input? ConnectionUrl { get; set; } /// - /// The maximum amount of time a connection may be reused. + /// The maximum number of seconds to keep + /// a connection alive for. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// the database. + /// maintain. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// the database. + /// use. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -45,7 +46,7 @@ public sealed class SecretBackendConnectionMysqlLegacyArgs : global::Pulumi.Reso private Input? _password; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public Input? Password { @@ -58,13 +59,13 @@ public Input? Password } /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// [Input("username")] public Input? Username { get; set; } /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// Template describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretBackendConnectionMysqlLegacyGetArgs.cs b/sdk/dotnet/Database/Inputs/SecretBackendConnectionMysqlLegacyGetArgs.cs index 2816fd162..9d9b72bec 100644 --- a/sdk/dotnet/Database/Inputs/SecretBackendConnectionMysqlLegacyGetArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretBackendConnectionMysqlLegacyGetArgs.cs @@ -13,30 +13,31 @@ namespace Pulumi.Vault.Database.Inputs public sealed class SecretBackendConnectionMysqlLegacyGetArgs : global::Pulumi.ResourceArgs { /// - /// Specifies the Redshift DSN. See + /// A URL containing connection information. See /// the [Vault - /// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + /// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) /// for an example. /// [Input("connectionUrl")] public Input? ConnectionUrl { get; set; } /// - /// The maximum amount of time a connection may be reused. + /// The maximum number of seconds to keep + /// a connection alive for. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// the database. + /// maintain. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// the database. + /// use. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -45,7 +46,7 @@ public sealed class SecretBackendConnectionMysqlLegacyGetArgs : global::Pulumi.R private Input? _password; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public Input? Password { @@ -58,13 +59,13 @@ public Input? Password } /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// [Input("username")] public Input? Username { get; set; } /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// Template describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretBackendConnectionMysqlRdsArgs.cs b/sdk/dotnet/Database/Inputs/SecretBackendConnectionMysqlRdsArgs.cs index 5bf7bf757..bcbfa6fc6 100644 --- a/sdk/dotnet/Database/Inputs/SecretBackendConnectionMysqlRdsArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretBackendConnectionMysqlRdsArgs.cs @@ -13,30 +13,31 @@ namespace Pulumi.Vault.Database.Inputs public sealed class SecretBackendConnectionMysqlRdsArgs : global::Pulumi.ResourceArgs { /// - /// Specifies the Redshift DSN. See + /// A URL containing connection information. See /// the [Vault - /// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + /// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) /// for an example. /// [Input("connectionUrl")] public Input? ConnectionUrl { get; set; } /// - /// The maximum amount of time a connection may be reused. + /// The maximum number of seconds to keep + /// a connection alive for. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// the database. + /// maintain. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// the database. + /// use. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -45,7 +46,7 @@ public sealed class SecretBackendConnectionMysqlRdsArgs : global::Pulumi.Resourc private Input? _password; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public Input? Password { @@ -58,13 +59,13 @@ public Input? Password } /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// [Input("username")] public Input? Username { get; set; } /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// Template describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretBackendConnectionMysqlRdsGetArgs.cs b/sdk/dotnet/Database/Inputs/SecretBackendConnectionMysqlRdsGetArgs.cs index 0097e7eb9..044615290 100644 --- a/sdk/dotnet/Database/Inputs/SecretBackendConnectionMysqlRdsGetArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretBackendConnectionMysqlRdsGetArgs.cs @@ -13,30 +13,31 @@ namespace Pulumi.Vault.Database.Inputs public sealed class SecretBackendConnectionMysqlRdsGetArgs : global::Pulumi.ResourceArgs { /// - /// Specifies the Redshift DSN. See + /// A URL containing connection information. See /// the [Vault - /// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + /// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) /// for an example. /// [Input("connectionUrl")] public Input? ConnectionUrl { get; set; } /// - /// The maximum amount of time a connection may be reused. + /// The maximum number of seconds to keep + /// a connection alive for. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// the database. + /// maintain. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// the database. + /// use. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -45,7 +46,7 @@ public sealed class SecretBackendConnectionMysqlRdsGetArgs : global::Pulumi.Reso private Input? _password; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public Input? Password { @@ -58,13 +59,13 @@ public Input? Password } /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// [Input("username")] public Input? Username { get; set; } /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// Template describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretBackendConnectionOracleArgs.cs b/sdk/dotnet/Database/Inputs/SecretBackendConnectionOracleArgs.cs index bdf257136..ba8001650 100644 --- a/sdk/dotnet/Database/Inputs/SecretBackendConnectionOracleArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretBackendConnectionOracleArgs.cs @@ -13,30 +13,31 @@ namespace Pulumi.Vault.Database.Inputs public sealed class SecretBackendConnectionOracleArgs : global::Pulumi.ResourceArgs { /// - /// Specifies the Redshift DSN. See + /// A URL containing connection information. See /// the [Vault - /// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + /// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) /// for an example. /// [Input("connectionUrl")] public Input? ConnectionUrl { get; set; } /// - /// The maximum amount of time a connection may be reused. + /// The maximum number of seconds to keep + /// a connection alive for. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// the database. + /// maintain. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// the database. + /// use. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -45,7 +46,7 @@ public sealed class SecretBackendConnectionOracleArgs : global::Pulumi.ResourceA private Input? _password; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public Input? Password { @@ -58,13 +59,13 @@ public Input? Password } /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// [Input("username")] public Input? Username { get; set; } /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// Template describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretBackendConnectionOracleGetArgs.cs b/sdk/dotnet/Database/Inputs/SecretBackendConnectionOracleGetArgs.cs index ca52648bf..c7b054c51 100644 --- a/sdk/dotnet/Database/Inputs/SecretBackendConnectionOracleGetArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretBackendConnectionOracleGetArgs.cs @@ -13,30 +13,31 @@ namespace Pulumi.Vault.Database.Inputs public sealed class SecretBackendConnectionOracleGetArgs : global::Pulumi.ResourceArgs { /// - /// Specifies the Redshift DSN. See + /// A URL containing connection information. See /// the [Vault - /// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + /// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) /// for an example. /// [Input("connectionUrl")] public Input? ConnectionUrl { get; set; } /// - /// The maximum amount of time a connection may be reused. + /// The maximum number of seconds to keep + /// a connection alive for. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// the database. + /// maintain. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// the database. + /// use. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -45,7 +46,7 @@ public sealed class SecretBackendConnectionOracleGetArgs : global::Pulumi.Resour private Input? _password; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public Input? Password { @@ -58,13 +59,13 @@ public Input? Password } /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// [Input("username")] public Input? Username { get; set; } /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// Template describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretBackendConnectionPostgresqlArgs.cs b/sdk/dotnet/Database/Inputs/SecretBackendConnectionPostgresqlArgs.cs index 944f1e5a0..b221dbdf7 100644 --- a/sdk/dotnet/Database/Inputs/SecretBackendConnectionPostgresqlArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretBackendConnectionPostgresqlArgs.cs @@ -19,9 +19,9 @@ public sealed class SecretBackendConnectionPostgresqlArgs : global::Pulumi.Resou public Input? AuthType { get; set; } /// - /// Specifies the Redshift DSN. See + /// A URL containing connection information. See /// the [Vault - /// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + /// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) /// for an example. /// [Input("connectionUrl")] @@ -34,21 +34,22 @@ public sealed class SecretBackendConnectionPostgresqlArgs : global::Pulumi.Resou public Input? DisableEscaping { get; set; } /// - /// The maximum amount of time a connection may be reused. + /// The maximum number of seconds to keep + /// a connection alive for. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// the database. + /// maintain. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// the database. + /// use. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -57,7 +58,7 @@ public sealed class SecretBackendConnectionPostgresqlArgs : global::Pulumi.Resou private Input? _password; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public Input? Password { @@ -86,13 +87,13 @@ public Input? ServiceAccountJson } /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// [Input("username")] public Input? Username { get; set; } /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// Template describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretBackendConnectionPostgresqlGetArgs.cs b/sdk/dotnet/Database/Inputs/SecretBackendConnectionPostgresqlGetArgs.cs index 043039d39..517d50375 100644 --- a/sdk/dotnet/Database/Inputs/SecretBackendConnectionPostgresqlGetArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretBackendConnectionPostgresqlGetArgs.cs @@ -19,9 +19,9 @@ public sealed class SecretBackendConnectionPostgresqlGetArgs : global::Pulumi.Re public Input? AuthType { get; set; } /// - /// Specifies the Redshift DSN. See + /// A URL containing connection information. See /// the [Vault - /// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + /// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) /// for an example. /// [Input("connectionUrl")] @@ -34,21 +34,22 @@ public sealed class SecretBackendConnectionPostgresqlGetArgs : global::Pulumi.Re public Input? DisableEscaping { get; set; } /// - /// The maximum amount of time a connection may be reused. + /// The maximum number of seconds to keep + /// a connection alive for. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// the database. + /// maintain. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// the database. + /// use. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -57,7 +58,7 @@ public sealed class SecretBackendConnectionPostgresqlGetArgs : global::Pulumi.Re private Input? _password; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public Input? Password { @@ -86,13 +87,13 @@ public Input? ServiceAccountJson } /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// [Input("username")] public Input? Username { get; set; } /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// Template describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretBackendConnectionRedisArgs.cs b/sdk/dotnet/Database/Inputs/SecretBackendConnectionRedisArgs.cs index 919c58bc0..5c9835467 100644 --- a/sdk/dotnet/Database/Inputs/SecretBackendConnectionRedisArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretBackendConnectionRedisArgs.cs @@ -35,7 +35,7 @@ public sealed class SecretBackendConnectionRedisArgs : global::Pulumi.ResourceAr private Input? _password; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public Input? Password { @@ -55,13 +55,13 @@ public Input? Password public Input? Port { get; set; } /// - /// Whether to use TLS when connecting to Redis. + /// Whether to use TLS when connecting to Cassandra. /// [Input("tls")] public Input? Tls { get; set; } /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// [Input("username", required: true)] public Input Username { get; set; } = null!; diff --git a/sdk/dotnet/Database/Inputs/SecretBackendConnectionRedisElasticacheArgs.cs b/sdk/dotnet/Database/Inputs/SecretBackendConnectionRedisElasticacheArgs.cs index 20bbb929a..c229fb2ed 100644 --- a/sdk/dotnet/Database/Inputs/SecretBackendConnectionRedisElasticacheArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretBackendConnectionRedisElasticacheArgs.cs @@ -16,7 +16,7 @@ public sealed class SecretBackendConnectionRedisElasticacheArgs : global::Pulumi private Input? _password; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public Input? Password { @@ -45,7 +45,7 @@ public Input? Password private Input? _username; /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// public Input? Username { diff --git a/sdk/dotnet/Database/Inputs/SecretBackendConnectionRedisElasticacheGetArgs.cs b/sdk/dotnet/Database/Inputs/SecretBackendConnectionRedisElasticacheGetArgs.cs index 749f8b470..9f33f5258 100644 --- a/sdk/dotnet/Database/Inputs/SecretBackendConnectionRedisElasticacheGetArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretBackendConnectionRedisElasticacheGetArgs.cs @@ -16,7 +16,7 @@ public sealed class SecretBackendConnectionRedisElasticacheGetArgs : global::Pul private Input? _password; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public Input? Password { @@ -45,7 +45,7 @@ public Input? Password private Input? _username; /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// public Input? Username { diff --git a/sdk/dotnet/Database/Inputs/SecretBackendConnectionRedisGetArgs.cs b/sdk/dotnet/Database/Inputs/SecretBackendConnectionRedisGetArgs.cs index d5fd96882..b74d531fc 100644 --- a/sdk/dotnet/Database/Inputs/SecretBackendConnectionRedisGetArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretBackendConnectionRedisGetArgs.cs @@ -35,7 +35,7 @@ public sealed class SecretBackendConnectionRedisGetArgs : global::Pulumi.Resourc private Input? _password; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public Input? Password { @@ -55,13 +55,13 @@ public Input? Password public Input? Port { get; set; } /// - /// Whether to use TLS when connecting to Redis. + /// Whether to use TLS when connecting to Cassandra. /// [Input("tls")] public Input? Tls { get; set; } /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// [Input("username", required: true)] public Input Username { get; set; } = null!; diff --git a/sdk/dotnet/Database/Inputs/SecretBackendConnectionRedshiftArgs.cs b/sdk/dotnet/Database/Inputs/SecretBackendConnectionRedshiftArgs.cs index ac53325ae..e3ad05218 100644 --- a/sdk/dotnet/Database/Inputs/SecretBackendConnectionRedshiftArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretBackendConnectionRedshiftArgs.cs @@ -13,9 +13,9 @@ namespace Pulumi.Vault.Database.Inputs public sealed class SecretBackendConnectionRedshiftArgs : global::Pulumi.ResourceArgs { /// - /// Specifies the Redshift DSN. See + /// A URL containing connection information. See /// the [Vault - /// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + /// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) /// for an example. /// [Input("connectionUrl")] @@ -28,21 +28,22 @@ public sealed class SecretBackendConnectionRedshiftArgs : global::Pulumi.Resourc public Input? DisableEscaping { get; set; } /// - /// The maximum amount of time a connection may be reused. + /// The maximum number of seconds to keep + /// a connection alive for. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// the database. + /// maintain. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// the database. + /// use. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -51,7 +52,7 @@ public sealed class SecretBackendConnectionRedshiftArgs : global::Pulumi.Resourc private Input? _password; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public Input? Password { @@ -64,13 +65,13 @@ public Input? Password } /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// [Input("username")] public Input? Username { get; set; } /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// Template describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretBackendConnectionRedshiftGetArgs.cs b/sdk/dotnet/Database/Inputs/SecretBackendConnectionRedshiftGetArgs.cs index 361b28b22..7cfa09017 100644 --- a/sdk/dotnet/Database/Inputs/SecretBackendConnectionRedshiftGetArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretBackendConnectionRedshiftGetArgs.cs @@ -13,9 +13,9 @@ namespace Pulumi.Vault.Database.Inputs public sealed class SecretBackendConnectionRedshiftGetArgs : global::Pulumi.ResourceArgs { /// - /// Specifies the Redshift DSN. See + /// A URL containing connection information. See /// the [Vault - /// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + /// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) /// for an example. /// [Input("connectionUrl")] @@ -28,21 +28,22 @@ public sealed class SecretBackendConnectionRedshiftGetArgs : global::Pulumi.Reso public Input? DisableEscaping { get; set; } /// - /// The maximum amount of time a connection may be reused. + /// The maximum number of seconds to keep + /// a connection alive for. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// the database. + /// maintain. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// the database. + /// use. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -51,7 +52,7 @@ public sealed class SecretBackendConnectionRedshiftGetArgs : global::Pulumi.Reso private Input? _password; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public Input? Password { @@ -64,13 +65,13 @@ public Input? Password } /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// [Input("username")] public Input? Username { get; set; } /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// Template describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretBackendConnectionSnowflakeArgs.cs b/sdk/dotnet/Database/Inputs/SecretBackendConnectionSnowflakeArgs.cs index 39af51734..d29624633 100644 --- a/sdk/dotnet/Database/Inputs/SecretBackendConnectionSnowflakeArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretBackendConnectionSnowflakeArgs.cs @@ -13,30 +13,31 @@ namespace Pulumi.Vault.Database.Inputs public sealed class SecretBackendConnectionSnowflakeArgs : global::Pulumi.ResourceArgs { /// - /// Specifies the Redshift DSN. See + /// A URL containing connection information. See /// the [Vault - /// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + /// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) /// for an example. /// [Input("connectionUrl")] public Input? ConnectionUrl { get; set; } /// - /// The maximum amount of time a connection may be reused. + /// The maximum number of seconds to keep + /// a connection alive for. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// the database. + /// maintain. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// the database. + /// use. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -45,7 +46,7 @@ public sealed class SecretBackendConnectionSnowflakeArgs : global::Pulumi.Resour private Input? _password; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public Input? Password { @@ -58,13 +59,13 @@ public Input? Password } /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// [Input("username")] public Input? Username { get; set; } /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// Template describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretBackendConnectionSnowflakeGetArgs.cs b/sdk/dotnet/Database/Inputs/SecretBackendConnectionSnowflakeGetArgs.cs index 2d3023828..64a794027 100644 --- a/sdk/dotnet/Database/Inputs/SecretBackendConnectionSnowflakeGetArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretBackendConnectionSnowflakeGetArgs.cs @@ -13,30 +13,31 @@ namespace Pulumi.Vault.Database.Inputs public sealed class SecretBackendConnectionSnowflakeGetArgs : global::Pulumi.ResourceArgs { /// - /// Specifies the Redshift DSN. See + /// A URL containing connection information. See /// the [Vault - /// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + /// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) /// for an example. /// [Input("connectionUrl")] public Input? ConnectionUrl { get; set; } /// - /// The maximum amount of time a connection may be reused. + /// The maximum number of seconds to keep + /// a connection alive for. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// the database. + /// maintain. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// the database. + /// use. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -45,7 +46,7 @@ public sealed class SecretBackendConnectionSnowflakeGetArgs : global::Pulumi.Res private Input? _password; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public Input? Password { @@ -58,13 +59,13 @@ public Input? Password } /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// [Input("username")] public Input? Username { get; set; } /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// Template describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretsMountCassandraArgs.cs b/sdk/dotnet/Database/Inputs/SecretsMountCassandraArgs.cs index e5b217057..473a9caf3 100644 --- a/sdk/dotnet/Database/Inputs/SecretsMountCassandraArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretsMountCassandraArgs.cs @@ -37,6 +37,8 @@ public InputList AllowedRoles /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public InputMap Data { @@ -48,7 +50,7 @@ public InputMap Data private InputList? _hosts; /// - /// A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + /// The hosts to connect to. /// public InputList Hosts { @@ -70,7 +72,7 @@ public InputList Hosts private Input? _password; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public Input? Password { @@ -147,13 +149,13 @@ public InputList RootRotationStatements } /// - /// Whether to use TLS when connecting to Redis. + /// Whether to use TLS when connecting to Cassandra. /// [Input("tls")] public Input? Tls { get; set; } /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// [Input("username")] public Input? Username { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretsMountCassandraGetArgs.cs b/sdk/dotnet/Database/Inputs/SecretsMountCassandraGetArgs.cs index 0e6a37b7a..6d8319038 100644 --- a/sdk/dotnet/Database/Inputs/SecretsMountCassandraGetArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretsMountCassandraGetArgs.cs @@ -37,6 +37,8 @@ public InputList AllowedRoles /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public InputMap Data { @@ -48,7 +50,7 @@ public InputMap Data private InputList? _hosts; /// - /// A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + /// The hosts to connect to. /// public InputList Hosts { @@ -70,7 +72,7 @@ public InputList Hosts private Input? _password; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public Input? Password { @@ -147,13 +149,13 @@ public InputList RootRotationStatements } /// - /// Whether to use TLS when connecting to Redis. + /// Whether to use TLS when connecting to Cassandra. /// [Input("tls")] public Input? Tls { get; set; } /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// [Input("username")] public Input? Username { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretsMountCouchbaseArgs.cs b/sdk/dotnet/Database/Inputs/SecretsMountCouchbaseArgs.cs index fff9989c6..26b3db425 100644 --- a/sdk/dotnet/Database/Inputs/SecretsMountCouchbaseArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretsMountCouchbaseArgs.cs @@ -52,6 +52,8 @@ public Input? Base64Pem /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public InputMap Data { @@ -63,7 +65,7 @@ public InputMap Data private InputList? _hosts; /// - /// A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + /// The hosts to connect to. /// public InputList Hosts { @@ -85,7 +87,7 @@ public InputList Hosts private Input? _password; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public Input? Password { @@ -116,19 +118,19 @@ public InputList RootRotationStatements } /// - /// Whether to use TLS when connecting to Redis. + /// Whether to use TLS when connecting to Cassandra. /// [Input("tls")] public Input? Tls { get; set; } /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// [Input("username", required: true)] public Input Username { get; set; } = null!; /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretsMountCouchbaseGetArgs.cs b/sdk/dotnet/Database/Inputs/SecretsMountCouchbaseGetArgs.cs index 133ff2df9..d08da3838 100644 --- a/sdk/dotnet/Database/Inputs/SecretsMountCouchbaseGetArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretsMountCouchbaseGetArgs.cs @@ -52,6 +52,8 @@ public Input? Base64Pem /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public InputMap Data { @@ -63,7 +65,7 @@ public InputMap Data private InputList? _hosts; /// - /// A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + /// The hosts to connect to. /// public InputList Hosts { @@ -85,7 +87,7 @@ public InputList Hosts private Input? _password; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public Input? Password { @@ -116,19 +118,19 @@ public InputList RootRotationStatements } /// - /// Whether to use TLS when connecting to Redis. + /// Whether to use TLS when connecting to Cassandra. /// [Input("tls")] public Input? Tls { get; set; } /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// [Input("username", required: true)] public Input Username { get; set; } = null!; /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretsMountElasticsearchArgs.cs b/sdk/dotnet/Database/Inputs/SecretsMountElasticsearchArgs.cs index 2ccec8553..45f54b702 100644 --- a/sdk/dotnet/Database/Inputs/SecretsMountElasticsearchArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretsMountElasticsearchArgs.cs @@ -26,7 +26,7 @@ public InputList AllowedRoles } /// - /// The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity. + /// The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. /// [Input("caCert")] public Input? CaCert { get; set; } @@ -54,6 +54,8 @@ public InputList AllowedRoles /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public InputMap Data { @@ -74,7 +76,7 @@ public InputMap Data private Input? _password; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public Input? Password { @@ -111,19 +113,20 @@ public InputList RootRotationStatements public Input? TlsServerName { get; set; } /// - /// The configuration endpoint for the ElastiCache cluster to connect to. + /// The URL for Elasticsearch's API. https requires certificate + /// by trusted CA if used. /// [Input("url", required: true)] public Input Url { get; set; } = null!; /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// [Input("username", required: true)] public Input Username { get; set; } = null!; /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretsMountElasticsearchGetArgs.cs b/sdk/dotnet/Database/Inputs/SecretsMountElasticsearchGetArgs.cs index 4d6fb5912..a4d3c97f3 100644 --- a/sdk/dotnet/Database/Inputs/SecretsMountElasticsearchGetArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretsMountElasticsearchGetArgs.cs @@ -26,7 +26,7 @@ public InputList AllowedRoles } /// - /// The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity. + /// The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. /// [Input("caCert")] public Input? CaCert { get; set; } @@ -54,6 +54,8 @@ public InputList AllowedRoles /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public InputMap Data { @@ -74,7 +76,7 @@ public InputMap Data private Input? _password; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public Input? Password { @@ -111,19 +113,20 @@ public InputList RootRotationStatements public Input? TlsServerName { get; set; } /// - /// The configuration endpoint for the ElastiCache cluster to connect to. + /// The URL for Elasticsearch's API. https requires certificate + /// by trusted CA if used. /// [Input("url", required: true)] public Input Url { get; set; } = null!; /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// [Input("username", required: true)] public Input Username { get; set; } = null!; /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretsMountHanaArgs.cs b/sdk/dotnet/Database/Inputs/SecretsMountHanaArgs.cs index 633ff04eb..411aaba00 100644 --- a/sdk/dotnet/Database/Inputs/SecretsMountHanaArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretsMountHanaArgs.cs @@ -26,8 +26,8 @@ public InputList AllowedRoles } /// - /// A URL containing connection information. - /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + /// Specifies the Redshift DSN. + /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) /// [Input("connectionUrl")] public Input? ConnectionUrl { get; set; } @@ -37,6 +37,8 @@ public InputList AllowedRoles /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public InputMap Data { @@ -51,22 +53,21 @@ public InputMap Data public Input? DisableEscaping { get; set; } /// - /// The maximum number of seconds to keep - /// a connection alive for. + /// The maximum amount of time a connection may be reused. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// maintain. + /// the database. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// use. + /// the database. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -78,7 +79,7 @@ public InputMap Data private Input? _password; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public Input? Password { @@ -109,7 +110,7 @@ public InputList RootRotationStatements } /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// [Input("username")] public Input? Username { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretsMountHanaGetArgs.cs b/sdk/dotnet/Database/Inputs/SecretsMountHanaGetArgs.cs index 6be81d883..4b7e3ab41 100644 --- a/sdk/dotnet/Database/Inputs/SecretsMountHanaGetArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretsMountHanaGetArgs.cs @@ -26,8 +26,8 @@ public InputList AllowedRoles } /// - /// A URL containing connection information. - /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + /// Specifies the Redshift DSN. + /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) /// [Input("connectionUrl")] public Input? ConnectionUrl { get; set; } @@ -37,6 +37,8 @@ public InputList AllowedRoles /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public InputMap Data { @@ -51,22 +53,21 @@ public InputMap Data public Input? DisableEscaping { get; set; } /// - /// The maximum number of seconds to keep - /// a connection alive for. + /// The maximum amount of time a connection may be reused. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// maintain. + /// the database. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// use. + /// the database. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -78,7 +79,7 @@ public InputMap Data private Input? _password; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public Input? Password { @@ -109,7 +110,7 @@ public InputList RootRotationStatements } /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// [Input("username")] public Input? Username { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretsMountInfluxdbArgs.cs b/sdk/dotnet/Database/Inputs/SecretsMountInfluxdbArgs.cs index 416f917d7..00e09dc17 100644 --- a/sdk/dotnet/Database/Inputs/SecretsMountInfluxdbArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretsMountInfluxdbArgs.cs @@ -37,6 +37,8 @@ public InputList AllowedRoles /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public InputMap Data { @@ -64,7 +66,7 @@ public InputMap Data private Input? _password; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public Input? Password { @@ -135,19 +137,19 @@ public InputList RootRotationStatements } /// - /// Whether to use TLS when connecting to Redis. + /// Whether to use TLS when connecting to Cassandra. /// [Input("tls")] public Input? Tls { get; set; } /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// [Input("username", required: true)] public Input Username { get; set; } = null!; /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretsMountInfluxdbGetArgs.cs b/sdk/dotnet/Database/Inputs/SecretsMountInfluxdbGetArgs.cs index a4e0965ab..287417526 100644 --- a/sdk/dotnet/Database/Inputs/SecretsMountInfluxdbGetArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretsMountInfluxdbGetArgs.cs @@ -37,6 +37,8 @@ public InputList AllowedRoles /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public InputMap Data { @@ -64,7 +66,7 @@ public InputMap Data private Input? _password; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public Input? Password { @@ -135,19 +137,19 @@ public InputList RootRotationStatements } /// - /// Whether to use TLS when connecting to Redis. + /// Whether to use TLS when connecting to Cassandra. /// [Input("tls")] public Input? Tls { get; set; } /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// [Input("username", required: true)] public Input Username { get; set; } = null!; /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretsMountMongodbArgs.cs b/sdk/dotnet/Database/Inputs/SecretsMountMongodbArgs.cs index a9dd156d5..3575eb87d 100644 --- a/sdk/dotnet/Database/Inputs/SecretsMountMongodbArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretsMountMongodbArgs.cs @@ -26,8 +26,8 @@ public InputList AllowedRoles } /// - /// A URL containing connection information. - /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + /// Specifies the Redshift DSN. + /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) /// [Input("connectionUrl")] public Input? ConnectionUrl { get; set; } @@ -37,6 +37,8 @@ public InputList AllowedRoles /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public InputMap Data { @@ -45,22 +47,21 @@ public InputMap Data } /// - /// The maximum number of seconds to keep - /// a connection alive for. + /// The maximum amount of time a connection may be reused. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// maintain. + /// the database. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// use. + /// the database. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -72,7 +73,7 @@ public InputMap Data private Input? _password; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public Input? Password { @@ -103,13 +104,13 @@ public InputList RootRotationStatements } /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// [Input("username")] public Input? Username { get; set; } /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretsMountMongodbGetArgs.cs b/sdk/dotnet/Database/Inputs/SecretsMountMongodbGetArgs.cs index d59ff1716..3986ab5c7 100644 --- a/sdk/dotnet/Database/Inputs/SecretsMountMongodbGetArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretsMountMongodbGetArgs.cs @@ -26,8 +26,8 @@ public InputList AllowedRoles } /// - /// A URL containing connection information. - /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + /// Specifies the Redshift DSN. + /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) /// [Input("connectionUrl")] public Input? ConnectionUrl { get; set; } @@ -37,6 +37,8 @@ public InputList AllowedRoles /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public InputMap Data { @@ -45,22 +47,21 @@ public InputMap Data } /// - /// The maximum number of seconds to keep - /// a connection alive for. + /// The maximum amount of time a connection may be reused. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// maintain. + /// the database. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// use. + /// the database. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -72,7 +73,7 @@ public InputMap Data private Input? _password; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public Input? Password { @@ -103,13 +104,13 @@ public InputList RootRotationStatements } /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// [Input("username")] public Input? Username { get; set; } /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretsMountMongodbatlaArgs.cs b/sdk/dotnet/Database/Inputs/SecretsMountMongodbatlaArgs.cs index 0fa50b025..ea37b9cc3 100644 --- a/sdk/dotnet/Database/Inputs/SecretsMountMongodbatlaArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretsMountMongodbatlaArgs.cs @@ -30,6 +30,8 @@ public InputList AllowedRoles /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public InputMap Data { diff --git a/sdk/dotnet/Database/Inputs/SecretsMountMongodbatlaGetArgs.cs b/sdk/dotnet/Database/Inputs/SecretsMountMongodbatlaGetArgs.cs index 1ed0d09f7..23e4ad8cd 100644 --- a/sdk/dotnet/Database/Inputs/SecretsMountMongodbatlaGetArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretsMountMongodbatlaGetArgs.cs @@ -30,6 +30,8 @@ public InputList AllowedRoles /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public InputMap Data { diff --git a/sdk/dotnet/Database/Inputs/SecretsMountMssqlArgs.cs b/sdk/dotnet/Database/Inputs/SecretsMountMssqlArgs.cs index b2f7ce775..635d89b10 100644 --- a/sdk/dotnet/Database/Inputs/SecretsMountMssqlArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretsMountMssqlArgs.cs @@ -26,8 +26,8 @@ public InputList AllowedRoles } /// - /// A URL containing connection information. - /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + /// Specifies the Redshift DSN. + /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) /// [Input("connectionUrl")] public Input? ConnectionUrl { get; set; } @@ -45,6 +45,8 @@ public InputList AllowedRoles /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public InputMap Data { @@ -59,22 +61,21 @@ public InputMap Data public Input? DisableEscaping { get; set; } /// - /// The maximum number of seconds to keep - /// a connection alive for. + /// The maximum amount of time a connection may be reused. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// maintain. + /// the database. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// use. + /// the database. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -86,7 +87,7 @@ public InputMap Data private Input? _password; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public Input? Password { @@ -117,13 +118,13 @@ public InputList RootRotationStatements } /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// [Input("username")] public Input? Username { get; set; } /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretsMountMssqlGetArgs.cs b/sdk/dotnet/Database/Inputs/SecretsMountMssqlGetArgs.cs index 3279fa3ec..e69f225fe 100644 --- a/sdk/dotnet/Database/Inputs/SecretsMountMssqlGetArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretsMountMssqlGetArgs.cs @@ -26,8 +26,8 @@ public InputList AllowedRoles } /// - /// A URL containing connection information. - /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + /// Specifies the Redshift DSN. + /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) /// [Input("connectionUrl")] public Input? ConnectionUrl { get; set; } @@ -45,6 +45,8 @@ public InputList AllowedRoles /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public InputMap Data { @@ -59,22 +61,21 @@ public InputMap Data public Input? DisableEscaping { get; set; } /// - /// The maximum number of seconds to keep - /// a connection alive for. + /// The maximum amount of time a connection may be reused. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// maintain. + /// the database. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// use. + /// the database. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -86,7 +87,7 @@ public InputMap Data private Input? _password; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public Input? Password { @@ -117,13 +118,13 @@ public InputList RootRotationStatements } /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// [Input("username")] public Input? Username { get; set; } /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretsMountMysqlArgs.cs b/sdk/dotnet/Database/Inputs/SecretsMountMysqlArgs.cs index d850786d6..e6b09939f 100644 --- a/sdk/dotnet/Database/Inputs/SecretsMountMysqlArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretsMountMysqlArgs.cs @@ -29,8 +29,8 @@ public InputList AllowedRoles public Input? AuthType { get; set; } /// - /// A URL containing connection information. - /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + /// Specifies the Redshift DSN. + /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) /// [Input("connectionUrl")] public Input? ConnectionUrl { get; set; } @@ -40,6 +40,8 @@ public InputList AllowedRoles /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public InputMap Data { @@ -48,22 +50,21 @@ public InputMap Data } /// - /// The maximum number of seconds to keep - /// a connection alive for. + /// The maximum amount of time a connection may be reused. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// maintain. + /// the database. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// use. + /// the database. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -75,7 +76,7 @@ public InputMap Data private Input? _password; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public Input? Password { @@ -140,13 +141,13 @@ public Input? TlsCertificateKey } /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// [Input("username")] public Input? Username { get; set; } /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretsMountMysqlAuroraArgs.cs b/sdk/dotnet/Database/Inputs/SecretsMountMysqlAuroraArgs.cs index ff7b565e7..daf23ea56 100644 --- a/sdk/dotnet/Database/Inputs/SecretsMountMysqlAuroraArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretsMountMysqlAuroraArgs.cs @@ -26,8 +26,8 @@ public InputList AllowedRoles } /// - /// A URL containing connection information. - /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + /// Specifies the Redshift DSN. + /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) /// [Input("connectionUrl")] public Input? ConnectionUrl { get; set; } @@ -37,6 +37,8 @@ public InputList AllowedRoles /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public InputMap Data { @@ -45,22 +47,21 @@ public InputMap Data } /// - /// The maximum number of seconds to keep - /// a connection alive for. + /// The maximum amount of time a connection may be reused. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// maintain. + /// the database. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// use. + /// the database. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -72,7 +73,7 @@ public InputMap Data private Input? _password; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public Input? Password { @@ -103,13 +104,13 @@ public InputList RootRotationStatements } /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// [Input("username")] public Input? Username { get; set; } /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretsMountMysqlAuroraGetArgs.cs b/sdk/dotnet/Database/Inputs/SecretsMountMysqlAuroraGetArgs.cs index e236b17f1..70971cb80 100644 --- a/sdk/dotnet/Database/Inputs/SecretsMountMysqlAuroraGetArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretsMountMysqlAuroraGetArgs.cs @@ -26,8 +26,8 @@ public InputList AllowedRoles } /// - /// A URL containing connection information. - /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + /// Specifies the Redshift DSN. + /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) /// [Input("connectionUrl")] public Input? ConnectionUrl { get; set; } @@ -37,6 +37,8 @@ public InputList AllowedRoles /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public InputMap Data { @@ -45,22 +47,21 @@ public InputMap Data } /// - /// The maximum number of seconds to keep - /// a connection alive for. + /// The maximum amount of time a connection may be reused. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// maintain. + /// the database. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// use. + /// the database. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -72,7 +73,7 @@ public InputMap Data private Input? _password; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public Input? Password { @@ -103,13 +104,13 @@ public InputList RootRotationStatements } /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// [Input("username")] public Input? Username { get; set; } /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretsMountMysqlGetArgs.cs b/sdk/dotnet/Database/Inputs/SecretsMountMysqlGetArgs.cs index 67f77086b..4266e7a1c 100644 --- a/sdk/dotnet/Database/Inputs/SecretsMountMysqlGetArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretsMountMysqlGetArgs.cs @@ -29,8 +29,8 @@ public InputList AllowedRoles public Input? AuthType { get; set; } /// - /// A URL containing connection information. - /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + /// Specifies the Redshift DSN. + /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) /// [Input("connectionUrl")] public Input? ConnectionUrl { get; set; } @@ -40,6 +40,8 @@ public InputList AllowedRoles /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public InputMap Data { @@ -48,22 +50,21 @@ public InputMap Data } /// - /// The maximum number of seconds to keep - /// a connection alive for. + /// The maximum amount of time a connection may be reused. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// maintain. + /// the database. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// use. + /// the database. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -75,7 +76,7 @@ public InputMap Data private Input? _password; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public Input? Password { @@ -140,13 +141,13 @@ public Input? TlsCertificateKey } /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// [Input("username")] public Input? Username { get; set; } /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretsMountMysqlLegacyArgs.cs b/sdk/dotnet/Database/Inputs/SecretsMountMysqlLegacyArgs.cs index 501f07a8b..ae17db81c 100644 --- a/sdk/dotnet/Database/Inputs/SecretsMountMysqlLegacyArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretsMountMysqlLegacyArgs.cs @@ -26,8 +26,8 @@ public InputList AllowedRoles } /// - /// A URL containing connection information. - /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + /// Specifies the Redshift DSN. + /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) /// [Input("connectionUrl")] public Input? ConnectionUrl { get; set; } @@ -37,6 +37,8 @@ public InputList AllowedRoles /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public InputMap Data { @@ -45,22 +47,21 @@ public InputMap Data } /// - /// The maximum number of seconds to keep - /// a connection alive for. + /// The maximum amount of time a connection may be reused. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// maintain. + /// the database. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// use. + /// the database. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -72,7 +73,7 @@ public InputMap Data private Input? _password; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public Input? Password { @@ -103,13 +104,13 @@ public InputList RootRotationStatements } /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// [Input("username")] public Input? Username { get; set; } /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretsMountMysqlLegacyGetArgs.cs b/sdk/dotnet/Database/Inputs/SecretsMountMysqlLegacyGetArgs.cs index 81b656dc9..b69b22348 100644 --- a/sdk/dotnet/Database/Inputs/SecretsMountMysqlLegacyGetArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretsMountMysqlLegacyGetArgs.cs @@ -26,8 +26,8 @@ public InputList AllowedRoles } /// - /// A URL containing connection information. - /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + /// Specifies the Redshift DSN. + /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) /// [Input("connectionUrl")] public Input? ConnectionUrl { get; set; } @@ -37,6 +37,8 @@ public InputList AllowedRoles /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public InputMap Data { @@ -45,22 +47,21 @@ public InputMap Data } /// - /// The maximum number of seconds to keep - /// a connection alive for. + /// The maximum amount of time a connection may be reused. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// maintain. + /// the database. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// use. + /// the database. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -72,7 +73,7 @@ public InputMap Data private Input? _password; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public Input? Password { @@ -103,13 +104,13 @@ public InputList RootRotationStatements } /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// [Input("username")] public Input? Username { get; set; } /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretsMountMysqlRdArgs.cs b/sdk/dotnet/Database/Inputs/SecretsMountMysqlRdArgs.cs index da70750cf..414748d8c 100644 --- a/sdk/dotnet/Database/Inputs/SecretsMountMysqlRdArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretsMountMysqlRdArgs.cs @@ -26,8 +26,8 @@ public InputList AllowedRoles } /// - /// A URL containing connection information. - /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + /// Specifies the Redshift DSN. + /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) /// [Input("connectionUrl")] public Input? ConnectionUrl { get; set; } @@ -37,6 +37,8 @@ public InputList AllowedRoles /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public InputMap Data { @@ -45,22 +47,21 @@ public InputMap Data } /// - /// The maximum number of seconds to keep - /// a connection alive for. + /// The maximum amount of time a connection may be reused. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// maintain. + /// the database. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// use. + /// the database. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -72,7 +73,7 @@ public InputMap Data private Input? _password; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public Input? Password { @@ -103,13 +104,13 @@ public InputList RootRotationStatements } /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// [Input("username")] public Input? Username { get; set; } /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretsMountMysqlRdGetArgs.cs b/sdk/dotnet/Database/Inputs/SecretsMountMysqlRdGetArgs.cs index 7d0612d82..8fe85001a 100644 --- a/sdk/dotnet/Database/Inputs/SecretsMountMysqlRdGetArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretsMountMysqlRdGetArgs.cs @@ -26,8 +26,8 @@ public InputList AllowedRoles } /// - /// A URL containing connection information. - /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + /// Specifies the Redshift DSN. + /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) /// [Input("connectionUrl")] public Input? ConnectionUrl { get; set; } @@ -37,6 +37,8 @@ public InputList AllowedRoles /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public InputMap Data { @@ -45,22 +47,21 @@ public InputMap Data } /// - /// The maximum number of seconds to keep - /// a connection alive for. + /// The maximum amount of time a connection may be reused. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// maintain. + /// the database. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// use. + /// the database. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -72,7 +73,7 @@ public InputMap Data private Input? _password; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public Input? Password { @@ -103,13 +104,13 @@ public InputList RootRotationStatements } /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// [Input("username")] public Input? Username { get; set; } /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretsMountOracleArgs.cs b/sdk/dotnet/Database/Inputs/SecretsMountOracleArgs.cs index c3954233e..6d1089877 100644 --- a/sdk/dotnet/Database/Inputs/SecretsMountOracleArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretsMountOracleArgs.cs @@ -26,8 +26,8 @@ public InputList AllowedRoles } /// - /// A URL containing connection information. - /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + /// Specifies the Redshift DSN. + /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) /// [Input("connectionUrl")] public Input? ConnectionUrl { get; set; } @@ -37,6 +37,8 @@ public InputList AllowedRoles /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public InputMap Data { @@ -45,22 +47,21 @@ public InputMap Data } /// - /// The maximum number of seconds to keep - /// a connection alive for. + /// The maximum amount of time a connection may be reused. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// maintain. + /// the database. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// use. + /// the database. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -72,7 +73,7 @@ public InputMap Data private Input? _password; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public Input? Password { @@ -103,13 +104,13 @@ public InputList RootRotationStatements } /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// [Input("username")] public Input? Username { get; set; } /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretsMountOracleGetArgs.cs b/sdk/dotnet/Database/Inputs/SecretsMountOracleGetArgs.cs index 0666d889f..0465851ff 100644 --- a/sdk/dotnet/Database/Inputs/SecretsMountOracleGetArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretsMountOracleGetArgs.cs @@ -26,8 +26,8 @@ public InputList AllowedRoles } /// - /// A URL containing connection information. - /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + /// Specifies the Redshift DSN. + /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) /// [Input("connectionUrl")] public Input? ConnectionUrl { get; set; } @@ -37,6 +37,8 @@ public InputList AllowedRoles /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public InputMap Data { @@ -45,22 +47,21 @@ public InputMap Data } /// - /// The maximum number of seconds to keep - /// a connection alive for. + /// The maximum amount of time a connection may be reused. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// maintain. + /// the database. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// use. + /// the database. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -72,7 +73,7 @@ public InputMap Data private Input? _password; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public Input? Password { @@ -103,13 +104,13 @@ public InputList RootRotationStatements } /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// [Input("username")] public Input? Username { get; set; } /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretsMountPostgresqlArgs.cs b/sdk/dotnet/Database/Inputs/SecretsMountPostgresqlArgs.cs index b86ef0ffa..e015e3ec7 100644 --- a/sdk/dotnet/Database/Inputs/SecretsMountPostgresqlArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretsMountPostgresqlArgs.cs @@ -29,8 +29,8 @@ public InputList AllowedRoles public Input? AuthType { get; set; } /// - /// A URL containing connection information. - /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + /// Specifies the Redshift DSN. + /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) /// [Input("connectionUrl")] public Input? ConnectionUrl { get; set; } @@ -40,6 +40,8 @@ public InputList AllowedRoles /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public InputMap Data { @@ -54,22 +56,21 @@ public InputMap Data public Input? DisableEscaping { get; set; } /// - /// The maximum number of seconds to keep - /// a connection alive for. + /// The maximum amount of time a connection may be reused. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// maintain. + /// the database. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// use. + /// the database. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -81,7 +82,7 @@ public InputMap Data private Input? _password; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public Input? Password { @@ -124,13 +125,13 @@ public Input? ServiceAccountJson } /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// [Input("username")] public Input? Username { get; set; } /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretsMountPostgresqlGetArgs.cs b/sdk/dotnet/Database/Inputs/SecretsMountPostgresqlGetArgs.cs index c403bf3d7..06f89bbd0 100644 --- a/sdk/dotnet/Database/Inputs/SecretsMountPostgresqlGetArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretsMountPostgresqlGetArgs.cs @@ -29,8 +29,8 @@ public InputList AllowedRoles public Input? AuthType { get; set; } /// - /// A URL containing connection information. - /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + /// Specifies the Redshift DSN. + /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) /// [Input("connectionUrl")] public Input? ConnectionUrl { get; set; } @@ -40,6 +40,8 @@ public InputList AllowedRoles /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public InputMap Data { @@ -54,22 +56,21 @@ public InputMap Data public Input? DisableEscaping { get; set; } /// - /// The maximum number of seconds to keep - /// a connection alive for. + /// The maximum amount of time a connection may be reused. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// maintain. + /// the database. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// use. + /// the database. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -81,7 +82,7 @@ public InputMap Data private Input? _password; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public Input? Password { @@ -124,13 +125,13 @@ public Input? ServiceAccountJson } /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// [Input("username")] public Input? Username { get; set; } /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretsMountRediArgs.cs b/sdk/dotnet/Database/Inputs/SecretsMountRediArgs.cs index e5dd39ba3..2a06e0107 100644 --- a/sdk/dotnet/Database/Inputs/SecretsMountRediArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretsMountRediArgs.cs @@ -26,7 +26,7 @@ public InputList AllowedRoles } /// - /// The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity. + /// The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. /// [Input("caCert")] public Input? CaCert { get; set; } @@ -36,6 +36,8 @@ public InputList AllowedRoles /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public InputMap Data { @@ -63,7 +65,7 @@ public InputMap Data private Input? _password; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public Input? Password { @@ -101,13 +103,13 @@ public InputList RootRotationStatements } /// - /// Whether to use TLS when connecting to Redis. + /// Whether to use TLS when connecting to Cassandra. /// [Input("tls")] public Input? Tls { get; set; } /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// [Input("username", required: true)] public Input Username { get; set; } = null!; diff --git a/sdk/dotnet/Database/Inputs/SecretsMountRediGetArgs.cs b/sdk/dotnet/Database/Inputs/SecretsMountRediGetArgs.cs index 3e34f90ff..8b30aa62c 100644 --- a/sdk/dotnet/Database/Inputs/SecretsMountRediGetArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretsMountRediGetArgs.cs @@ -26,7 +26,7 @@ public InputList AllowedRoles } /// - /// The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity. + /// The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. /// [Input("caCert")] public Input? CaCert { get; set; } @@ -36,6 +36,8 @@ public InputList AllowedRoles /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public InputMap Data { @@ -63,7 +65,7 @@ public InputMap Data private Input? _password; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public Input? Password { @@ -101,13 +103,13 @@ public InputList RootRotationStatements } /// - /// Whether to use TLS when connecting to Redis. + /// Whether to use TLS when connecting to Cassandra. /// [Input("tls")] public Input? Tls { get; set; } /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// [Input("username", required: true)] public Input Username { get; set; } = null!; diff --git a/sdk/dotnet/Database/Inputs/SecretsMountRedisElasticachArgs.cs b/sdk/dotnet/Database/Inputs/SecretsMountRedisElasticachArgs.cs index ab98ca01a..f69fb4208 100644 --- a/sdk/dotnet/Database/Inputs/SecretsMountRedisElasticachArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretsMountRedisElasticachArgs.cs @@ -30,6 +30,8 @@ public InputList AllowedRoles /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public InputMap Data { @@ -44,7 +46,7 @@ public InputMap Data private Input? _password; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public Input? Password { @@ -82,7 +84,8 @@ public InputList RootRotationStatements } /// - /// The configuration endpoint for the ElastiCache cluster to connect to. + /// The URL for Elasticsearch's API. https requires certificate + /// by trusted CA if used. /// [Input("url", required: true)] public Input Url { get; set; } = null!; @@ -91,7 +94,7 @@ public InputList RootRotationStatements private Input? _username; /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// public Input? Username { diff --git a/sdk/dotnet/Database/Inputs/SecretsMountRedisElasticachGetArgs.cs b/sdk/dotnet/Database/Inputs/SecretsMountRedisElasticachGetArgs.cs index bf242ca3b..1e0329661 100644 --- a/sdk/dotnet/Database/Inputs/SecretsMountRedisElasticachGetArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretsMountRedisElasticachGetArgs.cs @@ -30,6 +30,8 @@ public InputList AllowedRoles /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public InputMap Data { @@ -44,7 +46,7 @@ public InputMap Data private Input? _password; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public Input? Password { @@ -82,7 +84,8 @@ public InputList RootRotationStatements } /// - /// The configuration endpoint for the ElastiCache cluster to connect to. + /// The URL for Elasticsearch's API. https requires certificate + /// by trusted CA if used. /// [Input("url", required: true)] public Input Url { get; set; } = null!; @@ -91,7 +94,7 @@ public InputList RootRotationStatements private Input? _username; /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// public Input? Username { diff --git a/sdk/dotnet/Database/Inputs/SecretsMountRedshiftArgs.cs b/sdk/dotnet/Database/Inputs/SecretsMountRedshiftArgs.cs index c951d579d..f936c3597 100644 --- a/sdk/dotnet/Database/Inputs/SecretsMountRedshiftArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretsMountRedshiftArgs.cs @@ -26,8 +26,8 @@ public InputList AllowedRoles } /// - /// A URL containing connection information. - /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + /// Specifies the Redshift DSN. + /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) /// [Input("connectionUrl")] public Input? ConnectionUrl { get; set; } @@ -37,6 +37,8 @@ public InputList AllowedRoles /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public InputMap Data { @@ -51,22 +53,21 @@ public InputMap Data public Input? DisableEscaping { get; set; } /// - /// The maximum number of seconds to keep - /// a connection alive for. + /// The maximum amount of time a connection may be reused. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// maintain. + /// the database. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// use. + /// the database. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -78,7 +79,7 @@ public InputMap Data private Input? _password; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public Input? Password { @@ -109,13 +110,13 @@ public InputList RootRotationStatements } /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// [Input("username")] public Input? Username { get; set; } /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretsMountRedshiftGetArgs.cs b/sdk/dotnet/Database/Inputs/SecretsMountRedshiftGetArgs.cs index d7b49fb32..b308012f8 100644 --- a/sdk/dotnet/Database/Inputs/SecretsMountRedshiftGetArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretsMountRedshiftGetArgs.cs @@ -26,8 +26,8 @@ public InputList AllowedRoles } /// - /// A URL containing connection information. - /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + /// Specifies the Redshift DSN. + /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) /// [Input("connectionUrl")] public Input? ConnectionUrl { get; set; } @@ -37,6 +37,8 @@ public InputList AllowedRoles /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public InputMap Data { @@ -51,22 +53,21 @@ public InputMap Data public Input? DisableEscaping { get; set; } /// - /// The maximum number of seconds to keep - /// a connection alive for. + /// The maximum amount of time a connection may be reused. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// maintain. + /// the database. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// use. + /// the database. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -78,7 +79,7 @@ public InputMap Data private Input? _password; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public Input? Password { @@ -109,13 +110,13 @@ public InputList RootRotationStatements } /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// [Input("username")] public Input? Username { get; set; } /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretsMountSnowflakeArgs.cs b/sdk/dotnet/Database/Inputs/SecretsMountSnowflakeArgs.cs index d2b864014..95511cbd7 100644 --- a/sdk/dotnet/Database/Inputs/SecretsMountSnowflakeArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretsMountSnowflakeArgs.cs @@ -26,8 +26,8 @@ public InputList AllowedRoles } /// - /// A URL containing connection information. - /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + /// Specifies the Redshift DSN. + /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) /// [Input("connectionUrl")] public Input? ConnectionUrl { get; set; } @@ -37,6 +37,8 @@ public InputList AllowedRoles /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public InputMap Data { @@ -45,22 +47,21 @@ public InputMap Data } /// - /// The maximum number of seconds to keep - /// a connection alive for. + /// The maximum amount of time a connection may be reused. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// maintain. + /// the database. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// use. + /// the database. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -72,7 +73,7 @@ public InputMap Data private Input? _password; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public Input? Password { @@ -103,13 +104,13 @@ public InputList RootRotationStatements } /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// [Input("username")] public Input? Username { get; set; } /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Inputs/SecretsMountSnowflakeGetArgs.cs b/sdk/dotnet/Database/Inputs/SecretsMountSnowflakeGetArgs.cs index 19c0f11db..f4371ebfa 100644 --- a/sdk/dotnet/Database/Inputs/SecretsMountSnowflakeGetArgs.cs +++ b/sdk/dotnet/Database/Inputs/SecretsMountSnowflakeGetArgs.cs @@ -26,8 +26,8 @@ public InputList AllowedRoles } /// - /// A URL containing connection information. - /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + /// Specifies the Redshift DSN. + /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) /// [Input("connectionUrl")] public Input? ConnectionUrl { get; set; } @@ -37,6 +37,8 @@ public InputList AllowedRoles /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public InputMap Data { @@ -45,22 +47,21 @@ public InputMap Data } /// - /// The maximum number of seconds to keep - /// a connection alive for. + /// The maximum amount of time a connection may be reused. /// [Input("maxConnectionLifetime")] public Input? MaxConnectionLifetime { get; set; } /// /// The maximum number of idle connections to - /// maintain. + /// the database. /// [Input("maxIdleConnections")] public Input? MaxIdleConnections { get; set; } /// /// The maximum number of open connections to - /// use. + /// the database. /// [Input("maxOpenConnections")] public Input? MaxOpenConnections { get; set; } @@ -72,7 +73,7 @@ public InputMap Data private Input? _password; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public Input? Password { @@ -103,13 +104,13 @@ public InputList RootRotationStatements } /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// [Input("username")] public Input? Username { get; set; } /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. /// [Input("usernameTemplate")] public Input? UsernameTemplate { get; set; } diff --git a/sdk/dotnet/Database/Outputs/SecretBackendConnectionCassandra.cs b/sdk/dotnet/Database/Outputs/SecretBackendConnectionCassandra.cs index 84253a1e8..cfe1eca44 100644 --- a/sdk/dotnet/Database/Outputs/SecretBackendConnectionCassandra.cs +++ b/sdk/dotnet/Database/Outputs/SecretBackendConnectionCassandra.cs @@ -19,7 +19,7 @@ public sealed class SecretBackendConnectionCassandra /// public readonly int? ConnectTimeout; /// - /// A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + /// The hosts to connect to. /// public readonly ImmutableArray Hosts; /// @@ -28,7 +28,7 @@ public sealed class SecretBackendConnectionCassandra /// public readonly bool? InsecureTls; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public readonly string? Password; /// @@ -50,11 +50,11 @@ public sealed class SecretBackendConnectionCassandra /// public readonly int? ProtocolVersion; /// - /// Whether to use TLS when connecting to Redis. + /// Whether to use TLS when connecting to Cassandra. /// public readonly bool? Tls; /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// public readonly string? Username; diff --git a/sdk/dotnet/Database/Outputs/SecretBackendConnectionCouchbase.cs b/sdk/dotnet/Database/Outputs/SecretBackendConnectionCouchbase.cs index 6979557fc..0e29c7ee8 100644 --- a/sdk/dotnet/Database/Outputs/SecretBackendConnectionCouchbase.cs +++ b/sdk/dotnet/Database/Outputs/SecretBackendConnectionCouchbase.cs @@ -22,7 +22,7 @@ public sealed class SecretBackendConnectionCouchbase /// public readonly string? BucketName; /// - /// A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + /// The hosts to connect to. /// public readonly ImmutableArray Hosts; /// @@ -31,19 +31,19 @@ public sealed class SecretBackendConnectionCouchbase /// public readonly bool? InsecureTls; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public readonly string Password; /// - /// Whether to use TLS when connecting to Redis. + /// Whether to use TLS when connecting to Cassandra. /// public readonly bool? Tls; /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// public readonly string Username; /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// Template describing how dynamic usernames are generated. /// public readonly string? UsernameTemplate; diff --git a/sdk/dotnet/Database/Outputs/SecretBackendConnectionElasticsearch.cs b/sdk/dotnet/Database/Outputs/SecretBackendConnectionElasticsearch.cs index b1feaaf67..5f644a9ae 100644 --- a/sdk/dotnet/Database/Outputs/SecretBackendConnectionElasticsearch.cs +++ b/sdk/dotnet/Database/Outputs/SecretBackendConnectionElasticsearch.cs @@ -34,7 +34,7 @@ public sealed class SecretBackendConnectionElasticsearch /// public readonly bool? Insecure; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public readonly string Password; /// @@ -47,11 +47,11 @@ public sealed class SecretBackendConnectionElasticsearch /// public readonly string Url; /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// public readonly string Username; /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// Template describing how dynamic usernames are generated. /// public readonly string? UsernameTemplate; diff --git a/sdk/dotnet/Database/Outputs/SecretBackendConnectionHana.cs b/sdk/dotnet/Database/Outputs/SecretBackendConnectionHana.cs index 61a2b7377..8608720b5 100644 --- a/sdk/dotnet/Database/Outputs/SecretBackendConnectionHana.cs +++ b/sdk/dotnet/Database/Outputs/SecretBackendConnectionHana.cs @@ -14,9 +14,9 @@ namespace Pulumi.Vault.Database.Outputs public sealed class SecretBackendConnectionHana { /// - /// Specifies the Redshift DSN. See + /// A URL containing connection information. See /// the [Vault - /// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + /// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) /// for an example. /// public readonly string? ConnectionUrl; @@ -25,25 +25,26 @@ public sealed class SecretBackendConnectionHana /// public readonly bool? DisableEscaping; /// - /// The maximum amount of time a connection may be reused. + /// The maximum number of seconds to keep + /// a connection alive for. /// public readonly int? MaxConnectionLifetime; /// /// The maximum number of idle connections to - /// the database. + /// maintain. /// public readonly int? MaxIdleConnections; /// /// The maximum number of open connections to - /// the database. + /// use. /// public readonly int? MaxOpenConnections; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public readonly string? Password; /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// public readonly string? Username; diff --git a/sdk/dotnet/Database/Outputs/SecretBackendConnectionInfluxdb.cs b/sdk/dotnet/Database/Outputs/SecretBackendConnectionInfluxdb.cs index 4f643c0c8..0d75129d4 100644 --- a/sdk/dotnet/Database/Outputs/SecretBackendConnectionInfluxdb.cs +++ b/sdk/dotnet/Database/Outputs/SecretBackendConnectionInfluxdb.cs @@ -28,7 +28,7 @@ public sealed class SecretBackendConnectionInfluxdb /// public readonly bool? InsecureTls; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public readonly string Password; /// @@ -46,15 +46,15 @@ public sealed class SecretBackendConnectionInfluxdb /// public readonly int? Port; /// - /// Whether to use TLS when connecting to Redis. + /// Whether to use TLS when connecting to Cassandra. /// public readonly bool? Tls; /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// public readonly string Username; /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// Template describing how dynamic usernames are generated. /// public readonly string? UsernameTemplate; diff --git a/sdk/dotnet/Database/Outputs/SecretBackendConnectionMongodb.cs b/sdk/dotnet/Database/Outputs/SecretBackendConnectionMongodb.cs index 97cc2ba72..9abd909dc 100644 --- a/sdk/dotnet/Database/Outputs/SecretBackendConnectionMongodb.cs +++ b/sdk/dotnet/Database/Outputs/SecretBackendConnectionMongodb.cs @@ -14,36 +14,37 @@ namespace Pulumi.Vault.Database.Outputs public sealed class SecretBackendConnectionMongodb { /// - /// Specifies the Redshift DSN. See + /// A URL containing connection information. See /// the [Vault - /// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + /// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) /// for an example. /// public readonly string? ConnectionUrl; /// - /// The maximum amount of time a connection may be reused. + /// The maximum number of seconds to keep + /// a connection alive for. /// public readonly int? MaxConnectionLifetime; /// /// The maximum number of idle connections to - /// the database. + /// maintain. /// public readonly int? MaxIdleConnections; /// /// The maximum number of open connections to - /// the database. + /// use. /// public readonly int? MaxOpenConnections; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public readonly string? Password; /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// public readonly string? Username; /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// Template describing how dynamic usernames are generated. /// public readonly string? UsernameTemplate; diff --git a/sdk/dotnet/Database/Outputs/SecretBackendConnectionMssql.cs b/sdk/dotnet/Database/Outputs/SecretBackendConnectionMssql.cs index 133507d4c..12af4f23b 100644 --- a/sdk/dotnet/Database/Outputs/SecretBackendConnectionMssql.cs +++ b/sdk/dotnet/Database/Outputs/SecretBackendConnectionMssql.cs @@ -14,9 +14,9 @@ namespace Pulumi.Vault.Database.Outputs public sealed class SecretBackendConnectionMssql { /// - /// Specifies the Redshift DSN. See + /// A URL containing connection information. See /// the [Vault - /// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + /// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) /// for an example. /// public readonly string? ConnectionUrl; @@ -32,29 +32,30 @@ public sealed class SecretBackendConnectionMssql /// public readonly bool? DisableEscaping; /// - /// The maximum amount of time a connection may be reused. + /// The maximum number of seconds to keep + /// a connection alive for. /// public readonly int? MaxConnectionLifetime; /// /// The maximum number of idle connections to - /// the database. + /// maintain. /// public readonly int? MaxIdleConnections; /// /// The maximum number of open connections to - /// the database. + /// use. /// public readonly int? MaxOpenConnections; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public readonly string? Password; /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// public readonly string? Username; /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// Template describing how dynamic usernames are generated. /// public readonly string? UsernameTemplate; diff --git a/sdk/dotnet/Database/Outputs/SecretBackendConnectionMysql.cs b/sdk/dotnet/Database/Outputs/SecretBackendConnectionMysql.cs index fe93b9c6e..76a77faf1 100644 --- a/sdk/dotnet/Database/Outputs/SecretBackendConnectionMysql.cs +++ b/sdk/dotnet/Database/Outputs/SecretBackendConnectionMysql.cs @@ -18,28 +18,29 @@ public sealed class SecretBackendConnectionMysql /// public readonly string? AuthType; /// - /// Specifies the Redshift DSN. See + /// A URL containing connection information. See /// the [Vault - /// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + /// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) /// for an example. /// public readonly string? ConnectionUrl; /// - /// The maximum amount of time a connection may be reused. + /// The maximum number of seconds to keep + /// a connection alive for. /// public readonly int? MaxConnectionLifetime; /// /// The maximum number of idle connections to - /// the database. + /// maintain. /// public readonly int? MaxIdleConnections; /// /// The maximum number of open connections to - /// the database. + /// use. /// public readonly int? MaxOpenConnections; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public readonly string? Password; /// @@ -55,11 +56,11 @@ public sealed class SecretBackendConnectionMysql /// public readonly string? TlsCertificateKey; /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// public readonly string? Username; /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// Template describing how dynamic usernames are generated. /// public readonly string? UsernameTemplate; diff --git a/sdk/dotnet/Database/Outputs/SecretBackendConnectionMysqlAurora.cs b/sdk/dotnet/Database/Outputs/SecretBackendConnectionMysqlAurora.cs index c1f0a08e9..4db339258 100644 --- a/sdk/dotnet/Database/Outputs/SecretBackendConnectionMysqlAurora.cs +++ b/sdk/dotnet/Database/Outputs/SecretBackendConnectionMysqlAurora.cs @@ -14,36 +14,37 @@ namespace Pulumi.Vault.Database.Outputs public sealed class SecretBackendConnectionMysqlAurora { /// - /// Specifies the Redshift DSN. See + /// A URL containing connection information. See /// the [Vault - /// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + /// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) /// for an example. /// public readonly string? ConnectionUrl; /// - /// The maximum amount of time a connection may be reused. + /// The maximum number of seconds to keep + /// a connection alive for. /// public readonly int? MaxConnectionLifetime; /// /// The maximum number of idle connections to - /// the database. + /// maintain. /// public readonly int? MaxIdleConnections; /// /// The maximum number of open connections to - /// the database. + /// use. /// public readonly int? MaxOpenConnections; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public readonly string? Password; /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// public readonly string? Username; /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// Template describing how dynamic usernames are generated. /// public readonly string? UsernameTemplate; diff --git a/sdk/dotnet/Database/Outputs/SecretBackendConnectionMysqlLegacy.cs b/sdk/dotnet/Database/Outputs/SecretBackendConnectionMysqlLegacy.cs index 34c2dd167..9524769fc 100644 --- a/sdk/dotnet/Database/Outputs/SecretBackendConnectionMysqlLegacy.cs +++ b/sdk/dotnet/Database/Outputs/SecretBackendConnectionMysqlLegacy.cs @@ -14,36 +14,37 @@ namespace Pulumi.Vault.Database.Outputs public sealed class SecretBackendConnectionMysqlLegacy { /// - /// Specifies the Redshift DSN. See + /// A URL containing connection information. See /// the [Vault - /// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + /// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) /// for an example. /// public readonly string? ConnectionUrl; /// - /// The maximum amount of time a connection may be reused. + /// The maximum number of seconds to keep + /// a connection alive for. /// public readonly int? MaxConnectionLifetime; /// /// The maximum number of idle connections to - /// the database. + /// maintain. /// public readonly int? MaxIdleConnections; /// /// The maximum number of open connections to - /// the database. + /// use. /// public readonly int? MaxOpenConnections; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public readonly string? Password; /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// public readonly string? Username; /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// Template describing how dynamic usernames are generated. /// public readonly string? UsernameTemplate; diff --git a/sdk/dotnet/Database/Outputs/SecretBackendConnectionMysqlRds.cs b/sdk/dotnet/Database/Outputs/SecretBackendConnectionMysqlRds.cs index 500be1688..1c14fb72a 100644 --- a/sdk/dotnet/Database/Outputs/SecretBackendConnectionMysqlRds.cs +++ b/sdk/dotnet/Database/Outputs/SecretBackendConnectionMysqlRds.cs @@ -14,36 +14,37 @@ namespace Pulumi.Vault.Database.Outputs public sealed class SecretBackendConnectionMysqlRds { /// - /// Specifies the Redshift DSN. See + /// A URL containing connection information. See /// the [Vault - /// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + /// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) /// for an example. /// public readonly string? ConnectionUrl; /// - /// The maximum amount of time a connection may be reused. + /// The maximum number of seconds to keep + /// a connection alive for. /// public readonly int? MaxConnectionLifetime; /// /// The maximum number of idle connections to - /// the database. + /// maintain. /// public readonly int? MaxIdleConnections; /// /// The maximum number of open connections to - /// the database. + /// use. /// public readonly int? MaxOpenConnections; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public readonly string? Password; /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// public readonly string? Username; /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// Template describing how dynamic usernames are generated. /// public readonly string? UsernameTemplate; diff --git a/sdk/dotnet/Database/Outputs/SecretBackendConnectionOracle.cs b/sdk/dotnet/Database/Outputs/SecretBackendConnectionOracle.cs index b56c02b15..f230f034e 100644 --- a/sdk/dotnet/Database/Outputs/SecretBackendConnectionOracle.cs +++ b/sdk/dotnet/Database/Outputs/SecretBackendConnectionOracle.cs @@ -14,36 +14,37 @@ namespace Pulumi.Vault.Database.Outputs public sealed class SecretBackendConnectionOracle { /// - /// Specifies the Redshift DSN. See + /// A URL containing connection information. See /// the [Vault - /// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + /// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) /// for an example. /// public readonly string? ConnectionUrl; /// - /// The maximum amount of time a connection may be reused. + /// The maximum number of seconds to keep + /// a connection alive for. /// public readonly int? MaxConnectionLifetime; /// /// The maximum number of idle connections to - /// the database. + /// maintain. /// public readonly int? MaxIdleConnections; /// /// The maximum number of open connections to - /// the database. + /// use. /// public readonly int? MaxOpenConnections; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public readonly string? Password; /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// public readonly string? Username; /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// Template describing how dynamic usernames are generated. /// public readonly string? UsernameTemplate; diff --git a/sdk/dotnet/Database/Outputs/SecretBackendConnectionPostgresql.cs b/sdk/dotnet/Database/Outputs/SecretBackendConnectionPostgresql.cs index 9355fadeb..30ff9092f 100644 --- a/sdk/dotnet/Database/Outputs/SecretBackendConnectionPostgresql.cs +++ b/sdk/dotnet/Database/Outputs/SecretBackendConnectionPostgresql.cs @@ -18,9 +18,9 @@ public sealed class SecretBackendConnectionPostgresql /// public readonly string? AuthType; /// - /// Specifies the Redshift DSN. See + /// A URL containing connection information. See /// the [Vault - /// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + /// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) /// for an example. /// public readonly string? ConnectionUrl; @@ -29,21 +29,22 @@ public sealed class SecretBackendConnectionPostgresql /// public readonly bool? DisableEscaping; /// - /// The maximum amount of time a connection may be reused. + /// The maximum number of seconds to keep + /// a connection alive for. /// public readonly int? MaxConnectionLifetime; /// /// The maximum number of idle connections to - /// the database. + /// maintain. /// public readonly int? MaxIdleConnections; /// /// The maximum number of open connections to - /// the database. + /// use. /// public readonly int? MaxOpenConnections; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public readonly string? Password; /// @@ -51,11 +52,11 @@ public sealed class SecretBackendConnectionPostgresql /// public readonly string? ServiceAccountJson; /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// public readonly string? Username; /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// Template describing how dynamic usernames are generated. /// public readonly string? UsernameTemplate; diff --git a/sdk/dotnet/Database/Outputs/SecretBackendConnectionRedis.cs b/sdk/dotnet/Database/Outputs/SecretBackendConnectionRedis.cs index 7ffbbe547..ef81e4743 100644 --- a/sdk/dotnet/Database/Outputs/SecretBackendConnectionRedis.cs +++ b/sdk/dotnet/Database/Outputs/SecretBackendConnectionRedis.cs @@ -27,7 +27,7 @@ public sealed class SecretBackendConnectionRedis /// public readonly bool? InsecureTls; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public readonly string Password; /// @@ -36,11 +36,11 @@ public sealed class SecretBackendConnectionRedis /// public readonly int? Port; /// - /// Whether to use TLS when connecting to Redis. + /// Whether to use TLS when connecting to Cassandra. /// public readonly bool? Tls; /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// public readonly string Username; diff --git a/sdk/dotnet/Database/Outputs/SecretBackendConnectionRedisElasticache.cs b/sdk/dotnet/Database/Outputs/SecretBackendConnectionRedisElasticache.cs index 0fb2ecaab..fd41f3af5 100644 --- a/sdk/dotnet/Database/Outputs/SecretBackendConnectionRedisElasticache.cs +++ b/sdk/dotnet/Database/Outputs/SecretBackendConnectionRedisElasticache.cs @@ -14,7 +14,7 @@ namespace Pulumi.Vault.Database.Outputs public sealed class SecretBackendConnectionRedisElasticache { /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public readonly string? Password; /// @@ -27,7 +27,7 @@ public sealed class SecretBackendConnectionRedisElasticache /// public readonly string Url; /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// public readonly string? Username; diff --git a/sdk/dotnet/Database/Outputs/SecretBackendConnectionRedshift.cs b/sdk/dotnet/Database/Outputs/SecretBackendConnectionRedshift.cs index 354785b42..d7f244684 100644 --- a/sdk/dotnet/Database/Outputs/SecretBackendConnectionRedshift.cs +++ b/sdk/dotnet/Database/Outputs/SecretBackendConnectionRedshift.cs @@ -14,9 +14,9 @@ namespace Pulumi.Vault.Database.Outputs public sealed class SecretBackendConnectionRedshift { /// - /// Specifies the Redshift DSN. See + /// A URL containing connection information. See /// the [Vault - /// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + /// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) /// for an example. /// public readonly string? ConnectionUrl; @@ -25,29 +25,30 @@ public sealed class SecretBackendConnectionRedshift /// public readonly bool? DisableEscaping; /// - /// The maximum amount of time a connection may be reused. + /// The maximum number of seconds to keep + /// a connection alive for. /// public readonly int? MaxConnectionLifetime; /// /// The maximum number of idle connections to - /// the database. + /// maintain. /// public readonly int? MaxIdleConnections; /// /// The maximum number of open connections to - /// the database. + /// use. /// public readonly int? MaxOpenConnections; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public readonly string? Password; /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// public readonly string? Username; /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// Template describing how dynamic usernames are generated. /// public readonly string? UsernameTemplate; diff --git a/sdk/dotnet/Database/Outputs/SecretBackendConnectionSnowflake.cs b/sdk/dotnet/Database/Outputs/SecretBackendConnectionSnowflake.cs index bfa4e28a3..bdc8f7c45 100644 --- a/sdk/dotnet/Database/Outputs/SecretBackendConnectionSnowflake.cs +++ b/sdk/dotnet/Database/Outputs/SecretBackendConnectionSnowflake.cs @@ -14,36 +14,37 @@ namespace Pulumi.Vault.Database.Outputs public sealed class SecretBackendConnectionSnowflake { /// - /// Specifies the Redshift DSN. See + /// A URL containing connection information. See /// the [Vault - /// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + /// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) /// for an example. /// public readonly string? ConnectionUrl; /// - /// The maximum amount of time a connection may be reused. + /// The maximum number of seconds to keep + /// a connection alive for. /// public readonly int? MaxConnectionLifetime; /// /// The maximum number of idle connections to - /// the database. + /// maintain. /// public readonly int? MaxIdleConnections; /// /// The maximum number of open connections to - /// the database. + /// use. /// public readonly int? MaxOpenConnections; /// - /// The root credential password used in the connection URL. + /// The password to authenticate with. /// public readonly string? Password; /// - /// The root credential username used in the connection URL. + /// The username to authenticate with. /// public readonly string? Username; /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// Template describing how dynamic usernames are generated. /// public readonly string? UsernameTemplate; diff --git a/sdk/dotnet/Database/Outputs/SecretsMountCassandra.cs b/sdk/dotnet/Database/Outputs/SecretsMountCassandra.cs index a265e7392..abe9d2465 100644 --- a/sdk/dotnet/Database/Outputs/SecretsMountCassandra.cs +++ b/sdk/dotnet/Database/Outputs/SecretsMountCassandra.cs @@ -25,10 +25,12 @@ public sealed class SecretsMountCassandra public readonly int? ConnectTimeout; /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public readonly ImmutableDictionary? Data; /// - /// A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + /// The hosts to connect to. /// public readonly ImmutableArray Hosts; /// @@ -38,7 +40,7 @@ public sealed class SecretsMountCassandra public readonly bool? InsecureTls; public readonly string Name; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public readonly string? Password; /// @@ -68,11 +70,11 @@ public sealed class SecretsMountCassandra /// public readonly ImmutableArray RootRotationStatements; /// - /// Whether to use TLS when connecting to Redis. + /// Whether to use TLS when connecting to Cassandra. /// public readonly bool? Tls; /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// public readonly string? Username; /// diff --git a/sdk/dotnet/Database/Outputs/SecretsMountCouchbase.cs b/sdk/dotnet/Database/Outputs/SecretsMountCouchbase.cs index ca37b1fb5..e4a6e91e2 100644 --- a/sdk/dotnet/Database/Outputs/SecretsMountCouchbase.cs +++ b/sdk/dotnet/Database/Outputs/SecretsMountCouchbase.cs @@ -28,10 +28,12 @@ public sealed class SecretsMountCouchbase public readonly string? BucketName; /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public readonly ImmutableDictionary? Data; /// - /// A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + /// The hosts to connect to. /// public readonly ImmutableArray Hosts; /// @@ -41,7 +43,7 @@ public sealed class SecretsMountCouchbase public readonly bool? InsecureTls; public readonly string Name; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public readonly string Password; /// @@ -53,15 +55,15 @@ public sealed class SecretsMountCouchbase /// public readonly ImmutableArray RootRotationStatements; /// - /// Whether to use TLS when connecting to Redis. + /// Whether to use TLS when connecting to Cassandra. /// public readonly bool? Tls; /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// public readonly string Username; /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. /// public readonly string? UsernameTemplate; /// diff --git a/sdk/dotnet/Database/Outputs/SecretsMountElasticsearch.cs b/sdk/dotnet/Database/Outputs/SecretsMountElasticsearch.cs index 28892c3a0..6f3c30e58 100644 --- a/sdk/dotnet/Database/Outputs/SecretsMountElasticsearch.cs +++ b/sdk/dotnet/Database/Outputs/SecretsMountElasticsearch.cs @@ -19,7 +19,7 @@ public sealed class SecretsMountElasticsearch /// public readonly ImmutableArray AllowedRoles; /// - /// The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity. + /// The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. /// public readonly string? CaCert; /// @@ -36,6 +36,8 @@ public sealed class SecretsMountElasticsearch public readonly string? ClientKey; /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public readonly ImmutableDictionary? Data; /// @@ -44,7 +46,7 @@ public sealed class SecretsMountElasticsearch public readonly bool? Insecure; public readonly string Name; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public readonly string Password; /// @@ -60,15 +62,16 @@ public sealed class SecretsMountElasticsearch /// public readonly string? TlsServerName; /// - /// The configuration endpoint for the ElastiCache cluster to connect to. + /// The URL for Elasticsearch's API. https requires certificate + /// by trusted CA if used. /// public readonly string Url; /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// public readonly string Username; /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. /// public readonly string? UsernameTemplate; /// diff --git a/sdk/dotnet/Database/Outputs/SecretsMountHana.cs b/sdk/dotnet/Database/Outputs/SecretsMountHana.cs index 978d019a9..c585d1716 100644 --- a/sdk/dotnet/Database/Outputs/SecretsMountHana.cs +++ b/sdk/dotnet/Database/Outputs/SecretsMountHana.cs @@ -19,12 +19,14 @@ public sealed class SecretsMountHana /// public readonly ImmutableArray AllowedRoles; /// - /// A URL containing connection information. - /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + /// Specifies the Redshift DSN. + /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) /// public readonly string? ConnectionUrl; /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public readonly ImmutableDictionary? Data; /// @@ -32,23 +34,22 @@ public sealed class SecretsMountHana /// public readonly bool? DisableEscaping; /// - /// The maximum number of seconds to keep - /// a connection alive for. + /// The maximum amount of time a connection may be reused. /// public readonly int? MaxConnectionLifetime; /// /// The maximum number of idle connections to - /// maintain. + /// the database. /// public readonly int? MaxIdleConnections; /// /// The maximum number of open connections to - /// use. + /// the database. /// public readonly int? MaxOpenConnections; public readonly string Name; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public readonly string? Password; /// @@ -60,7 +61,7 @@ public sealed class SecretsMountHana /// public readonly ImmutableArray RootRotationStatements; /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// public readonly string? Username; /// diff --git a/sdk/dotnet/Database/Outputs/SecretsMountInfluxdb.cs b/sdk/dotnet/Database/Outputs/SecretsMountInfluxdb.cs index 927cd7ca7..970bb3fb4 100644 --- a/sdk/dotnet/Database/Outputs/SecretsMountInfluxdb.cs +++ b/sdk/dotnet/Database/Outputs/SecretsMountInfluxdb.cs @@ -25,6 +25,8 @@ public sealed class SecretsMountInfluxdb public readonly int? ConnectTimeout; /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public readonly ImmutableDictionary? Data; /// @@ -38,7 +40,7 @@ public sealed class SecretsMountInfluxdb public readonly bool? InsecureTls; public readonly string Name; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public readonly string Password; /// @@ -64,15 +66,15 @@ public sealed class SecretsMountInfluxdb /// public readonly ImmutableArray RootRotationStatements; /// - /// Whether to use TLS when connecting to Redis. + /// Whether to use TLS when connecting to Cassandra. /// public readonly bool? Tls; /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// public readonly string Username; /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. /// public readonly string? UsernameTemplate; /// diff --git a/sdk/dotnet/Database/Outputs/SecretsMountMongodb.cs b/sdk/dotnet/Database/Outputs/SecretsMountMongodb.cs index 4659d36ae..4eeebb2b1 100644 --- a/sdk/dotnet/Database/Outputs/SecretsMountMongodb.cs +++ b/sdk/dotnet/Database/Outputs/SecretsMountMongodb.cs @@ -19,32 +19,33 @@ public sealed class SecretsMountMongodb /// public readonly ImmutableArray AllowedRoles; /// - /// A URL containing connection information. - /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + /// Specifies the Redshift DSN. + /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) /// public readonly string? ConnectionUrl; /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public readonly ImmutableDictionary? Data; /// - /// The maximum number of seconds to keep - /// a connection alive for. + /// The maximum amount of time a connection may be reused. /// public readonly int? MaxConnectionLifetime; /// /// The maximum number of idle connections to - /// maintain. + /// the database. /// public readonly int? MaxIdleConnections; /// /// The maximum number of open connections to - /// use. + /// the database. /// public readonly int? MaxOpenConnections; public readonly string Name; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public readonly string? Password; /// @@ -56,11 +57,11 @@ public sealed class SecretsMountMongodb /// public readonly ImmutableArray RootRotationStatements; /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// public readonly string? Username; /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. /// public readonly string? UsernameTemplate; /// diff --git a/sdk/dotnet/Database/Outputs/SecretsMountMongodbatla.cs b/sdk/dotnet/Database/Outputs/SecretsMountMongodbatla.cs index f75c0ec84..22aea650d 100644 --- a/sdk/dotnet/Database/Outputs/SecretsMountMongodbatla.cs +++ b/sdk/dotnet/Database/Outputs/SecretsMountMongodbatla.cs @@ -20,6 +20,8 @@ public sealed class SecretsMountMongodbatla public readonly ImmutableArray AllowedRoles; /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public readonly ImmutableDictionary? Data; public readonly string Name; diff --git a/sdk/dotnet/Database/Outputs/SecretsMountMssql.cs b/sdk/dotnet/Database/Outputs/SecretsMountMssql.cs index a3c80c5f4..b7f1896cf 100644 --- a/sdk/dotnet/Database/Outputs/SecretsMountMssql.cs +++ b/sdk/dotnet/Database/Outputs/SecretsMountMssql.cs @@ -19,8 +19,8 @@ public sealed class SecretsMountMssql /// public readonly ImmutableArray AllowedRoles; /// - /// A URL containing connection information. - /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + /// Specifies the Redshift DSN. + /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) /// public readonly string? ConnectionUrl; /// @@ -31,6 +31,8 @@ public sealed class SecretsMountMssql public readonly bool? ContainedDb; /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public readonly ImmutableDictionary? Data; /// @@ -38,23 +40,22 @@ public sealed class SecretsMountMssql /// public readonly bool? DisableEscaping; /// - /// The maximum number of seconds to keep - /// a connection alive for. + /// The maximum amount of time a connection may be reused. /// public readonly int? MaxConnectionLifetime; /// /// The maximum number of idle connections to - /// maintain. + /// the database. /// public readonly int? MaxIdleConnections; /// /// The maximum number of open connections to - /// use. + /// the database. /// public readonly int? MaxOpenConnections; public readonly string Name; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public readonly string? Password; /// @@ -66,11 +67,11 @@ public sealed class SecretsMountMssql /// public readonly ImmutableArray RootRotationStatements; /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// public readonly string? Username; /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. /// public readonly string? UsernameTemplate; /// diff --git a/sdk/dotnet/Database/Outputs/SecretsMountMysql.cs b/sdk/dotnet/Database/Outputs/SecretsMountMysql.cs index 6f4456483..83d0f41bd 100644 --- a/sdk/dotnet/Database/Outputs/SecretsMountMysql.cs +++ b/sdk/dotnet/Database/Outputs/SecretsMountMysql.cs @@ -20,32 +20,33 @@ public sealed class SecretsMountMysql public readonly ImmutableArray AllowedRoles; public readonly string? AuthType; /// - /// A URL containing connection information. - /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + /// Specifies the Redshift DSN. + /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) /// public readonly string? ConnectionUrl; /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public readonly ImmutableDictionary? Data; /// - /// The maximum number of seconds to keep - /// a connection alive for. + /// The maximum amount of time a connection may be reused. /// public readonly int? MaxConnectionLifetime; /// /// The maximum number of idle connections to - /// maintain. + /// the database. /// public readonly int? MaxIdleConnections; /// /// The maximum number of open connections to - /// use. + /// the database. /// public readonly int? MaxOpenConnections; public readonly string Name; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public readonly string? Password; /// @@ -66,11 +67,11 @@ public sealed class SecretsMountMysql /// public readonly string? TlsCertificateKey; /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// public readonly string? Username; /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. /// public readonly string? UsernameTemplate; /// diff --git a/sdk/dotnet/Database/Outputs/SecretsMountMysqlAurora.cs b/sdk/dotnet/Database/Outputs/SecretsMountMysqlAurora.cs index 9ed894f56..7deb55c58 100644 --- a/sdk/dotnet/Database/Outputs/SecretsMountMysqlAurora.cs +++ b/sdk/dotnet/Database/Outputs/SecretsMountMysqlAurora.cs @@ -19,32 +19,33 @@ public sealed class SecretsMountMysqlAurora /// public readonly ImmutableArray AllowedRoles; /// - /// A URL containing connection information. - /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + /// Specifies the Redshift DSN. + /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) /// public readonly string? ConnectionUrl; /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public readonly ImmutableDictionary? Data; /// - /// The maximum number of seconds to keep - /// a connection alive for. + /// The maximum amount of time a connection may be reused. /// public readonly int? MaxConnectionLifetime; /// /// The maximum number of idle connections to - /// maintain. + /// the database. /// public readonly int? MaxIdleConnections; /// /// The maximum number of open connections to - /// use. + /// the database. /// public readonly int? MaxOpenConnections; public readonly string Name; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public readonly string? Password; /// @@ -56,11 +57,11 @@ public sealed class SecretsMountMysqlAurora /// public readonly ImmutableArray RootRotationStatements; /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// public readonly string? Username; /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. /// public readonly string? UsernameTemplate; /// diff --git a/sdk/dotnet/Database/Outputs/SecretsMountMysqlLegacy.cs b/sdk/dotnet/Database/Outputs/SecretsMountMysqlLegacy.cs index 0be80613f..8236abe98 100644 --- a/sdk/dotnet/Database/Outputs/SecretsMountMysqlLegacy.cs +++ b/sdk/dotnet/Database/Outputs/SecretsMountMysqlLegacy.cs @@ -19,32 +19,33 @@ public sealed class SecretsMountMysqlLegacy /// public readonly ImmutableArray AllowedRoles; /// - /// A URL containing connection information. - /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + /// Specifies the Redshift DSN. + /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) /// public readonly string? ConnectionUrl; /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public readonly ImmutableDictionary? Data; /// - /// The maximum number of seconds to keep - /// a connection alive for. + /// The maximum amount of time a connection may be reused. /// public readonly int? MaxConnectionLifetime; /// /// The maximum number of idle connections to - /// maintain. + /// the database. /// public readonly int? MaxIdleConnections; /// /// The maximum number of open connections to - /// use. + /// the database. /// public readonly int? MaxOpenConnections; public readonly string Name; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public readonly string? Password; /// @@ -56,11 +57,11 @@ public sealed class SecretsMountMysqlLegacy /// public readonly ImmutableArray RootRotationStatements; /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// public readonly string? Username; /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. /// public readonly string? UsernameTemplate; /// diff --git a/sdk/dotnet/Database/Outputs/SecretsMountMysqlRd.cs b/sdk/dotnet/Database/Outputs/SecretsMountMysqlRd.cs index a1010c222..d179530eb 100644 --- a/sdk/dotnet/Database/Outputs/SecretsMountMysqlRd.cs +++ b/sdk/dotnet/Database/Outputs/SecretsMountMysqlRd.cs @@ -19,32 +19,33 @@ public sealed class SecretsMountMysqlRd /// public readonly ImmutableArray AllowedRoles; /// - /// A URL containing connection information. - /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + /// Specifies the Redshift DSN. + /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) /// public readonly string? ConnectionUrl; /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public readonly ImmutableDictionary? Data; /// - /// The maximum number of seconds to keep - /// a connection alive for. + /// The maximum amount of time a connection may be reused. /// public readonly int? MaxConnectionLifetime; /// /// The maximum number of idle connections to - /// maintain. + /// the database. /// public readonly int? MaxIdleConnections; /// /// The maximum number of open connections to - /// use. + /// the database. /// public readonly int? MaxOpenConnections; public readonly string Name; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public readonly string? Password; /// @@ -56,11 +57,11 @@ public sealed class SecretsMountMysqlRd /// public readonly ImmutableArray RootRotationStatements; /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// public readonly string? Username; /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. /// public readonly string? UsernameTemplate; /// diff --git a/sdk/dotnet/Database/Outputs/SecretsMountOracle.cs b/sdk/dotnet/Database/Outputs/SecretsMountOracle.cs index aa2886130..6aa7a6949 100644 --- a/sdk/dotnet/Database/Outputs/SecretsMountOracle.cs +++ b/sdk/dotnet/Database/Outputs/SecretsMountOracle.cs @@ -19,32 +19,33 @@ public sealed class SecretsMountOracle /// public readonly ImmutableArray AllowedRoles; /// - /// A URL containing connection information. - /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + /// Specifies the Redshift DSN. + /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) /// public readonly string? ConnectionUrl; /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public readonly ImmutableDictionary? Data; /// - /// The maximum number of seconds to keep - /// a connection alive for. + /// The maximum amount of time a connection may be reused. /// public readonly int? MaxConnectionLifetime; /// /// The maximum number of idle connections to - /// maintain. + /// the database. /// public readonly int? MaxIdleConnections; /// /// The maximum number of open connections to - /// use. + /// the database. /// public readonly int? MaxOpenConnections; public readonly string Name; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public readonly string? Password; /// @@ -56,11 +57,11 @@ public sealed class SecretsMountOracle /// public readonly ImmutableArray RootRotationStatements; /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// public readonly string? Username; /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. /// public readonly string? UsernameTemplate; /// diff --git a/sdk/dotnet/Database/Outputs/SecretsMountPostgresql.cs b/sdk/dotnet/Database/Outputs/SecretsMountPostgresql.cs index 14f33b69d..13af51cbe 100644 --- a/sdk/dotnet/Database/Outputs/SecretsMountPostgresql.cs +++ b/sdk/dotnet/Database/Outputs/SecretsMountPostgresql.cs @@ -20,12 +20,14 @@ public sealed class SecretsMountPostgresql public readonly ImmutableArray AllowedRoles; public readonly string? AuthType; /// - /// A URL containing connection information. - /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + /// Specifies the Redshift DSN. + /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) /// public readonly string? ConnectionUrl; /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public readonly ImmutableDictionary? Data; /// @@ -33,23 +35,22 @@ public sealed class SecretsMountPostgresql /// public readonly bool? DisableEscaping; /// - /// The maximum number of seconds to keep - /// a connection alive for. + /// The maximum amount of time a connection may be reused. /// public readonly int? MaxConnectionLifetime; /// /// The maximum number of idle connections to - /// maintain. + /// the database. /// public readonly int? MaxIdleConnections; /// /// The maximum number of open connections to - /// use. + /// the database. /// public readonly int? MaxOpenConnections; public readonly string Name; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public readonly string? Password; /// @@ -62,11 +63,11 @@ public sealed class SecretsMountPostgresql public readonly ImmutableArray RootRotationStatements; public readonly string? ServiceAccountJson; /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// public readonly string? Username; /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. /// public readonly string? UsernameTemplate; /// diff --git a/sdk/dotnet/Database/Outputs/SecretsMountRedi.cs b/sdk/dotnet/Database/Outputs/SecretsMountRedi.cs index 47aaeef9e..c2b2e6214 100644 --- a/sdk/dotnet/Database/Outputs/SecretsMountRedi.cs +++ b/sdk/dotnet/Database/Outputs/SecretsMountRedi.cs @@ -19,11 +19,13 @@ public sealed class SecretsMountRedi /// public readonly ImmutableArray AllowedRoles; /// - /// The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity. + /// The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. /// public readonly string? CaCert; /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public readonly ImmutableDictionary? Data; /// @@ -37,7 +39,7 @@ public sealed class SecretsMountRedi public readonly bool? InsecureTls; public readonly string Name; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public readonly string Password; /// @@ -54,11 +56,11 @@ public sealed class SecretsMountRedi /// public readonly ImmutableArray RootRotationStatements; /// - /// Whether to use TLS when connecting to Redis. + /// Whether to use TLS when connecting to Cassandra. /// public readonly bool? Tls; /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// public readonly string Username; /// diff --git a/sdk/dotnet/Database/Outputs/SecretsMountRedisElasticach.cs b/sdk/dotnet/Database/Outputs/SecretsMountRedisElasticach.cs index 81bbe5c15..5c3d641bc 100644 --- a/sdk/dotnet/Database/Outputs/SecretsMountRedisElasticach.cs +++ b/sdk/dotnet/Database/Outputs/SecretsMountRedisElasticach.cs @@ -20,11 +20,13 @@ public sealed class SecretsMountRedisElasticach public readonly ImmutableArray AllowedRoles; /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public readonly ImmutableDictionary? Data; public readonly string Name; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public readonly string? Password; /// @@ -41,11 +43,12 @@ public sealed class SecretsMountRedisElasticach /// public readonly ImmutableArray RootRotationStatements; /// - /// The configuration endpoint for the ElastiCache cluster to connect to. + /// The URL for Elasticsearch's API. https requires certificate + /// by trusted CA if used. /// public readonly string Url; /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// public readonly string? Username; /// diff --git a/sdk/dotnet/Database/Outputs/SecretsMountRedshift.cs b/sdk/dotnet/Database/Outputs/SecretsMountRedshift.cs index e4a96ab7d..1ceae8217 100644 --- a/sdk/dotnet/Database/Outputs/SecretsMountRedshift.cs +++ b/sdk/dotnet/Database/Outputs/SecretsMountRedshift.cs @@ -19,12 +19,14 @@ public sealed class SecretsMountRedshift /// public readonly ImmutableArray AllowedRoles; /// - /// A URL containing connection information. - /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + /// Specifies the Redshift DSN. + /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) /// public readonly string? ConnectionUrl; /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public readonly ImmutableDictionary? Data; /// @@ -32,23 +34,22 @@ public sealed class SecretsMountRedshift /// public readonly bool? DisableEscaping; /// - /// The maximum number of seconds to keep - /// a connection alive for. + /// The maximum amount of time a connection may be reused. /// public readonly int? MaxConnectionLifetime; /// /// The maximum number of idle connections to - /// maintain. + /// the database. /// public readonly int? MaxIdleConnections; /// /// The maximum number of open connections to - /// use. + /// the database. /// public readonly int? MaxOpenConnections; public readonly string Name; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public readonly string? Password; /// @@ -60,11 +61,11 @@ public sealed class SecretsMountRedshift /// public readonly ImmutableArray RootRotationStatements; /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// public readonly string? Username; /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. /// public readonly string? UsernameTemplate; /// diff --git a/sdk/dotnet/Database/Outputs/SecretsMountSnowflake.cs b/sdk/dotnet/Database/Outputs/SecretsMountSnowflake.cs index 65c9b5f33..fb1709662 100644 --- a/sdk/dotnet/Database/Outputs/SecretsMountSnowflake.cs +++ b/sdk/dotnet/Database/Outputs/SecretsMountSnowflake.cs @@ -19,32 +19,33 @@ public sealed class SecretsMountSnowflake /// public readonly ImmutableArray AllowedRoles; /// - /// A URL containing connection information. - /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + /// Specifies the Redshift DSN. + /// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) /// public readonly string? ConnectionUrl; /// /// A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + /// + /// Supported list of database secrets engines that can be configured: /// public readonly ImmutableDictionary? Data; /// - /// The maximum number of seconds to keep - /// a connection alive for. + /// The maximum amount of time a connection may be reused. /// public readonly int? MaxConnectionLifetime; /// /// The maximum number of idle connections to - /// maintain. + /// the database. /// public readonly int? MaxIdleConnections; /// /// The maximum number of open connections to - /// use. + /// the database. /// public readonly int? MaxOpenConnections; public readonly string Name; /// - /// The password to be used in the connection. + /// The root credential password used in the connection URL. /// public readonly string? Password; /// @@ -56,11 +57,11 @@ public sealed class SecretsMountSnowflake /// public readonly ImmutableArray RootRotationStatements; /// - /// The username to be used in the connection (the account admin level). + /// The root credential username used in the connection URL. /// public readonly string? Username; /// - /// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + /// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. /// public readonly string? UsernameTemplate; /// diff --git a/sdk/dotnet/Database/SecretBackendConnection.cs b/sdk/dotnet/Database/SecretBackendConnection.cs index 991afb6ab..3d2c9aa38 100644 --- a/sdk/dotnet/Database/SecretBackendConnection.cs +++ b/sdk/dotnet/Database/SecretBackendConnection.cs @@ -14,6 +14,7 @@ namespace Pulumi.Vault.Database /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -185,6 +186,8 @@ public partial class SecretBackendConnection : global::Pulumi.CustomResource /// /// A nested block containing configuration options for Redis ElastiCache connections. + /// + /// Exactly one of the nested blocks of configuration options must be supplied. /// [Output("redisElasticache")] public Output RedisElasticache { get; private set; } = null!; @@ -404,6 +407,8 @@ public InputMap Data /// /// A nested block containing configuration options for Redis ElastiCache connections. + /// + /// Exactly one of the nested blocks of configuration options must be supplied. /// [Input("redisElasticache")] public Input? RedisElasticache { get; set; } @@ -591,6 +596,8 @@ public InputMap Data /// /// A nested block containing configuration options for Redis ElastiCache connections. + /// + /// Exactly one of the nested blocks of configuration options must be supplied. /// [Input("redisElasticache")] public Input? RedisElasticache { get; set; } diff --git a/sdk/dotnet/Database/SecretBackendRole.cs b/sdk/dotnet/Database/SecretBackendRole.cs index 100166cfa..7fdd673bc 100644 --- a/sdk/dotnet/Database/SecretBackendRole.cs +++ b/sdk/dotnet/Database/SecretBackendRole.cs @@ -14,6 +14,7 @@ namespace Pulumi.Vault.Database /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -79,6 +80,8 @@ public partial class SecretBackendRole : global::Pulumi.CustomResource /// /// Specifies the configuration /// for the given `credential_type`. + /// + /// The following options are available for each `credential_type` value: /// [Output("credentialConfig")] public Output?> CredentialConfig { get; private set; } = null!; @@ -219,6 +222,8 @@ public InputList CreationStatements /// /// Specifies the configuration /// for the given `credential_type`. + /// + /// The following options are available for each `credential_type` value: /// public InputMap CredentialConfig { @@ -342,6 +347,8 @@ public InputList CreationStatements /// /// Specifies the configuration /// for the given `credential_type`. + /// + /// The following options are available for each `credential_type` value: /// public InputMap CredentialConfig { diff --git a/sdk/dotnet/Database/SecretBackendStaticRole.cs b/sdk/dotnet/Database/SecretBackendStaticRole.cs index 63c43cc22..e56622ab0 100644 --- a/sdk/dotnet/Database/SecretBackendStaticRole.cs +++ b/sdk/dotnet/Database/SecretBackendStaticRole.cs @@ -18,6 +18,7 @@ namespace Pulumi.Vault.Database /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -120,6 +121,9 @@ public partial class SecretBackendStaticRole : global::Pulumi.CustomResource /// /// A cron-style string that will define the schedule on which rotations should occur. /// Mutually exclusive with `rotation_period`. + /// + /// **Warning**: The `rotation_period` and `rotation_schedule` fields are + /// mutually exclusive. One of them must be set but not both. /// [Output("rotationSchedule")] public Output RotationSchedule { get; private set; } = null!; @@ -226,6 +230,9 @@ public sealed class SecretBackendStaticRoleArgs : global::Pulumi.ResourceArgs /// /// A cron-style string that will define the schedule on which rotations should occur. /// Mutually exclusive with `rotation_period`. + /// + /// **Warning**: The `rotation_period` and `rotation_schedule` fields are + /// mutually exclusive. One of them must be set but not both. /// [Input("rotationSchedule")] public Input? RotationSchedule { get; set; } @@ -300,6 +307,9 @@ public sealed class SecretBackendStaticRoleState : global::Pulumi.ResourceArgs /// /// A cron-style string that will define the schedule on which rotations should occur. /// Mutually exclusive with `rotation_period`. + /// + /// **Warning**: The `rotation_period` and `rotation_schedule` fields are + /// mutually exclusive. One of them must be set but not both. /// [Input("rotationSchedule")] public Input? RotationSchedule { get; set; } diff --git a/sdk/dotnet/Database/SecretsMount.cs b/sdk/dotnet/Database/SecretsMount.cs index 6f369d76a..bb11b5fb5 100644 --- a/sdk/dotnet/Database/SecretsMount.cs +++ b/sdk/dotnet/Database/SecretsMount.cs @@ -14,6 +14,7 @@ namespace Pulumi.Vault.Database /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -98,6 +99,8 @@ public partial class SecretsMount : global::Pulumi.CustomResource /// /// Set of managed key registry entry names that the mount in question is allowed to access + /// + /// The following arguments are common to all database engines: /// [Output("allowedManagedKeys")] public Output> AllowedManagedKeys { get; private set; } = null!; @@ -351,6 +354,8 @@ public sealed class SecretsMountArgs : global::Pulumi.ResourceArgs /// /// Set of managed key registry entry names that the mount in question is allowed to access + /// + /// The following arguments are common to all database engines: /// public InputList AllowedManagedKeys { @@ -695,6 +700,8 @@ public sealed class SecretsMountState : global::Pulumi.ResourceArgs /// /// Set of managed key registry entry names that the mount in question is allowed to access + /// + /// The following arguments are common to all database engines: /// public InputList AllowedManagedKeys { diff --git a/sdk/dotnet/EgpPolicy.cs b/sdk/dotnet/EgpPolicy.cs index 59673cd3c..563f01bb2 100644 --- a/sdk/dotnet/EgpPolicy.cs +++ b/sdk/dotnet/EgpPolicy.cs @@ -18,6 +18,7 @@ namespace Pulumi.Vault /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Gcp/AuthBackend.cs b/sdk/dotnet/Gcp/AuthBackend.cs index 017403367..4cf362c85 100644 --- a/sdk/dotnet/Gcp/AuthBackend.cs +++ b/sdk/dotnet/Gcp/AuthBackend.cs @@ -17,6 +17,7 @@ namespace Pulumi.Vault.Gcp /// ```csharp /// using System.Collections.Generic; /// using System.IO; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -78,6 +79,8 @@ public partial class AuthBackend : global::Pulumi.CustomResource /// used when making API requests. This allows specific requests made during authentication /// to target alternative service endpoints for use in [Private Google Access](https://cloud.google.com/vpc/docs/configure-private-google-access) /// environments. Requires Vault 1.11+. + /// + /// Overrides are set at the subdomain level using the following keys: /// [Output("customEndpoint")] public Output CustomEndpoint { get; private set; } = null!; @@ -212,6 +215,8 @@ public Input? Credentials /// used when making API requests. This allows specific requests made during authentication /// to target alternative service endpoints for use in [Private Google Access](https://cloud.google.com/vpc/docs/configure-private-google-access) /// environments. Requires Vault 1.11+. + /// + /// Overrides are set at the subdomain level using the following keys: /// [Input("customEndpoint")] public Input? CustomEndpoint { get; set; } @@ -310,6 +315,8 @@ public Input? Credentials /// used when making API requests. This allows specific requests made during authentication /// to target alternative service endpoints for use in [Private Google Access](https://cloud.google.com/vpc/docs/configure-private-google-access) /// environments. Requires Vault 1.11+. + /// + /// Overrides are set at the subdomain level using the following keys: /// [Input("customEndpoint")] public Input? CustomEndpoint { get; set; } diff --git a/sdk/dotnet/Gcp/AuthBackendRole.cs b/sdk/dotnet/Gcp/AuthBackendRole.cs index a23158ee7..2d264d7ac 100644 --- a/sdk/dotnet/Gcp/AuthBackendRole.cs +++ b/sdk/dotnet/Gcp/AuthBackendRole.cs @@ -16,6 +16,7 @@ namespace Pulumi.Vault.Gcp /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -92,7 +93,7 @@ public partial class AuthBackendRole : global::Pulumi.CustomResource public Output> BoundLabels { get; private set; } = null!; /// - /// GCP Projects that the role exists within + /// An array of GCP project IDs. Only entities belonging to this project can authenticate under the role. /// [Output("boundProjects")] public Output> BoundProjects { get; private set; } = null!; @@ -302,7 +303,7 @@ public InputList BoundLabels private InputList? _boundProjects; /// - /// GCP Projects that the role exists within + /// An array of GCP project IDs. Only entities belonging to this project can authenticate under the role. /// public InputList BoundProjects { @@ -507,7 +508,7 @@ public InputList BoundLabels private InputList? _boundProjects; /// - /// GCP Projects that the role exists within + /// An array of GCP project IDs. Only entities belonging to this project can authenticate under the role. /// public InputList BoundProjects { diff --git a/sdk/dotnet/Gcp/GetAuthBackendRole.cs b/sdk/dotnet/Gcp/GetAuthBackendRole.cs index 4ef2cecdd..a3e92f301 100644 --- a/sdk/dotnet/Gcp/GetAuthBackendRole.cs +++ b/sdk/dotnet/Gcp/GetAuthBackendRole.cs @@ -20,6 +20,7 @@ public static class GetAuthBackendRole /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -52,6 +53,7 @@ public static Task InvokeAsync(GetAuthBackendRoleArgs /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Gcp/Inputs/AuthBackendCustomEndpointArgs.cs b/sdk/dotnet/Gcp/Inputs/AuthBackendCustomEndpointArgs.cs index 1fd2793ae..f26569426 100644 --- a/sdk/dotnet/Gcp/Inputs/AuthBackendCustomEndpointArgs.cs +++ b/sdk/dotnet/Gcp/Inputs/AuthBackendCustomEndpointArgs.cs @@ -20,6 +20,11 @@ public sealed class AuthBackendCustomEndpointArgs : global::Pulumi.ResourceArgs /// /// Replaces the service endpoint used in API requests to `https://compute.googleapis.com`. + /// + /// The endpoint value provided for a given key has the form of `scheme://host:port`. + /// The `scheme://` and `:port` portions of the endpoint value are optional. + /// + /// For more details on the usage of each argument consult the [Vault GCP API documentation](https://www.vaultproject.io/api-docs/auth/gcp#configure). /// [Input("compute")] public Input? Compute { get; set; } diff --git a/sdk/dotnet/Gcp/Inputs/AuthBackendCustomEndpointGetArgs.cs b/sdk/dotnet/Gcp/Inputs/AuthBackendCustomEndpointGetArgs.cs index cfafba543..bdae24ef9 100644 --- a/sdk/dotnet/Gcp/Inputs/AuthBackendCustomEndpointGetArgs.cs +++ b/sdk/dotnet/Gcp/Inputs/AuthBackendCustomEndpointGetArgs.cs @@ -20,6 +20,11 @@ public sealed class AuthBackendCustomEndpointGetArgs : global::Pulumi.ResourceAr /// /// Replaces the service endpoint used in API requests to `https://compute.googleapis.com`. + /// + /// The endpoint value provided for a given key has the form of `scheme://host:port`. + /// The `scheme://` and `:port` portions of the endpoint value are optional. + /// + /// For more details on the usage of each argument consult the [Vault GCP API documentation](https://www.vaultproject.io/api-docs/auth/gcp#configure). /// [Input("compute")] public Input? Compute { get; set; } diff --git a/sdk/dotnet/Gcp/Outputs/AuthBackendCustomEndpoint.cs b/sdk/dotnet/Gcp/Outputs/AuthBackendCustomEndpoint.cs index cf3b5e075..a7eab4aba 100644 --- a/sdk/dotnet/Gcp/Outputs/AuthBackendCustomEndpoint.cs +++ b/sdk/dotnet/Gcp/Outputs/AuthBackendCustomEndpoint.cs @@ -19,6 +19,11 @@ public sealed class AuthBackendCustomEndpoint public readonly string? Api; /// /// Replaces the service endpoint used in API requests to `https://compute.googleapis.com`. + /// + /// The endpoint value provided for a given key has the form of `scheme://host:port`. + /// The `scheme://` and `:port` portions of the endpoint value are optional. + /// + /// For more details on the usage of each argument consult the [Vault GCP API documentation](https://www.vaultproject.io/api-docs/auth/gcp#configure). /// public readonly string? Compute; /// diff --git a/sdk/dotnet/Gcp/SecretBackend.cs b/sdk/dotnet/Gcp/SecretBackend.cs index 49de951a8..01449e214 100644 --- a/sdk/dotnet/Gcp/SecretBackend.cs +++ b/sdk/dotnet/Gcp/SecretBackend.cs @@ -15,6 +15,7 @@ namespace Pulumi.Vault.Gcp /// ```csharp /// using System.Collections.Generic; /// using System.IO; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -32,7 +33,7 @@ namespace Pulumi.Vault.Gcp public partial class SecretBackend : global::Pulumi.CustomResource { /// - /// The GCP service account credentials in JSON format. + /// JSON-encoded credentials to use to connect to GCP /// [Output("credentials")] public Output Credentials { get; private set; } = null!; @@ -140,7 +141,7 @@ public sealed class SecretBackendArgs : global::Pulumi.ResourceArgs private Input? _credentials; /// - /// The GCP service account credentials in JSON format. + /// JSON-encoded credentials to use to connect to GCP /// public Input? Credentials { @@ -213,7 +214,7 @@ public sealed class SecretBackendState : global::Pulumi.ResourceArgs private Input? _credentials; /// - /// The GCP service account credentials in JSON format. + /// JSON-encoded credentials to use to connect to GCP /// public Input? Credentials { diff --git a/sdk/dotnet/Gcp/SecretImpersonatedAccount.cs b/sdk/dotnet/Gcp/SecretImpersonatedAccount.cs index a5e497ee3..6ae9bf254 100644 --- a/sdk/dotnet/Gcp/SecretImpersonatedAccount.cs +++ b/sdk/dotnet/Gcp/SecretImpersonatedAccount.cs @@ -20,6 +20,7 @@ namespace Pulumi.Vault.Gcp /// ```csharp /// using System.Collections.Generic; /// using System.IO; + /// using System.Linq; /// using Pulumi; /// using Gcp = Pulumi.Gcp; /// using Vault = Pulumi.Vault; diff --git a/sdk/dotnet/Gcp/SecretRoleset.cs b/sdk/dotnet/Gcp/SecretRoleset.cs index 7b3d9b95a..04f350ffe 100644 --- a/sdk/dotnet/Gcp/SecretRoleset.cs +++ b/sdk/dotnet/Gcp/SecretRoleset.cs @@ -19,6 +19,7 @@ namespace Pulumi.Vault.Gcp /// ```csharp /// using System.Collections.Generic; /// using System.IO; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -109,7 +110,7 @@ public partial class SecretRoleset : global::Pulumi.CustomResource public Output SecretType { get; private set; } = null!; /// - /// Email of the service account created by Vault for this Roleset + /// Email of the service account created by Vault for this Roleset. /// [Output("serviceAccountEmail")] public Output ServiceAccountEmail { get; private set; } = null!; @@ -277,7 +278,7 @@ public InputList Bindings public Input? SecretType { get; set; } /// - /// Email of the service account created by Vault for this Roleset + /// Email of the service account created by Vault for this Roleset. /// [Input("serviceAccountEmail")] public Input? ServiceAccountEmail { get; set; } diff --git a/sdk/dotnet/Gcp/SecretStaticAccount.cs b/sdk/dotnet/Gcp/SecretStaticAccount.cs index e9485f8d5..73de26514 100644 --- a/sdk/dotnet/Gcp/SecretStaticAccount.cs +++ b/sdk/dotnet/Gcp/SecretStaticAccount.cs @@ -20,6 +20,7 @@ namespace Pulumi.Vault.Gcp /// ```csharp /// using System.Collections.Generic; /// using System.IO; + /// using System.Linq; /// using Pulumi; /// using Gcp = Pulumi.Gcp; /// using Vault = Pulumi.Vault; diff --git a/sdk/dotnet/Generic/Endpoint.cs b/sdk/dotnet/Generic/Endpoint.cs index f70b76b00..5af0a5b9c 100644 --- a/sdk/dotnet/Generic/Endpoint.cs +++ b/sdk/dotnet/Generic/Endpoint.cs @@ -14,6 +14,7 @@ namespace Pulumi.Vault.Generic /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -109,7 +110,9 @@ public partial class Endpoint : global::Pulumi.CustomResource public Output DataJson { get; private set; } = null!; /// - /// Don't attempt to delete the path from Vault if true + /// - (Optional) True/false. Set this to true if your + /// vault authentication is not able to delete the data or if the endpoint + /// does not support the `DELETE` method. Defaults to false. /// [Output("disableDelete")] public Output DisableDelete { get; private set; } = null!; @@ -125,7 +128,13 @@ public partial class Endpoint : global::Pulumi.CustomResource public Output DisableRead { get; private set; } = null!; /// - /// When reading, disregard fields not present in data_json + /// - (Optional) True/false. If set to true, + /// ignore any fields present when the endpoint is read but that were not + /// in `data_json`. Also, if a field that was written is not returned when + /// the endpoint is read, treat that field as being up to date. You should + /// set this to `true` when writing to endpoint that, when read, returns a + /// different set of fields from the ones you wrote, as is common with + /// many configuration endpoints. Defaults to false. /// [Output("ignoreAbsentFields")] public Output IgnoreAbsentFields { get; private set; } = null!; @@ -149,19 +158,30 @@ public partial class Endpoint : global::Pulumi.CustomResource public Output Path { get; private set; } = null!; /// - /// Map of strings returned by write operation + /// - A map whose keys are the top-level data keys + /// returned from Vault by the write operation and whose values are the + /// corresponding values. This map can only represent string data, so + /// any non-string values returned from Vault are serialized as JSON. + /// Only fields set in `write_fields` are present in the JSON data. /// [Output("writeData")] public Output> WriteData { get; private set; } = null!; /// - /// JSON data returned by write operation + /// - The JSON data returned by the write operation. + /// Only fields set in `write_fields` are present in the JSON data. /// [Output("writeDataJson")] public Output WriteDataJson { get; private set; } = null!; /// - /// Top-level fields returned by write to persist in state + /// - (Optional). A list of fields that should be returned + /// in `write_data_json` and `write_data`. If omitted, data returned by + /// the write operation is not available to the resource or included in + /// state. This helps to avoid accidental storage of sensitive values in + /// state. Some endpoints, such as many dynamic secrets endpoints, return + /// data from writing to an endpoint rather than reading it. You should + /// use `write_fields` if you need information returned in this way. /// [Output("writeFields")] public Output> WriteFields { get; private set; } = null!; @@ -234,7 +254,9 @@ public Input? DataJson } /// - /// Don't attempt to delete the path from Vault if true + /// - (Optional) True/false. Set this to true if your + /// vault authentication is not able to delete the data or if the endpoint + /// does not support the `DELETE` method. Defaults to false. /// [Input("disableDelete")] public Input? DisableDelete { get; set; } @@ -250,7 +272,13 @@ public Input? DataJson public Input? DisableRead { get; set; } /// - /// When reading, disregard fields not present in data_json + /// - (Optional) True/false. If set to true, + /// ignore any fields present when the endpoint is read but that were not + /// in `data_json`. Also, if a field that was written is not returned when + /// the endpoint is read, treat that field as being up to date. You should + /// set this to `true` when writing to endpoint that, when read, returns a + /// different set of fields from the ones you wrote, as is common with + /// many configuration endpoints. Defaults to false. /// [Input("ignoreAbsentFields")] public Input? IgnoreAbsentFields { get; set; } @@ -277,7 +305,13 @@ public Input? DataJson private InputList? _writeFields; /// - /// Top-level fields returned by write to persist in state + /// - (Optional). A list of fields that should be returned + /// in `write_data_json` and `write_data`. If omitted, data returned by + /// the write operation is not available to the resource or included in + /// state. This helps to avoid accidental storage of sensitive values in + /// state. Some endpoints, such as many dynamic secrets endpoints, return + /// data from writing to an endpoint rather than reading it. You should + /// use `write_fields` if you need information returned in this way. /// public InputList WriteFields { @@ -311,7 +345,9 @@ public Input? DataJson } /// - /// Don't attempt to delete the path from Vault if true + /// - (Optional) True/false. Set this to true if your + /// vault authentication is not able to delete the data or if the endpoint + /// does not support the `DELETE` method. Defaults to false. /// [Input("disableDelete")] public Input? DisableDelete { get; set; } @@ -327,7 +363,13 @@ public Input? DataJson public Input? DisableRead { get; set; } /// - /// When reading, disregard fields not present in data_json + /// - (Optional) True/false. If set to true, + /// ignore any fields present when the endpoint is read but that were not + /// in `data_json`. Also, if a field that was written is not returned when + /// the endpoint is read, treat that field as being up to date. You should + /// set this to `true` when writing to endpoint that, when read, returns a + /// different set of fields from the ones you wrote, as is common with + /// many configuration endpoints. Defaults to false. /// [Input("ignoreAbsentFields")] public Input? IgnoreAbsentFields { get; set; } @@ -354,7 +396,11 @@ public Input? DataJson private InputMap? _writeData; /// - /// Map of strings returned by write operation + /// - A map whose keys are the top-level data keys + /// returned from Vault by the write operation and whose values are the + /// corresponding values. This map can only represent string data, so + /// any non-string values returned from Vault are serialized as JSON. + /// Only fields set in `write_fields` are present in the JSON data. /// public InputMap WriteData { @@ -363,7 +409,8 @@ public InputMap WriteData } /// - /// JSON data returned by write operation + /// - The JSON data returned by the write operation. + /// Only fields set in `write_fields` are present in the JSON data. /// [Input("writeDataJson")] public Input? WriteDataJson { get; set; } @@ -372,7 +419,13 @@ public InputMap WriteData private InputList? _writeFields; /// - /// Top-level fields returned by write to persist in state + /// - (Optional). A list of fields that should be returned + /// in `write_data_json` and `write_data`. If omitted, data returned by + /// the write operation is not available to the resource or included in + /// state. This helps to avoid accidental storage of sensitive values in + /// state. Some endpoints, such as many dynamic secrets endpoints, return + /// data from writing to an endpoint rather than reading it. You should + /// use `write_fields` if you need information returned in this way. /// public InputList WriteFields { diff --git a/sdk/dotnet/Generic/GetSecret.cs b/sdk/dotnet/Generic/GetSecret.cs index 166531a38..2bc7e953f 100644 --- a/sdk/dotnet/Generic/GetSecret.cs +++ b/sdk/dotnet/Generic/GetSecret.cs @@ -19,6 +19,7 @@ public static class GetSecret /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -48,6 +49,7 @@ public static Task InvokeAsync(GetSecretArgs args, InvokeOption /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -100,6 +102,11 @@ public sealed class GetSecretArgs : global::Pulumi.InvokeArgs [Input("version")] public int? Version { get; set; } + /// + /// If set to true, stores `lease_start_time` in the TF state. + /// Note that storing the `lease_start_time` in the TF state will cause a persistent drift + /// on every `pulumi preview` and will require a `pulumi up`. + /// [Input("withLeaseStartTime")] public bool? WithLeaseStartTime { get; set; } @@ -138,6 +145,11 @@ public sealed class GetSecretInvokeArgs : global::Pulumi.InvokeArgs [Input("version")] public Input? Version { get; set; } + /// + /// If set to true, stores `lease_start_time` in the TF state. + /// Note that storing the `lease_start_time` in the TF state will cause a persistent drift + /// on every `pulumi preview` and will require a `pulumi up`. + /// [Input("withLeaseStartTime")] public Input? WithLeaseStartTime { get; set; } diff --git a/sdk/dotnet/GetAuthBackend.cs b/sdk/dotnet/GetAuthBackend.cs index ca05b7acf..efb84787b 100644 --- a/sdk/dotnet/GetAuthBackend.cs +++ b/sdk/dotnet/GetAuthBackend.cs @@ -18,6 +18,7 @@ public static class GetAuthBackend /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -43,6 +44,7 @@ public static Task InvokeAsync(GetAuthBackendArgs args, In /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/GetAuthBackends.cs b/sdk/dotnet/GetAuthBackends.cs new file mode 100644 index 000000000..be712af09 --- /dev/null +++ b/sdk/dotnet/GetAuthBackends.cs @@ -0,0 +1,106 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Vault +{ + public static class GetAuthBackends + { + public static Task InvokeAsync(GetAuthBackendsArgs? args = null, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.InvokeAsync("vault:index/getAuthBackends:getAuthBackends", args ?? new GetAuthBackendsArgs(), options.WithDefaults()); + + public static Output Invoke(GetAuthBackendsInvokeArgs? args = null, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.Invoke("vault:index/getAuthBackends:getAuthBackends", args ?? new GetAuthBackendsInvokeArgs(), options.WithDefaults()); + } + + + public sealed class GetAuthBackendsArgs : global::Pulumi.InvokeArgs + { + /// + /// The namespace of the target resource. + /// The value should not contain leading or trailing forward slashes. + /// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + /// *Available only for Vault Enterprise*. + /// + [Input("namespace")] + public string? Namespace { get; set; } + + /// + /// The name of the auth method type. Allows filtering of backends returned by type. + /// + [Input("type")] + public string? Type { get; set; } + + public GetAuthBackendsArgs() + { + } + public static new GetAuthBackendsArgs Empty => new GetAuthBackendsArgs(); + } + + public sealed class GetAuthBackendsInvokeArgs : global::Pulumi.InvokeArgs + { + /// + /// The namespace of the target resource. + /// The value should not contain leading or trailing forward slashes. + /// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + /// *Available only for Vault Enterprise*. + /// + [Input("namespace")] + public Input? Namespace { get; set; } + + /// + /// The name of the auth method type. Allows filtering of backends returned by type. + /// + [Input("type")] + public Input? Type { get; set; } + + public GetAuthBackendsInvokeArgs() + { + } + public static new GetAuthBackendsInvokeArgs Empty => new GetAuthBackendsInvokeArgs(); + } + + + [OutputType] + public sealed class GetAuthBackendsResult + { + /// + /// The accessor IDs for the auth methods. + /// + public readonly ImmutableArray Accessors; + /// + /// The provider-assigned unique ID for this managed resource. + /// + public readonly string Id; + public readonly string? Namespace; + /// + /// List of auth backend mount points. + /// + public readonly ImmutableArray Paths; + public readonly string? Type; + + [OutputConstructor] + private GetAuthBackendsResult( + ImmutableArray accessors, + + string id, + + string? @namespace, + + ImmutableArray paths, + + string? type) + { + Accessors = accessors; + Id = id; + Namespace = @namespace; + Paths = paths; + Type = type; + } + } +} diff --git a/sdk/dotnet/GetNomadAccessToken.cs b/sdk/dotnet/GetNomadAccessToken.cs index 68f01fcc9..f35ee8203 100644 --- a/sdk/dotnet/GetNomadAccessToken.cs +++ b/sdk/dotnet/GetNomadAccessToken.cs @@ -18,6 +18,7 @@ public static class GetNomadAccessToken /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -65,6 +66,7 @@ public static Task InvokeAsync(GetNomadAccessTokenArg /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/GetPolicyDocument.cs b/sdk/dotnet/GetPolicyDocument.cs index 6ac24733b..c36a6d2d2 100644 --- a/sdk/dotnet/GetPolicyDocument.cs +++ b/sdk/dotnet/GetPolicyDocument.cs @@ -20,6 +20,7 @@ public static class GetPolicyDocument /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -67,6 +68,7 @@ public static Task InvokeAsync(GetPolicyDocumentArgs? a /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/GetRaftAutopilotState.cs b/sdk/dotnet/GetRaftAutopilotState.cs new file mode 100644 index 000000000..097968e16 --- /dev/null +++ b/sdk/dotnet/GetRaftAutopilotState.cs @@ -0,0 +1,213 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Vault +{ + public static class GetRaftAutopilotState + { + /// + /// Displays the state of the raft cluster under integrated storage as seen by + /// autopilot. It shows whether autopilot thinks the cluster is healthy or not, and + /// how many nodes could fail before the cluster becomes unhealthy ("Failure + /// Tolerance"). For more information, please refer to the + /// [Vault documentation](https://developer.hashicorp.com/vault/api-docs/system/storage/raftautopilot#get-cluster-state). + /// + /// {{% examples %}} + /// ## Example Usage + /// {{% example %}} + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Vault = Pulumi.Vault; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var main = Vault.GetRaftAutopilotState.Invoke(); + /// + /// return new Dictionary<string, object?> + /// { + /// ["failure-tolerance"] = main.Apply(getRaftAutopilotStateResult => getRaftAutopilotStateResult.FailureTolerance), + /// }; + /// }); + /// ``` + /// {{% /example %}} + /// {{% /examples %}} + /// + public static Task InvokeAsync(GetRaftAutopilotStateArgs? args = null, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.InvokeAsync("vault:index/getRaftAutopilotState:getRaftAutopilotState", args ?? new GetRaftAutopilotStateArgs(), options.WithDefaults()); + + /// + /// Displays the state of the raft cluster under integrated storage as seen by + /// autopilot. It shows whether autopilot thinks the cluster is healthy or not, and + /// how many nodes could fail before the cluster becomes unhealthy ("Failure + /// Tolerance"). For more information, please refer to the + /// [Vault documentation](https://developer.hashicorp.com/vault/api-docs/system/storage/raftautopilot#get-cluster-state). + /// + /// {{% examples %}} + /// ## Example Usage + /// {{% example %}} + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Vault = Pulumi.Vault; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var main = Vault.GetRaftAutopilotState.Invoke(); + /// + /// return new Dictionary<string, object?> + /// { + /// ["failure-tolerance"] = main.Apply(getRaftAutopilotStateResult => getRaftAutopilotStateResult.FailureTolerance), + /// }; + /// }); + /// ``` + /// {{% /example %}} + /// {{% /examples %}} + /// + public static Output Invoke(GetRaftAutopilotStateInvokeArgs? args = null, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.Invoke("vault:index/getRaftAutopilotState:getRaftAutopilotState", args ?? new GetRaftAutopilotStateInvokeArgs(), options.WithDefaults()); + } + + + public sealed class GetRaftAutopilotStateArgs : global::Pulumi.InvokeArgs + { + /// + /// The namespace of the target resource. + /// The value should not contain leading or trailing forward slashes. + /// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + /// *Available only for Vault Enterprise*. + /// + [Input("namespace")] + public string? Namespace { get; set; } + + public GetRaftAutopilotStateArgs() + { + } + public static new GetRaftAutopilotStateArgs Empty => new GetRaftAutopilotStateArgs(); + } + + public sealed class GetRaftAutopilotStateInvokeArgs : global::Pulumi.InvokeArgs + { + /// + /// The namespace of the target resource. + /// The value should not contain leading or trailing forward slashes. + /// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + /// *Available only for Vault Enterprise*. + /// + [Input("namespace")] + public Input? Namespace { get; set; } + + public GetRaftAutopilotStateInvokeArgs() + { + } + public static new GetRaftAutopilotStateInvokeArgs Empty => new GetRaftAutopilotStateInvokeArgs(); + } + + + [OutputType] + public sealed class GetRaftAutopilotStateResult + { + /// + /// How many nodes could fail before the cluster becomes unhealthy. + /// + public readonly int FailureTolerance; + /// + /// Cluster health status. + /// + public readonly bool Healthy; + /// + /// The provider-assigned unique ID for this managed resource. + /// + public readonly string Id; + /// + /// The current leader of Vault. + /// + public readonly string Leader; + public readonly string? Namespace; + /// + /// The cluster-level optimistic failure tolerance. + /// + public readonly int OptimisticFailureTolerance; + /// + /// Additional output related to redundancy zones stored as a serialized map of strings. + /// + public readonly ImmutableDictionary RedundancyZones; + /// + /// Additional output related to redundancy zones. + /// + public readonly string RedundancyZonesJson; + /// + /// Additionaly output related to servers in the cluster stored as a serialized map of strings. + /// + public readonly ImmutableDictionary Servers; + /// + /// Additionaly output related to servers in the cluster. + /// + public readonly string ServersJson; + /// + /// Additional output related to upgrade information stored as a serialized map of strings. + /// + public readonly ImmutableDictionary UpgradeInfo; + /// + /// Additional output related to upgrade information. + /// + public readonly string UpgradeInfoJson; + /// + /// The voters in the Vault cluster. + /// + public readonly ImmutableArray Voters; + + [OutputConstructor] + private GetRaftAutopilotStateResult( + int failureTolerance, + + bool healthy, + + string id, + + string leader, + + string? @namespace, + + int optimisticFailureTolerance, + + ImmutableDictionary redundancyZones, + + string redundancyZonesJson, + + ImmutableDictionary servers, + + string serversJson, + + ImmutableDictionary upgradeInfo, + + string upgradeInfoJson, + + ImmutableArray voters) + { + FailureTolerance = failureTolerance; + Healthy = healthy; + Id = id; + Leader = leader; + Namespace = @namespace; + OptimisticFailureTolerance = optimisticFailureTolerance; + RedundancyZones = redundancyZones; + RedundancyZonesJson = redundancyZonesJson; + Servers = servers; + ServersJson = serversJson; + UpgradeInfo = upgradeInfo; + UpgradeInfoJson = upgradeInfoJson; + Voters = voters; + } + } +} diff --git a/sdk/dotnet/GitHub/AuthBackend.cs b/sdk/dotnet/GitHub/AuthBackend.cs index 47cd5aedf..559381e5d 100644 --- a/sdk/dotnet/GitHub/AuthBackend.cs +++ b/sdk/dotnet/GitHub/AuthBackend.cs @@ -18,6 +18,7 @@ namespace Pulumi.Vault.GitHub /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -168,6 +169,8 @@ public partial class AuthBackend : global::Pulumi.CustomResource /// /// Extra configuration block. Structure is documented below. + /// + /// The `tune` block is used to tune the auth backend: /// [Output("tune")] public Output Tune { get; private set; } = null!; @@ -350,6 +353,8 @@ public InputList TokenPolicies /// /// Extra configuration block. Structure is documented below. + /// + /// The `tune` block is used to tune the auth backend: /// [Input("tune")] public Input? Tune { get; set; } @@ -500,6 +505,8 @@ public InputList TokenPolicies /// /// Extra configuration block. Structure is documented below. + /// + /// The `tune` block is used to tune the auth backend: /// [Input("tune")] public Input? Tune { get; set; } diff --git a/sdk/dotnet/GitHub/Team.cs b/sdk/dotnet/GitHub/Team.cs index 999bdfcde..7c6614489 100644 --- a/sdk/dotnet/GitHub/Team.cs +++ b/sdk/dotnet/GitHub/Team.cs @@ -18,6 +18,7 @@ namespace Pulumi.Vault.GitHub /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/GitHub/User.cs b/sdk/dotnet/GitHub/User.cs index 31d8b0544..d3245aa21 100644 --- a/sdk/dotnet/GitHub/User.cs +++ b/sdk/dotnet/GitHub/User.cs @@ -18,6 +18,7 @@ namespace Pulumi.Vault.GitHub /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Identity/Entity.cs b/sdk/dotnet/Identity/Entity.cs index f948bf6e1..84fcb4fd3 100644 --- a/sdk/dotnet/Identity/Entity.cs +++ b/sdk/dotnet/Identity/Entity.cs @@ -14,6 +14,7 @@ namespace Pulumi.Vault.Identity /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Identity/EntityAlias.cs b/sdk/dotnet/Identity/EntityAlias.cs index 584c35b8c..58b718c38 100644 --- a/sdk/dotnet/Identity/EntityAlias.cs +++ b/sdk/dotnet/Identity/EntityAlias.cs @@ -14,6 +14,7 @@ namespace Pulumi.Vault.Identity /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Identity/EntityPolicies.cs b/sdk/dotnet/Identity/EntityPolicies.cs index 01ee0911d..160266358 100644 --- a/sdk/dotnet/Identity/EntityPolicies.cs +++ b/sdk/dotnet/Identity/EntityPolicies.cs @@ -17,6 +17,7 @@ namespace Pulumi.Vault.Identity /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -44,6 +45,7 @@ namespace Pulumi.Vault.Identity /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -95,6 +97,10 @@ public partial class EntityPolicies : global::Pulumi.CustomResource /// /// Defaults to `true`. + /// + /// If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource. + /// + /// If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. /// [Output("exclusive")] public Output Exclusive { get; private set; } = null!; @@ -168,6 +174,10 @@ public sealed class EntityPoliciesArgs : global::Pulumi.ResourceArgs /// /// Defaults to `true`. + /// + /// If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource. + /// + /// If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. /// [Input("exclusive")] public Input? Exclusive { get; set; } @@ -215,6 +225,10 @@ public sealed class EntityPoliciesState : global::Pulumi.ResourceArgs /// /// Defaults to `true`. + /// + /// If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource. + /// + /// If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. /// [Input("exclusive")] public Input? Exclusive { get; set; } diff --git a/sdk/dotnet/Identity/GetEntity.cs b/sdk/dotnet/Identity/GetEntity.cs index dd3430d4c..f58ae571e 100644 --- a/sdk/dotnet/Identity/GetEntity.cs +++ b/sdk/dotnet/Identity/GetEntity.cs @@ -18,6 +18,7 @@ public static class GetEntity /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -46,6 +47,7 @@ public static Task InvokeAsync(GetEntityArgs? args = null, Invo /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -80,6 +82,9 @@ public sealed class GetEntityArgs : global::Pulumi.InvokeArgs /// /// Accessor of the mount to which the alias belongs to. /// This should be supplied in conjunction with `alias_name`. + /// + /// The lookup criteria can be `entity_name`, `entity_id`, `alias_id`, or a combination of + /// `alias_name` and `alias_mount_accessor`. /// [Input("aliasMountAccessor")] public string? AliasMountAccessor { get; set; } @@ -129,6 +134,9 @@ public sealed class GetEntityInvokeArgs : global::Pulumi.InvokeArgs /// /// Accessor of the mount to which the alias belongs to. /// This should be supplied in conjunction with `alias_name`. + /// + /// The lookup criteria can be `entity_name`, `entity_id`, `alias_id`, or a combination of + /// `alias_name` and `alias_mount_accessor`. /// [Input("aliasMountAccessor")] public Input? AliasMountAccessor { get; set; } diff --git a/sdk/dotnet/Identity/GetGroup.cs b/sdk/dotnet/Identity/GetGroup.cs index cef541006..deea29cd6 100644 --- a/sdk/dotnet/Identity/GetGroup.cs +++ b/sdk/dotnet/Identity/GetGroup.cs @@ -18,6 +18,7 @@ public static class GetGroup /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -46,6 +47,7 @@ public static Task InvokeAsync(GetGroupArgs? args = null, Invoke /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -80,6 +82,9 @@ public sealed class GetGroupArgs : global::Pulumi.InvokeArgs /// /// Accessor of the mount to which the alias belongs to. /// This should be supplied in conjunction with `alias_name`. + /// + /// The lookup criteria can be `group_name`, `group_id`, `alias_id`, or a combination of + /// `alias_name` and `alias_mount_accessor`. /// [Input("aliasMountAccessor")] public string? AliasMountAccessor { get; set; } @@ -129,6 +134,9 @@ public sealed class GetGroupInvokeArgs : global::Pulumi.InvokeArgs /// /// Accessor of the mount to which the alias belongs to. /// This should be supplied in conjunction with `alias_name`. + /// + /// The lookup criteria can be `group_name`, `group_id`, `alias_id`, or a combination of + /// `alias_name` and `alias_mount_accessor`. /// [Input("aliasMountAccessor")] public Input? AliasMountAccessor { get; set; } diff --git a/sdk/dotnet/Identity/GetOidcClientCreds.cs b/sdk/dotnet/Identity/GetOidcClientCreds.cs index 328b4442e..daf7603b8 100644 --- a/sdk/dotnet/Identity/GetOidcClientCreds.cs +++ b/sdk/dotnet/Identity/GetOidcClientCreds.cs @@ -18,6 +18,7 @@ public static class GetOidcClientCreds /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -55,6 +56,7 @@ public static Task InvokeAsync(GetOidcClientCredsArgs /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -143,6 +145,7 @@ public sealed class GetOidcClientCredsResult public readonly string ClientId; /// /// The Client Secret Key returned by Vault. + /// For public OpenID Clients `client_secret` is set to an empty string `""` /// public readonly string ClientSecret; /// diff --git a/sdk/dotnet/Identity/GetOidcOpenidConfig.cs b/sdk/dotnet/Identity/GetOidcOpenidConfig.cs index c0e996293..5b2c8f955 100644 --- a/sdk/dotnet/Identity/GetOidcOpenidConfig.cs +++ b/sdk/dotnet/Identity/GetOidcOpenidConfig.cs @@ -18,6 +18,7 @@ public static class GetOidcOpenidConfig /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -74,6 +75,7 @@ public static Task InvokeAsync(GetOidcOpenidConfigArg /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Identity/GetOidcPublicKeys.cs b/sdk/dotnet/Identity/GetOidcPublicKeys.cs index 2608e231f..31ff4e82c 100644 --- a/sdk/dotnet/Identity/GetOidcPublicKeys.cs +++ b/sdk/dotnet/Identity/GetOidcPublicKeys.cs @@ -18,6 +18,7 @@ public static class GetOidcPublicKeys /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -74,6 +75,7 @@ public static Task InvokeAsync(GetOidcPublicKeysArgs ar /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Identity/Group.cs b/sdk/dotnet/Identity/Group.cs index 9757a0454..bdb0410e5 100644 --- a/sdk/dotnet/Identity/Group.cs +++ b/sdk/dotnet/Identity/Group.cs @@ -19,6 +19,7 @@ namespace Pulumi.Vault.Identity /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -44,6 +45,7 @@ namespace Pulumi.Vault.Identity /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -72,6 +74,7 @@ namespace Pulumi.Vault.Identity /// This sort of pattern should be avoided: /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Identity/GroupAlias.cs b/sdk/dotnet/Identity/GroupAlias.cs index b62edc717..837107c3c 100644 --- a/sdk/dotnet/Identity/GroupAlias.cs +++ b/sdk/dotnet/Identity/GroupAlias.cs @@ -18,6 +18,7 @@ namespace Pulumi.Vault.Identity /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Identity/GroupMemberEntityIds.cs b/sdk/dotnet/Identity/GroupMemberEntityIds.cs index 15d8af338..52d183b56 100644 --- a/sdk/dotnet/Identity/GroupMemberEntityIds.cs +++ b/sdk/dotnet/Identity/GroupMemberEntityIds.cs @@ -17,6 +17,7 @@ namespace Pulumi.Vault.Identity /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -50,6 +51,7 @@ namespace Pulumi.Vault.Identity /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -100,6 +102,10 @@ public partial class GroupMemberEntityIds : global::Pulumi.CustomResource { /// /// Defaults to `true`. + /// + /// If `true`, this resource will take exclusive control of the member entities that belong to the group and will set it equal to what is specified in the resource. + /// + /// If set to `false`, this resource will simply ensure that the member entities specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member entities specified in the resource are removed. /// [Output("exclusive")] public Output Exclusive { get; private set; } = null!; @@ -181,6 +187,10 @@ public sealed class GroupMemberEntityIdsArgs : global::Pulumi.ResourceArgs { /// /// Defaults to `true`. + /// + /// If `true`, this resource will take exclusive control of the member entities that belong to the group and will set it equal to what is specified in the resource. + /// + /// If set to `false`, this resource will simply ensure that the member entities specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member entities specified in the resource are removed. /// [Input("exclusive")] public Input? Exclusive { get; set; } @@ -222,6 +232,10 @@ public sealed class GroupMemberEntityIdsState : global::Pulumi.ResourceArgs { /// /// Defaults to `true`. + /// + /// If `true`, this resource will take exclusive control of the member entities that belong to the group and will set it equal to what is specified in the resource. + /// + /// If set to `false`, this resource will simply ensure that the member entities specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member entities specified in the resource are removed. /// [Input("exclusive")] public Input? Exclusive { get; set; } diff --git a/sdk/dotnet/Identity/GroupMemberGroupIds.cs b/sdk/dotnet/Identity/GroupMemberGroupIds.cs index 0b0d156c7..96195efd1 100644 --- a/sdk/dotnet/Identity/GroupMemberGroupIds.cs +++ b/sdk/dotnet/Identity/GroupMemberGroupIds.cs @@ -19,6 +19,7 @@ namespace Pulumi.Vault.Identity /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -58,6 +59,7 @@ namespace Pulumi.Vault.Identity /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -99,6 +101,13 @@ public partial class GroupMemberGroupIds : global::Pulumi.CustomResource { /// /// Defaults to `true`. + /// + /// If `true`, this resource will take exclusive control of the member groups that belong to the group and will set + /// it equal to what is specified in the resource. + /// + /// If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + /// in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource + /// are removed. /// [Output("exclusive")] public Output Exclusive { get; private set; } = null!; @@ -172,6 +181,13 @@ public sealed class GroupMemberGroupIdsArgs : global::Pulumi.ResourceArgs { /// /// Defaults to `true`. + /// + /// If `true`, this resource will take exclusive control of the member groups that belong to the group and will set + /// it equal to what is specified in the resource. + /// + /// If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + /// in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource + /// are removed. /// [Input("exclusive")] public Input? Exclusive { get; set; } @@ -213,6 +229,13 @@ public sealed class GroupMemberGroupIdsState : global::Pulumi.ResourceArgs { /// /// Defaults to `true`. + /// + /// If `true`, this resource will take exclusive control of the member groups that belong to the group and will set + /// it equal to what is specified in the resource. + /// + /// If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + /// in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource + /// are removed. /// [Input("exclusive")] public Input? Exclusive { get; set; } diff --git a/sdk/dotnet/Identity/GroupPolicies.cs b/sdk/dotnet/Identity/GroupPolicies.cs index 5c7990826..fe59e2c89 100644 --- a/sdk/dotnet/Identity/GroupPolicies.cs +++ b/sdk/dotnet/Identity/GroupPolicies.cs @@ -17,6 +17,7 @@ namespace Pulumi.Vault.Identity /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -49,6 +50,7 @@ namespace Pulumi.Vault.Identity /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -93,6 +95,10 @@ public partial class GroupPolicies : global::Pulumi.CustomResource { /// /// Defaults to `true`. + /// + /// If `true`, this resource will take exclusive control of the policies assigned to the group and will set it equal to what is specified in the resource. + /// + /// If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the group. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. /// [Output("exclusive")] public Output Exclusive { get; private set; } = null!; @@ -172,6 +178,10 @@ public sealed class GroupPoliciesArgs : global::Pulumi.ResourceArgs { /// /// Defaults to `true`. + /// + /// If `true`, this resource will take exclusive control of the policies assigned to the group and will set it equal to what is specified in the resource. + /// + /// If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the group. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. /// [Input("exclusive")] public Input? Exclusive { get; set; } @@ -213,6 +223,10 @@ public sealed class GroupPoliciesState : global::Pulumi.ResourceArgs { /// /// Defaults to `true`. + /// + /// If `true`, this resource will take exclusive control of the policies assigned to the group and will set it equal to what is specified in the resource. + /// + /// If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the group. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. /// [Input("exclusive")] public Input? Exclusive { get; set; } diff --git a/sdk/dotnet/Identity/MfaDuo.cs b/sdk/dotnet/Identity/MfaDuo.cs index a5b4d7b68..e6a3556a8 100644 --- a/sdk/dotnet/Identity/MfaDuo.cs +++ b/sdk/dotnet/Identity/MfaDuo.cs @@ -16,6 +16,7 @@ namespace Pulumi.Vault.Identity /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Identity/MfaLoginEnforcement.cs b/sdk/dotnet/Identity/MfaLoginEnforcement.cs index ef28ff290..7d984e6e1 100644 --- a/sdk/dotnet/Identity/MfaLoginEnforcement.cs +++ b/sdk/dotnet/Identity/MfaLoginEnforcement.cs @@ -16,6 +16,7 @@ namespace Pulumi.Vault.Identity /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Identity/MfaOkta.cs b/sdk/dotnet/Identity/MfaOkta.cs index 02b3e6a54..e0bf0299a 100644 --- a/sdk/dotnet/Identity/MfaOkta.cs +++ b/sdk/dotnet/Identity/MfaOkta.cs @@ -16,6 +16,7 @@ namespace Pulumi.Vault.Identity /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Identity/MfaPingid.cs b/sdk/dotnet/Identity/MfaPingid.cs index 24c7525e8..3c0de9989 100644 --- a/sdk/dotnet/Identity/MfaPingid.cs +++ b/sdk/dotnet/Identity/MfaPingid.cs @@ -16,6 +16,7 @@ namespace Pulumi.Vault.Identity /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Identity/MfaTotp.cs b/sdk/dotnet/Identity/MfaTotp.cs index 3b8a04915..110d87a2d 100644 --- a/sdk/dotnet/Identity/MfaTotp.cs +++ b/sdk/dotnet/Identity/MfaTotp.cs @@ -16,6 +16,7 @@ namespace Pulumi.Vault.Identity /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Identity/Oidc.cs b/sdk/dotnet/Identity/Oidc.cs index 0e1408bfc..7d725748c 100644 --- a/sdk/dotnet/Identity/Oidc.cs +++ b/sdk/dotnet/Identity/Oidc.cs @@ -21,6 +21,7 @@ namespace Pulumi.Vault.Identity /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Identity/OidcAssignment.cs b/sdk/dotnet/Identity/OidcAssignment.cs index a4d47af35..3a997e17e 100644 --- a/sdk/dotnet/Identity/OidcAssignment.cs +++ b/sdk/dotnet/Identity/OidcAssignment.cs @@ -17,6 +17,7 @@ namespace Pulumi.Vault.Identity /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Identity/OidcClient.cs b/sdk/dotnet/Identity/OidcClient.cs index a51aad7ca..02edf3fe3 100644 --- a/sdk/dotnet/Identity/OidcClient.cs +++ b/sdk/dotnet/Identity/OidcClient.cs @@ -17,6 +17,7 @@ namespace Pulumi.Vault.Identity /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Identity/OidcKey.cs b/sdk/dotnet/Identity/OidcKey.cs index b144d07f1..44a0ba2d0 100644 --- a/sdk/dotnet/Identity/OidcKey.cs +++ b/sdk/dotnet/Identity/OidcKey.cs @@ -14,6 +14,7 @@ namespace Pulumi.Vault.Identity /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -40,7 +41,7 @@ namespace Pulumi.Vault.Identity /// /// ## Import /// - /// The key can be imported with the key name, for example + /// The key can be imported with the key name, for example: /// /// ```sh /// $ pulumi import vault:identity/oidcKey:OidcKey key key @@ -57,8 +58,8 @@ public partial class OidcKey : global::Pulumi.CustomResource public Output Algorithm { get; private set; } = null!; /// - /// Array of role client ids allowed to use this key for signing. If empty, no roles are allowed. If "*", all roles are - /// allowed. + /// Array of role client ID allowed to use this key for signing. If + /// empty, no roles are allowed. If `["*"]`, all roles are allowed. /// [Output("allowedClientIds")] public Output> AllowedClientIds { get; private set; } = null!; @@ -148,8 +149,8 @@ public sealed class OidcKeyArgs : global::Pulumi.ResourceArgs private InputList? _allowedClientIds; /// - /// Array of role client ids allowed to use this key for signing. If empty, no roles are allowed. If "*", all roles are - /// allowed. + /// Array of role client ID allowed to use this key for signing. If + /// empty, no roles are allowed. If `["*"]`, all roles are allowed. /// public InputList AllowedClientIds { @@ -204,8 +205,8 @@ public sealed class OidcKeyState : global::Pulumi.ResourceArgs private InputList? _allowedClientIds; /// - /// Array of role client ids allowed to use this key for signing. If empty, no roles are allowed. If "*", all roles are - /// allowed. + /// Array of role client ID allowed to use this key for signing. If + /// empty, no roles are allowed. If `["*"]`, all roles are allowed. /// public InputList AllowedClientIds { diff --git a/sdk/dotnet/Identity/OidcKeyAllowedClientID.cs b/sdk/dotnet/Identity/OidcKeyAllowedClientID.cs index 8671e95bf..00de5a9f3 100644 --- a/sdk/dotnet/Identity/OidcKeyAllowedClientID.cs +++ b/sdk/dotnet/Identity/OidcKeyAllowedClientID.cs @@ -14,6 +14,7 @@ namespace Pulumi.Vault.Identity /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Identity/OidcProvider.cs b/sdk/dotnet/Identity/OidcProvider.cs index 59fad4b47..14564f86a 100644 --- a/sdk/dotnet/Identity/OidcProvider.cs +++ b/sdk/dotnet/Identity/OidcProvider.cs @@ -17,6 +17,7 @@ namespace Pulumi.Vault.Identity /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using System.Text.Json; /// using Pulumi; /// using Vault = Pulumi.Vault; diff --git a/sdk/dotnet/Identity/OidcRole.cs b/sdk/dotnet/Identity/OidcRole.cs index eb9c2b599..5ee8678e2 100644 --- a/sdk/dotnet/Identity/OidcRole.cs +++ b/sdk/dotnet/Identity/OidcRole.cs @@ -19,6 +19,7 @@ namespace Pulumi.Vault.Identity /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -49,6 +50,7 @@ namespace Pulumi.Vault.Identity /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -75,7 +77,7 @@ namespace Pulumi.Vault.Identity /// /// ## Import /// - /// The key can be imported with the role name, for example + /// The key can be imported with the role name, for example: /// /// ```sh /// $ pulumi import vault:identity/oidcRole:OidcRole role role diff --git a/sdk/dotnet/Identity/OidcScope.cs b/sdk/dotnet/Identity/OidcScope.cs index fe53278cf..38e722a53 100644 --- a/sdk/dotnet/Identity/OidcScope.cs +++ b/sdk/dotnet/Identity/OidcScope.cs @@ -17,6 +17,7 @@ namespace Pulumi.Vault.Identity /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Inputs/ProviderAuthLoginArgs.cs b/sdk/dotnet/Inputs/ProviderAuthLoginArgs.cs index ebaf2257d..577671389 100644 --- a/sdk/dotnet/Inputs/ProviderAuthLoginArgs.cs +++ b/sdk/dotnet/Inputs/ProviderAuthLoginArgs.cs @@ -23,12 +23,19 @@ public sealed class ProviderAuthLoginArgs : global::Pulumi.ResourceArgs public InputMap Parameters { get => _parameters ?? (_parameters = new InputMap()); - set => _parameters = value; + set + { + var emptySecret = Output.CreateSecret(ImmutableDictionary.Create()); + _parameters = Output.All(value, emptySecret).Apply(v => v[0]); + } } [Input("path", required: true)] public Input Path { get; set; } = null!; + [Input("useRootNamespace")] + public Input? UseRootNamespace { get; set; } + public ProviderAuthLoginArgs() { } diff --git a/sdk/dotnet/Inputs/ProviderAuthLoginAwsArgs.cs b/sdk/dotnet/Inputs/ProviderAuthLoginAwsArgs.cs index 76e382293..41e777053 100644 --- a/sdk/dotnet/Inputs/ProviderAuthLoginAwsArgs.cs +++ b/sdk/dotnet/Inputs/ProviderAuthLoginAwsArgs.cs @@ -57,6 +57,9 @@ public sealed class ProviderAuthLoginAwsArgs : global::Pulumi.ResourceArgs [Input("role", required: true)] public Input Role { get; set; } = null!; + [Input("useRootNamespace")] + public Input? UseRootNamespace { get; set; } + public ProviderAuthLoginAwsArgs() { } diff --git a/sdk/dotnet/Inputs/ProviderAuthLoginAzureArgs.cs b/sdk/dotnet/Inputs/ProviderAuthLoginAzureArgs.cs index 38810d7a3..2f6ceb578 100644 --- a/sdk/dotnet/Inputs/ProviderAuthLoginAzureArgs.cs +++ b/sdk/dotnet/Inputs/ProviderAuthLoginAzureArgs.cs @@ -39,6 +39,9 @@ public sealed class ProviderAuthLoginAzureArgs : global::Pulumi.ResourceArgs [Input("tenantId")] public Input? TenantId { get; set; } + [Input("useRootNamespace")] + public Input? UseRootNamespace { get; set; } + [Input("vmName")] public Input? VmName { get; set; } diff --git a/sdk/dotnet/Inputs/ProviderAuthLoginCertArgs.cs b/sdk/dotnet/Inputs/ProviderAuthLoginCertArgs.cs index bad399ae0..1140b9dd7 100644 --- a/sdk/dotnet/Inputs/ProviderAuthLoginCertArgs.cs +++ b/sdk/dotnet/Inputs/ProviderAuthLoginCertArgs.cs @@ -27,6 +27,9 @@ public sealed class ProviderAuthLoginCertArgs : global::Pulumi.ResourceArgs [Input("namespace")] public Input? Namespace { get; set; } + [Input("useRootNamespace")] + public Input? UseRootNamespace { get; set; } + public ProviderAuthLoginCertArgs() { } diff --git a/sdk/dotnet/Inputs/ProviderAuthLoginGcpArgs.cs b/sdk/dotnet/Inputs/ProviderAuthLoginGcpArgs.cs index b08da775d..91296a2e4 100644 --- a/sdk/dotnet/Inputs/ProviderAuthLoginGcpArgs.cs +++ b/sdk/dotnet/Inputs/ProviderAuthLoginGcpArgs.cs @@ -30,6 +30,9 @@ public sealed class ProviderAuthLoginGcpArgs : global::Pulumi.ResourceArgs [Input("serviceAccount")] public Input? ServiceAccount { get; set; } + [Input("useRootNamespace")] + public Input? UseRootNamespace { get; set; } + public ProviderAuthLoginGcpArgs() { } diff --git a/sdk/dotnet/Inputs/ProviderAuthLoginJwtArgs.cs b/sdk/dotnet/Inputs/ProviderAuthLoginJwtArgs.cs index 69f45eb42..0adc37043 100644 --- a/sdk/dotnet/Inputs/ProviderAuthLoginJwtArgs.cs +++ b/sdk/dotnet/Inputs/ProviderAuthLoginJwtArgs.cs @@ -24,6 +24,9 @@ public sealed class ProviderAuthLoginJwtArgs : global::Pulumi.ResourceArgs [Input("role", required: true)] public Input Role { get; set; } = null!; + [Input("useRootNamespace")] + public Input? UseRootNamespace { get; set; } + public ProviderAuthLoginJwtArgs() { } diff --git a/sdk/dotnet/Inputs/ProviderAuthLoginKerberosArgs.cs b/sdk/dotnet/Inputs/ProviderAuthLoginKerberosArgs.cs index aaa676af9..5dc2fd8f2 100644 --- a/sdk/dotnet/Inputs/ProviderAuthLoginKerberosArgs.cs +++ b/sdk/dotnet/Inputs/ProviderAuthLoginKerberosArgs.cs @@ -39,6 +39,9 @@ public sealed class ProviderAuthLoginKerberosArgs : global::Pulumi.ResourceArgs [Input("token")] public Input? Token { get; set; } + [Input("useRootNamespace")] + public Input? UseRootNamespace { get; set; } + [Input("username")] public Input? Username { get; set; } diff --git a/sdk/dotnet/Inputs/ProviderAuthLoginOciArgs.cs b/sdk/dotnet/Inputs/ProviderAuthLoginOciArgs.cs index 9422b6ede..59d5b54aa 100644 --- a/sdk/dotnet/Inputs/ProviderAuthLoginOciArgs.cs +++ b/sdk/dotnet/Inputs/ProviderAuthLoginOciArgs.cs @@ -24,6 +24,9 @@ public sealed class ProviderAuthLoginOciArgs : global::Pulumi.ResourceArgs [Input("role", required: true)] public Input Role { get; set; } = null!; + [Input("useRootNamespace")] + public Input? UseRootNamespace { get; set; } + public ProviderAuthLoginOciArgs() { } diff --git a/sdk/dotnet/Inputs/ProviderAuthLoginOidcArgs.cs b/sdk/dotnet/Inputs/ProviderAuthLoginOidcArgs.cs index 31b906a73..bbdc47a3d 100644 --- a/sdk/dotnet/Inputs/ProviderAuthLoginOidcArgs.cs +++ b/sdk/dotnet/Inputs/ProviderAuthLoginOidcArgs.cs @@ -27,6 +27,9 @@ public sealed class ProviderAuthLoginOidcArgs : global::Pulumi.ResourceArgs [Input("role", required: true)] public Input Role { get; set; } = null!; + [Input("useRootNamespace")] + public Input? UseRootNamespace { get; set; } + public ProviderAuthLoginOidcArgs() { } diff --git a/sdk/dotnet/Inputs/ProviderAuthLoginRadiusArgs.cs b/sdk/dotnet/Inputs/ProviderAuthLoginRadiusArgs.cs index 832cadca4..a6ad456d1 100644 --- a/sdk/dotnet/Inputs/ProviderAuthLoginRadiusArgs.cs +++ b/sdk/dotnet/Inputs/ProviderAuthLoginRadiusArgs.cs @@ -21,6 +21,9 @@ public sealed class ProviderAuthLoginRadiusArgs : global::Pulumi.ResourceArgs [Input("password", required: true)] public Input Password { get; set; } = null!; + [Input("useRootNamespace")] + public Input? UseRootNamespace { get; set; } + [Input("username", required: true)] public Input Username { get; set; } = null!; diff --git a/sdk/dotnet/Inputs/ProviderAuthLoginTokenFileArgs.cs b/sdk/dotnet/Inputs/ProviderAuthLoginTokenFileArgs.cs index 77ede7c5e..04fa584a6 100644 --- a/sdk/dotnet/Inputs/ProviderAuthLoginTokenFileArgs.cs +++ b/sdk/dotnet/Inputs/ProviderAuthLoginTokenFileArgs.cs @@ -18,6 +18,9 @@ public sealed class ProviderAuthLoginTokenFileArgs : global::Pulumi.ResourceArgs [Input("namespace")] public Input? Namespace { get; set; } + [Input("useRootNamespace")] + public Input? UseRootNamespace { get; set; } + public ProviderAuthLoginTokenFileArgs() { } diff --git a/sdk/dotnet/Inputs/ProviderAuthLoginUserpassArgs.cs b/sdk/dotnet/Inputs/ProviderAuthLoginUserpassArgs.cs index 885232829..6fa00cee3 100644 --- a/sdk/dotnet/Inputs/ProviderAuthLoginUserpassArgs.cs +++ b/sdk/dotnet/Inputs/ProviderAuthLoginUserpassArgs.cs @@ -24,6 +24,9 @@ public sealed class ProviderAuthLoginUserpassArgs : global::Pulumi.ResourceArgs [Input("passwordFile")] public Input? PasswordFile { get; set; } + [Input("useRootNamespace")] + public Input? UseRootNamespace { get; set; } + [Input("username", required: true)] public Input Username { get; set; } = null!; diff --git a/sdk/dotnet/Jwt/AuthBackend.cs b/sdk/dotnet/Jwt/AuthBackend.cs index ac6aef6a2..0ae83746d 100644 --- a/sdk/dotnet/Jwt/AuthBackend.cs +++ b/sdk/dotnet/Jwt/AuthBackend.cs @@ -19,6 +19,7 @@ namespace Pulumi.Vault.Jwt /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -39,6 +40,7 @@ namespace Pulumi.Vault.Jwt /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -66,6 +68,7 @@ namespace Pulumi.Vault.Jwt /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -96,7 +99,6 @@ namespace Pulumi.Vault.Jwt /// ```sh /// $ pulumi import vault:jwt/authBackend:AuthBackend oidc oidc /// ``` - /// /// or /// /// ```sh @@ -178,6 +180,10 @@ public partial class AuthBackend : global::Pulumi.CustomResource /// /// Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs + /// + /// * tune - (Optional) Extra configuration block. Structure is documented below. + /// + /// The `tune` block is used to tune the auth backend: /// [Output("namespaceInState")] public Output NamespaceInState { get; private set; } = null!; @@ -367,6 +373,10 @@ public InputList JwtValidationPubkeys /// /// Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs + /// + /// * tune - (Optional) Extra configuration block. Structure is documented below. + /// + /// The `tune` block is used to tune the auth backend: /// [Input("namespaceInState")] public Input? NamespaceInState { get; set; } @@ -542,6 +552,10 @@ public InputList JwtValidationPubkeys /// /// Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs + /// + /// * tune - (Optional) Extra configuration block. Structure is documented below. + /// + /// The `tune` block is used to tune the auth backend: /// [Input("namespaceInState")] public Input? NamespaceInState { get; set; } diff --git a/sdk/dotnet/Jwt/AuthBackendRole.cs b/sdk/dotnet/Jwt/AuthBackendRole.cs index 4ea34b59e..468c9da73 100644 --- a/sdk/dotnet/Jwt/AuthBackendRole.cs +++ b/sdk/dotnet/Jwt/AuthBackendRole.cs @@ -20,6 +20,7 @@ namespace Pulumi.Vault.Jwt /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -59,6 +60,7 @@ namespace Pulumi.Vault.Jwt /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Kmip/SecretBackend.cs b/sdk/dotnet/Kmip/SecretBackend.cs index 8b701184b..0ef836827 100644 --- a/sdk/dotnet/Kmip/SecretBackend.cs +++ b/sdk/dotnet/Kmip/SecretBackend.cs @@ -18,6 +18,7 @@ namespace Pulumi.Vault.Kmip /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Kmip/SecretRole.cs b/sdk/dotnet/Kmip/SecretRole.cs index 8337db2e6..d1dd7812a 100644 --- a/sdk/dotnet/Kmip/SecretRole.cs +++ b/sdk/dotnet/Kmip/SecretRole.cs @@ -18,6 +18,7 @@ namespace Pulumi.Vault.Kmip /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Kmip/SecretScope.cs b/sdk/dotnet/Kmip/SecretScope.cs index a7710284e..e3e0db861 100644 --- a/sdk/dotnet/Kmip/SecretScope.cs +++ b/sdk/dotnet/Kmip/SecretScope.cs @@ -18,6 +18,7 @@ namespace Pulumi.Vault.Kmip /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Kubernetes/AuthBackendConfig.cs b/sdk/dotnet/Kubernetes/AuthBackendConfig.cs index 5b60815ee..2104844b9 100644 --- a/sdk/dotnet/Kubernetes/AuthBackendConfig.cs +++ b/sdk/dotnet/Kubernetes/AuthBackendConfig.cs @@ -18,6 +18,7 @@ namespace Pulumi.Vault.Kubernetes /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Kubernetes/AuthBackendRole.cs b/sdk/dotnet/Kubernetes/AuthBackendRole.cs index 921838b85..148f2cfeb 100644 --- a/sdk/dotnet/Kubernetes/AuthBackendRole.cs +++ b/sdk/dotnet/Kubernetes/AuthBackendRole.cs @@ -18,6 +18,7 @@ namespace Pulumi.Vault.Kubernetes /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -73,6 +74,10 @@ public partial class AuthBackendRole : global::Pulumi.CustomResource /// /// Audience claim to verify in the JWT. + /// + /// > Please see [alias_name_source](https://www.vaultproject.io/api-docs/auth/kubernetes#alias_name_source) + /// before setting this to something other its default value. There are **important** security + /// implications to be aware of. /// [Output("audience")] public Output Audience { get; private set; } = null!; @@ -235,6 +240,10 @@ public sealed class AuthBackendRoleArgs : global::Pulumi.ResourceArgs /// /// Audience claim to verify in the JWT. + /// + /// > Please see [alias_name_source](https://www.vaultproject.io/api-docs/auth/kubernetes#alias_name_source) + /// before setting this to something other its default value. There are **important** security + /// implications to be aware of. /// [Input("audience")] public Input? Audience { get; set; } @@ -383,6 +392,10 @@ public sealed class AuthBackendRoleState : global::Pulumi.ResourceArgs /// /// Audience claim to verify in the JWT. + /// + /// > Please see [alias_name_source](https://www.vaultproject.io/api-docs/auth/kubernetes#alias_name_source) + /// before setting this to something other its default value. There are **important** security + /// implications to be aware of. /// [Input("audience")] public Input? Audience { get; set; } diff --git a/sdk/dotnet/Kubernetes/GetServiceAccountToken.cs b/sdk/dotnet/Kubernetes/GetServiceAccountToken.cs index 4164f5b4a..0a020b0e8 100644 --- a/sdk/dotnet/Kubernetes/GetServiceAccountToken.cs +++ b/sdk/dotnet/Kubernetes/GetServiceAccountToken.cs @@ -19,6 +19,7 @@ public static class GetServiceAccountToken /// ```csharp /// using System.Collections.Generic; /// using System.IO; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -81,6 +82,7 @@ public static Task InvokeAsync(GetServiceAccountTo /// ```csharp /// using System.Collections.Generic; /// using System.IO; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Kubernetes/SecretBackend.cs b/sdk/dotnet/Kubernetes/SecretBackend.cs index 22f1f0695..b50d39cbc 100644 --- a/sdk/dotnet/Kubernetes/SecretBackend.cs +++ b/sdk/dotnet/Kubernetes/SecretBackend.cs @@ -15,6 +15,7 @@ namespace Pulumi.Vault.Kubernetes /// ```csharp /// using System.Collections.Generic; /// using System.IO; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Kubernetes/SecretBackendRole.cs b/sdk/dotnet/Kubernetes/SecretBackendRole.cs index 90997dff5..203fdb6e3 100644 --- a/sdk/dotnet/Kubernetes/SecretBackendRole.cs +++ b/sdk/dotnet/Kubernetes/SecretBackendRole.cs @@ -17,6 +17,7 @@ namespace Pulumi.Vault.Kubernetes /// ```csharp /// using System.Collections.Generic; /// using System.IO; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -62,6 +63,7 @@ namespace Pulumi.Vault.Kubernetes /// ```csharp /// using System.Collections.Generic; /// using System.IO; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -107,6 +109,7 @@ namespace Pulumi.Vault.Kubernetes /// ```csharp /// using System.Collections.Generic; /// using System.IO; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -187,6 +190,8 @@ public partial class SecretBackendRole : global::Pulumi.CustomResource /// /// Additional labels to apply to all generated Kubernetes /// objects. + /// + /// This resource also directly accepts all vault.Mount fields. /// [Output("extraLabels")] public Output?> ExtraLabels { get; private set; } = null!; @@ -343,6 +348,8 @@ public InputMap ExtraAnnotations /// /// Additional labels to apply to all generated Kubernetes /// objects. + /// + /// This resource also directly accepts all vault.Mount fields. /// public InputMap ExtraLabels { @@ -464,6 +471,8 @@ public InputMap ExtraAnnotations /// /// Additional labels to apply to all generated Kubernetes /// objects. + /// + /// This resource also directly accepts all vault.Mount fields. /// public InputMap ExtraLabels { diff --git a/sdk/dotnet/Ldap/AuthBackend.cs b/sdk/dotnet/Ldap/AuthBackend.cs index 9b4723fa0..fe7e28148 100644 --- a/sdk/dotnet/Ldap/AuthBackend.cs +++ b/sdk/dotnet/Ldap/AuthBackend.cs @@ -16,6 +16,7 @@ namespace Pulumi.Vault.Ldap /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -83,6 +84,9 @@ public partial class AuthBackend : global::Pulumi.CustomResource [Output("clientTlsKey")] public Output ClientTlsKey { get; private set; } = null!; + /// + /// Prevents users from bypassing authentication when providing an empty password. + /// [Output("denyNullBind")] public Output DenyNullBind { get; private set; } = null!; @@ -99,6 +103,9 @@ public partial class AuthBackend : global::Pulumi.CustomResource [Output("disableRemount")] public Output DisableRemount { get; private set; } = null!; + /// + /// Use anonymous bind to discover the bind DN of a user. + /// [Output("discoverdn")] public Output Discoverdn { get; private set; } = null!; @@ -234,17 +241,13 @@ public partial class AuthBackend : global::Pulumi.CustomResource public Output TokenTtl { get; private set; } = null!; /// - /// The type of token that should be generated. Can be `service`, - /// `batch`, or `default` to use the mount's tuned default (which unless changed will be - /// `service` tokens). For token store roles, there are two additional possibilities: - /// `default-service` and `default-batch` which specify the type to return unless the client - /// requests a different type at generation time. + /// The type of token to generate, service or batch /// [Output("tokenType")] public Output TokenType { get; private set; } = null!; /// - /// The userPrincipalDomain used to construct UPN string + /// The `userPrincipalDomain` used to construct the UPN string for the authenticating user. /// [Output("upndomain")] public Output Upndomain { get; private set; } = null!; @@ -385,6 +388,9 @@ public Input? ClientTlsKey } } + /// + /// Prevents users from bypassing authentication when providing an empty password. + /// [Input("denyNullBind")] public Input? DenyNullBind { get; set; } @@ -401,6 +407,9 @@ public Input? ClientTlsKey [Input("disableRemount")] public Input? DisableRemount { get; set; } + /// + /// Use anonymous bind to discover the bind DN of a user. + /// [Input("discoverdn")] public Input? Discoverdn { get; set; } @@ -548,17 +557,13 @@ public InputList TokenPolicies public Input? TokenTtl { get; set; } /// - /// The type of token that should be generated. Can be `service`, - /// `batch`, or `default` to use the mount's tuned default (which unless changed will be - /// `service` tokens). For token store roles, there are two additional possibilities: - /// `default-service` and `default-batch` which specify the type to return unless the client - /// requests a different type at generation time. + /// The type of token to generate, service or batch /// [Input("tokenType")] public Input? TokenType { get; set; } /// - /// The userPrincipalDomain used to construct UPN string + /// The `userPrincipalDomain` used to construct the UPN string for the authenticating user. /// [Input("upndomain")] public Input? Upndomain { get; set; } @@ -662,6 +667,9 @@ public Input? ClientTlsKey } } + /// + /// Prevents users from bypassing authentication when providing an empty password. + /// [Input("denyNullBind")] public Input? DenyNullBind { get; set; } @@ -678,6 +686,9 @@ public Input? ClientTlsKey [Input("disableRemount")] public Input? DisableRemount { get; set; } + /// + /// Use anonymous bind to discover the bind DN of a user. + /// [Input("discoverdn")] public Input? Discoverdn { get; set; } @@ -825,17 +836,13 @@ public InputList TokenPolicies public Input? TokenTtl { get; set; } /// - /// The type of token that should be generated. Can be `service`, - /// `batch`, or `default` to use the mount's tuned default (which unless changed will be - /// `service` tokens). For token store roles, there are two additional possibilities: - /// `default-service` and `default-batch` which specify the type to return unless the client - /// requests a different type at generation time. + /// The type of token to generate, service or batch /// [Input("tokenType")] public Input? TokenType { get; set; } /// - /// The userPrincipalDomain used to construct UPN string + /// The `userPrincipalDomain` used to construct the UPN string for the authenticating user. /// [Input("upndomain")] public Input? Upndomain { get; set; } diff --git a/sdk/dotnet/Ldap/AuthBackendGroup.cs b/sdk/dotnet/Ldap/AuthBackendGroup.cs index b84f086f6..9b7ddb7a4 100644 --- a/sdk/dotnet/Ldap/AuthBackendGroup.cs +++ b/sdk/dotnet/Ldap/AuthBackendGroup.cs @@ -16,6 +16,7 @@ namespace Pulumi.Vault.Ldap /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -59,6 +60,8 @@ public partial class AuthBackendGroup : global::Pulumi.CustomResource { /// /// Path to the authentication backend + /// + /// For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). /// [Output("backend")] public Output Backend { get; private set; } = null!; @@ -132,6 +135,8 @@ public sealed class AuthBackendGroupArgs : global::Pulumi.ResourceArgs { /// /// Path to the authentication backend + /// + /// For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). /// [Input("backend")] public Input? Backend { get; set; } @@ -173,6 +178,8 @@ public sealed class AuthBackendGroupState : global::Pulumi.ResourceArgs { /// /// Path to the authentication backend + /// + /// For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). /// [Input("backend")] public Input? Backend { get; set; } diff --git a/sdk/dotnet/Ldap/AuthBackendUser.cs b/sdk/dotnet/Ldap/AuthBackendUser.cs index a082d28cd..f05a3ef14 100644 --- a/sdk/dotnet/Ldap/AuthBackendUser.cs +++ b/sdk/dotnet/Ldap/AuthBackendUser.cs @@ -16,6 +16,7 @@ namespace Pulumi.Vault.Ldap /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -60,6 +61,8 @@ public partial class AuthBackendUser : global::Pulumi.CustomResource { /// /// Path to the authentication backend + /// + /// For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). /// [Output("backend")] public Output Backend { get; private set; } = null!; @@ -139,6 +142,8 @@ public sealed class AuthBackendUserArgs : global::Pulumi.ResourceArgs { /// /// Path to the authentication backend + /// + /// For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). /// [Input("backend")] public Input? Backend { get; set; } @@ -192,6 +197,8 @@ public sealed class AuthBackendUserState : global::Pulumi.ResourceArgs { /// /// Path to the authentication backend + /// + /// For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). /// [Input("backend")] public Input? Backend { get; set; } diff --git a/sdk/dotnet/Ldap/GetDynamicCredentials.cs b/sdk/dotnet/Ldap/GetDynamicCredentials.cs new file mode 100644 index 000000000..22565abca --- /dev/null +++ b/sdk/dotnet/Ldap/GetDynamicCredentials.cs @@ -0,0 +1,108 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Vault.Ldap +{ + public static class GetDynamicCredentials + { + public static Task InvokeAsync(GetDynamicCredentialsArgs args, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.InvokeAsync("vault:ldap/getDynamicCredentials:getDynamicCredentials", args ?? new GetDynamicCredentialsArgs(), options.WithDefaults()); + + public static Output Invoke(GetDynamicCredentialsInvokeArgs args, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.Invoke("vault:ldap/getDynamicCredentials:getDynamicCredentials", args ?? new GetDynamicCredentialsInvokeArgs(), options.WithDefaults()); + } + + + public sealed class GetDynamicCredentialsArgs : global::Pulumi.InvokeArgs + { + [Input("mount", required: true)] + public string Mount { get; set; } = null!; + + [Input("namespace")] + public string? Namespace { get; set; } + + [Input("roleName", required: true)] + public string RoleName { get; set; } = null!; + + public GetDynamicCredentialsArgs() + { + } + public static new GetDynamicCredentialsArgs Empty => new GetDynamicCredentialsArgs(); + } + + public sealed class GetDynamicCredentialsInvokeArgs : global::Pulumi.InvokeArgs + { + [Input("mount", required: true)] + public Input Mount { get; set; } = null!; + + [Input("namespace")] + public Input? Namespace { get; set; } + + [Input("roleName", required: true)] + public Input RoleName { get; set; } = null!; + + public GetDynamicCredentialsInvokeArgs() + { + } + public static new GetDynamicCredentialsInvokeArgs Empty => new GetDynamicCredentialsInvokeArgs(); + } + + + [OutputType] + public sealed class GetDynamicCredentialsResult + { + public readonly ImmutableArray DistinguishedNames; + /// + /// The provider-assigned unique ID for this managed resource. + /// + public readonly string Id; + public readonly int LeaseDuration; + public readonly string LeaseId; + public readonly bool LeaseRenewable; + public readonly string Mount; + public readonly string? Namespace; + public readonly string Password; + public readonly string RoleName; + public readonly string Username; + + [OutputConstructor] + private GetDynamicCredentialsResult( + ImmutableArray distinguishedNames, + + string id, + + int leaseDuration, + + string leaseId, + + bool leaseRenewable, + + string mount, + + string? @namespace, + + string password, + + string roleName, + + string username) + { + DistinguishedNames = distinguishedNames; + Id = id; + LeaseDuration = leaseDuration; + LeaseId = leaseId; + LeaseRenewable = leaseRenewable; + Mount = mount; + Namespace = @namespace; + Password = password; + RoleName = roleName; + Username = username; + } + } +} diff --git a/sdk/dotnet/Ldap/GetStaticCredentials.cs b/sdk/dotnet/Ldap/GetStaticCredentials.cs new file mode 100644 index 000000000..26ac1c507 --- /dev/null +++ b/sdk/dotnet/Ldap/GetStaticCredentials.cs @@ -0,0 +1,112 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Vault.Ldap +{ + public static class GetStaticCredentials + { + public static Task InvokeAsync(GetStaticCredentialsArgs args, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.InvokeAsync("vault:ldap/getStaticCredentials:getStaticCredentials", args ?? new GetStaticCredentialsArgs(), options.WithDefaults()); + + public static Output Invoke(GetStaticCredentialsInvokeArgs args, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.Invoke("vault:ldap/getStaticCredentials:getStaticCredentials", args ?? new GetStaticCredentialsInvokeArgs(), options.WithDefaults()); + } + + + public sealed class GetStaticCredentialsArgs : global::Pulumi.InvokeArgs + { + [Input("mount", required: true)] + public string Mount { get; set; } = null!; + + [Input("namespace")] + public string? Namespace { get; set; } + + [Input("roleName", required: true)] + public string RoleName { get; set; } = null!; + + public GetStaticCredentialsArgs() + { + } + public static new GetStaticCredentialsArgs Empty => new GetStaticCredentialsArgs(); + } + + public sealed class GetStaticCredentialsInvokeArgs : global::Pulumi.InvokeArgs + { + [Input("mount", required: true)] + public Input Mount { get; set; } = null!; + + [Input("namespace")] + public Input? Namespace { get; set; } + + [Input("roleName", required: true)] + public Input RoleName { get; set; } = null!; + + public GetStaticCredentialsInvokeArgs() + { + } + public static new GetStaticCredentialsInvokeArgs Empty => new GetStaticCredentialsInvokeArgs(); + } + + + [OutputType] + public sealed class GetStaticCredentialsResult + { + public readonly string Dn; + /// + /// The provider-assigned unique ID for this managed resource. + /// + public readonly string Id; + public readonly string LastPassword; + public readonly string LastVaultRotation; + public readonly string Mount; + public readonly string? Namespace; + public readonly string Password; + public readonly string RoleName; + public readonly int RotationPeriod; + public readonly int Ttl; + public readonly string Username; + + [OutputConstructor] + private GetStaticCredentialsResult( + string dn, + + string id, + + string lastPassword, + + string lastVaultRotation, + + string mount, + + string? @namespace, + + string password, + + string roleName, + + int rotationPeriod, + + int ttl, + + string username) + { + Dn = dn; + Id = id; + LastPassword = lastPassword; + LastVaultRotation = lastVaultRotation; + Mount = mount; + Namespace = @namespace; + Password = password; + RoleName = roleName; + RotationPeriod = rotationPeriod; + Ttl = ttl; + Username = username; + } + } +} diff --git a/sdk/dotnet/Ldap/SecretBackend.cs b/sdk/dotnet/Ldap/SecretBackend.cs index a329ffbcb..8dfecf816 100644 --- a/sdk/dotnet/Ldap/SecretBackend.cs +++ b/sdk/dotnet/Ldap/SecretBackend.cs @@ -14,6 +14,7 @@ namespace Pulumi.Vault.Ldap /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Ldap/SecretBackendDynamicRole.cs b/sdk/dotnet/Ldap/SecretBackendDynamicRole.cs index a60fd9ec0..8d122c7b0 100644 --- a/sdk/dotnet/Ldap/SecretBackendDynamicRole.cs +++ b/sdk/dotnet/Ldap/SecretBackendDynamicRole.cs @@ -14,6 +14,7 @@ namespace Pulumi.Vault.Ldap /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Ldap/SecretBackendLibrarySet.cs b/sdk/dotnet/Ldap/SecretBackendLibrarySet.cs index fda58c4e6..1189bf61b 100644 --- a/sdk/dotnet/Ldap/SecretBackendLibrarySet.cs +++ b/sdk/dotnet/Ldap/SecretBackendLibrarySet.cs @@ -14,6 +14,7 @@ namespace Pulumi.Vault.Ldap /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Ldap/SecretBackendStaticRole.cs b/sdk/dotnet/Ldap/SecretBackendStaticRole.cs index 50ccbdf49..cd205e8df 100644 --- a/sdk/dotnet/Ldap/SecretBackendStaticRole.cs +++ b/sdk/dotnet/Ldap/SecretBackendStaticRole.cs @@ -14,6 +14,7 @@ namespace Pulumi.Vault.Ldap /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Managed/Inputs/KeysAwArgs.cs b/sdk/dotnet/Managed/Inputs/KeysAwArgs.cs index 6063a5694..3302fd90e 100644 --- a/sdk/dotnet/Managed/Inputs/KeysAwArgs.cs +++ b/sdk/dotnet/Managed/Inputs/KeysAwArgs.cs @@ -49,8 +49,8 @@ public sealed class KeysAwArgs : global::Pulumi.ResourceArgs public Input? AnyMount { get; set; } /// - /// Supplies the curve value when using the `CKM_ECDSA` mechanism. - /// Required if `allow_generate_key` is `true`. + /// The curve to use for an ECDSA key. Used when `key_type` + /// is `ECDSA`. Required if `allow_generate_key` is `true`. /// [Input("curve")] public Input? Curve { get; set; } @@ -62,9 +62,7 @@ public sealed class KeysAwArgs : global::Pulumi.ResourceArgs public Input? Endpoint { get; set; } /// - /// Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - /// `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - /// `allow_generate_key` is `true`. + /// The size in bits for an RSA key. /// [Input("keyBits", required: true)] public Input KeyBits { get; set; } = null!; diff --git a/sdk/dotnet/Managed/Inputs/KeysAwGetArgs.cs b/sdk/dotnet/Managed/Inputs/KeysAwGetArgs.cs index 001b8766d..d1cc47acf 100644 --- a/sdk/dotnet/Managed/Inputs/KeysAwGetArgs.cs +++ b/sdk/dotnet/Managed/Inputs/KeysAwGetArgs.cs @@ -49,8 +49,8 @@ public sealed class KeysAwGetArgs : global::Pulumi.ResourceArgs public Input? AnyMount { get; set; } /// - /// Supplies the curve value when using the `CKM_ECDSA` mechanism. - /// Required if `allow_generate_key` is `true`. + /// The curve to use for an ECDSA key. Used when `key_type` + /// is `ECDSA`. Required if `allow_generate_key` is `true`. /// [Input("curve")] public Input? Curve { get; set; } @@ -62,9 +62,7 @@ public sealed class KeysAwGetArgs : global::Pulumi.ResourceArgs public Input? Endpoint { get; set; } /// - /// Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - /// `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - /// `allow_generate_key` is `true`. + /// The size in bits for an RSA key. /// [Input("keyBits", required: true)] public Input KeyBits { get; set; } = null!; diff --git a/sdk/dotnet/Managed/Inputs/KeysAzureArgs.cs b/sdk/dotnet/Managed/Inputs/KeysAzureArgs.cs index 4080e12e4..1e662db11 100644 --- a/sdk/dotnet/Managed/Inputs/KeysAzureArgs.cs +++ b/sdk/dotnet/Managed/Inputs/KeysAzureArgs.cs @@ -61,9 +61,7 @@ public sealed class KeysAzureArgs : global::Pulumi.ResourceArgs public Input? Environment { get; set; } /// - /// Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - /// `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - /// `allow_generate_key` is `true`. + /// The size in bits for an RSA key. /// [Input("keyBits")] public Input? KeyBits { get; set; } diff --git a/sdk/dotnet/Managed/Inputs/KeysAzureGetArgs.cs b/sdk/dotnet/Managed/Inputs/KeysAzureGetArgs.cs index 7c66e88bf..e4e865496 100644 --- a/sdk/dotnet/Managed/Inputs/KeysAzureGetArgs.cs +++ b/sdk/dotnet/Managed/Inputs/KeysAzureGetArgs.cs @@ -61,9 +61,7 @@ public sealed class KeysAzureGetArgs : global::Pulumi.ResourceArgs public Input? Environment { get; set; } /// - /// Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - /// `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - /// `allow_generate_key` is `true`. + /// The size in bits for an RSA key. /// [Input("keyBits")] public Input? KeyBits { get; set; } diff --git a/sdk/dotnet/Managed/Inputs/KeysPkcArgs.cs b/sdk/dotnet/Managed/Inputs/KeysPkcArgs.cs index dec1f25cb..9f03a9cc7 100644 --- a/sdk/dotnet/Managed/Inputs/KeysPkcArgs.cs +++ b/sdk/dotnet/Managed/Inputs/KeysPkcArgs.cs @@ -43,8 +43,8 @@ public sealed class KeysPkcArgs : global::Pulumi.ResourceArgs public Input? AnyMount { get; set; } /// - /// Supplies the curve value when using the `CKM_ECDSA` mechanism. - /// Required if `allow_generate_key` is `true`. + /// The curve to use for an ECDSA key. Used when `key_type` + /// is `ECDSA`. Required if `allow_generate_key` is `true`. /// [Input("curve")] public Input? Curve { get; set; } @@ -57,9 +57,7 @@ public sealed class KeysPkcArgs : global::Pulumi.ResourceArgs public Input? ForceRwSession { get; set; } /// - /// Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - /// `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - /// `allow_generate_key` is `true`. + /// The size in bits for an RSA key. /// [Input("keyBits")] public Input? KeyBits { get; set; } diff --git a/sdk/dotnet/Managed/Inputs/KeysPkcGetArgs.cs b/sdk/dotnet/Managed/Inputs/KeysPkcGetArgs.cs index 1d1ce0b33..ba1fd99a6 100644 --- a/sdk/dotnet/Managed/Inputs/KeysPkcGetArgs.cs +++ b/sdk/dotnet/Managed/Inputs/KeysPkcGetArgs.cs @@ -43,8 +43,8 @@ public sealed class KeysPkcGetArgs : global::Pulumi.ResourceArgs public Input? AnyMount { get; set; } /// - /// Supplies the curve value when using the `CKM_ECDSA` mechanism. - /// Required if `allow_generate_key` is `true`. + /// The curve to use for an ECDSA key. Used when `key_type` + /// is `ECDSA`. Required if `allow_generate_key` is `true`. /// [Input("curve")] public Input? Curve { get; set; } @@ -57,9 +57,7 @@ public sealed class KeysPkcGetArgs : global::Pulumi.ResourceArgs public Input? ForceRwSession { get; set; } /// - /// Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - /// `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - /// `allow_generate_key` is `true`. + /// The size in bits for an RSA key. /// [Input("keyBits")] public Input? KeyBits { get; set; } diff --git a/sdk/dotnet/Managed/Outputs/KeysAw.cs b/sdk/dotnet/Managed/Outputs/KeysAw.cs index 98d2c2635..b1db9b437 100644 --- a/sdk/dotnet/Managed/Outputs/KeysAw.cs +++ b/sdk/dotnet/Managed/Outputs/KeysAw.cs @@ -40,8 +40,8 @@ public sealed class KeysAw /// public readonly bool? AnyMount; /// - /// Supplies the curve value when using the `CKM_ECDSA` mechanism. - /// Required if `allow_generate_key` is `true`. + /// The curve to use for an ECDSA key. Used when `key_type` + /// is `ECDSA`. Required if `allow_generate_key` is `true`. /// public readonly string? Curve; /// @@ -49,9 +49,7 @@ public sealed class KeysAw /// public readonly string? Endpoint; /// - /// Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - /// `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - /// `allow_generate_key` is `true`. + /// The size in bits for an RSA key. /// public readonly string KeyBits; /// diff --git a/sdk/dotnet/Managed/Outputs/KeysAzure.cs b/sdk/dotnet/Managed/Outputs/KeysAzure.cs index 4dd4f186a..6963e1bde 100644 --- a/sdk/dotnet/Managed/Outputs/KeysAzure.cs +++ b/sdk/dotnet/Managed/Outputs/KeysAzure.cs @@ -48,9 +48,7 @@ public sealed class KeysAzure /// public readonly string? Environment; /// - /// Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - /// `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - /// `allow_generate_key` is `true`. + /// The size in bits for an RSA key. /// public readonly string? KeyBits; /// diff --git a/sdk/dotnet/Managed/Outputs/KeysPkc.cs b/sdk/dotnet/Managed/Outputs/KeysPkc.cs index b6edc8320..45dbd4d3c 100644 --- a/sdk/dotnet/Managed/Outputs/KeysPkc.cs +++ b/sdk/dotnet/Managed/Outputs/KeysPkc.cs @@ -36,8 +36,8 @@ public sealed class KeysPkc /// public readonly bool? AnyMount; /// - /// Supplies the curve value when using the `CKM_ECDSA` mechanism. - /// Required if `allow_generate_key` is `true`. + /// The curve to use for an ECDSA key. Used when `key_type` + /// is `ECDSA`. Required if `allow_generate_key` is `true`. /// public readonly string? Curve; /// @@ -46,9 +46,7 @@ public sealed class KeysPkc /// public readonly string? ForceRwSession; /// - /// Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - /// `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - /// `allow_generate_key` is `true`. + /// The size in bits for an RSA key. /// public readonly string? KeyBits; /// diff --git a/sdk/dotnet/MfaDuo.cs b/sdk/dotnet/MfaDuo.cs index f969f5205..8e01fbfca 100644 --- a/sdk/dotnet/MfaDuo.cs +++ b/sdk/dotnet/MfaDuo.cs @@ -18,6 +18,7 @@ namespace Pulumi.Vault /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/MfaOkta.cs b/sdk/dotnet/MfaOkta.cs index c986efddb..494d7a46a 100644 --- a/sdk/dotnet/MfaOkta.cs +++ b/sdk/dotnet/MfaOkta.cs @@ -18,6 +18,7 @@ namespace Pulumi.Vault /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/MfaPingid.cs b/sdk/dotnet/MfaPingid.cs index 722456cc9..c3f065a51 100644 --- a/sdk/dotnet/MfaPingid.cs +++ b/sdk/dotnet/MfaPingid.cs @@ -18,6 +18,7 @@ namespace Pulumi.Vault /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -53,19 +54,19 @@ namespace Pulumi.Vault public partial class MfaPingid : global::Pulumi.CustomResource { /// - /// Admin URL computed by Vault. + /// `(string)` – Admin URL computed by Vault /// [Output("adminUrl")] public Output AdminUrl { get; private set; } = null!; /// - /// Authenticator URL computed by Vault. + /// `(string)` – Authenticator URL computed by Vault /// [Output("authenticatorUrl")] public Output AuthenticatorUrl { get; private set; } = null!; /// - /// IDP URL computed by Vault. + /// `(string)` – IDP URL computed by Vault /// [Output("idpUrl")] public Output IdpUrl { get; private set; } = null!; @@ -93,13 +94,13 @@ public partial class MfaPingid : global::Pulumi.CustomResource public Output Namespace { get; private set; } = null!; /// - /// Namespace ID computed by Vault. + /// `(string)` – Namespace ID computed by Vault /// [Output("namespaceId")] public Output NamespaceId { get; private set; } = null!; /// - /// Org Alias computed by Vault. + /// `(string)` – Org Alias computed by Vault /// [Output("orgAlias")] public Output OrgAlias { get; private set; } = null!; @@ -112,13 +113,13 @@ public partial class MfaPingid : global::Pulumi.CustomResource public Output SettingsFileBase64 { get; private set; } = null!; /// - /// Type of configuration computed by Vault. + /// `(string)` – Type of configuration computed by Vault /// [Output("type")] public Output Type { get; private set; } = null!; /// - /// If set, enables use of PingID signature. Computed by Vault + /// `(string)` – If set to true, enables use of PingID signature. Computed by Vault /// [Output("useSignature")] public Output UseSignature { get; private set; } = null!; @@ -231,19 +232,19 @@ public MfaPingidArgs() public sealed class MfaPingidState : global::Pulumi.ResourceArgs { /// - /// Admin URL computed by Vault. + /// `(string)` – Admin URL computed by Vault /// [Input("adminUrl")] public Input? AdminUrl { get; set; } /// - /// Authenticator URL computed by Vault. + /// `(string)` – Authenticator URL computed by Vault /// [Input("authenticatorUrl")] public Input? AuthenticatorUrl { get; set; } /// - /// IDP URL computed by Vault. + /// `(string)` – IDP URL computed by Vault /// [Input("idpUrl")] public Input? IdpUrl { get; set; } @@ -271,13 +272,13 @@ public sealed class MfaPingidState : global::Pulumi.ResourceArgs public Input? Namespace { get; set; } /// - /// Namespace ID computed by Vault. + /// `(string)` – Namespace ID computed by Vault /// [Input("namespaceId")] public Input? NamespaceId { get; set; } /// - /// Org Alias computed by Vault. + /// `(string)` – Org Alias computed by Vault /// [Input("orgAlias")] public Input? OrgAlias { get; set; } @@ -290,13 +291,13 @@ public sealed class MfaPingidState : global::Pulumi.ResourceArgs public Input? SettingsFileBase64 { get; set; } /// - /// Type of configuration computed by Vault. + /// `(string)` – Type of configuration computed by Vault /// [Input("type")] public Input? Type { get; set; } /// - /// If set, enables use of PingID signature. Computed by Vault + /// `(string)` – If set to true, enables use of PingID signature. Computed by Vault /// [Input("useSignature")] public Input? UseSignature { get; set; } diff --git a/sdk/dotnet/MfaTotp.cs b/sdk/dotnet/MfaTotp.cs index 3e3cf4170..cd9c5d7b6 100644 --- a/sdk/dotnet/MfaTotp.cs +++ b/sdk/dotnet/MfaTotp.cs @@ -18,6 +18,7 @@ namespace Pulumi.Vault /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/MongoDBAtlas/SecretBackend.cs b/sdk/dotnet/MongoDBAtlas/SecretBackend.cs index b67f4a408..c00d90960 100644 --- a/sdk/dotnet/MongoDBAtlas/SecretBackend.cs +++ b/sdk/dotnet/MongoDBAtlas/SecretBackend.cs @@ -14,6 +14,7 @@ namespace Pulumi.Vault.MongoDBAtlas /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/MongoDBAtlas/SecretRole.cs b/sdk/dotnet/MongoDBAtlas/SecretRole.cs index c045b519c..273b7759a 100644 --- a/sdk/dotnet/MongoDBAtlas/SecretRole.cs +++ b/sdk/dotnet/MongoDBAtlas/SecretRole.cs @@ -14,6 +14,7 @@ namespace Pulumi.Vault.MongoDBAtlas /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Mount.cs b/sdk/dotnet/Mount.cs index d82f12720..99688a1e9 100644 --- a/sdk/dotnet/Mount.cs +++ b/sdk/dotnet/Mount.cs @@ -14,6 +14,7 @@ namespace Pulumi.Vault /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -31,6 +32,7 @@ namespace Pulumi.Vault /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -53,6 +55,7 @@ namespace Pulumi.Vault /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -74,6 +77,7 @@ namespace Pulumi.Vault /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Namespace.cs b/sdk/dotnet/Namespace.cs index 46e32be62..1c45ad2f7 100644 --- a/sdk/dotnet/Namespace.cs +++ b/sdk/dotnet/Namespace.cs @@ -57,6 +57,13 @@ namespace Pulumi.Vault [VaultResourceType("vault:index/namespace:Namespace")] public partial class Namespace : global::Pulumi.CustomResource { + /// + /// Custom metadata describing this namespace. Value type + /// is `map[string]string`. Requires Vault version 1.12+. + /// + [Output("customMetadata")] + public Output> CustomMetadata { get; private set; } = null!; + /// /// The namespace to provision the resource in. /// The value should not contain leading or trailing forward slashes. @@ -131,6 +138,19 @@ public static Namespace Get(string name, Input id, NamespaceState? state public sealed class NamespaceArgs : global::Pulumi.ResourceArgs { + [Input("customMetadata")] + private InputMap? _customMetadata; + + /// + /// Custom metadata describing this namespace. Value type + /// is `map[string]string`. Requires Vault version 1.12+. + /// + public InputMap CustomMetadata + { + get => _customMetadata ?? (_customMetadata = new InputMap()); + set => _customMetadata = value; + } + /// /// The namespace to provision the resource in. /// The value should not contain leading or trailing forward slashes. @@ -161,6 +181,19 @@ public NamespaceArgs() public sealed class NamespaceState : global::Pulumi.ResourceArgs { + [Input("customMetadata")] + private InputMap? _customMetadata; + + /// + /// Custom metadata describing this namespace. Value type + /// is `map[string]string`. Requires Vault version 1.12+. + /// + public InputMap CustomMetadata + { + get => _customMetadata ?? (_customMetadata = new InputMap()); + set => _customMetadata = value; + } + /// /// The namespace to provision the resource in. /// The value should not contain leading or trailing forward slashes. diff --git a/sdk/dotnet/NomadSecretBackend.cs b/sdk/dotnet/NomadSecretBackend.cs index 454d8b94b..a922c1a79 100644 --- a/sdk/dotnet/NomadSecretBackend.cs +++ b/sdk/dotnet/NomadSecretBackend.cs @@ -14,6 +14,7 @@ namespace Pulumi.Vault /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/NomadSecretRole.cs b/sdk/dotnet/NomadSecretRole.cs index c56218778..ededc5449 100644 --- a/sdk/dotnet/NomadSecretRole.cs +++ b/sdk/dotnet/NomadSecretRole.cs @@ -14,6 +14,7 @@ namespace Pulumi.Vault /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Okta/AuthBackend.cs b/sdk/dotnet/Okta/AuthBackend.cs index 00ba851ec..1da1d6c4e 100644 --- a/sdk/dotnet/Okta/AuthBackend.cs +++ b/sdk/dotnet/Okta/AuthBackend.cs @@ -17,6 +17,7 @@ namespace Pulumi.Vault.Okta /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Okta/AuthBackendGroup.cs b/sdk/dotnet/Okta/AuthBackendGroup.cs index cc0067d59..1a8159c28 100644 --- a/sdk/dotnet/Okta/AuthBackendGroup.cs +++ b/sdk/dotnet/Okta/AuthBackendGroup.cs @@ -17,6 +17,7 @@ namespace Pulumi.Vault.Okta /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Okta/AuthBackendUser.cs b/sdk/dotnet/Okta/AuthBackendUser.cs index ed6c36a97..f59666d6e 100644 --- a/sdk/dotnet/Okta/AuthBackendUser.cs +++ b/sdk/dotnet/Okta/AuthBackendUser.cs @@ -17,6 +17,7 @@ namespace Pulumi.Vault.Okta /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Okta/Inputs/AuthBackendGroupArgs.cs b/sdk/dotnet/Okta/Inputs/AuthBackendGroupArgs.cs index 86cae8b60..05c17ce92 100644 --- a/sdk/dotnet/Okta/Inputs/AuthBackendGroupArgs.cs +++ b/sdk/dotnet/Okta/Inputs/AuthBackendGroupArgs.cs @@ -22,7 +22,7 @@ public sealed class AuthBackendGroupArgs : global::Pulumi.ResourceArgs private InputList? _policies; /// - /// List of Vault policies to associate with this user + /// Vault policies to associate with this group /// public InputList Policies { diff --git a/sdk/dotnet/Okta/Inputs/AuthBackendGroupGetArgs.cs b/sdk/dotnet/Okta/Inputs/AuthBackendGroupGetArgs.cs index 944aa5c17..97ea4e4e1 100644 --- a/sdk/dotnet/Okta/Inputs/AuthBackendGroupGetArgs.cs +++ b/sdk/dotnet/Okta/Inputs/AuthBackendGroupGetArgs.cs @@ -22,7 +22,7 @@ public sealed class AuthBackendGroupGetArgs : global::Pulumi.ResourceArgs private InputList? _policies; /// - /// List of Vault policies to associate with this user + /// Vault policies to associate with this group /// public InputList Policies { diff --git a/sdk/dotnet/Okta/Inputs/AuthBackendUserArgs.cs b/sdk/dotnet/Okta/Inputs/AuthBackendUserArgs.cs index b0d7391e9..75082d0a6 100644 --- a/sdk/dotnet/Okta/Inputs/AuthBackendUserArgs.cs +++ b/sdk/dotnet/Okta/Inputs/AuthBackendUserArgs.cs @@ -28,7 +28,7 @@ public InputList Groups private InputList? _policies; /// - /// List of Vault policies to associate with this user + /// Vault policies to associate with this group /// public InputList Policies { diff --git a/sdk/dotnet/Okta/Inputs/AuthBackendUserGetArgs.cs b/sdk/dotnet/Okta/Inputs/AuthBackendUserGetArgs.cs index 077e6799b..f6abd5978 100644 --- a/sdk/dotnet/Okta/Inputs/AuthBackendUserGetArgs.cs +++ b/sdk/dotnet/Okta/Inputs/AuthBackendUserGetArgs.cs @@ -28,7 +28,7 @@ public InputList Groups private InputList? _policies; /// - /// List of Vault policies to associate with this user + /// Vault policies to associate with this group /// public InputList Policies { diff --git a/sdk/dotnet/Okta/Outputs/AuthBackendGroup.cs b/sdk/dotnet/Okta/Outputs/AuthBackendGroup.cs index 6e620921e..5ddda1072 100644 --- a/sdk/dotnet/Okta/Outputs/AuthBackendGroup.cs +++ b/sdk/dotnet/Okta/Outputs/AuthBackendGroup.cs @@ -18,7 +18,7 @@ public sealed class AuthBackendGroup /// public readonly string GroupName; /// - /// List of Vault policies to associate with this user + /// Vault policies to associate with this group /// public readonly ImmutableArray Policies; diff --git a/sdk/dotnet/Okta/Outputs/AuthBackendUser.cs b/sdk/dotnet/Okta/Outputs/AuthBackendUser.cs index 4ec232841..dc15d795a 100644 --- a/sdk/dotnet/Okta/Outputs/AuthBackendUser.cs +++ b/sdk/dotnet/Okta/Outputs/AuthBackendUser.cs @@ -18,7 +18,7 @@ public sealed class AuthBackendUser /// public readonly ImmutableArray Groups; /// - /// List of Vault policies to associate with this user + /// Vault policies to associate with this group /// public readonly ImmutableArray Policies; /// diff --git a/sdk/dotnet/PasswordPolicy.cs b/sdk/dotnet/PasswordPolicy.cs index 781cf8f1d..4a0d66a28 100644 --- a/sdk/dotnet/PasswordPolicy.cs +++ b/sdk/dotnet/PasswordPolicy.cs @@ -18,6 +18,7 @@ namespace Pulumi.Vault /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/PkiSecret/GetBackendIssuer.cs b/sdk/dotnet/PkiSecret/GetBackendIssuer.cs new file mode 100644 index 000000000..2b79ad26e --- /dev/null +++ b/sdk/dotnet/PkiSecret/GetBackendIssuer.cs @@ -0,0 +1,167 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Vault.PkiSecret +{ + public static class GetBackendIssuer + { + public static Task InvokeAsync(GetBackendIssuerArgs args, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.InvokeAsync("vault:pkiSecret/getBackendIssuer:getBackendIssuer", args ?? new GetBackendIssuerArgs(), options.WithDefaults()); + + public static Output Invoke(GetBackendIssuerInvokeArgs args, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.Invoke("vault:pkiSecret/getBackendIssuer:getBackendIssuer", args ?? new GetBackendIssuerInvokeArgs(), options.WithDefaults()); + } + + + public sealed class GetBackendIssuerArgs : global::Pulumi.InvokeArgs + { + /// + /// The path to the PKI secret backend to + /// read the issuer from, with no leading or trailing `/`s. + /// + [Input("backend", required: true)] + public string Backend { get; set; } = null!; + + /// + /// Reference to an existing issuer. + /// + [Input("issuerRef", required: true)] + public string IssuerRef { get; set; } = null!; + + /// + /// The namespace of the target resource. + /// The value should not contain leading or trailing forward slashes. + /// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + /// *Available only for Vault Enterprise*. + /// + [Input("namespace")] + public string? Namespace { get; set; } + + public GetBackendIssuerArgs() + { + } + public static new GetBackendIssuerArgs Empty => new GetBackendIssuerArgs(); + } + + public sealed class GetBackendIssuerInvokeArgs : global::Pulumi.InvokeArgs + { + /// + /// The path to the PKI secret backend to + /// read the issuer from, with no leading or trailing `/`s. + /// + [Input("backend", required: true)] + public Input Backend { get; set; } = null!; + + /// + /// Reference to an existing issuer. + /// + [Input("issuerRef", required: true)] + public Input IssuerRef { get; set; } = null!; + + /// + /// The namespace of the target resource. + /// The value should not contain leading or trailing forward slashes. + /// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + /// *Available only for Vault Enterprise*. + /// + [Input("namespace")] + public Input? Namespace { get; set; } + + public GetBackendIssuerInvokeArgs() + { + } + public static new GetBackendIssuerInvokeArgs Empty => new GetBackendIssuerInvokeArgs(); + } + + + [OutputType] + public sealed class GetBackendIssuerResult + { + public readonly string Backend; + /// + /// The CA chain as a list of format specific certificates. + /// + public readonly ImmutableArray CaChains; + /// + /// Certificate associated with this issuer. + /// + public readonly string Certificate; + /// + /// The provider-assigned unique ID for this managed resource. + /// + public readonly string Id; + /// + /// ID of the issuer. + /// + public readonly string IssuerId; + /// + /// Name of the issuer. + /// + public readonly string IssuerName; + public readonly string IssuerRef; + /// + /// ID of the key used by the issuer. + /// + public readonly string KeyId; + /// + /// Behavior of a leaf's NotAfter field during issuance. + /// + public readonly string LeafNotAfterBehavior; + /// + /// Chain of issuer references to build this issuer's computed + /// CAChain field from, when non-empty. + /// + public readonly ImmutableArray ManualChains; + public readonly string? Namespace; + /// + /// Allowed usages for this issuer. + /// + public readonly string Usage; + + [OutputConstructor] + private GetBackendIssuerResult( + string backend, + + ImmutableArray caChains, + + string certificate, + + string id, + + string issuerId, + + string issuerName, + + string issuerRef, + + string keyId, + + string leafNotAfterBehavior, + + ImmutableArray manualChains, + + string? @namespace, + + string usage) + { + Backend = backend; + CaChains = caChains; + Certificate = certificate; + Id = id; + IssuerId = issuerId; + IssuerName = issuerName; + IssuerRef = issuerRef; + KeyId = keyId; + LeafNotAfterBehavior = leafNotAfterBehavior; + ManualChains = manualChains; + Namespace = @namespace; + Usage = usage; + } + } +} diff --git a/sdk/dotnet/PkiSecret/GetBackendIssuers.cs b/sdk/dotnet/PkiSecret/GetBackendIssuers.cs new file mode 100644 index 000000000..15e381879 --- /dev/null +++ b/sdk/dotnet/PkiSecret/GetBackendIssuers.cs @@ -0,0 +1,193 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Vault.PkiSecret +{ + public static class GetBackendIssuers + { + /// + /// {{% examples %}} + /// ## Example Usage + /// {{% example %}} + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Vault = Pulumi.Vault; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var pki = new Vault.Mount("pki", new() + /// { + /// Path = "pki", + /// Type = "pki", + /// Description = "PKI secret engine mount", + /// }); + /// + /// var root = new Vault.PkiSecret.SecretBackendRootCert("root", new() + /// { + /// Backend = pki.Path, + /// Type = "internal", + /// CommonName = "example", + /// Ttl = "86400", + /// IssuerName = "example", + /// }); + /// + /// var test = Vault.PkiSecret.GetBackendIssuers.Invoke(new() + /// { + /// Backend = root.Backend, + /// }); + /// + /// }); + /// ``` + /// {{% /example %}} + /// {{% /examples %}} + /// + public static Task InvokeAsync(GetBackendIssuersArgs args, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.InvokeAsync("vault:pkiSecret/getBackendIssuers:getBackendIssuers", args ?? new GetBackendIssuersArgs(), options.WithDefaults()); + + /// + /// {{% examples %}} + /// ## Example Usage + /// {{% example %}} + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Vault = Pulumi.Vault; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var pki = new Vault.Mount("pki", new() + /// { + /// Path = "pki", + /// Type = "pki", + /// Description = "PKI secret engine mount", + /// }); + /// + /// var root = new Vault.PkiSecret.SecretBackendRootCert("root", new() + /// { + /// Backend = pki.Path, + /// Type = "internal", + /// CommonName = "example", + /// Ttl = "86400", + /// IssuerName = "example", + /// }); + /// + /// var test = Vault.PkiSecret.GetBackendIssuers.Invoke(new() + /// { + /// Backend = root.Backend, + /// }); + /// + /// }); + /// ``` + /// {{% /example %}} + /// {{% /examples %}} + /// + public static Output Invoke(GetBackendIssuersInvokeArgs args, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.Invoke("vault:pkiSecret/getBackendIssuers:getBackendIssuers", args ?? new GetBackendIssuersInvokeArgs(), options.WithDefaults()); + } + + + public sealed class GetBackendIssuersArgs : global::Pulumi.InvokeArgs + { + /// + /// The path to the PKI secret backend to + /// read the issuers from, with no leading or trailing `/`s. + /// + [Input("backend", required: true)] + public string Backend { get; set; } = null!; + + /// + /// The namespace of the target resource. + /// The value should not contain leading or trailing forward slashes. + /// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + /// *Available only for Vault Enterprise*. + /// + [Input("namespace")] + public string? Namespace { get; set; } + + public GetBackendIssuersArgs() + { + } + public static new GetBackendIssuersArgs Empty => new GetBackendIssuersArgs(); + } + + public sealed class GetBackendIssuersInvokeArgs : global::Pulumi.InvokeArgs + { + /// + /// The path to the PKI secret backend to + /// read the issuers from, with no leading or trailing `/`s. + /// + [Input("backend", required: true)] + public Input Backend { get; set; } = null!; + + /// + /// The namespace of the target resource. + /// The value should not contain leading or trailing forward slashes. + /// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + /// *Available only for Vault Enterprise*. + /// + [Input("namespace")] + public Input? Namespace { get; set; } + + public GetBackendIssuersInvokeArgs() + { + } + public static new GetBackendIssuersInvokeArgs Empty => new GetBackendIssuersInvokeArgs(); + } + + + [OutputType] + public sealed class GetBackendIssuersResult + { + public readonly string Backend; + /// + /// The provider-assigned unique ID for this managed resource. + /// + public readonly string Id; + /// + /// Map of issuer strings read from Vault. + /// + public readonly ImmutableDictionary KeyInfo; + /// + /// JSON-encoded issuer data read from Vault. + /// + public readonly string KeyInfoJson; + /// + /// Keys used by issuers under the backend path. + /// + public readonly ImmutableArray Keys; + public readonly string? Namespace; + + [OutputConstructor] + private GetBackendIssuersResult( + string backend, + + string id, + + ImmutableDictionary keyInfo, + + string keyInfoJson, + + ImmutableArray keys, + + string? @namespace) + { + Backend = backend; + Id = id; + KeyInfo = keyInfo; + KeyInfoJson = keyInfoJson; + Keys = keys; + Namespace = @namespace; + } + } +} diff --git a/sdk/dotnet/PkiSecret/GetBackendKey.cs b/sdk/dotnet/PkiSecret/GetBackendKey.cs new file mode 100644 index 000000000..7128bc9e3 --- /dev/null +++ b/sdk/dotnet/PkiSecret/GetBackendKey.cs @@ -0,0 +1,211 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Vault.PkiSecret +{ + public static class GetBackendKey + { + /// + /// {{% examples %}} + /// ## Example Usage + /// {{% example %}} + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Vault = Pulumi.Vault; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var pki = new Vault.Mount("pki", new() + /// { + /// Path = "pki", + /// Type = "pki", + /// Description = "PKI secret engine mount", + /// }); + /// + /// var key = new Vault.PkiSecret.SecretBackendKey("key", new() + /// { + /// Backend = pki.Path, + /// Type = "internal", + /// KeyName = "example", + /// KeyType = "rsa", + /// KeyBits = 4096, + /// }); + /// + /// var example = Vault.PkiSecret.GetBackendKey.Invoke(new() + /// { + /// Backend = vault_mount.Key.Path, + /// KeyRef = key.KeyId, + /// }); + /// + /// }); + /// ``` + /// {{% /example %}} + /// {{% /examples %}} + /// + public static Task InvokeAsync(GetBackendKeyArgs args, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.InvokeAsync("vault:pkiSecret/getBackendKey:getBackendKey", args ?? new GetBackendKeyArgs(), options.WithDefaults()); + + /// + /// {{% examples %}} + /// ## Example Usage + /// {{% example %}} + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Vault = Pulumi.Vault; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var pki = new Vault.Mount("pki", new() + /// { + /// Path = "pki", + /// Type = "pki", + /// Description = "PKI secret engine mount", + /// }); + /// + /// var key = new Vault.PkiSecret.SecretBackendKey("key", new() + /// { + /// Backend = pki.Path, + /// Type = "internal", + /// KeyName = "example", + /// KeyType = "rsa", + /// KeyBits = 4096, + /// }); + /// + /// var example = Vault.PkiSecret.GetBackendKey.Invoke(new() + /// { + /// Backend = vault_mount.Key.Path, + /// KeyRef = key.KeyId, + /// }); + /// + /// }); + /// ``` + /// {{% /example %}} + /// {{% /examples %}} + /// + public static Output Invoke(GetBackendKeyInvokeArgs args, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.Invoke("vault:pkiSecret/getBackendKey:getBackendKey", args ?? new GetBackendKeyInvokeArgs(), options.WithDefaults()); + } + + + public sealed class GetBackendKeyArgs : global::Pulumi.InvokeArgs + { + /// + /// The path to the PKI secret backend to + /// read the key from, with no leading or trailing `/`s. + /// + [Input("backend", required: true)] + public string Backend { get; set; } = null!; + + /// + /// Reference to an existing key. + /// + [Input("keyRef", required: true)] + public string KeyRef { get; set; } = null!; + + /// + /// The namespace of the target resource. + /// The value should not contain leading or trailing forward slashes. + /// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + /// *Available only for Vault Enterprise*. + /// + [Input("namespace")] + public string? Namespace { get; set; } + + public GetBackendKeyArgs() + { + } + public static new GetBackendKeyArgs Empty => new GetBackendKeyArgs(); + } + + public sealed class GetBackendKeyInvokeArgs : global::Pulumi.InvokeArgs + { + /// + /// The path to the PKI secret backend to + /// read the key from, with no leading or trailing `/`s. + /// + [Input("backend", required: true)] + public Input Backend { get; set; } = null!; + + /// + /// Reference to an existing key. + /// + [Input("keyRef", required: true)] + public Input KeyRef { get; set; } = null!; + + /// + /// The namespace of the target resource. + /// The value should not contain leading or trailing forward slashes. + /// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + /// *Available only for Vault Enterprise*. + /// + [Input("namespace")] + public Input? Namespace { get; set; } + + public GetBackendKeyInvokeArgs() + { + } + public static new GetBackendKeyInvokeArgs Empty => new GetBackendKeyInvokeArgs(); + } + + + [OutputType] + public sealed class GetBackendKeyResult + { + public readonly string Backend; + /// + /// The provider-assigned unique ID for this managed resource. + /// + public readonly string Id; + /// + /// ID of the key. + /// + public readonly string KeyId; + /// + /// Name of the key. + /// + public readonly string KeyName; + public readonly string KeyRef; + /// + /// Type of the key. + /// + public readonly string KeyType; + public readonly string? Namespace; + + [OutputConstructor] + private GetBackendKeyResult( + string backend, + + string id, + + string keyId, + + string keyName, + + string keyRef, + + string keyType, + + string? @namespace) + { + Backend = backend; + Id = id; + KeyId = keyId; + KeyName = keyName; + KeyRef = keyRef; + KeyType = keyType; + Namespace = @namespace; + } + } +} diff --git a/sdk/dotnet/PkiSecret/GetBackendKeys.cs b/sdk/dotnet/PkiSecret/GetBackendKeys.cs new file mode 100644 index 000000000..61330f216 --- /dev/null +++ b/sdk/dotnet/PkiSecret/GetBackendKeys.cs @@ -0,0 +1,193 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Vault.PkiSecret +{ + public static class GetBackendKeys + { + /// + /// {{% examples %}} + /// ## Example Usage + /// {{% example %}} + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Vault = Pulumi.Vault; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var pki = new Vault.Mount("pki", new() + /// { + /// Path = "pki", + /// Type = "pki", + /// Description = "PKI secret engine mount", + /// }); + /// + /// var root = new Vault.PkiSecret.SecretBackendRootCert("root", new() + /// { + /// Backend = pki.Path, + /// Type = "internal", + /// CommonName = "example", + /// Ttl = "86400", + /// KeyName = "example", + /// }); + /// + /// var example = Vault.PkiSecret.GetBackendKeys.Invoke(new() + /// { + /// Backend = root.Backend, + /// }); + /// + /// }); + /// ``` + /// {{% /example %}} + /// {{% /examples %}} + /// + public static Task InvokeAsync(GetBackendKeysArgs args, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.InvokeAsync("vault:pkiSecret/getBackendKeys:getBackendKeys", args ?? new GetBackendKeysArgs(), options.WithDefaults()); + + /// + /// {{% examples %}} + /// ## Example Usage + /// {{% example %}} + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Vault = Pulumi.Vault; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var pki = new Vault.Mount("pki", new() + /// { + /// Path = "pki", + /// Type = "pki", + /// Description = "PKI secret engine mount", + /// }); + /// + /// var root = new Vault.PkiSecret.SecretBackendRootCert("root", new() + /// { + /// Backend = pki.Path, + /// Type = "internal", + /// CommonName = "example", + /// Ttl = "86400", + /// KeyName = "example", + /// }); + /// + /// var example = Vault.PkiSecret.GetBackendKeys.Invoke(new() + /// { + /// Backend = root.Backend, + /// }); + /// + /// }); + /// ``` + /// {{% /example %}} + /// {{% /examples %}} + /// + public static Output Invoke(GetBackendKeysInvokeArgs args, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.Invoke("vault:pkiSecret/getBackendKeys:getBackendKeys", args ?? new GetBackendKeysInvokeArgs(), options.WithDefaults()); + } + + + public sealed class GetBackendKeysArgs : global::Pulumi.InvokeArgs + { + /// + /// The path to the PKI secret backend to + /// read the keys from, with no leading or trailing `/`s. + /// + [Input("backend", required: true)] + public string Backend { get; set; } = null!; + + /// + /// The namespace of the target resource. + /// The value should not contain leading or trailing forward slashes. + /// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + /// *Available only for Vault Enterprise*. + /// + [Input("namespace")] + public string? Namespace { get; set; } + + public GetBackendKeysArgs() + { + } + public static new GetBackendKeysArgs Empty => new GetBackendKeysArgs(); + } + + public sealed class GetBackendKeysInvokeArgs : global::Pulumi.InvokeArgs + { + /// + /// The path to the PKI secret backend to + /// read the keys from, with no leading or trailing `/`s. + /// + [Input("backend", required: true)] + public Input Backend { get; set; } = null!; + + /// + /// The namespace of the target resource. + /// The value should not contain leading or trailing forward slashes. + /// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + /// *Available only for Vault Enterprise*. + /// + [Input("namespace")] + public Input? Namespace { get; set; } + + public GetBackendKeysInvokeArgs() + { + } + public static new GetBackendKeysInvokeArgs Empty => new GetBackendKeysInvokeArgs(); + } + + + [OutputType] + public sealed class GetBackendKeysResult + { + public readonly string Backend; + /// + /// The provider-assigned unique ID for this managed resource. + /// + public readonly string Id; + /// + /// Map of key strings read from Vault. + /// + public readonly ImmutableDictionary KeyInfo; + /// + /// JSON-encoded key data read from Vault. + /// + public readonly string KeyInfoJson; + /// + /// Keys used under the backend path. + /// + public readonly ImmutableArray Keys; + public readonly string? Namespace; + + [OutputConstructor] + private GetBackendKeysResult( + string backend, + + string id, + + ImmutableDictionary keyInfo, + + string keyInfoJson, + + ImmutableArray keys, + + string? @namespace) + { + Backend = backend; + Id = id; + KeyInfo = keyInfo; + KeyInfoJson = keyInfoJson; + Keys = keys; + Namespace = @namespace; + } + } +} diff --git a/sdk/dotnet/PkiSecret/Inputs/SecretBackendRolePolicyIdentifierArgs.cs b/sdk/dotnet/PkiSecret/Inputs/SecretBackendRolePolicyIdentifierArgs.cs new file mode 100644 index 000000000..c1fed225f --- /dev/null +++ b/sdk/dotnet/PkiSecret/Inputs/SecretBackendRolePolicyIdentifierArgs.cs @@ -0,0 +1,40 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Vault.PkiSecret.Inputs +{ + + public sealed class SecretBackendRolePolicyIdentifierArgs : global::Pulumi.ResourceArgs + { + /// + /// The URL of the CPS for the policy identifier + /// + /// Example usage: + /// + [Input("cps")] + public Input? Cps { get; set; } + + /// + /// A notice for the policy identifier + /// + [Input("notice")] + public Input? Notice { get; set; } + + /// + /// The OID for the policy identifier + /// + [Input("oid", required: true)] + public Input Oid { get; set; } = null!; + + public SecretBackendRolePolicyIdentifierArgs() + { + } + public static new SecretBackendRolePolicyIdentifierArgs Empty => new SecretBackendRolePolicyIdentifierArgs(); + } +} diff --git a/sdk/dotnet/PkiSecret/Inputs/SecretBackendRolePolicyIdentifierGetArgs.cs b/sdk/dotnet/PkiSecret/Inputs/SecretBackendRolePolicyIdentifierGetArgs.cs new file mode 100644 index 000000000..a0945ab46 --- /dev/null +++ b/sdk/dotnet/PkiSecret/Inputs/SecretBackendRolePolicyIdentifierGetArgs.cs @@ -0,0 +1,40 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Vault.PkiSecret.Inputs +{ + + public sealed class SecretBackendRolePolicyIdentifierGetArgs : global::Pulumi.ResourceArgs + { + /// + /// The URL of the CPS for the policy identifier + /// + /// Example usage: + /// + [Input("cps")] + public Input? Cps { get; set; } + + /// + /// A notice for the policy identifier + /// + [Input("notice")] + public Input? Notice { get; set; } + + /// + /// The OID for the policy identifier + /// + [Input("oid", required: true)] + public Input Oid { get; set; } = null!; + + public SecretBackendRolePolicyIdentifierGetArgs() + { + } + public static new SecretBackendRolePolicyIdentifierGetArgs Empty => new SecretBackendRolePolicyIdentifierGetArgs(); + } +} diff --git a/sdk/dotnet/PkiSecret/Outputs/SecretBackendRolePolicyIdentifier.cs b/sdk/dotnet/PkiSecret/Outputs/SecretBackendRolePolicyIdentifier.cs new file mode 100644 index 000000000..e615aa22d --- /dev/null +++ b/sdk/dotnet/PkiSecret/Outputs/SecretBackendRolePolicyIdentifier.cs @@ -0,0 +1,44 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Vault.PkiSecret.Outputs +{ + + [OutputType] + public sealed class SecretBackendRolePolicyIdentifier + { + /// + /// The URL of the CPS for the policy identifier + /// + /// Example usage: + /// + public readonly string? Cps; + /// + /// A notice for the policy identifier + /// + public readonly string? Notice; + /// + /// The OID for the policy identifier + /// + public readonly string Oid; + + [OutputConstructor] + private SecretBackendRolePolicyIdentifier( + string? cps, + + string? notice, + + string oid) + { + Cps = cps; + Notice = notice; + Oid = oid; + } + } +} diff --git a/sdk/dotnet/PkiSecret/SecretBackendCert.cs b/sdk/dotnet/PkiSecret/SecretBackendCert.cs index a99a2c8b7..3556cd8c2 100644 --- a/sdk/dotnet/PkiSecret/SecretBackendCert.cs +++ b/sdk/dotnet/PkiSecret/SecretBackendCert.cs @@ -14,6 +14,7 @@ namespace Pulumi.Vault.PkiSecret /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/PkiSecret/SecretBackendConfigCa.cs b/sdk/dotnet/PkiSecret/SecretBackendConfigCa.cs index 52fb1da65..fed229be0 100644 --- a/sdk/dotnet/PkiSecret/SecretBackendConfigCa.cs +++ b/sdk/dotnet/PkiSecret/SecretBackendConfigCa.cs @@ -14,6 +14,7 @@ namespace Pulumi.Vault.PkiSecret /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/PkiSecret/SecretBackendConfigIssuers.cs b/sdk/dotnet/PkiSecret/SecretBackendConfigIssuers.cs index ef22c464d..c13deae37 100644 --- a/sdk/dotnet/PkiSecret/SecretBackendConfigIssuers.cs +++ b/sdk/dotnet/PkiSecret/SecretBackendConfigIssuers.cs @@ -17,6 +17,7 @@ namespace Pulumi.Vault.PkiSecret /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/PkiSecret/SecretBackendConfigUrls.cs b/sdk/dotnet/PkiSecret/SecretBackendConfigUrls.cs index 945e8e7fd..b43b15eb9 100644 --- a/sdk/dotnet/PkiSecret/SecretBackendConfigUrls.cs +++ b/sdk/dotnet/PkiSecret/SecretBackendConfigUrls.cs @@ -16,6 +16,7 @@ namespace Pulumi.Vault.PkiSecret /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -44,11 +45,7 @@ namespace Pulumi.Vault.PkiSecret /// /// ## Import /// - /// The PKI config URLs can be imported using the resource's `id`. - /// - /// In the case of the example above the `id` would be `pki-root/config/urls`, - /// - /// where the `pki-root` component is the resource's `backend`, e.g. + /// The PKI config URLs can be imported using the resource's `id`. In the case of the example above the `id` would be `pki-root/config/urls`, where the `pki-root` component is the resource's `backend`, e.g. /// /// ```sh /// $ pulumi import vault:pkiSecret/secretBackendConfigUrls:SecretBackendConfigUrls example pki-root/config/urls diff --git a/sdk/dotnet/PkiSecret/SecretBackendCrlConfig.cs b/sdk/dotnet/PkiSecret/SecretBackendCrlConfig.cs index 4aa53e866..5b21ca820 100644 --- a/sdk/dotnet/PkiSecret/SecretBackendCrlConfig.cs +++ b/sdk/dotnet/PkiSecret/SecretBackendCrlConfig.cs @@ -16,6 +16,7 @@ namespace Pulumi.Vault.PkiSecret /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/PkiSecret/SecretBackendIntermediateCertRequest.cs b/sdk/dotnet/PkiSecret/SecretBackendIntermediateCertRequest.cs index 9db4f2410..612cdb432 100644 --- a/sdk/dotnet/PkiSecret/SecretBackendIntermediateCertRequest.cs +++ b/sdk/dotnet/PkiSecret/SecretBackendIntermediateCertRequest.cs @@ -14,6 +14,7 @@ namespace Pulumi.Vault.PkiSecret /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/PkiSecret/SecretBackendIntermediateSetSigned.cs b/sdk/dotnet/PkiSecret/SecretBackendIntermediateSetSigned.cs index eeb243894..ec7f34041 100644 --- a/sdk/dotnet/PkiSecret/SecretBackendIntermediateSetSigned.cs +++ b/sdk/dotnet/PkiSecret/SecretBackendIntermediateSetSigned.cs @@ -14,6 +14,7 @@ namespace Pulumi.Vault.PkiSecret /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/PkiSecret/SecretBackendIssuer.cs b/sdk/dotnet/PkiSecret/SecretBackendIssuer.cs index 14e4063d8..d09c16682 100644 --- a/sdk/dotnet/PkiSecret/SecretBackendIssuer.cs +++ b/sdk/dotnet/PkiSecret/SecretBackendIssuer.cs @@ -19,6 +19,7 @@ namespace Pulumi.Vault.PkiSecret /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/PkiSecret/SecretBackendRole.cs b/sdk/dotnet/PkiSecret/SecretBackendRole.cs index b1383ab3b..d2e1e1532 100644 --- a/sdk/dotnet/PkiSecret/SecretBackendRole.cs +++ b/sdk/dotnet/PkiSecret/SecretBackendRole.cs @@ -16,6 +16,7 @@ namespace Pulumi.Vault.PkiSecret /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -277,6 +278,12 @@ public partial class SecretBackendRole : global::Pulumi.CustomResource [Output("organizations")] public Output> Organizations { get; private set; } = null!; + /// + /// (Vault 1.11+ only) A block for specifying policy identifers. The `policy_identifier` block can be repeated, and supports the following arguments: + /// + [Output("policyIdentifier")] + public Output> PolicyIdentifier { get; private set; } = null!; + /// /// Specify the list of allowed policies OIDs. Use with Vault 1.10 or before. For Vault 1.11+, use `policy_identifier` blocks instead /// @@ -662,6 +669,18 @@ public InputList Organizations set => _organizations = value; } + [Input("policyIdentifier")] + private InputList? _policyIdentifier; + + /// + /// (Vault 1.11+ only) A block for specifying policy identifers. The `policy_identifier` block can be repeated, and supports the following arguments: + /// + public InputList PolicyIdentifier + { + get => _policyIdentifier ?? (_policyIdentifier = new InputList()); + set => _policyIdentifier = value; + } + [Input("policyIdentifiers")] private InputList? _policyIdentifiers; @@ -1033,6 +1052,18 @@ public InputList Organizations set => _organizations = value; } + [Input("policyIdentifier")] + private InputList? _policyIdentifier; + + /// + /// (Vault 1.11+ only) A block for specifying policy identifers. The `policy_identifier` block can be repeated, and supports the following arguments: + /// + public InputList PolicyIdentifier + { + get => _policyIdentifier ?? (_policyIdentifier = new InputList()); + set => _policyIdentifier = value; + } + [Input("policyIdentifiers")] private InputList? _policyIdentifiers; diff --git a/sdk/dotnet/PkiSecret/SecretBackendRootCert.cs b/sdk/dotnet/PkiSecret/SecretBackendRootCert.cs index 3785fdd69..723396389 100644 --- a/sdk/dotnet/PkiSecret/SecretBackendRootCert.cs +++ b/sdk/dotnet/PkiSecret/SecretBackendRootCert.cs @@ -14,6 +14,7 @@ namespace Pulumi.Vault.PkiSecret /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/PkiSecret/SecretBackendRootSignIntermediate.cs b/sdk/dotnet/PkiSecret/SecretBackendRootSignIntermediate.cs index 88d049f16..e3595eaf3 100644 --- a/sdk/dotnet/PkiSecret/SecretBackendRootSignIntermediate.cs +++ b/sdk/dotnet/PkiSecret/SecretBackendRootSignIntermediate.cs @@ -16,6 +16,7 @@ namespace Pulumi.Vault.PkiSecret /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/PkiSecret/SecretBackendSign.cs b/sdk/dotnet/PkiSecret/SecretBackendSign.cs index f1ba65a9c..9b285d666 100644 --- a/sdk/dotnet/PkiSecret/SecretBackendSign.cs +++ b/sdk/dotnet/PkiSecret/SecretBackendSign.cs @@ -14,6 +14,7 @@ namespace Pulumi.Vault.PkiSecret /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Provider.cs b/sdk/dotnet/Provider.cs index e2fe1c789..ff390b7b2 100644 --- a/sdk/dotnet/Provider.cs +++ b/sdk/dotnet/Provider.cs @@ -211,7 +211,11 @@ public sealed class ProviderArgs : global::Pulumi.ResourceArgs public InputList Headers { get => _headers ?? (_headers = new InputList()); - set => _headers = value; + set + { + var emptySecret = Output.CreateSecret(ImmutableArray.Create()); + _headers = Output.All(value, emptySecret).Apply(v => v[0]); + } } /// @@ -238,6 +242,13 @@ public InputList Headers [Input("namespace")] public Input? Namespace { get; set; } + /// + /// In the case where the Vault token is for a specific namespace and the provider namespace is not configured, use the + /// token namespace as the root namespace for all resources. + /// + [Input("setNamespaceFromToken", json: true)] + public Input? SetNamespaceFromToken { get; set; } + /// /// Set this to true to prevent the creation of ephemeral child token used by this provider. /// diff --git a/sdk/dotnet/Pulumi.Vault.csproj b/sdk/dotnet/Pulumi.Vault.csproj index 30469d9c1..48b7d5f6f 100644 --- a/sdk/dotnet/Pulumi.Vault.csproj +++ b/sdk/dotnet/Pulumi.Vault.csproj @@ -10,9 +10,8 @@ https://github.com/pulumi/pulumi-vault logo.png - netcoreapp3.1 + net6.0 enable - false @@ -39,7 +38,7 @@ - + diff --git a/sdk/dotnet/QuotaLeaseCount.cs b/sdk/dotnet/QuotaLeaseCount.cs index 400564506..d53a5a153 100644 --- a/sdk/dotnet/QuotaLeaseCount.cs +++ b/sdk/dotnet/QuotaLeaseCount.cs @@ -23,6 +23,7 @@ namespace Pulumi.Vault /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/QuotaRateLimit.cs b/sdk/dotnet/QuotaRateLimit.cs index f1e37a0a1..b04c23261 100644 --- a/sdk/dotnet/QuotaRateLimit.cs +++ b/sdk/dotnet/QuotaRateLimit.cs @@ -21,6 +21,7 @@ namespace Pulumi.Vault /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/RabbitMQ/SecretBackend.cs b/sdk/dotnet/RabbitMQ/SecretBackend.cs index 1edc9010e..cbadf3216 100644 --- a/sdk/dotnet/RabbitMQ/SecretBackend.cs +++ b/sdk/dotnet/RabbitMQ/SecretBackend.cs @@ -14,6 +14,7 @@ namespace Pulumi.Vault.RabbitMQ /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/RabbitMQ/SecretBackendRole.cs b/sdk/dotnet/RabbitMQ/SecretBackendRole.cs index d689b4928..18e8442d1 100644 --- a/sdk/dotnet/RabbitMQ/SecretBackendRole.cs +++ b/sdk/dotnet/RabbitMQ/SecretBackendRole.cs @@ -14,6 +14,7 @@ namespace Pulumi.Vault.RabbitMQ /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/RaftAutopilot.cs b/sdk/dotnet/RaftAutopilot.cs index 8be034080..44c79f3d6 100644 --- a/sdk/dotnet/RaftAutopilot.cs +++ b/sdk/dotnet/RaftAutopilot.cs @@ -19,6 +19,7 @@ namespace Pulumi.Vault /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/RaftSnapshotAgentConfig.cs b/sdk/dotnet/RaftSnapshotAgentConfig.cs index 5496b0aff..2678831b5 100644 --- a/sdk/dotnet/RaftSnapshotAgentConfig.cs +++ b/sdk/dotnet/RaftSnapshotAgentConfig.cs @@ -14,6 +14,7 @@ namespace Pulumi.Vault /// ### Local Storage /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -33,6 +34,7 @@ namespace Pulumi.Vault /// ### AWS S3 /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Aws = Pulumi.Aws; /// using Vault = Pulumi.Vault; @@ -63,6 +65,7 @@ namespace Pulumi.Vault /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -230,6 +233,16 @@ public partial class RaftSnapshotAgentConfig : global::Pulumi.CustomResource /// /// Google service account key in JSON format. /// The raw value looks like this: + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// + /// return await Deployment.RunAsync(() => + /// { + /// }); + /// ``` /// [Output("googleServiceAccountKey")] public Output GoogleServiceAccountKey { get; private set; } = null!; @@ -468,6 +481,16 @@ public sealed class RaftSnapshotAgentConfigArgs : global::Pulumi.ResourceArgs /// /// Google service account key in JSON format. /// The raw value looks like this: + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// + /// return await Deployment.RunAsync(() => + /// { + /// }); + /// ``` /// [Input("googleServiceAccountKey")] public Input? GoogleServiceAccountKey { get; set; } @@ -668,6 +691,16 @@ public sealed class RaftSnapshotAgentConfigState : global::Pulumi.ResourceArgs /// /// Google service account key in JSON format. /// The raw value looks like this: + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// + /// return await Deployment.RunAsync(() => + /// { + /// }); + /// ``` /// [Input("googleServiceAccountKey")] public Input? GoogleServiceAccountKey { get; set; } diff --git a/sdk/dotnet/RgpPolicy.cs b/sdk/dotnet/RgpPolicy.cs index aa78abd02..d043d79ae 100644 --- a/sdk/dotnet/RgpPolicy.cs +++ b/sdk/dotnet/RgpPolicy.cs @@ -18,6 +18,7 @@ namespace Pulumi.Vault /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Saml/AuthBackend.cs b/sdk/dotnet/Saml/AuthBackend.cs new file mode 100644 index 000000000..89e90dcd4 --- /dev/null +++ b/sdk/dotnet/Saml/AuthBackend.cs @@ -0,0 +1,355 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Vault.Saml +{ + /// + /// Manages a SAML Auth mount in a Vault server. See the [Vault + /// documentation](https://www.vaultproject.io/docs/auth/saml/) for more + /// information. + /// + /// ## Example Usage + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Vault = Pulumi.Vault; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var test = new Vault.Saml.AuthBackend("test", new() + /// { + /// AcsUrls = new[] + /// { + /// "https://my.vault.primary/v1/auth/saml/callback", + /// }, + /// DefaultRole = "admin", + /// EntityId = "https://my.vault/v1/auth/saml", + /// IdpMetadataUrl = "https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata", + /// Path = "saml", + /// }); + /// + /// }); + /// ``` + /// + /// ## Import + /// + /// SAML authentication mounts can be imported using the `path`, e.g. + /// + /// ```sh + /// $ pulumi import vault:saml/authBackend:AuthBackend example saml + /// ``` + /// + [VaultResourceType("vault:saml/authBackend:AuthBackend")] + public partial class AuthBackend : global::Pulumi.CustomResource + { + /// + /// The well-formatted URLs of your Assertion Consumer Service (ACS) + /// that should receive a response from the identity provider. + /// + [Output("acsUrls")] + public Output> AcsUrls { get; private set; } = null!; + + /// + /// The role to use if no role is provided during login. + /// + [Output("defaultRole")] + public Output DefaultRole { get; private set; } = null!; + + /// + /// If set to `true`, opts out of mount migration on path updates. + /// See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) + /// + [Output("disableRemount")] + public Output DisableRemount { get; private set; } = null!; + + /// + /// The entity ID of the SAML authentication service provider. + /// + [Output("entityId")] + public Output EntityId { get; private set; } = null!; + + /// + /// The PEM encoded certificate of the identity provider. Mutually exclusive + /// with `idp_metadata_url`. + /// + [Output("idpCert")] + public Output IdpCert { get; private set; } = null!; + + /// + /// The entity ID of the identity provider. Mutually exclusive with + /// `idp_metadata_url`. + /// + [Output("idpEntityId")] + public Output IdpEntityId { get; private set; } = null!; + + /// + /// The metadata URL of the identity provider. + /// + [Output("idpMetadataUrl")] + public Output IdpMetadataUrl { get; private set; } = null!; + + /// + /// The SSO URL of the identity provider. Mutually exclusive with + /// `idp_metadata_url`. + /// + [Output("idpSsoUrl")] + public Output IdpSsoUrl { get; private set; } = null!; + + /// + /// The namespace to provision the resource in. + /// The value should not contain leading or trailing forward slashes. + /// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + /// *Available only for Vault Enterprise*. + /// + [Output("namespace")] + public Output Namespace { get; private set; } = null!; + + /// + /// Path where the auth backend will be mounted. Defaults to `auth/saml` + /// if not specified. + /// + [Output("path")] + public Output Path { get; private set; } = null!; + + /// + /// If set to `true`, logs additional, potentially sensitive + /// information during the SAML exchange according to the current logging level. Not + /// recommended for production. + /// + [Output("verboseLogging")] + public Output VerboseLogging { get; private set; } = null!; + + + /// + /// Create a AuthBackend resource with the given unique name, arguments, and options. + /// + /// + /// The unique name of the resource + /// The arguments used to populate this resource's properties + /// A bag of options that control this resource's behavior + public AuthBackend(string name, AuthBackendArgs args, CustomResourceOptions? options = null) + : base("vault:saml/authBackend:AuthBackend", name, args ?? new AuthBackendArgs(), MakeResourceOptions(options, "")) + { + } + + private AuthBackend(string name, Input id, AuthBackendState? state = null, CustomResourceOptions? options = null) + : base("vault:saml/authBackend:AuthBackend", name, state, MakeResourceOptions(options, id)) + { + } + + private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options, Input? id) + { + var defaultOptions = new CustomResourceOptions + { + Version = Utilities.Version, + }; + var merged = CustomResourceOptions.Merge(defaultOptions, options); + // Override the ID if one was specified for consistency with other language SDKs. + merged.Id = id ?? merged.Id; + return merged; + } + /// + /// Get an existing AuthBackend resource's state with the given name, ID, and optional extra + /// properties used to qualify the lookup. + /// + /// + /// The unique name of the resulting resource. + /// The unique provider ID of the resource to lookup. + /// Any extra arguments used during the lookup. + /// A bag of options that control this resource's behavior + public static AuthBackend Get(string name, Input id, AuthBackendState? state = null, CustomResourceOptions? options = null) + { + return new AuthBackend(name, id, state, options); + } + } + + public sealed class AuthBackendArgs : global::Pulumi.ResourceArgs + { + [Input("acsUrls", required: true)] + private InputList? _acsUrls; + + /// + /// The well-formatted URLs of your Assertion Consumer Service (ACS) + /// that should receive a response from the identity provider. + /// + public InputList AcsUrls + { + get => _acsUrls ?? (_acsUrls = new InputList()); + set => _acsUrls = value; + } + + /// + /// The role to use if no role is provided during login. + /// + [Input("defaultRole")] + public Input? DefaultRole { get; set; } + + /// + /// If set to `true`, opts out of mount migration on path updates. + /// See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) + /// + [Input("disableRemount")] + public Input? DisableRemount { get; set; } + + /// + /// The entity ID of the SAML authentication service provider. + /// + [Input("entityId", required: true)] + public Input EntityId { get; set; } = null!; + + /// + /// The PEM encoded certificate of the identity provider. Mutually exclusive + /// with `idp_metadata_url`. + /// + [Input("idpCert")] + public Input? IdpCert { get; set; } + + /// + /// The entity ID of the identity provider. Mutually exclusive with + /// `idp_metadata_url`. + /// + [Input("idpEntityId")] + public Input? IdpEntityId { get; set; } + + /// + /// The metadata URL of the identity provider. + /// + [Input("idpMetadataUrl")] + public Input? IdpMetadataUrl { get; set; } + + /// + /// The SSO URL of the identity provider. Mutually exclusive with + /// `idp_metadata_url`. + /// + [Input("idpSsoUrl")] + public Input? IdpSsoUrl { get; set; } + + /// + /// The namespace to provision the resource in. + /// The value should not contain leading or trailing forward slashes. + /// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + /// *Available only for Vault Enterprise*. + /// + [Input("namespace")] + public Input? Namespace { get; set; } + + /// + /// Path where the auth backend will be mounted. Defaults to `auth/saml` + /// if not specified. + /// + [Input("path")] + public Input? Path { get; set; } + + /// + /// If set to `true`, logs additional, potentially sensitive + /// information during the SAML exchange according to the current logging level. Not + /// recommended for production. + /// + [Input("verboseLogging")] + public Input? VerboseLogging { get; set; } + + public AuthBackendArgs() + { + } + public static new AuthBackendArgs Empty => new AuthBackendArgs(); + } + + public sealed class AuthBackendState : global::Pulumi.ResourceArgs + { + [Input("acsUrls")] + private InputList? _acsUrls; + + /// + /// The well-formatted URLs of your Assertion Consumer Service (ACS) + /// that should receive a response from the identity provider. + /// + public InputList AcsUrls + { + get => _acsUrls ?? (_acsUrls = new InputList()); + set => _acsUrls = value; + } + + /// + /// The role to use if no role is provided during login. + /// + [Input("defaultRole")] + public Input? DefaultRole { get; set; } + + /// + /// If set to `true`, opts out of mount migration on path updates. + /// See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) + /// + [Input("disableRemount")] + public Input? DisableRemount { get; set; } + + /// + /// The entity ID of the SAML authentication service provider. + /// + [Input("entityId")] + public Input? EntityId { get; set; } + + /// + /// The PEM encoded certificate of the identity provider. Mutually exclusive + /// with `idp_metadata_url`. + /// + [Input("idpCert")] + public Input? IdpCert { get; set; } + + /// + /// The entity ID of the identity provider. Mutually exclusive with + /// `idp_metadata_url`. + /// + [Input("idpEntityId")] + public Input? IdpEntityId { get; set; } + + /// + /// The metadata URL of the identity provider. + /// + [Input("idpMetadataUrl")] + public Input? IdpMetadataUrl { get; set; } + + /// + /// The SSO URL of the identity provider. Mutually exclusive with + /// `idp_metadata_url`. + /// + [Input("idpSsoUrl")] + public Input? IdpSsoUrl { get; set; } + + /// + /// The namespace to provision the resource in. + /// The value should not contain leading or trailing forward slashes. + /// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + /// *Available only for Vault Enterprise*. + /// + [Input("namespace")] + public Input? Namespace { get; set; } + + /// + /// Path where the auth backend will be mounted. Defaults to `auth/saml` + /// if not specified. + /// + [Input("path")] + public Input? Path { get; set; } + + /// + /// If set to `true`, logs additional, potentially sensitive + /// information during the SAML exchange according to the current logging level. Not + /// recommended for production. + /// + [Input("verboseLogging")] + public Input? VerboseLogging { get; set; } + + public AuthBackendState() + { + } + public static new AuthBackendState Empty => new AuthBackendState(); + } +} diff --git a/sdk/dotnet/Saml/AuthBackendRole.cs b/sdk/dotnet/Saml/AuthBackendRole.cs new file mode 100644 index 000000000..8f9cc1d7b --- /dev/null +++ b/sdk/dotnet/Saml/AuthBackendRole.cs @@ -0,0 +1,554 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Vault.Saml +{ + /// + /// Manages an SAML auth backend role in a Vault server. See the [Vault + /// documentation](https://www.vaultproject.io/docs/auth/saml.html) for more + /// information. + /// + /// ## Example Usage + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Vault = Pulumi.Vault; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var exampleAuthBackend = new Vault.Saml.AuthBackend("exampleAuthBackend", new() + /// { + /// Path = "saml", + /// IdpMetadataUrl = "https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata", + /// EntityId = "https://my.vault/v1/auth/saml", + /// AcsUrls = new[] + /// { + /// "https://my.vault.primary/v1/auth/saml/callback", + /// }, + /// DefaultRole = "default-role", + /// }); + /// + /// var exampleAuthBackendRole = new Vault.Saml.AuthBackendRole("exampleAuthBackendRole", new() + /// { + /// Path = exampleAuthBackend.Path, + /// GroupsAttribute = "groups", + /// BoundAttributes = + /// { + /// { "group", "admin" }, + /// }, + /// BoundSubjects = new[] + /// { + /// "*example.com", + /// }, + /// TokenPolicies = new[] + /// { + /// "writer", + /// }, + /// TokenTtl = 86400, + /// }); + /// + /// }); + /// ``` + /// + /// ## Import + /// + /// SAML authentication backend roles can be imported using the `path`, e.g. + /// + /// ```sh + /// $ pulumi import vault:saml/authBackendRole:AuthBackendRole example auth/saml/role/my-role + /// ``` + /// + [VaultResourceType("vault:saml/authBackendRole:AuthBackendRole")] + public partial class AuthBackendRole : global::Pulumi.CustomResource + { + /// + /// Mapping of attribute names to values that are expected to + /// exist in the SAML assertion. + /// + [Output("boundAttributes")] + public Output?> BoundAttributes { get; private set; } = null!; + + /// + /// The type of matching assertion to perform on + /// `bound_attributes_type`. + /// + [Output("boundAttributesType")] + public Output BoundAttributesType { get; private set; } = null!; + + /// + /// List of subjects being asserted for SAML authentication. + /// + [Output("boundSubjects")] + public Output> BoundSubjects { get; private set; } = null!; + + /// + /// The type of matching assertion to perform on `bound_subjects`. + /// + [Output("boundSubjectsType")] + public Output BoundSubjectsType { get; private set; } = null!; + + /// + /// The attribute to use to identify the set of groups to which the + /// user belongs. + /// + [Output("groupsAttribute")] + public Output GroupsAttribute { get; private set; } = null!; + + /// + /// Unique name of the role. + /// + [Output("name")] + public Output Name { get; private set; } = null!; + + /// + /// The namespace to provision the resource in. + /// The value should not contain leading or trailing forward slashes. + /// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + /// *Available only for Vault Enterprise*. + /// + [Output("namespace")] + public Output Namespace { get; private set; } = null!; + + /// + /// Path where the auth backend is mounted. + /// + [Output("path")] + public Output Path { get; private set; } = null!; + + /// + /// List of CIDR blocks; if set, specifies blocks of IP + /// addresses which can authenticate successfully, and ties the resulting token to these blocks + /// as well. + /// + [Output("tokenBoundCidrs")] + public Output> TokenBoundCidrs { get; private set; } = null!; + + /// + /// If set, will encode an + /// [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) + /// onto the token in number of seconds. This is a hard cap even if `token_ttl` and + /// `token_max_ttl` would otherwise allow a renewal. + /// + [Output("tokenExplicitMaxTtl")] + public Output TokenExplicitMaxTtl { get; private set; } = null!; + + /// + /// The maximum lifetime for generated tokens in number of seconds. + /// Its current value will be referenced at renewal time. + /// + [Output("tokenMaxTtl")] + public Output TokenMaxTtl { get; private set; } = null!; + + /// + /// If set, the default policy will not be set on + /// generated tokens; otherwise it will be added to the policies set in token_policies. + /// + [Output("tokenNoDefaultPolicy")] + public Output TokenNoDefaultPolicy { get; private set; } = null!; + + /// + /// The [maximum number](https://developer.hashicorp.com/vault/api-docs/auth/saml#token_num_uses) + /// of times a generated token may be used (within its lifetime); 0 means unlimited. + /// + [Output("tokenNumUses")] + public Output TokenNumUses { get; private set; } = null!; + + /// + /// If set, indicates that the + /// token generated using this role should never expire. The token should be renewed within the + /// duration specified by this value. At each renewal, the token's TTL will be set to the + /// value of this field. Specified in seconds. + /// + [Output("tokenPeriod")] + public Output TokenPeriod { get; private set; } = null!; + + /// + /// List of policies to encode onto generated tokens. Depending + /// on the auth method, this list may be supplemented by user/group/other values. + /// + [Output("tokenPolicies")] + public Output> TokenPolicies { get; private set; } = null!; + + /// + /// The incremental lifetime for generated tokens in number of seconds. + /// Its current value will be referenced at renewal time. + /// + [Output("tokenTtl")] + public Output TokenTtl { get; private set; } = null!; + + /// + /// The type of token that should be generated. Can be `service`, + /// `batch`, or `default` to use the mount's tuned default (which unless changed will be + /// `service` tokens). For token store roles, there are two additional possibilities: + /// `default-service` and `default-batch` which specify the type to return unless the client + /// requests a different type at generation time. + /// + [Output("tokenType")] + public Output TokenType { get; private set; } = null!; + + + /// + /// Create a AuthBackendRole resource with the given unique name, arguments, and options. + /// + /// + /// The unique name of the resource + /// The arguments used to populate this resource's properties + /// A bag of options that control this resource's behavior + public AuthBackendRole(string name, AuthBackendRoleArgs args, CustomResourceOptions? options = null) + : base("vault:saml/authBackendRole:AuthBackendRole", name, args ?? new AuthBackendRoleArgs(), MakeResourceOptions(options, "")) + { + } + + private AuthBackendRole(string name, Input id, AuthBackendRoleState? state = null, CustomResourceOptions? options = null) + : base("vault:saml/authBackendRole:AuthBackendRole", name, state, MakeResourceOptions(options, id)) + { + } + + private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options, Input? id) + { + var defaultOptions = new CustomResourceOptions + { + Version = Utilities.Version, + }; + var merged = CustomResourceOptions.Merge(defaultOptions, options); + // Override the ID if one was specified for consistency with other language SDKs. + merged.Id = id ?? merged.Id; + return merged; + } + /// + /// Get an existing AuthBackendRole resource's state with the given name, ID, and optional extra + /// properties used to qualify the lookup. + /// + /// + /// The unique name of the resulting resource. + /// The unique provider ID of the resource to lookup. + /// Any extra arguments used during the lookup. + /// A bag of options that control this resource's behavior + public static AuthBackendRole Get(string name, Input id, AuthBackendRoleState? state = null, CustomResourceOptions? options = null) + { + return new AuthBackendRole(name, id, state, options); + } + } + + public sealed class AuthBackendRoleArgs : global::Pulumi.ResourceArgs + { + [Input("boundAttributes")] + private InputMap? _boundAttributes; + + /// + /// Mapping of attribute names to values that are expected to + /// exist in the SAML assertion. + /// + public InputMap BoundAttributes + { + get => _boundAttributes ?? (_boundAttributes = new InputMap()); + set => _boundAttributes = value; + } + + /// + /// The type of matching assertion to perform on + /// `bound_attributes_type`. + /// + [Input("boundAttributesType")] + public Input? BoundAttributesType { get; set; } + + [Input("boundSubjects")] + private InputList? _boundSubjects; + + /// + /// List of subjects being asserted for SAML authentication. + /// + public InputList BoundSubjects + { + get => _boundSubjects ?? (_boundSubjects = new InputList()); + set => _boundSubjects = value; + } + + /// + /// The type of matching assertion to perform on `bound_subjects`. + /// + [Input("boundSubjectsType")] + public Input? BoundSubjectsType { get; set; } + + /// + /// The attribute to use to identify the set of groups to which the + /// user belongs. + /// + [Input("groupsAttribute")] + public Input? GroupsAttribute { get; set; } + + /// + /// Unique name of the role. + /// + [Input("name")] + public Input? Name { get; set; } + + /// + /// The namespace to provision the resource in. + /// The value should not contain leading or trailing forward slashes. + /// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + /// *Available only for Vault Enterprise*. + /// + [Input("namespace")] + public Input? Namespace { get; set; } + + /// + /// Path where the auth backend is mounted. + /// + [Input("path", required: true)] + public Input Path { get; set; } = null!; + + [Input("tokenBoundCidrs")] + private InputList? _tokenBoundCidrs; + + /// + /// List of CIDR blocks; if set, specifies blocks of IP + /// addresses which can authenticate successfully, and ties the resulting token to these blocks + /// as well. + /// + public InputList TokenBoundCidrs + { + get => _tokenBoundCidrs ?? (_tokenBoundCidrs = new InputList()); + set => _tokenBoundCidrs = value; + } + + /// + /// If set, will encode an + /// [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) + /// onto the token in number of seconds. This is a hard cap even if `token_ttl` and + /// `token_max_ttl` would otherwise allow a renewal. + /// + [Input("tokenExplicitMaxTtl")] + public Input? TokenExplicitMaxTtl { get; set; } + + /// + /// The maximum lifetime for generated tokens in number of seconds. + /// Its current value will be referenced at renewal time. + /// + [Input("tokenMaxTtl")] + public Input? TokenMaxTtl { get; set; } + + /// + /// If set, the default policy will not be set on + /// generated tokens; otherwise it will be added to the policies set in token_policies. + /// + [Input("tokenNoDefaultPolicy")] + public Input? TokenNoDefaultPolicy { get; set; } + + /// + /// The [maximum number](https://developer.hashicorp.com/vault/api-docs/auth/saml#token_num_uses) + /// of times a generated token may be used (within its lifetime); 0 means unlimited. + /// + [Input("tokenNumUses")] + public Input? TokenNumUses { get; set; } + + /// + /// If set, indicates that the + /// token generated using this role should never expire. The token should be renewed within the + /// duration specified by this value. At each renewal, the token's TTL will be set to the + /// value of this field. Specified in seconds. + /// + [Input("tokenPeriod")] + public Input? TokenPeriod { get; set; } + + [Input("tokenPolicies")] + private InputList? _tokenPolicies; + + /// + /// List of policies to encode onto generated tokens. Depending + /// on the auth method, this list may be supplemented by user/group/other values. + /// + public InputList TokenPolicies + { + get => _tokenPolicies ?? (_tokenPolicies = new InputList()); + set => _tokenPolicies = value; + } + + /// + /// The incremental lifetime for generated tokens in number of seconds. + /// Its current value will be referenced at renewal time. + /// + [Input("tokenTtl")] + public Input? TokenTtl { get; set; } + + /// + /// The type of token that should be generated. Can be `service`, + /// `batch`, or `default` to use the mount's tuned default (which unless changed will be + /// `service` tokens). For token store roles, there are two additional possibilities: + /// `default-service` and `default-batch` which specify the type to return unless the client + /// requests a different type at generation time. + /// + [Input("tokenType")] + public Input? TokenType { get; set; } + + public AuthBackendRoleArgs() + { + } + public static new AuthBackendRoleArgs Empty => new AuthBackendRoleArgs(); + } + + public sealed class AuthBackendRoleState : global::Pulumi.ResourceArgs + { + [Input("boundAttributes")] + private InputMap? _boundAttributes; + + /// + /// Mapping of attribute names to values that are expected to + /// exist in the SAML assertion. + /// + public InputMap BoundAttributes + { + get => _boundAttributes ?? (_boundAttributes = new InputMap()); + set => _boundAttributes = value; + } + + /// + /// The type of matching assertion to perform on + /// `bound_attributes_type`. + /// + [Input("boundAttributesType")] + public Input? BoundAttributesType { get; set; } + + [Input("boundSubjects")] + private InputList? _boundSubjects; + + /// + /// List of subjects being asserted for SAML authentication. + /// + public InputList BoundSubjects + { + get => _boundSubjects ?? (_boundSubjects = new InputList()); + set => _boundSubjects = value; + } + + /// + /// The type of matching assertion to perform on `bound_subjects`. + /// + [Input("boundSubjectsType")] + public Input? BoundSubjectsType { get; set; } + + /// + /// The attribute to use to identify the set of groups to which the + /// user belongs. + /// + [Input("groupsAttribute")] + public Input? GroupsAttribute { get; set; } + + /// + /// Unique name of the role. + /// + [Input("name")] + public Input? Name { get; set; } + + /// + /// The namespace to provision the resource in. + /// The value should not contain leading or trailing forward slashes. + /// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + /// *Available only for Vault Enterprise*. + /// + [Input("namespace")] + public Input? Namespace { get; set; } + + /// + /// Path where the auth backend is mounted. + /// + [Input("path")] + public Input? Path { get; set; } + + [Input("tokenBoundCidrs")] + private InputList? _tokenBoundCidrs; + + /// + /// List of CIDR blocks; if set, specifies blocks of IP + /// addresses which can authenticate successfully, and ties the resulting token to these blocks + /// as well. + /// + public InputList TokenBoundCidrs + { + get => _tokenBoundCidrs ?? (_tokenBoundCidrs = new InputList()); + set => _tokenBoundCidrs = value; + } + + /// + /// If set, will encode an + /// [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) + /// onto the token in number of seconds. This is a hard cap even if `token_ttl` and + /// `token_max_ttl` would otherwise allow a renewal. + /// + [Input("tokenExplicitMaxTtl")] + public Input? TokenExplicitMaxTtl { get; set; } + + /// + /// The maximum lifetime for generated tokens in number of seconds. + /// Its current value will be referenced at renewal time. + /// + [Input("tokenMaxTtl")] + public Input? TokenMaxTtl { get; set; } + + /// + /// If set, the default policy will not be set on + /// generated tokens; otherwise it will be added to the policies set in token_policies. + /// + [Input("tokenNoDefaultPolicy")] + public Input? TokenNoDefaultPolicy { get; set; } + + /// + /// The [maximum number](https://developer.hashicorp.com/vault/api-docs/auth/saml#token_num_uses) + /// of times a generated token may be used (within its lifetime); 0 means unlimited. + /// + [Input("tokenNumUses")] + public Input? TokenNumUses { get; set; } + + /// + /// If set, indicates that the + /// token generated using this role should never expire. The token should be renewed within the + /// duration specified by this value. At each renewal, the token's TTL will be set to the + /// value of this field. Specified in seconds. + /// + [Input("tokenPeriod")] + public Input? TokenPeriod { get; set; } + + [Input("tokenPolicies")] + private InputList? _tokenPolicies; + + /// + /// List of policies to encode onto generated tokens. Depending + /// on the auth method, this list may be supplemented by user/group/other values. + /// + public InputList TokenPolicies + { + get => _tokenPolicies ?? (_tokenPolicies = new InputList()); + set => _tokenPolicies = value; + } + + /// + /// The incremental lifetime for generated tokens in number of seconds. + /// Its current value will be referenced at renewal time. + /// + [Input("tokenTtl")] + public Input? TokenTtl { get; set; } + + /// + /// The type of token that should be generated. Can be `service`, + /// `batch`, or `default` to use the mount's tuned default (which unless changed will be + /// `service` tokens). For token store roles, there are two additional possibilities: + /// `default-service` and `default-batch` which specify the type to return unless the client + /// requests a different type at generation time. + /// + [Input("tokenType")] + public Input? TokenType { get; set; } + + public AuthBackendRoleState() + { + } + public static new AuthBackendRoleState Empty => new AuthBackendRoleState(); + } +} diff --git a/sdk/dotnet/Saml/README.md b/sdk/dotnet/Saml/README.md new file mode 100644 index 000000000..3772fcf89 --- /dev/null +++ b/sdk/dotnet/Saml/README.md @@ -0,0 +1 @@ +A Pulumi package for creating and managing HashiCorp Vault cloud resources. diff --git a/sdk/dotnet/Ssh/Inputs/SecretBackendRoleAllowedUserKeyConfigArgs.cs b/sdk/dotnet/Ssh/Inputs/SecretBackendRoleAllowedUserKeyConfigArgs.cs index c5b949a62..fade21b16 100644 --- a/sdk/dotnet/Ssh/Inputs/SecretBackendRoleAllowedUserKeyConfigArgs.cs +++ b/sdk/dotnet/Ssh/Inputs/SecretBackendRoleAllowedUserKeyConfigArgs.cs @@ -20,6 +20,18 @@ public sealed class SecretBackendRoleAllowedUserKeyConfigArgs : global::Pulumi.R /// For key types that do not support setting the length a value of `[0]` should be used. /// Setting multiple lengths is only supported on Vault 1.10+. For prior releases `length` /// must be set to a single element list. + /// + /// Example configuration blocks that might be included in the `vault.ssh.SecretBackendRole` + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// + /// return await Deployment.RunAsync(() => + /// { + /// }); + /// ``` /// public InputList Lengths { diff --git a/sdk/dotnet/Ssh/Inputs/SecretBackendRoleAllowedUserKeyConfigGetArgs.cs b/sdk/dotnet/Ssh/Inputs/SecretBackendRoleAllowedUserKeyConfigGetArgs.cs index 279b6b663..d50400946 100644 --- a/sdk/dotnet/Ssh/Inputs/SecretBackendRoleAllowedUserKeyConfigGetArgs.cs +++ b/sdk/dotnet/Ssh/Inputs/SecretBackendRoleAllowedUserKeyConfigGetArgs.cs @@ -20,6 +20,18 @@ public sealed class SecretBackendRoleAllowedUserKeyConfigGetArgs : global::Pulum /// For key types that do not support setting the length a value of `[0]` should be used. /// Setting multiple lengths is only supported on Vault 1.10+. For prior releases `length` /// must be set to a single element list. + /// + /// Example configuration blocks that might be included in the `vault.ssh.SecretBackendRole` + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// + /// return await Deployment.RunAsync(() => + /// { + /// }); + /// ``` /// public InputList Lengths { diff --git a/sdk/dotnet/Ssh/Outputs/SecretBackendRoleAllowedUserKeyConfig.cs b/sdk/dotnet/Ssh/Outputs/SecretBackendRoleAllowedUserKeyConfig.cs index 7390d8167..f7949f476 100644 --- a/sdk/dotnet/Ssh/Outputs/SecretBackendRoleAllowedUserKeyConfig.cs +++ b/sdk/dotnet/Ssh/Outputs/SecretBackendRoleAllowedUserKeyConfig.cs @@ -18,6 +18,18 @@ public sealed class SecretBackendRoleAllowedUserKeyConfig /// For key types that do not support setting the length a value of `[0]` should be used. /// Setting multiple lengths is only supported on Vault 1.10+. For prior releases `length` /// must be set to a single element list. + /// + /// Example configuration blocks that might be included in the `vault.ssh.SecretBackendRole` + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// + /// return await Deployment.RunAsync(() => + /// { + /// }); + /// ``` /// public readonly ImmutableArray Lengths; /// diff --git a/sdk/dotnet/Ssh/SecretBackendCa.cs b/sdk/dotnet/Ssh/SecretBackendCa.cs index bc48988c3..f4fd6d467 100644 --- a/sdk/dotnet/Ssh/SecretBackendCa.cs +++ b/sdk/dotnet/Ssh/SecretBackendCa.cs @@ -17,6 +17,7 @@ namespace Pulumi.Vault.Ssh /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -68,7 +69,7 @@ public partial class SecretBackendCa : global::Pulumi.CustomResource public Output Namespace { get; private set; } = null!; /// - /// The private key part the SSH CA key pair; required if generate_signing_key is false. + /// Private key part the SSH CA key pair; required if generate_signing_key is false. /// [Output("privateKey")] public Output PrivateKey { get; private set; } = null!; @@ -154,7 +155,7 @@ public sealed class SecretBackendCaArgs : global::Pulumi.ResourceArgs private Input? _privateKey; /// - /// The private key part the SSH CA key pair; required if generate_signing_key is false. + /// Private key part the SSH CA key pair; required if generate_signing_key is false. /// public Input? PrivateKey { @@ -205,7 +206,7 @@ public sealed class SecretBackendCaState : global::Pulumi.ResourceArgs private Input? _privateKey; /// - /// The private key part the SSH CA key pair; required if generate_signing_key is false. + /// Private key part the SSH CA key pair; required if generate_signing_key is false. /// public Input? PrivateKey { diff --git a/sdk/dotnet/Ssh/SecretBackendRole.cs b/sdk/dotnet/Ssh/SecretBackendRole.cs index c5ad6291a..2a354ac50 100644 --- a/sdk/dotnet/Ssh/SecretBackendRole.cs +++ b/sdk/dotnet/Ssh/SecretBackendRole.cs @@ -17,6 +17,7 @@ namespace Pulumi.Vault.Ssh /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/TerraformCloud/SecretBackend.cs b/sdk/dotnet/TerraformCloud/SecretBackend.cs index d3331595a..ec66d17ec 100644 --- a/sdk/dotnet/TerraformCloud/SecretBackend.cs +++ b/sdk/dotnet/TerraformCloud/SecretBackend.cs @@ -14,6 +14,7 @@ namespace Pulumi.Vault.TerraformCloud /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/TerraformCloud/SecretCreds.cs b/sdk/dotnet/TerraformCloud/SecretCreds.cs index e2edd617e..53036551d 100644 --- a/sdk/dotnet/TerraformCloud/SecretCreds.cs +++ b/sdk/dotnet/TerraformCloud/SecretCreds.cs @@ -14,6 +14,7 @@ namespace Pulumi.Vault.TerraformCloud /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/TerraformCloud/SecretRole.cs b/sdk/dotnet/TerraformCloud/SecretRole.cs index fd6138c52..10d2c9362 100644 --- a/sdk/dotnet/TerraformCloud/SecretRole.cs +++ b/sdk/dotnet/TerraformCloud/SecretRole.cs @@ -14,6 +14,7 @@ namespace Pulumi.Vault.TerraformCloud /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Token.cs b/sdk/dotnet/Token.cs index 8a6f3825a..7833d1a92 100644 --- a/sdk/dotnet/Token.cs +++ b/sdk/dotnet/Token.cs @@ -14,6 +14,7 @@ namespace Pulumi.Vault /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/TokenAuth/AuthBackendRole.cs b/sdk/dotnet/TokenAuth/AuthBackendRole.cs index c91e531f1..99c6f4e00 100644 --- a/sdk/dotnet/TokenAuth/AuthBackendRole.cs +++ b/sdk/dotnet/TokenAuth/AuthBackendRole.cs @@ -18,6 +18,7 @@ namespace Pulumi.Vault.TokenAuth /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -107,6 +108,8 @@ public partial class AuthBackendRole : global::Pulumi.CustomResource /// /// Tokens created against this role will have the given suffix as part of their path in addition to the role name. + /// + /// > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked. /// [Output("pathSuffix")] public Output PathSuffix { get; private set; } = null!; @@ -316,6 +319,8 @@ public InputList DisallowedPoliciesGlobs /// /// Tokens created against this role will have the given suffix as part of their path in addition to the role name. + /// + /// > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked. /// [Input("pathSuffix")] public Input? PathSuffix { get; set; } @@ -499,6 +504,8 @@ public InputList DisallowedPoliciesGlobs /// /// Tokens created against this role will have the given suffix as part of their path in addition to the role name. + /// + /// > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked. /// [Input("pathSuffix")] public Input? PathSuffix { get; set; } diff --git a/sdk/dotnet/Transform/Alphabet.cs b/sdk/dotnet/Transform/Alphabet.cs index d95b1ff45..7ae2ee0c7 100644 --- a/sdk/dotnet/Transform/Alphabet.cs +++ b/sdk/dotnet/Transform/Alphabet.cs @@ -18,6 +18,7 @@ namespace Pulumi.Vault.Transform /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -53,6 +54,15 @@ public partial class Alphabet : global::Pulumi.CustomResource [Output("name")] public Output Name { get; private set; } = null!; + /// + /// The namespace to provision the resource in. + /// The value should not contain leading or trailing forward slashes. + /// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + /// *Available only for Vault Enterprise*. + /// + [Output("namespace")] + public Output Namespace { get; private set; } = null!; + /// /// Path to where the back-end is mounted within Vault. /// @@ -117,6 +127,15 @@ public sealed class AlphabetArgs : global::Pulumi.ResourceArgs [Input("name")] public Input? Name { get; set; } + /// + /// The namespace to provision the resource in. + /// The value should not contain leading or trailing forward slashes. + /// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + /// *Available only for Vault Enterprise*. + /// + [Input("namespace")] + public Input? Namespace { get; set; } + /// /// Path to where the back-end is mounted within Vault. /// @@ -143,6 +162,15 @@ public sealed class AlphabetState : global::Pulumi.ResourceArgs [Input("name")] public Input? Name { get; set; } + /// + /// The namespace to provision the resource in. + /// The value should not contain leading or trailing forward slashes. + /// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + /// *Available only for Vault Enterprise*. + /// + [Input("namespace")] + public Input? Namespace { get; set; } + /// /// Path to where the back-end is mounted within Vault. /// diff --git a/sdk/dotnet/Transform/GetDecode.cs b/sdk/dotnet/Transform/GetDecode.cs index 09f35b284..b9505f9e1 100644 --- a/sdk/dotnet/Transform/GetDecode.cs +++ b/sdk/dotnet/Transform/GetDecode.cs @@ -15,6 +15,57 @@ public static class GetDecode /// This data source supports the "/transform/decode/{role_name}" Vault endpoint. /// /// It decodes the provided value using a named role. + /// + /// {{% examples %}} + /// ## Example Usage + /// {{% example %}} + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Vault = Pulumi.Vault; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var transform = new Vault.Mount("transform", new() + /// { + /// Path = "transform", + /// Type = "transform", + /// }); + /// + /// var ccn_fpe = new Vault.Transform.Transformation("ccn-fpe", new() + /// { + /// Path = transform.Path, + /// Type = "fpe", + /// Template = "builtin/creditcardnumber", + /// TweakSource = "internal", + /// AllowedRoles = new[] + /// { + /// "payments", + /// }, + /// }); + /// + /// var payments = new Vault.Transform.Role("payments", new() + /// { + /// Path = ccn_fpe.Path, + /// Transformations = new[] + /// { + /// "ccn-fpe", + /// }, + /// }); + /// + /// var test = Vault.Transform.GetDecode.Invoke(new() + /// { + /// Path = payments.Path, + /// RoleName = "payments", + /// Value = "9300-3376-4943-8903", + /// }); + /// + /// }); + /// ``` + /// {{% /example %}} + /// {{% /examples %}} /// public static Task InvokeAsync(GetDecodeArgs args, InvokeOptions? options = null) => global::Pulumi.Deployment.Instance.InvokeAsync("vault:transform/getDecode:getDecode", args ?? new GetDecodeArgs(), options.WithDefaults()); @@ -23,6 +74,57 @@ public static Task InvokeAsync(GetDecodeArgs args, InvokeOption /// This data source supports the "/transform/decode/{role_name}" Vault endpoint. /// /// It decodes the provided value using a named role. + /// + /// {{% examples %}} + /// ## Example Usage + /// {{% example %}} + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Vault = Pulumi.Vault; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var transform = new Vault.Mount("transform", new() + /// { + /// Path = "transform", + /// Type = "transform", + /// }); + /// + /// var ccn_fpe = new Vault.Transform.Transformation("ccn-fpe", new() + /// { + /// Path = transform.Path, + /// Type = "fpe", + /// Template = "builtin/creditcardnumber", + /// TweakSource = "internal", + /// AllowedRoles = new[] + /// { + /// "payments", + /// }, + /// }); + /// + /// var payments = new Vault.Transform.Role("payments", new() + /// { + /// Path = ccn_fpe.Path, + /// Transformations = new[] + /// { + /// "ccn-fpe", + /// }, + /// }); + /// + /// var test = Vault.Transform.GetDecode.Invoke(new() + /// { + /// Path = payments.Path, + /// RoleName = "payments", + /// Value = "9300-3376-4943-8903", + /// }); + /// + /// }); + /// ``` + /// {{% /example %}} + /// {{% /examples %}} /// public static Output Invoke(GetDecodeInvokeArgs args, InvokeOptions? options = null) => global::Pulumi.Deployment.Instance.Invoke("vault:transform/getDecode:getDecode", args ?? new GetDecodeInvokeArgs(), options.WithDefaults()); @@ -61,6 +163,15 @@ public List> BatchResults [Input("decodedValue")] public string? DecodedValue { get; set; } + /// + /// The namespace of the target resource. + /// The value should not contain leading or trailing forward slashes. + /// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + /// *Available only for Vault Enterprise*. + /// + [Input("namespace")] + public string? Namespace { get; set; } + /// /// Path to where the back-end is mounted within Vault. /// @@ -129,6 +240,15 @@ public InputList> BatchResults [Input("decodedValue")] public Input? DecodedValue { get; set; } + /// + /// The namespace of the target resource. + /// The value should not contain leading or trailing forward slashes. + /// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + /// *Available only for Vault Enterprise*. + /// + [Input("namespace")] + public Input? Namespace { get; set; } + /// /// Path to where the back-end is mounted within Vault. /// @@ -176,6 +296,7 @@ public sealed class GetDecodeResult /// The provider-assigned unique ID for this managed resource. /// public readonly string Id; + public readonly string? Namespace; public readonly string Path; public readonly string RoleName; public readonly string? Transformation; @@ -192,6 +313,8 @@ private GetDecodeResult( string id, + string? @namespace, + string path, string roleName, @@ -206,6 +329,7 @@ private GetDecodeResult( BatchResults = batchResults; DecodedValue = decodedValue; Id = id; + Namespace = @namespace; Path = path; RoleName = roleName; Transformation = transformation; diff --git a/sdk/dotnet/Transform/GetEncode.cs b/sdk/dotnet/Transform/GetEncode.cs index 9d064173e..9b909ed6b 100644 --- a/sdk/dotnet/Transform/GetEncode.cs +++ b/sdk/dotnet/Transform/GetEncode.cs @@ -15,6 +15,63 @@ public static class GetEncode /// This data source supports the "/transform/encode/{role_name}" Vault endpoint. /// /// It encodes the provided value using a named role. + /// + /// {{% examples %}} + /// ## Example Usage + /// {{% example %}} + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Vault = Pulumi.Vault; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var transform = new Vault.Mount("transform", new() + /// { + /// Path = "transform", + /// Type = "transform", + /// }); + /// + /// var ccn_fpe = new Vault.Transform.Transformation("ccn-fpe", new() + /// { + /// Path = transform.Path, + /// Type = "fpe", + /// Template = "builtin/creditcardnumber", + /// TweakSource = "internal", + /// AllowedRoles = new[] + /// { + /// "payments", + /// }, + /// }); + /// + /// var payments = new Vault.Transform.Role("payments", new() + /// { + /// Path = ccn_fpe.Path, + /// Transformations = new[] + /// { + /// "ccn-fpe", + /// }, + /// }); + /// + /// var test = Vault.Transform.GetEncode.Invoke(new() + /// { + /// Path = payments.Path, + /// RoleName = "payments", + /// BatchInputs = new[] + /// { + /// + /// { + /// { "value", "1111-2222-3333-4444" }, + /// }, + /// }, + /// }); + /// + /// }); + /// ``` + /// {{% /example %}} + /// {{% /examples %}} /// public static Task InvokeAsync(GetEncodeArgs args, InvokeOptions? options = null) => global::Pulumi.Deployment.Instance.InvokeAsync("vault:transform/getEncode:getEncode", args ?? new GetEncodeArgs(), options.WithDefaults()); @@ -23,6 +80,63 @@ public static Task InvokeAsync(GetEncodeArgs args, InvokeOption /// This data source supports the "/transform/encode/{role_name}" Vault endpoint. /// /// It encodes the provided value using a named role. + /// + /// {{% examples %}} + /// ## Example Usage + /// {{% example %}} + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Vault = Pulumi.Vault; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var transform = new Vault.Mount("transform", new() + /// { + /// Path = "transform", + /// Type = "transform", + /// }); + /// + /// var ccn_fpe = new Vault.Transform.Transformation("ccn-fpe", new() + /// { + /// Path = transform.Path, + /// Type = "fpe", + /// Template = "builtin/creditcardnumber", + /// TweakSource = "internal", + /// AllowedRoles = new[] + /// { + /// "payments", + /// }, + /// }); + /// + /// var payments = new Vault.Transform.Role("payments", new() + /// { + /// Path = ccn_fpe.Path, + /// Transformations = new[] + /// { + /// "ccn-fpe", + /// }, + /// }); + /// + /// var test = Vault.Transform.GetEncode.Invoke(new() + /// { + /// Path = payments.Path, + /// RoleName = "payments", + /// BatchInputs = new[] + /// { + /// + /// { + /// { "value", "1111-2222-3333-4444" }, + /// }, + /// }, + /// }); + /// + /// }); + /// ``` + /// {{% /example %}} + /// {{% /examples %}} /// public static Output Invoke(GetEncodeInvokeArgs args, InvokeOptions? options = null) => global::Pulumi.Deployment.Instance.Invoke("vault:transform/getEncode:getEncode", args ?? new GetEncodeInvokeArgs(), options.WithDefaults()); @@ -61,6 +175,15 @@ public List> BatchResults [Input("encodedValue")] public string? EncodedValue { get; set; } + /// + /// The namespace of the target resource. + /// The value should not contain leading or trailing forward slashes. + /// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + /// *Available only for Vault Enterprise*. + /// + [Input("namespace")] + public string? Namespace { get; set; } + /// /// Path to where the back-end is mounted within Vault. /// @@ -129,6 +252,15 @@ public InputList> BatchResults [Input("encodedValue")] public Input? EncodedValue { get; set; } + /// + /// The namespace of the target resource. + /// The value should not contain leading or trailing forward slashes. + /// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + /// *Available only for Vault Enterprise*. + /// + [Input("namespace")] + public Input? Namespace { get; set; } + /// /// Path to where the back-end is mounted within Vault. /// @@ -176,6 +308,7 @@ public sealed class GetEncodeResult /// The provider-assigned unique ID for this managed resource. /// public readonly string Id; + public readonly string? Namespace; public readonly string Path; public readonly string RoleName; public readonly string? Transformation; @@ -192,6 +325,8 @@ private GetEncodeResult( string id, + string? @namespace, + string path, string roleName, @@ -206,6 +341,7 @@ private GetEncodeResult( BatchResults = batchResults; EncodedValue = encodedValue; Id = id; + Namespace = @namespace; Path = path; RoleName = roleName; Transformation = transformation; diff --git a/sdk/dotnet/Transform/Role.cs b/sdk/dotnet/Transform/Role.cs index aaa562462..63c967ad0 100644 --- a/sdk/dotnet/Transform/Role.cs +++ b/sdk/dotnet/Transform/Role.cs @@ -19,6 +19,7 @@ namespace Pulumi.Vault.Transform /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -51,6 +52,15 @@ public partial class Role : global::Pulumi.CustomResource [Output("name")] public Output Name { get; private set; } = null!; + /// + /// The namespace to provision the resource in. + /// The value should not contain leading or trailing forward slashes. + /// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + /// *Available only for Vault Enterprise*. + /// + [Output("namespace")] + public Output Namespace { get; private set; } = null!; + /// /// Path to where the back-end is mounted within Vault. /// @@ -115,6 +125,15 @@ public sealed class RoleArgs : global::Pulumi.ResourceArgs [Input("name")] public Input? Name { get; set; } + /// + /// The namespace to provision the resource in. + /// The value should not contain leading or trailing forward slashes. + /// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + /// *Available only for Vault Enterprise*. + /// + [Input("namespace")] + public Input? Namespace { get; set; } + /// /// Path to where the back-end is mounted within Vault. /// @@ -147,6 +166,15 @@ public sealed class RoleState : global::Pulumi.ResourceArgs [Input("name")] public Input? Name { get; set; } + /// + /// The namespace to provision the resource in. + /// The value should not contain leading or trailing forward slashes. + /// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + /// *Available only for Vault Enterprise*. + /// + [Input("namespace")] + public Input? Namespace { get; set; } + /// /// Path to where the back-end is mounted within Vault. /// diff --git a/sdk/dotnet/Transform/Template.cs b/sdk/dotnet/Transform/Template.cs index 785bcb1a1..8ed64ca9b 100644 --- a/sdk/dotnet/Transform/Template.cs +++ b/sdk/dotnet/Transform/Template.cs @@ -9,6 +9,60 @@ namespace Pulumi.Vault.Transform { + /// + /// This resource supports the `/transform/template/{name}` Vault endpoint. + /// + /// It creates or updates a template with the given name. If a template with the name does not exist, + /// it will be created. If the template exists, it will be updated with the new attributes. + /// + /// > Requires _Vault Enterprise with the Advanced Data Protection Transform Module_. + /// See [Transform Secrets Engine](https://www.vaultproject.io/docs/secrets/transform) + /// for more information. + /// + /// ## Example Usage + /// + /// Please note that the `pattern` below holds a regex. The regex shown + /// is identical to the one in our [Setup](https://www.vaultproject.io/docs/secrets/transform#setup) + /// docs, `(\d{4})-(\d{4})-(\d{4})-(\d{4})`. However, due to HCL, the + /// backslashes must be escaped to appear correctly in Vault. For further + /// assistance escaping your own custom regex, see String Literals. + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Vault = Pulumi.Vault; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var transform = new Vault.Mount("transform", new() + /// { + /// Path = "transform", + /// Type = "transform", + /// }); + /// + /// var numerics = new Vault.Transform.Alphabet("numerics", new() + /// { + /// Path = transform.Path, + /// AlphabetSet = "0123456789", + /// }); + /// + /// var test = new Vault.Transform.Template("test", new() + /// { + /// Path = numerics.Path, + /// Type = "regex", + /// Pattern = "(\\d{4})[- ](\\d{4})[- ](\\d{4})[- ](\\d{4})", + /// Alphabet = "numerics", + /// EncodeFormat = "$1-$2-$3-$4", + /// DecodeFormats = + /// { + /// { "last-four-digits", "$4" }, + /// }, + /// }); + /// + /// }); + /// ``` + /// [VaultResourceType("vault:transform/template:Template")] public partial class Template : global::Pulumi.CustomResource { @@ -19,14 +73,14 @@ public partial class Template : global::Pulumi.CustomResource public Output Alphabet { get; private set; } = null!; /// - /// - Optional mapping of name to regular expression template, used to customize + /// Optional mapping of name to regular expression template, used to customize /// the decoded output. (requires Vault Enterprise 1.9+) /// [Output("decodeFormats")] public Output?> DecodeFormats { get; private set; } = null!; /// - /// - The regular expression template used to format encoded values. + /// The regular expression template used to format encoded values. /// (requires Vault Enterprise 1.9+) /// [Output("encodeFormat")] @@ -38,6 +92,15 @@ public partial class Template : global::Pulumi.CustomResource [Output("name")] public Output Name { get; private set; } = null!; + /// + /// The namespace to provision the resource in. + /// The value should not contain leading or trailing forward slashes. + /// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + /// *Available only for Vault Enterprise*. + /// + [Output("namespace")] + public Output Namespace { get; private set; } = null!; + /// /// Path to where the back-end is mounted within Vault. /// @@ -112,7 +175,7 @@ public sealed class TemplateArgs : global::Pulumi.ResourceArgs private InputMap? _decodeFormats; /// - /// - Optional mapping of name to regular expression template, used to customize + /// Optional mapping of name to regular expression template, used to customize /// the decoded output. (requires Vault Enterprise 1.9+) /// public InputMap DecodeFormats @@ -122,7 +185,7 @@ public InputMap DecodeFormats } /// - /// - The regular expression template used to format encoded values. + /// The regular expression template used to format encoded values. /// (requires Vault Enterprise 1.9+) /// [Input("encodeFormat")] @@ -134,6 +197,15 @@ public InputMap DecodeFormats [Input("name")] public Input? Name { get; set; } + /// + /// The namespace to provision the resource in. + /// The value should not contain leading or trailing forward slashes. + /// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + /// *Available only for Vault Enterprise*. + /// + [Input("namespace")] + public Input? Namespace { get; set; } + /// /// Path to where the back-end is mounted within Vault. /// @@ -170,7 +242,7 @@ public sealed class TemplateState : global::Pulumi.ResourceArgs private InputMap? _decodeFormats; /// - /// - Optional mapping of name to regular expression template, used to customize + /// Optional mapping of name to regular expression template, used to customize /// the decoded output. (requires Vault Enterprise 1.9+) /// public InputMap DecodeFormats @@ -180,7 +252,7 @@ public InputMap DecodeFormats } /// - /// - The regular expression template used to format encoded values. + /// The regular expression template used to format encoded values. /// (requires Vault Enterprise 1.9+) /// [Input("encodeFormat")] @@ -192,6 +264,15 @@ public InputMap DecodeFormats [Input("name")] public Input? Name { get; set; } + /// + /// The namespace to provision the resource in. + /// The value should not contain leading or trailing forward slashes. + /// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + /// *Available only for Vault Enterprise*. + /// + [Input("namespace")] + public Input? Namespace { get; set; } + /// /// Path to where the back-end is mounted within Vault. /// diff --git a/sdk/dotnet/Transform/Transformation.cs b/sdk/dotnet/Transform/Transformation.cs index 7a19d7a4d..2fe514ab2 100644 --- a/sdk/dotnet/Transform/Transformation.cs +++ b/sdk/dotnet/Transform/Transformation.cs @@ -38,6 +38,15 @@ public partial class Transformation : global::Pulumi.CustomResource [Output("name")] public Output Name { get; private set; } = null!; + /// + /// The namespace to provision the resource in. + /// The value should not contain leading or trailing forward slashes. + /// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + /// *Available only for Vault Enterprise*. + /// + [Output("namespace")] + public Output Namespace { get; private set; } = null!; + /// /// Path to where the back-end is mounted within Vault. /// @@ -146,6 +155,15 @@ public InputList AllowedRoles [Input("name")] public Input? Name { get; set; } + /// + /// The namespace to provision the resource in. + /// The value should not contain leading or trailing forward slashes. + /// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + /// *Available only for Vault Enterprise*. + /// + [Input("namespace")] + public Input? Namespace { get; set; } + /// /// Path to where the back-end is mounted within Vault. /// @@ -222,6 +240,15 @@ public InputList AllowedRoles [Input("name")] public Input? Name { get; set; } + /// + /// The namespace to provision the resource in. + /// The value should not contain leading or trailing forward slashes. + /// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + /// *Available only for Vault Enterprise*. + /// + [Input("namespace")] + public Input? Namespace { get; set; } + /// /// Path to where the back-end is mounted within Vault. /// diff --git a/sdk/dotnet/Transit/GetDecrypt.cs b/sdk/dotnet/Transit/GetDecrypt.cs index dc4a4b9a7..e3782e960 100644 --- a/sdk/dotnet/Transit/GetDecrypt.cs +++ b/sdk/dotnet/Transit/GetDecrypt.cs @@ -20,6 +20,7 @@ public static class GetDecrypt /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// @@ -49,6 +50,7 @@ public static Task InvokeAsync(GetDecryptArgs args, InvokeOpti /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Transit/SecretBackendKey.cs b/sdk/dotnet/Transit/SecretBackendKey.cs index ccbaf2132..b122a5de6 100644 --- a/sdk/dotnet/Transit/SecretBackendKey.cs +++ b/sdk/dotnet/Transit/SecretBackendKey.cs @@ -16,6 +16,7 @@ namespace Pulumi.Vault.Transit /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/Transit/SecretCacheConfig.cs b/sdk/dotnet/Transit/SecretCacheConfig.cs index 2620f3795..e73f339c7 100644 --- a/sdk/dotnet/Transit/SecretCacheConfig.cs +++ b/sdk/dotnet/Transit/SecretCacheConfig.cs @@ -16,6 +16,7 @@ namespace Pulumi.Vault.Transit /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/kv/GetSecret.cs b/sdk/dotnet/kv/GetSecret.cs index 662e73938..8857fe696 100644 --- a/sdk/dotnet/kv/GetSecret.cs +++ b/sdk/dotnet/kv/GetSecret.cs @@ -18,6 +18,7 @@ public static class GetSecret /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using System.Text.Json; /// using Pulumi; /// using Vault = Pulumi.Vault; @@ -68,6 +69,7 @@ public static Task InvokeAsync(GetSecretArgs args, InvokeOption /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using System.Text.Json; /// using Pulumi; /// using Vault = Pulumi.Vault; diff --git a/sdk/dotnet/kv/GetSecretSubkeysV2.cs b/sdk/dotnet/kv/GetSecretSubkeysV2.cs index 075af0b94..7a7c72ed0 100644 --- a/sdk/dotnet/kv/GetSecretSubkeysV2.cs +++ b/sdk/dotnet/kv/GetSecretSubkeysV2.cs @@ -18,6 +18,7 @@ public static class GetSecretSubkeysV2 /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using System.Text.Json; /// using Pulumi; /// using Vault = Pulumi.Vault; @@ -69,6 +70,7 @@ public static Task InvokeAsync(GetSecretSubkeysV2Args /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using System.Text.Json; /// using Pulumi; /// using Vault = Pulumi.Vault; diff --git a/sdk/dotnet/kv/GetSecretsList.cs b/sdk/dotnet/kv/GetSecretsList.cs index e3424b2eb..02478674f 100644 --- a/sdk/dotnet/kv/GetSecretsList.cs +++ b/sdk/dotnet/kv/GetSecretsList.cs @@ -18,6 +18,7 @@ public static class GetSecretsList /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using System.Text.Json; /// using Pulumi; /// using Vault = Pulumi.Vault; @@ -76,6 +77,7 @@ public static Task InvokeAsync(GetSecretsListArgs args, In /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using System.Text.Json; /// using Pulumi; /// using Vault = Pulumi.Vault; diff --git a/sdk/dotnet/kv/GetSecretsListV2.cs b/sdk/dotnet/kv/GetSecretsListV2.cs index 92549f9cd..4a8f70ba9 100644 --- a/sdk/dotnet/kv/GetSecretsListV2.cs +++ b/sdk/dotnet/kv/GetSecretsListV2.cs @@ -18,6 +18,7 @@ public static class GetSecretsListV2 /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using System.Text.Json; /// using Pulumi; /// using Vault = Pulumi.Vault; @@ -91,6 +92,7 @@ public static Task InvokeAsync(GetSecretsListV2Args args /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using System.Text.Json; /// using Pulumi; /// using Vault = Pulumi.Vault; diff --git a/sdk/dotnet/kv/Secret.cs b/sdk/dotnet/kv/Secret.cs index f6f45914c..ac25e3dc8 100644 --- a/sdk/dotnet/kv/Secret.cs +++ b/sdk/dotnet/kv/Secret.cs @@ -19,6 +19,7 @@ namespace Pulumi.Vault.kv /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using System.Text.Json; /// using Pulumi; /// using Vault = Pulumi.Vault; diff --git a/sdk/dotnet/kv/SecretBackendV2.cs b/sdk/dotnet/kv/SecretBackendV2.cs index 226f9b2a9..63d718ee1 100644 --- a/sdk/dotnet/kv/SecretBackendV2.cs +++ b/sdk/dotnet/kv/SecretBackendV2.cs @@ -20,6 +20,7 @@ namespace Pulumi.Vault.kv /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using Pulumi; /// using Vault = Pulumi.Vault; /// diff --git a/sdk/dotnet/kv/SecretV2.cs b/sdk/dotnet/kv/SecretV2.cs index 6aa549512..0e7f2ee17 100644 --- a/sdk/dotnet/kv/SecretV2.cs +++ b/sdk/dotnet/kv/SecretV2.cs @@ -19,6 +19,7 @@ namespace Pulumi.Vault.kv /// /// ```csharp /// using System.Collections.Generic; + /// using System.Linq; /// using System.Text.Json; /// using Pulumi; /// using Vault = Pulumi.Vault; diff --git a/sdk/go.mod b/sdk/go.mod index 47bf25454..d243db563 100644 --- a/sdk/go.mod +++ b/sdk/go.mod @@ -4,60 +4,89 @@ go 1.21 require ( github.com/blang/semver v3.5.1+incompatible - github.com/pkg/errors v0.9.1 - github.com/pulumi/pulumi/sdk/v3 v3.37.2 + github.com/pulumi/pulumi/sdk/v3 v3.92.0 ) require ( + dario.cat/mergo v1.0.0 // indirect + github.com/Microsoft/go-winio v0.6.1 // indirect + github.com/ProtonMail/go-crypto v0.0.0-20230828082145-3c4c8a2d2371 // indirect + github.com/acomagu/bufpipe v1.0.4 // indirect github.com/aead/chacha20 v0.0.0-20180709150244-8b13a72661da // indirect - github.com/cheggaaa/pb v1.0.27 // indirect - github.com/djherbis/times v1.2.0 // indirect - github.com/emirpasic/gods v1.12.0 // indirect - github.com/gofrs/uuid v3.3.0+incompatible // indirect + github.com/agext/levenshtein v1.2.3 // indirect + github.com/apparentlymart/go-textseg/v13 v13.0.0 // indirect + github.com/atotto/clipboard v0.1.4 // indirect + github.com/aymanbagabas/go-osc52/v2 v2.0.1 // indirect + github.com/charmbracelet/bubbles v0.16.1 // indirect + github.com/charmbracelet/bubbletea v0.24.2 // indirect + github.com/charmbracelet/lipgloss v0.7.1 // indirect + github.com/cheggaaa/pb v1.0.29 // indirect + github.com/cloudflare/circl v1.3.3 // indirect + github.com/containerd/console v1.0.4-0.20230313162750-1ae8d489ac81 // indirect + github.com/cyphar/filepath-securejoin v0.2.4 // indirect + github.com/djherbis/times v1.5.0 // indirect + github.com/emirpasic/gods v1.18.1 // indirect + github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect + github.com/go-git/go-billy/v5 v5.5.0 // indirect + github.com/go-git/go-git/v5 v5.9.0 // indirect github.com/gogo/protobuf v1.3.2 // indirect - github.com/golang/glog v1.0.0 // indirect - github.com/golang/protobuf v1.5.2 // indirect + github.com/golang/glog v1.1.0 // indirect + github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect + github.com/golang/protobuf v1.5.3 // indirect github.com/grpc-ecosystem/grpc-opentracing v0.0.0-20180507213350-8e809c8a8645 // indirect - github.com/hashicorp/errwrap v1.0.0 // indirect - github.com/hashicorp/go-multierror v1.0.0 // indirect - github.com/inconshreveable/mousetrap v1.0.0 // indirect + github.com/hashicorp/errwrap v1.1.0 // indirect + github.com/hashicorp/go-multierror v1.1.1 // indirect + github.com/hashicorp/hcl/v2 v2.17.0 // indirect + github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect - github.com/kevinburke/ssh_config v0.0.0-20190725054713-01f96b0aa0cd // indirect - github.com/mattn/go-isatty v0.0.16 // indirect - github.com/mattn/go-runewidth v0.0.8 // indirect - github.com/mitchellh/go-homedir v1.1.0 // indirect + github.com/kevinburke/ssh_config v1.2.0 // indirect + github.com/lucasb-eyer/go-colorful v1.2.0 // indirect + github.com/mattn/go-isatty v0.0.18 // indirect + github.com/mattn/go-localereader v0.0.1 // indirect + github.com/mattn/go-runewidth v0.0.14 // indirect github.com/mitchellh/go-ps v1.0.0 // indirect - github.com/opentracing/basictracer-go v1.0.0 // indirect - github.com/opentracing/opentracing-go v1.1.0 // indirect + github.com/mitchellh/go-wordwrap v1.0.1 // indirect + github.com/muesli/ansi v0.0.0-20211018074035-2e021307bc4b // indirect + github.com/muesli/cancelreader v0.2.2 // indirect + github.com/muesli/reflow v0.3.0 // indirect + github.com/muesli/termenv v0.15.1 // indirect + github.com/opentracing/basictracer-go v1.1.0 // indirect + github.com/opentracing/opentracing-go v1.2.0 // indirect + github.com/pjbgf/sha1cd v0.3.0 // indirect + github.com/pkg/errors v0.9.1 // indirect github.com/pkg/term v1.1.0 // indirect - github.com/rivo/uniseg v0.2.0 // indirect - github.com/rogpeppe/go-internal v1.8.1 // indirect - github.com/sabhiram/go-gitignore v0.0.0-20180611051255-d3107576ba94 // indirect - github.com/sergi/go-diff v1.1.0 // indirect - github.com/spf13/cast v1.3.1 // indirect - github.com/spf13/cobra v1.4.0 // indirect + github.com/pulumi/esc v0.5.6 // indirect + github.com/rivo/uniseg v0.4.4 // indirect + github.com/rogpeppe/go-internal v1.11.0 // indirect + github.com/sabhiram/go-gitignore v0.0.0-20210923224102-525f6e181f06 // indirect + github.com/santhosh-tekuri/jsonschema/v5 v5.0.0 // indirect + github.com/sergi/go-diff v1.3.1 // indirect + github.com/skeema/knownhosts v1.2.0 // indirect + github.com/spf13/cast v1.4.1 // indirect + github.com/spf13/cobra v1.7.0 // indirect github.com/spf13/pflag v1.0.5 // indirect - github.com/src-d/gcfg v1.4.0 // indirect - github.com/stretchr/testify v1.8.1 // indirect - github.com/texttheater/golang-levenshtein v0.0.0-20191208221605-eb6844b05fc6 // indirect + github.com/stretchr/objx v0.5.0 // indirect + github.com/texttheater/golang-levenshtein v1.0.1 // indirect github.com/tweekmonster/luser v0.0.0-20161003172636-3fa38070dbd7 // indirect - github.com/uber/jaeger-client-go v2.22.1+incompatible // indirect - github.com/uber/jaeger-lib v2.2.0+incompatible // indirect - github.com/xanzy/ssh-agent v0.2.1 // indirect - go.uber.org/atomic v1.6.0 // indirect + github.com/uber/jaeger-client-go v2.30.0+incompatible // indirect + github.com/uber/jaeger-lib v2.4.1+incompatible // indirect + github.com/xanzy/ssh-agent v0.3.3 // indirect + github.com/zclconf/go-cty v1.13.2 // indirect + go.uber.org/atomic v1.9.0 // indirect golang.org/x/crypto v0.14.0 // indirect - golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 // indirect + golang.org/x/exp v0.0.0-20231006140011-7918f672742d // indirect + golang.org/x/mod v0.13.0 // indirect golang.org/x/net v0.17.0 // indirect + golang.org/x/sync v0.4.0 // indirect golang.org/x/sys v0.13.0 // indirect golang.org/x/term v0.13.0 // indirect golang.org/x/text v0.13.0 // indirect - google.golang.org/genproto v0.0.0-20230303212802-e74f57abe488 // indirect - google.golang.org/grpc v1.53.0 // indirect - google.golang.org/protobuf v1.28.1 // indirect - gopkg.in/src-d/go-billy.v4 v4.3.2 // indirect - gopkg.in/src-d/go-git.v4 v4.13.1 // indirect + golang.org/x/tools v0.14.0 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20230706204954-ccb25ca9f130 // indirect + google.golang.org/grpc v1.57.1 // indirect + google.golang.org/protobuf v1.31.0 // indirect gopkg.in/warnings.v0 v0.1.2 // indirect - gopkg.in/yaml.v2 v2.4.0 // indirect + gopkg.in/yaml.v3 v3.0.1 // indirect lukechampine.com/frand v1.4.2 // indirect - sourcegraph.com/sourcegraph/appdash v0.0.0-20190731080439-ebfcffb1b5c0 // indirect + sourcegraph.com/sourcegraph/appdash v0.0.0-20211028080628-e2786a622600 // indirect ) diff --git a/sdk/go.sum b/sdk/go.sum index 1ac2c870d..25b6e61ac 100644 --- a/sdk/go.sum +++ b/sdk/go.sum @@ -1,215 +1,312 @@ +dario.cat/mergo v1.0.0 h1:AGCNq9Evsj31mOgNPcLyXc+4PNABt905YmuqPYYpBWk= +dario.cat/mergo v1.0.0/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk= +github.com/HdrHistogram/hdrhistogram-go v1.1.2 h1:5IcZpTvzydCQeHzK4Ef/D5rrSqwxob0t8PQPMybUNFM= +github.com/HdrHistogram/hdrhistogram-go v1.1.2/go.mod h1:yDgFjdqOqDEKOvasDdhWNXYg9BVp4O+o5f6V/ehm6Oo= +github.com/Microsoft/go-winio v0.5.2/go.mod h1:WpS1mjBmmwHBEWmogvA2mj8546UReBk4v8QkMxJ6pZY= +github.com/Microsoft/go-winio v0.6.1 h1:9/kr64B9VUZrLm5YYwbGtUJnMgqWVOdUAXu6Migciow= +github.com/Microsoft/go-winio v0.6.1/go.mod h1:LRdKpFKfdobln8UmuiYcKPot9D2v6svN5+sAH+4kjUM= +github.com/ProtonMail/go-crypto v0.0.0-20230828082145-3c4c8a2d2371 h1:kkhsdkhsCvIsutKu5zLMgWtgh9YxGCNAw8Ad8hjwfYg= +github.com/ProtonMail/go-crypto v0.0.0-20230828082145-3c4c8a2d2371/go.mod h1:EjAoLdwvbIOoOQr3ihjnSoLZRtE8azugULFRteWMNc0= +github.com/acomagu/bufpipe v1.0.4 h1:e3H4WUzM3npvo5uv95QuJM3cQspFNtFBzvJ2oNjKIDQ= +github.com/acomagu/bufpipe v1.0.4/go.mod h1:mxdxdup/WdsKVreO5GpW4+M/1CE2sMG4jeGJ2sYmHc4= github.com/aead/chacha20 v0.0.0-20180709150244-8b13a72661da h1:KjTM2ks9d14ZYCvmHS9iAKVt9AyzRSqNU1qabPih5BY= github.com/aead/chacha20 v0.0.0-20180709150244-8b13a72661da/go.mod h1:eHEWzANqSiWQsof+nXEI9bUVUyV6F53Fp89EuCh2EAA= -github.com/alcortesm/tgz v0.0.0-20161220082320-9c5fe88206d7 h1:uSoVVbwJiQipAclBbw+8quDsfcvFjOpI5iCf4p/cqCs= -github.com/alcortesm/tgz v0.0.0-20161220082320-9c5fe88206d7/go.mod h1:6zEj6s6u/ghQa61ZWa/C2Aw3RkjiTBOix7dkqa1VLIs= -github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239 h1:kFOfPq6dUM1hTo4JG6LR5AXSUEsOjtdm0kw0FtQtMJA= -github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239/go.mod h1:2FmKhYUyUczH0OGQWaF5ceTx0UBShxjsH6f8oGKYe2c= +github.com/agext/levenshtein v1.2.3 h1:YB2fHEn0UJagG8T1rrWknE3ZQzWM06O8AMAatNn7lmo= +github.com/agext/levenshtein v1.2.3/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= +github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be h1:9AeTilPcZAjCFIImctFaOjnTIavg87rW78vTPkQqLI8= +github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be/go.mod h1:ySMOLuWl6zY27l47sB3qLNK6tF2fkHG55UZxx8oIVo4= +github.com/apparentlymart/go-textseg/v13 v13.0.0 h1:Y+KvPE1NYz0xl601PVImeQfFyEy6iT90AvPUL1NNfNw= +github.com/apparentlymart/go-textseg/v13 v13.0.0/go.mod h1:ZK2fH7c4NqDTLtiYLvIkEghdlcqw7yxLeM89kiTRPUo= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= +github.com/atotto/clipboard v0.1.4 h1:EH0zSVneZPSuFR11BlR9YppQTVDbh5+16AmcJi4g1z4= +github.com/atotto/clipboard v0.1.4/go.mod h1:ZY9tmq7sm5xIbd9bOK4onWV4S6X0u6GY7Vn0Yu86PYI= +github.com/aymanbagabas/go-osc52/v2 v2.0.1 h1:HwpRHbFMcZLEVr42D4p7XBqjyuxQH5SMiErDT4WkJ2k= +github.com/aymanbagabas/go-osc52/v2 v2.0.1/go.mod h1:uYgXzlJ7ZpABp8OJ+exZzJJhRNQ2ASbcXHWsFqH8hp8= github.com/blang/semver v3.5.1+incompatible h1:cQNTCjp13qL8KC3Nbxr/y2Bqb63oX6wdnnjpJbkM4JQ= github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= -github.com/cheggaaa/pb v1.0.27 h1:wIkZHkNfC7R6GI5w7l/PdAdzXzlrbcI3p8OAlnkTsnc= -github.com/cheggaaa/pb v1.0.27/go.mod h1:pQciLPpbU0oxA0h+VJYYLxO+XeDQb5pZijXscXHm81s= -github.com/codahale/hdrhistogram v0.0.0-20161010025455-3a0bb77429bd h1:qMd81Ts1T2OTKmB4acZcyKaMtRnY5Y44NuXGX2GFJ1w= -github.com/codahale/hdrhistogram v0.0.0-20161010025455-3a0bb77429bd/go.mod h1:sE/e/2PUdi/liOCUjSTXgM1o87ZssimdTWN964YiIeI= -github.com/cpuguy83/go-md2man/v2 v2.0.1/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= -github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY= +github.com/bwesterb/go-ristretto v1.2.3/go.mod h1:fUIoIZaG73pV5biE2Blr2xEzDoMj7NFEuV9ekS419A0= +github.com/charmbracelet/bubbles v0.16.1 h1:6uzpAAaT9ZqKssntbvZMlksWHruQLNxg49H5WdeuYSY= +github.com/charmbracelet/bubbles v0.16.1/go.mod h1:2QCp9LFlEsBQMvIYERr7Ww2H2bA7xen1idUDIzm/+Xc= +github.com/charmbracelet/bubbletea v0.24.2 h1:uaQIKx9Ai6Gdh5zpTbGiWpytMU+CfsPp06RaW2cx/SY= +github.com/charmbracelet/bubbletea v0.24.2/go.mod h1:XdrNrV4J8GiyshTtx3DNuYkR1FDaJmO3l2nejekbsgg= +github.com/charmbracelet/lipgloss v0.7.1 h1:17WMwi7N1b1rVWOjMT+rCh7sQkvDU75B2hbZpc5Kc1E= +github.com/charmbracelet/lipgloss v0.7.1/go.mod h1:yG0k3giv8Qj8edTCbbg6AlQ5e8KNWpFujkNawKNhE2c= +github.com/cheggaaa/pb v1.0.29 h1:FckUN5ngEk2LpvuG0fw1GEFx6LtyY2pWI/Z2QgCnEYo= +github.com/cheggaaa/pb v1.0.29/go.mod h1:W40334L7FMC5JKWldsTWbdGjLo0RxUKK73K+TuPxX30= +github.com/cloudflare/circl v1.3.3 h1:fE/Qz0QdIGqeWfnwq0RE0R7MI51s0M2E4Ga9kq5AEMs= +github.com/cloudflare/circl v1.3.3/go.mod h1:5XYMA4rFBvNIrhs50XuiBJ15vF2pZn4nnUKZrLbUZFA= +github.com/containerd/console v1.0.4-0.20230313162750-1ae8d489ac81 h1:q2hJAaP1k2wIvVRd/hEHD7lacgqrCPS+k8g1MndzfWY= +github.com/containerd/console v1.0.4-0.20230313162750-1ae8d489ac81/go.mod h1:YynlIjWYF8myEu6sdkwKIvGQq+cOckRm6So2avqoYAk= +github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= +github.com/cyphar/filepath-securejoin v0.2.4 h1:Ugdm7cg7i6ZK6x3xDF1oEu1nfkyfH53EtKeQYTC3kyg= +github.com/cyphar/filepath-securejoin v0.2.4/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/djherbis/times v1.2.0 h1:xANXjsC/iBqbO00vkWlYwPWgBgEVU6m6AFYg0Pic+Mc= -github.com/djherbis/times v1.2.0/go.mod h1:CGMZlo255K5r4Yw0b9RRfFQpM2y7uOmxg4jm9HsaVf8= -github.com/emirpasic/gods v1.12.0 h1:QAUIPSaCu4G+POclxeqb3F+WPpdKqFGlw36+yOzGlrg= -github.com/emirpasic/gods v1.12.0/go.mod h1:YfzfFFoVP/catgzJb4IKIqXjX78Ha8FMSDh3ymbK86o= -github.com/fatih/color v1.9.0 h1:8xPHl4/q1VyqGIPif1F+1V3Y3lSmrq01EabUW3CoW5s= +github.com/djherbis/times v1.5.0 h1:79myA211VwPhFTqUk8xehWrsEO+zcIZj0zT8mXPVARU= +github.com/djherbis/times v1.5.0/go.mod h1:5q7FDLvbNg1L/KaBmPcWlVR9NmoKo3+ucqUA3ijQhA0= +github.com/elazarl/goproxy v0.0.0-20230808193330-2592e75ae04a h1:mATvB/9r/3gvcejNsXKSkQ6lcIaNec2nyfOdlTBR2lU= +github.com/elazarl/goproxy v0.0.0-20230808193330-2592e75ae04a/go.mod h1:Ro8st/ElPeALwNFlcTpWmkr6IoMFfkjXAvTHpevnDsM= +github.com/emirpasic/gods v1.18.1 h1:FXtiHYKDGKCW2KzwZKx0iC0PQmdlorYgdFG9jPXJ1Bc= +github.com/emirpasic/gods v1.18.1/go.mod h1:8tpGGwCnJ5H4r6BWwaV6OrWmMoPhUl5jm/FMNAnJvWQ= github.com/fatih/color v1.9.0/go.mod h1:eQcE1qtQxscV5RaZvpXrrb8Drkc3/DdQ+uUYCNjL+zU= -github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI435gkrCt3MPfRiAkVrwSbHsst4LCFVfpJc= -github.com/gliderlabs/ssh v0.2.2 h1:6zsha5zo/TWhRhwqCD3+EarCAgZ2yN28ipRnGPnwkI0= -github.com/gliderlabs/ssh v0.2.2/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0= -github.com/gofrs/uuid v3.3.0+incompatible h1:8K4tyRfvU1CYPgJsveYFQMhpFd/wXNM7iK6rR7UHz84= -github.com/gofrs/uuid v3.3.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM= +github.com/fatih/color v1.13.0 h1:8LOYc1KYPPmyKMuN8QV2DNRWNbLo6LZ0iLs8+mlH53w= +github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= +github.com/gliderlabs/ssh v0.3.5 h1:OcaySEmAQJgyYcArR+gGGTHCyE7nvhEMTlYY+Dp8CpY= +github.com/gliderlabs/ssh v0.3.5/go.mod h1:8XB4KraRrX39qHhT6yxPsHedjA08I/uBVwj4xC+/+z4= +github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 h1:+zs/tPmkDkHx3U66DAb0lQFJrpS6731Oaa12ikc+DiI= +github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376/go.mod h1:an3vInlBmSxCcxctByoQdvwPiA7DTK7jaaFDBTtu0ic= +github.com/go-git/go-billy/v5 v5.5.0 h1:yEY4yhzCDuMGSv83oGxiBotRzhwhNr8VZyphhiu+mTU= +github.com/go-git/go-billy/v5 v5.5.0/go.mod h1:hmexnoNsr2SJU1Ju67OaNz5ASJY3+sHgFRpCtpDCKow= +github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20230305113008-0c11038e723f h1:Pz0DHeFij3XFhoBRGUDPzSJ+w2UcK5/0JvF8DRI58r8= +github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20230305113008-0c11038e723f/go.mod h1:8LHG1a3SRW71ettAD/jW13h8c6AqjVSeL11RAdgaqpo= +github.com/go-git/go-git/v5 v5.9.0 h1:cD9SFA7sHVRdJ7AYck1ZaAa/yeuBvGPxwXDL8cxrObY= +github.com/go-git/go-git/v5 v5.9.0/go.mod h1:RKIqga24sWdMGZF+1Ekv9kylsDz6LzdTSI2s/OsZWE0= +github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= -github.com/golang/glog v1.0.0 h1:nfP3RFugxnNRyKgeWd4oI1nYvXpxrx8ck8ZrcizshdQ= -github.com/golang/glog v1.0.0/go.mod h1:EWib/APOK0SL3dFbYqvxE3UYd8E6s1ouQ7iEp/0LWV4= +github.com/golang/glog v1.1.0 h1:/d3pCKDPWNnvIWe0vVUpNP32qc8U3PDVxySP/y360qE= +github.com/golang/glog v1.1.0/go.mod h1:pfYeQZ3JWZoXTV5sFc986z3HTpwQs9At6P4ImfuP3NQ= +github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= +github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw= -github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= +github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/grpc-ecosystem/grpc-opentracing v0.0.0-20180507213350-8e809c8a8645 h1:MJG/KsmcqMwFAkh8mTnAwhyKoB+sTAnY4CACC110tbU= github.com/grpc-ecosystem/grpc-opentracing v0.0.0-20180507213350-8e809c8a8645/go.mod h1:6iZfnjpejD4L/4DwD7NryNaJyCQdzwWwH2MWhCA90Kw= -github.com/hashicorp/errwrap v1.0.0 h1:hLrqtEDnRye3+sgx6z4qVLNuviH3MR5aQ0ykNJa/UYA= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= -github.com/hashicorp/go-multierror v1.0.0 h1:iVjPR7a6H0tWELX5NxNe7bYopibicUzc7uPribsnS6o= -github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk= -github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM= -github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= +github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= +github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= +github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= +github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= +github.com/hashicorp/hcl/v2 v2.17.0 h1:z1XvSUyXd1HP10U4lrLg5e0JMVz6CPaJvAgxM0KNZVY= +github.com/hashicorp/hcl/v2 v2.17.0/go.mod h1:gJyW2PTShkJqQBKpAmPO3yxMxIuoXkOF2TpqXzrQyx4= +github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= +github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 h1:BQSFePA1RWJOlocH6Fxy8MmwDt+yVQYULKfN0RoTN8A= github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i6rXxKeerYnT8Nvf0QmHCRC1n8sfWVwXF2Frvo= -github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= -github.com/kevinburke/ssh_config v0.0.0-20190725054713-01f96b0aa0cd h1:Coekwdh0v2wtGp9Gmz1Ze3eVRAWJMLokvN3QjdzCHLY= -github.com/kevinburke/ssh_config v0.0.0-20190725054713-01f96b0aa0cd/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM= +github.com/kevinburke/ssh_config v1.2.0 h1:x584FjTGwHzMwvHx18PXxbBVzfnxogHaAReU4gf13a4= +github.com/kevinburke/ssh_config v1.2.0/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM= +github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pretty v0.2.1 h1:Fmg33tUaq4/8ym9TJN1x7sLJnHVwhP33CNkpYV/7rwI= -github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= +github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= +github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/pty v1.1.8/go.mod h1:O1sed60cT9XZ5uDucP5qwvh+TE3NnUj51EiZO/lmSfw= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/mattn/go-colorable v0.1.6 h1:6Su7aK7lXmJ/U79bYtBjLNaha4Fs1Rg9plHpcH+vvnE= -github.com/mattn/go-colorable v0.1.6/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= -github.com/mattn/go-isatty v0.0.16 h1:bq3VjFmv/sOjHtdEhmkEV4x1AJtvUvOJ2PFAZ5+peKQ= -github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= -github.com/mattn/go-runewidth v0.0.8 h1:3tS41NlGYSmhhe/8fhGRzc+z3AYCw1Fe1WAyLuujKs0= -github.com/mattn/go-runewidth v0.0.8/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= -github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= -github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= +github.com/lucasb-eyer/go-colorful v1.2.0 h1:1nnpGOrhyZZuNyfu1QjKiUICQ74+3FNCN69Aj6K7nkY= +github.com/lucasb-eyer/go-colorful v1.2.0/go.mod h1:R4dSotOR9KMtayYi1e77YzuveK+i7ruzyGqttikkLy0= +github.com/matryer/is v1.2.0 h1:92UTHpy8CDwaJ08GqLDzhhuixiBUUD1p3AU6PHddz4A= +github.com/matryer/is v1.2.0/go.mod h1:2fLPjFQM9rhQ15aVEtbuwhJinnOqrmgXPNdZsdwlWXA= +github.com/mattn/go-colorable v0.1.4/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE= +github.com/mattn/go-colorable v0.1.12 h1:jF+Du6AlPIjs2BiUiQlKOX0rt3SujHxPnksPKZbaA40= +github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4= +github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= +github.com/mattn/go-isatty v0.0.11/go.mod h1:PhnuNfih5lzO57/f3n+odYbM4JtupLOxQOAqxQCu2WE= +github.com/mattn/go-isatty v0.0.18 h1:DOKFKCQ7FNG2L1rbrmstDN4QVRdS89Nkh85u68Uwp98= +github.com/mattn/go-isatty v0.0.18/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= +github.com/mattn/go-localereader v0.0.1 h1:ygSAOl7ZXTx4RdPYinUpg6W99U8jWvWi9Ye2JC/oIi4= +github.com/mattn/go-localereader v0.0.1/go.mod h1:8fBrzywKY7BI3czFoHkuzRoWE9C+EiG4R1k4Cjx5p88= +github.com/mattn/go-runewidth v0.0.4/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= +github.com/mattn/go-runewidth v0.0.12/go.mod h1:RAqKPSqVFrSLVXbA8x7dzmKdmGzieGRCM46jaSJTDAk= +github.com/mattn/go-runewidth v0.0.14 h1:+xnbZSEeDbOIg5/mE6JF0w6n9duR1l3/WmbinWVwUuU= +github.com/mattn/go-runewidth v0.0.14/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= github.com/mitchellh/go-ps v1.0.0 h1:i6ampVEEF4wQFF+bkYfwYgY+F/uYJDktmvLPf7qIgjc= github.com/mitchellh/go-ps v1.0.0/go.mod h1:J4lOc8z8yJs6vUwklHw2XEIiT4z4C40KtWVN3nvg8Pg= -github.com/opentracing/basictracer-go v1.0.0 h1:YyUAhaEfjoWXclZVJ9sGoNct7j4TVk7lZWlQw5UXuoo= -github.com/opentracing/basictracer-go v1.0.0/go.mod h1:QfBfYuafItcjQuMwinw9GhYKwFXS9KnPs5lxoYwgW74= -github.com/opentracing/opentracing-go v1.1.0 h1:pWlfV3Bxv7k65HYwkikxat0+s3pV4bsqf19k25Ur8rU= +github.com/mitchellh/go-wordwrap v1.0.1 h1:TLuKupo69TCn6TQSyGxwI1EblZZEsQ0vMlAFQflz0v0= +github.com/mitchellh/go-wordwrap v1.0.1/go.mod h1:R62XHJLzvMFRBbcrT7m7WgmE1eOyTSsCt+hzestvNj0= +github.com/muesli/ansi v0.0.0-20211018074035-2e021307bc4b h1:1XF24mVaiu7u+CFywTdcDo2ie1pzzhwjt6RHqzpMU34= +github.com/muesli/ansi v0.0.0-20211018074035-2e021307bc4b/go.mod h1:fQuZ0gauxyBcmsdE3ZT4NasjaRdxmbCS0jRHsrWu3Ho= +github.com/muesli/cancelreader v0.2.2 h1:3I4Kt4BQjOR54NavqnDogx/MIoWBFa0StPA8ELUXHmA= +github.com/muesli/cancelreader v0.2.2/go.mod h1:3XuTXfFS2VjM+HTLZY9Ak0l6eUKfijIfMUZ4EgX0QYo= +github.com/muesli/reflow v0.3.0 h1:IFsN6K9NfGtjeggFP+68I4chLZV2yIKsXJFNZ+eWh6s= +github.com/muesli/reflow v0.3.0/go.mod h1:pbwTDkVPibjO2kyvBQRBxTWEEGDGq0FlB1BIKtnHY/8= +github.com/muesli/termenv v0.15.1 h1:UzuTb/+hhlBugQz28rpzey4ZuKcZ03MeKsoG7IJZIxs= +github.com/muesli/termenv v0.15.1/go.mod h1:HeAQPTzpfs016yGtA4g00CsdYnVLJvxsS4ANqrZs2sQ= +github.com/onsi/gomega v1.27.10 h1:naR28SdDFlqrG6kScpT8VWpu1xWY5nJRCF3XaYyBjhI= +github.com/onsi/gomega v1.27.10/go.mod h1:RsS8tutOdbdgzbPtzzATp12yT7kM5I5aElG3evPbQ0M= +github.com/opentracing/basictracer-go v1.1.0 h1:Oa1fTSBvAl8pa3U+IJYqrKm0NALwH9OsgwOqDv4xJW0= +github.com/opentracing/basictracer-go v1.1.0/go.mod h1:V2HZueSJEp879yv285Aap1BS69fQMD+MNP1mRs6mBQc= github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= -github.com/pelletier/go-buffruneio v0.2.0/go.mod h1:JkE26KsDizTr40EUHkXVtNPvgGtbSNq5BcowyYOWdKo= -github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA= -github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs= +github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc= +github.com/pjbgf/sha1cd v0.3.0 h1:4D5XXmUUBUl/xQ6IjCkEAbqXskkq/4O7LmGn0AqMDs4= +github.com/pjbgf/sha1cd v0.3.0/go.mod h1:nZ1rrWOcGJ5uZgEEVL1VUM9iRQiZvWdbZjkKyFzPPsI= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/term v1.1.0 h1:xIAAdCMh3QIAy+5FrE8Ad8XoDhEU4ufwbaSozViP9kk= github.com/pkg/term v1.1.0/go.mod h1:E25nymQcrSllhX42Ok8MRm1+hyBdHY0dCeiKZ9jpNGw= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/pulumi/pulumi/sdk/v3 v3.37.2 h1:tiPIZOWcOw/FmU8WHAOPePYiJm74yFc1DXLxDF1VKKo= -github.com/pulumi/pulumi/sdk/v3 v3.37.2/go.mod h1:e1xuPnh9aKzCesrFf96DEzcybLdRWRMhKeKVBmb2lm0= -github.com/rivo/uniseg v0.2.0 h1:S1pD9weZBuJdFmowNwbpi7BJ8TNftyUImj/0WQi72jY= +github.com/pulumi/esc v0.5.6 h1:4WV3X7OEVcChIwbSG+JxhZDdmq/q7lFPaSjHRYlPwmI= +github.com/pulumi/esc v0.5.6/go.mod h1:wpwNfVS5fV7Kd51j4dJ6FWYlKfxdqyppgp0gtkzqH04= +github.com/pulumi/pulumi/sdk/v3 v3.92.0 h1:vlcIp3lWUK/5ayRbi+nevEntQneez2FcE65dF98ICDY= +github.com/pulumi/pulumi/sdk/v3 v3.92.0/go.mod h1:zeqyIODqbb6GrEyhFV6aJET/xBSXSnF7Bw/EjbYZUnU= +github.com/rivo/uniseg v0.1.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= -github.com/rogpeppe/go-internal v1.8.1 h1:geMPLpDpQOgVyCg5z5GoRwLHepNdb71NXb67XFkP+Eg= -github.com/rogpeppe/go-internal v1.8.1/go.mod h1:JeRgkft04UBgHMgCIwADu4Pn6Mtm5d4nPKWu0nJ5d+o= +github.com/rivo/uniseg v0.4.4 h1:8TfxU8dW6PdqD27gjM8MVNuicgxIjxpm4K7x4jp8sis= +github.com/rivo/uniseg v0.4.4/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= +github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M= +github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUzkipdSkR5nkCZA= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= -github.com/sabhiram/go-gitignore v0.0.0-20180611051255-d3107576ba94 h1:G04eS0JkAIVZfaJLjla9dNxkJCPiKIGZlw9AfOhzOD0= -github.com/sabhiram/go-gitignore v0.0.0-20180611051255-d3107576ba94/go.mod h1:b18R55ulyQ/h3RaWyloPyER7fWQVZvimKKhnI5OfrJQ= -github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo= -github.com/sergi/go-diff v1.1.0 h1:we8PVUC3FE2uYfodKH/nBHMSetSfHDR6scGdBi+erh0= -github.com/sergi/go-diff v1.1.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= -github.com/spf13/cast v1.3.1 h1:nFm6S0SMdyzrzcmThSipiEubIDy8WEXKNZ0UOgiRpng= -github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= -github.com/spf13/cobra v1.4.0 h1:y+wJpx64xcgO1V+RcnwW0LEHxTKRi2ZDPSBjWnrg88Q= -github.com/spf13/cobra v1.4.0/go.mod h1:Wo4iy3BUC+X2Fybo0PDqwJIv3dNRiZLHQymsfxlB84g= +github.com/sabhiram/go-gitignore v0.0.0-20210923224102-525f6e181f06 h1:OkMGxebDjyw0ULyrTYWeN0UNCCkmCWfjPnIA2W6oviI= +github.com/sabhiram/go-gitignore v0.0.0-20210923224102-525f6e181f06/go.mod h1:+ePHsJ1keEjQtpvf9HHw0f4ZeJ0TLRsxhunSI2hYJSs= +github.com/santhosh-tekuri/jsonschema/v5 v5.0.0 h1:TToq11gyfNlrMFZiYujSekIsPd9AmsA2Bj/iv+s4JHE= +github.com/santhosh-tekuri/jsonschema/v5 v5.0.0/go.mod h1:FKdcjfQW6rpZSnxxUvEA5H/cDPdvJ/SZJQLWWXWGrZ0= +github.com/sergi/go-diff v1.3.1 h1:xkr+Oxo4BOQKmkn/B9eMK0g5Kg/983T9DqqPHwYqD+8= +github.com/sergi/go-diff v1.3.1/go.mod h1:aMJSSKb2lpPvRNec0+w3fl7LP9IOFzdc9Pa4NFbPK1I= +github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= +github.com/skeema/knownhosts v1.2.0 h1:h9r9cf0+u7wSE+M183ZtMGgOJKiL96brpaz5ekfJCpM= +github.com/skeema/knownhosts v1.2.0/go.mod h1:g4fPeYpque7P0xefxtGzV81ihjC8sX2IqpAoNkjxbMo= +github.com/spf13/cast v1.4.1 h1:s0hze+J0196ZfEMTs80N7UlFt0BDuQ7Q+JDnHiMWKdA= +github.com/spf13/cast v1.4.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= +github.com/spf13/cobra v1.7.0 h1:hyqWnYt1ZQShIddO5kBpj3vu05/++x6tJ6dg8EC572I= +github.com/spf13/cobra v1.7.0/go.mod h1:uLxZILRyS/50WlhOIKD7W6V5bgeIt+4sICxh6uRMrb0= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= -github.com/src-d/gcfg v1.4.0 h1:xXbNR5AlLSA315x2UO+fTSSAXCDf+Ar38/6oyGbDKQ4= -github.com/src-d/gcfg v1.4.0/go.mod h1:p/UMsR43ujA89BJY9duynAwIpvqEujIH/jFlfL7jWoI= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= +github.com/stretchr/objx v0.5.0 h1:1zr/of2m5FGMsad5YfcqgdqdWrIhu+EBEJRhR1U7z/c= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= +github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= +github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk= -github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/texttheater/golang-levenshtein v0.0.0-20191208221605-eb6844b05fc6 h1:9VTskZOIRf2vKF3UL8TuWElry5pgUpV1tFSe/e/0m/E= -github.com/texttheater/golang-levenshtein v0.0.0-20191208221605-eb6844b05fc6/go.mod h1:XDKHRm5ThF8YJjx001LtgelzsoaEcvnA7lVWz9EeX3g= +github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= +github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +github.com/texttheater/golang-levenshtein v1.0.1 h1:+cRNoVrfiwufQPhoMzB6N0Yf/Mqajr6t1lOv8GyGE2U= +github.com/texttheater/golang-levenshtein v1.0.1/go.mod h1:PYAKrbF5sAiq9wd+H82hs7gNaen0CplQ9uvm6+enD/8= github.com/tweekmonster/luser v0.0.0-20161003172636-3fa38070dbd7 h1:X9dsIWPuuEJlPX//UmRKophhOKCGXc46RVIGuttks68= github.com/tweekmonster/luser v0.0.0-20161003172636-3fa38070dbd7/go.mod h1:UxoP3EypF8JfGEjAII8jx1q8rQyDnX8qdTCs/UQBVIE= -github.com/uber/jaeger-client-go v2.22.1+incompatible h1:NHcubEkVbahf9t3p75TOCR83gdUHXjRJvjoBh1yACsM= -github.com/uber/jaeger-client-go v2.22.1+incompatible/go.mod h1:WVhlPFC8FDjOFMMWRy2pZqQJSXxYSwNYOkTr/Z6d3Kk= -github.com/uber/jaeger-lib v2.2.0+incompatible h1:MxZXOiR2JuoANZ3J6DE/U0kSFv/eJ/GfSYVCjK7dyaw= -github.com/uber/jaeger-lib v2.2.0+incompatible/go.mod h1:ComeNDZlWwrWnDv8aPp0Ba6+uUTzImX/AauajbLI56U= -github.com/xanzy/ssh-agent v0.2.1 h1:TCbipTQL2JiiCprBWx9frJ2eJlCYT00NmctrHxVAr70= -github.com/xanzy/ssh-agent v0.2.1/go.mod h1:mLlQY/MoOhWBj+gOGMQkOeiEvkx+8pJSI+0Bx9h2kr4= +github.com/uber/jaeger-client-go v2.30.0+incompatible h1:D6wyKGCecFaSRUpo8lCVbaOOb6ThwMmTEbhRwtKR97o= +github.com/uber/jaeger-client-go v2.30.0+incompatible/go.mod h1:WVhlPFC8FDjOFMMWRy2pZqQJSXxYSwNYOkTr/Z6d3Kk= +github.com/uber/jaeger-lib v2.4.1+incompatible h1:td4jdvLcExb4cBISKIpHuGoVXh+dVKhn2Um6rjCsSsg= +github.com/uber/jaeger-lib v2.4.1+incompatible/go.mod h1:ComeNDZlWwrWnDv8aPp0Ba6+uUTzImX/AauajbLI56U= +github.com/xanzy/ssh-agent v0.3.3 h1:+/15pJfg/RsTxqYcX6fHqOXZwwMP+2VyYWJeWM2qQFM= +github.com/xanzy/ssh-agent v0.3.3/go.mod h1:6dzNDKs0J9rVPHPhaGCukekBHKqfl+L3KghI1Bc68Uw= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -go.uber.org/atomic v1.6.0 h1:Ezj3JGmsOnG1MoRWQkPBsKLe9DwWD9QeXzTRzzldNVk= -go.uber.org/atomic v1.6.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ= -golang.org/x/crypto v0.0.0-20190219172222-a4c6cb3142f2/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= +github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= +github.com/zclconf/go-cty v1.13.2 h1:4GvrUxe/QUDYuJKAav4EYqdM47/kZa672LwmXFmEKT0= +github.com/zclconf/go-cty v1.13.2/go.mod h1:YKQzy/7pZ7iq2jNFzy5go57xdxdWoLLpaEp4u238AE0= +go.uber.org/atomic v1.9.0 h1:ECmE8Bn/WFTYwEW/bpKD3M8VtR/zQVbavAoalC1PYyE= +go.uber.org/atomic v1.9.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= +golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= +golang.org/x/crypto v0.3.1-0.20221117191849-2c476679df9a/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= +golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU= golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc= golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= -golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 h1:VLliZ0d+/avPrXXH+OakdXhpJuEoBZuwh1m2j7U6Iug= -golang.org/x/lint v0.0.0-20210508222113-6edffad5e616/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= +golang.org/x/exp v0.0.0-20231006140011-7918f672742d h1:jtJma62tbqLibJ5sFQz8bKtEM8rJBtfilJ2qTU199MI= +golang.org/x/exp v0.0.0-20231006140011-7918f672742d/go.mod h1:ldy0pHrwJyGW56pPQzzkH36rKxoZW1tw7ZJpeKx+hdo= +golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= +golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= +golang.org/x/mod v0.13.0 h1:I/DsJXRlw/8l/0c24sM9yb0T4z9liZTduXvdAWYiysY= +golang.org/x/mod v0.13.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200421231249-e086a090c8fd/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= +golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= +golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= +golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.4.0 h1:zxkM55ReGkDlKSM+Fu41A+zmbZuaPVbGMzvvdUPznYQ= +golang.org/x/sync v0.4.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190221075227-b4e8571b14e0/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190626221950-04f50cda93cb/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200909081042-eff7692f9009/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE= golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= +golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= +golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= +golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U= golang.org/x/term v0.13.0 h1:bb+I9cTfFazGW51MZqBVmZy7+JEJMouUHTUSKVQLBek= golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= +golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k= golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190729092621-ff9f1409240a/go.mod h1:jcCCGcm9btYwXyDqrUWc6MKQKKGJCWEQ3AfLSRIbEuI= -golang.org/x/tools v0.0.0-20191029041327-9cc4af7d6b2c/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.6.0 h1:BOw41kyTf3PuCW1pVQf8+Cyg8pMlkYB1oo9iJ6D/lKM= +golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= +golang.org/x/tools v0.14.0 h1:jvNa2pY0M4r62jkRQ6RwEZZyPcymeL9XZMLBbV7U2nc= +golang.org/x/tools v0.14.0/go.mod h1:uYBEerGOWcJyEORxN+Ek8+TT266gXkNlHdJBwexUsBg= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -google.golang.org/genproto v0.0.0-20230303212802-e74f57abe488 h1:QQF+HdiI4iocoxUjjpLgvTYDHKm99C/VtTBFnfiCJos= -google.golang.org/genproto v0.0.0-20230303212802-e74f57abe488/go.mod h1:TvhZT5f700eVlTNwND1xoEZQeWTB2RY/65kplwl/bFA= -google.golang.org/grpc v1.53.0 h1:LAv2ds7cmFV/XTS3XG1NneeENYrXGmorPxsBbptIjNc= -google.golang.org/grpc v1.53.0/go.mod h1:OnIrk0ipVdj4N5d9IUoFUx72/VlD7+jUsHwZgwSMQpw= +google.golang.org/genproto/googleapis/rpc v0.0.0-20230706204954-ccb25ca9f130 h1:2FZP5XuJY9zQyGM5N0rtovnoXjiMUEIUMvw0m9wlpLc= +google.golang.org/genproto/googleapis/rpc v0.0.0-20230706204954-ccb25ca9f130/go.mod h1:8mL13HKkDa+IuJ8yruA3ci0q+0vsUz4m//+ottjwS5o= +google.golang.org/grpc v1.57.1 h1:upNTNqv0ES+2ZOOqACwVtS3Il8M12/+Hz41RCPzAjQg= +google.golang.org/grpc v1.57.1/go.mod h1:Sd+9RMTACXwmub0zcNY2c4arhtrbBYD1AUHI/dt16Mo= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.28.1 h1:d0NfwRgPtno5B1Wa6L2DAG+KivqkdutMf1UhdNx175w= -google.golang.org/protobuf v1.28.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= +google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/cheggaaa/pb.v1 v1.0.28 h1:n1tBJnnK2r7g9OW2btFH91V92STTUevLXYFb8gy9EMk= -gopkg.in/cheggaaa/pb.v1 v1.0.28/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw= -gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= -gopkg.in/src-d/go-billy.v4 v4.3.2 h1:0SQA1pRztfTFx2miS8sA97XvooFeNOmvUenF4o0EcVg= -gopkg.in/src-d/go-billy.v4 v4.3.2/go.mod h1:nDjArDMp+XMs1aFAESLRjfGSgfvoYN0hDfzEk0GjC98= -gopkg.in/src-d/go-git-fixtures.v3 v3.5.0 h1:ivZFOIltbce2Mo8IjzUHAFoq/IylO9WHhNOAJK+LsJg= -gopkg.in/src-d/go-git-fixtures.v3 v3.5.0/go.mod h1:dLBcvytrw/TYZsNTWCnkNF2DSIlzWYqTe3rJR56Ac7g= -gopkg.in/src-d/go-git.v4 v4.13.1 h1:SRtFyV8Kxc0UP7aCHcijOMQGPxHSmMOPrzulQWolkYE= -gopkg.in/src-d/go-git.v4 v4.13.1/go.mod h1:nx5NYcxdKxq5fpltdHnPa2Exj4Sx0EclMWZQbYDu2z8= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/warnings.v0 v0.1.2 h1:wFXVbFY8DY5/xOe1ECiWdKCzZlxgshcYVNkBHstARME= gopkg.in/warnings.v0 v0.1.2/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= @@ -217,7 +314,7 @@ gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= lukechampine.com/frand v1.4.2 h1:RzFIpOvkMXuPMBb9maa4ND4wjBn71E1Jpf8BzJHMaVw= lukechampine.com/frand v1.4.2/go.mod h1:4S/TM2ZgrKejMcKMbeLjISpJMO+/eZ1zu3vYX9dtj3s= -pgregory.net/rapid v0.4.7 h1:MTNRktPuv5FNqOO151TM9mDTa+XHcX6ypYeISDVD14g= -pgregory.net/rapid v0.4.7/go.mod h1:UYpPVyjFHzYBGHIxLFoupi8vwk6rXNzRY9OMvVxFIOU= -sourcegraph.com/sourcegraph/appdash v0.0.0-20190731080439-ebfcffb1b5c0 h1:ucqkfpjg9WzSUubAO62csmucvxl4/JeW3F4I4909XkM= -sourcegraph.com/sourcegraph/appdash v0.0.0-20190731080439-ebfcffb1b5c0/go.mod h1:hI742Nqp5OhwiqlzhgfbWU4mW4yO10fP+LoT9WOswdU= +pgregory.net/rapid v0.5.5 h1:jkgx1TjbQPD/feRoK+S/mXw9e1uj6WilpHrXJowi6oA= +pgregory.net/rapid v0.5.5/go.mod h1:PY5XlDGj0+V1FCq0o192FdRhpKHGTRIWBgqjDBTrq04= +sourcegraph.com/sourcegraph/appdash v0.0.0-20211028080628-e2786a622600 h1:hfyJ5ku9yFtLVOiSxa3IN+dx5eBQT9mPmKFypAmg8XM= +sourcegraph.com/sourcegraph/appdash v0.0.0-20211028080628-e2786a622600/go.mod h1:hI742Nqp5OhwiqlzhgfbWU4mW4yO10fP+LoT9WOswdU= diff --git a/sdk/go/vault/ad/getAccessCredentials.go b/sdk/go/vault/ad/getAccessCredentials.go index 18614c09b..bfd2a7cd7 100644 --- a/sdk/go/vault/ad/getAccessCredentials.go +++ b/sdk/go/vault/ad/getAccessCredentials.go @@ -7,10 +7,13 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) func GetAccessCredentials(ctx *pulumi.Context, args *GetAccessCredentialsArgs, opts ...pulumi.InvokeOption) (*GetAccessCredentialsResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) var rv GetAccessCredentialsResult err := ctx.Invoke("vault:ad/getAccessCredentials:getAccessCredentials", args, &rv, opts...) if err != nil { @@ -96,6 +99,12 @@ func (o GetAccessCredentialsResultOutput) ToGetAccessCredentialsResultOutputWith return o } +func (o GetAccessCredentialsResultOutput) ToOutput(ctx context.Context) pulumix.Output[GetAccessCredentialsResult] { + return pulumix.Output[GetAccessCredentialsResult]{ + OutputState: o.OutputState, + } +} + func (o GetAccessCredentialsResultOutput) Backend() pulumi.StringOutput { return o.ApplyT(func(v GetAccessCredentialsResult) string { return v.Backend }).(pulumi.StringOutput) } diff --git a/sdk/go/vault/ad/init.go b/sdk/go/vault/ad/init.go index 2cbe3f7a8..71504d471 100644 --- a/sdk/go/vault/ad/init.go +++ b/sdk/go/vault/ad/init.go @@ -7,7 +7,7 @@ import ( "fmt" "github.com/blang/semver" - "github.com/pulumi/pulumi-vault/sdk/v5/go/vault" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) @@ -36,7 +36,7 @@ func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi } func init() { - version, err := vault.PkgVersion() + version, err := internal.PkgVersion() if err != nil { version = semver.Version{Major: 1} } diff --git a/sdk/go/vault/ad/secretBackend.go b/sdk/go/vault/ad/secretBackend.go index 9127f4ec3..1b0c345fe 100644 --- a/sdk/go/vault/ad/secretBackend.go +++ b/sdk/go/vault/ad/secretBackend.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -171,13 +173,13 @@ func NewSecretBackend(ctx *pulumi.Context, return nil, errors.New("invalid value for required argument 'Bindpass'") } if args.Bindpass != nil { - args.Bindpass = pulumi.ToSecret(args.Bindpass).(pulumi.StringOutput) + args.Bindpass = pulumi.ToSecret(args.Bindpass).(pulumi.StringInput) } if args.ClientTlsCert != nil { - args.ClientTlsCert = pulumi.ToSecret(args.ClientTlsCert).(pulumi.StringPtrOutput) + args.ClientTlsCert = pulumi.ToSecret(args.ClientTlsCert).(pulumi.StringPtrInput) } if args.ClientTlsKey != nil { - args.ClientTlsKey = pulumi.ToSecret(args.ClientTlsKey).(pulumi.StringPtrOutput) + args.ClientTlsKey = pulumi.ToSecret(args.ClientTlsKey).(pulumi.StringPtrInput) } secrets := pulumi.AdditionalSecretOutputs([]string{ "bindpass", @@ -185,6 +187,7 @@ func NewSecretBackend(ctx *pulumi.Context, "clientTlsKey", }) opts = append(opts, secrets) + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretBackend err := ctx.RegisterResource("vault:ad/secretBackend:SecretBackend", name, args, &resource, opts...) if err != nil { @@ -650,6 +653,12 @@ func (i *SecretBackend) ToSecretBackendOutputWithContext(ctx context.Context) Se return pulumi.ToOutputWithContext(ctx, i).(SecretBackendOutput) } +func (i *SecretBackend) ToOutput(ctx context.Context) pulumix.Output[*SecretBackend] { + return pulumix.Output[*SecretBackend]{ + OutputState: i.ToSecretBackendOutputWithContext(ctx).OutputState, + } +} + // SecretBackendArrayInput is an input type that accepts SecretBackendArray and SecretBackendArrayOutput values. // You can construct a concrete instance of `SecretBackendArrayInput` via: // @@ -675,6 +684,12 @@ func (i SecretBackendArray) ToSecretBackendArrayOutputWithContext(ctx context.Co return pulumi.ToOutputWithContext(ctx, i).(SecretBackendArrayOutput) } +func (i SecretBackendArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackend] { + return pulumix.Output[[]*SecretBackend]{ + OutputState: i.ToSecretBackendArrayOutputWithContext(ctx).OutputState, + } +} + // SecretBackendMapInput is an input type that accepts SecretBackendMap and SecretBackendMapOutput values. // You can construct a concrete instance of `SecretBackendMapInput` via: // @@ -700,6 +715,12 @@ func (i SecretBackendMap) ToSecretBackendMapOutputWithContext(ctx context.Contex return pulumi.ToOutputWithContext(ctx, i).(SecretBackendMapOutput) } +func (i SecretBackendMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackend] { + return pulumix.Output[map[string]*SecretBackend]{ + OutputState: i.ToSecretBackendMapOutputWithContext(ctx).OutputState, + } +} + type SecretBackendOutput struct{ *pulumi.OutputState } func (SecretBackendOutput) ElementType() reflect.Type { @@ -714,6 +735,12 @@ func (o SecretBackendOutput) ToSecretBackendOutputWithContext(ctx context.Contex return o } +func (o SecretBackendOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackend] { + return pulumix.Output[*SecretBackend]{ + OutputState: o.OutputState, + } +} + // Use anonymous binds when performing LDAP group searches // (if true the initial credentials will still be used for the initial connection test). func (o SecretBackendOutput) AnonymousGroupSearch() pulumi.BoolPtrOutput { @@ -937,6 +964,12 @@ func (o SecretBackendArrayOutput) ToSecretBackendArrayOutputWithContext(ctx cont return o } +func (o SecretBackendArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackend] { + return pulumix.Output[[]*SecretBackend]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendArrayOutput) Index(i pulumi.IntInput) SecretBackendOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretBackend { return vs[0].([]*SecretBackend)[vs[1].(int)] @@ -957,6 +990,12 @@ func (o SecretBackendMapOutput) ToSecretBackendMapOutputWithContext(ctx context. return o } +func (o SecretBackendMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackend] { + return pulumix.Output[map[string]*SecretBackend]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendMapOutput) MapIndex(k pulumi.StringInput) SecretBackendOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretBackend { return vs[0].(map[string]*SecretBackend)[vs[1].(string)] diff --git a/sdk/go/vault/ad/secretLibrary.go b/sdk/go/vault/ad/secretLibrary.go index 350f9a77a..754860d5b 100644 --- a/sdk/go/vault/ad/secretLibrary.go +++ b/sdk/go/vault/ad/secretLibrary.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -103,6 +105,7 @@ func NewSecretLibrary(ctx *pulumi.Context, if args.ServiceAccountNames == nil { return nil, errors.New("invalid value for required argument 'ServiceAccountNames'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretLibrary err := ctx.RegisterResource("vault:ad/secretLibrary:SecretLibrary", name, args, &resource, opts...) if err != nil { @@ -248,6 +251,12 @@ func (i *SecretLibrary) ToSecretLibraryOutputWithContext(ctx context.Context) Se return pulumi.ToOutputWithContext(ctx, i).(SecretLibraryOutput) } +func (i *SecretLibrary) ToOutput(ctx context.Context) pulumix.Output[*SecretLibrary] { + return pulumix.Output[*SecretLibrary]{ + OutputState: i.ToSecretLibraryOutputWithContext(ctx).OutputState, + } +} + // SecretLibraryArrayInput is an input type that accepts SecretLibraryArray and SecretLibraryArrayOutput values. // You can construct a concrete instance of `SecretLibraryArrayInput` via: // @@ -273,6 +282,12 @@ func (i SecretLibraryArray) ToSecretLibraryArrayOutputWithContext(ctx context.Co return pulumi.ToOutputWithContext(ctx, i).(SecretLibraryArrayOutput) } +func (i SecretLibraryArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretLibrary] { + return pulumix.Output[[]*SecretLibrary]{ + OutputState: i.ToSecretLibraryArrayOutputWithContext(ctx).OutputState, + } +} + // SecretLibraryMapInput is an input type that accepts SecretLibraryMap and SecretLibraryMapOutput values. // You can construct a concrete instance of `SecretLibraryMapInput` via: // @@ -298,6 +313,12 @@ func (i SecretLibraryMap) ToSecretLibraryMapOutputWithContext(ctx context.Contex return pulumi.ToOutputWithContext(ctx, i).(SecretLibraryMapOutput) } +func (i SecretLibraryMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretLibrary] { + return pulumix.Output[map[string]*SecretLibrary]{ + OutputState: i.ToSecretLibraryMapOutputWithContext(ctx).OutputState, + } +} + type SecretLibraryOutput struct{ *pulumi.OutputState } func (SecretLibraryOutput) ElementType() reflect.Type { @@ -312,6 +333,12 @@ func (o SecretLibraryOutput) ToSecretLibraryOutputWithContext(ctx context.Contex return o } +func (o SecretLibraryOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretLibrary] { + return pulumix.Output[*SecretLibrary]{ + OutputState: o.OutputState, + } +} + // The path the AD secret backend is mounted at, // with no leading or trailing `/`s. func (o SecretLibraryOutput) Backend() pulumi.StringOutput { @@ -368,6 +395,12 @@ func (o SecretLibraryArrayOutput) ToSecretLibraryArrayOutputWithContext(ctx cont return o } +func (o SecretLibraryArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretLibrary] { + return pulumix.Output[[]*SecretLibrary]{ + OutputState: o.OutputState, + } +} + func (o SecretLibraryArrayOutput) Index(i pulumi.IntInput) SecretLibraryOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretLibrary { return vs[0].([]*SecretLibrary)[vs[1].(int)] @@ -388,6 +421,12 @@ func (o SecretLibraryMapOutput) ToSecretLibraryMapOutputWithContext(ctx context. return o } +func (o SecretLibraryMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretLibrary] { + return pulumix.Output[map[string]*SecretLibrary]{ + OutputState: o.OutputState, + } +} + func (o SecretLibraryMapOutput) MapIndex(k pulumi.StringInput) SecretLibraryOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretLibrary { return vs[0].(map[string]*SecretLibrary)[vs[1].(string)] diff --git a/sdk/go/vault/ad/secretRole.go b/sdk/go/vault/ad/secretRole.go index 40b268e65..6092fcc4d 100644 --- a/sdk/go/vault/ad/secretRole.go +++ b/sdk/go/vault/ad/secretRole.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -102,6 +104,7 @@ func NewSecretRole(ctx *pulumi.Context, if args.ServiceAccountName == nil { return nil, errors.New("invalid value for required argument 'ServiceAccountName'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretRole err := ctx.RegisterResource("vault:ad/secretRole:SecretRole", name, args, &resource, opts...) if err != nil { @@ -239,6 +242,12 @@ func (i *SecretRole) ToSecretRoleOutputWithContext(ctx context.Context) SecretRo return pulumi.ToOutputWithContext(ctx, i).(SecretRoleOutput) } +func (i *SecretRole) ToOutput(ctx context.Context) pulumix.Output[*SecretRole] { + return pulumix.Output[*SecretRole]{ + OutputState: i.ToSecretRoleOutputWithContext(ctx).OutputState, + } +} + // SecretRoleArrayInput is an input type that accepts SecretRoleArray and SecretRoleArrayOutput values. // You can construct a concrete instance of `SecretRoleArrayInput` via: // @@ -264,6 +273,12 @@ func (i SecretRoleArray) ToSecretRoleArrayOutputWithContext(ctx context.Context) return pulumi.ToOutputWithContext(ctx, i).(SecretRoleArrayOutput) } +func (i SecretRoleArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretRole] { + return pulumix.Output[[]*SecretRole]{ + OutputState: i.ToSecretRoleArrayOutputWithContext(ctx).OutputState, + } +} + // SecretRoleMapInput is an input type that accepts SecretRoleMap and SecretRoleMapOutput values. // You can construct a concrete instance of `SecretRoleMapInput` via: // @@ -289,6 +304,12 @@ func (i SecretRoleMap) ToSecretRoleMapOutputWithContext(ctx context.Context) Sec return pulumi.ToOutputWithContext(ctx, i).(SecretRoleMapOutput) } +func (i SecretRoleMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretRole] { + return pulumix.Output[map[string]*SecretRole]{ + OutputState: i.ToSecretRoleMapOutputWithContext(ctx).OutputState, + } +} + type SecretRoleOutput struct{ *pulumi.OutputState } func (SecretRoleOutput) ElementType() reflect.Type { @@ -303,6 +324,12 @@ func (o SecretRoleOutput) ToSecretRoleOutputWithContext(ctx context.Context) Sec return o } +func (o SecretRoleOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretRole] { + return pulumix.Output[*SecretRole]{ + OutputState: o.OutputState, + } +} + // The path the AD secret backend is mounted at, // with no leading or trailing `/`s. func (o SecretRoleOutput) Backend() pulumi.StringOutput { @@ -359,6 +386,12 @@ func (o SecretRoleArrayOutput) ToSecretRoleArrayOutputWithContext(ctx context.Co return o } +func (o SecretRoleArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretRole] { + return pulumix.Output[[]*SecretRole]{ + OutputState: o.OutputState, + } +} + func (o SecretRoleArrayOutput) Index(i pulumi.IntInput) SecretRoleOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretRole { return vs[0].([]*SecretRole)[vs[1].(int)] @@ -379,6 +412,12 @@ func (o SecretRoleMapOutput) ToSecretRoleMapOutputWithContext(ctx context.Contex return o } +func (o SecretRoleMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretRole] { + return pulumix.Output[map[string]*SecretRole]{ + OutputState: o.OutputState, + } +} + func (o SecretRoleMapOutput) MapIndex(k pulumi.StringInput) SecretRoleOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretRole { return vs[0].(map[string]*SecretRole)[vs[1].(string)] diff --git a/sdk/go/vault/alicloud/authBackendRole.go b/sdk/go/vault/alicloud/authBackendRole.go index a8e2f6988..85c9fee44 100644 --- a/sdk/go/vault/alicloud/authBackendRole.go +++ b/sdk/go/vault/alicloud/authBackendRole.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Provides a resource to create a role in an [AliCloud auth backend within Vault](https://www.vaultproject.io/docs/auth/alicloud.html). @@ -65,6 +67,8 @@ type AuthBackendRole struct { Arn pulumi.StringOutput `pulumi:"arn"` // Path to the mounted AliCloud auth backend. // Defaults to `alicloud` + // + // For more details on the usage of each argument consult the [Vault AliCloud API documentation](https://www.vaultproject.io/api-docs/auth/alicloud). Backend pulumi.StringPtrOutput `pulumi:"backend"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. @@ -124,6 +128,7 @@ func NewAuthBackendRole(ctx *pulumi.Context, if args.Role == nil { return nil, errors.New("invalid value for required argument 'Role'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource AuthBackendRole err := ctx.RegisterResource("vault:alicloud/authBackendRole:AuthBackendRole", name, args, &resource, opts...) if err != nil { @@ -150,6 +155,8 @@ type authBackendRoleState struct { Arn *string `pulumi:"arn"` // Path to the mounted AliCloud auth backend. // Defaults to `alicloud` + // + // For more details on the usage of each argument consult the [Vault AliCloud API documentation](https://www.vaultproject.io/api-docs/auth/alicloud). Backend *string `pulumi:"backend"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. @@ -201,6 +208,8 @@ type AuthBackendRoleState struct { Arn pulumi.StringPtrInput // Path to the mounted AliCloud auth backend. // Defaults to `alicloud` + // + // For more details on the usage of each argument consult the [Vault AliCloud API documentation](https://www.vaultproject.io/api-docs/auth/alicloud). Backend pulumi.StringPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. @@ -256,6 +265,8 @@ type authBackendRoleArgs struct { Arn string `pulumi:"arn"` // Path to the mounted AliCloud auth backend. // Defaults to `alicloud` + // + // For more details on the usage of each argument consult the [Vault AliCloud API documentation](https://www.vaultproject.io/api-docs/auth/alicloud). Backend *string `pulumi:"backend"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. @@ -308,6 +319,8 @@ type AuthBackendRoleArgs struct { Arn pulumi.StringInput // Path to the mounted AliCloud auth backend. // Defaults to `alicloud` + // + // For more details on the usage of each argument consult the [Vault AliCloud API documentation](https://www.vaultproject.io/api-docs/auth/alicloud). Backend pulumi.StringPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. @@ -377,6 +390,12 @@ func (i *AuthBackendRole) ToAuthBackendRoleOutputWithContext(ctx context.Context return pulumi.ToOutputWithContext(ctx, i).(AuthBackendRoleOutput) } +func (i *AuthBackendRole) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendRole] { + return pulumix.Output[*AuthBackendRole]{ + OutputState: i.ToAuthBackendRoleOutputWithContext(ctx).OutputState, + } +} + // AuthBackendRoleArrayInput is an input type that accepts AuthBackendRoleArray and AuthBackendRoleArrayOutput values. // You can construct a concrete instance of `AuthBackendRoleArrayInput` via: // @@ -402,6 +421,12 @@ func (i AuthBackendRoleArray) ToAuthBackendRoleArrayOutputWithContext(ctx contex return pulumi.ToOutputWithContext(ctx, i).(AuthBackendRoleArrayOutput) } +func (i AuthBackendRoleArray) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendRole] { + return pulumix.Output[[]*AuthBackendRole]{ + OutputState: i.ToAuthBackendRoleArrayOutputWithContext(ctx).OutputState, + } +} + // AuthBackendRoleMapInput is an input type that accepts AuthBackendRoleMap and AuthBackendRoleMapOutput values. // You can construct a concrete instance of `AuthBackendRoleMapInput` via: // @@ -427,6 +452,12 @@ func (i AuthBackendRoleMap) ToAuthBackendRoleMapOutputWithContext(ctx context.Co return pulumi.ToOutputWithContext(ctx, i).(AuthBackendRoleMapOutput) } +func (i AuthBackendRoleMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendRole] { + return pulumix.Output[map[string]*AuthBackendRole]{ + OutputState: i.ToAuthBackendRoleMapOutputWithContext(ctx).OutputState, + } +} + type AuthBackendRoleOutput struct{ *pulumi.OutputState } func (AuthBackendRoleOutput) ElementType() reflect.Type { @@ -441,6 +472,12 @@ func (o AuthBackendRoleOutput) ToAuthBackendRoleOutputWithContext(ctx context.Co return o } +func (o AuthBackendRoleOutput) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendRole] { + return pulumix.Output[*AuthBackendRole]{ + OutputState: o.OutputState, + } +} + // The role's arn. func (o AuthBackendRoleOutput) Arn() pulumi.StringOutput { return o.ApplyT(func(v *AuthBackendRole) pulumi.StringOutput { return v.Arn }).(pulumi.StringOutput) @@ -448,6 +485,8 @@ func (o AuthBackendRoleOutput) Arn() pulumi.StringOutput { // Path to the mounted AliCloud auth backend. // Defaults to `alicloud` +// +// For more details on the usage of each argument consult the [Vault AliCloud API documentation](https://www.vaultproject.io/api-docs/auth/alicloud). func (o AuthBackendRoleOutput) Backend() pulumi.StringPtrOutput { return o.ApplyT(func(v *AuthBackendRole) pulumi.StringPtrOutput { return v.Backend }).(pulumi.StringPtrOutput) } @@ -542,6 +581,12 @@ func (o AuthBackendRoleArrayOutput) ToAuthBackendRoleArrayOutputWithContext(ctx return o } +func (o AuthBackendRoleArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendRole] { + return pulumix.Output[[]*AuthBackendRole]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendRoleArrayOutput) Index(i pulumi.IntInput) AuthBackendRoleOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AuthBackendRole { return vs[0].([]*AuthBackendRole)[vs[1].(int)] @@ -562,6 +607,12 @@ func (o AuthBackendRoleMapOutput) ToAuthBackendRoleMapOutputWithContext(ctx cont return o } +func (o AuthBackendRoleMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendRole] { + return pulumix.Output[map[string]*AuthBackendRole]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendRoleMapOutput) MapIndex(k pulumi.StringInput) AuthBackendRoleOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AuthBackendRole { return vs[0].(map[string]*AuthBackendRole)[vs[1].(string)] diff --git a/sdk/go/vault/alicloud/init.go b/sdk/go/vault/alicloud/init.go index 9d05450e7..ed2e29f24 100644 --- a/sdk/go/vault/alicloud/init.go +++ b/sdk/go/vault/alicloud/init.go @@ -7,7 +7,7 @@ import ( "fmt" "github.com/blang/semver" - "github.com/pulumi/pulumi-vault/sdk/v5/go/vault" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) @@ -32,7 +32,7 @@ func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi } func init() { - version, err := vault.PkgVersion() + version, err := internal.PkgVersion() if err != nil { version = semver.Version{Major: 1} } diff --git a/sdk/go/vault/approle/authBackendLogin.go b/sdk/go/vault/approle/authBackendLogin.go index 8a5220acb..e465b938a 100644 --- a/sdk/go/vault/approle/authBackendLogin.go +++ b/sdk/go/vault/approle/authBackendLogin.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Logs into Vault using the AppRole auth backend. See the [Vault @@ -110,13 +112,14 @@ func NewAuthBackendLogin(ctx *pulumi.Context, return nil, errors.New("invalid value for required argument 'RoleId'") } if args.SecretId != nil { - args.SecretId = pulumi.ToSecret(args.SecretId).(pulumi.StringPtrOutput) + args.SecretId = pulumi.ToSecret(args.SecretId).(pulumi.StringPtrInput) } secrets := pulumi.AdditionalSecretOutputs([]string{ "clientToken", "secretId", }) opts = append(opts, secrets) + opts = internal.PkgResourceDefaultOpts(opts) var resource AuthBackendLogin err := ctx.RegisterResource("vault:appRole/authBackendLogin:AuthBackendLogin", name, args, &resource, opts...) if err != nil { @@ -254,6 +257,12 @@ func (i *AuthBackendLogin) ToAuthBackendLoginOutputWithContext(ctx context.Conte return pulumi.ToOutputWithContext(ctx, i).(AuthBackendLoginOutput) } +func (i *AuthBackendLogin) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendLogin] { + return pulumix.Output[*AuthBackendLogin]{ + OutputState: i.ToAuthBackendLoginOutputWithContext(ctx).OutputState, + } +} + // AuthBackendLoginArrayInput is an input type that accepts AuthBackendLoginArray and AuthBackendLoginArrayOutput values. // You can construct a concrete instance of `AuthBackendLoginArrayInput` via: // @@ -279,6 +288,12 @@ func (i AuthBackendLoginArray) ToAuthBackendLoginArrayOutputWithContext(ctx cont return pulumi.ToOutputWithContext(ctx, i).(AuthBackendLoginArrayOutput) } +func (i AuthBackendLoginArray) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendLogin] { + return pulumix.Output[[]*AuthBackendLogin]{ + OutputState: i.ToAuthBackendLoginArrayOutputWithContext(ctx).OutputState, + } +} + // AuthBackendLoginMapInput is an input type that accepts AuthBackendLoginMap and AuthBackendLoginMapOutput values. // You can construct a concrete instance of `AuthBackendLoginMapInput` via: // @@ -304,6 +319,12 @@ func (i AuthBackendLoginMap) ToAuthBackendLoginMapOutputWithContext(ctx context. return pulumi.ToOutputWithContext(ctx, i).(AuthBackendLoginMapOutput) } +func (i AuthBackendLoginMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendLogin] { + return pulumix.Output[map[string]*AuthBackendLogin]{ + OutputState: i.ToAuthBackendLoginMapOutputWithContext(ctx).OutputState, + } +} + type AuthBackendLoginOutput struct{ *pulumi.OutputState } func (AuthBackendLoginOutput) ElementType() reflect.Type { @@ -318,6 +339,12 @@ func (o AuthBackendLoginOutput) ToAuthBackendLoginOutputWithContext(ctx context. return o } +func (o AuthBackendLoginOutput) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendLogin] { + return pulumix.Output[*AuthBackendLogin]{ + OutputState: o.OutputState, + } +} + // The accessor for the token. func (o AuthBackendLoginOutput) Accessor() pulumi.StringOutput { return o.ApplyT(func(v *AuthBackendLogin) pulumi.StringOutput { return v.Accessor }).(pulumi.StringOutput) @@ -391,6 +418,12 @@ func (o AuthBackendLoginArrayOutput) ToAuthBackendLoginArrayOutputWithContext(ct return o } +func (o AuthBackendLoginArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendLogin] { + return pulumix.Output[[]*AuthBackendLogin]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendLoginArrayOutput) Index(i pulumi.IntInput) AuthBackendLoginOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AuthBackendLogin { return vs[0].([]*AuthBackendLogin)[vs[1].(int)] @@ -411,6 +444,12 @@ func (o AuthBackendLoginMapOutput) ToAuthBackendLoginMapOutputWithContext(ctx co return o } +func (o AuthBackendLoginMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendLogin] { + return pulumix.Output[map[string]*AuthBackendLogin]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendLoginMapOutput) MapIndex(k pulumi.StringInput) AuthBackendLoginOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AuthBackendLogin { return vs[0].(map[string]*AuthBackendLogin)[vs[1].(string)] diff --git a/sdk/go/vault/approle/authBackendRole.go b/sdk/go/vault/approle/authBackendRole.go index 82a2a8b9a..370e10de8 100644 --- a/sdk/go/vault/approle/authBackendRole.go +++ b/sdk/go/vault/approle/authBackendRole.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Manages an AppRole auth backend role in a Vault server. See the [Vault @@ -139,6 +141,7 @@ func NewAuthBackendRole(ctx *pulumi.Context, if args.RoleName == nil { return nil, errors.New("invalid value for required argument 'RoleName'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource AuthBackendRole err := ctx.RegisterResource("vault:appRole/authBackendRole:AuthBackendRole", name, args, &resource, opts...) if err != nil { @@ -444,6 +447,12 @@ func (i *AuthBackendRole) ToAuthBackendRoleOutputWithContext(ctx context.Context return pulumi.ToOutputWithContext(ctx, i).(AuthBackendRoleOutput) } +func (i *AuthBackendRole) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendRole] { + return pulumix.Output[*AuthBackendRole]{ + OutputState: i.ToAuthBackendRoleOutputWithContext(ctx).OutputState, + } +} + // AuthBackendRoleArrayInput is an input type that accepts AuthBackendRoleArray and AuthBackendRoleArrayOutput values. // You can construct a concrete instance of `AuthBackendRoleArrayInput` via: // @@ -469,6 +478,12 @@ func (i AuthBackendRoleArray) ToAuthBackendRoleArrayOutputWithContext(ctx contex return pulumi.ToOutputWithContext(ctx, i).(AuthBackendRoleArrayOutput) } +func (i AuthBackendRoleArray) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendRole] { + return pulumix.Output[[]*AuthBackendRole]{ + OutputState: i.ToAuthBackendRoleArrayOutputWithContext(ctx).OutputState, + } +} + // AuthBackendRoleMapInput is an input type that accepts AuthBackendRoleMap and AuthBackendRoleMapOutput values. // You can construct a concrete instance of `AuthBackendRoleMapInput` via: // @@ -494,6 +509,12 @@ func (i AuthBackendRoleMap) ToAuthBackendRoleMapOutputWithContext(ctx context.Co return pulumi.ToOutputWithContext(ctx, i).(AuthBackendRoleMapOutput) } +func (i AuthBackendRoleMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendRole] { + return pulumix.Output[map[string]*AuthBackendRole]{ + OutputState: i.ToAuthBackendRoleMapOutputWithContext(ctx).OutputState, + } +} + type AuthBackendRoleOutput struct{ *pulumi.OutputState } func (AuthBackendRoleOutput) ElementType() reflect.Type { @@ -508,6 +529,12 @@ func (o AuthBackendRoleOutput) ToAuthBackendRoleOutputWithContext(ctx context.Co return o } +func (o AuthBackendRoleOutput) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendRole] { + return pulumix.Output[*AuthBackendRole]{ + OutputState: o.OutputState, + } +} + // The unique name of the auth backend to configure. // Defaults to `approle`. func (o AuthBackendRoleOutput) Backend() pulumi.StringPtrOutput { @@ -634,6 +661,12 @@ func (o AuthBackendRoleArrayOutput) ToAuthBackendRoleArrayOutputWithContext(ctx return o } +func (o AuthBackendRoleArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendRole] { + return pulumix.Output[[]*AuthBackendRole]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendRoleArrayOutput) Index(i pulumi.IntInput) AuthBackendRoleOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AuthBackendRole { return vs[0].([]*AuthBackendRole)[vs[1].(int)] @@ -654,6 +687,12 @@ func (o AuthBackendRoleMapOutput) ToAuthBackendRoleMapOutputWithContext(ctx cont return o } +func (o AuthBackendRoleMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendRole] { + return pulumix.Output[map[string]*AuthBackendRole]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendRoleMapOutput) MapIndex(k pulumi.StringInput) AuthBackendRoleOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AuthBackendRole { return vs[0].(map[string]*AuthBackendRole)[vs[1].(string)] diff --git a/sdk/go/vault/approle/authBackendRoleSecretId.go b/sdk/go/vault/approle/authBackendRoleSecretId.go index 1045db93f..661de55a2 100644 --- a/sdk/go/vault/approle/authBackendRoleSecretId.go +++ b/sdk/go/vault/approle/authBackendRoleSecretId.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Manages an AppRole auth backend SecretID in a Vault server. See the [Vault @@ -126,13 +128,14 @@ func NewAuthBackendRoleSecretId(ctx *pulumi.Context, }) opts = append(opts, aliases) if args.SecretId != nil { - args.SecretId = pulumi.ToSecret(args.SecretId).(pulumi.StringPtrOutput) + args.SecretId = pulumi.ToSecret(args.SecretId).(pulumi.StringPtrInput) } secrets := pulumi.AdditionalSecretOutputs([]string{ "secretId", "wrappingToken", }) opts = append(opts, secrets) + opts = internal.PkgResourceDefaultOpts(opts) var resource AuthBackendRoleSecretId err := ctx.RegisterResource("vault:appRole/authBackendRoleSecretId:AuthBackendRoleSecretId", name, args, &resource, opts...) if err != nil { @@ -316,6 +319,12 @@ func (i *AuthBackendRoleSecretId) ToAuthBackendRoleSecretIdOutputWithContext(ctx return pulumi.ToOutputWithContext(ctx, i).(AuthBackendRoleSecretIdOutput) } +func (i *AuthBackendRoleSecretId) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendRoleSecretId] { + return pulumix.Output[*AuthBackendRoleSecretId]{ + OutputState: i.ToAuthBackendRoleSecretIdOutputWithContext(ctx).OutputState, + } +} + // AuthBackendRoleSecretIdArrayInput is an input type that accepts AuthBackendRoleSecretIdArray and AuthBackendRoleSecretIdArrayOutput values. // You can construct a concrete instance of `AuthBackendRoleSecretIdArrayInput` via: // @@ -341,6 +350,12 @@ func (i AuthBackendRoleSecretIdArray) ToAuthBackendRoleSecretIdArrayOutputWithCo return pulumi.ToOutputWithContext(ctx, i).(AuthBackendRoleSecretIdArrayOutput) } +func (i AuthBackendRoleSecretIdArray) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendRoleSecretId] { + return pulumix.Output[[]*AuthBackendRoleSecretId]{ + OutputState: i.ToAuthBackendRoleSecretIdArrayOutputWithContext(ctx).OutputState, + } +} + // AuthBackendRoleSecretIdMapInput is an input type that accepts AuthBackendRoleSecretIdMap and AuthBackendRoleSecretIdMapOutput values. // You can construct a concrete instance of `AuthBackendRoleSecretIdMapInput` via: // @@ -366,6 +381,12 @@ func (i AuthBackendRoleSecretIdMap) ToAuthBackendRoleSecretIdMapOutputWithContex return pulumi.ToOutputWithContext(ctx, i).(AuthBackendRoleSecretIdMapOutput) } +func (i AuthBackendRoleSecretIdMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendRoleSecretId] { + return pulumix.Output[map[string]*AuthBackendRoleSecretId]{ + OutputState: i.ToAuthBackendRoleSecretIdMapOutputWithContext(ctx).OutputState, + } +} + type AuthBackendRoleSecretIdOutput struct{ *pulumi.OutputState } func (AuthBackendRoleSecretIdOutput) ElementType() reflect.Type { @@ -380,6 +401,12 @@ func (o AuthBackendRoleSecretIdOutput) ToAuthBackendRoleSecretIdOutputWithContex return o } +func (o AuthBackendRoleSecretIdOutput) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendRoleSecretId] { + return pulumix.Output[*AuthBackendRoleSecretId]{ + OutputState: o.OutputState, + } +} + // The unique ID for this SecretID that can be safely logged. func (o AuthBackendRoleSecretIdOutput) Accessor() pulumi.StringOutput { return o.ApplyT(func(v *AuthBackendRoleSecretId) pulumi.StringOutput { return v.Accessor }).(pulumi.StringOutput) @@ -461,6 +488,12 @@ func (o AuthBackendRoleSecretIdArrayOutput) ToAuthBackendRoleSecretIdArrayOutput return o } +func (o AuthBackendRoleSecretIdArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendRoleSecretId] { + return pulumix.Output[[]*AuthBackendRoleSecretId]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendRoleSecretIdArrayOutput) Index(i pulumi.IntInput) AuthBackendRoleSecretIdOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AuthBackendRoleSecretId { return vs[0].([]*AuthBackendRoleSecretId)[vs[1].(int)] @@ -481,6 +514,12 @@ func (o AuthBackendRoleSecretIdMapOutput) ToAuthBackendRoleSecretIdMapOutputWith return o } +func (o AuthBackendRoleSecretIdMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendRoleSecretId] { + return pulumix.Output[map[string]*AuthBackendRoleSecretId]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendRoleSecretIdMapOutput) MapIndex(k pulumi.StringInput) AuthBackendRoleSecretIdOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AuthBackendRoleSecretId { return vs[0].(map[string]*AuthBackendRoleSecretId)[vs[1].(string)] diff --git a/sdk/go/vault/approle/getAuthBackendRoleId.go b/sdk/go/vault/approle/getAuthBackendRoleId.go index e5e22352b..2bb938152 100644 --- a/sdk/go/vault/approle/getAuthBackendRoleId.go +++ b/sdk/go/vault/approle/getAuthBackendRoleId.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Reads the Role ID of an AppRole from a Vault server. @@ -40,6 +42,7 @@ import ( // // ``` func GetAuthBackendRoleId(ctx *pulumi.Context, args *GetAuthBackendRoleIdArgs, opts ...pulumi.InvokeOption) (*GetAuthBackendRoleIdResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) var rv GetAuthBackendRoleIdResult err := ctx.Invoke("vault:appRole/getAuthBackendRoleId:getAuthBackendRoleId", args, &rv, opts...) if err != nil { @@ -119,6 +122,12 @@ func (o GetAuthBackendRoleIdResultOutput) ToGetAuthBackendRoleIdResultOutputWith return o } +func (o GetAuthBackendRoleIdResultOutput) ToOutput(ctx context.Context) pulumix.Output[GetAuthBackendRoleIdResult] { + return pulumix.Output[GetAuthBackendRoleIdResult]{ + OutputState: o.OutputState, + } +} + func (o GetAuthBackendRoleIdResultOutput) Backend() pulumi.StringPtrOutput { return o.ApplyT(func(v GetAuthBackendRoleIdResult) *string { return v.Backend }).(pulumi.StringPtrOutput) } diff --git a/sdk/go/vault/approle/init.go b/sdk/go/vault/approle/init.go index 43a597791..9fc277461 100644 --- a/sdk/go/vault/approle/init.go +++ b/sdk/go/vault/approle/init.go @@ -7,7 +7,7 @@ import ( "fmt" "github.com/blang/semver" - "github.com/pulumi/pulumi-vault/sdk/v5/go/vault" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) @@ -36,7 +36,7 @@ func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi } func init() { - version, err := vault.PkgVersion() + version, err := internal.PkgVersion() if err != nil { version = semver.Version{Major: 1} } diff --git a/sdk/go/vault/audit.go b/sdk/go/vault/audit.go index 533f60bc3..487c688a2 100644 --- a/sdk/go/vault/audit.go +++ b/sdk/go/vault/audit.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -95,6 +97,8 @@ type Audit struct { // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrOutput `pulumi:"namespace"` // Configuration options to pass to the audit device itself. + // + // For a reference of the device types and their options, consult the [Vault documentation.](https://www.vaultproject.io/docs/audit/index.html) Options pulumi.StringMapOutput `pulumi:"options"` // The path to mount the audit device. This defaults to the type. Path pulumi.StringOutput `pulumi:"path"` @@ -115,6 +119,7 @@ func NewAudit(ctx *pulumi.Context, if args.Type == nil { return nil, errors.New("invalid value for required argument 'Type'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource Audit err := ctx.RegisterResource("vault:index/audit:Audit", name, args, &resource, opts...) if err != nil { @@ -147,6 +152,8 @@ type auditState struct { // *Available only for Vault Enterprise*. Namespace *string `pulumi:"namespace"` // Configuration options to pass to the audit device itself. + // + // For a reference of the device types and their options, consult the [Vault documentation.](https://www.vaultproject.io/docs/audit/index.html) Options map[string]string `pulumi:"options"` // The path to mount the audit device. This defaults to the type. Path *string `pulumi:"path"` @@ -165,6 +172,8 @@ type AuditState struct { // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput // Configuration options to pass to the audit device itself. + // + // For a reference of the device types and their options, consult the [Vault documentation.](https://www.vaultproject.io/docs/audit/index.html) Options pulumi.StringMapInput // The path to mount the audit device. This defaults to the type. Path pulumi.StringPtrInput @@ -187,6 +196,8 @@ type auditArgs struct { // *Available only for Vault Enterprise*. Namespace *string `pulumi:"namespace"` // Configuration options to pass to the audit device itself. + // + // For a reference of the device types and their options, consult the [Vault documentation.](https://www.vaultproject.io/docs/audit/index.html) Options map[string]string `pulumi:"options"` // The path to mount the audit device. This defaults to the type. Path *string `pulumi:"path"` @@ -206,6 +217,8 @@ type AuditArgs struct { // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput // Configuration options to pass to the audit device itself. + // + // For a reference of the device types and their options, consult the [Vault documentation.](https://www.vaultproject.io/docs/audit/index.html) Options pulumi.StringMapInput // The path to mount the audit device. This defaults to the type. Path pulumi.StringPtrInput @@ -236,6 +249,12 @@ func (i *Audit) ToAuditOutputWithContext(ctx context.Context) AuditOutput { return pulumi.ToOutputWithContext(ctx, i).(AuditOutput) } +func (i *Audit) ToOutput(ctx context.Context) pulumix.Output[*Audit] { + return pulumix.Output[*Audit]{ + OutputState: i.ToAuditOutputWithContext(ctx).OutputState, + } +} + // AuditArrayInput is an input type that accepts AuditArray and AuditArrayOutput values. // You can construct a concrete instance of `AuditArrayInput` via: // @@ -261,6 +280,12 @@ func (i AuditArray) ToAuditArrayOutputWithContext(ctx context.Context) AuditArra return pulumi.ToOutputWithContext(ctx, i).(AuditArrayOutput) } +func (i AuditArray) ToOutput(ctx context.Context) pulumix.Output[[]*Audit] { + return pulumix.Output[[]*Audit]{ + OutputState: i.ToAuditArrayOutputWithContext(ctx).OutputState, + } +} + // AuditMapInput is an input type that accepts AuditMap and AuditMapOutput values. // You can construct a concrete instance of `AuditMapInput` via: // @@ -286,6 +311,12 @@ func (i AuditMap) ToAuditMapOutputWithContext(ctx context.Context) AuditMapOutpu return pulumi.ToOutputWithContext(ctx, i).(AuditMapOutput) } +func (i AuditMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*Audit] { + return pulumix.Output[map[string]*Audit]{ + OutputState: i.ToAuditMapOutputWithContext(ctx).OutputState, + } +} + type AuditOutput struct{ *pulumi.OutputState } func (AuditOutput) ElementType() reflect.Type { @@ -300,6 +331,12 @@ func (o AuditOutput) ToAuditOutputWithContext(ctx context.Context) AuditOutput { return o } +func (o AuditOutput) ToOutput(ctx context.Context) pulumix.Output[*Audit] { + return pulumix.Output[*Audit]{ + OutputState: o.OutputState, + } +} + // Human-friendly description of the audit device. func (o AuditOutput) Description() pulumi.StringPtrOutput { return o.ApplyT(func(v *Audit) pulumi.StringPtrOutput { return v.Description }).(pulumi.StringPtrOutput) @@ -319,6 +356,8 @@ func (o AuditOutput) Namespace() pulumi.StringPtrOutput { } // Configuration options to pass to the audit device itself. +// +// For a reference of the device types and their options, consult the [Vault documentation.](https://www.vaultproject.io/docs/audit/index.html) func (o AuditOutput) Options() pulumi.StringMapOutput { return o.ApplyT(func(v *Audit) pulumi.StringMapOutput { return v.Options }).(pulumi.StringMapOutput) } @@ -347,6 +386,12 @@ func (o AuditArrayOutput) ToAuditArrayOutputWithContext(ctx context.Context) Aud return o } +func (o AuditArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*Audit] { + return pulumix.Output[[]*Audit]{ + OutputState: o.OutputState, + } +} + func (o AuditArrayOutput) Index(i pulumi.IntInput) AuditOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *Audit { return vs[0].([]*Audit)[vs[1].(int)] @@ -367,6 +412,12 @@ func (o AuditMapOutput) ToAuditMapOutputWithContext(ctx context.Context) AuditMa return o } +func (o AuditMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*Audit] { + return pulumix.Output[map[string]*Audit]{ + OutputState: o.OutputState, + } +} + func (o AuditMapOutput) MapIndex(k pulumi.StringInput) AuditOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *Audit { return vs[0].(map[string]*Audit)[vs[1].(string)] diff --git a/sdk/go/vault/auditRequestHeader.go b/sdk/go/vault/auditRequestHeader.go index 89c93409a..8e5513362 100644 --- a/sdk/go/vault/auditRequestHeader.go +++ b/sdk/go/vault/auditRequestHeader.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Manages additional request headers that appear in audited requests. @@ -60,6 +62,7 @@ func NewAuditRequestHeader(ctx *pulumi.Context, args = &AuditRequestHeaderArgs{} } + opts = internal.PkgResourceDefaultOpts(opts) var resource AuditRequestHeader err := ctx.RegisterResource("vault:index/auditRequestHeader:AuditRequestHeader", name, args, &resource, opts...) if err != nil { @@ -145,6 +148,12 @@ func (i *AuditRequestHeader) ToAuditRequestHeaderOutputWithContext(ctx context.C return pulumi.ToOutputWithContext(ctx, i).(AuditRequestHeaderOutput) } +func (i *AuditRequestHeader) ToOutput(ctx context.Context) pulumix.Output[*AuditRequestHeader] { + return pulumix.Output[*AuditRequestHeader]{ + OutputState: i.ToAuditRequestHeaderOutputWithContext(ctx).OutputState, + } +} + // AuditRequestHeaderArrayInput is an input type that accepts AuditRequestHeaderArray and AuditRequestHeaderArrayOutput values. // You can construct a concrete instance of `AuditRequestHeaderArrayInput` via: // @@ -170,6 +179,12 @@ func (i AuditRequestHeaderArray) ToAuditRequestHeaderArrayOutputWithContext(ctx return pulumi.ToOutputWithContext(ctx, i).(AuditRequestHeaderArrayOutput) } +func (i AuditRequestHeaderArray) ToOutput(ctx context.Context) pulumix.Output[[]*AuditRequestHeader] { + return pulumix.Output[[]*AuditRequestHeader]{ + OutputState: i.ToAuditRequestHeaderArrayOutputWithContext(ctx).OutputState, + } +} + // AuditRequestHeaderMapInput is an input type that accepts AuditRequestHeaderMap and AuditRequestHeaderMapOutput values. // You can construct a concrete instance of `AuditRequestHeaderMapInput` via: // @@ -195,6 +210,12 @@ func (i AuditRequestHeaderMap) ToAuditRequestHeaderMapOutputWithContext(ctx cont return pulumi.ToOutputWithContext(ctx, i).(AuditRequestHeaderMapOutput) } +func (i AuditRequestHeaderMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuditRequestHeader] { + return pulumix.Output[map[string]*AuditRequestHeader]{ + OutputState: i.ToAuditRequestHeaderMapOutputWithContext(ctx).OutputState, + } +} + type AuditRequestHeaderOutput struct{ *pulumi.OutputState } func (AuditRequestHeaderOutput) ElementType() reflect.Type { @@ -209,6 +230,12 @@ func (o AuditRequestHeaderOutput) ToAuditRequestHeaderOutputWithContext(ctx cont return o } +func (o AuditRequestHeaderOutput) ToOutput(ctx context.Context) pulumix.Output[*AuditRequestHeader] { + return pulumix.Output[*AuditRequestHeader]{ + OutputState: o.OutputState, + } +} + // Whether this header's value should be HMAC'd in the audit logs. func (o AuditRequestHeaderOutput) Hmac() pulumi.BoolPtrOutput { return o.ApplyT(func(v *AuditRequestHeader) pulumi.BoolPtrOutput { return v.Hmac }).(pulumi.BoolPtrOutput) @@ -238,6 +265,12 @@ func (o AuditRequestHeaderArrayOutput) ToAuditRequestHeaderArrayOutputWithContex return o } +func (o AuditRequestHeaderArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*AuditRequestHeader] { + return pulumix.Output[[]*AuditRequestHeader]{ + OutputState: o.OutputState, + } +} + func (o AuditRequestHeaderArrayOutput) Index(i pulumi.IntInput) AuditRequestHeaderOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AuditRequestHeader { return vs[0].([]*AuditRequestHeader)[vs[1].(int)] @@ -258,6 +291,12 @@ func (o AuditRequestHeaderMapOutput) ToAuditRequestHeaderMapOutputWithContext(ct return o } +func (o AuditRequestHeaderMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuditRequestHeader] { + return pulumix.Output[map[string]*AuditRequestHeader]{ + OutputState: o.OutputState, + } +} + func (o AuditRequestHeaderMapOutput) MapIndex(k pulumi.StringInput) AuditRequestHeaderOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AuditRequestHeader { return vs[0].(map[string]*AuditRequestHeader)[vs[1].(string)] diff --git a/sdk/go/vault/authBackend.go b/sdk/go/vault/authBackend.go index 870b4ff33..396711024 100644 --- a/sdk/go/vault/authBackend.go +++ b/sdk/go/vault/authBackend.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Import @@ -40,6 +42,8 @@ type AuthBackend struct { // The path to mount the auth method — this defaults to the name of the type. Path pulumi.StringOutput `pulumi:"path"` // Extra configuration block. Structure is documented below. + // + // The `tune` block is used to tune the auth backend: Tune AuthBackendTuneOutput `pulumi:"tune"` // The name of the auth method type. Type pulumi.StringOutput `pulumi:"type"` @@ -55,6 +59,7 @@ func NewAuthBackend(ctx *pulumi.Context, if args.Type == nil { return nil, errors.New("invalid value for required argument 'Type'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource AuthBackend err := ctx.RegisterResource("vault:index/authBackend:AuthBackend", name, args, &resource, opts...) if err != nil { @@ -94,6 +99,8 @@ type authBackendState struct { // The path to mount the auth method — this defaults to the name of the type. Path *string `pulumi:"path"` // Extra configuration block. Structure is documented below. + // + // The `tune` block is used to tune the auth backend: Tune *AuthBackendTune `pulumi:"tune"` // The name of the auth method type. Type *string `pulumi:"type"` @@ -117,6 +124,8 @@ type AuthBackendState struct { // The path to mount the auth method — this defaults to the name of the type. Path pulumi.StringPtrInput // Extra configuration block. Structure is documented below. + // + // The `tune` block is used to tune the auth backend: Tune AuthBackendTunePtrInput // The name of the auth method type. Type pulumi.StringPtrInput @@ -142,6 +151,8 @@ type authBackendArgs struct { // The path to mount the auth method — this defaults to the name of the type. Path *string `pulumi:"path"` // Extra configuration block. Structure is documented below. + // + // The `tune` block is used to tune the auth backend: Tune *AuthBackendTune `pulumi:"tune"` // The name of the auth method type. Type string `pulumi:"type"` @@ -164,6 +175,8 @@ type AuthBackendArgs struct { // The path to mount the auth method — this defaults to the name of the type. Path pulumi.StringPtrInput // Extra configuration block. Structure is documented below. + // + // The `tune` block is used to tune the auth backend: Tune AuthBackendTunePtrInput // The name of the auth method type. Type pulumi.StringInput @@ -192,6 +205,12 @@ func (i *AuthBackend) ToAuthBackendOutputWithContext(ctx context.Context) AuthBa return pulumi.ToOutputWithContext(ctx, i).(AuthBackendOutput) } +func (i *AuthBackend) ToOutput(ctx context.Context) pulumix.Output[*AuthBackend] { + return pulumix.Output[*AuthBackend]{ + OutputState: i.ToAuthBackendOutputWithContext(ctx).OutputState, + } +} + // AuthBackendArrayInput is an input type that accepts AuthBackendArray and AuthBackendArrayOutput values. // You can construct a concrete instance of `AuthBackendArrayInput` via: // @@ -217,6 +236,12 @@ func (i AuthBackendArray) ToAuthBackendArrayOutputWithContext(ctx context.Contex return pulumi.ToOutputWithContext(ctx, i).(AuthBackendArrayOutput) } +func (i AuthBackendArray) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackend] { + return pulumix.Output[[]*AuthBackend]{ + OutputState: i.ToAuthBackendArrayOutputWithContext(ctx).OutputState, + } +} + // AuthBackendMapInput is an input type that accepts AuthBackendMap and AuthBackendMapOutput values. // You can construct a concrete instance of `AuthBackendMapInput` via: // @@ -242,6 +267,12 @@ func (i AuthBackendMap) ToAuthBackendMapOutputWithContext(ctx context.Context) A return pulumi.ToOutputWithContext(ctx, i).(AuthBackendMapOutput) } +func (i AuthBackendMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackend] { + return pulumix.Output[map[string]*AuthBackend]{ + OutputState: i.ToAuthBackendMapOutputWithContext(ctx).OutputState, + } +} + type AuthBackendOutput struct{ *pulumi.OutputState } func (AuthBackendOutput) ElementType() reflect.Type { @@ -256,6 +287,12 @@ func (o AuthBackendOutput) ToAuthBackendOutputWithContext(ctx context.Context) A return o } +func (o AuthBackendOutput) ToOutput(ctx context.Context) pulumix.Output[*AuthBackend] { + return pulumix.Output[*AuthBackend]{ + OutputState: o.OutputState, + } +} + // The accessor for this auth method func (o AuthBackendOutput) Accessor() pulumi.StringOutput { return o.ApplyT(func(v *AuthBackend) pulumi.StringOutput { return v.Accessor }).(pulumi.StringOutput) @@ -291,6 +328,8 @@ func (o AuthBackendOutput) Path() pulumi.StringOutput { } // Extra configuration block. Structure is documented below. +// +// The `tune` block is used to tune the auth backend: func (o AuthBackendOutput) Tune() AuthBackendTuneOutput { return o.ApplyT(func(v *AuthBackend) AuthBackendTuneOutput { return v.Tune }).(AuthBackendTuneOutput) } @@ -314,6 +353,12 @@ func (o AuthBackendArrayOutput) ToAuthBackendArrayOutputWithContext(ctx context. return o } +func (o AuthBackendArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackend] { + return pulumix.Output[[]*AuthBackend]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendArrayOutput) Index(i pulumi.IntInput) AuthBackendOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AuthBackend { return vs[0].([]*AuthBackend)[vs[1].(int)] @@ -334,6 +379,12 @@ func (o AuthBackendMapOutput) ToAuthBackendMapOutputWithContext(ctx context.Cont return o } +func (o AuthBackendMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackend] { + return pulumix.Output[map[string]*AuthBackend]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendMapOutput) MapIndex(k pulumi.StringInput) AuthBackendOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AuthBackend { return vs[0].(map[string]*AuthBackend)[vs[1].(string)] diff --git a/sdk/go/vault/aws/authBackendCert.go b/sdk/go/vault/aws/authBackendCert.go index 6589d8af7..94f9a058a 100644 --- a/sdk/go/vault/aws/authBackendCert.go +++ b/sdk/go/vault/aws/authBackendCert.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Import @@ -57,6 +59,7 @@ func NewAuthBackendCert(ctx *pulumi.Context, if args.CertName == nil { return nil, errors.New("invalid value for required argument 'CertName'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource AuthBackendCert err := ctx.RegisterResource("vault:aws/authBackendCert:AuthBackendCert", name, args, &resource, opts...) if err != nil { @@ -194,6 +197,12 @@ func (i *AuthBackendCert) ToAuthBackendCertOutputWithContext(ctx context.Context return pulumi.ToOutputWithContext(ctx, i).(AuthBackendCertOutput) } +func (i *AuthBackendCert) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendCert] { + return pulumix.Output[*AuthBackendCert]{ + OutputState: i.ToAuthBackendCertOutputWithContext(ctx).OutputState, + } +} + // AuthBackendCertArrayInput is an input type that accepts AuthBackendCertArray and AuthBackendCertArrayOutput values. // You can construct a concrete instance of `AuthBackendCertArrayInput` via: // @@ -219,6 +228,12 @@ func (i AuthBackendCertArray) ToAuthBackendCertArrayOutputWithContext(ctx contex return pulumi.ToOutputWithContext(ctx, i).(AuthBackendCertArrayOutput) } +func (i AuthBackendCertArray) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendCert] { + return pulumix.Output[[]*AuthBackendCert]{ + OutputState: i.ToAuthBackendCertArrayOutputWithContext(ctx).OutputState, + } +} + // AuthBackendCertMapInput is an input type that accepts AuthBackendCertMap and AuthBackendCertMapOutput values. // You can construct a concrete instance of `AuthBackendCertMapInput` via: // @@ -244,6 +259,12 @@ func (i AuthBackendCertMap) ToAuthBackendCertMapOutputWithContext(ctx context.Co return pulumi.ToOutputWithContext(ctx, i).(AuthBackendCertMapOutput) } +func (i AuthBackendCertMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendCert] { + return pulumix.Output[map[string]*AuthBackendCert]{ + OutputState: i.ToAuthBackendCertMapOutputWithContext(ctx).OutputState, + } +} + type AuthBackendCertOutput struct{ *pulumi.OutputState } func (AuthBackendCertOutput) ElementType() reflect.Type { @@ -258,6 +279,12 @@ func (o AuthBackendCertOutput) ToAuthBackendCertOutputWithContext(ctx context.Co return o } +func (o AuthBackendCertOutput) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendCert] { + return pulumix.Output[*AuthBackendCert]{ + OutputState: o.OutputState, + } +} + // The Base64 encoded AWS Public key required to // verify PKCS7 signature of the EC2 instance metadata. You can find this key in // the [AWS @@ -306,6 +333,12 @@ func (o AuthBackendCertArrayOutput) ToAuthBackendCertArrayOutputWithContext(ctx return o } +func (o AuthBackendCertArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendCert] { + return pulumix.Output[[]*AuthBackendCert]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendCertArrayOutput) Index(i pulumi.IntInput) AuthBackendCertOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AuthBackendCert { return vs[0].([]*AuthBackendCert)[vs[1].(int)] @@ -326,6 +359,12 @@ func (o AuthBackendCertMapOutput) ToAuthBackendCertMapOutputWithContext(ctx cont return o } +func (o AuthBackendCertMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendCert] { + return pulumix.Output[map[string]*AuthBackendCert]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendCertMapOutput) MapIndex(k pulumi.StringInput) AuthBackendCertOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AuthBackendCert { return vs[0].(map[string]*AuthBackendCert)[vs[1].(string)] diff --git a/sdk/go/vault/aws/authBackendClient.go b/sdk/go/vault/aws/authBackendClient.go index 799f67095..a63d2c5f5 100644 --- a/sdk/go/vault/aws/authBackendClient.go +++ b/sdk/go/vault/aws/authBackendClient.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -103,16 +105,17 @@ func NewAuthBackendClient(ctx *pulumi.Context, } if args.AccessKey != nil { - args.AccessKey = pulumi.ToSecret(args.AccessKey).(pulumi.StringPtrOutput) + args.AccessKey = pulumi.ToSecret(args.AccessKey).(pulumi.StringPtrInput) } if args.SecretKey != nil { - args.SecretKey = pulumi.ToSecret(args.SecretKey).(pulumi.StringPtrOutput) + args.SecretKey = pulumi.ToSecret(args.SecretKey).(pulumi.StringPtrInput) } secrets := pulumi.AdditionalSecretOutputs([]string{ "accessKey", "secretKey", }) opts = append(opts, secrets) + opts = internal.PkgResourceDefaultOpts(opts) var resource AuthBackendClient err := ctx.RegisterResource("vault:aws/authBackendClient:AuthBackendClient", name, args, &resource, opts...) if err != nil { @@ -318,6 +321,12 @@ func (i *AuthBackendClient) ToAuthBackendClientOutputWithContext(ctx context.Con return pulumi.ToOutputWithContext(ctx, i).(AuthBackendClientOutput) } +func (i *AuthBackendClient) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendClient] { + return pulumix.Output[*AuthBackendClient]{ + OutputState: i.ToAuthBackendClientOutputWithContext(ctx).OutputState, + } +} + // AuthBackendClientArrayInput is an input type that accepts AuthBackendClientArray and AuthBackendClientArrayOutput values. // You can construct a concrete instance of `AuthBackendClientArrayInput` via: // @@ -343,6 +352,12 @@ func (i AuthBackendClientArray) ToAuthBackendClientArrayOutputWithContext(ctx co return pulumi.ToOutputWithContext(ctx, i).(AuthBackendClientArrayOutput) } +func (i AuthBackendClientArray) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendClient] { + return pulumix.Output[[]*AuthBackendClient]{ + OutputState: i.ToAuthBackendClientArrayOutputWithContext(ctx).OutputState, + } +} + // AuthBackendClientMapInput is an input type that accepts AuthBackendClientMap and AuthBackendClientMapOutput values. // You can construct a concrete instance of `AuthBackendClientMapInput` via: // @@ -368,6 +383,12 @@ func (i AuthBackendClientMap) ToAuthBackendClientMapOutputWithContext(ctx contex return pulumi.ToOutputWithContext(ctx, i).(AuthBackendClientMapOutput) } +func (i AuthBackendClientMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendClient] { + return pulumix.Output[map[string]*AuthBackendClient]{ + OutputState: i.ToAuthBackendClientMapOutputWithContext(ctx).OutputState, + } +} + type AuthBackendClientOutput struct{ *pulumi.OutputState } func (AuthBackendClientOutput) ElementType() reflect.Type { @@ -382,6 +403,12 @@ func (o AuthBackendClientOutput) ToAuthBackendClientOutputWithContext(ctx contex return o } +func (o AuthBackendClientOutput) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendClient] { + return pulumix.Output[*AuthBackendClient]{ + OutputState: o.OutputState, + } +} + // The AWS access key that Vault should use for the // auth backend. func (o AuthBackendClientOutput) AccessKey() pulumi.StringPtrOutput { @@ -462,6 +489,12 @@ func (o AuthBackendClientArrayOutput) ToAuthBackendClientArrayOutputWithContext( return o } +func (o AuthBackendClientArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendClient] { + return pulumix.Output[[]*AuthBackendClient]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendClientArrayOutput) Index(i pulumi.IntInput) AuthBackendClientOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AuthBackendClient { return vs[0].([]*AuthBackendClient)[vs[1].(int)] @@ -482,6 +515,12 @@ func (o AuthBackendClientMapOutput) ToAuthBackendClientMapOutputWithContext(ctx return o } +func (o AuthBackendClientMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendClient] { + return pulumix.Output[map[string]*AuthBackendClient]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendClientMapOutput) MapIndex(k pulumi.StringInput) AuthBackendClientOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AuthBackendClient { return vs[0].(map[string]*AuthBackendClient)[vs[1].(string)] diff --git a/sdk/go/vault/aws/authBackendConfigIdentity.go b/sdk/go/vault/aws/authBackendConfigIdentity.go index 4b257b8c8..2e599d82c 100644 --- a/sdk/go/vault/aws/authBackendConfigIdentity.go +++ b/sdk/go/vault/aws/authBackendConfigIdentity.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Manages an AWS auth backend identity configuration in a Vault server. This configuration defines how Vault interacts @@ -92,6 +94,7 @@ func NewAuthBackendConfigIdentity(ctx *pulumi.Context, args = &AuthBackendConfigIdentityArgs{} } + opts = internal.PkgResourceDefaultOpts(opts) var resource AuthBackendConfigIdentity err := ctx.RegisterResource("vault:aws/authBackendConfigIdentity:AuthBackendConfigIdentity", name, args, &resource, opts...) if err != nil { @@ -229,6 +232,12 @@ func (i *AuthBackendConfigIdentity) ToAuthBackendConfigIdentityOutputWithContext return pulumi.ToOutputWithContext(ctx, i).(AuthBackendConfigIdentityOutput) } +func (i *AuthBackendConfigIdentity) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendConfigIdentity] { + return pulumix.Output[*AuthBackendConfigIdentity]{ + OutputState: i.ToAuthBackendConfigIdentityOutputWithContext(ctx).OutputState, + } +} + // AuthBackendConfigIdentityArrayInput is an input type that accepts AuthBackendConfigIdentityArray and AuthBackendConfigIdentityArrayOutput values. // You can construct a concrete instance of `AuthBackendConfigIdentityArrayInput` via: // @@ -254,6 +263,12 @@ func (i AuthBackendConfigIdentityArray) ToAuthBackendConfigIdentityArrayOutputWi return pulumi.ToOutputWithContext(ctx, i).(AuthBackendConfigIdentityArrayOutput) } +func (i AuthBackendConfigIdentityArray) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendConfigIdentity] { + return pulumix.Output[[]*AuthBackendConfigIdentity]{ + OutputState: i.ToAuthBackendConfigIdentityArrayOutputWithContext(ctx).OutputState, + } +} + // AuthBackendConfigIdentityMapInput is an input type that accepts AuthBackendConfigIdentityMap and AuthBackendConfigIdentityMapOutput values. // You can construct a concrete instance of `AuthBackendConfigIdentityMapInput` via: // @@ -279,6 +294,12 @@ func (i AuthBackendConfigIdentityMap) ToAuthBackendConfigIdentityMapOutputWithCo return pulumi.ToOutputWithContext(ctx, i).(AuthBackendConfigIdentityMapOutput) } +func (i AuthBackendConfigIdentityMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendConfigIdentity] { + return pulumix.Output[map[string]*AuthBackendConfigIdentity]{ + OutputState: i.ToAuthBackendConfigIdentityMapOutputWithContext(ctx).OutputState, + } +} + type AuthBackendConfigIdentityOutput struct{ *pulumi.OutputState } func (AuthBackendConfigIdentityOutput) ElementType() reflect.Type { @@ -293,6 +314,12 @@ func (o AuthBackendConfigIdentityOutput) ToAuthBackendConfigIdentityOutputWithCo return o } +func (o AuthBackendConfigIdentityOutput) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendConfigIdentity] { + return pulumix.Output[*AuthBackendConfigIdentity]{ + OutputState: o.OutputState, + } +} + // Unique name of the auth backend to configure. func (o AuthBackendConfigIdentityOutput) Backend() pulumi.StringPtrOutput { return o.ApplyT(func(v *AuthBackendConfigIdentity) pulumi.StringPtrOutput { return v.Backend }).(pulumi.StringPtrOutput) @@ -344,6 +371,12 @@ func (o AuthBackendConfigIdentityArrayOutput) ToAuthBackendConfigIdentityArrayOu return o } +func (o AuthBackendConfigIdentityArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendConfigIdentity] { + return pulumix.Output[[]*AuthBackendConfigIdentity]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendConfigIdentityArrayOutput) Index(i pulumi.IntInput) AuthBackendConfigIdentityOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AuthBackendConfigIdentity { return vs[0].([]*AuthBackendConfigIdentity)[vs[1].(int)] @@ -364,6 +397,12 @@ func (o AuthBackendConfigIdentityMapOutput) ToAuthBackendConfigIdentityMapOutput return o } +func (o AuthBackendConfigIdentityMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendConfigIdentity] { + return pulumix.Output[map[string]*AuthBackendConfigIdentity]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendConfigIdentityMapOutput) MapIndex(k pulumi.StringInput) AuthBackendConfigIdentityOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AuthBackendConfigIdentity { return vs[0].(map[string]*AuthBackendConfigIdentity)[vs[1].(string)] diff --git a/sdk/go/vault/aws/authBackendIdentityWhitelist.go b/sdk/go/vault/aws/authBackendIdentityWhitelist.go index 6454a218f..fe8d6e5b7 100644 --- a/sdk/go/vault/aws/authBackendIdentityWhitelist.go +++ b/sdk/go/vault/aws/authBackendIdentityWhitelist.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Configures the periodic tidying operation of the whitelisted identity entries. @@ -84,6 +86,7 @@ func NewAuthBackendIdentityWhitelist(ctx *pulumi.Context, args = &AuthBackendIdentityWhitelistArgs{} } + opts = internal.PkgResourceDefaultOpts(opts) var resource AuthBackendIdentityWhitelist err := ctx.RegisterResource("vault:aws/authBackendIdentityWhitelist:AuthBackendIdentityWhitelist", name, args, &resource, opts...) if err != nil { @@ -201,6 +204,12 @@ func (i *AuthBackendIdentityWhitelist) ToAuthBackendIdentityWhitelistOutputWithC return pulumi.ToOutputWithContext(ctx, i).(AuthBackendIdentityWhitelistOutput) } +func (i *AuthBackendIdentityWhitelist) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendIdentityWhitelist] { + return pulumix.Output[*AuthBackendIdentityWhitelist]{ + OutputState: i.ToAuthBackendIdentityWhitelistOutputWithContext(ctx).OutputState, + } +} + // AuthBackendIdentityWhitelistArrayInput is an input type that accepts AuthBackendIdentityWhitelistArray and AuthBackendIdentityWhitelistArrayOutput values. // You can construct a concrete instance of `AuthBackendIdentityWhitelistArrayInput` via: // @@ -226,6 +235,12 @@ func (i AuthBackendIdentityWhitelistArray) ToAuthBackendIdentityWhitelistArrayOu return pulumi.ToOutputWithContext(ctx, i).(AuthBackendIdentityWhitelistArrayOutput) } +func (i AuthBackendIdentityWhitelistArray) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendIdentityWhitelist] { + return pulumix.Output[[]*AuthBackendIdentityWhitelist]{ + OutputState: i.ToAuthBackendIdentityWhitelistArrayOutputWithContext(ctx).OutputState, + } +} + // AuthBackendIdentityWhitelistMapInput is an input type that accepts AuthBackendIdentityWhitelistMap and AuthBackendIdentityWhitelistMapOutput values. // You can construct a concrete instance of `AuthBackendIdentityWhitelistMapInput` via: // @@ -251,6 +266,12 @@ func (i AuthBackendIdentityWhitelistMap) ToAuthBackendIdentityWhitelistMapOutput return pulumi.ToOutputWithContext(ctx, i).(AuthBackendIdentityWhitelistMapOutput) } +func (i AuthBackendIdentityWhitelistMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendIdentityWhitelist] { + return pulumix.Output[map[string]*AuthBackendIdentityWhitelist]{ + OutputState: i.ToAuthBackendIdentityWhitelistMapOutputWithContext(ctx).OutputState, + } +} + type AuthBackendIdentityWhitelistOutput struct{ *pulumi.OutputState } func (AuthBackendIdentityWhitelistOutput) ElementType() reflect.Type { @@ -265,6 +286,12 @@ func (o AuthBackendIdentityWhitelistOutput) ToAuthBackendIdentityWhitelistOutput return o } +func (o AuthBackendIdentityWhitelistOutput) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendIdentityWhitelist] { + return pulumix.Output[*AuthBackendIdentityWhitelist]{ + OutputState: o.OutputState, + } +} + // The path of the AWS backend being configured. func (o AuthBackendIdentityWhitelistOutput) Backend() pulumi.StringPtrOutput { return o.ApplyT(func(v *AuthBackendIdentityWhitelist) pulumi.StringPtrOutput { return v.Backend }).(pulumi.StringPtrOutput) @@ -305,6 +332,12 @@ func (o AuthBackendIdentityWhitelistArrayOutput) ToAuthBackendIdentityWhitelistA return o } +func (o AuthBackendIdentityWhitelistArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendIdentityWhitelist] { + return pulumix.Output[[]*AuthBackendIdentityWhitelist]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendIdentityWhitelistArrayOutput) Index(i pulumi.IntInput) AuthBackendIdentityWhitelistOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AuthBackendIdentityWhitelist { return vs[0].([]*AuthBackendIdentityWhitelist)[vs[1].(int)] @@ -325,6 +358,12 @@ func (o AuthBackendIdentityWhitelistMapOutput) ToAuthBackendIdentityWhitelistMap return o } +func (o AuthBackendIdentityWhitelistMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendIdentityWhitelist] { + return pulumix.Output[map[string]*AuthBackendIdentityWhitelist]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendIdentityWhitelistMapOutput) MapIndex(k pulumi.StringInput) AuthBackendIdentityWhitelistOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AuthBackendIdentityWhitelist { return vs[0].(map[string]*AuthBackendIdentityWhitelist)[vs[1].(string)] diff --git a/sdk/go/vault/aws/authBackendLogin.go b/sdk/go/vault/aws/authBackendLogin.go index 55d5ff76b..fe6afa7a2 100644 --- a/sdk/go/vault/aws/authBackendLogin.go +++ b/sdk/go/vault/aws/authBackendLogin.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Logs into a Vault server using an AWS auth backend. Login can be @@ -87,6 +89,7 @@ func NewAuthBackendLogin(ctx *pulumi.Context, "clientToken", }) opts = append(opts, secrets) + opts = internal.PkgResourceDefaultOpts(opts) var resource AuthBackendLogin err := ctx.RegisterResource("vault:aws/authBackendLogin:AuthBackendLogin", name, args, &resource, opts...) if err != nil { @@ -340,6 +343,12 @@ func (i *AuthBackendLogin) ToAuthBackendLoginOutputWithContext(ctx context.Conte return pulumi.ToOutputWithContext(ctx, i).(AuthBackendLoginOutput) } +func (i *AuthBackendLogin) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendLogin] { + return pulumix.Output[*AuthBackendLogin]{ + OutputState: i.ToAuthBackendLoginOutputWithContext(ctx).OutputState, + } +} + // AuthBackendLoginArrayInput is an input type that accepts AuthBackendLoginArray and AuthBackendLoginArrayOutput values. // You can construct a concrete instance of `AuthBackendLoginArrayInput` via: // @@ -365,6 +374,12 @@ func (i AuthBackendLoginArray) ToAuthBackendLoginArrayOutputWithContext(ctx cont return pulumi.ToOutputWithContext(ctx, i).(AuthBackendLoginArrayOutput) } +func (i AuthBackendLoginArray) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendLogin] { + return pulumix.Output[[]*AuthBackendLogin]{ + OutputState: i.ToAuthBackendLoginArrayOutputWithContext(ctx).OutputState, + } +} + // AuthBackendLoginMapInput is an input type that accepts AuthBackendLoginMap and AuthBackendLoginMapOutput values. // You can construct a concrete instance of `AuthBackendLoginMapInput` via: // @@ -390,6 +405,12 @@ func (i AuthBackendLoginMap) ToAuthBackendLoginMapOutputWithContext(ctx context. return pulumi.ToOutputWithContext(ctx, i).(AuthBackendLoginMapOutput) } +func (i AuthBackendLoginMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendLogin] { + return pulumix.Output[map[string]*AuthBackendLogin]{ + OutputState: i.ToAuthBackendLoginMapOutputWithContext(ctx).OutputState, + } +} + type AuthBackendLoginOutput struct{ *pulumi.OutputState } func (AuthBackendLoginOutput) ElementType() reflect.Type { @@ -404,6 +425,12 @@ func (o AuthBackendLoginOutput) ToAuthBackendLoginOutputWithContext(ctx context. return o } +func (o AuthBackendLoginOutput) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendLogin] { + return pulumix.Output[*AuthBackendLogin]{ + OutputState: o.OutputState, + } +} + // The token's accessor. func (o AuthBackendLoginOutput) Accessor() pulumi.StringOutput { return o.ApplyT(func(v *AuthBackendLogin) pulumi.StringOutput { return v.Accessor }).(pulumi.StringOutput) @@ -532,6 +559,12 @@ func (o AuthBackendLoginArrayOutput) ToAuthBackendLoginArrayOutputWithContext(ct return o } +func (o AuthBackendLoginArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendLogin] { + return pulumix.Output[[]*AuthBackendLogin]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendLoginArrayOutput) Index(i pulumi.IntInput) AuthBackendLoginOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AuthBackendLogin { return vs[0].([]*AuthBackendLogin)[vs[1].(int)] @@ -552,6 +585,12 @@ func (o AuthBackendLoginMapOutput) ToAuthBackendLoginMapOutputWithContext(ctx co return o } +func (o AuthBackendLoginMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendLogin] { + return pulumix.Output[map[string]*AuthBackendLogin]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendLoginMapOutput) MapIndex(k pulumi.StringInput) AuthBackendLoginOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AuthBackendLogin { return vs[0].(map[string]*AuthBackendLogin)[vs[1].(string)] diff --git a/sdk/go/vault/aws/authBackendRole.go b/sdk/go/vault/aws/authBackendRole.go index 1c9555400..73f9f12f2 100644 --- a/sdk/go/vault/aws/authBackendRole.go +++ b/sdk/go/vault/aws/authBackendRole.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Manages an AWS auth backend role in a Vault server. Roles constrain the @@ -232,6 +234,7 @@ func NewAuthBackendRole(ctx *pulumi.Context, if args.Role == nil { return nil, errors.New("invalid value for required argument 'Role'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource AuthBackendRole err := ctx.RegisterResource("vault:aws/authBackendRole:AuthBackendRole", name, args, &resource, opts...) if err != nil { @@ -805,6 +808,12 @@ func (i *AuthBackendRole) ToAuthBackendRoleOutputWithContext(ctx context.Context return pulumi.ToOutputWithContext(ctx, i).(AuthBackendRoleOutput) } +func (i *AuthBackendRole) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendRole] { + return pulumix.Output[*AuthBackendRole]{ + OutputState: i.ToAuthBackendRoleOutputWithContext(ctx).OutputState, + } +} + // AuthBackendRoleArrayInput is an input type that accepts AuthBackendRoleArray and AuthBackendRoleArrayOutput values. // You can construct a concrete instance of `AuthBackendRoleArrayInput` via: // @@ -830,6 +839,12 @@ func (i AuthBackendRoleArray) ToAuthBackendRoleArrayOutputWithContext(ctx contex return pulumi.ToOutputWithContext(ctx, i).(AuthBackendRoleArrayOutput) } +func (i AuthBackendRoleArray) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendRole] { + return pulumix.Output[[]*AuthBackendRole]{ + OutputState: i.ToAuthBackendRoleArrayOutputWithContext(ctx).OutputState, + } +} + // AuthBackendRoleMapInput is an input type that accepts AuthBackendRoleMap and AuthBackendRoleMapOutput values. // You can construct a concrete instance of `AuthBackendRoleMapInput` via: // @@ -855,6 +870,12 @@ func (i AuthBackendRoleMap) ToAuthBackendRoleMapOutputWithContext(ctx context.Co return pulumi.ToOutputWithContext(ctx, i).(AuthBackendRoleMapOutput) } +func (i AuthBackendRoleMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendRole] { + return pulumix.Output[map[string]*AuthBackendRole]{ + OutputState: i.ToAuthBackendRoleMapOutputWithContext(ctx).OutputState, + } +} + type AuthBackendRoleOutput struct{ *pulumi.OutputState } func (AuthBackendRoleOutput) ElementType() reflect.Type { @@ -869,6 +890,12 @@ func (o AuthBackendRoleOutput) ToAuthBackendRoleOutputWithContext(ctx context.Co return o } +func (o AuthBackendRoleOutput) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendRole] { + return pulumix.Output[*AuthBackendRole]{ + OutputState: o.OutputState, + } +} + // If set to `true`, allows migration of // the underlying instance where the client resides. func (o AuthBackendRoleOutput) AllowInstanceMigration() pulumi.BoolPtrOutput { @@ -1099,6 +1126,12 @@ func (o AuthBackendRoleArrayOutput) ToAuthBackendRoleArrayOutputWithContext(ctx return o } +func (o AuthBackendRoleArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendRole] { + return pulumix.Output[[]*AuthBackendRole]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendRoleArrayOutput) Index(i pulumi.IntInput) AuthBackendRoleOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AuthBackendRole { return vs[0].([]*AuthBackendRole)[vs[1].(int)] @@ -1119,6 +1152,12 @@ func (o AuthBackendRoleMapOutput) ToAuthBackendRoleMapOutputWithContext(ctx cont return o } +func (o AuthBackendRoleMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendRole] { + return pulumix.Output[map[string]*AuthBackendRole]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendRoleMapOutput) MapIndex(k pulumi.StringInput) AuthBackendRoleOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AuthBackendRole { return vs[0].(map[string]*AuthBackendRole)[vs[1].(string)] diff --git a/sdk/go/vault/aws/authBackendRoleTag.go b/sdk/go/vault/aws/authBackendRoleTag.go index 1264228cd..c760158e3 100644 --- a/sdk/go/vault/aws/authBackendRoleTag.go +++ b/sdk/go/vault/aws/authBackendRoleTag.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Reads role tag information from an AWS auth backend in Vault. @@ -52,6 +54,7 @@ func NewAuthBackendRoleTag(ctx *pulumi.Context, if args.Role == nil { return nil, errors.New("invalid value for required argument 'Role'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource AuthBackendRoleTag err := ctx.RegisterResource("vault:aws/authBackendRoleTag:AuthBackendRoleTag", name, args, &resource, opts...) if err != nil { @@ -205,6 +208,12 @@ func (i *AuthBackendRoleTag) ToAuthBackendRoleTagOutputWithContext(ctx context.C return pulumi.ToOutputWithContext(ctx, i).(AuthBackendRoleTagOutput) } +func (i *AuthBackendRoleTag) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendRoleTag] { + return pulumix.Output[*AuthBackendRoleTag]{ + OutputState: i.ToAuthBackendRoleTagOutputWithContext(ctx).OutputState, + } +} + // AuthBackendRoleTagArrayInput is an input type that accepts AuthBackendRoleTagArray and AuthBackendRoleTagArrayOutput values. // You can construct a concrete instance of `AuthBackendRoleTagArrayInput` via: // @@ -230,6 +239,12 @@ func (i AuthBackendRoleTagArray) ToAuthBackendRoleTagArrayOutputWithContext(ctx return pulumi.ToOutputWithContext(ctx, i).(AuthBackendRoleTagArrayOutput) } +func (i AuthBackendRoleTagArray) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendRoleTag] { + return pulumix.Output[[]*AuthBackendRoleTag]{ + OutputState: i.ToAuthBackendRoleTagArrayOutputWithContext(ctx).OutputState, + } +} + // AuthBackendRoleTagMapInput is an input type that accepts AuthBackendRoleTagMap and AuthBackendRoleTagMapOutput values. // You can construct a concrete instance of `AuthBackendRoleTagMapInput` via: // @@ -255,6 +270,12 @@ func (i AuthBackendRoleTagMap) ToAuthBackendRoleTagMapOutputWithContext(ctx cont return pulumi.ToOutputWithContext(ctx, i).(AuthBackendRoleTagMapOutput) } +func (i AuthBackendRoleTagMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendRoleTag] { + return pulumix.Output[map[string]*AuthBackendRoleTag]{ + OutputState: i.ToAuthBackendRoleTagMapOutputWithContext(ctx).OutputState, + } +} + type AuthBackendRoleTagOutput struct{ *pulumi.OutputState } func (AuthBackendRoleTagOutput) ElementType() reflect.Type { @@ -269,6 +290,12 @@ func (o AuthBackendRoleTagOutput) ToAuthBackendRoleTagOutputWithContext(ctx cont return o } +func (o AuthBackendRoleTagOutput) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendRoleTag] { + return pulumix.Output[*AuthBackendRoleTag]{ + OutputState: o.OutputState, + } +} + // If set, allows migration of the underlying instances where the client resides. Use with caution. func (o AuthBackendRoleTagOutput) AllowInstanceMigration() pulumi.BoolPtrOutput { return o.ApplyT(func(v *AuthBackendRoleTag) pulumi.BoolPtrOutput { return v.AllowInstanceMigration }).(pulumi.BoolPtrOutput) @@ -338,6 +365,12 @@ func (o AuthBackendRoleTagArrayOutput) ToAuthBackendRoleTagArrayOutputWithContex return o } +func (o AuthBackendRoleTagArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendRoleTag] { + return pulumix.Output[[]*AuthBackendRoleTag]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendRoleTagArrayOutput) Index(i pulumi.IntInput) AuthBackendRoleTagOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AuthBackendRoleTag { return vs[0].([]*AuthBackendRoleTag)[vs[1].(int)] @@ -358,6 +391,12 @@ func (o AuthBackendRoleTagMapOutput) ToAuthBackendRoleTagMapOutputWithContext(ct return o } +func (o AuthBackendRoleTagMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendRoleTag] { + return pulumix.Output[map[string]*AuthBackendRoleTag]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendRoleTagMapOutput) MapIndex(k pulumi.StringInput) AuthBackendRoleTagOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AuthBackendRoleTag { return vs[0].(map[string]*AuthBackendRoleTag)[vs[1].(string)] diff --git a/sdk/go/vault/aws/authBackendRoletagBlacklist.go b/sdk/go/vault/aws/authBackendRoletagBlacklist.go index 44ac4cd32..283e95041 100644 --- a/sdk/go/vault/aws/authBackendRoletagBlacklist.go +++ b/sdk/go/vault/aws/authBackendRoletagBlacklist.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Configures the periodic tidying operation of the blacklisted role tag entries. @@ -76,6 +78,7 @@ func NewAuthBackendRoletagBlacklist(ctx *pulumi.Context, if args.Backend == nil { return nil, errors.New("invalid value for required argument 'Backend'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource AuthBackendRoletagBlacklist err := ctx.RegisterResource("vault:aws/authBackendRoletagBlacklist:AuthBackendRoletagBlacklist", name, args, &resource, opts...) if err != nil { @@ -197,6 +200,12 @@ func (i *AuthBackendRoletagBlacklist) ToAuthBackendRoletagBlacklistOutputWithCon return pulumi.ToOutputWithContext(ctx, i).(AuthBackendRoletagBlacklistOutput) } +func (i *AuthBackendRoletagBlacklist) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendRoletagBlacklist] { + return pulumix.Output[*AuthBackendRoletagBlacklist]{ + OutputState: i.ToAuthBackendRoletagBlacklistOutputWithContext(ctx).OutputState, + } +} + // AuthBackendRoletagBlacklistArrayInput is an input type that accepts AuthBackendRoletagBlacklistArray and AuthBackendRoletagBlacklistArrayOutput values. // You can construct a concrete instance of `AuthBackendRoletagBlacklistArrayInput` via: // @@ -222,6 +231,12 @@ func (i AuthBackendRoletagBlacklistArray) ToAuthBackendRoletagBlacklistArrayOutp return pulumi.ToOutputWithContext(ctx, i).(AuthBackendRoletagBlacklistArrayOutput) } +func (i AuthBackendRoletagBlacklistArray) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendRoletagBlacklist] { + return pulumix.Output[[]*AuthBackendRoletagBlacklist]{ + OutputState: i.ToAuthBackendRoletagBlacklistArrayOutputWithContext(ctx).OutputState, + } +} + // AuthBackendRoletagBlacklistMapInput is an input type that accepts AuthBackendRoletagBlacklistMap and AuthBackendRoletagBlacklistMapOutput values. // You can construct a concrete instance of `AuthBackendRoletagBlacklistMapInput` via: // @@ -247,6 +262,12 @@ func (i AuthBackendRoletagBlacklistMap) ToAuthBackendRoletagBlacklistMapOutputWi return pulumi.ToOutputWithContext(ctx, i).(AuthBackendRoletagBlacklistMapOutput) } +func (i AuthBackendRoletagBlacklistMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendRoletagBlacklist] { + return pulumix.Output[map[string]*AuthBackendRoletagBlacklist]{ + OutputState: i.ToAuthBackendRoletagBlacklistMapOutputWithContext(ctx).OutputState, + } +} + type AuthBackendRoletagBlacklistOutput struct{ *pulumi.OutputState } func (AuthBackendRoletagBlacklistOutput) ElementType() reflect.Type { @@ -261,6 +282,12 @@ func (o AuthBackendRoletagBlacklistOutput) ToAuthBackendRoletagBlacklistOutputWi return o } +func (o AuthBackendRoletagBlacklistOutput) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendRoletagBlacklist] { + return pulumix.Output[*AuthBackendRoletagBlacklist]{ + OutputState: o.OutputState, + } +} + // The path the AWS auth backend being configured was // mounted at. func (o AuthBackendRoletagBlacklistOutput) Backend() pulumi.StringOutput { @@ -302,6 +329,12 @@ func (o AuthBackendRoletagBlacklistArrayOutput) ToAuthBackendRoletagBlacklistArr return o } +func (o AuthBackendRoletagBlacklistArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendRoletagBlacklist] { + return pulumix.Output[[]*AuthBackendRoletagBlacklist]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendRoletagBlacklistArrayOutput) Index(i pulumi.IntInput) AuthBackendRoletagBlacklistOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AuthBackendRoletagBlacklist { return vs[0].([]*AuthBackendRoletagBlacklist)[vs[1].(int)] @@ -322,6 +355,12 @@ func (o AuthBackendRoletagBlacklistMapOutput) ToAuthBackendRoletagBlacklistMapOu return o } +func (o AuthBackendRoletagBlacklistMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendRoletagBlacklist] { + return pulumix.Output[map[string]*AuthBackendRoletagBlacklist]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendRoletagBlacklistMapOutput) MapIndex(k pulumi.StringInput) AuthBackendRoletagBlacklistOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AuthBackendRoletagBlacklist { return vs[0].(map[string]*AuthBackendRoletagBlacklist)[vs[1].(string)] diff --git a/sdk/go/vault/aws/authBackendStsRole.go b/sdk/go/vault/aws/authBackendStsRole.go index 858e36656..a87ded211 100644 --- a/sdk/go/vault/aws/authBackendStsRole.go +++ b/sdk/go/vault/aws/authBackendStsRole.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -86,6 +88,7 @@ func NewAuthBackendStsRole(ctx *pulumi.Context, if args.StsRole == nil { return nil, errors.New("invalid value for required argument 'StsRole'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource AuthBackendStsRole err := ctx.RegisterResource("vault:aws/authBackendStsRole:AuthBackendStsRole", name, args, &resource, opts...) if err != nil { @@ -199,6 +202,12 @@ func (i *AuthBackendStsRole) ToAuthBackendStsRoleOutputWithContext(ctx context.C return pulumi.ToOutputWithContext(ctx, i).(AuthBackendStsRoleOutput) } +func (i *AuthBackendStsRole) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendStsRole] { + return pulumix.Output[*AuthBackendStsRole]{ + OutputState: i.ToAuthBackendStsRoleOutputWithContext(ctx).OutputState, + } +} + // AuthBackendStsRoleArrayInput is an input type that accepts AuthBackendStsRoleArray and AuthBackendStsRoleArrayOutput values. // You can construct a concrete instance of `AuthBackendStsRoleArrayInput` via: // @@ -224,6 +233,12 @@ func (i AuthBackendStsRoleArray) ToAuthBackendStsRoleArrayOutputWithContext(ctx return pulumi.ToOutputWithContext(ctx, i).(AuthBackendStsRoleArrayOutput) } +func (i AuthBackendStsRoleArray) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendStsRole] { + return pulumix.Output[[]*AuthBackendStsRole]{ + OutputState: i.ToAuthBackendStsRoleArrayOutputWithContext(ctx).OutputState, + } +} + // AuthBackendStsRoleMapInput is an input type that accepts AuthBackendStsRoleMap and AuthBackendStsRoleMapOutput values. // You can construct a concrete instance of `AuthBackendStsRoleMapInput` via: // @@ -249,6 +264,12 @@ func (i AuthBackendStsRoleMap) ToAuthBackendStsRoleMapOutputWithContext(ctx cont return pulumi.ToOutputWithContext(ctx, i).(AuthBackendStsRoleMapOutput) } +func (i AuthBackendStsRoleMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendStsRole] { + return pulumix.Output[map[string]*AuthBackendStsRole]{ + OutputState: i.ToAuthBackendStsRoleMapOutputWithContext(ctx).OutputState, + } +} + type AuthBackendStsRoleOutput struct{ *pulumi.OutputState } func (AuthBackendStsRoleOutput) ElementType() reflect.Type { @@ -263,6 +284,12 @@ func (o AuthBackendStsRoleOutput) ToAuthBackendStsRoleOutputWithContext(ctx cont return o } +func (o AuthBackendStsRoleOutput) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendStsRole] { + return pulumix.Output[*AuthBackendStsRole]{ + OutputState: o.OutputState, + } +} + // The AWS account ID to configure the STS role for. func (o AuthBackendStsRoleOutput) AccountId() pulumi.StringOutput { return o.ApplyT(func(v *AuthBackendStsRole) pulumi.StringOutput { return v.AccountId }).(pulumi.StringOutput) @@ -302,6 +329,12 @@ func (o AuthBackendStsRoleArrayOutput) ToAuthBackendStsRoleArrayOutputWithContex return o } +func (o AuthBackendStsRoleArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendStsRole] { + return pulumix.Output[[]*AuthBackendStsRole]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendStsRoleArrayOutput) Index(i pulumi.IntInput) AuthBackendStsRoleOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AuthBackendStsRole { return vs[0].([]*AuthBackendStsRole)[vs[1].(int)] @@ -322,6 +355,12 @@ func (o AuthBackendStsRoleMapOutput) ToAuthBackendStsRoleMapOutputWithContext(ct return o } +func (o AuthBackendStsRoleMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendStsRole] { + return pulumix.Output[map[string]*AuthBackendStsRole]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendStsRoleMapOutput) MapIndex(k pulumi.StringInput) AuthBackendStsRoleOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AuthBackendStsRole { return vs[0].(map[string]*AuthBackendStsRole)[vs[1].(string)] diff --git a/sdk/go/vault/aws/getAccessCredentials.go b/sdk/go/vault/aws/getAccessCredentials.go index e7c2ded71..4992dc082 100644 --- a/sdk/go/vault/aws/getAccessCredentials.go +++ b/sdk/go/vault/aws/getAccessCredentials.go @@ -7,10 +7,13 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) func GetAccessCredentials(ctx *pulumi.Context, args *GetAccessCredentialsArgs, opts ...pulumi.InvokeOption) (*GetAccessCredentialsResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) var rv GetAccessCredentialsResult err := ctx.Invoke("vault:aws/getAccessCredentials:getAccessCredentials", args, &rv, opts...) if err != nil { @@ -138,6 +141,12 @@ func (o GetAccessCredentialsResultOutput) ToGetAccessCredentialsResultOutputWith return o } +func (o GetAccessCredentialsResultOutput) ToOutput(ctx context.Context) pulumix.Output[GetAccessCredentialsResult] { + return pulumix.Output[GetAccessCredentialsResult]{ + OutputState: o.OutputState, + } +} + // The AWS Access Key ID returned by Vault. func (o GetAccessCredentialsResultOutput) AccessKey() pulumi.StringOutput { return o.ApplyT(func(v GetAccessCredentialsResult) string { return v.AccessKey }).(pulumi.StringOutput) diff --git a/sdk/go/vault/aws/getStaticAccessCredentials.go b/sdk/go/vault/aws/getStaticAccessCredentials.go new file mode 100644 index 000000000..ac17f8639 --- /dev/null +++ b/sdk/go/vault/aws/getStaticAccessCredentials.go @@ -0,0 +1,115 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package aws + +import ( + "context" + "reflect" + + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" +) + +func GetStaticAccessCredentials(ctx *pulumi.Context, args *GetStaticAccessCredentialsArgs, opts ...pulumi.InvokeOption) (*GetStaticAccessCredentialsResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) + var rv GetStaticAccessCredentialsResult + err := ctx.Invoke("vault:aws/getStaticAccessCredentials:getStaticAccessCredentials", args, &rv, opts...) + if err != nil { + return nil, err + } + return &rv, nil +} + +// A collection of arguments for invoking getStaticAccessCredentials. +type GetStaticAccessCredentialsArgs struct { + Backend string `pulumi:"backend"` + Name string `pulumi:"name"` + Namespace *string `pulumi:"namespace"` +} + +// A collection of values returned by getStaticAccessCredentials. +type GetStaticAccessCredentialsResult struct { + AccessKey string `pulumi:"accessKey"` + Backend string `pulumi:"backend"` + // The provider-assigned unique ID for this managed resource. + Id string `pulumi:"id"` + Name string `pulumi:"name"` + Namespace *string `pulumi:"namespace"` + SecretKey string `pulumi:"secretKey"` +} + +func GetStaticAccessCredentialsOutput(ctx *pulumi.Context, args GetStaticAccessCredentialsOutputArgs, opts ...pulumi.InvokeOption) GetStaticAccessCredentialsResultOutput { + return pulumi.ToOutputWithContext(context.Background(), args). + ApplyT(func(v interface{}) (GetStaticAccessCredentialsResult, error) { + args := v.(GetStaticAccessCredentialsArgs) + r, err := GetStaticAccessCredentials(ctx, &args, opts...) + var s GetStaticAccessCredentialsResult + if r != nil { + s = *r + } + return s, err + }).(GetStaticAccessCredentialsResultOutput) +} + +// A collection of arguments for invoking getStaticAccessCredentials. +type GetStaticAccessCredentialsOutputArgs struct { + Backend pulumi.StringInput `pulumi:"backend"` + Name pulumi.StringInput `pulumi:"name"` + Namespace pulumi.StringPtrInput `pulumi:"namespace"` +} + +func (GetStaticAccessCredentialsOutputArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetStaticAccessCredentialsArgs)(nil)).Elem() +} + +// A collection of values returned by getStaticAccessCredentials. +type GetStaticAccessCredentialsResultOutput struct{ *pulumi.OutputState } + +func (GetStaticAccessCredentialsResultOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetStaticAccessCredentialsResult)(nil)).Elem() +} + +func (o GetStaticAccessCredentialsResultOutput) ToGetStaticAccessCredentialsResultOutput() GetStaticAccessCredentialsResultOutput { + return o +} + +func (o GetStaticAccessCredentialsResultOutput) ToGetStaticAccessCredentialsResultOutputWithContext(ctx context.Context) GetStaticAccessCredentialsResultOutput { + return o +} + +func (o GetStaticAccessCredentialsResultOutput) ToOutput(ctx context.Context) pulumix.Output[GetStaticAccessCredentialsResult] { + return pulumix.Output[GetStaticAccessCredentialsResult]{ + OutputState: o.OutputState, + } +} + +func (o GetStaticAccessCredentialsResultOutput) AccessKey() pulumi.StringOutput { + return o.ApplyT(func(v GetStaticAccessCredentialsResult) string { return v.AccessKey }).(pulumi.StringOutput) +} + +func (o GetStaticAccessCredentialsResultOutput) Backend() pulumi.StringOutput { + return o.ApplyT(func(v GetStaticAccessCredentialsResult) string { return v.Backend }).(pulumi.StringOutput) +} + +// The provider-assigned unique ID for this managed resource. +func (o GetStaticAccessCredentialsResultOutput) Id() pulumi.StringOutput { + return o.ApplyT(func(v GetStaticAccessCredentialsResult) string { return v.Id }).(pulumi.StringOutput) +} + +func (o GetStaticAccessCredentialsResultOutput) Name() pulumi.StringOutput { + return o.ApplyT(func(v GetStaticAccessCredentialsResult) string { return v.Name }).(pulumi.StringOutput) +} + +func (o GetStaticAccessCredentialsResultOutput) Namespace() pulumi.StringPtrOutput { + return o.ApplyT(func(v GetStaticAccessCredentialsResult) *string { return v.Namespace }).(pulumi.StringPtrOutput) +} + +func (o GetStaticAccessCredentialsResultOutput) SecretKey() pulumi.StringOutput { + return o.ApplyT(func(v GetStaticAccessCredentialsResult) string { return v.SecretKey }).(pulumi.StringOutput) +} + +func init() { + pulumi.RegisterOutputType(GetStaticAccessCredentialsResultOutput{}) +} diff --git a/sdk/go/vault/aws/init.go b/sdk/go/vault/aws/init.go index 23da26dde..0b9908443 100644 --- a/sdk/go/vault/aws/init.go +++ b/sdk/go/vault/aws/init.go @@ -7,7 +7,7 @@ import ( "fmt" "github.com/blang/semver" - "github.com/pulumi/pulumi-vault/sdk/v5/go/vault" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) @@ -54,7 +54,7 @@ func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi } func init() { - version, err := vault.PkgVersion() + version, err := internal.PkgVersion() if err != nil { version = semver.Version{Major: 1} } diff --git a/sdk/go/vault/aws/secretBackend.go b/sdk/go/vault/aws/secretBackend.go index ecc1ac452..149acd6eb 100644 --- a/sdk/go/vault/aws/secretBackend.go +++ b/sdk/go/vault/aws/secretBackend.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Import @@ -48,10 +50,9 @@ type SecretBackend struct { // The unique path this backend should be mounted at. Must // not begin or end with a `/`. Defaults to `aws`. Path pulumi.StringPtrOutput `pulumi:"path"` - // The AWS region for API calls. Defaults to `us-east-1`. + // The AWS region to make API calls against. Defaults to us-east-1. Region pulumi.StringOutput `pulumi:"region"` - // The AWS Secret Key this backend should use to - // issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials. + // The AWS Secret Access Key to use when generating new credentials. SecretKey pulumi.StringPtrOutput `pulumi:"secretKey"` // Specifies a custom HTTP STS endpoint to use. StsEndpoint pulumi.StringPtrOutput `pulumi:"stsEndpoint"` @@ -67,16 +68,17 @@ func NewSecretBackend(ctx *pulumi.Context, } if args.AccessKey != nil { - args.AccessKey = pulumi.ToSecret(args.AccessKey).(pulumi.StringPtrOutput) + args.AccessKey = pulumi.ToSecret(args.AccessKey).(pulumi.StringPtrInput) } if args.SecretKey != nil { - args.SecretKey = pulumi.ToSecret(args.SecretKey).(pulumi.StringPtrOutput) + args.SecretKey = pulumi.ToSecret(args.SecretKey).(pulumi.StringPtrInput) } secrets := pulumi.AdditionalSecretOutputs([]string{ "accessKey", "secretKey", }) opts = append(opts, secrets) + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretBackend err := ctx.RegisterResource("vault:aws/secretBackend:SecretBackend", name, args, &resource, opts...) if err != nil { @@ -125,10 +127,9 @@ type secretBackendState struct { // The unique path this backend should be mounted at. Must // not begin or end with a `/`. Defaults to `aws`. Path *string `pulumi:"path"` - // The AWS region for API calls. Defaults to `us-east-1`. + // The AWS region to make API calls against. Defaults to us-east-1. Region *string `pulumi:"region"` - // The AWS Secret Key this backend should use to - // issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials. + // The AWS Secret Access Key to use when generating new credentials. SecretKey *string `pulumi:"secretKey"` // Specifies a custom HTTP STS endpoint to use. StsEndpoint *string `pulumi:"stsEndpoint"` @@ -163,10 +164,9 @@ type SecretBackendState struct { // The unique path this backend should be mounted at. Must // not begin or end with a `/`. Defaults to `aws`. Path pulumi.StringPtrInput - // The AWS region for API calls. Defaults to `us-east-1`. + // The AWS region to make API calls against. Defaults to us-east-1. Region pulumi.StringPtrInput - // The AWS Secret Key this backend should use to - // issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials. + // The AWS Secret Access Key to use when generating new credentials. SecretKey pulumi.StringPtrInput // Specifies a custom HTTP STS endpoint to use. StsEndpoint pulumi.StringPtrInput @@ -205,10 +205,9 @@ type secretBackendArgs struct { // The unique path this backend should be mounted at. Must // not begin or end with a `/`. Defaults to `aws`. Path *string `pulumi:"path"` - // The AWS region for API calls. Defaults to `us-east-1`. + // The AWS region to make API calls against. Defaults to us-east-1. Region *string `pulumi:"region"` - // The AWS Secret Key this backend should use to - // issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials. + // The AWS Secret Access Key to use when generating new credentials. SecretKey *string `pulumi:"secretKey"` // Specifies a custom HTTP STS endpoint to use. StsEndpoint *string `pulumi:"stsEndpoint"` @@ -244,10 +243,9 @@ type SecretBackendArgs struct { // The unique path this backend should be mounted at. Must // not begin or end with a `/`. Defaults to `aws`. Path pulumi.StringPtrInput - // The AWS region for API calls. Defaults to `us-east-1`. + // The AWS region to make API calls against. Defaults to us-east-1. Region pulumi.StringPtrInput - // The AWS Secret Key this backend should use to - // issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials. + // The AWS Secret Access Key to use when generating new credentials. SecretKey pulumi.StringPtrInput // Specifies a custom HTTP STS endpoint to use. StsEndpoint pulumi.StringPtrInput @@ -278,6 +276,12 @@ func (i *SecretBackend) ToSecretBackendOutputWithContext(ctx context.Context) Se return pulumi.ToOutputWithContext(ctx, i).(SecretBackendOutput) } +func (i *SecretBackend) ToOutput(ctx context.Context) pulumix.Output[*SecretBackend] { + return pulumix.Output[*SecretBackend]{ + OutputState: i.ToSecretBackendOutputWithContext(ctx).OutputState, + } +} + // SecretBackendArrayInput is an input type that accepts SecretBackendArray and SecretBackendArrayOutput values. // You can construct a concrete instance of `SecretBackendArrayInput` via: // @@ -303,6 +307,12 @@ func (i SecretBackendArray) ToSecretBackendArrayOutputWithContext(ctx context.Co return pulumi.ToOutputWithContext(ctx, i).(SecretBackendArrayOutput) } +func (i SecretBackendArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackend] { + return pulumix.Output[[]*SecretBackend]{ + OutputState: i.ToSecretBackendArrayOutputWithContext(ctx).OutputState, + } +} + // SecretBackendMapInput is an input type that accepts SecretBackendMap and SecretBackendMapOutput values. // You can construct a concrete instance of `SecretBackendMapInput` via: // @@ -328,6 +338,12 @@ func (i SecretBackendMap) ToSecretBackendMapOutputWithContext(ctx context.Contex return pulumi.ToOutputWithContext(ctx, i).(SecretBackendMapOutput) } +func (i SecretBackendMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackend] { + return pulumix.Output[map[string]*SecretBackend]{ + OutputState: i.ToSecretBackendMapOutputWithContext(ctx).OutputState, + } +} + type SecretBackendOutput struct{ *pulumi.OutputState } func (SecretBackendOutput) ElementType() reflect.Type { @@ -342,6 +358,12 @@ func (o SecretBackendOutput) ToSecretBackendOutputWithContext(ctx context.Contex return o } +func (o SecretBackendOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackend] { + return pulumix.Output[*SecretBackend]{ + OutputState: o.OutputState, + } +} + // The AWS Access Key ID this backend should use to // issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials. func (o SecretBackendOutput) AccessKey() pulumi.StringPtrOutput { @@ -395,13 +417,12 @@ func (o SecretBackendOutput) Path() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackend) pulumi.StringPtrOutput { return v.Path }).(pulumi.StringPtrOutput) } -// The AWS region for API calls. Defaults to `us-east-1`. +// The AWS region to make API calls against. Defaults to us-east-1. func (o SecretBackendOutput) Region() pulumi.StringOutput { return o.ApplyT(func(v *SecretBackend) pulumi.StringOutput { return v.Region }).(pulumi.StringOutput) } -// The AWS Secret Key this backend should use to -// issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials. +// The AWS Secret Access Key to use when generating new credentials. func (o SecretBackendOutput) SecretKey() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackend) pulumi.StringPtrOutput { return v.SecretKey }).(pulumi.StringPtrOutput) } @@ -430,6 +451,12 @@ func (o SecretBackendArrayOutput) ToSecretBackendArrayOutputWithContext(ctx cont return o } +func (o SecretBackendArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackend] { + return pulumix.Output[[]*SecretBackend]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendArrayOutput) Index(i pulumi.IntInput) SecretBackendOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretBackend { return vs[0].([]*SecretBackend)[vs[1].(int)] @@ -450,6 +477,12 @@ func (o SecretBackendMapOutput) ToSecretBackendMapOutputWithContext(ctx context. return o } +func (o SecretBackendMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackend] { + return pulumix.Output[map[string]*SecretBackend]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendMapOutput) MapIndex(k pulumi.StringInput) SecretBackendOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretBackend { return vs[0].(map[string]*SecretBackend)[vs[1].(string)] diff --git a/sdk/go/vault/aws/secretBackendRole.go b/sdk/go/vault/aws/secretBackendRole.go index c6c8b31fc..35667d00d 100644 --- a/sdk/go/vault/aws/secretBackendRole.go +++ b/sdk/go/vault/aws/secretBackendRole.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -35,7 +37,19 @@ import ( // _, err = aws.NewSecretBackendRole(ctx, "role", &aws.SecretBackendRoleArgs{ // Backend: aws.Path, // CredentialType: pulumi.String("iam_user"), -// PolicyDocument: pulumi.String("{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": \"iam:*\",\n \"Resource\": \"*\"\n }\n ]\n}\n"), +// PolicyDocument: pulumi.String(`{ +// "Version": "2012-10-17", +// "Statement": [ +// { +// "Effect": "Allow", +// "Action": "iam:*", +// "Resource": "*" +// } +// ] +// } +// +// `), +// // }) // if err != nil { // return err @@ -131,6 +145,7 @@ func NewSecretBackendRole(ctx *pulumi.Context, if args.CredentialType == nil { return nil, errors.New("invalid value for required argument 'CredentialType'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretBackendRole err := ctx.RegisterResource("vault:aws/secretBackendRole:SecretBackendRole", name, args, &resource, opts...) if err != nil { @@ -424,6 +439,12 @@ func (i *SecretBackendRole) ToSecretBackendRoleOutputWithContext(ctx context.Con return pulumi.ToOutputWithContext(ctx, i).(SecretBackendRoleOutput) } +func (i *SecretBackendRole) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendRole] { + return pulumix.Output[*SecretBackendRole]{ + OutputState: i.ToSecretBackendRoleOutputWithContext(ctx).OutputState, + } +} + // SecretBackendRoleArrayInput is an input type that accepts SecretBackendRoleArray and SecretBackendRoleArrayOutput values. // You can construct a concrete instance of `SecretBackendRoleArrayInput` via: // @@ -449,6 +470,12 @@ func (i SecretBackendRoleArray) ToSecretBackendRoleArrayOutputWithContext(ctx co return pulumi.ToOutputWithContext(ctx, i).(SecretBackendRoleArrayOutput) } +func (i SecretBackendRoleArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendRole] { + return pulumix.Output[[]*SecretBackendRole]{ + OutputState: i.ToSecretBackendRoleArrayOutputWithContext(ctx).OutputState, + } +} + // SecretBackendRoleMapInput is an input type that accepts SecretBackendRoleMap and SecretBackendRoleMapOutput values. // You can construct a concrete instance of `SecretBackendRoleMapInput` via: // @@ -474,6 +501,12 @@ func (i SecretBackendRoleMap) ToSecretBackendRoleMapOutputWithContext(ctx contex return pulumi.ToOutputWithContext(ctx, i).(SecretBackendRoleMapOutput) } +func (i SecretBackendRoleMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendRole] { + return pulumix.Output[map[string]*SecretBackendRole]{ + OutputState: i.ToSecretBackendRoleMapOutputWithContext(ctx).OutputState, + } +} + type SecretBackendRoleOutput struct{ *pulumi.OutputState } func (SecretBackendRoleOutput) ElementType() reflect.Type { @@ -488,6 +521,12 @@ func (o SecretBackendRoleOutput) ToSecretBackendRoleOutputWithContext(ctx contex return o } +func (o SecretBackendRoleOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendRole] { + return pulumix.Output[*SecretBackendRole]{ + OutputState: o.OutputState, + } +} + // The path the AWS secret backend is mounted at, // with no leading or trailing `/`s. func (o SecretBackendRoleOutput) Backend() pulumi.StringOutput { @@ -596,6 +635,12 @@ func (o SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutputWithContext( return o } +func (o SecretBackendRoleArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendRole] { + return pulumix.Output[[]*SecretBackendRole]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendRoleArrayOutput) Index(i pulumi.IntInput) SecretBackendRoleOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretBackendRole { return vs[0].([]*SecretBackendRole)[vs[1].(int)] @@ -616,6 +661,12 @@ func (o SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutputWithContext(ctx return o } +func (o SecretBackendRoleMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendRole] { + return pulumix.Output[map[string]*SecretBackendRole]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendRoleMapOutput) MapIndex(k pulumi.StringInput) SecretBackendRoleOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretBackendRole { return vs[0].(map[string]*SecretBackendRole)[vs[1].(string)] diff --git a/sdk/go/vault/aws/secretBackendStaticRole.go b/sdk/go/vault/aws/secretBackendStaticRole.go index 809510ef9..0ed2c9772 100644 --- a/sdk/go/vault/aws/secretBackendStaticRole.go +++ b/sdk/go/vault/aws/secretBackendStaticRole.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -88,6 +90,7 @@ func NewSecretBackendStaticRole(ctx *pulumi.Context, if args.Username == nil { return nil, errors.New("invalid value for required argument 'Username'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretBackendStaticRole err := ctx.RegisterResource("vault:aws/secretBackendStaticRole:SecretBackendStaticRole", name, args, &resource, opts...) if err != nil { @@ -209,6 +212,12 @@ func (i *SecretBackendStaticRole) ToSecretBackendStaticRoleOutputWithContext(ctx return pulumi.ToOutputWithContext(ctx, i).(SecretBackendStaticRoleOutput) } +func (i *SecretBackendStaticRole) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendStaticRole] { + return pulumix.Output[*SecretBackendStaticRole]{ + OutputState: i.ToSecretBackendStaticRoleOutputWithContext(ctx).OutputState, + } +} + // SecretBackendStaticRoleArrayInput is an input type that accepts SecretBackendStaticRoleArray and SecretBackendStaticRoleArrayOutput values. // You can construct a concrete instance of `SecretBackendStaticRoleArrayInput` via: // @@ -234,6 +243,12 @@ func (i SecretBackendStaticRoleArray) ToSecretBackendStaticRoleArrayOutputWithCo return pulumi.ToOutputWithContext(ctx, i).(SecretBackendStaticRoleArrayOutput) } +func (i SecretBackendStaticRoleArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendStaticRole] { + return pulumix.Output[[]*SecretBackendStaticRole]{ + OutputState: i.ToSecretBackendStaticRoleArrayOutputWithContext(ctx).OutputState, + } +} + // SecretBackendStaticRoleMapInput is an input type that accepts SecretBackendStaticRoleMap and SecretBackendStaticRoleMapOutput values. // You can construct a concrete instance of `SecretBackendStaticRoleMapInput` via: // @@ -259,6 +274,12 @@ func (i SecretBackendStaticRoleMap) ToSecretBackendStaticRoleMapOutputWithContex return pulumi.ToOutputWithContext(ctx, i).(SecretBackendStaticRoleMapOutput) } +func (i SecretBackendStaticRoleMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendStaticRole] { + return pulumix.Output[map[string]*SecretBackendStaticRole]{ + OutputState: i.ToSecretBackendStaticRoleMapOutputWithContext(ctx).OutputState, + } +} + type SecretBackendStaticRoleOutput struct{ *pulumi.OutputState } func (SecretBackendStaticRoleOutput) ElementType() reflect.Type { @@ -273,6 +294,12 @@ func (o SecretBackendStaticRoleOutput) ToSecretBackendStaticRoleOutputWithContex return o } +func (o SecretBackendStaticRoleOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendStaticRole] { + return pulumix.Output[*SecretBackendStaticRole]{ + OutputState: o.OutputState, + } +} + // The unique path this backend should be mounted at. Must // not begin or end with a `/`. Defaults to `aws` func (o SecretBackendStaticRoleOutput) Backend() pulumi.StringPtrOutput { @@ -317,6 +344,12 @@ func (o SecretBackendStaticRoleArrayOutput) ToSecretBackendStaticRoleArrayOutput return o } +func (o SecretBackendStaticRoleArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendStaticRole] { + return pulumix.Output[[]*SecretBackendStaticRole]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendStaticRoleArrayOutput) Index(i pulumi.IntInput) SecretBackendStaticRoleOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretBackendStaticRole { return vs[0].([]*SecretBackendStaticRole)[vs[1].(int)] @@ -337,6 +370,12 @@ func (o SecretBackendStaticRoleMapOutput) ToSecretBackendStaticRoleMapOutputWith return o } +func (o SecretBackendStaticRoleMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendStaticRole] { + return pulumix.Output[map[string]*SecretBackendStaticRole]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendStaticRoleMapOutput) MapIndex(k pulumi.StringInput) SecretBackendStaticRoleOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretBackendStaticRole { return vs[0].(map[string]*SecretBackendStaticRole)[vs[1].(string)] diff --git a/sdk/go/vault/azure/authBackendConfig.go b/sdk/go/vault/azure/authBackendConfig.go index 895382850..df9021e71 100644 --- a/sdk/go/vault/azure/authBackendConfig.go +++ b/sdk/go/vault/azure/authBackendConfig.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -100,13 +102,13 @@ func NewAuthBackendConfig(ctx *pulumi.Context, return nil, errors.New("invalid value for required argument 'TenantId'") } if args.ClientId != nil { - args.ClientId = pulumi.ToSecret(args.ClientId).(pulumi.StringPtrOutput) + args.ClientId = pulumi.ToSecret(args.ClientId).(pulumi.StringPtrInput) } if args.ClientSecret != nil { - args.ClientSecret = pulumi.ToSecret(args.ClientSecret).(pulumi.StringPtrOutput) + args.ClientSecret = pulumi.ToSecret(args.ClientSecret).(pulumi.StringPtrInput) } if args.TenantId != nil { - args.TenantId = pulumi.ToSecret(args.TenantId).(pulumi.StringOutput) + args.TenantId = pulumi.ToSecret(args.TenantId).(pulumi.StringInput) } secrets := pulumi.AdditionalSecretOutputs([]string{ "clientId", @@ -114,6 +116,7 @@ func NewAuthBackendConfig(ctx *pulumi.Context, "tenantId", }) opts = append(opts, secrets) + opts = internal.PkgResourceDefaultOpts(opts) var resource AuthBackendConfig err := ctx.RegisterResource("vault:azure/authBackendConfig:AuthBackendConfig", name, args, &resource, opts...) if err != nil { @@ -271,6 +274,12 @@ func (i *AuthBackendConfig) ToAuthBackendConfigOutputWithContext(ctx context.Con return pulumi.ToOutputWithContext(ctx, i).(AuthBackendConfigOutput) } +func (i *AuthBackendConfig) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendConfig] { + return pulumix.Output[*AuthBackendConfig]{ + OutputState: i.ToAuthBackendConfigOutputWithContext(ctx).OutputState, + } +} + // AuthBackendConfigArrayInput is an input type that accepts AuthBackendConfigArray and AuthBackendConfigArrayOutput values. // You can construct a concrete instance of `AuthBackendConfigArrayInput` via: // @@ -296,6 +305,12 @@ func (i AuthBackendConfigArray) ToAuthBackendConfigArrayOutputWithContext(ctx co return pulumi.ToOutputWithContext(ctx, i).(AuthBackendConfigArrayOutput) } +func (i AuthBackendConfigArray) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendConfig] { + return pulumix.Output[[]*AuthBackendConfig]{ + OutputState: i.ToAuthBackendConfigArrayOutputWithContext(ctx).OutputState, + } +} + // AuthBackendConfigMapInput is an input type that accepts AuthBackendConfigMap and AuthBackendConfigMapOutput values. // You can construct a concrete instance of `AuthBackendConfigMapInput` via: // @@ -321,6 +336,12 @@ func (i AuthBackendConfigMap) ToAuthBackendConfigMapOutputWithContext(ctx contex return pulumi.ToOutputWithContext(ctx, i).(AuthBackendConfigMapOutput) } +func (i AuthBackendConfigMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendConfig] { + return pulumix.Output[map[string]*AuthBackendConfig]{ + OutputState: i.ToAuthBackendConfigMapOutputWithContext(ctx).OutputState, + } +} + type AuthBackendConfigOutput struct{ *pulumi.OutputState } func (AuthBackendConfigOutput) ElementType() reflect.Type { @@ -335,6 +356,12 @@ func (o AuthBackendConfigOutput) ToAuthBackendConfigOutputWithContext(ctx contex return o } +func (o AuthBackendConfigOutput) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendConfig] { + return pulumix.Output[*AuthBackendConfig]{ + OutputState: o.OutputState, + } +} + // The path the Azure auth backend being configured was // mounted at. Defaults to `azure`. func (o AuthBackendConfigOutput) Backend() pulumi.StringPtrOutput { @@ -394,6 +421,12 @@ func (o AuthBackendConfigArrayOutput) ToAuthBackendConfigArrayOutputWithContext( return o } +func (o AuthBackendConfigArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendConfig] { + return pulumix.Output[[]*AuthBackendConfig]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendConfigArrayOutput) Index(i pulumi.IntInput) AuthBackendConfigOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AuthBackendConfig { return vs[0].([]*AuthBackendConfig)[vs[1].(int)] @@ -414,6 +447,12 @@ func (o AuthBackendConfigMapOutput) ToAuthBackendConfigMapOutputWithContext(ctx return o } +func (o AuthBackendConfigMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendConfig] { + return pulumix.Output[map[string]*AuthBackendConfig]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendConfigMapOutput) MapIndex(k pulumi.StringInput) AuthBackendConfigOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AuthBackendConfig { return vs[0].(map[string]*AuthBackendConfig)[vs[1].(string)] diff --git a/sdk/go/vault/azure/authBackendRole.go b/sdk/go/vault/azure/authBackendRole.go index 1792aec7a..783e5effa 100644 --- a/sdk/go/vault/azure/authBackendRole.go +++ b/sdk/go/vault/azure/authBackendRole.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Manages an Azure auth backend role in a Vault server. Roles constrain the @@ -156,6 +158,7 @@ func NewAuthBackendRole(ctx *pulumi.Context, if args.Role == nil { return nil, errors.New("invalid value for required argument 'Role'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource AuthBackendRole err := ctx.RegisterResource("vault:azure/authBackendRole:AuthBackendRole", name, args, &resource, opts...) if err != nil { @@ -489,6 +492,12 @@ func (i *AuthBackendRole) ToAuthBackendRoleOutputWithContext(ctx context.Context return pulumi.ToOutputWithContext(ctx, i).(AuthBackendRoleOutput) } +func (i *AuthBackendRole) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendRole] { + return pulumix.Output[*AuthBackendRole]{ + OutputState: i.ToAuthBackendRoleOutputWithContext(ctx).OutputState, + } +} + // AuthBackendRoleArrayInput is an input type that accepts AuthBackendRoleArray and AuthBackendRoleArrayOutput values. // You can construct a concrete instance of `AuthBackendRoleArrayInput` via: // @@ -514,6 +523,12 @@ func (i AuthBackendRoleArray) ToAuthBackendRoleArrayOutputWithContext(ctx contex return pulumi.ToOutputWithContext(ctx, i).(AuthBackendRoleArrayOutput) } +func (i AuthBackendRoleArray) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendRole] { + return pulumix.Output[[]*AuthBackendRole]{ + OutputState: i.ToAuthBackendRoleArrayOutputWithContext(ctx).OutputState, + } +} + // AuthBackendRoleMapInput is an input type that accepts AuthBackendRoleMap and AuthBackendRoleMapOutput values. // You can construct a concrete instance of `AuthBackendRoleMapInput` via: // @@ -539,6 +554,12 @@ func (i AuthBackendRoleMap) ToAuthBackendRoleMapOutputWithContext(ctx context.Co return pulumi.ToOutputWithContext(ctx, i).(AuthBackendRoleMapOutput) } +func (i AuthBackendRoleMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendRole] { + return pulumix.Output[map[string]*AuthBackendRole]{ + OutputState: i.ToAuthBackendRoleMapOutputWithContext(ctx).OutputState, + } +} + type AuthBackendRoleOutput struct{ *pulumi.OutputState } func (AuthBackendRoleOutput) ElementType() reflect.Type { @@ -553,6 +574,12 @@ func (o AuthBackendRoleOutput) ToAuthBackendRoleOutputWithContext(ctx context.Co return o } +func (o AuthBackendRoleOutput) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendRole] { + return pulumix.Output[*AuthBackendRole]{ + OutputState: o.OutputState, + } +} + // Unique name of the auth backend to configure. func (o AuthBackendRoleOutput) Backend() pulumi.StringPtrOutput { return o.ApplyT(func(v *AuthBackendRole) pulumi.StringPtrOutput { return v.Backend }).(pulumi.StringPtrOutput) @@ -689,6 +716,12 @@ func (o AuthBackendRoleArrayOutput) ToAuthBackendRoleArrayOutputWithContext(ctx return o } +func (o AuthBackendRoleArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendRole] { + return pulumix.Output[[]*AuthBackendRole]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendRoleArrayOutput) Index(i pulumi.IntInput) AuthBackendRoleOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AuthBackendRole { return vs[0].([]*AuthBackendRole)[vs[1].(int)] @@ -709,6 +742,12 @@ func (o AuthBackendRoleMapOutput) ToAuthBackendRoleMapOutputWithContext(ctx cont return o } +func (o AuthBackendRoleMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendRole] { + return pulumix.Output[map[string]*AuthBackendRole]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendRoleMapOutput) MapIndex(k pulumi.StringInput) AuthBackendRoleOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AuthBackendRole { return vs[0].(map[string]*AuthBackendRole)[vs[1].(string)] diff --git a/sdk/go/vault/azure/backend.go b/sdk/go/vault/azure/backend.go index 4900cee33..4d0202554 100644 --- a/sdk/go/vault/azure/backend.go +++ b/sdk/go/vault/azure/backend.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -75,31 +77,31 @@ import ( type Backend struct { pulumi.CustomResourceState - // - The OAuth2 client id to connect to Azure. + // The OAuth2 client id to connect to Azure. ClientId pulumi.StringPtrOutput `pulumi:"clientId"` - // - The OAuth2 client secret to connect to Azure. + // The OAuth2 client secret to connect to Azure. ClientSecret pulumi.StringPtrOutput `pulumi:"clientSecret"` // Human-friendly description of the mount for the backend. Description pulumi.StringPtrOutput `pulumi:"description"` // If set, opts out of mount migration on path updates. // See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) DisableRemount pulumi.BoolPtrOutput `pulumi:"disableRemount"` - // - The Azure environment. + // The Azure environment. Environment pulumi.StringPtrOutput `pulumi:"environment"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrOutput `pulumi:"namespace"` - // - The unique path this backend should be mounted at. Defaults to `azure`. + // The unique path this backend should be mounted at. Defaults to `azure`. Path pulumi.StringPtrOutput `pulumi:"path"` - // - The subscription id for the Azure Active Directory. + // The subscription id for the Azure Active Directory. SubscriptionId pulumi.StringOutput `pulumi:"subscriptionId"` - // - The tenant id for the Azure Active Directory. + // The tenant id for the Azure Active Directory. TenantId pulumi.StringOutput `pulumi:"tenantId"` - // - Indicates whether the secrets engine should use - // the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. - // For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) + // Indicates whether the secrets engine should use + // the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. + // For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) UseMicrosoftGraphApi pulumi.BoolOutput `pulumi:"useMicrosoftGraphApi"` } @@ -117,16 +119,16 @@ func NewBackend(ctx *pulumi.Context, return nil, errors.New("invalid value for required argument 'TenantId'") } if args.ClientId != nil { - args.ClientId = pulumi.ToSecret(args.ClientId).(pulumi.StringPtrOutput) + args.ClientId = pulumi.ToSecret(args.ClientId).(pulumi.StringPtrInput) } if args.ClientSecret != nil { - args.ClientSecret = pulumi.ToSecret(args.ClientSecret).(pulumi.StringPtrOutput) + args.ClientSecret = pulumi.ToSecret(args.ClientSecret).(pulumi.StringPtrInput) } if args.SubscriptionId != nil { - args.SubscriptionId = pulumi.ToSecret(args.SubscriptionId).(pulumi.StringOutput) + args.SubscriptionId = pulumi.ToSecret(args.SubscriptionId).(pulumi.StringInput) } if args.TenantId != nil { - args.TenantId = pulumi.ToSecret(args.TenantId).(pulumi.StringOutput) + args.TenantId = pulumi.ToSecret(args.TenantId).(pulumi.StringInput) } secrets := pulumi.AdditionalSecretOutputs([]string{ "clientId", @@ -135,6 +137,7 @@ func NewBackend(ctx *pulumi.Context, "tenantId", }) opts = append(opts, secrets) + opts = internal.PkgResourceDefaultOpts(opts) var resource Backend err := ctx.RegisterResource("vault:azure/backend:Backend", name, args, &resource, opts...) if err != nil { @@ -157,60 +160,60 @@ func GetBackend(ctx *pulumi.Context, // Input properties used for looking up and filtering Backend resources. type backendState struct { - // - The OAuth2 client id to connect to Azure. + // The OAuth2 client id to connect to Azure. ClientId *string `pulumi:"clientId"` - // - The OAuth2 client secret to connect to Azure. + // The OAuth2 client secret to connect to Azure. ClientSecret *string `pulumi:"clientSecret"` // Human-friendly description of the mount for the backend. Description *string `pulumi:"description"` // If set, opts out of mount migration on path updates. // See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) DisableRemount *bool `pulumi:"disableRemount"` - // - The Azure environment. + // The Azure environment. Environment *string `pulumi:"environment"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). // *Available only for Vault Enterprise*. Namespace *string `pulumi:"namespace"` - // - The unique path this backend should be mounted at. Defaults to `azure`. + // The unique path this backend should be mounted at. Defaults to `azure`. Path *string `pulumi:"path"` - // - The subscription id for the Azure Active Directory. + // The subscription id for the Azure Active Directory. SubscriptionId *string `pulumi:"subscriptionId"` - // - The tenant id for the Azure Active Directory. + // The tenant id for the Azure Active Directory. TenantId *string `pulumi:"tenantId"` - // - Indicates whether the secrets engine should use - // the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. - // For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) + // Indicates whether the secrets engine should use + // the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. + // For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) UseMicrosoftGraphApi *bool `pulumi:"useMicrosoftGraphApi"` } type BackendState struct { - // - The OAuth2 client id to connect to Azure. + // The OAuth2 client id to connect to Azure. ClientId pulumi.StringPtrInput - // - The OAuth2 client secret to connect to Azure. + // The OAuth2 client secret to connect to Azure. ClientSecret pulumi.StringPtrInput // Human-friendly description of the mount for the backend. Description pulumi.StringPtrInput // If set, opts out of mount migration on path updates. // See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) DisableRemount pulumi.BoolPtrInput - // - The Azure environment. + // The Azure environment. Environment pulumi.StringPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput - // - The unique path this backend should be mounted at. Defaults to `azure`. + // The unique path this backend should be mounted at. Defaults to `azure`. Path pulumi.StringPtrInput - // - The subscription id for the Azure Active Directory. + // The subscription id for the Azure Active Directory. SubscriptionId pulumi.StringPtrInput - // - The tenant id for the Azure Active Directory. + // The tenant id for the Azure Active Directory. TenantId pulumi.StringPtrInput - // - Indicates whether the secrets engine should use - // the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. - // For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) + // Indicates whether the secrets engine should use + // the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. + // For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) UseMicrosoftGraphApi pulumi.BoolPtrInput } @@ -219,61 +222,61 @@ func (BackendState) ElementType() reflect.Type { } type backendArgs struct { - // - The OAuth2 client id to connect to Azure. + // The OAuth2 client id to connect to Azure. ClientId *string `pulumi:"clientId"` - // - The OAuth2 client secret to connect to Azure. + // The OAuth2 client secret to connect to Azure. ClientSecret *string `pulumi:"clientSecret"` // Human-friendly description of the mount for the backend. Description *string `pulumi:"description"` // If set, opts out of mount migration on path updates. // See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) DisableRemount *bool `pulumi:"disableRemount"` - // - The Azure environment. + // The Azure environment. Environment *string `pulumi:"environment"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). // *Available only for Vault Enterprise*. Namespace *string `pulumi:"namespace"` - // - The unique path this backend should be mounted at. Defaults to `azure`. + // The unique path this backend should be mounted at. Defaults to `azure`. Path *string `pulumi:"path"` - // - The subscription id for the Azure Active Directory. + // The subscription id for the Azure Active Directory. SubscriptionId string `pulumi:"subscriptionId"` - // - The tenant id for the Azure Active Directory. + // The tenant id for the Azure Active Directory. TenantId string `pulumi:"tenantId"` - // - Indicates whether the secrets engine should use - // the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. - // For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) + // Indicates whether the secrets engine should use + // the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. + // For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) UseMicrosoftGraphApi *bool `pulumi:"useMicrosoftGraphApi"` } // The set of arguments for constructing a Backend resource. type BackendArgs struct { - // - The OAuth2 client id to connect to Azure. + // The OAuth2 client id to connect to Azure. ClientId pulumi.StringPtrInput - // - The OAuth2 client secret to connect to Azure. + // The OAuth2 client secret to connect to Azure. ClientSecret pulumi.StringPtrInput // Human-friendly description of the mount for the backend. Description pulumi.StringPtrInput // If set, opts out of mount migration on path updates. // See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) DisableRemount pulumi.BoolPtrInput - // - The Azure environment. + // The Azure environment. Environment pulumi.StringPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput - // - The unique path this backend should be mounted at. Defaults to `azure`. + // The unique path this backend should be mounted at. Defaults to `azure`. Path pulumi.StringPtrInput - // - The subscription id for the Azure Active Directory. + // The subscription id for the Azure Active Directory. SubscriptionId pulumi.StringInput - // - The tenant id for the Azure Active Directory. + // The tenant id for the Azure Active Directory. TenantId pulumi.StringInput - // - Indicates whether the secrets engine should use - // the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. - // For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) + // Indicates whether the secrets engine should use + // the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. + // For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) UseMicrosoftGraphApi pulumi.BoolPtrInput } @@ -300,6 +303,12 @@ func (i *Backend) ToBackendOutputWithContext(ctx context.Context) BackendOutput return pulumi.ToOutputWithContext(ctx, i).(BackendOutput) } +func (i *Backend) ToOutput(ctx context.Context) pulumix.Output[*Backend] { + return pulumix.Output[*Backend]{ + OutputState: i.ToBackendOutputWithContext(ctx).OutputState, + } +} + // BackendArrayInput is an input type that accepts BackendArray and BackendArrayOutput values. // You can construct a concrete instance of `BackendArrayInput` via: // @@ -325,6 +334,12 @@ func (i BackendArray) ToBackendArrayOutputWithContext(ctx context.Context) Backe return pulumi.ToOutputWithContext(ctx, i).(BackendArrayOutput) } +func (i BackendArray) ToOutput(ctx context.Context) pulumix.Output[[]*Backend] { + return pulumix.Output[[]*Backend]{ + OutputState: i.ToBackendArrayOutputWithContext(ctx).OutputState, + } +} + // BackendMapInput is an input type that accepts BackendMap and BackendMapOutput values. // You can construct a concrete instance of `BackendMapInput` via: // @@ -350,6 +365,12 @@ func (i BackendMap) ToBackendMapOutputWithContext(ctx context.Context) BackendMa return pulumi.ToOutputWithContext(ctx, i).(BackendMapOutput) } +func (i BackendMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*Backend] { + return pulumix.Output[map[string]*Backend]{ + OutputState: i.ToBackendMapOutputWithContext(ctx).OutputState, + } +} + type BackendOutput struct{ *pulumi.OutputState } func (BackendOutput) ElementType() reflect.Type { @@ -364,12 +385,18 @@ func (o BackendOutput) ToBackendOutputWithContext(ctx context.Context) BackendOu return o } -// - The OAuth2 client id to connect to Azure. +func (o BackendOutput) ToOutput(ctx context.Context) pulumix.Output[*Backend] { + return pulumix.Output[*Backend]{ + OutputState: o.OutputState, + } +} + +// The OAuth2 client id to connect to Azure. func (o BackendOutput) ClientId() pulumi.StringPtrOutput { return o.ApplyT(func(v *Backend) pulumi.StringPtrOutput { return v.ClientId }).(pulumi.StringPtrOutput) } -// - The OAuth2 client secret to connect to Azure. +// The OAuth2 client secret to connect to Azure. func (o BackendOutput) ClientSecret() pulumi.StringPtrOutput { return o.ApplyT(func(v *Backend) pulumi.StringPtrOutput { return v.ClientSecret }).(pulumi.StringPtrOutput) } @@ -385,7 +412,7 @@ func (o BackendOutput) DisableRemount() pulumi.BoolPtrOutput { return o.ApplyT(func(v *Backend) pulumi.BoolPtrOutput { return v.DisableRemount }).(pulumi.BoolPtrOutput) } -// - The Azure environment. +// The Azure environment. func (o BackendOutput) Environment() pulumi.StringPtrOutput { return o.ApplyT(func(v *Backend) pulumi.StringPtrOutput { return v.Environment }).(pulumi.StringPtrOutput) } @@ -398,24 +425,24 @@ func (o BackendOutput) Namespace() pulumi.StringPtrOutput { return o.ApplyT(func(v *Backend) pulumi.StringPtrOutput { return v.Namespace }).(pulumi.StringPtrOutput) } -// - The unique path this backend should be mounted at. Defaults to `azure`. +// The unique path this backend should be mounted at. Defaults to `azure`. func (o BackendOutput) Path() pulumi.StringPtrOutput { return o.ApplyT(func(v *Backend) pulumi.StringPtrOutput { return v.Path }).(pulumi.StringPtrOutput) } -// - The subscription id for the Azure Active Directory. +// The subscription id for the Azure Active Directory. func (o BackendOutput) SubscriptionId() pulumi.StringOutput { return o.ApplyT(func(v *Backend) pulumi.StringOutput { return v.SubscriptionId }).(pulumi.StringOutput) } -// - The tenant id for the Azure Active Directory. +// The tenant id for the Azure Active Directory. func (o BackendOutput) TenantId() pulumi.StringOutput { return o.ApplyT(func(v *Backend) pulumi.StringOutput { return v.TenantId }).(pulumi.StringOutput) } -// - Indicates whether the secrets engine should use -// the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. -// For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) +// Indicates whether the secrets engine should use +// the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. +// For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) func (o BackendOutput) UseMicrosoftGraphApi() pulumi.BoolOutput { return o.ApplyT(func(v *Backend) pulumi.BoolOutput { return v.UseMicrosoftGraphApi }).(pulumi.BoolOutput) } @@ -434,6 +461,12 @@ func (o BackendArrayOutput) ToBackendArrayOutputWithContext(ctx context.Context) return o } +func (o BackendArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*Backend] { + return pulumix.Output[[]*Backend]{ + OutputState: o.OutputState, + } +} + func (o BackendArrayOutput) Index(i pulumi.IntInput) BackendOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *Backend { return vs[0].([]*Backend)[vs[1].(int)] @@ -454,6 +487,12 @@ func (o BackendMapOutput) ToBackendMapOutputWithContext(ctx context.Context) Bac return o } +func (o BackendMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*Backend] { + return pulumix.Output[map[string]*Backend]{ + OutputState: o.OutputState, + } +} + func (o BackendMapOutput) MapIndex(k pulumi.StringInput) BackendOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *Backend { return vs[0].(map[string]*Backend)[vs[1].(string)] diff --git a/sdk/go/vault/azure/backendRole.go b/sdk/go/vault/azure/backendRole.go index 71188f591..a4f58fd6c 100644 --- a/sdk/go/vault/azure/backendRole.go +++ b/sdk/go/vault/azure/backendRole.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -108,6 +110,7 @@ func NewBackendRole(ctx *pulumi.Context, if args.Role == nil { return nil, errors.New("invalid value for required argument 'Role'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource BackendRole err := ctx.RegisterResource("vault:azure/backendRole:BackendRole", name, args, &resource, opts...) if err != nil { @@ -277,6 +280,12 @@ func (i *BackendRole) ToBackendRoleOutputWithContext(ctx context.Context) Backen return pulumi.ToOutputWithContext(ctx, i).(BackendRoleOutput) } +func (i *BackendRole) ToOutput(ctx context.Context) pulumix.Output[*BackendRole] { + return pulumix.Output[*BackendRole]{ + OutputState: i.ToBackendRoleOutputWithContext(ctx).OutputState, + } +} + // BackendRoleArrayInput is an input type that accepts BackendRoleArray and BackendRoleArrayOutput values. // You can construct a concrete instance of `BackendRoleArrayInput` via: // @@ -302,6 +311,12 @@ func (i BackendRoleArray) ToBackendRoleArrayOutputWithContext(ctx context.Contex return pulumi.ToOutputWithContext(ctx, i).(BackendRoleArrayOutput) } +func (i BackendRoleArray) ToOutput(ctx context.Context) pulumix.Output[[]*BackendRole] { + return pulumix.Output[[]*BackendRole]{ + OutputState: i.ToBackendRoleArrayOutputWithContext(ctx).OutputState, + } +} + // BackendRoleMapInput is an input type that accepts BackendRoleMap and BackendRoleMapOutput values. // You can construct a concrete instance of `BackendRoleMapInput` via: // @@ -327,6 +342,12 @@ func (i BackendRoleMap) ToBackendRoleMapOutputWithContext(ctx context.Context) B return pulumi.ToOutputWithContext(ctx, i).(BackendRoleMapOutput) } +func (i BackendRoleMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*BackendRole] { + return pulumix.Output[map[string]*BackendRole]{ + OutputState: i.ToBackendRoleMapOutputWithContext(ctx).OutputState, + } +} + type BackendRoleOutput struct{ *pulumi.OutputState } func (BackendRoleOutput) ElementType() reflect.Type { @@ -341,6 +362,12 @@ func (o BackendRoleOutput) ToBackendRoleOutputWithContext(ctx context.Context) B return o } +func (o BackendRoleOutput) ToOutput(ctx context.Context) pulumix.Output[*BackendRole] { + return pulumix.Output[*BackendRole]{ + OutputState: o.OutputState, + } +} + // Application Object ID for an existing service principal that will // be used instead of creating dynamic service principals. If present, `azureRoles` and `permanentlyDelete` will be ignored. func (o BackendRoleOutput) ApplicationObjectId() pulumi.StringPtrOutput { @@ -412,6 +439,12 @@ func (o BackendRoleArrayOutput) ToBackendRoleArrayOutputWithContext(ctx context. return o } +func (o BackendRoleArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*BackendRole] { + return pulumix.Output[[]*BackendRole]{ + OutputState: o.OutputState, + } +} + func (o BackendRoleArrayOutput) Index(i pulumi.IntInput) BackendRoleOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *BackendRole { return vs[0].([]*BackendRole)[vs[1].(int)] @@ -432,6 +465,12 @@ func (o BackendRoleMapOutput) ToBackendRoleMapOutputWithContext(ctx context.Cont return o } +func (o BackendRoleMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*BackendRole] { + return pulumix.Output[map[string]*BackendRole]{ + OutputState: o.OutputState, + } +} + func (o BackendRoleMapOutput) MapIndex(k pulumi.StringInput) BackendRoleOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *BackendRole { return vs[0].(map[string]*BackendRole)[vs[1].(string)] diff --git a/sdk/go/vault/azure/getAccessCredentials.go b/sdk/go/vault/azure/getAccessCredentials.go index 13dbf4ac0..3083a416e 100644 --- a/sdk/go/vault/azure/getAccessCredentials.go +++ b/sdk/go/vault/azure/getAccessCredentials.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -45,6 +47,7 @@ import ( // If the effective Vault role does not have the required permissions then valid values // are required to be set for: `subscriptionId`, `tenantId`, `environment`. func GetAccessCredentials(ctx *pulumi.Context, args *GetAccessCredentialsArgs, opts ...pulumi.InvokeOption) (*GetAccessCredentialsResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) var rv GetAccessCredentialsResult err := ctx.Invoke("vault:azure/getAccessCredentials:getAccessCredentials", args, &rv, opts...) if err != nil { @@ -203,6 +206,12 @@ func (o GetAccessCredentialsResultOutput) ToGetAccessCredentialsResultOutputWith return o } +func (o GetAccessCredentialsResultOutput) ToOutput(ctx context.Context) pulumix.Output[GetAccessCredentialsResult] { + return pulumix.Output[GetAccessCredentialsResult]{ + OutputState: o.OutputState, + } +} + func (o GetAccessCredentialsResultOutput) Backend() pulumi.StringOutput { return o.ApplyT(func(v GetAccessCredentialsResult) string { return v.Backend }).(pulumi.StringOutput) } diff --git a/sdk/go/vault/azure/init.go b/sdk/go/vault/azure/init.go index ff09ef79b..c5109de32 100644 --- a/sdk/go/vault/azure/init.go +++ b/sdk/go/vault/azure/init.go @@ -7,7 +7,7 @@ import ( "fmt" "github.com/blang/semver" - "github.com/pulumi/pulumi-vault/sdk/v5/go/vault" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) @@ -38,7 +38,7 @@ func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi } func init() { - version, err := vault.PkgVersion() + version, err := internal.PkgVersion() if err != nil { version = semver.Version{Major: 1} } diff --git a/sdk/go/vault/azure/pulumiTypes.go b/sdk/go/vault/azure/pulumiTypes.go index 4b713fc90..32c11341a 100644 --- a/sdk/go/vault/azure/pulumiTypes.go +++ b/sdk/go/vault/azure/pulumiTypes.go @@ -7,9 +7,13 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) +var _ = internal.GetEnvOrDefault + type BackendRoleAzureGroup struct { GroupName string `pulumi:"groupName"` ObjectId *string `pulumi:"objectId"` @@ -43,6 +47,12 @@ func (i BackendRoleAzureGroupArgs) ToBackendRoleAzureGroupOutputWithContext(ctx return pulumi.ToOutputWithContext(ctx, i).(BackendRoleAzureGroupOutput) } +func (i BackendRoleAzureGroupArgs) ToOutput(ctx context.Context) pulumix.Output[BackendRoleAzureGroup] { + return pulumix.Output[BackendRoleAzureGroup]{ + OutputState: i.ToBackendRoleAzureGroupOutputWithContext(ctx).OutputState, + } +} + // BackendRoleAzureGroupArrayInput is an input type that accepts BackendRoleAzureGroupArray and BackendRoleAzureGroupArrayOutput values. // You can construct a concrete instance of `BackendRoleAzureGroupArrayInput` via: // @@ -68,6 +78,12 @@ func (i BackendRoleAzureGroupArray) ToBackendRoleAzureGroupArrayOutputWithContex return pulumi.ToOutputWithContext(ctx, i).(BackendRoleAzureGroupArrayOutput) } +func (i BackendRoleAzureGroupArray) ToOutput(ctx context.Context) pulumix.Output[[]BackendRoleAzureGroup] { + return pulumix.Output[[]BackendRoleAzureGroup]{ + OutputState: i.ToBackendRoleAzureGroupArrayOutputWithContext(ctx).OutputState, + } +} + type BackendRoleAzureGroupOutput struct{ *pulumi.OutputState } func (BackendRoleAzureGroupOutput) ElementType() reflect.Type { @@ -82,6 +98,12 @@ func (o BackendRoleAzureGroupOutput) ToBackendRoleAzureGroupOutputWithContext(ct return o } +func (o BackendRoleAzureGroupOutput) ToOutput(ctx context.Context) pulumix.Output[BackendRoleAzureGroup] { + return pulumix.Output[BackendRoleAzureGroup]{ + OutputState: o.OutputState, + } +} + func (o BackendRoleAzureGroupOutput) GroupName() pulumi.StringOutput { return o.ApplyT(func(v BackendRoleAzureGroup) string { return v.GroupName }).(pulumi.StringOutput) } @@ -104,6 +126,12 @@ func (o BackendRoleAzureGroupArrayOutput) ToBackendRoleAzureGroupArrayOutputWith return o } +func (o BackendRoleAzureGroupArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]BackendRoleAzureGroup] { + return pulumix.Output[[]BackendRoleAzureGroup]{ + OutputState: o.OutputState, + } +} + func (o BackendRoleAzureGroupArrayOutput) Index(i pulumi.IntInput) BackendRoleAzureGroupOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) BackendRoleAzureGroup { return vs[0].([]BackendRoleAzureGroup)[vs[1].(int)] @@ -145,6 +173,12 @@ func (i BackendRoleAzureRoleArgs) ToBackendRoleAzureRoleOutputWithContext(ctx co return pulumi.ToOutputWithContext(ctx, i).(BackendRoleAzureRoleOutput) } +func (i BackendRoleAzureRoleArgs) ToOutput(ctx context.Context) pulumix.Output[BackendRoleAzureRole] { + return pulumix.Output[BackendRoleAzureRole]{ + OutputState: i.ToBackendRoleAzureRoleOutputWithContext(ctx).OutputState, + } +} + // BackendRoleAzureRoleArrayInput is an input type that accepts BackendRoleAzureRoleArray and BackendRoleAzureRoleArrayOutput values. // You can construct a concrete instance of `BackendRoleAzureRoleArrayInput` via: // @@ -170,6 +204,12 @@ func (i BackendRoleAzureRoleArray) ToBackendRoleAzureRoleArrayOutputWithContext( return pulumi.ToOutputWithContext(ctx, i).(BackendRoleAzureRoleArrayOutput) } +func (i BackendRoleAzureRoleArray) ToOutput(ctx context.Context) pulumix.Output[[]BackendRoleAzureRole] { + return pulumix.Output[[]BackendRoleAzureRole]{ + OutputState: i.ToBackendRoleAzureRoleArrayOutputWithContext(ctx).OutputState, + } +} + type BackendRoleAzureRoleOutput struct{ *pulumi.OutputState } func (BackendRoleAzureRoleOutput) ElementType() reflect.Type { @@ -184,6 +224,12 @@ func (o BackendRoleAzureRoleOutput) ToBackendRoleAzureRoleOutputWithContext(ctx return o } +func (o BackendRoleAzureRoleOutput) ToOutput(ctx context.Context) pulumix.Output[BackendRoleAzureRole] { + return pulumix.Output[BackendRoleAzureRole]{ + OutputState: o.OutputState, + } +} + func (o BackendRoleAzureRoleOutput) RoleId() pulumi.StringPtrOutput { return o.ApplyT(func(v BackendRoleAzureRole) *string { return v.RoleId }).(pulumi.StringPtrOutput) } @@ -210,6 +256,12 @@ func (o BackendRoleAzureRoleArrayOutput) ToBackendRoleAzureRoleArrayOutputWithCo return o } +func (o BackendRoleAzureRoleArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]BackendRoleAzureRole] { + return pulumix.Output[[]BackendRoleAzureRole]{ + OutputState: o.OutputState, + } +} + func (o BackendRoleAzureRoleArrayOutput) Index(i pulumi.IntInput) BackendRoleAzureRoleOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) BackendRoleAzureRole { return vs[0].([]BackendRoleAzureRole)[vs[1].(int)] diff --git a/sdk/go/vault/certAuthBackendRole.go b/sdk/go/vault/certAuthBackendRole.go index 4b6683c6d..cb78cf128 100644 --- a/sdk/go/vault/certAuthBackendRole.go +++ b/sdk/go/vault/certAuthBackendRole.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Provides a resource to create a role in an [Cert auth backend within Vault](https://www.vaultproject.io/docs/auth/cert.html). @@ -20,7 +22,7 @@ import ( // // import ( // -// "io/ioutil" +// "os" // // "github.com/pulumi/pulumi-vault/sdk/v5/go/vault" // "github.com/pulumi/pulumi/sdk/v3/go/pulumi" @@ -28,7 +30,7 @@ import ( // ) // // func readFileOrPanic(path string) pulumi.StringPtrInput { -// data, err := ioutil.ReadFile(path) +// data, err := os.ReadFile(path) // if err != nil { // panic(err.Error()) // } @@ -96,7 +98,30 @@ type CertAuthBackendRole struct { // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrOutput `pulumi:"namespace"` - // TLS extensions required on client certificates + // Any additional CA certificates + // needed to verify OCSP responses. Provided as base64 encoded PEM data. + // Requires Vault version 1.13+. + OcspCaCertificates pulumi.StringPtrOutput `pulumi:"ocspCaCertificates"` + // If enabled, validate certificates' + // revocation status using OCSP. Requires Vault version 1.13+. + OcspEnabled pulumi.BoolOutput `pulumi:"ocspEnabled"` + // If true and an OCSP response cannot + // be fetched or is of an unknown status, the login will proceed as if the + // certificate has not been revoked. + // Requires Vault version 1.13+. + OcspFailOpen pulumi.BoolOutput `pulumi:"ocspFailOpen"` + // If set to true, rather than + // accepting the first successful OCSP response, query all servers and consider + // the certificate valid only if all servers agree. + // Requires Vault version 1.13+. + OcspQueryAllServers pulumi.BoolOutput `pulumi:"ocspQueryAllServers"` + // : A comma-separated list of OCSP + // server addresses. If unset, the OCSP server is determined from the + // AuthorityInformationAccess extension on the certificate being inspected. + // Requires Vault version 1.13+. + OcspServersOverrides pulumi.StringArrayOutput `pulumi:"ocspServersOverrides"` + // TLS extensions required on + // client certificates RequiredExtensions pulumi.StringArrayOutput `pulumi:"requiredExtensions"` // List of CIDR blocks; if set, specifies blocks of IP // addresses which can authenticate successfully, and ties the resulting token to these blocks @@ -132,6 +157,8 @@ type CertAuthBackendRole struct { // `service` tokens). For token store roles, there are two additional possibilities: // `default-service` and `default-batch` which specify the type to return unless the client // requests a different type at generation time. + // + // For more details on the usage of each argument consult the [Vault Cert API documentation](https://www.vaultproject.io/api-docs/auth/cert). TokenType pulumi.StringPtrOutput `pulumi:"tokenType"` } @@ -145,6 +172,7 @@ func NewCertAuthBackendRole(ctx *pulumi.Context, if args.Certificate == nil { return nil, errors.New("invalid value for required argument 'Certificate'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource CertAuthBackendRole err := ctx.RegisterResource("vault:index/certAuthBackendRole:CertAuthBackendRole", name, args, &resource, opts...) if err != nil { @@ -195,7 +223,30 @@ type certAuthBackendRoleState struct { // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). // *Available only for Vault Enterprise*. Namespace *string `pulumi:"namespace"` - // TLS extensions required on client certificates + // Any additional CA certificates + // needed to verify OCSP responses. Provided as base64 encoded PEM data. + // Requires Vault version 1.13+. + OcspCaCertificates *string `pulumi:"ocspCaCertificates"` + // If enabled, validate certificates' + // revocation status using OCSP. Requires Vault version 1.13+. + OcspEnabled *bool `pulumi:"ocspEnabled"` + // If true and an OCSP response cannot + // be fetched or is of an unknown status, the login will proceed as if the + // certificate has not been revoked. + // Requires Vault version 1.13+. + OcspFailOpen *bool `pulumi:"ocspFailOpen"` + // If set to true, rather than + // accepting the first successful OCSP response, query all servers and consider + // the certificate valid only if all servers agree. + // Requires Vault version 1.13+. + OcspQueryAllServers *bool `pulumi:"ocspQueryAllServers"` + // : A comma-separated list of OCSP + // server addresses. If unset, the OCSP server is determined from the + // AuthorityInformationAccess extension on the certificate being inspected. + // Requires Vault version 1.13+. + OcspServersOverrides []string `pulumi:"ocspServersOverrides"` + // TLS extensions required on + // client certificates RequiredExtensions []string `pulumi:"requiredExtensions"` // List of CIDR blocks; if set, specifies blocks of IP // addresses which can authenticate successfully, and ties the resulting token to these blocks @@ -231,6 +282,8 @@ type certAuthBackendRoleState struct { // `service` tokens). For token store roles, there are two additional possibilities: // `default-service` and `default-batch` which specify the type to return unless the client // requests a different type at generation time. + // + // For more details on the usage of each argument consult the [Vault Cert API documentation](https://www.vaultproject.io/api-docs/auth/cert). TokenType *string `pulumi:"tokenType"` } @@ -263,7 +316,30 @@ type CertAuthBackendRoleState struct { // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput - // TLS extensions required on client certificates + // Any additional CA certificates + // needed to verify OCSP responses. Provided as base64 encoded PEM data. + // Requires Vault version 1.13+. + OcspCaCertificates pulumi.StringPtrInput + // If enabled, validate certificates' + // revocation status using OCSP. Requires Vault version 1.13+. + OcspEnabled pulumi.BoolPtrInput + // If true and an OCSP response cannot + // be fetched or is of an unknown status, the login will proceed as if the + // certificate has not been revoked. + // Requires Vault version 1.13+. + OcspFailOpen pulumi.BoolPtrInput + // If set to true, rather than + // accepting the first successful OCSP response, query all servers and consider + // the certificate valid only if all servers agree. + // Requires Vault version 1.13+. + OcspQueryAllServers pulumi.BoolPtrInput + // : A comma-separated list of OCSP + // server addresses. If unset, the OCSP server is determined from the + // AuthorityInformationAccess extension on the certificate being inspected. + // Requires Vault version 1.13+. + OcspServersOverrides pulumi.StringArrayInput + // TLS extensions required on + // client certificates RequiredExtensions pulumi.StringArrayInput // List of CIDR blocks; if set, specifies blocks of IP // addresses which can authenticate successfully, and ties the resulting token to these blocks @@ -299,6 +375,8 @@ type CertAuthBackendRoleState struct { // `service` tokens). For token store roles, there are two additional possibilities: // `default-service` and `default-batch` which specify the type to return unless the client // requests a different type at generation time. + // + // For more details on the usage of each argument consult the [Vault Cert API documentation](https://www.vaultproject.io/api-docs/auth/cert). TokenType pulumi.StringPtrInput } @@ -335,7 +413,30 @@ type certAuthBackendRoleArgs struct { // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). // *Available only for Vault Enterprise*. Namespace *string `pulumi:"namespace"` - // TLS extensions required on client certificates + // Any additional CA certificates + // needed to verify OCSP responses. Provided as base64 encoded PEM data. + // Requires Vault version 1.13+. + OcspCaCertificates *string `pulumi:"ocspCaCertificates"` + // If enabled, validate certificates' + // revocation status using OCSP. Requires Vault version 1.13+. + OcspEnabled *bool `pulumi:"ocspEnabled"` + // If true and an OCSP response cannot + // be fetched or is of an unknown status, the login will proceed as if the + // certificate has not been revoked. + // Requires Vault version 1.13+. + OcspFailOpen *bool `pulumi:"ocspFailOpen"` + // If set to true, rather than + // accepting the first successful OCSP response, query all servers and consider + // the certificate valid only if all servers agree. + // Requires Vault version 1.13+. + OcspQueryAllServers *bool `pulumi:"ocspQueryAllServers"` + // : A comma-separated list of OCSP + // server addresses. If unset, the OCSP server is determined from the + // AuthorityInformationAccess extension on the certificate being inspected. + // Requires Vault version 1.13+. + OcspServersOverrides []string `pulumi:"ocspServersOverrides"` + // TLS extensions required on + // client certificates RequiredExtensions []string `pulumi:"requiredExtensions"` // List of CIDR blocks; if set, specifies blocks of IP // addresses which can authenticate successfully, and ties the resulting token to these blocks @@ -371,6 +472,8 @@ type certAuthBackendRoleArgs struct { // `service` tokens). For token store roles, there are two additional possibilities: // `default-service` and `default-batch` which specify the type to return unless the client // requests a different type at generation time. + // + // For more details on the usage of each argument consult the [Vault Cert API documentation](https://www.vaultproject.io/api-docs/auth/cert). TokenType *string `pulumi:"tokenType"` } @@ -404,7 +507,30 @@ type CertAuthBackendRoleArgs struct { // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput - // TLS extensions required on client certificates + // Any additional CA certificates + // needed to verify OCSP responses. Provided as base64 encoded PEM data. + // Requires Vault version 1.13+. + OcspCaCertificates pulumi.StringPtrInput + // If enabled, validate certificates' + // revocation status using OCSP. Requires Vault version 1.13+. + OcspEnabled pulumi.BoolPtrInput + // If true and an OCSP response cannot + // be fetched or is of an unknown status, the login will proceed as if the + // certificate has not been revoked. + // Requires Vault version 1.13+. + OcspFailOpen pulumi.BoolPtrInput + // If set to true, rather than + // accepting the first successful OCSP response, query all servers and consider + // the certificate valid only if all servers agree. + // Requires Vault version 1.13+. + OcspQueryAllServers pulumi.BoolPtrInput + // : A comma-separated list of OCSP + // server addresses. If unset, the OCSP server is determined from the + // AuthorityInformationAccess extension on the certificate being inspected. + // Requires Vault version 1.13+. + OcspServersOverrides pulumi.StringArrayInput + // TLS extensions required on + // client certificates RequiredExtensions pulumi.StringArrayInput // List of CIDR blocks; if set, specifies blocks of IP // addresses which can authenticate successfully, and ties the resulting token to these blocks @@ -440,6 +566,8 @@ type CertAuthBackendRoleArgs struct { // `service` tokens). For token store roles, there are two additional possibilities: // `default-service` and `default-batch` which specify the type to return unless the client // requests a different type at generation time. + // + // For more details on the usage of each argument consult the [Vault Cert API documentation](https://www.vaultproject.io/api-docs/auth/cert). TokenType pulumi.StringPtrInput } @@ -466,6 +594,12 @@ func (i *CertAuthBackendRole) ToCertAuthBackendRoleOutputWithContext(ctx context return pulumi.ToOutputWithContext(ctx, i).(CertAuthBackendRoleOutput) } +func (i *CertAuthBackendRole) ToOutput(ctx context.Context) pulumix.Output[*CertAuthBackendRole] { + return pulumix.Output[*CertAuthBackendRole]{ + OutputState: i.ToCertAuthBackendRoleOutputWithContext(ctx).OutputState, + } +} + // CertAuthBackendRoleArrayInput is an input type that accepts CertAuthBackendRoleArray and CertAuthBackendRoleArrayOutput values. // You can construct a concrete instance of `CertAuthBackendRoleArrayInput` via: // @@ -491,6 +625,12 @@ func (i CertAuthBackendRoleArray) ToCertAuthBackendRoleArrayOutputWithContext(ct return pulumi.ToOutputWithContext(ctx, i).(CertAuthBackendRoleArrayOutput) } +func (i CertAuthBackendRoleArray) ToOutput(ctx context.Context) pulumix.Output[[]*CertAuthBackendRole] { + return pulumix.Output[[]*CertAuthBackendRole]{ + OutputState: i.ToCertAuthBackendRoleArrayOutputWithContext(ctx).OutputState, + } +} + // CertAuthBackendRoleMapInput is an input type that accepts CertAuthBackendRoleMap and CertAuthBackendRoleMapOutput values. // You can construct a concrete instance of `CertAuthBackendRoleMapInput` via: // @@ -516,6 +656,12 @@ func (i CertAuthBackendRoleMap) ToCertAuthBackendRoleMapOutputWithContext(ctx co return pulumi.ToOutputWithContext(ctx, i).(CertAuthBackendRoleMapOutput) } +func (i CertAuthBackendRoleMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*CertAuthBackendRole] { + return pulumix.Output[map[string]*CertAuthBackendRole]{ + OutputState: i.ToCertAuthBackendRoleMapOutputWithContext(ctx).OutputState, + } +} + type CertAuthBackendRoleOutput struct{ *pulumi.OutputState } func (CertAuthBackendRoleOutput) ElementType() reflect.Type { @@ -530,6 +676,12 @@ func (o CertAuthBackendRoleOutput) ToCertAuthBackendRoleOutputWithContext(ctx co return o } +func (o CertAuthBackendRoleOutput) ToOutput(ctx context.Context) pulumix.Output[*CertAuthBackendRole] { + return pulumix.Output[*CertAuthBackendRole]{ + OutputState: o.OutputState, + } +} + // Allowed the common names for authenticated client certificates func (o CertAuthBackendRoleOutput) AllowedCommonNames() pulumi.StringArrayOutput { return o.ApplyT(func(v *CertAuthBackendRole) pulumi.StringArrayOutput { return v.AllowedCommonNames }).(pulumi.StringArrayOutput) @@ -594,7 +746,45 @@ func (o CertAuthBackendRoleOutput) Namespace() pulumi.StringPtrOutput { return o.ApplyT(func(v *CertAuthBackendRole) pulumi.StringPtrOutput { return v.Namespace }).(pulumi.StringPtrOutput) } -// TLS extensions required on client certificates +// Any additional CA certificates +// needed to verify OCSP responses. Provided as base64 encoded PEM data. +// Requires Vault version 1.13+. +func (o CertAuthBackendRoleOutput) OcspCaCertificates() pulumi.StringPtrOutput { + return o.ApplyT(func(v *CertAuthBackendRole) pulumi.StringPtrOutput { return v.OcspCaCertificates }).(pulumi.StringPtrOutput) +} + +// If enabled, validate certificates' +// revocation status using OCSP. Requires Vault version 1.13+. +func (o CertAuthBackendRoleOutput) OcspEnabled() pulumi.BoolOutput { + return o.ApplyT(func(v *CertAuthBackendRole) pulumi.BoolOutput { return v.OcspEnabled }).(pulumi.BoolOutput) +} + +// If true and an OCSP response cannot +// be fetched or is of an unknown status, the login will proceed as if the +// certificate has not been revoked. +// Requires Vault version 1.13+. +func (o CertAuthBackendRoleOutput) OcspFailOpen() pulumi.BoolOutput { + return o.ApplyT(func(v *CertAuthBackendRole) pulumi.BoolOutput { return v.OcspFailOpen }).(pulumi.BoolOutput) +} + +// If set to true, rather than +// accepting the first successful OCSP response, query all servers and consider +// the certificate valid only if all servers agree. +// Requires Vault version 1.13+. +func (o CertAuthBackendRoleOutput) OcspQueryAllServers() pulumi.BoolOutput { + return o.ApplyT(func(v *CertAuthBackendRole) pulumi.BoolOutput { return v.OcspQueryAllServers }).(pulumi.BoolOutput) +} + +// : A comma-separated list of OCSP +// server addresses. If unset, the OCSP server is determined from the +// AuthorityInformationAccess extension on the certificate being inspected. +// Requires Vault version 1.13+. +func (o CertAuthBackendRoleOutput) OcspServersOverrides() pulumi.StringArrayOutput { + return o.ApplyT(func(v *CertAuthBackendRole) pulumi.StringArrayOutput { return v.OcspServersOverrides }).(pulumi.StringArrayOutput) +} + +// TLS extensions required on +// client certificates func (o CertAuthBackendRoleOutput) RequiredExtensions() pulumi.StringArrayOutput { return o.ApplyT(func(v *CertAuthBackendRole) pulumi.StringArrayOutput { return v.RequiredExtensions }).(pulumi.StringArrayOutput) } @@ -657,6 +847,8 @@ func (o CertAuthBackendRoleOutput) TokenTtl() pulumi.IntPtrOutput { // `service` tokens). For token store roles, there are two additional possibilities: // `default-service` and `default-batch` which specify the type to return unless the client // requests a different type at generation time. +// +// For more details on the usage of each argument consult the [Vault Cert API documentation](https://www.vaultproject.io/api-docs/auth/cert). func (o CertAuthBackendRoleOutput) TokenType() pulumi.StringPtrOutput { return o.ApplyT(func(v *CertAuthBackendRole) pulumi.StringPtrOutput { return v.TokenType }).(pulumi.StringPtrOutput) } @@ -675,6 +867,12 @@ func (o CertAuthBackendRoleArrayOutput) ToCertAuthBackendRoleArrayOutputWithCont return o } +func (o CertAuthBackendRoleArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*CertAuthBackendRole] { + return pulumix.Output[[]*CertAuthBackendRole]{ + OutputState: o.OutputState, + } +} + func (o CertAuthBackendRoleArrayOutput) Index(i pulumi.IntInput) CertAuthBackendRoleOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *CertAuthBackendRole { return vs[0].([]*CertAuthBackendRole)[vs[1].(int)] @@ -695,6 +893,12 @@ func (o CertAuthBackendRoleMapOutput) ToCertAuthBackendRoleMapOutputWithContext( return o } +func (o CertAuthBackendRoleMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*CertAuthBackendRole] { + return pulumix.Output[map[string]*CertAuthBackendRole]{ + OutputState: o.OutputState, + } +} + func (o CertAuthBackendRoleMapOutput) MapIndex(k pulumi.StringInput) CertAuthBackendRoleOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *CertAuthBackendRole { return vs[0].(map[string]*CertAuthBackendRole)[vs[1].(string)] diff --git a/sdk/go/vault/config/config.go b/sdk/go/vault/config/config.go index 57896d2cc..3e03d3227 100644 --- a/sdk/go/vault/config/config.go +++ b/sdk/go/vault/config/config.go @@ -4,10 +4,13 @@ package config import ( + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" "github.com/pulumi/pulumi/sdk/v3/go/pulumi/config" ) +var _ = internal.GetEnvOrDefault + // If true, adds the value of the `address` argument to the Terraform process environment. func GetAddAddressToEnv(ctx *pulumi.Context) string { return config.Get(ctx, "vault:addAddressToEnv") @@ -106,7 +109,11 @@ func GetMaxLeaseTtlSeconds(ctx *pulumi.Context) int { if err == nil { return v } - return getEnvOrDefault(1200, parseEnvInt, "TERRAFORM_VAULT_MAX_TTL").(int) + var value int + if d := internal.GetEnvOrDefault(1200, internal.ParseEnvInt, "TERRAFORM_VAULT_MAX_TTL"); d != nil { + value = d.(int) + } + return value } // Maximum number of retries when a 5xx error code is encountered. @@ -115,7 +122,11 @@ func GetMaxRetries(ctx *pulumi.Context) int { if err == nil { return v } - return getEnvOrDefault(2, parseEnvInt, "VAULT_MAX_RETRIES").(int) + var value int + if d := internal.GetEnvOrDefault(2, internal.ParseEnvInt, "VAULT_MAX_RETRIES"); d != nil { + value = d.(int) + } + return value } // Maximum number of retries for Client Controlled Consistency related operations @@ -128,6 +139,12 @@ func GetNamespace(ctx *pulumi.Context) string { return config.Get(ctx, "vault:namespace") } +// In the case where the Vault token is for a specific namespace and the provider namespace is not configured, use the +// token namespace as the root namespace for all resources. +func GetSetNamespaceFromToken(ctx *pulumi.Context) bool { + return config.GetBool(ctx, "vault:setNamespaceFromToken") +} + // Set this to true to prevent the creation of ephemeral child token used by this provider. func GetSkipChildToken(ctx *pulumi.Context) bool { return config.GetBool(ctx, "vault:skipChildToken") @@ -144,7 +161,11 @@ func GetSkipTlsVerify(ctx *pulumi.Context) bool { if err == nil { return v } - return getEnvOrDefault(false, parseEnvBool, "VAULT_SKIP_VERIFY").(bool) + var value bool + if d := internal.GetEnvOrDefault(nil, internal.ParseEnvBool, "VAULT_SKIP_VERIFY"); d != nil { + value = d.(bool) + } + return value } // Name to use as the SNI host when connecting via TLS. diff --git a/sdk/go/vault/config/pulumiTypes.go b/sdk/go/vault/config/pulumiTypes.go index c083f70af..2cba704c3 100644 --- a/sdk/go/vault/config/pulumiTypes.go +++ b/sdk/go/vault/config/pulumiTypes.go @@ -7,14 +7,19 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) +var _ = internal.GetEnvOrDefault + type AuthLogin struct { - Method *string `pulumi:"method"` - Namespace *string `pulumi:"namespace"` - Parameters map[string]string `pulumi:"parameters"` - Path string `pulumi:"path"` + Method *string `pulumi:"method"` + Namespace *string `pulumi:"namespace"` + Parameters map[string]string `pulumi:"parameters"` + Path string `pulumi:"path"` + UseRootNamespace *bool `pulumi:"useRootNamespace"` } // AuthLoginInput is an input type that accepts AuthLoginArgs and AuthLoginOutput values. @@ -29,10 +34,11 @@ type AuthLoginInput interface { } type AuthLoginArgs struct { - Method pulumi.StringPtrInput `pulumi:"method"` - Namespace pulumi.StringPtrInput `pulumi:"namespace"` - Parameters pulumi.StringMapInput `pulumi:"parameters"` - Path pulumi.StringInput `pulumi:"path"` + Method pulumi.StringPtrInput `pulumi:"method"` + Namespace pulumi.StringPtrInput `pulumi:"namespace"` + Parameters pulumi.StringMapInput `pulumi:"parameters"` + Path pulumi.StringInput `pulumi:"path"` + UseRootNamespace pulumi.BoolPtrInput `pulumi:"useRootNamespace"` } func (AuthLoginArgs) ElementType() reflect.Type { @@ -47,6 +53,12 @@ func (i AuthLoginArgs) ToAuthLoginOutputWithContext(ctx context.Context) AuthLog return pulumi.ToOutputWithContext(ctx, i).(AuthLoginOutput) } +func (i AuthLoginArgs) ToOutput(ctx context.Context) pulumix.Output[AuthLogin] { + return pulumix.Output[AuthLogin]{ + OutputState: i.ToAuthLoginOutputWithContext(ctx).OutputState, + } +} + type AuthLoginOutput struct{ *pulumi.OutputState } func (AuthLoginOutput) ElementType() reflect.Type { @@ -61,6 +73,12 @@ func (o AuthLoginOutput) ToAuthLoginOutputWithContext(ctx context.Context) AuthL return o } +func (o AuthLoginOutput) ToOutput(ctx context.Context) pulumix.Output[AuthLogin] { + return pulumix.Output[AuthLogin]{ + OutputState: o.OutputState, + } +} + func (o AuthLoginOutput) Method() pulumi.StringPtrOutput { return o.ApplyT(func(v AuthLogin) *string { return v.Method }).(pulumi.StringPtrOutput) } @@ -77,6 +95,10 @@ func (o AuthLoginOutput) Path() pulumi.StringOutput { return o.ApplyT(func(v AuthLogin) string { return v.Path }).(pulumi.StringOutput) } +func (o AuthLoginOutput) UseRootNamespace() pulumi.BoolPtrOutput { + return o.ApplyT(func(v AuthLogin) *bool { return v.UseRootNamespace }).(pulumi.BoolPtrOutput) +} + type AuthLoginAws struct { AwsAccessKeyId *string `pulumi:"awsAccessKeyId"` AwsIamEndpoint *string `pulumi:"awsIamEndpoint"` @@ -93,6 +115,7 @@ type AuthLoginAws struct { Mount *string `pulumi:"mount"` Namespace *string `pulumi:"namespace"` Role string `pulumi:"role"` + UseRootNamespace *bool `pulumi:"useRootNamespace"` } // AuthLoginAwsInput is an input type that accepts AuthLoginAwsArgs and AuthLoginAwsOutput values. @@ -122,6 +145,7 @@ type AuthLoginAwsArgs struct { Mount pulumi.StringPtrInput `pulumi:"mount"` Namespace pulumi.StringPtrInput `pulumi:"namespace"` Role pulumi.StringInput `pulumi:"role"` + UseRootNamespace pulumi.BoolPtrInput `pulumi:"useRootNamespace"` } func (AuthLoginAwsArgs) ElementType() reflect.Type { @@ -136,6 +160,12 @@ func (i AuthLoginAwsArgs) ToAuthLoginAwsOutputWithContext(ctx context.Context) A return pulumi.ToOutputWithContext(ctx, i).(AuthLoginAwsOutput) } +func (i AuthLoginAwsArgs) ToOutput(ctx context.Context) pulumix.Output[AuthLoginAws] { + return pulumix.Output[AuthLoginAws]{ + OutputState: i.ToAuthLoginAwsOutputWithContext(ctx).OutputState, + } +} + type AuthLoginAwsOutput struct{ *pulumi.OutputState } func (AuthLoginAwsOutput) ElementType() reflect.Type { @@ -150,6 +180,12 @@ func (o AuthLoginAwsOutput) ToAuthLoginAwsOutputWithContext(ctx context.Context) return o } +func (o AuthLoginAwsOutput) ToOutput(ctx context.Context) pulumix.Output[AuthLoginAws] { + return pulumix.Output[AuthLoginAws]{ + OutputState: o.OutputState, + } +} + func (o AuthLoginAwsOutput) AwsAccessKeyId() pulumi.StringPtrOutput { return o.ApplyT(func(v AuthLoginAws) *string { return v.AwsAccessKeyId }).(pulumi.StringPtrOutput) } @@ -210,6 +246,10 @@ func (o AuthLoginAwsOutput) Role() pulumi.StringOutput { return o.ApplyT(func(v AuthLoginAws) string { return v.Role }).(pulumi.StringOutput) } +func (o AuthLoginAwsOutput) UseRootNamespace() pulumi.BoolPtrOutput { + return o.ApplyT(func(v AuthLoginAws) *bool { return v.UseRootNamespace }).(pulumi.BoolPtrOutput) +} + type AuthLoginAzure struct { ClientId *string `pulumi:"clientId"` Jwt *string `pulumi:"jwt"` @@ -220,6 +260,7 @@ type AuthLoginAzure struct { Scope *string `pulumi:"scope"` SubscriptionId string `pulumi:"subscriptionId"` TenantId *string `pulumi:"tenantId"` + UseRootNamespace *bool `pulumi:"useRootNamespace"` VmName *string `pulumi:"vmName"` VmssName *string `pulumi:"vmssName"` } @@ -245,6 +286,7 @@ type AuthLoginAzureArgs struct { Scope pulumi.StringPtrInput `pulumi:"scope"` SubscriptionId pulumi.StringInput `pulumi:"subscriptionId"` TenantId pulumi.StringPtrInput `pulumi:"tenantId"` + UseRootNamespace pulumi.BoolPtrInput `pulumi:"useRootNamespace"` VmName pulumi.StringPtrInput `pulumi:"vmName"` VmssName pulumi.StringPtrInput `pulumi:"vmssName"` } @@ -261,6 +303,12 @@ func (i AuthLoginAzureArgs) ToAuthLoginAzureOutputWithContext(ctx context.Contex return pulumi.ToOutputWithContext(ctx, i).(AuthLoginAzureOutput) } +func (i AuthLoginAzureArgs) ToOutput(ctx context.Context) pulumix.Output[AuthLoginAzure] { + return pulumix.Output[AuthLoginAzure]{ + OutputState: i.ToAuthLoginAzureOutputWithContext(ctx).OutputState, + } +} + type AuthLoginAzureOutput struct{ *pulumi.OutputState } func (AuthLoginAzureOutput) ElementType() reflect.Type { @@ -275,6 +323,12 @@ func (o AuthLoginAzureOutput) ToAuthLoginAzureOutputWithContext(ctx context.Cont return o } +func (o AuthLoginAzureOutput) ToOutput(ctx context.Context) pulumix.Output[AuthLoginAzure] { + return pulumix.Output[AuthLoginAzure]{ + OutputState: o.OutputState, + } +} + func (o AuthLoginAzureOutput) ClientId() pulumi.StringPtrOutput { return o.ApplyT(func(v AuthLoginAzure) *string { return v.ClientId }).(pulumi.StringPtrOutput) } @@ -311,6 +365,10 @@ func (o AuthLoginAzureOutput) TenantId() pulumi.StringPtrOutput { return o.ApplyT(func(v AuthLoginAzure) *string { return v.TenantId }).(pulumi.StringPtrOutput) } +func (o AuthLoginAzureOutput) UseRootNamespace() pulumi.BoolPtrOutput { + return o.ApplyT(func(v AuthLoginAzure) *bool { return v.UseRootNamespace }).(pulumi.BoolPtrOutput) +} + func (o AuthLoginAzureOutput) VmName() pulumi.StringPtrOutput { return o.ApplyT(func(v AuthLoginAzure) *string { return v.VmName }).(pulumi.StringPtrOutput) } @@ -320,11 +378,12 @@ func (o AuthLoginAzureOutput) VmssName() pulumi.StringPtrOutput { } type AuthLoginCert struct { - CertFile string `pulumi:"certFile"` - KeyFile string `pulumi:"keyFile"` - Mount *string `pulumi:"mount"` - Name *string `pulumi:"name"` - Namespace *string `pulumi:"namespace"` + CertFile string `pulumi:"certFile"` + KeyFile string `pulumi:"keyFile"` + Mount *string `pulumi:"mount"` + Name *string `pulumi:"name"` + Namespace *string `pulumi:"namespace"` + UseRootNamespace *bool `pulumi:"useRootNamespace"` } // AuthLoginCertInput is an input type that accepts AuthLoginCertArgs and AuthLoginCertOutput values. @@ -339,11 +398,12 @@ type AuthLoginCertInput interface { } type AuthLoginCertArgs struct { - CertFile pulumi.StringInput `pulumi:"certFile"` - KeyFile pulumi.StringInput `pulumi:"keyFile"` - Mount pulumi.StringPtrInput `pulumi:"mount"` - Name pulumi.StringPtrInput `pulumi:"name"` - Namespace pulumi.StringPtrInput `pulumi:"namespace"` + CertFile pulumi.StringInput `pulumi:"certFile"` + KeyFile pulumi.StringInput `pulumi:"keyFile"` + Mount pulumi.StringPtrInput `pulumi:"mount"` + Name pulumi.StringPtrInput `pulumi:"name"` + Namespace pulumi.StringPtrInput `pulumi:"namespace"` + UseRootNamespace pulumi.BoolPtrInput `pulumi:"useRootNamespace"` } func (AuthLoginCertArgs) ElementType() reflect.Type { @@ -358,6 +418,12 @@ func (i AuthLoginCertArgs) ToAuthLoginCertOutputWithContext(ctx context.Context) return pulumi.ToOutputWithContext(ctx, i).(AuthLoginCertOutput) } +func (i AuthLoginCertArgs) ToOutput(ctx context.Context) pulumix.Output[AuthLoginCert] { + return pulumix.Output[AuthLoginCert]{ + OutputState: i.ToAuthLoginCertOutputWithContext(ctx).OutputState, + } +} + type AuthLoginCertOutput struct{ *pulumi.OutputState } func (AuthLoginCertOutput) ElementType() reflect.Type { @@ -372,6 +438,12 @@ func (o AuthLoginCertOutput) ToAuthLoginCertOutputWithContext(ctx context.Contex return o } +func (o AuthLoginCertOutput) ToOutput(ctx context.Context) pulumix.Output[AuthLoginCert] { + return pulumix.Output[AuthLoginCert]{ + OutputState: o.OutputState, + } +} + func (o AuthLoginCertOutput) CertFile() pulumi.StringOutput { return o.ApplyT(func(v AuthLoginCert) string { return v.CertFile }).(pulumi.StringOutput) } @@ -392,13 +464,18 @@ func (o AuthLoginCertOutput) Namespace() pulumi.StringPtrOutput { return o.ApplyT(func(v AuthLoginCert) *string { return v.Namespace }).(pulumi.StringPtrOutput) } +func (o AuthLoginCertOutput) UseRootNamespace() pulumi.BoolPtrOutput { + return o.ApplyT(func(v AuthLoginCert) *bool { return v.UseRootNamespace }).(pulumi.BoolPtrOutput) +} + type AuthLoginGcp struct { - Credentials *string `pulumi:"credentials"` - Jwt *string `pulumi:"jwt"` - Mount *string `pulumi:"mount"` - Namespace *string `pulumi:"namespace"` - Role string `pulumi:"role"` - ServiceAccount *string `pulumi:"serviceAccount"` + Credentials *string `pulumi:"credentials"` + Jwt *string `pulumi:"jwt"` + Mount *string `pulumi:"mount"` + Namespace *string `pulumi:"namespace"` + Role string `pulumi:"role"` + ServiceAccount *string `pulumi:"serviceAccount"` + UseRootNamespace *bool `pulumi:"useRootNamespace"` } // AuthLoginGcpInput is an input type that accepts AuthLoginGcpArgs and AuthLoginGcpOutput values. @@ -413,12 +490,13 @@ type AuthLoginGcpInput interface { } type AuthLoginGcpArgs struct { - Credentials pulumi.StringPtrInput `pulumi:"credentials"` - Jwt pulumi.StringPtrInput `pulumi:"jwt"` - Mount pulumi.StringPtrInput `pulumi:"mount"` - Namespace pulumi.StringPtrInput `pulumi:"namespace"` - Role pulumi.StringInput `pulumi:"role"` - ServiceAccount pulumi.StringPtrInput `pulumi:"serviceAccount"` + Credentials pulumi.StringPtrInput `pulumi:"credentials"` + Jwt pulumi.StringPtrInput `pulumi:"jwt"` + Mount pulumi.StringPtrInput `pulumi:"mount"` + Namespace pulumi.StringPtrInput `pulumi:"namespace"` + Role pulumi.StringInput `pulumi:"role"` + ServiceAccount pulumi.StringPtrInput `pulumi:"serviceAccount"` + UseRootNamespace pulumi.BoolPtrInput `pulumi:"useRootNamespace"` } func (AuthLoginGcpArgs) ElementType() reflect.Type { @@ -433,6 +511,12 @@ func (i AuthLoginGcpArgs) ToAuthLoginGcpOutputWithContext(ctx context.Context) A return pulumi.ToOutputWithContext(ctx, i).(AuthLoginGcpOutput) } +func (i AuthLoginGcpArgs) ToOutput(ctx context.Context) pulumix.Output[AuthLoginGcp] { + return pulumix.Output[AuthLoginGcp]{ + OutputState: i.ToAuthLoginGcpOutputWithContext(ctx).OutputState, + } +} + type AuthLoginGcpOutput struct{ *pulumi.OutputState } func (AuthLoginGcpOutput) ElementType() reflect.Type { @@ -447,6 +531,12 @@ func (o AuthLoginGcpOutput) ToAuthLoginGcpOutputWithContext(ctx context.Context) return o } +func (o AuthLoginGcpOutput) ToOutput(ctx context.Context) pulumix.Output[AuthLoginGcp] { + return pulumix.Output[AuthLoginGcp]{ + OutputState: o.OutputState, + } +} + func (o AuthLoginGcpOutput) Credentials() pulumi.StringPtrOutput { return o.ApplyT(func(v AuthLoginGcp) *string { return v.Credentials }).(pulumi.StringPtrOutput) } @@ -471,11 +561,16 @@ func (o AuthLoginGcpOutput) ServiceAccount() pulumi.StringPtrOutput { return o.ApplyT(func(v AuthLoginGcp) *string { return v.ServiceAccount }).(pulumi.StringPtrOutput) } +func (o AuthLoginGcpOutput) UseRootNamespace() pulumi.BoolPtrOutput { + return o.ApplyT(func(v AuthLoginGcp) *bool { return v.UseRootNamespace }).(pulumi.BoolPtrOutput) +} + type AuthLoginJwt struct { - Jwt string `pulumi:"jwt"` - Mount *string `pulumi:"mount"` - Namespace *string `pulumi:"namespace"` - Role string `pulumi:"role"` + Jwt string `pulumi:"jwt"` + Mount *string `pulumi:"mount"` + Namespace *string `pulumi:"namespace"` + Role string `pulumi:"role"` + UseRootNamespace *bool `pulumi:"useRootNamespace"` } // AuthLoginJwtInput is an input type that accepts AuthLoginJwtArgs and AuthLoginJwtOutput values. @@ -490,10 +585,11 @@ type AuthLoginJwtInput interface { } type AuthLoginJwtArgs struct { - Jwt pulumi.StringInput `pulumi:"jwt"` - Mount pulumi.StringPtrInput `pulumi:"mount"` - Namespace pulumi.StringPtrInput `pulumi:"namespace"` - Role pulumi.StringInput `pulumi:"role"` + Jwt pulumi.StringInput `pulumi:"jwt"` + Mount pulumi.StringPtrInput `pulumi:"mount"` + Namespace pulumi.StringPtrInput `pulumi:"namespace"` + Role pulumi.StringInput `pulumi:"role"` + UseRootNamespace pulumi.BoolPtrInput `pulumi:"useRootNamespace"` } func (AuthLoginJwtArgs) ElementType() reflect.Type { @@ -508,6 +604,12 @@ func (i AuthLoginJwtArgs) ToAuthLoginJwtOutputWithContext(ctx context.Context) A return pulumi.ToOutputWithContext(ctx, i).(AuthLoginJwtOutput) } +func (i AuthLoginJwtArgs) ToOutput(ctx context.Context) pulumix.Output[AuthLoginJwt] { + return pulumix.Output[AuthLoginJwt]{ + OutputState: i.ToAuthLoginJwtOutputWithContext(ctx).OutputState, + } +} + type AuthLoginJwtOutput struct{ *pulumi.OutputState } func (AuthLoginJwtOutput) ElementType() reflect.Type { @@ -522,6 +624,12 @@ func (o AuthLoginJwtOutput) ToAuthLoginJwtOutputWithContext(ctx context.Context) return o } +func (o AuthLoginJwtOutput) ToOutput(ctx context.Context) pulumix.Output[AuthLoginJwt] { + return pulumix.Output[AuthLoginJwt]{ + OutputState: o.OutputState, + } +} + func (o AuthLoginJwtOutput) Jwt() pulumi.StringOutput { return o.ApplyT(func(v AuthLoginJwt) string { return v.Jwt }).(pulumi.StringOutput) } @@ -538,6 +646,10 @@ func (o AuthLoginJwtOutput) Role() pulumi.StringOutput { return o.ApplyT(func(v AuthLoginJwt) string { return v.Role }).(pulumi.StringOutput) } +func (o AuthLoginJwtOutput) UseRootNamespace() pulumi.BoolPtrOutput { + return o.ApplyT(func(v AuthLoginJwt) *bool { return v.UseRootNamespace }).(pulumi.BoolPtrOutput) +} + type AuthLoginKerberos struct { DisableFastNegotiation *bool `pulumi:"disableFastNegotiation"` KeytabPath *string `pulumi:"keytabPath"` @@ -548,6 +660,7 @@ type AuthLoginKerberos struct { RemoveInstanceName *bool `pulumi:"removeInstanceName"` Service *string `pulumi:"service"` Token *string `pulumi:"token"` + UseRootNamespace *bool `pulumi:"useRootNamespace"` Username *string `pulumi:"username"` } @@ -572,6 +685,7 @@ type AuthLoginKerberosArgs struct { RemoveInstanceName pulumi.BoolPtrInput `pulumi:"removeInstanceName"` Service pulumi.StringPtrInput `pulumi:"service"` Token pulumi.StringPtrInput `pulumi:"token"` + UseRootNamespace pulumi.BoolPtrInput `pulumi:"useRootNamespace"` Username pulumi.StringPtrInput `pulumi:"username"` } @@ -587,6 +701,12 @@ func (i AuthLoginKerberosArgs) ToAuthLoginKerberosOutputWithContext(ctx context. return pulumi.ToOutputWithContext(ctx, i).(AuthLoginKerberosOutput) } +func (i AuthLoginKerberosArgs) ToOutput(ctx context.Context) pulumix.Output[AuthLoginKerberos] { + return pulumix.Output[AuthLoginKerberos]{ + OutputState: i.ToAuthLoginKerberosOutputWithContext(ctx).OutputState, + } +} + type AuthLoginKerberosOutput struct{ *pulumi.OutputState } func (AuthLoginKerberosOutput) ElementType() reflect.Type { @@ -601,6 +721,12 @@ func (o AuthLoginKerberosOutput) ToAuthLoginKerberosOutputWithContext(ctx contex return o } +func (o AuthLoginKerberosOutput) ToOutput(ctx context.Context) pulumix.Output[AuthLoginKerberos] { + return pulumix.Output[AuthLoginKerberos]{ + OutputState: o.OutputState, + } +} + func (o AuthLoginKerberosOutput) DisableFastNegotiation() pulumi.BoolPtrOutput { return o.ApplyT(func(v AuthLoginKerberos) *bool { return v.DisableFastNegotiation }).(pulumi.BoolPtrOutput) } @@ -637,15 +763,20 @@ func (o AuthLoginKerberosOutput) Token() pulumi.StringPtrOutput { return o.ApplyT(func(v AuthLoginKerberos) *string { return v.Token }).(pulumi.StringPtrOutput) } +func (o AuthLoginKerberosOutput) UseRootNamespace() pulumi.BoolPtrOutput { + return o.ApplyT(func(v AuthLoginKerberos) *bool { return v.UseRootNamespace }).(pulumi.BoolPtrOutput) +} + func (o AuthLoginKerberosOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v AuthLoginKerberos) *string { return v.Username }).(pulumi.StringPtrOutput) } type AuthLoginOci struct { - AuthType string `pulumi:"authType"` - Mount *string `pulumi:"mount"` - Namespace *string `pulumi:"namespace"` - Role string `pulumi:"role"` + AuthType string `pulumi:"authType"` + Mount *string `pulumi:"mount"` + Namespace *string `pulumi:"namespace"` + Role string `pulumi:"role"` + UseRootNamespace *bool `pulumi:"useRootNamespace"` } // AuthLoginOciInput is an input type that accepts AuthLoginOciArgs and AuthLoginOciOutput values. @@ -660,10 +791,11 @@ type AuthLoginOciInput interface { } type AuthLoginOciArgs struct { - AuthType pulumi.StringInput `pulumi:"authType"` - Mount pulumi.StringPtrInput `pulumi:"mount"` - Namespace pulumi.StringPtrInput `pulumi:"namespace"` - Role pulumi.StringInput `pulumi:"role"` + AuthType pulumi.StringInput `pulumi:"authType"` + Mount pulumi.StringPtrInput `pulumi:"mount"` + Namespace pulumi.StringPtrInput `pulumi:"namespace"` + Role pulumi.StringInput `pulumi:"role"` + UseRootNamespace pulumi.BoolPtrInput `pulumi:"useRootNamespace"` } func (AuthLoginOciArgs) ElementType() reflect.Type { @@ -678,6 +810,12 @@ func (i AuthLoginOciArgs) ToAuthLoginOciOutputWithContext(ctx context.Context) A return pulumi.ToOutputWithContext(ctx, i).(AuthLoginOciOutput) } +func (i AuthLoginOciArgs) ToOutput(ctx context.Context) pulumix.Output[AuthLoginOci] { + return pulumix.Output[AuthLoginOci]{ + OutputState: i.ToAuthLoginOciOutputWithContext(ctx).OutputState, + } +} + type AuthLoginOciOutput struct{ *pulumi.OutputState } func (AuthLoginOciOutput) ElementType() reflect.Type { @@ -692,6 +830,12 @@ func (o AuthLoginOciOutput) ToAuthLoginOciOutputWithContext(ctx context.Context) return o } +func (o AuthLoginOciOutput) ToOutput(ctx context.Context) pulumix.Output[AuthLoginOci] { + return pulumix.Output[AuthLoginOci]{ + OutputState: o.OutputState, + } +} + func (o AuthLoginOciOutput) AuthType() pulumi.StringOutput { return o.ApplyT(func(v AuthLoginOci) string { return v.AuthType }).(pulumi.StringOutput) } @@ -708,12 +852,17 @@ func (o AuthLoginOciOutput) Role() pulumi.StringOutput { return o.ApplyT(func(v AuthLoginOci) string { return v.Role }).(pulumi.StringOutput) } +func (o AuthLoginOciOutput) UseRootNamespace() pulumi.BoolPtrOutput { + return o.ApplyT(func(v AuthLoginOci) *bool { return v.UseRootNamespace }).(pulumi.BoolPtrOutput) +} + type AuthLoginOidc struct { CallbackAddress *string `pulumi:"callbackAddress"` CallbackListenerAddress *string `pulumi:"callbackListenerAddress"` Mount *string `pulumi:"mount"` Namespace *string `pulumi:"namespace"` Role string `pulumi:"role"` + UseRootNamespace *bool `pulumi:"useRootNamespace"` } // AuthLoginOidcInput is an input type that accepts AuthLoginOidcArgs and AuthLoginOidcOutput values. @@ -733,6 +882,7 @@ type AuthLoginOidcArgs struct { Mount pulumi.StringPtrInput `pulumi:"mount"` Namespace pulumi.StringPtrInput `pulumi:"namespace"` Role pulumi.StringInput `pulumi:"role"` + UseRootNamespace pulumi.BoolPtrInput `pulumi:"useRootNamespace"` } func (AuthLoginOidcArgs) ElementType() reflect.Type { @@ -747,6 +897,12 @@ func (i AuthLoginOidcArgs) ToAuthLoginOidcOutputWithContext(ctx context.Context) return pulumi.ToOutputWithContext(ctx, i).(AuthLoginOidcOutput) } +func (i AuthLoginOidcArgs) ToOutput(ctx context.Context) pulumix.Output[AuthLoginOidc] { + return pulumix.Output[AuthLoginOidc]{ + OutputState: i.ToAuthLoginOidcOutputWithContext(ctx).OutputState, + } +} + type AuthLoginOidcOutput struct{ *pulumi.OutputState } func (AuthLoginOidcOutput) ElementType() reflect.Type { @@ -761,6 +917,12 @@ func (o AuthLoginOidcOutput) ToAuthLoginOidcOutputWithContext(ctx context.Contex return o } +func (o AuthLoginOidcOutput) ToOutput(ctx context.Context) pulumix.Output[AuthLoginOidc] { + return pulumix.Output[AuthLoginOidc]{ + OutputState: o.OutputState, + } +} + func (o AuthLoginOidcOutput) CallbackAddress() pulumi.StringPtrOutput { return o.ApplyT(func(v AuthLoginOidc) *string { return v.CallbackAddress }).(pulumi.StringPtrOutput) } @@ -781,11 +943,16 @@ func (o AuthLoginOidcOutput) Role() pulumi.StringOutput { return o.ApplyT(func(v AuthLoginOidc) string { return v.Role }).(pulumi.StringOutput) } +func (o AuthLoginOidcOutput) UseRootNamespace() pulumi.BoolPtrOutput { + return o.ApplyT(func(v AuthLoginOidc) *bool { return v.UseRootNamespace }).(pulumi.BoolPtrOutput) +} + type AuthLoginRadius struct { - Mount *string `pulumi:"mount"` - Namespace *string `pulumi:"namespace"` - Password string `pulumi:"password"` - Username string `pulumi:"username"` + Mount *string `pulumi:"mount"` + Namespace *string `pulumi:"namespace"` + Password string `pulumi:"password"` + UseRootNamespace *bool `pulumi:"useRootNamespace"` + Username string `pulumi:"username"` } // AuthLoginRadiusInput is an input type that accepts AuthLoginRadiusArgs and AuthLoginRadiusOutput values. @@ -800,10 +967,11 @@ type AuthLoginRadiusInput interface { } type AuthLoginRadiusArgs struct { - Mount pulumi.StringPtrInput `pulumi:"mount"` - Namespace pulumi.StringPtrInput `pulumi:"namespace"` - Password pulumi.StringInput `pulumi:"password"` - Username pulumi.StringInput `pulumi:"username"` + Mount pulumi.StringPtrInput `pulumi:"mount"` + Namespace pulumi.StringPtrInput `pulumi:"namespace"` + Password pulumi.StringInput `pulumi:"password"` + UseRootNamespace pulumi.BoolPtrInput `pulumi:"useRootNamespace"` + Username pulumi.StringInput `pulumi:"username"` } func (AuthLoginRadiusArgs) ElementType() reflect.Type { @@ -818,6 +986,12 @@ func (i AuthLoginRadiusArgs) ToAuthLoginRadiusOutputWithContext(ctx context.Cont return pulumi.ToOutputWithContext(ctx, i).(AuthLoginRadiusOutput) } +func (i AuthLoginRadiusArgs) ToOutput(ctx context.Context) pulumix.Output[AuthLoginRadius] { + return pulumix.Output[AuthLoginRadius]{ + OutputState: i.ToAuthLoginRadiusOutputWithContext(ctx).OutputState, + } +} + type AuthLoginRadiusOutput struct{ *pulumi.OutputState } func (AuthLoginRadiusOutput) ElementType() reflect.Type { @@ -832,6 +1006,12 @@ func (o AuthLoginRadiusOutput) ToAuthLoginRadiusOutputWithContext(ctx context.Co return o } +func (o AuthLoginRadiusOutput) ToOutput(ctx context.Context) pulumix.Output[AuthLoginRadius] { + return pulumix.Output[AuthLoginRadius]{ + OutputState: o.OutputState, + } +} + func (o AuthLoginRadiusOutput) Mount() pulumi.StringPtrOutput { return o.ApplyT(func(v AuthLoginRadius) *string { return v.Mount }).(pulumi.StringPtrOutput) } @@ -844,13 +1024,18 @@ func (o AuthLoginRadiusOutput) Password() pulumi.StringOutput { return o.ApplyT(func(v AuthLoginRadius) string { return v.Password }).(pulumi.StringOutput) } +func (o AuthLoginRadiusOutput) UseRootNamespace() pulumi.BoolPtrOutput { + return o.ApplyT(func(v AuthLoginRadius) *bool { return v.UseRootNamespace }).(pulumi.BoolPtrOutput) +} + func (o AuthLoginRadiusOutput) Username() pulumi.StringOutput { return o.ApplyT(func(v AuthLoginRadius) string { return v.Username }).(pulumi.StringOutput) } type AuthLoginTokenFile struct { - Filename string `pulumi:"filename"` - Namespace *string `pulumi:"namespace"` + Filename string `pulumi:"filename"` + Namespace *string `pulumi:"namespace"` + UseRootNamespace *bool `pulumi:"useRootNamespace"` } // AuthLoginTokenFileInput is an input type that accepts AuthLoginTokenFileArgs and AuthLoginTokenFileOutput values. @@ -865,8 +1050,9 @@ type AuthLoginTokenFileInput interface { } type AuthLoginTokenFileArgs struct { - Filename pulumi.StringInput `pulumi:"filename"` - Namespace pulumi.StringPtrInput `pulumi:"namespace"` + Filename pulumi.StringInput `pulumi:"filename"` + Namespace pulumi.StringPtrInput `pulumi:"namespace"` + UseRootNamespace pulumi.BoolPtrInput `pulumi:"useRootNamespace"` } func (AuthLoginTokenFileArgs) ElementType() reflect.Type { @@ -881,6 +1067,12 @@ func (i AuthLoginTokenFileArgs) ToAuthLoginTokenFileOutputWithContext(ctx contex return pulumi.ToOutputWithContext(ctx, i).(AuthLoginTokenFileOutput) } +func (i AuthLoginTokenFileArgs) ToOutput(ctx context.Context) pulumix.Output[AuthLoginTokenFile] { + return pulumix.Output[AuthLoginTokenFile]{ + OutputState: i.ToAuthLoginTokenFileOutputWithContext(ctx).OutputState, + } +} + type AuthLoginTokenFileOutput struct{ *pulumi.OutputState } func (AuthLoginTokenFileOutput) ElementType() reflect.Type { @@ -895,6 +1087,12 @@ func (o AuthLoginTokenFileOutput) ToAuthLoginTokenFileOutputWithContext(ctx cont return o } +func (o AuthLoginTokenFileOutput) ToOutput(ctx context.Context) pulumix.Output[AuthLoginTokenFile] { + return pulumix.Output[AuthLoginTokenFile]{ + OutputState: o.OutputState, + } +} + func (o AuthLoginTokenFileOutput) Filename() pulumi.StringOutput { return o.ApplyT(func(v AuthLoginTokenFile) string { return v.Filename }).(pulumi.StringOutput) } @@ -903,12 +1101,17 @@ func (o AuthLoginTokenFileOutput) Namespace() pulumi.StringPtrOutput { return o.ApplyT(func(v AuthLoginTokenFile) *string { return v.Namespace }).(pulumi.StringPtrOutput) } +func (o AuthLoginTokenFileOutput) UseRootNamespace() pulumi.BoolPtrOutput { + return o.ApplyT(func(v AuthLoginTokenFile) *bool { return v.UseRootNamespace }).(pulumi.BoolPtrOutput) +} + type AuthLoginUserpass struct { - Mount *string `pulumi:"mount"` - Namespace *string `pulumi:"namespace"` - Password *string `pulumi:"password"` - PasswordFile *string `pulumi:"passwordFile"` - Username string `pulumi:"username"` + Mount *string `pulumi:"mount"` + Namespace *string `pulumi:"namespace"` + Password *string `pulumi:"password"` + PasswordFile *string `pulumi:"passwordFile"` + UseRootNamespace *bool `pulumi:"useRootNamespace"` + Username string `pulumi:"username"` } // AuthLoginUserpassInput is an input type that accepts AuthLoginUserpassArgs and AuthLoginUserpassOutput values. @@ -923,11 +1126,12 @@ type AuthLoginUserpassInput interface { } type AuthLoginUserpassArgs struct { - Mount pulumi.StringPtrInput `pulumi:"mount"` - Namespace pulumi.StringPtrInput `pulumi:"namespace"` - Password pulumi.StringPtrInput `pulumi:"password"` - PasswordFile pulumi.StringPtrInput `pulumi:"passwordFile"` - Username pulumi.StringInput `pulumi:"username"` + Mount pulumi.StringPtrInput `pulumi:"mount"` + Namespace pulumi.StringPtrInput `pulumi:"namespace"` + Password pulumi.StringPtrInput `pulumi:"password"` + PasswordFile pulumi.StringPtrInput `pulumi:"passwordFile"` + UseRootNamespace pulumi.BoolPtrInput `pulumi:"useRootNamespace"` + Username pulumi.StringInput `pulumi:"username"` } func (AuthLoginUserpassArgs) ElementType() reflect.Type { @@ -942,6 +1146,12 @@ func (i AuthLoginUserpassArgs) ToAuthLoginUserpassOutputWithContext(ctx context. return pulumi.ToOutputWithContext(ctx, i).(AuthLoginUserpassOutput) } +func (i AuthLoginUserpassArgs) ToOutput(ctx context.Context) pulumix.Output[AuthLoginUserpass] { + return pulumix.Output[AuthLoginUserpass]{ + OutputState: i.ToAuthLoginUserpassOutputWithContext(ctx).OutputState, + } +} + type AuthLoginUserpassOutput struct{ *pulumi.OutputState } func (AuthLoginUserpassOutput) ElementType() reflect.Type { @@ -956,6 +1166,12 @@ func (o AuthLoginUserpassOutput) ToAuthLoginUserpassOutputWithContext(ctx contex return o } +func (o AuthLoginUserpassOutput) ToOutput(ctx context.Context) pulumix.Output[AuthLoginUserpass] { + return pulumix.Output[AuthLoginUserpass]{ + OutputState: o.OutputState, + } +} + func (o AuthLoginUserpassOutput) Mount() pulumi.StringPtrOutput { return o.ApplyT(func(v AuthLoginUserpass) *string { return v.Mount }).(pulumi.StringPtrOutput) } @@ -972,6 +1188,10 @@ func (o AuthLoginUserpassOutput) PasswordFile() pulumi.StringPtrOutput { return o.ApplyT(func(v AuthLoginUserpass) *string { return v.PasswordFile }).(pulumi.StringPtrOutput) } +func (o AuthLoginUserpassOutput) UseRootNamespace() pulumi.BoolPtrOutput { + return o.ApplyT(func(v AuthLoginUserpass) *bool { return v.UseRootNamespace }).(pulumi.BoolPtrOutput) +} + func (o AuthLoginUserpassOutput) Username() pulumi.StringOutput { return o.ApplyT(func(v AuthLoginUserpass) string { return v.Username }).(pulumi.StringOutput) } @@ -1009,6 +1229,12 @@ func (i ClientAuthArgs) ToClientAuthOutputWithContext(ctx context.Context) Clien return pulumi.ToOutputWithContext(ctx, i).(ClientAuthOutput) } +func (i ClientAuthArgs) ToOutput(ctx context.Context) pulumix.Output[ClientAuth] { + return pulumix.Output[ClientAuth]{ + OutputState: i.ToClientAuthOutputWithContext(ctx).OutputState, + } +} + type ClientAuthOutput struct{ *pulumi.OutputState } func (ClientAuthOutput) ElementType() reflect.Type { @@ -1023,6 +1249,12 @@ func (o ClientAuthOutput) ToClientAuthOutputWithContext(ctx context.Context) Cli return o } +func (o ClientAuthOutput) ToOutput(ctx context.Context) pulumix.Output[ClientAuth] { + return pulumix.Output[ClientAuth]{ + OutputState: o.OutputState, + } +} + func (o ClientAuthOutput) CertFile() pulumi.StringOutput { return o.ApplyT(func(v ClientAuth) string { return v.CertFile }).(pulumi.StringOutput) } @@ -1064,6 +1296,12 @@ func (i HeadersArgs) ToHeadersOutputWithContext(ctx context.Context) HeadersOutp return pulumi.ToOutputWithContext(ctx, i).(HeadersOutput) } +func (i HeadersArgs) ToOutput(ctx context.Context) pulumix.Output[Headers] { + return pulumix.Output[Headers]{ + OutputState: i.ToHeadersOutputWithContext(ctx).OutputState, + } +} + // HeadersArrayInput is an input type that accepts HeadersArray and HeadersArrayOutput values. // You can construct a concrete instance of `HeadersArrayInput` via: // @@ -1089,6 +1327,12 @@ func (i HeadersArray) ToHeadersArrayOutputWithContext(ctx context.Context) Heade return pulumi.ToOutputWithContext(ctx, i).(HeadersArrayOutput) } +func (i HeadersArray) ToOutput(ctx context.Context) pulumix.Output[[]Headers] { + return pulumix.Output[[]Headers]{ + OutputState: i.ToHeadersArrayOutputWithContext(ctx).OutputState, + } +} + type HeadersOutput struct{ *pulumi.OutputState } func (HeadersOutput) ElementType() reflect.Type { @@ -1103,6 +1347,12 @@ func (o HeadersOutput) ToHeadersOutputWithContext(ctx context.Context) HeadersOu return o } +func (o HeadersOutput) ToOutput(ctx context.Context) pulumix.Output[Headers] { + return pulumix.Output[Headers]{ + OutputState: o.OutputState, + } +} + func (o HeadersOutput) Name() pulumi.StringOutput { return o.ApplyT(func(v Headers) string { return v.Name }).(pulumi.StringOutput) } @@ -1125,6 +1375,12 @@ func (o HeadersArrayOutput) ToHeadersArrayOutputWithContext(ctx context.Context) return o } +func (o HeadersArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]Headers] { + return pulumix.Output[[]Headers]{ + OutputState: o.OutputState, + } +} + func (o HeadersArrayOutput) Index(i pulumi.IntInput) HeadersOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) Headers { return vs[0].([]Headers)[vs[1].(int)] diff --git a/sdk/go/vault/consul/init.go b/sdk/go/vault/consul/init.go index 416454bf3..5c7faacf0 100644 --- a/sdk/go/vault/consul/init.go +++ b/sdk/go/vault/consul/init.go @@ -7,7 +7,7 @@ import ( "fmt" "github.com/blang/semver" - "github.com/pulumi/pulumi-vault/sdk/v5/go/vault" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) @@ -34,7 +34,7 @@ func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi } func init() { - version, err := vault.PkgVersion() + version, err := internal.PkgVersion() if err != nil { version = semver.Version{Major: 1} } diff --git a/sdk/go/vault/consul/secretBackend.go b/sdk/go/vault/consul/secretBackend.go index 5baf5c49b..38ac3fa83 100644 --- a/sdk/go/vault/consul/secretBackend.go +++ b/sdk/go/vault/consul/secretBackend.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -82,6 +84,10 @@ type SecretBackend struct { // Specifies the address of the Consul instance, provided as "host:port" like "127.0.0.1:8500". Address pulumi.StringOutput `pulumi:"address"` // Denotes that the resource is used to bootstrap the Consul ACL system. + // + // > **Important** When `bootstrap` is true, Vault will attempt to bootstrap the Consul server. The token returned from + // this operation will only ever be known to Vault. If the resource is ever destroyed, the bootstrap token will be lost + // and a [Consul reset may be required.](https://learn.hashicorp.com/tutorials/consul/access-control-troubleshoot#reset-the-acl-system) Bootstrap pulumi.BoolPtrOutput `pulumi:"bootstrap"` // CA certificate to use when verifying Consul server certificate, must be x509 PEM encoded. CaCert pulumi.StringPtrOutput `pulumi:"caCert"` @@ -113,8 +119,7 @@ type SecretBackend struct { Path pulumi.StringPtrOutput `pulumi:"path"` // Specifies the URL scheme to use. Defaults to `http`. Scheme pulumi.StringPtrOutput `pulumi:"scheme"` - // The Consul management token this backend should use to issue new tokens. This field is required - // when `bootstrap` is false. + // Specifies the Consul token to use when managing or issuing new tokens. Token pulumi.StringPtrOutput `pulumi:"token"` } @@ -129,13 +134,13 @@ func NewSecretBackend(ctx *pulumi.Context, return nil, errors.New("invalid value for required argument 'Address'") } if args.ClientCert != nil { - args.ClientCert = pulumi.ToSecret(args.ClientCert).(pulumi.StringPtrOutput) + args.ClientCert = pulumi.ToSecret(args.ClientCert).(pulumi.StringPtrInput) } if args.ClientKey != nil { - args.ClientKey = pulumi.ToSecret(args.ClientKey).(pulumi.StringPtrOutput) + args.ClientKey = pulumi.ToSecret(args.ClientKey).(pulumi.StringPtrInput) } if args.Token != nil { - args.Token = pulumi.ToSecret(args.Token).(pulumi.StringPtrOutput) + args.Token = pulumi.ToSecret(args.Token).(pulumi.StringPtrInput) } secrets := pulumi.AdditionalSecretOutputs([]string{ "clientCert", @@ -143,6 +148,7 @@ func NewSecretBackend(ctx *pulumi.Context, "token", }) opts = append(opts, secrets) + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretBackend err := ctx.RegisterResource("vault:consul/secretBackend:SecretBackend", name, args, &resource, opts...) if err != nil { @@ -168,6 +174,10 @@ type secretBackendState struct { // Specifies the address of the Consul instance, provided as "host:port" like "127.0.0.1:8500". Address *string `pulumi:"address"` // Denotes that the resource is used to bootstrap the Consul ACL system. + // + // > **Important** When `bootstrap` is true, Vault will attempt to bootstrap the Consul server. The token returned from + // this operation will only ever be known to Vault. If the resource is ever destroyed, the bootstrap token will be lost + // and a [Consul reset may be required.](https://learn.hashicorp.com/tutorials/consul/access-control-troubleshoot#reset-the-acl-system) Bootstrap *bool `pulumi:"bootstrap"` // CA certificate to use when verifying Consul server certificate, must be x509 PEM encoded. CaCert *string `pulumi:"caCert"` @@ -199,8 +209,7 @@ type secretBackendState struct { Path *string `pulumi:"path"` // Specifies the URL scheme to use. Defaults to `http`. Scheme *string `pulumi:"scheme"` - // The Consul management token this backend should use to issue new tokens. This field is required - // when `bootstrap` is false. + // Specifies the Consul token to use when managing or issuing new tokens. Token *string `pulumi:"token"` } @@ -208,6 +217,10 @@ type SecretBackendState struct { // Specifies the address of the Consul instance, provided as "host:port" like "127.0.0.1:8500". Address pulumi.StringPtrInput // Denotes that the resource is used to bootstrap the Consul ACL system. + // + // > **Important** When `bootstrap` is true, Vault will attempt to bootstrap the Consul server. The token returned from + // this operation will only ever be known to Vault. If the resource is ever destroyed, the bootstrap token will be lost + // and a [Consul reset may be required.](https://learn.hashicorp.com/tutorials/consul/access-control-troubleshoot#reset-the-acl-system) Bootstrap pulumi.BoolPtrInput // CA certificate to use when verifying Consul server certificate, must be x509 PEM encoded. CaCert pulumi.StringPtrInput @@ -239,8 +252,7 @@ type SecretBackendState struct { Path pulumi.StringPtrInput // Specifies the URL scheme to use. Defaults to `http`. Scheme pulumi.StringPtrInput - // The Consul management token this backend should use to issue new tokens. This field is required - // when `bootstrap` is false. + // Specifies the Consul token to use when managing or issuing new tokens. Token pulumi.StringPtrInput } @@ -252,6 +264,10 @@ type secretBackendArgs struct { // Specifies the address of the Consul instance, provided as "host:port" like "127.0.0.1:8500". Address string `pulumi:"address"` // Denotes that the resource is used to bootstrap the Consul ACL system. + // + // > **Important** When `bootstrap` is true, Vault will attempt to bootstrap the Consul server. The token returned from + // this operation will only ever be known to Vault. If the resource is ever destroyed, the bootstrap token will be lost + // and a [Consul reset may be required.](https://learn.hashicorp.com/tutorials/consul/access-control-troubleshoot#reset-the-acl-system) Bootstrap *bool `pulumi:"bootstrap"` // CA certificate to use when verifying Consul server certificate, must be x509 PEM encoded. CaCert *string `pulumi:"caCert"` @@ -283,8 +299,7 @@ type secretBackendArgs struct { Path *string `pulumi:"path"` // Specifies the URL scheme to use. Defaults to `http`. Scheme *string `pulumi:"scheme"` - // The Consul management token this backend should use to issue new tokens. This field is required - // when `bootstrap` is false. + // Specifies the Consul token to use when managing or issuing new tokens. Token *string `pulumi:"token"` } @@ -293,6 +308,10 @@ type SecretBackendArgs struct { // Specifies the address of the Consul instance, provided as "host:port" like "127.0.0.1:8500". Address pulumi.StringInput // Denotes that the resource is used to bootstrap the Consul ACL system. + // + // > **Important** When `bootstrap` is true, Vault will attempt to bootstrap the Consul server. The token returned from + // this operation will only ever be known to Vault. If the resource is ever destroyed, the bootstrap token will be lost + // and a [Consul reset may be required.](https://learn.hashicorp.com/tutorials/consul/access-control-troubleshoot#reset-the-acl-system) Bootstrap pulumi.BoolPtrInput // CA certificate to use when verifying Consul server certificate, must be x509 PEM encoded. CaCert pulumi.StringPtrInput @@ -324,8 +343,7 @@ type SecretBackendArgs struct { Path pulumi.StringPtrInput // Specifies the URL scheme to use. Defaults to `http`. Scheme pulumi.StringPtrInput - // The Consul management token this backend should use to issue new tokens. This field is required - // when `bootstrap` is false. + // Specifies the Consul token to use when managing or issuing new tokens. Token pulumi.StringPtrInput } @@ -352,6 +370,12 @@ func (i *SecretBackend) ToSecretBackendOutputWithContext(ctx context.Context) Se return pulumi.ToOutputWithContext(ctx, i).(SecretBackendOutput) } +func (i *SecretBackend) ToOutput(ctx context.Context) pulumix.Output[*SecretBackend] { + return pulumix.Output[*SecretBackend]{ + OutputState: i.ToSecretBackendOutputWithContext(ctx).OutputState, + } +} + // SecretBackendArrayInput is an input type that accepts SecretBackendArray and SecretBackendArrayOutput values. // You can construct a concrete instance of `SecretBackendArrayInput` via: // @@ -377,6 +401,12 @@ func (i SecretBackendArray) ToSecretBackendArrayOutputWithContext(ctx context.Co return pulumi.ToOutputWithContext(ctx, i).(SecretBackendArrayOutput) } +func (i SecretBackendArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackend] { + return pulumix.Output[[]*SecretBackend]{ + OutputState: i.ToSecretBackendArrayOutputWithContext(ctx).OutputState, + } +} + // SecretBackendMapInput is an input type that accepts SecretBackendMap and SecretBackendMapOutput values. // You can construct a concrete instance of `SecretBackendMapInput` via: // @@ -402,6 +432,12 @@ func (i SecretBackendMap) ToSecretBackendMapOutputWithContext(ctx context.Contex return pulumi.ToOutputWithContext(ctx, i).(SecretBackendMapOutput) } +func (i SecretBackendMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackend] { + return pulumix.Output[map[string]*SecretBackend]{ + OutputState: i.ToSecretBackendMapOutputWithContext(ctx).OutputState, + } +} + type SecretBackendOutput struct{ *pulumi.OutputState } func (SecretBackendOutput) ElementType() reflect.Type { @@ -416,12 +452,22 @@ func (o SecretBackendOutput) ToSecretBackendOutputWithContext(ctx context.Contex return o } +func (o SecretBackendOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackend] { + return pulumix.Output[*SecretBackend]{ + OutputState: o.OutputState, + } +} + // Specifies the address of the Consul instance, provided as "host:port" like "127.0.0.1:8500". func (o SecretBackendOutput) Address() pulumi.StringOutput { return o.ApplyT(func(v *SecretBackend) pulumi.StringOutput { return v.Address }).(pulumi.StringOutput) } // Denotes that the resource is used to bootstrap the Consul ACL system. +// +// > **Important** When `bootstrap` is true, Vault will attempt to bootstrap the Consul server. The token returned from +// this operation will only ever be known to Vault. If the resource is ever destroyed, the bootstrap token will be lost +// and a [Consul reset may be required.](https://learn.hashicorp.com/tutorials/consul/access-control-troubleshoot#reset-the-acl-system) func (o SecretBackendOutput) Bootstrap() pulumi.BoolPtrOutput { return o.ApplyT(func(v *SecretBackend) pulumi.BoolPtrOutput { return v.Bootstrap }).(pulumi.BoolPtrOutput) } @@ -489,8 +535,7 @@ func (o SecretBackendOutput) Scheme() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackend) pulumi.StringPtrOutput { return v.Scheme }).(pulumi.StringPtrOutput) } -// The Consul management token this backend should use to issue new tokens. This field is required -// when `bootstrap` is false. +// Specifies the Consul token to use when managing or issuing new tokens. func (o SecretBackendOutput) Token() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackend) pulumi.StringPtrOutput { return v.Token }).(pulumi.StringPtrOutput) } @@ -509,6 +554,12 @@ func (o SecretBackendArrayOutput) ToSecretBackendArrayOutputWithContext(ctx cont return o } +func (o SecretBackendArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackend] { + return pulumix.Output[[]*SecretBackend]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendArrayOutput) Index(i pulumi.IntInput) SecretBackendOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretBackend { return vs[0].([]*SecretBackend)[vs[1].(int)] @@ -529,6 +580,12 @@ func (o SecretBackendMapOutput) ToSecretBackendMapOutputWithContext(ctx context. return o } +func (o SecretBackendMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackend] { + return pulumix.Output[map[string]*SecretBackend]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendMapOutput) MapIndex(k pulumi.StringInput) SecretBackendOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretBackend { return vs[0].(map[string]*SecretBackend)[vs[1].(string)] diff --git a/sdk/go/vault/consul/secretBackendRole.go b/sdk/go/vault/consul/secretBackendRole.go index cce9c896c..eefc2fba8 100644 --- a/sdk/go/vault/consul/secretBackendRole.go +++ b/sdk/go/vault/consul/secretBackendRole.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Manages a Consul secrets role for a Consul secrets engine in Vault. Consul secret backends can then issue Consul tokens. @@ -117,6 +119,7 @@ func NewSecretBackendRole(ctx *pulumi.Context, args = &SecretBackendRoleArgs{} } + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretBackendRole err := ctx.RegisterResource("vault:consul/secretBackendRole:SecretBackendRole", name, args, &resource, opts...) if err != nil { @@ -342,6 +345,12 @@ func (i *SecretBackendRole) ToSecretBackendRoleOutputWithContext(ctx context.Con return pulumi.ToOutputWithContext(ctx, i).(SecretBackendRoleOutput) } +func (i *SecretBackendRole) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendRole] { + return pulumix.Output[*SecretBackendRole]{ + OutputState: i.ToSecretBackendRoleOutputWithContext(ctx).OutputState, + } +} + // SecretBackendRoleArrayInput is an input type that accepts SecretBackendRoleArray and SecretBackendRoleArrayOutput values. // You can construct a concrete instance of `SecretBackendRoleArrayInput` via: // @@ -367,6 +376,12 @@ func (i SecretBackendRoleArray) ToSecretBackendRoleArrayOutputWithContext(ctx co return pulumi.ToOutputWithContext(ctx, i).(SecretBackendRoleArrayOutput) } +func (i SecretBackendRoleArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendRole] { + return pulumix.Output[[]*SecretBackendRole]{ + OutputState: i.ToSecretBackendRoleArrayOutputWithContext(ctx).OutputState, + } +} + // SecretBackendRoleMapInput is an input type that accepts SecretBackendRoleMap and SecretBackendRoleMapOutput values. // You can construct a concrete instance of `SecretBackendRoleMapInput` via: // @@ -392,6 +407,12 @@ func (i SecretBackendRoleMap) ToSecretBackendRoleMapOutputWithContext(ctx contex return pulumi.ToOutputWithContext(ctx, i).(SecretBackendRoleMapOutput) } +func (i SecretBackendRoleMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendRole] { + return pulumix.Output[map[string]*SecretBackendRole]{ + OutputState: i.ToSecretBackendRoleMapOutputWithContext(ctx).OutputState, + } +} + type SecretBackendRoleOutput struct{ *pulumi.OutputState } func (SecretBackendRoleOutput) ElementType() reflect.Type { @@ -406,6 +427,12 @@ func (o SecretBackendRoleOutput) ToSecretBackendRoleOutputWithContext(ctx contex return o } +func (o SecretBackendRoleOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendRole] { + return pulumix.Output[*SecretBackendRole]{ + OutputState: o.OutputState, + } +} + // The unique name of an existing Consul secrets backend mount. Must not begin or end with a `/`. One of `path` or `backend` is required. func (o SecretBackendRoleOutput) Backend() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendRole) pulumi.StringPtrOutput { return v.Backend }).(pulumi.StringPtrOutput) @@ -503,6 +530,12 @@ func (o SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutputWithContext( return o } +func (o SecretBackendRoleArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendRole] { + return pulumix.Output[[]*SecretBackendRole]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendRoleArrayOutput) Index(i pulumi.IntInput) SecretBackendRoleOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretBackendRole { return vs[0].([]*SecretBackendRole)[vs[1].(int)] @@ -523,6 +556,12 @@ func (o SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutputWithContext(ctx return o } +func (o SecretBackendRoleMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendRole] { + return pulumix.Output[map[string]*SecretBackendRole]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendRoleMapOutput) MapIndex(k pulumi.StringInput) SecretBackendRoleOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretBackendRole { return vs[0].(map[string]*SecretBackendRole)[vs[1].(string)] diff --git a/sdk/go/vault/database/init.go b/sdk/go/vault/database/init.go index 1890b8d1b..abb9b10c6 100644 --- a/sdk/go/vault/database/init.go +++ b/sdk/go/vault/database/init.go @@ -7,7 +7,7 @@ import ( "fmt" "github.com/blang/semver" - "github.com/pulumi/pulumi-vault/sdk/v5/go/vault" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) @@ -38,7 +38,7 @@ func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi } func init() { - version, err := vault.PkgVersion() + version, err := internal.PkgVersion() if err != nil { version = semver.Version{Major: 1} } diff --git a/sdk/go/vault/database/pulumiTypes.go b/sdk/go/vault/database/pulumiTypes.go index 495d91cb2..37fb75fa8 100644 --- a/sdk/go/vault/database/pulumiTypes.go +++ b/sdk/go/vault/database/pulumiTypes.go @@ -7,19 +7,23 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) +var _ = internal.GetEnvOrDefault + type SecretBackendConnectionCassandra struct { // The number of seconds to use as a connection // timeout. ConnectTimeout *int `pulumi:"connectTimeout"` - // A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + // The hosts to connect to. Hosts []string `pulumi:"hosts"` // Whether to skip verification of the server // certificate when using TLS. InsecureTls *bool `pulumi:"insecureTls"` - // The root credential password used in the connection URL. + // The password to authenticate with. Password *string `pulumi:"password"` // Concatenated PEM blocks configuring the certificate // chain. @@ -31,9 +35,9 @@ type SecretBackendConnectionCassandra struct { Port *int `pulumi:"port"` // The CQL protocol version to use. ProtocolVersion *int `pulumi:"protocolVersion"` - // Whether to use TLS when connecting to Redis. + // Whether to use TLS when connecting to Cassandra. Tls *bool `pulumi:"tls"` - // The root credential username used in the connection URL. + // The username to authenticate with. Username *string `pulumi:"username"` } @@ -52,12 +56,12 @@ type SecretBackendConnectionCassandraArgs struct { // The number of seconds to use as a connection // timeout. ConnectTimeout pulumi.IntPtrInput `pulumi:"connectTimeout"` - // A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + // The hosts to connect to. Hosts pulumi.StringArrayInput `pulumi:"hosts"` // Whether to skip verification of the server // certificate when using TLS. InsecureTls pulumi.BoolPtrInput `pulumi:"insecureTls"` - // The root credential password used in the connection URL. + // The password to authenticate with. Password pulumi.StringPtrInput `pulumi:"password"` // Concatenated PEM blocks configuring the certificate // chain. @@ -69,9 +73,9 @@ type SecretBackendConnectionCassandraArgs struct { Port pulumi.IntPtrInput `pulumi:"port"` // The CQL protocol version to use. ProtocolVersion pulumi.IntPtrInput `pulumi:"protocolVersion"` - // Whether to use TLS when connecting to Redis. + // Whether to use TLS when connecting to Cassandra. Tls pulumi.BoolPtrInput `pulumi:"tls"` - // The root credential username used in the connection URL. + // The username to authenticate with. Username pulumi.StringPtrInput `pulumi:"username"` } @@ -87,6 +91,12 @@ func (i SecretBackendConnectionCassandraArgs) ToSecretBackendConnectionCassandra return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConnectionCassandraOutput) } +func (i SecretBackendConnectionCassandraArgs) ToOutput(ctx context.Context) pulumix.Output[SecretBackendConnectionCassandra] { + return pulumix.Output[SecretBackendConnectionCassandra]{ + OutputState: i.ToSecretBackendConnectionCassandraOutputWithContext(ctx).OutputState, + } +} + func (i SecretBackendConnectionCassandraArgs) ToSecretBackendConnectionCassandraPtrOutput() SecretBackendConnectionCassandraPtrOutput { return i.ToSecretBackendConnectionCassandraPtrOutputWithContext(context.Background()) } @@ -128,6 +138,12 @@ func (i *secretBackendConnectionCassandraPtrType) ToSecretBackendConnectionCassa return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConnectionCassandraPtrOutput) } +func (i *secretBackendConnectionCassandraPtrType) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConnectionCassandra] { + return pulumix.Output[*SecretBackendConnectionCassandra]{ + OutputState: i.ToSecretBackendConnectionCassandraPtrOutputWithContext(ctx).OutputState, + } +} + type SecretBackendConnectionCassandraOutput struct{ *pulumi.OutputState } func (SecretBackendConnectionCassandraOutput) ElementType() reflect.Type { @@ -152,13 +168,19 @@ func (o SecretBackendConnectionCassandraOutput) ToSecretBackendConnectionCassand }).(SecretBackendConnectionCassandraPtrOutput) } +func (o SecretBackendConnectionCassandraOutput) ToOutput(ctx context.Context) pulumix.Output[SecretBackendConnectionCassandra] { + return pulumix.Output[SecretBackendConnectionCassandra]{ + OutputState: o.OutputState, + } +} + // The number of seconds to use as a connection // timeout. func (o SecretBackendConnectionCassandraOutput) ConnectTimeout() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretBackendConnectionCassandra) *int { return v.ConnectTimeout }).(pulumi.IntPtrOutput) } -// A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. +// The hosts to connect to. func (o SecretBackendConnectionCassandraOutput) Hosts() pulumi.StringArrayOutput { return o.ApplyT(func(v SecretBackendConnectionCassandra) []string { return v.Hosts }).(pulumi.StringArrayOutput) } @@ -169,7 +191,7 @@ func (o SecretBackendConnectionCassandraOutput) InsecureTls() pulumi.BoolPtrOutp return o.ApplyT(func(v SecretBackendConnectionCassandra) *bool { return v.InsecureTls }).(pulumi.BoolPtrOutput) } -// The root credential password used in the connection URL. +// The password to authenticate with. func (o SecretBackendConnectionCassandraOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionCassandra) *string { return v.Password }).(pulumi.StringPtrOutput) } @@ -196,12 +218,12 @@ func (o SecretBackendConnectionCassandraOutput) ProtocolVersion() pulumi.IntPtrO return o.ApplyT(func(v SecretBackendConnectionCassandra) *int { return v.ProtocolVersion }).(pulumi.IntPtrOutput) } -// Whether to use TLS when connecting to Redis. +// Whether to use TLS when connecting to Cassandra. func (o SecretBackendConnectionCassandraOutput) Tls() pulumi.BoolPtrOutput { return o.ApplyT(func(v SecretBackendConnectionCassandra) *bool { return v.Tls }).(pulumi.BoolPtrOutput) } -// The root credential username used in the connection URL. +// The username to authenticate with. func (o SecretBackendConnectionCassandraOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionCassandra) *string { return v.Username }).(pulumi.StringPtrOutput) } @@ -220,6 +242,12 @@ func (o SecretBackendConnectionCassandraPtrOutput) ToSecretBackendConnectionCass return o } +func (o SecretBackendConnectionCassandraPtrOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConnectionCassandra] { + return pulumix.Output[*SecretBackendConnectionCassandra]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendConnectionCassandraPtrOutput) Elem() SecretBackendConnectionCassandraOutput { return o.ApplyT(func(v *SecretBackendConnectionCassandra) SecretBackendConnectionCassandra { if v != nil { @@ -241,7 +269,7 @@ func (o SecretBackendConnectionCassandraPtrOutput) ConnectTimeout() pulumi.IntPt }).(pulumi.IntPtrOutput) } -// A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. +// The hosts to connect to. func (o SecretBackendConnectionCassandraPtrOutput) Hosts() pulumi.StringArrayOutput { return o.ApplyT(func(v *SecretBackendConnectionCassandra) []string { if v == nil { @@ -262,7 +290,7 @@ func (o SecretBackendConnectionCassandraPtrOutput) InsecureTls() pulumi.BoolPtrO }).(pulumi.BoolPtrOutput) } -// The root credential password used in the connection URL. +// The password to authenticate with. func (o SecretBackendConnectionCassandraPtrOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionCassandra) *string { if v == nil { @@ -314,7 +342,7 @@ func (o SecretBackendConnectionCassandraPtrOutput) ProtocolVersion() pulumi.IntP }).(pulumi.IntPtrOutput) } -// Whether to use TLS when connecting to Redis. +// Whether to use TLS when connecting to Cassandra. func (o SecretBackendConnectionCassandraPtrOutput) Tls() pulumi.BoolPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionCassandra) *bool { if v == nil { @@ -324,7 +352,7 @@ func (o SecretBackendConnectionCassandraPtrOutput) Tls() pulumi.BoolPtrOutput { }).(pulumi.BoolPtrOutput) } -// The root credential username used in the connection URL. +// The username to authenticate with. func (o SecretBackendConnectionCassandraPtrOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionCassandra) *string { if v == nil { @@ -339,18 +367,18 @@ type SecretBackendConnectionCouchbase struct { Base64Pem *string `pulumi:"base64Pem"` // Required for Couchbase versions prior to 6.5.0. This is only used to verify vault's connection to the server. BucketName *string `pulumi:"bucketName"` - // A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + // The hosts to connect to. Hosts []string `pulumi:"hosts"` // Whether to skip verification of the server // certificate when using TLS. InsecureTls *bool `pulumi:"insecureTls"` - // The root credential password used in the connection URL. + // The password to authenticate with. Password string `pulumi:"password"` - // Whether to use TLS when connecting to Redis. + // Whether to use TLS when connecting to Cassandra. Tls *bool `pulumi:"tls"` - // The root credential username used in the connection URL. + // The username to authenticate with. Username string `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // Template describing how dynamic usernames are generated. UsernameTemplate *string `pulumi:"usernameTemplate"` } @@ -370,18 +398,18 @@ type SecretBackendConnectionCouchbaseArgs struct { Base64Pem pulumi.StringPtrInput `pulumi:"base64Pem"` // Required for Couchbase versions prior to 6.5.0. This is only used to verify vault's connection to the server. BucketName pulumi.StringPtrInput `pulumi:"bucketName"` - // A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + // The hosts to connect to. Hosts pulumi.StringArrayInput `pulumi:"hosts"` // Whether to skip verification of the server // certificate when using TLS. InsecureTls pulumi.BoolPtrInput `pulumi:"insecureTls"` - // The root credential password used in the connection URL. + // The password to authenticate with. Password pulumi.StringInput `pulumi:"password"` - // Whether to use TLS when connecting to Redis. + // Whether to use TLS when connecting to Cassandra. Tls pulumi.BoolPtrInput `pulumi:"tls"` - // The root credential username used in the connection URL. + // The username to authenticate with. Username pulumi.StringInput `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // Template describing how dynamic usernames are generated. UsernameTemplate pulumi.StringPtrInput `pulumi:"usernameTemplate"` } @@ -397,6 +425,12 @@ func (i SecretBackendConnectionCouchbaseArgs) ToSecretBackendConnectionCouchbase return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConnectionCouchbaseOutput) } +func (i SecretBackendConnectionCouchbaseArgs) ToOutput(ctx context.Context) pulumix.Output[SecretBackendConnectionCouchbase] { + return pulumix.Output[SecretBackendConnectionCouchbase]{ + OutputState: i.ToSecretBackendConnectionCouchbaseOutputWithContext(ctx).OutputState, + } +} + func (i SecretBackendConnectionCouchbaseArgs) ToSecretBackendConnectionCouchbasePtrOutput() SecretBackendConnectionCouchbasePtrOutput { return i.ToSecretBackendConnectionCouchbasePtrOutputWithContext(context.Background()) } @@ -438,6 +472,12 @@ func (i *secretBackendConnectionCouchbasePtrType) ToSecretBackendConnectionCouch return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConnectionCouchbasePtrOutput) } +func (i *secretBackendConnectionCouchbasePtrType) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConnectionCouchbase] { + return pulumix.Output[*SecretBackendConnectionCouchbase]{ + OutputState: i.ToSecretBackendConnectionCouchbasePtrOutputWithContext(ctx).OutputState, + } +} + type SecretBackendConnectionCouchbaseOutput struct{ *pulumi.OutputState } func (SecretBackendConnectionCouchbaseOutput) ElementType() reflect.Type { @@ -462,6 +502,12 @@ func (o SecretBackendConnectionCouchbaseOutput) ToSecretBackendConnectionCouchba }).(SecretBackendConnectionCouchbasePtrOutput) } +func (o SecretBackendConnectionCouchbaseOutput) ToOutput(ctx context.Context) pulumix.Output[SecretBackendConnectionCouchbase] { + return pulumix.Output[SecretBackendConnectionCouchbase]{ + OutputState: o.OutputState, + } +} + // Required if `tls` is `true`. Specifies the certificate authority of the Couchbase server, as a PEM certificate that has been base64 encoded. func (o SecretBackendConnectionCouchbaseOutput) Base64Pem() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionCouchbase) *string { return v.Base64Pem }).(pulumi.StringPtrOutput) @@ -472,7 +518,7 @@ func (o SecretBackendConnectionCouchbaseOutput) BucketName() pulumi.StringPtrOut return o.ApplyT(func(v SecretBackendConnectionCouchbase) *string { return v.BucketName }).(pulumi.StringPtrOutput) } -// A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. +// The hosts to connect to. func (o SecretBackendConnectionCouchbaseOutput) Hosts() pulumi.StringArrayOutput { return o.ApplyT(func(v SecretBackendConnectionCouchbase) []string { return v.Hosts }).(pulumi.StringArrayOutput) } @@ -483,22 +529,22 @@ func (o SecretBackendConnectionCouchbaseOutput) InsecureTls() pulumi.BoolPtrOutp return o.ApplyT(func(v SecretBackendConnectionCouchbase) *bool { return v.InsecureTls }).(pulumi.BoolPtrOutput) } -// The root credential password used in the connection URL. +// The password to authenticate with. func (o SecretBackendConnectionCouchbaseOutput) Password() pulumi.StringOutput { return o.ApplyT(func(v SecretBackendConnectionCouchbase) string { return v.Password }).(pulumi.StringOutput) } -// Whether to use TLS when connecting to Redis. +// Whether to use TLS when connecting to Cassandra. func (o SecretBackendConnectionCouchbaseOutput) Tls() pulumi.BoolPtrOutput { return o.ApplyT(func(v SecretBackendConnectionCouchbase) *bool { return v.Tls }).(pulumi.BoolPtrOutput) } -// The root credential username used in the connection URL. +// The username to authenticate with. func (o SecretBackendConnectionCouchbaseOutput) Username() pulumi.StringOutput { return o.ApplyT(func(v SecretBackendConnectionCouchbase) string { return v.Username }).(pulumi.StringOutput) } -// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. +// Template describing how dynamic usernames are generated. func (o SecretBackendConnectionCouchbaseOutput) UsernameTemplate() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionCouchbase) *string { return v.UsernameTemplate }).(pulumi.StringPtrOutput) } @@ -517,6 +563,12 @@ func (o SecretBackendConnectionCouchbasePtrOutput) ToSecretBackendConnectionCouc return o } +func (o SecretBackendConnectionCouchbasePtrOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConnectionCouchbase] { + return pulumix.Output[*SecretBackendConnectionCouchbase]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendConnectionCouchbasePtrOutput) Elem() SecretBackendConnectionCouchbaseOutput { return o.ApplyT(func(v *SecretBackendConnectionCouchbase) SecretBackendConnectionCouchbase { if v != nil { @@ -547,7 +599,7 @@ func (o SecretBackendConnectionCouchbasePtrOutput) BucketName() pulumi.StringPtr }).(pulumi.StringPtrOutput) } -// A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. +// The hosts to connect to. func (o SecretBackendConnectionCouchbasePtrOutput) Hosts() pulumi.StringArrayOutput { return o.ApplyT(func(v *SecretBackendConnectionCouchbase) []string { if v == nil { @@ -568,7 +620,7 @@ func (o SecretBackendConnectionCouchbasePtrOutput) InsecureTls() pulumi.BoolPtrO }).(pulumi.BoolPtrOutput) } -// The root credential password used in the connection URL. +// The password to authenticate with. func (o SecretBackendConnectionCouchbasePtrOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionCouchbase) *string { if v == nil { @@ -578,7 +630,7 @@ func (o SecretBackendConnectionCouchbasePtrOutput) Password() pulumi.StringPtrOu }).(pulumi.StringPtrOutput) } -// Whether to use TLS when connecting to Redis. +// Whether to use TLS when connecting to Cassandra. func (o SecretBackendConnectionCouchbasePtrOutput) Tls() pulumi.BoolPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionCouchbase) *bool { if v == nil { @@ -588,7 +640,7 @@ func (o SecretBackendConnectionCouchbasePtrOutput) Tls() pulumi.BoolPtrOutput { }).(pulumi.BoolPtrOutput) } -// The root credential username used in the connection URL. +// The username to authenticate with. func (o SecretBackendConnectionCouchbasePtrOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionCouchbase) *string { if v == nil { @@ -598,7 +650,7 @@ func (o SecretBackendConnectionCouchbasePtrOutput) Username() pulumi.StringPtrOu }).(pulumi.StringPtrOutput) } -// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. +// Template describing how dynamic usernames are generated. func (o SecretBackendConnectionCouchbasePtrOutput) UsernameTemplate() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionCouchbase) *string { if v == nil { @@ -619,16 +671,16 @@ type SecretBackendConnectionElasticsearch struct { ClientKey *string `pulumi:"clientKey"` // Whether to disable certificate verification. Insecure *bool `pulumi:"insecure"` - // The root credential password used in the connection URL. + // The password to authenticate with. Password string `pulumi:"password"` // This, if set, is used to set the SNI host when connecting via TLS. TlsServerName *string `pulumi:"tlsServerName"` // The URL for Elasticsearch's API. https requires certificate // by trusted CA if used. Url string `pulumi:"url"` - // The root credential username used in the connection URL. + // The username to authenticate with. Username string `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // Template describing how dynamic usernames are generated. UsernameTemplate *string `pulumi:"usernameTemplate"` } @@ -654,16 +706,16 @@ type SecretBackendConnectionElasticsearchArgs struct { ClientKey pulumi.StringPtrInput `pulumi:"clientKey"` // Whether to disable certificate verification. Insecure pulumi.BoolPtrInput `pulumi:"insecure"` - // The root credential password used in the connection URL. + // The password to authenticate with. Password pulumi.StringInput `pulumi:"password"` // This, if set, is used to set the SNI host when connecting via TLS. TlsServerName pulumi.StringPtrInput `pulumi:"tlsServerName"` // The URL for Elasticsearch's API. https requires certificate // by trusted CA if used. Url pulumi.StringInput `pulumi:"url"` - // The root credential username used in the connection URL. + // The username to authenticate with. Username pulumi.StringInput `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // Template describing how dynamic usernames are generated. UsernameTemplate pulumi.StringPtrInput `pulumi:"usernameTemplate"` } @@ -679,6 +731,12 @@ func (i SecretBackendConnectionElasticsearchArgs) ToSecretBackendConnectionElast return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConnectionElasticsearchOutput) } +func (i SecretBackendConnectionElasticsearchArgs) ToOutput(ctx context.Context) pulumix.Output[SecretBackendConnectionElasticsearch] { + return pulumix.Output[SecretBackendConnectionElasticsearch]{ + OutputState: i.ToSecretBackendConnectionElasticsearchOutputWithContext(ctx).OutputState, + } +} + func (i SecretBackendConnectionElasticsearchArgs) ToSecretBackendConnectionElasticsearchPtrOutput() SecretBackendConnectionElasticsearchPtrOutput { return i.ToSecretBackendConnectionElasticsearchPtrOutputWithContext(context.Background()) } @@ -720,6 +778,12 @@ func (i *secretBackendConnectionElasticsearchPtrType) ToSecretBackendConnectionE return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConnectionElasticsearchPtrOutput) } +func (i *secretBackendConnectionElasticsearchPtrType) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConnectionElasticsearch] { + return pulumix.Output[*SecretBackendConnectionElasticsearch]{ + OutputState: i.ToSecretBackendConnectionElasticsearchPtrOutputWithContext(ctx).OutputState, + } +} + type SecretBackendConnectionElasticsearchOutput struct{ *pulumi.OutputState } func (SecretBackendConnectionElasticsearchOutput) ElementType() reflect.Type { @@ -744,6 +808,12 @@ func (o SecretBackendConnectionElasticsearchOutput) ToSecretBackendConnectionEla }).(SecretBackendConnectionElasticsearchPtrOutput) } +func (o SecretBackendConnectionElasticsearchOutput) ToOutput(ctx context.Context) pulumix.Output[SecretBackendConnectionElasticsearch] { + return pulumix.Output[SecretBackendConnectionElasticsearch]{ + OutputState: o.OutputState, + } +} + // The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. func (o SecretBackendConnectionElasticsearchOutput) CaCert() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionElasticsearch) *string { return v.CaCert }).(pulumi.StringPtrOutput) @@ -769,7 +839,7 @@ func (o SecretBackendConnectionElasticsearchOutput) Insecure() pulumi.BoolPtrOut return o.ApplyT(func(v SecretBackendConnectionElasticsearch) *bool { return v.Insecure }).(pulumi.BoolPtrOutput) } -// The root credential password used in the connection URL. +// The password to authenticate with. func (o SecretBackendConnectionElasticsearchOutput) Password() pulumi.StringOutput { return o.ApplyT(func(v SecretBackendConnectionElasticsearch) string { return v.Password }).(pulumi.StringOutput) } @@ -785,12 +855,12 @@ func (o SecretBackendConnectionElasticsearchOutput) Url() pulumi.StringOutput { return o.ApplyT(func(v SecretBackendConnectionElasticsearch) string { return v.Url }).(pulumi.StringOutput) } -// The root credential username used in the connection URL. +// The username to authenticate with. func (o SecretBackendConnectionElasticsearchOutput) Username() pulumi.StringOutput { return o.ApplyT(func(v SecretBackendConnectionElasticsearch) string { return v.Username }).(pulumi.StringOutput) } -// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. +// Template describing how dynamic usernames are generated. func (o SecretBackendConnectionElasticsearchOutput) UsernameTemplate() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionElasticsearch) *string { return v.UsernameTemplate }).(pulumi.StringPtrOutput) } @@ -809,6 +879,12 @@ func (o SecretBackendConnectionElasticsearchPtrOutput) ToSecretBackendConnection return o } +func (o SecretBackendConnectionElasticsearchPtrOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConnectionElasticsearch] { + return pulumix.Output[*SecretBackendConnectionElasticsearch]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendConnectionElasticsearchPtrOutput) Elem() SecretBackendConnectionElasticsearchOutput { return o.ApplyT(func(v *SecretBackendConnectionElasticsearch) SecretBackendConnectionElasticsearch { if v != nil { @@ -869,7 +945,7 @@ func (o SecretBackendConnectionElasticsearchPtrOutput) Insecure() pulumi.BoolPtr }).(pulumi.BoolPtrOutput) } -// The root credential password used in the connection URL. +// The password to authenticate with. func (o SecretBackendConnectionElasticsearchPtrOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionElasticsearch) *string { if v == nil { @@ -900,7 +976,7 @@ func (o SecretBackendConnectionElasticsearchPtrOutput) Url() pulumi.StringPtrOut }).(pulumi.StringPtrOutput) } -// The root credential username used in the connection URL. +// The username to authenticate with. func (o SecretBackendConnectionElasticsearchPtrOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionElasticsearch) *string { if v == nil { @@ -910,7 +986,7 @@ func (o SecretBackendConnectionElasticsearchPtrOutput) Username() pulumi.StringP }).(pulumi.StringPtrOutput) } -// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. +// Template describing how dynamic usernames are generated. func (o SecretBackendConnectionElasticsearchPtrOutput) UsernameTemplate() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionElasticsearch) *string { if v == nil { @@ -921,24 +997,25 @@ func (o SecretBackendConnectionElasticsearchPtrOutput) UsernameTemplate() pulumi } type SecretBackendConnectionHana struct { - // Specifies the Redshift DSN. See + // A URL containing connection information. See // the [Vault - // docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + // docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. ConnectionUrl *string `pulumi:"connectionUrl"` // Disable special character escaping in username and password. DisableEscaping *bool `pulumi:"disableEscaping"` - // The maximum amount of time a connection may be reused. + // The maximum number of seconds to keep + // a connection alive for. MaxConnectionLifetime *int `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // the database. + // maintain. MaxIdleConnections *int `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // the database. + // use. MaxOpenConnections *int `pulumi:"maxOpenConnections"` - // The root credential password used in the connection URL. + // The password to authenticate with. Password *string `pulumi:"password"` - // The root credential username used in the connection URL. + // The username to authenticate with. Username *string `pulumi:"username"` } @@ -954,24 +1031,25 @@ type SecretBackendConnectionHanaInput interface { } type SecretBackendConnectionHanaArgs struct { - // Specifies the Redshift DSN. See + // A URL containing connection information. See // the [Vault - // docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + // docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. ConnectionUrl pulumi.StringPtrInput `pulumi:"connectionUrl"` // Disable special character escaping in username and password. DisableEscaping pulumi.BoolPtrInput `pulumi:"disableEscaping"` - // The maximum amount of time a connection may be reused. + // The maximum number of seconds to keep + // a connection alive for. MaxConnectionLifetime pulumi.IntPtrInput `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // the database. + // maintain. MaxIdleConnections pulumi.IntPtrInput `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // the database. + // use. MaxOpenConnections pulumi.IntPtrInput `pulumi:"maxOpenConnections"` - // The root credential password used in the connection URL. + // The password to authenticate with. Password pulumi.StringPtrInput `pulumi:"password"` - // The root credential username used in the connection URL. + // The username to authenticate with. Username pulumi.StringPtrInput `pulumi:"username"` } @@ -987,6 +1065,12 @@ func (i SecretBackendConnectionHanaArgs) ToSecretBackendConnectionHanaOutputWith return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConnectionHanaOutput) } +func (i SecretBackendConnectionHanaArgs) ToOutput(ctx context.Context) pulumix.Output[SecretBackendConnectionHana] { + return pulumix.Output[SecretBackendConnectionHana]{ + OutputState: i.ToSecretBackendConnectionHanaOutputWithContext(ctx).OutputState, + } +} + func (i SecretBackendConnectionHanaArgs) ToSecretBackendConnectionHanaPtrOutput() SecretBackendConnectionHanaPtrOutput { return i.ToSecretBackendConnectionHanaPtrOutputWithContext(context.Background()) } @@ -1028,6 +1112,12 @@ func (i *secretBackendConnectionHanaPtrType) ToSecretBackendConnectionHanaPtrOut return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConnectionHanaPtrOutput) } +func (i *secretBackendConnectionHanaPtrType) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConnectionHana] { + return pulumix.Output[*SecretBackendConnectionHana]{ + OutputState: i.ToSecretBackendConnectionHanaPtrOutputWithContext(ctx).OutputState, + } +} + type SecretBackendConnectionHanaOutput struct{ *pulumi.OutputState } func (SecretBackendConnectionHanaOutput) ElementType() reflect.Type { @@ -1052,9 +1142,15 @@ func (o SecretBackendConnectionHanaOutput) ToSecretBackendConnectionHanaPtrOutpu }).(SecretBackendConnectionHanaPtrOutput) } -// Specifies the Redshift DSN. See +func (o SecretBackendConnectionHanaOutput) ToOutput(ctx context.Context) pulumix.Output[SecretBackendConnectionHana] { + return pulumix.Output[SecretBackendConnectionHana]{ + OutputState: o.OutputState, + } +} + +// A URL containing connection information. See // the [Vault -// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) +// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. func (o SecretBackendConnectionHanaOutput) ConnectionUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionHana) *string { return v.ConnectionUrl }).(pulumi.StringPtrOutput) @@ -1065,29 +1161,30 @@ func (o SecretBackendConnectionHanaOutput) DisableEscaping() pulumi.BoolPtrOutpu return o.ApplyT(func(v SecretBackendConnectionHana) *bool { return v.DisableEscaping }).(pulumi.BoolPtrOutput) } -// The maximum amount of time a connection may be reused. +// The maximum number of seconds to keep +// a connection alive for. func (o SecretBackendConnectionHanaOutput) MaxConnectionLifetime() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretBackendConnectionHana) *int { return v.MaxConnectionLifetime }).(pulumi.IntPtrOutput) } // The maximum number of idle connections to -// the database. +// maintain. func (o SecretBackendConnectionHanaOutput) MaxIdleConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretBackendConnectionHana) *int { return v.MaxIdleConnections }).(pulumi.IntPtrOutput) } // The maximum number of open connections to -// the database. +// use. func (o SecretBackendConnectionHanaOutput) MaxOpenConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretBackendConnectionHana) *int { return v.MaxOpenConnections }).(pulumi.IntPtrOutput) } -// The root credential password used in the connection URL. +// The password to authenticate with. func (o SecretBackendConnectionHanaOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionHana) *string { return v.Password }).(pulumi.StringPtrOutput) } -// The root credential username used in the connection URL. +// The username to authenticate with. func (o SecretBackendConnectionHanaOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionHana) *string { return v.Username }).(pulumi.StringPtrOutput) } @@ -1106,6 +1203,12 @@ func (o SecretBackendConnectionHanaPtrOutput) ToSecretBackendConnectionHanaPtrOu return o } +func (o SecretBackendConnectionHanaPtrOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConnectionHana] { + return pulumix.Output[*SecretBackendConnectionHana]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendConnectionHanaPtrOutput) Elem() SecretBackendConnectionHanaOutput { return o.ApplyT(func(v *SecretBackendConnectionHana) SecretBackendConnectionHana { if v != nil { @@ -1116,9 +1219,9 @@ func (o SecretBackendConnectionHanaPtrOutput) Elem() SecretBackendConnectionHana }).(SecretBackendConnectionHanaOutput) } -// Specifies the Redshift DSN. See +// A URL containing connection information. See // the [Vault -// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) +// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. func (o SecretBackendConnectionHanaPtrOutput) ConnectionUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionHana) *string { @@ -1139,7 +1242,8 @@ func (o SecretBackendConnectionHanaPtrOutput) DisableEscaping() pulumi.BoolPtrOu }).(pulumi.BoolPtrOutput) } -// The maximum amount of time a connection may be reused. +// The maximum number of seconds to keep +// a connection alive for. func (o SecretBackendConnectionHanaPtrOutput) MaxConnectionLifetime() pulumi.IntPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionHana) *int { if v == nil { @@ -1150,7 +1254,7 @@ func (o SecretBackendConnectionHanaPtrOutput) MaxConnectionLifetime() pulumi.Int } // The maximum number of idle connections to -// the database. +// maintain. func (o SecretBackendConnectionHanaPtrOutput) MaxIdleConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionHana) *int { if v == nil { @@ -1161,7 +1265,7 @@ func (o SecretBackendConnectionHanaPtrOutput) MaxIdleConnections() pulumi.IntPtr } // The maximum number of open connections to -// the database. +// use. func (o SecretBackendConnectionHanaPtrOutput) MaxOpenConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionHana) *int { if v == nil { @@ -1171,7 +1275,7 @@ func (o SecretBackendConnectionHanaPtrOutput) MaxOpenConnections() pulumi.IntPtr }).(pulumi.IntPtrOutput) } -// The root credential password used in the connection URL. +// The password to authenticate with. func (o SecretBackendConnectionHanaPtrOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionHana) *string { if v == nil { @@ -1181,7 +1285,7 @@ func (o SecretBackendConnectionHanaPtrOutput) Password() pulumi.StringPtrOutput }).(pulumi.StringPtrOutput) } -// The root credential username used in the connection URL. +// The username to authenticate with. func (o SecretBackendConnectionHanaPtrOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionHana) *string { if v == nil { @@ -1200,7 +1304,7 @@ type SecretBackendConnectionInfluxdb struct { // Whether to skip verification of the server // certificate when using TLS. InsecureTls *bool `pulumi:"insecureTls"` - // The root credential password used in the connection URL. + // The password to authenticate with. Password string `pulumi:"password"` // Concatenated PEM blocks configuring the certificate // chain. @@ -1210,11 +1314,11 @@ type SecretBackendConnectionInfluxdb struct { // The default port to connect to if no port is specified as // part of the host. Port *int `pulumi:"port"` - // Whether to use TLS when connecting to Redis. + // Whether to use TLS when connecting to Cassandra. Tls *bool `pulumi:"tls"` - // The root credential username used in the connection URL. + // The username to authenticate with. Username string `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // Template describing how dynamic usernames are generated. UsernameTemplate *string `pulumi:"usernameTemplate"` } @@ -1238,7 +1342,7 @@ type SecretBackendConnectionInfluxdbArgs struct { // Whether to skip verification of the server // certificate when using TLS. InsecureTls pulumi.BoolPtrInput `pulumi:"insecureTls"` - // The root credential password used in the connection URL. + // The password to authenticate with. Password pulumi.StringInput `pulumi:"password"` // Concatenated PEM blocks configuring the certificate // chain. @@ -1248,11 +1352,11 @@ type SecretBackendConnectionInfluxdbArgs struct { // The default port to connect to if no port is specified as // part of the host. Port pulumi.IntPtrInput `pulumi:"port"` - // Whether to use TLS when connecting to Redis. + // Whether to use TLS when connecting to Cassandra. Tls pulumi.BoolPtrInput `pulumi:"tls"` - // The root credential username used in the connection URL. + // The username to authenticate with. Username pulumi.StringInput `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // Template describing how dynamic usernames are generated. UsernameTemplate pulumi.StringPtrInput `pulumi:"usernameTemplate"` } @@ -1268,6 +1372,12 @@ func (i SecretBackendConnectionInfluxdbArgs) ToSecretBackendConnectionInfluxdbOu return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConnectionInfluxdbOutput) } +func (i SecretBackendConnectionInfluxdbArgs) ToOutput(ctx context.Context) pulumix.Output[SecretBackendConnectionInfluxdb] { + return pulumix.Output[SecretBackendConnectionInfluxdb]{ + OutputState: i.ToSecretBackendConnectionInfluxdbOutputWithContext(ctx).OutputState, + } +} + func (i SecretBackendConnectionInfluxdbArgs) ToSecretBackendConnectionInfluxdbPtrOutput() SecretBackendConnectionInfluxdbPtrOutput { return i.ToSecretBackendConnectionInfluxdbPtrOutputWithContext(context.Background()) } @@ -1309,6 +1419,12 @@ func (i *secretBackendConnectionInfluxdbPtrType) ToSecretBackendConnectionInflux return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConnectionInfluxdbPtrOutput) } +func (i *secretBackendConnectionInfluxdbPtrType) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConnectionInfluxdb] { + return pulumix.Output[*SecretBackendConnectionInfluxdb]{ + OutputState: i.ToSecretBackendConnectionInfluxdbPtrOutputWithContext(ctx).OutputState, + } +} + type SecretBackendConnectionInfluxdbOutput struct{ *pulumi.OutputState } func (SecretBackendConnectionInfluxdbOutput) ElementType() reflect.Type { @@ -1333,6 +1449,12 @@ func (o SecretBackendConnectionInfluxdbOutput) ToSecretBackendConnectionInfluxdb }).(SecretBackendConnectionInfluxdbPtrOutput) } +func (o SecretBackendConnectionInfluxdbOutput) ToOutput(ctx context.Context) pulumix.Output[SecretBackendConnectionInfluxdb] { + return pulumix.Output[SecretBackendConnectionInfluxdb]{ + OutputState: o.OutputState, + } +} + // The number of seconds to use as a connection // timeout. func (o SecretBackendConnectionInfluxdbOutput) ConnectTimeout() pulumi.IntPtrOutput { @@ -1350,7 +1472,7 @@ func (o SecretBackendConnectionInfluxdbOutput) InsecureTls() pulumi.BoolPtrOutpu return o.ApplyT(func(v SecretBackendConnectionInfluxdb) *bool { return v.InsecureTls }).(pulumi.BoolPtrOutput) } -// The root credential password used in the connection URL. +// The password to authenticate with. func (o SecretBackendConnectionInfluxdbOutput) Password() pulumi.StringOutput { return o.ApplyT(func(v SecretBackendConnectionInfluxdb) string { return v.Password }).(pulumi.StringOutput) } @@ -1372,17 +1494,17 @@ func (o SecretBackendConnectionInfluxdbOutput) Port() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretBackendConnectionInfluxdb) *int { return v.Port }).(pulumi.IntPtrOutput) } -// Whether to use TLS when connecting to Redis. +// Whether to use TLS when connecting to Cassandra. func (o SecretBackendConnectionInfluxdbOutput) Tls() pulumi.BoolPtrOutput { return o.ApplyT(func(v SecretBackendConnectionInfluxdb) *bool { return v.Tls }).(pulumi.BoolPtrOutput) } -// The root credential username used in the connection URL. +// The username to authenticate with. func (o SecretBackendConnectionInfluxdbOutput) Username() pulumi.StringOutput { return o.ApplyT(func(v SecretBackendConnectionInfluxdb) string { return v.Username }).(pulumi.StringOutput) } -// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. +// Template describing how dynamic usernames are generated. func (o SecretBackendConnectionInfluxdbOutput) UsernameTemplate() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionInfluxdb) *string { return v.UsernameTemplate }).(pulumi.StringPtrOutput) } @@ -1401,6 +1523,12 @@ func (o SecretBackendConnectionInfluxdbPtrOutput) ToSecretBackendConnectionInflu return o } +func (o SecretBackendConnectionInfluxdbPtrOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConnectionInfluxdb] { + return pulumix.Output[*SecretBackendConnectionInfluxdb]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendConnectionInfluxdbPtrOutput) Elem() SecretBackendConnectionInfluxdbOutput { return o.ApplyT(func(v *SecretBackendConnectionInfluxdb) SecretBackendConnectionInfluxdb { if v != nil { @@ -1443,7 +1571,7 @@ func (o SecretBackendConnectionInfluxdbPtrOutput) InsecureTls() pulumi.BoolPtrOu }).(pulumi.BoolPtrOutput) } -// The root credential password used in the connection URL. +// The password to authenticate with. func (o SecretBackendConnectionInfluxdbPtrOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionInfluxdb) *string { if v == nil { @@ -1485,7 +1613,7 @@ func (o SecretBackendConnectionInfluxdbPtrOutput) Port() pulumi.IntPtrOutput { }).(pulumi.IntPtrOutput) } -// Whether to use TLS when connecting to Redis. +// Whether to use TLS when connecting to Cassandra. func (o SecretBackendConnectionInfluxdbPtrOutput) Tls() pulumi.BoolPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionInfluxdb) *bool { if v == nil { @@ -1495,7 +1623,7 @@ func (o SecretBackendConnectionInfluxdbPtrOutput) Tls() pulumi.BoolPtrOutput { }).(pulumi.BoolPtrOutput) } -// The root credential username used in the connection URL. +// The username to authenticate with. func (o SecretBackendConnectionInfluxdbPtrOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionInfluxdb) *string { if v == nil { @@ -1505,7 +1633,7 @@ func (o SecretBackendConnectionInfluxdbPtrOutput) Username() pulumi.StringPtrOut }).(pulumi.StringPtrOutput) } -// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. +// Template describing how dynamic usernames are generated. func (o SecretBackendConnectionInfluxdbPtrOutput) UsernameTemplate() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionInfluxdb) *string { if v == nil { @@ -1516,24 +1644,25 @@ func (o SecretBackendConnectionInfluxdbPtrOutput) UsernameTemplate() pulumi.Stri } type SecretBackendConnectionMongodb struct { - // Specifies the Redshift DSN. See + // A URL containing connection information. See // the [Vault - // docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + // docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. ConnectionUrl *string `pulumi:"connectionUrl"` - // The maximum amount of time a connection may be reused. + // The maximum number of seconds to keep + // a connection alive for. MaxConnectionLifetime *int `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // the database. + // maintain. MaxIdleConnections *int `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // the database. + // use. MaxOpenConnections *int `pulumi:"maxOpenConnections"` - // The root credential password used in the connection URL. + // The password to authenticate with. Password *string `pulumi:"password"` - // The root credential username used in the connection URL. + // The username to authenticate with. Username *string `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // Template describing how dynamic usernames are generated. UsernameTemplate *string `pulumi:"usernameTemplate"` } @@ -1549,24 +1678,25 @@ type SecretBackendConnectionMongodbInput interface { } type SecretBackendConnectionMongodbArgs struct { - // Specifies the Redshift DSN. See + // A URL containing connection information. See // the [Vault - // docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + // docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. ConnectionUrl pulumi.StringPtrInput `pulumi:"connectionUrl"` - // The maximum amount of time a connection may be reused. + // The maximum number of seconds to keep + // a connection alive for. MaxConnectionLifetime pulumi.IntPtrInput `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // the database. + // maintain. MaxIdleConnections pulumi.IntPtrInput `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // the database. + // use. MaxOpenConnections pulumi.IntPtrInput `pulumi:"maxOpenConnections"` - // The root credential password used in the connection URL. + // The password to authenticate with. Password pulumi.StringPtrInput `pulumi:"password"` - // The root credential username used in the connection URL. + // The username to authenticate with. Username pulumi.StringPtrInput `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // Template describing how dynamic usernames are generated. UsernameTemplate pulumi.StringPtrInput `pulumi:"usernameTemplate"` } @@ -1582,6 +1712,12 @@ func (i SecretBackendConnectionMongodbArgs) ToSecretBackendConnectionMongodbOutp return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConnectionMongodbOutput) } +func (i SecretBackendConnectionMongodbArgs) ToOutput(ctx context.Context) pulumix.Output[SecretBackendConnectionMongodb] { + return pulumix.Output[SecretBackendConnectionMongodb]{ + OutputState: i.ToSecretBackendConnectionMongodbOutputWithContext(ctx).OutputState, + } +} + func (i SecretBackendConnectionMongodbArgs) ToSecretBackendConnectionMongodbPtrOutput() SecretBackendConnectionMongodbPtrOutput { return i.ToSecretBackendConnectionMongodbPtrOutputWithContext(context.Background()) } @@ -1623,6 +1759,12 @@ func (i *secretBackendConnectionMongodbPtrType) ToSecretBackendConnectionMongodb return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConnectionMongodbPtrOutput) } +func (i *secretBackendConnectionMongodbPtrType) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConnectionMongodb] { + return pulumix.Output[*SecretBackendConnectionMongodb]{ + OutputState: i.ToSecretBackendConnectionMongodbPtrOutputWithContext(ctx).OutputState, + } +} + type SecretBackendConnectionMongodbOutput struct{ *pulumi.OutputState } func (SecretBackendConnectionMongodbOutput) ElementType() reflect.Type { @@ -1647,42 +1789,49 @@ func (o SecretBackendConnectionMongodbOutput) ToSecretBackendConnectionMongodbPt }).(SecretBackendConnectionMongodbPtrOutput) } -// Specifies the Redshift DSN. See +func (o SecretBackendConnectionMongodbOutput) ToOutput(ctx context.Context) pulumix.Output[SecretBackendConnectionMongodb] { + return pulumix.Output[SecretBackendConnectionMongodb]{ + OutputState: o.OutputState, + } +} + +// A URL containing connection information. See // the [Vault -// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) +// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. func (o SecretBackendConnectionMongodbOutput) ConnectionUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMongodb) *string { return v.ConnectionUrl }).(pulumi.StringPtrOutput) } -// The maximum amount of time a connection may be reused. +// The maximum number of seconds to keep +// a connection alive for. func (o SecretBackendConnectionMongodbOutput) MaxConnectionLifetime() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMongodb) *int { return v.MaxConnectionLifetime }).(pulumi.IntPtrOutput) } // The maximum number of idle connections to -// the database. +// maintain. func (o SecretBackendConnectionMongodbOutput) MaxIdleConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMongodb) *int { return v.MaxIdleConnections }).(pulumi.IntPtrOutput) } // The maximum number of open connections to -// the database. +// use. func (o SecretBackendConnectionMongodbOutput) MaxOpenConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMongodb) *int { return v.MaxOpenConnections }).(pulumi.IntPtrOutput) } -// The root credential password used in the connection URL. +// The password to authenticate with. func (o SecretBackendConnectionMongodbOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMongodb) *string { return v.Password }).(pulumi.StringPtrOutput) } -// The root credential username used in the connection URL. +// The username to authenticate with. func (o SecretBackendConnectionMongodbOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMongodb) *string { return v.Username }).(pulumi.StringPtrOutput) } -// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. +// Template describing how dynamic usernames are generated. func (o SecretBackendConnectionMongodbOutput) UsernameTemplate() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMongodb) *string { return v.UsernameTemplate }).(pulumi.StringPtrOutput) } @@ -1701,6 +1850,12 @@ func (o SecretBackendConnectionMongodbPtrOutput) ToSecretBackendConnectionMongod return o } +func (o SecretBackendConnectionMongodbPtrOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConnectionMongodb] { + return pulumix.Output[*SecretBackendConnectionMongodb]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendConnectionMongodbPtrOutput) Elem() SecretBackendConnectionMongodbOutput { return o.ApplyT(func(v *SecretBackendConnectionMongodb) SecretBackendConnectionMongodb { if v != nil { @@ -1711,9 +1866,9 @@ func (o SecretBackendConnectionMongodbPtrOutput) Elem() SecretBackendConnectionM }).(SecretBackendConnectionMongodbOutput) } -// Specifies the Redshift DSN. See +// A URL containing connection information. See // the [Vault -// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) +// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. func (o SecretBackendConnectionMongodbPtrOutput) ConnectionUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMongodb) *string { @@ -1724,7 +1879,8 @@ func (o SecretBackendConnectionMongodbPtrOutput) ConnectionUrl() pulumi.StringPt }).(pulumi.StringPtrOutput) } -// The maximum amount of time a connection may be reused. +// The maximum number of seconds to keep +// a connection alive for. func (o SecretBackendConnectionMongodbPtrOutput) MaxConnectionLifetime() pulumi.IntPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMongodb) *int { if v == nil { @@ -1735,7 +1891,7 @@ func (o SecretBackendConnectionMongodbPtrOutput) MaxConnectionLifetime() pulumi. } // The maximum number of idle connections to -// the database. +// maintain. func (o SecretBackendConnectionMongodbPtrOutput) MaxIdleConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMongodb) *int { if v == nil { @@ -1746,7 +1902,7 @@ func (o SecretBackendConnectionMongodbPtrOutput) MaxIdleConnections() pulumi.Int } // The maximum number of open connections to -// the database. +// use. func (o SecretBackendConnectionMongodbPtrOutput) MaxOpenConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMongodb) *int { if v == nil { @@ -1756,7 +1912,7 @@ func (o SecretBackendConnectionMongodbPtrOutput) MaxOpenConnections() pulumi.Int }).(pulumi.IntPtrOutput) } -// The root credential password used in the connection URL. +// The password to authenticate with. func (o SecretBackendConnectionMongodbPtrOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMongodb) *string { if v == nil { @@ -1766,7 +1922,7 @@ func (o SecretBackendConnectionMongodbPtrOutput) Password() pulumi.StringPtrOutp }).(pulumi.StringPtrOutput) } -// The root credential username used in the connection URL. +// The username to authenticate with. func (o SecretBackendConnectionMongodbPtrOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMongodb) *string { if v == nil { @@ -1776,7 +1932,7 @@ func (o SecretBackendConnectionMongodbPtrOutput) Username() pulumi.StringPtrOutp }).(pulumi.StringPtrOutput) } -// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. +// Template describing how dynamic usernames are generated. func (o SecretBackendConnectionMongodbPtrOutput) UsernameTemplate() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMongodb) *string { if v == nil { @@ -1827,6 +1983,12 @@ func (i SecretBackendConnectionMongodbatlasArgs) ToSecretBackendConnectionMongod return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConnectionMongodbatlasOutput) } +func (i SecretBackendConnectionMongodbatlasArgs) ToOutput(ctx context.Context) pulumix.Output[SecretBackendConnectionMongodbatlas] { + return pulumix.Output[SecretBackendConnectionMongodbatlas]{ + OutputState: i.ToSecretBackendConnectionMongodbatlasOutputWithContext(ctx).OutputState, + } +} + func (i SecretBackendConnectionMongodbatlasArgs) ToSecretBackendConnectionMongodbatlasPtrOutput() SecretBackendConnectionMongodbatlasPtrOutput { return i.ToSecretBackendConnectionMongodbatlasPtrOutputWithContext(context.Background()) } @@ -1868,6 +2030,12 @@ func (i *secretBackendConnectionMongodbatlasPtrType) ToSecretBackendConnectionMo return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConnectionMongodbatlasPtrOutput) } +func (i *secretBackendConnectionMongodbatlasPtrType) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConnectionMongodbatlas] { + return pulumix.Output[*SecretBackendConnectionMongodbatlas]{ + OutputState: i.ToSecretBackendConnectionMongodbatlasPtrOutputWithContext(ctx).OutputState, + } +} + type SecretBackendConnectionMongodbatlasOutput struct{ *pulumi.OutputState } func (SecretBackendConnectionMongodbatlasOutput) ElementType() reflect.Type { @@ -1892,6 +2060,12 @@ func (o SecretBackendConnectionMongodbatlasOutput) ToSecretBackendConnectionMong }).(SecretBackendConnectionMongodbatlasPtrOutput) } +func (o SecretBackendConnectionMongodbatlasOutput) ToOutput(ctx context.Context) pulumix.Output[SecretBackendConnectionMongodbatlas] { + return pulumix.Output[SecretBackendConnectionMongodbatlas]{ + OutputState: o.OutputState, + } +} + // The Private Programmatic API Key used to connect with MongoDB Atlas API. func (o SecretBackendConnectionMongodbatlasOutput) PrivateKey() pulumi.StringOutput { return o.ApplyT(func(v SecretBackendConnectionMongodbatlas) string { return v.PrivateKey }).(pulumi.StringOutput) @@ -1921,6 +2095,12 @@ func (o SecretBackendConnectionMongodbatlasPtrOutput) ToSecretBackendConnectionM return o } +func (o SecretBackendConnectionMongodbatlasPtrOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConnectionMongodbatlas] { + return pulumix.Output[*SecretBackendConnectionMongodbatlas]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendConnectionMongodbatlasPtrOutput) Elem() SecretBackendConnectionMongodbatlasOutput { return o.ApplyT(func(v *SecretBackendConnectionMongodbatlas) SecretBackendConnectionMongodbatlas { if v != nil { @@ -1962,9 +2142,9 @@ func (o SecretBackendConnectionMongodbatlasPtrOutput) PublicKey() pulumi.StringP } type SecretBackendConnectionMssql struct { - // Specifies the Redshift DSN. See + // A URL containing connection information. See // the [Vault - // docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + // docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. ConnectionUrl *string `pulumi:"connectionUrl"` // For Vault v1.9+. Set to true when the target is a @@ -1974,19 +2154,20 @@ type SecretBackendConnectionMssql struct { ContainedDb *bool `pulumi:"containedDb"` // Disable special character escaping in username and password. DisableEscaping *bool `pulumi:"disableEscaping"` - // The maximum amount of time a connection may be reused. + // The maximum number of seconds to keep + // a connection alive for. MaxConnectionLifetime *int `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // the database. + // maintain. MaxIdleConnections *int `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // the database. + // use. MaxOpenConnections *int `pulumi:"maxOpenConnections"` - // The root credential password used in the connection URL. + // The password to authenticate with. Password *string `pulumi:"password"` - // The root credential username used in the connection URL. + // The username to authenticate with. Username *string `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // Template describing how dynamic usernames are generated. UsernameTemplate *string `pulumi:"usernameTemplate"` } @@ -2002,9 +2183,9 @@ type SecretBackendConnectionMssqlInput interface { } type SecretBackendConnectionMssqlArgs struct { - // Specifies the Redshift DSN. See + // A URL containing connection information. See // the [Vault - // docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + // docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. ConnectionUrl pulumi.StringPtrInput `pulumi:"connectionUrl"` // For Vault v1.9+. Set to true when the target is a @@ -2014,19 +2195,20 @@ type SecretBackendConnectionMssqlArgs struct { ContainedDb pulumi.BoolPtrInput `pulumi:"containedDb"` // Disable special character escaping in username and password. DisableEscaping pulumi.BoolPtrInput `pulumi:"disableEscaping"` - // The maximum amount of time a connection may be reused. + // The maximum number of seconds to keep + // a connection alive for. MaxConnectionLifetime pulumi.IntPtrInput `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // the database. + // maintain. MaxIdleConnections pulumi.IntPtrInput `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // the database. + // use. MaxOpenConnections pulumi.IntPtrInput `pulumi:"maxOpenConnections"` - // The root credential password used in the connection URL. + // The password to authenticate with. Password pulumi.StringPtrInput `pulumi:"password"` - // The root credential username used in the connection URL. + // The username to authenticate with. Username pulumi.StringPtrInput `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // Template describing how dynamic usernames are generated. UsernameTemplate pulumi.StringPtrInput `pulumi:"usernameTemplate"` } @@ -2042,6 +2224,12 @@ func (i SecretBackendConnectionMssqlArgs) ToSecretBackendConnectionMssqlOutputWi return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConnectionMssqlOutput) } +func (i SecretBackendConnectionMssqlArgs) ToOutput(ctx context.Context) pulumix.Output[SecretBackendConnectionMssql] { + return pulumix.Output[SecretBackendConnectionMssql]{ + OutputState: i.ToSecretBackendConnectionMssqlOutputWithContext(ctx).OutputState, + } +} + func (i SecretBackendConnectionMssqlArgs) ToSecretBackendConnectionMssqlPtrOutput() SecretBackendConnectionMssqlPtrOutput { return i.ToSecretBackendConnectionMssqlPtrOutputWithContext(context.Background()) } @@ -2083,6 +2271,12 @@ func (i *secretBackendConnectionMssqlPtrType) ToSecretBackendConnectionMssqlPtrO return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConnectionMssqlPtrOutput) } +func (i *secretBackendConnectionMssqlPtrType) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConnectionMssql] { + return pulumix.Output[*SecretBackendConnectionMssql]{ + OutputState: i.ToSecretBackendConnectionMssqlPtrOutputWithContext(ctx).OutputState, + } +} + type SecretBackendConnectionMssqlOutput struct{ *pulumi.OutputState } func (SecretBackendConnectionMssqlOutput) ElementType() reflect.Type { @@ -2107,9 +2301,15 @@ func (o SecretBackendConnectionMssqlOutput) ToSecretBackendConnectionMssqlPtrOut }).(SecretBackendConnectionMssqlPtrOutput) } -// Specifies the Redshift DSN. See +func (o SecretBackendConnectionMssqlOutput) ToOutput(ctx context.Context) pulumix.Output[SecretBackendConnectionMssql] { + return pulumix.Output[SecretBackendConnectionMssql]{ + OutputState: o.OutputState, + } +} + +// A URL containing connection information. See // the [Vault -// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) +// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. func (o SecretBackendConnectionMssqlOutput) ConnectionUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMssql) *string { return v.ConnectionUrl }).(pulumi.StringPtrOutput) @@ -2128,34 +2328,35 @@ func (o SecretBackendConnectionMssqlOutput) DisableEscaping() pulumi.BoolPtrOutp return o.ApplyT(func(v SecretBackendConnectionMssql) *bool { return v.DisableEscaping }).(pulumi.BoolPtrOutput) } -// The maximum amount of time a connection may be reused. +// The maximum number of seconds to keep +// a connection alive for. func (o SecretBackendConnectionMssqlOutput) MaxConnectionLifetime() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMssql) *int { return v.MaxConnectionLifetime }).(pulumi.IntPtrOutput) } // The maximum number of idle connections to -// the database. +// maintain. func (o SecretBackendConnectionMssqlOutput) MaxIdleConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMssql) *int { return v.MaxIdleConnections }).(pulumi.IntPtrOutput) } // The maximum number of open connections to -// the database. +// use. func (o SecretBackendConnectionMssqlOutput) MaxOpenConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMssql) *int { return v.MaxOpenConnections }).(pulumi.IntPtrOutput) } -// The root credential password used in the connection URL. +// The password to authenticate with. func (o SecretBackendConnectionMssqlOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMssql) *string { return v.Password }).(pulumi.StringPtrOutput) } -// The root credential username used in the connection URL. +// The username to authenticate with. func (o SecretBackendConnectionMssqlOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMssql) *string { return v.Username }).(pulumi.StringPtrOutput) } -// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. +// Template describing how dynamic usernames are generated. func (o SecretBackendConnectionMssqlOutput) UsernameTemplate() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMssql) *string { return v.UsernameTemplate }).(pulumi.StringPtrOutput) } @@ -2174,6 +2375,12 @@ func (o SecretBackendConnectionMssqlPtrOutput) ToSecretBackendConnectionMssqlPtr return o } +func (o SecretBackendConnectionMssqlPtrOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConnectionMssql] { + return pulumix.Output[*SecretBackendConnectionMssql]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendConnectionMssqlPtrOutput) Elem() SecretBackendConnectionMssqlOutput { return o.ApplyT(func(v *SecretBackendConnectionMssql) SecretBackendConnectionMssql { if v != nil { @@ -2184,9 +2391,9 @@ func (o SecretBackendConnectionMssqlPtrOutput) Elem() SecretBackendConnectionMss }).(SecretBackendConnectionMssqlOutput) } -// Specifies the Redshift DSN. See +// A URL containing connection information. See // the [Vault -// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) +// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. func (o SecretBackendConnectionMssqlPtrOutput) ConnectionUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMssql) *string { @@ -2220,7 +2427,8 @@ func (o SecretBackendConnectionMssqlPtrOutput) DisableEscaping() pulumi.BoolPtrO }).(pulumi.BoolPtrOutput) } -// The maximum amount of time a connection may be reused. +// The maximum number of seconds to keep +// a connection alive for. func (o SecretBackendConnectionMssqlPtrOutput) MaxConnectionLifetime() pulumi.IntPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMssql) *int { if v == nil { @@ -2231,7 +2439,7 @@ func (o SecretBackendConnectionMssqlPtrOutput) MaxConnectionLifetime() pulumi.In } // The maximum number of idle connections to -// the database. +// maintain. func (o SecretBackendConnectionMssqlPtrOutput) MaxIdleConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMssql) *int { if v == nil { @@ -2242,7 +2450,7 @@ func (o SecretBackendConnectionMssqlPtrOutput) MaxIdleConnections() pulumi.IntPt } // The maximum number of open connections to -// the database. +// use. func (o SecretBackendConnectionMssqlPtrOutput) MaxOpenConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMssql) *int { if v == nil { @@ -2252,7 +2460,7 @@ func (o SecretBackendConnectionMssqlPtrOutput) MaxOpenConnections() pulumi.IntPt }).(pulumi.IntPtrOutput) } -// The root credential password used in the connection URL. +// The password to authenticate with. func (o SecretBackendConnectionMssqlPtrOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMssql) *string { if v == nil { @@ -2262,7 +2470,7 @@ func (o SecretBackendConnectionMssqlPtrOutput) Password() pulumi.StringPtrOutput }).(pulumi.StringPtrOutput) } -// The root credential username used in the connection URL. +// The username to authenticate with. func (o SecretBackendConnectionMssqlPtrOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMssql) *string { if v == nil { @@ -2272,7 +2480,7 @@ func (o SecretBackendConnectionMssqlPtrOutput) Username() pulumi.StringPtrOutput }).(pulumi.StringPtrOutput) } -// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. +// Template describing how dynamic usernames are generated. func (o SecretBackendConnectionMssqlPtrOutput) UsernameTemplate() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMssql) *string { if v == nil { @@ -2285,20 +2493,21 @@ func (o SecretBackendConnectionMssqlPtrOutput) UsernameTemplate() pulumi.StringP type SecretBackendConnectionMysql struct { // Enable IAM authentication to a Google Cloud instance when set to `gcpIam` AuthType *string `pulumi:"authType"` - // Specifies the Redshift DSN. See + // A URL containing connection information. See // the [Vault - // docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + // docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. ConnectionUrl *string `pulumi:"connectionUrl"` - // The maximum amount of time a connection may be reused. + // The maximum number of seconds to keep + // a connection alive for. MaxConnectionLifetime *int `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // the database. + // maintain. MaxIdleConnections *int `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // the database. + // use. MaxOpenConnections *int `pulumi:"maxOpenConnections"` - // The root credential password used in the connection URL. + // The password to authenticate with. Password *string `pulumi:"password"` // JSON encoding of an IAM access key. Requires `authType` to be `gcpIam`. ServiceAccountJson *string `pulumi:"serviceAccountJson"` @@ -2306,9 +2515,9 @@ type SecretBackendConnectionMysql struct { TlsCa *string `pulumi:"tlsCa"` // x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined. TlsCertificateKey *string `pulumi:"tlsCertificateKey"` - // The root credential username used in the connection URL. + // The username to authenticate with. Username *string `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // Template describing how dynamic usernames are generated. UsernameTemplate *string `pulumi:"usernameTemplate"` } @@ -2326,20 +2535,21 @@ type SecretBackendConnectionMysqlInput interface { type SecretBackendConnectionMysqlArgs struct { // Enable IAM authentication to a Google Cloud instance when set to `gcpIam` AuthType pulumi.StringPtrInput `pulumi:"authType"` - // Specifies the Redshift DSN. See + // A URL containing connection information. See // the [Vault - // docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + // docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. ConnectionUrl pulumi.StringPtrInput `pulumi:"connectionUrl"` - // The maximum amount of time a connection may be reused. + // The maximum number of seconds to keep + // a connection alive for. MaxConnectionLifetime pulumi.IntPtrInput `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // the database. + // maintain. MaxIdleConnections pulumi.IntPtrInput `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // the database. + // use. MaxOpenConnections pulumi.IntPtrInput `pulumi:"maxOpenConnections"` - // The root credential password used in the connection URL. + // The password to authenticate with. Password pulumi.StringPtrInput `pulumi:"password"` // JSON encoding of an IAM access key. Requires `authType` to be `gcpIam`. ServiceAccountJson pulumi.StringPtrInput `pulumi:"serviceAccountJson"` @@ -2347,9 +2557,9 @@ type SecretBackendConnectionMysqlArgs struct { TlsCa pulumi.StringPtrInput `pulumi:"tlsCa"` // x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined. TlsCertificateKey pulumi.StringPtrInput `pulumi:"tlsCertificateKey"` - // The root credential username used in the connection URL. + // The username to authenticate with. Username pulumi.StringPtrInput `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // Template describing how dynamic usernames are generated. UsernameTemplate pulumi.StringPtrInput `pulumi:"usernameTemplate"` } @@ -2365,6 +2575,12 @@ func (i SecretBackendConnectionMysqlArgs) ToSecretBackendConnectionMysqlOutputWi return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConnectionMysqlOutput) } +func (i SecretBackendConnectionMysqlArgs) ToOutput(ctx context.Context) pulumix.Output[SecretBackendConnectionMysql] { + return pulumix.Output[SecretBackendConnectionMysql]{ + OutputState: i.ToSecretBackendConnectionMysqlOutputWithContext(ctx).OutputState, + } +} + func (i SecretBackendConnectionMysqlArgs) ToSecretBackendConnectionMysqlPtrOutput() SecretBackendConnectionMysqlPtrOutput { return i.ToSecretBackendConnectionMysqlPtrOutputWithContext(context.Background()) } @@ -2406,6 +2622,12 @@ func (i *secretBackendConnectionMysqlPtrType) ToSecretBackendConnectionMysqlPtrO return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConnectionMysqlPtrOutput) } +func (i *secretBackendConnectionMysqlPtrType) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConnectionMysql] { + return pulumix.Output[*SecretBackendConnectionMysql]{ + OutputState: i.ToSecretBackendConnectionMysqlPtrOutputWithContext(ctx).OutputState, + } +} + type SecretBackendConnectionMysqlOutput struct{ *pulumi.OutputState } func (SecretBackendConnectionMysqlOutput) ElementType() reflect.Type { @@ -2430,37 +2652,44 @@ func (o SecretBackendConnectionMysqlOutput) ToSecretBackendConnectionMysqlPtrOut }).(SecretBackendConnectionMysqlPtrOutput) } +func (o SecretBackendConnectionMysqlOutput) ToOutput(ctx context.Context) pulumix.Output[SecretBackendConnectionMysql] { + return pulumix.Output[SecretBackendConnectionMysql]{ + OutputState: o.OutputState, + } +} + // Enable IAM authentication to a Google Cloud instance when set to `gcpIam` func (o SecretBackendConnectionMysqlOutput) AuthType() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMysql) *string { return v.AuthType }).(pulumi.StringPtrOutput) } -// Specifies the Redshift DSN. See +// A URL containing connection information. See // the [Vault -// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) +// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. func (o SecretBackendConnectionMysqlOutput) ConnectionUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMysql) *string { return v.ConnectionUrl }).(pulumi.StringPtrOutput) } -// The maximum amount of time a connection may be reused. +// The maximum number of seconds to keep +// a connection alive for. func (o SecretBackendConnectionMysqlOutput) MaxConnectionLifetime() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMysql) *int { return v.MaxConnectionLifetime }).(pulumi.IntPtrOutput) } // The maximum number of idle connections to -// the database. +// maintain. func (o SecretBackendConnectionMysqlOutput) MaxIdleConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMysql) *int { return v.MaxIdleConnections }).(pulumi.IntPtrOutput) } // The maximum number of open connections to -// the database. +// use. func (o SecretBackendConnectionMysqlOutput) MaxOpenConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMysql) *int { return v.MaxOpenConnections }).(pulumi.IntPtrOutput) } -// The root credential password used in the connection URL. +// The password to authenticate with. func (o SecretBackendConnectionMysqlOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMysql) *string { return v.Password }).(pulumi.StringPtrOutput) } @@ -2480,12 +2709,12 @@ func (o SecretBackendConnectionMysqlOutput) TlsCertificateKey() pulumi.StringPtr return o.ApplyT(func(v SecretBackendConnectionMysql) *string { return v.TlsCertificateKey }).(pulumi.StringPtrOutput) } -// The root credential username used in the connection URL. +// The username to authenticate with. func (o SecretBackendConnectionMysqlOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMysql) *string { return v.Username }).(pulumi.StringPtrOutput) } -// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. +// Template describing how dynamic usernames are generated. func (o SecretBackendConnectionMysqlOutput) UsernameTemplate() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMysql) *string { return v.UsernameTemplate }).(pulumi.StringPtrOutput) } @@ -2504,6 +2733,12 @@ func (o SecretBackendConnectionMysqlPtrOutput) ToSecretBackendConnectionMysqlPtr return o } +func (o SecretBackendConnectionMysqlPtrOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConnectionMysql] { + return pulumix.Output[*SecretBackendConnectionMysql]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendConnectionMysqlPtrOutput) Elem() SecretBackendConnectionMysqlOutput { return o.ApplyT(func(v *SecretBackendConnectionMysql) SecretBackendConnectionMysql { if v != nil { @@ -2524,9 +2759,9 @@ func (o SecretBackendConnectionMysqlPtrOutput) AuthType() pulumi.StringPtrOutput }).(pulumi.StringPtrOutput) } -// Specifies the Redshift DSN. See +// A URL containing connection information. See // the [Vault -// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) +// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. func (o SecretBackendConnectionMysqlPtrOutput) ConnectionUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMysql) *string { @@ -2537,7 +2772,8 @@ func (o SecretBackendConnectionMysqlPtrOutput) ConnectionUrl() pulumi.StringPtrO }).(pulumi.StringPtrOutput) } -// The maximum amount of time a connection may be reused. +// The maximum number of seconds to keep +// a connection alive for. func (o SecretBackendConnectionMysqlPtrOutput) MaxConnectionLifetime() pulumi.IntPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMysql) *int { if v == nil { @@ -2548,7 +2784,7 @@ func (o SecretBackendConnectionMysqlPtrOutput) MaxConnectionLifetime() pulumi.In } // The maximum number of idle connections to -// the database. +// maintain. func (o SecretBackendConnectionMysqlPtrOutput) MaxIdleConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMysql) *int { if v == nil { @@ -2559,7 +2795,7 @@ func (o SecretBackendConnectionMysqlPtrOutput) MaxIdleConnections() pulumi.IntPt } // The maximum number of open connections to -// the database. +// use. func (o SecretBackendConnectionMysqlPtrOutput) MaxOpenConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMysql) *int { if v == nil { @@ -2569,7 +2805,7 @@ func (o SecretBackendConnectionMysqlPtrOutput) MaxOpenConnections() pulumi.IntPt }).(pulumi.IntPtrOutput) } -// The root credential password used in the connection URL. +// The password to authenticate with. func (o SecretBackendConnectionMysqlPtrOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMysql) *string { if v == nil { @@ -2609,7 +2845,7 @@ func (o SecretBackendConnectionMysqlPtrOutput) TlsCertificateKey() pulumi.String }).(pulumi.StringPtrOutput) } -// The root credential username used in the connection URL. +// The username to authenticate with. func (o SecretBackendConnectionMysqlPtrOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMysql) *string { if v == nil { @@ -2619,7 +2855,7 @@ func (o SecretBackendConnectionMysqlPtrOutput) Username() pulumi.StringPtrOutput }).(pulumi.StringPtrOutput) } -// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. +// Template describing how dynamic usernames are generated. func (o SecretBackendConnectionMysqlPtrOutput) UsernameTemplate() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMysql) *string { if v == nil { @@ -2630,24 +2866,25 @@ func (o SecretBackendConnectionMysqlPtrOutput) UsernameTemplate() pulumi.StringP } type SecretBackendConnectionMysqlAurora struct { - // Specifies the Redshift DSN. See + // A URL containing connection information. See // the [Vault - // docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + // docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. ConnectionUrl *string `pulumi:"connectionUrl"` - // The maximum amount of time a connection may be reused. + // The maximum number of seconds to keep + // a connection alive for. MaxConnectionLifetime *int `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // the database. + // maintain. MaxIdleConnections *int `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // the database. + // use. MaxOpenConnections *int `pulumi:"maxOpenConnections"` - // The root credential password used in the connection URL. + // The password to authenticate with. Password *string `pulumi:"password"` - // The root credential username used in the connection URL. + // The username to authenticate with. Username *string `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // Template describing how dynamic usernames are generated. UsernameTemplate *string `pulumi:"usernameTemplate"` } @@ -2663,24 +2900,25 @@ type SecretBackendConnectionMysqlAuroraInput interface { } type SecretBackendConnectionMysqlAuroraArgs struct { - // Specifies the Redshift DSN. See + // A URL containing connection information. See // the [Vault - // docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + // docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. ConnectionUrl pulumi.StringPtrInput `pulumi:"connectionUrl"` - // The maximum amount of time a connection may be reused. + // The maximum number of seconds to keep + // a connection alive for. MaxConnectionLifetime pulumi.IntPtrInput `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // the database. + // maintain. MaxIdleConnections pulumi.IntPtrInput `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // the database. + // use. MaxOpenConnections pulumi.IntPtrInput `pulumi:"maxOpenConnections"` - // The root credential password used in the connection URL. + // The password to authenticate with. Password pulumi.StringPtrInput `pulumi:"password"` - // The root credential username used in the connection URL. + // The username to authenticate with. Username pulumi.StringPtrInput `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // Template describing how dynamic usernames are generated. UsernameTemplate pulumi.StringPtrInput `pulumi:"usernameTemplate"` } @@ -2696,6 +2934,12 @@ func (i SecretBackendConnectionMysqlAuroraArgs) ToSecretBackendConnectionMysqlAu return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConnectionMysqlAuroraOutput) } +func (i SecretBackendConnectionMysqlAuroraArgs) ToOutput(ctx context.Context) pulumix.Output[SecretBackendConnectionMysqlAurora] { + return pulumix.Output[SecretBackendConnectionMysqlAurora]{ + OutputState: i.ToSecretBackendConnectionMysqlAuroraOutputWithContext(ctx).OutputState, + } +} + func (i SecretBackendConnectionMysqlAuroraArgs) ToSecretBackendConnectionMysqlAuroraPtrOutput() SecretBackendConnectionMysqlAuroraPtrOutput { return i.ToSecretBackendConnectionMysqlAuroraPtrOutputWithContext(context.Background()) } @@ -2737,6 +2981,12 @@ func (i *secretBackendConnectionMysqlAuroraPtrType) ToSecretBackendConnectionMys return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConnectionMysqlAuroraPtrOutput) } +func (i *secretBackendConnectionMysqlAuroraPtrType) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConnectionMysqlAurora] { + return pulumix.Output[*SecretBackendConnectionMysqlAurora]{ + OutputState: i.ToSecretBackendConnectionMysqlAuroraPtrOutputWithContext(ctx).OutputState, + } +} + type SecretBackendConnectionMysqlAuroraOutput struct{ *pulumi.OutputState } func (SecretBackendConnectionMysqlAuroraOutput) ElementType() reflect.Type { @@ -2761,42 +3011,49 @@ func (o SecretBackendConnectionMysqlAuroraOutput) ToSecretBackendConnectionMysql }).(SecretBackendConnectionMysqlAuroraPtrOutput) } -// Specifies the Redshift DSN. See +func (o SecretBackendConnectionMysqlAuroraOutput) ToOutput(ctx context.Context) pulumix.Output[SecretBackendConnectionMysqlAurora] { + return pulumix.Output[SecretBackendConnectionMysqlAurora]{ + OutputState: o.OutputState, + } +} + +// A URL containing connection information. See // the [Vault -// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) +// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. func (o SecretBackendConnectionMysqlAuroraOutput) ConnectionUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMysqlAurora) *string { return v.ConnectionUrl }).(pulumi.StringPtrOutput) } -// The maximum amount of time a connection may be reused. +// The maximum number of seconds to keep +// a connection alive for. func (o SecretBackendConnectionMysqlAuroraOutput) MaxConnectionLifetime() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMysqlAurora) *int { return v.MaxConnectionLifetime }).(pulumi.IntPtrOutput) } // The maximum number of idle connections to -// the database. +// maintain. func (o SecretBackendConnectionMysqlAuroraOutput) MaxIdleConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMysqlAurora) *int { return v.MaxIdleConnections }).(pulumi.IntPtrOutput) } // The maximum number of open connections to -// the database. +// use. func (o SecretBackendConnectionMysqlAuroraOutput) MaxOpenConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMysqlAurora) *int { return v.MaxOpenConnections }).(pulumi.IntPtrOutput) } -// The root credential password used in the connection URL. +// The password to authenticate with. func (o SecretBackendConnectionMysqlAuroraOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMysqlAurora) *string { return v.Password }).(pulumi.StringPtrOutput) } -// The root credential username used in the connection URL. +// The username to authenticate with. func (o SecretBackendConnectionMysqlAuroraOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMysqlAurora) *string { return v.Username }).(pulumi.StringPtrOutput) } -// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. +// Template describing how dynamic usernames are generated. func (o SecretBackendConnectionMysqlAuroraOutput) UsernameTemplate() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMysqlAurora) *string { return v.UsernameTemplate }).(pulumi.StringPtrOutput) } @@ -2815,6 +3072,12 @@ func (o SecretBackendConnectionMysqlAuroraPtrOutput) ToSecretBackendConnectionMy return o } +func (o SecretBackendConnectionMysqlAuroraPtrOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConnectionMysqlAurora] { + return pulumix.Output[*SecretBackendConnectionMysqlAurora]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendConnectionMysqlAuroraPtrOutput) Elem() SecretBackendConnectionMysqlAuroraOutput { return o.ApplyT(func(v *SecretBackendConnectionMysqlAurora) SecretBackendConnectionMysqlAurora { if v != nil { @@ -2825,9 +3088,9 @@ func (o SecretBackendConnectionMysqlAuroraPtrOutput) Elem() SecretBackendConnect }).(SecretBackendConnectionMysqlAuroraOutput) } -// Specifies the Redshift DSN. See +// A URL containing connection information. See // the [Vault -// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) +// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. func (o SecretBackendConnectionMysqlAuroraPtrOutput) ConnectionUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMysqlAurora) *string { @@ -2838,7 +3101,8 @@ func (o SecretBackendConnectionMysqlAuroraPtrOutput) ConnectionUrl() pulumi.Stri }).(pulumi.StringPtrOutput) } -// The maximum amount of time a connection may be reused. +// The maximum number of seconds to keep +// a connection alive for. func (o SecretBackendConnectionMysqlAuroraPtrOutput) MaxConnectionLifetime() pulumi.IntPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMysqlAurora) *int { if v == nil { @@ -2849,7 +3113,7 @@ func (o SecretBackendConnectionMysqlAuroraPtrOutput) MaxConnectionLifetime() pul } // The maximum number of idle connections to -// the database. +// maintain. func (o SecretBackendConnectionMysqlAuroraPtrOutput) MaxIdleConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMysqlAurora) *int { if v == nil { @@ -2860,7 +3124,7 @@ func (o SecretBackendConnectionMysqlAuroraPtrOutput) MaxIdleConnections() pulumi } // The maximum number of open connections to -// the database. +// use. func (o SecretBackendConnectionMysqlAuroraPtrOutput) MaxOpenConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMysqlAurora) *int { if v == nil { @@ -2870,7 +3134,7 @@ func (o SecretBackendConnectionMysqlAuroraPtrOutput) MaxOpenConnections() pulumi }).(pulumi.IntPtrOutput) } -// The root credential password used in the connection URL. +// The password to authenticate with. func (o SecretBackendConnectionMysqlAuroraPtrOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMysqlAurora) *string { if v == nil { @@ -2880,7 +3144,7 @@ func (o SecretBackendConnectionMysqlAuroraPtrOutput) Password() pulumi.StringPtr }).(pulumi.StringPtrOutput) } -// The root credential username used in the connection URL. +// The username to authenticate with. func (o SecretBackendConnectionMysqlAuroraPtrOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMysqlAurora) *string { if v == nil { @@ -2890,7 +3154,7 @@ func (o SecretBackendConnectionMysqlAuroraPtrOutput) Username() pulumi.StringPtr }).(pulumi.StringPtrOutput) } -// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. +// Template describing how dynamic usernames are generated. func (o SecretBackendConnectionMysqlAuroraPtrOutput) UsernameTemplate() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMysqlAurora) *string { if v == nil { @@ -2901,24 +3165,25 @@ func (o SecretBackendConnectionMysqlAuroraPtrOutput) UsernameTemplate() pulumi.S } type SecretBackendConnectionMysqlLegacy struct { - // Specifies the Redshift DSN. See + // A URL containing connection information. See // the [Vault - // docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + // docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. ConnectionUrl *string `pulumi:"connectionUrl"` - // The maximum amount of time a connection may be reused. + // The maximum number of seconds to keep + // a connection alive for. MaxConnectionLifetime *int `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // the database. + // maintain. MaxIdleConnections *int `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // the database. + // use. MaxOpenConnections *int `pulumi:"maxOpenConnections"` - // The root credential password used in the connection URL. + // The password to authenticate with. Password *string `pulumi:"password"` - // The root credential username used in the connection URL. + // The username to authenticate with. Username *string `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // Template describing how dynamic usernames are generated. UsernameTemplate *string `pulumi:"usernameTemplate"` } @@ -2934,24 +3199,25 @@ type SecretBackendConnectionMysqlLegacyInput interface { } type SecretBackendConnectionMysqlLegacyArgs struct { - // Specifies the Redshift DSN. See + // A URL containing connection information. See // the [Vault - // docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + // docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. ConnectionUrl pulumi.StringPtrInput `pulumi:"connectionUrl"` - // The maximum amount of time a connection may be reused. + // The maximum number of seconds to keep + // a connection alive for. MaxConnectionLifetime pulumi.IntPtrInput `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // the database. + // maintain. MaxIdleConnections pulumi.IntPtrInput `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // the database. + // use. MaxOpenConnections pulumi.IntPtrInput `pulumi:"maxOpenConnections"` - // The root credential password used in the connection URL. + // The password to authenticate with. Password pulumi.StringPtrInput `pulumi:"password"` - // The root credential username used in the connection URL. + // The username to authenticate with. Username pulumi.StringPtrInput `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // Template describing how dynamic usernames are generated. UsernameTemplate pulumi.StringPtrInput `pulumi:"usernameTemplate"` } @@ -2967,6 +3233,12 @@ func (i SecretBackendConnectionMysqlLegacyArgs) ToSecretBackendConnectionMysqlLe return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConnectionMysqlLegacyOutput) } +func (i SecretBackendConnectionMysqlLegacyArgs) ToOutput(ctx context.Context) pulumix.Output[SecretBackendConnectionMysqlLegacy] { + return pulumix.Output[SecretBackendConnectionMysqlLegacy]{ + OutputState: i.ToSecretBackendConnectionMysqlLegacyOutputWithContext(ctx).OutputState, + } +} + func (i SecretBackendConnectionMysqlLegacyArgs) ToSecretBackendConnectionMysqlLegacyPtrOutput() SecretBackendConnectionMysqlLegacyPtrOutput { return i.ToSecretBackendConnectionMysqlLegacyPtrOutputWithContext(context.Background()) } @@ -3008,6 +3280,12 @@ func (i *secretBackendConnectionMysqlLegacyPtrType) ToSecretBackendConnectionMys return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConnectionMysqlLegacyPtrOutput) } +func (i *secretBackendConnectionMysqlLegacyPtrType) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConnectionMysqlLegacy] { + return pulumix.Output[*SecretBackendConnectionMysqlLegacy]{ + OutputState: i.ToSecretBackendConnectionMysqlLegacyPtrOutputWithContext(ctx).OutputState, + } +} + type SecretBackendConnectionMysqlLegacyOutput struct{ *pulumi.OutputState } func (SecretBackendConnectionMysqlLegacyOutput) ElementType() reflect.Type { @@ -3032,42 +3310,49 @@ func (o SecretBackendConnectionMysqlLegacyOutput) ToSecretBackendConnectionMysql }).(SecretBackendConnectionMysqlLegacyPtrOutput) } -// Specifies the Redshift DSN. See +func (o SecretBackendConnectionMysqlLegacyOutput) ToOutput(ctx context.Context) pulumix.Output[SecretBackendConnectionMysqlLegacy] { + return pulumix.Output[SecretBackendConnectionMysqlLegacy]{ + OutputState: o.OutputState, + } +} + +// A URL containing connection information. See // the [Vault -// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) +// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. func (o SecretBackendConnectionMysqlLegacyOutput) ConnectionUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMysqlLegacy) *string { return v.ConnectionUrl }).(pulumi.StringPtrOutput) } -// The maximum amount of time a connection may be reused. +// The maximum number of seconds to keep +// a connection alive for. func (o SecretBackendConnectionMysqlLegacyOutput) MaxConnectionLifetime() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMysqlLegacy) *int { return v.MaxConnectionLifetime }).(pulumi.IntPtrOutput) } // The maximum number of idle connections to -// the database. +// maintain. func (o SecretBackendConnectionMysqlLegacyOutput) MaxIdleConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMysqlLegacy) *int { return v.MaxIdleConnections }).(pulumi.IntPtrOutput) } // The maximum number of open connections to -// the database. +// use. func (o SecretBackendConnectionMysqlLegacyOutput) MaxOpenConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMysqlLegacy) *int { return v.MaxOpenConnections }).(pulumi.IntPtrOutput) } -// The root credential password used in the connection URL. +// The password to authenticate with. func (o SecretBackendConnectionMysqlLegacyOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMysqlLegacy) *string { return v.Password }).(pulumi.StringPtrOutput) } -// The root credential username used in the connection URL. +// The username to authenticate with. func (o SecretBackendConnectionMysqlLegacyOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMysqlLegacy) *string { return v.Username }).(pulumi.StringPtrOutput) } -// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. +// Template describing how dynamic usernames are generated. func (o SecretBackendConnectionMysqlLegacyOutput) UsernameTemplate() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMysqlLegacy) *string { return v.UsernameTemplate }).(pulumi.StringPtrOutput) } @@ -3086,6 +3371,12 @@ func (o SecretBackendConnectionMysqlLegacyPtrOutput) ToSecretBackendConnectionMy return o } +func (o SecretBackendConnectionMysqlLegacyPtrOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConnectionMysqlLegacy] { + return pulumix.Output[*SecretBackendConnectionMysqlLegacy]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendConnectionMysqlLegacyPtrOutput) Elem() SecretBackendConnectionMysqlLegacyOutput { return o.ApplyT(func(v *SecretBackendConnectionMysqlLegacy) SecretBackendConnectionMysqlLegacy { if v != nil { @@ -3096,9 +3387,9 @@ func (o SecretBackendConnectionMysqlLegacyPtrOutput) Elem() SecretBackendConnect }).(SecretBackendConnectionMysqlLegacyOutput) } -// Specifies the Redshift DSN. See +// A URL containing connection information. See // the [Vault -// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) +// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. func (o SecretBackendConnectionMysqlLegacyPtrOutput) ConnectionUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMysqlLegacy) *string { @@ -3109,7 +3400,8 @@ func (o SecretBackendConnectionMysqlLegacyPtrOutput) ConnectionUrl() pulumi.Stri }).(pulumi.StringPtrOutput) } -// The maximum amount of time a connection may be reused. +// The maximum number of seconds to keep +// a connection alive for. func (o SecretBackendConnectionMysqlLegacyPtrOutput) MaxConnectionLifetime() pulumi.IntPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMysqlLegacy) *int { if v == nil { @@ -3120,7 +3412,7 @@ func (o SecretBackendConnectionMysqlLegacyPtrOutput) MaxConnectionLifetime() pul } // The maximum number of idle connections to -// the database. +// maintain. func (o SecretBackendConnectionMysqlLegacyPtrOutput) MaxIdleConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMysqlLegacy) *int { if v == nil { @@ -3131,7 +3423,7 @@ func (o SecretBackendConnectionMysqlLegacyPtrOutput) MaxIdleConnections() pulumi } // The maximum number of open connections to -// the database. +// use. func (o SecretBackendConnectionMysqlLegacyPtrOutput) MaxOpenConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMysqlLegacy) *int { if v == nil { @@ -3141,7 +3433,7 @@ func (o SecretBackendConnectionMysqlLegacyPtrOutput) MaxOpenConnections() pulumi }).(pulumi.IntPtrOutput) } -// The root credential password used in the connection URL. +// The password to authenticate with. func (o SecretBackendConnectionMysqlLegacyPtrOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMysqlLegacy) *string { if v == nil { @@ -3151,7 +3443,7 @@ func (o SecretBackendConnectionMysqlLegacyPtrOutput) Password() pulumi.StringPtr }).(pulumi.StringPtrOutput) } -// The root credential username used in the connection URL. +// The username to authenticate with. func (o SecretBackendConnectionMysqlLegacyPtrOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMysqlLegacy) *string { if v == nil { @@ -3161,7 +3453,7 @@ func (o SecretBackendConnectionMysqlLegacyPtrOutput) Username() pulumi.StringPtr }).(pulumi.StringPtrOutput) } -// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. +// Template describing how dynamic usernames are generated. func (o SecretBackendConnectionMysqlLegacyPtrOutput) UsernameTemplate() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMysqlLegacy) *string { if v == nil { @@ -3172,24 +3464,25 @@ func (o SecretBackendConnectionMysqlLegacyPtrOutput) UsernameTemplate() pulumi.S } type SecretBackendConnectionMysqlRds struct { - // Specifies the Redshift DSN. See + // A URL containing connection information. See // the [Vault - // docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + // docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. ConnectionUrl *string `pulumi:"connectionUrl"` - // The maximum amount of time a connection may be reused. + // The maximum number of seconds to keep + // a connection alive for. MaxConnectionLifetime *int `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // the database. + // maintain. MaxIdleConnections *int `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // the database. + // use. MaxOpenConnections *int `pulumi:"maxOpenConnections"` - // The root credential password used in the connection URL. + // The password to authenticate with. Password *string `pulumi:"password"` - // The root credential username used in the connection URL. + // The username to authenticate with. Username *string `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // Template describing how dynamic usernames are generated. UsernameTemplate *string `pulumi:"usernameTemplate"` } @@ -3205,24 +3498,25 @@ type SecretBackendConnectionMysqlRdsInput interface { } type SecretBackendConnectionMysqlRdsArgs struct { - // Specifies the Redshift DSN. See + // A URL containing connection information. See // the [Vault - // docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + // docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. ConnectionUrl pulumi.StringPtrInput `pulumi:"connectionUrl"` - // The maximum amount of time a connection may be reused. + // The maximum number of seconds to keep + // a connection alive for. MaxConnectionLifetime pulumi.IntPtrInput `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // the database. + // maintain. MaxIdleConnections pulumi.IntPtrInput `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // the database. + // use. MaxOpenConnections pulumi.IntPtrInput `pulumi:"maxOpenConnections"` - // The root credential password used in the connection URL. + // The password to authenticate with. Password pulumi.StringPtrInput `pulumi:"password"` - // The root credential username used in the connection URL. + // The username to authenticate with. Username pulumi.StringPtrInput `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // Template describing how dynamic usernames are generated. UsernameTemplate pulumi.StringPtrInput `pulumi:"usernameTemplate"` } @@ -3238,6 +3532,12 @@ func (i SecretBackendConnectionMysqlRdsArgs) ToSecretBackendConnectionMysqlRdsOu return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConnectionMysqlRdsOutput) } +func (i SecretBackendConnectionMysqlRdsArgs) ToOutput(ctx context.Context) pulumix.Output[SecretBackendConnectionMysqlRds] { + return pulumix.Output[SecretBackendConnectionMysqlRds]{ + OutputState: i.ToSecretBackendConnectionMysqlRdsOutputWithContext(ctx).OutputState, + } +} + func (i SecretBackendConnectionMysqlRdsArgs) ToSecretBackendConnectionMysqlRdsPtrOutput() SecretBackendConnectionMysqlRdsPtrOutput { return i.ToSecretBackendConnectionMysqlRdsPtrOutputWithContext(context.Background()) } @@ -3279,6 +3579,12 @@ func (i *secretBackendConnectionMysqlRdsPtrType) ToSecretBackendConnectionMysqlR return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConnectionMysqlRdsPtrOutput) } +func (i *secretBackendConnectionMysqlRdsPtrType) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConnectionMysqlRds] { + return pulumix.Output[*SecretBackendConnectionMysqlRds]{ + OutputState: i.ToSecretBackendConnectionMysqlRdsPtrOutputWithContext(ctx).OutputState, + } +} + type SecretBackendConnectionMysqlRdsOutput struct{ *pulumi.OutputState } func (SecretBackendConnectionMysqlRdsOutput) ElementType() reflect.Type { @@ -3303,42 +3609,49 @@ func (o SecretBackendConnectionMysqlRdsOutput) ToSecretBackendConnectionMysqlRds }).(SecretBackendConnectionMysqlRdsPtrOutput) } -// Specifies the Redshift DSN. See +func (o SecretBackendConnectionMysqlRdsOutput) ToOutput(ctx context.Context) pulumix.Output[SecretBackendConnectionMysqlRds] { + return pulumix.Output[SecretBackendConnectionMysqlRds]{ + OutputState: o.OutputState, + } +} + +// A URL containing connection information. See // the [Vault -// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) +// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. func (o SecretBackendConnectionMysqlRdsOutput) ConnectionUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMysqlRds) *string { return v.ConnectionUrl }).(pulumi.StringPtrOutput) } -// The maximum amount of time a connection may be reused. +// The maximum number of seconds to keep +// a connection alive for. func (o SecretBackendConnectionMysqlRdsOutput) MaxConnectionLifetime() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMysqlRds) *int { return v.MaxConnectionLifetime }).(pulumi.IntPtrOutput) } // The maximum number of idle connections to -// the database. +// maintain. func (o SecretBackendConnectionMysqlRdsOutput) MaxIdleConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMysqlRds) *int { return v.MaxIdleConnections }).(pulumi.IntPtrOutput) } // The maximum number of open connections to -// the database. +// use. func (o SecretBackendConnectionMysqlRdsOutput) MaxOpenConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMysqlRds) *int { return v.MaxOpenConnections }).(pulumi.IntPtrOutput) } -// The root credential password used in the connection URL. +// The password to authenticate with. func (o SecretBackendConnectionMysqlRdsOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMysqlRds) *string { return v.Password }).(pulumi.StringPtrOutput) } -// The root credential username used in the connection URL. +// The username to authenticate with. func (o SecretBackendConnectionMysqlRdsOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMysqlRds) *string { return v.Username }).(pulumi.StringPtrOutput) } -// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. +// Template describing how dynamic usernames are generated. func (o SecretBackendConnectionMysqlRdsOutput) UsernameTemplate() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionMysqlRds) *string { return v.UsernameTemplate }).(pulumi.StringPtrOutput) } @@ -3357,6 +3670,12 @@ func (o SecretBackendConnectionMysqlRdsPtrOutput) ToSecretBackendConnectionMysql return o } +func (o SecretBackendConnectionMysqlRdsPtrOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConnectionMysqlRds] { + return pulumix.Output[*SecretBackendConnectionMysqlRds]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendConnectionMysqlRdsPtrOutput) Elem() SecretBackendConnectionMysqlRdsOutput { return o.ApplyT(func(v *SecretBackendConnectionMysqlRds) SecretBackendConnectionMysqlRds { if v != nil { @@ -3367,9 +3686,9 @@ func (o SecretBackendConnectionMysqlRdsPtrOutput) Elem() SecretBackendConnection }).(SecretBackendConnectionMysqlRdsOutput) } -// Specifies the Redshift DSN. See +// A URL containing connection information. See // the [Vault -// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) +// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. func (o SecretBackendConnectionMysqlRdsPtrOutput) ConnectionUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMysqlRds) *string { @@ -3380,7 +3699,8 @@ func (o SecretBackendConnectionMysqlRdsPtrOutput) ConnectionUrl() pulumi.StringP }).(pulumi.StringPtrOutput) } -// The maximum amount of time a connection may be reused. +// The maximum number of seconds to keep +// a connection alive for. func (o SecretBackendConnectionMysqlRdsPtrOutput) MaxConnectionLifetime() pulumi.IntPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMysqlRds) *int { if v == nil { @@ -3391,7 +3711,7 @@ func (o SecretBackendConnectionMysqlRdsPtrOutput) MaxConnectionLifetime() pulumi } // The maximum number of idle connections to -// the database. +// maintain. func (o SecretBackendConnectionMysqlRdsPtrOutput) MaxIdleConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMysqlRds) *int { if v == nil { @@ -3402,7 +3722,7 @@ func (o SecretBackendConnectionMysqlRdsPtrOutput) MaxIdleConnections() pulumi.In } // The maximum number of open connections to -// the database. +// use. func (o SecretBackendConnectionMysqlRdsPtrOutput) MaxOpenConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMysqlRds) *int { if v == nil { @@ -3412,7 +3732,7 @@ func (o SecretBackendConnectionMysqlRdsPtrOutput) MaxOpenConnections() pulumi.In }).(pulumi.IntPtrOutput) } -// The root credential password used in the connection URL. +// The password to authenticate with. func (o SecretBackendConnectionMysqlRdsPtrOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMysqlRds) *string { if v == nil { @@ -3422,7 +3742,7 @@ func (o SecretBackendConnectionMysqlRdsPtrOutput) Password() pulumi.StringPtrOut }).(pulumi.StringPtrOutput) } -// The root credential username used in the connection URL. +// The username to authenticate with. func (o SecretBackendConnectionMysqlRdsPtrOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMysqlRds) *string { if v == nil { @@ -3432,7 +3752,7 @@ func (o SecretBackendConnectionMysqlRdsPtrOutput) Username() pulumi.StringPtrOut }).(pulumi.StringPtrOutput) } -// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. +// Template describing how dynamic usernames are generated. func (o SecretBackendConnectionMysqlRdsPtrOutput) UsernameTemplate() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionMysqlRds) *string { if v == nil { @@ -3443,24 +3763,25 @@ func (o SecretBackendConnectionMysqlRdsPtrOutput) UsernameTemplate() pulumi.Stri } type SecretBackendConnectionOracle struct { - // Specifies the Redshift DSN. See + // A URL containing connection information. See // the [Vault - // docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + // docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. ConnectionUrl *string `pulumi:"connectionUrl"` - // The maximum amount of time a connection may be reused. + // The maximum number of seconds to keep + // a connection alive for. MaxConnectionLifetime *int `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // the database. + // maintain. MaxIdleConnections *int `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // the database. + // use. MaxOpenConnections *int `pulumi:"maxOpenConnections"` - // The root credential password used in the connection URL. + // The password to authenticate with. Password *string `pulumi:"password"` - // The root credential username used in the connection URL. + // The username to authenticate with. Username *string `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // Template describing how dynamic usernames are generated. UsernameTemplate *string `pulumi:"usernameTemplate"` } @@ -3476,24 +3797,25 @@ type SecretBackendConnectionOracleInput interface { } type SecretBackendConnectionOracleArgs struct { - // Specifies the Redshift DSN. See + // A URL containing connection information. See // the [Vault - // docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + // docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. ConnectionUrl pulumi.StringPtrInput `pulumi:"connectionUrl"` - // The maximum amount of time a connection may be reused. + // The maximum number of seconds to keep + // a connection alive for. MaxConnectionLifetime pulumi.IntPtrInput `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // the database. + // maintain. MaxIdleConnections pulumi.IntPtrInput `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // the database. + // use. MaxOpenConnections pulumi.IntPtrInput `pulumi:"maxOpenConnections"` - // The root credential password used in the connection URL. + // The password to authenticate with. Password pulumi.StringPtrInput `pulumi:"password"` - // The root credential username used in the connection URL. + // The username to authenticate with. Username pulumi.StringPtrInput `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // Template describing how dynamic usernames are generated. UsernameTemplate pulumi.StringPtrInput `pulumi:"usernameTemplate"` } @@ -3509,6 +3831,12 @@ func (i SecretBackendConnectionOracleArgs) ToSecretBackendConnectionOracleOutput return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConnectionOracleOutput) } +func (i SecretBackendConnectionOracleArgs) ToOutput(ctx context.Context) pulumix.Output[SecretBackendConnectionOracle] { + return pulumix.Output[SecretBackendConnectionOracle]{ + OutputState: i.ToSecretBackendConnectionOracleOutputWithContext(ctx).OutputState, + } +} + func (i SecretBackendConnectionOracleArgs) ToSecretBackendConnectionOraclePtrOutput() SecretBackendConnectionOraclePtrOutput { return i.ToSecretBackendConnectionOraclePtrOutputWithContext(context.Background()) } @@ -3550,6 +3878,12 @@ func (i *secretBackendConnectionOraclePtrType) ToSecretBackendConnectionOraclePt return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConnectionOraclePtrOutput) } +func (i *secretBackendConnectionOraclePtrType) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConnectionOracle] { + return pulumix.Output[*SecretBackendConnectionOracle]{ + OutputState: i.ToSecretBackendConnectionOraclePtrOutputWithContext(ctx).OutputState, + } +} + type SecretBackendConnectionOracleOutput struct{ *pulumi.OutputState } func (SecretBackendConnectionOracleOutput) ElementType() reflect.Type { @@ -3574,42 +3908,49 @@ func (o SecretBackendConnectionOracleOutput) ToSecretBackendConnectionOraclePtrO }).(SecretBackendConnectionOraclePtrOutput) } -// Specifies the Redshift DSN. See +func (o SecretBackendConnectionOracleOutput) ToOutput(ctx context.Context) pulumix.Output[SecretBackendConnectionOracle] { + return pulumix.Output[SecretBackendConnectionOracle]{ + OutputState: o.OutputState, + } +} + +// A URL containing connection information. See // the [Vault -// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) +// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. func (o SecretBackendConnectionOracleOutput) ConnectionUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionOracle) *string { return v.ConnectionUrl }).(pulumi.StringPtrOutput) } -// The maximum amount of time a connection may be reused. +// The maximum number of seconds to keep +// a connection alive for. func (o SecretBackendConnectionOracleOutput) MaxConnectionLifetime() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretBackendConnectionOracle) *int { return v.MaxConnectionLifetime }).(pulumi.IntPtrOutput) } // The maximum number of idle connections to -// the database. +// maintain. func (o SecretBackendConnectionOracleOutput) MaxIdleConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretBackendConnectionOracle) *int { return v.MaxIdleConnections }).(pulumi.IntPtrOutput) } // The maximum number of open connections to -// the database. +// use. func (o SecretBackendConnectionOracleOutput) MaxOpenConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretBackendConnectionOracle) *int { return v.MaxOpenConnections }).(pulumi.IntPtrOutput) } -// The root credential password used in the connection URL. +// The password to authenticate with. func (o SecretBackendConnectionOracleOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionOracle) *string { return v.Password }).(pulumi.StringPtrOutput) } -// The root credential username used in the connection URL. +// The username to authenticate with. func (o SecretBackendConnectionOracleOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionOracle) *string { return v.Username }).(pulumi.StringPtrOutput) } -// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. +// Template describing how dynamic usernames are generated. func (o SecretBackendConnectionOracleOutput) UsernameTemplate() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionOracle) *string { return v.UsernameTemplate }).(pulumi.StringPtrOutput) } @@ -3628,6 +3969,12 @@ func (o SecretBackendConnectionOraclePtrOutput) ToSecretBackendConnectionOracleP return o } +func (o SecretBackendConnectionOraclePtrOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConnectionOracle] { + return pulumix.Output[*SecretBackendConnectionOracle]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendConnectionOraclePtrOutput) Elem() SecretBackendConnectionOracleOutput { return o.ApplyT(func(v *SecretBackendConnectionOracle) SecretBackendConnectionOracle { if v != nil { @@ -3638,9 +3985,9 @@ func (o SecretBackendConnectionOraclePtrOutput) Elem() SecretBackendConnectionOr }).(SecretBackendConnectionOracleOutput) } -// Specifies the Redshift DSN. See +// A URL containing connection information. See // the [Vault -// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) +// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. func (o SecretBackendConnectionOraclePtrOutput) ConnectionUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionOracle) *string { @@ -3651,7 +3998,8 @@ func (o SecretBackendConnectionOraclePtrOutput) ConnectionUrl() pulumi.StringPtr }).(pulumi.StringPtrOutput) } -// The maximum amount of time a connection may be reused. +// The maximum number of seconds to keep +// a connection alive for. func (o SecretBackendConnectionOraclePtrOutput) MaxConnectionLifetime() pulumi.IntPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionOracle) *int { if v == nil { @@ -3662,7 +4010,7 @@ func (o SecretBackendConnectionOraclePtrOutput) MaxConnectionLifetime() pulumi.I } // The maximum number of idle connections to -// the database. +// maintain. func (o SecretBackendConnectionOraclePtrOutput) MaxIdleConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionOracle) *int { if v == nil { @@ -3673,7 +4021,7 @@ func (o SecretBackendConnectionOraclePtrOutput) MaxIdleConnections() pulumi.IntP } // The maximum number of open connections to -// the database. +// use. func (o SecretBackendConnectionOraclePtrOutput) MaxOpenConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionOracle) *int { if v == nil { @@ -3683,7 +4031,7 @@ func (o SecretBackendConnectionOraclePtrOutput) MaxOpenConnections() pulumi.IntP }).(pulumi.IntPtrOutput) } -// The root credential password used in the connection URL. +// The password to authenticate with. func (o SecretBackendConnectionOraclePtrOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionOracle) *string { if v == nil { @@ -3693,7 +4041,7 @@ func (o SecretBackendConnectionOraclePtrOutput) Password() pulumi.StringPtrOutpu }).(pulumi.StringPtrOutput) } -// The root credential username used in the connection URL. +// The username to authenticate with. func (o SecretBackendConnectionOraclePtrOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionOracle) *string { if v == nil { @@ -3703,7 +4051,7 @@ func (o SecretBackendConnectionOraclePtrOutput) Username() pulumi.StringPtrOutpu }).(pulumi.StringPtrOutput) } -// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. +// Template describing how dynamic usernames are generated. func (o SecretBackendConnectionOraclePtrOutput) UsernameTemplate() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionOracle) *string { if v == nil { @@ -3716,28 +4064,29 @@ func (o SecretBackendConnectionOraclePtrOutput) UsernameTemplate() pulumi.String type SecretBackendConnectionPostgresql struct { // Enable IAM authentication to a Google Cloud instance when set to `gcpIam` AuthType *string `pulumi:"authType"` - // Specifies the Redshift DSN. See + // A URL containing connection information. See // the [Vault - // docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + // docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. ConnectionUrl *string `pulumi:"connectionUrl"` // Disable special character escaping in username and password. DisableEscaping *bool `pulumi:"disableEscaping"` - // The maximum amount of time a connection may be reused. + // The maximum number of seconds to keep + // a connection alive for. MaxConnectionLifetime *int `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // the database. + // maintain. MaxIdleConnections *int `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // the database. + // use. MaxOpenConnections *int `pulumi:"maxOpenConnections"` - // The root credential password used in the connection URL. + // The password to authenticate with. Password *string `pulumi:"password"` // JSON encoding of an IAM access key. Requires `authType` to be `gcpIam`. ServiceAccountJson *string `pulumi:"serviceAccountJson"` - // The root credential username used in the connection URL. + // The username to authenticate with. Username *string `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // Template describing how dynamic usernames are generated. UsernameTemplate *string `pulumi:"usernameTemplate"` } @@ -3755,28 +4104,29 @@ type SecretBackendConnectionPostgresqlInput interface { type SecretBackendConnectionPostgresqlArgs struct { // Enable IAM authentication to a Google Cloud instance when set to `gcpIam` AuthType pulumi.StringPtrInput `pulumi:"authType"` - // Specifies the Redshift DSN. See + // A URL containing connection information. See // the [Vault - // docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + // docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. ConnectionUrl pulumi.StringPtrInput `pulumi:"connectionUrl"` // Disable special character escaping in username and password. DisableEscaping pulumi.BoolPtrInput `pulumi:"disableEscaping"` - // The maximum amount of time a connection may be reused. + // The maximum number of seconds to keep + // a connection alive for. MaxConnectionLifetime pulumi.IntPtrInput `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // the database. + // maintain. MaxIdleConnections pulumi.IntPtrInput `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // the database. + // use. MaxOpenConnections pulumi.IntPtrInput `pulumi:"maxOpenConnections"` - // The root credential password used in the connection URL. + // The password to authenticate with. Password pulumi.StringPtrInput `pulumi:"password"` // JSON encoding of an IAM access key. Requires `authType` to be `gcpIam`. ServiceAccountJson pulumi.StringPtrInput `pulumi:"serviceAccountJson"` - // The root credential username used in the connection URL. + // The username to authenticate with. Username pulumi.StringPtrInput `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // Template describing how dynamic usernames are generated. UsernameTemplate pulumi.StringPtrInput `pulumi:"usernameTemplate"` } @@ -3792,6 +4142,12 @@ func (i SecretBackendConnectionPostgresqlArgs) ToSecretBackendConnectionPostgres return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConnectionPostgresqlOutput) } +func (i SecretBackendConnectionPostgresqlArgs) ToOutput(ctx context.Context) pulumix.Output[SecretBackendConnectionPostgresql] { + return pulumix.Output[SecretBackendConnectionPostgresql]{ + OutputState: i.ToSecretBackendConnectionPostgresqlOutputWithContext(ctx).OutputState, + } +} + func (i SecretBackendConnectionPostgresqlArgs) ToSecretBackendConnectionPostgresqlPtrOutput() SecretBackendConnectionPostgresqlPtrOutput { return i.ToSecretBackendConnectionPostgresqlPtrOutputWithContext(context.Background()) } @@ -3833,6 +4189,12 @@ func (i *secretBackendConnectionPostgresqlPtrType) ToSecretBackendConnectionPost return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConnectionPostgresqlPtrOutput) } +func (i *secretBackendConnectionPostgresqlPtrType) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConnectionPostgresql] { + return pulumix.Output[*SecretBackendConnectionPostgresql]{ + OutputState: i.ToSecretBackendConnectionPostgresqlPtrOutputWithContext(ctx).OutputState, + } +} + type SecretBackendConnectionPostgresqlOutput struct{ *pulumi.OutputState } func (SecretBackendConnectionPostgresqlOutput) ElementType() reflect.Type { @@ -3857,14 +4219,20 @@ func (o SecretBackendConnectionPostgresqlOutput) ToSecretBackendConnectionPostgr }).(SecretBackendConnectionPostgresqlPtrOutput) } +func (o SecretBackendConnectionPostgresqlOutput) ToOutput(ctx context.Context) pulumix.Output[SecretBackendConnectionPostgresql] { + return pulumix.Output[SecretBackendConnectionPostgresql]{ + OutputState: o.OutputState, + } +} + // Enable IAM authentication to a Google Cloud instance when set to `gcpIam` func (o SecretBackendConnectionPostgresqlOutput) AuthType() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionPostgresql) *string { return v.AuthType }).(pulumi.StringPtrOutput) } -// Specifies the Redshift DSN. See +// A URL containing connection information. See // the [Vault -// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) +// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. func (o SecretBackendConnectionPostgresqlOutput) ConnectionUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionPostgresql) *string { return v.ConnectionUrl }).(pulumi.StringPtrOutput) @@ -3875,24 +4243,25 @@ func (o SecretBackendConnectionPostgresqlOutput) DisableEscaping() pulumi.BoolPt return o.ApplyT(func(v SecretBackendConnectionPostgresql) *bool { return v.DisableEscaping }).(pulumi.BoolPtrOutput) } -// The maximum amount of time a connection may be reused. +// The maximum number of seconds to keep +// a connection alive for. func (o SecretBackendConnectionPostgresqlOutput) MaxConnectionLifetime() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretBackendConnectionPostgresql) *int { return v.MaxConnectionLifetime }).(pulumi.IntPtrOutput) } // The maximum number of idle connections to -// the database. +// maintain. func (o SecretBackendConnectionPostgresqlOutput) MaxIdleConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretBackendConnectionPostgresql) *int { return v.MaxIdleConnections }).(pulumi.IntPtrOutput) } // The maximum number of open connections to -// the database. +// use. func (o SecretBackendConnectionPostgresqlOutput) MaxOpenConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretBackendConnectionPostgresql) *int { return v.MaxOpenConnections }).(pulumi.IntPtrOutput) } -// The root credential password used in the connection URL. +// The password to authenticate with. func (o SecretBackendConnectionPostgresqlOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionPostgresql) *string { return v.Password }).(pulumi.StringPtrOutput) } @@ -3902,12 +4271,12 @@ func (o SecretBackendConnectionPostgresqlOutput) ServiceAccountJson() pulumi.Str return o.ApplyT(func(v SecretBackendConnectionPostgresql) *string { return v.ServiceAccountJson }).(pulumi.StringPtrOutput) } -// The root credential username used in the connection URL. +// The username to authenticate with. func (o SecretBackendConnectionPostgresqlOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionPostgresql) *string { return v.Username }).(pulumi.StringPtrOutput) } -// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. +// Template describing how dynamic usernames are generated. func (o SecretBackendConnectionPostgresqlOutput) UsernameTemplate() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionPostgresql) *string { return v.UsernameTemplate }).(pulumi.StringPtrOutput) } @@ -3926,6 +4295,12 @@ func (o SecretBackendConnectionPostgresqlPtrOutput) ToSecretBackendConnectionPos return o } +func (o SecretBackendConnectionPostgresqlPtrOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConnectionPostgresql] { + return pulumix.Output[*SecretBackendConnectionPostgresql]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendConnectionPostgresqlPtrOutput) Elem() SecretBackendConnectionPostgresqlOutput { return o.ApplyT(func(v *SecretBackendConnectionPostgresql) SecretBackendConnectionPostgresql { if v != nil { @@ -3946,9 +4321,9 @@ func (o SecretBackendConnectionPostgresqlPtrOutput) AuthType() pulumi.StringPtrO }).(pulumi.StringPtrOutput) } -// Specifies the Redshift DSN. See +// A URL containing connection information. See // the [Vault -// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) +// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. func (o SecretBackendConnectionPostgresqlPtrOutput) ConnectionUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionPostgresql) *string { @@ -3969,7 +4344,8 @@ func (o SecretBackendConnectionPostgresqlPtrOutput) DisableEscaping() pulumi.Boo }).(pulumi.BoolPtrOutput) } -// The maximum amount of time a connection may be reused. +// The maximum number of seconds to keep +// a connection alive for. func (o SecretBackendConnectionPostgresqlPtrOutput) MaxConnectionLifetime() pulumi.IntPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionPostgresql) *int { if v == nil { @@ -3980,7 +4356,7 @@ func (o SecretBackendConnectionPostgresqlPtrOutput) MaxConnectionLifetime() pulu } // The maximum number of idle connections to -// the database. +// maintain. func (o SecretBackendConnectionPostgresqlPtrOutput) MaxIdleConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionPostgresql) *int { if v == nil { @@ -3991,7 +4367,7 @@ func (o SecretBackendConnectionPostgresqlPtrOutput) MaxIdleConnections() pulumi. } // The maximum number of open connections to -// the database. +// use. func (o SecretBackendConnectionPostgresqlPtrOutput) MaxOpenConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionPostgresql) *int { if v == nil { @@ -4001,7 +4377,7 @@ func (o SecretBackendConnectionPostgresqlPtrOutput) MaxOpenConnections() pulumi. }).(pulumi.IntPtrOutput) } -// The root credential password used in the connection URL. +// The password to authenticate with. func (o SecretBackendConnectionPostgresqlPtrOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionPostgresql) *string { if v == nil { @@ -4021,7 +4397,7 @@ func (o SecretBackendConnectionPostgresqlPtrOutput) ServiceAccountJson() pulumi. }).(pulumi.StringPtrOutput) } -// The root credential username used in the connection URL. +// The username to authenticate with. func (o SecretBackendConnectionPostgresqlPtrOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionPostgresql) *string { if v == nil { @@ -4031,7 +4407,7 @@ func (o SecretBackendConnectionPostgresqlPtrOutput) Username() pulumi.StringPtrO }).(pulumi.StringPtrOutput) } -// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. +// Template describing how dynamic usernames are generated. func (o SecretBackendConnectionPostgresqlPtrOutput) UsernameTemplate() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionPostgresql) *string { if v == nil { @@ -4049,14 +4425,14 @@ type SecretBackendConnectionRedis struct { // Whether to skip verification of the server // certificate when using TLS. InsecureTls *bool `pulumi:"insecureTls"` - // The root credential password used in the connection URL. + // The password to authenticate with. Password string `pulumi:"password"` // The default port to connect to if no port is specified as // part of the host. Port *int `pulumi:"port"` - // Whether to use TLS when connecting to Redis. + // Whether to use TLS when connecting to Cassandra. Tls *bool `pulumi:"tls"` - // The root credential username used in the connection URL. + // The username to authenticate with. Username string `pulumi:"username"` } @@ -4079,14 +4455,14 @@ type SecretBackendConnectionRedisArgs struct { // Whether to skip verification of the server // certificate when using TLS. InsecureTls pulumi.BoolPtrInput `pulumi:"insecureTls"` - // The root credential password used in the connection URL. + // The password to authenticate with. Password pulumi.StringInput `pulumi:"password"` // The default port to connect to if no port is specified as // part of the host. Port pulumi.IntPtrInput `pulumi:"port"` - // Whether to use TLS when connecting to Redis. + // Whether to use TLS when connecting to Cassandra. Tls pulumi.BoolPtrInput `pulumi:"tls"` - // The root credential username used in the connection URL. + // The username to authenticate with. Username pulumi.StringInput `pulumi:"username"` } @@ -4102,6 +4478,12 @@ func (i SecretBackendConnectionRedisArgs) ToSecretBackendConnectionRedisOutputWi return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConnectionRedisOutput) } +func (i SecretBackendConnectionRedisArgs) ToOutput(ctx context.Context) pulumix.Output[SecretBackendConnectionRedis] { + return pulumix.Output[SecretBackendConnectionRedis]{ + OutputState: i.ToSecretBackendConnectionRedisOutputWithContext(ctx).OutputState, + } +} + func (i SecretBackendConnectionRedisArgs) ToSecretBackendConnectionRedisPtrOutput() SecretBackendConnectionRedisPtrOutput { return i.ToSecretBackendConnectionRedisPtrOutputWithContext(context.Background()) } @@ -4143,6 +4525,12 @@ func (i *secretBackendConnectionRedisPtrType) ToSecretBackendConnectionRedisPtrO return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConnectionRedisPtrOutput) } +func (i *secretBackendConnectionRedisPtrType) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConnectionRedis] { + return pulumix.Output[*SecretBackendConnectionRedis]{ + OutputState: i.ToSecretBackendConnectionRedisPtrOutputWithContext(ctx).OutputState, + } +} + type SecretBackendConnectionRedisOutput struct{ *pulumi.OutputState } func (SecretBackendConnectionRedisOutput) ElementType() reflect.Type { @@ -4167,6 +4555,12 @@ func (o SecretBackendConnectionRedisOutput) ToSecretBackendConnectionRedisPtrOut }).(SecretBackendConnectionRedisPtrOutput) } +func (o SecretBackendConnectionRedisOutput) ToOutput(ctx context.Context) pulumix.Output[SecretBackendConnectionRedis] { + return pulumix.Output[SecretBackendConnectionRedis]{ + OutputState: o.OutputState, + } +} + // The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. func (o SecretBackendConnectionRedisOutput) CaCert() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionRedis) *string { return v.CaCert }).(pulumi.StringPtrOutput) @@ -4183,7 +4577,7 @@ func (o SecretBackendConnectionRedisOutput) InsecureTls() pulumi.BoolPtrOutput { return o.ApplyT(func(v SecretBackendConnectionRedis) *bool { return v.InsecureTls }).(pulumi.BoolPtrOutput) } -// The root credential password used in the connection URL. +// The password to authenticate with. func (o SecretBackendConnectionRedisOutput) Password() pulumi.StringOutput { return o.ApplyT(func(v SecretBackendConnectionRedis) string { return v.Password }).(pulumi.StringOutput) } @@ -4194,12 +4588,12 @@ func (o SecretBackendConnectionRedisOutput) Port() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretBackendConnectionRedis) *int { return v.Port }).(pulumi.IntPtrOutput) } -// Whether to use TLS when connecting to Redis. +// Whether to use TLS when connecting to Cassandra. func (o SecretBackendConnectionRedisOutput) Tls() pulumi.BoolPtrOutput { return o.ApplyT(func(v SecretBackendConnectionRedis) *bool { return v.Tls }).(pulumi.BoolPtrOutput) } -// The root credential username used in the connection URL. +// The username to authenticate with. func (o SecretBackendConnectionRedisOutput) Username() pulumi.StringOutput { return o.ApplyT(func(v SecretBackendConnectionRedis) string { return v.Username }).(pulumi.StringOutput) } @@ -4218,6 +4612,12 @@ func (o SecretBackendConnectionRedisPtrOutput) ToSecretBackendConnectionRedisPtr return o } +func (o SecretBackendConnectionRedisPtrOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConnectionRedis] { + return pulumix.Output[*SecretBackendConnectionRedis]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendConnectionRedisPtrOutput) Elem() SecretBackendConnectionRedisOutput { return o.ApplyT(func(v *SecretBackendConnectionRedis) SecretBackendConnectionRedis { if v != nil { @@ -4259,7 +4659,7 @@ func (o SecretBackendConnectionRedisPtrOutput) InsecureTls() pulumi.BoolPtrOutpu }).(pulumi.BoolPtrOutput) } -// The root credential password used in the connection URL. +// The password to authenticate with. func (o SecretBackendConnectionRedisPtrOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionRedis) *string { if v == nil { @@ -4280,7 +4680,7 @@ func (o SecretBackendConnectionRedisPtrOutput) Port() pulumi.IntPtrOutput { }).(pulumi.IntPtrOutput) } -// Whether to use TLS when connecting to Redis. +// Whether to use TLS when connecting to Cassandra. func (o SecretBackendConnectionRedisPtrOutput) Tls() pulumi.BoolPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionRedis) *bool { if v == nil { @@ -4290,7 +4690,7 @@ func (o SecretBackendConnectionRedisPtrOutput) Tls() pulumi.BoolPtrOutput { }).(pulumi.BoolPtrOutput) } -// The root credential username used in the connection URL. +// The username to authenticate with. func (o SecretBackendConnectionRedisPtrOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionRedis) *string { if v == nil { @@ -4301,14 +4701,14 @@ func (o SecretBackendConnectionRedisPtrOutput) Username() pulumi.StringPtrOutput } type SecretBackendConnectionRedisElasticache struct { - // The root credential password used in the connection URL. + // The password to authenticate with. Password *string `pulumi:"password"` // The region where the ElastiCache cluster is hosted. If omitted Vault tries to infer from the environment instead. Region *string `pulumi:"region"` // The URL for Elasticsearch's API. https requires certificate // by trusted CA if used. Url string `pulumi:"url"` - // The root credential username used in the connection URL. + // The username to authenticate with. Username *string `pulumi:"username"` } @@ -4324,14 +4724,14 @@ type SecretBackendConnectionRedisElasticacheInput interface { } type SecretBackendConnectionRedisElasticacheArgs struct { - // The root credential password used in the connection URL. + // The password to authenticate with. Password pulumi.StringPtrInput `pulumi:"password"` // The region where the ElastiCache cluster is hosted. If omitted Vault tries to infer from the environment instead. Region pulumi.StringPtrInput `pulumi:"region"` // The URL for Elasticsearch's API. https requires certificate // by trusted CA if used. Url pulumi.StringInput `pulumi:"url"` - // The root credential username used in the connection URL. + // The username to authenticate with. Username pulumi.StringPtrInput `pulumi:"username"` } @@ -4347,6 +4747,12 @@ func (i SecretBackendConnectionRedisElasticacheArgs) ToSecretBackendConnectionRe return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConnectionRedisElasticacheOutput) } +func (i SecretBackendConnectionRedisElasticacheArgs) ToOutput(ctx context.Context) pulumix.Output[SecretBackendConnectionRedisElasticache] { + return pulumix.Output[SecretBackendConnectionRedisElasticache]{ + OutputState: i.ToSecretBackendConnectionRedisElasticacheOutputWithContext(ctx).OutputState, + } +} + func (i SecretBackendConnectionRedisElasticacheArgs) ToSecretBackendConnectionRedisElasticachePtrOutput() SecretBackendConnectionRedisElasticachePtrOutput { return i.ToSecretBackendConnectionRedisElasticachePtrOutputWithContext(context.Background()) } @@ -4388,6 +4794,12 @@ func (i *secretBackendConnectionRedisElasticachePtrType) ToSecretBackendConnecti return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConnectionRedisElasticachePtrOutput) } +func (i *secretBackendConnectionRedisElasticachePtrType) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConnectionRedisElasticache] { + return pulumix.Output[*SecretBackendConnectionRedisElasticache]{ + OutputState: i.ToSecretBackendConnectionRedisElasticachePtrOutputWithContext(ctx).OutputState, + } +} + type SecretBackendConnectionRedisElasticacheOutput struct{ *pulumi.OutputState } func (SecretBackendConnectionRedisElasticacheOutput) ElementType() reflect.Type { @@ -4412,7 +4824,13 @@ func (o SecretBackendConnectionRedisElasticacheOutput) ToSecretBackendConnection }).(SecretBackendConnectionRedisElasticachePtrOutput) } -// The root credential password used in the connection URL. +func (o SecretBackendConnectionRedisElasticacheOutput) ToOutput(ctx context.Context) pulumix.Output[SecretBackendConnectionRedisElasticache] { + return pulumix.Output[SecretBackendConnectionRedisElasticache]{ + OutputState: o.OutputState, + } +} + +// The password to authenticate with. func (o SecretBackendConnectionRedisElasticacheOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionRedisElasticache) *string { return v.Password }).(pulumi.StringPtrOutput) } @@ -4428,7 +4846,7 @@ func (o SecretBackendConnectionRedisElasticacheOutput) Url() pulumi.StringOutput return o.ApplyT(func(v SecretBackendConnectionRedisElasticache) string { return v.Url }).(pulumi.StringOutput) } -// The root credential username used in the connection URL. +// The username to authenticate with. func (o SecretBackendConnectionRedisElasticacheOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionRedisElasticache) *string { return v.Username }).(pulumi.StringPtrOutput) } @@ -4447,6 +4865,12 @@ func (o SecretBackendConnectionRedisElasticachePtrOutput) ToSecretBackendConnect return o } +func (o SecretBackendConnectionRedisElasticachePtrOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConnectionRedisElasticache] { + return pulumix.Output[*SecretBackendConnectionRedisElasticache]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendConnectionRedisElasticachePtrOutput) Elem() SecretBackendConnectionRedisElasticacheOutput { return o.ApplyT(func(v *SecretBackendConnectionRedisElasticache) SecretBackendConnectionRedisElasticache { if v != nil { @@ -4457,7 +4881,7 @@ func (o SecretBackendConnectionRedisElasticachePtrOutput) Elem() SecretBackendCo }).(SecretBackendConnectionRedisElasticacheOutput) } -// The root credential password used in the connection URL. +// The password to authenticate with. func (o SecretBackendConnectionRedisElasticachePtrOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionRedisElasticache) *string { if v == nil { @@ -4488,7 +4912,7 @@ func (o SecretBackendConnectionRedisElasticachePtrOutput) Url() pulumi.StringPtr }).(pulumi.StringPtrOutput) } -// The root credential username used in the connection URL. +// The username to authenticate with. func (o SecretBackendConnectionRedisElasticachePtrOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionRedisElasticache) *string { if v == nil { @@ -4499,26 +4923,27 @@ func (o SecretBackendConnectionRedisElasticachePtrOutput) Username() pulumi.Stri } type SecretBackendConnectionRedshift struct { - // Specifies the Redshift DSN. See + // A URL containing connection information. See // the [Vault - // docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + // docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. ConnectionUrl *string `pulumi:"connectionUrl"` // Disable special character escaping in username and password. DisableEscaping *bool `pulumi:"disableEscaping"` - // The maximum amount of time a connection may be reused. + // The maximum number of seconds to keep + // a connection alive for. MaxConnectionLifetime *int `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // the database. + // maintain. MaxIdleConnections *int `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // the database. + // use. MaxOpenConnections *int `pulumi:"maxOpenConnections"` - // The root credential password used in the connection URL. + // The password to authenticate with. Password *string `pulumi:"password"` - // The root credential username used in the connection URL. + // The username to authenticate with. Username *string `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // Template describing how dynamic usernames are generated. UsernameTemplate *string `pulumi:"usernameTemplate"` } @@ -4534,26 +4959,27 @@ type SecretBackendConnectionRedshiftInput interface { } type SecretBackendConnectionRedshiftArgs struct { - // Specifies the Redshift DSN. See + // A URL containing connection information. See // the [Vault - // docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + // docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. ConnectionUrl pulumi.StringPtrInput `pulumi:"connectionUrl"` // Disable special character escaping in username and password. DisableEscaping pulumi.BoolPtrInput `pulumi:"disableEscaping"` - // The maximum amount of time a connection may be reused. - MaxConnectionLifetime pulumi.IntPtrInput `pulumi:"maxConnectionLifetime"` + // The maximum number of seconds to keep + // a connection alive for. + MaxConnectionLifetime pulumi.IntPtrInput `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // the database. + // maintain. MaxIdleConnections pulumi.IntPtrInput `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // the database. + // use. MaxOpenConnections pulumi.IntPtrInput `pulumi:"maxOpenConnections"` - // The root credential password used in the connection URL. + // The password to authenticate with. Password pulumi.StringPtrInput `pulumi:"password"` - // The root credential username used in the connection URL. + // The username to authenticate with. Username pulumi.StringPtrInput `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // Template describing how dynamic usernames are generated. UsernameTemplate pulumi.StringPtrInput `pulumi:"usernameTemplate"` } @@ -4569,6 +4995,12 @@ func (i SecretBackendConnectionRedshiftArgs) ToSecretBackendConnectionRedshiftOu return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConnectionRedshiftOutput) } +func (i SecretBackendConnectionRedshiftArgs) ToOutput(ctx context.Context) pulumix.Output[SecretBackendConnectionRedshift] { + return pulumix.Output[SecretBackendConnectionRedshift]{ + OutputState: i.ToSecretBackendConnectionRedshiftOutputWithContext(ctx).OutputState, + } +} + func (i SecretBackendConnectionRedshiftArgs) ToSecretBackendConnectionRedshiftPtrOutput() SecretBackendConnectionRedshiftPtrOutput { return i.ToSecretBackendConnectionRedshiftPtrOutputWithContext(context.Background()) } @@ -4610,6 +5042,12 @@ func (i *secretBackendConnectionRedshiftPtrType) ToSecretBackendConnectionRedshi return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConnectionRedshiftPtrOutput) } +func (i *secretBackendConnectionRedshiftPtrType) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConnectionRedshift] { + return pulumix.Output[*SecretBackendConnectionRedshift]{ + OutputState: i.ToSecretBackendConnectionRedshiftPtrOutputWithContext(ctx).OutputState, + } +} + type SecretBackendConnectionRedshiftOutput struct{ *pulumi.OutputState } func (SecretBackendConnectionRedshiftOutput) ElementType() reflect.Type { @@ -4634,9 +5072,15 @@ func (o SecretBackendConnectionRedshiftOutput) ToSecretBackendConnectionRedshift }).(SecretBackendConnectionRedshiftPtrOutput) } -// Specifies the Redshift DSN. See +func (o SecretBackendConnectionRedshiftOutput) ToOutput(ctx context.Context) pulumix.Output[SecretBackendConnectionRedshift] { + return pulumix.Output[SecretBackendConnectionRedshift]{ + OutputState: o.OutputState, + } +} + +// A URL containing connection information. See // the [Vault -// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) +// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. func (o SecretBackendConnectionRedshiftOutput) ConnectionUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionRedshift) *string { return v.ConnectionUrl }).(pulumi.StringPtrOutput) @@ -4647,34 +5091,35 @@ func (o SecretBackendConnectionRedshiftOutput) DisableEscaping() pulumi.BoolPtrO return o.ApplyT(func(v SecretBackendConnectionRedshift) *bool { return v.DisableEscaping }).(pulumi.BoolPtrOutput) } -// The maximum amount of time a connection may be reused. +// The maximum number of seconds to keep +// a connection alive for. func (o SecretBackendConnectionRedshiftOutput) MaxConnectionLifetime() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretBackendConnectionRedshift) *int { return v.MaxConnectionLifetime }).(pulumi.IntPtrOutput) } // The maximum number of idle connections to -// the database. +// maintain. func (o SecretBackendConnectionRedshiftOutput) MaxIdleConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretBackendConnectionRedshift) *int { return v.MaxIdleConnections }).(pulumi.IntPtrOutput) } // The maximum number of open connections to -// the database. +// use. func (o SecretBackendConnectionRedshiftOutput) MaxOpenConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretBackendConnectionRedshift) *int { return v.MaxOpenConnections }).(pulumi.IntPtrOutput) } -// The root credential password used in the connection URL. +// The password to authenticate with. func (o SecretBackendConnectionRedshiftOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionRedshift) *string { return v.Password }).(pulumi.StringPtrOutput) } -// The root credential username used in the connection URL. +// The username to authenticate with. func (o SecretBackendConnectionRedshiftOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionRedshift) *string { return v.Username }).(pulumi.StringPtrOutput) } -// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. +// Template describing how dynamic usernames are generated. func (o SecretBackendConnectionRedshiftOutput) UsernameTemplate() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionRedshift) *string { return v.UsernameTemplate }).(pulumi.StringPtrOutput) } @@ -4693,6 +5138,12 @@ func (o SecretBackendConnectionRedshiftPtrOutput) ToSecretBackendConnectionRedsh return o } +func (o SecretBackendConnectionRedshiftPtrOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConnectionRedshift] { + return pulumix.Output[*SecretBackendConnectionRedshift]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendConnectionRedshiftPtrOutput) Elem() SecretBackendConnectionRedshiftOutput { return o.ApplyT(func(v *SecretBackendConnectionRedshift) SecretBackendConnectionRedshift { if v != nil { @@ -4703,9 +5154,9 @@ func (o SecretBackendConnectionRedshiftPtrOutput) Elem() SecretBackendConnection }).(SecretBackendConnectionRedshiftOutput) } -// Specifies the Redshift DSN. See +// A URL containing connection information. See // the [Vault -// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) +// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. func (o SecretBackendConnectionRedshiftPtrOutput) ConnectionUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionRedshift) *string { @@ -4726,7 +5177,8 @@ func (o SecretBackendConnectionRedshiftPtrOutput) DisableEscaping() pulumi.BoolP }).(pulumi.BoolPtrOutput) } -// The maximum amount of time a connection may be reused. +// The maximum number of seconds to keep +// a connection alive for. func (o SecretBackendConnectionRedshiftPtrOutput) MaxConnectionLifetime() pulumi.IntPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionRedshift) *int { if v == nil { @@ -4737,7 +5189,7 @@ func (o SecretBackendConnectionRedshiftPtrOutput) MaxConnectionLifetime() pulumi } // The maximum number of idle connections to -// the database. +// maintain. func (o SecretBackendConnectionRedshiftPtrOutput) MaxIdleConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionRedshift) *int { if v == nil { @@ -4748,7 +5200,7 @@ func (o SecretBackendConnectionRedshiftPtrOutput) MaxIdleConnections() pulumi.In } // The maximum number of open connections to -// the database. +// use. func (o SecretBackendConnectionRedshiftPtrOutput) MaxOpenConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionRedshift) *int { if v == nil { @@ -4758,7 +5210,7 @@ func (o SecretBackendConnectionRedshiftPtrOutput) MaxOpenConnections() pulumi.In }).(pulumi.IntPtrOutput) } -// The root credential password used in the connection URL. +// The password to authenticate with. func (o SecretBackendConnectionRedshiftPtrOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionRedshift) *string { if v == nil { @@ -4768,7 +5220,7 @@ func (o SecretBackendConnectionRedshiftPtrOutput) Password() pulumi.StringPtrOut }).(pulumi.StringPtrOutput) } -// The root credential username used in the connection URL. +// The username to authenticate with. func (o SecretBackendConnectionRedshiftPtrOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionRedshift) *string { if v == nil { @@ -4778,7 +5230,7 @@ func (o SecretBackendConnectionRedshiftPtrOutput) Username() pulumi.StringPtrOut }).(pulumi.StringPtrOutput) } -// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. +// Template describing how dynamic usernames are generated. func (o SecretBackendConnectionRedshiftPtrOutput) UsernameTemplate() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionRedshift) *string { if v == nil { @@ -4789,24 +5241,25 @@ func (o SecretBackendConnectionRedshiftPtrOutput) UsernameTemplate() pulumi.Stri } type SecretBackendConnectionSnowflake struct { - // Specifies the Redshift DSN. See + // A URL containing connection information. See // the [Vault - // docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + // docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. ConnectionUrl *string `pulumi:"connectionUrl"` - // The maximum amount of time a connection may be reused. + // The maximum number of seconds to keep + // a connection alive for. MaxConnectionLifetime *int `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // the database. + // maintain. MaxIdleConnections *int `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // the database. + // use. MaxOpenConnections *int `pulumi:"maxOpenConnections"` - // The root credential password used in the connection URL. + // The password to authenticate with. Password *string `pulumi:"password"` - // The root credential username used in the connection URL. + // The username to authenticate with. Username *string `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // Template describing how dynamic usernames are generated. UsernameTemplate *string `pulumi:"usernameTemplate"` } @@ -4822,24 +5275,25 @@ type SecretBackendConnectionSnowflakeInput interface { } type SecretBackendConnectionSnowflakeArgs struct { - // Specifies the Redshift DSN. See + // A URL containing connection information. See // the [Vault - // docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + // docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. ConnectionUrl pulumi.StringPtrInput `pulumi:"connectionUrl"` - // The maximum amount of time a connection may be reused. + // The maximum number of seconds to keep + // a connection alive for. MaxConnectionLifetime pulumi.IntPtrInput `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // the database. + // maintain. MaxIdleConnections pulumi.IntPtrInput `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // the database. + // use. MaxOpenConnections pulumi.IntPtrInput `pulumi:"maxOpenConnections"` - // The root credential password used in the connection URL. + // The password to authenticate with. Password pulumi.StringPtrInput `pulumi:"password"` - // The root credential username used in the connection URL. + // The username to authenticate with. Username pulumi.StringPtrInput `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // Template describing how dynamic usernames are generated. UsernameTemplate pulumi.StringPtrInput `pulumi:"usernameTemplate"` } @@ -4855,6 +5309,12 @@ func (i SecretBackendConnectionSnowflakeArgs) ToSecretBackendConnectionSnowflake return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConnectionSnowflakeOutput) } +func (i SecretBackendConnectionSnowflakeArgs) ToOutput(ctx context.Context) pulumix.Output[SecretBackendConnectionSnowflake] { + return pulumix.Output[SecretBackendConnectionSnowflake]{ + OutputState: i.ToSecretBackendConnectionSnowflakeOutputWithContext(ctx).OutputState, + } +} + func (i SecretBackendConnectionSnowflakeArgs) ToSecretBackendConnectionSnowflakePtrOutput() SecretBackendConnectionSnowflakePtrOutput { return i.ToSecretBackendConnectionSnowflakePtrOutputWithContext(context.Background()) } @@ -4896,6 +5356,12 @@ func (i *secretBackendConnectionSnowflakePtrType) ToSecretBackendConnectionSnowf return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConnectionSnowflakePtrOutput) } +func (i *secretBackendConnectionSnowflakePtrType) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConnectionSnowflake] { + return pulumix.Output[*SecretBackendConnectionSnowflake]{ + OutputState: i.ToSecretBackendConnectionSnowflakePtrOutputWithContext(ctx).OutputState, + } +} + type SecretBackendConnectionSnowflakeOutput struct{ *pulumi.OutputState } func (SecretBackendConnectionSnowflakeOutput) ElementType() reflect.Type { @@ -4920,42 +5386,49 @@ func (o SecretBackendConnectionSnowflakeOutput) ToSecretBackendConnectionSnowfla }).(SecretBackendConnectionSnowflakePtrOutput) } -// Specifies the Redshift DSN. See +func (o SecretBackendConnectionSnowflakeOutput) ToOutput(ctx context.Context) pulumix.Output[SecretBackendConnectionSnowflake] { + return pulumix.Output[SecretBackendConnectionSnowflake]{ + OutputState: o.OutputState, + } +} + +// A URL containing connection information. See // the [Vault -// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) +// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. func (o SecretBackendConnectionSnowflakeOutput) ConnectionUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionSnowflake) *string { return v.ConnectionUrl }).(pulumi.StringPtrOutput) } -// The maximum amount of time a connection may be reused. +// The maximum number of seconds to keep +// a connection alive for. func (o SecretBackendConnectionSnowflakeOutput) MaxConnectionLifetime() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretBackendConnectionSnowflake) *int { return v.MaxConnectionLifetime }).(pulumi.IntPtrOutput) } // The maximum number of idle connections to -// the database. +// maintain. func (o SecretBackendConnectionSnowflakeOutput) MaxIdleConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretBackendConnectionSnowflake) *int { return v.MaxIdleConnections }).(pulumi.IntPtrOutput) } // The maximum number of open connections to -// the database. +// use. func (o SecretBackendConnectionSnowflakeOutput) MaxOpenConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretBackendConnectionSnowflake) *int { return v.MaxOpenConnections }).(pulumi.IntPtrOutput) } -// The root credential password used in the connection URL. +// The password to authenticate with. func (o SecretBackendConnectionSnowflakeOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionSnowflake) *string { return v.Password }).(pulumi.StringPtrOutput) } -// The root credential username used in the connection URL. +// The username to authenticate with. func (o SecretBackendConnectionSnowflakeOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionSnowflake) *string { return v.Username }).(pulumi.StringPtrOutput) } -// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. +// Template describing how dynamic usernames are generated. func (o SecretBackendConnectionSnowflakeOutput) UsernameTemplate() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendConnectionSnowflake) *string { return v.UsernameTemplate }).(pulumi.StringPtrOutput) } @@ -4974,6 +5447,12 @@ func (o SecretBackendConnectionSnowflakePtrOutput) ToSecretBackendConnectionSnow return o } +func (o SecretBackendConnectionSnowflakePtrOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConnectionSnowflake] { + return pulumix.Output[*SecretBackendConnectionSnowflake]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendConnectionSnowflakePtrOutput) Elem() SecretBackendConnectionSnowflakeOutput { return o.ApplyT(func(v *SecretBackendConnectionSnowflake) SecretBackendConnectionSnowflake { if v != nil { @@ -4984,9 +5463,9 @@ func (o SecretBackendConnectionSnowflakePtrOutput) Elem() SecretBackendConnectio }).(SecretBackendConnectionSnowflakeOutput) } -// Specifies the Redshift DSN. See +// A URL containing connection information. See // the [Vault -// docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) +// docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) // for an example. func (o SecretBackendConnectionSnowflakePtrOutput) ConnectionUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionSnowflake) *string { @@ -4997,7 +5476,8 @@ func (o SecretBackendConnectionSnowflakePtrOutput) ConnectionUrl() pulumi.String }).(pulumi.StringPtrOutput) } -// The maximum amount of time a connection may be reused. +// The maximum number of seconds to keep +// a connection alive for. func (o SecretBackendConnectionSnowflakePtrOutput) MaxConnectionLifetime() pulumi.IntPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionSnowflake) *int { if v == nil { @@ -5008,7 +5488,7 @@ func (o SecretBackendConnectionSnowflakePtrOutput) MaxConnectionLifetime() pulum } // The maximum number of idle connections to -// the database. +// maintain. func (o SecretBackendConnectionSnowflakePtrOutput) MaxIdleConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionSnowflake) *int { if v == nil { @@ -5019,7 +5499,7 @@ func (o SecretBackendConnectionSnowflakePtrOutput) MaxIdleConnections() pulumi.I } // The maximum number of open connections to -// the database. +// use. func (o SecretBackendConnectionSnowflakePtrOutput) MaxOpenConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionSnowflake) *int { if v == nil { @@ -5029,7 +5509,7 @@ func (o SecretBackendConnectionSnowflakePtrOutput) MaxOpenConnections() pulumi.I }).(pulumi.IntPtrOutput) } -// The root credential password used in the connection URL. +// The password to authenticate with. func (o SecretBackendConnectionSnowflakePtrOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionSnowflake) *string { if v == nil { @@ -5039,7 +5519,7 @@ func (o SecretBackendConnectionSnowflakePtrOutput) Password() pulumi.StringPtrOu }).(pulumi.StringPtrOutput) } -// The root credential username used in the connection URL. +// The username to authenticate with. func (o SecretBackendConnectionSnowflakePtrOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionSnowflake) *string { if v == nil { @@ -5049,7 +5529,7 @@ func (o SecretBackendConnectionSnowflakePtrOutput) Username() pulumi.StringPtrOu }).(pulumi.StringPtrOutput) } -// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. +// Template describing how dynamic usernames are generated. func (o SecretBackendConnectionSnowflakePtrOutput) UsernameTemplate() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendConnectionSnowflake) *string { if v == nil { @@ -5067,14 +5547,16 @@ type SecretsMountCassandra struct { // timeout. ConnectTimeout *int `pulumi:"connectTimeout"` // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + // + // Supported list of database secrets engines that can be configured: Data map[string]interface{} `pulumi:"data"` - // A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + // The hosts to connect to. Hosts []string `pulumi:"hosts"` // Whether to skip verification of the server // certificate when using TLS. InsecureTls *bool `pulumi:"insecureTls"` Name string `pulumi:"name"` - // The password to be used in the connection. + // The root credential password used in the connection URL. Password *string `pulumi:"password"` // Concatenated PEM blocks configuring the certificate // chain. @@ -5090,9 +5572,9 @@ type SecretsMountCassandra struct { ProtocolVersion *int `pulumi:"protocolVersion"` // A list of database statements to be executed to rotate the root user's credentials. RootRotationStatements []string `pulumi:"rootRotationStatements"` - // Whether to use TLS when connecting to Redis. + // Whether to use TLS when connecting to Cassandra. Tls *bool `pulumi:"tls"` - // The username to be used in the connection (the account admin level). + // The root credential username used in the connection URL. Username *string `pulumi:"username"` // Whether the connection should be verified on // initial configuration or not. @@ -5118,14 +5600,16 @@ type SecretsMountCassandraArgs struct { // timeout. ConnectTimeout pulumi.IntPtrInput `pulumi:"connectTimeout"` // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + // + // Supported list of database secrets engines that can be configured: Data pulumi.MapInput `pulumi:"data"` - // A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + // The hosts to connect to. Hosts pulumi.StringArrayInput `pulumi:"hosts"` // Whether to skip verification of the server // certificate when using TLS. InsecureTls pulumi.BoolPtrInput `pulumi:"insecureTls"` Name pulumi.StringInput `pulumi:"name"` - // The password to be used in the connection. + // The root credential password used in the connection URL. Password pulumi.StringPtrInput `pulumi:"password"` // Concatenated PEM blocks configuring the certificate // chain. @@ -5141,9 +5625,9 @@ type SecretsMountCassandraArgs struct { ProtocolVersion pulumi.IntPtrInput `pulumi:"protocolVersion"` // A list of database statements to be executed to rotate the root user's credentials. RootRotationStatements pulumi.StringArrayInput `pulumi:"rootRotationStatements"` - // Whether to use TLS when connecting to Redis. + // Whether to use TLS when connecting to Cassandra. Tls pulumi.BoolPtrInput `pulumi:"tls"` - // The username to be used in the connection (the account admin level). + // The root credential username used in the connection URL. Username pulumi.StringPtrInput `pulumi:"username"` // Whether the connection should be verified on // initial configuration or not. @@ -5162,6 +5646,12 @@ func (i SecretsMountCassandraArgs) ToSecretsMountCassandraOutputWithContext(ctx return pulumi.ToOutputWithContext(ctx, i).(SecretsMountCassandraOutput) } +func (i SecretsMountCassandraArgs) ToOutput(ctx context.Context) pulumix.Output[SecretsMountCassandra] { + return pulumix.Output[SecretsMountCassandra]{ + OutputState: i.ToSecretsMountCassandraOutputWithContext(ctx).OutputState, + } +} + // SecretsMountCassandraArrayInput is an input type that accepts SecretsMountCassandraArray and SecretsMountCassandraArrayOutput values. // You can construct a concrete instance of `SecretsMountCassandraArrayInput` via: // @@ -5187,6 +5677,12 @@ func (i SecretsMountCassandraArray) ToSecretsMountCassandraArrayOutputWithContex return pulumi.ToOutputWithContext(ctx, i).(SecretsMountCassandraArrayOutput) } +func (i SecretsMountCassandraArray) ToOutput(ctx context.Context) pulumix.Output[[]SecretsMountCassandra] { + return pulumix.Output[[]SecretsMountCassandra]{ + OutputState: i.ToSecretsMountCassandraArrayOutputWithContext(ctx).OutputState, + } +} + type SecretsMountCassandraOutput struct{ *pulumi.OutputState } func (SecretsMountCassandraOutput) ElementType() reflect.Type { @@ -5201,6 +5697,12 @@ func (o SecretsMountCassandraOutput) ToSecretsMountCassandraOutputWithContext(ct return o } +func (o SecretsMountCassandraOutput) ToOutput(ctx context.Context) pulumix.Output[SecretsMountCassandra] { + return pulumix.Output[SecretsMountCassandra]{ + OutputState: o.OutputState, + } +} + // A list of roles that are allowed to use this // connection. func (o SecretsMountCassandraOutput) AllowedRoles() pulumi.StringArrayOutput { @@ -5214,11 +5716,13 @@ func (o SecretsMountCassandraOutput) ConnectTimeout() pulumi.IntPtrOutput { } // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. +// +// Supported list of database secrets engines that can be configured: func (o SecretsMountCassandraOutput) Data() pulumi.MapOutput { return o.ApplyT(func(v SecretsMountCassandra) map[string]interface{} { return v.Data }).(pulumi.MapOutput) } -// A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. +// The hosts to connect to. func (o SecretsMountCassandraOutput) Hosts() pulumi.StringArrayOutput { return o.ApplyT(func(v SecretsMountCassandra) []string { return v.Hosts }).(pulumi.StringArrayOutput) } @@ -5233,7 +5737,7 @@ func (o SecretsMountCassandraOutput) Name() pulumi.StringOutput { return o.ApplyT(func(v SecretsMountCassandra) string { return v.Name }).(pulumi.StringOutput) } -// The password to be used in the connection. +// The root credential password used in the connection URL. func (o SecretsMountCassandraOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountCassandra) *string { return v.Password }).(pulumi.StringPtrOutput) } @@ -5270,12 +5774,12 @@ func (o SecretsMountCassandraOutput) RootRotationStatements() pulumi.StringArray return o.ApplyT(func(v SecretsMountCassandra) []string { return v.RootRotationStatements }).(pulumi.StringArrayOutput) } -// Whether to use TLS when connecting to Redis. +// Whether to use TLS when connecting to Cassandra. func (o SecretsMountCassandraOutput) Tls() pulumi.BoolPtrOutput { return o.ApplyT(func(v SecretsMountCassandra) *bool { return v.Tls }).(pulumi.BoolPtrOutput) } -// The username to be used in the connection (the account admin level). +// The root credential username used in the connection URL. func (o SecretsMountCassandraOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountCassandra) *string { return v.Username }).(pulumi.StringPtrOutput) } @@ -5300,6 +5804,12 @@ func (o SecretsMountCassandraArrayOutput) ToSecretsMountCassandraArrayOutputWith return o } +func (o SecretsMountCassandraArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]SecretsMountCassandra] { + return pulumix.Output[[]SecretsMountCassandra]{ + OutputState: o.OutputState, + } +} + func (o SecretsMountCassandraArrayOutput) Index(i pulumi.IntInput) SecretsMountCassandraOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) SecretsMountCassandra { return vs[0].([]SecretsMountCassandra)[vs[1].(int)] @@ -5315,24 +5825,26 @@ type SecretsMountCouchbase struct { // Required for Couchbase versions prior to 6.5.0. This is only used to verify vault's connection to the server. BucketName *string `pulumi:"bucketName"` // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + // + // Supported list of database secrets engines that can be configured: Data map[string]interface{} `pulumi:"data"` - // A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + // The hosts to connect to. Hosts []string `pulumi:"hosts"` // Whether to skip verification of the server // certificate when using TLS. InsecureTls *bool `pulumi:"insecureTls"` Name string `pulumi:"name"` - // The password to be used in the connection. + // The root credential password used in the connection URL. Password string `pulumi:"password"` // Specifies the name of the plugin to use. PluginName *string `pulumi:"pluginName"` // A list of database statements to be executed to rotate the root user's credentials. RootRotationStatements []string `pulumi:"rootRotationStatements"` - // Whether to use TLS when connecting to Redis. + // Whether to use TLS when connecting to Cassandra. Tls *bool `pulumi:"tls"` - // The username to be used in the connection (the account admin level). + // The root credential username used in the connection URL. Username string `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. UsernameTemplate *string `pulumi:"usernameTemplate"` // Whether the connection should be verified on // initial configuration or not. @@ -5359,24 +5871,26 @@ type SecretsMountCouchbaseArgs struct { // Required for Couchbase versions prior to 6.5.0. This is only used to verify vault's connection to the server. BucketName pulumi.StringPtrInput `pulumi:"bucketName"` // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + // + // Supported list of database secrets engines that can be configured: Data pulumi.MapInput `pulumi:"data"` - // A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + // The hosts to connect to. Hosts pulumi.StringArrayInput `pulumi:"hosts"` // Whether to skip verification of the server // certificate when using TLS. InsecureTls pulumi.BoolPtrInput `pulumi:"insecureTls"` Name pulumi.StringInput `pulumi:"name"` - // The password to be used in the connection. + // The root credential password used in the connection URL. Password pulumi.StringInput `pulumi:"password"` // Specifies the name of the plugin to use. PluginName pulumi.StringPtrInput `pulumi:"pluginName"` // A list of database statements to be executed to rotate the root user's credentials. RootRotationStatements pulumi.StringArrayInput `pulumi:"rootRotationStatements"` - // Whether to use TLS when connecting to Redis. + // Whether to use TLS when connecting to Cassandra. Tls pulumi.BoolPtrInput `pulumi:"tls"` - // The username to be used in the connection (the account admin level). + // The root credential username used in the connection URL. Username pulumi.StringInput `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. UsernameTemplate pulumi.StringPtrInput `pulumi:"usernameTemplate"` // Whether the connection should be verified on // initial configuration or not. @@ -5395,6 +5909,12 @@ func (i SecretsMountCouchbaseArgs) ToSecretsMountCouchbaseOutputWithContext(ctx return pulumi.ToOutputWithContext(ctx, i).(SecretsMountCouchbaseOutput) } +func (i SecretsMountCouchbaseArgs) ToOutput(ctx context.Context) pulumix.Output[SecretsMountCouchbase] { + return pulumix.Output[SecretsMountCouchbase]{ + OutputState: i.ToSecretsMountCouchbaseOutputWithContext(ctx).OutputState, + } +} + // SecretsMountCouchbaseArrayInput is an input type that accepts SecretsMountCouchbaseArray and SecretsMountCouchbaseArrayOutput values. // You can construct a concrete instance of `SecretsMountCouchbaseArrayInput` via: // @@ -5420,6 +5940,12 @@ func (i SecretsMountCouchbaseArray) ToSecretsMountCouchbaseArrayOutputWithContex return pulumi.ToOutputWithContext(ctx, i).(SecretsMountCouchbaseArrayOutput) } +func (i SecretsMountCouchbaseArray) ToOutput(ctx context.Context) pulumix.Output[[]SecretsMountCouchbase] { + return pulumix.Output[[]SecretsMountCouchbase]{ + OutputState: i.ToSecretsMountCouchbaseArrayOutputWithContext(ctx).OutputState, + } +} + type SecretsMountCouchbaseOutput struct{ *pulumi.OutputState } func (SecretsMountCouchbaseOutput) ElementType() reflect.Type { @@ -5434,6 +5960,12 @@ func (o SecretsMountCouchbaseOutput) ToSecretsMountCouchbaseOutputWithContext(ct return o } +func (o SecretsMountCouchbaseOutput) ToOutput(ctx context.Context) pulumix.Output[SecretsMountCouchbase] { + return pulumix.Output[SecretsMountCouchbase]{ + OutputState: o.OutputState, + } +} + // A list of roles that are allowed to use this // connection. func (o SecretsMountCouchbaseOutput) AllowedRoles() pulumi.StringArrayOutput { @@ -5451,11 +5983,13 @@ func (o SecretsMountCouchbaseOutput) BucketName() pulumi.StringPtrOutput { } // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. +// +// Supported list of database secrets engines that can be configured: func (o SecretsMountCouchbaseOutput) Data() pulumi.MapOutput { return o.ApplyT(func(v SecretsMountCouchbase) map[string]interface{} { return v.Data }).(pulumi.MapOutput) } -// A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. +// The hosts to connect to. func (o SecretsMountCouchbaseOutput) Hosts() pulumi.StringArrayOutput { return o.ApplyT(func(v SecretsMountCouchbase) []string { return v.Hosts }).(pulumi.StringArrayOutput) } @@ -5470,7 +6004,7 @@ func (o SecretsMountCouchbaseOutput) Name() pulumi.StringOutput { return o.ApplyT(func(v SecretsMountCouchbase) string { return v.Name }).(pulumi.StringOutput) } -// The password to be used in the connection. +// The root credential password used in the connection URL. func (o SecretsMountCouchbaseOutput) Password() pulumi.StringOutput { return o.ApplyT(func(v SecretsMountCouchbase) string { return v.Password }).(pulumi.StringOutput) } @@ -5485,17 +6019,17 @@ func (o SecretsMountCouchbaseOutput) RootRotationStatements() pulumi.StringArray return o.ApplyT(func(v SecretsMountCouchbase) []string { return v.RootRotationStatements }).(pulumi.StringArrayOutput) } -// Whether to use TLS when connecting to Redis. +// Whether to use TLS when connecting to Cassandra. func (o SecretsMountCouchbaseOutput) Tls() pulumi.BoolPtrOutput { return o.ApplyT(func(v SecretsMountCouchbase) *bool { return v.Tls }).(pulumi.BoolPtrOutput) } -// The username to be used in the connection (the account admin level). +// The root credential username used in the connection URL. func (o SecretsMountCouchbaseOutput) Username() pulumi.StringOutput { return o.ApplyT(func(v SecretsMountCouchbase) string { return v.Username }).(pulumi.StringOutput) } -// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. +// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. func (o SecretsMountCouchbaseOutput) UsernameTemplate() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountCouchbase) *string { return v.UsernameTemplate }).(pulumi.StringPtrOutput) } @@ -5520,6 +6054,12 @@ func (o SecretsMountCouchbaseArrayOutput) ToSecretsMountCouchbaseArrayOutputWith return o } +func (o SecretsMountCouchbaseArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]SecretsMountCouchbase] { + return pulumix.Output[[]SecretsMountCouchbase]{ + OutputState: o.OutputState, + } +} + func (o SecretsMountCouchbaseArrayOutput) Index(i pulumi.IntInput) SecretsMountCouchbaseOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) SecretsMountCouchbase { return vs[0].([]SecretsMountCouchbase)[vs[1].(int)] @@ -5530,7 +6070,7 @@ type SecretsMountElasticsearch struct { // A list of roles that are allowed to use this // connection. AllowedRoles []string `pulumi:"allowedRoles"` - // The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity. + // The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. CaCert *string `pulumi:"caCert"` // The path to a directory of PEM-encoded CA cert files to use to verify the Elasticsearch server's identity. CaPath *string `pulumi:"caPath"` @@ -5539,11 +6079,13 @@ type SecretsMountElasticsearch struct { // The path to the key for the Elasticsearch client to use for communication. ClientKey *string `pulumi:"clientKey"` // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + // + // Supported list of database secrets engines that can be configured: Data map[string]interface{} `pulumi:"data"` // Whether to disable certificate verification. Insecure *bool `pulumi:"insecure"` Name string `pulumi:"name"` - // The password to be used in the connection. + // The root credential password used in the connection URL. Password string `pulumi:"password"` // Specifies the name of the plugin to use. PluginName *string `pulumi:"pluginName"` @@ -5551,11 +6093,12 @@ type SecretsMountElasticsearch struct { RootRotationStatements []string `pulumi:"rootRotationStatements"` // This, if set, is used to set the SNI host when connecting via TLS. TlsServerName *string `pulumi:"tlsServerName"` - // The configuration endpoint for the ElastiCache cluster to connect to. + // The URL for Elasticsearch's API. https requires certificate + // by trusted CA if used. Url string `pulumi:"url"` - // The username to be used in the connection (the account admin level). + // The root credential username used in the connection URL. Username string `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. UsernameTemplate *string `pulumi:"usernameTemplate"` // Whether the connection should be verified on // initial configuration or not. @@ -5577,7 +6120,7 @@ type SecretsMountElasticsearchArgs struct { // A list of roles that are allowed to use this // connection. AllowedRoles pulumi.StringArrayInput `pulumi:"allowedRoles"` - // The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity. + // The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. CaCert pulumi.StringPtrInput `pulumi:"caCert"` // The path to a directory of PEM-encoded CA cert files to use to verify the Elasticsearch server's identity. CaPath pulumi.StringPtrInput `pulumi:"caPath"` @@ -5586,11 +6129,13 @@ type SecretsMountElasticsearchArgs struct { // The path to the key for the Elasticsearch client to use for communication. ClientKey pulumi.StringPtrInput `pulumi:"clientKey"` // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + // + // Supported list of database secrets engines that can be configured: Data pulumi.MapInput `pulumi:"data"` // Whether to disable certificate verification. Insecure pulumi.BoolPtrInput `pulumi:"insecure"` Name pulumi.StringInput `pulumi:"name"` - // The password to be used in the connection. + // The root credential password used in the connection URL. Password pulumi.StringInput `pulumi:"password"` // Specifies the name of the plugin to use. PluginName pulumi.StringPtrInput `pulumi:"pluginName"` @@ -5598,11 +6143,12 @@ type SecretsMountElasticsearchArgs struct { RootRotationStatements pulumi.StringArrayInput `pulumi:"rootRotationStatements"` // This, if set, is used to set the SNI host when connecting via TLS. TlsServerName pulumi.StringPtrInput `pulumi:"tlsServerName"` - // The configuration endpoint for the ElastiCache cluster to connect to. + // The URL for Elasticsearch's API. https requires certificate + // by trusted CA if used. Url pulumi.StringInput `pulumi:"url"` - // The username to be used in the connection (the account admin level). + // The root credential username used in the connection URL. Username pulumi.StringInput `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. UsernameTemplate pulumi.StringPtrInput `pulumi:"usernameTemplate"` // Whether the connection should be verified on // initial configuration or not. @@ -5621,6 +6167,12 @@ func (i SecretsMountElasticsearchArgs) ToSecretsMountElasticsearchOutputWithCont return pulumi.ToOutputWithContext(ctx, i).(SecretsMountElasticsearchOutput) } +func (i SecretsMountElasticsearchArgs) ToOutput(ctx context.Context) pulumix.Output[SecretsMountElasticsearch] { + return pulumix.Output[SecretsMountElasticsearch]{ + OutputState: i.ToSecretsMountElasticsearchOutputWithContext(ctx).OutputState, + } +} + // SecretsMountElasticsearchArrayInput is an input type that accepts SecretsMountElasticsearchArray and SecretsMountElasticsearchArrayOutput values. // You can construct a concrete instance of `SecretsMountElasticsearchArrayInput` via: // @@ -5646,6 +6198,12 @@ func (i SecretsMountElasticsearchArray) ToSecretsMountElasticsearchArrayOutputWi return pulumi.ToOutputWithContext(ctx, i).(SecretsMountElasticsearchArrayOutput) } +func (i SecretsMountElasticsearchArray) ToOutput(ctx context.Context) pulumix.Output[[]SecretsMountElasticsearch] { + return pulumix.Output[[]SecretsMountElasticsearch]{ + OutputState: i.ToSecretsMountElasticsearchArrayOutputWithContext(ctx).OutputState, + } +} + type SecretsMountElasticsearchOutput struct{ *pulumi.OutputState } func (SecretsMountElasticsearchOutput) ElementType() reflect.Type { @@ -5660,13 +6218,19 @@ func (o SecretsMountElasticsearchOutput) ToSecretsMountElasticsearchOutputWithCo return o } +func (o SecretsMountElasticsearchOutput) ToOutput(ctx context.Context) pulumix.Output[SecretsMountElasticsearch] { + return pulumix.Output[SecretsMountElasticsearch]{ + OutputState: o.OutputState, + } +} + // A list of roles that are allowed to use this // connection. func (o SecretsMountElasticsearchOutput) AllowedRoles() pulumi.StringArrayOutput { return o.ApplyT(func(v SecretsMountElasticsearch) []string { return v.AllowedRoles }).(pulumi.StringArrayOutput) } -// The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity. +// The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. func (o SecretsMountElasticsearchOutput) CaCert() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountElasticsearch) *string { return v.CaCert }).(pulumi.StringPtrOutput) } @@ -5687,6 +6251,8 @@ func (o SecretsMountElasticsearchOutput) ClientKey() pulumi.StringPtrOutput { } // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. +// +// Supported list of database secrets engines that can be configured: func (o SecretsMountElasticsearchOutput) Data() pulumi.MapOutput { return o.ApplyT(func(v SecretsMountElasticsearch) map[string]interface{} { return v.Data }).(pulumi.MapOutput) } @@ -5700,7 +6266,7 @@ func (o SecretsMountElasticsearchOutput) Name() pulumi.StringOutput { return o.ApplyT(func(v SecretsMountElasticsearch) string { return v.Name }).(pulumi.StringOutput) } -// The password to be used in the connection. +// The root credential password used in the connection URL. func (o SecretsMountElasticsearchOutput) Password() pulumi.StringOutput { return o.ApplyT(func(v SecretsMountElasticsearch) string { return v.Password }).(pulumi.StringOutput) } @@ -5720,17 +6286,18 @@ func (o SecretsMountElasticsearchOutput) TlsServerName() pulumi.StringPtrOutput return o.ApplyT(func(v SecretsMountElasticsearch) *string { return v.TlsServerName }).(pulumi.StringPtrOutput) } -// The configuration endpoint for the ElastiCache cluster to connect to. +// The URL for Elasticsearch's API. https requires certificate +// by trusted CA if used. func (o SecretsMountElasticsearchOutput) Url() pulumi.StringOutput { return o.ApplyT(func(v SecretsMountElasticsearch) string { return v.Url }).(pulumi.StringOutput) } -// The username to be used in the connection (the account admin level). +// The root credential username used in the connection URL. func (o SecretsMountElasticsearchOutput) Username() pulumi.StringOutput { return o.ApplyT(func(v SecretsMountElasticsearch) string { return v.Username }).(pulumi.StringOutput) } -// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. +// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. func (o SecretsMountElasticsearchOutput) UsernameTemplate() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountElasticsearch) *string { return v.UsernameTemplate }).(pulumi.StringPtrOutput) } @@ -5755,6 +6322,12 @@ func (o SecretsMountElasticsearchArrayOutput) ToSecretsMountElasticsearchArrayOu return o } +func (o SecretsMountElasticsearchArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]SecretsMountElasticsearch] { + return pulumix.Output[[]SecretsMountElasticsearch]{ + OutputState: o.OutputState, + } +} + func (o SecretsMountElasticsearchArrayOutput) Index(i pulumi.IntInput) SecretsMountElasticsearchOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) SecretsMountElasticsearch { return vs[0].([]SecretsMountElasticsearch)[vs[1].(int)] @@ -5765,30 +6338,31 @@ type SecretsMountHana struct { // A list of roles that are allowed to use this // connection. AllowedRoles []string `pulumi:"allowedRoles"` - // A URL containing connection information.\ - // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + // Specifies the Redshift DSN. + // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) ConnectionUrl *string `pulumi:"connectionUrl"` // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + // + // Supported list of database secrets engines that can be configured: Data map[string]interface{} `pulumi:"data"` // Disable special character escaping in username and password. DisableEscaping *bool `pulumi:"disableEscaping"` - // The maximum number of seconds to keep - // a connection alive for. + // The maximum amount of time a connection may be reused. MaxConnectionLifetime *int `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // maintain. + // the database. MaxIdleConnections *int `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // use. + // the database. MaxOpenConnections *int `pulumi:"maxOpenConnections"` Name string `pulumi:"name"` - // The password to be used in the connection. + // The root credential password used in the connection URL. Password *string `pulumi:"password"` // Specifies the name of the plugin to use. PluginName *string `pulumi:"pluginName"` // A list of database statements to be executed to rotate the root user's credentials. RootRotationStatements []string `pulumi:"rootRotationStatements"` - // The username to be used in the connection (the account admin level). + // The root credential username used in the connection URL. Username *string `pulumi:"username"` // Whether the connection should be verified on // initial configuration or not. @@ -5810,30 +6384,31 @@ type SecretsMountHanaArgs struct { // A list of roles that are allowed to use this // connection. AllowedRoles pulumi.StringArrayInput `pulumi:"allowedRoles"` - // A URL containing connection information.\ - // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + // Specifies the Redshift DSN. + // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) ConnectionUrl pulumi.StringPtrInput `pulumi:"connectionUrl"` // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + // + // Supported list of database secrets engines that can be configured: Data pulumi.MapInput `pulumi:"data"` // Disable special character escaping in username and password. DisableEscaping pulumi.BoolPtrInput `pulumi:"disableEscaping"` - // The maximum number of seconds to keep - // a connection alive for. + // The maximum amount of time a connection may be reused. MaxConnectionLifetime pulumi.IntPtrInput `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // maintain. + // the database. MaxIdleConnections pulumi.IntPtrInput `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // use. + // the database. MaxOpenConnections pulumi.IntPtrInput `pulumi:"maxOpenConnections"` Name pulumi.StringInput `pulumi:"name"` - // The password to be used in the connection. + // The root credential password used in the connection URL. Password pulumi.StringPtrInput `pulumi:"password"` // Specifies the name of the plugin to use. PluginName pulumi.StringPtrInput `pulumi:"pluginName"` // A list of database statements to be executed to rotate the root user's credentials. RootRotationStatements pulumi.StringArrayInput `pulumi:"rootRotationStatements"` - // The username to be used in the connection (the account admin level). + // The root credential username used in the connection URL. Username pulumi.StringPtrInput `pulumi:"username"` // Whether the connection should be verified on // initial configuration or not. @@ -5852,6 +6427,12 @@ func (i SecretsMountHanaArgs) ToSecretsMountHanaOutputWithContext(ctx context.Co return pulumi.ToOutputWithContext(ctx, i).(SecretsMountHanaOutput) } +func (i SecretsMountHanaArgs) ToOutput(ctx context.Context) pulumix.Output[SecretsMountHana] { + return pulumix.Output[SecretsMountHana]{ + OutputState: i.ToSecretsMountHanaOutputWithContext(ctx).OutputState, + } +} + // SecretsMountHanaArrayInput is an input type that accepts SecretsMountHanaArray and SecretsMountHanaArrayOutput values. // You can construct a concrete instance of `SecretsMountHanaArrayInput` via: // @@ -5877,6 +6458,12 @@ func (i SecretsMountHanaArray) ToSecretsMountHanaArrayOutputWithContext(ctx cont return pulumi.ToOutputWithContext(ctx, i).(SecretsMountHanaArrayOutput) } +func (i SecretsMountHanaArray) ToOutput(ctx context.Context) pulumix.Output[[]SecretsMountHana] { + return pulumix.Output[[]SecretsMountHana]{ + OutputState: i.ToSecretsMountHanaArrayOutputWithContext(ctx).OutputState, + } +} + type SecretsMountHanaOutput struct{ *pulumi.OutputState } func (SecretsMountHanaOutput) ElementType() reflect.Type { @@ -5891,19 +6478,27 @@ func (o SecretsMountHanaOutput) ToSecretsMountHanaOutputWithContext(ctx context. return o } +func (o SecretsMountHanaOutput) ToOutput(ctx context.Context) pulumix.Output[SecretsMountHana] { + return pulumix.Output[SecretsMountHana]{ + OutputState: o.OutputState, + } +} + // A list of roles that are allowed to use this // connection. func (o SecretsMountHanaOutput) AllowedRoles() pulumi.StringArrayOutput { return o.ApplyT(func(v SecretsMountHana) []string { return v.AllowedRoles }).(pulumi.StringArrayOutput) } -// A URL containing connection information.\ -// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) +// Specifies the Redshift DSN. +// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) func (o SecretsMountHanaOutput) ConnectionUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountHana) *string { return v.ConnectionUrl }).(pulumi.StringPtrOutput) } // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. +// +// Supported list of database secrets engines that can be configured: func (o SecretsMountHanaOutput) Data() pulumi.MapOutput { return o.ApplyT(func(v SecretsMountHana) map[string]interface{} { return v.Data }).(pulumi.MapOutput) } @@ -5913,20 +6508,19 @@ func (o SecretsMountHanaOutput) DisableEscaping() pulumi.BoolPtrOutput { return o.ApplyT(func(v SecretsMountHana) *bool { return v.DisableEscaping }).(pulumi.BoolPtrOutput) } -// The maximum number of seconds to keep -// a connection alive for. +// The maximum amount of time a connection may be reused. func (o SecretsMountHanaOutput) MaxConnectionLifetime() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretsMountHana) *int { return v.MaxConnectionLifetime }).(pulumi.IntPtrOutput) } // The maximum number of idle connections to -// maintain. +// the database. func (o SecretsMountHanaOutput) MaxIdleConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretsMountHana) *int { return v.MaxIdleConnections }).(pulumi.IntPtrOutput) } // The maximum number of open connections to -// use. +// the database. func (o SecretsMountHanaOutput) MaxOpenConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretsMountHana) *int { return v.MaxOpenConnections }).(pulumi.IntPtrOutput) } @@ -5935,7 +6529,7 @@ func (o SecretsMountHanaOutput) Name() pulumi.StringOutput { return o.ApplyT(func(v SecretsMountHana) string { return v.Name }).(pulumi.StringOutput) } -// The password to be used in the connection. +// The root credential password used in the connection URL. func (o SecretsMountHanaOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountHana) *string { return v.Password }).(pulumi.StringPtrOutput) } @@ -5950,7 +6544,7 @@ func (o SecretsMountHanaOutput) RootRotationStatements() pulumi.StringArrayOutpu return o.ApplyT(func(v SecretsMountHana) []string { return v.RootRotationStatements }).(pulumi.StringArrayOutput) } -// The username to be used in the connection (the account admin level). +// The root credential username used in the connection URL. func (o SecretsMountHanaOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountHana) *string { return v.Username }).(pulumi.StringPtrOutput) } @@ -5975,6 +6569,12 @@ func (o SecretsMountHanaArrayOutput) ToSecretsMountHanaArrayOutputWithContext(ct return o } +func (o SecretsMountHanaArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]SecretsMountHana] { + return pulumix.Output[[]SecretsMountHana]{ + OutputState: o.OutputState, + } +} + func (o SecretsMountHanaArrayOutput) Index(i pulumi.IntInput) SecretsMountHanaOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) SecretsMountHana { return vs[0].([]SecretsMountHana)[vs[1].(int)] @@ -5989,6 +6589,8 @@ type SecretsMountInfluxdb struct { // timeout. ConnectTimeout *int `pulumi:"connectTimeout"` // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + // + // Supported list of database secrets engines that can be configured: Data map[string]interface{} `pulumi:"data"` // The host to connect to. Host string `pulumi:"host"` @@ -5996,7 +6598,7 @@ type SecretsMountInfluxdb struct { // certificate when using TLS. InsecureTls *bool `pulumi:"insecureTls"` Name string `pulumi:"name"` - // The password to be used in the connection. + // The root credential password used in the connection URL. Password string `pulumi:"password"` // Concatenated PEM blocks configuring the certificate // chain. @@ -6010,11 +6612,11 @@ type SecretsMountInfluxdb struct { Port *int `pulumi:"port"` // A list of database statements to be executed to rotate the root user's credentials. RootRotationStatements []string `pulumi:"rootRotationStatements"` - // Whether to use TLS when connecting to Redis. + // Whether to use TLS when connecting to Cassandra. Tls *bool `pulumi:"tls"` - // The username to be used in the connection (the account admin level). + // The root credential username used in the connection URL. Username string `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. UsernameTemplate *string `pulumi:"usernameTemplate"` // Whether the connection should be verified on // initial configuration or not. @@ -6040,6 +6642,8 @@ type SecretsMountInfluxdbArgs struct { // timeout. ConnectTimeout pulumi.IntPtrInput `pulumi:"connectTimeout"` // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + // + // Supported list of database secrets engines that can be configured: Data pulumi.MapInput `pulumi:"data"` // The host to connect to. Host pulumi.StringInput `pulumi:"host"` @@ -6047,7 +6651,7 @@ type SecretsMountInfluxdbArgs struct { // certificate when using TLS. InsecureTls pulumi.BoolPtrInput `pulumi:"insecureTls"` Name pulumi.StringInput `pulumi:"name"` - // The password to be used in the connection. + // The root credential password used in the connection URL. Password pulumi.StringInput `pulumi:"password"` // Concatenated PEM blocks configuring the certificate // chain. @@ -6061,11 +6665,11 @@ type SecretsMountInfluxdbArgs struct { Port pulumi.IntPtrInput `pulumi:"port"` // A list of database statements to be executed to rotate the root user's credentials. RootRotationStatements pulumi.StringArrayInput `pulumi:"rootRotationStatements"` - // Whether to use TLS when connecting to Redis. + // Whether to use TLS when connecting to Cassandra. Tls pulumi.BoolPtrInput `pulumi:"tls"` - // The username to be used in the connection (the account admin level). + // The root credential username used in the connection URL. Username pulumi.StringInput `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. UsernameTemplate pulumi.StringPtrInput `pulumi:"usernameTemplate"` // Whether the connection should be verified on // initial configuration or not. @@ -6084,6 +6688,12 @@ func (i SecretsMountInfluxdbArgs) ToSecretsMountInfluxdbOutputWithContext(ctx co return pulumi.ToOutputWithContext(ctx, i).(SecretsMountInfluxdbOutput) } +func (i SecretsMountInfluxdbArgs) ToOutput(ctx context.Context) pulumix.Output[SecretsMountInfluxdb] { + return pulumix.Output[SecretsMountInfluxdb]{ + OutputState: i.ToSecretsMountInfluxdbOutputWithContext(ctx).OutputState, + } +} + // SecretsMountInfluxdbArrayInput is an input type that accepts SecretsMountInfluxdbArray and SecretsMountInfluxdbArrayOutput values. // You can construct a concrete instance of `SecretsMountInfluxdbArrayInput` via: // @@ -6109,6 +6719,12 @@ func (i SecretsMountInfluxdbArray) ToSecretsMountInfluxdbArrayOutputWithContext( return pulumi.ToOutputWithContext(ctx, i).(SecretsMountInfluxdbArrayOutput) } +func (i SecretsMountInfluxdbArray) ToOutput(ctx context.Context) pulumix.Output[[]SecretsMountInfluxdb] { + return pulumix.Output[[]SecretsMountInfluxdb]{ + OutputState: i.ToSecretsMountInfluxdbArrayOutputWithContext(ctx).OutputState, + } +} + type SecretsMountInfluxdbOutput struct{ *pulumi.OutputState } func (SecretsMountInfluxdbOutput) ElementType() reflect.Type { @@ -6123,6 +6739,12 @@ func (o SecretsMountInfluxdbOutput) ToSecretsMountInfluxdbOutputWithContext(ctx return o } +func (o SecretsMountInfluxdbOutput) ToOutput(ctx context.Context) pulumix.Output[SecretsMountInfluxdb] { + return pulumix.Output[SecretsMountInfluxdb]{ + OutputState: o.OutputState, + } +} + // A list of roles that are allowed to use this // connection. func (o SecretsMountInfluxdbOutput) AllowedRoles() pulumi.StringArrayOutput { @@ -6136,6 +6758,8 @@ func (o SecretsMountInfluxdbOutput) ConnectTimeout() pulumi.IntPtrOutput { } // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. +// +// Supported list of database secrets engines that can be configured: func (o SecretsMountInfluxdbOutput) Data() pulumi.MapOutput { return o.ApplyT(func(v SecretsMountInfluxdb) map[string]interface{} { return v.Data }).(pulumi.MapOutput) } @@ -6155,7 +6779,7 @@ func (o SecretsMountInfluxdbOutput) Name() pulumi.StringOutput { return o.ApplyT(func(v SecretsMountInfluxdb) string { return v.Name }).(pulumi.StringOutput) } -// The password to be used in the connection. +// The root credential password used in the connection URL. func (o SecretsMountInfluxdbOutput) Password() pulumi.StringOutput { return o.ApplyT(func(v SecretsMountInfluxdb) string { return v.Password }).(pulumi.StringOutput) } @@ -6187,17 +6811,17 @@ func (o SecretsMountInfluxdbOutput) RootRotationStatements() pulumi.StringArrayO return o.ApplyT(func(v SecretsMountInfluxdb) []string { return v.RootRotationStatements }).(pulumi.StringArrayOutput) } -// Whether to use TLS when connecting to Redis. +// Whether to use TLS when connecting to Cassandra. func (o SecretsMountInfluxdbOutput) Tls() pulumi.BoolPtrOutput { return o.ApplyT(func(v SecretsMountInfluxdb) *bool { return v.Tls }).(pulumi.BoolPtrOutput) } -// The username to be used in the connection (the account admin level). +// The root credential username used in the connection URL. func (o SecretsMountInfluxdbOutput) Username() pulumi.StringOutput { return o.ApplyT(func(v SecretsMountInfluxdb) string { return v.Username }).(pulumi.StringOutput) } -// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. +// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. func (o SecretsMountInfluxdbOutput) UsernameTemplate() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountInfluxdb) *string { return v.UsernameTemplate }).(pulumi.StringPtrOutput) } @@ -6222,6 +6846,12 @@ func (o SecretsMountInfluxdbArrayOutput) ToSecretsMountInfluxdbArrayOutputWithCo return o } +func (o SecretsMountInfluxdbArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]SecretsMountInfluxdb] { + return pulumix.Output[[]SecretsMountInfluxdb]{ + OutputState: o.OutputState, + } +} + func (o SecretsMountInfluxdbArrayOutput) Index(i pulumi.IntInput) SecretsMountInfluxdbOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) SecretsMountInfluxdb { return vs[0].([]SecretsMountInfluxdb)[vs[1].(int)] @@ -6232,30 +6862,31 @@ type SecretsMountMongodb struct { // A list of roles that are allowed to use this // connection. AllowedRoles []string `pulumi:"allowedRoles"` - // A URL containing connection information.\ - // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + // Specifies the Redshift DSN. + // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) ConnectionUrl *string `pulumi:"connectionUrl"` // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + // + // Supported list of database secrets engines that can be configured: Data map[string]interface{} `pulumi:"data"` - // The maximum number of seconds to keep - // a connection alive for. + // The maximum amount of time a connection may be reused. MaxConnectionLifetime *int `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // maintain. + // the database. MaxIdleConnections *int `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // use. + // the database. MaxOpenConnections *int `pulumi:"maxOpenConnections"` Name string `pulumi:"name"` - // The password to be used in the connection. + // The root credential password used in the connection URL. Password *string `pulumi:"password"` // Specifies the name of the plugin to use. PluginName *string `pulumi:"pluginName"` // A list of database statements to be executed to rotate the root user's credentials. RootRotationStatements []string `pulumi:"rootRotationStatements"` - // The username to be used in the connection (the account admin level). + // The root credential username used in the connection URL. Username *string `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. UsernameTemplate *string `pulumi:"usernameTemplate"` // Whether the connection should be verified on // initial configuration or not. @@ -6277,30 +6908,31 @@ type SecretsMountMongodbArgs struct { // A list of roles that are allowed to use this // connection. AllowedRoles pulumi.StringArrayInput `pulumi:"allowedRoles"` - // A URL containing connection information.\ - // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + // Specifies the Redshift DSN. + // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) ConnectionUrl pulumi.StringPtrInput `pulumi:"connectionUrl"` // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + // + // Supported list of database secrets engines that can be configured: Data pulumi.MapInput `pulumi:"data"` - // The maximum number of seconds to keep - // a connection alive for. + // The maximum amount of time a connection may be reused. MaxConnectionLifetime pulumi.IntPtrInput `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // maintain. + // the database. MaxIdleConnections pulumi.IntPtrInput `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // use. + // the database. MaxOpenConnections pulumi.IntPtrInput `pulumi:"maxOpenConnections"` Name pulumi.StringInput `pulumi:"name"` - // The password to be used in the connection. + // The root credential password used in the connection URL. Password pulumi.StringPtrInput `pulumi:"password"` // Specifies the name of the plugin to use. PluginName pulumi.StringPtrInput `pulumi:"pluginName"` // A list of database statements to be executed to rotate the root user's credentials. RootRotationStatements pulumi.StringArrayInput `pulumi:"rootRotationStatements"` - // The username to be used in the connection (the account admin level). + // The root credential username used in the connection URL. Username pulumi.StringPtrInput `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. UsernameTemplate pulumi.StringPtrInput `pulumi:"usernameTemplate"` // Whether the connection should be verified on // initial configuration or not. @@ -6319,6 +6951,12 @@ func (i SecretsMountMongodbArgs) ToSecretsMountMongodbOutputWithContext(ctx cont return pulumi.ToOutputWithContext(ctx, i).(SecretsMountMongodbOutput) } +func (i SecretsMountMongodbArgs) ToOutput(ctx context.Context) pulumix.Output[SecretsMountMongodb] { + return pulumix.Output[SecretsMountMongodb]{ + OutputState: i.ToSecretsMountMongodbOutputWithContext(ctx).OutputState, + } +} + // SecretsMountMongodbArrayInput is an input type that accepts SecretsMountMongodbArray and SecretsMountMongodbArrayOutput values. // You can construct a concrete instance of `SecretsMountMongodbArrayInput` via: // @@ -6344,6 +6982,12 @@ func (i SecretsMountMongodbArray) ToSecretsMountMongodbArrayOutputWithContext(ct return pulumi.ToOutputWithContext(ctx, i).(SecretsMountMongodbArrayOutput) } +func (i SecretsMountMongodbArray) ToOutput(ctx context.Context) pulumix.Output[[]SecretsMountMongodb] { + return pulumix.Output[[]SecretsMountMongodb]{ + OutputState: i.ToSecretsMountMongodbArrayOutputWithContext(ctx).OutputState, + } +} + type SecretsMountMongodbOutput struct{ *pulumi.OutputState } func (SecretsMountMongodbOutput) ElementType() reflect.Type { @@ -6358,37 +7002,44 @@ func (o SecretsMountMongodbOutput) ToSecretsMountMongodbOutputWithContext(ctx co return o } +func (o SecretsMountMongodbOutput) ToOutput(ctx context.Context) pulumix.Output[SecretsMountMongodb] { + return pulumix.Output[SecretsMountMongodb]{ + OutputState: o.OutputState, + } +} + // A list of roles that are allowed to use this // connection. func (o SecretsMountMongodbOutput) AllowedRoles() pulumi.StringArrayOutput { return o.ApplyT(func(v SecretsMountMongodb) []string { return v.AllowedRoles }).(pulumi.StringArrayOutput) } -// A URL containing connection information.\ -// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) +// Specifies the Redshift DSN. +// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) func (o SecretsMountMongodbOutput) ConnectionUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountMongodb) *string { return v.ConnectionUrl }).(pulumi.StringPtrOutput) } // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. +// +// Supported list of database secrets engines that can be configured: func (o SecretsMountMongodbOutput) Data() pulumi.MapOutput { return o.ApplyT(func(v SecretsMountMongodb) map[string]interface{} { return v.Data }).(pulumi.MapOutput) } -// The maximum number of seconds to keep -// a connection alive for. +// The maximum amount of time a connection may be reused. func (o SecretsMountMongodbOutput) MaxConnectionLifetime() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretsMountMongodb) *int { return v.MaxConnectionLifetime }).(pulumi.IntPtrOutput) } // The maximum number of idle connections to -// maintain. +// the database. func (o SecretsMountMongodbOutput) MaxIdleConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretsMountMongodb) *int { return v.MaxIdleConnections }).(pulumi.IntPtrOutput) } // The maximum number of open connections to -// use. +// the database. func (o SecretsMountMongodbOutput) MaxOpenConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretsMountMongodb) *int { return v.MaxOpenConnections }).(pulumi.IntPtrOutput) } @@ -6397,7 +7048,7 @@ func (o SecretsMountMongodbOutput) Name() pulumi.StringOutput { return o.ApplyT(func(v SecretsMountMongodb) string { return v.Name }).(pulumi.StringOutput) } -// The password to be used in the connection. +// The root credential password used in the connection URL. func (o SecretsMountMongodbOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountMongodb) *string { return v.Password }).(pulumi.StringPtrOutput) } @@ -6412,12 +7063,12 @@ func (o SecretsMountMongodbOutput) RootRotationStatements() pulumi.StringArrayOu return o.ApplyT(func(v SecretsMountMongodb) []string { return v.RootRotationStatements }).(pulumi.StringArrayOutput) } -// The username to be used in the connection (the account admin level). +// The root credential username used in the connection URL. func (o SecretsMountMongodbOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountMongodb) *string { return v.Username }).(pulumi.StringPtrOutput) } -// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. +// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. func (o SecretsMountMongodbOutput) UsernameTemplate() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountMongodb) *string { return v.UsernameTemplate }).(pulumi.StringPtrOutput) } @@ -6442,6 +7093,12 @@ func (o SecretsMountMongodbArrayOutput) ToSecretsMountMongodbArrayOutputWithCont return o } +func (o SecretsMountMongodbArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]SecretsMountMongodb] { + return pulumix.Output[[]SecretsMountMongodb]{ + OutputState: o.OutputState, + } +} + func (o SecretsMountMongodbArrayOutput) Index(i pulumi.IntInput) SecretsMountMongodbOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) SecretsMountMongodb { return vs[0].([]SecretsMountMongodb)[vs[1].(int)] @@ -6453,6 +7110,8 @@ type SecretsMountMongodbatla struct { // connection. AllowedRoles []string `pulumi:"allowedRoles"` // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + // + // Supported list of database secrets engines that can be configured: Data map[string]interface{} `pulumi:"data"` Name string `pulumi:"name"` // Specifies the name of the plugin to use. @@ -6486,6 +7145,8 @@ type SecretsMountMongodbatlaArgs struct { // connection. AllowedRoles pulumi.StringArrayInput `pulumi:"allowedRoles"` // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + // + // Supported list of database secrets engines that can be configured: Data pulumi.MapInput `pulumi:"data"` Name pulumi.StringInput `pulumi:"name"` // Specifies the name of the plugin to use. @@ -6515,6 +7176,12 @@ func (i SecretsMountMongodbatlaArgs) ToSecretsMountMongodbatlaOutputWithContext( return pulumi.ToOutputWithContext(ctx, i).(SecretsMountMongodbatlaOutput) } +func (i SecretsMountMongodbatlaArgs) ToOutput(ctx context.Context) pulumix.Output[SecretsMountMongodbatla] { + return pulumix.Output[SecretsMountMongodbatla]{ + OutputState: i.ToSecretsMountMongodbatlaOutputWithContext(ctx).OutputState, + } +} + // SecretsMountMongodbatlaArrayInput is an input type that accepts SecretsMountMongodbatlaArray and SecretsMountMongodbatlaArrayOutput values. // You can construct a concrete instance of `SecretsMountMongodbatlaArrayInput` via: // @@ -6540,6 +7207,12 @@ func (i SecretsMountMongodbatlaArray) ToSecretsMountMongodbatlaArrayOutputWithCo return pulumi.ToOutputWithContext(ctx, i).(SecretsMountMongodbatlaArrayOutput) } +func (i SecretsMountMongodbatlaArray) ToOutput(ctx context.Context) pulumix.Output[[]SecretsMountMongodbatla] { + return pulumix.Output[[]SecretsMountMongodbatla]{ + OutputState: i.ToSecretsMountMongodbatlaArrayOutputWithContext(ctx).OutputState, + } +} + type SecretsMountMongodbatlaOutput struct{ *pulumi.OutputState } func (SecretsMountMongodbatlaOutput) ElementType() reflect.Type { @@ -6554,6 +7227,12 @@ func (o SecretsMountMongodbatlaOutput) ToSecretsMountMongodbatlaOutputWithContex return o } +func (o SecretsMountMongodbatlaOutput) ToOutput(ctx context.Context) pulumix.Output[SecretsMountMongodbatla] { + return pulumix.Output[SecretsMountMongodbatla]{ + OutputState: o.OutputState, + } +} + // A list of roles that are allowed to use this // connection. func (o SecretsMountMongodbatlaOutput) AllowedRoles() pulumi.StringArrayOutput { @@ -6561,6 +7240,8 @@ func (o SecretsMountMongodbatlaOutput) AllowedRoles() pulumi.StringArrayOutput { } // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. +// +// Supported list of database secrets engines that can be configured: func (o SecretsMountMongodbatlaOutput) Data() pulumi.MapOutput { return o.ApplyT(func(v SecretsMountMongodbatla) map[string]interface{} { return v.Data }).(pulumi.MapOutput) } @@ -6614,6 +7295,12 @@ func (o SecretsMountMongodbatlaArrayOutput) ToSecretsMountMongodbatlaArrayOutput return o } +func (o SecretsMountMongodbatlaArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]SecretsMountMongodbatla] { + return pulumix.Output[[]SecretsMountMongodbatla]{ + OutputState: o.OutputState, + } +} + func (o SecretsMountMongodbatlaArrayOutput) Index(i pulumi.IntInput) SecretsMountMongodbatlaOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) SecretsMountMongodbatla { return vs[0].([]SecretsMountMongodbatla)[vs[1].(int)] @@ -6624,36 +7311,37 @@ type SecretsMountMssql struct { // A list of roles that are allowed to use this // connection. AllowedRoles []string `pulumi:"allowedRoles"` - // A URL containing connection information.\ - // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + // Specifies the Redshift DSN. + // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) ConnectionUrl *string `pulumi:"connectionUrl"` // For Vault v1.9+. Set to true when the target is a // Contained Database, e.g. AzureSQL. // See [Vault docs](https://www.vaultproject.io/api/secret/databases/mssql#contained_db) ContainedDb *bool `pulumi:"containedDb"` // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + // + // Supported list of database secrets engines that can be configured: Data map[string]interface{} `pulumi:"data"` // Disable special character escaping in username and password. DisableEscaping *bool `pulumi:"disableEscaping"` - // The maximum number of seconds to keep - // a connection alive for. + // The maximum amount of time a connection may be reused. MaxConnectionLifetime *int `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // maintain. + // the database. MaxIdleConnections *int `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // use. + // the database. MaxOpenConnections *int `pulumi:"maxOpenConnections"` Name string `pulumi:"name"` - // The password to be used in the connection. + // The root credential password used in the connection URL. Password *string `pulumi:"password"` // Specifies the name of the plugin to use. PluginName *string `pulumi:"pluginName"` // A list of database statements to be executed to rotate the root user's credentials. RootRotationStatements []string `pulumi:"rootRotationStatements"` - // The username to be used in the connection (the account admin level). + // The root credential username used in the connection URL. Username *string `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. UsernameTemplate *string `pulumi:"usernameTemplate"` // Whether the connection should be verified on // initial configuration or not. @@ -6675,36 +7363,37 @@ type SecretsMountMssqlArgs struct { // A list of roles that are allowed to use this // connection. AllowedRoles pulumi.StringArrayInput `pulumi:"allowedRoles"` - // A URL containing connection information.\ - // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + // Specifies the Redshift DSN. + // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) ConnectionUrl pulumi.StringPtrInput `pulumi:"connectionUrl"` // For Vault v1.9+. Set to true when the target is a // Contained Database, e.g. AzureSQL. // See [Vault docs](https://www.vaultproject.io/api/secret/databases/mssql#contained_db) ContainedDb pulumi.BoolPtrInput `pulumi:"containedDb"` // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + // + // Supported list of database secrets engines that can be configured: Data pulumi.MapInput `pulumi:"data"` // Disable special character escaping in username and password. DisableEscaping pulumi.BoolPtrInput `pulumi:"disableEscaping"` - // The maximum number of seconds to keep - // a connection alive for. + // The maximum amount of time a connection may be reused. MaxConnectionLifetime pulumi.IntPtrInput `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // maintain. + // the database. MaxIdleConnections pulumi.IntPtrInput `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // use. + // the database. MaxOpenConnections pulumi.IntPtrInput `pulumi:"maxOpenConnections"` Name pulumi.StringInput `pulumi:"name"` - // The password to be used in the connection. + // The root credential password used in the connection URL. Password pulumi.StringPtrInput `pulumi:"password"` // Specifies the name of the plugin to use. PluginName pulumi.StringPtrInput `pulumi:"pluginName"` // A list of database statements to be executed to rotate the root user's credentials. RootRotationStatements pulumi.StringArrayInput `pulumi:"rootRotationStatements"` - // The username to be used in the connection (the account admin level). + // The root credential username used in the connection URL. Username pulumi.StringPtrInput `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. UsernameTemplate pulumi.StringPtrInput `pulumi:"usernameTemplate"` // Whether the connection should be verified on // initial configuration or not. @@ -6723,6 +7412,12 @@ func (i SecretsMountMssqlArgs) ToSecretsMountMssqlOutputWithContext(ctx context. return pulumi.ToOutputWithContext(ctx, i).(SecretsMountMssqlOutput) } +func (i SecretsMountMssqlArgs) ToOutput(ctx context.Context) pulumix.Output[SecretsMountMssql] { + return pulumix.Output[SecretsMountMssql]{ + OutputState: i.ToSecretsMountMssqlOutputWithContext(ctx).OutputState, + } +} + // SecretsMountMssqlArrayInput is an input type that accepts SecretsMountMssqlArray and SecretsMountMssqlArrayOutput values. // You can construct a concrete instance of `SecretsMountMssqlArrayInput` via: // @@ -6748,6 +7443,12 @@ func (i SecretsMountMssqlArray) ToSecretsMountMssqlArrayOutputWithContext(ctx co return pulumi.ToOutputWithContext(ctx, i).(SecretsMountMssqlArrayOutput) } +func (i SecretsMountMssqlArray) ToOutput(ctx context.Context) pulumix.Output[[]SecretsMountMssql] { + return pulumix.Output[[]SecretsMountMssql]{ + OutputState: i.ToSecretsMountMssqlArrayOutputWithContext(ctx).OutputState, + } +} + type SecretsMountMssqlOutput struct{ *pulumi.OutputState } func (SecretsMountMssqlOutput) ElementType() reflect.Type { @@ -6762,14 +7463,20 @@ func (o SecretsMountMssqlOutput) ToSecretsMountMssqlOutputWithContext(ctx contex return o } +func (o SecretsMountMssqlOutput) ToOutput(ctx context.Context) pulumix.Output[SecretsMountMssql] { + return pulumix.Output[SecretsMountMssql]{ + OutputState: o.OutputState, + } +} + // A list of roles that are allowed to use this // connection. func (o SecretsMountMssqlOutput) AllowedRoles() pulumi.StringArrayOutput { return o.ApplyT(func(v SecretsMountMssql) []string { return v.AllowedRoles }).(pulumi.StringArrayOutput) } -// A URL containing connection information.\ -// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) +// Specifies the Redshift DSN. +// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) func (o SecretsMountMssqlOutput) ConnectionUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountMssql) *string { return v.ConnectionUrl }).(pulumi.StringPtrOutput) } @@ -6782,6 +7489,8 @@ func (o SecretsMountMssqlOutput) ContainedDb() pulumi.BoolPtrOutput { } // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. +// +// Supported list of database secrets engines that can be configured: func (o SecretsMountMssqlOutput) Data() pulumi.MapOutput { return o.ApplyT(func(v SecretsMountMssql) map[string]interface{} { return v.Data }).(pulumi.MapOutput) } @@ -6791,20 +7500,19 @@ func (o SecretsMountMssqlOutput) DisableEscaping() pulumi.BoolPtrOutput { return o.ApplyT(func(v SecretsMountMssql) *bool { return v.DisableEscaping }).(pulumi.BoolPtrOutput) } -// The maximum number of seconds to keep -// a connection alive for. +// The maximum amount of time a connection may be reused. func (o SecretsMountMssqlOutput) MaxConnectionLifetime() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretsMountMssql) *int { return v.MaxConnectionLifetime }).(pulumi.IntPtrOutput) } // The maximum number of idle connections to -// maintain. +// the database. func (o SecretsMountMssqlOutput) MaxIdleConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretsMountMssql) *int { return v.MaxIdleConnections }).(pulumi.IntPtrOutput) } // The maximum number of open connections to -// use. +// the database. func (o SecretsMountMssqlOutput) MaxOpenConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretsMountMssql) *int { return v.MaxOpenConnections }).(pulumi.IntPtrOutput) } @@ -6813,7 +7521,7 @@ func (o SecretsMountMssqlOutput) Name() pulumi.StringOutput { return o.ApplyT(func(v SecretsMountMssql) string { return v.Name }).(pulumi.StringOutput) } -// The password to be used in the connection. +// The root credential password used in the connection URL. func (o SecretsMountMssqlOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountMssql) *string { return v.Password }).(pulumi.StringPtrOutput) } @@ -6828,12 +7536,12 @@ func (o SecretsMountMssqlOutput) RootRotationStatements() pulumi.StringArrayOutp return o.ApplyT(func(v SecretsMountMssql) []string { return v.RootRotationStatements }).(pulumi.StringArrayOutput) } -// The username to be used in the connection (the account admin level). +// The root credential username used in the connection URL. func (o SecretsMountMssqlOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountMssql) *string { return v.Username }).(pulumi.StringPtrOutput) } -// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. +// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. func (o SecretsMountMssqlOutput) UsernameTemplate() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountMssql) *string { return v.UsernameTemplate }).(pulumi.StringPtrOutput) } @@ -6858,6 +7566,12 @@ func (o SecretsMountMssqlArrayOutput) ToSecretsMountMssqlArrayOutputWithContext( return o } +func (o SecretsMountMssqlArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]SecretsMountMssql] { + return pulumix.Output[[]SecretsMountMssql]{ + OutputState: o.OutputState, + } +} + func (o SecretsMountMssqlArrayOutput) Index(i pulumi.IntInput) SecretsMountMssqlOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) SecretsMountMssql { return vs[0].([]SecretsMountMssql)[vs[1].(int)] @@ -6869,22 +7583,23 @@ type SecretsMountMysql struct { // connection. AllowedRoles []string `pulumi:"allowedRoles"` AuthType *string `pulumi:"authType"` - // A URL containing connection information.\ - // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + // Specifies the Redshift DSN. + // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) ConnectionUrl *string `pulumi:"connectionUrl"` // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + // + // Supported list of database secrets engines that can be configured: Data map[string]interface{} `pulumi:"data"` - // The maximum number of seconds to keep - // a connection alive for. + // The maximum amount of time a connection may be reused. MaxConnectionLifetime *int `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // maintain. + // the database. MaxIdleConnections *int `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // use. + // the database. MaxOpenConnections *int `pulumi:"maxOpenConnections"` Name string `pulumi:"name"` - // The password to be used in the connection. + // The root credential password used in the connection URL. Password *string `pulumi:"password"` // Specifies the name of the plugin to use. PluginName *string `pulumi:"pluginName"` @@ -6895,9 +7610,9 @@ type SecretsMountMysql struct { TlsCa *string `pulumi:"tlsCa"` // x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined. TlsCertificateKey *string `pulumi:"tlsCertificateKey"` - // The username to be used in the connection (the account admin level). + // The root credential username used in the connection URL. Username *string `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. UsernameTemplate *string `pulumi:"usernameTemplate"` // Whether the connection should be verified on // initial configuration or not. @@ -6920,22 +7635,23 @@ type SecretsMountMysqlArgs struct { // connection. AllowedRoles pulumi.StringArrayInput `pulumi:"allowedRoles"` AuthType pulumi.StringPtrInput `pulumi:"authType"` - // A URL containing connection information.\ - // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + // Specifies the Redshift DSN. + // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) ConnectionUrl pulumi.StringPtrInput `pulumi:"connectionUrl"` // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + // + // Supported list of database secrets engines that can be configured: Data pulumi.MapInput `pulumi:"data"` - // The maximum number of seconds to keep - // a connection alive for. + // The maximum amount of time a connection may be reused. MaxConnectionLifetime pulumi.IntPtrInput `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // maintain. + // the database. MaxIdleConnections pulumi.IntPtrInput `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // use. + // the database. MaxOpenConnections pulumi.IntPtrInput `pulumi:"maxOpenConnections"` Name pulumi.StringInput `pulumi:"name"` - // The password to be used in the connection. + // The root credential password used in the connection URL. Password pulumi.StringPtrInput `pulumi:"password"` // Specifies the name of the plugin to use. PluginName pulumi.StringPtrInput `pulumi:"pluginName"` @@ -6946,9 +7662,9 @@ type SecretsMountMysqlArgs struct { TlsCa pulumi.StringPtrInput `pulumi:"tlsCa"` // x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined. TlsCertificateKey pulumi.StringPtrInput `pulumi:"tlsCertificateKey"` - // The username to be used in the connection (the account admin level). + // The root credential username used in the connection URL. Username pulumi.StringPtrInput `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. UsernameTemplate pulumi.StringPtrInput `pulumi:"usernameTemplate"` // Whether the connection should be verified on // initial configuration or not. @@ -6967,6 +7683,12 @@ func (i SecretsMountMysqlArgs) ToSecretsMountMysqlOutputWithContext(ctx context. return pulumi.ToOutputWithContext(ctx, i).(SecretsMountMysqlOutput) } +func (i SecretsMountMysqlArgs) ToOutput(ctx context.Context) pulumix.Output[SecretsMountMysql] { + return pulumix.Output[SecretsMountMysql]{ + OutputState: i.ToSecretsMountMysqlOutputWithContext(ctx).OutputState, + } +} + // SecretsMountMysqlArrayInput is an input type that accepts SecretsMountMysqlArray and SecretsMountMysqlArrayOutput values. // You can construct a concrete instance of `SecretsMountMysqlArrayInput` via: // @@ -6992,6 +7714,12 @@ func (i SecretsMountMysqlArray) ToSecretsMountMysqlArrayOutputWithContext(ctx co return pulumi.ToOutputWithContext(ctx, i).(SecretsMountMysqlArrayOutput) } +func (i SecretsMountMysqlArray) ToOutput(ctx context.Context) pulumix.Output[[]SecretsMountMysql] { + return pulumix.Output[[]SecretsMountMysql]{ + OutputState: i.ToSecretsMountMysqlArrayOutputWithContext(ctx).OutputState, + } +} + type SecretsMountMysqlOutput struct{ *pulumi.OutputState } func (SecretsMountMysqlOutput) ElementType() reflect.Type { @@ -7006,6 +7734,12 @@ func (o SecretsMountMysqlOutput) ToSecretsMountMysqlOutputWithContext(ctx contex return o } +func (o SecretsMountMysqlOutput) ToOutput(ctx context.Context) pulumix.Output[SecretsMountMysql] { + return pulumix.Output[SecretsMountMysql]{ + OutputState: o.OutputState, + } +} + // A list of roles that are allowed to use this // connection. func (o SecretsMountMysqlOutput) AllowedRoles() pulumi.StringArrayOutput { @@ -7016,31 +7750,32 @@ func (o SecretsMountMysqlOutput) AuthType() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountMysql) *string { return v.AuthType }).(pulumi.StringPtrOutput) } -// A URL containing connection information.\ -// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) +// Specifies the Redshift DSN. +// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) func (o SecretsMountMysqlOutput) ConnectionUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountMysql) *string { return v.ConnectionUrl }).(pulumi.StringPtrOutput) } // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. +// +// Supported list of database secrets engines that can be configured: func (o SecretsMountMysqlOutput) Data() pulumi.MapOutput { return o.ApplyT(func(v SecretsMountMysql) map[string]interface{} { return v.Data }).(pulumi.MapOutput) } -// The maximum number of seconds to keep -// a connection alive for. +// The maximum amount of time a connection may be reused. func (o SecretsMountMysqlOutput) MaxConnectionLifetime() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretsMountMysql) *int { return v.MaxConnectionLifetime }).(pulumi.IntPtrOutput) } // The maximum number of idle connections to -// maintain. +// the database. func (o SecretsMountMysqlOutput) MaxIdleConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretsMountMysql) *int { return v.MaxIdleConnections }).(pulumi.IntPtrOutput) } // The maximum number of open connections to -// use. +// the database. func (o SecretsMountMysqlOutput) MaxOpenConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretsMountMysql) *int { return v.MaxOpenConnections }).(pulumi.IntPtrOutput) } @@ -7049,7 +7784,7 @@ func (o SecretsMountMysqlOutput) Name() pulumi.StringOutput { return o.ApplyT(func(v SecretsMountMysql) string { return v.Name }).(pulumi.StringOutput) } -// The password to be used in the connection. +// The root credential password used in the connection URL. func (o SecretsMountMysqlOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountMysql) *string { return v.Password }).(pulumi.StringPtrOutput) } @@ -7078,12 +7813,12 @@ func (o SecretsMountMysqlOutput) TlsCertificateKey() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountMysql) *string { return v.TlsCertificateKey }).(pulumi.StringPtrOutput) } -// The username to be used in the connection (the account admin level). +// The root credential username used in the connection URL. func (o SecretsMountMysqlOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountMysql) *string { return v.Username }).(pulumi.StringPtrOutput) } -// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. +// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. func (o SecretsMountMysqlOutput) UsernameTemplate() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountMysql) *string { return v.UsernameTemplate }).(pulumi.StringPtrOutput) } @@ -7108,6 +7843,12 @@ func (o SecretsMountMysqlArrayOutput) ToSecretsMountMysqlArrayOutputWithContext( return o } +func (o SecretsMountMysqlArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]SecretsMountMysql] { + return pulumix.Output[[]SecretsMountMysql]{ + OutputState: o.OutputState, + } +} + func (o SecretsMountMysqlArrayOutput) Index(i pulumi.IntInput) SecretsMountMysqlOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) SecretsMountMysql { return vs[0].([]SecretsMountMysql)[vs[1].(int)] @@ -7118,30 +7859,31 @@ type SecretsMountMysqlAurora struct { // A list of roles that are allowed to use this // connection. AllowedRoles []string `pulumi:"allowedRoles"` - // A URL containing connection information.\ - // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + // Specifies the Redshift DSN. + // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) ConnectionUrl *string `pulumi:"connectionUrl"` // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + // + // Supported list of database secrets engines that can be configured: Data map[string]interface{} `pulumi:"data"` - // The maximum number of seconds to keep - // a connection alive for. + // The maximum amount of time a connection may be reused. MaxConnectionLifetime *int `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // maintain. + // the database. MaxIdleConnections *int `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // use. + // the database. MaxOpenConnections *int `pulumi:"maxOpenConnections"` Name string `pulumi:"name"` - // The password to be used in the connection. + // The root credential password used in the connection URL. Password *string `pulumi:"password"` // Specifies the name of the plugin to use. PluginName *string `pulumi:"pluginName"` // A list of database statements to be executed to rotate the root user's credentials. RootRotationStatements []string `pulumi:"rootRotationStatements"` - // The username to be used in the connection (the account admin level). + // The root credential username used in the connection URL. Username *string `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. UsernameTemplate *string `pulumi:"usernameTemplate"` // Whether the connection should be verified on // initial configuration or not. @@ -7163,30 +7905,31 @@ type SecretsMountMysqlAuroraArgs struct { // A list of roles that are allowed to use this // connection. AllowedRoles pulumi.StringArrayInput `pulumi:"allowedRoles"` - // A URL containing connection information.\ - // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + // Specifies the Redshift DSN. + // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) ConnectionUrl pulumi.StringPtrInput `pulumi:"connectionUrl"` // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + // + // Supported list of database secrets engines that can be configured: Data pulumi.MapInput `pulumi:"data"` - // The maximum number of seconds to keep - // a connection alive for. + // The maximum amount of time a connection may be reused. MaxConnectionLifetime pulumi.IntPtrInput `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // maintain. + // the database. MaxIdleConnections pulumi.IntPtrInput `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // use. + // the database. MaxOpenConnections pulumi.IntPtrInput `pulumi:"maxOpenConnections"` Name pulumi.StringInput `pulumi:"name"` - // The password to be used in the connection. + // The root credential password used in the connection URL. Password pulumi.StringPtrInput `pulumi:"password"` // Specifies the name of the plugin to use. PluginName pulumi.StringPtrInput `pulumi:"pluginName"` // A list of database statements to be executed to rotate the root user's credentials. RootRotationStatements pulumi.StringArrayInput `pulumi:"rootRotationStatements"` - // The username to be used in the connection (the account admin level). + // The root credential username used in the connection URL. Username pulumi.StringPtrInput `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. UsernameTemplate pulumi.StringPtrInput `pulumi:"usernameTemplate"` // Whether the connection should be verified on // initial configuration or not. @@ -7205,6 +7948,12 @@ func (i SecretsMountMysqlAuroraArgs) ToSecretsMountMysqlAuroraOutputWithContext( return pulumi.ToOutputWithContext(ctx, i).(SecretsMountMysqlAuroraOutput) } +func (i SecretsMountMysqlAuroraArgs) ToOutput(ctx context.Context) pulumix.Output[SecretsMountMysqlAurora] { + return pulumix.Output[SecretsMountMysqlAurora]{ + OutputState: i.ToSecretsMountMysqlAuroraOutputWithContext(ctx).OutputState, + } +} + // SecretsMountMysqlAuroraArrayInput is an input type that accepts SecretsMountMysqlAuroraArray and SecretsMountMysqlAuroraArrayOutput values. // You can construct a concrete instance of `SecretsMountMysqlAuroraArrayInput` via: // @@ -7230,6 +7979,12 @@ func (i SecretsMountMysqlAuroraArray) ToSecretsMountMysqlAuroraArrayOutputWithCo return pulumi.ToOutputWithContext(ctx, i).(SecretsMountMysqlAuroraArrayOutput) } +func (i SecretsMountMysqlAuroraArray) ToOutput(ctx context.Context) pulumix.Output[[]SecretsMountMysqlAurora] { + return pulumix.Output[[]SecretsMountMysqlAurora]{ + OutputState: i.ToSecretsMountMysqlAuroraArrayOutputWithContext(ctx).OutputState, + } +} + type SecretsMountMysqlAuroraOutput struct{ *pulumi.OutputState } func (SecretsMountMysqlAuroraOutput) ElementType() reflect.Type { @@ -7244,37 +7999,44 @@ func (o SecretsMountMysqlAuroraOutput) ToSecretsMountMysqlAuroraOutputWithContex return o } +func (o SecretsMountMysqlAuroraOutput) ToOutput(ctx context.Context) pulumix.Output[SecretsMountMysqlAurora] { + return pulumix.Output[SecretsMountMysqlAurora]{ + OutputState: o.OutputState, + } +} + // A list of roles that are allowed to use this // connection. func (o SecretsMountMysqlAuroraOutput) AllowedRoles() pulumi.StringArrayOutput { return o.ApplyT(func(v SecretsMountMysqlAurora) []string { return v.AllowedRoles }).(pulumi.StringArrayOutput) } -// A URL containing connection information.\ -// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) +// Specifies the Redshift DSN. +// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) func (o SecretsMountMysqlAuroraOutput) ConnectionUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountMysqlAurora) *string { return v.ConnectionUrl }).(pulumi.StringPtrOutput) } // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. +// +// Supported list of database secrets engines that can be configured: func (o SecretsMountMysqlAuroraOutput) Data() pulumi.MapOutput { return o.ApplyT(func(v SecretsMountMysqlAurora) map[string]interface{} { return v.Data }).(pulumi.MapOutput) } -// The maximum number of seconds to keep -// a connection alive for. +// The maximum amount of time a connection may be reused. func (o SecretsMountMysqlAuroraOutput) MaxConnectionLifetime() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretsMountMysqlAurora) *int { return v.MaxConnectionLifetime }).(pulumi.IntPtrOutput) } // The maximum number of idle connections to -// maintain. +// the database. func (o SecretsMountMysqlAuroraOutput) MaxIdleConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretsMountMysqlAurora) *int { return v.MaxIdleConnections }).(pulumi.IntPtrOutput) } // The maximum number of open connections to -// use. +// the database. func (o SecretsMountMysqlAuroraOutput) MaxOpenConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretsMountMysqlAurora) *int { return v.MaxOpenConnections }).(pulumi.IntPtrOutput) } @@ -7283,7 +8045,7 @@ func (o SecretsMountMysqlAuroraOutput) Name() pulumi.StringOutput { return o.ApplyT(func(v SecretsMountMysqlAurora) string { return v.Name }).(pulumi.StringOutput) } -// The password to be used in the connection. +// The root credential password used in the connection URL. func (o SecretsMountMysqlAuroraOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountMysqlAurora) *string { return v.Password }).(pulumi.StringPtrOutput) } @@ -7298,12 +8060,12 @@ func (o SecretsMountMysqlAuroraOutput) RootRotationStatements() pulumi.StringArr return o.ApplyT(func(v SecretsMountMysqlAurora) []string { return v.RootRotationStatements }).(pulumi.StringArrayOutput) } -// The username to be used in the connection (the account admin level). +// The root credential username used in the connection URL. func (o SecretsMountMysqlAuroraOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountMysqlAurora) *string { return v.Username }).(pulumi.StringPtrOutput) } -// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. +// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. func (o SecretsMountMysqlAuroraOutput) UsernameTemplate() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountMysqlAurora) *string { return v.UsernameTemplate }).(pulumi.StringPtrOutput) } @@ -7328,6 +8090,12 @@ func (o SecretsMountMysqlAuroraArrayOutput) ToSecretsMountMysqlAuroraArrayOutput return o } +func (o SecretsMountMysqlAuroraArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]SecretsMountMysqlAurora] { + return pulumix.Output[[]SecretsMountMysqlAurora]{ + OutputState: o.OutputState, + } +} + func (o SecretsMountMysqlAuroraArrayOutput) Index(i pulumi.IntInput) SecretsMountMysqlAuroraOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) SecretsMountMysqlAurora { return vs[0].([]SecretsMountMysqlAurora)[vs[1].(int)] @@ -7338,30 +8106,31 @@ type SecretsMountMysqlLegacy struct { // A list of roles that are allowed to use this // connection. AllowedRoles []string `pulumi:"allowedRoles"` - // A URL containing connection information.\ - // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + // Specifies the Redshift DSN. + // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) ConnectionUrl *string `pulumi:"connectionUrl"` // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + // + // Supported list of database secrets engines that can be configured: Data map[string]interface{} `pulumi:"data"` - // The maximum number of seconds to keep - // a connection alive for. + // The maximum amount of time a connection may be reused. MaxConnectionLifetime *int `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // maintain. + // the database. MaxIdleConnections *int `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // use. + // the database. MaxOpenConnections *int `pulumi:"maxOpenConnections"` Name string `pulumi:"name"` - // The password to be used in the connection. + // The root credential password used in the connection URL. Password *string `pulumi:"password"` // Specifies the name of the plugin to use. PluginName *string `pulumi:"pluginName"` // A list of database statements to be executed to rotate the root user's credentials. RootRotationStatements []string `pulumi:"rootRotationStatements"` - // The username to be used in the connection (the account admin level). + // The root credential username used in the connection URL. Username *string `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. UsernameTemplate *string `pulumi:"usernameTemplate"` // Whether the connection should be verified on // initial configuration or not. @@ -7383,30 +8152,31 @@ type SecretsMountMysqlLegacyArgs struct { // A list of roles that are allowed to use this // connection. AllowedRoles pulumi.StringArrayInput `pulumi:"allowedRoles"` - // A URL containing connection information.\ - // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + // Specifies the Redshift DSN. + // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) ConnectionUrl pulumi.StringPtrInput `pulumi:"connectionUrl"` // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + // + // Supported list of database secrets engines that can be configured: Data pulumi.MapInput `pulumi:"data"` - // The maximum number of seconds to keep - // a connection alive for. + // The maximum amount of time a connection may be reused. MaxConnectionLifetime pulumi.IntPtrInput `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // maintain. + // the database. MaxIdleConnections pulumi.IntPtrInput `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // use. + // the database. MaxOpenConnections pulumi.IntPtrInput `pulumi:"maxOpenConnections"` Name pulumi.StringInput `pulumi:"name"` - // The password to be used in the connection. + // The root credential password used in the connection URL. Password pulumi.StringPtrInput `pulumi:"password"` // Specifies the name of the plugin to use. PluginName pulumi.StringPtrInput `pulumi:"pluginName"` // A list of database statements to be executed to rotate the root user's credentials. RootRotationStatements pulumi.StringArrayInput `pulumi:"rootRotationStatements"` - // The username to be used in the connection (the account admin level). + // The root credential username used in the connection URL. Username pulumi.StringPtrInput `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. UsernameTemplate pulumi.StringPtrInput `pulumi:"usernameTemplate"` // Whether the connection should be verified on // initial configuration or not. @@ -7425,6 +8195,12 @@ func (i SecretsMountMysqlLegacyArgs) ToSecretsMountMysqlLegacyOutputWithContext( return pulumi.ToOutputWithContext(ctx, i).(SecretsMountMysqlLegacyOutput) } +func (i SecretsMountMysqlLegacyArgs) ToOutput(ctx context.Context) pulumix.Output[SecretsMountMysqlLegacy] { + return pulumix.Output[SecretsMountMysqlLegacy]{ + OutputState: i.ToSecretsMountMysqlLegacyOutputWithContext(ctx).OutputState, + } +} + // SecretsMountMysqlLegacyArrayInput is an input type that accepts SecretsMountMysqlLegacyArray and SecretsMountMysqlLegacyArrayOutput values. // You can construct a concrete instance of `SecretsMountMysqlLegacyArrayInput` via: // @@ -7450,6 +8226,12 @@ func (i SecretsMountMysqlLegacyArray) ToSecretsMountMysqlLegacyArrayOutputWithCo return pulumi.ToOutputWithContext(ctx, i).(SecretsMountMysqlLegacyArrayOutput) } +func (i SecretsMountMysqlLegacyArray) ToOutput(ctx context.Context) pulumix.Output[[]SecretsMountMysqlLegacy] { + return pulumix.Output[[]SecretsMountMysqlLegacy]{ + OutputState: i.ToSecretsMountMysqlLegacyArrayOutputWithContext(ctx).OutputState, + } +} + type SecretsMountMysqlLegacyOutput struct{ *pulumi.OutputState } func (SecretsMountMysqlLegacyOutput) ElementType() reflect.Type { @@ -7464,37 +8246,44 @@ func (o SecretsMountMysqlLegacyOutput) ToSecretsMountMysqlLegacyOutputWithContex return o } +func (o SecretsMountMysqlLegacyOutput) ToOutput(ctx context.Context) pulumix.Output[SecretsMountMysqlLegacy] { + return pulumix.Output[SecretsMountMysqlLegacy]{ + OutputState: o.OutputState, + } +} + // A list of roles that are allowed to use this // connection. func (o SecretsMountMysqlLegacyOutput) AllowedRoles() pulumi.StringArrayOutput { return o.ApplyT(func(v SecretsMountMysqlLegacy) []string { return v.AllowedRoles }).(pulumi.StringArrayOutput) } -// A URL containing connection information.\ -// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) +// Specifies the Redshift DSN. +// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) func (o SecretsMountMysqlLegacyOutput) ConnectionUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountMysqlLegacy) *string { return v.ConnectionUrl }).(pulumi.StringPtrOutput) } // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. +// +// Supported list of database secrets engines that can be configured: func (o SecretsMountMysqlLegacyOutput) Data() pulumi.MapOutput { return o.ApplyT(func(v SecretsMountMysqlLegacy) map[string]interface{} { return v.Data }).(pulumi.MapOutput) } -// The maximum number of seconds to keep -// a connection alive for. +// The maximum amount of time a connection may be reused. func (o SecretsMountMysqlLegacyOutput) MaxConnectionLifetime() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretsMountMysqlLegacy) *int { return v.MaxConnectionLifetime }).(pulumi.IntPtrOutput) } // The maximum number of idle connections to -// maintain. +// the database. func (o SecretsMountMysqlLegacyOutput) MaxIdleConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretsMountMysqlLegacy) *int { return v.MaxIdleConnections }).(pulumi.IntPtrOutput) } // The maximum number of open connections to -// use. +// the database. func (o SecretsMountMysqlLegacyOutput) MaxOpenConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretsMountMysqlLegacy) *int { return v.MaxOpenConnections }).(pulumi.IntPtrOutput) } @@ -7503,7 +8292,7 @@ func (o SecretsMountMysqlLegacyOutput) Name() pulumi.StringOutput { return o.ApplyT(func(v SecretsMountMysqlLegacy) string { return v.Name }).(pulumi.StringOutput) } -// The password to be used in the connection. +// The root credential password used in the connection URL. func (o SecretsMountMysqlLegacyOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountMysqlLegacy) *string { return v.Password }).(pulumi.StringPtrOutput) } @@ -7518,12 +8307,12 @@ func (o SecretsMountMysqlLegacyOutput) RootRotationStatements() pulumi.StringArr return o.ApplyT(func(v SecretsMountMysqlLegacy) []string { return v.RootRotationStatements }).(pulumi.StringArrayOutput) } -// The username to be used in the connection (the account admin level). +// The root credential username used in the connection URL. func (o SecretsMountMysqlLegacyOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountMysqlLegacy) *string { return v.Username }).(pulumi.StringPtrOutput) } -// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. +// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. func (o SecretsMountMysqlLegacyOutput) UsernameTemplate() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountMysqlLegacy) *string { return v.UsernameTemplate }).(pulumi.StringPtrOutput) } @@ -7548,6 +8337,12 @@ func (o SecretsMountMysqlLegacyArrayOutput) ToSecretsMountMysqlLegacyArrayOutput return o } +func (o SecretsMountMysqlLegacyArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]SecretsMountMysqlLegacy] { + return pulumix.Output[[]SecretsMountMysqlLegacy]{ + OutputState: o.OutputState, + } +} + func (o SecretsMountMysqlLegacyArrayOutput) Index(i pulumi.IntInput) SecretsMountMysqlLegacyOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) SecretsMountMysqlLegacy { return vs[0].([]SecretsMountMysqlLegacy)[vs[1].(int)] @@ -7558,30 +8353,31 @@ type SecretsMountMysqlRd struct { // A list of roles that are allowed to use this // connection. AllowedRoles []string `pulumi:"allowedRoles"` - // A URL containing connection information.\ - // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + // Specifies the Redshift DSN. + // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) ConnectionUrl *string `pulumi:"connectionUrl"` // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + // + // Supported list of database secrets engines that can be configured: Data map[string]interface{} `pulumi:"data"` - // The maximum number of seconds to keep - // a connection alive for. + // The maximum amount of time a connection may be reused. MaxConnectionLifetime *int `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // maintain. + // the database. MaxIdleConnections *int `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // use. + // the database. MaxOpenConnections *int `pulumi:"maxOpenConnections"` Name string `pulumi:"name"` - // The password to be used in the connection. + // The root credential password used in the connection URL. Password *string `pulumi:"password"` // Specifies the name of the plugin to use. PluginName *string `pulumi:"pluginName"` // A list of database statements to be executed to rotate the root user's credentials. RootRotationStatements []string `pulumi:"rootRotationStatements"` - // The username to be used in the connection (the account admin level). + // The root credential username used in the connection URL. Username *string `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. UsernameTemplate *string `pulumi:"usernameTemplate"` // Whether the connection should be verified on // initial configuration or not. @@ -7603,30 +8399,31 @@ type SecretsMountMysqlRdArgs struct { // A list of roles that are allowed to use this // connection. AllowedRoles pulumi.StringArrayInput `pulumi:"allowedRoles"` - // A URL containing connection information.\ - // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + // Specifies the Redshift DSN. + // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) ConnectionUrl pulumi.StringPtrInput `pulumi:"connectionUrl"` // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + // + // Supported list of database secrets engines that can be configured: Data pulumi.MapInput `pulumi:"data"` - // The maximum number of seconds to keep - // a connection alive for. + // The maximum amount of time a connection may be reused. MaxConnectionLifetime pulumi.IntPtrInput `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // maintain. + // the database. MaxIdleConnections pulumi.IntPtrInput `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // use. + // the database. MaxOpenConnections pulumi.IntPtrInput `pulumi:"maxOpenConnections"` Name pulumi.StringInput `pulumi:"name"` - // The password to be used in the connection. + // The root credential password used in the connection URL. Password pulumi.StringPtrInput `pulumi:"password"` // Specifies the name of the plugin to use. PluginName pulumi.StringPtrInput `pulumi:"pluginName"` // A list of database statements to be executed to rotate the root user's credentials. RootRotationStatements pulumi.StringArrayInput `pulumi:"rootRotationStatements"` - // The username to be used in the connection (the account admin level). + // The root credential username used in the connection URL. Username pulumi.StringPtrInput `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. UsernameTemplate pulumi.StringPtrInput `pulumi:"usernameTemplate"` // Whether the connection should be verified on // initial configuration or not. @@ -7645,6 +8442,12 @@ func (i SecretsMountMysqlRdArgs) ToSecretsMountMysqlRdOutputWithContext(ctx cont return pulumi.ToOutputWithContext(ctx, i).(SecretsMountMysqlRdOutput) } +func (i SecretsMountMysqlRdArgs) ToOutput(ctx context.Context) pulumix.Output[SecretsMountMysqlRd] { + return pulumix.Output[SecretsMountMysqlRd]{ + OutputState: i.ToSecretsMountMysqlRdOutputWithContext(ctx).OutputState, + } +} + // SecretsMountMysqlRdArrayInput is an input type that accepts SecretsMountMysqlRdArray and SecretsMountMysqlRdArrayOutput values. // You can construct a concrete instance of `SecretsMountMysqlRdArrayInput` via: // @@ -7670,6 +8473,12 @@ func (i SecretsMountMysqlRdArray) ToSecretsMountMysqlRdArrayOutputWithContext(ct return pulumi.ToOutputWithContext(ctx, i).(SecretsMountMysqlRdArrayOutput) } +func (i SecretsMountMysqlRdArray) ToOutput(ctx context.Context) pulumix.Output[[]SecretsMountMysqlRd] { + return pulumix.Output[[]SecretsMountMysqlRd]{ + OutputState: i.ToSecretsMountMysqlRdArrayOutputWithContext(ctx).OutputState, + } +} + type SecretsMountMysqlRdOutput struct{ *pulumi.OutputState } func (SecretsMountMysqlRdOutput) ElementType() reflect.Type { @@ -7684,37 +8493,44 @@ func (o SecretsMountMysqlRdOutput) ToSecretsMountMysqlRdOutputWithContext(ctx co return o } +func (o SecretsMountMysqlRdOutput) ToOutput(ctx context.Context) pulumix.Output[SecretsMountMysqlRd] { + return pulumix.Output[SecretsMountMysqlRd]{ + OutputState: o.OutputState, + } +} + // A list of roles that are allowed to use this // connection. func (o SecretsMountMysqlRdOutput) AllowedRoles() pulumi.StringArrayOutput { return o.ApplyT(func(v SecretsMountMysqlRd) []string { return v.AllowedRoles }).(pulumi.StringArrayOutput) } -// A URL containing connection information.\ -// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) +// Specifies the Redshift DSN. +// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) func (o SecretsMountMysqlRdOutput) ConnectionUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountMysqlRd) *string { return v.ConnectionUrl }).(pulumi.StringPtrOutput) } // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. +// +// Supported list of database secrets engines that can be configured: func (o SecretsMountMysqlRdOutput) Data() pulumi.MapOutput { return o.ApplyT(func(v SecretsMountMysqlRd) map[string]interface{} { return v.Data }).(pulumi.MapOutput) } -// The maximum number of seconds to keep -// a connection alive for. +// The maximum amount of time a connection may be reused. func (o SecretsMountMysqlRdOutput) MaxConnectionLifetime() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretsMountMysqlRd) *int { return v.MaxConnectionLifetime }).(pulumi.IntPtrOutput) } // The maximum number of idle connections to -// maintain. +// the database. func (o SecretsMountMysqlRdOutput) MaxIdleConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretsMountMysqlRd) *int { return v.MaxIdleConnections }).(pulumi.IntPtrOutput) } // The maximum number of open connections to -// use. +// the database. func (o SecretsMountMysqlRdOutput) MaxOpenConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretsMountMysqlRd) *int { return v.MaxOpenConnections }).(pulumi.IntPtrOutput) } @@ -7723,7 +8539,7 @@ func (o SecretsMountMysqlRdOutput) Name() pulumi.StringOutput { return o.ApplyT(func(v SecretsMountMysqlRd) string { return v.Name }).(pulumi.StringOutput) } -// The password to be used in the connection. +// The root credential password used in the connection URL. func (o SecretsMountMysqlRdOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountMysqlRd) *string { return v.Password }).(pulumi.StringPtrOutput) } @@ -7738,12 +8554,12 @@ func (o SecretsMountMysqlRdOutput) RootRotationStatements() pulumi.StringArrayOu return o.ApplyT(func(v SecretsMountMysqlRd) []string { return v.RootRotationStatements }).(pulumi.StringArrayOutput) } -// The username to be used in the connection (the account admin level). +// The root credential username used in the connection URL. func (o SecretsMountMysqlRdOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountMysqlRd) *string { return v.Username }).(pulumi.StringPtrOutput) } -// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. +// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. func (o SecretsMountMysqlRdOutput) UsernameTemplate() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountMysqlRd) *string { return v.UsernameTemplate }).(pulumi.StringPtrOutput) } @@ -7768,6 +8584,12 @@ func (o SecretsMountMysqlRdArrayOutput) ToSecretsMountMysqlRdArrayOutputWithCont return o } +func (o SecretsMountMysqlRdArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]SecretsMountMysqlRd] { + return pulumix.Output[[]SecretsMountMysqlRd]{ + OutputState: o.OutputState, + } +} + func (o SecretsMountMysqlRdArrayOutput) Index(i pulumi.IntInput) SecretsMountMysqlRdOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) SecretsMountMysqlRd { return vs[0].([]SecretsMountMysqlRd)[vs[1].(int)] @@ -7778,30 +8600,31 @@ type SecretsMountOracle struct { // A list of roles that are allowed to use this // connection. AllowedRoles []string `pulumi:"allowedRoles"` - // A URL containing connection information.\ - // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + // Specifies the Redshift DSN. + // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) ConnectionUrl *string `pulumi:"connectionUrl"` // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + // + // Supported list of database secrets engines that can be configured: Data map[string]interface{} `pulumi:"data"` - // The maximum number of seconds to keep - // a connection alive for. + // The maximum amount of time a connection may be reused. MaxConnectionLifetime *int `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // maintain. + // the database. MaxIdleConnections *int `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // use. + // the database. MaxOpenConnections *int `pulumi:"maxOpenConnections"` Name string `pulumi:"name"` - // The password to be used in the connection. + // The root credential password used in the connection URL. Password *string `pulumi:"password"` // Specifies the name of the plugin to use. PluginName *string `pulumi:"pluginName"` // A list of database statements to be executed to rotate the root user's credentials. RootRotationStatements []string `pulumi:"rootRotationStatements"` - // The username to be used in the connection (the account admin level). + // The root credential username used in the connection URL. Username *string `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. UsernameTemplate *string `pulumi:"usernameTemplate"` // Whether the connection should be verified on // initial configuration or not. @@ -7823,30 +8646,31 @@ type SecretsMountOracleArgs struct { // A list of roles that are allowed to use this // connection. AllowedRoles pulumi.StringArrayInput `pulumi:"allowedRoles"` - // A URL containing connection information.\ - // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + // Specifies the Redshift DSN. + // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) ConnectionUrl pulumi.StringPtrInput `pulumi:"connectionUrl"` // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + // + // Supported list of database secrets engines that can be configured: Data pulumi.MapInput `pulumi:"data"` - // The maximum number of seconds to keep - // a connection alive for. + // The maximum amount of time a connection may be reused. MaxConnectionLifetime pulumi.IntPtrInput `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // maintain. + // the database. MaxIdleConnections pulumi.IntPtrInput `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // use. + // the database. MaxOpenConnections pulumi.IntPtrInput `pulumi:"maxOpenConnections"` Name pulumi.StringInput `pulumi:"name"` - // The password to be used in the connection. + // The root credential password used in the connection URL. Password pulumi.StringPtrInput `pulumi:"password"` // Specifies the name of the plugin to use. PluginName pulumi.StringPtrInput `pulumi:"pluginName"` // A list of database statements to be executed to rotate the root user's credentials. RootRotationStatements pulumi.StringArrayInput `pulumi:"rootRotationStatements"` - // The username to be used in the connection (the account admin level). + // The root credential username used in the connection URL. Username pulumi.StringPtrInput `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. UsernameTemplate pulumi.StringPtrInput `pulumi:"usernameTemplate"` // Whether the connection should be verified on // initial configuration or not. @@ -7865,6 +8689,12 @@ func (i SecretsMountOracleArgs) ToSecretsMountOracleOutputWithContext(ctx contex return pulumi.ToOutputWithContext(ctx, i).(SecretsMountOracleOutput) } +func (i SecretsMountOracleArgs) ToOutput(ctx context.Context) pulumix.Output[SecretsMountOracle] { + return pulumix.Output[SecretsMountOracle]{ + OutputState: i.ToSecretsMountOracleOutputWithContext(ctx).OutputState, + } +} + // SecretsMountOracleArrayInput is an input type that accepts SecretsMountOracleArray and SecretsMountOracleArrayOutput values. // You can construct a concrete instance of `SecretsMountOracleArrayInput` via: // @@ -7890,6 +8720,12 @@ func (i SecretsMountOracleArray) ToSecretsMountOracleArrayOutputWithContext(ctx return pulumi.ToOutputWithContext(ctx, i).(SecretsMountOracleArrayOutput) } +func (i SecretsMountOracleArray) ToOutput(ctx context.Context) pulumix.Output[[]SecretsMountOracle] { + return pulumix.Output[[]SecretsMountOracle]{ + OutputState: i.ToSecretsMountOracleArrayOutputWithContext(ctx).OutputState, + } +} + type SecretsMountOracleOutput struct{ *pulumi.OutputState } func (SecretsMountOracleOutput) ElementType() reflect.Type { @@ -7904,37 +8740,44 @@ func (o SecretsMountOracleOutput) ToSecretsMountOracleOutputWithContext(ctx cont return o } +func (o SecretsMountOracleOutput) ToOutput(ctx context.Context) pulumix.Output[SecretsMountOracle] { + return pulumix.Output[SecretsMountOracle]{ + OutputState: o.OutputState, + } +} + // A list of roles that are allowed to use this // connection. func (o SecretsMountOracleOutput) AllowedRoles() pulumi.StringArrayOutput { return o.ApplyT(func(v SecretsMountOracle) []string { return v.AllowedRoles }).(pulumi.StringArrayOutput) } -// A URL containing connection information.\ -// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) +// Specifies the Redshift DSN. +// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) func (o SecretsMountOracleOutput) ConnectionUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountOracle) *string { return v.ConnectionUrl }).(pulumi.StringPtrOutput) } // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. +// +// Supported list of database secrets engines that can be configured: func (o SecretsMountOracleOutput) Data() pulumi.MapOutput { return o.ApplyT(func(v SecretsMountOracle) map[string]interface{} { return v.Data }).(pulumi.MapOutput) } -// The maximum number of seconds to keep -// a connection alive for. +// The maximum amount of time a connection may be reused. func (o SecretsMountOracleOutput) MaxConnectionLifetime() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretsMountOracle) *int { return v.MaxConnectionLifetime }).(pulumi.IntPtrOutput) } // The maximum number of idle connections to -// maintain. +// the database. func (o SecretsMountOracleOutput) MaxIdleConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretsMountOracle) *int { return v.MaxIdleConnections }).(pulumi.IntPtrOutput) } // The maximum number of open connections to -// use. +// the database. func (o SecretsMountOracleOutput) MaxOpenConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretsMountOracle) *int { return v.MaxOpenConnections }).(pulumi.IntPtrOutput) } @@ -7943,7 +8786,7 @@ func (o SecretsMountOracleOutput) Name() pulumi.StringOutput { return o.ApplyT(func(v SecretsMountOracle) string { return v.Name }).(pulumi.StringOutput) } -// The password to be used in the connection. +// The root credential password used in the connection URL. func (o SecretsMountOracleOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountOracle) *string { return v.Password }).(pulumi.StringPtrOutput) } @@ -7958,12 +8801,12 @@ func (o SecretsMountOracleOutput) RootRotationStatements() pulumi.StringArrayOut return o.ApplyT(func(v SecretsMountOracle) []string { return v.RootRotationStatements }).(pulumi.StringArrayOutput) } -// The username to be used in the connection (the account admin level). +// The root credential username used in the connection URL. func (o SecretsMountOracleOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountOracle) *string { return v.Username }).(pulumi.StringPtrOutput) } -// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. +// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. func (o SecretsMountOracleOutput) UsernameTemplate() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountOracle) *string { return v.UsernameTemplate }).(pulumi.StringPtrOutput) } @@ -7988,6 +8831,12 @@ func (o SecretsMountOracleArrayOutput) ToSecretsMountOracleArrayOutputWithContex return o } +func (o SecretsMountOracleArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]SecretsMountOracle] { + return pulumix.Output[[]SecretsMountOracle]{ + OutputState: o.OutputState, + } +} + func (o SecretsMountOracleArrayOutput) Index(i pulumi.IntInput) SecretsMountOracleOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) SecretsMountOracle { return vs[0].([]SecretsMountOracle)[vs[1].(int)] @@ -7999,33 +8848,34 @@ type SecretsMountPostgresql struct { // connection. AllowedRoles []string `pulumi:"allowedRoles"` AuthType *string `pulumi:"authType"` - // A URL containing connection information.\ - // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + // Specifies the Redshift DSN. + // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) ConnectionUrl *string `pulumi:"connectionUrl"` // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + // + // Supported list of database secrets engines that can be configured: Data map[string]interface{} `pulumi:"data"` // Disable special character escaping in username and password. DisableEscaping *bool `pulumi:"disableEscaping"` - // The maximum number of seconds to keep - // a connection alive for. + // The maximum amount of time a connection may be reused. MaxConnectionLifetime *int `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // maintain. + // the database. MaxIdleConnections *int `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // use. + // the database. MaxOpenConnections *int `pulumi:"maxOpenConnections"` Name string `pulumi:"name"` - // The password to be used in the connection. + // The root credential password used in the connection URL. Password *string `pulumi:"password"` // Specifies the name of the plugin to use. PluginName *string `pulumi:"pluginName"` // A list of database statements to be executed to rotate the root user's credentials. RootRotationStatements []string `pulumi:"rootRotationStatements"` ServiceAccountJson *string `pulumi:"serviceAccountJson"` - // The username to be used in the connection (the account admin level). + // The root credential username used in the connection URL. Username *string `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. UsernameTemplate *string `pulumi:"usernameTemplate"` // Whether the connection should be verified on // initial configuration or not. @@ -8048,33 +8898,34 @@ type SecretsMountPostgresqlArgs struct { // connection. AllowedRoles pulumi.StringArrayInput `pulumi:"allowedRoles"` AuthType pulumi.StringPtrInput `pulumi:"authType"` - // A URL containing connection information.\ - // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + // Specifies the Redshift DSN. + // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) ConnectionUrl pulumi.StringPtrInput `pulumi:"connectionUrl"` // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + // + // Supported list of database secrets engines that can be configured: Data pulumi.MapInput `pulumi:"data"` // Disable special character escaping in username and password. DisableEscaping pulumi.BoolPtrInput `pulumi:"disableEscaping"` - // The maximum number of seconds to keep - // a connection alive for. + // The maximum amount of time a connection may be reused. MaxConnectionLifetime pulumi.IntPtrInput `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // maintain. + // the database. MaxIdleConnections pulumi.IntPtrInput `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // use. + // the database. MaxOpenConnections pulumi.IntPtrInput `pulumi:"maxOpenConnections"` Name pulumi.StringInput `pulumi:"name"` - // The password to be used in the connection. + // The root credential password used in the connection URL. Password pulumi.StringPtrInput `pulumi:"password"` // Specifies the name of the plugin to use. PluginName pulumi.StringPtrInput `pulumi:"pluginName"` // A list of database statements to be executed to rotate the root user's credentials. RootRotationStatements pulumi.StringArrayInput `pulumi:"rootRotationStatements"` ServiceAccountJson pulumi.StringPtrInput `pulumi:"serviceAccountJson"` - // The username to be used in the connection (the account admin level). + // The root credential username used in the connection URL. Username pulumi.StringPtrInput `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. UsernameTemplate pulumi.StringPtrInput `pulumi:"usernameTemplate"` // Whether the connection should be verified on // initial configuration or not. @@ -8093,6 +8944,12 @@ func (i SecretsMountPostgresqlArgs) ToSecretsMountPostgresqlOutputWithContext(ct return pulumi.ToOutputWithContext(ctx, i).(SecretsMountPostgresqlOutput) } +func (i SecretsMountPostgresqlArgs) ToOutput(ctx context.Context) pulumix.Output[SecretsMountPostgresql] { + return pulumix.Output[SecretsMountPostgresql]{ + OutputState: i.ToSecretsMountPostgresqlOutputWithContext(ctx).OutputState, + } +} + // SecretsMountPostgresqlArrayInput is an input type that accepts SecretsMountPostgresqlArray and SecretsMountPostgresqlArrayOutput values. // You can construct a concrete instance of `SecretsMountPostgresqlArrayInput` via: // @@ -8118,6 +8975,12 @@ func (i SecretsMountPostgresqlArray) ToSecretsMountPostgresqlArrayOutputWithCont return pulumi.ToOutputWithContext(ctx, i).(SecretsMountPostgresqlArrayOutput) } +func (i SecretsMountPostgresqlArray) ToOutput(ctx context.Context) pulumix.Output[[]SecretsMountPostgresql] { + return pulumix.Output[[]SecretsMountPostgresql]{ + OutputState: i.ToSecretsMountPostgresqlArrayOutputWithContext(ctx).OutputState, + } +} + type SecretsMountPostgresqlOutput struct{ *pulumi.OutputState } func (SecretsMountPostgresqlOutput) ElementType() reflect.Type { @@ -8132,6 +8995,12 @@ func (o SecretsMountPostgresqlOutput) ToSecretsMountPostgresqlOutputWithContext( return o } +func (o SecretsMountPostgresqlOutput) ToOutput(ctx context.Context) pulumix.Output[SecretsMountPostgresql] { + return pulumix.Output[SecretsMountPostgresql]{ + OutputState: o.OutputState, + } +} + // A list of roles that are allowed to use this // connection. func (o SecretsMountPostgresqlOutput) AllowedRoles() pulumi.StringArrayOutput { @@ -8142,13 +9011,15 @@ func (o SecretsMountPostgresqlOutput) AuthType() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountPostgresql) *string { return v.AuthType }).(pulumi.StringPtrOutput) } -// A URL containing connection information.\ -// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) +// Specifies the Redshift DSN. +// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) func (o SecretsMountPostgresqlOutput) ConnectionUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountPostgresql) *string { return v.ConnectionUrl }).(pulumi.StringPtrOutput) } // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. +// +// Supported list of database secrets engines that can be configured: func (o SecretsMountPostgresqlOutput) Data() pulumi.MapOutput { return o.ApplyT(func(v SecretsMountPostgresql) map[string]interface{} { return v.Data }).(pulumi.MapOutput) } @@ -8158,20 +9029,19 @@ func (o SecretsMountPostgresqlOutput) DisableEscaping() pulumi.BoolPtrOutput { return o.ApplyT(func(v SecretsMountPostgresql) *bool { return v.DisableEscaping }).(pulumi.BoolPtrOutput) } -// The maximum number of seconds to keep -// a connection alive for. +// The maximum amount of time a connection may be reused. func (o SecretsMountPostgresqlOutput) MaxConnectionLifetime() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretsMountPostgresql) *int { return v.MaxConnectionLifetime }).(pulumi.IntPtrOutput) } // The maximum number of idle connections to -// maintain. +// the database. func (o SecretsMountPostgresqlOutput) MaxIdleConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretsMountPostgresql) *int { return v.MaxIdleConnections }).(pulumi.IntPtrOutput) } // The maximum number of open connections to -// use. +// the database. func (o SecretsMountPostgresqlOutput) MaxOpenConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretsMountPostgresql) *int { return v.MaxOpenConnections }).(pulumi.IntPtrOutput) } @@ -8180,7 +9050,7 @@ func (o SecretsMountPostgresqlOutput) Name() pulumi.StringOutput { return o.ApplyT(func(v SecretsMountPostgresql) string { return v.Name }).(pulumi.StringOutput) } -// The password to be used in the connection. +// The root credential password used in the connection URL. func (o SecretsMountPostgresqlOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountPostgresql) *string { return v.Password }).(pulumi.StringPtrOutput) } @@ -8199,12 +9069,12 @@ func (o SecretsMountPostgresqlOutput) ServiceAccountJson() pulumi.StringPtrOutpu return o.ApplyT(func(v SecretsMountPostgresql) *string { return v.ServiceAccountJson }).(pulumi.StringPtrOutput) } -// The username to be used in the connection (the account admin level). +// The root credential username used in the connection URL. func (o SecretsMountPostgresqlOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountPostgresql) *string { return v.Username }).(pulumi.StringPtrOutput) } -// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. +// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. func (o SecretsMountPostgresqlOutput) UsernameTemplate() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountPostgresql) *string { return v.UsernameTemplate }).(pulumi.StringPtrOutput) } @@ -8229,6 +9099,12 @@ func (o SecretsMountPostgresqlArrayOutput) ToSecretsMountPostgresqlArrayOutputWi return o } +func (o SecretsMountPostgresqlArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]SecretsMountPostgresql] { + return pulumix.Output[[]SecretsMountPostgresql]{ + OutputState: o.OutputState, + } +} + func (o SecretsMountPostgresqlArrayOutput) Index(i pulumi.IntInput) SecretsMountPostgresqlOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) SecretsMountPostgresql { return vs[0].([]SecretsMountPostgresql)[vs[1].(int)] @@ -8239,9 +9115,11 @@ type SecretsMountRedi struct { // A list of roles that are allowed to use this // connection. AllowedRoles []string `pulumi:"allowedRoles"` - // The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity. + // The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. CaCert *string `pulumi:"caCert"` // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + // + // Supported list of database secrets engines that can be configured: Data map[string]interface{} `pulumi:"data"` // The host to connect to. Host string `pulumi:"host"` @@ -8249,7 +9127,7 @@ type SecretsMountRedi struct { // certificate when using TLS. InsecureTls *bool `pulumi:"insecureTls"` Name string `pulumi:"name"` - // The password to be used in the connection. + // The root credential password used in the connection URL. Password string `pulumi:"password"` // Specifies the name of the plugin to use. PluginName *string `pulumi:"pluginName"` @@ -8258,9 +9136,9 @@ type SecretsMountRedi struct { Port *int `pulumi:"port"` // A list of database statements to be executed to rotate the root user's credentials. RootRotationStatements []string `pulumi:"rootRotationStatements"` - // Whether to use TLS when connecting to Redis. + // Whether to use TLS when connecting to Cassandra. Tls *bool `pulumi:"tls"` - // The username to be used in the connection (the account admin level). + // The root credential username used in the connection URL. Username string `pulumi:"username"` // Whether the connection should be verified on // initial configuration or not. @@ -8282,9 +9160,11 @@ type SecretsMountRediArgs struct { // A list of roles that are allowed to use this // connection. AllowedRoles pulumi.StringArrayInput `pulumi:"allowedRoles"` - // The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity. + // The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. CaCert pulumi.StringPtrInput `pulumi:"caCert"` // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + // + // Supported list of database secrets engines that can be configured: Data pulumi.MapInput `pulumi:"data"` // The host to connect to. Host pulumi.StringInput `pulumi:"host"` @@ -8292,7 +9172,7 @@ type SecretsMountRediArgs struct { // certificate when using TLS. InsecureTls pulumi.BoolPtrInput `pulumi:"insecureTls"` Name pulumi.StringInput `pulumi:"name"` - // The password to be used in the connection. + // The root credential password used in the connection URL. Password pulumi.StringInput `pulumi:"password"` // Specifies the name of the plugin to use. PluginName pulumi.StringPtrInput `pulumi:"pluginName"` @@ -8301,9 +9181,9 @@ type SecretsMountRediArgs struct { Port pulumi.IntPtrInput `pulumi:"port"` // A list of database statements to be executed to rotate the root user's credentials. RootRotationStatements pulumi.StringArrayInput `pulumi:"rootRotationStatements"` - // Whether to use TLS when connecting to Redis. + // Whether to use TLS when connecting to Cassandra. Tls pulumi.BoolPtrInput `pulumi:"tls"` - // The username to be used in the connection (the account admin level). + // The root credential username used in the connection URL. Username pulumi.StringInput `pulumi:"username"` // Whether the connection should be verified on // initial configuration or not. @@ -8322,6 +9202,12 @@ func (i SecretsMountRediArgs) ToSecretsMountRediOutputWithContext(ctx context.Co return pulumi.ToOutputWithContext(ctx, i).(SecretsMountRediOutput) } +func (i SecretsMountRediArgs) ToOutput(ctx context.Context) pulumix.Output[SecretsMountRedi] { + return pulumix.Output[SecretsMountRedi]{ + OutputState: i.ToSecretsMountRediOutputWithContext(ctx).OutputState, + } +} + // SecretsMountRediArrayInput is an input type that accepts SecretsMountRediArray and SecretsMountRediArrayOutput values. // You can construct a concrete instance of `SecretsMountRediArrayInput` via: // @@ -8347,6 +9233,12 @@ func (i SecretsMountRediArray) ToSecretsMountRediArrayOutputWithContext(ctx cont return pulumi.ToOutputWithContext(ctx, i).(SecretsMountRediArrayOutput) } +func (i SecretsMountRediArray) ToOutput(ctx context.Context) pulumix.Output[[]SecretsMountRedi] { + return pulumix.Output[[]SecretsMountRedi]{ + OutputState: i.ToSecretsMountRediArrayOutputWithContext(ctx).OutputState, + } +} + type SecretsMountRediOutput struct{ *pulumi.OutputState } func (SecretsMountRediOutput) ElementType() reflect.Type { @@ -8361,18 +9253,26 @@ func (o SecretsMountRediOutput) ToSecretsMountRediOutputWithContext(ctx context. return o } +func (o SecretsMountRediOutput) ToOutput(ctx context.Context) pulumix.Output[SecretsMountRedi] { + return pulumix.Output[SecretsMountRedi]{ + OutputState: o.OutputState, + } +} + // A list of roles that are allowed to use this // connection. func (o SecretsMountRediOutput) AllowedRoles() pulumi.StringArrayOutput { return o.ApplyT(func(v SecretsMountRedi) []string { return v.AllowedRoles }).(pulumi.StringArrayOutput) } -// The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity. +// The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. func (o SecretsMountRediOutput) CaCert() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountRedi) *string { return v.CaCert }).(pulumi.StringPtrOutput) } // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. +// +// Supported list of database secrets engines that can be configured: func (o SecretsMountRediOutput) Data() pulumi.MapOutput { return o.ApplyT(func(v SecretsMountRedi) map[string]interface{} { return v.Data }).(pulumi.MapOutput) } @@ -8392,7 +9292,7 @@ func (o SecretsMountRediOutput) Name() pulumi.StringOutput { return o.ApplyT(func(v SecretsMountRedi) string { return v.Name }).(pulumi.StringOutput) } -// The password to be used in the connection. +// The root credential password used in the connection URL. func (o SecretsMountRediOutput) Password() pulumi.StringOutput { return o.ApplyT(func(v SecretsMountRedi) string { return v.Password }).(pulumi.StringOutput) } @@ -8413,12 +9313,12 @@ func (o SecretsMountRediOutput) RootRotationStatements() pulumi.StringArrayOutpu return o.ApplyT(func(v SecretsMountRedi) []string { return v.RootRotationStatements }).(pulumi.StringArrayOutput) } -// Whether to use TLS when connecting to Redis. +// Whether to use TLS when connecting to Cassandra. func (o SecretsMountRediOutput) Tls() pulumi.BoolPtrOutput { return o.ApplyT(func(v SecretsMountRedi) *bool { return v.Tls }).(pulumi.BoolPtrOutput) } -// The username to be used in the connection (the account admin level). +// The root credential username used in the connection URL. func (o SecretsMountRediOutput) Username() pulumi.StringOutput { return o.ApplyT(func(v SecretsMountRedi) string { return v.Username }).(pulumi.StringOutput) } @@ -8443,6 +9343,12 @@ func (o SecretsMountRediArrayOutput) ToSecretsMountRediArrayOutputWithContext(ct return o } +func (o SecretsMountRediArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]SecretsMountRedi] { + return pulumix.Output[[]SecretsMountRedi]{ + OutputState: o.OutputState, + } +} + func (o SecretsMountRediArrayOutput) Index(i pulumi.IntInput) SecretsMountRediOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) SecretsMountRedi { return vs[0].([]SecretsMountRedi)[vs[1].(int)] @@ -8454,9 +9360,11 @@ type SecretsMountRedisElasticach struct { // connection. AllowedRoles []string `pulumi:"allowedRoles"` // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + // + // Supported list of database secrets engines that can be configured: Data map[string]interface{} `pulumi:"data"` Name string `pulumi:"name"` - // The password to be used in the connection. + // The root credential password used in the connection URL. Password *string `pulumi:"password"` // Specifies the name of the plugin to use. PluginName *string `pulumi:"pluginName"` @@ -8465,9 +9373,10 @@ type SecretsMountRedisElasticach struct { Region *string `pulumi:"region"` // A list of database statements to be executed to rotate the root user's credentials. RootRotationStatements []string `pulumi:"rootRotationStatements"` - // The configuration endpoint for the ElastiCache cluster to connect to. + // The URL for Elasticsearch's API. https requires certificate + // by trusted CA if used. Url string `pulumi:"url"` - // The username to be used in the connection (the account admin level). + // The root credential username used in the connection URL. Username *string `pulumi:"username"` // Whether the connection should be verified on // initial configuration or not. @@ -8490,9 +9399,11 @@ type SecretsMountRedisElasticachArgs struct { // connection. AllowedRoles pulumi.StringArrayInput `pulumi:"allowedRoles"` // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + // + // Supported list of database secrets engines that can be configured: Data pulumi.MapInput `pulumi:"data"` Name pulumi.StringInput `pulumi:"name"` - // The password to be used in the connection. + // The root credential password used in the connection URL. Password pulumi.StringPtrInput `pulumi:"password"` // Specifies the name of the plugin to use. PluginName pulumi.StringPtrInput `pulumi:"pluginName"` @@ -8501,9 +9412,10 @@ type SecretsMountRedisElasticachArgs struct { Region pulumi.StringPtrInput `pulumi:"region"` // A list of database statements to be executed to rotate the root user's credentials. RootRotationStatements pulumi.StringArrayInput `pulumi:"rootRotationStatements"` - // The configuration endpoint for the ElastiCache cluster to connect to. + // The URL for Elasticsearch's API. https requires certificate + // by trusted CA if used. Url pulumi.StringInput `pulumi:"url"` - // The username to be used in the connection (the account admin level). + // The root credential username used in the connection URL. Username pulumi.StringPtrInput `pulumi:"username"` // Whether the connection should be verified on // initial configuration or not. @@ -8522,6 +9434,12 @@ func (i SecretsMountRedisElasticachArgs) ToSecretsMountRedisElasticachOutputWith return pulumi.ToOutputWithContext(ctx, i).(SecretsMountRedisElasticachOutput) } +func (i SecretsMountRedisElasticachArgs) ToOutput(ctx context.Context) pulumix.Output[SecretsMountRedisElasticach] { + return pulumix.Output[SecretsMountRedisElasticach]{ + OutputState: i.ToSecretsMountRedisElasticachOutputWithContext(ctx).OutputState, + } +} + // SecretsMountRedisElasticachArrayInput is an input type that accepts SecretsMountRedisElasticachArray and SecretsMountRedisElasticachArrayOutput values. // You can construct a concrete instance of `SecretsMountRedisElasticachArrayInput` via: // @@ -8547,6 +9465,12 @@ func (i SecretsMountRedisElasticachArray) ToSecretsMountRedisElasticachArrayOutp return pulumi.ToOutputWithContext(ctx, i).(SecretsMountRedisElasticachArrayOutput) } +func (i SecretsMountRedisElasticachArray) ToOutput(ctx context.Context) pulumix.Output[[]SecretsMountRedisElasticach] { + return pulumix.Output[[]SecretsMountRedisElasticach]{ + OutputState: i.ToSecretsMountRedisElasticachArrayOutputWithContext(ctx).OutputState, + } +} + type SecretsMountRedisElasticachOutput struct{ *pulumi.OutputState } func (SecretsMountRedisElasticachOutput) ElementType() reflect.Type { @@ -8561,6 +9485,12 @@ func (o SecretsMountRedisElasticachOutput) ToSecretsMountRedisElasticachOutputWi return o } +func (o SecretsMountRedisElasticachOutput) ToOutput(ctx context.Context) pulumix.Output[SecretsMountRedisElasticach] { + return pulumix.Output[SecretsMountRedisElasticach]{ + OutputState: o.OutputState, + } +} + // A list of roles that are allowed to use this // connection. func (o SecretsMountRedisElasticachOutput) AllowedRoles() pulumi.StringArrayOutput { @@ -8568,6 +9498,8 @@ func (o SecretsMountRedisElasticachOutput) AllowedRoles() pulumi.StringArrayOutp } // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. +// +// Supported list of database secrets engines that can be configured: func (o SecretsMountRedisElasticachOutput) Data() pulumi.MapOutput { return o.ApplyT(func(v SecretsMountRedisElasticach) map[string]interface{} { return v.Data }).(pulumi.MapOutput) } @@ -8576,7 +9508,7 @@ func (o SecretsMountRedisElasticachOutput) Name() pulumi.StringOutput { return o.ApplyT(func(v SecretsMountRedisElasticach) string { return v.Name }).(pulumi.StringOutput) } -// The password to be used in the connection. +// The root credential password used in the connection URL. func (o SecretsMountRedisElasticachOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountRedisElasticach) *string { return v.Password }).(pulumi.StringPtrOutput) } @@ -8597,12 +9529,13 @@ func (o SecretsMountRedisElasticachOutput) RootRotationStatements() pulumi.Strin return o.ApplyT(func(v SecretsMountRedisElasticach) []string { return v.RootRotationStatements }).(pulumi.StringArrayOutput) } -// The configuration endpoint for the ElastiCache cluster to connect to. +// The URL for Elasticsearch's API. https requires certificate +// by trusted CA if used. func (o SecretsMountRedisElasticachOutput) Url() pulumi.StringOutput { return o.ApplyT(func(v SecretsMountRedisElasticach) string { return v.Url }).(pulumi.StringOutput) } -// The username to be used in the connection (the account admin level). +// The root credential username used in the connection URL. func (o SecretsMountRedisElasticachOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountRedisElasticach) *string { return v.Username }).(pulumi.StringPtrOutput) } @@ -8627,6 +9560,12 @@ func (o SecretsMountRedisElasticachArrayOutput) ToSecretsMountRedisElasticachArr return o } +func (o SecretsMountRedisElasticachArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]SecretsMountRedisElasticach] { + return pulumix.Output[[]SecretsMountRedisElasticach]{ + OutputState: o.OutputState, + } +} + func (o SecretsMountRedisElasticachArrayOutput) Index(i pulumi.IntInput) SecretsMountRedisElasticachOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) SecretsMountRedisElasticach { return vs[0].([]SecretsMountRedisElasticach)[vs[1].(int)] @@ -8637,32 +9576,33 @@ type SecretsMountRedshift struct { // A list of roles that are allowed to use this // connection. AllowedRoles []string `pulumi:"allowedRoles"` - // A URL containing connection information.\ - // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + // Specifies the Redshift DSN. + // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) ConnectionUrl *string `pulumi:"connectionUrl"` // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + // + // Supported list of database secrets engines that can be configured: Data map[string]interface{} `pulumi:"data"` // Disable special character escaping in username and password. DisableEscaping *bool `pulumi:"disableEscaping"` - // The maximum number of seconds to keep - // a connection alive for. + // The maximum amount of time a connection may be reused. MaxConnectionLifetime *int `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // maintain. + // the database. MaxIdleConnections *int `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // use. + // the database. MaxOpenConnections *int `pulumi:"maxOpenConnections"` Name string `pulumi:"name"` - // The password to be used in the connection. + // The root credential password used in the connection URL. Password *string `pulumi:"password"` // Specifies the name of the plugin to use. PluginName *string `pulumi:"pluginName"` // A list of database statements to be executed to rotate the root user's credentials. RootRotationStatements []string `pulumi:"rootRotationStatements"` - // The username to be used in the connection (the account admin level). + // The root credential username used in the connection URL. Username *string `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. UsernameTemplate *string `pulumi:"usernameTemplate"` // Whether the connection should be verified on // initial configuration or not. @@ -8684,32 +9624,33 @@ type SecretsMountRedshiftArgs struct { // A list of roles that are allowed to use this // connection. AllowedRoles pulumi.StringArrayInput `pulumi:"allowedRoles"` - // A URL containing connection information.\ - // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + // Specifies the Redshift DSN. + // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) ConnectionUrl pulumi.StringPtrInput `pulumi:"connectionUrl"` // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + // + // Supported list of database secrets engines that can be configured: Data pulumi.MapInput `pulumi:"data"` // Disable special character escaping in username and password. DisableEscaping pulumi.BoolPtrInput `pulumi:"disableEscaping"` - // The maximum number of seconds to keep - // a connection alive for. + // The maximum amount of time a connection may be reused. MaxConnectionLifetime pulumi.IntPtrInput `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // maintain. + // the database. MaxIdleConnections pulumi.IntPtrInput `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // use. + // the database. MaxOpenConnections pulumi.IntPtrInput `pulumi:"maxOpenConnections"` Name pulumi.StringInput `pulumi:"name"` - // The password to be used in the connection. + // The root credential password used in the connection URL. Password pulumi.StringPtrInput `pulumi:"password"` // Specifies the name of the plugin to use. PluginName pulumi.StringPtrInput `pulumi:"pluginName"` // A list of database statements to be executed to rotate the root user's credentials. RootRotationStatements pulumi.StringArrayInput `pulumi:"rootRotationStatements"` - // The username to be used in the connection (the account admin level). + // The root credential username used in the connection URL. Username pulumi.StringPtrInput `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. UsernameTemplate pulumi.StringPtrInput `pulumi:"usernameTemplate"` // Whether the connection should be verified on // initial configuration or not. @@ -8728,6 +9669,12 @@ func (i SecretsMountRedshiftArgs) ToSecretsMountRedshiftOutputWithContext(ctx co return pulumi.ToOutputWithContext(ctx, i).(SecretsMountRedshiftOutput) } +func (i SecretsMountRedshiftArgs) ToOutput(ctx context.Context) pulumix.Output[SecretsMountRedshift] { + return pulumix.Output[SecretsMountRedshift]{ + OutputState: i.ToSecretsMountRedshiftOutputWithContext(ctx).OutputState, + } +} + // SecretsMountRedshiftArrayInput is an input type that accepts SecretsMountRedshiftArray and SecretsMountRedshiftArrayOutput values. // You can construct a concrete instance of `SecretsMountRedshiftArrayInput` via: // @@ -8753,6 +9700,12 @@ func (i SecretsMountRedshiftArray) ToSecretsMountRedshiftArrayOutputWithContext( return pulumi.ToOutputWithContext(ctx, i).(SecretsMountRedshiftArrayOutput) } +func (i SecretsMountRedshiftArray) ToOutput(ctx context.Context) pulumix.Output[[]SecretsMountRedshift] { + return pulumix.Output[[]SecretsMountRedshift]{ + OutputState: i.ToSecretsMountRedshiftArrayOutputWithContext(ctx).OutputState, + } +} + type SecretsMountRedshiftOutput struct{ *pulumi.OutputState } func (SecretsMountRedshiftOutput) ElementType() reflect.Type { @@ -8767,19 +9720,27 @@ func (o SecretsMountRedshiftOutput) ToSecretsMountRedshiftOutputWithContext(ctx return o } +func (o SecretsMountRedshiftOutput) ToOutput(ctx context.Context) pulumix.Output[SecretsMountRedshift] { + return pulumix.Output[SecretsMountRedshift]{ + OutputState: o.OutputState, + } +} + // A list of roles that are allowed to use this // connection. func (o SecretsMountRedshiftOutput) AllowedRoles() pulumi.StringArrayOutput { return o.ApplyT(func(v SecretsMountRedshift) []string { return v.AllowedRoles }).(pulumi.StringArrayOutput) } -// A URL containing connection information.\ -// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) +// Specifies the Redshift DSN. +// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) func (o SecretsMountRedshiftOutput) ConnectionUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountRedshift) *string { return v.ConnectionUrl }).(pulumi.StringPtrOutput) } // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. +// +// Supported list of database secrets engines that can be configured: func (o SecretsMountRedshiftOutput) Data() pulumi.MapOutput { return o.ApplyT(func(v SecretsMountRedshift) map[string]interface{} { return v.Data }).(pulumi.MapOutput) } @@ -8789,20 +9750,19 @@ func (o SecretsMountRedshiftOutput) DisableEscaping() pulumi.BoolPtrOutput { return o.ApplyT(func(v SecretsMountRedshift) *bool { return v.DisableEscaping }).(pulumi.BoolPtrOutput) } -// The maximum number of seconds to keep -// a connection alive for. +// The maximum amount of time a connection may be reused. func (o SecretsMountRedshiftOutput) MaxConnectionLifetime() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretsMountRedshift) *int { return v.MaxConnectionLifetime }).(pulumi.IntPtrOutput) } // The maximum number of idle connections to -// maintain. +// the database. func (o SecretsMountRedshiftOutput) MaxIdleConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretsMountRedshift) *int { return v.MaxIdleConnections }).(pulumi.IntPtrOutput) } // The maximum number of open connections to -// use. +// the database. func (o SecretsMountRedshiftOutput) MaxOpenConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretsMountRedshift) *int { return v.MaxOpenConnections }).(pulumi.IntPtrOutput) } @@ -8811,7 +9771,7 @@ func (o SecretsMountRedshiftOutput) Name() pulumi.StringOutput { return o.ApplyT(func(v SecretsMountRedshift) string { return v.Name }).(pulumi.StringOutput) } -// The password to be used in the connection. +// The root credential password used in the connection URL. func (o SecretsMountRedshiftOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountRedshift) *string { return v.Password }).(pulumi.StringPtrOutput) } @@ -8826,12 +9786,12 @@ func (o SecretsMountRedshiftOutput) RootRotationStatements() pulumi.StringArrayO return o.ApplyT(func(v SecretsMountRedshift) []string { return v.RootRotationStatements }).(pulumi.StringArrayOutput) } -// The username to be used in the connection (the account admin level). +// The root credential username used in the connection URL. func (o SecretsMountRedshiftOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountRedshift) *string { return v.Username }).(pulumi.StringPtrOutput) } -// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. +// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. func (o SecretsMountRedshiftOutput) UsernameTemplate() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountRedshift) *string { return v.UsernameTemplate }).(pulumi.StringPtrOutput) } @@ -8856,6 +9816,12 @@ func (o SecretsMountRedshiftArrayOutput) ToSecretsMountRedshiftArrayOutputWithCo return o } +func (o SecretsMountRedshiftArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]SecretsMountRedshift] { + return pulumix.Output[[]SecretsMountRedshift]{ + OutputState: o.OutputState, + } +} + func (o SecretsMountRedshiftArrayOutput) Index(i pulumi.IntInput) SecretsMountRedshiftOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) SecretsMountRedshift { return vs[0].([]SecretsMountRedshift)[vs[1].(int)] @@ -8866,30 +9832,31 @@ type SecretsMountSnowflake struct { // A list of roles that are allowed to use this // connection. AllowedRoles []string `pulumi:"allowedRoles"` - // A URL containing connection information.\ - // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + // Specifies the Redshift DSN. + // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) ConnectionUrl *string `pulumi:"connectionUrl"` // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + // + // Supported list of database secrets engines that can be configured: Data map[string]interface{} `pulumi:"data"` - // The maximum number of seconds to keep - // a connection alive for. + // The maximum amount of time a connection may be reused. MaxConnectionLifetime *int `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // maintain. + // the database. MaxIdleConnections *int `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // use. + // the database. MaxOpenConnections *int `pulumi:"maxOpenConnections"` Name string `pulumi:"name"` - // The password to be used in the connection. + // The root credential password used in the connection URL. Password *string `pulumi:"password"` // Specifies the name of the plugin to use. PluginName *string `pulumi:"pluginName"` // A list of database statements to be executed to rotate the root user's credentials. RootRotationStatements []string `pulumi:"rootRotationStatements"` - // The username to be used in the connection (the account admin level). + // The root credential username used in the connection URL. Username *string `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. UsernameTemplate *string `pulumi:"usernameTemplate"` // Whether the connection should be verified on // initial configuration or not. @@ -8911,30 +9878,31 @@ type SecretsMountSnowflakeArgs struct { // A list of roles that are allowed to use this // connection. AllowedRoles pulumi.StringArrayInput `pulumi:"allowedRoles"` - // A URL containing connection information.\ - // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + // Specifies the Redshift DSN. + // See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) ConnectionUrl pulumi.StringPtrInput `pulumi:"connectionUrl"` // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + // + // Supported list of database secrets engines that can be configured: Data pulumi.MapInput `pulumi:"data"` - // The maximum number of seconds to keep - // a connection alive for. + // The maximum amount of time a connection may be reused. MaxConnectionLifetime pulumi.IntPtrInput `pulumi:"maxConnectionLifetime"` // The maximum number of idle connections to - // maintain. + // the database. MaxIdleConnections pulumi.IntPtrInput `pulumi:"maxIdleConnections"` // The maximum number of open connections to - // use. + // the database. MaxOpenConnections pulumi.IntPtrInput `pulumi:"maxOpenConnections"` Name pulumi.StringInput `pulumi:"name"` - // The password to be used in the connection. + // The root credential password used in the connection URL. Password pulumi.StringPtrInput `pulumi:"password"` // Specifies the name of the plugin to use. PluginName pulumi.StringPtrInput `pulumi:"pluginName"` // A list of database statements to be executed to rotate the root user's credentials. RootRotationStatements pulumi.StringArrayInput `pulumi:"rootRotationStatements"` - // The username to be used in the connection (the account admin level). + // The root credential username used in the connection URL. Username pulumi.StringPtrInput `pulumi:"username"` - // - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + // [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. UsernameTemplate pulumi.StringPtrInput `pulumi:"usernameTemplate"` // Whether the connection should be verified on // initial configuration or not. @@ -8953,6 +9921,12 @@ func (i SecretsMountSnowflakeArgs) ToSecretsMountSnowflakeOutputWithContext(ctx return pulumi.ToOutputWithContext(ctx, i).(SecretsMountSnowflakeOutput) } +func (i SecretsMountSnowflakeArgs) ToOutput(ctx context.Context) pulumix.Output[SecretsMountSnowflake] { + return pulumix.Output[SecretsMountSnowflake]{ + OutputState: i.ToSecretsMountSnowflakeOutputWithContext(ctx).OutputState, + } +} + // SecretsMountSnowflakeArrayInput is an input type that accepts SecretsMountSnowflakeArray and SecretsMountSnowflakeArrayOutput values. // You can construct a concrete instance of `SecretsMountSnowflakeArrayInput` via: // @@ -8978,6 +9952,12 @@ func (i SecretsMountSnowflakeArray) ToSecretsMountSnowflakeArrayOutputWithContex return pulumi.ToOutputWithContext(ctx, i).(SecretsMountSnowflakeArrayOutput) } +func (i SecretsMountSnowflakeArray) ToOutput(ctx context.Context) pulumix.Output[[]SecretsMountSnowflake] { + return pulumix.Output[[]SecretsMountSnowflake]{ + OutputState: i.ToSecretsMountSnowflakeArrayOutputWithContext(ctx).OutputState, + } +} + type SecretsMountSnowflakeOutput struct{ *pulumi.OutputState } func (SecretsMountSnowflakeOutput) ElementType() reflect.Type { @@ -8992,37 +9972,44 @@ func (o SecretsMountSnowflakeOutput) ToSecretsMountSnowflakeOutputWithContext(ct return o } +func (o SecretsMountSnowflakeOutput) ToOutput(ctx context.Context) pulumix.Output[SecretsMountSnowflake] { + return pulumix.Output[SecretsMountSnowflake]{ + OutputState: o.OutputState, + } +} + // A list of roles that are allowed to use this // connection. func (o SecretsMountSnowflakeOutput) AllowedRoles() pulumi.StringArrayOutput { return o.ApplyT(func(v SecretsMountSnowflake) []string { return v.AllowedRoles }).(pulumi.StringArrayOutput) } -// A URL containing connection information.\ -// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) +// Specifies the Redshift DSN. +// See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) func (o SecretsMountSnowflakeOutput) ConnectionUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountSnowflake) *string { return v.ConnectionUrl }).(pulumi.StringPtrOutput) } // A map of sensitive data to pass to the endpoint. Useful for templated connection strings. +// +// Supported list of database secrets engines that can be configured: func (o SecretsMountSnowflakeOutput) Data() pulumi.MapOutput { return o.ApplyT(func(v SecretsMountSnowflake) map[string]interface{} { return v.Data }).(pulumi.MapOutput) } -// The maximum number of seconds to keep -// a connection alive for. +// The maximum amount of time a connection may be reused. func (o SecretsMountSnowflakeOutput) MaxConnectionLifetime() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretsMountSnowflake) *int { return v.MaxConnectionLifetime }).(pulumi.IntPtrOutput) } // The maximum number of idle connections to -// maintain. +// the database. func (o SecretsMountSnowflakeOutput) MaxIdleConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretsMountSnowflake) *int { return v.MaxIdleConnections }).(pulumi.IntPtrOutput) } // The maximum number of open connections to -// use. +// the database. func (o SecretsMountSnowflakeOutput) MaxOpenConnections() pulumi.IntPtrOutput { return o.ApplyT(func(v SecretsMountSnowflake) *int { return v.MaxOpenConnections }).(pulumi.IntPtrOutput) } @@ -9031,7 +10018,7 @@ func (o SecretsMountSnowflakeOutput) Name() pulumi.StringOutput { return o.ApplyT(func(v SecretsMountSnowflake) string { return v.Name }).(pulumi.StringOutput) } -// The password to be used in the connection. +// The root credential password used in the connection URL. func (o SecretsMountSnowflakeOutput) Password() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountSnowflake) *string { return v.Password }).(pulumi.StringPtrOutput) } @@ -9046,12 +10033,12 @@ func (o SecretsMountSnowflakeOutput) RootRotationStatements() pulumi.StringArray return o.ApplyT(func(v SecretsMountSnowflake) []string { return v.RootRotationStatements }).(pulumi.StringArrayOutput) } -// The username to be used in the connection (the account admin level). +// The root credential username used in the connection URL. func (o SecretsMountSnowflakeOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountSnowflake) *string { return v.Username }).(pulumi.StringPtrOutput) } -// - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. +// [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. func (o SecretsMountSnowflakeOutput) UsernameTemplate() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretsMountSnowflake) *string { return v.UsernameTemplate }).(pulumi.StringPtrOutput) } @@ -9076,6 +10063,12 @@ func (o SecretsMountSnowflakeArrayOutput) ToSecretsMountSnowflakeArrayOutputWith return o } +func (o SecretsMountSnowflakeArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]SecretsMountSnowflake] { + return pulumix.Output[[]SecretsMountSnowflake]{ + OutputState: o.OutputState, + } +} + func (o SecretsMountSnowflakeArrayOutput) Index(i pulumi.IntInput) SecretsMountSnowflakeOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) SecretsMountSnowflake { return vs[0].([]SecretsMountSnowflake)[vs[1].(int)] diff --git a/sdk/go/vault/database/secretBackendConnection.go b/sdk/go/vault/database/secretBackendConnection.go index 9d2905ce4..63f613997 100644 --- a/sdk/go/vault/database/secretBackendConnection.go +++ b/sdk/go/vault/database/secretBackendConnection.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -111,6 +113,8 @@ type SecretBackendConnection struct { // A nested block containing configuration options for Redis connections. Redis SecretBackendConnectionRedisPtrOutput `pulumi:"redis"` // A nested block containing configuration options for Redis ElastiCache connections. + // + // Exactly one of the nested blocks of configuration options must be supplied. RedisElasticache SecretBackendConnectionRedisElasticachePtrOutput `pulumi:"redisElasticache"` // Connection parameters for the redshift-database-plugin plugin. Redshift SecretBackendConnectionRedshiftPtrOutput `pulumi:"redshift"` @@ -133,6 +137,7 @@ func NewSecretBackendConnection(ctx *pulumi.Context, if args.Backend == nil { return nil, errors.New("invalid value for required argument 'Backend'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretBackendConnection err := ctx.RegisterResource("vault:database/secretBackendConnection:SecretBackendConnection", name, args, &resource, opts...) if err != nil { @@ -202,6 +207,8 @@ type secretBackendConnectionState struct { // A nested block containing configuration options for Redis connections. Redis *SecretBackendConnectionRedis `pulumi:"redis"` // A nested block containing configuration options for Redis ElastiCache connections. + // + // Exactly one of the nested blocks of configuration options must be supplied. RedisElasticache *SecretBackendConnectionRedisElasticache `pulumi:"redisElasticache"` // Connection parameters for the redshift-database-plugin plugin. Redshift *SecretBackendConnectionRedshift `pulumi:"redshift"` @@ -262,6 +269,8 @@ type SecretBackendConnectionState struct { // A nested block containing configuration options for Redis connections. Redis SecretBackendConnectionRedisPtrInput // A nested block containing configuration options for Redis ElastiCache connections. + // + // Exactly one of the nested blocks of configuration options must be supplied. RedisElasticache SecretBackendConnectionRedisElasticachePtrInput // Connection parameters for the redshift-database-plugin plugin. Redshift SecretBackendConnectionRedshiftPtrInput @@ -326,6 +335,8 @@ type secretBackendConnectionArgs struct { // A nested block containing configuration options for Redis connections. Redis *SecretBackendConnectionRedis `pulumi:"redis"` // A nested block containing configuration options for Redis ElastiCache connections. + // + // Exactly one of the nested blocks of configuration options must be supplied. RedisElasticache *SecretBackendConnectionRedisElasticache `pulumi:"redisElasticache"` // Connection parameters for the redshift-database-plugin plugin. Redshift *SecretBackendConnectionRedshift `pulumi:"redshift"` @@ -387,6 +398,8 @@ type SecretBackendConnectionArgs struct { // A nested block containing configuration options for Redis connections. Redis SecretBackendConnectionRedisPtrInput // A nested block containing configuration options for Redis ElastiCache connections. + // + // Exactly one of the nested blocks of configuration options must be supplied. RedisElasticache SecretBackendConnectionRedisElasticachePtrInput // Connection parameters for the redshift-database-plugin plugin. Redshift SecretBackendConnectionRedshiftPtrInput @@ -422,6 +435,12 @@ func (i *SecretBackendConnection) ToSecretBackendConnectionOutputWithContext(ctx return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConnectionOutput) } +func (i *SecretBackendConnection) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConnection] { + return pulumix.Output[*SecretBackendConnection]{ + OutputState: i.ToSecretBackendConnectionOutputWithContext(ctx).OutputState, + } +} + // SecretBackendConnectionArrayInput is an input type that accepts SecretBackendConnectionArray and SecretBackendConnectionArrayOutput values. // You can construct a concrete instance of `SecretBackendConnectionArrayInput` via: // @@ -447,6 +466,12 @@ func (i SecretBackendConnectionArray) ToSecretBackendConnectionArrayOutputWithCo return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConnectionArrayOutput) } +func (i SecretBackendConnectionArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendConnection] { + return pulumix.Output[[]*SecretBackendConnection]{ + OutputState: i.ToSecretBackendConnectionArrayOutputWithContext(ctx).OutputState, + } +} + // SecretBackendConnectionMapInput is an input type that accepts SecretBackendConnectionMap and SecretBackendConnectionMapOutput values. // You can construct a concrete instance of `SecretBackendConnectionMapInput` via: // @@ -472,6 +497,12 @@ func (i SecretBackendConnectionMap) ToSecretBackendConnectionMapOutputWithContex return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConnectionMapOutput) } +func (i SecretBackendConnectionMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendConnection] { + return pulumix.Output[map[string]*SecretBackendConnection]{ + OutputState: i.ToSecretBackendConnectionMapOutputWithContext(ctx).OutputState, + } +} + type SecretBackendConnectionOutput struct{ *pulumi.OutputState } func (SecretBackendConnectionOutput) ElementType() reflect.Type { @@ -486,6 +517,12 @@ func (o SecretBackendConnectionOutput) ToSecretBackendConnectionOutputWithContex return o } +func (o SecretBackendConnectionOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConnection] { + return pulumix.Output[*SecretBackendConnection]{ + OutputState: o.OutputState, + } +} + // A list of roles that are allowed to use this // connection. func (o SecretBackendConnectionOutput) AllowedRoles() pulumi.StringArrayOutput { @@ -596,6 +633,8 @@ func (o SecretBackendConnectionOutput) Redis() SecretBackendConnectionRedisPtrOu } // A nested block containing configuration options for Redis ElastiCache connections. +// +// Exactly one of the nested blocks of configuration options must be supplied. func (o SecretBackendConnectionOutput) RedisElasticache() SecretBackendConnectionRedisElasticachePtrOutput { return o.ApplyT(func(v *SecretBackendConnection) SecretBackendConnectionRedisElasticachePtrOutput { return v.RedisElasticache @@ -637,6 +676,12 @@ func (o SecretBackendConnectionArrayOutput) ToSecretBackendConnectionArrayOutput return o } +func (o SecretBackendConnectionArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendConnection] { + return pulumix.Output[[]*SecretBackendConnection]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendConnectionArrayOutput) Index(i pulumi.IntInput) SecretBackendConnectionOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretBackendConnection { return vs[0].([]*SecretBackendConnection)[vs[1].(int)] @@ -657,6 +702,12 @@ func (o SecretBackendConnectionMapOutput) ToSecretBackendConnectionMapOutputWith return o } +func (o SecretBackendConnectionMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendConnection] { + return pulumix.Output[map[string]*SecretBackendConnection]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendConnectionMapOutput) MapIndex(k pulumi.StringInput) SecretBackendConnectionOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretBackendConnection { return vs[0].(map[string]*SecretBackendConnection)[vs[1].(string)] diff --git a/sdk/go/vault/database/secretBackendRole.go b/sdk/go/vault/database/secretBackendRole.go index 055c877ff..e87876a1c 100644 --- a/sdk/go/vault/database/secretBackendRole.go +++ b/sdk/go/vault/database/secretBackendRole.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -81,6 +83,8 @@ type SecretBackendRole struct { CreationStatements pulumi.StringArrayOutput `pulumi:"creationStatements"` // Specifies the configuration // for the given `credentialType`. + // + // The following options are available for each `credentialType` value: CredentialConfig pulumi.MapOutput `pulumi:"credentialConfig"` // Specifies the type of credential that // will be generated for the role. Options include: `password`, `rsaPrivateKey`, `clientCertificate`. @@ -129,6 +133,7 @@ func NewSecretBackendRole(ctx *pulumi.Context, if args.DbName == nil { return nil, errors.New("invalid value for required argument 'DbName'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretBackendRole err := ctx.RegisterResource("vault:database/secretBackendRole:SecretBackendRole", name, args, &resource, opts...) if err != nil { @@ -158,6 +163,8 @@ type secretBackendRoleState struct { CreationStatements []string `pulumi:"creationStatements"` // Specifies the configuration // for the given `credentialType`. + // + // The following options are available for each `credentialType` value: CredentialConfig map[string]interface{} `pulumi:"credentialConfig"` // Specifies the type of credential that // will be generated for the role. Options include: `password`, `rsaPrivateKey`, `clientCertificate`. @@ -198,6 +205,8 @@ type SecretBackendRoleState struct { CreationStatements pulumi.StringArrayInput // Specifies the configuration // for the given `credentialType`. + // + // The following options are available for each `credentialType` value: CredentialConfig pulumi.MapInput // Specifies the type of credential that // will be generated for the role. Options include: `password`, `rsaPrivateKey`, `clientCertificate`. @@ -242,6 +251,8 @@ type secretBackendRoleArgs struct { CreationStatements []string `pulumi:"creationStatements"` // Specifies the configuration // for the given `credentialType`. + // + // The following options are available for each `credentialType` value: CredentialConfig map[string]interface{} `pulumi:"credentialConfig"` // Specifies the type of credential that // will be generated for the role. Options include: `password`, `rsaPrivateKey`, `clientCertificate`. @@ -283,6 +294,8 @@ type SecretBackendRoleArgs struct { CreationStatements pulumi.StringArrayInput // Specifies the configuration // for the given `credentialType`. + // + // The following options are available for each `credentialType` value: CredentialConfig pulumi.MapInput // Specifies the type of credential that // will be generated for the role. Options include: `password`, `rsaPrivateKey`, `clientCertificate`. @@ -338,6 +351,12 @@ func (i *SecretBackendRole) ToSecretBackendRoleOutputWithContext(ctx context.Con return pulumi.ToOutputWithContext(ctx, i).(SecretBackendRoleOutput) } +func (i *SecretBackendRole) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendRole] { + return pulumix.Output[*SecretBackendRole]{ + OutputState: i.ToSecretBackendRoleOutputWithContext(ctx).OutputState, + } +} + // SecretBackendRoleArrayInput is an input type that accepts SecretBackendRoleArray and SecretBackendRoleArrayOutput values. // You can construct a concrete instance of `SecretBackendRoleArrayInput` via: // @@ -363,6 +382,12 @@ func (i SecretBackendRoleArray) ToSecretBackendRoleArrayOutputWithContext(ctx co return pulumi.ToOutputWithContext(ctx, i).(SecretBackendRoleArrayOutput) } +func (i SecretBackendRoleArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendRole] { + return pulumix.Output[[]*SecretBackendRole]{ + OutputState: i.ToSecretBackendRoleArrayOutputWithContext(ctx).OutputState, + } +} + // SecretBackendRoleMapInput is an input type that accepts SecretBackendRoleMap and SecretBackendRoleMapOutput values. // You can construct a concrete instance of `SecretBackendRoleMapInput` via: // @@ -388,6 +413,12 @@ func (i SecretBackendRoleMap) ToSecretBackendRoleMapOutputWithContext(ctx contex return pulumi.ToOutputWithContext(ctx, i).(SecretBackendRoleMapOutput) } +func (i SecretBackendRoleMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendRole] { + return pulumix.Output[map[string]*SecretBackendRole]{ + OutputState: i.ToSecretBackendRoleMapOutputWithContext(ctx).OutputState, + } +} + type SecretBackendRoleOutput struct{ *pulumi.OutputState } func (SecretBackendRoleOutput) ElementType() reflect.Type { @@ -402,6 +433,12 @@ func (o SecretBackendRoleOutput) ToSecretBackendRoleOutputWithContext(ctx contex return o } +func (o SecretBackendRoleOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendRole] { + return pulumix.Output[*SecretBackendRole]{ + OutputState: o.OutputState, + } +} + // The unique name of the Vault mount to configure. func (o SecretBackendRoleOutput) Backend() pulumi.StringOutput { return o.ApplyT(func(v *SecretBackendRole) pulumi.StringOutput { return v.Backend }).(pulumi.StringOutput) @@ -415,6 +452,8 @@ func (o SecretBackendRoleOutput) CreationStatements() pulumi.StringArrayOutput { // Specifies the configuration // for the given `credentialType`. +// +// The following options are available for each `credentialType` value: func (o SecretBackendRoleOutput) CredentialConfig() pulumi.MapOutput { return o.ApplyT(func(v *SecretBackendRole) pulumi.MapOutput { return v.CredentialConfig }).(pulumi.MapOutput) } @@ -489,6 +528,12 @@ func (o SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutputWithContext( return o } +func (o SecretBackendRoleArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendRole] { + return pulumix.Output[[]*SecretBackendRole]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendRoleArrayOutput) Index(i pulumi.IntInput) SecretBackendRoleOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretBackendRole { return vs[0].([]*SecretBackendRole)[vs[1].(int)] @@ -509,6 +554,12 @@ func (o SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutputWithContext(ctx return o } +func (o SecretBackendRoleMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendRole] { + return pulumix.Output[map[string]*SecretBackendRole]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendRoleMapOutput) MapIndex(k pulumi.StringInput) SecretBackendRoleOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretBackendRole { return vs[0].(map[string]*SecretBackendRole)[vs[1].(string)] diff --git a/sdk/go/vault/database/secretBackendStaticRole.go b/sdk/go/vault/database/secretBackendStaticRole.go index 67c2c5ca2..4545e7ee7 100644 --- a/sdk/go/vault/database/secretBackendStaticRole.go +++ b/sdk/go/vault/database/secretBackendStaticRole.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Creates a Database Secret Backend static role in Vault. Database secret backend @@ -108,6 +110,9 @@ type SecretBackendStaticRole struct { RotationPeriod pulumi.IntPtrOutput `pulumi:"rotationPeriod"` // A cron-style string that will define the schedule on which rotations should occur. // Mutually exclusive with `rotationPeriod`. + // + // **Warning**: The `rotationPeriod` and `rotationSchedule` fields are + // mutually exclusive. One of them must be set but not both. RotationSchedule pulumi.StringPtrOutput `pulumi:"rotationSchedule"` // Database statements to execute to rotate the password for the configured database user. RotationStatements pulumi.StringArrayOutput `pulumi:"rotationStatements"` @@ -134,6 +139,7 @@ func NewSecretBackendStaticRole(ctx *pulumi.Context, if args.Username == nil { return nil, errors.New("invalid value for required argument 'Username'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretBackendStaticRole err := ctx.RegisterResource("vault:database/secretBackendStaticRole:SecretBackendStaticRole", name, args, &resource, opts...) if err != nil { @@ -172,6 +178,9 @@ type secretBackendStaticRoleState struct { RotationPeriod *int `pulumi:"rotationPeriod"` // A cron-style string that will define the schedule on which rotations should occur. // Mutually exclusive with `rotationPeriod`. + // + // **Warning**: The `rotationPeriod` and `rotationSchedule` fields are + // mutually exclusive. One of them must be set but not both. RotationSchedule *string `pulumi:"rotationSchedule"` // Database statements to execute to rotate the password for the configured database user. RotationStatements []string `pulumi:"rotationStatements"` @@ -199,6 +208,9 @@ type SecretBackendStaticRoleState struct { RotationPeriod pulumi.IntPtrInput // A cron-style string that will define the schedule on which rotations should occur. // Mutually exclusive with `rotationPeriod`. + // + // **Warning**: The `rotationPeriod` and `rotationSchedule` fields are + // mutually exclusive. One of them must be set but not both. RotationSchedule pulumi.StringPtrInput // Database statements to execute to rotate the password for the configured database user. RotationStatements pulumi.StringArrayInput @@ -230,6 +242,9 @@ type secretBackendStaticRoleArgs struct { RotationPeriod *int `pulumi:"rotationPeriod"` // A cron-style string that will define the schedule on which rotations should occur. // Mutually exclusive with `rotationPeriod`. + // + // **Warning**: The `rotationPeriod` and `rotationSchedule` fields are + // mutually exclusive. One of them must be set but not both. RotationSchedule *string `pulumi:"rotationSchedule"` // Database statements to execute to rotate the password for the configured database user. RotationStatements []string `pulumi:"rotationStatements"` @@ -258,6 +273,9 @@ type SecretBackendStaticRoleArgs struct { RotationPeriod pulumi.IntPtrInput // A cron-style string that will define the schedule on which rotations should occur. // Mutually exclusive with `rotationPeriod`. + // + // **Warning**: The `rotationPeriod` and `rotationSchedule` fields are + // mutually exclusive. One of them must be set but not both. RotationSchedule pulumi.StringPtrInput // Database statements to execute to rotate the password for the configured database user. RotationStatements pulumi.StringArrayInput @@ -291,6 +309,12 @@ func (i *SecretBackendStaticRole) ToSecretBackendStaticRoleOutputWithContext(ctx return pulumi.ToOutputWithContext(ctx, i).(SecretBackendStaticRoleOutput) } +func (i *SecretBackendStaticRole) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendStaticRole] { + return pulumix.Output[*SecretBackendStaticRole]{ + OutputState: i.ToSecretBackendStaticRoleOutputWithContext(ctx).OutputState, + } +} + // SecretBackendStaticRoleArrayInput is an input type that accepts SecretBackendStaticRoleArray and SecretBackendStaticRoleArrayOutput values. // You can construct a concrete instance of `SecretBackendStaticRoleArrayInput` via: // @@ -316,6 +340,12 @@ func (i SecretBackendStaticRoleArray) ToSecretBackendStaticRoleArrayOutputWithCo return pulumi.ToOutputWithContext(ctx, i).(SecretBackendStaticRoleArrayOutput) } +func (i SecretBackendStaticRoleArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendStaticRole] { + return pulumix.Output[[]*SecretBackendStaticRole]{ + OutputState: i.ToSecretBackendStaticRoleArrayOutputWithContext(ctx).OutputState, + } +} + // SecretBackendStaticRoleMapInput is an input type that accepts SecretBackendStaticRoleMap and SecretBackendStaticRoleMapOutput values. // You can construct a concrete instance of `SecretBackendStaticRoleMapInput` via: // @@ -341,6 +371,12 @@ func (i SecretBackendStaticRoleMap) ToSecretBackendStaticRoleMapOutputWithContex return pulumi.ToOutputWithContext(ctx, i).(SecretBackendStaticRoleMapOutput) } +func (i SecretBackendStaticRoleMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendStaticRole] { + return pulumix.Output[map[string]*SecretBackendStaticRole]{ + OutputState: i.ToSecretBackendStaticRoleMapOutputWithContext(ctx).OutputState, + } +} + type SecretBackendStaticRoleOutput struct{ *pulumi.OutputState } func (SecretBackendStaticRoleOutput) ElementType() reflect.Type { @@ -355,6 +391,12 @@ func (o SecretBackendStaticRoleOutput) ToSecretBackendStaticRoleOutputWithContex return o } +func (o SecretBackendStaticRoleOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendStaticRole] { + return pulumix.Output[*SecretBackendStaticRole]{ + OutputState: o.OutputState, + } +} + // The unique name of the Vault mount to configure. func (o SecretBackendStaticRoleOutput) Backend() pulumi.StringOutput { return o.ApplyT(func(v *SecretBackendStaticRole) pulumi.StringOutput { return v.Backend }).(pulumi.StringOutput) @@ -386,6 +428,9 @@ func (o SecretBackendStaticRoleOutput) RotationPeriod() pulumi.IntPtrOutput { // A cron-style string that will define the schedule on which rotations should occur. // Mutually exclusive with `rotationPeriod`. +// +// **Warning**: The `rotationPeriod` and `rotationSchedule` fields are +// mutually exclusive. One of them must be set but not both. func (o SecretBackendStaticRoleOutput) RotationSchedule() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendStaticRole) pulumi.StringPtrOutput { return v.RotationSchedule }).(pulumi.StringPtrOutput) } @@ -420,6 +465,12 @@ func (o SecretBackendStaticRoleArrayOutput) ToSecretBackendStaticRoleArrayOutput return o } +func (o SecretBackendStaticRoleArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendStaticRole] { + return pulumix.Output[[]*SecretBackendStaticRole]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendStaticRoleArrayOutput) Index(i pulumi.IntInput) SecretBackendStaticRoleOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretBackendStaticRole { return vs[0].([]*SecretBackendStaticRole)[vs[1].(int)] @@ -440,6 +491,12 @@ func (o SecretBackendStaticRoleMapOutput) ToSecretBackendStaticRoleMapOutputWith return o } +func (o SecretBackendStaticRoleMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendStaticRole] { + return pulumix.Output[map[string]*SecretBackendStaticRole]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendStaticRoleMapOutput) MapIndex(k pulumi.StringInput) SecretBackendStaticRoleOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretBackendStaticRole { return vs[0].(map[string]*SecretBackendStaticRole)[vs[1].(string)] diff --git a/sdk/go/vault/database/secretsMount.go b/sdk/go/vault/database/secretsMount.go index b4446310c..e7fe8e6b0 100644 --- a/sdk/go/vault/database/secretsMount.go +++ b/sdk/go/vault/database/secretsMount.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -56,9 +58,9 @@ import ( // } // _, err = database.NewSecretBackendRole(ctx, "dev1", &database.SecretBackendRoleArgs{ // Backend: db.Path, -// DbName: db.Mssqls.ApplyT(func(mssqls []database.SecretsMountMssql) (string, error) { -// return mssqls[0].Name, nil -// }).(pulumi.StringOutput), +// DbName: db.Mssqls.ApplyT(func(mssqls []database.SecretsMountMssql) (*string, error) { +// return &mssqls[0].Name, nil +// }).(pulumi.StringPtrOutput), // CreationStatements: pulumi.StringArray{ // pulumi.String("CREATE LOGIN [{{name}}] WITH PASSWORD = '{{password}}';"), // pulumi.String("CREATE USER [{{name}}] FOR LOGIN [{{name}}];"), @@ -70,9 +72,9 @@ import ( // } // _, err = database.NewSecretBackendRole(ctx, "dev2", &database.SecretBackendRoleArgs{ // Backend: db.Path, -// DbName: db.Postgresqls.ApplyT(func(postgresqls []database.SecretsMountPostgresql) (string, error) { -// return postgresqls[0].Name, nil -// }).(pulumi.StringOutput), +// DbName: db.Postgresqls.ApplyT(func(postgresqls []database.SecretsMountPostgresql) (*string, error) { +// return &postgresqls[0].Name, nil +// }).(pulumi.StringPtrOutput), // CreationStatements: pulumi.StringArray{ // pulumi.String("CREATE ROLE \"{{name}}\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';"), // pulumi.String("GRANT SELECT ON ALL TABLES IN SCHEMA public TO \"{{name}}\";"), @@ -102,6 +104,8 @@ type SecretsMount struct { // Accessor of the mount Accessor pulumi.StringOutput `pulumi:"accessor"` // Set of managed key registry entry names that the mount in question is allowed to access + // + // The following arguments are common to all database engines: AllowedManagedKeys pulumi.StringArrayOutput `pulumi:"allowedManagedKeys"` // Specifies the list of keys that will not be HMAC'd by audit devices in the request data object. AuditNonHmacRequestKeys pulumi.StringArrayOutput `pulumi:"auditNonHmacRequestKeys"` @@ -193,6 +197,7 @@ func NewSecretsMount(ctx *pulumi.Context, if args.Path == nil { return nil, errors.New("invalid value for required argument 'Path'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretsMount err := ctx.RegisterResource("vault:database/secretsMount:SecretsMount", name, args, &resource, opts...) if err != nil { @@ -218,6 +223,8 @@ type secretsMountState struct { // Accessor of the mount Accessor *string `pulumi:"accessor"` // Set of managed key registry entry names that the mount in question is allowed to access + // + // The following arguments are common to all database engines: AllowedManagedKeys []string `pulumi:"allowedManagedKeys"` // Specifies the list of keys that will not be HMAC'd by audit devices in the request data object. AuditNonHmacRequestKeys []string `pulumi:"auditNonHmacRequestKeys"` @@ -303,6 +310,8 @@ type SecretsMountState struct { // Accessor of the mount Accessor pulumi.StringPtrInput // Set of managed key registry entry names that the mount in question is allowed to access + // + // The following arguments are common to all database engines: AllowedManagedKeys pulumi.StringArrayInput // Specifies the list of keys that will not be HMAC'd by audit devices in the request data object. AuditNonHmacRequestKeys pulumi.StringArrayInput @@ -390,6 +399,8 @@ func (SecretsMountState) ElementType() reflect.Type { type secretsMountArgs struct { // Set of managed key registry entry names that the mount in question is allowed to access + // + // The following arguments are common to all database engines: AllowedManagedKeys []string `pulumi:"allowedManagedKeys"` // Specifies the list of keys that will not be HMAC'd by audit devices in the request data object. AuditNonHmacRequestKeys []string `pulumi:"auditNonHmacRequestKeys"` @@ -472,6 +483,8 @@ type secretsMountArgs struct { // The set of arguments for constructing a SecretsMount resource. type SecretsMountArgs struct { // Set of managed key registry entry names that the mount in question is allowed to access + // + // The following arguments are common to all database engines: AllowedManagedKeys pulumi.StringArrayInput // Specifies the list of keys that will not be HMAC'd by audit devices in the request data object. AuditNonHmacRequestKeys pulumi.StringArrayInput @@ -574,6 +587,12 @@ func (i *SecretsMount) ToSecretsMountOutputWithContext(ctx context.Context) Secr return pulumi.ToOutputWithContext(ctx, i).(SecretsMountOutput) } +func (i *SecretsMount) ToOutput(ctx context.Context) pulumix.Output[*SecretsMount] { + return pulumix.Output[*SecretsMount]{ + OutputState: i.ToSecretsMountOutputWithContext(ctx).OutputState, + } +} + // SecretsMountArrayInput is an input type that accepts SecretsMountArray and SecretsMountArrayOutput values. // You can construct a concrete instance of `SecretsMountArrayInput` via: // @@ -599,6 +618,12 @@ func (i SecretsMountArray) ToSecretsMountArrayOutputWithContext(ctx context.Cont return pulumi.ToOutputWithContext(ctx, i).(SecretsMountArrayOutput) } +func (i SecretsMountArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretsMount] { + return pulumix.Output[[]*SecretsMount]{ + OutputState: i.ToSecretsMountArrayOutputWithContext(ctx).OutputState, + } +} + // SecretsMountMapInput is an input type that accepts SecretsMountMap and SecretsMountMapOutput values. // You can construct a concrete instance of `SecretsMountMapInput` via: // @@ -624,6 +649,12 @@ func (i SecretsMountMap) ToSecretsMountMapOutputWithContext(ctx context.Context) return pulumi.ToOutputWithContext(ctx, i).(SecretsMountMapOutput) } +func (i SecretsMountMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretsMount] { + return pulumix.Output[map[string]*SecretsMount]{ + OutputState: i.ToSecretsMountMapOutputWithContext(ctx).OutputState, + } +} + type SecretsMountOutput struct{ *pulumi.OutputState } func (SecretsMountOutput) ElementType() reflect.Type { @@ -638,12 +669,20 @@ func (o SecretsMountOutput) ToSecretsMountOutputWithContext(ctx context.Context) return o } +func (o SecretsMountOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretsMount] { + return pulumix.Output[*SecretsMount]{ + OutputState: o.OutputState, + } +} + // Accessor of the mount func (o SecretsMountOutput) Accessor() pulumi.StringOutput { return o.ApplyT(func(v *SecretsMount) pulumi.StringOutput { return v.Accessor }).(pulumi.StringOutput) } // Set of managed key registry entry names that the mount in question is allowed to access +// +// The following arguments are common to all database engines: func (o SecretsMountOutput) AllowedManagedKeys() pulumi.StringArrayOutput { return o.ApplyT(func(v *SecretsMount) pulumi.StringArrayOutput { return v.AllowedManagedKeys }).(pulumi.StringArrayOutput) } @@ -830,6 +869,12 @@ func (o SecretsMountArrayOutput) ToSecretsMountArrayOutputWithContext(ctx contex return o } +func (o SecretsMountArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretsMount] { + return pulumix.Output[[]*SecretsMount]{ + OutputState: o.OutputState, + } +} + func (o SecretsMountArrayOutput) Index(i pulumi.IntInput) SecretsMountOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretsMount { return vs[0].([]*SecretsMount)[vs[1].(int)] @@ -850,6 +895,12 @@ func (o SecretsMountMapOutput) ToSecretsMountMapOutputWithContext(ctx context.Co return o } +func (o SecretsMountMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretsMount] { + return pulumix.Output[map[string]*SecretsMount]{ + OutputState: o.OutputState, + } +} + func (o SecretsMountMapOutput) MapIndex(k pulumi.StringInput) SecretsMountOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretsMount { return vs[0].(map[string]*SecretsMount)[vs[1].(string)] diff --git a/sdk/go/vault/doc.go b/sdk/go/vault/doc.go index 135935ce3..319f5f5bc 100644 --- a/sdk/go/vault/doc.go +++ b/sdk/go/vault/doc.go @@ -1,3 +1,2 @@ // A Pulumi package for creating and managing HashiCorp Vault cloud resources. - package vault diff --git a/sdk/go/vault/egpPolicy.go b/sdk/go/vault/egpPolicy.go index 5b34416aa..1c9bd96df 100644 --- a/sdk/go/vault/egpPolicy.go +++ b/sdk/go/vault/egpPolicy.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Provides a resource to manage Endpoint Governing Policy (EGP) via [Sentinel](https://www.vaultproject.io/docs/enterprise/sentinel/index.html). @@ -78,6 +80,7 @@ func NewEgpPolicy(ctx *pulumi.Context, if args.Policy == nil { return nil, errors.New("invalid value for required argument 'Policy'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource EgpPolicy err := ctx.RegisterResource("vault:index/egpPolicy:EgpPolicy", name, args, &resource, opts...) if err != nil { @@ -191,6 +194,12 @@ func (i *EgpPolicy) ToEgpPolicyOutputWithContext(ctx context.Context) EgpPolicyO return pulumi.ToOutputWithContext(ctx, i).(EgpPolicyOutput) } +func (i *EgpPolicy) ToOutput(ctx context.Context) pulumix.Output[*EgpPolicy] { + return pulumix.Output[*EgpPolicy]{ + OutputState: i.ToEgpPolicyOutputWithContext(ctx).OutputState, + } +} + // EgpPolicyArrayInput is an input type that accepts EgpPolicyArray and EgpPolicyArrayOutput values. // You can construct a concrete instance of `EgpPolicyArrayInput` via: // @@ -216,6 +225,12 @@ func (i EgpPolicyArray) ToEgpPolicyArrayOutputWithContext(ctx context.Context) E return pulumi.ToOutputWithContext(ctx, i).(EgpPolicyArrayOutput) } +func (i EgpPolicyArray) ToOutput(ctx context.Context) pulumix.Output[[]*EgpPolicy] { + return pulumix.Output[[]*EgpPolicy]{ + OutputState: i.ToEgpPolicyArrayOutputWithContext(ctx).OutputState, + } +} + // EgpPolicyMapInput is an input type that accepts EgpPolicyMap and EgpPolicyMapOutput values. // You can construct a concrete instance of `EgpPolicyMapInput` via: // @@ -241,6 +256,12 @@ func (i EgpPolicyMap) ToEgpPolicyMapOutputWithContext(ctx context.Context) EgpPo return pulumi.ToOutputWithContext(ctx, i).(EgpPolicyMapOutput) } +func (i EgpPolicyMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*EgpPolicy] { + return pulumix.Output[map[string]*EgpPolicy]{ + OutputState: i.ToEgpPolicyMapOutputWithContext(ctx).OutputState, + } +} + type EgpPolicyOutput struct{ *pulumi.OutputState } func (EgpPolicyOutput) ElementType() reflect.Type { @@ -255,6 +276,12 @@ func (o EgpPolicyOutput) ToEgpPolicyOutputWithContext(ctx context.Context) EgpPo return o } +func (o EgpPolicyOutput) ToOutput(ctx context.Context) pulumix.Output[*EgpPolicy] { + return pulumix.Output[*EgpPolicy]{ + OutputState: o.OutputState, + } +} + // Enforcement level of Sentinel policy. Can be either `advisory` or `soft-mandatory` or `hard-mandatory` func (o EgpPolicyOutput) EnforcementLevel() pulumi.StringOutput { return o.ApplyT(func(v *EgpPolicy) pulumi.StringOutput { return v.EnforcementLevel }).(pulumi.StringOutput) @@ -297,6 +324,12 @@ func (o EgpPolicyArrayOutput) ToEgpPolicyArrayOutputWithContext(ctx context.Cont return o } +func (o EgpPolicyArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*EgpPolicy] { + return pulumix.Output[[]*EgpPolicy]{ + OutputState: o.OutputState, + } +} + func (o EgpPolicyArrayOutput) Index(i pulumi.IntInput) EgpPolicyOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *EgpPolicy { return vs[0].([]*EgpPolicy)[vs[1].(int)] @@ -317,6 +350,12 @@ func (o EgpPolicyMapOutput) ToEgpPolicyMapOutputWithContext(ctx context.Context) return o } +func (o EgpPolicyMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*EgpPolicy] { + return pulumix.Output[map[string]*EgpPolicy]{ + OutputState: o.OutputState, + } +} + func (o EgpPolicyMapOutput) MapIndex(k pulumi.StringInput) EgpPolicyOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *EgpPolicy { return vs[0].(map[string]*EgpPolicy)[vs[1].(string)] diff --git a/sdk/go/vault/gcp/authBackend.go b/sdk/go/vault/gcp/authBackend.go index 1fef4269c..eac619a93 100644 --- a/sdk/go/vault/gcp/authBackend.go +++ b/sdk/go/vault/gcp/authBackend.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Provides a resource to configure the [GCP auth backend within Vault](https://www.vaultproject.io/docs/auth/gcp.html). @@ -19,7 +21,7 @@ import ( // // import ( // -// "io/ioutil" +// "os" // // "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/gcp" // "github.com/pulumi/pulumi/sdk/v3/go/pulumi" @@ -27,7 +29,7 @@ import ( // ) // // func readFileOrPanic(path string) pulumi.StringPtrInput { -// data, err := ioutil.ReadFile(path) +// data, err := os.ReadFile(path) // if err != nil { // panic(err.Error()) // } @@ -79,6 +81,8 @@ type AuthBackend struct { // used when making API requests. This allows specific requests made during authentication // to target alternative service endpoints for use in [Private Google Access](https://cloud.google.com/vpc/docs/configure-private-google-access) // environments. Requires Vault 1.11+. + // + // Overrides are set at the subdomain level using the following keys: CustomEndpoint AuthBackendCustomEndpointPtrOutput `pulumi:"customEndpoint"` // A description of the auth method. Description pulumi.StringPtrOutput `pulumi:"description"` @@ -108,12 +112,13 @@ func NewAuthBackend(ctx *pulumi.Context, } if args.Credentials != nil { - args.Credentials = pulumi.ToSecret(args.Credentials).(pulumi.StringPtrOutput) + args.Credentials = pulumi.ToSecret(args.Credentials).(pulumi.StringPtrInput) } secrets := pulumi.AdditionalSecretOutputs([]string{ "credentials", }) opts = append(opts, secrets) + opts = internal.PkgResourceDefaultOpts(opts) var resource AuthBackend err := ctx.RegisterResource("vault:gcp/authBackend:AuthBackend", name, args, &resource, opts...) if err != nil { @@ -149,6 +154,8 @@ type authBackendState struct { // used when making API requests. This allows specific requests made during authentication // to target alternative service endpoints for use in [Private Google Access](https://cloud.google.com/vpc/docs/configure-private-google-access) // environments. Requires Vault 1.11+. + // + // Overrides are set at the subdomain level using the following keys: CustomEndpoint *AuthBackendCustomEndpoint `pulumi:"customEndpoint"` // A description of the auth method. Description *string `pulumi:"description"` @@ -184,6 +191,8 @@ type AuthBackendState struct { // used when making API requests. This allows specific requests made during authentication // to target alternative service endpoints for use in [Private Google Access](https://cloud.google.com/vpc/docs/configure-private-google-access) // environments. Requires Vault 1.11+. + // + // Overrides are set at the subdomain level using the following keys: CustomEndpoint AuthBackendCustomEndpointPtrInput // A description of the auth method. Description pulumi.StringPtrInput @@ -221,6 +230,8 @@ type authBackendArgs struct { // used when making API requests. This allows specific requests made during authentication // to target alternative service endpoints for use in [Private Google Access](https://cloud.google.com/vpc/docs/configure-private-google-access) // environments. Requires Vault 1.11+. + // + // Overrides are set at the subdomain level using the following keys: CustomEndpoint *AuthBackendCustomEndpoint `pulumi:"customEndpoint"` // A description of the auth method. Description *string `pulumi:"description"` @@ -255,6 +266,8 @@ type AuthBackendArgs struct { // used when making API requests. This allows specific requests made during authentication // to target alternative service endpoints for use in [Private Google Access](https://cloud.google.com/vpc/docs/configure-private-google-access) // environments. Requires Vault 1.11+. + // + // Overrides are set at the subdomain level using the following keys: CustomEndpoint AuthBackendCustomEndpointPtrInput // A description of the auth method. Description pulumi.StringPtrInput @@ -299,6 +312,12 @@ func (i *AuthBackend) ToAuthBackendOutputWithContext(ctx context.Context) AuthBa return pulumi.ToOutputWithContext(ctx, i).(AuthBackendOutput) } +func (i *AuthBackend) ToOutput(ctx context.Context) pulumix.Output[*AuthBackend] { + return pulumix.Output[*AuthBackend]{ + OutputState: i.ToAuthBackendOutputWithContext(ctx).OutputState, + } +} + // AuthBackendArrayInput is an input type that accepts AuthBackendArray and AuthBackendArrayOutput values. // You can construct a concrete instance of `AuthBackendArrayInput` via: // @@ -324,6 +343,12 @@ func (i AuthBackendArray) ToAuthBackendArrayOutputWithContext(ctx context.Contex return pulumi.ToOutputWithContext(ctx, i).(AuthBackendArrayOutput) } +func (i AuthBackendArray) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackend] { + return pulumix.Output[[]*AuthBackend]{ + OutputState: i.ToAuthBackendArrayOutputWithContext(ctx).OutputState, + } +} + // AuthBackendMapInput is an input type that accepts AuthBackendMap and AuthBackendMapOutput values. // You can construct a concrete instance of `AuthBackendMapInput` via: // @@ -349,6 +374,12 @@ func (i AuthBackendMap) ToAuthBackendMapOutputWithContext(ctx context.Context) A return pulumi.ToOutputWithContext(ctx, i).(AuthBackendMapOutput) } +func (i AuthBackendMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackend] { + return pulumix.Output[map[string]*AuthBackend]{ + OutputState: i.ToAuthBackendMapOutputWithContext(ctx).OutputState, + } +} + type AuthBackendOutput struct{ *pulumi.OutputState } func (AuthBackendOutput) ElementType() reflect.Type { @@ -363,6 +394,12 @@ func (o AuthBackendOutput) ToAuthBackendOutputWithContext(ctx context.Context) A return o } +func (o AuthBackendOutput) ToOutput(ctx context.Context) pulumix.Output[*AuthBackend] { + return pulumix.Output[*AuthBackend]{ + OutputState: o.OutputState, + } +} + // The mount accessor related to the auth mount. It is useful for integration with [Identity Secrets Engine](https://www.vaultproject.io/docs/secrets/identity/index.html). func (o AuthBackendOutput) Accessor() pulumi.StringOutput { return o.ApplyT(func(v *AuthBackend) pulumi.StringOutput { return v.Accessor }).(pulumi.StringOutput) @@ -388,6 +425,8 @@ func (o AuthBackendOutput) Credentials() pulumi.StringPtrOutput { // used when making API requests. This allows specific requests made during authentication // to target alternative service endpoints for use in [Private Google Access](https://cloud.google.com/vpc/docs/configure-private-google-access) // environments. Requires Vault 1.11+. +// +// Overrides are set at the subdomain level using the following keys: func (o AuthBackendOutput) CustomEndpoint() AuthBackendCustomEndpointPtrOutput { return o.ApplyT(func(v *AuthBackend) AuthBackendCustomEndpointPtrOutput { return v.CustomEndpoint }).(AuthBackendCustomEndpointPtrOutput) } @@ -445,6 +484,12 @@ func (o AuthBackendArrayOutput) ToAuthBackendArrayOutputWithContext(ctx context. return o } +func (o AuthBackendArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackend] { + return pulumix.Output[[]*AuthBackend]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendArrayOutput) Index(i pulumi.IntInput) AuthBackendOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AuthBackend { return vs[0].([]*AuthBackend)[vs[1].(int)] @@ -465,6 +510,12 @@ func (o AuthBackendMapOutput) ToAuthBackendMapOutputWithContext(ctx context.Cont return o } +func (o AuthBackendMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackend] { + return pulumix.Output[map[string]*AuthBackend]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendMapOutput) MapIndex(k pulumi.StringInput) AuthBackendOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AuthBackend { return vs[0].(map[string]*AuthBackend)[vs[1].(string)] diff --git a/sdk/go/vault/gcp/authBackendRole.go b/sdk/go/vault/gcp/authBackendRole.go index 46546db0b..da68f80a5 100644 --- a/sdk/go/vault/gcp/authBackendRole.go +++ b/sdk/go/vault/gcp/authBackendRole.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Provides a resource to create a role in an [GCP auth backend within Vault](https://www.vaultproject.io/docs/auth/gcp.html). @@ -83,7 +85,7 @@ type AuthBackendRole struct { BoundInstanceGroups pulumi.StringArrayOutput `pulumi:"boundInstanceGroups"` // A comma-separated list of GCP labels formatted as `"key:value"` strings that must be set on authorized GCE instances. Because GCP labels are not currently ACL'd, we recommend that this be used in conjunction with other restrictions. BoundLabels pulumi.StringArrayOutput `pulumi:"boundLabels"` - // GCP Projects that the role exists within + // An array of GCP project IDs. Only entities belonging to this project can authenticate under the role. BoundProjects pulumi.StringArrayOutput `pulumi:"boundProjects"` // The list of regions that a GCE instance must belong to in order to be authenticated. If boundInstanceGroups is provided, it is assumed to be a regional group and the group must belong to this region. If boundZones are provided, this attribute is ignored. BoundRegions pulumi.StringArrayOutput `pulumi:"boundRegions"` @@ -152,6 +154,7 @@ func NewAuthBackendRole(ctx *pulumi.Context, if args.Type == nil { return nil, errors.New("invalid value for required argument 'Type'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource AuthBackendRole err := ctx.RegisterResource("vault:gcp/authBackendRole:AuthBackendRole", name, args, &resource, opts...) if err != nil { @@ -183,7 +186,7 @@ type authBackendRoleState struct { BoundInstanceGroups []string `pulumi:"boundInstanceGroups"` // A comma-separated list of GCP labels formatted as `"key:value"` strings that must be set on authorized GCE instances. Because GCP labels are not currently ACL'd, we recommend that this be used in conjunction with other restrictions. BoundLabels []string `pulumi:"boundLabels"` - // GCP Projects that the role exists within + // An array of GCP project IDs. Only entities belonging to this project can authenticate under the role. BoundProjects []string `pulumi:"boundProjects"` // The list of regions that a GCE instance must belong to in order to be authenticated. If boundInstanceGroups is provided, it is assumed to be a regional group and the group must belong to this region. If boundZones are provided, this attribute is ignored. BoundRegions []string `pulumi:"boundRegions"` @@ -249,7 +252,7 @@ type AuthBackendRoleState struct { BoundInstanceGroups pulumi.StringArrayInput // A comma-separated list of GCP labels formatted as `"key:value"` strings that must be set on authorized GCE instances. Because GCP labels are not currently ACL'd, we recommend that this be used in conjunction with other restrictions. BoundLabels pulumi.StringArrayInput - // GCP Projects that the role exists within + // An array of GCP project IDs. Only entities belonging to this project can authenticate under the role. BoundProjects pulumi.StringArrayInput // The list of regions that a GCE instance must belong to in order to be authenticated. If boundInstanceGroups is provided, it is assumed to be a regional group and the group must belong to this region. If boundZones are provided, this attribute is ignored. BoundRegions pulumi.StringArrayInput @@ -319,7 +322,7 @@ type authBackendRoleArgs struct { BoundInstanceGroups []string `pulumi:"boundInstanceGroups"` // A comma-separated list of GCP labels formatted as `"key:value"` strings that must be set on authorized GCE instances. Because GCP labels are not currently ACL'd, we recommend that this be used in conjunction with other restrictions. BoundLabels []string `pulumi:"boundLabels"` - // GCP Projects that the role exists within + // An array of GCP project IDs. Only entities belonging to this project can authenticate under the role. BoundProjects []string `pulumi:"boundProjects"` // The list of regions that a GCE instance must belong to in order to be authenticated. If boundInstanceGroups is provided, it is assumed to be a regional group and the group must belong to this region. If boundZones are provided, this attribute is ignored. BoundRegions []string `pulumi:"boundRegions"` @@ -386,7 +389,7 @@ type AuthBackendRoleArgs struct { BoundInstanceGroups pulumi.StringArrayInput // A comma-separated list of GCP labels formatted as `"key:value"` strings that must be set on authorized GCE instances. Because GCP labels are not currently ACL'd, we recommend that this be used in conjunction with other restrictions. BoundLabels pulumi.StringArrayInput - // GCP Projects that the role exists within + // An array of GCP project IDs. Only entities belonging to this project can authenticate under the role. BoundProjects pulumi.StringArrayInput // The list of regions that a GCE instance must belong to in order to be authenticated. If boundInstanceGroups is provided, it is assumed to be a regional group and the group must belong to this region. If boundZones are provided, this attribute is ignored. BoundRegions pulumi.StringArrayInput @@ -465,6 +468,12 @@ func (i *AuthBackendRole) ToAuthBackendRoleOutputWithContext(ctx context.Context return pulumi.ToOutputWithContext(ctx, i).(AuthBackendRoleOutput) } +func (i *AuthBackendRole) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendRole] { + return pulumix.Output[*AuthBackendRole]{ + OutputState: i.ToAuthBackendRoleOutputWithContext(ctx).OutputState, + } +} + // AuthBackendRoleArrayInput is an input type that accepts AuthBackendRoleArray and AuthBackendRoleArrayOutput values. // You can construct a concrete instance of `AuthBackendRoleArrayInput` via: // @@ -490,6 +499,12 @@ func (i AuthBackendRoleArray) ToAuthBackendRoleArrayOutputWithContext(ctx contex return pulumi.ToOutputWithContext(ctx, i).(AuthBackendRoleArrayOutput) } +func (i AuthBackendRoleArray) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendRole] { + return pulumix.Output[[]*AuthBackendRole]{ + OutputState: i.ToAuthBackendRoleArrayOutputWithContext(ctx).OutputState, + } +} + // AuthBackendRoleMapInput is an input type that accepts AuthBackendRoleMap and AuthBackendRoleMapOutput values. // You can construct a concrete instance of `AuthBackendRoleMapInput` via: // @@ -515,6 +530,12 @@ func (i AuthBackendRoleMap) ToAuthBackendRoleMapOutputWithContext(ctx context.Co return pulumi.ToOutputWithContext(ctx, i).(AuthBackendRoleMapOutput) } +func (i AuthBackendRoleMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendRole] { + return pulumix.Output[map[string]*AuthBackendRole]{ + OutputState: i.ToAuthBackendRoleMapOutputWithContext(ctx).OutputState, + } +} + type AuthBackendRoleOutput struct{ *pulumi.OutputState } func (AuthBackendRoleOutput) ElementType() reflect.Type { @@ -529,6 +550,12 @@ func (o AuthBackendRoleOutput) ToAuthBackendRoleOutputWithContext(ctx context.Co return o } +func (o AuthBackendRoleOutput) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendRole] { + return pulumix.Output[*AuthBackendRole]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendRoleOutput) AddGroupAliases() pulumi.BoolOutput { return o.ApplyT(func(v *AuthBackendRole) pulumi.BoolOutput { return v.AddGroupAliases }).(pulumi.BoolOutput) } @@ -553,7 +580,7 @@ func (o AuthBackendRoleOutput) BoundLabels() pulumi.StringArrayOutput { return o.ApplyT(func(v *AuthBackendRole) pulumi.StringArrayOutput { return v.BoundLabels }).(pulumi.StringArrayOutput) } -// GCP Projects that the role exists within +// An array of GCP project IDs. Only entities belonging to this project can authenticate under the role. func (o AuthBackendRoleOutput) BoundProjects() pulumi.StringArrayOutput { return o.ApplyT(func(v *AuthBackendRole) pulumi.StringArrayOutput { return v.BoundProjects }).(pulumi.StringArrayOutput) } @@ -672,6 +699,12 @@ func (o AuthBackendRoleArrayOutput) ToAuthBackendRoleArrayOutputWithContext(ctx return o } +func (o AuthBackendRoleArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendRole] { + return pulumix.Output[[]*AuthBackendRole]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendRoleArrayOutput) Index(i pulumi.IntInput) AuthBackendRoleOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AuthBackendRole { return vs[0].([]*AuthBackendRole)[vs[1].(int)] @@ -692,6 +725,12 @@ func (o AuthBackendRoleMapOutput) ToAuthBackendRoleMapOutputWithContext(ctx cont return o } +func (o AuthBackendRoleMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendRole] { + return pulumix.Output[map[string]*AuthBackendRole]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendRoleMapOutput) MapIndex(k pulumi.StringInput) AuthBackendRoleOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AuthBackendRole { return vs[0].(map[string]*AuthBackendRole)[vs[1].(string)] diff --git a/sdk/go/vault/gcp/getAuthBackendRole.go b/sdk/go/vault/gcp/getAuthBackendRole.go index d79d4c9d5..021dab333 100644 --- a/sdk/go/vault/gcp/getAuthBackendRole.go +++ b/sdk/go/vault/gcp/getAuthBackendRole.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Reads a GCP auth role from a Vault server. @@ -40,6 +42,7 @@ import ( // // ``` func LookupAuthBackendRole(ctx *pulumi.Context, args *LookupAuthBackendRoleArgs, opts ...pulumi.InvokeOption) (*LookupAuthBackendRoleResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) var rv LookupAuthBackendRoleResult err := ctx.Invoke("vault:gcp/getAuthBackendRole:getAuthBackendRole", args, &rv, opts...) if err != nil { @@ -239,6 +242,12 @@ func (o LookupAuthBackendRoleResultOutput) ToLookupAuthBackendRoleResultOutputWi return o } +func (o LookupAuthBackendRoleResultOutput) ToOutput(ctx context.Context) pulumix.Output[LookupAuthBackendRoleResult] { + return pulumix.Output[LookupAuthBackendRoleResult]{ + OutputState: o.OutputState, + } +} + func (o LookupAuthBackendRoleResultOutput) Backend() pulumi.StringPtrOutput { return o.ApplyT(func(v LookupAuthBackendRoleResult) *string { return v.Backend }).(pulumi.StringPtrOutput) } diff --git a/sdk/go/vault/gcp/init.go b/sdk/go/vault/gcp/init.go index 49818467e..00d0d73f2 100644 --- a/sdk/go/vault/gcp/init.go +++ b/sdk/go/vault/gcp/init.go @@ -7,7 +7,7 @@ import ( "fmt" "github.com/blang/semver" - "github.com/pulumi/pulumi-vault/sdk/v5/go/vault" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) @@ -42,7 +42,7 @@ func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi } func init() { - version, err := vault.PkgVersion() + version, err := internal.PkgVersion() if err != nil { version = semver.Version{Major: 1} } diff --git a/sdk/go/vault/gcp/pulumiTypes.go b/sdk/go/vault/gcp/pulumiTypes.go index e375bc9d4..be238e689 100644 --- a/sdk/go/vault/gcp/pulumiTypes.go +++ b/sdk/go/vault/gcp/pulumiTypes.go @@ -7,13 +7,22 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) +var _ = internal.GetEnvOrDefault + type AuthBackendCustomEndpoint struct { // Replaces the service endpoint used in API requests to `https://www.googleapis.com`. Api *string `pulumi:"api"` // Replaces the service endpoint used in API requests to `https://compute.googleapis.com`. + // + // The endpoint value provided for a given key has the form of `scheme://host:port`. + // The `scheme://` and `:port` portions of the endpoint value are optional. + // + // For more details on the usage of each argument consult the [Vault GCP API documentation](https://www.vaultproject.io/api-docs/auth/gcp#configure). Compute *string `pulumi:"compute"` // Replaces the service endpoint used in API requests to `https://cloudresourcemanager.googleapis.com`. Crm *string `pulumi:"crm"` @@ -36,6 +45,11 @@ type AuthBackendCustomEndpointArgs struct { // Replaces the service endpoint used in API requests to `https://www.googleapis.com`. Api pulumi.StringPtrInput `pulumi:"api"` // Replaces the service endpoint used in API requests to `https://compute.googleapis.com`. + // + // The endpoint value provided for a given key has the form of `scheme://host:port`. + // The `scheme://` and `:port` portions of the endpoint value are optional. + // + // For more details on the usage of each argument consult the [Vault GCP API documentation](https://www.vaultproject.io/api-docs/auth/gcp#configure). Compute pulumi.StringPtrInput `pulumi:"compute"` // Replaces the service endpoint used in API requests to `https://cloudresourcemanager.googleapis.com`. Crm pulumi.StringPtrInput `pulumi:"crm"` @@ -55,6 +69,12 @@ func (i AuthBackendCustomEndpointArgs) ToAuthBackendCustomEndpointOutputWithCont return pulumi.ToOutputWithContext(ctx, i).(AuthBackendCustomEndpointOutput) } +func (i AuthBackendCustomEndpointArgs) ToOutput(ctx context.Context) pulumix.Output[AuthBackendCustomEndpoint] { + return pulumix.Output[AuthBackendCustomEndpoint]{ + OutputState: i.ToAuthBackendCustomEndpointOutputWithContext(ctx).OutputState, + } +} + func (i AuthBackendCustomEndpointArgs) ToAuthBackendCustomEndpointPtrOutput() AuthBackendCustomEndpointPtrOutput { return i.ToAuthBackendCustomEndpointPtrOutputWithContext(context.Background()) } @@ -96,6 +116,12 @@ func (i *authBackendCustomEndpointPtrType) ToAuthBackendCustomEndpointPtrOutputW return pulumi.ToOutputWithContext(ctx, i).(AuthBackendCustomEndpointPtrOutput) } +func (i *authBackendCustomEndpointPtrType) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendCustomEndpoint] { + return pulumix.Output[*AuthBackendCustomEndpoint]{ + OutputState: i.ToAuthBackendCustomEndpointPtrOutputWithContext(ctx).OutputState, + } +} + type AuthBackendCustomEndpointOutput struct{ *pulumi.OutputState } func (AuthBackendCustomEndpointOutput) ElementType() reflect.Type { @@ -120,12 +146,23 @@ func (o AuthBackendCustomEndpointOutput) ToAuthBackendCustomEndpointPtrOutputWit }).(AuthBackendCustomEndpointPtrOutput) } +func (o AuthBackendCustomEndpointOutput) ToOutput(ctx context.Context) pulumix.Output[AuthBackendCustomEndpoint] { + return pulumix.Output[AuthBackendCustomEndpoint]{ + OutputState: o.OutputState, + } +} + // Replaces the service endpoint used in API requests to `https://www.googleapis.com`. func (o AuthBackendCustomEndpointOutput) Api() pulumi.StringPtrOutput { return o.ApplyT(func(v AuthBackendCustomEndpoint) *string { return v.Api }).(pulumi.StringPtrOutput) } // Replaces the service endpoint used in API requests to `https://compute.googleapis.com`. +// +// The endpoint value provided for a given key has the form of `scheme://host:port`. +// The `scheme://` and `:port` portions of the endpoint value are optional. +// +// For more details on the usage of each argument consult the [Vault GCP API documentation](https://www.vaultproject.io/api-docs/auth/gcp#configure). func (o AuthBackendCustomEndpointOutput) Compute() pulumi.StringPtrOutput { return o.ApplyT(func(v AuthBackendCustomEndpoint) *string { return v.Compute }).(pulumi.StringPtrOutput) } @@ -154,6 +191,12 @@ func (o AuthBackendCustomEndpointPtrOutput) ToAuthBackendCustomEndpointPtrOutput return o } +func (o AuthBackendCustomEndpointPtrOutput) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendCustomEndpoint] { + return pulumix.Output[*AuthBackendCustomEndpoint]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendCustomEndpointPtrOutput) Elem() AuthBackendCustomEndpointOutput { return o.ApplyT(func(v *AuthBackendCustomEndpoint) AuthBackendCustomEndpoint { if v != nil { @@ -175,6 +218,11 @@ func (o AuthBackendCustomEndpointPtrOutput) Api() pulumi.StringPtrOutput { } // Replaces the service endpoint used in API requests to `https://compute.googleapis.com`. +// +// The endpoint value provided for a given key has the form of `scheme://host:port`. +// The `scheme://` and `:port` portions of the endpoint value are optional. +// +// For more details on the usage of each argument consult the [Vault GCP API documentation](https://www.vaultproject.io/api-docs/auth/gcp#configure). func (o AuthBackendCustomEndpointPtrOutput) Compute() pulumi.StringPtrOutput { return o.ApplyT(func(v *AuthBackendCustomEndpoint) *string { if v == nil { @@ -241,6 +289,12 @@ func (i SecretRolesetBindingArgs) ToSecretRolesetBindingOutputWithContext(ctx co return pulumi.ToOutputWithContext(ctx, i).(SecretRolesetBindingOutput) } +func (i SecretRolesetBindingArgs) ToOutput(ctx context.Context) pulumix.Output[SecretRolesetBinding] { + return pulumix.Output[SecretRolesetBinding]{ + OutputState: i.ToSecretRolesetBindingOutputWithContext(ctx).OutputState, + } +} + // SecretRolesetBindingArrayInput is an input type that accepts SecretRolesetBindingArray and SecretRolesetBindingArrayOutput values. // You can construct a concrete instance of `SecretRolesetBindingArrayInput` via: // @@ -266,6 +320,12 @@ func (i SecretRolesetBindingArray) ToSecretRolesetBindingArrayOutputWithContext( return pulumi.ToOutputWithContext(ctx, i).(SecretRolesetBindingArrayOutput) } +func (i SecretRolesetBindingArray) ToOutput(ctx context.Context) pulumix.Output[[]SecretRolesetBinding] { + return pulumix.Output[[]SecretRolesetBinding]{ + OutputState: i.ToSecretRolesetBindingArrayOutputWithContext(ctx).OutputState, + } +} + type SecretRolesetBindingOutput struct{ *pulumi.OutputState } func (SecretRolesetBindingOutput) ElementType() reflect.Type { @@ -280,6 +340,12 @@ func (o SecretRolesetBindingOutput) ToSecretRolesetBindingOutputWithContext(ctx return o } +func (o SecretRolesetBindingOutput) ToOutput(ctx context.Context) pulumix.Output[SecretRolesetBinding] { + return pulumix.Output[SecretRolesetBinding]{ + OutputState: o.OutputState, + } +} + // Resource or resource path for which IAM policy information will be bound. The resource path may be specified in a few different [formats](https://www.vaultproject.io/docs/secrets/gcp/index.html#roleset-bindings). func (o SecretRolesetBindingOutput) Resource() pulumi.StringOutput { return o.ApplyT(func(v SecretRolesetBinding) string { return v.Resource }).(pulumi.StringOutput) @@ -304,6 +370,12 @@ func (o SecretRolesetBindingArrayOutput) ToSecretRolesetBindingArrayOutputWithCo return o } +func (o SecretRolesetBindingArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]SecretRolesetBinding] { + return pulumix.Output[[]SecretRolesetBinding]{ + OutputState: o.OutputState, + } +} + func (o SecretRolesetBindingArrayOutput) Index(i pulumi.IntInput) SecretRolesetBindingOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) SecretRolesetBinding { return vs[0].([]SecretRolesetBinding)[vs[1].(int)] @@ -347,6 +419,12 @@ func (i SecretStaticAccountBindingArgs) ToSecretStaticAccountBindingOutputWithCo return pulumi.ToOutputWithContext(ctx, i).(SecretStaticAccountBindingOutput) } +func (i SecretStaticAccountBindingArgs) ToOutput(ctx context.Context) pulumix.Output[SecretStaticAccountBinding] { + return pulumix.Output[SecretStaticAccountBinding]{ + OutputState: i.ToSecretStaticAccountBindingOutputWithContext(ctx).OutputState, + } +} + // SecretStaticAccountBindingArrayInput is an input type that accepts SecretStaticAccountBindingArray and SecretStaticAccountBindingArrayOutput values. // You can construct a concrete instance of `SecretStaticAccountBindingArrayInput` via: // @@ -372,6 +450,12 @@ func (i SecretStaticAccountBindingArray) ToSecretStaticAccountBindingArrayOutput return pulumi.ToOutputWithContext(ctx, i).(SecretStaticAccountBindingArrayOutput) } +func (i SecretStaticAccountBindingArray) ToOutput(ctx context.Context) pulumix.Output[[]SecretStaticAccountBinding] { + return pulumix.Output[[]SecretStaticAccountBinding]{ + OutputState: i.ToSecretStaticAccountBindingArrayOutputWithContext(ctx).OutputState, + } +} + type SecretStaticAccountBindingOutput struct{ *pulumi.OutputState } func (SecretStaticAccountBindingOutput) ElementType() reflect.Type { @@ -386,6 +470,12 @@ func (o SecretStaticAccountBindingOutput) ToSecretStaticAccountBindingOutputWith return o } +func (o SecretStaticAccountBindingOutput) ToOutput(ctx context.Context) pulumix.Output[SecretStaticAccountBinding] { + return pulumix.Output[SecretStaticAccountBinding]{ + OutputState: o.OutputState, + } +} + // Resource or resource path for which IAM policy information will be bound. The resource path may be specified in a few different [formats](https://www.vaultproject.io/docs/secrets/gcp/index.html#bindings). func (o SecretStaticAccountBindingOutput) Resource() pulumi.StringOutput { return o.ApplyT(func(v SecretStaticAccountBinding) string { return v.Resource }).(pulumi.StringOutput) @@ -410,6 +500,12 @@ func (o SecretStaticAccountBindingArrayOutput) ToSecretStaticAccountBindingArray return o } +func (o SecretStaticAccountBindingArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]SecretStaticAccountBinding] { + return pulumix.Output[[]SecretStaticAccountBinding]{ + OutputState: o.OutputState, + } +} + func (o SecretStaticAccountBindingArrayOutput) Index(i pulumi.IntInput) SecretStaticAccountBindingOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) SecretStaticAccountBinding { return vs[0].([]SecretStaticAccountBinding)[vs[1].(int)] diff --git a/sdk/go/vault/gcp/secretBackend.go b/sdk/go/vault/gcp/secretBackend.go index b8669d58e..5463ab0f8 100644 --- a/sdk/go/vault/gcp/secretBackend.go +++ b/sdk/go/vault/gcp/secretBackend.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -17,7 +19,7 @@ import ( // // import ( // -// "io/ioutil" +// "os" // // "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/gcp" // "github.com/pulumi/pulumi/sdk/v3/go/pulumi" @@ -25,7 +27,7 @@ import ( // ) // // func readFileOrPanic(path string) pulumi.StringPtrInput { -// data, err := ioutil.ReadFile(path) +// data, err := os.ReadFile(path) // if err != nil { // panic(err.Error()) // } @@ -48,7 +50,7 @@ import ( type SecretBackend struct { pulumi.CustomResourceState - // The GCP service account credentials in JSON format. + // JSON-encoded credentials to use to connect to GCP Credentials pulumi.StringPtrOutput `pulumi:"credentials"` // The default TTL for credentials // issued by this backend. Defaults to '0'. @@ -81,12 +83,13 @@ func NewSecretBackend(ctx *pulumi.Context, } if args.Credentials != nil { - args.Credentials = pulumi.ToSecret(args.Credentials).(pulumi.StringPtrOutput) + args.Credentials = pulumi.ToSecret(args.Credentials).(pulumi.StringPtrInput) } secrets := pulumi.AdditionalSecretOutputs([]string{ "credentials", }) opts = append(opts, secrets) + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretBackend err := ctx.RegisterResource("vault:gcp/secretBackend:SecretBackend", name, args, &resource, opts...) if err != nil { @@ -109,7 +112,7 @@ func GetSecretBackend(ctx *pulumi.Context, // Input properties used for looking up and filtering SecretBackend resources. type secretBackendState struct { - // The GCP service account credentials in JSON format. + // JSON-encoded credentials to use to connect to GCP Credentials *string `pulumi:"credentials"` // The default TTL for credentials // issued by this backend. Defaults to '0'. @@ -135,7 +138,7 @@ type secretBackendState struct { } type SecretBackendState struct { - // The GCP service account credentials in JSON format. + // JSON-encoded credentials to use to connect to GCP Credentials pulumi.StringPtrInput // The default TTL for credentials // issued by this backend. Defaults to '0'. @@ -165,7 +168,7 @@ func (SecretBackendState) ElementType() reflect.Type { } type secretBackendArgs struct { - // The GCP service account credentials in JSON format. + // JSON-encoded credentials to use to connect to GCP Credentials *string `pulumi:"credentials"` // The default TTL for credentials // issued by this backend. Defaults to '0'. @@ -192,7 +195,7 @@ type secretBackendArgs struct { // The set of arguments for constructing a SecretBackend resource. type SecretBackendArgs struct { - // The GCP service account credentials in JSON format. + // JSON-encoded credentials to use to connect to GCP Credentials pulumi.StringPtrInput // The default TTL for credentials // issued by this backend. Defaults to '0'. @@ -240,6 +243,12 @@ func (i *SecretBackend) ToSecretBackendOutputWithContext(ctx context.Context) Se return pulumi.ToOutputWithContext(ctx, i).(SecretBackendOutput) } +func (i *SecretBackend) ToOutput(ctx context.Context) pulumix.Output[*SecretBackend] { + return pulumix.Output[*SecretBackend]{ + OutputState: i.ToSecretBackendOutputWithContext(ctx).OutputState, + } +} + // SecretBackendArrayInput is an input type that accepts SecretBackendArray and SecretBackendArrayOutput values. // You can construct a concrete instance of `SecretBackendArrayInput` via: // @@ -265,6 +274,12 @@ func (i SecretBackendArray) ToSecretBackendArrayOutputWithContext(ctx context.Co return pulumi.ToOutputWithContext(ctx, i).(SecretBackendArrayOutput) } +func (i SecretBackendArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackend] { + return pulumix.Output[[]*SecretBackend]{ + OutputState: i.ToSecretBackendArrayOutputWithContext(ctx).OutputState, + } +} + // SecretBackendMapInput is an input type that accepts SecretBackendMap and SecretBackendMapOutput values. // You can construct a concrete instance of `SecretBackendMapInput` via: // @@ -290,6 +305,12 @@ func (i SecretBackendMap) ToSecretBackendMapOutputWithContext(ctx context.Contex return pulumi.ToOutputWithContext(ctx, i).(SecretBackendMapOutput) } +func (i SecretBackendMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackend] { + return pulumix.Output[map[string]*SecretBackend]{ + OutputState: i.ToSecretBackendMapOutputWithContext(ctx).OutputState, + } +} + type SecretBackendOutput struct{ *pulumi.OutputState } func (SecretBackendOutput) ElementType() reflect.Type { @@ -304,7 +325,13 @@ func (o SecretBackendOutput) ToSecretBackendOutputWithContext(ctx context.Contex return o } -// The GCP service account credentials in JSON format. +func (o SecretBackendOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackend] { + return pulumix.Output[*SecretBackend]{ + OutputState: o.OutputState, + } +} + +// JSON-encoded credentials to use to connect to GCP func (o SecretBackendOutput) Credentials() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackend) pulumi.StringPtrOutput { return v.Credentials }).(pulumi.StringPtrOutput) } @@ -365,6 +392,12 @@ func (o SecretBackendArrayOutput) ToSecretBackendArrayOutputWithContext(ctx cont return o } +func (o SecretBackendArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackend] { + return pulumix.Output[[]*SecretBackend]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendArrayOutput) Index(i pulumi.IntInput) SecretBackendOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretBackend { return vs[0].([]*SecretBackend)[vs[1].(int)] @@ -385,6 +418,12 @@ func (o SecretBackendMapOutput) ToSecretBackendMapOutputWithContext(ctx context. return o } +func (o SecretBackendMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackend] { + return pulumix.Output[map[string]*SecretBackend]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendMapOutput) MapIndex(k pulumi.StringInput) SecretBackendOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretBackend { return vs[0].(map[string]*SecretBackend)[vs[1].(string)] diff --git a/sdk/go/vault/gcp/secretImpersonatedAccount.go b/sdk/go/vault/gcp/secretImpersonatedAccount.go index 5b3016a04..a22199c4e 100644 --- a/sdk/go/vault/gcp/secretImpersonatedAccount.go +++ b/sdk/go/vault/gcp/secretImpersonatedAccount.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Creates a Impersonated Account in the [GCP Secrets Engine](https://www.vaultproject.io/docs/secrets/gcp/index.html) for Vault. @@ -23,7 +25,7 @@ import ( // // import ( // -// "io/ioutil" +// "os" // // "github.com/pulumi/pulumi-gcp/sdk/v5/go/gcp/serviceAccount" // "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/gcp" @@ -32,7 +34,7 @@ import ( // ) // // func readFileOrPanic(path string) pulumi.StringPtrInput { -// data, err := ioutil.ReadFile(path) +// data, err := os.ReadFile(path) // if err != nil { // panic(err.Error()) // } @@ -113,6 +115,7 @@ func NewSecretImpersonatedAccount(ctx *pulumi.Context, if args.ServiceAccountEmail == nil { return nil, errors.New("invalid value for required argument 'ServiceAccountEmail'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretImpersonatedAccount err := ctx.RegisterResource("vault:gcp/secretImpersonatedAccount:SecretImpersonatedAccount", name, args, &resource, opts...) if err != nil { @@ -218,6 +221,12 @@ func (i *SecretImpersonatedAccount) ToSecretImpersonatedAccountOutputWithContext return pulumi.ToOutputWithContext(ctx, i).(SecretImpersonatedAccountOutput) } +func (i *SecretImpersonatedAccount) ToOutput(ctx context.Context) pulumix.Output[*SecretImpersonatedAccount] { + return pulumix.Output[*SecretImpersonatedAccount]{ + OutputState: i.ToSecretImpersonatedAccountOutputWithContext(ctx).OutputState, + } +} + // SecretImpersonatedAccountArrayInput is an input type that accepts SecretImpersonatedAccountArray and SecretImpersonatedAccountArrayOutput values. // You can construct a concrete instance of `SecretImpersonatedAccountArrayInput` via: // @@ -243,6 +252,12 @@ func (i SecretImpersonatedAccountArray) ToSecretImpersonatedAccountArrayOutputWi return pulumi.ToOutputWithContext(ctx, i).(SecretImpersonatedAccountArrayOutput) } +func (i SecretImpersonatedAccountArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretImpersonatedAccount] { + return pulumix.Output[[]*SecretImpersonatedAccount]{ + OutputState: i.ToSecretImpersonatedAccountArrayOutputWithContext(ctx).OutputState, + } +} + // SecretImpersonatedAccountMapInput is an input type that accepts SecretImpersonatedAccountMap and SecretImpersonatedAccountMapOutput values. // You can construct a concrete instance of `SecretImpersonatedAccountMapInput` via: // @@ -268,6 +283,12 @@ func (i SecretImpersonatedAccountMap) ToSecretImpersonatedAccountMapOutputWithCo return pulumi.ToOutputWithContext(ctx, i).(SecretImpersonatedAccountMapOutput) } +func (i SecretImpersonatedAccountMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretImpersonatedAccount] { + return pulumix.Output[map[string]*SecretImpersonatedAccount]{ + OutputState: i.ToSecretImpersonatedAccountMapOutputWithContext(ctx).OutputState, + } +} + type SecretImpersonatedAccountOutput struct{ *pulumi.OutputState } func (SecretImpersonatedAccountOutput) ElementType() reflect.Type { @@ -282,6 +303,12 @@ func (o SecretImpersonatedAccountOutput) ToSecretImpersonatedAccountOutputWithCo return o } +func (o SecretImpersonatedAccountOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretImpersonatedAccount] { + return pulumix.Output[*SecretImpersonatedAccount]{ + OutputState: o.OutputState, + } +} + // Path where the GCP Secrets Engine is mounted func (o SecretImpersonatedAccountOutput) Backend() pulumi.StringOutput { return o.ApplyT(func(v *SecretImpersonatedAccount) pulumi.StringOutput { return v.Backend }).(pulumi.StringOutput) @@ -326,6 +353,12 @@ func (o SecretImpersonatedAccountArrayOutput) ToSecretImpersonatedAccountArrayOu return o } +func (o SecretImpersonatedAccountArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretImpersonatedAccount] { + return pulumix.Output[[]*SecretImpersonatedAccount]{ + OutputState: o.OutputState, + } +} + func (o SecretImpersonatedAccountArrayOutput) Index(i pulumi.IntInput) SecretImpersonatedAccountOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretImpersonatedAccount { return vs[0].([]*SecretImpersonatedAccount)[vs[1].(int)] @@ -346,6 +379,12 @@ func (o SecretImpersonatedAccountMapOutput) ToSecretImpersonatedAccountMapOutput return o } +func (o SecretImpersonatedAccountMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretImpersonatedAccount] { + return pulumix.Output[map[string]*SecretImpersonatedAccount]{ + OutputState: o.OutputState, + } +} + func (o SecretImpersonatedAccountMapOutput) MapIndex(k pulumi.StringInput) SecretImpersonatedAccountOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretImpersonatedAccount { return vs[0].(map[string]*SecretImpersonatedAccount)[vs[1].(string)] diff --git a/sdk/go/vault/gcp/secretRoleset.go b/sdk/go/vault/gcp/secretRoleset.go index 427e2ba9a..64cc0cdb7 100644 --- a/sdk/go/vault/gcp/secretRoleset.go +++ b/sdk/go/vault/gcp/secretRoleset.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Creates a Roleset in the [GCP Secrets Engine](https://www.vaultproject.io/docs/secrets/gcp/index.html) for Vault. @@ -23,7 +25,7 @@ import ( // import ( // // "fmt" -// "io/ioutil" +// "os" // // "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/gcp" // "github.com/pulumi/pulumi/sdk/v3/go/pulumi" @@ -31,7 +33,7 @@ import ( // ) // // func readFileOrPanic(path string) pulumi.StringPtrInput { -// data, err := ioutil.ReadFile(path) +// data, err := os.ReadFile(path) // if err != nil { // panic(err.Error()) // } @@ -101,7 +103,7 @@ type SecretRoleset struct { Roleset pulumi.StringOutput `pulumi:"roleset"` // Type of secret generated for this role set. Accepted values: `accessToken`, `serviceAccountKey`. Defaults to `accessToken`. SecretType pulumi.StringOutput `pulumi:"secretType"` - // Email of the service account created by Vault for this Roleset + // Email of the service account created by Vault for this Roleset. ServiceAccountEmail pulumi.StringOutput `pulumi:"serviceAccountEmail"` // List of OAuth scopes to assign to `accessToken` secrets generated under this role set (`accessToken` role sets only). TokenScopes pulumi.StringArrayOutput `pulumi:"tokenScopes"` @@ -126,6 +128,7 @@ func NewSecretRoleset(ctx *pulumi.Context, if args.Roleset == nil { return nil, errors.New("invalid value for required argument 'Roleset'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretRoleset err := ctx.RegisterResource("vault:gcp/secretRoleset:SecretRoleset", name, args, &resource, opts...) if err != nil { @@ -163,7 +166,7 @@ type secretRolesetState struct { Roleset *string `pulumi:"roleset"` // Type of secret generated for this role set. Accepted values: `accessToken`, `serviceAccountKey`. Defaults to `accessToken`. SecretType *string `pulumi:"secretType"` - // Email of the service account created by Vault for this Roleset + // Email of the service account created by Vault for this Roleset. ServiceAccountEmail *string `pulumi:"serviceAccountEmail"` // List of OAuth scopes to assign to `accessToken` secrets generated under this role set (`accessToken` role sets only). TokenScopes []string `pulumi:"tokenScopes"` @@ -185,7 +188,7 @@ type SecretRolesetState struct { Roleset pulumi.StringPtrInput // Type of secret generated for this role set. Accepted values: `accessToken`, `serviceAccountKey`. Defaults to `accessToken`. SecretType pulumi.StringPtrInput - // Email of the service account created by Vault for this Roleset + // Email of the service account created by Vault for this Roleset. ServiceAccountEmail pulumi.StringPtrInput // List of OAuth scopes to assign to `accessToken` secrets generated under this role set (`accessToken` role sets only). TokenScopes pulumi.StringArrayInput @@ -259,6 +262,12 @@ func (i *SecretRoleset) ToSecretRolesetOutputWithContext(ctx context.Context) Se return pulumi.ToOutputWithContext(ctx, i).(SecretRolesetOutput) } +func (i *SecretRoleset) ToOutput(ctx context.Context) pulumix.Output[*SecretRoleset] { + return pulumix.Output[*SecretRoleset]{ + OutputState: i.ToSecretRolesetOutputWithContext(ctx).OutputState, + } +} + // SecretRolesetArrayInput is an input type that accepts SecretRolesetArray and SecretRolesetArrayOutput values. // You can construct a concrete instance of `SecretRolesetArrayInput` via: // @@ -284,6 +293,12 @@ func (i SecretRolesetArray) ToSecretRolesetArrayOutputWithContext(ctx context.Co return pulumi.ToOutputWithContext(ctx, i).(SecretRolesetArrayOutput) } +func (i SecretRolesetArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretRoleset] { + return pulumix.Output[[]*SecretRoleset]{ + OutputState: i.ToSecretRolesetArrayOutputWithContext(ctx).OutputState, + } +} + // SecretRolesetMapInput is an input type that accepts SecretRolesetMap and SecretRolesetMapOutput values. // You can construct a concrete instance of `SecretRolesetMapInput` via: // @@ -309,6 +324,12 @@ func (i SecretRolesetMap) ToSecretRolesetMapOutputWithContext(ctx context.Contex return pulumi.ToOutputWithContext(ctx, i).(SecretRolesetMapOutput) } +func (i SecretRolesetMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretRoleset] { + return pulumix.Output[map[string]*SecretRoleset]{ + OutputState: i.ToSecretRolesetMapOutputWithContext(ctx).OutputState, + } +} + type SecretRolesetOutput struct{ *pulumi.OutputState } func (SecretRolesetOutput) ElementType() reflect.Type { @@ -323,6 +344,12 @@ func (o SecretRolesetOutput) ToSecretRolesetOutputWithContext(ctx context.Contex return o } +func (o SecretRolesetOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretRoleset] { + return pulumix.Output[*SecretRoleset]{ + OutputState: o.OutputState, + } +} + // Path where the GCP Secrets Engine is mounted func (o SecretRolesetOutput) Backend() pulumi.StringOutput { return o.ApplyT(func(v *SecretRoleset) pulumi.StringOutput { return v.Backend }).(pulumi.StringOutput) @@ -356,7 +383,7 @@ func (o SecretRolesetOutput) SecretType() pulumi.StringOutput { return o.ApplyT(func(v *SecretRoleset) pulumi.StringOutput { return v.SecretType }).(pulumi.StringOutput) } -// Email of the service account created by Vault for this Roleset +// Email of the service account created by Vault for this Roleset. func (o SecretRolesetOutput) ServiceAccountEmail() pulumi.StringOutput { return o.ApplyT(func(v *SecretRoleset) pulumi.StringOutput { return v.ServiceAccountEmail }).(pulumi.StringOutput) } @@ -380,6 +407,12 @@ func (o SecretRolesetArrayOutput) ToSecretRolesetArrayOutputWithContext(ctx cont return o } +func (o SecretRolesetArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretRoleset] { + return pulumix.Output[[]*SecretRoleset]{ + OutputState: o.OutputState, + } +} + func (o SecretRolesetArrayOutput) Index(i pulumi.IntInput) SecretRolesetOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretRoleset { return vs[0].([]*SecretRoleset)[vs[1].(int)] @@ -400,6 +433,12 @@ func (o SecretRolesetMapOutput) ToSecretRolesetMapOutputWithContext(ctx context. return o } +func (o SecretRolesetMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretRoleset] { + return pulumix.Output[map[string]*SecretRoleset]{ + OutputState: o.OutputState, + } +} + func (o SecretRolesetMapOutput) MapIndex(k pulumi.StringInput) SecretRolesetOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretRoleset { return vs[0].(map[string]*SecretRoleset)[vs[1].(string)] diff --git a/sdk/go/vault/gcp/secretStaticAccount.go b/sdk/go/vault/gcp/secretStaticAccount.go index 1297a9280..93ef5f20d 100644 --- a/sdk/go/vault/gcp/secretStaticAccount.go +++ b/sdk/go/vault/gcp/secretStaticAccount.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Creates a Static Account in the [GCP Secrets Engine](https://www.vaultproject.io/docs/secrets/gcp/index.html) for Vault. @@ -24,7 +26,7 @@ import ( // import ( // // "fmt" -// "io/ioutil" +// "os" // // "github.com/pulumi/pulumi-gcp/sdk/v5/go/gcp/serviceAccount" // "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/gcp" @@ -33,7 +35,7 @@ import ( // ) // // func readFileOrPanic(path string) pulumi.StringPtrInput { -// data, err := ioutil.ReadFile(path) +// data, err := os.ReadFile(path) // if err != nil { // panic(err.Error()) // } @@ -132,6 +134,7 @@ func NewSecretStaticAccount(ctx *pulumi.Context, if args.StaticAccount == nil { return nil, errors.New("invalid value for required argument 'StaticAccount'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretStaticAccount err := ctx.RegisterResource("vault:gcp/secretStaticAccount:SecretStaticAccount", name, args, &resource, opts...) if err != nil { @@ -265,6 +268,12 @@ func (i *SecretStaticAccount) ToSecretStaticAccountOutputWithContext(ctx context return pulumi.ToOutputWithContext(ctx, i).(SecretStaticAccountOutput) } +func (i *SecretStaticAccount) ToOutput(ctx context.Context) pulumix.Output[*SecretStaticAccount] { + return pulumix.Output[*SecretStaticAccount]{ + OutputState: i.ToSecretStaticAccountOutputWithContext(ctx).OutputState, + } +} + // SecretStaticAccountArrayInput is an input type that accepts SecretStaticAccountArray and SecretStaticAccountArrayOutput values. // You can construct a concrete instance of `SecretStaticAccountArrayInput` via: // @@ -290,6 +299,12 @@ func (i SecretStaticAccountArray) ToSecretStaticAccountArrayOutputWithContext(ct return pulumi.ToOutputWithContext(ctx, i).(SecretStaticAccountArrayOutput) } +func (i SecretStaticAccountArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretStaticAccount] { + return pulumix.Output[[]*SecretStaticAccount]{ + OutputState: i.ToSecretStaticAccountArrayOutputWithContext(ctx).OutputState, + } +} + // SecretStaticAccountMapInput is an input type that accepts SecretStaticAccountMap and SecretStaticAccountMapOutput values. // You can construct a concrete instance of `SecretStaticAccountMapInput` via: // @@ -315,6 +330,12 @@ func (i SecretStaticAccountMap) ToSecretStaticAccountMapOutputWithContext(ctx co return pulumi.ToOutputWithContext(ctx, i).(SecretStaticAccountMapOutput) } +func (i SecretStaticAccountMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretStaticAccount] { + return pulumix.Output[map[string]*SecretStaticAccount]{ + OutputState: i.ToSecretStaticAccountMapOutputWithContext(ctx).OutputState, + } +} + type SecretStaticAccountOutput struct{ *pulumi.OutputState } func (SecretStaticAccountOutput) ElementType() reflect.Type { @@ -329,6 +350,12 @@ func (o SecretStaticAccountOutput) ToSecretStaticAccountOutputWithContext(ctx co return o } +func (o SecretStaticAccountOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretStaticAccount] { + return pulumix.Output[*SecretStaticAccount]{ + OutputState: o.OutputState, + } +} + // Path where the GCP Secrets Engine is mounted func (o SecretStaticAccountOutput) Backend() pulumi.StringOutput { return o.ApplyT(func(v *SecretStaticAccount) pulumi.StringOutput { return v.Backend }).(pulumi.StringOutput) @@ -386,6 +413,12 @@ func (o SecretStaticAccountArrayOutput) ToSecretStaticAccountArrayOutputWithCont return o } +func (o SecretStaticAccountArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretStaticAccount] { + return pulumix.Output[[]*SecretStaticAccount]{ + OutputState: o.OutputState, + } +} + func (o SecretStaticAccountArrayOutput) Index(i pulumi.IntInput) SecretStaticAccountOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretStaticAccount { return vs[0].([]*SecretStaticAccount)[vs[1].(int)] @@ -406,6 +439,12 @@ func (o SecretStaticAccountMapOutput) ToSecretStaticAccountMapOutputWithContext( return o } +func (o SecretStaticAccountMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretStaticAccount] { + return pulumix.Output[map[string]*SecretStaticAccount]{ + OutputState: o.OutputState, + } +} + func (o SecretStaticAccountMapOutput) MapIndex(k pulumi.StringInput) SecretStaticAccountOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretStaticAccount { return vs[0].(map[string]*SecretStaticAccount)[vs[1].(string)] diff --git a/sdk/go/vault/generic/endpoint.go b/sdk/go/vault/generic/endpoint.go index 9c946d8ae..fe55ad691 100644 --- a/sdk/go/vault/generic/endpoint.go +++ b/sdk/go/vault/generic/endpoint.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -92,7 +94,9 @@ type Endpoint struct { // String containing a JSON-encoded object that will be // written to the given path as the secret data. DataJson pulumi.StringOutput `pulumi:"dataJson"` - // Don't attempt to delete the path from Vault if true + // - (Optional) True/false. Set this to true if your + // vault authentication is not able to delete the data or if the endpoint + // does not support the `DELETE` method. Defaults to false. DisableDelete pulumi.BoolPtrOutput `pulumi:"disableDelete"` // True/false. Set this to true if your vault // authentication is not able to read the data or if the endpoint does @@ -100,7 +104,13 @@ type Endpoint struct { // detection. You should set this to `true` for endpoints that are // write-only. Defaults to false. DisableRead pulumi.BoolPtrOutput `pulumi:"disableRead"` - // When reading, disregard fields not present in data_json + // - (Optional) True/false. If set to true, + // ignore any fields present when the endpoint is read but that were not + // in `dataJson`. Also, if a field that was written is not returned when + // the endpoint is read, treat that field as being up to date. You should + // set this to `true` when writing to endpoint that, when read, returns a + // different set of fields from the ones you wrote, as is common with + // many configuration endpoints. Defaults to false. IgnoreAbsentFields pulumi.BoolPtrOutput `pulumi:"ignoreAbsentFields"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. @@ -112,11 +122,22 @@ type Endpoint struct { // support the `PUT` methods and to determine whether they also support // `DELETE` and `GET`. Path pulumi.StringOutput `pulumi:"path"` - // Map of strings returned by write operation + // - A map whose keys are the top-level data keys + // returned from Vault by the write operation and whose values are the + // corresponding values. This map can only represent string data, so + // any non-string values returned from Vault are serialized as JSON. + // Only fields set in `writeFields` are present in the JSON data. WriteData pulumi.StringMapOutput `pulumi:"writeData"` - // JSON data returned by write operation + // - The JSON data returned by the write operation. + // Only fields set in `writeFields` are present in the JSON data. WriteDataJson pulumi.StringOutput `pulumi:"writeDataJson"` - // Top-level fields returned by write to persist in state + // - (Optional). A list of fields that should be returned + // in `writeDataJson` and `writeData`. If omitted, data returned by + // the write operation is not available to the resource or included in + // state. This helps to avoid accidental storage of sensitive values in + // state. Some endpoints, such as many dynamic secrets endpoints, return + // data from writing to an endpoint rather than reading it. You should + // use `writeFields` if you need information returned in this way. WriteFields pulumi.StringArrayOutput `pulumi:"writeFields"` } @@ -134,12 +155,13 @@ func NewEndpoint(ctx *pulumi.Context, return nil, errors.New("invalid value for required argument 'Path'") } if args.DataJson != nil { - args.DataJson = pulumi.ToSecret(args.DataJson).(pulumi.StringOutput) + args.DataJson = pulumi.ToSecret(args.DataJson).(pulumi.StringInput) } secrets := pulumi.AdditionalSecretOutputs([]string{ "dataJson", }) opts = append(opts, secrets) + opts = internal.PkgResourceDefaultOpts(opts) var resource Endpoint err := ctx.RegisterResource("vault:generic/endpoint:Endpoint", name, args, &resource, opts...) if err != nil { @@ -165,7 +187,9 @@ type endpointState struct { // String containing a JSON-encoded object that will be // written to the given path as the secret data. DataJson *string `pulumi:"dataJson"` - // Don't attempt to delete the path from Vault if true + // - (Optional) True/false. Set this to true if your + // vault authentication is not able to delete the data or if the endpoint + // does not support the `DELETE` method. Defaults to false. DisableDelete *bool `pulumi:"disableDelete"` // True/false. Set this to true if your vault // authentication is not able to read the data or if the endpoint does @@ -173,7 +197,13 @@ type endpointState struct { // detection. You should set this to `true` for endpoints that are // write-only. Defaults to false. DisableRead *bool `pulumi:"disableRead"` - // When reading, disregard fields not present in data_json + // - (Optional) True/false. If set to true, + // ignore any fields present when the endpoint is read but that were not + // in `dataJson`. Also, if a field that was written is not returned when + // the endpoint is read, treat that field as being up to date. You should + // set this to `true` when writing to endpoint that, when read, returns a + // different set of fields from the ones you wrote, as is common with + // many configuration endpoints. Defaults to false. IgnoreAbsentFields *bool `pulumi:"ignoreAbsentFields"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. @@ -185,11 +215,22 @@ type endpointState struct { // support the `PUT` methods and to determine whether they also support // `DELETE` and `GET`. Path *string `pulumi:"path"` - // Map of strings returned by write operation + // - A map whose keys are the top-level data keys + // returned from Vault by the write operation and whose values are the + // corresponding values. This map can only represent string data, so + // any non-string values returned from Vault are serialized as JSON. + // Only fields set in `writeFields` are present in the JSON data. WriteData map[string]string `pulumi:"writeData"` - // JSON data returned by write operation + // - The JSON data returned by the write operation. + // Only fields set in `writeFields` are present in the JSON data. WriteDataJson *string `pulumi:"writeDataJson"` - // Top-level fields returned by write to persist in state + // - (Optional). A list of fields that should be returned + // in `writeDataJson` and `writeData`. If omitted, data returned by + // the write operation is not available to the resource or included in + // state. This helps to avoid accidental storage of sensitive values in + // state. Some endpoints, such as many dynamic secrets endpoints, return + // data from writing to an endpoint rather than reading it. You should + // use `writeFields` if you need information returned in this way. WriteFields []string `pulumi:"writeFields"` } @@ -197,7 +238,9 @@ type EndpointState struct { // String containing a JSON-encoded object that will be // written to the given path as the secret data. DataJson pulumi.StringPtrInput - // Don't attempt to delete the path from Vault if true + // - (Optional) True/false. Set this to true if your + // vault authentication is not able to delete the data or if the endpoint + // does not support the `DELETE` method. Defaults to false. DisableDelete pulumi.BoolPtrInput // True/false. Set this to true if your vault // authentication is not able to read the data or if the endpoint does @@ -205,7 +248,13 @@ type EndpointState struct { // detection. You should set this to `true` for endpoints that are // write-only. Defaults to false. DisableRead pulumi.BoolPtrInput - // When reading, disregard fields not present in data_json + // - (Optional) True/false. If set to true, + // ignore any fields present when the endpoint is read but that were not + // in `dataJson`. Also, if a field that was written is not returned when + // the endpoint is read, treat that field as being up to date. You should + // set this to `true` when writing to endpoint that, when read, returns a + // different set of fields from the ones you wrote, as is common with + // many configuration endpoints. Defaults to false. IgnoreAbsentFields pulumi.BoolPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. @@ -217,11 +266,22 @@ type EndpointState struct { // support the `PUT` methods and to determine whether they also support // `DELETE` and `GET`. Path pulumi.StringPtrInput - // Map of strings returned by write operation + // - A map whose keys are the top-level data keys + // returned from Vault by the write operation and whose values are the + // corresponding values. This map can only represent string data, so + // any non-string values returned from Vault are serialized as JSON. + // Only fields set in `writeFields` are present in the JSON data. WriteData pulumi.StringMapInput - // JSON data returned by write operation + // - The JSON data returned by the write operation. + // Only fields set in `writeFields` are present in the JSON data. WriteDataJson pulumi.StringPtrInput - // Top-level fields returned by write to persist in state + // - (Optional). A list of fields that should be returned + // in `writeDataJson` and `writeData`. If omitted, data returned by + // the write operation is not available to the resource or included in + // state. This helps to avoid accidental storage of sensitive values in + // state. Some endpoints, such as many dynamic secrets endpoints, return + // data from writing to an endpoint rather than reading it. You should + // use `writeFields` if you need information returned in this way. WriteFields pulumi.StringArrayInput } @@ -233,7 +293,9 @@ type endpointArgs struct { // String containing a JSON-encoded object that will be // written to the given path as the secret data. DataJson string `pulumi:"dataJson"` - // Don't attempt to delete the path from Vault if true + // - (Optional) True/false. Set this to true if your + // vault authentication is not able to delete the data or if the endpoint + // does not support the `DELETE` method. Defaults to false. DisableDelete *bool `pulumi:"disableDelete"` // True/false. Set this to true if your vault // authentication is not able to read the data or if the endpoint does @@ -241,7 +303,13 @@ type endpointArgs struct { // detection. You should set this to `true` for endpoints that are // write-only. Defaults to false. DisableRead *bool `pulumi:"disableRead"` - // When reading, disregard fields not present in data_json + // - (Optional) True/false. If set to true, + // ignore any fields present when the endpoint is read but that were not + // in `dataJson`. Also, if a field that was written is not returned when + // the endpoint is read, treat that field as being up to date. You should + // set this to `true` when writing to endpoint that, when read, returns a + // different set of fields from the ones you wrote, as is common with + // many configuration endpoints. Defaults to false. IgnoreAbsentFields *bool `pulumi:"ignoreAbsentFields"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. @@ -253,7 +321,13 @@ type endpointArgs struct { // support the `PUT` methods and to determine whether they also support // `DELETE` and `GET`. Path string `pulumi:"path"` - // Top-level fields returned by write to persist in state + // - (Optional). A list of fields that should be returned + // in `writeDataJson` and `writeData`. If omitted, data returned by + // the write operation is not available to the resource or included in + // state. This helps to avoid accidental storage of sensitive values in + // state. Some endpoints, such as many dynamic secrets endpoints, return + // data from writing to an endpoint rather than reading it. You should + // use `writeFields` if you need information returned in this way. WriteFields []string `pulumi:"writeFields"` } @@ -262,7 +336,9 @@ type EndpointArgs struct { // String containing a JSON-encoded object that will be // written to the given path as the secret data. DataJson pulumi.StringInput - // Don't attempt to delete the path from Vault if true + // - (Optional) True/false. Set this to true if your + // vault authentication is not able to delete the data or if the endpoint + // does not support the `DELETE` method. Defaults to false. DisableDelete pulumi.BoolPtrInput // True/false. Set this to true if your vault // authentication is not able to read the data or if the endpoint does @@ -270,7 +346,13 @@ type EndpointArgs struct { // detection. You should set this to `true` for endpoints that are // write-only. Defaults to false. DisableRead pulumi.BoolPtrInput - // When reading, disregard fields not present in data_json + // - (Optional) True/false. If set to true, + // ignore any fields present when the endpoint is read but that were not + // in `dataJson`. Also, if a field that was written is not returned when + // the endpoint is read, treat that field as being up to date. You should + // set this to `true` when writing to endpoint that, when read, returns a + // different set of fields from the ones you wrote, as is common with + // many configuration endpoints. Defaults to false. IgnoreAbsentFields pulumi.BoolPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. @@ -282,7 +364,13 @@ type EndpointArgs struct { // support the `PUT` methods and to determine whether they also support // `DELETE` and `GET`. Path pulumi.StringInput - // Top-level fields returned by write to persist in state + // - (Optional). A list of fields that should be returned + // in `writeDataJson` and `writeData`. If omitted, data returned by + // the write operation is not available to the resource or included in + // state. This helps to avoid accidental storage of sensitive values in + // state. Some endpoints, such as many dynamic secrets endpoints, return + // data from writing to an endpoint rather than reading it. You should + // use `writeFields` if you need information returned in this way. WriteFields pulumi.StringArrayInput } @@ -309,6 +397,12 @@ func (i *Endpoint) ToEndpointOutputWithContext(ctx context.Context) EndpointOutp return pulumi.ToOutputWithContext(ctx, i).(EndpointOutput) } +func (i *Endpoint) ToOutput(ctx context.Context) pulumix.Output[*Endpoint] { + return pulumix.Output[*Endpoint]{ + OutputState: i.ToEndpointOutputWithContext(ctx).OutputState, + } +} + // EndpointArrayInput is an input type that accepts EndpointArray and EndpointArrayOutput values. // You can construct a concrete instance of `EndpointArrayInput` via: // @@ -334,6 +428,12 @@ func (i EndpointArray) ToEndpointArrayOutputWithContext(ctx context.Context) End return pulumi.ToOutputWithContext(ctx, i).(EndpointArrayOutput) } +func (i EndpointArray) ToOutput(ctx context.Context) pulumix.Output[[]*Endpoint] { + return pulumix.Output[[]*Endpoint]{ + OutputState: i.ToEndpointArrayOutputWithContext(ctx).OutputState, + } +} + // EndpointMapInput is an input type that accepts EndpointMap and EndpointMapOutput values. // You can construct a concrete instance of `EndpointMapInput` via: // @@ -359,6 +459,12 @@ func (i EndpointMap) ToEndpointMapOutputWithContext(ctx context.Context) Endpoin return pulumi.ToOutputWithContext(ctx, i).(EndpointMapOutput) } +func (i EndpointMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*Endpoint] { + return pulumix.Output[map[string]*Endpoint]{ + OutputState: i.ToEndpointMapOutputWithContext(ctx).OutputState, + } +} + type EndpointOutput struct{ *pulumi.OutputState } func (EndpointOutput) ElementType() reflect.Type { @@ -373,13 +479,21 @@ func (o EndpointOutput) ToEndpointOutputWithContext(ctx context.Context) Endpoin return o } +func (o EndpointOutput) ToOutput(ctx context.Context) pulumix.Output[*Endpoint] { + return pulumix.Output[*Endpoint]{ + OutputState: o.OutputState, + } +} + // String containing a JSON-encoded object that will be // written to the given path as the secret data. func (o EndpointOutput) DataJson() pulumi.StringOutput { return o.ApplyT(func(v *Endpoint) pulumi.StringOutput { return v.DataJson }).(pulumi.StringOutput) } -// Don't attempt to delete the path from Vault if true +// - (Optional) True/false. Set this to true if your +// vault authentication is not able to delete the data or if the endpoint +// does not support the `DELETE` method. Defaults to false. func (o EndpointOutput) DisableDelete() pulumi.BoolPtrOutput { return o.ApplyT(func(v *Endpoint) pulumi.BoolPtrOutput { return v.DisableDelete }).(pulumi.BoolPtrOutput) } @@ -393,7 +507,13 @@ func (o EndpointOutput) DisableRead() pulumi.BoolPtrOutput { return o.ApplyT(func(v *Endpoint) pulumi.BoolPtrOutput { return v.DisableRead }).(pulumi.BoolPtrOutput) } -// When reading, disregard fields not present in data_json +// - (Optional) True/false. If set to true, +// ignore any fields present when the endpoint is read but that were not +// in `dataJson`. Also, if a field that was written is not returned when +// the endpoint is read, treat that field as being up to date. You should +// set this to `true` when writing to endpoint that, when read, returns a +// different set of fields from the ones you wrote, as is common with +// many configuration endpoints. Defaults to false. func (o EndpointOutput) IgnoreAbsentFields() pulumi.BoolPtrOutput { return o.ApplyT(func(v *Endpoint) pulumi.BoolPtrOutput { return v.IgnoreAbsentFields }).(pulumi.BoolPtrOutput) } @@ -414,17 +534,28 @@ func (o EndpointOutput) Path() pulumi.StringOutput { return o.ApplyT(func(v *Endpoint) pulumi.StringOutput { return v.Path }).(pulumi.StringOutput) } -// Map of strings returned by write operation +// - A map whose keys are the top-level data keys +// returned from Vault by the write operation and whose values are the +// corresponding values. This map can only represent string data, so +// any non-string values returned from Vault are serialized as JSON. +// Only fields set in `writeFields` are present in the JSON data. func (o EndpointOutput) WriteData() pulumi.StringMapOutput { return o.ApplyT(func(v *Endpoint) pulumi.StringMapOutput { return v.WriteData }).(pulumi.StringMapOutput) } -// JSON data returned by write operation +// - The JSON data returned by the write operation. +// Only fields set in `writeFields` are present in the JSON data. func (o EndpointOutput) WriteDataJson() pulumi.StringOutput { return o.ApplyT(func(v *Endpoint) pulumi.StringOutput { return v.WriteDataJson }).(pulumi.StringOutput) } -// Top-level fields returned by write to persist in state +// - (Optional). A list of fields that should be returned +// in `writeDataJson` and `writeData`. If omitted, data returned by +// the write operation is not available to the resource or included in +// state. This helps to avoid accidental storage of sensitive values in +// state. Some endpoints, such as many dynamic secrets endpoints, return +// data from writing to an endpoint rather than reading it. You should +// use `writeFields` if you need information returned in this way. func (o EndpointOutput) WriteFields() pulumi.StringArrayOutput { return o.ApplyT(func(v *Endpoint) pulumi.StringArrayOutput { return v.WriteFields }).(pulumi.StringArrayOutput) } @@ -443,6 +574,12 @@ func (o EndpointArrayOutput) ToEndpointArrayOutputWithContext(ctx context.Contex return o } +func (o EndpointArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*Endpoint] { + return pulumix.Output[[]*Endpoint]{ + OutputState: o.OutputState, + } +} + func (o EndpointArrayOutput) Index(i pulumi.IntInput) EndpointOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *Endpoint { return vs[0].([]*Endpoint)[vs[1].(int)] @@ -463,6 +600,12 @@ func (o EndpointMapOutput) ToEndpointMapOutputWithContext(ctx context.Context) E return o } +func (o EndpointMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*Endpoint] { + return pulumix.Output[map[string]*Endpoint]{ + OutputState: o.OutputState, + } +} + func (o EndpointMapOutput) MapIndex(k pulumi.StringInput) EndpointOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *Endpoint { return vs[0].(map[string]*Endpoint)[vs[1].(string)] diff --git a/sdk/go/vault/generic/getSecret.go b/sdk/go/vault/generic/getSecret.go index b8ac42084..4abf2ea5d 100644 --- a/sdk/go/vault/generic/getSecret.go +++ b/sdk/go/vault/generic/getSecret.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -40,6 +42,7 @@ import ( // // Use of this resource requires the `read` capability on the given path. func LookupSecret(ctx *pulumi.Context, args *LookupSecretArgs, opts ...pulumi.InvokeOption) (*LookupSecretResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) var rv LookupSecretResult err := ctx.Invoke("vault:generic/getSecret:getSecret", args, &rv, opts...) if err != nil { @@ -64,7 +67,10 @@ type LookupSecretArgs struct { // The version of the secret to read. This is used by the // Vault KV secrets engine - version 2 to indicate which version of the secret // to read. - Version *int `pulumi:"version"` + Version *int `pulumi:"version"` + // If set to true, stores `leaseStartTime` in the TF state. + // Note that storing the `leaseStartTime` in the TF state will cause a persistent drift + // on every `pulumi preview` and will require a `pulumi up`. WithLeaseStartTime *bool `pulumi:"withLeaseStartTime"` } @@ -123,7 +129,10 @@ type LookupSecretOutputArgs struct { // The version of the secret to read. This is used by the // Vault KV secrets engine - version 2 to indicate which version of the secret // to read. - Version pulumi.IntPtrInput `pulumi:"version"` + Version pulumi.IntPtrInput `pulumi:"version"` + // If set to true, stores `leaseStartTime` in the TF state. + // Note that storing the `leaseStartTime` in the TF state will cause a persistent drift + // on every `pulumi preview` and will require a `pulumi up`. WithLeaseStartTime pulumi.BoolPtrInput `pulumi:"withLeaseStartTime"` } @@ -146,6 +155,12 @@ func (o LookupSecretResultOutput) ToLookupSecretResultOutputWithContext(ctx cont return o } +func (o LookupSecretResultOutput) ToOutput(ctx context.Context) pulumix.Output[LookupSecretResult] { + return pulumix.Output[LookupSecretResult]{ + OutputState: o.OutputState, + } +} + // A mapping whose keys are the top-level data keys returned from // Vault and whose values are the corresponding values. This map can only // represent string data, so any non-string values returned from Vault are diff --git a/sdk/go/vault/generic/init.go b/sdk/go/vault/generic/init.go index 974c347a7..b9f28d1e4 100644 --- a/sdk/go/vault/generic/init.go +++ b/sdk/go/vault/generic/init.go @@ -7,7 +7,7 @@ import ( "fmt" "github.com/blang/semver" - "github.com/pulumi/pulumi-vault/sdk/v5/go/vault" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) @@ -34,7 +34,7 @@ func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi } func init() { - version, err := vault.PkgVersion() + version, err := internal.PkgVersion() if err != nil { version = semver.Version{Major: 1} } diff --git a/sdk/go/vault/generic/secret.go b/sdk/go/vault/generic/secret.go index b685dcdf8..1e5300589 100644 --- a/sdk/go/vault/generic/secret.go +++ b/sdk/go/vault/generic/secret.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Import @@ -67,13 +69,14 @@ func NewSecret(ctx *pulumi.Context, return nil, errors.New("invalid value for required argument 'Path'") } if args.DataJson != nil { - args.DataJson = pulumi.ToSecret(args.DataJson).(pulumi.StringOutput) + args.DataJson = pulumi.ToSecret(args.DataJson).(pulumi.StringInput) } secrets := pulumi.AdditionalSecretOutputs([]string{ "data", "dataJson", }) opts = append(opts, secrets) + opts = internal.PkgResourceDefaultOpts(opts) var resource Secret err := ctx.RegisterResource("vault:generic/secret:Secret", name, args, &resource, opts...) if err != nil { @@ -237,6 +240,12 @@ func (i *Secret) ToSecretOutputWithContext(ctx context.Context) SecretOutput { return pulumi.ToOutputWithContext(ctx, i).(SecretOutput) } +func (i *Secret) ToOutput(ctx context.Context) pulumix.Output[*Secret] { + return pulumix.Output[*Secret]{ + OutputState: i.ToSecretOutputWithContext(ctx).OutputState, + } +} + // SecretArrayInput is an input type that accepts SecretArray and SecretArrayOutput values. // You can construct a concrete instance of `SecretArrayInput` via: // @@ -262,6 +271,12 @@ func (i SecretArray) ToSecretArrayOutputWithContext(ctx context.Context) SecretA return pulumi.ToOutputWithContext(ctx, i).(SecretArrayOutput) } +func (i SecretArray) ToOutput(ctx context.Context) pulumix.Output[[]*Secret] { + return pulumix.Output[[]*Secret]{ + OutputState: i.ToSecretArrayOutputWithContext(ctx).OutputState, + } +} + // SecretMapInput is an input type that accepts SecretMap and SecretMapOutput values. // You can construct a concrete instance of `SecretMapInput` via: // @@ -287,6 +302,12 @@ func (i SecretMap) ToSecretMapOutputWithContext(ctx context.Context) SecretMapOu return pulumi.ToOutputWithContext(ctx, i).(SecretMapOutput) } +func (i SecretMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*Secret] { + return pulumix.Output[map[string]*Secret]{ + OutputState: i.ToSecretMapOutputWithContext(ctx).OutputState, + } +} + type SecretOutput struct{ *pulumi.OutputState } func (SecretOutput) ElementType() reflect.Type { @@ -301,6 +322,12 @@ func (o SecretOutput) ToSecretOutputWithContext(ctx context.Context) SecretOutpu return o } +func (o SecretOutput) ToOutput(ctx context.Context) pulumix.Output[*Secret] { + return pulumix.Output[*Secret]{ + OutputState: o.OutputState, + } +} + // A mapping whose keys are the top-level data keys returned from // Vault and whose values are the corresponding values. This map can only // represent string data, so any non-string values returned from Vault are @@ -361,6 +388,12 @@ func (o SecretArrayOutput) ToSecretArrayOutputWithContext(ctx context.Context) S return o } +func (o SecretArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*Secret] { + return pulumix.Output[[]*Secret]{ + OutputState: o.OutputState, + } +} + func (o SecretArrayOutput) Index(i pulumi.IntInput) SecretOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *Secret { return vs[0].([]*Secret)[vs[1].(int)] @@ -381,6 +414,12 @@ func (o SecretMapOutput) ToSecretMapOutputWithContext(ctx context.Context) Secre return o } +func (o SecretMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*Secret] { + return pulumix.Output[map[string]*Secret]{ + OutputState: o.OutputState, + } +} + func (o SecretMapOutput) MapIndex(k pulumi.StringInput) SecretOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *Secret { return vs[0].(map[string]*Secret)[vs[1].(string)] diff --git a/sdk/go/vault/getAuthBackend.go b/sdk/go/vault/getAuthBackend.go index 6645fbecd..4777db4bd 100644 --- a/sdk/go/vault/getAuthBackend.go +++ b/sdk/go/vault/getAuthBackend.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -24,7 +26,7 @@ import ( // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { -// _, err := vault.LookupAuthBackend(ctx, &GetAuthBackendArgs{ +// _, err := vault.LookupAuthBackend(ctx, &vault.LookupAuthBackendArgs{ // Path: "userpass", // }, nil) // if err != nil { @@ -36,6 +38,7 @@ import ( // // ``` func LookupAuthBackend(ctx *pulumi.Context, args *LookupAuthBackendArgs, opts ...pulumi.InvokeOption) (*LookupAuthBackendResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) var rv LookupAuthBackendResult err := ctx.Invoke("vault:index/getAuthBackend:getAuthBackend", args, &rv, opts...) if err != nil { @@ -120,6 +123,12 @@ func (o LookupAuthBackendResultOutput) ToLookupAuthBackendResultOutputWithContex return o } +func (o LookupAuthBackendResultOutput) ToOutput(ctx context.Context) pulumix.Output[LookupAuthBackendResult] { + return pulumix.Output[LookupAuthBackendResult]{ + OutputState: o.OutputState, + } +} + // The accessor for this auth method. func (o LookupAuthBackendResultOutput) Accessor() pulumi.StringOutput { return o.ApplyT(func(v LookupAuthBackendResult) string { return v.Accessor }).(pulumi.StringOutput) diff --git a/sdk/go/vault/getAuthBackends.go b/sdk/go/vault/getAuthBackends.go new file mode 100644 index 000000000..f629fedf9 --- /dev/null +++ b/sdk/go/vault/getAuthBackends.go @@ -0,0 +1,122 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package vault + +import ( + "context" + "reflect" + + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" +) + +func GetAuthBackends(ctx *pulumi.Context, args *GetAuthBackendsArgs, opts ...pulumi.InvokeOption) (*GetAuthBackendsResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) + var rv GetAuthBackendsResult + err := ctx.Invoke("vault:index/getAuthBackends:getAuthBackends", args, &rv, opts...) + if err != nil { + return nil, err + } + return &rv, nil +} + +// A collection of arguments for invoking getAuthBackends. +type GetAuthBackendsArgs struct { + // The namespace of the target resource. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace *string `pulumi:"namespace"` + // The name of the auth method type. Allows filtering of backends returned by type. + Type *string `pulumi:"type"` +} + +// A collection of values returned by getAuthBackends. +type GetAuthBackendsResult struct { + // The accessor IDs for the auth methods. + Accessors []string `pulumi:"accessors"` + // The provider-assigned unique ID for this managed resource. + Id string `pulumi:"id"` + Namespace *string `pulumi:"namespace"` + // List of auth backend mount points. + Paths []string `pulumi:"paths"` + Type *string `pulumi:"type"` +} + +func GetAuthBackendsOutput(ctx *pulumi.Context, args GetAuthBackendsOutputArgs, opts ...pulumi.InvokeOption) GetAuthBackendsResultOutput { + return pulumi.ToOutputWithContext(context.Background(), args). + ApplyT(func(v interface{}) (GetAuthBackendsResult, error) { + args := v.(GetAuthBackendsArgs) + r, err := GetAuthBackends(ctx, &args, opts...) + var s GetAuthBackendsResult + if r != nil { + s = *r + } + return s, err + }).(GetAuthBackendsResultOutput) +} + +// A collection of arguments for invoking getAuthBackends. +type GetAuthBackendsOutputArgs struct { + // The namespace of the target resource. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace pulumi.StringPtrInput `pulumi:"namespace"` + // The name of the auth method type. Allows filtering of backends returned by type. + Type pulumi.StringPtrInput `pulumi:"type"` +} + +func (GetAuthBackendsOutputArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetAuthBackendsArgs)(nil)).Elem() +} + +// A collection of values returned by getAuthBackends. +type GetAuthBackendsResultOutput struct{ *pulumi.OutputState } + +func (GetAuthBackendsResultOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetAuthBackendsResult)(nil)).Elem() +} + +func (o GetAuthBackendsResultOutput) ToGetAuthBackendsResultOutput() GetAuthBackendsResultOutput { + return o +} + +func (o GetAuthBackendsResultOutput) ToGetAuthBackendsResultOutputWithContext(ctx context.Context) GetAuthBackendsResultOutput { + return o +} + +func (o GetAuthBackendsResultOutput) ToOutput(ctx context.Context) pulumix.Output[GetAuthBackendsResult] { + return pulumix.Output[GetAuthBackendsResult]{ + OutputState: o.OutputState, + } +} + +// The accessor IDs for the auth methods. +func (o GetAuthBackendsResultOutput) Accessors() pulumi.StringArrayOutput { + return o.ApplyT(func(v GetAuthBackendsResult) []string { return v.Accessors }).(pulumi.StringArrayOutput) +} + +// The provider-assigned unique ID for this managed resource. +func (o GetAuthBackendsResultOutput) Id() pulumi.StringOutput { + return o.ApplyT(func(v GetAuthBackendsResult) string { return v.Id }).(pulumi.StringOutput) +} + +func (o GetAuthBackendsResultOutput) Namespace() pulumi.StringPtrOutput { + return o.ApplyT(func(v GetAuthBackendsResult) *string { return v.Namespace }).(pulumi.StringPtrOutput) +} + +// List of auth backend mount points. +func (o GetAuthBackendsResultOutput) Paths() pulumi.StringArrayOutput { + return o.ApplyT(func(v GetAuthBackendsResult) []string { return v.Paths }).(pulumi.StringArrayOutput) +} + +func (o GetAuthBackendsResultOutput) Type() pulumi.StringPtrOutput { + return o.ApplyT(func(v GetAuthBackendsResult) *string { return v.Type }).(pulumi.StringPtrOutput) +} + +func init() { + pulumi.RegisterOutputType(GetAuthBackendsResultOutput{}) +} diff --git a/sdk/go/vault/getNomadAccessToken.go b/sdk/go/vault/getNomadAccessToken.go index d781abbdf..cd0789f91 100644 --- a/sdk/go/vault/getNomadAccessToken.go +++ b/sdk/go/vault/getNomadAccessToken.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -46,12 +48,21 @@ import ( // if err != nil { // return err // } +// _ = pulumi.All(config.Backend, test.Role).ApplyT(func(_args []interface{}) (vault.GetNomadAccessTokenResult, error) { +// backend := _args[0].(*string) +// role := _args[1].(string) +// return vault.GetNomadAccessTokenOutput(ctx, vault.GetNomadAccessTokenOutputArgs{ +// Backend: backend, +// Role: role, +// }, nil), nil +// }).(vault.GetNomadAccessTokenResultOutput) // return nil // }) // } // // ``` func GetNomadAccessToken(ctx *pulumi.Context, args *GetNomadAccessTokenArgs, opts ...pulumi.InvokeOption) (*GetNomadAccessTokenResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) var rv GetNomadAccessTokenResult err := ctx.Invoke("vault:index/getNomadAccessToken:getNomadAccessToken", args, &rv, opts...) if err != nil { @@ -136,6 +147,12 @@ func (o GetNomadAccessTokenResultOutput) ToGetNomadAccessTokenResultOutputWithCo return o } +func (o GetNomadAccessTokenResultOutput) ToOutput(ctx context.Context) pulumix.Output[GetNomadAccessTokenResult] { + return pulumix.Output[GetNomadAccessTokenResult]{ + OutputState: o.OutputState, + } +} + // The public identifier for a specific token. It can be used // to look up information about a token or to revoke a token. func (o GetNomadAccessTokenResultOutput) AccessorId() pulumi.StringOutput { diff --git a/sdk/go/vault/getPolicyDocument.go b/sdk/go/vault/getPolicyDocument.go index ff254f2d4..2f7de1fdc 100644 --- a/sdk/go/vault/getPolicyDocument.go +++ b/sdk/go/vault/getPolicyDocument.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // This is a data source which can be used to construct a HCL representation of an Vault policy document, for use with resources which expect policy documents, such as the `Policy` resource. @@ -26,9 +28,9 @@ import ( // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { -// examplePolicyDocument, err := vault.GetPolicyDocument(ctx, &GetPolicyDocumentArgs{ -// Rules: []GetPolicyDocumentRule{ -// GetPolicyDocumentRule{ +// examplePolicyDocument, err := vault.GetPolicyDocument(ctx, &vault.GetPolicyDocumentArgs{ +// Rules: []vault.GetPolicyDocumentRule{ +// { // Path: "secret/*", // Capabilities: []string{ // "create", @@ -45,7 +47,7 @@ import ( // return err // } // _, err = vault.NewPolicy(ctx, "examplePolicy", &vault.PolicyArgs{ -// Policy: pulumi.String(examplePolicyDocument.Hcl), +// Policy: *pulumi.String(examplePolicyDocument.Hcl), // }) // if err != nil { // return err @@ -56,6 +58,7 @@ import ( // // ``` func GetPolicyDocument(ctx *pulumi.Context, args *GetPolicyDocumentArgs, opts ...pulumi.InvokeOption) (*GetPolicyDocumentResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) var rv GetPolicyDocumentResult err := ctx.Invoke("vault:index/getPolicyDocument:getPolicyDocument", args, &rv, opts...) if err != nil { @@ -118,6 +121,12 @@ func (o GetPolicyDocumentResultOutput) ToGetPolicyDocumentResultOutputWithContex return o } +func (o GetPolicyDocumentResultOutput) ToOutput(ctx context.Context) pulumix.Output[GetPolicyDocumentResult] { + return pulumix.Output[GetPolicyDocumentResult]{ + OutputState: o.OutputState, + } +} + // The above arguments serialized as a standard Vault HCL policy document. func (o GetPolicyDocumentResultOutput) Hcl() pulumi.StringOutput { return o.ApplyT(func(v GetPolicyDocumentResult) string { return v.Hcl }).(pulumi.StringOutput) diff --git a/sdk/go/vault/getRaftAutopilotState.go b/sdk/go/vault/getRaftAutopilotState.go new file mode 100644 index 000000000..5f33815ba --- /dev/null +++ b/sdk/go/vault/getRaftAutopilotState.go @@ -0,0 +1,206 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package vault + +import ( + "context" + "reflect" + + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" +) + +// Displays the state of the raft cluster under integrated storage as seen by +// autopilot. It shows whether autopilot thinks the cluster is healthy or not, and +// how many nodes could fail before the cluster becomes unhealthy ("Failure +// Tolerance"). For more information, please refer to the +// [Vault documentation](https://developer.hashicorp.com/vault/api-docs/system/storage/raftautopilot#get-cluster-state). +// +// ## Example Usage +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-vault/sdk/v5/go/vault" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// main, err := vault.GetRaftAutopilotState(ctx, nil, nil) +// if err != nil { +// return err +// } +// ctx.Export("failure-tolerance", main.FailureTolerance) +// return nil +// }) +// } +// +// ``` +func GetRaftAutopilotState(ctx *pulumi.Context, args *GetRaftAutopilotStateArgs, opts ...pulumi.InvokeOption) (*GetRaftAutopilotStateResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) + var rv GetRaftAutopilotStateResult + err := ctx.Invoke("vault:index/getRaftAutopilotState:getRaftAutopilotState", args, &rv, opts...) + if err != nil { + return nil, err + } + return &rv, nil +} + +// A collection of arguments for invoking getRaftAutopilotState. +type GetRaftAutopilotStateArgs struct { + // The namespace of the target resource. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace *string `pulumi:"namespace"` +} + +// A collection of values returned by getRaftAutopilotState. +type GetRaftAutopilotStateResult struct { + // How many nodes could fail before the cluster becomes unhealthy. + FailureTolerance int `pulumi:"failureTolerance"` + // Cluster health status. + Healthy bool `pulumi:"healthy"` + // The provider-assigned unique ID for this managed resource. + Id string `pulumi:"id"` + // The current leader of Vault. + Leader string `pulumi:"leader"` + Namespace *string `pulumi:"namespace"` + // The cluster-level optimistic failure tolerance. + OptimisticFailureTolerance int `pulumi:"optimisticFailureTolerance"` + // Additional output related to redundancy zones stored as a serialized map of strings. + RedundancyZones map[string]interface{} `pulumi:"redundancyZones"` + // Additional output related to redundancy zones. + RedundancyZonesJson string `pulumi:"redundancyZonesJson"` + // Additionaly output related to servers in the cluster stored as a serialized map of strings. + Servers map[string]interface{} `pulumi:"servers"` + // Additionaly output related to servers in the cluster. + ServersJson string `pulumi:"serversJson"` + // Additional output related to upgrade information stored as a serialized map of strings. + UpgradeInfo map[string]interface{} `pulumi:"upgradeInfo"` + // Additional output related to upgrade information. + UpgradeInfoJson string `pulumi:"upgradeInfoJson"` + // The voters in the Vault cluster. + Voters []string `pulumi:"voters"` +} + +func GetRaftAutopilotStateOutput(ctx *pulumi.Context, args GetRaftAutopilotStateOutputArgs, opts ...pulumi.InvokeOption) GetRaftAutopilotStateResultOutput { + return pulumi.ToOutputWithContext(context.Background(), args). + ApplyT(func(v interface{}) (GetRaftAutopilotStateResult, error) { + args := v.(GetRaftAutopilotStateArgs) + r, err := GetRaftAutopilotState(ctx, &args, opts...) + var s GetRaftAutopilotStateResult + if r != nil { + s = *r + } + return s, err + }).(GetRaftAutopilotStateResultOutput) +} + +// A collection of arguments for invoking getRaftAutopilotState. +type GetRaftAutopilotStateOutputArgs struct { + // The namespace of the target resource. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace pulumi.StringPtrInput `pulumi:"namespace"` +} + +func (GetRaftAutopilotStateOutputArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetRaftAutopilotStateArgs)(nil)).Elem() +} + +// A collection of values returned by getRaftAutopilotState. +type GetRaftAutopilotStateResultOutput struct{ *pulumi.OutputState } + +func (GetRaftAutopilotStateResultOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetRaftAutopilotStateResult)(nil)).Elem() +} + +func (o GetRaftAutopilotStateResultOutput) ToGetRaftAutopilotStateResultOutput() GetRaftAutopilotStateResultOutput { + return o +} + +func (o GetRaftAutopilotStateResultOutput) ToGetRaftAutopilotStateResultOutputWithContext(ctx context.Context) GetRaftAutopilotStateResultOutput { + return o +} + +func (o GetRaftAutopilotStateResultOutput) ToOutput(ctx context.Context) pulumix.Output[GetRaftAutopilotStateResult] { + return pulumix.Output[GetRaftAutopilotStateResult]{ + OutputState: o.OutputState, + } +} + +// How many nodes could fail before the cluster becomes unhealthy. +func (o GetRaftAutopilotStateResultOutput) FailureTolerance() pulumi.IntOutput { + return o.ApplyT(func(v GetRaftAutopilotStateResult) int { return v.FailureTolerance }).(pulumi.IntOutput) +} + +// Cluster health status. +func (o GetRaftAutopilotStateResultOutput) Healthy() pulumi.BoolOutput { + return o.ApplyT(func(v GetRaftAutopilotStateResult) bool { return v.Healthy }).(pulumi.BoolOutput) +} + +// The provider-assigned unique ID for this managed resource. +func (o GetRaftAutopilotStateResultOutput) Id() pulumi.StringOutput { + return o.ApplyT(func(v GetRaftAutopilotStateResult) string { return v.Id }).(pulumi.StringOutput) +} + +// The current leader of Vault. +func (o GetRaftAutopilotStateResultOutput) Leader() pulumi.StringOutput { + return o.ApplyT(func(v GetRaftAutopilotStateResult) string { return v.Leader }).(pulumi.StringOutput) +} + +func (o GetRaftAutopilotStateResultOutput) Namespace() pulumi.StringPtrOutput { + return o.ApplyT(func(v GetRaftAutopilotStateResult) *string { return v.Namespace }).(pulumi.StringPtrOutput) +} + +// The cluster-level optimistic failure tolerance. +func (o GetRaftAutopilotStateResultOutput) OptimisticFailureTolerance() pulumi.IntOutput { + return o.ApplyT(func(v GetRaftAutopilotStateResult) int { return v.OptimisticFailureTolerance }).(pulumi.IntOutput) +} + +// Additional output related to redundancy zones stored as a serialized map of strings. +func (o GetRaftAutopilotStateResultOutput) RedundancyZones() pulumi.MapOutput { + return o.ApplyT(func(v GetRaftAutopilotStateResult) map[string]interface{} { return v.RedundancyZones }).(pulumi.MapOutput) +} + +// Additional output related to redundancy zones. +func (o GetRaftAutopilotStateResultOutput) RedundancyZonesJson() pulumi.StringOutput { + return o.ApplyT(func(v GetRaftAutopilotStateResult) string { return v.RedundancyZonesJson }).(pulumi.StringOutput) +} + +// Additionaly output related to servers in the cluster stored as a serialized map of strings. +func (o GetRaftAutopilotStateResultOutput) Servers() pulumi.MapOutput { + return o.ApplyT(func(v GetRaftAutopilotStateResult) map[string]interface{} { return v.Servers }).(pulumi.MapOutput) +} + +// Additionaly output related to servers in the cluster. +func (o GetRaftAutopilotStateResultOutput) ServersJson() pulumi.StringOutput { + return o.ApplyT(func(v GetRaftAutopilotStateResult) string { return v.ServersJson }).(pulumi.StringOutput) +} + +// Additional output related to upgrade information stored as a serialized map of strings. +func (o GetRaftAutopilotStateResultOutput) UpgradeInfo() pulumi.MapOutput { + return o.ApplyT(func(v GetRaftAutopilotStateResult) map[string]interface{} { return v.UpgradeInfo }).(pulumi.MapOutput) +} + +// Additional output related to upgrade information. +func (o GetRaftAutopilotStateResultOutput) UpgradeInfoJson() pulumi.StringOutput { + return o.ApplyT(func(v GetRaftAutopilotStateResult) string { return v.UpgradeInfoJson }).(pulumi.StringOutput) +} + +// The voters in the Vault cluster. +func (o GetRaftAutopilotStateResultOutput) Voters() pulumi.StringArrayOutput { + return o.ApplyT(func(v GetRaftAutopilotStateResult) []string { return v.Voters }).(pulumi.StringArrayOutput) +} + +func init() { + pulumi.RegisterOutputType(GetRaftAutopilotStateResultOutput{}) +} diff --git a/sdk/go/vault/github/authBackend.go b/sdk/go/vault/github/authBackend.go index 8c4fa0171..4b38f4b01 100644 --- a/sdk/go/vault/github/authBackend.go +++ b/sdk/go/vault/github/authBackend.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Manages a GitHub Auth mount in a Vault server. See the [Vault @@ -110,6 +112,8 @@ type AuthBackend struct { // the mount. Valid values are "default-service", "default-batch", "service", "batch". TokenType pulumi.StringPtrOutput `pulumi:"tokenType"` // Extra configuration block. Structure is documented below. + // + // The `tune` block is used to tune the auth backend: Tune AuthBackendTuneOutput `pulumi:"tune"` } @@ -123,6 +127,7 @@ func NewAuthBackend(ctx *pulumi.Context, if args.Organization == nil { return nil, errors.New("invalid value for required argument 'Organization'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource AuthBackend err := ctx.RegisterResource("vault:github/authBackend:AuthBackend", name, args, &resource, opts...) if err != nil { @@ -202,6 +207,8 @@ type authBackendState struct { // the mount. Valid values are "default-service", "default-batch", "service", "batch". TokenType *string `pulumi:"tokenType"` // Extra configuration block. Structure is documented below. + // + // The `tune` block is used to tune the auth backend: Tune *AuthBackendTune `pulumi:"tune"` } @@ -263,6 +270,8 @@ type AuthBackendState struct { // the mount. Valid values are "default-service", "default-batch", "service", "batch". TokenType pulumi.StringPtrInput // Extra configuration block. Structure is documented below. + // + // The `tune` block is used to tune the auth backend: Tune AuthBackendTunePtrInput } @@ -326,6 +335,8 @@ type authBackendArgs struct { // the mount. Valid values are "default-service", "default-batch", "service", "batch". TokenType *string `pulumi:"tokenType"` // Extra configuration block. Structure is documented below. + // + // The `tune` block is used to tune the auth backend: Tune *AuthBackendTune `pulumi:"tune"` } @@ -386,6 +397,8 @@ type AuthBackendArgs struct { // the mount. Valid values are "default-service", "default-batch", "service", "batch". TokenType pulumi.StringPtrInput // Extra configuration block. Structure is documented below. + // + // The `tune` block is used to tune the auth backend: Tune AuthBackendTunePtrInput } @@ -412,6 +425,12 @@ func (i *AuthBackend) ToAuthBackendOutputWithContext(ctx context.Context) AuthBa return pulumi.ToOutputWithContext(ctx, i).(AuthBackendOutput) } +func (i *AuthBackend) ToOutput(ctx context.Context) pulumix.Output[*AuthBackend] { + return pulumix.Output[*AuthBackend]{ + OutputState: i.ToAuthBackendOutputWithContext(ctx).OutputState, + } +} + // AuthBackendArrayInput is an input type that accepts AuthBackendArray and AuthBackendArrayOutput values. // You can construct a concrete instance of `AuthBackendArrayInput` via: // @@ -437,6 +456,12 @@ func (i AuthBackendArray) ToAuthBackendArrayOutputWithContext(ctx context.Contex return pulumi.ToOutputWithContext(ctx, i).(AuthBackendArrayOutput) } +func (i AuthBackendArray) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackend] { + return pulumix.Output[[]*AuthBackend]{ + OutputState: i.ToAuthBackendArrayOutputWithContext(ctx).OutputState, + } +} + // AuthBackendMapInput is an input type that accepts AuthBackendMap and AuthBackendMapOutput values. // You can construct a concrete instance of `AuthBackendMapInput` via: // @@ -462,6 +487,12 @@ func (i AuthBackendMap) ToAuthBackendMapOutputWithContext(ctx context.Context) A return pulumi.ToOutputWithContext(ctx, i).(AuthBackendMapOutput) } +func (i AuthBackendMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackend] { + return pulumix.Output[map[string]*AuthBackend]{ + OutputState: i.ToAuthBackendMapOutputWithContext(ctx).OutputState, + } +} + type AuthBackendOutput struct{ *pulumi.OutputState } func (AuthBackendOutput) ElementType() reflect.Type { @@ -476,6 +507,12 @@ func (o AuthBackendOutput) ToAuthBackendOutputWithContext(ctx context.Context) A return o } +func (o AuthBackendOutput) ToOutput(ctx context.Context) pulumix.Output[*AuthBackend] { + return pulumix.Output[*AuthBackend]{ + OutputState: o.OutputState, + } +} + // The mount accessor related to the auth mount. It is useful for integration with [Identity Secrets Engine](https://www.vaultproject.io/docs/secrets/identity/index.html). func (o AuthBackendOutput) Accessor() pulumi.StringOutput { return o.ApplyT(func(v *AuthBackend) pulumi.StringOutput { return v.Accessor }).(pulumi.StringOutput) @@ -584,6 +621,8 @@ func (o AuthBackendOutput) TokenType() pulumi.StringPtrOutput { } // Extra configuration block. Structure is documented below. +// +// The `tune` block is used to tune the auth backend: func (o AuthBackendOutput) Tune() AuthBackendTuneOutput { return o.ApplyT(func(v *AuthBackend) AuthBackendTuneOutput { return v.Tune }).(AuthBackendTuneOutput) } @@ -602,6 +641,12 @@ func (o AuthBackendArrayOutput) ToAuthBackendArrayOutputWithContext(ctx context. return o } +func (o AuthBackendArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackend] { + return pulumix.Output[[]*AuthBackend]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendArrayOutput) Index(i pulumi.IntInput) AuthBackendOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AuthBackend { return vs[0].([]*AuthBackend)[vs[1].(int)] @@ -622,6 +667,12 @@ func (o AuthBackendMapOutput) ToAuthBackendMapOutputWithContext(ctx context.Cont return o } +func (o AuthBackendMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackend] { + return pulumix.Output[map[string]*AuthBackend]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendMapOutput) MapIndex(k pulumi.StringInput) AuthBackendOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AuthBackend { return vs[0].(map[string]*AuthBackend)[vs[1].(string)] diff --git a/sdk/go/vault/github/init.go b/sdk/go/vault/github/init.go index 0a6765e1d..cdfd4626f 100644 --- a/sdk/go/vault/github/init.go +++ b/sdk/go/vault/github/init.go @@ -7,7 +7,7 @@ import ( "fmt" "github.com/blang/semver" - "github.com/pulumi/pulumi-vault/sdk/v5/go/vault" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) @@ -36,7 +36,7 @@ func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi } func init() { - version, err := vault.PkgVersion() + version, err := internal.PkgVersion() if err != nil { version = semver.Version{Major: 1} } diff --git a/sdk/go/vault/github/pulumiTypes.go b/sdk/go/vault/github/pulumiTypes.go index cf29bdcb2..75d552e6c 100644 --- a/sdk/go/vault/github/pulumiTypes.go +++ b/sdk/go/vault/github/pulumiTypes.go @@ -7,9 +7,13 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) +var _ = internal.GetEnvOrDefault + type AuthBackendTune struct { // List of headers to whitelist and allowing // a plugin to include them in the response. @@ -91,6 +95,12 @@ func (i AuthBackendTuneArgs) ToAuthBackendTuneOutputWithContext(ctx context.Cont return pulumi.ToOutputWithContext(ctx, i).(AuthBackendTuneOutput) } +func (i AuthBackendTuneArgs) ToOutput(ctx context.Context) pulumix.Output[AuthBackendTune] { + return pulumix.Output[AuthBackendTune]{ + OutputState: i.ToAuthBackendTuneOutputWithContext(ctx).OutputState, + } +} + func (i AuthBackendTuneArgs) ToAuthBackendTunePtrOutput() AuthBackendTunePtrOutput { return i.ToAuthBackendTunePtrOutputWithContext(context.Background()) } @@ -132,6 +142,12 @@ func (i *authBackendTunePtrType) ToAuthBackendTunePtrOutputWithContext(ctx conte return pulumi.ToOutputWithContext(ctx, i).(AuthBackendTunePtrOutput) } +func (i *authBackendTunePtrType) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendTune] { + return pulumix.Output[*AuthBackendTune]{ + OutputState: i.ToAuthBackendTunePtrOutputWithContext(ctx).OutputState, + } +} + type AuthBackendTuneOutput struct{ *pulumi.OutputState } func (AuthBackendTuneOutput) ElementType() reflect.Type { @@ -156,6 +172,12 @@ func (o AuthBackendTuneOutput) ToAuthBackendTunePtrOutputWithContext(ctx context }).(AuthBackendTunePtrOutput) } +func (o AuthBackendTuneOutput) ToOutput(ctx context.Context) pulumix.Output[AuthBackendTune] { + return pulumix.Output[AuthBackendTune]{ + OutputState: o.OutputState, + } +} + // List of headers to whitelist and allowing // a plugin to include them in the response. func (o AuthBackendTuneOutput) AllowedResponseHeaders() pulumi.StringArrayOutput { @@ -220,6 +242,12 @@ func (o AuthBackendTunePtrOutput) ToAuthBackendTunePtrOutputWithContext(ctx cont return o } +func (o AuthBackendTunePtrOutput) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendTune] { + return pulumix.Output[*AuthBackendTune]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendTunePtrOutput) Elem() AuthBackendTuneOutput { return o.ApplyT(func(v *AuthBackendTune) AuthBackendTune { if v != nil { diff --git a/sdk/go/vault/github/team.go b/sdk/go/vault/github/team.go index 3d04a06c5..fb70ce3cb 100644 --- a/sdk/go/vault/github/team.go +++ b/sdk/go/vault/github/team.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Manages policy mappings for Github Teams authenticated via Github. See the [Vault @@ -89,6 +91,7 @@ func NewTeam(ctx *pulumi.Context, if args.Team == nil { return nil, errors.New("invalid value for required argument 'Team'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource Team err := ctx.RegisterResource("vault:github/team:Team", name, args, &resource, opts...) if err != nil { @@ -202,6 +205,12 @@ func (i *Team) ToTeamOutputWithContext(ctx context.Context) TeamOutput { return pulumi.ToOutputWithContext(ctx, i).(TeamOutput) } +func (i *Team) ToOutput(ctx context.Context) pulumix.Output[*Team] { + return pulumix.Output[*Team]{ + OutputState: i.ToTeamOutputWithContext(ctx).OutputState, + } +} + // TeamArrayInput is an input type that accepts TeamArray and TeamArrayOutput values. // You can construct a concrete instance of `TeamArrayInput` via: // @@ -227,6 +236,12 @@ func (i TeamArray) ToTeamArrayOutputWithContext(ctx context.Context) TeamArrayOu return pulumi.ToOutputWithContext(ctx, i).(TeamArrayOutput) } +func (i TeamArray) ToOutput(ctx context.Context) pulumix.Output[[]*Team] { + return pulumix.Output[[]*Team]{ + OutputState: i.ToTeamArrayOutputWithContext(ctx).OutputState, + } +} + // TeamMapInput is an input type that accepts TeamMap and TeamMapOutput values. // You can construct a concrete instance of `TeamMapInput` via: // @@ -252,6 +267,12 @@ func (i TeamMap) ToTeamMapOutputWithContext(ctx context.Context) TeamMapOutput { return pulumi.ToOutputWithContext(ctx, i).(TeamMapOutput) } +func (i TeamMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*Team] { + return pulumix.Output[map[string]*Team]{ + OutputState: i.ToTeamMapOutputWithContext(ctx).OutputState, + } +} + type TeamOutput struct{ *pulumi.OutputState } func (TeamOutput) ElementType() reflect.Type { @@ -266,6 +287,12 @@ func (o TeamOutput) ToTeamOutputWithContext(ctx context.Context) TeamOutput { return o } +func (o TeamOutput) ToOutput(ctx context.Context) pulumix.Output[*Team] { + return pulumix.Output[*Team]{ + OutputState: o.OutputState, + } +} + // Path where the github auth backend is mounted. Defaults to `github` // if not specified. func (o TeamOutput) Backend() pulumi.StringPtrOutput { @@ -305,6 +332,12 @@ func (o TeamArrayOutput) ToTeamArrayOutputWithContext(ctx context.Context) TeamA return o } +func (o TeamArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*Team] { + return pulumix.Output[[]*Team]{ + OutputState: o.OutputState, + } +} + func (o TeamArrayOutput) Index(i pulumi.IntInput) TeamOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *Team { return vs[0].([]*Team)[vs[1].(int)] @@ -325,6 +358,12 @@ func (o TeamMapOutput) ToTeamMapOutputWithContext(ctx context.Context) TeamMapOu return o } +func (o TeamMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*Team] { + return pulumix.Output[map[string]*Team]{ + OutputState: o.OutputState, + } +} + func (o TeamMapOutput) MapIndex(k pulumi.StringInput) TeamOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *Team { return vs[0].(map[string]*Team)[vs[1].(string)] diff --git a/sdk/go/vault/github/user.go b/sdk/go/vault/github/user.go index d4eec8c99..ce2a7365d 100644 --- a/sdk/go/vault/github/user.go +++ b/sdk/go/vault/github/user.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Manages policy mappings for Github Users authenticated via Github. See the [Vault @@ -89,6 +91,7 @@ func NewUser(ctx *pulumi.Context, if args.User == nil { return nil, errors.New("invalid value for required argument 'User'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource User err := ctx.RegisterResource("vault:github/user:User", name, args, &resource, opts...) if err != nil { @@ -202,6 +205,12 @@ func (i *User) ToUserOutputWithContext(ctx context.Context) UserOutput { return pulumi.ToOutputWithContext(ctx, i).(UserOutput) } +func (i *User) ToOutput(ctx context.Context) pulumix.Output[*User] { + return pulumix.Output[*User]{ + OutputState: i.ToUserOutputWithContext(ctx).OutputState, + } +} + // UserArrayInput is an input type that accepts UserArray and UserArrayOutput values. // You can construct a concrete instance of `UserArrayInput` via: // @@ -227,6 +236,12 @@ func (i UserArray) ToUserArrayOutputWithContext(ctx context.Context) UserArrayOu return pulumi.ToOutputWithContext(ctx, i).(UserArrayOutput) } +func (i UserArray) ToOutput(ctx context.Context) pulumix.Output[[]*User] { + return pulumix.Output[[]*User]{ + OutputState: i.ToUserArrayOutputWithContext(ctx).OutputState, + } +} + // UserMapInput is an input type that accepts UserMap and UserMapOutput values. // You can construct a concrete instance of `UserMapInput` via: // @@ -252,6 +267,12 @@ func (i UserMap) ToUserMapOutputWithContext(ctx context.Context) UserMapOutput { return pulumi.ToOutputWithContext(ctx, i).(UserMapOutput) } +func (i UserMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*User] { + return pulumix.Output[map[string]*User]{ + OutputState: i.ToUserMapOutputWithContext(ctx).OutputState, + } +} + type UserOutput struct{ *pulumi.OutputState } func (UserOutput) ElementType() reflect.Type { @@ -266,6 +287,12 @@ func (o UserOutput) ToUserOutputWithContext(ctx context.Context) UserOutput { return o } +func (o UserOutput) ToOutput(ctx context.Context) pulumix.Output[*User] { + return pulumix.Output[*User]{ + OutputState: o.OutputState, + } +} + // Path where the github auth backend is mounted. Defaults to `github` // if not specified. func (o UserOutput) Backend() pulumi.StringPtrOutput { @@ -305,6 +332,12 @@ func (o UserArrayOutput) ToUserArrayOutputWithContext(ctx context.Context) UserA return o } +func (o UserArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*User] { + return pulumix.Output[[]*User]{ + OutputState: o.OutputState, + } +} + func (o UserArrayOutput) Index(i pulumi.IntInput) UserOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *User { return vs[0].([]*User)[vs[1].(int)] @@ -325,6 +358,12 @@ func (o UserMapOutput) ToUserMapOutputWithContext(ctx context.Context) UserMapOu return o } +func (o UserMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*User] { + return pulumix.Output[map[string]*User]{ + OutputState: o.OutputState, + } +} + func (o UserMapOutput) MapIndex(k pulumi.StringInput) UserOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *User { return vs[0].(map[string]*User)[vs[1].(string)] diff --git a/sdk/go/vault/identity/entity.go b/sdk/go/vault/identity/entity.go index 53e815e45..0c06472f0 100644 --- a/sdk/go/vault/identity/entity.go +++ b/sdk/go/vault/identity/entity.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -77,6 +79,7 @@ func NewEntity(ctx *pulumi.Context, args = &EntityArgs{} } + opts = internal.PkgResourceDefaultOpts(opts) var resource Entity err := ctx.RegisterResource("vault:identity/entity:Entity", name, args, &resource, opts...) if err != nil { @@ -198,6 +201,12 @@ func (i *Entity) ToEntityOutputWithContext(ctx context.Context) EntityOutput { return pulumi.ToOutputWithContext(ctx, i).(EntityOutput) } +func (i *Entity) ToOutput(ctx context.Context) pulumix.Output[*Entity] { + return pulumix.Output[*Entity]{ + OutputState: i.ToEntityOutputWithContext(ctx).OutputState, + } +} + // EntityArrayInput is an input type that accepts EntityArray and EntityArrayOutput values. // You can construct a concrete instance of `EntityArrayInput` via: // @@ -223,6 +232,12 @@ func (i EntityArray) ToEntityArrayOutputWithContext(ctx context.Context) EntityA return pulumi.ToOutputWithContext(ctx, i).(EntityArrayOutput) } +func (i EntityArray) ToOutput(ctx context.Context) pulumix.Output[[]*Entity] { + return pulumix.Output[[]*Entity]{ + OutputState: i.ToEntityArrayOutputWithContext(ctx).OutputState, + } +} + // EntityMapInput is an input type that accepts EntityMap and EntityMapOutput values. // You can construct a concrete instance of `EntityMapInput` via: // @@ -248,6 +263,12 @@ func (i EntityMap) ToEntityMapOutputWithContext(ctx context.Context) EntityMapOu return pulumi.ToOutputWithContext(ctx, i).(EntityMapOutput) } +func (i EntityMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*Entity] { + return pulumix.Output[map[string]*Entity]{ + OutputState: i.ToEntityMapOutputWithContext(ctx).OutputState, + } +} + type EntityOutput struct{ *pulumi.OutputState } func (EntityOutput) ElementType() reflect.Type { @@ -262,6 +283,12 @@ func (o EntityOutput) ToEntityOutputWithContext(ctx context.Context) EntityOutpu return o } +func (o EntityOutput) ToOutput(ctx context.Context) pulumix.Output[*Entity] { + return pulumix.Output[*Entity]{ + OutputState: o.OutputState, + } +} + // True/false Is this entity currently disabled. Defaults to `false` func (o EntityOutput) Disabled() pulumi.BoolPtrOutput { return o.ApplyT(func(v *Entity) pulumi.BoolPtrOutput { return v.Disabled }).(pulumi.BoolPtrOutput) @@ -309,6 +336,12 @@ func (o EntityArrayOutput) ToEntityArrayOutputWithContext(ctx context.Context) E return o } +func (o EntityArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*Entity] { + return pulumix.Output[[]*Entity]{ + OutputState: o.OutputState, + } +} + func (o EntityArrayOutput) Index(i pulumi.IntInput) EntityOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *Entity { return vs[0].([]*Entity)[vs[1].(int)] @@ -329,6 +362,12 @@ func (o EntityMapOutput) ToEntityMapOutputWithContext(ctx context.Context) Entit return o } +func (o EntityMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*Entity] { + return pulumix.Output[map[string]*Entity]{ + OutputState: o.OutputState, + } +} + func (o EntityMapOutput) MapIndex(k pulumi.StringInput) EntityOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *Entity { return vs[0].(map[string]*Entity)[vs[1].(string)] diff --git a/sdk/go/vault/identity/entityAlias.go b/sdk/go/vault/identity/entityAlias.go index fb54ada76..c8d8dcde4 100644 --- a/sdk/go/vault/identity/entityAlias.go +++ b/sdk/go/vault/identity/entityAlias.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -78,6 +80,7 @@ func NewEntityAlias(ctx *pulumi.Context, if args.MountAccessor == nil { return nil, errors.New("invalid value for required argument 'MountAccessor'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource EntityAlias err := ctx.RegisterResource("vault:identity/entityAlias:EntityAlias", name, args, &resource, opts...) if err != nil { @@ -191,6 +194,12 @@ func (i *EntityAlias) ToEntityAliasOutputWithContext(ctx context.Context) Entity return pulumi.ToOutputWithContext(ctx, i).(EntityAliasOutput) } +func (i *EntityAlias) ToOutput(ctx context.Context) pulumix.Output[*EntityAlias] { + return pulumix.Output[*EntityAlias]{ + OutputState: i.ToEntityAliasOutputWithContext(ctx).OutputState, + } +} + // EntityAliasArrayInput is an input type that accepts EntityAliasArray and EntityAliasArrayOutput values. // You can construct a concrete instance of `EntityAliasArrayInput` via: // @@ -216,6 +225,12 @@ func (i EntityAliasArray) ToEntityAliasArrayOutputWithContext(ctx context.Contex return pulumi.ToOutputWithContext(ctx, i).(EntityAliasArrayOutput) } +func (i EntityAliasArray) ToOutput(ctx context.Context) pulumix.Output[[]*EntityAlias] { + return pulumix.Output[[]*EntityAlias]{ + OutputState: i.ToEntityAliasArrayOutputWithContext(ctx).OutputState, + } +} + // EntityAliasMapInput is an input type that accepts EntityAliasMap and EntityAliasMapOutput values. // You can construct a concrete instance of `EntityAliasMapInput` via: // @@ -241,6 +256,12 @@ func (i EntityAliasMap) ToEntityAliasMapOutputWithContext(ctx context.Context) E return pulumi.ToOutputWithContext(ctx, i).(EntityAliasMapOutput) } +func (i EntityAliasMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*EntityAlias] { + return pulumix.Output[map[string]*EntityAlias]{ + OutputState: i.ToEntityAliasMapOutputWithContext(ctx).OutputState, + } +} + type EntityAliasOutput struct{ *pulumi.OutputState } func (EntityAliasOutput) ElementType() reflect.Type { @@ -255,6 +276,12 @@ func (o EntityAliasOutput) ToEntityAliasOutputWithContext(ctx context.Context) E return o } +func (o EntityAliasOutput) ToOutput(ctx context.Context) pulumix.Output[*EntityAlias] { + return pulumix.Output[*EntityAlias]{ + OutputState: o.OutputState, + } +} + // Entity ID to which this alias belongs to. func (o EntityAliasOutput) CanonicalId() pulumi.StringOutput { return o.ApplyT(func(v *EntityAlias) pulumi.StringOutput { return v.CanonicalId }).(pulumi.StringOutput) @@ -297,6 +324,12 @@ func (o EntityAliasArrayOutput) ToEntityAliasArrayOutputWithContext(ctx context. return o } +func (o EntityAliasArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*EntityAlias] { + return pulumix.Output[[]*EntityAlias]{ + OutputState: o.OutputState, + } +} + func (o EntityAliasArrayOutput) Index(i pulumi.IntInput) EntityAliasOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *EntityAlias { return vs[0].([]*EntityAlias)[vs[1].(int)] @@ -317,6 +350,12 @@ func (o EntityAliasMapOutput) ToEntityAliasMapOutputWithContext(ctx context.Cont return o } +func (o EntityAliasMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*EntityAlias] { + return pulumix.Output[map[string]*EntityAlias]{ + OutputState: o.OutputState, + } +} + func (o EntityAliasMapOutput) MapIndex(k pulumi.StringInput) EntityAliasOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *EntityAlias { return vs[0].(map[string]*EntityAlias)[vs[1].(string)] diff --git a/sdk/go/vault/identity/entityPolicies.go b/sdk/go/vault/identity/entityPolicies.go index e6b84df1e..49a8173a5 100644 --- a/sdk/go/vault/identity/entityPolicies.go +++ b/sdk/go/vault/identity/entityPolicies.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Manages policies for an Identity Entity for Vault. The [Identity secrets engine](https://www.vaultproject.io/docs/secrets/identity/index.html) is the identity management solution for Vault. @@ -104,6 +106,10 @@ type EntityPolicies struct { // The name of the entity that are assigned the policies. EntityName pulumi.StringOutput `pulumi:"entityName"` // Defaults to `true`. + // + // If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource. + // + // If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. Exclusive pulumi.BoolPtrOutput `pulumi:"exclusive"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. @@ -127,6 +133,7 @@ func NewEntityPolicies(ctx *pulumi.Context, if args.Policies == nil { return nil, errors.New("invalid value for required argument 'Policies'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource EntityPolicies err := ctx.RegisterResource("vault:identity/entityPolicies:EntityPolicies", name, args, &resource, opts...) if err != nil { @@ -154,6 +161,10 @@ type entityPoliciesState struct { // The name of the entity that are assigned the policies. EntityName *string `pulumi:"entityName"` // Defaults to `true`. + // + // If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource. + // + // If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. Exclusive *bool `pulumi:"exclusive"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. @@ -170,6 +181,10 @@ type EntityPoliciesState struct { // The name of the entity that are assigned the policies. EntityName pulumi.StringPtrInput // Defaults to `true`. + // + // If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource. + // + // If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. Exclusive pulumi.BoolPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. @@ -188,6 +203,10 @@ type entityPoliciesArgs struct { // Entity ID to assign policies to. EntityId string `pulumi:"entityId"` // Defaults to `true`. + // + // If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource. + // + // If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. Exclusive *bool `pulumi:"exclusive"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. @@ -203,6 +222,10 @@ type EntityPoliciesArgs struct { // Entity ID to assign policies to. EntityId pulumi.StringInput // Defaults to `true`. + // + // If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource. + // + // If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. Exclusive pulumi.BoolPtrInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. @@ -236,6 +259,12 @@ func (i *EntityPolicies) ToEntityPoliciesOutputWithContext(ctx context.Context) return pulumi.ToOutputWithContext(ctx, i).(EntityPoliciesOutput) } +func (i *EntityPolicies) ToOutput(ctx context.Context) pulumix.Output[*EntityPolicies] { + return pulumix.Output[*EntityPolicies]{ + OutputState: i.ToEntityPoliciesOutputWithContext(ctx).OutputState, + } +} + // EntityPoliciesArrayInput is an input type that accepts EntityPoliciesArray and EntityPoliciesArrayOutput values. // You can construct a concrete instance of `EntityPoliciesArrayInput` via: // @@ -261,6 +290,12 @@ func (i EntityPoliciesArray) ToEntityPoliciesArrayOutputWithContext(ctx context. return pulumi.ToOutputWithContext(ctx, i).(EntityPoliciesArrayOutput) } +func (i EntityPoliciesArray) ToOutput(ctx context.Context) pulumix.Output[[]*EntityPolicies] { + return pulumix.Output[[]*EntityPolicies]{ + OutputState: i.ToEntityPoliciesArrayOutputWithContext(ctx).OutputState, + } +} + // EntityPoliciesMapInput is an input type that accepts EntityPoliciesMap and EntityPoliciesMapOutput values. // You can construct a concrete instance of `EntityPoliciesMapInput` via: // @@ -286,6 +321,12 @@ func (i EntityPoliciesMap) ToEntityPoliciesMapOutputWithContext(ctx context.Cont return pulumi.ToOutputWithContext(ctx, i).(EntityPoliciesMapOutput) } +func (i EntityPoliciesMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*EntityPolicies] { + return pulumix.Output[map[string]*EntityPolicies]{ + OutputState: i.ToEntityPoliciesMapOutputWithContext(ctx).OutputState, + } +} + type EntityPoliciesOutput struct{ *pulumi.OutputState } func (EntityPoliciesOutput) ElementType() reflect.Type { @@ -300,6 +341,12 @@ func (o EntityPoliciesOutput) ToEntityPoliciesOutputWithContext(ctx context.Cont return o } +func (o EntityPoliciesOutput) ToOutput(ctx context.Context) pulumix.Output[*EntityPolicies] { + return pulumix.Output[*EntityPolicies]{ + OutputState: o.OutputState, + } +} + // Entity ID to assign policies to. func (o EntityPoliciesOutput) EntityId() pulumi.StringOutput { return o.ApplyT(func(v *EntityPolicies) pulumi.StringOutput { return v.EntityId }).(pulumi.StringOutput) @@ -311,6 +358,10 @@ func (o EntityPoliciesOutput) EntityName() pulumi.StringOutput { } // Defaults to `true`. +// +// If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource. +// +// If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. func (o EntityPoliciesOutput) Exclusive() pulumi.BoolPtrOutput { return o.ApplyT(func(v *EntityPolicies) pulumi.BoolPtrOutput { return v.Exclusive }).(pulumi.BoolPtrOutput) } @@ -342,6 +393,12 @@ func (o EntityPoliciesArrayOutput) ToEntityPoliciesArrayOutputWithContext(ctx co return o } +func (o EntityPoliciesArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*EntityPolicies] { + return pulumix.Output[[]*EntityPolicies]{ + OutputState: o.OutputState, + } +} + func (o EntityPoliciesArrayOutput) Index(i pulumi.IntInput) EntityPoliciesOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *EntityPolicies { return vs[0].([]*EntityPolicies)[vs[1].(int)] @@ -362,6 +419,12 @@ func (o EntityPoliciesMapOutput) ToEntityPoliciesMapOutputWithContext(ctx contex return o } +func (o EntityPoliciesMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*EntityPolicies] { + return pulumix.Output[map[string]*EntityPolicies]{ + OutputState: o.OutputState, + } +} + func (o EntityPoliciesMapOutput) MapIndex(k pulumi.StringInput) EntityPoliciesOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *EntityPolicies { return vs[0].(map[string]*EntityPolicies)[vs[1].(string)] diff --git a/sdk/go/vault/identity/getEntity.go b/sdk/go/vault/identity/getEntity.go index 6dd48ad87..4cd3fa50a 100644 --- a/sdk/go/vault/identity/getEntity.go +++ b/sdk/go/vault/identity/getEntity.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -39,6 +41,7 @@ import ( // // Use of this resource requires the `create` capability on `/identity/lookup/entity`. func LookupEntity(ctx *pulumi.Context, args *LookupEntityArgs, opts ...pulumi.InvokeOption) (*LookupEntityResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) var rv LookupEntityResult err := ctx.Invoke("vault:identity/getEntity:getEntity", args, &rv, opts...) if err != nil { @@ -53,6 +56,9 @@ type LookupEntityArgs struct { AliasId *string `pulumi:"aliasId"` // Accessor of the mount to which the alias belongs to. // This should be supplied in conjunction with `aliasName`. + // + // The lookup criteria can be `entityName`, `entityId`, `aliasId`, or a combination of + // `aliasName` and `aliasMountAccessor`. AliasMountAccessor *string `pulumi:"aliasMountAccessor"` // Name of the alias. This should be supplied in conjunction with // `aliasMountAccessor`. @@ -124,6 +130,9 @@ type LookupEntityOutputArgs struct { AliasId pulumi.StringPtrInput `pulumi:"aliasId"` // Accessor of the mount to which the alias belongs to. // This should be supplied in conjunction with `aliasName`. + // + // The lookup criteria can be `entityName`, `entityId`, `aliasId`, or a combination of + // `aliasName` and `aliasMountAccessor`. AliasMountAccessor pulumi.StringPtrInput `pulumi:"aliasMountAccessor"` // Name of the alias. This should be supplied in conjunction with // `aliasMountAccessor`. @@ -158,6 +167,12 @@ func (o LookupEntityResultOutput) ToLookupEntityResultOutputWithContext(ctx cont return o } +func (o LookupEntityResultOutput) ToOutput(ctx context.Context) pulumix.Output[LookupEntityResult] { + return pulumix.Output[LookupEntityResult]{ + OutputState: o.OutputState, + } +} + func (o LookupEntityResultOutput) AliasId() pulumi.StringOutput { return o.ApplyT(func(v LookupEntityResult) string { return v.AliasId }).(pulumi.StringOutput) } diff --git a/sdk/go/vault/identity/getGroup.go b/sdk/go/vault/identity/getGroup.go index 030a4f79a..1a52827a5 100644 --- a/sdk/go/vault/identity/getGroup.go +++ b/sdk/go/vault/identity/getGroup.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -39,6 +41,7 @@ import ( // // Use of this resource requires the `create` capability on `/identity/lookup/group`. func LookupGroup(ctx *pulumi.Context, args *LookupGroupArgs, opts ...pulumi.InvokeOption) (*LookupGroupResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) var rv LookupGroupResult err := ctx.Invoke("vault:identity/getGroup:getGroup", args, &rv, opts...) if err != nil { @@ -53,6 +56,9 @@ type LookupGroupArgs struct { AliasId *string `pulumi:"aliasId"` // Accessor of the mount to which the alias belongs to. // This should be supplied in conjunction with `aliasName`. + // + // The lookup criteria can be `groupName`, `groupId`, `aliasId`, or a combination of + // `aliasName` and `aliasMountAccessor`. AliasMountAccessor *string `pulumi:"aliasMountAccessor"` // Name of the alias. This should be supplied in conjunction with // `aliasMountAccessor`. @@ -136,6 +142,9 @@ type LookupGroupOutputArgs struct { AliasId pulumi.StringPtrInput `pulumi:"aliasId"` // Accessor of the mount to which the alias belongs to. // This should be supplied in conjunction with `aliasName`. + // + // The lookup criteria can be `groupName`, `groupId`, `aliasId`, or a combination of + // `aliasName` and `aliasMountAccessor`. AliasMountAccessor pulumi.StringPtrInput `pulumi:"aliasMountAccessor"` // Name of the alias. This should be supplied in conjunction with // `aliasMountAccessor`. @@ -170,6 +179,12 @@ func (o LookupGroupResultOutput) ToLookupGroupResultOutputWithContext(ctx contex return o } +func (o LookupGroupResultOutput) ToOutput(ctx context.Context) pulumix.Output[LookupGroupResult] { + return pulumix.Output[LookupGroupResult]{ + OutputState: o.OutputState, + } +} + // Canonical ID of the Alias func (o LookupGroupResultOutput) AliasCanonicalId() pulumi.StringOutput { return o.ApplyT(func(v LookupGroupResult) string { return v.AliasCanonicalId }).(pulumi.StringOutput) diff --git a/sdk/go/vault/identity/getOidcClientCreds.go b/sdk/go/vault/identity/getOidcClientCreds.go index f2c584fa2..b7f2baf35 100644 --- a/sdk/go/vault/identity/getOidcClientCreds.go +++ b/sdk/go/vault/identity/getOidcClientCreds.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -45,6 +47,7 @@ import ( // // ``` func GetOidcClientCreds(ctx *pulumi.Context, args *GetOidcClientCredsArgs, opts ...pulumi.InvokeOption) (*GetOidcClientCredsResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) var rv GetOidcClientCredsResult err := ctx.Invoke("vault:identity/getOidcClientCreds:getOidcClientCreds", args, &rv, opts...) if err != nil { @@ -69,6 +72,7 @@ type GetOidcClientCredsResult struct { // The Client ID returned by Vault. ClientId string `pulumi:"clientId"` // The Client Secret Key returned by Vault. + // For public OpenID Clients `clientSecret` is set to an empty string `""` ClientSecret string `pulumi:"clientSecret"` // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` @@ -119,12 +123,19 @@ func (o GetOidcClientCredsResultOutput) ToGetOidcClientCredsResultOutputWithCont return o } +func (o GetOidcClientCredsResultOutput) ToOutput(ctx context.Context) pulumix.Output[GetOidcClientCredsResult] { + return pulumix.Output[GetOidcClientCredsResult]{ + OutputState: o.OutputState, + } +} + // The Client ID returned by Vault. func (o GetOidcClientCredsResultOutput) ClientId() pulumi.StringOutput { return o.ApplyT(func(v GetOidcClientCredsResult) string { return v.ClientId }).(pulumi.StringOutput) } // The Client Secret Key returned by Vault. +// For public OpenID Clients `clientSecret` is set to an empty string `""` func (o GetOidcClientCredsResultOutput) ClientSecret() pulumi.StringOutput { return o.ApplyT(func(v GetOidcClientCredsResult) string { return v.ClientSecret }).(pulumi.StringOutput) } diff --git a/sdk/go/vault/identity/getOidcOpenidConfig.go b/sdk/go/vault/identity/getOidcOpenidConfig.go index 3a984740c..50b53ddf9 100644 --- a/sdk/go/vault/identity/getOidcOpenidConfig.go +++ b/sdk/go/vault/identity/getOidcOpenidConfig.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -49,7 +51,7 @@ import ( // } // provider, err := identity.NewOidcProvider(ctx, "provider", &identity.OidcProviderArgs{ // AllowedClientIds: pulumi.StringArray{ -// pulumi.Any(vault_identity_oidc_client.Test.Client_id), +// vault_identity_oidc_client.Test.Client_id, // }, // }) // if err != nil { @@ -64,6 +66,7 @@ import ( // // ``` func GetOidcOpenidConfig(ctx *pulumi.Context, args *GetOidcOpenidConfigArgs, opts ...pulumi.InvokeOption) (*GetOidcOpenidConfigResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) var rv GetOidcOpenidConfigResult err := ctx.Invoke("vault:identity/getOidcOpenidConfig:getOidcOpenidConfig", args, &rv, opts...) if err != nil { @@ -160,6 +163,12 @@ func (o GetOidcOpenidConfigResultOutput) ToGetOidcOpenidConfigResultOutputWithCo return o } +func (o GetOidcOpenidConfigResultOutput) ToOutput(ctx context.Context) pulumix.Output[GetOidcOpenidConfigResult] { + return pulumix.Output[GetOidcOpenidConfigResult]{ + OutputState: o.OutputState, + } +} + // The Authorization Endpoint for the provider. func (o GetOidcOpenidConfigResultOutput) AuthorizationEndpoint() pulumi.StringOutput { return o.ApplyT(func(v GetOidcOpenidConfigResult) string { return v.AuthorizationEndpoint }).(pulumi.StringOutput) diff --git a/sdk/go/vault/identity/getOidcPublicKeys.go b/sdk/go/vault/identity/getOidcPublicKeys.go index 713ee661b..1e60e81bc 100644 --- a/sdk/go/vault/identity/getOidcPublicKeys.go +++ b/sdk/go/vault/identity/getOidcPublicKeys.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -49,7 +51,7 @@ import ( // } // provider, err := identity.NewOidcProvider(ctx, "provider", &identity.OidcProviderArgs{ // AllowedClientIds: pulumi.StringArray{ -// pulumi.Any(vault_identity_oidc_client.Test.Client_id), +// vault_identity_oidc_client.Test.Client_id, // }, // }) // if err != nil { @@ -64,6 +66,7 @@ import ( // // ``` func GetOidcPublicKeys(ctx *pulumi.Context, args *GetOidcPublicKeysArgs, opts ...pulumi.InvokeOption) (*GetOidcPublicKeysResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) var rv GetOidcPublicKeysResult err := ctx.Invoke("vault:identity/getOidcPublicKeys:getOidcPublicKeys", args, &rv, opts...) if err != nil { @@ -137,6 +140,12 @@ func (o GetOidcPublicKeysResultOutput) ToGetOidcPublicKeysResultOutputWithContex return o } +func (o GetOidcPublicKeysResultOutput) ToOutput(ctx context.Context) pulumix.Output[GetOidcPublicKeysResult] { + return pulumix.Output[GetOidcPublicKeysResult]{ + OutputState: o.OutputState, + } +} + // The provider-assigned unique ID for this managed resource. func (o GetOidcPublicKeysResultOutput) Id() pulumi.StringOutput { return o.ApplyT(func(v GetOidcPublicKeysResult) string { return v.Id }).(pulumi.StringOutput) diff --git a/sdk/go/vault/identity/group.go b/sdk/go/vault/identity/group.go index d91a4c92e..a955c269e 100644 --- a/sdk/go/vault/identity/group.go +++ b/sdk/go/vault/identity/group.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Creates an Identity Group for Vault. The [Identity secrets engine](https://www.vaultproject.io/docs/secrets/identity/index.html) is the identity management solution for Vault. @@ -180,6 +182,7 @@ func NewGroup(ctx *pulumi.Context, args = &GroupArgs{} } + opts = internal.PkgResourceDefaultOpts(opts) var resource Group err := ctx.RegisterResource("vault:identity/group:Group", name, args, &resource, opts...) if err != nil { @@ -365,6 +368,12 @@ func (i *Group) ToGroupOutputWithContext(ctx context.Context) GroupOutput { return pulumi.ToOutputWithContext(ctx, i).(GroupOutput) } +func (i *Group) ToOutput(ctx context.Context) pulumix.Output[*Group] { + return pulumix.Output[*Group]{ + OutputState: i.ToGroupOutputWithContext(ctx).OutputState, + } +} + // GroupArrayInput is an input type that accepts GroupArray and GroupArrayOutput values. // You can construct a concrete instance of `GroupArrayInput` via: // @@ -390,6 +399,12 @@ func (i GroupArray) ToGroupArrayOutputWithContext(ctx context.Context) GroupArra return pulumi.ToOutputWithContext(ctx, i).(GroupArrayOutput) } +func (i GroupArray) ToOutput(ctx context.Context) pulumix.Output[[]*Group] { + return pulumix.Output[[]*Group]{ + OutputState: i.ToGroupArrayOutputWithContext(ctx).OutputState, + } +} + // GroupMapInput is an input type that accepts GroupMap and GroupMapOutput values. // You can construct a concrete instance of `GroupMapInput` via: // @@ -415,6 +430,12 @@ func (i GroupMap) ToGroupMapOutputWithContext(ctx context.Context) GroupMapOutpu return pulumi.ToOutputWithContext(ctx, i).(GroupMapOutput) } +func (i GroupMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*Group] { + return pulumix.Output[map[string]*Group]{ + OutputState: i.ToGroupMapOutputWithContext(ctx).OutputState, + } +} + type GroupOutput struct{ *pulumi.OutputState } func (GroupOutput) ElementType() reflect.Type { @@ -429,6 +450,12 @@ func (o GroupOutput) ToGroupOutputWithContext(ctx context.Context) GroupOutput { return o } +func (o GroupOutput) ToOutput(ctx context.Context) pulumix.Output[*Group] { + return pulumix.Output[*Group]{ + OutputState: o.OutputState, + } +} + // `false` by default. If set to `true`, this resource will ignore any Entity IDs // returned from Vault or specified in the resource. You can use // `identity.GroupMemberEntityIds` to manage Entity IDs for this group in a @@ -504,6 +531,12 @@ func (o GroupArrayOutput) ToGroupArrayOutputWithContext(ctx context.Context) Gro return o } +func (o GroupArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*Group] { + return pulumix.Output[[]*Group]{ + OutputState: o.OutputState, + } +} + func (o GroupArrayOutput) Index(i pulumi.IntInput) GroupOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *Group { return vs[0].([]*Group)[vs[1].(int)] @@ -524,6 +557,12 @@ func (o GroupMapOutput) ToGroupMapOutputWithContext(ctx context.Context) GroupMa return o } +func (o GroupMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*Group] { + return pulumix.Output[map[string]*Group]{ + OutputState: o.OutputState, + } +} + func (o GroupMapOutput) MapIndex(k pulumi.StringInput) GroupOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *Group { return vs[0].(map[string]*Group)[vs[1].(string)] diff --git a/sdk/go/vault/identity/groupAlias.go b/sdk/go/vault/identity/groupAlias.go index 763925813..ccb99879e 100644 --- a/sdk/go/vault/identity/groupAlias.go +++ b/sdk/go/vault/identity/groupAlias.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Creates an Identity Group Alias for Vault. The [Identity secrets engine](https://www.vaultproject.io/docs/secrets/identity/index.html) is the identity management solution for Vault. @@ -109,6 +111,7 @@ func NewGroupAlias(ctx *pulumi.Context, if args.Name == nil { return nil, errors.New("invalid value for required argument 'Name'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource GroupAlias err := ctx.RegisterResource("vault:identity/groupAlias:GroupAlias", name, args, &resource, opts...) if err != nil { @@ -214,6 +217,12 @@ func (i *GroupAlias) ToGroupAliasOutputWithContext(ctx context.Context) GroupAli return pulumi.ToOutputWithContext(ctx, i).(GroupAliasOutput) } +func (i *GroupAlias) ToOutput(ctx context.Context) pulumix.Output[*GroupAlias] { + return pulumix.Output[*GroupAlias]{ + OutputState: i.ToGroupAliasOutputWithContext(ctx).OutputState, + } +} + // GroupAliasArrayInput is an input type that accepts GroupAliasArray and GroupAliasArrayOutput values. // You can construct a concrete instance of `GroupAliasArrayInput` via: // @@ -239,6 +248,12 @@ func (i GroupAliasArray) ToGroupAliasArrayOutputWithContext(ctx context.Context) return pulumi.ToOutputWithContext(ctx, i).(GroupAliasArrayOutput) } +func (i GroupAliasArray) ToOutput(ctx context.Context) pulumix.Output[[]*GroupAlias] { + return pulumix.Output[[]*GroupAlias]{ + OutputState: i.ToGroupAliasArrayOutputWithContext(ctx).OutputState, + } +} + // GroupAliasMapInput is an input type that accepts GroupAliasMap and GroupAliasMapOutput values. // You can construct a concrete instance of `GroupAliasMapInput` via: // @@ -264,6 +279,12 @@ func (i GroupAliasMap) ToGroupAliasMapOutputWithContext(ctx context.Context) Gro return pulumi.ToOutputWithContext(ctx, i).(GroupAliasMapOutput) } +func (i GroupAliasMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*GroupAlias] { + return pulumix.Output[map[string]*GroupAlias]{ + OutputState: i.ToGroupAliasMapOutputWithContext(ctx).OutputState, + } +} + type GroupAliasOutput struct{ *pulumi.OutputState } func (GroupAliasOutput) ElementType() reflect.Type { @@ -278,6 +299,12 @@ func (o GroupAliasOutput) ToGroupAliasOutputWithContext(ctx context.Context) Gro return o } +func (o GroupAliasOutput) ToOutput(ctx context.Context) pulumix.Output[*GroupAlias] { + return pulumix.Output[*GroupAlias]{ + OutputState: o.OutputState, + } +} + // ID of the group to which this is an alias. func (o GroupAliasOutput) CanonicalId() pulumi.StringOutput { return o.ApplyT(func(v *GroupAlias) pulumi.StringOutput { return v.CanonicalId }).(pulumi.StringOutput) @@ -315,6 +342,12 @@ func (o GroupAliasArrayOutput) ToGroupAliasArrayOutputWithContext(ctx context.Co return o } +func (o GroupAliasArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*GroupAlias] { + return pulumix.Output[[]*GroupAlias]{ + OutputState: o.OutputState, + } +} + func (o GroupAliasArrayOutput) Index(i pulumi.IntInput) GroupAliasOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *GroupAlias { return vs[0].([]*GroupAlias)[vs[1].(int)] @@ -335,6 +368,12 @@ func (o GroupAliasMapOutput) ToGroupAliasMapOutputWithContext(ctx context.Contex return o } +func (o GroupAliasMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*GroupAlias] { + return pulumix.Output[map[string]*GroupAlias]{ + OutputState: o.OutputState, + } +} + func (o GroupAliasMapOutput) MapIndex(k pulumi.StringInput) GroupAliasOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *GroupAlias { return vs[0].(map[string]*GroupAlias)[vs[1].(string)] diff --git a/sdk/go/vault/identity/groupMemberEntityIds.go b/sdk/go/vault/identity/groupMemberEntityIds.go index dec19a1bf..7e12fcb14 100644 --- a/sdk/go/vault/identity/groupMemberEntityIds.go +++ b/sdk/go/vault/identity/groupMemberEntityIds.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Manages member entities for an Identity Group for Vault. The [Identity secrets engine](https://www.vaultproject.io/docs/secrets/identity/index.html) is the identity management solution for Vault. @@ -123,6 +125,10 @@ type GroupMemberEntityIds struct { pulumi.CustomResourceState // Defaults to `true`. + // + // If `true`, this resource will take exclusive control of the member entities that belong to the group and will set it equal to what is specified in the resource. + // + // If set to `false`, this resource will simply ensure that the member entities specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member entities specified in the resource are removed. Exclusive pulumi.BoolPtrOutput `pulumi:"exclusive"` // Group ID to assign member entities to. GroupId pulumi.StringOutput `pulumi:"groupId"` @@ -152,6 +158,7 @@ func NewGroupMemberEntityIds(ctx *pulumi.Context, if args.GroupId == nil { return nil, errors.New("invalid value for required argument 'GroupId'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource GroupMemberEntityIds err := ctx.RegisterResource("vault:identity/groupMemberEntityIds:GroupMemberEntityIds", name, args, &resource, opts...) if err != nil { @@ -175,6 +182,10 @@ func GetGroupMemberEntityIds(ctx *pulumi.Context, // Input properties used for looking up and filtering GroupMemberEntityIds resources. type groupMemberEntityIdsState struct { // Defaults to `true`. + // + // If `true`, this resource will take exclusive control of the member entities that belong to the group and will set it equal to what is specified in the resource. + // + // If set to `false`, this resource will simply ensure that the member entities specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member entities specified in the resource are removed. Exclusive *bool `pulumi:"exclusive"` // Group ID to assign member entities to. GroupId *string `pulumi:"groupId"` @@ -196,6 +207,10 @@ type groupMemberEntityIdsState struct { type GroupMemberEntityIdsState struct { // Defaults to `true`. + // + // If `true`, this resource will take exclusive control of the member entities that belong to the group and will set it equal to what is specified in the resource. + // + // If set to `false`, this resource will simply ensure that the member entities specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member entities specified in the resource are removed. Exclusive pulumi.BoolPtrInput // Group ID to assign member entities to. GroupId pulumi.StringPtrInput @@ -221,6 +236,10 @@ func (GroupMemberEntityIdsState) ElementType() reflect.Type { type groupMemberEntityIdsArgs struct { // Defaults to `true`. + // + // If `true`, this resource will take exclusive control of the member entities that belong to the group and will set it equal to what is specified in the resource. + // + // If set to `false`, this resource will simply ensure that the member entities specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member entities specified in the resource are removed. Exclusive *bool `pulumi:"exclusive"` // Group ID to assign member entities to. GroupId string `pulumi:"groupId"` @@ -236,6 +255,10 @@ type groupMemberEntityIdsArgs struct { // The set of arguments for constructing a GroupMemberEntityIds resource. type GroupMemberEntityIdsArgs struct { // Defaults to `true`. + // + // If `true`, this resource will take exclusive control of the member entities that belong to the group and will set it equal to what is specified in the resource. + // + // If set to `false`, this resource will simply ensure that the member entities specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member entities specified in the resource are removed. Exclusive pulumi.BoolPtrInput // Group ID to assign member entities to. GroupId pulumi.StringInput @@ -271,6 +294,12 @@ func (i *GroupMemberEntityIds) ToGroupMemberEntityIdsOutputWithContext(ctx conte return pulumi.ToOutputWithContext(ctx, i).(GroupMemberEntityIdsOutput) } +func (i *GroupMemberEntityIds) ToOutput(ctx context.Context) pulumix.Output[*GroupMemberEntityIds] { + return pulumix.Output[*GroupMemberEntityIds]{ + OutputState: i.ToGroupMemberEntityIdsOutputWithContext(ctx).OutputState, + } +} + // GroupMemberEntityIdsArrayInput is an input type that accepts GroupMemberEntityIdsArray and GroupMemberEntityIdsArrayOutput values. // You can construct a concrete instance of `GroupMemberEntityIdsArrayInput` via: // @@ -296,6 +325,12 @@ func (i GroupMemberEntityIdsArray) ToGroupMemberEntityIdsArrayOutputWithContext( return pulumi.ToOutputWithContext(ctx, i).(GroupMemberEntityIdsArrayOutput) } +func (i GroupMemberEntityIdsArray) ToOutput(ctx context.Context) pulumix.Output[[]*GroupMemberEntityIds] { + return pulumix.Output[[]*GroupMemberEntityIds]{ + OutputState: i.ToGroupMemberEntityIdsArrayOutputWithContext(ctx).OutputState, + } +} + // GroupMemberEntityIdsMapInput is an input type that accepts GroupMemberEntityIdsMap and GroupMemberEntityIdsMapOutput values. // You can construct a concrete instance of `GroupMemberEntityIdsMapInput` via: // @@ -321,6 +356,12 @@ func (i GroupMemberEntityIdsMap) ToGroupMemberEntityIdsMapOutputWithContext(ctx return pulumi.ToOutputWithContext(ctx, i).(GroupMemberEntityIdsMapOutput) } +func (i GroupMemberEntityIdsMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*GroupMemberEntityIds] { + return pulumix.Output[map[string]*GroupMemberEntityIds]{ + OutputState: i.ToGroupMemberEntityIdsMapOutputWithContext(ctx).OutputState, + } +} + type GroupMemberEntityIdsOutput struct{ *pulumi.OutputState } func (GroupMemberEntityIdsOutput) ElementType() reflect.Type { @@ -335,7 +376,17 @@ func (o GroupMemberEntityIdsOutput) ToGroupMemberEntityIdsOutputWithContext(ctx return o } +func (o GroupMemberEntityIdsOutput) ToOutput(ctx context.Context) pulumix.Output[*GroupMemberEntityIds] { + return pulumix.Output[*GroupMemberEntityIds]{ + OutputState: o.OutputState, + } +} + // Defaults to `true`. +// +// If `true`, this resource will take exclusive control of the member entities that belong to the group and will set it equal to what is specified in the resource. +// +// If set to `false`, this resource will simply ensure that the member entities specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member entities specified in the resource are removed. func (o GroupMemberEntityIdsOutput) Exclusive() pulumi.BoolPtrOutput { return o.ApplyT(func(v *GroupMemberEntityIds) pulumi.BoolPtrOutput { return v.Exclusive }).(pulumi.BoolPtrOutput) } @@ -382,6 +433,12 @@ func (o GroupMemberEntityIdsArrayOutput) ToGroupMemberEntityIdsArrayOutputWithCo return o } +func (o GroupMemberEntityIdsArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*GroupMemberEntityIds] { + return pulumix.Output[[]*GroupMemberEntityIds]{ + OutputState: o.OutputState, + } +} + func (o GroupMemberEntityIdsArrayOutput) Index(i pulumi.IntInput) GroupMemberEntityIdsOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *GroupMemberEntityIds { return vs[0].([]*GroupMemberEntityIds)[vs[1].(int)] @@ -402,6 +459,12 @@ func (o GroupMemberEntityIdsMapOutput) ToGroupMemberEntityIdsMapOutputWithContex return o } +func (o GroupMemberEntityIdsMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*GroupMemberEntityIds] { + return pulumix.Output[map[string]*GroupMemberEntityIds]{ + OutputState: o.OutputState, + } +} + func (o GroupMemberEntityIdsMapOutput) MapIndex(k pulumi.StringInput) GroupMemberEntityIdsOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *GroupMemberEntityIds { return vs[0].(map[string]*GroupMemberEntityIds)[vs[1].(string)] diff --git a/sdk/go/vault/identity/groupMemberGroupIds.go b/sdk/go/vault/identity/groupMemberGroupIds.go index 5043f1540..302426525 100644 --- a/sdk/go/vault/identity/groupMemberGroupIds.go +++ b/sdk/go/vault/identity/groupMemberGroupIds.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Manages member groups for an Identity Group for Vault. The @@ -114,6 +116,13 @@ type GroupMemberGroupIds struct { pulumi.CustomResourceState // Defaults to `true`. + // + // If `true`, this resource will take exclusive control of the member groups that belong to the group and will set + // it equal to what is specified in the resource. + // + // If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + // in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource + // are removed. Exclusive pulumi.BoolPtrOutput `pulumi:"exclusive"` // Group ID to assign member entities to. GroupId pulumi.StringOutput `pulumi:"groupId"` @@ -136,6 +145,7 @@ func NewGroupMemberGroupIds(ctx *pulumi.Context, if args.GroupId == nil { return nil, errors.New("invalid value for required argument 'GroupId'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource GroupMemberGroupIds err := ctx.RegisterResource("vault:identity/groupMemberGroupIds:GroupMemberGroupIds", name, args, &resource, opts...) if err != nil { @@ -159,6 +169,13 @@ func GetGroupMemberGroupIds(ctx *pulumi.Context, // Input properties used for looking up and filtering GroupMemberGroupIds resources. type groupMemberGroupIdsState struct { // Defaults to `true`. + // + // If `true`, this resource will take exclusive control of the member groups that belong to the group and will set + // it equal to what is specified in the resource. + // + // If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + // in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource + // are removed. Exclusive *bool `pulumi:"exclusive"` // Group ID to assign member entities to. GroupId *string `pulumi:"groupId"` @@ -173,6 +190,13 @@ type groupMemberGroupIdsState struct { type GroupMemberGroupIdsState struct { // Defaults to `true`. + // + // If `true`, this resource will take exclusive control of the member groups that belong to the group and will set + // it equal to what is specified in the resource. + // + // If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + // in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource + // are removed. Exclusive pulumi.BoolPtrInput // Group ID to assign member entities to. GroupId pulumi.StringPtrInput @@ -191,6 +215,13 @@ func (GroupMemberGroupIdsState) ElementType() reflect.Type { type groupMemberGroupIdsArgs struct { // Defaults to `true`. + // + // If `true`, this resource will take exclusive control of the member groups that belong to the group and will set + // it equal to what is specified in the resource. + // + // If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + // in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource + // are removed. Exclusive *bool `pulumi:"exclusive"` // Group ID to assign member entities to. GroupId string `pulumi:"groupId"` @@ -206,6 +237,13 @@ type groupMemberGroupIdsArgs struct { // The set of arguments for constructing a GroupMemberGroupIds resource. type GroupMemberGroupIdsArgs struct { // Defaults to `true`. + // + // If `true`, this resource will take exclusive control of the member groups that belong to the group and will set + // it equal to what is specified in the resource. + // + // If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + // in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource + // are removed. Exclusive pulumi.BoolPtrInput // Group ID to assign member entities to. GroupId pulumi.StringInput @@ -241,6 +279,12 @@ func (i *GroupMemberGroupIds) ToGroupMemberGroupIdsOutputWithContext(ctx context return pulumi.ToOutputWithContext(ctx, i).(GroupMemberGroupIdsOutput) } +func (i *GroupMemberGroupIds) ToOutput(ctx context.Context) pulumix.Output[*GroupMemberGroupIds] { + return pulumix.Output[*GroupMemberGroupIds]{ + OutputState: i.ToGroupMemberGroupIdsOutputWithContext(ctx).OutputState, + } +} + // GroupMemberGroupIdsArrayInput is an input type that accepts GroupMemberGroupIdsArray and GroupMemberGroupIdsArrayOutput values. // You can construct a concrete instance of `GroupMemberGroupIdsArrayInput` via: // @@ -266,6 +310,12 @@ func (i GroupMemberGroupIdsArray) ToGroupMemberGroupIdsArrayOutputWithContext(ct return pulumi.ToOutputWithContext(ctx, i).(GroupMemberGroupIdsArrayOutput) } +func (i GroupMemberGroupIdsArray) ToOutput(ctx context.Context) pulumix.Output[[]*GroupMemberGroupIds] { + return pulumix.Output[[]*GroupMemberGroupIds]{ + OutputState: i.ToGroupMemberGroupIdsArrayOutputWithContext(ctx).OutputState, + } +} + // GroupMemberGroupIdsMapInput is an input type that accepts GroupMemberGroupIdsMap and GroupMemberGroupIdsMapOutput values. // You can construct a concrete instance of `GroupMemberGroupIdsMapInput` via: // @@ -291,6 +341,12 @@ func (i GroupMemberGroupIdsMap) ToGroupMemberGroupIdsMapOutputWithContext(ctx co return pulumi.ToOutputWithContext(ctx, i).(GroupMemberGroupIdsMapOutput) } +func (i GroupMemberGroupIdsMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*GroupMemberGroupIds] { + return pulumix.Output[map[string]*GroupMemberGroupIds]{ + OutputState: i.ToGroupMemberGroupIdsMapOutputWithContext(ctx).OutputState, + } +} + type GroupMemberGroupIdsOutput struct{ *pulumi.OutputState } func (GroupMemberGroupIdsOutput) ElementType() reflect.Type { @@ -305,7 +361,20 @@ func (o GroupMemberGroupIdsOutput) ToGroupMemberGroupIdsOutputWithContext(ctx co return o } +func (o GroupMemberGroupIdsOutput) ToOutput(ctx context.Context) pulumix.Output[*GroupMemberGroupIds] { + return pulumix.Output[*GroupMemberGroupIds]{ + OutputState: o.OutputState, + } +} + // Defaults to `true`. +// +// If `true`, this resource will take exclusive control of the member groups that belong to the group and will set +// it equal to what is specified in the resource. +// +// If set to `false`, this resource will simply ensure that the member groups specified in the resource are present +// in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource +// are removed. func (o GroupMemberGroupIdsOutput) Exclusive() pulumi.BoolPtrOutput { return o.ApplyT(func(v *GroupMemberGroupIds) pulumi.BoolPtrOutput { return v.Exclusive }).(pulumi.BoolPtrOutput) } @@ -342,6 +411,12 @@ func (o GroupMemberGroupIdsArrayOutput) ToGroupMemberGroupIdsArrayOutputWithCont return o } +func (o GroupMemberGroupIdsArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*GroupMemberGroupIds] { + return pulumix.Output[[]*GroupMemberGroupIds]{ + OutputState: o.OutputState, + } +} + func (o GroupMemberGroupIdsArrayOutput) Index(i pulumi.IntInput) GroupMemberGroupIdsOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *GroupMemberGroupIds { return vs[0].([]*GroupMemberGroupIds)[vs[1].(int)] @@ -362,6 +437,12 @@ func (o GroupMemberGroupIdsMapOutput) ToGroupMemberGroupIdsMapOutputWithContext( return o } +func (o GroupMemberGroupIdsMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*GroupMemberGroupIds] { + return pulumix.Output[map[string]*GroupMemberGroupIds]{ + OutputState: o.OutputState, + } +} + func (o GroupMemberGroupIdsMapOutput) MapIndex(k pulumi.StringInput) GroupMemberGroupIdsOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *GroupMemberGroupIds { return vs[0].(map[string]*GroupMemberGroupIds)[vs[1].(string)] diff --git a/sdk/go/vault/identity/groupPolicies.go b/sdk/go/vault/identity/groupPolicies.go index 529266b83..e4e6ff5b4 100644 --- a/sdk/go/vault/identity/groupPolicies.go +++ b/sdk/go/vault/identity/groupPolicies.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Manages policies for an Identity Group for Vault. The [Identity secrets engine](https://www.vaultproject.io/docs/secrets/identity/index.html) is the identity management solution for Vault. @@ -108,6 +110,10 @@ type GroupPolicies struct { pulumi.CustomResourceState // Defaults to `true`. + // + // If `true`, this resource will take exclusive control of the policies assigned to the group and will set it equal to what is specified in the resource. + // + // If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the group. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. Exclusive pulumi.BoolPtrOutput `pulumi:"exclusive"` // Group ID to assign policies to. GroupId pulumi.StringOutput `pulumi:"groupId"` @@ -135,6 +141,7 @@ func NewGroupPolicies(ctx *pulumi.Context, if args.Policies == nil { return nil, errors.New("invalid value for required argument 'Policies'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource GroupPolicies err := ctx.RegisterResource("vault:identity/groupPolicies:GroupPolicies", name, args, &resource, opts...) if err != nil { @@ -158,6 +165,10 @@ func GetGroupPolicies(ctx *pulumi.Context, // Input properties used for looking up and filtering GroupPolicies resources. type groupPoliciesState struct { // Defaults to `true`. + // + // If `true`, this resource will take exclusive control of the policies assigned to the group and will set it equal to what is specified in the resource. + // + // If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the group. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. Exclusive *bool `pulumi:"exclusive"` // Group ID to assign policies to. GroupId *string `pulumi:"groupId"` @@ -174,6 +185,10 @@ type groupPoliciesState struct { type GroupPoliciesState struct { // Defaults to `true`. + // + // If `true`, this resource will take exclusive control of the policies assigned to the group and will set it equal to what is specified in the resource. + // + // If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the group. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. Exclusive pulumi.BoolPtrInput // Group ID to assign policies to. GroupId pulumi.StringPtrInput @@ -194,6 +209,10 @@ func (GroupPoliciesState) ElementType() reflect.Type { type groupPoliciesArgs struct { // Defaults to `true`. + // + // If `true`, this resource will take exclusive control of the policies assigned to the group and will set it equal to what is specified in the resource. + // + // If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the group. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. Exclusive *bool `pulumi:"exclusive"` // Group ID to assign policies to. GroupId string `pulumi:"groupId"` @@ -209,6 +228,10 @@ type groupPoliciesArgs struct { // The set of arguments for constructing a GroupPolicies resource. type GroupPoliciesArgs struct { // Defaults to `true`. + // + // If `true`, this resource will take exclusive control of the policies assigned to the group and will set it equal to what is specified in the resource. + // + // If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the group. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. Exclusive pulumi.BoolPtrInput // Group ID to assign policies to. GroupId pulumi.StringInput @@ -244,6 +267,12 @@ func (i *GroupPolicies) ToGroupPoliciesOutputWithContext(ctx context.Context) Gr return pulumi.ToOutputWithContext(ctx, i).(GroupPoliciesOutput) } +func (i *GroupPolicies) ToOutput(ctx context.Context) pulumix.Output[*GroupPolicies] { + return pulumix.Output[*GroupPolicies]{ + OutputState: i.ToGroupPoliciesOutputWithContext(ctx).OutputState, + } +} + // GroupPoliciesArrayInput is an input type that accepts GroupPoliciesArray and GroupPoliciesArrayOutput values. // You can construct a concrete instance of `GroupPoliciesArrayInput` via: // @@ -269,6 +298,12 @@ func (i GroupPoliciesArray) ToGroupPoliciesArrayOutputWithContext(ctx context.Co return pulumi.ToOutputWithContext(ctx, i).(GroupPoliciesArrayOutput) } +func (i GroupPoliciesArray) ToOutput(ctx context.Context) pulumix.Output[[]*GroupPolicies] { + return pulumix.Output[[]*GroupPolicies]{ + OutputState: i.ToGroupPoliciesArrayOutputWithContext(ctx).OutputState, + } +} + // GroupPoliciesMapInput is an input type that accepts GroupPoliciesMap and GroupPoliciesMapOutput values. // You can construct a concrete instance of `GroupPoliciesMapInput` via: // @@ -294,6 +329,12 @@ func (i GroupPoliciesMap) ToGroupPoliciesMapOutputWithContext(ctx context.Contex return pulumi.ToOutputWithContext(ctx, i).(GroupPoliciesMapOutput) } +func (i GroupPoliciesMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*GroupPolicies] { + return pulumix.Output[map[string]*GroupPolicies]{ + OutputState: i.ToGroupPoliciesMapOutputWithContext(ctx).OutputState, + } +} + type GroupPoliciesOutput struct{ *pulumi.OutputState } func (GroupPoliciesOutput) ElementType() reflect.Type { @@ -308,7 +349,17 @@ func (o GroupPoliciesOutput) ToGroupPoliciesOutputWithContext(ctx context.Contex return o } +func (o GroupPoliciesOutput) ToOutput(ctx context.Context) pulumix.Output[*GroupPolicies] { + return pulumix.Output[*GroupPolicies]{ + OutputState: o.OutputState, + } +} + // Defaults to `true`. +// +// If `true`, this resource will take exclusive control of the policies assigned to the group and will set it equal to what is specified in the resource. +// +// If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the group. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. func (o GroupPoliciesOutput) Exclusive() pulumi.BoolPtrOutput { return o.ApplyT(func(v *GroupPolicies) pulumi.BoolPtrOutput { return v.Exclusive }).(pulumi.BoolPtrOutput) } @@ -350,6 +401,12 @@ func (o GroupPoliciesArrayOutput) ToGroupPoliciesArrayOutputWithContext(ctx cont return o } +func (o GroupPoliciesArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*GroupPolicies] { + return pulumix.Output[[]*GroupPolicies]{ + OutputState: o.OutputState, + } +} + func (o GroupPoliciesArrayOutput) Index(i pulumi.IntInput) GroupPoliciesOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *GroupPolicies { return vs[0].([]*GroupPolicies)[vs[1].(int)] @@ -370,6 +427,12 @@ func (o GroupPoliciesMapOutput) ToGroupPoliciesMapOutputWithContext(ctx context. return o } +func (o GroupPoliciesMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*GroupPolicies] { + return pulumix.Output[map[string]*GroupPolicies]{ + OutputState: o.OutputState, + } +} + func (o GroupPoliciesMapOutput) MapIndex(k pulumi.StringInput) GroupPoliciesOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *GroupPolicies { return vs[0].(map[string]*GroupPolicies)[vs[1].(string)] diff --git a/sdk/go/vault/identity/init.go b/sdk/go/vault/identity/init.go index 86ff14a42..a97a7bd85 100644 --- a/sdk/go/vault/identity/init.go +++ b/sdk/go/vault/identity/init.go @@ -7,7 +7,7 @@ import ( "fmt" "github.com/blang/semver" - "github.com/pulumi/pulumi-vault/sdk/v5/go/vault" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) @@ -72,7 +72,7 @@ func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi } func init() { - version, err := vault.PkgVersion() + version, err := internal.PkgVersion() if err != nil { version = semver.Version{Major: 1} } diff --git a/sdk/go/vault/identity/mfaDuo.go b/sdk/go/vault/identity/mfaDuo.go index 4e375d895..a4c255482 100644 --- a/sdk/go/vault/identity/mfaDuo.go +++ b/sdk/go/vault/identity/mfaDuo.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Resource for configuring the duo MFA method. @@ -100,16 +102,17 @@ func NewMfaDuo(ctx *pulumi.Context, return nil, errors.New("invalid value for required argument 'SecretKey'") } if args.IntegrationKey != nil { - args.IntegrationKey = pulumi.ToSecret(args.IntegrationKey).(pulumi.StringOutput) + args.IntegrationKey = pulumi.ToSecret(args.IntegrationKey).(pulumi.StringInput) } if args.SecretKey != nil { - args.SecretKey = pulumi.ToSecret(args.SecretKey).(pulumi.StringOutput) + args.SecretKey = pulumi.ToSecret(args.SecretKey).(pulumi.StringInput) } secrets := pulumi.AdditionalSecretOutputs([]string{ "integrationKey", "secretKey", }) opts = append(opts, secrets) + opts = internal.PkgResourceDefaultOpts(opts) var resource MfaDuo err := ctx.RegisterResource("vault:identity/mfaDuo:MfaDuo", name, args, &resource, opts...) if err != nil { @@ -255,6 +258,12 @@ func (i *MfaDuo) ToMfaDuoOutputWithContext(ctx context.Context) MfaDuoOutput { return pulumi.ToOutputWithContext(ctx, i).(MfaDuoOutput) } +func (i *MfaDuo) ToOutput(ctx context.Context) pulumix.Output[*MfaDuo] { + return pulumix.Output[*MfaDuo]{ + OutputState: i.ToMfaDuoOutputWithContext(ctx).OutputState, + } +} + // MfaDuoArrayInput is an input type that accepts MfaDuoArray and MfaDuoArrayOutput values. // You can construct a concrete instance of `MfaDuoArrayInput` via: // @@ -280,6 +289,12 @@ func (i MfaDuoArray) ToMfaDuoArrayOutputWithContext(ctx context.Context) MfaDuoA return pulumi.ToOutputWithContext(ctx, i).(MfaDuoArrayOutput) } +func (i MfaDuoArray) ToOutput(ctx context.Context) pulumix.Output[[]*MfaDuo] { + return pulumix.Output[[]*MfaDuo]{ + OutputState: i.ToMfaDuoArrayOutputWithContext(ctx).OutputState, + } +} + // MfaDuoMapInput is an input type that accepts MfaDuoMap and MfaDuoMapOutput values. // You can construct a concrete instance of `MfaDuoMapInput` via: // @@ -305,6 +320,12 @@ func (i MfaDuoMap) ToMfaDuoMapOutputWithContext(ctx context.Context) MfaDuoMapOu return pulumi.ToOutputWithContext(ctx, i).(MfaDuoMapOutput) } +func (i MfaDuoMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*MfaDuo] { + return pulumix.Output[map[string]*MfaDuo]{ + OutputState: i.ToMfaDuoMapOutputWithContext(ctx).OutputState, + } +} + type MfaDuoOutput struct{ *pulumi.OutputState } func (MfaDuoOutput) ElementType() reflect.Type { @@ -319,6 +340,12 @@ func (o MfaDuoOutput) ToMfaDuoOutputWithContext(ctx context.Context) MfaDuoOutpu return o } +func (o MfaDuoOutput) ToOutput(ctx context.Context) pulumix.Output[*MfaDuo] { + return pulumix.Output[*MfaDuo]{ + OutputState: o.OutputState, + } +} + // API hostname for Duo func (o MfaDuoOutput) ApiHostname() pulumi.StringOutput { return o.ApplyT(func(v *MfaDuo) pulumi.StringOutput { return v.ApiHostname }).(pulumi.StringOutput) @@ -403,6 +430,12 @@ func (o MfaDuoArrayOutput) ToMfaDuoArrayOutputWithContext(ctx context.Context) M return o } +func (o MfaDuoArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*MfaDuo] { + return pulumix.Output[[]*MfaDuo]{ + OutputState: o.OutputState, + } +} + func (o MfaDuoArrayOutput) Index(i pulumi.IntInput) MfaDuoOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *MfaDuo { return vs[0].([]*MfaDuo)[vs[1].(int)] @@ -423,6 +456,12 @@ func (o MfaDuoMapOutput) ToMfaDuoMapOutputWithContext(ctx context.Context) MfaDu return o } +func (o MfaDuoMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*MfaDuo] { + return pulumix.Output[map[string]*MfaDuo]{ + OutputState: o.OutputState, + } +} + func (o MfaDuoMapOutput) MapIndex(k pulumi.StringInput) MfaDuoOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *MfaDuo { return vs[0].(map[string]*MfaDuo)[vs[1].(string)] diff --git a/sdk/go/vault/identity/mfaLoginEnforcement.go b/sdk/go/vault/identity/mfaLoginEnforcement.go index b0fb3dfe8..487c41dc9 100644 --- a/sdk/go/vault/identity/mfaLoginEnforcement.go +++ b/sdk/go/vault/identity/mfaLoginEnforcement.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Resource for configuring MFA login-enforcement @@ -94,6 +96,7 @@ func NewMfaLoginEnforcement(ctx *pulumi.Context, if args.MfaMethodIds == nil { return nil, errors.New("invalid value for required argument 'MfaMethodIds'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource MfaLoginEnforcement err := ctx.RegisterResource("vault:identity/mfaLoginEnforcement:MfaLoginEnforcement", name, args, &resource, opts...) if err != nil { @@ -223,6 +226,12 @@ func (i *MfaLoginEnforcement) ToMfaLoginEnforcementOutputWithContext(ctx context return pulumi.ToOutputWithContext(ctx, i).(MfaLoginEnforcementOutput) } +func (i *MfaLoginEnforcement) ToOutput(ctx context.Context) pulumix.Output[*MfaLoginEnforcement] { + return pulumix.Output[*MfaLoginEnforcement]{ + OutputState: i.ToMfaLoginEnforcementOutputWithContext(ctx).OutputState, + } +} + // MfaLoginEnforcementArrayInput is an input type that accepts MfaLoginEnforcementArray and MfaLoginEnforcementArrayOutput values. // You can construct a concrete instance of `MfaLoginEnforcementArrayInput` via: // @@ -248,6 +257,12 @@ func (i MfaLoginEnforcementArray) ToMfaLoginEnforcementArrayOutputWithContext(ct return pulumi.ToOutputWithContext(ctx, i).(MfaLoginEnforcementArrayOutput) } +func (i MfaLoginEnforcementArray) ToOutput(ctx context.Context) pulumix.Output[[]*MfaLoginEnforcement] { + return pulumix.Output[[]*MfaLoginEnforcement]{ + OutputState: i.ToMfaLoginEnforcementArrayOutputWithContext(ctx).OutputState, + } +} + // MfaLoginEnforcementMapInput is an input type that accepts MfaLoginEnforcementMap and MfaLoginEnforcementMapOutput values. // You can construct a concrete instance of `MfaLoginEnforcementMapInput` via: // @@ -273,6 +288,12 @@ func (i MfaLoginEnforcementMap) ToMfaLoginEnforcementMapOutputWithContext(ctx co return pulumi.ToOutputWithContext(ctx, i).(MfaLoginEnforcementMapOutput) } +func (i MfaLoginEnforcementMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*MfaLoginEnforcement] { + return pulumix.Output[map[string]*MfaLoginEnforcement]{ + OutputState: i.ToMfaLoginEnforcementMapOutputWithContext(ctx).OutputState, + } +} + type MfaLoginEnforcementOutput struct{ *pulumi.OutputState } func (MfaLoginEnforcementOutput) ElementType() reflect.Type { @@ -287,6 +308,12 @@ func (o MfaLoginEnforcementOutput) ToMfaLoginEnforcementOutputWithContext(ctx co return o } +func (o MfaLoginEnforcementOutput) ToOutput(ctx context.Context) pulumix.Output[*MfaLoginEnforcement] { + return pulumix.Output[*MfaLoginEnforcement]{ + OutputState: o.OutputState, + } +} + // Set of auth method accessor IDs. func (o MfaLoginEnforcementOutput) AuthMethodAccessors() pulumi.StringArrayOutput { return o.ApplyT(func(v *MfaLoginEnforcement) pulumi.StringArrayOutput { return v.AuthMethodAccessors }).(pulumi.StringArrayOutput) @@ -351,6 +378,12 @@ func (o MfaLoginEnforcementArrayOutput) ToMfaLoginEnforcementArrayOutputWithCont return o } +func (o MfaLoginEnforcementArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*MfaLoginEnforcement] { + return pulumix.Output[[]*MfaLoginEnforcement]{ + OutputState: o.OutputState, + } +} + func (o MfaLoginEnforcementArrayOutput) Index(i pulumi.IntInput) MfaLoginEnforcementOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *MfaLoginEnforcement { return vs[0].([]*MfaLoginEnforcement)[vs[1].(int)] @@ -371,6 +404,12 @@ func (o MfaLoginEnforcementMapOutput) ToMfaLoginEnforcementMapOutputWithContext( return o } +func (o MfaLoginEnforcementMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*MfaLoginEnforcement] { + return pulumix.Output[map[string]*MfaLoginEnforcement]{ + OutputState: o.OutputState, + } +} + func (o MfaLoginEnforcementMapOutput) MapIndex(k pulumi.StringInput) MfaLoginEnforcementOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *MfaLoginEnforcement { return vs[0].(map[string]*MfaLoginEnforcement)[vs[1].(string)] diff --git a/sdk/go/vault/identity/mfaOkta.go b/sdk/go/vault/identity/mfaOkta.go index e955a8066..9ef97085c 100644 --- a/sdk/go/vault/identity/mfaOkta.go +++ b/sdk/go/vault/identity/mfaOkta.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Resource for configuring the okta MFA method. @@ -95,12 +97,13 @@ func NewMfaOkta(ctx *pulumi.Context, return nil, errors.New("invalid value for required argument 'OrgName'") } if args.ApiToken != nil { - args.ApiToken = pulumi.ToSecret(args.ApiToken).(pulumi.StringOutput) + args.ApiToken = pulumi.ToSecret(args.ApiToken).(pulumi.StringInput) } secrets := pulumi.AdditionalSecretOutputs([]string{ "apiToken", }) opts = append(opts, secrets) + opts = internal.PkgResourceDefaultOpts(opts) var resource MfaOkta err := ctx.RegisterResource("vault:identity/mfaOkta:MfaOkta", name, args, &resource, opts...) if err != nil { @@ -238,6 +241,12 @@ func (i *MfaOkta) ToMfaOktaOutputWithContext(ctx context.Context) MfaOktaOutput return pulumi.ToOutputWithContext(ctx, i).(MfaOktaOutput) } +func (i *MfaOkta) ToOutput(ctx context.Context) pulumix.Output[*MfaOkta] { + return pulumix.Output[*MfaOkta]{ + OutputState: i.ToMfaOktaOutputWithContext(ctx).OutputState, + } +} + // MfaOktaArrayInput is an input type that accepts MfaOktaArray and MfaOktaArrayOutput values. // You can construct a concrete instance of `MfaOktaArrayInput` via: // @@ -263,6 +272,12 @@ func (i MfaOktaArray) ToMfaOktaArrayOutputWithContext(ctx context.Context) MfaOk return pulumi.ToOutputWithContext(ctx, i).(MfaOktaArrayOutput) } +func (i MfaOktaArray) ToOutput(ctx context.Context) pulumix.Output[[]*MfaOkta] { + return pulumix.Output[[]*MfaOkta]{ + OutputState: i.ToMfaOktaArrayOutputWithContext(ctx).OutputState, + } +} + // MfaOktaMapInput is an input type that accepts MfaOktaMap and MfaOktaMapOutput values. // You can construct a concrete instance of `MfaOktaMapInput` via: // @@ -288,6 +303,12 @@ func (i MfaOktaMap) ToMfaOktaMapOutputWithContext(ctx context.Context) MfaOktaMa return pulumi.ToOutputWithContext(ctx, i).(MfaOktaMapOutput) } +func (i MfaOktaMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*MfaOkta] { + return pulumix.Output[map[string]*MfaOkta]{ + OutputState: i.ToMfaOktaMapOutputWithContext(ctx).OutputState, + } +} + type MfaOktaOutput struct{ *pulumi.OutputState } func (MfaOktaOutput) ElementType() reflect.Type { @@ -302,6 +323,12 @@ func (o MfaOktaOutput) ToMfaOktaOutputWithContext(ctx context.Context) MfaOktaOu return o } +func (o MfaOktaOutput) ToOutput(ctx context.Context) pulumix.Output[*MfaOkta] { + return pulumix.Output[*MfaOkta]{ + OutputState: o.OutputState, + } +} + // Okta API token. func (o MfaOktaOutput) ApiToken() pulumi.StringOutput { return o.ApplyT(func(v *MfaOkta) pulumi.StringOutput { return v.ApiToken }).(pulumi.StringOutput) @@ -381,6 +408,12 @@ func (o MfaOktaArrayOutput) ToMfaOktaArrayOutputWithContext(ctx context.Context) return o } +func (o MfaOktaArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*MfaOkta] { + return pulumix.Output[[]*MfaOkta]{ + OutputState: o.OutputState, + } +} + func (o MfaOktaArrayOutput) Index(i pulumi.IntInput) MfaOktaOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *MfaOkta { return vs[0].([]*MfaOkta)[vs[1].(int)] @@ -401,6 +434,12 @@ func (o MfaOktaMapOutput) ToMfaOktaMapOutputWithContext(ctx context.Context) Mfa return o } +func (o MfaOktaMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*MfaOkta] { + return pulumix.Output[map[string]*MfaOkta]{ + OutputState: o.OutputState, + } +} + func (o MfaOktaMapOutput) MapIndex(k pulumi.StringInput) MfaOktaOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *MfaOkta { return vs[0].(map[string]*MfaOkta)[vs[1].(string)] diff --git a/sdk/go/vault/identity/mfaPingid.go b/sdk/go/vault/identity/mfaPingid.go index 1fea25ddb..87abdedcf 100644 --- a/sdk/go/vault/identity/mfaPingid.go +++ b/sdk/go/vault/identity/mfaPingid.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Resource for configuring the pingid MFA method. @@ -93,6 +95,7 @@ func NewMfaPingid(ctx *pulumi.Context, if args.SettingsFileBase64 == nil { return nil, errors.New("invalid value for required argument 'SettingsFileBase64'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource MfaPingid err := ctx.RegisterResource("vault:identity/mfaPingid:MfaPingid", name, args, &resource, opts...) if err != nil { @@ -226,6 +229,12 @@ func (i *MfaPingid) ToMfaPingidOutputWithContext(ctx context.Context) MfaPingidO return pulumi.ToOutputWithContext(ctx, i).(MfaPingidOutput) } +func (i *MfaPingid) ToOutput(ctx context.Context) pulumix.Output[*MfaPingid] { + return pulumix.Output[*MfaPingid]{ + OutputState: i.ToMfaPingidOutputWithContext(ctx).OutputState, + } +} + // MfaPingidArrayInput is an input type that accepts MfaPingidArray and MfaPingidArrayOutput values. // You can construct a concrete instance of `MfaPingidArrayInput` via: // @@ -251,6 +260,12 @@ func (i MfaPingidArray) ToMfaPingidArrayOutputWithContext(ctx context.Context) M return pulumi.ToOutputWithContext(ctx, i).(MfaPingidArrayOutput) } +func (i MfaPingidArray) ToOutput(ctx context.Context) pulumix.Output[[]*MfaPingid] { + return pulumix.Output[[]*MfaPingid]{ + OutputState: i.ToMfaPingidArrayOutputWithContext(ctx).OutputState, + } +} + // MfaPingidMapInput is an input type that accepts MfaPingidMap and MfaPingidMapOutput values. // You can construct a concrete instance of `MfaPingidMapInput` via: // @@ -276,6 +291,12 @@ func (i MfaPingidMap) ToMfaPingidMapOutputWithContext(ctx context.Context) MfaPi return pulumi.ToOutputWithContext(ctx, i).(MfaPingidMapOutput) } +func (i MfaPingidMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*MfaPingid] { + return pulumix.Output[map[string]*MfaPingid]{ + OutputState: i.ToMfaPingidMapOutputWithContext(ctx).OutputState, + } +} + type MfaPingidOutput struct{ *pulumi.OutputState } func (MfaPingidOutput) ElementType() reflect.Type { @@ -290,6 +311,12 @@ func (o MfaPingidOutput) ToMfaPingidOutputWithContext(ctx context.Context) MfaPi return o } +func (o MfaPingidOutput) ToOutput(ctx context.Context) pulumix.Output[*MfaPingid] { + return pulumix.Output[*MfaPingid]{ + OutputState: o.OutputState, + } +} + // The admin URL, derived from "settingsFileBase64" func (o MfaPingidOutput) AdminUrl() pulumi.StringOutput { return o.ApplyT(func(v *MfaPingid) pulumi.StringOutput { return v.AdminUrl }).(pulumi.StringOutput) @@ -379,6 +406,12 @@ func (o MfaPingidArrayOutput) ToMfaPingidArrayOutputWithContext(ctx context.Cont return o } +func (o MfaPingidArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*MfaPingid] { + return pulumix.Output[[]*MfaPingid]{ + OutputState: o.OutputState, + } +} + func (o MfaPingidArrayOutput) Index(i pulumi.IntInput) MfaPingidOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *MfaPingid { return vs[0].([]*MfaPingid)[vs[1].(int)] @@ -399,6 +432,12 @@ func (o MfaPingidMapOutput) ToMfaPingidMapOutputWithContext(ctx context.Context) return o } +func (o MfaPingidMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*MfaPingid] { + return pulumix.Output[map[string]*MfaPingid]{ + OutputState: o.OutputState, + } +} + func (o MfaPingidMapOutput) MapIndex(k pulumi.StringInput) MfaPingidOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *MfaPingid { return vs[0].(map[string]*MfaPingid)[vs[1].(string)] diff --git a/sdk/go/vault/identity/mfaTotp.go b/sdk/go/vault/identity/mfaTotp.go index b7a8c2a09..92bfea7d8 100644 --- a/sdk/go/vault/identity/mfaTotp.go +++ b/sdk/go/vault/identity/mfaTotp.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Resource for configuring the totp MFA method. @@ -95,6 +97,7 @@ func NewMfaTotp(ctx *pulumi.Context, if args.Issuer == nil { return nil, errors.New("invalid value for required argument 'Issuer'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource MfaTotp err := ctx.RegisterResource("vault:identity/mfaTotp:MfaTotp", name, args, &resource, opts...) if err != nil { @@ -256,6 +259,12 @@ func (i *MfaTotp) ToMfaTotpOutputWithContext(ctx context.Context) MfaTotpOutput return pulumi.ToOutputWithContext(ctx, i).(MfaTotpOutput) } +func (i *MfaTotp) ToOutput(ctx context.Context) pulumix.Output[*MfaTotp] { + return pulumix.Output[*MfaTotp]{ + OutputState: i.ToMfaTotpOutputWithContext(ctx).OutputState, + } +} + // MfaTotpArrayInput is an input type that accepts MfaTotpArray and MfaTotpArrayOutput values. // You can construct a concrete instance of `MfaTotpArrayInput` via: // @@ -281,6 +290,12 @@ func (i MfaTotpArray) ToMfaTotpArrayOutputWithContext(ctx context.Context) MfaTo return pulumi.ToOutputWithContext(ctx, i).(MfaTotpArrayOutput) } +func (i MfaTotpArray) ToOutput(ctx context.Context) pulumix.Output[[]*MfaTotp] { + return pulumix.Output[[]*MfaTotp]{ + OutputState: i.ToMfaTotpArrayOutputWithContext(ctx).OutputState, + } +} + // MfaTotpMapInput is an input type that accepts MfaTotpMap and MfaTotpMapOutput values. // You can construct a concrete instance of `MfaTotpMapInput` via: // @@ -306,6 +321,12 @@ func (i MfaTotpMap) ToMfaTotpMapOutputWithContext(ctx context.Context) MfaTotpMa return pulumi.ToOutputWithContext(ctx, i).(MfaTotpMapOutput) } +func (i MfaTotpMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*MfaTotp] { + return pulumix.Output[map[string]*MfaTotp]{ + OutputState: i.ToMfaTotpMapOutputWithContext(ctx).OutputState, + } +} + type MfaTotpOutput struct{ *pulumi.OutputState } func (MfaTotpOutput) ElementType() reflect.Type { @@ -320,6 +341,12 @@ func (o MfaTotpOutput) ToMfaTotpOutputWithContext(ctx context.Context) MfaTotpOu return o } +func (o MfaTotpOutput) ToOutput(ctx context.Context) pulumix.Output[*MfaTotp] { + return pulumix.Output[*MfaTotp]{ + OutputState: o.OutputState, + } +} + // Specifies the hashing algorithm used to generate the TOTP code. Options include SHA1, SHA256, SHA512. func (o MfaTotpOutput) Algorithm() pulumi.StringPtrOutput { return o.ApplyT(func(v *MfaTotp) pulumi.StringPtrOutput { return v.Algorithm }).(pulumi.StringPtrOutput) @@ -414,6 +441,12 @@ func (o MfaTotpArrayOutput) ToMfaTotpArrayOutputWithContext(ctx context.Context) return o } +func (o MfaTotpArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*MfaTotp] { + return pulumix.Output[[]*MfaTotp]{ + OutputState: o.OutputState, + } +} + func (o MfaTotpArrayOutput) Index(i pulumi.IntInput) MfaTotpOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *MfaTotp { return vs[0].([]*MfaTotp)[vs[1].(int)] @@ -434,6 +467,12 @@ func (o MfaTotpMapOutput) ToMfaTotpMapOutputWithContext(ctx context.Context) Mfa return o } +func (o MfaTotpMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*MfaTotp] { + return pulumix.Output[map[string]*MfaTotp]{ + OutputState: o.OutputState, + } +} + func (o MfaTotpMapOutput) MapIndex(k pulumi.StringInput) MfaTotpOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *MfaTotp { return vs[0].(map[string]*MfaTotp)[vs[1].(string)] diff --git a/sdk/go/vault/identity/oidc.go b/sdk/go/vault/identity/oidc.go index 2cf0ccfa3..e9ced008c 100644 --- a/sdk/go/vault/identity/oidc.go +++ b/sdk/go/vault/identity/oidc.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Configure the [Identity Tokens Backend](https://www.vaultproject.io/docs/secrets/identity/index.html#identity-tokens). @@ -64,6 +66,7 @@ func NewOidc(ctx *pulumi.Context, args = &OidcArgs{} } + opts = internal.PkgResourceDefaultOpts(opts) var resource Oidc err := ctx.RegisterResource("vault:identity/oidc:Oidc", name, args, &resource, opts...) if err != nil { @@ -165,6 +168,12 @@ func (i *Oidc) ToOidcOutputWithContext(ctx context.Context) OidcOutput { return pulumi.ToOutputWithContext(ctx, i).(OidcOutput) } +func (i *Oidc) ToOutput(ctx context.Context) pulumix.Output[*Oidc] { + return pulumix.Output[*Oidc]{ + OutputState: i.ToOidcOutputWithContext(ctx).OutputState, + } +} + // OidcArrayInput is an input type that accepts OidcArray and OidcArrayOutput values. // You can construct a concrete instance of `OidcArrayInput` via: // @@ -190,6 +199,12 @@ func (i OidcArray) ToOidcArrayOutputWithContext(ctx context.Context) OidcArrayOu return pulumi.ToOutputWithContext(ctx, i).(OidcArrayOutput) } +func (i OidcArray) ToOutput(ctx context.Context) pulumix.Output[[]*Oidc] { + return pulumix.Output[[]*Oidc]{ + OutputState: i.ToOidcArrayOutputWithContext(ctx).OutputState, + } +} + // OidcMapInput is an input type that accepts OidcMap and OidcMapOutput values. // You can construct a concrete instance of `OidcMapInput` via: // @@ -215,6 +230,12 @@ func (i OidcMap) ToOidcMapOutputWithContext(ctx context.Context) OidcMapOutput { return pulumi.ToOutputWithContext(ctx, i).(OidcMapOutput) } +func (i OidcMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*Oidc] { + return pulumix.Output[map[string]*Oidc]{ + OutputState: i.ToOidcMapOutputWithContext(ctx).OutputState, + } +} + type OidcOutput struct{ *pulumi.OutputState } func (OidcOutput) ElementType() reflect.Type { @@ -229,6 +250,12 @@ func (o OidcOutput) ToOidcOutputWithContext(ctx context.Context) OidcOutput { return o } +func (o OidcOutput) ToOutput(ctx context.Context) pulumix.Output[*Oidc] { + return pulumix.Output[*Oidc]{ + OutputState: o.OutputState, + } +} + // Issuer URL to be used in the iss claim of the token. If not set, Vault's // `apiAddr` will be used. The issuer is a case sensitive URL using the https scheme that contains // scheme, host, and optionally, port number and path components, but no query or fragment @@ -259,6 +286,12 @@ func (o OidcArrayOutput) ToOidcArrayOutputWithContext(ctx context.Context) OidcA return o } +func (o OidcArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*Oidc] { + return pulumix.Output[[]*Oidc]{ + OutputState: o.OutputState, + } +} + func (o OidcArrayOutput) Index(i pulumi.IntInput) OidcOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *Oidc { return vs[0].([]*Oidc)[vs[1].(int)] @@ -279,6 +312,12 @@ func (o OidcMapOutput) ToOidcMapOutputWithContext(ctx context.Context) OidcMapOu return o } +func (o OidcMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*Oidc] { + return pulumix.Output[map[string]*Oidc]{ + OutputState: o.OutputState, + } +} + func (o OidcMapOutput) MapIndex(k pulumi.StringInput) OidcOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *Oidc { return vs[0].(map[string]*Oidc)[vs[1].(string)] diff --git a/sdk/go/vault/identity/oidcAssignment.go b/sdk/go/vault/identity/oidcAssignment.go index 654e3fed2..b7993495f 100644 --- a/sdk/go/vault/identity/oidcAssignment.go +++ b/sdk/go/vault/identity/oidcAssignment.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Manages OIDC Assignments in a Vault server. See the [Vault documentation](https://www.vaultproject.io/api-docs/secret/identity/oidc-provider#create-or-update-an-assignment) @@ -94,6 +96,7 @@ func NewOidcAssignment(ctx *pulumi.Context, args = &OidcAssignmentArgs{} } + opts = internal.PkgResourceDefaultOpts(opts) var resource OidcAssignment err := ctx.RegisterResource("vault:identity/oidcAssignment:OidcAssignment", name, args, &resource, opts...) if err != nil { @@ -199,6 +202,12 @@ func (i *OidcAssignment) ToOidcAssignmentOutputWithContext(ctx context.Context) return pulumi.ToOutputWithContext(ctx, i).(OidcAssignmentOutput) } +func (i *OidcAssignment) ToOutput(ctx context.Context) pulumix.Output[*OidcAssignment] { + return pulumix.Output[*OidcAssignment]{ + OutputState: i.ToOidcAssignmentOutputWithContext(ctx).OutputState, + } +} + // OidcAssignmentArrayInput is an input type that accepts OidcAssignmentArray and OidcAssignmentArrayOutput values. // You can construct a concrete instance of `OidcAssignmentArrayInput` via: // @@ -224,6 +233,12 @@ func (i OidcAssignmentArray) ToOidcAssignmentArrayOutputWithContext(ctx context. return pulumi.ToOutputWithContext(ctx, i).(OidcAssignmentArrayOutput) } +func (i OidcAssignmentArray) ToOutput(ctx context.Context) pulumix.Output[[]*OidcAssignment] { + return pulumix.Output[[]*OidcAssignment]{ + OutputState: i.ToOidcAssignmentArrayOutputWithContext(ctx).OutputState, + } +} + // OidcAssignmentMapInput is an input type that accepts OidcAssignmentMap and OidcAssignmentMapOutput values. // You can construct a concrete instance of `OidcAssignmentMapInput` via: // @@ -249,6 +264,12 @@ func (i OidcAssignmentMap) ToOidcAssignmentMapOutputWithContext(ctx context.Cont return pulumi.ToOutputWithContext(ctx, i).(OidcAssignmentMapOutput) } +func (i OidcAssignmentMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*OidcAssignment] { + return pulumix.Output[map[string]*OidcAssignment]{ + OutputState: i.ToOidcAssignmentMapOutputWithContext(ctx).OutputState, + } +} + type OidcAssignmentOutput struct{ *pulumi.OutputState } func (OidcAssignmentOutput) ElementType() reflect.Type { @@ -263,6 +284,12 @@ func (o OidcAssignmentOutput) ToOidcAssignmentOutputWithContext(ctx context.Cont return o } +func (o OidcAssignmentOutput) ToOutput(ctx context.Context) pulumix.Output[*OidcAssignment] { + return pulumix.Output[*OidcAssignment]{ + OutputState: o.OutputState, + } +} + // A set of Vault entity IDs. func (o OidcAssignmentOutput) EntityIds() pulumi.StringArrayOutput { return o.ApplyT(func(v *OidcAssignment) pulumi.StringArrayOutput { return v.EntityIds }).(pulumi.StringArrayOutput) @@ -300,6 +327,12 @@ func (o OidcAssignmentArrayOutput) ToOidcAssignmentArrayOutputWithContext(ctx co return o } +func (o OidcAssignmentArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*OidcAssignment] { + return pulumix.Output[[]*OidcAssignment]{ + OutputState: o.OutputState, + } +} + func (o OidcAssignmentArrayOutput) Index(i pulumi.IntInput) OidcAssignmentOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *OidcAssignment { return vs[0].([]*OidcAssignment)[vs[1].(int)] @@ -320,6 +353,12 @@ func (o OidcAssignmentMapOutput) ToOidcAssignmentMapOutputWithContext(ctx contex return o } +func (o OidcAssignmentMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*OidcAssignment] { + return pulumix.Output[map[string]*OidcAssignment]{ + OutputState: o.OutputState, + } +} + func (o OidcAssignmentMapOutput) MapIndex(k pulumi.StringInput) OidcAssignmentOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *OidcAssignment { return vs[0].(map[string]*OidcAssignment)[vs[1].(string)] diff --git a/sdk/go/vault/identity/oidcClient.go b/sdk/go/vault/identity/oidcClient.go index 3e6a2ec23..ebff61226 100644 --- a/sdk/go/vault/identity/oidcClient.go +++ b/sdk/go/vault/identity/oidcClient.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Manages OIDC Clients in a Vault server. See the [Vault documentation](https://www.vaultproject.io/api-docs/secret/identity/oidc-provider#create-or-update-an-assignment) @@ -113,6 +115,7 @@ func NewOidcClient(ctx *pulumi.Context, "clientSecret", }) opts = append(opts, secrets) + opts = internal.PkgResourceDefaultOpts(opts) var resource OidcClient err := ctx.RegisterResource("vault:identity/oidcClient:OidcClient", name, args, &resource, opts...) if err != nil { @@ -282,6 +285,12 @@ func (i *OidcClient) ToOidcClientOutputWithContext(ctx context.Context) OidcClie return pulumi.ToOutputWithContext(ctx, i).(OidcClientOutput) } +func (i *OidcClient) ToOutput(ctx context.Context) pulumix.Output[*OidcClient] { + return pulumix.Output[*OidcClient]{ + OutputState: i.ToOidcClientOutputWithContext(ctx).OutputState, + } +} + // OidcClientArrayInput is an input type that accepts OidcClientArray and OidcClientArrayOutput values. // You can construct a concrete instance of `OidcClientArrayInput` via: // @@ -307,6 +316,12 @@ func (i OidcClientArray) ToOidcClientArrayOutputWithContext(ctx context.Context) return pulumi.ToOutputWithContext(ctx, i).(OidcClientArrayOutput) } +func (i OidcClientArray) ToOutput(ctx context.Context) pulumix.Output[[]*OidcClient] { + return pulumix.Output[[]*OidcClient]{ + OutputState: i.ToOidcClientArrayOutputWithContext(ctx).OutputState, + } +} + // OidcClientMapInput is an input type that accepts OidcClientMap and OidcClientMapOutput values. // You can construct a concrete instance of `OidcClientMapInput` via: // @@ -332,6 +347,12 @@ func (i OidcClientMap) ToOidcClientMapOutputWithContext(ctx context.Context) Oid return pulumi.ToOutputWithContext(ctx, i).(OidcClientMapOutput) } +func (i OidcClientMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*OidcClient] { + return pulumix.Output[map[string]*OidcClient]{ + OutputState: i.ToOidcClientMapOutputWithContext(ctx).OutputState, + } +} + type OidcClientOutput struct{ *pulumi.OutputState } func (OidcClientOutput) ElementType() reflect.Type { @@ -346,6 +367,12 @@ func (o OidcClientOutput) ToOidcClientOutputWithContext(ctx context.Context) Oid return o } +func (o OidcClientOutput) ToOutput(ctx context.Context) pulumix.Output[*OidcClient] { + return pulumix.Output[*OidcClient]{ + OutputState: o.OutputState, + } +} + // The time-to-live for access tokens obtained by the client. func (o OidcClientOutput) AccessTokenTtl() pulumi.IntOutput { return o.ApplyT(func(v *OidcClient) pulumi.IntOutput { return v.AccessTokenTtl }).(pulumi.IntOutput) @@ -419,6 +446,12 @@ func (o OidcClientArrayOutput) ToOidcClientArrayOutputWithContext(ctx context.Co return o } +func (o OidcClientArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*OidcClient] { + return pulumix.Output[[]*OidcClient]{ + OutputState: o.OutputState, + } +} + func (o OidcClientArrayOutput) Index(i pulumi.IntInput) OidcClientOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *OidcClient { return vs[0].([]*OidcClient)[vs[1].(int)] @@ -439,6 +472,12 @@ func (o OidcClientMapOutput) ToOidcClientMapOutputWithContext(ctx context.Contex return o } +func (o OidcClientMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*OidcClient] { + return pulumix.Output[map[string]*OidcClient]{ + OutputState: o.OutputState, + } +} + func (o OidcClientMapOutput) MapIndex(k pulumi.StringInput) OidcClientOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *OidcClient { return vs[0].(map[string]*OidcClient)[vs[1].(string)] diff --git a/sdk/go/vault/identity/oidcKey.go b/sdk/go/vault/identity/oidcKey.go index 310c30b96..d9ad235d3 100644 --- a/sdk/go/vault/identity/oidcKey.go +++ b/sdk/go/vault/identity/oidcKey.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -51,7 +53,7 @@ import ( // // ## Import // -// # The key can be imported with the key name, for example +// The key can be imported with the key name, for example: // // ```sh // @@ -64,8 +66,8 @@ type OidcKey struct { // Signing algorithm to use. Signing algorithm to use. // Allowed values are: RS256 (default), RS384, RS512, ES256, ES384, ES512, EdDSA. Algorithm pulumi.StringPtrOutput `pulumi:"algorithm"` - // Array of role client ids allowed to use this key for signing. If empty, no roles are allowed. If "*", all roles are - // allowed. + // Array of role client ID allowed to use this key for signing. If + // empty, no roles are allowed. If `["*"]`, all roles are allowed. AllowedClientIds pulumi.StringArrayOutput `pulumi:"allowedClientIds"` // Name of the OIDC Key to create. Name pulumi.StringOutput `pulumi:"name"` @@ -88,6 +90,7 @@ func NewOidcKey(ctx *pulumi.Context, args = &OidcKeyArgs{} } + opts = internal.PkgResourceDefaultOpts(opts) var resource OidcKey err := ctx.RegisterResource("vault:identity/oidcKey:OidcKey", name, args, &resource, opts...) if err != nil { @@ -113,8 +116,8 @@ type oidcKeyState struct { // Signing algorithm to use. Signing algorithm to use. // Allowed values are: RS256 (default), RS384, RS512, ES256, ES384, ES512, EdDSA. Algorithm *string `pulumi:"algorithm"` - // Array of role client ids allowed to use this key for signing. If empty, no roles are allowed. If "*", all roles are - // allowed. + // Array of role client ID allowed to use this key for signing. If + // empty, no roles are allowed. If `["*"]`, all roles are allowed. AllowedClientIds []string `pulumi:"allowedClientIds"` // Name of the OIDC Key to create. Name *string `pulumi:"name"` @@ -134,8 +137,8 @@ type OidcKeyState struct { // Signing algorithm to use. Signing algorithm to use. // Allowed values are: RS256 (default), RS384, RS512, ES256, ES384, ES512, EdDSA. Algorithm pulumi.StringPtrInput - // Array of role client ids allowed to use this key for signing. If empty, no roles are allowed. If "*", all roles are - // allowed. + // Array of role client ID allowed to use this key for signing. If + // empty, no roles are allowed. If `["*"]`, all roles are allowed. AllowedClientIds pulumi.StringArrayInput // Name of the OIDC Key to create. Name pulumi.StringPtrInput @@ -159,8 +162,8 @@ type oidcKeyArgs struct { // Signing algorithm to use. Signing algorithm to use. // Allowed values are: RS256 (default), RS384, RS512, ES256, ES384, ES512, EdDSA. Algorithm *string `pulumi:"algorithm"` - // Array of role client ids allowed to use this key for signing. If empty, no roles are allowed. If "*", all roles are - // allowed. + // Array of role client ID allowed to use this key for signing. If + // empty, no roles are allowed. If `["*"]`, all roles are allowed. AllowedClientIds []string `pulumi:"allowedClientIds"` // Name of the OIDC Key to create. Name *string `pulumi:"name"` @@ -181,8 +184,8 @@ type OidcKeyArgs struct { // Signing algorithm to use. Signing algorithm to use. // Allowed values are: RS256 (default), RS384, RS512, ES256, ES384, ES512, EdDSA. Algorithm pulumi.StringPtrInput - // Array of role client ids allowed to use this key for signing. If empty, no roles are allowed. If "*", all roles are - // allowed. + // Array of role client ID allowed to use this key for signing. If + // empty, no roles are allowed. If `["*"]`, all roles are allowed. AllowedClientIds pulumi.StringArrayInput // Name of the OIDC Key to create. Name pulumi.StringPtrInput @@ -221,6 +224,12 @@ func (i *OidcKey) ToOidcKeyOutputWithContext(ctx context.Context) OidcKeyOutput return pulumi.ToOutputWithContext(ctx, i).(OidcKeyOutput) } +func (i *OidcKey) ToOutput(ctx context.Context) pulumix.Output[*OidcKey] { + return pulumix.Output[*OidcKey]{ + OutputState: i.ToOidcKeyOutputWithContext(ctx).OutputState, + } +} + // OidcKeyArrayInput is an input type that accepts OidcKeyArray and OidcKeyArrayOutput values. // You can construct a concrete instance of `OidcKeyArrayInput` via: // @@ -246,6 +255,12 @@ func (i OidcKeyArray) ToOidcKeyArrayOutputWithContext(ctx context.Context) OidcK return pulumi.ToOutputWithContext(ctx, i).(OidcKeyArrayOutput) } +func (i OidcKeyArray) ToOutput(ctx context.Context) pulumix.Output[[]*OidcKey] { + return pulumix.Output[[]*OidcKey]{ + OutputState: i.ToOidcKeyArrayOutputWithContext(ctx).OutputState, + } +} + // OidcKeyMapInput is an input type that accepts OidcKeyMap and OidcKeyMapOutput values. // You can construct a concrete instance of `OidcKeyMapInput` via: // @@ -271,6 +286,12 @@ func (i OidcKeyMap) ToOidcKeyMapOutputWithContext(ctx context.Context) OidcKeyMa return pulumi.ToOutputWithContext(ctx, i).(OidcKeyMapOutput) } +func (i OidcKeyMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*OidcKey] { + return pulumix.Output[map[string]*OidcKey]{ + OutputState: i.ToOidcKeyMapOutputWithContext(ctx).OutputState, + } +} + type OidcKeyOutput struct{ *pulumi.OutputState } func (OidcKeyOutput) ElementType() reflect.Type { @@ -285,14 +306,20 @@ func (o OidcKeyOutput) ToOidcKeyOutputWithContext(ctx context.Context) OidcKeyOu return o } +func (o OidcKeyOutput) ToOutput(ctx context.Context) pulumix.Output[*OidcKey] { + return pulumix.Output[*OidcKey]{ + OutputState: o.OutputState, + } +} + // Signing algorithm to use. Signing algorithm to use. // Allowed values are: RS256 (default), RS384, RS512, ES256, ES384, ES512, EdDSA. func (o OidcKeyOutput) Algorithm() pulumi.StringPtrOutput { return o.ApplyT(func(v *OidcKey) pulumi.StringPtrOutput { return v.Algorithm }).(pulumi.StringPtrOutput) } -// Array of role client ids allowed to use this key for signing. If empty, no roles are allowed. If "*", all roles are -// allowed. +// Array of role client ID allowed to use this key for signing. If +// empty, no roles are allowed. If `["*"]`, all roles are allowed. func (o OidcKeyOutput) AllowedClientIds() pulumi.StringArrayOutput { return o.ApplyT(func(v *OidcKey) pulumi.StringArrayOutput { return v.AllowedClientIds }).(pulumi.StringArrayOutput) } @@ -335,6 +362,12 @@ func (o OidcKeyArrayOutput) ToOidcKeyArrayOutputWithContext(ctx context.Context) return o } +func (o OidcKeyArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*OidcKey] { + return pulumix.Output[[]*OidcKey]{ + OutputState: o.OutputState, + } +} + func (o OidcKeyArrayOutput) Index(i pulumi.IntInput) OidcKeyOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *OidcKey { return vs[0].([]*OidcKey)[vs[1].(int)] @@ -355,6 +388,12 @@ func (o OidcKeyMapOutput) ToOidcKeyMapOutputWithContext(ctx context.Context) Oid return o } +func (o OidcKeyMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*OidcKey] { + return pulumix.Output[map[string]*OidcKey]{ + OutputState: o.OutputState, + } +} + func (o OidcKeyMapOutput) MapIndex(k pulumi.StringInput) OidcKeyOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *OidcKey { return vs[0].(map[string]*OidcKey)[vs[1].(string)] diff --git a/sdk/go/vault/identity/oidcKeyAllowedClientID.go b/sdk/go/vault/identity/oidcKeyAllowedClientID.go index 306914ba0..92a7c3712 100644 --- a/sdk/go/vault/identity/oidcKeyAllowedClientID.go +++ b/sdk/go/vault/identity/oidcKeyAllowedClientID.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -76,6 +78,7 @@ func NewOidcKeyAllowedClientID(ctx *pulumi.Context, if args.KeyName == nil { return nil, errors.New("invalid value for required argument 'KeyName'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource OidcKeyAllowedClientID err := ctx.RegisterResource("vault:identity/oidcKeyAllowedClientID:OidcKeyAllowedClientID", name, args, &resource, opts...) if err != nil { @@ -173,6 +176,12 @@ func (i *OidcKeyAllowedClientID) ToOidcKeyAllowedClientIDOutputWithContext(ctx c return pulumi.ToOutputWithContext(ctx, i).(OidcKeyAllowedClientIDOutput) } +func (i *OidcKeyAllowedClientID) ToOutput(ctx context.Context) pulumix.Output[*OidcKeyAllowedClientID] { + return pulumix.Output[*OidcKeyAllowedClientID]{ + OutputState: i.ToOidcKeyAllowedClientIDOutputWithContext(ctx).OutputState, + } +} + // OidcKeyAllowedClientIDArrayInput is an input type that accepts OidcKeyAllowedClientIDArray and OidcKeyAllowedClientIDArrayOutput values. // You can construct a concrete instance of `OidcKeyAllowedClientIDArrayInput` via: // @@ -198,6 +207,12 @@ func (i OidcKeyAllowedClientIDArray) ToOidcKeyAllowedClientIDArrayOutputWithCont return pulumi.ToOutputWithContext(ctx, i).(OidcKeyAllowedClientIDArrayOutput) } +func (i OidcKeyAllowedClientIDArray) ToOutput(ctx context.Context) pulumix.Output[[]*OidcKeyAllowedClientID] { + return pulumix.Output[[]*OidcKeyAllowedClientID]{ + OutputState: i.ToOidcKeyAllowedClientIDArrayOutputWithContext(ctx).OutputState, + } +} + // OidcKeyAllowedClientIDMapInput is an input type that accepts OidcKeyAllowedClientIDMap and OidcKeyAllowedClientIDMapOutput values. // You can construct a concrete instance of `OidcKeyAllowedClientIDMapInput` via: // @@ -223,6 +238,12 @@ func (i OidcKeyAllowedClientIDMap) ToOidcKeyAllowedClientIDMapOutputWithContext( return pulumi.ToOutputWithContext(ctx, i).(OidcKeyAllowedClientIDMapOutput) } +func (i OidcKeyAllowedClientIDMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*OidcKeyAllowedClientID] { + return pulumix.Output[map[string]*OidcKeyAllowedClientID]{ + OutputState: i.ToOidcKeyAllowedClientIDMapOutputWithContext(ctx).OutputState, + } +} + type OidcKeyAllowedClientIDOutput struct{ *pulumi.OutputState } func (OidcKeyAllowedClientIDOutput) ElementType() reflect.Type { @@ -237,6 +258,12 @@ func (o OidcKeyAllowedClientIDOutput) ToOidcKeyAllowedClientIDOutputWithContext( return o } +func (o OidcKeyAllowedClientIDOutput) ToOutput(ctx context.Context) pulumix.Output[*OidcKeyAllowedClientID] { + return pulumix.Output[*OidcKeyAllowedClientID]{ + OutputState: o.OutputState, + } +} + // Client ID to allow usage with the OIDC named key func (o OidcKeyAllowedClientIDOutput) AllowedClientId() pulumi.StringOutput { return o.ApplyT(func(v *OidcKeyAllowedClientID) pulumi.StringOutput { return v.AllowedClientId }).(pulumi.StringOutput) @@ -269,6 +296,12 @@ func (o OidcKeyAllowedClientIDArrayOutput) ToOidcKeyAllowedClientIDArrayOutputWi return o } +func (o OidcKeyAllowedClientIDArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*OidcKeyAllowedClientID] { + return pulumix.Output[[]*OidcKeyAllowedClientID]{ + OutputState: o.OutputState, + } +} + func (o OidcKeyAllowedClientIDArrayOutput) Index(i pulumi.IntInput) OidcKeyAllowedClientIDOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *OidcKeyAllowedClientID { return vs[0].([]*OidcKeyAllowedClientID)[vs[1].(int)] @@ -289,6 +322,12 @@ func (o OidcKeyAllowedClientIDMapOutput) ToOidcKeyAllowedClientIDMapOutputWithCo return o } +func (o OidcKeyAllowedClientIDMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*OidcKeyAllowedClientID] { + return pulumix.Output[map[string]*OidcKeyAllowedClientID]{ + OutputState: o.OutputState, + } +} + func (o OidcKeyAllowedClientIDMapOutput) MapIndex(k pulumi.StringInput) OidcKeyAllowedClientIDOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *OidcKeyAllowedClientID { return vs[0].(map[string]*OidcKeyAllowedClientID)[vs[1].(string)] diff --git a/sdk/go/vault/identity/oidcProvider.go b/sdk/go/vault/identity/oidcProvider.go index 17e1ded7a..c85c64349 100644 --- a/sdk/go/vault/identity/oidcProvider.go +++ b/sdk/go/vault/identity/oidcProvider.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Manages OIDC Providers in a Vault server. See the [Vault documentation](https://www.vaultproject.io/api-docs/secret/identity/oidc-provider#create-or-update-an-assignment) @@ -140,6 +142,7 @@ func NewOidcProvider(ctx *pulumi.Context, args = &OidcProviderArgs{} } + opts = internal.PkgResourceDefaultOpts(opts) var resource OidcProvider err := ctx.RegisterResource("vault:identity/oidcProvider:OidcProvider", name, args, &resource, opts...) if err != nil { @@ -273,6 +276,12 @@ func (i *OidcProvider) ToOidcProviderOutputWithContext(ctx context.Context) Oidc return pulumi.ToOutputWithContext(ctx, i).(OidcProviderOutput) } +func (i *OidcProvider) ToOutput(ctx context.Context) pulumix.Output[*OidcProvider] { + return pulumix.Output[*OidcProvider]{ + OutputState: i.ToOidcProviderOutputWithContext(ctx).OutputState, + } +} + // OidcProviderArrayInput is an input type that accepts OidcProviderArray and OidcProviderArrayOutput values. // You can construct a concrete instance of `OidcProviderArrayInput` via: // @@ -298,6 +307,12 @@ func (i OidcProviderArray) ToOidcProviderArrayOutputWithContext(ctx context.Cont return pulumi.ToOutputWithContext(ctx, i).(OidcProviderArrayOutput) } +func (i OidcProviderArray) ToOutput(ctx context.Context) pulumix.Output[[]*OidcProvider] { + return pulumix.Output[[]*OidcProvider]{ + OutputState: i.ToOidcProviderArrayOutputWithContext(ctx).OutputState, + } +} + // OidcProviderMapInput is an input type that accepts OidcProviderMap and OidcProviderMapOutput values. // You can construct a concrete instance of `OidcProviderMapInput` via: // @@ -323,6 +338,12 @@ func (i OidcProviderMap) ToOidcProviderMapOutputWithContext(ctx context.Context) return pulumi.ToOutputWithContext(ctx, i).(OidcProviderMapOutput) } +func (i OidcProviderMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*OidcProvider] { + return pulumix.Output[map[string]*OidcProvider]{ + OutputState: i.ToOidcProviderMapOutputWithContext(ctx).OutputState, + } +} + type OidcProviderOutput struct{ *pulumi.OutputState } func (OidcProviderOutput) ElementType() reflect.Type { @@ -337,6 +358,12 @@ func (o OidcProviderOutput) ToOidcProviderOutputWithContext(ctx context.Context) return o } +func (o OidcProviderOutput) ToOutput(ctx context.Context) pulumix.Output[*OidcProvider] { + return pulumix.Output[*OidcProvider]{ + OutputState: o.OutputState, + } +} + // The client IDs that are permitted to use the provider. // If empty, no clients are allowed. If `*`, all clients are allowed. func (o OidcProviderOutput) AllowedClientIds() pulumi.StringArrayOutput { @@ -392,6 +419,12 @@ func (o OidcProviderArrayOutput) ToOidcProviderArrayOutputWithContext(ctx contex return o } +func (o OidcProviderArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*OidcProvider] { + return pulumix.Output[[]*OidcProvider]{ + OutputState: o.OutputState, + } +} + func (o OidcProviderArrayOutput) Index(i pulumi.IntInput) OidcProviderOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *OidcProvider { return vs[0].([]*OidcProvider)[vs[1].(int)] @@ -412,6 +445,12 @@ func (o OidcProviderMapOutput) ToOidcProviderMapOutputWithContext(ctx context.Co return o } +func (o OidcProviderMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*OidcProvider] { + return pulumix.Output[map[string]*OidcProvider]{ + OutputState: o.OutputState, + } +} + func (o OidcProviderMapOutput) MapIndex(k pulumi.StringInput) OidcProviderOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *OidcProvider { return vs[0].(map[string]*OidcProvider)[vs[1].(string)] diff --git a/sdk/go/vault/identity/oidcRole.go b/sdk/go/vault/identity/oidcRole.go index f475f517c..1a03e8051 100644 --- a/sdk/go/vault/identity/oidcRole.go +++ b/sdk/go/vault/identity/oidcRole.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -100,7 +102,7 @@ import ( // // ## Import // -// # The key can be imported with the role name, for example +// The key can be imported with the role name, for example: // // ```sh // @@ -142,6 +144,7 @@ func NewOidcRole(ctx *pulumi.Context, if args.Key == nil { return nil, errors.New("invalid value for required argument 'Key'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource OidcRole err := ctx.RegisterResource("vault:identity/oidcRole:OidcRole", name, args, &resource, opts...) if err != nil { @@ -283,6 +286,12 @@ func (i *OidcRole) ToOidcRoleOutputWithContext(ctx context.Context) OidcRoleOutp return pulumi.ToOutputWithContext(ctx, i).(OidcRoleOutput) } +func (i *OidcRole) ToOutput(ctx context.Context) pulumix.Output[*OidcRole] { + return pulumix.Output[*OidcRole]{ + OutputState: i.ToOidcRoleOutputWithContext(ctx).OutputState, + } +} + // OidcRoleArrayInput is an input type that accepts OidcRoleArray and OidcRoleArrayOutput values. // You can construct a concrete instance of `OidcRoleArrayInput` via: // @@ -308,6 +317,12 @@ func (i OidcRoleArray) ToOidcRoleArrayOutputWithContext(ctx context.Context) Oid return pulumi.ToOutputWithContext(ctx, i).(OidcRoleArrayOutput) } +func (i OidcRoleArray) ToOutput(ctx context.Context) pulumix.Output[[]*OidcRole] { + return pulumix.Output[[]*OidcRole]{ + OutputState: i.ToOidcRoleArrayOutputWithContext(ctx).OutputState, + } +} + // OidcRoleMapInput is an input type that accepts OidcRoleMap and OidcRoleMapOutput values. // You can construct a concrete instance of `OidcRoleMapInput` via: // @@ -333,6 +348,12 @@ func (i OidcRoleMap) ToOidcRoleMapOutputWithContext(ctx context.Context) OidcRol return pulumi.ToOutputWithContext(ctx, i).(OidcRoleMapOutput) } +func (i OidcRoleMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*OidcRole] { + return pulumix.Output[map[string]*OidcRole]{ + OutputState: i.ToOidcRoleMapOutputWithContext(ctx).OutputState, + } +} + type OidcRoleOutput struct{ *pulumi.OutputState } func (OidcRoleOutput) ElementType() reflect.Type { @@ -347,6 +368,12 @@ func (o OidcRoleOutput) ToOidcRoleOutputWithContext(ctx context.Context) OidcRol return o } +func (o OidcRoleOutput) ToOutput(ctx context.Context) pulumix.Output[*OidcRole] { + return pulumix.Output[*OidcRole]{ + OutputState: o.OutputState, + } +} + // The value that will be included in the `aud` field of all the OIDC identity // tokens issued by this role func (o OidcRoleOutput) ClientId() pulumi.StringOutput { @@ -399,6 +426,12 @@ func (o OidcRoleArrayOutput) ToOidcRoleArrayOutputWithContext(ctx context.Contex return o } +func (o OidcRoleArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*OidcRole] { + return pulumix.Output[[]*OidcRole]{ + OutputState: o.OutputState, + } +} + func (o OidcRoleArrayOutput) Index(i pulumi.IntInput) OidcRoleOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *OidcRole { return vs[0].([]*OidcRole)[vs[1].(int)] @@ -419,6 +452,12 @@ func (o OidcRoleMapOutput) ToOidcRoleMapOutputWithContext(ctx context.Context) O return o } +func (o OidcRoleMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*OidcRole] { + return pulumix.Output[map[string]*OidcRole]{ + OutputState: o.OutputState, + } +} + func (o OidcRoleMapOutput) MapIndex(k pulumi.StringInput) OidcRoleOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *OidcRole { return vs[0].(map[string]*OidcRole)[vs[1].(string)] diff --git a/sdk/go/vault/identity/oidcScope.go b/sdk/go/vault/identity/oidcScope.go index ef37d7365..47a4d9080 100644 --- a/sdk/go/vault/identity/oidcScope.go +++ b/sdk/go/vault/identity/oidcScope.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Manages OIDC Scopes in a Vault server. See the [Vault documentation](https://www.vaultproject.io/api-docs/secret/identity/oidc-provider#create-or-update-a-scope) @@ -72,6 +74,7 @@ func NewOidcScope(ctx *pulumi.Context, args = &OidcScopeArgs{} } + opts = internal.PkgResourceDefaultOpts(opts) var resource OidcScope err := ctx.RegisterResource("vault:identity/oidcScope:OidcScope", name, args, &resource, opts...) if err != nil { @@ -177,6 +180,12 @@ func (i *OidcScope) ToOidcScopeOutputWithContext(ctx context.Context) OidcScopeO return pulumi.ToOutputWithContext(ctx, i).(OidcScopeOutput) } +func (i *OidcScope) ToOutput(ctx context.Context) pulumix.Output[*OidcScope] { + return pulumix.Output[*OidcScope]{ + OutputState: i.ToOidcScopeOutputWithContext(ctx).OutputState, + } +} + // OidcScopeArrayInput is an input type that accepts OidcScopeArray and OidcScopeArrayOutput values. // You can construct a concrete instance of `OidcScopeArrayInput` via: // @@ -202,6 +211,12 @@ func (i OidcScopeArray) ToOidcScopeArrayOutputWithContext(ctx context.Context) O return pulumi.ToOutputWithContext(ctx, i).(OidcScopeArrayOutput) } +func (i OidcScopeArray) ToOutput(ctx context.Context) pulumix.Output[[]*OidcScope] { + return pulumix.Output[[]*OidcScope]{ + OutputState: i.ToOidcScopeArrayOutputWithContext(ctx).OutputState, + } +} + // OidcScopeMapInput is an input type that accepts OidcScopeMap and OidcScopeMapOutput values. // You can construct a concrete instance of `OidcScopeMapInput` via: // @@ -227,6 +242,12 @@ func (i OidcScopeMap) ToOidcScopeMapOutputWithContext(ctx context.Context) OidcS return pulumi.ToOutputWithContext(ctx, i).(OidcScopeMapOutput) } +func (i OidcScopeMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*OidcScope] { + return pulumix.Output[map[string]*OidcScope]{ + OutputState: i.ToOidcScopeMapOutputWithContext(ctx).OutputState, + } +} + type OidcScopeOutput struct{ *pulumi.OutputState } func (OidcScopeOutput) ElementType() reflect.Type { @@ -241,6 +262,12 @@ func (o OidcScopeOutput) ToOidcScopeOutputWithContext(ctx context.Context) OidcS return o } +func (o OidcScopeOutput) ToOutput(ctx context.Context) pulumix.Output[*OidcScope] { + return pulumix.Output[*OidcScope]{ + OutputState: o.OutputState, + } +} + // A description of the scope. func (o OidcScopeOutput) Description() pulumi.StringPtrOutput { return o.ApplyT(func(v *OidcScope) pulumi.StringPtrOutput { return v.Description }).(pulumi.StringPtrOutput) @@ -278,6 +305,12 @@ func (o OidcScopeArrayOutput) ToOidcScopeArrayOutputWithContext(ctx context.Cont return o } +func (o OidcScopeArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*OidcScope] { + return pulumix.Output[[]*OidcScope]{ + OutputState: o.OutputState, + } +} + func (o OidcScopeArrayOutput) Index(i pulumi.IntInput) OidcScopeOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *OidcScope { return vs[0].([]*OidcScope)[vs[1].(int)] @@ -298,6 +331,12 @@ func (o OidcScopeMapOutput) ToOidcScopeMapOutputWithContext(ctx context.Context) return o } +func (o OidcScopeMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*OidcScope] { + return pulumix.Output[map[string]*OidcScope]{ + OutputState: o.OutputState, + } +} + func (o OidcScopeMapOutput) MapIndex(k pulumi.StringInput) OidcScopeOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *OidcScope { return vs[0].(map[string]*OidcScope)[vs[1].(string)] diff --git a/sdk/go/vault/identity/pulumiTypes.go b/sdk/go/vault/identity/pulumiTypes.go index ac99d9f8c..f8c06e063 100644 --- a/sdk/go/vault/identity/pulumiTypes.go +++ b/sdk/go/vault/identity/pulumiTypes.go @@ -7,9 +7,13 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) +var _ = internal.GetEnvOrDefault + type GetEntityAliasType struct { // Canonical ID of the Alias CanonicalId string `pulumi:"canonicalId"` @@ -79,6 +83,12 @@ func (i GetEntityAliasTypeArgs) ToGetEntityAliasTypeOutputWithContext(ctx contex return pulumi.ToOutputWithContext(ctx, i).(GetEntityAliasTypeOutput) } +func (i GetEntityAliasTypeArgs) ToOutput(ctx context.Context) pulumix.Output[GetEntityAliasType] { + return pulumix.Output[GetEntityAliasType]{ + OutputState: i.ToGetEntityAliasTypeOutputWithContext(ctx).OutputState, + } +} + // GetEntityAliasTypeArrayInput is an input type that accepts GetEntityAliasTypeArray and GetEntityAliasTypeArrayOutput values. // You can construct a concrete instance of `GetEntityAliasTypeArrayInput` via: // @@ -104,6 +114,12 @@ func (i GetEntityAliasTypeArray) ToGetEntityAliasTypeArrayOutputWithContext(ctx return pulumi.ToOutputWithContext(ctx, i).(GetEntityAliasTypeArrayOutput) } +func (i GetEntityAliasTypeArray) ToOutput(ctx context.Context) pulumix.Output[[]GetEntityAliasType] { + return pulumix.Output[[]GetEntityAliasType]{ + OutputState: i.ToGetEntityAliasTypeArrayOutputWithContext(ctx).OutputState, + } +} + type GetEntityAliasTypeOutput struct{ *pulumi.OutputState } func (GetEntityAliasTypeOutput) ElementType() reflect.Type { @@ -118,6 +134,12 @@ func (o GetEntityAliasTypeOutput) ToGetEntityAliasTypeOutputWithContext(ctx cont return o } +func (o GetEntityAliasTypeOutput) ToOutput(ctx context.Context) pulumix.Output[GetEntityAliasType] { + return pulumix.Output[GetEntityAliasType]{ + OutputState: o.OutputState, + } +} + // Canonical ID of the Alias func (o GetEntityAliasTypeOutput) CanonicalId() pulumi.StringOutput { return o.ApplyT(func(v GetEntityAliasType) string { return v.CanonicalId }).(pulumi.StringOutput) @@ -182,6 +204,12 @@ func (o GetEntityAliasTypeArrayOutput) ToGetEntityAliasTypeArrayOutputWithContex return o } +func (o GetEntityAliasTypeArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]GetEntityAliasType] { + return pulumix.Output[[]GetEntityAliasType]{ + OutputState: o.OutputState, + } +} + func (o GetEntityAliasTypeArrayOutput) Index(i pulumi.IntInput) GetEntityAliasTypeOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) GetEntityAliasType { return vs[0].([]GetEntityAliasType)[vs[1].(int)] diff --git a/sdk/go/vault/init.go b/sdk/go/vault/init.go index b30cdb892..c8b46b410 100644 --- a/sdk/go/vault/init.go +++ b/sdk/go/vault/init.go @@ -7,6 +7,7 @@ import ( "fmt" "github.com/blang/semver" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) @@ -89,7 +90,10 @@ func (p *pkg) ConstructProvider(ctx *pulumi.Context, name, typ, urn string) (pul } func init() { - version, _ := PkgVersion() + version, err := internal.PkgVersion() + if err != nil { + version = semver.Version{Major: 1} + } pulumi.RegisterResourceModule( "vault", "index/audit", diff --git a/sdk/go/vault/config/pulumiUtilities.go b/sdk/go/vault/internal/pulumiUtilities.go similarity index 59% rename from sdk/go/vault/config/pulumiUtilities.go rename to sdk/go/vault/internal/pulumiUtilities.go index 3aa4978fc..a56072854 100644 --- a/sdk/go/vault/config/pulumiUtilities.go +++ b/sdk/go/vault/internal/pulumiUtilities.go @@ -1,7 +1,7 @@ // Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. // *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** -package config +package internal import ( "fmt" @@ -17,7 +17,7 @@ import ( type envParser func(v string) interface{} -func parseEnvBool(v string) interface{} { +func ParseEnvBool(v string) interface{} { b, err := strconv.ParseBool(v) if err != nil { return nil @@ -25,7 +25,7 @@ func parseEnvBool(v string) interface{} { return b } -func parseEnvInt(v string) interface{} { +func ParseEnvInt(v string) interface{} { i, err := strconv.ParseInt(v, 0, 0) if err != nil { return nil @@ -33,7 +33,7 @@ func parseEnvInt(v string) interface{} { return int(i) } -func parseEnvFloat(v string) interface{} { +func ParseEnvFloat(v string) interface{} { f, err := strconv.ParseFloat(v, 64) if err != nil { return nil @@ -41,7 +41,7 @@ func parseEnvFloat(v string) interface{} { return f } -func parseEnvStringArray(v string) interface{} { +func ParseEnvStringArray(v string) interface{} { var result pulumi.StringArray for _, item := range strings.Split(v, ";") { result = append(result, pulumi.String(item)) @@ -49,9 +49,9 @@ func parseEnvStringArray(v string) interface{} { return result } -func getEnvOrDefault(def interface{}, parser envParser, vars ...string) interface{} { +func GetEnvOrDefault(def interface{}, parser envParser, vars ...string) interface{} { for _, v := range vars { - if value := os.Getenv(v); value != "" { + if value, ok := os.LookupEnv(v); ok { if parser != nil { return parser(value) } @@ -65,6 +65,10 @@ func getEnvOrDefault(def interface{}, parser envParser, vars ...string) interfac // If a version cannot be determined, v1 will be assumed. The second return // value is always nil. func PkgVersion() (semver.Version, error) { + // emptyVersion defaults to v0.0.0 + if !SdkVersion.Equals(semver.Version{}) { + return SdkVersion, nil + } type sentinal struct{} pkgPath := reflect.TypeOf(sentinal{}).PkgPath() re := regexp.MustCompile("^.*/pulumi-vault/sdk(/v\\d+)?") @@ -79,9 +83,31 @@ func PkgVersion() (semver.Version, error) { } // isZero is a null safe check for if a value is it's types zero value. -func isZero(v interface{}) bool { +func IsZero(v interface{}) bool { if v == nil { return true } return reflect.ValueOf(v).IsZero() } + +// PkgResourceDefaultOpts provides package level defaults to pulumi.OptionResource. +func PkgResourceDefaultOpts(opts []pulumi.ResourceOption) []pulumi.ResourceOption { + defaults := []pulumi.ResourceOption{} + + version := SdkVersion + if !version.Equals(semver.Version{}) { + defaults = append(defaults, pulumi.Version(version.String())) + } + return append(defaults, opts...) +} + +// PkgInvokeDefaultOpts provides package level defaults to pulumi.OptionInvoke. +func PkgInvokeDefaultOpts(opts []pulumi.InvokeOption) []pulumi.InvokeOption { + defaults := []pulumi.InvokeOption{} + + version := SdkVersion + if !version.Equals(semver.Version{}) { + defaults = append(defaults, pulumi.Version(version.String())) + } + return append(defaults, opts...) +} diff --git a/sdk/go/vault/internal/pulumiVersion.go b/sdk/go/vault/internal/pulumiVersion.go new file mode 100644 index 000000000..d59168766 --- /dev/null +++ b/sdk/go/vault/internal/pulumiVersion.go @@ -0,0 +1,11 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package internal + +import ( + "github.com/blang/semver" +) + +var SdkVersion semver.Version = semver.Version{} +var pluginDownloadURL string = "" diff --git a/sdk/go/vault/jwt/authBackend.go b/sdk/go/vault/jwt/authBackend.go index 614370965..229bcd7f7 100644 --- a/sdk/go/vault/jwt/authBackend.go +++ b/sdk/go/vault/jwt/authBackend.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Provides a resource for managing an @@ -161,6 +163,10 @@ type AuthBackend struct { // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrOutput `pulumi:"namespace"` // Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs + // + // * tune - (Optional) Extra configuration block. Structure is documented below. + // + // The `tune` block is used to tune the auth backend: NamespaceInState pulumi.BoolPtrOutput `pulumi:"namespaceInState"` // Client ID used for OIDC backends OidcClientId pulumi.StringPtrOutput `pulumi:"oidcClientId"` @@ -191,12 +197,13 @@ func NewAuthBackend(ctx *pulumi.Context, } if args.OidcClientSecret != nil { - args.OidcClientSecret = pulumi.ToSecret(args.OidcClientSecret).(pulumi.StringPtrOutput) + args.OidcClientSecret = pulumi.ToSecret(args.OidcClientSecret).(pulumi.StringPtrInput) } secrets := pulumi.AdditionalSecretOutputs([]string{ "oidcClientSecret", }) opts = append(opts, secrets) + opts = internal.PkgResourceDefaultOpts(opts) var resource AuthBackend err := ctx.RegisterResource("vault:jwt/authBackend:AuthBackend", name, args, &resource, opts...) if err != nil { @@ -246,6 +253,10 @@ type authBackendState struct { // *Available only for Vault Enterprise*. Namespace *string `pulumi:"namespace"` // Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs + // + // * tune - (Optional) Extra configuration block. Structure is documented below. + // + // The `tune` block is used to tune the auth backend: NamespaceInState *bool `pulumi:"namespaceInState"` // Client ID used for OIDC backends OidcClientId *string `pulumi:"oidcClientId"` @@ -296,6 +307,10 @@ type AuthBackendState struct { // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput // Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs + // + // * tune - (Optional) Extra configuration block. Structure is documented below. + // + // The `tune` block is used to tune the auth backend: NamespaceInState pulumi.BoolPtrInput // Client ID used for OIDC backends OidcClientId pulumi.StringPtrInput @@ -348,6 +363,10 @@ type authBackendArgs struct { // *Available only for Vault Enterprise*. Namespace *string `pulumi:"namespace"` // Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs + // + // * tune - (Optional) Extra configuration block. Structure is documented below. + // + // The `tune` block is used to tune the auth backend: NamespaceInState *bool `pulumi:"namespaceInState"` // Client ID used for OIDC backends OidcClientId *string `pulumi:"oidcClientId"` @@ -397,6 +416,10 @@ type AuthBackendArgs struct { // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput // Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs + // + // * tune - (Optional) Extra configuration block. Structure is documented below. + // + // The `tune` block is used to tune the auth backend: NamespaceInState pulumi.BoolPtrInput // Client ID used for OIDC backends OidcClientId pulumi.StringPtrInput @@ -442,6 +465,12 @@ func (i *AuthBackend) ToAuthBackendOutputWithContext(ctx context.Context) AuthBa return pulumi.ToOutputWithContext(ctx, i).(AuthBackendOutput) } +func (i *AuthBackend) ToOutput(ctx context.Context) pulumix.Output[*AuthBackend] { + return pulumix.Output[*AuthBackend]{ + OutputState: i.ToAuthBackendOutputWithContext(ctx).OutputState, + } +} + // AuthBackendArrayInput is an input type that accepts AuthBackendArray and AuthBackendArrayOutput values. // You can construct a concrete instance of `AuthBackendArrayInput` via: // @@ -467,6 +496,12 @@ func (i AuthBackendArray) ToAuthBackendArrayOutputWithContext(ctx context.Contex return pulumi.ToOutputWithContext(ctx, i).(AuthBackendArrayOutput) } +func (i AuthBackendArray) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackend] { + return pulumix.Output[[]*AuthBackend]{ + OutputState: i.ToAuthBackendArrayOutputWithContext(ctx).OutputState, + } +} + // AuthBackendMapInput is an input type that accepts AuthBackendMap and AuthBackendMapOutput values. // You can construct a concrete instance of `AuthBackendMapInput` via: // @@ -492,6 +527,12 @@ func (i AuthBackendMap) ToAuthBackendMapOutputWithContext(ctx context.Context) A return pulumi.ToOutputWithContext(ctx, i).(AuthBackendMapOutput) } +func (i AuthBackendMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackend] { + return pulumix.Output[map[string]*AuthBackend]{ + OutputState: i.ToAuthBackendMapOutputWithContext(ctx).OutputState, + } +} + type AuthBackendOutput struct{ *pulumi.OutputState } func (AuthBackendOutput) ElementType() reflect.Type { @@ -506,6 +547,12 @@ func (o AuthBackendOutput) ToAuthBackendOutputWithContext(ctx context.Context) A return o } +func (o AuthBackendOutput) ToOutput(ctx context.Context) pulumix.Output[*AuthBackend] { + return pulumix.Output[*AuthBackend]{ + OutputState: o.OutputState, + } +} + // The accessor for this auth method func (o AuthBackendOutput) Accessor() pulumi.StringOutput { return o.ApplyT(func(v *AuthBackend) pulumi.StringOutput { return v.Accessor }).(pulumi.StringOutput) @@ -566,6 +613,10 @@ func (o AuthBackendOutput) Namespace() pulumi.StringPtrOutput { } // Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs +// +// * tune - (Optional) Extra configuration block. Structure is documented below. +// +// The `tune` block is used to tune the auth backend: func (o AuthBackendOutput) NamespaceInState() pulumi.BoolPtrOutput { return o.ApplyT(func(v *AuthBackend) pulumi.BoolPtrOutput { return v.NamespaceInState }).(pulumi.BoolPtrOutput) } @@ -633,6 +684,12 @@ func (o AuthBackendArrayOutput) ToAuthBackendArrayOutputWithContext(ctx context. return o } +func (o AuthBackendArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackend] { + return pulumix.Output[[]*AuthBackend]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendArrayOutput) Index(i pulumi.IntInput) AuthBackendOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AuthBackend { return vs[0].([]*AuthBackend)[vs[1].(int)] @@ -653,6 +710,12 @@ func (o AuthBackendMapOutput) ToAuthBackendMapOutputWithContext(ctx context.Cont return o } +func (o AuthBackendMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackend] { + return pulumix.Output[map[string]*AuthBackend]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendMapOutput) MapIndex(k pulumi.StringInput) AuthBackendOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AuthBackend { return vs[0].(map[string]*AuthBackend)[vs[1].(string)] diff --git a/sdk/go/vault/jwt/authBackendRole.go b/sdk/go/vault/jwt/authBackendRole.go index c60ce0184..d2abcb826 100644 --- a/sdk/go/vault/jwt/authBackendRole.go +++ b/sdk/go/vault/jwt/authBackendRole.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Manages an JWT/OIDC auth backend role in a Vault server. See the [Vault @@ -48,7 +50,7 @@ import ( // BoundAudiences: pulumi.StringArray{ // pulumi.String("https://myco.test"), // }, -// BoundClaims: pulumi.AnyMap{ +// BoundClaims: pulumi.Map{ // "color": pulumi.Any("red,green,blue"), // }, // UserClaim: pulumi.String("https://vault/user"), @@ -240,6 +242,7 @@ func NewAuthBackendRole(ctx *pulumi.Context, if args.UserClaim == nil { return nil, errors.New("invalid value for required argument 'UserClaim'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource AuthBackendRole err := ctx.RegisterResource("vault:jwt/authBackendRole:AuthBackendRole", name, args, &resource, opts...) if err != nil { @@ -725,6 +728,12 @@ func (i *AuthBackendRole) ToAuthBackendRoleOutputWithContext(ctx context.Context return pulumi.ToOutputWithContext(ctx, i).(AuthBackendRoleOutput) } +func (i *AuthBackendRole) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendRole] { + return pulumix.Output[*AuthBackendRole]{ + OutputState: i.ToAuthBackendRoleOutputWithContext(ctx).OutputState, + } +} + // AuthBackendRoleArrayInput is an input type that accepts AuthBackendRoleArray and AuthBackendRoleArrayOutput values. // You can construct a concrete instance of `AuthBackendRoleArrayInput` via: // @@ -750,6 +759,12 @@ func (i AuthBackendRoleArray) ToAuthBackendRoleArrayOutputWithContext(ctx contex return pulumi.ToOutputWithContext(ctx, i).(AuthBackendRoleArrayOutput) } +func (i AuthBackendRoleArray) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendRole] { + return pulumix.Output[[]*AuthBackendRole]{ + OutputState: i.ToAuthBackendRoleArrayOutputWithContext(ctx).OutputState, + } +} + // AuthBackendRoleMapInput is an input type that accepts AuthBackendRoleMap and AuthBackendRoleMapOutput values. // You can construct a concrete instance of `AuthBackendRoleMapInput` via: // @@ -775,6 +790,12 @@ func (i AuthBackendRoleMap) ToAuthBackendRoleMapOutputWithContext(ctx context.Co return pulumi.ToOutputWithContext(ctx, i).(AuthBackendRoleMapOutput) } +func (i AuthBackendRoleMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendRole] { + return pulumix.Output[map[string]*AuthBackendRole]{ + OutputState: i.ToAuthBackendRoleMapOutputWithContext(ctx).OutputState, + } +} + type AuthBackendRoleOutput struct{ *pulumi.OutputState } func (AuthBackendRoleOutput) ElementType() reflect.Type { @@ -789,6 +810,12 @@ func (o AuthBackendRoleOutput) ToAuthBackendRoleOutputWithContext(ctx context.Co return o } +func (o AuthBackendRoleOutput) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendRole] { + return pulumix.Output[*AuthBackendRole]{ + OutputState: o.OutputState, + } +} + // The list of allowed values for redirectUri during OIDC logins. // Required for OIDC roles func (o AuthBackendRoleOutput) AllowedRedirectUris() pulumi.StringArrayOutput { @@ -996,6 +1023,12 @@ func (o AuthBackendRoleArrayOutput) ToAuthBackendRoleArrayOutputWithContext(ctx return o } +func (o AuthBackendRoleArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendRole] { + return pulumix.Output[[]*AuthBackendRole]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendRoleArrayOutput) Index(i pulumi.IntInput) AuthBackendRoleOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AuthBackendRole { return vs[0].([]*AuthBackendRole)[vs[1].(int)] @@ -1016,6 +1049,12 @@ func (o AuthBackendRoleMapOutput) ToAuthBackendRoleMapOutputWithContext(ctx cont return o } +func (o AuthBackendRoleMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendRole] { + return pulumix.Output[map[string]*AuthBackendRole]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendRoleMapOutput) MapIndex(k pulumi.StringInput) AuthBackendRoleOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AuthBackendRole { return vs[0].(map[string]*AuthBackendRole)[vs[1].(string)] diff --git a/sdk/go/vault/jwt/init.go b/sdk/go/vault/jwt/init.go index ff7280ac5..d8b8393e4 100644 --- a/sdk/go/vault/jwt/init.go +++ b/sdk/go/vault/jwt/init.go @@ -7,7 +7,7 @@ import ( "fmt" "github.com/blang/semver" - "github.com/pulumi/pulumi-vault/sdk/v5/go/vault" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) @@ -34,7 +34,7 @@ func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi } func init() { - version, err := vault.PkgVersion() + version, err := internal.PkgVersion() if err != nil { version = semver.Version{Major: 1} } diff --git a/sdk/go/vault/jwt/pulumiTypes.go b/sdk/go/vault/jwt/pulumiTypes.go index 27cdd3bc4..4a959fd75 100644 --- a/sdk/go/vault/jwt/pulumiTypes.go +++ b/sdk/go/vault/jwt/pulumiTypes.go @@ -7,9 +7,13 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) +var _ = internal.GetEnvOrDefault + type AuthBackendTune struct { // List of headers to whitelist and allowing // a plugin to include them in the response. @@ -91,6 +95,12 @@ func (i AuthBackendTuneArgs) ToAuthBackendTuneOutputWithContext(ctx context.Cont return pulumi.ToOutputWithContext(ctx, i).(AuthBackendTuneOutput) } +func (i AuthBackendTuneArgs) ToOutput(ctx context.Context) pulumix.Output[AuthBackendTune] { + return pulumix.Output[AuthBackendTune]{ + OutputState: i.ToAuthBackendTuneOutputWithContext(ctx).OutputState, + } +} + func (i AuthBackendTuneArgs) ToAuthBackendTunePtrOutput() AuthBackendTunePtrOutput { return i.ToAuthBackendTunePtrOutputWithContext(context.Background()) } @@ -132,6 +142,12 @@ func (i *authBackendTunePtrType) ToAuthBackendTunePtrOutputWithContext(ctx conte return pulumi.ToOutputWithContext(ctx, i).(AuthBackendTunePtrOutput) } +func (i *authBackendTunePtrType) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendTune] { + return pulumix.Output[*AuthBackendTune]{ + OutputState: i.ToAuthBackendTunePtrOutputWithContext(ctx).OutputState, + } +} + type AuthBackendTuneOutput struct{ *pulumi.OutputState } func (AuthBackendTuneOutput) ElementType() reflect.Type { @@ -156,6 +172,12 @@ func (o AuthBackendTuneOutput) ToAuthBackendTunePtrOutputWithContext(ctx context }).(AuthBackendTunePtrOutput) } +func (o AuthBackendTuneOutput) ToOutput(ctx context.Context) pulumix.Output[AuthBackendTune] { + return pulumix.Output[AuthBackendTune]{ + OutputState: o.OutputState, + } +} + // List of headers to whitelist and allowing // a plugin to include them in the response. func (o AuthBackendTuneOutput) AllowedResponseHeaders() pulumi.StringArrayOutput { @@ -220,6 +242,12 @@ func (o AuthBackendTunePtrOutput) ToAuthBackendTunePtrOutputWithContext(ctx cont return o } +func (o AuthBackendTunePtrOutput) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendTune] { + return pulumix.Output[*AuthBackendTune]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendTunePtrOutput) Elem() AuthBackendTuneOutput { return o.ApplyT(func(v *AuthBackendTune) AuthBackendTune { if v != nil { diff --git a/sdk/go/vault/kmip/init.go b/sdk/go/vault/kmip/init.go index a3ed60928..954341533 100644 --- a/sdk/go/vault/kmip/init.go +++ b/sdk/go/vault/kmip/init.go @@ -7,7 +7,7 @@ import ( "fmt" "github.com/blang/semver" - "github.com/pulumi/pulumi-vault/sdk/v5/go/vault" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) @@ -36,7 +36,7 @@ func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi } func init() { - version, err := vault.PkgVersion() + version, err := internal.PkgVersion() if err != nil { version = semver.Version{Major: 1} } diff --git a/sdk/go/vault/kmip/secretBackend.go b/sdk/go/vault/kmip/secretBackend.go index 3328ef690..1d3062c14 100644 --- a/sdk/go/vault/kmip/secretBackend.go +++ b/sdk/go/vault/kmip/secretBackend.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Manages KMIP Secret backends in a Vault server. This feature requires @@ -106,6 +108,7 @@ func NewSecretBackend(ctx *pulumi.Context, if args.Path == nil { return nil, errors.New("invalid value for required argument 'Path'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretBackend err := ctx.RegisterResource("vault:kmip/secretBackend:SecretBackend", name, args, &resource, opts...) if err != nil { @@ -291,6 +294,12 @@ func (i *SecretBackend) ToSecretBackendOutputWithContext(ctx context.Context) Se return pulumi.ToOutputWithContext(ctx, i).(SecretBackendOutput) } +func (i *SecretBackend) ToOutput(ctx context.Context) pulumix.Output[*SecretBackend] { + return pulumix.Output[*SecretBackend]{ + OutputState: i.ToSecretBackendOutputWithContext(ctx).OutputState, + } +} + // SecretBackendArrayInput is an input type that accepts SecretBackendArray and SecretBackendArrayOutput values. // You can construct a concrete instance of `SecretBackendArrayInput` via: // @@ -316,6 +325,12 @@ func (i SecretBackendArray) ToSecretBackendArrayOutputWithContext(ctx context.Co return pulumi.ToOutputWithContext(ctx, i).(SecretBackendArrayOutput) } +func (i SecretBackendArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackend] { + return pulumix.Output[[]*SecretBackend]{ + OutputState: i.ToSecretBackendArrayOutputWithContext(ctx).OutputState, + } +} + // SecretBackendMapInput is an input type that accepts SecretBackendMap and SecretBackendMapOutput values. // You can construct a concrete instance of `SecretBackendMapInput` via: // @@ -341,6 +356,12 @@ func (i SecretBackendMap) ToSecretBackendMapOutputWithContext(ctx context.Contex return pulumi.ToOutputWithContext(ctx, i).(SecretBackendMapOutput) } +func (i SecretBackendMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackend] { + return pulumix.Output[map[string]*SecretBackend]{ + OutputState: i.ToSecretBackendMapOutputWithContext(ctx).OutputState, + } +} + type SecretBackendOutput struct{ *pulumi.OutputState } func (SecretBackendOutput) ElementType() reflect.Type { @@ -355,6 +376,12 @@ func (o SecretBackendOutput) ToSecretBackendOutputWithContext(ctx context.Contex return o } +func (o SecretBackendOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackend] { + return pulumix.Output[*SecretBackend]{ + OutputState: o.OutputState, + } +} + // Client certificate key bits, valid values depend on key type. func (o SecretBackendOutput) DefaultTlsClientKeyBits() pulumi.IntOutput { return o.ApplyT(func(v *SecretBackend) pulumi.IntOutput { return v.DefaultTlsClientKeyBits }).(pulumi.IntOutput) @@ -439,6 +466,12 @@ func (o SecretBackendArrayOutput) ToSecretBackendArrayOutputWithContext(ctx cont return o } +func (o SecretBackendArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackend] { + return pulumix.Output[[]*SecretBackend]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendArrayOutput) Index(i pulumi.IntInput) SecretBackendOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretBackend { return vs[0].([]*SecretBackend)[vs[1].(int)] @@ -459,6 +492,12 @@ func (o SecretBackendMapOutput) ToSecretBackendMapOutputWithContext(ctx context. return o } +func (o SecretBackendMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackend] { + return pulumix.Output[map[string]*SecretBackend]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendMapOutput) MapIndex(k pulumi.StringInput) SecretBackendOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretBackend { return vs[0].(map[string]*SecretBackend)[vs[1].(string)] diff --git a/sdk/go/vault/kmip/secretRole.go b/sdk/go/vault/kmip/secretRole.go index b7543a2ee..43453b496 100644 --- a/sdk/go/vault/kmip/secretRole.go +++ b/sdk/go/vault/kmip/secretRole.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Manages KMIP Secret roles in a Vault server. This feature requires @@ -141,6 +143,7 @@ func NewSecretRole(ctx *pulumi.Context, if args.Scope == nil { return nil, errors.New("invalid value for required argument 'Scope'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretRole err := ctx.RegisterResource("vault:kmip/secretRole:SecretRole", name, args, &resource, opts...) if err != nil { @@ -386,6 +389,12 @@ func (i *SecretRole) ToSecretRoleOutputWithContext(ctx context.Context) SecretRo return pulumi.ToOutputWithContext(ctx, i).(SecretRoleOutput) } +func (i *SecretRole) ToOutput(ctx context.Context) pulumix.Output[*SecretRole] { + return pulumix.Output[*SecretRole]{ + OutputState: i.ToSecretRoleOutputWithContext(ctx).OutputState, + } +} + // SecretRoleArrayInput is an input type that accepts SecretRoleArray and SecretRoleArrayOutput values. // You can construct a concrete instance of `SecretRoleArrayInput` via: // @@ -411,6 +420,12 @@ func (i SecretRoleArray) ToSecretRoleArrayOutputWithContext(ctx context.Context) return pulumi.ToOutputWithContext(ctx, i).(SecretRoleArrayOutput) } +func (i SecretRoleArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretRole] { + return pulumix.Output[[]*SecretRole]{ + OutputState: i.ToSecretRoleArrayOutputWithContext(ctx).OutputState, + } +} + // SecretRoleMapInput is an input type that accepts SecretRoleMap and SecretRoleMapOutput values. // You can construct a concrete instance of `SecretRoleMapInput` via: // @@ -436,6 +451,12 @@ func (i SecretRoleMap) ToSecretRoleMapOutputWithContext(ctx context.Context) Sec return pulumi.ToOutputWithContext(ctx, i).(SecretRoleMapOutput) } +func (i SecretRoleMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretRole] { + return pulumix.Output[map[string]*SecretRole]{ + OutputState: i.ToSecretRoleMapOutputWithContext(ctx).OutputState, + } +} + type SecretRoleOutput struct{ *pulumi.OutputState } func (SecretRoleOutput) ElementType() reflect.Type { @@ -450,6 +471,12 @@ func (o SecretRoleOutput) ToSecretRoleOutputWithContext(ctx context.Context) Sec return o } +func (o SecretRoleOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretRole] { + return pulumix.Output[*SecretRole]{ + OutputState: o.OutputState, + } +} + // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). @@ -573,6 +600,12 @@ func (o SecretRoleArrayOutput) ToSecretRoleArrayOutputWithContext(ctx context.Co return o } +func (o SecretRoleArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretRole] { + return pulumix.Output[[]*SecretRole]{ + OutputState: o.OutputState, + } +} + func (o SecretRoleArrayOutput) Index(i pulumi.IntInput) SecretRoleOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretRole { return vs[0].([]*SecretRole)[vs[1].(int)] @@ -593,6 +626,12 @@ func (o SecretRoleMapOutput) ToSecretRoleMapOutputWithContext(ctx context.Contex return o } +func (o SecretRoleMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretRole] { + return pulumix.Output[map[string]*SecretRole]{ + OutputState: o.OutputState, + } +} + func (o SecretRoleMapOutput) MapIndex(k pulumi.StringInput) SecretRoleOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretRole { return vs[0].(map[string]*SecretRole)[vs[1].(string)] diff --git a/sdk/go/vault/kmip/secretScope.go b/sdk/go/vault/kmip/secretScope.go index 07abab7c3..57d50fc21 100644 --- a/sdk/go/vault/kmip/secretScope.go +++ b/sdk/go/vault/kmip/secretScope.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Manages KMIP Secret Scopes in a Vault server. This feature requires @@ -89,6 +91,7 @@ func NewSecretScope(ctx *pulumi.Context, if args.Scope == nil { return nil, errors.New("invalid value for required argument 'Scope'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretScope err := ctx.RegisterResource("vault:kmip/secretScope:SecretScope", name, args, &resource, opts...) if err != nil { @@ -198,6 +201,12 @@ func (i *SecretScope) ToSecretScopeOutputWithContext(ctx context.Context) Secret return pulumi.ToOutputWithContext(ctx, i).(SecretScopeOutput) } +func (i *SecretScope) ToOutput(ctx context.Context) pulumix.Output[*SecretScope] { + return pulumix.Output[*SecretScope]{ + OutputState: i.ToSecretScopeOutputWithContext(ctx).OutputState, + } +} + // SecretScopeArrayInput is an input type that accepts SecretScopeArray and SecretScopeArrayOutput values. // You can construct a concrete instance of `SecretScopeArrayInput` via: // @@ -223,6 +232,12 @@ func (i SecretScopeArray) ToSecretScopeArrayOutputWithContext(ctx context.Contex return pulumi.ToOutputWithContext(ctx, i).(SecretScopeArrayOutput) } +func (i SecretScopeArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretScope] { + return pulumix.Output[[]*SecretScope]{ + OutputState: i.ToSecretScopeArrayOutputWithContext(ctx).OutputState, + } +} + // SecretScopeMapInput is an input type that accepts SecretScopeMap and SecretScopeMapOutput values. // You can construct a concrete instance of `SecretScopeMapInput` via: // @@ -248,6 +263,12 @@ func (i SecretScopeMap) ToSecretScopeMapOutputWithContext(ctx context.Context) S return pulumi.ToOutputWithContext(ctx, i).(SecretScopeMapOutput) } +func (i SecretScopeMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretScope] { + return pulumix.Output[map[string]*SecretScope]{ + OutputState: i.ToSecretScopeMapOutputWithContext(ctx).OutputState, + } +} + type SecretScopeOutput struct{ *pulumi.OutputState } func (SecretScopeOutput) ElementType() reflect.Type { @@ -262,6 +283,12 @@ func (o SecretScopeOutput) ToSecretScopeOutputWithContext(ctx context.Context) S return o } +func (o SecretScopeOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretScope] { + return pulumix.Output[*SecretScope]{ + OutputState: o.OutputState, + } +} + // Boolean field to force deletion even if there are managed objects in the scope. func (o SecretScopeOutput) Force() pulumi.BoolPtrOutput { return o.ApplyT(func(v *SecretScope) pulumi.BoolPtrOutput { return v.Force }).(pulumi.BoolPtrOutput) @@ -300,6 +327,12 @@ func (o SecretScopeArrayOutput) ToSecretScopeArrayOutputWithContext(ctx context. return o } +func (o SecretScopeArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretScope] { + return pulumix.Output[[]*SecretScope]{ + OutputState: o.OutputState, + } +} + func (o SecretScopeArrayOutput) Index(i pulumi.IntInput) SecretScopeOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretScope { return vs[0].([]*SecretScope)[vs[1].(int)] @@ -320,6 +353,12 @@ func (o SecretScopeMapOutput) ToSecretScopeMapOutputWithContext(ctx context.Cont return o } +func (o SecretScopeMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretScope] { + return pulumix.Output[map[string]*SecretScope]{ + OutputState: o.OutputState, + } +} + func (o SecretScopeMapOutput) MapIndex(k pulumi.StringInput) SecretScopeOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretScope { return vs[0].(map[string]*SecretScope)[vs[1].(string)] diff --git a/sdk/go/vault/kubernetes/authBackendConfig.go b/sdk/go/vault/kubernetes/authBackendConfig.go index 29b1a9818..2ad7a5f92 100644 --- a/sdk/go/vault/kubernetes/authBackendConfig.go +++ b/sdk/go/vault/kubernetes/authBackendConfig.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Manages an Kubernetes auth backend config in a Vault server. See the [Vault @@ -99,12 +101,13 @@ func NewAuthBackendConfig(ctx *pulumi.Context, return nil, errors.New("invalid value for required argument 'KubernetesHost'") } if args.TokenReviewerJwt != nil { - args.TokenReviewerJwt = pulumi.ToSecret(args.TokenReviewerJwt).(pulumi.StringPtrOutput) + args.TokenReviewerJwt = pulumi.ToSecret(args.TokenReviewerJwt).(pulumi.StringPtrInput) } secrets := pulumi.AdditionalSecretOutputs([]string{ "tokenReviewerJwt", }) opts = append(opts, secrets) + opts = internal.PkgResourceDefaultOpts(opts) var resource AuthBackendConfig err := ctx.RegisterResource("vault:kubernetes/authBackendConfig:AuthBackendConfig", name, args, &resource, opts...) if err != nil { @@ -250,6 +253,12 @@ func (i *AuthBackendConfig) ToAuthBackendConfigOutputWithContext(ctx context.Con return pulumi.ToOutputWithContext(ctx, i).(AuthBackendConfigOutput) } +func (i *AuthBackendConfig) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendConfig] { + return pulumix.Output[*AuthBackendConfig]{ + OutputState: i.ToAuthBackendConfigOutputWithContext(ctx).OutputState, + } +} + // AuthBackendConfigArrayInput is an input type that accepts AuthBackendConfigArray and AuthBackendConfigArrayOutput values. // You can construct a concrete instance of `AuthBackendConfigArrayInput` via: // @@ -275,6 +284,12 @@ func (i AuthBackendConfigArray) ToAuthBackendConfigArrayOutputWithContext(ctx co return pulumi.ToOutputWithContext(ctx, i).(AuthBackendConfigArrayOutput) } +func (i AuthBackendConfigArray) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendConfig] { + return pulumix.Output[[]*AuthBackendConfig]{ + OutputState: i.ToAuthBackendConfigArrayOutputWithContext(ctx).OutputState, + } +} + // AuthBackendConfigMapInput is an input type that accepts AuthBackendConfigMap and AuthBackendConfigMapOutput values. // You can construct a concrete instance of `AuthBackendConfigMapInput` via: // @@ -300,6 +315,12 @@ func (i AuthBackendConfigMap) ToAuthBackendConfigMapOutputWithContext(ctx contex return pulumi.ToOutputWithContext(ctx, i).(AuthBackendConfigMapOutput) } +func (i AuthBackendConfigMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendConfig] { + return pulumix.Output[map[string]*AuthBackendConfig]{ + OutputState: i.ToAuthBackendConfigMapOutputWithContext(ctx).OutputState, + } +} + type AuthBackendConfigOutput struct{ *pulumi.OutputState } func (AuthBackendConfigOutput) ElementType() reflect.Type { @@ -314,6 +335,12 @@ func (o AuthBackendConfigOutput) ToAuthBackendConfigOutputWithContext(ctx contex return o } +func (o AuthBackendConfigOutput) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendConfig] { + return pulumix.Output[*AuthBackendConfig]{ + OutputState: o.OutputState, + } +} + // Unique name of the kubernetes backend to configure. func (o AuthBackendConfigOutput) Backend() pulumi.StringPtrOutput { return o.ApplyT(func(v *AuthBackendConfig) pulumi.StringPtrOutput { return v.Backend }).(pulumi.StringPtrOutput) @@ -376,6 +403,12 @@ func (o AuthBackendConfigArrayOutput) ToAuthBackendConfigArrayOutputWithContext( return o } +func (o AuthBackendConfigArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendConfig] { + return pulumix.Output[[]*AuthBackendConfig]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendConfigArrayOutput) Index(i pulumi.IntInput) AuthBackendConfigOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AuthBackendConfig { return vs[0].([]*AuthBackendConfig)[vs[1].(int)] @@ -396,6 +429,12 @@ func (o AuthBackendConfigMapOutput) ToAuthBackendConfigMapOutputWithContext(ctx return o } +func (o AuthBackendConfigMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendConfig] { + return pulumix.Output[map[string]*AuthBackendConfig]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendConfigMapOutput) MapIndex(k pulumi.StringInput) AuthBackendConfigOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AuthBackendConfig { return vs[0].(map[string]*AuthBackendConfig)[vs[1].(string)] diff --git a/sdk/go/vault/kubernetes/authBackendRole.go b/sdk/go/vault/kubernetes/authBackendRole.go index 3f305e539..c00578b38 100644 --- a/sdk/go/vault/kubernetes/authBackendRole.go +++ b/sdk/go/vault/kubernetes/authBackendRole.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Manages an Kubernetes auth backend role in a Vault server. See the [Vault @@ -78,6 +80,10 @@ type AuthBackendRole struct { // Valid choices are: `serviceaccountUid`, `serviceaccountName`. (vault-1.9+) AliasNameSource pulumi.StringOutput `pulumi:"aliasNameSource"` // Audience claim to verify in the JWT. + // + // > Please see [aliasNameSource](https://www.vaultproject.io/api-docs/auth/kubernetes#alias_name_source) + // before setting this to something other its default value. There are **important** security + // implications to be aware of. Audience pulumi.StringPtrOutput `pulumi:"audience"` // Unique name of the kubernetes backend to configure. Backend pulumi.StringPtrOutput `pulumi:"backend"` @@ -144,6 +150,7 @@ func NewAuthBackendRole(ctx *pulumi.Context, if args.RoleName == nil { return nil, errors.New("invalid value for required argument 'RoleName'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource AuthBackendRole err := ctx.RegisterResource("vault:kubernetes/authBackendRole:AuthBackendRole", name, args, &resource, opts...) if err != nil { @@ -170,6 +177,10 @@ type authBackendRoleState struct { // Valid choices are: `serviceaccountUid`, `serviceaccountName`. (vault-1.9+) AliasNameSource *string `pulumi:"aliasNameSource"` // Audience claim to verify in the JWT. + // + // > Please see [aliasNameSource](https://www.vaultproject.io/api-docs/auth/kubernetes#alias_name_source) + // before setting this to something other its default value. There are **important** security + // implications to be aware of. Audience *string `pulumi:"audience"` // Unique name of the kubernetes backend to configure. Backend *string `pulumi:"backend"` @@ -225,6 +236,10 @@ type AuthBackendRoleState struct { // Valid choices are: `serviceaccountUid`, `serviceaccountName`. (vault-1.9+) AliasNameSource pulumi.StringPtrInput // Audience claim to verify in the JWT. + // + // > Please see [aliasNameSource](https://www.vaultproject.io/api-docs/auth/kubernetes#alias_name_source) + // before setting this to something other its default value. There are **important** security + // implications to be aware of. Audience pulumi.StringPtrInput // Unique name of the kubernetes backend to configure. Backend pulumi.StringPtrInput @@ -284,6 +299,10 @@ type authBackendRoleArgs struct { // Valid choices are: `serviceaccountUid`, `serviceaccountName`. (vault-1.9+) AliasNameSource *string `pulumi:"aliasNameSource"` // Audience claim to verify in the JWT. + // + // > Please see [aliasNameSource](https://www.vaultproject.io/api-docs/auth/kubernetes#alias_name_source) + // before setting this to something other its default value. There are **important** security + // implications to be aware of. Audience *string `pulumi:"audience"` // Unique name of the kubernetes backend to configure. Backend *string `pulumi:"backend"` @@ -340,6 +359,10 @@ type AuthBackendRoleArgs struct { // Valid choices are: `serviceaccountUid`, `serviceaccountName`. (vault-1.9+) AliasNameSource pulumi.StringPtrInput // Audience claim to verify in the JWT. + // + // > Please see [aliasNameSource](https://www.vaultproject.io/api-docs/auth/kubernetes#alias_name_source) + // before setting this to something other its default value. There are **important** security + // implications to be aware of. Audience pulumi.StringPtrInput // Unique name of the kubernetes backend to configure. Backend pulumi.StringPtrInput @@ -413,6 +436,12 @@ func (i *AuthBackendRole) ToAuthBackendRoleOutputWithContext(ctx context.Context return pulumi.ToOutputWithContext(ctx, i).(AuthBackendRoleOutput) } +func (i *AuthBackendRole) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendRole] { + return pulumix.Output[*AuthBackendRole]{ + OutputState: i.ToAuthBackendRoleOutputWithContext(ctx).OutputState, + } +} + // AuthBackendRoleArrayInput is an input type that accepts AuthBackendRoleArray and AuthBackendRoleArrayOutput values. // You can construct a concrete instance of `AuthBackendRoleArrayInput` via: // @@ -438,6 +467,12 @@ func (i AuthBackendRoleArray) ToAuthBackendRoleArrayOutputWithContext(ctx contex return pulumi.ToOutputWithContext(ctx, i).(AuthBackendRoleArrayOutput) } +func (i AuthBackendRoleArray) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendRole] { + return pulumix.Output[[]*AuthBackendRole]{ + OutputState: i.ToAuthBackendRoleArrayOutputWithContext(ctx).OutputState, + } +} + // AuthBackendRoleMapInput is an input type that accepts AuthBackendRoleMap and AuthBackendRoleMapOutput values. // You can construct a concrete instance of `AuthBackendRoleMapInput` via: // @@ -463,6 +498,12 @@ func (i AuthBackendRoleMap) ToAuthBackendRoleMapOutputWithContext(ctx context.Co return pulumi.ToOutputWithContext(ctx, i).(AuthBackendRoleMapOutput) } +func (i AuthBackendRoleMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendRole] { + return pulumix.Output[map[string]*AuthBackendRole]{ + OutputState: i.ToAuthBackendRoleMapOutputWithContext(ctx).OutputState, + } +} + type AuthBackendRoleOutput struct{ *pulumi.OutputState } func (AuthBackendRoleOutput) ElementType() reflect.Type { @@ -477,6 +518,12 @@ func (o AuthBackendRoleOutput) ToAuthBackendRoleOutputWithContext(ctx context.Co return o } +func (o AuthBackendRoleOutput) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendRole] { + return pulumix.Output[*AuthBackendRole]{ + OutputState: o.OutputState, + } +} + // Configures how identity aliases are generated. // Valid choices are: `serviceaccountUid`, `serviceaccountName`. (vault-1.9+) func (o AuthBackendRoleOutput) AliasNameSource() pulumi.StringOutput { @@ -484,6 +531,10 @@ func (o AuthBackendRoleOutput) AliasNameSource() pulumi.StringOutput { } // Audience claim to verify in the JWT. +// +// > Please see [aliasNameSource](https://www.vaultproject.io/api-docs/auth/kubernetes#alias_name_source) +// before setting this to something other its default value. There are **important** security +// implications to be aware of. func (o AuthBackendRoleOutput) Audience() pulumi.StringPtrOutput { return o.ApplyT(func(v *AuthBackendRole) pulumi.StringPtrOutput { return v.Audience }).(pulumi.StringPtrOutput) } @@ -591,6 +642,12 @@ func (o AuthBackendRoleArrayOutput) ToAuthBackendRoleArrayOutputWithContext(ctx return o } +func (o AuthBackendRoleArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendRole] { + return pulumix.Output[[]*AuthBackendRole]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendRoleArrayOutput) Index(i pulumi.IntInput) AuthBackendRoleOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AuthBackendRole { return vs[0].([]*AuthBackendRole)[vs[1].(int)] @@ -611,6 +668,12 @@ func (o AuthBackendRoleMapOutput) ToAuthBackendRoleMapOutputWithContext(ctx cont return o } +func (o AuthBackendRoleMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendRole] { + return pulumix.Output[map[string]*AuthBackendRole]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendRoleMapOutput) MapIndex(k pulumi.StringInput) AuthBackendRoleOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AuthBackendRole { return vs[0].(map[string]*AuthBackendRole)[vs[1].(string)] diff --git a/sdk/go/vault/kubernetes/getAuthBackendConfig.go b/sdk/go/vault/kubernetes/getAuthBackendConfig.go index d1cf5bd98..99d629437 100644 --- a/sdk/go/vault/kubernetes/getAuthBackendConfig.go +++ b/sdk/go/vault/kubernetes/getAuthBackendConfig.go @@ -7,13 +7,16 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Reads the Role of an Kubernetes from a Vault server. See the [Vault // documentation](https://www.vaultproject.io/api-docs/auth/kubernetes#read-config) for more // information. func LookupAuthBackendConfig(ctx *pulumi.Context, args *LookupAuthBackendConfigArgs, opts ...pulumi.InvokeOption) (*LookupAuthBackendConfigResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) var rv LookupAuthBackendConfigResult err := ctx.Invoke("vault:kubernetes/getAuthBackendConfig:getAuthBackendConfig", args, &rv, opts...) if err != nil { @@ -116,6 +119,12 @@ func (o LookupAuthBackendConfigResultOutput) ToLookupAuthBackendConfigResultOutp return o } +func (o LookupAuthBackendConfigResultOutput) ToOutput(ctx context.Context) pulumix.Output[LookupAuthBackendConfigResult] { + return pulumix.Output[LookupAuthBackendConfigResult]{ + OutputState: o.OutputState, + } +} + func (o LookupAuthBackendConfigResultOutput) Backend() pulumi.StringPtrOutput { return o.ApplyT(func(v LookupAuthBackendConfigResult) *string { return v.Backend }).(pulumi.StringPtrOutput) } diff --git a/sdk/go/vault/kubernetes/getAuthBackendRole.go b/sdk/go/vault/kubernetes/getAuthBackendRole.go index 2f892c089..f02cf6420 100644 --- a/sdk/go/vault/kubernetes/getAuthBackendRole.go +++ b/sdk/go/vault/kubernetes/getAuthBackendRole.go @@ -7,13 +7,16 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Reads the Role of an Kubernetes from a Vault server. See the [Vault // documentation](https://www.vaultproject.io/api-docs/auth/kubernetes#read-role) for more // information. func LookupAuthBackendRole(ctx *pulumi.Context, args *LookupAuthBackendRoleArgs, opts ...pulumi.InvokeOption) (*LookupAuthBackendRoleResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) var rv LookupAuthBackendRoleResult err := ctx.Invoke("vault:kubernetes/getAuthBackendRole:getAuthBackendRole", args, &rv, opts...) if err != nil { @@ -211,6 +214,12 @@ func (o LookupAuthBackendRoleResultOutput) ToLookupAuthBackendRoleResultOutputWi return o } +func (o LookupAuthBackendRoleResultOutput) ToOutput(ctx context.Context) pulumix.Output[LookupAuthBackendRoleResult] { + return pulumix.Output[LookupAuthBackendRoleResult]{ + OutputState: o.OutputState, + } +} + // Method used for generating identity aliases. (vault-1.9+) func (o LookupAuthBackendRoleResultOutput) AliasNameSource() pulumi.StringOutput { return o.ApplyT(func(v LookupAuthBackendRoleResult) string { return v.AliasNameSource }).(pulumi.StringOutput) diff --git a/sdk/go/vault/kubernetes/getServiceAccountToken.go b/sdk/go/vault/kubernetes/getServiceAccountToken.go index c1cec808f..5af21aadf 100644 --- a/sdk/go/vault/kubernetes/getServiceAccountToken.go +++ b/sdk/go/vault/kubernetes/getServiceAccountToken.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -17,7 +19,7 @@ import ( // // import ( // -// "io/ioutil" +// "os" // // "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/kubernetes" // "github.com/pulumi/pulumi/sdk/v3/go/pulumi" @@ -25,7 +27,7 @@ import ( // ) // // func readFileOrPanic(path string) pulumi.StringPtrInput { -// data, err := ioutil.ReadFile(path) +// data, err := os.ReadFile(path) // if err != nil { // panic(err.Error()) // } @@ -78,6 +80,7 @@ import ( // // ``` func GetServiceAccountToken(ctx *pulumi.Context, args *GetServiceAccountTokenArgs, opts ...pulumi.InvokeOption) (*GetServiceAccountTokenResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) var rv GetServiceAccountTokenResult err := ctx.Invoke("vault:kubernetes/getServiceAccountToken:getServiceAccountToken", args, &rv, opts...) if err != nil { @@ -190,6 +193,12 @@ func (o GetServiceAccountTokenResultOutput) ToGetServiceAccountTokenResultOutput return o } +func (o GetServiceAccountTokenResultOutput) ToOutput(ctx context.Context) pulumix.Output[GetServiceAccountTokenResult] { + return pulumix.Output[GetServiceAccountTokenResult]{ + OutputState: o.OutputState, + } +} + func (o GetServiceAccountTokenResultOutput) Backend() pulumi.StringOutput { return o.ApplyT(func(v GetServiceAccountTokenResult) string { return v.Backend }).(pulumi.StringOutput) } diff --git a/sdk/go/vault/kubernetes/init.go b/sdk/go/vault/kubernetes/init.go index efcd4fcc7..46fd69245 100644 --- a/sdk/go/vault/kubernetes/init.go +++ b/sdk/go/vault/kubernetes/init.go @@ -7,7 +7,7 @@ import ( "fmt" "github.com/blang/semver" - "github.com/pulumi/pulumi-vault/sdk/v5/go/vault" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) @@ -38,7 +38,7 @@ func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi } func init() { - version, err := vault.PkgVersion() + version, err := internal.PkgVersion() if err != nil { version = semver.Version{Major: 1} } diff --git a/sdk/go/vault/kubernetes/secretBackend.go b/sdk/go/vault/kubernetes/secretBackend.go index 8799cebc1..1589ad4fc 100644 --- a/sdk/go/vault/kubernetes/secretBackend.go +++ b/sdk/go/vault/kubernetes/secretBackend.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -18,7 +20,7 @@ import ( // // import ( // -// "io/ioutil" +// "os" // // "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/kubernetes" // "github.com/pulumi/pulumi/sdk/v3/go/pulumi" @@ -26,7 +28,7 @@ import ( // ) // // func readFileOrPanic(path string) pulumi.StringPtrInput { -// data, err := ioutil.ReadFile(path) +// data, err := os.ReadFile(path) // if err != nil { // panic(err.Error()) // } @@ -124,12 +126,13 @@ func NewSecretBackend(ctx *pulumi.Context, return nil, errors.New("invalid value for required argument 'Path'") } if args.ServiceAccountJwt != nil { - args.ServiceAccountJwt = pulumi.ToSecret(args.ServiceAccountJwt).(pulumi.StringPtrOutput) + args.ServiceAccountJwt = pulumi.ToSecret(args.ServiceAccountJwt).(pulumi.StringPtrInput) } secrets := pulumi.AdditionalSecretOutputs([]string{ "serviceAccountJwt", }) opts = append(opts, secrets) + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretBackend err := ctx.RegisterResource("vault:kubernetes/secretBackend:SecretBackend", name, args, &resource, opts...) if err != nil { @@ -367,6 +370,12 @@ func (i *SecretBackend) ToSecretBackendOutputWithContext(ctx context.Context) Se return pulumi.ToOutputWithContext(ctx, i).(SecretBackendOutput) } +func (i *SecretBackend) ToOutput(ctx context.Context) pulumix.Output[*SecretBackend] { + return pulumix.Output[*SecretBackend]{ + OutputState: i.ToSecretBackendOutputWithContext(ctx).OutputState, + } +} + // SecretBackendArrayInput is an input type that accepts SecretBackendArray and SecretBackendArrayOutput values. // You can construct a concrete instance of `SecretBackendArrayInput` via: // @@ -392,6 +401,12 @@ func (i SecretBackendArray) ToSecretBackendArrayOutputWithContext(ctx context.Co return pulumi.ToOutputWithContext(ctx, i).(SecretBackendArrayOutput) } +func (i SecretBackendArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackend] { + return pulumix.Output[[]*SecretBackend]{ + OutputState: i.ToSecretBackendArrayOutputWithContext(ctx).OutputState, + } +} + // SecretBackendMapInput is an input type that accepts SecretBackendMap and SecretBackendMapOutput values. // You can construct a concrete instance of `SecretBackendMapInput` via: // @@ -417,6 +432,12 @@ func (i SecretBackendMap) ToSecretBackendMapOutputWithContext(ctx context.Contex return pulumi.ToOutputWithContext(ctx, i).(SecretBackendMapOutput) } +func (i SecretBackendMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackend] { + return pulumix.Output[map[string]*SecretBackend]{ + OutputState: i.ToSecretBackendMapOutputWithContext(ctx).OutputState, + } +} + type SecretBackendOutput struct{ *pulumi.OutputState } func (SecretBackendOutput) ElementType() reflect.Type { @@ -431,6 +452,12 @@ func (o SecretBackendOutput) ToSecretBackendOutputWithContext(ctx context.Contex return o } +func (o SecretBackendOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackend] { + return pulumix.Output[*SecretBackend]{ + OutputState: o.OutputState, + } +} + // Accessor of the mount func (o SecretBackendOutput) Accessor() pulumi.StringOutput { return o.ApplyT(func(v *SecretBackend) pulumi.StringOutput { return v.Accessor }).(pulumi.StringOutput) @@ -541,6 +568,12 @@ func (o SecretBackendArrayOutput) ToSecretBackendArrayOutputWithContext(ctx cont return o } +func (o SecretBackendArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackend] { + return pulumix.Output[[]*SecretBackend]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendArrayOutput) Index(i pulumi.IntInput) SecretBackendOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretBackend { return vs[0].([]*SecretBackend)[vs[1].(int)] @@ -561,6 +594,12 @@ func (o SecretBackendMapOutput) ToSecretBackendMapOutputWithContext(ctx context. return o } +func (o SecretBackendMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackend] { + return pulumix.Output[map[string]*SecretBackend]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendMapOutput) MapIndex(k pulumi.StringInput) SecretBackendOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretBackend { return vs[0].(map[string]*SecretBackend)[vs[1].(string)] diff --git a/sdk/go/vault/kubernetes/secretBackendRole.go b/sdk/go/vault/kubernetes/secretBackendRole.go index fa7292c57..8117d2da6 100644 --- a/sdk/go/vault/kubernetes/secretBackendRole.go +++ b/sdk/go/vault/kubernetes/secretBackendRole.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -20,7 +22,7 @@ import ( // // import ( // -// "io/ioutil" +// "os" // // "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/kubernetes" // "github.com/pulumi/pulumi/sdk/v3/go/pulumi" @@ -28,7 +30,7 @@ import ( // ) // // func readFileOrPanic(path string) pulumi.StringPtrInput { -// data, err := ioutil.ReadFile(path) +// data, err := os.ReadFile(path) // if err != nil { // panic(err.Error()) // } @@ -81,7 +83,7 @@ import ( // // import ( // -// "io/ioutil" +// "os" // // "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/kubernetes" // "github.com/pulumi/pulumi/sdk/v3/go/pulumi" @@ -89,7 +91,7 @@ import ( // ) // // func readFileOrPanic(path string) pulumi.StringPtrInput { -// data, err := ioutil.ReadFile(path) +// data, err := os.ReadFile(path) // if err != nil { // panic(err.Error()) // } @@ -142,7 +144,7 @@ import ( // // import ( // -// "io/ioutil" +// "os" // // "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/kubernetes" // "github.com/pulumi/pulumi/sdk/v3/go/pulumi" @@ -150,7 +152,7 @@ import ( // ) // // func readFileOrPanic(path string) pulumi.StringPtrInput { -// data, err := ioutil.ReadFile(path) +// data, err := os.ReadFile(path) // if err != nil { // panic(err.Error()) // } @@ -220,6 +222,8 @@ type SecretBackendRole struct { ExtraAnnotations pulumi.StringMapOutput `pulumi:"extraAnnotations"` // Additional labels to apply to all generated Kubernetes // objects. + // + // This resource also directly accepts all Mount fields. ExtraLabels pulumi.StringMapOutput `pulumi:"extraLabels"` // The Role or ClusterRole rules to use when generating // a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `serviceAccountName` @@ -267,6 +271,7 @@ func NewSecretBackendRole(ctx *pulumi.Context, if args.Backend == nil { return nil, errors.New("invalid value for required argument 'Backend'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretBackendRole err := ctx.RegisterResource("vault:kubernetes/secretBackendRole:SecretBackendRole", name, args, &resource, opts...) if err != nil { @@ -300,6 +305,8 @@ type secretBackendRoleState struct { ExtraAnnotations map[string]string `pulumi:"extraAnnotations"` // Additional labels to apply to all generated Kubernetes // objects. + // + // This resource also directly accepts all Mount fields. ExtraLabels map[string]string `pulumi:"extraLabels"` // The Role or ClusterRole rules to use when generating // a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `serviceAccountName` @@ -346,6 +353,8 @@ type SecretBackendRoleState struct { ExtraAnnotations pulumi.StringMapInput // Additional labels to apply to all generated Kubernetes // objects. + // + // This resource also directly accepts all Mount fields. ExtraLabels pulumi.StringMapInput // The Role or ClusterRole rules to use when generating // a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `serviceAccountName` @@ -396,6 +405,8 @@ type secretBackendRoleArgs struct { ExtraAnnotations map[string]string `pulumi:"extraAnnotations"` // Additional labels to apply to all generated Kubernetes // objects. + // + // This resource also directly accepts all Mount fields. ExtraLabels map[string]string `pulumi:"extraLabels"` // The Role or ClusterRole rules to use when generating // a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `serviceAccountName` @@ -443,6 +454,8 @@ type SecretBackendRoleArgs struct { ExtraAnnotations pulumi.StringMapInput // Additional labels to apply to all generated Kubernetes // objects. + // + // This resource also directly accepts all Mount fields. ExtraLabels pulumi.StringMapInput // The Role or ClusterRole rules to use when generating // a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `serviceAccountName` @@ -500,6 +513,12 @@ func (i *SecretBackendRole) ToSecretBackendRoleOutputWithContext(ctx context.Con return pulumi.ToOutputWithContext(ctx, i).(SecretBackendRoleOutput) } +func (i *SecretBackendRole) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendRole] { + return pulumix.Output[*SecretBackendRole]{ + OutputState: i.ToSecretBackendRoleOutputWithContext(ctx).OutputState, + } +} + // SecretBackendRoleArrayInput is an input type that accepts SecretBackendRoleArray and SecretBackendRoleArrayOutput values. // You can construct a concrete instance of `SecretBackendRoleArrayInput` via: // @@ -525,6 +544,12 @@ func (i SecretBackendRoleArray) ToSecretBackendRoleArrayOutputWithContext(ctx co return pulumi.ToOutputWithContext(ctx, i).(SecretBackendRoleArrayOutput) } +func (i SecretBackendRoleArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendRole] { + return pulumix.Output[[]*SecretBackendRole]{ + OutputState: i.ToSecretBackendRoleArrayOutputWithContext(ctx).OutputState, + } +} + // SecretBackendRoleMapInput is an input type that accepts SecretBackendRoleMap and SecretBackendRoleMapOutput values. // You can construct a concrete instance of `SecretBackendRoleMapInput` via: // @@ -550,6 +575,12 @@ func (i SecretBackendRoleMap) ToSecretBackendRoleMapOutputWithContext(ctx contex return pulumi.ToOutputWithContext(ctx, i).(SecretBackendRoleMapOutput) } +func (i SecretBackendRoleMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendRole] { + return pulumix.Output[map[string]*SecretBackendRole]{ + OutputState: i.ToSecretBackendRoleMapOutputWithContext(ctx).OutputState, + } +} + type SecretBackendRoleOutput struct{ *pulumi.OutputState } func (SecretBackendRoleOutput) ElementType() reflect.Type { @@ -564,6 +595,12 @@ func (o SecretBackendRoleOutput) ToSecretBackendRoleOutputWithContext(ctx contex return o } +func (o SecretBackendRoleOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendRole] { + return pulumix.Output[*SecretBackendRole]{ + OutputState: o.OutputState, + } +} + // The list of Kubernetes namespaces this role // can generate credentials for. If set to `*` all namespaces are allowed. func (o SecretBackendRoleOutput) AllowedKubernetesNamespaces() pulumi.StringArrayOutput { @@ -584,6 +621,8 @@ func (o SecretBackendRoleOutput) ExtraAnnotations() pulumi.StringMapOutput { // Additional labels to apply to all generated Kubernetes // objects. +// +// This resource also directly accepts all Mount fields. func (o SecretBackendRoleOutput) ExtraLabels() pulumi.StringMapOutput { return o.ApplyT(func(v *SecretBackendRole) pulumi.StringMapOutput { return v.ExtraLabels }).(pulumi.StringMapOutput) } @@ -660,6 +699,12 @@ func (o SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutputWithContext( return o } +func (o SecretBackendRoleArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendRole] { + return pulumix.Output[[]*SecretBackendRole]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendRoleArrayOutput) Index(i pulumi.IntInput) SecretBackendRoleOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretBackendRole { return vs[0].([]*SecretBackendRole)[vs[1].(int)] @@ -680,6 +725,12 @@ func (o SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutputWithContext(ctx return o } +func (o SecretBackendRoleMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendRole] { + return pulumix.Output[map[string]*SecretBackendRole]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendRoleMapOutput) MapIndex(k pulumi.StringInput) SecretBackendRoleOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretBackendRole { return vs[0].(map[string]*SecretBackendRole)[vs[1].(string)] diff --git a/sdk/go/vault/kv/getSecret.go b/sdk/go/vault/kv/getSecret.go index 5e25b48b8..cfe41d740 100644 --- a/sdk/go/vault/kv/getSecret.go +++ b/sdk/go/vault/kv/getSecret.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -31,7 +33,7 @@ import ( // kvv1, err := vault.NewMount(ctx, "kvv1", &vault.MountArgs{ // Path: pulumi.String("kvv1"), // Type: pulumi.String("kv"), -// Options: pulumi.AnyMap{ +// Options: pulumi.Map{ // "version": pulumi.Any("1"), // }, // Description: pulumi.String("KV Version 1 secret engine mount"), @@ -68,6 +70,7 @@ import ( // // Use of this resource requires the `read` capability on the given path. func LookupSecret(ctx *pulumi.Context, args *LookupSecretArgs, opts ...pulumi.InvokeOption) (*LookupSecretResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) var rv LookupSecretResult err := ctx.Invoke("vault:kv/getSecret:getSecret", args, &rv, opts...) if err != nil { @@ -154,6 +157,12 @@ func (o LookupSecretResultOutput) ToLookupSecretResultOutputWithContext(ctx cont return o } +func (o LookupSecretResultOutput) ToOutput(ctx context.Context) pulumix.Output[LookupSecretResult] { + return pulumix.Output[LookupSecretResult]{ + OutputState: o.OutputState, + } +} + // A mapping whose keys are the top-level data keys returned from // Vault and whose values are the corresponding values. This map can only // represent string data, so any non-string values returned from Vault are diff --git a/sdk/go/vault/kv/getSecretSubkeysV2.go b/sdk/go/vault/kv/getSecretSubkeysV2.go index 3d6730bf2..0f42a8828 100644 --- a/sdk/go/vault/kv/getSecretSubkeysV2.go +++ b/sdk/go/vault/kv/getSecretSubkeysV2.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -30,7 +32,7 @@ import ( // kvv2, err := vault.NewMount(ctx, "kvv2", &vault.MountArgs{ // Path: pulumi.String("kvv2"), // Type: pulumi.String("kv"), -// Options: pulumi.AnyMap{ +// Options: pulumi.Map{ // "version": pulumi.Any("2"), // }, // Description: pulumi.String("KV Version 2 secret engine mount"), @@ -66,6 +68,7 @@ import ( // // Use of this resource requires the `read` capability on the given path. func GetSecretSubkeysV2(ctx *pulumi.Context, args *GetSecretSubkeysV2Args, opts ...pulumi.InvokeOption) (*GetSecretSubkeysV2Result, error) { + opts = internal.PkgInvokeDefaultOpts(opts) var rv GetSecretSubkeysV2Result err := ctx.Invoke("vault:kv/getSecretSubkeysV2:getSecretSubkeysV2", args, &rv, opts...) if err != nil { @@ -171,6 +174,12 @@ func (o GetSecretSubkeysV2ResultOutput) ToGetSecretSubkeysV2ResultOutputWithCont return o } +func (o GetSecretSubkeysV2ResultOutput) ToOutput(ctx context.Context) pulumix.Output[GetSecretSubkeysV2Result] { + return pulumix.Output[GetSecretSubkeysV2Result]{ + OutputState: o.OutputState, + } +} + // Subkeys for the KV-V2 secret stored as a serialized map of strings. func (o GetSecretSubkeysV2ResultOutput) Data() pulumi.MapOutput { return o.ApplyT(func(v GetSecretSubkeysV2Result) map[string]interface{} { return v.Data }).(pulumi.MapOutput) diff --git a/sdk/go/vault/kv/getSecretV2.go b/sdk/go/vault/kv/getSecretV2.go index 211e0e349..97979d60d 100644 --- a/sdk/go/vault/kv/getSecretV2.go +++ b/sdk/go/vault/kv/getSecretV2.go @@ -7,13 +7,16 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Required Vault Capabilities // // Use of this resource requires the `read` capability on the given path. func LookupSecretV2(ctx *pulumi.Context, args *LookupSecretV2Args, opts ...pulumi.InvokeOption) (*LookupSecretV2Result, error) { + opts = internal.PkgInvokeDefaultOpts(opts) var rv LookupSecretV2Result err := ctx.Invoke("vault:kv/getSecretV2:getSecretV2", args, &rv, opts...) if err != nil { @@ -118,6 +121,12 @@ func (o LookupSecretV2ResultOutput) ToLookupSecretV2ResultOutputWithContext(ctx return o } +func (o LookupSecretV2ResultOutput) ToOutput(ctx context.Context) pulumix.Output[LookupSecretV2Result] { + return pulumix.Output[LookupSecretV2Result]{ + OutputState: o.OutputState, + } +} + // Time at which secret was created. func (o LookupSecretV2ResultOutput) CreatedTime() pulumi.StringOutput { return o.ApplyT(func(v LookupSecretV2Result) string { return v.CreatedTime }).(pulumi.StringOutput) diff --git a/sdk/go/vault/kv/getSecretsList.go b/sdk/go/vault/kv/getSecretsList.go index 496368719..c8390e8e2 100644 --- a/sdk/go/vault/kv/getSecretsList.go +++ b/sdk/go/vault/kv/getSecretsList.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -31,7 +33,7 @@ import ( // kvv1, err := vault.NewMount(ctx, "kvv1", &vault.MountArgs{ // Path: pulumi.String("kvv1"), // Type: pulumi.String("kv"), -// Options: pulumi.AnyMap{ +// Options: pulumi.Map{ // "version": pulumi.Any("1"), // }, // Description: pulumi.String("KV Version 1 secret engine mount"), @@ -83,6 +85,7 @@ import ( // // Use of this resource requires the `read` capability on the given path. func GetSecretsList(ctx *pulumi.Context, args *GetSecretsListArgs, opts ...pulumi.InvokeOption) (*GetSecretsListResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) var rv GetSecretsListResult err := ctx.Invoke("vault:kv/getSecretsList:getSecretsList", args, &rv, opts...) if err != nil { @@ -155,6 +158,12 @@ func (o GetSecretsListResultOutput) ToGetSecretsListResultOutputWithContext(ctx return o } +func (o GetSecretsListResultOutput) ToOutput(ctx context.Context) pulumix.Output[GetSecretsListResult] { + return pulumix.Output[GetSecretsListResult]{ + OutputState: o.OutputState, + } +} + // The provider-assigned unique ID for this managed resource. func (o GetSecretsListResultOutput) Id() pulumi.StringOutput { return o.ApplyT(func(v GetSecretsListResult) string { return v.Id }).(pulumi.StringOutput) diff --git a/sdk/go/vault/kv/getSecretsListV2.go b/sdk/go/vault/kv/getSecretsListV2.go index 0855b79aa..ec251a59f 100644 --- a/sdk/go/vault/kv/getSecretsListV2.go +++ b/sdk/go/vault/kv/getSecretsListV2.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -30,7 +32,7 @@ import ( // kvv2, err := vault.NewMount(ctx, "kvv2", &vault.MountArgs{ // Path: pulumi.String("kvv2"), // Type: pulumi.String("kv"), -// Options: pulumi.AnyMap{ +// Options: pulumi.Map{ // "version": pulumi.Any("2"), // }, // Description: pulumi.String("KV Version 2 secret engine mount"), @@ -83,6 +85,12 @@ import ( // _ = kv.GetSecretsListV2Output(ctx, kv.GetSecretsListV2OutputArgs{ // Mount: kvv2.Path, // }, nil) +// _ = kvv2.Path.ApplyT(func(path string) (kv.GetSecretsListV2Result, error) { +// return kv.GetSecretsListV2Output(ctx, kv.GetSecretsListV2OutputArgs{ +// Mount: path, +// Name: vault_kv_secret_v2.Test_2.Name, +// }, nil), nil +// }).(kv.GetSecretsListV2ResultOutput) // return nil // }) // } @@ -92,6 +100,7 @@ import ( // // Use of this resource requires the `read` capability on the given path. func GetSecretsListV2(ctx *pulumi.Context, args *GetSecretsListV2Args, opts ...pulumi.InvokeOption) (*GetSecretsListV2Result, error) { + opts = internal.PkgInvokeDefaultOpts(opts) var rv GetSecretsListV2Result err := ctx.Invoke("vault:kv/getSecretsListV2:getSecretsListV2", args, &rv, opts...) if err != nil { @@ -177,6 +186,12 @@ func (o GetSecretsListV2ResultOutput) ToGetSecretsListV2ResultOutputWithContext( return o } +func (o GetSecretsListV2ResultOutput) ToOutput(ctx context.Context) pulumix.Output[GetSecretsListV2Result] { + return pulumix.Output[GetSecretsListV2Result]{ + OutputState: o.OutputState, + } +} + // The provider-assigned unique ID for this managed resource. func (o GetSecretsListV2ResultOutput) Id() pulumi.StringOutput { return o.ApplyT(func(v GetSecretsListV2Result) string { return v.Id }).(pulumi.StringOutput) diff --git a/sdk/go/vault/kv/init.go b/sdk/go/vault/kv/init.go index 76a70d5e8..dbce8e238 100644 --- a/sdk/go/vault/kv/init.go +++ b/sdk/go/vault/kv/init.go @@ -7,7 +7,7 @@ import ( "fmt" "github.com/blang/semver" - "github.com/pulumi/pulumi-vault/sdk/v5/go/vault" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) @@ -36,7 +36,7 @@ func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi } func init() { - version, err := vault.PkgVersion() + version, err := internal.PkgVersion() if err != nil { version = semver.Version{Major: 1} } diff --git a/sdk/go/vault/kv/pulumiTypes.go b/sdk/go/vault/kv/pulumiTypes.go index e369fa24e..60407b5c5 100644 --- a/sdk/go/vault/kv/pulumiTypes.go +++ b/sdk/go/vault/kv/pulumiTypes.go @@ -7,9 +7,13 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) +var _ = internal.GetEnvOrDefault + type SecretV2CustomMetadata struct { CasRequired *bool `pulumi:"casRequired"` // A mapping whose keys are the top-level data keys returned from @@ -55,6 +59,12 @@ func (i SecretV2CustomMetadataArgs) ToSecretV2CustomMetadataOutputWithContext(ct return pulumi.ToOutputWithContext(ctx, i).(SecretV2CustomMetadataOutput) } +func (i SecretV2CustomMetadataArgs) ToOutput(ctx context.Context) pulumix.Output[SecretV2CustomMetadata] { + return pulumix.Output[SecretV2CustomMetadata]{ + OutputState: i.ToSecretV2CustomMetadataOutputWithContext(ctx).OutputState, + } +} + func (i SecretV2CustomMetadataArgs) ToSecretV2CustomMetadataPtrOutput() SecretV2CustomMetadataPtrOutput { return i.ToSecretV2CustomMetadataPtrOutputWithContext(context.Background()) } @@ -96,6 +106,12 @@ func (i *secretV2CustomMetadataPtrType) ToSecretV2CustomMetadataPtrOutputWithCon return pulumi.ToOutputWithContext(ctx, i).(SecretV2CustomMetadataPtrOutput) } +func (i *secretV2CustomMetadataPtrType) ToOutput(ctx context.Context) pulumix.Output[*SecretV2CustomMetadata] { + return pulumix.Output[*SecretV2CustomMetadata]{ + OutputState: i.ToSecretV2CustomMetadataPtrOutputWithContext(ctx).OutputState, + } +} + type SecretV2CustomMetadataOutput struct{ *pulumi.OutputState } func (SecretV2CustomMetadataOutput) ElementType() reflect.Type { @@ -120,6 +136,12 @@ func (o SecretV2CustomMetadataOutput) ToSecretV2CustomMetadataPtrOutputWithConte }).(SecretV2CustomMetadataPtrOutput) } +func (o SecretV2CustomMetadataOutput) ToOutput(ctx context.Context) pulumix.Output[SecretV2CustomMetadata] { + return pulumix.Output[SecretV2CustomMetadata]{ + OutputState: o.OutputState, + } +} + func (o SecretV2CustomMetadataOutput) CasRequired() pulumi.BoolPtrOutput { return o.ApplyT(func(v SecretV2CustomMetadata) *bool { return v.CasRequired }).(pulumi.BoolPtrOutput) } @@ -154,6 +176,12 @@ func (o SecretV2CustomMetadataPtrOutput) ToSecretV2CustomMetadataPtrOutputWithCo return o } +func (o SecretV2CustomMetadataPtrOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretV2CustomMetadata] { + return pulumix.Output[*SecretV2CustomMetadata]{ + OutputState: o.OutputState, + } +} + func (o SecretV2CustomMetadataPtrOutput) Elem() SecretV2CustomMetadataOutput { return o.ApplyT(func(v *SecretV2CustomMetadata) SecretV2CustomMetadata { if v != nil { diff --git a/sdk/go/vault/kv/secret.go b/sdk/go/vault/kv/secret.go index 50957a90b..31e73e974 100644 --- a/sdk/go/vault/kv/secret.go +++ b/sdk/go/vault/kv/secret.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Writes a KV-V1 secret to a given path in Vault. @@ -37,7 +39,7 @@ import ( // kvv1, err := vault.NewMount(ctx, "kvv1", &vault.MountArgs{ // Path: pulumi.String("kvv1"), // Type: pulumi.String("kv"), -// Options: pulumi.AnyMap{ +// Options: pulumi.Map{ // "version": pulumi.Any("1"), // }, // Description: pulumi.String("KV Version 1 secret engine mount"), @@ -117,13 +119,14 @@ func NewSecret(ctx *pulumi.Context, return nil, errors.New("invalid value for required argument 'Path'") } if args.DataJson != nil { - args.DataJson = pulumi.ToSecret(args.DataJson).(pulumi.StringOutput) + args.DataJson = pulumi.ToSecret(args.DataJson).(pulumi.StringInput) } secrets := pulumi.AdditionalSecretOutputs([]string{ "data", "dataJson", }) opts = append(opts, secrets) + opts = internal.PkgResourceDefaultOpts(opts) var resource Secret err := ctx.RegisterResource("vault:kv/secret:Secret", name, args, &resource, opts...) if err != nil { @@ -235,6 +238,12 @@ func (i *Secret) ToSecretOutputWithContext(ctx context.Context) SecretOutput { return pulumi.ToOutputWithContext(ctx, i).(SecretOutput) } +func (i *Secret) ToOutput(ctx context.Context) pulumix.Output[*Secret] { + return pulumix.Output[*Secret]{ + OutputState: i.ToSecretOutputWithContext(ctx).OutputState, + } +} + // SecretArrayInput is an input type that accepts SecretArray and SecretArrayOutput values. // You can construct a concrete instance of `SecretArrayInput` via: // @@ -260,6 +269,12 @@ func (i SecretArray) ToSecretArrayOutputWithContext(ctx context.Context) SecretA return pulumi.ToOutputWithContext(ctx, i).(SecretArrayOutput) } +func (i SecretArray) ToOutput(ctx context.Context) pulumix.Output[[]*Secret] { + return pulumix.Output[[]*Secret]{ + OutputState: i.ToSecretArrayOutputWithContext(ctx).OutputState, + } +} + // SecretMapInput is an input type that accepts SecretMap and SecretMapOutput values. // You can construct a concrete instance of `SecretMapInput` via: // @@ -285,6 +300,12 @@ func (i SecretMap) ToSecretMapOutputWithContext(ctx context.Context) SecretMapOu return pulumi.ToOutputWithContext(ctx, i).(SecretMapOutput) } +func (i SecretMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*Secret] { + return pulumix.Output[map[string]*Secret]{ + OutputState: i.ToSecretMapOutputWithContext(ctx).OutputState, + } +} + type SecretOutput struct{ *pulumi.OutputState } func (SecretOutput) ElementType() reflect.Type { @@ -299,6 +320,12 @@ func (o SecretOutput) ToSecretOutputWithContext(ctx context.Context) SecretOutpu return o } +func (o SecretOutput) ToOutput(ctx context.Context) pulumix.Output[*Secret] { + return pulumix.Output[*Secret]{ + OutputState: o.OutputState, + } +} + // A mapping whose keys are the top-level data keys returned from // Vault and whose values are the corresponding values. This map can only // represent string data, so any non-string values returned from Vault are @@ -340,6 +367,12 @@ func (o SecretArrayOutput) ToSecretArrayOutputWithContext(ctx context.Context) S return o } +func (o SecretArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*Secret] { + return pulumix.Output[[]*Secret]{ + OutputState: o.OutputState, + } +} + func (o SecretArrayOutput) Index(i pulumi.IntInput) SecretOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *Secret { return vs[0].([]*Secret)[vs[1].(int)] @@ -360,6 +393,12 @@ func (o SecretMapOutput) ToSecretMapOutputWithContext(ctx context.Context) Secre return o } +func (o SecretMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*Secret] { + return pulumix.Output[map[string]*Secret]{ + OutputState: o.OutputState, + } +} + func (o SecretMapOutput) MapIndex(k pulumi.StringInput) SecretOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *Secret { return vs[0].(map[string]*Secret)[vs[1].(string)] diff --git a/sdk/go/vault/kv/secretBackendV2.go b/sdk/go/vault/kv/secretBackendV2.go index fbff3db1b..4d6b1c87a 100644 --- a/sdk/go/vault/kv/secretBackendV2.go +++ b/sdk/go/vault/kv/secretBackendV2.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Configures KV-V2 backend level settings that are applied to @@ -35,7 +37,7 @@ import ( // kvv2, err := vault.NewMount(ctx, "kvv2", &vault.MountArgs{ // Path: pulumi.String("kvv2"), // Type: pulumi.String("kv"), -// Options: pulumi.AnyMap{ +// Options: pulumi.Map{ // "version": pulumi.Any("2"), // }, // Description: pulumi.String("KV Version 2 secret engine mount"), @@ -103,6 +105,7 @@ func NewSecretBackendV2(ctx *pulumi.Context, if args.Mount == nil { return nil, errors.New("invalid value for required argument 'Mount'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretBackendV2 err := ctx.RegisterResource("vault:kv/secretBackendV2:SecretBackendV2", name, args, &resource, opts...) if err != nil { @@ -224,6 +227,12 @@ func (i *SecretBackendV2) ToSecretBackendV2OutputWithContext(ctx context.Context return pulumi.ToOutputWithContext(ctx, i).(SecretBackendV2Output) } +func (i *SecretBackendV2) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendV2] { + return pulumix.Output[*SecretBackendV2]{ + OutputState: i.ToSecretBackendV2OutputWithContext(ctx).OutputState, + } +} + // SecretBackendV2ArrayInput is an input type that accepts SecretBackendV2Array and SecretBackendV2ArrayOutput values. // You can construct a concrete instance of `SecretBackendV2ArrayInput` via: // @@ -249,6 +258,12 @@ func (i SecretBackendV2Array) ToSecretBackendV2ArrayOutputWithContext(ctx contex return pulumi.ToOutputWithContext(ctx, i).(SecretBackendV2ArrayOutput) } +func (i SecretBackendV2Array) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendV2] { + return pulumix.Output[[]*SecretBackendV2]{ + OutputState: i.ToSecretBackendV2ArrayOutputWithContext(ctx).OutputState, + } +} + // SecretBackendV2MapInput is an input type that accepts SecretBackendV2Map and SecretBackendV2MapOutput values. // You can construct a concrete instance of `SecretBackendV2MapInput` via: // @@ -274,6 +289,12 @@ func (i SecretBackendV2Map) ToSecretBackendV2MapOutputWithContext(ctx context.Co return pulumi.ToOutputWithContext(ctx, i).(SecretBackendV2MapOutput) } +func (i SecretBackendV2Map) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendV2] { + return pulumix.Output[map[string]*SecretBackendV2]{ + OutputState: i.ToSecretBackendV2MapOutputWithContext(ctx).OutputState, + } +} + type SecretBackendV2Output struct{ *pulumi.OutputState } func (SecretBackendV2Output) ElementType() reflect.Type { @@ -288,6 +309,12 @@ func (o SecretBackendV2Output) ToSecretBackendV2OutputWithContext(ctx context.Co return o } +func (o SecretBackendV2Output) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendV2] { + return pulumix.Output[*SecretBackendV2]{ + OutputState: o.OutputState, + } +} + // If true, all keys will require the cas // parameter to be set on all write requests. func (o SecretBackendV2Output) CasRequired() pulumi.BoolOutput { @@ -332,6 +359,12 @@ func (o SecretBackendV2ArrayOutput) ToSecretBackendV2ArrayOutputWithContext(ctx return o } +func (o SecretBackendV2ArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendV2] { + return pulumix.Output[[]*SecretBackendV2]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendV2ArrayOutput) Index(i pulumi.IntInput) SecretBackendV2Output { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretBackendV2 { return vs[0].([]*SecretBackendV2)[vs[1].(int)] @@ -352,6 +385,12 @@ func (o SecretBackendV2MapOutput) ToSecretBackendV2MapOutputWithContext(ctx cont return o } +func (o SecretBackendV2MapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendV2] { + return pulumix.Output[map[string]*SecretBackendV2]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendV2MapOutput) MapIndex(k pulumi.StringInput) SecretBackendV2Output { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretBackendV2 { return vs[0].(map[string]*SecretBackendV2)[vs[1].(string)] diff --git a/sdk/go/vault/kv/secretV2.go b/sdk/go/vault/kv/secretV2.go index d6b22b1b3..ff2c2964c 100644 --- a/sdk/go/vault/kv/secretV2.go +++ b/sdk/go/vault/kv/secretV2.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Writes a KV-V2 secret to a given path in Vault. @@ -36,7 +38,7 @@ import ( // kvv2, err := vault.NewMount(ctx, "kvv2", &vault.MountArgs{ // Path: pulumi.String("kvv2"), // Type: pulumi.String("kv"), -// Options: pulumi.AnyMap{ +// Options: pulumi.Map{ // "version": pulumi.Any("2"), // }, // Description: pulumi.String("KV Version 2 secret engine mount"), @@ -59,7 +61,7 @@ import ( // DataJson: pulumi.String(json0), // CustomMetadata: &kv.SecretV2CustomMetadataArgs{ // MaxVersions: pulumi.Int(5), -// Data: pulumi.AnyMap{ +// Data: pulumi.Map{ // "foo": pulumi.Any("vault@example.com"), // "bar": pulumi.Any("12345"), // }, @@ -161,13 +163,14 @@ func NewSecretV2(ctx *pulumi.Context, return nil, errors.New("invalid value for required argument 'Mount'") } if args.DataJson != nil { - args.DataJson = pulumi.ToSecret(args.DataJson).(pulumi.StringOutput) + args.DataJson = pulumi.ToSecret(args.DataJson).(pulumi.StringInput) } secrets := pulumi.AdditionalSecretOutputs([]string{ "data", "dataJson", }) opts = append(opts, secrets) + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretV2 err := ctx.RegisterResource("vault:kv/secretV2:SecretV2", name, args, &resource, opts...) if err != nil { @@ -375,6 +378,12 @@ func (i *SecretV2) ToSecretV2OutputWithContext(ctx context.Context) SecretV2Outp return pulumi.ToOutputWithContext(ctx, i).(SecretV2Output) } +func (i *SecretV2) ToOutput(ctx context.Context) pulumix.Output[*SecretV2] { + return pulumix.Output[*SecretV2]{ + OutputState: i.ToSecretV2OutputWithContext(ctx).OutputState, + } +} + // SecretV2ArrayInput is an input type that accepts SecretV2Array and SecretV2ArrayOutput values. // You can construct a concrete instance of `SecretV2ArrayInput` via: // @@ -400,6 +409,12 @@ func (i SecretV2Array) ToSecretV2ArrayOutputWithContext(ctx context.Context) Sec return pulumi.ToOutputWithContext(ctx, i).(SecretV2ArrayOutput) } +func (i SecretV2Array) ToOutput(ctx context.Context) pulumix.Output[[]*SecretV2] { + return pulumix.Output[[]*SecretV2]{ + OutputState: i.ToSecretV2ArrayOutputWithContext(ctx).OutputState, + } +} + // SecretV2MapInput is an input type that accepts SecretV2Map and SecretV2MapOutput values. // You can construct a concrete instance of `SecretV2MapInput` via: // @@ -425,6 +440,12 @@ func (i SecretV2Map) ToSecretV2MapOutputWithContext(ctx context.Context) SecretV return pulumi.ToOutputWithContext(ctx, i).(SecretV2MapOutput) } +func (i SecretV2Map) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretV2] { + return pulumix.Output[map[string]*SecretV2]{ + OutputState: i.ToSecretV2MapOutputWithContext(ctx).OutputState, + } +} + type SecretV2Output struct{ *pulumi.OutputState } func (SecretV2Output) ElementType() reflect.Type { @@ -439,6 +460,12 @@ func (o SecretV2Output) ToSecretV2OutputWithContext(ctx context.Context) SecretV return o } +func (o SecretV2Output) ToOutput(ctx context.Context) pulumix.Output[*SecretV2] { + return pulumix.Output[*SecretV2]{ + OutputState: o.OutputState, + } +} + // This flag is required if `casRequired` is set to true // on either the secret or the engine's config. In order for a // write operation to be successful, cas must be set to the current version @@ -530,6 +557,12 @@ func (o SecretV2ArrayOutput) ToSecretV2ArrayOutputWithContext(ctx context.Contex return o } +func (o SecretV2ArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretV2] { + return pulumix.Output[[]*SecretV2]{ + OutputState: o.OutputState, + } +} + func (o SecretV2ArrayOutput) Index(i pulumi.IntInput) SecretV2Output { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretV2 { return vs[0].([]*SecretV2)[vs[1].(int)] @@ -550,6 +583,12 @@ func (o SecretV2MapOutput) ToSecretV2MapOutputWithContext(ctx context.Context) S return o } +func (o SecretV2MapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretV2] { + return pulumix.Output[map[string]*SecretV2]{ + OutputState: o.OutputState, + } +} + func (o SecretV2MapOutput) MapIndex(k pulumi.StringInput) SecretV2Output { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretV2 { return vs[0].(map[string]*SecretV2)[vs[1].(string)] diff --git a/sdk/go/vault/ldap/authBackend.go b/sdk/go/vault/ldap/authBackend.go index 5c4586b09..a8c953e91 100644 --- a/sdk/go/vault/ldap/authBackend.go +++ b/sdk/go/vault/ldap/authBackend.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Provides a resource for managing an [LDAP auth backend within Vault](https://www.vaultproject.io/docs/auth/ldap.html). @@ -70,13 +72,15 @@ type AuthBackend struct { Certificate pulumi.StringOutput `pulumi:"certificate"` ClientTlsCert pulumi.StringOutput `pulumi:"clientTlsCert"` ClientTlsKey pulumi.StringOutput `pulumi:"clientTlsKey"` - DenyNullBind pulumi.BoolOutput `pulumi:"denyNullBind"` + // Prevents users from bypassing authentication when providing an empty password. + DenyNullBind pulumi.BoolOutput `pulumi:"denyNullBind"` // Description for the LDAP auth backend mount Description pulumi.StringOutput `pulumi:"description"` // If set, opts out of mount migration on path updates. // See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) DisableRemount pulumi.BoolPtrOutput `pulumi:"disableRemount"` - Discoverdn pulumi.BoolOutput `pulumi:"discoverdn"` + // Use anonymous bind to discover the bind DN of a user. + Discoverdn pulumi.BoolOutput `pulumi:"discoverdn"` // LDAP attribute to follow on objects returned by groupfilter Groupattr pulumi.StringOutput `pulumi:"groupattr"` // Base DN under which to perform group search @@ -132,13 +136,9 @@ type AuthBackend struct { // The incremental lifetime for generated tokens in number of seconds. // Its current value will be referenced at renewal time. TokenTtl pulumi.IntPtrOutput `pulumi:"tokenTtl"` - // The type of token that should be generated. Can be `service`, - // `batch`, or `default` to use the mount's tuned default (which unless changed will be - // `service` tokens). For token store roles, there are two additional possibilities: - // `default-service` and `default-batch` which specify the type to return unless the client - // requests a different type at generation time. + // The type of token to generate, service or batch TokenType pulumi.StringPtrOutput `pulumi:"tokenType"` - // The userPrincipalDomain used to construct UPN string + // The `userPrincipalDomain` used to construct the UPN string for the authenticating user. Upndomain pulumi.StringOutput `pulumi:"upndomain"` // The URL of the LDAP server Url pulumi.StringOutput `pulumi:"url"` @@ -165,16 +165,17 @@ func NewAuthBackend(ctx *pulumi.Context, return nil, errors.New("invalid value for required argument 'Url'") } if args.Bindpass != nil { - args.Bindpass = pulumi.ToSecret(args.Bindpass).(pulumi.StringPtrOutput) + args.Bindpass = pulumi.ToSecret(args.Bindpass).(pulumi.StringPtrInput) } if args.ClientTlsKey != nil { - args.ClientTlsKey = pulumi.ToSecret(args.ClientTlsKey).(pulumi.StringPtrOutput) + args.ClientTlsKey = pulumi.ToSecret(args.ClientTlsKey).(pulumi.StringPtrInput) } secrets := pulumi.AdditionalSecretOutputs([]string{ "bindpass", "clientTlsKey", }) opts = append(opts, secrets) + opts = internal.PkgResourceDefaultOpts(opts) var resource AuthBackend err := ctx.RegisterResource("vault:ldap/authBackend:AuthBackend", name, args, &resource, opts...) if err != nil { @@ -209,13 +210,15 @@ type authBackendState struct { Certificate *string `pulumi:"certificate"` ClientTlsCert *string `pulumi:"clientTlsCert"` ClientTlsKey *string `pulumi:"clientTlsKey"` - DenyNullBind *bool `pulumi:"denyNullBind"` + // Prevents users from bypassing authentication when providing an empty password. + DenyNullBind *bool `pulumi:"denyNullBind"` // Description for the LDAP auth backend mount Description *string `pulumi:"description"` // If set, opts out of mount migration on path updates. // See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) DisableRemount *bool `pulumi:"disableRemount"` - Discoverdn *bool `pulumi:"discoverdn"` + // Use anonymous bind to discover the bind DN of a user. + Discoverdn *bool `pulumi:"discoverdn"` // LDAP attribute to follow on objects returned by groupfilter Groupattr *string `pulumi:"groupattr"` // Base DN under which to perform group search @@ -271,13 +274,9 @@ type authBackendState struct { // The incremental lifetime for generated tokens in number of seconds. // Its current value will be referenced at renewal time. TokenTtl *int `pulumi:"tokenTtl"` - // The type of token that should be generated. Can be `service`, - // `batch`, or `default` to use the mount's tuned default (which unless changed will be - // `service` tokens). For token store roles, there are two additional possibilities: - // `default-service` and `default-batch` which specify the type to return unless the client - // requests a different type at generation time. + // The type of token to generate, service or batch TokenType *string `pulumi:"tokenType"` - // The userPrincipalDomain used to construct UPN string + // The `userPrincipalDomain` used to construct the UPN string for the authenticating user. Upndomain *string `pulumi:"upndomain"` // The URL of the LDAP server Url *string `pulumi:"url"` @@ -306,13 +305,15 @@ type AuthBackendState struct { Certificate pulumi.StringPtrInput ClientTlsCert pulumi.StringPtrInput ClientTlsKey pulumi.StringPtrInput - DenyNullBind pulumi.BoolPtrInput + // Prevents users from bypassing authentication when providing an empty password. + DenyNullBind pulumi.BoolPtrInput // Description for the LDAP auth backend mount Description pulumi.StringPtrInput // If set, opts out of mount migration on path updates. // See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) DisableRemount pulumi.BoolPtrInput - Discoverdn pulumi.BoolPtrInput + // Use anonymous bind to discover the bind DN of a user. + Discoverdn pulumi.BoolPtrInput // LDAP attribute to follow on objects returned by groupfilter Groupattr pulumi.StringPtrInput // Base DN under which to perform group search @@ -368,13 +369,9 @@ type AuthBackendState struct { // The incremental lifetime for generated tokens in number of seconds. // Its current value will be referenced at renewal time. TokenTtl pulumi.IntPtrInput - // The type of token that should be generated. Can be `service`, - // `batch`, or `default` to use the mount's tuned default (which unless changed will be - // `service` tokens). For token store roles, there are two additional possibilities: - // `default-service` and `default-batch` which specify the type to return unless the client - // requests a different type at generation time. + // The type of token to generate, service or batch TokenType pulumi.StringPtrInput - // The userPrincipalDomain used to construct UPN string + // The `userPrincipalDomain` used to construct the UPN string for the authenticating user. Upndomain pulumi.StringPtrInput // The URL of the LDAP server Url pulumi.StringPtrInput @@ -405,13 +402,15 @@ type authBackendArgs struct { Certificate *string `pulumi:"certificate"` ClientTlsCert *string `pulumi:"clientTlsCert"` ClientTlsKey *string `pulumi:"clientTlsKey"` - DenyNullBind *bool `pulumi:"denyNullBind"` + // Prevents users from bypassing authentication when providing an empty password. + DenyNullBind *bool `pulumi:"denyNullBind"` // Description for the LDAP auth backend mount Description *string `pulumi:"description"` // If set, opts out of mount migration on path updates. // See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) DisableRemount *bool `pulumi:"disableRemount"` - Discoverdn *bool `pulumi:"discoverdn"` + // Use anonymous bind to discover the bind DN of a user. + Discoverdn *bool `pulumi:"discoverdn"` // LDAP attribute to follow on objects returned by groupfilter Groupattr *string `pulumi:"groupattr"` // Base DN under which to perform group search @@ -467,13 +466,9 @@ type authBackendArgs struct { // The incremental lifetime for generated tokens in number of seconds. // Its current value will be referenced at renewal time. TokenTtl *int `pulumi:"tokenTtl"` - // The type of token that should be generated. Can be `service`, - // `batch`, or `default` to use the mount's tuned default (which unless changed will be - // `service` tokens). For token store roles, there are two additional possibilities: - // `default-service` and `default-batch` which specify the type to return unless the client - // requests a different type at generation time. + // The type of token to generate, service or batch TokenType *string `pulumi:"tokenType"` - // The userPrincipalDomain used to construct UPN string + // The `userPrincipalDomain` used to construct the UPN string for the authenticating user. Upndomain *string `pulumi:"upndomain"` // The URL of the LDAP server Url string `pulumi:"url"` @@ -501,13 +496,15 @@ type AuthBackendArgs struct { Certificate pulumi.StringPtrInput ClientTlsCert pulumi.StringPtrInput ClientTlsKey pulumi.StringPtrInput - DenyNullBind pulumi.BoolPtrInput + // Prevents users from bypassing authentication when providing an empty password. + DenyNullBind pulumi.BoolPtrInput // Description for the LDAP auth backend mount Description pulumi.StringPtrInput // If set, opts out of mount migration on path updates. // See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) DisableRemount pulumi.BoolPtrInput - Discoverdn pulumi.BoolPtrInput + // Use anonymous bind to discover the bind DN of a user. + Discoverdn pulumi.BoolPtrInput // LDAP attribute to follow on objects returned by groupfilter Groupattr pulumi.StringPtrInput // Base DN under which to perform group search @@ -563,13 +560,9 @@ type AuthBackendArgs struct { // The incremental lifetime for generated tokens in number of seconds. // Its current value will be referenced at renewal time. TokenTtl pulumi.IntPtrInput - // The type of token that should be generated. Can be `service`, - // `batch`, or `default` to use the mount's tuned default (which unless changed will be - // `service` tokens). For token store roles, there are two additional possibilities: - // `default-service` and `default-batch` which specify the type to return unless the client - // requests a different type at generation time. + // The type of token to generate, service or batch TokenType pulumi.StringPtrInput - // The userPrincipalDomain used to construct UPN string + // The `userPrincipalDomain` used to construct the UPN string for the authenticating user. Upndomain pulumi.StringPtrInput // The URL of the LDAP server Url pulumi.StringInput @@ -608,6 +601,12 @@ func (i *AuthBackend) ToAuthBackendOutputWithContext(ctx context.Context) AuthBa return pulumi.ToOutputWithContext(ctx, i).(AuthBackendOutput) } +func (i *AuthBackend) ToOutput(ctx context.Context) pulumix.Output[*AuthBackend] { + return pulumix.Output[*AuthBackend]{ + OutputState: i.ToAuthBackendOutputWithContext(ctx).OutputState, + } +} + // AuthBackendArrayInput is an input type that accepts AuthBackendArray and AuthBackendArrayOutput values. // You can construct a concrete instance of `AuthBackendArrayInput` via: // @@ -633,6 +632,12 @@ func (i AuthBackendArray) ToAuthBackendArrayOutputWithContext(ctx context.Contex return pulumi.ToOutputWithContext(ctx, i).(AuthBackendArrayOutput) } +func (i AuthBackendArray) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackend] { + return pulumix.Output[[]*AuthBackend]{ + OutputState: i.ToAuthBackendArrayOutputWithContext(ctx).OutputState, + } +} + // AuthBackendMapInput is an input type that accepts AuthBackendMap and AuthBackendMapOutput values. // You can construct a concrete instance of `AuthBackendMapInput` via: // @@ -658,6 +663,12 @@ func (i AuthBackendMap) ToAuthBackendMapOutputWithContext(ctx context.Context) A return pulumi.ToOutputWithContext(ctx, i).(AuthBackendMapOutput) } +func (i AuthBackendMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackend] { + return pulumix.Output[map[string]*AuthBackend]{ + OutputState: i.ToAuthBackendMapOutputWithContext(ctx).OutputState, + } +} + type AuthBackendOutput struct{ *pulumi.OutputState } func (AuthBackendOutput) ElementType() reflect.Type { @@ -672,6 +683,12 @@ func (o AuthBackendOutput) ToAuthBackendOutputWithContext(ctx context.Context) A return o } +func (o AuthBackendOutput) ToOutput(ctx context.Context) pulumix.Output[*AuthBackend] { + return pulumix.Output[*AuthBackend]{ + OutputState: o.OutputState, + } +} + // The accessor for this auth mount. func (o AuthBackendOutput) Accessor() pulumi.StringOutput { return o.ApplyT(func(v *AuthBackend) pulumi.StringOutput { return v.Accessor }).(pulumi.StringOutput) @@ -705,6 +722,7 @@ func (o AuthBackendOutput) ClientTlsKey() pulumi.StringOutput { return o.ApplyT(func(v *AuthBackend) pulumi.StringOutput { return v.ClientTlsKey }).(pulumi.StringOutput) } +// Prevents users from bypassing authentication when providing an empty password. func (o AuthBackendOutput) DenyNullBind() pulumi.BoolOutput { return o.ApplyT(func(v *AuthBackend) pulumi.BoolOutput { return v.DenyNullBind }).(pulumi.BoolOutput) } @@ -720,6 +738,7 @@ func (o AuthBackendOutput) DisableRemount() pulumi.BoolPtrOutput { return o.ApplyT(func(v *AuthBackend) pulumi.BoolPtrOutput { return v.DisableRemount }).(pulumi.BoolPtrOutput) } +// Use anonymous bind to discover the bind DN of a user. func (o AuthBackendOutput) Discoverdn() pulumi.BoolOutput { return o.ApplyT(func(v *AuthBackend) pulumi.BoolOutput { return v.Discoverdn }).(pulumi.BoolOutput) } @@ -836,16 +855,12 @@ func (o AuthBackendOutput) TokenTtl() pulumi.IntPtrOutput { return o.ApplyT(func(v *AuthBackend) pulumi.IntPtrOutput { return v.TokenTtl }).(pulumi.IntPtrOutput) } -// The type of token that should be generated. Can be `service`, -// `batch`, or `default` to use the mount's tuned default (which unless changed will be -// `service` tokens). For token store roles, there are two additional possibilities: -// `default-service` and `default-batch` which specify the type to return unless the client -// requests a different type at generation time. +// The type of token to generate, service or batch func (o AuthBackendOutput) TokenType() pulumi.StringPtrOutput { return o.ApplyT(func(v *AuthBackend) pulumi.StringPtrOutput { return v.TokenType }).(pulumi.StringPtrOutput) } -// The userPrincipalDomain used to construct UPN string +// The `userPrincipalDomain` used to construct the UPN string for the authenticating user. func (o AuthBackendOutput) Upndomain() pulumi.StringOutput { return o.ApplyT(func(v *AuthBackend) pulumi.StringOutput { return v.Upndomain }).(pulumi.StringOutput) } @@ -894,6 +909,12 @@ func (o AuthBackendArrayOutput) ToAuthBackendArrayOutputWithContext(ctx context. return o } +func (o AuthBackendArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackend] { + return pulumix.Output[[]*AuthBackend]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendArrayOutput) Index(i pulumi.IntInput) AuthBackendOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AuthBackend { return vs[0].([]*AuthBackend)[vs[1].(int)] @@ -914,6 +935,12 @@ func (o AuthBackendMapOutput) ToAuthBackendMapOutputWithContext(ctx context.Cont return o } +func (o AuthBackendMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackend] { + return pulumix.Output[map[string]*AuthBackend]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendMapOutput) MapIndex(k pulumi.StringInput) AuthBackendOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AuthBackend { return vs[0].(map[string]*AuthBackend)[vs[1].(string)] diff --git a/sdk/go/vault/ldap/authBackendGroup.go b/sdk/go/vault/ldap/authBackendGroup.go index 860b6b3c6..ae078394b 100644 --- a/sdk/go/vault/ldap/authBackendGroup.go +++ b/sdk/go/vault/ldap/authBackendGroup.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Provides a resource to create a group in an [LDAP auth backend within Vault](https://www.vaultproject.io/docs/auth/ldap.html). @@ -69,6 +71,8 @@ type AuthBackendGroup struct { pulumi.CustomResourceState // Path to the authentication backend + // + // For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). Backend pulumi.StringPtrOutput `pulumi:"backend"` // The LDAP groupname Groupname pulumi.StringOutput `pulumi:"groupname"` @@ -91,6 +95,7 @@ func NewAuthBackendGroup(ctx *pulumi.Context, if args.Groupname == nil { return nil, errors.New("invalid value for required argument 'Groupname'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource AuthBackendGroup err := ctx.RegisterResource("vault:ldap/authBackendGroup:AuthBackendGroup", name, args, &resource, opts...) if err != nil { @@ -114,6 +119,8 @@ func GetAuthBackendGroup(ctx *pulumi.Context, // Input properties used for looking up and filtering AuthBackendGroup resources. type authBackendGroupState struct { // Path to the authentication backend + // + // For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). Backend *string `pulumi:"backend"` // The LDAP groupname Groupname *string `pulumi:"groupname"` @@ -128,6 +135,8 @@ type authBackendGroupState struct { type AuthBackendGroupState struct { // Path to the authentication backend + // + // For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). Backend pulumi.StringPtrInput // The LDAP groupname Groupname pulumi.StringPtrInput @@ -146,6 +155,8 @@ func (AuthBackendGroupState) ElementType() reflect.Type { type authBackendGroupArgs struct { // Path to the authentication backend + // + // For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). Backend *string `pulumi:"backend"` // The LDAP groupname Groupname string `pulumi:"groupname"` @@ -161,6 +172,8 @@ type authBackendGroupArgs struct { // The set of arguments for constructing a AuthBackendGroup resource. type AuthBackendGroupArgs struct { // Path to the authentication backend + // + // For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). Backend pulumi.StringPtrInput // The LDAP groupname Groupname pulumi.StringInput @@ -196,6 +209,12 @@ func (i *AuthBackendGroup) ToAuthBackendGroupOutputWithContext(ctx context.Conte return pulumi.ToOutputWithContext(ctx, i).(AuthBackendGroupOutput) } +func (i *AuthBackendGroup) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendGroup] { + return pulumix.Output[*AuthBackendGroup]{ + OutputState: i.ToAuthBackendGroupOutputWithContext(ctx).OutputState, + } +} + // AuthBackendGroupArrayInput is an input type that accepts AuthBackendGroupArray and AuthBackendGroupArrayOutput values. // You can construct a concrete instance of `AuthBackendGroupArrayInput` via: // @@ -221,6 +240,12 @@ func (i AuthBackendGroupArray) ToAuthBackendGroupArrayOutputWithContext(ctx cont return pulumi.ToOutputWithContext(ctx, i).(AuthBackendGroupArrayOutput) } +func (i AuthBackendGroupArray) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendGroup] { + return pulumix.Output[[]*AuthBackendGroup]{ + OutputState: i.ToAuthBackendGroupArrayOutputWithContext(ctx).OutputState, + } +} + // AuthBackendGroupMapInput is an input type that accepts AuthBackendGroupMap and AuthBackendGroupMapOutput values. // You can construct a concrete instance of `AuthBackendGroupMapInput` via: // @@ -246,6 +271,12 @@ func (i AuthBackendGroupMap) ToAuthBackendGroupMapOutputWithContext(ctx context. return pulumi.ToOutputWithContext(ctx, i).(AuthBackendGroupMapOutput) } +func (i AuthBackendGroupMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendGroup] { + return pulumix.Output[map[string]*AuthBackendGroup]{ + OutputState: i.ToAuthBackendGroupMapOutputWithContext(ctx).OutputState, + } +} + type AuthBackendGroupOutput struct{ *pulumi.OutputState } func (AuthBackendGroupOutput) ElementType() reflect.Type { @@ -260,7 +291,15 @@ func (o AuthBackendGroupOutput) ToAuthBackendGroupOutputWithContext(ctx context. return o } +func (o AuthBackendGroupOutput) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendGroup] { + return pulumix.Output[*AuthBackendGroup]{ + OutputState: o.OutputState, + } +} + // Path to the authentication backend +// +// For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). func (o AuthBackendGroupOutput) Backend() pulumi.StringPtrOutput { return o.ApplyT(func(v *AuthBackendGroup) pulumi.StringPtrOutput { return v.Backend }).(pulumi.StringPtrOutput) } @@ -297,6 +336,12 @@ func (o AuthBackendGroupArrayOutput) ToAuthBackendGroupArrayOutputWithContext(ct return o } +func (o AuthBackendGroupArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendGroup] { + return pulumix.Output[[]*AuthBackendGroup]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendGroupArrayOutput) Index(i pulumi.IntInput) AuthBackendGroupOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AuthBackendGroup { return vs[0].([]*AuthBackendGroup)[vs[1].(int)] @@ -317,6 +362,12 @@ func (o AuthBackendGroupMapOutput) ToAuthBackendGroupMapOutputWithContext(ctx co return o } +func (o AuthBackendGroupMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendGroup] { + return pulumix.Output[map[string]*AuthBackendGroup]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendGroupMapOutput) MapIndex(k pulumi.StringInput) AuthBackendGroupOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AuthBackendGroup { return vs[0].(map[string]*AuthBackendGroup)[vs[1].(string)] diff --git a/sdk/go/vault/ldap/authBackendUser.go b/sdk/go/vault/ldap/authBackendUser.go index 40a85bf9a..865789fe8 100644 --- a/sdk/go/vault/ldap/authBackendUser.go +++ b/sdk/go/vault/ldap/authBackendUser.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Provides a resource to create a user in an [LDAP auth backend within Vault](https://www.vaultproject.io/docs/auth/ldap.html). @@ -70,6 +72,8 @@ type AuthBackendUser struct { pulumi.CustomResourceState // Path to the authentication backend + // + // For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). Backend pulumi.StringPtrOutput `pulumi:"backend"` // Override LDAP groups which should be granted to user Groups pulumi.StringArrayOutput `pulumi:"groups"` @@ -94,6 +98,7 @@ func NewAuthBackendUser(ctx *pulumi.Context, if args.Username == nil { return nil, errors.New("invalid value for required argument 'Username'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource AuthBackendUser err := ctx.RegisterResource("vault:ldap/authBackendUser:AuthBackendUser", name, args, &resource, opts...) if err != nil { @@ -117,6 +122,8 @@ func GetAuthBackendUser(ctx *pulumi.Context, // Input properties used for looking up and filtering AuthBackendUser resources. type authBackendUserState struct { // Path to the authentication backend + // + // For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). Backend *string `pulumi:"backend"` // Override LDAP groups which should be granted to user Groups []string `pulumi:"groups"` @@ -133,6 +140,8 @@ type authBackendUserState struct { type AuthBackendUserState struct { // Path to the authentication backend + // + // For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). Backend pulumi.StringPtrInput // Override LDAP groups which should be granted to user Groups pulumi.StringArrayInput @@ -153,6 +162,8 @@ func (AuthBackendUserState) ElementType() reflect.Type { type authBackendUserArgs struct { // Path to the authentication backend + // + // For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). Backend *string `pulumi:"backend"` // Override LDAP groups which should be granted to user Groups []string `pulumi:"groups"` @@ -170,6 +181,8 @@ type authBackendUserArgs struct { // The set of arguments for constructing a AuthBackendUser resource. type AuthBackendUserArgs struct { // Path to the authentication backend + // + // For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). Backend pulumi.StringPtrInput // Override LDAP groups which should be granted to user Groups pulumi.StringArrayInput @@ -207,6 +220,12 @@ func (i *AuthBackendUser) ToAuthBackendUserOutputWithContext(ctx context.Context return pulumi.ToOutputWithContext(ctx, i).(AuthBackendUserOutput) } +func (i *AuthBackendUser) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendUser] { + return pulumix.Output[*AuthBackendUser]{ + OutputState: i.ToAuthBackendUserOutputWithContext(ctx).OutputState, + } +} + // AuthBackendUserArrayInput is an input type that accepts AuthBackendUserArray and AuthBackendUserArrayOutput values. // You can construct a concrete instance of `AuthBackendUserArrayInput` via: // @@ -232,6 +251,12 @@ func (i AuthBackendUserArray) ToAuthBackendUserArrayOutputWithContext(ctx contex return pulumi.ToOutputWithContext(ctx, i).(AuthBackendUserArrayOutput) } +func (i AuthBackendUserArray) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendUser] { + return pulumix.Output[[]*AuthBackendUser]{ + OutputState: i.ToAuthBackendUserArrayOutputWithContext(ctx).OutputState, + } +} + // AuthBackendUserMapInput is an input type that accepts AuthBackendUserMap and AuthBackendUserMapOutput values. // You can construct a concrete instance of `AuthBackendUserMapInput` via: // @@ -257,6 +282,12 @@ func (i AuthBackendUserMap) ToAuthBackendUserMapOutputWithContext(ctx context.Co return pulumi.ToOutputWithContext(ctx, i).(AuthBackendUserMapOutput) } +func (i AuthBackendUserMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendUser] { + return pulumix.Output[map[string]*AuthBackendUser]{ + OutputState: i.ToAuthBackendUserMapOutputWithContext(ctx).OutputState, + } +} + type AuthBackendUserOutput struct{ *pulumi.OutputState } func (AuthBackendUserOutput) ElementType() reflect.Type { @@ -271,7 +302,15 @@ func (o AuthBackendUserOutput) ToAuthBackendUserOutputWithContext(ctx context.Co return o } +func (o AuthBackendUserOutput) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendUser] { + return pulumix.Output[*AuthBackendUser]{ + OutputState: o.OutputState, + } +} + // Path to the authentication backend +// +// For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). func (o AuthBackendUserOutput) Backend() pulumi.StringPtrOutput { return o.ApplyT(func(v *AuthBackendUser) pulumi.StringPtrOutput { return v.Backend }).(pulumi.StringPtrOutput) } @@ -313,6 +352,12 @@ func (o AuthBackendUserArrayOutput) ToAuthBackendUserArrayOutputWithContext(ctx return o } +func (o AuthBackendUserArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendUser] { + return pulumix.Output[[]*AuthBackendUser]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendUserArrayOutput) Index(i pulumi.IntInput) AuthBackendUserOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AuthBackendUser { return vs[0].([]*AuthBackendUser)[vs[1].(int)] @@ -333,6 +378,12 @@ func (o AuthBackendUserMapOutput) ToAuthBackendUserMapOutputWithContext(ctx cont return o } +func (o AuthBackendUserMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendUser] { + return pulumix.Output[map[string]*AuthBackendUser]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendUserMapOutput) MapIndex(k pulumi.StringInput) AuthBackendUserOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AuthBackendUser { return vs[0].(map[string]*AuthBackendUser)[vs[1].(string)] diff --git a/sdk/go/vault/ldap/getDynamicCredentials.go b/sdk/go/vault/ldap/getDynamicCredentials.go new file mode 100644 index 000000000..5c2220b5d --- /dev/null +++ b/sdk/go/vault/ldap/getDynamicCredentials.go @@ -0,0 +1,135 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package ldap + +import ( + "context" + "reflect" + + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" +) + +func GetDynamicCredentials(ctx *pulumi.Context, args *GetDynamicCredentialsArgs, opts ...pulumi.InvokeOption) (*GetDynamicCredentialsResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) + var rv GetDynamicCredentialsResult + err := ctx.Invoke("vault:ldap/getDynamicCredentials:getDynamicCredentials", args, &rv, opts...) + if err != nil { + return nil, err + } + return &rv, nil +} + +// A collection of arguments for invoking getDynamicCredentials. +type GetDynamicCredentialsArgs struct { + Mount string `pulumi:"mount"` + Namespace *string `pulumi:"namespace"` + RoleName string `pulumi:"roleName"` +} + +// A collection of values returned by getDynamicCredentials. +type GetDynamicCredentialsResult struct { + DistinguishedNames []string `pulumi:"distinguishedNames"` + // The provider-assigned unique ID for this managed resource. + Id string `pulumi:"id"` + LeaseDuration int `pulumi:"leaseDuration"` + LeaseId string `pulumi:"leaseId"` + LeaseRenewable bool `pulumi:"leaseRenewable"` + Mount string `pulumi:"mount"` + Namespace *string `pulumi:"namespace"` + Password string `pulumi:"password"` + RoleName string `pulumi:"roleName"` + Username string `pulumi:"username"` +} + +func GetDynamicCredentialsOutput(ctx *pulumi.Context, args GetDynamicCredentialsOutputArgs, opts ...pulumi.InvokeOption) GetDynamicCredentialsResultOutput { + return pulumi.ToOutputWithContext(context.Background(), args). + ApplyT(func(v interface{}) (GetDynamicCredentialsResult, error) { + args := v.(GetDynamicCredentialsArgs) + r, err := GetDynamicCredentials(ctx, &args, opts...) + var s GetDynamicCredentialsResult + if r != nil { + s = *r + } + return s, err + }).(GetDynamicCredentialsResultOutput) +} + +// A collection of arguments for invoking getDynamicCredentials. +type GetDynamicCredentialsOutputArgs struct { + Mount pulumi.StringInput `pulumi:"mount"` + Namespace pulumi.StringPtrInput `pulumi:"namespace"` + RoleName pulumi.StringInput `pulumi:"roleName"` +} + +func (GetDynamicCredentialsOutputArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetDynamicCredentialsArgs)(nil)).Elem() +} + +// A collection of values returned by getDynamicCredentials. +type GetDynamicCredentialsResultOutput struct{ *pulumi.OutputState } + +func (GetDynamicCredentialsResultOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetDynamicCredentialsResult)(nil)).Elem() +} + +func (o GetDynamicCredentialsResultOutput) ToGetDynamicCredentialsResultOutput() GetDynamicCredentialsResultOutput { + return o +} + +func (o GetDynamicCredentialsResultOutput) ToGetDynamicCredentialsResultOutputWithContext(ctx context.Context) GetDynamicCredentialsResultOutput { + return o +} + +func (o GetDynamicCredentialsResultOutput) ToOutput(ctx context.Context) pulumix.Output[GetDynamicCredentialsResult] { + return pulumix.Output[GetDynamicCredentialsResult]{ + OutputState: o.OutputState, + } +} + +func (o GetDynamicCredentialsResultOutput) DistinguishedNames() pulumi.StringArrayOutput { + return o.ApplyT(func(v GetDynamicCredentialsResult) []string { return v.DistinguishedNames }).(pulumi.StringArrayOutput) +} + +// The provider-assigned unique ID for this managed resource. +func (o GetDynamicCredentialsResultOutput) Id() pulumi.StringOutput { + return o.ApplyT(func(v GetDynamicCredentialsResult) string { return v.Id }).(pulumi.StringOutput) +} + +func (o GetDynamicCredentialsResultOutput) LeaseDuration() pulumi.IntOutput { + return o.ApplyT(func(v GetDynamicCredentialsResult) int { return v.LeaseDuration }).(pulumi.IntOutput) +} + +func (o GetDynamicCredentialsResultOutput) LeaseId() pulumi.StringOutput { + return o.ApplyT(func(v GetDynamicCredentialsResult) string { return v.LeaseId }).(pulumi.StringOutput) +} + +func (o GetDynamicCredentialsResultOutput) LeaseRenewable() pulumi.BoolOutput { + return o.ApplyT(func(v GetDynamicCredentialsResult) bool { return v.LeaseRenewable }).(pulumi.BoolOutput) +} + +func (o GetDynamicCredentialsResultOutput) Mount() pulumi.StringOutput { + return o.ApplyT(func(v GetDynamicCredentialsResult) string { return v.Mount }).(pulumi.StringOutput) +} + +func (o GetDynamicCredentialsResultOutput) Namespace() pulumi.StringPtrOutput { + return o.ApplyT(func(v GetDynamicCredentialsResult) *string { return v.Namespace }).(pulumi.StringPtrOutput) +} + +func (o GetDynamicCredentialsResultOutput) Password() pulumi.StringOutput { + return o.ApplyT(func(v GetDynamicCredentialsResult) string { return v.Password }).(pulumi.StringOutput) +} + +func (o GetDynamicCredentialsResultOutput) RoleName() pulumi.StringOutput { + return o.ApplyT(func(v GetDynamicCredentialsResult) string { return v.RoleName }).(pulumi.StringOutput) +} + +func (o GetDynamicCredentialsResultOutput) Username() pulumi.StringOutput { + return o.ApplyT(func(v GetDynamicCredentialsResult) string { return v.Username }).(pulumi.StringOutput) +} + +func init() { + pulumi.RegisterOutputType(GetDynamicCredentialsResultOutput{}) +} diff --git a/sdk/go/vault/ldap/getStaticCredentials.go b/sdk/go/vault/ldap/getStaticCredentials.go new file mode 100644 index 000000000..7a2fca91b --- /dev/null +++ b/sdk/go/vault/ldap/getStaticCredentials.go @@ -0,0 +1,140 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package ldap + +import ( + "context" + "reflect" + + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" +) + +func GetStaticCredentials(ctx *pulumi.Context, args *GetStaticCredentialsArgs, opts ...pulumi.InvokeOption) (*GetStaticCredentialsResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) + var rv GetStaticCredentialsResult + err := ctx.Invoke("vault:ldap/getStaticCredentials:getStaticCredentials", args, &rv, opts...) + if err != nil { + return nil, err + } + return &rv, nil +} + +// A collection of arguments for invoking getStaticCredentials. +type GetStaticCredentialsArgs struct { + Mount string `pulumi:"mount"` + Namespace *string `pulumi:"namespace"` + RoleName string `pulumi:"roleName"` +} + +// A collection of values returned by getStaticCredentials. +type GetStaticCredentialsResult struct { + Dn string `pulumi:"dn"` + // The provider-assigned unique ID for this managed resource. + Id string `pulumi:"id"` + LastPassword string `pulumi:"lastPassword"` + LastVaultRotation string `pulumi:"lastVaultRotation"` + Mount string `pulumi:"mount"` + Namespace *string `pulumi:"namespace"` + Password string `pulumi:"password"` + RoleName string `pulumi:"roleName"` + RotationPeriod int `pulumi:"rotationPeriod"` + Ttl int `pulumi:"ttl"` + Username string `pulumi:"username"` +} + +func GetStaticCredentialsOutput(ctx *pulumi.Context, args GetStaticCredentialsOutputArgs, opts ...pulumi.InvokeOption) GetStaticCredentialsResultOutput { + return pulumi.ToOutputWithContext(context.Background(), args). + ApplyT(func(v interface{}) (GetStaticCredentialsResult, error) { + args := v.(GetStaticCredentialsArgs) + r, err := GetStaticCredentials(ctx, &args, opts...) + var s GetStaticCredentialsResult + if r != nil { + s = *r + } + return s, err + }).(GetStaticCredentialsResultOutput) +} + +// A collection of arguments for invoking getStaticCredentials. +type GetStaticCredentialsOutputArgs struct { + Mount pulumi.StringInput `pulumi:"mount"` + Namespace pulumi.StringPtrInput `pulumi:"namespace"` + RoleName pulumi.StringInput `pulumi:"roleName"` +} + +func (GetStaticCredentialsOutputArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetStaticCredentialsArgs)(nil)).Elem() +} + +// A collection of values returned by getStaticCredentials. +type GetStaticCredentialsResultOutput struct{ *pulumi.OutputState } + +func (GetStaticCredentialsResultOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetStaticCredentialsResult)(nil)).Elem() +} + +func (o GetStaticCredentialsResultOutput) ToGetStaticCredentialsResultOutput() GetStaticCredentialsResultOutput { + return o +} + +func (o GetStaticCredentialsResultOutput) ToGetStaticCredentialsResultOutputWithContext(ctx context.Context) GetStaticCredentialsResultOutput { + return o +} + +func (o GetStaticCredentialsResultOutput) ToOutput(ctx context.Context) pulumix.Output[GetStaticCredentialsResult] { + return pulumix.Output[GetStaticCredentialsResult]{ + OutputState: o.OutputState, + } +} + +func (o GetStaticCredentialsResultOutput) Dn() pulumi.StringOutput { + return o.ApplyT(func(v GetStaticCredentialsResult) string { return v.Dn }).(pulumi.StringOutput) +} + +// The provider-assigned unique ID for this managed resource. +func (o GetStaticCredentialsResultOutput) Id() pulumi.StringOutput { + return o.ApplyT(func(v GetStaticCredentialsResult) string { return v.Id }).(pulumi.StringOutput) +} + +func (o GetStaticCredentialsResultOutput) LastPassword() pulumi.StringOutput { + return o.ApplyT(func(v GetStaticCredentialsResult) string { return v.LastPassword }).(pulumi.StringOutput) +} + +func (o GetStaticCredentialsResultOutput) LastVaultRotation() pulumi.StringOutput { + return o.ApplyT(func(v GetStaticCredentialsResult) string { return v.LastVaultRotation }).(pulumi.StringOutput) +} + +func (o GetStaticCredentialsResultOutput) Mount() pulumi.StringOutput { + return o.ApplyT(func(v GetStaticCredentialsResult) string { return v.Mount }).(pulumi.StringOutput) +} + +func (o GetStaticCredentialsResultOutput) Namespace() pulumi.StringPtrOutput { + return o.ApplyT(func(v GetStaticCredentialsResult) *string { return v.Namespace }).(pulumi.StringPtrOutput) +} + +func (o GetStaticCredentialsResultOutput) Password() pulumi.StringOutput { + return o.ApplyT(func(v GetStaticCredentialsResult) string { return v.Password }).(pulumi.StringOutput) +} + +func (o GetStaticCredentialsResultOutput) RoleName() pulumi.StringOutput { + return o.ApplyT(func(v GetStaticCredentialsResult) string { return v.RoleName }).(pulumi.StringOutput) +} + +func (o GetStaticCredentialsResultOutput) RotationPeriod() pulumi.IntOutput { + return o.ApplyT(func(v GetStaticCredentialsResult) int { return v.RotationPeriod }).(pulumi.IntOutput) +} + +func (o GetStaticCredentialsResultOutput) Ttl() pulumi.IntOutput { + return o.ApplyT(func(v GetStaticCredentialsResult) int { return v.Ttl }).(pulumi.IntOutput) +} + +func (o GetStaticCredentialsResultOutput) Username() pulumi.StringOutput { + return o.ApplyT(func(v GetStaticCredentialsResult) string { return v.Username }).(pulumi.StringOutput) +} + +func init() { + pulumi.RegisterOutputType(GetStaticCredentialsResultOutput{}) +} diff --git a/sdk/go/vault/ldap/init.go b/sdk/go/vault/ldap/init.go index 2810321aa..a321aec71 100644 --- a/sdk/go/vault/ldap/init.go +++ b/sdk/go/vault/ldap/init.go @@ -7,7 +7,7 @@ import ( "fmt" "github.com/blang/semver" - "github.com/pulumi/pulumi-vault/sdk/v5/go/vault" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) @@ -44,7 +44,7 @@ func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi } func init() { - version, err := vault.PkgVersion() + version, err := internal.PkgVersion() if err != nil { version = semver.Version{Major: 1} } diff --git a/sdk/go/vault/ldap/secretBackend.go b/sdk/go/vault/ldap/secretBackend.go index 44db6a6bc..40a0bb513 100644 --- a/sdk/go/vault/ldap/secretBackend.go +++ b/sdk/go/vault/ldap/secretBackend.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -143,13 +145,13 @@ func NewSecretBackend(ctx *pulumi.Context, return nil, errors.New("invalid value for required argument 'Bindpass'") } if args.Bindpass != nil { - args.Bindpass = pulumi.ToSecret(args.Bindpass).(pulumi.StringOutput) + args.Bindpass = pulumi.ToSecret(args.Bindpass).(pulumi.StringInput) } if args.ClientTlsCert != nil { - args.ClientTlsCert = pulumi.ToSecret(args.ClientTlsCert).(pulumi.StringPtrOutput) + args.ClientTlsCert = pulumi.ToSecret(args.ClientTlsCert).(pulumi.StringPtrInput) } if args.ClientTlsKey != nil { - args.ClientTlsKey = pulumi.ToSecret(args.ClientTlsKey).(pulumi.StringPtrOutput) + args.ClientTlsKey = pulumi.ToSecret(args.ClientTlsKey).(pulumi.StringPtrInput) } secrets := pulumi.AdditionalSecretOutputs([]string{ "bindpass", @@ -157,6 +159,7 @@ func NewSecretBackend(ctx *pulumi.Context, "clientTlsKey", }) opts = append(opts, secrets) + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretBackend err := ctx.RegisterResource("vault:ldap/secretBackend:SecretBackend", name, args, &resource, opts...) if err != nil { @@ -506,6 +509,12 @@ func (i *SecretBackend) ToSecretBackendOutputWithContext(ctx context.Context) Se return pulumi.ToOutputWithContext(ctx, i).(SecretBackendOutput) } +func (i *SecretBackend) ToOutput(ctx context.Context) pulumix.Output[*SecretBackend] { + return pulumix.Output[*SecretBackend]{ + OutputState: i.ToSecretBackendOutputWithContext(ctx).OutputState, + } +} + // SecretBackendArrayInput is an input type that accepts SecretBackendArray and SecretBackendArrayOutput values. // You can construct a concrete instance of `SecretBackendArrayInput` via: // @@ -531,6 +540,12 @@ func (i SecretBackendArray) ToSecretBackendArrayOutputWithContext(ctx context.Co return pulumi.ToOutputWithContext(ctx, i).(SecretBackendArrayOutput) } +func (i SecretBackendArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackend] { + return pulumix.Output[[]*SecretBackend]{ + OutputState: i.ToSecretBackendArrayOutputWithContext(ctx).OutputState, + } +} + // SecretBackendMapInput is an input type that accepts SecretBackendMap and SecretBackendMapOutput values. // You can construct a concrete instance of `SecretBackendMapInput` via: // @@ -556,6 +571,12 @@ func (i SecretBackendMap) ToSecretBackendMapOutputWithContext(ctx context.Contex return pulumi.ToOutputWithContext(ctx, i).(SecretBackendMapOutput) } +func (i SecretBackendMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackend] { + return pulumix.Output[map[string]*SecretBackend]{ + OutputState: i.ToSecretBackendMapOutputWithContext(ctx).OutputState, + } +} + type SecretBackendOutput struct{ *pulumi.OutputState } func (SecretBackendOutput) ElementType() reflect.Type { @@ -570,6 +591,12 @@ func (o SecretBackendOutput) ToSecretBackendOutputWithContext(ctx context.Contex return o } +func (o SecretBackendOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackend] { + return pulumix.Output[*SecretBackend]{ + OutputState: o.OutputState, + } +} + // Accessor of the mount func (o SecretBackendOutput) Accessor() pulumi.StringOutput { return o.ApplyT(func(v *SecretBackend) pulumi.StringOutput { return v.Accessor }).(pulumi.StringOutput) @@ -747,6 +774,12 @@ func (o SecretBackendArrayOutput) ToSecretBackendArrayOutputWithContext(ctx cont return o } +func (o SecretBackendArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackend] { + return pulumix.Output[[]*SecretBackend]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendArrayOutput) Index(i pulumi.IntInput) SecretBackendOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretBackend { return vs[0].([]*SecretBackend)[vs[1].(int)] @@ -767,6 +800,12 @@ func (o SecretBackendMapOutput) ToSecretBackendMapOutputWithContext(ctx context. return o } +func (o SecretBackendMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackend] { + return pulumix.Output[map[string]*SecretBackend]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendMapOutput) MapIndex(k pulumi.StringInput) SecretBackendOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretBackend { return vs[0].(map[string]*SecretBackend)[vs[1].(string)] diff --git a/sdk/go/vault/ldap/secretBackendDynamicRole.go b/sdk/go/vault/ldap/secretBackendDynamicRole.go index 73faafedd..f03a36503 100644 --- a/sdk/go/vault/ldap/secretBackendDynamicRole.go +++ b/sdk/go/vault/ldap/secretBackendDynamicRole.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -36,10 +38,28 @@ import ( // return err // } // _, err = ldap.NewSecretBackendDynamicRole(ctx, "role", &ldap.SecretBackendDynamicRoleArgs{ -// Mount: config.Path, -// RoleName: pulumi.String("alice"), -// CreationLdif: pulumi.String("dn: cn={{.Username}},ou=users,dc=learn,dc=example\nobjectClass: person\nobjectClass: top\ncn: learn\nsn: {{.Password | utf16le | base64}}\nmemberOf: cn=dev,ou=groups,dc=learn,dc=example\nuserPassword: {{.Password}}\n"), -// DeletionLdif: pulumi.String("dn: cn={{.Username}},ou=users,dc=learn,dc=example\nchangetype: delete\n rollback_ldif = <)` - API hostname for Duo. func (o MfaDuoOutput) ApiHostname() pulumi.StringOutput { return o.ApplyT(func(v *MfaDuo) pulumi.StringOutput { return v.ApiHostname }).(pulumi.StringOutput) @@ -396,6 +423,12 @@ func (o MfaDuoArrayOutput) ToMfaDuoArrayOutputWithContext(ctx context.Context) M return o } +func (o MfaDuoArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*MfaDuo] { + return pulumix.Output[[]*MfaDuo]{ + OutputState: o.OutputState, + } +} + func (o MfaDuoArrayOutput) Index(i pulumi.IntInput) MfaDuoOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *MfaDuo { return vs[0].([]*MfaDuo)[vs[1].(int)] @@ -416,6 +449,12 @@ func (o MfaDuoMapOutput) ToMfaDuoMapOutputWithContext(ctx context.Context) MfaDu return o } +func (o MfaDuoMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*MfaDuo] { + return pulumix.Output[map[string]*MfaDuo]{ + OutputState: o.OutputState, + } +} + func (o MfaDuoMapOutput) MapIndex(k pulumi.StringInput) MfaDuoOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *MfaDuo { return vs[0].(map[string]*MfaDuo)[vs[1].(string)] diff --git a/sdk/go/vault/mfaOkta.go b/sdk/go/vault/mfaOkta.go index d43acb588..223978af2 100644 --- a/sdk/go/vault/mfaOkta.go +++ b/sdk/go/vault/mfaOkta.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Provides a resource to manage [Okta MFA](https://www.vaultproject.io/docs/enterprise/mfa/mfa-okta). @@ -110,12 +112,13 @@ func NewMfaOkta(ctx *pulumi.Context, return nil, errors.New("invalid value for required argument 'OrgName'") } if args.ApiToken != nil { - args.ApiToken = pulumi.ToSecret(args.ApiToken).(pulumi.StringOutput) + args.ApiToken = pulumi.ToSecret(args.ApiToken).(pulumi.StringInput) } secrets := pulumi.AdditionalSecretOutputs([]string{ "apiToken", }) opts = append(opts, secrets) + opts = internal.PkgResourceDefaultOpts(opts) var resource MfaOkta err := ctx.RegisterResource("vault:index/mfaOkta:MfaOkta", name, args, &resource, opts...) if err != nil { @@ -289,6 +292,12 @@ func (i *MfaOkta) ToMfaOktaOutputWithContext(ctx context.Context) MfaOktaOutput return pulumi.ToOutputWithContext(ctx, i).(MfaOktaOutput) } +func (i *MfaOkta) ToOutput(ctx context.Context) pulumix.Output[*MfaOkta] { + return pulumix.Output[*MfaOkta]{ + OutputState: i.ToMfaOktaOutputWithContext(ctx).OutputState, + } +} + // MfaOktaArrayInput is an input type that accepts MfaOktaArray and MfaOktaArrayOutput values. // You can construct a concrete instance of `MfaOktaArrayInput` via: // @@ -314,6 +323,12 @@ func (i MfaOktaArray) ToMfaOktaArrayOutputWithContext(ctx context.Context) MfaOk return pulumi.ToOutputWithContext(ctx, i).(MfaOktaArrayOutput) } +func (i MfaOktaArray) ToOutput(ctx context.Context) pulumix.Output[[]*MfaOkta] { + return pulumix.Output[[]*MfaOkta]{ + OutputState: i.ToMfaOktaArrayOutputWithContext(ctx).OutputState, + } +} + // MfaOktaMapInput is an input type that accepts MfaOktaMap and MfaOktaMapOutput values. // You can construct a concrete instance of `MfaOktaMapInput` via: // @@ -339,6 +354,12 @@ func (i MfaOktaMap) ToMfaOktaMapOutputWithContext(ctx context.Context) MfaOktaMa return pulumi.ToOutputWithContext(ctx, i).(MfaOktaMapOutput) } +func (i MfaOktaMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*MfaOkta] { + return pulumix.Output[map[string]*MfaOkta]{ + OutputState: i.ToMfaOktaMapOutputWithContext(ctx).OutputState, + } +} + type MfaOktaOutput struct{ *pulumi.OutputState } func (MfaOktaOutput) ElementType() reflect.Type { @@ -353,6 +374,12 @@ func (o MfaOktaOutput) ToMfaOktaOutputWithContext(ctx context.Context) MfaOktaOu return o } +func (o MfaOktaOutput) ToOutput(ctx context.Context) pulumix.Output[*MfaOkta] { + return pulumix.Output[*MfaOkta]{ + OutputState: o.OutputState, + } +} + // `(string: )` - Okta API key. func (o MfaOktaOutput) ApiToken() pulumi.StringOutput { return o.ApplyT(func(v *MfaOkta) pulumi.StringOutput { return v.ApiToken }).(pulumi.StringOutput) @@ -419,6 +446,12 @@ func (o MfaOktaArrayOutput) ToMfaOktaArrayOutputWithContext(ctx context.Context) return o } +func (o MfaOktaArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*MfaOkta] { + return pulumix.Output[[]*MfaOkta]{ + OutputState: o.OutputState, + } +} + func (o MfaOktaArrayOutput) Index(i pulumi.IntInput) MfaOktaOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *MfaOkta { return vs[0].([]*MfaOkta)[vs[1].(int)] @@ -439,6 +472,12 @@ func (o MfaOktaMapOutput) ToMfaOktaMapOutputWithContext(ctx context.Context) Mfa return o } +func (o MfaOktaMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*MfaOkta] { + return pulumix.Output[map[string]*MfaOkta]{ + OutputState: o.OutputState, + } +} + func (o MfaOktaMapOutput) MapIndex(k pulumi.StringInput) MfaOktaOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *MfaOkta { return vs[0].(map[string]*MfaOkta)[vs[1].(string)] diff --git a/sdk/go/vault/mfaPingid.go b/sdk/go/vault/mfaPingid.go index 722500ac0..e9f10f36a 100644 --- a/sdk/go/vault/mfaPingid.go +++ b/sdk/go/vault/mfaPingid.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Provides a resource to manage [PingID MFA](https://www.vaultproject.io/docs/enterprise/mfa/mfa-pingid). @@ -65,11 +67,11 @@ import ( type MfaPingid struct { pulumi.CustomResourceState - // Admin URL computed by Vault. + // `(string)` – Admin URL computed by Vault AdminUrl pulumi.StringOutput `pulumi:"adminUrl"` - // Authenticator URL computed by Vault. + // `(string)` – Authenticator URL computed by Vault AuthenticatorUrl pulumi.StringOutput `pulumi:"authenticatorUrl"` - // IDP URL computed by Vault. + // `(string)` – IDP URL computed by Vault IdpUrl pulumi.StringOutput `pulumi:"idpUrl"` // `(string: )` - The mount to tie this method to for use in automatic mappings. // The mapping will use the Name field of Aliases associated with this mount as the username in the mapping. @@ -81,16 +83,16 @@ type MfaPingid struct { // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrOutput `pulumi:"namespace"` - // Namespace ID computed by Vault. + // `(string)` – Namespace ID computed by Vault NamespaceId pulumi.StringOutput `pulumi:"namespaceId"` - // Org Alias computed by Vault. + // `(string)` – Org Alias computed by Vault OrgAlias pulumi.StringOutput `pulumi:"orgAlias"` // `(string: )` - A base64-encoded third-party settings file retrieved // from PingID's configuration page. SettingsFileBase64 pulumi.StringOutput `pulumi:"settingsFileBase64"` - // Type of configuration computed by Vault. + // `(string)` – Type of configuration computed by Vault Type pulumi.StringOutput `pulumi:"type"` - // If set, enables use of PingID signature. Computed by Vault + // `(string)` – If set to true, enables use of PingID signature. Computed by Vault UseSignature pulumi.BoolOutput `pulumi:"useSignature"` // `(string)` - A format string for mapping Identity names to MFA method names. // Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. @@ -115,6 +117,7 @@ func NewMfaPingid(ctx *pulumi.Context, if args.SettingsFileBase64 == nil { return nil, errors.New("invalid value for required argument 'SettingsFileBase64'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource MfaPingid err := ctx.RegisterResource("vault:index/mfaPingid:MfaPingid", name, args, &resource, opts...) if err != nil { @@ -137,11 +140,11 @@ func GetMfaPingid(ctx *pulumi.Context, // Input properties used for looking up and filtering MfaPingid resources. type mfaPingidState struct { - // Admin URL computed by Vault. + // `(string)` – Admin URL computed by Vault AdminUrl *string `pulumi:"adminUrl"` - // Authenticator URL computed by Vault. + // `(string)` – Authenticator URL computed by Vault AuthenticatorUrl *string `pulumi:"authenticatorUrl"` - // IDP URL computed by Vault. + // `(string)` – IDP URL computed by Vault IdpUrl *string `pulumi:"idpUrl"` // `(string: )` - The mount to tie this method to for use in automatic mappings. // The mapping will use the Name field of Aliases associated with this mount as the username in the mapping. @@ -153,16 +156,16 @@ type mfaPingidState struct { // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). // *Available only for Vault Enterprise*. Namespace *string `pulumi:"namespace"` - // Namespace ID computed by Vault. + // `(string)` – Namespace ID computed by Vault NamespaceId *string `pulumi:"namespaceId"` - // Org Alias computed by Vault. + // `(string)` – Org Alias computed by Vault OrgAlias *string `pulumi:"orgAlias"` // `(string: )` - A base64-encoded third-party settings file retrieved // from PingID's configuration page. SettingsFileBase64 *string `pulumi:"settingsFileBase64"` - // Type of configuration computed by Vault. + // `(string)` – Type of configuration computed by Vault Type *string `pulumi:"type"` - // If set, enables use of PingID signature. Computed by Vault + // `(string)` – If set to true, enables use of PingID signature. Computed by Vault UseSignature *bool `pulumi:"useSignature"` // `(string)` - A format string for mapping Identity names to MFA method names. // Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. @@ -175,11 +178,11 @@ type mfaPingidState struct { } type MfaPingidState struct { - // Admin URL computed by Vault. + // `(string)` – Admin URL computed by Vault AdminUrl pulumi.StringPtrInput - // Authenticator URL computed by Vault. + // `(string)` – Authenticator URL computed by Vault AuthenticatorUrl pulumi.StringPtrInput - // IDP URL computed by Vault. + // `(string)` – IDP URL computed by Vault IdpUrl pulumi.StringPtrInput // `(string: )` - The mount to tie this method to for use in automatic mappings. // The mapping will use the Name field of Aliases associated with this mount as the username in the mapping. @@ -191,16 +194,16 @@ type MfaPingidState struct { // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput - // Namespace ID computed by Vault. + // `(string)` – Namespace ID computed by Vault NamespaceId pulumi.StringPtrInput - // Org Alias computed by Vault. + // `(string)` – Org Alias computed by Vault OrgAlias pulumi.StringPtrInput // `(string: )` - A base64-encoded third-party settings file retrieved // from PingID's configuration page. SettingsFileBase64 pulumi.StringPtrInput - // Type of configuration computed by Vault. + // `(string)` – Type of configuration computed by Vault Type pulumi.StringPtrInput - // If set, enables use of PingID signature. Computed by Vault + // `(string)` – If set to true, enables use of PingID signature. Computed by Vault UseSignature pulumi.BoolPtrInput // `(string)` - A format string for mapping Identity names to MFA method names. // Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. @@ -288,6 +291,12 @@ func (i *MfaPingid) ToMfaPingidOutputWithContext(ctx context.Context) MfaPingidO return pulumi.ToOutputWithContext(ctx, i).(MfaPingidOutput) } +func (i *MfaPingid) ToOutput(ctx context.Context) pulumix.Output[*MfaPingid] { + return pulumix.Output[*MfaPingid]{ + OutputState: i.ToMfaPingidOutputWithContext(ctx).OutputState, + } +} + // MfaPingidArrayInput is an input type that accepts MfaPingidArray and MfaPingidArrayOutput values. // You can construct a concrete instance of `MfaPingidArrayInput` via: // @@ -313,6 +322,12 @@ func (i MfaPingidArray) ToMfaPingidArrayOutputWithContext(ctx context.Context) M return pulumi.ToOutputWithContext(ctx, i).(MfaPingidArrayOutput) } +func (i MfaPingidArray) ToOutput(ctx context.Context) pulumix.Output[[]*MfaPingid] { + return pulumix.Output[[]*MfaPingid]{ + OutputState: i.ToMfaPingidArrayOutputWithContext(ctx).OutputState, + } +} + // MfaPingidMapInput is an input type that accepts MfaPingidMap and MfaPingidMapOutput values. // You can construct a concrete instance of `MfaPingidMapInput` via: // @@ -338,6 +353,12 @@ func (i MfaPingidMap) ToMfaPingidMapOutputWithContext(ctx context.Context) MfaPi return pulumi.ToOutputWithContext(ctx, i).(MfaPingidMapOutput) } +func (i MfaPingidMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*MfaPingid] { + return pulumix.Output[map[string]*MfaPingid]{ + OutputState: i.ToMfaPingidMapOutputWithContext(ctx).OutputState, + } +} + type MfaPingidOutput struct{ *pulumi.OutputState } func (MfaPingidOutput) ElementType() reflect.Type { @@ -352,17 +373,23 @@ func (o MfaPingidOutput) ToMfaPingidOutputWithContext(ctx context.Context) MfaPi return o } -// Admin URL computed by Vault. +func (o MfaPingidOutput) ToOutput(ctx context.Context) pulumix.Output[*MfaPingid] { + return pulumix.Output[*MfaPingid]{ + OutputState: o.OutputState, + } +} + +// `(string)` – Admin URL computed by Vault func (o MfaPingidOutput) AdminUrl() pulumi.StringOutput { return o.ApplyT(func(v *MfaPingid) pulumi.StringOutput { return v.AdminUrl }).(pulumi.StringOutput) } -// Authenticator URL computed by Vault. +// `(string)` – Authenticator URL computed by Vault func (o MfaPingidOutput) AuthenticatorUrl() pulumi.StringOutput { return o.ApplyT(func(v *MfaPingid) pulumi.StringOutput { return v.AuthenticatorUrl }).(pulumi.StringOutput) } -// IDP URL computed by Vault. +// `(string)` – IDP URL computed by Vault func (o MfaPingidOutput) IdpUrl() pulumi.StringOutput { return o.ApplyT(func(v *MfaPingid) pulumi.StringOutput { return v.IdpUrl }).(pulumi.StringOutput) } @@ -386,12 +413,12 @@ func (o MfaPingidOutput) Namespace() pulumi.StringPtrOutput { return o.ApplyT(func(v *MfaPingid) pulumi.StringPtrOutput { return v.Namespace }).(pulumi.StringPtrOutput) } -// Namespace ID computed by Vault. +// `(string)` – Namespace ID computed by Vault func (o MfaPingidOutput) NamespaceId() pulumi.StringOutput { return o.ApplyT(func(v *MfaPingid) pulumi.StringOutput { return v.NamespaceId }).(pulumi.StringOutput) } -// Org Alias computed by Vault. +// `(string)` – Org Alias computed by Vault func (o MfaPingidOutput) OrgAlias() pulumi.StringOutput { return o.ApplyT(func(v *MfaPingid) pulumi.StringOutput { return v.OrgAlias }).(pulumi.StringOutput) } @@ -402,12 +429,12 @@ func (o MfaPingidOutput) SettingsFileBase64() pulumi.StringOutput { return o.ApplyT(func(v *MfaPingid) pulumi.StringOutput { return v.SettingsFileBase64 }).(pulumi.StringOutput) } -// Type of configuration computed by Vault. +// `(string)` – Type of configuration computed by Vault func (o MfaPingidOutput) Type() pulumi.StringOutput { return o.ApplyT(func(v *MfaPingid) pulumi.StringOutput { return v.Type }).(pulumi.StringOutput) } -// If set, enables use of PingID signature. Computed by Vault +// `(string)` – If set to true, enables use of PingID signature. Computed by Vault func (o MfaPingidOutput) UseSignature() pulumi.BoolOutput { return o.ApplyT(func(v *MfaPingid) pulumi.BoolOutput { return v.UseSignature }).(pulumi.BoolOutput) } @@ -437,6 +464,12 @@ func (o MfaPingidArrayOutput) ToMfaPingidArrayOutputWithContext(ctx context.Cont return o } +func (o MfaPingidArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*MfaPingid] { + return pulumix.Output[[]*MfaPingid]{ + OutputState: o.OutputState, + } +} + func (o MfaPingidArrayOutput) Index(i pulumi.IntInput) MfaPingidOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *MfaPingid { return vs[0].([]*MfaPingid)[vs[1].(int)] @@ -457,6 +490,12 @@ func (o MfaPingidMapOutput) ToMfaPingidMapOutputWithContext(ctx context.Context) return o } +func (o MfaPingidMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*MfaPingid] { + return pulumix.Output[map[string]*MfaPingid]{ + OutputState: o.OutputState, + } +} + func (o MfaPingidMapOutput) MapIndex(k pulumi.StringInput) MfaPingidOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *MfaPingid { return vs[0].(map[string]*MfaPingid)[vs[1].(string)] diff --git a/sdk/go/vault/mfaTotp.go b/sdk/go/vault/mfaTotp.go index ae69c7e51..4fc03cbaf 100644 --- a/sdk/go/vault/mfaTotp.go +++ b/sdk/go/vault/mfaTotp.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Provides a resource to manage [TOTP MFA](https://www.vaultproject.io/docs/enterprise/mfa/mfa-totp). @@ -93,6 +95,7 @@ func NewMfaTotp(ctx *pulumi.Context, if args.Issuer == nil { return nil, errors.New("invalid value for required argument 'Issuer'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource MfaTotp err := ctx.RegisterResource("vault:index/mfaTotp:MfaTotp", name, args, &resource, opts...) if err != nil { @@ -250,6 +253,12 @@ func (i *MfaTotp) ToMfaTotpOutputWithContext(ctx context.Context) MfaTotpOutput return pulumi.ToOutputWithContext(ctx, i).(MfaTotpOutput) } +func (i *MfaTotp) ToOutput(ctx context.Context) pulumix.Output[*MfaTotp] { + return pulumix.Output[*MfaTotp]{ + OutputState: i.ToMfaTotpOutputWithContext(ctx).OutputState, + } +} + // MfaTotpArrayInput is an input type that accepts MfaTotpArray and MfaTotpArrayOutput values. // You can construct a concrete instance of `MfaTotpArrayInput` via: // @@ -275,6 +284,12 @@ func (i MfaTotpArray) ToMfaTotpArrayOutputWithContext(ctx context.Context) MfaTo return pulumi.ToOutputWithContext(ctx, i).(MfaTotpArrayOutput) } +func (i MfaTotpArray) ToOutput(ctx context.Context) pulumix.Output[[]*MfaTotp] { + return pulumix.Output[[]*MfaTotp]{ + OutputState: i.ToMfaTotpArrayOutputWithContext(ctx).OutputState, + } +} + // MfaTotpMapInput is an input type that accepts MfaTotpMap and MfaTotpMapOutput values. // You can construct a concrete instance of `MfaTotpMapInput` via: // @@ -300,6 +315,12 @@ func (i MfaTotpMap) ToMfaTotpMapOutputWithContext(ctx context.Context) MfaTotpMa return pulumi.ToOutputWithContext(ctx, i).(MfaTotpMapOutput) } +func (i MfaTotpMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*MfaTotp] { + return pulumix.Output[map[string]*MfaTotp]{ + OutputState: i.ToMfaTotpMapOutputWithContext(ctx).OutputState, + } +} + type MfaTotpOutput struct{ *pulumi.OutputState } func (MfaTotpOutput) ElementType() reflect.Type { @@ -314,6 +335,12 @@ func (o MfaTotpOutput) ToMfaTotpOutputWithContext(ctx context.Context) MfaTotpOu return o } +func (o MfaTotpOutput) ToOutput(ctx context.Context) pulumix.Output[*MfaTotp] { + return pulumix.Output[*MfaTotp]{ + OutputState: o.OutputState, + } +} + // `(string)` - Specifies the hashing algorithm used to generate the TOTP code. // Options include `SHA1`, `SHA256` and `SHA512` func (o MfaTotpOutput) Algorithm() pulumi.StringPtrOutput { @@ -379,6 +406,12 @@ func (o MfaTotpArrayOutput) ToMfaTotpArrayOutputWithContext(ctx context.Context) return o } +func (o MfaTotpArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*MfaTotp] { + return pulumix.Output[[]*MfaTotp]{ + OutputState: o.OutputState, + } +} + func (o MfaTotpArrayOutput) Index(i pulumi.IntInput) MfaTotpOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *MfaTotp { return vs[0].([]*MfaTotp)[vs[1].(int)] @@ -399,6 +432,12 @@ func (o MfaTotpMapOutput) ToMfaTotpMapOutputWithContext(ctx context.Context) Mfa return o } +func (o MfaTotpMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*MfaTotp] { + return pulumix.Output[map[string]*MfaTotp]{ + OutputState: o.OutputState, + } +} + func (o MfaTotpMapOutput) MapIndex(k pulumi.StringInput) MfaTotpOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *MfaTotp { return vs[0].(map[string]*MfaTotp)[vs[1].(string)] diff --git a/sdk/go/vault/mongodbatlas/init.go b/sdk/go/vault/mongodbatlas/init.go index 0764de74d..a6acb86c1 100644 --- a/sdk/go/vault/mongodbatlas/init.go +++ b/sdk/go/vault/mongodbatlas/init.go @@ -7,7 +7,7 @@ import ( "fmt" "github.com/blang/semver" - "github.com/pulumi/pulumi-vault/sdk/v5/go/vault" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) @@ -34,7 +34,7 @@ func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi } func init() { - version, err := vault.PkgVersion() + version, err := internal.PkgVersion() if err != nil { version = semver.Version{Major: 1} } diff --git a/sdk/go/vault/mongodbatlas/secretBackend.go b/sdk/go/vault/mongodbatlas/secretBackend.go index 4b097dd4a..3d1b41945 100644 --- a/sdk/go/vault/mongodbatlas/secretBackend.go +++ b/sdk/go/vault/mongodbatlas/secretBackend.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -91,6 +93,7 @@ func NewSecretBackend(ctx *pulumi.Context, if args.PublicKey == nil { return nil, errors.New("invalid value for required argument 'PublicKey'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretBackend err := ctx.RegisterResource("vault:mongodbatlas/secretBackend:SecretBackend", name, args, &resource, opts...) if err != nil { @@ -200,6 +203,12 @@ func (i *SecretBackend) ToSecretBackendOutputWithContext(ctx context.Context) Se return pulumi.ToOutputWithContext(ctx, i).(SecretBackendOutput) } +func (i *SecretBackend) ToOutput(ctx context.Context) pulumix.Output[*SecretBackend] { + return pulumix.Output[*SecretBackend]{ + OutputState: i.ToSecretBackendOutputWithContext(ctx).OutputState, + } +} + // SecretBackendArrayInput is an input type that accepts SecretBackendArray and SecretBackendArrayOutput values. // You can construct a concrete instance of `SecretBackendArrayInput` via: // @@ -225,6 +234,12 @@ func (i SecretBackendArray) ToSecretBackendArrayOutputWithContext(ctx context.Co return pulumi.ToOutputWithContext(ctx, i).(SecretBackendArrayOutput) } +func (i SecretBackendArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackend] { + return pulumix.Output[[]*SecretBackend]{ + OutputState: i.ToSecretBackendArrayOutputWithContext(ctx).OutputState, + } +} + // SecretBackendMapInput is an input type that accepts SecretBackendMap and SecretBackendMapOutput values. // You can construct a concrete instance of `SecretBackendMapInput` via: // @@ -250,6 +265,12 @@ func (i SecretBackendMap) ToSecretBackendMapOutputWithContext(ctx context.Contex return pulumi.ToOutputWithContext(ctx, i).(SecretBackendMapOutput) } +func (i SecretBackendMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackend] { + return pulumix.Output[map[string]*SecretBackend]{ + OutputState: i.ToSecretBackendMapOutputWithContext(ctx).OutputState, + } +} + type SecretBackendOutput struct{ *pulumi.OutputState } func (SecretBackendOutput) ElementType() reflect.Type { @@ -264,6 +285,12 @@ func (o SecretBackendOutput) ToSecretBackendOutputWithContext(ctx context.Contex return o } +func (o SecretBackendOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackend] { + return pulumix.Output[*SecretBackend]{ + OutputState: o.OutputState, + } +} + // Path where the MongoDB Atlas Secrets Engine is mounted. func (o SecretBackendOutput) Mount() pulumi.StringOutput { return o.ApplyT(func(v *SecretBackend) pulumi.StringOutput { return v.Mount }).(pulumi.StringOutput) @@ -306,6 +333,12 @@ func (o SecretBackendArrayOutput) ToSecretBackendArrayOutputWithContext(ctx cont return o } +func (o SecretBackendArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackend] { + return pulumix.Output[[]*SecretBackend]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendArrayOutput) Index(i pulumi.IntInput) SecretBackendOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretBackend { return vs[0].([]*SecretBackend)[vs[1].(int)] @@ -326,6 +359,12 @@ func (o SecretBackendMapOutput) ToSecretBackendMapOutputWithContext(ctx context. return o } +func (o SecretBackendMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackend] { + return pulumix.Output[map[string]*SecretBackend]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendMapOutput) MapIndex(k pulumi.StringInput) SecretBackendOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretBackend { return vs[0].(map[string]*SecretBackend)[vs[1].(string)] diff --git a/sdk/go/vault/mongodbatlas/secretRole.go b/sdk/go/vault/mongodbatlas/secretRole.go index a42a98b53..32d5dc80c 100644 --- a/sdk/go/vault/mongodbatlas/secretRole.go +++ b/sdk/go/vault/mongodbatlas/secretRole.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -116,6 +118,7 @@ func NewSecretRole(ctx *pulumi.Context, if args.Roles == nil { return nil, errors.New("invalid value for required argument 'Roles'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretRole err := ctx.RegisterResource("vault:mongodbatlas/secretRole:SecretRole", name, args, &resource, opts...) if err != nil { @@ -285,6 +288,12 @@ func (i *SecretRole) ToSecretRoleOutputWithContext(ctx context.Context) SecretRo return pulumi.ToOutputWithContext(ctx, i).(SecretRoleOutput) } +func (i *SecretRole) ToOutput(ctx context.Context) pulumix.Output[*SecretRole] { + return pulumix.Output[*SecretRole]{ + OutputState: i.ToSecretRoleOutputWithContext(ctx).OutputState, + } +} + // SecretRoleArrayInput is an input type that accepts SecretRoleArray and SecretRoleArrayOutput values. // You can construct a concrete instance of `SecretRoleArrayInput` via: // @@ -310,6 +319,12 @@ func (i SecretRoleArray) ToSecretRoleArrayOutputWithContext(ctx context.Context) return pulumi.ToOutputWithContext(ctx, i).(SecretRoleArrayOutput) } +func (i SecretRoleArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretRole] { + return pulumix.Output[[]*SecretRole]{ + OutputState: i.ToSecretRoleArrayOutputWithContext(ctx).OutputState, + } +} + // SecretRoleMapInput is an input type that accepts SecretRoleMap and SecretRoleMapOutput values. // You can construct a concrete instance of `SecretRoleMapInput` via: // @@ -335,6 +350,12 @@ func (i SecretRoleMap) ToSecretRoleMapOutputWithContext(ctx context.Context) Sec return pulumi.ToOutputWithContext(ctx, i).(SecretRoleMapOutput) } +func (i SecretRoleMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretRole] { + return pulumix.Output[map[string]*SecretRole]{ + OutputState: i.ToSecretRoleMapOutputWithContext(ctx).OutputState, + } +} + type SecretRoleOutput struct{ *pulumi.OutputState } func (SecretRoleOutput) ElementType() reflect.Type { @@ -349,6 +370,12 @@ func (o SecretRoleOutput) ToSecretRoleOutputWithContext(ctx context.Context) Sec return o } +func (o SecretRoleOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretRole] { + return pulumix.Output[*SecretRole]{ + OutputState: o.OutputState, + } +} + // Whitelist entry in CIDR notation to be added for the API key. func (o SecretRoleOutput) CidrBlocks() pulumi.StringArrayOutput { return o.ApplyT(func(v *SecretRole) pulumi.StringArrayOutput { return v.CidrBlocks }).(pulumi.StringArrayOutput) @@ -423,6 +450,12 @@ func (o SecretRoleArrayOutput) ToSecretRoleArrayOutputWithContext(ctx context.Co return o } +func (o SecretRoleArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretRole] { + return pulumix.Output[[]*SecretRole]{ + OutputState: o.OutputState, + } +} + func (o SecretRoleArrayOutput) Index(i pulumi.IntInput) SecretRoleOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretRole { return vs[0].([]*SecretRole)[vs[1].(int)] @@ -443,6 +476,12 @@ func (o SecretRoleMapOutput) ToSecretRoleMapOutputWithContext(ctx context.Contex return o } +func (o SecretRoleMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretRole] { + return pulumix.Output[map[string]*SecretRole]{ + OutputState: o.OutputState, + } +} + func (o SecretRoleMapOutput) MapIndex(k pulumi.StringInput) SecretRoleOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretRole { return vs[0].(map[string]*SecretRole)[vs[1].(string)] diff --git a/sdk/go/vault/mount.go b/sdk/go/vault/mount.go index 9583ff443..508322032 100644 --- a/sdk/go/vault/mount.go +++ b/sdk/go/vault/mount.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -53,7 +55,7 @@ import ( // pulumi.Run(func(ctx *pulumi.Context) error { // _, err := vault.NewMount(ctx, "kvv2-example", &vault.MountArgs{ // Description: pulumi.String("This is an example KV Version 2 secret engine mount"), -// Options: pulumi.AnyMap{ +// Options: pulumi.Map{ // "type": pulumi.Any("kv-v2"), // "version": pulumi.Any("2"), // }, @@ -83,7 +85,7 @@ import ( // pulumi.Run(func(ctx *pulumi.Context) error { // _, err := vault.NewMount(ctx, "transit-example", &vault.MountArgs{ // Description: pulumi.String("This is an example transit secret engine mount"), -// Options: pulumi.AnyMap{ +// Options: pulumi.Map{ // "convergent_encryption": pulumi.Any(false), // }, // Path: pulumi.String("transit-example"), @@ -184,6 +186,7 @@ func NewMount(ctx *pulumi.Context, if args.Type == nil { return nil, errors.New("invalid value for required argument 'Type'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource Mount err := ctx.RegisterResource("vault:index/mount:Mount", name, args, &resource, opts...) if err != nil { @@ -365,6 +368,12 @@ func (i *Mount) ToMountOutputWithContext(ctx context.Context) MountOutput { return pulumi.ToOutputWithContext(ctx, i).(MountOutput) } +func (i *Mount) ToOutput(ctx context.Context) pulumix.Output[*Mount] { + return pulumix.Output[*Mount]{ + OutputState: i.ToMountOutputWithContext(ctx).OutputState, + } +} + // MountArrayInput is an input type that accepts MountArray and MountArrayOutput values. // You can construct a concrete instance of `MountArrayInput` via: // @@ -390,6 +399,12 @@ func (i MountArray) ToMountArrayOutputWithContext(ctx context.Context) MountArra return pulumi.ToOutputWithContext(ctx, i).(MountArrayOutput) } +func (i MountArray) ToOutput(ctx context.Context) pulumix.Output[[]*Mount] { + return pulumix.Output[[]*Mount]{ + OutputState: i.ToMountArrayOutputWithContext(ctx).OutputState, + } +} + // MountMapInput is an input type that accepts MountMap and MountMapOutput values. // You can construct a concrete instance of `MountMapInput` via: // @@ -415,6 +430,12 @@ func (i MountMap) ToMountMapOutputWithContext(ctx context.Context) MountMapOutpu return pulumi.ToOutputWithContext(ctx, i).(MountMapOutput) } +func (i MountMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*Mount] { + return pulumix.Output[map[string]*Mount]{ + OutputState: i.ToMountMapOutputWithContext(ctx).OutputState, + } +} + type MountOutput struct{ *pulumi.OutputState } func (MountOutput) ElementType() reflect.Type { @@ -429,6 +450,12 @@ func (o MountOutput) ToMountOutputWithContext(ctx context.Context) MountOutput { return o } +func (o MountOutput) ToOutput(ctx context.Context) pulumix.Output[*Mount] { + return pulumix.Output[*Mount]{ + OutputState: o.OutputState, + } +} + // The accessor for this mount. func (o MountOutput) Accessor() pulumi.StringOutput { return o.ApplyT(func(v *Mount) pulumi.StringOutput { return v.Accessor }).(pulumi.StringOutput) @@ -516,6 +543,12 @@ func (o MountArrayOutput) ToMountArrayOutputWithContext(ctx context.Context) Mou return o } +func (o MountArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*Mount] { + return pulumix.Output[[]*Mount]{ + OutputState: o.OutputState, + } +} + func (o MountArrayOutput) Index(i pulumi.IntInput) MountOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *Mount { return vs[0].([]*Mount)[vs[1].(int)] @@ -536,6 +569,12 @@ func (o MountMapOutput) ToMountMapOutputWithContext(ctx context.Context) MountMa return o } +func (o MountMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*Mount] { + return pulumix.Output[map[string]*Mount]{ + OutputState: o.OutputState, + } +} + func (o MountMapOutput) MapIndex(k pulumi.StringInput) MountOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *Mount { return vs[0].(map[string]*Mount)[vs[1].(string)] diff --git a/sdk/go/vault/namespace.go b/sdk/go/vault/namespace.go index 836ed121f..3b79f1fee 100644 --- a/sdk/go/vault/namespace.go +++ b/sdk/go/vault/namespace.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Import @@ -61,6 +63,9 @@ import ( type Namespace struct { pulumi.CustomResourceState + // Custom metadata describing this namespace. Value type + // is `map[string]string`. Requires Vault version 1.12+. + CustomMetadata pulumi.MapOutput `pulumi:"customMetadata"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). @@ -85,6 +90,7 @@ func NewNamespace(ctx *pulumi.Context, if args.Path == nil { return nil, errors.New("invalid value for required argument 'Path'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource Namespace err := ctx.RegisterResource("vault:index/namespace:Namespace", name, args, &resource, opts...) if err != nil { @@ -107,6 +113,9 @@ func GetNamespace(ctx *pulumi.Context, // Input properties used for looking up and filtering Namespace resources. type namespaceState struct { + // Custom metadata describing this namespace. Value type + // is `map[string]string`. Requires Vault version 1.12+. + CustomMetadata map[string]interface{} `pulumi:"customMetadata"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). @@ -122,6 +131,9 @@ type namespaceState struct { } type NamespaceState struct { + // Custom metadata describing this namespace. Value type + // is `map[string]string`. Requires Vault version 1.12+. + CustomMetadata pulumi.MapInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). @@ -141,6 +153,9 @@ func (NamespaceState) ElementType() reflect.Type { } type namespaceArgs struct { + // Custom metadata describing this namespace. Value type + // is `map[string]string`. Requires Vault version 1.12+. + CustomMetadata map[string]interface{} `pulumi:"customMetadata"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). @@ -155,6 +170,9 @@ type namespaceArgs struct { // The set of arguments for constructing a Namespace resource. type NamespaceArgs struct { + // Custom metadata describing this namespace. Value type + // is `map[string]string`. Requires Vault version 1.12+. + CustomMetadata pulumi.MapInput // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). @@ -190,6 +208,12 @@ func (i *Namespace) ToNamespaceOutputWithContext(ctx context.Context) NamespaceO return pulumi.ToOutputWithContext(ctx, i).(NamespaceOutput) } +func (i *Namespace) ToOutput(ctx context.Context) pulumix.Output[*Namespace] { + return pulumix.Output[*Namespace]{ + OutputState: i.ToNamespaceOutputWithContext(ctx).OutputState, + } +} + // NamespaceArrayInput is an input type that accepts NamespaceArray and NamespaceArrayOutput values. // You can construct a concrete instance of `NamespaceArrayInput` via: // @@ -215,6 +239,12 @@ func (i NamespaceArray) ToNamespaceArrayOutputWithContext(ctx context.Context) N return pulumi.ToOutputWithContext(ctx, i).(NamespaceArrayOutput) } +func (i NamespaceArray) ToOutput(ctx context.Context) pulumix.Output[[]*Namespace] { + return pulumix.Output[[]*Namespace]{ + OutputState: i.ToNamespaceArrayOutputWithContext(ctx).OutputState, + } +} + // NamespaceMapInput is an input type that accepts NamespaceMap and NamespaceMapOutput values. // You can construct a concrete instance of `NamespaceMapInput` via: // @@ -240,6 +270,12 @@ func (i NamespaceMap) ToNamespaceMapOutputWithContext(ctx context.Context) Names return pulumi.ToOutputWithContext(ctx, i).(NamespaceMapOutput) } +func (i NamespaceMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*Namespace] { + return pulumix.Output[map[string]*Namespace]{ + OutputState: i.ToNamespaceMapOutputWithContext(ctx).OutputState, + } +} + type NamespaceOutput struct{ *pulumi.OutputState } func (NamespaceOutput) ElementType() reflect.Type { @@ -254,6 +290,18 @@ func (o NamespaceOutput) ToNamespaceOutputWithContext(ctx context.Context) Names return o } +func (o NamespaceOutput) ToOutput(ctx context.Context) pulumix.Output[*Namespace] { + return pulumix.Output[*Namespace]{ + OutputState: o.OutputState, + } +} + +// Custom metadata describing this namespace. Value type +// is `map[string]string`. Requires Vault version 1.12+. +func (o NamespaceOutput) CustomMetadata() pulumi.MapOutput { + return o.ApplyT(func(v *Namespace) pulumi.MapOutput { return v.CustomMetadata }).(pulumi.MapOutput) +} + // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). @@ -292,6 +340,12 @@ func (o NamespaceArrayOutput) ToNamespaceArrayOutputWithContext(ctx context.Cont return o } +func (o NamespaceArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*Namespace] { + return pulumix.Output[[]*Namespace]{ + OutputState: o.OutputState, + } +} + func (o NamespaceArrayOutput) Index(i pulumi.IntInput) NamespaceOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *Namespace { return vs[0].([]*Namespace)[vs[1].(int)] @@ -312,6 +366,12 @@ func (o NamespaceMapOutput) ToNamespaceMapOutputWithContext(ctx context.Context) return o } +func (o NamespaceMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*Namespace] { + return pulumix.Output[map[string]*Namespace]{ + OutputState: o.OutputState, + } +} + func (o NamespaceMapOutput) MapIndex(k pulumi.StringInput) NamespaceOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *Namespace { return vs[0].(map[string]*Namespace)[vs[1].(string)] diff --git a/sdk/go/vault/nomadSecretBackend.go b/sdk/go/vault/nomadSecretBackend.go index 3debfcec3..1bb5db486 100644 --- a/sdk/go/vault/nomadSecretBackend.go +++ b/sdk/go/vault/nomadSecretBackend.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -105,13 +107,13 @@ func NewNomadSecretBackend(ctx *pulumi.Context, } if args.ClientCert != nil { - args.ClientCert = pulumi.ToSecret(args.ClientCert).(pulumi.StringPtrOutput) + args.ClientCert = pulumi.ToSecret(args.ClientCert).(pulumi.StringPtrInput) } if args.ClientKey != nil { - args.ClientKey = pulumi.ToSecret(args.ClientKey).(pulumi.StringPtrOutput) + args.ClientKey = pulumi.ToSecret(args.ClientKey).(pulumi.StringPtrInput) } if args.Token != nil { - args.Token = pulumi.ToSecret(args.Token).(pulumi.StringPtrOutput) + args.Token = pulumi.ToSecret(args.Token).(pulumi.StringPtrInput) } secrets := pulumi.AdditionalSecretOutputs([]string{ "clientCert", @@ -119,6 +121,7 @@ func NewNomadSecretBackend(ctx *pulumi.Context, "token", }) opts = append(opts, secrets) + opts = internal.PkgResourceDefaultOpts(opts) var resource NomadSecretBackend err := ctx.RegisterResource("vault:index/nomadSecretBackend:NomadSecretBackend", name, args, &resource, opts...) if err != nil { @@ -340,6 +343,12 @@ func (i *NomadSecretBackend) ToNomadSecretBackendOutputWithContext(ctx context.C return pulumi.ToOutputWithContext(ctx, i).(NomadSecretBackendOutput) } +func (i *NomadSecretBackend) ToOutput(ctx context.Context) pulumix.Output[*NomadSecretBackend] { + return pulumix.Output[*NomadSecretBackend]{ + OutputState: i.ToNomadSecretBackendOutputWithContext(ctx).OutputState, + } +} + // NomadSecretBackendArrayInput is an input type that accepts NomadSecretBackendArray and NomadSecretBackendArrayOutput values. // You can construct a concrete instance of `NomadSecretBackendArrayInput` via: // @@ -365,6 +374,12 @@ func (i NomadSecretBackendArray) ToNomadSecretBackendArrayOutputWithContext(ctx return pulumi.ToOutputWithContext(ctx, i).(NomadSecretBackendArrayOutput) } +func (i NomadSecretBackendArray) ToOutput(ctx context.Context) pulumix.Output[[]*NomadSecretBackend] { + return pulumix.Output[[]*NomadSecretBackend]{ + OutputState: i.ToNomadSecretBackendArrayOutputWithContext(ctx).OutputState, + } +} + // NomadSecretBackendMapInput is an input type that accepts NomadSecretBackendMap and NomadSecretBackendMapOutput values. // You can construct a concrete instance of `NomadSecretBackendMapInput` via: // @@ -390,6 +405,12 @@ func (i NomadSecretBackendMap) ToNomadSecretBackendMapOutputWithContext(ctx cont return pulumi.ToOutputWithContext(ctx, i).(NomadSecretBackendMapOutput) } +func (i NomadSecretBackendMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*NomadSecretBackend] { + return pulumix.Output[map[string]*NomadSecretBackend]{ + OutputState: i.ToNomadSecretBackendMapOutputWithContext(ctx).OutputState, + } +} + type NomadSecretBackendOutput struct{ *pulumi.OutputState } func (NomadSecretBackendOutput) ElementType() reflect.Type { @@ -404,6 +425,12 @@ func (o NomadSecretBackendOutput) ToNomadSecretBackendOutputWithContext(ctx cont return o } +func (o NomadSecretBackendOutput) ToOutput(ctx context.Context) pulumix.Output[*NomadSecretBackend] { + return pulumix.Output[*NomadSecretBackend]{ + OutputState: o.OutputState, + } +} + // Specifies the address of the Nomad instance, provided // as "protocol://host:port" like "http://127.0.0.1:4646". func (o NomadSecretBackendOutput) Address() pulumi.StringPtrOutput { @@ -503,6 +530,12 @@ func (o NomadSecretBackendArrayOutput) ToNomadSecretBackendArrayOutputWithContex return o } +func (o NomadSecretBackendArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*NomadSecretBackend] { + return pulumix.Output[[]*NomadSecretBackend]{ + OutputState: o.OutputState, + } +} + func (o NomadSecretBackendArrayOutput) Index(i pulumi.IntInput) NomadSecretBackendOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *NomadSecretBackend { return vs[0].([]*NomadSecretBackend)[vs[1].(int)] @@ -523,6 +556,12 @@ func (o NomadSecretBackendMapOutput) ToNomadSecretBackendMapOutputWithContext(ct return o } +func (o NomadSecretBackendMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*NomadSecretBackend] { + return pulumix.Output[map[string]*NomadSecretBackend]{ + OutputState: o.OutputState, + } +} + func (o NomadSecretBackendMapOutput) MapIndex(k pulumi.StringInput) NomadSecretBackendOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *NomadSecretBackend { return vs[0].(map[string]*NomadSecretBackend)[vs[1].(string)] diff --git a/sdk/go/vault/nomadSecretRole.go b/sdk/go/vault/nomadSecretRole.go index 0b216373c..09982107c 100644 --- a/sdk/go/vault/nomadSecretRole.go +++ b/sdk/go/vault/nomadSecretRole.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -99,6 +101,7 @@ func NewNomadSecretRole(ctx *pulumi.Context, if args.Role == nil { return nil, errors.New("invalid value for required argument 'Role'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource NomadSecretRole err := ctx.RegisterResource("vault:index/nomadSecretRole:NomadSecretRole", name, args, &resource, opts...) if err != nil { @@ -236,6 +239,12 @@ func (i *NomadSecretRole) ToNomadSecretRoleOutputWithContext(ctx context.Context return pulumi.ToOutputWithContext(ctx, i).(NomadSecretRoleOutput) } +func (i *NomadSecretRole) ToOutput(ctx context.Context) pulumix.Output[*NomadSecretRole] { + return pulumix.Output[*NomadSecretRole]{ + OutputState: i.ToNomadSecretRoleOutputWithContext(ctx).OutputState, + } +} + // NomadSecretRoleArrayInput is an input type that accepts NomadSecretRoleArray and NomadSecretRoleArrayOutput values. // You can construct a concrete instance of `NomadSecretRoleArrayInput` via: // @@ -261,6 +270,12 @@ func (i NomadSecretRoleArray) ToNomadSecretRoleArrayOutputWithContext(ctx contex return pulumi.ToOutputWithContext(ctx, i).(NomadSecretRoleArrayOutput) } +func (i NomadSecretRoleArray) ToOutput(ctx context.Context) pulumix.Output[[]*NomadSecretRole] { + return pulumix.Output[[]*NomadSecretRole]{ + OutputState: i.ToNomadSecretRoleArrayOutputWithContext(ctx).OutputState, + } +} + // NomadSecretRoleMapInput is an input type that accepts NomadSecretRoleMap and NomadSecretRoleMapOutput values. // You can construct a concrete instance of `NomadSecretRoleMapInput` via: // @@ -286,6 +301,12 @@ func (i NomadSecretRoleMap) ToNomadSecretRoleMapOutputWithContext(ctx context.Co return pulumi.ToOutputWithContext(ctx, i).(NomadSecretRoleMapOutput) } +func (i NomadSecretRoleMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*NomadSecretRole] { + return pulumix.Output[map[string]*NomadSecretRole]{ + OutputState: i.ToNomadSecretRoleMapOutputWithContext(ctx).OutputState, + } +} + type NomadSecretRoleOutput struct{ *pulumi.OutputState } func (NomadSecretRoleOutput) ElementType() reflect.Type { @@ -300,6 +321,12 @@ func (o NomadSecretRoleOutput) ToNomadSecretRoleOutputWithContext(ctx context.Co return o } +func (o NomadSecretRoleOutput) ToOutput(ctx context.Context) pulumix.Output[*NomadSecretRole] { + return pulumix.Output[*NomadSecretRole]{ + OutputState: o.OutputState, + } +} + // The unique path this backend should be mounted at. func (o NomadSecretRoleOutput) Backend() pulumi.StringOutput { return o.ApplyT(func(v *NomadSecretRole) pulumi.StringOutput { return v.Backend }).(pulumi.StringOutput) @@ -351,6 +378,12 @@ func (o NomadSecretRoleArrayOutput) ToNomadSecretRoleArrayOutputWithContext(ctx return o } +func (o NomadSecretRoleArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*NomadSecretRole] { + return pulumix.Output[[]*NomadSecretRole]{ + OutputState: o.OutputState, + } +} + func (o NomadSecretRoleArrayOutput) Index(i pulumi.IntInput) NomadSecretRoleOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *NomadSecretRole { return vs[0].([]*NomadSecretRole)[vs[1].(int)] @@ -371,6 +404,12 @@ func (o NomadSecretRoleMapOutput) ToNomadSecretRoleMapOutputWithContext(ctx cont return o } +func (o NomadSecretRoleMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*NomadSecretRole] { + return pulumix.Output[map[string]*NomadSecretRole]{ + OutputState: o.OutputState, + } +} + func (o NomadSecretRoleMapOutput) MapIndex(k pulumi.StringInput) NomadSecretRoleOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *NomadSecretRole { return vs[0].(map[string]*NomadSecretRole)[vs[1].(string)] diff --git a/sdk/go/vault/okta/authBackend.go b/sdk/go/vault/okta/authBackend.go index 88953a7f9..f00c130f7 100644 --- a/sdk/go/vault/okta/authBackend.go +++ b/sdk/go/vault/okta/authBackend.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Provides a resource for managing an @@ -119,12 +121,13 @@ func NewAuthBackend(ctx *pulumi.Context, return nil, errors.New("invalid value for required argument 'Organization'") } if args.Token != nil { - args.Token = pulumi.ToSecret(args.Token).(pulumi.StringPtrOutput) + args.Token = pulumi.ToSecret(args.Token).(pulumi.StringPtrInput) } secrets := pulumi.AdditionalSecretOutputs([]string{ "token", }) opts = append(opts, secrets) + opts = internal.PkgResourceDefaultOpts(opts) var resource AuthBackend err := ctx.RegisterResource("vault:okta/authBackend:AuthBackend", name, args, &resource, opts...) if err != nil { @@ -322,6 +325,12 @@ func (i *AuthBackend) ToAuthBackendOutputWithContext(ctx context.Context) AuthBa return pulumi.ToOutputWithContext(ctx, i).(AuthBackendOutput) } +func (i *AuthBackend) ToOutput(ctx context.Context) pulumix.Output[*AuthBackend] { + return pulumix.Output[*AuthBackend]{ + OutputState: i.ToAuthBackendOutputWithContext(ctx).OutputState, + } +} + // AuthBackendArrayInput is an input type that accepts AuthBackendArray and AuthBackendArrayOutput values. // You can construct a concrete instance of `AuthBackendArrayInput` via: // @@ -347,6 +356,12 @@ func (i AuthBackendArray) ToAuthBackendArrayOutputWithContext(ctx context.Contex return pulumi.ToOutputWithContext(ctx, i).(AuthBackendArrayOutput) } +func (i AuthBackendArray) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackend] { + return pulumix.Output[[]*AuthBackend]{ + OutputState: i.ToAuthBackendArrayOutputWithContext(ctx).OutputState, + } +} + // AuthBackendMapInput is an input type that accepts AuthBackendMap and AuthBackendMapOutput values. // You can construct a concrete instance of `AuthBackendMapInput` via: // @@ -372,6 +387,12 @@ func (i AuthBackendMap) ToAuthBackendMapOutputWithContext(ctx context.Context) A return pulumi.ToOutputWithContext(ctx, i).(AuthBackendMapOutput) } +func (i AuthBackendMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackend] { + return pulumix.Output[map[string]*AuthBackend]{ + OutputState: i.ToAuthBackendMapOutputWithContext(ctx).OutputState, + } +} + type AuthBackendOutput struct{ *pulumi.OutputState } func (AuthBackendOutput) ElementType() reflect.Type { @@ -386,6 +407,12 @@ func (o AuthBackendOutput) ToAuthBackendOutputWithContext(ctx context.Context) A return o } +func (o AuthBackendOutput) ToOutput(ctx context.Context) pulumix.Output[*AuthBackend] { + return pulumix.Output[*AuthBackend]{ + OutputState: o.OutputState, + } +} + // The mount accessor related to the auth mount. It is useful for integration with [Identity Secrets Engine](https://www.vaultproject.io/docs/secrets/identity/index.html). func (o AuthBackendOutput) Accessor() pulumi.StringOutput { return o.ApplyT(func(v *AuthBackend) pulumi.StringOutput { return v.Accessor }).(pulumi.StringOutput) @@ -474,6 +501,12 @@ func (o AuthBackendArrayOutput) ToAuthBackendArrayOutputWithContext(ctx context. return o } +func (o AuthBackendArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackend] { + return pulumix.Output[[]*AuthBackend]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendArrayOutput) Index(i pulumi.IntInput) AuthBackendOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AuthBackend { return vs[0].([]*AuthBackend)[vs[1].(int)] @@ -494,6 +527,12 @@ func (o AuthBackendMapOutput) ToAuthBackendMapOutputWithContext(ctx context.Cont return o } +func (o AuthBackendMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackend] { + return pulumix.Output[map[string]*AuthBackend]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendMapOutput) MapIndex(k pulumi.StringInput) AuthBackendOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AuthBackend { return vs[0].(map[string]*AuthBackend)[vs[1].(string)] diff --git a/sdk/go/vault/okta/authBackendGroup.go b/sdk/go/vault/okta/authBackendGroup.go index 66833147c..dd9f84325 100644 --- a/sdk/go/vault/okta/authBackendGroup.go +++ b/sdk/go/vault/okta/authBackendGroup.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Provides a resource to create a group in an @@ -90,6 +92,7 @@ func NewAuthBackendGroup(ctx *pulumi.Context, if args.Path == nil { return nil, errors.New("invalid value for required argument 'Path'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource AuthBackendGroup err := ctx.RegisterResource("vault:okta/authBackendGroup:AuthBackendGroup", name, args, &resource, opts...) if err != nil { @@ -195,6 +198,12 @@ func (i *AuthBackendGroup) ToAuthBackendGroupOutputWithContext(ctx context.Conte return pulumi.ToOutputWithContext(ctx, i).(AuthBackendGroupOutput) } +func (i *AuthBackendGroup) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendGroup] { + return pulumix.Output[*AuthBackendGroup]{ + OutputState: i.ToAuthBackendGroupOutputWithContext(ctx).OutputState, + } +} + // AuthBackendGroupArrayInput is an input type that accepts AuthBackendGroupArray and AuthBackendGroupArrayOutput values. // You can construct a concrete instance of `AuthBackendGroupArrayInput` via: // @@ -220,6 +229,12 @@ func (i AuthBackendGroupArray) ToAuthBackendGroupArrayOutputWithContext(ctx cont return pulumi.ToOutputWithContext(ctx, i).(AuthBackendGroupArrayOutput) } +func (i AuthBackendGroupArray) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendGroup] { + return pulumix.Output[[]*AuthBackendGroup]{ + OutputState: i.ToAuthBackendGroupArrayOutputWithContext(ctx).OutputState, + } +} + // AuthBackendGroupMapInput is an input type that accepts AuthBackendGroupMap and AuthBackendGroupMapOutput values. // You can construct a concrete instance of `AuthBackendGroupMapInput` via: // @@ -245,6 +260,12 @@ func (i AuthBackendGroupMap) ToAuthBackendGroupMapOutputWithContext(ctx context. return pulumi.ToOutputWithContext(ctx, i).(AuthBackendGroupMapOutput) } +func (i AuthBackendGroupMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendGroup] { + return pulumix.Output[map[string]*AuthBackendGroup]{ + OutputState: i.ToAuthBackendGroupMapOutputWithContext(ctx).OutputState, + } +} + type AuthBackendGroupOutput struct{ *pulumi.OutputState } func (AuthBackendGroupOutput) ElementType() reflect.Type { @@ -259,6 +280,12 @@ func (o AuthBackendGroupOutput) ToAuthBackendGroupOutputWithContext(ctx context. return o } +func (o AuthBackendGroupOutput) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendGroup] { + return pulumix.Output[*AuthBackendGroup]{ + OutputState: o.OutputState, + } +} + // Name of the group within the Okta func (o AuthBackendGroupOutput) GroupName() pulumi.StringOutput { return o.ApplyT(func(v *AuthBackendGroup) pulumi.StringOutput { return v.GroupName }).(pulumi.StringOutput) @@ -296,6 +323,12 @@ func (o AuthBackendGroupArrayOutput) ToAuthBackendGroupArrayOutputWithContext(ct return o } +func (o AuthBackendGroupArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendGroup] { + return pulumix.Output[[]*AuthBackendGroup]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendGroupArrayOutput) Index(i pulumi.IntInput) AuthBackendGroupOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AuthBackendGroup { return vs[0].([]*AuthBackendGroup)[vs[1].(int)] @@ -316,6 +349,12 @@ func (o AuthBackendGroupMapOutput) ToAuthBackendGroupMapOutputWithContext(ctx co return o } +func (o AuthBackendGroupMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendGroup] { + return pulumix.Output[map[string]*AuthBackendGroup]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendGroupMapOutput) MapIndex(k pulumi.StringInput) AuthBackendGroupOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AuthBackendGroup { return vs[0].(map[string]*AuthBackendGroup)[vs[1].(string)] diff --git a/sdk/go/vault/okta/authBackendUser.go b/sdk/go/vault/okta/authBackendUser.go index ff6b545cb..c3ad5ab2b 100644 --- a/sdk/go/vault/okta/authBackendUser.go +++ b/sdk/go/vault/okta/authBackendUser.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Provides a resource to create a user in an @@ -92,6 +94,7 @@ func NewAuthBackendUser(ctx *pulumi.Context, if args.Username == nil { return nil, errors.New("invalid value for required argument 'Username'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource AuthBackendUser err := ctx.RegisterResource("vault:okta/authBackendUser:AuthBackendUser", name, args, &resource, opts...) if err != nil { @@ -205,6 +208,12 @@ func (i *AuthBackendUser) ToAuthBackendUserOutputWithContext(ctx context.Context return pulumi.ToOutputWithContext(ctx, i).(AuthBackendUserOutput) } +func (i *AuthBackendUser) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendUser] { + return pulumix.Output[*AuthBackendUser]{ + OutputState: i.ToAuthBackendUserOutputWithContext(ctx).OutputState, + } +} + // AuthBackendUserArrayInput is an input type that accepts AuthBackendUserArray and AuthBackendUserArrayOutput values. // You can construct a concrete instance of `AuthBackendUserArrayInput` via: // @@ -230,6 +239,12 @@ func (i AuthBackendUserArray) ToAuthBackendUserArrayOutputWithContext(ctx contex return pulumi.ToOutputWithContext(ctx, i).(AuthBackendUserArrayOutput) } +func (i AuthBackendUserArray) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendUser] { + return pulumix.Output[[]*AuthBackendUser]{ + OutputState: i.ToAuthBackendUserArrayOutputWithContext(ctx).OutputState, + } +} + // AuthBackendUserMapInput is an input type that accepts AuthBackendUserMap and AuthBackendUserMapOutput values. // You can construct a concrete instance of `AuthBackendUserMapInput` via: // @@ -255,6 +270,12 @@ func (i AuthBackendUserMap) ToAuthBackendUserMapOutputWithContext(ctx context.Co return pulumi.ToOutputWithContext(ctx, i).(AuthBackendUserMapOutput) } +func (i AuthBackendUserMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendUser] { + return pulumix.Output[map[string]*AuthBackendUser]{ + OutputState: i.ToAuthBackendUserMapOutputWithContext(ctx).OutputState, + } +} + type AuthBackendUserOutput struct{ *pulumi.OutputState } func (AuthBackendUserOutput) ElementType() reflect.Type { @@ -269,6 +290,12 @@ func (o AuthBackendUserOutput) ToAuthBackendUserOutputWithContext(ctx context.Co return o } +func (o AuthBackendUserOutput) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendUser] { + return pulumix.Output[*AuthBackendUser]{ + OutputState: o.OutputState, + } +} + // List of Okta groups to associate with this user func (o AuthBackendUserOutput) Groups() pulumi.StringArrayOutput { return o.ApplyT(func(v *AuthBackendUser) pulumi.StringArrayOutput { return v.Groups }).(pulumi.StringArrayOutput) @@ -311,6 +338,12 @@ func (o AuthBackendUserArrayOutput) ToAuthBackendUserArrayOutputWithContext(ctx return o } +func (o AuthBackendUserArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendUser] { + return pulumix.Output[[]*AuthBackendUser]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendUserArrayOutput) Index(i pulumi.IntInput) AuthBackendUserOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AuthBackendUser { return vs[0].([]*AuthBackendUser)[vs[1].(int)] @@ -331,6 +364,12 @@ func (o AuthBackendUserMapOutput) ToAuthBackendUserMapOutputWithContext(ctx cont return o } +func (o AuthBackendUserMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendUser] { + return pulumix.Output[map[string]*AuthBackendUser]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendUserMapOutput) MapIndex(k pulumi.StringInput) AuthBackendUserOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AuthBackendUser { return vs[0].(map[string]*AuthBackendUser)[vs[1].(string)] diff --git a/sdk/go/vault/okta/init.go b/sdk/go/vault/okta/init.go index 5adb1bfb5..64fa6de41 100644 --- a/sdk/go/vault/okta/init.go +++ b/sdk/go/vault/okta/init.go @@ -7,7 +7,7 @@ import ( "fmt" "github.com/blang/semver" - "github.com/pulumi/pulumi-vault/sdk/v5/go/vault" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) @@ -36,7 +36,7 @@ func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi } func init() { - version, err := vault.PkgVersion() + version, err := internal.PkgVersion() if err != nil { version = semver.Version{Major: 1} } diff --git a/sdk/go/vault/okta/pulumiTypes.go b/sdk/go/vault/okta/pulumiTypes.go index 09185e3c9..4ca881075 100644 --- a/sdk/go/vault/okta/pulumiTypes.go +++ b/sdk/go/vault/okta/pulumiTypes.go @@ -7,13 +7,17 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) +var _ = internal.GetEnvOrDefault + type AuthBackendGroupType struct { // Name of the group within the Okta GroupName string `pulumi:"groupName"` - // List of Vault policies to associate with this user + // Vault policies to associate with this group Policies []string `pulumi:"policies"` } @@ -31,7 +35,7 @@ type AuthBackendGroupTypeInput interface { type AuthBackendGroupTypeArgs struct { // Name of the group within the Okta GroupName pulumi.StringInput `pulumi:"groupName"` - // List of Vault policies to associate with this user + // Vault policies to associate with this group Policies pulumi.StringArrayInput `pulumi:"policies"` } @@ -47,6 +51,12 @@ func (i AuthBackendGroupTypeArgs) ToAuthBackendGroupTypeOutputWithContext(ctx co return pulumi.ToOutputWithContext(ctx, i).(AuthBackendGroupTypeOutput) } +func (i AuthBackendGroupTypeArgs) ToOutput(ctx context.Context) pulumix.Output[AuthBackendGroupType] { + return pulumix.Output[AuthBackendGroupType]{ + OutputState: i.ToAuthBackendGroupTypeOutputWithContext(ctx).OutputState, + } +} + // AuthBackendGroupTypeArrayInput is an input type that accepts AuthBackendGroupTypeArray and AuthBackendGroupTypeArrayOutput values. // You can construct a concrete instance of `AuthBackendGroupTypeArrayInput` via: // @@ -72,6 +82,12 @@ func (i AuthBackendGroupTypeArray) ToAuthBackendGroupTypeArrayOutputWithContext( return pulumi.ToOutputWithContext(ctx, i).(AuthBackendGroupTypeArrayOutput) } +func (i AuthBackendGroupTypeArray) ToOutput(ctx context.Context) pulumix.Output[[]AuthBackendGroupType] { + return pulumix.Output[[]AuthBackendGroupType]{ + OutputState: i.ToAuthBackendGroupTypeArrayOutputWithContext(ctx).OutputState, + } +} + type AuthBackendGroupTypeOutput struct{ *pulumi.OutputState } func (AuthBackendGroupTypeOutput) ElementType() reflect.Type { @@ -86,12 +102,18 @@ func (o AuthBackendGroupTypeOutput) ToAuthBackendGroupTypeOutputWithContext(ctx return o } +func (o AuthBackendGroupTypeOutput) ToOutput(ctx context.Context) pulumix.Output[AuthBackendGroupType] { + return pulumix.Output[AuthBackendGroupType]{ + OutputState: o.OutputState, + } +} + // Name of the group within the Okta func (o AuthBackendGroupTypeOutput) GroupName() pulumi.StringOutput { return o.ApplyT(func(v AuthBackendGroupType) string { return v.GroupName }).(pulumi.StringOutput) } -// List of Vault policies to associate with this user +// Vault policies to associate with this group func (o AuthBackendGroupTypeOutput) Policies() pulumi.StringArrayOutput { return o.ApplyT(func(v AuthBackendGroupType) []string { return v.Policies }).(pulumi.StringArrayOutput) } @@ -110,6 +132,12 @@ func (o AuthBackendGroupTypeArrayOutput) ToAuthBackendGroupTypeArrayOutputWithCo return o } +func (o AuthBackendGroupTypeArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]AuthBackendGroupType] { + return pulumix.Output[[]AuthBackendGroupType]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendGroupTypeArrayOutput) Index(i pulumi.IntInput) AuthBackendGroupTypeOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) AuthBackendGroupType { return vs[0].([]AuthBackendGroupType)[vs[1].(int)] @@ -119,7 +147,7 @@ func (o AuthBackendGroupTypeArrayOutput) Index(i pulumi.IntInput) AuthBackendGro type AuthBackendUserType struct { // List of Okta groups to associate with this user Groups []string `pulumi:"groups"` - // List of Vault policies to associate with this user + // Vault policies to associate with this group Policies []string `pulumi:"policies"` // Name of the user within Okta Username string `pulumi:"username"` @@ -139,7 +167,7 @@ type AuthBackendUserTypeInput interface { type AuthBackendUserTypeArgs struct { // List of Okta groups to associate with this user Groups pulumi.StringArrayInput `pulumi:"groups"` - // List of Vault policies to associate with this user + // Vault policies to associate with this group Policies pulumi.StringArrayInput `pulumi:"policies"` // Name of the user within Okta Username pulumi.StringInput `pulumi:"username"` @@ -157,6 +185,12 @@ func (i AuthBackendUserTypeArgs) ToAuthBackendUserTypeOutputWithContext(ctx cont return pulumi.ToOutputWithContext(ctx, i).(AuthBackendUserTypeOutput) } +func (i AuthBackendUserTypeArgs) ToOutput(ctx context.Context) pulumix.Output[AuthBackendUserType] { + return pulumix.Output[AuthBackendUserType]{ + OutputState: i.ToAuthBackendUserTypeOutputWithContext(ctx).OutputState, + } +} + // AuthBackendUserTypeArrayInput is an input type that accepts AuthBackendUserTypeArray and AuthBackendUserTypeArrayOutput values. // You can construct a concrete instance of `AuthBackendUserTypeArrayInput` via: // @@ -182,6 +216,12 @@ func (i AuthBackendUserTypeArray) ToAuthBackendUserTypeArrayOutputWithContext(ct return pulumi.ToOutputWithContext(ctx, i).(AuthBackendUserTypeArrayOutput) } +func (i AuthBackendUserTypeArray) ToOutput(ctx context.Context) pulumix.Output[[]AuthBackendUserType] { + return pulumix.Output[[]AuthBackendUserType]{ + OutputState: i.ToAuthBackendUserTypeArrayOutputWithContext(ctx).OutputState, + } +} + type AuthBackendUserTypeOutput struct{ *pulumi.OutputState } func (AuthBackendUserTypeOutput) ElementType() reflect.Type { @@ -196,12 +236,18 @@ func (o AuthBackendUserTypeOutput) ToAuthBackendUserTypeOutputWithContext(ctx co return o } +func (o AuthBackendUserTypeOutput) ToOutput(ctx context.Context) pulumix.Output[AuthBackendUserType] { + return pulumix.Output[AuthBackendUserType]{ + OutputState: o.OutputState, + } +} + // List of Okta groups to associate with this user func (o AuthBackendUserTypeOutput) Groups() pulumi.StringArrayOutput { return o.ApplyT(func(v AuthBackendUserType) []string { return v.Groups }).(pulumi.StringArrayOutput) } -// List of Vault policies to associate with this user +// Vault policies to associate with this group func (o AuthBackendUserTypeOutput) Policies() pulumi.StringArrayOutput { return o.ApplyT(func(v AuthBackendUserType) []string { return v.Policies }).(pulumi.StringArrayOutput) } @@ -225,6 +271,12 @@ func (o AuthBackendUserTypeArrayOutput) ToAuthBackendUserTypeArrayOutputWithCont return o } +func (o AuthBackendUserTypeArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]AuthBackendUserType] { + return pulumix.Output[[]AuthBackendUserType]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendUserTypeArrayOutput) Index(i pulumi.IntInput) AuthBackendUserTypeOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) AuthBackendUserType { return vs[0].([]AuthBackendUserType)[vs[1].(int)] diff --git a/sdk/go/vault/passwordPolicy.go b/sdk/go/vault/passwordPolicy.go index 98afbfc38..b6798343d 100644 --- a/sdk/go/vault/passwordPolicy.go +++ b/sdk/go/vault/passwordPolicy.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Provides a resource to manage Password Policies @@ -30,7 +32,13 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // _, err := vault.NewPasswordPolicy(ctx, "alphanumeric", &vault.PasswordPolicyArgs{ -// Policy: pulumi.String(" length = 20\n rule \"charset\" {\n charset = \"abcdefghijklmnopqrstuvwxyz0123456789\"\n }\n \n"), +// Policy: pulumi.String(` length = 20 +// rule "charset" { +// charset = "abcdefghijklmnopqrstuvwxyz0123456789" +// } +// +// `), +// // }) // if err != nil { // return err @@ -74,6 +82,7 @@ func NewPasswordPolicy(ctx *pulumi.Context, if args.Policy == nil { return nil, errors.New("invalid value for required argument 'Policy'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource PasswordPolicy err := ctx.RegisterResource("vault:index/passwordPolicy:PasswordPolicy", name, args, &resource, opts...) if err != nil { @@ -171,6 +180,12 @@ func (i *PasswordPolicy) ToPasswordPolicyOutputWithContext(ctx context.Context) return pulumi.ToOutputWithContext(ctx, i).(PasswordPolicyOutput) } +func (i *PasswordPolicy) ToOutput(ctx context.Context) pulumix.Output[*PasswordPolicy] { + return pulumix.Output[*PasswordPolicy]{ + OutputState: i.ToPasswordPolicyOutputWithContext(ctx).OutputState, + } +} + // PasswordPolicyArrayInput is an input type that accepts PasswordPolicyArray and PasswordPolicyArrayOutput values. // You can construct a concrete instance of `PasswordPolicyArrayInput` via: // @@ -196,6 +211,12 @@ func (i PasswordPolicyArray) ToPasswordPolicyArrayOutputWithContext(ctx context. return pulumi.ToOutputWithContext(ctx, i).(PasswordPolicyArrayOutput) } +func (i PasswordPolicyArray) ToOutput(ctx context.Context) pulumix.Output[[]*PasswordPolicy] { + return pulumix.Output[[]*PasswordPolicy]{ + OutputState: i.ToPasswordPolicyArrayOutputWithContext(ctx).OutputState, + } +} + // PasswordPolicyMapInput is an input type that accepts PasswordPolicyMap and PasswordPolicyMapOutput values. // You can construct a concrete instance of `PasswordPolicyMapInput` via: // @@ -221,6 +242,12 @@ func (i PasswordPolicyMap) ToPasswordPolicyMapOutputWithContext(ctx context.Cont return pulumi.ToOutputWithContext(ctx, i).(PasswordPolicyMapOutput) } +func (i PasswordPolicyMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*PasswordPolicy] { + return pulumix.Output[map[string]*PasswordPolicy]{ + OutputState: i.ToPasswordPolicyMapOutputWithContext(ctx).OutputState, + } +} + type PasswordPolicyOutput struct{ *pulumi.OutputState } func (PasswordPolicyOutput) ElementType() reflect.Type { @@ -235,6 +262,12 @@ func (o PasswordPolicyOutput) ToPasswordPolicyOutputWithContext(ctx context.Cont return o } +func (o PasswordPolicyOutput) ToOutput(ctx context.Context) pulumix.Output[*PasswordPolicy] { + return pulumix.Output[*PasswordPolicy]{ + OutputState: o.OutputState, + } +} + // The name of the password policy. func (o PasswordPolicyOutput) Name() pulumi.StringOutput { return o.ApplyT(func(v *PasswordPolicy) pulumi.StringOutput { return v.Name }).(pulumi.StringOutput) @@ -267,6 +300,12 @@ func (o PasswordPolicyArrayOutput) ToPasswordPolicyArrayOutputWithContext(ctx co return o } +func (o PasswordPolicyArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*PasswordPolicy] { + return pulumix.Output[[]*PasswordPolicy]{ + OutputState: o.OutputState, + } +} + func (o PasswordPolicyArrayOutput) Index(i pulumi.IntInput) PasswordPolicyOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *PasswordPolicy { return vs[0].([]*PasswordPolicy)[vs[1].(int)] @@ -287,6 +326,12 @@ func (o PasswordPolicyMapOutput) ToPasswordPolicyMapOutputWithContext(ctx contex return o } +func (o PasswordPolicyMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*PasswordPolicy] { + return pulumix.Output[map[string]*PasswordPolicy]{ + OutputState: o.OutputState, + } +} + func (o PasswordPolicyMapOutput) MapIndex(k pulumi.StringInput) PasswordPolicyOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *PasswordPolicy { return vs[0].(map[string]*PasswordPolicy)[vs[1].(string)] diff --git a/sdk/go/vault/pkisecret/getBackendIssuer.go b/sdk/go/vault/pkisecret/getBackendIssuer.go new file mode 100644 index 000000000..d979d4cf8 --- /dev/null +++ b/sdk/go/vault/pkisecret/getBackendIssuer.go @@ -0,0 +1,177 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package pkisecret + +import ( + "context" + "reflect" + + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" +) + +func GetBackendIssuer(ctx *pulumi.Context, args *GetBackendIssuerArgs, opts ...pulumi.InvokeOption) (*GetBackendIssuerResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) + var rv GetBackendIssuerResult + err := ctx.Invoke("vault:pkiSecret/getBackendIssuer:getBackendIssuer", args, &rv, opts...) + if err != nil { + return nil, err + } + return &rv, nil +} + +// A collection of arguments for invoking getBackendIssuer. +type GetBackendIssuerArgs struct { + // The path to the PKI secret backend to + // read the issuer from, with no leading or trailing `/`s. + Backend string `pulumi:"backend"` + // Reference to an existing issuer. + IssuerRef string `pulumi:"issuerRef"` + // The namespace of the target resource. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace *string `pulumi:"namespace"` +} + +// A collection of values returned by getBackendIssuer. +type GetBackendIssuerResult struct { + Backend string `pulumi:"backend"` + // The CA chain as a list of format specific certificates. + CaChains []string `pulumi:"caChains"` + // Certificate associated with this issuer. + Certificate string `pulumi:"certificate"` + // The provider-assigned unique ID for this managed resource. + Id string `pulumi:"id"` + // ID of the issuer. + IssuerId string `pulumi:"issuerId"` + // Name of the issuer. + IssuerName string `pulumi:"issuerName"` + IssuerRef string `pulumi:"issuerRef"` + // ID of the key used by the issuer. + KeyId string `pulumi:"keyId"` + // Behavior of a leaf's NotAfter field during issuance. + LeafNotAfterBehavior string `pulumi:"leafNotAfterBehavior"` + // Chain of issuer references to build this issuer's computed + // CAChain field from, when non-empty. + ManualChains []string `pulumi:"manualChains"` + Namespace *string `pulumi:"namespace"` + // Allowed usages for this issuer. + Usage string `pulumi:"usage"` +} + +func GetBackendIssuerOutput(ctx *pulumi.Context, args GetBackendIssuerOutputArgs, opts ...pulumi.InvokeOption) GetBackendIssuerResultOutput { + return pulumi.ToOutputWithContext(context.Background(), args). + ApplyT(func(v interface{}) (GetBackendIssuerResult, error) { + args := v.(GetBackendIssuerArgs) + r, err := GetBackendIssuer(ctx, &args, opts...) + var s GetBackendIssuerResult + if r != nil { + s = *r + } + return s, err + }).(GetBackendIssuerResultOutput) +} + +// A collection of arguments for invoking getBackendIssuer. +type GetBackendIssuerOutputArgs struct { + // The path to the PKI secret backend to + // read the issuer from, with no leading or trailing `/`s. + Backend pulumi.StringInput `pulumi:"backend"` + // Reference to an existing issuer. + IssuerRef pulumi.StringInput `pulumi:"issuerRef"` + // The namespace of the target resource. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace pulumi.StringPtrInput `pulumi:"namespace"` +} + +func (GetBackendIssuerOutputArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetBackendIssuerArgs)(nil)).Elem() +} + +// A collection of values returned by getBackendIssuer. +type GetBackendIssuerResultOutput struct{ *pulumi.OutputState } + +func (GetBackendIssuerResultOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetBackendIssuerResult)(nil)).Elem() +} + +func (o GetBackendIssuerResultOutput) ToGetBackendIssuerResultOutput() GetBackendIssuerResultOutput { + return o +} + +func (o GetBackendIssuerResultOutput) ToGetBackendIssuerResultOutputWithContext(ctx context.Context) GetBackendIssuerResultOutput { + return o +} + +func (o GetBackendIssuerResultOutput) ToOutput(ctx context.Context) pulumix.Output[GetBackendIssuerResult] { + return pulumix.Output[GetBackendIssuerResult]{ + OutputState: o.OutputState, + } +} + +func (o GetBackendIssuerResultOutput) Backend() pulumi.StringOutput { + return o.ApplyT(func(v GetBackendIssuerResult) string { return v.Backend }).(pulumi.StringOutput) +} + +// The CA chain as a list of format specific certificates. +func (o GetBackendIssuerResultOutput) CaChains() pulumi.StringArrayOutput { + return o.ApplyT(func(v GetBackendIssuerResult) []string { return v.CaChains }).(pulumi.StringArrayOutput) +} + +// Certificate associated with this issuer. +func (o GetBackendIssuerResultOutput) Certificate() pulumi.StringOutput { + return o.ApplyT(func(v GetBackendIssuerResult) string { return v.Certificate }).(pulumi.StringOutput) +} + +// The provider-assigned unique ID for this managed resource. +func (o GetBackendIssuerResultOutput) Id() pulumi.StringOutput { + return o.ApplyT(func(v GetBackendIssuerResult) string { return v.Id }).(pulumi.StringOutput) +} + +// ID of the issuer. +func (o GetBackendIssuerResultOutput) IssuerId() pulumi.StringOutput { + return o.ApplyT(func(v GetBackendIssuerResult) string { return v.IssuerId }).(pulumi.StringOutput) +} + +// Name of the issuer. +func (o GetBackendIssuerResultOutput) IssuerName() pulumi.StringOutput { + return o.ApplyT(func(v GetBackendIssuerResult) string { return v.IssuerName }).(pulumi.StringOutput) +} + +func (o GetBackendIssuerResultOutput) IssuerRef() pulumi.StringOutput { + return o.ApplyT(func(v GetBackendIssuerResult) string { return v.IssuerRef }).(pulumi.StringOutput) +} + +// ID of the key used by the issuer. +func (o GetBackendIssuerResultOutput) KeyId() pulumi.StringOutput { + return o.ApplyT(func(v GetBackendIssuerResult) string { return v.KeyId }).(pulumi.StringOutput) +} + +// Behavior of a leaf's NotAfter field during issuance. +func (o GetBackendIssuerResultOutput) LeafNotAfterBehavior() pulumi.StringOutput { + return o.ApplyT(func(v GetBackendIssuerResult) string { return v.LeafNotAfterBehavior }).(pulumi.StringOutput) +} + +// Chain of issuer references to build this issuer's computed +// CAChain field from, when non-empty. +func (o GetBackendIssuerResultOutput) ManualChains() pulumi.StringArrayOutput { + return o.ApplyT(func(v GetBackendIssuerResult) []string { return v.ManualChains }).(pulumi.StringArrayOutput) +} + +func (o GetBackendIssuerResultOutput) Namespace() pulumi.StringPtrOutput { + return o.ApplyT(func(v GetBackendIssuerResult) *string { return v.Namespace }).(pulumi.StringPtrOutput) +} + +// Allowed usages for this issuer. +func (o GetBackendIssuerResultOutput) Usage() pulumi.StringOutput { + return o.ApplyT(func(v GetBackendIssuerResult) string { return v.Usage }).(pulumi.StringOutput) +} + +func init() { + pulumi.RegisterOutputType(GetBackendIssuerResultOutput{}) +} diff --git a/sdk/go/vault/pkisecret/getBackendIssuers.go b/sdk/go/vault/pkisecret/getBackendIssuers.go new file mode 100644 index 000000000..f9f0d9c2e --- /dev/null +++ b/sdk/go/vault/pkisecret/getBackendIssuers.go @@ -0,0 +1,172 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package pkisecret + +import ( + "context" + "reflect" + + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" +) + +// ## Example Usage +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-vault/sdk/v5/go/vault" +// "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/pkiSecret" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// pki, err := vault.NewMount(ctx, "pki", &vault.MountArgs{ +// Path: pulumi.String("pki"), +// Type: pulumi.String("pki"), +// Description: pulumi.String("PKI secret engine mount"), +// }) +// if err != nil { +// return err +// } +// root, err := pkiSecret.NewSecretBackendRootCert(ctx, "root", &pkiSecret.SecretBackendRootCertArgs{ +// Backend: pki.Path, +// Type: pulumi.String("internal"), +// CommonName: pulumi.String("example"), +// Ttl: pulumi.String("86400"), +// IssuerName: pulumi.String("example"), +// }) +// if err != nil { +// return err +// } +// _ = pkiSecret.GetBackendIssuersOutput(ctx, pkisecret.GetBackendIssuersOutputArgs{ +// Backend: root.Backend, +// }, nil) +// return nil +// }) +// } +// +// ``` +func GetBackendIssuers(ctx *pulumi.Context, args *GetBackendIssuersArgs, opts ...pulumi.InvokeOption) (*GetBackendIssuersResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) + var rv GetBackendIssuersResult + err := ctx.Invoke("vault:pkiSecret/getBackendIssuers:getBackendIssuers", args, &rv, opts...) + if err != nil { + return nil, err + } + return &rv, nil +} + +// A collection of arguments for invoking getBackendIssuers. +type GetBackendIssuersArgs struct { + // The path to the PKI secret backend to + // read the issuers from, with no leading or trailing `/`s. + Backend string `pulumi:"backend"` + // The namespace of the target resource. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace *string `pulumi:"namespace"` +} + +// A collection of values returned by getBackendIssuers. +type GetBackendIssuersResult struct { + Backend string `pulumi:"backend"` + // The provider-assigned unique ID for this managed resource. + Id string `pulumi:"id"` + // Map of issuer strings read from Vault. + KeyInfo map[string]interface{} `pulumi:"keyInfo"` + // JSON-encoded issuer data read from Vault. + KeyInfoJson string `pulumi:"keyInfoJson"` + // Keys used by issuers under the backend path. + Keys []string `pulumi:"keys"` + Namespace *string `pulumi:"namespace"` +} + +func GetBackendIssuersOutput(ctx *pulumi.Context, args GetBackendIssuersOutputArgs, opts ...pulumi.InvokeOption) GetBackendIssuersResultOutput { + return pulumi.ToOutputWithContext(context.Background(), args). + ApplyT(func(v interface{}) (GetBackendIssuersResult, error) { + args := v.(GetBackendIssuersArgs) + r, err := GetBackendIssuers(ctx, &args, opts...) + var s GetBackendIssuersResult + if r != nil { + s = *r + } + return s, err + }).(GetBackendIssuersResultOutput) +} + +// A collection of arguments for invoking getBackendIssuers. +type GetBackendIssuersOutputArgs struct { + // The path to the PKI secret backend to + // read the issuers from, with no leading or trailing `/`s. + Backend pulumi.StringInput `pulumi:"backend"` + // The namespace of the target resource. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace pulumi.StringPtrInput `pulumi:"namespace"` +} + +func (GetBackendIssuersOutputArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetBackendIssuersArgs)(nil)).Elem() +} + +// A collection of values returned by getBackendIssuers. +type GetBackendIssuersResultOutput struct{ *pulumi.OutputState } + +func (GetBackendIssuersResultOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetBackendIssuersResult)(nil)).Elem() +} + +func (o GetBackendIssuersResultOutput) ToGetBackendIssuersResultOutput() GetBackendIssuersResultOutput { + return o +} + +func (o GetBackendIssuersResultOutput) ToGetBackendIssuersResultOutputWithContext(ctx context.Context) GetBackendIssuersResultOutput { + return o +} + +func (o GetBackendIssuersResultOutput) ToOutput(ctx context.Context) pulumix.Output[GetBackendIssuersResult] { + return pulumix.Output[GetBackendIssuersResult]{ + OutputState: o.OutputState, + } +} + +func (o GetBackendIssuersResultOutput) Backend() pulumi.StringOutput { + return o.ApplyT(func(v GetBackendIssuersResult) string { return v.Backend }).(pulumi.StringOutput) +} + +// The provider-assigned unique ID for this managed resource. +func (o GetBackendIssuersResultOutput) Id() pulumi.StringOutput { + return o.ApplyT(func(v GetBackendIssuersResult) string { return v.Id }).(pulumi.StringOutput) +} + +// Map of issuer strings read from Vault. +func (o GetBackendIssuersResultOutput) KeyInfo() pulumi.MapOutput { + return o.ApplyT(func(v GetBackendIssuersResult) map[string]interface{} { return v.KeyInfo }).(pulumi.MapOutput) +} + +// JSON-encoded issuer data read from Vault. +func (o GetBackendIssuersResultOutput) KeyInfoJson() pulumi.StringOutput { + return o.ApplyT(func(v GetBackendIssuersResult) string { return v.KeyInfoJson }).(pulumi.StringOutput) +} + +// Keys used by issuers under the backend path. +func (o GetBackendIssuersResultOutput) Keys() pulumi.StringArrayOutput { + return o.ApplyT(func(v GetBackendIssuersResult) []string { return v.Keys }).(pulumi.StringArrayOutput) +} + +func (o GetBackendIssuersResultOutput) Namespace() pulumi.StringPtrOutput { + return o.ApplyT(func(v GetBackendIssuersResult) *string { return v.Namespace }).(pulumi.StringPtrOutput) +} + +func init() { + pulumi.RegisterOutputType(GetBackendIssuersResultOutput{}) +} diff --git a/sdk/go/vault/pkisecret/getBackendKey.go b/sdk/go/vault/pkisecret/getBackendKey.go new file mode 100644 index 000000000..8e526338c --- /dev/null +++ b/sdk/go/vault/pkisecret/getBackendKey.go @@ -0,0 +1,184 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package pkisecret + +import ( + "context" + "reflect" + + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" +) + +// ## Example Usage +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-vault/sdk/v5/go/vault" +// "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/pkiSecret" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// pki, err := vault.NewMount(ctx, "pki", &vault.MountArgs{ +// Path: pulumi.String("pki"), +// Type: pulumi.String("pki"), +// Description: pulumi.String("PKI secret engine mount"), +// }) +// if err != nil { +// return err +// } +// key, err := pkiSecret.NewSecretBackendKey(ctx, "key", &pkiSecret.SecretBackendKeyArgs{ +// Backend: pki.Path, +// Type: pulumi.String("internal"), +// KeyName: pulumi.String("example"), +// KeyType: pulumi.String("rsa"), +// KeyBits: pulumi.Int(4096), +// }) +// if err != nil { +// return err +// } +// _ = key.KeyId.ApplyT(func(keyId string) (pkisecret.GetBackendKeyResult, error) { +// return pkiSecret.GetBackendKeyOutput(ctx, pkisecret.GetBackendKeyOutputArgs{ +// Backend: vault_mount.Key.Path, +// KeyRef: keyId, +// }, nil), nil +// }).(pkisecret.GetBackendKeyResultOutput) +// return nil +// }) +// } +// +// ``` +func GetBackendKey(ctx *pulumi.Context, args *GetBackendKeyArgs, opts ...pulumi.InvokeOption) (*GetBackendKeyResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) + var rv GetBackendKeyResult + err := ctx.Invoke("vault:pkiSecret/getBackendKey:getBackendKey", args, &rv, opts...) + if err != nil { + return nil, err + } + return &rv, nil +} + +// A collection of arguments for invoking getBackendKey. +type GetBackendKeyArgs struct { + // The path to the PKI secret backend to + // read the key from, with no leading or trailing `/`s. + Backend string `pulumi:"backend"` + // Reference to an existing key. + KeyRef string `pulumi:"keyRef"` + // The namespace of the target resource. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace *string `pulumi:"namespace"` +} + +// A collection of values returned by getBackendKey. +type GetBackendKeyResult struct { + Backend string `pulumi:"backend"` + // The provider-assigned unique ID for this managed resource. + Id string `pulumi:"id"` + // ID of the key. + KeyId string `pulumi:"keyId"` + // Name of the key. + KeyName string `pulumi:"keyName"` + KeyRef string `pulumi:"keyRef"` + // Type of the key. + KeyType string `pulumi:"keyType"` + Namespace *string `pulumi:"namespace"` +} + +func GetBackendKeyOutput(ctx *pulumi.Context, args GetBackendKeyOutputArgs, opts ...pulumi.InvokeOption) GetBackendKeyResultOutput { + return pulumi.ToOutputWithContext(context.Background(), args). + ApplyT(func(v interface{}) (GetBackendKeyResult, error) { + args := v.(GetBackendKeyArgs) + r, err := GetBackendKey(ctx, &args, opts...) + var s GetBackendKeyResult + if r != nil { + s = *r + } + return s, err + }).(GetBackendKeyResultOutput) +} + +// A collection of arguments for invoking getBackendKey. +type GetBackendKeyOutputArgs struct { + // The path to the PKI secret backend to + // read the key from, with no leading or trailing `/`s. + Backend pulumi.StringInput `pulumi:"backend"` + // Reference to an existing key. + KeyRef pulumi.StringInput `pulumi:"keyRef"` + // The namespace of the target resource. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace pulumi.StringPtrInput `pulumi:"namespace"` +} + +func (GetBackendKeyOutputArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetBackendKeyArgs)(nil)).Elem() +} + +// A collection of values returned by getBackendKey. +type GetBackendKeyResultOutput struct{ *pulumi.OutputState } + +func (GetBackendKeyResultOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetBackendKeyResult)(nil)).Elem() +} + +func (o GetBackendKeyResultOutput) ToGetBackendKeyResultOutput() GetBackendKeyResultOutput { + return o +} + +func (o GetBackendKeyResultOutput) ToGetBackendKeyResultOutputWithContext(ctx context.Context) GetBackendKeyResultOutput { + return o +} + +func (o GetBackendKeyResultOutput) ToOutput(ctx context.Context) pulumix.Output[GetBackendKeyResult] { + return pulumix.Output[GetBackendKeyResult]{ + OutputState: o.OutputState, + } +} + +func (o GetBackendKeyResultOutput) Backend() pulumi.StringOutput { + return o.ApplyT(func(v GetBackendKeyResult) string { return v.Backend }).(pulumi.StringOutput) +} + +// The provider-assigned unique ID for this managed resource. +func (o GetBackendKeyResultOutput) Id() pulumi.StringOutput { + return o.ApplyT(func(v GetBackendKeyResult) string { return v.Id }).(pulumi.StringOutput) +} + +// ID of the key. +func (o GetBackendKeyResultOutput) KeyId() pulumi.StringOutput { + return o.ApplyT(func(v GetBackendKeyResult) string { return v.KeyId }).(pulumi.StringOutput) +} + +// Name of the key. +func (o GetBackendKeyResultOutput) KeyName() pulumi.StringOutput { + return o.ApplyT(func(v GetBackendKeyResult) string { return v.KeyName }).(pulumi.StringOutput) +} + +func (o GetBackendKeyResultOutput) KeyRef() pulumi.StringOutput { + return o.ApplyT(func(v GetBackendKeyResult) string { return v.KeyRef }).(pulumi.StringOutput) +} + +// Type of the key. +func (o GetBackendKeyResultOutput) KeyType() pulumi.StringOutput { + return o.ApplyT(func(v GetBackendKeyResult) string { return v.KeyType }).(pulumi.StringOutput) +} + +func (o GetBackendKeyResultOutput) Namespace() pulumi.StringPtrOutput { + return o.ApplyT(func(v GetBackendKeyResult) *string { return v.Namespace }).(pulumi.StringPtrOutput) +} + +func init() { + pulumi.RegisterOutputType(GetBackendKeyResultOutput{}) +} diff --git a/sdk/go/vault/pkisecret/getBackendKeys.go b/sdk/go/vault/pkisecret/getBackendKeys.go new file mode 100644 index 000000000..8311d6875 --- /dev/null +++ b/sdk/go/vault/pkisecret/getBackendKeys.go @@ -0,0 +1,172 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package pkisecret + +import ( + "context" + "reflect" + + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" +) + +// ## Example Usage +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-vault/sdk/v5/go/vault" +// "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/pkiSecret" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// pki, err := vault.NewMount(ctx, "pki", &vault.MountArgs{ +// Path: pulumi.String("pki"), +// Type: pulumi.String("pki"), +// Description: pulumi.String("PKI secret engine mount"), +// }) +// if err != nil { +// return err +// } +// root, err := pkiSecret.NewSecretBackendRootCert(ctx, "root", &pkiSecret.SecretBackendRootCertArgs{ +// Backend: pki.Path, +// Type: pulumi.String("internal"), +// CommonName: pulumi.String("example"), +// Ttl: pulumi.String("86400"), +// KeyName: pulumi.String("example"), +// }) +// if err != nil { +// return err +// } +// _ = pkiSecret.GetBackendKeysOutput(ctx, pkisecret.GetBackendKeysOutputArgs{ +// Backend: root.Backend, +// }, nil) +// return nil +// }) +// } +// +// ``` +func GetBackendKeys(ctx *pulumi.Context, args *GetBackendKeysArgs, opts ...pulumi.InvokeOption) (*GetBackendKeysResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) + var rv GetBackendKeysResult + err := ctx.Invoke("vault:pkiSecret/getBackendKeys:getBackendKeys", args, &rv, opts...) + if err != nil { + return nil, err + } + return &rv, nil +} + +// A collection of arguments for invoking getBackendKeys. +type GetBackendKeysArgs struct { + // The path to the PKI secret backend to + // read the keys from, with no leading or trailing `/`s. + Backend string `pulumi:"backend"` + // The namespace of the target resource. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace *string `pulumi:"namespace"` +} + +// A collection of values returned by getBackendKeys. +type GetBackendKeysResult struct { + Backend string `pulumi:"backend"` + // The provider-assigned unique ID for this managed resource. + Id string `pulumi:"id"` + // Map of key strings read from Vault. + KeyInfo map[string]interface{} `pulumi:"keyInfo"` + // JSON-encoded key data read from Vault. + KeyInfoJson string `pulumi:"keyInfoJson"` + // Keys used under the backend path. + Keys []string `pulumi:"keys"` + Namespace *string `pulumi:"namespace"` +} + +func GetBackendKeysOutput(ctx *pulumi.Context, args GetBackendKeysOutputArgs, opts ...pulumi.InvokeOption) GetBackendKeysResultOutput { + return pulumi.ToOutputWithContext(context.Background(), args). + ApplyT(func(v interface{}) (GetBackendKeysResult, error) { + args := v.(GetBackendKeysArgs) + r, err := GetBackendKeys(ctx, &args, opts...) + var s GetBackendKeysResult + if r != nil { + s = *r + } + return s, err + }).(GetBackendKeysResultOutput) +} + +// A collection of arguments for invoking getBackendKeys. +type GetBackendKeysOutputArgs struct { + // The path to the PKI secret backend to + // read the keys from, with no leading or trailing `/`s. + Backend pulumi.StringInput `pulumi:"backend"` + // The namespace of the target resource. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace pulumi.StringPtrInput `pulumi:"namespace"` +} + +func (GetBackendKeysOutputArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetBackendKeysArgs)(nil)).Elem() +} + +// A collection of values returned by getBackendKeys. +type GetBackendKeysResultOutput struct{ *pulumi.OutputState } + +func (GetBackendKeysResultOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetBackendKeysResult)(nil)).Elem() +} + +func (o GetBackendKeysResultOutput) ToGetBackendKeysResultOutput() GetBackendKeysResultOutput { + return o +} + +func (o GetBackendKeysResultOutput) ToGetBackendKeysResultOutputWithContext(ctx context.Context) GetBackendKeysResultOutput { + return o +} + +func (o GetBackendKeysResultOutput) ToOutput(ctx context.Context) pulumix.Output[GetBackendKeysResult] { + return pulumix.Output[GetBackendKeysResult]{ + OutputState: o.OutputState, + } +} + +func (o GetBackendKeysResultOutput) Backend() pulumi.StringOutput { + return o.ApplyT(func(v GetBackendKeysResult) string { return v.Backend }).(pulumi.StringOutput) +} + +// The provider-assigned unique ID for this managed resource. +func (o GetBackendKeysResultOutput) Id() pulumi.StringOutput { + return o.ApplyT(func(v GetBackendKeysResult) string { return v.Id }).(pulumi.StringOutput) +} + +// Map of key strings read from Vault. +func (o GetBackendKeysResultOutput) KeyInfo() pulumi.MapOutput { + return o.ApplyT(func(v GetBackendKeysResult) map[string]interface{} { return v.KeyInfo }).(pulumi.MapOutput) +} + +// JSON-encoded key data read from Vault. +func (o GetBackendKeysResultOutput) KeyInfoJson() pulumi.StringOutput { + return o.ApplyT(func(v GetBackendKeysResult) string { return v.KeyInfoJson }).(pulumi.StringOutput) +} + +// Keys used under the backend path. +func (o GetBackendKeysResultOutput) Keys() pulumi.StringArrayOutput { + return o.ApplyT(func(v GetBackendKeysResult) []string { return v.Keys }).(pulumi.StringArrayOutput) +} + +func (o GetBackendKeysResultOutput) Namespace() pulumi.StringPtrOutput { + return o.ApplyT(func(v GetBackendKeysResult) *string { return v.Namespace }).(pulumi.StringPtrOutput) +} + +func init() { + pulumi.RegisterOutputType(GetBackendKeysResultOutput{}) +} diff --git a/sdk/go/vault/pkisecret/init.go b/sdk/go/vault/pkisecret/init.go index 891c32eb8..6d7b6cede 100644 --- a/sdk/go/vault/pkisecret/init.go +++ b/sdk/go/vault/pkisecret/init.go @@ -7,7 +7,7 @@ import ( "fmt" "github.com/blang/semver" - "github.com/pulumi/pulumi-vault/sdk/v5/go/vault" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) @@ -56,7 +56,7 @@ func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi } func init() { - version, err := vault.PkgVersion() + version, err := internal.PkgVersion() if err != nil { version = semver.Version{Major: 1} } diff --git a/sdk/go/vault/pkisecret/pulumiTypes.go b/sdk/go/vault/pkisecret/pulumiTypes.go index 70b517a58..614065b7b 100644 --- a/sdk/go/vault/pkisecret/pulumiTypes.go +++ b/sdk/go/vault/pkisecret/pulumiTypes.go @@ -7,11 +7,17 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) +var _ = internal.GetEnvOrDefault + type SecretBackendRolePolicyIdentifier struct { // The URL of the CPS for the policy identifier + // + // Example usage: Cps *string `pulumi:"cps"` // A notice for the policy identifier Notice *string `pulumi:"notice"` @@ -32,6 +38,8 @@ type SecretBackendRolePolicyIdentifierInput interface { type SecretBackendRolePolicyIdentifierArgs struct { // The URL of the CPS for the policy identifier + // + // Example usage: Cps pulumi.StringPtrInput `pulumi:"cps"` // A notice for the policy identifier Notice pulumi.StringPtrInput `pulumi:"notice"` @@ -51,6 +59,43 @@ func (i SecretBackendRolePolicyIdentifierArgs) ToSecretBackendRolePolicyIdentifi return pulumi.ToOutputWithContext(ctx, i).(SecretBackendRolePolicyIdentifierOutput) } +func (i SecretBackendRolePolicyIdentifierArgs) ToOutput(ctx context.Context) pulumix.Output[SecretBackendRolePolicyIdentifier] { + return pulumix.Output[SecretBackendRolePolicyIdentifier]{ + OutputState: i.ToSecretBackendRolePolicyIdentifierOutputWithContext(ctx).OutputState, + } +} + +// SecretBackendRolePolicyIdentifierArrayInput is an input type that accepts SecretBackendRolePolicyIdentifierArray and SecretBackendRolePolicyIdentifierArrayOutput values. +// You can construct a concrete instance of `SecretBackendRolePolicyIdentifierArrayInput` via: +// +// SecretBackendRolePolicyIdentifierArray{ SecretBackendRolePolicyIdentifierArgs{...} } +type SecretBackendRolePolicyIdentifierArrayInput interface { + pulumi.Input + + ToSecretBackendRolePolicyIdentifierArrayOutput() SecretBackendRolePolicyIdentifierArrayOutput + ToSecretBackendRolePolicyIdentifierArrayOutputWithContext(context.Context) SecretBackendRolePolicyIdentifierArrayOutput +} + +type SecretBackendRolePolicyIdentifierArray []SecretBackendRolePolicyIdentifierInput + +func (SecretBackendRolePolicyIdentifierArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]SecretBackendRolePolicyIdentifier)(nil)).Elem() +} + +func (i SecretBackendRolePolicyIdentifierArray) ToSecretBackendRolePolicyIdentifierArrayOutput() SecretBackendRolePolicyIdentifierArrayOutput { + return i.ToSecretBackendRolePolicyIdentifierArrayOutputWithContext(context.Background()) +} + +func (i SecretBackendRolePolicyIdentifierArray) ToSecretBackendRolePolicyIdentifierArrayOutputWithContext(ctx context.Context) SecretBackendRolePolicyIdentifierArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(SecretBackendRolePolicyIdentifierArrayOutput) +} + +func (i SecretBackendRolePolicyIdentifierArray) ToOutput(ctx context.Context) pulumix.Output[[]SecretBackendRolePolicyIdentifier] { + return pulumix.Output[[]SecretBackendRolePolicyIdentifier]{ + OutputState: i.ToSecretBackendRolePolicyIdentifierArrayOutputWithContext(ctx).OutputState, + } +} + type SecretBackendRolePolicyIdentifierOutput struct{ *pulumi.OutputState } func (SecretBackendRolePolicyIdentifierOutput) ElementType() reflect.Type { @@ -65,7 +110,15 @@ func (o SecretBackendRolePolicyIdentifierOutput) ToSecretBackendRolePolicyIdenti return o } +func (o SecretBackendRolePolicyIdentifierOutput) ToOutput(ctx context.Context) pulumix.Output[SecretBackendRolePolicyIdentifier] { + return pulumix.Output[SecretBackendRolePolicyIdentifier]{ + OutputState: o.OutputState, + } +} + // The URL of the CPS for the policy identifier +// +// Example usage: func (o SecretBackendRolePolicyIdentifierOutput) Cps() pulumi.StringPtrOutput { return o.ApplyT(func(v SecretBackendRolePolicyIdentifier) *string { return v.Cps }).(pulumi.StringPtrOutput) } @@ -80,7 +133,35 @@ func (o SecretBackendRolePolicyIdentifierOutput) Oid() pulumi.StringOutput { return o.ApplyT(func(v SecretBackendRolePolicyIdentifier) string { return v.Oid }).(pulumi.StringOutput) } +type SecretBackendRolePolicyIdentifierArrayOutput struct{ *pulumi.OutputState } + +func (SecretBackendRolePolicyIdentifierArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]SecretBackendRolePolicyIdentifier)(nil)).Elem() +} + +func (o SecretBackendRolePolicyIdentifierArrayOutput) ToSecretBackendRolePolicyIdentifierArrayOutput() SecretBackendRolePolicyIdentifierArrayOutput { + return o +} + +func (o SecretBackendRolePolicyIdentifierArrayOutput) ToSecretBackendRolePolicyIdentifierArrayOutputWithContext(ctx context.Context) SecretBackendRolePolicyIdentifierArrayOutput { + return o +} + +func (o SecretBackendRolePolicyIdentifierArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]SecretBackendRolePolicyIdentifier] { + return pulumix.Output[[]SecretBackendRolePolicyIdentifier]{ + OutputState: o.OutputState, + } +} + +func (o SecretBackendRolePolicyIdentifierArrayOutput) Index(i pulumi.IntInput) SecretBackendRolePolicyIdentifierOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) SecretBackendRolePolicyIdentifier { + return vs[0].([]SecretBackendRolePolicyIdentifier)[vs[1].(int)] + }).(SecretBackendRolePolicyIdentifierOutput) +} + func init() { pulumi.RegisterInputType(reflect.TypeOf((*SecretBackendRolePolicyIdentifierInput)(nil)).Elem(), SecretBackendRolePolicyIdentifierArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*SecretBackendRolePolicyIdentifierArrayInput)(nil)).Elem(), SecretBackendRolePolicyIdentifierArray{}) pulumi.RegisterOutputType(SecretBackendRolePolicyIdentifierOutput{}) + pulumi.RegisterOutputType(SecretBackendRolePolicyIdentifierArrayOutput{}) } diff --git a/sdk/go/vault/pkisecret/secretBackendCert.go b/sdk/go/vault/pkisecret/secretBackendCert.go index 6cd0dc27e..4ce6ac326 100644 --- a/sdk/go/vault/pkisecret/secretBackendCert.go +++ b/sdk/go/vault/pkisecret/secretBackendCert.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -114,6 +116,7 @@ func NewSecretBackendCert(ctx *pulumi.Context, "privateKey", }) opts = append(opts, secrets) + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretBackendCert err := ctx.RegisterResource("vault:pkiSecret/secretBackendCert:SecretBackendCert", name, args, &resource, opts...) if err != nil { @@ -355,6 +358,12 @@ func (i *SecretBackendCert) ToSecretBackendCertOutputWithContext(ctx context.Con return pulumi.ToOutputWithContext(ctx, i).(SecretBackendCertOutput) } +func (i *SecretBackendCert) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendCert] { + return pulumix.Output[*SecretBackendCert]{ + OutputState: i.ToSecretBackendCertOutputWithContext(ctx).OutputState, + } +} + // SecretBackendCertArrayInput is an input type that accepts SecretBackendCertArray and SecretBackendCertArrayOutput values. // You can construct a concrete instance of `SecretBackendCertArrayInput` via: // @@ -380,6 +389,12 @@ func (i SecretBackendCertArray) ToSecretBackendCertArrayOutputWithContext(ctx co return pulumi.ToOutputWithContext(ctx, i).(SecretBackendCertArrayOutput) } +func (i SecretBackendCertArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendCert] { + return pulumix.Output[[]*SecretBackendCert]{ + OutputState: i.ToSecretBackendCertArrayOutputWithContext(ctx).OutputState, + } +} + // SecretBackendCertMapInput is an input type that accepts SecretBackendCertMap and SecretBackendCertMapOutput values. // You can construct a concrete instance of `SecretBackendCertMapInput` via: // @@ -405,6 +420,12 @@ func (i SecretBackendCertMap) ToSecretBackendCertMapOutputWithContext(ctx contex return pulumi.ToOutputWithContext(ctx, i).(SecretBackendCertMapOutput) } +func (i SecretBackendCertMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendCert] { + return pulumix.Output[map[string]*SecretBackendCert]{ + OutputState: i.ToSecretBackendCertMapOutputWithContext(ctx).OutputState, + } +} + type SecretBackendCertOutput struct{ *pulumi.OutputState } func (SecretBackendCertOutput) ElementType() reflect.Type { @@ -419,6 +440,12 @@ func (o SecretBackendCertOutput) ToSecretBackendCertOutputWithContext(ctx contex return o } +func (o SecretBackendCertOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendCert] { + return pulumix.Output[*SecretBackendCert]{ + OutputState: o.OutputState, + } +} + // List of alternative names func (o SecretBackendCertOutput) AltNames() pulumi.StringArrayOutput { return o.ApplyT(func(v *SecretBackendCert) pulumi.StringArrayOutput { return v.AltNames }).(pulumi.StringArrayOutput) @@ -561,6 +588,12 @@ func (o SecretBackendCertArrayOutput) ToSecretBackendCertArrayOutputWithContext( return o } +func (o SecretBackendCertArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendCert] { + return pulumix.Output[[]*SecretBackendCert]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendCertArrayOutput) Index(i pulumi.IntInput) SecretBackendCertOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretBackendCert { return vs[0].([]*SecretBackendCert)[vs[1].(int)] @@ -581,6 +614,12 @@ func (o SecretBackendCertMapOutput) ToSecretBackendCertMapOutputWithContext(ctx return o } +func (o SecretBackendCertMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendCert] { + return pulumix.Output[map[string]*SecretBackendCert]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendCertMapOutput) MapIndex(k pulumi.StringInput) SecretBackendCertOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretBackendCert { return vs[0].(map[string]*SecretBackendCert)[vs[1].(string)] diff --git a/sdk/go/vault/pkisecret/secretBackendConfigCa.go b/sdk/go/vault/pkisecret/secretBackendConfigCa.go index bc42564c9..233ccd057 100644 --- a/sdk/go/vault/pkisecret/secretBackendConfigCa.go +++ b/sdk/go/vault/pkisecret/secretBackendConfigCa.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -26,8 +28,58 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // _, err := pkiSecret.NewSecretBackendConfigCa(ctx, "intermediate", &pkiSecret.SecretBackendConfigCaArgs{ -// Backend: pulumi.Any(vault_mount.Intermediate.Path), -// PemBundle: pulumi.String("-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAwvEHeJCXnFgi88rE1dTX6FHdBPK0wSjedh0ywVnCZxLWbBv/\n5PytjTcCPdrfW7g2sfbPwOge/WF3X2KeYSP8SxZA0czmz6QDspeG921JkZWtyp5o\n++N0leLTIUAhq339p3O1onAOUO1k4sHfmCwfrDpTn2hcx4URa5Pzzb1fHigusjIH\n1mcGdncaA6Z2CzO1w4E8kPOUukIDrcZT4faOZrWUIQZKQw2JzTyKJ+ZMDCZq2TFz\nWwpL3eG48wB7J7mibFQ/9nFvxpIflBjDAZ8QiqkwYr5N0DNsTxcfTCSeubfJDCUf\nIWwFZhLitzwOxazazUQKXX/SPMQ1l/L9o3nnHwIDAQABAoIBAAQidJQcDPsl62fc\nTxxx7TpiMhvewfKu2TkMGX18V+EzxxR364+BxHSQTB3fvIkHeTGBGJrw0WdyX8PI\nJa/NwZYeHLXWcLbKtcFd8WDiEoNh91Oq1HMzOc/MBcpYv94RSAX7MEkHs2YIAvHE\nRufFV86hVhC1d/JLYjkz5CHi+Fd9XTYjBK78tHhJd4IJPu5LYvwlmzC1zeS7s1Tg\nQW1FQuVDV8tWa4PMTrQHwfaGqn95AKc+tbg+ubpCiWl5bBNI3Ghuh4sAC9dMdAkd\nw27i29O9/Y3XJSSGUZlZqDBP4YU388RgHpzLDUxgRcaQt9vdeEz6frULPW67e9D2\nmPPDzjECgYEA4aPOwvnSwGoOKsS6vANGy4Ajsq09PR+1ltMJUR5kDlXGuZWI72eX\n3/GAnovDuCp0tbYt0r7Fmkfel0Ore7SYM18TH5QGpPddcZLvKUf7AchCIOYY0Te3\npS9+7S1lEGrLXyuox4N26Ov6wHVrmZTcQoZsDWbjYxNNsNACsiQNjGMCgYEA3SvQ\nJets9e9SgNVvao2TijX+/vcNKRfcWB71T9Xc4BuSNEu5+ZLtptlwaSnVCVu1Xilk\nsWDh+3EhByl4EteENPvE/7A2s1sfcDOprvg0r52aBZKeTp0AukrT8+Ad4hap7g1x\n2Lz11MFDkhRqt2KqQaIL+5Mq5WfptbBJ0YI7ARUCgYAD6iSfK1hlsDFYupsGwgPL\nagi0g97pHZC38idaOe3AdeqBs79xb9mpr/XsSj52Bn6J3IRFALxK5e5Nr4XdGo/9\nbCvXw2iuGgCMBOGTVMVdDY1gJr3Ne2r7Oay5Dq2PMFsg5pACDhzVA6sRBbh9LKD5\non1jaiKNyHrzk1hIoOl/QwKBgA+Ov2uLbfS2yvTpDpdOMiyss603r6NOXF+Ofe8J\nuinBhr1K/mAB59muveuH18Z6vv1KqByaFgtb39jjH+Eja9dWRns95/sh08pOuAbo\nyrv3uBfgQmaBQMXZ8aLcBv4aXgWyyGlYkWpP1fL2oLMZq6RGQ9WEeqX8c0ImjmrA\nYGopAoGBAJZPFlZi2Rfq4MfFZp/X1/zM09hphZwkxkSI+RnsjDUjTgB8CuQul5ep\nKWE98yLw4C25Cqw5fKKQ2addizLnZCAIfJKVNRjYLWlWyGQydDEUzqwXlSLS9LVX\nLxLkWDajIyjeFn21Ttb42L9pBo3TAQIxUenom/lP2SQTvCKBiPai\n-----END RSA PRIVATE KEY-----\n-----BEGIN CERTIFICATE-----\nMIIDazCCAlOgAwIBAgIUahce2sCO7Bom/Rznd5HsNAlr1NgwDQYJKoZIhvcNAQEL\nBQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM\nGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0xODEyMDIwMTAxNDRaFw00NjEy\nMTUwMTAxNDRaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw\nHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB\nAQUAA4IBDwAwggEKAoIBAQDC8Qd4kJecWCLzysTV1NfoUd0E8rTBKN52HTLBWcJn\nEtZsG//k/K2NNwI92t9buDax9s/A6B79YXdfYp5hI/xLFkDRzObPpAOyl4b3bUmR\nla3Knmj743SV4tMhQCGrff2nc7WicA5Q7WTiwd+YLB+sOlOfaFzHhRFrk/PNvV8e\nKC6yMgfWZwZ2dxoDpnYLM7XDgTyQ85S6QgOtxlPh9o5mtZQhBkpDDYnNPIon5kwM\nJmrZMXNbCkvd4bjzAHsnuaJsVD/2cW/Gkh+UGMMBnxCKqTBivk3QM2xPFx9MJJ65\nt8kMJR8hbAVmEuK3PA7FrNrNRApdf9I8xDWX8v2jeecfAgMBAAGjUzBRMB0GA1Ud\nDgQWBBQXGfrns8OqxTGKsXG5pDZS/WyyYDAfBgNVHSMEGDAWgBQXGfrns8OqxTGK\nsXG5pDZS/WyyYDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCt\n8aUX26cl2PgdIEByZSHAX5G+2b0IEtTclPkl4uDyyKRY4dVq6gK3ueVSU5eUmBip\nJbV5aRetovGOcV//8vbxkZm/ntQ8Oo+2sfGR5lIzd0UdlOr5pkD6g3bFy/zJ+4DR\nDAe8fklUacfz6CFmD+H8GyHm+fKmF+mjr4oOGQW6OegRDJHuiipUk2lJyuXdlPSa\nFpNRO2sGbjn000ANinFgnFiVzGDnx0/G1Kii/6GWrI6rrdVmXioQzF+8AloWckeB\n+hbmbwkwQa/JrLb5SWcBDOXSgtn1Li3XF5AQQBBjA3pOlyBXqnI94Irw89Lv9uPT\nMUR4qFxeUOW/GJGccMUd\n-----END CERTIFICATE-----\n"), +// Backend: pulumi.Any(vault_mount.Intermediate.Path), +// PemBundle: pulumi.String(`-----BEGIN RSA PRIVATE KEY----- +// +// MIIEowIBAAKCAQEAwvEHeJCXnFgi88rE1dTX6FHdBPK0wSjedh0ywVnCZxLWbBv/ +// 5PytjTcCPdrfW7g2sfbPwOge/WF3X2KeYSP8SxZA0czmz6QDspeG921JkZWtyp5o +// ++N0leLTIUAhq339p3O1onAOUO1k4sHfmCwfrDpTn2hcx4URa5Pzzb1fHigusjIH +// 1mcGdncaA6Z2CzO1w4E8kPOUukIDrcZT4faOZrWUIQZKQw2JzTyKJ+ZMDCZq2TFz +// WwpL3eG48wB7J7mibFQ/9nFvxpIflBjDAZ8QiqkwYr5N0DNsTxcfTCSeubfJDCUf +// IWwFZhLitzwOxazazUQKXX/SPMQ1l/L9o3nnHwIDAQABAoIBAAQidJQcDPsl62fc +// Txxx7TpiMhvewfKu2TkMGX18V+EzxxR364+BxHSQTB3fvIkHeTGBGJrw0WdyX8PI +// Ja/NwZYeHLXWcLbKtcFd8WDiEoNh91Oq1HMzOc/MBcpYv94RSAX7MEkHs2YIAvHE +// RufFV86hVhC1d/JLYjkz5CHi+Fd9XTYjBK78tHhJd4IJPu5LYvwlmzC1zeS7s1Tg +// QW1FQuVDV8tWa4PMTrQHwfaGqn95AKc+tbg+ubpCiWl5bBNI3Ghuh4sAC9dMdAkd +// w27i29O9/Y3XJSSGUZlZqDBP4YU388RgHpzLDUxgRcaQt9vdeEz6frULPW67e9D2 +// mPPDzjECgYEA4aPOwvnSwGoOKsS6vANGy4Ajsq09PR+1ltMJUR5kDlXGuZWI72eX +// 3/GAnovDuCp0tbYt0r7Fmkfel0Ore7SYM18TH5QGpPddcZLvKUf7AchCIOYY0Te3 +// pS9+7S1lEGrLXyuox4N26Ov6wHVrmZTcQoZsDWbjYxNNsNACsiQNjGMCgYEA3SvQ +// Jets9e9SgNVvao2TijX+/vcNKRfcWB71T9Xc4BuSNEu5+ZLtptlwaSnVCVu1Xilk +// sWDh+3EhByl4EteENPvE/7A2s1sfcDOprvg0r52aBZKeTp0AukrT8+Ad4hap7g1x +// 2Lz11MFDkhRqt2KqQaIL+5Mq5WfptbBJ0YI7ARUCgYAD6iSfK1hlsDFYupsGwgPL +// agi0g97pHZC38idaOe3AdeqBs79xb9mpr/XsSj52Bn6J3IRFALxK5e5Nr4XdGo/9 +// bCvXw2iuGgCMBOGTVMVdDY1gJr3Ne2r7Oay5Dq2PMFsg5pACDhzVA6sRBbh9LKD5 +// on1jaiKNyHrzk1hIoOl/QwKBgA+Ov2uLbfS2yvTpDpdOMiyss603r6NOXF+Ofe8J +// uinBhr1K/mAB59muveuH18Z6vv1KqByaFgtb39jjH+Eja9dWRns95/sh08pOuAbo +// yrv3uBfgQmaBQMXZ8aLcBv4aXgWyyGlYkWpP1fL2oLMZq6RGQ9WEeqX8c0ImjmrA +// YGopAoGBAJZPFlZi2Rfq4MfFZp/X1/zM09hphZwkxkSI+RnsjDUjTgB8CuQul5ep +// KWE98yLw4C25Cqw5fKKQ2addizLnZCAIfJKVNRjYLWlWyGQydDEUzqwXlSLS9LVX +// LxLkWDajIyjeFn21Ttb42L9pBo3TAQIxUenom/lP2SQTvCKBiPai +// -----END RSA PRIVATE KEY----- +// -----BEGIN CERTIFICATE----- +// MIIDazCCAlOgAwIBAgIUahce2sCO7Bom/Rznd5HsNAlr1NgwDQYJKoZIhvcNAQEL +// BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM +// GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0xODEyMDIwMTAxNDRaFw00NjEy +// MTUwMTAxNDRaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw +// HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB +// AQUAA4IBDwAwggEKAoIBAQDC8Qd4kJecWCLzysTV1NfoUd0E8rTBKN52HTLBWcJn +// EtZsG//k/K2NNwI92t9buDax9s/A6B79YXdfYp5hI/xLFkDRzObPpAOyl4b3bUmR +// la3Knmj743SV4tMhQCGrff2nc7WicA5Q7WTiwd+YLB+sOlOfaFzHhRFrk/PNvV8e +// KC6yMgfWZwZ2dxoDpnYLM7XDgTyQ85S6QgOtxlPh9o5mtZQhBkpDDYnNPIon5kwM +// JmrZMXNbCkvd4bjzAHsnuaJsVD/2cW/Gkh+UGMMBnxCKqTBivk3QM2xPFx9MJJ65 +// t8kMJR8hbAVmEuK3PA7FrNrNRApdf9I8xDWX8v2jeecfAgMBAAGjUzBRMB0GA1Ud +// DgQWBBQXGfrns8OqxTGKsXG5pDZS/WyyYDAfBgNVHSMEGDAWgBQXGfrns8OqxTGK +// sXG5pDZS/WyyYDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCt +// 8aUX26cl2PgdIEByZSHAX5G+2b0IEtTclPkl4uDyyKRY4dVq6gK3ueVSU5eUmBip +// JbV5aRetovGOcV//8vbxkZm/ntQ8Oo+2sfGR5lIzd0UdlOr5pkD6g3bFy/zJ+4DR +// DAe8fklUacfz6CFmD+H8GyHm+fKmF+mjr4oOGQW6OegRDJHuiipUk2lJyuXdlPSa +// FpNRO2sGbjn000ANinFgnFiVzGDnx0/G1Kii/6GWrI6rrdVmXioQzF+8AloWckeB +// +hbmbwkwQa/JrLb5SWcBDOXSgtn1Li3XF5AQQBBjA3pOlyBXqnI94Irw89Lv9uPT +// MUR4qFxeUOW/GJGccMUd +// -----END CERTIFICATE----- +// `), +// // }, pulumi.DependsOn([]pulumi.Resource{ // vault_mount.Intermediate, // })) @@ -67,12 +119,13 @@ func NewSecretBackendConfigCa(ctx *pulumi.Context, return nil, errors.New("invalid value for required argument 'PemBundle'") } if args.PemBundle != nil { - args.PemBundle = pulumi.ToSecret(args.PemBundle).(pulumi.StringOutput) + args.PemBundle = pulumi.ToSecret(args.PemBundle).(pulumi.StringInput) } secrets := pulumi.AdditionalSecretOutputs([]string{ "pemBundle", }) opts = append(opts, secrets) + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretBackendConfigCa err := ctx.RegisterResource("vault:pkiSecret/secretBackendConfigCa:SecretBackendConfigCa", name, args, &resource, opts...) if err != nil { @@ -170,6 +223,12 @@ func (i *SecretBackendConfigCa) ToSecretBackendConfigCaOutputWithContext(ctx con return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConfigCaOutput) } +func (i *SecretBackendConfigCa) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConfigCa] { + return pulumix.Output[*SecretBackendConfigCa]{ + OutputState: i.ToSecretBackendConfigCaOutputWithContext(ctx).OutputState, + } +} + // SecretBackendConfigCaArrayInput is an input type that accepts SecretBackendConfigCaArray and SecretBackendConfigCaArrayOutput values. // You can construct a concrete instance of `SecretBackendConfigCaArrayInput` via: // @@ -195,6 +254,12 @@ func (i SecretBackendConfigCaArray) ToSecretBackendConfigCaArrayOutputWithContex return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConfigCaArrayOutput) } +func (i SecretBackendConfigCaArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendConfigCa] { + return pulumix.Output[[]*SecretBackendConfigCa]{ + OutputState: i.ToSecretBackendConfigCaArrayOutputWithContext(ctx).OutputState, + } +} + // SecretBackendConfigCaMapInput is an input type that accepts SecretBackendConfigCaMap and SecretBackendConfigCaMapOutput values. // You can construct a concrete instance of `SecretBackendConfigCaMapInput` via: // @@ -220,6 +285,12 @@ func (i SecretBackendConfigCaMap) ToSecretBackendConfigCaMapOutputWithContext(ct return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConfigCaMapOutput) } +func (i SecretBackendConfigCaMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendConfigCa] { + return pulumix.Output[map[string]*SecretBackendConfigCa]{ + OutputState: i.ToSecretBackendConfigCaMapOutputWithContext(ctx).OutputState, + } +} + type SecretBackendConfigCaOutput struct{ *pulumi.OutputState } func (SecretBackendConfigCaOutput) ElementType() reflect.Type { @@ -234,6 +305,12 @@ func (o SecretBackendConfigCaOutput) ToSecretBackendConfigCaOutputWithContext(ct return o } +func (o SecretBackendConfigCaOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConfigCa] { + return pulumix.Output[*SecretBackendConfigCa]{ + OutputState: o.OutputState, + } +} + // The PKI secret backend the resource belongs to. func (o SecretBackendConfigCaOutput) Backend() pulumi.StringOutput { return o.ApplyT(func(v *SecretBackendConfigCa) pulumi.StringOutput { return v.Backend }).(pulumi.StringOutput) @@ -266,6 +343,12 @@ func (o SecretBackendConfigCaArrayOutput) ToSecretBackendConfigCaArrayOutputWith return o } +func (o SecretBackendConfigCaArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendConfigCa] { + return pulumix.Output[[]*SecretBackendConfigCa]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendConfigCaArrayOutput) Index(i pulumi.IntInput) SecretBackendConfigCaOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretBackendConfigCa { return vs[0].([]*SecretBackendConfigCa)[vs[1].(int)] @@ -286,6 +369,12 @@ func (o SecretBackendConfigCaMapOutput) ToSecretBackendConfigCaMapOutputWithCont return o } +func (o SecretBackendConfigCaMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendConfigCa] { + return pulumix.Output[map[string]*SecretBackendConfigCa]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendConfigCaMapOutput) MapIndex(k pulumi.StringInput) SecretBackendConfigCaOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretBackendConfigCa { return vs[0].(map[string]*SecretBackendConfigCa)[vs[1].(string)] diff --git a/sdk/go/vault/pkisecret/secretBackendConfigIssuers.go b/sdk/go/vault/pkisecret/secretBackendConfigIssuers.go index c5705ea91..ef27cd76e 100644 --- a/sdk/go/vault/pkisecret/secretBackendConfigIssuers.go +++ b/sdk/go/vault/pkisecret/secretBackendConfigIssuers.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Allows setting the value of the default issuer. For more information, see the @@ -106,6 +108,7 @@ func NewSecretBackendConfigIssuers(ctx *pulumi.Context, if args.Backend == nil { return nil, errors.New("invalid value for required argument 'Backend'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretBackendConfigIssuers err := ctx.RegisterResource("vault:pkiSecret/secretBackendConfigIssuers:SecretBackendConfigIssuers", name, args, &resource, opts...) if err != nil { @@ -219,6 +222,12 @@ func (i *SecretBackendConfigIssuers) ToSecretBackendConfigIssuersOutputWithConte return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConfigIssuersOutput) } +func (i *SecretBackendConfigIssuers) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConfigIssuers] { + return pulumix.Output[*SecretBackendConfigIssuers]{ + OutputState: i.ToSecretBackendConfigIssuersOutputWithContext(ctx).OutputState, + } +} + // SecretBackendConfigIssuersArrayInput is an input type that accepts SecretBackendConfigIssuersArray and SecretBackendConfigIssuersArrayOutput values. // You can construct a concrete instance of `SecretBackendConfigIssuersArrayInput` via: // @@ -244,6 +253,12 @@ func (i SecretBackendConfigIssuersArray) ToSecretBackendConfigIssuersArrayOutput return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConfigIssuersArrayOutput) } +func (i SecretBackendConfigIssuersArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendConfigIssuers] { + return pulumix.Output[[]*SecretBackendConfigIssuers]{ + OutputState: i.ToSecretBackendConfigIssuersArrayOutputWithContext(ctx).OutputState, + } +} + // SecretBackendConfigIssuersMapInput is an input type that accepts SecretBackendConfigIssuersMap and SecretBackendConfigIssuersMapOutput values. // You can construct a concrete instance of `SecretBackendConfigIssuersMapInput` via: // @@ -269,6 +284,12 @@ func (i SecretBackendConfigIssuersMap) ToSecretBackendConfigIssuersMapOutputWith return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConfigIssuersMapOutput) } +func (i SecretBackendConfigIssuersMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendConfigIssuers] { + return pulumix.Output[map[string]*SecretBackendConfigIssuers]{ + OutputState: i.ToSecretBackendConfigIssuersMapOutputWithContext(ctx).OutputState, + } +} + type SecretBackendConfigIssuersOutput struct{ *pulumi.OutputState } func (SecretBackendConfigIssuersOutput) ElementType() reflect.Type { @@ -283,6 +304,12 @@ func (o SecretBackendConfigIssuersOutput) ToSecretBackendConfigIssuersOutputWith return o } +func (o SecretBackendConfigIssuersOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConfigIssuers] { + return pulumix.Output[*SecretBackendConfigIssuers]{ + OutputState: o.OutputState, + } +} + // The path the PKI secret backend is mounted at, with no // leading or trailing `/`s. func (o SecretBackendConfigIssuersOutput) Backend() pulumi.StringOutput { @@ -322,6 +349,12 @@ func (o SecretBackendConfigIssuersArrayOutput) ToSecretBackendConfigIssuersArray return o } +func (o SecretBackendConfigIssuersArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendConfigIssuers] { + return pulumix.Output[[]*SecretBackendConfigIssuers]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendConfigIssuersArrayOutput) Index(i pulumi.IntInput) SecretBackendConfigIssuersOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretBackendConfigIssuers { return vs[0].([]*SecretBackendConfigIssuers)[vs[1].(int)] @@ -342,6 +375,12 @@ func (o SecretBackendConfigIssuersMapOutput) ToSecretBackendConfigIssuersMapOutp return o } +func (o SecretBackendConfigIssuersMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendConfigIssuers] { + return pulumix.Output[map[string]*SecretBackendConfigIssuers]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendConfigIssuersMapOutput) MapIndex(k pulumi.StringInput) SecretBackendConfigIssuersOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretBackendConfigIssuers { return vs[0].(map[string]*SecretBackendConfigIssuers)[vs[1].(string)] diff --git a/sdk/go/vault/pkisecret/secretBackendConfigUrls.go b/sdk/go/vault/pkisecret/secretBackendConfigUrls.go index 469d9e6fb..396b768b7 100644 --- a/sdk/go/vault/pkisecret/secretBackendConfigUrls.go +++ b/sdk/go/vault/pkisecret/secretBackendConfigUrls.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Allows setting the issuing certificate endpoints, CRL distribution points, and OCSP server endpoints that will be encoded into issued certificates. @@ -55,11 +57,7 @@ import ( // // ## Import // -// The PKI config URLs can be imported using the resource's `id`. -// -// In the case of the example above the `id` would be `pki-root/config/urls`, -// -// where the `pki-root` component is the resource's `backend`, e.g. +// The PKI config URLs can be imported using the resource's `id`. In the case of the example above the `id` would be `pki-root/config/urls`, where the `pki-root` component is the resource's `backend`, e.g. // // ```sh // @@ -94,6 +92,7 @@ func NewSecretBackendConfigUrls(ctx *pulumi.Context, if args.Backend == nil { return nil, errors.New("invalid value for required argument 'Backend'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretBackendConfigUrls err := ctx.RegisterResource("vault:pkiSecret/secretBackendConfigUrls:SecretBackendConfigUrls", name, args, &resource, opts...) if err != nil { @@ -207,6 +206,12 @@ func (i *SecretBackendConfigUrls) ToSecretBackendConfigUrlsOutputWithContext(ctx return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConfigUrlsOutput) } +func (i *SecretBackendConfigUrls) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConfigUrls] { + return pulumix.Output[*SecretBackendConfigUrls]{ + OutputState: i.ToSecretBackendConfigUrlsOutputWithContext(ctx).OutputState, + } +} + // SecretBackendConfigUrlsArrayInput is an input type that accepts SecretBackendConfigUrlsArray and SecretBackendConfigUrlsArrayOutput values. // You can construct a concrete instance of `SecretBackendConfigUrlsArrayInput` via: // @@ -232,6 +237,12 @@ func (i SecretBackendConfigUrlsArray) ToSecretBackendConfigUrlsArrayOutputWithCo return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConfigUrlsArrayOutput) } +func (i SecretBackendConfigUrlsArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendConfigUrls] { + return pulumix.Output[[]*SecretBackendConfigUrls]{ + OutputState: i.ToSecretBackendConfigUrlsArrayOutputWithContext(ctx).OutputState, + } +} + // SecretBackendConfigUrlsMapInput is an input type that accepts SecretBackendConfigUrlsMap and SecretBackendConfigUrlsMapOutput values. // You can construct a concrete instance of `SecretBackendConfigUrlsMapInput` via: // @@ -257,6 +268,12 @@ func (i SecretBackendConfigUrlsMap) ToSecretBackendConfigUrlsMapOutputWithContex return pulumi.ToOutputWithContext(ctx, i).(SecretBackendConfigUrlsMapOutput) } +func (i SecretBackendConfigUrlsMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendConfigUrls] { + return pulumix.Output[map[string]*SecretBackendConfigUrls]{ + OutputState: i.ToSecretBackendConfigUrlsMapOutputWithContext(ctx).OutputState, + } +} + type SecretBackendConfigUrlsOutput struct{ *pulumi.OutputState } func (SecretBackendConfigUrlsOutput) ElementType() reflect.Type { @@ -271,6 +288,12 @@ func (o SecretBackendConfigUrlsOutput) ToSecretBackendConfigUrlsOutputWithContex return o } +func (o SecretBackendConfigUrlsOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendConfigUrls] { + return pulumix.Output[*SecretBackendConfigUrls]{ + OutputState: o.OutputState, + } +} + // The path the PKI secret backend is mounted at, with no leading or trailing `/`s. func (o SecretBackendConfigUrlsOutput) Backend() pulumi.StringOutput { return o.ApplyT(func(v *SecretBackendConfigUrls) pulumi.StringOutput { return v.Backend }).(pulumi.StringOutput) @@ -313,6 +336,12 @@ func (o SecretBackendConfigUrlsArrayOutput) ToSecretBackendConfigUrlsArrayOutput return o } +func (o SecretBackendConfigUrlsArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendConfigUrls] { + return pulumix.Output[[]*SecretBackendConfigUrls]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendConfigUrlsArrayOutput) Index(i pulumi.IntInput) SecretBackendConfigUrlsOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretBackendConfigUrls { return vs[0].([]*SecretBackendConfigUrls)[vs[1].(int)] @@ -333,6 +362,12 @@ func (o SecretBackendConfigUrlsMapOutput) ToSecretBackendConfigUrlsMapOutputWith return o } +func (o SecretBackendConfigUrlsMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendConfigUrls] { + return pulumix.Output[map[string]*SecretBackendConfigUrls]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendConfigUrlsMapOutput) MapIndex(k pulumi.StringInput) SecretBackendConfigUrlsOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretBackendConfigUrls { return vs[0].(map[string]*SecretBackendConfigUrls)[vs[1].(string)] diff --git a/sdk/go/vault/pkisecret/secretBackendCrlConfig.go b/sdk/go/vault/pkisecret/secretBackendCrlConfig.go index fa48b0d59..b4b086104 100644 --- a/sdk/go/vault/pkisecret/secretBackendCrlConfig.go +++ b/sdk/go/vault/pkisecret/secretBackendCrlConfig.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Allows setting the duration for which the generated CRL should be marked valid. If the CRL is disabled, it will return a signed but zero-length CRL for any request. If enabled, it will re-build the CRL. @@ -97,6 +99,7 @@ func NewSecretBackendCrlConfig(ctx *pulumi.Context, if args.Backend == nil { return nil, errors.New("invalid value for required argument 'Backend'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretBackendCrlConfig err := ctx.RegisterResource("vault:pkiSecret/secretBackendCrlConfig:SecretBackendCrlConfig", name, args, &resource, opts...) if err != nil { @@ -286,6 +289,12 @@ func (i *SecretBackendCrlConfig) ToSecretBackendCrlConfigOutputWithContext(ctx c return pulumi.ToOutputWithContext(ctx, i).(SecretBackendCrlConfigOutput) } +func (i *SecretBackendCrlConfig) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendCrlConfig] { + return pulumix.Output[*SecretBackendCrlConfig]{ + OutputState: i.ToSecretBackendCrlConfigOutputWithContext(ctx).OutputState, + } +} + // SecretBackendCrlConfigArrayInput is an input type that accepts SecretBackendCrlConfigArray and SecretBackendCrlConfigArrayOutput values. // You can construct a concrete instance of `SecretBackendCrlConfigArrayInput` via: // @@ -311,6 +320,12 @@ func (i SecretBackendCrlConfigArray) ToSecretBackendCrlConfigArrayOutputWithCont return pulumi.ToOutputWithContext(ctx, i).(SecretBackendCrlConfigArrayOutput) } +func (i SecretBackendCrlConfigArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendCrlConfig] { + return pulumix.Output[[]*SecretBackendCrlConfig]{ + OutputState: i.ToSecretBackendCrlConfigArrayOutputWithContext(ctx).OutputState, + } +} + // SecretBackendCrlConfigMapInput is an input type that accepts SecretBackendCrlConfigMap and SecretBackendCrlConfigMapOutput values. // You can construct a concrete instance of `SecretBackendCrlConfigMapInput` via: // @@ -336,6 +351,12 @@ func (i SecretBackendCrlConfigMap) ToSecretBackendCrlConfigMapOutputWithContext( return pulumi.ToOutputWithContext(ctx, i).(SecretBackendCrlConfigMapOutput) } +func (i SecretBackendCrlConfigMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendCrlConfig] { + return pulumix.Output[map[string]*SecretBackendCrlConfig]{ + OutputState: i.ToSecretBackendCrlConfigMapOutputWithContext(ctx).OutputState, + } +} + type SecretBackendCrlConfigOutput struct{ *pulumi.OutputState } func (SecretBackendCrlConfigOutput) ElementType() reflect.Type { @@ -350,6 +371,12 @@ func (o SecretBackendCrlConfigOutput) ToSecretBackendCrlConfigOutputWithContext( return o } +func (o SecretBackendCrlConfigOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendCrlConfig] { + return pulumix.Output[*SecretBackendCrlConfig]{ + OutputState: o.OutputState, + } +} + // Enables periodic rebuilding of the CRL upon expiry. **Vault 1.12+** func (o SecretBackendCrlConfigOutput) AutoRebuild() pulumi.BoolPtrOutput { return o.ApplyT(func(v *SecretBackendCrlConfig) pulumi.BoolPtrOutput { return v.AutoRebuild }).(pulumi.BoolPtrOutput) @@ -435,6 +462,12 @@ func (o SecretBackendCrlConfigArrayOutput) ToSecretBackendCrlConfigArrayOutputWi return o } +func (o SecretBackendCrlConfigArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendCrlConfig] { + return pulumix.Output[[]*SecretBackendCrlConfig]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendCrlConfigArrayOutput) Index(i pulumi.IntInput) SecretBackendCrlConfigOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretBackendCrlConfig { return vs[0].([]*SecretBackendCrlConfig)[vs[1].(int)] @@ -455,6 +488,12 @@ func (o SecretBackendCrlConfigMapOutput) ToSecretBackendCrlConfigMapOutputWithCo return o } +func (o SecretBackendCrlConfigMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendCrlConfig] { + return pulumix.Output[map[string]*SecretBackendCrlConfig]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendCrlConfigMapOutput) MapIndex(k pulumi.StringInput) SecretBackendCrlConfigOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretBackendCrlConfig { return vs[0].(map[string]*SecretBackendCrlConfig)[vs[1].(string)] diff --git a/sdk/go/vault/pkisecret/secretBackendIntermediateCertRequest.go b/sdk/go/vault/pkisecret/secretBackendIntermediateCertRequest.go index 1dc14fdfb..00bc73177 100644 --- a/sdk/go/vault/pkisecret/secretBackendIntermediateCertRequest.go +++ b/sdk/go/vault/pkisecret/secretBackendIntermediateCertRequest.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -133,6 +135,7 @@ func NewSecretBackendIntermediateCertRequest(ctx *pulumi.Context, "privateKey", }) opts = append(opts, secrets) + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretBackendIntermediateCertRequest err := ctx.RegisterResource("vault:pkiSecret/secretBackendIntermediateCertRequest:SecretBackendIntermediateCertRequest", name, args, &resource, opts...) if err != nil { @@ -450,6 +453,12 @@ func (i *SecretBackendIntermediateCertRequest) ToSecretBackendIntermediateCertRe return pulumi.ToOutputWithContext(ctx, i).(SecretBackendIntermediateCertRequestOutput) } +func (i *SecretBackendIntermediateCertRequest) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendIntermediateCertRequest] { + return pulumix.Output[*SecretBackendIntermediateCertRequest]{ + OutputState: i.ToSecretBackendIntermediateCertRequestOutputWithContext(ctx).OutputState, + } +} + // SecretBackendIntermediateCertRequestArrayInput is an input type that accepts SecretBackendIntermediateCertRequestArray and SecretBackendIntermediateCertRequestArrayOutput values. // You can construct a concrete instance of `SecretBackendIntermediateCertRequestArrayInput` via: // @@ -475,6 +484,12 @@ func (i SecretBackendIntermediateCertRequestArray) ToSecretBackendIntermediateCe return pulumi.ToOutputWithContext(ctx, i).(SecretBackendIntermediateCertRequestArrayOutput) } +func (i SecretBackendIntermediateCertRequestArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendIntermediateCertRequest] { + return pulumix.Output[[]*SecretBackendIntermediateCertRequest]{ + OutputState: i.ToSecretBackendIntermediateCertRequestArrayOutputWithContext(ctx).OutputState, + } +} + // SecretBackendIntermediateCertRequestMapInput is an input type that accepts SecretBackendIntermediateCertRequestMap and SecretBackendIntermediateCertRequestMapOutput values. // You can construct a concrete instance of `SecretBackendIntermediateCertRequestMapInput` via: // @@ -500,6 +515,12 @@ func (i SecretBackendIntermediateCertRequestMap) ToSecretBackendIntermediateCert return pulumi.ToOutputWithContext(ctx, i).(SecretBackendIntermediateCertRequestMapOutput) } +func (i SecretBackendIntermediateCertRequestMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendIntermediateCertRequest] { + return pulumix.Output[map[string]*SecretBackendIntermediateCertRequest]{ + OutputState: i.ToSecretBackendIntermediateCertRequestMapOutputWithContext(ctx).OutputState, + } +} + type SecretBackendIntermediateCertRequestOutput struct{ *pulumi.OutputState } func (SecretBackendIntermediateCertRequestOutput) ElementType() reflect.Type { @@ -514,6 +535,12 @@ func (o SecretBackendIntermediateCertRequestOutput) ToSecretBackendIntermediateC return o } +func (o SecretBackendIntermediateCertRequestOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendIntermediateCertRequest] { + return pulumix.Output[*SecretBackendIntermediateCertRequest]{ + OutputState: o.OutputState, + } +} + // Adds a Basic Constraints extension with 'CA: true'. // Only needed as a workaround in some compatibility scenarios with Active Directory // Certificate Services @@ -683,6 +710,12 @@ func (o SecretBackendIntermediateCertRequestArrayOutput) ToSecretBackendIntermed return o } +func (o SecretBackendIntermediateCertRequestArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendIntermediateCertRequest] { + return pulumix.Output[[]*SecretBackendIntermediateCertRequest]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendIntermediateCertRequestArrayOutput) Index(i pulumi.IntInput) SecretBackendIntermediateCertRequestOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretBackendIntermediateCertRequest { return vs[0].([]*SecretBackendIntermediateCertRequest)[vs[1].(int)] @@ -703,6 +736,12 @@ func (o SecretBackendIntermediateCertRequestMapOutput) ToSecretBackendIntermedia return o } +func (o SecretBackendIntermediateCertRequestMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendIntermediateCertRequest] { + return pulumix.Output[map[string]*SecretBackendIntermediateCertRequest]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendIntermediateCertRequestMapOutput) MapIndex(k pulumi.StringInput) SecretBackendIntermediateCertRequestOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretBackendIntermediateCertRequest { return vs[0].(map[string]*SecretBackendIntermediateCertRequest)[vs[1].(string)] diff --git a/sdk/go/vault/pkisecret/secretBackendIntermediateSetSigned.go b/sdk/go/vault/pkisecret/secretBackendIntermediateSetSigned.go index 727955bcf..5cccb0a71 100644 --- a/sdk/go/vault/pkisecret/secretBackendIntermediateSetSigned.go +++ b/sdk/go/vault/pkisecret/secretBackendIntermediateSetSigned.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -134,6 +136,7 @@ func NewSecretBackendIntermediateSetSigned(ctx *pulumi.Context, if args.Certificate == nil { return nil, errors.New("invalid value for required argument 'Certificate'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretBackendIntermediateSetSigned err := ctx.RegisterResource("vault:pkiSecret/secretBackendIntermediateSetSigned:SecretBackendIntermediateSetSigned", name, args, &resource, opts...) if err != nil { @@ -249,6 +252,12 @@ func (i *SecretBackendIntermediateSetSigned) ToSecretBackendIntermediateSetSigne return pulumi.ToOutputWithContext(ctx, i).(SecretBackendIntermediateSetSignedOutput) } +func (i *SecretBackendIntermediateSetSigned) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendIntermediateSetSigned] { + return pulumix.Output[*SecretBackendIntermediateSetSigned]{ + OutputState: i.ToSecretBackendIntermediateSetSignedOutputWithContext(ctx).OutputState, + } +} + // SecretBackendIntermediateSetSignedArrayInput is an input type that accepts SecretBackendIntermediateSetSignedArray and SecretBackendIntermediateSetSignedArrayOutput values. // You can construct a concrete instance of `SecretBackendIntermediateSetSignedArrayInput` via: // @@ -274,6 +283,12 @@ func (i SecretBackendIntermediateSetSignedArray) ToSecretBackendIntermediateSetS return pulumi.ToOutputWithContext(ctx, i).(SecretBackendIntermediateSetSignedArrayOutput) } +func (i SecretBackendIntermediateSetSignedArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendIntermediateSetSigned] { + return pulumix.Output[[]*SecretBackendIntermediateSetSigned]{ + OutputState: i.ToSecretBackendIntermediateSetSignedArrayOutputWithContext(ctx).OutputState, + } +} + // SecretBackendIntermediateSetSignedMapInput is an input type that accepts SecretBackendIntermediateSetSignedMap and SecretBackendIntermediateSetSignedMapOutput values. // You can construct a concrete instance of `SecretBackendIntermediateSetSignedMapInput` via: // @@ -299,6 +314,12 @@ func (i SecretBackendIntermediateSetSignedMap) ToSecretBackendIntermediateSetSig return pulumi.ToOutputWithContext(ctx, i).(SecretBackendIntermediateSetSignedMapOutput) } +func (i SecretBackendIntermediateSetSignedMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendIntermediateSetSigned] { + return pulumix.Output[map[string]*SecretBackendIntermediateSetSigned]{ + OutputState: i.ToSecretBackendIntermediateSetSignedMapOutputWithContext(ctx).OutputState, + } +} + type SecretBackendIntermediateSetSignedOutput struct{ *pulumi.OutputState } func (SecretBackendIntermediateSetSignedOutput) ElementType() reflect.Type { @@ -313,6 +334,12 @@ func (o SecretBackendIntermediateSetSignedOutput) ToSecretBackendIntermediateSet return o } +func (o SecretBackendIntermediateSetSignedOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendIntermediateSetSigned] { + return pulumix.Output[*SecretBackendIntermediateSetSigned]{ + OutputState: o.OutputState, + } +} + // The PKI secret backend the resource belongs to. func (o SecretBackendIntermediateSetSignedOutput) Backend() pulumi.StringOutput { return o.ApplyT(func(v *SecretBackendIntermediateSetSigned) pulumi.StringOutput { return v.Backend }).(pulumi.StringOutput) @@ -358,6 +385,12 @@ func (o SecretBackendIntermediateSetSignedArrayOutput) ToSecretBackendIntermedia return o } +func (o SecretBackendIntermediateSetSignedArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendIntermediateSetSigned] { + return pulumix.Output[[]*SecretBackendIntermediateSetSigned]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendIntermediateSetSignedArrayOutput) Index(i pulumi.IntInput) SecretBackendIntermediateSetSignedOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretBackendIntermediateSetSigned { return vs[0].([]*SecretBackendIntermediateSetSigned)[vs[1].(int)] @@ -378,6 +411,12 @@ func (o SecretBackendIntermediateSetSignedMapOutput) ToSecretBackendIntermediate return o } +func (o SecretBackendIntermediateSetSignedMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendIntermediateSetSigned] { + return pulumix.Output[map[string]*SecretBackendIntermediateSetSigned]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendIntermediateSetSignedMapOutput) MapIndex(k pulumi.StringInput) SecretBackendIntermediateSetSignedOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretBackendIntermediateSetSigned { return vs[0].(map[string]*SecretBackendIntermediateSetSigned)[vs[1].(string)] diff --git a/sdk/go/vault/pkisecret/secretBackendIssuer.go b/sdk/go/vault/pkisecret/secretBackendIssuer.go index e471bce12..730ac6b40 100644 --- a/sdk/go/vault/pkisecret/secretBackendIssuer.go +++ b/sdk/go/vault/pkisecret/secretBackendIssuer.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Manages the lifecycle of an existing issuer on a PKI Secret Backend. This resource does not @@ -126,6 +128,7 @@ func NewSecretBackendIssuer(ctx *pulumi.Context, if args.IssuerRef == nil { return nil, errors.New("invalid value for required argument 'IssuerRef'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretBackendIssuer err := ctx.RegisterResource("vault:pkiSecret/secretBackendIssuer:SecretBackendIssuer", name, args, &resource, opts...) if err != nil { @@ -327,6 +330,12 @@ func (i *SecretBackendIssuer) ToSecretBackendIssuerOutputWithContext(ctx context return pulumi.ToOutputWithContext(ctx, i).(SecretBackendIssuerOutput) } +func (i *SecretBackendIssuer) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendIssuer] { + return pulumix.Output[*SecretBackendIssuer]{ + OutputState: i.ToSecretBackendIssuerOutputWithContext(ctx).OutputState, + } +} + // SecretBackendIssuerArrayInput is an input type that accepts SecretBackendIssuerArray and SecretBackendIssuerArrayOutput values. // You can construct a concrete instance of `SecretBackendIssuerArrayInput` via: // @@ -352,6 +361,12 @@ func (i SecretBackendIssuerArray) ToSecretBackendIssuerArrayOutputWithContext(ct return pulumi.ToOutputWithContext(ctx, i).(SecretBackendIssuerArrayOutput) } +func (i SecretBackendIssuerArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendIssuer] { + return pulumix.Output[[]*SecretBackendIssuer]{ + OutputState: i.ToSecretBackendIssuerArrayOutputWithContext(ctx).OutputState, + } +} + // SecretBackendIssuerMapInput is an input type that accepts SecretBackendIssuerMap and SecretBackendIssuerMapOutput values. // You can construct a concrete instance of `SecretBackendIssuerMapInput` via: // @@ -377,6 +392,12 @@ func (i SecretBackendIssuerMap) ToSecretBackendIssuerMapOutputWithContext(ctx co return pulumi.ToOutputWithContext(ctx, i).(SecretBackendIssuerMapOutput) } +func (i SecretBackendIssuerMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendIssuer] { + return pulumix.Output[map[string]*SecretBackendIssuer]{ + OutputState: i.ToSecretBackendIssuerMapOutputWithContext(ctx).OutputState, + } +} + type SecretBackendIssuerOutput struct{ *pulumi.OutputState } func (SecretBackendIssuerOutput) ElementType() reflect.Type { @@ -391,6 +412,12 @@ func (o SecretBackendIssuerOutput) ToSecretBackendIssuerOutputWithContext(ctx co return o } +func (o SecretBackendIssuerOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendIssuer] { + return pulumix.Output[*SecretBackendIssuer]{ + OutputState: o.OutputState, + } +} + // The path the PKI secret backend is mounted at, with no // leading or trailing `/`s. func (o SecretBackendIssuerOutput) Backend() pulumi.StringOutput { @@ -480,6 +507,12 @@ func (o SecretBackendIssuerArrayOutput) ToSecretBackendIssuerArrayOutputWithCont return o } +func (o SecretBackendIssuerArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendIssuer] { + return pulumix.Output[[]*SecretBackendIssuer]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendIssuerArrayOutput) Index(i pulumi.IntInput) SecretBackendIssuerOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretBackendIssuer { return vs[0].([]*SecretBackendIssuer)[vs[1].(int)] @@ -500,6 +533,12 @@ func (o SecretBackendIssuerMapOutput) ToSecretBackendIssuerMapOutputWithContext( return o } +func (o SecretBackendIssuerMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendIssuer] { + return pulumix.Output[map[string]*SecretBackendIssuer]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendIssuerMapOutput) MapIndex(k pulumi.StringInput) SecretBackendIssuerOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretBackendIssuer { return vs[0].(map[string]*SecretBackendIssuer)[vs[1].(string)] diff --git a/sdk/go/vault/pkisecret/secretBackendKey.go b/sdk/go/vault/pkisecret/secretBackendKey.go index de160d675..25a502d82 100644 --- a/sdk/go/vault/pkisecret/secretBackendKey.go +++ b/sdk/go/vault/pkisecret/secretBackendKey.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Creates a key on a PKI Secret Backend for Vault. @@ -65,6 +67,7 @@ func NewSecretBackendKey(ctx *pulumi.Context, if args.Type == nil { return nil, errors.New("invalid value for required argument 'Type'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretBackendKey err := ctx.RegisterResource("vault:pkiSecret/secretBackendKey:SecretBackendKey", name, args, &resource, opts...) if err != nil { @@ -222,6 +225,12 @@ func (i *SecretBackendKey) ToSecretBackendKeyOutputWithContext(ctx context.Conte return pulumi.ToOutputWithContext(ctx, i).(SecretBackendKeyOutput) } +func (i *SecretBackendKey) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendKey] { + return pulumix.Output[*SecretBackendKey]{ + OutputState: i.ToSecretBackendKeyOutputWithContext(ctx).OutputState, + } +} + // SecretBackendKeyArrayInput is an input type that accepts SecretBackendKeyArray and SecretBackendKeyArrayOutput values. // You can construct a concrete instance of `SecretBackendKeyArrayInput` via: // @@ -247,6 +256,12 @@ func (i SecretBackendKeyArray) ToSecretBackendKeyArrayOutputWithContext(ctx cont return pulumi.ToOutputWithContext(ctx, i).(SecretBackendKeyArrayOutput) } +func (i SecretBackendKeyArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendKey] { + return pulumix.Output[[]*SecretBackendKey]{ + OutputState: i.ToSecretBackendKeyArrayOutputWithContext(ctx).OutputState, + } +} + // SecretBackendKeyMapInput is an input type that accepts SecretBackendKeyMap and SecretBackendKeyMapOutput values. // You can construct a concrete instance of `SecretBackendKeyMapInput` via: // @@ -272,6 +287,12 @@ func (i SecretBackendKeyMap) ToSecretBackendKeyMapOutputWithContext(ctx context. return pulumi.ToOutputWithContext(ctx, i).(SecretBackendKeyMapOutput) } +func (i SecretBackendKeyMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendKey] { + return pulumix.Output[map[string]*SecretBackendKey]{ + OutputState: i.ToSecretBackendKeyMapOutputWithContext(ctx).OutputState, + } +} + type SecretBackendKeyOutput struct{ *pulumi.OutputState } func (SecretBackendKeyOutput) ElementType() reflect.Type { @@ -286,6 +307,12 @@ func (o SecretBackendKeyOutput) ToSecretBackendKeyOutputWithContext(ctx context. return o } +func (o SecretBackendKeyOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendKey] { + return pulumix.Output[*SecretBackendKey]{ + OutputState: o.OutputState, + } +} + // The path the PKI secret backend is mounted at, with no leading or trailing `/`s. func (o SecretBackendKeyOutput) Backend() pulumi.StringOutput { return o.ApplyT(func(v *SecretBackendKey) pulumi.StringOutput { return v.Backend }).(pulumi.StringOutput) @@ -352,6 +379,12 @@ func (o SecretBackendKeyArrayOutput) ToSecretBackendKeyArrayOutputWithContext(ct return o } +func (o SecretBackendKeyArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendKey] { + return pulumix.Output[[]*SecretBackendKey]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendKeyArrayOutput) Index(i pulumi.IntInput) SecretBackendKeyOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretBackendKey { return vs[0].([]*SecretBackendKey)[vs[1].(int)] @@ -372,6 +405,12 @@ func (o SecretBackendKeyMapOutput) ToSecretBackendKeyMapOutputWithContext(ctx co return o } +func (o SecretBackendKeyMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendKey] { + return pulumix.Output[map[string]*SecretBackendKey]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendKeyMapOutput) MapIndex(k pulumi.StringInput) SecretBackendKeyOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretBackendKey { return vs[0].(map[string]*SecretBackendKey)[vs[1].(string)] diff --git a/sdk/go/vault/pkisecret/secretBackendRole.go b/sdk/go/vault/pkisecret/secretBackendRole.go index 88511cd2b..6da90c540 100644 --- a/sdk/go/vault/pkisecret/secretBackendRole.go +++ b/sdk/go/vault/pkisecret/secretBackendRole.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Creates a role on an PKI Secret Backend for Vault. @@ -149,6 +151,8 @@ type SecretBackendRole struct { OrganizationUnit pulumi.StringArrayOutput `pulumi:"organizationUnit"` // The organization of generated certificates Organizations pulumi.StringArrayOutput `pulumi:"organizations"` + // (Vault 1.11+ only) A block for specifying policy identifers. The `policyIdentifier` block can be repeated, and supports the following arguments: + PolicyIdentifier SecretBackendRolePolicyIdentifierArrayOutput `pulumi:"policyIdentifier"` // Specify the list of allowed policies OIDs. Use with Vault 1.10 or before. For Vault 1.11+, use `policyIdentifier` blocks instead PolicyIdentifiers pulumi.StringArrayOutput `pulumi:"policyIdentifiers"` // The postal code of generated certificates @@ -179,6 +183,7 @@ func NewSecretBackendRole(ctx *pulumi.Context, if args.Backend == nil { return nil, errors.New("invalid value for required argument 'Backend'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretBackendRole err := ctx.RegisterResource("vault:pkiSecret/secretBackendRole:SecretBackendRole", name, args, &resource, opts...) if err != nil { @@ -280,6 +285,8 @@ type secretBackendRoleState struct { OrganizationUnit []string `pulumi:"organizationUnit"` // The organization of generated certificates Organizations []string `pulumi:"organizations"` + // (Vault 1.11+ only) A block for specifying policy identifers. The `policyIdentifier` block can be repeated, and supports the following arguments: + PolicyIdentifier []SecretBackendRolePolicyIdentifier `pulumi:"policyIdentifier"` // Specify the list of allowed policies OIDs. Use with Vault 1.10 or before. For Vault 1.11+, use `policyIdentifier` blocks instead PolicyIdentifiers []string `pulumi:"policyIdentifiers"` // The postal code of generated certificates @@ -380,6 +387,8 @@ type SecretBackendRoleState struct { OrganizationUnit pulumi.StringArrayInput // The organization of generated certificates Organizations pulumi.StringArrayInput + // (Vault 1.11+ only) A block for specifying policy identifers. The `policyIdentifier` block can be repeated, and supports the following arguments: + PolicyIdentifier SecretBackendRolePolicyIdentifierArrayInput // Specify the list of allowed policies OIDs. Use with Vault 1.10 or before. For Vault 1.11+, use `policyIdentifier` blocks instead PolicyIdentifiers pulumi.StringArrayInput // The postal code of generated certificates @@ -484,6 +493,8 @@ type secretBackendRoleArgs struct { OrganizationUnit []string `pulumi:"organizationUnit"` // The organization of generated certificates Organizations []string `pulumi:"organizations"` + // (Vault 1.11+ only) A block for specifying policy identifers. The `policyIdentifier` block can be repeated, and supports the following arguments: + PolicyIdentifier []SecretBackendRolePolicyIdentifier `pulumi:"policyIdentifier"` // Specify the list of allowed policies OIDs. Use with Vault 1.10 or before. For Vault 1.11+, use `policyIdentifier` blocks instead PolicyIdentifiers []string `pulumi:"policyIdentifiers"` // The postal code of generated certificates @@ -585,6 +596,8 @@ type SecretBackendRoleArgs struct { OrganizationUnit pulumi.StringArrayInput // The organization of generated certificates Organizations pulumi.StringArrayInput + // (Vault 1.11+ only) A block for specifying policy identifers. The `policyIdentifier` block can be repeated, and supports the following arguments: + PolicyIdentifier SecretBackendRolePolicyIdentifierArrayInput // Specify the list of allowed policies OIDs. Use with Vault 1.10 or before. For Vault 1.11+, use `policyIdentifier` blocks instead PolicyIdentifiers pulumi.StringArrayInput // The postal code of generated certificates @@ -628,6 +641,12 @@ func (i *SecretBackendRole) ToSecretBackendRoleOutputWithContext(ctx context.Con return pulumi.ToOutputWithContext(ctx, i).(SecretBackendRoleOutput) } +func (i *SecretBackendRole) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendRole] { + return pulumix.Output[*SecretBackendRole]{ + OutputState: i.ToSecretBackendRoleOutputWithContext(ctx).OutputState, + } +} + // SecretBackendRoleArrayInput is an input type that accepts SecretBackendRoleArray and SecretBackendRoleArrayOutput values. // You can construct a concrete instance of `SecretBackendRoleArrayInput` via: // @@ -653,6 +672,12 @@ func (i SecretBackendRoleArray) ToSecretBackendRoleArrayOutputWithContext(ctx co return pulumi.ToOutputWithContext(ctx, i).(SecretBackendRoleArrayOutput) } +func (i SecretBackendRoleArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendRole] { + return pulumix.Output[[]*SecretBackendRole]{ + OutputState: i.ToSecretBackendRoleArrayOutputWithContext(ctx).OutputState, + } +} + // SecretBackendRoleMapInput is an input type that accepts SecretBackendRoleMap and SecretBackendRoleMapOutput values. // You can construct a concrete instance of `SecretBackendRoleMapInput` via: // @@ -678,6 +703,12 @@ func (i SecretBackendRoleMap) ToSecretBackendRoleMapOutputWithContext(ctx contex return pulumi.ToOutputWithContext(ctx, i).(SecretBackendRoleMapOutput) } +func (i SecretBackendRoleMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendRole] { + return pulumix.Output[map[string]*SecretBackendRole]{ + OutputState: i.ToSecretBackendRoleMapOutputWithContext(ctx).OutputState, + } +} + type SecretBackendRoleOutput struct{ *pulumi.OutputState } func (SecretBackendRoleOutput) ElementType() reflect.Type { @@ -692,6 +723,12 @@ func (o SecretBackendRoleOutput) ToSecretBackendRoleOutputWithContext(ctx contex return o } +func (o SecretBackendRoleOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendRole] { + return pulumix.Output[*SecretBackendRole]{ + OutputState: o.OutputState, + } +} + // Flag to allow any name func (o SecretBackendRoleOutput) AllowAnyName() pulumi.BoolPtrOutput { return o.ApplyT(func(v *SecretBackendRole) pulumi.BoolPtrOutput { return v.AllowAnyName }).(pulumi.BoolPtrOutput) @@ -876,6 +913,11 @@ func (o SecretBackendRoleOutput) Organizations() pulumi.StringArrayOutput { return o.ApplyT(func(v *SecretBackendRole) pulumi.StringArrayOutput { return v.Organizations }).(pulumi.StringArrayOutput) } +// (Vault 1.11+ only) A block for specifying policy identifers. The `policyIdentifier` block can be repeated, and supports the following arguments: +func (o SecretBackendRoleOutput) PolicyIdentifier() SecretBackendRolePolicyIdentifierArrayOutput { + return o.ApplyT(func(v *SecretBackendRole) SecretBackendRolePolicyIdentifierArrayOutput { return v.PolicyIdentifier }).(SecretBackendRolePolicyIdentifierArrayOutput) +} + // Specify the list of allowed policies OIDs. Use with Vault 1.10 or before. For Vault 1.11+, use `policyIdentifier` blocks instead func (o SecretBackendRoleOutput) PolicyIdentifiers() pulumi.StringArrayOutput { return o.ApplyT(func(v *SecretBackendRole) pulumi.StringArrayOutput { return v.PolicyIdentifiers }).(pulumi.StringArrayOutput) @@ -935,6 +977,12 @@ func (o SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutputWithContext( return o } +func (o SecretBackendRoleArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendRole] { + return pulumix.Output[[]*SecretBackendRole]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendRoleArrayOutput) Index(i pulumi.IntInput) SecretBackendRoleOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretBackendRole { return vs[0].([]*SecretBackendRole)[vs[1].(int)] @@ -955,6 +1003,12 @@ func (o SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutputWithContext(ctx return o } +func (o SecretBackendRoleMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendRole] { + return pulumix.Output[map[string]*SecretBackendRole]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendRoleMapOutput) MapIndex(k pulumi.StringInput) SecretBackendRoleOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretBackendRole { return vs[0].(map[string]*SecretBackendRole)[vs[1].(string)] diff --git a/sdk/go/vault/pkisecret/secretBackendRootCert.go b/sdk/go/vault/pkisecret/secretBackendRootCert.go index 03f2f29da..7c6b45dc6 100644 --- a/sdk/go/vault/pkisecret/secretBackendRootCert.go +++ b/sdk/go/vault/pkisecret/secretBackendRootCert.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -148,6 +150,7 @@ func NewSecretBackendRootCert(ctx *pulumi.Context, if args.Type == nil { return nil, errors.New("invalid value for required argument 'Type'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretBackendRootCert err := ctx.RegisterResource("vault:pkiSecret/secretBackendRootCert:SecretBackendRootCert", name, args, &resource, opts...) if err != nil { @@ -497,6 +500,12 @@ func (i *SecretBackendRootCert) ToSecretBackendRootCertOutputWithContext(ctx con return pulumi.ToOutputWithContext(ctx, i).(SecretBackendRootCertOutput) } +func (i *SecretBackendRootCert) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendRootCert] { + return pulumix.Output[*SecretBackendRootCert]{ + OutputState: i.ToSecretBackendRootCertOutputWithContext(ctx).OutputState, + } +} + // SecretBackendRootCertArrayInput is an input type that accepts SecretBackendRootCertArray and SecretBackendRootCertArrayOutput values. // You can construct a concrete instance of `SecretBackendRootCertArrayInput` via: // @@ -522,6 +531,12 @@ func (i SecretBackendRootCertArray) ToSecretBackendRootCertArrayOutputWithContex return pulumi.ToOutputWithContext(ctx, i).(SecretBackendRootCertArrayOutput) } +func (i SecretBackendRootCertArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendRootCert] { + return pulumix.Output[[]*SecretBackendRootCert]{ + OutputState: i.ToSecretBackendRootCertArrayOutputWithContext(ctx).OutputState, + } +} + // SecretBackendRootCertMapInput is an input type that accepts SecretBackendRootCertMap and SecretBackendRootCertMapOutput values. // You can construct a concrete instance of `SecretBackendRootCertMapInput` via: // @@ -547,6 +562,12 @@ func (i SecretBackendRootCertMap) ToSecretBackendRootCertMapOutputWithContext(ct return pulumi.ToOutputWithContext(ctx, i).(SecretBackendRootCertMapOutput) } +func (i SecretBackendRootCertMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendRootCert] { + return pulumix.Output[map[string]*SecretBackendRootCert]{ + OutputState: i.ToSecretBackendRootCertMapOutputWithContext(ctx).OutputState, + } +} + type SecretBackendRootCertOutput struct{ *pulumi.OutputState } func (SecretBackendRootCertOutput) ElementType() reflect.Type { @@ -561,6 +582,12 @@ func (o SecretBackendRootCertOutput) ToSecretBackendRootCertOutputWithContext(ct return o } +func (o SecretBackendRootCertOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendRootCert] { + return pulumix.Output[*SecretBackendRootCert]{ + OutputState: o.OutputState, + } +} + // List of alternative names func (o SecretBackendRootCertOutput) AltNames() pulumi.StringArrayOutput { return o.ApplyT(func(v *SecretBackendRootCert) pulumi.StringArrayOutput { return v.AltNames }).(pulumi.StringArrayOutput) @@ -756,6 +783,12 @@ func (o SecretBackendRootCertArrayOutput) ToSecretBackendRootCertArrayOutputWith return o } +func (o SecretBackendRootCertArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendRootCert] { + return pulumix.Output[[]*SecretBackendRootCert]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendRootCertArrayOutput) Index(i pulumi.IntInput) SecretBackendRootCertOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretBackendRootCert { return vs[0].([]*SecretBackendRootCert)[vs[1].(int)] @@ -776,6 +809,12 @@ func (o SecretBackendRootCertMapOutput) ToSecretBackendRootCertMapOutputWithCont return o } +func (o SecretBackendRootCertMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendRootCert] { + return pulumix.Output[map[string]*SecretBackendRootCert]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendRootCertMapOutput) MapIndex(k pulumi.StringInput) SecretBackendRootCertOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretBackendRootCert { return vs[0].(map[string]*SecretBackendRootCert)[vs[1].(string)] diff --git a/sdk/go/vault/pkisecret/secretBackendRootSignIntermediate.go b/sdk/go/vault/pkisecret/secretBackendRootSignIntermediate.go index d005e06f4..a537a61c7 100644 --- a/sdk/go/vault/pkisecret/secretBackendRootSignIntermediate.go +++ b/sdk/go/vault/pkisecret/secretBackendRootSignIntermediate.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Creates PKI certificate. @@ -136,6 +138,7 @@ func NewSecretBackendRootSignIntermediate(ctx *pulumi.Context, if args.Csr == nil { return nil, errors.New("invalid value for required argument 'Csr'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretBackendRootSignIntermediate err := ctx.RegisterResource("vault:pkiSecret/secretBackendRootSignIntermediate:SecretBackendRootSignIntermediate", name, args, &resource, opts...) if err != nil { @@ -435,6 +438,12 @@ func (i *SecretBackendRootSignIntermediate) ToSecretBackendRootSignIntermediateO return pulumi.ToOutputWithContext(ctx, i).(SecretBackendRootSignIntermediateOutput) } +func (i *SecretBackendRootSignIntermediate) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendRootSignIntermediate] { + return pulumix.Output[*SecretBackendRootSignIntermediate]{ + OutputState: i.ToSecretBackendRootSignIntermediateOutputWithContext(ctx).OutputState, + } +} + // SecretBackendRootSignIntermediateArrayInput is an input type that accepts SecretBackendRootSignIntermediateArray and SecretBackendRootSignIntermediateArrayOutput values. // You can construct a concrete instance of `SecretBackendRootSignIntermediateArrayInput` via: // @@ -460,6 +469,12 @@ func (i SecretBackendRootSignIntermediateArray) ToSecretBackendRootSignIntermedi return pulumi.ToOutputWithContext(ctx, i).(SecretBackendRootSignIntermediateArrayOutput) } +func (i SecretBackendRootSignIntermediateArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendRootSignIntermediate] { + return pulumix.Output[[]*SecretBackendRootSignIntermediate]{ + OutputState: i.ToSecretBackendRootSignIntermediateArrayOutputWithContext(ctx).OutputState, + } +} + // SecretBackendRootSignIntermediateMapInput is an input type that accepts SecretBackendRootSignIntermediateMap and SecretBackendRootSignIntermediateMapOutput values. // You can construct a concrete instance of `SecretBackendRootSignIntermediateMapInput` via: // @@ -485,6 +500,12 @@ func (i SecretBackendRootSignIntermediateMap) ToSecretBackendRootSignIntermediat return pulumi.ToOutputWithContext(ctx, i).(SecretBackendRootSignIntermediateMapOutput) } +func (i SecretBackendRootSignIntermediateMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendRootSignIntermediate] { + return pulumix.Output[map[string]*SecretBackendRootSignIntermediate]{ + OutputState: i.ToSecretBackendRootSignIntermediateMapOutputWithContext(ctx).OutputState, + } +} + type SecretBackendRootSignIntermediateOutput struct{ *pulumi.OutputState } func (SecretBackendRootSignIntermediateOutput) ElementType() reflect.Type { @@ -499,6 +520,12 @@ func (o SecretBackendRootSignIntermediateOutput) ToSecretBackendRootSignIntermed return o } +func (o SecretBackendRootSignIntermediateOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendRootSignIntermediate] { + return pulumix.Output[*SecretBackendRootSignIntermediate]{ + OutputState: o.OutputState, + } +} + // List of alternative names func (o SecretBackendRootSignIntermediateOutput) AltNames() pulumi.StringArrayOutput { return o.ApplyT(func(v *SecretBackendRootSignIntermediate) pulumi.StringArrayOutput { return v.AltNames }).(pulumi.StringArrayOutput) @@ -667,6 +694,12 @@ func (o SecretBackendRootSignIntermediateArrayOutput) ToSecretBackendRootSignInt return o } +func (o SecretBackendRootSignIntermediateArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendRootSignIntermediate] { + return pulumix.Output[[]*SecretBackendRootSignIntermediate]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendRootSignIntermediateArrayOutput) Index(i pulumi.IntInput) SecretBackendRootSignIntermediateOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretBackendRootSignIntermediate { return vs[0].([]*SecretBackendRootSignIntermediate)[vs[1].(int)] @@ -687,6 +720,12 @@ func (o SecretBackendRootSignIntermediateMapOutput) ToSecretBackendRootSignInter return o } +func (o SecretBackendRootSignIntermediateMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendRootSignIntermediate] { + return pulumix.Output[map[string]*SecretBackendRootSignIntermediate]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendRootSignIntermediateMapOutput) MapIndex(k pulumi.StringInput) SecretBackendRootSignIntermediateOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretBackendRootSignIntermediate { return vs[0].(map[string]*SecretBackendRootSignIntermediate)[vs[1].(string)] diff --git a/sdk/go/vault/pkisecret/secretBackendSign.go b/sdk/go/vault/pkisecret/secretBackendSign.go index 3ba256688..35a8c16cd 100644 --- a/sdk/go/vault/pkisecret/secretBackendSign.go +++ b/sdk/go/vault/pkisecret/secretBackendSign.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -26,8 +28,37 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // _, err := pkiSecret.NewSecretBackendSign(ctx, "test", &pkiSecret.SecretBackendSignArgs{ -// Backend: pulumi.Any(vault_mount.Pki.Path), -// Csr: pulumi.String("-----BEGIN CERTIFICATE REQUEST-----\nMIIEqDCCApACAQAwYzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx\nITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEcMBoGA1UEAwwTY2Vy\ndC50ZXN0Lm15LmRvbWFpbjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB\nAJupYCQ8UVCWII1Zof1c6YcSSaM9hEaDU78cfKP5RoSeH10BvrWRfT+mzCONVpNP\nCW9Iabtvk6hm0ot6ilnndEyVJbc0g7hdDLBX5BM25D+DGZGJRKUz1V+uBrWmXtIt\nVonj7JTDTe7ViH0GDsB7CvqXFGXO2a2cDYBchLkL6vQiFPshxvUsLtwxuy/qdYgy\nX6ya+AUoZcoQGy1XxNjfH6cPtWSWQGEp1oPR6vL9hU3laTZb3C+VV4jZem+he8/0\nV+qV6fLG92WTXm2hmf8nrtUqqJ+C7mW/RJod+TviviBadIX0OHXW7k5HVsZood01\nte8vMRUNJNiZfa9EMIK5oncbQn0LcM3Wo9VrjpL7jREb/4HCS2gswYGv7hzk9cCS\nkVY4rDucchKbApuI3kfzmO7GFOF5eiSkYZpY/czNn7VVM3WCu6dpOX4+3rhgrZQw\nkY14L930DaLVRUgve/zKVP2D2GHdEOs+MbV7s96UgigT9pXly/yHPj+1sSYqmnaD\n5b7jSeJusmzO/nrwXVGLsnezR87VzHl9Ux9g5s6zh+R+PrZuVxYsLvoUpaasH47O\ngIcBzSb/6pSGZKAUizmYsHsR1k88dAvsQ+FsUDaNokdi9VndEB4QPmiFmjyLV+0I\n1TFoXop4sW11NPz1YCq+IxnYrEaIN3PyhY0GvBJDFY1/AgMBAAGgADANBgkqhkiG\n9w0BAQsFAAOCAgEActuqnqS8Y9UF7e08w7tR3FPzGecWreuvxILrlFEZJxiLPFqL\nIt7uJvtypCVQvz6UQzKdBYO7tMpRaWViB8DrWzXNZjLMrg+QHcpveg8C0Ett4scG\nfnvLk6fTDFYrnGvwHTqiHos5i0y3bFLyS1BGwSpdLAykGtvC+VM8mRyw/Y7CPcKN\n77kebY/9xduW1g2uxWLr0x90RuQDv9psPojT+59tRLGSp5Kt0IeD3QtnAZEFE4aN\nvt+Pd69eg3BgZ8ZeDgoqAw3yppvOkpAFiE5pw2qPZaM4SRphl4d2Lek2zNIMyZqv\ndo5zh356HOgXtDaSg0POnRGrN/Ua+LMCRTg6GEPUnx9uQb/zt8Zu0hIexDGyykp1\nOGqtWlv/Nc8UYuS38v0BeB6bMPeoqQUjkqs8nHlAEFn0KlgYdtDC+7SdQx6wS4te\ndBKRNDfC4lS3jYJgs55jHqonZgkpSi3bamlxpfpW0ukGBcmq91wRe4bOw/4uD/vf\nUwqMWOdCYcU3mdYNjTWy22ORW3SGFQxMBwpUEURCSoeqWr6aJeQ7KAYkx1PrB5T8\nOTEc13lWf+B0PU9UJuGTsmpIuImPDVd0EVDayr3mT5dDbqTVDbe8ppf2IswABmf0\no3DybUeUmknYjl109rdSf+76nuREICHatxXgN3xCMFuBaN4WLO+ksd6Y1Ys=\n-----END CERTIFICATE REQUEST-----\n"), +// Backend: pulumi.Any(vault_mount.Pki.Path), +// Csr: pulumi.String(`-----BEGIN CERTIFICATE REQUEST----- +// +// MIIEqDCCApACAQAwYzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx +// ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEcMBoGA1UEAwwTY2Vy +// dC50ZXN0Lm15LmRvbWFpbjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB +// AJupYCQ8UVCWII1Zof1c6YcSSaM9hEaDU78cfKP5RoSeH10BvrWRfT+mzCONVpNP +// CW9Iabtvk6hm0ot6ilnndEyVJbc0g7hdDLBX5BM25D+DGZGJRKUz1V+uBrWmXtIt +// Vonj7JTDTe7ViH0GDsB7CvqXFGXO2a2cDYBchLkL6vQiFPshxvUsLtwxuy/qdYgy +// X6ya+AUoZcoQGy1XxNjfH6cPtWSWQGEp1oPR6vL9hU3laTZb3C+VV4jZem+he8/0 +// V+qV6fLG92WTXm2hmf8nrtUqqJ+C7mW/RJod+TviviBadIX0OHXW7k5HVsZood01 +// te8vMRUNJNiZfa9EMIK5oncbQn0LcM3Wo9VrjpL7jREb/4HCS2gswYGv7hzk9cCS +// kVY4rDucchKbApuI3kfzmO7GFOF5eiSkYZpY/czNn7VVM3WCu6dpOX4+3rhgrZQw +// kY14L930DaLVRUgve/zKVP2D2GHdEOs+MbV7s96UgigT9pXly/yHPj+1sSYqmnaD +// 5b7jSeJusmzO/nrwXVGLsnezR87VzHl9Ux9g5s6zh+R+PrZuVxYsLvoUpaasH47O +// gIcBzSb/6pSGZKAUizmYsHsR1k88dAvsQ+FsUDaNokdi9VndEB4QPmiFmjyLV+0I +// 1TFoXop4sW11NPz1YCq+IxnYrEaIN3PyhY0GvBJDFY1/AgMBAAGgADANBgkqhkiG +// 9w0BAQsFAAOCAgEActuqnqS8Y9UF7e08w7tR3FPzGecWreuvxILrlFEZJxiLPFqL +// It7uJvtypCVQvz6UQzKdBYO7tMpRaWViB8DrWzXNZjLMrg+QHcpveg8C0Ett4scG +// fnvLk6fTDFYrnGvwHTqiHos5i0y3bFLyS1BGwSpdLAykGtvC+VM8mRyw/Y7CPcKN +// 77kebY/9xduW1g2uxWLr0x90RuQDv9psPojT+59tRLGSp5Kt0IeD3QtnAZEFE4aN +// vt+Pd69eg3BgZ8ZeDgoqAw3yppvOkpAFiE5pw2qPZaM4SRphl4d2Lek2zNIMyZqv +// do5zh356HOgXtDaSg0POnRGrN/Ua+LMCRTg6GEPUnx9uQb/zt8Zu0hIexDGyykp1 +// OGqtWlv/Nc8UYuS38v0BeB6bMPeoqQUjkqs8nHlAEFn0KlgYdtDC+7SdQx6wS4te +// dBKRNDfC4lS3jYJgs55jHqonZgkpSi3bamlxpfpW0ukGBcmq91wRe4bOw/4uD/vf +// UwqMWOdCYcU3mdYNjTWy22ORW3SGFQxMBwpUEURCSoeqWr6aJeQ7KAYkx1PrB5T8 +// OTEc13lWf+B0PU9UJuGTsmpIuImPDVd0EVDayr3mT5dDbqTVDbe8ppf2IswABmf0 +// o3DybUeUmknYjl109rdSf+76nuREICHatxXgN3xCMFuBaN4WLO+ksd6Y1Ys= +// -----END CERTIFICATE REQUEST----- +// `), +// // CommonName: pulumi.String("test.my.domain"), // }, pulumi.DependsOn([]pulumi.Resource{ // vault_pki_secret_backend_role.Admin, @@ -116,6 +147,7 @@ func NewSecretBackendSign(ctx *pulumi.Context, if args.Csr == nil { return nil, errors.New("invalid value for required argument 'Csr'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretBackendSign err := ctx.RegisterResource("vault:pkiSecret/secretBackendSign:SecretBackendSign", name, args, &resource, opts...) if err != nil { @@ -353,6 +385,12 @@ func (i *SecretBackendSign) ToSecretBackendSignOutputWithContext(ctx context.Con return pulumi.ToOutputWithContext(ctx, i).(SecretBackendSignOutput) } +func (i *SecretBackendSign) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendSign] { + return pulumix.Output[*SecretBackendSign]{ + OutputState: i.ToSecretBackendSignOutputWithContext(ctx).OutputState, + } +} + // SecretBackendSignArrayInput is an input type that accepts SecretBackendSignArray and SecretBackendSignArrayOutput values. // You can construct a concrete instance of `SecretBackendSignArrayInput` via: // @@ -378,6 +416,12 @@ func (i SecretBackendSignArray) ToSecretBackendSignArrayOutputWithContext(ctx co return pulumi.ToOutputWithContext(ctx, i).(SecretBackendSignArrayOutput) } +func (i SecretBackendSignArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendSign] { + return pulumix.Output[[]*SecretBackendSign]{ + OutputState: i.ToSecretBackendSignArrayOutputWithContext(ctx).OutputState, + } +} + // SecretBackendSignMapInput is an input type that accepts SecretBackendSignMap and SecretBackendSignMapOutput values. // You can construct a concrete instance of `SecretBackendSignMapInput` via: // @@ -403,6 +447,12 @@ func (i SecretBackendSignMap) ToSecretBackendSignMapOutputWithContext(ctx contex return pulumi.ToOutputWithContext(ctx, i).(SecretBackendSignMapOutput) } +func (i SecretBackendSignMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendSign] { + return pulumix.Output[map[string]*SecretBackendSign]{ + OutputState: i.ToSecretBackendSignMapOutputWithContext(ctx).OutputState, + } +} + type SecretBackendSignOutput struct{ *pulumi.OutputState } func (SecretBackendSignOutput) ElementType() reflect.Type { @@ -417,6 +467,12 @@ func (o SecretBackendSignOutput) ToSecretBackendSignOutputWithContext(ctx contex return o } +func (o SecretBackendSignOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendSign] { + return pulumix.Output[*SecretBackendSign]{ + OutputState: o.OutputState, + } +} + // List of alternative names func (o SecretBackendSignOutput) AltNames() pulumi.StringArrayOutput { return o.ApplyT(func(v *SecretBackendSign) pulumi.StringArrayOutput { return v.AltNames }).(pulumi.StringArrayOutput) @@ -549,6 +605,12 @@ func (o SecretBackendSignArrayOutput) ToSecretBackendSignArrayOutputWithContext( return o } +func (o SecretBackendSignArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendSign] { + return pulumix.Output[[]*SecretBackendSign]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendSignArrayOutput) Index(i pulumi.IntInput) SecretBackendSignOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretBackendSign { return vs[0].([]*SecretBackendSign)[vs[1].(int)] @@ -569,6 +631,12 @@ func (o SecretBackendSignMapOutput) ToSecretBackendSignMapOutputWithContext(ctx return o } +func (o SecretBackendSignMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendSign] { + return pulumix.Output[map[string]*SecretBackendSign]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendSignMapOutput) MapIndex(k pulumi.StringInput) SecretBackendSignOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretBackendSign { return vs[0].(map[string]*SecretBackendSign)[vs[1].(string)] diff --git a/sdk/go/vault/policy.go b/sdk/go/vault/policy.go index fd5d342f5..93c26547d 100644 --- a/sdk/go/vault/policy.go +++ b/sdk/go/vault/policy.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Import @@ -44,6 +46,7 @@ func NewPolicy(ctx *pulumi.Context, if args.Policy == nil { return nil, errors.New("invalid value for required argument 'Policy'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource Policy err := ctx.RegisterResource("vault:index/policy:Policy", name, args, &resource, opts...) if err != nil { @@ -141,6 +144,12 @@ func (i *Policy) ToPolicyOutputWithContext(ctx context.Context) PolicyOutput { return pulumi.ToOutputWithContext(ctx, i).(PolicyOutput) } +func (i *Policy) ToOutput(ctx context.Context) pulumix.Output[*Policy] { + return pulumix.Output[*Policy]{ + OutputState: i.ToPolicyOutputWithContext(ctx).OutputState, + } +} + // PolicyArrayInput is an input type that accepts PolicyArray and PolicyArrayOutput values. // You can construct a concrete instance of `PolicyArrayInput` via: // @@ -166,6 +175,12 @@ func (i PolicyArray) ToPolicyArrayOutputWithContext(ctx context.Context) PolicyA return pulumi.ToOutputWithContext(ctx, i).(PolicyArrayOutput) } +func (i PolicyArray) ToOutput(ctx context.Context) pulumix.Output[[]*Policy] { + return pulumix.Output[[]*Policy]{ + OutputState: i.ToPolicyArrayOutputWithContext(ctx).OutputState, + } +} + // PolicyMapInput is an input type that accepts PolicyMap and PolicyMapOutput values. // You can construct a concrete instance of `PolicyMapInput` via: // @@ -191,6 +206,12 @@ func (i PolicyMap) ToPolicyMapOutputWithContext(ctx context.Context) PolicyMapOu return pulumi.ToOutputWithContext(ctx, i).(PolicyMapOutput) } +func (i PolicyMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*Policy] { + return pulumix.Output[map[string]*Policy]{ + OutputState: i.ToPolicyMapOutputWithContext(ctx).OutputState, + } +} + type PolicyOutput struct{ *pulumi.OutputState } func (PolicyOutput) ElementType() reflect.Type { @@ -205,6 +226,12 @@ func (o PolicyOutput) ToPolicyOutputWithContext(ctx context.Context) PolicyOutpu return o } +func (o PolicyOutput) ToOutput(ctx context.Context) pulumix.Output[*Policy] { + return pulumix.Output[*Policy]{ + OutputState: o.OutputState, + } +} + // The name of the policy func (o PolicyOutput) Name() pulumi.StringOutput { return o.ApplyT(func(v *Policy) pulumi.StringOutput { return v.Name }).(pulumi.StringOutput) @@ -237,6 +264,12 @@ func (o PolicyArrayOutput) ToPolicyArrayOutputWithContext(ctx context.Context) P return o } +func (o PolicyArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*Policy] { + return pulumix.Output[[]*Policy]{ + OutputState: o.OutputState, + } +} + func (o PolicyArrayOutput) Index(i pulumi.IntInput) PolicyOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *Policy { return vs[0].([]*Policy)[vs[1].(int)] @@ -257,6 +290,12 @@ func (o PolicyMapOutput) ToPolicyMapOutputWithContext(ctx context.Context) Polic return o } +func (o PolicyMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*Policy] { + return pulumix.Output[map[string]*Policy]{ + OutputState: o.OutputState, + } +} + func (o PolicyMapOutput) MapIndex(k pulumi.StringInput) PolicyOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *Policy { return vs[0].(map[string]*Policy)[vs[1].(string)] diff --git a/sdk/go/vault/provider.go b/sdk/go/vault/provider.go index a74ae1b74..d2bd16e5c 100644 --- a/sdk/go/vault/provider.go +++ b/sdk/go/vault/provider.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // The provider type for the vault package. By default, resources use package-wide configuration @@ -51,15 +53,25 @@ func NewProvider(ctx *pulumi.Context, if args.Token == nil { return nil, errors.New("invalid value for required argument 'Token'") } - if isZero(args.MaxLeaseTtlSeconds) { - args.MaxLeaseTtlSeconds = pulumi.IntPtr(getEnvOrDefault(1200, parseEnvInt, "TERRAFORM_VAULT_MAX_TTL").(int)) + if args.MaxLeaseTtlSeconds == nil { + if d := internal.GetEnvOrDefault(1200, internal.ParseEnvInt, "TERRAFORM_VAULT_MAX_TTL"); d != nil { + args.MaxLeaseTtlSeconds = pulumi.IntPtr(d.(int)) + } } - if isZero(args.MaxRetries) { - args.MaxRetries = pulumi.IntPtr(getEnvOrDefault(2, parseEnvInt, "VAULT_MAX_RETRIES").(int)) + if args.MaxRetries == nil { + if d := internal.GetEnvOrDefault(2, internal.ParseEnvInt, "VAULT_MAX_RETRIES"); d != nil { + args.MaxRetries = pulumi.IntPtr(d.(int)) + } } - if isZero(args.SkipTlsVerify) { - args.SkipTlsVerify = pulumi.BoolPtr(getEnvOrDefault(false, parseEnvBool, "VAULT_SKIP_VERIFY").(bool)) + if args.SkipTlsVerify == nil { + if d := internal.GetEnvOrDefault(nil, internal.ParseEnvBool, "VAULT_SKIP_VERIFY"); d != nil { + args.SkipTlsVerify = pulumi.BoolPtr(d.(bool)) + } } + if args.Headers != nil { + args.Headers = pulumi.ToSecret(args.Headers).(ProviderHeaderArrayInput) + } + opts = internal.PkgResourceDefaultOpts(opts) var resource Provider err := ctx.RegisterResource("pulumi:providers:vault", name, args, &resource, opts...) if err != nil { @@ -115,6 +127,9 @@ type providerArgs struct { MaxRetriesCcc *int `pulumi:"maxRetriesCcc"` // The namespace to use. Available only for Vault Enterprise. Namespace *string `pulumi:"namespace"` + // In the case where the Vault token is for a specific namespace and the provider namespace is not configured, use the + // token namespace as the root namespace for all resources. + SetNamespaceFromToken *bool `pulumi:"setNamespaceFromToken"` // Set this to true to prevent the creation of ephemeral child token used by this provider. SkipChildToken *bool `pulumi:"skipChildToken"` // Skip the dynamic fetching of the Vault server version. @@ -179,6 +194,9 @@ type ProviderArgs struct { MaxRetriesCcc pulumi.IntPtrInput // The namespace to use. Available only for Vault Enterprise. Namespace pulumi.StringPtrInput + // In the case where the Vault token is for a specific namespace and the provider namespace is not configured, use the + // token namespace as the root namespace for all resources. + SetNamespaceFromToken pulumi.BoolPtrInput // Set this to true to prevent the creation of ephemeral child token used by this provider. SkipChildToken pulumi.BoolPtrInput // Skip the dynamic fetching of the Vault server version. @@ -218,6 +236,12 @@ func (i *Provider) ToProviderOutputWithContext(ctx context.Context) ProviderOutp return pulumi.ToOutputWithContext(ctx, i).(ProviderOutput) } +func (i *Provider) ToOutput(ctx context.Context) pulumix.Output[*Provider] { + return pulumix.Output[*Provider]{ + OutputState: i.ToProviderOutputWithContext(ctx).OutputState, + } +} + type ProviderOutput struct{ *pulumi.OutputState } func (ProviderOutput) ElementType() reflect.Type { @@ -232,6 +256,12 @@ func (o ProviderOutput) ToProviderOutputWithContext(ctx context.Context) Provide return o } +func (o ProviderOutput) ToOutput(ctx context.Context) pulumix.Output[*Provider] { + return pulumix.Output[*Provider]{ + OutputState: o.OutputState, + } +} + // If true, adds the value of the `address` argument to the Terraform process environment. func (o ProviderOutput) AddAddressToEnv() pulumi.StringPtrOutput { return o.ApplyT(func(v *Provider) pulumi.StringPtrOutput { return v.AddAddressToEnv }).(pulumi.StringPtrOutput) diff --git a/sdk/go/vault/pulumiTypes.go b/sdk/go/vault/pulumiTypes.go index 51a4de8b9..e6160dbce 100644 --- a/sdk/go/vault/pulumiTypes.go +++ b/sdk/go/vault/pulumiTypes.go @@ -7,9 +7,13 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) +var _ = internal.GetEnvOrDefault + type AuthBackendTune struct { // List of headers to whitelist and allowing // a plugin to include them in the response. @@ -91,6 +95,12 @@ func (i AuthBackendTuneArgs) ToAuthBackendTuneOutputWithContext(ctx context.Cont return pulumi.ToOutputWithContext(ctx, i).(AuthBackendTuneOutput) } +func (i AuthBackendTuneArgs) ToOutput(ctx context.Context) pulumix.Output[AuthBackendTune] { + return pulumix.Output[AuthBackendTune]{ + OutputState: i.ToAuthBackendTuneOutputWithContext(ctx).OutputState, + } +} + func (i AuthBackendTuneArgs) ToAuthBackendTunePtrOutput() AuthBackendTunePtrOutput { return i.ToAuthBackendTunePtrOutputWithContext(context.Background()) } @@ -132,6 +142,12 @@ func (i *authBackendTunePtrType) ToAuthBackendTunePtrOutputWithContext(ctx conte return pulumi.ToOutputWithContext(ctx, i).(AuthBackendTunePtrOutput) } +func (i *authBackendTunePtrType) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendTune] { + return pulumix.Output[*AuthBackendTune]{ + OutputState: i.ToAuthBackendTunePtrOutputWithContext(ctx).OutputState, + } +} + type AuthBackendTuneOutput struct{ *pulumi.OutputState } func (AuthBackendTuneOutput) ElementType() reflect.Type { @@ -156,6 +172,12 @@ func (o AuthBackendTuneOutput) ToAuthBackendTunePtrOutputWithContext(ctx context }).(AuthBackendTunePtrOutput) } +func (o AuthBackendTuneOutput) ToOutput(ctx context.Context) pulumix.Output[AuthBackendTune] { + return pulumix.Output[AuthBackendTune]{ + OutputState: o.OutputState, + } +} + // List of headers to whitelist and allowing // a plugin to include them in the response. func (o AuthBackendTuneOutput) AllowedResponseHeaders() pulumi.StringArrayOutput { @@ -220,6 +242,12 @@ func (o AuthBackendTunePtrOutput) ToAuthBackendTunePtrOutputWithContext(ctx cont return o } +func (o AuthBackendTunePtrOutput) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendTune] { + return pulumix.Output[*AuthBackendTune]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendTunePtrOutput) Elem() AuthBackendTuneOutput { return o.ApplyT(func(v *AuthBackendTune) AuthBackendTune { if v != nil { @@ -321,10 +349,11 @@ func (o AuthBackendTunePtrOutput) TokenType() pulumi.StringPtrOutput { } type ProviderAuthLogin struct { - Method *string `pulumi:"method"` - Namespace *string `pulumi:"namespace"` - Parameters map[string]string `pulumi:"parameters"` - Path string `pulumi:"path"` + Method *string `pulumi:"method"` + Namespace *string `pulumi:"namespace"` + Parameters map[string]string `pulumi:"parameters"` + Path string `pulumi:"path"` + UseRootNamespace *bool `pulumi:"useRootNamespace"` } // ProviderAuthLoginInput is an input type that accepts ProviderAuthLoginArgs and ProviderAuthLoginOutput values. @@ -339,10 +368,11 @@ type ProviderAuthLoginInput interface { } type ProviderAuthLoginArgs struct { - Method pulumi.StringPtrInput `pulumi:"method"` - Namespace pulumi.StringPtrInput `pulumi:"namespace"` - Parameters pulumi.StringMapInput `pulumi:"parameters"` - Path pulumi.StringInput `pulumi:"path"` + Method pulumi.StringPtrInput `pulumi:"method"` + Namespace pulumi.StringPtrInput `pulumi:"namespace"` + Parameters pulumi.StringMapInput `pulumi:"parameters"` + Path pulumi.StringInput `pulumi:"path"` + UseRootNamespace pulumi.BoolPtrInput `pulumi:"useRootNamespace"` } func (ProviderAuthLoginArgs) ElementType() reflect.Type { @@ -357,6 +387,12 @@ func (i ProviderAuthLoginArgs) ToProviderAuthLoginOutputWithContext(ctx context. return pulumi.ToOutputWithContext(ctx, i).(ProviderAuthLoginOutput) } +func (i ProviderAuthLoginArgs) ToOutput(ctx context.Context) pulumix.Output[ProviderAuthLogin] { + return pulumix.Output[ProviderAuthLogin]{ + OutputState: i.ToProviderAuthLoginOutputWithContext(ctx).OutputState, + } +} + func (i ProviderAuthLoginArgs) ToProviderAuthLoginPtrOutput() ProviderAuthLoginPtrOutput { return i.ToProviderAuthLoginPtrOutputWithContext(context.Background()) } @@ -398,6 +434,12 @@ func (i *providerAuthLoginPtrType) ToProviderAuthLoginPtrOutputWithContext(ctx c return pulumi.ToOutputWithContext(ctx, i).(ProviderAuthLoginPtrOutput) } +func (i *providerAuthLoginPtrType) ToOutput(ctx context.Context) pulumix.Output[*ProviderAuthLogin] { + return pulumix.Output[*ProviderAuthLogin]{ + OutputState: i.ToProviderAuthLoginPtrOutputWithContext(ctx).OutputState, + } +} + type ProviderAuthLoginOutput struct{ *pulumi.OutputState } func (ProviderAuthLoginOutput) ElementType() reflect.Type { @@ -422,6 +464,12 @@ func (o ProviderAuthLoginOutput) ToProviderAuthLoginPtrOutputWithContext(ctx con }).(ProviderAuthLoginPtrOutput) } +func (o ProviderAuthLoginOutput) ToOutput(ctx context.Context) pulumix.Output[ProviderAuthLogin] { + return pulumix.Output[ProviderAuthLogin]{ + OutputState: o.OutputState, + } +} + func (o ProviderAuthLoginOutput) Method() pulumi.StringPtrOutput { return o.ApplyT(func(v ProviderAuthLogin) *string { return v.Method }).(pulumi.StringPtrOutput) } @@ -438,6 +486,10 @@ func (o ProviderAuthLoginOutput) Path() pulumi.StringOutput { return o.ApplyT(func(v ProviderAuthLogin) string { return v.Path }).(pulumi.StringOutput) } +func (o ProviderAuthLoginOutput) UseRootNamespace() pulumi.BoolPtrOutput { + return o.ApplyT(func(v ProviderAuthLogin) *bool { return v.UseRootNamespace }).(pulumi.BoolPtrOutput) +} + type ProviderAuthLoginPtrOutput struct{ *pulumi.OutputState } func (ProviderAuthLoginPtrOutput) ElementType() reflect.Type { @@ -452,6 +504,12 @@ func (o ProviderAuthLoginPtrOutput) ToProviderAuthLoginPtrOutputWithContext(ctx return o } +func (o ProviderAuthLoginPtrOutput) ToOutput(ctx context.Context) pulumix.Output[*ProviderAuthLogin] { + return pulumix.Output[*ProviderAuthLogin]{ + OutputState: o.OutputState, + } +} + func (o ProviderAuthLoginPtrOutput) Elem() ProviderAuthLoginOutput { return o.ApplyT(func(v *ProviderAuthLogin) ProviderAuthLogin { if v != nil { @@ -498,6 +556,15 @@ func (o ProviderAuthLoginPtrOutput) Path() pulumi.StringPtrOutput { }).(pulumi.StringPtrOutput) } +func (o ProviderAuthLoginPtrOutput) UseRootNamespace() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *ProviderAuthLogin) *bool { + if v == nil { + return nil + } + return v.UseRootNamespace + }).(pulumi.BoolPtrOutput) +} + type ProviderAuthLoginAws struct { AwsAccessKeyId *string `pulumi:"awsAccessKeyId"` AwsIamEndpoint *string `pulumi:"awsIamEndpoint"` @@ -514,6 +581,7 @@ type ProviderAuthLoginAws struct { Mount *string `pulumi:"mount"` Namespace *string `pulumi:"namespace"` Role string `pulumi:"role"` + UseRootNamespace *bool `pulumi:"useRootNamespace"` } // ProviderAuthLoginAwsInput is an input type that accepts ProviderAuthLoginAwsArgs and ProviderAuthLoginAwsOutput values. @@ -543,6 +611,7 @@ type ProviderAuthLoginAwsArgs struct { Mount pulumi.StringPtrInput `pulumi:"mount"` Namespace pulumi.StringPtrInput `pulumi:"namespace"` Role pulumi.StringInput `pulumi:"role"` + UseRootNamespace pulumi.BoolPtrInput `pulumi:"useRootNamespace"` } func (ProviderAuthLoginAwsArgs) ElementType() reflect.Type { @@ -557,6 +626,12 @@ func (i ProviderAuthLoginAwsArgs) ToProviderAuthLoginAwsOutputWithContext(ctx co return pulumi.ToOutputWithContext(ctx, i).(ProviderAuthLoginAwsOutput) } +func (i ProviderAuthLoginAwsArgs) ToOutput(ctx context.Context) pulumix.Output[ProviderAuthLoginAws] { + return pulumix.Output[ProviderAuthLoginAws]{ + OutputState: i.ToProviderAuthLoginAwsOutputWithContext(ctx).OutputState, + } +} + func (i ProviderAuthLoginAwsArgs) ToProviderAuthLoginAwsPtrOutput() ProviderAuthLoginAwsPtrOutput { return i.ToProviderAuthLoginAwsPtrOutputWithContext(context.Background()) } @@ -598,6 +673,12 @@ func (i *providerAuthLoginAwsPtrType) ToProviderAuthLoginAwsPtrOutputWithContext return pulumi.ToOutputWithContext(ctx, i).(ProviderAuthLoginAwsPtrOutput) } +func (i *providerAuthLoginAwsPtrType) ToOutput(ctx context.Context) pulumix.Output[*ProviderAuthLoginAws] { + return pulumix.Output[*ProviderAuthLoginAws]{ + OutputState: i.ToProviderAuthLoginAwsPtrOutputWithContext(ctx).OutputState, + } +} + type ProviderAuthLoginAwsOutput struct{ *pulumi.OutputState } func (ProviderAuthLoginAwsOutput) ElementType() reflect.Type { @@ -622,6 +703,12 @@ func (o ProviderAuthLoginAwsOutput) ToProviderAuthLoginAwsPtrOutputWithContext(c }).(ProviderAuthLoginAwsPtrOutput) } +func (o ProviderAuthLoginAwsOutput) ToOutput(ctx context.Context) pulumix.Output[ProviderAuthLoginAws] { + return pulumix.Output[ProviderAuthLoginAws]{ + OutputState: o.OutputState, + } +} + func (o ProviderAuthLoginAwsOutput) AwsAccessKeyId() pulumi.StringPtrOutput { return o.ApplyT(func(v ProviderAuthLoginAws) *string { return v.AwsAccessKeyId }).(pulumi.StringPtrOutput) } @@ -682,6 +769,10 @@ func (o ProviderAuthLoginAwsOutput) Role() pulumi.StringOutput { return o.ApplyT(func(v ProviderAuthLoginAws) string { return v.Role }).(pulumi.StringOutput) } +func (o ProviderAuthLoginAwsOutput) UseRootNamespace() pulumi.BoolPtrOutput { + return o.ApplyT(func(v ProviderAuthLoginAws) *bool { return v.UseRootNamespace }).(pulumi.BoolPtrOutput) +} + type ProviderAuthLoginAwsPtrOutput struct{ *pulumi.OutputState } func (ProviderAuthLoginAwsPtrOutput) ElementType() reflect.Type { @@ -696,6 +787,12 @@ func (o ProviderAuthLoginAwsPtrOutput) ToProviderAuthLoginAwsPtrOutputWithContex return o } +func (o ProviderAuthLoginAwsPtrOutput) ToOutput(ctx context.Context) pulumix.Output[*ProviderAuthLoginAws] { + return pulumix.Output[*ProviderAuthLoginAws]{ + OutputState: o.OutputState, + } +} + func (o ProviderAuthLoginAwsPtrOutput) Elem() ProviderAuthLoginAwsOutput { return o.ApplyT(func(v *ProviderAuthLoginAws) ProviderAuthLoginAws { if v != nil { @@ -841,6 +938,15 @@ func (o ProviderAuthLoginAwsPtrOutput) Role() pulumi.StringPtrOutput { }).(pulumi.StringPtrOutput) } +func (o ProviderAuthLoginAwsPtrOutput) UseRootNamespace() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *ProviderAuthLoginAws) *bool { + if v == nil { + return nil + } + return v.UseRootNamespace + }).(pulumi.BoolPtrOutput) +} + type ProviderAuthLoginAzure struct { ClientId *string `pulumi:"clientId"` Jwt *string `pulumi:"jwt"` @@ -851,6 +957,7 @@ type ProviderAuthLoginAzure struct { Scope *string `pulumi:"scope"` SubscriptionId string `pulumi:"subscriptionId"` TenantId *string `pulumi:"tenantId"` + UseRootNamespace *bool `pulumi:"useRootNamespace"` VmName *string `pulumi:"vmName"` VmssName *string `pulumi:"vmssName"` } @@ -876,6 +983,7 @@ type ProviderAuthLoginAzureArgs struct { Scope pulumi.StringPtrInput `pulumi:"scope"` SubscriptionId pulumi.StringInput `pulumi:"subscriptionId"` TenantId pulumi.StringPtrInput `pulumi:"tenantId"` + UseRootNamespace pulumi.BoolPtrInput `pulumi:"useRootNamespace"` VmName pulumi.StringPtrInput `pulumi:"vmName"` VmssName pulumi.StringPtrInput `pulumi:"vmssName"` } @@ -892,6 +1000,12 @@ func (i ProviderAuthLoginAzureArgs) ToProviderAuthLoginAzureOutputWithContext(ct return pulumi.ToOutputWithContext(ctx, i).(ProviderAuthLoginAzureOutput) } +func (i ProviderAuthLoginAzureArgs) ToOutput(ctx context.Context) pulumix.Output[ProviderAuthLoginAzure] { + return pulumix.Output[ProviderAuthLoginAzure]{ + OutputState: i.ToProviderAuthLoginAzureOutputWithContext(ctx).OutputState, + } +} + func (i ProviderAuthLoginAzureArgs) ToProviderAuthLoginAzurePtrOutput() ProviderAuthLoginAzurePtrOutput { return i.ToProviderAuthLoginAzurePtrOutputWithContext(context.Background()) } @@ -933,6 +1047,12 @@ func (i *providerAuthLoginAzurePtrType) ToProviderAuthLoginAzurePtrOutputWithCon return pulumi.ToOutputWithContext(ctx, i).(ProviderAuthLoginAzurePtrOutput) } +func (i *providerAuthLoginAzurePtrType) ToOutput(ctx context.Context) pulumix.Output[*ProviderAuthLoginAzure] { + return pulumix.Output[*ProviderAuthLoginAzure]{ + OutputState: i.ToProviderAuthLoginAzurePtrOutputWithContext(ctx).OutputState, + } +} + type ProviderAuthLoginAzureOutput struct{ *pulumi.OutputState } func (ProviderAuthLoginAzureOutput) ElementType() reflect.Type { @@ -957,6 +1077,12 @@ func (o ProviderAuthLoginAzureOutput) ToProviderAuthLoginAzurePtrOutputWithConte }).(ProviderAuthLoginAzurePtrOutput) } +func (o ProviderAuthLoginAzureOutput) ToOutput(ctx context.Context) pulumix.Output[ProviderAuthLoginAzure] { + return pulumix.Output[ProviderAuthLoginAzure]{ + OutputState: o.OutputState, + } +} + func (o ProviderAuthLoginAzureOutput) ClientId() pulumi.StringPtrOutput { return o.ApplyT(func(v ProviderAuthLoginAzure) *string { return v.ClientId }).(pulumi.StringPtrOutput) } @@ -993,6 +1119,10 @@ func (o ProviderAuthLoginAzureOutput) TenantId() pulumi.StringPtrOutput { return o.ApplyT(func(v ProviderAuthLoginAzure) *string { return v.TenantId }).(pulumi.StringPtrOutput) } +func (o ProviderAuthLoginAzureOutput) UseRootNamespace() pulumi.BoolPtrOutput { + return o.ApplyT(func(v ProviderAuthLoginAzure) *bool { return v.UseRootNamespace }).(pulumi.BoolPtrOutput) +} + func (o ProviderAuthLoginAzureOutput) VmName() pulumi.StringPtrOutput { return o.ApplyT(func(v ProviderAuthLoginAzure) *string { return v.VmName }).(pulumi.StringPtrOutput) } @@ -1015,6 +1145,12 @@ func (o ProviderAuthLoginAzurePtrOutput) ToProviderAuthLoginAzurePtrOutputWithCo return o } +func (o ProviderAuthLoginAzurePtrOutput) ToOutput(ctx context.Context) pulumix.Output[*ProviderAuthLoginAzure] { + return pulumix.Output[*ProviderAuthLoginAzure]{ + OutputState: o.OutputState, + } +} + func (o ProviderAuthLoginAzurePtrOutput) Elem() ProviderAuthLoginAzureOutput { return o.ApplyT(func(v *ProviderAuthLoginAzure) ProviderAuthLoginAzure { if v != nil { @@ -1106,6 +1242,15 @@ func (o ProviderAuthLoginAzurePtrOutput) TenantId() pulumi.StringPtrOutput { }).(pulumi.StringPtrOutput) } +func (o ProviderAuthLoginAzurePtrOutput) UseRootNamespace() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *ProviderAuthLoginAzure) *bool { + if v == nil { + return nil + } + return v.UseRootNamespace + }).(pulumi.BoolPtrOutput) +} + func (o ProviderAuthLoginAzurePtrOutput) VmName() pulumi.StringPtrOutput { return o.ApplyT(func(v *ProviderAuthLoginAzure) *string { if v == nil { @@ -1125,11 +1270,12 @@ func (o ProviderAuthLoginAzurePtrOutput) VmssName() pulumi.StringPtrOutput { } type ProviderAuthLoginCert struct { - CertFile string `pulumi:"certFile"` - KeyFile string `pulumi:"keyFile"` - Mount *string `pulumi:"mount"` - Name *string `pulumi:"name"` - Namespace *string `pulumi:"namespace"` + CertFile string `pulumi:"certFile"` + KeyFile string `pulumi:"keyFile"` + Mount *string `pulumi:"mount"` + Name *string `pulumi:"name"` + Namespace *string `pulumi:"namespace"` + UseRootNamespace *bool `pulumi:"useRootNamespace"` } // ProviderAuthLoginCertInput is an input type that accepts ProviderAuthLoginCertArgs and ProviderAuthLoginCertOutput values. @@ -1144,11 +1290,12 @@ type ProviderAuthLoginCertInput interface { } type ProviderAuthLoginCertArgs struct { - CertFile pulumi.StringInput `pulumi:"certFile"` - KeyFile pulumi.StringInput `pulumi:"keyFile"` - Mount pulumi.StringPtrInput `pulumi:"mount"` - Name pulumi.StringPtrInput `pulumi:"name"` - Namespace pulumi.StringPtrInput `pulumi:"namespace"` + CertFile pulumi.StringInput `pulumi:"certFile"` + KeyFile pulumi.StringInput `pulumi:"keyFile"` + Mount pulumi.StringPtrInput `pulumi:"mount"` + Name pulumi.StringPtrInput `pulumi:"name"` + Namespace pulumi.StringPtrInput `pulumi:"namespace"` + UseRootNamespace pulumi.BoolPtrInput `pulumi:"useRootNamespace"` } func (ProviderAuthLoginCertArgs) ElementType() reflect.Type { @@ -1163,6 +1310,12 @@ func (i ProviderAuthLoginCertArgs) ToProviderAuthLoginCertOutputWithContext(ctx return pulumi.ToOutputWithContext(ctx, i).(ProviderAuthLoginCertOutput) } +func (i ProviderAuthLoginCertArgs) ToOutput(ctx context.Context) pulumix.Output[ProviderAuthLoginCert] { + return pulumix.Output[ProviderAuthLoginCert]{ + OutputState: i.ToProviderAuthLoginCertOutputWithContext(ctx).OutputState, + } +} + func (i ProviderAuthLoginCertArgs) ToProviderAuthLoginCertPtrOutput() ProviderAuthLoginCertPtrOutput { return i.ToProviderAuthLoginCertPtrOutputWithContext(context.Background()) } @@ -1204,6 +1357,12 @@ func (i *providerAuthLoginCertPtrType) ToProviderAuthLoginCertPtrOutputWithConte return pulumi.ToOutputWithContext(ctx, i).(ProviderAuthLoginCertPtrOutput) } +func (i *providerAuthLoginCertPtrType) ToOutput(ctx context.Context) pulumix.Output[*ProviderAuthLoginCert] { + return pulumix.Output[*ProviderAuthLoginCert]{ + OutputState: i.ToProviderAuthLoginCertPtrOutputWithContext(ctx).OutputState, + } +} + type ProviderAuthLoginCertOutput struct{ *pulumi.OutputState } func (ProviderAuthLoginCertOutput) ElementType() reflect.Type { @@ -1228,6 +1387,12 @@ func (o ProviderAuthLoginCertOutput) ToProviderAuthLoginCertPtrOutputWithContext }).(ProviderAuthLoginCertPtrOutput) } +func (o ProviderAuthLoginCertOutput) ToOutput(ctx context.Context) pulumix.Output[ProviderAuthLoginCert] { + return pulumix.Output[ProviderAuthLoginCert]{ + OutputState: o.OutputState, + } +} + func (o ProviderAuthLoginCertOutput) CertFile() pulumi.StringOutput { return o.ApplyT(func(v ProviderAuthLoginCert) string { return v.CertFile }).(pulumi.StringOutput) } @@ -1248,6 +1413,10 @@ func (o ProviderAuthLoginCertOutput) Namespace() pulumi.StringPtrOutput { return o.ApplyT(func(v ProviderAuthLoginCert) *string { return v.Namespace }).(pulumi.StringPtrOutput) } +func (o ProviderAuthLoginCertOutput) UseRootNamespace() pulumi.BoolPtrOutput { + return o.ApplyT(func(v ProviderAuthLoginCert) *bool { return v.UseRootNamespace }).(pulumi.BoolPtrOutput) +} + type ProviderAuthLoginCertPtrOutput struct{ *pulumi.OutputState } func (ProviderAuthLoginCertPtrOutput) ElementType() reflect.Type { @@ -1262,6 +1431,12 @@ func (o ProviderAuthLoginCertPtrOutput) ToProviderAuthLoginCertPtrOutputWithCont return o } +func (o ProviderAuthLoginCertPtrOutput) ToOutput(ctx context.Context) pulumix.Output[*ProviderAuthLoginCert] { + return pulumix.Output[*ProviderAuthLoginCert]{ + OutputState: o.OutputState, + } +} + func (o ProviderAuthLoginCertPtrOutput) Elem() ProviderAuthLoginCertOutput { return o.ApplyT(func(v *ProviderAuthLoginCert) ProviderAuthLoginCert { if v != nil { @@ -1317,13 +1492,23 @@ func (o ProviderAuthLoginCertPtrOutput) Namespace() pulumi.StringPtrOutput { }).(pulumi.StringPtrOutput) } +func (o ProviderAuthLoginCertPtrOutput) UseRootNamespace() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *ProviderAuthLoginCert) *bool { + if v == nil { + return nil + } + return v.UseRootNamespace + }).(pulumi.BoolPtrOutput) +} + type ProviderAuthLoginGcp struct { - Credentials *string `pulumi:"credentials"` - Jwt *string `pulumi:"jwt"` - Mount *string `pulumi:"mount"` - Namespace *string `pulumi:"namespace"` - Role string `pulumi:"role"` - ServiceAccount *string `pulumi:"serviceAccount"` + Credentials *string `pulumi:"credentials"` + Jwt *string `pulumi:"jwt"` + Mount *string `pulumi:"mount"` + Namespace *string `pulumi:"namespace"` + Role string `pulumi:"role"` + ServiceAccount *string `pulumi:"serviceAccount"` + UseRootNamespace *bool `pulumi:"useRootNamespace"` } // ProviderAuthLoginGcpInput is an input type that accepts ProviderAuthLoginGcpArgs and ProviderAuthLoginGcpOutput values. @@ -1338,12 +1523,13 @@ type ProviderAuthLoginGcpInput interface { } type ProviderAuthLoginGcpArgs struct { - Credentials pulumi.StringPtrInput `pulumi:"credentials"` - Jwt pulumi.StringPtrInput `pulumi:"jwt"` - Mount pulumi.StringPtrInput `pulumi:"mount"` - Namespace pulumi.StringPtrInput `pulumi:"namespace"` - Role pulumi.StringInput `pulumi:"role"` - ServiceAccount pulumi.StringPtrInput `pulumi:"serviceAccount"` + Credentials pulumi.StringPtrInput `pulumi:"credentials"` + Jwt pulumi.StringPtrInput `pulumi:"jwt"` + Mount pulumi.StringPtrInput `pulumi:"mount"` + Namespace pulumi.StringPtrInput `pulumi:"namespace"` + Role pulumi.StringInput `pulumi:"role"` + ServiceAccount pulumi.StringPtrInput `pulumi:"serviceAccount"` + UseRootNamespace pulumi.BoolPtrInput `pulumi:"useRootNamespace"` } func (ProviderAuthLoginGcpArgs) ElementType() reflect.Type { @@ -1358,6 +1544,12 @@ func (i ProviderAuthLoginGcpArgs) ToProviderAuthLoginGcpOutputWithContext(ctx co return pulumi.ToOutputWithContext(ctx, i).(ProviderAuthLoginGcpOutput) } +func (i ProviderAuthLoginGcpArgs) ToOutput(ctx context.Context) pulumix.Output[ProviderAuthLoginGcp] { + return pulumix.Output[ProviderAuthLoginGcp]{ + OutputState: i.ToProviderAuthLoginGcpOutputWithContext(ctx).OutputState, + } +} + func (i ProviderAuthLoginGcpArgs) ToProviderAuthLoginGcpPtrOutput() ProviderAuthLoginGcpPtrOutput { return i.ToProviderAuthLoginGcpPtrOutputWithContext(context.Background()) } @@ -1399,6 +1591,12 @@ func (i *providerAuthLoginGcpPtrType) ToProviderAuthLoginGcpPtrOutputWithContext return pulumi.ToOutputWithContext(ctx, i).(ProviderAuthLoginGcpPtrOutput) } +func (i *providerAuthLoginGcpPtrType) ToOutput(ctx context.Context) pulumix.Output[*ProviderAuthLoginGcp] { + return pulumix.Output[*ProviderAuthLoginGcp]{ + OutputState: i.ToProviderAuthLoginGcpPtrOutputWithContext(ctx).OutputState, + } +} + type ProviderAuthLoginGcpOutput struct{ *pulumi.OutputState } func (ProviderAuthLoginGcpOutput) ElementType() reflect.Type { @@ -1423,6 +1621,12 @@ func (o ProviderAuthLoginGcpOutput) ToProviderAuthLoginGcpPtrOutputWithContext(c }).(ProviderAuthLoginGcpPtrOutput) } +func (o ProviderAuthLoginGcpOutput) ToOutput(ctx context.Context) pulumix.Output[ProviderAuthLoginGcp] { + return pulumix.Output[ProviderAuthLoginGcp]{ + OutputState: o.OutputState, + } +} + func (o ProviderAuthLoginGcpOutput) Credentials() pulumi.StringPtrOutput { return o.ApplyT(func(v ProviderAuthLoginGcp) *string { return v.Credentials }).(pulumi.StringPtrOutput) } @@ -1447,6 +1651,10 @@ func (o ProviderAuthLoginGcpOutput) ServiceAccount() pulumi.StringPtrOutput { return o.ApplyT(func(v ProviderAuthLoginGcp) *string { return v.ServiceAccount }).(pulumi.StringPtrOutput) } +func (o ProviderAuthLoginGcpOutput) UseRootNamespace() pulumi.BoolPtrOutput { + return o.ApplyT(func(v ProviderAuthLoginGcp) *bool { return v.UseRootNamespace }).(pulumi.BoolPtrOutput) +} + type ProviderAuthLoginGcpPtrOutput struct{ *pulumi.OutputState } func (ProviderAuthLoginGcpPtrOutput) ElementType() reflect.Type { @@ -1461,6 +1669,12 @@ func (o ProviderAuthLoginGcpPtrOutput) ToProviderAuthLoginGcpPtrOutputWithContex return o } +func (o ProviderAuthLoginGcpPtrOutput) ToOutput(ctx context.Context) pulumix.Output[*ProviderAuthLoginGcp] { + return pulumix.Output[*ProviderAuthLoginGcp]{ + OutputState: o.OutputState, + } +} + func (o ProviderAuthLoginGcpPtrOutput) Elem() ProviderAuthLoginGcpOutput { return o.ApplyT(func(v *ProviderAuthLoginGcp) ProviderAuthLoginGcp { if v != nil { @@ -1525,11 +1739,21 @@ func (o ProviderAuthLoginGcpPtrOutput) ServiceAccount() pulumi.StringPtrOutput { }).(pulumi.StringPtrOutput) } +func (o ProviderAuthLoginGcpPtrOutput) UseRootNamespace() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *ProviderAuthLoginGcp) *bool { + if v == nil { + return nil + } + return v.UseRootNamespace + }).(pulumi.BoolPtrOutput) +} + type ProviderAuthLoginJwt struct { - Jwt string `pulumi:"jwt"` - Mount *string `pulumi:"mount"` - Namespace *string `pulumi:"namespace"` - Role string `pulumi:"role"` + Jwt string `pulumi:"jwt"` + Mount *string `pulumi:"mount"` + Namespace *string `pulumi:"namespace"` + Role string `pulumi:"role"` + UseRootNamespace *bool `pulumi:"useRootNamespace"` } // ProviderAuthLoginJwtInput is an input type that accepts ProviderAuthLoginJwtArgs and ProviderAuthLoginJwtOutput values. @@ -1544,10 +1768,11 @@ type ProviderAuthLoginJwtInput interface { } type ProviderAuthLoginJwtArgs struct { - Jwt pulumi.StringInput `pulumi:"jwt"` - Mount pulumi.StringPtrInput `pulumi:"mount"` - Namespace pulumi.StringPtrInput `pulumi:"namespace"` - Role pulumi.StringInput `pulumi:"role"` + Jwt pulumi.StringInput `pulumi:"jwt"` + Mount pulumi.StringPtrInput `pulumi:"mount"` + Namespace pulumi.StringPtrInput `pulumi:"namespace"` + Role pulumi.StringInput `pulumi:"role"` + UseRootNamespace pulumi.BoolPtrInput `pulumi:"useRootNamespace"` } func (ProviderAuthLoginJwtArgs) ElementType() reflect.Type { @@ -1562,6 +1787,12 @@ func (i ProviderAuthLoginJwtArgs) ToProviderAuthLoginJwtOutputWithContext(ctx co return pulumi.ToOutputWithContext(ctx, i).(ProviderAuthLoginJwtOutput) } +func (i ProviderAuthLoginJwtArgs) ToOutput(ctx context.Context) pulumix.Output[ProviderAuthLoginJwt] { + return pulumix.Output[ProviderAuthLoginJwt]{ + OutputState: i.ToProviderAuthLoginJwtOutputWithContext(ctx).OutputState, + } +} + func (i ProviderAuthLoginJwtArgs) ToProviderAuthLoginJwtPtrOutput() ProviderAuthLoginJwtPtrOutput { return i.ToProviderAuthLoginJwtPtrOutputWithContext(context.Background()) } @@ -1603,6 +1834,12 @@ func (i *providerAuthLoginJwtPtrType) ToProviderAuthLoginJwtPtrOutputWithContext return pulumi.ToOutputWithContext(ctx, i).(ProviderAuthLoginJwtPtrOutput) } +func (i *providerAuthLoginJwtPtrType) ToOutput(ctx context.Context) pulumix.Output[*ProviderAuthLoginJwt] { + return pulumix.Output[*ProviderAuthLoginJwt]{ + OutputState: i.ToProviderAuthLoginJwtPtrOutputWithContext(ctx).OutputState, + } +} + type ProviderAuthLoginJwtOutput struct{ *pulumi.OutputState } func (ProviderAuthLoginJwtOutput) ElementType() reflect.Type { @@ -1627,6 +1864,12 @@ func (o ProviderAuthLoginJwtOutput) ToProviderAuthLoginJwtPtrOutputWithContext(c }).(ProviderAuthLoginJwtPtrOutput) } +func (o ProviderAuthLoginJwtOutput) ToOutput(ctx context.Context) pulumix.Output[ProviderAuthLoginJwt] { + return pulumix.Output[ProviderAuthLoginJwt]{ + OutputState: o.OutputState, + } +} + func (o ProviderAuthLoginJwtOutput) Jwt() pulumi.StringOutput { return o.ApplyT(func(v ProviderAuthLoginJwt) string { return v.Jwt }).(pulumi.StringOutput) } @@ -1643,6 +1886,10 @@ func (o ProviderAuthLoginJwtOutput) Role() pulumi.StringOutput { return o.ApplyT(func(v ProviderAuthLoginJwt) string { return v.Role }).(pulumi.StringOutput) } +func (o ProviderAuthLoginJwtOutput) UseRootNamespace() pulumi.BoolPtrOutput { + return o.ApplyT(func(v ProviderAuthLoginJwt) *bool { return v.UseRootNamespace }).(pulumi.BoolPtrOutput) +} + type ProviderAuthLoginJwtPtrOutput struct{ *pulumi.OutputState } func (ProviderAuthLoginJwtPtrOutput) ElementType() reflect.Type { @@ -1657,6 +1904,12 @@ func (o ProviderAuthLoginJwtPtrOutput) ToProviderAuthLoginJwtPtrOutputWithContex return o } +func (o ProviderAuthLoginJwtPtrOutput) ToOutput(ctx context.Context) pulumix.Output[*ProviderAuthLoginJwt] { + return pulumix.Output[*ProviderAuthLoginJwt]{ + OutputState: o.OutputState, + } +} + func (o ProviderAuthLoginJwtPtrOutput) Elem() ProviderAuthLoginJwtOutput { return o.ApplyT(func(v *ProviderAuthLoginJwt) ProviderAuthLoginJwt { if v != nil { @@ -1703,6 +1956,15 @@ func (o ProviderAuthLoginJwtPtrOutput) Role() pulumi.StringPtrOutput { }).(pulumi.StringPtrOutput) } +func (o ProviderAuthLoginJwtPtrOutput) UseRootNamespace() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *ProviderAuthLoginJwt) *bool { + if v == nil { + return nil + } + return v.UseRootNamespace + }).(pulumi.BoolPtrOutput) +} + type ProviderAuthLoginKerberos struct { DisableFastNegotiation *bool `pulumi:"disableFastNegotiation"` KeytabPath *string `pulumi:"keytabPath"` @@ -1713,6 +1975,7 @@ type ProviderAuthLoginKerberos struct { RemoveInstanceName *bool `pulumi:"removeInstanceName"` Service *string `pulumi:"service"` Token *string `pulumi:"token"` + UseRootNamespace *bool `pulumi:"useRootNamespace"` Username *string `pulumi:"username"` } @@ -1737,6 +2000,7 @@ type ProviderAuthLoginKerberosArgs struct { RemoveInstanceName pulumi.BoolPtrInput `pulumi:"removeInstanceName"` Service pulumi.StringPtrInput `pulumi:"service"` Token pulumi.StringPtrInput `pulumi:"token"` + UseRootNamespace pulumi.BoolPtrInput `pulumi:"useRootNamespace"` Username pulumi.StringPtrInput `pulumi:"username"` } @@ -1752,6 +2016,12 @@ func (i ProviderAuthLoginKerberosArgs) ToProviderAuthLoginKerberosOutputWithCont return pulumi.ToOutputWithContext(ctx, i).(ProviderAuthLoginKerberosOutput) } +func (i ProviderAuthLoginKerberosArgs) ToOutput(ctx context.Context) pulumix.Output[ProviderAuthLoginKerberos] { + return pulumix.Output[ProviderAuthLoginKerberos]{ + OutputState: i.ToProviderAuthLoginKerberosOutputWithContext(ctx).OutputState, + } +} + func (i ProviderAuthLoginKerberosArgs) ToProviderAuthLoginKerberosPtrOutput() ProviderAuthLoginKerberosPtrOutput { return i.ToProviderAuthLoginKerberosPtrOutputWithContext(context.Background()) } @@ -1793,6 +2063,12 @@ func (i *providerAuthLoginKerberosPtrType) ToProviderAuthLoginKerberosPtrOutputW return pulumi.ToOutputWithContext(ctx, i).(ProviderAuthLoginKerberosPtrOutput) } +func (i *providerAuthLoginKerberosPtrType) ToOutput(ctx context.Context) pulumix.Output[*ProviderAuthLoginKerberos] { + return pulumix.Output[*ProviderAuthLoginKerberos]{ + OutputState: i.ToProviderAuthLoginKerberosPtrOutputWithContext(ctx).OutputState, + } +} + type ProviderAuthLoginKerberosOutput struct{ *pulumi.OutputState } func (ProviderAuthLoginKerberosOutput) ElementType() reflect.Type { @@ -1817,6 +2093,12 @@ func (o ProviderAuthLoginKerberosOutput) ToProviderAuthLoginKerberosPtrOutputWit }).(ProviderAuthLoginKerberosPtrOutput) } +func (o ProviderAuthLoginKerberosOutput) ToOutput(ctx context.Context) pulumix.Output[ProviderAuthLoginKerberos] { + return pulumix.Output[ProviderAuthLoginKerberos]{ + OutputState: o.OutputState, + } +} + func (o ProviderAuthLoginKerberosOutput) DisableFastNegotiation() pulumi.BoolPtrOutput { return o.ApplyT(func(v ProviderAuthLoginKerberos) *bool { return v.DisableFastNegotiation }).(pulumi.BoolPtrOutput) } @@ -1853,6 +2135,10 @@ func (o ProviderAuthLoginKerberosOutput) Token() pulumi.StringPtrOutput { return o.ApplyT(func(v ProviderAuthLoginKerberos) *string { return v.Token }).(pulumi.StringPtrOutput) } +func (o ProviderAuthLoginKerberosOutput) UseRootNamespace() pulumi.BoolPtrOutput { + return o.ApplyT(func(v ProviderAuthLoginKerberos) *bool { return v.UseRootNamespace }).(pulumi.BoolPtrOutput) +} + func (o ProviderAuthLoginKerberosOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v ProviderAuthLoginKerberos) *string { return v.Username }).(pulumi.StringPtrOutput) } @@ -1871,6 +2157,12 @@ func (o ProviderAuthLoginKerberosPtrOutput) ToProviderAuthLoginKerberosPtrOutput return o } +func (o ProviderAuthLoginKerberosPtrOutput) ToOutput(ctx context.Context) pulumix.Output[*ProviderAuthLoginKerberos] { + return pulumix.Output[*ProviderAuthLoginKerberos]{ + OutputState: o.OutputState, + } +} + func (o ProviderAuthLoginKerberosPtrOutput) Elem() ProviderAuthLoginKerberosOutput { return o.ApplyT(func(v *ProviderAuthLoginKerberos) ProviderAuthLoginKerberos { if v != nil { @@ -1962,6 +2254,15 @@ func (o ProviderAuthLoginKerberosPtrOutput) Token() pulumi.StringPtrOutput { }).(pulumi.StringPtrOutput) } +func (o ProviderAuthLoginKerberosPtrOutput) UseRootNamespace() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *ProviderAuthLoginKerberos) *bool { + if v == nil { + return nil + } + return v.UseRootNamespace + }).(pulumi.BoolPtrOutput) +} + func (o ProviderAuthLoginKerberosPtrOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v *ProviderAuthLoginKerberos) *string { if v == nil { @@ -1972,10 +2273,11 @@ func (o ProviderAuthLoginKerberosPtrOutput) Username() pulumi.StringPtrOutput { } type ProviderAuthLoginOci struct { - AuthType string `pulumi:"authType"` - Mount *string `pulumi:"mount"` - Namespace *string `pulumi:"namespace"` - Role string `pulumi:"role"` + AuthType string `pulumi:"authType"` + Mount *string `pulumi:"mount"` + Namespace *string `pulumi:"namespace"` + Role string `pulumi:"role"` + UseRootNamespace *bool `pulumi:"useRootNamespace"` } // ProviderAuthLoginOciInput is an input type that accepts ProviderAuthLoginOciArgs and ProviderAuthLoginOciOutput values. @@ -1990,10 +2292,11 @@ type ProviderAuthLoginOciInput interface { } type ProviderAuthLoginOciArgs struct { - AuthType pulumi.StringInput `pulumi:"authType"` - Mount pulumi.StringPtrInput `pulumi:"mount"` - Namespace pulumi.StringPtrInput `pulumi:"namespace"` - Role pulumi.StringInput `pulumi:"role"` + AuthType pulumi.StringInput `pulumi:"authType"` + Mount pulumi.StringPtrInput `pulumi:"mount"` + Namespace pulumi.StringPtrInput `pulumi:"namespace"` + Role pulumi.StringInput `pulumi:"role"` + UseRootNamespace pulumi.BoolPtrInput `pulumi:"useRootNamespace"` } func (ProviderAuthLoginOciArgs) ElementType() reflect.Type { @@ -2008,6 +2311,12 @@ func (i ProviderAuthLoginOciArgs) ToProviderAuthLoginOciOutputWithContext(ctx co return pulumi.ToOutputWithContext(ctx, i).(ProviderAuthLoginOciOutput) } +func (i ProviderAuthLoginOciArgs) ToOutput(ctx context.Context) pulumix.Output[ProviderAuthLoginOci] { + return pulumix.Output[ProviderAuthLoginOci]{ + OutputState: i.ToProviderAuthLoginOciOutputWithContext(ctx).OutputState, + } +} + func (i ProviderAuthLoginOciArgs) ToProviderAuthLoginOciPtrOutput() ProviderAuthLoginOciPtrOutput { return i.ToProviderAuthLoginOciPtrOutputWithContext(context.Background()) } @@ -2049,6 +2358,12 @@ func (i *providerAuthLoginOciPtrType) ToProviderAuthLoginOciPtrOutputWithContext return pulumi.ToOutputWithContext(ctx, i).(ProviderAuthLoginOciPtrOutput) } +func (i *providerAuthLoginOciPtrType) ToOutput(ctx context.Context) pulumix.Output[*ProviderAuthLoginOci] { + return pulumix.Output[*ProviderAuthLoginOci]{ + OutputState: i.ToProviderAuthLoginOciPtrOutputWithContext(ctx).OutputState, + } +} + type ProviderAuthLoginOciOutput struct{ *pulumi.OutputState } func (ProviderAuthLoginOciOutput) ElementType() reflect.Type { @@ -2073,6 +2388,12 @@ func (o ProviderAuthLoginOciOutput) ToProviderAuthLoginOciPtrOutputWithContext(c }).(ProviderAuthLoginOciPtrOutput) } +func (o ProviderAuthLoginOciOutput) ToOutput(ctx context.Context) pulumix.Output[ProviderAuthLoginOci] { + return pulumix.Output[ProviderAuthLoginOci]{ + OutputState: o.OutputState, + } +} + func (o ProviderAuthLoginOciOutput) AuthType() pulumi.StringOutput { return o.ApplyT(func(v ProviderAuthLoginOci) string { return v.AuthType }).(pulumi.StringOutput) } @@ -2089,6 +2410,10 @@ func (o ProviderAuthLoginOciOutput) Role() pulumi.StringOutput { return o.ApplyT(func(v ProviderAuthLoginOci) string { return v.Role }).(pulumi.StringOutput) } +func (o ProviderAuthLoginOciOutput) UseRootNamespace() pulumi.BoolPtrOutput { + return o.ApplyT(func(v ProviderAuthLoginOci) *bool { return v.UseRootNamespace }).(pulumi.BoolPtrOutput) +} + type ProviderAuthLoginOciPtrOutput struct{ *pulumi.OutputState } func (ProviderAuthLoginOciPtrOutput) ElementType() reflect.Type { @@ -2103,6 +2428,12 @@ func (o ProviderAuthLoginOciPtrOutput) ToProviderAuthLoginOciPtrOutputWithContex return o } +func (o ProviderAuthLoginOciPtrOutput) ToOutput(ctx context.Context) pulumix.Output[*ProviderAuthLoginOci] { + return pulumix.Output[*ProviderAuthLoginOci]{ + OutputState: o.OutputState, + } +} + func (o ProviderAuthLoginOciPtrOutput) Elem() ProviderAuthLoginOciOutput { return o.ApplyT(func(v *ProviderAuthLoginOci) ProviderAuthLoginOci { if v != nil { @@ -2149,12 +2480,22 @@ func (o ProviderAuthLoginOciPtrOutput) Role() pulumi.StringPtrOutput { }).(pulumi.StringPtrOutput) } +func (o ProviderAuthLoginOciPtrOutput) UseRootNamespace() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *ProviderAuthLoginOci) *bool { + if v == nil { + return nil + } + return v.UseRootNamespace + }).(pulumi.BoolPtrOutput) +} + type ProviderAuthLoginOidc struct { CallbackAddress *string `pulumi:"callbackAddress"` CallbackListenerAddress *string `pulumi:"callbackListenerAddress"` Mount *string `pulumi:"mount"` Namespace *string `pulumi:"namespace"` Role string `pulumi:"role"` + UseRootNamespace *bool `pulumi:"useRootNamespace"` } // ProviderAuthLoginOidcInput is an input type that accepts ProviderAuthLoginOidcArgs and ProviderAuthLoginOidcOutput values. @@ -2174,6 +2515,7 @@ type ProviderAuthLoginOidcArgs struct { Mount pulumi.StringPtrInput `pulumi:"mount"` Namespace pulumi.StringPtrInput `pulumi:"namespace"` Role pulumi.StringInput `pulumi:"role"` + UseRootNamespace pulumi.BoolPtrInput `pulumi:"useRootNamespace"` } func (ProviderAuthLoginOidcArgs) ElementType() reflect.Type { @@ -2188,6 +2530,12 @@ func (i ProviderAuthLoginOidcArgs) ToProviderAuthLoginOidcOutputWithContext(ctx return pulumi.ToOutputWithContext(ctx, i).(ProviderAuthLoginOidcOutput) } +func (i ProviderAuthLoginOidcArgs) ToOutput(ctx context.Context) pulumix.Output[ProviderAuthLoginOidc] { + return pulumix.Output[ProviderAuthLoginOidc]{ + OutputState: i.ToProviderAuthLoginOidcOutputWithContext(ctx).OutputState, + } +} + func (i ProviderAuthLoginOidcArgs) ToProviderAuthLoginOidcPtrOutput() ProviderAuthLoginOidcPtrOutput { return i.ToProviderAuthLoginOidcPtrOutputWithContext(context.Background()) } @@ -2229,6 +2577,12 @@ func (i *providerAuthLoginOidcPtrType) ToProviderAuthLoginOidcPtrOutputWithConte return pulumi.ToOutputWithContext(ctx, i).(ProviderAuthLoginOidcPtrOutput) } +func (i *providerAuthLoginOidcPtrType) ToOutput(ctx context.Context) pulumix.Output[*ProviderAuthLoginOidc] { + return pulumix.Output[*ProviderAuthLoginOidc]{ + OutputState: i.ToProviderAuthLoginOidcPtrOutputWithContext(ctx).OutputState, + } +} + type ProviderAuthLoginOidcOutput struct{ *pulumi.OutputState } func (ProviderAuthLoginOidcOutput) ElementType() reflect.Type { @@ -2253,6 +2607,12 @@ func (o ProviderAuthLoginOidcOutput) ToProviderAuthLoginOidcPtrOutputWithContext }).(ProviderAuthLoginOidcPtrOutput) } +func (o ProviderAuthLoginOidcOutput) ToOutput(ctx context.Context) pulumix.Output[ProviderAuthLoginOidc] { + return pulumix.Output[ProviderAuthLoginOidc]{ + OutputState: o.OutputState, + } +} + func (o ProviderAuthLoginOidcOutput) CallbackAddress() pulumi.StringPtrOutput { return o.ApplyT(func(v ProviderAuthLoginOidc) *string { return v.CallbackAddress }).(pulumi.StringPtrOutput) } @@ -2273,6 +2633,10 @@ func (o ProviderAuthLoginOidcOutput) Role() pulumi.StringOutput { return o.ApplyT(func(v ProviderAuthLoginOidc) string { return v.Role }).(pulumi.StringOutput) } +func (o ProviderAuthLoginOidcOutput) UseRootNamespace() pulumi.BoolPtrOutput { + return o.ApplyT(func(v ProviderAuthLoginOidc) *bool { return v.UseRootNamespace }).(pulumi.BoolPtrOutput) +} + type ProviderAuthLoginOidcPtrOutput struct{ *pulumi.OutputState } func (ProviderAuthLoginOidcPtrOutput) ElementType() reflect.Type { @@ -2287,6 +2651,12 @@ func (o ProviderAuthLoginOidcPtrOutput) ToProviderAuthLoginOidcPtrOutputWithCont return o } +func (o ProviderAuthLoginOidcPtrOutput) ToOutput(ctx context.Context) pulumix.Output[*ProviderAuthLoginOidc] { + return pulumix.Output[*ProviderAuthLoginOidc]{ + OutputState: o.OutputState, + } +} + func (o ProviderAuthLoginOidcPtrOutput) Elem() ProviderAuthLoginOidcOutput { return o.ApplyT(func(v *ProviderAuthLoginOidc) ProviderAuthLoginOidc { if v != nil { @@ -2342,11 +2712,21 @@ func (o ProviderAuthLoginOidcPtrOutput) Role() pulumi.StringPtrOutput { }).(pulumi.StringPtrOutput) } +func (o ProviderAuthLoginOidcPtrOutput) UseRootNamespace() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *ProviderAuthLoginOidc) *bool { + if v == nil { + return nil + } + return v.UseRootNamespace + }).(pulumi.BoolPtrOutput) +} + type ProviderAuthLoginRadius struct { - Mount *string `pulumi:"mount"` - Namespace *string `pulumi:"namespace"` - Password string `pulumi:"password"` - Username string `pulumi:"username"` + Mount *string `pulumi:"mount"` + Namespace *string `pulumi:"namespace"` + Password string `pulumi:"password"` + UseRootNamespace *bool `pulumi:"useRootNamespace"` + Username string `pulumi:"username"` } // ProviderAuthLoginRadiusInput is an input type that accepts ProviderAuthLoginRadiusArgs and ProviderAuthLoginRadiusOutput values. @@ -2361,10 +2741,11 @@ type ProviderAuthLoginRadiusInput interface { } type ProviderAuthLoginRadiusArgs struct { - Mount pulumi.StringPtrInput `pulumi:"mount"` - Namespace pulumi.StringPtrInput `pulumi:"namespace"` - Password pulumi.StringInput `pulumi:"password"` - Username pulumi.StringInput `pulumi:"username"` + Mount pulumi.StringPtrInput `pulumi:"mount"` + Namespace pulumi.StringPtrInput `pulumi:"namespace"` + Password pulumi.StringInput `pulumi:"password"` + UseRootNamespace pulumi.BoolPtrInput `pulumi:"useRootNamespace"` + Username pulumi.StringInput `pulumi:"username"` } func (ProviderAuthLoginRadiusArgs) ElementType() reflect.Type { @@ -2379,6 +2760,12 @@ func (i ProviderAuthLoginRadiusArgs) ToProviderAuthLoginRadiusOutputWithContext( return pulumi.ToOutputWithContext(ctx, i).(ProviderAuthLoginRadiusOutput) } +func (i ProviderAuthLoginRadiusArgs) ToOutput(ctx context.Context) pulumix.Output[ProviderAuthLoginRadius] { + return pulumix.Output[ProviderAuthLoginRadius]{ + OutputState: i.ToProviderAuthLoginRadiusOutputWithContext(ctx).OutputState, + } +} + func (i ProviderAuthLoginRadiusArgs) ToProviderAuthLoginRadiusPtrOutput() ProviderAuthLoginRadiusPtrOutput { return i.ToProviderAuthLoginRadiusPtrOutputWithContext(context.Background()) } @@ -2420,6 +2807,12 @@ func (i *providerAuthLoginRadiusPtrType) ToProviderAuthLoginRadiusPtrOutputWithC return pulumi.ToOutputWithContext(ctx, i).(ProviderAuthLoginRadiusPtrOutput) } +func (i *providerAuthLoginRadiusPtrType) ToOutput(ctx context.Context) pulumix.Output[*ProviderAuthLoginRadius] { + return pulumix.Output[*ProviderAuthLoginRadius]{ + OutputState: i.ToProviderAuthLoginRadiusPtrOutputWithContext(ctx).OutputState, + } +} + type ProviderAuthLoginRadiusOutput struct{ *pulumi.OutputState } func (ProviderAuthLoginRadiusOutput) ElementType() reflect.Type { @@ -2444,6 +2837,12 @@ func (o ProviderAuthLoginRadiusOutput) ToProviderAuthLoginRadiusPtrOutputWithCon }).(ProviderAuthLoginRadiusPtrOutput) } +func (o ProviderAuthLoginRadiusOutput) ToOutput(ctx context.Context) pulumix.Output[ProviderAuthLoginRadius] { + return pulumix.Output[ProviderAuthLoginRadius]{ + OutputState: o.OutputState, + } +} + func (o ProviderAuthLoginRadiusOutput) Mount() pulumi.StringPtrOutput { return o.ApplyT(func(v ProviderAuthLoginRadius) *string { return v.Mount }).(pulumi.StringPtrOutput) } @@ -2456,6 +2855,10 @@ func (o ProviderAuthLoginRadiusOutput) Password() pulumi.StringOutput { return o.ApplyT(func(v ProviderAuthLoginRadius) string { return v.Password }).(pulumi.StringOutput) } +func (o ProviderAuthLoginRadiusOutput) UseRootNamespace() pulumi.BoolPtrOutput { + return o.ApplyT(func(v ProviderAuthLoginRadius) *bool { return v.UseRootNamespace }).(pulumi.BoolPtrOutput) +} + func (o ProviderAuthLoginRadiusOutput) Username() pulumi.StringOutput { return o.ApplyT(func(v ProviderAuthLoginRadius) string { return v.Username }).(pulumi.StringOutput) } @@ -2474,6 +2877,12 @@ func (o ProviderAuthLoginRadiusPtrOutput) ToProviderAuthLoginRadiusPtrOutputWith return o } +func (o ProviderAuthLoginRadiusPtrOutput) ToOutput(ctx context.Context) pulumix.Output[*ProviderAuthLoginRadius] { + return pulumix.Output[*ProviderAuthLoginRadius]{ + OutputState: o.OutputState, + } +} + func (o ProviderAuthLoginRadiusPtrOutput) Elem() ProviderAuthLoginRadiusOutput { return o.ApplyT(func(v *ProviderAuthLoginRadius) ProviderAuthLoginRadius { if v != nil { @@ -2511,6 +2920,15 @@ func (o ProviderAuthLoginRadiusPtrOutput) Password() pulumi.StringPtrOutput { }).(pulumi.StringPtrOutput) } +func (o ProviderAuthLoginRadiusPtrOutput) UseRootNamespace() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *ProviderAuthLoginRadius) *bool { + if v == nil { + return nil + } + return v.UseRootNamespace + }).(pulumi.BoolPtrOutput) +} + func (o ProviderAuthLoginRadiusPtrOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v *ProviderAuthLoginRadius) *string { if v == nil { @@ -2521,8 +2939,9 @@ func (o ProviderAuthLoginRadiusPtrOutput) Username() pulumi.StringPtrOutput { } type ProviderAuthLoginTokenFile struct { - Filename string `pulumi:"filename"` - Namespace *string `pulumi:"namespace"` + Filename string `pulumi:"filename"` + Namespace *string `pulumi:"namespace"` + UseRootNamespace *bool `pulumi:"useRootNamespace"` } // ProviderAuthLoginTokenFileInput is an input type that accepts ProviderAuthLoginTokenFileArgs and ProviderAuthLoginTokenFileOutput values. @@ -2537,8 +2956,9 @@ type ProviderAuthLoginTokenFileInput interface { } type ProviderAuthLoginTokenFileArgs struct { - Filename pulumi.StringInput `pulumi:"filename"` - Namespace pulumi.StringPtrInput `pulumi:"namespace"` + Filename pulumi.StringInput `pulumi:"filename"` + Namespace pulumi.StringPtrInput `pulumi:"namespace"` + UseRootNamespace pulumi.BoolPtrInput `pulumi:"useRootNamespace"` } func (ProviderAuthLoginTokenFileArgs) ElementType() reflect.Type { @@ -2553,6 +2973,12 @@ func (i ProviderAuthLoginTokenFileArgs) ToProviderAuthLoginTokenFileOutputWithCo return pulumi.ToOutputWithContext(ctx, i).(ProviderAuthLoginTokenFileOutput) } +func (i ProviderAuthLoginTokenFileArgs) ToOutput(ctx context.Context) pulumix.Output[ProviderAuthLoginTokenFile] { + return pulumix.Output[ProviderAuthLoginTokenFile]{ + OutputState: i.ToProviderAuthLoginTokenFileOutputWithContext(ctx).OutputState, + } +} + func (i ProviderAuthLoginTokenFileArgs) ToProviderAuthLoginTokenFilePtrOutput() ProviderAuthLoginTokenFilePtrOutput { return i.ToProviderAuthLoginTokenFilePtrOutputWithContext(context.Background()) } @@ -2594,6 +3020,12 @@ func (i *providerAuthLoginTokenFilePtrType) ToProviderAuthLoginTokenFilePtrOutpu return pulumi.ToOutputWithContext(ctx, i).(ProviderAuthLoginTokenFilePtrOutput) } +func (i *providerAuthLoginTokenFilePtrType) ToOutput(ctx context.Context) pulumix.Output[*ProviderAuthLoginTokenFile] { + return pulumix.Output[*ProviderAuthLoginTokenFile]{ + OutputState: i.ToProviderAuthLoginTokenFilePtrOutputWithContext(ctx).OutputState, + } +} + type ProviderAuthLoginTokenFileOutput struct{ *pulumi.OutputState } func (ProviderAuthLoginTokenFileOutput) ElementType() reflect.Type { @@ -2618,6 +3050,12 @@ func (o ProviderAuthLoginTokenFileOutput) ToProviderAuthLoginTokenFilePtrOutputW }).(ProviderAuthLoginTokenFilePtrOutput) } +func (o ProviderAuthLoginTokenFileOutput) ToOutput(ctx context.Context) pulumix.Output[ProviderAuthLoginTokenFile] { + return pulumix.Output[ProviderAuthLoginTokenFile]{ + OutputState: o.OutputState, + } +} + func (o ProviderAuthLoginTokenFileOutput) Filename() pulumi.StringOutput { return o.ApplyT(func(v ProviderAuthLoginTokenFile) string { return v.Filename }).(pulumi.StringOutput) } @@ -2626,6 +3064,10 @@ func (o ProviderAuthLoginTokenFileOutput) Namespace() pulumi.StringPtrOutput { return o.ApplyT(func(v ProviderAuthLoginTokenFile) *string { return v.Namespace }).(pulumi.StringPtrOutput) } +func (o ProviderAuthLoginTokenFileOutput) UseRootNamespace() pulumi.BoolPtrOutput { + return o.ApplyT(func(v ProviderAuthLoginTokenFile) *bool { return v.UseRootNamespace }).(pulumi.BoolPtrOutput) +} + type ProviderAuthLoginTokenFilePtrOutput struct{ *pulumi.OutputState } func (ProviderAuthLoginTokenFilePtrOutput) ElementType() reflect.Type { @@ -2640,6 +3082,12 @@ func (o ProviderAuthLoginTokenFilePtrOutput) ToProviderAuthLoginTokenFilePtrOutp return o } +func (o ProviderAuthLoginTokenFilePtrOutput) ToOutput(ctx context.Context) pulumix.Output[*ProviderAuthLoginTokenFile] { + return pulumix.Output[*ProviderAuthLoginTokenFile]{ + OutputState: o.OutputState, + } +} + func (o ProviderAuthLoginTokenFilePtrOutput) Elem() ProviderAuthLoginTokenFileOutput { return o.ApplyT(func(v *ProviderAuthLoginTokenFile) ProviderAuthLoginTokenFile { if v != nil { @@ -2668,12 +3116,22 @@ func (o ProviderAuthLoginTokenFilePtrOutput) Namespace() pulumi.StringPtrOutput }).(pulumi.StringPtrOutput) } +func (o ProviderAuthLoginTokenFilePtrOutput) UseRootNamespace() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *ProviderAuthLoginTokenFile) *bool { + if v == nil { + return nil + } + return v.UseRootNamespace + }).(pulumi.BoolPtrOutput) +} + type ProviderAuthLoginUserpass struct { - Mount *string `pulumi:"mount"` - Namespace *string `pulumi:"namespace"` - Password *string `pulumi:"password"` - PasswordFile *string `pulumi:"passwordFile"` - Username string `pulumi:"username"` + Mount *string `pulumi:"mount"` + Namespace *string `pulumi:"namespace"` + Password *string `pulumi:"password"` + PasswordFile *string `pulumi:"passwordFile"` + UseRootNamespace *bool `pulumi:"useRootNamespace"` + Username string `pulumi:"username"` } // ProviderAuthLoginUserpassInput is an input type that accepts ProviderAuthLoginUserpassArgs and ProviderAuthLoginUserpassOutput values. @@ -2688,11 +3146,12 @@ type ProviderAuthLoginUserpassInput interface { } type ProviderAuthLoginUserpassArgs struct { - Mount pulumi.StringPtrInput `pulumi:"mount"` - Namespace pulumi.StringPtrInput `pulumi:"namespace"` - Password pulumi.StringPtrInput `pulumi:"password"` - PasswordFile pulumi.StringPtrInput `pulumi:"passwordFile"` - Username pulumi.StringInput `pulumi:"username"` + Mount pulumi.StringPtrInput `pulumi:"mount"` + Namespace pulumi.StringPtrInput `pulumi:"namespace"` + Password pulumi.StringPtrInput `pulumi:"password"` + PasswordFile pulumi.StringPtrInput `pulumi:"passwordFile"` + UseRootNamespace pulumi.BoolPtrInput `pulumi:"useRootNamespace"` + Username pulumi.StringInput `pulumi:"username"` } func (ProviderAuthLoginUserpassArgs) ElementType() reflect.Type { @@ -2707,6 +3166,12 @@ func (i ProviderAuthLoginUserpassArgs) ToProviderAuthLoginUserpassOutputWithCont return pulumi.ToOutputWithContext(ctx, i).(ProviderAuthLoginUserpassOutput) } +func (i ProviderAuthLoginUserpassArgs) ToOutput(ctx context.Context) pulumix.Output[ProviderAuthLoginUserpass] { + return pulumix.Output[ProviderAuthLoginUserpass]{ + OutputState: i.ToProviderAuthLoginUserpassOutputWithContext(ctx).OutputState, + } +} + func (i ProviderAuthLoginUserpassArgs) ToProviderAuthLoginUserpassPtrOutput() ProviderAuthLoginUserpassPtrOutput { return i.ToProviderAuthLoginUserpassPtrOutputWithContext(context.Background()) } @@ -2748,6 +3213,12 @@ func (i *providerAuthLoginUserpassPtrType) ToProviderAuthLoginUserpassPtrOutputW return pulumi.ToOutputWithContext(ctx, i).(ProviderAuthLoginUserpassPtrOutput) } +func (i *providerAuthLoginUserpassPtrType) ToOutput(ctx context.Context) pulumix.Output[*ProviderAuthLoginUserpass] { + return pulumix.Output[*ProviderAuthLoginUserpass]{ + OutputState: i.ToProviderAuthLoginUserpassPtrOutputWithContext(ctx).OutputState, + } +} + type ProviderAuthLoginUserpassOutput struct{ *pulumi.OutputState } func (ProviderAuthLoginUserpassOutput) ElementType() reflect.Type { @@ -2772,6 +3243,12 @@ func (o ProviderAuthLoginUserpassOutput) ToProviderAuthLoginUserpassPtrOutputWit }).(ProviderAuthLoginUserpassPtrOutput) } +func (o ProviderAuthLoginUserpassOutput) ToOutput(ctx context.Context) pulumix.Output[ProviderAuthLoginUserpass] { + return pulumix.Output[ProviderAuthLoginUserpass]{ + OutputState: o.OutputState, + } +} + func (o ProviderAuthLoginUserpassOutput) Mount() pulumi.StringPtrOutput { return o.ApplyT(func(v ProviderAuthLoginUserpass) *string { return v.Mount }).(pulumi.StringPtrOutput) } @@ -2788,6 +3265,10 @@ func (o ProviderAuthLoginUserpassOutput) PasswordFile() pulumi.StringPtrOutput { return o.ApplyT(func(v ProviderAuthLoginUserpass) *string { return v.PasswordFile }).(pulumi.StringPtrOutput) } +func (o ProviderAuthLoginUserpassOutput) UseRootNamespace() pulumi.BoolPtrOutput { + return o.ApplyT(func(v ProviderAuthLoginUserpass) *bool { return v.UseRootNamespace }).(pulumi.BoolPtrOutput) +} + func (o ProviderAuthLoginUserpassOutput) Username() pulumi.StringOutput { return o.ApplyT(func(v ProviderAuthLoginUserpass) string { return v.Username }).(pulumi.StringOutput) } @@ -2806,6 +3287,12 @@ func (o ProviderAuthLoginUserpassPtrOutput) ToProviderAuthLoginUserpassPtrOutput return o } +func (o ProviderAuthLoginUserpassPtrOutput) ToOutput(ctx context.Context) pulumix.Output[*ProviderAuthLoginUserpass] { + return pulumix.Output[*ProviderAuthLoginUserpass]{ + OutputState: o.OutputState, + } +} + func (o ProviderAuthLoginUserpassPtrOutput) Elem() ProviderAuthLoginUserpassOutput { return o.ApplyT(func(v *ProviderAuthLoginUserpass) ProviderAuthLoginUserpass { if v != nil { @@ -2852,6 +3339,15 @@ func (o ProviderAuthLoginUserpassPtrOutput) PasswordFile() pulumi.StringPtrOutpu }).(pulumi.StringPtrOutput) } +func (o ProviderAuthLoginUserpassPtrOutput) UseRootNamespace() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *ProviderAuthLoginUserpass) *bool { + if v == nil { + return nil + } + return v.UseRootNamespace + }).(pulumi.BoolPtrOutput) +} + func (o ProviderAuthLoginUserpassPtrOutput) Username() pulumi.StringPtrOutput { return o.ApplyT(func(v *ProviderAuthLoginUserpass) *string { if v == nil { @@ -2894,6 +3390,12 @@ func (i ProviderClientAuthArgs) ToProviderClientAuthOutputWithContext(ctx contex return pulumi.ToOutputWithContext(ctx, i).(ProviderClientAuthOutput) } +func (i ProviderClientAuthArgs) ToOutput(ctx context.Context) pulumix.Output[ProviderClientAuth] { + return pulumix.Output[ProviderClientAuth]{ + OutputState: i.ToProviderClientAuthOutputWithContext(ctx).OutputState, + } +} + func (i ProviderClientAuthArgs) ToProviderClientAuthPtrOutput() ProviderClientAuthPtrOutput { return i.ToProviderClientAuthPtrOutputWithContext(context.Background()) } @@ -2935,6 +3437,12 @@ func (i *providerClientAuthPtrType) ToProviderClientAuthPtrOutputWithContext(ctx return pulumi.ToOutputWithContext(ctx, i).(ProviderClientAuthPtrOutput) } +func (i *providerClientAuthPtrType) ToOutput(ctx context.Context) pulumix.Output[*ProviderClientAuth] { + return pulumix.Output[*ProviderClientAuth]{ + OutputState: i.ToProviderClientAuthPtrOutputWithContext(ctx).OutputState, + } +} + type ProviderClientAuthOutput struct{ *pulumi.OutputState } func (ProviderClientAuthOutput) ElementType() reflect.Type { @@ -2959,6 +3467,12 @@ func (o ProviderClientAuthOutput) ToProviderClientAuthPtrOutputWithContext(ctx c }).(ProviderClientAuthPtrOutput) } +func (o ProviderClientAuthOutput) ToOutput(ctx context.Context) pulumix.Output[ProviderClientAuth] { + return pulumix.Output[ProviderClientAuth]{ + OutputState: o.OutputState, + } +} + func (o ProviderClientAuthOutput) CertFile() pulumi.StringOutput { return o.ApplyT(func(v ProviderClientAuth) string { return v.CertFile }).(pulumi.StringOutput) } @@ -2981,6 +3495,12 @@ func (o ProviderClientAuthPtrOutput) ToProviderClientAuthPtrOutputWithContext(ct return o } +func (o ProviderClientAuthPtrOutput) ToOutput(ctx context.Context) pulumix.Output[*ProviderClientAuth] { + return pulumix.Output[*ProviderClientAuth]{ + OutputState: o.OutputState, + } +} + func (o ProviderClientAuthPtrOutput) Elem() ProviderClientAuthOutput { return o.ApplyT(func(v *ProviderClientAuth) ProviderClientAuth { if v != nil { @@ -3042,6 +3562,12 @@ func (i ProviderHeaderArgs) ToProviderHeaderOutputWithContext(ctx context.Contex return pulumi.ToOutputWithContext(ctx, i).(ProviderHeaderOutput) } +func (i ProviderHeaderArgs) ToOutput(ctx context.Context) pulumix.Output[ProviderHeader] { + return pulumix.Output[ProviderHeader]{ + OutputState: i.ToProviderHeaderOutputWithContext(ctx).OutputState, + } +} + // ProviderHeaderArrayInput is an input type that accepts ProviderHeaderArray and ProviderHeaderArrayOutput values. // You can construct a concrete instance of `ProviderHeaderArrayInput` via: // @@ -3067,6 +3593,12 @@ func (i ProviderHeaderArray) ToProviderHeaderArrayOutputWithContext(ctx context. return pulumi.ToOutputWithContext(ctx, i).(ProviderHeaderArrayOutput) } +func (i ProviderHeaderArray) ToOutput(ctx context.Context) pulumix.Output[[]ProviderHeader] { + return pulumix.Output[[]ProviderHeader]{ + OutputState: i.ToProviderHeaderArrayOutputWithContext(ctx).OutputState, + } +} + type ProviderHeaderOutput struct{ *pulumi.OutputState } func (ProviderHeaderOutput) ElementType() reflect.Type { @@ -3081,6 +3613,12 @@ func (o ProviderHeaderOutput) ToProviderHeaderOutputWithContext(ctx context.Cont return o } +func (o ProviderHeaderOutput) ToOutput(ctx context.Context) pulumix.Output[ProviderHeader] { + return pulumix.Output[ProviderHeader]{ + OutputState: o.OutputState, + } +} + func (o ProviderHeaderOutput) Name() pulumi.StringOutput { return o.ApplyT(func(v ProviderHeader) string { return v.Name }).(pulumi.StringOutput) } @@ -3103,6 +3641,12 @@ func (o ProviderHeaderArrayOutput) ToProviderHeaderArrayOutputWithContext(ctx co return o } +func (o ProviderHeaderArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]ProviderHeader] { + return pulumix.Output[[]ProviderHeader]{ + OutputState: o.OutputState, + } +} + func (o ProviderHeaderArrayOutput) Index(i pulumi.IntInput) ProviderHeaderOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) ProviderHeader { return vs[0].([]ProviderHeader)[vs[1].(int)] @@ -3170,6 +3714,12 @@ func (i GetPolicyDocumentRuleArgs) ToGetPolicyDocumentRuleOutputWithContext(ctx return pulumi.ToOutputWithContext(ctx, i).(GetPolicyDocumentRuleOutput) } +func (i GetPolicyDocumentRuleArgs) ToOutput(ctx context.Context) pulumix.Output[GetPolicyDocumentRule] { + return pulumix.Output[GetPolicyDocumentRule]{ + OutputState: i.ToGetPolicyDocumentRuleOutputWithContext(ctx).OutputState, + } +} + // GetPolicyDocumentRuleArrayInput is an input type that accepts GetPolicyDocumentRuleArray and GetPolicyDocumentRuleArrayOutput values. // You can construct a concrete instance of `GetPolicyDocumentRuleArrayInput` via: // @@ -3195,6 +3745,12 @@ func (i GetPolicyDocumentRuleArray) ToGetPolicyDocumentRuleArrayOutputWithContex return pulumi.ToOutputWithContext(ctx, i).(GetPolicyDocumentRuleArrayOutput) } +func (i GetPolicyDocumentRuleArray) ToOutput(ctx context.Context) pulumix.Output[[]GetPolicyDocumentRule] { + return pulumix.Output[[]GetPolicyDocumentRule]{ + OutputState: i.ToGetPolicyDocumentRuleArrayOutputWithContext(ctx).OutputState, + } +} + type GetPolicyDocumentRuleOutput struct{ *pulumi.OutputState } func (GetPolicyDocumentRuleOutput) ElementType() reflect.Type { @@ -3209,6 +3765,12 @@ func (o GetPolicyDocumentRuleOutput) ToGetPolicyDocumentRuleOutputWithContext(ct return o } +func (o GetPolicyDocumentRuleOutput) ToOutput(ctx context.Context) pulumix.Output[GetPolicyDocumentRule] { + return pulumix.Output[GetPolicyDocumentRule]{ + OutputState: o.OutputState, + } +} + // Whitelists a list of keys and values that are permitted on the given path. See Parameters below. func (o GetPolicyDocumentRuleOutput) AllowedParameters() GetPolicyDocumentRuleAllowedParameterArrayOutput { return o.ApplyT(func(v GetPolicyDocumentRule) []GetPolicyDocumentRuleAllowedParameter { return v.AllowedParameters }).(GetPolicyDocumentRuleAllowedParameterArrayOutput) @@ -3263,6 +3825,12 @@ func (o GetPolicyDocumentRuleArrayOutput) ToGetPolicyDocumentRuleArrayOutputWith return o } +func (o GetPolicyDocumentRuleArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]GetPolicyDocumentRule] { + return pulumix.Output[[]GetPolicyDocumentRule]{ + OutputState: o.OutputState, + } +} + func (o GetPolicyDocumentRuleArrayOutput) Index(i pulumi.IntInput) GetPolicyDocumentRuleOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) GetPolicyDocumentRule { return vs[0].([]GetPolicyDocumentRule)[vs[1].(int)] @@ -3306,6 +3874,12 @@ func (i GetPolicyDocumentRuleAllowedParameterArgs) ToGetPolicyDocumentRuleAllowe return pulumi.ToOutputWithContext(ctx, i).(GetPolicyDocumentRuleAllowedParameterOutput) } +func (i GetPolicyDocumentRuleAllowedParameterArgs) ToOutput(ctx context.Context) pulumix.Output[GetPolicyDocumentRuleAllowedParameter] { + return pulumix.Output[GetPolicyDocumentRuleAllowedParameter]{ + OutputState: i.ToGetPolicyDocumentRuleAllowedParameterOutputWithContext(ctx).OutputState, + } +} + // GetPolicyDocumentRuleAllowedParameterArrayInput is an input type that accepts GetPolicyDocumentRuleAllowedParameterArray and GetPolicyDocumentRuleAllowedParameterArrayOutput values. // You can construct a concrete instance of `GetPolicyDocumentRuleAllowedParameterArrayInput` via: // @@ -3331,6 +3905,12 @@ func (i GetPolicyDocumentRuleAllowedParameterArray) ToGetPolicyDocumentRuleAllow return pulumi.ToOutputWithContext(ctx, i).(GetPolicyDocumentRuleAllowedParameterArrayOutput) } +func (i GetPolicyDocumentRuleAllowedParameterArray) ToOutput(ctx context.Context) pulumix.Output[[]GetPolicyDocumentRuleAllowedParameter] { + return pulumix.Output[[]GetPolicyDocumentRuleAllowedParameter]{ + OutputState: i.ToGetPolicyDocumentRuleAllowedParameterArrayOutputWithContext(ctx).OutputState, + } +} + type GetPolicyDocumentRuleAllowedParameterOutput struct{ *pulumi.OutputState } func (GetPolicyDocumentRuleAllowedParameterOutput) ElementType() reflect.Type { @@ -3345,6 +3925,12 @@ func (o GetPolicyDocumentRuleAllowedParameterOutput) ToGetPolicyDocumentRuleAllo return o } +func (o GetPolicyDocumentRuleAllowedParameterOutput) ToOutput(ctx context.Context) pulumix.Output[GetPolicyDocumentRuleAllowedParameter] { + return pulumix.Output[GetPolicyDocumentRuleAllowedParameter]{ + OutputState: o.OutputState, + } +} + // name of permitted or denied parameter. func (o GetPolicyDocumentRuleAllowedParameterOutput) Key() pulumi.StringOutput { return o.ApplyT(func(v GetPolicyDocumentRuleAllowedParameter) string { return v.Key }).(pulumi.StringOutput) @@ -3369,6 +3955,12 @@ func (o GetPolicyDocumentRuleAllowedParameterArrayOutput) ToGetPolicyDocumentRul return o } +func (o GetPolicyDocumentRuleAllowedParameterArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]GetPolicyDocumentRuleAllowedParameter] { + return pulumix.Output[[]GetPolicyDocumentRuleAllowedParameter]{ + OutputState: o.OutputState, + } +} + func (o GetPolicyDocumentRuleAllowedParameterArrayOutput) Index(i pulumi.IntInput) GetPolicyDocumentRuleAllowedParameterOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) GetPolicyDocumentRuleAllowedParameter { return vs[0].([]GetPolicyDocumentRuleAllowedParameter)[vs[1].(int)] @@ -3412,6 +4004,12 @@ func (i GetPolicyDocumentRuleDeniedParameterArgs) ToGetPolicyDocumentRuleDeniedP return pulumi.ToOutputWithContext(ctx, i).(GetPolicyDocumentRuleDeniedParameterOutput) } +func (i GetPolicyDocumentRuleDeniedParameterArgs) ToOutput(ctx context.Context) pulumix.Output[GetPolicyDocumentRuleDeniedParameter] { + return pulumix.Output[GetPolicyDocumentRuleDeniedParameter]{ + OutputState: i.ToGetPolicyDocumentRuleDeniedParameterOutputWithContext(ctx).OutputState, + } +} + // GetPolicyDocumentRuleDeniedParameterArrayInput is an input type that accepts GetPolicyDocumentRuleDeniedParameterArray and GetPolicyDocumentRuleDeniedParameterArrayOutput values. // You can construct a concrete instance of `GetPolicyDocumentRuleDeniedParameterArrayInput` via: // @@ -3437,6 +4035,12 @@ func (i GetPolicyDocumentRuleDeniedParameterArray) ToGetPolicyDocumentRuleDenied return pulumi.ToOutputWithContext(ctx, i).(GetPolicyDocumentRuleDeniedParameterArrayOutput) } +func (i GetPolicyDocumentRuleDeniedParameterArray) ToOutput(ctx context.Context) pulumix.Output[[]GetPolicyDocumentRuleDeniedParameter] { + return pulumix.Output[[]GetPolicyDocumentRuleDeniedParameter]{ + OutputState: i.ToGetPolicyDocumentRuleDeniedParameterArrayOutputWithContext(ctx).OutputState, + } +} + type GetPolicyDocumentRuleDeniedParameterOutput struct{ *pulumi.OutputState } func (GetPolicyDocumentRuleDeniedParameterOutput) ElementType() reflect.Type { @@ -3451,6 +4055,12 @@ func (o GetPolicyDocumentRuleDeniedParameterOutput) ToGetPolicyDocumentRuleDenie return o } +func (o GetPolicyDocumentRuleDeniedParameterOutput) ToOutput(ctx context.Context) pulumix.Output[GetPolicyDocumentRuleDeniedParameter] { + return pulumix.Output[GetPolicyDocumentRuleDeniedParameter]{ + OutputState: o.OutputState, + } +} + // name of permitted or denied parameter. func (o GetPolicyDocumentRuleDeniedParameterOutput) Key() pulumi.StringOutput { return o.ApplyT(func(v GetPolicyDocumentRuleDeniedParameter) string { return v.Key }).(pulumi.StringOutput) @@ -3475,6 +4085,12 @@ func (o GetPolicyDocumentRuleDeniedParameterArrayOutput) ToGetPolicyDocumentRule return o } +func (o GetPolicyDocumentRuleDeniedParameterArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]GetPolicyDocumentRuleDeniedParameter] { + return pulumix.Output[[]GetPolicyDocumentRuleDeniedParameter]{ + OutputState: o.OutputState, + } +} + func (o GetPolicyDocumentRuleDeniedParameterArrayOutput) Index(i pulumi.IntInput) GetPolicyDocumentRuleDeniedParameterOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) GetPolicyDocumentRuleDeniedParameter { return vs[0].([]GetPolicyDocumentRuleDeniedParameter)[vs[1].(int)] diff --git a/sdk/go/vault/pulumiUtilities.go b/sdk/go/vault/pulumiUtilities.go deleted file mode 100644 index d7943812b..000000000 --- a/sdk/go/vault/pulumiUtilities.go +++ /dev/null @@ -1,87 +0,0 @@ -// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. -// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** - -package vault - -import ( - "fmt" - "os" - "reflect" - "regexp" - "strconv" - "strings" - - "github.com/blang/semver" - "github.com/pulumi/pulumi/sdk/v3/go/pulumi" -) - -type envParser func(v string) interface{} - -func parseEnvBool(v string) interface{} { - b, err := strconv.ParseBool(v) - if err != nil { - return nil - } - return b -} - -func parseEnvInt(v string) interface{} { - i, err := strconv.ParseInt(v, 0, 0) - if err != nil { - return nil - } - return int(i) -} - -func parseEnvFloat(v string) interface{} { - f, err := strconv.ParseFloat(v, 64) - if err != nil { - return nil - } - return f -} - -func parseEnvStringArray(v string) interface{} { - var result pulumi.StringArray - for _, item := range strings.Split(v, ";") { - result = append(result, pulumi.String(item)) - } - return result -} - -func getEnvOrDefault(def interface{}, parser envParser, vars ...string) interface{} { - for _, v := range vars { - if value := os.Getenv(v); value != "" { - if parser != nil { - return parser(value) - } - return value - } - } - return def -} - -// PkgVersion uses reflection to determine the version of the current package. -// If a version cannot be determined, v1 will be assumed. The second return -// value is always nil. -func PkgVersion() (semver.Version, error) { - type sentinal struct{} - pkgPath := reflect.TypeOf(sentinal{}).PkgPath() - re := regexp.MustCompile("^.*/pulumi-vault/sdk(/v\\d+)?") - if match := re.FindStringSubmatch(pkgPath); match != nil { - vStr := match[1] - if len(vStr) == 0 { // If the version capture group was empty, default to v1. - return semver.Version{Major: 1}, nil - } - return semver.MustParse(fmt.Sprintf("%s.0.0", vStr[2:])), nil - } - return semver.Version{Major: 1}, nil -} - -// isZero is a null safe check for if a value is it's types zero value. -func isZero(v interface{}) bool { - if v == nil { - return true - } - return reflect.ValueOf(v).IsZero() -} diff --git a/sdk/go/vault/quotaLeaseCount.go b/sdk/go/vault/quotaLeaseCount.go index 344ed823f..83fdeb11e 100644 --- a/sdk/go/vault/quotaLeaseCount.go +++ b/sdk/go/vault/quotaLeaseCount.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Manage lease count quotas which enforce the number of leases that can be created. @@ -90,6 +92,7 @@ func NewQuotaLeaseCount(ctx *pulumi.Context, if args.MaxLeases == nil { return nil, errors.New("invalid value for required argument 'MaxLeases'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource QuotaLeaseCount err := ctx.RegisterResource("vault:index/quotaLeaseCount:QuotaLeaseCount", name, args, &resource, opts...) if err != nil { @@ -227,6 +230,12 @@ func (i *QuotaLeaseCount) ToQuotaLeaseCountOutputWithContext(ctx context.Context return pulumi.ToOutputWithContext(ctx, i).(QuotaLeaseCountOutput) } +func (i *QuotaLeaseCount) ToOutput(ctx context.Context) pulumix.Output[*QuotaLeaseCount] { + return pulumix.Output[*QuotaLeaseCount]{ + OutputState: i.ToQuotaLeaseCountOutputWithContext(ctx).OutputState, + } +} + // QuotaLeaseCountArrayInput is an input type that accepts QuotaLeaseCountArray and QuotaLeaseCountArrayOutput values. // You can construct a concrete instance of `QuotaLeaseCountArrayInput` via: // @@ -252,6 +261,12 @@ func (i QuotaLeaseCountArray) ToQuotaLeaseCountArrayOutputWithContext(ctx contex return pulumi.ToOutputWithContext(ctx, i).(QuotaLeaseCountArrayOutput) } +func (i QuotaLeaseCountArray) ToOutput(ctx context.Context) pulumix.Output[[]*QuotaLeaseCount] { + return pulumix.Output[[]*QuotaLeaseCount]{ + OutputState: i.ToQuotaLeaseCountArrayOutputWithContext(ctx).OutputState, + } +} + // QuotaLeaseCountMapInput is an input type that accepts QuotaLeaseCountMap and QuotaLeaseCountMapOutput values. // You can construct a concrete instance of `QuotaLeaseCountMapInput` via: // @@ -277,6 +292,12 @@ func (i QuotaLeaseCountMap) ToQuotaLeaseCountMapOutputWithContext(ctx context.Co return pulumi.ToOutputWithContext(ctx, i).(QuotaLeaseCountMapOutput) } +func (i QuotaLeaseCountMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*QuotaLeaseCount] { + return pulumix.Output[map[string]*QuotaLeaseCount]{ + OutputState: i.ToQuotaLeaseCountMapOutputWithContext(ctx).OutputState, + } +} + type QuotaLeaseCountOutput struct{ *pulumi.OutputState } func (QuotaLeaseCountOutput) ElementType() reflect.Type { @@ -291,6 +312,12 @@ func (o QuotaLeaseCountOutput) ToQuotaLeaseCountOutputWithContext(ctx context.Co return o } +func (o QuotaLeaseCountOutput) ToOutput(ctx context.Context) pulumix.Output[*QuotaLeaseCount] { + return pulumix.Output[*QuotaLeaseCount]{ + OutputState: o.OutputState, + } +} + // The maximum number of leases to be allowed by the quota // rule. The `maxLeases` must be positive. func (o QuotaLeaseCountOutput) MaxLeases() pulumi.IntOutput { @@ -339,6 +366,12 @@ func (o QuotaLeaseCountArrayOutput) ToQuotaLeaseCountArrayOutputWithContext(ctx return o } +func (o QuotaLeaseCountArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*QuotaLeaseCount] { + return pulumix.Output[[]*QuotaLeaseCount]{ + OutputState: o.OutputState, + } +} + func (o QuotaLeaseCountArrayOutput) Index(i pulumi.IntInput) QuotaLeaseCountOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *QuotaLeaseCount { return vs[0].([]*QuotaLeaseCount)[vs[1].(int)] @@ -359,6 +392,12 @@ func (o QuotaLeaseCountMapOutput) ToQuotaLeaseCountMapOutputWithContext(ctx cont return o } +func (o QuotaLeaseCountMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*QuotaLeaseCount] { + return pulumix.Output[map[string]*QuotaLeaseCount]{ + OutputState: o.OutputState, + } +} + func (o QuotaLeaseCountMapOutput) MapIndex(k pulumi.StringInput) QuotaLeaseCountOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *QuotaLeaseCount { return vs[0].(map[string]*QuotaLeaseCount)[vs[1].(string)] diff --git a/sdk/go/vault/quotaRateLimit.go b/sdk/go/vault/quotaRateLimit.go index 4d64d9ab7..29cb1b7f7 100644 --- a/sdk/go/vault/quotaRateLimit.go +++ b/sdk/go/vault/quotaRateLimit.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Manage rate limit quotas which enforce API rate limiting using a token bucket algorithm. @@ -93,6 +95,7 @@ func NewQuotaRateLimit(ctx *pulumi.Context, if args.Rate == nil { return nil, errors.New("invalid value for required argument 'Rate'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource QuotaRateLimit err := ctx.RegisterResource("vault:index/quotaRateLimit:QuotaRateLimit", name, args, &resource, opts...) if err != nil { @@ -250,6 +253,12 @@ func (i *QuotaRateLimit) ToQuotaRateLimitOutputWithContext(ctx context.Context) return pulumi.ToOutputWithContext(ctx, i).(QuotaRateLimitOutput) } +func (i *QuotaRateLimit) ToOutput(ctx context.Context) pulumix.Output[*QuotaRateLimit] { + return pulumix.Output[*QuotaRateLimit]{ + OutputState: i.ToQuotaRateLimitOutputWithContext(ctx).OutputState, + } +} + // QuotaRateLimitArrayInput is an input type that accepts QuotaRateLimitArray and QuotaRateLimitArrayOutput values. // You can construct a concrete instance of `QuotaRateLimitArrayInput` via: // @@ -275,6 +284,12 @@ func (i QuotaRateLimitArray) ToQuotaRateLimitArrayOutputWithContext(ctx context. return pulumi.ToOutputWithContext(ctx, i).(QuotaRateLimitArrayOutput) } +func (i QuotaRateLimitArray) ToOutput(ctx context.Context) pulumix.Output[[]*QuotaRateLimit] { + return pulumix.Output[[]*QuotaRateLimit]{ + OutputState: i.ToQuotaRateLimitArrayOutputWithContext(ctx).OutputState, + } +} + // QuotaRateLimitMapInput is an input type that accepts QuotaRateLimitMap and QuotaRateLimitMapOutput values. // You can construct a concrete instance of `QuotaRateLimitMapInput` via: // @@ -300,6 +315,12 @@ func (i QuotaRateLimitMap) ToQuotaRateLimitMapOutputWithContext(ctx context.Cont return pulumi.ToOutputWithContext(ctx, i).(QuotaRateLimitMapOutput) } +func (i QuotaRateLimitMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*QuotaRateLimit] { + return pulumix.Output[map[string]*QuotaRateLimit]{ + OutputState: i.ToQuotaRateLimitMapOutputWithContext(ctx).OutputState, + } +} + type QuotaRateLimitOutput struct{ *pulumi.OutputState } func (QuotaRateLimitOutput) ElementType() reflect.Type { @@ -314,6 +335,12 @@ func (o QuotaRateLimitOutput) ToQuotaRateLimitOutputWithContext(ctx context.Cont return o } +func (o QuotaRateLimitOutput) ToOutput(ctx context.Context) pulumix.Output[*QuotaRateLimit] { + return pulumix.Output[*QuotaRateLimit]{ + OutputState: o.OutputState, + } +} + // If set, when a client reaches a rate limit threshold, the client will // be prohibited from any further requests until after the 'block_interval' in seconds has elapsed. func (o QuotaRateLimitOutput) BlockInterval() pulumi.IntPtrOutput { @@ -373,6 +400,12 @@ func (o QuotaRateLimitArrayOutput) ToQuotaRateLimitArrayOutputWithContext(ctx co return o } +func (o QuotaRateLimitArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*QuotaRateLimit] { + return pulumix.Output[[]*QuotaRateLimit]{ + OutputState: o.OutputState, + } +} + func (o QuotaRateLimitArrayOutput) Index(i pulumi.IntInput) QuotaRateLimitOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *QuotaRateLimit { return vs[0].([]*QuotaRateLimit)[vs[1].(int)] @@ -393,6 +426,12 @@ func (o QuotaRateLimitMapOutput) ToQuotaRateLimitMapOutputWithContext(ctx contex return o } +func (o QuotaRateLimitMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*QuotaRateLimit] { + return pulumix.Output[map[string]*QuotaRateLimit]{ + OutputState: o.OutputState, + } +} + func (o QuotaRateLimitMapOutput) MapIndex(k pulumi.StringInput) QuotaRateLimitOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *QuotaRateLimit { return vs[0].(map[string]*QuotaRateLimit)[vs[1].(string)] diff --git a/sdk/go/vault/rabbitmq/init.go b/sdk/go/vault/rabbitmq/init.go index 3d6bd5340..562368012 100644 --- a/sdk/go/vault/rabbitmq/init.go +++ b/sdk/go/vault/rabbitmq/init.go @@ -7,7 +7,7 @@ import ( "fmt" "github.com/blang/semver" - "github.com/pulumi/pulumi-vault/sdk/v5/go/vault" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) @@ -34,7 +34,7 @@ func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi } func init() { - version, err := vault.PkgVersion() + version, err := internal.PkgVersion() if err != nil { version = semver.Version{Major: 1} } diff --git a/sdk/go/vault/rabbitmq/pulumiTypes.go b/sdk/go/vault/rabbitmq/pulumiTypes.go index d3aec0d84..d2f451e2d 100644 --- a/sdk/go/vault/rabbitmq/pulumiTypes.go +++ b/sdk/go/vault/rabbitmq/pulumiTypes.go @@ -7,9 +7,13 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) +var _ = internal.GetEnvOrDefault + type SecretBackendRoleVhost struct { Configure string `pulumi:"configure"` Host string `pulumi:"host"` @@ -47,6 +51,12 @@ func (i SecretBackendRoleVhostArgs) ToSecretBackendRoleVhostOutputWithContext(ct return pulumi.ToOutputWithContext(ctx, i).(SecretBackendRoleVhostOutput) } +func (i SecretBackendRoleVhostArgs) ToOutput(ctx context.Context) pulumix.Output[SecretBackendRoleVhost] { + return pulumix.Output[SecretBackendRoleVhost]{ + OutputState: i.ToSecretBackendRoleVhostOutputWithContext(ctx).OutputState, + } +} + // SecretBackendRoleVhostArrayInput is an input type that accepts SecretBackendRoleVhostArray and SecretBackendRoleVhostArrayOutput values. // You can construct a concrete instance of `SecretBackendRoleVhostArrayInput` via: // @@ -72,6 +82,12 @@ func (i SecretBackendRoleVhostArray) ToSecretBackendRoleVhostArrayOutputWithCont return pulumi.ToOutputWithContext(ctx, i).(SecretBackendRoleVhostArrayOutput) } +func (i SecretBackendRoleVhostArray) ToOutput(ctx context.Context) pulumix.Output[[]SecretBackendRoleVhost] { + return pulumix.Output[[]SecretBackendRoleVhost]{ + OutputState: i.ToSecretBackendRoleVhostArrayOutputWithContext(ctx).OutputState, + } +} + type SecretBackendRoleVhostOutput struct{ *pulumi.OutputState } func (SecretBackendRoleVhostOutput) ElementType() reflect.Type { @@ -86,6 +102,12 @@ func (o SecretBackendRoleVhostOutput) ToSecretBackendRoleVhostOutputWithContext( return o } +func (o SecretBackendRoleVhostOutput) ToOutput(ctx context.Context) pulumix.Output[SecretBackendRoleVhost] { + return pulumix.Output[SecretBackendRoleVhost]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendRoleVhostOutput) Configure() pulumi.StringOutput { return o.ApplyT(func(v SecretBackendRoleVhost) string { return v.Configure }).(pulumi.StringOutput) } @@ -116,6 +138,12 @@ func (o SecretBackendRoleVhostArrayOutput) ToSecretBackendRoleVhostArrayOutputWi return o } +func (o SecretBackendRoleVhostArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]SecretBackendRoleVhost] { + return pulumix.Output[[]SecretBackendRoleVhost]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendRoleVhostArrayOutput) Index(i pulumi.IntInput) SecretBackendRoleVhostOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) SecretBackendRoleVhost { return vs[0].([]SecretBackendRoleVhost)[vs[1].(int)] @@ -157,6 +185,12 @@ func (i SecretBackendRoleVhostTopicArgs) ToSecretBackendRoleVhostTopicOutputWith return pulumi.ToOutputWithContext(ctx, i).(SecretBackendRoleVhostTopicOutput) } +func (i SecretBackendRoleVhostTopicArgs) ToOutput(ctx context.Context) pulumix.Output[SecretBackendRoleVhostTopic] { + return pulumix.Output[SecretBackendRoleVhostTopic]{ + OutputState: i.ToSecretBackendRoleVhostTopicOutputWithContext(ctx).OutputState, + } +} + // SecretBackendRoleVhostTopicArrayInput is an input type that accepts SecretBackendRoleVhostTopicArray and SecretBackendRoleVhostTopicArrayOutput values. // You can construct a concrete instance of `SecretBackendRoleVhostTopicArrayInput` via: // @@ -182,6 +216,12 @@ func (i SecretBackendRoleVhostTopicArray) ToSecretBackendRoleVhostTopicArrayOutp return pulumi.ToOutputWithContext(ctx, i).(SecretBackendRoleVhostTopicArrayOutput) } +func (i SecretBackendRoleVhostTopicArray) ToOutput(ctx context.Context) pulumix.Output[[]SecretBackendRoleVhostTopic] { + return pulumix.Output[[]SecretBackendRoleVhostTopic]{ + OutputState: i.ToSecretBackendRoleVhostTopicArrayOutputWithContext(ctx).OutputState, + } +} + type SecretBackendRoleVhostTopicOutput struct{ *pulumi.OutputState } func (SecretBackendRoleVhostTopicOutput) ElementType() reflect.Type { @@ -196,6 +236,12 @@ func (o SecretBackendRoleVhostTopicOutput) ToSecretBackendRoleVhostTopicOutputWi return o } +func (o SecretBackendRoleVhostTopicOutput) ToOutput(ctx context.Context) pulumix.Output[SecretBackendRoleVhostTopic] { + return pulumix.Output[SecretBackendRoleVhostTopic]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendRoleVhostTopicOutput) Host() pulumi.StringOutput { return o.ApplyT(func(v SecretBackendRoleVhostTopic) string { return v.Host }).(pulumi.StringOutput) } @@ -219,6 +265,12 @@ func (o SecretBackendRoleVhostTopicArrayOutput) ToSecretBackendRoleVhostTopicArr return o } +func (o SecretBackendRoleVhostTopicArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]SecretBackendRoleVhostTopic] { + return pulumix.Output[[]SecretBackendRoleVhostTopic]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendRoleVhostTopicArrayOutput) Index(i pulumi.IntInput) SecretBackendRoleVhostTopicOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) SecretBackendRoleVhostTopic { return vs[0].([]SecretBackendRoleVhostTopic)[vs[1].(int)] @@ -260,6 +312,12 @@ func (i SecretBackendRoleVhostTopicVhostArgs) ToSecretBackendRoleVhostTopicVhost return pulumi.ToOutputWithContext(ctx, i).(SecretBackendRoleVhostTopicVhostOutput) } +func (i SecretBackendRoleVhostTopicVhostArgs) ToOutput(ctx context.Context) pulumix.Output[SecretBackendRoleVhostTopicVhost] { + return pulumix.Output[SecretBackendRoleVhostTopicVhost]{ + OutputState: i.ToSecretBackendRoleVhostTopicVhostOutputWithContext(ctx).OutputState, + } +} + // SecretBackendRoleVhostTopicVhostArrayInput is an input type that accepts SecretBackendRoleVhostTopicVhostArray and SecretBackendRoleVhostTopicVhostArrayOutput values. // You can construct a concrete instance of `SecretBackendRoleVhostTopicVhostArrayInput` via: // @@ -285,6 +343,12 @@ func (i SecretBackendRoleVhostTopicVhostArray) ToSecretBackendRoleVhostTopicVhos return pulumi.ToOutputWithContext(ctx, i).(SecretBackendRoleVhostTopicVhostArrayOutput) } +func (i SecretBackendRoleVhostTopicVhostArray) ToOutput(ctx context.Context) pulumix.Output[[]SecretBackendRoleVhostTopicVhost] { + return pulumix.Output[[]SecretBackendRoleVhostTopicVhost]{ + OutputState: i.ToSecretBackendRoleVhostTopicVhostArrayOutputWithContext(ctx).OutputState, + } +} + type SecretBackendRoleVhostTopicVhostOutput struct{ *pulumi.OutputState } func (SecretBackendRoleVhostTopicVhostOutput) ElementType() reflect.Type { @@ -299,6 +363,12 @@ func (o SecretBackendRoleVhostTopicVhostOutput) ToSecretBackendRoleVhostTopicVho return o } +func (o SecretBackendRoleVhostTopicVhostOutput) ToOutput(ctx context.Context) pulumix.Output[SecretBackendRoleVhostTopicVhost] { + return pulumix.Output[SecretBackendRoleVhostTopicVhost]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendRoleVhostTopicVhostOutput) Read() pulumi.StringOutput { return o.ApplyT(func(v SecretBackendRoleVhostTopicVhost) string { return v.Read }).(pulumi.StringOutput) } @@ -325,6 +395,12 @@ func (o SecretBackendRoleVhostTopicVhostArrayOutput) ToSecretBackendRoleVhostTop return o } +func (o SecretBackendRoleVhostTopicVhostArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]SecretBackendRoleVhostTopicVhost] { + return pulumix.Output[[]SecretBackendRoleVhostTopicVhost]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendRoleVhostTopicVhostArrayOutput) Index(i pulumi.IntInput) SecretBackendRoleVhostTopicVhostOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) SecretBackendRoleVhostTopicVhost { return vs[0].([]SecretBackendRoleVhostTopicVhost)[vs[1].(int)] diff --git a/sdk/go/vault/rabbitmq/secretBackend.go b/sdk/go/vault/rabbitmq/secretBackend.go index 11977d22f..f2801c387 100644 --- a/sdk/go/vault/rabbitmq/secretBackend.go +++ b/sdk/go/vault/rabbitmq/secretBackend.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -102,16 +104,17 @@ func NewSecretBackend(ctx *pulumi.Context, return nil, errors.New("invalid value for required argument 'Username'") } if args.Password != nil { - args.Password = pulumi.ToSecret(args.Password).(pulumi.StringOutput) + args.Password = pulumi.ToSecret(args.Password).(pulumi.StringInput) } if args.Username != nil { - args.Username = pulumi.ToSecret(args.Username).(pulumi.StringOutput) + args.Username = pulumi.ToSecret(args.Username).(pulumi.StringInput) } secrets := pulumi.AdditionalSecretOutputs([]string{ "password", "username", }) opts = append(opts, secrets) + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretBackend err := ctx.RegisterResource("vault:rabbitMq/secretBackend:SecretBackend", name, args, &resource, opts...) if err != nil { @@ -301,6 +304,12 @@ func (i *SecretBackend) ToSecretBackendOutputWithContext(ctx context.Context) Se return pulumi.ToOutputWithContext(ctx, i).(SecretBackendOutput) } +func (i *SecretBackend) ToOutput(ctx context.Context) pulumix.Output[*SecretBackend] { + return pulumix.Output[*SecretBackend]{ + OutputState: i.ToSecretBackendOutputWithContext(ctx).OutputState, + } +} + // SecretBackendArrayInput is an input type that accepts SecretBackendArray and SecretBackendArrayOutput values. // You can construct a concrete instance of `SecretBackendArrayInput` via: // @@ -326,6 +335,12 @@ func (i SecretBackendArray) ToSecretBackendArrayOutputWithContext(ctx context.Co return pulumi.ToOutputWithContext(ctx, i).(SecretBackendArrayOutput) } +func (i SecretBackendArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackend] { + return pulumix.Output[[]*SecretBackend]{ + OutputState: i.ToSecretBackendArrayOutputWithContext(ctx).OutputState, + } +} + // SecretBackendMapInput is an input type that accepts SecretBackendMap and SecretBackendMapOutput values. // You can construct a concrete instance of `SecretBackendMapInput` via: // @@ -351,6 +366,12 @@ func (i SecretBackendMap) ToSecretBackendMapOutputWithContext(ctx context.Contex return pulumi.ToOutputWithContext(ctx, i).(SecretBackendMapOutput) } +func (i SecretBackendMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackend] { + return pulumix.Output[map[string]*SecretBackend]{ + OutputState: i.ToSecretBackendMapOutputWithContext(ctx).OutputState, + } +} + type SecretBackendOutput struct{ *pulumi.OutputState } func (SecretBackendOutput) ElementType() reflect.Type { @@ -365,6 +386,12 @@ func (o SecretBackendOutput) ToSecretBackendOutputWithContext(ctx context.Contex return o } +func (o SecretBackendOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackend] { + return pulumix.Output[*SecretBackend]{ + OutputState: o.OutputState, + } +} + // Specifies the RabbitMQ connection URI. func (o SecretBackendOutput) ConnectionUri() pulumi.StringOutput { return o.ApplyT(func(v *SecretBackend) pulumi.StringOutput { return v.ConnectionUri }).(pulumi.StringOutput) @@ -447,6 +474,12 @@ func (o SecretBackendArrayOutput) ToSecretBackendArrayOutputWithContext(ctx cont return o } +func (o SecretBackendArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackend] { + return pulumix.Output[[]*SecretBackend]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendArrayOutput) Index(i pulumi.IntInput) SecretBackendOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretBackend { return vs[0].([]*SecretBackend)[vs[1].(int)] @@ -467,6 +500,12 @@ func (o SecretBackendMapOutput) ToSecretBackendMapOutputWithContext(ctx context. return o } +func (o SecretBackendMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackend] { + return pulumix.Output[map[string]*SecretBackend]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendMapOutput) MapIndex(k pulumi.StringInput) SecretBackendOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretBackend { return vs[0].(map[string]*SecretBackend)[vs[1].(string)] diff --git a/sdk/go/vault/rabbitmq/secretBackendRole.go b/sdk/go/vault/rabbitmq/secretBackendRole.go index 16d291ed0..93a4c7112 100644 --- a/sdk/go/vault/rabbitmq/secretBackendRole.go +++ b/sdk/go/vault/rabbitmq/secretBackendRole.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -107,6 +109,7 @@ func NewSecretBackendRole(ctx *pulumi.Context, if args.Backend == nil { return nil, errors.New("invalid value for required argument 'Backend'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretBackendRole err := ctx.RegisterResource("vault:rabbitMq/secretBackendRole:SecretBackendRole", name, args, &resource, opts...) if err != nil { @@ -236,6 +239,12 @@ func (i *SecretBackendRole) ToSecretBackendRoleOutputWithContext(ctx context.Con return pulumi.ToOutputWithContext(ctx, i).(SecretBackendRoleOutput) } +func (i *SecretBackendRole) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendRole] { + return pulumix.Output[*SecretBackendRole]{ + OutputState: i.ToSecretBackendRoleOutputWithContext(ctx).OutputState, + } +} + // SecretBackendRoleArrayInput is an input type that accepts SecretBackendRoleArray and SecretBackendRoleArrayOutput values. // You can construct a concrete instance of `SecretBackendRoleArrayInput` via: // @@ -261,6 +270,12 @@ func (i SecretBackendRoleArray) ToSecretBackendRoleArrayOutputWithContext(ctx co return pulumi.ToOutputWithContext(ctx, i).(SecretBackendRoleArrayOutput) } +func (i SecretBackendRoleArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendRole] { + return pulumix.Output[[]*SecretBackendRole]{ + OutputState: i.ToSecretBackendRoleArrayOutputWithContext(ctx).OutputState, + } +} + // SecretBackendRoleMapInput is an input type that accepts SecretBackendRoleMap and SecretBackendRoleMapOutput values. // You can construct a concrete instance of `SecretBackendRoleMapInput` via: // @@ -286,6 +301,12 @@ func (i SecretBackendRoleMap) ToSecretBackendRoleMapOutputWithContext(ctx contex return pulumi.ToOutputWithContext(ctx, i).(SecretBackendRoleMapOutput) } +func (i SecretBackendRoleMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendRole] { + return pulumix.Output[map[string]*SecretBackendRole]{ + OutputState: i.ToSecretBackendRoleMapOutputWithContext(ctx).OutputState, + } +} + type SecretBackendRoleOutput struct{ *pulumi.OutputState } func (SecretBackendRoleOutput) ElementType() reflect.Type { @@ -300,6 +321,12 @@ func (o SecretBackendRoleOutput) ToSecretBackendRoleOutputWithContext(ctx contex return o } +func (o SecretBackendRoleOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendRole] { + return pulumix.Output[*SecretBackendRole]{ + OutputState: o.OutputState, + } +} + // The path the RabbitMQ secret backend is mounted at, // with no leading or trailing `/`s. func (o SecretBackendRoleOutput) Backend() pulumi.StringOutput { @@ -349,6 +376,12 @@ func (o SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutputWithContext( return o } +func (o SecretBackendRoleArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendRole] { + return pulumix.Output[[]*SecretBackendRole]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendRoleArrayOutput) Index(i pulumi.IntInput) SecretBackendRoleOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretBackendRole { return vs[0].([]*SecretBackendRole)[vs[1].(int)] @@ -369,6 +402,12 @@ func (o SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutputWithContext(ctx return o } +func (o SecretBackendRoleMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendRole] { + return pulumix.Output[map[string]*SecretBackendRole]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendRoleMapOutput) MapIndex(k pulumi.StringInput) SecretBackendRoleOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretBackendRole { return vs[0].(map[string]*SecretBackendRole)[vs[1].(string)] diff --git a/sdk/go/vault/raftAutopilot.go b/sdk/go/vault/raftAutopilot.go index e1457f81e..74f80488a 100644 --- a/sdk/go/vault/raftAutopilot.go +++ b/sdk/go/vault/raftAutopilot.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Autopilot enables automated workflows for managing Raft clusters. The @@ -94,6 +96,7 @@ func NewRaftAutopilot(ctx *pulumi.Context, args = &RaftAutopilotArgs{} } + opts = internal.PkgResourceDefaultOpts(opts) var resource RaftAutopilot err := ctx.RegisterResource("vault:index/raftAutopilot:RaftAutopilot", name, args, &resource, opts...) if err != nil { @@ -263,6 +266,12 @@ func (i *RaftAutopilot) ToRaftAutopilotOutputWithContext(ctx context.Context) Ra return pulumi.ToOutputWithContext(ctx, i).(RaftAutopilotOutput) } +func (i *RaftAutopilot) ToOutput(ctx context.Context) pulumix.Output[*RaftAutopilot] { + return pulumix.Output[*RaftAutopilot]{ + OutputState: i.ToRaftAutopilotOutputWithContext(ctx).OutputState, + } +} + // RaftAutopilotArrayInput is an input type that accepts RaftAutopilotArray and RaftAutopilotArrayOutput values. // You can construct a concrete instance of `RaftAutopilotArrayInput` via: // @@ -288,6 +297,12 @@ func (i RaftAutopilotArray) ToRaftAutopilotArrayOutputWithContext(ctx context.Co return pulumi.ToOutputWithContext(ctx, i).(RaftAutopilotArrayOutput) } +func (i RaftAutopilotArray) ToOutput(ctx context.Context) pulumix.Output[[]*RaftAutopilot] { + return pulumix.Output[[]*RaftAutopilot]{ + OutputState: i.ToRaftAutopilotArrayOutputWithContext(ctx).OutputState, + } +} + // RaftAutopilotMapInput is an input type that accepts RaftAutopilotMap and RaftAutopilotMapOutput values. // You can construct a concrete instance of `RaftAutopilotMapInput` via: // @@ -313,6 +328,12 @@ func (i RaftAutopilotMap) ToRaftAutopilotMapOutputWithContext(ctx context.Contex return pulumi.ToOutputWithContext(ctx, i).(RaftAutopilotMapOutput) } +func (i RaftAutopilotMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*RaftAutopilot] { + return pulumix.Output[map[string]*RaftAutopilot]{ + OutputState: i.ToRaftAutopilotMapOutputWithContext(ctx).OutputState, + } +} + type RaftAutopilotOutput struct{ *pulumi.OutputState } func (RaftAutopilotOutput) ElementType() reflect.Type { @@ -327,6 +348,12 @@ func (o RaftAutopilotOutput) ToRaftAutopilotOutputWithContext(ctx context.Contex return o } +func (o RaftAutopilotOutput) ToOutput(ctx context.Context) pulumix.Output[*RaftAutopilot] { + return pulumix.Output[*RaftAutopilot]{ + OutputState: o.OutputState, + } +} + // Specifies whether to remove dead server nodes // periodically or when a new server joins. This requires that `min-quorum` is also set. func (o RaftAutopilotOutput) CleanupDeadServers() pulumi.BoolPtrOutput { @@ -392,6 +419,12 @@ func (o RaftAutopilotArrayOutput) ToRaftAutopilotArrayOutputWithContext(ctx cont return o } +func (o RaftAutopilotArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*RaftAutopilot] { + return pulumix.Output[[]*RaftAutopilot]{ + OutputState: o.OutputState, + } +} + func (o RaftAutopilotArrayOutput) Index(i pulumi.IntInput) RaftAutopilotOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *RaftAutopilot { return vs[0].([]*RaftAutopilot)[vs[1].(int)] @@ -412,6 +445,12 @@ func (o RaftAutopilotMapOutput) ToRaftAutopilotMapOutputWithContext(ctx context. return o } +func (o RaftAutopilotMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*RaftAutopilot] { + return pulumix.Output[map[string]*RaftAutopilot]{ + OutputState: o.OutputState, + } +} + func (o RaftAutopilotMapOutput) MapIndex(k pulumi.StringInput) RaftAutopilotOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *RaftAutopilot { return vs[0].(map[string]*RaftAutopilot)[vs[1].(string)] diff --git a/sdk/go/vault/raftSnapshotAgentConfig.go b/sdk/go/vault/raftSnapshotAgentConfig.go index 167090f21..d67c8e5c8 100644 --- a/sdk/go/vault/raftSnapshotAgentConfig.go +++ b/sdk/go/vault/raftSnapshotAgentConfig.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -68,7 +70,7 @@ import ( // PathPrefix: pulumi.String("/path/in/bucket"), // StorageType: pulumi.String("aws-s3"), // AwsS3Bucket: pulumi.String("my-bucket"), -// AwsS3Region: pulumi.String(current.Name), +// AwsS3Region: *pulumi.String(current.Name), // AwsAccessKeyId: pulumi.Any(awsAccessKeyId), // AwsSecretAccessKey: pulumi.Any(awsSecretAccessKey), // AwsS3EnableKms: pulumi.Bool(true), @@ -182,6 +184,20 @@ type RaftSnapshotAgentConfig struct { GoogleGcsBucket pulumi.StringPtrOutput `pulumi:"googleGcsBucket"` // Google service account key in JSON format. // The raw value looks like this: + // + // ```go + // package main + // + // import ( + // "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + // ) + // + // func main() { + // pulumi.Run(func(ctx *pulumi.Context) error { + // return nil + // }) + // } + // ``` GoogleServiceAccountKey pulumi.StringPtrOutput `pulumi:"googleServiceAccountKey"` // `` - Time (in seconds) between snapshots. IntervalSeconds pulumi.IntOutput `pulumi:"intervalSeconds"` @@ -227,6 +243,7 @@ func NewRaftSnapshotAgentConfig(ctx *pulumi.Context, if args.StorageType == nil { return nil, errors.New("invalid value for required argument 'StorageType'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource RaftSnapshotAgentConfig err := ctx.RegisterResource("vault:index/raftSnapshotAgentConfig:RaftSnapshotAgentConfig", name, args, &resource, opts...) if err != nil { @@ -302,6 +319,20 @@ type raftSnapshotAgentConfigState struct { GoogleGcsBucket *string `pulumi:"googleGcsBucket"` // Google service account key in JSON format. // The raw value looks like this: + // + // ```go + // package main + // + // import ( + // "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + // ) + // + // func main() { + // pulumi.Run(func(ctx *pulumi.Context) error { + // return nil + // }) + // } + // ``` GoogleServiceAccountKey *string `pulumi:"googleServiceAccountKey"` // `` - Time (in seconds) between snapshots. IntervalSeconds *int `pulumi:"intervalSeconds"` @@ -385,6 +416,20 @@ type RaftSnapshotAgentConfigState struct { GoogleGcsBucket pulumi.StringPtrInput // Google service account key in JSON format. // The raw value looks like this: + // + // ```go + // package main + // + // import ( + // "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + // ) + // + // func main() { + // pulumi.Run(func(ctx *pulumi.Context) error { + // return nil + // }) + // } + // ``` GoogleServiceAccountKey pulumi.StringPtrInput // `` - Time (in seconds) between snapshots. IntervalSeconds pulumi.IntPtrInput @@ -472,6 +517,20 @@ type raftSnapshotAgentConfigArgs struct { GoogleGcsBucket *string `pulumi:"googleGcsBucket"` // Google service account key in JSON format. // The raw value looks like this: + // + // ```go + // package main + // + // import ( + // "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + // ) + // + // func main() { + // pulumi.Run(func(ctx *pulumi.Context) error { + // return nil + // }) + // } + // ``` GoogleServiceAccountKey *string `pulumi:"googleServiceAccountKey"` // `` - Time (in seconds) between snapshots. IntervalSeconds int `pulumi:"intervalSeconds"` @@ -556,6 +615,20 @@ type RaftSnapshotAgentConfigArgs struct { GoogleGcsBucket pulumi.StringPtrInput // Google service account key in JSON format. // The raw value looks like this: + // + // ```go + // package main + // + // import ( + // "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + // ) + // + // func main() { + // pulumi.Run(func(ctx *pulumi.Context) error { + // return nil + // }) + // } + // ``` GoogleServiceAccountKey pulumi.StringPtrInput // `` - Time (in seconds) between snapshots. IntervalSeconds pulumi.IntInput @@ -608,6 +681,12 @@ func (i *RaftSnapshotAgentConfig) ToRaftSnapshotAgentConfigOutputWithContext(ctx return pulumi.ToOutputWithContext(ctx, i).(RaftSnapshotAgentConfigOutput) } +func (i *RaftSnapshotAgentConfig) ToOutput(ctx context.Context) pulumix.Output[*RaftSnapshotAgentConfig] { + return pulumix.Output[*RaftSnapshotAgentConfig]{ + OutputState: i.ToRaftSnapshotAgentConfigOutputWithContext(ctx).OutputState, + } +} + // RaftSnapshotAgentConfigArrayInput is an input type that accepts RaftSnapshotAgentConfigArray and RaftSnapshotAgentConfigArrayOutput values. // You can construct a concrete instance of `RaftSnapshotAgentConfigArrayInput` via: // @@ -633,6 +712,12 @@ func (i RaftSnapshotAgentConfigArray) ToRaftSnapshotAgentConfigArrayOutputWithCo return pulumi.ToOutputWithContext(ctx, i).(RaftSnapshotAgentConfigArrayOutput) } +func (i RaftSnapshotAgentConfigArray) ToOutput(ctx context.Context) pulumix.Output[[]*RaftSnapshotAgentConfig] { + return pulumix.Output[[]*RaftSnapshotAgentConfig]{ + OutputState: i.ToRaftSnapshotAgentConfigArrayOutputWithContext(ctx).OutputState, + } +} + // RaftSnapshotAgentConfigMapInput is an input type that accepts RaftSnapshotAgentConfigMap and RaftSnapshotAgentConfigMapOutput values. // You can construct a concrete instance of `RaftSnapshotAgentConfigMapInput` via: // @@ -658,6 +743,12 @@ func (i RaftSnapshotAgentConfigMap) ToRaftSnapshotAgentConfigMapOutputWithContex return pulumi.ToOutputWithContext(ctx, i).(RaftSnapshotAgentConfigMapOutput) } +func (i RaftSnapshotAgentConfigMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*RaftSnapshotAgentConfig] { + return pulumix.Output[map[string]*RaftSnapshotAgentConfig]{ + OutputState: i.ToRaftSnapshotAgentConfigMapOutputWithContext(ctx).OutputState, + } +} + type RaftSnapshotAgentConfigOutput struct{ *pulumi.OutputState } func (RaftSnapshotAgentConfigOutput) ElementType() reflect.Type { @@ -672,6 +763,12 @@ func (o RaftSnapshotAgentConfigOutput) ToRaftSnapshotAgentConfigOutputWithContex return o } +func (o RaftSnapshotAgentConfigOutput) ToOutput(ctx context.Context) pulumix.Output[*RaftSnapshotAgentConfig] { + return pulumix.Output[*RaftSnapshotAgentConfig]{ + OutputState: o.OutputState, + } +} + // AWS access key ID. func (o RaftSnapshotAgentConfigOutput) AwsAccessKeyId() pulumi.StringPtrOutput { return o.ApplyT(func(v *RaftSnapshotAgentConfig) pulumi.StringPtrOutput { return v.AwsAccessKeyId }).(pulumi.StringPtrOutput) @@ -785,6 +882,23 @@ func (o RaftSnapshotAgentConfigOutput) GoogleGcsBucket() pulumi.StringPtrOutput // Google service account key in JSON format. // The raw value looks like this: +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// return nil +// }) +// } +// +// ``` func (o RaftSnapshotAgentConfigOutput) GoogleServiceAccountKey() pulumi.StringPtrOutput { return o.ApplyT(func(v *RaftSnapshotAgentConfig) pulumi.StringPtrOutput { return v.GoogleServiceAccountKey }).(pulumi.StringPtrOutput) } @@ -850,6 +964,12 @@ func (o RaftSnapshotAgentConfigArrayOutput) ToRaftSnapshotAgentConfigArrayOutput return o } +func (o RaftSnapshotAgentConfigArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*RaftSnapshotAgentConfig] { + return pulumix.Output[[]*RaftSnapshotAgentConfig]{ + OutputState: o.OutputState, + } +} + func (o RaftSnapshotAgentConfigArrayOutput) Index(i pulumi.IntInput) RaftSnapshotAgentConfigOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *RaftSnapshotAgentConfig { return vs[0].([]*RaftSnapshotAgentConfig)[vs[1].(int)] @@ -870,6 +990,12 @@ func (o RaftSnapshotAgentConfigMapOutput) ToRaftSnapshotAgentConfigMapOutputWith return o } +func (o RaftSnapshotAgentConfigMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*RaftSnapshotAgentConfig] { + return pulumix.Output[map[string]*RaftSnapshotAgentConfig]{ + OutputState: o.OutputState, + } +} + func (o RaftSnapshotAgentConfigMapOutput) MapIndex(k pulumi.StringInput) RaftSnapshotAgentConfigOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *RaftSnapshotAgentConfig { return vs[0].(map[string]*RaftSnapshotAgentConfig)[vs[1].(string)] diff --git a/sdk/go/vault/rgpPolicy.go b/sdk/go/vault/rgpPolicy.go index 2137878a3..d05519b8e 100644 --- a/sdk/go/vault/rgpPolicy.go +++ b/sdk/go/vault/rgpPolicy.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Provides a resource to manage Role Governing Policy (RGP) via [Sentinel](https://www.vaultproject.io/docs/enterprise/sentinel/index.html). @@ -70,6 +72,7 @@ func NewRgpPolicy(ctx *pulumi.Context, if args.Policy == nil { return nil, errors.New("invalid value for required argument 'Policy'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource RgpPolicy err := ctx.RegisterResource("vault:index/rgpPolicy:RgpPolicy", name, args, &resource, opts...) if err != nil { @@ -175,6 +178,12 @@ func (i *RgpPolicy) ToRgpPolicyOutputWithContext(ctx context.Context) RgpPolicyO return pulumi.ToOutputWithContext(ctx, i).(RgpPolicyOutput) } +func (i *RgpPolicy) ToOutput(ctx context.Context) pulumix.Output[*RgpPolicy] { + return pulumix.Output[*RgpPolicy]{ + OutputState: i.ToRgpPolicyOutputWithContext(ctx).OutputState, + } +} + // RgpPolicyArrayInput is an input type that accepts RgpPolicyArray and RgpPolicyArrayOutput values. // You can construct a concrete instance of `RgpPolicyArrayInput` via: // @@ -200,6 +209,12 @@ func (i RgpPolicyArray) ToRgpPolicyArrayOutputWithContext(ctx context.Context) R return pulumi.ToOutputWithContext(ctx, i).(RgpPolicyArrayOutput) } +func (i RgpPolicyArray) ToOutput(ctx context.Context) pulumix.Output[[]*RgpPolicy] { + return pulumix.Output[[]*RgpPolicy]{ + OutputState: i.ToRgpPolicyArrayOutputWithContext(ctx).OutputState, + } +} + // RgpPolicyMapInput is an input type that accepts RgpPolicyMap and RgpPolicyMapOutput values. // You can construct a concrete instance of `RgpPolicyMapInput` via: // @@ -225,6 +240,12 @@ func (i RgpPolicyMap) ToRgpPolicyMapOutputWithContext(ctx context.Context) RgpPo return pulumi.ToOutputWithContext(ctx, i).(RgpPolicyMapOutput) } +func (i RgpPolicyMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*RgpPolicy] { + return pulumix.Output[map[string]*RgpPolicy]{ + OutputState: i.ToRgpPolicyMapOutputWithContext(ctx).OutputState, + } +} + type RgpPolicyOutput struct{ *pulumi.OutputState } func (RgpPolicyOutput) ElementType() reflect.Type { @@ -239,6 +260,12 @@ func (o RgpPolicyOutput) ToRgpPolicyOutputWithContext(ctx context.Context) RgpPo return o } +func (o RgpPolicyOutput) ToOutput(ctx context.Context) pulumix.Output[*RgpPolicy] { + return pulumix.Output[*RgpPolicy]{ + OutputState: o.OutputState, + } +} + // Enforcement level of Sentinel policy. Can be either `advisory` or `soft-mandatory` or `hard-mandatory` func (o RgpPolicyOutput) EnforcementLevel() pulumi.StringOutput { return o.ApplyT(func(v *RgpPolicy) pulumi.StringOutput { return v.EnforcementLevel }).(pulumi.StringOutput) @@ -276,6 +303,12 @@ func (o RgpPolicyArrayOutput) ToRgpPolicyArrayOutputWithContext(ctx context.Cont return o } +func (o RgpPolicyArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*RgpPolicy] { + return pulumix.Output[[]*RgpPolicy]{ + OutputState: o.OutputState, + } +} + func (o RgpPolicyArrayOutput) Index(i pulumi.IntInput) RgpPolicyOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *RgpPolicy { return vs[0].([]*RgpPolicy)[vs[1].(int)] @@ -296,6 +329,12 @@ func (o RgpPolicyMapOutput) ToRgpPolicyMapOutputWithContext(ctx context.Context) return o } +func (o RgpPolicyMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*RgpPolicy] { + return pulumix.Output[map[string]*RgpPolicy]{ + OutputState: o.OutputState, + } +} + func (o RgpPolicyMapOutput) MapIndex(k pulumi.StringInput) RgpPolicyOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *RgpPolicy { return vs[0].(map[string]*RgpPolicy)[vs[1].(string)] diff --git a/sdk/go/vault/saml/authBackend.go b/sdk/go/vault/saml/authBackend.go new file mode 100644 index 000000000..a42dfb5f8 --- /dev/null +++ b/sdk/go/vault/saml/authBackend.go @@ -0,0 +1,519 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package saml + +import ( + "context" + "reflect" + + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" +) + +// Manages a SAML Auth mount in a Vault server. See the [Vault +// documentation](https://www.vaultproject.io/docs/auth/saml/) for more +// information. +// +// ## Example Usage +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/saml" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := saml.NewAuthBackend(ctx, "test", &saml.AuthBackendArgs{ +// AcsUrls: pulumi.StringArray{ +// pulumi.String("https://my.vault.primary/v1/auth/saml/callback"), +// }, +// DefaultRole: pulumi.String("admin"), +// EntityId: pulumi.String("https://my.vault/v1/auth/saml"), +// IdpMetadataUrl: pulumi.String("https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata"), +// Path: pulumi.String("saml"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## Import +// +// SAML authentication mounts can be imported using the `path`, e.g. +// +// ```sh +// +// $ pulumi import vault:saml/authBackend:AuthBackend example saml +// +// ``` +type AuthBackend struct { + pulumi.CustomResourceState + + // The well-formatted URLs of your Assertion Consumer Service (ACS) + // that should receive a response from the identity provider. + AcsUrls pulumi.StringArrayOutput `pulumi:"acsUrls"` + // The role to use if no role is provided during login. + DefaultRole pulumi.StringPtrOutput `pulumi:"defaultRole"` + // If set to `true`, opts out of mount migration on path updates. + // See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) + DisableRemount pulumi.BoolPtrOutput `pulumi:"disableRemount"` + // The entity ID of the SAML authentication service provider. + EntityId pulumi.StringOutput `pulumi:"entityId"` + // The PEM encoded certificate of the identity provider. Mutually exclusive + // with `idpMetadataUrl`. + IdpCert pulumi.StringPtrOutput `pulumi:"idpCert"` + // The entity ID of the identity provider. Mutually exclusive with + // `idpMetadataUrl`. + IdpEntityId pulumi.StringPtrOutput `pulumi:"idpEntityId"` + // The metadata URL of the identity provider. + IdpMetadataUrl pulumi.StringPtrOutput `pulumi:"idpMetadataUrl"` + // The SSO URL of the identity provider. Mutually exclusive with + // `idpMetadataUrl`. + IdpSsoUrl pulumi.StringPtrOutput `pulumi:"idpSsoUrl"` + // The namespace to provision the resource in. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace pulumi.StringPtrOutput `pulumi:"namespace"` + // Path where the auth backend will be mounted. Defaults to `auth/saml` + // if not specified. + Path pulumi.StringPtrOutput `pulumi:"path"` + // If set to `true`, logs additional, potentially sensitive + // information during the SAML exchange according to the current logging level. Not + // recommended for production. + VerboseLogging pulumi.BoolOutput `pulumi:"verboseLogging"` +} + +// NewAuthBackend registers a new resource with the given unique name, arguments, and options. +func NewAuthBackend(ctx *pulumi.Context, + name string, args *AuthBackendArgs, opts ...pulumi.ResourceOption) (*AuthBackend, error) { + if args == nil { + return nil, errors.New("missing one or more required arguments") + } + + if args.AcsUrls == nil { + return nil, errors.New("invalid value for required argument 'AcsUrls'") + } + if args.EntityId == nil { + return nil, errors.New("invalid value for required argument 'EntityId'") + } + opts = internal.PkgResourceDefaultOpts(opts) + var resource AuthBackend + err := ctx.RegisterResource("vault:saml/authBackend:AuthBackend", name, args, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// GetAuthBackend gets an existing AuthBackend resource's state with the given name, ID, and optional +// state properties that are used to uniquely qualify the lookup (nil if not required). +func GetAuthBackend(ctx *pulumi.Context, + name string, id pulumi.IDInput, state *AuthBackendState, opts ...pulumi.ResourceOption) (*AuthBackend, error) { + var resource AuthBackend + err := ctx.ReadResource("vault:saml/authBackend:AuthBackend", name, id, state, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// Input properties used for looking up and filtering AuthBackend resources. +type authBackendState struct { + // The well-formatted URLs of your Assertion Consumer Service (ACS) + // that should receive a response from the identity provider. + AcsUrls []string `pulumi:"acsUrls"` + // The role to use if no role is provided during login. + DefaultRole *string `pulumi:"defaultRole"` + // If set to `true`, opts out of mount migration on path updates. + // See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) + DisableRemount *bool `pulumi:"disableRemount"` + // The entity ID of the SAML authentication service provider. + EntityId *string `pulumi:"entityId"` + // The PEM encoded certificate of the identity provider. Mutually exclusive + // with `idpMetadataUrl`. + IdpCert *string `pulumi:"idpCert"` + // The entity ID of the identity provider. Mutually exclusive with + // `idpMetadataUrl`. + IdpEntityId *string `pulumi:"idpEntityId"` + // The metadata URL of the identity provider. + IdpMetadataUrl *string `pulumi:"idpMetadataUrl"` + // The SSO URL of the identity provider. Mutually exclusive with + // `idpMetadataUrl`. + IdpSsoUrl *string `pulumi:"idpSsoUrl"` + // The namespace to provision the resource in. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace *string `pulumi:"namespace"` + // Path where the auth backend will be mounted. Defaults to `auth/saml` + // if not specified. + Path *string `pulumi:"path"` + // If set to `true`, logs additional, potentially sensitive + // information during the SAML exchange according to the current logging level. Not + // recommended for production. + VerboseLogging *bool `pulumi:"verboseLogging"` +} + +type AuthBackendState struct { + // The well-formatted URLs of your Assertion Consumer Service (ACS) + // that should receive a response from the identity provider. + AcsUrls pulumi.StringArrayInput + // The role to use if no role is provided during login. + DefaultRole pulumi.StringPtrInput + // If set to `true`, opts out of mount migration on path updates. + // See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) + DisableRemount pulumi.BoolPtrInput + // The entity ID of the SAML authentication service provider. + EntityId pulumi.StringPtrInput + // The PEM encoded certificate of the identity provider. Mutually exclusive + // with `idpMetadataUrl`. + IdpCert pulumi.StringPtrInput + // The entity ID of the identity provider. Mutually exclusive with + // `idpMetadataUrl`. + IdpEntityId pulumi.StringPtrInput + // The metadata URL of the identity provider. + IdpMetadataUrl pulumi.StringPtrInput + // The SSO URL of the identity provider. Mutually exclusive with + // `idpMetadataUrl`. + IdpSsoUrl pulumi.StringPtrInput + // The namespace to provision the resource in. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace pulumi.StringPtrInput + // Path where the auth backend will be mounted. Defaults to `auth/saml` + // if not specified. + Path pulumi.StringPtrInput + // If set to `true`, logs additional, potentially sensitive + // information during the SAML exchange according to the current logging level. Not + // recommended for production. + VerboseLogging pulumi.BoolPtrInput +} + +func (AuthBackendState) ElementType() reflect.Type { + return reflect.TypeOf((*authBackendState)(nil)).Elem() +} + +type authBackendArgs struct { + // The well-formatted URLs of your Assertion Consumer Service (ACS) + // that should receive a response from the identity provider. + AcsUrls []string `pulumi:"acsUrls"` + // The role to use if no role is provided during login. + DefaultRole *string `pulumi:"defaultRole"` + // If set to `true`, opts out of mount migration on path updates. + // See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) + DisableRemount *bool `pulumi:"disableRemount"` + // The entity ID of the SAML authentication service provider. + EntityId string `pulumi:"entityId"` + // The PEM encoded certificate of the identity provider. Mutually exclusive + // with `idpMetadataUrl`. + IdpCert *string `pulumi:"idpCert"` + // The entity ID of the identity provider. Mutually exclusive with + // `idpMetadataUrl`. + IdpEntityId *string `pulumi:"idpEntityId"` + // The metadata URL of the identity provider. + IdpMetadataUrl *string `pulumi:"idpMetadataUrl"` + // The SSO URL of the identity provider. Mutually exclusive with + // `idpMetadataUrl`. + IdpSsoUrl *string `pulumi:"idpSsoUrl"` + // The namespace to provision the resource in. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace *string `pulumi:"namespace"` + // Path where the auth backend will be mounted. Defaults to `auth/saml` + // if not specified. + Path *string `pulumi:"path"` + // If set to `true`, logs additional, potentially sensitive + // information during the SAML exchange according to the current logging level. Not + // recommended for production. + VerboseLogging *bool `pulumi:"verboseLogging"` +} + +// The set of arguments for constructing a AuthBackend resource. +type AuthBackendArgs struct { + // The well-formatted URLs of your Assertion Consumer Service (ACS) + // that should receive a response from the identity provider. + AcsUrls pulumi.StringArrayInput + // The role to use if no role is provided during login. + DefaultRole pulumi.StringPtrInput + // If set to `true`, opts out of mount migration on path updates. + // See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) + DisableRemount pulumi.BoolPtrInput + // The entity ID of the SAML authentication service provider. + EntityId pulumi.StringInput + // The PEM encoded certificate of the identity provider. Mutually exclusive + // with `idpMetadataUrl`. + IdpCert pulumi.StringPtrInput + // The entity ID of the identity provider. Mutually exclusive with + // `idpMetadataUrl`. + IdpEntityId pulumi.StringPtrInput + // The metadata URL of the identity provider. + IdpMetadataUrl pulumi.StringPtrInput + // The SSO URL of the identity provider. Mutually exclusive with + // `idpMetadataUrl`. + IdpSsoUrl pulumi.StringPtrInput + // The namespace to provision the resource in. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace pulumi.StringPtrInput + // Path where the auth backend will be mounted. Defaults to `auth/saml` + // if not specified. + Path pulumi.StringPtrInput + // If set to `true`, logs additional, potentially sensitive + // information during the SAML exchange according to the current logging level. Not + // recommended for production. + VerboseLogging pulumi.BoolPtrInput +} + +func (AuthBackendArgs) ElementType() reflect.Type { + return reflect.TypeOf((*authBackendArgs)(nil)).Elem() +} + +type AuthBackendInput interface { + pulumi.Input + + ToAuthBackendOutput() AuthBackendOutput + ToAuthBackendOutputWithContext(ctx context.Context) AuthBackendOutput +} + +func (*AuthBackend) ElementType() reflect.Type { + return reflect.TypeOf((**AuthBackend)(nil)).Elem() +} + +func (i *AuthBackend) ToAuthBackendOutput() AuthBackendOutput { + return i.ToAuthBackendOutputWithContext(context.Background()) +} + +func (i *AuthBackend) ToAuthBackendOutputWithContext(ctx context.Context) AuthBackendOutput { + return pulumi.ToOutputWithContext(ctx, i).(AuthBackendOutput) +} + +func (i *AuthBackend) ToOutput(ctx context.Context) pulumix.Output[*AuthBackend] { + return pulumix.Output[*AuthBackend]{ + OutputState: i.ToAuthBackendOutputWithContext(ctx).OutputState, + } +} + +// AuthBackendArrayInput is an input type that accepts AuthBackendArray and AuthBackendArrayOutput values. +// You can construct a concrete instance of `AuthBackendArrayInput` via: +// +// AuthBackendArray{ AuthBackendArgs{...} } +type AuthBackendArrayInput interface { + pulumi.Input + + ToAuthBackendArrayOutput() AuthBackendArrayOutput + ToAuthBackendArrayOutputWithContext(context.Context) AuthBackendArrayOutput +} + +type AuthBackendArray []AuthBackendInput + +func (AuthBackendArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]*AuthBackend)(nil)).Elem() +} + +func (i AuthBackendArray) ToAuthBackendArrayOutput() AuthBackendArrayOutput { + return i.ToAuthBackendArrayOutputWithContext(context.Background()) +} + +func (i AuthBackendArray) ToAuthBackendArrayOutputWithContext(ctx context.Context) AuthBackendArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(AuthBackendArrayOutput) +} + +func (i AuthBackendArray) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackend] { + return pulumix.Output[[]*AuthBackend]{ + OutputState: i.ToAuthBackendArrayOutputWithContext(ctx).OutputState, + } +} + +// AuthBackendMapInput is an input type that accepts AuthBackendMap and AuthBackendMapOutput values. +// You can construct a concrete instance of `AuthBackendMapInput` via: +// +// AuthBackendMap{ "key": AuthBackendArgs{...} } +type AuthBackendMapInput interface { + pulumi.Input + + ToAuthBackendMapOutput() AuthBackendMapOutput + ToAuthBackendMapOutputWithContext(context.Context) AuthBackendMapOutput +} + +type AuthBackendMap map[string]AuthBackendInput + +func (AuthBackendMap) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*AuthBackend)(nil)).Elem() +} + +func (i AuthBackendMap) ToAuthBackendMapOutput() AuthBackendMapOutput { + return i.ToAuthBackendMapOutputWithContext(context.Background()) +} + +func (i AuthBackendMap) ToAuthBackendMapOutputWithContext(ctx context.Context) AuthBackendMapOutput { + return pulumi.ToOutputWithContext(ctx, i).(AuthBackendMapOutput) +} + +func (i AuthBackendMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackend] { + return pulumix.Output[map[string]*AuthBackend]{ + OutputState: i.ToAuthBackendMapOutputWithContext(ctx).OutputState, + } +} + +type AuthBackendOutput struct{ *pulumi.OutputState } + +func (AuthBackendOutput) ElementType() reflect.Type { + return reflect.TypeOf((**AuthBackend)(nil)).Elem() +} + +func (o AuthBackendOutput) ToAuthBackendOutput() AuthBackendOutput { + return o +} + +func (o AuthBackendOutput) ToAuthBackendOutputWithContext(ctx context.Context) AuthBackendOutput { + return o +} + +func (o AuthBackendOutput) ToOutput(ctx context.Context) pulumix.Output[*AuthBackend] { + return pulumix.Output[*AuthBackend]{ + OutputState: o.OutputState, + } +} + +// The well-formatted URLs of your Assertion Consumer Service (ACS) +// that should receive a response from the identity provider. +func (o AuthBackendOutput) AcsUrls() pulumi.StringArrayOutput { + return o.ApplyT(func(v *AuthBackend) pulumi.StringArrayOutput { return v.AcsUrls }).(pulumi.StringArrayOutput) +} + +// The role to use if no role is provided during login. +func (o AuthBackendOutput) DefaultRole() pulumi.StringPtrOutput { + return o.ApplyT(func(v *AuthBackend) pulumi.StringPtrOutput { return v.DefaultRole }).(pulumi.StringPtrOutput) +} + +// If set to `true`, opts out of mount migration on path updates. +// See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) +func (o AuthBackendOutput) DisableRemount() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *AuthBackend) pulumi.BoolPtrOutput { return v.DisableRemount }).(pulumi.BoolPtrOutput) +} + +// The entity ID of the SAML authentication service provider. +func (o AuthBackendOutput) EntityId() pulumi.StringOutput { + return o.ApplyT(func(v *AuthBackend) pulumi.StringOutput { return v.EntityId }).(pulumi.StringOutput) +} + +// The PEM encoded certificate of the identity provider. Mutually exclusive +// with `idpMetadataUrl`. +func (o AuthBackendOutput) IdpCert() pulumi.StringPtrOutput { + return o.ApplyT(func(v *AuthBackend) pulumi.StringPtrOutput { return v.IdpCert }).(pulumi.StringPtrOutput) +} + +// The entity ID of the identity provider. Mutually exclusive with +// `idpMetadataUrl`. +func (o AuthBackendOutput) IdpEntityId() pulumi.StringPtrOutput { + return o.ApplyT(func(v *AuthBackend) pulumi.StringPtrOutput { return v.IdpEntityId }).(pulumi.StringPtrOutput) +} + +// The metadata URL of the identity provider. +func (o AuthBackendOutput) IdpMetadataUrl() pulumi.StringPtrOutput { + return o.ApplyT(func(v *AuthBackend) pulumi.StringPtrOutput { return v.IdpMetadataUrl }).(pulumi.StringPtrOutput) +} + +// The SSO URL of the identity provider. Mutually exclusive with +// `idpMetadataUrl`. +func (o AuthBackendOutput) IdpSsoUrl() pulumi.StringPtrOutput { + return o.ApplyT(func(v *AuthBackend) pulumi.StringPtrOutput { return v.IdpSsoUrl }).(pulumi.StringPtrOutput) +} + +// The namespace to provision the resource in. +// The value should not contain leading or trailing forward slashes. +// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). +// *Available only for Vault Enterprise*. +func (o AuthBackendOutput) Namespace() pulumi.StringPtrOutput { + return o.ApplyT(func(v *AuthBackend) pulumi.StringPtrOutput { return v.Namespace }).(pulumi.StringPtrOutput) +} + +// Path where the auth backend will be mounted. Defaults to `auth/saml` +// if not specified. +func (o AuthBackendOutput) Path() pulumi.StringPtrOutput { + return o.ApplyT(func(v *AuthBackend) pulumi.StringPtrOutput { return v.Path }).(pulumi.StringPtrOutput) +} + +// If set to `true`, logs additional, potentially sensitive +// information during the SAML exchange according to the current logging level. Not +// recommended for production. +func (o AuthBackendOutput) VerboseLogging() pulumi.BoolOutput { + return o.ApplyT(func(v *AuthBackend) pulumi.BoolOutput { return v.VerboseLogging }).(pulumi.BoolOutput) +} + +type AuthBackendArrayOutput struct{ *pulumi.OutputState } + +func (AuthBackendArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]*AuthBackend)(nil)).Elem() +} + +func (o AuthBackendArrayOutput) ToAuthBackendArrayOutput() AuthBackendArrayOutput { + return o +} + +func (o AuthBackendArrayOutput) ToAuthBackendArrayOutputWithContext(ctx context.Context) AuthBackendArrayOutput { + return o +} + +func (o AuthBackendArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackend] { + return pulumix.Output[[]*AuthBackend]{ + OutputState: o.OutputState, + } +} + +func (o AuthBackendArrayOutput) Index(i pulumi.IntInput) AuthBackendOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AuthBackend { + return vs[0].([]*AuthBackend)[vs[1].(int)] + }).(AuthBackendOutput) +} + +type AuthBackendMapOutput struct{ *pulumi.OutputState } + +func (AuthBackendMapOutput) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*AuthBackend)(nil)).Elem() +} + +func (o AuthBackendMapOutput) ToAuthBackendMapOutput() AuthBackendMapOutput { + return o +} + +func (o AuthBackendMapOutput) ToAuthBackendMapOutputWithContext(ctx context.Context) AuthBackendMapOutput { + return o +} + +func (o AuthBackendMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackend] { + return pulumix.Output[map[string]*AuthBackend]{ + OutputState: o.OutputState, + } +} + +func (o AuthBackendMapOutput) MapIndex(k pulumi.StringInput) AuthBackendOutput { + return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AuthBackend { + return vs[0].(map[string]*AuthBackend)[vs[1].(string)] + }).(AuthBackendOutput) +} + +func init() { + pulumi.RegisterInputType(reflect.TypeOf((*AuthBackendInput)(nil)).Elem(), &AuthBackend{}) + pulumi.RegisterInputType(reflect.TypeOf((*AuthBackendArrayInput)(nil)).Elem(), AuthBackendArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*AuthBackendMapInput)(nil)).Elem(), AuthBackendMap{}) + pulumi.RegisterOutputType(AuthBackendOutput{}) + pulumi.RegisterOutputType(AuthBackendArrayOutput{}) + pulumi.RegisterOutputType(AuthBackendMapOutput{}) +} diff --git a/sdk/go/vault/saml/authBackendRole.go b/sdk/go/vault/saml/authBackendRole.go new file mode 100644 index 000000000..660524f30 --- /dev/null +++ b/sdk/go/vault/saml/authBackendRole.go @@ -0,0 +1,695 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package saml + +import ( + "context" + "reflect" + + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" +) + +// Manages an SAML auth backend role in a Vault server. See the [Vault +// documentation](https://www.vaultproject.io/docs/auth/saml.html) for more +// information. +// +// ## Example Usage +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/saml" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// exampleAuthBackend, err := saml.NewAuthBackend(ctx, "exampleAuthBackend", &saml.AuthBackendArgs{ +// Path: pulumi.String("saml"), +// IdpMetadataUrl: pulumi.String("https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata"), +// EntityId: pulumi.String("https://my.vault/v1/auth/saml"), +// AcsUrls: pulumi.StringArray{ +// pulumi.String("https://my.vault.primary/v1/auth/saml/callback"), +// }, +// DefaultRole: pulumi.String("default-role"), +// }) +// if err != nil { +// return err +// } +// _, err = saml.NewAuthBackendRole(ctx, "exampleAuthBackendRole", &saml.AuthBackendRoleArgs{ +// Path: exampleAuthBackend.Path, +// GroupsAttribute: pulumi.String("groups"), +// BoundAttributes: pulumi.Map{ +// "group": pulumi.Any("admin"), +// }, +// BoundSubjects: pulumi.StringArray{ +// pulumi.String("*example.com"), +// }, +// TokenPolicies: pulumi.StringArray{ +// pulumi.String("writer"), +// }, +// TokenTtl: pulumi.Int(86400), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## Import +// +// SAML authentication backend roles can be imported using the `path`, e.g. +// +// ```sh +// +// $ pulumi import vault:saml/authBackendRole:AuthBackendRole example auth/saml/role/my-role +// +// ``` +type AuthBackendRole struct { + pulumi.CustomResourceState + + // Mapping of attribute names to values that are expected to + // exist in the SAML assertion. + BoundAttributes pulumi.MapOutput `pulumi:"boundAttributes"` + // The type of matching assertion to perform on + // `boundAttributesType`. + BoundAttributesType pulumi.StringOutput `pulumi:"boundAttributesType"` + // List of subjects being asserted for SAML authentication. + BoundSubjects pulumi.StringArrayOutput `pulumi:"boundSubjects"` + // The type of matching assertion to perform on `boundSubjects`. + BoundSubjectsType pulumi.StringOutput `pulumi:"boundSubjectsType"` + // The attribute to use to identify the set of groups to which the + // user belongs. + GroupsAttribute pulumi.StringPtrOutput `pulumi:"groupsAttribute"` + // Unique name of the role. + Name pulumi.StringOutput `pulumi:"name"` + // The namespace to provision the resource in. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace pulumi.StringPtrOutput `pulumi:"namespace"` + // Path where the auth backend is mounted. + Path pulumi.StringOutput `pulumi:"path"` + // List of CIDR blocks; if set, specifies blocks of IP + // addresses which can authenticate successfully, and ties the resulting token to these blocks + // as well. + TokenBoundCidrs pulumi.StringArrayOutput `pulumi:"tokenBoundCidrs"` + // If set, will encode an + // [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) + // onto the token in number of seconds. This is a hard cap even if `tokenTtl` and + // `tokenMaxTtl` would otherwise allow a renewal. + TokenExplicitMaxTtl pulumi.IntPtrOutput `pulumi:"tokenExplicitMaxTtl"` + // The maximum lifetime for generated tokens in number of seconds. + // Its current value will be referenced at renewal time. + TokenMaxTtl pulumi.IntPtrOutput `pulumi:"tokenMaxTtl"` + // If set, the default policy will not be set on + // generated tokens; otherwise it will be added to the policies set in token_policies. + TokenNoDefaultPolicy pulumi.BoolPtrOutput `pulumi:"tokenNoDefaultPolicy"` + // The [maximum number](https://developer.hashicorp.com/vault/api-docs/auth/saml#token_num_uses) + // of times a generated token may be used (within its lifetime); 0 means unlimited. + TokenNumUses pulumi.IntPtrOutput `pulumi:"tokenNumUses"` + // If set, indicates that the + // token generated using this role should never expire. The token should be renewed within the + // duration specified by this value. At each renewal, the token's TTL will be set to the + // value of this field. Specified in seconds. + TokenPeriod pulumi.IntPtrOutput `pulumi:"tokenPeriod"` + // List of policies to encode onto generated tokens. Depending + // on the auth method, this list may be supplemented by user/group/other values. + TokenPolicies pulumi.StringArrayOutput `pulumi:"tokenPolicies"` + // The incremental lifetime for generated tokens in number of seconds. + // Its current value will be referenced at renewal time. + TokenTtl pulumi.IntPtrOutput `pulumi:"tokenTtl"` + // The type of token that should be generated. Can be `service`, + // `batch`, or `default` to use the mount's tuned default (which unless changed will be + // `service` tokens). For token store roles, there are two additional possibilities: + // `default-service` and `default-batch` which specify the type to return unless the client + // requests a different type at generation time. + TokenType pulumi.StringPtrOutput `pulumi:"tokenType"` +} + +// NewAuthBackendRole registers a new resource with the given unique name, arguments, and options. +func NewAuthBackendRole(ctx *pulumi.Context, + name string, args *AuthBackendRoleArgs, opts ...pulumi.ResourceOption) (*AuthBackendRole, error) { + if args == nil { + return nil, errors.New("missing one or more required arguments") + } + + if args.Path == nil { + return nil, errors.New("invalid value for required argument 'Path'") + } + opts = internal.PkgResourceDefaultOpts(opts) + var resource AuthBackendRole + err := ctx.RegisterResource("vault:saml/authBackendRole:AuthBackendRole", name, args, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// GetAuthBackendRole gets an existing AuthBackendRole resource's state with the given name, ID, and optional +// state properties that are used to uniquely qualify the lookup (nil if not required). +func GetAuthBackendRole(ctx *pulumi.Context, + name string, id pulumi.IDInput, state *AuthBackendRoleState, opts ...pulumi.ResourceOption) (*AuthBackendRole, error) { + var resource AuthBackendRole + err := ctx.ReadResource("vault:saml/authBackendRole:AuthBackendRole", name, id, state, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// Input properties used for looking up and filtering AuthBackendRole resources. +type authBackendRoleState struct { + // Mapping of attribute names to values that are expected to + // exist in the SAML assertion. + BoundAttributes map[string]interface{} `pulumi:"boundAttributes"` + // The type of matching assertion to perform on + // `boundAttributesType`. + BoundAttributesType *string `pulumi:"boundAttributesType"` + // List of subjects being asserted for SAML authentication. + BoundSubjects []string `pulumi:"boundSubjects"` + // The type of matching assertion to perform on `boundSubjects`. + BoundSubjectsType *string `pulumi:"boundSubjectsType"` + // The attribute to use to identify the set of groups to which the + // user belongs. + GroupsAttribute *string `pulumi:"groupsAttribute"` + // Unique name of the role. + Name *string `pulumi:"name"` + // The namespace to provision the resource in. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace *string `pulumi:"namespace"` + // Path where the auth backend is mounted. + Path *string `pulumi:"path"` + // List of CIDR blocks; if set, specifies blocks of IP + // addresses which can authenticate successfully, and ties the resulting token to these blocks + // as well. + TokenBoundCidrs []string `pulumi:"tokenBoundCidrs"` + // If set, will encode an + // [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) + // onto the token in number of seconds. This is a hard cap even if `tokenTtl` and + // `tokenMaxTtl` would otherwise allow a renewal. + TokenExplicitMaxTtl *int `pulumi:"tokenExplicitMaxTtl"` + // The maximum lifetime for generated tokens in number of seconds. + // Its current value will be referenced at renewal time. + TokenMaxTtl *int `pulumi:"tokenMaxTtl"` + // If set, the default policy will not be set on + // generated tokens; otherwise it will be added to the policies set in token_policies. + TokenNoDefaultPolicy *bool `pulumi:"tokenNoDefaultPolicy"` + // The [maximum number](https://developer.hashicorp.com/vault/api-docs/auth/saml#token_num_uses) + // of times a generated token may be used (within its lifetime); 0 means unlimited. + TokenNumUses *int `pulumi:"tokenNumUses"` + // If set, indicates that the + // token generated using this role should never expire. The token should be renewed within the + // duration specified by this value. At each renewal, the token's TTL will be set to the + // value of this field. Specified in seconds. + TokenPeriod *int `pulumi:"tokenPeriod"` + // List of policies to encode onto generated tokens. Depending + // on the auth method, this list may be supplemented by user/group/other values. + TokenPolicies []string `pulumi:"tokenPolicies"` + // The incremental lifetime for generated tokens in number of seconds. + // Its current value will be referenced at renewal time. + TokenTtl *int `pulumi:"tokenTtl"` + // The type of token that should be generated. Can be `service`, + // `batch`, or `default` to use the mount's tuned default (which unless changed will be + // `service` tokens). For token store roles, there are two additional possibilities: + // `default-service` and `default-batch` which specify the type to return unless the client + // requests a different type at generation time. + TokenType *string `pulumi:"tokenType"` +} + +type AuthBackendRoleState struct { + // Mapping of attribute names to values that are expected to + // exist in the SAML assertion. + BoundAttributes pulumi.MapInput + // The type of matching assertion to perform on + // `boundAttributesType`. + BoundAttributesType pulumi.StringPtrInput + // List of subjects being asserted for SAML authentication. + BoundSubjects pulumi.StringArrayInput + // The type of matching assertion to perform on `boundSubjects`. + BoundSubjectsType pulumi.StringPtrInput + // The attribute to use to identify the set of groups to which the + // user belongs. + GroupsAttribute pulumi.StringPtrInput + // Unique name of the role. + Name pulumi.StringPtrInput + // The namespace to provision the resource in. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace pulumi.StringPtrInput + // Path where the auth backend is mounted. + Path pulumi.StringPtrInput + // List of CIDR blocks; if set, specifies blocks of IP + // addresses which can authenticate successfully, and ties the resulting token to these blocks + // as well. + TokenBoundCidrs pulumi.StringArrayInput + // If set, will encode an + // [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) + // onto the token in number of seconds. This is a hard cap even if `tokenTtl` and + // `tokenMaxTtl` would otherwise allow a renewal. + TokenExplicitMaxTtl pulumi.IntPtrInput + // The maximum lifetime for generated tokens in number of seconds. + // Its current value will be referenced at renewal time. + TokenMaxTtl pulumi.IntPtrInput + // If set, the default policy will not be set on + // generated tokens; otherwise it will be added to the policies set in token_policies. + TokenNoDefaultPolicy pulumi.BoolPtrInput + // The [maximum number](https://developer.hashicorp.com/vault/api-docs/auth/saml#token_num_uses) + // of times a generated token may be used (within its lifetime); 0 means unlimited. + TokenNumUses pulumi.IntPtrInput + // If set, indicates that the + // token generated using this role should never expire. The token should be renewed within the + // duration specified by this value. At each renewal, the token's TTL will be set to the + // value of this field. Specified in seconds. + TokenPeriod pulumi.IntPtrInput + // List of policies to encode onto generated tokens. Depending + // on the auth method, this list may be supplemented by user/group/other values. + TokenPolicies pulumi.StringArrayInput + // The incremental lifetime for generated tokens in number of seconds. + // Its current value will be referenced at renewal time. + TokenTtl pulumi.IntPtrInput + // The type of token that should be generated. Can be `service`, + // `batch`, or `default` to use the mount's tuned default (which unless changed will be + // `service` tokens). For token store roles, there are two additional possibilities: + // `default-service` and `default-batch` which specify the type to return unless the client + // requests a different type at generation time. + TokenType pulumi.StringPtrInput +} + +func (AuthBackendRoleState) ElementType() reflect.Type { + return reflect.TypeOf((*authBackendRoleState)(nil)).Elem() +} + +type authBackendRoleArgs struct { + // Mapping of attribute names to values that are expected to + // exist in the SAML assertion. + BoundAttributes map[string]interface{} `pulumi:"boundAttributes"` + // The type of matching assertion to perform on + // `boundAttributesType`. + BoundAttributesType *string `pulumi:"boundAttributesType"` + // List of subjects being asserted for SAML authentication. + BoundSubjects []string `pulumi:"boundSubjects"` + // The type of matching assertion to perform on `boundSubjects`. + BoundSubjectsType *string `pulumi:"boundSubjectsType"` + // The attribute to use to identify the set of groups to which the + // user belongs. + GroupsAttribute *string `pulumi:"groupsAttribute"` + // Unique name of the role. + Name *string `pulumi:"name"` + // The namespace to provision the resource in. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace *string `pulumi:"namespace"` + // Path where the auth backend is mounted. + Path string `pulumi:"path"` + // List of CIDR blocks; if set, specifies blocks of IP + // addresses which can authenticate successfully, and ties the resulting token to these blocks + // as well. + TokenBoundCidrs []string `pulumi:"tokenBoundCidrs"` + // If set, will encode an + // [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) + // onto the token in number of seconds. This is a hard cap even if `tokenTtl` and + // `tokenMaxTtl` would otherwise allow a renewal. + TokenExplicitMaxTtl *int `pulumi:"tokenExplicitMaxTtl"` + // The maximum lifetime for generated tokens in number of seconds. + // Its current value will be referenced at renewal time. + TokenMaxTtl *int `pulumi:"tokenMaxTtl"` + // If set, the default policy will not be set on + // generated tokens; otherwise it will be added to the policies set in token_policies. + TokenNoDefaultPolicy *bool `pulumi:"tokenNoDefaultPolicy"` + // The [maximum number](https://developer.hashicorp.com/vault/api-docs/auth/saml#token_num_uses) + // of times a generated token may be used (within its lifetime); 0 means unlimited. + TokenNumUses *int `pulumi:"tokenNumUses"` + // If set, indicates that the + // token generated using this role should never expire. The token should be renewed within the + // duration specified by this value. At each renewal, the token's TTL will be set to the + // value of this field. Specified in seconds. + TokenPeriod *int `pulumi:"tokenPeriod"` + // List of policies to encode onto generated tokens. Depending + // on the auth method, this list may be supplemented by user/group/other values. + TokenPolicies []string `pulumi:"tokenPolicies"` + // The incremental lifetime for generated tokens in number of seconds. + // Its current value will be referenced at renewal time. + TokenTtl *int `pulumi:"tokenTtl"` + // The type of token that should be generated. Can be `service`, + // `batch`, or `default` to use the mount's tuned default (which unless changed will be + // `service` tokens). For token store roles, there are two additional possibilities: + // `default-service` and `default-batch` which specify the type to return unless the client + // requests a different type at generation time. + TokenType *string `pulumi:"tokenType"` +} + +// The set of arguments for constructing a AuthBackendRole resource. +type AuthBackendRoleArgs struct { + // Mapping of attribute names to values that are expected to + // exist in the SAML assertion. + BoundAttributes pulumi.MapInput + // The type of matching assertion to perform on + // `boundAttributesType`. + BoundAttributesType pulumi.StringPtrInput + // List of subjects being asserted for SAML authentication. + BoundSubjects pulumi.StringArrayInput + // The type of matching assertion to perform on `boundSubjects`. + BoundSubjectsType pulumi.StringPtrInput + // The attribute to use to identify the set of groups to which the + // user belongs. + GroupsAttribute pulumi.StringPtrInput + // Unique name of the role. + Name pulumi.StringPtrInput + // The namespace to provision the resource in. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace pulumi.StringPtrInput + // Path where the auth backend is mounted. + Path pulumi.StringInput + // List of CIDR blocks; if set, specifies blocks of IP + // addresses which can authenticate successfully, and ties the resulting token to these blocks + // as well. + TokenBoundCidrs pulumi.StringArrayInput + // If set, will encode an + // [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) + // onto the token in number of seconds. This is a hard cap even if `tokenTtl` and + // `tokenMaxTtl` would otherwise allow a renewal. + TokenExplicitMaxTtl pulumi.IntPtrInput + // The maximum lifetime for generated tokens in number of seconds. + // Its current value will be referenced at renewal time. + TokenMaxTtl pulumi.IntPtrInput + // If set, the default policy will not be set on + // generated tokens; otherwise it will be added to the policies set in token_policies. + TokenNoDefaultPolicy pulumi.BoolPtrInput + // The [maximum number](https://developer.hashicorp.com/vault/api-docs/auth/saml#token_num_uses) + // of times a generated token may be used (within its lifetime); 0 means unlimited. + TokenNumUses pulumi.IntPtrInput + // If set, indicates that the + // token generated using this role should never expire. The token should be renewed within the + // duration specified by this value. At each renewal, the token's TTL will be set to the + // value of this field. Specified in seconds. + TokenPeriod pulumi.IntPtrInput + // List of policies to encode onto generated tokens. Depending + // on the auth method, this list may be supplemented by user/group/other values. + TokenPolicies pulumi.StringArrayInput + // The incremental lifetime for generated tokens in number of seconds. + // Its current value will be referenced at renewal time. + TokenTtl pulumi.IntPtrInput + // The type of token that should be generated. Can be `service`, + // `batch`, or `default` to use the mount's tuned default (which unless changed will be + // `service` tokens). For token store roles, there are two additional possibilities: + // `default-service` and `default-batch` which specify the type to return unless the client + // requests a different type at generation time. + TokenType pulumi.StringPtrInput +} + +func (AuthBackendRoleArgs) ElementType() reflect.Type { + return reflect.TypeOf((*authBackendRoleArgs)(nil)).Elem() +} + +type AuthBackendRoleInput interface { + pulumi.Input + + ToAuthBackendRoleOutput() AuthBackendRoleOutput + ToAuthBackendRoleOutputWithContext(ctx context.Context) AuthBackendRoleOutput +} + +func (*AuthBackendRole) ElementType() reflect.Type { + return reflect.TypeOf((**AuthBackendRole)(nil)).Elem() +} + +func (i *AuthBackendRole) ToAuthBackendRoleOutput() AuthBackendRoleOutput { + return i.ToAuthBackendRoleOutputWithContext(context.Background()) +} + +func (i *AuthBackendRole) ToAuthBackendRoleOutputWithContext(ctx context.Context) AuthBackendRoleOutput { + return pulumi.ToOutputWithContext(ctx, i).(AuthBackendRoleOutput) +} + +func (i *AuthBackendRole) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendRole] { + return pulumix.Output[*AuthBackendRole]{ + OutputState: i.ToAuthBackendRoleOutputWithContext(ctx).OutputState, + } +} + +// AuthBackendRoleArrayInput is an input type that accepts AuthBackendRoleArray and AuthBackendRoleArrayOutput values. +// You can construct a concrete instance of `AuthBackendRoleArrayInput` via: +// +// AuthBackendRoleArray{ AuthBackendRoleArgs{...} } +type AuthBackendRoleArrayInput interface { + pulumi.Input + + ToAuthBackendRoleArrayOutput() AuthBackendRoleArrayOutput + ToAuthBackendRoleArrayOutputWithContext(context.Context) AuthBackendRoleArrayOutput +} + +type AuthBackendRoleArray []AuthBackendRoleInput + +func (AuthBackendRoleArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]*AuthBackendRole)(nil)).Elem() +} + +func (i AuthBackendRoleArray) ToAuthBackendRoleArrayOutput() AuthBackendRoleArrayOutput { + return i.ToAuthBackendRoleArrayOutputWithContext(context.Background()) +} + +func (i AuthBackendRoleArray) ToAuthBackendRoleArrayOutputWithContext(ctx context.Context) AuthBackendRoleArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(AuthBackendRoleArrayOutput) +} + +func (i AuthBackendRoleArray) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendRole] { + return pulumix.Output[[]*AuthBackendRole]{ + OutputState: i.ToAuthBackendRoleArrayOutputWithContext(ctx).OutputState, + } +} + +// AuthBackendRoleMapInput is an input type that accepts AuthBackendRoleMap and AuthBackendRoleMapOutput values. +// You can construct a concrete instance of `AuthBackendRoleMapInput` via: +// +// AuthBackendRoleMap{ "key": AuthBackendRoleArgs{...} } +type AuthBackendRoleMapInput interface { + pulumi.Input + + ToAuthBackendRoleMapOutput() AuthBackendRoleMapOutput + ToAuthBackendRoleMapOutputWithContext(context.Context) AuthBackendRoleMapOutput +} + +type AuthBackendRoleMap map[string]AuthBackendRoleInput + +func (AuthBackendRoleMap) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*AuthBackendRole)(nil)).Elem() +} + +func (i AuthBackendRoleMap) ToAuthBackendRoleMapOutput() AuthBackendRoleMapOutput { + return i.ToAuthBackendRoleMapOutputWithContext(context.Background()) +} + +func (i AuthBackendRoleMap) ToAuthBackendRoleMapOutputWithContext(ctx context.Context) AuthBackendRoleMapOutput { + return pulumi.ToOutputWithContext(ctx, i).(AuthBackendRoleMapOutput) +} + +func (i AuthBackendRoleMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendRole] { + return pulumix.Output[map[string]*AuthBackendRole]{ + OutputState: i.ToAuthBackendRoleMapOutputWithContext(ctx).OutputState, + } +} + +type AuthBackendRoleOutput struct{ *pulumi.OutputState } + +func (AuthBackendRoleOutput) ElementType() reflect.Type { + return reflect.TypeOf((**AuthBackendRole)(nil)).Elem() +} + +func (o AuthBackendRoleOutput) ToAuthBackendRoleOutput() AuthBackendRoleOutput { + return o +} + +func (o AuthBackendRoleOutput) ToAuthBackendRoleOutputWithContext(ctx context.Context) AuthBackendRoleOutput { + return o +} + +func (o AuthBackendRoleOutput) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendRole] { + return pulumix.Output[*AuthBackendRole]{ + OutputState: o.OutputState, + } +} + +// Mapping of attribute names to values that are expected to +// exist in the SAML assertion. +func (o AuthBackendRoleOutput) BoundAttributes() pulumi.MapOutput { + return o.ApplyT(func(v *AuthBackendRole) pulumi.MapOutput { return v.BoundAttributes }).(pulumi.MapOutput) +} + +// The type of matching assertion to perform on +// `boundAttributesType`. +func (o AuthBackendRoleOutput) BoundAttributesType() pulumi.StringOutput { + return o.ApplyT(func(v *AuthBackendRole) pulumi.StringOutput { return v.BoundAttributesType }).(pulumi.StringOutput) +} + +// List of subjects being asserted for SAML authentication. +func (o AuthBackendRoleOutput) BoundSubjects() pulumi.StringArrayOutput { + return o.ApplyT(func(v *AuthBackendRole) pulumi.StringArrayOutput { return v.BoundSubjects }).(pulumi.StringArrayOutput) +} + +// The type of matching assertion to perform on `boundSubjects`. +func (o AuthBackendRoleOutput) BoundSubjectsType() pulumi.StringOutput { + return o.ApplyT(func(v *AuthBackendRole) pulumi.StringOutput { return v.BoundSubjectsType }).(pulumi.StringOutput) +} + +// The attribute to use to identify the set of groups to which the +// user belongs. +func (o AuthBackendRoleOutput) GroupsAttribute() pulumi.StringPtrOutput { + return o.ApplyT(func(v *AuthBackendRole) pulumi.StringPtrOutput { return v.GroupsAttribute }).(pulumi.StringPtrOutput) +} + +// Unique name of the role. +func (o AuthBackendRoleOutput) Name() pulumi.StringOutput { + return o.ApplyT(func(v *AuthBackendRole) pulumi.StringOutput { return v.Name }).(pulumi.StringOutput) +} + +// The namespace to provision the resource in. +// The value should not contain leading or trailing forward slashes. +// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). +// *Available only for Vault Enterprise*. +func (o AuthBackendRoleOutput) Namespace() pulumi.StringPtrOutput { + return o.ApplyT(func(v *AuthBackendRole) pulumi.StringPtrOutput { return v.Namespace }).(pulumi.StringPtrOutput) +} + +// Path where the auth backend is mounted. +func (o AuthBackendRoleOutput) Path() pulumi.StringOutput { + return o.ApplyT(func(v *AuthBackendRole) pulumi.StringOutput { return v.Path }).(pulumi.StringOutput) +} + +// List of CIDR blocks; if set, specifies blocks of IP +// addresses which can authenticate successfully, and ties the resulting token to these blocks +// as well. +func (o AuthBackendRoleOutput) TokenBoundCidrs() pulumi.StringArrayOutput { + return o.ApplyT(func(v *AuthBackendRole) pulumi.StringArrayOutput { return v.TokenBoundCidrs }).(pulumi.StringArrayOutput) +} + +// If set, will encode an +// [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) +// onto the token in number of seconds. This is a hard cap even if `tokenTtl` and +// `tokenMaxTtl` would otherwise allow a renewal. +func (o AuthBackendRoleOutput) TokenExplicitMaxTtl() pulumi.IntPtrOutput { + return o.ApplyT(func(v *AuthBackendRole) pulumi.IntPtrOutput { return v.TokenExplicitMaxTtl }).(pulumi.IntPtrOutput) +} + +// The maximum lifetime for generated tokens in number of seconds. +// Its current value will be referenced at renewal time. +func (o AuthBackendRoleOutput) TokenMaxTtl() pulumi.IntPtrOutput { + return o.ApplyT(func(v *AuthBackendRole) pulumi.IntPtrOutput { return v.TokenMaxTtl }).(pulumi.IntPtrOutput) +} + +// If set, the default policy will not be set on +// generated tokens; otherwise it will be added to the policies set in token_policies. +func (o AuthBackendRoleOutput) TokenNoDefaultPolicy() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *AuthBackendRole) pulumi.BoolPtrOutput { return v.TokenNoDefaultPolicy }).(pulumi.BoolPtrOutput) +} + +// The [maximum number](https://developer.hashicorp.com/vault/api-docs/auth/saml#token_num_uses) +// of times a generated token may be used (within its lifetime); 0 means unlimited. +func (o AuthBackendRoleOutput) TokenNumUses() pulumi.IntPtrOutput { + return o.ApplyT(func(v *AuthBackendRole) pulumi.IntPtrOutput { return v.TokenNumUses }).(pulumi.IntPtrOutput) +} + +// If set, indicates that the +// token generated using this role should never expire. The token should be renewed within the +// duration specified by this value. At each renewal, the token's TTL will be set to the +// value of this field. Specified in seconds. +func (o AuthBackendRoleOutput) TokenPeriod() pulumi.IntPtrOutput { + return o.ApplyT(func(v *AuthBackendRole) pulumi.IntPtrOutput { return v.TokenPeriod }).(pulumi.IntPtrOutput) +} + +// List of policies to encode onto generated tokens. Depending +// on the auth method, this list may be supplemented by user/group/other values. +func (o AuthBackendRoleOutput) TokenPolicies() pulumi.StringArrayOutput { + return o.ApplyT(func(v *AuthBackendRole) pulumi.StringArrayOutput { return v.TokenPolicies }).(pulumi.StringArrayOutput) +} + +// The incremental lifetime for generated tokens in number of seconds. +// Its current value will be referenced at renewal time. +func (o AuthBackendRoleOutput) TokenTtl() pulumi.IntPtrOutput { + return o.ApplyT(func(v *AuthBackendRole) pulumi.IntPtrOutput { return v.TokenTtl }).(pulumi.IntPtrOutput) +} + +// The type of token that should be generated. Can be `service`, +// `batch`, or `default` to use the mount's tuned default (which unless changed will be +// `service` tokens). For token store roles, there are two additional possibilities: +// `default-service` and `default-batch` which specify the type to return unless the client +// requests a different type at generation time. +func (o AuthBackendRoleOutput) TokenType() pulumi.StringPtrOutput { + return o.ApplyT(func(v *AuthBackendRole) pulumi.StringPtrOutput { return v.TokenType }).(pulumi.StringPtrOutput) +} + +type AuthBackendRoleArrayOutput struct{ *pulumi.OutputState } + +func (AuthBackendRoleArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]*AuthBackendRole)(nil)).Elem() +} + +func (o AuthBackendRoleArrayOutput) ToAuthBackendRoleArrayOutput() AuthBackendRoleArrayOutput { + return o +} + +func (o AuthBackendRoleArrayOutput) ToAuthBackendRoleArrayOutputWithContext(ctx context.Context) AuthBackendRoleArrayOutput { + return o +} + +func (o AuthBackendRoleArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendRole] { + return pulumix.Output[[]*AuthBackendRole]{ + OutputState: o.OutputState, + } +} + +func (o AuthBackendRoleArrayOutput) Index(i pulumi.IntInput) AuthBackendRoleOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AuthBackendRole { + return vs[0].([]*AuthBackendRole)[vs[1].(int)] + }).(AuthBackendRoleOutput) +} + +type AuthBackendRoleMapOutput struct{ *pulumi.OutputState } + +func (AuthBackendRoleMapOutput) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*AuthBackendRole)(nil)).Elem() +} + +func (o AuthBackendRoleMapOutput) ToAuthBackendRoleMapOutput() AuthBackendRoleMapOutput { + return o +} + +func (o AuthBackendRoleMapOutput) ToAuthBackendRoleMapOutputWithContext(ctx context.Context) AuthBackendRoleMapOutput { + return o +} + +func (o AuthBackendRoleMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendRole] { + return pulumix.Output[map[string]*AuthBackendRole]{ + OutputState: o.OutputState, + } +} + +func (o AuthBackendRoleMapOutput) MapIndex(k pulumi.StringInput) AuthBackendRoleOutput { + return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AuthBackendRole { + return vs[0].(map[string]*AuthBackendRole)[vs[1].(string)] + }).(AuthBackendRoleOutput) +} + +func init() { + pulumi.RegisterInputType(reflect.TypeOf((*AuthBackendRoleInput)(nil)).Elem(), &AuthBackendRole{}) + pulumi.RegisterInputType(reflect.TypeOf((*AuthBackendRoleArrayInput)(nil)).Elem(), AuthBackendRoleArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*AuthBackendRoleMapInput)(nil)).Elem(), AuthBackendRoleMap{}) + pulumi.RegisterOutputType(AuthBackendRoleOutput{}) + pulumi.RegisterOutputType(AuthBackendRoleArrayOutput{}) + pulumi.RegisterOutputType(AuthBackendRoleMapOutput{}) +} diff --git a/sdk/go/vault/saml/init.go b/sdk/go/vault/saml/init.go new file mode 100644 index 000000000..0ee92e8cd --- /dev/null +++ b/sdk/go/vault/saml/init.go @@ -0,0 +1,51 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package saml + +import ( + "fmt" + + "github.com/blang/semver" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +type module struct { + version semver.Version +} + +func (m *module) Version() semver.Version { + return m.version +} + +func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi.Resource, err error) { + switch typ { + case "vault:saml/authBackend:AuthBackend": + r = &AuthBackend{} + case "vault:saml/authBackendRole:AuthBackendRole": + r = &AuthBackendRole{} + default: + return nil, fmt.Errorf("unknown resource type: %s", typ) + } + + err = ctx.RegisterResource(typ, name, nil, r, pulumi.URN_(urn)) + return +} + +func init() { + version, err := internal.PkgVersion() + if err != nil { + version = semver.Version{Major: 1} + } + pulumi.RegisterResourceModule( + "vault", + "saml/authBackend", + &module{version}, + ) + pulumi.RegisterResourceModule( + "vault", + "saml/authBackendRole", + &module{version}, + ) +} diff --git a/sdk/go/vault/ssh/init.go b/sdk/go/vault/ssh/init.go index fcbfae8b6..5500fbb7c 100644 --- a/sdk/go/vault/ssh/init.go +++ b/sdk/go/vault/ssh/init.go @@ -7,7 +7,7 @@ import ( "fmt" "github.com/blang/semver" - "github.com/pulumi/pulumi-vault/sdk/v5/go/vault" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) @@ -34,7 +34,7 @@ func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi } func init() { - version, err := vault.PkgVersion() + version, err := internal.PkgVersion() if err != nil { version = semver.Version{Major: 1} } diff --git a/sdk/go/vault/ssh/pulumiTypes.go b/sdk/go/vault/ssh/pulumiTypes.go index 9a417b450..5f0e75002 100644 --- a/sdk/go/vault/ssh/pulumiTypes.go +++ b/sdk/go/vault/ssh/pulumiTypes.go @@ -7,14 +7,34 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) +var _ = internal.GetEnvOrDefault + type SecretBackendRoleAllowedUserKeyConfig struct { // A list of allowed key lengths as integers. // For key types that do not support setting the length a value of `[0]` should be used. // Setting multiple lengths is only supported on Vault 1.10+. For prior releases `length` // must be set to a single element list. + // + // Example configuration blocks that might be included in the `ssh.SecretBackendRole` + // + // ```go + // package main + // + // import ( + // "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + // ) + // + // func main() { + // pulumi.Run(func(ctx *pulumi.Context) error { + // return nil + // }) + // } + // ``` Lengths []int `pulumi:"lengths"` // The SSH public key type.\ // *Supported key types are:* @@ -39,6 +59,22 @@ type SecretBackendRoleAllowedUserKeyConfigArgs struct { // For key types that do not support setting the length a value of `[0]` should be used. // Setting multiple lengths is only supported on Vault 1.10+. For prior releases `length` // must be set to a single element list. + // + // Example configuration blocks that might be included in the `ssh.SecretBackendRole` + // + // ```go + // package main + // + // import ( + // "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + // ) + // + // func main() { + // pulumi.Run(func(ctx *pulumi.Context) error { + // return nil + // }) + // } + // ``` Lengths pulumi.IntArrayInput `pulumi:"lengths"` // The SSH public key type.\ // *Supported key types are:* @@ -59,6 +95,12 @@ func (i SecretBackendRoleAllowedUserKeyConfigArgs) ToSecretBackendRoleAllowedUse return pulumi.ToOutputWithContext(ctx, i).(SecretBackendRoleAllowedUserKeyConfigOutput) } +func (i SecretBackendRoleAllowedUserKeyConfigArgs) ToOutput(ctx context.Context) pulumix.Output[SecretBackendRoleAllowedUserKeyConfig] { + return pulumix.Output[SecretBackendRoleAllowedUserKeyConfig]{ + OutputState: i.ToSecretBackendRoleAllowedUserKeyConfigOutputWithContext(ctx).OutputState, + } +} + // SecretBackendRoleAllowedUserKeyConfigArrayInput is an input type that accepts SecretBackendRoleAllowedUserKeyConfigArray and SecretBackendRoleAllowedUserKeyConfigArrayOutput values. // You can construct a concrete instance of `SecretBackendRoleAllowedUserKeyConfigArrayInput` via: // @@ -84,6 +126,12 @@ func (i SecretBackendRoleAllowedUserKeyConfigArray) ToSecretBackendRoleAllowedUs return pulumi.ToOutputWithContext(ctx, i).(SecretBackendRoleAllowedUserKeyConfigArrayOutput) } +func (i SecretBackendRoleAllowedUserKeyConfigArray) ToOutput(ctx context.Context) pulumix.Output[[]SecretBackendRoleAllowedUserKeyConfig] { + return pulumix.Output[[]SecretBackendRoleAllowedUserKeyConfig]{ + OutputState: i.ToSecretBackendRoleAllowedUserKeyConfigArrayOutputWithContext(ctx).OutputState, + } +} + type SecretBackendRoleAllowedUserKeyConfigOutput struct{ *pulumi.OutputState } func (SecretBackendRoleAllowedUserKeyConfigOutput) ElementType() reflect.Type { @@ -98,10 +146,35 @@ func (o SecretBackendRoleAllowedUserKeyConfigOutput) ToSecretBackendRoleAllowedU return o } +func (o SecretBackendRoleAllowedUserKeyConfigOutput) ToOutput(ctx context.Context) pulumix.Output[SecretBackendRoleAllowedUserKeyConfig] { + return pulumix.Output[SecretBackendRoleAllowedUserKeyConfig]{ + OutputState: o.OutputState, + } +} + // A list of allowed key lengths as integers. // For key types that do not support setting the length a value of `[0]` should be used. // Setting multiple lengths is only supported on Vault 1.10+. For prior releases `length` // must be set to a single element list. +// +// Example configuration blocks that might be included in the `ssh.SecretBackendRole` +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// return nil +// }) +// } +// +// ``` func (o SecretBackendRoleAllowedUserKeyConfigOutput) Lengths() pulumi.IntArrayOutput { return o.ApplyT(func(v SecretBackendRoleAllowedUserKeyConfig) []int { return v.Lengths }).(pulumi.IntArrayOutput) } @@ -128,6 +201,12 @@ func (o SecretBackendRoleAllowedUserKeyConfigArrayOutput) ToSecretBackendRoleAll return o } +func (o SecretBackendRoleAllowedUserKeyConfigArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]SecretBackendRoleAllowedUserKeyConfig] { + return pulumix.Output[[]SecretBackendRoleAllowedUserKeyConfig]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendRoleAllowedUserKeyConfigArrayOutput) Index(i pulumi.IntInput) SecretBackendRoleAllowedUserKeyConfigOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) SecretBackendRoleAllowedUserKeyConfig { return vs[0].([]SecretBackendRoleAllowedUserKeyConfig)[vs[1].(int)] diff --git a/sdk/go/vault/ssh/secretBackendCa.go b/sdk/go/vault/ssh/secretBackendCa.go index ba42ca4f4..6a5c9f95c 100644 --- a/sdk/go/vault/ssh/secretBackendCa.go +++ b/sdk/go/vault/ssh/secretBackendCa.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Provides a resource to manage CA information in an SSH secret backend @@ -67,7 +69,7 @@ type SecretBackendCa struct { // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrOutput `pulumi:"namespace"` - // The private key part the SSH CA key pair; required if generateSigningKey is false. + // Private key part the SSH CA key pair; required if generate_signing_key is false. PrivateKey pulumi.StringOutput `pulumi:"privateKey"` // The public key part the SSH CA key pair; required if generateSigningKey is false. PublicKey pulumi.StringOutput `pulumi:"publicKey"` @@ -81,12 +83,13 @@ func NewSecretBackendCa(ctx *pulumi.Context, } if args.PrivateKey != nil { - args.PrivateKey = pulumi.ToSecret(args.PrivateKey).(pulumi.StringPtrOutput) + args.PrivateKey = pulumi.ToSecret(args.PrivateKey).(pulumi.StringPtrInput) } secrets := pulumi.AdditionalSecretOutputs([]string{ "privateKey", }) opts = append(opts, secrets) + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretBackendCa err := ctx.RegisterResource("vault:ssh/secretBackendCa:SecretBackendCa", name, args, &resource, opts...) if err != nil { @@ -118,7 +121,7 @@ type secretBackendCaState struct { // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). // *Available only for Vault Enterprise*. Namespace *string `pulumi:"namespace"` - // The private key part the SSH CA key pair; required if generateSigningKey is false. + // Private key part the SSH CA key pair; required if generate_signing_key is false. PrivateKey *string `pulumi:"privateKey"` // The public key part the SSH CA key pair; required if generateSigningKey is false. PublicKey *string `pulumi:"publicKey"` @@ -134,7 +137,7 @@ type SecretBackendCaState struct { // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput - // The private key part the SSH CA key pair; required if generateSigningKey is false. + // Private key part the SSH CA key pair; required if generate_signing_key is false. PrivateKey pulumi.StringPtrInput // The public key part the SSH CA key pair; required if generateSigningKey is false. PublicKey pulumi.StringPtrInput @@ -154,7 +157,7 @@ type secretBackendCaArgs struct { // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). // *Available only for Vault Enterprise*. Namespace *string `pulumi:"namespace"` - // The private key part the SSH CA key pair; required if generateSigningKey is false. + // Private key part the SSH CA key pair; required if generate_signing_key is false. PrivateKey *string `pulumi:"privateKey"` // The public key part the SSH CA key pair; required if generateSigningKey is false. PublicKey *string `pulumi:"publicKey"` @@ -171,7 +174,7 @@ type SecretBackendCaArgs struct { // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). // *Available only for Vault Enterprise*. Namespace pulumi.StringPtrInput - // The private key part the SSH CA key pair; required if generateSigningKey is false. + // Private key part the SSH CA key pair; required if generate_signing_key is false. PrivateKey pulumi.StringPtrInput // The public key part the SSH CA key pair; required if generateSigningKey is false. PublicKey pulumi.StringPtrInput @@ -200,6 +203,12 @@ func (i *SecretBackendCa) ToSecretBackendCaOutputWithContext(ctx context.Context return pulumi.ToOutputWithContext(ctx, i).(SecretBackendCaOutput) } +func (i *SecretBackendCa) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendCa] { + return pulumix.Output[*SecretBackendCa]{ + OutputState: i.ToSecretBackendCaOutputWithContext(ctx).OutputState, + } +} + // SecretBackendCaArrayInput is an input type that accepts SecretBackendCaArray and SecretBackendCaArrayOutput values. // You can construct a concrete instance of `SecretBackendCaArrayInput` via: // @@ -225,6 +234,12 @@ func (i SecretBackendCaArray) ToSecretBackendCaArrayOutputWithContext(ctx contex return pulumi.ToOutputWithContext(ctx, i).(SecretBackendCaArrayOutput) } +func (i SecretBackendCaArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendCa] { + return pulumix.Output[[]*SecretBackendCa]{ + OutputState: i.ToSecretBackendCaArrayOutputWithContext(ctx).OutputState, + } +} + // SecretBackendCaMapInput is an input type that accepts SecretBackendCaMap and SecretBackendCaMapOutput values. // You can construct a concrete instance of `SecretBackendCaMapInput` via: // @@ -250,6 +265,12 @@ func (i SecretBackendCaMap) ToSecretBackendCaMapOutputWithContext(ctx context.Co return pulumi.ToOutputWithContext(ctx, i).(SecretBackendCaMapOutput) } +func (i SecretBackendCaMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendCa] { + return pulumix.Output[map[string]*SecretBackendCa]{ + OutputState: i.ToSecretBackendCaMapOutputWithContext(ctx).OutputState, + } +} + type SecretBackendCaOutput struct{ *pulumi.OutputState } func (SecretBackendCaOutput) ElementType() reflect.Type { @@ -264,6 +285,12 @@ func (o SecretBackendCaOutput) ToSecretBackendCaOutputWithContext(ctx context.Co return o } +func (o SecretBackendCaOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendCa] { + return pulumix.Output[*SecretBackendCa]{ + OutputState: o.OutputState, + } +} + // The path where the SSH secret backend is mounted. Defaults to 'ssh' func (o SecretBackendCaOutput) Backend() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendCa) pulumi.StringPtrOutput { return v.Backend }).(pulumi.StringPtrOutput) @@ -282,7 +309,7 @@ func (o SecretBackendCaOutput) Namespace() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackendCa) pulumi.StringPtrOutput { return v.Namespace }).(pulumi.StringPtrOutput) } -// The private key part the SSH CA key pair; required if generateSigningKey is false. +// Private key part the SSH CA key pair; required if generate_signing_key is false. func (o SecretBackendCaOutput) PrivateKey() pulumi.StringOutput { return o.ApplyT(func(v *SecretBackendCa) pulumi.StringOutput { return v.PrivateKey }).(pulumi.StringOutput) } @@ -306,6 +333,12 @@ func (o SecretBackendCaArrayOutput) ToSecretBackendCaArrayOutputWithContext(ctx return o } +func (o SecretBackendCaArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendCa] { + return pulumix.Output[[]*SecretBackendCa]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendCaArrayOutput) Index(i pulumi.IntInput) SecretBackendCaOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretBackendCa { return vs[0].([]*SecretBackendCa)[vs[1].(int)] @@ -326,6 +359,12 @@ func (o SecretBackendCaMapOutput) ToSecretBackendCaMapOutputWithContext(ctx cont return o } +func (o SecretBackendCaMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendCa] { + return pulumix.Output[map[string]*SecretBackendCa]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendCaMapOutput) MapIndex(k pulumi.StringInput) SecretBackendCaOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretBackendCa { return vs[0].(map[string]*SecretBackendCa)[vs[1].(string)] diff --git a/sdk/go/vault/ssh/secretBackendRole.go b/sdk/go/vault/ssh/secretBackendRole.go index 0b053f0a0..16b8ed698 100644 --- a/sdk/go/vault/ssh/secretBackendRole.go +++ b/sdk/go/vault/ssh/secretBackendRole.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Provides a resource to manage roles in an SSH secret backend @@ -151,6 +153,7 @@ func NewSecretBackendRole(ctx *pulumi.Context, if args.KeyType == nil { return nil, errors.New("invalid value for required argument 'KeyType'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretBackendRole err := ctx.RegisterResource("vault:ssh/secretBackendRole:SecretBackendRole", name, args, &resource, opts...) if err != nil { @@ -472,6 +475,12 @@ func (i *SecretBackendRole) ToSecretBackendRoleOutputWithContext(ctx context.Con return pulumi.ToOutputWithContext(ctx, i).(SecretBackendRoleOutput) } +func (i *SecretBackendRole) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendRole] { + return pulumix.Output[*SecretBackendRole]{ + OutputState: i.ToSecretBackendRoleOutputWithContext(ctx).OutputState, + } +} + // SecretBackendRoleArrayInput is an input type that accepts SecretBackendRoleArray and SecretBackendRoleArrayOutput values. // You can construct a concrete instance of `SecretBackendRoleArrayInput` via: // @@ -497,6 +506,12 @@ func (i SecretBackendRoleArray) ToSecretBackendRoleArrayOutputWithContext(ctx co return pulumi.ToOutputWithContext(ctx, i).(SecretBackendRoleArrayOutput) } +func (i SecretBackendRoleArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendRole] { + return pulumix.Output[[]*SecretBackendRole]{ + OutputState: i.ToSecretBackendRoleArrayOutputWithContext(ctx).OutputState, + } +} + // SecretBackendRoleMapInput is an input type that accepts SecretBackendRoleMap and SecretBackendRoleMapOutput values. // You can construct a concrete instance of `SecretBackendRoleMapInput` via: // @@ -522,6 +537,12 @@ func (i SecretBackendRoleMap) ToSecretBackendRoleMapOutputWithContext(ctx contex return pulumi.ToOutputWithContext(ctx, i).(SecretBackendRoleMapOutput) } +func (i SecretBackendRoleMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendRole] { + return pulumix.Output[map[string]*SecretBackendRole]{ + OutputState: i.ToSecretBackendRoleMapOutputWithContext(ctx).OutputState, + } +} + type SecretBackendRoleOutput struct{ *pulumi.OutputState } func (SecretBackendRoleOutput) ElementType() reflect.Type { @@ -536,6 +557,12 @@ func (o SecretBackendRoleOutput) ToSecretBackendRoleOutputWithContext(ctx contex return o } +func (o SecretBackendRoleOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendRole] { + return pulumix.Output[*SecretBackendRole]{ + OutputState: o.OutputState, + } +} + // When supplied, this value specifies a signing algorithm for the key. Possible values: ssh-rsa, rsa-sha2-256, rsa-sha2-512. func (o SecretBackendRoleOutput) AlgorithmSigner() pulumi.StringOutput { return o.ApplyT(func(v *SecretBackendRole) pulumi.StringOutput { return v.AlgorithmSigner }).(pulumi.StringOutput) @@ -698,6 +725,12 @@ func (o SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutputWithContext( return o } +func (o SecretBackendRoleArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendRole] { + return pulumix.Output[[]*SecretBackendRole]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendRoleArrayOutput) Index(i pulumi.IntInput) SecretBackendRoleOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretBackendRole { return vs[0].([]*SecretBackendRole)[vs[1].(int)] @@ -718,6 +751,12 @@ func (o SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutputWithContext(ctx return o } +func (o SecretBackendRoleMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendRole] { + return pulumix.Output[map[string]*SecretBackendRole]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendRoleMapOutput) MapIndex(k pulumi.StringInput) SecretBackendRoleOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretBackendRole { return vs[0].(map[string]*SecretBackendRole)[vs[1].(string)] diff --git a/sdk/go/vault/terraformcloud/init.go b/sdk/go/vault/terraformcloud/init.go index 55b328d8f..b1bece212 100644 --- a/sdk/go/vault/terraformcloud/init.go +++ b/sdk/go/vault/terraformcloud/init.go @@ -7,7 +7,7 @@ import ( "fmt" "github.com/blang/semver" - "github.com/pulumi/pulumi-vault/sdk/v5/go/vault" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) @@ -36,7 +36,7 @@ func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi } func init() { - version, err := vault.PkgVersion() + version, err := internal.PkgVersion() if err != nil { version = semver.Version{Major: 1} } diff --git a/sdk/go/vault/terraformcloud/secretBackend.go b/sdk/go/vault/terraformcloud/secretBackend.go index 9061ba42b..b1452cdeb 100644 --- a/sdk/go/vault/terraformcloud/secretBackend.go +++ b/sdk/go/vault/terraformcloud/secretBackend.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -83,12 +85,13 @@ func NewSecretBackend(ctx *pulumi.Context, } if args.Token != nil { - args.Token = pulumi.ToSecret(args.Token).(pulumi.StringPtrOutput) + args.Token = pulumi.ToSecret(args.Token).(pulumi.StringPtrInput) } secrets := pulumi.AdditionalSecretOutputs([]string{ "token", }) opts = append(opts, secrets) + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretBackend err := ctx.RegisterResource("vault:terraformcloud/secretBackend:SecretBackend", name, args, &resource, opts...) if err != nil { @@ -242,6 +245,12 @@ func (i *SecretBackend) ToSecretBackendOutputWithContext(ctx context.Context) Se return pulumi.ToOutputWithContext(ctx, i).(SecretBackendOutput) } +func (i *SecretBackend) ToOutput(ctx context.Context) pulumix.Output[*SecretBackend] { + return pulumix.Output[*SecretBackend]{ + OutputState: i.ToSecretBackendOutputWithContext(ctx).OutputState, + } +} + // SecretBackendArrayInput is an input type that accepts SecretBackendArray and SecretBackendArrayOutput values. // You can construct a concrete instance of `SecretBackendArrayInput` via: // @@ -267,6 +276,12 @@ func (i SecretBackendArray) ToSecretBackendArrayOutputWithContext(ctx context.Co return pulumi.ToOutputWithContext(ctx, i).(SecretBackendArrayOutput) } +func (i SecretBackendArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackend] { + return pulumix.Output[[]*SecretBackend]{ + OutputState: i.ToSecretBackendArrayOutputWithContext(ctx).OutputState, + } +} + // SecretBackendMapInput is an input type that accepts SecretBackendMap and SecretBackendMapOutput values. // You can construct a concrete instance of `SecretBackendMapInput` via: // @@ -292,6 +307,12 @@ func (i SecretBackendMap) ToSecretBackendMapOutputWithContext(ctx context.Contex return pulumi.ToOutputWithContext(ctx, i).(SecretBackendMapOutput) } +func (i SecretBackendMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackend] { + return pulumix.Output[map[string]*SecretBackend]{ + OutputState: i.ToSecretBackendMapOutputWithContext(ctx).OutputState, + } +} + type SecretBackendOutput struct{ *pulumi.OutputState } func (SecretBackendOutput) ElementType() reflect.Type { @@ -306,6 +327,12 @@ func (o SecretBackendOutput) ToSecretBackendOutputWithContext(ctx context.Contex return o } +func (o SecretBackendOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackend] { + return pulumix.Output[*SecretBackend]{ + OutputState: o.OutputState, + } +} + // Specifies the address of the Terraform Cloud instance, provided as "host:port" like "127.0.0.1:8500". func (o SecretBackendOutput) Address() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretBackend) pulumi.StringPtrOutput { return v.Address }).(pulumi.StringPtrOutput) @@ -370,6 +397,12 @@ func (o SecretBackendArrayOutput) ToSecretBackendArrayOutputWithContext(ctx cont return o } +func (o SecretBackendArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackend] { + return pulumix.Output[[]*SecretBackend]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendArrayOutput) Index(i pulumi.IntInput) SecretBackendOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretBackend { return vs[0].([]*SecretBackend)[vs[1].(int)] @@ -390,6 +423,12 @@ func (o SecretBackendMapOutput) ToSecretBackendMapOutputWithContext(ctx context. return o } +func (o SecretBackendMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackend] { + return pulumix.Output[map[string]*SecretBackend]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendMapOutput) MapIndex(k pulumi.StringInput) SecretBackendOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretBackend { return vs[0].(map[string]*SecretBackend)[vs[1].(string)] diff --git a/sdk/go/vault/terraformcloud/secretCreds.go b/sdk/go/vault/terraformcloud/secretCreds.go index 80d8c71cc..7d6c019db 100644 --- a/sdk/go/vault/terraformcloud/secretCreds.go +++ b/sdk/go/vault/terraformcloud/secretCreds.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -98,6 +100,7 @@ func NewSecretCreds(ctx *pulumi.Context, "token", }) opts = append(opts, secrets) + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretCreds err := ctx.RegisterResource("vault:terraformcloud/secretCreds:SecretCreds", name, args, &resource, opts...) if err != nil { @@ -221,6 +224,12 @@ func (i *SecretCreds) ToSecretCredsOutputWithContext(ctx context.Context) Secret return pulumi.ToOutputWithContext(ctx, i).(SecretCredsOutput) } +func (i *SecretCreds) ToOutput(ctx context.Context) pulumix.Output[*SecretCreds] { + return pulumix.Output[*SecretCreds]{ + OutputState: i.ToSecretCredsOutputWithContext(ctx).OutputState, + } +} + // SecretCredsArrayInput is an input type that accepts SecretCredsArray and SecretCredsArrayOutput values. // You can construct a concrete instance of `SecretCredsArrayInput` via: // @@ -246,6 +255,12 @@ func (i SecretCredsArray) ToSecretCredsArrayOutputWithContext(ctx context.Contex return pulumi.ToOutputWithContext(ctx, i).(SecretCredsArrayOutput) } +func (i SecretCredsArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretCreds] { + return pulumix.Output[[]*SecretCreds]{ + OutputState: i.ToSecretCredsArrayOutputWithContext(ctx).OutputState, + } +} + // SecretCredsMapInput is an input type that accepts SecretCredsMap and SecretCredsMapOutput values. // You can construct a concrete instance of `SecretCredsMapInput` via: // @@ -271,6 +286,12 @@ func (i SecretCredsMap) ToSecretCredsMapOutputWithContext(ctx context.Context) S return pulumi.ToOutputWithContext(ctx, i).(SecretCredsMapOutput) } +func (i SecretCredsMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretCreds] { + return pulumix.Output[map[string]*SecretCreds]{ + OutputState: i.ToSecretCredsMapOutputWithContext(ctx).OutputState, + } +} + type SecretCredsOutput struct{ *pulumi.OutputState } func (SecretCredsOutput) ElementType() reflect.Type { @@ -285,6 +306,12 @@ func (o SecretCredsOutput) ToSecretCredsOutputWithContext(ctx context.Context) S return o } +func (o SecretCredsOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretCreds] { + return pulumix.Output[*SecretCreds]{ + OutputState: o.OutputState, + } +} + // Terraform Cloud secret backend to generate tokens from func (o SecretCredsOutput) Backend() pulumi.StringOutput { return o.ApplyT(func(v *SecretCreds) pulumi.StringOutput { return v.Backend }).(pulumi.StringOutput) @@ -345,6 +372,12 @@ func (o SecretCredsArrayOutput) ToSecretCredsArrayOutputWithContext(ctx context. return o } +func (o SecretCredsArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretCreds] { + return pulumix.Output[[]*SecretCreds]{ + OutputState: o.OutputState, + } +} + func (o SecretCredsArrayOutput) Index(i pulumi.IntInput) SecretCredsOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretCreds { return vs[0].([]*SecretCreds)[vs[1].(int)] @@ -365,6 +398,12 @@ func (o SecretCredsMapOutput) ToSecretCredsMapOutputWithContext(ctx context.Cont return o } +func (o SecretCredsMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretCreds] { + return pulumix.Output[map[string]*SecretCreds]{ + OutputState: o.OutputState, + } +} + func (o SecretCredsMapOutput) MapIndex(k pulumi.StringInput) SecretCredsOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretCreds { return vs[0].(map[string]*SecretCreds)[vs[1].(string)] diff --git a/sdk/go/vault/terraformcloud/secretRole.go b/sdk/go/vault/terraformcloud/secretRole.go index 67e1bc54e..372b803fe 100644 --- a/sdk/go/vault/terraformcloud/secretRole.go +++ b/sdk/go/vault/terraformcloud/secretRole.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -86,6 +88,7 @@ func NewSecretRole(ctx *pulumi.Context, args = &SecretRoleArgs{} } + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretRole err := ctx.RegisterResource("vault:terraformcloud/secretRole:SecretRole", name, args, &resource, opts...) if err != nil { @@ -223,6 +226,12 @@ func (i *SecretRole) ToSecretRoleOutputWithContext(ctx context.Context) SecretRo return pulumi.ToOutputWithContext(ctx, i).(SecretRoleOutput) } +func (i *SecretRole) ToOutput(ctx context.Context) pulumix.Output[*SecretRole] { + return pulumix.Output[*SecretRole]{ + OutputState: i.ToSecretRoleOutputWithContext(ctx).OutputState, + } +} + // SecretRoleArrayInput is an input type that accepts SecretRoleArray and SecretRoleArrayOutput values. // You can construct a concrete instance of `SecretRoleArrayInput` via: // @@ -248,6 +257,12 @@ func (i SecretRoleArray) ToSecretRoleArrayOutputWithContext(ctx context.Context) return pulumi.ToOutputWithContext(ctx, i).(SecretRoleArrayOutput) } +func (i SecretRoleArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretRole] { + return pulumix.Output[[]*SecretRole]{ + OutputState: i.ToSecretRoleArrayOutputWithContext(ctx).OutputState, + } +} + // SecretRoleMapInput is an input type that accepts SecretRoleMap and SecretRoleMapOutput values. // You can construct a concrete instance of `SecretRoleMapInput` via: // @@ -273,6 +288,12 @@ func (i SecretRoleMap) ToSecretRoleMapOutputWithContext(ctx context.Context) Sec return pulumi.ToOutputWithContext(ctx, i).(SecretRoleMapOutput) } +func (i SecretRoleMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretRole] { + return pulumix.Output[map[string]*SecretRole]{ + OutputState: i.ToSecretRoleMapOutputWithContext(ctx).OutputState, + } +} + type SecretRoleOutput struct{ *pulumi.OutputState } func (SecretRoleOutput) ElementType() reflect.Type { @@ -287,6 +308,12 @@ func (o SecretRoleOutput) ToSecretRoleOutputWithContext(ctx context.Context) Sec return o } +func (o SecretRoleOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretRole] { + return pulumix.Output[*SecretRole]{ + OutputState: o.OutputState, + } +} + // The path of the Terraform Cloud Secret Backend the role belongs to. func (o SecretRoleOutput) Backend() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecretRole) pulumi.StringPtrOutput { return v.Backend }).(pulumi.StringPtrOutput) @@ -344,6 +371,12 @@ func (o SecretRoleArrayOutput) ToSecretRoleArrayOutputWithContext(ctx context.Co return o } +func (o SecretRoleArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretRole] { + return pulumix.Output[[]*SecretRole]{ + OutputState: o.OutputState, + } +} + func (o SecretRoleArrayOutput) Index(i pulumi.IntInput) SecretRoleOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretRole { return vs[0].([]*SecretRole)[vs[1].(int)] @@ -364,6 +397,12 @@ func (o SecretRoleMapOutput) ToSecretRoleMapOutputWithContext(ctx context.Contex return o } +func (o SecretRoleMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretRole] { + return pulumix.Output[map[string]*SecretRole]{ + OutputState: o.OutputState, + } +} + func (o SecretRoleMapOutput) MapIndex(k pulumi.StringInput) SecretRoleOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretRole { return vs[0].(map[string]*SecretRole)[vs[1].(string)] diff --git a/sdk/go/vault/token.go b/sdk/go/vault/token.go index c902c8500..d4652c855 100644 --- a/sdk/go/vault/token.go +++ b/sdk/go/vault/token.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // ## Example Usage @@ -117,6 +119,7 @@ func NewToken(ctx *pulumi.Context, "wrappingAccessor", }) opts = append(opts, secrets) + opts = internal.PkgResourceDefaultOpts(opts) var resource Token err := ctx.RegisterResource("vault:index/token:Token", name, args, &resource, opts...) if err != nil { @@ -330,6 +333,12 @@ func (i *Token) ToTokenOutputWithContext(ctx context.Context) TokenOutput { return pulumi.ToOutputWithContext(ctx, i).(TokenOutput) } +func (i *Token) ToOutput(ctx context.Context) pulumix.Output[*Token] { + return pulumix.Output[*Token]{ + OutputState: i.ToTokenOutputWithContext(ctx).OutputState, + } +} + // TokenArrayInput is an input type that accepts TokenArray and TokenArrayOutput values. // You can construct a concrete instance of `TokenArrayInput` via: // @@ -355,6 +364,12 @@ func (i TokenArray) ToTokenArrayOutputWithContext(ctx context.Context) TokenArra return pulumi.ToOutputWithContext(ctx, i).(TokenArrayOutput) } +func (i TokenArray) ToOutput(ctx context.Context) pulumix.Output[[]*Token] { + return pulumix.Output[[]*Token]{ + OutputState: i.ToTokenArrayOutputWithContext(ctx).OutputState, + } +} + // TokenMapInput is an input type that accepts TokenMap and TokenMapOutput values. // You can construct a concrete instance of `TokenMapInput` via: // @@ -380,6 +395,12 @@ func (i TokenMap) ToTokenMapOutputWithContext(ctx context.Context) TokenMapOutpu return pulumi.ToOutputWithContext(ctx, i).(TokenMapOutput) } +func (i TokenMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*Token] { + return pulumix.Output[map[string]*Token]{ + OutputState: i.ToTokenMapOutputWithContext(ctx).OutputState, + } +} + type TokenOutput struct{ *pulumi.OutputState } func (TokenOutput) ElementType() reflect.Type { @@ -394,6 +415,12 @@ func (o TokenOutput) ToTokenOutputWithContext(ctx context.Context) TokenOutput { return o } +func (o TokenOutput) ToOutput(ctx context.Context) pulumix.Output[*Token] { + return pulumix.Output[*Token]{ + OutputState: o.OutputState, + } +} + // String containing the client token if stored in present file func (o TokenOutput) ClientToken() pulumi.StringOutput { return o.ApplyT(func(v *Token) pulumi.StringOutput { return v.ClientToken }).(pulumi.StringOutput) @@ -511,6 +538,12 @@ func (o TokenArrayOutput) ToTokenArrayOutputWithContext(ctx context.Context) Tok return o } +func (o TokenArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*Token] { + return pulumix.Output[[]*Token]{ + OutputState: o.OutputState, + } +} + func (o TokenArrayOutput) Index(i pulumi.IntInput) TokenOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *Token { return vs[0].([]*Token)[vs[1].(int)] @@ -531,6 +564,12 @@ func (o TokenMapOutput) ToTokenMapOutputWithContext(ctx context.Context) TokenMa return o } +func (o TokenMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*Token] { + return pulumix.Output[map[string]*Token]{ + OutputState: o.OutputState, + } +} + func (o TokenMapOutput) MapIndex(k pulumi.StringInput) TokenOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *Token { return vs[0].(map[string]*Token)[vs[1].(string)] diff --git a/sdk/go/vault/tokenauth/authBackendRole.go b/sdk/go/vault/tokenauth/authBackendRole.go index 1ed2f9dc0..26b32f590 100644 --- a/sdk/go/vault/tokenauth/authBackendRole.go +++ b/sdk/go/vault/tokenauth/authBackendRole.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Manages Token auth backend role in a Vault server. See the [Vault @@ -86,6 +88,8 @@ type AuthBackendRole struct { // If true, tokens created against this policy will be orphan tokens. Orphan pulumi.BoolPtrOutput `pulumi:"orphan"` // Tokens created against this role will have the given suffix as part of their path in addition to the role name. + // + // > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked. PathSuffix pulumi.StringPtrOutput `pulumi:"pathSuffix"` // Whether to disable the ability of the token to be renewed past its initial TTL. Renewable pulumi.BoolPtrOutput `pulumi:"renewable"` @@ -137,6 +141,7 @@ func NewAuthBackendRole(ctx *pulumi.Context, if args.RoleName == nil { return nil, errors.New("invalid value for required argument 'RoleName'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource AuthBackendRole err := ctx.RegisterResource("vault:tokenauth/authBackendRole:AuthBackendRole", name, args, &resource, opts...) if err != nil { @@ -177,6 +182,8 @@ type authBackendRoleState struct { // If true, tokens created against this policy will be orphan tokens. Orphan *bool `pulumi:"orphan"` // Tokens created against this role will have the given suffix as part of their path in addition to the role name. + // + // > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked. PathSuffix *string `pulumi:"pathSuffix"` // Whether to disable the ability of the token to be renewed past its initial TTL. Renewable *bool `pulumi:"renewable"` @@ -237,6 +244,8 @@ type AuthBackendRoleState struct { // If true, tokens created against this policy will be orphan tokens. Orphan pulumi.BoolPtrInput // Tokens created against this role will have the given suffix as part of their path in addition to the role name. + // + // > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked. PathSuffix pulumi.StringPtrInput // Whether to disable the ability of the token to be renewed past its initial TTL. Renewable pulumi.BoolPtrInput @@ -301,6 +310,8 @@ type authBackendRoleArgs struct { // If true, tokens created against this policy will be orphan tokens. Orphan *bool `pulumi:"orphan"` // Tokens created against this role will have the given suffix as part of their path in addition to the role name. + // + // > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked. PathSuffix *string `pulumi:"pathSuffix"` // Whether to disable the ability of the token to be renewed past its initial TTL. Renewable *bool `pulumi:"renewable"` @@ -362,6 +373,8 @@ type AuthBackendRoleArgs struct { // If true, tokens created against this policy will be orphan tokens. Orphan pulumi.BoolPtrInput // Tokens created against this role will have the given suffix as part of their path in addition to the role name. + // + // > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked. PathSuffix pulumi.StringPtrInput // Whether to disable the ability of the token to be renewed past its initial TTL. Renewable pulumi.BoolPtrInput @@ -426,6 +439,12 @@ func (i *AuthBackendRole) ToAuthBackendRoleOutputWithContext(ctx context.Context return pulumi.ToOutputWithContext(ctx, i).(AuthBackendRoleOutput) } +func (i *AuthBackendRole) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendRole] { + return pulumix.Output[*AuthBackendRole]{ + OutputState: i.ToAuthBackendRoleOutputWithContext(ctx).OutputState, + } +} + // AuthBackendRoleArrayInput is an input type that accepts AuthBackendRoleArray and AuthBackendRoleArrayOutput values. // You can construct a concrete instance of `AuthBackendRoleArrayInput` via: // @@ -451,6 +470,12 @@ func (i AuthBackendRoleArray) ToAuthBackendRoleArrayOutputWithContext(ctx contex return pulumi.ToOutputWithContext(ctx, i).(AuthBackendRoleArrayOutput) } +func (i AuthBackendRoleArray) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendRole] { + return pulumix.Output[[]*AuthBackendRole]{ + OutputState: i.ToAuthBackendRoleArrayOutputWithContext(ctx).OutputState, + } +} + // AuthBackendRoleMapInput is an input type that accepts AuthBackendRoleMap and AuthBackendRoleMapOutput values. // You can construct a concrete instance of `AuthBackendRoleMapInput` via: // @@ -476,6 +501,12 @@ func (i AuthBackendRoleMap) ToAuthBackendRoleMapOutputWithContext(ctx context.Co return pulumi.ToOutputWithContext(ctx, i).(AuthBackendRoleMapOutput) } +func (i AuthBackendRoleMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendRole] { + return pulumix.Output[map[string]*AuthBackendRole]{ + OutputState: i.ToAuthBackendRoleMapOutputWithContext(ctx).OutputState, + } +} + type AuthBackendRoleOutput struct{ *pulumi.OutputState } func (AuthBackendRoleOutput) ElementType() reflect.Type { @@ -490,6 +521,12 @@ func (o AuthBackendRoleOutput) ToAuthBackendRoleOutputWithContext(ctx context.Co return o } +func (o AuthBackendRoleOutput) ToOutput(ctx context.Context) pulumix.Output[*AuthBackendRole] { + return pulumix.Output[*AuthBackendRole]{ + OutputState: o.OutputState, + } +} + // List of allowed entity aliases. func (o AuthBackendRoleOutput) AllowedEntityAliases() pulumi.StringArrayOutput { return o.ApplyT(func(v *AuthBackendRole) pulumi.StringArrayOutput { return v.AllowedEntityAliases }).(pulumi.StringArrayOutput) @@ -529,6 +566,8 @@ func (o AuthBackendRoleOutput) Orphan() pulumi.BoolPtrOutput { } // Tokens created against this role will have the given suffix as part of their path in addition to the role name. +// +// > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked. func (o AuthBackendRoleOutput) PathSuffix() pulumi.StringPtrOutput { return o.ApplyT(func(v *AuthBackendRole) pulumi.StringPtrOutput { return v.PathSuffix }).(pulumi.StringPtrOutput) } @@ -618,6 +657,12 @@ func (o AuthBackendRoleArrayOutput) ToAuthBackendRoleArrayOutputWithContext(ctx return o } +func (o AuthBackendRoleArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*AuthBackendRole] { + return pulumix.Output[[]*AuthBackendRole]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendRoleArrayOutput) Index(i pulumi.IntInput) AuthBackendRoleOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AuthBackendRole { return vs[0].([]*AuthBackendRole)[vs[1].(int)] @@ -638,6 +683,12 @@ func (o AuthBackendRoleMapOutput) ToAuthBackendRoleMapOutputWithContext(ctx cont return o } +func (o AuthBackendRoleMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*AuthBackendRole] { + return pulumix.Output[map[string]*AuthBackendRole]{ + OutputState: o.OutputState, + } +} + func (o AuthBackendRoleMapOutput) MapIndex(k pulumi.StringInput) AuthBackendRoleOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AuthBackendRole { return vs[0].(map[string]*AuthBackendRole)[vs[1].(string)] diff --git a/sdk/go/vault/tokenauth/init.go b/sdk/go/vault/tokenauth/init.go index fce6fb500..3748c0dcf 100644 --- a/sdk/go/vault/tokenauth/init.go +++ b/sdk/go/vault/tokenauth/init.go @@ -7,7 +7,7 @@ import ( "fmt" "github.com/blang/semver" - "github.com/pulumi/pulumi-vault/sdk/v5/go/vault" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) @@ -32,7 +32,7 @@ func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi } func init() { - version, err := vault.PkgVersion() + version, err := internal.PkgVersion() if err != nil { version = semver.Version{Major: 1} } diff --git a/sdk/go/vault/transform/alphabet.go b/sdk/go/vault/transform/alphabet.go index e45c2ace5..66e4af5a2 100644 --- a/sdk/go/vault/transform/alphabet.go +++ b/sdk/go/vault/transform/alphabet.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // This resource supports the "/transform/alphabet/{name}" Vault endpoint. @@ -56,6 +58,11 @@ type Alphabet struct { Alphabet pulumi.StringPtrOutput `pulumi:"alphabet"` // The name of the alphabet. Name pulumi.StringOutput `pulumi:"name"` + // The namespace to provision the resource in. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace pulumi.StringPtrOutput `pulumi:"namespace"` // Path to where the back-end is mounted within Vault. Path pulumi.StringOutput `pulumi:"path"` } @@ -70,6 +77,7 @@ func NewAlphabet(ctx *pulumi.Context, if args.Path == nil { return nil, errors.New("invalid value for required argument 'Path'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource Alphabet err := ctx.RegisterResource("vault:transform/alphabet:Alphabet", name, args, &resource, opts...) if err != nil { @@ -96,6 +104,11 @@ type alphabetState struct { Alphabet *string `pulumi:"alphabet"` // The name of the alphabet. Name *string `pulumi:"name"` + // The namespace to provision the resource in. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace *string `pulumi:"namespace"` // Path to where the back-end is mounted within Vault. Path *string `pulumi:"path"` } @@ -105,6 +118,11 @@ type AlphabetState struct { Alphabet pulumi.StringPtrInput // The name of the alphabet. Name pulumi.StringPtrInput + // The namespace to provision the resource in. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace pulumi.StringPtrInput // Path to where the back-end is mounted within Vault. Path pulumi.StringPtrInput } @@ -118,6 +136,11 @@ type alphabetArgs struct { Alphabet *string `pulumi:"alphabet"` // The name of the alphabet. Name *string `pulumi:"name"` + // The namespace to provision the resource in. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace *string `pulumi:"namespace"` // Path to where the back-end is mounted within Vault. Path string `pulumi:"path"` } @@ -128,6 +151,11 @@ type AlphabetArgs struct { Alphabet pulumi.StringPtrInput // The name of the alphabet. Name pulumi.StringPtrInput + // The namespace to provision the resource in. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace pulumi.StringPtrInput // Path to where the back-end is mounted within Vault. Path pulumi.StringInput } @@ -155,6 +183,12 @@ func (i *Alphabet) ToAlphabetOutputWithContext(ctx context.Context) AlphabetOutp return pulumi.ToOutputWithContext(ctx, i).(AlphabetOutput) } +func (i *Alphabet) ToOutput(ctx context.Context) pulumix.Output[*Alphabet] { + return pulumix.Output[*Alphabet]{ + OutputState: i.ToAlphabetOutputWithContext(ctx).OutputState, + } +} + // AlphabetArrayInput is an input type that accepts AlphabetArray and AlphabetArrayOutput values. // You can construct a concrete instance of `AlphabetArrayInput` via: // @@ -180,6 +214,12 @@ func (i AlphabetArray) ToAlphabetArrayOutputWithContext(ctx context.Context) Alp return pulumi.ToOutputWithContext(ctx, i).(AlphabetArrayOutput) } +func (i AlphabetArray) ToOutput(ctx context.Context) pulumix.Output[[]*Alphabet] { + return pulumix.Output[[]*Alphabet]{ + OutputState: i.ToAlphabetArrayOutputWithContext(ctx).OutputState, + } +} + // AlphabetMapInput is an input type that accepts AlphabetMap and AlphabetMapOutput values. // You can construct a concrete instance of `AlphabetMapInput` via: // @@ -205,6 +245,12 @@ func (i AlphabetMap) ToAlphabetMapOutputWithContext(ctx context.Context) Alphabe return pulumi.ToOutputWithContext(ctx, i).(AlphabetMapOutput) } +func (i AlphabetMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*Alphabet] { + return pulumix.Output[map[string]*Alphabet]{ + OutputState: i.ToAlphabetMapOutputWithContext(ctx).OutputState, + } +} + type AlphabetOutput struct{ *pulumi.OutputState } func (AlphabetOutput) ElementType() reflect.Type { @@ -219,6 +265,12 @@ func (o AlphabetOutput) ToAlphabetOutputWithContext(ctx context.Context) Alphabe return o } +func (o AlphabetOutput) ToOutput(ctx context.Context) pulumix.Output[*Alphabet] { + return pulumix.Output[*Alphabet]{ + OutputState: o.OutputState, + } +} + // A string of characters that contains the alphabet set. func (o AlphabetOutput) Alphabet() pulumi.StringPtrOutput { return o.ApplyT(func(v *Alphabet) pulumi.StringPtrOutput { return v.Alphabet }).(pulumi.StringPtrOutput) @@ -229,6 +281,14 @@ func (o AlphabetOutput) Name() pulumi.StringOutput { return o.ApplyT(func(v *Alphabet) pulumi.StringOutput { return v.Name }).(pulumi.StringOutput) } +// The namespace to provision the resource in. +// The value should not contain leading or trailing forward slashes. +// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). +// *Available only for Vault Enterprise*. +func (o AlphabetOutput) Namespace() pulumi.StringPtrOutput { + return o.ApplyT(func(v *Alphabet) pulumi.StringPtrOutput { return v.Namespace }).(pulumi.StringPtrOutput) +} + // Path to where the back-end is mounted within Vault. func (o AlphabetOutput) Path() pulumi.StringOutput { return o.ApplyT(func(v *Alphabet) pulumi.StringOutput { return v.Path }).(pulumi.StringOutput) @@ -248,6 +308,12 @@ func (o AlphabetArrayOutput) ToAlphabetArrayOutputWithContext(ctx context.Contex return o } +func (o AlphabetArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*Alphabet] { + return pulumix.Output[[]*Alphabet]{ + OutputState: o.OutputState, + } +} + func (o AlphabetArrayOutput) Index(i pulumi.IntInput) AlphabetOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *Alphabet { return vs[0].([]*Alphabet)[vs[1].(int)] @@ -268,6 +334,12 @@ func (o AlphabetMapOutput) ToAlphabetMapOutputWithContext(ctx context.Context) A return o } +func (o AlphabetMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*Alphabet] { + return pulumix.Output[map[string]*Alphabet]{ + OutputState: o.OutputState, + } +} + func (o AlphabetMapOutput) MapIndex(k pulumi.StringInput) AlphabetOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *Alphabet { return vs[0].(map[string]*Alphabet)[vs[1].(string)] diff --git a/sdk/go/vault/transform/getDecode.go b/sdk/go/vault/transform/getDecode.go index a245728e1..b97f333b5 100644 --- a/sdk/go/vault/transform/getDecode.go +++ b/sdk/go/vault/transform/getDecode.go @@ -7,13 +7,70 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // This data source supports the "/transform/decode/{role_name}" Vault endpoint. // // It decodes the provided value using a named role. +// +// ## Example Usage +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-vault/sdk/v5/go/vault" +// "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/transform" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// transform, err := vault.NewMount(ctx, "transform", &vault.MountArgs{ +// Path: pulumi.String("transform"), +// Type: pulumi.String("transform"), +// }) +// if err != nil { +// return err +// } +// _, err = transform.NewTransformation(ctx, "ccn-fpe", &transform.TransformationArgs{ +// Path: transform.Path, +// Type: pulumi.String("fpe"), +// Template: pulumi.String("builtin/creditcardnumber"), +// TweakSource: pulumi.String("internal"), +// AllowedRoles: pulumi.StringArray{ +// pulumi.String("payments"), +// }, +// }) +// if err != nil { +// return err +// } +// payments, err := transform.NewRole(ctx, "payments", &transform.RoleArgs{ +// Path: ccn_fpe.Path, +// Transformations: pulumi.StringArray{ +// pulumi.String("ccn-fpe"), +// }, +// }) +// if err != nil { +// return err +// } +// _ = transform.GetDecodeOutput(ctx, transform.GetDecodeOutputArgs{ +// Path: payments.Path, +// RoleName: pulumi.String("payments"), +// Value: pulumi.String("9300-3376-4943-8903"), +// }, nil) +// return nil +// }) +// } +// +// ``` func GetDecode(ctx *pulumi.Context, args *GetDecodeArgs, opts ...pulumi.InvokeOption) (*GetDecodeResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) var rv GetDecodeResult err := ctx.Invoke("vault:transform/getDecode:getDecode", args, &rv, opts...) if err != nil { @@ -30,6 +87,11 @@ type GetDecodeArgs struct { BatchResults []map[string]interface{} `pulumi:"batchResults"` // The result of decoding a value. DecodedValue *string `pulumi:"decodedValue"` + // The namespace of the target resource. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace *string `pulumi:"namespace"` // Path to where the back-end is mounted within Vault. Path string `pulumi:"path"` // The name of the role. @@ -49,6 +111,7 @@ type GetDecodeResult struct { DecodedValue string `pulumi:"decodedValue"` // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` + Namespace *string `pulumi:"namespace"` Path string `pulumi:"path"` RoleName string `pulumi:"roleName"` Transformation *string `pulumi:"transformation"` @@ -77,6 +140,11 @@ type GetDecodeOutputArgs struct { BatchResults pulumi.MapArrayInput `pulumi:"batchResults"` // The result of decoding a value. DecodedValue pulumi.StringPtrInput `pulumi:"decodedValue"` + // The namespace of the target resource. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace pulumi.StringPtrInput `pulumi:"namespace"` // Path to where the back-end is mounted within Vault. Path pulumi.StringInput `pulumi:"path"` // The name of the role. @@ -108,6 +176,12 @@ func (o GetDecodeResultOutput) ToGetDecodeResultOutputWithContext(ctx context.Co return o } +func (o GetDecodeResultOutput) ToOutput(ctx context.Context) pulumix.Output[GetDecodeResult] { + return pulumix.Output[GetDecodeResult]{ + OutputState: o.OutputState, + } +} + func (o GetDecodeResultOutput) BatchInputs() pulumi.MapArrayOutput { return o.ApplyT(func(v GetDecodeResult) []map[string]interface{} { return v.BatchInputs }).(pulumi.MapArrayOutput) } @@ -125,6 +199,10 @@ func (o GetDecodeResultOutput) Id() pulumi.StringOutput { return o.ApplyT(func(v GetDecodeResult) string { return v.Id }).(pulumi.StringOutput) } +func (o GetDecodeResultOutput) Namespace() pulumi.StringPtrOutput { + return o.ApplyT(func(v GetDecodeResult) *string { return v.Namespace }).(pulumi.StringPtrOutput) +} + func (o GetDecodeResultOutput) Path() pulumi.StringOutput { return o.ApplyT(func(v GetDecodeResult) string { return v.Path }).(pulumi.StringOutput) } diff --git a/sdk/go/vault/transform/getEncode.go b/sdk/go/vault/transform/getEncode.go index b3aecfa5a..134880043 100644 --- a/sdk/go/vault/transform/getEncode.go +++ b/sdk/go/vault/transform/getEncode.go @@ -7,13 +7,74 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // This data source supports the "/transform/encode/{role_name}" Vault endpoint. // // It encodes the provided value using a named role. +// +// ## Example Usage +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-vault/sdk/v5/go/vault" +// "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/transform" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// transform, err := vault.NewMount(ctx, "transform", &vault.MountArgs{ +// Path: pulumi.String("transform"), +// Type: pulumi.String("transform"), +// }) +// if err != nil { +// return err +// } +// _, err = transform.NewTransformation(ctx, "ccn-fpe", &transform.TransformationArgs{ +// Path: transform.Path, +// Type: pulumi.String("fpe"), +// Template: pulumi.String("builtin/creditcardnumber"), +// TweakSource: pulumi.String("internal"), +// AllowedRoles: pulumi.StringArray{ +// pulumi.String("payments"), +// }, +// }) +// if err != nil { +// return err +// } +// payments, err := transform.NewRole(ctx, "payments", &transform.RoleArgs{ +// Path: ccn_fpe.Path, +// Transformations: pulumi.StringArray{ +// pulumi.String("ccn-fpe"), +// }, +// }) +// if err != nil { +// return err +// } +// _ = transform.GetEncodeOutput(ctx, transform.GetEncodeOutputArgs{ +// Path: payments.Path, +// RoleName: pulumi.String("payments"), +// BatchInputs: pulumi.MapArray{ +// pulumi.Map{ +// "value": pulumi.Any("1111-2222-3333-4444"), +// }, +// }, +// }, nil) +// return nil +// }) +// } +// +// ``` func GetEncode(ctx *pulumi.Context, args *GetEncodeArgs, opts ...pulumi.InvokeOption) (*GetEncodeResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) var rv GetEncodeResult err := ctx.Invoke("vault:transform/getEncode:getEncode", args, &rv, opts...) if err != nil { @@ -30,6 +91,11 @@ type GetEncodeArgs struct { BatchResults []map[string]interface{} `pulumi:"batchResults"` // The result of encoding a value. EncodedValue *string `pulumi:"encodedValue"` + // The namespace of the target resource. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace *string `pulumi:"namespace"` // Path to where the back-end is mounted within Vault. Path string `pulumi:"path"` // The name of the role. @@ -49,6 +115,7 @@ type GetEncodeResult struct { EncodedValue string `pulumi:"encodedValue"` // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` + Namespace *string `pulumi:"namespace"` Path string `pulumi:"path"` RoleName string `pulumi:"roleName"` Transformation *string `pulumi:"transformation"` @@ -77,6 +144,11 @@ type GetEncodeOutputArgs struct { BatchResults pulumi.MapArrayInput `pulumi:"batchResults"` // The result of encoding a value. EncodedValue pulumi.StringPtrInput `pulumi:"encodedValue"` + // The namespace of the target resource. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace pulumi.StringPtrInput `pulumi:"namespace"` // Path to where the back-end is mounted within Vault. Path pulumi.StringInput `pulumi:"path"` // The name of the role. @@ -108,6 +180,12 @@ func (o GetEncodeResultOutput) ToGetEncodeResultOutputWithContext(ctx context.Co return o } +func (o GetEncodeResultOutput) ToOutput(ctx context.Context) pulumix.Output[GetEncodeResult] { + return pulumix.Output[GetEncodeResult]{ + OutputState: o.OutputState, + } +} + func (o GetEncodeResultOutput) BatchInputs() pulumi.MapArrayOutput { return o.ApplyT(func(v GetEncodeResult) []map[string]interface{} { return v.BatchInputs }).(pulumi.MapArrayOutput) } @@ -125,6 +203,10 @@ func (o GetEncodeResultOutput) Id() pulumi.StringOutput { return o.ApplyT(func(v GetEncodeResult) string { return v.Id }).(pulumi.StringOutput) } +func (o GetEncodeResultOutput) Namespace() pulumi.StringPtrOutput { + return o.ApplyT(func(v GetEncodeResult) *string { return v.Namespace }).(pulumi.StringPtrOutput) +} + func (o GetEncodeResultOutput) Path() pulumi.StringOutput { return o.ApplyT(func(v GetEncodeResult) string { return v.Path }).(pulumi.StringOutput) } diff --git a/sdk/go/vault/transform/init.go b/sdk/go/vault/transform/init.go index bd164c7a8..dec4c73f5 100644 --- a/sdk/go/vault/transform/init.go +++ b/sdk/go/vault/transform/init.go @@ -7,7 +7,7 @@ import ( "fmt" "github.com/blang/semver" - "github.com/pulumi/pulumi-vault/sdk/v5/go/vault" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) @@ -38,7 +38,7 @@ func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi } func init() { - version, err := vault.PkgVersion() + version, err := internal.PkgVersion() if err != nil { version = semver.Version{Major: 1} } diff --git a/sdk/go/vault/transform/role.go b/sdk/go/vault/transform/role.go index 64db82039..25a853304 100644 --- a/sdk/go/vault/transform/role.go +++ b/sdk/go/vault/transform/role.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // This resource supports the "/transform/role/{name}" Vault endpoint. @@ -57,6 +59,11 @@ type Role struct { // The name of the role. Name pulumi.StringOutput `pulumi:"name"` + // The namespace to provision the resource in. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace pulumi.StringPtrOutput `pulumi:"namespace"` // Path to where the back-end is mounted within Vault. Path pulumi.StringOutput `pulumi:"path"` // A comma separated string or slice of transformations to use. @@ -73,6 +80,7 @@ func NewRole(ctx *pulumi.Context, if args.Path == nil { return nil, errors.New("invalid value for required argument 'Path'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource Role err := ctx.RegisterResource("vault:transform/role:Role", name, args, &resource, opts...) if err != nil { @@ -97,6 +105,11 @@ func GetRole(ctx *pulumi.Context, type roleState struct { // The name of the role. Name *string `pulumi:"name"` + // The namespace to provision the resource in. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace *string `pulumi:"namespace"` // Path to where the back-end is mounted within Vault. Path *string `pulumi:"path"` // A comma separated string or slice of transformations to use. @@ -106,6 +119,11 @@ type roleState struct { type RoleState struct { // The name of the role. Name pulumi.StringPtrInput + // The namespace to provision the resource in. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace pulumi.StringPtrInput // Path to where the back-end is mounted within Vault. Path pulumi.StringPtrInput // A comma separated string or slice of transformations to use. @@ -119,6 +137,11 @@ func (RoleState) ElementType() reflect.Type { type roleArgs struct { // The name of the role. Name *string `pulumi:"name"` + // The namespace to provision the resource in. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace *string `pulumi:"namespace"` // Path to where the back-end is mounted within Vault. Path string `pulumi:"path"` // A comma separated string or slice of transformations to use. @@ -129,6 +152,11 @@ type roleArgs struct { type RoleArgs struct { // The name of the role. Name pulumi.StringPtrInput + // The namespace to provision the resource in. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace pulumi.StringPtrInput // Path to where the back-end is mounted within Vault. Path pulumi.StringInput // A comma separated string or slice of transformations to use. @@ -158,6 +186,12 @@ func (i *Role) ToRoleOutputWithContext(ctx context.Context) RoleOutput { return pulumi.ToOutputWithContext(ctx, i).(RoleOutput) } +func (i *Role) ToOutput(ctx context.Context) pulumix.Output[*Role] { + return pulumix.Output[*Role]{ + OutputState: i.ToRoleOutputWithContext(ctx).OutputState, + } +} + // RoleArrayInput is an input type that accepts RoleArray and RoleArrayOutput values. // You can construct a concrete instance of `RoleArrayInput` via: // @@ -183,6 +217,12 @@ func (i RoleArray) ToRoleArrayOutputWithContext(ctx context.Context) RoleArrayOu return pulumi.ToOutputWithContext(ctx, i).(RoleArrayOutput) } +func (i RoleArray) ToOutput(ctx context.Context) pulumix.Output[[]*Role] { + return pulumix.Output[[]*Role]{ + OutputState: i.ToRoleArrayOutputWithContext(ctx).OutputState, + } +} + // RoleMapInput is an input type that accepts RoleMap and RoleMapOutput values. // You can construct a concrete instance of `RoleMapInput` via: // @@ -208,6 +248,12 @@ func (i RoleMap) ToRoleMapOutputWithContext(ctx context.Context) RoleMapOutput { return pulumi.ToOutputWithContext(ctx, i).(RoleMapOutput) } +func (i RoleMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*Role] { + return pulumix.Output[map[string]*Role]{ + OutputState: i.ToRoleMapOutputWithContext(ctx).OutputState, + } +} + type RoleOutput struct{ *pulumi.OutputState } func (RoleOutput) ElementType() reflect.Type { @@ -222,11 +268,25 @@ func (o RoleOutput) ToRoleOutputWithContext(ctx context.Context) RoleOutput { return o } +func (o RoleOutput) ToOutput(ctx context.Context) pulumix.Output[*Role] { + return pulumix.Output[*Role]{ + OutputState: o.OutputState, + } +} + // The name of the role. func (o RoleOutput) Name() pulumi.StringOutput { return o.ApplyT(func(v *Role) pulumi.StringOutput { return v.Name }).(pulumi.StringOutput) } +// The namespace to provision the resource in. +// The value should not contain leading or trailing forward slashes. +// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). +// *Available only for Vault Enterprise*. +func (o RoleOutput) Namespace() pulumi.StringPtrOutput { + return o.ApplyT(func(v *Role) pulumi.StringPtrOutput { return v.Namespace }).(pulumi.StringPtrOutput) +} + // Path to where the back-end is mounted within Vault. func (o RoleOutput) Path() pulumi.StringOutput { return o.ApplyT(func(v *Role) pulumi.StringOutput { return v.Path }).(pulumi.StringOutput) @@ -251,6 +311,12 @@ func (o RoleArrayOutput) ToRoleArrayOutputWithContext(ctx context.Context) RoleA return o } +func (o RoleArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*Role] { + return pulumix.Output[[]*Role]{ + OutputState: o.OutputState, + } +} + func (o RoleArrayOutput) Index(i pulumi.IntInput) RoleOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *Role { return vs[0].([]*Role)[vs[1].(int)] @@ -271,6 +337,12 @@ func (o RoleMapOutput) ToRoleMapOutputWithContext(ctx context.Context) RoleMapOu return o } +func (o RoleMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*Role] { + return pulumix.Output[map[string]*Role]{ + OutputState: o.OutputState, + } +} + func (o RoleMapOutput) MapIndex(k pulumi.StringInput) RoleOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *Role { return vs[0].(map[string]*Role)[vs[1].(string)] diff --git a/sdk/go/vault/transform/template.go b/sdk/go/vault/transform/template.go index b734399f3..665d37dfd 100644 --- a/sdk/go/vault/transform/template.go +++ b/sdk/go/vault/transform/template.go @@ -7,23 +7,92 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) +// This resource supports the `/transform/template/{name}` Vault endpoint. +// +// It creates or updates a template with the given name. If a template with the name does not exist, +// it will be created. If the template exists, it will be updated with the new attributes. +// +// > Requires _Vault Enterprise with the Advanced Data Protection Transform Module_. +// See [Transform Secrets Engine](https://www.vaultproject.io/docs/secrets/transform) +// for more information. +// +// ## Example Usage +// +// Please note that the `pattern` below holds a regex. The regex shown +// is identical to the one in our [Setup](https://www.vaultproject.io/docs/secrets/transform#setup) +// docs, `(\d{4})-(\d{4})-(\d{4})-(\d{4})`. However, due to HCL, the +// backslashes must be escaped to appear correctly in Vault. For further +// assistance escaping your own custom regex, see String Literals. +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-vault/sdk/v5/go/vault" +// "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/transform" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// transform, err := vault.NewMount(ctx, "transform", &vault.MountArgs{ +// Path: pulumi.String("transform"), +// Type: pulumi.String("transform"), +// }) +// if err != nil { +// return err +// } +// numerics, err := transform.NewAlphabet(ctx, "numerics", &transform.AlphabetArgs{ +// Path: transform.Path, +// Alphabet: pulumi.String("0123456789"), +// }) +// if err != nil { +// return err +// } +// _, err = transform.NewTemplate(ctx, "test", &transform.TemplateArgs{ +// Path: numerics.Path, +// Type: pulumi.String("regex"), +// Pattern: pulumi.String("(\\d{4})[- ](\\d{4})[- ](\\d{4})[- ](\\d{4})"), +// Alphabet: pulumi.String("numerics"), +// EncodeFormat: pulumi.String("$1-$2-$3-$4"), +// DecodeFormats: pulumi.Map{ +// "last-four-digits": pulumi.Any("$4"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` type Template struct { pulumi.CustomResourceState // The alphabet to use for this template. This is only used during FPE transformations. Alphabet pulumi.StringPtrOutput `pulumi:"alphabet"` - // - Optional mapping of name to regular expression template, used to customize - // the decoded output. (requires Vault Enterprise 1.9+) + // Optional mapping of name to regular expression template, used to customize + // the decoded output. (requires Vault Enterprise 1.9+) DecodeFormats pulumi.MapOutput `pulumi:"decodeFormats"` - // - The regular expression template used to format encoded values. - // (requires Vault Enterprise 1.9+) + // The regular expression template used to format encoded values. + // (requires Vault Enterprise 1.9+) EncodeFormat pulumi.StringPtrOutput `pulumi:"encodeFormat"` // The name of the template. Name pulumi.StringOutput `pulumi:"name"` + // The namespace to provision the resource in. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace pulumi.StringPtrOutput `pulumi:"namespace"` // Path to where the back-end is mounted within Vault. Path pulumi.StringOutput `pulumi:"path"` // The pattern used for matching. Currently, only regular expression pattern is supported. @@ -42,6 +111,7 @@ func NewTemplate(ctx *pulumi.Context, if args.Path == nil { return nil, errors.New("invalid value for required argument 'Path'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource Template err := ctx.RegisterResource("vault:transform/template:Template", name, args, &resource, opts...) if err != nil { @@ -66,14 +136,19 @@ func GetTemplate(ctx *pulumi.Context, type templateState struct { // The alphabet to use for this template. This is only used during FPE transformations. Alphabet *string `pulumi:"alphabet"` - // - Optional mapping of name to regular expression template, used to customize - // the decoded output. (requires Vault Enterprise 1.9+) + // Optional mapping of name to regular expression template, used to customize + // the decoded output. (requires Vault Enterprise 1.9+) DecodeFormats map[string]interface{} `pulumi:"decodeFormats"` - // - The regular expression template used to format encoded values. - // (requires Vault Enterprise 1.9+) + // The regular expression template used to format encoded values. + // (requires Vault Enterprise 1.9+) EncodeFormat *string `pulumi:"encodeFormat"` // The name of the template. Name *string `pulumi:"name"` + // The namespace to provision the resource in. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace *string `pulumi:"namespace"` // Path to where the back-end is mounted within Vault. Path *string `pulumi:"path"` // The pattern used for matching. Currently, only regular expression pattern is supported. @@ -85,14 +160,19 @@ type templateState struct { type TemplateState struct { // The alphabet to use for this template. This is only used during FPE transformations. Alphabet pulumi.StringPtrInput - // - Optional mapping of name to regular expression template, used to customize - // the decoded output. (requires Vault Enterprise 1.9+) + // Optional mapping of name to regular expression template, used to customize + // the decoded output. (requires Vault Enterprise 1.9+) DecodeFormats pulumi.MapInput - // - The regular expression template used to format encoded values. - // (requires Vault Enterprise 1.9+) + // The regular expression template used to format encoded values. + // (requires Vault Enterprise 1.9+) EncodeFormat pulumi.StringPtrInput // The name of the template. Name pulumi.StringPtrInput + // The namespace to provision the resource in. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace pulumi.StringPtrInput // Path to where the back-end is mounted within Vault. Path pulumi.StringPtrInput // The pattern used for matching. Currently, only regular expression pattern is supported. @@ -108,14 +188,19 @@ func (TemplateState) ElementType() reflect.Type { type templateArgs struct { // The alphabet to use for this template. This is only used during FPE transformations. Alphabet *string `pulumi:"alphabet"` - // - Optional mapping of name to regular expression template, used to customize - // the decoded output. (requires Vault Enterprise 1.9+) + // Optional mapping of name to regular expression template, used to customize + // the decoded output. (requires Vault Enterprise 1.9+) DecodeFormats map[string]interface{} `pulumi:"decodeFormats"` - // - The regular expression template used to format encoded values. - // (requires Vault Enterprise 1.9+) + // The regular expression template used to format encoded values. + // (requires Vault Enterprise 1.9+) EncodeFormat *string `pulumi:"encodeFormat"` // The name of the template. Name *string `pulumi:"name"` + // The namespace to provision the resource in. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace *string `pulumi:"namespace"` // Path to where the back-end is mounted within Vault. Path string `pulumi:"path"` // The pattern used for matching. Currently, only regular expression pattern is supported. @@ -128,14 +213,19 @@ type templateArgs struct { type TemplateArgs struct { // The alphabet to use for this template. This is only used during FPE transformations. Alphabet pulumi.StringPtrInput - // - Optional mapping of name to regular expression template, used to customize - // the decoded output. (requires Vault Enterprise 1.9+) + // Optional mapping of name to regular expression template, used to customize + // the decoded output. (requires Vault Enterprise 1.9+) DecodeFormats pulumi.MapInput - // - The regular expression template used to format encoded values. - // (requires Vault Enterprise 1.9+) + // The regular expression template used to format encoded values. + // (requires Vault Enterprise 1.9+) EncodeFormat pulumi.StringPtrInput // The name of the template. Name pulumi.StringPtrInput + // The namespace to provision the resource in. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace pulumi.StringPtrInput // Path to where the back-end is mounted within Vault. Path pulumi.StringInput // The pattern used for matching. Currently, only regular expression pattern is supported. @@ -167,6 +257,12 @@ func (i *Template) ToTemplateOutputWithContext(ctx context.Context) TemplateOutp return pulumi.ToOutputWithContext(ctx, i).(TemplateOutput) } +func (i *Template) ToOutput(ctx context.Context) pulumix.Output[*Template] { + return pulumix.Output[*Template]{ + OutputState: i.ToTemplateOutputWithContext(ctx).OutputState, + } +} + // TemplateArrayInput is an input type that accepts TemplateArray and TemplateArrayOutput values. // You can construct a concrete instance of `TemplateArrayInput` via: // @@ -192,6 +288,12 @@ func (i TemplateArray) ToTemplateArrayOutputWithContext(ctx context.Context) Tem return pulumi.ToOutputWithContext(ctx, i).(TemplateArrayOutput) } +func (i TemplateArray) ToOutput(ctx context.Context) pulumix.Output[[]*Template] { + return pulumix.Output[[]*Template]{ + OutputState: i.ToTemplateArrayOutputWithContext(ctx).OutputState, + } +} + // TemplateMapInput is an input type that accepts TemplateMap and TemplateMapOutput values. // You can construct a concrete instance of `TemplateMapInput` via: // @@ -217,6 +319,12 @@ func (i TemplateMap) ToTemplateMapOutputWithContext(ctx context.Context) Templat return pulumi.ToOutputWithContext(ctx, i).(TemplateMapOutput) } +func (i TemplateMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*Template] { + return pulumix.Output[map[string]*Template]{ + OutputState: i.ToTemplateMapOutputWithContext(ctx).OutputState, + } +} + type TemplateOutput struct{ *pulumi.OutputState } func (TemplateOutput) ElementType() reflect.Type { @@ -231,19 +339,25 @@ func (o TemplateOutput) ToTemplateOutputWithContext(ctx context.Context) Templat return o } +func (o TemplateOutput) ToOutput(ctx context.Context) pulumix.Output[*Template] { + return pulumix.Output[*Template]{ + OutputState: o.OutputState, + } +} + // The alphabet to use for this template. This is only used during FPE transformations. func (o TemplateOutput) Alphabet() pulumi.StringPtrOutput { return o.ApplyT(func(v *Template) pulumi.StringPtrOutput { return v.Alphabet }).(pulumi.StringPtrOutput) } -// - Optional mapping of name to regular expression template, used to customize -// the decoded output. (requires Vault Enterprise 1.9+) +// Optional mapping of name to regular expression template, used to customize +// the decoded output. (requires Vault Enterprise 1.9+) func (o TemplateOutput) DecodeFormats() pulumi.MapOutput { return o.ApplyT(func(v *Template) pulumi.MapOutput { return v.DecodeFormats }).(pulumi.MapOutput) } -// - The regular expression template used to format encoded values. -// (requires Vault Enterprise 1.9+) +// The regular expression template used to format encoded values. +// (requires Vault Enterprise 1.9+) func (o TemplateOutput) EncodeFormat() pulumi.StringPtrOutput { return o.ApplyT(func(v *Template) pulumi.StringPtrOutput { return v.EncodeFormat }).(pulumi.StringPtrOutput) } @@ -253,6 +367,14 @@ func (o TemplateOutput) Name() pulumi.StringOutput { return o.ApplyT(func(v *Template) pulumi.StringOutput { return v.Name }).(pulumi.StringOutput) } +// The namespace to provision the resource in. +// The value should not contain leading or trailing forward slashes. +// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). +// *Available only for Vault Enterprise*. +func (o TemplateOutput) Namespace() pulumi.StringPtrOutput { + return o.ApplyT(func(v *Template) pulumi.StringPtrOutput { return v.Namespace }).(pulumi.StringPtrOutput) +} + // Path to where the back-end is mounted within Vault. func (o TemplateOutput) Path() pulumi.StringOutput { return o.ApplyT(func(v *Template) pulumi.StringOutput { return v.Path }).(pulumi.StringOutput) @@ -282,6 +404,12 @@ func (o TemplateArrayOutput) ToTemplateArrayOutputWithContext(ctx context.Contex return o } +func (o TemplateArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*Template] { + return pulumix.Output[[]*Template]{ + OutputState: o.OutputState, + } +} + func (o TemplateArrayOutput) Index(i pulumi.IntInput) TemplateOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *Template { return vs[0].([]*Template)[vs[1].(int)] @@ -302,6 +430,12 @@ func (o TemplateMapOutput) ToTemplateMapOutputWithContext(ctx context.Context) T return o } +func (o TemplateMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*Template] { + return pulumix.Output[map[string]*Template]{ + OutputState: o.OutputState, + } +} + func (o TemplateMapOutput) MapIndex(k pulumi.StringInput) TemplateOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *Template { return vs[0].(map[string]*Template)[vs[1].(string)] diff --git a/sdk/go/vault/transform/transformation.go b/sdk/go/vault/transform/transformation.go index cb4169e3e..4946b0a11 100644 --- a/sdk/go/vault/transform/transformation.go +++ b/sdk/go/vault/transform/transformation.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) type Transformation struct { @@ -24,6 +26,11 @@ type Transformation struct { MaskingCharacter pulumi.StringPtrOutput `pulumi:"maskingCharacter"` // The name of the transformation. Name pulumi.StringOutput `pulumi:"name"` + // The namespace to provision the resource in. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace pulumi.StringPtrOutput `pulumi:"namespace"` // Path to where the back-end is mounted within Vault. Path pulumi.StringOutput `pulumi:"path"` // The name of the template to use. @@ -46,6 +53,7 @@ func NewTransformation(ctx *pulumi.Context, if args.Path == nil { return nil, errors.New("invalid value for required argument 'Path'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource Transformation err := ctx.RegisterResource("vault:transform/transformation:Transformation", name, args, &resource, opts...) if err != nil { @@ -78,6 +86,11 @@ type transformationState struct { MaskingCharacter *string `pulumi:"maskingCharacter"` // The name of the transformation. Name *string `pulumi:"name"` + // The namespace to provision the resource in. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace *string `pulumi:"namespace"` // Path to where the back-end is mounted within Vault. Path *string `pulumi:"path"` // The name of the template to use. @@ -101,6 +114,11 @@ type TransformationState struct { MaskingCharacter pulumi.StringPtrInput // The name of the transformation. Name pulumi.StringPtrInput + // The namespace to provision the resource in. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace pulumi.StringPtrInput // Path to where the back-end is mounted within Vault. Path pulumi.StringPtrInput // The name of the template to use. @@ -128,6 +146,11 @@ type transformationArgs struct { MaskingCharacter *string `pulumi:"maskingCharacter"` // The name of the transformation. Name *string `pulumi:"name"` + // The namespace to provision the resource in. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace *string `pulumi:"namespace"` // Path to where the back-end is mounted within Vault. Path string `pulumi:"path"` // The name of the template to use. @@ -152,6 +175,11 @@ type TransformationArgs struct { MaskingCharacter pulumi.StringPtrInput // The name of the transformation. Name pulumi.StringPtrInput + // The namespace to provision the resource in. + // The value should not contain leading or trailing forward slashes. + // The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + // *Available only for Vault Enterprise*. + Namespace pulumi.StringPtrInput // Path to where the back-end is mounted within Vault. Path pulumi.StringInput // The name of the template to use. @@ -187,6 +215,12 @@ func (i *Transformation) ToTransformationOutputWithContext(ctx context.Context) return pulumi.ToOutputWithContext(ctx, i).(TransformationOutput) } +func (i *Transformation) ToOutput(ctx context.Context) pulumix.Output[*Transformation] { + return pulumix.Output[*Transformation]{ + OutputState: i.ToTransformationOutputWithContext(ctx).OutputState, + } +} + // TransformationArrayInput is an input type that accepts TransformationArray and TransformationArrayOutput values. // You can construct a concrete instance of `TransformationArrayInput` via: // @@ -212,6 +246,12 @@ func (i TransformationArray) ToTransformationArrayOutputWithContext(ctx context. return pulumi.ToOutputWithContext(ctx, i).(TransformationArrayOutput) } +func (i TransformationArray) ToOutput(ctx context.Context) pulumix.Output[[]*Transformation] { + return pulumix.Output[[]*Transformation]{ + OutputState: i.ToTransformationArrayOutputWithContext(ctx).OutputState, + } +} + // TransformationMapInput is an input type that accepts TransformationMap and TransformationMapOutput values. // You can construct a concrete instance of `TransformationMapInput` via: // @@ -237,6 +277,12 @@ func (i TransformationMap) ToTransformationMapOutputWithContext(ctx context.Cont return pulumi.ToOutputWithContext(ctx, i).(TransformationMapOutput) } +func (i TransformationMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*Transformation] { + return pulumix.Output[map[string]*Transformation]{ + OutputState: i.ToTransformationMapOutputWithContext(ctx).OutputState, + } +} + type TransformationOutput struct{ *pulumi.OutputState } func (TransformationOutput) ElementType() reflect.Type { @@ -251,6 +297,12 @@ func (o TransformationOutput) ToTransformationOutputWithContext(ctx context.Cont return o } +func (o TransformationOutput) ToOutput(ctx context.Context) pulumix.Output[*Transformation] { + return pulumix.Output[*Transformation]{ + OutputState: o.OutputState, + } +} + // The set of roles allowed to perform this transformation. func (o TransformationOutput) AllowedRoles() pulumi.StringArrayOutput { return o.ApplyT(func(v *Transformation) pulumi.StringArrayOutput { return v.AllowedRoles }).(pulumi.StringArrayOutput) @@ -273,6 +325,14 @@ func (o TransformationOutput) Name() pulumi.StringOutput { return o.ApplyT(func(v *Transformation) pulumi.StringOutput { return v.Name }).(pulumi.StringOutput) } +// The namespace to provision the resource in. +// The value should not contain leading or trailing forward slashes. +// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). +// *Available only for Vault Enterprise*. +func (o TransformationOutput) Namespace() pulumi.StringPtrOutput { + return o.ApplyT(func(v *Transformation) pulumi.StringPtrOutput { return v.Namespace }).(pulumi.StringPtrOutput) +} + // Path to where the back-end is mounted within Vault. func (o TransformationOutput) Path() pulumi.StringOutput { return o.ApplyT(func(v *Transformation) pulumi.StringOutput { return v.Path }).(pulumi.StringOutput) @@ -312,6 +372,12 @@ func (o TransformationArrayOutput) ToTransformationArrayOutputWithContext(ctx co return o } +func (o TransformationArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*Transformation] { + return pulumix.Output[[]*Transformation]{ + OutputState: o.OutputState, + } +} + func (o TransformationArrayOutput) Index(i pulumi.IntInput) TransformationOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *Transformation { return vs[0].([]*Transformation)[vs[1].(int)] @@ -332,6 +398,12 @@ func (o TransformationMapOutput) ToTransformationMapOutputWithContext(ctx contex return o } +func (o TransformationMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*Transformation] { + return pulumix.Output[map[string]*Transformation]{ + OutputState: o.OutputState, + } +} + func (o TransformationMapOutput) MapIndex(k pulumi.StringInput) TransformationOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *Transformation { return vs[0].(map[string]*Transformation)[vs[1].(string)] diff --git a/sdk/go/vault/transit/getDecrypt.go b/sdk/go/vault/transit/getDecrypt.go index 61e9fa4b6..0961ff356 100644 --- a/sdk/go/vault/transit/getDecrypt.go +++ b/sdk/go/vault/transit/getDecrypt.go @@ -7,7 +7,9 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // This is a data source which can be used to decrypt ciphertext using a Vault Transit key. @@ -40,6 +42,7 @@ import ( // // ``` func GetDecrypt(ctx *pulumi.Context, args *GetDecryptArgs, opts ...pulumi.InvokeOption) (*GetDecryptResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) var rv GetDecryptResult err := ctx.Invoke("vault:transit/getDecrypt:getDecrypt", args, &rv, opts...) if err != nil { @@ -119,6 +122,12 @@ func (o GetDecryptResultOutput) ToGetDecryptResultOutputWithContext(ctx context. return o } +func (o GetDecryptResultOutput) ToOutput(ctx context.Context) pulumix.Output[GetDecryptResult] { + return pulumix.Output[GetDecryptResult]{ + OutputState: o.OutputState, + } +} + func (o GetDecryptResultOutput) Backend() pulumi.StringOutput { return o.ApplyT(func(v GetDecryptResult) string { return v.Backend }).(pulumi.StringOutput) } diff --git a/sdk/go/vault/transit/getEncrypt.go b/sdk/go/vault/transit/getEncrypt.go index 87387ed6f..464ffd462 100644 --- a/sdk/go/vault/transit/getEncrypt.go +++ b/sdk/go/vault/transit/getEncrypt.go @@ -7,11 +7,14 @@ import ( "context" "reflect" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // This is a data source which can be used to encrypt plaintext using a Vault Transit key. func GetEncrypt(ctx *pulumi.Context, args *GetEncryptArgs, opts ...pulumi.InvokeOption) (*GetEncryptResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) var rv GetEncryptResult err := ctx.Invoke("vault:transit/getEncrypt:getEncrypt", args, &rv, opts...) if err != nil { @@ -96,6 +99,12 @@ func (o GetEncryptResultOutput) ToGetEncryptResultOutputWithContext(ctx context. return o } +func (o GetEncryptResultOutput) ToOutput(ctx context.Context) pulumix.Output[GetEncryptResult] { + return pulumix.Output[GetEncryptResult]{ + OutputState: o.OutputState, + } +} + func (o GetEncryptResultOutput) Backend() pulumi.StringOutput { return o.ApplyT(func(v GetEncryptResult) string { return v.Backend }).(pulumi.StringOutput) } diff --git a/sdk/go/vault/transit/init.go b/sdk/go/vault/transit/init.go index 45e59d075..6f25ceb92 100644 --- a/sdk/go/vault/transit/init.go +++ b/sdk/go/vault/transit/init.go @@ -7,7 +7,7 @@ import ( "fmt" "github.com/blang/semver" - "github.com/pulumi/pulumi-vault/sdk/v5/go/vault" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) @@ -34,7 +34,7 @@ func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi } func init() { - version, err := vault.PkgVersion() + version, err := internal.PkgVersion() if err != nil { version = semver.Version{Major: 1} } diff --git a/sdk/go/vault/transit/secretBackendKey.go b/sdk/go/vault/transit/secretBackendKey.go index bf3212899..74cd236ee 100644 --- a/sdk/go/vault/transit/secretBackendKey.go +++ b/sdk/go/vault/transit/secretBackendKey.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Creates an Encryption Keyring on a Transit Secret Backend for Vault. @@ -130,6 +132,7 @@ func NewSecretBackendKey(ctx *pulumi.Context, if args.Backend == nil { return nil, errors.New("invalid value for required argument 'Backend'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretBackendKey err := ctx.RegisterResource("vault:transit/secretBackendKey:SecretBackendKey", name, args, &resource, opts...) if err != nil { @@ -371,6 +374,12 @@ func (i *SecretBackendKey) ToSecretBackendKeyOutputWithContext(ctx context.Conte return pulumi.ToOutputWithContext(ctx, i).(SecretBackendKeyOutput) } +func (i *SecretBackendKey) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendKey] { + return pulumix.Output[*SecretBackendKey]{ + OutputState: i.ToSecretBackendKeyOutputWithContext(ctx).OutputState, + } +} + // SecretBackendKeyArrayInput is an input type that accepts SecretBackendKeyArray and SecretBackendKeyArrayOutput values. // You can construct a concrete instance of `SecretBackendKeyArrayInput` via: // @@ -396,6 +405,12 @@ func (i SecretBackendKeyArray) ToSecretBackendKeyArrayOutputWithContext(ctx cont return pulumi.ToOutputWithContext(ctx, i).(SecretBackendKeyArrayOutput) } +func (i SecretBackendKeyArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendKey] { + return pulumix.Output[[]*SecretBackendKey]{ + OutputState: i.ToSecretBackendKeyArrayOutputWithContext(ctx).OutputState, + } +} + // SecretBackendKeyMapInput is an input type that accepts SecretBackendKeyMap and SecretBackendKeyMapOutput values. // You can construct a concrete instance of `SecretBackendKeyMapInput` via: // @@ -421,6 +436,12 @@ func (i SecretBackendKeyMap) ToSecretBackendKeyMapOutputWithContext(ctx context. return pulumi.ToOutputWithContext(ctx, i).(SecretBackendKeyMapOutput) } +func (i SecretBackendKeyMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendKey] { + return pulumix.Output[map[string]*SecretBackendKey]{ + OutputState: i.ToSecretBackendKeyMapOutputWithContext(ctx).OutputState, + } +} + type SecretBackendKeyOutput struct{ *pulumi.OutputState } func (SecretBackendKeyOutput) ElementType() reflect.Type { @@ -435,6 +456,12 @@ func (o SecretBackendKeyOutput) ToSecretBackendKeyOutputWithContext(ctx context. return o } +func (o SecretBackendKeyOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretBackendKey] { + return pulumix.Output[*SecretBackendKey]{ + OutputState: o.OutputState, + } +} + // Enables taking backup of entire keyring in the plaintext format. Once set, this cannot be disabled. // * Refer to Vault API documentation on key backups for more information: [Backup Key](https://www.vaultproject.io/api-docs/secret/transit#backup-key) func (o SecretBackendKeyOutput) AllowPlaintextBackup() pulumi.BoolPtrOutput { @@ -565,6 +592,12 @@ func (o SecretBackendKeyArrayOutput) ToSecretBackendKeyArrayOutputWithContext(ct return o } +func (o SecretBackendKeyArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretBackendKey] { + return pulumix.Output[[]*SecretBackendKey]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendKeyArrayOutput) Index(i pulumi.IntInput) SecretBackendKeyOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretBackendKey { return vs[0].([]*SecretBackendKey)[vs[1].(int)] @@ -585,6 +618,12 @@ func (o SecretBackendKeyMapOutput) ToSecretBackendKeyMapOutputWithContext(ctx co return o } +func (o SecretBackendKeyMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretBackendKey] { + return pulumix.Output[map[string]*SecretBackendKey]{ + OutputState: o.OutputState, + } +} + func (o SecretBackendKeyMapOutput) MapIndex(k pulumi.StringInput) SecretBackendKeyOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretBackendKey { return vs[0].(map[string]*SecretBackendKey)[vs[1].(string)] diff --git a/sdk/go/vault/transit/secretCacheConfig.go b/sdk/go/vault/transit/secretCacheConfig.go index 4ec2df6c5..7dc884652 100644 --- a/sdk/go/vault/transit/secretCacheConfig.go +++ b/sdk/go/vault/transit/secretCacheConfig.go @@ -7,8 +7,10 @@ import ( "context" "reflect" - "github.com/pkg/errors" + "errors" + "github.com/pulumi/pulumi-vault/sdk/v5/go/vault/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // Configure the cache for the Transit Secret Backend in Vault. @@ -77,6 +79,7 @@ func NewSecretCacheConfig(ctx *pulumi.Context, if args.Size == nil { return nil, errors.New("invalid value for required argument 'Size'") } + opts = internal.PkgResourceDefaultOpts(opts) var resource SecretCacheConfig err := ctx.RegisterResource("vault:transit/secretCacheConfig:SecretCacheConfig", name, args, &resource, opts...) if err != nil { @@ -174,6 +177,12 @@ func (i *SecretCacheConfig) ToSecretCacheConfigOutputWithContext(ctx context.Con return pulumi.ToOutputWithContext(ctx, i).(SecretCacheConfigOutput) } +func (i *SecretCacheConfig) ToOutput(ctx context.Context) pulumix.Output[*SecretCacheConfig] { + return pulumix.Output[*SecretCacheConfig]{ + OutputState: i.ToSecretCacheConfigOutputWithContext(ctx).OutputState, + } +} + // SecretCacheConfigArrayInput is an input type that accepts SecretCacheConfigArray and SecretCacheConfigArrayOutput values. // You can construct a concrete instance of `SecretCacheConfigArrayInput` via: // @@ -199,6 +208,12 @@ func (i SecretCacheConfigArray) ToSecretCacheConfigArrayOutputWithContext(ctx co return pulumi.ToOutputWithContext(ctx, i).(SecretCacheConfigArrayOutput) } +func (i SecretCacheConfigArray) ToOutput(ctx context.Context) pulumix.Output[[]*SecretCacheConfig] { + return pulumix.Output[[]*SecretCacheConfig]{ + OutputState: i.ToSecretCacheConfigArrayOutputWithContext(ctx).OutputState, + } +} + // SecretCacheConfigMapInput is an input type that accepts SecretCacheConfigMap and SecretCacheConfigMapOutput values. // You can construct a concrete instance of `SecretCacheConfigMapInput` via: // @@ -224,6 +239,12 @@ func (i SecretCacheConfigMap) ToSecretCacheConfigMapOutputWithContext(ctx contex return pulumi.ToOutputWithContext(ctx, i).(SecretCacheConfigMapOutput) } +func (i SecretCacheConfigMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretCacheConfig] { + return pulumix.Output[map[string]*SecretCacheConfig]{ + OutputState: i.ToSecretCacheConfigMapOutputWithContext(ctx).OutputState, + } +} + type SecretCacheConfigOutput struct{ *pulumi.OutputState } func (SecretCacheConfigOutput) ElementType() reflect.Type { @@ -238,6 +259,12 @@ func (o SecretCacheConfigOutput) ToSecretCacheConfigOutputWithContext(ctx contex return o } +func (o SecretCacheConfigOutput) ToOutput(ctx context.Context) pulumix.Output[*SecretCacheConfig] { + return pulumix.Output[*SecretCacheConfig]{ + OutputState: o.OutputState, + } +} + // The path the transit secret backend is mounted at, with no leading or trailing `/`s. func (o SecretCacheConfigOutput) Backend() pulumi.StringOutput { return o.ApplyT(func(v *SecretCacheConfig) pulumi.StringOutput { return v.Backend }).(pulumi.StringOutput) @@ -270,6 +297,12 @@ func (o SecretCacheConfigArrayOutput) ToSecretCacheConfigArrayOutputWithContext( return o } +func (o SecretCacheConfigArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*SecretCacheConfig] { + return pulumix.Output[[]*SecretCacheConfig]{ + OutputState: o.OutputState, + } +} + func (o SecretCacheConfigArrayOutput) Index(i pulumi.IntInput) SecretCacheConfigOutput { return pulumi.All(o, i).ApplyT(func(vs []interface{}) *SecretCacheConfig { return vs[0].([]*SecretCacheConfig)[vs[1].(int)] @@ -290,6 +323,12 @@ func (o SecretCacheConfigMapOutput) ToSecretCacheConfigMapOutputWithContext(ctx return o } +func (o SecretCacheConfigMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*SecretCacheConfig] { + return pulumix.Output[map[string]*SecretCacheConfig]{ + OutputState: o.OutputState, + } +} + func (o SecretCacheConfigMapOutput) MapIndex(k pulumi.StringInput) SecretCacheConfigOutput { return pulumi.All(o, k).ApplyT(func(vs []interface{}) *SecretCacheConfig { return vs[0].(map[string]*SecretCacheConfig)[vs[1].(string)] diff --git a/sdk/java/src/main/java/com/pulumi/vault/Audit.java b/sdk/java/src/main/java/com/pulumi/vault/Audit.java index 82844c9c4..4ebec71c3 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/Audit.java +++ b/sdk/java/src/main/java/com/pulumi/vault/Audit.java @@ -147,6 +147,8 @@ public Output> namespace() { /** * Configuration options to pass to the audit device itself. * + * For a reference of the device types and their options, consult the [Vault documentation.](https://www.vaultproject.io/docs/audit/index.html) + * */ @Export(name="options", refs={Map.class,String.class}, tree="[0,1,1]") private Output> options; @@ -154,6 +156,8 @@ public Output> namespace() { /** * @return Configuration options to pass to the audit device itself. * + * For a reference of the device types and their options, consult the [Vault documentation.](https://www.vaultproject.io/docs/audit/index.html) + * */ public Output> options() { return this.options; diff --git a/sdk/java/src/main/java/com/pulumi/vault/AuditArgs.java b/sdk/java/src/main/java/com/pulumi/vault/AuditArgs.java index 693c1e7cb..84ea93af2 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/AuditArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/AuditArgs.java @@ -71,6 +71,8 @@ public Optional> namespace() { /** * Configuration options to pass to the audit device itself. * + * For a reference of the device types and their options, consult the [Vault documentation.](https://www.vaultproject.io/docs/audit/index.html) + * */ @Import(name="options", required=true) private Output> options; @@ -78,6 +80,8 @@ public Optional> namespace() { /** * @return Configuration options to pass to the audit device itself. * + * For a reference of the device types and their options, consult the [Vault documentation.](https://www.vaultproject.io/docs/audit/index.html) + * */ public Output> options() { return this.options; @@ -214,6 +218,8 @@ public Builder namespace(String namespace) { /** * @param options Configuration options to pass to the audit device itself. * + * For a reference of the device types and their options, consult the [Vault documentation.](https://www.vaultproject.io/docs/audit/index.html) + * * @return builder * */ @@ -225,6 +231,8 @@ public Builder options(Output> options) { /** * @param options Configuration options to pass to the audit device itself. * + * For a reference of the device types and their options, consult the [Vault documentation.](https://www.vaultproject.io/docs/audit/index.html) + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/AuthBackend.java b/sdk/java/src/main/java/com/pulumi/vault/AuthBackend.java index 0f2165c89..08c84dee9 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/AuthBackend.java +++ b/sdk/java/src/main/java/com/pulumi/vault/AuthBackend.java @@ -123,6 +123,8 @@ public Output path() { /** * Extra configuration block. Structure is documented below. * + * The `tune` block is used to tune the auth backend: + * */ @Export(name="tune", refs={AuthBackendTune.class}, tree="[0]") private Output tune; @@ -130,6 +132,8 @@ public Output path() { /** * @return Extra configuration block. Structure is documented below. * + * The `tune` block is used to tune the auth backend: + * */ public Output tune() { return this.tune; diff --git a/sdk/java/src/main/java/com/pulumi/vault/AuthBackendArgs.java b/sdk/java/src/main/java/com/pulumi/vault/AuthBackendArgs.java index 67216d77b..c880bb40b 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/AuthBackendArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/AuthBackendArgs.java @@ -103,6 +103,8 @@ public Optional> path() { /** * Extra configuration block. Structure is documented below. * + * The `tune` block is used to tune the auth backend: + * */ @Import(name="tune") private @Nullable Output tune; @@ -110,6 +112,8 @@ public Optional> path() { /** * @return Extra configuration block. Structure is documented below. * + * The `tune` block is used to tune the auth backend: + * */ public Optional> tune() { return Optional.ofNullable(this.tune); @@ -276,6 +280,8 @@ public Builder path(String path) { /** * @param tune Extra configuration block. Structure is documented below. * + * The `tune` block is used to tune the auth backend: + * * @return builder * */ @@ -287,6 +293,8 @@ public Builder tune(@Nullable Output tune) { /** * @param tune Extra configuration block. Structure is documented below. * + * The `tune` block is used to tune the auth backend: + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/CertAuthBackendRole.java b/sdk/java/src/main/java/com/pulumi/vault/CertAuthBackendRole.java index 89cdc33af..1a6283862 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/CertAuthBackendRole.java +++ b/sdk/java/src/main/java/com/pulumi/vault/CertAuthBackendRole.java @@ -242,14 +242,110 @@ public Output> namespace() { return Codegen.optional(this.namespace); } /** - * TLS extensions required on client certificates + * Any additional CA certificates + * needed to verify OCSP responses. Provided as base64 encoded PEM data. + * Requires Vault version 1.13+. + * + */ + @Export(name="ocspCaCertificates", refs={String.class}, tree="[0]") + private Output ocspCaCertificates; + + /** + * @return Any additional CA certificates + * needed to verify OCSP responses. Provided as base64 encoded PEM data. + * Requires Vault version 1.13+. + * + */ + public Output> ocspCaCertificates() { + return Codegen.optional(this.ocspCaCertificates); + } + /** + * If enabled, validate certificates' + * revocation status using OCSP. Requires Vault version 1.13+. + * + */ + @Export(name="ocspEnabled", refs={Boolean.class}, tree="[0]") + private Output ocspEnabled; + + /** + * @return If enabled, validate certificates' + * revocation status using OCSP. Requires Vault version 1.13+. + * + */ + public Output ocspEnabled() { + return this.ocspEnabled; + } + /** + * If true and an OCSP response cannot + * be fetched or is of an unknown status, the login will proceed as if the + * certificate has not been revoked. + * Requires Vault version 1.13+. + * + */ + @Export(name="ocspFailOpen", refs={Boolean.class}, tree="[0]") + private Output ocspFailOpen; + + /** + * @return If true and an OCSP response cannot + * be fetched or is of an unknown status, the login will proceed as if the + * certificate has not been revoked. + * Requires Vault version 1.13+. + * + */ + public Output ocspFailOpen() { + return this.ocspFailOpen; + } + /** + * If set to true, rather than + * accepting the first successful OCSP response, query all servers and consider + * the certificate valid only if all servers agree. + * Requires Vault version 1.13+. + * + */ + @Export(name="ocspQueryAllServers", refs={Boolean.class}, tree="[0]") + private Output ocspQueryAllServers; + + /** + * @return If set to true, rather than + * accepting the first successful OCSP response, query all servers and consider + * the certificate valid only if all servers agree. + * Requires Vault version 1.13+. + * + */ + public Output ocspQueryAllServers() { + return this.ocspQueryAllServers; + } + /** + * : A comma-separated list of OCSP + * server addresses. If unset, the OCSP server is determined from the + * AuthorityInformationAccess extension on the certificate being inspected. + * Requires Vault version 1.13+. + * + */ + @Export(name="ocspServersOverrides", refs={List.class,String.class}, tree="[0,1]") + private Output> ocspServersOverrides; + + /** + * @return : A comma-separated list of OCSP + * server addresses. If unset, the OCSP server is determined from the + * AuthorityInformationAccess extension on the certificate being inspected. + * Requires Vault version 1.13+. + * + */ + public Output>> ocspServersOverrides() { + return Codegen.optional(this.ocspServersOverrides); + } + /** + * TLS extensions required on + * client certificates * */ @Export(name="requiredExtensions", refs={List.class,String.class}, tree="[0,1]") private Output> requiredExtensions; /** - * @return TLS extensions required on client certificates + * @return TLS extensions required on + * client certificates * */ public Output> requiredExtensions() { @@ -400,6 +496,8 @@ public Output> tokenTtl() { * `default-service` and `default-batch` which specify the type to return unless the client * requests a different type at generation time. * + * For more details on the usage of each argument consult the [Vault Cert API documentation](https://www.vaultproject.io/api-docs/auth/cert). + * */ @Export(name="tokenType", refs={String.class}, tree="[0]") private Output tokenType; @@ -411,6 +509,8 @@ public Output> tokenTtl() { * `default-service` and `default-batch` which specify the type to return unless the client * requests a different type at generation time. * + * For more details on the usage of each argument consult the [Vault Cert API documentation](https://www.vaultproject.io/api-docs/auth/cert). + * */ public Output> tokenType() { return Codegen.optional(this.tokenType); diff --git a/sdk/java/src/main/java/com/pulumi/vault/CertAuthBackendRoleArgs.java b/sdk/java/src/main/java/com/pulumi/vault/CertAuthBackendRoleArgs.java index ab8a847c4..add6813b1 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/CertAuthBackendRoleArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/CertAuthBackendRoleArgs.java @@ -211,14 +211,115 @@ public Optional> namespace() { } /** - * TLS extensions required on client certificates + * Any additional CA certificates + * needed to verify OCSP responses. Provided as base64 encoded PEM data. + * Requires Vault version 1.13+. + * + */ + @Import(name="ocspCaCertificates") + private @Nullable Output ocspCaCertificates; + + /** + * @return Any additional CA certificates + * needed to verify OCSP responses. Provided as base64 encoded PEM data. + * Requires Vault version 1.13+. + * + */ + public Optional> ocspCaCertificates() { + return Optional.ofNullable(this.ocspCaCertificates); + } + + /** + * If enabled, validate certificates' + * revocation status using OCSP. Requires Vault version 1.13+. + * + */ + @Import(name="ocspEnabled") + private @Nullable Output ocspEnabled; + + /** + * @return If enabled, validate certificates' + * revocation status using OCSP. Requires Vault version 1.13+. + * + */ + public Optional> ocspEnabled() { + return Optional.ofNullable(this.ocspEnabled); + } + + /** + * If true and an OCSP response cannot + * be fetched or is of an unknown status, the login will proceed as if the + * certificate has not been revoked. + * Requires Vault version 1.13+. + * + */ + @Import(name="ocspFailOpen") + private @Nullable Output ocspFailOpen; + + /** + * @return If true and an OCSP response cannot + * be fetched or is of an unknown status, the login will proceed as if the + * certificate has not been revoked. + * Requires Vault version 1.13+. + * + */ + public Optional> ocspFailOpen() { + return Optional.ofNullable(this.ocspFailOpen); + } + + /** + * If set to true, rather than + * accepting the first successful OCSP response, query all servers and consider + * the certificate valid only if all servers agree. + * Requires Vault version 1.13+. + * + */ + @Import(name="ocspQueryAllServers") + private @Nullable Output ocspQueryAllServers; + + /** + * @return If set to true, rather than + * accepting the first successful OCSP response, query all servers and consider + * the certificate valid only if all servers agree. + * Requires Vault version 1.13+. + * + */ + public Optional> ocspQueryAllServers() { + return Optional.ofNullable(this.ocspQueryAllServers); + } + + /** + * : A comma-separated list of OCSP + * server addresses. If unset, the OCSP server is determined from the + * AuthorityInformationAccess extension on the certificate being inspected. + * Requires Vault version 1.13+. + * + */ + @Import(name="ocspServersOverrides") + private @Nullable Output> ocspServersOverrides; + + /** + * @return : A comma-separated list of OCSP + * server addresses. If unset, the OCSP server is determined from the + * AuthorityInformationAccess extension on the certificate being inspected. + * Requires Vault version 1.13+. + * + */ + public Optional>> ocspServersOverrides() { + return Optional.ofNullable(this.ocspServersOverrides); + } + + /** + * TLS extensions required on + * client certificates * */ @Import(name="requiredExtensions") private @Nullable Output> requiredExtensions; /** - * @return TLS extensions required on client certificates + * @return TLS extensions required on + * client certificates * */ public Optional>> requiredExtensions() { @@ -378,6 +479,8 @@ public Optional> tokenTtl() { * `default-service` and `default-batch` which specify the type to return unless the client * requests a different type at generation time. * + * For more details on the usage of each argument consult the [Vault Cert API documentation](https://www.vaultproject.io/api-docs/auth/cert). + * */ @Import(name="tokenType") private @Nullable Output tokenType; @@ -389,6 +492,8 @@ public Optional> tokenTtl() { * `default-service` and `default-batch` which specify the type to return unless the client * requests a different type at generation time. * + * For more details on the usage of each argument consult the [Vault Cert API documentation](https://www.vaultproject.io/api-docs/auth/cert). + * */ public Optional> tokenType() { return Optional.ofNullable(this.tokenType); @@ -409,6 +514,11 @@ private CertAuthBackendRoleArgs(CertAuthBackendRoleArgs $) { this.displayName = $.displayName; this.name = $.name; this.namespace = $.namespace; + this.ocspCaCertificates = $.ocspCaCertificates; + this.ocspEnabled = $.ocspEnabled; + this.ocspFailOpen = $.ocspFailOpen; + this.ocspQueryAllServers = $.ocspQueryAllServers; + this.ocspServersOverrides = $.ocspServersOverrides; this.requiredExtensions = $.requiredExtensions; this.tokenBoundCidrs = $.tokenBoundCidrs; this.tokenExplicitMaxTtl = $.tokenExplicitMaxTtl; @@ -777,7 +887,150 @@ public Builder namespace(String namespace) { } /** - * @param requiredExtensions TLS extensions required on client certificates + * @param ocspCaCertificates Any additional CA certificates + * needed to verify OCSP responses. Provided as base64 encoded PEM data. + * Requires Vault version 1.13+. + * + * @return builder + * + */ + public Builder ocspCaCertificates(@Nullable Output ocspCaCertificates) { + $.ocspCaCertificates = ocspCaCertificates; + return this; + } + + /** + * @param ocspCaCertificates Any additional CA certificates + * needed to verify OCSP responses. Provided as base64 encoded PEM data. + * Requires Vault version 1.13+. + * + * @return builder + * + */ + public Builder ocspCaCertificates(String ocspCaCertificates) { + return ocspCaCertificates(Output.of(ocspCaCertificates)); + } + + /** + * @param ocspEnabled If enabled, validate certificates' + * revocation status using OCSP. Requires Vault version 1.13+. + * + * @return builder + * + */ + public Builder ocspEnabled(@Nullable Output ocspEnabled) { + $.ocspEnabled = ocspEnabled; + return this; + } + + /** + * @param ocspEnabled If enabled, validate certificates' + * revocation status using OCSP. Requires Vault version 1.13+. + * + * @return builder + * + */ + public Builder ocspEnabled(Boolean ocspEnabled) { + return ocspEnabled(Output.of(ocspEnabled)); + } + + /** + * @param ocspFailOpen If true and an OCSP response cannot + * be fetched or is of an unknown status, the login will proceed as if the + * certificate has not been revoked. + * Requires Vault version 1.13+. + * + * @return builder + * + */ + public Builder ocspFailOpen(@Nullable Output ocspFailOpen) { + $.ocspFailOpen = ocspFailOpen; + return this; + } + + /** + * @param ocspFailOpen If true and an OCSP response cannot + * be fetched or is of an unknown status, the login will proceed as if the + * certificate has not been revoked. + * Requires Vault version 1.13+. + * + * @return builder + * + */ + public Builder ocspFailOpen(Boolean ocspFailOpen) { + return ocspFailOpen(Output.of(ocspFailOpen)); + } + + /** + * @param ocspQueryAllServers If set to true, rather than + * accepting the first successful OCSP response, query all servers and consider + * the certificate valid only if all servers agree. + * Requires Vault version 1.13+. + * + * @return builder + * + */ + public Builder ocspQueryAllServers(@Nullable Output ocspQueryAllServers) { + $.ocspQueryAllServers = ocspQueryAllServers; + return this; + } + + /** + * @param ocspQueryAllServers If set to true, rather than + * accepting the first successful OCSP response, query all servers and consider + * the certificate valid only if all servers agree. + * Requires Vault version 1.13+. + * + * @return builder + * + */ + public Builder ocspQueryAllServers(Boolean ocspQueryAllServers) { + return ocspQueryAllServers(Output.of(ocspQueryAllServers)); + } + + /** + * @param ocspServersOverrides : A comma-separated list of OCSP + * server addresses. If unset, the OCSP server is determined from the + * AuthorityInformationAccess extension on the certificate being inspected. + * Requires Vault version 1.13+. + * + * @return builder + * + */ + public Builder ocspServersOverrides(@Nullable Output> ocspServersOverrides) { + $.ocspServersOverrides = ocspServersOverrides; + return this; + } + + /** + * @param ocspServersOverrides : A comma-separated list of OCSP + * server addresses. If unset, the OCSP server is determined from the + * AuthorityInformationAccess extension on the certificate being inspected. + * Requires Vault version 1.13+. + * + * @return builder + * + */ + public Builder ocspServersOverrides(List ocspServersOverrides) { + return ocspServersOverrides(Output.of(ocspServersOverrides)); + } + + /** + * @param ocspServersOverrides : A comma-separated list of OCSP + * server addresses. If unset, the OCSP server is determined from the + * AuthorityInformationAccess extension on the certificate being inspected. + * Requires Vault version 1.13+. + * + * @return builder + * + */ + public Builder ocspServersOverrides(String... ocspServersOverrides) { + return ocspServersOverrides(List.of(ocspServersOverrides)); + } + + /** + * @param requiredExtensions TLS extensions required on + * client certificates * * @return builder * @@ -788,7 +1041,8 @@ public Builder requiredExtensions(@Nullable Output> requiredExtensi } /** - * @param requiredExtensions TLS extensions required on client certificates + * @param requiredExtensions TLS extensions required on + * client certificates * * @return builder * @@ -798,7 +1052,8 @@ public Builder requiredExtensions(List requiredExtensions) { } /** - * @param requiredExtensions TLS extensions required on client certificates + * @param requiredExtensions TLS extensions required on + * client certificates * * @return builder * @@ -1031,6 +1286,8 @@ public Builder tokenTtl(Integer tokenTtl) { * `default-service` and `default-batch` which specify the type to return unless the client * requests a different type at generation time. * + * For more details on the usage of each argument consult the [Vault Cert API documentation](https://www.vaultproject.io/api-docs/auth/cert). + * * @return builder * */ @@ -1046,6 +1303,8 @@ public Builder tokenType(@Nullable Output tokenType) { * `default-service` and `default-batch` which specify the type to return unless the client * requests a different type at generation time. * + * For more details on the usage of each argument consult the [Vault Cert API documentation](https://www.vaultproject.io/api-docs/auth/cert). + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/Config.java b/sdk/java/src/main/java/com/pulumi/vault/Config.java index 8423460ab..c7d0e369c 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/Config.java +++ b/sdk/java/src/main/java/com/pulumi/vault/Config.java @@ -182,6 +182,14 @@ public Optional maxRetriesCcc() { public Optional namespace() { return Codegen.stringProp("namespace").config(config).get(); } +/** + * In the case where the Vault token is for a specific namespace and the provider namespace is not configured, use the + * token namespace as the root namespace for all resources. + * + */ + public Optional setNamespaceFromToken() { + return Codegen.booleanProp("setNamespaceFromToken").config(config).get(); + } /** * Set this to true to prevent the creation of ephemeral child token used by this provider. * diff --git a/sdk/java/src/main/java/com/pulumi/vault/MfaPingid.java b/sdk/java/src/main/java/com/pulumi/vault/MfaPingid.java index ab69633f9..49b80aec9 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/MfaPingid.java +++ b/sdk/java/src/main/java/com/pulumi/vault/MfaPingid.java @@ -73,42 +73,42 @@ @ResourceType(type="vault:index/mfaPingid:MfaPingid") public class MfaPingid extends com.pulumi.resources.CustomResource { /** - * Admin URL computed by Vault. + * `(string)` – Admin URL computed by Vault * */ @Export(name="adminUrl", refs={String.class}, tree="[0]") private Output adminUrl; /** - * @return Admin URL computed by Vault. + * @return `(string)` – Admin URL computed by Vault * */ public Output adminUrl() { return this.adminUrl; } /** - * Authenticator URL computed by Vault. + * `(string)` – Authenticator URL computed by Vault * */ @Export(name="authenticatorUrl", refs={String.class}, tree="[0]") private Output authenticatorUrl; /** - * @return Authenticator URL computed by Vault. + * @return `(string)` – Authenticator URL computed by Vault * */ public Output authenticatorUrl() { return this.authenticatorUrl; } /** - * IDP URL computed by Vault. + * `(string)` – IDP URL computed by Vault * */ @Export(name="idpUrl", refs={String.class}, tree="[0]") private Output idpUrl; /** - * @return IDP URL computed by Vault. + * @return `(string)` – IDP URL computed by Vault * */ public Output idpUrl() { @@ -165,28 +165,28 @@ public Output> namespace() { return Codegen.optional(this.namespace); } /** - * Namespace ID computed by Vault. + * `(string)` – Namespace ID computed by Vault * */ @Export(name="namespaceId", refs={String.class}, tree="[0]") private Output namespaceId; /** - * @return Namespace ID computed by Vault. + * @return `(string)` – Namespace ID computed by Vault * */ public Output namespaceId() { return this.namespaceId; } /** - * Org Alias computed by Vault. + * `(string)` – Org Alias computed by Vault * */ @Export(name="orgAlias", refs={String.class}, tree="[0]") private Output orgAlias; /** - * @return Org Alias computed by Vault. + * @return `(string)` – Org Alias computed by Vault * */ public Output orgAlias() { @@ -209,28 +209,28 @@ public Output settingsFileBase64() { return this.settingsFileBase64; } /** - * Type of configuration computed by Vault. + * `(string)` – Type of configuration computed by Vault * */ @Export(name="type", refs={String.class}, tree="[0]") private Output type; /** - * @return Type of configuration computed by Vault. + * @return `(string)` – Type of configuration computed by Vault * */ public Output type() { return this.type; } /** - * If set, enables use of PingID signature. Computed by Vault + * `(string)` – If set to true, enables use of PingID signature. Computed by Vault * */ @Export(name="useSignature", refs={Boolean.class}, tree="[0]") private Output useSignature; /** - * @return If set, enables use of PingID signature. Computed by Vault + * @return `(string)` – If set to true, enables use of PingID signature. Computed by Vault * */ public Output useSignature() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/Namespace.java b/sdk/java/src/main/java/com/pulumi/vault/Namespace.java index c9518f50d..6bf83800e 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/Namespace.java +++ b/sdk/java/src/main/java/com/pulumi/vault/Namespace.java @@ -10,7 +10,9 @@ import com.pulumi.vault.NamespaceArgs; import com.pulumi.vault.Utilities; import com.pulumi.vault.inputs.NamespaceState; +import java.lang.Object; import java.lang.String; +import java.util.Map; import java.util.Optional; import javax.annotation.Nullable; @@ -62,6 +64,22 @@ */ @ResourceType(type="vault:index/namespace:Namespace") public class Namespace extends com.pulumi.resources.CustomResource { + /** + * Custom metadata describing this namespace. Value type + * is `map[string]string`. Requires Vault version 1.12+. + * + */ + @Export(name="customMetadata", refs={Map.class,String.class,Object.class}, tree="[0,1,2]") + private Output> customMetadata; + + /** + * @return Custom metadata describing this namespace. Value type + * is `map[string]string`. Requires Vault version 1.12+. + * + */ + public Output> customMetadata() { + return this.customMetadata; + } /** * The namespace to provision the resource in. * The value should not contain leading or trailing forward slashes. diff --git a/sdk/java/src/main/java/com/pulumi/vault/NamespaceArgs.java b/sdk/java/src/main/java/com/pulumi/vault/NamespaceArgs.java index bc8e8d9db..484a31e34 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/NamespaceArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/NamespaceArgs.java @@ -5,7 +5,9 @@ import com.pulumi.core.Output; import com.pulumi.core.annotations.Import; +import java.lang.Object; import java.lang.String; +import java.util.Map; import java.util.Objects; import java.util.Optional; import javax.annotation.Nullable; @@ -15,6 +17,23 @@ public final class NamespaceArgs extends com.pulumi.resources.ResourceArgs { public static final NamespaceArgs Empty = new NamespaceArgs(); + /** + * Custom metadata describing this namespace. Value type + * is `map[string]string`. Requires Vault version 1.12+. + * + */ + @Import(name="customMetadata") + private @Nullable Output> customMetadata; + + /** + * @return Custom metadata describing this namespace. Value type + * is `map[string]string`. Requires Vault version 1.12+. + * + */ + public Optional>> customMetadata() { + return Optional.ofNullable(this.customMetadata); + } + /** * The namespace to provision the resource in. * The value should not contain leading or trailing forward slashes. @@ -71,6 +90,7 @@ public Optional> pathFq() { private NamespaceArgs() {} private NamespaceArgs(NamespaceArgs $) { + this.customMetadata = $.customMetadata; this.namespace = $.namespace; this.path = $.path; this.pathFq = $.pathFq; @@ -94,6 +114,29 @@ public Builder(NamespaceArgs defaults) { $ = new NamespaceArgs(Objects.requireNonNull(defaults)); } + /** + * @param customMetadata Custom metadata describing this namespace. Value type + * is `map[string]string`. Requires Vault version 1.12+. + * + * @return builder + * + */ + public Builder customMetadata(@Nullable Output> customMetadata) { + $.customMetadata = customMetadata; + return this; + } + + /** + * @param customMetadata Custom metadata describing this namespace. Value type + * is `map[string]string`. Requires Vault version 1.12+. + * + * @return builder + * + */ + public Builder customMetadata(Map customMetadata) { + return customMetadata(Output.of(customMetadata)); + } + /** * @param namespace The namespace to provision the resource in. * The value should not contain leading or trailing forward slashes. diff --git a/sdk/java/src/main/java/com/pulumi/vault/ProviderArgs.java b/sdk/java/src/main/java/com/pulumi/vault/ProviderArgs.java index d19b31809..e2f2908c5 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/ProviderArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/ProviderArgs.java @@ -371,6 +371,23 @@ public Optional> namespace() { return Optional.ofNullable(this.namespace); } + /** + * In the case where the Vault token is for a specific namespace and the provider namespace is not configured, use the + * token namespace as the root namespace for all resources. + * + */ + @Import(name="setNamespaceFromToken", json=true) + private @Nullable Output setNamespaceFromToken; + + /** + * @return In the case where the Vault token is for a specific namespace and the provider namespace is not configured, use the + * token namespace as the root namespace for all resources. + * + */ + public Optional> setNamespaceFromToken() { + return Optional.ofNullable(this.setNamespaceFromToken); + } + /** * Set this to true to prevent the creation of ephemeral child token used by this provider. * @@ -501,6 +518,7 @@ private ProviderArgs(ProviderArgs $) { this.maxRetries = $.maxRetries; this.maxRetriesCcc = $.maxRetriesCcc; this.namespace = $.namespace; + this.setNamespaceFromToken = $.setNamespaceFromToken; this.skipChildToken = $.skipChildToken; this.skipGetVaultVersion = $.skipGetVaultVersion; this.skipTlsVerify = $.skipTlsVerify; @@ -1008,6 +1026,29 @@ public Builder namespace(String namespace) { return namespace(Output.of(namespace)); } + /** + * @param setNamespaceFromToken In the case where the Vault token is for a specific namespace and the provider namespace is not configured, use the + * token namespace as the root namespace for all resources. + * + * @return builder + * + */ + public Builder setNamespaceFromToken(@Nullable Output setNamespaceFromToken) { + $.setNamespaceFromToken = setNamespaceFromToken; + return this; + } + + /** + * @param setNamespaceFromToken In the case where the Vault token is for a specific namespace and the provider namespace is not configured, use the + * token namespace as the root namespace for all resources. + * + * @return builder + * + */ + public Builder setNamespaceFromToken(Boolean setNamespaceFromToken) { + return setNamespaceFromToken(Output.of(setNamespaceFromToken)); + } + /** * @param skipChildToken Set this to true to prevent the creation of ephemeral child token used by this provider. * diff --git a/sdk/java/src/main/java/com/pulumi/vault/RaftSnapshotAgentConfig.java b/sdk/java/src/main/java/com/pulumi/vault/RaftSnapshotAgentConfig.java index 717d19d1a..0ea560674 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/RaftSnapshotAgentConfig.java +++ b/sdk/java/src/main/java/com/pulumi/vault/RaftSnapshotAgentConfig.java @@ -450,6 +450,28 @@ public Output> googleGcsBucket() { /** * Google service account key in JSON format. * The raw value looks like this: + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * } + * } + * ``` * */ @Export(name="googleServiceAccountKey", refs={String.class}, tree="[0]") @@ -458,6 +480,28 @@ public Output> googleGcsBucket() { /** * @return Google service account key in JSON format. * The raw value looks like this: + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * } + * } + * ``` * */ public Output> googleServiceAccountKey() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/RaftSnapshotAgentConfigArgs.java b/sdk/java/src/main/java/com/pulumi/vault/RaftSnapshotAgentConfigArgs.java index 851dbd058..f47c641c2 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/RaftSnapshotAgentConfigArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/RaftSnapshotAgentConfigArgs.java @@ -342,6 +342,28 @@ public Optional> googleGcsBucket() { /** * Google service account key in JSON format. * The raw value looks like this: + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * } + * } + * ``` * */ @Import(name="googleServiceAccountKey") @@ -350,6 +372,28 @@ public Optional> googleGcsBucket() { /** * @return Google service account key in JSON format. * The raw value looks like this: + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * } + * } + * ``` * */ public Optional> googleServiceAccountKey() { @@ -981,6 +1025,28 @@ public Builder googleGcsBucket(String googleGcsBucket) { /** * @param googleServiceAccountKey Google service account key in JSON format. * The raw value looks like this: + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * } + * } + * ``` * * @return builder * @@ -993,6 +1059,28 @@ public Builder googleServiceAccountKey(@Nullable Output googleServiceAcc /** * @param googleServiceAccountKey Google service account key in JSON format. * The raw value looks like this: + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * } + * } + * ``` * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/VaultFunctions.java b/sdk/java/src/main/java/com/pulumi/vault/VaultFunctions.java index 869979a47..3dc0807e2 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/VaultFunctions.java +++ b/sdk/java/src/main/java/com/pulumi/vault/VaultFunctions.java @@ -10,13 +10,19 @@ import com.pulumi.vault.Utilities; import com.pulumi.vault.inputs.GetAuthBackendArgs; import com.pulumi.vault.inputs.GetAuthBackendPlainArgs; +import com.pulumi.vault.inputs.GetAuthBackendsArgs; +import com.pulumi.vault.inputs.GetAuthBackendsPlainArgs; import com.pulumi.vault.inputs.GetNomadAccessTokenArgs; import com.pulumi.vault.inputs.GetNomadAccessTokenPlainArgs; import com.pulumi.vault.inputs.GetPolicyDocumentArgs; import com.pulumi.vault.inputs.GetPolicyDocumentPlainArgs; +import com.pulumi.vault.inputs.GetRaftAutopilotStateArgs; +import com.pulumi.vault.inputs.GetRaftAutopilotStatePlainArgs; import com.pulumi.vault.outputs.GetAuthBackendResult; +import com.pulumi.vault.outputs.GetAuthBackendsResult; import com.pulumi.vault.outputs.GetNomadAccessTokenResult; import com.pulumi.vault.outputs.GetPolicyDocumentResult; +import com.pulumi.vault.outputs.GetRaftAutopilotStateResult; import java.util.concurrent.CompletableFuture; public final class VaultFunctions { @@ -160,6 +166,24 @@ public static Output getAuthBackend(GetAuthBackendArgs arg public static CompletableFuture getAuthBackendPlain(GetAuthBackendPlainArgs args, InvokeOptions options) { return Deployment.getInstance().invokeAsync("vault:index/getAuthBackend:getAuthBackend", TypeShape.of(GetAuthBackendResult.class), args, Utilities.withVersion(options)); } + public static Output getAuthBackends() { + return getAuthBackends(GetAuthBackendsArgs.Empty, InvokeOptions.Empty); + } + public static CompletableFuture getAuthBackendsPlain() { + return getAuthBackendsPlain(GetAuthBackendsPlainArgs.Empty, InvokeOptions.Empty); + } + public static Output getAuthBackends(GetAuthBackendsArgs args) { + return getAuthBackends(args, InvokeOptions.Empty); + } + public static CompletableFuture getAuthBackendsPlain(GetAuthBackendsPlainArgs args) { + return getAuthBackendsPlain(args, InvokeOptions.Empty); + } + public static Output getAuthBackends(GetAuthBackendsArgs args, InvokeOptions options) { + return Deployment.getInstance().invoke("vault:index/getAuthBackends:getAuthBackends", TypeShape.of(GetAuthBackendsResult.class), args, Utilities.withVersion(options)); + } + public static CompletableFuture getAuthBackendsPlain(GetAuthBackendsPlainArgs args, InvokeOptions options) { + return Deployment.getInstance().invokeAsync("vault:index/getAuthBackends:getAuthBackends", TypeShape.of(GetAuthBackendsResult.class), args, Utilities.withVersion(options)); + } /** * ## Example Usage * ```java @@ -696,4 +720,244 @@ public static Output getPolicyDocument(GetPolicyDocumen public static CompletableFuture getPolicyDocumentPlain(GetPolicyDocumentPlainArgs args, InvokeOptions options) { return Deployment.getInstance().invokeAsync("vault:index/getPolicyDocument:getPolicyDocument", TypeShape.of(GetPolicyDocumentResult.class), args, Utilities.withVersion(options)); } + /** + * Displays the state of the raft cluster under integrated storage as seen by + * autopilot. It shows whether autopilot thinks the cluster is healthy or not, and + * how many nodes could fail before the cluster becomes unhealthy ("Failure + * Tolerance"). For more information, please refer to the + * [Vault documentation](https://developer.hashicorp.com/vault/api-docs/system/storage/raftautopilot#get-cluster-state). + * + * ## Example Usage + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.vault.VaultFunctions; + * import com.pulumi.vault.inputs.GetRaftAutopilotStateArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * final var main = VaultFunctions.getRaftAutopilotState(); + * + * ctx.export("failure-tolerance", main.applyValue(getRaftAutopilotStateResult -> getRaftAutopilotStateResult.failureTolerance())); + * } + * } + * ``` + * + */ + public static Output getRaftAutopilotState() { + return getRaftAutopilotState(GetRaftAutopilotStateArgs.Empty, InvokeOptions.Empty); + } + /** + * Displays the state of the raft cluster under integrated storage as seen by + * autopilot. It shows whether autopilot thinks the cluster is healthy or not, and + * how many nodes could fail before the cluster becomes unhealthy ("Failure + * Tolerance"). For more information, please refer to the + * [Vault documentation](https://developer.hashicorp.com/vault/api-docs/system/storage/raftautopilot#get-cluster-state). + * + * ## Example Usage + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.vault.VaultFunctions; + * import com.pulumi.vault.inputs.GetRaftAutopilotStateArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * final var main = VaultFunctions.getRaftAutopilotState(); + * + * ctx.export("failure-tolerance", main.applyValue(getRaftAutopilotStateResult -> getRaftAutopilotStateResult.failureTolerance())); + * } + * } + * ``` + * + */ + public static CompletableFuture getRaftAutopilotStatePlain() { + return getRaftAutopilotStatePlain(GetRaftAutopilotStatePlainArgs.Empty, InvokeOptions.Empty); + } + /** + * Displays the state of the raft cluster under integrated storage as seen by + * autopilot. It shows whether autopilot thinks the cluster is healthy or not, and + * how many nodes could fail before the cluster becomes unhealthy ("Failure + * Tolerance"). For more information, please refer to the + * [Vault documentation](https://developer.hashicorp.com/vault/api-docs/system/storage/raftautopilot#get-cluster-state). + * + * ## Example Usage + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.vault.VaultFunctions; + * import com.pulumi.vault.inputs.GetRaftAutopilotStateArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * final var main = VaultFunctions.getRaftAutopilotState(); + * + * ctx.export("failure-tolerance", main.applyValue(getRaftAutopilotStateResult -> getRaftAutopilotStateResult.failureTolerance())); + * } + * } + * ``` + * + */ + public static Output getRaftAutopilotState(GetRaftAutopilotStateArgs args) { + return getRaftAutopilotState(args, InvokeOptions.Empty); + } + /** + * Displays the state of the raft cluster under integrated storage as seen by + * autopilot. It shows whether autopilot thinks the cluster is healthy or not, and + * how many nodes could fail before the cluster becomes unhealthy ("Failure + * Tolerance"). For more information, please refer to the + * [Vault documentation](https://developer.hashicorp.com/vault/api-docs/system/storage/raftautopilot#get-cluster-state). + * + * ## Example Usage + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.vault.VaultFunctions; + * import com.pulumi.vault.inputs.GetRaftAutopilotStateArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * final var main = VaultFunctions.getRaftAutopilotState(); + * + * ctx.export("failure-tolerance", main.applyValue(getRaftAutopilotStateResult -> getRaftAutopilotStateResult.failureTolerance())); + * } + * } + * ``` + * + */ + public static CompletableFuture getRaftAutopilotStatePlain(GetRaftAutopilotStatePlainArgs args) { + return getRaftAutopilotStatePlain(args, InvokeOptions.Empty); + } + /** + * Displays the state of the raft cluster under integrated storage as seen by + * autopilot. It shows whether autopilot thinks the cluster is healthy or not, and + * how many nodes could fail before the cluster becomes unhealthy ("Failure + * Tolerance"). For more information, please refer to the + * [Vault documentation](https://developer.hashicorp.com/vault/api-docs/system/storage/raftautopilot#get-cluster-state). + * + * ## Example Usage + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.vault.VaultFunctions; + * import com.pulumi.vault.inputs.GetRaftAutopilotStateArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * final var main = VaultFunctions.getRaftAutopilotState(); + * + * ctx.export("failure-tolerance", main.applyValue(getRaftAutopilotStateResult -> getRaftAutopilotStateResult.failureTolerance())); + * } + * } + * ``` + * + */ + public static Output getRaftAutopilotState(GetRaftAutopilotStateArgs args, InvokeOptions options) { + return Deployment.getInstance().invoke("vault:index/getRaftAutopilotState:getRaftAutopilotState", TypeShape.of(GetRaftAutopilotStateResult.class), args, Utilities.withVersion(options)); + } + /** + * Displays the state of the raft cluster under integrated storage as seen by + * autopilot. It shows whether autopilot thinks the cluster is healthy or not, and + * how many nodes could fail before the cluster becomes unhealthy ("Failure + * Tolerance"). For more information, please refer to the + * [Vault documentation](https://developer.hashicorp.com/vault/api-docs/system/storage/raftautopilot#get-cluster-state). + * + * ## Example Usage + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.vault.VaultFunctions; + * import com.pulumi.vault.inputs.GetRaftAutopilotStateArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * final var main = VaultFunctions.getRaftAutopilotState(); + * + * ctx.export("failure-tolerance", main.applyValue(getRaftAutopilotStateResult -> getRaftAutopilotStateResult.failureTolerance())); + * } + * } + * ``` + * + */ + public static CompletableFuture getRaftAutopilotStatePlain(GetRaftAutopilotStatePlainArgs args, InvokeOptions options) { + return Deployment.getInstance().invokeAsync("vault:index/getRaftAutopilotState:getRaftAutopilotState", TypeShape.of(GetRaftAutopilotStateResult.class), args, Utilities.withVersion(options)); + } } diff --git a/sdk/java/src/main/java/com/pulumi/vault/alicloud/AuthBackendRole.java b/sdk/java/src/main/java/com/pulumi/vault/alicloud/AuthBackendRole.java index 11fc34e80..6d3faf94a 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/alicloud/AuthBackendRole.java +++ b/sdk/java/src/main/java/com/pulumi/vault/alicloud/AuthBackendRole.java @@ -88,6 +88,8 @@ public Output arn() { * Path to the mounted AliCloud auth backend. * Defaults to `alicloud` * + * For more details on the usage of each argument consult the [Vault AliCloud API documentation](https://www.vaultproject.io/api-docs/auth/alicloud). + * */ @Export(name="backend", refs={String.class}, tree="[0]") private Output backend; @@ -96,6 +98,8 @@ public Output arn() { * @return Path to the mounted AliCloud auth backend. * Defaults to `alicloud` * + * For more details on the usage of each argument consult the [Vault AliCloud API documentation](https://www.vaultproject.io/api-docs/auth/alicloud). + * */ public Output> backend() { return Codegen.optional(this.backend); diff --git a/sdk/java/src/main/java/com/pulumi/vault/alicloud/AuthBackendRoleArgs.java b/sdk/java/src/main/java/com/pulumi/vault/alicloud/AuthBackendRoleArgs.java index 5004b7bd6..5a98a8083 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/alicloud/AuthBackendRoleArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/alicloud/AuthBackendRoleArgs.java @@ -37,6 +37,8 @@ public Output arn() { * Path to the mounted AliCloud auth backend. * Defaults to `alicloud` * + * For more details on the usage of each argument consult the [Vault AliCloud API documentation](https://www.vaultproject.io/api-docs/auth/alicloud). + * */ @Import(name="backend") private @Nullable Output backend; @@ -45,6 +47,8 @@ public Output arn() { * @return Path to the mounted AliCloud auth backend. * Defaults to `alicloud` * + * For more details on the usage of each argument consult the [Vault AliCloud API documentation](https://www.vaultproject.io/api-docs/auth/alicloud). + * */ public Optional> backend() { return Optional.ofNullable(this.backend); @@ -318,6 +322,8 @@ public Builder arn(String arn) { * @param backend Path to the mounted AliCloud auth backend. * Defaults to `alicloud` * + * For more details on the usage of each argument consult the [Vault AliCloud API documentation](https://www.vaultproject.io/api-docs/auth/alicloud). + * * @return builder * */ @@ -330,6 +336,8 @@ public Builder backend(@Nullable Output backend) { * @param backend Path to the mounted AliCloud auth backend. * Defaults to `alicloud` * + * For more details on the usage of each argument consult the [Vault AliCloud API documentation](https://www.vaultproject.io/api-docs/auth/alicloud). + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/alicloud/inputs/AuthBackendRoleState.java b/sdk/java/src/main/java/com/pulumi/vault/alicloud/inputs/AuthBackendRoleState.java index 02cb3cbd3..d30bbbb1f 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/alicloud/inputs/AuthBackendRoleState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/alicloud/inputs/AuthBackendRoleState.java @@ -37,6 +37,8 @@ public Optional> arn() { * Path to the mounted AliCloud auth backend. * Defaults to `alicloud` * + * For more details on the usage of each argument consult the [Vault AliCloud API documentation](https://www.vaultproject.io/api-docs/auth/alicloud). + * */ @Import(name="backend") private @Nullable Output backend; @@ -45,6 +47,8 @@ public Optional> arn() { * @return Path to the mounted AliCloud auth backend. * Defaults to `alicloud` * + * For more details on the usage of each argument consult the [Vault AliCloud API documentation](https://www.vaultproject.io/api-docs/auth/alicloud). + * */ public Optional> backend() { return Optional.ofNullable(this.backend); @@ -318,6 +322,8 @@ public Builder arn(String arn) { * @param backend Path to the mounted AliCloud auth backend. * Defaults to `alicloud` * + * For more details on the usage of each argument consult the [Vault AliCloud API documentation](https://www.vaultproject.io/api-docs/auth/alicloud). + * * @return builder * */ @@ -330,6 +336,8 @@ public Builder backend(@Nullable Output backend) { * @param backend Path to the mounted AliCloud auth backend. * Defaults to `alicloud` * + * For more details on the usage of each argument consult the [Vault AliCloud API documentation](https://www.vaultproject.io/api-docs/auth/alicloud). + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/aws/AwsFunctions.java b/sdk/java/src/main/java/com/pulumi/vault/aws/AwsFunctions.java index 4d9a398f9..2abb03b34 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/aws/AwsFunctions.java +++ b/sdk/java/src/main/java/com/pulumi/vault/aws/AwsFunctions.java @@ -10,7 +10,10 @@ import com.pulumi.vault.Utilities; import com.pulumi.vault.aws.inputs.GetAccessCredentialsArgs; import com.pulumi.vault.aws.inputs.GetAccessCredentialsPlainArgs; +import com.pulumi.vault.aws.inputs.GetStaticAccessCredentialsArgs; +import com.pulumi.vault.aws.inputs.GetStaticAccessCredentialsPlainArgs; import com.pulumi.vault.aws.outputs.GetAccessCredentialsResult; +import com.pulumi.vault.aws.outputs.GetStaticAccessCredentialsResult; import java.util.concurrent.CompletableFuture; public final class AwsFunctions { @@ -28,7 +31,7 @@ public final class AwsFunctions { * import com.pulumi.vault.aws.SecretBackendRole; * import com.pulumi.vault.aws.SecretBackendRoleArgs; * import com.pulumi.vault.aws.AwsFunctions; - * import com.pulumi.vault.ad.inputs.GetAccessCredentialsArgs; + * import com.pulumi.vault.aws.inputs.GetAccessCredentialsArgs; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -90,7 +93,7 @@ public static Output getAccessCredentials(GetAccessC * import com.pulumi.vault.aws.SecretBackendRole; * import com.pulumi.vault.aws.SecretBackendRoleArgs; * import com.pulumi.vault.aws.AwsFunctions; - * import com.pulumi.vault.ad.inputs.GetAccessCredentialsArgs; + * import com.pulumi.vault.aws.inputs.GetAccessCredentialsArgs; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -152,7 +155,7 @@ public static CompletableFuture getAccessCredentials * import com.pulumi.vault.aws.SecretBackendRole; * import com.pulumi.vault.aws.SecretBackendRoleArgs; * import com.pulumi.vault.aws.AwsFunctions; - * import com.pulumi.vault.ad.inputs.GetAccessCredentialsArgs; + * import com.pulumi.vault.aws.inputs.GetAccessCredentialsArgs; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -214,7 +217,7 @@ public static Output getAccessCredentials(GetAccessC * import com.pulumi.vault.aws.SecretBackendRole; * import com.pulumi.vault.aws.SecretBackendRoleArgs; * import com.pulumi.vault.aws.AwsFunctions; - * import com.pulumi.vault.ad.inputs.GetAccessCredentialsArgs; + * import com.pulumi.vault.aws.inputs.GetAccessCredentialsArgs; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -262,4 +265,16 @@ public static Output getAccessCredentials(GetAccessC public static CompletableFuture getAccessCredentialsPlain(GetAccessCredentialsPlainArgs args, InvokeOptions options) { return Deployment.getInstance().invokeAsync("vault:aws/getAccessCredentials:getAccessCredentials", TypeShape.of(GetAccessCredentialsResult.class), args, Utilities.withVersion(options)); } + public static Output getStaticAccessCredentials(GetStaticAccessCredentialsArgs args) { + return getStaticAccessCredentials(args, InvokeOptions.Empty); + } + public static CompletableFuture getStaticAccessCredentialsPlain(GetStaticAccessCredentialsPlainArgs args) { + return getStaticAccessCredentialsPlain(args, InvokeOptions.Empty); + } + public static Output getStaticAccessCredentials(GetStaticAccessCredentialsArgs args, InvokeOptions options) { + return Deployment.getInstance().invoke("vault:aws/getStaticAccessCredentials:getStaticAccessCredentials", TypeShape.of(GetStaticAccessCredentialsResult.class), args, Utilities.withVersion(options)); + } + public static CompletableFuture getStaticAccessCredentialsPlain(GetStaticAccessCredentialsPlainArgs args, InvokeOptions options) { + return Deployment.getInstance().invokeAsync("vault:aws/getStaticAccessCredentials:getStaticAccessCredentials", TypeShape.of(GetStaticAccessCredentialsResult.class), args, Utilities.withVersion(options)); + } } diff --git a/sdk/java/src/main/java/com/pulumi/vault/aws/SecretBackend.java b/sdk/java/src/main/java/com/pulumi/vault/aws/SecretBackend.java index f8a764ca2..9585d6ec7 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/aws/SecretBackend.java +++ b/sdk/java/src/main/java/com/pulumi/vault/aws/SecretBackend.java @@ -172,30 +172,28 @@ public Output> path() { return Codegen.optional(this.path); } /** - * The AWS region for API calls. Defaults to `us-east-1`. + * The AWS region to make API calls against. Defaults to us-east-1. * */ @Export(name="region", refs={String.class}, tree="[0]") private Output region; /** - * @return The AWS region for API calls. Defaults to `us-east-1`. + * @return The AWS region to make API calls against. Defaults to us-east-1. * */ public Output region() { return this.region; } /** - * The AWS Secret Key this backend should use to - * issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials. + * The AWS Secret Access Key to use when generating new credentials. * */ @Export(name="secretKey", refs={String.class}, tree="[0]") private Output secretKey; /** - * @return The AWS Secret Key this backend should use to - * issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials. + * @return The AWS Secret Access Key to use when generating new credentials. * */ public Output> secretKey() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/aws/SecretBackendArgs.java b/sdk/java/src/main/java/com/pulumi/vault/aws/SecretBackendArgs.java index bdf8140ab..514aed9fe 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/aws/SecretBackendArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/aws/SecretBackendArgs.java @@ -169,14 +169,14 @@ public Optional> path() { } /** - * The AWS region for API calls. Defaults to `us-east-1`. + * The AWS region to make API calls against. Defaults to us-east-1. * */ @Import(name="region") private @Nullable Output region; /** - * @return The AWS region for API calls. Defaults to `us-east-1`. + * @return The AWS region to make API calls against. Defaults to us-east-1. * */ public Optional> region() { @@ -184,16 +184,14 @@ public Optional> region() { } /** - * The AWS Secret Key this backend should use to - * issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials. + * The AWS Secret Access Key to use when generating new credentials. * */ @Import(name="secretKey") private @Nullable Output secretKey; /** - * @return The AWS Secret Key this backend should use to - * issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials. + * @return The AWS Secret Access Key to use when generating new credentials. * */ public Optional> secretKey() { @@ -472,7 +470,7 @@ public Builder path(String path) { } /** - * @param region The AWS region for API calls. Defaults to `us-east-1`. + * @param region The AWS region to make API calls against. Defaults to us-east-1. * * @return builder * @@ -483,7 +481,7 @@ public Builder region(@Nullable Output region) { } /** - * @param region The AWS region for API calls. Defaults to `us-east-1`. + * @param region The AWS region to make API calls against. Defaults to us-east-1. * * @return builder * @@ -493,8 +491,7 @@ public Builder region(String region) { } /** - * @param secretKey The AWS Secret Key this backend should use to - * issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials. + * @param secretKey The AWS Secret Access Key to use when generating new credentials. * * @return builder * @@ -505,8 +502,7 @@ public Builder secretKey(@Nullable Output secretKey) { } /** - * @param secretKey The AWS Secret Key this backend should use to - * issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials. + * @param secretKey The AWS Secret Access Key to use when generating new credentials. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/aws/inputs/GetStaticAccessCredentialsArgs.java b/sdk/java/src/main/java/com/pulumi/vault/aws/inputs/GetStaticAccessCredentialsArgs.java new file mode 100644 index 000000000..ad0e986bb --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/vault/aws/inputs/GetStaticAccessCredentialsArgs.java @@ -0,0 +1,99 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.vault.aws.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class GetStaticAccessCredentialsArgs extends com.pulumi.resources.InvokeArgs { + + public static final GetStaticAccessCredentialsArgs Empty = new GetStaticAccessCredentialsArgs(); + + @Import(name="backend", required=true) + private Output backend; + + public Output backend() { + return this.backend; + } + + @Import(name="name", required=true) + private Output name; + + public Output name() { + return this.name; + } + + @Import(name="namespace") + private @Nullable Output namespace; + + public Optional> namespace() { + return Optional.ofNullable(this.namespace); + } + + private GetStaticAccessCredentialsArgs() {} + + private GetStaticAccessCredentialsArgs(GetStaticAccessCredentialsArgs $) { + this.backend = $.backend; + this.name = $.name; + this.namespace = $.namespace; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(GetStaticAccessCredentialsArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private GetStaticAccessCredentialsArgs $; + + public Builder() { + $ = new GetStaticAccessCredentialsArgs(); + } + + public Builder(GetStaticAccessCredentialsArgs defaults) { + $ = new GetStaticAccessCredentialsArgs(Objects.requireNonNull(defaults)); + } + + public Builder backend(Output backend) { + $.backend = backend; + return this; + } + + public Builder backend(String backend) { + return backend(Output.of(backend)); + } + + public Builder name(Output name) { + $.name = name; + return this; + } + + public Builder name(String name) { + return name(Output.of(name)); + } + + public Builder namespace(@Nullable Output namespace) { + $.namespace = namespace; + return this; + } + + public Builder namespace(String namespace) { + return namespace(Output.of(namespace)); + } + + public GetStaticAccessCredentialsArgs build() { + $.backend = Objects.requireNonNull($.backend, "expected parameter 'backend' to be non-null"); + $.name = Objects.requireNonNull($.name, "expected parameter 'name' to be non-null"); + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/vault/aws/inputs/GetStaticAccessCredentialsPlainArgs.java b/sdk/java/src/main/java/com/pulumi/vault/aws/inputs/GetStaticAccessCredentialsPlainArgs.java new file mode 100644 index 000000000..268fa89cb --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/vault/aws/inputs/GetStaticAccessCredentialsPlainArgs.java @@ -0,0 +1,86 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.vault.aws.inputs; + +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class GetStaticAccessCredentialsPlainArgs extends com.pulumi.resources.InvokeArgs { + + public static final GetStaticAccessCredentialsPlainArgs Empty = new GetStaticAccessCredentialsPlainArgs(); + + @Import(name="backend", required=true) + private String backend; + + public String backend() { + return this.backend; + } + + @Import(name="name", required=true) + private String name; + + public String name() { + return this.name; + } + + @Import(name="namespace") + private @Nullable String namespace; + + public Optional namespace() { + return Optional.ofNullable(this.namespace); + } + + private GetStaticAccessCredentialsPlainArgs() {} + + private GetStaticAccessCredentialsPlainArgs(GetStaticAccessCredentialsPlainArgs $) { + this.backend = $.backend; + this.name = $.name; + this.namespace = $.namespace; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(GetStaticAccessCredentialsPlainArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private GetStaticAccessCredentialsPlainArgs $; + + public Builder() { + $ = new GetStaticAccessCredentialsPlainArgs(); + } + + public Builder(GetStaticAccessCredentialsPlainArgs defaults) { + $ = new GetStaticAccessCredentialsPlainArgs(Objects.requireNonNull(defaults)); + } + + public Builder backend(String backend) { + $.backend = backend; + return this; + } + + public Builder name(String name) { + $.name = name; + return this; + } + + public Builder namespace(@Nullable String namespace) { + $.namespace = namespace; + return this; + } + + public GetStaticAccessCredentialsPlainArgs build() { + $.backend = Objects.requireNonNull($.backend, "expected parameter 'backend' to be non-null"); + $.name = Objects.requireNonNull($.name, "expected parameter 'name' to be non-null"); + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/vault/aws/inputs/SecretBackendState.java b/sdk/java/src/main/java/com/pulumi/vault/aws/inputs/SecretBackendState.java index bb42bd516..6f17e1984 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/aws/inputs/SecretBackendState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/aws/inputs/SecretBackendState.java @@ -169,14 +169,14 @@ public Optional> path() { } /** - * The AWS region for API calls. Defaults to `us-east-1`. + * The AWS region to make API calls against. Defaults to us-east-1. * */ @Import(name="region") private @Nullable Output region; /** - * @return The AWS region for API calls. Defaults to `us-east-1`. + * @return The AWS region to make API calls against. Defaults to us-east-1. * */ public Optional> region() { @@ -184,16 +184,14 @@ public Optional> region() { } /** - * The AWS Secret Key this backend should use to - * issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials. + * The AWS Secret Access Key to use when generating new credentials. * */ @Import(name="secretKey") private @Nullable Output secretKey; /** - * @return The AWS Secret Key this backend should use to - * issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials. + * @return The AWS Secret Access Key to use when generating new credentials. * */ public Optional> secretKey() { @@ -472,7 +470,7 @@ public Builder path(String path) { } /** - * @param region The AWS region for API calls. Defaults to `us-east-1`. + * @param region The AWS region to make API calls against. Defaults to us-east-1. * * @return builder * @@ -483,7 +481,7 @@ public Builder region(@Nullable Output region) { } /** - * @param region The AWS region for API calls. Defaults to `us-east-1`. + * @param region The AWS region to make API calls against. Defaults to us-east-1. * * @return builder * @@ -493,8 +491,7 @@ public Builder region(String region) { } /** - * @param secretKey The AWS Secret Key this backend should use to - * issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials. + * @param secretKey The AWS Secret Access Key to use when generating new credentials. * * @return builder * @@ -505,8 +502,7 @@ public Builder secretKey(@Nullable Output secretKey) { } /** - * @param secretKey The AWS Secret Key this backend should use to - * issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials. + * @param secretKey The AWS Secret Access Key to use when generating new credentials. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/aws/outputs/GetStaticAccessCredentialsResult.java b/sdk/java/src/main/java/com/pulumi/vault/aws/outputs/GetStaticAccessCredentialsResult.java new file mode 100644 index 000000000..223019460 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/vault/aws/outputs/GetStaticAccessCredentialsResult.java @@ -0,0 +1,116 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.vault.aws.outputs; + +import com.pulumi.core.annotations.CustomType; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class GetStaticAccessCredentialsResult { + private String accessKey; + private String backend; + /** + * @return The provider-assigned unique ID for this managed resource. + * + */ + private String id; + private String name; + private @Nullable String namespace; + private String secretKey; + + private GetStaticAccessCredentialsResult() {} + public String accessKey() { + return this.accessKey; + } + public String backend() { + return this.backend; + } + /** + * @return The provider-assigned unique ID for this managed resource. + * + */ + public String id() { + return this.id; + } + public String name() { + return this.name; + } + public Optional namespace() { + return Optional.ofNullable(this.namespace); + } + public String secretKey() { + return this.secretKey; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetStaticAccessCredentialsResult defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String accessKey; + private String backend; + private String id; + private String name; + private @Nullable String namespace; + private String secretKey; + public Builder() {} + public Builder(GetStaticAccessCredentialsResult defaults) { + Objects.requireNonNull(defaults); + this.accessKey = defaults.accessKey; + this.backend = defaults.backend; + this.id = defaults.id; + this.name = defaults.name; + this.namespace = defaults.namespace; + this.secretKey = defaults.secretKey; + } + + @CustomType.Setter + public Builder accessKey(String accessKey) { + this.accessKey = Objects.requireNonNull(accessKey); + return this; + } + @CustomType.Setter + public Builder backend(String backend) { + this.backend = Objects.requireNonNull(backend); + return this; + } + @CustomType.Setter + public Builder id(String id) { + this.id = Objects.requireNonNull(id); + return this; + } + @CustomType.Setter + public Builder name(String name) { + this.name = Objects.requireNonNull(name); + return this; + } + @CustomType.Setter + public Builder namespace(@Nullable String namespace) { + this.namespace = namespace; + return this; + } + @CustomType.Setter + public Builder secretKey(String secretKey) { + this.secretKey = Objects.requireNonNull(secretKey); + return this; + } + public GetStaticAccessCredentialsResult build() { + final var o = new GetStaticAccessCredentialsResult(); + o.accessKey = accessKey; + o.backend = backend; + o.id = id; + o.name = name; + o.namespace = namespace; + o.secretKey = secretKey; + return o; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/vault/azure/AzureFunctions.java b/sdk/java/src/main/java/com/pulumi/vault/azure/AzureFunctions.java index 66d661aab..721192c55 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/azure/AzureFunctions.java +++ b/sdk/java/src/main/java/com/pulumi/vault/azure/AzureFunctions.java @@ -23,7 +23,7 @@ public final class AzureFunctions { * import com.pulumi.Pulumi; * import com.pulumi.core.Output; * import com.pulumi.vault.azure.AzureFunctions; - * import com.pulumi.vault.ad.inputs.GetAccessCredentialsArgs; + * import com.pulumi.vault.azure.inputs.GetAccessCredentialsArgs; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -67,7 +67,7 @@ public static Output getAccessCredentials(GetAccessC * import com.pulumi.Pulumi; * import com.pulumi.core.Output; * import com.pulumi.vault.azure.AzureFunctions; - * import com.pulumi.vault.ad.inputs.GetAccessCredentialsArgs; + * import com.pulumi.vault.azure.inputs.GetAccessCredentialsArgs; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -111,7 +111,7 @@ public static CompletableFuture getAccessCredentials * import com.pulumi.Pulumi; * import com.pulumi.core.Output; * import com.pulumi.vault.azure.AzureFunctions; - * import com.pulumi.vault.ad.inputs.GetAccessCredentialsArgs; + * import com.pulumi.vault.azure.inputs.GetAccessCredentialsArgs; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -155,7 +155,7 @@ public static Output getAccessCredentials(GetAccessC * import com.pulumi.Pulumi; * import com.pulumi.core.Output; * import com.pulumi.vault.azure.AzureFunctions; - * import com.pulumi.vault.ad.inputs.GetAccessCredentialsArgs; + * import com.pulumi.vault.azure.inputs.GetAccessCredentialsArgs; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; diff --git a/sdk/java/src/main/java/com/pulumi/vault/azure/Backend.java b/sdk/java/src/main/java/com/pulumi/vault/azure/Backend.java index 19716f2f1..c25687389 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/azure/Backend.java +++ b/sdk/java/src/main/java/com/pulumi/vault/azure/Backend.java @@ -91,28 +91,28 @@ @ResourceType(type="vault:azure/backend:Backend") public class Backend extends com.pulumi.resources.CustomResource { /** - * - The OAuth2 client id to connect to Azure. + * The OAuth2 client id to connect to Azure. * */ @Export(name="clientId", refs={String.class}, tree="[0]") private Output clientId; /** - * @return - The OAuth2 client id to connect to Azure. + * @return The OAuth2 client id to connect to Azure. * */ public Output> clientId() { return Codegen.optional(this.clientId); } /** - * - The OAuth2 client secret to connect to Azure. + * The OAuth2 client secret to connect to Azure. * */ @Export(name="clientSecret", refs={String.class}, tree="[0]") private Output clientSecret; /** - * @return - The OAuth2 client secret to connect to Azure. + * @return The OAuth2 client secret to connect to Azure. * */ public Output> clientSecret() { @@ -149,14 +149,14 @@ public Output> disableRemount() { return Codegen.optional(this.disableRemount); } /** - * - The Azure environment. + * The Azure environment. * */ @Export(name="environment", refs={String.class}, tree="[0]") private Output environment; /** - * @return - The Azure environment. + * @return The Azure environment. * */ public Output> environment() { @@ -183,58 +183,58 @@ public Output> namespace() { return Codegen.optional(this.namespace); } /** - * - The unique path this backend should be mounted at. Defaults to `azure`. + * The unique path this backend should be mounted at. Defaults to `azure`. * */ @Export(name="path", refs={String.class}, tree="[0]") private Output path; /** - * @return - The unique path this backend should be mounted at. Defaults to `azure`. + * @return The unique path this backend should be mounted at. Defaults to `azure`. * */ public Output> path() { return Codegen.optional(this.path); } /** - * - The subscription id for the Azure Active Directory. + * The subscription id for the Azure Active Directory. * */ @Export(name="subscriptionId", refs={String.class}, tree="[0]") private Output subscriptionId; /** - * @return - The subscription id for the Azure Active Directory. + * @return The subscription id for the Azure Active Directory. * */ public Output subscriptionId() { return this.subscriptionId; } /** - * - The tenant id for the Azure Active Directory. + * The tenant id for the Azure Active Directory. * */ @Export(name="tenantId", refs={String.class}, tree="[0]") private Output tenantId; /** - * @return - The tenant id for the Azure Active Directory. + * @return The tenant id for the Azure Active Directory. * */ public Output tenantId() { return this.tenantId; } /** - * - Indicates whether the secrets engine should use - * the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. - * For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) + * Indicates whether the secrets engine should use + * the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. + * For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) * */ @Export(name="useMicrosoftGraphApi", refs={Boolean.class}, tree="[0]") private Output useMicrosoftGraphApi; /** - * @return - Indicates whether the secrets engine should use + * @return Indicates whether the secrets engine should use * the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. * For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) * diff --git a/sdk/java/src/main/java/com/pulumi/vault/azure/BackendArgs.java b/sdk/java/src/main/java/com/pulumi/vault/azure/BackendArgs.java index 2215725c7..31e90dbbc 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/azure/BackendArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/azure/BackendArgs.java @@ -17,14 +17,14 @@ public final class BackendArgs extends com.pulumi.resources.ResourceArgs { public static final BackendArgs Empty = new BackendArgs(); /** - * - The OAuth2 client id to connect to Azure. + * The OAuth2 client id to connect to Azure. * */ @Import(name="clientId") private @Nullable Output clientId; /** - * @return - The OAuth2 client id to connect to Azure. + * @return The OAuth2 client id to connect to Azure. * */ public Optional> clientId() { @@ -32,14 +32,14 @@ public Optional> clientId() { } /** - * - The OAuth2 client secret to connect to Azure. + * The OAuth2 client secret to connect to Azure. * */ @Import(name="clientSecret") private @Nullable Output clientSecret; /** - * @return - The OAuth2 client secret to connect to Azure. + * @return The OAuth2 client secret to connect to Azure. * */ public Optional> clientSecret() { @@ -79,14 +79,14 @@ public Optional> disableRemount() { } /** - * - The Azure environment. + * The Azure environment. * */ @Import(name="environment") private @Nullable Output environment; /** - * @return - The Azure environment. + * @return The Azure environment. * */ public Optional> environment() { @@ -115,14 +115,14 @@ public Optional> namespace() { } /** - * - The unique path this backend should be mounted at. Defaults to `azure`. + * The unique path this backend should be mounted at. Defaults to `azure`. * */ @Import(name="path") private @Nullable Output path; /** - * @return - The unique path this backend should be mounted at. Defaults to `azure`. + * @return The unique path this backend should be mounted at. Defaults to `azure`. * */ public Optional> path() { @@ -130,14 +130,14 @@ public Optional> path() { } /** - * - The subscription id for the Azure Active Directory. + * The subscription id for the Azure Active Directory. * */ @Import(name="subscriptionId", required=true) private Output subscriptionId; /** - * @return - The subscription id for the Azure Active Directory. + * @return The subscription id for the Azure Active Directory. * */ public Output subscriptionId() { @@ -145,14 +145,14 @@ public Output subscriptionId() { } /** - * - The tenant id for the Azure Active Directory. + * The tenant id for the Azure Active Directory. * */ @Import(name="tenantId", required=true) private Output tenantId; /** - * @return - The tenant id for the Azure Active Directory. + * @return The tenant id for the Azure Active Directory. * */ public Output tenantId() { @@ -160,16 +160,16 @@ public Output tenantId() { } /** - * - Indicates whether the secrets engine should use - * the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. - * For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) + * Indicates whether the secrets engine should use + * the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. + * For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) * */ @Import(name="useMicrosoftGraphApi") private @Nullable Output useMicrosoftGraphApi; /** - * @return - Indicates whether the secrets engine should use + * @return Indicates whether the secrets engine should use * the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. * For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) * @@ -212,7 +212,7 @@ public Builder(BackendArgs defaults) { } /** - * @param clientId - The OAuth2 client id to connect to Azure. + * @param clientId The OAuth2 client id to connect to Azure. * * @return builder * @@ -223,7 +223,7 @@ public Builder clientId(@Nullable Output clientId) { } /** - * @param clientId - The OAuth2 client id to connect to Azure. + * @param clientId The OAuth2 client id to connect to Azure. * * @return builder * @@ -233,7 +233,7 @@ public Builder clientId(String clientId) { } /** - * @param clientSecret - The OAuth2 client secret to connect to Azure. + * @param clientSecret The OAuth2 client secret to connect to Azure. * * @return builder * @@ -244,7 +244,7 @@ public Builder clientSecret(@Nullable Output clientSecret) { } /** - * @param clientSecret - The OAuth2 client secret to connect to Azure. + * @param clientSecret The OAuth2 client secret to connect to Azure. * * @return builder * @@ -298,7 +298,7 @@ public Builder disableRemount(Boolean disableRemount) { } /** - * @param environment - The Azure environment. + * @param environment The Azure environment. * * @return builder * @@ -309,7 +309,7 @@ public Builder environment(@Nullable Output environment) { } /** - * @param environment - The Azure environment. + * @param environment The Azure environment. * * @return builder * @@ -346,7 +346,7 @@ public Builder namespace(String namespace) { } /** - * @param path - The unique path this backend should be mounted at. Defaults to `azure`. + * @param path The unique path this backend should be mounted at. Defaults to `azure`. * * @return builder * @@ -357,7 +357,7 @@ public Builder path(@Nullable Output path) { } /** - * @param path - The unique path this backend should be mounted at. Defaults to `azure`. + * @param path The unique path this backend should be mounted at. Defaults to `azure`. * * @return builder * @@ -367,7 +367,7 @@ public Builder path(String path) { } /** - * @param subscriptionId - The subscription id for the Azure Active Directory. + * @param subscriptionId The subscription id for the Azure Active Directory. * * @return builder * @@ -378,7 +378,7 @@ public Builder subscriptionId(Output subscriptionId) { } /** - * @param subscriptionId - The subscription id for the Azure Active Directory. + * @param subscriptionId The subscription id for the Azure Active Directory. * * @return builder * @@ -388,7 +388,7 @@ public Builder subscriptionId(String subscriptionId) { } /** - * @param tenantId - The tenant id for the Azure Active Directory. + * @param tenantId The tenant id for the Azure Active Directory. * * @return builder * @@ -399,7 +399,7 @@ public Builder tenantId(Output tenantId) { } /** - * @param tenantId - The tenant id for the Azure Active Directory. + * @param tenantId The tenant id for the Azure Active Directory. * * @return builder * @@ -409,7 +409,7 @@ public Builder tenantId(String tenantId) { } /** - * @param useMicrosoftGraphApi - Indicates whether the secrets engine should use + * @param useMicrosoftGraphApi Indicates whether the secrets engine should use * the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. * For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) * @@ -422,7 +422,7 @@ public Builder useMicrosoftGraphApi(@Nullable Output useMicrosoftGraphA } /** - * @param useMicrosoftGraphApi - Indicates whether the secrets engine should use + * @param useMicrosoftGraphApi Indicates whether the secrets engine should use * the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. * For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) * diff --git a/sdk/java/src/main/java/com/pulumi/vault/azure/inputs/BackendState.java b/sdk/java/src/main/java/com/pulumi/vault/azure/inputs/BackendState.java index a19aecac0..67e8ed8b8 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/azure/inputs/BackendState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/azure/inputs/BackendState.java @@ -17,14 +17,14 @@ public final class BackendState extends com.pulumi.resources.ResourceArgs { public static final BackendState Empty = new BackendState(); /** - * - The OAuth2 client id to connect to Azure. + * The OAuth2 client id to connect to Azure. * */ @Import(name="clientId") private @Nullable Output clientId; /** - * @return - The OAuth2 client id to connect to Azure. + * @return The OAuth2 client id to connect to Azure. * */ public Optional> clientId() { @@ -32,14 +32,14 @@ public Optional> clientId() { } /** - * - The OAuth2 client secret to connect to Azure. + * The OAuth2 client secret to connect to Azure. * */ @Import(name="clientSecret") private @Nullable Output clientSecret; /** - * @return - The OAuth2 client secret to connect to Azure. + * @return The OAuth2 client secret to connect to Azure. * */ public Optional> clientSecret() { @@ -79,14 +79,14 @@ public Optional> disableRemount() { } /** - * - The Azure environment. + * The Azure environment. * */ @Import(name="environment") private @Nullable Output environment; /** - * @return - The Azure environment. + * @return The Azure environment. * */ public Optional> environment() { @@ -115,14 +115,14 @@ public Optional> namespace() { } /** - * - The unique path this backend should be mounted at. Defaults to `azure`. + * The unique path this backend should be mounted at. Defaults to `azure`. * */ @Import(name="path") private @Nullable Output path; /** - * @return - The unique path this backend should be mounted at. Defaults to `azure`. + * @return The unique path this backend should be mounted at. Defaults to `azure`. * */ public Optional> path() { @@ -130,14 +130,14 @@ public Optional> path() { } /** - * - The subscription id for the Azure Active Directory. + * The subscription id for the Azure Active Directory. * */ @Import(name="subscriptionId") private @Nullable Output subscriptionId; /** - * @return - The subscription id for the Azure Active Directory. + * @return The subscription id for the Azure Active Directory. * */ public Optional> subscriptionId() { @@ -145,14 +145,14 @@ public Optional> subscriptionId() { } /** - * - The tenant id for the Azure Active Directory. + * The tenant id for the Azure Active Directory. * */ @Import(name="tenantId") private @Nullable Output tenantId; /** - * @return - The tenant id for the Azure Active Directory. + * @return The tenant id for the Azure Active Directory. * */ public Optional> tenantId() { @@ -160,16 +160,16 @@ public Optional> tenantId() { } /** - * - Indicates whether the secrets engine should use - * the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. - * For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) + * Indicates whether the secrets engine should use + * the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. + * For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) * */ @Import(name="useMicrosoftGraphApi") private @Nullable Output useMicrosoftGraphApi; /** - * @return - Indicates whether the secrets engine should use + * @return Indicates whether the secrets engine should use * the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. * For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) * @@ -212,7 +212,7 @@ public Builder(BackendState defaults) { } /** - * @param clientId - The OAuth2 client id to connect to Azure. + * @param clientId The OAuth2 client id to connect to Azure. * * @return builder * @@ -223,7 +223,7 @@ public Builder clientId(@Nullable Output clientId) { } /** - * @param clientId - The OAuth2 client id to connect to Azure. + * @param clientId The OAuth2 client id to connect to Azure. * * @return builder * @@ -233,7 +233,7 @@ public Builder clientId(String clientId) { } /** - * @param clientSecret - The OAuth2 client secret to connect to Azure. + * @param clientSecret The OAuth2 client secret to connect to Azure. * * @return builder * @@ -244,7 +244,7 @@ public Builder clientSecret(@Nullable Output clientSecret) { } /** - * @param clientSecret - The OAuth2 client secret to connect to Azure. + * @param clientSecret The OAuth2 client secret to connect to Azure. * * @return builder * @@ -298,7 +298,7 @@ public Builder disableRemount(Boolean disableRemount) { } /** - * @param environment - The Azure environment. + * @param environment The Azure environment. * * @return builder * @@ -309,7 +309,7 @@ public Builder environment(@Nullable Output environment) { } /** - * @param environment - The Azure environment. + * @param environment The Azure environment. * * @return builder * @@ -346,7 +346,7 @@ public Builder namespace(String namespace) { } /** - * @param path - The unique path this backend should be mounted at. Defaults to `azure`. + * @param path The unique path this backend should be mounted at. Defaults to `azure`. * * @return builder * @@ -357,7 +357,7 @@ public Builder path(@Nullable Output path) { } /** - * @param path - The unique path this backend should be mounted at. Defaults to `azure`. + * @param path The unique path this backend should be mounted at. Defaults to `azure`. * * @return builder * @@ -367,7 +367,7 @@ public Builder path(String path) { } /** - * @param subscriptionId - The subscription id for the Azure Active Directory. + * @param subscriptionId The subscription id for the Azure Active Directory. * * @return builder * @@ -378,7 +378,7 @@ public Builder subscriptionId(@Nullable Output subscriptionId) { } /** - * @param subscriptionId - The subscription id for the Azure Active Directory. + * @param subscriptionId The subscription id for the Azure Active Directory. * * @return builder * @@ -388,7 +388,7 @@ public Builder subscriptionId(String subscriptionId) { } /** - * @param tenantId - The tenant id for the Azure Active Directory. + * @param tenantId The tenant id for the Azure Active Directory. * * @return builder * @@ -399,7 +399,7 @@ public Builder tenantId(@Nullable Output tenantId) { } /** - * @param tenantId - The tenant id for the Azure Active Directory. + * @param tenantId The tenant id for the Azure Active Directory. * * @return builder * @@ -409,7 +409,7 @@ public Builder tenantId(String tenantId) { } /** - * @param useMicrosoftGraphApi - Indicates whether the secrets engine should use + * @param useMicrosoftGraphApi Indicates whether the secrets engine should use * the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. * For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) * @@ -422,7 +422,7 @@ public Builder useMicrosoftGraphApi(@Nullable Output useMicrosoftGraphA } /** - * @param useMicrosoftGraphApi - Indicates whether the secrets engine should use + * @param useMicrosoftGraphApi Indicates whether the secrets engine should use * the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. * For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) * diff --git a/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLogin.java b/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLogin.java index cea915f87..896eeaea5 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLogin.java +++ b/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLogin.java @@ -4,6 +4,7 @@ package com.pulumi.vault.config.inputs; import com.pulumi.core.annotations.CustomType; +import java.lang.Boolean; import java.lang.String; import java.util.Map; import java.util.Objects; @@ -16,6 +17,7 @@ public final class AuthLogin { private @Nullable String namespace; private @Nullable Map parameters; private String path; + private @Nullable Boolean useRootNamespace; private AuthLogin() {} public Optional method() { @@ -30,6 +32,9 @@ public Map parameters() { public String path() { return this.path; } + public Optional useRootNamespace() { + return Optional.ofNullable(this.useRootNamespace); + } public static Builder builder() { return new Builder(); @@ -44,6 +49,7 @@ public static final class Builder { private @Nullable String namespace; private @Nullable Map parameters; private String path; + private @Nullable Boolean useRootNamespace; public Builder() {} public Builder(AuthLogin defaults) { Objects.requireNonNull(defaults); @@ -51,6 +57,7 @@ public Builder(AuthLogin defaults) { this.namespace = defaults.namespace; this.parameters = defaults.parameters; this.path = defaults.path; + this.useRootNamespace = defaults.useRootNamespace; } @CustomType.Setter @@ -73,12 +80,18 @@ public Builder path(String path) { this.path = Objects.requireNonNull(path); return this; } + @CustomType.Setter + public Builder useRootNamespace(@Nullable Boolean useRootNamespace) { + this.useRootNamespace = useRootNamespace; + return this; + } public AuthLogin build() { final var o = new AuthLogin(); o.method = method; o.namespace = namespace; o.parameters = parameters; o.path = path; + o.useRootNamespace = useRootNamespace; return o; } } diff --git a/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginAws.java b/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginAws.java index 4cbfba027..99299eb44 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginAws.java +++ b/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginAws.java @@ -4,6 +4,7 @@ package com.pulumi.vault.config.inputs; import com.pulumi.core.annotations.CustomType; +import java.lang.Boolean; import java.lang.String; import java.util.Objects; import java.util.Optional; @@ -26,6 +27,7 @@ public final class AuthLoginAws { private @Nullable String mount; private @Nullable String namespace; private String role; + private @Nullable Boolean useRootNamespace; private AuthLoginAws() {} public Optional awsAccessKeyId() { @@ -73,6 +75,9 @@ public Optional namespace() { public String role() { return this.role; } + public Optional useRootNamespace() { + return Optional.ofNullable(this.useRootNamespace); + } public static Builder builder() { return new Builder(); @@ -98,6 +103,7 @@ public static final class Builder { private @Nullable String mount; private @Nullable String namespace; private String role; + private @Nullable Boolean useRootNamespace; public Builder() {} public Builder(AuthLoginAws defaults) { Objects.requireNonNull(defaults); @@ -116,6 +122,7 @@ public Builder(AuthLoginAws defaults) { this.mount = defaults.mount; this.namespace = defaults.namespace; this.role = defaults.role; + this.useRootNamespace = defaults.useRootNamespace; } @CustomType.Setter @@ -193,6 +200,11 @@ public Builder role(String role) { this.role = Objects.requireNonNull(role); return this; } + @CustomType.Setter + public Builder useRootNamespace(@Nullable Boolean useRootNamespace) { + this.useRootNamespace = useRootNamespace; + return this; + } public AuthLoginAws build() { final var o = new AuthLoginAws(); o.awsAccessKeyId = awsAccessKeyId; @@ -210,6 +222,7 @@ public AuthLoginAws build() { o.mount = mount; o.namespace = namespace; o.role = role; + o.useRootNamespace = useRootNamespace; return o; } } diff --git a/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginAzure.java b/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginAzure.java index fb14bb5eb..ab197da36 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginAzure.java +++ b/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginAzure.java @@ -4,6 +4,7 @@ package com.pulumi.vault.config.inputs; import com.pulumi.core.annotations.CustomType; +import java.lang.Boolean; import java.lang.String; import java.util.Objects; import java.util.Optional; @@ -20,6 +21,7 @@ public final class AuthLoginAzure { private @Nullable String scope; private String subscriptionId; private @Nullable String tenantId; + private @Nullable Boolean useRootNamespace; private @Nullable String vmName; private @Nullable String vmssName; @@ -51,6 +53,9 @@ public String subscriptionId() { public Optional tenantId() { return Optional.ofNullable(this.tenantId); } + public Optional useRootNamespace() { + return Optional.ofNullable(this.useRootNamespace); + } public Optional vmName() { return Optional.ofNullable(this.vmName); } @@ -76,6 +81,7 @@ public static final class Builder { private @Nullable String scope; private String subscriptionId; private @Nullable String tenantId; + private @Nullable Boolean useRootNamespace; private @Nullable String vmName; private @Nullable String vmssName; public Builder() {} @@ -90,6 +96,7 @@ public Builder(AuthLoginAzure defaults) { this.scope = defaults.scope; this.subscriptionId = defaults.subscriptionId; this.tenantId = defaults.tenantId; + this.useRootNamespace = defaults.useRootNamespace; this.vmName = defaults.vmName; this.vmssName = defaults.vmssName; } @@ -140,6 +147,11 @@ public Builder tenantId(@Nullable String tenantId) { return this; } @CustomType.Setter + public Builder useRootNamespace(@Nullable Boolean useRootNamespace) { + this.useRootNamespace = useRootNamespace; + return this; + } + @CustomType.Setter public Builder vmName(@Nullable String vmName) { this.vmName = vmName; return this; @@ -160,6 +172,7 @@ public AuthLoginAzure build() { o.scope = scope; o.subscriptionId = subscriptionId; o.tenantId = tenantId; + o.useRootNamespace = useRootNamespace; o.vmName = vmName; o.vmssName = vmssName; return o; diff --git a/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginCert.java b/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginCert.java index b70a7aadd..f6b538c5e 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginCert.java +++ b/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginCert.java @@ -4,6 +4,7 @@ package com.pulumi.vault.config.inputs; import com.pulumi.core.annotations.CustomType; +import java.lang.Boolean; import java.lang.String; import java.util.Objects; import java.util.Optional; @@ -16,6 +17,7 @@ public final class AuthLoginCert { private @Nullable String mount; private @Nullable String name; private @Nullable String namespace; + private @Nullable Boolean useRootNamespace; private AuthLoginCert() {} public String certFile() { @@ -33,6 +35,9 @@ public Optional name() { public Optional namespace() { return Optional.ofNullable(this.namespace); } + public Optional useRootNamespace() { + return Optional.ofNullable(this.useRootNamespace); + } public static Builder builder() { return new Builder(); @@ -48,6 +53,7 @@ public static final class Builder { private @Nullable String mount; private @Nullable String name; private @Nullable String namespace; + private @Nullable Boolean useRootNamespace; public Builder() {} public Builder(AuthLoginCert defaults) { Objects.requireNonNull(defaults); @@ -56,6 +62,7 @@ public Builder(AuthLoginCert defaults) { this.mount = defaults.mount; this.name = defaults.name; this.namespace = defaults.namespace; + this.useRootNamespace = defaults.useRootNamespace; } @CustomType.Setter @@ -83,6 +90,11 @@ public Builder namespace(@Nullable String namespace) { this.namespace = namespace; return this; } + @CustomType.Setter + public Builder useRootNamespace(@Nullable Boolean useRootNamespace) { + this.useRootNamespace = useRootNamespace; + return this; + } public AuthLoginCert build() { final var o = new AuthLoginCert(); o.certFile = certFile; @@ -90,6 +102,7 @@ public AuthLoginCert build() { o.mount = mount; o.name = name; o.namespace = namespace; + o.useRootNamespace = useRootNamespace; return o; } } diff --git a/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginGcp.java b/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginGcp.java index ff775652b..c1b258c1e 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginGcp.java +++ b/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginGcp.java @@ -4,6 +4,7 @@ package com.pulumi.vault.config.inputs; import com.pulumi.core.annotations.CustomType; +import java.lang.Boolean; import java.lang.String; import java.util.Objects; import java.util.Optional; @@ -17,6 +18,7 @@ public final class AuthLoginGcp { private @Nullable String namespace; private String role; private @Nullable String serviceAccount; + private @Nullable Boolean useRootNamespace; private AuthLoginGcp() {} public Optional credentials() { @@ -37,6 +39,9 @@ public String role() { public Optional serviceAccount() { return Optional.ofNullable(this.serviceAccount); } + public Optional useRootNamespace() { + return Optional.ofNullable(this.useRootNamespace); + } public static Builder builder() { return new Builder(); @@ -53,6 +58,7 @@ public static final class Builder { private @Nullable String namespace; private String role; private @Nullable String serviceAccount; + private @Nullable Boolean useRootNamespace; public Builder() {} public Builder(AuthLoginGcp defaults) { Objects.requireNonNull(defaults); @@ -62,6 +68,7 @@ public Builder(AuthLoginGcp defaults) { this.namespace = defaults.namespace; this.role = defaults.role; this.serviceAccount = defaults.serviceAccount; + this.useRootNamespace = defaults.useRootNamespace; } @CustomType.Setter @@ -94,6 +101,11 @@ public Builder serviceAccount(@Nullable String serviceAccount) { this.serviceAccount = serviceAccount; return this; } + @CustomType.Setter + public Builder useRootNamespace(@Nullable Boolean useRootNamespace) { + this.useRootNamespace = useRootNamespace; + return this; + } public AuthLoginGcp build() { final var o = new AuthLoginGcp(); o.credentials = credentials; @@ -102,6 +114,7 @@ public AuthLoginGcp build() { o.namespace = namespace; o.role = role; o.serviceAccount = serviceAccount; + o.useRootNamespace = useRootNamespace; return o; } } diff --git a/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginJwt.java b/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginJwt.java index d42b6bee1..69eeb52aa 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginJwt.java +++ b/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginJwt.java @@ -4,6 +4,7 @@ package com.pulumi.vault.config.inputs; import com.pulumi.core.annotations.CustomType; +import java.lang.Boolean; import java.lang.String; import java.util.Objects; import java.util.Optional; @@ -15,6 +16,7 @@ public final class AuthLoginJwt { private @Nullable String mount; private @Nullable String namespace; private String role; + private @Nullable Boolean useRootNamespace; private AuthLoginJwt() {} public String jwt() { @@ -29,6 +31,9 @@ public Optional namespace() { public String role() { return this.role; } + public Optional useRootNamespace() { + return Optional.ofNullable(this.useRootNamespace); + } public static Builder builder() { return new Builder(); @@ -43,6 +48,7 @@ public static final class Builder { private @Nullable String mount; private @Nullable String namespace; private String role; + private @Nullable Boolean useRootNamespace; public Builder() {} public Builder(AuthLoginJwt defaults) { Objects.requireNonNull(defaults); @@ -50,6 +56,7 @@ public Builder(AuthLoginJwt defaults) { this.mount = defaults.mount; this.namespace = defaults.namespace; this.role = defaults.role; + this.useRootNamespace = defaults.useRootNamespace; } @CustomType.Setter @@ -72,12 +79,18 @@ public Builder role(String role) { this.role = Objects.requireNonNull(role); return this; } + @CustomType.Setter + public Builder useRootNamespace(@Nullable Boolean useRootNamespace) { + this.useRootNamespace = useRootNamespace; + return this; + } public AuthLoginJwt build() { final var o = new AuthLoginJwt(); o.jwt = jwt; o.mount = mount; o.namespace = namespace; o.role = role; + o.useRootNamespace = useRootNamespace; return o; } } diff --git a/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginKerberos.java b/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginKerberos.java index a169b84ae..c6f578ade 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginKerberos.java +++ b/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginKerberos.java @@ -21,6 +21,7 @@ public final class AuthLoginKerberos { private @Nullable Boolean removeInstanceName; private @Nullable String service; private @Nullable String token; + private @Nullable Boolean useRootNamespace; private @Nullable String username; private AuthLoginKerberos() {} @@ -51,6 +52,9 @@ public Optional service() { public Optional token() { return Optional.ofNullable(this.token); } + public Optional useRootNamespace() { + return Optional.ofNullable(this.useRootNamespace); + } public Optional username() { return Optional.ofNullable(this.username); } @@ -73,6 +77,7 @@ public static final class Builder { private @Nullable Boolean removeInstanceName; private @Nullable String service; private @Nullable String token; + private @Nullable Boolean useRootNamespace; private @Nullable String username; public Builder() {} public Builder(AuthLoginKerberos defaults) { @@ -86,6 +91,7 @@ public Builder(AuthLoginKerberos defaults) { this.removeInstanceName = defaults.removeInstanceName; this.service = defaults.service; this.token = defaults.token; + this.useRootNamespace = defaults.useRootNamespace; this.username = defaults.username; } @@ -135,6 +141,11 @@ public Builder token(@Nullable String token) { return this; } @CustomType.Setter + public Builder useRootNamespace(@Nullable Boolean useRootNamespace) { + this.useRootNamespace = useRootNamespace; + return this; + } + @CustomType.Setter public Builder username(@Nullable String username) { this.username = username; return this; @@ -150,6 +161,7 @@ public AuthLoginKerberos build() { o.removeInstanceName = removeInstanceName; o.service = service; o.token = token; + o.useRootNamespace = useRootNamespace; o.username = username; return o; } diff --git a/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginOci.java b/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginOci.java index 53f6840ae..a147a1f88 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginOci.java +++ b/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginOci.java @@ -4,6 +4,7 @@ package com.pulumi.vault.config.inputs; import com.pulumi.core.annotations.CustomType; +import java.lang.Boolean; import java.lang.String; import java.util.Objects; import java.util.Optional; @@ -15,6 +16,7 @@ public final class AuthLoginOci { private @Nullable String mount; private @Nullable String namespace; private String role; + private @Nullable Boolean useRootNamespace; private AuthLoginOci() {} public String authType() { @@ -29,6 +31,9 @@ public Optional namespace() { public String role() { return this.role; } + public Optional useRootNamespace() { + return Optional.ofNullable(this.useRootNamespace); + } public static Builder builder() { return new Builder(); @@ -43,6 +48,7 @@ public static final class Builder { private @Nullable String mount; private @Nullable String namespace; private String role; + private @Nullable Boolean useRootNamespace; public Builder() {} public Builder(AuthLoginOci defaults) { Objects.requireNonNull(defaults); @@ -50,6 +56,7 @@ public Builder(AuthLoginOci defaults) { this.mount = defaults.mount; this.namespace = defaults.namespace; this.role = defaults.role; + this.useRootNamespace = defaults.useRootNamespace; } @CustomType.Setter @@ -72,12 +79,18 @@ public Builder role(String role) { this.role = Objects.requireNonNull(role); return this; } + @CustomType.Setter + public Builder useRootNamespace(@Nullable Boolean useRootNamespace) { + this.useRootNamespace = useRootNamespace; + return this; + } public AuthLoginOci build() { final var o = new AuthLoginOci(); o.authType = authType; o.mount = mount; o.namespace = namespace; o.role = role; + o.useRootNamespace = useRootNamespace; return o; } } diff --git a/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginOidc.java b/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginOidc.java index dca98ead4..5a97ee17a 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginOidc.java +++ b/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginOidc.java @@ -4,6 +4,7 @@ package com.pulumi.vault.config.inputs; import com.pulumi.core.annotations.CustomType; +import java.lang.Boolean; import java.lang.String; import java.util.Objects; import java.util.Optional; @@ -16,6 +17,7 @@ public final class AuthLoginOidc { private @Nullable String mount; private @Nullable String namespace; private String role; + private @Nullable Boolean useRootNamespace; private AuthLoginOidc() {} public Optional callbackAddress() { @@ -33,6 +35,9 @@ public Optional namespace() { public String role() { return this.role; } + public Optional useRootNamespace() { + return Optional.ofNullable(this.useRootNamespace); + } public static Builder builder() { return new Builder(); @@ -48,6 +53,7 @@ public static final class Builder { private @Nullable String mount; private @Nullable String namespace; private String role; + private @Nullable Boolean useRootNamespace; public Builder() {} public Builder(AuthLoginOidc defaults) { Objects.requireNonNull(defaults); @@ -56,6 +62,7 @@ public Builder(AuthLoginOidc defaults) { this.mount = defaults.mount; this.namespace = defaults.namespace; this.role = defaults.role; + this.useRootNamespace = defaults.useRootNamespace; } @CustomType.Setter @@ -83,6 +90,11 @@ public Builder role(String role) { this.role = Objects.requireNonNull(role); return this; } + @CustomType.Setter + public Builder useRootNamespace(@Nullable Boolean useRootNamespace) { + this.useRootNamespace = useRootNamespace; + return this; + } public AuthLoginOidc build() { final var o = new AuthLoginOidc(); o.callbackAddress = callbackAddress; @@ -90,6 +102,7 @@ public AuthLoginOidc build() { o.mount = mount; o.namespace = namespace; o.role = role; + o.useRootNamespace = useRootNamespace; return o; } } diff --git a/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginRadius.java b/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginRadius.java index 20c3ccbb9..8b7745296 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginRadius.java +++ b/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginRadius.java @@ -4,6 +4,7 @@ package com.pulumi.vault.config.inputs; import com.pulumi.core.annotations.CustomType; +import java.lang.Boolean; import java.lang.String; import java.util.Objects; import java.util.Optional; @@ -14,6 +15,7 @@ public final class AuthLoginRadius { private @Nullable String mount; private @Nullable String namespace; private String password; + private @Nullable Boolean useRootNamespace; private String username; private AuthLoginRadius() {} @@ -26,6 +28,9 @@ public Optional namespace() { public String password() { return this.password; } + public Optional useRootNamespace() { + return Optional.ofNullable(this.useRootNamespace); + } public String username() { return this.username; } @@ -42,6 +47,7 @@ public static final class Builder { private @Nullable String mount; private @Nullable String namespace; private String password; + private @Nullable Boolean useRootNamespace; private String username; public Builder() {} public Builder(AuthLoginRadius defaults) { @@ -49,6 +55,7 @@ public Builder(AuthLoginRadius defaults) { this.mount = defaults.mount; this.namespace = defaults.namespace; this.password = defaults.password; + this.useRootNamespace = defaults.useRootNamespace; this.username = defaults.username; } @@ -68,6 +75,11 @@ public Builder password(String password) { return this; } @CustomType.Setter + public Builder useRootNamespace(@Nullable Boolean useRootNamespace) { + this.useRootNamespace = useRootNamespace; + return this; + } + @CustomType.Setter public Builder username(String username) { this.username = Objects.requireNonNull(username); return this; @@ -77,6 +89,7 @@ public AuthLoginRadius build() { o.mount = mount; o.namespace = namespace; o.password = password; + o.useRootNamespace = useRootNamespace; o.username = username; return o; } diff --git a/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginTokenFile.java b/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginTokenFile.java index f2d99ed2a..9398d21f5 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginTokenFile.java +++ b/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginTokenFile.java @@ -4,6 +4,7 @@ package com.pulumi.vault.config.inputs; import com.pulumi.core.annotations.CustomType; +import java.lang.Boolean; import java.lang.String; import java.util.Objects; import java.util.Optional; @@ -13,6 +14,7 @@ public final class AuthLoginTokenFile { private String filename; private @Nullable String namespace; + private @Nullable Boolean useRootNamespace; private AuthLoginTokenFile() {} public String filename() { @@ -21,6 +23,9 @@ public String filename() { public Optional namespace() { return Optional.ofNullable(this.namespace); } + public Optional useRootNamespace() { + return Optional.ofNullable(this.useRootNamespace); + } public static Builder builder() { return new Builder(); @@ -33,11 +38,13 @@ public static Builder builder(AuthLoginTokenFile defaults) { public static final class Builder { private String filename; private @Nullable String namespace; + private @Nullable Boolean useRootNamespace; public Builder() {} public Builder(AuthLoginTokenFile defaults) { Objects.requireNonNull(defaults); this.filename = defaults.filename; this.namespace = defaults.namespace; + this.useRootNamespace = defaults.useRootNamespace; } @CustomType.Setter @@ -50,10 +57,16 @@ public Builder namespace(@Nullable String namespace) { this.namespace = namespace; return this; } + @CustomType.Setter + public Builder useRootNamespace(@Nullable Boolean useRootNamespace) { + this.useRootNamespace = useRootNamespace; + return this; + } public AuthLoginTokenFile build() { final var o = new AuthLoginTokenFile(); o.filename = filename; o.namespace = namespace; + o.useRootNamespace = useRootNamespace; return o; } } diff --git a/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginUserpass.java b/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginUserpass.java index 162c7fb66..111cf816f 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginUserpass.java +++ b/sdk/java/src/main/java/com/pulumi/vault/config/inputs/AuthLoginUserpass.java @@ -4,6 +4,7 @@ package com.pulumi.vault.config.inputs; import com.pulumi.core.annotations.CustomType; +import java.lang.Boolean; import java.lang.String; import java.util.Objects; import java.util.Optional; @@ -15,6 +16,7 @@ public final class AuthLoginUserpass { private @Nullable String namespace; private @Nullable String password; private @Nullable String passwordFile; + private @Nullable Boolean useRootNamespace; private String username; private AuthLoginUserpass() {} @@ -30,6 +32,9 @@ public Optional password() { public Optional passwordFile() { return Optional.ofNullable(this.passwordFile); } + public Optional useRootNamespace() { + return Optional.ofNullable(this.useRootNamespace); + } public String username() { return this.username; } @@ -47,6 +52,7 @@ public static final class Builder { private @Nullable String namespace; private @Nullable String password; private @Nullable String passwordFile; + private @Nullable Boolean useRootNamespace; private String username; public Builder() {} public Builder(AuthLoginUserpass defaults) { @@ -55,6 +61,7 @@ public Builder(AuthLoginUserpass defaults) { this.namespace = defaults.namespace; this.password = defaults.password; this.passwordFile = defaults.passwordFile; + this.useRootNamespace = defaults.useRootNamespace; this.username = defaults.username; } @@ -79,6 +86,11 @@ public Builder passwordFile(@Nullable String passwordFile) { return this; } @CustomType.Setter + public Builder useRootNamespace(@Nullable Boolean useRootNamespace) { + this.useRootNamespace = useRootNamespace; + return this; + } + @CustomType.Setter public Builder username(String username) { this.username = Objects.requireNonNull(username); return this; @@ -89,6 +101,7 @@ public AuthLoginUserpass build() { o.namespace = namespace; o.password = password; o.passwordFile = passwordFile; + o.useRootNamespace = useRootNamespace; o.username = username; return o; } diff --git a/sdk/java/src/main/java/com/pulumi/vault/consul/SecretBackend.java b/sdk/java/src/main/java/com/pulumi/vault/consul/SecretBackend.java index 112ec701b..a694ba63b 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/consul/SecretBackend.java +++ b/sdk/java/src/main/java/com/pulumi/vault/consul/SecretBackend.java @@ -112,6 +112,10 @@ public Output address() { /** * Denotes that the resource is used to bootstrap the Consul ACL system. * + * > **Important** When `bootstrap` is true, Vault will attempt to bootstrap the Consul server. The token returned from + * this operation will only ever be known to Vault. If the resource is ever destroyed, the bootstrap token will be lost + * and a [Consul reset may be required.](https://learn.hashicorp.com/tutorials/consul/access-control-troubleshoot#reset-the-acl-system) + * */ @Export(name="bootstrap", refs={Boolean.class}, tree="[0]") private Output bootstrap; @@ -119,6 +123,10 @@ public Output address() { /** * @return Denotes that the resource is used to bootstrap the Consul ACL system. * + * > **Important** When `bootstrap` is true, Vault will attempt to bootstrap the Consul server. The token returned from + * this operation will only ever be known to Vault. If the resource is ever destroyed, the bootstrap token will be lost + * and a [Consul reset may be required.](https://learn.hashicorp.com/tutorials/consul/access-control-troubleshoot#reset-the-acl-system) + * */ public Output> bootstrap() { return Codegen.optional(this.bootstrap); @@ -294,16 +302,14 @@ public Output> scheme() { return Codegen.optional(this.scheme); } /** - * The Consul management token this backend should use to issue new tokens. This field is required - * when `bootstrap` is false. + * Specifies the Consul token to use when managing or issuing new tokens. * */ @Export(name="token", refs={String.class}, tree="[0]") private Output token; /** - * @return The Consul management token this backend should use to issue new tokens. This field is required - * when `bootstrap` is false. + * @return Specifies the Consul token to use when managing or issuing new tokens. * */ public Output> token() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/consul/SecretBackendArgs.java b/sdk/java/src/main/java/com/pulumi/vault/consul/SecretBackendArgs.java index 41d61e22b..2dcb61550 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/consul/SecretBackendArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/consul/SecretBackendArgs.java @@ -35,6 +35,10 @@ public Output address() { /** * Denotes that the resource is used to bootstrap the Consul ACL system. * + * > **Important** When `bootstrap` is true, Vault will attempt to bootstrap the Consul server. The token returned from + * this operation will only ever be known to Vault. If the resource is ever destroyed, the bootstrap token will be lost + * and a [Consul reset may be required.](https://learn.hashicorp.com/tutorials/consul/access-control-troubleshoot#reset-the-acl-system) + * */ @Import(name="bootstrap") private @Nullable Output bootstrap; @@ -42,6 +46,10 @@ public Output address() { /** * @return Denotes that the resource is used to bootstrap the Consul ACL system. * + * > **Important** When `bootstrap` is true, Vault will attempt to bootstrap the Consul server. The token returned from + * this operation will only ever be known to Vault. If the resource is ever destroyed, the bootstrap token will be lost + * and a [Consul reset may be required.](https://learn.hashicorp.com/tutorials/consul/access-control-troubleshoot#reset-the-acl-system) + * */ public Optional> bootstrap() { return Optional.ofNullable(this.bootstrap); @@ -229,16 +237,14 @@ public Optional> scheme() { } /** - * The Consul management token this backend should use to issue new tokens. This field is required - * when `bootstrap` is false. + * Specifies the Consul token to use when managing or issuing new tokens. * */ @Import(name="token") private @Nullable Output token; /** - * @return The Consul management token this backend should use to issue new tokens. This field is required - * when `bootstrap` is false. + * @return Specifies the Consul token to use when managing or issuing new tokens. * */ public Optional> token() { @@ -306,6 +312,10 @@ public Builder address(String address) { /** * @param bootstrap Denotes that the resource is used to bootstrap the Consul ACL system. * + * > **Important** When `bootstrap` is true, Vault will attempt to bootstrap the Consul server. The token returned from + * this operation will only ever be known to Vault. If the resource is ever destroyed, the bootstrap token will be lost + * and a [Consul reset may be required.](https://learn.hashicorp.com/tutorials/consul/access-control-troubleshoot#reset-the-acl-system) + * * @return builder * */ @@ -317,6 +327,10 @@ public Builder bootstrap(@Nullable Output bootstrap) { /** * @param bootstrap Denotes that the resource is used to bootstrap the Consul ACL system. * + * > **Important** When `bootstrap` is true, Vault will attempt to bootstrap the Consul server. The token returned from + * this operation will only ever be known to Vault. If the resource is ever destroyed, the bootstrap token will be lost + * and a [Consul reset may be required.](https://learn.hashicorp.com/tutorials/consul/access-control-troubleshoot#reset-the-acl-system) + * * @return builder * */ @@ -572,8 +586,7 @@ public Builder scheme(String scheme) { } /** - * @param token The Consul management token this backend should use to issue new tokens. This field is required - * when `bootstrap` is false. + * @param token Specifies the Consul token to use when managing or issuing new tokens. * * @return builder * @@ -584,8 +597,7 @@ public Builder token(@Nullable Output token) { } /** - * @param token The Consul management token this backend should use to issue new tokens. This field is required - * when `bootstrap` is false. + * @param token Specifies the Consul token to use when managing or issuing new tokens. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/consul/inputs/SecretBackendState.java b/sdk/java/src/main/java/com/pulumi/vault/consul/inputs/SecretBackendState.java index a9bc5eeb9..3630282f9 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/consul/inputs/SecretBackendState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/consul/inputs/SecretBackendState.java @@ -35,6 +35,10 @@ public Optional> address() { /** * Denotes that the resource is used to bootstrap the Consul ACL system. * + * > **Important** When `bootstrap` is true, Vault will attempt to bootstrap the Consul server. The token returned from + * this operation will only ever be known to Vault. If the resource is ever destroyed, the bootstrap token will be lost + * and a [Consul reset may be required.](https://learn.hashicorp.com/tutorials/consul/access-control-troubleshoot#reset-the-acl-system) + * */ @Import(name="bootstrap") private @Nullable Output bootstrap; @@ -42,6 +46,10 @@ public Optional> address() { /** * @return Denotes that the resource is used to bootstrap the Consul ACL system. * + * > **Important** When `bootstrap` is true, Vault will attempt to bootstrap the Consul server. The token returned from + * this operation will only ever be known to Vault. If the resource is ever destroyed, the bootstrap token will be lost + * and a [Consul reset may be required.](https://learn.hashicorp.com/tutorials/consul/access-control-troubleshoot#reset-the-acl-system) + * */ public Optional> bootstrap() { return Optional.ofNullable(this.bootstrap); @@ -229,16 +237,14 @@ public Optional> scheme() { } /** - * The Consul management token this backend should use to issue new tokens. This field is required - * when `bootstrap` is false. + * Specifies the Consul token to use when managing or issuing new tokens. * */ @Import(name="token") private @Nullable Output token; /** - * @return The Consul management token this backend should use to issue new tokens. This field is required - * when `bootstrap` is false. + * @return Specifies the Consul token to use when managing or issuing new tokens. * */ public Optional> token() { @@ -306,6 +312,10 @@ public Builder address(String address) { /** * @param bootstrap Denotes that the resource is used to bootstrap the Consul ACL system. * + * > **Important** When `bootstrap` is true, Vault will attempt to bootstrap the Consul server. The token returned from + * this operation will only ever be known to Vault. If the resource is ever destroyed, the bootstrap token will be lost + * and a [Consul reset may be required.](https://learn.hashicorp.com/tutorials/consul/access-control-troubleshoot#reset-the-acl-system) + * * @return builder * */ @@ -317,6 +327,10 @@ public Builder bootstrap(@Nullable Output bootstrap) { /** * @param bootstrap Denotes that the resource is used to bootstrap the Consul ACL system. * + * > **Important** When `bootstrap` is true, Vault will attempt to bootstrap the Consul server. The token returned from + * this operation will only ever be known to Vault. If the resource is ever destroyed, the bootstrap token will be lost + * and a [Consul reset may be required.](https://learn.hashicorp.com/tutorials/consul/access-control-troubleshoot#reset-the-acl-system) + * * @return builder * */ @@ -572,8 +586,7 @@ public Builder scheme(String scheme) { } /** - * @param token The Consul management token this backend should use to issue new tokens. This field is required - * when `bootstrap` is false. + * @param token Specifies the Consul token to use when managing or issuing new tokens. * * @return builder * @@ -584,8 +597,7 @@ public Builder token(@Nullable Output token) { } /** - * @param token The Consul management token this backend should use to issue new tokens. This field is required - * when `bootstrap` is false. + * @param token Specifies the Consul token to use when managing or issuing new tokens. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/SecretBackendConnection.java b/sdk/java/src/main/java/com/pulumi/vault/database/SecretBackendConnection.java index 31e0a2b44..4a4994a60 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/SecretBackendConnection.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/SecretBackendConnection.java @@ -397,6 +397,8 @@ public Output> redis() { /** * A nested block containing configuration options for Redis ElastiCache connections. * + * Exactly one of the nested blocks of configuration options must be supplied. + * */ @Export(name="redisElasticache", refs={SecretBackendConnectionRedisElasticache.class}, tree="[0]") private Output redisElasticache; @@ -404,6 +406,8 @@ public Output> redis() { /** * @return A nested block containing configuration options for Redis ElastiCache connections. * + * Exactly one of the nested blocks of configuration options must be supplied. + * */ public Output> redisElasticache() { return Codegen.optional(this.redisElasticache); diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/SecretBackendConnectionArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/SecretBackendConnectionArgs.java index 430c5a673..eaab1c6a1 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/SecretBackendConnectionArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/SecretBackendConnectionArgs.java @@ -363,6 +363,8 @@ public Optional> redis() { /** * A nested block containing configuration options for Redis ElastiCache connections. * + * Exactly one of the nested blocks of configuration options must be supplied. + * */ @Import(name="redisElasticache") private @Nullable Output redisElasticache; @@ -370,6 +372,8 @@ public Optional> redis() { /** * @return A nested block containing configuration options for Redis ElastiCache connections. * + * Exactly one of the nested blocks of configuration options must be supplied. + * */ public Optional> redisElasticache() { return Optional.ofNullable(this.redisElasticache); @@ -949,6 +953,8 @@ public Builder redis(SecretBackendConnectionRedisArgs redis) { /** * @param redisElasticache A nested block containing configuration options for Redis ElastiCache connections. * + * Exactly one of the nested blocks of configuration options must be supplied. + * * @return builder * */ @@ -960,6 +966,8 @@ public Builder redisElasticache(@Nullable Output> creationStatements() { * Specifies the configuration * for the given `credential_type`. * + * The following options are available for each `credential_type` value: + * */ @Export(name="credentialConfig", refs={Map.class,String.class,Object.class}, tree="[0,1,2]") private Output> credentialConfig; @@ -124,6 +126,8 @@ public Output> creationStatements() { * @return Specifies the configuration * for the given `credential_type`. * + * The following options are available for each `credential_type` value: + * */ public Output>> credentialConfig() { return Codegen.optional(this.credentialConfig); diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/SecretBackendRoleArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/SecretBackendRoleArgs.java index 1ab3c8691..cd690effb 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/SecretBackendRoleArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/SecretBackendRoleArgs.java @@ -55,6 +55,8 @@ public Output> creationStatements() { * Specifies the configuration * for the given `credential_type`. * + * The following options are available for each `credential_type` value: + * */ @Import(name="credentialConfig") private @Nullable Output> credentialConfig; @@ -63,6 +65,8 @@ public Output> creationStatements() { * @return Specifies the configuration * for the given `credential_type`. * + * The following options are available for each `credential_type` value: + * */ public Optional>> credentialConfig() { return Optional.ofNullable(this.credentialConfig); @@ -319,6 +323,8 @@ public Builder creationStatements(String... creationStatements) { * @param credentialConfig Specifies the configuration * for the given `credential_type`. * + * The following options are available for each `credential_type` value: + * * @return builder * */ @@ -331,6 +337,8 @@ public Builder credentialConfig(@Nullable Output> credentialC * @param credentialConfig Specifies the configuration * for the given `credential_type`. * + * The following options are available for each `credential_type` value: + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/SecretBackendStaticRole.java b/sdk/java/src/main/java/com/pulumi/vault/database/SecretBackendStaticRole.java index 3686b3359..a1fb7d5f8 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/SecretBackendStaticRole.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/SecretBackendStaticRole.java @@ -175,6 +175,9 @@ public Output> rotationPeriod() { * A cron-style string that will define the schedule on which rotations should occur. * Mutually exclusive with `rotation_period`. * + * **Warning**: The `rotation_period` and `rotation_schedule` fields are + * mutually exclusive. One of them must be set but not both. + * */ @Export(name="rotationSchedule", refs={String.class}, tree="[0]") private Output rotationSchedule; @@ -183,6 +186,9 @@ public Output> rotationPeriod() { * @return A cron-style string that will define the schedule on which rotations should occur. * Mutually exclusive with `rotation_period`. * + * **Warning**: The `rotation_period` and `rotation_schedule` fields are + * mutually exclusive. One of them must be set but not both. + * */ public Output> rotationSchedule() { return Codegen.optional(this.rotationSchedule); diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/SecretBackendStaticRoleArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/SecretBackendStaticRoleArgs.java index 684cf49f3..87dd3e648 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/SecretBackendStaticRoleArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/SecretBackendStaticRoleArgs.java @@ -104,6 +104,9 @@ public Optional> rotationPeriod() { * A cron-style string that will define the schedule on which rotations should occur. * Mutually exclusive with `rotation_period`. * + * **Warning**: The `rotation_period` and `rotation_schedule` fields are + * mutually exclusive. One of them must be set but not both. + * */ @Import(name="rotationSchedule") private @Nullable Output rotationSchedule; @@ -112,6 +115,9 @@ public Optional> rotationPeriod() { * @return A cron-style string that will define the schedule on which rotations should occur. * Mutually exclusive with `rotation_period`. * + * **Warning**: The `rotation_period` and `rotation_schedule` fields are + * mutually exclusive. One of them must be set but not both. + * */ public Optional> rotationSchedule() { return Optional.ofNullable(this.rotationSchedule); @@ -313,6 +319,9 @@ public Builder rotationPeriod(Integer rotationPeriod) { * @param rotationSchedule A cron-style string that will define the schedule on which rotations should occur. * Mutually exclusive with `rotation_period`. * + * **Warning**: The `rotation_period` and `rotation_schedule` fields are + * mutually exclusive. One of them must be set but not both. + * * @return builder * */ @@ -325,6 +334,9 @@ public Builder rotationSchedule(@Nullable Output rotationSchedule) { * @param rotationSchedule A cron-style string that will define the schedule on which rotations should occur. * Mutually exclusive with `rotation_period`. * + * **Warning**: The `rotation_period` and `rotation_schedule` fields are + * mutually exclusive. One of them must be set but not both. + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/SecretsMount.java b/sdk/java/src/main/java/com/pulumi/vault/database/SecretsMount.java index 46bcfc5a4..88913484e 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/SecretsMount.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/SecretsMount.java @@ -132,6 +132,8 @@ public Output accessor() { /** * Set of managed key registry entry names that the mount in question is allowed to access * + * The following arguments are common to all database engines: + * */ @Export(name="allowedManagedKeys", refs={List.class,String.class}, tree="[0,1]") private Output> allowedManagedKeys; @@ -139,6 +141,8 @@ public Output accessor() { /** * @return Set of managed key registry entry names that the mount in question is allowed to access * + * The following arguments are common to all database engines: + * */ public Output>> allowedManagedKeys() { return Codegen.optional(this.allowedManagedKeys); diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/SecretsMountArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/SecretsMountArgs.java index 5f17206ea..5c101ab34 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/SecretsMountArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/SecretsMountArgs.java @@ -41,6 +41,8 @@ public final class SecretsMountArgs extends com.pulumi.resources.ResourceArgs { /** * Set of managed key registry entry names that the mount in question is allowed to access * + * The following arguments are common to all database engines: + * */ @Import(name="allowedManagedKeys") private @Nullable Output> allowedManagedKeys; @@ -48,6 +50,8 @@ public final class SecretsMountArgs extends com.pulumi.resources.ResourceArgs { /** * @return Set of managed key registry entry names that the mount in question is allowed to access * + * The following arguments are common to all database engines: + * */ public Optional>> allowedManagedKeys() { return Optional.ofNullable(this.allowedManagedKeys); @@ -580,6 +584,8 @@ public Builder(SecretsMountArgs defaults) { /** * @param allowedManagedKeys Set of managed key registry entry names that the mount in question is allowed to access * + * The following arguments are common to all database engines: + * * @return builder * */ @@ -591,6 +597,8 @@ public Builder allowedManagedKeys(@Nullable Output> allowedManagedK /** * @param allowedManagedKeys Set of managed key registry entry names that the mount in question is allowed to access * + * The following arguments are common to all database engines: + * * @return builder * */ @@ -601,6 +609,8 @@ public Builder allowedManagedKeys(List allowedManagedKeys) { /** * @param allowedManagedKeys Set of managed key registry entry names that the mount in question is allowed to access * + * The following arguments are common to all database engines: + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionCassandraArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionCassandraArgs.java index b9d130674..ceaa5c9be 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionCassandraArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionCassandraArgs.java @@ -36,14 +36,14 @@ public Optional> connectTimeout() { } /** - * A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + * The hosts to connect to. * */ @Import(name="hosts") private @Nullable Output> hosts; /** - * @return A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + * @return The hosts to connect to. * */ public Optional>> hosts() { @@ -68,14 +68,14 @@ public Optional> insecureTls() { } /** - * The root credential password used in the connection URL. + * The password to authenticate with. * */ @Import(name="password") private @Nullable Output password; /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ public Optional> password() { @@ -147,14 +147,14 @@ public Optional> protocolVersion() { } /** - * Whether to use TLS when connecting to Redis. + * Whether to use TLS when connecting to Cassandra. * */ @Import(name="tls") private @Nullable Output tls; /** - * @return Whether to use TLS when connecting to Redis. + * @return Whether to use TLS when connecting to Cassandra. * */ public Optional> tls() { @@ -162,14 +162,14 @@ public Optional> tls() { } /** - * The root credential username used in the connection URL. + * The username to authenticate with. * */ @Import(name="username") private @Nullable Output username; /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ public Optional> username() { @@ -233,7 +233,7 @@ public Builder connectTimeout(Integer connectTimeout) { } /** - * @param hosts A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + * @param hosts The hosts to connect to. * * @return builder * @@ -244,7 +244,7 @@ public Builder hosts(@Nullable Output> hosts) { } /** - * @param hosts A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + * @param hosts The hosts to connect to. * * @return builder * @@ -254,7 +254,7 @@ public Builder hosts(List hosts) { } /** - * @param hosts A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + * @param hosts The hosts to connect to. * * @return builder * @@ -287,7 +287,7 @@ public Builder insecureTls(Boolean insecureTls) { } /** - * @param password The root credential password used in the connection URL. + * @param password The password to authenticate with. * * @return builder * @@ -298,7 +298,7 @@ public Builder password(@Nullable Output password) { } /** - * @param password The root credential password used in the connection URL. + * @param password The password to authenticate with. * * @return builder * @@ -396,7 +396,7 @@ public Builder protocolVersion(Integer protocolVersion) { } /** - * @param tls Whether to use TLS when connecting to Redis. + * @param tls Whether to use TLS when connecting to Cassandra. * * @return builder * @@ -407,7 +407,7 @@ public Builder tls(@Nullable Output tls) { } /** - * @param tls Whether to use TLS when connecting to Redis. + * @param tls Whether to use TLS when connecting to Cassandra. * * @return builder * @@ -417,7 +417,7 @@ public Builder tls(Boolean tls) { } /** - * @param username The root credential username used in the connection URL. + * @param username The username to authenticate with. * * @return builder * @@ -428,7 +428,7 @@ public Builder username(@Nullable Output username) { } /** - * @param username The root credential username used in the connection URL. + * @param username The username to authenticate with. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionCouchbaseArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionCouchbaseArgs.java index e41b94512..292395ab1 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionCouchbaseArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionCouchbaseArgs.java @@ -48,14 +48,14 @@ public Optional> bucketName() { } /** - * A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + * The hosts to connect to. * */ @Import(name="hosts", required=true) private Output> hosts; /** - * @return A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + * @return The hosts to connect to. * */ public Output> hosts() { @@ -80,14 +80,14 @@ public Optional> insecureTls() { } /** - * The root credential password used in the connection URL. + * The password to authenticate with. * */ @Import(name="password", required=true) private Output password; /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ public Output password() { @@ -95,14 +95,14 @@ public Output password() { } /** - * Whether to use TLS when connecting to Redis. + * Whether to use TLS when connecting to Cassandra. * */ @Import(name="tls") private @Nullable Output tls; /** - * @return Whether to use TLS when connecting to Redis. + * @return Whether to use TLS when connecting to Cassandra. * */ public Optional> tls() { @@ -110,14 +110,14 @@ public Optional> tls() { } /** - * The root credential username used in the connection URL. + * The username to authenticate with. * */ @Import(name="username", required=true) private Output username; /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ public Output username() { @@ -125,14 +125,14 @@ public Output username() { } /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * Template describing how dynamic usernames are generated. * */ @Import(name="usernameTemplate") private @Nullable Output usernameTemplate; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return Template describing how dynamic usernames are generated. * */ public Optional> usernameTemplate() { @@ -213,7 +213,7 @@ public Builder bucketName(String bucketName) { } /** - * @param hosts A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + * @param hosts The hosts to connect to. * * @return builder * @@ -224,7 +224,7 @@ public Builder hosts(Output> hosts) { } /** - * @param hosts A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + * @param hosts The hosts to connect to. * * @return builder * @@ -234,7 +234,7 @@ public Builder hosts(List hosts) { } /** - * @param hosts A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + * @param hosts The hosts to connect to. * * @return builder * @@ -267,7 +267,7 @@ public Builder insecureTls(Boolean insecureTls) { } /** - * @param password The root credential password used in the connection URL. + * @param password The password to authenticate with. * * @return builder * @@ -278,7 +278,7 @@ public Builder password(Output password) { } /** - * @param password The root credential password used in the connection URL. + * @param password The password to authenticate with. * * @return builder * @@ -288,7 +288,7 @@ public Builder password(String password) { } /** - * @param tls Whether to use TLS when connecting to Redis. + * @param tls Whether to use TLS when connecting to Cassandra. * * @return builder * @@ -299,7 +299,7 @@ public Builder tls(@Nullable Output tls) { } /** - * @param tls Whether to use TLS when connecting to Redis. + * @param tls Whether to use TLS when connecting to Cassandra. * * @return builder * @@ -309,7 +309,7 @@ public Builder tls(Boolean tls) { } /** - * @param username The root credential username used in the connection URL. + * @param username The username to authenticate with. * * @return builder * @@ -320,7 +320,7 @@ public Builder username(Output username) { } /** - * @param username The root credential username used in the connection URL. + * @param username The username to authenticate with. * * @return builder * @@ -330,7 +330,7 @@ public Builder username(String username) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate Template describing how dynamic usernames are generated. * * @return builder * @@ -341,7 +341,7 @@ public Builder usernameTemplate(@Nullable Output usernameTemplate) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate Template describing how dynamic usernames are generated. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionElasticsearchArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionElasticsearchArgs.java index 01cf5903b..3b0f071b4 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionElasticsearchArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionElasticsearchArgs.java @@ -92,14 +92,14 @@ public Optional> insecure() { } /** - * The root credential password used in the connection URL. + * The password to authenticate with. * */ @Import(name="password", required=true) private Output password; /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ public Output password() { @@ -139,14 +139,14 @@ public Output url() { } /** - * The root credential username used in the connection URL. + * The username to authenticate with. * */ @Import(name="username", required=true) private Output username; /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ public Output username() { @@ -154,14 +154,14 @@ public Output username() { } /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * Template describing how dynamic usernames are generated. * */ @Import(name="usernameTemplate") private @Nullable Output usernameTemplate; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return Template describing how dynamic usernames are generated. * */ public Optional> usernameTemplate() { @@ -307,7 +307,7 @@ public Builder insecure(Boolean insecure) { } /** - * @param password The root credential password used in the connection URL. + * @param password The password to authenticate with. * * @return builder * @@ -318,7 +318,7 @@ public Builder password(Output password) { } /** - * @param password The root credential password used in the connection URL. + * @param password The password to authenticate with. * * @return builder * @@ -372,7 +372,7 @@ public Builder url(String url) { } /** - * @param username The root credential username used in the connection URL. + * @param username The username to authenticate with. * * @return builder * @@ -383,7 +383,7 @@ public Builder username(Output username) { } /** - * @param username The root credential username used in the connection URL. + * @param username The username to authenticate with. * * @return builder * @@ -393,7 +393,7 @@ public Builder username(String username) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate Template describing how dynamic usernames are generated. * * @return builder * @@ -404,7 +404,7 @@ public Builder usernameTemplate(@Nullable Output usernameTemplate) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate Template describing how dynamic usernames are generated. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionHanaArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionHanaArgs.java index 47e8240f0..916468d06 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionHanaArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionHanaArgs.java @@ -18,9 +18,9 @@ public final class SecretBackendConnectionHanaArgs extends com.pulumi.resources. public static final SecretBackendConnectionHanaArgs Empty = new SecretBackendConnectionHanaArgs(); /** - * Specifies the Redshift DSN. See + * A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ @@ -28,9 +28,9 @@ public final class SecretBackendConnectionHanaArgs extends com.pulumi.resources. private @Nullable Output connectionUrl; /** - * @return Specifies the Redshift DSN. See + * @return A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ @@ -54,14 +54,16 @@ public Optional> disableEscaping() { } /** - * The maximum amount of time a connection may be reused. + * The maximum number of seconds to keep + * a connection alive for. * */ @Import(name="maxConnectionLifetime") private @Nullable Output maxConnectionLifetime; /** - * @return The maximum amount of time a connection may be reused. + * @return The maximum number of seconds to keep + * a connection alive for. * */ public Optional> maxConnectionLifetime() { @@ -70,7 +72,7 @@ public Optional> maxConnectionLifetime() { /** * The maximum number of idle connections to - * the database. + * maintain. * */ @Import(name="maxIdleConnections") @@ -78,7 +80,7 @@ public Optional> maxConnectionLifetime() { /** * @return The maximum number of idle connections to - * the database. + * maintain. * */ public Optional> maxIdleConnections() { @@ -87,7 +89,7 @@ public Optional> maxIdleConnections() { /** * The maximum number of open connections to - * the database. + * use. * */ @Import(name="maxOpenConnections") @@ -95,7 +97,7 @@ public Optional> maxIdleConnections() { /** * @return The maximum number of open connections to - * the database. + * use. * */ public Optional> maxOpenConnections() { @@ -103,14 +105,14 @@ public Optional> maxOpenConnections() { } /** - * The root credential password used in the connection URL. + * The password to authenticate with. * */ @Import(name="password") private @Nullable Output password; /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ public Optional> password() { @@ -118,14 +120,14 @@ public Optional> password() { } /** - * The root credential username used in the connection URL. + * The username to authenticate with. * */ @Import(name="username") private @Nullable Output username; /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ public Optional> username() { @@ -163,9 +165,9 @@ public Builder(SecretBackendConnectionHanaArgs defaults) { } /** - * @param connectionUrl Specifies the Redshift DSN. See + * @param connectionUrl A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * * @return builder @@ -177,9 +179,9 @@ public Builder connectionUrl(@Nullable Output connectionUrl) { } /** - * @param connectionUrl Specifies the Redshift DSN. See + * @param connectionUrl A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * * @return builder @@ -211,7 +213,8 @@ public Builder disableEscaping(Boolean disableEscaping) { } /** - * @param maxConnectionLifetime The maximum amount of time a connection may be reused. + * @param maxConnectionLifetime The maximum number of seconds to keep + * a connection alive for. * * @return builder * @@ -222,7 +225,8 @@ public Builder maxConnectionLifetime(@Nullable Output maxConnectionLife } /** - * @param maxConnectionLifetime The maximum amount of time a connection may be reused. + * @param maxConnectionLifetime The maximum number of seconds to keep + * a connection alive for. * * @return builder * @@ -233,7 +237,7 @@ public Builder maxConnectionLifetime(Integer maxConnectionLifetime) { /** * @param maxIdleConnections The maximum number of idle connections to - * the database. + * maintain. * * @return builder * @@ -245,7 +249,7 @@ public Builder maxIdleConnections(@Nullable Output maxIdleConnections) /** * @param maxIdleConnections The maximum number of idle connections to - * the database. + * maintain. * * @return builder * @@ -256,7 +260,7 @@ public Builder maxIdleConnections(Integer maxIdleConnections) { /** * @param maxOpenConnections The maximum number of open connections to - * the database. + * use. * * @return builder * @@ -268,7 +272,7 @@ public Builder maxOpenConnections(@Nullable Output maxOpenConnections) /** * @param maxOpenConnections The maximum number of open connections to - * the database. + * use. * * @return builder * @@ -278,7 +282,7 @@ public Builder maxOpenConnections(Integer maxOpenConnections) { } /** - * @param password The root credential password used in the connection URL. + * @param password The password to authenticate with. * * @return builder * @@ -289,7 +293,7 @@ public Builder password(@Nullable Output password) { } /** - * @param password The root credential password used in the connection URL. + * @param password The password to authenticate with. * * @return builder * @@ -299,7 +303,7 @@ public Builder password(String password) { } /** - * @param username The root credential username used in the connection URL. + * @param username The username to authenticate with. * * @return builder * @@ -310,7 +314,7 @@ public Builder username(@Nullable Output username) { } /** - * @param username The root credential username used in the connection URL. + * @param username The username to authenticate with. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionInfluxdbArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionInfluxdbArgs.java index c24afa8dd..c51926f1d 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionInfluxdbArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionInfluxdbArgs.java @@ -67,14 +67,14 @@ public Optional> insecureTls() { } /** - * The root credential password used in the connection URL. + * The password to authenticate with. * */ @Import(name="password", required=true) private Output password; /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ public Output password() { @@ -131,14 +131,14 @@ public Optional> port() { } /** - * Whether to use TLS when connecting to Redis. + * Whether to use TLS when connecting to Cassandra. * */ @Import(name="tls") private @Nullable Output tls; /** - * @return Whether to use TLS when connecting to Redis. + * @return Whether to use TLS when connecting to Cassandra. * */ public Optional> tls() { @@ -146,14 +146,14 @@ public Optional> tls() { } /** - * The root credential username used in the connection URL. + * The username to authenticate with. * */ @Import(name="username", required=true) private Output username; /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ public Output username() { @@ -161,14 +161,14 @@ public Output username() { } /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * Template describing how dynamic usernames are generated. * */ @Import(name="usernameTemplate") private @Nullable Output usernameTemplate; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return Template describing how dynamic usernames are generated. * */ public Optional> usernameTemplate() { @@ -276,7 +276,7 @@ public Builder insecureTls(Boolean insecureTls) { } /** - * @param password The root credential password used in the connection URL. + * @param password The password to authenticate with. * * @return builder * @@ -287,7 +287,7 @@ public Builder password(Output password) { } /** - * @param password The root credential password used in the connection URL. + * @param password The password to authenticate with. * * @return builder * @@ -364,7 +364,7 @@ public Builder port(Integer port) { } /** - * @param tls Whether to use TLS when connecting to Redis. + * @param tls Whether to use TLS when connecting to Cassandra. * * @return builder * @@ -375,7 +375,7 @@ public Builder tls(@Nullable Output tls) { } /** - * @param tls Whether to use TLS when connecting to Redis. + * @param tls Whether to use TLS when connecting to Cassandra. * * @return builder * @@ -385,7 +385,7 @@ public Builder tls(Boolean tls) { } /** - * @param username The root credential username used in the connection URL. + * @param username The username to authenticate with. * * @return builder * @@ -396,7 +396,7 @@ public Builder username(Output username) { } /** - * @param username The root credential username used in the connection URL. + * @param username The username to authenticate with. * * @return builder * @@ -406,7 +406,7 @@ public Builder username(String username) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate Template describing how dynamic usernames are generated. * * @return builder * @@ -417,7 +417,7 @@ public Builder usernameTemplate(@Nullable Output usernameTemplate) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate Template describing how dynamic usernames are generated. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionMongodbArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionMongodbArgs.java index eda0222bf..80840c10d 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionMongodbArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionMongodbArgs.java @@ -17,9 +17,9 @@ public final class SecretBackendConnectionMongodbArgs extends com.pulumi.resourc public static final SecretBackendConnectionMongodbArgs Empty = new SecretBackendConnectionMongodbArgs(); /** - * Specifies the Redshift DSN. See + * A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ @@ -27,9 +27,9 @@ public final class SecretBackendConnectionMongodbArgs extends com.pulumi.resourc private @Nullable Output connectionUrl; /** - * @return Specifies the Redshift DSN. See + * @return A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ @@ -38,14 +38,16 @@ public Optional> connectionUrl() { } /** - * The maximum amount of time a connection may be reused. + * The maximum number of seconds to keep + * a connection alive for. * */ @Import(name="maxConnectionLifetime") private @Nullable Output maxConnectionLifetime; /** - * @return The maximum amount of time a connection may be reused. + * @return The maximum number of seconds to keep + * a connection alive for. * */ public Optional> maxConnectionLifetime() { @@ -54,7 +56,7 @@ public Optional> maxConnectionLifetime() { /** * The maximum number of idle connections to - * the database. + * maintain. * */ @Import(name="maxIdleConnections") @@ -62,7 +64,7 @@ public Optional> maxConnectionLifetime() { /** * @return The maximum number of idle connections to - * the database. + * maintain. * */ public Optional> maxIdleConnections() { @@ -71,7 +73,7 @@ public Optional> maxIdleConnections() { /** * The maximum number of open connections to - * the database. + * use. * */ @Import(name="maxOpenConnections") @@ -79,7 +81,7 @@ public Optional> maxIdleConnections() { /** * @return The maximum number of open connections to - * the database. + * use. * */ public Optional> maxOpenConnections() { @@ -87,14 +89,14 @@ public Optional> maxOpenConnections() { } /** - * The root credential password used in the connection URL. + * The password to authenticate with. * */ @Import(name="password") private @Nullable Output password; /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ public Optional> password() { @@ -102,14 +104,14 @@ public Optional> password() { } /** - * The root credential username used in the connection URL. + * The username to authenticate with. * */ @Import(name="username") private @Nullable Output username; /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ public Optional> username() { @@ -117,14 +119,14 @@ public Optional> username() { } /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * Template describing how dynamic usernames are generated. * */ @Import(name="usernameTemplate") private @Nullable Output usernameTemplate; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return Template describing how dynamic usernames are generated. * */ public Optional> usernameTemplate() { @@ -162,9 +164,9 @@ public Builder(SecretBackendConnectionMongodbArgs defaults) { } /** - * @param connectionUrl Specifies the Redshift DSN. See + * @param connectionUrl A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * * @return builder @@ -176,9 +178,9 @@ public Builder connectionUrl(@Nullable Output connectionUrl) { } /** - * @param connectionUrl Specifies the Redshift DSN. See + * @param connectionUrl A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * * @return builder @@ -189,7 +191,8 @@ public Builder connectionUrl(String connectionUrl) { } /** - * @param maxConnectionLifetime The maximum amount of time a connection may be reused. + * @param maxConnectionLifetime The maximum number of seconds to keep + * a connection alive for. * * @return builder * @@ -200,7 +203,8 @@ public Builder maxConnectionLifetime(@Nullable Output maxConnectionLife } /** - * @param maxConnectionLifetime The maximum amount of time a connection may be reused. + * @param maxConnectionLifetime The maximum number of seconds to keep + * a connection alive for. * * @return builder * @@ -211,7 +215,7 @@ public Builder maxConnectionLifetime(Integer maxConnectionLifetime) { /** * @param maxIdleConnections The maximum number of idle connections to - * the database. + * maintain. * * @return builder * @@ -223,7 +227,7 @@ public Builder maxIdleConnections(@Nullable Output maxIdleConnections) /** * @param maxIdleConnections The maximum number of idle connections to - * the database. + * maintain. * * @return builder * @@ -234,7 +238,7 @@ public Builder maxIdleConnections(Integer maxIdleConnections) { /** * @param maxOpenConnections The maximum number of open connections to - * the database. + * use. * * @return builder * @@ -246,7 +250,7 @@ public Builder maxOpenConnections(@Nullable Output maxOpenConnections) /** * @param maxOpenConnections The maximum number of open connections to - * the database. + * use. * * @return builder * @@ -256,7 +260,7 @@ public Builder maxOpenConnections(Integer maxOpenConnections) { } /** - * @param password The root credential password used in the connection URL. + * @param password The password to authenticate with. * * @return builder * @@ -267,7 +271,7 @@ public Builder password(@Nullable Output password) { } /** - * @param password The root credential password used in the connection URL. + * @param password The password to authenticate with. * * @return builder * @@ -277,7 +281,7 @@ public Builder password(String password) { } /** - * @param username The root credential username used in the connection URL. + * @param username The username to authenticate with. * * @return builder * @@ -288,7 +292,7 @@ public Builder username(@Nullable Output username) { } /** - * @param username The root credential username used in the connection URL. + * @param username The username to authenticate with. * * @return builder * @@ -298,7 +302,7 @@ public Builder username(String username) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate Template describing how dynamic usernames are generated. * * @return builder * @@ -309,7 +313,7 @@ public Builder usernameTemplate(@Nullable Output usernameTemplate) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate Template describing how dynamic usernames are generated. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionMssqlArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionMssqlArgs.java index 2bb842ca7..7243d965e 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionMssqlArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionMssqlArgs.java @@ -18,9 +18,9 @@ public final class SecretBackendConnectionMssqlArgs extends com.pulumi.resources public static final SecretBackendConnectionMssqlArgs Empty = new SecretBackendConnectionMssqlArgs(); /** - * Specifies the Redshift DSN. See + * A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ @@ -28,9 +28,9 @@ public final class SecretBackendConnectionMssqlArgs extends com.pulumi.resources private @Nullable Output connectionUrl; /** - * @return Specifies the Redshift DSN. See + * @return A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ @@ -75,14 +75,16 @@ public Optional> disableEscaping() { } /** - * The maximum amount of time a connection may be reused. + * The maximum number of seconds to keep + * a connection alive for. * */ @Import(name="maxConnectionLifetime") private @Nullable Output maxConnectionLifetime; /** - * @return The maximum amount of time a connection may be reused. + * @return The maximum number of seconds to keep + * a connection alive for. * */ public Optional> maxConnectionLifetime() { @@ -91,7 +93,7 @@ public Optional> maxConnectionLifetime() { /** * The maximum number of idle connections to - * the database. + * maintain. * */ @Import(name="maxIdleConnections") @@ -99,7 +101,7 @@ public Optional> maxConnectionLifetime() { /** * @return The maximum number of idle connections to - * the database. + * maintain. * */ public Optional> maxIdleConnections() { @@ -108,7 +110,7 @@ public Optional> maxIdleConnections() { /** * The maximum number of open connections to - * the database. + * use. * */ @Import(name="maxOpenConnections") @@ -116,7 +118,7 @@ public Optional> maxIdleConnections() { /** * @return The maximum number of open connections to - * the database. + * use. * */ public Optional> maxOpenConnections() { @@ -124,14 +126,14 @@ public Optional> maxOpenConnections() { } /** - * The root credential password used in the connection URL. + * The password to authenticate with. * */ @Import(name="password") private @Nullable Output password; /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ public Optional> password() { @@ -139,14 +141,14 @@ public Optional> password() { } /** - * The root credential username used in the connection URL. + * The username to authenticate with. * */ @Import(name="username") private @Nullable Output username; /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ public Optional> username() { @@ -154,14 +156,14 @@ public Optional> username() { } /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * Template describing how dynamic usernames are generated. * */ @Import(name="usernameTemplate") private @Nullable Output usernameTemplate; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return Template describing how dynamic usernames are generated. * */ public Optional> usernameTemplate() { @@ -201,9 +203,9 @@ public Builder(SecretBackendConnectionMssqlArgs defaults) { } /** - * @param connectionUrl Specifies the Redshift DSN. See + * @param connectionUrl A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * * @return builder @@ -215,9 +217,9 @@ public Builder connectionUrl(@Nullable Output connectionUrl) { } /** - * @param connectionUrl Specifies the Redshift DSN. See + * @param connectionUrl A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * * @return builder @@ -276,7 +278,8 @@ public Builder disableEscaping(Boolean disableEscaping) { } /** - * @param maxConnectionLifetime The maximum amount of time a connection may be reused. + * @param maxConnectionLifetime The maximum number of seconds to keep + * a connection alive for. * * @return builder * @@ -287,7 +290,8 @@ public Builder maxConnectionLifetime(@Nullable Output maxConnectionLife } /** - * @param maxConnectionLifetime The maximum amount of time a connection may be reused. + * @param maxConnectionLifetime The maximum number of seconds to keep + * a connection alive for. * * @return builder * @@ -298,7 +302,7 @@ public Builder maxConnectionLifetime(Integer maxConnectionLifetime) { /** * @param maxIdleConnections The maximum number of idle connections to - * the database. + * maintain. * * @return builder * @@ -310,7 +314,7 @@ public Builder maxIdleConnections(@Nullable Output maxIdleConnections) /** * @param maxIdleConnections The maximum number of idle connections to - * the database. + * maintain. * * @return builder * @@ -321,7 +325,7 @@ public Builder maxIdleConnections(Integer maxIdleConnections) { /** * @param maxOpenConnections The maximum number of open connections to - * the database. + * use. * * @return builder * @@ -333,7 +337,7 @@ public Builder maxOpenConnections(@Nullable Output maxOpenConnections) /** * @param maxOpenConnections The maximum number of open connections to - * the database. + * use. * * @return builder * @@ -343,7 +347,7 @@ public Builder maxOpenConnections(Integer maxOpenConnections) { } /** - * @param password The root credential password used in the connection URL. + * @param password The password to authenticate with. * * @return builder * @@ -354,7 +358,7 @@ public Builder password(@Nullable Output password) { } /** - * @param password The root credential password used in the connection URL. + * @param password The password to authenticate with. * * @return builder * @@ -364,7 +368,7 @@ public Builder password(String password) { } /** - * @param username The root credential username used in the connection URL. + * @param username The username to authenticate with. * * @return builder * @@ -375,7 +379,7 @@ public Builder username(@Nullable Output username) { } /** - * @param username The root credential username used in the connection URL. + * @param username The username to authenticate with. * * @return builder * @@ -385,7 +389,7 @@ public Builder username(String username) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate Template describing how dynamic usernames are generated. * * @return builder * @@ -396,7 +400,7 @@ public Builder usernameTemplate(@Nullable Output usernameTemplate) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate Template describing how dynamic usernames are generated. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionMysqlArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionMysqlArgs.java index dd076b6f2..58df14091 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionMysqlArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionMysqlArgs.java @@ -32,9 +32,9 @@ public Optional> authType() { } /** - * Specifies the Redshift DSN. See + * A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ @@ -42,9 +42,9 @@ public Optional> authType() { private @Nullable Output connectionUrl; /** - * @return Specifies the Redshift DSN. See + * @return A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ @@ -53,14 +53,16 @@ public Optional> connectionUrl() { } /** - * The maximum amount of time a connection may be reused. + * The maximum number of seconds to keep + * a connection alive for. * */ @Import(name="maxConnectionLifetime") private @Nullable Output maxConnectionLifetime; /** - * @return The maximum amount of time a connection may be reused. + * @return The maximum number of seconds to keep + * a connection alive for. * */ public Optional> maxConnectionLifetime() { @@ -69,7 +71,7 @@ public Optional> maxConnectionLifetime() { /** * The maximum number of idle connections to - * the database. + * maintain. * */ @Import(name="maxIdleConnections") @@ -77,7 +79,7 @@ public Optional> maxConnectionLifetime() { /** * @return The maximum number of idle connections to - * the database. + * maintain. * */ public Optional> maxIdleConnections() { @@ -86,7 +88,7 @@ public Optional> maxIdleConnections() { /** * The maximum number of open connections to - * the database. + * use. * */ @Import(name="maxOpenConnections") @@ -94,7 +96,7 @@ public Optional> maxIdleConnections() { /** * @return The maximum number of open connections to - * the database. + * use. * */ public Optional> maxOpenConnections() { @@ -102,14 +104,14 @@ public Optional> maxOpenConnections() { } /** - * The root credential password used in the connection URL. + * The password to authenticate with. * */ @Import(name="password") private @Nullable Output password; /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ public Optional> password() { @@ -162,14 +164,14 @@ public Optional> tlsCertificateKey() { } /** - * The root credential username used in the connection URL. + * The username to authenticate with. * */ @Import(name="username") private @Nullable Output username; /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ public Optional> username() { @@ -177,14 +179,14 @@ public Optional> username() { } /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * Template describing how dynamic usernames are generated. * */ @Import(name="usernameTemplate") private @Nullable Output usernameTemplate; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return Template describing how dynamic usernames are generated. * */ public Optional> usernameTemplate() { @@ -247,9 +249,9 @@ public Builder authType(String authType) { } /** - * @param connectionUrl Specifies the Redshift DSN. See + * @param connectionUrl A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * * @return builder @@ -261,9 +263,9 @@ public Builder connectionUrl(@Nullable Output connectionUrl) { } /** - * @param connectionUrl Specifies the Redshift DSN. See + * @param connectionUrl A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * * @return builder @@ -274,7 +276,8 @@ public Builder connectionUrl(String connectionUrl) { } /** - * @param maxConnectionLifetime The maximum amount of time a connection may be reused. + * @param maxConnectionLifetime The maximum number of seconds to keep + * a connection alive for. * * @return builder * @@ -285,7 +288,8 @@ public Builder maxConnectionLifetime(@Nullable Output maxConnectionLife } /** - * @param maxConnectionLifetime The maximum amount of time a connection may be reused. + * @param maxConnectionLifetime The maximum number of seconds to keep + * a connection alive for. * * @return builder * @@ -296,7 +300,7 @@ public Builder maxConnectionLifetime(Integer maxConnectionLifetime) { /** * @param maxIdleConnections The maximum number of idle connections to - * the database. + * maintain. * * @return builder * @@ -308,7 +312,7 @@ public Builder maxIdleConnections(@Nullable Output maxIdleConnections) /** * @param maxIdleConnections The maximum number of idle connections to - * the database. + * maintain. * * @return builder * @@ -319,7 +323,7 @@ public Builder maxIdleConnections(Integer maxIdleConnections) { /** * @param maxOpenConnections The maximum number of open connections to - * the database. + * use. * * @return builder * @@ -331,7 +335,7 @@ public Builder maxOpenConnections(@Nullable Output maxOpenConnections) /** * @param maxOpenConnections The maximum number of open connections to - * the database. + * use. * * @return builder * @@ -341,7 +345,7 @@ public Builder maxOpenConnections(Integer maxOpenConnections) { } /** - * @param password The root credential password used in the connection URL. + * @param password The password to authenticate with. * * @return builder * @@ -352,7 +356,7 @@ public Builder password(@Nullable Output password) { } /** - * @param password The root credential password used in the connection URL. + * @param password The password to authenticate with. * * @return builder * @@ -425,7 +429,7 @@ public Builder tlsCertificateKey(String tlsCertificateKey) { } /** - * @param username The root credential username used in the connection URL. + * @param username The username to authenticate with. * * @return builder * @@ -436,7 +440,7 @@ public Builder username(@Nullable Output username) { } /** - * @param username The root credential username used in the connection URL. + * @param username The username to authenticate with. * * @return builder * @@ -446,7 +450,7 @@ public Builder username(String username) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate Template describing how dynamic usernames are generated. * * @return builder * @@ -457,7 +461,7 @@ public Builder usernameTemplate(@Nullable Output usernameTemplate) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate Template describing how dynamic usernames are generated. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionMysqlAuroraArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionMysqlAuroraArgs.java index d7cf59ec1..e4c2d2e5b 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionMysqlAuroraArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionMysqlAuroraArgs.java @@ -17,9 +17,9 @@ public final class SecretBackendConnectionMysqlAuroraArgs extends com.pulumi.res public static final SecretBackendConnectionMysqlAuroraArgs Empty = new SecretBackendConnectionMysqlAuroraArgs(); /** - * Specifies the Redshift DSN. See + * A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ @@ -27,9 +27,9 @@ public final class SecretBackendConnectionMysqlAuroraArgs extends com.pulumi.res private @Nullable Output connectionUrl; /** - * @return Specifies the Redshift DSN. See + * @return A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ @@ -38,14 +38,16 @@ public Optional> connectionUrl() { } /** - * The maximum amount of time a connection may be reused. + * The maximum number of seconds to keep + * a connection alive for. * */ @Import(name="maxConnectionLifetime") private @Nullable Output maxConnectionLifetime; /** - * @return The maximum amount of time a connection may be reused. + * @return The maximum number of seconds to keep + * a connection alive for. * */ public Optional> maxConnectionLifetime() { @@ -54,7 +56,7 @@ public Optional> maxConnectionLifetime() { /** * The maximum number of idle connections to - * the database. + * maintain. * */ @Import(name="maxIdleConnections") @@ -62,7 +64,7 @@ public Optional> maxConnectionLifetime() { /** * @return The maximum number of idle connections to - * the database. + * maintain. * */ public Optional> maxIdleConnections() { @@ -71,7 +73,7 @@ public Optional> maxIdleConnections() { /** * The maximum number of open connections to - * the database. + * use. * */ @Import(name="maxOpenConnections") @@ -79,7 +81,7 @@ public Optional> maxIdleConnections() { /** * @return The maximum number of open connections to - * the database. + * use. * */ public Optional> maxOpenConnections() { @@ -87,14 +89,14 @@ public Optional> maxOpenConnections() { } /** - * The root credential password used in the connection URL. + * The password to authenticate with. * */ @Import(name="password") private @Nullable Output password; /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ public Optional> password() { @@ -102,14 +104,14 @@ public Optional> password() { } /** - * The root credential username used in the connection URL. + * The username to authenticate with. * */ @Import(name="username") private @Nullable Output username; /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ public Optional> username() { @@ -117,14 +119,14 @@ public Optional> username() { } /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * Template describing how dynamic usernames are generated. * */ @Import(name="usernameTemplate") private @Nullable Output usernameTemplate; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return Template describing how dynamic usernames are generated. * */ public Optional> usernameTemplate() { @@ -162,9 +164,9 @@ public Builder(SecretBackendConnectionMysqlAuroraArgs defaults) { } /** - * @param connectionUrl Specifies the Redshift DSN. See + * @param connectionUrl A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * * @return builder @@ -176,9 +178,9 @@ public Builder connectionUrl(@Nullable Output connectionUrl) { } /** - * @param connectionUrl Specifies the Redshift DSN. See + * @param connectionUrl A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * * @return builder @@ -189,7 +191,8 @@ public Builder connectionUrl(String connectionUrl) { } /** - * @param maxConnectionLifetime The maximum amount of time a connection may be reused. + * @param maxConnectionLifetime The maximum number of seconds to keep + * a connection alive for. * * @return builder * @@ -200,7 +203,8 @@ public Builder maxConnectionLifetime(@Nullable Output maxConnectionLife } /** - * @param maxConnectionLifetime The maximum amount of time a connection may be reused. + * @param maxConnectionLifetime The maximum number of seconds to keep + * a connection alive for. * * @return builder * @@ -211,7 +215,7 @@ public Builder maxConnectionLifetime(Integer maxConnectionLifetime) { /** * @param maxIdleConnections The maximum number of idle connections to - * the database. + * maintain. * * @return builder * @@ -223,7 +227,7 @@ public Builder maxIdleConnections(@Nullable Output maxIdleConnections) /** * @param maxIdleConnections The maximum number of idle connections to - * the database. + * maintain. * * @return builder * @@ -234,7 +238,7 @@ public Builder maxIdleConnections(Integer maxIdleConnections) { /** * @param maxOpenConnections The maximum number of open connections to - * the database. + * use. * * @return builder * @@ -246,7 +250,7 @@ public Builder maxOpenConnections(@Nullable Output maxOpenConnections) /** * @param maxOpenConnections The maximum number of open connections to - * the database. + * use. * * @return builder * @@ -256,7 +260,7 @@ public Builder maxOpenConnections(Integer maxOpenConnections) { } /** - * @param password The root credential password used in the connection URL. + * @param password The password to authenticate with. * * @return builder * @@ -267,7 +271,7 @@ public Builder password(@Nullable Output password) { } /** - * @param password The root credential password used in the connection URL. + * @param password The password to authenticate with. * * @return builder * @@ -277,7 +281,7 @@ public Builder password(String password) { } /** - * @param username The root credential username used in the connection URL. + * @param username The username to authenticate with. * * @return builder * @@ -288,7 +292,7 @@ public Builder username(@Nullable Output username) { } /** - * @param username The root credential username used in the connection URL. + * @param username The username to authenticate with. * * @return builder * @@ -298,7 +302,7 @@ public Builder username(String username) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate Template describing how dynamic usernames are generated. * * @return builder * @@ -309,7 +313,7 @@ public Builder usernameTemplate(@Nullable Output usernameTemplate) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate Template describing how dynamic usernames are generated. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionMysqlLegacyArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionMysqlLegacyArgs.java index 852d38edc..41c1d3eaf 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionMysqlLegacyArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionMysqlLegacyArgs.java @@ -17,9 +17,9 @@ public final class SecretBackendConnectionMysqlLegacyArgs extends com.pulumi.res public static final SecretBackendConnectionMysqlLegacyArgs Empty = new SecretBackendConnectionMysqlLegacyArgs(); /** - * Specifies the Redshift DSN. See + * A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ @@ -27,9 +27,9 @@ public final class SecretBackendConnectionMysqlLegacyArgs extends com.pulumi.res private @Nullable Output connectionUrl; /** - * @return Specifies the Redshift DSN. See + * @return A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ @@ -38,14 +38,16 @@ public Optional> connectionUrl() { } /** - * The maximum amount of time a connection may be reused. + * The maximum number of seconds to keep + * a connection alive for. * */ @Import(name="maxConnectionLifetime") private @Nullable Output maxConnectionLifetime; /** - * @return The maximum amount of time a connection may be reused. + * @return The maximum number of seconds to keep + * a connection alive for. * */ public Optional> maxConnectionLifetime() { @@ -54,7 +56,7 @@ public Optional> maxConnectionLifetime() { /** * The maximum number of idle connections to - * the database. + * maintain. * */ @Import(name="maxIdleConnections") @@ -62,7 +64,7 @@ public Optional> maxConnectionLifetime() { /** * @return The maximum number of idle connections to - * the database. + * maintain. * */ public Optional> maxIdleConnections() { @@ -71,7 +73,7 @@ public Optional> maxIdleConnections() { /** * The maximum number of open connections to - * the database. + * use. * */ @Import(name="maxOpenConnections") @@ -79,7 +81,7 @@ public Optional> maxIdleConnections() { /** * @return The maximum number of open connections to - * the database. + * use. * */ public Optional> maxOpenConnections() { @@ -87,14 +89,14 @@ public Optional> maxOpenConnections() { } /** - * The root credential password used in the connection URL. + * The password to authenticate with. * */ @Import(name="password") private @Nullable Output password; /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ public Optional> password() { @@ -102,14 +104,14 @@ public Optional> password() { } /** - * The root credential username used in the connection URL. + * The username to authenticate with. * */ @Import(name="username") private @Nullable Output username; /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ public Optional> username() { @@ -117,14 +119,14 @@ public Optional> username() { } /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * Template describing how dynamic usernames are generated. * */ @Import(name="usernameTemplate") private @Nullable Output usernameTemplate; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return Template describing how dynamic usernames are generated. * */ public Optional> usernameTemplate() { @@ -162,9 +164,9 @@ public Builder(SecretBackendConnectionMysqlLegacyArgs defaults) { } /** - * @param connectionUrl Specifies the Redshift DSN. See + * @param connectionUrl A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * * @return builder @@ -176,9 +178,9 @@ public Builder connectionUrl(@Nullable Output connectionUrl) { } /** - * @param connectionUrl Specifies the Redshift DSN. See + * @param connectionUrl A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * * @return builder @@ -189,7 +191,8 @@ public Builder connectionUrl(String connectionUrl) { } /** - * @param maxConnectionLifetime The maximum amount of time a connection may be reused. + * @param maxConnectionLifetime The maximum number of seconds to keep + * a connection alive for. * * @return builder * @@ -200,7 +203,8 @@ public Builder maxConnectionLifetime(@Nullable Output maxConnectionLife } /** - * @param maxConnectionLifetime The maximum amount of time a connection may be reused. + * @param maxConnectionLifetime The maximum number of seconds to keep + * a connection alive for. * * @return builder * @@ -211,7 +215,7 @@ public Builder maxConnectionLifetime(Integer maxConnectionLifetime) { /** * @param maxIdleConnections The maximum number of idle connections to - * the database. + * maintain. * * @return builder * @@ -223,7 +227,7 @@ public Builder maxIdleConnections(@Nullable Output maxIdleConnections) /** * @param maxIdleConnections The maximum number of idle connections to - * the database. + * maintain. * * @return builder * @@ -234,7 +238,7 @@ public Builder maxIdleConnections(Integer maxIdleConnections) { /** * @param maxOpenConnections The maximum number of open connections to - * the database. + * use. * * @return builder * @@ -246,7 +250,7 @@ public Builder maxOpenConnections(@Nullable Output maxOpenConnections) /** * @param maxOpenConnections The maximum number of open connections to - * the database. + * use. * * @return builder * @@ -256,7 +260,7 @@ public Builder maxOpenConnections(Integer maxOpenConnections) { } /** - * @param password The root credential password used in the connection URL. + * @param password The password to authenticate with. * * @return builder * @@ -267,7 +271,7 @@ public Builder password(@Nullable Output password) { } /** - * @param password The root credential password used in the connection URL. + * @param password The password to authenticate with. * * @return builder * @@ -277,7 +281,7 @@ public Builder password(String password) { } /** - * @param username The root credential username used in the connection URL. + * @param username The username to authenticate with. * * @return builder * @@ -288,7 +292,7 @@ public Builder username(@Nullable Output username) { } /** - * @param username The root credential username used in the connection URL. + * @param username The username to authenticate with. * * @return builder * @@ -298,7 +302,7 @@ public Builder username(String username) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate Template describing how dynamic usernames are generated. * * @return builder * @@ -309,7 +313,7 @@ public Builder usernameTemplate(@Nullable Output usernameTemplate) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate Template describing how dynamic usernames are generated. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionMysqlRdsArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionMysqlRdsArgs.java index 119fea926..86c629df8 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionMysqlRdsArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionMysqlRdsArgs.java @@ -17,9 +17,9 @@ public final class SecretBackendConnectionMysqlRdsArgs extends com.pulumi.resour public static final SecretBackendConnectionMysqlRdsArgs Empty = new SecretBackendConnectionMysqlRdsArgs(); /** - * Specifies the Redshift DSN. See + * A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ @@ -27,9 +27,9 @@ public final class SecretBackendConnectionMysqlRdsArgs extends com.pulumi.resour private @Nullable Output connectionUrl; /** - * @return Specifies the Redshift DSN. See + * @return A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ @@ -38,14 +38,16 @@ public Optional> connectionUrl() { } /** - * The maximum amount of time a connection may be reused. + * The maximum number of seconds to keep + * a connection alive for. * */ @Import(name="maxConnectionLifetime") private @Nullable Output maxConnectionLifetime; /** - * @return The maximum amount of time a connection may be reused. + * @return The maximum number of seconds to keep + * a connection alive for. * */ public Optional> maxConnectionLifetime() { @@ -54,7 +56,7 @@ public Optional> maxConnectionLifetime() { /** * The maximum number of idle connections to - * the database. + * maintain. * */ @Import(name="maxIdleConnections") @@ -62,7 +64,7 @@ public Optional> maxConnectionLifetime() { /** * @return The maximum number of idle connections to - * the database. + * maintain. * */ public Optional> maxIdleConnections() { @@ -71,7 +73,7 @@ public Optional> maxIdleConnections() { /** * The maximum number of open connections to - * the database. + * use. * */ @Import(name="maxOpenConnections") @@ -79,7 +81,7 @@ public Optional> maxIdleConnections() { /** * @return The maximum number of open connections to - * the database. + * use. * */ public Optional> maxOpenConnections() { @@ -87,14 +89,14 @@ public Optional> maxOpenConnections() { } /** - * The root credential password used in the connection URL. + * The password to authenticate with. * */ @Import(name="password") private @Nullable Output password; /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ public Optional> password() { @@ -102,14 +104,14 @@ public Optional> password() { } /** - * The root credential username used in the connection URL. + * The username to authenticate with. * */ @Import(name="username") private @Nullable Output username; /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ public Optional> username() { @@ -117,14 +119,14 @@ public Optional> username() { } /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * Template describing how dynamic usernames are generated. * */ @Import(name="usernameTemplate") private @Nullable Output usernameTemplate; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return Template describing how dynamic usernames are generated. * */ public Optional> usernameTemplate() { @@ -162,9 +164,9 @@ public Builder(SecretBackendConnectionMysqlRdsArgs defaults) { } /** - * @param connectionUrl Specifies the Redshift DSN. See + * @param connectionUrl A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * * @return builder @@ -176,9 +178,9 @@ public Builder connectionUrl(@Nullable Output connectionUrl) { } /** - * @param connectionUrl Specifies the Redshift DSN. See + * @param connectionUrl A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * * @return builder @@ -189,7 +191,8 @@ public Builder connectionUrl(String connectionUrl) { } /** - * @param maxConnectionLifetime The maximum amount of time a connection may be reused. + * @param maxConnectionLifetime The maximum number of seconds to keep + * a connection alive for. * * @return builder * @@ -200,7 +203,8 @@ public Builder maxConnectionLifetime(@Nullable Output maxConnectionLife } /** - * @param maxConnectionLifetime The maximum amount of time a connection may be reused. + * @param maxConnectionLifetime The maximum number of seconds to keep + * a connection alive for. * * @return builder * @@ -211,7 +215,7 @@ public Builder maxConnectionLifetime(Integer maxConnectionLifetime) { /** * @param maxIdleConnections The maximum number of idle connections to - * the database. + * maintain. * * @return builder * @@ -223,7 +227,7 @@ public Builder maxIdleConnections(@Nullable Output maxIdleConnections) /** * @param maxIdleConnections The maximum number of idle connections to - * the database. + * maintain. * * @return builder * @@ -234,7 +238,7 @@ public Builder maxIdleConnections(Integer maxIdleConnections) { /** * @param maxOpenConnections The maximum number of open connections to - * the database. + * use. * * @return builder * @@ -246,7 +250,7 @@ public Builder maxOpenConnections(@Nullable Output maxOpenConnections) /** * @param maxOpenConnections The maximum number of open connections to - * the database. + * use. * * @return builder * @@ -256,7 +260,7 @@ public Builder maxOpenConnections(Integer maxOpenConnections) { } /** - * @param password The root credential password used in the connection URL. + * @param password The password to authenticate with. * * @return builder * @@ -267,7 +271,7 @@ public Builder password(@Nullable Output password) { } /** - * @param password The root credential password used in the connection URL. + * @param password The password to authenticate with. * * @return builder * @@ -277,7 +281,7 @@ public Builder password(String password) { } /** - * @param username The root credential username used in the connection URL. + * @param username The username to authenticate with. * * @return builder * @@ -288,7 +292,7 @@ public Builder username(@Nullable Output username) { } /** - * @param username The root credential username used in the connection URL. + * @param username The username to authenticate with. * * @return builder * @@ -298,7 +302,7 @@ public Builder username(String username) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate Template describing how dynamic usernames are generated. * * @return builder * @@ -309,7 +313,7 @@ public Builder usernameTemplate(@Nullable Output usernameTemplate) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate Template describing how dynamic usernames are generated. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionOracleArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionOracleArgs.java index 1b22027ac..72ccc0993 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionOracleArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionOracleArgs.java @@ -17,9 +17,9 @@ public final class SecretBackendConnectionOracleArgs extends com.pulumi.resource public static final SecretBackendConnectionOracleArgs Empty = new SecretBackendConnectionOracleArgs(); /** - * Specifies the Redshift DSN. See + * A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ @@ -27,9 +27,9 @@ public final class SecretBackendConnectionOracleArgs extends com.pulumi.resource private @Nullable Output connectionUrl; /** - * @return Specifies the Redshift DSN. See + * @return A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ @@ -38,14 +38,16 @@ public Optional> connectionUrl() { } /** - * The maximum amount of time a connection may be reused. + * The maximum number of seconds to keep + * a connection alive for. * */ @Import(name="maxConnectionLifetime") private @Nullable Output maxConnectionLifetime; /** - * @return The maximum amount of time a connection may be reused. + * @return The maximum number of seconds to keep + * a connection alive for. * */ public Optional> maxConnectionLifetime() { @@ -54,7 +56,7 @@ public Optional> maxConnectionLifetime() { /** * The maximum number of idle connections to - * the database. + * maintain. * */ @Import(name="maxIdleConnections") @@ -62,7 +64,7 @@ public Optional> maxConnectionLifetime() { /** * @return The maximum number of idle connections to - * the database. + * maintain. * */ public Optional> maxIdleConnections() { @@ -71,7 +73,7 @@ public Optional> maxIdleConnections() { /** * The maximum number of open connections to - * the database. + * use. * */ @Import(name="maxOpenConnections") @@ -79,7 +81,7 @@ public Optional> maxIdleConnections() { /** * @return The maximum number of open connections to - * the database. + * use. * */ public Optional> maxOpenConnections() { @@ -87,14 +89,14 @@ public Optional> maxOpenConnections() { } /** - * The root credential password used in the connection URL. + * The password to authenticate with. * */ @Import(name="password") private @Nullable Output password; /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ public Optional> password() { @@ -102,14 +104,14 @@ public Optional> password() { } /** - * The root credential username used in the connection URL. + * The username to authenticate with. * */ @Import(name="username") private @Nullable Output username; /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ public Optional> username() { @@ -117,14 +119,14 @@ public Optional> username() { } /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * Template describing how dynamic usernames are generated. * */ @Import(name="usernameTemplate") private @Nullable Output usernameTemplate; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return Template describing how dynamic usernames are generated. * */ public Optional> usernameTemplate() { @@ -162,9 +164,9 @@ public Builder(SecretBackendConnectionOracleArgs defaults) { } /** - * @param connectionUrl Specifies the Redshift DSN. See + * @param connectionUrl A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * * @return builder @@ -176,9 +178,9 @@ public Builder connectionUrl(@Nullable Output connectionUrl) { } /** - * @param connectionUrl Specifies the Redshift DSN. See + * @param connectionUrl A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * * @return builder @@ -189,7 +191,8 @@ public Builder connectionUrl(String connectionUrl) { } /** - * @param maxConnectionLifetime The maximum amount of time a connection may be reused. + * @param maxConnectionLifetime The maximum number of seconds to keep + * a connection alive for. * * @return builder * @@ -200,7 +203,8 @@ public Builder maxConnectionLifetime(@Nullable Output maxConnectionLife } /** - * @param maxConnectionLifetime The maximum amount of time a connection may be reused. + * @param maxConnectionLifetime The maximum number of seconds to keep + * a connection alive for. * * @return builder * @@ -211,7 +215,7 @@ public Builder maxConnectionLifetime(Integer maxConnectionLifetime) { /** * @param maxIdleConnections The maximum number of idle connections to - * the database. + * maintain. * * @return builder * @@ -223,7 +227,7 @@ public Builder maxIdleConnections(@Nullable Output maxIdleConnections) /** * @param maxIdleConnections The maximum number of idle connections to - * the database. + * maintain. * * @return builder * @@ -234,7 +238,7 @@ public Builder maxIdleConnections(Integer maxIdleConnections) { /** * @param maxOpenConnections The maximum number of open connections to - * the database. + * use. * * @return builder * @@ -246,7 +250,7 @@ public Builder maxOpenConnections(@Nullable Output maxOpenConnections) /** * @param maxOpenConnections The maximum number of open connections to - * the database. + * use. * * @return builder * @@ -256,7 +260,7 @@ public Builder maxOpenConnections(Integer maxOpenConnections) { } /** - * @param password The root credential password used in the connection URL. + * @param password The password to authenticate with. * * @return builder * @@ -267,7 +271,7 @@ public Builder password(@Nullable Output password) { } /** - * @param password The root credential password used in the connection URL. + * @param password The password to authenticate with. * * @return builder * @@ -277,7 +281,7 @@ public Builder password(String password) { } /** - * @param username The root credential username used in the connection URL. + * @param username The username to authenticate with. * * @return builder * @@ -288,7 +292,7 @@ public Builder username(@Nullable Output username) { } /** - * @param username The root credential username used in the connection URL. + * @param username The username to authenticate with. * * @return builder * @@ -298,7 +302,7 @@ public Builder username(String username) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate Template describing how dynamic usernames are generated. * * @return builder * @@ -309,7 +313,7 @@ public Builder usernameTemplate(@Nullable Output usernameTemplate) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate Template describing how dynamic usernames are generated. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionPostgresqlArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionPostgresqlArgs.java index d8c1988a3..ab88125a5 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionPostgresqlArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionPostgresqlArgs.java @@ -33,9 +33,9 @@ public Optional> authType() { } /** - * Specifies the Redshift DSN. See + * A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ @@ -43,9 +43,9 @@ public Optional> authType() { private @Nullable Output connectionUrl; /** - * @return Specifies the Redshift DSN. See + * @return A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ @@ -69,14 +69,16 @@ public Optional> disableEscaping() { } /** - * The maximum amount of time a connection may be reused. + * The maximum number of seconds to keep + * a connection alive for. * */ @Import(name="maxConnectionLifetime") private @Nullable Output maxConnectionLifetime; /** - * @return The maximum amount of time a connection may be reused. + * @return The maximum number of seconds to keep + * a connection alive for. * */ public Optional> maxConnectionLifetime() { @@ -85,7 +87,7 @@ public Optional> maxConnectionLifetime() { /** * The maximum number of idle connections to - * the database. + * maintain. * */ @Import(name="maxIdleConnections") @@ -93,7 +95,7 @@ public Optional> maxConnectionLifetime() { /** * @return The maximum number of idle connections to - * the database. + * maintain. * */ public Optional> maxIdleConnections() { @@ -102,7 +104,7 @@ public Optional> maxIdleConnections() { /** * The maximum number of open connections to - * the database. + * use. * */ @Import(name="maxOpenConnections") @@ -110,7 +112,7 @@ public Optional> maxIdleConnections() { /** * @return The maximum number of open connections to - * the database. + * use. * */ public Optional> maxOpenConnections() { @@ -118,14 +120,14 @@ public Optional> maxOpenConnections() { } /** - * The root credential password used in the connection URL. + * The password to authenticate with. * */ @Import(name="password") private @Nullable Output password; /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ public Optional> password() { @@ -148,14 +150,14 @@ public Optional> serviceAccountJson() { } /** - * The root credential username used in the connection URL. + * The username to authenticate with. * */ @Import(name="username") private @Nullable Output username; /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ public Optional> username() { @@ -163,14 +165,14 @@ public Optional> username() { } /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * Template describing how dynamic usernames are generated. * */ @Import(name="usernameTemplate") private @Nullable Output usernameTemplate; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return Template describing how dynamic usernames are generated. * */ public Optional> usernameTemplate() { @@ -232,9 +234,9 @@ public Builder authType(String authType) { } /** - * @param connectionUrl Specifies the Redshift DSN. See + * @param connectionUrl A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * * @return builder @@ -246,9 +248,9 @@ public Builder connectionUrl(@Nullable Output connectionUrl) { } /** - * @param connectionUrl Specifies the Redshift DSN. See + * @param connectionUrl A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * * @return builder @@ -280,7 +282,8 @@ public Builder disableEscaping(Boolean disableEscaping) { } /** - * @param maxConnectionLifetime The maximum amount of time a connection may be reused. + * @param maxConnectionLifetime The maximum number of seconds to keep + * a connection alive for. * * @return builder * @@ -291,7 +294,8 @@ public Builder maxConnectionLifetime(@Nullable Output maxConnectionLife } /** - * @param maxConnectionLifetime The maximum amount of time a connection may be reused. + * @param maxConnectionLifetime The maximum number of seconds to keep + * a connection alive for. * * @return builder * @@ -302,7 +306,7 @@ public Builder maxConnectionLifetime(Integer maxConnectionLifetime) { /** * @param maxIdleConnections The maximum number of idle connections to - * the database. + * maintain. * * @return builder * @@ -314,7 +318,7 @@ public Builder maxIdleConnections(@Nullable Output maxIdleConnections) /** * @param maxIdleConnections The maximum number of idle connections to - * the database. + * maintain. * * @return builder * @@ -325,7 +329,7 @@ public Builder maxIdleConnections(Integer maxIdleConnections) { /** * @param maxOpenConnections The maximum number of open connections to - * the database. + * use. * * @return builder * @@ -337,7 +341,7 @@ public Builder maxOpenConnections(@Nullable Output maxOpenConnections) /** * @param maxOpenConnections The maximum number of open connections to - * the database. + * use. * * @return builder * @@ -347,7 +351,7 @@ public Builder maxOpenConnections(Integer maxOpenConnections) { } /** - * @param password The root credential password used in the connection URL. + * @param password The password to authenticate with. * * @return builder * @@ -358,7 +362,7 @@ public Builder password(@Nullable Output password) { } /** - * @param password The root credential password used in the connection URL. + * @param password The password to authenticate with. * * @return builder * @@ -389,7 +393,7 @@ public Builder serviceAccountJson(String serviceAccountJson) { } /** - * @param username The root credential username used in the connection URL. + * @param username The username to authenticate with. * * @return builder * @@ -400,7 +404,7 @@ public Builder username(@Nullable Output username) { } /** - * @param username The root credential username used in the connection URL. + * @param username The username to authenticate with. * * @return builder * @@ -410,7 +414,7 @@ public Builder username(String username) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate Template describing how dynamic usernames are generated. * * @return builder * @@ -421,7 +425,7 @@ public Builder usernameTemplate(@Nullable Output usernameTemplate) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate Template describing how dynamic usernames are generated. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionRedisArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionRedisArgs.java index 74af2af32..23ca695b2 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionRedisArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionRedisArgs.java @@ -65,14 +65,14 @@ public Optional> insecureTls() { } /** - * The root credential password used in the connection URL. + * The password to authenticate with. * */ @Import(name="password", required=true) private Output password; /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ public Output password() { @@ -97,14 +97,14 @@ public Optional> port() { } /** - * Whether to use TLS when connecting to Redis. + * Whether to use TLS when connecting to Cassandra. * */ @Import(name="tls") private @Nullable Output tls; /** - * @return Whether to use TLS when connecting to Redis. + * @return Whether to use TLS when connecting to Cassandra. * */ public Optional> tls() { @@ -112,14 +112,14 @@ public Optional> tls() { } /** - * The root credential username used in the connection URL. + * The username to authenticate with. * */ @Import(name="username", required=true) private Output username; /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ public Output username() { @@ -222,7 +222,7 @@ public Builder insecureTls(Boolean insecureTls) { } /** - * @param password The root credential password used in the connection URL. + * @param password The password to authenticate with. * * @return builder * @@ -233,7 +233,7 @@ public Builder password(Output password) { } /** - * @param password The root credential password used in the connection URL. + * @param password The password to authenticate with. * * @return builder * @@ -266,7 +266,7 @@ public Builder port(Integer port) { } /** - * @param tls Whether to use TLS when connecting to Redis. + * @param tls Whether to use TLS when connecting to Cassandra. * * @return builder * @@ -277,7 +277,7 @@ public Builder tls(@Nullable Output tls) { } /** - * @param tls Whether to use TLS when connecting to Redis. + * @param tls Whether to use TLS when connecting to Cassandra. * * @return builder * @@ -287,7 +287,7 @@ public Builder tls(Boolean tls) { } /** - * @param username The root credential username used in the connection URL. + * @param username The username to authenticate with. * * @return builder * @@ -298,7 +298,7 @@ public Builder username(Output username) { } /** - * @param username The root credential username used in the connection URL. + * @param username The username to authenticate with. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionRedisElasticacheArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionRedisElasticacheArgs.java index 7ca919e46..cefe7bcb9 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionRedisElasticacheArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionRedisElasticacheArgs.java @@ -16,14 +16,14 @@ public final class SecretBackendConnectionRedisElasticacheArgs extends com.pulum public static final SecretBackendConnectionRedisElasticacheArgs Empty = new SecretBackendConnectionRedisElasticacheArgs(); /** - * The root credential password used in the connection URL. + * The password to authenticate with. * */ @Import(name="password") private @Nullable Output password; /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ public Optional> password() { @@ -63,14 +63,14 @@ public Output url() { } /** - * The root credential username used in the connection URL. + * The username to authenticate with. * */ @Import(name="username") private @Nullable Output username; /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ public Optional> username() { @@ -105,7 +105,7 @@ public Builder(SecretBackendConnectionRedisElasticacheArgs defaults) { } /** - * @param password The root credential password used in the connection URL. + * @param password The password to authenticate with. * * @return builder * @@ -116,7 +116,7 @@ public Builder password(@Nullable Output password) { } /** - * @param password The root credential password used in the connection URL. + * @param password The password to authenticate with. * * @return builder * @@ -170,7 +170,7 @@ public Builder url(String url) { } /** - * @param username The root credential username used in the connection URL. + * @param username The username to authenticate with. * * @return builder * @@ -181,7 +181,7 @@ public Builder username(@Nullable Output username) { } /** - * @param username The root credential username used in the connection URL. + * @param username The username to authenticate with. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionRedshiftArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionRedshiftArgs.java index f20b57f29..8b7af86f0 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionRedshiftArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionRedshiftArgs.java @@ -18,9 +18,9 @@ public final class SecretBackendConnectionRedshiftArgs extends com.pulumi.resour public static final SecretBackendConnectionRedshiftArgs Empty = new SecretBackendConnectionRedshiftArgs(); /** - * Specifies the Redshift DSN. See + * A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ @@ -28,9 +28,9 @@ public final class SecretBackendConnectionRedshiftArgs extends com.pulumi.resour private @Nullable Output connectionUrl; /** - * @return Specifies the Redshift DSN. See + * @return A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ @@ -54,14 +54,16 @@ public Optional> disableEscaping() { } /** - * The maximum amount of time a connection may be reused. + * The maximum number of seconds to keep + * a connection alive for. * */ @Import(name="maxConnectionLifetime") private @Nullable Output maxConnectionLifetime; /** - * @return The maximum amount of time a connection may be reused. + * @return The maximum number of seconds to keep + * a connection alive for. * */ public Optional> maxConnectionLifetime() { @@ -70,7 +72,7 @@ public Optional> maxConnectionLifetime() { /** * The maximum number of idle connections to - * the database. + * maintain. * */ @Import(name="maxIdleConnections") @@ -78,7 +80,7 @@ public Optional> maxConnectionLifetime() { /** * @return The maximum number of idle connections to - * the database. + * maintain. * */ public Optional> maxIdleConnections() { @@ -87,7 +89,7 @@ public Optional> maxIdleConnections() { /** * The maximum number of open connections to - * the database. + * use. * */ @Import(name="maxOpenConnections") @@ -95,7 +97,7 @@ public Optional> maxIdleConnections() { /** * @return The maximum number of open connections to - * the database. + * use. * */ public Optional> maxOpenConnections() { @@ -103,14 +105,14 @@ public Optional> maxOpenConnections() { } /** - * The root credential password used in the connection URL. + * The password to authenticate with. * */ @Import(name="password") private @Nullable Output password; /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ public Optional> password() { @@ -118,14 +120,14 @@ public Optional> password() { } /** - * The root credential username used in the connection URL. + * The username to authenticate with. * */ @Import(name="username") private @Nullable Output username; /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ public Optional> username() { @@ -133,14 +135,14 @@ public Optional> username() { } /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * Template describing how dynamic usernames are generated. * */ @Import(name="usernameTemplate") private @Nullable Output usernameTemplate; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return Template describing how dynamic usernames are generated. * */ public Optional> usernameTemplate() { @@ -179,9 +181,9 @@ public Builder(SecretBackendConnectionRedshiftArgs defaults) { } /** - * @param connectionUrl Specifies the Redshift DSN. See + * @param connectionUrl A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * * @return builder @@ -193,9 +195,9 @@ public Builder connectionUrl(@Nullable Output connectionUrl) { } /** - * @param connectionUrl Specifies the Redshift DSN. See + * @param connectionUrl A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * * @return builder @@ -227,7 +229,8 @@ public Builder disableEscaping(Boolean disableEscaping) { } /** - * @param maxConnectionLifetime The maximum amount of time a connection may be reused. + * @param maxConnectionLifetime The maximum number of seconds to keep + * a connection alive for. * * @return builder * @@ -238,7 +241,8 @@ public Builder maxConnectionLifetime(@Nullable Output maxConnectionLife } /** - * @param maxConnectionLifetime The maximum amount of time a connection may be reused. + * @param maxConnectionLifetime The maximum number of seconds to keep + * a connection alive for. * * @return builder * @@ -249,7 +253,7 @@ public Builder maxConnectionLifetime(Integer maxConnectionLifetime) { /** * @param maxIdleConnections The maximum number of idle connections to - * the database. + * maintain. * * @return builder * @@ -261,7 +265,7 @@ public Builder maxIdleConnections(@Nullable Output maxIdleConnections) /** * @param maxIdleConnections The maximum number of idle connections to - * the database. + * maintain. * * @return builder * @@ -272,7 +276,7 @@ public Builder maxIdleConnections(Integer maxIdleConnections) { /** * @param maxOpenConnections The maximum number of open connections to - * the database. + * use. * * @return builder * @@ -284,7 +288,7 @@ public Builder maxOpenConnections(@Nullable Output maxOpenConnections) /** * @param maxOpenConnections The maximum number of open connections to - * the database. + * use. * * @return builder * @@ -294,7 +298,7 @@ public Builder maxOpenConnections(Integer maxOpenConnections) { } /** - * @param password The root credential password used in the connection URL. + * @param password The password to authenticate with. * * @return builder * @@ -305,7 +309,7 @@ public Builder password(@Nullable Output password) { } /** - * @param password The root credential password used in the connection URL. + * @param password The password to authenticate with. * * @return builder * @@ -315,7 +319,7 @@ public Builder password(String password) { } /** - * @param username The root credential username used in the connection URL. + * @param username The username to authenticate with. * * @return builder * @@ -326,7 +330,7 @@ public Builder username(@Nullable Output username) { } /** - * @param username The root credential username used in the connection URL. + * @param username The username to authenticate with. * * @return builder * @@ -336,7 +340,7 @@ public Builder username(String username) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate Template describing how dynamic usernames are generated. * * @return builder * @@ -347,7 +351,7 @@ public Builder usernameTemplate(@Nullable Output usernameTemplate) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate Template describing how dynamic usernames are generated. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionSnowflakeArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionSnowflakeArgs.java index ae7d95ccb..b4f65d214 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionSnowflakeArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionSnowflakeArgs.java @@ -17,9 +17,9 @@ public final class SecretBackendConnectionSnowflakeArgs extends com.pulumi.resou public static final SecretBackendConnectionSnowflakeArgs Empty = new SecretBackendConnectionSnowflakeArgs(); /** - * Specifies the Redshift DSN. See + * A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ @@ -27,9 +27,9 @@ public final class SecretBackendConnectionSnowflakeArgs extends com.pulumi.resou private @Nullable Output connectionUrl; /** - * @return Specifies the Redshift DSN. See + * @return A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ @@ -38,14 +38,16 @@ public Optional> connectionUrl() { } /** - * The maximum amount of time a connection may be reused. + * The maximum number of seconds to keep + * a connection alive for. * */ @Import(name="maxConnectionLifetime") private @Nullable Output maxConnectionLifetime; /** - * @return The maximum amount of time a connection may be reused. + * @return The maximum number of seconds to keep + * a connection alive for. * */ public Optional> maxConnectionLifetime() { @@ -54,7 +56,7 @@ public Optional> maxConnectionLifetime() { /** * The maximum number of idle connections to - * the database. + * maintain. * */ @Import(name="maxIdleConnections") @@ -62,7 +64,7 @@ public Optional> maxConnectionLifetime() { /** * @return The maximum number of idle connections to - * the database. + * maintain. * */ public Optional> maxIdleConnections() { @@ -71,7 +73,7 @@ public Optional> maxIdleConnections() { /** * The maximum number of open connections to - * the database. + * use. * */ @Import(name="maxOpenConnections") @@ -79,7 +81,7 @@ public Optional> maxIdleConnections() { /** * @return The maximum number of open connections to - * the database. + * use. * */ public Optional> maxOpenConnections() { @@ -87,14 +89,14 @@ public Optional> maxOpenConnections() { } /** - * The root credential password used in the connection URL. + * The password to authenticate with. * */ @Import(name="password") private @Nullable Output password; /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ public Optional> password() { @@ -102,14 +104,14 @@ public Optional> password() { } /** - * The root credential username used in the connection URL. + * The username to authenticate with. * */ @Import(name="username") private @Nullable Output username; /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ public Optional> username() { @@ -117,14 +119,14 @@ public Optional> username() { } /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * Template describing how dynamic usernames are generated. * */ @Import(name="usernameTemplate") private @Nullable Output usernameTemplate; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return Template describing how dynamic usernames are generated. * */ public Optional> usernameTemplate() { @@ -162,9 +164,9 @@ public Builder(SecretBackendConnectionSnowflakeArgs defaults) { } /** - * @param connectionUrl Specifies the Redshift DSN. See + * @param connectionUrl A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * * @return builder @@ -176,9 +178,9 @@ public Builder connectionUrl(@Nullable Output connectionUrl) { } /** - * @param connectionUrl Specifies the Redshift DSN. See + * @param connectionUrl A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * * @return builder @@ -189,7 +191,8 @@ public Builder connectionUrl(String connectionUrl) { } /** - * @param maxConnectionLifetime The maximum amount of time a connection may be reused. + * @param maxConnectionLifetime The maximum number of seconds to keep + * a connection alive for. * * @return builder * @@ -200,7 +203,8 @@ public Builder maxConnectionLifetime(@Nullable Output maxConnectionLife } /** - * @param maxConnectionLifetime The maximum amount of time a connection may be reused. + * @param maxConnectionLifetime The maximum number of seconds to keep + * a connection alive for. * * @return builder * @@ -211,7 +215,7 @@ public Builder maxConnectionLifetime(Integer maxConnectionLifetime) { /** * @param maxIdleConnections The maximum number of idle connections to - * the database. + * maintain. * * @return builder * @@ -223,7 +227,7 @@ public Builder maxIdleConnections(@Nullable Output maxIdleConnections) /** * @param maxIdleConnections The maximum number of idle connections to - * the database. + * maintain. * * @return builder * @@ -234,7 +238,7 @@ public Builder maxIdleConnections(Integer maxIdleConnections) { /** * @param maxOpenConnections The maximum number of open connections to - * the database. + * use. * * @return builder * @@ -246,7 +250,7 @@ public Builder maxOpenConnections(@Nullable Output maxOpenConnections) /** * @param maxOpenConnections The maximum number of open connections to - * the database. + * use. * * @return builder * @@ -256,7 +260,7 @@ public Builder maxOpenConnections(Integer maxOpenConnections) { } /** - * @param password The root credential password used in the connection URL. + * @param password The password to authenticate with. * * @return builder * @@ -267,7 +271,7 @@ public Builder password(@Nullable Output password) { } /** - * @param password The root credential password used in the connection URL. + * @param password The password to authenticate with. * * @return builder * @@ -277,7 +281,7 @@ public Builder password(String password) { } /** - * @param username The root credential username used in the connection URL. + * @param username The username to authenticate with. * * @return builder * @@ -288,7 +292,7 @@ public Builder username(@Nullable Output username) { } /** - * @param username The root credential username used in the connection URL. + * @param username The username to authenticate with. * * @return builder * @@ -298,7 +302,7 @@ public Builder username(String username) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate Template describing how dynamic usernames are generated. * * @return builder * @@ -309,7 +313,7 @@ public Builder usernameTemplate(@Nullable Output usernameTemplate) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate Template describing how dynamic usernames are generated. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionState.java b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionState.java index cb36a96b2..348eca8bc 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendConnectionState.java @@ -363,6 +363,8 @@ public Optional> redis() { /** * A nested block containing configuration options for Redis ElastiCache connections. * + * Exactly one of the nested blocks of configuration options must be supplied. + * */ @Import(name="redisElasticache") private @Nullable Output redisElasticache; @@ -370,6 +372,8 @@ public Optional> redis() { /** * @return A nested block containing configuration options for Redis ElastiCache connections. * + * Exactly one of the nested blocks of configuration options must be supplied. + * */ public Optional> redisElasticache() { return Optional.ofNullable(this.redisElasticache); @@ -949,6 +953,8 @@ public Builder redis(SecretBackendConnectionRedisArgs redis) { /** * @param redisElasticache A nested block containing configuration options for Redis ElastiCache connections. * + * Exactly one of the nested blocks of configuration options must be supplied. + * * @return builder * */ @@ -960,6 +966,8 @@ public Builder redisElasticache(@Nullable Output>> creationStatements() { * Specifies the configuration * for the given `credential_type`. * + * The following options are available for each `credential_type` value: + * */ @Import(name="credentialConfig") private @Nullable Output> credentialConfig; @@ -63,6 +65,8 @@ public Optional>> creationStatements() { * @return Specifies the configuration * for the given `credential_type`. * + * The following options are available for each `credential_type` value: + * */ public Optional>> credentialConfig() { return Optional.ofNullable(this.credentialConfig); @@ -319,6 +323,8 @@ public Builder creationStatements(String... creationStatements) { * @param credentialConfig Specifies the configuration * for the given `credential_type`. * + * The following options are available for each `credential_type` value: + * * @return builder * */ @@ -331,6 +337,8 @@ public Builder credentialConfig(@Nullable Output> credentialC * @param credentialConfig Specifies the configuration * for the given `credential_type`. * + * The following options are available for each `credential_type` value: + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendStaticRoleState.java b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendStaticRoleState.java index 796f2d393..2642d8ec2 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendStaticRoleState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretBackendStaticRoleState.java @@ -104,6 +104,9 @@ public Optional> rotationPeriod() { * A cron-style string that will define the schedule on which rotations should occur. * Mutually exclusive with `rotation_period`. * + * **Warning**: The `rotation_period` and `rotation_schedule` fields are + * mutually exclusive. One of them must be set but not both. + * */ @Import(name="rotationSchedule") private @Nullable Output rotationSchedule; @@ -112,6 +115,9 @@ public Optional> rotationPeriod() { * @return A cron-style string that will define the schedule on which rotations should occur. * Mutually exclusive with `rotation_period`. * + * **Warning**: The `rotation_period` and `rotation_schedule` fields are + * mutually exclusive. One of them must be set but not both. + * */ public Optional> rotationSchedule() { return Optional.ofNullable(this.rotationSchedule); @@ -313,6 +319,9 @@ public Builder rotationPeriod(Integer rotationPeriod) { * @param rotationSchedule A cron-style string that will define the schedule on which rotations should occur. * Mutually exclusive with `rotation_period`. * + * **Warning**: The `rotation_period` and `rotation_schedule` fields are + * mutually exclusive. One of them must be set but not both. + * * @return builder * */ @@ -325,6 +334,9 @@ public Builder rotationSchedule(@Nullable Output rotationSchedule) { * @param rotationSchedule A cron-style string that will define the schedule on which rotations should occur. * Mutually exclusive with `rotation_period`. * + * **Warning**: The `rotation_period` and `rotation_schedule` fields are + * mutually exclusive. One of them must be set but not both. + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountCassandraArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountCassandraArgs.java index fb13cdd5e..7ddc3c595 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountCassandraArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountCassandraArgs.java @@ -57,6 +57,8 @@ public Optional> connectTimeout() { /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ @Import(name="data") private @Nullable Output> data; @@ -64,20 +66,22 @@ public Optional> connectTimeout() { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ public Optional>> data() { return Optional.ofNullable(this.data); } /** - * A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + * The hosts to connect to. * */ @Import(name="hosts") private @Nullable Output> hosts; /** - * @return A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + * @return The hosts to connect to. * */ public Optional>> hosts() { @@ -109,14 +113,14 @@ public Output name() { } /** - * The password to be used in the connection. + * The root credential password used in the connection URL. * */ @Import(name="password") private @Nullable Output password; /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ public Optional> password() { @@ -218,14 +222,14 @@ public Optional>> rootRotationStatements() { } /** - * Whether to use TLS when connecting to Redis. + * Whether to use TLS when connecting to Cassandra. * */ @Import(name="tls") private @Nullable Output tls; /** - * @return Whether to use TLS when connecting to Redis. + * @return Whether to use TLS when connecting to Cassandra. * */ public Optional> tls() { @@ -233,14 +237,14 @@ public Optional> tls() { } /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. * */ @Import(name="username") private @Nullable Output username; /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ public Optional> username() { @@ -363,6 +367,8 @@ public Builder connectTimeout(Integer connectTimeout) { /** * @param data A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * * @return builder * */ @@ -374,6 +380,8 @@ public Builder data(@Nullable Output> data) { /** * @param data A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * * @return builder * */ @@ -382,7 +390,7 @@ public Builder data(Map data) { } /** - * @param hosts A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + * @param hosts The hosts to connect to. * * @return builder * @@ -393,7 +401,7 @@ public Builder hosts(@Nullable Output> hosts) { } /** - * @param hosts A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + * @param hosts The hosts to connect to. * * @return builder * @@ -403,7 +411,7 @@ public Builder hosts(List hosts) { } /** - * @param hosts A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + * @param hosts The hosts to connect to. * * @return builder * @@ -445,7 +453,7 @@ public Builder name(String name) { } /** - * @param password The password to be used in the connection. + * @param password The root credential password used in the connection URL. * * @return builder * @@ -456,7 +464,7 @@ public Builder password(@Nullable Output password) { } /** - * @param password The password to be used in the connection. + * @param password The root credential password used in the connection URL. * * @return builder * @@ -606,7 +614,7 @@ public Builder rootRotationStatements(String... rootRotationStatements) { } /** - * @param tls Whether to use TLS when connecting to Redis. + * @param tls Whether to use TLS when connecting to Cassandra. * * @return builder * @@ -617,7 +625,7 @@ public Builder tls(@Nullable Output tls) { } /** - * @param tls Whether to use TLS when connecting to Redis. + * @param tls Whether to use TLS when connecting to Cassandra. * * @return builder * @@ -627,7 +635,7 @@ public Builder tls(Boolean tls) { } /** - * @param username The username to be used in the connection (the account admin level). + * @param username The root credential username used in the connection URL. * * @return builder * @@ -638,7 +646,7 @@ public Builder username(@Nullable Output username) { } /** - * @param username The username to be used in the connection (the account admin level). + * @param username The root credential username used in the connection URL. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountCouchbaseArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountCouchbaseArgs.java index a49acff96..bc50eb790 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountCouchbaseArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountCouchbaseArgs.java @@ -69,6 +69,8 @@ public Optional> bucketName() { /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ @Import(name="data") private @Nullable Output> data; @@ -76,20 +78,22 @@ public Optional> bucketName() { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ public Optional>> data() { return Optional.ofNullable(this.data); } /** - * A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + * The hosts to connect to. * */ @Import(name="hosts", required=true) private Output> hosts; /** - * @return A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + * @return The hosts to connect to. * */ public Output> hosts() { @@ -121,14 +125,14 @@ public Output name() { } /** - * The password to be used in the connection. + * The root credential password used in the connection URL. * */ @Import(name="password", required=true) private Output password; /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ public Output password() { @@ -166,14 +170,14 @@ public Optional>> rootRotationStatements() { } /** - * Whether to use TLS when connecting to Redis. + * Whether to use TLS when connecting to Cassandra. * */ @Import(name="tls") private @Nullable Output tls; /** - * @return Whether to use TLS when connecting to Redis. + * @return Whether to use TLS when connecting to Cassandra. * */ public Optional> tls() { @@ -181,14 +185,14 @@ public Optional> tls() { } /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. * */ @Import(name="username", required=true) private Output username; /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ public Output username() { @@ -196,14 +200,14 @@ public Output username() { } /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ @Import(name="usernameTemplate") private @Nullable Output usernameTemplate; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ public Optional> usernameTemplate() { @@ -343,6 +347,8 @@ public Builder bucketName(String bucketName) { /** * @param data A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * * @return builder * */ @@ -354,6 +360,8 @@ public Builder data(@Nullable Output> data) { /** * @param data A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * * @return builder * */ @@ -362,7 +370,7 @@ public Builder data(Map data) { } /** - * @param hosts A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + * @param hosts The hosts to connect to. * * @return builder * @@ -373,7 +381,7 @@ public Builder hosts(Output> hosts) { } /** - * @param hosts A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + * @param hosts The hosts to connect to. * * @return builder * @@ -383,7 +391,7 @@ public Builder hosts(List hosts) { } /** - * @param hosts A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + * @param hosts The hosts to connect to. * * @return builder * @@ -425,7 +433,7 @@ public Builder name(String name) { } /** - * @param password The password to be used in the connection. + * @param password The root credential password used in the connection URL. * * @return builder * @@ -436,7 +444,7 @@ public Builder password(Output password) { } /** - * @param password The password to be used in the connection. + * @param password The root credential password used in the connection URL. * * @return builder * @@ -498,7 +506,7 @@ public Builder rootRotationStatements(String... rootRotationStatements) { } /** - * @param tls Whether to use TLS when connecting to Redis. + * @param tls Whether to use TLS when connecting to Cassandra. * * @return builder * @@ -509,7 +517,7 @@ public Builder tls(@Nullable Output tls) { } /** - * @param tls Whether to use TLS when connecting to Redis. + * @param tls Whether to use TLS when connecting to Cassandra. * * @return builder * @@ -519,7 +527,7 @@ public Builder tls(Boolean tls) { } /** - * @param username The username to be used in the connection (the account admin level). + * @param username The root credential username used in the connection URL. * * @return builder * @@ -530,7 +538,7 @@ public Builder username(Output username) { } /** - * @param username The username to be used in the connection (the account admin level). + * @param username The root credential username used in the connection URL. * * @return builder * @@ -540,7 +548,7 @@ public Builder username(String username) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * * @return builder * @@ -551,7 +559,7 @@ public Builder usernameTemplate(@Nullable Output usernameTemplate) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountElasticsearchArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountElasticsearchArgs.java index 2fe6e3a1e..8a21ffac9 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountElasticsearchArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountElasticsearchArgs.java @@ -37,14 +37,14 @@ public Optional>> allowedRoles() { } /** - * The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity. + * The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. * */ @Import(name="caCert") private @Nullable Output caCert; /** - * @return The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity. + * @return The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. * */ public Optional> caCert() { @@ -99,6 +99,8 @@ public Optional> clientKey() { /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ @Import(name="data") private @Nullable Output> data; @@ -106,6 +108,8 @@ public Optional> clientKey() { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ public Optional>> data() { return Optional.ofNullable(this.data); @@ -134,14 +138,14 @@ public Output name() { } /** - * The password to be used in the connection. + * The root credential password used in the connection URL. * */ @Import(name="password", required=true) private Output password; /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ public Output password() { @@ -194,14 +198,16 @@ public Optional> tlsServerName() { } /** - * The configuration endpoint for the ElastiCache cluster to connect to. + * The URL for Elasticsearch's API. https requires certificate + * by trusted CA if used. * */ @Import(name="url", required=true) private Output url; /** - * @return The configuration endpoint for the ElastiCache cluster to connect to. + * @return The URL for Elasticsearch's API. https requires certificate + * by trusted CA if used. * */ public Output url() { @@ -209,14 +215,14 @@ public Output url() { } /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. * */ @Import(name="username", required=true) private Output username; /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ public Output username() { @@ -224,14 +230,14 @@ public Output username() { } /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ @Import(name="usernameTemplate") private @Nullable Output usernameTemplate; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ public Optional> usernameTemplate() { @@ -329,7 +335,7 @@ public Builder allowedRoles(String... allowedRoles) { } /** - * @param caCert The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity. + * @param caCert The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. * * @return builder * @@ -340,7 +346,7 @@ public Builder caCert(@Nullable Output caCert) { } /** - * @param caCert The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity. + * @param caCert The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. * * @return builder * @@ -415,6 +421,8 @@ public Builder clientKey(String clientKey) { /** * @param data A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * * @return builder * */ @@ -426,6 +434,8 @@ public Builder data(@Nullable Output> data) { /** * @param data A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * * @return builder * */ @@ -464,7 +474,7 @@ public Builder name(String name) { } /** - * @param password The password to be used in the connection. + * @param password The root credential password used in the connection URL. * * @return builder * @@ -475,7 +485,7 @@ public Builder password(Output password) { } /** - * @param password The password to be used in the connection. + * @param password The root credential password used in the connection URL. * * @return builder * @@ -558,7 +568,8 @@ public Builder tlsServerName(String tlsServerName) { } /** - * @param url The configuration endpoint for the ElastiCache cluster to connect to. + * @param url The URL for Elasticsearch's API. https requires certificate + * by trusted CA if used. * * @return builder * @@ -569,7 +580,8 @@ public Builder url(Output url) { } /** - * @param url The configuration endpoint for the ElastiCache cluster to connect to. + * @param url The URL for Elasticsearch's API. https requires certificate + * by trusted CA if used. * * @return builder * @@ -579,7 +591,7 @@ public Builder url(String url) { } /** - * @param username The username to be used in the connection (the account admin level). + * @param username The root credential username used in the connection URL. * * @return builder * @@ -590,7 +602,7 @@ public Builder username(Output username) { } /** - * @param username The username to be used in the connection (the account admin level). + * @param username The root credential username used in the connection URL. * * @return builder * @@ -600,7 +612,7 @@ public Builder username(String username) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * * @return builder * @@ -611,7 +623,7 @@ public Builder usernameTemplate(@Nullable Output usernameTemplate) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountHanaArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountHanaArgs.java index aaf9cdbfd..e42f6ba29 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountHanaArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountHanaArgs.java @@ -38,16 +38,16 @@ public Optional>> allowedRoles() { } /** - * A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ @Import(name="connectionUrl") private @Nullable Output connectionUrl; /** - * @return A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @return Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ public Optional> connectionUrl() { @@ -57,6 +57,8 @@ public Optional> connectionUrl() { /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ @Import(name="data") private @Nullable Output> data; @@ -64,6 +66,8 @@ public Optional> connectionUrl() { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ public Optional>> data() { return Optional.ofNullable(this.data); @@ -85,16 +89,14 @@ public Optional> disableEscaping() { } /** - * The maximum number of seconds to keep - * a connection alive for. + * The maximum amount of time a connection may be reused. * */ @Import(name="maxConnectionLifetime") private @Nullable Output maxConnectionLifetime; /** - * @return The maximum number of seconds to keep - * a connection alive for. + * @return The maximum amount of time a connection may be reused. * */ public Optional> maxConnectionLifetime() { @@ -103,7 +105,7 @@ public Optional> maxConnectionLifetime() { /** * The maximum number of idle connections to - * maintain. + * the database. * */ @Import(name="maxIdleConnections") @@ -111,7 +113,7 @@ public Optional> maxConnectionLifetime() { /** * @return The maximum number of idle connections to - * maintain. + * the database. * */ public Optional> maxIdleConnections() { @@ -120,7 +122,7 @@ public Optional> maxIdleConnections() { /** * The maximum number of open connections to - * use. + * the database. * */ @Import(name="maxOpenConnections") @@ -128,7 +130,7 @@ public Optional> maxIdleConnections() { /** * @return The maximum number of open connections to - * use. + * the database. * */ public Optional> maxOpenConnections() { @@ -143,14 +145,14 @@ public Output name() { } /** - * The password to be used in the connection. + * The root credential password used in the connection URL. * */ @Import(name="password") private @Nullable Output password; /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ public Optional> password() { @@ -188,14 +190,14 @@ public Optional>> rootRotationStatements() { } /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. * */ @Import(name="username") private @Nullable Output username; /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ public Optional> username() { @@ -290,8 +292,8 @@ public Builder allowedRoles(String... allowedRoles) { } /** - * @param connectionUrl A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @param connectionUrl Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * * @return builder * @@ -302,8 +304,8 @@ public Builder connectionUrl(@Nullable Output connectionUrl) { } /** - * @param connectionUrl A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @param connectionUrl Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * * @return builder * @@ -315,6 +317,8 @@ public Builder connectionUrl(String connectionUrl) { /** * @param data A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * * @return builder * */ @@ -326,6 +330,8 @@ public Builder data(@Nullable Output> data) { /** * @param data A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * * @return builder * */ @@ -355,8 +361,7 @@ public Builder disableEscaping(Boolean disableEscaping) { } /** - * @param maxConnectionLifetime The maximum number of seconds to keep - * a connection alive for. + * @param maxConnectionLifetime The maximum amount of time a connection may be reused. * * @return builder * @@ -367,8 +372,7 @@ public Builder maxConnectionLifetime(@Nullable Output maxConnectionLife } /** - * @param maxConnectionLifetime The maximum number of seconds to keep - * a connection alive for. + * @param maxConnectionLifetime The maximum amount of time a connection may be reused. * * @return builder * @@ -379,7 +383,7 @@ public Builder maxConnectionLifetime(Integer maxConnectionLifetime) { /** * @param maxIdleConnections The maximum number of idle connections to - * maintain. + * the database. * * @return builder * @@ -391,7 +395,7 @@ public Builder maxIdleConnections(@Nullable Output maxIdleConnections) /** * @param maxIdleConnections The maximum number of idle connections to - * maintain. + * the database. * * @return builder * @@ -402,7 +406,7 @@ public Builder maxIdleConnections(Integer maxIdleConnections) { /** * @param maxOpenConnections The maximum number of open connections to - * use. + * the database. * * @return builder * @@ -414,7 +418,7 @@ public Builder maxOpenConnections(@Nullable Output maxOpenConnections) /** * @param maxOpenConnections The maximum number of open connections to - * use. + * the database. * * @return builder * @@ -433,7 +437,7 @@ public Builder name(String name) { } /** - * @param password The password to be used in the connection. + * @param password The root credential password used in the connection URL. * * @return builder * @@ -444,7 +448,7 @@ public Builder password(@Nullable Output password) { } /** - * @param password The password to be used in the connection. + * @param password The root credential password used in the connection URL. * * @return builder * @@ -506,7 +510,7 @@ public Builder rootRotationStatements(String... rootRotationStatements) { } /** - * @param username The username to be used in the connection (the account admin level). + * @param username The root credential username used in the connection URL. * * @return builder * @@ -517,7 +521,7 @@ public Builder username(@Nullable Output username) { } /** - * @param username The username to be used in the connection (the account admin level). + * @param username The root credential username used in the connection URL. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountInfluxdbArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountInfluxdbArgs.java index f82178ffc..50aac0a81 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountInfluxdbArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountInfluxdbArgs.java @@ -57,6 +57,8 @@ public Optional> connectTimeout() { /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ @Import(name="data") private @Nullable Output> data; @@ -64,6 +66,8 @@ public Optional> connectTimeout() { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ public Optional>> data() { return Optional.ofNullable(this.data); @@ -109,14 +113,14 @@ public Output name() { } /** - * The password to be used in the connection. + * The root credential password used in the connection URL. * */ @Import(name="password", required=true) private Output password; /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ public Output password() { @@ -203,14 +207,14 @@ public Optional>> rootRotationStatements() { } /** - * Whether to use TLS when connecting to Redis. + * Whether to use TLS when connecting to Cassandra. * */ @Import(name="tls") private @Nullable Output tls; /** - * @return Whether to use TLS when connecting to Redis. + * @return Whether to use TLS when connecting to Cassandra. * */ public Optional> tls() { @@ -218,14 +222,14 @@ public Optional> tls() { } /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. * */ @Import(name="username", required=true) private Output username; /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ public Output username() { @@ -233,14 +237,14 @@ public Output username() { } /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ @Import(name="usernameTemplate") private @Nullable Output usernameTemplate; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ public Optional> usernameTemplate() { @@ -363,6 +367,8 @@ public Builder connectTimeout(Integer connectTimeout) { /** * @param data A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * * @return builder * */ @@ -374,6 +380,8 @@ public Builder data(@Nullable Output> data) { /** * @param data A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * * @return builder * */ @@ -435,7 +443,7 @@ public Builder name(String name) { } /** - * @param password The password to be used in the connection. + * @param password The root credential password used in the connection URL. * * @return builder * @@ -446,7 +454,7 @@ public Builder password(Output password) { } /** - * @param password The password to be used in the connection. + * @param password The root credential password used in the connection URL. * * @return builder * @@ -575,7 +583,7 @@ public Builder rootRotationStatements(String... rootRotationStatements) { } /** - * @param tls Whether to use TLS when connecting to Redis. + * @param tls Whether to use TLS when connecting to Cassandra. * * @return builder * @@ -586,7 +594,7 @@ public Builder tls(@Nullable Output tls) { } /** - * @param tls Whether to use TLS when connecting to Redis. + * @param tls Whether to use TLS when connecting to Cassandra. * * @return builder * @@ -596,7 +604,7 @@ public Builder tls(Boolean tls) { } /** - * @param username The username to be used in the connection (the account admin level). + * @param username The root credential username used in the connection URL. * * @return builder * @@ -607,7 +615,7 @@ public Builder username(Output username) { } /** - * @param username The username to be used in the connection (the account admin level). + * @param username The root credential username used in the connection URL. * * @return builder * @@ -617,7 +625,7 @@ public Builder username(String username) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * * @return builder * @@ -628,7 +636,7 @@ public Builder usernameTemplate(@Nullable Output usernameTemplate) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountMongodbArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountMongodbArgs.java index ef7fc76c6..2767dbbf4 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountMongodbArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountMongodbArgs.java @@ -38,16 +38,16 @@ public Optional>> allowedRoles() { } /** - * A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ @Import(name="connectionUrl") private @Nullable Output connectionUrl; /** - * @return A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @return Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ public Optional> connectionUrl() { @@ -57,6 +57,8 @@ public Optional> connectionUrl() { /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ @Import(name="data") private @Nullable Output> data; @@ -64,22 +66,22 @@ public Optional> connectionUrl() { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ public Optional>> data() { return Optional.ofNullable(this.data); } /** - * The maximum number of seconds to keep - * a connection alive for. + * The maximum amount of time a connection may be reused. * */ @Import(name="maxConnectionLifetime") private @Nullable Output maxConnectionLifetime; /** - * @return The maximum number of seconds to keep - * a connection alive for. + * @return The maximum amount of time a connection may be reused. * */ public Optional> maxConnectionLifetime() { @@ -88,7 +90,7 @@ public Optional> maxConnectionLifetime() { /** * The maximum number of idle connections to - * maintain. + * the database. * */ @Import(name="maxIdleConnections") @@ -96,7 +98,7 @@ public Optional> maxConnectionLifetime() { /** * @return The maximum number of idle connections to - * maintain. + * the database. * */ public Optional> maxIdleConnections() { @@ -105,7 +107,7 @@ public Optional> maxIdleConnections() { /** * The maximum number of open connections to - * use. + * the database. * */ @Import(name="maxOpenConnections") @@ -113,7 +115,7 @@ public Optional> maxIdleConnections() { /** * @return The maximum number of open connections to - * use. + * the database. * */ public Optional> maxOpenConnections() { @@ -128,14 +130,14 @@ public Output name() { } /** - * The password to be used in the connection. + * The root credential password used in the connection URL. * */ @Import(name="password") private @Nullable Output password; /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ public Optional> password() { @@ -173,14 +175,14 @@ public Optional>> rootRotationStatements() { } /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. * */ @Import(name="username") private @Nullable Output username; /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ public Optional> username() { @@ -188,14 +190,14 @@ public Optional> username() { } /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ @Import(name="usernameTemplate") private @Nullable Output usernameTemplate; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ public Optional> usernameTemplate() { @@ -290,8 +292,8 @@ public Builder allowedRoles(String... allowedRoles) { } /** - * @param connectionUrl A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @param connectionUrl Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * * @return builder * @@ -302,8 +304,8 @@ public Builder connectionUrl(@Nullable Output connectionUrl) { } /** - * @param connectionUrl A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @param connectionUrl Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * * @return builder * @@ -315,6 +317,8 @@ public Builder connectionUrl(String connectionUrl) { /** * @param data A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * * @return builder * */ @@ -326,6 +330,8 @@ public Builder data(@Nullable Output> data) { /** * @param data A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * * @return builder * */ @@ -334,8 +340,7 @@ public Builder data(Map data) { } /** - * @param maxConnectionLifetime The maximum number of seconds to keep - * a connection alive for. + * @param maxConnectionLifetime The maximum amount of time a connection may be reused. * * @return builder * @@ -346,8 +351,7 @@ public Builder maxConnectionLifetime(@Nullable Output maxConnectionLife } /** - * @param maxConnectionLifetime The maximum number of seconds to keep - * a connection alive for. + * @param maxConnectionLifetime The maximum amount of time a connection may be reused. * * @return builder * @@ -358,7 +362,7 @@ public Builder maxConnectionLifetime(Integer maxConnectionLifetime) { /** * @param maxIdleConnections The maximum number of idle connections to - * maintain. + * the database. * * @return builder * @@ -370,7 +374,7 @@ public Builder maxIdleConnections(@Nullable Output maxIdleConnections) /** * @param maxIdleConnections The maximum number of idle connections to - * maintain. + * the database. * * @return builder * @@ -381,7 +385,7 @@ public Builder maxIdleConnections(Integer maxIdleConnections) { /** * @param maxOpenConnections The maximum number of open connections to - * use. + * the database. * * @return builder * @@ -393,7 +397,7 @@ public Builder maxOpenConnections(@Nullable Output maxOpenConnections) /** * @param maxOpenConnections The maximum number of open connections to - * use. + * the database. * * @return builder * @@ -412,7 +416,7 @@ public Builder name(String name) { } /** - * @param password The password to be used in the connection. + * @param password The root credential password used in the connection URL. * * @return builder * @@ -423,7 +427,7 @@ public Builder password(@Nullable Output password) { } /** - * @param password The password to be used in the connection. + * @param password The root credential password used in the connection URL. * * @return builder * @@ -485,7 +489,7 @@ public Builder rootRotationStatements(String... rootRotationStatements) { } /** - * @param username The username to be used in the connection (the account admin level). + * @param username The root credential username used in the connection URL. * * @return builder * @@ -496,7 +500,7 @@ public Builder username(@Nullable Output username) { } /** - * @param username The username to be used in the connection (the account admin level). + * @param username The root credential username used in the connection URL. * * @return builder * @@ -506,7 +510,7 @@ public Builder username(String username) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * * @return builder * @@ -517,7 +521,7 @@ public Builder usernameTemplate(@Nullable Output usernameTemplate) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountMongodbatlaArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountMongodbatlaArgs.java index 3831dbc69..95b0190e5 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountMongodbatlaArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountMongodbatlaArgs.java @@ -39,6 +39,8 @@ public Optional>> allowedRoles() { /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ @Import(name="data") private @Nullable Output> data; @@ -46,6 +48,8 @@ public Optional>> allowedRoles() { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ public Optional>> data() { return Optional.ofNullable(this.data); @@ -219,6 +223,8 @@ public Builder allowedRoles(String... allowedRoles) { /** * @param data A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * * @return builder * */ @@ -230,6 +236,8 @@ public Builder data(@Nullable Output> data) { /** * @param data A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountMssqlArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountMssqlArgs.java index b654cf9b8..f7e0b1df4 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountMssqlArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountMssqlArgs.java @@ -38,16 +38,16 @@ public Optional>> allowedRoles() { } /** - * A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ @Import(name="connectionUrl") private @Nullable Output connectionUrl; /** - * @return A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @return Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ public Optional> connectionUrl() { @@ -76,6 +76,8 @@ public Optional> containedDb() { /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ @Import(name="data") private @Nullable Output> data; @@ -83,6 +85,8 @@ public Optional> containedDb() { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ public Optional>> data() { return Optional.ofNullable(this.data); @@ -104,16 +108,14 @@ public Optional> disableEscaping() { } /** - * The maximum number of seconds to keep - * a connection alive for. + * The maximum amount of time a connection may be reused. * */ @Import(name="maxConnectionLifetime") private @Nullable Output maxConnectionLifetime; /** - * @return The maximum number of seconds to keep - * a connection alive for. + * @return The maximum amount of time a connection may be reused. * */ public Optional> maxConnectionLifetime() { @@ -122,7 +124,7 @@ public Optional> maxConnectionLifetime() { /** * The maximum number of idle connections to - * maintain. + * the database. * */ @Import(name="maxIdleConnections") @@ -130,7 +132,7 @@ public Optional> maxConnectionLifetime() { /** * @return The maximum number of idle connections to - * maintain. + * the database. * */ public Optional> maxIdleConnections() { @@ -139,7 +141,7 @@ public Optional> maxIdleConnections() { /** * The maximum number of open connections to - * use. + * the database. * */ @Import(name="maxOpenConnections") @@ -147,7 +149,7 @@ public Optional> maxIdleConnections() { /** * @return The maximum number of open connections to - * use. + * the database. * */ public Optional> maxOpenConnections() { @@ -162,14 +164,14 @@ public Output name() { } /** - * The password to be used in the connection. + * The root credential password used in the connection URL. * */ @Import(name="password") private @Nullable Output password; /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ public Optional> password() { @@ -207,14 +209,14 @@ public Optional>> rootRotationStatements() { } /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. * */ @Import(name="username") private @Nullable Output username; /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ public Optional> username() { @@ -222,14 +224,14 @@ public Optional> username() { } /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ @Import(name="usernameTemplate") private @Nullable Output usernameTemplate; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ public Optional> usernameTemplate() { @@ -326,8 +328,8 @@ public Builder allowedRoles(String... allowedRoles) { } /** - * @param connectionUrl A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @param connectionUrl Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * * @return builder * @@ -338,8 +340,8 @@ public Builder connectionUrl(@Nullable Output connectionUrl) { } /** - * @param connectionUrl A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @param connectionUrl Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * * @return builder * @@ -376,6 +378,8 @@ public Builder containedDb(Boolean containedDb) { /** * @param data A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * * @return builder * */ @@ -387,6 +391,8 @@ public Builder data(@Nullable Output> data) { /** * @param data A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * * @return builder * */ @@ -416,8 +422,7 @@ public Builder disableEscaping(Boolean disableEscaping) { } /** - * @param maxConnectionLifetime The maximum number of seconds to keep - * a connection alive for. + * @param maxConnectionLifetime The maximum amount of time a connection may be reused. * * @return builder * @@ -428,8 +433,7 @@ public Builder maxConnectionLifetime(@Nullable Output maxConnectionLife } /** - * @param maxConnectionLifetime The maximum number of seconds to keep - * a connection alive for. + * @param maxConnectionLifetime The maximum amount of time a connection may be reused. * * @return builder * @@ -440,7 +444,7 @@ public Builder maxConnectionLifetime(Integer maxConnectionLifetime) { /** * @param maxIdleConnections The maximum number of idle connections to - * maintain. + * the database. * * @return builder * @@ -452,7 +456,7 @@ public Builder maxIdleConnections(@Nullable Output maxIdleConnections) /** * @param maxIdleConnections The maximum number of idle connections to - * maintain. + * the database. * * @return builder * @@ -463,7 +467,7 @@ public Builder maxIdleConnections(Integer maxIdleConnections) { /** * @param maxOpenConnections The maximum number of open connections to - * use. + * the database. * * @return builder * @@ -475,7 +479,7 @@ public Builder maxOpenConnections(@Nullable Output maxOpenConnections) /** * @param maxOpenConnections The maximum number of open connections to - * use. + * the database. * * @return builder * @@ -494,7 +498,7 @@ public Builder name(String name) { } /** - * @param password The password to be used in the connection. + * @param password The root credential password used in the connection URL. * * @return builder * @@ -505,7 +509,7 @@ public Builder password(@Nullable Output password) { } /** - * @param password The password to be used in the connection. + * @param password The root credential password used in the connection URL. * * @return builder * @@ -567,7 +571,7 @@ public Builder rootRotationStatements(String... rootRotationStatements) { } /** - * @param username The username to be used in the connection (the account admin level). + * @param username The root credential username used in the connection URL. * * @return builder * @@ -578,7 +582,7 @@ public Builder username(@Nullable Output username) { } /** - * @param username The username to be used in the connection (the account admin level). + * @param username The root credential username used in the connection URL. * * @return builder * @@ -588,7 +592,7 @@ public Builder username(String username) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * * @return builder * @@ -599,7 +603,7 @@ public Builder usernameTemplate(@Nullable Output usernameTemplate) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountMysqlArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountMysqlArgs.java index 063c43500..db1f30798 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountMysqlArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountMysqlArgs.java @@ -45,16 +45,16 @@ public Optional> authType() { } /** - * A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ @Import(name="connectionUrl") private @Nullable Output connectionUrl; /** - * @return A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @return Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ public Optional> connectionUrl() { @@ -64,6 +64,8 @@ public Optional> connectionUrl() { /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ @Import(name="data") private @Nullable Output> data; @@ -71,22 +73,22 @@ public Optional> connectionUrl() { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ public Optional>> data() { return Optional.ofNullable(this.data); } /** - * The maximum number of seconds to keep - * a connection alive for. + * The maximum amount of time a connection may be reused. * */ @Import(name="maxConnectionLifetime") private @Nullable Output maxConnectionLifetime; /** - * @return The maximum number of seconds to keep - * a connection alive for. + * @return The maximum amount of time a connection may be reused. * */ public Optional> maxConnectionLifetime() { @@ -95,7 +97,7 @@ public Optional> maxConnectionLifetime() { /** * The maximum number of idle connections to - * maintain. + * the database. * */ @Import(name="maxIdleConnections") @@ -103,7 +105,7 @@ public Optional> maxConnectionLifetime() { /** * @return The maximum number of idle connections to - * maintain. + * the database. * */ public Optional> maxIdleConnections() { @@ -112,7 +114,7 @@ public Optional> maxIdleConnections() { /** * The maximum number of open connections to - * use. + * the database. * */ @Import(name="maxOpenConnections") @@ -120,7 +122,7 @@ public Optional> maxIdleConnections() { /** * @return The maximum number of open connections to - * use. + * the database. * */ public Optional> maxOpenConnections() { @@ -135,14 +137,14 @@ public Output name() { } /** - * The password to be used in the connection. + * The root credential password used in the connection URL. * */ @Import(name="password") private @Nullable Output password; /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ public Optional> password() { @@ -217,14 +219,14 @@ public Optional> tlsCertificateKey() { } /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. * */ @Import(name="username") private @Nullable Output username; /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ public Optional> username() { @@ -232,14 +234,14 @@ public Optional> username() { } /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ @Import(name="usernameTemplate") private @Nullable Output usernameTemplate; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ public Optional> usernameTemplate() { @@ -347,8 +349,8 @@ public Builder authType(String authType) { } /** - * @param connectionUrl A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @param connectionUrl Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * * @return builder * @@ -359,8 +361,8 @@ public Builder connectionUrl(@Nullable Output connectionUrl) { } /** - * @param connectionUrl A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @param connectionUrl Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * * @return builder * @@ -372,6 +374,8 @@ public Builder connectionUrl(String connectionUrl) { /** * @param data A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * * @return builder * */ @@ -383,6 +387,8 @@ public Builder data(@Nullable Output> data) { /** * @param data A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * * @return builder * */ @@ -391,8 +397,7 @@ public Builder data(Map data) { } /** - * @param maxConnectionLifetime The maximum number of seconds to keep - * a connection alive for. + * @param maxConnectionLifetime The maximum amount of time a connection may be reused. * * @return builder * @@ -403,8 +408,7 @@ public Builder maxConnectionLifetime(@Nullable Output maxConnectionLife } /** - * @param maxConnectionLifetime The maximum number of seconds to keep - * a connection alive for. + * @param maxConnectionLifetime The maximum amount of time a connection may be reused. * * @return builder * @@ -415,7 +419,7 @@ public Builder maxConnectionLifetime(Integer maxConnectionLifetime) { /** * @param maxIdleConnections The maximum number of idle connections to - * maintain. + * the database. * * @return builder * @@ -427,7 +431,7 @@ public Builder maxIdleConnections(@Nullable Output maxIdleConnections) /** * @param maxIdleConnections The maximum number of idle connections to - * maintain. + * the database. * * @return builder * @@ -438,7 +442,7 @@ public Builder maxIdleConnections(Integer maxIdleConnections) { /** * @param maxOpenConnections The maximum number of open connections to - * use. + * the database. * * @return builder * @@ -450,7 +454,7 @@ public Builder maxOpenConnections(@Nullable Output maxOpenConnections) /** * @param maxOpenConnections The maximum number of open connections to - * use. + * the database. * * @return builder * @@ -469,7 +473,7 @@ public Builder name(String name) { } /** - * @param password The password to be used in the connection. + * @param password The root credential password used in the connection URL. * * @return builder * @@ -480,7 +484,7 @@ public Builder password(@Nullable Output password) { } /** - * @param password The password to be used in the connection. + * @param password The root credential password used in the connection URL. * * @return builder * @@ -593,7 +597,7 @@ public Builder tlsCertificateKey(String tlsCertificateKey) { } /** - * @param username The username to be used in the connection (the account admin level). + * @param username The root credential username used in the connection URL. * * @return builder * @@ -604,7 +608,7 @@ public Builder username(@Nullable Output username) { } /** - * @param username The username to be used in the connection (the account admin level). + * @param username The root credential username used in the connection URL. * * @return builder * @@ -614,7 +618,7 @@ public Builder username(String username) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * * @return builder * @@ -625,7 +629,7 @@ public Builder usernameTemplate(@Nullable Output usernameTemplate) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountMysqlAuroraArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountMysqlAuroraArgs.java index 72121960a..3c3aeb9b8 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountMysqlAuroraArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountMysqlAuroraArgs.java @@ -38,16 +38,16 @@ public Optional>> allowedRoles() { } /** - * A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ @Import(name="connectionUrl") private @Nullable Output connectionUrl; /** - * @return A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @return Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ public Optional> connectionUrl() { @@ -57,6 +57,8 @@ public Optional> connectionUrl() { /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ @Import(name="data") private @Nullable Output> data; @@ -64,22 +66,22 @@ public Optional> connectionUrl() { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ public Optional>> data() { return Optional.ofNullable(this.data); } /** - * The maximum number of seconds to keep - * a connection alive for. + * The maximum amount of time a connection may be reused. * */ @Import(name="maxConnectionLifetime") private @Nullable Output maxConnectionLifetime; /** - * @return The maximum number of seconds to keep - * a connection alive for. + * @return The maximum amount of time a connection may be reused. * */ public Optional> maxConnectionLifetime() { @@ -88,7 +90,7 @@ public Optional> maxConnectionLifetime() { /** * The maximum number of idle connections to - * maintain. + * the database. * */ @Import(name="maxIdleConnections") @@ -96,7 +98,7 @@ public Optional> maxConnectionLifetime() { /** * @return The maximum number of idle connections to - * maintain. + * the database. * */ public Optional> maxIdleConnections() { @@ -105,7 +107,7 @@ public Optional> maxIdleConnections() { /** * The maximum number of open connections to - * use. + * the database. * */ @Import(name="maxOpenConnections") @@ -113,7 +115,7 @@ public Optional> maxIdleConnections() { /** * @return The maximum number of open connections to - * use. + * the database. * */ public Optional> maxOpenConnections() { @@ -128,14 +130,14 @@ public Output name() { } /** - * The password to be used in the connection. + * The root credential password used in the connection URL. * */ @Import(name="password") private @Nullable Output password; /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ public Optional> password() { @@ -173,14 +175,14 @@ public Optional>> rootRotationStatements() { } /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. * */ @Import(name="username") private @Nullable Output username; /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ public Optional> username() { @@ -188,14 +190,14 @@ public Optional> username() { } /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ @Import(name="usernameTemplate") private @Nullable Output usernameTemplate; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ public Optional> usernameTemplate() { @@ -290,8 +292,8 @@ public Builder allowedRoles(String... allowedRoles) { } /** - * @param connectionUrl A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @param connectionUrl Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * * @return builder * @@ -302,8 +304,8 @@ public Builder connectionUrl(@Nullable Output connectionUrl) { } /** - * @param connectionUrl A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @param connectionUrl Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * * @return builder * @@ -315,6 +317,8 @@ public Builder connectionUrl(String connectionUrl) { /** * @param data A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * * @return builder * */ @@ -326,6 +330,8 @@ public Builder data(@Nullable Output> data) { /** * @param data A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * * @return builder * */ @@ -334,8 +340,7 @@ public Builder data(Map data) { } /** - * @param maxConnectionLifetime The maximum number of seconds to keep - * a connection alive for. + * @param maxConnectionLifetime The maximum amount of time a connection may be reused. * * @return builder * @@ -346,8 +351,7 @@ public Builder maxConnectionLifetime(@Nullable Output maxConnectionLife } /** - * @param maxConnectionLifetime The maximum number of seconds to keep - * a connection alive for. + * @param maxConnectionLifetime The maximum amount of time a connection may be reused. * * @return builder * @@ -358,7 +362,7 @@ public Builder maxConnectionLifetime(Integer maxConnectionLifetime) { /** * @param maxIdleConnections The maximum number of idle connections to - * maintain. + * the database. * * @return builder * @@ -370,7 +374,7 @@ public Builder maxIdleConnections(@Nullable Output maxIdleConnections) /** * @param maxIdleConnections The maximum number of idle connections to - * maintain. + * the database. * * @return builder * @@ -381,7 +385,7 @@ public Builder maxIdleConnections(Integer maxIdleConnections) { /** * @param maxOpenConnections The maximum number of open connections to - * use. + * the database. * * @return builder * @@ -393,7 +397,7 @@ public Builder maxOpenConnections(@Nullable Output maxOpenConnections) /** * @param maxOpenConnections The maximum number of open connections to - * use. + * the database. * * @return builder * @@ -412,7 +416,7 @@ public Builder name(String name) { } /** - * @param password The password to be used in the connection. + * @param password The root credential password used in the connection URL. * * @return builder * @@ -423,7 +427,7 @@ public Builder password(@Nullable Output password) { } /** - * @param password The password to be used in the connection. + * @param password The root credential password used in the connection URL. * * @return builder * @@ -485,7 +489,7 @@ public Builder rootRotationStatements(String... rootRotationStatements) { } /** - * @param username The username to be used in the connection (the account admin level). + * @param username The root credential username used in the connection URL. * * @return builder * @@ -496,7 +500,7 @@ public Builder username(@Nullable Output username) { } /** - * @param username The username to be used in the connection (the account admin level). + * @param username The root credential username used in the connection URL. * * @return builder * @@ -506,7 +510,7 @@ public Builder username(String username) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * * @return builder * @@ -517,7 +521,7 @@ public Builder usernameTemplate(@Nullable Output usernameTemplate) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountMysqlLegacyArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountMysqlLegacyArgs.java index e992c761c..46d26948e 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountMysqlLegacyArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountMysqlLegacyArgs.java @@ -38,16 +38,16 @@ public Optional>> allowedRoles() { } /** - * A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ @Import(name="connectionUrl") private @Nullable Output connectionUrl; /** - * @return A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @return Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ public Optional> connectionUrl() { @@ -57,6 +57,8 @@ public Optional> connectionUrl() { /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ @Import(name="data") private @Nullable Output> data; @@ -64,22 +66,22 @@ public Optional> connectionUrl() { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ public Optional>> data() { return Optional.ofNullable(this.data); } /** - * The maximum number of seconds to keep - * a connection alive for. + * The maximum amount of time a connection may be reused. * */ @Import(name="maxConnectionLifetime") private @Nullable Output maxConnectionLifetime; /** - * @return The maximum number of seconds to keep - * a connection alive for. + * @return The maximum amount of time a connection may be reused. * */ public Optional> maxConnectionLifetime() { @@ -88,7 +90,7 @@ public Optional> maxConnectionLifetime() { /** * The maximum number of idle connections to - * maintain. + * the database. * */ @Import(name="maxIdleConnections") @@ -96,7 +98,7 @@ public Optional> maxConnectionLifetime() { /** * @return The maximum number of idle connections to - * maintain. + * the database. * */ public Optional> maxIdleConnections() { @@ -105,7 +107,7 @@ public Optional> maxIdleConnections() { /** * The maximum number of open connections to - * use. + * the database. * */ @Import(name="maxOpenConnections") @@ -113,7 +115,7 @@ public Optional> maxIdleConnections() { /** * @return The maximum number of open connections to - * use. + * the database. * */ public Optional> maxOpenConnections() { @@ -128,14 +130,14 @@ public Output name() { } /** - * The password to be used in the connection. + * The root credential password used in the connection URL. * */ @Import(name="password") private @Nullable Output password; /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ public Optional> password() { @@ -173,14 +175,14 @@ public Optional>> rootRotationStatements() { } /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. * */ @Import(name="username") private @Nullable Output username; /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ public Optional> username() { @@ -188,14 +190,14 @@ public Optional> username() { } /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ @Import(name="usernameTemplate") private @Nullable Output usernameTemplate; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ public Optional> usernameTemplate() { @@ -290,8 +292,8 @@ public Builder allowedRoles(String... allowedRoles) { } /** - * @param connectionUrl A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @param connectionUrl Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * * @return builder * @@ -302,8 +304,8 @@ public Builder connectionUrl(@Nullable Output connectionUrl) { } /** - * @param connectionUrl A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @param connectionUrl Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * * @return builder * @@ -315,6 +317,8 @@ public Builder connectionUrl(String connectionUrl) { /** * @param data A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * * @return builder * */ @@ -326,6 +330,8 @@ public Builder data(@Nullable Output> data) { /** * @param data A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * * @return builder * */ @@ -334,8 +340,7 @@ public Builder data(Map data) { } /** - * @param maxConnectionLifetime The maximum number of seconds to keep - * a connection alive for. + * @param maxConnectionLifetime The maximum amount of time a connection may be reused. * * @return builder * @@ -346,8 +351,7 @@ public Builder maxConnectionLifetime(@Nullable Output maxConnectionLife } /** - * @param maxConnectionLifetime The maximum number of seconds to keep - * a connection alive for. + * @param maxConnectionLifetime The maximum amount of time a connection may be reused. * * @return builder * @@ -358,7 +362,7 @@ public Builder maxConnectionLifetime(Integer maxConnectionLifetime) { /** * @param maxIdleConnections The maximum number of idle connections to - * maintain. + * the database. * * @return builder * @@ -370,7 +374,7 @@ public Builder maxIdleConnections(@Nullable Output maxIdleConnections) /** * @param maxIdleConnections The maximum number of idle connections to - * maintain. + * the database. * * @return builder * @@ -381,7 +385,7 @@ public Builder maxIdleConnections(Integer maxIdleConnections) { /** * @param maxOpenConnections The maximum number of open connections to - * use. + * the database. * * @return builder * @@ -393,7 +397,7 @@ public Builder maxOpenConnections(@Nullable Output maxOpenConnections) /** * @param maxOpenConnections The maximum number of open connections to - * use. + * the database. * * @return builder * @@ -412,7 +416,7 @@ public Builder name(String name) { } /** - * @param password The password to be used in the connection. + * @param password The root credential password used in the connection URL. * * @return builder * @@ -423,7 +427,7 @@ public Builder password(@Nullable Output password) { } /** - * @param password The password to be used in the connection. + * @param password The root credential password used in the connection URL. * * @return builder * @@ -485,7 +489,7 @@ public Builder rootRotationStatements(String... rootRotationStatements) { } /** - * @param username The username to be used in the connection (the account admin level). + * @param username The root credential username used in the connection URL. * * @return builder * @@ -496,7 +500,7 @@ public Builder username(@Nullable Output username) { } /** - * @param username The username to be used in the connection (the account admin level). + * @param username The root credential username used in the connection URL. * * @return builder * @@ -506,7 +510,7 @@ public Builder username(String username) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * * @return builder * @@ -517,7 +521,7 @@ public Builder usernameTemplate(@Nullable Output usernameTemplate) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountMysqlRdArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountMysqlRdArgs.java index a01161341..ee0a17b4a 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountMysqlRdArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountMysqlRdArgs.java @@ -38,16 +38,16 @@ public Optional>> allowedRoles() { } /** - * A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ @Import(name="connectionUrl") private @Nullable Output connectionUrl; /** - * @return A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @return Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ public Optional> connectionUrl() { @@ -57,6 +57,8 @@ public Optional> connectionUrl() { /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ @Import(name="data") private @Nullable Output> data; @@ -64,22 +66,22 @@ public Optional> connectionUrl() { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ public Optional>> data() { return Optional.ofNullable(this.data); } /** - * The maximum number of seconds to keep - * a connection alive for. + * The maximum amount of time a connection may be reused. * */ @Import(name="maxConnectionLifetime") private @Nullable Output maxConnectionLifetime; /** - * @return The maximum number of seconds to keep - * a connection alive for. + * @return The maximum amount of time a connection may be reused. * */ public Optional> maxConnectionLifetime() { @@ -88,7 +90,7 @@ public Optional> maxConnectionLifetime() { /** * The maximum number of idle connections to - * maintain. + * the database. * */ @Import(name="maxIdleConnections") @@ -96,7 +98,7 @@ public Optional> maxConnectionLifetime() { /** * @return The maximum number of idle connections to - * maintain. + * the database. * */ public Optional> maxIdleConnections() { @@ -105,7 +107,7 @@ public Optional> maxIdleConnections() { /** * The maximum number of open connections to - * use. + * the database. * */ @Import(name="maxOpenConnections") @@ -113,7 +115,7 @@ public Optional> maxIdleConnections() { /** * @return The maximum number of open connections to - * use. + * the database. * */ public Optional> maxOpenConnections() { @@ -128,14 +130,14 @@ public Output name() { } /** - * The password to be used in the connection. + * The root credential password used in the connection URL. * */ @Import(name="password") private @Nullable Output password; /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ public Optional> password() { @@ -173,14 +175,14 @@ public Optional>> rootRotationStatements() { } /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. * */ @Import(name="username") private @Nullable Output username; /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ public Optional> username() { @@ -188,14 +190,14 @@ public Optional> username() { } /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ @Import(name="usernameTemplate") private @Nullable Output usernameTemplate; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ public Optional> usernameTemplate() { @@ -290,8 +292,8 @@ public Builder allowedRoles(String... allowedRoles) { } /** - * @param connectionUrl A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @param connectionUrl Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * * @return builder * @@ -302,8 +304,8 @@ public Builder connectionUrl(@Nullable Output connectionUrl) { } /** - * @param connectionUrl A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @param connectionUrl Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * * @return builder * @@ -315,6 +317,8 @@ public Builder connectionUrl(String connectionUrl) { /** * @param data A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * * @return builder * */ @@ -326,6 +330,8 @@ public Builder data(@Nullable Output> data) { /** * @param data A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * * @return builder * */ @@ -334,8 +340,7 @@ public Builder data(Map data) { } /** - * @param maxConnectionLifetime The maximum number of seconds to keep - * a connection alive for. + * @param maxConnectionLifetime The maximum amount of time a connection may be reused. * * @return builder * @@ -346,8 +351,7 @@ public Builder maxConnectionLifetime(@Nullable Output maxConnectionLife } /** - * @param maxConnectionLifetime The maximum number of seconds to keep - * a connection alive for. + * @param maxConnectionLifetime The maximum amount of time a connection may be reused. * * @return builder * @@ -358,7 +362,7 @@ public Builder maxConnectionLifetime(Integer maxConnectionLifetime) { /** * @param maxIdleConnections The maximum number of idle connections to - * maintain. + * the database. * * @return builder * @@ -370,7 +374,7 @@ public Builder maxIdleConnections(@Nullable Output maxIdleConnections) /** * @param maxIdleConnections The maximum number of idle connections to - * maintain. + * the database. * * @return builder * @@ -381,7 +385,7 @@ public Builder maxIdleConnections(Integer maxIdleConnections) { /** * @param maxOpenConnections The maximum number of open connections to - * use. + * the database. * * @return builder * @@ -393,7 +397,7 @@ public Builder maxOpenConnections(@Nullable Output maxOpenConnections) /** * @param maxOpenConnections The maximum number of open connections to - * use. + * the database. * * @return builder * @@ -412,7 +416,7 @@ public Builder name(String name) { } /** - * @param password The password to be used in the connection. + * @param password The root credential password used in the connection URL. * * @return builder * @@ -423,7 +427,7 @@ public Builder password(@Nullable Output password) { } /** - * @param password The password to be used in the connection. + * @param password The root credential password used in the connection URL. * * @return builder * @@ -485,7 +489,7 @@ public Builder rootRotationStatements(String... rootRotationStatements) { } /** - * @param username The username to be used in the connection (the account admin level). + * @param username The root credential username used in the connection URL. * * @return builder * @@ -496,7 +500,7 @@ public Builder username(@Nullable Output username) { } /** - * @param username The username to be used in the connection (the account admin level). + * @param username The root credential username used in the connection URL. * * @return builder * @@ -506,7 +510,7 @@ public Builder username(String username) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * * @return builder * @@ -517,7 +521,7 @@ public Builder usernameTemplate(@Nullable Output usernameTemplate) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountOracleArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountOracleArgs.java index 2d6ff40ed..7829c396d 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountOracleArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountOracleArgs.java @@ -38,16 +38,16 @@ public Optional>> allowedRoles() { } /** - * A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ @Import(name="connectionUrl") private @Nullable Output connectionUrl; /** - * @return A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @return Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ public Optional> connectionUrl() { @@ -57,6 +57,8 @@ public Optional> connectionUrl() { /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ @Import(name="data") private @Nullable Output> data; @@ -64,22 +66,22 @@ public Optional> connectionUrl() { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ public Optional>> data() { return Optional.ofNullable(this.data); } /** - * The maximum number of seconds to keep - * a connection alive for. + * The maximum amount of time a connection may be reused. * */ @Import(name="maxConnectionLifetime") private @Nullable Output maxConnectionLifetime; /** - * @return The maximum number of seconds to keep - * a connection alive for. + * @return The maximum amount of time a connection may be reused. * */ public Optional> maxConnectionLifetime() { @@ -88,7 +90,7 @@ public Optional> maxConnectionLifetime() { /** * The maximum number of idle connections to - * maintain. + * the database. * */ @Import(name="maxIdleConnections") @@ -96,7 +98,7 @@ public Optional> maxConnectionLifetime() { /** * @return The maximum number of idle connections to - * maintain. + * the database. * */ public Optional> maxIdleConnections() { @@ -105,7 +107,7 @@ public Optional> maxIdleConnections() { /** * The maximum number of open connections to - * use. + * the database. * */ @Import(name="maxOpenConnections") @@ -113,7 +115,7 @@ public Optional> maxIdleConnections() { /** * @return The maximum number of open connections to - * use. + * the database. * */ public Optional> maxOpenConnections() { @@ -128,14 +130,14 @@ public Output name() { } /** - * The password to be used in the connection. + * The root credential password used in the connection URL. * */ @Import(name="password") private @Nullable Output password; /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ public Optional> password() { @@ -173,14 +175,14 @@ public Optional>> rootRotationStatements() { } /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. * */ @Import(name="username") private @Nullable Output username; /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ public Optional> username() { @@ -188,14 +190,14 @@ public Optional> username() { } /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ @Import(name="usernameTemplate") private @Nullable Output usernameTemplate; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ public Optional> usernameTemplate() { @@ -290,8 +292,8 @@ public Builder allowedRoles(String... allowedRoles) { } /** - * @param connectionUrl A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @param connectionUrl Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * * @return builder * @@ -302,8 +304,8 @@ public Builder connectionUrl(@Nullable Output connectionUrl) { } /** - * @param connectionUrl A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @param connectionUrl Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * * @return builder * @@ -315,6 +317,8 @@ public Builder connectionUrl(String connectionUrl) { /** * @param data A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * * @return builder * */ @@ -326,6 +330,8 @@ public Builder data(@Nullable Output> data) { /** * @param data A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * * @return builder * */ @@ -334,8 +340,7 @@ public Builder data(Map data) { } /** - * @param maxConnectionLifetime The maximum number of seconds to keep - * a connection alive for. + * @param maxConnectionLifetime The maximum amount of time a connection may be reused. * * @return builder * @@ -346,8 +351,7 @@ public Builder maxConnectionLifetime(@Nullable Output maxConnectionLife } /** - * @param maxConnectionLifetime The maximum number of seconds to keep - * a connection alive for. + * @param maxConnectionLifetime The maximum amount of time a connection may be reused. * * @return builder * @@ -358,7 +362,7 @@ public Builder maxConnectionLifetime(Integer maxConnectionLifetime) { /** * @param maxIdleConnections The maximum number of idle connections to - * maintain. + * the database. * * @return builder * @@ -370,7 +374,7 @@ public Builder maxIdleConnections(@Nullable Output maxIdleConnections) /** * @param maxIdleConnections The maximum number of idle connections to - * maintain. + * the database. * * @return builder * @@ -381,7 +385,7 @@ public Builder maxIdleConnections(Integer maxIdleConnections) { /** * @param maxOpenConnections The maximum number of open connections to - * use. + * the database. * * @return builder * @@ -393,7 +397,7 @@ public Builder maxOpenConnections(@Nullable Output maxOpenConnections) /** * @param maxOpenConnections The maximum number of open connections to - * use. + * the database. * * @return builder * @@ -412,7 +416,7 @@ public Builder name(String name) { } /** - * @param password The password to be used in the connection. + * @param password The root credential password used in the connection URL. * * @return builder * @@ -423,7 +427,7 @@ public Builder password(@Nullable Output password) { } /** - * @param password The password to be used in the connection. + * @param password The root credential password used in the connection URL. * * @return builder * @@ -485,7 +489,7 @@ public Builder rootRotationStatements(String... rootRotationStatements) { } /** - * @param username The username to be used in the connection (the account admin level). + * @param username The root credential username used in the connection URL. * * @return builder * @@ -496,7 +500,7 @@ public Builder username(@Nullable Output username) { } /** - * @param username The username to be used in the connection (the account admin level). + * @param username The root credential username used in the connection URL. * * @return builder * @@ -506,7 +510,7 @@ public Builder username(String username) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * * @return builder * @@ -517,7 +521,7 @@ public Builder usernameTemplate(@Nullable Output usernameTemplate) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountPostgresqlArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountPostgresqlArgs.java index 9538a246a..b761e193b 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountPostgresqlArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountPostgresqlArgs.java @@ -45,16 +45,16 @@ public Optional> authType() { } /** - * A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ @Import(name="connectionUrl") private @Nullable Output connectionUrl; /** - * @return A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @return Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ public Optional> connectionUrl() { @@ -64,6 +64,8 @@ public Optional> connectionUrl() { /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ @Import(name="data") private @Nullable Output> data; @@ -71,6 +73,8 @@ public Optional> connectionUrl() { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ public Optional>> data() { return Optional.ofNullable(this.data); @@ -92,16 +96,14 @@ public Optional> disableEscaping() { } /** - * The maximum number of seconds to keep - * a connection alive for. + * The maximum amount of time a connection may be reused. * */ @Import(name="maxConnectionLifetime") private @Nullable Output maxConnectionLifetime; /** - * @return The maximum number of seconds to keep - * a connection alive for. + * @return The maximum amount of time a connection may be reused. * */ public Optional> maxConnectionLifetime() { @@ -110,7 +112,7 @@ public Optional> maxConnectionLifetime() { /** * The maximum number of idle connections to - * maintain. + * the database. * */ @Import(name="maxIdleConnections") @@ -118,7 +120,7 @@ public Optional> maxConnectionLifetime() { /** * @return The maximum number of idle connections to - * maintain. + * the database. * */ public Optional> maxIdleConnections() { @@ -127,7 +129,7 @@ public Optional> maxIdleConnections() { /** * The maximum number of open connections to - * use. + * the database. * */ @Import(name="maxOpenConnections") @@ -135,7 +137,7 @@ public Optional> maxIdleConnections() { /** * @return The maximum number of open connections to - * use. + * the database. * */ public Optional> maxOpenConnections() { @@ -150,14 +152,14 @@ public Output name() { } /** - * The password to be used in the connection. + * The root credential password used in the connection URL. * */ @Import(name="password") private @Nullable Output password; /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ public Optional> password() { @@ -202,14 +204,14 @@ public Optional> serviceAccountJson() { } /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. * */ @Import(name="username") private @Nullable Output username; /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ public Optional> username() { @@ -217,14 +219,14 @@ public Optional> username() { } /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ @Import(name="usernameTemplate") private @Nullable Output usernameTemplate; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ public Optional> usernameTemplate() { @@ -331,8 +333,8 @@ public Builder authType(String authType) { } /** - * @param connectionUrl A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @param connectionUrl Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * * @return builder * @@ -343,8 +345,8 @@ public Builder connectionUrl(@Nullable Output connectionUrl) { } /** - * @param connectionUrl A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @param connectionUrl Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * * @return builder * @@ -356,6 +358,8 @@ public Builder connectionUrl(String connectionUrl) { /** * @param data A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * * @return builder * */ @@ -367,6 +371,8 @@ public Builder data(@Nullable Output> data) { /** * @param data A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * * @return builder * */ @@ -396,8 +402,7 @@ public Builder disableEscaping(Boolean disableEscaping) { } /** - * @param maxConnectionLifetime The maximum number of seconds to keep - * a connection alive for. + * @param maxConnectionLifetime The maximum amount of time a connection may be reused. * * @return builder * @@ -408,8 +413,7 @@ public Builder maxConnectionLifetime(@Nullable Output maxConnectionLife } /** - * @param maxConnectionLifetime The maximum number of seconds to keep - * a connection alive for. + * @param maxConnectionLifetime The maximum amount of time a connection may be reused. * * @return builder * @@ -420,7 +424,7 @@ public Builder maxConnectionLifetime(Integer maxConnectionLifetime) { /** * @param maxIdleConnections The maximum number of idle connections to - * maintain. + * the database. * * @return builder * @@ -432,7 +436,7 @@ public Builder maxIdleConnections(@Nullable Output maxIdleConnections) /** * @param maxIdleConnections The maximum number of idle connections to - * maintain. + * the database. * * @return builder * @@ -443,7 +447,7 @@ public Builder maxIdleConnections(Integer maxIdleConnections) { /** * @param maxOpenConnections The maximum number of open connections to - * use. + * the database. * * @return builder * @@ -455,7 +459,7 @@ public Builder maxOpenConnections(@Nullable Output maxOpenConnections) /** * @param maxOpenConnections The maximum number of open connections to - * use. + * the database. * * @return builder * @@ -474,7 +478,7 @@ public Builder name(String name) { } /** - * @param password The password to be used in the connection. + * @param password The root credential password used in the connection URL. * * @return builder * @@ -485,7 +489,7 @@ public Builder password(@Nullable Output password) { } /** - * @param password The password to be used in the connection. + * @param password The root credential password used in the connection URL. * * @return builder * @@ -556,7 +560,7 @@ public Builder serviceAccountJson(String serviceAccountJson) { } /** - * @param username The username to be used in the connection (the account admin level). + * @param username The root credential username used in the connection URL. * * @return builder * @@ -567,7 +571,7 @@ public Builder username(@Nullable Output username) { } /** - * @param username The username to be used in the connection (the account admin level). + * @param username The root credential username used in the connection URL. * * @return builder * @@ -577,7 +581,7 @@ public Builder username(String username) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * * @return builder * @@ -588,7 +592,7 @@ public Builder usernameTemplate(@Nullable Output usernameTemplate) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountRediArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountRediArgs.java index c84c95255..dbfd3710b 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountRediArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountRediArgs.java @@ -38,14 +38,14 @@ public Optional>> allowedRoles() { } /** - * The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity. + * The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. * */ @Import(name="caCert") private @Nullable Output caCert; /** - * @return The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity. + * @return The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. * */ public Optional> caCert() { @@ -55,6 +55,8 @@ public Optional> caCert() { /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ @Import(name="data") private @Nullable Output> data; @@ -62,6 +64,8 @@ public Optional> caCert() { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ public Optional>> data() { return Optional.ofNullable(this.data); @@ -107,14 +111,14 @@ public Output name() { } /** - * The password to be used in the connection. + * The root credential password used in the connection URL. * */ @Import(name="password", required=true) private Output password; /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ public Output password() { @@ -169,14 +173,14 @@ public Optional>> rootRotationStatements() { } /** - * Whether to use TLS when connecting to Redis. + * Whether to use TLS when connecting to Cassandra. * */ @Import(name="tls") private @Nullable Output tls; /** - * @return Whether to use TLS when connecting to Redis. + * @return Whether to use TLS when connecting to Cassandra. * */ public Optional> tls() { @@ -184,14 +188,14 @@ public Optional> tls() { } /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. * */ @Import(name="username", required=true) private Output username; /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ public Output username() { @@ -286,7 +290,7 @@ public Builder allowedRoles(String... allowedRoles) { } /** - * @param caCert The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity. + * @param caCert The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. * * @return builder * @@ -297,7 +301,7 @@ public Builder caCert(@Nullable Output caCert) { } /** - * @param caCert The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity. + * @param caCert The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. * * @return builder * @@ -309,6 +313,8 @@ public Builder caCert(String caCert) { /** * @param data A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * * @return builder * */ @@ -320,6 +326,8 @@ public Builder data(@Nullable Output> data) { /** * @param data A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * * @return builder * */ @@ -381,7 +389,7 @@ public Builder name(String name) { } /** - * @param password The password to be used in the connection. + * @param password The root credential password used in the connection URL. * * @return builder * @@ -392,7 +400,7 @@ public Builder password(Output password) { } /** - * @param password The password to be used in the connection. + * @param password The root credential password used in the connection URL. * * @return builder * @@ -477,7 +485,7 @@ public Builder rootRotationStatements(String... rootRotationStatements) { } /** - * @param tls Whether to use TLS when connecting to Redis. + * @param tls Whether to use TLS when connecting to Cassandra. * * @return builder * @@ -488,7 +496,7 @@ public Builder tls(@Nullable Output tls) { } /** - * @param tls Whether to use TLS when connecting to Redis. + * @param tls Whether to use TLS when connecting to Cassandra. * * @return builder * @@ -498,7 +506,7 @@ public Builder tls(Boolean tls) { } /** - * @param username The username to be used in the connection (the account admin level). + * @param username The root credential username used in the connection URL. * * @return builder * @@ -509,7 +517,7 @@ public Builder username(Output username) { } /** - * @param username The username to be used in the connection (the account admin level). + * @param username The root credential username used in the connection URL. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountRedisElasticachArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountRedisElasticachArgs.java index a2711c9c4..96049d0cc 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountRedisElasticachArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountRedisElasticachArgs.java @@ -39,6 +39,8 @@ public Optional>> allowedRoles() { /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ @Import(name="data") private @Nullable Output> data; @@ -46,6 +48,8 @@ public Optional>> allowedRoles() { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ public Optional>> data() { return Optional.ofNullable(this.data); @@ -59,14 +63,14 @@ public Output name() { } /** - * The password to be used in the connection. + * The root credential password used in the connection URL. * */ @Import(name="password") private @Nullable Output password; /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ public Optional> password() { @@ -121,14 +125,16 @@ public Optional>> rootRotationStatements() { } /** - * The configuration endpoint for the ElastiCache cluster to connect to. + * The URL for Elasticsearch's API. https requires certificate + * by trusted CA if used. * */ @Import(name="url", required=true) private Output url; /** - * @return The configuration endpoint for the ElastiCache cluster to connect to. + * @return The URL for Elasticsearch's API. https requires certificate + * by trusted CA if used. * */ public Output url() { @@ -136,14 +142,14 @@ public Output url() { } /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. * */ @Import(name="username") private @Nullable Output username; /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ public Optional> username() { @@ -237,6 +243,8 @@ public Builder allowedRoles(String... allowedRoles) { /** * @param data A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * * @return builder * */ @@ -248,6 +256,8 @@ public Builder data(@Nullable Output> data) { /** * @param data A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * * @return builder * */ @@ -265,7 +275,7 @@ public Builder name(String name) { } /** - * @param password The password to be used in the connection. + * @param password The root credential password used in the connection URL. * * @return builder * @@ -276,7 +286,7 @@ public Builder password(@Nullable Output password) { } /** - * @param password The password to be used in the connection. + * @param password The root credential password used in the connection URL. * * @return builder * @@ -361,7 +371,8 @@ public Builder rootRotationStatements(String... rootRotationStatements) { } /** - * @param url The configuration endpoint for the ElastiCache cluster to connect to. + * @param url The URL for Elasticsearch's API. https requires certificate + * by trusted CA if used. * * @return builder * @@ -372,7 +383,8 @@ public Builder url(Output url) { } /** - * @param url The configuration endpoint for the ElastiCache cluster to connect to. + * @param url The URL for Elasticsearch's API. https requires certificate + * by trusted CA if used. * * @return builder * @@ -382,7 +394,7 @@ public Builder url(String url) { } /** - * @param username The username to be used in the connection (the account admin level). + * @param username The root credential username used in the connection URL. * * @return builder * @@ -393,7 +405,7 @@ public Builder username(@Nullable Output username) { } /** - * @param username The username to be used in the connection (the account admin level). + * @param username The root credential username used in the connection URL. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountRedshiftArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountRedshiftArgs.java index f1151f355..3980d1eb0 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountRedshiftArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountRedshiftArgs.java @@ -38,16 +38,16 @@ public Optional>> allowedRoles() { } /** - * A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ @Import(name="connectionUrl") private @Nullable Output connectionUrl; /** - * @return A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @return Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ public Optional> connectionUrl() { @@ -57,6 +57,8 @@ public Optional> connectionUrl() { /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ @Import(name="data") private @Nullable Output> data; @@ -64,6 +66,8 @@ public Optional> connectionUrl() { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ public Optional>> data() { return Optional.ofNullable(this.data); @@ -85,16 +89,14 @@ public Optional> disableEscaping() { } /** - * The maximum number of seconds to keep - * a connection alive for. + * The maximum amount of time a connection may be reused. * */ @Import(name="maxConnectionLifetime") private @Nullable Output maxConnectionLifetime; /** - * @return The maximum number of seconds to keep - * a connection alive for. + * @return The maximum amount of time a connection may be reused. * */ public Optional> maxConnectionLifetime() { @@ -103,7 +105,7 @@ public Optional> maxConnectionLifetime() { /** * The maximum number of idle connections to - * maintain. + * the database. * */ @Import(name="maxIdleConnections") @@ -111,7 +113,7 @@ public Optional> maxConnectionLifetime() { /** * @return The maximum number of idle connections to - * maintain. + * the database. * */ public Optional> maxIdleConnections() { @@ -120,7 +122,7 @@ public Optional> maxIdleConnections() { /** * The maximum number of open connections to - * use. + * the database. * */ @Import(name="maxOpenConnections") @@ -128,7 +130,7 @@ public Optional> maxIdleConnections() { /** * @return The maximum number of open connections to - * use. + * the database. * */ public Optional> maxOpenConnections() { @@ -143,14 +145,14 @@ public Output name() { } /** - * The password to be used in the connection. + * The root credential password used in the connection URL. * */ @Import(name="password") private @Nullable Output password; /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ public Optional> password() { @@ -188,14 +190,14 @@ public Optional>> rootRotationStatements() { } /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. * */ @Import(name="username") private @Nullable Output username; /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ public Optional> username() { @@ -203,14 +205,14 @@ public Optional> username() { } /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ @Import(name="usernameTemplate") private @Nullable Output usernameTemplate; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ public Optional> usernameTemplate() { @@ -306,8 +308,8 @@ public Builder allowedRoles(String... allowedRoles) { } /** - * @param connectionUrl A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @param connectionUrl Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * * @return builder * @@ -318,8 +320,8 @@ public Builder connectionUrl(@Nullable Output connectionUrl) { } /** - * @param connectionUrl A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @param connectionUrl Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * * @return builder * @@ -331,6 +333,8 @@ public Builder connectionUrl(String connectionUrl) { /** * @param data A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * * @return builder * */ @@ -342,6 +346,8 @@ public Builder data(@Nullable Output> data) { /** * @param data A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * * @return builder * */ @@ -371,8 +377,7 @@ public Builder disableEscaping(Boolean disableEscaping) { } /** - * @param maxConnectionLifetime The maximum number of seconds to keep - * a connection alive for. + * @param maxConnectionLifetime The maximum amount of time a connection may be reused. * * @return builder * @@ -383,8 +388,7 @@ public Builder maxConnectionLifetime(@Nullable Output maxConnectionLife } /** - * @param maxConnectionLifetime The maximum number of seconds to keep - * a connection alive for. + * @param maxConnectionLifetime The maximum amount of time a connection may be reused. * * @return builder * @@ -395,7 +399,7 @@ public Builder maxConnectionLifetime(Integer maxConnectionLifetime) { /** * @param maxIdleConnections The maximum number of idle connections to - * maintain. + * the database. * * @return builder * @@ -407,7 +411,7 @@ public Builder maxIdleConnections(@Nullable Output maxIdleConnections) /** * @param maxIdleConnections The maximum number of idle connections to - * maintain. + * the database. * * @return builder * @@ -418,7 +422,7 @@ public Builder maxIdleConnections(Integer maxIdleConnections) { /** * @param maxOpenConnections The maximum number of open connections to - * use. + * the database. * * @return builder * @@ -430,7 +434,7 @@ public Builder maxOpenConnections(@Nullable Output maxOpenConnections) /** * @param maxOpenConnections The maximum number of open connections to - * use. + * the database. * * @return builder * @@ -449,7 +453,7 @@ public Builder name(String name) { } /** - * @param password The password to be used in the connection. + * @param password The root credential password used in the connection URL. * * @return builder * @@ -460,7 +464,7 @@ public Builder password(@Nullable Output password) { } /** - * @param password The password to be used in the connection. + * @param password The root credential password used in the connection URL. * * @return builder * @@ -522,7 +526,7 @@ public Builder rootRotationStatements(String... rootRotationStatements) { } /** - * @param username The username to be used in the connection (the account admin level). + * @param username The root credential username used in the connection URL. * * @return builder * @@ -533,7 +537,7 @@ public Builder username(@Nullable Output username) { } /** - * @param username The username to be used in the connection (the account admin level). + * @param username The root credential username used in the connection URL. * * @return builder * @@ -543,7 +547,7 @@ public Builder username(String username) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * * @return builder * @@ -554,7 +558,7 @@ public Builder usernameTemplate(@Nullable Output usernameTemplate) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountSnowflakeArgs.java b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountSnowflakeArgs.java index c1ae50647..138d95cae 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountSnowflakeArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountSnowflakeArgs.java @@ -38,16 +38,16 @@ public Optional>> allowedRoles() { } /** - * A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ @Import(name="connectionUrl") private @Nullable Output connectionUrl; /** - * @return A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @return Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ public Optional> connectionUrl() { @@ -57,6 +57,8 @@ public Optional> connectionUrl() { /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ @Import(name="data") private @Nullable Output> data; @@ -64,22 +66,22 @@ public Optional> connectionUrl() { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ public Optional>> data() { return Optional.ofNullable(this.data); } /** - * The maximum number of seconds to keep - * a connection alive for. + * The maximum amount of time a connection may be reused. * */ @Import(name="maxConnectionLifetime") private @Nullable Output maxConnectionLifetime; /** - * @return The maximum number of seconds to keep - * a connection alive for. + * @return The maximum amount of time a connection may be reused. * */ public Optional> maxConnectionLifetime() { @@ -88,7 +90,7 @@ public Optional> maxConnectionLifetime() { /** * The maximum number of idle connections to - * maintain. + * the database. * */ @Import(name="maxIdleConnections") @@ -96,7 +98,7 @@ public Optional> maxConnectionLifetime() { /** * @return The maximum number of idle connections to - * maintain. + * the database. * */ public Optional> maxIdleConnections() { @@ -105,7 +107,7 @@ public Optional> maxIdleConnections() { /** * The maximum number of open connections to - * use. + * the database. * */ @Import(name="maxOpenConnections") @@ -113,7 +115,7 @@ public Optional> maxIdleConnections() { /** * @return The maximum number of open connections to - * use. + * the database. * */ public Optional> maxOpenConnections() { @@ -128,14 +130,14 @@ public Output name() { } /** - * The password to be used in the connection. + * The root credential password used in the connection URL. * */ @Import(name="password") private @Nullable Output password; /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ public Optional> password() { @@ -173,14 +175,14 @@ public Optional>> rootRotationStatements() { } /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. * */ @Import(name="username") private @Nullable Output username; /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ public Optional> username() { @@ -188,14 +190,14 @@ public Optional> username() { } /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ @Import(name="usernameTemplate") private @Nullable Output usernameTemplate; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ public Optional> usernameTemplate() { @@ -290,8 +292,8 @@ public Builder allowedRoles(String... allowedRoles) { } /** - * @param connectionUrl A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @param connectionUrl Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * * @return builder * @@ -302,8 +304,8 @@ public Builder connectionUrl(@Nullable Output connectionUrl) { } /** - * @param connectionUrl A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @param connectionUrl Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * * @return builder * @@ -315,6 +317,8 @@ public Builder connectionUrl(String connectionUrl) { /** * @param data A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * * @return builder * */ @@ -326,6 +330,8 @@ public Builder data(@Nullable Output> data) { /** * @param data A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * * @return builder * */ @@ -334,8 +340,7 @@ public Builder data(Map data) { } /** - * @param maxConnectionLifetime The maximum number of seconds to keep - * a connection alive for. + * @param maxConnectionLifetime The maximum amount of time a connection may be reused. * * @return builder * @@ -346,8 +351,7 @@ public Builder maxConnectionLifetime(@Nullable Output maxConnectionLife } /** - * @param maxConnectionLifetime The maximum number of seconds to keep - * a connection alive for. + * @param maxConnectionLifetime The maximum amount of time a connection may be reused. * * @return builder * @@ -358,7 +362,7 @@ public Builder maxConnectionLifetime(Integer maxConnectionLifetime) { /** * @param maxIdleConnections The maximum number of idle connections to - * maintain. + * the database. * * @return builder * @@ -370,7 +374,7 @@ public Builder maxIdleConnections(@Nullable Output maxIdleConnections) /** * @param maxIdleConnections The maximum number of idle connections to - * maintain. + * the database. * * @return builder * @@ -381,7 +385,7 @@ public Builder maxIdleConnections(Integer maxIdleConnections) { /** * @param maxOpenConnections The maximum number of open connections to - * use. + * the database. * * @return builder * @@ -393,7 +397,7 @@ public Builder maxOpenConnections(@Nullable Output maxOpenConnections) /** * @param maxOpenConnections The maximum number of open connections to - * use. + * the database. * * @return builder * @@ -412,7 +416,7 @@ public Builder name(String name) { } /** - * @param password The password to be used in the connection. + * @param password The root credential password used in the connection URL. * * @return builder * @@ -423,7 +427,7 @@ public Builder password(@Nullable Output password) { } /** - * @param password The password to be used in the connection. + * @param password The root credential password used in the connection URL. * * @return builder * @@ -485,7 +489,7 @@ public Builder rootRotationStatements(String... rootRotationStatements) { } /** - * @param username The username to be used in the connection (the account admin level). + * @param username The root credential username used in the connection URL. * * @return builder * @@ -496,7 +500,7 @@ public Builder username(@Nullable Output username) { } /** - * @param username The username to be used in the connection (the account admin level). + * @param username The root credential username used in the connection URL. * * @return builder * @@ -506,7 +510,7 @@ public Builder username(String username) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * * @return builder * @@ -517,7 +521,7 @@ public Builder usernameTemplate(@Nullable Output usernameTemplate) { } /** - * @param usernameTemplate - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @param usernameTemplate [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountState.java b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountState.java index 572206a35..43cae6bfa 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/inputs/SecretsMountState.java @@ -56,6 +56,8 @@ public Optional> accessor() { /** * Set of managed key registry entry names that the mount in question is allowed to access * + * The following arguments are common to all database engines: + * */ @Import(name="allowedManagedKeys") private @Nullable Output> allowedManagedKeys; @@ -63,6 +65,8 @@ public Optional> accessor() { /** * @return Set of managed key registry entry names that the mount in question is allowed to access * + * The following arguments are common to all database engines: + * */ public Optional>> allowedManagedKeys() { return Optional.ofNullable(this.allowedManagedKeys); @@ -633,6 +637,8 @@ public Builder accessor(String accessor) { /** * @param allowedManagedKeys Set of managed key registry entry names that the mount in question is allowed to access * + * The following arguments are common to all database engines: + * * @return builder * */ @@ -644,6 +650,8 @@ public Builder allowedManagedKeys(@Nullable Output> allowedManagedK /** * @param allowedManagedKeys Set of managed key registry entry names that the mount in question is allowed to access * + * The following arguments are common to all database engines: + * * @return builder * */ @@ -654,6 +662,8 @@ public Builder allowedManagedKeys(List allowedManagedKeys) { /** * @param allowedManagedKeys Set of managed key registry entry names that the mount in question is allowed to access * + * The following arguments are common to all database engines: + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionCassandra.java b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionCassandra.java index 4d9d7ff40..29f57d45e 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionCassandra.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionCassandra.java @@ -21,7 +21,7 @@ public final class SecretBackendConnectionCassandra { */ private @Nullable Integer connectTimeout; /** - * @return A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + * @return The hosts to connect to. * */ private @Nullable List hosts; @@ -32,7 +32,7 @@ public final class SecretBackendConnectionCassandra { */ private @Nullable Boolean insecureTls; /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ private @Nullable String password; @@ -59,12 +59,12 @@ public final class SecretBackendConnectionCassandra { */ private @Nullable Integer protocolVersion; /** - * @return Whether to use TLS when connecting to Redis. + * @return Whether to use TLS when connecting to Cassandra. * */ private @Nullable Boolean tls; /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ private @Nullable String username; @@ -79,7 +79,7 @@ public Optional connectTimeout() { return Optional.ofNullable(this.connectTimeout); } /** - * @return A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + * @return The hosts to connect to. * */ public List hosts() { @@ -94,7 +94,7 @@ public Optional insecureTls() { return Optional.ofNullable(this.insecureTls); } /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ public Optional password() { @@ -131,14 +131,14 @@ public Optional protocolVersion() { return Optional.ofNullable(this.protocolVersion); } /** - * @return Whether to use TLS when connecting to Redis. + * @return Whether to use TLS when connecting to Cassandra. * */ public Optional tls() { return Optional.ofNullable(this.tls); } /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ public Optional username() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionCouchbase.java b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionCouchbase.java index 7e340318e..fa762db67 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionCouchbase.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionCouchbase.java @@ -24,7 +24,7 @@ public final class SecretBackendConnectionCouchbase { */ private @Nullable String bucketName; /** - * @return A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + * @return The hosts to connect to. * */ private List hosts; @@ -35,22 +35,22 @@ public final class SecretBackendConnectionCouchbase { */ private @Nullable Boolean insecureTls; /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ private String password; /** - * @return Whether to use TLS when connecting to Redis. + * @return Whether to use TLS when connecting to Cassandra. * */ private @Nullable Boolean tls; /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ private String username; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return Template describing how dynamic usernames are generated. * */ private @Nullable String usernameTemplate; @@ -71,7 +71,7 @@ public Optional bucketName() { return Optional.ofNullable(this.bucketName); } /** - * @return A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + * @return The hosts to connect to. * */ public List hosts() { @@ -86,28 +86,28 @@ public Optional insecureTls() { return Optional.ofNullable(this.insecureTls); } /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ public String password() { return this.password; } /** - * @return Whether to use TLS when connecting to Redis. + * @return Whether to use TLS when connecting to Cassandra. * */ public Optional tls() { return Optional.ofNullable(this.tls); } /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ public String username() { return this.username; } /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return Template describing how dynamic usernames are generated. * */ public Optional usernameTemplate() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionElasticsearch.java b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionElasticsearch.java index 4beb2da42..7c7861049 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionElasticsearch.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionElasticsearch.java @@ -38,7 +38,7 @@ public final class SecretBackendConnectionElasticsearch { */ private @Nullable Boolean insecure; /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ private String password; @@ -54,12 +54,12 @@ public final class SecretBackendConnectionElasticsearch { */ private String url; /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ private String username; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return Template describing how dynamic usernames are generated. * */ private @Nullable String usernameTemplate; @@ -101,7 +101,7 @@ public Optional insecure() { return Optional.ofNullable(this.insecure); } /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ public String password() { @@ -123,14 +123,14 @@ public String url() { return this.url; } /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ public String username() { return this.username; } /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return Template describing how dynamic usernames are generated. * */ public Optional usernameTemplate() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionHana.java b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionHana.java index c48474a0b..41c1add05 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionHana.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionHana.java @@ -14,9 +14,9 @@ @CustomType public final class SecretBackendConnectionHana { /** - * @return Specifies the Redshift DSN. See + * @return A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ @@ -27,38 +27,39 @@ public final class SecretBackendConnectionHana { */ private @Nullable Boolean disableEscaping; /** - * @return The maximum amount of time a connection may be reused. + * @return The maximum number of seconds to keep + * a connection alive for. * */ private @Nullable Integer maxConnectionLifetime; /** * @return The maximum number of idle connections to - * the database. + * maintain. * */ private @Nullable Integer maxIdleConnections; /** * @return The maximum number of open connections to - * the database. + * use. * */ private @Nullable Integer maxOpenConnections; /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ private @Nullable String password; /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ private @Nullable String username; private SecretBackendConnectionHana() {} /** - * @return Specifies the Redshift DSN. See + * @return A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ @@ -73,7 +74,8 @@ public Optional disableEscaping() { return Optional.ofNullable(this.disableEscaping); } /** - * @return The maximum amount of time a connection may be reused. + * @return The maximum number of seconds to keep + * a connection alive for. * */ public Optional maxConnectionLifetime() { @@ -81,7 +83,7 @@ public Optional maxConnectionLifetime() { } /** * @return The maximum number of idle connections to - * the database. + * maintain. * */ public Optional maxIdleConnections() { @@ -89,21 +91,21 @@ public Optional maxIdleConnections() { } /** * @return The maximum number of open connections to - * the database. + * use. * */ public Optional maxOpenConnections() { return Optional.ofNullable(this.maxOpenConnections); } /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ public Optional password() { return Optional.ofNullable(this.password); } /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ public Optional username() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionInfluxdb.java b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionInfluxdb.java index 6d87fcc83..2af2217b8 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionInfluxdb.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionInfluxdb.java @@ -31,7 +31,7 @@ public final class SecretBackendConnectionInfluxdb { */ private @Nullable Boolean insecureTls; /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ private String password; @@ -53,17 +53,17 @@ public final class SecretBackendConnectionInfluxdb { */ private @Nullable Integer port; /** - * @return Whether to use TLS when connecting to Redis. + * @return Whether to use TLS when connecting to Cassandra. * */ private @Nullable Boolean tls; /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ private String username; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return Template describing how dynamic usernames are generated. * */ private @Nullable String usernameTemplate; @@ -93,7 +93,7 @@ public Optional insecureTls() { return Optional.ofNullable(this.insecureTls); } /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ public String password() { @@ -123,21 +123,21 @@ public Optional port() { return Optional.ofNullable(this.port); } /** - * @return Whether to use TLS when connecting to Redis. + * @return Whether to use TLS when connecting to Cassandra. * */ public Optional tls() { return Optional.ofNullable(this.tls); } /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ public String username() { return this.username; } /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return Template describing how dynamic usernames are generated. * */ public Optional usernameTemplate() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionMongodb.java b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionMongodb.java index 99a2e43c7..cb0e1e204 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionMongodb.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionMongodb.java @@ -13,51 +13,52 @@ @CustomType public final class SecretBackendConnectionMongodb { /** - * @return Specifies the Redshift DSN. See + * @return A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ private @Nullable String connectionUrl; /** - * @return The maximum amount of time a connection may be reused. + * @return The maximum number of seconds to keep + * a connection alive for. * */ private @Nullable Integer maxConnectionLifetime; /** * @return The maximum number of idle connections to - * the database. + * maintain. * */ private @Nullable Integer maxIdleConnections; /** * @return The maximum number of open connections to - * the database. + * use. * */ private @Nullable Integer maxOpenConnections; /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ private @Nullable String password; /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ private @Nullable String username; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return Template describing how dynamic usernames are generated. * */ private @Nullable String usernameTemplate; private SecretBackendConnectionMongodb() {} /** - * @return Specifies the Redshift DSN. See + * @return A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ @@ -65,7 +66,8 @@ public Optional connectionUrl() { return Optional.ofNullable(this.connectionUrl); } /** - * @return The maximum amount of time a connection may be reused. + * @return The maximum number of seconds to keep + * a connection alive for. * */ public Optional maxConnectionLifetime() { @@ -73,7 +75,7 @@ public Optional maxConnectionLifetime() { } /** * @return The maximum number of idle connections to - * the database. + * maintain. * */ public Optional maxIdleConnections() { @@ -81,28 +83,28 @@ public Optional maxIdleConnections() { } /** * @return The maximum number of open connections to - * the database. + * use. * */ public Optional maxOpenConnections() { return Optional.ofNullable(this.maxOpenConnections); } /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ public Optional password() { return Optional.ofNullable(this.password); } /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ public Optional username() { return Optional.ofNullable(this.username); } /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return Template describing how dynamic usernames are generated. * */ public Optional usernameTemplate() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionMssql.java b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionMssql.java index 5dfc7e05f..82480faa2 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionMssql.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionMssql.java @@ -14,9 +14,9 @@ @CustomType public final class SecretBackendConnectionMssql { /** - * @return Specifies the Redshift DSN. See + * @return A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ @@ -35,43 +35,44 @@ public final class SecretBackendConnectionMssql { */ private @Nullable Boolean disableEscaping; /** - * @return The maximum amount of time a connection may be reused. + * @return The maximum number of seconds to keep + * a connection alive for. * */ private @Nullable Integer maxConnectionLifetime; /** * @return The maximum number of idle connections to - * the database. + * maintain. * */ private @Nullable Integer maxIdleConnections; /** * @return The maximum number of open connections to - * the database. + * use. * */ private @Nullable Integer maxOpenConnections; /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ private @Nullable String password; /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ private @Nullable String username; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return Template describing how dynamic usernames are generated. * */ private @Nullable String usernameTemplate; private SecretBackendConnectionMssql() {} /** - * @return Specifies the Redshift DSN. See + * @return A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ @@ -96,7 +97,8 @@ public Optional disableEscaping() { return Optional.ofNullable(this.disableEscaping); } /** - * @return The maximum amount of time a connection may be reused. + * @return The maximum number of seconds to keep + * a connection alive for. * */ public Optional maxConnectionLifetime() { @@ -104,7 +106,7 @@ public Optional maxConnectionLifetime() { } /** * @return The maximum number of idle connections to - * the database. + * maintain. * */ public Optional maxIdleConnections() { @@ -112,28 +114,28 @@ public Optional maxIdleConnections() { } /** * @return The maximum number of open connections to - * the database. + * use. * */ public Optional maxOpenConnections() { return Optional.ofNullable(this.maxOpenConnections); } /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ public Optional password() { return Optional.ofNullable(this.password); } /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ public Optional username() { return Optional.ofNullable(this.username); } /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return Template describing how dynamic usernames are generated. * */ public Optional usernameTemplate() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionMysql.java b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionMysql.java index 7226f2fba..959040d75 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionMysql.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionMysql.java @@ -18,32 +18,33 @@ public final class SecretBackendConnectionMysql { */ private @Nullable String authType; /** - * @return Specifies the Redshift DSN. See + * @return A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ private @Nullable String connectionUrl; /** - * @return The maximum amount of time a connection may be reused. + * @return The maximum number of seconds to keep + * a connection alive for. * */ private @Nullable Integer maxConnectionLifetime; /** * @return The maximum number of idle connections to - * the database. + * maintain. * */ private @Nullable Integer maxIdleConnections; /** * @return The maximum number of open connections to - * the database. + * use. * */ private @Nullable Integer maxOpenConnections; /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ private @Nullable String password; @@ -63,12 +64,12 @@ public final class SecretBackendConnectionMysql { */ private @Nullable String tlsCertificateKey; /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ private @Nullable String username; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return Template describing how dynamic usernames are generated. * */ private @Nullable String usernameTemplate; @@ -82,9 +83,9 @@ public Optional authType() { return Optional.ofNullable(this.authType); } /** - * @return Specifies the Redshift DSN. See + * @return A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ @@ -92,7 +93,8 @@ public Optional connectionUrl() { return Optional.ofNullable(this.connectionUrl); } /** - * @return The maximum amount of time a connection may be reused. + * @return The maximum number of seconds to keep + * a connection alive for. * */ public Optional maxConnectionLifetime() { @@ -100,7 +102,7 @@ public Optional maxConnectionLifetime() { } /** * @return The maximum number of idle connections to - * the database. + * maintain. * */ public Optional maxIdleConnections() { @@ -108,14 +110,14 @@ public Optional maxIdleConnections() { } /** * @return The maximum number of open connections to - * the database. + * use. * */ public Optional maxOpenConnections() { return Optional.ofNullable(this.maxOpenConnections); } /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ public Optional password() { @@ -143,14 +145,14 @@ public Optional tlsCertificateKey() { return Optional.ofNullable(this.tlsCertificateKey); } /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ public Optional username() { return Optional.ofNullable(this.username); } /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return Template describing how dynamic usernames are generated. * */ public Optional usernameTemplate() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionMysqlAurora.java b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionMysqlAurora.java index 05f74b935..3451642dc 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionMysqlAurora.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionMysqlAurora.java @@ -13,51 +13,52 @@ @CustomType public final class SecretBackendConnectionMysqlAurora { /** - * @return Specifies the Redshift DSN. See + * @return A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ private @Nullable String connectionUrl; /** - * @return The maximum amount of time a connection may be reused. + * @return The maximum number of seconds to keep + * a connection alive for. * */ private @Nullable Integer maxConnectionLifetime; /** * @return The maximum number of idle connections to - * the database. + * maintain. * */ private @Nullable Integer maxIdleConnections; /** * @return The maximum number of open connections to - * the database. + * use. * */ private @Nullable Integer maxOpenConnections; /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ private @Nullable String password; /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ private @Nullable String username; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return Template describing how dynamic usernames are generated. * */ private @Nullable String usernameTemplate; private SecretBackendConnectionMysqlAurora() {} /** - * @return Specifies the Redshift DSN. See + * @return A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ @@ -65,7 +66,8 @@ public Optional connectionUrl() { return Optional.ofNullable(this.connectionUrl); } /** - * @return The maximum amount of time a connection may be reused. + * @return The maximum number of seconds to keep + * a connection alive for. * */ public Optional maxConnectionLifetime() { @@ -73,7 +75,7 @@ public Optional maxConnectionLifetime() { } /** * @return The maximum number of idle connections to - * the database. + * maintain. * */ public Optional maxIdleConnections() { @@ -81,28 +83,28 @@ public Optional maxIdleConnections() { } /** * @return The maximum number of open connections to - * the database. + * use. * */ public Optional maxOpenConnections() { return Optional.ofNullable(this.maxOpenConnections); } /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ public Optional password() { return Optional.ofNullable(this.password); } /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ public Optional username() { return Optional.ofNullable(this.username); } /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return Template describing how dynamic usernames are generated. * */ public Optional usernameTemplate() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionMysqlLegacy.java b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionMysqlLegacy.java index ad5c12146..52388ceac 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionMysqlLegacy.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionMysqlLegacy.java @@ -13,51 +13,52 @@ @CustomType public final class SecretBackendConnectionMysqlLegacy { /** - * @return Specifies the Redshift DSN. See + * @return A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ private @Nullable String connectionUrl; /** - * @return The maximum amount of time a connection may be reused. + * @return The maximum number of seconds to keep + * a connection alive for. * */ private @Nullable Integer maxConnectionLifetime; /** * @return The maximum number of idle connections to - * the database. + * maintain. * */ private @Nullable Integer maxIdleConnections; /** * @return The maximum number of open connections to - * the database. + * use. * */ private @Nullable Integer maxOpenConnections; /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ private @Nullable String password; /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ private @Nullable String username; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return Template describing how dynamic usernames are generated. * */ private @Nullable String usernameTemplate; private SecretBackendConnectionMysqlLegacy() {} /** - * @return Specifies the Redshift DSN. See + * @return A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ @@ -65,7 +66,8 @@ public Optional connectionUrl() { return Optional.ofNullable(this.connectionUrl); } /** - * @return The maximum amount of time a connection may be reused. + * @return The maximum number of seconds to keep + * a connection alive for. * */ public Optional maxConnectionLifetime() { @@ -73,7 +75,7 @@ public Optional maxConnectionLifetime() { } /** * @return The maximum number of idle connections to - * the database. + * maintain. * */ public Optional maxIdleConnections() { @@ -81,28 +83,28 @@ public Optional maxIdleConnections() { } /** * @return The maximum number of open connections to - * the database. + * use. * */ public Optional maxOpenConnections() { return Optional.ofNullable(this.maxOpenConnections); } /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ public Optional password() { return Optional.ofNullable(this.password); } /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ public Optional username() { return Optional.ofNullable(this.username); } /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return Template describing how dynamic usernames are generated. * */ public Optional usernameTemplate() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionMysqlRds.java b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionMysqlRds.java index 1f0a7b222..6def6a347 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionMysqlRds.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionMysqlRds.java @@ -13,51 +13,52 @@ @CustomType public final class SecretBackendConnectionMysqlRds { /** - * @return Specifies the Redshift DSN. See + * @return A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ private @Nullable String connectionUrl; /** - * @return The maximum amount of time a connection may be reused. + * @return The maximum number of seconds to keep + * a connection alive for. * */ private @Nullable Integer maxConnectionLifetime; /** * @return The maximum number of idle connections to - * the database. + * maintain. * */ private @Nullable Integer maxIdleConnections; /** * @return The maximum number of open connections to - * the database. + * use. * */ private @Nullable Integer maxOpenConnections; /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ private @Nullable String password; /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ private @Nullable String username; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return Template describing how dynamic usernames are generated. * */ private @Nullable String usernameTemplate; private SecretBackendConnectionMysqlRds() {} /** - * @return Specifies the Redshift DSN. See + * @return A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ @@ -65,7 +66,8 @@ public Optional connectionUrl() { return Optional.ofNullable(this.connectionUrl); } /** - * @return The maximum amount of time a connection may be reused. + * @return The maximum number of seconds to keep + * a connection alive for. * */ public Optional maxConnectionLifetime() { @@ -73,7 +75,7 @@ public Optional maxConnectionLifetime() { } /** * @return The maximum number of idle connections to - * the database. + * maintain. * */ public Optional maxIdleConnections() { @@ -81,28 +83,28 @@ public Optional maxIdleConnections() { } /** * @return The maximum number of open connections to - * the database. + * use. * */ public Optional maxOpenConnections() { return Optional.ofNullable(this.maxOpenConnections); } /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ public Optional password() { return Optional.ofNullable(this.password); } /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ public Optional username() { return Optional.ofNullable(this.username); } /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return Template describing how dynamic usernames are generated. * */ public Optional usernameTemplate() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionOracle.java b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionOracle.java index 3254192ee..b57d9bdfd 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionOracle.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionOracle.java @@ -13,51 +13,52 @@ @CustomType public final class SecretBackendConnectionOracle { /** - * @return Specifies the Redshift DSN. See + * @return A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ private @Nullable String connectionUrl; /** - * @return The maximum amount of time a connection may be reused. + * @return The maximum number of seconds to keep + * a connection alive for. * */ private @Nullable Integer maxConnectionLifetime; /** * @return The maximum number of idle connections to - * the database. + * maintain. * */ private @Nullable Integer maxIdleConnections; /** * @return The maximum number of open connections to - * the database. + * use. * */ private @Nullable Integer maxOpenConnections; /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ private @Nullable String password; /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ private @Nullable String username; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return Template describing how dynamic usernames are generated. * */ private @Nullable String usernameTemplate; private SecretBackendConnectionOracle() {} /** - * @return Specifies the Redshift DSN. See + * @return A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ @@ -65,7 +66,8 @@ public Optional connectionUrl() { return Optional.ofNullable(this.connectionUrl); } /** - * @return The maximum amount of time a connection may be reused. + * @return The maximum number of seconds to keep + * a connection alive for. * */ public Optional maxConnectionLifetime() { @@ -73,7 +75,7 @@ public Optional maxConnectionLifetime() { } /** * @return The maximum number of idle connections to - * the database. + * maintain. * */ public Optional maxIdleConnections() { @@ -81,28 +83,28 @@ public Optional maxIdleConnections() { } /** * @return The maximum number of open connections to - * the database. + * use. * */ public Optional maxOpenConnections() { return Optional.ofNullable(this.maxOpenConnections); } /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ public Optional password() { return Optional.ofNullable(this.password); } /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ public Optional username() { return Optional.ofNullable(this.username); } /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return Template describing how dynamic usernames are generated. * */ public Optional usernameTemplate() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionPostgresql.java b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionPostgresql.java index 3ecca795e..92da447ff 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionPostgresql.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionPostgresql.java @@ -19,9 +19,9 @@ public final class SecretBackendConnectionPostgresql { */ private @Nullable String authType; /** - * @return Specifies the Redshift DSN. See + * @return A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ @@ -32,24 +32,25 @@ public final class SecretBackendConnectionPostgresql { */ private @Nullable Boolean disableEscaping; /** - * @return The maximum amount of time a connection may be reused. + * @return The maximum number of seconds to keep + * a connection alive for. * */ private @Nullable Integer maxConnectionLifetime; /** * @return The maximum number of idle connections to - * the database. + * maintain. * */ private @Nullable Integer maxIdleConnections; /** * @return The maximum number of open connections to - * the database. + * use. * */ private @Nullable Integer maxOpenConnections; /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ private @Nullable String password; @@ -59,12 +60,12 @@ public final class SecretBackendConnectionPostgresql { */ private @Nullable String serviceAccountJson; /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ private @Nullable String username; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return Template describing how dynamic usernames are generated. * */ private @Nullable String usernameTemplate; @@ -78,9 +79,9 @@ public Optional authType() { return Optional.ofNullable(this.authType); } /** - * @return Specifies the Redshift DSN. See + * @return A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ @@ -95,7 +96,8 @@ public Optional disableEscaping() { return Optional.ofNullable(this.disableEscaping); } /** - * @return The maximum amount of time a connection may be reused. + * @return The maximum number of seconds to keep + * a connection alive for. * */ public Optional maxConnectionLifetime() { @@ -103,7 +105,7 @@ public Optional maxConnectionLifetime() { } /** * @return The maximum number of idle connections to - * the database. + * maintain. * */ public Optional maxIdleConnections() { @@ -111,14 +113,14 @@ public Optional maxIdleConnections() { } /** * @return The maximum number of open connections to - * the database. + * use. * */ public Optional maxOpenConnections() { return Optional.ofNullable(this.maxOpenConnections); } /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ public Optional password() { @@ -132,14 +134,14 @@ public Optional serviceAccountJson() { return Optional.ofNullable(this.serviceAccountJson); } /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ public Optional username() { return Optional.ofNullable(this.username); } /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return Template describing how dynamic usernames are generated. * */ public Optional usernameTemplate() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionRedis.java b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionRedis.java index 5e201bd46..cfa0b3f08 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionRedis.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionRedis.java @@ -30,7 +30,7 @@ public final class SecretBackendConnectionRedis { */ private @Nullable Boolean insecureTls; /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ private String password; @@ -41,12 +41,12 @@ public final class SecretBackendConnectionRedis { */ private @Nullable Integer port; /** - * @return Whether to use TLS when connecting to Redis. + * @return Whether to use TLS when connecting to Cassandra. * */ private @Nullable Boolean tls; /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ private String username; @@ -75,7 +75,7 @@ public Optional insecureTls() { return Optional.ofNullable(this.insecureTls); } /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ public String password() { @@ -90,14 +90,14 @@ public Optional port() { return Optional.ofNullable(this.port); } /** - * @return Whether to use TLS when connecting to Redis. + * @return Whether to use TLS when connecting to Cassandra. * */ public Optional tls() { return Optional.ofNullable(this.tls); } /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ public String username() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionRedisElasticache.java b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionRedisElasticache.java index 42a25dd2a..7d103359b 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionRedisElasticache.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionRedisElasticache.java @@ -12,7 +12,7 @@ @CustomType public final class SecretBackendConnectionRedisElasticache { /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ private @Nullable String password; @@ -28,14 +28,14 @@ public final class SecretBackendConnectionRedisElasticache { */ private String url; /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ private @Nullable String username; private SecretBackendConnectionRedisElasticache() {} /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ public Optional password() { @@ -57,7 +57,7 @@ public String url() { return this.url; } /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ public Optional username() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionRedshift.java b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionRedshift.java index b176d3a9d..832afbbb5 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionRedshift.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionRedshift.java @@ -14,9 +14,9 @@ @CustomType public final class SecretBackendConnectionRedshift { /** - * @return Specifies the Redshift DSN. See + * @return A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ @@ -27,43 +27,44 @@ public final class SecretBackendConnectionRedshift { */ private @Nullable Boolean disableEscaping; /** - * @return The maximum amount of time a connection may be reused. + * @return The maximum number of seconds to keep + * a connection alive for. * */ private @Nullable Integer maxConnectionLifetime; /** * @return The maximum number of idle connections to - * the database. + * maintain. * */ private @Nullable Integer maxIdleConnections; /** * @return The maximum number of open connections to - * the database. + * use. * */ private @Nullable Integer maxOpenConnections; /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ private @Nullable String password; /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ private @Nullable String username; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return Template describing how dynamic usernames are generated. * */ private @Nullable String usernameTemplate; private SecretBackendConnectionRedshift() {} /** - * @return Specifies the Redshift DSN. See + * @return A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ @@ -78,7 +79,8 @@ public Optional disableEscaping() { return Optional.ofNullable(this.disableEscaping); } /** - * @return The maximum amount of time a connection may be reused. + * @return The maximum number of seconds to keep + * a connection alive for. * */ public Optional maxConnectionLifetime() { @@ -86,7 +88,7 @@ public Optional maxConnectionLifetime() { } /** * @return The maximum number of idle connections to - * the database. + * maintain. * */ public Optional maxIdleConnections() { @@ -94,28 +96,28 @@ public Optional maxIdleConnections() { } /** * @return The maximum number of open connections to - * the database. + * use. * */ public Optional maxOpenConnections() { return Optional.ofNullable(this.maxOpenConnections); } /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ public Optional password() { return Optional.ofNullable(this.password); } /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ public Optional username() { return Optional.ofNullable(this.username); } /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return Template describing how dynamic usernames are generated. * */ public Optional usernameTemplate() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionSnowflake.java b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionSnowflake.java index ddedeeb2b..a866012d9 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionSnowflake.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretBackendConnectionSnowflake.java @@ -13,51 +13,52 @@ @CustomType public final class SecretBackendConnectionSnowflake { /** - * @return Specifies the Redshift DSN. See + * @return A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ private @Nullable String connectionUrl; /** - * @return The maximum amount of time a connection may be reused. + * @return The maximum number of seconds to keep + * a connection alive for. * */ private @Nullable Integer maxConnectionLifetime; /** * @return The maximum number of idle connections to - * the database. + * maintain. * */ private @Nullable Integer maxIdleConnections; /** * @return The maximum number of open connections to - * the database. + * use. * */ private @Nullable Integer maxOpenConnections; /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ private @Nullable String password; /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ private @Nullable String username; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return Template describing how dynamic usernames are generated. * */ private @Nullable String usernameTemplate; private SecretBackendConnectionSnowflake() {} /** - * @return Specifies the Redshift DSN. See + * @return A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. * */ @@ -65,7 +66,8 @@ public Optional connectionUrl() { return Optional.ofNullable(this.connectionUrl); } /** - * @return The maximum amount of time a connection may be reused. + * @return The maximum number of seconds to keep + * a connection alive for. * */ public Optional maxConnectionLifetime() { @@ -73,7 +75,7 @@ public Optional maxConnectionLifetime() { } /** * @return The maximum number of idle connections to - * the database. + * maintain. * */ public Optional maxIdleConnections() { @@ -81,28 +83,28 @@ public Optional maxIdleConnections() { } /** * @return The maximum number of open connections to - * the database. + * use. * */ public Optional maxOpenConnections() { return Optional.ofNullable(this.maxOpenConnections); } /** - * @return The root credential password used in the connection URL. + * @return The password to authenticate with. * */ public Optional password() { return Optional.ofNullable(this.password); } /** - * @return The root credential username used in the connection URL. + * @return The username to authenticate with. * */ public Optional username() { return Optional.ofNullable(this.username); } /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return Template describing how dynamic usernames are generated. * */ public Optional usernameTemplate() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountCassandra.java b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountCassandra.java index 5fcfb34cf..b0ddfbd33 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountCassandra.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountCassandra.java @@ -31,10 +31,12 @@ public final class SecretsMountCassandra { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ private @Nullable Map data; /** - * @return A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + * @return The hosts to connect to. * */ private @Nullable List hosts; @@ -46,7 +48,7 @@ public final class SecretsMountCassandra { private @Nullable Boolean insecureTls; private String name; /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ private @Nullable String password; @@ -83,12 +85,12 @@ public final class SecretsMountCassandra { */ private @Nullable List rootRotationStatements; /** - * @return Whether to use TLS when connecting to Redis. + * @return Whether to use TLS when connecting to Cassandra. * */ private @Nullable Boolean tls; /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ private @Nullable String username; @@ -119,12 +121,14 @@ public Optional connectTimeout() { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ public Map data() { return this.data == null ? Map.of() : this.data; } /** - * @return A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + * @return The hosts to connect to. * */ public List hosts() { @@ -142,7 +146,7 @@ public String name() { return this.name; } /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ public Optional password() { @@ -193,14 +197,14 @@ public List rootRotationStatements() { return this.rootRotationStatements == null ? List.of() : this.rootRotationStatements; } /** - * @return Whether to use TLS when connecting to Redis. + * @return Whether to use TLS when connecting to Cassandra. * */ public Optional tls() { return Optional.ofNullable(this.tls); } /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ public Optional username() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountCouchbase.java b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountCouchbase.java index df30546ed..a4a04d37f 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountCouchbase.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountCouchbase.java @@ -34,10 +34,12 @@ public final class SecretsMountCouchbase { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ private @Nullable Map data; /** - * @return A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + * @return The hosts to connect to. * */ private List hosts; @@ -49,7 +51,7 @@ public final class SecretsMountCouchbase { private @Nullable Boolean insecureTls; private String name; /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ private String password; @@ -64,17 +66,17 @@ public final class SecretsMountCouchbase { */ private @Nullable List rootRotationStatements; /** - * @return Whether to use TLS when connecting to Redis. + * @return Whether to use TLS when connecting to Cassandra. * */ private @Nullable Boolean tls; /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ private String username; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ private @Nullable String usernameTemplate; @@ -111,12 +113,14 @@ public Optional bucketName() { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ public Map data() { return this.data == null ? Map.of() : this.data; } /** - * @return A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + * @return The hosts to connect to. * */ public List hosts() { @@ -134,7 +138,7 @@ public String name() { return this.name; } /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ public String password() { @@ -155,21 +159,21 @@ public List rootRotationStatements() { return this.rootRotationStatements == null ? List.of() : this.rootRotationStatements; } /** - * @return Whether to use TLS when connecting to Redis. + * @return Whether to use TLS when connecting to Cassandra. * */ public Optional tls() { return Optional.ofNullable(this.tls); } /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ public String username() { return this.username; } /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ public Optional usernameTemplate() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountElasticsearch.java b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountElasticsearch.java index 889ecdc55..08e67196d 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountElasticsearch.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountElasticsearch.java @@ -22,7 +22,7 @@ public final class SecretsMountElasticsearch { */ private @Nullable List allowedRoles; /** - * @return The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity. + * @return The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. * */ private @Nullable String caCert; @@ -44,6 +44,8 @@ public final class SecretsMountElasticsearch { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ private @Nullable Map data; /** @@ -53,7 +55,7 @@ public final class SecretsMountElasticsearch { private @Nullable Boolean insecure; private String name; /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ private String password; @@ -73,17 +75,18 @@ public final class SecretsMountElasticsearch { */ private @Nullable String tlsServerName; /** - * @return The configuration endpoint for the ElastiCache cluster to connect to. + * @return The URL for Elasticsearch's API. https requires certificate + * by trusted CA if used. * */ private String url; /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ private String username; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ private @Nullable String usernameTemplate; @@ -104,7 +107,7 @@ public List allowedRoles() { return this.allowedRoles == null ? List.of() : this.allowedRoles; } /** - * @return The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity. + * @return The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. * */ public Optional caCert() { @@ -134,6 +137,8 @@ public Optional clientKey() { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ public Map data() { return this.data == null ? Map.of() : this.data; @@ -149,7 +154,7 @@ public String name() { return this.name; } /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ public String password() { @@ -177,21 +182,22 @@ public Optional tlsServerName() { return Optional.ofNullable(this.tlsServerName); } /** - * @return The configuration endpoint for the ElastiCache cluster to connect to. + * @return The URL for Elasticsearch's API. https requires certificate + * by trusted CA if used. * */ public String url() { return this.url; } /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ public String username() { return this.username; } /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ public Optional usernameTemplate() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountHana.java b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountHana.java index 8c8bf6515..f0de51489 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountHana.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountHana.java @@ -23,14 +23,16 @@ public final class SecretsMountHana { */ private @Nullable List allowedRoles; /** - * @return A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @return Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ private @Nullable String connectionUrl; /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ private @Nullable Map data; /** @@ -39,26 +41,25 @@ public final class SecretsMountHana { */ private @Nullable Boolean disableEscaping; /** - * @return The maximum number of seconds to keep - * a connection alive for. + * @return The maximum amount of time a connection may be reused. * */ private @Nullable Integer maxConnectionLifetime; /** * @return The maximum number of idle connections to - * maintain. + * the database. * */ private @Nullable Integer maxIdleConnections; /** * @return The maximum number of open connections to - * use. + * the database. * */ private @Nullable Integer maxOpenConnections; private String name; /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ private @Nullable String password; @@ -73,7 +74,7 @@ public final class SecretsMountHana { */ private @Nullable List rootRotationStatements; /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ private @Nullable String username; @@ -94,8 +95,8 @@ public List allowedRoles() { return this.allowedRoles == null ? List.of() : this.allowedRoles; } /** - * @return A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @return Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ public Optional connectionUrl() { @@ -104,6 +105,8 @@ public Optional connectionUrl() { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ public Map data() { return this.data == null ? Map.of() : this.data; @@ -116,8 +119,7 @@ public Optional disableEscaping() { return Optional.ofNullable(this.disableEscaping); } /** - * @return The maximum number of seconds to keep - * a connection alive for. + * @return The maximum amount of time a connection may be reused. * */ public Optional maxConnectionLifetime() { @@ -125,7 +127,7 @@ public Optional maxConnectionLifetime() { } /** * @return The maximum number of idle connections to - * maintain. + * the database. * */ public Optional maxIdleConnections() { @@ -133,7 +135,7 @@ public Optional maxIdleConnections() { } /** * @return The maximum number of open connections to - * use. + * the database. * */ public Optional maxOpenConnections() { @@ -143,7 +145,7 @@ public String name() { return this.name; } /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ public Optional password() { @@ -164,7 +166,7 @@ public List rootRotationStatements() { return this.rootRotationStatements == null ? List.of() : this.rootRotationStatements; } /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ public Optional username() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountInfluxdb.java b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountInfluxdb.java index e338e5a46..8a05483b3 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountInfluxdb.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountInfluxdb.java @@ -31,6 +31,8 @@ public final class SecretsMountInfluxdb { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ private @Nullable Map data; /** @@ -46,7 +48,7 @@ public final class SecretsMountInfluxdb { private @Nullable Boolean insecureTls; private String name; /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ private String password; @@ -78,17 +80,17 @@ public final class SecretsMountInfluxdb { */ private @Nullable List rootRotationStatements; /** - * @return Whether to use TLS when connecting to Redis. + * @return Whether to use TLS when connecting to Cassandra. * */ private @Nullable Boolean tls; /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ private String username; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ private @Nullable String usernameTemplate; @@ -119,6 +121,8 @@ public Optional connectTimeout() { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ public Map data() { return this.data == null ? Map.of() : this.data; @@ -142,7 +146,7 @@ public String name() { return this.name; } /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ public String password() { @@ -186,21 +190,21 @@ public List rootRotationStatements() { return this.rootRotationStatements == null ? List.of() : this.rootRotationStatements; } /** - * @return Whether to use TLS when connecting to Redis. + * @return Whether to use TLS when connecting to Cassandra. * */ public Optional tls() { return Optional.ofNullable(this.tls); } /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ public String username() { return this.username; } /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ public Optional usernameTemplate() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountMongodb.java b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountMongodb.java index 5c064b41f..92c4215f8 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountMongodb.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountMongodb.java @@ -23,37 +23,38 @@ public final class SecretsMountMongodb { */ private @Nullable List allowedRoles; /** - * @return A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @return Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ private @Nullable String connectionUrl; /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ private @Nullable Map data; /** - * @return The maximum number of seconds to keep - * a connection alive for. + * @return The maximum amount of time a connection may be reused. * */ private @Nullable Integer maxConnectionLifetime; /** * @return The maximum number of idle connections to - * maintain. + * the database. * */ private @Nullable Integer maxIdleConnections; /** * @return The maximum number of open connections to - * use. + * the database. * */ private @Nullable Integer maxOpenConnections; private String name; /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ private @Nullable String password; @@ -68,12 +69,12 @@ public final class SecretsMountMongodb { */ private @Nullable List rootRotationStatements; /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ private @Nullable String username; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ private @Nullable String usernameTemplate; @@ -94,8 +95,8 @@ public List allowedRoles() { return this.allowedRoles == null ? List.of() : this.allowedRoles; } /** - * @return A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @return Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ public Optional connectionUrl() { @@ -104,13 +105,14 @@ public Optional connectionUrl() { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ public Map data() { return this.data == null ? Map.of() : this.data; } /** - * @return The maximum number of seconds to keep - * a connection alive for. + * @return The maximum amount of time a connection may be reused. * */ public Optional maxConnectionLifetime() { @@ -118,7 +120,7 @@ public Optional maxConnectionLifetime() { } /** * @return The maximum number of idle connections to - * maintain. + * the database. * */ public Optional maxIdleConnections() { @@ -126,7 +128,7 @@ public Optional maxIdleConnections() { } /** * @return The maximum number of open connections to - * use. + * the database. * */ public Optional maxOpenConnections() { @@ -136,7 +138,7 @@ public String name() { return this.name; } /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ public Optional password() { @@ -157,14 +159,14 @@ public List rootRotationStatements() { return this.rootRotationStatements == null ? List.of() : this.rootRotationStatements; } /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ public Optional username() { return Optional.ofNullable(this.username); } /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ public Optional usernameTemplate() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountMongodbatla.java b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountMongodbatla.java index 2dafcb598..93b7dfc08 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountMongodbatla.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountMongodbatla.java @@ -24,6 +24,8 @@ public final class SecretsMountMongodbatla { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ private @Nullable Map data; private String name; @@ -71,6 +73,8 @@ public List allowedRoles() { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ public Map data() { return this.data == null ? Map.of() : this.data; diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountMssql.java b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountMssql.java index 5243dbdf8..7ee0864e2 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountMssql.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountMssql.java @@ -23,8 +23,8 @@ public final class SecretsMountMssql { */ private @Nullable List allowedRoles; /** - * @return A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @return Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ private @Nullable String connectionUrl; @@ -38,6 +38,8 @@ public final class SecretsMountMssql { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ private @Nullable Map data; /** @@ -46,26 +48,25 @@ public final class SecretsMountMssql { */ private @Nullable Boolean disableEscaping; /** - * @return The maximum number of seconds to keep - * a connection alive for. + * @return The maximum amount of time a connection may be reused. * */ private @Nullable Integer maxConnectionLifetime; /** * @return The maximum number of idle connections to - * maintain. + * the database. * */ private @Nullable Integer maxIdleConnections; /** * @return The maximum number of open connections to - * use. + * the database. * */ private @Nullable Integer maxOpenConnections; private String name; /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ private @Nullable String password; @@ -80,12 +81,12 @@ public final class SecretsMountMssql { */ private @Nullable List rootRotationStatements; /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ private @Nullable String username; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ private @Nullable String usernameTemplate; @@ -106,8 +107,8 @@ public List allowedRoles() { return this.allowedRoles == null ? List.of() : this.allowedRoles; } /** - * @return A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @return Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ public Optional connectionUrl() { @@ -125,6 +126,8 @@ public Optional containedDb() { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ public Map data() { return this.data == null ? Map.of() : this.data; @@ -137,8 +140,7 @@ public Optional disableEscaping() { return Optional.ofNullable(this.disableEscaping); } /** - * @return The maximum number of seconds to keep - * a connection alive for. + * @return The maximum amount of time a connection may be reused. * */ public Optional maxConnectionLifetime() { @@ -146,7 +148,7 @@ public Optional maxConnectionLifetime() { } /** * @return The maximum number of idle connections to - * maintain. + * the database. * */ public Optional maxIdleConnections() { @@ -154,7 +156,7 @@ public Optional maxIdleConnections() { } /** * @return The maximum number of open connections to - * use. + * the database. * */ public Optional maxOpenConnections() { @@ -164,7 +166,7 @@ public String name() { return this.name; } /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ public Optional password() { @@ -185,14 +187,14 @@ public List rootRotationStatements() { return this.rootRotationStatements == null ? List.of() : this.rootRotationStatements; } /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ public Optional username() { return Optional.ofNullable(this.username); } /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ public Optional usernameTemplate() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountMysql.java b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountMysql.java index 85bfd6857..c27a49028 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountMysql.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountMysql.java @@ -24,37 +24,38 @@ public final class SecretsMountMysql { private @Nullable List allowedRoles; private @Nullable String authType; /** - * @return A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @return Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ private @Nullable String connectionUrl; /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ private @Nullable Map data; /** - * @return The maximum number of seconds to keep - * a connection alive for. + * @return The maximum amount of time a connection may be reused. * */ private @Nullable Integer maxConnectionLifetime; /** * @return The maximum number of idle connections to - * maintain. + * the database. * */ private @Nullable Integer maxIdleConnections; /** * @return The maximum number of open connections to - * use. + * the database. * */ private @Nullable Integer maxOpenConnections; private String name; /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ private @Nullable String password; @@ -80,12 +81,12 @@ public final class SecretsMountMysql { */ private @Nullable String tlsCertificateKey; /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ private @Nullable String username; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ private @Nullable String usernameTemplate; @@ -109,8 +110,8 @@ public Optional authType() { return Optional.ofNullable(this.authType); } /** - * @return A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @return Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ public Optional connectionUrl() { @@ -119,13 +120,14 @@ public Optional connectionUrl() { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ public Map data() { return this.data == null ? Map.of() : this.data; } /** - * @return The maximum number of seconds to keep - * a connection alive for. + * @return The maximum amount of time a connection may be reused. * */ public Optional maxConnectionLifetime() { @@ -133,7 +135,7 @@ public Optional maxConnectionLifetime() { } /** * @return The maximum number of idle connections to - * maintain. + * the database. * */ public Optional maxIdleConnections() { @@ -141,7 +143,7 @@ public Optional maxIdleConnections() { } /** * @return The maximum number of open connections to - * use. + * the database. * */ public Optional maxOpenConnections() { @@ -151,7 +153,7 @@ public String name() { return this.name; } /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ public Optional password() { @@ -189,14 +191,14 @@ public Optional tlsCertificateKey() { return Optional.ofNullable(this.tlsCertificateKey); } /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ public Optional username() { return Optional.ofNullable(this.username); } /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ public Optional usernameTemplate() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountMysqlAurora.java b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountMysqlAurora.java index 49e03dd49..7e7990fc0 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountMysqlAurora.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountMysqlAurora.java @@ -23,37 +23,38 @@ public final class SecretsMountMysqlAurora { */ private @Nullable List allowedRoles; /** - * @return A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @return Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ private @Nullable String connectionUrl; /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ private @Nullable Map data; /** - * @return The maximum number of seconds to keep - * a connection alive for. + * @return The maximum amount of time a connection may be reused. * */ private @Nullable Integer maxConnectionLifetime; /** * @return The maximum number of idle connections to - * maintain. + * the database. * */ private @Nullable Integer maxIdleConnections; /** * @return The maximum number of open connections to - * use. + * the database. * */ private @Nullable Integer maxOpenConnections; private String name; /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ private @Nullable String password; @@ -68,12 +69,12 @@ public final class SecretsMountMysqlAurora { */ private @Nullable List rootRotationStatements; /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ private @Nullable String username; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ private @Nullable String usernameTemplate; @@ -94,8 +95,8 @@ public List allowedRoles() { return this.allowedRoles == null ? List.of() : this.allowedRoles; } /** - * @return A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @return Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ public Optional connectionUrl() { @@ -104,13 +105,14 @@ public Optional connectionUrl() { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ public Map data() { return this.data == null ? Map.of() : this.data; } /** - * @return The maximum number of seconds to keep - * a connection alive for. + * @return The maximum amount of time a connection may be reused. * */ public Optional maxConnectionLifetime() { @@ -118,7 +120,7 @@ public Optional maxConnectionLifetime() { } /** * @return The maximum number of idle connections to - * maintain. + * the database. * */ public Optional maxIdleConnections() { @@ -126,7 +128,7 @@ public Optional maxIdleConnections() { } /** * @return The maximum number of open connections to - * use. + * the database. * */ public Optional maxOpenConnections() { @@ -136,7 +138,7 @@ public String name() { return this.name; } /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ public Optional password() { @@ -157,14 +159,14 @@ public List rootRotationStatements() { return this.rootRotationStatements == null ? List.of() : this.rootRotationStatements; } /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ public Optional username() { return Optional.ofNullable(this.username); } /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ public Optional usernameTemplate() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountMysqlLegacy.java b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountMysqlLegacy.java index 6aa7f5d70..a05645a29 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountMysqlLegacy.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountMysqlLegacy.java @@ -23,37 +23,38 @@ public final class SecretsMountMysqlLegacy { */ private @Nullable List allowedRoles; /** - * @return A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @return Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ private @Nullable String connectionUrl; /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ private @Nullable Map data; /** - * @return The maximum number of seconds to keep - * a connection alive for. + * @return The maximum amount of time a connection may be reused. * */ private @Nullable Integer maxConnectionLifetime; /** * @return The maximum number of idle connections to - * maintain. + * the database. * */ private @Nullable Integer maxIdleConnections; /** * @return The maximum number of open connections to - * use. + * the database. * */ private @Nullable Integer maxOpenConnections; private String name; /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ private @Nullable String password; @@ -68,12 +69,12 @@ public final class SecretsMountMysqlLegacy { */ private @Nullable List rootRotationStatements; /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ private @Nullable String username; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ private @Nullable String usernameTemplate; @@ -94,8 +95,8 @@ public List allowedRoles() { return this.allowedRoles == null ? List.of() : this.allowedRoles; } /** - * @return A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @return Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ public Optional connectionUrl() { @@ -104,13 +105,14 @@ public Optional connectionUrl() { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ public Map data() { return this.data == null ? Map.of() : this.data; } /** - * @return The maximum number of seconds to keep - * a connection alive for. + * @return The maximum amount of time a connection may be reused. * */ public Optional maxConnectionLifetime() { @@ -118,7 +120,7 @@ public Optional maxConnectionLifetime() { } /** * @return The maximum number of idle connections to - * maintain. + * the database. * */ public Optional maxIdleConnections() { @@ -126,7 +128,7 @@ public Optional maxIdleConnections() { } /** * @return The maximum number of open connections to - * use. + * the database. * */ public Optional maxOpenConnections() { @@ -136,7 +138,7 @@ public String name() { return this.name; } /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ public Optional password() { @@ -157,14 +159,14 @@ public List rootRotationStatements() { return this.rootRotationStatements == null ? List.of() : this.rootRotationStatements; } /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ public Optional username() { return Optional.ofNullable(this.username); } /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ public Optional usernameTemplate() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountMysqlRd.java b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountMysqlRd.java index 4a4647870..3164e06a9 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountMysqlRd.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountMysqlRd.java @@ -23,37 +23,38 @@ public final class SecretsMountMysqlRd { */ private @Nullable List allowedRoles; /** - * @return A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @return Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ private @Nullable String connectionUrl; /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ private @Nullable Map data; /** - * @return The maximum number of seconds to keep - * a connection alive for. + * @return The maximum amount of time a connection may be reused. * */ private @Nullable Integer maxConnectionLifetime; /** * @return The maximum number of idle connections to - * maintain. + * the database. * */ private @Nullable Integer maxIdleConnections; /** * @return The maximum number of open connections to - * use. + * the database. * */ private @Nullable Integer maxOpenConnections; private String name; /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ private @Nullable String password; @@ -68,12 +69,12 @@ public final class SecretsMountMysqlRd { */ private @Nullable List rootRotationStatements; /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ private @Nullable String username; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ private @Nullable String usernameTemplate; @@ -94,8 +95,8 @@ public List allowedRoles() { return this.allowedRoles == null ? List.of() : this.allowedRoles; } /** - * @return A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @return Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ public Optional connectionUrl() { @@ -104,13 +105,14 @@ public Optional connectionUrl() { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ public Map data() { return this.data == null ? Map.of() : this.data; } /** - * @return The maximum number of seconds to keep - * a connection alive for. + * @return The maximum amount of time a connection may be reused. * */ public Optional maxConnectionLifetime() { @@ -118,7 +120,7 @@ public Optional maxConnectionLifetime() { } /** * @return The maximum number of idle connections to - * maintain. + * the database. * */ public Optional maxIdleConnections() { @@ -126,7 +128,7 @@ public Optional maxIdleConnections() { } /** * @return The maximum number of open connections to - * use. + * the database. * */ public Optional maxOpenConnections() { @@ -136,7 +138,7 @@ public String name() { return this.name; } /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ public Optional password() { @@ -157,14 +159,14 @@ public List rootRotationStatements() { return this.rootRotationStatements == null ? List.of() : this.rootRotationStatements; } /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ public Optional username() { return Optional.ofNullable(this.username); } /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ public Optional usernameTemplate() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountOracle.java b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountOracle.java index c484f0137..c21ed1123 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountOracle.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountOracle.java @@ -23,37 +23,38 @@ public final class SecretsMountOracle { */ private @Nullable List allowedRoles; /** - * @return A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @return Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ private @Nullable String connectionUrl; /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ private @Nullable Map data; /** - * @return The maximum number of seconds to keep - * a connection alive for. + * @return The maximum amount of time a connection may be reused. * */ private @Nullable Integer maxConnectionLifetime; /** * @return The maximum number of idle connections to - * maintain. + * the database. * */ private @Nullable Integer maxIdleConnections; /** * @return The maximum number of open connections to - * use. + * the database. * */ private @Nullable Integer maxOpenConnections; private String name; /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ private @Nullable String password; @@ -68,12 +69,12 @@ public final class SecretsMountOracle { */ private @Nullable List rootRotationStatements; /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ private @Nullable String username; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ private @Nullable String usernameTemplate; @@ -94,8 +95,8 @@ public List allowedRoles() { return this.allowedRoles == null ? List.of() : this.allowedRoles; } /** - * @return A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @return Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ public Optional connectionUrl() { @@ -104,13 +105,14 @@ public Optional connectionUrl() { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ public Map data() { return this.data == null ? Map.of() : this.data; } /** - * @return The maximum number of seconds to keep - * a connection alive for. + * @return The maximum amount of time a connection may be reused. * */ public Optional maxConnectionLifetime() { @@ -118,7 +120,7 @@ public Optional maxConnectionLifetime() { } /** * @return The maximum number of idle connections to - * maintain. + * the database. * */ public Optional maxIdleConnections() { @@ -126,7 +128,7 @@ public Optional maxIdleConnections() { } /** * @return The maximum number of open connections to - * use. + * the database. * */ public Optional maxOpenConnections() { @@ -136,7 +138,7 @@ public String name() { return this.name; } /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ public Optional password() { @@ -157,14 +159,14 @@ public List rootRotationStatements() { return this.rootRotationStatements == null ? List.of() : this.rootRotationStatements; } /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ public Optional username() { return Optional.ofNullable(this.username); } /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ public Optional usernameTemplate() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountPostgresql.java b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountPostgresql.java index 7af3b0bdd..16b2452a7 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountPostgresql.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountPostgresql.java @@ -24,14 +24,16 @@ public final class SecretsMountPostgresql { private @Nullable List allowedRoles; private @Nullable String authType; /** - * @return A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @return Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ private @Nullable String connectionUrl; /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ private @Nullable Map data; /** @@ -40,26 +42,25 @@ public final class SecretsMountPostgresql { */ private @Nullable Boolean disableEscaping; /** - * @return The maximum number of seconds to keep - * a connection alive for. + * @return The maximum amount of time a connection may be reused. * */ private @Nullable Integer maxConnectionLifetime; /** * @return The maximum number of idle connections to - * maintain. + * the database. * */ private @Nullable Integer maxIdleConnections; /** * @return The maximum number of open connections to - * use. + * the database. * */ private @Nullable Integer maxOpenConnections; private String name; /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ private @Nullable String password; @@ -75,12 +76,12 @@ public final class SecretsMountPostgresql { private @Nullable List rootRotationStatements; private @Nullable String serviceAccountJson; /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ private @Nullable String username; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ private @Nullable String usernameTemplate; @@ -104,8 +105,8 @@ public Optional authType() { return Optional.ofNullable(this.authType); } /** - * @return A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @return Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ public Optional connectionUrl() { @@ -114,6 +115,8 @@ public Optional connectionUrl() { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ public Map data() { return this.data == null ? Map.of() : this.data; @@ -126,8 +129,7 @@ public Optional disableEscaping() { return Optional.ofNullable(this.disableEscaping); } /** - * @return The maximum number of seconds to keep - * a connection alive for. + * @return The maximum amount of time a connection may be reused. * */ public Optional maxConnectionLifetime() { @@ -135,7 +137,7 @@ public Optional maxConnectionLifetime() { } /** * @return The maximum number of idle connections to - * maintain. + * the database. * */ public Optional maxIdleConnections() { @@ -143,7 +145,7 @@ public Optional maxIdleConnections() { } /** * @return The maximum number of open connections to - * use. + * the database. * */ public Optional maxOpenConnections() { @@ -153,7 +155,7 @@ public String name() { return this.name; } /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ public Optional password() { @@ -177,14 +179,14 @@ public Optional serviceAccountJson() { return Optional.ofNullable(this.serviceAccountJson); } /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ public Optional username() { return Optional.ofNullable(this.username); } /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ public Optional usernameTemplate() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountRedi.java b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountRedi.java index 0fd817d71..bf60520e5 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountRedi.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountRedi.java @@ -23,13 +23,15 @@ public final class SecretsMountRedi { */ private @Nullable List allowedRoles; /** - * @return The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity. + * @return The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. * */ private @Nullable String caCert; /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ private @Nullable Map data; /** @@ -45,7 +47,7 @@ public final class SecretsMountRedi { private @Nullable Boolean insecureTls; private String name; /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ private String password; @@ -66,12 +68,12 @@ public final class SecretsMountRedi { */ private @Nullable List rootRotationStatements; /** - * @return Whether to use TLS when connecting to Redis. + * @return Whether to use TLS when connecting to Cassandra. * */ private @Nullable Boolean tls; /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ private String username; @@ -92,7 +94,7 @@ public List allowedRoles() { return this.allowedRoles == null ? List.of() : this.allowedRoles; } /** - * @return The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity. + * @return The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. * */ public Optional caCert() { @@ -101,6 +103,8 @@ public Optional caCert() { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ public Map data() { return this.data == null ? Map.of() : this.data; @@ -124,7 +128,7 @@ public String name() { return this.name; } /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ public String password() { @@ -153,14 +157,14 @@ public List rootRotationStatements() { return this.rootRotationStatements == null ? List.of() : this.rootRotationStatements; } /** - * @return Whether to use TLS when connecting to Redis. + * @return Whether to use TLS when connecting to Cassandra. * */ public Optional tls() { return Optional.ofNullable(this.tls); } /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ public String username() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountRedisElasticach.java b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountRedisElasticach.java index a735f544a..083e5d43b 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountRedisElasticach.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountRedisElasticach.java @@ -24,11 +24,13 @@ public final class SecretsMountRedisElasticach { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ private @Nullable Map data; private String name; /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ private @Nullable String password; @@ -49,12 +51,13 @@ public final class SecretsMountRedisElasticach { */ private @Nullable List rootRotationStatements; /** - * @return The configuration endpoint for the ElastiCache cluster to connect to. + * @return The URL for Elasticsearch's API. https requires certificate + * by trusted CA if used. * */ private String url; /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ private @Nullable String username; @@ -77,6 +80,8 @@ public List allowedRoles() { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ public Map data() { return this.data == null ? Map.of() : this.data; @@ -85,7 +90,7 @@ public String name() { return this.name; } /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ public Optional password() { @@ -114,14 +119,15 @@ public List rootRotationStatements() { return this.rootRotationStatements == null ? List.of() : this.rootRotationStatements; } /** - * @return The configuration endpoint for the ElastiCache cluster to connect to. + * @return The URL for Elasticsearch's API. https requires certificate + * by trusted CA if used. * */ public String url() { return this.url; } /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ public Optional username() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountRedshift.java b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountRedshift.java index 7d708055a..ba108901f 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountRedshift.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountRedshift.java @@ -23,14 +23,16 @@ public final class SecretsMountRedshift { */ private @Nullable List allowedRoles; /** - * @return A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @return Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ private @Nullable String connectionUrl; /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ private @Nullable Map data; /** @@ -39,26 +41,25 @@ public final class SecretsMountRedshift { */ private @Nullable Boolean disableEscaping; /** - * @return The maximum number of seconds to keep - * a connection alive for. + * @return The maximum amount of time a connection may be reused. * */ private @Nullable Integer maxConnectionLifetime; /** * @return The maximum number of idle connections to - * maintain. + * the database. * */ private @Nullable Integer maxIdleConnections; /** * @return The maximum number of open connections to - * use. + * the database. * */ private @Nullable Integer maxOpenConnections; private String name; /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ private @Nullable String password; @@ -73,12 +74,12 @@ public final class SecretsMountRedshift { */ private @Nullable List rootRotationStatements; /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ private @Nullable String username; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ private @Nullable String usernameTemplate; @@ -99,8 +100,8 @@ public List allowedRoles() { return this.allowedRoles == null ? List.of() : this.allowedRoles; } /** - * @return A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @return Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ public Optional connectionUrl() { @@ -109,6 +110,8 @@ public Optional connectionUrl() { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ public Map data() { return this.data == null ? Map.of() : this.data; @@ -121,8 +124,7 @@ public Optional disableEscaping() { return Optional.ofNullable(this.disableEscaping); } /** - * @return The maximum number of seconds to keep - * a connection alive for. + * @return The maximum amount of time a connection may be reused. * */ public Optional maxConnectionLifetime() { @@ -130,7 +132,7 @@ public Optional maxConnectionLifetime() { } /** * @return The maximum number of idle connections to - * maintain. + * the database. * */ public Optional maxIdleConnections() { @@ -138,7 +140,7 @@ public Optional maxIdleConnections() { } /** * @return The maximum number of open connections to - * use. + * the database. * */ public Optional maxOpenConnections() { @@ -148,7 +150,7 @@ public String name() { return this.name; } /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ public Optional password() { @@ -169,14 +171,14 @@ public List rootRotationStatements() { return this.rootRotationStatements == null ? List.of() : this.rootRotationStatements; } /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ public Optional username() { return Optional.ofNullable(this.username); } /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ public Optional usernameTemplate() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountSnowflake.java b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountSnowflake.java index 8f4b84ba6..cd92f5bb1 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountSnowflake.java +++ b/sdk/java/src/main/java/com/pulumi/vault/database/outputs/SecretsMountSnowflake.java @@ -23,37 +23,38 @@ public final class SecretsMountSnowflake { */ private @Nullable List allowedRoles; /** - * @return A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @return Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ private @Nullable String connectionUrl; /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ private @Nullable Map data; /** - * @return The maximum number of seconds to keep - * a connection alive for. + * @return The maximum amount of time a connection may be reused. * */ private @Nullable Integer maxConnectionLifetime; /** * @return The maximum number of idle connections to - * maintain. + * the database. * */ private @Nullable Integer maxIdleConnections; /** * @return The maximum number of open connections to - * use. + * the database. * */ private @Nullable Integer maxOpenConnections; private String name; /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ private @Nullable String password; @@ -68,12 +69,12 @@ public final class SecretsMountSnowflake { */ private @Nullable List rootRotationStatements; /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ private @Nullable String username; /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ private @Nullable String usernameTemplate; @@ -94,8 +95,8 @@ public List allowedRoles() { return this.allowedRoles == null ? List.of() : this.allowedRoles; } /** - * @return A URL containing connection information.\ - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * @return Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) * */ public Optional connectionUrl() { @@ -104,13 +105,14 @@ public Optional connectionUrl() { /** * @return A map of sensitive data to pass to the endpoint. Useful for templated connection strings. * + * Supported list of database secrets engines that can be configured: + * */ public Map data() { return this.data == null ? Map.of() : this.data; } /** - * @return The maximum number of seconds to keep - * a connection alive for. + * @return The maximum amount of time a connection may be reused. * */ public Optional maxConnectionLifetime() { @@ -118,7 +120,7 @@ public Optional maxConnectionLifetime() { } /** * @return The maximum number of idle connections to - * maintain. + * the database. * */ public Optional maxIdleConnections() { @@ -126,7 +128,7 @@ public Optional maxIdleConnections() { } /** * @return The maximum number of open connections to - * use. + * the database. * */ public Optional maxOpenConnections() { @@ -136,7 +138,7 @@ public String name() { return this.name; } /** - * @return The password to be used in the connection. + * @return The root credential password used in the connection URL. * */ public Optional password() { @@ -157,14 +159,14 @@ public List rootRotationStatements() { return this.rootRotationStatements == null ? List.of() : this.rootRotationStatements; } /** - * @return The username to be used in the connection (the account admin level). + * @return The root credential username used in the connection URL. * */ public Optional username() { return Optional.ofNullable(this.username); } /** - * @return - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * @return [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. * */ public Optional usernameTemplate() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/gcp/AuthBackend.java b/sdk/java/src/main/java/com/pulumi/vault/gcp/AuthBackend.java index 670070934..4cb47d908 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/gcp/AuthBackend.java +++ b/sdk/java/src/main/java/com/pulumi/vault/gcp/AuthBackend.java @@ -131,6 +131,8 @@ public Output> credentials() { * to target alternative service endpoints for use in [Private Google Access](https://cloud.google.com/vpc/docs/configure-private-google-access) * environments. Requires Vault 1.11+. * + * Overrides are set at the subdomain level using the following keys: + * */ @Export(name="customEndpoint", refs={AuthBackendCustomEndpoint.class}, tree="[0]") private Output customEndpoint; @@ -142,6 +144,8 @@ public Output> credentials() { * to target alternative service endpoints for use in [Private Google Access](https://cloud.google.com/vpc/docs/configure-private-google-access) * environments. Requires Vault 1.11+. * + * Overrides are set at the subdomain level using the following keys: + * */ public Output> customEndpoint() { return Codegen.optional(this.customEndpoint); diff --git a/sdk/java/src/main/java/com/pulumi/vault/gcp/AuthBackendArgs.java b/sdk/java/src/main/java/com/pulumi/vault/gcp/AuthBackendArgs.java index 4aaf60753..c05b18a81 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/gcp/AuthBackendArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/gcp/AuthBackendArgs.java @@ -69,6 +69,8 @@ public Optional> credentials() { * to target alternative service endpoints for use in [Private Google Access](https://cloud.google.com/vpc/docs/configure-private-google-access) * environments. Requires Vault 1.11+. * + * Overrides are set at the subdomain level using the following keys: + * */ @Import(name="customEndpoint") private @Nullable Output customEndpoint; @@ -80,6 +82,8 @@ public Optional> credentials() { * to target alternative service endpoints for use in [Private Google Access](https://cloud.google.com/vpc/docs/configure-private-google-access) * environments. Requires Vault 1.11+. * + * Overrides are set at the subdomain level using the following keys: + * */ public Optional> customEndpoint() { return Optional.ofNullable(this.customEndpoint); @@ -302,6 +306,8 @@ public Builder credentials(String credentials) { * to target alternative service endpoints for use in [Private Google Access](https://cloud.google.com/vpc/docs/configure-private-google-access) * environments. Requires Vault 1.11+. * + * Overrides are set at the subdomain level using the following keys: + * * @return builder * */ @@ -317,6 +323,8 @@ public Builder customEndpoint(@Nullable Output cu * to target alternative service endpoints for use in [Private Google Access](https://cloud.google.com/vpc/docs/configure-private-google-access) * environments. Requires Vault 1.11+. * + * Overrides are set at the subdomain level using the following keys: + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/gcp/AuthBackendRole.java b/sdk/java/src/main/java/com/pulumi/vault/gcp/AuthBackendRole.java index f6d29edd0..1bc30e00b 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/gcp/AuthBackendRole.java +++ b/sdk/java/src/main/java/com/pulumi/vault/gcp/AuthBackendRole.java @@ -141,14 +141,14 @@ public Output> boundLabels() { return this.boundLabels; } /** - * GCP Projects that the role exists within + * An array of GCP project IDs. Only entities belonging to this project can authenticate under the role. * */ @Export(name="boundProjects", refs={List.class,String.class}, tree="[0,1]") private Output> boundProjects; /** - * @return GCP Projects that the role exists within + * @return An array of GCP project IDs. Only entities belonging to this project can authenticate under the role. * */ public Output>> boundProjects() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/gcp/AuthBackendRoleArgs.java b/sdk/java/src/main/java/com/pulumi/vault/gcp/AuthBackendRoleArgs.java index 2107487dd..4ca6a20cf 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/gcp/AuthBackendRoleArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/gcp/AuthBackendRoleArgs.java @@ -86,14 +86,14 @@ public Optional>> boundLabels() { } /** - * GCP Projects that the role exists within + * An array of GCP project IDs. Only entities belonging to this project can authenticate under the role. * */ @Import(name="boundProjects") private @Nullable Output> boundProjects; /** - * @return GCP Projects that the role exists within + * @return An array of GCP project IDs. Only entities belonging to this project can authenticate under the role. * */ public Optional>> boundProjects() { @@ -539,7 +539,7 @@ public Builder boundLabels(String... boundLabels) { } /** - * @param boundProjects GCP Projects that the role exists within + * @param boundProjects An array of GCP project IDs. Only entities belonging to this project can authenticate under the role. * * @return builder * @@ -550,7 +550,7 @@ public Builder boundProjects(@Nullable Output> boundProjects) { } /** - * @param boundProjects GCP Projects that the role exists within + * @param boundProjects An array of GCP project IDs. Only entities belonging to this project can authenticate under the role. * * @return builder * @@ -560,7 +560,7 @@ public Builder boundProjects(List boundProjects) { } /** - * @param boundProjects GCP Projects that the role exists within + * @param boundProjects An array of GCP project IDs. Only entities belonging to this project can authenticate under the role. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/gcp/SecretBackend.java b/sdk/java/src/main/java/com/pulumi/vault/gcp/SecretBackend.java index abdb7e94f..ef2ff7ae5 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/gcp/SecretBackend.java +++ b/sdk/java/src/main/java/com/pulumi/vault/gcp/SecretBackend.java @@ -52,14 +52,14 @@ @ResourceType(type="vault:gcp/secretBackend:SecretBackend") public class SecretBackend extends com.pulumi.resources.CustomResource { /** - * The GCP service account credentials in JSON format. + * JSON-encoded credentials to use to connect to GCP * */ @Export(name="credentials", refs={String.class}, tree="[0]") private Output credentials; /** - * @return The GCP service account credentials in JSON format. + * @return JSON-encoded credentials to use to connect to GCP * */ public Output> credentials() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/gcp/SecretBackendArgs.java b/sdk/java/src/main/java/com/pulumi/vault/gcp/SecretBackendArgs.java index 3b63e0a6f..a3ab8fbe9 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/gcp/SecretBackendArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/gcp/SecretBackendArgs.java @@ -18,14 +18,14 @@ public final class SecretBackendArgs extends com.pulumi.resources.ResourceArgs { public static final SecretBackendArgs Empty = new SecretBackendArgs(); /** - * The GCP service account credentials in JSON format. + * JSON-encoded credentials to use to connect to GCP * */ @Import(name="credentials") private @Nullable Output credentials; /** - * @return The GCP service account credentials in JSON format. + * @return JSON-encoded credentials to use to connect to GCP * */ public Optional> credentials() { @@ -183,7 +183,7 @@ public Builder(SecretBackendArgs defaults) { } /** - * @param credentials The GCP service account credentials in JSON format. + * @param credentials JSON-encoded credentials to use to connect to GCP * * @return builder * @@ -194,7 +194,7 @@ public Builder credentials(@Nullable Output credentials) { } /** - * @param credentials The GCP service account credentials in JSON format. + * @param credentials JSON-encoded credentials to use to connect to GCP * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/gcp/SecretRoleset.java b/sdk/java/src/main/java/com/pulumi/vault/gcp/SecretRoleset.java index 4a93c24e7..6de89ad82 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/gcp/SecretRoleset.java +++ b/sdk/java/src/main/java/com/pulumi/vault/gcp/SecretRoleset.java @@ -171,14 +171,14 @@ public Output secretType() { return this.secretType; } /** - * Email of the service account created by Vault for this Roleset + * Email of the service account created by Vault for this Roleset. * */ @Export(name="serviceAccountEmail", refs={String.class}, tree="[0]") private Output serviceAccountEmail; /** - * @return Email of the service account created by Vault for this Roleset + * @return Email of the service account created by Vault for this Roleset. * */ public Output serviceAccountEmail() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/gcp/inputs/AuthBackendCustomEndpointArgs.java b/sdk/java/src/main/java/com/pulumi/vault/gcp/inputs/AuthBackendCustomEndpointArgs.java index d29a22cae..c007a486e 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/gcp/inputs/AuthBackendCustomEndpointArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/gcp/inputs/AuthBackendCustomEndpointArgs.java @@ -33,6 +33,11 @@ public Optional> api() { /** * Replaces the service endpoint used in API requests to `https://compute.googleapis.com`. * + * The endpoint value provided for a given key has the form of `scheme://host:port`. + * The `scheme://` and `:port` portions of the endpoint value are optional. + * + * For more details on the usage of each argument consult the [Vault GCP API documentation](https://www.vaultproject.io/api-docs/auth/gcp#configure). + * */ @Import(name="compute") private @Nullable Output compute; @@ -40,6 +45,11 @@ public Optional> api() { /** * @return Replaces the service endpoint used in API requests to `https://compute.googleapis.com`. * + * The endpoint value provided for a given key has the form of `scheme://host:port`. + * The `scheme://` and `:port` portions of the endpoint value are optional. + * + * For more details on the usage of each argument consult the [Vault GCP API documentation](https://www.vaultproject.io/api-docs/auth/gcp#configure). + * */ public Optional> compute() { return Optional.ofNullable(this.compute); @@ -126,6 +136,11 @@ public Builder api(String api) { /** * @param compute Replaces the service endpoint used in API requests to `https://compute.googleapis.com`. * + * The endpoint value provided for a given key has the form of `scheme://host:port`. + * The `scheme://` and `:port` portions of the endpoint value are optional. + * + * For more details on the usage of each argument consult the [Vault GCP API documentation](https://www.vaultproject.io/api-docs/auth/gcp#configure). + * * @return builder * */ @@ -137,6 +152,11 @@ public Builder compute(@Nullable Output compute) { /** * @param compute Replaces the service endpoint used in API requests to `https://compute.googleapis.com`. * + * The endpoint value provided for a given key has the form of `scheme://host:port`. + * The `scheme://` and `:port` portions of the endpoint value are optional. + * + * For more details on the usage of each argument consult the [Vault GCP API documentation](https://www.vaultproject.io/api-docs/auth/gcp#configure). + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/gcp/inputs/AuthBackendRoleState.java b/sdk/java/src/main/java/com/pulumi/vault/gcp/inputs/AuthBackendRoleState.java index e371687e4..bacdeedb2 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/gcp/inputs/AuthBackendRoleState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/gcp/inputs/AuthBackendRoleState.java @@ -86,14 +86,14 @@ public Optional>> boundLabels() { } /** - * GCP Projects that the role exists within + * An array of GCP project IDs. Only entities belonging to this project can authenticate under the role. * */ @Import(name="boundProjects") private @Nullable Output> boundProjects; /** - * @return GCP Projects that the role exists within + * @return An array of GCP project IDs. Only entities belonging to this project can authenticate under the role. * */ public Optional>> boundProjects() { @@ -539,7 +539,7 @@ public Builder boundLabels(String... boundLabels) { } /** - * @param boundProjects GCP Projects that the role exists within + * @param boundProjects An array of GCP project IDs. Only entities belonging to this project can authenticate under the role. * * @return builder * @@ -550,7 +550,7 @@ public Builder boundProjects(@Nullable Output> boundProjects) { } /** - * @param boundProjects GCP Projects that the role exists within + * @param boundProjects An array of GCP project IDs. Only entities belonging to this project can authenticate under the role. * * @return builder * @@ -560,7 +560,7 @@ public Builder boundProjects(List boundProjects) { } /** - * @param boundProjects GCP Projects that the role exists within + * @param boundProjects An array of GCP project IDs. Only entities belonging to this project can authenticate under the role. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/gcp/inputs/AuthBackendState.java b/sdk/java/src/main/java/com/pulumi/vault/gcp/inputs/AuthBackendState.java index 9ffcfbdf8..8af9d9ff9 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/gcp/inputs/AuthBackendState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/gcp/inputs/AuthBackendState.java @@ -84,6 +84,8 @@ public Optional> credentials() { * to target alternative service endpoints for use in [Private Google Access](https://cloud.google.com/vpc/docs/configure-private-google-access) * environments. Requires Vault 1.11+. * + * Overrides are set at the subdomain level using the following keys: + * */ @Import(name="customEndpoint") private @Nullable Output customEndpoint; @@ -95,6 +97,8 @@ public Optional> credentials() { * to target alternative service endpoints for use in [Private Google Access](https://cloud.google.com/vpc/docs/configure-private-google-access) * environments. Requires Vault 1.11+. * + * Overrides are set at the subdomain level using the following keys: + * */ public Optional> customEndpoint() { return Optional.ofNullable(this.customEndpoint); @@ -339,6 +343,8 @@ public Builder credentials(String credentials) { * to target alternative service endpoints for use in [Private Google Access](https://cloud.google.com/vpc/docs/configure-private-google-access) * environments. Requires Vault 1.11+. * + * Overrides are set at the subdomain level using the following keys: + * * @return builder * */ @@ -354,6 +360,8 @@ public Builder customEndpoint(@Nullable Output cu * to target alternative service endpoints for use in [Private Google Access](https://cloud.google.com/vpc/docs/configure-private-google-access) * environments. Requires Vault 1.11+. * + * Overrides are set at the subdomain level using the following keys: + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/gcp/inputs/SecretBackendState.java b/sdk/java/src/main/java/com/pulumi/vault/gcp/inputs/SecretBackendState.java index 672f6815d..ef86b88fb 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/gcp/inputs/SecretBackendState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/gcp/inputs/SecretBackendState.java @@ -18,14 +18,14 @@ public final class SecretBackendState extends com.pulumi.resources.ResourceArgs public static final SecretBackendState Empty = new SecretBackendState(); /** - * The GCP service account credentials in JSON format. + * JSON-encoded credentials to use to connect to GCP * */ @Import(name="credentials") private @Nullable Output credentials; /** - * @return The GCP service account credentials in JSON format. + * @return JSON-encoded credentials to use to connect to GCP * */ public Optional> credentials() { @@ -183,7 +183,7 @@ public Builder(SecretBackendState defaults) { } /** - * @param credentials The GCP service account credentials in JSON format. + * @param credentials JSON-encoded credentials to use to connect to GCP * * @return builder * @@ -194,7 +194,7 @@ public Builder credentials(@Nullable Output credentials) { } /** - * @param credentials The GCP service account credentials in JSON format. + * @param credentials JSON-encoded credentials to use to connect to GCP * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/gcp/inputs/SecretRolesetState.java b/sdk/java/src/main/java/com/pulumi/vault/gcp/inputs/SecretRolesetState.java index 0ee510fe1..cba4c0731 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/gcp/inputs/SecretRolesetState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/gcp/inputs/SecretRolesetState.java @@ -114,14 +114,14 @@ public Optional> secretType() { } /** - * Email of the service account created by Vault for this Roleset + * Email of the service account created by Vault for this Roleset. * */ @Import(name="serviceAccountEmail") private @Nullable Output serviceAccountEmail; /** - * @return Email of the service account created by Vault for this Roleset + * @return Email of the service account created by Vault for this Roleset. * */ public Optional> serviceAccountEmail() { @@ -317,7 +317,7 @@ public Builder secretType(String secretType) { } /** - * @param serviceAccountEmail Email of the service account created by Vault for this Roleset + * @param serviceAccountEmail Email of the service account created by Vault for this Roleset. * * @return builder * @@ -328,7 +328,7 @@ public Builder serviceAccountEmail(@Nullable Output serviceAccountEmail) } /** - * @param serviceAccountEmail Email of the service account created by Vault for this Roleset + * @param serviceAccountEmail Email of the service account created by Vault for this Roleset. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/gcp/outputs/AuthBackendCustomEndpoint.java b/sdk/java/src/main/java/com/pulumi/vault/gcp/outputs/AuthBackendCustomEndpoint.java index 8294ab523..9deadff31 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/gcp/outputs/AuthBackendCustomEndpoint.java +++ b/sdk/java/src/main/java/com/pulumi/vault/gcp/outputs/AuthBackendCustomEndpoint.java @@ -19,6 +19,11 @@ public final class AuthBackendCustomEndpoint { /** * @return Replaces the service endpoint used in API requests to `https://compute.googleapis.com`. * + * The endpoint value provided for a given key has the form of `scheme://host:port`. + * The `scheme://` and `:port` portions of the endpoint value are optional. + * + * For more details on the usage of each argument consult the [Vault GCP API documentation](https://www.vaultproject.io/api-docs/auth/gcp#configure). + * */ private @Nullable String compute; /** @@ -43,6 +48,11 @@ public Optional api() { /** * @return Replaces the service endpoint used in API requests to `https://compute.googleapis.com`. * + * The endpoint value provided for a given key has the form of `scheme://host:port`. + * The `scheme://` and `:port` portions of the endpoint value are optional. + * + * For more details on the usage of each argument consult the [Vault GCP API documentation](https://www.vaultproject.io/api-docs/auth/gcp#configure). + * */ public Optional compute() { return Optional.ofNullable(this.compute); diff --git a/sdk/java/src/main/java/com/pulumi/vault/generic/Endpoint.java b/sdk/java/src/main/java/com/pulumi/vault/generic/Endpoint.java index 293a1c6b5..627e4ef27 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/generic/Endpoint.java +++ b/sdk/java/src/main/java/com/pulumi/vault/generic/Endpoint.java @@ -124,14 +124,18 @@ public Output dataJson() { return this.dataJson; } /** - * Don't attempt to delete the path from Vault if true + * - (Optional) True/false. Set this to true if your + * vault authentication is not able to delete the data or if the endpoint + * does not support the `DELETE` method. Defaults to false. * */ @Export(name="disableDelete", refs={Boolean.class}, tree="[0]") private Output disableDelete; /** - * @return Don't attempt to delete the path from Vault if true + * @return - (Optional) True/false. Set this to true if your + * vault authentication is not able to delete the data or if the endpoint + * does not support the `DELETE` method. Defaults to false. * */ public Output> disableDelete() { @@ -160,14 +164,26 @@ public Output> disableRead() { return Codegen.optional(this.disableRead); } /** - * When reading, disregard fields not present in data_json + * - (Optional) True/false. If set to true, + * ignore any fields present when the endpoint is read but that were not + * in `data_json`. Also, if a field that was written is not returned when + * the endpoint is read, treat that field as being up to date. You should + * set this to `true` when writing to endpoint that, when read, returns a + * different set of fields from the ones you wrote, as is common with + * many configuration endpoints. Defaults to false. * */ @Export(name="ignoreAbsentFields", refs={Boolean.class}, tree="[0]") private Output ignoreAbsentFields; /** - * @return When reading, disregard fields not present in data_json + * @return - (Optional) True/false. If set to true, + * ignore any fields present when the endpoint is read but that were not + * in `data_json`. Also, if a field that was written is not returned when + * the endpoint is read, treat that field as being up to date. You should + * set this to `true` when writing to endpoint that, when read, returns a + * different set of fields from the ones you wrote, as is common with + * many configuration endpoints. Defaults to false. * */ public Output> ignoreAbsentFields() { @@ -214,42 +230,64 @@ public Output path() { return this.path; } /** - * Map of strings returned by write operation + * - A map whose keys are the top-level data keys + * returned from Vault by the write operation and whose values are the + * corresponding values. This map can only represent string data, so + * any non-string values returned from Vault are serialized as JSON. + * Only fields set in `write_fields` are present in the JSON data. * */ @Export(name="writeData", refs={Map.class,String.class}, tree="[0,1,1]") private Output> writeData; /** - * @return Map of strings returned by write operation + * @return - A map whose keys are the top-level data keys + * returned from Vault by the write operation and whose values are the + * corresponding values. This map can only represent string data, so + * any non-string values returned from Vault are serialized as JSON. + * Only fields set in `write_fields` are present in the JSON data. * */ public Output> writeData() { return this.writeData; } /** - * JSON data returned by write operation + * - The JSON data returned by the write operation. + * Only fields set in `write_fields` are present in the JSON data. * */ @Export(name="writeDataJson", refs={String.class}, tree="[0]") private Output writeDataJson; /** - * @return JSON data returned by write operation + * @return - The JSON data returned by the write operation. + * Only fields set in `write_fields` are present in the JSON data. * */ public Output writeDataJson() { return this.writeDataJson; } /** - * Top-level fields returned by write to persist in state + * - (Optional). A list of fields that should be returned + * in `write_data_json` and `write_data`. If omitted, data returned by + * the write operation is not available to the resource or included in + * state. This helps to avoid accidental storage of sensitive values in + * state. Some endpoints, such as many dynamic secrets endpoints, return + * data from writing to an endpoint rather than reading it. You should + * use `write_fields` if you need information returned in this way. * */ @Export(name="writeFields", refs={List.class,String.class}, tree="[0,1]") private Output> writeFields; /** - * @return Top-level fields returned by write to persist in state + * @return - (Optional). A list of fields that should be returned + * in `write_data_json` and `write_data`. If omitted, data returned by + * the write operation is not available to the resource or included in + * state. This helps to avoid accidental storage of sensitive values in + * state. Some endpoints, such as many dynamic secrets endpoints, return + * data from writing to an endpoint rather than reading it. You should + * use `write_fields` if you need information returned in this way. * */ public Output>> writeFields() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/generic/EndpointArgs.java b/sdk/java/src/main/java/com/pulumi/vault/generic/EndpointArgs.java index c7704d552..749ba93d3 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/generic/EndpointArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/generic/EndpointArgs.java @@ -35,14 +35,18 @@ public Output dataJson() { } /** - * Don't attempt to delete the path from Vault if true + * - (Optional) True/false. Set this to true if your + * vault authentication is not able to delete the data or if the endpoint + * does not support the `DELETE` method. Defaults to false. * */ @Import(name="disableDelete") private @Nullable Output disableDelete; /** - * @return Don't attempt to delete the path from Vault if true + * @return - (Optional) True/false. Set this to true if your + * vault authentication is not able to delete the data or if the endpoint + * does not support the `DELETE` method. Defaults to false. * */ public Optional> disableDelete() { @@ -73,14 +77,26 @@ public Optional> disableRead() { } /** - * When reading, disregard fields not present in data_json + * - (Optional) True/false. If set to true, + * ignore any fields present when the endpoint is read but that were not + * in `data_json`. Also, if a field that was written is not returned when + * the endpoint is read, treat that field as being up to date. You should + * set this to `true` when writing to endpoint that, when read, returns a + * different set of fields from the ones you wrote, as is common with + * many configuration endpoints. Defaults to false. * */ @Import(name="ignoreAbsentFields") private @Nullable Output ignoreAbsentFields; /** - * @return When reading, disregard fields not present in data_json + * @return - (Optional) True/false. If set to true, + * ignore any fields present when the endpoint is read but that were not + * in `data_json`. Also, if a field that was written is not returned when + * the endpoint is read, treat that field as being up to date. You should + * set this to `true` when writing to endpoint that, when read, returns a + * different set of fields from the ones you wrote, as is common with + * many configuration endpoints. Defaults to false. * */ public Optional> ignoreAbsentFields() { @@ -130,14 +146,26 @@ public Output path() { } /** - * Top-level fields returned by write to persist in state + * - (Optional). A list of fields that should be returned + * in `write_data_json` and `write_data`. If omitted, data returned by + * the write operation is not available to the resource or included in + * state. This helps to avoid accidental storage of sensitive values in + * state. Some endpoints, such as many dynamic secrets endpoints, return + * data from writing to an endpoint rather than reading it. You should + * use `write_fields` if you need information returned in this way. * */ @Import(name="writeFields") private @Nullable Output> writeFields; /** - * @return Top-level fields returned by write to persist in state + * @return - (Optional). A list of fields that should be returned + * in `write_data_json` and `write_data`. If omitted, data returned by + * the write operation is not available to the resource or included in + * state. This helps to avoid accidental storage of sensitive values in + * state. Some endpoints, such as many dynamic secrets endpoints, return + * data from writing to an endpoint rather than reading it. You should + * use `write_fields` if you need information returned in this way. * */ public Optional>> writeFields() { @@ -198,7 +226,9 @@ public Builder dataJson(String dataJson) { } /** - * @param disableDelete Don't attempt to delete the path from Vault if true + * @param disableDelete - (Optional) True/false. Set this to true if your + * vault authentication is not able to delete the data or if the endpoint + * does not support the `DELETE` method. Defaults to false. * * @return builder * @@ -209,7 +239,9 @@ public Builder disableDelete(@Nullable Output disableDelete) { } /** - * @param disableDelete Don't attempt to delete the path from Vault if true + * @param disableDelete - (Optional) True/false. Set this to true if your + * vault authentication is not able to delete the data or if the endpoint + * does not support the `DELETE` method. Defaults to false. * * @return builder * @@ -248,7 +280,13 @@ public Builder disableRead(Boolean disableRead) { } /** - * @param ignoreAbsentFields When reading, disregard fields not present in data_json + * @param ignoreAbsentFields - (Optional) True/false. If set to true, + * ignore any fields present when the endpoint is read but that were not + * in `data_json`. Also, if a field that was written is not returned when + * the endpoint is read, treat that field as being up to date. You should + * set this to `true` when writing to endpoint that, when read, returns a + * different set of fields from the ones you wrote, as is common with + * many configuration endpoints. Defaults to false. * * @return builder * @@ -259,7 +297,13 @@ public Builder ignoreAbsentFields(@Nullable Output ignoreAbsentFields) } /** - * @param ignoreAbsentFields When reading, disregard fields not present in data_json + * @param ignoreAbsentFields - (Optional) True/false. If set to true, + * ignore any fields present when the endpoint is read but that were not + * in `data_json`. Also, if a field that was written is not returned when + * the endpoint is read, treat that field as being up to date. You should + * set this to `true` when writing to endpoint that, when read, returns a + * different set of fields from the ones you wrote, as is common with + * many configuration endpoints. Defaults to false. * * @return builder * @@ -323,7 +367,13 @@ public Builder path(String path) { } /** - * @param writeFields Top-level fields returned by write to persist in state + * @param writeFields - (Optional). A list of fields that should be returned + * in `write_data_json` and `write_data`. If omitted, data returned by + * the write operation is not available to the resource or included in + * state. This helps to avoid accidental storage of sensitive values in + * state. Some endpoints, such as many dynamic secrets endpoints, return + * data from writing to an endpoint rather than reading it. You should + * use `write_fields` if you need information returned in this way. * * @return builder * @@ -334,7 +384,13 @@ public Builder writeFields(@Nullable Output> writeFields) { } /** - * @param writeFields Top-level fields returned by write to persist in state + * @param writeFields - (Optional). A list of fields that should be returned + * in `write_data_json` and `write_data`. If omitted, data returned by + * the write operation is not available to the resource or included in + * state. This helps to avoid accidental storage of sensitive values in + * state. Some endpoints, such as many dynamic secrets endpoints, return + * data from writing to an endpoint rather than reading it. You should + * use `write_fields` if you need information returned in this way. * * @return builder * @@ -344,7 +400,13 @@ public Builder writeFields(List writeFields) { } /** - * @param writeFields Top-level fields returned by write to persist in state + * @param writeFields - (Optional). A list of fields that should be returned + * in `write_data_json` and `write_data`. If omitted, data returned by + * the write operation is not available to the resource or included in + * state. This helps to avoid accidental storage of sensitive values in + * state. Some endpoints, such as many dynamic secrets endpoints, return + * data from writing to an endpoint rather than reading it. You should + * use `write_fields` if you need information returned in this way. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/generic/inputs/EndpointState.java b/sdk/java/src/main/java/com/pulumi/vault/generic/inputs/EndpointState.java index 775f54791..c92052eca 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/generic/inputs/EndpointState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/generic/inputs/EndpointState.java @@ -36,14 +36,18 @@ public Optional> dataJson() { } /** - * Don't attempt to delete the path from Vault if true + * - (Optional) True/false. Set this to true if your + * vault authentication is not able to delete the data or if the endpoint + * does not support the `DELETE` method. Defaults to false. * */ @Import(name="disableDelete") private @Nullable Output disableDelete; /** - * @return Don't attempt to delete the path from Vault if true + * @return - (Optional) True/false. Set this to true if your + * vault authentication is not able to delete the data or if the endpoint + * does not support the `DELETE` method. Defaults to false. * */ public Optional> disableDelete() { @@ -74,14 +78,26 @@ public Optional> disableRead() { } /** - * When reading, disregard fields not present in data_json + * - (Optional) True/false. If set to true, + * ignore any fields present when the endpoint is read but that were not + * in `data_json`. Also, if a field that was written is not returned when + * the endpoint is read, treat that field as being up to date. You should + * set this to `true` when writing to endpoint that, when read, returns a + * different set of fields from the ones you wrote, as is common with + * many configuration endpoints. Defaults to false. * */ @Import(name="ignoreAbsentFields") private @Nullable Output ignoreAbsentFields; /** - * @return When reading, disregard fields not present in data_json + * @return - (Optional) True/false. If set to true, + * ignore any fields present when the endpoint is read but that were not + * in `data_json`. Also, if a field that was written is not returned when + * the endpoint is read, treat that field as being up to date. You should + * set this to `true` when writing to endpoint that, when read, returns a + * different set of fields from the ones you wrote, as is common with + * many configuration endpoints. Defaults to false. * */ public Optional> ignoreAbsentFields() { @@ -131,14 +147,22 @@ public Optional> path() { } /** - * Map of strings returned by write operation + * - A map whose keys are the top-level data keys + * returned from Vault by the write operation and whose values are the + * corresponding values. This map can only represent string data, so + * any non-string values returned from Vault are serialized as JSON. + * Only fields set in `write_fields` are present in the JSON data. * */ @Import(name="writeData") private @Nullable Output> writeData; /** - * @return Map of strings returned by write operation + * @return - A map whose keys are the top-level data keys + * returned from Vault by the write operation and whose values are the + * corresponding values. This map can only represent string data, so + * any non-string values returned from Vault are serialized as JSON. + * Only fields set in `write_fields` are present in the JSON data. * */ public Optional>> writeData() { @@ -146,14 +170,16 @@ public Optional>> writeData() { } /** - * JSON data returned by write operation + * - The JSON data returned by the write operation. + * Only fields set in `write_fields` are present in the JSON data. * */ @Import(name="writeDataJson") private @Nullable Output writeDataJson; /** - * @return JSON data returned by write operation + * @return - The JSON data returned by the write operation. + * Only fields set in `write_fields` are present in the JSON data. * */ public Optional> writeDataJson() { @@ -161,14 +187,26 @@ public Optional> writeDataJson() { } /** - * Top-level fields returned by write to persist in state + * - (Optional). A list of fields that should be returned + * in `write_data_json` and `write_data`. If omitted, data returned by + * the write operation is not available to the resource or included in + * state. This helps to avoid accidental storage of sensitive values in + * state. Some endpoints, such as many dynamic secrets endpoints, return + * data from writing to an endpoint rather than reading it. You should + * use `write_fields` if you need information returned in this way. * */ @Import(name="writeFields") private @Nullable Output> writeFields; /** - * @return Top-level fields returned by write to persist in state + * @return - (Optional). A list of fields that should be returned + * in `write_data_json` and `write_data`. If omitted, data returned by + * the write operation is not available to the resource or included in + * state. This helps to avoid accidental storage of sensitive values in + * state. Some endpoints, such as many dynamic secrets endpoints, return + * data from writing to an endpoint rather than reading it. You should + * use `write_fields` if you need information returned in this way. * */ public Optional>> writeFields() { @@ -231,7 +269,9 @@ public Builder dataJson(String dataJson) { } /** - * @param disableDelete Don't attempt to delete the path from Vault if true + * @param disableDelete - (Optional) True/false. Set this to true if your + * vault authentication is not able to delete the data or if the endpoint + * does not support the `DELETE` method. Defaults to false. * * @return builder * @@ -242,7 +282,9 @@ public Builder disableDelete(@Nullable Output disableDelete) { } /** - * @param disableDelete Don't attempt to delete the path from Vault if true + * @param disableDelete - (Optional) True/false. Set this to true if your + * vault authentication is not able to delete the data or if the endpoint + * does not support the `DELETE` method. Defaults to false. * * @return builder * @@ -281,7 +323,13 @@ public Builder disableRead(Boolean disableRead) { } /** - * @param ignoreAbsentFields When reading, disregard fields not present in data_json + * @param ignoreAbsentFields - (Optional) True/false. If set to true, + * ignore any fields present when the endpoint is read but that were not + * in `data_json`. Also, if a field that was written is not returned when + * the endpoint is read, treat that field as being up to date. You should + * set this to `true` when writing to endpoint that, when read, returns a + * different set of fields from the ones you wrote, as is common with + * many configuration endpoints. Defaults to false. * * @return builder * @@ -292,7 +340,13 @@ public Builder ignoreAbsentFields(@Nullable Output ignoreAbsentFields) } /** - * @param ignoreAbsentFields When reading, disregard fields not present in data_json + * @param ignoreAbsentFields - (Optional) True/false. If set to true, + * ignore any fields present when the endpoint is read but that were not + * in `data_json`. Also, if a field that was written is not returned when + * the endpoint is read, treat that field as being up to date. You should + * set this to `true` when writing to endpoint that, when read, returns a + * different set of fields from the ones you wrote, as is common with + * many configuration endpoints. Defaults to false. * * @return builder * @@ -356,7 +410,11 @@ public Builder path(String path) { } /** - * @param writeData Map of strings returned by write operation + * @param writeData - A map whose keys are the top-level data keys + * returned from Vault by the write operation and whose values are the + * corresponding values. This map can only represent string data, so + * any non-string values returned from Vault are serialized as JSON. + * Only fields set in `write_fields` are present in the JSON data. * * @return builder * @@ -367,7 +425,11 @@ public Builder writeData(@Nullable Output> writeData) { } /** - * @param writeData Map of strings returned by write operation + * @param writeData - A map whose keys are the top-level data keys + * returned from Vault by the write operation and whose values are the + * corresponding values. This map can only represent string data, so + * any non-string values returned from Vault are serialized as JSON. + * Only fields set in `write_fields` are present in the JSON data. * * @return builder * @@ -377,7 +439,8 @@ public Builder writeData(Map writeData) { } /** - * @param writeDataJson JSON data returned by write operation + * @param writeDataJson - The JSON data returned by the write operation. + * Only fields set in `write_fields` are present in the JSON data. * * @return builder * @@ -388,7 +451,8 @@ public Builder writeDataJson(@Nullable Output writeDataJson) { } /** - * @param writeDataJson JSON data returned by write operation + * @param writeDataJson - The JSON data returned by the write operation. + * Only fields set in `write_fields` are present in the JSON data. * * @return builder * @@ -398,7 +462,13 @@ public Builder writeDataJson(String writeDataJson) { } /** - * @param writeFields Top-level fields returned by write to persist in state + * @param writeFields - (Optional). A list of fields that should be returned + * in `write_data_json` and `write_data`. If omitted, data returned by + * the write operation is not available to the resource or included in + * state. This helps to avoid accidental storage of sensitive values in + * state. Some endpoints, such as many dynamic secrets endpoints, return + * data from writing to an endpoint rather than reading it. You should + * use `write_fields` if you need information returned in this way. * * @return builder * @@ -409,7 +479,13 @@ public Builder writeFields(@Nullable Output> writeFields) { } /** - * @param writeFields Top-level fields returned by write to persist in state + * @param writeFields - (Optional). A list of fields that should be returned + * in `write_data_json` and `write_data`. If omitted, data returned by + * the write operation is not available to the resource or included in + * state. This helps to avoid accidental storage of sensitive values in + * state. Some endpoints, such as many dynamic secrets endpoints, return + * data from writing to an endpoint rather than reading it. You should + * use `write_fields` if you need information returned in this way. * * @return builder * @@ -419,7 +495,13 @@ public Builder writeFields(List writeFields) { } /** - * @param writeFields Top-level fields returned by write to persist in state + * @param writeFields - (Optional). A list of fields that should be returned + * in `write_data_json` and `write_data`. If omitted, data returned by + * the write operation is not available to the resource or included in + * state. This helps to avoid accidental storage of sensitive values in + * state. Some endpoints, such as many dynamic secrets endpoints, return + * data from writing to an endpoint rather than reading it. You should + * use `write_fields` if you need information returned in this way. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/generic/inputs/GetSecretArgs.java b/sdk/java/src/main/java/com/pulumi/vault/generic/inputs/GetSecretArgs.java index 4953d6a23..ae9c8f744 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/generic/inputs/GetSecretArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/generic/inputs/GetSecretArgs.java @@ -80,9 +80,21 @@ public Optional> version() { return Optional.ofNullable(this.version); } + /** + * If set to true, stores `lease_start_time` in the TF state. + * Note that storing the `lease_start_time` in the TF state will cause a persistent drift + * on every `pulumi preview` and will require a `pulumi up`. + * + */ @Import(name="withLeaseStartTime") private @Nullable Output withLeaseStartTime; + /** + * @return If set to true, stores `lease_start_time` in the TF state. + * Note that storing the `lease_start_time` in the TF state will cause a persistent drift + * on every `pulumi preview` and will require a `pulumi up`. + * + */ public Optional> withLeaseStartTime() { return Optional.ofNullable(this.withLeaseStartTime); } @@ -195,11 +207,27 @@ public Builder version(Integer version) { return version(Output.of(version)); } + /** + * @param withLeaseStartTime If set to true, stores `lease_start_time` in the TF state. + * Note that storing the `lease_start_time` in the TF state will cause a persistent drift + * on every `pulumi preview` and will require a `pulumi up`. + * + * @return builder + * + */ public Builder withLeaseStartTime(@Nullable Output withLeaseStartTime) { $.withLeaseStartTime = withLeaseStartTime; return this; } + /** + * @param withLeaseStartTime If set to true, stores `lease_start_time` in the TF state. + * Note that storing the `lease_start_time` in the TF state will cause a persistent drift + * on every `pulumi preview` and will require a `pulumi up`. + * + * @return builder + * + */ public Builder withLeaseStartTime(Boolean withLeaseStartTime) { return withLeaseStartTime(Output.of(withLeaseStartTime)); } diff --git a/sdk/java/src/main/java/com/pulumi/vault/generic/inputs/GetSecretPlainArgs.java b/sdk/java/src/main/java/com/pulumi/vault/generic/inputs/GetSecretPlainArgs.java index afd773275..bdc22091b 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/generic/inputs/GetSecretPlainArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/generic/inputs/GetSecretPlainArgs.java @@ -79,9 +79,21 @@ public Optional version() { return Optional.ofNullable(this.version); } + /** + * If set to true, stores `lease_start_time` in the TF state. + * Note that storing the `lease_start_time` in the TF state will cause a persistent drift + * on every `pulumi preview` and will require a `pulumi up`. + * + */ @Import(name="withLeaseStartTime") private @Nullable Boolean withLeaseStartTime; + /** + * @return If set to true, stores `lease_start_time` in the TF state. + * Note that storing the `lease_start_time` in the TF state will cause a persistent drift + * on every `pulumi preview` and will require a `pulumi up`. + * + */ public Optional withLeaseStartTime() { return Optional.ofNullable(this.withLeaseStartTime); } @@ -155,6 +167,14 @@ public Builder version(@Nullable Integer version) { return this; } + /** + * @param withLeaseStartTime If set to true, stores `lease_start_time` in the TF state. + * Note that storing the `lease_start_time` in the TF state will cause a persistent drift + * on every `pulumi preview` and will require a `pulumi up`. + * + * @return builder + * + */ public Builder withLeaseStartTime(@Nullable Boolean withLeaseStartTime) { $.withLeaseStartTime = withLeaseStartTime; return this; diff --git a/sdk/java/src/main/java/com/pulumi/vault/github/AuthBackend.java b/sdk/java/src/main/java/com/pulumi/vault/github/AuthBackend.java index 9a3e2d6e6..742670f26 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/github/AuthBackend.java +++ b/sdk/java/src/main/java/com/pulumi/vault/github/AuthBackend.java @@ -349,6 +349,8 @@ public Output> tokenType() { /** * Extra configuration block. Structure is documented below. * + * The `tune` block is used to tune the auth backend: + * */ @Export(name="tune", refs={AuthBackendTune.class}, tree="[0]") private Output tune; @@ -356,6 +358,8 @@ public Output> tokenType() { /** * @return Extra configuration block. Structure is documented below. * + * The `tune` block is used to tune the auth backend: + * */ public Output tune() { return this.tune; diff --git a/sdk/java/src/main/java/com/pulumi/vault/github/AuthBackendArgs.java b/sdk/java/src/main/java/com/pulumi/vault/github/AuthBackendArgs.java index d55396cb6..969df3e37 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/github/AuthBackendArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/github/AuthBackendArgs.java @@ -306,6 +306,8 @@ public Optional> tokenType() { /** * Extra configuration block. Structure is documented below. * + * The `tune` block is used to tune the auth backend: + * */ @Import(name="tune") private @Nullable Output tune; @@ -313,6 +315,8 @@ public Optional> tokenType() { /** * @return Extra configuration block. Structure is documented below. * + * The `tune` block is used to tune the auth backend: + * */ public Optional> tune() { return Optional.ofNullable(this.tune); @@ -764,6 +768,8 @@ public Builder tokenType(String tokenType) { /** * @param tune Extra configuration block. Structure is documented below. * + * The `tune` block is used to tune the auth backend: + * * @return builder * */ @@ -775,6 +781,8 @@ public Builder tune(@Nullable Output tune) { /** * @param tune Extra configuration block. Structure is documented below. * + * The `tune` block is used to tune the auth backend: + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/github/inputs/AuthBackendState.java b/sdk/java/src/main/java/com/pulumi/vault/github/inputs/AuthBackendState.java index c7632a116..1d7dcd77f 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/github/inputs/AuthBackendState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/github/inputs/AuthBackendState.java @@ -321,6 +321,8 @@ public Optional> tokenType() { /** * Extra configuration block. Structure is documented below. * + * The `tune` block is used to tune the auth backend: + * */ @Import(name="tune") private @Nullable Output tune; @@ -328,6 +330,8 @@ public Optional> tokenType() { /** * @return Extra configuration block. Structure is documented below. * + * The `tune` block is used to tune the auth backend: + * */ public Optional> tune() { return Optional.ofNullable(this.tune); @@ -801,6 +805,8 @@ public Builder tokenType(String tokenType) { /** * @param tune Extra configuration block. Structure is documented below. * + * The `tune` block is used to tune the auth backend: + * * @return builder * */ @@ -812,6 +818,8 @@ public Builder tune(@Nullable Output tune) { /** * @param tune Extra configuration block. Structure is documented below. * + * The `tune` block is used to tune the auth backend: + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/identity/EntityPolicies.java b/sdk/java/src/main/java/com/pulumi/vault/identity/EntityPolicies.java index dc6333848..b1094beed 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/identity/EntityPolicies.java +++ b/sdk/java/src/main/java/com/pulumi/vault/identity/EntityPolicies.java @@ -139,6 +139,10 @@ public Output entityName() { /** * Defaults to `true`. * + * If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. + * */ @Export(name="exclusive", refs={Boolean.class}, tree="[0]") private Output exclusive; @@ -146,6 +150,10 @@ public Output entityName() { /** * @return Defaults to `true`. * + * If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. + * */ public Output> exclusive() { return Codegen.optional(this.exclusive); diff --git a/sdk/java/src/main/java/com/pulumi/vault/identity/EntityPoliciesArgs.java b/sdk/java/src/main/java/com/pulumi/vault/identity/EntityPoliciesArgs.java index af05c9062..7436361b8 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/identity/EntityPoliciesArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/identity/EntityPoliciesArgs.java @@ -35,6 +35,10 @@ public Output entityId() { /** * Defaults to `true`. * + * If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. + * */ @Import(name="exclusive") private @Nullable Output exclusive; @@ -42,6 +46,10 @@ public Output entityId() { /** * @return Defaults to `true`. * + * If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. + * */ public Optional> exclusive() { return Optional.ofNullable(this.exclusive); @@ -134,6 +142,10 @@ public Builder entityId(String entityId) { /** * @param exclusive Defaults to `true`. * + * If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. + * * @return builder * */ @@ -145,6 +157,10 @@ public Builder exclusive(@Nullable Output exclusive) { /** * @param exclusive Defaults to `true`. * + * If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/identity/GroupMemberEntityIds.java b/sdk/java/src/main/java/com/pulumi/vault/identity/GroupMemberEntityIds.java index c9c692639..18411d4fd 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/identity/GroupMemberEntityIds.java +++ b/sdk/java/src/main/java/com/pulumi/vault/identity/GroupMemberEntityIds.java @@ -123,6 +123,10 @@ public class GroupMemberEntityIds extends com.pulumi.resources.CustomResource { /** * Defaults to `true`. * + * If `true`, this resource will take exclusive control of the member entities that belong to the group and will set it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the member entities specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member entities specified in the resource are removed. + * */ @Export(name="exclusive", refs={Boolean.class}, tree="[0]") private Output exclusive; @@ -130,6 +134,10 @@ public class GroupMemberEntityIds extends com.pulumi.resources.CustomResource { /** * @return Defaults to `true`. * + * If `true`, this resource will take exclusive control of the member entities that belong to the group and will set it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the member entities specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member entities specified in the resource are removed. + * */ public Output> exclusive() { return Codegen.optional(this.exclusive); diff --git a/sdk/java/src/main/java/com/pulumi/vault/identity/GroupMemberEntityIdsArgs.java b/sdk/java/src/main/java/com/pulumi/vault/identity/GroupMemberEntityIdsArgs.java index 662b83a36..a7ca4a166 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/identity/GroupMemberEntityIdsArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/identity/GroupMemberEntityIdsArgs.java @@ -20,6 +20,10 @@ public final class GroupMemberEntityIdsArgs extends com.pulumi.resources.Resourc /** * Defaults to `true`. * + * If `true`, this resource will take exclusive control of the member entities that belong to the group and will set it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the member entities specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member entities specified in the resource are removed. + * */ @Import(name="exclusive") private @Nullable Output exclusive; @@ -27,6 +31,10 @@ public final class GroupMemberEntityIdsArgs extends com.pulumi.resources.Resourc /** * @return Defaults to `true`. * + * If `true`, this resource will take exclusive control of the member entities that belong to the group and will set it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the member entities specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member entities specified in the resource are removed. + * */ public Optional> exclusive() { return Optional.ofNullable(this.exclusive); @@ -113,6 +121,10 @@ public Builder(GroupMemberEntityIdsArgs defaults) { /** * @param exclusive Defaults to `true`. * + * If `true`, this resource will take exclusive control of the member entities that belong to the group and will set it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the member entities specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member entities specified in the resource are removed. + * * @return builder * */ @@ -124,6 +136,10 @@ public Builder exclusive(@Nullable Output exclusive) { /** * @param exclusive Defaults to `true`. * + * If `true`, this resource will take exclusive control of the member entities that belong to the group and will set it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the member entities specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member entities specified in the resource are removed. + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/identity/GroupMemberGroupIds.java b/sdk/java/src/main/java/com/pulumi/vault/identity/GroupMemberGroupIds.java index e04100766..86a6fbd0b 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/identity/GroupMemberGroupIds.java +++ b/sdk/java/src/main/java/com/pulumi/vault/identity/GroupMemberGroupIds.java @@ -115,6 +115,13 @@ public class GroupMemberGroupIds extends com.pulumi.resources.CustomResource { /** * Defaults to `true`. * + * If `true`, this resource will take exclusive control of the member groups that belong to the group and will set + * it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + * in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource + * are removed. + * */ @Export(name="exclusive", refs={Boolean.class}, tree="[0]") private Output exclusive; @@ -122,6 +129,13 @@ public class GroupMemberGroupIds extends com.pulumi.resources.CustomResource { /** * @return Defaults to `true`. * + * If `true`, this resource will take exclusive control of the member groups that belong to the group and will set + * it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + * in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource + * are removed. + * */ public Output> exclusive() { return Codegen.optional(this.exclusive); diff --git a/sdk/java/src/main/java/com/pulumi/vault/identity/GroupMemberGroupIdsArgs.java b/sdk/java/src/main/java/com/pulumi/vault/identity/GroupMemberGroupIdsArgs.java index d67ea1f9c..a5fc3840c 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/identity/GroupMemberGroupIdsArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/identity/GroupMemberGroupIdsArgs.java @@ -20,6 +20,13 @@ public final class GroupMemberGroupIdsArgs extends com.pulumi.resources.Resource /** * Defaults to `true`. * + * If `true`, this resource will take exclusive control of the member groups that belong to the group and will set + * it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + * in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource + * are removed. + * */ @Import(name="exclusive") private @Nullable Output exclusive; @@ -27,6 +34,13 @@ public final class GroupMemberGroupIdsArgs extends com.pulumi.resources.Resource /** * @return Defaults to `true`. * + * If `true`, this resource will take exclusive control of the member groups that belong to the group and will set + * it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + * in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource + * are removed. + * */ public Optional> exclusive() { return Optional.ofNullable(this.exclusive); @@ -113,6 +127,13 @@ public Builder(GroupMemberGroupIdsArgs defaults) { /** * @param exclusive Defaults to `true`. * + * If `true`, this resource will take exclusive control of the member groups that belong to the group and will set + * it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + * in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource + * are removed. + * * @return builder * */ @@ -124,6 +145,13 @@ public Builder exclusive(@Nullable Output exclusive) { /** * @param exclusive Defaults to `true`. * + * If `true`, this resource will take exclusive control of the member groups that belong to the group and will set + * it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + * in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource + * are removed. + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/identity/GroupPolicies.java b/sdk/java/src/main/java/com/pulumi/vault/identity/GroupPolicies.java index 048373dff..c4e9c9fe4 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/identity/GroupPolicies.java +++ b/sdk/java/src/main/java/com/pulumi/vault/identity/GroupPolicies.java @@ -115,6 +115,10 @@ public class GroupPolicies extends com.pulumi.resources.CustomResource { /** * Defaults to `true`. * + * If `true`, this resource will take exclusive control of the policies assigned to the group and will set it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the group. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. + * */ @Export(name="exclusive", refs={Boolean.class}, tree="[0]") private Output exclusive; @@ -122,6 +126,10 @@ public class GroupPolicies extends com.pulumi.resources.CustomResource { /** * @return Defaults to `true`. * + * If `true`, this resource will take exclusive control of the policies assigned to the group and will set it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the group. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. + * */ public Output> exclusive() { return Codegen.optional(this.exclusive); diff --git a/sdk/java/src/main/java/com/pulumi/vault/identity/GroupPoliciesArgs.java b/sdk/java/src/main/java/com/pulumi/vault/identity/GroupPoliciesArgs.java index 66b7c96ee..16a35a18c 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/identity/GroupPoliciesArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/identity/GroupPoliciesArgs.java @@ -20,6 +20,10 @@ public final class GroupPoliciesArgs extends com.pulumi.resources.ResourceArgs { /** * Defaults to `true`. * + * If `true`, this resource will take exclusive control of the policies assigned to the group and will set it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the group. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. + * */ @Import(name="exclusive") private @Nullable Output exclusive; @@ -27,6 +31,10 @@ public final class GroupPoliciesArgs extends com.pulumi.resources.ResourceArgs { /** * @return Defaults to `true`. * + * If `true`, this resource will take exclusive control of the policies assigned to the group and will set it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the group. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. + * */ public Optional> exclusive() { return Optional.ofNullable(this.exclusive); @@ -113,6 +121,10 @@ public Builder(GroupPoliciesArgs defaults) { /** * @param exclusive Defaults to `true`. * + * If `true`, this resource will take exclusive control of the policies assigned to the group and will set it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the group. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. + * * @return builder * */ @@ -124,6 +136,10 @@ public Builder exclusive(@Nullable Output exclusive) { /** * @param exclusive Defaults to `true`. * + * If `true`, this resource will take exclusive control of the policies assigned to the group and will set it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the group. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/identity/OidcKey.java b/sdk/java/src/main/java/com/pulumi/vault/identity/OidcKey.java index 7d270171a..6ad9f47b2 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/identity/OidcKey.java +++ b/sdk/java/src/main/java/com/pulumi/vault/identity/OidcKey.java @@ -62,7 +62,7 @@ * * ## Import * - * The key can be imported with the key name, for example + * The key can be imported with the key name, for example: * * ```sh * $ pulumi import vault:identity/oidcKey:OidcKey key key @@ -88,16 +88,16 @@ public Output> algorithm() { return Codegen.optional(this.algorithm); } /** - * Array of role client ids allowed to use this key for signing. If empty, no roles are allowed. If "*", all roles are - * allowed. + * Array of role client ID allowed to use this key for signing. If + * empty, no roles are allowed. If `["*"]`, all roles are allowed. * */ @Export(name="allowedClientIds", refs={List.class,String.class}, tree="[0,1]") private Output> allowedClientIds; /** - * @return Array of role client ids allowed to use this key for signing. If empty, no roles are allowed. If "*", all roles are - * allowed. + * @return Array of role client ID allowed to use this key for signing. If + * empty, no roles are allowed. If `["*"]`, all roles are allowed. * */ public Output> allowedClientIds() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/identity/OidcKeyArgs.java b/sdk/java/src/main/java/com/pulumi/vault/identity/OidcKeyArgs.java index 2c5956c4f..1adbcc88f 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/identity/OidcKeyArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/identity/OidcKeyArgs.java @@ -35,16 +35,16 @@ public Optional> algorithm() { } /** - * Array of role client ids allowed to use this key for signing. If empty, no roles are allowed. If "*", all roles are - * allowed. + * Array of role client ID allowed to use this key for signing. If + * empty, no roles are allowed. If `["*"]`, all roles are allowed. * */ @Import(name="allowedClientIds") private @Nullable Output> allowedClientIds; /** - * @return Array of role client ids allowed to use this key for signing. If empty, no roles are allowed. If "*", all roles are - * allowed. + * @return Array of role client ID allowed to use this key for signing. If + * empty, no roles are allowed. If `["*"]`, all roles are allowed. * */ public Optional>> allowedClientIds() { @@ -172,8 +172,8 @@ public Builder algorithm(String algorithm) { } /** - * @param allowedClientIds Array of role client ids allowed to use this key for signing. If empty, no roles are allowed. If "*", all roles are - * allowed. + * @param allowedClientIds Array of role client ID allowed to use this key for signing. If + * empty, no roles are allowed. If `["*"]`, all roles are allowed. * * @return builder * @@ -184,8 +184,8 @@ public Builder allowedClientIds(@Nullable Output> allowedClientIds) } /** - * @param allowedClientIds Array of role client ids allowed to use this key for signing. If empty, no roles are allowed. If "*", all roles are - * allowed. + * @param allowedClientIds Array of role client ID allowed to use this key for signing. If + * empty, no roles are allowed. If `["*"]`, all roles are allowed. * * @return builder * @@ -195,8 +195,8 @@ public Builder allowedClientIds(List allowedClientIds) { } /** - * @param allowedClientIds Array of role client ids allowed to use this key for signing. If empty, no roles are allowed. If "*", all roles are - * allowed. + * @param allowedClientIds Array of role client ID allowed to use this key for signing. If + * empty, no roles are allowed. If `["*"]`, all roles are allowed. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/identity/OidcRole.java b/sdk/java/src/main/java/com/pulumi/vault/identity/OidcRole.java index c593664d2..00f46d511 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/identity/OidcRole.java +++ b/sdk/java/src/main/java/com/pulumi/vault/identity/OidcRole.java @@ -107,7 +107,7 @@ * * ## Import * - * The key can be imported with the role name, for example + * The key can be imported with the role name, for example: * * ```sh * $ pulumi import vault:identity/oidcRole:OidcRole role role diff --git a/sdk/java/src/main/java/com/pulumi/vault/identity/inputs/EntityPoliciesState.java b/sdk/java/src/main/java/com/pulumi/vault/identity/inputs/EntityPoliciesState.java index 53afecab1..305efab0f 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/identity/inputs/EntityPoliciesState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/identity/inputs/EntityPoliciesState.java @@ -50,6 +50,10 @@ public Optional> entityName() { /** * Defaults to `true`. * + * If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. + * */ @Import(name="exclusive") private @Nullable Output exclusive; @@ -57,6 +61,10 @@ public Optional> entityName() { /** * @return Defaults to `true`. * + * If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. + * */ public Optional> exclusive() { return Optional.ofNullable(this.exclusive); @@ -171,6 +179,10 @@ public Builder entityName(String entityName) { /** * @param exclusive Defaults to `true`. * + * If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. + * * @return builder * */ @@ -182,6 +194,10 @@ public Builder exclusive(@Nullable Output exclusive) { /** * @param exclusive Defaults to `true`. * + * If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/identity/inputs/GetEntityArgs.java b/sdk/java/src/main/java/com/pulumi/vault/identity/inputs/GetEntityArgs.java index 179cd8498..aef8de065 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/identity/inputs/GetEntityArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/identity/inputs/GetEntityArgs.java @@ -34,6 +34,9 @@ public Optional> aliasId() { * Accessor of the mount to which the alias belongs to. * This should be supplied in conjunction with `alias_name`. * + * The lookup criteria can be `entity_name`, `entity_id`, `alias_id`, or a combination of + * `alias_name` and `alias_mount_accessor`. + * */ @Import(name="aliasMountAccessor") private @Nullable Output aliasMountAccessor; @@ -42,6 +45,9 @@ public Optional> aliasId() { * @return Accessor of the mount to which the alias belongs to. * This should be supplied in conjunction with `alias_name`. * + * The lookup criteria can be `entity_name`, `entity_id`, `alias_id`, or a combination of + * `alias_name` and `alias_mount_accessor`. + * */ public Optional> aliasMountAccessor() { return Optional.ofNullable(this.aliasMountAccessor); @@ -169,6 +175,9 @@ public Builder aliasId(String aliasId) { * @param aliasMountAccessor Accessor of the mount to which the alias belongs to. * This should be supplied in conjunction with `alias_name`. * + * The lookup criteria can be `entity_name`, `entity_id`, `alias_id`, or a combination of + * `alias_name` and `alias_mount_accessor`. + * * @return builder * */ @@ -181,6 +190,9 @@ public Builder aliasMountAccessor(@Nullable Output aliasMountAccessor) { * @param aliasMountAccessor Accessor of the mount to which the alias belongs to. * This should be supplied in conjunction with `alias_name`. * + * The lookup criteria can be `entity_name`, `entity_id`, `alias_id`, or a combination of + * `alias_name` and `alias_mount_accessor`. + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/identity/inputs/GetEntityPlainArgs.java b/sdk/java/src/main/java/com/pulumi/vault/identity/inputs/GetEntityPlainArgs.java index d1bc3f8d8..8248ab75c 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/identity/inputs/GetEntityPlainArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/identity/inputs/GetEntityPlainArgs.java @@ -33,6 +33,9 @@ public Optional aliasId() { * Accessor of the mount to which the alias belongs to. * This should be supplied in conjunction with `alias_name`. * + * The lookup criteria can be `entity_name`, `entity_id`, `alias_id`, or a combination of + * `alias_name` and `alias_mount_accessor`. + * */ @Import(name="aliasMountAccessor") private @Nullable String aliasMountAccessor; @@ -41,6 +44,9 @@ public Optional aliasId() { * @return Accessor of the mount to which the alias belongs to. * This should be supplied in conjunction with `alias_name`. * + * The lookup criteria can be `entity_name`, `entity_id`, `alias_id`, or a combination of + * `alias_name` and `alias_mount_accessor`. + * */ public Optional aliasMountAccessor() { return Optional.ofNullable(this.aliasMountAccessor); @@ -158,6 +164,9 @@ public Builder aliasId(@Nullable String aliasId) { * @param aliasMountAccessor Accessor of the mount to which the alias belongs to. * This should be supplied in conjunction with `alias_name`. * + * The lookup criteria can be `entity_name`, `entity_id`, `alias_id`, or a combination of + * `alias_name` and `alias_mount_accessor`. + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/identity/inputs/GetGroupArgs.java b/sdk/java/src/main/java/com/pulumi/vault/identity/inputs/GetGroupArgs.java index 627c9c61e..697591e61 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/identity/inputs/GetGroupArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/identity/inputs/GetGroupArgs.java @@ -34,6 +34,9 @@ public Optional> aliasId() { * Accessor of the mount to which the alias belongs to. * This should be supplied in conjunction with `alias_name`. * + * The lookup criteria can be `group_name`, `group_id`, `alias_id`, or a combination of + * `alias_name` and `alias_mount_accessor`. + * */ @Import(name="aliasMountAccessor") private @Nullable Output aliasMountAccessor; @@ -42,6 +45,9 @@ public Optional> aliasId() { * @return Accessor of the mount to which the alias belongs to. * This should be supplied in conjunction with `alias_name`. * + * The lookup criteria can be `group_name`, `group_id`, `alias_id`, or a combination of + * `alias_name` and `alias_mount_accessor`. + * */ public Optional> aliasMountAccessor() { return Optional.ofNullable(this.aliasMountAccessor); @@ -169,6 +175,9 @@ public Builder aliasId(String aliasId) { * @param aliasMountAccessor Accessor of the mount to which the alias belongs to. * This should be supplied in conjunction with `alias_name`. * + * The lookup criteria can be `group_name`, `group_id`, `alias_id`, or a combination of + * `alias_name` and `alias_mount_accessor`. + * * @return builder * */ @@ -181,6 +190,9 @@ public Builder aliasMountAccessor(@Nullable Output aliasMountAccessor) { * @param aliasMountAccessor Accessor of the mount to which the alias belongs to. * This should be supplied in conjunction with `alias_name`. * + * The lookup criteria can be `group_name`, `group_id`, `alias_id`, or a combination of + * `alias_name` and `alias_mount_accessor`. + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/identity/inputs/GetGroupPlainArgs.java b/sdk/java/src/main/java/com/pulumi/vault/identity/inputs/GetGroupPlainArgs.java index d3d27a644..79d3f4b29 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/identity/inputs/GetGroupPlainArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/identity/inputs/GetGroupPlainArgs.java @@ -33,6 +33,9 @@ public Optional aliasId() { * Accessor of the mount to which the alias belongs to. * This should be supplied in conjunction with `alias_name`. * + * The lookup criteria can be `group_name`, `group_id`, `alias_id`, or a combination of + * `alias_name` and `alias_mount_accessor`. + * */ @Import(name="aliasMountAccessor") private @Nullable String aliasMountAccessor; @@ -41,6 +44,9 @@ public Optional aliasId() { * @return Accessor of the mount to which the alias belongs to. * This should be supplied in conjunction with `alias_name`. * + * The lookup criteria can be `group_name`, `group_id`, `alias_id`, or a combination of + * `alias_name` and `alias_mount_accessor`. + * */ public Optional aliasMountAccessor() { return Optional.ofNullable(this.aliasMountAccessor); @@ -158,6 +164,9 @@ public Builder aliasId(@Nullable String aliasId) { * @param aliasMountAccessor Accessor of the mount to which the alias belongs to. * This should be supplied in conjunction with `alias_name`. * + * The lookup criteria can be `group_name`, `group_id`, `alias_id`, or a combination of + * `alias_name` and `alias_mount_accessor`. + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/identity/inputs/GroupMemberEntityIdsState.java b/sdk/java/src/main/java/com/pulumi/vault/identity/inputs/GroupMemberEntityIdsState.java index 42edb4695..58463ba63 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/identity/inputs/GroupMemberEntityIdsState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/identity/inputs/GroupMemberEntityIdsState.java @@ -20,6 +20,10 @@ public final class GroupMemberEntityIdsState extends com.pulumi.resources.Resour /** * Defaults to `true`. * + * If `true`, this resource will take exclusive control of the member entities that belong to the group and will set it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the member entities specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member entities specified in the resource are removed. + * */ @Import(name="exclusive") private @Nullable Output exclusive; @@ -27,6 +31,10 @@ public final class GroupMemberEntityIdsState extends com.pulumi.resources.Resour /** * @return Defaults to `true`. * + * If `true`, this resource will take exclusive control of the member entities that belong to the group and will set it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the member entities specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member entities specified in the resource are removed. + * */ public Optional> exclusive() { return Optional.ofNullable(this.exclusive); @@ -145,6 +153,10 @@ public Builder(GroupMemberEntityIdsState defaults) { /** * @param exclusive Defaults to `true`. * + * If `true`, this resource will take exclusive control of the member entities that belong to the group and will set it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the member entities specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member entities specified in the resource are removed. + * * @return builder * */ @@ -156,6 +168,10 @@ public Builder exclusive(@Nullable Output exclusive) { /** * @param exclusive Defaults to `true`. * + * If `true`, this resource will take exclusive control of the member entities that belong to the group and will set it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the member entities specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member entities specified in the resource are removed. + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/identity/inputs/GroupMemberGroupIdsState.java b/sdk/java/src/main/java/com/pulumi/vault/identity/inputs/GroupMemberGroupIdsState.java index 943d8a03c..cf4a6eb83 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/identity/inputs/GroupMemberGroupIdsState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/identity/inputs/GroupMemberGroupIdsState.java @@ -20,6 +20,13 @@ public final class GroupMemberGroupIdsState extends com.pulumi.resources.Resourc /** * Defaults to `true`. * + * If `true`, this resource will take exclusive control of the member groups that belong to the group and will set + * it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + * in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource + * are removed. + * */ @Import(name="exclusive") private @Nullable Output exclusive; @@ -27,6 +34,13 @@ public final class GroupMemberGroupIdsState extends com.pulumi.resources.Resourc /** * @return Defaults to `true`. * + * If `true`, this resource will take exclusive control of the member groups that belong to the group and will set + * it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + * in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource + * are removed. + * */ public Optional> exclusive() { return Optional.ofNullable(this.exclusive); @@ -113,6 +127,13 @@ public Builder(GroupMemberGroupIdsState defaults) { /** * @param exclusive Defaults to `true`. * + * If `true`, this resource will take exclusive control of the member groups that belong to the group and will set + * it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + * in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource + * are removed. + * * @return builder * */ @@ -124,6 +145,13 @@ public Builder exclusive(@Nullable Output exclusive) { /** * @param exclusive Defaults to `true`. * + * If `true`, this resource will take exclusive control of the member groups that belong to the group and will set + * it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + * in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource + * are removed. + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/identity/inputs/GroupPoliciesState.java b/sdk/java/src/main/java/com/pulumi/vault/identity/inputs/GroupPoliciesState.java index 71aeb5765..fe06f7342 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/identity/inputs/GroupPoliciesState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/identity/inputs/GroupPoliciesState.java @@ -20,6 +20,10 @@ public final class GroupPoliciesState extends com.pulumi.resources.ResourceArgs /** * Defaults to `true`. * + * If `true`, this resource will take exclusive control of the policies assigned to the group and will set it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the group. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. + * */ @Import(name="exclusive") private @Nullable Output exclusive; @@ -27,6 +31,10 @@ public final class GroupPoliciesState extends com.pulumi.resources.ResourceArgs /** * @return Defaults to `true`. * + * If `true`, this resource will take exclusive control of the policies assigned to the group and will set it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the group. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. + * */ public Optional> exclusive() { return Optional.ofNullable(this.exclusive); @@ -129,6 +137,10 @@ public Builder(GroupPoliciesState defaults) { /** * @param exclusive Defaults to `true`. * + * If `true`, this resource will take exclusive control of the policies assigned to the group and will set it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the group. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. + * * @return builder * */ @@ -140,6 +152,10 @@ public Builder exclusive(@Nullable Output exclusive) { /** * @param exclusive Defaults to `true`. * + * If `true`, this resource will take exclusive control of the policies assigned to the group and will set it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the group. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/identity/inputs/OidcKeyState.java b/sdk/java/src/main/java/com/pulumi/vault/identity/inputs/OidcKeyState.java index 78b697f28..46c0c7aac 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/identity/inputs/OidcKeyState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/identity/inputs/OidcKeyState.java @@ -35,16 +35,16 @@ public Optional> algorithm() { } /** - * Array of role client ids allowed to use this key for signing. If empty, no roles are allowed. If "*", all roles are - * allowed. + * Array of role client ID allowed to use this key for signing. If + * empty, no roles are allowed. If `["*"]`, all roles are allowed. * */ @Import(name="allowedClientIds") private @Nullable Output> allowedClientIds; /** - * @return Array of role client ids allowed to use this key for signing. If empty, no roles are allowed. If "*", all roles are - * allowed. + * @return Array of role client ID allowed to use this key for signing. If + * empty, no roles are allowed. If `["*"]`, all roles are allowed. * */ public Optional>> allowedClientIds() { @@ -172,8 +172,8 @@ public Builder algorithm(String algorithm) { } /** - * @param allowedClientIds Array of role client ids allowed to use this key for signing. If empty, no roles are allowed. If "*", all roles are - * allowed. + * @param allowedClientIds Array of role client ID allowed to use this key for signing. If + * empty, no roles are allowed. If `["*"]`, all roles are allowed. * * @return builder * @@ -184,8 +184,8 @@ public Builder allowedClientIds(@Nullable Output> allowedClientIds) } /** - * @param allowedClientIds Array of role client ids allowed to use this key for signing. If empty, no roles are allowed. If "*", all roles are - * allowed. + * @param allowedClientIds Array of role client ID allowed to use this key for signing. If + * empty, no roles are allowed. If `["*"]`, all roles are allowed. * * @return builder * @@ -195,8 +195,8 @@ public Builder allowedClientIds(List allowedClientIds) { } /** - * @param allowedClientIds Array of role client ids allowed to use this key for signing. If empty, no roles are allowed. If "*", all roles are - * allowed. + * @param allowedClientIds Array of role client ID allowed to use this key for signing. If + * empty, no roles are allowed. If `["*"]`, all roles are allowed. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/identity/outputs/GetOidcClientCredsResult.java b/sdk/java/src/main/java/com/pulumi/vault/identity/outputs/GetOidcClientCredsResult.java index d8a7ba732..d51373727 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/identity/outputs/GetOidcClientCredsResult.java +++ b/sdk/java/src/main/java/com/pulumi/vault/identity/outputs/GetOidcClientCredsResult.java @@ -18,6 +18,7 @@ public final class GetOidcClientCredsResult { private String clientId; /** * @return The Client Secret Key returned by Vault. + * For public OpenID Clients `client_secret` is set to an empty string `""` * */ private String clientSecret; @@ -39,6 +40,7 @@ public String clientId() { } /** * @return The Client Secret Key returned by Vault. + * For public OpenID Clients `client_secret` is set to an empty string `""` * */ public String clientSecret() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/inputs/AuditState.java b/sdk/java/src/main/java/com/pulumi/vault/inputs/AuditState.java index 1b536d06a..562541393 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/inputs/AuditState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/inputs/AuditState.java @@ -71,6 +71,8 @@ public Optional> namespace() { /** * Configuration options to pass to the audit device itself. * + * For a reference of the device types and their options, consult the [Vault documentation.](https://www.vaultproject.io/docs/audit/index.html) + * */ @Import(name="options") private @Nullable Output> options; @@ -78,6 +80,8 @@ public Optional> namespace() { /** * @return Configuration options to pass to the audit device itself. * + * For a reference of the device types and their options, consult the [Vault documentation.](https://www.vaultproject.io/docs/audit/index.html) + * */ public Optional>> options() { return Optional.ofNullable(this.options); @@ -214,6 +218,8 @@ public Builder namespace(String namespace) { /** * @param options Configuration options to pass to the audit device itself. * + * For a reference of the device types and their options, consult the [Vault documentation.](https://www.vaultproject.io/docs/audit/index.html) + * * @return builder * */ @@ -225,6 +231,8 @@ public Builder options(@Nullable Output> options) { /** * @param options Configuration options to pass to the audit device itself. * + * For a reference of the device types and their options, consult the [Vault documentation.](https://www.vaultproject.io/docs/audit/index.html) + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/inputs/AuthBackendState.java b/sdk/java/src/main/java/com/pulumi/vault/inputs/AuthBackendState.java index 52b84141c..989330ab0 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/inputs/AuthBackendState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/inputs/AuthBackendState.java @@ -118,6 +118,8 @@ public Optional> path() { /** * Extra configuration block. Structure is documented below. * + * The `tune` block is used to tune the auth backend: + * */ @Import(name="tune") private @Nullable Output tune; @@ -125,6 +127,8 @@ public Optional> path() { /** * @return Extra configuration block. Structure is documented below. * + * The `tune` block is used to tune the auth backend: + * */ public Optional> tune() { return Optional.ofNullable(this.tune); @@ -313,6 +317,8 @@ public Builder path(String path) { /** * @param tune Extra configuration block. Structure is documented below. * + * The `tune` block is used to tune the auth backend: + * * @return builder * */ @@ -324,6 +330,8 @@ public Builder tune(@Nullable Output tune) { /** * @param tune Extra configuration block. Structure is documented below. * + * The `tune` block is used to tune the auth backend: + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/inputs/CertAuthBackendRoleState.java b/sdk/java/src/main/java/com/pulumi/vault/inputs/CertAuthBackendRoleState.java index 5611a0ba2..6f9774ba2 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/inputs/CertAuthBackendRoleState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/inputs/CertAuthBackendRoleState.java @@ -211,14 +211,115 @@ public Optional> namespace() { } /** - * TLS extensions required on client certificates + * Any additional CA certificates + * needed to verify OCSP responses. Provided as base64 encoded PEM data. + * Requires Vault version 1.13+. + * + */ + @Import(name="ocspCaCertificates") + private @Nullable Output ocspCaCertificates; + + /** + * @return Any additional CA certificates + * needed to verify OCSP responses. Provided as base64 encoded PEM data. + * Requires Vault version 1.13+. + * + */ + public Optional> ocspCaCertificates() { + return Optional.ofNullable(this.ocspCaCertificates); + } + + /** + * If enabled, validate certificates' + * revocation status using OCSP. Requires Vault version 1.13+. + * + */ + @Import(name="ocspEnabled") + private @Nullable Output ocspEnabled; + + /** + * @return If enabled, validate certificates' + * revocation status using OCSP. Requires Vault version 1.13+. + * + */ + public Optional> ocspEnabled() { + return Optional.ofNullable(this.ocspEnabled); + } + + /** + * If true and an OCSP response cannot + * be fetched or is of an unknown status, the login will proceed as if the + * certificate has not been revoked. + * Requires Vault version 1.13+. + * + */ + @Import(name="ocspFailOpen") + private @Nullable Output ocspFailOpen; + + /** + * @return If true and an OCSP response cannot + * be fetched or is of an unknown status, the login will proceed as if the + * certificate has not been revoked. + * Requires Vault version 1.13+. + * + */ + public Optional> ocspFailOpen() { + return Optional.ofNullable(this.ocspFailOpen); + } + + /** + * If set to true, rather than + * accepting the first successful OCSP response, query all servers and consider + * the certificate valid only if all servers agree. + * Requires Vault version 1.13+. + * + */ + @Import(name="ocspQueryAllServers") + private @Nullable Output ocspQueryAllServers; + + /** + * @return If set to true, rather than + * accepting the first successful OCSP response, query all servers and consider + * the certificate valid only if all servers agree. + * Requires Vault version 1.13+. + * + */ + public Optional> ocspQueryAllServers() { + return Optional.ofNullable(this.ocspQueryAllServers); + } + + /** + * : A comma-separated list of OCSP + * server addresses. If unset, the OCSP server is determined from the + * AuthorityInformationAccess extension on the certificate being inspected. + * Requires Vault version 1.13+. + * + */ + @Import(name="ocspServersOverrides") + private @Nullable Output> ocspServersOverrides; + + /** + * @return : A comma-separated list of OCSP + * server addresses. If unset, the OCSP server is determined from the + * AuthorityInformationAccess extension on the certificate being inspected. + * Requires Vault version 1.13+. + * + */ + public Optional>> ocspServersOverrides() { + return Optional.ofNullable(this.ocspServersOverrides); + } + + /** + * TLS extensions required on + * client certificates * */ @Import(name="requiredExtensions") private @Nullable Output> requiredExtensions; /** - * @return TLS extensions required on client certificates + * @return TLS extensions required on + * client certificates * */ public Optional>> requiredExtensions() { @@ -378,6 +479,8 @@ public Optional> tokenTtl() { * `default-service` and `default-batch` which specify the type to return unless the client * requests a different type at generation time. * + * For more details on the usage of each argument consult the [Vault Cert API documentation](https://www.vaultproject.io/api-docs/auth/cert). + * */ @Import(name="tokenType") private @Nullable Output tokenType; @@ -389,6 +492,8 @@ public Optional> tokenTtl() { * `default-service` and `default-batch` which specify the type to return unless the client * requests a different type at generation time. * + * For more details on the usage of each argument consult the [Vault Cert API documentation](https://www.vaultproject.io/api-docs/auth/cert). + * */ public Optional> tokenType() { return Optional.ofNullable(this.tokenType); @@ -409,6 +514,11 @@ private CertAuthBackendRoleState(CertAuthBackendRoleState $) { this.displayName = $.displayName; this.name = $.name; this.namespace = $.namespace; + this.ocspCaCertificates = $.ocspCaCertificates; + this.ocspEnabled = $.ocspEnabled; + this.ocspFailOpen = $.ocspFailOpen; + this.ocspQueryAllServers = $.ocspQueryAllServers; + this.ocspServersOverrides = $.ocspServersOverrides; this.requiredExtensions = $.requiredExtensions; this.tokenBoundCidrs = $.tokenBoundCidrs; this.tokenExplicitMaxTtl = $.tokenExplicitMaxTtl; @@ -777,7 +887,150 @@ public Builder namespace(String namespace) { } /** - * @param requiredExtensions TLS extensions required on client certificates + * @param ocspCaCertificates Any additional CA certificates + * needed to verify OCSP responses. Provided as base64 encoded PEM data. + * Requires Vault version 1.13+. + * + * @return builder + * + */ + public Builder ocspCaCertificates(@Nullable Output ocspCaCertificates) { + $.ocspCaCertificates = ocspCaCertificates; + return this; + } + + /** + * @param ocspCaCertificates Any additional CA certificates + * needed to verify OCSP responses. Provided as base64 encoded PEM data. + * Requires Vault version 1.13+. + * + * @return builder + * + */ + public Builder ocspCaCertificates(String ocspCaCertificates) { + return ocspCaCertificates(Output.of(ocspCaCertificates)); + } + + /** + * @param ocspEnabled If enabled, validate certificates' + * revocation status using OCSP. Requires Vault version 1.13+. + * + * @return builder + * + */ + public Builder ocspEnabled(@Nullable Output ocspEnabled) { + $.ocspEnabled = ocspEnabled; + return this; + } + + /** + * @param ocspEnabled If enabled, validate certificates' + * revocation status using OCSP. Requires Vault version 1.13+. + * + * @return builder + * + */ + public Builder ocspEnabled(Boolean ocspEnabled) { + return ocspEnabled(Output.of(ocspEnabled)); + } + + /** + * @param ocspFailOpen If true and an OCSP response cannot + * be fetched or is of an unknown status, the login will proceed as if the + * certificate has not been revoked. + * Requires Vault version 1.13+. + * + * @return builder + * + */ + public Builder ocspFailOpen(@Nullable Output ocspFailOpen) { + $.ocspFailOpen = ocspFailOpen; + return this; + } + + /** + * @param ocspFailOpen If true and an OCSP response cannot + * be fetched or is of an unknown status, the login will proceed as if the + * certificate has not been revoked. + * Requires Vault version 1.13+. + * + * @return builder + * + */ + public Builder ocspFailOpen(Boolean ocspFailOpen) { + return ocspFailOpen(Output.of(ocspFailOpen)); + } + + /** + * @param ocspQueryAllServers If set to true, rather than + * accepting the first successful OCSP response, query all servers and consider + * the certificate valid only if all servers agree. + * Requires Vault version 1.13+. + * + * @return builder + * + */ + public Builder ocspQueryAllServers(@Nullable Output ocspQueryAllServers) { + $.ocspQueryAllServers = ocspQueryAllServers; + return this; + } + + /** + * @param ocspQueryAllServers If set to true, rather than + * accepting the first successful OCSP response, query all servers and consider + * the certificate valid only if all servers agree. + * Requires Vault version 1.13+. + * + * @return builder + * + */ + public Builder ocspQueryAllServers(Boolean ocspQueryAllServers) { + return ocspQueryAllServers(Output.of(ocspQueryAllServers)); + } + + /** + * @param ocspServersOverrides : A comma-separated list of OCSP + * server addresses. If unset, the OCSP server is determined from the + * AuthorityInformationAccess extension on the certificate being inspected. + * Requires Vault version 1.13+. + * + * @return builder + * + */ + public Builder ocspServersOverrides(@Nullable Output> ocspServersOverrides) { + $.ocspServersOverrides = ocspServersOverrides; + return this; + } + + /** + * @param ocspServersOverrides : A comma-separated list of OCSP + * server addresses. If unset, the OCSP server is determined from the + * AuthorityInformationAccess extension on the certificate being inspected. + * Requires Vault version 1.13+. + * + * @return builder + * + */ + public Builder ocspServersOverrides(List ocspServersOverrides) { + return ocspServersOverrides(Output.of(ocspServersOverrides)); + } + + /** + * @param ocspServersOverrides : A comma-separated list of OCSP + * server addresses. If unset, the OCSP server is determined from the + * AuthorityInformationAccess extension on the certificate being inspected. + * Requires Vault version 1.13+. + * + * @return builder + * + */ + public Builder ocspServersOverrides(String... ocspServersOverrides) { + return ocspServersOverrides(List.of(ocspServersOverrides)); + } + + /** + * @param requiredExtensions TLS extensions required on + * client certificates * * @return builder * @@ -788,7 +1041,8 @@ public Builder requiredExtensions(@Nullable Output> requiredExtensi } /** - * @param requiredExtensions TLS extensions required on client certificates + * @param requiredExtensions TLS extensions required on + * client certificates * * @return builder * @@ -798,7 +1052,8 @@ public Builder requiredExtensions(List requiredExtensions) { } /** - * @param requiredExtensions TLS extensions required on client certificates + * @param requiredExtensions TLS extensions required on + * client certificates * * @return builder * @@ -1031,6 +1286,8 @@ public Builder tokenTtl(Integer tokenTtl) { * `default-service` and `default-batch` which specify the type to return unless the client * requests a different type at generation time. * + * For more details on the usage of each argument consult the [Vault Cert API documentation](https://www.vaultproject.io/api-docs/auth/cert). + * * @return builder * */ @@ -1046,6 +1303,8 @@ public Builder tokenType(@Nullable Output tokenType) { * `default-service` and `default-batch` which specify the type to return unless the client * requests a different type at generation time. * + * For more details on the usage of each argument consult the [Vault Cert API documentation](https://www.vaultproject.io/api-docs/auth/cert). + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/inputs/GetAuthBackendsArgs.java b/sdk/java/src/main/java/com/pulumi/vault/inputs/GetAuthBackendsArgs.java new file mode 100644 index 000000000..e4486b462 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/vault/inputs/GetAuthBackendsArgs.java @@ -0,0 +1,132 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.vault.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class GetAuthBackendsArgs extends com.pulumi.resources.InvokeArgs { + + public static final GetAuthBackendsArgs Empty = new GetAuthBackendsArgs(); + + /** + * The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + @Import(name="namespace") + private @Nullable Output namespace; + + /** + * @return The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + public Optional> namespace() { + return Optional.ofNullable(this.namespace); + } + + /** + * The name of the auth method type. Allows filtering of backends returned by type. + * + */ + @Import(name="type") + private @Nullable Output type; + + /** + * @return The name of the auth method type. Allows filtering of backends returned by type. + * + */ + public Optional> type() { + return Optional.ofNullable(this.type); + } + + private GetAuthBackendsArgs() {} + + private GetAuthBackendsArgs(GetAuthBackendsArgs $) { + this.namespace = $.namespace; + this.type = $.type; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(GetAuthBackendsArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private GetAuthBackendsArgs $; + + public Builder() { + $ = new GetAuthBackendsArgs(); + } + + public Builder(GetAuthBackendsArgs defaults) { + $ = new GetAuthBackendsArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param namespace The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(@Nullable Output namespace) { + $.namespace = namespace; + return this; + } + + /** + * @param namespace The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(String namespace) { + return namespace(Output.of(namespace)); + } + + /** + * @param type The name of the auth method type. Allows filtering of backends returned by type. + * + * @return builder + * + */ + public Builder type(@Nullable Output type) { + $.type = type; + return this; + } + + /** + * @param type The name of the auth method type. Allows filtering of backends returned by type. + * + * @return builder + * + */ + public Builder type(String type) { + return type(Output.of(type)); + } + + public GetAuthBackendsArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/vault/inputs/GetAuthBackendsPlainArgs.java b/sdk/java/src/main/java/com/pulumi/vault/inputs/GetAuthBackendsPlainArgs.java new file mode 100644 index 000000000..d53791050 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/vault/inputs/GetAuthBackendsPlainArgs.java @@ -0,0 +1,108 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.vault.inputs; + +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class GetAuthBackendsPlainArgs extends com.pulumi.resources.InvokeArgs { + + public static final GetAuthBackendsPlainArgs Empty = new GetAuthBackendsPlainArgs(); + + /** + * The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + @Import(name="namespace") + private @Nullable String namespace; + + /** + * @return The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + public Optional namespace() { + return Optional.ofNullable(this.namespace); + } + + /** + * The name of the auth method type. Allows filtering of backends returned by type. + * + */ + @Import(name="type") + private @Nullable String type; + + /** + * @return The name of the auth method type. Allows filtering of backends returned by type. + * + */ + public Optional type() { + return Optional.ofNullable(this.type); + } + + private GetAuthBackendsPlainArgs() {} + + private GetAuthBackendsPlainArgs(GetAuthBackendsPlainArgs $) { + this.namespace = $.namespace; + this.type = $.type; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(GetAuthBackendsPlainArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private GetAuthBackendsPlainArgs $; + + public Builder() { + $ = new GetAuthBackendsPlainArgs(); + } + + public Builder(GetAuthBackendsPlainArgs defaults) { + $ = new GetAuthBackendsPlainArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param namespace The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(@Nullable String namespace) { + $.namespace = namespace; + return this; + } + + /** + * @param type The name of the auth method type. Allows filtering of backends returned by type. + * + * @return builder + * + */ + public Builder type(@Nullable String type) { + $.type = type; + return this; + } + + public GetAuthBackendsPlainArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/vault/inputs/GetRaftAutopilotStateArgs.java b/sdk/java/src/main/java/com/pulumi/vault/inputs/GetRaftAutopilotStateArgs.java new file mode 100644 index 000000000..4ffdfba87 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/vault/inputs/GetRaftAutopilotStateArgs.java @@ -0,0 +1,95 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.vault.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class GetRaftAutopilotStateArgs extends com.pulumi.resources.InvokeArgs { + + public static final GetRaftAutopilotStateArgs Empty = new GetRaftAutopilotStateArgs(); + + /** + * The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + @Import(name="namespace") + private @Nullable Output namespace; + + /** + * @return The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + public Optional> namespace() { + return Optional.ofNullable(this.namespace); + } + + private GetRaftAutopilotStateArgs() {} + + private GetRaftAutopilotStateArgs(GetRaftAutopilotStateArgs $) { + this.namespace = $.namespace; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(GetRaftAutopilotStateArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private GetRaftAutopilotStateArgs $; + + public Builder() { + $ = new GetRaftAutopilotStateArgs(); + } + + public Builder(GetRaftAutopilotStateArgs defaults) { + $ = new GetRaftAutopilotStateArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param namespace The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(@Nullable Output namespace) { + $.namespace = namespace; + return this; + } + + /** + * @param namespace The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(String namespace) { + return namespace(Output.of(namespace)); + } + + public GetRaftAutopilotStateArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/vault/inputs/GetRaftAutopilotStatePlainArgs.java b/sdk/java/src/main/java/com/pulumi/vault/inputs/GetRaftAutopilotStatePlainArgs.java new file mode 100644 index 000000000..636992de4 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/vault/inputs/GetRaftAutopilotStatePlainArgs.java @@ -0,0 +1,81 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.vault.inputs; + +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class GetRaftAutopilotStatePlainArgs extends com.pulumi.resources.InvokeArgs { + + public static final GetRaftAutopilotStatePlainArgs Empty = new GetRaftAutopilotStatePlainArgs(); + + /** + * The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + @Import(name="namespace") + private @Nullable String namespace; + + /** + * @return The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + public Optional namespace() { + return Optional.ofNullable(this.namespace); + } + + private GetRaftAutopilotStatePlainArgs() {} + + private GetRaftAutopilotStatePlainArgs(GetRaftAutopilotStatePlainArgs $) { + this.namespace = $.namespace; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(GetRaftAutopilotStatePlainArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private GetRaftAutopilotStatePlainArgs $; + + public Builder() { + $ = new GetRaftAutopilotStatePlainArgs(); + } + + public Builder(GetRaftAutopilotStatePlainArgs defaults) { + $ = new GetRaftAutopilotStatePlainArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param namespace The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(@Nullable String namespace) { + $.namespace = namespace; + return this; + } + + public GetRaftAutopilotStatePlainArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/vault/inputs/MfaPingidState.java b/sdk/java/src/main/java/com/pulumi/vault/inputs/MfaPingidState.java index 008919ab3..1446b9a25 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/inputs/MfaPingidState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/inputs/MfaPingidState.java @@ -17,14 +17,14 @@ public final class MfaPingidState extends com.pulumi.resources.ResourceArgs { public static final MfaPingidState Empty = new MfaPingidState(); /** - * Admin URL computed by Vault. + * `(string)` – Admin URL computed by Vault * */ @Import(name="adminUrl") private @Nullable Output adminUrl; /** - * @return Admin URL computed by Vault. + * @return `(string)` – Admin URL computed by Vault * */ public Optional> adminUrl() { @@ -32,14 +32,14 @@ public Optional> adminUrl() { } /** - * Authenticator URL computed by Vault. + * `(string)` – Authenticator URL computed by Vault * */ @Import(name="authenticatorUrl") private @Nullable Output authenticatorUrl; /** - * @return Authenticator URL computed by Vault. + * @return `(string)` – Authenticator URL computed by Vault * */ public Optional> authenticatorUrl() { @@ -47,14 +47,14 @@ public Optional> authenticatorUrl() { } /** - * IDP URL computed by Vault. + * `(string)` – IDP URL computed by Vault * */ @Import(name="idpUrl") private @Nullable Output idpUrl; /** - * @return IDP URL computed by Vault. + * @return `(string)` – IDP URL computed by Vault * */ public Optional> idpUrl() { @@ -115,14 +115,14 @@ public Optional> namespace() { } /** - * Namespace ID computed by Vault. + * `(string)` – Namespace ID computed by Vault * */ @Import(name="namespaceId") private @Nullable Output namespaceId; /** - * @return Namespace ID computed by Vault. + * @return `(string)` – Namespace ID computed by Vault * */ public Optional> namespaceId() { @@ -130,14 +130,14 @@ public Optional> namespaceId() { } /** - * Org Alias computed by Vault. + * `(string)` – Org Alias computed by Vault * */ @Import(name="orgAlias") private @Nullable Output orgAlias; /** - * @return Org Alias computed by Vault. + * @return `(string)` – Org Alias computed by Vault * */ public Optional> orgAlias() { @@ -162,14 +162,14 @@ public Optional> settingsFileBase64() { } /** - * Type of configuration computed by Vault. + * `(string)` – Type of configuration computed by Vault * */ @Import(name="type") private @Nullable Output type; /** - * @return Type of configuration computed by Vault. + * @return `(string)` – Type of configuration computed by Vault * */ public Optional> type() { @@ -177,14 +177,14 @@ public Optional> type() { } /** - * If set, enables use of PingID signature. Computed by Vault + * `(string)` – If set to true, enables use of PingID signature. Computed by Vault * */ @Import(name="useSignature") private @Nullable Output useSignature; /** - * @return If set, enables use of PingID signature. Computed by Vault + * @return `(string)` – If set to true, enables use of PingID signature. Computed by Vault * */ public Optional> useSignature() { @@ -254,7 +254,7 @@ public Builder(MfaPingidState defaults) { } /** - * @param adminUrl Admin URL computed by Vault. + * @param adminUrl `(string)` – Admin URL computed by Vault * * @return builder * @@ -265,7 +265,7 @@ public Builder adminUrl(@Nullable Output adminUrl) { } /** - * @param adminUrl Admin URL computed by Vault. + * @param adminUrl `(string)` – Admin URL computed by Vault * * @return builder * @@ -275,7 +275,7 @@ public Builder adminUrl(String adminUrl) { } /** - * @param authenticatorUrl Authenticator URL computed by Vault. + * @param authenticatorUrl `(string)` – Authenticator URL computed by Vault * * @return builder * @@ -286,7 +286,7 @@ public Builder authenticatorUrl(@Nullable Output authenticatorUrl) { } /** - * @param authenticatorUrl Authenticator URL computed by Vault. + * @param authenticatorUrl `(string)` – Authenticator URL computed by Vault * * @return builder * @@ -296,7 +296,7 @@ public Builder authenticatorUrl(String authenticatorUrl) { } /** - * @param idpUrl IDP URL computed by Vault. + * @param idpUrl `(string)` – IDP URL computed by Vault * * @return builder * @@ -307,7 +307,7 @@ public Builder idpUrl(@Nullable Output idpUrl) { } /** - * @param idpUrl IDP URL computed by Vault. + * @param idpUrl `(string)` – IDP URL computed by Vault * * @return builder * @@ -388,7 +388,7 @@ public Builder namespace(String namespace) { } /** - * @param namespaceId Namespace ID computed by Vault. + * @param namespaceId `(string)` – Namespace ID computed by Vault * * @return builder * @@ -399,7 +399,7 @@ public Builder namespaceId(@Nullable Output namespaceId) { } /** - * @param namespaceId Namespace ID computed by Vault. + * @param namespaceId `(string)` – Namespace ID computed by Vault * * @return builder * @@ -409,7 +409,7 @@ public Builder namespaceId(String namespaceId) { } /** - * @param orgAlias Org Alias computed by Vault. + * @param orgAlias `(string)` – Org Alias computed by Vault * * @return builder * @@ -420,7 +420,7 @@ public Builder orgAlias(@Nullable Output orgAlias) { } /** - * @param orgAlias Org Alias computed by Vault. + * @param orgAlias `(string)` – Org Alias computed by Vault * * @return builder * @@ -453,7 +453,7 @@ public Builder settingsFileBase64(String settingsFileBase64) { } /** - * @param type Type of configuration computed by Vault. + * @param type `(string)` – Type of configuration computed by Vault * * @return builder * @@ -464,7 +464,7 @@ public Builder type(@Nullable Output type) { } /** - * @param type Type of configuration computed by Vault. + * @param type `(string)` – Type of configuration computed by Vault * * @return builder * @@ -474,7 +474,7 @@ public Builder type(String type) { } /** - * @param useSignature If set, enables use of PingID signature. Computed by Vault + * @param useSignature `(string)` – If set to true, enables use of PingID signature. Computed by Vault * * @return builder * @@ -485,7 +485,7 @@ public Builder useSignature(@Nullable Output useSignature) { } /** - * @param useSignature If set, enables use of PingID signature. Computed by Vault + * @param useSignature `(string)` – If set to true, enables use of PingID signature. Computed by Vault * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/inputs/NamespaceState.java b/sdk/java/src/main/java/com/pulumi/vault/inputs/NamespaceState.java index ec105f3e6..3a5d8680f 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/inputs/NamespaceState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/inputs/NamespaceState.java @@ -5,7 +5,9 @@ import com.pulumi.core.Output; import com.pulumi.core.annotations.Import; +import java.lang.Object; import java.lang.String; +import java.util.Map; import java.util.Objects; import java.util.Optional; import javax.annotation.Nullable; @@ -15,6 +17,23 @@ public final class NamespaceState extends com.pulumi.resources.ResourceArgs { public static final NamespaceState Empty = new NamespaceState(); + /** + * Custom metadata describing this namespace. Value type + * is `map[string]string`. Requires Vault version 1.12+. + * + */ + @Import(name="customMetadata") + private @Nullable Output> customMetadata; + + /** + * @return Custom metadata describing this namespace. Value type + * is `map[string]string`. Requires Vault version 1.12+. + * + */ + public Optional>> customMetadata() { + return Optional.ofNullable(this.customMetadata); + } + /** * The namespace to provision the resource in. * The value should not contain leading or trailing forward slashes. @@ -86,6 +105,7 @@ public Optional> pathFq() { private NamespaceState() {} private NamespaceState(NamespaceState $) { + this.customMetadata = $.customMetadata; this.namespace = $.namespace; this.namespaceId = $.namespaceId; this.path = $.path; @@ -110,6 +130,29 @@ public Builder(NamespaceState defaults) { $ = new NamespaceState(Objects.requireNonNull(defaults)); } + /** + * @param customMetadata Custom metadata describing this namespace. Value type + * is `map[string]string`. Requires Vault version 1.12+. + * + * @return builder + * + */ + public Builder customMetadata(@Nullable Output> customMetadata) { + $.customMetadata = customMetadata; + return this; + } + + /** + * @param customMetadata Custom metadata describing this namespace. Value type + * is `map[string]string`. Requires Vault version 1.12+. + * + * @return builder + * + */ + public Builder customMetadata(Map customMetadata) { + return customMetadata(Output.of(customMetadata)); + } + /** * @param namespace The namespace to provision the resource in. * The value should not contain leading or trailing forward slashes. diff --git a/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginArgs.java b/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginArgs.java index 229f14536..5909bfc45 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginArgs.java @@ -5,6 +5,7 @@ import com.pulumi.core.Output; import com.pulumi.core.annotations.Import; +import java.lang.Boolean; import java.lang.String; import java.util.Map; import java.util.Objects; @@ -44,6 +45,13 @@ public Output path() { return this.path; } + @Import(name="useRootNamespace") + private @Nullable Output useRootNamespace; + + public Optional> useRootNamespace() { + return Optional.ofNullable(this.useRootNamespace); + } + private ProviderAuthLoginArgs() {} private ProviderAuthLoginArgs(ProviderAuthLoginArgs $) { @@ -51,6 +59,7 @@ private ProviderAuthLoginArgs(ProviderAuthLoginArgs $) { this.namespace = $.namespace; this.parameters = $.parameters; this.path = $.path; + this.useRootNamespace = $.useRootNamespace; } public static Builder builder() { @@ -107,6 +116,15 @@ public Builder path(String path) { return path(Output.of(path)); } + public Builder useRootNamespace(@Nullable Output useRootNamespace) { + $.useRootNamespace = useRootNamespace; + return this; + } + + public Builder useRootNamespace(Boolean useRootNamespace) { + return useRootNamespace(Output.of(useRootNamespace)); + } + public ProviderAuthLoginArgs build() { $.path = Objects.requireNonNull($.path, "expected parameter 'path' to be non-null"); return $; diff --git a/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginAwsArgs.java b/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginAwsArgs.java index c534e6ee2..b14edfc35 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginAwsArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginAwsArgs.java @@ -5,6 +5,7 @@ import com.pulumi.core.Output; import com.pulumi.core.annotations.Import; +import java.lang.Boolean; import java.lang.String; import java.util.Objects; import java.util.Optional; @@ -120,6 +121,13 @@ public Output role() { return this.role; } + @Import(name="useRootNamespace") + private @Nullable Output useRootNamespace; + + public Optional> useRootNamespace() { + return Optional.ofNullable(this.useRootNamespace); + } + private ProviderAuthLoginAwsArgs() {} private ProviderAuthLoginAwsArgs(ProviderAuthLoginAwsArgs $) { @@ -138,6 +146,7 @@ private ProviderAuthLoginAwsArgs(ProviderAuthLoginAwsArgs $) { this.mount = $.mount; this.namespace = $.namespace; this.role = $.role; + this.useRootNamespace = $.useRootNamespace; } public static Builder builder() { @@ -293,6 +302,15 @@ public Builder role(String role) { return role(Output.of(role)); } + public Builder useRootNamespace(@Nullable Output useRootNamespace) { + $.useRootNamespace = useRootNamespace; + return this; + } + + public Builder useRootNamespace(Boolean useRootNamespace) { + return useRootNamespace(Output.of(useRootNamespace)); + } + public ProviderAuthLoginAwsArgs build() { $.role = Objects.requireNonNull($.role, "expected parameter 'role' to be non-null"); return $; diff --git a/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginAzureArgs.java b/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginAzureArgs.java index 88bcccc9f..0e0637178 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginAzureArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginAzureArgs.java @@ -5,6 +5,7 @@ import com.pulumi.core.Output; import com.pulumi.core.annotations.Import; +import java.lang.Boolean; import java.lang.String; import java.util.Objects; import java.util.Optional; @@ -78,6 +79,13 @@ public Optional> tenantId() { return Optional.ofNullable(this.tenantId); } + @Import(name="useRootNamespace") + private @Nullable Output useRootNamespace; + + public Optional> useRootNamespace() { + return Optional.ofNullable(this.useRootNamespace); + } + @Import(name="vmName") private @Nullable Output vmName; @@ -104,6 +112,7 @@ private ProviderAuthLoginAzureArgs(ProviderAuthLoginAzureArgs $) { this.scope = $.scope; this.subscriptionId = $.subscriptionId; this.tenantId = $.tenantId; + this.useRootNamespace = $.useRootNamespace; this.vmName = $.vmName; this.vmssName = $.vmssName; } @@ -207,6 +216,15 @@ public Builder tenantId(String tenantId) { return tenantId(Output.of(tenantId)); } + public Builder useRootNamespace(@Nullable Output useRootNamespace) { + $.useRootNamespace = useRootNamespace; + return this; + } + + public Builder useRootNamespace(Boolean useRootNamespace) { + return useRootNamespace(Output.of(useRootNamespace)); + } + public Builder vmName(@Nullable Output vmName) { $.vmName = vmName; return this; diff --git a/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginCertArgs.java b/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginCertArgs.java index 2376099cd..a562219d8 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginCertArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginCertArgs.java @@ -5,6 +5,7 @@ import com.pulumi.core.Output; import com.pulumi.core.annotations.Import; +import java.lang.Boolean; import java.lang.String; import java.util.Objects; import java.util.Optional; @@ -50,6 +51,13 @@ public Optional> namespace() { return Optional.ofNullable(this.namespace); } + @Import(name="useRootNamespace") + private @Nullable Output useRootNamespace; + + public Optional> useRootNamespace() { + return Optional.ofNullable(this.useRootNamespace); + } + private ProviderAuthLoginCertArgs() {} private ProviderAuthLoginCertArgs(ProviderAuthLoginCertArgs $) { @@ -58,6 +66,7 @@ private ProviderAuthLoginCertArgs(ProviderAuthLoginCertArgs $) { this.mount = $.mount; this.name = $.name; this.namespace = $.namespace; + this.useRootNamespace = $.useRootNamespace; } public static Builder builder() { @@ -123,6 +132,15 @@ public Builder namespace(String namespace) { return namespace(Output.of(namespace)); } + public Builder useRootNamespace(@Nullable Output useRootNamespace) { + $.useRootNamespace = useRootNamespace; + return this; + } + + public Builder useRootNamespace(Boolean useRootNamespace) { + return useRootNamespace(Output.of(useRootNamespace)); + } + public ProviderAuthLoginCertArgs build() { $.certFile = Objects.requireNonNull($.certFile, "expected parameter 'certFile' to be non-null"); $.keyFile = Objects.requireNonNull($.keyFile, "expected parameter 'keyFile' to be non-null"); diff --git a/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginGcpArgs.java b/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginGcpArgs.java index 440a6414f..094b941af 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginGcpArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginGcpArgs.java @@ -5,6 +5,7 @@ import com.pulumi.core.Output; import com.pulumi.core.annotations.Import; +import java.lang.Boolean; import java.lang.String; import java.util.Objects; import java.util.Optional; @@ -57,6 +58,13 @@ public Optional> serviceAccount() { return Optional.ofNullable(this.serviceAccount); } + @Import(name="useRootNamespace") + private @Nullable Output useRootNamespace; + + public Optional> useRootNamespace() { + return Optional.ofNullable(this.useRootNamespace); + } + private ProviderAuthLoginGcpArgs() {} private ProviderAuthLoginGcpArgs(ProviderAuthLoginGcpArgs $) { @@ -66,6 +74,7 @@ private ProviderAuthLoginGcpArgs(ProviderAuthLoginGcpArgs $) { this.namespace = $.namespace; this.role = $.role; this.serviceAccount = $.serviceAccount; + this.useRootNamespace = $.useRootNamespace; } public static Builder builder() { @@ -140,6 +149,15 @@ public Builder serviceAccount(String serviceAccount) { return serviceAccount(Output.of(serviceAccount)); } + public Builder useRootNamespace(@Nullable Output useRootNamespace) { + $.useRootNamespace = useRootNamespace; + return this; + } + + public Builder useRootNamespace(Boolean useRootNamespace) { + return useRootNamespace(Output.of(useRootNamespace)); + } + public ProviderAuthLoginGcpArgs build() { $.role = Objects.requireNonNull($.role, "expected parameter 'role' to be non-null"); return $; diff --git a/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginJwtArgs.java b/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginJwtArgs.java index 9774e6124..2c709684e 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginJwtArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginJwtArgs.java @@ -5,6 +5,7 @@ import com.pulumi.core.Output; import com.pulumi.core.annotations.Import; +import java.lang.Boolean; import java.lang.String; import java.util.Objects; import java.util.Optional; @@ -43,6 +44,13 @@ public Output role() { return this.role; } + @Import(name="useRootNamespace") + private @Nullable Output useRootNamespace; + + public Optional> useRootNamespace() { + return Optional.ofNullable(this.useRootNamespace); + } + private ProviderAuthLoginJwtArgs() {} private ProviderAuthLoginJwtArgs(ProviderAuthLoginJwtArgs $) { @@ -50,6 +58,7 @@ private ProviderAuthLoginJwtArgs(ProviderAuthLoginJwtArgs $) { this.mount = $.mount; this.namespace = $.namespace; this.role = $.role; + this.useRootNamespace = $.useRootNamespace; } public static Builder builder() { @@ -106,6 +115,15 @@ public Builder role(String role) { return role(Output.of(role)); } + public Builder useRootNamespace(@Nullable Output useRootNamespace) { + $.useRootNamespace = useRootNamespace; + return this; + } + + public Builder useRootNamespace(Boolean useRootNamespace) { + return useRootNamespace(Output.of(useRootNamespace)); + } + public ProviderAuthLoginJwtArgs build() { $.jwt = Objects.requireNonNull($.jwt, "expected parameter 'jwt' to be non-null"); $.role = Objects.requireNonNull($.role, "expected parameter 'role' to be non-null"); diff --git a/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginKerberosArgs.java b/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginKerberosArgs.java index a81d4a56d..438165e66 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginKerberosArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginKerberosArgs.java @@ -79,6 +79,13 @@ public Optional> token() { return Optional.ofNullable(this.token); } + @Import(name="useRootNamespace") + private @Nullable Output useRootNamespace; + + public Optional> useRootNamespace() { + return Optional.ofNullable(this.useRootNamespace); + } + @Import(name="username") private @Nullable Output username; @@ -98,6 +105,7 @@ private ProviderAuthLoginKerberosArgs(ProviderAuthLoginKerberosArgs $) { this.removeInstanceName = $.removeInstanceName; this.service = $.service; this.token = $.token; + this.useRootNamespace = $.useRootNamespace; this.username = $.username; } @@ -200,6 +208,15 @@ public Builder token(String token) { return token(Output.of(token)); } + public Builder useRootNamespace(@Nullable Output useRootNamespace) { + $.useRootNamespace = useRootNamespace; + return this; + } + + public Builder useRootNamespace(Boolean useRootNamespace) { + return useRootNamespace(Output.of(useRootNamespace)); + } + public Builder username(@Nullable Output username) { $.username = username; return this; diff --git a/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginOciArgs.java b/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginOciArgs.java index a60c3bb2e..fc544a43f 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginOciArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginOciArgs.java @@ -5,6 +5,7 @@ import com.pulumi.core.Output; import com.pulumi.core.annotations.Import; +import java.lang.Boolean; import java.lang.String; import java.util.Objects; import java.util.Optional; @@ -43,6 +44,13 @@ public Output role() { return this.role; } + @Import(name="useRootNamespace") + private @Nullable Output useRootNamespace; + + public Optional> useRootNamespace() { + return Optional.ofNullable(this.useRootNamespace); + } + private ProviderAuthLoginOciArgs() {} private ProviderAuthLoginOciArgs(ProviderAuthLoginOciArgs $) { @@ -50,6 +58,7 @@ private ProviderAuthLoginOciArgs(ProviderAuthLoginOciArgs $) { this.mount = $.mount; this.namespace = $.namespace; this.role = $.role; + this.useRootNamespace = $.useRootNamespace; } public static Builder builder() { @@ -106,6 +115,15 @@ public Builder role(String role) { return role(Output.of(role)); } + public Builder useRootNamespace(@Nullable Output useRootNamespace) { + $.useRootNamespace = useRootNamespace; + return this; + } + + public Builder useRootNamespace(Boolean useRootNamespace) { + return useRootNamespace(Output.of(useRootNamespace)); + } + public ProviderAuthLoginOciArgs build() { $.authType = Objects.requireNonNull($.authType, "expected parameter 'authType' to be non-null"); $.role = Objects.requireNonNull($.role, "expected parameter 'role' to be non-null"); diff --git a/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginOidcArgs.java b/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginOidcArgs.java index 45b25c0fb..7fbeb5316 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginOidcArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginOidcArgs.java @@ -5,6 +5,7 @@ import com.pulumi.core.Output; import com.pulumi.core.annotations.Import; +import java.lang.Boolean; import java.lang.String; import java.util.Objects; import java.util.Optional; @@ -50,6 +51,13 @@ public Output role() { return this.role; } + @Import(name="useRootNamespace") + private @Nullable Output useRootNamespace; + + public Optional> useRootNamespace() { + return Optional.ofNullable(this.useRootNamespace); + } + private ProviderAuthLoginOidcArgs() {} private ProviderAuthLoginOidcArgs(ProviderAuthLoginOidcArgs $) { @@ -58,6 +66,7 @@ private ProviderAuthLoginOidcArgs(ProviderAuthLoginOidcArgs $) { this.mount = $.mount; this.namespace = $.namespace; this.role = $.role; + this.useRootNamespace = $.useRootNamespace; } public static Builder builder() { @@ -123,6 +132,15 @@ public Builder role(String role) { return role(Output.of(role)); } + public Builder useRootNamespace(@Nullable Output useRootNamespace) { + $.useRootNamespace = useRootNamespace; + return this; + } + + public Builder useRootNamespace(Boolean useRootNamespace) { + return useRootNamespace(Output.of(useRootNamespace)); + } + public ProviderAuthLoginOidcArgs build() { $.role = Objects.requireNonNull($.role, "expected parameter 'role' to be non-null"); return $; diff --git a/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginRadiusArgs.java b/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginRadiusArgs.java index 25faabce4..1a7e55600 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginRadiusArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginRadiusArgs.java @@ -5,6 +5,7 @@ import com.pulumi.core.Output; import com.pulumi.core.annotations.Import; +import java.lang.Boolean; import java.lang.String; import java.util.Objects; import java.util.Optional; @@ -36,6 +37,13 @@ public Output password() { return this.password; } + @Import(name="useRootNamespace") + private @Nullable Output useRootNamespace; + + public Optional> useRootNamespace() { + return Optional.ofNullable(this.useRootNamespace); + } + @Import(name="username", required=true) private Output username; @@ -49,6 +57,7 @@ private ProviderAuthLoginRadiusArgs(ProviderAuthLoginRadiusArgs $) { this.mount = $.mount; this.namespace = $.namespace; this.password = $.password; + this.useRootNamespace = $.useRootNamespace; this.username = $.username; } @@ -97,6 +106,15 @@ public Builder password(String password) { return password(Output.of(password)); } + public Builder useRootNamespace(@Nullable Output useRootNamespace) { + $.useRootNamespace = useRootNamespace; + return this; + } + + public Builder useRootNamespace(Boolean useRootNamespace) { + return useRootNamespace(Output.of(useRootNamespace)); + } + public Builder username(Output username) { $.username = username; return this; diff --git a/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginTokenFileArgs.java b/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginTokenFileArgs.java index 274ee376e..cfc45c4a2 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginTokenFileArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginTokenFileArgs.java @@ -5,6 +5,7 @@ import com.pulumi.core.Output; import com.pulumi.core.annotations.Import; +import java.lang.Boolean; import java.lang.String; import java.util.Objects; import java.util.Optional; @@ -29,11 +30,19 @@ public Optional> namespace() { return Optional.ofNullable(this.namespace); } + @Import(name="useRootNamespace") + private @Nullable Output useRootNamespace; + + public Optional> useRootNamespace() { + return Optional.ofNullable(this.useRootNamespace); + } + private ProviderAuthLoginTokenFileArgs() {} private ProviderAuthLoginTokenFileArgs(ProviderAuthLoginTokenFileArgs $) { this.filename = $.filename; this.namespace = $.namespace; + this.useRootNamespace = $.useRootNamespace; } public static Builder builder() { @@ -72,6 +81,15 @@ public Builder namespace(String namespace) { return namespace(Output.of(namespace)); } + public Builder useRootNamespace(@Nullable Output useRootNamespace) { + $.useRootNamespace = useRootNamespace; + return this; + } + + public Builder useRootNamespace(Boolean useRootNamespace) { + return useRootNamespace(Output.of(useRootNamespace)); + } + public ProviderAuthLoginTokenFileArgs build() { $.filename = Objects.requireNonNull($.filename, "expected parameter 'filename' to be non-null"); return $; diff --git a/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginUserpassArgs.java b/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginUserpassArgs.java index 8e400eae3..6a24f9880 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginUserpassArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/inputs/ProviderAuthLoginUserpassArgs.java @@ -5,6 +5,7 @@ import com.pulumi.core.Output; import com.pulumi.core.annotations.Import; +import java.lang.Boolean; import java.lang.String; import java.util.Objects; import java.util.Optional; @@ -43,6 +44,13 @@ public Optional> passwordFile() { return Optional.ofNullable(this.passwordFile); } + @Import(name="useRootNamespace") + private @Nullable Output useRootNamespace; + + public Optional> useRootNamespace() { + return Optional.ofNullable(this.useRootNamespace); + } + @Import(name="username", required=true) private Output username; @@ -57,6 +65,7 @@ private ProviderAuthLoginUserpassArgs(ProviderAuthLoginUserpassArgs $) { this.namespace = $.namespace; this.password = $.password; this.passwordFile = $.passwordFile; + this.useRootNamespace = $.useRootNamespace; this.username = $.username; } @@ -114,6 +123,15 @@ public Builder passwordFile(String passwordFile) { return passwordFile(Output.of(passwordFile)); } + public Builder useRootNamespace(@Nullable Output useRootNamespace) { + $.useRootNamespace = useRootNamespace; + return this; + } + + public Builder useRootNamespace(Boolean useRootNamespace) { + return useRootNamespace(Output.of(useRootNamespace)); + } + public Builder username(Output username) { $.username = username; return this; diff --git a/sdk/java/src/main/java/com/pulumi/vault/inputs/RaftSnapshotAgentConfigState.java b/sdk/java/src/main/java/com/pulumi/vault/inputs/RaftSnapshotAgentConfigState.java index 1ab0f59ce..19302ca9c 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/inputs/RaftSnapshotAgentConfigState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/inputs/RaftSnapshotAgentConfigState.java @@ -342,6 +342,28 @@ public Optional> googleGcsBucket() { /** * Google service account key in JSON format. * The raw value looks like this: + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * } + * } + * ``` * */ @Import(name="googleServiceAccountKey") @@ -350,6 +372,28 @@ public Optional> googleGcsBucket() { /** * @return Google service account key in JSON format. * The raw value looks like this: + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * } + * } + * ``` * */ public Optional> googleServiceAccountKey() { @@ -981,6 +1025,28 @@ public Builder googleGcsBucket(String googleGcsBucket) { /** * @param googleServiceAccountKey Google service account key in JSON format. * The raw value looks like this: + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * } + * } + * ``` * * @return builder * @@ -993,6 +1059,28 @@ public Builder googleServiceAccountKey(@Nullable Output googleServiceAcc /** * @param googleServiceAccountKey Google service account key in JSON format. * The raw value looks like this: + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * } + * } + * ``` * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/jwt/AuthBackend.java b/sdk/java/src/main/java/com/pulumi/vault/jwt/AuthBackend.java index 068b669af..6b7a9d15d 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/jwt/AuthBackend.java +++ b/sdk/java/src/main/java/com/pulumi/vault/jwt/AuthBackend.java @@ -143,7 +143,6 @@ * ```sh * $ pulumi import vault:jwt/authBackend:AuthBackend oidc oidc * ``` - * * or * * ```sh @@ -318,6 +317,10 @@ public Output> namespace() { /** * Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs * + * * tune - (Optional) Extra configuration block. Structure is documented below. + * + * The `tune` block is used to tune the auth backend: + * */ @Export(name="namespaceInState", refs={Boolean.class}, tree="[0]") private Output namespaceInState; @@ -325,6 +328,10 @@ public Output> namespace() { /** * @return Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs * + * * tune - (Optional) Extra configuration block. Structure is documented below. + * + * The `tune` block is used to tune the auth backend: + * */ public Output> namespaceInState() { return Codegen.optional(this.namespaceInState); diff --git a/sdk/java/src/main/java/com/pulumi/vault/jwt/AuthBackendArgs.java b/sdk/java/src/main/java/com/pulumi/vault/jwt/AuthBackendArgs.java index 52b7f1d56..bc72d39d8 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/jwt/AuthBackendArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/jwt/AuthBackendArgs.java @@ -180,6 +180,10 @@ public Optional> namespace() { /** * Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs * + * * tune - (Optional) Extra configuration block. Structure is documented below. + * + * The `tune` block is used to tune the auth backend: + * */ @Import(name="namespaceInState") private @Nullable Output namespaceInState; @@ -187,6 +191,10 @@ public Optional> namespace() { /** * @return Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs * + * * tune - (Optional) Extra configuration block. Structure is documented below. + * + * The `tune` block is used to tune the auth backend: + * */ public Optional> namespaceInState() { return Optional.ofNullable(this.namespaceInState); @@ -619,6 +627,10 @@ public Builder namespace(String namespace) { /** * @param namespaceInState Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs * + * * tune - (Optional) Extra configuration block. Structure is documented below. + * + * The `tune` block is used to tune the auth backend: + * * @return builder * */ @@ -630,6 +642,10 @@ public Builder namespaceInState(@Nullable Output namespaceInState) { /** * @param namespaceInState Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs * + * * tune - (Optional) Extra configuration block. Structure is documented below. + * + * The `tune` block is used to tune the auth backend: + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/jwt/inputs/AuthBackendState.java b/sdk/java/src/main/java/com/pulumi/vault/jwt/inputs/AuthBackendState.java index 5164468d4..731a421eb 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/jwt/inputs/AuthBackendState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/jwt/inputs/AuthBackendState.java @@ -195,6 +195,10 @@ public Optional> namespace() { /** * Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs * + * * tune - (Optional) Extra configuration block. Structure is documented below. + * + * The `tune` block is used to tune the auth backend: + * */ @Import(name="namespaceInState") private @Nullable Output namespaceInState; @@ -202,6 +206,10 @@ public Optional> namespace() { /** * @return Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs * + * * tune - (Optional) Extra configuration block. Structure is documented below. + * + * The `tune` block is used to tune the auth backend: + * */ public Optional> namespaceInState() { return Optional.ofNullable(this.namespaceInState); @@ -656,6 +664,10 @@ public Builder namespace(String namespace) { /** * @param namespaceInState Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs * + * * tune - (Optional) Extra configuration block. Structure is documented below. + * + * The `tune` block is used to tune the auth backend: + * * @return builder * */ @@ -667,6 +679,10 @@ public Builder namespaceInState(@Nullable Output namespaceInState) { /** * @param namespaceInState Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs * + * * tune - (Optional) Extra configuration block. Structure is documented below. + * + * The `tune` block is used to tune the auth backend: + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/kubernetes/AuthBackendRole.java b/sdk/java/src/main/java/com/pulumi/vault/kubernetes/AuthBackendRole.java index a240c4dae..045a31f56 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/kubernetes/AuthBackendRole.java +++ b/sdk/java/src/main/java/com/pulumi/vault/kubernetes/AuthBackendRole.java @@ -97,6 +97,10 @@ public Output aliasNameSource() { /** * Audience claim to verify in the JWT. * + * > Please see [alias_name_source](https://www.vaultproject.io/api-docs/auth/kubernetes#alias_name_source) + * before setting this to something other its default value. There are **important** security + * implications to be aware of. + * */ @Export(name="audience", refs={String.class}, tree="[0]") private Output audience; @@ -104,6 +108,10 @@ public Output aliasNameSource() { /** * @return Audience claim to verify in the JWT. * + * > Please see [alias_name_source](https://www.vaultproject.io/api-docs/auth/kubernetes#alias_name_source) + * before setting this to something other its default value. There are **important** security + * implications to be aware of. + * */ public Output> audience() { return Codegen.optional(this.audience); diff --git a/sdk/java/src/main/java/com/pulumi/vault/kubernetes/AuthBackendRoleArgs.java b/sdk/java/src/main/java/com/pulumi/vault/kubernetes/AuthBackendRoleArgs.java index 8f0ecb6ae..2e9a87cc4 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/kubernetes/AuthBackendRoleArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/kubernetes/AuthBackendRoleArgs.java @@ -38,6 +38,10 @@ public Optional> aliasNameSource() { /** * Audience claim to verify in the JWT. * + * > Please see [alias_name_source](https://www.vaultproject.io/api-docs/auth/kubernetes#alias_name_source) + * before setting this to something other its default value. There are **important** security + * implications to be aware of. + * */ @Import(name="audience") private @Nullable Output audience; @@ -45,6 +49,10 @@ public Optional> aliasNameSource() { /** * @return Audience claim to verify in the JWT. * + * > Please see [alias_name_source](https://www.vaultproject.io/api-docs/auth/kubernetes#alias_name_source) + * before setting this to something other its default value. There are **important** security + * implications to be aware of. + * */ public Optional> audience() { return Optional.ofNullable(this.audience); @@ -363,6 +371,10 @@ public Builder aliasNameSource(String aliasNameSource) { /** * @param audience Audience claim to verify in the JWT. * + * > Please see [alias_name_source](https://www.vaultproject.io/api-docs/auth/kubernetes#alias_name_source) + * before setting this to something other its default value. There are **important** security + * implications to be aware of. + * * @return builder * */ @@ -374,6 +386,10 @@ public Builder audience(@Nullable Output audience) { /** * @param audience Audience claim to verify in the JWT. * + * > Please see [alias_name_source](https://www.vaultproject.io/api-docs/auth/kubernetes#alias_name_source) + * before setting this to something other its default value. There are **important** security + * implications to be aware of. + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/kubernetes/SecretBackendRole.java b/sdk/java/src/main/java/com/pulumi/vault/kubernetes/SecretBackendRole.java index 9dc3cc707..2a3e10d15 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/kubernetes/SecretBackendRole.java +++ b/sdk/java/src/main/java/com/pulumi/vault/kubernetes/SecretBackendRole.java @@ -248,6 +248,8 @@ public Output>> extraAnnotations() { * Additional labels to apply to all generated Kubernetes * objects. * + * This resource also directly accepts all vault.Mount fields. + * */ @Export(name="extraLabels", refs={Map.class,String.class}, tree="[0,1,1]") private Output> extraLabels; @@ -256,6 +258,8 @@ public Output>> extraAnnotations() { * @return Additional labels to apply to all generated Kubernetes * objects. * + * This resource also directly accepts all vault.Mount fields. + * */ public Output>> extraLabels() { return Codegen.optional(this.extraLabels); diff --git a/sdk/java/src/main/java/com/pulumi/vault/kubernetes/SecretBackendRoleArgs.java b/sdk/java/src/main/java/com/pulumi/vault/kubernetes/SecretBackendRoleArgs.java index 2e1e067f1..c18de657c 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/kubernetes/SecretBackendRoleArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/kubernetes/SecretBackendRoleArgs.java @@ -73,6 +73,8 @@ public Optional>> extraAnnotations() { * Additional labels to apply to all generated Kubernetes * objects. * + * This resource also directly accepts all vault.Mount fields. + * */ @Import(name="extraLabels") private @Nullable Output> extraLabels; @@ -81,6 +83,8 @@ public Optional>> extraAnnotations() { * @return Additional labels to apply to all generated Kubernetes * objects. * + * This resource also directly accepts all vault.Mount fields. + * */ public Optional>> extraLabels() { return Optional.ofNullable(this.extraLabels); @@ -367,6 +371,8 @@ public Builder extraAnnotations(Map extraAnnotations) { * @param extraLabels Additional labels to apply to all generated Kubernetes * objects. * + * This resource also directly accepts all vault.Mount fields. + * * @return builder * */ @@ -379,6 +385,8 @@ public Builder extraLabels(@Nullable Output> extraLabels) { * @param extraLabels Additional labels to apply to all generated Kubernetes * objects. * + * This resource also directly accepts all vault.Mount fields. + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/kubernetes/inputs/AuthBackendRoleState.java b/sdk/java/src/main/java/com/pulumi/vault/kubernetes/inputs/AuthBackendRoleState.java index db526a204..bb90d26e2 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/kubernetes/inputs/AuthBackendRoleState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/kubernetes/inputs/AuthBackendRoleState.java @@ -38,6 +38,10 @@ public Optional> aliasNameSource() { /** * Audience claim to verify in the JWT. * + * > Please see [alias_name_source](https://www.vaultproject.io/api-docs/auth/kubernetes#alias_name_source) + * before setting this to something other its default value. There are **important** security + * implications to be aware of. + * */ @Import(name="audience") private @Nullable Output audience; @@ -45,6 +49,10 @@ public Optional> aliasNameSource() { /** * @return Audience claim to verify in the JWT. * + * > Please see [alias_name_source](https://www.vaultproject.io/api-docs/auth/kubernetes#alias_name_source) + * before setting this to something other its default value. There are **important** security + * implications to be aware of. + * */ public Optional> audience() { return Optional.ofNullable(this.audience); @@ -363,6 +371,10 @@ public Builder aliasNameSource(String aliasNameSource) { /** * @param audience Audience claim to verify in the JWT. * + * > Please see [alias_name_source](https://www.vaultproject.io/api-docs/auth/kubernetes#alias_name_source) + * before setting this to something other its default value. There are **important** security + * implications to be aware of. + * * @return builder * */ @@ -374,6 +386,10 @@ public Builder audience(@Nullable Output audience) { /** * @param audience Audience claim to verify in the JWT. * + * > Please see [alias_name_source](https://www.vaultproject.io/api-docs/auth/kubernetes#alias_name_source) + * before setting this to something other its default value. There are **important** security + * implications to be aware of. + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/kubernetes/inputs/SecretBackendRoleState.java b/sdk/java/src/main/java/com/pulumi/vault/kubernetes/inputs/SecretBackendRoleState.java index f667ffda4..9f0ce83b9 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/kubernetes/inputs/SecretBackendRoleState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/kubernetes/inputs/SecretBackendRoleState.java @@ -73,6 +73,8 @@ public Optional>> extraAnnotations() { * Additional labels to apply to all generated Kubernetes * objects. * + * This resource also directly accepts all vault.Mount fields. + * */ @Import(name="extraLabels") private @Nullable Output> extraLabels; @@ -81,6 +83,8 @@ public Optional>> extraAnnotations() { * @return Additional labels to apply to all generated Kubernetes * objects. * + * This resource also directly accepts all vault.Mount fields. + * */ public Optional>> extraLabels() { return Optional.ofNullable(this.extraLabels); @@ -367,6 +371,8 @@ public Builder extraAnnotations(Map extraAnnotations) { * @param extraLabels Additional labels to apply to all generated Kubernetes * objects. * + * This resource also directly accepts all vault.Mount fields. + * * @return builder * */ @@ -379,6 +385,8 @@ public Builder extraLabels(@Nullable Output> extraLabels) { * @param extraLabels Additional labels to apply to all generated Kubernetes * objects. * + * This resource also directly accepts all vault.Mount fields. + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/kv/KvFunctions.java b/sdk/java/src/main/java/com/pulumi/vault/kv/KvFunctions.java index 96d5b1f83..41e434dd9 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/kv/KvFunctions.java +++ b/sdk/java/src/main/java/com/pulumi/vault/kv/KvFunctions.java @@ -39,7 +39,7 @@ public final class KvFunctions { * import com.pulumi.vault.kv.Secret; * import com.pulumi.vault.kv.SecretArgs; * import com.pulumi.vault.kv.KvFunctions; - * import com.pulumi.vault.generic.inputs.GetSecretArgs; + * import com.pulumi.vault.kv.inputs.GetSecretArgs; * import static com.pulumi.codegen.internal.Serialization.*; * import java.util.List; * import java.util.ArrayList; @@ -98,7 +98,7 @@ public static Output getSecret(GetSecretArgs args) { * import com.pulumi.vault.kv.Secret; * import com.pulumi.vault.kv.SecretArgs; * import com.pulumi.vault.kv.KvFunctions; - * import com.pulumi.vault.generic.inputs.GetSecretArgs; + * import com.pulumi.vault.kv.inputs.GetSecretArgs; * import static com.pulumi.codegen.internal.Serialization.*; * import java.util.List; * import java.util.ArrayList; @@ -157,7 +157,7 @@ public static CompletableFuture getSecretPlain(GetSecretPlainAr * import com.pulumi.vault.kv.Secret; * import com.pulumi.vault.kv.SecretArgs; * import com.pulumi.vault.kv.KvFunctions; - * import com.pulumi.vault.generic.inputs.GetSecretArgs; + * import com.pulumi.vault.kv.inputs.GetSecretArgs; * import static com.pulumi.codegen.internal.Serialization.*; * import java.util.List; * import java.util.ArrayList; @@ -216,7 +216,7 @@ public static Output getSecret(GetSecretArgs args, InvokeOption * import com.pulumi.vault.kv.Secret; * import com.pulumi.vault.kv.SecretArgs; * import com.pulumi.vault.kv.KvFunctions; - * import com.pulumi.vault.generic.inputs.GetSecretArgs; + * import com.pulumi.vault.kv.inputs.GetSecretArgs; * import static com.pulumi.codegen.internal.Serialization.*; * import java.util.List; * import java.util.ArrayList; diff --git a/sdk/java/src/main/java/com/pulumi/vault/ldap/AuthBackend.java b/sdk/java/src/main/java/com/pulumi/vault/ldap/AuthBackend.java index 0ff08ccec..68c6ccdbf 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/ldap/AuthBackend.java +++ b/sdk/java/src/main/java/com/pulumi/vault/ldap/AuthBackend.java @@ -150,9 +150,17 @@ public Output clientTlsCert() { public Output clientTlsKey() { return this.clientTlsKey; } + /** + * Prevents users from bypassing authentication when providing an empty password. + * + */ @Export(name="denyNullBind", refs={Boolean.class}, tree="[0]") private Output denyNullBind; + /** + * @return Prevents users from bypassing authentication when providing an empty password. + * + */ public Output denyNullBind() { return this.denyNullBind; } @@ -186,9 +194,17 @@ public Output description() { public Output> disableRemount() { return Codegen.optional(this.disableRemount); } + /** + * Use anonymous bind to discover the bind DN of a user. + * + */ @Export(name="discoverdn", refs={Boolean.class}, tree="[0]") private Output discoverdn; + /** + * @return Use anonymous bind to discover the bind DN of a user. + * + */ public Output discoverdn() { return this.discoverdn; } @@ -493,36 +509,28 @@ public Output> tokenTtl() { return Codegen.optional(this.tokenTtl); } /** - * The type of token that should be generated. Can be `service`, - * `batch`, or `default` to use the mount's tuned default (which unless changed will be - * `service` tokens). For token store roles, there are two additional possibilities: - * `default-service` and `default-batch` which specify the type to return unless the client - * requests a different type at generation time. + * The type of token to generate, service or batch * */ @Export(name="tokenType", refs={String.class}, tree="[0]") private Output tokenType; /** - * @return The type of token that should be generated. Can be `service`, - * `batch`, or `default` to use the mount's tuned default (which unless changed will be - * `service` tokens). For token store roles, there are two additional possibilities: - * `default-service` and `default-batch` which specify the type to return unless the client - * requests a different type at generation time. + * @return The type of token to generate, service or batch * */ public Output> tokenType() { return Codegen.optional(this.tokenType); } /** - * The userPrincipalDomain used to construct UPN string + * The `userPrincipalDomain` used to construct the UPN string for the authenticating user. * */ @Export(name="upndomain", refs={String.class}, tree="[0]") private Output upndomain; /** - * @return The userPrincipalDomain used to construct UPN string + * @return The `userPrincipalDomain` used to construct the UPN string for the authenticating user. * */ public Output upndomain() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/ldap/AuthBackendArgs.java b/sdk/java/src/main/java/com/pulumi/vault/ldap/AuthBackendArgs.java index 2ef78bd70..9febd4b46 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/ldap/AuthBackendArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/ldap/AuthBackendArgs.java @@ -92,9 +92,17 @@ public Optional> clientTlsKey() { return Optional.ofNullable(this.clientTlsKey); } + /** + * Prevents users from bypassing authentication when providing an empty password. + * + */ @Import(name="denyNullBind") private @Nullable Output denyNullBind; + /** + * @return Prevents users from bypassing authentication when providing an empty password. + * + */ public Optional> denyNullBind() { return Optional.ofNullable(this.denyNullBind); } @@ -131,9 +139,17 @@ public Optional> disableRemount() { return Optional.ofNullable(this.disableRemount); } + /** + * Use anonymous bind to discover the bind DN of a user. + * + */ @Import(name="discoverdn") private @Nullable Output discoverdn; + /** + * @return Use anonymous bind to discover the bind DN of a user. + * + */ public Optional> discoverdn() { return Optional.ofNullable(this.discoverdn); } @@ -458,22 +474,14 @@ public Optional> tokenTtl() { } /** - * The type of token that should be generated. Can be `service`, - * `batch`, or `default` to use the mount's tuned default (which unless changed will be - * `service` tokens). For token store roles, there are two additional possibilities: - * `default-service` and `default-batch` which specify the type to return unless the client - * requests a different type at generation time. + * The type of token to generate, service or batch * */ @Import(name="tokenType") private @Nullable Output tokenType; /** - * @return The type of token that should be generated. Can be `service`, - * `batch`, or `default` to use the mount's tuned default (which unless changed will be - * `service` tokens). For token store roles, there are two additional possibilities: - * `default-service` and `default-batch` which specify the type to return unless the client - * requests a different type at generation time. + * @return The type of token to generate, service or batch * */ public Optional> tokenType() { @@ -481,14 +489,14 @@ public Optional> tokenType() { } /** - * The userPrincipalDomain used to construct UPN string + * The `userPrincipalDomain` used to construct the UPN string for the authenticating user. * */ @Import(name="upndomain") private @Nullable Output upndomain; /** - * @return The userPrincipalDomain used to construct UPN string + * @return The `userPrincipalDomain` used to construct the UPN string for the authenticating user. * */ public Optional> upndomain() { @@ -747,11 +755,23 @@ public Builder clientTlsKey(String clientTlsKey) { return clientTlsKey(Output.of(clientTlsKey)); } + /** + * @param denyNullBind Prevents users from bypassing authentication when providing an empty password. + * + * @return builder + * + */ public Builder denyNullBind(@Nullable Output denyNullBind) { $.denyNullBind = denyNullBind; return this; } + /** + * @param denyNullBind Prevents users from bypassing authentication when providing an empty password. + * + * @return builder + * + */ public Builder denyNullBind(Boolean denyNullBind) { return denyNullBind(Output.of(denyNullBind)); } @@ -800,11 +820,23 @@ public Builder disableRemount(Boolean disableRemount) { return disableRemount(Output.of(disableRemount)); } + /** + * @param discoverdn Use anonymous bind to discover the bind DN of a user. + * + * @return builder + * + */ public Builder discoverdn(@Nullable Output discoverdn) { $.discoverdn = discoverdn; return this; } + /** + * @param discoverdn Use anonymous bind to discover the bind DN of a user. + * + * @return builder + * + */ public Builder discoverdn(Boolean discoverdn) { return discoverdn(Output.of(discoverdn)); } @@ -1266,11 +1298,7 @@ public Builder tokenTtl(Integer tokenTtl) { } /** - * @param tokenType The type of token that should be generated. Can be `service`, - * `batch`, or `default` to use the mount's tuned default (which unless changed will be - * `service` tokens). For token store roles, there are two additional possibilities: - * `default-service` and `default-batch` which specify the type to return unless the client - * requests a different type at generation time. + * @param tokenType The type of token to generate, service or batch * * @return builder * @@ -1281,11 +1309,7 @@ public Builder tokenType(@Nullable Output tokenType) { } /** - * @param tokenType The type of token that should be generated. Can be `service`, - * `batch`, or `default` to use the mount's tuned default (which unless changed will be - * `service` tokens). For token store roles, there are two additional possibilities: - * `default-service` and `default-batch` which specify the type to return unless the client - * requests a different type at generation time. + * @param tokenType The type of token to generate, service or batch * * @return builder * @@ -1295,7 +1319,7 @@ public Builder tokenType(String tokenType) { } /** - * @param upndomain The userPrincipalDomain used to construct UPN string + * @param upndomain The `userPrincipalDomain` used to construct the UPN string for the authenticating user. * * @return builder * @@ -1306,7 +1330,7 @@ public Builder upndomain(@Nullable Output upndomain) { } /** - * @param upndomain The userPrincipalDomain used to construct UPN string + * @param upndomain The `userPrincipalDomain` used to construct the UPN string for the authenticating user. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/ldap/AuthBackendGroup.java b/sdk/java/src/main/java/com/pulumi/vault/ldap/AuthBackendGroup.java index af9bc9bf4..fade6c0c2 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/ldap/AuthBackendGroup.java +++ b/sdk/java/src/main/java/com/pulumi/vault/ldap/AuthBackendGroup.java @@ -77,6 +77,8 @@ public class AuthBackendGroup extends com.pulumi.resources.CustomResource { /** * Path to the authentication backend * + * For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). + * */ @Export(name="backend", refs={String.class}, tree="[0]") private Output backend; @@ -84,6 +86,8 @@ public class AuthBackendGroup extends com.pulumi.resources.CustomResource { /** * @return Path to the authentication backend * + * For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). + * */ public Output> backend() { return Codegen.optional(this.backend); diff --git a/sdk/java/src/main/java/com/pulumi/vault/ldap/AuthBackendGroupArgs.java b/sdk/java/src/main/java/com/pulumi/vault/ldap/AuthBackendGroupArgs.java index 485b59e93..f8e183469 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/ldap/AuthBackendGroupArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/ldap/AuthBackendGroupArgs.java @@ -19,6 +19,8 @@ public final class AuthBackendGroupArgs extends com.pulumi.resources.ResourceArg /** * Path to the authentication backend * + * For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). + * */ @Import(name="backend") private @Nullable Output backend; @@ -26,6 +28,8 @@ public final class AuthBackendGroupArgs extends com.pulumi.resources.ResourceArg /** * @return Path to the authentication backend * + * For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). + * */ public Optional> backend() { return Optional.ofNullable(this.backend); @@ -112,6 +116,8 @@ public Builder(AuthBackendGroupArgs defaults) { /** * @param backend Path to the authentication backend * + * For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). + * * @return builder * */ @@ -123,6 +129,8 @@ public Builder backend(@Nullable Output backend) { /** * @param backend Path to the authentication backend * + * For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/ldap/AuthBackendUser.java b/sdk/java/src/main/java/com/pulumi/vault/ldap/AuthBackendUser.java index 9a564f047..a413e3188 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/ldap/AuthBackendUser.java +++ b/sdk/java/src/main/java/com/pulumi/vault/ldap/AuthBackendUser.java @@ -79,6 +79,8 @@ public class AuthBackendUser extends com.pulumi.resources.CustomResource { /** * Path to the authentication backend * + * For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). + * */ @Export(name="backend", refs={String.class}, tree="[0]") private Output backend; @@ -86,6 +88,8 @@ public class AuthBackendUser extends com.pulumi.resources.CustomResource { /** * @return Path to the authentication backend * + * For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). + * */ public Output> backend() { return Codegen.optional(this.backend); diff --git a/sdk/java/src/main/java/com/pulumi/vault/ldap/AuthBackendUserArgs.java b/sdk/java/src/main/java/com/pulumi/vault/ldap/AuthBackendUserArgs.java index 4239dfc63..2fbdcc04f 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/ldap/AuthBackendUserArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/ldap/AuthBackendUserArgs.java @@ -19,6 +19,8 @@ public final class AuthBackendUserArgs extends com.pulumi.resources.ResourceArgs /** * Path to the authentication backend * + * For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). + * */ @Import(name="backend") private @Nullable Output backend; @@ -26,6 +28,8 @@ public final class AuthBackendUserArgs extends com.pulumi.resources.ResourceArgs /** * @return Path to the authentication backend * + * For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). + * */ public Optional> backend() { return Optional.ofNullable(this.backend); @@ -128,6 +132,8 @@ public Builder(AuthBackendUserArgs defaults) { /** * @param backend Path to the authentication backend * + * For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). + * * @return builder * */ @@ -139,6 +145,8 @@ public Builder backend(@Nullable Output backend) { /** * @param backend Path to the authentication backend * + * For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/ldap/LdapFunctions.java b/sdk/java/src/main/java/com/pulumi/vault/ldap/LdapFunctions.java new file mode 100644 index 000000000..1ea6c6da5 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/vault/ldap/LdapFunctions.java @@ -0,0 +1,44 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.vault.ldap; + +import com.pulumi.core.Output; +import com.pulumi.core.TypeShape; +import com.pulumi.deployment.Deployment; +import com.pulumi.deployment.InvokeOptions; +import com.pulumi.vault.Utilities; +import com.pulumi.vault.ldap.inputs.GetDynamicCredentialsArgs; +import com.pulumi.vault.ldap.inputs.GetDynamicCredentialsPlainArgs; +import com.pulumi.vault.ldap.inputs.GetStaticCredentialsArgs; +import com.pulumi.vault.ldap.inputs.GetStaticCredentialsPlainArgs; +import com.pulumi.vault.ldap.outputs.GetDynamicCredentialsResult; +import com.pulumi.vault.ldap.outputs.GetStaticCredentialsResult; +import java.util.concurrent.CompletableFuture; + +public final class LdapFunctions { + public static Output getDynamicCredentials(GetDynamicCredentialsArgs args) { + return getDynamicCredentials(args, InvokeOptions.Empty); + } + public static CompletableFuture getDynamicCredentialsPlain(GetDynamicCredentialsPlainArgs args) { + return getDynamicCredentialsPlain(args, InvokeOptions.Empty); + } + public static Output getDynamicCredentials(GetDynamicCredentialsArgs args, InvokeOptions options) { + return Deployment.getInstance().invoke("vault:ldap/getDynamicCredentials:getDynamicCredentials", TypeShape.of(GetDynamicCredentialsResult.class), args, Utilities.withVersion(options)); + } + public static CompletableFuture getDynamicCredentialsPlain(GetDynamicCredentialsPlainArgs args, InvokeOptions options) { + return Deployment.getInstance().invokeAsync("vault:ldap/getDynamicCredentials:getDynamicCredentials", TypeShape.of(GetDynamicCredentialsResult.class), args, Utilities.withVersion(options)); + } + public static Output getStaticCredentials(GetStaticCredentialsArgs args) { + return getStaticCredentials(args, InvokeOptions.Empty); + } + public static CompletableFuture getStaticCredentialsPlain(GetStaticCredentialsPlainArgs args) { + return getStaticCredentialsPlain(args, InvokeOptions.Empty); + } + public static Output getStaticCredentials(GetStaticCredentialsArgs args, InvokeOptions options) { + return Deployment.getInstance().invoke("vault:ldap/getStaticCredentials:getStaticCredentials", TypeShape.of(GetStaticCredentialsResult.class), args, Utilities.withVersion(options)); + } + public static CompletableFuture getStaticCredentialsPlain(GetStaticCredentialsPlainArgs args, InvokeOptions options) { + return Deployment.getInstance().invokeAsync("vault:ldap/getStaticCredentials:getStaticCredentials", TypeShape.of(GetStaticCredentialsResult.class), args, Utilities.withVersion(options)); + } +} diff --git a/sdk/java/src/main/java/com/pulumi/vault/ldap/inputs/AuthBackendGroupState.java b/sdk/java/src/main/java/com/pulumi/vault/ldap/inputs/AuthBackendGroupState.java index b7ea86caf..65bbaa109 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/ldap/inputs/AuthBackendGroupState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/ldap/inputs/AuthBackendGroupState.java @@ -19,6 +19,8 @@ public final class AuthBackendGroupState extends com.pulumi.resources.ResourceAr /** * Path to the authentication backend * + * For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). + * */ @Import(name="backend") private @Nullable Output backend; @@ -26,6 +28,8 @@ public final class AuthBackendGroupState extends com.pulumi.resources.ResourceAr /** * @return Path to the authentication backend * + * For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). + * */ public Optional> backend() { return Optional.ofNullable(this.backend); @@ -112,6 +116,8 @@ public Builder(AuthBackendGroupState defaults) { /** * @param backend Path to the authentication backend * + * For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). + * * @return builder * */ @@ -123,6 +129,8 @@ public Builder backend(@Nullable Output backend) { /** * @param backend Path to the authentication backend * + * For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/ldap/inputs/AuthBackendState.java b/sdk/java/src/main/java/com/pulumi/vault/ldap/inputs/AuthBackendState.java index 9781b32be..6ac239854 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/ldap/inputs/AuthBackendState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/ldap/inputs/AuthBackendState.java @@ -107,9 +107,17 @@ public Optional> clientTlsKey() { return Optional.ofNullable(this.clientTlsKey); } + /** + * Prevents users from bypassing authentication when providing an empty password. + * + */ @Import(name="denyNullBind") private @Nullable Output denyNullBind; + /** + * @return Prevents users from bypassing authentication when providing an empty password. + * + */ public Optional> denyNullBind() { return Optional.ofNullable(this.denyNullBind); } @@ -146,9 +154,17 @@ public Optional> disableRemount() { return Optional.ofNullable(this.disableRemount); } + /** + * Use anonymous bind to discover the bind DN of a user. + * + */ @Import(name="discoverdn") private @Nullable Output discoverdn; + /** + * @return Use anonymous bind to discover the bind DN of a user. + * + */ public Optional> discoverdn() { return Optional.ofNullable(this.discoverdn); } @@ -473,22 +489,14 @@ public Optional> tokenTtl() { } /** - * The type of token that should be generated. Can be `service`, - * `batch`, or `default` to use the mount's tuned default (which unless changed will be - * `service` tokens). For token store roles, there are two additional possibilities: - * `default-service` and `default-batch` which specify the type to return unless the client - * requests a different type at generation time. + * The type of token to generate, service or batch * */ @Import(name="tokenType") private @Nullable Output tokenType; /** - * @return The type of token that should be generated. Can be `service`, - * `batch`, or `default` to use the mount's tuned default (which unless changed will be - * `service` tokens). For token store roles, there are two additional possibilities: - * `default-service` and `default-batch` which specify the type to return unless the client - * requests a different type at generation time. + * @return The type of token to generate, service or batch * */ public Optional> tokenType() { @@ -496,14 +504,14 @@ public Optional> tokenType() { } /** - * The userPrincipalDomain used to construct UPN string + * The `userPrincipalDomain` used to construct the UPN string for the authenticating user. * */ @Import(name="upndomain") private @Nullable Output upndomain; /** - * @return The userPrincipalDomain used to construct UPN string + * @return The `userPrincipalDomain` used to construct the UPN string for the authenticating user. * */ public Optional> upndomain() { @@ -784,11 +792,23 @@ public Builder clientTlsKey(String clientTlsKey) { return clientTlsKey(Output.of(clientTlsKey)); } + /** + * @param denyNullBind Prevents users from bypassing authentication when providing an empty password. + * + * @return builder + * + */ public Builder denyNullBind(@Nullable Output denyNullBind) { $.denyNullBind = denyNullBind; return this; } + /** + * @param denyNullBind Prevents users from bypassing authentication when providing an empty password. + * + * @return builder + * + */ public Builder denyNullBind(Boolean denyNullBind) { return denyNullBind(Output.of(denyNullBind)); } @@ -837,11 +857,23 @@ public Builder disableRemount(Boolean disableRemount) { return disableRemount(Output.of(disableRemount)); } + /** + * @param discoverdn Use anonymous bind to discover the bind DN of a user. + * + * @return builder + * + */ public Builder discoverdn(@Nullable Output discoverdn) { $.discoverdn = discoverdn; return this; } + /** + * @param discoverdn Use anonymous bind to discover the bind DN of a user. + * + * @return builder + * + */ public Builder discoverdn(Boolean discoverdn) { return discoverdn(Output.of(discoverdn)); } @@ -1303,11 +1335,7 @@ public Builder tokenTtl(Integer tokenTtl) { } /** - * @param tokenType The type of token that should be generated. Can be `service`, - * `batch`, or `default` to use the mount's tuned default (which unless changed will be - * `service` tokens). For token store roles, there are two additional possibilities: - * `default-service` and `default-batch` which specify the type to return unless the client - * requests a different type at generation time. + * @param tokenType The type of token to generate, service or batch * * @return builder * @@ -1318,11 +1346,7 @@ public Builder tokenType(@Nullable Output tokenType) { } /** - * @param tokenType The type of token that should be generated. Can be `service`, - * `batch`, or `default` to use the mount's tuned default (which unless changed will be - * `service` tokens). For token store roles, there are two additional possibilities: - * `default-service` and `default-batch` which specify the type to return unless the client - * requests a different type at generation time. + * @param tokenType The type of token to generate, service or batch * * @return builder * @@ -1332,7 +1356,7 @@ public Builder tokenType(String tokenType) { } /** - * @param upndomain The userPrincipalDomain used to construct UPN string + * @param upndomain The `userPrincipalDomain` used to construct the UPN string for the authenticating user. * * @return builder * @@ -1343,7 +1367,7 @@ public Builder upndomain(@Nullable Output upndomain) { } /** - * @param upndomain The userPrincipalDomain used to construct UPN string + * @param upndomain The `userPrincipalDomain` used to construct the UPN string for the authenticating user. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/ldap/inputs/AuthBackendUserState.java b/sdk/java/src/main/java/com/pulumi/vault/ldap/inputs/AuthBackendUserState.java index f0cf2a236..e3c822bca 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/ldap/inputs/AuthBackendUserState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/ldap/inputs/AuthBackendUserState.java @@ -19,6 +19,8 @@ public final class AuthBackendUserState extends com.pulumi.resources.ResourceArg /** * Path to the authentication backend * + * For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). + * */ @Import(name="backend") private @Nullable Output backend; @@ -26,6 +28,8 @@ public final class AuthBackendUserState extends com.pulumi.resources.ResourceArg /** * @return Path to the authentication backend * + * For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). + * */ public Optional> backend() { return Optional.ofNullable(this.backend); @@ -128,6 +132,8 @@ public Builder(AuthBackendUserState defaults) { /** * @param backend Path to the authentication backend * + * For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). + * * @return builder * */ @@ -139,6 +145,8 @@ public Builder backend(@Nullable Output backend) { /** * @param backend Path to the authentication backend * + * For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/ldap/inputs/GetDynamicCredentialsArgs.java b/sdk/java/src/main/java/com/pulumi/vault/ldap/inputs/GetDynamicCredentialsArgs.java new file mode 100644 index 000000000..fe16b64d4 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/vault/ldap/inputs/GetDynamicCredentialsArgs.java @@ -0,0 +1,99 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.vault.ldap.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class GetDynamicCredentialsArgs extends com.pulumi.resources.InvokeArgs { + + public static final GetDynamicCredentialsArgs Empty = new GetDynamicCredentialsArgs(); + + @Import(name="mount", required=true) + private Output mount; + + public Output mount() { + return this.mount; + } + + @Import(name="namespace") + private @Nullable Output namespace; + + public Optional> namespace() { + return Optional.ofNullable(this.namespace); + } + + @Import(name="roleName", required=true) + private Output roleName; + + public Output roleName() { + return this.roleName; + } + + private GetDynamicCredentialsArgs() {} + + private GetDynamicCredentialsArgs(GetDynamicCredentialsArgs $) { + this.mount = $.mount; + this.namespace = $.namespace; + this.roleName = $.roleName; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(GetDynamicCredentialsArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private GetDynamicCredentialsArgs $; + + public Builder() { + $ = new GetDynamicCredentialsArgs(); + } + + public Builder(GetDynamicCredentialsArgs defaults) { + $ = new GetDynamicCredentialsArgs(Objects.requireNonNull(defaults)); + } + + public Builder mount(Output mount) { + $.mount = mount; + return this; + } + + public Builder mount(String mount) { + return mount(Output.of(mount)); + } + + public Builder namespace(@Nullable Output namespace) { + $.namespace = namespace; + return this; + } + + public Builder namespace(String namespace) { + return namespace(Output.of(namespace)); + } + + public Builder roleName(Output roleName) { + $.roleName = roleName; + return this; + } + + public Builder roleName(String roleName) { + return roleName(Output.of(roleName)); + } + + public GetDynamicCredentialsArgs build() { + $.mount = Objects.requireNonNull($.mount, "expected parameter 'mount' to be non-null"); + $.roleName = Objects.requireNonNull($.roleName, "expected parameter 'roleName' to be non-null"); + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/vault/ldap/inputs/GetDynamicCredentialsPlainArgs.java b/sdk/java/src/main/java/com/pulumi/vault/ldap/inputs/GetDynamicCredentialsPlainArgs.java new file mode 100644 index 000000000..9a37f95d3 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/vault/ldap/inputs/GetDynamicCredentialsPlainArgs.java @@ -0,0 +1,86 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.vault.ldap.inputs; + +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class GetDynamicCredentialsPlainArgs extends com.pulumi.resources.InvokeArgs { + + public static final GetDynamicCredentialsPlainArgs Empty = new GetDynamicCredentialsPlainArgs(); + + @Import(name="mount", required=true) + private String mount; + + public String mount() { + return this.mount; + } + + @Import(name="namespace") + private @Nullable String namespace; + + public Optional namespace() { + return Optional.ofNullable(this.namespace); + } + + @Import(name="roleName", required=true) + private String roleName; + + public String roleName() { + return this.roleName; + } + + private GetDynamicCredentialsPlainArgs() {} + + private GetDynamicCredentialsPlainArgs(GetDynamicCredentialsPlainArgs $) { + this.mount = $.mount; + this.namespace = $.namespace; + this.roleName = $.roleName; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(GetDynamicCredentialsPlainArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private GetDynamicCredentialsPlainArgs $; + + public Builder() { + $ = new GetDynamicCredentialsPlainArgs(); + } + + public Builder(GetDynamicCredentialsPlainArgs defaults) { + $ = new GetDynamicCredentialsPlainArgs(Objects.requireNonNull(defaults)); + } + + public Builder mount(String mount) { + $.mount = mount; + return this; + } + + public Builder namespace(@Nullable String namespace) { + $.namespace = namespace; + return this; + } + + public Builder roleName(String roleName) { + $.roleName = roleName; + return this; + } + + public GetDynamicCredentialsPlainArgs build() { + $.mount = Objects.requireNonNull($.mount, "expected parameter 'mount' to be non-null"); + $.roleName = Objects.requireNonNull($.roleName, "expected parameter 'roleName' to be non-null"); + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/vault/ldap/inputs/GetStaticCredentialsArgs.java b/sdk/java/src/main/java/com/pulumi/vault/ldap/inputs/GetStaticCredentialsArgs.java new file mode 100644 index 000000000..2ad36cb01 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/vault/ldap/inputs/GetStaticCredentialsArgs.java @@ -0,0 +1,99 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.vault.ldap.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class GetStaticCredentialsArgs extends com.pulumi.resources.InvokeArgs { + + public static final GetStaticCredentialsArgs Empty = new GetStaticCredentialsArgs(); + + @Import(name="mount", required=true) + private Output mount; + + public Output mount() { + return this.mount; + } + + @Import(name="namespace") + private @Nullable Output namespace; + + public Optional> namespace() { + return Optional.ofNullable(this.namespace); + } + + @Import(name="roleName", required=true) + private Output roleName; + + public Output roleName() { + return this.roleName; + } + + private GetStaticCredentialsArgs() {} + + private GetStaticCredentialsArgs(GetStaticCredentialsArgs $) { + this.mount = $.mount; + this.namespace = $.namespace; + this.roleName = $.roleName; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(GetStaticCredentialsArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private GetStaticCredentialsArgs $; + + public Builder() { + $ = new GetStaticCredentialsArgs(); + } + + public Builder(GetStaticCredentialsArgs defaults) { + $ = new GetStaticCredentialsArgs(Objects.requireNonNull(defaults)); + } + + public Builder mount(Output mount) { + $.mount = mount; + return this; + } + + public Builder mount(String mount) { + return mount(Output.of(mount)); + } + + public Builder namespace(@Nullable Output namespace) { + $.namespace = namespace; + return this; + } + + public Builder namespace(String namespace) { + return namespace(Output.of(namespace)); + } + + public Builder roleName(Output roleName) { + $.roleName = roleName; + return this; + } + + public Builder roleName(String roleName) { + return roleName(Output.of(roleName)); + } + + public GetStaticCredentialsArgs build() { + $.mount = Objects.requireNonNull($.mount, "expected parameter 'mount' to be non-null"); + $.roleName = Objects.requireNonNull($.roleName, "expected parameter 'roleName' to be non-null"); + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/vault/ldap/inputs/GetStaticCredentialsPlainArgs.java b/sdk/java/src/main/java/com/pulumi/vault/ldap/inputs/GetStaticCredentialsPlainArgs.java new file mode 100644 index 000000000..9c0311490 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/vault/ldap/inputs/GetStaticCredentialsPlainArgs.java @@ -0,0 +1,86 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.vault.ldap.inputs; + +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class GetStaticCredentialsPlainArgs extends com.pulumi.resources.InvokeArgs { + + public static final GetStaticCredentialsPlainArgs Empty = new GetStaticCredentialsPlainArgs(); + + @Import(name="mount", required=true) + private String mount; + + public String mount() { + return this.mount; + } + + @Import(name="namespace") + private @Nullable String namespace; + + public Optional namespace() { + return Optional.ofNullable(this.namespace); + } + + @Import(name="roleName", required=true) + private String roleName; + + public String roleName() { + return this.roleName; + } + + private GetStaticCredentialsPlainArgs() {} + + private GetStaticCredentialsPlainArgs(GetStaticCredentialsPlainArgs $) { + this.mount = $.mount; + this.namespace = $.namespace; + this.roleName = $.roleName; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(GetStaticCredentialsPlainArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private GetStaticCredentialsPlainArgs $; + + public Builder() { + $ = new GetStaticCredentialsPlainArgs(); + } + + public Builder(GetStaticCredentialsPlainArgs defaults) { + $ = new GetStaticCredentialsPlainArgs(Objects.requireNonNull(defaults)); + } + + public Builder mount(String mount) { + $.mount = mount; + return this; + } + + public Builder namespace(@Nullable String namespace) { + $.namespace = namespace; + return this; + } + + public Builder roleName(String roleName) { + $.roleName = roleName; + return this; + } + + public GetStaticCredentialsPlainArgs build() { + $.mount = Objects.requireNonNull($.mount, "expected parameter 'mount' to be non-null"); + $.roleName = Objects.requireNonNull($.roleName, "expected parameter 'roleName' to be non-null"); + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/vault/ldap/outputs/GetDynamicCredentialsResult.java b/sdk/java/src/main/java/com/pulumi/vault/ldap/outputs/GetDynamicCredentialsResult.java new file mode 100644 index 000000000..7ee48734a --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/vault/ldap/outputs/GetDynamicCredentialsResult.java @@ -0,0 +1,170 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.vault.ldap.outputs; + +import com.pulumi.core.annotations.CustomType; +import java.lang.Boolean; +import java.lang.Integer; +import java.lang.String; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class GetDynamicCredentialsResult { + private List distinguishedNames; + /** + * @return The provider-assigned unique ID for this managed resource. + * + */ + private String id; + private Integer leaseDuration; + private String leaseId; + private Boolean leaseRenewable; + private String mount; + private @Nullable String namespace; + private String password; + private String roleName; + private String username; + + private GetDynamicCredentialsResult() {} + public List distinguishedNames() { + return this.distinguishedNames; + } + /** + * @return The provider-assigned unique ID for this managed resource. + * + */ + public String id() { + return this.id; + } + public Integer leaseDuration() { + return this.leaseDuration; + } + public String leaseId() { + return this.leaseId; + } + public Boolean leaseRenewable() { + return this.leaseRenewable; + } + public String mount() { + return this.mount; + } + public Optional namespace() { + return Optional.ofNullable(this.namespace); + } + public String password() { + return this.password; + } + public String roleName() { + return this.roleName; + } + public String username() { + return this.username; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetDynamicCredentialsResult defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private List distinguishedNames; + private String id; + private Integer leaseDuration; + private String leaseId; + private Boolean leaseRenewable; + private String mount; + private @Nullable String namespace; + private String password; + private String roleName; + private String username; + public Builder() {} + public Builder(GetDynamicCredentialsResult defaults) { + Objects.requireNonNull(defaults); + this.distinguishedNames = defaults.distinguishedNames; + this.id = defaults.id; + this.leaseDuration = defaults.leaseDuration; + this.leaseId = defaults.leaseId; + this.leaseRenewable = defaults.leaseRenewable; + this.mount = defaults.mount; + this.namespace = defaults.namespace; + this.password = defaults.password; + this.roleName = defaults.roleName; + this.username = defaults.username; + } + + @CustomType.Setter + public Builder distinguishedNames(List distinguishedNames) { + this.distinguishedNames = Objects.requireNonNull(distinguishedNames); + return this; + } + public Builder distinguishedNames(String... distinguishedNames) { + return distinguishedNames(List.of(distinguishedNames)); + } + @CustomType.Setter + public Builder id(String id) { + this.id = Objects.requireNonNull(id); + return this; + } + @CustomType.Setter + public Builder leaseDuration(Integer leaseDuration) { + this.leaseDuration = Objects.requireNonNull(leaseDuration); + return this; + } + @CustomType.Setter + public Builder leaseId(String leaseId) { + this.leaseId = Objects.requireNonNull(leaseId); + return this; + } + @CustomType.Setter + public Builder leaseRenewable(Boolean leaseRenewable) { + this.leaseRenewable = Objects.requireNonNull(leaseRenewable); + return this; + } + @CustomType.Setter + public Builder mount(String mount) { + this.mount = Objects.requireNonNull(mount); + return this; + } + @CustomType.Setter + public Builder namespace(@Nullable String namespace) { + this.namespace = namespace; + return this; + } + @CustomType.Setter + public Builder password(String password) { + this.password = Objects.requireNonNull(password); + return this; + } + @CustomType.Setter + public Builder roleName(String roleName) { + this.roleName = Objects.requireNonNull(roleName); + return this; + } + @CustomType.Setter + public Builder username(String username) { + this.username = Objects.requireNonNull(username); + return this; + } + public GetDynamicCredentialsResult build() { + final var o = new GetDynamicCredentialsResult(); + o.distinguishedNames = distinguishedNames; + o.id = id; + o.leaseDuration = leaseDuration; + o.leaseId = leaseId; + o.leaseRenewable = leaseRenewable; + o.mount = mount; + o.namespace = namespace; + o.password = password; + o.roleName = roleName; + o.username = username; + return o; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/vault/ldap/outputs/GetStaticCredentialsResult.java b/sdk/java/src/main/java/com/pulumi/vault/ldap/outputs/GetStaticCredentialsResult.java new file mode 100644 index 000000000..8d179e4a2 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/vault/ldap/outputs/GetStaticCredentialsResult.java @@ -0,0 +1,177 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.vault.ldap.outputs; + +import com.pulumi.core.annotations.CustomType; +import java.lang.Integer; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class GetStaticCredentialsResult { + private String dn; + /** + * @return The provider-assigned unique ID for this managed resource. + * + */ + private String id; + private String lastPassword; + private String lastVaultRotation; + private String mount; + private @Nullable String namespace; + private String password; + private String roleName; + private Integer rotationPeriod; + private Integer ttl; + private String username; + + private GetStaticCredentialsResult() {} + public String dn() { + return this.dn; + } + /** + * @return The provider-assigned unique ID for this managed resource. + * + */ + public String id() { + return this.id; + } + public String lastPassword() { + return this.lastPassword; + } + public String lastVaultRotation() { + return this.lastVaultRotation; + } + public String mount() { + return this.mount; + } + public Optional namespace() { + return Optional.ofNullable(this.namespace); + } + public String password() { + return this.password; + } + public String roleName() { + return this.roleName; + } + public Integer rotationPeriod() { + return this.rotationPeriod; + } + public Integer ttl() { + return this.ttl; + } + public String username() { + return this.username; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetStaticCredentialsResult defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String dn; + private String id; + private String lastPassword; + private String lastVaultRotation; + private String mount; + private @Nullable String namespace; + private String password; + private String roleName; + private Integer rotationPeriod; + private Integer ttl; + private String username; + public Builder() {} + public Builder(GetStaticCredentialsResult defaults) { + Objects.requireNonNull(defaults); + this.dn = defaults.dn; + this.id = defaults.id; + this.lastPassword = defaults.lastPassword; + this.lastVaultRotation = defaults.lastVaultRotation; + this.mount = defaults.mount; + this.namespace = defaults.namespace; + this.password = defaults.password; + this.roleName = defaults.roleName; + this.rotationPeriod = defaults.rotationPeriod; + this.ttl = defaults.ttl; + this.username = defaults.username; + } + + @CustomType.Setter + public Builder dn(String dn) { + this.dn = Objects.requireNonNull(dn); + return this; + } + @CustomType.Setter + public Builder id(String id) { + this.id = Objects.requireNonNull(id); + return this; + } + @CustomType.Setter + public Builder lastPassword(String lastPassword) { + this.lastPassword = Objects.requireNonNull(lastPassword); + return this; + } + @CustomType.Setter + public Builder lastVaultRotation(String lastVaultRotation) { + this.lastVaultRotation = Objects.requireNonNull(lastVaultRotation); + return this; + } + @CustomType.Setter + public Builder mount(String mount) { + this.mount = Objects.requireNonNull(mount); + return this; + } + @CustomType.Setter + public Builder namespace(@Nullable String namespace) { + this.namespace = namespace; + return this; + } + @CustomType.Setter + public Builder password(String password) { + this.password = Objects.requireNonNull(password); + return this; + } + @CustomType.Setter + public Builder roleName(String roleName) { + this.roleName = Objects.requireNonNull(roleName); + return this; + } + @CustomType.Setter + public Builder rotationPeriod(Integer rotationPeriod) { + this.rotationPeriod = Objects.requireNonNull(rotationPeriod); + return this; + } + @CustomType.Setter + public Builder ttl(Integer ttl) { + this.ttl = Objects.requireNonNull(ttl); + return this; + } + @CustomType.Setter + public Builder username(String username) { + this.username = Objects.requireNonNull(username); + return this; + } + public GetStaticCredentialsResult build() { + final var o = new GetStaticCredentialsResult(); + o.dn = dn; + o.id = id; + o.lastPassword = lastPassword; + o.lastVaultRotation = lastVaultRotation; + o.mount = mount; + o.namespace = namespace; + o.password = password; + o.roleName = roleName; + o.rotationPeriod = rotationPeriod; + o.ttl = ttl; + o.username = username; + return o; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/vault/managed/inputs/KeysAwArgs.java b/sdk/java/src/main/java/com/pulumi/vault/managed/inputs/KeysAwArgs.java index 013e443fe..9f730e36f 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/managed/inputs/KeysAwArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/managed/inputs/KeysAwArgs.java @@ -104,16 +104,16 @@ public Optional> anyMount() { } /** - * Supplies the curve value when using the `CKM_ECDSA` mechanism. - * Required if `allow_generate_key` is `true`. + * The curve to use for an ECDSA key. Used when `key_type` + * is `ECDSA`. Required if `allow_generate_key` is `true`. * */ @Import(name="curve") private @Nullable Output curve; /** - * @return Supplies the curve value when using the `CKM_ECDSA` mechanism. - * Required if `allow_generate_key` is `true`. + * @return The curve to use for an ECDSA key. Used when `key_type` + * is `ECDSA`. Required if `allow_generate_key` is `true`. * */ public Optional> curve() { @@ -136,18 +136,14 @@ public Optional> endpoint() { } /** - * Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - * `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - * `allow_generate_key` is `true`. + * The size in bits for an RSA key. * */ @Import(name="keyBits", required=true) private Output keyBits; /** - * @return Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - * `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - * `allow_generate_key` is `true`. + * @return The size in bits for an RSA key. * */ public Output keyBits() { @@ -391,8 +387,8 @@ public Builder anyMount(Boolean anyMount) { } /** - * @param curve Supplies the curve value when using the `CKM_ECDSA` mechanism. - * Required if `allow_generate_key` is `true`. + * @param curve The curve to use for an ECDSA key. Used when `key_type` + * is `ECDSA`. Required if `allow_generate_key` is `true`. * * @return builder * @@ -403,8 +399,8 @@ public Builder curve(@Nullable Output curve) { } /** - * @param curve Supplies the curve value when using the `CKM_ECDSA` mechanism. - * Required if `allow_generate_key` is `true`. + * @param curve The curve to use for an ECDSA key. Used when `key_type` + * is `ECDSA`. Required if `allow_generate_key` is `true`. * * @return builder * @@ -435,9 +431,7 @@ public Builder endpoint(String endpoint) { } /** - * @param keyBits Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - * `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - * `allow_generate_key` is `true`. + * @param keyBits The size in bits for an RSA key. * * @return builder * @@ -448,9 +442,7 @@ public Builder keyBits(Output keyBits) { } /** - * @param keyBits Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - * `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - * `allow_generate_key` is `true`. + * @param keyBits The size in bits for an RSA key. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/managed/inputs/KeysAzureArgs.java b/sdk/java/src/main/java/com/pulumi/vault/managed/inputs/KeysAzureArgs.java index d50a127a3..fc0e91174 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/managed/inputs/KeysAzureArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/managed/inputs/KeysAzureArgs.java @@ -134,18 +134,14 @@ public Optional> environment() { } /** - * Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - * `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - * `allow_generate_key` is `true`. + * The size in bits for an RSA key. * */ @Import(name="keyBits") private @Nullable Output keyBits; /** - * @return Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - * `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - * `allow_generate_key` is `true`. + * @return The size in bits for an RSA key. * */ public Optional> keyBits() { @@ -447,9 +443,7 @@ public Builder environment(String environment) { } /** - * @param keyBits Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - * `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - * `allow_generate_key` is `true`. + * @param keyBits The size in bits for an RSA key. * * @return builder * @@ -460,9 +454,7 @@ public Builder keyBits(@Nullable Output keyBits) { } /** - * @param keyBits Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - * `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - * `allow_generate_key` is `true`. + * @param keyBits The size in bits for an RSA key. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/managed/inputs/KeysPkcArgs.java b/sdk/java/src/main/java/com/pulumi/vault/managed/inputs/KeysPkcArgs.java index cd7788c99..a2c25e668 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/managed/inputs/KeysPkcArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/managed/inputs/KeysPkcArgs.java @@ -89,16 +89,16 @@ public Optional> anyMount() { } /** - * Supplies the curve value when using the `CKM_ECDSA` mechanism. - * Required if `allow_generate_key` is `true`. + * The curve to use for an ECDSA key. Used when `key_type` + * is `ECDSA`. Required if `allow_generate_key` is `true`. * */ @Import(name="curve") private @Nullable Output curve; /** - * @return Supplies the curve value when using the `CKM_ECDSA` mechanism. - * Required if `allow_generate_key` is `true`. + * @return The curve to use for an ECDSA key. Used when `key_type` + * is `ECDSA`. Required if `allow_generate_key` is `true`. * */ public Optional> curve() { @@ -123,18 +123,14 @@ public Optional> forceRwSession() { } /** - * Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - * `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - * `allow_generate_key` is `true`. + * The size in bits for an RSA key. * */ @Import(name="keyBits") private @Nullable Output keyBits; /** - * @return Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - * `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - * `allow_generate_key` is `true`. + * @return The size in bits for an RSA key. * */ public Optional> keyBits() { @@ -410,8 +406,8 @@ public Builder anyMount(Boolean anyMount) { } /** - * @param curve Supplies the curve value when using the `CKM_ECDSA` mechanism. - * Required if `allow_generate_key` is `true`. + * @param curve The curve to use for an ECDSA key. Used when `key_type` + * is `ECDSA`. Required if `allow_generate_key` is `true`. * * @return builder * @@ -422,8 +418,8 @@ public Builder curve(@Nullable Output curve) { } /** - * @param curve Supplies the curve value when using the `CKM_ECDSA` mechanism. - * Required if `allow_generate_key` is `true`. + * @param curve The curve to use for an ECDSA key. Used when `key_type` + * is `ECDSA`. Required if `allow_generate_key` is `true`. * * @return builder * @@ -456,9 +452,7 @@ public Builder forceRwSession(String forceRwSession) { } /** - * @param keyBits Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - * `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - * `allow_generate_key` is `true`. + * @param keyBits The size in bits for an RSA key. * * @return builder * @@ -469,9 +463,7 @@ public Builder keyBits(@Nullable Output keyBits) { } /** - * @param keyBits Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - * `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - * `allow_generate_key` is `true`. + * @param keyBits The size in bits for an RSA key. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/managed/outputs/KeysAw.java b/sdk/java/src/main/java/com/pulumi/vault/managed/outputs/KeysAw.java index 409d1b5e5..e1837fe88 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/managed/outputs/KeysAw.java +++ b/sdk/java/src/main/java/com/pulumi/vault/managed/outputs/KeysAw.java @@ -44,8 +44,8 @@ public final class KeysAw { */ private @Nullable Boolean anyMount; /** - * @return Supplies the curve value when using the `CKM_ECDSA` mechanism. - * Required if `allow_generate_key` is `true`. + * @return The curve to use for an ECDSA key. Used when `key_type` + * is `ECDSA`. Required if `allow_generate_key` is `true`. * */ private @Nullable String curve; @@ -55,9 +55,7 @@ public final class KeysAw { */ private @Nullable String endpoint; /** - * @return Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - * `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - * `allow_generate_key` is `true`. + * @return The size in bits for an RSA key. * */ private String keyBits; @@ -131,8 +129,8 @@ public Optional anyMount() { return Optional.ofNullable(this.anyMount); } /** - * @return Supplies the curve value when using the `CKM_ECDSA` mechanism. - * Required if `allow_generate_key` is `true`. + * @return The curve to use for an ECDSA key. Used when `key_type` + * is `ECDSA`. Required if `allow_generate_key` is `true`. * */ public Optional curve() { @@ -146,9 +144,7 @@ public Optional endpoint() { return Optional.ofNullable(this.endpoint); } /** - * @return Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - * `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - * `allow_generate_key` is `true`. + * @return The size in bits for an RSA key. * */ public String keyBits() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/managed/outputs/KeysAzure.java b/sdk/java/src/main/java/com/pulumi/vault/managed/outputs/KeysAzure.java index 05a710801..e4d14ff34 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/managed/outputs/KeysAzure.java +++ b/sdk/java/src/main/java/com/pulumi/vault/managed/outputs/KeysAzure.java @@ -54,9 +54,7 @@ public final class KeysAzure { */ private @Nullable String environment; /** - * @return Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - * `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - * `allow_generate_key` is `true`. + * @return The size in bits for an RSA key. * */ private @Nullable String keyBits; @@ -149,9 +147,7 @@ public Optional environment() { return Optional.ofNullable(this.environment); } /** - * @return Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - * `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - * `allow_generate_key` is `true`. + * @return The size in bits for an RSA key. * */ public Optional keyBits() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/managed/outputs/KeysPkc.java b/sdk/java/src/main/java/com/pulumi/vault/managed/outputs/KeysPkc.java index 2f003c53c..3bb285636 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/managed/outputs/KeysPkc.java +++ b/sdk/java/src/main/java/com/pulumi/vault/managed/outputs/KeysPkc.java @@ -39,8 +39,8 @@ public final class KeysPkc { */ private @Nullable Boolean anyMount; /** - * @return Supplies the curve value when using the `CKM_ECDSA` mechanism. - * Required if `allow_generate_key` is `true`. + * @return The curve to use for an ECDSA key. Used when `key_type` + * is `ECDSA`. Required if `allow_generate_key` is `true`. * */ private @Nullable String curve; @@ -51,9 +51,7 @@ public final class KeysPkc { */ private @Nullable String forceRwSession; /** - * @return Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - * `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - * `allow_generate_key` is `true`. + * @return The size in bits for an RSA key. * */ private @Nullable String keyBits; @@ -138,8 +136,8 @@ public Optional anyMount() { return Optional.ofNullable(this.anyMount); } /** - * @return Supplies the curve value when using the `CKM_ECDSA` mechanism. - * Required if `allow_generate_key` is `true`. + * @return The curve to use for an ECDSA key. Used when `key_type` + * is `ECDSA`. Required if `allow_generate_key` is `true`. * */ public Optional curve() { @@ -154,9 +152,7 @@ public Optional forceRwSession() { return Optional.ofNullable(this.forceRwSession); } /** - * @return Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - * `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - * `allow_generate_key` is `true`. + * @return The size in bits for an RSA key. * */ public Optional keyBits() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/okta/inputs/AuthBackendGroupArgs.java b/sdk/java/src/main/java/com/pulumi/vault/okta/inputs/AuthBackendGroupArgs.java index f297d478e..b8e437993 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/okta/inputs/AuthBackendGroupArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/okta/inputs/AuthBackendGroupArgs.java @@ -30,14 +30,14 @@ public Output groupName() { } /** - * List of Vault policies to associate with this user + * Vault policies to associate with this group * */ @Import(name="policies", required=true) private Output> policies; /** - * @return List of Vault policies to associate with this user + * @return Vault policies to associate with this group * */ public Output> policies() { @@ -91,7 +91,7 @@ public Builder groupName(String groupName) { } /** - * @param policies List of Vault policies to associate with this user + * @param policies Vault policies to associate with this group * * @return builder * @@ -102,7 +102,7 @@ public Builder policies(Output> policies) { } /** - * @param policies List of Vault policies to associate with this user + * @param policies Vault policies to associate with this group * * @return builder * @@ -112,7 +112,7 @@ public Builder policies(List policies) { } /** - * @param policies List of Vault policies to associate with this user + * @param policies Vault policies to associate with this group * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/okta/inputs/AuthBackendUserArgs.java b/sdk/java/src/main/java/com/pulumi/vault/okta/inputs/AuthBackendUserArgs.java index 9aedd7822..e03183e70 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/okta/inputs/AuthBackendUserArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/okta/inputs/AuthBackendUserArgs.java @@ -32,14 +32,14 @@ public Optional>> groups() { } /** - * List of Vault policies to associate with this user + * Vault policies to associate with this group * */ @Import(name="policies") private @Nullable Output> policies; /** - * @return List of Vault policies to associate with this user + * @return Vault policies to associate with this group * */ public Optional>> policies() { @@ -119,7 +119,7 @@ public Builder groups(String... groups) { } /** - * @param policies List of Vault policies to associate with this user + * @param policies Vault policies to associate with this group * * @return builder * @@ -130,7 +130,7 @@ public Builder policies(@Nullable Output> policies) { } /** - * @param policies List of Vault policies to associate with this user + * @param policies Vault policies to associate with this group * * @return builder * @@ -140,7 +140,7 @@ public Builder policies(List policies) { } /** - * @param policies List of Vault policies to associate with this user + * @param policies Vault policies to associate with this group * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/okta/outputs/AuthBackendGroup.java b/sdk/java/src/main/java/com/pulumi/vault/okta/outputs/AuthBackendGroup.java index 8ac5a9854..cc299a533 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/okta/outputs/AuthBackendGroup.java +++ b/sdk/java/src/main/java/com/pulumi/vault/okta/outputs/AuthBackendGroup.java @@ -16,7 +16,7 @@ public final class AuthBackendGroup { */ private String groupName; /** - * @return List of Vault policies to associate with this user + * @return Vault policies to associate with this group * */ private List policies; @@ -30,7 +30,7 @@ public String groupName() { return this.groupName; } /** - * @return List of Vault policies to associate with this user + * @return Vault policies to associate with this group * */ public List policies() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/okta/outputs/AuthBackendUser.java b/sdk/java/src/main/java/com/pulumi/vault/okta/outputs/AuthBackendUser.java index ea36d7093..608f0d07b 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/okta/outputs/AuthBackendUser.java +++ b/sdk/java/src/main/java/com/pulumi/vault/okta/outputs/AuthBackendUser.java @@ -17,7 +17,7 @@ public final class AuthBackendUser { */ private @Nullable List groups; /** - * @return List of Vault policies to associate with this user + * @return Vault policies to associate with this group * */ private @Nullable List policies; @@ -36,7 +36,7 @@ public List groups() { return this.groups == null ? List.of() : this.groups; } /** - * @return List of Vault policies to associate with this user + * @return Vault policies to associate with this group * */ public List policies() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/outputs/GetAuthBackendsResult.java b/sdk/java/src/main/java/com/pulumi/vault/outputs/GetAuthBackendsResult.java new file mode 100644 index 000000000..d766a08b8 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/vault/outputs/GetAuthBackendsResult.java @@ -0,0 +1,127 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.vault.outputs; + +import com.pulumi.core.annotations.CustomType; +import java.lang.String; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class GetAuthBackendsResult { + /** + * @return The accessor IDs for the auth methods. + * + */ + private List accessors; + /** + * @return The provider-assigned unique ID for this managed resource. + * + */ + private String id; + private @Nullable String namespace; + /** + * @return List of auth backend mount points. + * + */ + private List paths; + private @Nullable String type; + + private GetAuthBackendsResult() {} + /** + * @return The accessor IDs for the auth methods. + * + */ + public List accessors() { + return this.accessors; + } + /** + * @return The provider-assigned unique ID for this managed resource. + * + */ + public String id() { + return this.id; + } + public Optional namespace() { + return Optional.ofNullable(this.namespace); + } + /** + * @return List of auth backend mount points. + * + */ + public List paths() { + return this.paths; + } + public Optional type() { + return Optional.ofNullable(this.type); + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetAuthBackendsResult defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private List accessors; + private String id; + private @Nullable String namespace; + private List paths; + private @Nullable String type; + public Builder() {} + public Builder(GetAuthBackendsResult defaults) { + Objects.requireNonNull(defaults); + this.accessors = defaults.accessors; + this.id = defaults.id; + this.namespace = defaults.namespace; + this.paths = defaults.paths; + this.type = defaults.type; + } + + @CustomType.Setter + public Builder accessors(List accessors) { + this.accessors = Objects.requireNonNull(accessors); + return this; + } + public Builder accessors(String... accessors) { + return accessors(List.of(accessors)); + } + @CustomType.Setter + public Builder id(String id) { + this.id = Objects.requireNonNull(id); + return this; + } + @CustomType.Setter + public Builder namespace(@Nullable String namespace) { + this.namespace = namespace; + return this; + } + @CustomType.Setter + public Builder paths(List paths) { + this.paths = Objects.requireNonNull(paths); + return this; + } + public Builder paths(String... paths) { + return paths(List.of(paths)); + } + @CustomType.Setter + public Builder type(@Nullable String type) { + this.type = type; + return this; + } + public GetAuthBackendsResult build() { + final var o = new GetAuthBackendsResult(); + o.accessors = accessors; + o.id = id; + o.namespace = namespace; + o.paths = paths; + o.type = type; + return o; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/vault/outputs/GetRaftAutopilotStateResult.java b/sdk/java/src/main/java/com/pulumi/vault/outputs/GetRaftAutopilotStateResult.java new file mode 100644 index 000000000..e5aeccb8e --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/vault/outputs/GetRaftAutopilotStateResult.java @@ -0,0 +1,296 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.vault.outputs; + +import com.pulumi.core.annotations.CustomType; +import java.lang.Boolean; +import java.lang.Integer; +import java.lang.Object; +import java.lang.String; +import java.util.List; +import java.util.Map; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class GetRaftAutopilotStateResult { + /** + * @return How many nodes could fail before the cluster becomes unhealthy. + * + */ + private Integer failureTolerance; + /** + * @return Cluster health status. + * + */ + private Boolean healthy; + /** + * @return The provider-assigned unique ID for this managed resource. + * + */ + private String id; + /** + * @return The current leader of Vault. + * + */ + private String leader; + private @Nullable String namespace; + /** + * @return The cluster-level optimistic failure tolerance. + * + */ + private Integer optimisticFailureTolerance; + /** + * @return Additional output related to redundancy zones stored as a serialized map of strings. + * + */ + private Map redundancyZones; + /** + * @return Additional output related to redundancy zones. + * + */ + private String redundancyZonesJson; + /** + * @return Additionaly output related to servers in the cluster stored as a serialized map of strings. + * + */ + private Map servers; + /** + * @return Additionaly output related to servers in the cluster. + * + */ + private String serversJson; + /** + * @return Additional output related to upgrade information stored as a serialized map of strings. + * + */ + private Map upgradeInfo; + /** + * @return Additional output related to upgrade information. + * + */ + private String upgradeInfoJson; + /** + * @return The voters in the Vault cluster. + * + */ + private List voters; + + private GetRaftAutopilotStateResult() {} + /** + * @return How many nodes could fail before the cluster becomes unhealthy. + * + */ + public Integer failureTolerance() { + return this.failureTolerance; + } + /** + * @return Cluster health status. + * + */ + public Boolean healthy() { + return this.healthy; + } + /** + * @return The provider-assigned unique ID for this managed resource. + * + */ + public String id() { + return this.id; + } + /** + * @return The current leader of Vault. + * + */ + public String leader() { + return this.leader; + } + public Optional namespace() { + return Optional.ofNullable(this.namespace); + } + /** + * @return The cluster-level optimistic failure tolerance. + * + */ + public Integer optimisticFailureTolerance() { + return this.optimisticFailureTolerance; + } + /** + * @return Additional output related to redundancy zones stored as a serialized map of strings. + * + */ + public Map redundancyZones() { + return this.redundancyZones; + } + /** + * @return Additional output related to redundancy zones. + * + */ + public String redundancyZonesJson() { + return this.redundancyZonesJson; + } + /** + * @return Additionaly output related to servers in the cluster stored as a serialized map of strings. + * + */ + public Map servers() { + return this.servers; + } + /** + * @return Additionaly output related to servers in the cluster. + * + */ + public String serversJson() { + return this.serversJson; + } + /** + * @return Additional output related to upgrade information stored as a serialized map of strings. + * + */ + public Map upgradeInfo() { + return this.upgradeInfo; + } + /** + * @return Additional output related to upgrade information. + * + */ + public String upgradeInfoJson() { + return this.upgradeInfoJson; + } + /** + * @return The voters in the Vault cluster. + * + */ + public List voters() { + return this.voters; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetRaftAutopilotStateResult defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private Integer failureTolerance; + private Boolean healthy; + private String id; + private String leader; + private @Nullable String namespace; + private Integer optimisticFailureTolerance; + private Map redundancyZones; + private String redundancyZonesJson; + private Map servers; + private String serversJson; + private Map upgradeInfo; + private String upgradeInfoJson; + private List voters; + public Builder() {} + public Builder(GetRaftAutopilotStateResult defaults) { + Objects.requireNonNull(defaults); + this.failureTolerance = defaults.failureTolerance; + this.healthy = defaults.healthy; + this.id = defaults.id; + this.leader = defaults.leader; + this.namespace = defaults.namespace; + this.optimisticFailureTolerance = defaults.optimisticFailureTolerance; + this.redundancyZones = defaults.redundancyZones; + this.redundancyZonesJson = defaults.redundancyZonesJson; + this.servers = defaults.servers; + this.serversJson = defaults.serversJson; + this.upgradeInfo = defaults.upgradeInfo; + this.upgradeInfoJson = defaults.upgradeInfoJson; + this.voters = defaults.voters; + } + + @CustomType.Setter + public Builder failureTolerance(Integer failureTolerance) { + this.failureTolerance = Objects.requireNonNull(failureTolerance); + return this; + } + @CustomType.Setter + public Builder healthy(Boolean healthy) { + this.healthy = Objects.requireNonNull(healthy); + return this; + } + @CustomType.Setter + public Builder id(String id) { + this.id = Objects.requireNonNull(id); + return this; + } + @CustomType.Setter + public Builder leader(String leader) { + this.leader = Objects.requireNonNull(leader); + return this; + } + @CustomType.Setter + public Builder namespace(@Nullable String namespace) { + this.namespace = namespace; + return this; + } + @CustomType.Setter + public Builder optimisticFailureTolerance(Integer optimisticFailureTolerance) { + this.optimisticFailureTolerance = Objects.requireNonNull(optimisticFailureTolerance); + return this; + } + @CustomType.Setter + public Builder redundancyZones(Map redundancyZones) { + this.redundancyZones = Objects.requireNonNull(redundancyZones); + return this; + } + @CustomType.Setter + public Builder redundancyZonesJson(String redundancyZonesJson) { + this.redundancyZonesJson = Objects.requireNonNull(redundancyZonesJson); + return this; + } + @CustomType.Setter + public Builder servers(Map servers) { + this.servers = Objects.requireNonNull(servers); + return this; + } + @CustomType.Setter + public Builder serversJson(String serversJson) { + this.serversJson = Objects.requireNonNull(serversJson); + return this; + } + @CustomType.Setter + public Builder upgradeInfo(Map upgradeInfo) { + this.upgradeInfo = Objects.requireNonNull(upgradeInfo); + return this; + } + @CustomType.Setter + public Builder upgradeInfoJson(String upgradeInfoJson) { + this.upgradeInfoJson = Objects.requireNonNull(upgradeInfoJson); + return this; + } + @CustomType.Setter + public Builder voters(List voters) { + this.voters = Objects.requireNonNull(voters); + return this; + } + public Builder voters(String... voters) { + return voters(List.of(voters)); + } + public GetRaftAutopilotStateResult build() { + final var o = new GetRaftAutopilotStateResult(); + o.failureTolerance = failureTolerance; + o.healthy = healthy; + o.id = id; + o.leader = leader; + o.namespace = namespace; + o.optimisticFailureTolerance = optimisticFailureTolerance; + o.redundancyZones = redundancyZones; + o.redundancyZonesJson = redundancyZonesJson; + o.servers = servers; + o.serversJson = serversJson; + o.upgradeInfo = upgradeInfo; + o.upgradeInfoJson = upgradeInfoJson; + o.voters = voters; + return o; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/PkiSecretFunctions.java b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/PkiSecretFunctions.java new file mode 100644 index 000000000..cb4122d05 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/PkiSecretFunctions.java @@ -0,0 +1,678 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.vault.pkiSecret; + +import com.pulumi.core.Output; +import com.pulumi.core.TypeShape; +import com.pulumi.deployment.Deployment; +import com.pulumi.deployment.InvokeOptions; +import com.pulumi.vault.Utilities; +import com.pulumi.vault.pkiSecret.inputs.GetBackendIssuerArgs; +import com.pulumi.vault.pkiSecret.inputs.GetBackendIssuerPlainArgs; +import com.pulumi.vault.pkiSecret.inputs.GetBackendIssuersArgs; +import com.pulumi.vault.pkiSecret.inputs.GetBackendIssuersPlainArgs; +import com.pulumi.vault.pkiSecret.inputs.GetBackendKeyArgs; +import com.pulumi.vault.pkiSecret.inputs.GetBackendKeyPlainArgs; +import com.pulumi.vault.pkiSecret.inputs.GetBackendKeysArgs; +import com.pulumi.vault.pkiSecret.inputs.GetBackendKeysPlainArgs; +import com.pulumi.vault.pkiSecret.outputs.GetBackendIssuerResult; +import com.pulumi.vault.pkiSecret.outputs.GetBackendIssuersResult; +import com.pulumi.vault.pkiSecret.outputs.GetBackendKeyResult; +import com.pulumi.vault.pkiSecret.outputs.GetBackendKeysResult; +import java.util.concurrent.CompletableFuture; + +public final class PkiSecretFunctions { + public static Output getBackendIssuer(GetBackendIssuerArgs args) { + return getBackendIssuer(args, InvokeOptions.Empty); + } + public static CompletableFuture getBackendIssuerPlain(GetBackendIssuerPlainArgs args) { + return getBackendIssuerPlain(args, InvokeOptions.Empty); + } + public static Output getBackendIssuer(GetBackendIssuerArgs args, InvokeOptions options) { + return Deployment.getInstance().invoke("vault:pkiSecret/getBackendIssuer:getBackendIssuer", TypeShape.of(GetBackendIssuerResult.class), args, Utilities.withVersion(options)); + } + public static CompletableFuture getBackendIssuerPlain(GetBackendIssuerPlainArgs args, InvokeOptions options) { + return Deployment.getInstance().invokeAsync("vault:pkiSecret/getBackendIssuer:getBackendIssuer", TypeShape.of(GetBackendIssuerResult.class), args, Utilities.withVersion(options)); + } + /** + * ## Example Usage + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.vault.Mount; + * import com.pulumi.vault.MountArgs; + * import com.pulumi.vault.pkiSecret.SecretBackendRootCert; + * import com.pulumi.vault.pkiSecret.SecretBackendRootCertArgs; + * import com.pulumi.vault.pkiSecret.PkiSecretFunctions; + * import com.pulumi.vault.pkiSecret.inputs.GetBackendIssuersArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var pki = new Mount("pki", MountArgs.builder() + * .path("pki") + * .type("pki") + * .description("PKI secret engine mount") + * .build()); + * + * var root = new SecretBackendRootCert("root", SecretBackendRootCertArgs.builder() + * .backend(pki.path()) + * .type("internal") + * .commonName("example") + * .ttl("86400") + * .issuerName("example") + * .build()); + * + * final var test = PkiSecretFunctions.getBackendIssuers(GetBackendIssuersArgs.builder() + * .backend(root.backend()) + * .build()); + * + * } + * } + * ``` + * + */ + public static Output getBackendIssuers(GetBackendIssuersArgs args) { + return getBackendIssuers(args, InvokeOptions.Empty); + } + /** + * ## Example Usage + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.vault.Mount; + * import com.pulumi.vault.MountArgs; + * import com.pulumi.vault.pkiSecret.SecretBackendRootCert; + * import com.pulumi.vault.pkiSecret.SecretBackendRootCertArgs; + * import com.pulumi.vault.pkiSecret.PkiSecretFunctions; + * import com.pulumi.vault.pkiSecret.inputs.GetBackendIssuersArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var pki = new Mount("pki", MountArgs.builder() + * .path("pki") + * .type("pki") + * .description("PKI secret engine mount") + * .build()); + * + * var root = new SecretBackendRootCert("root", SecretBackendRootCertArgs.builder() + * .backend(pki.path()) + * .type("internal") + * .commonName("example") + * .ttl("86400") + * .issuerName("example") + * .build()); + * + * final var test = PkiSecretFunctions.getBackendIssuers(GetBackendIssuersArgs.builder() + * .backend(root.backend()) + * .build()); + * + * } + * } + * ``` + * + */ + public static CompletableFuture getBackendIssuersPlain(GetBackendIssuersPlainArgs args) { + return getBackendIssuersPlain(args, InvokeOptions.Empty); + } + /** + * ## Example Usage + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.vault.Mount; + * import com.pulumi.vault.MountArgs; + * import com.pulumi.vault.pkiSecret.SecretBackendRootCert; + * import com.pulumi.vault.pkiSecret.SecretBackendRootCertArgs; + * import com.pulumi.vault.pkiSecret.PkiSecretFunctions; + * import com.pulumi.vault.pkiSecret.inputs.GetBackendIssuersArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var pki = new Mount("pki", MountArgs.builder() + * .path("pki") + * .type("pki") + * .description("PKI secret engine mount") + * .build()); + * + * var root = new SecretBackendRootCert("root", SecretBackendRootCertArgs.builder() + * .backend(pki.path()) + * .type("internal") + * .commonName("example") + * .ttl("86400") + * .issuerName("example") + * .build()); + * + * final var test = PkiSecretFunctions.getBackendIssuers(GetBackendIssuersArgs.builder() + * .backend(root.backend()) + * .build()); + * + * } + * } + * ``` + * + */ + public static Output getBackendIssuers(GetBackendIssuersArgs args, InvokeOptions options) { + return Deployment.getInstance().invoke("vault:pkiSecret/getBackendIssuers:getBackendIssuers", TypeShape.of(GetBackendIssuersResult.class), args, Utilities.withVersion(options)); + } + /** + * ## Example Usage + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.vault.Mount; + * import com.pulumi.vault.MountArgs; + * import com.pulumi.vault.pkiSecret.SecretBackendRootCert; + * import com.pulumi.vault.pkiSecret.SecretBackendRootCertArgs; + * import com.pulumi.vault.pkiSecret.PkiSecretFunctions; + * import com.pulumi.vault.pkiSecret.inputs.GetBackendIssuersArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var pki = new Mount("pki", MountArgs.builder() + * .path("pki") + * .type("pki") + * .description("PKI secret engine mount") + * .build()); + * + * var root = new SecretBackendRootCert("root", SecretBackendRootCertArgs.builder() + * .backend(pki.path()) + * .type("internal") + * .commonName("example") + * .ttl("86400") + * .issuerName("example") + * .build()); + * + * final var test = PkiSecretFunctions.getBackendIssuers(GetBackendIssuersArgs.builder() + * .backend(root.backend()) + * .build()); + * + * } + * } + * ``` + * + */ + public static CompletableFuture getBackendIssuersPlain(GetBackendIssuersPlainArgs args, InvokeOptions options) { + return Deployment.getInstance().invokeAsync("vault:pkiSecret/getBackendIssuers:getBackendIssuers", TypeShape.of(GetBackendIssuersResult.class), args, Utilities.withVersion(options)); + } + /** + * ## Example Usage + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.vault.Mount; + * import com.pulumi.vault.MountArgs; + * import com.pulumi.vault.pkiSecret.SecretBackendKey; + * import com.pulumi.vault.pkiSecret.SecretBackendKeyArgs; + * import com.pulumi.vault.pkiSecret.PkiSecretFunctions; + * import com.pulumi.vault.pkiSecret.inputs.GetBackendKeyArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var pki = new Mount("pki", MountArgs.builder() + * .path("pki") + * .type("pki") + * .description("PKI secret engine mount") + * .build()); + * + * var key = new SecretBackendKey("key", SecretBackendKeyArgs.builder() + * .backend(pki.path()) + * .type("internal") + * .keyName("example") + * .keyType("rsa") + * .keyBits("4096") + * .build()); + * + * final var example = PkiSecretFunctions.getBackendKey(GetBackendKeyArgs.builder() + * .backend(vault_mount.key().path()) + * .keyRef(key.keyId()) + * .build()); + * + * } + * } + * ``` + * + */ + public static Output getBackendKey(GetBackendKeyArgs args) { + return getBackendKey(args, InvokeOptions.Empty); + } + /** + * ## Example Usage + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.vault.Mount; + * import com.pulumi.vault.MountArgs; + * import com.pulumi.vault.pkiSecret.SecretBackendKey; + * import com.pulumi.vault.pkiSecret.SecretBackendKeyArgs; + * import com.pulumi.vault.pkiSecret.PkiSecretFunctions; + * import com.pulumi.vault.pkiSecret.inputs.GetBackendKeyArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var pki = new Mount("pki", MountArgs.builder() + * .path("pki") + * .type("pki") + * .description("PKI secret engine mount") + * .build()); + * + * var key = new SecretBackendKey("key", SecretBackendKeyArgs.builder() + * .backend(pki.path()) + * .type("internal") + * .keyName("example") + * .keyType("rsa") + * .keyBits("4096") + * .build()); + * + * final var example = PkiSecretFunctions.getBackendKey(GetBackendKeyArgs.builder() + * .backend(vault_mount.key().path()) + * .keyRef(key.keyId()) + * .build()); + * + * } + * } + * ``` + * + */ + public static CompletableFuture getBackendKeyPlain(GetBackendKeyPlainArgs args) { + return getBackendKeyPlain(args, InvokeOptions.Empty); + } + /** + * ## Example Usage + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.vault.Mount; + * import com.pulumi.vault.MountArgs; + * import com.pulumi.vault.pkiSecret.SecretBackendKey; + * import com.pulumi.vault.pkiSecret.SecretBackendKeyArgs; + * import com.pulumi.vault.pkiSecret.PkiSecretFunctions; + * import com.pulumi.vault.pkiSecret.inputs.GetBackendKeyArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var pki = new Mount("pki", MountArgs.builder() + * .path("pki") + * .type("pki") + * .description("PKI secret engine mount") + * .build()); + * + * var key = new SecretBackendKey("key", SecretBackendKeyArgs.builder() + * .backend(pki.path()) + * .type("internal") + * .keyName("example") + * .keyType("rsa") + * .keyBits("4096") + * .build()); + * + * final var example = PkiSecretFunctions.getBackendKey(GetBackendKeyArgs.builder() + * .backend(vault_mount.key().path()) + * .keyRef(key.keyId()) + * .build()); + * + * } + * } + * ``` + * + */ + public static Output getBackendKey(GetBackendKeyArgs args, InvokeOptions options) { + return Deployment.getInstance().invoke("vault:pkiSecret/getBackendKey:getBackendKey", TypeShape.of(GetBackendKeyResult.class), args, Utilities.withVersion(options)); + } + /** + * ## Example Usage + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.vault.Mount; + * import com.pulumi.vault.MountArgs; + * import com.pulumi.vault.pkiSecret.SecretBackendKey; + * import com.pulumi.vault.pkiSecret.SecretBackendKeyArgs; + * import com.pulumi.vault.pkiSecret.PkiSecretFunctions; + * import com.pulumi.vault.pkiSecret.inputs.GetBackendKeyArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var pki = new Mount("pki", MountArgs.builder() + * .path("pki") + * .type("pki") + * .description("PKI secret engine mount") + * .build()); + * + * var key = new SecretBackendKey("key", SecretBackendKeyArgs.builder() + * .backend(pki.path()) + * .type("internal") + * .keyName("example") + * .keyType("rsa") + * .keyBits("4096") + * .build()); + * + * final var example = PkiSecretFunctions.getBackendKey(GetBackendKeyArgs.builder() + * .backend(vault_mount.key().path()) + * .keyRef(key.keyId()) + * .build()); + * + * } + * } + * ``` + * + */ + public static CompletableFuture getBackendKeyPlain(GetBackendKeyPlainArgs args, InvokeOptions options) { + return Deployment.getInstance().invokeAsync("vault:pkiSecret/getBackendKey:getBackendKey", TypeShape.of(GetBackendKeyResult.class), args, Utilities.withVersion(options)); + } + /** + * ## Example Usage + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.vault.Mount; + * import com.pulumi.vault.MountArgs; + * import com.pulumi.vault.pkiSecret.SecretBackendRootCert; + * import com.pulumi.vault.pkiSecret.SecretBackendRootCertArgs; + * import com.pulumi.vault.pkiSecret.PkiSecretFunctions; + * import com.pulumi.vault.pkiSecret.inputs.GetBackendKeysArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var pki = new Mount("pki", MountArgs.builder() + * .path("pki") + * .type("pki") + * .description("PKI secret engine mount") + * .build()); + * + * var root = new SecretBackendRootCert("root", SecretBackendRootCertArgs.builder() + * .backend(pki.path()) + * .type("internal") + * .commonName("example") + * .ttl("86400") + * .keyName("example") + * .build()); + * + * final var example = PkiSecretFunctions.getBackendKeys(GetBackendKeysArgs.builder() + * .backend(root.backend()) + * .build()); + * + * } + * } + * ``` + * + */ + public static Output getBackendKeys(GetBackendKeysArgs args) { + return getBackendKeys(args, InvokeOptions.Empty); + } + /** + * ## Example Usage + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.vault.Mount; + * import com.pulumi.vault.MountArgs; + * import com.pulumi.vault.pkiSecret.SecretBackendRootCert; + * import com.pulumi.vault.pkiSecret.SecretBackendRootCertArgs; + * import com.pulumi.vault.pkiSecret.PkiSecretFunctions; + * import com.pulumi.vault.pkiSecret.inputs.GetBackendKeysArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var pki = new Mount("pki", MountArgs.builder() + * .path("pki") + * .type("pki") + * .description("PKI secret engine mount") + * .build()); + * + * var root = new SecretBackendRootCert("root", SecretBackendRootCertArgs.builder() + * .backend(pki.path()) + * .type("internal") + * .commonName("example") + * .ttl("86400") + * .keyName("example") + * .build()); + * + * final var example = PkiSecretFunctions.getBackendKeys(GetBackendKeysArgs.builder() + * .backend(root.backend()) + * .build()); + * + * } + * } + * ``` + * + */ + public static CompletableFuture getBackendKeysPlain(GetBackendKeysPlainArgs args) { + return getBackendKeysPlain(args, InvokeOptions.Empty); + } + /** + * ## Example Usage + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.vault.Mount; + * import com.pulumi.vault.MountArgs; + * import com.pulumi.vault.pkiSecret.SecretBackendRootCert; + * import com.pulumi.vault.pkiSecret.SecretBackendRootCertArgs; + * import com.pulumi.vault.pkiSecret.PkiSecretFunctions; + * import com.pulumi.vault.pkiSecret.inputs.GetBackendKeysArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var pki = new Mount("pki", MountArgs.builder() + * .path("pki") + * .type("pki") + * .description("PKI secret engine mount") + * .build()); + * + * var root = new SecretBackendRootCert("root", SecretBackendRootCertArgs.builder() + * .backend(pki.path()) + * .type("internal") + * .commonName("example") + * .ttl("86400") + * .keyName("example") + * .build()); + * + * final var example = PkiSecretFunctions.getBackendKeys(GetBackendKeysArgs.builder() + * .backend(root.backend()) + * .build()); + * + * } + * } + * ``` + * + */ + public static Output getBackendKeys(GetBackendKeysArgs args, InvokeOptions options) { + return Deployment.getInstance().invoke("vault:pkiSecret/getBackendKeys:getBackendKeys", TypeShape.of(GetBackendKeysResult.class), args, Utilities.withVersion(options)); + } + /** + * ## Example Usage + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.vault.Mount; + * import com.pulumi.vault.MountArgs; + * import com.pulumi.vault.pkiSecret.SecretBackendRootCert; + * import com.pulumi.vault.pkiSecret.SecretBackendRootCertArgs; + * import com.pulumi.vault.pkiSecret.PkiSecretFunctions; + * import com.pulumi.vault.pkiSecret.inputs.GetBackendKeysArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var pki = new Mount("pki", MountArgs.builder() + * .path("pki") + * .type("pki") + * .description("PKI secret engine mount") + * .build()); + * + * var root = new SecretBackendRootCert("root", SecretBackendRootCertArgs.builder() + * .backend(pki.path()) + * .type("internal") + * .commonName("example") + * .ttl("86400") + * .keyName("example") + * .build()); + * + * final var example = PkiSecretFunctions.getBackendKeys(GetBackendKeysArgs.builder() + * .backend(root.backend()) + * .build()); + * + * } + * } + * ``` + * + */ + public static CompletableFuture getBackendKeysPlain(GetBackendKeysPlainArgs args, InvokeOptions options) { + return Deployment.getInstance().invokeAsync("vault:pkiSecret/getBackendKeys:getBackendKeys", TypeShape.of(GetBackendKeysResult.class), args, Utilities.withVersion(options)); + } +} diff --git a/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/SecretBackendConfigUrls.java b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/SecretBackendConfigUrls.java index 61a5cc541..ebf654ba4 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/SecretBackendConfigUrls.java +++ b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/SecretBackendConfigUrls.java @@ -61,11 +61,7 @@ * * ## Import * - * The PKI config URLs can be imported using the resource's `id`. - * - * In the case of the example above the `id` would be `pki-root/config/urls`, - * - * where the `pki-root` component is the resource's `backend`, e.g. + * The PKI config URLs can be imported using the resource's `id`. In the case of the example above the `id` would be `pki-root/config/urls`, where the `pki-root` component is the resource's `backend`, e.g. * * ```sh * $ pulumi import vault:pkiSecret/secretBackendConfigUrls:SecretBackendConfigUrls example pki-root/config/urls diff --git a/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/SecretBackendRole.java b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/SecretBackendRole.java index 44591d53d..bf881e870 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/SecretBackendRole.java +++ b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/SecretBackendRole.java @@ -10,6 +10,7 @@ import com.pulumi.vault.Utilities; import com.pulumi.vault.pkiSecret.SecretBackendRoleArgs; import com.pulumi.vault.pkiSecret.inputs.SecretBackendRoleState; +import com.pulumi.vault.pkiSecret.outputs.SecretBackendRolePolicyIdentifier; import java.lang.Boolean; import java.lang.Integer; import java.lang.String; @@ -586,6 +587,20 @@ public Output>> organizationUnit() { public Output>> organizations() { return Codegen.optional(this.organizations); } + /** + * (Vault 1.11+ only) A block for specifying policy identifers. The `policy_identifier` block can be repeated, and supports the following arguments: + * + */ + @Export(name="policyIdentifier", refs={List.class,SecretBackendRolePolicyIdentifier.class}, tree="[0,1]") + private Output> policyIdentifier; + + /** + * @return (Vault 1.11+ only) A block for specifying policy identifers. The `policy_identifier` block can be repeated, and supports the following arguments: + * + */ + public Output>> policyIdentifier() { + return Codegen.optional(this.policyIdentifier); + } /** * Specify the list of allowed policies OIDs. Use with Vault 1.10 or before. For Vault 1.11+, use `policy_identifier` blocks instead * diff --git a/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/SecretBackendRoleArgs.java b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/SecretBackendRoleArgs.java index 067dc3f01..bf3aa98ff 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/SecretBackendRoleArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/SecretBackendRoleArgs.java @@ -5,6 +5,7 @@ import com.pulumi.core.Output; import com.pulumi.core.annotations.Import; +import com.pulumi.vault.pkiSecret.inputs.SecretBackendRolePolicyIdentifierArgs; import java.lang.Boolean; import java.lang.Integer; import java.lang.String; @@ -561,6 +562,21 @@ public Optional>> organizations() { return Optional.ofNullable(this.organizations); } + /** + * (Vault 1.11+ only) A block for specifying policy identifers. The `policy_identifier` block can be repeated, and supports the following arguments: + * + */ + @Import(name="policyIdentifier") + private @Nullable Output> policyIdentifier; + + /** + * @return (Vault 1.11+ only) A block for specifying policy identifers. The `policy_identifier` block can be repeated, and supports the following arguments: + * + */ + public Optional>> policyIdentifier() { + return Optional.ofNullable(this.policyIdentifier); + } + /** * Specify the list of allowed policies OIDs. Use with Vault 1.10 or before. For Vault 1.11+, use `policy_identifier` blocks instead * @@ -734,6 +750,7 @@ private SecretBackendRoleArgs(SecretBackendRoleArgs $) { this.notBeforeDuration = $.notBeforeDuration; this.organizationUnit = $.organizationUnit; this.organizations = $.organizations; + this.policyIdentifier = $.policyIdentifier; this.policyIdentifiers = $.policyIdentifiers; this.postalCodes = $.postalCodes; this.provinces = $.provinces; @@ -1628,6 +1645,37 @@ public Builder organizations(String... organizations) { return organizations(List.of(organizations)); } + /** + * @param policyIdentifier (Vault 1.11+ only) A block for specifying policy identifers. The `policy_identifier` block can be repeated, and supports the following arguments: + * + * @return builder + * + */ + public Builder policyIdentifier(@Nullable Output> policyIdentifier) { + $.policyIdentifier = policyIdentifier; + return this; + } + + /** + * @param policyIdentifier (Vault 1.11+ only) A block for specifying policy identifers. The `policy_identifier` block can be repeated, and supports the following arguments: + * + * @return builder + * + */ + public Builder policyIdentifier(List policyIdentifier) { + return policyIdentifier(Output.of(policyIdentifier)); + } + + /** + * @param policyIdentifier (Vault 1.11+ only) A block for specifying policy identifers. The `policy_identifier` block can be repeated, and supports the following arguments: + * + * @return builder + * + */ + public Builder policyIdentifier(SecretBackendRolePolicyIdentifierArgs... policyIdentifier) { + return policyIdentifier(List.of(policyIdentifier)); + } + /** * @param policyIdentifiers Specify the list of allowed policies OIDs. Use with Vault 1.10 or before. For Vault 1.11+, use `policy_identifier` blocks instead * diff --git a/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/inputs/GetBackendIssuerArgs.java b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/inputs/GetBackendIssuerArgs.java new file mode 100644 index 000000000..aa2bcbfd1 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/inputs/GetBackendIssuerArgs.java @@ -0,0 +1,175 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.vault.pkiSecret.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class GetBackendIssuerArgs extends com.pulumi.resources.InvokeArgs { + + public static final GetBackendIssuerArgs Empty = new GetBackendIssuerArgs(); + + /** + * The path to the PKI secret backend to + * read the issuer from, with no leading or trailing `/`s. + * + */ + @Import(name="backend", required=true) + private Output backend; + + /** + * @return The path to the PKI secret backend to + * read the issuer from, with no leading or trailing `/`s. + * + */ + public Output backend() { + return this.backend; + } + + /** + * Reference to an existing issuer. + * + */ + @Import(name="issuerRef", required=true) + private Output issuerRef; + + /** + * @return Reference to an existing issuer. + * + */ + public Output issuerRef() { + return this.issuerRef; + } + + /** + * The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + @Import(name="namespace") + private @Nullable Output namespace; + + /** + * @return The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + public Optional> namespace() { + return Optional.ofNullable(this.namespace); + } + + private GetBackendIssuerArgs() {} + + private GetBackendIssuerArgs(GetBackendIssuerArgs $) { + this.backend = $.backend; + this.issuerRef = $.issuerRef; + this.namespace = $.namespace; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(GetBackendIssuerArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private GetBackendIssuerArgs $; + + public Builder() { + $ = new GetBackendIssuerArgs(); + } + + public Builder(GetBackendIssuerArgs defaults) { + $ = new GetBackendIssuerArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param backend The path to the PKI secret backend to + * read the issuer from, with no leading or trailing `/`s. + * + * @return builder + * + */ + public Builder backend(Output backend) { + $.backend = backend; + return this; + } + + /** + * @param backend The path to the PKI secret backend to + * read the issuer from, with no leading or trailing `/`s. + * + * @return builder + * + */ + public Builder backend(String backend) { + return backend(Output.of(backend)); + } + + /** + * @param issuerRef Reference to an existing issuer. + * + * @return builder + * + */ + public Builder issuerRef(Output issuerRef) { + $.issuerRef = issuerRef; + return this; + } + + /** + * @param issuerRef Reference to an existing issuer. + * + * @return builder + * + */ + public Builder issuerRef(String issuerRef) { + return issuerRef(Output.of(issuerRef)); + } + + /** + * @param namespace The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(@Nullable Output namespace) { + $.namespace = namespace; + return this; + } + + /** + * @param namespace The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(String namespace) { + return namespace(Output.of(namespace)); + } + + public GetBackendIssuerArgs build() { + $.backend = Objects.requireNonNull($.backend, "expected parameter 'backend' to be non-null"); + $.issuerRef = Objects.requireNonNull($.issuerRef, "expected parameter 'issuerRef' to be non-null"); + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/inputs/GetBackendIssuerPlainArgs.java b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/inputs/GetBackendIssuerPlainArgs.java new file mode 100644 index 000000000..2afcc3b93 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/inputs/GetBackendIssuerPlainArgs.java @@ -0,0 +1,140 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.vault.pkiSecret.inputs; + +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class GetBackendIssuerPlainArgs extends com.pulumi.resources.InvokeArgs { + + public static final GetBackendIssuerPlainArgs Empty = new GetBackendIssuerPlainArgs(); + + /** + * The path to the PKI secret backend to + * read the issuer from, with no leading or trailing `/`s. + * + */ + @Import(name="backend", required=true) + private String backend; + + /** + * @return The path to the PKI secret backend to + * read the issuer from, with no leading or trailing `/`s. + * + */ + public String backend() { + return this.backend; + } + + /** + * Reference to an existing issuer. + * + */ + @Import(name="issuerRef", required=true) + private String issuerRef; + + /** + * @return Reference to an existing issuer. + * + */ + public String issuerRef() { + return this.issuerRef; + } + + /** + * The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + @Import(name="namespace") + private @Nullable String namespace; + + /** + * @return The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + public Optional namespace() { + return Optional.ofNullable(this.namespace); + } + + private GetBackendIssuerPlainArgs() {} + + private GetBackendIssuerPlainArgs(GetBackendIssuerPlainArgs $) { + this.backend = $.backend; + this.issuerRef = $.issuerRef; + this.namespace = $.namespace; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(GetBackendIssuerPlainArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private GetBackendIssuerPlainArgs $; + + public Builder() { + $ = new GetBackendIssuerPlainArgs(); + } + + public Builder(GetBackendIssuerPlainArgs defaults) { + $ = new GetBackendIssuerPlainArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param backend The path to the PKI secret backend to + * read the issuer from, with no leading or trailing `/`s. + * + * @return builder + * + */ + public Builder backend(String backend) { + $.backend = backend; + return this; + } + + /** + * @param issuerRef Reference to an existing issuer. + * + * @return builder + * + */ + public Builder issuerRef(String issuerRef) { + $.issuerRef = issuerRef; + return this; + } + + /** + * @param namespace The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(@Nullable String namespace) { + $.namespace = namespace; + return this; + } + + public GetBackendIssuerPlainArgs build() { + $.backend = Objects.requireNonNull($.backend, "expected parameter 'backend' to be non-null"); + $.issuerRef = Objects.requireNonNull($.issuerRef, "expected parameter 'issuerRef' to be non-null"); + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/inputs/GetBackendIssuersArgs.java b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/inputs/GetBackendIssuersArgs.java new file mode 100644 index 000000000..54fc66513 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/inputs/GetBackendIssuersArgs.java @@ -0,0 +1,137 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.vault.pkiSecret.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class GetBackendIssuersArgs extends com.pulumi.resources.InvokeArgs { + + public static final GetBackendIssuersArgs Empty = new GetBackendIssuersArgs(); + + /** + * The path to the PKI secret backend to + * read the issuers from, with no leading or trailing `/`s. + * + */ + @Import(name="backend", required=true) + private Output backend; + + /** + * @return The path to the PKI secret backend to + * read the issuers from, with no leading or trailing `/`s. + * + */ + public Output backend() { + return this.backend; + } + + /** + * The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + @Import(name="namespace") + private @Nullable Output namespace; + + /** + * @return The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + public Optional> namespace() { + return Optional.ofNullable(this.namespace); + } + + private GetBackendIssuersArgs() {} + + private GetBackendIssuersArgs(GetBackendIssuersArgs $) { + this.backend = $.backend; + this.namespace = $.namespace; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(GetBackendIssuersArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private GetBackendIssuersArgs $; + + public Builder() { + $ = new GetBackendIssuersArgs(); + } + + public Builder(GetBackendIssuersArgs defaults) { + $ = new GetBackendIssuersArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param backend The path to the PKI secret backend to + * read the issuers from, with no leading or trailing `/`s. + * + * @return builder + * + */ + public Builder backend(Output backend) { + $.backend = backend; + return this; + } + + /** + * @param backend The path to the PKI secret backend to + * read the issuers from, with no leading or trailing `/`s. + * + * @return builder + * + */ + public Builder backend(String backend) { + return backend(Output.of(backend)); + } + + /** + * @param namespace The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(@Nullable Output namespace) { + $.namespace = namespace; + return this; + } + + /** + * @param namespace The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(String namespace) { + return namespace(Output.of(namespace)); + } + + public GetBackendIssuersArgs build() { + $.backend = Objects.requireNonNull($.backend, "expected parameter 'backend' to be non-null"); + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/inputs/GetBackendIssuersPlainArgs.java b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/inputs/GetBackendIssuersPlainArgs.java new file mode 100644 index 000000000..8f9811e59 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/inputs/GetBackendIssuersPlainArgs.java @@ -0,0 +1,112 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.vault.pkiSecret.inputs; + +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class GetBackendIssuersPlainArgs extends com.pulumi.resources.InvokeArgs { + + public static final GetBackendIssuersPlainArgs Empty = new GetBackendIssuersPlainArgs(); + + /** + * The path to the PKI secret backend to + * read the issuers from, with no leading or trailing `/`s. + * + */ + @Import(name="backend", required=true) + private String backend; + + /** + * @return The path to the PKI secret backend to + * read the issuers from, with no leading or trailing `/`s. + * + */ + public String backend() { + return this.backend; + } + + /** + * The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + @Import(name="namespace") + private @Nullable String namespace; + + /** + * @return The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + public Optional namespace() { + return Optional.ofNullable(this.namespace); + } + + private GetBackendIssuersPlainArgs() {} + + private GetBackendIssuersPlainArgs(GetBackendIssuersPlainArgs $) { + this.backend = $.backend; + this.namespace = $.namespace; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(GetBackendIssuersPlainArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private GetBackendIssuersPlainArgs $; + + public Builder() { + $ = new GetBackendIssuersPlainArgs(); + } + + public Builder(GetBackendIssuersPlainArgs defaults) { + $ = new GetBackendIssuersPlainArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param backend The path to the PKI secret backend to + * read the issuers from, with no leading or trailing `/`s. + * + * @return builder + * + */ + public Builder backend(String backend) { + $.backend = backend; + return this; + } + + /** + * @param namespace The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(@Nullable String namespace) { + $.namespace = namespace; + return this; + } + + public GetBackendIssuersPlainArgs build() { + $.backend = Objects.requireNonNull($.backend, "expected parameter 'backend' to be non-null"); + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/inputs/GetBackendKeyArgs.java b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/inputs/GetBackendKeyArgs.java new file mode 100644 index 000000000..add9fd2d4 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/inputs/GetBackendKeyArgs.java @@ -0,0 +1,175 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.vault.pkiSecret.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class GetBackendKeyArgs extends com.pulumi.resources.InvokeArgs { + + public static final GetBackendKeyArgs Empty = new GetBackendKeyArgs(); + + /** + * The path to the PKI secret backend to + * read the key from, with no leading or trailing `/`s. + * + */ + @Import(name="backend", required=true) + private Output backend; + + /** + * @return The path to the PKI secret backend to + * read the key from, with no leading or trailing `/`s. + * + */ + public Output backend() { + return this.backend; + } + + /** + * Reference to an existing key. + * + */ + @Import(name="keyRef", required=true) + private Output keyRef; + + /** + * @return Reference to an existing key. + * + */ + public Output keyRef() { + return this.keyRef; + } + + /** + * The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + @Import(name="namespace") + private @Nullable Output namespace; + + /** + * @return The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + public Optional> namespace() { + return Optional.ofNullable(this.namespace); + } + + private GetBackendKeyArgs() {} + + private GetBackendKeyArgs(GetBackendKeyArgs $) { + this.backend = $.backend; + this.keyRef = $.keyRef; + this.namespace = $.namespace; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(GetBackendKeyArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private GetBackendKeyArgs $; + + public Builder() { + $ = new GetBackendKeyArgs(); + } + + public Builder(GetBackendKeyArgs defaults) { + $ = new GetBackendKeyArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param backend The path to the PKI secret backend to + * read the key from, with no leading or trailing `/`s. + * + * @return builder + * + */ + public Builder backend(Output backend) { + $.backend = backend; + return this; + } + + /** + * @param backend The path to the PKI secret backend to + * read the key from, with no leading or trailing `/`s. + * + * @return builder + * + */ + public Builder backend(String backend) { + return backend(Output.of(backend)); + } + + /** + * @param keyRef Reference to an existing key. + * + * @return builder + * + */ + public Builder keyRef(Output keyRef) { + $.keyRef = keyRef; + return this; + } + + /** + * @param keyRef Reference to an existing key. + * + * @return builder + * + */ + public Builder keyRef(String keyRef) { + return keyRef(Output.of(keyRef)); + } + + /** + * @param namespace The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(@Nullable Output namespace) { + $.namespace = namespace; + return this; + } + + /** + * @param namespace The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(String namespace) { + return namespace(Output.of(namespace)); + } + + public GetBackendKeyArgs build() { + $.backend = Objects.requireNonNull($.backend, "expected parameter 'backend' to be non-null"); + $.keyRef = Objects.requireNonNull($.keyRef, "expected parameter 'keyRef' to be non-null"); + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/inputs/GetBackendKeyPlainArgs.java b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/inputs/GetBackendKeyPlainArgs.java new file mode 100644 index 000000000..2ddfaec70 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/inputs/GetBackendKeyPlainArgs.java @@ -0,0 +1,140 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.vault.pkiSecret.inputs; + +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class GetBackendKeyPlainArgs extends com.pulumi.resources.InvokeArgs { + + public static final GetBackendKeyPlainArgs Empty = new GetBackendKeyPlainArgs(); + + /** + * The path to the PKI secret backend to + * read the key from, with no leading or trailing `/`s. + * + */ + @Import(name="backend", required=true) + private String backend; + + /** + * @return The path to the PKI secret backend to + * read the key from, with no leading or trailing `/`s. + * + */ + public String backend() { + return this.backend; + } + + /** + * Reference to an existing key. + * + */ + @Import(name="keyRef", required=true) + private String keyRef; + + /** + * @return Reference to an existing key. + * + */ + public String keyRef() { + return this.keyRef; + } + + /** + * The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + @Import(name="namespace") + private @Nullable String namespace; + + /** + * @return The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + public Optional namespace() { + return Optional.ofNullable(this.namespace); + } + + private GetBackendKeyPlainArgs() {} + + private GetBackendKeyPlainArgs(GetBackendKeyPlainArgs $) { + this.backend = $.backend; + this.keyRef = $.keyRef; + this.namespace = $.namespace; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(GetBackendKeyPlainArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private GetBackendKeyPlainArgs $; + + public Builder() { + $ = new GetBackendKeyPlainArgs(); + } + + public Builder(GetBackendKeyPlainArgs defaults) { + $ = new GetBackendKeyPlainArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param backend The path to the PKI secret backend to + * read the key from, with no leading or trailing `/`s. + * + * @return builder + * + */ + public Builder backend(String backend) { + $.backend = backend; + return this; + } + + /** + * @param keyRef Reference to an existing key. + * + * @return builder + * + */ + public Builder keyRef(String keyRef) { + $.keyRef = keyRef; + return this; + } + + /** + * @param namespace The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(@Nullable String namespace) { + $.namespace = namespace; + return this; + } + + public GetBackendKeyPlainArgs build() { + $.backend = Objects.requireNonNull($.backend, "expected parameter 'backend' to be non-null"); + $.keyRef = Objects.requireNonNull($.keyRef, "expected parameter 'keyRef' to be non-null"); + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/inputs/GetBackendKeysArgs.java b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/inputs/GetBackendKeysArgs.java new file mode 100644 index 000000000..b30ceef93 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/inputs/GetBackendKeysArgs.java @@ -0,0 +1,137 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.vault.pkiSecret.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class GetBackendKeysArgs extends com.pulumi.resources.InvokeArgs { + + public static final GetBackendKeysArgs Empty = new GetBackendKeysArgs(); + + /** + * The path to the PKI secret backend to + * read the keys from, with no leading or trailing `/`s. + * + */ + @Import(name="backend", required=true) + private Output backend; + + /** + * @return The path to the PKI secret backend to + * read the keys from, with no leading or trailing `/`s. + * + */ + public Output backend() { + return this.backend; + } + + /** + * The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + @Import(name="namespace") + private @Nullable Output namespace; + + /** + * @return The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + public Optional> namespace() { + return Optional.ofNullable(this.namespace); + } + + private GetBackendKeysArgs() {} + + private GetBackendKeysArgs(GetBackendKeysArgs $) { + this.backend = $.backend; + this.namespace = $.namespace; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(GetBackendKeysArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private GetBackendKeysArgs $; + + public Builder() { + $ = new GetBackendKeysArgs(); + } + + public Builder(GetBackendKeysArgs defaults) { + $ = new GetBackendKeysArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param backend The path to the PKI secret backend to + * read the keys from, with no leading or trailing `/`s. + * + * @return builder + * + */ + public Builder backend(Output backend) { + $.backend = backend; + return this; + } + + /** + * @param backend The path to the PKI secret backend to + * read the keys from, with no leading or trailing `/`s. + * + * @return builder + * + */ + public Builder backend(String backend) { + return backend(Output.of(backend)); + } + + /** + * @param namespace The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(@Nullable Output namespace) { + $.namespace = namespace; + return this; + } + + /** + * @param namespace The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(String namespace) { + return namespace(Output.of(namespace)); + } + + public GetBackendKeysArgs build() { + $.backend = Objects.requireNonNull($.backend, "expected parameter 'backend' to be non-null"); + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/inputs/GetBackendKeysPlainArgs.java b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/inputs/GetBackendKeysPlainArgs.java new file mode 100644 index 000000000..d0ad31e6c --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/inputs/GetBackendKeysPlainArgs.java @@ -0,0 +1,112 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.vault.pkiSecret.inputs; + +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class GetBackendKeysPlainArgs extends com.pulumi.resources.InvokeArgs { + + public static final GetBackendKeysPlainArgs Empty = new GetBackendKeysPlainArgs(); + + /** + * The path to the PKI secret backend to + * read the keys from, with no leading or trailing `/`s. + * + */ + @Import(name="backend", required=true) + private String backend; + + /** + * @return The path to the PKI secret backend to + * read the keys from, with no leading or trailing `/`s. + * + */ + public String backend() { + return this.backend; + } + + /** + * The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + @Import(name="namespace") + private @Nullable String namespace; + + /** + * @return The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + public Optional namespace() { + return Optional.ofNullable(this.namespace); + } + + private GetBackendKeysPlainArgs() {} + + private GetBackendKeysPlainArgs(GetBackendKeysPlainArgs $) { + this.backend = $.backend; + this.namespace = $.namespace; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(GetBackendKeysPlainArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private GetBackendKeysPlainArgs $; + + public Builder() { + $ = new GetBackendKeysPlainArgs(); + } + + public Builder(GetBackendKeysPlainArgs defaults) { + $ = new GetBackendKeysPlainArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param backend The path to the PKI secret backend to + * read the keys from, with no leading or trailing `/`s. + * + * @return builder + * + */ + public Builder backend(String backend) { + $.backend = backend; + return this; + } + + /** + * @param namespace The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(@Nullable String namespace) { + $.namespace = namespace; + return this; + } + + public GetBackendKeysPlainArgs build() { + $.backend = Objects.requireNonNull($.backend, "expected parameter 'backend' to be non-null"); + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/inputs/SecretBackendRolePolicyIdentifierArgs.java b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/inputs/SecretBackendRolePolicyIdentifierArgs.java new file mode 100644 index 000000000..93bc35c78 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/inputs/SecretBackendRolePolicyIdentifierArgs.java @@ -0,0 +1,382 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.vault.pkiSecret.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class SecretBackendRolePolicyIdentifierArgs extends com.pulumi.resources.ResourceArgs { + + public static final SecretBackendRolePolicyIdentifierArgs Empty = new SecretBackendRolePolicyIdentifierArgs(); + + /** + * The URL of the CPS for the policy identifier + * + * Example usage: + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.vault.Mount; + * import com.pulumi.vault.MountArgs; + * import com.pulumi.vault.pkiSecret.SecretBackendRole; + * import com.pulumi.vault.pkiSecret.SecretBackendRoleArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var pki = new Mount("pki", MountArgs.builder() + * .path("pki") + * .type("pki") + * .defaultLeaseTtlSeconds(3600) + * .maxLeaseTtlSeconds(86400) + * .build()); + * + * var role = new SecretBackendRole("role", SecretBackendRoleArgs.builder() + * .backend(pki.path()) + * .ttl(3600) + * .allowIpSans(true) + * .keyType("rsa") + * .keyBits(4096) + * .allowedDomains( + * "example.com", + * "my.domain") + * .allowSubdomains(true) + * .policyIdentifiers( + * Map.ofEntries( + * Map.entry("oid", "1.3.6.1.4.1.7.8"), + * Map.entry("notice", "I am a user Notice") + * ), + * Map.ofEntries( + * Map.entry("oid", "1.3.6.1.4.1.44947.1.2.4"), + * Map.entry("cps", "https://example.com") + * )) + * .build()); + * + * } + * } + * ``` + * + */ + @Import(name="cps") + private @Nullable Output cps; + + /** + * @return The URL of the CPS for the policy identifier + * + * Example usage: + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.vault.Mount; + * import com.pulumi.vault.MountArgs; + * import com.pulumi.vault.pkiSecret.SecretBackendRole; + * import com.pulumi.vault.pkiSecret.SecretBackendRoleArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var pki = new Mount("pki", MountArgs.builder() + * .path("pki") + * .type("pki") + * .defaultLeaseTtlSeconds(3600) + * .maxLeaseTtlSeconds(86400) + * .build()); + * + * var role = new SecretBackendRole("role", SecretBackendRoleArgs.builder() + * .backend(pki.path()) + * .ttl(3600) + * .allowIpSans(true) + * .keyType("rsa") + * .keyBits(4096) + * .allowedDomains( + * "example.com", + * "my.domain") + * .allowSubdomains(true) + * .policyIdentifiers( + * Map.ofEntries( + * Map.entry("oid", "1.3.6.1.4.1.7.8"), + * Map.entry("notice", "I am a user Notice") + * ), + * Map.ofEntries( + * Map.entry("oid", "1.3.6.1.4.1.44947.1.2.4"), + * Map.entry("cps", "https://example.com") + * )) + * .build()); + * + * } + * } + * ``` + * + */ + public Optional> cps() { + return Optional.ofNullable(this.cps); + } + + /** + * A notice for the policy identifier + * + */ + @Import(name="notice") + private @Nullable Output notice; + + /** + * @return A notice for the policy identifier + * + */ + public Optional> notice() { + return Optional.ofNullable(this.notice); + } + + /** + * The OID for the policy identifier + * + */ + @Import(name="oid", required=true) + private Output oid; + + /** + * @return The OID for the policy identifier + * + */ + public Output oid() { + return this.oid; + } + + private SecretBackendRolePolicyIdentifierArgs() {} + + private SecretBackendRolePolicyIdentifierArgs(SecretBackendRolePolicyIdentifierArgs $) { + this.cps = $.cps; + this.notice = $.notice; + this.oid = $.oid; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(SecretBackendRolePolicyIdentifierArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private SecretBackendRolePolicyIdentifierArgs $; + + public Builder() { + $ = new SecretBackendRolePolicyIdentifierArgs(); + } + + public Builder(SecretBackendRolePolicyIdentifierArgs defaults) { + $ = new SecretBackendRolePolicyIdentifierArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param cps The URL of the CPS for the policy identifier + * + * Example usage: + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.vault.Mount; + * import com.pulumi.vault.MountArgs; + * import com.pulumi.vault.pkiSecret.SecretBackendRole; + * import com.pulumi.vault.pkiSecret.SecretBackendRoleArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var pki = new Mount("pki", MountArgs.builder() + * .path("pki") + * .type("pki") + * .defaultLeaseTtlSeconds(3600) + * .maxLeaseTtlSeconds(86400) + * .build()); + * + * var role = new SecretBackendRole("role", SecretBackendRoleArgs.builder() + * .backend(pki.path()) + * .ttl(3600) + * .allowIpSans(true) + * .keyType("rsa") + * .keyBits(4096) + * .allowedDomains( + * "example.com", + * "my.domain") + * .allowSubdomains(true) + * .policyIdentifiers( + * Map.ofEntries( + * Map.entry("oid", "1.3.6.1.4.1.7.8"), + * Map.entry("notice", "I am a user Notice") + * ), + * Map.ofEntries( + * Map.entry("oid", "1.3.6.1.4.1.44947.1.2.4"), + * Map.entry("cps", "https://example.com") + * )) + * .build()); + * + * } + * } + * ``` + * + * @return builder + * + */ + public Builder cps(@Nullable Output cps) { + $.cps = cps; + return this; + } + + /** + * @param cps The URL of the CPS for the policy identifier + * + * Example usage: + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.vault.Mount; + * import com.pulumi.vault.MountArgs; + * import com.pulumi.vault.pkiSecret.SecretBackendRole; + * import com.pulumi.vault.pkiSecret.SecretBackendRoleArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var pki = new Mount("pki", MountArgs.builder() + * .path("pki") + * .type("pki") + * .defaultLeaseTtlSeconds(3600) + * .maxLeaseTtlSeconds(86400) + * .build()); + * + * var role = new SecretBackendRole("role", SecretBackendRoleArgs.builder() + * .backend(pki.path()) + * .ttl(3600) + * .allowIpSans(true) + * .keyType("rsa") + * .keyBits(4096) + * .allowedDomains( + * "example.com", + * "my.domain") + * .allowSubdomains(true) + * .policyIdentifiers( + * Map.ofEntries( + * Map.entry("oid", "1.3.6.1.4.1.7.8"), + * Map.entry("notice", "I am a user Notice") + * ), + * Map.ofEntries( + * Map.entry("oid", "1.3.6.1.4.1.44947.1.2.4"), + * Map.entry("cps", "https://example.com") + * )) + * .build()); + * + * } + * } + * ``` + * + * @return builder + * + */ + public Builder cps(String cps) { + return cps(Output.of(cps)); + } + + /** + * @param notice A notice for the policy identifier + * + * @return builder + * + */ + public Builder notice(@Nullable Output notice) { + $.notice = notice; + return this; + } + + /** + * @param notice A notice for the policy identifier + * + * @return builder + * + */ + public Builder notice(String notice) { + return notice(Output.of(notice)); + } + + /** + * @param oid The OID for the policy identifier + * + * @return builder + * + */ + public Builder oid(Output oid) { + $.oid = oid; + return this; + } + + /** + * @param oid The OID for the policy identifier + * + * @return builder + * + */ + public Builder oid(String oid) { + return oid(Output.of(oid)); + } + + public SecretBackendRolePolicyIdentifierArgs build() { + $.oid = Objects.requireNonNull($.oid, "expected parameter 'oid' to be non-null"); + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/inputs/SecretBackendRoleState.java b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/inputs/SecretBackendRoleState.java index ce54df609..68df388ca 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/inputs/SecretBackendRoleState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/inputs/SecretBackendRoleState.java @@ -5,6 +5,7 @@ import com.pulumi.core.Output; import com.pulumi.core.annotations.Import; +import com.pulumi.vault.pkiSecret.inputs.SecretBackendRolePolicyIdentifierArgs; import java.lang.Boolean; import java.lang.Integer; import java.lang.String; @@ -561,6 +562,21 @@ public Optional>> organizations() { return Optional.ofNullable(this.organizations); } + /** + * (Vault 1.11+ only) A block for specifying policy identifers. The `policy_identifier` block can be repeated, and supports the following arguments: + * + */ + @Import(name="policyIdentifier") + private @Nullable Output> policyIdentifier; + + /** + * @return (Vault 1.11+ only) A block for specifying policy identifers. The `policy_identifier` block can be repeated, and supports the following arguments: + * + */ + public Optional>> policyIdentifier() { + return Optional.ofNullable(this.policyIdentifier); + } + /** * Specify the list of allowed policies OIDs. Use with Vault 1.10 or before. For Vault 1.11+, use `policy_identifier` blocks instead * @@ -734,6 +750,7 @@ private SecretBackendRoleState(SecretBackendRoleState $) { this.notBeforeDuration = $.notBeforeDuration; this.organizationUnit = $.organizationUnit; this.organizations = $.organizations; + this.policyIdentifier = $.policyIdentifier; this.policyIdentifiers = $.policyIdentifiers; this.postalCodes = $.postalCodes; this.provinces = $.provinces; @@ -1628,6 +1645,37 @@ public Builder organizations(String... organizations) { return organizations(List.of(organizations)); } + /** + * @param policyIdentifier (Vault 1.11+ only) A block for specifying policy identifers. The `policy_identifier` block can be repeated, and supports the following arguments: + * + * @return builder + * + */ + public Builder policyIdentifier(@Nullable Output> policyIdentifier) { + $.policyIdentifier = policyIdentifier; + return this; + } + + /** + * @param policyIdentifier (Vault 1.11+ only) A block for specifying policy identifers. The `policy_identifier` block can be repeated, and supports the following arguments: + * + * @return builder + * + */ + public Builder policyIdentifier(List policyIdentifier) { + return policyIdentifier(Output.of(policyIdentifier)); + } + + /** + * @param policyIdentifier (Vault 1.11+ only) A block for specifying policy identifers. The `policy_identifier` block can be repeated, and supports the following arguments: + * + * @return builder + * + */ + public Builder policyIdentifier(SecretBackendRolePolicyIdentifierArgs... policyIdentifier) { + return policyIdentifier(List.of(policyIdentifier)); + } + /** * @param policyIdentifiers Specify the list of allowed policies OIDs. Use with Vault 1.10 or before. For Vault 1.11+, use `policy_identifier` blocks instead * diff --git a/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/outputs/GetBackendIssuerResult.java b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/outputs/GetBackendIssuerResult.java new file mode 100644 index 000000000..6e243b968 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/outputs/GetBackendIssuerResult.java @@ -0,0 +1,261 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.vault.pkiSecret.outputs; + +import com.pulumi.core.annotations.CustomType; +import java.lang.String; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class GetBackendIssuerResult { + private String backend; + /** + * @return The CA chain as a list of format specific certificates. + * + */ + private List caChains; + /** + * @return Certificate associated with this issuer. + * + */ + private String certificate; + /** + * @return The provider-assigned unique ID for this managed resource. + * + */ + private String id; + /** + * @return ID of the issuer. + * + */ + private String issuerId; + /** + * @return Name of the issuer. + * + */ + private String issuerName; + private String issuerRef; + /** + * @return ID of the key used by the issuer. + * + */ + private String keyId; + /** + * @return Behavior of a leaf's NotAfter field during issuance. + * + */ + private String leafNotAfterBehavior; + /** + * @return Chain of issuer references to build this issuer's computed + * CAChain field from, when non-empty. + * + */ + private List manualChains; + private @Nullable String namespace; + /** + * @return Allowed usages for this issuer. + * + */ + private String usage; + + private GetBackendIssuerResult() {} + public String backend() { + return this.backend; + } + /** + * @return The CA chain as a list of format specific certificates. + * + */ + public List caChains() { + return this.caChains; + } + /** + * @return Certificate associated with this issuer. + * + */ + public String certificate() { + return this.certificate; + } + /** + * @return The provider-assigned unique ID for this managed resource. + * + */ + public String id() { + return this.id; + } + /** + * @return ID of the issuer. + * + */ + public String issuerId() { + return this.issuerId; + } + /** + * @return Name of the issuer. + * + */ + public String issuerName() { + return this.issuerName; + } + public String issuerRef() { + return this.issuerRef; + } + /** + * @return ID of the key used by the issuer. + * + */ + public String keyId() { + return this.keyId; + } + /** + * @return Behavior of a leaf's NotAfter field during issuance. + * + */ + public String leafNotAfterBehavior() { + return this.leafNotAfterBehavior; + } + /** + * @return Chain of issuer references to build this issuer's computed + * CAChain field from, when non-empty. + * + */ + public List manualChains() { + return this.manualChains; + } + public Optional namespace() { + return Optional.ofNullable(this.namespace); + } + /** + * @return Allowed usages for this issuer. + * + */ + public String usage() { + return this.usage; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetBackendIssuerResult defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String backend; + private List caChains; + private String certificate; + private String id; + private String issuerId; + private String issuerName; + private String issuerRef; + private String keyId; + private String leafNotAfterBehavior; + private List manualChains; + private @Nullable String namespace; + private String usage; + public Builder() {} + public Builder(GetBackendIssuerResult defaults) { + Objects.requireNonNull(defaults); + this.backend = defaults.backend; + this.caChains = defaults.caChains; + this.certificate = defaults.certificate; + this.id = defaults.id; + this.issuerId = defaults.issuerId; + this.issuerName = defaults.issuerName; + this.issuerRef = defaults.issuerRef; + this.keyId = defaults.keyId; + this.leafNotAfterBehavior = defaults.leafNotAfterBehavior; + this.manualChains = defaults.manualChains; + this.namespace = defaults.namespace; + this.usage = defaults.usage; + } + + @CustomType.Setter + public Builder backend(String backend) { + this.backend = Objects.requireNonNull(backend); + return this; + } + @CustomType.Setter + public Builder caChains(List caChains) { + this.caChains = Objects.requireNonNull(caChains); + return this; + } + public Builder caChains(String... caChains) { + return caChains(List.of(caChains)); + } + @CustomType.Setter + public Builder certificate(String certificate) { + this.certificate = Objects.requireNonNull(certificate); + return this; + } + @CustomType.Setter + public Builder id(String id) { + this.id = Objects.requireNonNull(id); + return this; + } + @CustomType.Setter + public Builder issuerId(String issuerId) { + this.issuerId = Objects.requireNonNull(issuerId); + return this; + } + @CustomType.Setter + public Builder issuerName(String issuerName) { + this.issuerName = Objects.requireNonNull(issuerName); + return this; + } + @CustomType.Setter + public Builder issuerRef(String issuerRef) { + this.issuerRef = Objects.requireNonNull(issuerRef); + return this; + } + @CustomType.Setter + public Builder keyId(String keyId) { + this.keyId = Objects.requireNonNull(keyId); + return this; + } + @CustomType.Setter + public Builder leafNotAfterBehavior(String leafNotAfterBehavior) { + this.leafNotAfterBehavior = Objects.requireNonNull(leafNotAfterBehavior); + return this; + } + @CustomType.Setter + public Builder manualChains(List manualChains) { + this.manualChains = Objects.requireNonNull(manualChains); + return this; + } + public Builder manualChains(String... manualChains) { + return manualChains(List.of(manualChains)); + } + @CustomType.Setter + public Builder namespace(@Nullable String namespace) { + this.namespace = namespace; + return this; + } + @CustomType.Setter + public Builder usage(String usage) { + this.usage = Objects.requireNonNull(usage); + return this; + } + public GetBackendIssuerResult build() { + final var o = new GetBackendIssuerResult(); + o.backend = backend; + o.caChains = caChains; + o.certificate = certificate; + o.id = id; + o.issuerId = issuerId; + o.issuerName = issuerName; + o.issuerRef = issuerRef; + o.keyId = keyId; + o.leafNotAfterBehavior = leafNotAfterBehavior; + o.manualChains = manualChains; + o.namespace = namespace; + o.usage = usage; + return o; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/outputs/GetBackendIssuersResult.java b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/outputs/GetBackendIssuersResult.java new file mode 100644 index 000000000..d70e1d102 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/outputs/GetBackendIssuersResult.java @@ -0,0 +1,146 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.vault.pkiSecret.outputs; + +import com.pulumi.core.annotations.CustomType; +import java.lang.Object; +import java.lang.String; +import java.util.List; +import java.util.Map; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class GetBackendIssuersResult { + private String backend; + /** + * @return The provider-assigned unique ID for this managed resource. + * + */ + private String id; + /** + * @return Map of issuer strings read from Vault. + * + */ + private Map keyInfo; + /** + * @return JSON-encoded issuer data read from Vault. + * + */ + private String keyInfoJson; + /** + * @return Keys used by issuers under the backend path. + * + */ + private List keys; + private @Nullable String namespace; + + private GetBackendIssuersResult() {} + public String backend() { + return this.backend; + } + /** + * @return The provider-assigned unique ID for this managed resource. + * + */ + public String id() { + return this.id; + } + /** + * @return Map of issuer strings read from Vault. + * + */ + public Map keyInfo() { + return this.keyInfo; + } + /** + * @return JSON-encoded issuer data read from Vault. + * + */ + public String keyInfoJson() { + return this.keyInfoJson; + } + /** + * @return Keys used by issuers under the backend path. + * + */ + public List keys() { + return this.keys; + } + public Optional namespace() { + return Optional.ofNullable(this.namespace); + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetBackendIssuersResult defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String backend; + private String id; + private Map keyInfo; + private String keyInfoJson; + private List keys; + private @Nullable String namespace; + public Builder() {} + public Builder(GetBackendIssuersResult defaults) { + Objects.requireNonNull(defaults); + this.backend = defaults.backend; + this.id = defaults.id; + this.keyInfo = defaults.keyInfo; + this.keyInfoJson = defaults.keyInfoJson; + this.keys = defaults.keys; + this.namespace = defaults.namespace; + } + + @CustomType.Setter + public Builder backend(String backend) { + this.backend = Objects.requireNonNull(backend); + return this; + } + @CustomType.Setter + public Builder id(String id) { + this.id = Objects.requireNonNull(id); + return this; + } + @CustomType.Setter + public Builder keyInfo(Map keyInfo) { + this.keyInfo = Objects.requireNonNull(keyInfo); + return this; + } + @CustomType.Setter + public Builder keyInfoJson(String keyInfoJson) { + this.keyInfoJson = Objects.requireNonNull(keyInfoJson); + return this; + } + @CustomType.Setter + public Builder keys(List keys) { + this.keys = Objects.requireNonNull(keys); + return this; + } + public Builder keys(String... keys) { + return keys(List.of(keys)); + } + @CustomType.Setter + public Builder namespace(@Nullable String namespace) { + this.namespace = namespace; + return this; + } + public GetBackendIssuersResult build() { + final var o = new GetBackendIssuersResult(); + o.backend = backend; + o.id = id; + o.keyInfo = keyInfo; + o.keyInfoJson = keyInfoJson; + o.keys = keys; + o.namespace = namespace; + return o; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/outputs/GetBackendKeyResult.java b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/outputs/GetBackendKeyResult.java new file mode 100644 index 000000000..12ade357e --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/outputs/GetBackendKeyResult.java @@ -0,0 +1,152 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.vault.pkiSecret.outputs; + +import com.pulumi.core.annotations.CustomType; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class GetBackendKeyResult { + private String backend; + /** + * @return The provider-assigned unique ID for this managed resource. + * + */ + private String id; + /** + * @return ID of the key. + * + */ + private String keyId; + /** + * @return Name of the key. + * + */ + private String keyName; + private String keyRef; + /** + * @return Type of the key. + * + */ + private String keyType; + private @Nullable String namespace; + + private GetBackendKeyResult() {} + public String backend() { + return this.backend; + } + /** + * @return The provider-assigned unique ID for this managed resource. + * + */ + public String id() { + return this.id; + } + /** + * @return ID of the key. + * + */ + public String keyId() { + return this.keyId; + } + /** + * @return Name of the key. + * + */ + public String keyName() { + return this.keyName; + } + public String keyRef() { + return this.keyRef; + } + /** + * @return Type of the key. + * + */ + public String keyType() { + return this.keyType; + } + public Optional namespace() { + return Optional.ofNullable(this.namespace); + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetBackendKeyResult defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String backend; + private String id; + private String keyId; + private String keyName; + private String keyRef; + private String keyType; + private @Nullable String namespace; + public Builder() {} + public Builder(GetBackendKeyResult defaults) { + Objects.requireNonNull(defaults); + this.backend = defaults.backend; + this.id = defaults.id; + this.keyId = defaults.keyId; + this.keyName = defaults.keyName; + this.keyRef = defaults.keyRef; + this.keyType = defaults.keyType; + this.namespace = defaults.namespace; + } + + @CustomType.Setter + public Builder backend(String backend) { + this.backend = Objects.requireNonNull(backend); + return this; + } + @CustomType.Setter + public Builder id(String id) { + this.id = Objects.requireNonNull(id); + return this; + } + @CustomType.Setter + public Builder keyId(String keyId) { + this.keyId = Objects.requireNonNull(keyId); + return this; + } + @CustomType.Setter + public Builder keyName(String keyName) { + this.keyName = Objects.requireNonNull(keyName); + return this; + } + @CustomType.Setter + public Builder keyRef(String keyRef) { + this.keyRef = Objects.requireNonNull(keyRef); + return this; + } + @CustomType.Setter + public Builder keyType(String keyType) { + this.keyType = Objects.requireNonNull(keyType); + return this; + } + @CustomType.Setter + public Builder namespace(@Nullable String namespace) { + this.namespace = namespace; + return this; + } + public GetBackendKeyResult build() { + final var o = new GetBackendKeyResult(); + o.backend = backend; + o.id = id; + o.keyId = keyId; + o.keyName = keyName; + o.keyRef = keyRef; + o.keyType = keyType; + o.namespace = namespace; + return o; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/outputs/GetBackendKeysResult.java b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/outputs/GetBackendKeysResult.java new file mode 100644 index 000000000..fcd4830c5 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/outputs/GetBackendKeysResult.java @@ -0,0 +1,146 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.vault.pkiSecret.outputs; + +import com.pulumi.core.annotations.CustomType; +import java.lang.Object; +import java.lang.String; +import java.util.List; +import java.util.Map; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class GetBackendKeysResult { + private String backend; + /** + * @return The provider-assigned unique ID for this managed resource. + * + */ + private String id; + /** + * @return Map of key strings read from Vault. + * + */ + private Map keyInfo; + /** + * @return JSON-encoded key data read from Vault. + * + */ + private String keyInfoJson; + /** + * @return Keys used under the backend path. + * + */ + private List keys; + private @Nullable String namespace; + + private GetBackendKeysResult() {} + public String backend() { + return this.backend; + } + /** + * @return The provider-assigned unique ID for this managed resource. + * + */ + public String id() { + return this.id; + } + /** + * @return Map of key strings read from Vault. + * + */ + public Map keyInfo() { + return this.keyInfo; + } + /** + * @return JSON-encoded key data read from Vault. + * + */ + public String keyInfoJson() { + return this.keyInfoJson; + } + /** + * @return Keys used under the backend path. + * + */ + public List keys() { + return this.keys; + } + public Optional namespace() { + return Optional.ofNullable(this.namespace); + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetBackendKeysResult defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String backend; + private String id; + private Map keyInfo; + private String keyInfoJson; + private List keys; + private @Nullable String namespace; + public Builder() {} + public Builder(GetBackendKeysResult defaults) { + Objects.requireNonNull(defaults); + this.backend = defaults.backend; + this.id = defaults.id; + this.keyInfo = defaults.keyInfo; + this.keyInfoJson = defaults.keyInfoJson; + this.keys = defaults.keys; + this.namespace = defaults.namespace; + } + + @CustomType.Setter + public Builder backend(String backend) { + this.backend = Objects.requireNonNull(backend); + return this; + } + @CustomType.Setter + public Builder id(String id) { + this.id = Objects.requireNonNull(id); + return this; + } + @CustomType.Setter + public Builder keyInfo(Map keyInfo) { + this.keyInfo = Objects.requireNonNull(keyInfo); + return this; + } + @CustomType.Setter + public Builder keyInfoJson(String keyInfoJson) { + this.keyInfoJson = Objects.requireNonNull(keyInfoJson); + return this; + } + @CustomType.Setter + public Builder keys(List keys) { + this.keys = Objects.requireNonNull(keys); + return this; + } + public Builder keys(String... keys) { + return keys(List.of(keys)); + } + @CustomType.Setter + public Builder namespace(@Nullable String namespace) { + this.namespace = namespace; + return this; + } + public GetBackendKeysResult build() { + final var o = new GetBackendKeysResult(); + o.backend = backend; + o.id = id; + o.keyInfo = keyInfo; + o.keyInfoJson = keyInfoJson; + o.keys = keys; + o.namespace = namespace; + return o; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/outputs/SecretBackendRolePolicyIdentifier.java b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/outputs/SecretBackendRolePolicyIdentifier.java new file mode 100644 index 000000000..07f4dfe7c --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/vault/pkiSecret/outputs/SecretBackendRolePolicyIdentifier.java @@ -0,0 +1,208 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.vault.pkiSecret.outputs; + +import com.pulumi.core.annotations.CustomType; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class SecretBackendRolePolicyIdentifier { + /** + * @return The URL of the CPS for the policy identifier + * + * Example usage: + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.vault.Mount; + * import com.pulumi.vault.MountArgs; + * import com.pulumi.vault.pkiSecret.SecretBackendRole; + * import com.pulumi.vault.pkiSecret.SecretBackendRoleArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var pki = new Mount("pki", MountArgs.builder() + * .path("pki") + * .type("pki") + * .defaultLeaseTtlSeconds(3600) + * .maxLeaseTtlSeconds(86400) + * .build()); + * + * var role = new SecretBackendRole("role", SecretBackendRoleArgs.builder() + * .backend(pki.path()) + * .ttl(3600) + * .allowIpSans(true) + * .keyType("rsa") + * .keyBits(4096) + * .allowedDomains( + * "example.com", + * "my.domain") + * .allowSubdomains(true) + * .policyIdentifiers( + * Map.ofEntries( + * Map.entry("oid", "1.3.6.1.4.1.7.8"), + * Map.entry("notice", "I am a user Notice") + * ), + * Map.ofEntries( + * Map.entry("oid", "1.3.6.1.4.1.44947.1.2.4"), + * Map.entry("cps", "https://example.com") + * )) + * .build()); + * + * } + * } + * ``` + * + */ + private @Nullable String cps; + /** + * @return A notice for the policy identifier + * + */ + private @Nullable String notice; + /** + * @return The OID for the policy identifier + * + */ + private String oid; + + private SecretBackendRolePolicyIdentifier() {} + /** + * @return The URL of the CPS for the policy identifier + * + * Example usage: + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.vault.Mount; + * import com.pulumi.vault.MountArgs; + * import com.pulumi.vault.pkiSecret.SecretBackendRole; + * import com.pulumi.vault.pkiSecret.SecretBackendRoleArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var pki = new Mount("pki", MountArgs.builder() + * .path("pki") + * .type("pki") + * .defaultLeaseTtlSeconds(3600) + * .maxLeaseTtlSeconds(86400) + * .build()); + * + * var role = new SecretBackendRole("role", SecretBackendRoleArgs.builder() + * .backend(pki.path()) + * .ttl(3600) + * .allowIpSans(true) + * .keyType("rsa") + * .keyBits(4096) + * .allowedDomains( + * "example.com", + * "my.domain") + * .allowSubdomains(true) + * .policyIdentifiers( + * Map.ofEntries( + * Map.entry("oid", "1.3.6.1.4.1.7.8"), + * Map.entry("notice", "I am a user Notice") + * ), + * Map.ofEntries( + * Map.entry("oid", "1.3.6.1.4.1.44947.1.2.4"), + * Map.entry("cps", "https://example.com") + * )) + * .build()); + * + * } + * } + * ``` + * + */ + public Optional cps() { + return Optional.ofNullable(this.cps); + } + /** + * @return A notice for the policy identifier + * + */ + public Optional notice() { + return Optional.ofNullable(this.notice); + } + /** + * @return The OID for the policy identifier + * + */ + public String oid() { + return this.oid; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(SecretBackendRolePolicyIdentifier defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable String cps; + private @Nullable String notice; + private String oid; + public Builder() {} + public Builder(SecretBackendRolePolicyIdentifier defaults) { + Objects.requireNonNull(defaults); + this.cps = defaults.cps; + this.notice = defaults.notice; + this.oid = defaults.oid; + } + + @CustomType.Setter + public Builder cps(@Nullable String cps) { + this.cps = cps; + return this; + } + @CustomType.Setter + public Builder notice(@Nullable String notice) { + this.notice = notice; + return this; + } + @CustomType.Setter + public Builder oid(String oid) { + this.oid = Objects.requireNonNull(oid); + return this; + } + public SecretBackendRolePolicyIdentifier build() { + final var o = new SecretBackendRolePolicyIdentifier(); + o.cps = cps; + o.notice = notice; + o.oid = oid; + return o; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/vault/saml/AuthBackend.java b/sdk/java/src/main/java/com/pulumi/vault/saml/AuthBackend.java new file mode 100644 index 000000000..12ee71f5c --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/vault/saml/AuthBackend.java @@ -0,0 +1,294 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.vault.saml; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Export; +import com.pulumi.core.annotations.ResourceType; +import com.pulumi.core.internal.Codegen; +import com.pulumi.vault.Utilities; +import com.pulumi.vault.saml.AuthBackendArgs; +import com.pulumi.vault.saml.inputs.AuthBackendState; +import java.lang.Boolean; +import java.lang.String; +import java.util.List; +import java.util.Optional; +import javax.annotation.Nullable; + +/** + * Manages a SAML Auth mount in a Vault server. See the [Vault + * documentation](https://www.vaultproject.io/docs/auth/saml/) for more + * information. + * + * ## Example Usage + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.vault.saml.AuthBackend; + * import com.pulumi.vault.saml.AuthBackendArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var test = new AuthBackend("test", AuthBackendArgs.builder() + * .acsUrls("https://my.vault.primary/v1/auth/saml/callback") + * .defaultRole("admin") + * .entityId("https://my.vault/v1/auth/saml") + * .idpMetadataUrl("https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata") + * .path("saml") + * .build()); + * + * } + * } + * ``` + * + * ## Import + * + * SAML authentication mounts can be imported using the `path`, e.g. + * + * ```sh + * $ pulumi import vault:saml/authBackend:AuthBackend example saml + * ``` + * + */ +@ResourceType(type="vault:saml/authBackend:AuthBackend") +public class AuthBackend extends com.pulumi.resources.CustomResource { + /** + * The well-formatted URLs of your Assertion Consumer Service (ACS) + * that should receive a response from the identity provider. + * + */ + @Export(name="acsUrls", refs={List.class,String.class}, tree="[0,1]") + private Output> acsUrls; + + /** + * @return The well-formatted URLs of your Assertion Consumer Service (ACS) + * that should receive a response from the identity provider. + * + */ + public Output> acsUrls() { + return this.acsUrls; + } + /** + * The role to use if no role is provided during login. + * + */ + @Export(name="defaultRole", refs={String.class}, tree="[0]") + private Output defaultRole; + + /** + * @return The role to use if no role is provided during login. + * + */ + public Output> defaultRole() { + return Codegen.optional(this.defaultRole); + } + /** + * If set to `true`, opts out of mount migration on path updates. + * See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) + * + */ + @Export(name="disableRemount", refs={Boolean.class}, tree="[0]") + private Output disableRemount; + + /** + * @return If set to `true`, opts out of mount migration on path updates. + * See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) + * + */ + public Output> disableRemount() { + return Codegen.optional(this.disableRemount); + } + /** + * The entity ID of the SAML authentication service provider. + * + */ + @Export(name="entityId", refs={String.class}, tree="[0]") + private Output entityId; + + /** + * @return The entity ID of the SAML authentication service provider. + * + */ + public Output entityId() { + return this.entityId; + } + /** + * The PEM encoded certificate of the identity provider. Mutually exclusive + * with `idp_metadata_url`. + * + */ + @Export(name="idpCert", refs={String.class}, tree="[0]") + private Output idpCert; + + /** + * @return The PEM encoded certificate of the identity provider. Mutually exclusive + * with `idp_metadata_url`. + * + */ + public Output> idpCert() { + return Codegen.optional(this.idpCert); + } + /** + * The entity ID of the identity provider. Mutually exclusive with + * `idp_metadata_url`. + * + */ + @Export(name="idpEntityId", refs={String.class}, tree="[0]") + private Output idpEntityId; + + /** + * @return The entity ID of the identity provider. Mutually exclusive with + * `idp_metadata_url`. + * + */ + public Output> idpEntityId() { + return Codegen.optional(this.idpEntityId); + } + /** + * The metadata URL of the identity provider. + * + */ + @Export(name="idpMetadataUrl", refs={String.class}, tree="[0]") + private Output idpMetadataUrl; + + /** + * @return The metadata URL of the identity provider. + * + */ + public Output> idpMetadataUrl() { + return Codegen.optional(this.idpMetadataUrl); + } + /** + * The SSO URL of the identity provider. Mutually exclusive with + * `idp_metadata_url`. + * + */ + @Export(name="idpSsoUrl", refs={String.class}, tree="[0]") + private Output idpSsoUrl; + + /** + * @return The SSO URL of the identity provider. Mutually exclusive with + * `idp_metadata_url`. + * + */ + public Output> idpSsoUrl() { + return Codegen.optional(this.idpSsoUrl); + } + /** + * The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + @Export(name="namespace", refs={String.class}, tree="[0]") + private Output namespace; + + /** + * @return The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + public Output> namespace() { + return Codegen.optional(this.namespace); + } + /** + * Path where the auth backend will be mounted. Defaults to `auth/saml` + * if not specified. + * + */ + @Export(name="path", refs={String.class}, tree="[0]") + private Output path; + + /** + * @return Path where the auth backend will be mounted. Defaults to `auth/saml` + * if not specified. + * + */ + public Output> path() { + return Codegen.optional(this.path); + } + /** + * If set to `true`, logs additional, potentially sensitive + * information during the SAML exchange according to the current logging level. Not + * recommended for production. + * + */ + @Export(name="verboseLogging", refs={Boolean.class}, tree="[0]") + private Output verboseLogging; + + /** + * @return If set to `true`, logs additional, potentially sensitive + * information during the SAML exchange according to the current logging level. Not + * recommended for production. + * + */ + public Output verboseLogging() { + return this.verboseLogging; + } + + /** + * + * @param name The _unique_ name of the resulting resource. + */ + public AuthBackend(String name) { + this(name, AuthBackendArgs.Empty); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + */ + public AuthBackend(String name, AuthBackendArgs args) { + this(name, args, null); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + * @param options A bag of options that control this resource's behavior. + */ + public AuthBackend(String name, AuthBackendArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("vault:saml/authBackend:AuthBackend", name, args == null ? AuthBackendArgs.Empty : args, makeResourceOptions(options, Codegen.empty())); + } + + private AuthBackend(String name, Output id, @Nullable AuthBackendState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("vault:saml/authBackend:AuthBackend", name, state, makeResourceOptions(options, id)); + } + + private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) { + var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder() + .version(Utilities.getVersion()) + .build(); + return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id); + } + + /** + * Get an existing Host resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state + * @param options Optional settings to control the behavior of the CustomResource. + */ + public static AuthBackend get(String name, Output id, @Nullable AuthBackendState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + return new AuthBackend(name, id, state, options); + } +} diff --git a/sdk/java/src/main/java/com/pulumi/vault/saml/AuthBackendArgs.java b/sdk/java/src/main/java/com/pulumi/vault/saml/AuthBackendArgs.java new file mode 100644 index 000000000..2262a5802 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/vault/saml/AuthBackendArgs.java @@ -0,0 +1,512 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.vault.saml; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.Boolean; +import java.lang.String; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class AuthBackendArgs extends com.pulumi.resources.ResourceArgs { + + public static final AuthBackendArgs Empty = new AuthBackendArgs(); + + /** + * The well-formatted URLs of your Assertion Consumer Service (ACS) + * that should receive a response from the identity provider. + * + */ + @Import(name="acsUrls", required=true) + private Output> acsUrls; + + /** + * @return The well-formatted URLs of your Assertion Consumer Service (ACS) + * that should receive a response from the identity provider. + * + */ + public Output> acsUrls() { + return this.acsUrls; + } + + /** + * The role to use if no role is provided during login. + * + */ + @Import(name="defaultRole") + private @Nullable Output defaultRole; + + /** + * @return The role to use if no role is provided during login. + * + */ + public Optional> defaultRole() { + return Optional.ofNullable(this.defaultRole); + } + + /** + * If set to `true`, opts out of mount migration on path updates. + * See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) + * + */ + @Import(name="disableRemount") + private @Nullable Output disableRemount; + + /** + * @return If set to `true`, opts out of mount migration on path updates. + * See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) + * + */ + public Optional> disableRemount() { + return Optional.ofNullable(this.disableRemount); + } + + /** + * The entity ID of the SAML authentication service provider. + * + */ + @Import(name="entityId", required=true) + private Output entityId; + + /** + * @return The entity ID of the SAML authentication service provider. + * + */ + public Output entityId() { + return this.entityId; + } + + /** + * The PEM encoded certificate of the identity provider. Mutually exclusive + * with `idp_metadata_url`. + * + */ + @Import(name="idpCert") + private @Nullable Output idpCert; + + /** + * @return The PEM encoded certificate of the identity provider. Mutually exclusive + * with `idp_metadata_url`. + * + */ + public Optional> idpCert() { + return Optional.ofNullable(this.idpCert); + } + + /** + * The entity ID of the identity provider. Mutually exclusive with + * `idp_metadata_url`. + * + */ + @Import(name="idpEntityId") + private @Nullable Output idpEntityId; + + /** + * @return The entity ID of the identity provider. Mutually exclusive with + * `idp_metadata_url`. + * + */ + public Optional> idpEntityId() { + return Optional.ofNullable(this.idpEntityId); + } + + /** + * The metadata URL of the identity provider. + * + */ + @Import(name="idpMetadataUrl") + private @Nullable Output idpMetadataUrl; + + /** + * @return The metadata URL of the identity provider. + * + */ + public Optional> idpMetadataUrl() { + return Optional.ofNullable(this.idpMetadataUrl); + } + + /** + * The SSO URL of the identity provider. Mutually exclusive with + * `idp_metadata_url`. + * + */ + @Import(name="idpSsoUrl") + private @Nullable Output idpSsoUrl; + + /** + * @return The SSO URL of the identity provider. Mutually exclusive with + * `idp_metadata_url`. + * + */ + public Optional> idpSsoUrl() { + return Optional.ofNullable(this.idpSsoUrl); + } + + /** + * The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + @Import(name="namespace") + private @Nullable Output namespace; + + /** + * @return The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + public Optional> namespace() { + return Optional.ofNullable(this.namespace); + } + + /** + * Path where the auth backend will be mounted. Defaults to `auth/saml` + * if not specified. + * + */ + @Import(name="path") + private @Nullable Output path; + + /** + * @return Path where the auth backend will be mounted. Defaults to `auth/saml` + * if not specified. + * + */ + public Optional> path() { + return Optional.ofNullable(this.path); + } + + /** + * If set to `true`, logs additional, potentially sensitive + * information during the SAML exchange according to the current logging level. Not + * recommended for production. + * + */ + @Import(name="verboseLogging") + private @Nullable Output verboseLogging; + + /** + * @return If set to `true`, logs additional, potentially sensitive + * information during the SAML exchange according to the current logging level. Not + * recommended for production. + * + */ + public Optional> verboseLogging() { + return Optional.ofNullable(this.verboseLogging); + } + + private AuthBackendArgs() {} + + private AuthBackendArgs(AuthBackendArgs $) { + this.acsUrls = $.acsUrls; + this.defaultRole = $.defaultRole; + this.disableRemount = $.disableRemount; + this.entityId = $.entityId; + this.idpCert = $.idpCert; + this.idpEntityId = $.idpEntityId; + this.idpMetadataUrl = $.idpMetadataUrl; + this.idpSsoUrl = $.idpSsoUrl; + this.namespace = $.namespace; + this.path = $.path; + this.verboseLogging = $.verboseLogging; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AuthBackendArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AuthBackendArgs $; + + public Builder() { + $ = new AuthBackendArgs(); + } + + public Builder(AuthBackendArgs defaults) { + $ = new AuthBackendArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param acsUrls The well-formatted URLs of your Assertion Consumer Service (ACS) + * that should receive a response from the identity provider. + * + * @return builder + * + */ + public Builder acsUrls(Output> acsUrls) { + $.acsUrls = acsUrls; + return this; + } + + /** + * @param acsUrls The well-formatted URLs of your Assertion Consumer Service (ACS) + * that should receive a response from the identity provider. + * + * @return builder + * + */ + public Builder acsUrls(List acsUrls) { + return acsUrls(Output.of(acsUrls)); + } + + /** + * @param acsUrls The well-formatted URLs of your Assertion Consumer Service (ACS) + * that should receive a response from the identity provider. + * + * @return builder + * + */ + public Builder acsUrls(String... acsUrls) { + return acsUrls(List.of(acsUrls)); + } + + /** + * @param defaultRole The role to use if no role is provided during login. + * + * @return builder + * + */ + public Builder defaultRole(@Nullable Output defaultRole) { + $.defaultRole = defaultRole; + return this; + } + + /** + * @param defaultRole The role to use if no role is provided during login. + * + * @return builder + * + */ + public Builder defaultRole(String defaultRole) { + return defaultRole(Output.of(defaultRole)); + } + + /** + * @param disableRemount If set to `true`, opts out of mount migration on path updates. + * See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) + * + * @return builder + * + */ + public Builder disableRemount(@Nullable Output disableRemount) { + $.disableRemount = disableRemount; + return this; + } + + /** + * @param disableRemount If set to `true`, opts out of mount migration on path updates. + * See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) + * + * @return builder + * + */ + public Builder disableRemount(Boolean disableRemount) { + return disableRemount(Output.of(disableRemount)); + } + + /** + * @param entityId The entity ID of the SAML authentication service provider. + * + * @return builder + * + */ + public Builder entityId(Output entityId) { + $.entityId = entityId; + return this; + } + + /** + * @param entityId The entity ID of the SAML authentication service provider. + * + * @return builder + * + */ + public Builder entityId(String entityId) { + return entityId(Output.of(entityId)); + } + + /** + * @param idpCert The PEM encoded certificate of the identity provider. Mutually exclusive + * with `idp_metadata_url`. + * + * @return builder + * + */ + public Builder idpCert(@Nullable Output idpCert) { + $.idpCert = idpCert; + return this; + } + + /** + * @param idpCert The PEM encoded certificate of the identity provider. Mutually exclusive + * with `idp_metadata_url`. + * + * @return builder + * + */ + public Builder idpCert(String idpCert) { + return idpCert(Output.of(idpCert)); + } + + /** + * @param idpEntityId The entity ID of the identity provider. Mutually exclusive with + * `idp_metadata_url`. + * + * @return builder + * + */ + public Builder idpEntityId(@Nullable Output idpEntityId) { + $.idpEntityId = idpEntityId; + return this; + } + + /** + * @param idpEntityId The entity ID of the identity provider. Mutually exclusive with + * `idp_metadata_url`. + * + * @return builder + * + */ + public Builder idpEntityId(String idpEntityId) { + return idpEntityId(Output.of(idpEntityId)); + } + + /** + * @param idpMetadataUrl The metadata URL of the identity provider. + * + * @return builder + * + */ + public Builder idpMetadataUrl(@Nullable Output idpMetadataUrl) { + $.idpMetadataUrl = idpMetadataUrl; + return this; + } + + /** + * @param idpMetadataUrl The metadata URL of the identity provider. + * + * @return builder + * + */ + public Builder idpMetadataUrl(String idpMetadataUrl) { + return idpMetadataUrl(Output.of(idpMetadataUrl)); + } + + /** + * @param idpSsoUrl The SSO URL of the identity provider. Mutually exclusive with + * `idp_metadata_url`. + * + * @return builder + * + */ + public Builder idpSsoUrl(@Nullable Output idpSsoUrl) { + $.idpSsoUrl = idpSsoUrl; + return this; + } + + /** + * @param idpSsoUrl The SSO URL of the identity provider. Mutually exclusive with + * `idp_metadata_url`. + * + * @return builder + * + */ + public Builder idpSsoUrl(String idpSsoUrl) { + return idpSsoUrl(Output.of(idpSsoUrl)); + } + + /** + * @param namespace The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(@Nullable Output namespace) { + $.namespace = namespace; + return this; + } + + /** + * @param namespace The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(String namespace) { + return namespace(Output.of(namespace)); + } + + /** + * @param path Path where the auth backend will be mounted. Defaults to `auth/saml` + * if not specified. + * + * @return builder + * + */ + public Builder path(@Nullable Output path) { + $.path = path; + return this; + } + + /** + * @param path Path where the auth backend will be mounted. Defaults to `auth/saml` + * if not specified. + * + * @return builder + * + */ + public Builder path(String path) { + return path(Output.of(path)); + } + + /** + * @param verboseLogging If set to `true`, logs additional, potentially sensitive + * information during the SAML exchange according to the current logging level. Not + * recommended for production. + * + * @return builder + * + */ + public Builder verboseLogging(@Nullable Output verboseLogging) { + $.verboseLogging = verboseLogging; + return this; + } + + /** + * @param verboseLogging If set to `true`, logs additional, potentially sensitive + * information during the SAML exchange according to the current logging level. Not + * recommended for production. + * + * @return builder + * + */ + public Builder verboseLogging(Boolean verboseLogging) { + return verboseLogging(Output.of(verboseLogging)); + } + + public AuthBackendArgs build() { + $.acsUrls = Objects.requireNonNull($.acsUrls, "expected parameter 'acsUrls' to be non-null"); + $.entityId = Objects.requireNonNull($.entityId, "expected parameter 'entityId' to be non-null"); + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/vault/saml/AuthBackendRole.java b/sdk/java/src/main/java/com/pulumi/vault/saml/AuthBackendRole.java new file mode 100644 index 000000000..ecfc74208 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/vault/saml/AuthBackendRole.java @@ -0,0 +1,416 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.vault.saml; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Export; +import com.pulumi.core.annotations.ResourceType; +import com.pulumi.core.internal.Codegen; +import com.pulumi.vault.Utilities; +import com.pulumi.vault.saml.AuthBackendRoleArgs; +import com.pulumi.vault.saml.inputs.AuthBackendRoleState; +import java.lang.Boolean; +import java.lang.Integer; +import java.lang.Object; +import java.lang.String; +import java.util.List; +import java.util.Map; +import java.util.Optional; +import javax.annotation.Nullable; + +/** + * Manages an SAML auth backend role in a Vault server. See the [Vault + * documentation](https://www.vaultproject.io/docs/auth/saml.html) for more + * information. + * + * ## Example Usage + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.vault.saml.AuthBackend; + * import com.pulumi.vault.saml.AuthBackendArgs; + * import com.pulumi.vault.saml.AuthBackendRole; + * import com.pulumi.vault.saml.AuthBackendRoleArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var exampleAuthBackend = new AuthBackend("exampleAuthBackend", AuthBackendArgs.builder() + * .path("saml") + * .idpMetadataUrl("https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata") + * .entityId("https://my.vault/v1/auth/saml") + * .acsUrls("https://my.vault.primary/v1/auth/saml/callback") + * .defaultRole("default-role") + * .build()); + * + * var exampleAuthBackendRole = new AuthBackendRole("exampleAuthBackendRole", AuthBackendRoleArgs.builder() + * .path(exampleAuthBackend.path()) + * .groupsAttribute("groups") + * .boundAttributes(Map.of("group", "admin")) + * .boundSubjects("*example.com") + * .tokenPolicies("writer") + * .tokenTtl(86400) + * .build()); + * + * } + * } + * ``` + * + * ## Import + * + * SAML authentication backend roles can be imported using the `path`, e.g. + * + * ```sh + * $ pulumi import vault:saml/authBackendRole:AuthBackendRole example auth/saml/role/my-role + * ``` + * + */ +@ResourceType(type="vault:saml/authBackendRole:AuthBackendRole") +public class AuthBackendRole extends com.pulumi.resources.CustomResource { + /** + * Mapping of attribute names to values that are expected to + * exist in the SAML assertion. + * + */ + @Export(name="boundAttributes", refs={Map.class,String.class,Object.class}, tree="[0,1,2]") + private Output> boundAttributes; + + /** + * @return Mapping of attribute names to values that are expected to + * exist in the SAML assertion. + * + */ + public Output>> boundAttributes() { + return Codegen.optional(this.boundAttributes); + } + /** + * The type of matching assertion to perform on + * `bound_attributes_type`. + * + */ + @Export(name="boundAttributesType", refs={String.class}, tree="[0]") + private Output boundAttributesType; + + /** + * @return The type of matching assertion to perform on + * `bound_attributes_type`. + * + */ + public Output boundAttributesType() { + return this.boundAttributesType; + } + /** + * List of subjects being asserted for SAML authentication. + * + */ + @Export(name="boundSubjects", refs={List.class,String.class}, tree="[0,1]") + private Output> boundSubjects; + + /** + * @return List of subjects being asserted for SAML authentication. + * + */ + public Output>> boundSubjects() { + return Codegen.optional(this.boundSubjects); + } + /** + * The type of matching assertion to perform on `bound_subjects`. + * + */ + @Export(name="boundSubjectsType", refs={String.class}, tree="[0]") + private Output boundSubjectsType; + + /** + * @return The type of matching assertion to perform on `bound_subjects`. + * + */ + public Output boundSubjectsType() { + return this.boundSubjectsType; + } + /** + * The attribute to use to identify the set of groups to which the + * user belongs. + * + */ + @Export(name="groupsAttribute", refs={String.class}, tree="[0]") + private Output groupsAttribute; + + /** + * @return The attribute to use to identify the set of groups to which the + * user belongs. + * + */ + public Output> groupsAttribute() { + return Codegen.optional(this.groupsAttribute); + } + /** + * Unique name of the role. + * + */ + @Export(name="name", refs={String.class}, tree="[0]") + private Output name; + + /** + * @return Unique name of the role. + * + */ + public Output name() { + return this.name; + } + /** + * The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + @Export(name="namespace", refs={String.class}, tree="[0]") + private Output namespace; + + /** + * @return The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + public Output> namespace() { + return Codegen.optional(this.namespace); + } + /** + * Path where the auth backend is mounted. + * + */ + @Export(name="path", refs={String.class}, tree="[0]") + private Output path; + + /** + * @return Path where the auth backend is mounted. + * + */ + public Output path() { + return this.path; + } + /** + * List of CIDR blocks; if set, specifies blocks of IP + * addresses which can authenticate successfully, and ties the resulting token to these blocks + * as well. + * + */ + @Export(name="tokenBoundCidrs", refs={List.class,String.class}, tree="[0,1]") + private Output> tokenBoundCidrs; + + /** + * @return List of CIDR blocks; if set, specifies blocks of IP + * addresses which can authenticate successfully, and ties the resulting token to these blocks + * as well. + * + */ + public Output>> tokenBoundCidrs() { + return Codegen.optional(this.tokenBoundCidrs); + } + /** + * If set, will encode an + * [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) + * onto the token in number of seconds. This is a hard cap even if `token_ttl` and + * `token_max_ttl` would otherwise allow a renewal. + * + */ + @Export(name="tokenExplicitMaxTtl", refs={Integer.class}, tree="[0]") + private Output tokenExplicitMaxTtl; + + /** + * @return If set, will encode an + * [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) + * onto the token in number of seconds. This is a hard cap even if `token_ttl` and + * `token_max_ttl` would otherwise allow a renewal. + * + */ + public Output> tokenExplicitMaxTtl() { + return Codegen.optional(this.tokenExplicitMaxTtl); + } + /** + * The maximum lifetime for generated tokens in number of seconds. + * Its current value will be referenced at renewal time. + * + */ + @Export(name="tokenMaxTtl", refs={Integer.class}, tree="[0]") + private Output tokenMaxTtl; + + /** + * @return The maximum lifetime for generated tokens in number of seconds. + * Its current value will be referenced at renewal time. + * + */ + public Output> tokenMaxTtl() { + return Codegen.optional(this.tokenMaxTtl); + } + /** + * If set, the default policy will not be set on + * generated tokens; otherwise it will be added to the policies set in token_policies. + * + */ + @Export(name="tokenNoDefaultPolicy", refs={Boolean.class}, tree="[0]") + private Output tokenNoDefaultPolicy; + + /** + * @return If set, the default policy will not be set on + * generated tokens; otherwise it will be added to the policies set in token_policies. + * + */ + public Output> tokenNoDefaultPolicy() { + return Codegen.optional(this.tokenNoDefaultPolicy); + } + /** + * The [maximum number](https://developer.hashicorp.com/vault/api-docs/auth/saml#token_num_uses) + * of times a generated token may be used (within its lifetime); 0 means unlimited. + * + */ + @Export(name="tokenNumUses", refs={Integer.class}, tree="[0]") + private Output tokenNumUses; + + /** + * @return The [maximum number](https://developer.hashicorp.com/vault/api-docs/auth/saml#token_num_uses) + * of times a generated token may be used (within its lifetime); 0 means unlimited. + * + */ + public Output> tokenNumUses() { + return Codegen.optional(this.tokenNumUses); + } + /** + * If set, indicates that the + * token generated using this role should never expire. The token should be renewed within the + * duration specified by this value. At each renewal, the token's TTL will be set to the + * value of this field. Specified in seconds. + * + */ + @Export(name="tokenPeriod", refs={Integer.class}, tree="[0]") + private Output tokenPeriod; + + /** + * @return If set, indicates that the + * token generated using this role should never expire. The token should be renewed within the + * duration specified by this value. At each renewal, the token's TTL will be set to the + * value of this field. Specified in seconds. + * + */ + public Output> tokenPeriod() { + return Codegen.optional(this.tokenPeriod); + } + /** + * List of policies to encode onto generated tokens. Depending + * on the auth method, this list may be supplemented by user/group/other values. + * + */ + @Export(name="tokenPolicies", refs={List.class,String.class}, tree="[0,1]") + private Output> tokenPolicies; + + /** + * @return List of policies to encode onto generated tokens. Depending + * on the auth method, this list may be supplemented by user/group/other values. + * + */ + public Output>> tokenPolicies() { + return Codegen.optional(this.tokenPolicies); + } + /** + * The incremental lifetime for generated tokens in number of seconds. + * Its current value will be referenced at renewal time. + * + */ + @Export(name="tokenTtl", refs={Integer.class}, tree="[0]") + private Output tokenTtl; + + /** + * @return The incremental lifetime for generated tokens in number of seconds. + * Its current value will be referenced at renewal time. + * + */ + public Output> tokenTtl() { + return Codegen.optional(this.tokenTtl); + } + /** + * The type of token that should be generated. Can be `service`, + * `batch`, or `default` to use the mount's tuned default (which unless changed will be + * `service` tokens). For token store roles, there are two additional possibilities: + * `default-service` and `default-batch` which specify the type to return unless the client + * requests a different type at generation time. + * + */ + @Export(name="tokenType", refs={String.class}, tree="[0]") + private Output tokenType; + + /** + * @return The type of token that should be generated. Can be `service`, + * `batch`, or `default` to use the mount's tuned default (which unless changed will be + * `service` tokens). For token store roles, there are two additional possibilities: + * `default-service` and `default-batch` which specify the type to return unless the client + * requests a different type at generation time. + * + */ + public Output> tokenType() { + return Codegen.optional(this.tokenType); + } + + /** + * + * @param name The _unique_ name of the resulting resource. + */ + public AuthBackendRole(String name) { + this(name, AuthBackendRoleArgs.Empty); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + */ + public AuthBackendRole(String name, AuthBackendRoleArgs args) { + this(name, args, null); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + * @param options A bag of options that control this resource's behavior. + */ + public AuthBackendRole(String name, AuthBackendRoleArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("vault:saml/authBackendRole:AuthBackendRole", name, args == null ? AuthBackendRoleArgs.Empty : args, makeResourceOptions(options, Codegen.empty())); + } + + private AuthBackendRole(String name, Output id, @Nullable AuthBackendRoleState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("vault:saml/authBackendRole:AuthBackendRole", name, state, makeResourceOptions(options, id)); + } + + private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) { + var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder() + .version(Utilities.getVersion()) + .build(); + return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id); + } + + /** + * Get an existing Host resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state + * @param options Optional settings to control the behavior of the CustomResource. + */ + public static AuthBackendRole get(String name, Output id, @Nullable AuthBackendRoleState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + return new AuthBackendRole(name, id, state, options); + } +} diff --git a/sdk/java/src/main/java/com/pulumi/vault/saml/AuthBackendRoleArgs.java b/sdk/java/src/main/java/com/pulumi/vault/saml/AuthBackendRoleArgs.java new file mode 100644 index 000000000..73434af62 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/vault/saml/AuthBackendRoleArgs.java @@ -0,0 +1,806 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.vault.saml; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.Boolean; +import java.lang.Integer; +import java.lang.Object; +import java.lang.String; +import java.util.List; +import java.util.Map; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class AuthBackendRoleArgs extends com.pulumi.resources.ResourceArgs { + + public static final AuthBackendRoleArgs Empty = new AuthBackendRoleArgs(); + + /** + * Mapping of attribute names to values that are expected to + * exist in the SAML assertion. + * + */ + @Import(name="boundAttributes") + private @Nullable Output> boundAttributes; + + /** + * @return Mapping of attribute names to values that are expected to + * exist in the SAML assertion. + * + */ + public Optional>> boundAttributes() { + return Optional.ofNullable(this.boundAttributes); + } + + /** + * The type of matching assertion to perform on + * `bound_attributes_type`. + * + */ + @Import(name="boundAttributesType") + private @Nullable Output boundAttributesType; + + /** + * @return The type of matching assertion to perform on + * `bound_attributes_type`. + * + */ + public Optional> boundAttributesType() { + return Optional.ofNullable(this.boundAttributesType); + } + + /** + * List of subjects being asserted for SAML authentication. + * + */ + @Import(name="boundSubjects") + private @Nullable Output> boundSubjects; + + /** + * @return List of subjects being asserted for SAML authentication. + * + */ + public Optional>> boundSubjects() { + return Optional.ofNullable(this.boundSubjects); + } + + /** + * The type of matching assertion to perform on `bound_subjects`. + * + */ + @Import(name="boundSubjectsType") + private @Nullable Output boundSubjectsType; + + /** + * @return The type of matching assertion to perform on `bound_subjects`. + * + */ + public Optional> boundSubjectsType() { + return Optional.ofNullable(this.boundSubjectsType); + } + + /** + * The attribute to use to identify the set of groups to which the + * user belongs. + * + */ + @Import(name="groupsAttribute") + private @Nullable Output groupsAttribute; + + /** + * @return The attribute to use to identify the set of groups to which the + * user belongs. + * + */ + public Optional> groupsAttribute() { + return Optional.ofNullable(this.groupsAttribute); + } + + /** + * Unique name of the role. + * + */ + @Import(name="name") + private @Nullable Output name; + + /** + * @return Unique name of the role. + * + */ + public Optional> name() { + return Optional.ofNullable(this.name); + } + + /** + * The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + @Import(name="namespace") + private @Nullable Output namespace; + + /** + * @return The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + public Optional> namespace() { + return Optional.ofNullable(this.namespace); + } + + /** + * Path where the auth backend is mounted. + * + */ + @Import(name="path", required=true) + private Output path; + + /** + * @return Path where the auth backend is mounted. + * + */ + public Output path() { + return this.path; + } + + /** + * List of CIDR blocks; if set, specifies blocks of IP + * addresses which can authenticate successfully, and ties the resulting token to these blocks + * as well. + * + */ + @Import(name="tokenBoundCidrs") + private @Nullable Output> tokenBoundCidrs; + + /** + * @return List of CIDR blocks; if set, specifies blocks of IP + * addresses which can authenticate successfully, and ties the resulting token to these blocks + * as well. + * + */ + public Optional>> tokenBoundCidrs() { + return Optional.ofNullable(this.tokenBoundCidrs); + } + + /** + * If set, will encode an + * [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) + * onto the token in number of seconds. This is a hard cap even if `token_ttl` and + * `token_max_ttl` would otherwise allow a renewal. + * + */ + @Import(name="tokenExplicitMaxTtl") + private @Nullable Output tokenExplicitMaxTtl; + + /** + * @return If set, will encode an + * [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) + * onto the token in number of seconds. This is a hard cap even if `token_ttl` and + * `token_max_ttl` would otherwise allow a renewal. + * + */ + public Optional> tokenExplicitMaxTtl() { + return Optional.ofNullable(this.tokenExplicitMaxTtl); + } + + /** + * The maximum lifetime for generated tokens in number of seconds. + * Its current value will be referenced at renewal time. + * + */ + @Import(name="tokenMaxTtl") + private @Nullable Output tokenMaxTtl; + + /** + * @return The maximum lifetime for generated tokens in number of seconds. + * Its current value will be referenced at renewal time. + * + */ + public Optional> tokenMaxTtl() { + return Optional.ofNullable(this.tokenMaxTtl); + } + + /** + * If set, the default policy will not be set on + * generated tokens; otherwise it will be added to the policies set in token_policies. + * + */ + @Import(name="tokenNoDefaultPolicy") + private @Nullable Output tokenNoDefaultPolicy; + + /** + * @return If set, the default policy will not be set on + * generated tokens; otherwise it will be added to the policies set in token_policies. + * + */ + public Optional> tokenNoDefaultPolicy() { + return Optional.ofNullable(this.tokenNoDefaultPolicy); + } + + /** + * The [maximum number](https://developer.hashicorp.com/vault/api-docs/auth/saml#token_num_uses) + * of times a generated token may be used (within its lifetime); 0 means unlimited. + * + */ + @Import(name="tokenNumUses") + private @Nullable Output tokenNumUses; + + /** + * @return The [maximum number](https://developer.hashicorp.com/vault/api-docs/auth/saml#token_num_uses) + * of times a generated token may be used (within its lifetime); 0 means unlimited. + * + */ + public Optional> tokenNumUses() { + return Optional.ofNullable(this.tokenNumUses); + } + + /** + * If set, indicates that the + * token generated using this role should never expire. The token should be renewed within the + * duration specified by this value. At each renewal, the token's TTL will be set to the + * value of this field. Specified in seconds. + * + */ + @Import(name="tokenPeriod") + private @Nullable Output tokenPeriod; + + /** + * @return If set, indicates that the + * token generated using this role should never expire. The token should be renewed within the + * duration specified by this value. At each renewal, the token's TTL will be set to the + * value of this field. Specified in seconds. + * + */ + public Optional> tokenPeriod() { + return Optional.ofNullable(this.tokenPeriod); + } + + /** + * List of policies to encode onto generated tokens. Depending + * on the auth method, this list may be supplemented by user/group/other values. + * + */ + @Import(name="tokenPolicies") + private @Nullable Output> tokenPolicies; + + /** + * @return List of policies to encode onto generated tokens. Depending + * on the auth method, this list may be supplemented by user/group/other values. + * + */ + public Optional>> tokenPolicies() { + return Optional.ofNullable(this.tokenPolicies); + } + + /** + * The incremental lifetime for generated tokens in number of seconds. + * Its current value will be referenced at renewal time. + * + */ + @Import(name="tokenTtl") + private @Nullable Output tokenTtl; + + /** + * @return The incremental lifetime for generated tokens in number of seconds. + * Its current value will be referenced at renewal time. + * + */ + public Optional> tokenTtl() { + return Optional.ofNullable(this.tokenTtl); + } + + /** + * The type of token that should be generated. Can be `service`, + * `batch`, or `default` to use the mount's tuned default (which unless changed will be + * `service` tokens). For token store roles, there are two additional possibilities: + * `default-service` and `default-batch` which specify the type to return unless the client + * requests a different type at generation time. + * + */ + @Import(name="tokenType") + private @Nullable Output tokenType; + + /** + * @return The type of token that should be generated. Can be `service`, + * `batch`, or `default` to use the mount's tuned default (which unless changed will be + * `service` tokens). For token store roles, there are two additional possibilities: + * `default-service` and `default-batch` which specify the type to return unless the client + * requests a different type at generation time. + * + */ + public Optional> tokenType() { + return Optional.ofNullable(this.tokenType); + } + + private AuthBackendRoleArgs() {} + + private AuthBackendRoleArgs(AuthBackendRoleArgs $) { + this.boundAttributes = $.boundAttributes; + this.boundAttributesType = $.boundAttributesType; + this.boundSubjects = $.boundSubjects; + this.boundSubjectsType = $.boundSubjectsType; + this.groupsAttribute = $.groupsAttribute; + this.name = $.name; + this.namespace = $.namespace; + this.path = $.path; + this.tokenBoundCidrs = $.tokenBoundCidrs; + this.tokenExplicitMaxTtl = $.tokenExplicitMaxTtl; + this.tokenMaxTtl = $.tokenMaxTtl; + this.tokenNoDefaultPolicy = $.tokenNoDefaultPolicy; + this.tokenNumUses = $.tokenNumUses; + this.tokenPeriod = $.tokenPeriod; + this.tokenPolicies = $.tokenPolicies; + this.tokenTtl = $.tokenTtl; + this.tokenType = $.tokenType; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AuthBackendRoleArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AuthBackendRoleArgs $; + + public Builder() { + $ = new AuthBackendRoleArgs(); + } + + public Builder(AuthBackendRoleArgs defaults) { + $ = new AuthBackendRoleArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param boundAttributes Mapping of attribute names to values that are expected to + * exist in the SAML assertion. + * + * @return builder + * + */ + public Builder boundAttributes(@Nullable Output> boundAttributes) { + $.boundAttributes = boundAttributes; + return this; + } + + /** + * @param boundAttributes Mapping of attribute names to values that are expected to + * exist in the SAML assertion. + * + * @return builder + * + */ + public Builder boundAttributes(Map boundAttributes) { + return boundAttributes(Output.of(boundAttributes)); + } + + /** + * @param boundAttributesType The type of matching assertion to perform on + * `bound_attributes_type`. + * + * @return builder + * + */ + public Builder boundAttributesType(@Nullable Output boundAttributesType) { + $.boundAttributesType = boundAttributesType; + return this; + } + + /** + * @param boundAttributesType The type of matching assertion to perform on + * `bound_attributes_type`. + * + * @return builder + * + */ + public Builder boundAttributesType(String boundAttributesType) { + return boundAttributesType(Output.of(boundAttributesType)); + } + + /** + * @param boundSubjects List of subjects being asserted for SAML authentication. + * + * @return builder + * + */ + public Builder boundSubjects(@Nullable Output> boundSubjects) { + $.boundSubjects = boundSubjects; + return this; + } + + /** + * @param boundSubjects List of subjects being asserted for SAML authentication. + * + * @return builder + * + */ + public Builder boundSubjects(List boundSubjects) { + return boundSubjects(Output.of(boundSubjects)); + } + + /** + * @param boundSubjects List of subjects being asserted for SAML authentication. + * + * @return builder + * + */ + public Builder boundSubjects(String... boundSubjects) { + return boundSubjects(List.of(boundSubjects)); + } + + /** + * @param boundSubjectsType The type of matching assertion to perform on `bound_subjects`. + * + * @return builder + * + */ + public Builder boundSubjectsType(@Nullable Output boundSubjectsType) { + $.boundSubjectsType = boundSubjectsType; + return this; + } + + /** + * @param boundSubjectsType The type of matching assertion to perform on `bound_subjects`. + * + * @return builder + * + */ + public Builder boundSubjectsType(String boundSubjectsType) { + return boundSubjectsType(Output.of(boundSubjectsType)); + } + + /** + * @param groupsAttribute The attribute to use to identify the set of groups to which the + * user belongs. + * + * @return builder + * + */ + public Builder groupsAttribute(@Nullable Output groupsAttribute) { + $.groupsAttribute = groupsAttribute; + return this; + } + + /** + * @param groupsAttribute The attribute to use to identify the set of groups to which the + * user belongs. + * + * @return builder + * + */ + public Builder groupsAttribute(String groupsAttribute) { + return groupsAttribute(Output.of(groupsAttribute)); + } + + /** + * @param name Unique name of the role. + * + * @return builder + * + */ + public Builder name(@Nullable Output name) { + $.name = name; + return this; + } + + /** + * @param name Unique name of the role. + * + * @return builder + * + */ + public Builder name(String name) { + return name(Output.of(name)); + } + + /** + * @param namespace The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(@Nullable Output namespace) { + $.namespace = namespace; + return this; + } + + /** + * @param namespace The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(String namespace) { + return namespace(Output.of(namespace)); + } + + /** + * @param path Path where the auth backend is mounted. + * + * @return builder + * + */ + public Builder path(Output path) { + $.path = path; + return this; + } + + /** + * @param path Path where the auth backend is mounted. + * + * @return builder + * + */ + public Builder path(String path) { + return path(Output.of(path)); + } + + /** + * @param tokenBoundCidrs List of CIDR blocks; if set, specifies blocks of IP + * addresses which can authenticate successfully, and ties the resulting token to these blocks + * as well. + * + * @return builder + * + */ + public Builder tokenBoundCidrs(@Nullable Output> tokenBoundCidrs) { + $.tokenBoundCidrs = tokenBoundCidrs; + return this; + } + + /** + * @param tokenBoundCidrs List of CIDR blocks; if set, specifies blocks of IP + * addresses which can authenticate successfully, and ties the resulting token to these blocks + * as well. + * + * @return builder + * + */ + public Builder tokenBoundCidrs(List tokenBoundCidrs) { + return tokenBoundCidrs(Output.of(tokenBoundCidrs)); + } + + /** + * @param tokenBoundCidrs List of CIDR blocks; if set, specifies blocks of IP + * addresses which can authenticate successfully, and ties the resulting token to these blocks + * as well. + * + * @return builder + * + */ + public Builder tokenBoundCidrs(String... tokenBoundCidrs) { + return tokenBoundCidrs(List.of(tokenBoundCidrs)); + } + + /** + * @param tokenExplicitMaxTtl If set, will encode an + * [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) + * onto the token in number of seconds. This is a hard cap even if `token_ttl` and + * `token_max_ttl` would otherwise allow a renewal. + * + * @return builder + * + */ + public Builder tokenExplicitMaxTtl(@Nullable Output tokenExplicitMaxTtl) { + $.tokenExplicitMaxTtl = tokenExplicitMaxTtl; + return this; + } + + /** + * @param tokenExplicitMaxTtl If set, will encode an + * [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) + * onto the token in number of seconds. This is a hard cap even if `token_ttl` and + * `token_max_ttl` would otherwise allow a renewal. + * + * @return builder + * + */ + public Builder tokenExplicitMaxTtl(Integer tokenExplicitMaxTtl) { + return tokenExplicitMaxTtl(Output.of(tokenExplicitMaxTtl)); + } + + /** + * @param tokenMaxTtl The maximum lifetime for generated tokens in number of seconds. + * Its current value will be referenced at renewal time. + * + * @return builder + * + */ + public Builder tokenMaxTtl(@Nullable Output tokenMaxTtl) { + $.tokenMaxTtl = tokenMaxTtl; + return this; + } + + /** + * @param tokenMaxTtl The maximum lifetime for generated tokens in number of seconds. + * Its current value will be referenced at renewal time. + * + * @return builder + * + */ + public Builder tokenMaxTtl(Integer tokenMaxTtl) { + return tokenMaxTtl(Output.of(tokenMaxTtl)); + } + + /** + * @param tokenNoDefaultPolicy If set, the default policy will not be set on + * generated tokens; otherwise it will be added to the policies set in token_policies. + * + * @return builder + * + */ + public Builder tokenNoDefaultPolicy(@Nullable Output tokenNoDefaultPolicy) { + $.tokenNoDefaultPolicy = tokenNoDefaultPolicy; + return this; + } + + /** + * @param tokenNoDefaultPolicy If set, the default policy will not be set on + * generated tokens; otherwise it will be added to the policies set in token_policies. + * + * @return builder + * + */ + public Builder tokenNoDefaultPolicy(Boolean tokenNoDefaultPolicy) { + return tokenNoDefaultPolicy(Output.of(tokenNoDefaultPolicy)); + } + + /** + * @param tokenNumUses The [maximum number](https://developer.hashicorp.com/vault/api-docs/auth/saml#token_num_uses) + * of times a generated token may be used (within its lifetime); 0 means unlimited. + * + * @return builder + * + */ + public Builder tokenNumUses(@Nullable Output tokenNumUses) { + $.tokenNumUses = tokenNumUses; + return this; + } + + /** + * @param tokenNumUses The [maximum number](https://developer.hashicorp.com/vault/api-docs/auth/saml#token_num_uses) + * of times a generated token may be used (within its lifetime); 0 means unlimited. + * + * @return builder + * + */ + public Builder tokenNumUses(Integer tokenNumUses) { + return tokenNumUses(Output.of(tokenNumUses)); + } + + /** + * @param tokenPeriod If set, indicates that the + * token generated using this role should never expire. The token should be renewed within the + * duration specified by this value. At each renewal, the token's TTL will be set to the + * value of this field. Specified in seconds. + * + * @return builder + * + */ + public Builder tokenPeriod(@Nullable Output tokenPeriod) { + $.tokenPeriod = tokenPeriod; + return this; + } + + /** + * @param tokenPeriod If set, indicates that the + * token generated using this role should never expire. The token should be renewed within the + * duration specified by this value. At each renewal, the token's TTL will be set to the + * value of this field. Specified in seconds. + * + * @return builder + * + */ + public Builder tokenPeriod(Integer tokenPeriod) { + return tokenPeriod(Output.of(tokenPeriod)); + } + + /** + * @param tokenPolicies List of policies to encode onto generated tokens. Depending + * on the auth method, this list may be supplemented by user/group/other values. + * + * @return builder + * + */ + public Builder tokenPolicies(@Nullable Output> tokenPolicies) { + $.tokenPolicies = tokenPolicies; + return this; + } + + /** + * @param tokenPolicies List of policies to encode onto generated tokens. Depending + * on the auth method, this list may be supplemented by user/group/other values. + * + * @return builder + * + */ + public Builder tokenPolicies(List tokenPolicies) { + return tokenPolicies(Output.of(tokenPolicies)); + } + + /** + * @param tokenPolicies List of policies to encode onto generated tokens. Depending + * on the auth method, this list may be supplemented by user/group/other values. + * + * @return builder + * + */ + public Builder tokenPolicies(String... tokenPolicies) { + return tokenPolicies(List.of(tokenPolicies)); + } + + /** + * @param tokenTtl The incremental lifetime for generated tokens in number of seconds. + * Its current value will be referenced at renewal time. + * + * @return builder + * + */ + public Builder tokenTtl(@Nullable Output tokenTtl) { + $.tokenTtl = tokenTtl; + return this; + } + + /** + * @param tokenTtl The incremental lifetime for generated tokens in number of seconds. + * Its current value will be referenced at renewal time. + * + * @return builder + * + */ + public Builder tokenTtl(Integer tokenTtl) { + return tokenTtl(Output.of(tokenTtl)); + } + + /** + * @param tokenType The type of token that should be generated. Can be `service`, + * `batch`, or `default` to use the mount's tuned default (which unless changed will be + * `service` tokens). For token store roles, there are two additional possibilities: + * `default-service` and `default-batch` which specify the type to return unless the client + * requests a different type at generation time. + * + * @return builder + * + */ + public Builder tokenType(@Nullable Output tokenType) { + $.tokenType = tokenType; + return this; + } + + /** + * @param tokenType The type of token that should be generated. Can be `service`, + * `batch`, or `default` to use the mount's tuned default (which unless changed will be + * `service` tokens). For token store roles, there are two additional possibilities: + * `default-service` and `default-batch` which specify the type to return unless the client + * requests a different type at generation time. + * + * @return builder + * + */ + public Builder tokenType(String tokenType) { + return tokenType(Output.of(tokenType)); + } + + public AuthBackendRoleArgs build() { + $.path = Objects.requireNonNull($.path, "expected parameter 'path' to be non-null"); + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/vault/saml/inputs/AuthBackendRoleState.java b/sdk/java/src/main/java/com/pulumi/vault/saml/inputs/AuthBackendRoleState.java new file mode 100644 index 000000000..190984852 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/vault/saml/inputs/AuthBackendRoleState.java @@ -0,0 +1,805 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.vault.saml.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.Boolean; +import java.lang.Integer; +import java.lang.Object; +import java.lang.String; +import java.util.List; +import java.util.Map; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class AuthBackendRoleState extends com.pulumi.resources.ResourceArgs { + + public static final AuthBackendRoleState Empty = new AuthBackendRoleState(); + + /** + * Mapping of attribute names to values that are expected to + * exist in the SAML assertion. + * + */ + @Import(name="boundAttributes") + private @Nullable Output> boundAttributes; + + /** + * @return Mapping of attribute names to values that are expected to + * exist in the SAML assertion. + * + */ + public Optional>> boundAttributes() { + return Optional.ofNullable(this.boundAttributes); + } + + /** + * The type of matching assertion to perform on + * `bound_attributes_type`. + * + */ + @Import(name="boundAttributesType") + private @Nullable Output boundAttributesType; + + /** + * @return The type of matching assertion to perform on + * `bound_attributes_type`. + * + */ + public Optional> boundAttributesType() { + return Optional.ofNullable(this.boundAttributesType); + } + + /** + * List of subjects being asserted for SAML authentication. + * + */ + @Import(name="boundSubjects") + private @Nullable Output> boundSubjects; + + /** + * @return List of subjects being asserted for SAML authentication. + * + */ + public Optional>> boundSubjects() { + return Optional.ofNullable(this.boundSubjects); + } + + /** + * The type of matching assertion to perform on `bound_subjects`. + * + */ + @Import(name="boundSubjectsType") + private @Nullable Output boundSubjectsType; + + /** + * @return The type of matching assertion to perform on `bound_subjects`. + * + */ + public Optional> boundSubjectsType() { + return Optional.ofNullable(this.boundSubjectsType); + } + + /** + * The attribute to use to identify the set of groups to which the + * user belongs. + * + */ + @Import(name="groupsAttribute") + private @Nullable Output groupsAttribute; + + /** + * @return The attribute to use to identify the set of groups to which the + * user belongs. + * + */ + public Optional> groupsAttribute() { + return Optional.ofNullable(this.groupsAttribute); + } + + /** + * Unique name of the role. + * + */ + @Import(name="name") + private @Nullable Output name; + + /** + * @return Unique name of the role. + * + */ + public Optional> name() { + return Optional.ofNullable(this.name); + } + + /** + * The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + @Import(name="namespace") + private @Nullable Output namespace; + + /** + * @return The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + public Optional> namespace() { + return Optional.ofNullable(this.namespace); + } + + /** + * Path where the auth backend is mounted. + * + */ + @Import(name="path") + private @Nullable Output path; + + /** + * @return Path where the auth backend is mounted. + * + */ + public Optional> path() { + return Optional.ofNullable(this.path); + } + + /** + * List of CIDR blocks; if set, specifies blocks of IP + * addresses which can authenticate successfully, and ties the resulting token to these blocks + * as well. + * + */ + @Import(name="tokenBoundCidrs") + private @Nullable Output> tokenBoundCidrs; + + /** + * @return List of CIDR blocks; if set, specifies blocks of IP + * addresses which can authenticate successfully, and ties the resulting token to these blocks + * as well. + * + */ + public Optional>> tokenBoundCidrs() { + return Optional.ofNullable(this.tokenBoundCidrs); + } + + /** + * If set, will encode an + * [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) + * onto the token in number of seconds. This is a hard cap even if `token_ttl` and + * `token_max_ttl` would otherwise allow a renewal. + * + */ + @Import(name="tokenExplicitMaxTtl") + private @Nullable Output tokenExplicitMaxTtl; + + /** + * @return If set, will encode an + * [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) + * onto the token in number of seconds. This is a hard cap even if `token_ttl` and + * `token_max_ttl` would otherwise allow a renewal. + * + */ + public Optional> tokenExplicitMaxTtl() { + return Optional.ofNullable(this.tokenExplicitMaxTtl); + } + + /** + * The maximum lifetime for generated tokens in number of seconds. + * Its current value will be referenced at renewal time. + * + */ + @Import(name="tokenMaxTtl") + private @Nullable Output tokenMaxTtl; + + /** + * @return The maximum lifetime for generated tokens in number of seconds. + * Its current value will be referenced at renewal time. + * + */ + public Optional> tokenMaxTtl() { + return Optional.ofNullable(this.tokenMaxTtl); + } + + /** + * If set, the default policy will not be set on + * generated tokens; otherwise it will be added to the policies set in token_policies. + * + */ + @Import(name="tokenNoDefaultPolicy") + private @Nullable Output tokenNoDefaultPolicy; + + /** + * @return If set, the default policy will not be set on + * generated tokens; otherwise it will be added to the policies set in token_policies. + * + */ + public Optional> tokenNoDefaultPolicy() { + return Optional.ofNullable(this.tokenNoDefaultPolicy); + } + + /** + * The [maximum number](https://developer.hashicorp.com/vault/api-docs/auth/saml#token_num_uses) + * of times a generated token may be used (within its lifetime); 0 means unlimited. + * + */ + @Import(name="tokenNumUses") + private @Nullable Output tokenNumUses; + + /** + * @return The [maximum number](https://developer.hashicorp.com/vault/api-docs/auth/saml#token_num_uses) + * of times a generated token may be used (within its lifetime); 0 means unlimited. + * + */ + public Optional> tokenNumUses() { + return Optional.ofNullable(this.tokenNumUses); + } + + /** + * If set, indicates that the + * token generated using this role should never expire. The token should be renewed within the + * duration specified by this value. At each renewal, the token's TTL will be set to the + * value of this field. Specified in seconds. + * + */ + @Import(name="tokenPeriod") + private @Nullable Output tokenPeriod; + + /** + * @return If set, indicates that the + * token generated using this role should never expire. The token should be renewed within the + * duration specified by this value. At each renewal, the token's TTL will be set to the + * value of this field. Specified in seconds. + * + */ + public Optional> tokenPeriod() { + return Optional.ofNullable(this.tokenPeriod); + } + + /** + * List of policies to encode onto generated tokens. Depending + * on the auth method, this list may be supplemented by user/group/other values. + * + */ + @Import(name="tokenPolicies") + private @Nullable Output> tokenPolicies; + + /** + * @return List of policies to encode onto generated tokens. Depending + * on the auth method, this list may be supplemented by user/group/other values. + * + */ + public Optional>> tokenPolicies() { + return Optional.ofNullable(this.tokenPolicies); + } + + /** + * The incremental lifetime for generated tokens in number of seconds. + * Its current value will be referenced at renewal time. + * + */ + @Import(name="tokenTtl") + private @Nullable Output tokenTtl; + + /** + * @return The incremental lifetime for generated tokens in number of seconds. + * Its current value will be referenced at renewal time. + * + */ + public Optional> tokenTtl() { + return Optional.ofNullable(this.tokenTtl); + } + + /** + * The type of token that should be generated. Can be `service`, + * `batch`, or `default` to use the mount's tuned default (which unless changed will be + * `service` tokens). For token store roles, there are two additional possibilities: + * `default-service` and `default-batch` which specify the type to return unless the client + * requests a different type at generation time. + * + */ + @Import(name="tokenType") + private @Nullable Output tokenType; + + /** + * @return The type of token that should be generated. Can be `service`, + * `batch`, or `default` to use the mount's tuned default (which unless changed will be + * `service` tokens). For token store roles, there are two additional possibilities: + * `default-service` and `default-batch` which specify the type to return unless the client + * requests a different type at generation time. + * + */ + public Optional> tokenType() { + return Optional.ofNullable(this.tokenType); + } + + private AuthBackendRoleState() {} + + private AuthBackendRoleState(AuthBackendRoleState $) { + this.boundAttributes = $.boundAttributes; + this.boundAttributesType = $.boundAttributesType; + this.boundSubjects = $.boundSubjects; + this.boundSubjectsType = $.boundSubjectsType; + this.groupsAttribute = $.groupsAttribute; + this.name = $.name; + this.namespace = $.namespace; + this.path = $.path; + this.tokenBoundCidrs = $.tokenBoundCidrs; + this.tokenExplicitMaxTtl = $.tokenExplicitMaxTtl; + this.tokenMaxTtl = $.tokenMaxTtl; + this.tokenNoDefaultPolicy = $.tokenNoDefaultPolicy; + this.tokenNumUses = $.tokenNumUses; + this.tokenPeriod = $.tokenPeriod; + this.tokenPolicies = $.tokenPolicies; + this.tokenTtl = $.tokenTtl; + this.tokenType = $.tokenType; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AuthBackendRoleState defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AuthBackendRoleState $; + + public Builder() { + $ = new AuthBackendRoleState(); + } + + public Builder(AuthBackendRoleState defaults) { + $ = new AuthBackendRoleState(Objects.requireNonNull(defaults)); + } + + /** + * @param boundAttributes Mapping of attribute names to values that are expected to + * exist in the SAML assertion. + * + * @return builder + * + */ + public Builder boundAttributes(@Nullable Output> boundAttributes) { + $.boundAttributes = boundAttributes; + return this; + } + + /** + * @param boundAttributes Mapping of attribute names to values that are expected to + * exist in the SAML assertion. + * + * @return builder + * + */ + public Builder boundAttributes(Map boundAttributes) { + return boundAttributes(Output.of(boundAttributes)); + } + + /** + * @param boundAttributesType The type of matching assertion to perform on + * `bound_attributes_type`. + * + * @return builder + * + */ + public Builder boundAttributesType(@Nullable Output boundAttributesType) { + $.boundAttributesType = boundAttributesType; + return this; + } + + /** + * @param boundAttributesType The type of matching assertion to perform on + * `bound_attributes_type`. + * + * @return builder + * + */ + public Builder boundAttributesType(String boundAttributesType) { + return boundAttributesType(Output.of(boundAttributesType)); + } + + /** + * @param boundSubjects List of subjects being asserted for SAML authentication. + * + * @return builder + * + */ + public Builder boundSubjects(@Nullable Output> boundSubjects) { + $.boundSubjects = boundSubjects; + return this; + } + + /** + * @param boundSubjects List of subjects being asserted for SAML authentication. + * + * @return builder + * + */ + public Builder boundSubjects(List boundSubjects) { + return boundSubjects(Output.of(boundSubjects)); + } + + /** + * @param boundSubjects List of subjects being asserted for SAML authentication. + * + * @return builder + * + */ + public Builder boundSubjects(String... boundSubjects) { + return boundSubjects(List.of(boundSubjects)); + } + + /** + * @param boundSubjectsType The type of matching assertion to perform on `bound_subjects`. + * + * @return builder + * + */ + public Builder boundSubjectsType(@Nullable Output boundSubjectsType) { + $.boundSubjectsType = boundSubjectsType; + return this; + } + + /** + * @param boundSubjectsType The type of matching assertion to perform on `bound_subjects`. + * + * @return builder + * + */ + public Builder boundSubjectsType(String boundSubjectsType) { + return boundSubjectsType(Output.of(boundSubjectsType)); + } + + /** + * @param groupsAttribute The attribute to use to identify the set of groups to which the + * user belongs. + * + * @return builder + * + */ + public Builder groupsAttribute(@Nullable Output groupsAttribute) { + $.groupsAttribute = groupsAttribute; + return this; + } + + /** + * @param groupsAttribute The attribute to use to identify the set of groups to which the + * user belongs. + * + * @return builder + * + */ + public Builder groupsAttribute(String groupsAttribute) { + return groupsAttribute(Output.of(groupsAttribute)); + } + + /** + * @param name Unique name of the role. + * + * @return builder + * + */ + public Builder name(@Nullable Output name) { + $.name = name; + return this; + } + + /** + * @param name Unique name of the role. + * + * @return builder + * + */ + public Builder name(String name) { + return name(Output.of(name)); + } + + /** + * @param namespace The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(@Nullable Output namespace) { + $.namespace = namespace; + return this; + } + + /** + * @param namespace The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(String namespace) { + return namespace(Output.of(namespace)); + } + + /** + * @param path Path where the auth backend is mounted. + * + * @return builder + * + */ + public Builder path(@Nullable Output path) { + $.path = path; + return this; + } + + /** + * @param path Path where the auth backend is mounted. + * + * @return builder + * + */ + public Builder path(String path) { + return path(Output.of(path)); + } + + /** + * @param tokenBoundCidrs List of CIDR blocks; if set, specifies blocks of IP + * addresses which can authenticate successfully, and ties the resulting token to these blocks + * as well. + * + * @return builder + * + */ + public Builder tokenBoundCidrs(@Nullable Output> tokenBoundCidrs) { + $.tokenBoundCidrs = tokenBoundCidrs; + return this; + } + + /** + * @param tokenBoundCidrs List of CIDR blocks; if set, specifies blocks of IP + * addresses which can authenticate successfully, and ties the resulting token to these blocks + * as well. + * + * @return builder + * + */ + public Builder tokenBoundCidrs(List tokenBoundCidrs) { + return tokenBoundCidrs(Output.of(tokenBoundCidrs)); + } + + /** + * @param tokenBoundCidrs List of CIDR blocks; if set, specifies blocks of IP + * addresses which can authenticate successfully, and ties the resulting token to these blocks + * as well. + * + * @return builder + * + */ + public Builder tokenBoundCidrs(String... tokenBoundCidrs) { + return tokenBoundCidrs(List.of(tokenBoundCidrs)); + } + + /** + * @param tokenExplicitMaxTtl If set, will encode an + * [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) + * onto the token in number of seconds. This is a hard cap even if `token_ttl` and + * `token_max_ttl` would otherwise allow a renewal. + * + * @return builder + * + */ + public Builder tokenExplicitMaxTtl(@Nullable Output tokenExplicitMaxTtl) { + $.tokenExplicitMaxTtl = tokenExplicitMaxTtl; + return this; + } + + /** + * @param tokenExplicitMaxTtl If set, will encode an + * [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) + * onto the token in number of seconds. This is a hard cap even if `token_ttl` and + * `token_max_ttl` would otherwise allow a renewal. + * + * @return builder + * + */ + public Builder tokenExplicitMaxTtl(Integer tokenExplicitMaxTtl) { + return tokenExplicitMaxTtl(Output.of(tokenExplicitMaxTtl)); + } + + /** + * @param tokenMaxTtl The maximum lifetime for generated tokens in number of seconds. + * Its current value will be referenced at renewal time. + * + * @return builder + * + */ + public Builder tokenMaxTtl(@Nullable Output tokenMaxTtl) { + $.tokenMaxTtl = tokenMaxTtl; + return this; + } + + /** + * @param tokenMaxTtl The maximum lifetime for generated tokens in number of seconds. + * Its current value will be referenced at renewal time. + * + * @return builder + * + */ + public Builder tokenMaxTtl(Integer tokenMaxTtl) { + return tokenMaxTtl(Output.of(tokenMaxTtl)); + } + + /** + * @param tokenNoDefaultPolicy If set, the default policy will not be set on + * generated tokens; otherwise it will be added to the policies set in token_policies. + * + * @return builder + * + */ + public Builder tokenNoDefaultPolicy(@Nullable Output tokenNoDefaultPolicy) { + $.tokenNoDefaultPolicy = tokenNoDefaultPolicy; + return this; + } + + /** + * @param tokenNoDefaultPolicy If set, the default policy will not be set on + * generated tokens; otherwise it will be added to the policies set in token_policies. + * + * @return builder + * + */ + public Builder tokenNoDefaultPolicy(Boolean tokenNoDefaultPolicy) { + return tokenNoDefaultPolicy(Output.of(tokenNoDefaultPolicy)); + } + + /** + * @param tokenNumUses The [maximum number](https://developer.hashicorp.com/vault/api-docs/auth/saml#token_num_uses) + * of times a generated token may be used (within its lifetime); 0 means unlimited. + * + * @return builder + * + */ + public Builder tokenNumUses(@Nullable Output tokenNumUses) { + $.tokenNumUses = tokenNumUses; + return this; + } + + /** + * @param tokenNumUses The [maximum number](https://developer.hashicorp.com/vault/api-docs/auth/saml#token_num_uses) + * of times a generated token may be used (within its lifetime); 0 means unlimited. + * + * @return builder + * + */ + public Builder tokenNumUses(Integer tokenNumUses) { + return tokenNumUses(Output.of(tokenNumUses)); + } + + /** + * @param tokenPeriod If set, indicates that the + * token generated using this role should never expire. The token should be renewed within the + * duration specified by this value. At each renewal, the token's TTL will be set to the + * value of this field. Specified in seconds. + * + * @return builder + * + */ + public Builder tokenPeriod(@Nullable Output tokenPeriod) { + $.tokenPeriod = tokenPeriod; + return this; + } + + /** + * @param tokenPeriod If set, indicates that the + * token generated using this role should never expire. The token should be renewed within the + * duration specified by this value. At each renewal, the token's TTL will be set to the + * value of this field. Specified in seconds. + * + * @return builder + * + */ + public Builder tokenPeriod(Integer tokenPeriod) { + return tokenPeriod(Output.of(tokenPeriod)); + } + + /** + * @param tokenPolicies List of policies to encode onto generated tokens. Depending + * on the auth method, this list may be supplemented by user/group/other values. + * + * @return builder + * + */ + public Builder tokenPolicies(@Nullable Output> tokenPolicies) { + $.tokenPolicies = tokenPolicies; + return this; + } + + /** + * @param tokenPolicies List of policies to encode onto generated tokens. Depending + * on the auth method, this list may be supplemented by user/group/other values. + * + * @return builder + * + */ + public Builder tokenPolicies(List tokenPolicies) { + return tokenPolicies(Output.of(tokenPolicies)); + } + + /** + * @param tokenPolicies List of policies to encode onto generated tokens. Depending + * on the auth method, this list may be supplemented by user/group/other values. + * + * @return builder + * + */ + public Builder tokenPolicies(String... tokenPolicies) { + return tokenPolicies(List.of(tokenPolicies)); + } + + /** + * @param tokenTtl The incremental lifetime for generated tokens in number of seconds. + * Its current value will be referenced at renewal time. + * + * @return builder + * + */ + public Builder tokenTtl(@Nullable Output tokenTtl) { + $.tokenTtl = tokenTtl; + return this; + } + + /** + * @param tokenTtl The incremental lifetime for generated tokens in number of seconds. + * Its current value will be referenced at renewal time. + * + * @return builder + * + */ + public Builder tokenTtl(Integer tokenTtl) { + return tokenTtl(Output.of(tokenTtl)); + } + + /** + * @param tokenType The type of token that should be generated. Can be `service`, + * `batch`, or `default` to use the mount's tuned default (which unless changed will be + * `service` tokens). For token store roles, there are two additional possibilities: + * `default-service` and `default-batch` which specify the type to return unless the client + * requests a different type at generation time. + * + * @return builder + * + */ + public Builder tokenType(@Nullable Output tokenType) { + $.tokenType = tokenType; + return this; + } + + /** + * @param tokenType The type of token that should be generated. Can be `service`, + * `batch`, or `default` to use the mount's tuned default (which unless changed will be + * `service` tokens). For token store roles, there are two additional possibilities: + * `default-service` and `default-batch` which specify the type to return unless the client + * requests a different type at generation time. + * + * @return builder + * + */ + public Builder tokenType(String tokenType) { + return tokenType(Output.of(tokenType)); + } + + public AuthBackendRoleState build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/vault/saml/inputs/AuthBackendState.java b/sdk/java/src/main/java/com/pulumi/vault/saml/inputs/AuthBackendState.java new file mode 100644 index 000000000..42a94476b --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/vault/saml/inputs/AuthBackendState.java @@ -0,0 +1,510 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.vault.saml.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.Boolean; +import java.lang.String; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class AuthBackendState extends com.pulumi.resources.ResourceArgs { + + public static final AuthBackendState Empty = new AuthBackendState(); + + /** + * The well-formatted URLs of your Assertion Consumer Service (ACS) + * that should receive a response from the identity provider. + * + */ + @Import(name="acsUrls") + private @Nullable Output> acsUrls; + + /** + * @return The well-formatted URLs of your Assertion Consumer Service (ACS) + * that should receive a response from the identity provider. + * + */ + public Optional>> acsUrls() { + return Optional.ofNullable(this.acsUrls); + } + + /** + * The role to use if no role is provided during login. + * + */ + @Import(name="defaultRole") + private @Nullable Output defaultRole; + + /** + * @return The role to use if no role is provided during login. + * + */ + public Optional> defaultRole() { + return Optional.ofNullable(this.defaultRole); + } + + /** + * If set to `true`, opts out of mount migration on path updates. + * See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) + * + */ + @Import(name="disableRemount") + private @Nullable Output disableRemount; + + /** + * @return If set to `true`, opts out of mount migration on path updates. + * See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) + * + */ + public Optional> disableRemount() { + return Optional.ofNullable(this.disableRemount); + } + + /** + * The entity ID of the SAML authentication service provider. + * + */ + @Import(name="entityId") + private @Nullable Output entityId; + + /** + * @return The entity ID of the SAML authentication service provider. + * + */ + public Optional> entityId() { + return Optional.ofNullable(this.entityId); + } + + /** + * The PEM encoded certificate of the identity provider. Mutually exclusive + * with `idp_metadata_url`. + * + */ + @Import(name="idpCert") + private @Nullable Output idpCert; + + /** + * @return The PEM encoded certificate of the identity provider. Mutually exclusive + * with `idp_metadata_url`. + * + */ + public Optional> idpCert() { + return Optional.ofNullable(this.idpCert); + } + + /** + * The entity ID of the identity provider. Mutually exclusive with + * `idp_metadata_url`. + * + */ + @Import(name="idpEntityId") + private @Nullable Output idpEntityId; + + /** + * @return The entity ID of the identity provider. Mutually exclusive with + * `idp_metadata_url`. + * + */ + public Optional> idpEntityId() { + return Optional.ofNullable(this.idpEntityId); + } + + /** + * The metadata URL of the identity provider. + * + */ + @Import(name="idpMetadataUrl") + private @Nullable Output idpMetadataUrl; + + /** + * @return The metadata URL of the identity provider. + * + */ + public Optional> idpMetadataUrl() { + return Optional.ofNullable(this.idpMetadataUrl); + } + + /** + * The SSO URL of the identity provider. Mutually exclusive with + * `idp_metadata_url`. + * + */ + @Import(name="idpSsoUrl") + private @Nullable Output idpSsoUrl; + + /** + * @return The SSO URL of the identity provider. Mutually exclusive with + * `idp_metadata_url`. + * + */ + public Optional> idpSsoUrl() { + return Optional.ofNullable(this.idpSsoUrl); + } + + /** + * The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + @Import(name="namespace") + private @Nullable Output namespace; + + /** + * @return The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + public Optional> namespace() { + return Optional.ofNullable(this.namespace); + } + + /** + * Path where the auth backend will be mounted. Defaults to `auth/saml` + * if not specified. + * + */ + @Import(name="path") + private @Nullable Output path; + + /** + * @return Path where the auth backend will be mounted. Defaults to `auth/saml` + * if not specified. + * + */ + public Optional> path() { + return Optional.ofNullable(this.path); + } + + /** + * If set to `true`, logs additional, potentially sensitive + * information during the SAML exchange according to the current logging level. Not + * recommended for production. + * + */ + @Import(name="verboseLogging") + private @Nullable Output verboseLogging; + + /** + * @return If set to `true`, logs additional, potentially sensitive + * information during the SAML exchange according to the current logging level. Not + * recommended for production. + * + */ + public Optional> verboseLogging() { + return Optional.ofNullable(this.verboseLogging); + } + + private AuthBackendState() {} + + private AuthBackendState(AuthBackendState $) { + this.acsUrls = $.acsUrls; + this.defaultRole = $.defaultRole; + this.disableRemount = $.disableRemount; + this.entityId = $.entityId; + this.idpCert = $.idpCert; + this.idpEntityId = $.idpEntityId; + this.idpMetadataUrl = $.idpMetadataUrl; + this.idpSsoUrl = $.idpSsoUrl; + this.namespace = $.namespace; + this.path = $.path; + this.verboseLogging = $.verboseLogging; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AuthBackendState defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AuthBackendState $; + + public Builder() { + $ = new AuthBackendState(); + } + + public Builder(AuthBackendState defaults) { + $ = new AuthBackendState(Objects.requireNonNull(defaults)); + } + + /** + * @param acsUrls The well-formatted URLs of your Assertion Consumer Service (ACS) + * that should receive a response from the identity provider. + * + * @return builder + * + */ + public Builder acsUrls(@Nullable Output> acsUrls) { + $.acsUrls = acsUrls; + return this; + } + + /** + * @param acsUrls The well-formatted URLs of your Assertion Consumer Service (ACS) + * that should receive a response from the identity provider. + * + * @return builder + * + */ + public Builder acsUrls(List acsUrls) { + return acsUrls(Output.of(acsUrls)); + } + + /** + * @param acsUrls The well-formatted URLs of your Assertion Consumer Service (ACS) + * that should receive a response from the identity provider. + * + * @return builder + * + */ + public Builder acsUrls(String... acsUrls) { + return acsUrls(List.of(acsUrls)); + } + + /** + * @param defaultRole The role to use if no role is provided during login. + * + * @return builder + * + */ + public Builder defaultRole(@Nullable Output defaultRole) { + $.defaultRole = defaultRole; + return this; + } + + /** + * @param defaultRole The role to use if no role is provided during login. + * + * @return builder + * + */ + public Builder defaultRole(String defaultRole) { + return defaultRole(Output.of(defaultRole)); + } + + /** + * @param disableRemount If set to `true`, opts out of mount migration on path updates. + * See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) + * + * @return builder + * + */ + public Builder disableRemount(@Nullable Output disableRemount) { + $.disableRemount = disableRemount; + return this; + } + + /** + * @param disableRemount If set to `true`, opts out of mount migration on path updates. + * See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) + * + * @return builder + * + */ + public Builder disableRemount(Boolean disableRemount) { + return disableRemount(Output.of(disableRemount)); + } + + /** + * @param entityId The entity ID of the SAML authentication service provider. + * + * @return builder + * + */ + public Builder entityId(@Nullable Output entityId) { + $.entityId = entityId; + return this; + } + + /** + * @param entityId The entity ID of the SAML authentication service provider. + * + * @return builder + * + */ + public Builder entityId(String entityId) { + return entityId(Output.of(entityId)); + } + + /** + * @param idpCert The PEM encoded certificate of the identity provider. Mutually exclusive + * with `idp_metadata_url`. + * + * @return builder + * + */ + public Builder idpCert(@Nullable Output idpCert) { + $.idpCert = idpCert; + return this; + } + + /** + * @param idpCert The PEM encoded certificate of the identity provider. Mutually exclusive + * with `idp_metadata_url`. + * + * @return builder + * + */ + public Builder idpCert(String idpCert) { + return idpCert(Output.of(idpCert)); + } + + /** + * @param idpEntityId The entity ID of the identity provider. Mutually exclusive with + * `idp_metadata_url`. + * + * @return builder + * + */ + public Builder idpEntityId(@Nullable Output idpEntityId) { + $.idpEntityId = idpEntityId; + return this; + } + + /** + * @param idpEntityId The entity ID of the identity provider. Mutually exclusive with + * `idp_metadata_url`. + * + * @return builder + * + */ + public Builder idpEntityId(String idpEntityId) { + return idpEntityId(Output.of(idpEntityId)); + } + + /** + * @param idpMetadataUrl The metadata URL of the identity provider. + * + * @return builder + * + */ + public Builder idpMetadataUrl(@Nullable Output idpMetadataUrl) { + $.idpMetadataUrl = idpMetadataUrl; + return this; + } + + /** + * @param idpMetadataUrl The metadata URL of the identity provider. + * + * @return builder + * + */ + public Builder idpMetadataUrl(String idpMetadataUrl) { + return idpMetadataUrl(Output.of(idpMetadataUrl)); + } + + /** + * @param idpSsoUrl The SSO URL of the identity provider. Mutually exclusive with + * `idp_metadata_url`. + * + * @return builder + * + */ + public Builder idpSsoUrl(@Nullable Output idpSsoUrl) { + $.idpSsoUrl = idpSsoUrl; + return this; + } + + /** + * @param idpSsoUrl The SSO URL of the identity provider. Mutually exclusive with + * `idp_metadata_url`. + * + * @return builder + * + */ + public Builder idpSsoUrl(String idpSsoUrl) { + return idpSsoUrl(Output.of(idpSsoUrl)); + } + + /** + * @param namespace The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(@Nullable Output namespace) { + $.namespace = namespace; + return this; + } + + /** + * @param namespace The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(String namespace) { + return namespace(Output.of(namespace)); + } + + /** + * @param path Path where the auth backend will be mounted. Defaults to `auth/saml` + * if not specified. + * + * @return builder + * + */ + public Builder path(@Nullable Output path) { + $.path = path; + return this; + } + + /** + * @param path Path where the auth backend will be mounted. Defaults to `auth/saml` + * if not specified. + * + * @return builder + * + */ + public Builder path(String path) { + return path(Output.of(path)); + } + + /** + * @param verboseLogging If set to `true`, logs additional, potentially sensitive + * information during the SAML exchange according to the current logging level. Not + * recommended for production. + * + * @return builder + * + */ + public Builder verboseLogging(@Nullable Output verboseLogging) { + $.verboseLogging = verboseLogging; + return this; + } + + /** + * @param verboseLogging If set to `true`, logs additional, potentially sensitive + * information during the SAML exchange according to the current logging level. Not + * recommended for production. + * + * @return builder + * + */ + public Builder verboseLogging(Boolean verboseLogging) { + return verboseLogging(Output.of(verboseLogging)); + } + + public AuthBackendState build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/vault/ssh/SecretBackendCa.java b/sdk/java/src/main/java/com/pulumi/vault/ssh/SecretBackendCa.java index 484762d71..39044fffd 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/ssh/SecretBackendCa.java +++ b/sdk/java/src/main/java/com/pulumi/vault/ssh/SecretBackendCa.java @@ -116,14 +116,14 @@ public Output> namespace() { return Codegen.optional(this.namespace); } /** - * The private key part the SSH CA key pair; required if generate_signing_key is false. + * Private key part the SSH CA key pair; required if generate_signing_key is false. * */ @Export(name="privateKey", refs={String.class}, tree="[0]") private Output privateKey; /** - * @return The private key part the SSH CA key pair; required if generate_signing_key is false. + * @return Private key part the SSH CA key pair; required if generate_signing_key is false. * */ public Output privateKey() { diff --git a/sdk/java/src/main/java/com/pulumi/vault/ssh/SecretBackendCaArgs.java b/sdk/java/src/main/java/com/pulumi/vault/ssh/SecretBackendCaArgs.java index 08fee1392..debe2790c 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/ssh/SecretBackendCaArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/ssh/SecretBackendCaArgs.java @@ -68,14 +68,14 @@ public Optional> namespace() { } /** - * The private key part the SSH CA key pair; required if generate_signing_key is false. + * Private key part the SSH CA key pair; required if generate_signing_key is false. * */ @Import(name="privateKey") private @Nullable Output privateKey; /** - * @return The private key part the SSH CA key pair; required if generate_signing_key is false. + * @return Private key part the SSH CA key pair; required if generate_signing_key is false. * */ public Optional> privateKey() { @@ -195,7 +195,7 @@ public Builder namespace(String namespace) { } /** - * @param privateKey The private key part the SSH CA key pair; required if generate_signing_key is false. + * @param privateKey Private key part the SSH CA key pair; required if generate_signing_key is false. * * @return builder * @@ -206,7 +206,7 @@ public Builder privateKey(@Nullable Output privateKey) { } /** - * @param privateKey The private key part the SSH CA key pair; required if generate_signing_key is false. + * @param privateKey Private key part the SSH CA key pair; required if generate_signing_key is false. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/ssh/inputs/SecretBackendCaState.java b/sdk/java/src/main/java/com/pulumi/vault/ssh/inputs/SecretBackendCaState.java index 12797083b..83965336f 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/ssh/inputs/SecretBackendCaState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/ssh/inputs/SecretBackendCaState.java @@ -68,14 +68,14 @@ public Optional> namespace() { } /** - * The private key part the SSH CA key pair; required if generate_signing_key is false. + * Private key part the SSH CA key pair; required if generate_signing_key is false. * */ @Import(name="privateKey") private @Nullable Output privateKey; /** - * @return The private key part the SSH CA key pair; required if generate_signing_key is false. + * @return Private key part the SSH CA key pair; required if generate_signing_key is false. * */ public Optional> privateKey() { @@ -195,7 +195,7 @@ public Builder namespace(String namespace) { } /** - * @param privateKey The private key part the SSH CA key pair; required if generate_signing_key is false. + * @param privateKey Private key part the SSH CA key pair; required if generate_signing_key is false. * * @return builder * @@ -206,7 +206,7 @@ public Builder privateKey(@Nullable Output privateKey) { } /** - * @param privateKey The private key part the SSH CA key pair; required if generate_signing_key is false. + * @param privateKey Private key part the SSH CA key pair; required if generate_signing_key is false. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/vault/ssh/inputs/SecretBackendRoleAllowedUserKeyConfigArgs.java b/sdk/java/src/main/java/com/pulumi/vault/ssh/inputs/SecretBackendRoleAllowedUserKeyConfigArgs.java index d03925ae4..254862ba6 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/ssh/inputs/SecretBackendRoleAllowedUserKeyConfigArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/ssh/inputs/SecretBackendRoleAllowedUserKeyConfigArgs.java @@ -21,6 +21,30 @@ public final class SecretBackendRoleAllowedUserKeyConfigArgs extends com.pulumi. * Setting multiple lengths is only supported on Vault 1.10+. For prior releases `length` * must be set to a single element list. * + * Example configuration blocks that might be included in the `vault.ssh.SecretBackendRole` + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * } + * } + * ``` + * */ @Import(name="lengths", required=true) private Output> lengths; @@ -31,6 +55,30 @@ public final class SecretBackendRoleAllowedUserKeyConfigArgs extends com.pulumi. * Setting multiple lengths is only supported on Vault 1.10+. For prior releases `length` * must be set to a single element list. * + * Example configuration blocks that might be included in the `vault.ssh.SecretBackendRole` + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * } + * } + * ``` + * */ public Output> lengths() { return this.lengths; @@ -88,6 +136,30 @@ public Builder(SecretBackendRoleAllowedUserKeyConfigArgs defaults) { * Setting multiple lengths is only supported on Vault 1.10+. For prior releases `length` * must be set to a single element list. * + * Example configuration blocks that might be included in the `vault.ssh.SecretBackendRole` + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * } + * } + * ``` + * * @return builder * */ @@ -102,6 +174,30 @@ public Builder lengths(Output> lengths) { * Setting multiple lengths is only supported on Vault 1.10+. For prior releases `length` * must be set to a single element list. * + * Example configuration blocks that might be included in the `vault.ssh.SecretBackendRole` + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * } + * } + * ``` + * * @return builder * */ @@ -115,6 +211,30 @@ public Builder lengths(List lengths) { * Setting multiple lengths is only supported on Vault 1.10+. For prior releases `length` * must be set to a single element list. * + * Example configuration blocks that might be included in the `vault.ssh.SecretBackendRole` + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * } + * } + * ``` + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/ssh/outputs/SecretBackendRoleAllowedUserKeyConfig.java b/sdk/java/src/main/java/com/pulumi/vault/ssh/outputs/SecretBackendRoleAllowedUserKeyConfig.java index 0cf1b0234..c33149c60 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/ssh/outputs/SecretBackendRoleAllowedUserKeyConfig.java +++ b/sdk/java/src/main/java/com/pulumi/vault/ssh/outputs/SecretBackendRoleAllowedUserKeyConfig.java @@ -17,6 +17,30 @@ public final class SecretBackendRoleAllowedUserKeyConfig { * Setting multiple lengths is only supported on Vault 1.10+. For prior releases `length` * must be set to a single element list. * + * Example configuration blocks that might be included in the `vault.ssh.SecretBackendRole` + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * } + * } + * ``` + * */ private List lengths; /** @@ -35,6 +59,30 @@ private SecretBackendRoleAllowedUserKeyConfig() {} * Setting multiple lengths is only supported on Vault 1.10+. For prior releases `length` * must be set to a single element list. * + * Example configuration blocks that might be included in the `vault.ssh.SecretBackendRole` + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * } + * } + * ``` + * */ public List lengths() { return this.lengths; diff --git a/sdk/java/src/main/java/com/pulumi/vault/tokenauth/AuthBackendRole.java b/sdk/java/src/main/java/com/pulumi/vault/tokenauth/AuthBackendRole.java index 8d384e290..17f9961a1 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/tokenauth/AuthBackendRole.java +++ b/sdk/java/src/main/java/com/pulumi/vault/tokenauth/AuthBackendRole.java @@ -180,6 +180,8 @@ public Output> orphan() { /** * Tokens created against this role will have the given suffix as part of their path in addition to the role name. * + * > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked. + * */ @Export(name="pathSuffix", refs={String.class}, tree="[0]") private Output pathSuffix; @@ -187,6 +189,8 @@ public Output> orphan() { /** * @return Tokens created against this role will have the given suffix as part of their path in addition to the role name. * + * > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked. + * */ public Output> pathSuffix() { return Codegen.optional(this.pathSuffix); diff --git a/sdk/java/src/main/java/com/pulumi/vault/tokenauth/AuthBackendRoleArgs.java b/sdk/java/src/main/java/com/pulumi/vault/tokenauth/AuthBackendRoleArgs.java index faddb1294..a3133553d 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/tokenauth/AuthBackendRoleArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/tokenauth/AuthBackendRoleArgs.java @@ -132,6 +132,8 @@ public Optional> orphan() { /** * Tokens created against this role will have the given suffix as part of their path in addition to the role name. * + * > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked. + * */ @Import(name="pathSuffix") private @Nullable Output pathSuffix; @@ -139,6 +141,8 @@ public Optional> orphan() { /** * @return Tokens created against this role will have the given suffix as part of their path in addition to the role name. * + * > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked. + * */ public Optional> pathSuffix() { return Optional.ofNullable(this.pathSuffix); @@ -589,6 +593,8 @@ public Builder orphan(Boolean orphan) { /** * @param pathSuffix Tokens created against this role will have the given suffix as part of their path in addition to the role name. * + * > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked. + * * @return builder * */ @@ -600,6 +606,8 @@ public Builder pathSuffix(@Nullable Output pathSuffix) { /** * @param pathSuffix Tokens created against this role will have the given suffix as part of their path in addition to the role name. * + * > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked. + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/tokenauth/inputs/AuthBackendRoleState.java b/sdk/java/src/main/java/com/pulumi/vault/tokenauth/inputs/AuthBackendRoleState.java index f0856b61c..10ed28003 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/tokenauth/inputs/AuthBackendRoleState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/tokenauth/inputs/AuthBackendRoleState.java @@ -132,6 +132,8 @@ public Optional> orphan() { /** * Tokens created against this role will have the given suffix as part of their path in addition to the role name. * + * > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked. + * */ @Import(name="pathSuffix") private @Nullable Output pathSuffix; @@ -139,6 +141,8 @@ public Optional> orphan() { /** * @return Tokens created against this role will have the given suffix as part of their path in addition to the role name. * + * > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked. + * */ public Optional> pathSuffix() { return Optional.ofNullable(this.pathSuffix); @@ -589,6 +593,8 @@ public Builder orphan(Boolean orphan) { /** * @param pathSuffix Tokens created against this role will have the given suffix as part of their path in addition to the role name. * + * > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked. + * * @return builder * */ @@ -600,6 +606,8 @@ public Builder pathSuffix(@Nullable Output pathSuffix) { /** * @param pathSuffix Tokens created against this role will have the given suffix as part of their path in addition to the role name. * + * > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked. + * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/vault/transform/Alphabet.java b/sdk/java/src/main/java/com/pulumi/vault/transform/Alphabet.java index ccfd79dea..27ceaf535 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/transform/Alphabet.java +++ b/sdk/java/src/main/java/com/pulumi/vault/transform/Alphabet.java @@ -88,6 +88,26 @@ public Output> alphabet() { public Output name() { return this.name; } + /** + * The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + @Export(name="namespace", refs={String.class}, tree="[0]") + private Output namespace; + + /** + * @return The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + public Output> namespace() { + return Codegen.optional(this.namespace); + } /** * Path to where the back-end is mounted within Vault. * diff --git a/sdk/java/src/main/java/com/pulumi/vault/transform/AlphabetArgs.java b/sdk/java/src/main/java/com/pulumi/vault/transform/AlphabetArgs.java index 3cf2b0264..6c1d4c1d7 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/transform/AlphabetArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/transform/AlphabetArgs.java @@ -45,6 +45,27 @@ public Optional> name() { return Optional.ofNullable(this.name); } + /** + * The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + @Import(name="namespace") + private @Nullable Output namespace; + + /** + * @return The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + public Optional> namespace() { + return Optional.ofNullable(this.namespace); + } + /** * Path to where the back-end is mounted within Vault. * @@ -65,6 +86,7 @@ private AlphabetArgs() {} private AlphabetArgs(AlphabetArgs $) { this.alphabet = $.alphabet; this.name = $.name; + this.namespace = $.namespace; this.path = $.path; } @@ -128,6 +150,33 @@ public Builder name(String name) { return name(Output.of(name)); } + /** + * @param namespace The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(@Nullable Output namespace) { + $.namespace = namespace; + return this; + } + + /** + * @param namespace The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(String namespace) { + return namespace(Output.of(namespace)); + } + /** * @param path Path to where the back-end is mounted within Vault. * diff --git a/sdk/java/src/main/java/com/pulumi/vault/transform/Role.java b/sdk/java/src/main/java/com/pulumi/vault/transform/Role.java index c20f69f64..1ddc24f49 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/transform/Role.java +++ b/sdk/java/src/main/java/com/pulumi/vault/transform/Role.java @@ -76,6 +76,26 @@ public class Role extends com.pulumi.resources.CustomResource { public Output name() { return this.name; } + /** + * The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + @Export(name="namespace", refs={String.class}, tree="[0]") + private Output namespace; + + /** + * @return The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + public Output> namespace() { + return Codegen.optional(this.namespace); + } /** * Path to where the back-end is mounted within Vault. * diff --git a/sdk/java/src/main/java/com/pulumi/vault/transform/RoleArgs.java b/sdk/java/src/main/java/com/pulumi/vault/transform/RoleArgs.java index 7e5be98d0..abb112a9e 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/transform/RoleArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/transform/RoleArgs.java @@ -31,6 +31,27 @@ public Optional> name() { return Optional.ofNullable(this.name); } + /** + * The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + @Import(name="namespace") + private @Nullable Output namespace; + + /** + * @return The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + public Optional> namespace() { + return Optional.ofNullable(this.namespace); + } + /** * Path to where the back-end is mounted within Vault. * @@ -65,6 +86,7 @@ private RoleArgs() {} private RoleArgs(RoleArgs $) { this.name = $.name; + this.namespace = $.namespace; this.path = $.path; this.transformations = $.transformations; } @@ -108,6 +130,33 @@ public Builder name(String name) { return name(Output.of(name)); } + /** + * @param namespace The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(@Nullable Output namespace) { + $.namespace = namespace; + return this; + } + + /** + * @param namespace The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(String namespace) { + return namespace(Output.of(namespace)); + } + /** * @param path Path to where the back-end is mounted within Vault. * diff --git a/sdk/java/src/main/java/com/pulumi/vault/transform/Template.java b/sdk/java/src/main/java/com/pulumi/vault/transform/Template.java index fd038b73b..0ece8a8da 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/transform/Template.java +++ b/sdk/java/src/main/java/com/pulumi/vault/transform/Template.java @@ -16,6 +16,72 @@ import java.util.Optional; import javax.annotation.Nullable; +/** + * This resource supports the `/transform/template/{name}` Vault endpoint. + * + * It creates or updates a template with the given name. If a template with the name does not exist, + * it will be created. If the template exists, it will be updated with the new attributes. + * + * > Requires _Vault Enterprise with the Advanced Data Protection Transform Module_. + * See [Transform Secrets Engine](https://www.vaultproject.io/docs/secrets/transform) + * for more information. + * + * ## Example Usage + * + * Please note that the `pattern` below holds a regex. The regex shown + * is identical to the one in our [Setup](https://www.vaultproject.io/docs/secrets/transform#setup) + * docs, `(\d{4})-(\d{4})-(\d{4})-(\d{4})`. However, due to HCL, the + * backslashes must be escaped to appear correctly in Vault. For further + * assistance escaping your own custom regex, see String Literals. + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.vault.Mount; + * import com.pulumi.vault.MountArgs; + * import com.pulumi.vault.transform.Alphabet; + * import com.pulumi.vault.transform.AlphabetArgs; + * import com.pulumi.vault.transform.Template; + * import com.pulumi.vault.transform.TemplateArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var transform = new Mount("transform", MountArgs.builder() + * .path("transform") + * .type("transform") + * .build()); + * + * var numerics = new Alphabet("numerics", AlphabetArgs.builder() + * .path(transform.path()) + * .alphabet("0123456789") + * .build()); + * + * var test = new Template("test", TemplateArgs.builder() + * .path(numerics.path()) + * .type("regex") + * .pattern("(\\d{4})[- ](\\d{4})[- ](\\d{4})[- ](\\d{4})") + * .alphabet("numerics") + * .encodeFormat("$1-$2-$3-$4") + * .decodeFormats(Map.of("last-four-digits", "$4")) + * .build()); + * + * } + * } + * ``` + * + */ @ResourceType(type="vault:transform/template:Template") public class Template extends com.pulumi.resources.CustomResource { /** @@ -33,15 +99,15 @@ public Output> alphabet() { return Codegen.optional(this.alphabet); } /** - * - Optional mapping of name to regular expression template, used to customize - * the decoded output. (requires Vault Enterprise 1.9+) + * Optional mapping of name to regular expression template, used to customize + * the decoded output. (requires Vault Enterprise 1.9+) * */ @Export(name="decodeFormats", refs={Map.class,String.class,Object.class}, tree="[0,1,2]") private Output> decodeFormats; /** - * @return - Optional mapping of name to regular expression template, used to customize + * @return Optional mapping of name to regular expression template, used to customize * the decoded output. (requires Vault Enterprise 1.9+) * */ @@ -49,15 +115,15 @@ public Output>> decodeFormats() { return Codegen.optional(this.decodeFormats); } /** - * - The regular expression template used to format encoded values. - * (requires Vault Enterprise 1.9+) + * The regular expression template used to format encoded values. + * (requires Vault Enterprise 1.9+) * */ @Export(name="encodeFormat", refs={String.class}, tree="[0]") private Output encodeFormat; /** - * @return - The regular expression template used to format encoded values. + * @return The regular expression template used to format encoded values. * (requires Vault Enterprise 1.9+) * */ @@ -78,6 +144,26 @@ public Output> encodeFormat() { public Output name() { return this.name; } + /** + * The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + @Export(name="namespace", refs={String.class}, tree="[0]") + private Output namespace; + + /** + * @return The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + public Output> namespace() { + return Codegen.optional(this.namespace); + } /** * Path to where the back-end is mounted within Vault. * diff --git a/sdk/java/src/main/java/com/pulumi/vault/transform/TemplateArgs.java b/sdk/java/src/main/java/com/pulumi/vault/transform/TemplateArgs.java index 8f88dd7d2..108deac5d 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/transform/TemplateArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/transform/TemplateArgs.java @@ -33,15 +33,15 @@ public Optional> alphabet() { } /** - * - Optional mapping of name to regular expression template, used to customize - * the decoded output. (requires Vault Enterprise 1.9+) + * Optional mapping of name to regular expression template, used to customize + * the decoded output. (requires Vault Enterprise 1.9+) * */ @Import(name="decodeFormats") private @Nullable Output> decodeFormats; /** - * @return - Optional mapping of name to regular expression template, used to customize + * @return Optional mapping of name to regular expression template, used to customize * the decoded output. (requires Vault Enterprise 1.9+) * */ @@ -50,15 +50,15 @@ public Optional>> decodeFormats() { } /** - * - The regular expression template used to format encoded values. - * (requires Vault Enterprise 1.9+) + * The regular expression template used to format encoded values. + * (requires Vault Enterprise 1.9+) * */ @Import(name="encodeFormat") private @Nullable Output encodeFormat; /** - * @return - The regular expression template used to format encoded values. + * @return The regular expression template used to format encoded values. * (requires Vault Enterprise 1.9+) * */ @@ -81,6 +81,27 @@ public Optional> name() { return Optional.ofNullable(this.name); } + /** + * The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + @Import(name="namespace") + private @Nullable Output namespace; + + /** + * @return The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + public Optional> namespace() { + return Optional.ofNullable(this.namespace); + } + /** * Path to where the back-end is mounted within Vault. * @@ -133,6 +154,7 @@ private TemplateArgs(TemplateArgs $) { this.decodeFormats = $.decodeFormats; this.encodeFormat = $.encodeFormat; this.name = $.name; + this.namespace = $.namespace; this.path = $.path; this.pattern = $.pattern; this.type = $.type; @@ -178,7 +200,7 @@ public Builder alphabet(String alphabet) { } /** - * @param decodeFormats - Optional mapping of name to regular expression template, used to customize + * @param decodeFormats Optional mapping of name to regular expression template, used to customize * the decoded output. (requires Vault Enterprise 1.9+) * * @return builder @@ -190,7 +212,7 @@ public Builder decodeFormats(@Nullable Output> decodeFormats) } /** - * @param decodeFormats - Optional mapping of name to regular expression template, used to customize + * @param decodeFormats Optional mapping of name to regular expression template, used to customize * the decoded output. (requires Vault Enterprise 1.9+) * * @return builder @@ -201,7 +223,7 @@ public Builder decodeFormats(Map decodeFormats) { } /** - * @param encodeFormat - The regular expression template used to format encoded values. + * @param encodeFormat The regular expression template used to format encoded values. * (requires Vault Enterprise 1.9+) * * @return builder @@ -213,7 +235,7 @@ public Builder encodeFormat(@Nullable Output encodeFormat) { } /** - * @param encodeFormat - The regular expression template used to format encoded values. + * @param encodeFormat The regular expression template used to format encoded values. * (requires Vault Enterprise 1.9+) * * @return builder @@ -244,6 +266,33 @@ public Builder name(String name) { return name(Output.of(name)); } + /** + * @param namespace The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(@Nullable Output namespace) { + $.namespace = namespace; + return this; + } + + /** + * @param namespace The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(String namespace) { + return namespace(Output.of(namespace)); + } + /** * @param path Path to where the back-end is mounted within Vault. * diff --git a/sdk/java/src/main/java/com/pulumi/vault/transform/TransformFunctions.java b/sdk/java/src/main/java/com/pulumi/vault/transform/TransformFunctions.java index 165dd8139..908c06972 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/transform/TransformFunctions.java +++ b/sdk/java/src/main/java/com/pulumi/vault/transform/TransformFunctions.java @@ -22,6 +22,62 @@ public final class TransformFunctions { * * It decodes the provided value using a named role. * + * ## Example Usage + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.vault.Mount; + * import com.pulumi.vault.MountArgs; + * import com.pulumi.vault.transform.Transformation; + * import com.pulumi.vault.transform.TransformationArgs; + * import com.pulumi.vault.transform.Role; + * import com.pulumi.vault.transform.RoleArgs; + * import com.pulumi.vault.transform.TransformFunctions; + * import com.pulumi.vault.transform.inputs.GetDecodeArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var transform = new Mount("transform", MountArgs.builder() + * .path("transform") + * .type("transform") + * .build()); + * + * var ccn_fpe = new Transformation("ccn-fpe", TransformationArgs.builder() + * .path(transform.path()) + * .type("fpe") + * .template("builtin/creditcardnumber") + * .tweakSource("internal") + * .allowedRoles("payments") + * .build()); + * + * var payments = new Role("payments", RoleArgs.builder() + * .path(ccn_fpe.path()) + * .transformations("ccn-fpe") + * .build()); + * + * final var test = TransformFunctions.getDecode(GetDecodeArgs.builder() + * .path(payments.path()) + * .roleName("payments") + * .value("9300-3376-4943-8903") + * .build()); + * + * } + * } + * ``` + * */ public static Output getDecode(GetDecodeArgs args) { return getDecode(args, InvokeOptions.Empty); @@ -31,6 +87,62 @@ public static Output getDecode(GetDecodeArgs args) { * * It decodes the provided value using a named role. * + * ## Example Usage + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.vault.Mount; + * import com.pulumi.vault.MountArgs; + * import com.pulumi.vault.transform.Transformation; + * import com.pulumi.vault.transform.TransformationArgs; + * import com.pulumi.vault.transform.Role; + * import com.pulumi.vault.transform.RoleArgs; + * import com.pulumi.vault.transform.TransformFunctions; + * import com.pulumi.vault.transform.inputs.GetDecodeArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var transform = new Mount("transform", MountArgs.builder() + * .path("transform") + * .type("transform") + * .build()); + * + * var ccn_fpe = new Transformation("ccn-fpe", TransformationArgs.builder() + * .path(transform.path()) + * .type("fpe") + * .template("builtin/creditcardnumber") + * .tweakSource("internal") + * .allowedRoles("payments") + * .build()); + * + * var payments = new Role("payments", RoleArgs.builder() + * .path(ccn_fpe.path()) + * .transformations("ccn-fpe") + * .build()); + * + * final var test = TransformFunctions.getDecode(GetDecodeArgs.builder() + * .path(payments.path()) + * .roleName("payments") + * .value("9300-3376-4943-8903") + * .build()); + * + * } + * } + * ``` + * */ public static CompletableFuture getDecodePlain(GetDecodePlainArgs args) { return getDecodePlain(args, InvokeOptions.Empty); @@ -40,6 +152,62 @@ public static CompletableFuture getDecodePlain(GetDecodePlainAr * * It decodes the provided value using a named role. * + * ## Example Usage + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.vault.Mount; + * import com.pulumi.vault.MountArgs; + * import com.pulumi.vault.transform.Transformation; + * import com.pulumi.vault.transform.TransformationArgs; + * import com.pulumi.vault.transform.Role; + * import com.pulumi.vault.transform.RoleArgs; + * import com.pulumi.vault.transform.TransformFunctions; + * import com.pulumi.vault.transform.inputs.GetDecodeArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var transform = new Mount("transform", MountArgs.builder() + * .path("transform") + * .type("transform") + * .build()); + * + * var ccn_fpe = new Transformation("ccn-fpe", TransformationArgs.builder() + * .path(transform.path()) + * .type("fpe") + * .template("builtin/creditcardnumber") + * .tweakSource("internal") + * .allowedRoles("payments") + * .build()); + * + * var payments = new Role("payments", RoleArgs.builder() + * .path(ccn_fpe.path()) + * .transformations("ccn-fpe") + * .build()); + * + * final var test = TransformFunctions.getDecode(GetDecodeArgs.builder() + * .path(payments.path()) + * .roleName("payments") + * .value("9300-3376-4943-8903") + * .build()); + * + * } + * } + * ``` + * */ public static Output getDecode(GetDecodeArgs args, InvokeOptions options) { return Deployment.getInstance().invoke("vault:transform/getDecode:getDecode", TypeShape.of(GetDecodeResult.class), args, Utilities.withVersion(options)); @@ -49,6 +217,62 @@ public static Output getDecode(GetDecodeArgs args, InvokeOption * * It decodes the provided value using a named role. * + * ## Example Usage + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.vault.Mount; + * import com.pulumi.vault.MountArgs; + * import com.pulumi.vault.transform.Transformation; + * import com.pulumi.vault.transform.TransformationArgs; + * import com.pulumi.vault.transform.Role; + * import com.pulumi.vault.transform.RoleArgs; + * import com.pulumi.vault.transform.TransformFunctions; + * import com.pulumi.vault.transform.inputs.GetDecodeArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var transform = new Mount("transform", MountArgs.builder() + * .path("transform") + * .type("transform") + * .build()); + * + * var ccn_fpe = new Transformation("ccn-fpe", TransformationArgs.builder() + * .path(transform.path()) + * .type("fpe") + * .template("builtin/creditcardnumber") + * .tweakSource("internal") + * .allowedRoles("payments") + * .build()); + * + * var payments = new Role("payments", RoleArgs.builder() + * .path(ccn_fpe.path()) + * .transformations("ccn-fpe") + * .build()); + * + * final var test = TransformFunctions.getDecode(GetDecodeArgs.builder() + * .path(payments.path()) + * .roleName("payments") + * .value("9300-3376-4943-8903") + * .build()); + * + * } + * } + * ``` + * */ public static CompletableFuture getDecodePlain(GetDecodePlainArgs args, InvokeOptions options) { return Deployment.getInstance().invokeAsync("vault:transform/getDecode:getDecode", TypeShape.of(GetDecodeResult.class), args, Utilities.withVersion(options)); @@ -58,6 +282,62 @@ public static CompletableFuture getDecodePlain(GetDecodePlainAr * * It encodes the provided value using a named role. * + * ## Example Usage + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.vault.Mount; + * import com.pulumi.vault.MountArgs; + * import com.pulumi.vault.transform.Transformation; + * import com.pulumi.vault.transform.TransformationArgs; + * import com.pulumi.vault.transform.Role; + * import com.pulumi.vault.transform.RoleArgs; + * import com.pulumi.vault.transform.TransformFunctions; + * import com.pulumi.vault.transform.inputs.GetEncodeArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var transform = new Mount("transform", MountArgs.builder() + * .path("transform") + * .type("transform") + * .build()); + * + * var ccn_fpe = new Transformation("ccn-fpe", TransformationArgs.builder() + * .path(transform.path()) + * .type("fpe") + * .template("builtin/creditcardnumber") + * .tweakSource("internal") + * .allowedRoles("payments") + * .build()); + * + * var payments = new Role("payments", RoleArgs.builder() + * .path(ccn_fpe.path()) + * .transformations("ccn-fpe") + * .build()); + * + * final var test = TransformFunctions.getEncode(GetEncodeArgs.builder() + * .path(payments.path()) + * .roleName("payments") + * .batchInputs(Map.of("value", "1111-2222-3333-4444")) + * .build()); + * + * } + * } + * ``` + * */ public static Output getEncode(GetEncodeArgs args) { return getEncode(args, InvokeOptions.Empty); @@ -67,6 +347,62 @@ public static Output getEncode(GetEncodeArgs args) { * * It encodes the provided value using a named role. * + * ## Example Usage + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.vault.Mount; + * import com.pulumi.vault.MountArgs; + * import com.pulumi.vault.transform.Transformation; + * import com.pulumi.vault.transform.TransformationArgs; + * import com.pulumi.vault.transform.Role; + * import com.pulumi.vault.transform.RoleArgs; + * import com.pulumi.vault.transform.TransformFunctions; + * import com.pulumi.vault.transform.inputs.GetEncodeArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var transform = new Mount("transform", MountArgs.builder() + * .path("transform") + * .type("transform") + * .build()); + * + * var ccn_fpe = new Transformation("ccn-fpe", TransformationArgs.builder() + * .path(transform.path()) + * .type("fpe") + * .template("builtin/creditcardnumber") + * .tweakSource("internal") + * .allowedRoles("payments") + * .build()); + * + * var payments = new Role("payments", RoleArgs.builder() + * .path(ccn_fpe.path()) + * .transformations("ccn-fpe") + * .build()); + * + * final var test = TransformFunctions.getEncode(GetEncodeArgs.builder() + * .path(payments.path()) + * .roleName("payments") + * .batchInputs(Map.of("value", "1111-2222-3333-4444")) + * .build()); + * + * } + * } + * ``` + * */ public static CompletableFuture getEncodePlain(GetEncodePlainArgs args) { return getEncodePlain(args, InvokeOptions.Empty); @@ -76,6 +412,62 @@ public static CompletableFuture getEncodePlain(GetEncodePlainAr * * It encodes the provided value using a named role. * + * ## Example Usage + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.vault.Mount; + * import com.pulumi.vault.MountArgs; + * import com.pulumi.vault.transform.Transformation; + * import com.pulumi.vault.transform.TransformationArgs; + * import com.pulumi.vault.transform.Role; + * import com.pulumi.vault.transform.RoleArgs; + * import com.pulumi.vault.transform.TransformFunctions; + * import com.pulumi.vault.transform.inputs.GetEncodeArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var transform = new Mount("transform", MountArgs.builder() + * .path("transform") + * .type("transform") + * .build()); + * + * var ccn_fpe = new Transformation("ccn-fpe", TransformationArgs.builder() + * .path(transform.path()) + * .type("fpe") + * .template("builtin/creditcardnumber") + * .tweakSource("internal") + * .allowedRoles("payments") + * .build()); + * + * var payments = new Role("payments", RoleArgs.builder() + * .path(ccn_fpe.path()) + * .transformations("ccn-fpe") + * .build()); + * + * final var test = TransformFunctions.getEncode(GetEncodeArgs.builder() + * .path(payments.path()) + * .roleName("payments") + * .batchInputs(Map.of("value", "1111-2222-3333-4444")) + * .build()); + * + * } + * } + * ``` + * */ public static Output getEncode(GetEncodeArgs args, InvokeOptions options) { return Deployment.getInstance().invoke("vault:transform/getEncode:getEncode", TypeShape.of(GetEncodeResult.class), args, Utilities.withVersion(options)); @@ -85,6 +477,62 @@ public static Output getEncode(GetEncodeArgs args, InvokeOption * * It encodes the provided value using a named role. * + * ## Example Usage + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.vault.Mount; + * import com.pulumi.vault.MountArgs; + * import com.pulumi.vault.transform.Transformation; + * import com.pulumi.vault.transform.TransformationArgs; + * import com.pulumi.vault.transform.Role; + * import com.pulumi.vault.transform.RoleArgs; + * import com.pulumi.vault.transform.TransformFunctions; + * import com.pulumi.vault.transform.inputs.GetEncodeArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var transform = new Mount("transform", MountArgs.builder() + * .path("transform") + * .type("transform") + * .build()); + * + * var ccn_fpe = new Transformation("ccn-fpe", TransformationArgs.builder() + * .path(transform.path()) + * .type("fpe") + * .template("builtin/creditcardnumber") + * .tweakSource("internal") + * .allowedRoles("payments") + * .build()); + * + * var payments = new Role("payments", RoleArgs.builder() + * .path(ccn_fpe.path()) + * .transformations("ccn-fpe") + * .build()); + * + * final var test = TransformFunctions.getEncode(GetEncodeArgs.builder() + * .path(payments.path()) + * .roleName("payments") + * .batchInputs(Map.of("value", "1111-2222-3333-4444")) + * .build()); + * + * } + * } + * ``` + * */ public static CompletableFuture getEncodePlain(GetEncodePlainArgs args, InvokeOptions options) { return Deployment.getInstance().invokeAsync("vault:transform/getEncode:getEncode", TypeShape.of(GetEncodeResult.class), args, Utilities.withVersion(options)); diff --git a/sdk/java/src/main/java/com/pulumi/vault/transform/Transformation.java b/sdk/java/src/main/java/com/pulumi/vault/transform/Transformation.java index e04c75930..52ea6adda 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/transform/Transformation.java +++ b/sdk/java/src/main/java/com/pulumi/vault/transform/Transformation.java @@ -78,6 +78,26 @@ public Output> maskingCharacter() { public Output name() { return this.name; } + /** + * The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + @Export(name="namespace", refs={String.class}, tree="[0]") + private Output namespace; + + /** + * @return The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + public Output> namespace() { + return Codegen.optional(this.namespace); + } /** * Path to where the back-end is mounted within Vault. * diff --git a/sdk/java/src/main/java/com/pulumi/vault/transform/TransformationArgs.java b/sdk/java/src/main/java/com/pulumi/vault/transform/TransformationArgs.java index a6d6c0a5b..3f91554f3 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/transform/TransformationArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/transform/TransformationArgs.java @@ -81,6 +81,27 @@ public Optional> name() { return Optional.ofNullable(this.name); } + /** + * The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + @Import(name="namespace") + private @Nullable Output namespace; + + /** + * @return The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + public Optional> namespace() { + return Optional.ofNullable(this.namespace); + } + /** * Path to where the back-end is mounted within Vault. * @@ -163,6 +184,7 @@ private TransformationArgs(TransformationArgs $) { this.deletionAllowed = $.deletionAllowed; this.maskingCharacter = $.maskingCharacter; this.name = $.name; + this.namespace = $.namespace; this.path = $.path; this.template = $.template; this.templates = $.templates; @@ -286,6 +308,33 @@ public Builder name(String name) { return name(Output.of(name)); } + /** + * @param namespace The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(@Nullable Output namespace) { + $.namespace = namespace; + return this; + } + + /** + * @param namespace The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(String namespace) { + return namespace(Output.of(namespace)); + } + /** * @param path Path to where the back-end is mounted within Vault. * diff --git a/sdk/java/src/main/java/com/pulumi/vault/transform/inputs/AlphabetState.java b/sdk/java/src/main/java/com/pulumi/vault/transform/inputs/AlphabetState.java index 47a2c7034..bb6ab4072 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/transform/inputs/AlphabetState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/transform/inputs/AlphabetState.java @@ -45,6 +45,27 @@ public Optional> name() { return Optional.ofNullable(this.name); } + /** + * The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + @Import(name="namespace") + private @Nullable Output namespace; + + /** + * @return The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + public Optional> namespace() { + return Optional.ofNullable(this.namespace); + } + /** * Path to where the back-end is mounted within Vault. * @@ -65,6 +86,7 @@ private AlphabetState() {} private AlphabetState(AlphabetState $) { this.alphabet = $.alphabet; this.name = $.name; + this.namespace = $.namespace; this.path = $.path; } @@ -128,6 +150,33 @@ public Builder name(String name) { return name(Output.of(name)); } + /** + * @param namespace The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(@Nullable Output namespace) { + $.namespace = namespace; + return this; + } + + /** + * @param namespace The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(String namespace) { + return namespace(Output.of(namespace)); + } + /** * @param path Path to where the back-end is mounted within Vault. * diff --git a/sdk/java/src/main/java/com/pulumi/vault/transform/inputs/GetDecodeArgs.java b/sdk/java/src/main/java/com/pulumi/vault/transform/inputs/GetDecodeArgs.java index e9bd0b98a..71c2dd8af 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/transform/inputs/GetDecodeArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/transform/inputs/GetDecodeArgs.java @@ -63,6 +63,27 @@ public Optional> decodedValue() { return Optional.ofNullable(this.decodedValue); } + /** + * The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + @Import(name="namespace") + private @Nullable Output namespace; + + /** + * @return The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + public Optional> namespace() { + return Optional.ofNullable(this.namespace); + } + /** * Path to where the back-end is mounted within Vault. * @@ -144,6 +165,7 @@ private GetDecodeArgs(GetDecodeArgs $) { this.batchInputs = $.batchInputs; this.batchResults = $.batchResults; this.decodedValue = $.decodedValue; + this.namespace = $.namespace; this.path = $.path; this.roleName = $.roleName; this.transformation = $.transformation; @@ -252,6 +274,33 @@ public Builder decodedValue(String decodedValue) { return decodedValue(Output.of(decodedValue)); } + /** + * @param namespace The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(@Nullable Output namespace) { + $.namespace = namespace; + return this; + } + + /** + * @param namespace The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(String namespace) { + return namespace(Output.of(namespace)); + } + /** * @param path Path to where the back-end is mounted within Vault. * diff --git a/sdk/java/src/main/java/com/pulumi/vault/transform/inputs/GetDecodePlainArgs.java b/sdk/java/src/main/java/com/pulumi/vault/transform/inputs/GetDecodePlainArgs.java index 9497c9e78..648a56fae 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/transform/inputs/GetDecodePlainArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/transform/inputs/GetDecodePlainArgs.java @@ -62,6 +62,27 @@ public Optional decodedValue() { return Optional.ofNullable(this.decodedValue); } + /** + * The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + @Import(name="namespace") + private @Nullable String namespace; + + /** + * @return The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + public Optional namespace() { + return Optional.ofNullable(this.namespace); + } + /** * Path to where the back-end is mounted within Vault. * @@ -143,6 +164,7 @@ private GetDecodePlainArgs(GetDecodePlainArgs $) { this.batchInputs = $.batchInputs; this.batchResults = $.batchResults; this.decodedValue = $.decodedValue; + this.namespace = $.namespace; this.path = $.path; this.roleName = $.roleName; this.transformation = $.transformation; @@ -221,6 +243,20 @@ public Builder decodedValue(@Nullable String decodedValue) { return this; } + /** + * @param namespace The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(@Nullable String namespace) { + $.namespace = namespace; + return this; + } + /** * @param path Path to where the back-end is mounted within Vault. * diff --git a/sdk/java/src/main/java/com/pulumi/vault/transform/inputs/GetEncodeArgs.java b/sdk/java/src/main/java/com/pulumi/vault/transform/inputs/GetEncodeArgs.java index 5d0f4b544..3ea5c3537 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/transform/inputs/GetEncodeArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/transform/inputs/GetEncodeArgs.java @@ -63,6 +63,27 @@ public Optional> encodedValue() { return Optional.ofNullable(this.encodedValue); } + /** + * The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + @Import(name="namespace") + private @Nullable Output namespace; + + /** + * @return The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + public Optional> namespace() { + return Optional.ofNullable(this.namespace); + } + /** * Path to where the back-end is mounted within Vault. * @@ -144,6 +165,7 @@ private GetEncodeArgs(GetEncodeArgs $) { this.batchInputs = $.batchInputs; this.batchResults = $.batchResults; this.encodedValue = $.encodedValue; + this.namespace = $.namespace; this.path = $.path; this.roleName = $.roleName; this.transformation = $.transformation; @@ -252,6 +274,33 @@ public Builder encodedValue(String encodedValue) { return encodedValue(Output.of(encodedValue)); } + /** + * @param namespace The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(@Nullable Output namespace) { + $.namespace = namespace; + return this; + } + + /** + * @param namespace The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(String namespace) { + return namespace(Output.of(namespace)); + } + /** * @param path Path to where the back-end is mounted within Vault. * diff --git a/sdk/java/src/main/java/com/pulumi/vault/transform/inputs/GetEncodePlainArgs.java b/sdk/java/src/main/java/com/pulumi/vault/transform/inputs/GetEncodePlainArgs.java index 723e9a289..06b3239e6 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/transform/inputs/GetEncodePlainArgs.java +++ b/sdk/java/src/main/java/com/pulumi/vault/transform/inputs/GetEncodePlainArgs.java @@ -62,6 +62,27 @@ public Optional encodedValue() { return Optional.ofNullable(this.encodedValue); } + /** + * The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + @Import(name="namespace") + private @Nullable String namespace; + + /** + * @return The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + public Optional namespace() { + return Optional.ofNullable(this.namespace); + } + /** * Path to where the back-end is mounted within Vault. * @@ -143,6 +164,7 @@ private GetEncodePlainArgs(GetEncodePlainArgs $) { this.batchInputs = $.batchInputs; this.batchResults = $.batchResults; this.encodedValue = $.encodedValue; + this.namespace = $.namespace; this.path = $.path; this.roleName = $.roleName; this.transformation = $.transformation; @@ -221,6 +243,20 @@ public Builder encodedValue(@Nullable String encodedValue) { return this; } + /** + * @param namespace The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(@Nullable String namespace) { + $.namespace = namespace; + return this; + } + /** * @param path Path to where the back-end is mounted within Vault. * diff --git a/sdk/java/src/main/java/com/pulumi/vault/transform/inputs/RoleState.java b/sdk/java/src/main/java/com/pulumi/vault/transform/inputs/RoleState.java index ae534dd6d..fe9df5dee 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/transform/inputs/RoleState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/transform/inputs/RoleState.java @@ -31,6 +31,27 @@ public Optional> name() { return Optional.ofNullable(this.name); } + /** + * The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + @Import(name="namespace") + private @Nullable Output namespace; + + /** + * @return The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + public Optional> namespace() { + return Optional.ofNullable(this.namespace); + } + /** * Path to where the back-end is mounted within Vault. * @@ -65,6 +86,7 @@ private RoleState() {} private RoleState(RoleState $) { this.name = $.name; + this.namespace = $.namespace; this.path = $.path; this.transformations = $.transformations; } @@ -108,6 +130,33 @@ public Builder name(String name) { return name(Output.of(name)); } + /** + * @param namespace The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(@Nullable Output namespace) { + $.namespace = namespace; + return this; + } + + /** + * @param namespace The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(String namespace) { + return namespace(Output.of(namespace)); + } + /** * @param path Path to where the back-end is mounted within Vault. * diff --git a/sdk/java/src/main/java/com/pulumi/vault/transform/inputs/TemplateState.java b/sdk/java/src/main/java/com/pulumi/vault/transform/inputs/TemplateState.java index 439e8af9b..926f0338c 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/transform/inputs/TemplateState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/transform/inputs/TemplateState.java @@ -33,15 +33,15 @@ public Optional> alphabet() { } /** - * - Optional mapping of name to regular expression template, used to customize - * the decoded output. (requires Vault Enterprise 1.9+) + * Optional mapping of name to regular expression template, used to customize + * the decoded output. (requires Vault Enterprise 1.9+) * */ @Import(name="decodeFormats") private @Nullable Output> decodeFormats; /** - * @return - Optional mapping of name to regular expression template, used to customize + * @return Optional mapping of name to regular expression template, used to customize * the decoded output. (requires Vault Enterprise 1.9+) * */ @@ -50,15 +50,15 @@ public Optional>> decodeFormats() { } /** - * - The regular expression template used to format encoded values. - * (requires Vault Enterprise 1.9+) + * The regular expression template used to format encoded values. + * (requires Vault Enterprise 1.9+) * */ @Import(name="encodeFormat") private @Nullable Output encodeFormat; /** - * @return - The regular expression template used to format encoded values. + * @return The regular expression template used to format encoded values. * (requires Vault Enterprise 1.9+) * */ @@ -81,6 +81,27 @@ public Optional> name() { return Optional.ofNullable(this.name); } + /** + * The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + @Import(name="namespace") + private @Nullable Output namespace; + + /** + * @return The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + public Optional> namespace() { + return Optional.ofNullable(this.namespace); + } + /** * Path to where the back-end is mounted within Vault. * @@ -133,6 +154,7 @@ private TemplateState(TemplateState $) { this.decodeFormats = $.decodeFormats; this.encodeFormat = $.encodeFormat; this.name = $.name; + this.namespace = $.namespace; this.path = $.path; this.pattern = $.pattern; this.type = $.type; @@ -178,7 +200,7 @@ public Builder alphabet(String alphabet) { } /** - * @param decodeFormats - Optional mapping of name to regular expression template, used to customize + * @param decodeFormats Optional mapping of name to regular expression template, used to customize * the decoded output. (requires Vault Enterprise 1.9+) * * @return builder @@ -190,7 +212,7 @@ public Builder decodeFormats(@Nullable Output> decodeFormats) } /** - * @param decodeFormats - Optional mapping of name to regular expression template, used to customize + * @param decodeFormats Optional mapping of name to regular expression template, used to customize * the decoded output. (requires Vault Enterprise 1.9+) * * @return builder @@ -201,7 +223,7 @@ public Builder decodeFormats(Map decodeFormats) { } /** - * @param encodeFormat - The regular expression template used to format encoded values. + * @param encodeFormat The regular expression template used to format encoded values. * (requires Vault Enterprise 1.9+) * * @return builder @@ -213,7 +235,7 @@ public Builder encodeFormat(@Nullable Output encodeFormat) { } /** - * @param encodeFormat - The regular expression template used to format encoded values. + * @param encodeFormat The regular expression template used to format encoded values. * (requires Vault Enterprise 1.9+) * * @return builder @@ -244,6 +266,33 @@ public Builder name(String name) { return name(Output.of(name)); } + /** + * @param namespace The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(@Nullable Output namespace) { + $.namespace = namespace; + return this; + } + + /** + * @param namespace The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(String namespace) { + return namespace(Output.of(namespace)); + } + /** * @param path Path to where the back-end is mounted within Vault. * diff --git a/sdk/java/src/main/java/com/pulumi/vault/transform/inputs/TransformationState.java b/sdk/java/src/main/java/com/pulumi/vault/transform/inputs/TransformationState.java index c2d3f4366..27ec8008b 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/transform/inputs/TransformationState.java +++ b/sdk/java/src/main/java/com/pulumi/vault/transform/inputs/TransformationState.java @@ -81,6 +81,27 @@ public Optional> name() { return Optional.ofNullable(this.name); } + /** + * The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + @Import(name="namespace") + private @Nullable Output namespace; + + /** + * @return The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + */ + public Optional> namespace() { + return Optional.ofNullable(this.namespace); + } + /** * Path to where the back-end is mounted within Vault. * @@ -163,6 +184,7 @@ private TransformationState(TransformationState $) { this.deletionAllowed = $.deletionAllowed; this.maskingCharacter = $.maskingCharacter; this.name = $.name; + this.namespace = $.namespace; this.path = $.path; this.template = $.template; this.templates = $.templates; @@ -286,6 +308,33 @@ public Builder name(String name) { return name(Output.of(name)); } + /** + * @param namespace The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(@Nullable Output namespace) { + $.namespace = namespace; + return this; + } + + /** + * @param namespace The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + * + * @return builder + * + */ + public Builder namespace(String namespace) { + return namespace(Output.of(namespace)); + } + /** * @param path Path to where the back-end is mounted within Vault. * diff --git a/sdk/java/src/main/java/com/pulumi/vault/transform/outputs/GetDecodeResult.java b/sdk/java/src/main/java/com/pulumi/vault/transform/outputs/GetDecodeResult.java index 45e504527..b29c66e49 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/transform/outputs/GetDecodeResult.java +++ b/sdk/java/src/main/java/com/pulumi/vault/transform/outputs/GetDecodeResult.java @@ -22,6 +22,7 @@ public final class GetDecodeResult { * */ private String id; + private @Nullable String namespace; private String path; private String roleName; private @Nullable String transformation; @@ -45,6 +46,9 @@ public String decodedValue() { public String id() { return this.id; } + public Optional namespace() { + return Optional.ofNullable(this.namespace); + } public String path() { return this.path; } @@ -74,6 +78,7 @@ public static final class Builder { private List> batchResults; private String decodedValue; private String id; + private @Nullable String namespace; private String path; private String roleName; private @Nullable String transformation; @@ -86,6 +91,7 @@ public Builder(GetDecodeResult defaults) { this.batchResults = defaults.batchResults; this.decodedValue = defaults.decodedValue; this.id = defaults.id; + this.namespace = defaults.namespace; this.path = defaults.path; this.roleName = defaults.roleName; this.transformation = defaults.transformation; @@ -114,6 +120,11 @@ public Builder id(String id) { return this; } @CustomType.Setter + public Builder namespace(@Nullable String namespace) { + this.namespace = namespace; + return this; + } + @CustomType.Setter public Builder path(String path) { this.path = Objects.requireNonNull(path); return this; @@ -144,6 +155,7 @@ public GetDecodeResult build() { o.batchResults = batchResults; o.decodedValue = decodedValue; o.id = id; + o.namespace = namespace; o.path = path; o.roleName = roleName; o.transformation = transformation; diff --git a/sdk/java/src/main/java/com/pulumi/vault/transform/outputs/GetEncodeResult.java b/sdk/java/src/main/java/com/pulumi/vault/transform/outputs/GetEncodeResult.java index fd6442a3e..553ce3f33 100644 --- a/sdk/java/src/main/java/com/pulumi/vault/transform/outputs/GetEncodeResult.java +++ b/sdk/java/src/main/java/com/pulumi/vault/transform/outputs/GetEncodeResult.java @@ -22,6 +22,7 @@ public final class GetEncodeResult { * */ private String id; + private @Nullable String namespace; private String path; private String roleName; private @Nullable String transformation; @@ -45,6 +46,9 @@ public String encodedValue() { public String id() { return this.id; } + public Optional namespace() { + return Optional.ofNullable(this.namespace); + } public String path() { return this.path; } @@ -74,6 +78,7 @@ public static final class Builder { private List> batchResults; private String encodedValue; private String id; + private @Nullable String namespace; private String path; private String roleName; private @Nullable String transformation; @@ -86,6 +91,7 @@ public Builder(GetEncodeResult defaults) { this.batchResults = defaults.batchResults; this.encodedValue = defaults.encodedValue; this.id = defaults.id; + this.namespace = defaults.namespace; this.path = defaults.path; this.roleName = defaults.roleName; this.transformation = defaults.transformation; @@ -114,6 +120,11 @@ public Builder id(String id) { return this; } @CustomType.Setter + public Builder namespace(@Nullable String namespace) { + this.namespace = namespace; + return this; + } + @CustomType.Setter public Builder path(String path) { this.path = Objects.requireNonNull(path); return this; @@ -144,6 +155,7 @@ public GetEncodeResult build() { o.batchResults = batchResults; o.encodedValue = encodedValue; o.id = id; + o.namespace = namespace; o.path = path; o.roleName = roleName; o.transformation = transformation; diff --git a/sdk/nodejs/ad/getAccessCredentials.ts b/sdk/nodejs/ad/getAccessCredentials.ts index e5b4ff884..ef265d28b 100644 --- a/sdk/nodejs/ad/getAccessCredentials.ts +++ b/sdk/nodejs/ad/getAccessCredentials.ts @@ -5,11 +5,8 @@ import * as pulumi from "@pulumi/pulumi"; import * as utilities from "../utilities"; export function getAccessCredentials(args: GetAccessCredentialsArgs, opts?: pulumi.InvokeOptions): Promise { - if (!opts) { - opts = {} - } - opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invoke("vault:ad/getAccessCredentials:getAccessCredentials", { "backend": args.backend, "namespace": args.namespace, @@ -64,9 +61,8 @@ export interface GetAccessCredentialsResult { */ readonly username: string; } - export function getAccessCredentialsOutput(args: GetAccessCredentialsOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { - return pulumi.output(args).apply(a => getAccessCredentials(a, opts)) + return pulumi.output(args).apply((a: any) => getAccessCredentials(a, opts)) } /** diff --git a/sdk/nodejs/ad/index.ts b/sdk/nodejs/ad/index.ts index 7cb9829d4..945352b24 100644 --- a/sdk/nodejs/ad/index.ts +++ b/sdk/nodejs/ad/index.ts @@ -8,24 +8,24 @@ import * as utilities from "../utilities"; export { GetAccessCredentialsArgs, GetAccessCredentialsResult, GetAccessCredentialsOutputArgs } from "./getAccessCredentials"; export const getAccessCredentials: typeof import("./getAccessCredentials").getAccessCredentials = null as any; export const getAccessCredentialsOutput: typeof import("./getAccessCredentials").getAccessCredentialsOutput = null as any; +utilities.lazyLoad(exports, ["getAccessCredentials","getAccessCredentialsOutput"], () => require("./getAccessCredentials")); export { SecretBackendArgs, SecretBackendState } from "./secretBackend"; export type SecretBackend = import("./secretBackend").SecretBackend; export const SecretBackend: typeof import("./secretBackend").SecretBackend = null as any; +utilities.lazyLoad(exports, ["SecretBackend"], () => require("./secretBackend")); export { SecretLibraryArgs, SecretLibraryState } from "./secretLibrary"; export type SecretLibrary = import("./secretLibrary").SecretLibrary; export const SecretLibrary: typeof import("./secretLibrary").SecretLibrary = null as any; +utilities.lazyLoad(exports, ["SecretLibrary"], () => require("./secretLibrary")); export { SecretRoleArgs, SecretRoleState } from "./secretRole"; export type SecretRole = import("./secretRole").SecretRole; export const SecretRole: typeof import("./secretRole").SecretRole = null as any; - -utilities.lazyLoad(exports, ["getAccessCredentials","getAccessCredentialsOutput"], () => require("./getAccessCredentials")); -utilities.lazyLoad(exports, ["SecretBackend"], () => require("./secretBackend")); -utilities.lazyLoad(exports, ["SecretLibrary"], () => require("./secretLibrary")); utilities.lazyLoad(exports, ["SecretRole"], () => require("./secretRole")); + const _module = { version: utilities.getVersion(), construct: (name: string, type: string, urn: string): pulumi.Resource => { diff --git a/sdk/nodejs/alicloud/authBackendRole.ts b/sdk/nodejs/alicloud/authBackendRole.ts index af2b26968..d739ee2d2 100644 --- a/sdk/nodejs/alicloud/authBackendRole.ts +++ b/sdk/nodejs/alicloud/authBackendRole.ts @@ -67,6 +67,8 @@ export class AuthBackendRole extends pulumi.CustomResource { /** * Path to the mounted AliCloud auth backend. * Defaults to `alicloud` + * + * For more details on the usage of each argument consult the [Vault AliCloud API documentation](https://www.vaultproject.io/api-docs/auth/alicloud). */ public readonly backend!: pulumi.Output; /** @@ -199,6 +201,8 @@ export interface AuthBackendRoleState { /** * Path to the mounted AliCloud auth backend. * Defaults to `alicloud` + * + * For more details on the usage of each argument consult the [Vault AliCloud API documentation](https://www.vaultproject.io/api-docs/auth/alicloud). */ backend?: pulumi.Input; /** @@ -279,6 +283,8 @@ export interface AuthBackendRoleArgs { /** * Path to the mounted AliCloud auth backend. * Defaults to `alicloud` + * + * For more details on the usage of each argument consult the [Vault AliCloud API documentation](https://www.vaultproject.io/api-docs/auth/alicloud). */ backend?: pulumi.Input; /** diff --git a/sdk/nodejs/alicloud/index.ts b/sdk/nodejs/alicloud/index.ts index f6bd39a58..434198be4 100644 --- a/sdk/nodejs/alicloud/index.ts +++ b/sdk/nodejs/alicloud/index.ts @@ -8,9 +8,9 @@ import * as utilities from "../utilities"; export { AuthBackendRoleArgs, AuthBackendRoleState } from "./authBackendRole"; export type AuthBackendRole = import("./authBackendRole").AuthBackendRole; export const AuthBackendRole: typeof import("./authBackendRole").AuthBackendRole = null as any; - utilities.lazyLoad(exports, ["AuthBackendRole"], () => require("./authBackendRole")); + const _module = { version: utilities.getVersion(), construct: (name: string, type: string, urn: string): pulumi.Resource => { diff --git a/sdk/nodejs/approle/getAuthBackendRoleId.ts b/sdk/nodejs/approle/getAuthBackendRoleId.ts index 154b69073..102725c9e 100644 --- a/sdk/nodejs/approle/getAuthBackendRoleId.ts +++ b/sdk/nodejs/approle/getAuthBackendRoleId.ts @@ -18,19 +18,15 @@ import * as utilities from "../utilities"; * backend: "my-approle-backend", * roleName: "my-role", * }); - * const role_id = role.roleId; * return { - * "role-id": role_id, + * "role-id": role.roleId, * }; * } * ``` */ export function getAuthBackendRoleId(args: GetAuthBackendRoleIdArgs, opts?: pulumi.InvokeOptions): Promise { - if (!opts) { - opts = {} - } - opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invoke("vault:appRole/getAuthBackendRoleId:getAuthBackendRoleId", { "backend": args.backend, "namespace": args.namespace, @@ -76,9 +72,28 @@ export interface GetAuthBackendRoleIdResult { readonly roleId: string; readonly roleName: string; } - +/** + * Reads the Role ID of an AppRole from a Vault server. + * + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as vault from "@pulumi/vault"; + * + * export = async () => { + * const role = await vault.appRole.getAuthBackendRoleId({ + * backend: "my-approle-backend", + * roleName: "my-role", + * }); + * return { + * "role-id": role.roleId, + * }; + * } + * ``` + */ export function getAuthBackendRoleIdOutput(args: GetAuthBackendRoleIdOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { - return pulumi.output(args).apply(a => getAuthBackendRoleId(a, opts)) + return pulumi.output(args).apply((a: any) => getAuthBackendRoleId(a, opts)) } /** diff --git a/sdk/nodejs/approle/index.ts b/sdk/nodejs/approle/index.ts index 39ab266c6..407050d50 100644 --- a/sdk/nodejs/approle/index.ts +++ b/sdk/nodejs/approle/index.ts @@ -8,24 +8,24 @@ import * as utilities from "../utilities"; export { AuthBackendLoginArgs, AuthBackendLoginState } from "./authBackendLogin"; export type AuthBackendLogin = import("./authBackendLogin").AuthBackendLogin; export const AuthBackendLogin: typeof import("./authBackendLogin").AuthBackendLogin = null as any; +utilities.lazyLoad(exports, ["AuthBackendLogin"], () => require("./authBackendLogin")); export { AuthBackendRoleArgs, AuthBackendRoleState } from "./authBackendRole"; export type AuthBackendRole = import("./authBackendRole").AuthBackendRole; export const AuthBackendRole: typeof import("./authBackendRole").AuthBackendRole = null as any; +utilities.lazyLoad(exports, ["AuthBackendRole"], () => require("./authBackendRole")); export { AuthBackendRoleSecretIdArgs, AuthBackendRoleSecretIdState } from "./authBackendRoleSecretId"; export type AuthBackendRoleSecretId = import("./authBackendRoleSecretId").AuthBackendRoleSecretId; export const AuthBackendRoleSecretId: typeof import("./authBackendRoleSecretId").AuthBackendRoleSecretId = null as any; +utilities.lazyLoad(exports, ["AuthBackendRoleSecretId"], () => require("./authBackendRoleSecretId")); export { GetAuthBackendRoleIdArgs, GetAuthBackendRoleIdResult, GetAuthBackendRoleIdOutputArgs } from "./getAuthBackendRoleId"; export const getAuthBackendRoleId: typeof import("./getAuthBackendRoleId").getAuthBackendRoleId = null as any; export const getAuthBackendRoleIdOutput: typeof import("./getAuthBackendRoleId").getAuthBackendRoleIdOutput = null as any; - -utilities.lazyLoad(exports, ["AuthBackendLogin"], () => require("./authBackendLogin")); -utilities.lazyLoad(exports, ["AuthBackendRole"], () => require("./authBackendRole")); -utilities.lazyLoad(exports, ["AuthBackendRoleSecretId"], () => require("./authBackendRoleSecretId")); utilities.lazyLoad(exports, ["getAuthBackendRoleId","getAuthBackendRoleIdOutput"], () => require("./getAuthBackendRoleId")); + const _module = { version: utilities.getVersion(), construct: (name: string, type: string, urn: string): pulumi.Resource => { diff --git a/sdk/nodejs/audit.ts b/sdk/nodejs/audit.ts index 21c800b47..0f7da3678 100644 --- a/sdk/nodejs/audit.ts +++ b/sdk/nodejs/audit.ts @@ -90,6 +90,8 @@ export class Audit extends pulumi.CustomResource { public readonly namespace!: pulumi.Output; /** * Configuration options to pass to the audit device itself. + * + * For a reference of the device types and their options, consult the [Vault documentation.](https://www.vaultproject.io/docs/audit/index.html) */ public readonly options!: pulumi.Output<{[key: string]: string}>; /** @@ -161,6 +163,8 @@ export interface AuditState { namespace?: pulumi.Input; /** * Configuration options to pass to the audit device itself. + * + * For a reference of the device types and their options, consult the [Vault documentation.](https://www.vaultproject.io/docs/audit/index.html) */ options?: pulumi.Input<{[key: string]: pulumi.Input}>; /** @@ -194,6 +198,8 @@ export interface AuditArgs { namespace?: pulumi.Input; /** * Configuration options to pass to the audit device itself. + * + * For a reference of the device types and their options, consult the [Vault documentation.](https://www.vaultproject.io/docs/audit/index.html) */ options: pulumi.Input<{[key: string]: pulumi.Input}>; /** diff --git a/sdk/nodejs/auditRequestHeader.ts b/sdk/nodejs/auditRequestHeader.ts index 513115821..17d1260fe 100644 --- a/sdk/nodejs/auditRequestHeader.ts +++ b/sdk/nodejs/auditRequestHeader.ts @@ -18,9 +18,7 @@ import * as utilities from "./utilities"; * import * as pulumi from "@pulumi/pulumi"; * import * as vault from "@pulumi/vault"; * - * const xForwardedFor = new vault.AuditRequestHeader("x_forwarded_for", { - * hmac: false, - * }); + * const xForwardedFor = new vault.AuditRequestHeader("xForwardedFor", {hmac: false}); * ``` */ export class AuditRequestHeader extends pulumi.CustomResource { diff --git a/sdk/nodejs/authBackend.ts b/sdk/nodejs/authBackend.ts index 056773016..2f9b87d96 100644 --- a/sdk/nodejs/authBackend.ts +++ b/sdk/nodejs/authBackend.ts @@ -73,6 +73,8 @@ export class AuthBackend extends pulumi.CustomResource { public readonly path!: pulumi.Output; /** * Extra configuration block. Structure is documented below. + * + * The `tune` block is used to tune the auth backend: */ public readonly tune!: pulumi.Output; /** @@ -154,6 +156,8 @@ export interface AuthBackendState { path?: pulumi.Input; /** * Extra configuration block. Structure is documented below. + * + * The `tune` block is used to tune the auth backend: */ tune?: pulumi.Input; /** @@ -192,6 +196,8 @@ export interface AuthBackendArgs { path?: pulumi.Input; /** * Extra configuration block. Structure is documented below. + * + * The `tune` block is used to tune the auth backend: */ tune?: pulumi.Input; /** diff --git a/sdk/nodejs/aws/getAccessCredentials.ts b/sdk/nodejs/aws/getAccessCredentials.ts index 587d139c3..13c5841b2 100644 --- a/sdk/nodejs/aws/getAccessCredentials.ts +++ b/sdk/nodejs/aws/getAccessCredentials.ts @@ -5,11 +5,8 @@ import * as pulumi from "@pulumi/pulumi"; import * as utilities from "../utilities"; export function getAccessCredentials(args: GetAccessCredentialsArgs, opts?: pulumi.InvokeOptions): Promise { - if (!opts) { - opts = {} - } - opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invoke("vault:aws/getAccessCredentials:getAccessCredentials", { "backend": args.backend, "namespace": args.namespace, @@ -107,9 +104,8 @@ export interface GetAccessCredentialsResult { readonly ttl?: string; readonly type?: string; } - export function getAccessCredentialsOutput(args: GetAccessCredentialsOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { - return pulumi.output(args).apply(a => getAccessCredentials(a, opts)) + return pulumi.output(args).apply((a: any) => getAccessCredentials(a, opts)) } /** diff --git a/sdk/nodejs/aws/getStaticAccessCredentials.ts b/sdk/nodejs/aws/getStaticAccessCredentials.ts new file mode 100644 index 000000000..266caa01c --- /dev/null +++ b/sdk/nodejs/aws/getStaticAccessCredentials.ts @@ -0,0 +1,51 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as utilities from "../utilities"; + +export function getStaticAccessCredentials(args: GetStaticAccessCredentialsArgs, opts?: pulumi.InvokeOptions): Promise { + + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); + return pulumi.runtime.invoke("vault:aws/getStaticAccessCredentials:getStaticAccessCredentials", { + "backend": args.backend, + "name": args.name, + "namespace": args.namespace, + }, opts); +} + +/** + * A collection of arguments for invoking getStaticAccessCredentials. + */ +export interface GetStaticAccessCredentialsArgs { + backend: string; + name: string; + namespace?: string; +} + +/** + * A collection of values returned by getStaticAccessCredentials. + */ +export interface GetStaticAccessCredentialsResult { + readonly accessKey: string; + readonly backend: string; + /** + * The provider-assigned unique ID for this managed resource. + */ + readonly id: string; + readonly name: string; + readonly namespace?: string; + readonly secretKey: string; +} +export function getStaticAccessCredentialsOutput(args: GetStaticAccessCredentialsOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { + return pulumi.output(args).apply((a: any) => getStaticAccessCredentials(a, opts)) +} + +/** + * A collection of arguments for invoking getStaticAccessCredentials. + */ +export interface GetStaticAccessCredentialsOutputArgs { + backend: pulumi.Input; + name: pulumi.Input; + namespace?: pulumi.Input; +} diff --git a/sdk/nodejs/aws/index.ts b/sdk/nodejs/aws/index.ts index 9185016a2..5d29047e1 100644 --- a/sdk/nodejs/aws/index.ts +++ b/sdk/nodejs/aws/index.ts @@ -8,69 +8,74 @@ import * as utilities from "../utilities"; export { AuthBackendCertArgs, AuthBackendCertState } from "./authBackendCert"; export type AuthBackendCert = import("./authBackendCert").AuthBackendCert; export const AuthBackendCert: typeof import("./authBackendCert").AuthBackendCert = null as any; +utilities.lazyLoad(exports, ["AuthBackendCert"], () => require("./authBackendCert")); export { AuthBackendClientArgs, AuthBackendClientState } from "./authBackendClient"; export type AuthBackendClient = import("./authBackendClient").AuthBackendClient; export const AuthBackendClient: typeof import("./authBackendClient").AuthBackendClient = null as any; +utilities.lazyLoad(exports, ["AuthBackendClient"], () => require("./authBackendClient")); export { AuthBackendConfigIdentityArgs, AuthBackendConfigIdentityState } from "./authBackendConfigIdentity"; export type AuthBackendConfigIdentity = import("./authBackendConfigIdentity").AuthBackendConfigIdentity; export const AuthBackendConfigIdentity: typeof import("./authBackendConfigIdentity").AuthBackendConfigIdentity = null as any; +utilities.lazyLoad(exports, ["AuthBackendConfigIdentity"], () => require("./authBackendConfigIdentity")); export { AuthBackendIdentityWhitelistArgs, AuthBackendIdentityWhitelistState } from "./authBackendIdentityWhitelist"; export type AuthBackendIdentityWhitelist = import("./authBackendIdentityWhitelist").AuthBackendIdentityWhitelist; export const AuthBackendIdentityWhitelist: typeof import("./authBackendIdentityWhitelist").AuthBackendIdentityWhitelist = null as any; +utilities.lazyLoad(exports, ["AuthBackendIdentityWhitelist"], () => require("./authBackendIdentityWhitelist")); export { AuthBackendLoginArgs, AuthBackendLoginState } from "./authBackendLogin"; export type AuthBackendLogin = import("./authBackendLogin").AuthBackendLogin; export const AuthBackendLogin: typeof import("./authBackendLogin").AuthBackendLogin = null as any; +utilities.lazyLoad(exports, ["AuthBackendLogin"], () => require("./authBackendLogin")); export { AuthBackendRoleArgs, AuthBackendRoleState } from "./authBackendRole"; export type AuthBackendRole = import("./authBackendRole").AuthBackendRole; export const AuthBackendRole: typeof import("./authBackendRole").AuthBackendRole = null as any; +utilities.lazyLoad(exports, ["AuthBackendRole"], () => require("./authBackendRole")); export { AuthBackendRoleTagArgs, AuthBackendRoleTagState } from "./authBackendRoleTag"; export type AuthBackendRoleTag = import("./authBackendRoleTag").AuthBackendRoleTag; export const AuthBackendRoleTag: typeof import("./authBackendRoleTag").AuthBackendRoleTag = null as any; +utilities.lazyLoad(exports, ["AuthBackendRoleTag"], () => require("./authBackendRoleTag")); export { AuthBackendRoletagBlacklistArgs, AuthBackendRoletagBlacklistState } from "./authBackendRoletagBlacklist"; export type AuthBackendRoletagBlacklist = import("./authBackendRoletagBlacklist").AuthBackendRoletagBlacklist; export const AuthBackendRoletagBlacklist: typeof import("./authBackendRoletagBlacklist").AuthBackendRoletagBlacklist = null as any; +utilities.lazyLoad(exports, ["AuthBackendRoletagBlacklist"], () => require("./authBackendRoletagBlacklist")); export { AuthBackendStsRoleArgs, AuthBackendStsRoleState } from "./authBackendStsRole"; export type AuthBackendStsRole = import("./authBackendStsRole").AuthBackendStsRole; export const AuthBackendStsRole: typeof import("./authBackendStsRole").AuthBackendStsRole = null as any; +utilities.lazyLoad(exports, ["AuthBackendStsRole"], () => require("./authBackendStsRole")); export { GetAccessCredentialsArgs, GetAccessCredentialsResult, GetAccessCredentialsOutputArgs } from "./getAccessCredentials"; export const getAccessCredentials: typeof import("./getAccessCredentials").getAccessCredentials = null as any; export const getAccessCredentialsOutput: typeof import("./getAccessCredentials").getAccessCredentialsOutput = null as any; +utilities.lazyLoad(exports, ["getAccessCredentials","getAccessCredentialsOutput"], () => require("./getAccessCredentials")); + +export { GetStaticAccessCredentialsArgs, GetStaticAccessCredentialsResult, GetStaticAccessCredentialsOutputArgs } from "./getStaticAccessCredentials"; +export const getStaticAccessCredentials: typeof import("./getStaticAccessCredentials").getStaticAccessCredentials = null as any; +export const getStaticAccessCredentialsOutput: typeof import("./getStaticAccessCredentials").getStaticAccessCredentialsOutput = null as any; +utilities.lazyLoad(exports, ["getStaticAccessCredentials","getStaticAccessCredentialsOutput"], () => require("./getStaticAccessCredentials")); export { SecretBackendArgs, SecretBackendState } from "./secretBackend"; export type SecretBackend = import("./secretBackend").SecretBackend; export const SecretBackend: typeof import("./secretBackend").SecretBackend = null as any; +utilities.lazyLoad(exports, ["SecretBackend"], () => require("./secretBackend")); export { SecretBackendRoleArgs, SecretBackendRoleState } from "./secretBackendRole"; export type SecretBackendRole = import("./secretBackendRole").SecretBackendRole; export const SecretBackendRole: typeof import("./secretBackendRole").SecretBackendRole = null as any; +utilities.lazyLoad(exports, ["SecretBackendRole"], () => require("./secretBackendRole")); export { SecretBackendStaticRoleArgs, SecretBackendStaticRoleState } from "./secretBackendStaticRole"; export type SecretBackendStaticRole = import("./secretBackendStaticRole").SecretBackendStaticRole; export const SecretBackendStaticRole: typeof import("./secretBackendStaticRole").SecretBackendStaticRole = null as any; - -utilities.lazyLoad(exports, ["AuthBackendCert"], () => require("./authBackendCert")); -utilities.lazyLoad(exports, ["AuthBackendClient"], () => require("./authBackendClient")); -utilities.lazyLoad(exports, ["AuthBackendConfigIdentity"], () => require("./authBackendConfigIdentity")); -utilities.lazyLoad(exports, ["AuthBackendIdentityWhitelist"], () => require("./authBackendIdentityWhitelist")); -utilities.lazyLoad(exports, ["AuthBackendLogin"], () => require("./authBackendLogin")); -utilities.lazyLoad(exports, ["AuthBackendRole"], () => require("./authBackendRole")); -utilities.lazyLoad(exports, ["AuthBackendRoleTag"], () => require("./authBackendRoleTag")); -utilities.lazyLoad(exports, ["AuthBackendRoletagBlacklist"], () => require("./authBackendRoletagBlacklist")); -utilities.lazyLoad(exports, ["AuthBackendStsRole"], () => require("./authBackendStsRole")); -utilities.lazyLoad(exports, ["getAccessCredentials","getAccessCredentialsOutput"], () => require("./getAccessCredentials")); -utilities.lazyLoad(exports, ["SecretBackend"], () => require("./secretBackend")); -utilities.lazyLoad(exports, ["SecretBackendRole"], () => require("./secretBackendRole")); utilities.lazyLoad(exports, ["SecretBackendStaticRole"], () => require("./secretBackendStaticRole")); + const _module = { version: utilities.getVersion(), construct: (name: string, type: string, urn: string): pulumi.Resource => { diff --git a/sdk/nodejs/aws/secretBackend.ts b/sdk/nodejs/aws/secretBackend.ts index d3215ada4..02ed1c4a0 100644 --- a/sdk/nodejs/aws/secretBackend.ts +++ b/sdk/nodejs/aws/secretBackend.ts @@ -86,12 +86,11 @@ export class SecretBackend extends pulumi.CustomResource { */ public readonly path!: pulumi.Output; /** - * The AWS region for API calls. Defaults to `us-east-1`. + * The AWS region to make API calls against. Defaults to us-east-1. */ public readonly region!: pulumi.Output; /** - * The AWS Secret Key this backend should use to - * issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials. + * The AWS Secret Access Key to use when generating new credentials. */ public readonly secretKey!: pulumi.Output; /** @@ -201,12 +200,11 @@ export interface SecretBackendState { */ path?: pulumi.Input; /** - * The AWS region for API calls. Defaults to `us-east-1`. + * The AWS region to make API calls against. Defaults to us-east-1. */ region?: pulumi.Input; /** - * The AWS Secret Key this backend should use to - * issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials. + * The AWS Secret Access Key to use when generating new credentials. */ secretKey?: pulumi.Input; /** @@ -268,12 +266,11 @@ export interface SecretBackendArgs { */ path?: pulumi.Input; /** - * The AWS region for API calls. Defaults to `us-east-1`. + * The AWS region to make API calls against. Defaults to us-east-1. */ region?: pulumi.Input; /** - * The AWS Secret Key this backend should use to - * issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials. + * The AWS Secret Access Key to use when generating new credentials. */ secretKey?: pulumi.Input; /** diff --git a/sdk/nodejs/azure/backend.ts b/sdk/nodejs/azure/backend.ts index 813c21d13..f2ab64324 100644 --- a/sdk/nodejs/azure/backend.ts +++ b/sdk/nodejs/azure/backend.ts @@ -66,11 +66,11 @@ export class Backend extends pulumi.CustomResource { } /** - * - The OAuth2 client id to connect to Azure. + * The OAuth2 client id to connect to Azure. */ public readonly clientId!: pulumi.Output; /** - * - The OAuth2 client secret to connect to Azure. + * The OAuth2 client secret to connect to Azure. */ public readonly clientSecret!: pulumi.Output; /** @@ -83,7 +83,7 @@ export class Backend extends pulumi.CustomResource { */ public readonly disableRemount!: pulumi.Output; /** - * - The Azure environment. + * The Azure environment. */ public readonly environment!: pulumi.Output; /** @@ -94,19 +94,19 @@ export class Backend extends pulumi.CustomResource { */ public readonly namespace!: pulumi.Output; /** - * - The unique path this backend should be mounted at. Defaults to `azure`. + * The unique path this backend should be mounted at. Defaults to `azure`. */ public readonly path!: pulumi.Output; /** - * - The subscription id for the Azure Active Directory. + * The subscription id for the Azure Active Directory. */ public readonly subscriptionId!: pulumi.Output; /** - * - The tenant id for the Azure Active Directory. + * The tenant id for the Azure Active Directory. */ public readonly tenantId!: pulumi.Output; /** - * - Indicates whether the secrets engine should use + * Indicates whether the secrets engine should use * the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. * For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) */ @@ -166,11 +166,11 @@ export class Backend extends pulumi.CustomResource { */ export interface BackendState { /** - * - The OAuth2 client id to connect to Azure. + * The OAuth2 client id to connect to Azure. */ clientId?: pulumi.Input; /** - * - The OAuth2 client secret to connect to Azure. + * The OAuth2 client secret to connect to Azure. */ clientSecret?: pulumi.Input; /** @@ -183,7 +183,7 @@ export interface BackendState { */ disableRemount?: pulumi.Input; /** - * - The Azure environment. + * The Azure environment. */ environment?: pulumi.Input; /** @@ -194,19 +194,19 @@ export interface BackendState { */ namespace?: pulumi.Input; /** - * - The unique path this backend should be mounted at. Defaults to `azure`. + * The unique path this backend should be mounted at. Defaults to `azure`. */ path?: pulumi.Input; /** - * - The subscription id for the Azure Active Directory. + * The subscription id for the Azure Active Directory. */ subscriptionId?: pulumi.Input; /** - * - The tenant id for the Azure Active Directory. + * The tenant id for the Azure Active Directory. */ tenantId?: pulumi.Input; /** - * - Indicates whether the secrets engine should use + * Indicates whether the secrets engine should use * the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. * For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) */ @@ -218,11 +218,11 @@ export interface BackendState { */ export interface BackendArgs { /** - * - The OAuth2 client id to connect to Azure. + * The OAuth2 client id to connect to Azure. */ clientId?: pulumi.Input; /** - * - The OAuth2 client secret to connect to Azure. + * The OAuth2 client secret to connect to Azure. */ clientSecret?: pulumi.Input; /** @@ -235,7 +235,7 @@ export interface BackendArgs { */ disableRemount?: pulumi.Input; /** - * - The Azure environment. + * The Azure environment. */ environment?: pulumi.Input; /** @@ -246,19 +246,19 @@ export interface BackendArgs { */ namespace?: pulumi.Input; /** - * - The unique path this backend should be mounted at. Defaults to `azure`. + * The unique path this backend should be mounted at. Defaults to `azure`. */ path?: pulumi.Input; /** - * - The subscription id for the Azure Active Directory. + * The subscription id for the Azure Active Directory. */ subscriptionId: pulumi.Input; /** - * - The tenant id for the Azure Active Directory. + * The tenant id for the Azure Active Directory. */ tenantId: pulumi.Input; /** - * - Indicates whether the secrets engine should use + * Indicates whether the secrets engine should use * the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. * For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) */ diff --git a/sdk/nodejs/azure/getAccessCredentials.ts b/sdk/nodejs/azure/getAccessCredentials.ts index be8995817..e38e760bd 100644 --- a/sdk/nodejs/azure/getAccessCredentials.ts +++ b/sdk/nodejs/azure/getAccessCredentials.ts @@ -26,11 +26,8 @@ import * as utilities from "../utilities"; * are required to be set for: `subscriptionId`, `tenantId`, `environment`. */ export function getAccessCredentials(args: GetAccessCredentialsArgs, opts?: pulumi.InvokeOptions): Promise { - if (!opts) { - opts = {} - } - opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invoke("vault:azure/getAccessCredentials:getAccessCredentials", { "backend": args.backend, "environment": args.environment, @@ -151,9 +148,29 @@ export interface GetAccessCredentialsResult { readonly tenantId?: string; readonly validateCreds?: boolean; } - +/** + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as vault from "@pulumi/vault"; + * + * const creds = vault.azure.getAccessCredentials({ + * role: "my-role", + * validateCreds: true, + * numSequentialSuccesses: 8, + * numSecondsBetweenTests: 1, + * maxCredValidationSeconds: 300, + * }); + * ``` + * ## Caveats + * + * The `validateCreds` option requires read-access to the `backend` config endpoint. + * If the effective Vault role does not have the required permissions then valid values + * are required to be set for: `subscriptionId`, `tenantId`, `environment`. + */ export function getAccessCredentialsOutput(args: GetAccessCredentialsOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { - return pulumi.output(args).apply(a => getAccessCredentials(a, opts)) + return pulumi.output(args).apply((a: any) => getAccessCredentials(a, opts)) } /** diff --git a/sdk/nodejs/azure/index.ts b/sdk/nodejs/azure/index.ts index f87b888fc..8b1c8421e 100644 --- a/sdk/nodejs/azure/index.ts +++ b/sdk/nodejs/azure/index.ts @@ -8,29 +8,29 @@ import * as utilities from "../utilities"; export { AuthBackendConfigArgs, AuthBackendConfigState } from "./authBackendConfig"; export type AuthBackendConfig = import("./authBackendConfig").AuthBackendConfig; export const AuthBackendConfig: typeof import("./authBackendConfig").AuthBackendConfig = null as any; +utilities.lazyLoad(exports, ["AuthBackendConfig"], () => require("./authBackendConfig")); export { AuthBackendRoleArgs, AuthBackendRoleState } from "./authBackendRole"; export type AuthBackendRole = import("./authBackendRole").AuthBackendRole; export const AuthBackendRole: typeof import("./authBackendRole").AuthBackendRole = null as any; +utilities.lazyLoad(exports, ["AuthBackendRole"], () => require("./authBackendRole")); export { BackendArgs, BackendState } from "./backend"; export type Backend = import("./backend").Backend; export const Backend: typeof import("./backend").Backend = null as any; +utilities.lazyLoad(exports, ["Backend"], () => require("./backend")); export { BackendRoleArgs, BackendRoleState } from "./backendRole"; export type BackendRole = import("./backendRole").BackendRole; export const BackendRole: typeof import("./backendRole").BackendRole = null as any; +utilities.lazyLoad(exports, ["BackendRole"], () => require("./backendRole")); export { GetAccessCredentialsArgs, GetAccessCredentialsResult, GetAccessCredentialsOutputArgs } from "./getAccessCredentials"; export const getAccessCredentials: typeof import("./getAccessCredentials").getAccessCredentials = null as any; export const getAccessCredentialsOutput: typeof import("./getAccessCredentials").getAccessCredentialsOutput = null as any; - -utilities.lazyLoad(exports, ["AuthBackendConfig"], () => require("./authBackendConfig")); -utilities.lazyLoad(exports, ["AuthBackendRole"], () => require("./authBackendRole")); -utilities.lazyLoad(exports, ["Backend"], () => require("./backend")); -utilities.lazyLoad(exports, ["BackendRole"], () => require("./backendRole")); utilities.lazyLoad(exports, ["getAccessCredentials","getAccessCredentialsOutput"], () => require("./getAccessCredentials")); + const _module = { version: utilities.getVersion(), construct: (name: string, type: string, urn: string): pulumi.Resource => { diff --git a/sdk/nodejs/certAuthBackendRole.ts b/sdk/nodejs/certAuthBackendRole.ts index 543e05ada..a68f0d2b6 100644 --- a/sdk/nodejs/certAuthBackendRole.ts +++ b/sdk/nodejs/certAuthBackendRole.ts @@ -112,7 +112,40 @@ export class CertAuthBackendRole extends pulumi.CustomResource { */ public readonly namespace!: pulumi.Output; /** - * TLS extensions required on client certificates + * Any additional CA certificates + * needed to verify OCSP responses. Provided as base64 encoded PEM data. + * Requires Vault version 1.13+. + */ + public readonly ocspCaCertificates!: pulumi.Output; + /** + * If enabled, validate certificates' + * revocation status using OCSP. Requires Vault version 1.13+. + */ + public readonly ocspEnabled!: pulumi.Output; + /** + * If true and an OCSP response cannot + * be fetched or is of an unknown status, the login will proceed as if the + * certificate has not been revoked. + * Requires Vault version 1.13+. + */ + public readonly ocspFailOpen!: pulumi.Output; + /** + * If set to true, rather than + * accepting the first successful OCSP response, query all servers and consider + * the certificate valid only if all servers agree. + * Requires Vault version 1.13+. + */ + public readonly ocspQueryAllServers!: pulumi.Output; + /** + * : A comma-separated list of OCSP + * server addresses. If unset, the OCSP server is determined from the + * AuthorityInformationAccess extension on the certificate being inspected. + * Requires Vault version 1.13+. + */ + public readonly ocspServersOverrides!: pulumi.Output; + /** + * TLS extensions required on + * client certificates */ public readonly requiredExtensions!: pulumi.Output; /** @@ -166,6 +199,8 @@ export class CertAuthBackendRole extends pulumi.CustomResource { * `service` tokens). For token store roles, there are two additional possibilities: * `default-service` and `default-batch` which specify the type to return unless the client * requests a different type at generation time. + * + * For more details on the usage of each argument consult the [Vault Cert API documentation](https://www.vaultproject.io/api-docs/auth/cert). */ public readonly tokenType!: pulumi.Output; @@ -194,6 +229,11 @@ export class CertAuthBackendRole extends pulumi.CustomResource { resourceInputs["displayName"] = state ? state.displayName : undefined; resourceInputs["name"] = state ? state.name : undefined; resourceInputs["namespace"] = state ? state.namespace : undefined; + resourceInputs["ocspCaCertificates"] = state ? state.ocspCaCertificates : undefined; + resourceInputs["ocspEnabled"] = state ? state.ocspEnabled : undefined; + resourceInputs["ocspFailOpen"] = state ? state.ocspFailOpen : undefined; + resourceInputs["ocspQueryAllServers"] = state ? state.ocspQueryAllServers : undefined; + resourceInputs["ocspServersOverrides"] = state ? state.ocspServersOverrides : undefined; resourceInputs["requiredExtensions"] = state ? state.requiredExtensions : undefined; resourceInputs["tokenBoundCidrs"] = state ? state.tokenBoundCidrs : undefined; resourceInputs["tokenExplicitMaxTtl"] = state ? state.tokenExplicitMaxTtl : undefined; @@ -221,6 +261,11 @@ export class CertAuthBackendRole extends pulumi.CustomResource { resourceInputs["displayName"] = args ? args.displayName : undefined; resourceInputs["name"] = args ? args.name : undefined; resourceInputs["namespace"] = args ? args.namespace : undefined; + resourceInputs["ocspCaCertificates"] = args ? args.ocspCaCertificates : undefined; + resourceInputs["ocspEnabled"] = args ? args.ocspEnabled : undefined; + resourceInputs["ocspFailOpen"] = args ? args.ocspFailOpen : undefined; + resourceInputs["ocspQueryAllServers"] = args ? args.ocspQueryAllServers : undefined; + resourceInputs["ocspServersOverrides"] = args ? args.ocspServersOverrides : undefined; resourceInputs["requiredExtensions"] = args ? args.requiredExtensions : undefined; resourceInputs["tokenBoundCidrs"] = args ? args.tokenBoundCidrs : undefined; resourceInputs["tokenExplicitMaxTtl"] = args ? args.tokenExplicitMaxTtl : undefined; @@ -294,7 +339,40 @@ export interface CertAuthBackendRoleState { */ namespace?: pulumi.Input; /** - * TLS extensions required on client certificates + * Any additional CA certificates + * needed to verify OCSP responses. Provided as base64 encoded PEM data. + * Requires Vault version 1.13+. + */ + ocspCaCertificates?: pulumi.Input; + /** + * If enabled, validate certificates' + * revocation status using OCSP. Requires Vault version 1.13+. + */ + ocspEnabled?: pulumi.Input; + /** + * If true and an OCSP response cannot + * be fetched or is of an unknown status, the login will proceed as if the + * certificate has not been revoked. + * Requires Vault version 1.13+. + */ + ocspFailOpen?: pulumi.Input; + /** + * If set to true, rather than + * accepting the first successful OCSP response, query all servers and consider + * the certificate valid only if all servers agree. + * Requires Vault version 1.13+. + */ + ocspQueryAllServers?: pulumi.Input; + /** + * : A comma-separated list of OCSP + * server addresses. If unset, the OCSP server is determined from the + * AuthorityInformationAccess extension on the certificate being inspected. + * Requires Vault version 1.13+. + */ + ocspServersOverrides?: pulumi.Input[]>; + /** + * TLS extensions required on + * client certificates */ requiredExtensions?: pulumi.Input[]>; /** @@ -348,6 +426,8 @@ export interface CertAuthBackendRoleState { * `service` tokens). For token store roles, there are two additional possibilities: * `default-service` and `default-batch` which specify the type to return unless the client * requests a different type at generation time. + * + * For more details on the usage of each argument consult the [Vault Cert API documentation](https://www.vaultproject.io/api-docs/auth/cert). */ tokenType?: pulumi.Input; } @@ -409,7 +489,40 @@ export interface CertAuthBackendRoleArgs { */ namespace?: pulumi.Input; /** - * TLS extensions required on client certificates + * Any additional CA certificates + * needed to verify OCSP responses. Provided as base64 encoded PEM data. + * Requires Vault version 1.13+. + */ + ocspCaCertificates?: pulumi.Input; + /** + * If enabled, validate certificates' + * revocation status using OCSP. Requires Vault version 1.13+. + */ + ocspEnabled?: pulumi.Input; + /** + * If true and an OCSP response cannot + * be fetched or is of an unknown status, the login will proceed as if the + * certificate has not been revoked. + * Requires Vault version 1.13+. + */ + ocspFailOpen?: pulumi.Input; + /** + * If set to true, rather than + * accepting the first successful OCSP response, query all servers and consider + * the certificate valid only if all servers agree. + * Requires Vault version 1.13+. + */ + ocspQueryAllServers?: pulumi.Input; + /** + * : A comma-separated list of OCSP + * server addresses. If unset, the OCSP server is determined from the + * AuthorityInformationAccess extension on the certificate being inspected. + * Requires Vault version 1.13+. + */ + ocspServersOverrides?: pulumi.Input[]>; + /** + * TLS extensions required on + * client certificates */ requiredExtensions?: pulumi.Input[]>; /** @@ -463,6 +576,8 @@ export interface CertAuthBackendRoleArgs { * `service` tokens). For token store roles, there are two additional possibilities: * `default-service` and `default-batch` which specify the type to return unless the client * requests a different type at generation time. + * + * For more details on the usage of each argument consult the [Vault Cert API documentation](https://www.vaultproject.io/api-docs/auth/cert). */ tokenType?: pulumi.Input; } diff --git a/sdk/nodejs/config/vars.ts b/sdk/nodejs/config/vars.ts index 7e3a83828..cdfc5c749 100644 --- a/sdk/nodejs/config/vars.ts +++ b/sdk/nodejs/config/vars.ts @@ -251,6 +251,18 @@ Object.defineProperty(exports, "namespace", { enumerable: true, }); +/** + * In the case where the Vault token is for a specific namespace and the provider namespace is not configured, use the + * token namespace as the root namespace for all resources. + */ +export declare const setNamespaceFromToken: boolean | undefined; +Object.defineProperty(exports, "setNamespaceFromToken", { + get() { + return __config.getObject("setNamespaceFromToken"); + }, + enumerable: true, +}); + /** * Set this to true to prevent the creation of ephemeral child token used by this provider. */ diff --git a/sdk/nodejs/consul/index.ts b/sdk/nodejs/consul/index.ts index 4942cd6e3..a9c44a9d9 100644 --- a/sdk/nodejs/consul/index.ts +++ b/sdk/nodejs/consul/index.ts @@ -8,14 +8,14 @@ import * as utilities from "../utilities"; export { SecretBackendArgs, SecretBackendState } from "./secretBackend"; export type SecretBackend = import("./secretBackend").SecretBackend; export const SecretBackend: typeof import("./secretBackend").SecretBackend = null as any; +utilities.lazyLoad(exports, ["SecretBackend"], () => require("./secretBackend")); export { SecretBackendRoleArgs, SecretBackendRoleState } from "./secretBackendRole"; export type SecretBackendRole = import("./secretBackendRole").SecretBackendRole; export const SecretBackendRole: typeof import("./secretBackendRole").SecretBackendRole = null as any; - -utilities.lazyLoad(exports, ["SecretBackend"], () => require("./secretBackend")); utilities.lazyLoad(exports, ["SecretBackendRole"], () => require("./secretBackendRole")); + const _module = { version: utilities.getVersion(), construct: (name: string, type: string, urn: string): pulumi.Resource => { diff --git a/sdk/nodejs/consul/secretBackend.ts b/sdk/nodejs/consul/secretBackend.ts index e29959eb2..88c5ab0e7 100644 --- a/sdk/nodejs/consul/secretBackend.ts +++ b/sdk/nodejs/consul/secretBackend.ts @@ -73,6 +73,10 @@ export class SecretBackend extends pulumi.CustomResource { public readonly address!: pulumi.Output; /** * Denotes that the resource is used to bootstrap the Consul ACL system. + * + * > **Important** When `bootstrap` is true, Vault will attempt to bootstrap the Consul server. The token returned from + * this operation will only ever be known to Vault. If the resource is ever destroyed, the bootstrap token will be lost + * and a [Consul reset may be required.](https://learn.hashicorp.com/tutorials/consul/access-control-troubleshoot#reset-the-acl-system) */ public readonly bootstrap!: pulumi.Output; /** @@ -128,8 +132,7 @@ export class SecretBackend extends pulumi.CustomResource { */ public readonly scheme!: pulumi.Output; /** - * The Consul management token this backend should use to issue new tokens. This field is required - * when `bootstrap` is false. + * Specifies the Consul token to use when managing or issuing new tokens. */ public readonly token!: pulumi.Output; @@ -197,6 +200,10 @@ export interface SecretBackendState { address?: pulumi.Input; /** * Denotes that the resource is used to bootstrap the Consul ACL system. + * + * > **Important** When `bootstrap` is true, Vault will attempt to bootstrap the Consul server. The token returned from + * this operation will only ever be known to Vault. If the resource is ever destroyed, the bootstrap token will be lost + * and a [Consul reset may be required.](https://learn.hashicorp.com/tutorials/consul/access-control-troubleshoot#reset-the-acl-system) */ bootstrap?: pulumi.Input; /** @@ -252,8 +259,7 @@ export interface SecretBackendState { */ scheme?: pulumi.Input; /** - * The Consul management token this backend should use to issue new tokens. This field is required - * when `bootstrap` is false. + * Specifies the Consul token to use when managing or issuing new tokens. */ token?: pulumi.Input; } @@ -268,6 +274,10 @@ export interface SecretBackendArgs { address: pulumi.Input; /** * Denotes that the resource is used to bootstrap the Consul ACL system. + * + * > **Important** When `bootstrap` is true, Vault will attempt to bootstrap the Consul server. The token returned from + * this operation will only ever be known to Vault. If the resource is ever destroyed, the bootstrap token will be lost + * and a [Consul reset may be required.](https://learn.hashicorp.com/tutorials/consul/access-control-troubleshoot#reset-the-acl-system) */ bootstrap?: pulumi.Input; /** @@ -323,8 +333,7 @@ export interface SecretBackendArgs { */ scheme?: pulumi.Input; /** - * The Consul management token this backend should use to issue new tokens. This field is required - * when `bootstrap` is false. + * Specifies the Consul token to use when managing or issuing new tokens. */ token?: pulumi.Input; } diff --git a/sdk/nodejs/database/index.ts b/sdk/nodejs/database/index.ts index f4771e8eb..35bae85bf 100644 --- a/sdk/nodejs/database/index.ts +++ b/sdk/nodejs/database/index.ts @@ -8,24 +8,24 @@ import * as utilities from "../utilities"; export { SecretBackendConnectionArgs, SecretBackendConnectionState } from "./secretBackendConnection"; export type SecretBackendConnection = import("./secretBackendConnection").SecretBackendConnection; export const SecretBackendConnection: typeof import("./secretBackendConnection").SecretBackendConnection = null as any; +utilities.lazyLoad(exports, ["SecretBackendConnection"], () => require("./secretBackendConnection")); export { SecretBackendRoleArgs, SecretBackendRoleState } from "./secretBackendRole"; export type SecretBackendRole = import("./secretBackendRole").SecretBackendRole; export const SecretBackendRole: typeof import("./secretBackendRole").SecretBackendRole = null as any; +utilities.lazyLoad(exports, ["SecretBackendRole"], () => require("./secretBackendRole")); export { SecretBackendStaticRoleArgs, SecretBackendStaticRoleState } from "./secretBackendStaticRole"; export type SecretBackendStaticRole = import("./secretBackendStaticRole").SecretBackendStaticRole; export const SecretBackendStaticRole: typeof import("./secretBackendStaticRole").SecretBackendStaticRole = null as any; +utilities.lazyLoad(exports, ["SecretBackendStaticRole"], () => require("./secretBackendStaticRole")); export { SecretsMountArgs, SecretsMountState } from "./secretsMount"; export type SecretsMount = import("./secretsMount").SecretsMount; export const SecretsMount: typeof import("./secretsMount").SecretsMount = null as any; - -utilities.lazyLoad(exports, ["SecretBackendConnection"], () => require("./secretBackendConnection")); -utilities.lazyLoad(exports, ["SecretBackendRole"], () => require("./secretBackendRole")); -utilities.lazyLoad(exports, ["SecretBackendStaticRole"], () => require("./secretBackendStaticRole")); utilities.lazyLoad(exports, ["SecretsMount"], () => require("./secretsMount")); + const _module = { version: utilities.getVersion(), construct: (name: string, type: string, urn: string): pulumi.Resource => { diff --git a/sdk/nodejs/database/secretBackendConnection.ts b/sdk/nodejs/database/secretBackendConnection.ts index 907511df0..28ddbb22a 100644 --- a/sdk/nodejs/database/secretBackendConnection.ts +++ b/sdk/nodejs/database/secretBackendConnection.ts @@ -155,6 +155,8 @@ export class SecretBackendConnection extends pulumi.CustomResource { public readonly redis!: pulumi.Output; /** * A nested block containing configuration options for Redis ElastiCache connections. + * + * Exactly one of the nested blocks of configuration options must be supplied. */ public readonly redisElasticache!: pulumi.Output; /** @@ -345,6 +347,8 @@ export interface SecretBackendConnectionState { redis?: pulumi.Input; /** * A nested block containing configuration options for Redis ElastiCache connections. + * + * Exactly one of the nested blocks of configuration options must be supplied. */ redisElasticache?: pulumi.Input; /** @@ -460,6 +464,8 @@ export interface SecretBackendConnectionArgs { redis?: pulumi.Input; /** * A nested block containing configuration options for Redis ElastiCache connections. + * + * Exactly one of the nested blocks of configuration options must be supplied. */ redisElasticache?: pulumi.Input; /** diff --git a/sdk/nodejs/database/secretBackendRole.ts b/sdk/nodejs/database/secretBackendRole.ts index fc65c6bfb..efb79253e 100644 --- a/sdk/nodejs/database/secretBackendRole.ts +++ b/sdk/nodejs/database/secretBackendRole.ts @@ -80,6 +80,8 @@ export class SecretBackendRole extends pulumi.CustomResource { /** * Specifies the configuration * for the given `credentialType`. + * + * The following options are available for each `credentialType` value: */ public readonly credentialConfig!: pulumi.Output<{[key: string]: any} | undefined>; /** @@ -200,6 +202,8 @@ export interface SecretBackendRoleState { /** * Specifies the configuration * for the given `credentialType`. + * + * The following options are available for each `credentialType` value: */ credentialConfig?: pulumi.Input<{[key: string]: any}>; /** @@ -267,6 +271,8 @@ export interface SecretBackendRoleArgs { /** * Specifies the configuration * for the given `credentialType`. + * + * The following options are available for each `credentialType` value: */ credentialConfig?: pulumi.Input<{[key: string]: any}>; /** diff --git a/sdk/nodejs/database/secretBackendStaticRole.ts b/sdk/nodejs/database/secretBackendStaticRole.ts index b1d61bce7..eb6737956 100644 --- a/sdk/nodejs/database/secretBackendStaticRole.ts +++ b/sdk/nodejs/database/secretBackendStaticRole.ts @@ -108,6 +108,9 @@ export class SecretBackendStaticRole extends pulumi.CustomResource { /** * A cron-style string that will define the schedule on which rotations should occur. * Mutually exclusive with `rotationPeriod`. + * + * **Warning**: The `rotationPeriod` and `rotationSchedule` fields are + * mutually exclusive. One of them must be set but not both. */ public readonly rotationSchedule!: pulumi.Output; /** @@ -203,6 +206,9 @@ export interface SecretBackendStaticRoleState { /** * A cron-style string that will define the schedule on which rotations should occur. * Mutually exclusive with `rotationPeriod`. + * + * **Warning**: The `rotationPeriod` and `rotationSchedule` fields are + * mutually exclusive. One of them must be set but not both. */ rotationSchedule?: pulumi.Input; /** @@ -251,6 +257,9 @@ export interface SecretBackendStaticRoleArgs { /** * A cron-style string that will define the schedule on which rotations should occur. * Mutually exclusive with `rotationPeriod`. + * + * **Warning**: The `rotationPeriod` and `rotationSchedule` fields are + * mutually exclusive. One of them must be set but not both. */ rotationSchedule?: pulumi.Input; /** diff --git a/sdk/nodejs/database/secretsMount.ts b/sdk/nodejs/database/secretsMount.ts index 490088619..a5843ee54 100644 --- a/sdk/nodejs/database/secretsMount.ts +++ b/sdk/nodejs/database/secretsMount.ts @@ -33,7 +33,7 @@ import * as utilities from "../utilities"; * }); * const dev1 = new vault.database.SecretBackendRole("dev1", { * backend: db.path, - * dbName: db.mssqls.apply(mssqls => mssqls?[0]?.name), + * dbName: db.mssqls.apply(mssqls => mssqls?.[0]?.name), * creationStatements: [ * "CREATE LOGIN [{{name}}] WITH PASSWORD = '{{password}}';", * "CREATE USER [{{name}}] FOR LOGIN [{{name}}];", @@ -42,7 +42,7 @@ import * as utilities from "../utilities"; * }); * const dev2 = new vault.database.SecretBackendRole("dev2", { * backend: db.path, - * dbName: db.postgresqls.apply(postgresqls => postgresqls?[0]?.name), + * dbName: db.postgresqls.apply(postgresqls => postgresqls?.[0]?.name), * creationStatements: [ * "CREATE ROLE \"{{name}}\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';", * "GRANT SELECT ON ALL TABLES IN SCHEMA public TO \"{{name}}\";", @@ -92,6 +92,8 @@ export class SecretsMount extends pulumi.CustomResource { public /*out*/ readonly accessor!: pulumi.Output; /** * Set of managed key registry entry names that the mount in question is allowed to access + * + * The following arguments are common to all database engines: */ public readonly allowedManagedKeys!: pulumi.Output; /** @@ -331,6 +333,8 @@ export interface SecretsMountState { accessor?: pulumi.Input; /** * Set of managed key registry entry names that the mount in question is allowed to access + * + * The following arguments are common to all database engines: */ allowedManagedKeys?: pulumi.Input[]>; /** @@ -479,6 +483,8 @@ export interface SecretsMountState { export interface SecretsMountArgs { /** * Set of managed key registry entry names that the mount in question is allowed to access + * + * The following arguments are common to all database engines: */ allowedManagedKeys?: pulumi.Input[]>; /** diff --git a/sdk/nodejs/egpPolicy.ts b/sdk/nodejs/egpPolicy.ts index 9ee49b731..b7f4afa89 100644 --- a/sdk/nodejs/egpPolicy.ts +++ b/sdk/nodejs/egpPolicy.ts @@ -21,6 +21,7 @@ import * as utilities from "./utilities"; * policy: `main = rule { * true * } + * * `, * }); * ``` diff --git a/sdk/nodejs/gcp/authBackend.ts b/sdk/nodejs/gcp/authBackend.ts index 9484ff0dc..5c554eacc 100644 --- a/sdk/nodejs/gcp/authBackend.ts +++ b/sdk/nodejs/gcp/authBackend.ts @@ -85,6 +85,8 @@ export class AuthBackend extends pulumi.CustomResource { * used when making API requests. This allows specific requests made during authentication * to target alternative service endpoints for use in [Private Google Access](https://cloud.google.com/vpc/docs/configure-private-google-access) * environments. Requires Vault 1.11+. + * + * Overrides are set at the subdomain level using the following keys: */ public readonly customEndpoint!: pulumi.Output; /** @@ -193,6 +195,8 @@ export interface AuthBackendState { * used when making API requests. This allows specific requests made during authentication * to target alternative service endpoints for use in [Private Google Access](https://cloud.google.com/vpc/docs/configure-private-google-access) * environments. Requires Vault 1.11+. + * + * Overrides are set at the subdomain level using the following keys: */ customEndpoint?: pulumi.Input; /** @@ -251,6 +255,8 @@ export interface AuthBackendArgs { * used when making API requests. This allows specific requests made during authentication * to target alternative service endpoints for use in [Private Google Access](https://cloud.google.com/vpc/docs/configure-private-google-access) * environments. Requires Vault 1.11+. + * + * Overrides are set at the subdomain level using the following keys: */ customEndpoint?: pulumi.Input; /** diff --git a/sdk/nodejs/gcp/authBackendRole.ts b/sdk/nodejs/gcp/authBackendRole.ts index 0e8eb53eb..642072174 100644 --- a/sdk/nodejs/gcp/authBackendRole.ts +++ b/sdk/nodejs/gcp/authBackendRole.ts @@ -87,7 +87,7 @@ export class AuthBackendRole extends pulumi.CustomResource { */ public readonly boundLabels!: pulumi.Output; /** - * GCP Projects that the role exists within + * An array of GCP project IDs. Only entities belonging to this project can authenticate under the role. */ public readonly boundProjects!: pulumi.Output; /** @@ -268,7 +268,7 @@ export interface AuthBackendRoleState { */ boundLabels?: pulumi.Input[]>; /** - * GCP Projects that the role exists within + * An array of GCP project IDs. Only entities belonging to this project can authenticate under the role. */ boundProjects?: pulumi.Input[]>; /** @@ -379,7 +379,7 @@ export interface AuthBackendRoleArgs { */ boundLabels?: pulumi.Input[]>; /** - * GCP Projects that the role exists within + * An array of GCP project IDs. Only entities belonging to this project can authenticate under the role. */ boundProjects?: pulumi.Input[]>; /** diff --git a/sdk/nodejs/gcp/getAuthBackendRole.ts b/sdk/nodejs/gcp/getAuthBackendRole.ts index 160c73656..9a1ded225 100644 --- a/sdk/nodejs/gcp/getAuthBackendRole.ts +++ b/sdk/nodejs/gcp/getAuthBackendRole.ts @@ -13,20 +13,20 @@ import * as utilities from "../utilities"; * import * as pulumi from "@pulumi/pulumi"; * import * as vault from "@pulumi/vault"; * - * const role = pulumi.output(vault.gcp.getAuthBackendRole({ - * backend: "my-gcp-backend", - * roleName: "my-role", - * })); - * - * export const role_id = role.roleId; + * export = async () => { + * const role = await vault.gcp.getAuthBackendRole({ + * backend: "my-gcp-backend", + * roleName: "my-role", + * }); + * return { + * "role-id": role.roleId, + * }; + * } * ``` */ export function getAuthBackendRole(args: GetAuthBackendRoleArgs, opts?: pulumi.InvokeOptions): Promise { - if (!opts) { - opts = {} - } - opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invoke("vault:gcp/getAuthBackendRole:getAuthBackendRole", { "backend": args.backend, "namespace": args.namespace, @@ -216,9 +216,28 @@ export interface GetAuthBackendRoleResult { */ readonly type: string; } - +/** + * Reads a GCP auth role from a Vault server. + * + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as vault from "@pulumi/vault"; + * + * export = async () => { + * const role = await vault.gcp.getAuthBackendRole({ + * backend: "my-gcp-backend", + * roleName: "my-role", + * }); + * return { + * "role-id": role.roleId, + * }; + * } + * ``` + */ export function getAuthBackendRoleOutput(args: GetAuthBackendRoleOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { - return pulumi.output(args).apply(a => getAuthBackendRole(a, opts)) + return pulumi.output(args).apply((a: any) => getAuthBackendRole(a, opts)) } /** diff --git a/sdk/nodejs/gcp/index.ts b/sdk/nodejs/gcp/index.ts index f824119a6..049083528 100644 --- a/sdk/nodejs/gcp/index.ts +++ b/sdk/nodejs/gcp/index.ts @@ -8,39 +8,39 @@ import * as utilities from "../utilities"; export { AuthBackendArgs, AuthBackendState } from "./authBackend"; export type AuthBackend = import("./authBackend").AuthBackend; export const AuthBackend: typeof import("./authBackend").AuthBackend = null as any; +utilities.lazyLoad(exports, ["AuthBackend"], () => require("./authBackend")); export { AuthBackendRoleArgs, AuthBackendRoleState } from "./authBackendRole"; export type AuthBackendRole = import("./authBackendRole").AuthBackendRole; export const AuthBackendRole: typeof import("./authBackendRole").AuthBackendRole = null as any; +utilities.lazyLoad(exports, ["AuthBackendRole"], () => require("./authBackendRole")); export { GetAuthBackendRoleArgs, GetAuthBackendRoleResult, GetAuthBackendRoleOutputArgs } from "./getAuthBackendRole"; export const getAuthBackendRole: typeof import("./getAuthBackendRole").getAuthBackendRole = null as any; export const getAuthBackendRoleOutput: typeof import("./getAuthBackendRole").getAuthBackendRoleOutput = null as any; +utilities.lazyLoad(exports, ["getAuthBackendRole","getAuthBackendRoleOutput"], () => require("./getAuthBackendRole")); export { SecretBackendArgs, SecretBackendState } from "./secretBackend"; export type SecretBackend = import("./secretBackend").SecretBackend; export const SecretBackend: typeof import("./secretBackend").SecretBackend = null as any; +utilities.lazyLoad(exports, ["SecretBackend"], () => require("./secretBackend")); export { SecretImpersonatedAccountArgs, SecretImpersonatedAccountState } from "./secretImpersonatedAccount"; export type SecretImpersonatedAccount = import("./secretImpersonatedAccount").SecretImpersonatedAccount; export const SecretImpersonatedAccount: typeof import("./secretImpersonatedAccount").SecretImpersonatedAccount = null as any; +utilities.lazyLoad(exports, ["SecretImpersonatedAccount"], () => require("./secretImpersonatedAccount")); export { SecretRolesetArgs, SecretRolesetState } from "./secretRoleset"; export type SecretRoleset = import("./secretRoleset").SecretRoleset; export const SecretRoleset: typeof import("./secretRoleset").SecretRoleset = null as any; +utilities.lazyLoad(exports, ["SecretRoleset"], () => require("./secretRoleset")); export { SecretStaticAccountArgs, SecretStaticAccountState } from "./secretStaticAccount"; export type SecretStaticAccount = import("./secretStaticAccount").SecretStaticAccount; export const SecretStaticAccount: typeof import("./secretStaticAccount").SecretStaticAccount = null as any; - -utilities.lazyLoad(exports, ["AuthBackend"], () => require("./authBackend")); -utilities.lazyLoad(exports, ["AuthBackendRole"], () => require("./authBackendRole")); -utilities.lazyLoad(exports, ["getAuthBackendRole","getAuthBackendRoleOutput"], () => require("./getAuthBackendRole")); -utilities.lazyLoad(exports, ["SecretBackend"], () => require("./secretBackend")); -utilities.lazyLoad(exports, ["SecretImpersonatedAccount"], () => require("./secretImpersonatedAccount")); -utilities.lazyLoad(exports, ["SecretRoleset"], () => require("./secretRoleset")); utilities.lazyLoad(exports, ["SecretStaticAccount"], () => require("./secretStaticAccount")); + const _module = { version: utilities.getVersion(), construct: (name: string, type: string, urn: string): pulumi.Resource => { diff --git a/sdk/nodejs/gcp/secretBackend.ts b/sdk/nodejs/gcp/secretBackend.ts index 6ac410c1e..e5eaa951f 100644 --- a/sdk/nodejs/gcp/secretBackend.ts +++ b/sdk/nodejs/gcp/secretBackend.ts @@ -44,7 +44,7 @@ export class SecretBackend extends pulumi.CustomResource { } /** - * The GCP service account credentials in JSON format. + * JSON-encoded credentials to use to connect to GCP */ public readonly credentials!: pulumi.Output; /** @@ -127,7 +127,7 @@ export class SecretBackend extends pulumi.CustomResource { */ export interface SecretBackendState { /** - * The GCP service account credentials in JSON format. + * JSON-encoded credentials to use to connect to GCP */ credentials?: pulumi.Input; /** @@ -172,7 +172,7 @@ export interface SecretBackendState { */ export interface SecretBackendArgs { /** - * The GCP service account credentials in JSON format. + * JSON-encoded credentials to use to connect to GCP */ credentials?: pulumi.Input; /** diff --git a/sdk/nodejs/gcp/secretRoleset.ts b/sdk/nodejs/gcp/secretRoleset.ts index 9827cee36..bdd8ec5fe 100644 --- a/sdk/nodejs/gcp/secretRoleset.ts +++ b/sdk/nodejs/gcp/secretRoleset.ts @@ -100,7 +100,7 @@ export class SecretRoleset extends pulumi.CustomResource { */ public readonly secretType!: pulumi.Output; /** - * Email of the service account created by Vault for this Roleset + * Email of the service account created by Vault for this Roleset. */ public /*out*/ readonly serviceAccountEmail!: pulumi.Output; /** @@ -189,7 +189,7 @@ export interface SecretRolesetState { */ secretType?: pulumi.Input; /** - * Email of the service account created by Vault for this Roleset + * Email of the service account created by Vault for this Roleset. */ serviceAccountEmail?: pulumi.Input; /** diff --git a/sdk/nodejs/generic/endpoint.ts b/sdk/nodejs/generic/endpoint.ts index 8655c50e8..16ded45c2 100644 --- a/sdk/nodejs/generic/endpoint.ts +++ b/sdk/nodejs/generic/endpoint.ts @@ -95,7 +95,9 @@ export class Endpoint extends pulumi.CustomResource { */ public readonly dataJson!: pulumi.Output; /** - * Don't attempt to delete the path from Vault if true + * - (Optional) True/false. Set this to true if your + * vault authentication is not able to delete the data or if the endpoint + * does not support the `DELETE` method. Defaults to false. */ public readonly disableDelete!: pulumi.Output; /** @@ -107,7 +109,13 @@ export class Endpoint extends pulumi.CustomResource { */ public readonly disableRead!: pulumi.Output; /** - * When reading, disregard fields not present in data_json + * - (Optional) True/false. If set to true, + * ignore any fields present when the endpoint is read but that were not + * in `dataJson`. Also, if a field that was written is not returned when + * the endpoint is read, treat that field as being up to date. You should + * set this to `true` when writing to endpoint that, when read, returns a + * different set of fields from the ones you wrote, as is common with + * many configuration endpoints. Defaults to false. */ public readonly ignoreAbsentFields!: pulumi.Output; /** @@ -125,15 +133,26 @@ export class Endpoint extends pulumi.CustomResource { */ public readonly path!: pulumi.Output; /** - * Map of strings returned by write operation + * - A map whose keys are the top-level data keys + * returned from Vault by the write operation and whose values are the + * corresponding values. This map can only represent string data, so + * any non-string values returned from Vault are serialized as JSON. + * Only fields set in `writeFields` are present in the JSON data. */ public /*out*/ readonly writeData!: pulumi.Output<{[key: string]: string}>; /** - * JSON data returned by write operation + * - The JSON data returned by the write operation. + * Only fields set in `writeFields` are present in the JSON data. */ public /*out*/ readonly writeDataJson!: pulumi.Output; /** - * Top-level fields returned by write to persist in state + * - (Optional). A list of fields that should be returned + * in `writeDataJson` and `writeData`. If omitted, data returned by + * the write operation is not available to the resource or included in + * state. This helps to avoid accidental storage of sensitive values in + * state. Some endpoints, such as many dynamic secrets endpoints, return + * data from writing to an endpoint rather than reading it. You should + * use `writeFields` if you need information returned in this way. */ public readonly writeFields!: pulumi.Output; @@ -194,7 +213,9 @@ export interface EndpointState { */ dataJson?: pulumi.Input; /** - * Don't attempt to delete the path from Vault if true + * - (Optional) True/false. Set this to true if your + * vault authentication is not able to delete the data or if the endpoint + * does not support the `DELETE` method. Defaults to false. */ disableDelete?: pulumi.Input; /** @@ -206,7 +227,13 @@ export interface EndpointState { */ disableRead?: pulumi.Input; /** - * When reading, disregard fields not present in data_json + * - (Optional) True/false. If set to true, + * ignore any fields present when the endpoint is read but that were not + * in `dataJson`. Also, if a field that was written is not returned when + * the endpoint is read, treat that field as being up to date. You should + * set this to `true` when writing to endpoint that, when read, returns a + * different set of fields from the ones you wrote, as is common with + * many configuration endpoints. Defaults to false. */ ignoreAbsentFields?: pulumi.Input; /** @@ -224,15 +251,26 @@ export interface EndpointState { */ path?: pulumi.Input; /** - * Map of strings returned by write operation + * - A map whose keys are the top-level data keys + * returned from Vault by the write operation and whose values are the + * corresponding values. This map can only represent string data, so + * any non-string values returned from Vault are serialized as JSON. + * Only fields set in `writeFields` are present in the JSON data. */ writeData?: pulumi.Input<{[key: string]: pulumi.Input}>; /** - * JSON data returned by write operation + * - The JSON data returned by the write operation. + * Only fields set in `writeFields` are present in the JSON data. */ writeDataJson?: pulumi.Input; /** - * Top-level fields returned by write to persist in state + * - (Optional). A list of fields that should be returned + * in `writeDataJson` and `writeData`. If omitted, data returned by + * the write operation is not available to the resource or included in + * state. This helps to avoid accidental storage of sensitive values in + * state. Some endpoints, such as many dynamic secrets endpoints, return + * data from writing to an endpoint rather than reading it. You should + * use `writeFields` if you need information returned in this way. */ writeFields?: pulumi.Input[]>; } @@ -247,7 +285,9 @@ export interface EndpointArgs { */ dataJson: pulumi.Input; /** - * Don't attempt to delete the path from Vault if true + * - (Optional) True/false. Set this to true if your + * vault authentication is not able to delete the data or if the endpoint + * does not support the `DELETE` method. Defaults to false. */ disableDelete?: pulumi.Input; /** @@ -259,7 +299,13 @@ export interface EndpointArgs { */ disableRead?: pulumi.Input; /** - * When reading, disregard fields not present in data_json + * - (Optional) True/false. If set to true, + * ignore any fields present when the endpoint is read but that were not + * in `dataJson`. Also, if a field that was written is not returned when + * the endpoint is read, treat that field as being up to date. You should + * set this to `true` when writing to endpoint that, when read, returns a + * different set of fields from the ones you wrote, as is common with + * many configuration endpoints. Defaults to false. */ ignoreAbsentFields?: pulumi.Input; /** @@ -277,7 +323,13 @@ export interface EndpointArgs { */ path: pulumi.Input; /** - * Top-level fields returned by write to persist in state + * - (Optional). A list of fields that should be returned + * in `writeDataJson` and `writeData`. If omitted, data returned by + * the write operation is not available to the resource or included in + * state. This helps to avoid accidental storage of sensitive values in + * state. Some endpoints, such as many dynamic secrets endpoints, return + * data from writing to an endpoint rather than reading it. You should + * use `writeFields` if you need information returned in this way. */ writeFields?: pulumi.Input[]>; } diff --git a/sdk/nodejs/generic/getSecret.ts b/sdk/nodejs/generic/getSecret.ts index bd7e7cf56..f8728b87d 100644 --- a/sdk/nodejs/generic/getSecret.ts +++ b/sdk/nodejs/generic/getSecret.ts @@ -21,11 +21,8 @@ import * as utilities from "../utilities"; * Use of this resource requires the `read` capability on the given path. */ export function getSecret(args: GetSecretArgs, opts?: pulumi.InvokeOptions): Promise { - if (!opts) { - opts = {} - } - opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invoke("vault:generic/getSecret:getSecret", { "namespace": args.namespace, "path": args.path, @@ -59,6 +56,11 @@ export interface GetSecretArgs { * to read. */ version?: number; + /** + * If set to true, stores `leaseStartTime` in the TF state. + * Note that storing the `leaseStartTime` in the TF state will cause a persistent drift + * on every `pulumi preview` and will require a `pulumi up`. + */ withLeaseStartTime?: boolean; } @@ -99,9 +101,24 @@ export interface GetSecretResult { readonly version?: number; readonly withLeaseStartTime?: boolean; } - +/** + * ## Example Usage + * ### Generic secret + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as vault from "@pulumi/vault"; + * + * const rundeckAuth = vault.generic.getSecret({ + * path: "secret/rundeck_auth", + * }); + * ``` + * ## Required Vault Capabilities + * + * Use of this resource requires the `read` capability on the given path. + */ export function getSecretOutput(args: GetSecretOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { - return pulumi.output(args).apply(a => getSecret(a, opts)) + return pulumi.output(args).apply((a: any) => getSecret(a, opts)) } /** @@ -129,5 +146,10 @@ export interface GetSecretOutputArgs { * to read. */ version?: pulumi.Input; + /** + * If set to true, stores `leaseStartTime` in the TF state. + * Note that storing the `leaseStartTime` in the TF state will cause a persistent drift + * on every `pulumi preview` and will require a `pulumi up`. + */ withLeaseStartTime?: pulumi.Input; } diff --git a/sdk/nodejs/generic/index.ts b/sdk/nodejs/generic/index.ts index f298878bc..1ba25795b 100644 --- a/sdk/nodejs/generic/index.ts +++ b/sdk/nodejs/generic/index.ts @@ -8,19 +8,19 @@ import * as utilities from "../utilities"; export { EndpointArgs, EndpointState } from "./endpoint"; export type Endpoint = import("./endpoint").Endpoint; export const Endpoint: typeof import("./endpoint").Endpoint = null as any; +utilities.lazyLoad(exports, ["Endpoint"], () => require("./endpoint")); export { GetSecretArgs, GetSecretResult, GetSecretOutputArgs } from "./getSecret"; export const getSecret: typeof import("./getSecret").getSecret = null as any; export const getSecretOutput: typeof import("./getSecret").getSecretOutput = null as any; +utilities.lazyLoad(exports, ["getSecret","getSecretOutput"], () => require("./getSecret")); export { SecretArgs, SecretState } from "./secret"; export type Secret = import("./secret").Secret; export const Secret: typeof import("./secret").Secret = null as any; - -utilities.lazyLoad(exports, ["Endpoint"], () => require("./endpoint")); -utilities.lazyLoad(exports, ["getSecret","getSecretOutput"], () => require("./getSecret")); utilities.lazyLoad(exports, ["Secret"], () => require("./secret")); + const _module = { version: utilities.getVersion(), construct: (name: string, type: string, urn: string): pulumi.Resource => { diff --git a/sdk/nodejs/getAuthBackend.ts b/sdk/nodejs/getAuthBackend.ts index 8ab06ba96..e2d258822 100644 --- a/sdk/nodejs/getAuthBackend.ts +++ b/sdk/nodejs/getAuthBackend.ts @@ -11,17 +11,14 @@ import * as utilities from "./utilities"; * import * as pulumi from "@pulumi/pulumi"; * import * as vault from "@pulumi/vault"; * - * const example = pulumi.output(vault.getAuthBackend({ + * const example = vault.getAuthBackend({ * path: "userpass", - * })); + * }); * ``` */ export function getAuthBackend(args: GetAuthBackendArgs, opts?: pulumi.InvokeOptions): Promise { - if (!opts) { - opts = {} - } - opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invoke("vault:index/getAuthBackend:getAuthBackend", { "namespace": args.namespace, "path": args.path, @@ -84,9 +81,20 @@ export interface GetAuthBackendResult { */ readonly type: string; } - +/** + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as vault from "@pulumi/vault"; + * + * const example = vault.getAuthBackend({ + * path: "userpass", + * }); + * ``` + */ export function getAuthBackendOutput(args: GetAuthBackendOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { - return pulumi.output(args).apply(a => getAuthBackend(a, opts)) + return pulumi.output(args).apply((a: any) => getAuthBackend(a, opts)) } /** diff --git a/sdk/nodejs/getAuthBackends.ts b/sdk/nodejs/getAuthBackends.ts new file mode 100644 index 000000000..48f285dd1 --- /dev/null +++ b/sdk/nodejs/getAuthBackends.ts @@ -0,0 +1,72 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as utilities from "./utilities"; + +export function getAuthBackends(args?: GetAuthBackendsArgs, opts?: pulumi.InvokeOptions): Promise { + args = args || {}; + + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); + return pulumi.runtime.invoke("vault:index/getAuthBackends:getAuthBackends", { + "namespace": args.namespace, + "type": args.type, + }, opts); +} + +/** + * A collection of arguments for invoking getAuthBackends. + */ +export interface GetAuthBackendsArgs { + /** + * The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + */ + namespace?: string; + /** + * The name of the auth method type. Allows filtering of backends returned by type. + */ + type?: string; +} + +/** + * A collection of values returned by getAuthBackends. + */ +export interface GetAuthBackendsResult { + /** + * The accessor IDs for the auth methods. + */ + readonly accessors: string[]; + /** + * The provider-assigned unique ID for this managed resource. + */ + readonly id: string; + readonly namespace?: string; + /** + * List of auth backend mount points. + */ + readonly paths: string[]; + readonly type?: string; +} +export function getAuthBackendsOutput(args?: GetAuthBackendsOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { + return pulumi.output(args).apply((a: any) => getAuthBackends(a, opts)) +} + +/** + * A collection of arguments for invoking getAuthBackends. + */ +export interface GetAuthBackendsOutputArgs { + /** + * The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + */ + namespace?: pulumi.Input; + /** + * The name of the auth method type. Allows filtering of backends returned by type. + */ + type?: pulumi.Input; +} diff --git a/sdk/nodejs/getNomadAccessToken.ts b/sdk/nodejs/getNomadAccessToken.ts index 81e718cb9..b02b076d0 100644 --- a/sdk/nodejs/getNomadAccessToken.ts +++ b/sdk/nodejs/getNomadAccessToken.ts @@ -32,11 +32,8 @@ import * as utilities from "./utilities"; * ``` */ export function getNomadAccessToken(args: GetNomadAccessTokenArgs, opts?: pulumi.InvokeOptions): Promise { - if (!opts) { - opts = {} - } - opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invoke("vault:index/getNomadAccessToken:getNomadAccessToken", { "backend": args.backend, "namespace": args.namespace, @@ -88,9 +85,35 @@ export interface GetNomadAccessTokenResult { */ readonly secretId: string; } - +/** + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as vault from "@pulumi/vault"; + * + * const config = new vault.NomadSecretBackend("config", { + * backend: "nomad", + * description: "test description", + * defaultLeaseTtlSeconds: 3600, + * maxLeaseTtlSeconds: 7200, + * address: "https://127.0.0.1:4646", + * token: "ae20ceaa-...", + * }); + * const test = new vault.NomadSecretRole("test", { + * backend: config.backend, + * role: "test", + * type: "client", + * policies: ["readonly"], + * }); + * const token = pulumi.all([config.backend, test.role]).apply(([backend, role]) => vault.getNomadAccessTokenOutput({ + * backend: backend, + * role: role, + * })); + * ``` + */ export function getNomadAccessTokenOutput(args: GetNomadAccessTokenOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { - return pulumi.output(args).apply(a => getNomadAccessToken(a, opts)) + return pulumi.output(args).apply((a: any) => getNomadAccessToken(a, opts)) } /** diff --git a/sdk/nodejs/getPolicyDocument.ts b/sdk/nodejs/getPolicyDocument.ts index d5699ded4..da5014f7a 100644 --- a/sdk/nodejs/getPolicyDocument.ts +++ b/sdk/nodejs/getPolicyDocument.ts @@ -33,11 +33,8 @@ import * as utilities from "./utilities"; */ export function getPolicyDocument(args?: GetPolicyDocumentArgs, opts?: pulumi.InvokeOptions): Promise { args = args || {}; - if (!opts) { - opts = {} - } - opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invoke("vault:index/getPolicyDocument:getPolicyDocument", { "namespace": args.namespace, "rules": args.rules, @@ -67,9 +64,33 @@ export interface GetPolicyDocumentResult { readonly namespace?: string; readonly rules: outputs.GetPolicyDocumentRule[]; } - +/** + * This is a data source which can be used to construct a HCL representation of an Vault policy document, for use with resources which expect policy documents, such as the `vault.Policy` resource. + * + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as vault from "@pulumi/vault"; + * + * const examplePolicyDocument = vault.getPolicyDocument({ + * rules: [{ + * path: "secret/*", + * capabilities: [ + * "create", + * "read", + * "update", + * "delete", + * "list", + * ], + * description: "allow all on secrets", + * }], + * }); + * const examplePolicy = new vault.Policy("examplePolicy", {policy: examplePolicyDocument.then(examplePolicyDocument => examplePolicyDocument.hcl)}); + * ``` + */ export function getPolicyDocumentOutput(args?: GetPolicyDocumentOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { - return pulumi.output(args).apply(a => getPolicyDocument(a, opts)) + return pulumi.output(args).apply((a: any) => getPolicyDocument(a, opts)) } /** diff --git a/sdk/nodejs/getRaftAutopilotState.ts b/sdk/nodejs/getRaftAutopilotState.ts new file mode 100644 index 000000000..6f292450d --- /dev/null +++ b/sdk/nodejs/getRaftAutopilotState.ts @@ -0,0 +1,140 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as utilities from "./utilities"; + +/** + * Displays the state of the raft cluster under integrated storage as seen by + * autopilot. It shows whether autopilot thinks the cluster is healthy or not, and + * how many nodes could fail before the cluster becomes unhealthy ("Failure + * Tolerance"). For more information, please refer to the + * [Vault documentation](https://developer.hashicorp.com/vault/api-docs/system/storage/raftautopilot#get-cluster-state). + * + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as vault from "@pulumi/vault"; + * + * export = async () => { + * const main = await vault.getRaftAutopilotState({}); + * return { + * "failure-tolerance": main.failureTolerance, + * }; + * } + * ``` + */ +export function getRaftAutopilotState(args?: GetRaftAutopilotStateArgs, opts?: pulumi.InvokeOptions): Promise { + args = args || {}; + + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); + return pulumi.runtime.invoke("vault:index/getRaftAutopilotState:getRaftAutopilotState", { + "namespace": args.namespace, + }, opts); +} + +/** + * A collection of arguments for invoking getRaftAutopilotState. + */ +export interface GetRaftAutopilotStateArgs { + /** + * The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + */ + namespace?: string; +} + +/** + * A collection of values returned by getRaftAutopilotState. + */ +export interface GetRaftAutopilotStateResult { + /** + * How many nodes could fail before the cluster becomes unhealthy. + */ + readonly failureTolerance: number; + /** + * Cluster health status. + */ + readonly healthy: boolean; + /** + * The provider-assigned unique ID for this managed resource. + */ + readonly id: string; + /** + * The current leader of Vault. + */ + readonly leader: string; + readonly namespace?: string; + /** + * The cluster-level optimistic failure tolerance. + */ + readonly optimisticFailureTolerance: number; + /** + * Additional output related to redundancy zones stored as a serialized map of strings. + */ + readonly redundancyZones: {[key: string]: any}; + /** + * Additional output related to redundancy zones. + */ + readonly redundancyZonesJson: string; + /** + * Additionaly output related to servers in the cluster stored as a serialized map of strings. + */ + readonly servers: {[key: string]: any}; + /** + * Additionaly output related to servers in the cluster. + */ + readonly serversJson: string; + /** + * Additional output related to upgrade information stored as a serialized map of strings. + */ + readonly upgradeInfo: {[key: string]: any}; + /** + * Additional output related to upgrade information. + */ + readonly upgradeInfoJson: string; + /** + * The voters in the Vault cluster. + */ + readonly voters: string[]; +} +/** + * Displays the state of the raft cluster under integrated storage as seen by + * autopilot. It shows whether autopilot thinks the cluster is healthy or not, and + * how many nodes could fail before the cluster becomes unhealthy ("Failure + * Tolerance"). For more information, please refer to the + * [Vault documentation](https://developer.hashicorp.com/vault/api-docs/system/storage/raftautopilot#get-cluster-state). + * + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as vault from "@pulumi/vault"; + * + * export = async () => { + * const main = await vault.getRaftAutopilotState({}); + * return { + * "failure-tolerance": main.failureTolerance, + * }; + * } + * ``` + */ +export function getRaftAutopilotStateOutput(args?: GetRaftAutopilotStateOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { + return pulumi.output(args).apply((a: any) => getRaftAutopilotState(a, opts)) +} + +/** + * A collection of arguments for invoking getRaftAutopilotState. + */ +export interface GetRaftAutopilotStateOutputArgs { + /** + * The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + */ + namespace?: pulumi.Input; +} diff --git a/sdk/nodejs/github/authBackend.ts b/sdk/nodejs/github/authBackend.ts index 68ef73430..37e5862f5 100644 --- a/sdk/nodejs/github/authBackend.ts +++ b/sdk/nodejs/github/authBackend.ts @@ -17,9 +17,7 @@ import * as utilities from "../utilities"; * import * as pulumi from "@pulumi/pulumi"; * import * as vault from "@pulumi/vault"; * - * const example = new vault.github.AuthBackend("example", { - * organization: "myorg", - * }); + * const example = new vault.github.AuthBackend("example", {organization: "myorg"}); * ``` * * ## Import @@ -150,6 +148,8 @@ export class AuthBackend extends pulumi.CustomResource { public readonly tokenType!: pulumi.Output; /** * Extra configuration block. Structure is documented below. + * + * The `tune` block is used to tune the auth backend: */ public readonly tune!: pulumi.Output; @@ -309,6 +309,8 @@ export interface AuthBackendState { tokenType?: pulumi.Input; /** * Extra configuration block. Structure is documented below. + * + * The `tune` block is used to tune the auth backend: */ tune?: pulumi.Input; } @@ -405,6 +407,8 @@ export interface AuthBackendArgs { tokenType?: pulumi.Input; /** * Extra configuration block. Structure is documented below. + * + * The `tune` block is used to tune the auth backend: */ tune?: pulumi.Input; } diff --git a/sdk/nodejs/github/index.ts b/sdk/nodejs/github/index.ts index f60e54a82..1925ba488 100644 --- a/sdk/nodejs/github/index.ts +++ b/sdk/nodejs/github/index.ts @@ -8,19 +8,19 @@ import * as utilities from "../utilities"; export { AuthBackendArgs, AuthBackendState } from "./authBackend"; export type AuthBackend = import("./authBackend").AuthBackend; export const AuthBackend: typeof import("./authBackend").AuthBackend = null as any; +utilities.lazyLoad(exports, ["AuthBackend"], () => require("./authBackend")); export { TeamArgs, TeamState } from "./team"; export type Team = import("./team").Team; export const Team: typeof import("./team").Team = null as any; +utilities.lazyLoad(exports, ["Team"], () => require("./team")); export { UserArgs, UserState } from "./user"; export type User = import("./user").User; export const User: typeof import("./user").User = null as any; - -utilities.lazyLoad(exports, ["AuthBackend"], () => require("./authBackend")); -utilities.lazyLoad(exports, ["Team"], () => require("./team")); utilities.lazyLoad(exports, ["User"], () => require("./user")); + const _module = { version: utilities.getVersion(), construct: (name: string, type: string, urn: string): pulumi.Resource => { diff --git a/sdk/nodejs/identity/entityPolicies.ts b/sdk/nodejs/identity/entityPolicies.ts index c0ab199cb..a78c66690 100644 --- a/sdk/nodejs/identity/entityPolicies.ts +++ b/sdk/nodejs/identity/entityPolicies.ts @@ -84,6 +84,10 @@ export class EntityPolicies extends pulumi.CustomResource { public /*out*/ readonly entityName!: pulumi.Output; /** * Defaults to `true`. + * + * If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. */ public readonly exclusive!: pulumi.Output; /** @@ -149,6 +153,10 @@ export interface EntityPoliciesState { entityName?: pulumi.Input; /** * Defaults to `true`. + * + * If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. */ exclusive?: pulumi.Input; /** @@ -174,6 +182,10 @@ export interface EntityPoliciesArgs { entityId: pulumi.Input; /** * Defaults to `true`. + * + * If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. */ exclusive?: pulumi.Input; /** diff --git a/sdk/nodejs/identity/getEntity.ts b/sdk/nodejs/identity/getEntity.ts index 22f31562a..74b513b98 100644 --- a/sdk/nodejs/identity/getEntity.ts +++ b/sdk/nodejs/identity/getEntity.ts @@ -13,9 +13,9 @@ import * as utilities from "../utilities"; * import * as pulumi from "@pulumi/pulumi"; * import * as vault from "@pulumi/vault"; * - * const entity = pulumi.output(vault.identity.getEntity({ + * const entity = vault.identity.getEntity({ * entityName: "entity_12345", - * })); + * }); * ``` * ## Required Vault Capabilities * @@ -23,11 +23,8 @@ import * as utilities from "../utilities"; */ export function getEntity(args?: GetEntityArgs, opts?: pulumi.InvokeOptions): Promise { args = args || {}; - if (!opts) { - opts = {} - } - opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invoke("vault:identity/getEntity:getEntity", { "aliasId": args.aliasId, "aliasMountAccessor": args.aliasMountAccessor, @@ -49,6 +46,9 @@ export interface GetEntityArgs { /** * Accessor of the mount to which the alias belongs to. * This should be supplied in conjunction with `aliasName`. + * + * The lookup criteria can be `entityName`, `entityId`, `aliasId`, or a combination of + * `aliasName` and `aliasMountAccessor`. */ aliasMountAccessor?: string; /** @@ -137,9 +137,23 @@ export interface GetEntityResult { */ readonly policies: string[]; } - +/** + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as vault from "@pulumi/vault"; + * + * const entity = vault.identity.getEntity({ + * entityName: "entity_12345", + * }); + * ``` + * ## Required Vault Capabilities + * + * Use of this resource requires the `create` capability on `/identity/lookup/entity`. + */ export function getEntityOutput(args?: GetEntityOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { - return pulumi.output(args).apply(a => getEntity(a, opts)) + return pulumi.output(args).apply((a: any) => getEntity(a, opts)) } /** @@ -153,6 +167,9 @@ export interface GetEntityOutputArgs { /** * Accessor of the mount to which the alias belongs to. * This should be supplied in conjunction with `aliasName`. + * + * The lookup criteria can be `entityName`, `entityId`, `aliasId`, or a combination of + * `aliasName` and `aliasMountAccessor`. */ aliasMountAccessor?: pulumi.Input; /** diff --git a/sdk/nodejs/identity/getGroup.ts b/sdk/nodejs/identity/getGroup.ts index 8cb83b69e..f64d78b2c 100644 --- a/sdk/nodejs/identity/getGroup.ts +++ b/sdk/nodejs/identity/getGroup.ts @@ -11,9 +11,9 @@ import * as utilities from "../utilities"; * import * as pulumi from "@pulumi/pulumi"; * import * as vault from "@pulumi/vault"; * - * const group = pulumi.output(vault.identity.getGroup({ + * const group = vault.identity.getGroup({ * groupName: "user", - * })); + * }); * ``` * ## Required Vault Capabilities * @@ -21,11 +21,8 @@ import * as utilities from "../utilities"; */ export function getGroup(args?: GetGroupArgs, opts?: pulumi.InvokeOptions): Promise { args = args || {}; - if (!opts) { - opts = {} - } - opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invoke("vault:identity/getGroup:getGroup", { "aliasId": args.aliasId, "aliasMountAccessor": args.aliasMountAccessor, @@ -47,6 +44,9 @@ export interface GetGroupArgs { /** * Accessor of the mount to which the alias belongs to. * This should be supplied in conjunction with `aliasName`. + * + * The lookup criteria can be `groupName`, `groupId`, `aliasId`, or a combination of + * `aliasName` and `aliasMountAccessor`. */ aliasMountAccessor?: string; /** @@ -159,9 +159,23 @@ export interface GetGroupResult { */ readonly type: string; } - +/** + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as vault from "@pulumi/vault"; + * + * const group = vault.identity.getGroup({ + * groupName: "user", + * }); + * ``` + * ## Required Vault Capabilities + * + * Use of this resource requires the `create` capability on `/identity/lookup/group`. + */ export function getGroupOutput(args?: GetGroupOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { - return pulumi.output(args).apply(a => getGroup(a, opts)) + return pulumi.output(args).apply((a: any) => getGroup(a, opts)) } /** @@ -175,6 +189,9 @@ export interface GetGroupOutputArgs { /** * Accessor of the mount to which the alias belongs to. * This should be supplied in conjunction with `aliasName`. + * + * The lookup criteria can be `groupName`, `groupId`, `aliasId`, or a combination of + * `aliasName` and `aliasMountAccessor`. */ aliasMountAccessor?: pulumi.Input; /** diff --git a/sdk/nodejs/identity/getOidcClientCreds.ts b/sdk/nodejs/identity/getOidcClientCreds.ts index d1cec9bc2..3a6162f3d 100644 --- a/sdk/nodejs/identity/getOidcClientCreds.ts +++ b/sdk/nodejs/identity/getOidcClientCreds.ts @@ -26,11 +26,8 @@ import * as utilities from "../utilities"; * ``` */ export function getOidcClientCreds(args: GetOidcClientCredsArgs, opts?: pulumi.InvokeOptions): Promise { - if (!opts) { - opts = {} - } - opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invoke("vault:identity/getOidcClientCreds:getOidcClientCreds", { "name": args.name, "namespace": args.namespace, @@ -64,6 +61,7 @@ export interface GetOidcClientCredsResult { readonly clientId: string; /** * The Client Secret Key returned by Vault. + * For public OpenID Clients `clientSecret` is set to an empty string `""` */ readonly clientSecret: string; /** @@ -73,9 +71,29 @@ export interface GetOidcClientCredsResult { readonly name: string; readonly namespace?: string; } - +/** + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as vault from "@pulumi/vault"; + * + * const app = new vault.identity.OidcClient("app", { + * redirectUris: [ + * "http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback", + * "http://127.0.0.1:8251/callback", + * "http://127.0.0.1:8080/callback", + * ], + * idTokenTtl: 2400, + * accessTokenTtl: 7200, + * }); + * const creds = vault.identity.getOidcClientCredsOutput({ + * name: app.name, + * }); + * ``` + */ export function getOidcClientCredsOutput(args: GetOidcClientCredsOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { - return pulumi.output(args).apply(a => getOidcClientCreds(a, opts)) + return pulumi.output(args).apply((a: any) => getOidcClientCreds(a, opts)) } /** diff --git a/sdk/nodejs/identity/getOidcOpenidConfig.ts b/sdk/nodejs/identity/getOidcOpenidConfig.ts index 030a04935..7271f169b 100644 --- a/sdk/nodejs/identity/getOidcOpenidConfig.ts +++ b/sdk/nodejs/identity/getOidcOpenidConfig.ts @@ -33,11 +33,8 @@ import * as utilities from "../utilities"; * ``` */ export function getOidcOpenidConfig(args: GetOidcOpenidConfigArgs, opts?: pulumi.InvokeOptions): Promise { - if (!opts) { - opts = {} - } - opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invoke("vault:identity/getOidcOpenidConfig:getOidcOpenidConfig", { "name": args.name, "namespace": args.namespace, @@ -122,9 +119,36 @@ export interface GetOidcOpenidConfigResult { */ readonly userinfoEndpoint: string; } - +/** + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as vault from "@pulumi/vault"; + * + * const key = new vault.identity.OidcKey("key", { + * allowedClientIds: ["*"], + * rotationPeriod: 3600, + * verificationTtl: 3600, + * }); + * const app = new vault.identity.OidcClient("app", { + * key: key.name, + * redirectUris: [ + * "http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback", + * "http://127.0.0.1:8251/callback", + * "http://127.0.0.1:8080/callback", + * ], + * idTokenTtl: 2400, + * accessTokenTtl: 7200, + * }); + * const provider = new vault.identity.OidcProvider("provider", {allowedClientIds: [vault_identity_oidc_client.test.client_id]}); + * const config = vault.identity.getOidcOpenidConfigOutput({ + * name: provider.name, + * }); + * ``` + */ export function getOidcOpenidConfigOutput(args: GetOidcOpenidConfigOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { - return pulumi.output(args).apply(a => getOidcOpenidConfig(a, opts)) + return pulumi.output(args).apply((a: any) => getOidcOpenidConfig(a, opts)) } /** diff --git a/sdk/nodejs/identity/getOidcPublicKeys.ts b/sdk/nodejs/identity/getOidcPublicKeys.ts index 6a9cadf23..509dc3cd1 100644 --- a/sdk/nodejs/identity/getOidcPublicKeys.ts +++ b/sdk/nodejs/identity/getOidcPublicKeys.ts @@ -33,11 +33,8 @@ import * as utilities from "../utilities"; * ``` */ export function getOidcPublicKeys(args: GetOidcPublicKeysArgs, opts?: pulumi.InvokeOptions): Promise { - if (!opts) { - opts = {} - } - opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invoke("vault:identity/getOidcPublicKeys:getOidcPublicKeys", { "name": args.name, "namespace": args.namespace, @@ -77,9 +74,36 @@ export interface GetOidcPublicKeysResult { readonly name: string; readonly namespace?: string; } - +/** + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as vault from "@pulumi/vault"; + * + * const key = new vault.identity.OidcKey("key", { + * allowedClientIds: ["*"], + * rotationPeriod: 3600, + * verificationTtl: 3600, + * }); + * const app = new vault.identity.OidcClient("app", { + * key: key.name, + * redirectUris: [ + * "http://127.0.0.1:9200/v1/auth-methods/oidc:authenticate:callback", + * "http://127.0.0.1:8251/callback", + * "http://127.0.0.1:8080/callback", + * ], + * idTokenTtl: 2400, + * accessTokenTtl: 7200, + * }); + * const provider = new vault.identity.OidcProvider("provider", {allowedClientIds: [vault_identity_oidc_client.test.client_id]}); + * const publicKeys = vault.identity.getOidcPublicKeysOutput({ + * name: provider.name, + * }); + * ``` + */ export function getOidcPublicKeysOutput(args: GetOidcPublicKeysOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { - return pulumi.output(args).apply(a => getOidcPublicKeys(a, opts)) + return pulumi.output(args).apply((a: any) => getOidcPublicKeys(a, opts)) } /** diff --git a/sdk/nodejs/identity/group.ts b/sdk/nodejs/identity/group.ts index 9b798b8fa..62825a02e 100644 --- a/sdk/nodejs/identity/group.ts +++ b/sdk/nodejs/identity/group.ts @@ -51,7 +51,7 @@ import * as utilities from "../utilities"; * import * as pulumi from "@pulumi/pulumi"; * import * as vault from "@pulumi/vault"; * - * const internalIdentityGroup = new vault.identity.Group("internal", { + * const internalIdentity_groupGroup = new vault.identity.Group("internalIdentity/groupGroup", { * metadata: { * version: "2", * }, @@ -61,7 +61,7 @@ import * as utilities from "../utilities"; * ], * type: "internal", * }); - * const internalGroup = new vault.identity.Group("Internal", { + * const internalGroup = new vault.identity.Group("internalGroup", { * metadata: { * version: "2", * }, diff --git a/sdk/nodejs/identity/groupMemberEntityIds.ts b/sdk/nodejs/identity/groupMemberEntityIds.ts index c8c6fb5cf..4a3c9901b 100644 --- a/sdk/nodejs/identity/groupMemberEntityIds.ts +++ b/sdk/nodejs/identity/groupMemberEntityIds.ts @@ -89,6 +89,10 @@ export class GroupMemberEntityIds extends pulumi.CustomResource { /** * Defaults to `true`. + * + * If `true`, this resource will take exclusive control of the member entities that belong to the group and will set it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the member entities specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member entities specified in the resource are removed. */ public readonly exclusive!: pulumi.Output; /** @@ -156,6 +160,10 @@ use "data.vault_identity_group.*.group_name", "vault_identity_group.*.group_name export interface GroupMemberEntityIdsState { /** * Defaults to `true`. + * + * If `true`, this resource will take exclusive control of the member entities that belong to the group and will set it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the member entities specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member entities specified in the resource are removed. */ exclusive?: pulumi.Input; /** @@ -190,6 +198,10 @@ use "data.vault_identity_group.*.group_name", "vault_identity_group.*.group_name export interface GroupMemberEntityIdsArgs { /** * Defaults to `true`. + * + * If `true`, this resource will take exclusive control of the member entities that belong to the group and will set it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the member entities specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member entities specified in the resource are removed. */ exclusive?: pulumi.Input; /** diff --git a/sdk/nodejs/identity/groupMemberGroupIds.ts b/sdk/nodejs/identity/groupMemberGroupIds.ts index 9090182b6..821454d83 100644 --- a/sdk/nodejs/identity/groupMemberGroupIds.ts +++ b/sdk/nodejs/identity/groupMemberGroupIds.ts @@ -85,6 +85,13 @@ export class GroupMemberGroupIds extends pulumi.CustomResource { /** * Defaults to `true`. + * + * If `true`, this resource will take exclusive control of the member groups that belong to the group and will set + * it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + * in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource + * are removed. */ public readonly exclusive!: pulumi.Output; /** @@ -141,6 +148,13 @@ export class GroupMemberGroupIds extends pulumi.CustomResource { export interface GroupMemberGroupIdsState { /** * Defaults to `true`. + * + * If `true`, this resource will take exclusive control of the member groups that belong to the group and will set + * it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + * in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource + * are removed. */ exclusive?: pulumi.Input; /** @@ -166,6 +180,13 @@ export interface GroupMemberGroupIdsState { export interface GroupMemberGroupIdsArgs { /** * Defaults to `true`. + * + * If `true`, this resource will take exclusive control of the member groups that belong to the group and will set + * it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + * in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource + * are removed. */ exclusive?: pulumi.Input; /** diff --git a/sdk/nodejs/identity/groupPolicies.ts b/sdk/nodejs/identity/groupPolicies.ts index 5dd5a9475..8fd61d9de 100644 --- a/sdk/nodejs/identity/groupPolicies.ts +++ b/sdk/nodejs/identity/groupPolicies.ts @@ -88,6 +88,10 @@ export class GroupPolicies extends pulumi.CustomResource { /** * Defaults to `true`. + * + * If `true`, this resource will take exclusive control of the policies assigned to the group and will set it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the group. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. */ public readonly exclusive!: pulumi.Output; /** @@ -153,6 +157,10 @@ export class GroupPolicies extends pulumi.CustomResource { export interface GroupPoliciesState { /** * Defaults to `true`. + * + * If `true`, this resource will take exclusive control of the policies assigned to the group and will set it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the group. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. */ exclusive?: pulumi.Input; /** @@ -182,6 +190,10 @@ export interface GroupPoliciesState { export interface GroupPoliciesArgs { /** * Defaults to `true`. + * + * If `true`, this resource will take exclusive control of the policies assigned to the group and will set it equal to what is specified in the resource. + * + * If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the group. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. */ exclusive?: pulumi.Input; /** diff --git a/sdk/nodejs/identity/index.ts b/sdk/nodejs/identity/index.ts index c45024752..fba3d6b4a 100644 --- a/sdk/nodejs/identity/index.ts +++ b/sdk/nodejs/identity/index.ts @@ -8,134 +8,134 @@ import * as utilities from "../utilities"; export { EntityArgs, EntityState } from "./entity"; export type Entity = import("./entity").Entity; export const Entity: typeof import("./entity").Entity = null as any; +utilities.lazyLoad(exports, ["Entity"], () => require("./entity")); export { EntityAliasArgs, EntityAliasState } from "./entityAlias"; export type EntityAlias = import("./entityAlias").EntityAlias; export const EntityAlias: typeof import("./entityAlias").EntityAlias = null as any; +utilities.lazyLoad(exports, ["EntityAlias"], () => require("./entityAlias")); export { EntityPoliciesArgs, EntityPoliciesState } from "./entityPolicies"; export type EntityPolicies = import("./entityPolicies").EntityPolicies; export const EntityPolicies: typeof import("./entityPolicies").EntityPolicies = null as any; +utilities.lazyLoad(exports, ["EntityPolicies"], () => require("./entityPolicies")); export { GetEntityArgs, GetEntityResult, GetEntityOutputArgs } from "./getEntity"; export const getEntity: typeof import("./getEntity").getEntity = null as any; export const getEntityOutput: typeof import("./getEntity").getEntityOutput = null as any; +utilities.lazyLoad(exports, ["getEntity","getEntityOutput"], () => require("./getEntity")); export { GetGroupArgs, GetGroupResult, GetGroupOutputArgs } from "./getGroup"; export const getGroup: typeof import("./getGroup").getGroup = null as any; export const getGroupOutput: typeof import("./getGroup").getGroupOutput = null as any; +utilities.lazyLoad(exports, ["getGroup","getGroupOutput"], () => require("./getGroup")); export { GetOidcClientCredsArgs, GetOidcClientCredsResult, GetOidcClientCredsOutputArgs } from "./getOidcClientCreds"; export const getOidcClientCreds: typeof import("./getOidcClientCreds").getOidcClientCreds = null as any; export const getOidcClientCredsOutput: typeof import("./getOidcClientCreds").getOidcClientCredsOutput = null as any; +utilities.lazyLoad(exports, ["getOidcClientCreds","getOidcClientCredsOutput"], () => require("./getOidcClientCreds")); export { GetOidcOpenidConfigArgs, GetOidcOpenidConfigResult, GetOidcOpenidConfigOutputArgs } from "./getOidcOpenidConfig"; export const getOidcOpenidConfig: typeof import("./getOidcOpenidConfig").getOidcOpenidConfig = null as any; export const getOidcOpenidConfigOutput: typeof import("./getOidcOpenidConfig").getOidcOpenidConfigOutput = null as any; +utilities.lazyLoad(exports, ["getOidcOpenidConfig","getOidcOpenidConfigOutput"], () => require("./getOidcOpenidConfig")); export { GetOidcPublicKeysArgs, GetOidcPublicKeysResult, GetOidcPublicKeysOutputArgs } from "./getOidcPublicKeys"; export const getOidcPublicKeys: typeof import("./getOidcPublicKeys").getOidcPublicKeys = null as any; export const getOidcPublicKeysOutput: typeof import("./getOidcPublicKeys").getOidcPublicKeysOutput = null as any; +utilities.lazyLoad(exports, ["getOidcPublicKeys","getOidcPublicKeysOutput"], () => require("./getOidcPublicKeys")); export { GroupArgs, GroupState } from "./group"; export type Group = import("./group").Group; export const Group: typeof import("./group").Group = null as any; +utilities.lazyLoad(exports, ["Group"], () => require("./group")); export { GroupAliasArgs, GroupAliasState } from "./groupAlias"; export type GroupAlias = import("./groupAlias").GroupAlias; export const GroupAlias: typeof import("./groupAlias").GroupAlias = null as any; +utilities.lazyLoad(exports, ["GroupAlias"], () => require("./groupAlias")); export { GroupMemberEntityIdsArgs, GroupMemberEntityIdsState } from "./groupMemberEntityIds"; export type GroupMemberEntityIds = import("./groupMemberEntityIds").GroupMemberEntityIds; export const GroupMemberEntityIds: typeof import("./groupMemberEntityIds").GroupMemberEntityIds = null as any; +utilities.lazyLoad(exports, ["GroupMemberEntityIds"], () => require("./groupMemberEntityIds")); export { GroupMemberGroupIdsArgs, GroupMemberGroupIdsState } from "./groupMemberGroupIds"; export type GroupMemberGroupIds = import("./groupMemberGroupIds").GroupMemberGroupIds; export const GroupMemberGroupIds: typeof import("./groupMemberGroupIds").GroupMemberGroupIds = null as any; +utilities.lazyLoad(exports, ["GroupMemberGroupIds"], () => require("./groupMemberGroupIds")); export { GroupPoliciesArgs, GroupPoliciesState } from "./groupPolicies"; export type GroupPolicies = import("./groupPolicies").GroupPolicies; export const GroupPolicies: typeof import("./groupPolicies").GroupPolicies = null as any; +utilities.lazyLoad(exports, ["GroupPolicies"], () => require("./groupPolicies")); export { MfaDuoArgs, MfaDuoState } from "./mfaDuo"; export type MfaDuo = import("./mfaDuo").MfaDuo; export const MfaDuo: typeof import("./mfaDuo").MfaDuo = null as any; +utilities.lazyLoad(exports, ["MfaDuo"], () => require("./mfaDuo")); export { MfaLoginEnforcementArgs, MfaLoginEnforcementState } from "./mfaLoginEnforcement"; export type MfaLoginEnforcement = import("./mfaLoginEnforcement").MfaLoginEnforcement; export const MfaLoginEnforcement: typeof import("./mfaLoginEnforcement").MfaLoginEnforcement = null as any; +utilities.lazyLoad(exports, ["MfaLoginEnforcement"], () => require("./mfaLoginEnforcement")); export { MfaOktaArgs, MfaOktaState } from "./mfaOkta"; export type MfaOkta = import("./mfaOkta").MfaOkta; export const MfaOkta: typeof import("./mfaOkta").MfaOkta = null as any; +utilities.lazyLoad(exports, ["MfaOkta"], () => require("./mfaOkta")); export { MfaPingidArgs, MfaPingidState } from "./mfaPingid"; export type MfaPingid = import("./mfaPingid").MfaPingid; export const MfaPingid: typeof import("./mfaPingid").MfaPingid = null as any; +utilities.lazyLoad(exports, ["MfaPingid"], () => require("./mfaPingid")); export { MfaTotpArgs, MfaTotpState } from "./mfaTotp"; export type MfaTotp = import("./mfaTotp").MfaTotp; export const MfaTotp: typeof import("./mfaTotp").MfaTotp = null as any; +utilities.lazyLoad(exports, ["MfaTotp"], () => require("./mfaTotp")); export { OidcArgs, OidcState } from "./oidc"; export type Oidc = import("./oidc").Oidc; export const Oidc: typeof import("./oidc").Oidc = null as any; +utilities.lazyLoad(exports, ["Oidc"], () => require("./oidc")); export { OidcAssignmentArgs, OidcAssignmentState } from "./oidcAssignment"; export type OidcAssignment = import("./oidcAssignment").OidcAssignment; export const OidcAssignment: typeof import("./oidcAssignment").OidcAssignment = null as any; +utilities.lazyLoad(exports, ["OidcAssignment"], () => require("./oidcAssignment")); export { OidcClientArgs, OidcClientState } from "./oidcClient"; export type OidcClient = import("./oidcClient").OidcClient; export const OidcClient: typeof import("./oidcClient").OidcClient = null as any; +utilities.lazyLoad(exports, ["OidcClient"], () => require("./oidcClient")); export { OidcKeyArgs, OidcKeyState } from "./oidcKey"; export type OidcKey = import("./oidcKey").OidcKey; export const OidcKey: typeof import("./oidcKey").OidcKey = null as any; +utilities.lazyLoad(exports, ["OidcKey"], () => require("./oidcKey")); export { OidcKeyAllowedClientIDArgs, OidcKeyAllowedClientIDState } from "./oidcKeyAllowedClientID"; export type OidcKeyAllowedClientID = import("./oidcKeyAllowedClientID").OidcKeyAllowedClientID; export const OidcKeyAllowedClientID: typeof import("./oidcKeyAllowedClientID").OidcKeyAllowedClientID = null as any; +utilities.lazyLoad(exports, ["OidcKeyAllowedClientID"], () => require("./oidcKeyAllowedClientID")); export { OidcProviderArgs, OidcProviderState } from "./oidcProvider"; export type OidcProvider = import("./oidcProvider").OidcProvider; export const OidcProvider: typeof import("./oidcProvider").OidcProvider = null as any; +utilities.lazyLoad(exports, ["OidcProvider"], () => require("./oidcProvider")); export { OidcRoleArgs, OidcRoleState } from "./oidcRole"; export type OidcRole = import("./oidcRole").OidcRole; export const OidcRole: typeof import("./oidcRole").OidcRole = null as any; +utilities.lazyLoad(exports, ["OidcRole"], () => require("./oidcRole")); export { OidcScopeArgs, OidcScopeState } from "./oidcScope"; export type OidcScope = import("./oidcScope").OidcScope; export const OidcScope: typeof import("./oidcScope").OidcScope = null as any; - -utilities.lazyLoad(exports, ["Entity"], () => require("./entity")); -utilities.lazyLoad(exports, ["EntityAlias"], () => require("./entityAlias")); -utilities.lazyLoad(exports, ["EntityPolicies"], () => require("./entityPolicies")); -utilities.lazyLoad(exports, ["getEntity","getEntityOutput"], () => require("./getEntity")); -utilities.lazyLoad(exports, ["getGroup","getGroupOutput"], () => require("./getGroup")); -utilities.lazyLoad(exports, ["getOidcClientCreds","getOidcClientCredsOutput"], () => require("./getOidcClientCreds")); -utilities.lazyLoad(exports, ["getOidcOpenidConfig","getOidcOpenidConfigOutput"], () => require("./getOidcOpenidConfig")); -utilities.lazyLoad(exports, ["getOidcPublicKeys","getOidcPublicKeysOutput"], () => require("./getOidcPublicKeys")); -utilities.lazyLoad(exports, ["Group"], () => require("./group")); -utilities.lazyLoad(exports, ["GroupAlias"], () => require("./groupAlias")); -utilities.lazyLoad(exports, ["GroupMemberEntityIds"], () => require("./groupMemberEntityIds")); -utilities.lazyLoad(exports, ["GroupMemberGroupIds"], () => require("./groupMemberGroupIds")); -utilities.lazyLoad(exports, ["GroupPolicies"], () => require("./groupPolicies")); -utilities.lazyLoad(exports, ["MfaDuo"], () => require("./mfaDuo")); -utilities.lazyLoad(exports, ["MfaLoginEnforcement"], () => require("./mfaLoginEnforcement")); -utilities.lazyLoad(exports, ["MfaOkta"], () => require("./mfaOkta")); -utilities.lazyLoad(exports, ["MfaPingid"], () => require("./mfaPingid")); -utilities.lazyLoad(exports, ["MfaTotp"], () => require("./mfaTotp")); -utilities.lazyLoad(exports, ["Oidc"], () => require("./oidc")); -utilities.lazyLoad(exports, ["OidcAssignment"], () => require("./oidcAssignment")); -utilities.lazyLoad(exports, ["OidcClient"], () => require("./oidcClient")); -utilities.lazyLoad(exports, ["OidcKey"], () => require("./oidcKey")); -utilities.lazyLoad(exports, ["OidcKeyAllowedClientID"], () => require("./oidcKeyAllowedClientID")); -utilities.lazyLoad(exports, ["OidcProvider"], () => require("./oidcProvider")); -utilities.lazyLoad(exports, ["OidcRole"], () => require("./oidcRole")); utilities.lazyLoad(exports, ["OidcScope"], () => require("./oidcScope")); + const _module = { version: utilities.getVersion(), construct: (name: string, type: string, urn: string): pulumi.Resource => { diff --git a/sdk/nodejs/identity/mfaPingid.ts b/sdk/nodejs/identity/mfaPingid.ts index 8f577e917..a40571093 100644 --- a/sdk/nodejs/identity/mfaPingid.ts +++ b/sdk/nodejs/identity/mfaPingid.ts @@ -13,9 +13,7 @@ import * as utilities from "../utilities"; * import * as pulumi from "@pulumi/pulumi"; * import * as vault from "@pulumi/vault"; * - * const example = new vault.identity.MfaPingid("example", { - * settingsFileBase64: "CnVzZV9iYXNlNjR[...]HBtCg==", - * }); + * const example = new vault.identity.MfaPingid("example", {settingsFileBase64: "CnVzZV9iYXNlNjR[...]HBtCg=="}); * ``` * * ## Import diff --git a/sdk/nodejs/identity/mfaTotp.ts b/sdk/nodejs/identity/mfaTotp.ts index 98bcc58d1..7ed0cc7cc 100644 --- a/sdk/nodejs/identity/mfaTotp.ts +++ b/sdk/nodejs/identity/mfaTotp.ts @@ -13,9 +13,7 @@ import * as utilities from "../utilities"; * import * as pulumi from "@pulumi/pulumi"; * import * as vault from "@pulumi/vault"; * - * const example = new vault.identity.MfaTotp("example", { - * issuer: "issuer1", - * }); + * const example = new vault.identity.MfaTotp("example", {issuer: "issuer1"}); * ``` * * ## Import diff --git a/sdk/nodejs/identity/oidc.ts b/sdk/nodejs/identity/oidc.ts index b62cccd8f..b9fc9af06 100644 --- a/sdk/nodejs/identity/oidc.ts +++ b/sdk/nodejs/identity/oidc.ts @@ -18,9 +18,7 @@ import * as utilities from "../utilities"; * import * as pulumi from "@pulumi/pulumi"; * import * as vault from "@pulumi/vault"; * - * const server = new vault.identity.Oidc("server", { - * issuer: "https://www.acme.com", - * }); + * const server = new vault.identity.Oidc("server", {issuer: "https://www.acme.com"}); * ``` */ export class Oidc extends pulumi.CustomResource { diff --git a/sdk/nodejs/identity/oidcKey.ts b/sdk/nodejs/identity/oidcKey.ts index e280888a1..b1cfe07a5 100644 --- a/sdk/nodejs/identity/oidcKey.ts +++ b/sdk/nodejs/identity/oidcKey.ts @@ -21,7 +21,7 @@ import * as utilities from "../utilities"; * * ## Import * - * The key can be imported with the key name, for example + * The key can be imported with the key name, for example: * * ```sh * $ pulumi import vault:identity/oidcKey:OidcKey key key @@ -61,8 +61,8 @@ export class OidcKey extends pulumi.CustomResource { */ public readonly algorithm!: pulumi.Output; /** - * Array of role client ids allowed to use this key for signing. If empty, no roles are allowed. If "*", all roles are - * allowed. + * Array of role client ID allowed to use this key for signing. If + * empty, no roles are allowed. If `["*"]`, all roles are allowed. */ public readonly allowedClientIds!: pulumi.Output; /** @@ -129,8 +129,8 @@ export interface OidcKeyState { */ algorithm?: pulumi.Input; /** - * Array of role client ids allowed to use this key for signing. If empty, no roles are allowed. If "*", all roles are - * allowed. + * Array of role client ID allowed to use this key for signing. If + * empty, no roles are allowed. If `["*"]`, all roles are allowed. */ allowedClientIds?: pulumi.Input[]>; /** @@ -165,8 +165,8 @@ export interface OidcKeyArgs { */ algorithm?: pulumi.Input; /** - * Array of role client ids allowed to use this key for signing. If empty, no roles are allowed. If "*", all roles are - * allowed. + * Array of role client ID allowed to use this key for signing. If + * empty, no roles are allowed. If `["*"]`, all roles are allowed. */ allowedClientIds?: pulumi.Input[]>; /** diff --git a/sdk/nodejs/identity/oidcRole.ts b/sdk/nodejs/identity/oidcRole.ts index 3899410ca..056b8fbae 100644 --- a/sdk/nodejs/identity/oidcRole.ts +++ b/sdk/nodejs/identity/oidcRole.ts @@ -43,7 +43,7 @@ import * as utilities from "../utilities"; * * ## Import * - * The key can be imported with the role name, for example + * The key can be imported with the role name, for example: * * ```sh * $ pulumi import vault:identity/oidcRole:OidcRole role role diff --git a/sdk/nodejs/index.ts b/sdk/nodejs/index.ts index 824b44165..a67383778 100644 --- a/sdk/nodejs/index.ts +++ b/sdk/nodejs/index.ts @@ -8,129 +8,139 @@ import * as utilities from "./utilities"; export { AuditArgs, AuditState } from "./audit"; export type Audit = import("./audit").Audit; export const Audit: typeof import("./audit").Audit = null as any; +utilities.lazyLoad(exports, ["Audit"], () => require("./audit")); export { AuditRequestHeaderArgs, AuditRequestHeaderState } from "./auditRequestHeader"; export type AuditRequestHeader = import("./auditRequestHeader").AuditRequestHeader; export const AuditRequestHeader: typeof import("./auditRequestHeader").AuditRequestHeader = null as any; +utilities.lazyLoad(exports, ["AuditRequestHeader"], () => require("./auditRequestHeader")); export { AuthBackendArgs, AuthBackendState } from "./authBackend"; export type AuthBackend = import("./authBackend").AuthBackend; export const AuthBackend: typeof import("./authBackend").AuthBackend = null as any; +utilities.lazyLoad(exports, ["AuthBackend"], () => require("./authBackend")); export { CertAuthBackendRoleArgs, CertAuthBackendRoleState } from "./certAuthBackendRole"; export type CertAuthBackendRole = import("./certAuthBackendRole").CertAuthBackendRole; export const CertAuthBackendRole: typeof import("./certAuthBackendRole").CertAuthBackendRole = null as any; +utilities.lazyLoad(exports, ["CertAuthBackendRole"], () => require("./certAuthBackendRole")); export { EgpPolicyArgs, EgpPolicyState } from "./egpPolicy"; export type EgpPolicy = import("./egpPolicy").EgpPolicy; export const EgpPolicy: typeof import("./egpPolicy").EgpPolicy = null as any; +utilities.lazyLoad(exports, ["EgpPolicy"], () => require("./egpPolicy")); export { GetAuthBackendArgs, GetAuthBackendResult, GetAuthBackendOutputArgs } from "./getAuthBackend"; export const getAuthBackend: typeof import("./getAuthBackend").getAuthBackend = null as any; export const getAuthBackendOutput: typeof import("./getAuthBackend").getAuthBackendOutput = null as any; +utilities.lazyLoad(exports, ["getAuthBackend","getAuthBackendOutput"], () => require("./getAuthBackend")); + +export { GetAuthBackendsArgs, GetAuthBackendsResult, GetAuthBackendsOutputArgs } from "./getAuthBackends"; +export const getAuthBackends: typeof import("./getAuthBackends").getAuthBackends = null as any; +export const getAuthBackendsOutput: typeof import("./getAuthBackends").getAuthBackendsOutput = null as any; +utilities.lazyLoad(exports, ["getAuthBackends","getAuthBackendsOutput"], () => require("./getAuthBackends")); export { GetNomadAccessTokenArgs, GetNomadAccessTokenResult, GetNomadAccessTokenOutputArgs } from "./getNomadAccessToken"; export const getNomadAccessToken: typeof import("./getNomadAccessToken").getNomadAccessToken = null as any; export const getNomadAccessTokenOutput: typeof import("./getNomadAccessToken").getNomadAccessTokenOutput = null as any; +utilities.lazyLoad(exports, ["getNomadAccessToken","getNomadAccessTokenOutput"], () => require("./getNomadAccessToken")); export { GetPolicyDocumentArgs, GetPolicyDocumentResult, GetPolicyDocumentOutputArgs } from "./getPolicyDocument"; export const getPolicyDocument: typeof import("./getPolicyDocument").getPolicyDocument = null as any; export const getPolicyDocumentOutput: typeof import("./getPolicyDocument").getPolicyDocumentOutput = null as any; +utilities.lazyLoad(exports, ["getPolicyDocument","getPolicyDocumentOutput"], () => require("./getPolicyDocument")); + +export { GetRaftAutopilotStateArgs, GetRaftAutopilotStateResult, GetRaftAutopilotStateOutputArgs } from "./getRaftAutopilotState"; +export const getRaftAutopilotState: typeof import("./getRaftAutopilotState").getRaftAutopilotState = null as any; +export const getRaftAutopilotStateOutput: typeof import("./getRaftAutopilotState").getRaftAutopilotStateOutput = null as any; +utilities.lazyLoad(exports, ["getRaftAutopilotState","getRaftAutopilotStateOutput"], () => require("./getRaftAutopilotState")); export { MfaDuoArgs, MfaDuoState } from "./mfaDuo"; export type MfaDuo = import("./mfaDuo").MfaDuo; export const MfaDuo: typeof import("./mfaDuo").MfaDuo = null as any; +utilities.lazyLoad(exports, ["MfaDuo"], () => require("./mfaDuo")); export { MfaOktaArgs, MfaOktaState } from "./mfaOkta"; export type MfaOkta = import("./mfaOkta").MfaOkta; export const MfaOkta: typeof import("./mfaOkta").MfaOkta = null as any; +utilities.lazyLoad(exports, ["MfaOkta"], () => require("./mfaOkta")); export { MfaPingidArgs, MfaPingidState } from "./mfaPingid"; export type MfaPingid = import("./mfaPingid").MfaPingid; export const MfaPingid: typeof import("./mfaPingid").MfaPingid = null as any; +utilities.lazyLoad(exports, ["MfaPingid"], () => require("./mfaPingid")); export { MfaTotpArgs, MfaTotpState } from "./mfaTotp"; export type MfaTotp = import("./mfaTotp").MfaTotp; export const MfaTotp: typeof import("./mfaTotp").MfaTotp = null as any; +utilities.lazyLoad(exports, ["MfaTotp"], () => require("./mfaTotp")); export { MountArgs, MountState } from "./mount"; export type Mount = import("./mount").Mount; export const Mount: typeof import("./mount").Mount = null as any; +utilities.lazyLoad(exports, ["Mount"], () => require("./mount")); export { NamespaceArgs, NamespaceState } from "./namespace"; export type Namespace = import("./namespace").Namespace; export const Namespace: typeof import("./namespace").Namespace = null as any; +utilities.lazyLoad(exports, ["Namespace"], () => require("./namespace")); export { NomadSecretBackendArgs, NomadSecretBackendState } from "./nomadSecretBackend"; export type NomadSecretBackend = import("./nomadSecretBackend").NomadSecretBackend; export const NomadSecretBackend: typeof import("./nomadSecretBackend").NomadSecretBackend = null as any; +utilities.lazyLoad(exports, ["NomadSecretBackend"], () => require("./nomadSecretBackend")); export { NomadSecretRoleArgs, NomadSecretRoleState } from "./nomadSecretRole"; export type NomadSecretRole = import("./nomadSecretRole").NomadSecretRole; export const NomadSecretRole: typeof import("./nomadSecretRole").NomadSecretRole = null as any; +utilities.lazyLoad(exports, ["NomadSecretRole"], () => require("./nomadSecretRole")); export { PasswordPolicyArgs, PasswordPolicyState } from "./passwordPolicy"; export type PasswordPolicy = import("./passwordPolicy").PasswordPolicy; export const PasswordPolicy: typeof import("./passwordPolicy").PasswordPolicy = null as any; +utilities.lazyLoad(exports, ["PasswordPolicy"], () => require("./passwordPolicy")); export { PolicyArgs, PolicyState } from "./policy"; export type Policy = import("./policy").Policy; export const Policy: typeof import("./policy").Policy = null as any; +utilities.lazyLoad(exports, ["Policy"], () => require("./policy")); export { ProviderArgs } from "./provider"; export type Provider = import("./provider").Provider; export const Provider: typeof import("./provider").Provider = null as any; +utilities.lazyLoad(exports, ["Provider"], () => require("./provider")); export { QuotaLeaseCountArgs, QuotaLeaseCountState } from "./quotaLeaseCount"; export type QuotaLeaseCount = import("./quotaLeaseCount").QuotaLeaseCount; export const QuotaLeaseCount: typeof import("./quotaLeaseCount").QuotaLeaseCount = null as any; +utilities.lazyLoad(exports, ["QuotaLeaseCount"], () => require("./quotaLeaseCount")); export { QuotaRateLimitArgs, QuotaRateLimitState } from "./quotaRateLimit"; export type QuotaRateLimit = import("./quotaRateLimit").QuotaRateLimit; export const QuotaRateLimit: typeof import("./quotaRateLimit").QuotaRateLimit = null as any; +utilities.lazyLoad(exports, ["QuotaRateLimit"], () => require("./quotaRateLimit")); export { RaftAutopilotArgs, RaftAutopilotState } from "./raftAutopilot"; export type RaftAutopilot = import("./raftAutopilot").RaftAutopilot; export const RaftAutopilot: typeof import("./raftAutopilot").RaftAutopilot = null as any; +utilities.lazyLoad(exports, ["RaftAutopilot"], () => require("./raftAutopilot")); export { RaftSnapshotAgentConfigArgs, RaftSnapshotAgentConfigState } from "./raftSnapshotAgentConfig"; export type RaftSnapshotAgentConfig = import("./raftSnapshotAgentConfig").RaftSnapshotAgentConfig; export const RaftSnapshotAgentConfig: typeof import("./raftSnapshotAgentConfig").RaftSnapshotAgentConfig = null as any; +utilities.lazyLoad(exports, ["RaftSnapshotAgentConfig"], () => require("./raftSnapshotAgentConfig")); export { RgpPolicyArgs, RgpPolicyState } from "./rgpPolicy"; export type RgpPolicy = import("./rgpPolicy").RgpPolicy; export const RgpPolicy: typeof import("./rgpPolicy").RgpPolicy = null as any; +utilities.lazyLoad(exports, ["RgpPolicy"], () => require("./rgpPolicy")); export { TokenArgs, TokenState } from "./token"; export type Token = import("./token").Token; export const Token: typeof import("./token").Token = null as any; - -utilities.lazyLoad(exports, ["Audit"], () => require("./audit")); -utilities.lazyLoad(exports, ["AuditRequestHeader"], () => require("./auditRequestHeader")); -utilities.lazyLoad(exports, ["AuthBackend"], () => require("./authBackend")); -utilities.lazyLoad(exports, ["CertAuthBackendRole"], () => require("./certAuthBackendRole")); -utilities.lazyLoad(exports, ["EgpPolicy"], () => require("./egpPolicy")); -utilities.lazyLoad(exports, ["getAuthBackend","getAuthBackendOutput"], () => require("./getAuthBackend")); -utilities.lazyLoad(exports, ["getNomadAccessToken","getNomadAccessTokenOutput"], () => require("./getNomadAccessToken")); -utilities.lazyLoad(exports, ["getPolicyDocument","getPolicyDocumentOutput"], () => require("./getPolicyDocument")); -utilities.lazyLoad(exports, ["MfaDuo"], () => require("./mfaDuo")); -utilities.lazyLoad(exports, ["MfaOkta"], () => require("./mfaOkta")); -utilities.lazyLoad(exports, ["MfaPingid"], () => require("./mfaPingid")); -utilities.lazyLoad(exports, ["MfaTotp"], () => require("./mfaTotp")); -utilities.lazyLoad(exports, ["Mount"], () => require("./mount")); -utilities.lazyLoad(exports, ["Namespace"], () => require("./namespace")); -utilities.lazyLoad(exports, ["NomadSecretBackend"], () => require("./nomadSecretBackend")); -utilities.lazyLoad(exports, ["NomadSecretRole"], () => require("./nomadSecretRole")); -utilities.lazyLoad(exports, ["PasswordPolicy"], () => require("./passwordPolicy")); -utilities.lazyLoad(exports, ["Policy"], () => require("./policy")); -utilities.lazyLoad(exports, ["Provider"], () => require("./provider")); -utilities.lazyLoad(exports, ["QuotaLeaseCount"], () => require("./quotaLeaseCount")); -utilities.lazyLoad(exports, ["QuotaRateLimit"], () => require("./quotaRateLimit")); -utilities.lazyLoad(exports, ["RaftAutopilot"], () => require("./raftAutopilot")); -utilities.lazyLoad(exports, ["RaftSnapshotAgentConfig"], () => require("./raftSnapshotAgentConfig")); -utilities.lazyLoad(exports, ["RgpPolicy"], () => require("./rgpPolicy")); utilities.lazyLoad(exports, ["Token"], () => require("./token")); + // Export sub-modules: import * as ad from "./ad"; import * as alicloud from "./alicloud"; @@ -154,6 +164,7 @@ import * as mongodbatlas from "./mongodbatlas"; import * as okta from "./okta"; import * as pkisecret from "./pkisecret"; import * as rabbitmq from "./rabbitmq"; +import * as saml from "./saml"; import * as ssh from "./ssh"; import * as terraformcloud from "./terraformcloud"; import * as tokenauth from "./tokenauth"; @@ -184,6 +195,7 @@ export { okta, pkisecret, rabbitmq, + saml, ssh, terraformcloud, tokenauth, diff --git a/sdk/nodejs/jwt/authBackend.ts b/sdk/nodejs/jwt/authBackend.ts index fc4783962..ef528cbaf 100644 --- a/sdk/nodejs/jwt/authBackend.ts +++ b/sdk/nodejs/jwt/authBackend.ts @@ -57,9 +57,9 @@ import * as utilities from "../utilities"; * oidcDiscoveryUrl: "https://accounts.google.com", * path: "oidc", * providerConfig: { - * fetch_groups: true, - * fetch_user_info: true, - * groups_recurse_max_depth: 1, + * fetch_groups: "true", + * fetch_user_info: "true", + * groups_recurse_max_depth: "1", * provider: "gsuite", * }, * type: "oidc", @@ -73,7 +73,6 @@ import * as utilities from "../utilities"; * ```sh * $ pulumi import vault:jwt/authBackend:AuthBackend oidc oidc * ``` - * * or * * ```sh @@ -158,6 +157,10 @@ export class AuthBackend extends pulumi.CustomResource { public readonly namespace!: pulumi.Output; /** * Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs + * + * * tune - (Optional) Extra configuration block. Structure is documented below. + * + * The `tune` block is used to tune the auth backend: */ public readonly namespaceInState!: pulumi.Output; /** @@ -319,6 +322,10 @@ export interface AuthBackendState { namespace?: pulumi.Input; /** * Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs + * + * * tune - (Optional) Extra configuration block. Structure is documented below. + * + * The `tune` block is used to tune the auth backend: */ namespaceInState?: pulumi.Input; /** @@ -410,6 +417,10 @@ export interface AuthBackendArgs { namespace?: pulumi.Input; /** * Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs + * + * * tune - (Optional) Extra configuration block. Structure is documented below. + * + * The `tune` block is used to tune the auth backend: */ namespaceInState?: pulumi.Input; /** diff --git a/sdk/nodejs/jwt/index.ts b/sdk/nodejs/jwt/index.ts index ed6fefbb7..d66a5d241 100644 --- a/sdk/nodejs/jwt/index.ts +++ b/sdk/nodejs/jwt/index.ts @@ -8,14 +8,14 @@ import * as utilities from "../utilities"; export { AuthBackendArgs, AuthBackendState } from "./authBackend"; export type AuthBackend = import("./authBackend").AuthBackend; export const AuthBackend: typeof import("./authBackend").AuthBackend = null as any; +utilities.lazyLoad(exports, ["AuthBackend"], () => require("./authBackend")); export { AuthBackendRoleArgs, AuthBackendRoleState } from "./authBackendRole"; export type AuthBackendRole = import("./authBackendRole").AuthBackendRole; export const AuthBackendRole: typeof import("./authBackendRole").AuthBackendRole = null as any; - -utilities.lazyLoad(exports, ["AuthBackend"], () => require("./authBackend")); utilities.lazyLoad(exports, ["AuthBackendRole"], () => require("./authBackendRole")); + const _module = { version: utilities.getVersion(), construct: (name: string, type: string, urn: string): pulumi.Resource => { diff --git a/sdk/nodejs/kmip/index.ts b/sdk/nodejs/kmip/index.ts index 4549bfabf..89aed7ff6 100644 --- a/sdk/nodejs/kmip/index.ts +++ b/sdk/nodejs/kmip/index.ts @@ -8,19 +8,19 @@ import * as utilities from "../utilities"; export { SecretBackendArgs, SecretBackendState } from "./secretBackend"; export type SecretBackend = import("./secretBackend").SecretBackend; export const SecretBackend: typeof import("./secretBackend").SecretBackend = null as any; +utilities.lazyLoad(exports, ["SecretBackend"], () => require("./secretBackend")); export { SecretRoleArgs, SecretRoleState } from "./secretRole"; export type SecretRole = import("./secretRole").SecretRole; export const SecretRole: typeof import("./secretRole").SecretRole = null as any; +utilities.lazyLoad(exports, ["SecretRole"], () => require("./secretRole")); export { SecretScopeArgs, SecretScopeState } from "./secretScope"; export type SecretScope = import("./secretScope").SecretScope; export const SecretScope: typeof import("./secretScope").SecretScope = null as any; - -utilities.lazyLoad(exports, ["SecretBackend"], () => require("./secretBackend")); -utilities.lazyLoad(exports, ["SecretRole"], () => require("./secretRole")); utilities.lazyLoad(exports, ["SecretScope"], () => require("./secretScope")); + const _module = { version: utilities.getVersion(), construct: (name: string, type: string, urn: string): pulumi.Resource => { diff --git a/sdk/nodejs/kmip/secretBackend.ts b/sdk/nodejs/kmip/secretBackend.ts index 5f3be96ae..b26a9a57e 100644 --- a/sdk/nodejs/kmip/secretBackend.ts +++ b/sdk/nodejs/kmip/secretBackend.ts @@ -15,7 +15,7 @@ import * as utilities from "../utilities"; * import * as pulumi from "@pulumi/pulumi"; * import * as vault from "@pulumi/vault"; * - * const defaultSecretBackend = new vault.kmip.SecretBackend("default", { + * const _default = new vault.kmip.SecretBackend("default", { * defaultTlsClientKeyBits: 4096, * defaultTlsClientKeyType: "rsa", * defaultTlsClientTtl: 86400, diff --git a/sdk/nodejs/kubernetes/authBackendRole.ts b/sdk/nodejs/kubernetes/authBackendRole.ts index 936956ed0..98fc76acd 100644 --- a/sdk/nodejs/kubernetes/authBackendRole.ts +++ b/sdk/nodejs/kubernetes/authBackendRole.ts @@ -74,6 +74,10 @@ export class AuthBackendRole extends pulumi.CustomResource { public readonly aliasNameSource!: pulumi.Output; /** * Audience claim to verify in the JWT. + * + * > Please see [aliasNameSource](https://www.vaultproject.io/api-docs/auth/kubernetes#alias_name_source) + * before setting this to something other its default value. There are **important** security + * implications to be aware of. */ public readonly audience!: pulumi.Output; /** @@ -225,6 +229,10 @@ export interface AuthBackendRoleState { aliasNameSource?: pulumi.Input; /** * Audience claim to verify in the JWT. + * + * > Please see [aliasNameSource](https://www.vaultproject.io/api-docs/auth/kubernetes#alias_name_source) + * before setting this to something other its default value. There are **important** security + * implications to be aware of. */ audience?: pulumi.Input; /** @@ -315,6 +323,10 @@ export interface AuthBackendRoleArgs { aliasNameSource?: pulumi.Input; /** * Audience claim to verify in the JWT. + * + * > Please see [aliasNameSource](https://www.vaultproject.io/api-docs/auth/kubernetes#alias_name_source) + * before setting this to something other its default value. There are **important** security + * implications to be aware of. */ audience?: pulumi.Input; /** diff --git a/sdk/nodejs/kubernetes/getAuthBackendConfig.ts b/sdk/nodejs/kubernetes/getAuthBackendConfig.ts index 543220c34..89f741914 100644 --- a/sdk/nodejs/kubernetes/getAuthBackendConfig.ts +++ b/sdk/nodejs/kubernetes/getAuthBackendConfig.ts @@ -11,11 +11,8 @@ import * as utilities from "../utilities"; */ export function getAuthBackendConfig(args?: GetAuthBackendConfigArgs, opts?: pulumi.InvokeOptions): Promise { args = args || {}; - if (!opts) { - opts = {} - } - opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invoke("vault:kubernetes/getAuthBackendConfig:getAuthBackendConfig", { "backend": args.backend, "disableIssValidation": args.disableIssValidation, @@ -93,9 +90,13 @@ export interface GetAuthBackendConfigResult { */ readonly pemKeys: string[]; } - +/** + * Reads the Role of an Kubernetes from a Vault server. See the [Vault + * documentation](https://www.vaultproject.io/api-docs/auth/kubernetes#read-config) for more + * information. + */ export function getAuthBackendConfigOutput(args?: GetAuthBackendConfigOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { - return pulumi.output(args).apply(a => getAuthBackendConfig(a, opts)) + return pulumi.output(args).apply((a: any) => getAuthBackendConfig(a, opts)) } /** diff --git a/sdk/nodejs/kubernetes/getAuthBackendRole.ts b/sdk/nodejs/kubernetes/getAuthBackendRole.ts index 14dac560d..e25905603 100644 --- a/sdk/nodejs/kubernetes/getAuthBackendRole.ts +++ b/sdk/nodejs/kubernetes/getAuthBackendRole.ts @@ -10,11 +10,8 @@ import * as utilities from "../utilities"; * information. */ export function getAuthBackendRole(args: GetAuthBackendRoleArgs, opts?: pulumi.InvokeOptions): Promise { - if (!opts) { - opts = {} - } - opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invoke("vault:kubernetes/getAuthBackendRole:getAuthBackendRole", { "audience": args.audience, "backend": args.backend, @@ -194,9 +191,13 @@ export interface GetAuthBackendRoleResult { */ readonly tokenType?: string; } - +/** + * Reads the Role of an Kubernetes from a Vault server. See the [Vault + * documentation](https://www.vaultproject.io/api-docs/auth/kubernetes#read-role) for more + * information. + */ export function getAuthBackendRoleOutput(args: GetAuthBackendRoleOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { - return pulumi.output(args).apply(a => getAuthBackendRole(a, opts)) + return pulumi.output(args).apply((a: any) => getAuthBackendRole(a, opts)) } /** diff --git a/sdk/nodejs/kubernetes/getServiceAccountToken.ts b/sdk/nodejs/kubernetes/getServiceAccountToken.ts index 44973d331..3bff5d8f5 100644 --- a/sdk/nodejs/kubernetes/getServiceAccountToken.ts +++ b/sdk/nodejs/kubernetes/getServiceAccountToken.ts @@ -45,11 +45,8 @@ import * as utilities from "../utilities"; * ``` */ export function getServiceAccountToken(args: GetServiceAccountTokenArgs, opts?: pulumi.InvokeOptions): Promise { - if (!opts) { - opts = {} - } - opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invoke("vault:kubernetes/getServiceAccountToken:getServiceAccountToken", { "backend": args.backend, "clusterRoleBinding": args.clusterRoleBinding, @@ -137,9 +134,48 @@ export interface GetServiceAccountTokenResult { readonly serviceAccountToken: string; readonly ttl?: string; } - +/** + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as fs from "fs"; + * import * as vault from "@pulumi/vault"; + * + * const config = new vault.kubernetes.SecretBackend("config", { + * path: "kubernetes", + * description: "kubernetes secrets engine description", + * kubernetesHost: "https://127.0.0.1:61233", + * kubernetesCaCert: fs.readFileSync("/path/to/cert"), + * serviceAccountJwt: fs.readFileSync("/path/to/token"), + * disableLocalCaJwt: false, + * }); + * const role = new vault.kubernetes.SecretBackendRole("role", { + * backend: config.path, + * allowedKubernetesNamespaces: ["*"], + * tokenMaxTtl: 43200, + * tokenDefaultTtl: 21600, + * serviceAccountName: "test-service-account-with-generated-token", + * extraLabels: { + * id: "abc123", + * name: "some_name", + * }, + * extraAnnotations: { + * env: "development", + * location: "earth", + * }, + * }); + * const token = vault.kubernetes.getServiceAccountTokenOutput({ + * backend: config.path, + * role: role.name, + * kubernetesNamespace: "test", + * clusterRoleBinding: false, + * ttl: "1h", + * }); + * ``` + */ export function getServiceAccountTokenOutput(args: GetServiceAccountTokenOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { - return pulumi.output(args).apply(a => getServiceAccountToken(a, opts)) + return pulumi.output(args).apply((a: any) => getServiceAccountToken(a, opts)) } /** diff --git a/sdk/nodejs/kubernetes/index.ts b/sdk/nodejs/kubernetes/index.ts index 017107a4d..70e10dd37 100644 --- a/sdk/nodejs/kubernetes/index.ts +++ b/sdk/nodejs/kubernetes/index.ts @@ -8,39 +8,39 @@ import * as utilities from "../utilities"; export { AuthBackendConfigArgs, AuthBackendConfigState } from "./authBackendConfig"; export type AuthBackendConfig = import("./authBackendConfig").AuthBackendConfig; export const AuthBackendConfig: typeof import("./authBackendConfig").AuthBackendConfig = null as any; +utilities.lazyLoad(exports, ["AuthBackendConfig"], () => require("./authBackendConfig")); export { AuthBackendRoleArgs, AuthBackendRoleState } from "./authBackendRole"; export type AuthBackendRole = import("./authBackendRole").AuthBackendRole; export const AuthBackendRole: typeof import("./authBackendRole").AuthBackendRole = null as any; +utilities.lazyLoad(exports, ["AuthBackendRole"], () => require("./authBackendRole")); export { GetAuthBackendConfigArgs, GetAuthBackendConfigResult, GetAuthBackendConfigOutputArgs } from "./getAuthBackendConfig"; export const getAuthBackendConfig: typeof import("./getAuthBackendConfig").getAuthBackendConfig = null as any; export const getAuthBackendConfigOutput: typeof import("./getAuthBackendConfig").getAuthBackendConfigOutput = null as any; +utilities.lazyLoad(exports, ["getAuthBackendConfig","getAuthBackendConfigOutput"], () => require("./getAuthBackendConfig")); export { GetAuthBackendRoleArgs, GetAuthBackendRoleResult, GetAuthBackendRoleOutputArgs } from "./getAuthBackendRole"; export const getAuthBackendRole: typeof import("./getAuthBackendRole").getAuthBackendRole = null as any; export const getAuthBackendRoleOutput: typeof import("./getAuthBackendRole").getAuthBackendRoleOutput = null as any; +utilities.lazyLoad(exports, ["getAuthBackendRole","getAuthBackendRoleOutput"], () => require("./getAuthBackendRole")); export { GetServiceAccountTokenArgs, GetServiceAccountTokenResult, GetServiceAccountTokenOutputArgs } from "./getServiceAccountToken"; export const getServiceAccountToken: typeof import("./getServiceAccountToken").getServiceAccountToken = null as any; export const getServiceAccountTokenOutput: typeof import("./getServiceAccountToken").getServiceAccountTokenOutput = null as any; +utilities.lazyLoad(exports, ["getServiceAccountToken","getServiceAccountTokenOutput"], () => require("./getServiceAccountToken")); export { SecretBackendArgs, SecretBackendState } from "./secretBackend"; export type SecretBackend = import("./secretBackend").SecretBackend; export const SecretBackend: typeof import("./secretBackend").SecretBackend = null as any; +utilities.lazyLoad(exports, ["SecretBackend"], () => require("./secretBackend")); export { SecretBackendRoleArgs, SecretBackendRoleState } from "./secretBackendRole"; export type SecretBackendRole = import("./secretBackendRole").SecretBackendRole; export const SecretBackendRole: typeof import("./secretBackendRole").SecretBackendRole = null as any; - -utilities.lazyLoad(exports, ["AuthBackendConfig"], () => require("./authBackendConfig")); -utilities.lazyLoad(exports, ["AuthBackendRole"], () => require("./authBackendRole")); -utilities.lazyLoad(exports, ["getAuthBackendConfig","getAuthBackendConfigOutput"], () => require("./getAuthBackendConfig")); -utilities.lazyLoad(exports, ["getAuthBackendRole","getAuthBackendRoleOutput"], () => require("./getAuthBackendRole")); -utilities.lazyLoad(exports, ["getServiceAccountToken","getServiceAccountTokenOutput"], () => require("./getServiceAccountToken")); -utilities.lazyLoad(exports, ["SecretBackend"], () => require("./secretBackend")); utilities.lazyLoad(exports, ["SecretBackendRole"], () => require("./secretBackendRole")); + const _module = { version: utilities.getVersion(), construct: (name: string, type: string, urn: string): pulumi.Resource => { diff --git a/sdk/nodejs/kubernetes/secretBackendRole.ts b/sdk/nodejs/kubernetes/secretBackendRole.ts index 6b8475c32..11e6ad35d 100644 --- a/sdk/nodejs/kubernetes/secretBackendRole.ts +++ b/sdk/nodejs/kubernetes/secretBackendRole.ts @@ -162,6 +162,8 @@ export class SecretBackendRole extends pulumi.CustomResource { /** * Additional labels to apply to all generated Kubernetes * objects. + * + * This resource also directly accepts all vault.Mount fields. */ public readonly extraLabels!: pulumi.Output<{[key: string]: string} | undefined>; /** @@ -289,6 +291,8 @@ export interface SecretBackendRoleState { /** * Additional labels to apply to all generated Kubernetes * objects. + * + * This resource also directly accepts all vault.Mount fields. */ extraLabels?: pulumi.Input<{[key: string]: pulumi.Input}>; /** @@ -364,6 +368,8 @@ export interface SecretBackendRoleArgs { /** * Additional labels to apply to all generated Kubernetes * objects. + * + * This resource also directly accepts all vault.Mount fields. */ extraLabels?: pulumi.Input<{[key: string]: pulumi.Input}>; /** diff --git a/sdk/nodejs/kv/getSecret.ts b/sdk/nodejs/kv/getSecret.ts index 948ab6bac..c9e55e10b 100644 --- a/sdk/nodejs/kv/getSecret.ts +++ b/sdk/nodejs/kv/getSecret.ts @@ -35,11 +35,8 @@ import * as utilities from "../utilities"; * Use of this resource requires the `read` capability on the given path. */ export function getSecret(args: GetSecretArgs, opts?: pulumi.InvokeOptions): Promise { - if (!opts) { - opts = {} - } - opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invoke("vault:kv/getSecret:getSecret", { "namespace": args.namespace, "path": args.path, @@ -100,9 +97,38 @@ export interface GetSecretResult { readonly namespace?: string; readonly path: string; } - +/** + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as vault from "@pulumi/vault"; + * + * const kvv1 = new vault.Mount("kvv1", { + * path: "kvv1", + * type: "kv", + * options: { + * version: "1", + * }, + * description: "KV Version 1 secret engine mount", + * }); + * const secret = new vault.kv.Secret("secret", { + * path: pulumi.interpolate`${kvv1.path}/secret`, + * dataJson: JSON.stringify({ + * zip: "zap", + * foo: "bar", + * }), + * }); + * const secretData = vault.kv.getSecretOutput({ + * path: secret.path, + * }); + * ``` + * ## Required Vault Capabilities + * + * Use of this resource requires the `read` capability on the given path. + */ export function getSecretOutput(args: GetSecretOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { - return pulumi.output(args).apply(a => getSecret(a, opts)) + return pulumi.output(args).apply((a: any) => getSecret(a, opts)) } /** diff --git a/sdk/nodejs/kv/getSecretSubkeysV2.ts b/sdk/nodejs/kv/getSecretSubkeysV2.ts index 9b0d9cc1f..00ccfde18 100644 --- a/sdk/nodejs/kv/getSecretSubkeysV2.ts +++ b/sdk/nodejs/kv/getSecretSubkeysV2.ts @@ -36,11 +36,8 @@ import * as utilities from "../utilities"; * Use of this resource requires the `read` capability on the given path. */ export function getSecretSubkeysV2(args: GetSecretSubkeysV2Args, opts?: pulumi.InvokeOptions): Promise { - if (!opts) { - opts = {} - } - opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invoke("vault:kv/getSecretSubkeysV2:getSecretSubkeysV2", { "depth": args.depth, "mount": args.mount, @@ -112,9 +109,39 @@ export interface GetSecretSubkeysV2Result { readonly path: string; readonly version?: number; } - +/** + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as vault from "@pulumi/vault"; + * + * const kvv2 = new vault.Mount("kvv2", { + * path: "kvv2", + * type: "kv", + * options: { + * version: "2", + * }, + * description: "KV Version 2 secret engine mount", + * }); + * const awsSecret = new vault.kv.SecretV2("awsSecret", { + * mount: kvv2.path, + * dataJson: JSON.stringify({ + * zip: "zap", + * foo: "bar", + * }), + * }); + * const test = vault.kv.getSecretSubkeysV2Output({ + * mount: kvv2.path, + * name: awsSecret.name, + * }); + * ``` + * ## Required Vault Capabilities + * + * Use of this resource requires the `read` capability on the given path. + */ export function getSecretSubkeysV2Output(args: GetSecretSubkeysV2OutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { - return pulumi.output(args).apply(a => getSecretSubkeysV2(a, opts)) + return pulumi.output(args).apply((a: any) => getSecretSubkeysV2(a, opts)) } /** diff --git a/sdk/nodejs/kv/getSecretV2.ts b/sdk/nodejs/kv/getSecretV2.ts index 76ab92286..b9efcb86e 100644 --- a/sdk/nodejs/kv/getSecretV2.ts +++ b/sdk/nodejs/kv/getSecretV2.ts @@ -10,11 +10,8 @@ import * as utilities from "../utilities"; * Use of this resource requires the `read` capability on the given path. */ export function getSecretV2(args: GetSecretV2Args, opts?: pulumi.InvokeOptions): Promise { - if (!opts) { - opts = {} - } - opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invoke("vault:kv/getSecretV2:getSecretV2", { "mount": args.mount, "name": args.name, @@ -96,9 +93,13 @@ export interface GetSecretV2Result { readonly path: string; readonly version?: number; } - +/** + * ## Required Vault Capabilities + * + * Use of this resource requires the `read` capability on the given path. + */ export function getSecretV2Output(args: GetSecretV2OutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { - return pulumi.output(args).apply(a => getSecretV2(a, opts)) + return pulumi.output(args).apply((a: any) => getSecretV2(a, opts)) } /** diff --git a/sdk/nodejs/kv/getSecretsList.ts b/sdk/nodejs/kv/getSecretsList.ts index 70b2bdffe..e0ddd4591 100644 --- a/sdk/nodejs/kv/getSecretsList.ts +++ b/sdk/nodejs/kv/getSecretsList.ts @@ -40,11 +40,8 @@ import * as utilities from "../utilities"; * Use of this resource requires the `read` capability on the given path. */ export function getSecretsList(args: GetSecretsListArgs, opts?: pulumi.InvokeOptions): Promise { - if (!opts) { - opts = {} - } - opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invoke("vault:kv/getSecretsList:getSecretsList", { "namespace": args.namespace, "path": args.path, @@ -83,9 +80,43 @@ export interface GetSecretsListResult { readonly namespace?: string; readonly path: string; } - +/** + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as vault from "@pulumi/vault"; + * + * const kvv1 = new vault.Mount("kvv1", { + * path: "kvv1", + * type: "kv", + * options: { + * version: "1", + * }, + * description: "KV Version 1 secret engine mount", + * }); + * const awsSecret = new vault.kv.Secret("awsSecret", { + * path: pulumi.interpolate`${kvv1.path}/aws-secret`, + * dataJson: JSON.stringify({ + * zip: "zap", + * }), + * }); + * const azureSecret = new vault.kv.Secret("azureSecret", { + * path: pulumi.interpolate`${kvv1.path}/azure-secret`, + * dataJson: JSON.stringify({ + * foo: "bar", + * }), + * }); + * const secrets = vault.kv.getSecretsListOutput({ + * path: kvv1.path, + * }); + * ``` + * ## Required Vault Capabilities + * + * Use of this resource requires the `read` capability on the given path. + */ export function getSecretsListOutput(args: GetSecretsListOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { - return pulumi.output(args).apply(a => getSecretsList(a, opts)) + return pulumi.output(args).apply((a: any) => getSecretsList(a, opts)) } /** diff --git a/sdk/nodejs/kv/getSecretsListV2.ts b/sdk/nodejs/kv/getSecretsListV2.ts index 386bea1d9..2dfc69224 100644 --- a/sdk/nodejs/kv/getSecretsListV2.ts +++ b/sdk/nodejs/kv/getSecretsListV2.ts @@ -50,11 +50,8 @@ import * as utilities from "../utilities"; * Use of this resource requires the `read` capability on the given path. */ export function getSecretsListV2(args: GetSecretsListV2Args, opts?: pulumi.InvokeOptions): Promise { - if (!opts) { - opts = {} - } - opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invoke("vault:kv/getSecretsListV2:getSecretsListV2", { "mount": args.mount, "name": args.name, @@ -106,9 +103,53 @@ export interface GetSecretsListV2Result { */ readonly path: string; } - +/** + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as vault from "@pulumi/vault"; + * + * const kvv2 = new vault.Mount("kvv2", { + * path: "kvv2", + * type: "kv", + * options: { + * version: "2", + * }, + * description: "KV Version 2 secret engine mount", + * }); + * const awsSecret = new vault.kv.SecretV2("awsSecret", { + * mount: kvv2.path, + * dataJson: JSON.stringify({ + * zip: "zap", + * }), + * }); + * const azureSecret = new vault.kv.SecretV2("azureSecret", { + * mount: kvv2.path, + * dataJson: JSON.stringify({ + * foo: "bar", + * }), + * }); + * const nestedSecret = new vault.kv.SecretV2("nestedSecret", { + * mount: kvv2.path, + * dataJson: JSON.stringify({ + * password: "test", + * }), + * }); + * const secrets = vault.kv.getSecretsListV2Output({ + * mount: kvv2.path, + * }); + * const nestedSecrets = kvv2.path.apply(path => vault.kv.getSecretsListV2Output({ + * mount: path, + * name: vault_kv_secret_v2.test_2.name, + * })); + * ``` + * ## Required Vault Capabilities + * + * Use of this resource requires the `read` capability on the given path. + */ export function getSecretsListV2Output(args: GetSecretsListV2OutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { - return pulumi.output(args).apply(a => getSecretsListV2(a, opts)) + return pulumi.output(args).apply((a: any) => getSecretsListV2(a, opts)) } /** diff --git a/sdk/nodejs/kv/index.ts b/sdk/nodejs/kv/index.ts index 135b91264..16749cdfa 100644 --- a/sdk/nodejs/kv/index.ts +++ b/sdk/nodejs/kv/index.ts @@ -8,44 +8,44 @@ import * as utilities from "../utilities"; export { GetSecretArgs, GetSecretResult, GetSecretOutputArgs } from "./getSecret"; export const getSecret: typeof import("./getSecret").getSecret = null as any; export const getSecretOutput: typeof import("./getSecret").getSecretOutput = null as any; +utilities.lazyLoad(exports, ["getSecret","getSecretOutput"], () => require("./getSecret")); export { GetSecretSubkeysV2Args, GetSecretSubkeysV2Result, GetSecretSubkeysV2OutputArgs } from "./getSecretSubkeysV2"; export const getSecretSubkeysV2: typeof import("./getSecretSubkeysV2").getSecretSubkeysV2 = null as any; export const getSecretSubkeysV2Output: typeof import("./getSecretSubkeysV2").getSecretSubkeysV2Output = null as any; +utilities.lazyLoad(exports, ["getSecretSubkeysV2","getSecretSubkeysV2Output"], () => require("./getSecretSubkeysV2")); export { GetSecretV2Args, GetSecretV2Result, GetSecretV2OutputArgs } from "./getSecretV2"; export const getSecretV2: typeof import("./getSecretV2").getSecretV2 = null as any; export const getSecretV2Output: typeof import("./getSecretV2").getSecretV2Output = null as any; +utilities.lazyLoad(exports, ["getSecretV2","getSecretV2Output"], () => require("./getSecretV2")); export { GetSecretsListArgs, GetSecretsListResult, GetSecretsListOutputArgs } from "./getSecretsList"; export const getSecretsList: typeof import("./getSecretsList").getSecretsList = null as any; export const getSecretsListOutput: typeof import("./getSecretsList").getSecretsListOutput = null as any; +utilities.lazyLoad(exports, ["getSecretsList","getSecretsListOutput"], () => require("./getSecretsList")); export { GetSecretsListV2Args, GetSecretsListV2Result, GetSecretsListV2OutputArgs } from "./getSecretsListV2"; export const getSecretsListV2: typeof import("./getSecretsListV2").getSecretsListV2 = null as any; export const getSecretsListV2Output: typeof import("./getSecretsListV2").getSecretsListV2Output = null as any; +utilities.lazyLoad(exports, ["getSecretsListV2","getSecretsListV2Output"], () => require("./getSecretsListV2")); export { SecretArgs, SecretState } from "./secret"; export type Secret = import("./secret").Secret; export const Secret: typeof import("./secret").Secret = null as any; +utilities.lazyLoad(exports, ["Secret"], () => require("./secret")); export { SecretBackendV2Args, SecretBackendV2State } from "./secretBackendV2"; export type SecretBackendV2 = import("./secretBackendV2").SecretBackendV2; export const SecretBackendV2: typeof import("./secretBackendV2").SecretBackendV2 = null as any; +utilities.lazyLoad(exports, ["SecretBackendV2"], () => require("./secretBackendV2")); export { SecretV2Args, SecretV2State } from "./secretV2"; export type SecretV2 = import("./secretV2").SecretV2; export const SecretV2: typeof import("./secretV2").SecretV2 = null as any; - -utilities.lazyLoad(exports, ["getSecret","getSecretOutput"], () => require("./getSecret")); -utilities.lazyLoad(exports, ["getSecretSubkeysV2","getSecretSubkeysV2Output"], () => require("./getSecretSubkeysV2")); -utilities.lazyLoad(exports, ["getSecretV2","getSecretV2Output"], () => require("./getSecretV2")); -utilities.lazyLoad(exports, ["getSecretsList","getSecretsListOutput"], () => require("./getSecretsList")); -utilities.lazyLoad(exports, ["getSecretsListV2","getSecretsListV2Output"], () => require("./getSecretsListV2")); -utilities.lazyLoad(exports, ["Secret"], () => require("./secret")); -utilities.lazyLoad(exports, ["SecretBackendV2"], () => require("./secretBackendV2")); utilities.lazyLoad(exports, ["SecretV2"], () => require("./secretV2")); + const _module = { version: utilities.getVersion(), construct: (name: string, type: string, urn: string): pulumi.Resource => { diff --git a/sdk/nodejs/ldap/authBackend.ts b/sdk/nodejs/ldap/authBackend.ts index d255bdc0e..b61e7093e 100644 --- a/sdk/nodejs/ldap/authBackend.ts +++ b/sdk/nodejs/ldap/authBackend.ts @@ -83,6 +83,9 @@ export class AuthBackend extends pulumi.CustomResource { public readonly certificate!: pulumi.Output; public readonly clientTlsCert!: pulumi.Output; public readonly clientTlsKey!: pulumi.Output; + /** + * Prevents users from bypassing authentication when providing an empty password. + */ public readonly denyNullBind!: pulumi.Output; /** * Description for the LDAP auth backend mount @@ -93,6 +96,9 @@ export class AuthBackend extends pulumi.CustomResource { * See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) */ public readonly disableRemount!: pulumi.Output; + /** + * Use anonymous bind to discover the bind DN of a user. + */ public readonly discoverdn!: pulumi.Output; /** * LDAP attribute to follow on objects returned by groupfilter @@ -188,15 +194,11 @@ export class AuthBackend extends pulumi.CustomResource { */ public readonly tokenTtl!: pulumi.Output; /** - * The type of token that should be generated. Can be `service`, - * `batch`, or `default` to use the mount's tuned default (which unless changed will be - * `service` tokens). For token store roles, there are two additional possibilities: - * `default-service` and `default-batch` which specify the type to return unless the client - * requests a different type at generation time. + * The type of token to generate, service or batch */ public readonly tokenType!: pulumi.Output; /** - * The userPrincipalDomain used to construct UPN string + * The `userPrincipalDomain` used to construct the UPN string for the authenticating user. */ public readonly upndomain!: pulumi.Output; /** @@ -352,6 +354,9 @@ export interface AuthBackendState { certificate?: pulumi.Input; clientTlsCert?: pulumi.Input; clientTlsKey?: pulumi.Input; + /** + * Prevents users from bypassing authentication when providing an empty password. + */ denyNullBind?: pulumi.Input; /** * Description for the LDAP auth backend mount @@ -362,6 +367,9 @@ export interface AuthBackendState { * See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) */ disableRemount?: pulumi.Input; + /** + * Use anonymous bind to discover the bind DN of a user. + */ discoverdn?: pulumi.Input; /** * LDAP attribute to follow on objects returned by groupfilter @@ -457,15 +465,11 @@ export interface AuthBackendState { */ tokenTtl?: pulumi.Input; /** - * The type of token that should be generated. Can be `service`, - * `batch`, or `default` to use the mount's tuned default (which unless changed will be - * `service` tokens). For token store roles, there are two additional possibilities: - * `default-service` and `default-batch` which specify the type to return unless the client - * requests a different type at generation time. + * The type of token to generate, service or batch */ tokenType?: pulumi.Input; /** - * The userPrincipalDomain used to construct UPN string + * The `userPrincipalDomain` used to construct the UPN string for the authenticating user. */ upndomain?: pulumi.Input; /** @@ -516,6 +520,9 @@ export interface AuthBackendArgs { certificate?: pulumi.Input; clientTlsCert?: pulumi.Input; clientTlsKey?: pulumi.Input; + /** + * Prevents users from bypassing authentication when providing an empty password. + */ denyNullBind?: pulumi.Input; /** * Description for the LDAP auth backend mount @@ -526,6 +533,9 @@ export interface AuthBackendArgs { * See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) */ disableRemount?: pulumi.Input; + /** + * Use anonymous bind to discover the bind DN of a user. + */ discoverdn?: pulumi.Input; /** * LDAP attribute to follow on objects returned by groupfilter @@ -621,15 +631,11 @@ export interface AuthBackendArgs { */ tokenTtl?: pulumi.Input; /** - * The type of token that should be generated. Can be `service`, - * `batch`, or `default` to use the mount's tuned default (which unless changed will be - * `service` tokens). For token store roles, there are two additional possibilities: - * `default-service` and `default-batch` which specify the type to return unless the client - * requests a different type at generation time. + * The type of token to generate, service or batch */ tokenType?: pulumi.Input; /** - * The userPrincipalDomain used to construct UPN string + * The `userPrincipalDomain` used to construct the UPN string for the authenticating user. */ upndomain?: pulumi.Input; /** diff --git a/sdk/nodejs/ldap/authBackendGroup.ts b/sdk/nodejs/ldap/authBackendGroup.ts index ee8863797..1a5c4515b 100644 --- a/sdk/nodejs/ldap/authBackendGroup.ts +++ b/sdk/nodejs/ldap/authBackendGroup.ts @@ -68,6 +68,8 @@ export class AuthBackendGroup extends pulumi.CustomResource { /** * Path to the authentication backend + * + * For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). */ public readonly backend!: pulumi.Output; /** @@ -124,6 +126,8 @@ export class AuthBackendGroup extends pulumi.CustomResource { export interface AuthBackendGroupState { /** * Path to the authentication backend + * + * For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). */ backend?: pulumi.Input; /** @@ -149,6 +153,8 @@ export interface AuthBackendGroupState { export interface AuthBackendGroupArgs { /** * Path to the authentication backend + * + * For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). */ backend?: pulumi.Input; /** diff --git a/sdk/nodejs/ldap/authBackendUser.ts b/sdk/nodejs/ldap/authBackendUser.ts index a4aa459b5..5b7b12bba 100644 --- a/sdk/nodejs/ldap/authBackendUser.ts +++ b/sdk/nodejs/ldap/authBackendUser.ts @@ -71,6 +71,8 @@ export class AuthBackendUser extends pulumi.CustomResource { /** * Path to the authentication backend + * + * For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). */ public readonly backend!: pulumi.Output; /** @@ -133,6 +135,8 @@ export class AuthBackendUser extends pulumi.CustomResource { export interface AuthBackendUserState { /** * Path to the authentication backend + * + * For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). */ backend?: pulumi.Input; /** @@ -162,6 +166,8 @@ export interface AuthBackendUserState { export interface AuthBackendUserArgs { /** * Path to the authentication backend + * + * For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). */ backend?: pulumi.Input; /** diff --git a/sdk/nodejs/ldap/getDynamicCredentials.ts b/sdk/nodejs/ldap/getDynamicCredentials.ts new file mode 100644 index 000000000..66a1441bc --- /dev/null +++ b/sdk/nodejs/ldap/getDynamicCredentials.ts @@ -0,0 +1,55 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as utilities from "../utilities"; + +export function getDynamicCredentials(args: GetDynamicCredentialsArgs, opts?: pulumi.InvokeOptions): Promise { + + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); + return pulumi.runtime.invoke("vault:ldap/getDynamicCredentials:getDynamicCredentials", { + "mount": args.mount, + "namespace": args.namespace, + "roleName": args.roleName, + }, opts); +} + +/** + * A collection of arguments for invoking getDynamicCredentials. + */ +export interface GetDynamicCredentialsArgs { + mount: string; + namespace?: string; + roleName: string; +} + +/** + * A collection of values returned by getDynamicCredentials. + */ +export interface GetDynamicCredentialsResult { + readonly distinguishedNames: string[]; + /** + * The provider-assigned unique ID for this managed resource. + */ + readonly id: string; + readonly leaseDuration: number; + readonly leaseId: string; + readonly leaseRenewable: boolean; + readonly mount: string; + readonly namespace?: string; + readonly password: string; + readonly roleName: string; + readonly username: string; +} +export function getDynamicCredentialsOutput(args: GetDynamicCredentialsOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { + return pulumi.output(args).apply((a: any) => getDynamicCredentials(a, opts)) +} + +/** + * A collection of arguments for invoking getDynamicCredentials. + */ +export interface GetDynamicCredentialsOutputArgs { + mount: pulumi.Input; + namespace?: pulumi.Input; + roleName: pulumi.Input; +} diff --git a/sdk/nodejs/ldap/getStaticCredentials.ts b/sdk/nodejs/ldap/getStaticCredentials.ts new file mode 100644 index 000000000..83c08bcc9 --- /dev/null +++ b/sdk/nodejs/ldap/getStaticCredentials.ts @@ -0,0 +1,56 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as utilities from "../utilities"; + +export function getStaticCredentials(args: GetStaticCredentialsArgs, opts?: pulumi.InvokeOptions): Promise { + + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); + return pulumi.runtime.invoke("vault:ldap/getStaticCredentials:getStaticCredentials", { + "mount": args.mount, + "namespace": args.namespace, + "roleName": args.roleName, + }, opts); +} + +/** + * A collection of arguments for invoking getStaticCredentials. + */ +export interface GetStaticCredentialsArgs { + mount: string; + namespace?: string; + roleName: string; +} + +/** + * A collection of values returned by getStaticCredentials. + */ +export interface GetStaticCredentialsResult { + readonly dn: string; + /** + * The provider-assigned unique ID for this managed resource. + */ + readonly id: string; + readonly lastPassword: string; + readonly lastVaultRotation: string; + readonly mount: string; + readonly namespace?: string; + readonly password: string; + readonly roleName: string; + readonly rotationPeriod: number; + readonly ttl: number; + readonly username: string; +} +export function getStaticCredentialsOutput(args: GetStaticCredentialsOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { + return pulumi.output(args).apply((a: any) => getStaticCredentials(a, opts)) +} + +/** + * A collection of arguments for invoking getStaticCredentials. + */ +export interface GetStaticCredentialsOutputArgs { + mount: pulumi.Input; + namespace?: pulumi.Input; + roleName: pulumi.Input; +} diff --git a/sdk/nodejs/ldap/index.ts b/sdk/nodejs/ldap/index.ts index df36e9049..194a2d82f 100644 --- a/sdk/nodejs/ldap/index.ts +++ b/sdk/nodejs/ldap/index.ts @@ -8,39 +8,49 @@ import * as utilities from "../utilities"; export { AuthBackendArgs, AuthBackendState } from "./authBackend"; export type AuthBackend = import("./authBackend").AuthBackend; export const AuthBackend: typeof import("./authBackend").AuthBackend = null as any; +utilities.lazyLoad(exports, ["AuthBackend"], () => require("./authBackend")); export { AuthBackendGroupArgs, AuthBackendGroupState } from "./authBackendGroup"; export type AuthBackendGroup = import("./authBackendGroup").AuthBackendGroup; export const AuthBackendGroup: typeof import("./authBackendGroup").AuthBackendGroup = null as any; +utilities.lazyLoad(exports, ["AuthBackendGroup"], () => require("./authBackendGroup")); export { AuthBackendUserArgs, AuthBackendUserState } from "./authBackendUser"; export type AuthBackendUser = import("./authBackendUser").AuthBackendUser; export const AuthBackendUser: typeof import("./authBackendUser").AuthBackendUser = null as any; +utilities.lazyLoad(exports, ["AuthBackendUser"], () => require("./authBackendUser")); + +export { GetDynamicCredentialsArgs, GetDynamicCredentialsResult, GetDynamicCredentialsOutputArgs } from "./getDynamicCredentials"; +export const getDynamicCredentials: typeof import("./getDynamicCredentials").getDynamicCredentials = null as any; +export const getDynamicCredentialsOutput: typeof import("./getDynamicCredentials").getDynamicCredentialsOutput = null as any; +utilities.lazyLoad(exports, ["getDynamicCredentials","getDynamicCredentialsOutput"], () => require("./getDynamicCredentials")); + +export { GetStaticCredentialsArgs, GetStaticCredentialsResult, GetStaticCredentialsOutputArgs } from "./getStaticCredentials"; +export const getStaticCredentials: typeof import("./getStaticCredentials").getStaticCredentials = null as any; +export const getStaticCredentialsOutput: typeof import("./getStaticCredentials").getStaticCredentialsOutput = null as any; +utilities.lazyLoad(exports, ["getStaticCredentials","getStaticCredentialsOutput"], () => require("./getStaticCredentials")); export { SecretBackendArgs, SecretBackendState } from "./secretBackend"; export type SecretBackend = import("./secretBackend").SecretBackend; export const SecretBackend: typeof import("./secretBackend").SecretBackend = null as any; +utilities.lazyLoad(exports, ["SecretBackend"], () => require("./secretBackend")); export { SecretBackendDynamicRoleArgs, SecretBackendDynamicRoleState } from "./secretBackendDynamicRole"; export type SecretBackendDynamicRole = import("./secretBackendDynamicRole").SecretBackendDynamicRole; export const SecretBackendDynamicRole: typeof import("./secretBackendDynamicRole").SecretBackendDynamicRole = null as any; +utilities.lazyLoad(exports, ["SecretBackendDynamicRole"], () => require("./secretBackendDynamicRole")); export { SecretBackendLibrarySetArgs, SecretBackendLibrarySetState } from "./secretBackendLibrarySet"; export type SecretBackendLibrarySet = import("./secretBackendLibrarySet").SecretBackendLibrarySet; export const SecretBackendLibrarySet: typeof import("./secretBackendLibrarySet").SecretBackendLibrarySet = null as any; +utilities.lazyLoad(exports, ["SecretBackendLibrarySet"], () => require("./secretBackendLibrarySet")); export { SecretBackendStaticRoleArgs, SecretBackendStaticRoleState } from "./secretBackendStaticRole"; export type SecretBackendStaticRole = import("./secretBackendStaticRole").SecretBackendStaticRole; export const SecretBackendStaticRole: typeof import("./secretBackendStaticRole").SecretBackendStaticRole = null as any; - -utilities.lazyLoad(exports, ["AuthBackend"], () => require("./authBackend")); -utilities.lazyLoad(exports, ["AuthBackendGroup"], () => require("./authBackendGroup")); -utilities.lazyLoad(exports, ["AuthBackendUser"], () => require("./authBackendUser")); -utilities.lazyLoad(exports, ["SecretBackend"], () => require("./secretBackend")); -utilities.lazyLoad(exports, ["SecretBackendDynamicRole"], () => require("./secretBackendDynamicRole")); -utilities.lazyLoad(exports, ["SecretBackendLibrarySet"], () => require("./secretBackendLibrarySet")); utilities.lazyLoad(exports, ["SecretBackendStaticRole"], () => require("./secretBackendStaticRole")); + const _module = { version: utilities.getVersion(), construct: (name: string, type: string, urn: string): pulumi.Resource => { diff --git a/sdk/nodejs/managed/index.ts b/sdk/nodejs/managed/index.ts index 34333bee7..f35a220f2 100644 --- a/sdk/nodejs/managed/index.ts +++ b/sdk/nodejs/managed/index.ts @@ -8,9 +8,9 @@ import * as utilities from "../utilities"; export { KeysArgs, KeysState } from "./keys"; export type Keys = import("./keys").Keys; export const Keys: typeof import("./keys").Keys = null as any; - utilities.lazyLoad(exports, ["Keys"], () => require("./keys")); + const _module = { version: utilities.getVersion(), construct: (name: string, type: string, urn: string): pulumi.Resource => { diff --git a/sdk/nodejs/mfaPingid.ts b/sdk/nodejs/mfaPingid.ts index a638a4ed6..20a455e96 100644 --- a/sdk/nodejs/mfaPingid.ts +++ b/sdk/nodejs/mfaPingid.ts @@ -65,15 +65,15 @@ export class MfaPingid extends pulumi.CustomResource { } /** - * Admin URL computed by Vault. + * `(string)` – Admin URL computed by Vault */ public /*out*/ readonly adminUrl!: pulumi.Output; /** - * Authenticator URL computed by Vault. + * `(string)` – Authenticator URL computed by Vault */ public /*out*/ readonly authenticatorUrl!: pulumi.Output; /** - * IDP URL computed by Vault. + * `(string)` – IDP URL computed by Vault */ public /*out*/ readonly idpUrl!: pulumi.Output; /** @@ -93,11 +93,11 @@ export class MfaPingid extends pulumi.CustomResource { */ public readonly namespace!: pulumi.Output; /** - * Namespace ID computed by Vault. + * `(string)` – Namespace ID computed by Vault */ public /*out*/ readonly namespaceId!: pulumi.Output; /** - * Org Alias computed by Vault. + * `(string)` – Org Alias computed by Vault */ public /*out*/ readonly orgAlias!: pulumi.Output; /** @@ -106,11 +106,11 @@ export class MfaPingid extends pulumi.CustomResource { */ public readonly settingsFileBase64!: pulumi.Output; /** - * Type of configuration computed by Vault. + * `(string)` – Type of configuration computed by Vault */ public /*out*/ readonly type!: pulumi.Output; /** - * If set, enables use of PingID signature. Computed by Vault + * `(string)` – If set to true, enables use of PingID signature. Computed by Vault */ public /*out*/ readonly useSignature!: pulumi.Output; /** @@ -180,15 +180,15 @@ export class MfaPingid extends pulumi.CustomResource { */ export interface MfaPingidState { /** - * Admin URL computed by Vault. + * `(string)` – Admin URL computed by Vault */ adminUrl?: pulumi.Input; /** - * Authenticator URL computed by Vault. + * `(string)` – Authenticator URL computed by Vault */ authenticatorUrl?: pulumi.Input; /** - * IDP URL computed by Vault. + * `(string)` – IDP URL computed by Vault */ idpUrl?: pulumi.Input; /** @@ -208,11 +208,11 @@ export interface MfaPingidState { */ namespace?: pulumi.Input; /** - * Namespace ID computed by Vault. + * `(string)` – Namespace ID computed by Vault */ namespaceId?: pulumi.Input; /** - * Org Alias computed by Vault. + * `(string)` – Org Alias computed by Vault */ orgAlias?: pulumi.Input; /** @@ -221,11 +221,11 @@ export interface MfaPingidState { */ settingsFileBase64?: pulumi.Input; /** - * Type of configuration computed by Vault. + * `(string)` – Type of configuration computed by Vault */ type?: pulumi.Input; /** - * If set, enables use of PingID signature. Computed by Vault + * `(string)` – If set to true, enables use of PingID signature. Computed by Vault */ useSignature?: pulumi.Input; /** diff --git a/sdk/nodejs/mfaTotp.ts b/sdk/nodejs/mfaTotp.ts index efa7bcb01..184c04c1a 100644 --- a/sdk/nodejs/mfaTotp.ts +++ b/sdk/nodejs/mfaTotp.ts @@ -15,7 +15,7 @@ import * as utilities from "./utilities"; * import * as pulumi from "@pulumi/pulumi"; * import * as vault from "@pulumi/vault"; * - * const myTotp = new vault.MfaTotp("my_totp", { + * const myTotp = new vault.MfaTotp("myTotp", { * algorithm: "SHA256", * digits: 8, * issuer: "hashicorp", diff --git a/sdk/nodejs/mongodbatlas/index.ts b/sdk/nodejs/mongodbatlas/index.ts index 9e710ed11..7b4995b05 100644 --- a/sdk/nodejs/mongodbatlas/index.ts +++ b/sdk/nodejs/mongodbatlas/index.ts @@ -8,14 +8,14 @@ import * as utilities from "../utilities"; export { SecretBackendArgs, SecretBackendState } from "./secretBackend"; export type SecretBackend = import("./secretBackend").SecretBackend; export const SecretBackend: typeof import("./secretBackend").SecretBackend = null as any; +utilities.lazyLoad(exports, ["SecretBackend"], () => require("./secretBackend")); export { SecretRoleArgs, SecretRoleState } from "./secretRole"; export type SecretRole = import("./secretRole").SecretRole; export const SecretRole: typeof import("./secretRole").SecretRole = null as any; - -utilities.lazyLoad(exports, ["SecretBackend"], () => require("./secretBackend")); utilities.lazyLoad(exports, ["SecretRole"], () => require("./secretRole")); + const _module = { version: utilities.getVersion(), construct: (name: string, type: string, urn: string): pulumi.Resource => { diff --git a/sdk/nodejs/namespace.ts b/sdk/nodejs/namespace.ts index c0d8f605d..d63670d57 100644 --- a/sdk/nodejs/namespace.ts +++ b/sdk/nodejs/namespace.ts @@ -77,6 +77,11 @@ export class Namespace extends pulumi.CustomResource { return obj['__pulumiType'] === Namespace.__pulumiType; } + /** + * Custom metadata describing this namespace. Value type + * is `map[string]string`. Requires Vault version 1.12+. + */ + public readonly customMetadata!: pulumi.Output<{[key: string]: any}>; /** * The namespace to provision the resource in. * The value should not contain leading or trailing forward slashes. @@ -111,6 +116,7 @@ export class Namespace extends pulumi.CustomResource { opts = opts || {}; if (opts.id) { const state = argsOrState as NamespaceState | undefined; + resourceInputs["customMetadata"] = state ? state.customMetadata : undefined; resourceInputs["namespace"] = state ? state.namespace : undefined; resourceInputs["namespaceId"] = state ? state.namespaceId : undefined; resourceInputs["path"] = state ? state.path : undefined; @@ -120,6 +126,7 @@ export class Namespace extends pulumi.CustomResource { if ((!args || args.path === undefined) && !opts.urn) { throw new Error("Missing required property 'path'"); } + resourceInputs["customMetadata"] = args ? args.customMetadata : undefined; resourceInputs["namespace"] = args ? args.namespace : undefined; resourceInputs["path"] = args ? args.path : undefined; resourceInputs["pathFq"] = args ? args.pathFq : undefined; @@ -134,6 +141,11 @@ export class Namespace extends pulumi.CustomResource { * Input properties used for looking up and filtering Namespace resources. */ export interface NamespaceState { + /** + * Custom metadata describing this namespace. Value type + * is `map[string]string`. Requires Vault version 1.12+. + */ + customMetadata?: pulumi.Input<{[key: string]: any}>; /** * The namespace to provision the resource in. * The value should not contain leading or trailing forward slashes. @@ -160,6 +172,11 @@ export interface NamespaceState { * The set of arguments for constructing a Namespace resource. */ export interface NamespaceArgs { + /** + * Custom metadata describing this namespace. Value type + * is `map[string]string`. Requires Vault version 1.12+. + */ + customMetadata?: pulumi.Input<{[key: string]: any}>; /** * The namespace to provision the resource in. * The value should not contain leading or trailing forward slashes. diff --git a/sdk/nodejs/okta/index.ts b/sdk/nodejs/okta/index.ts index c541a1702..2064991db 100644 --- a/sdk/nodejs/okta/index.ts +++ b/sdk/nodejs/okta/index.ts @@ -8,19 +8,19 @@ import * as utilities from "../utilities"; export { AuthBackendArgs, AuthBackendState } from "./authBackend"; export type AuthBackend = import("./authBackend").AuthBackend; export const AuthBackend: typeof import("./authBackend").AuthBackend = null as any; +utilities.lazyLoad(exports, ["AuthBackend"], () => require("./authBackend")); export { AuthBackendGroupArgs, AuthBackendGroupState } from "./authBackendGroup"; export type AuthBackendGroup = import("./authBackendGroup").AuthBackendGroup; export const AuthBackendGroup: typeof import("./authBackendGroup").AuthBackendGroup = null as any; +utilities.lazyLoad(exports, ["AuthBackendGroup"], () => require("./authBackendGroup")); export { AuthBackendUserArgs, AuthBackendUserState } from "./authBackendUser"; export type AuthBackendUser = import("./authBackendUser").AuthBackendUser; export const AuthBackendUser: typeof import("./authBackendUser").AuthBackendUser = null as any; - -utilities.lazyLoad(exports, ["AuthBackend"], () => require("./authBackend")); -utilities.lazyLoad(exports, ["AuthBackendGroup"], () => require("./authBackendGroup")); utilities.lazyLoad(exports, ["AuthBackendUser"], () => require("./authBackendUser")); + const _module = { version: utilities.getVersion(), construct: (name: string, type: string, urn: string): pulumi.Resource => { diff --git a/sdk/nodejs/package.json b/sdk/nodejs/package.json index e3e095829..e7e1cd630 100644 --- a/sdk/nodejs/package.json +++ b/sdk/nodejs/package.json @@ -10,8 +10,7 @@ "repository": "https://github.com/pulumi/pulumi-vault", "license": "Apache-2.0", "scripts": { - "build": "tsc", - "install": "node scripts/install-pulumi-plugin.js resource vault ${VERSION}" + "build": "tsc" }, "dependencies": { "@pulumi/pulumi": "^3.0.0" diff --git a/sdk/nodejs/passwordPolicy.ts b/sdk/nodejs/passwordPolicy.ts index f352481ff..c2a18b8c3 100644 --- a/sdk/nodejs/passwordPolicy.ts +++ b/sdk/nodejs/passwordPolicy.ts @@ -15,13 +15,12 @@ import * as utilities from "./utilities"; * import * as pulumi from "@pulumi/pulumi"; * import * as vault from "@pulumi/vault"; * - * const alphanumeric = new vault.PasswordPolicy("alphanumeric", { - * policy: ` length = 20 + * const alphanumeric = new vault.PasswordPolicy("alphanumeric", {policy: ` length = 20 * rule "charset" { * charset = "abcdefghijklmnopqrstuvwxyz0123456789" * } - * `, - * }); + * + * `}); * ``` * * ## Import diff --git a/sdk/nodejs/pkisecret/getBackendIssuer.ts b/sdk/nodejs/pkisecret/getBackendIssuer.ts new file mode 100644 index 000000000..3477a5025 --- /dev/null +++ b/sdk/nodejs/pkisecret/getBackendIssuer.ts @@ -0,0 +1,108 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as utilities from "../utilities"; + +export function getBackendIssuer(args: GetBackendIssuerArgs, opts?: pulumi.InvokeOptions): Promise { + + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); + return pulumi.runtime.invoke("vault:pkiSecret/getBackendIssuer:getBackendIssuer", { + "backend": args.backend, + "issuerRef": args.issuerRef, + "namespace": args.namespace, + }, opts); +} + +/** + * A collection of arguments for invoking getBackendIssuer. + */ +export interface GetBackendIssuerArgs { + /** + * The path to the PKI secret backend to + * read the issuer from, with no leading or trailing `/`s. + */ + backend: string; + /** + * Reference to an existing issuer. + */ + issuerRef: string; + /** + * The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + */ + namespace?: string; +} + +/** + * A collection of values returned by getBackendIssuer. + */ +export interface GetBackendIssuerResult { + readonly backend: string; + /** + * The CA chain as a list of format specific certificates. + */ + readonly caChains: string[]; + /** + * Certificate associated with this issuer. + */ + readonly certificate: string; + /** + * The provider-assigned unique ID for this managed resource. + */ + readonly id: string; + /** + * ID of the issuer. + */ + readonly issuerId: string; + /** + * Name of the issuer. + */ + readonly issuerName: string; + readonly issuerRef: string; + /** + * ID of the key used by the issuer. + */ + readonly keyId: string; + /** + * Behavior of a leaf's NotAfter field during issuance. + */ + readonly leafNotAfterBehavior: string; + /** + * Chain of issuer references to build this issuer's computed + * CAChain field from, when non-empty. + */ + readonly manualChains: string[]; + readonly namespace?: string; + /** + * Allowed usages for this issuer. + */ + readonly usage: string; +} +export function getBackendIssuerOutput(args: GetBackendIssuerOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { + return pulumi.output(args).apply((a: any) => getBackendIssuer(a, opts)) +} + +/** + * A collection of arguments for invoking getBackendIssuer. + */ +export interface GetBackendIssuerOutputArgs { + /** + * The path to the PKI secret backend to + * read the issuer from, with no leading or trailing `/`s. + */ + backend: pulumi.Input; + /** + * Reference to an existing issuer. + */ + issuerRef: pulumi.Input; + /** + * The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + */ + namespace?: pulumi.Input; +} diff --git a/sdk/nodejs/pkisecret/getBackendIssuers.ts b/sdk/nodejs/pkisecret/getBackendIssuers.ts new file mode 100644 index 000000000..717bbf878 --- /dev/null +++ b/sdk/nodejs/pkisecret/getBackendIssuers.ts @@ -0,0 +1,125 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as utilities from "../utilities"; + +/** + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as vault from "@pulumi/vault"; + * + * const pki = new vault.Mount("pki", { + * path: "pki", + * type: "pki", + * description: "PKI secret engine mount", + * }); + * const root = new vault.pkisecret.SecretBackendRootCert("root", { + * backend: pki.path, + * type: "internal", + * commonName: "example", + * ttl: "86400", + * issuerName: "example", + * }); + * const test = vault.pkiSecret.getBackendIssuersOutput({ + * backend: root.backend, + * }); + * ``` + */ +export function getBackendIssuers(args: GetBackendIssuersArgs, opts?: pulumi.InvokeOptions): Promise { + + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); + return pulumi.runtime.invoke("vault:pkiSecret/getBackendIssuers:getBackendIssuers", { + "backend": args.backend, + "namespace": args.namespace, + }, opts); +} + +/** + * A collection of arguments for invoking getBackendIssuers. + */ +export interface GetBackendIssuersArgs { + /** + * The path to the PKI secret backend to + * read the issuers from, with no leading or trailing `/`s. + */ + backend: string; + /** + * The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + */ + namespace?: string; +} + +/** + * A collection of values returned by getBackendIssuers. + */ +export interface GetBackendIssuersResult { + readonly backend: string; + /** + * The provider-assigned unique ID for this managed resource. + */ + readonly id: string; + /** + * Map of issuer strings read from Vault. + */ + readonly keyInfo: {[key: string]: any}; + /** + * JSON-encoded issuer data read from Vault. + */ + readonly keyInfoJson: string; + /** + * Keys used by issuers under the backend path. + */ + readonly keys: string[]; + readonly namespace?: string; +} +/** + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as vault from "@pulumi/vault"; + * + * const pki = new vault.Mount("pki", { + * path: "pki", + * type: "pki", + * description: "PKI secret engine mount", + * }); + * const root = new vault.pkisecret.SecretBackendRootCert("root", { + * backend: pki.path, + * type: "internal", + * commonName: "example", + * ttl: "86400", + * issuerName: "example", + * }); + * const test = vault.pkiSecret.getBackendIssuersOutput({ + * backend: root.backend, + * }); + * ``` + */ +export function getBackendIssuersOutput(args: GetBackendIssuersOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { + return pulumi.output(args).apply((a: any) => getBackendIssuers(a, opts)) +} + +/** + * A collection of arguments for invoking getBackendIssuers. + */ +export interface GetBackendIssuersOutputArgs { + /** + * The path to the PKI secret backend to + * read the issuers from, with no leading or trailing `/`s. + */ + backend: pulumi.Input; + /** + * The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + */ + namespace?: pulumi.Input; +} diff --git a/sdk/nodejs/pkisecret/getBackendKey.ts b/sdk/nodejs/pkisecret/getBackendKey.ts new file mode 100644 index 000000000..262f6a476 --- /dev/null +++ b/sdk/nodejs/pkisecret/getBackendKey.ts @@ -0,0 +1,137 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as utilities from "../utilities"; + +/** + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as vault from "@pulumi/vault"; + * + * const pki = new vault.Mount("pki", { + * path: "pki", + * type: "pki", + * description: "PKI secret engine mount", + * }); + * const key = new vault.pkisecret.SecretBackendKey("key", { + * backend: pki.path, + * type: "internal", + * keyName: "example", + * keyType: "rsa", + * keyBits: 4096, + * }); + * const example = key.keyId.apply(keyId => vault.pkiSecret.getBackendKeyOutput({ + * backend: vault_mount.key.path, + * keyRef: keyId, + * })); + * ``` + */ +export function getBackendKey(args: GetBackendKeyArgs, opts?: pulumi.InvokeOptions): Promise { + + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); + return pulumi.runtime.invoke("vault:pkiSecret/getBackendKey:getBackendKey", { + "backend": args.backend, + "keyRef": args.keyRef, + "namespace": args.namespace, + }, opts); +} + +/** + * A collection of arguments for invoking getBackendKey. + */ +export interface GetBackendKeyArgs { + /** + * The path to the PKI secret backend to + * read the key from, with no leading or trailing `/`s. + */ + backend: string; + /** + * Reference to an existing key. + */ + keyRef: string; + /** + * The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + */ + namespace?: string; +} + +/** + * A collection of values returned by getBackendKey. + */ +export interface GetBackendKeyResult { + readonly backend: string; + /** + * The provider-assigned unique ID for this managed resource. + */ + readonly id: string; + /** + * ID of the key. + */ + readonly keyId: string; + /** + * Name of the key. + */ + readonly keyName: string; + readonly keyRef: string; + /** + * Type of the key. + */ + readonly keyType: string; + readonly namespace?: string; +} +/** + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as vault from "@pulumi/vault"; + * + * const pki = new vault.Mount("pki", { + * path: "pki", + * type: "pki", + * description: "PKI secret engine mount", + * }); + * const key = new vault.pkisecret.SecretBackendKey("key", { + * backend: pki.path, + * type: "internal", + * keyName: "example", + * keyType: "rsa", + * keyBits: 4096, + * }); + * const example = key.keyId.apply(keyId => vault.pkiSecret.getBackendKeyOutput({ + * backend: vault_mount.key.path, + * keyRef: keyId, + * })); + * ``` + */ +export function getBackendKeyOutput(args: GetBackendKeyOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { + return pulumi.output(args).apply((a: any) => getBackendKey(a, opts)) +} + +/** + * A collection of arguments for invoking getBackendKey. + */ +export interface GetBackendKeyOutputArgs { + /** + * The path to the PKI secret backend to + * read the key from, with no leading or trailing `/`s. + */ + backend: pulumi.Input; + /** + * Reference to an existing key. + */ + keyRef: pulumi.Input; + /** + * The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + */ + namespace?: pulumi.Input; +} diff --git a/sdk/nodejs/pkisecret/getBackendKeys.ts b/sdk/nodejs/pkisecret/getBackendKeys.ts new file mode 100644 index 000000000..19be2cf9b --- /dev/null +++ b/sdk/nodejs/pkisecret/getBackendKeys.ts @@ -0,0 +1,125 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as utilities from "../utilities"; + +/** + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as vault from "@pulumi/vault"; + * + * const pki = new vault.Mount("pki", { + * path: "pki", + * type: "pki", + * description: "PKI secret engine mount", + * }); + * const root = new vault.pkisecret.SecretBackendRootCert("root", { + * backend: pki.path, + * type: "internal", + * commonName: "example", + * ttl: "86400", + * keyName: "example", + * }); + * const example = vault.pkiSecret.getBackendKeysOutput({ + * backend: root.backend, + * }); + * ``` + */ +export function getBackendKeys(args: GetBackendKeysArgs, opts?: pulumi.InvokeOptions): Promise { + + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); + return pulumi.runtime.invoke("vault:pkiSecret/getBackendKeys:getBackendKeys", { + "backend": args.backend, + "namespace": args.namespace, + }, opts); +} + +/** + * A collection of arguments for invoking getBackendKeys. + */ +export interface GetBackendKeysArgs { + /** + * The path to the PKI secret backend to + * read the keys from, with no leading or trailing `/`s. + */ + backend: string; + /** + * The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + */ + namespace?: string; +} + +/** + * A collection of values returned by getBackendKeys. + */ +export interface GetBackendKeysResult { + readonly backend: string; + /** + * The provider-assigned unique ID for this managed resource. + */ + readonly id: string; + /** + * Map of key strings read from Vault. + */ + readonly keyInfo: {[key: string]: any}; + /** + * JSON-encoded key data read from Vault. + */ + readonly keyInfoJson: string; + /** + * Keys used under the backend path. + */ + readonly keys: string[]; + readonly namespace?: string; +} +/** + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as vault from "@pulumi/vault"; + * + * const pki = new vault.Mount("pki", { + * path: "pki", + * type: "pki", + * description: "PKI secret engine mount", + * }); + * const root = new vault.pkisecret.SecretBackendRootCert("root", { + * backend: pki.path, + * type: "internal", + * commonName: "example", + * ttl: "86400", + * keyName: "example", + * }); + * const example = vault.pkiSecret.getBackendKeysOutput({ + * backend: root.backend, + * }); + * ``` + */ +export function getBackendKeysOutput(args: GetBackendKeysOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { + return pulumi.output(args).apply((a: any) => getBackendKeys(a, opts)) +} + +/** + * A collection of arguments for invoking getBackendKeys. + */ +export interface GetBackendKeysOutputArgs { + /** + * The path to the PKI secret backend to + * read the keys from, with no leading or trailing `/`s. + */ + backend: pulumi.Input; + /** + * The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + */ + namespace?: pulumi.Input; +} diff --git a/sdk/nodejs/pkisecret/index.ts b/sdk/nodejs/pkisecret/index.ts index 56b4ae643..a7289b0fd 100644 --- a/sdk/nodejs/pkisecret/index.ts +++ b/sdk/nodejs/pkisecret/index.ts @@ -5,72 +5,92 @@ import * as pulumi from "@pulumi/pulumi"; import * as utilities from "../utilities"; // Export members: +export { GetBackendIssuerArgs, GetBackendIssuerResult, GetBackendIssuerOutputArgs } from "./getBackendIssuer"; +export const getBackendIssuer: typeof import("./getBackendIssuer").getBackendIssuer = null as any; +export const getBackendIssuerOutput: typeof import("./getBackendIssuer").getBackendIssuerOutput = null as any; +utilities.lazyLoad(exports, ["getBackendIssuer","getBackendIssuerOutput"], () => require("./getBackendIssuer")); + +export { GetBackendIssuersArgs, GetBackendIssuersResult, GetBackendIssuersOutputArgs } from "./getBackendIssuers"; +export const getBackendIssuers: typeof import("./getBackendIssuers").getBackendIssuers = null as any; +export const getBackendIssuersOutput: typeof import("./getBackendIssuers").getBackendIssuersOutput = null as any; +utilities.lazyLoad(exports, ["getBackendIssuers","getBackendIssuersOutput"], () => require("./getBackendIssuers")); + +export { GetBackendKeyArgs, GetBackendKeyResult, GetBackendKeyOutputArgs } from "./getBackendKey"; +export const getBackendKey: typeof import("./getBackendKey").getBackendKey = null as any; +export const getBackendKeyOutput: typeof import("./getBackendKey").getBackendKeyOutput = null as any; +utilities.lazyLoad(exports, ["getBackendKey","getBackendKeyOutput"], () => require("./getBackendKey")); + +export { GetBackendKeysArgs, GetBackendKeysResult, GetBackendKeysOutputArgs } from "./getBackendKeys"; +export const getBackendKeys: typeof import("./getBackendKeys").getBackendKeys = null as any; +export const getBackendKeysOutput: typeof import("./getBackendKeys").getBackendKeysOutput = null as any; +utilities.lazyLoad(exports, ["getBackendKeys","getBackendKeysOutput"], () => require("./getBackendKeys")); + export { SecretBackendCertArgs, SecretBackendCertState } from "./secretBackendCert"; export type SecretBackendCert = import("./secretBackendCert").SecretBackendCert; export const SecretBackendCert: typeof import("./secretBackendCert").SecretBackendCert = null as any; +utilities.lazyLoad(exports, ["SecretBackendCert"], () => require("./secretBackendCert")); export { SecretBackendConfigCaArgs, SecretBackendConfigCaState } from "./secretBackendConfigCa"; export type SecretBackendConfigCa = import("./secretBackendConfigCa").SecretBackendConfigCa; export const SecretBackendConfigCa: typeof import("./secretBackendConfigCa").SecretBackendConfigCa = null as any; +utilities.lazyLoad(exports, ["SecretBackendConfigCa"], () => require("./secretBackendConfigCa")); export { SecretBackendConfigIssuersArgs, SecretBackendConfigIssuersState } from "./secretBackendConfigIssuers"; export type SecretBackendConfigIssuers = import("./secretBackendConfigIssuers").SecretBackendConfigIssuers; export const SecretBackendConfigIssuers: typeof import("./secretBackendConfigIssuers").SecretBackendConfigIssuers = null as any; +utilities.lazyLoad(exports, ["SecretBackendConfigIssuers"], () => require("./secretBackendConfigIssuers")); export { SecretBackendConfigUrlsArgs, SecretBackendConfigUrlsState } from "./secretBackendConfigUrls"; export type SecretBackendConfigUrls = import("./secretBackendConfigUrls").SecretBackendConfigUrls; export const SecretBackendConfigUrls: typeof import("./secretBackendConfigUrls").SecretBackendConfigUrls = null as any; +utilities.lazyLoad(exports, ["SecretBackendConfigUrls"], () => require("./secretBackendConfigUrls")); export { SecretBackendCrlConfigArgs, SecretBackendCrlConfigState } from "./secretBackendCrlConfig"; export type SecretBackendCrlConfig = import("./secretBackendCrlConfig").SecretBackendCrlConfig; export const SecretBackendCrlConfig: typeof import("./secretBackendCrlConfig").SecretBackendCrlConfig = null as any; +utilities.lazyLoad(exports, ["SecretBackendCrlConfig"], () => require("./secretBackendCrlConfig")); export { SecretBackendIntermediateCertRequestArgs, SecretBackendIntermediateCertRequestState } from "./secretBackendIntermediateCertRequest"; export type SecretBackendIntermediateCertRequest = import("./secretBackendIntermediateCertRequest").SecretBackendIntermediateCertRequest; export const SecretBackendIntermediateCertRequest: typeof import("./secretBackendIntermediateCertRequest").SecretBackendIntermediateCertRequest = null as any; +utilities.lazyLoad(exports, ["SecretBackendIntermediateCertRequest"], () => require("./secretBackendIntermediateCertRequest")); export { SecretBackendIntermediateSetSignedArgs, SecretBackendIntermediateSetSignedState } from "./secretBackendIntermediateSetSigned"; export type SecretBackendIntermediateSetSigned = import("./secretBackendIntermediateSetSigned").SecretBackendIntermediateSetSigned; export const SecretBackendIntermediateSetSigned: typeof import("./secretBackendIntermediateSetSigned").SecretBackendIntermediateSetSigned = null as any; +utilities.lazyLoad(exports, ["SecretBackendIntermediateSetSigned"], () => require("./secretBackendIntermediateSetSigned")); export { SecretBackendIssuerArgs, SecretBackendIssuerState } from "./secretBackendIssuer"; export type SecretBackendIssuer = import("./secretBackendIssuer").SecretBackendIssuer; export const SecretBackendIssuer: typeof import("./secretBackendIssuer").SecretBackendIssuer = null as any; +utilities.lazyLoad(exports, ["SecretBackendIssuer"], () => require("./secretBackendIssuer")); export { SecretBackendKeyArgs, SecretBackendKeyState } from "./secretBackendKey"; export type SecretBackendKey = import("./secretBackendKey").SecretBackendKey; export const SecretBackendKey: typeof import("./secretBackendKey").SecretBackendKey = null as any; +utilities.lazyLoad(exports, ["SecretBackendKey"], () => require("./secretBackendKey")); export { SecretBackendRoleArgs, SecretBackendRoleState } from "./secretBackendRole"; export type SecretBackendRole = import("./secretBackendRole").SecretBackendRole; export const SecretBackendRole: typeof import("./secretBackendRole").SecretBackendRole = null as any; +utilities.lazyLoad(exports, ["SecretBackendRole"], () => require("./secretBackendRole")); export { SecretBackendRootCertArgs, SecretBackendRootCertState } from "./secretBackendRootCert"; export type SecretBackendRootCert = import("./secretBackendRootCert").SecretBackendRootCert; export const SecretBackendRootCert: typeof import("./secretBackendRootCert").SecretBackendRootCert = null as any; +utilities.lazyLoad(exports, ["SecretBackendRootCert"], () => require("./secretBackendRootCert")); export { SecretBackendRootSignIntermediateArgs, SecretBackendRootSignIntermediateState } from "./secretBackendRootSignIntermediate"; export type SecretBackendRootSignIntermediate = import("./secretBackendRootSignIntermediate").SecretBackendRootSignIntermediate; export const SecretBackendRootSignIntermediate: typeof import("./secretBackendRootSignIntermediate").SecretBackendRootSignIntermediate = null as any; +utilities.lazyLoad(exports, ["SecretBackendRootSignIntermediate"], () => require("./secretBackendRootSignIntermediate")); export { SecretBackendSignArgs, SecretBackendSignState } from "./secretBackendSign"; export type SecretBackendSign = import("./secretBackendSign").SecretBackendSign; export const SecretBackendSign: typeof import("./secretBackendSign").SecretBackendSign = null as any; - -utilities.lazyLoad(exports, ["SecretBackendCert"], () => require("./secretBackendCert")); -utilities.lazyLoad(exports, ["SecretBackendConfigCa"], () => require("./secretBackendConfigCa")); -utilities.lazyLoad(exports, ["SecretBackendConfigIssuers"], () => require("./secretBackendConfigIssuers")); -utilities.lazyLoad(exports, ["SecretBackendConfigUrls"], () => require("./secretBackendConfigUrls")); -utilities.lazyLoad(exports, ["SecretBackendCrlConfig"], () => require("./secretBackendCrlConfig")); -utilities.lazyLoad(exports, ["SecretBackendIntermediateCertRequest"], () => require("./secretBackendIntermediateCertRequest")); -utilities.lazyLoad(exports, ["SecretBackendIntermediateSetSigned"], () => require("./secretBackendIntermediateSetSigned")); -utilities.lazyLoad(exports, ["SecretBackendIssuer"], () => require("./secretBackendIssuer")); -utilities.lazyLoad(exports, ["SecretBackendKey"], () => require("./secretBackendKey")); -utilities.lazyLoad(exports, ["SecretBackendRole"], () => require("./secretBackendRole")); -utilities.lazyLoad(exports, ["SecretBackendRootCert"], () => require("./secretBackendRootCert")); -utilities.lazyLoad(exports, ["SecretBackendRootSignIntermediate"], () => require("./secretBackendRootSignIntermediate")); utilities.lazyLoad(exports, ["SecretBackendSign"], () => require("./secretBackendSign")); + const _module = { version: utilities.getVersion(), construct: (name: string, type: string, urn: string): pulumi.Resource => { diff --git a/sdk/nodejs/pkisecret/secretBackendConfigUrls.ts b/sdk/nodejs/pkisecret/secretBackendConfigUrls.ts index 2b1789c39..21b339627 100644 --- a/sdk/nodejs/pkisecret/secretBackendConfigUrls.ts +++ b/sdk/nodejs/pkisecret/secretBackendConfigUrls.ts @@ -28,11 +28,7 @@ import * as utilities from "../utilities"; * * ## Import * - * The PKI config URLs can be imported using the resource's `id`. - * - * In the case of the example above the `id` would be `pki-root/config/urls`, - * - * where the `pki-root` component is the resource's `backend`, e.g. + * The PKI config URLs can be imported using the resource's `id`. In the case of the example above the `id` would be `pki-root/config/urls`, where the `pki-root` component is the resource's `backend`, e.g. * * ```sh * $ pulumi import vault:pkiSecret/secretBackendConfigUrls:SecretBackendConfigUrls example pki-root/config/urls diff --git a/sdk/nodejs/pkisecret/secretBackendRole.ts b/sdk/nodejs/pkisecret/secretBackendRole.ts index eb7aae063..20d58d497 100644 --- a/sdk/nodejs/pkisecret/secretBackendRole.ts +++ b/sdk/nodejs/pkisecret/secretBackendRole.ts @@ -2,6 +2,8 @@ // *** Do not edit by hand unless you're certain you know what you are doing! *** import * as pulumi from "@pulumi/pulumi"; +import * as inputs from "../types/input"; +import * as outputs from "../types/output"; import * as utilities from "../utilities"; /** @@ -218,6 +220,10 @@ export class SecretBackendRole extends pulumi.CustomResource { * The organization of generated certificates */ public readonly organizations!: pulumi.Output; + /** + * (Vault 1.11+ only) A block for specifying policy identifers. The `policyIdentifier` block can be repeated, and supports the following arguments: + */ + public readonly policyIdentifier!: pulumi.Output; /** * Specify the list of allowed policies OIDs. Use with Vault 1.10 or before. For Vault 1.11+, use `policyIdentifier` blocks instead */ @@ -303,6 +309,7 @@ export class SecretBackendRole extends pulumi.CustomResource { resourceInputs["notBeforeDuration"] = state ? state.notBeforeDuration : undefined; resourceInputs["organizationUnit"] = state ? state.organizationUnit : undefined; resourceInputs["organizations"] = state ? state.organizations : undefined; + resourceInputs["policyIdentifier"] = state ? state.policyIdentifier : undefined; resourceInputs["policyIdentifiers"] = state ? state.policyIdentifiers : undefined; resourceInputs["postalCodes"] = state ? state.postalCodes : undefined; resourceInputs["provinces"] = state ? state.provinces : undefined; @@ -352,6 +359,7 @@ export class SecretBackendRole extends pulumi.CustomResource { resourceInputs["notBeforeDuration"] = args ? args.notBeforeDuration : undefined; resourceInputs["organizationUnit"] = args ? args.organizationUnit : undefined; resourceInputs["organizations"] = args ? args.organizations : undefined; + resourceInputs["policyIdentifier"] = args ? args.policyIdentifier : undefined; resourceInputs["policyIdentifiers"] = args ? args.policyIdentifiers : undefined; resourceInputs["postalCodes"] = args ? args.postalCodes : undefined; resourceInputs["provinces"] = args ? args.provinces : undefined; @@ -520,6 +528,10 @@ export interface SecretBackendRoleState { * The organization of generated certificates */ organizations?: pulumi.Input[]>; + /** + * (Vault 1.11+ only) A block for specifying policy identifers. The `policyIdentifier` block can be repeated, and supports the following arguments: + */ + policyIdentifier?: pulumi.Input[]>; /** * Specify the list of allowed policies OIDs. Use with Vault 1.10 or before. For Vault 1.11+, use `policyIdentifier` blocks instead */ @@ -711,6 +723,10 @@ export interface SecretBackendRoleArgs { * The organization of generated certificates */ organizations?: pulumi.Input[]>; + /** + * (Vault 1.11+ only) A block for specifying policy identifers. The `policyIdentifier` block can be repeated, and supports the following arguments: + */ + policyIdentifier?: pulumi.Input[]>; /** * Specify the list of allowed policies OIDs. Use with Vault 1.10 or before. For Vault 1.11+, use `policyIdentifier` blocks instead */ diff --git a/sdk/nodejs/provider.ts b/sdk/nodejs/provider.ts index 99179aae5..a767e9d99 100644 --- a/sdk/nodejs/provider.ts +++ b/sdk/nodejs/provider.ts @@ -24,7 +24,7 @@ export class Provider extends pulumi.ProviderResource { if (obj === undefined || obj === null) { return false; } - return obj['__pulumiType'] === Provider.__pulumiType; + return obj['__pulumiType'] === "pulumi:providers:" + Provider.__pulumiType; } /** @@ -98,11 +98,12 @@ export class Provider extends pulumi.ProviderResource { resourceInputs["caCertDir"] = args ? args.caCertDir : undefined; resourceInputs["caCertFile"] = args ? args.caCertFile : undefined; resourceInputs["clientAuth"] = pulumi.output(args ? args.clientAuth : undefined).apply(JSON.stringify); - resourceInputs["headers"] = pulumi.output(args ? args.headers : undefined).apply(JSON.stringify); + resourceInputs["headers"] = pulumi.output(args?.headers ? pulumi.secret(args.headers) : undefined).apply(JSON.stringify); resourceInputs["maxLeaseTtlSeconds"] = pulumi.output((args ? args.maxLeaseTtlSeconds : undefined) ?? (utilities.getEnvNumber("TERRAFORM_VAULT_MAX_TTL") || 1200)).apply(JSON.stringify); resourceInputs["maxRetries"] = pulumi.output((args ? args.maxRetries : undefined) ?? (utilities.getEnvNumber("VAULT_MAX_RETRIES") || 2)).apply(JSON.stringify); resourceInputs["maxRetriesCcc"] = pulumi.output(args ? args.maxRetriesCcc : undefined).apply(JSON.stringify); resourceInputs["namespace"] = args ? args.namespace : undefined; + resourceInputs["setNamespaceFromToken"] = pulumi.output(args ? args.setNamespaceFromToken : undefined).apply(JSON.stringify); resourceInputs["skipChildToken"] = pulumi.output(args ? args.skipChildToken : undefined).apply(JSON.stringify); resourceInputs["skipGetVaultVersion"] = pulumi.output(args ? args.skipGetVaultVersion : undefined).apply(JSON.stringify); resourceInputs["skipTlsVerify"] = pulumi.output((args ? args.skipTlsVerify : undefined) ?? utilities.getEnvBoolean("VAULT_SKIP_VERIFY")).apply(JSON.stringify); @@ -210,6 +211,11 @@ export interface ProviderArgs { * The namespace to use. Available only for Vault Enterprise. */ namespace?: pulumi.Input; + /** + * In the case where the Vault token is for a specific namespace and the provider namespace is not configured, use the + * token namespace as the root namespace for all resources. + */ + setNamespaceFromToken?: pulumi.Input; /** * Set this to true to prevent the creation of ephemeral child token used by this provider. */ diff --git a/sdk/nodejs/rabbitmq/index.ts b/sdk/nodejs/rabbitmq/index.ts index 22d985dc1..643bde602 100644 --- a/sdk/nodejs/rabbitmq/index.ts +++ b/sdk/nodejs/rabbitmq/index.ts @@ -8,14 +8,14 @@ import * as utilities from "../utilities"; export { SecretBackendArgs, SecretBackendState } from "./secretBackend"; export type SecretBackend = import("./secretBackend").SecretBackend; export const SecretBackend: typeof import("./secretBackend").SecretBackend = null as any; +utilities.lazyLoad(exports, ["SecretBackend"], () => require("./secretBackend")); export { SecretBackendRoleArgs, SecretBackendRoleState } from "./secretBackendRole"; export type SecretBackendRole = import("./secretBackendRole").SecretBackendRole; export const SecretBackendRole: typeof import("./secretBackendRole").SecretBackendRole = null as any; - -utilities.lazyLoad(exports, ["SecretBackend"], () => require("./secretBackend")); utilities.lazyLoad(exports, ["SecretBackendRole"], () => require("./secretBackendRole")); + const _module = { version: utilities.getVersion(), construct: (name: string, type: string, urn: string): pulumi.Resource => { diff --git a/sdk/nodejs/rabbitmq/secretBackend.ts b/sdk/nodejs/rabbitmq/secretBackend.ts index 4c1ac1669..2be4a0e31 100644 --- a/sdk/nodejs/rabbitmq/secretBackend.ts +++ b/sdk/nodejs/rabbitmq/secretBackend.ts @@ -11,7 +11,7 @@ import * as utilities from "../utilities"; * import * as pulumi from "@pulumi/pulumi"; * import * as vault from "@pulumi/vault"; * - * const rabbitmq = new vault.rabbitMq.SecretBackend("rabbitmq", { + * const rabbitmq = new vault.rabbitmq.SecretBackend("rabbitmq", { * connectionUri: "https://.....", * password: "password", * username: "user", diff --git a/sdk/nodejs/raftSnapshotAgentConfig.ts b/sdk/nodejs/raftSnapshotAgentConfig.ts index 19d662a19..89767b735 100644 --- a/sdk/nodejs/raftSnapshotAgentConfig.ts +++ b/sdk/nodejs/raftSnapshotAgentConfig.ts @@ -11,9 +11,8 @@ import * as utilities from "./utilities"; * import * as pulumi from "@pulumi/pulumi"; * import * as vault from "@pulumi/vault"; * - * const localBackups = new vault.RaftSnapshotAgentConfig("local_backups", { - * intervalSeconds: 86400, // 24h - * // Storage Type Configuration + * const localBackups = new vault.RaftSnapshotAgentConfig("localBackups", { + * intervalSeconds: 86400, * localMaxSpace: 10000000, * pathPrefix: "/opt/vault/snapshots/", * retain: 7, @@ -192,6 +191,10 @@ export class RaftSnapshotAgentConfig extends pulumi.CustomResource { /** * Google service account key in JSON format. * The raw value looks like this: + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * ``` */ public readonly googleServiceAccountKey!: pulumi.Output; /** @@ -419,6 +422,10 @@ export interface RaftSnapshotAgentConfigState { /** * Google service account key in JSON format. * The raw value looks like this: + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * ``` */ googleServiceAccountKey?: pulumi.Input; /** @@ -561,6 +568,10 @@ export interface RaftSnapshotAgentConfigArgs { /** * Google service account key in JSON format. * The raw value looks like this: + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * ``` */ googleServiceAccountKey?: pulumi.Input; /** diff --git a/sdk/nodejs/rgpPolicy.ts b/sdk/nodejs/rgpPolicy.ts index 6b0aff494..2ee535ab6 100644 --- a/sdk/nodejs/rgpPolicy.ts +++ b/sdk/nodejs/rgpPolicy.ts @@ -20,6 +20,7 @@ import * as utilities from "./utilities"; * policy: `main = rule { * true * } + * * `, * }); * ``` diff --git a/sdk/nodejs/saml/authBackend.ts b/sdk/nodejs/saml/authBackend.ts new file mode 100644 index 000000000..bda331b03 --- /dev/null +++ b/sdk/nodejs/saml/authBackend.ts @@ -0,0 +1,288 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as utilities from "../utilities"; + +/** + * Manages a SAML Auth mount in a Vault server. See the [Vault + * documentation](https://www.vaultproject.io/docs/auth/saml/) for more + * information. + * + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as vault from "@pulumi/vault"; + * + * const test = new vault.saml.AuthBackend("test", { + * acsUrls: ["https://my.vault.primary/v1/auth/saml/callback"], + * defaultRole: "admin", + * entityId: "https://my.vault/v1/auth/saml", + * idpMetadataUrl: "https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata", + * path: "saml", + * }); + * ``` + * + * ## Import + * + * SAML authentication mounts can be imported using the `path`, e.g. + * + * ```sh + * $ pulumi import vault:saml/authBackend:AuthBackend example saml + * ``` + */ +export class AuthBackend extends pulumi.CustomResource { + /** + * Get an existing AuthBackend resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state Any extra arguments used during the lookup. + * @param opts Optional settings to control the behavior of the CustomResource. + */ + public static get(name: string, id: pulumi.Input, state?: AuthBackendState, opts?: pulumi.CustomResourceOptions): AuthBackend { + return new AuthBackend(name, state, { ...opts, id: id }); + } + + /** @internal */ + public static readonly __pulumiType = 'vault:saml/authBackend:AuthBackend'; + + /** + * Returns true if the given object is an instance of AuthBackend. This is designed to work even + * when multiple copies of the Pulumi SDK have been loaded into the same process. + */ + public static isInstance(obj: any): obj is AuthBackend { + if (obj === undefined || obj === null) { + return false; + } + return obj['__pulumiType'] === AuthBackend.__pulumiType; + } + + /** + * The well-formatted URLs of your Assertion Consumer Service (ACS) + * that should receive a response from the identity provider. + */ + public readonly acsUrls!: pulumi.Output; + /** + * The role to use if no role is provided during login. + */ + public readonly defaultRole!: pulumi.Output; + /** + * If set to `true`, opts out of mount migration on path updates. + * See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) + */ + public readonly disableRemount!: pulumi.Output; + /** + * The entity ID of the SAML authentication service provider. + */ + public readonly entityId!: pulumi.Output; + /** + * The PEM encoded certificate of the identity provider. Mutually exclusive + * with `idpMetadataUrl`. + */ + public readonly idpCert!: pulumi.Output; + /** + * The entity ID of the identity provider. Mutually exclusive with + * `idpMetadataUrl`. + */ + public readonly idpEntityId!: pulumi.Output; + /** + * The metadata URL of the identity provider. + */ + public readonly idpMetadataUrl!: pulumi.Output; + /** + * The SSO URL of the identity provider. Mutually exclusive with + * `idpMetadataUrl`. + */ + public readonly idpSsoUrl!: pulumi.Output; + /** + * The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + */ + public readonly namespace!: pulumi.Output; + /** + * Path where the auth backend will be mounted. Defaults to `auth/saml` + * if not specified. + */ + public readonly path!: pulumi.Output; + /** + * If set to `true`, logs additional, potentially sensitive + * information during the SAML exchange according to the current logging level. Not + * recommended for production. + */ + public readonly verboseLogging!: pulumi.Output; + + /** + * Create a AuthBackend resource with the given unique name, arguments, and options. + * + * @param name The _unique_ name of the resource. + * @param args The arguments to use to populate this resource's properties. + * @param opts A bag of options that control this resource's behavior. + */ + constructor(name: string, args: AuthBackendArgs, opts?: pulumi.CustomResourceOptions) + constructor(name: string, argsOrState?: AuthBackendArgs | AuthBackendState, opts?: pulumi.CustomResourceOptions) { + let resourceInputs: pulumi.Inputs = {}; + opts = opts || {}; + if (opts.id) { + const state = argsOrState as AuthBackendState | undefined; + resourceInputs["acsUrls"] = state ? state.acsUrls : undefined; + resourceInputs["defaultRole"] = state ? state.defaultRole : undefined; + resourceInputs["disableRemount"] = state ? state.disableRemount : undefined; + resourceInputs["entityId"] = state ? state.entityId : undefined; + resourceInputs["idpCert"] = state ? state.idpCert : undefined; + resourceInputs["idpEntityId"] = state ? state.idpEntityId : undefined; + resourceInputs["idpMetadataUrl"] = state ? state.idpMetadataUrl : undefined; + resourceInputs["idpSsoUrl"] = state ? state.idpSsoUrl : undefined; + resourceInputs["namespace"] = state ? state.namespace : undefined; + resourceInputs["path"] = state ? state.path : undefined; + resourceInputs["verboseLogging"] = state ? state.verboseLogging : undefined; + } else { + const args = argsOrState as AuthBackendArgs | undefined; + if ((!args || args.acsUrls === undefined) && !opts.urn) { + throw new Error("Missing required property 'acsUrls'"); + } + if ((!args || args.entityId === undefined) && !opts.urn) { + throw new Error("Missing required property 'entityId'"); + } + resourceInputs["acsUrls"] = args ? args.acsUrls : undefined; + resourceInputs["defaultRole"] = args ? args.defaultRole : undefined; + resourceInputs["disableRemount"] = args ? args.disableRemount : undefined; + resourceInputs["entityId"] = args ? args.entityId : undefined; + resourceInputs["idpCert"] = args ? args.idpCert : undefined; + resourceInputs["idpEntityId"] = args ? args.idpEntityId : undefined; + resourceInputs["idpMetadataUrl"] = args ? args.idpMetadataUrl : undefined; + resourceInputs["idpSsoUrl"] = args ? args.idpSsoUrl : undefined; + resourceInputs["namespace"] = args ? args.namespace : undefined; + resourceInputs["path"] = args ? args.path : undefined; + resourceInputs["verboseLogging"] = args ? args.verboseLogging : undefined; + } + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + super(AuthBackend.__pulumiType, name, resourceInputs, opts); + } +} + +/** + * Input properties used for looking up and filtering AuthBackend resources. + */ +export interface AuthBackendState { + /** + * The well-formatted URLs of your Assertion Consumer Service (ACS) + * that should receive a response from the identity provider. + */ + acsUrls?: pulumi.Input[]>; + /** + * The role to use if no role is provided during login. + */ + defaultRole?: pulumi.Input; + /** + * If set to `true`, opts out of mount migration on path updates. + * See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) + */ + disableRemount?: pulumi.Input; + /** + * The entity ID of the SAML authentication service provider. + */ + entityId?: pulumi.Input; + /** + * The PEM encoded certificate of the identity provider. Mutually exclusive + * with `idpMetadataUrl`. + */ + idpCert?: pulumi.Input; + /** + * The entity ID of the identity provider. Mutually exclusive with + * `idpMetadataUrl`. + */ + idpEntityId?: pulumi.Input; + /** + * The metadata URL of the identity provider. + */ + idpMetadataUrl?: pulumi.Input; + /** + * The SSO URL of the identity provider. Mutually exclusive with + * `idpMetadataUrl`. + */ + idpSsoUrl?: pulumi.Input; + /** + * The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + */ + namespace?: pulumi.Input; + /** + * Path where the auth backend will be mounted. Defaults to `auth/saml` + * if not specified. + */ + path?: pulumi.Input; + /** + * If set to `true`, logs additional, potentially sensitive + * information during the SAML exchange according to the current logging level. Not + * recommended for production. + */ + verboseLogging?: pulumi.Input; +} + +/** + * The set of arguments for constructing a AuthBackend resource. + */ +export interface AuthBackendArgs { + /** + * The well-formatted URLs of your Assertion Consumer Service (ACS) + * that should receive a response from the identity provider. + */ + acsUrls: pulumi.Input[]>; + /** + * The role to use if no role is provided during login. + */ + defaultRole?: pulumi.Input; + /** + * If set to `true`, opts out of mount migration on path updates. + * See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) + */ + disableRemount?: pulumi.Input; + /** + * The entity ID of the SAML authentication service provider. + */ + entityId: pulumi.Input; + /** + * The PEM encoded certificate of the identity provider. Mutually exclusive + * with `idpMetadataUrl`. + */ + idpCert?: pulumi.Input; + /** + * The entity ID of the identity provider. Mutually exclusive with + * `idpMetadataUrl`. + */ + idpEntityId?: pulumi.Input; + /** + * The metadata URL of the identity provider. + */ + idpMetadataUrl?: pulumi.Input; + /** + * The SSO URL of the identity provider. Mutually exclusive with + * `idpMetadataUrl`. + */ + idpSsoUrl?: pulumi.Input; + /** + * The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + */ + namespace?: pulumi.Input; + /** + * Path where the auth backend will be mounted. Defaults to `auth/saml` + * if not specified. + */ + path?: pulumi.Input; + /** + * If set to `true`, logs additional, potentially sensitive + * information during the SAML exchange according to the current logging level. Not + * recommended for production. + */ + verboseLogging?: pulumi.Input; +} diff --git a/sdk/nodejs/saml/authBackendRole.ts b/sdk/nodejs/saml/authBackendRole.ts new file mode 100644 index 000000000..708adc3ab --- /dev/null +++ b/sdk/nodejs/saml/authBackendRole.ts @@ -0,0 +1,415 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as utilities from "../utilities"; + +/** + * Manages an SAML auth backend role in a Vault server. See the [Vault + * documentation](https://www.vaultproject.io/docs/auth/saml.html) for more + * information. + * + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as vault from "@pulumi/vault"; + * + * const exampleAuthBackend = new vault.saml.AuthBackend("exampleAuthBackend", { + * path: "saml", + * idpMetadataUrl: "https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata", + * entityId: "https://my.vault/v1/auth/saml", + * acsUrls: ["https://my.vault.primary/v1/auth/saml/callback"], + * defaultRole: "default-role", + * }); + * const exampleAuthBackendRole = new vault.saml.AuthBackendRole("exampleAuthBackendRole", { + * path: exampleAuthBackend.path, + * groupsAttribute: "groups", + * boundAttributes: { + * group: "admin", + * }, + * boundSubjects: ["*example.com"], + * tokenPolicies: ["writer"], + * tokenTtl: 86400, + * }); + * ``` + * + * ## Import + * + * SAML authentication backend roles can be imported using the `path`, e.g. + * + * ```sh + * $ pulumi import vault:saml/authBackendRole:AuthBackendRole example auth/saml/role/my-role + * ``` + */ +export class AuthBackendRole extends pulumi.CustomResource { + /** + * Get an existing AuthBackendRole resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state Any extra arguments used during the lookup. + * @param opts Optional settings to control the behavior of the CustomResource. + */ + public static get(name: string, id: pulumi.Input, state?: AuthBackendRoleState, opts?: pulumi.CustomResourceOptions): AuthBackendRole { + return new AuthBackendRole(name, state, { ...opts, id: id }); + } + + /** @internal */ + public static readonly __pulumiType = 'vault:saml/authBackendRole:AuthBackendRole'; + + /** + * Returns true if the given object is an instance of AuthBackendRole. This is designed to work even + * when multiple copies of the Pulumi SDK have been loaded into the same process. + */ + public static isInstance(obj: any): obj is AuthBackendRole { + if (obj === undefined || obj === null) { + return false; + } + return obj['__pulumiType'] === AuthBackendRole.__pulumiType; + } + + /** + * Mapping of attribute names to values that are expected to + * exist in the SAML assertion. + */ + public readonly boundAttributes!: pulumi.Output<{[key: string]: any} | undefined>; + /** + * The type of matching assertion to perform on + * `boundAttributesType`. + */ + public readonly boundAttributesType!: pulumi.Output; + /** + * List of subjects being asserted for SAML authentication. + */ + public readonly boundSubjects!: pulumi.Output; + /** + * The type of matching assertion to perform on `boundSubjects`. + */ + public readonly boundSubjectsType!: pulumi.Output; + /** + * The attribute to use to identify the set of groups to which the + * user belongs. + */ + public readonly groupsAttribute!: pulumi.Output; + /** + * Unique name of the role. + */ + public readonly name!: pulumi.Output; + /** + * The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + */ + public readonly namespace!: pulumi.Output; + /** + * Path where the auth backend is mounted. + */ + public readonly path!: pulumi.Output; + /** + * List of CIDR blocks; if set, specifies blocks of IP + * addresses which can authenticate successfully, and ties the resulting token to these blocks + * as well. + */ + public readonly tokenBoundCidrs!: pulumi.Output; + /** + * If set, will encode an + * [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) + * onto the token in number of seconds. This is a hard cap even if `tokenTtl` and + * `tokenMaxTtl` would otherwise allow a renewal. + */ + public readonly tokenExplicitMaxTtl!: pulumi.Output; + /** + * The maximum lifetime for generated tokens in number of seconds. + * Its current value will be referenced at renewal time. + */ + public readonly tokenMaxTtl!: pulumi.Output; + /** + * If set, the default policy will not be set on + * generated tokens; otherwise it will be added to the policies set in token_policies. + */ + public readonly tokenNoDefaultPolicy!: pulumi.Output; + /** + * The [maximum number](https://developer.hashicorp.com/vault/api-docs/auth/saml#token_num_uses) + * of times a generated token may be used (within its lifetime); 0 means unlimited. + */ + public readonly tokenNumUses!: pulumi.Output; + /** + * If set, indicates that the + * token generated using this role should never expire. The token should be renewed within the + * duration specified by this value. At each renewal, the token's TTL will be set to the + * value of this field. Specified in seconds. + */ + public readonly tokenPeriod!: pulumi.Output; + /** + * List of policies to encode onto generated tokens. Depending + * on the auth method, this list may be supplemented by user/group/other values. + */ + public readonly tokenPolicies!: pulumi.Output; + /** + * The incremental lifetime for generated tokens in number of seconds. + * Its current value will be referenced at renewal time. + */ + public readonly tokenTtl!: pulumi.Output; + /** + * The type of token that should be generated. Can be `service`, + * `batch`, or `default` to use the mount's tuned default (which unless changed will be + * `service` tokens). For token store roles, there are two additional possibilities: + * `default-service` and `default-batch` which specify the type to return unless the client + * requests a different type at generation time. + */ + public readonly tokenType!: pulumi.Output; + + /** + * Create a AuthBackendRole resource with the given unique name, arguments, and options. + * + * @param name The _unique_ name of the resource. + * @param args The arguments to use to populate this resource's properties. + * @param opts A bag of options that control this resource's behavior. + */ + constructor(name: string, args: AuthBackendRoleArgs, opts?: pulumi.CustomResourceOptions) + constructor(name: string, argsOrState?: AuthBackendRoleArgs | AuthBackendRoleState, opts?: pulumi.CustomResourceOptions) { + let resourceInputs: pulumi.Inputs = {}; + opts = opts || {}; + if (opts.id) { + const state = argsOrState as AuthBackendRoleState | undefined; + resourceInputs["boundAttributes"] = state ? state.boundAttributes : undefined; + resourceInputs["boundAttributesType"] = state ? state.boundAttributesType : undefined; + resourceInputs["boundSubjects"] = state ? state.boundSubjects : undefined; + resourceInputs["boundSubjectsType"] = state ? state.boundSubjectsType : undefined; + resourceInputs["groupsAttribute"] = state ? state.groupsAttribute : undefined; + resourceInputs["name"] = state ? state.name : undefined; + resourceInputs["namespace"] = state ? state.namespace : undefined; + resourceInputs["path"] = state ? state.path : undefined; + resourceInputs["tokenBoundCidrs"] = state ? state.tokenBoundCidrs : undefined; + resourceInputs["tokenExplicitMaxTtl"] = state ? state.tokenExplicitMaxTtl : undefined; + resourceInputs["tokenMaxTtl"] = state ? state.tokenMaxTtl : undefined; + resourceInputs["tokenNoDefaultPolicy"] = state ? state.tokenNoDefaultPolicy : undefined; + resourceInputs["tokenNumUses"] = state ? state.tokenNumUses : undefined; + resourceInputs["tokenPeriod"] = state ? state.tokenPeriod : undefined; + resourceInputs["tokenPolicies"] = state ? state.tokenPolicies : undefined; + resourceInputs["tokenTtl"] = state ? state.tokenTtl : undefined; + resourceInputs["tokenType"] = state ? state.tokenType : undefined; + } else { + const args = argsOrState as AuthBackendRoleArgs | undefined; + if ((!args || args.path === undefined) && !opts.urn) { + throw new Error("Missing required property 'path'"); + } + resourceInputs["boundAttributes"] = args ? args.boundAttributes : undefined; + resourceInputs["boundAttributesType"] = args ? args.boundAttributesType : undefined; + resourceInputs["boundSubjects"] = args ? args.boundSubjects : undefined; + resourceInputs["boundSubjectsType"] = args ? args.boundSubjectsType : undefined; + resourceInputs["groupsAttribute"] = args ? args.groupsAttribute : undefined; + resourceInputs["name"] = args ? args.name : undefined; + resourceInputs["namespace"] = args ? args.namespace : undefined; + resourceInputs["path"] = args ? args.path : undefined; + resourceInputs["tokenBoundCidrs"] = args ? args.tokenBoundCidrs : undefined; + resourceInputs["tokenExplicitMaxTtl"] = args ? args.tokenExplicitMaxTtl : undefined; + resourceInputs["tokenMaxTtl"] = args ? args.tokenMaxTtl : undefined; + resourceInputs["tokenNoDefaultPolicy"] = args ? args.tokenNoDefaultPolicy : undefined; + resourceInputs["tokenNumUses"] = args ? args.tokenNumUses : undefined; + resourceInputs["tokenPeriod"] = args ? args.tokenPeriod : undefined; + resourceInputs["tokenPolicies"] = args ? args.tokenPolicies : undefined; + resourceInputs["tokenTtl"] = args ? args.tokenTtl : undefined; + resourceInputs["tokenType"] = args ? args.tokenType : undefined; + } + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + super(AuthBackendRole.__pulumiType, name, resourceInputs, opts); + } +} + +/** + * Input properties used for looking up and filtering AuthBackendRole resources. + */ +export interface AuthBackendRoleState { + /** + * Mapping of attribute names to values that are expected to + * exist in the SAML assertion. + */ + boundAttributes?: pulumi.Input<{[key: string]: any}>; + /** + * The type of matching assertion to perform on + * `boundAttributesType`. + */ + boundAttributesType?: pulumi.Input; + /** + * List of subjects being asserted for SAML authentication. + */ + boundSubjects?: pulumi.Input[]>; + /** + * The type of matching assertion to perform on `boundSubjects`. + */ + boundSubjectsType?: pulumi.Input; + /** + * The attribute to use to identify the set of groups to which the + * user belongs. + */ + groupsAttribute?: pulumi.Input; + /** + * Unique name of the role. + */ + name?: pulumi.Input; + /** + * The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + */ + namespace?: pulumi.Input; + /** + * Path where the auth backend is mounted. + */ + path?: pulumi.Input; + /** + * List of CIDR blocks; if set, specifies blocks of IP + * addresses which can authenticate successfully, and ties the resulting token to these blocks + * as well. + */ + tokenBoundCidrs?: pulumi.Input[]>; + /** + * If set, will encode an + * [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) + * onto the token in number of seconds. This is a hard cap even if `tokenTtl` and + * `tokenMaxTtl` would otherwise allow a renewal. + */ + tokenExplicitMaxTtl?: pulumi.Input; + /** + * The maximum lifetime for generated tokens in number of seconds. + * Its current value will be referenced at renewal time. + */ + tokenMaxTtl?: pulumi.Input; + /** + * If set, the default policy will not be set on + * generated tokens; otherwise it will be added to the policies set in token_policies. + */ + tokenNoDefaultPolicy?: pulumi.Input; + /** + * The [maximum number](https://developer.hashicorp.com/vault/api-docs/auth/saml#token_num_uses) + * of times a generated token may be used (within its lifetime); 0 means unlimited. + */ + tokenNumUses?: pulumi.Input; + /** + * If set, indicates that the + * token generated using this role should never expire. The token should be renewed within the + * duration specified by this value. At each renewal, the token's TTL will be set to the + * value of this field. Specified in seconds. + */ + tokenPeriod?: pulumi.Input; + /** + * List of policies to encode onto generated tokens. Depending + * on the auth method, this list may be supplemented by user/group/other values. + */ + tokenPolicies?: pulumi.Input[]>; + /** + * The incremental lifetime for generated tokens in number of seconds. + * Its current value will be referenced at renewal time. + */ + tokenTtl?: pulumi.Input; + /** + * The type of token that should be generated. Can be `service`, + * `batch`, or `default` to use the mount's tuned default (which unless changed will be + * `service` tokens). For token store roles, there are two additional possibilities: + * `default-service` and `default-batch` which specify the type to return unless the client + * requests a different type at generation time. + */ + tokenType?: pulumi.Input; +} + +/** + * The set of arguments for constructing a AuthBackendRole resource. + */ +export interface AuthBackendRoleArgs { + /** + * Mapping of attribute names to values that are expected to + * exist in the SAML assertion. + */ + boundAttributes?: pulumi.Input<{[key: string]: any}>; + /** + * The type of matching assertion to perform on + * `boundAttributesType`. + */ + boundAttributesType?: pulumi.Input; + /** + * List of subjects being asserted for SAML authentication. + */ + boundSubjects?: pulumi.Input[]>; + /** + * The type of matching assertion to perform on `boundSubjects`. + */ + boundSubjectsType?: pulumi.Input; + /** + * The attribute to use to identify the set of groups to which the + * user belongs. + */ + groupsAttribute?: pulumi.Input; + /** + * Unique name of the role. + */ + name?: pulumi.Input; + /** + * The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + */ + namespace?: pulumi.Input; + /** + * Path where the auth backend is mounted. + */ + path: pulumi.Input; + /** + * List of CIDR blocks; if set, specifies blocks of IP + * addresses which can authenticate successfully, and ties the resulting token to these blocks + * as well. + */ + tokenBoundCidrs?: pulumi.Input[]>; + /** + * If set, will encode an + * [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) + * onto the token in number of seconds. This is a hard cap even if `tokenTtl` and + * `tokenMaxTtl` would otherwise allow a renewal. + */ + tokenExplicitMaxTtl?: pulumi.Input; + /** + * The maximum lifetime for generated tokens in number of seconds. + * Its current value will be referenced at renewal time. + */ + tokenMaxTtl?: pulumi.Input; + /** + * If set, the default policy will not be set on + * generated tokens; otherwise it will be added to the policies set in token_policies. + */ + tokenNoDefaultPolicy?: pulumi.Input; + /** + * The [maximum number](https://developer.hashicorp.com/vault/api-docs/auth/saml#token_num_uses) + * of times a generated token may be used (within its lifetime); 0 means unlimited. + */ + tokenNumUses?: pulumi.Input; + /** + * If set, indicates that the + * token generated using this role should never expire. The token should be renewed within the + * duration specified by this value. At each renewal, the token's TTL will be set to the + * value of this field. Specified in seconds. + */ + tokenPeriod?: pulumi.Input; + /** + * List of policies to encode onto generated tokens. Depending + * on the auth method, this list may be supplemented by user/group/other values. + */ + tokenPolicies?: pulumi.Input[]>; + /** + * The incremental lifetime for generated tokens in number of seconds. + * Its current value will be referenced at renewal time. + */ + tokenTtl?: pulumi.Input; + /** + * The type of token that should be generated. Can be `service`, + * `batch`, or `default` to use the mount's tuned default (which unless changed will be + * `service` tokens). For token store roles, there are two additional possibilities: + * `default-service` and `default-batch` which specify the type to return unless the client + * requests a different type at generation time. + */ + tokenType?: pulumi.Input; +} diff --git a/sdk/nodejs/saml/index.ts b/sdk/nodejs/saml/index.ts new file mode 100644 index 000000000..8d2cb8a26 --- /dev/null +++ b/sdk/nodejs/saml/index.ts @@ -0,0 +1,33 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as utilities from "../utilities"; + +// Export members: +export { AuthBackendArgs, AuthBackendState } from "./authBackend"; +export type AuthBackend = import("./authBackend").AuthBackend; +export const AuthBackend: typeof import("./authBackend").AuthBackend = null as any; +utilities.lazyLoad(exports, ["AuthBackend"], () => require("./authBackend")); + +export { AuthBackendRoleArgs, AuthBackendRoleState } from "./authBackendRole"; +export type AuthBackendRole = import("./authBackendRole").AuthBackendRole; +export const AuthBackendRole: typeof import("./authBackendRole").AuthBackendRole = null as any; +utilities.lazyLoad(exports, ["AuthBackendRole"], () => require("./authBackendRole")); + + +const _module = { + version: utilities.getVersion(), + construct: (name: string, type: string, urn: string): pulumi.Resource => { + switch (type) { + case "vault:saml/authBackend:AuthBackend": + return new AuthBackend(name, undefined, { urn }) + case "vault:saml/authBackendRole:AuthBackendRole": + return new AuthBackendRole(name, undefined, { urn }) + default: + throw new Error(`unknown resource type ${type}`); + } + }, +}; +pulumi.runtime.registerResourceModule("vault", "saml/authBackend", _module) +pulumi.runtime.registerResourceModule("vault", "saml/authBackendRole", _module) diff --git a/sdk/nodejs/scripts/install-pulumi-plugin.js b/sdk/nodejs/scripts/install-pulumi-plugin.js deleted file mode 100644 index fefc6e0eb..000000000 --- a/sdk/nodejs/scripts/install-pulumi-plugin.js +++ /dev/null @@ -1,26 +0,0 @@ -"use strict"; -var childProcess = require("child_process"); - -var args = process.argv.slice(2); - -if (args.indexOf("${VERSION}") !== -1) { - process.exit(0); -} - -var res = childProcess.spawnSync("pulumi", ["plugin", "install"].concat(args), { - stdio: ["ignore", "inherit", "inherit"] -}); - -if (res.error && res.error.code === "ENOENT") { - console.error("\nThere was an error installing the resource provider plugin. " + - "It looks like `pulumi` is not installed on your system. " + - "Please visit https://pulumi.com/ to install the Pulumi CLI.\n" + - "You may try manually installing the plugin by running " + - "`pulumi plugin install " + args.join(" ") + "`"); -} else if (res.error || res.status !== 0) { - console.error("\nThere was an error installing the resource provider plugin. " + - "You may try to manually installing the plugin by running " + - "`pulumi plugin install " + args.join(" ") + "`"); -} - -process.exit(0); diff --git a/sdk/nodejs/ssh/index.ts b/sdk/nodejs/ssh/index.ts index e23dfe240..ae846f045 100644 --- a/sdk/nodejs/ssh/index.ts +++ b/sdk/nodejs/ssh/index.ts @@ -8,14 +8,14 @@ import * as utilities from "../utilities"; export { SecretBackendCaArgs, SecretBackendCaState } from "./secretBackendCa"; export type SecretBackendCa = import("./secretBackendCa").SecretBackendCa; export const SecretBackendCa: typeof import("./secretBackendCa").SecretBackendCa = null as any; +utilities.lazyLoad(exports, ["SecretBackendCa"], () => require("./secretBackendCa")); export { SecretBackendRoleArgs, SecretBackendRoleState } from "./secretBackendRole"; export type SecretBackendRole = import("./secretBackendRole").SecretBackendRole; export const SecretBackendRole: typeof import("./secretBackendRole").SecretBackendRole = null as any; - -utilities.lazyLoad(exports, ["SecretBackendCa"], () => require("./secretBackendCa")); utilities.lazyLoad(exports, ["SecretBackendRole"], () => require("./secretBackendRole")); + const _module = { version: utilities.getVersion(), construct: (name: string, type: string, urn: string): pulumi.Resource => { diff --git a/sdk/nodejs/ssh/secretBackendCa.ts b/sdk/nodejs/ssh/secretBackendCa.ts index 6bc32342d..a94ba4b90 100644 --- a/sdk/nodejs/ssh/secretBackendCa.ts +++ b/sdk/nodejs/ssh/secretBackendCa.ts @@ -70,7 +70,7 @@ export class SecretBackendCa extends pulumi.CustomResource { */ public readonly namespace!: pulumi.Output; /** - * The private key part the SSH CA key pair; required if generateSigningKey is false. + * Private key part the SSH CA key pair; required if generate_signing_key is false. */ public readonly privateKey!: pulumi.Output; /** @@ -131,7 +131,7 @@ export interface SecretBackendCaState { */ namespace?: pulumi.Input; /** - * The private key part the SSH CA key pair; required if generateSigningKey is false. + * Private key part the SSH CA key pair; required if generate_signing_key is false. */ privateKey?: pulumi.Input; /** @@ -160,7 +160,7 @@ export interface SecretBackendCaArgs { */ namespace?: pulumi.Input; /** - * The private key part the SSH CA key pair; required if generateSigningKey is false. + * Private key part the SSH CA key pair; required if generate_signing_key is false. */ privateKey?: pulumi.Input; /** diff --git a/sdk/nodejs/terraformcloud/index.ts b/sdk/nodejs/terraformcloud/index.ts index 526b844e7..51583afd1 100644 --- a/sdk/nodejs/terraformcloud/index.ts +++ b/sdk/nodejs/terraformcloud/index.ts @@ -8,19 +8,19 @@ import * as utilities from "../utilities"; export { SecretBackendArgs, SecretBackendState } from "./secretBackend"; export type SecretBackend = import("./secretBackend").SecretBackend; export const SecretBackend: typeof import("./secretBackend").SecretBackend = null as any; +utilities.lazyLoad(exports, ["SecretBackend"], () => require("./secretBackend")); export { SecretCredsArgs, SecretCredsState } from "./secretCreds"; export type SecretCreds = import("./secretCreds").SecretCreds; export const SecretCreds: typeof import("./secretCreds").SecretCreds = null as any; +utilities.lazyLoad(exports, ["SecretCreds"], () => require("./secretCreds")); export { SecretRoleArgs, SecretRoleState } from "./secretRole"; export type SecretRole = import("./secretRole").SecretRole; export const SecretRole: typeof import("./secretRole").SecretRole = null as any; - -utilities.lazyLoad(exports, ["SecretBackend"], () => require("./secretBackend")); -utilities.lazyLoad(exports, ["SecretCreds"], () => require("./secretCreds")); utilities.lazyLoad(exports, ["SecretRole"], () => require("./secretRole")); + const _module = { version: utilities.getVersion(), construct: (name: string, type: string, urn: string): pulumi.Resource => { diff --git a/sdk/nodejs/tokenauth/authBackendRole.ts b/sdk/nodejs/tokenauth/authBackendRole.ts index 3909bd799..f2a2ddc2e 100644 --- a/sdk/nodejs/tokenauth/authBackendRole.ts +++ b/sdk/nodejs/tokenauth/authBackendRole.ts @@ -100,6 +100,8 @@ export class AuthBackendRole extends pulumi.CustomResource { public readonly orphan!: pulumi.Output; /** * Tokens created against this role will have the given suffix as part of their path in addition to the role name. + * + * > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked. */ public readonly pathSuffix!: pulumi.Output; /** @@ -262,6 +264,8 @@ export interface AuthBackendRoleState { orphan?: pulumi.Input; /** * Tokens created against this role will have the given suffix as part of their path in addition to the role name. + * + * > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked. */ pathSuffix?: pulumi.Input; /** @@ -363,6 +367,8 @@ export interface AuthBackendRoleArgs { orphan?: pulumi.Input; /** * Tokens created against this role will have the given suffix as part of their path in addition to the role name. + * + * > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked. */ pathSuffix?: pulumi.Input; /** diff --git a/sdk/nodejs/tokenauth/index.ts b/sdk/nodejs/tokenauth/index.ts index d4aa27cfe..991b7184a 100644 --- a/sdk/nodejs/tokenauth/index.ts +++ b/sdk/nodejs/tokenauth/index.ts @@ -8,9 +8,9 @@ import * as utilities from "../utilities"; export { AuthBackendRoleArgs, AuthBackendRoleState } from "./authBackendRole"; export type AuthBackendRole = import("./authBackendRole").AuthBackendRole; export const AuthBackendRole: typeof import("./authBackendRole").AuthBackendRole = null as any; - utilities.lazyLoad(exports, ["AuthBackendRole"], () => require("./authBackendRole")); + const _module = { version: utilities.getVersion(), construct: (name: string, type: string, urn: string): pulumi.Resource => { diff --git a/sdk/nodejs/transform/alphabet.ts b/sdk/nodejs/transform/alphabet.ts index aaf255827..6198fdec6 100644 --- a/sdk/nodejs/transform/alphabet.ts +++ b/sdk/nodejs/transform/alphabet.ts @@ -61,6 +61,13 @@ export class Alphabet extends pulumi.CustomResource { * The name of the alphabet. */ public readonly name!: pulumi.Output; + /** + * The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + */ + public readonly namespace!: pulumi.Output; /** * Path to where the back-end is mounted within Vault. */ @@ -81,6 +88,7 @@ export class Alphabet extends pulumi.CustomResource { const state = argsOrState as AlphabetState | undefined; resourceInputs["alphabet"] = state ? state.alphabet : undefined; resourceInputs["name"] = state ? state.name : undefined; + resourceInputs["namespace"] = state ? state.namespace : undefined; resourceInputs["path"] = state ? state.path : undefined; } else { const args = argsOrState as AlphabetArgs | undefined; @@ -89,6 +97,7 @@ export class Alphabet extends pulumi.CustomResource { } resourceInputs["alphabet"] = args ? args.alphabet : undefined; resourceInputs["name"] = args ? args.name : undefined; + resourceInputs["namespace"] = args ? args.namespace : undefined; resourceInputs["path"] = args ? args.path : undefined; } opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); @@ -108,6 +117,13 @@ export interface AlphabetState { * The name of the alphabet. */ name?: pulumi.Input; + /** + * The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + */ + namespace?: pulumi.Input; /** * Path to where the back-end is mounted within Vault. */ @@ -126,6 +142,13 @@ export interface AlphabetArgs { * The name of the alphabet. */ name?: pulumi.Input; + /** + * The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + */ + namespace?: pulumi.Input; /** * Path to where the back-end is mounted within Vault. */ diff --git a/sdk/nodejs/transform/getDecode.ts b/sdk/nodejs/transform/getDecode.ts index 27ab358ff..9677e931c 100644 --- a/sdk/nodejs/transform/getDecode.ts +++ b/sdk/nodejs/transform/getDecode.ts @@ -8,17 +8,43 @@ import * as utilities from "../utilities"; * This data source supports the "/transform/decode/{role_name}" Vault endpoint. * * It decodes the provided value using a named role. + * + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as vault from "@pulumi/vault"; + * + * const transform = new vault.Mount("transform", { + * path: "transform", + * type: "transform", + * }); + * const ccn_fpe = new vault.transform.Transformation("ccn-fpe", { + * path: transform.path, + * type: "fpe", + * template: "builtin/creditcardnumber", + * tweakSource: "internal", + * allowedRoles: ["payments"], + * }); + * const payments = new vault.transform.Role("payments", { + * path: ccn_fpe.path, + * transformations: ["ccn-fpe"], + * }); + * const test = vault.transform.getDecodeOutput({ + * path: payments.path, + * roleName: "payments", + * value: "9300-3376-4943-8903", + * }); + * ``` */ export function getDecode(args: GetDecodeArgs, opts?: pulumi.InvokeOptions): Promise { - if (!opts) { - opts = {} - } - opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invoke("vault:transform/getDecode:getDecode", { "batchInputs": args.batchInputs, "batchResults": args.batchResults, "decodedValue": args.decodedValue, + "namespace": args.namespace, "path": args.path, "roleName": args.roleName, "transformation": args.transformation, @@ -43,6 +69,13 @@ export interface GetDecodeArgs { * The result of decoding a value. */ decodedValue?: string; + /** + * The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + */ + namespace?: string; /** * Path to where the back-end is mounted within Vault. */ @@ -76,15 +109,48 @@ export interface GetDecodeResult { * The provider-assigned unique ID for this managed resource. */ readonly id: string; + readonly namespace?: string; readonly path: string; readonly roleName: string; readonly transformation?: string; readonly tweak?: string; readonly value?: string; } - +/** + * This data source supports the "/transform/decode/{role_name}" Vault endpoint. + * + * It decodes the provided value using a named role. + * + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as vault from "@pulumi/vault"; + * + * const transform = new vault.Mount("transform", { + * path: "transform", + * type: "transform", + * }); + * const ccn_fpe = new vault.transform.Transformation("ccn-fpe", { + * path: transform.path, + * type: "fpe", + * template: "builtin/creditcardnumber", + * tweakSource: "internal", + * allowedRoles: ["payments"], + * }); + * const payments = new vault.transform.Role("payments", { + * path: ccn_fpe.path, + * transformations: ["ccn-fpe"], + * }); + * const test = vault.transform.getDecodeOutput({ + * path: payments.path, + * roleName: "payments", + * value: "9300-3376-4943-8903", + * }); + * ``` + */ export function getDecodeOutput(args: GetDecodeOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { - return pulumi.output(args).apply(a => getDecode(a, opts)) + return pulumi.output(args).apply((a: any) => getDecode(a, opts)) } /** @@ -103,6 +169,13 @@ export interface GetDecodeOutputArgs { * The result of decoding a value. */ decodedValue?: pulumi.Input; + /** + * The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + */ + namespace?: pulumi.Input; /** * Path to where the back-end is mounted within Vault. */ diff --git a/sdk/nodejs/transform/getEncode.ts b/sdk/nodejs/transform/getEncode.ts index cbfe781ea..e7eacbc2c 100644 --- a/sdk/nodejs/transform/getEncode.ts +++ b/sdk/nodejs/transform/getEncode.ts @@ -8,17 +8,45 @@ import * as utilities from "../utilities"; * This data source supports the "/transform/encode/{role_name}" Vault endpoint. * * It encodes the provided value using a named role. + * + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as vault from "@pulumi/vault"; + * + * const transform = new vault.Mount("transform", { + * path: "transform", + * type: "transform", + * }); + * const ccn_fpe = new vault.transform.Transformation("ccn-fpe", { + * path: transform.path, + * type: "fpe", + * template: "builtin/creditcardnumber", + * tweakSource: "internal", + * allowedRoles: ["payments"], + * }); + * const payments = new vault.transform.Role("payments", { + * path: ccn_fpe.path, + * transformations: ["ccn-fpe"], + * }); + * const test = vault.transform.getEncodeOutput({ + * path: payments.path, + * roleName: "payments", + * batchInputs: [{ + * value: "1111-2222-3333-4444", + * }], + * }); + * ``` */ export function getEncode(args: GetEncodeArgs, opts?: pulumi.InvokeOptions): Promise { - if (!opts) { - opts = {} - } - opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invoke("vault:transform/getEncode:getEncode", { "batchInputs": args.batchInputs, "batchResults": args.batchResults, "encodedValue": args.encodedValue, + "namespace": args.namespace, "path": args.path, "roleName": args.roleName, "transformation": args.transformation, @@ -43,6 +71,13 @@ export interface GetEncodeArgs { * The result of encoding a value. */ encodedValue?: string; + /** + * The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + */ + namespace?: string; /** * Path to where the back-end is mounted within Vault. */ @@ -76,15 +111,50 @@ export interface GetEncodeResult { * The provider-assigned unique ID for this managed resource. */ readonly id: string; + readonly namespace?: string; readonly path: string; readonly roleName: string; readonly transformation?: string; readonly tweak?: string; readonly value?: string; } - +/** + * This data source supports the "/transform/encode/{role_name}" Vault endpoint. + * + * It encodes the provided value using a named role. + * + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as vault from "@pulumi/vault"; + * + * const transform = new vault.Mount("transform", { + * path: "transform", + * type: "transform", + * }); + * const ccn_fpe = new vault.transform.Transformation("ccn-fpe", { + * path: transform.path, + * type: "fpe", + * template: "builtin/creditcardnumber", + * tweakSource: "internal", + * allowedRoles: ["payments"], + * }); + * const payments = new vault.transform.Role("payments", { + * path: ccn_fpe.path, + * transformations: ["ccn-fpe"], + * }); + * const test = vault.transform.getEncodeOutput({ + * path: payments.path, + * roleName: "payments", + * batchInputs: [{ + * value: "1111-2222-3333-4444", + * }], + * }); + * ``` + */ export function getEncodeOutput(args: GetEncodeOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { - return pulumi.output(args).apply(a => getEncode(a, opts)) + return pulumi.output(args).apply((a: any) => getEncode(a, opts)) } /** @@ -103,6 +173,13 @@ export interface GetEncodeOutputArgs { * The result of encoding a value. */ encodedValue?: pulumi.Input; + /** + * The namespace of the target resource. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + */ + namespace?: pulumi.Input; /** * Path to where the back-end is mounted within Vault. */ diff --git a/sdk/nodejs/transform/index.ts b/sdk/nodejs/transform/index.ts index 0b064aea8..d5db7f8f6 100644 --- a/sdk/nodejs/transform/index.ts +++ b/sdk/nodejs/transform/index.ts @@ -8,34 +8,34 @@ import * as utilities from "../utilities"; export { AlphabetArgs, AlphabetState } from "./alphabet"; export type Alphabet = import("./alphabet").Alphabet; export const Alphabet: typeof import("./alphabet").Alphabet = null as any; +utilities.lazyLoad(exports, ["Alphabet"], () => require("./alphabet")); export { GetDecodeArgs, GetDecodeResult, GetDecodeOutputArgs } from "./getDecode"; export const getDecode: typeof import("./getDecode").getDecode = null as any; export const getDecodeOutput: typeof import("./getDecode").getDecodeOutput = null as any; +utilities.lazyLoad(exports, ["getDecode","getDecodeOutput"], () => require("./getDecode")); export { GetEncodeArgs, GetEncodeResult, GetEncodeOutputArgs } from "./getEncode"; export const getEncode: typeof import("./getEncode").getEncode = null as any; export const getEncodeOutput: typeof import("./getEncode").getEncodeOutput = null as any; +utilities.lazyLoad(exports, ["getEncode","getEncodeOutput"], () => require("./getEncode")); export { RoleArgs, RoleState } from "./role"; export type Role = import("./role").Role; export const Role: typeof import("./role").Role = null as any; +utilities.lazyLoad(exports, ["Role"], () => require("./role")); export { TemplateArgs, TemplateState } from "./template"; export type Template = import("./template").Template; export const Template: typeof import("./template").Template = null as any; +utilities.lazyLoad(exports, ["Template"], () => require("./template")); export { TransformationArgs, TransformationState } from "./transformation"; export type Transformation = import("./transformation").Transformation; export const Transformation: typeof import("./transformation").Transformation = null as any; - -utilities.lazyLoad(exports, ["Alphabet"], () => require("./alphabet")); -utilities.lazyLoad(exports, ["getDecode","getDecodeOutput"], () => require("./getDecode")); -utilities.lazyLoad(exports, ["getEncode","getEncodeOutput"], () => require("./getEncode")); -utilities.lazyLoad(exports, ["Role"], () => require("./role")); -utilities.lazyLoad(exports, ["Template"], () => require("./template")); utilities.lazyLoad(exports, ["Transformation"], () => require("./transformation")); + const _module = { version: utilities.getVersion(), construct: (name: string, type: string, urn: string): pulumi.Resource => { diff --git a/sdk/nodejs/transform/role.ts b/sdk/nodejs/transform/role.ts index 0f7d42fbf..f4b7f1a1e 100644 --- a/sdk/nodejs/transform/role.ts +++ b/sdk/nodejs/transform/role.ts @@ -58,6 +58,13 @@ export class Role extends pulumi.CustomResource { * The name of the role. */ public readonly name!: pulumi.Output; + /** + * The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + */ + public readonly namespace!: pulumi.Output; /** * Path to where the back-end is mounted within Vault. */ @@ -81,6 +88,7 @@ export class Role extends pulumi.CustomResource { if (opts.id) { const state = argsOrState as RoleState | undefined; resourceInputs["name"] = state ? state.name : undefined; + resourceInputs["namespace"] = state ? state.namespace : undefined; resourceInputs["path"] = state ? state.path : undefined; resourceInputs["transformations"] = state ? state.transformations : undefined; } else { @@ -89,6 +97,7 @@ export class Role extends pulumi.CustomResource { throw new Error("Missing required property 'path'"); } resourceInputs["name"] = args ? args.name : undefined; + resourceInputs["namespace"] = args ? args.namespace : undefined; resourceInputs["path"] = args ? args.path : undefined; resourceInputs["transformations"] = args ? args.transformations : undefined; } @@ -105,6 +114,13 @@ export interface RoleState { * The name of the role. */ name?: pulumi.Input; + /** + * The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + */ + namespace?: pulumi.Input; /** * Path to where the back-end is mounted within Vault. */ @@ -123,6 +139,13 @@ export interface RoleArgs { * The name of the role. */ name?: pulumi.Input; + /** + * The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + */ + namespace?: pulumi.Input; /** * Path to where the back-end is mounted within Vault. */ diff --git a/sdk/nodejs/transform/template.ts b/sdk/nodejs/transform/template.ts index fcd3186b2..41b6ea79a 100644 --- a/sdk/nodejs/transform/template.ts +++ b/sdk/nodejs/transform/template.ts @@ -4,6 +4,48 @@ import * as pulumi from "@pulumi/pulumi"; import * as utilities from "../utilities"; +/** + * This resource supports the `/transform/template/{name}` Vault endpoint. + * + * It creates or updates a template with the given name. If a template with the name does not exist, + * it will be created. If the template exists, it will be updated with the new attributes. + * + * > Requires _Vault Enterprise with the Advanced Data Protection Transform Module_. + * See [Transform Secrets Engine](https://www.vaultproject.io/docs/secrets/transform) + * for more information. + * + * ## Example Usage + * + * Please note that the `pattern` below holds a regex. The regex shown + * is identical to the one in our [Setup](https://www.vaultproject.io/docs/secrets/transform#setup) + * docs, `(\d{4})-(\d{4})-(\d{4})-(\d{4})`. However, due to HCL, the + * backslashes must be escaped to appear correctly in Vault. For further + * assistance escaping your own custom regex, see String Literals. + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as vault from "@pulumi/vault"; + * + * const transform = new vault.Mount("transform", { + * path: "transform", + * type: "transform", + * }); + * const numerics = new vault.transform.Alphabet("numerics", { + * path: transform.path, + * alphabet: "0123456789", + * }); + * const test = new vault.transform.Template("test", { + * path: numerics.path, + * type: "regex", + * pattern: "(\\d{4})[- ](\\d{4})[- ](\\d{4})[- ](\\d{4})", + * alphabet: "numerics", + * encodeFormat: "$1-$2-$3-$4", + * decodeFormats: { + * "last-four-digits": "$4", + * }, + * }); + * ``` + */ export class Template extends pulumi.CustomResource { /** * Get an existing Template resource's state with the given name, ID, and optional extra @@ -37,12 +79,12 @@ export class Template extends pulumi.CustomResource { */ public readonly alphabet!: pulumi.Output; /** - * - Optional mapping of name to regular expression template, used to customize + * Optional mapping of name to regular expression template, used to customize * the decoded output. (requires Vault Enterprise 1.9+) */ public readonly decodeFormats!: pulumi.Output<{[key: string]: any} | undefined>; /** - * - The regular expression template used to format encoded values. + * The regular expression template used to format encoded values. * (requires Vault Enterprise 1.9+) */ public readonly encodeFormat!: pulumi.Output; @@ -50,6 +92,13 @@ export class Template extends pulumi.CustomResource { * The name of the template. */ public readonly name!: pulumi.Output; + /** + * The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + */ + public readonly namespace!: pulumi.Output; /** * Path to where the back-end is mounted within Vault. */ @@ -80,6 +129,7 @@ export class Template extends pulumi.CustomResource { resourceInputs["decodeFormats"] = state ? state.decodeFormats : undefined; resourceInputs["encodeFormat"] = state ? state.encodeFormat : undefined; resourceInputs["name"] = state ? state.name : undefined; + resourceInputs["namespace"] = state ? state.namespace : undefined; resourceInputs["path"] = state ? state.path : undefined; resourceInputs["pattern"] = state ? state.pattern : undefined; resourceInputs["type"] = state ? state.type : undefined; @@ -92,6 +142,7 @@ export class Template extends pulumi.CustomResource { resourceInputs["decodeFormats"] = args ? args.decodeFormats : undefined; resourceInputs["encodeFormat"] = args ? args.encodeFormat : undefined; resourceInputs["name"] = args ? args.name : undefined; + resourceInputs["namespace"] = args ? args.namespace : undefined; resourceInputs["path"] = args ? args.path : undefined; resourceInputs["pattern"] = args ? args.pattern : undefined; resourceInputs["type"] = args ? args.type : undefined; @@ -110,12 +161,12 @@ export interface TemplateState { */ alphabet?: pulumi.Input; /** - * - Optional mapping of name to regular expression template, used to customize + * Optional mapping of name to regular expression template, used to customize * the decoded output. (requires Vault Enterprise 1.9+) */ decodeFormats?: pulumi.Input<{[key: string]: any}>; /** - * - The regular expression template used to format encoded values. + * The regular expression template used to format encoded values. * (requires Vault Enterprise 1.9+) */ encodeFormat?: pulumi.Input; @@ -123,6 +174,13 @@ export interface TemplateState { * The name of the template. */ name?: pulumi.Input; + /** + * The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + */ + namespace?: pulumi.Input; /** * Path to where the back-end is mounted within Vault. */ @@ -146,12 +204,12 @@ export interface TemplateArgs { */ alphabet?: pulumi.Input; /** - * - Optional mapping of name to regular expression template, used to customize + * Optional mapping of name to regular expression template, used to customize * the decoded output. (requires Vault Enterprise 1.9+) */ decodeFormats?: pulumi.Input<{[key: string]: any}>; /** - * - The regular expression template used to format encoded values. + * The regular expression template used to format encoded values. * (requires Vault Enterprise 1.9+) */ encodeFormat?: pulumi.Input; @@ -159,6 +217,13 @@ export interface TemplateArgs { * The name of the template. */ name?: pulumi.Input; + /** + * The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + */ + namespace?: pulumi.Input; /** * Path to where the back-end is mounted within Vault. */ diff --git a/sdk/nodejs/transform/transformation.ts b/sdk/nodejs/transform/transformation.ts index f74c00b81..5f6374458 100644 --- a/sdk/nodejs/transform/transformation.ts +++ b/sdk/nodejs/transform/transformation.ts @@ -50,6 +50,13 @@ export class Transformation extends pulumi.CustomResource { * The name of the transformation. */ public readonly name!: pulumi.Output; + /** + * The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + */ + public readonly namespace!: pulumi.Output; /** * Path to where the back-end is mounted within Vault. */ @@ -88,6 +95,7 @@ export class Transformation extends pulumi.CustomResource { resourceInputs["deletionAllowed"] = state ? state.deletionAllowed : undefined; resourceInputs["maskingCharacter"] = state ? state.maskingCharacter : undefined; resourceInputs["name"] = state ? state.name : undefined; + resourceInputs["namespace"] = state ? state.namespace : undefined; resourceInputs["path"] = state ? state.path : undefined; resourceInputs["template"] = state ? state.template : undefined; resourceInputs["templates"] = state ? state.templates : undefined; @@ -102,6 +110,7 @@ export class Transformation extends pulumi.CustomResource { resourceInputs["deletionAllowed"] = args ? args.deletionAllowed : undefined; resourceInputs["maskingCharacter"] = args ? args.maskingCharacter : undefined; resourceInputs["name"] = args ? args.name : undefined; + resourceInputs["namespace"] = args ? args.namespace : undefined; resourceInputs["path"] = args ? args.path : undefined; resourceInputs["template"] = args ? args.template : undefined; resourceInputs["templates"] = args ? args.templates : undefined; @@ -135,6 +144,13 @@ export interface TransformationState { * The name of the transformation. */ name?: pulumi.Input; + /** + * The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + */ + namespace?: pulumi.Input; /** * Path to where the back-end is mounted within Vault. */ @@ -179,6 +195,13 @@ export interface TransformationArgs { * The name of the transformation. */ name?: pulumi.Input; + /** + * The namespace to provision the resource in. + * The value should not contain leading or trailing forward slashes. + * The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + * *Available only for Vault Enterprise*. + */ + namespace?: pulumi.Input; /** * Path to where the back-end is mounted within Vault. */ diff --git a/sdk/nodejs/transit/getDecrypt.ts b/sdk/nodejs/transit/getDecrypt.ts index 18ec6051b..41d22f23c 100644 --- a/sdk/nodejs/transit/getDecrypt.ts +++ b/sdk/nodejs/transit/getDecrypt.ts @@ -13,19 +13,16 @@ import * as utilities from "../utilities"; * import * as pulumi from "@pulumi/pulumi"; * import * as vault from "@pulumi/vault"; * - * const test = pulumi.output(vault.transit.getDecrypt({ + * const test = vault.transit.getDecrypt({ * backend: "transit", * ciphertext: "vault:v1:S3GtnJ5GUNCWV+/pdL9+g1Feu/nzAv+RlmTmE91Tu0rBkeIU8MEb2nSspC/1IQ==", * key: "test", - * })); + * }); * ``` */ export function getDecrypt(args: GetDecryptArgs, opts?: pulumi.InvokeOptions): Promise { - if (!opts) { - opts = {} - } - opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invoke("vault:transit/getDecrypt:getDecrypt", { "backend": args.backend, "ciphertext": args.ciphertext, @@ -76,9 +73,24 @@ export interface GetDecryptResult { */ readonly plaintext: string; } - +/** + * This is a data source which can be used to decrypt ciphertext using a Vault Transit key. + * + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as vault from "@pulumi/vault"; + * + * const test = vault.transit.getDecrypt({ + * backend: "transit", + * ciphertext: "vault:v1:S3GtnJ5GUNCWV+/pdL9+g1Feu/nzAv+RlmTmE91Tu0rBkeIU8MEb2nSspC/1IQ==", + * key: "test", + * }); + * ``` + */ export function getDecryptOutput(args: GetDecryptOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { - return pulumi.output(args).apply(a => getDecrypt(a, opts)) + return pulumi.output(args).apply((a: any) => getDecrypt(a, opts)) } /** diff --git a/sdk/nodejs/transit/getEncrypt.ts b/sdk/nodejs/transit/getEncrypt.ts index 501acb7a8..3de40c2ed 100644 --- a/sdk/nodejs/transit/getEncrypt.ts +++ b/sdk/nodejs/transit/getEncrypt.ts @@ -8,11 +8,8 @@ import * as utilities from "../utilities"; * This is a data source which can be used to encrypt plaintext using a Vault Transit key. */ export function getEncrypt(args: GetEncryptArgs, opts?: pulumi.InvokeOptions): Promise { - if (!opts) { - opts = {} - } - opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invoke("vault:transit/getEncrypt:getEncrypt", { "backend": args.backend, "context": args.context, @@ -69,9 +66,11 @@ export interface GetEncryptResult { readonly namespace?: string; readonly plaintext: string; } - +/** + * This is a data source which can be used to encrypt plaintext using a Vault Transit key. + */ export function getEncryptOutput(args: GetEncryptOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { - return pulumi.output(args).apply(a => getEncrypt(a, opts)) + return pulumi.output(args).apply((a: any) => getEncrypt(a, opts)) } /** diff --git a/sdk/nodejs/transit/index.ts b/sdk/nodejs/transit/index.ts index 6804ae47c..bad1fdf9f 100644 --- a/sdk/nodejs/transit/index.ts +++ b/sdk/nodejs/transit/index.ts @@ -8,24 +8,24 @@ import * as utilities from "../utilities"; export { GetDecryptArgs, GetDecryptResult, GetDecryptOutputArgs } from "./getDecrypt"; export const getDecrypt: typeof import("./getDecrypt").getDecrypt = null as any; export const getDecryptOutput: typeof import("./getDecrypt").getDecryptOutput = null as any; +utilities.lazyLoad(exports, ["getDecrypt","getDecryptOutput"], () => require("./getDecrypt")); export { GetEncryptArgs, GetEncryptResult, GetEncryptOutputArgs } from "./getEncrypt"; export const getEncrypt: typeof import("./getEncrypt").getEncrypt = null as any; export const getEncryptOutput: typeof import("./getEncrypt").getEncryptOutput = null as any; +utilities.lazyLoad(exports, ["getEncrypt","getEncryptOutput"], () => require("./getEncrypt")); export { SecretBackendKeyArgs, SecretBackendKeyState } from "./secretBackendKey"; export type SecretBackendKey = import("./secretBackendKey").SecretBackendKey; export const SecretBackendKey: typeof import("./secretBackendKey").SecretBackendKey = null as any; +utilities.lazyLoad(exports, ["SecretBackendKey"], () => require("./secretBackendKey")); export { SecretCacheConfigArgs, SecretCacheConfigState } from "./secretCacheConfig"; export type SecretCacheConfig = import("./secretCacheConfig").SecretCacheConfig; export const SecretCacheConfig: typeof import("./secretCacheConfig").SecretCacheConfig = null as any; - -utilities.lazyLoad(exports, ["getDecrypt","getDecryptOutput"], () => require("./getDecrypt")); -utilities.lazyLoad(exports, ["getEncrypt","getEncryptOutput"], () => require("./getEncrypt")); -utilities.lazyLoad(exports, ["SecretBackendKey"], () => require("./secretBackendKey")); utilities.lazyLoad(exports, ["SecretCacheConfig"], () => require("./secretCacheConfig")); + const _module = { version: utilities.getVersion(), construct: (name: string, type: string, urn: string): pulumi.Resource => { diff --git a/sdk/nodejs/tsconfig.json b/sdk/nodejs/tsconfig.json index 714ee379b..bd6a4585c 100644 --- a/sdk/nodejs/tsconfig.json +++ b/sdk/nodejs/tsconfig.json @@ -38,6 +38,7 @@ "aws/authBackendRoletagBlacklist.ts", "aws/authBackendStsRole.ts", "aws/getAccessCredentials.ts", + "aws/getStaticAccessCredentials.ts", "aws/index.ts", "aws/secretBackend.ts", "aws/secretBackendRole.ts", @@ -73,8 +74,10 @@ "generic/index.ts", "generic/secret.ts", "getAuthBackend.ts", + "getAuthBackends.ts", "getNomadAccessToken.ts", "getPolicyDocument.ts", + "getRaftAutopilotState.ts", "github/authBackend.ts", "github/index.ts", "github/team.ts", @@ -134,6 +137,8 @@ "ldap/authBackend.ts", "ldap/authBackendGroup.ts", "ldap/authBackendUser.ts", + "ldap/getDynamicCredentials.ts", + "ldap/getStaticCredentials.ts", "ldap/index.ts", "ldap/secretBackend.ts", "ldap/secretBackendDynamicRole.ts", @@ -157,6 +162,10 @@ "okta/authBackendUser.ts", "okta/index.ts", "passwordPolicy.ts", + "pkisecret/getBackendIssuer.ts", + "pkisecret/getBackendIssuers.ts", + "pkisecret/getBackendKey.ts", + "pkisecret/getBackendKeys.ts", "pkisecret/index.ts", "pkisecret/secretBackendCert.ts", "pkisecret/secretBackendConfigCa.ts", @@ -181,6 +190,9 @@ "raftAutopilot.ts", "raftSnapshotAgentConfig.ts", "rgpPolicy.ts", + "saml/authBackend.ts", + "saml/authBackendRole.ts", + "saml/index.ts", "ssh/index.ts", "ssh/secretBackendCa.ts", "ssh/secretBackendRole.ts", diff --git a/sdk/nodejs/types/input.ts b/sdk/nodejs/types/input.ts index 798484820..5f1e185e7 100644 --- a/sdk/nodejs/types/input.ts +++ b/sdk/nodejs/types/input.ts @@ -169,6 +169,7 @@ export interface ProviderAuthLogin { namespace?: pulumi.Input; parameters?: pulumi.Input<{[key: string]: pulumi.Input}>; path: pulumi.Input; + useRootNamespace?: pulumi.Input; } export interface ProviderAuthLoginAws { @@ -187,6 +188,7 @@ export interface ProviderAuthLoginAws { mount?: pulumi.Input; namespace?: pulumi.Input; role: pulumi.Input; + useRootNamespace?: pulumi.Input; } export interface ProviderAuthLoginAzure { @@ -199,6 +201,7 @@ export interface ProviderAuthLoginAzure { scope?: pulumi.Input; subscriptionId: pulumi.Input; tenantId?: pulumi.Input; + useRootNamespace?: pulumi.Input; vmName?: pulumi.Input; vmssName?: pulumi.Input; } @@ -209,6 +212,7 @@ export interface ProviderAuthLoginCert { mount?: pulumi.Input; name?: pulumi.Input; namespace?: pulumi.Input; + useRootNamespace?: pulumi.Input; } export interface ProviderAuthLoginGcp { @@ -218,6 +222,7 @@ export interface ProviderAuthLoginGcp { namespace?: pulumi.Input; role: pulumi.Input; serviceAccount?: pulumi.Input; + useRootNamespace?: pulumi.Input; } export interface ProviderAuthLoginJwt { @@ -225,6 +230,7 @@ export interface ProviderAuthLoginJwt { mount?: pulumi.Input; namespace?: pulumi.Input; role: pulumi.Input; + useRootNamespace?: pulumi.Input; } export interface ProviderAuthLoginKerberos { @@ -237,6 +243,7 @@ export interface ProviderAuthLoginKerberos { removeInstanceName?: pulumi.Input; service?: pulumi.Input; token?: pulumi.Input; + useRootNamespace?: pulumi.Input; username?: pulumi.Input; } @@ -245,6 +252,7 @@ export interface ProviderAuthLoginOci { mount?: pulumi.Input; namespace?: pulumi.Input; role: pulumi.Input; + useRootNamespace?: pulumi.Input; } export interface ProviderAuthLoginOidc { @@ -253,18 +261,21 @@ export interface ProviderAuthLoginOidc { mount?: pulumi.Input; namespace?: pulumi.Input; role: pulumi.Input; + useRootNamespace?: pulumi.Input; } export interface ProviderAuthLoginRadius { mount?: pulumi.Input; namespace?: pulumi.Input; password: pulumi.Input; + useRootNamespace?: pulumi.Input; username: pulumi.Input; } export interface ProviderAuthLoginTokenFile { filename: pulumi.Input; namespace?: pulumi.Input; + useRootNamespace?: pulumi.Input; } export interface ProviderAuthLoginUserpass { @@ -272,6 +283,7 @@ export interface ProviderAuthLoginUserpass { namespace?: pulumi.Input; password?: pulumi.Input; passwordFile?: pulumi.Input; + useRootNamespace?: pulumi.Input; username: pulumi.Input; } @@ -308,7 +320,7 @@ export namespace database { */ connectTimeout?: pulumi.Input; /** - * A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + * The hosts to connect to. */ hosts?: pulumi.Input[]>; /** @@ -317,7 +329,7 @@ export namespace database { */ insecureTls?: pulumi.Input; /** - * The root credential password used in the connection URL. + * The password to authenticate with. */ password?: pulumi.Input; /** @@ -339,11 +351,11 @@ export namespace database { */ protocolVersion?: pulumi.Input; /** - * Whether to use TLS when connecting to Redis. + * Whether to use TLS when connecting to Cassandra. */ tls?: pulumi.Input; /** - * The root credential username used in the connection URL. + * The username to authenticate with. */ username?: pulumi.Input; } @@ -358,7 +370,7 @@ export namespace database { */ bucketName?: pulumi.Input; /** - * A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + * The hosts to connect to. */ hosts: pulumi.Input[]>; /** @@ -367,19 +379,19 @@ export namespace database { */ insecureTls?: pulumi.Input; /** - * The root credential password used in the connection URL. + * The password to authenticate with. */ password: pulumi.Input; /** - * Whether to use TLS when connecting to Redis. + * Whether to use TLS when connecting to Cassandra. */ tls?: pulumi.Input; /** - * The root credential username used in the connection URL. + * The username to authenticate with. */ username: pulumi.Input; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * Template describing how dynamic usernames are generated. */ usernameTemplate?: pulumi.Input; } @@ -406,7 +418,7 @@ export namespace database { */ insecure?: pulumi.Input; /** - * The root credential password used in the connection URL. + * The password to authenticate with. */ password: pulumi.Input; /** @@ -419,20 +431,20 @@ export namespace database { */ url: pulumi.Input; /** - * The root credential username used in the connection URL. + * The username to authenticate with. */ username: pulumi.Input; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * Template describing how dynamic usernames are generated. */ usernameTemplate?: pulumi.Input; } export interface SecretBackendConnectionHana { /** - * Specifies the Redshift DSN. See + * A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. */ connectionUrl?: pulumi.Input; @@ -441,25 +453,26 @@ export namespace database { */ disableEscaping?: pulumi.Input; /** - * The maximum amount of time a connection may be reused. + * The maximum number of seconds to keep + * a connection alive for. */ maxConnectionLifetime?: pulumi.Input; /** * The maximum number of idle connections to - * the database. + * maintain. */ maxIdleConnections?: pulumi.Input; /** * The maximum number of open connections to - * the database. + * use. */ maxOpenConnections?: pulumi.Input; /** - * The root credential password used in the connection URL. + * The password to authenticate with. */ password?: pulumi.Input; /** - * The root credential username used in the connection URL. + * The username to authenticate with. */ username?: pulumi.Input; } @@ -480,7 +493,7 @@ export namespace database { */ insecureTls?: pulumi.Input; /** - * The root credential password used in the connection URL. + * The password to authenticate with. */ password: pulumi.Input; /** @@ -498,51 +511,52 @@ export namespace database { */ port?: pulumi.Input; /** - * Whether to use TLS when connecting to Redis. + * Whether to use TLS when connecting to Cassandra. */ tls?: pulumi.Input; /** - * The root credential username used in the connection URL. + * The username to authenticate with. */ username: pulumi.Input; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * Template describing how dynamic usernames are generated. */ usernameTemplate?: pulumi.Input; } export interface SecretBackendConnectionMongodb { /** - * Specifies the Redshift DSN. See + * A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. */ connectionUrl?: pulumi.Input; /** - * The maximum amount of time a connection may be reused. + * The maximum number of seconds to keep + * a connection alive for. */ maxConnectionLifetime?: pulumi.Input; /** * The maximum number of idle connections to - * the database. + * maintain. */ maxIdleConnections?: pulumi.Input; /** * The maximum number of open connections to - * the database. + * use. */ maxOpenConnections?: pulumi.Input; /** - * The root credential password used in the connection URL. + * The password to authenticate with. */ password?: pulumi.Input; /** - * The root credential username used in the connection URL. + * The username to authenticate with. */ username?: pulumi.Input; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * Template describing how dynamic usernames are generated. */ usernameTemplate?: pulumi.Input; } @@ -564,9 +578,9 @@ export namespace database { export interface SecretBackendConnectionMssql { /** - * Specifies the Redshift DSN. See + * A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. */ connectionUrl?: pulumi.Input; @@ -582,29 +596,30 @@ export namespace database { */ disableEscaping?: pulumi.Input; /** - * The maximum amount of time a connection may be reused. + * The maximum number of seconds to keep + * a connection alive for. */ maxConnectionLifetime?: pulumi.Input; /** * The maximum number of idle connections to - * the database. + * maintain. */ maxIdleConnections?: pulumi.Input; /** * The maximum number of open connections to - * the database. + * use. */ maxOpenConnections?: pulumi.Input; /** - * The root credential password used in the connection URL. + * The password to authenticate with. */ password?: pulumi.Input; /** - * The root credential username used in the connection URL. + * The username to authenticate with. */ username?: pulumi.Input; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * Template describing how dynamic usernames are generated. */ usernameTemplate?: pulumi.Input; } @@ -615,28 +630,29 @@ export namespace database { */ authType?: pulumi.Input; /** - * Specifies the Redshift DSN. See + * A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. */ connectionUrl?: pulumi.Input; /** - * The maximum amount of time a connection may be reused. + * The maximum number of seconds to keep + * a connection alive for. */ maxConnectionLifetime?: pulumi.Input; /** * The maximum number of idle connections to - * the database. + * maintain. */ maxIdleConnections?: pulumi.Input; /** * The maximum number of open connections to - * the database. + * use. */ maxOpenConnections?: pulumi.Input; /** - * The root credential password used in the connection URL. + * The password to authenticate with. */ password?: pulumi.Input; /** @@ -652,155 +668,159 @@ export namespace database { */ tlsCertificateKey?: pulumi.Input; /** - * The root credential username used in the connection URL. + * The username to authenticate with. */ username?: pulumi.Input; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * Template describing how dynamic usernames are generated. */ usernameTemplate?: pulumi.Input; } export interface SecretBackendConnectionMysqlAurora { /** - * Specifies the Redshift DSN. See + * A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. */ connectionUrl?: pulumi.Input; /** - * The maximum amount of time a connection may be reused. + * The maximum number of seconds to keep + * a connection alive for. */ maxConnectionLifetime?: pulumi.Input; /** * The maximum number of idle connections to - * the database. + * maintain. */ maxIdleConnections?: pulumi.Input; /** * The maximum number of open connections to - * the database. + * use. */ maxOpenConnections?: pulumi.Input; /** - * The root credential password used in the connection URL. + * The password to authenticate with. */ password?: pulumi.Input; /** - * The root credential username used in the connection URL. + * The username to authenticate with. */ username?: pulumi.Input; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * Template describing how dynamic usernames are generated. */ usernameTemplate?: pulumi.Input; } export interface SecretBackendConnectionMysqlLegacy { /** - * Specifies the Redshift DSN. See + * A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. */ connectionUrl?: pulumi.Input; /** - * The maximum amount of time a connection may be reused. + * The maximum number of seconds to keep + * a connection alive for. */ maxConnectionLifetime?: pulumi.Input; /** * The maximum number of idle connections to - * the database. + * maintain. */ maxIdleConnections?: pulumi.Input; /** * The maximum number of open connections to - * the database. + * use. */ maxOpenConnections?: pulumi.Input; /** - * The root credential password used in the connection URL. + * The password to authenticate with. */ password?: pulumi.Input; /** - * The root credential username used in the connection URL. + * The username to authenticate with. */ username?: pulumi.Input; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * Template describing how dynamic usernames are generated. */ usernameTemplate?: pulumi.Input; } export interface SecretBackendConnectionMysqlRds { /** - * Specifies the Redshift DSN. See + * A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. */ connectionUrl?: pulumi.Input; /** - * The maximum amount of time a connection may be reused. + * The maximum number of seconds to keep + * a connection alive for. */ maxConnectionLifetime?: pulumi.Input; /** * The maximum number of idle connections to - * the database. + * maintain. */ maxIdleConnections?: pulumi.Input; /** * The maximum number of open connections to - * the database. + * use. */ maxOpenConnections?: pulumi.Input; /** - * The root credential password used in the connection URL. + * The password to authenticate with. */ password?: pulumi.Input; /** - * The root credential username used in the connection URL. + * The username to authenticate with. */ username?: pulumi.Input; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * Template describing how dynamic usernames are generated. */ usernameTemplate?: pulumi.Input; } export interface SecretBackendConnectionOracle { /** - * Specifies the Redshift DSN. See + * A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. */ connectionUrl?: pulumi.Input; /** - * The maximum amount of time a connection may be reused. + * The maximum number of seconds to keep + * a connection alive for. */ maxConnectionLifetime?: pulumi.Input; /** * The maximum number of idle connections to - * the database. + * maintain. */ maxIdleConnections?: pulumi.Input; /** * The maximum number of open connections to - * the database. + * use. */ maxOpenConnections?: pulumi.Input; /** - * The root credential password used in the connection URL. + * The password to authenticate with. */ password?: pulumi.Input; /** - * The root credential username used in the connection URL. + * The username to authenticate with. */ username?: pulumi.Input; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * Template describing how dynamic usernames are generated. */ usernameTemplate?: pulumi.Input; } @@ -811,9 +831,9 @@ export namespace database { */ authType?: pulumi.Input; /** - * Specifies the Redshift DSN. See + * A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. */ connectionUrl?: pulumi.Input; @@ -822,21 +842,22 @@ export namespace database { */ disableEscaping?: pulumi.Input; /** - * The maximum amount of time a connection may be reused. + * The maximum number of seconds to keep + * a connection alive for. */ maxConnectionLifetime?: pulumi.Input; /** * The maximum number of idle connections to - * the database. + * maintain. */ maxIdleConnections?: pulumi.Input; /** * The maximum number of open connections to - * the database. + * use. */ maxOpenConnections?: pulumi.Input; /** - * The root credential password used in the connection URL. + * The password to authenticate with. */ password?: pulumi.Input; /** @@ -844,11 +865,11 @@ export namespace database { */ serviceAccountJson?: pulumi.Input; /** - * The root credential username used in the connection URL. + * The username to authenticate with. */ username?: pulumi.Input; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * Template describing how dynamic usernames are generated. */ usernameTemplate?: pulumi.Input; } @@ -868,7 +889,7 @@ export namespace database { */ insecureTls?: pulumi.Input; /** - * The root credential password used in the connection URL. + * The password to authenticate with. */ password: pulumi.Input; /** @@ -877,18 +898,18 @@ export namespace database { */ port?: pulumi.Input; /** - * Whether to use TLS when connecting to Redis. + * Whether to use TLS when connecting to Cassandra. */ tls?: pulumi.Input; /** - * The root credential username used in the connection URL. + * The username to authenticate with. */ username: pulumi.Input; } export interface SecretBackendConnectionRedisElasticache { /** - * The root credential password used in the connection URL. + * The password to authenticate with. */ password?: pulumi.Input; /** @@ -901,16 +922,16 @@ export namespace database { */ url: pulumi.Input; /** - * The root credential username used in the connection URL. + * The username to authenticate with. */ username?: pulumi.Input; } export interface SecretBackendConnectionRedshift { /** - * Specifies the Redshift DSN. See + * A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. */ connectionUrl?: pulumi.Input; @@ -919,65 +940,67 @@ export namespace database { */ disableEscaping?: pulumi.Input; /** - * The maximum amount of time a connection may be reused. + * The maximum number of seconds to keep + * a connection alive for. */ maxConnectionLifetime?: pulumi.Input; /** * The maximum number of idle connections to - * the database. + * maintain. */ maxIdleConnections?: pulumi.Input; /** * The maximum number of open connections to - * the database. + * use. */ maxOpenConnections?: pulumi.Input; /** - * The root credential password used in the connection URL. + * The password to authenticate with. */ password?: pulumi.Input; /** - * The root credential username used in the connection URL. + * The username to authenticate with. */ username?: pulumi.Input; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * Template describing how dynamic usernames are generated. */ usernameTemplate?: pulumi.Input; } export interface SecretBackendConnectionSnowflake { /** - * Specifies the Redshift DSN. See + * A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. */ connectionUrl?: pulumi.Input; /** - * The maximum amount of time a connection may be reused. + * The maximum number of seconds to keep + * a connection alive for. */ maxConnectionLifetime?: pulumi.Input; /** * The maximum number of idle connections to - * the database. + * maintain. */ maxIdleConnections?: pulumi.Input; /** * The maximum number of open connections to - * the database. + * use. */ maxOpenConnections?: pulumi.Input; /** - * The root credential password used in the connection URL. + * The password to authenticate with. */ password?: pulumi.Input; /** - * The root credential username used in the connection URL. + * The username to authenticate with. */ username?: pulumi.Input; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * Template describing how dynamic usernames are generated. */ usernameTemplate?: pulumi.Input; } @@ -995,10 +1018,12 @@ export namespace database { connectTimeout?: pulumi.Input; /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + * + * Supported list of database secrets engines that can be configured: */ data?: pulumi.Input<{[key: string]: any}>; /** - * A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + * The hosts to connect to. */ hosts?: pulumi.Input[]>; /** @@ -1008,7 +1033,7 @@ export namespace database { insecureTls?: pulumi.Input; name: pulumi.Input; /** - * The password to be used in the connection. + * The root credential password used in the connection URL. */ password?: pulumi.Input; /** @@ -1038,11 +1063,11 @@ export namespace database { */ rootRotationStatements?: pulumi.Input[]>; /** - * Whether to use TLS when connecting to Redis. + * Whether to use TLS when connecting to Cassandra. */ tls?: pulumi.Input; /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. */ username?: pulumi.Input; /** @@ -1068,10 +1093,12 @@ export namespace database { bucketName?: pulumi.Input; /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + * + * Supported list of database secrets engines that can be configured: */ data?: pulumi.Input<{[key: string]: any}>; /** - * A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + * The hosts to connect to. */ hosts: pulumi.Input[]>; /** @@ -1081,7 +1108,7 @@ export namespace database { insecureTls?: pulumi.Input; name: pulumi.Input; /** - * The password to be used in the connection. + * The root credential password used in the connection URL. */ password: pulumi.Input; /** @@ -1093,15 +1120,15 @@ export namespace database { */ rootRotationStatements?: pulumi.Input[]>; /** - * Whether to use TLS when connecting to Redis. + * Whether to use TLS when connecting to Cassandra. */ tls?: pulumi.Input; /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. */ username: pulumi.Input; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. */ usernameTemplate?: pulumi.Input; /** @@ -1118,7 +1145,7 @@ export namespace database { */ allowedRoles?: pulumi.Input[]>; /** - * The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity. + * The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. */ caCert?: pulumi.Input; /** @@ -1135,6 +1162,8 @@ export namespace database { clientKey?: pulumi.Input; /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + * + * Supported list of database secrets engines that can be configured: */ data?: pulumi.Input<{[key: string]: any}>; /** @@ -1143,7 +1172,7 @@ export namespace database { insecure?: pulumi.Input; name: pulumi.Input; /** - * The password to be used in the connection. + * The root credential password used in the connection URL. */ password: pulumi.Input; /** @@ -1159,15 +1188,16 @@ export namespace database { */ tlsServerName?: pulumi.Input; /** - * The configuration endpoint for the ElastiCache cluster to connect to. + * The URL for Elasticsearch's API. https requires certificate + * by trusted CA if used. */ url: pulumi.Input; /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. */ username: pulumi.Input; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. */ usernameTemplate?: pulumi.Input; /** @@ -1184,12 +1214,14 @@ export namespace database { */ allowedRoles?: pulumi.Input[]>; /** - * A URL containing connection information. - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) */ connectionUrl?: pulumi.Input; /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + * + * Supported list of database secrets engines that can be configured: */ data?: pulumi.Input<{[key: string]: any}>; /** @@ -1197,23 +1229,22 @@ export namespace database { */ disableEscaping?: pulumi.Input; /** - * The maximum number of seconds to keep - * a connection alive for. + * The maximum amount of time a connection may be reused. */ maxConnectionLifetime?: pulumi.Input; /** * The maximum number of idle connections to - * maintain. + * the database. */ maxIdleConnections?: pulumi.Input; /** * The maximum number of open connections to - * use. + * the database. */ maxOpenConnections?: pulumi.Input; name: pulumi.Input; /** - * The password to be used in the connection. + * The root credential password used in the connection URL. */ password?: pulumi.Input; /** @@ -1225,7 +1256,7 @@ export namespace database { */ rootRotationStatements?: pulumi.Input[]>; /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. */ username?: pulumi.Input; /** @@ -1248,6 +1279,8 @@ export namespace database { connectTimeout?: pulumi.Input; /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + * + * Supported list of database secrets engines that can be configured: */ data?: pulumi.Input<{[key: string]: any}>; /** @@ -1261,7 +1294,7 @@ export namespace database { insecureTls?: pulumi.Input; name: pulumi.Input; /** - * The password to be used in the connection. + * The root credential password used in the connection URL. */ password: pulumi.Input; /** @@ -1287,15 +1320,15 @@ export namespace database { */ rootRotationStatements?: pulumi.Input[]>; /** - * Whether to use TLS when connecting to Redis. + * Whether to use TLS when connecting to Cassandra. */ tls?: pulumi.Input; /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. */ username: pulumi.Input; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. */ usernameTemplate?: pulumi.Input; /** @@ -1312,32 +1345,33 @@ export namespace database { */ allowedRoles?: pulumi.Input[]>; /** - * A URL containing connection information. - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) */ connectionUrl?: pulumi.Input; /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + * + * Supported list of database secrets engines that can be configured: */ data?: pulumi.Input<{[key: string]: any}>; /** - * The maximum number of seconds to keep - * a connection alive for. + * The maximum amount of time a connection may be reused. */ maxConnectionLifetime?: pulumi.Input; /** * The maximum number of idle connections to - * maintain. + * the database. */ maxIdleConnections?: pulumi.Input; /** * The maximum number of open connections to - * use. + * the database. */ maxOpenConnections?: pulumi.Input; name: pulumi.Input; /** - * The password to be used in the connection. + * The root credential password used in the connection URL. */ password?: pulumi.Input; /** @@ -1349,11 +1383,11 @@ export namespace database { */ rootRotationStatements?: pulumi.Input[]>; /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. */ username?: pulumi.Input; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. */ usernameTemplate?: pulumi.Input; /** @@ -1371,6 +1405,8 @@ export namespace database { allowedRoles?: pulumi.Input[]>; /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + * + * Supported list of database secrets engines that can be configured: */ data?: pulumi.Input<{[key: string]: any}>; name: pulumi.Input; @@ -1408,8 +1444,8 @@ export namespace database { */ allowedRoles?: pulumi.Input[]>; /** - * A URL containing connection information. - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) */ connectionUrl?: pulumi.Input; /** @@ -1420,6 +1456,8 @@ export namespace database { containedDb?: pulumi.Input; /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + * + * Supported list of database secrets engines that can be configured: */ data?: pulumi.Input<{[key: string]: any}>; /** @@ -1427,23 +1465,22 @@ export namespace database { */ disableEscaping?: pulumi.Input; /** - * The maximum number of seconds to keep - * a connection alive for. + * The maximum amount of time a connection may be reused. */ maxConnectionLifetime?: pulumi.Input; /** * The maximum number of idle connections to - * maintain. + * the database. */ maxIdleConnections?: pulumi.Input; /** * The maximum number of open connections to - * use. + * the database. */ maxOpenConnections?: pulumi.Input; name: pulumi.Input; /** - * The password to be used in the connection. + * The root credential password used in the connection URL. */ password?: pulumi.Input; /** @@ -1455,11 +1492,11 @@ export namespace database { */ rootRotationStatements?: pulumi.Input[]>; /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. */ username?: pulumi.Input; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. */ usernameTemplate?: pulumi.Input; /** @@ -1477,32 +1514,33 @@ export namespace database { allowedRoles?: pulumi.Input[]>; authType?: pulumi.Input; /** - * A URL containing connection information. - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) */ connectionUrl?: pulumi.Input; /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + * + * Supported list of database secrets engines that can be configured: */ data?: pulumi.Input<{[key: string]: any}>; /** - * The maximum number of seconds to keep - * a connection alive for. + * The maximum amount of time a connection may be reused. */ maxConnectionLifetime?: pulumi.Input; /** * The maximum number of idle connections to - * maintain. + * the database. */ maxIdleConnections?: pulumi.Input; /** * The maximum number of open connections to - * use. + * the database. */ maxOpenConnections?: pulumi.Input; name: pulumi.Input; /** - * The password to be used in the connection. + * The root credential password used in the connection URL. */ password?: pulumi.Input; /** @@ -1523,11 +1561,11 @@ export namespace database { */ tlsCertificateKey?: pulumi.Input; /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. */ username?: pulumi.Input; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. */ usernameTemplate?: pulumi.Input; /** @@ -1544,32 +1582,33 @@ export namespace database { */ allowedRoles?: pulumi.Input[]>; /** - * A URL containing connection information. - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) */ connectionUrl?: pulumi.Input; /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + * + * Supported list of database secrets engines that can be configured: */ data?: pulumi.Input<{[key: string]: any}>; /** - * The maximum number of seconds to keep - * a connection alive for. + * The maximum amount of time a connection may be reused. */ maxConnectionLifetime?: pulumi.Input; /** * The maximum number of idle connections to - * maintain. + * the database. */ maxIdleConnections?: pulumi.Input; /** * The maximum number of open connections to - * use. + * the database. */ maxOpenConnections?: pulumi.Input; name: pulumi.Input; /** - * The password to be used in the connection. + * The root credential password used in the connection URL. */ password?: pulumi.Input; /** @@ -1581,11 +1620,11 @@ export namespace database { */ rootRotationStatements?: pulumi.Input[]>; /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. */ username?: pulumi.Input; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. */ usernameTemplate?: pulumi.Input; /** @@ -1602,32 +1641,33 @@ export namespace database { */ allowedRoles?: pulumi.Input[]>; /** - * A URL containing connection information. - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) */ connectionUrl?: pulumi.Input; /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + * + * Supported list of database secrets engines that can be configured: */ data?: pulumi.Input<{[key: string]: any}>; /** - * The maximum number of seconds to keep - * a connection alive for. + * The maximum amount of time a connection may be reused. */ maxConnectionLifetime?: pulumi.Input; /** * The maximum number of idle connections to - * maintain. + * the database. */ maxIdleConnections?: pulumi.Input; /** * The maximum number of open connections to - * use. + * the database. */ maxOpenConnections?: pulumi.Input; name: pulumi.Input; /** - * The password to be used in the connection. + * The root credential password used in the connection URL. */ password?: pulumi.Input; /** @@ -1639,11 +1679,11 @@ export namespace database { */ rootRotationStatements?: pulumi.Input[]>; /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. */ username?: pulumi.Input; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. */ usernameTemplate?: pulumi.Input; /** @@ -1660,32 +1700,33 @@ export namespace database { */ allowedRoles?: pulumi.Input[]>; /** - * A URL containing connection information. - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) */ connectionUrl?: pulumi.Input; /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + * + * Supported list of database secrets engines that can be configured: */ data?: pulumi.Input<{[key: string]: any}>; /** - * The maximum number of seconds to keep - * a connection alive for. + * The maximum amount of time a connection may be reused. */ maxConnectionLifetime?: pulumi.Input; /** * The maximum number of idle connections to - * maintain. + * the database. */ maxIdleConnections?: pulumi.Input; /** * The maximum number of open connections to - * use. + * the database. */ maxOpenConnections?: pulumi.Input; name: pulumi.Input; /** - * The password to be used in the connection. + * The root credential password used in the connection URL. */ password?: pulumi.Input; /** @@ -1697,11 +1738,11 @@ export namespace database { */ rootRotationStatements?: pulumi.Input[]>; /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. */ username?: pulumi.Input; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. */ usernameTemplate?: pulumi.Input; /** @@ -1718,32 +1759,33 @@ export namespace database { */ allowedRoles?: pulumi.Input[]>; /** - * A URL containing connection information. - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) */ connectionUrl?: pulumi.Input; /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + * + * Supported list of database secrets engines that can be configured: */ data?: pulumi.Input<{[key: string]: any}>; /** - * The maximum number of seconds to keep - * a connection alive for. + * The maximum amount of time a connection may be reused. */ maxConnectionLifetime?: pulumi.Input; /** * The maximum number of idle connections to - * maintain. + * the database. */ maxIdleConnections?: pulumi.Input; /** * The maximum number of open connections to - * use. + * the database. */ maxOpenConnections?: pulumi.Input; name: pulumi.Input; /** - * The password to be used in the connection. + * The root credential password used in the connection URL. */ password?: pulumi.Input; /** @@ -1755,11 +1797,11 @@ export namespace database { */ rootRotationStatements?: pulumi.Input[]>; /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. */ username?: pulumi.Input; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. */ usernameTemplate?: pulumi.Input; /** @@ -1777,12 +1819,14 @@ export namespace database { allowedRoles?: pulumi.Input[]>; authType?: pulumi.Input; /** - * A URL containing connection information. - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) */ connectionUrl?: pulumi.Input; /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + * + * Supported list of database secrets engines that can be configured: */ data?: pulumi.Input<{[key: string]: any}>; /** @@ -1790,23 +1834,22 @@ export namespace database { */ disableEscaping?: pulumi.Input; /** - * The maximum number of seconds to keep - * a connection alive for. + * The maximum amount of time a connection may be reused. */ maxConnectionLifetime?: pulumi.Input; /** * The maximum number of idle connections to - * maintain. + * the database. */ maxIdleConnections?: pulumi.Input; /** * The maximum number of open connections to - * use. + * the database. */ maxOpenConnections?: pulumi.Input; name: pulumi.Input; /** - * The password to be used in the connection. + * The root credential password used in the connection URL. */ password?: pulumi.Input; /** @@ -1819,11 +1862,11 @@ export namespace database { rootRotationStatements?: pulumi.Input[]>; serviceAccountJson?: pulumi.Input; /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. */ username?: pulumi.Input; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. */ usernameTemplate?: pulumi.Input; /** @@ -1840,11 +1883,13 @@ export namespace database { */ allowedRoles?: pulumi.Input[]>; /** - * The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity. + * The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. */ caCert?: pulumi.Input; /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + * + * Supported list of database secrets engines that can be configured: */ data?: pulumi.Input<{[key: string]: any}>; /** @@ -1858,7 +1903,7 @@ export namespace database { insecureTls?: pulumi.Input; name: pulumi.Input; /** - * The password to be used in the connection. + * The root credential password used in the connection URL. */ password: pulumi.Input; /** @@ -1875,11 +1920,11 @@ export namespace database { */ rootRotationStatements?: pulumi.Input[]>; /** - * Whether to use TLS when connecting to Redis. + * Whether to use TLS when connecting to Cassandra. */ tls?: pulumi.Input; /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. */ username: pulumi.Input; /** @@ -1897,11 +1942,13 @@ export namespace database { allowedRoles?: pulumi.Input[]>; /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + * + * Supported list of database secrets engines that can be configured: */ data?: pulumi.Input<{[key: string]: any}>; name: pulumi.Input; /** - * The password to be used in the connection. + * The root credential password used in the connection URL. */ password?: pulumi.Input; /** @@ -1918,11 +1965,12 @@ export namespace database { */ rootRotationStatements?: pulumi.Input[]>; /** - * The configuration endpoint for the ElastiCache cluster to connect to. + * The URL for Elasticsearch's API. https requires certificate + * by trusted CA if used. */ url: pulumi.Input; /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. */ username?: pulumi.Input; /** @@ -1939,12 +1987,14 @@ export namespace database { */ allowedRoles?: pulumi.Input[]>; /** - * A URL containing connection information. - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) */ connectionUrl?: pulumi.Input; /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + * + * Supported list of database secrets engines that can be configured: */ data?: pulumi.Input<{[key: string]: any}>; /** @@ -1952,23 +2002,22 @@ export namespace database { */ disableEscaping?: pulumi.Input; /** - * The maximum number of seconds to keep - * a connection alive for. + * The maximum amount of time a connection may be reused. */ maxConnectionLifetime?: pulumi.Input; /** * The maximum number of idle connections to - * maintain. + * the database. */ maxIdleConnections?: pulumi.Input; /** * The maximum number of open connections to - * use. + * the database. */ maxOpenConnections?: pulumi.Input; name: pulumi.Input; /** - * The password to be used in the connection. + * The root credential password used in the connection URL. */ password?: pulumi.Input; /** @@ -1980,11 +2029,11 @@ export namespace database { */ rootRotationStatements?: pulumi.Input[]>; /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. */ username?: pulumi.Input; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. */ usernameTemplate?: pulumi.Input; /** @@ -2001,32 +2050,33 @@ export namespace database { */ allowedRoles?: pulumi.Input[]>; /** - * A URL containing connection information. - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) */ connectionUrl?: pulumi.Input; /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + * + * Supported list of database secrets engines that can be configured: */ data?: pulumi.Input<{[key: string]: any}>; /** - * The maximum number of seconds to keep - * a connection alive for. + * The maximum amount of time a connection may be reused. */ maxConnectionLifetime?: pulumi.Input; /** * The maximum number of idle connections to - * maintain. + * the database. */ maxIdleConnections?: pulumi.Input; /** * The maximum number of open connections to - * use. + * the database. */ maxOpenConnections?: pulumi.Input; name: pulumi.Input; /** - * The password to be used in the connection. + * The root credential password used in the connection URL. */ password?: pulumi.Input; /** @@ -2038,11 +2088,11 @@ export namespace database { */ rootRotationStatements?: pulumi.Input[]>; /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. */ username?: pulumi.Input; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. */ usernameTemplate?: pulumi.Input; /** @@ -2061,6 +2111,11 @@ export namespace gcp { api?: pulumi.Input; /** * Replaces the service endpoint used in API requests to `https://compute.googleapis.com`. + * + * The endpoint value provided for a given key has the form of `scheme://host:port`. + * The `scheme://` and `:port` portions of the endpoint value are optional. + * + * For more details on the usage of each argument consult the [Vault GCP API documentation](https://www.vaultproject.io/api-docs/auth/gcp#configure). */ compute?: pulumi.Input; /** @@ -2237,8 +2292,8 @@ export namespace managed { */ anyMount?: pulumi.Input; /** - * Supplies the curve value when using the `CKM_ECDSA` mechanism. - * Required if `allowGenerateKey` is `true`. + * The curve to use for an ECDSA key. Used when `keyType` + * is `ECDSA`. Required if `allowGenerateKey` is `true`. */ curve?: pulumi.Input; /** @@ -2246,9 +2301,7 @@ export namespace managed { */ endpoint?: pulumi.Input; /** - * Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - * `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - * `allowGenerateKey` is `true`. + * The size in bits for an RSA key. */ keyBits: pulumi.Input; /** @@ -2310,9 +2363,7 @@ export namespace managed { */ environment?: pulumi.Input; /** - * Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - * `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - * `allowGenerateKey` is `true`. + * The size in bits for an RSA key. */ keyBits?: pulumi.Input; /** @@ -2366,8 +2417,8 @@ export namespace managed { */ anyMount?: pulumi.Input; /** - * Supplies the curve value when using the `CKM_ECDSA` mechanism. - * Required if `allowGenerateKey` is `true`. + * The curve to use for an ECDSA key. Used when `keyType` + * is `ECDSA`. Required if `allowGenerateKey` is `true`. */ curve?: pulumi.Input; /** @@ -2376,9 +2427,7 @@ export namespace managed { */ forceRwSession?: pulumi.Input; /** - * Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - * `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - * `allowGenerateKey` is `true`. + * The size in bits for an RSA key. */ keyBits?: pulumi.Input; /** @@ -2427,7 +2476,7 @@ export namespace okta { */ groupName: pulumi.Input; /** - * List of Vault policies to associate with this user + * Vault policies to associate with this group */ policies: pulumi.Input[]>; } @@ -2438,7 +2487,7 @@ export namespace okta { */ groups?: pulumi.Input[]>; /** - * List of Vault policies to associate with this user + * Vault policies to associate with this group */ policies?: pulumi.Input[]>; /** @@ -2449,6 +2498,22 @@ export namespace okta { } export namespace pkiSecret { + export interface SecretBackendRolePolicyIdentifier { + /** + * The URL of the CPS for the policy identifier + * + * Example usage: + */ + cps?: pulumi.Input; + /** + * A notice for the policy identifier + */ + notice?: pulumi.Input; + /** + * The OID for the policy identifier + */ + oid: pulumi.Input; + } } export namespace rabbitMq { @@ -2481,6 +2546,12 @@ export namespace ssh { * For key types that do not support setting the length a value of `[0]` should be used. * Setting multiple lengths is only supported on Vault 1.10+. For prior releases `length` * must be set to a single element list. + * + * Example configuration blocks that might be included in the `vault.ssh.SecretBackendRole` + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * ``` */ lengths: pulumi.Input[]>; /** diff --git a/sdk/nodejs/types/output.ts b/sdk/nodejs/types/output.ts index 6d8cbcb9f..02191b4a6 100644 --- a/sdk/nodejs/types/output.ts +++ b/sdk/nodejs/types/output.ts @@ -127,6 +127,7 @@ export namespace config { namespace?: string; parameters?: {[key: string]: string}; path: string; + useRootNamespace?: boolean; } export interface AuthLoginAws { @@ -145,6 +146,7 @@ export namespace config { mount?: string; namespace?: string; role: string; + useRootNamespace?: boolean; } export interface AuthLoginAzure { @@ -157,6 +159,7 @@ export namespace config { scope?: string; subscriptionId: string; tenantId?: string; + useRootNamespace?: boolean; vmName?: string; vmssName?: string; } @@ -167,6 +170,7 @@ export namespace config { mount?: string; name?: string; namespace?: string; + useRootNamespace?: boolean; } export interface AuthLoginGcp { @@ -176,6 +180,7 @@ export namespace config { namespace?: string; role: string; serviceAccount?: string; + useRootNamespace?: boolean; } export interface AuthLoginJwt { @@ -183,6 +188,7 @@ export namespace config { mount?: string; namespace?: string; role: string; + useRootNamespace?: boolean; } export interface AuthLoginKerberos { @@ -195,6 +201,7 @@ export namespace config { removeInstanceName?: boolean; service?: string; token?: string; + useRootNamespace?: boolean; username?: string; } @@ -203,6 +210,7 @@ export namespace config { mount?: string; namespace?: string; role: string; + useRootNamespace?: boolean; } export interface AuthLoginOidc { @@ -211,18 +219,21 @@ export namespace config { mount?: string; namespace?: string; role: string; + useRootNamespace?: boolean; } export interface AuthLoginRadius { mount?: string; namespace?: string; password: string; + useRootNamespace?: boolean; username: string; } export interface AuthLoginTokenFile { filename: string; namespace?: string; + useRootNamespace?: boolean; } export interface AuthLoginUserpass { @@ -230,6 +241,7 @@ export namespace config { namespace?: string; password?: string; passwordFile?: string; + useRootNamespace?: boolean; username: string; } @@ -253,7 +265,7 @@ export namespace database { */ connectTimeout?: number; /** - * A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + * The hosts to connect to. */ hosts?: string[]; /** @@ -262,7 +274,7 @@ export namespace database { */ insecureTls?: boolean; /** - * The root credential password used in the connection URL. + * The password to authenticate with. */ password?: string; /** @@ -284,11 +296,11 @@ export namespace database { */ protocolVersion?: number; /** - * Whether to use TLS when connecting to Redis. + * Whether to use TLS when connecting to Cassandra. */ tls?: boolean; /** - * The root credential username used in the connection URL. + * The username to authenticate with. */ username?: string; } @@ -303,7 +315,7 @@ export namespace database { */ bucketName?: string; /** - * A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + * The hosts to connect to. */ hosts: string[]; /** @@ -312,19 +324,19 @@ export namespace database { */ insecureTls?: boolean; /** - * The root credential password used in the connection URL. + * The password to authenticate with. */ password: string; /** - * Whether to use TLS when connecting to Redis. + * Whether to use TLS when connecting to Cassandra. */ tls?: boolean; /** - * The root credential username used in the connection URL. + * The username to authenticate with. */ username: string; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * Template describing how dynamic usernames are generated. */ usernameTemplate?: string; } @@ -351,7 +363,7 @@ export namespace database { */ insecure?: boolean; /** - * The root credential password used in the connection URL. + * The password to authenticate with. */ password: string; /** @@ -364,20 +376,20 @@ export namespace database { */ url: string; /** - * The root credential username used in the connection URL. + * The username to authenticate with. */ username: string; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * Template describing how dynamic usernames are generated. */ usernameTemplate?: string; } export interface SecretBackendConnectionHana { /** - * Specifies the Redshift DSN. See + * A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. */ connectionUrl?: string; @@ -386,25 +398,26 @@ export namespace database { */ disableEscaping?: boolean; /** - * The maximum amount of time a connection may be reused. + * The maximum number of seconds to keep + * a connection alive for. */ maxConnectionLifetime?: number; /** * The maximum number of idle connections to - * the database. + * maintain. */ maxIdleConnections?: number; /** * The maximum number of open connections to - * the database. + * use. */ maxOpenConnections?: number; /** - * The root credential password used in the connection URL. + * The password to authenticate with. */ password?: string; /** - * The root credential username used in the connection URL. + * The username to authenticate with. */ username?: string; } @@ -425,7 +438,7 @@ export namespace database { */ insecureTls?: boolean; /** - * The root credential password used in the connection URL. + * The password to authenticate with. */ password: string; /** @@ -443,51 +456,52 @@ export namespace database { */ port?: number; /** - * Whether to use TLS when connecting to Redis. + * Whether to use TLS when connecting to Cassandra. */ tls?: boolean; /** - * The root credential username used in the connection URL. + * The username to authenticate with. */ username: string; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * Template describing how dynamic usernames are generated. */ usernameTemplate?: string; } export interface SecretBackendConnectionMongodb { /** - * Specifies the Redshift DSN. See + * A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. */ connectionUrl?: string; /** - * The maximum amount of time a connection may be reused. + * The maximum number of seconds to keep + * a connection alive for. */ maxConnectionLifetime?: number; /** * The maximum number of idle connections to - * the database. + * maintain. */ maxIdleConnections?: number; /** * The maximum number of open connections to - * the database. + * use. */ maxOpenConnections?: number; /** - * The root credential password used in the connection URL. + * The password to authenticate with. */ password?: string; /** - * The root credential username used in the connection URL. + * The username to authenticate with. */ username?: string; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * Template describing how dynamic usernames are generated. */ usernameTemplate?: string; } @@ -509,9 +523,9 @@ export namespace database { export interface SecretBackendConnectionMssql { /** - * Specifies the Redshift DSN. See + * A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. */ connectionUrl?: string; @@ -527,29 +541,30 @@ export namespace database { */ disableEscaping?: boolean; /** - * The maximum amount of time a connection may be reused. + * The maximum number of seconds to keep + * a connection alive for. */ maxConnectionLifetime?: number; /** * The maximum number of idle connections to - * the database. + * maintain. */ maxIdleConnections?: number; /** * The maximum number of open connections to - * the database. + * use. */ maxOpenConnections?: number; /** - * The root credential password used in the connection URL. + * The password to authenticate with. */ password?: string; /** - * The root credential username used in the connection URL. + * The username to authenticate with. */ username?: string; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * Template describing how dynamic usernames are generated. */ usernameTemplate?: string; } @@ -560,28 +575,29 @@ export namespace database { */ authType?: string; /** - * Specifies the Redshift DSN. See + * A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. */ connectionUrl?: string; /** - * The maximum amount of time a connection may be reused. + * The maximum number of seconds to keep + * a connection alive for. */ maxConnectionLifetime?: number; /** * The maximum number of idle connections to - * the database. + * maintain. */ maxIdleConnections?: number; /** * The maximum number of open connections to - * the database. + * use. */ maxOpenConnections?: number; /** - * The root credential password used in the connection URL. + * The password to authenticate with. */ password?: string; /** @@ -597,155 +613,159 @@ export namespace database { */ tlsCertificateKey?: string; /** - * The root credential username used in the connection URL. + * The username to authenticate with. */ username?: string; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * Template describing how dynamic usernames are generated. */ usernameTemplate?: string; } export interface SecretBackendConnectionMysqlAurora { /** - * Specifies the Redshift DSN. See + * A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. */ connectionUrl?: string; /** - * The maximum amount of time a connection may be reused. + * The maximum number of seconds to keep + * a connection alive for. */ maxConnectionLifetime?: number; /** * The maximum number of idle connections to - * the database. + * maintain. */ maxIdleConnections?: number; /** * The maximum number of open connections to - * the database. + * use. */ maxOpenConnections?: number; /** - * The root credential password used in the connection URL. + * The password to authenticate with. */ password?: string; /** - * The root credential username used in the connection URL. + * The username to authenticate with. */ username?: string; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * Template describing how dynamic usernames are generated. */ usernameTemplate?: string; } export interface SecretBackendConnectionMysqlLegacy { /** - * Specifies the Redshift DSN. See + * A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. */ connectionUrl?: string; /** - * The maximum amount of time a connection may be reused. + * The maximum number of seconds to keep + * a connection alive for. */ maxConnectionLifetime?: number; /** * The maximum number of idle connections to - * the database. + * maintain. */ maxIdleConnections?: number; /** * The maximum number of open connections to - * the database. + * use. */ maxOpenConnections?: number; /** - * The root credential password used in the connection URL. + * The password to authenticate with. */ password?: string; /** - * The root credential username used in the connection URL. + * The username to authenticate with. */ username?: string; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * Template describing how dynamic usernames are generated. */ usernameTemplate?: string; } export interface SecretBackendConnectionMysqlRds { /** - * Specifies the Redshift DSN. See + * A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. */ connectionUrl?: string; /** - * The maximum amount of time a connection may be reused. + * The maximum number of seconds to keep + * a connection alive for. */ maxConnectionLifetime?: number; /** * The maximum number of idle connections to - * the database. + * maintain. */ maxIdleConnections?: number; /** * The maximum number of open connections to - * the database. + * use. */ maxOpenConnections?: number; /** - * The root credential password used in the connection URL. + * The password to authenticate with. */ password?: string; /** - * The root credential username used in the connection URL. + * The username to authenticate with. */ username?: string; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * Template describing how dynamic usernames are generated. */ usernameTemplate?: string; } export interface SecretBackendConnectionOracle { /** - * Specifies the Redshift DSN. See + * A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. */ connectionUrl?: string; /** - * The maximum amount of time a connection may be reused. + * The maximum number of seconds to keep + * a connection alive for. */ maxConnectionLifetime?: number; /** * The maximum number of idle connections to - * the database. + * maintain. */ maxIdleConnections?: number; /** * The maximum number of open connections to - * the database. + * use. */ maxOpenConnections?: number; /** - * The root credential password used in the connection URL. + * The password to authenticate with. */ password?: string; /** - * The root credential username used in the connection URL. + * The username to authenticate with. */ username?: string; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * Template describing how dynamic usernames are generated. */ usernameTemplate?: string; } @@ -756,9 +776,9 @@ export namespace database { */ authType?: string; /** - * Specifies the Redshift DSN. See + * A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. */ connectionUrl?: string; @@ -767,21 +787,22 @@ export namespace database { */ disableEscaping?: boolean; /** - * The maximum amount of time a connection may be reused. + * The maximum number of seconds to keep + * a connection alive for. */ maxConnectionLifetime?: number; /** * The maximum number of idle connections to - * the database. + * maintain. */ maxIdleConnections?: number; /** * The maximum number of open connections to - * the database. + * use. */ maxOpenConnections?: number; /** - * The root credential password used in the connection URL. + * The password to authenticate with. */ password?: string; /** @@ -789,11 +810,11 @@ export namespace database { */ serviceAccountJson?: string; /** - * The root credential username used in the connection URL. + * The username to authenticate with. */ username?: string; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * Template describing how dynamic usernames are generated. */ usernameTemplate?: string; } @@ -813,7 +834,7 @@ export namespace database { */ insecureTls?: boolean; /** - * The root credential password used in the connection URL. + * The password to authenticate with. */ password: string; /** @@ -822,18 +843,18 @@ export namespace database { */ port?: number; /** - * Whether to use TLS when connecting to Redis. + * Whether to use TLS when connecting to Cassandra. */ tls?: boolean; /** - * The root credential username used in the connection URL. + * The username to authenticate with. */ username: string; } export interface SecretBackendConnectionRedisElasticache { /** - * The root credential password used in the connection URL. + * The password to authenticate with. */ password?: string; /** @@ -846,16 +867,16 @@ export namespace database { */ url: string; /** - * The root credential username used in the connection URL. + * The username to authenticate with. */ username?: string; } export interface SecretBackendConnectionRedshift { /** - * Specifies the Redshift DSN. See + * A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. */ connectionUrl?: string; @@ -864,65 +885,67 @@ export namespace database { */ disableEscaping?: boolean; /** - * The maximum amount of time a connection may be reused. + * The maximum number of seconds to keep + * a connection alive for. */ maxConnectionLifetime?: number; /** * The maximum number of idle connections to - * the database. + * maintain. */ maxIdleConnections?: number; /** * The maximum number of open connections to - * the database. + * use. */ maxOpenConnections?: number; /** - * The root credential password used in the connection URL. + * The password to authenticate with. */ password?: string; /** - * The root credential username used in the connection URL. + * The username to authenticate with. */ username?: string; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * Template describing how dynamic usernames are generated. */ usernameTemplate?: string; } export interface SecretBackendConnectionSnowflake { /** - * Specifies the Redshift DSN. See + * A URL containing connection information. See * the [Vault - * docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + * docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) * for an example. */ connectionUrl?: string; /** - * The maximum amount of time a connection may be reused. + * The maximum number of seconds to keep + * a connection alive for. */ maxConnectionLifetime?: number; /** * The maximum number of idle connections to - * the database. + * maintain. */ maxIdleConnections?: number; /** * The maximum number of open connections to - * the database. + * use. */ maxOpenConnections?: number; /** - * The root credential password used in the connection URL. + * The password to authenticate with. */ password?: string; /** - * The root credential username used in the connection URL. + * The username to authenticate with. */ username?: string; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * Template describing how dynamic usernames are generated. */ usernameTemplate?: string; } @@ -940,10 +963,12 @@ export namespace database { connectTimeout?: number; /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + * + * Supported list of database secrets engines that can be configured: */ data?: {[key: string]: any}; /** - * A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + * The hosts to connect to. */ hosts?: string[]; /** @@ -953,7 +978,7 @@ export namespace database { insecureTls?: boolean; name: string; /** - * The password to be used in the connection. + * The root credential password used in the connection URL. */ password?: string; /** @@ -983,11 +1008,11 @@ export namespace database { */ rootRotationStatements?: string[]; /** - * Whether to use TLS when connecting to Redis. + * Whether to use TLS when connecting to Cassandra. */ tls?: boolean; /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. */ username?: string; /** @@ -1013,10 +1038,12 @@ export namespace database { bucketName?: string; /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + * + * Supported list of database secrets engines that can be configured: */ data?: {[key: string]: any}; /** - * A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + * The hosts to connect to. */ hosts: string[]; /** @@ -1026,7 +1053,7 @@ export namespace database { insecureTls?: boolean; name: string; /** - * The password to be used in the connection. + * The root credential password used in the connection URL. */ password: string; /** @@ -1038,15 +1065,15 @@ export namespace database { */ rootRotationStatements?: string[]; /** - * Whether to use TLS when connecting to Redis. + * Whether to use TLS when connecting to Cassandra. */ tls?: boolean; /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. */ username: string; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. */ usernameTemplate?: string; /** @@ -1063,7 +1090,7 @@ export namespace database { */ allowedRoles?: string[]; /** - * The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity. + * The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. */ caCert?: string; /** @@ -1080,6 +1107,8 @@ export namespace database { clientKey?: string; /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + * + * Supported list of database secrets engines that can be configured: */ data?: {[key: string]: any}; /** @@ -1088,7 +1117,7 @@ export namespace database { insecure?: boolean; name: string; /** - * The password to be used in the connection. + * The root credential password used in the connection URL. */ password: string; /** @@ -1104,15 +1133,16 @@ export namespace database { */ tlsServerName?: string; /** - * The configuration endpoint for the ElastiCache cluster to connect to. + * The URL for Elasticsearch's API. https requires certificate + * by trusted CA if used. */ url: string; /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. */ username: string; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. */ usernameTemplate?: string; /** @@ -1129,12 +1159,14 @@ export namespace database { */ allowedRoles?: string[]; /** - * A URL containing connection information. - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) */ connectionUrl?: string; /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + * + * Supported list of database secrets engines that can be configured: */ data?: {[key: string]: any}; /** @@ -1142,23 +1174,22 @@ export namespace database { */ disableEscaping?: boolean; /** - * The maximum number of seconds to keep - * a connection alive for. + * The maximum amount of time a connection may be reused. */ maxConnectionLifetime?: number; /** * The maximum number of idle connections to - * maintain. + * the database. */ maxIdleConnections?: number; /** * The maximum number of open connections to - * use. + * the database. */ maxOpenConnections?: number; name: string; /** - * The password to be used in the connection. + * The root credential password used in the connection URL. */ password?: string; /** @@ -1170,7 +1201,7 @@ export namespace database { */ rootRotationStatements?: string[]; /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. */ username?: string; /** @@ -1193,6 +1224,8 @@ export namespace database { connectTimeout?: number; /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + * + * Supported list of database secrets engines that can be configured: */ data?: {[key: string]: any}; /** @@ -1206,7 +1239,7 @@ export namespace database { insecureTls?: boolean; name: string; /** - * The password to be used in the connection. + * The root credential password used in the connection URL. */ password: string; /** @@ -1232,15 +1265,15 @@ export namespace database { */ rootRotationStatements?: string[]; /** - * Whether to use TLS when connecting to Redis. + * Whether to use TLS when connecting to Cassandra. */ tls?: boolean; /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. */ username: string; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. */ usernameTemplate?: string; /** @@ -1257,32 +1290,33 @@ export namespace database { */ allowedRoles?: string[]; /** - * A URL containing connection information. - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) */ connectionUrl?: string; /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + * + * Supported list of database secrets engines that can be configured: */ data?: {[key: string]: any}; /** - * The maximum number of seconds to keep - * a connection alive for. + * The maximum amount of time a connection may be reused. */ maxConnectionLifetime?: number; /** * The maximum number of idle connections to - * maintain. + * the database. */ maxIdleConnections?: number; /** * The maximum number of open connections to - * use. + * the database. */ maxOpenConnections?: number; name: string; /** - * The password to be used in the connection. + * The root credential password used in the connection URL. */ password?: string; /** @@ -1294,11 +1328,11 @@ export namespace database { */ rootRotationStatements?: string[]; /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. */ username?: string; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. */ usernameTemplate?: string; /** @@ -1316,6 +1350,8 @@ export namespace database { allowedRoles?: string[]; /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + * + * Supported list of database secrets engines that can be configured: */ data?: {[key: string]: any}; name: string; @@ -1353,8 +1389,8 @@ export namespace database { */ allowedRoles?: string[]; /** - * A URL containing connection information. - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) */ connectionUrl?: string; /** @@ -1365,6 +1401,8 @@ export namespace database { containedDb?: boolean; /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + * + * Supported list of database secrets engines that can be configured: */ data?: {[key: string]: any}; /** @@ -1372,23 +1410,22 @@ export namespace database { */ disableEscaping?: boolean; /** - * The maximum number of seconds to keep - * a connection alive for. + * The maximum amount of time a connection may be reused. */ maxConnectionLifetime?: number; /** * The maximum number of idle connections to - * maintain. + * the database. */ maxIdleConnections?: number; /** * The maximum number of open connections to - * use. + * the database. */ maxOpenConnections?: number; name: string; /** - * The password to be used in the connection. + * The root credential password used in the connection URL. */ password?: string; /** @@ -1400,11 +1437,11 @@ export namespace database { */ rootRotationStatements?: string[]; /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. */ username?: string; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. */ usernameTemplate?: string; /** @@ -1422,32 +1459,33 @@ export namespace database { allowedRoles?: string[]; authType?: string; /** - * A URL containing connection information. - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) */ connectionUrl?: string; /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + * + * Supported list of database secrets engines that can be configured: */ data?: {[key: string]: any}; /** - * The maximum number of seconds to keep - * a connection alive for. + * The maximum amount of time a connection may be reused. */ maxConnectionLifetime?: number; /** * The maximum number of idle connections to - * maintain. + * the database. */ maxIdleConnections?: number; /** * The maximum number of open connections to - * use. + * the database. */ maxOpenConnections?: number; name: string; /** - * The password to be used in the connection. + * The root credential password used in the connection URL. */ password?: string; /** @@ -1468,11 +1506,11 @@ export namespace database { */ tlsCertificateKey?: string; /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. */ username?: string; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. */ usernameTemplate?: string; /** @@ -1489,32 +1527,33 @@ export namespace database { */ allowedRoles?: string[]; /** - * A URL containing connection information. - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) */ connectionUrl?: string; /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + * + * Supported list of database secrets engines that can be configured: */ data?: {[key: string]: any}; /** - * The maximum number of seconds to keep - * a connection alive for. + * The maximum amount of time a connection may be reused. */ maxConnectionLifetime?: number; /** * The maximum number of idle connections to - * maintain. + * the database. */ maxIdleConnections?: number; /** * The maximum number of open connections to - * use. + * the database. */ maxOpenConnections?: number; name: string; /** - * The password to be used in the connection. + * The root credential password used in the connection URL. */ password?: string; /** @@ -1526,11 +1565,11 @@ export namespace database { */ rootRotationStatements?: string[]; /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. */ username?: string; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. */ usernameTemplate?: string; /** @@ -1547,32 +1586,33 @@ export namespace database { */ allowedRoles?: string[]; /** - * A URL containing connection information. - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) */ connectionUrl?: string; /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + * + * Supported list of database secrets engines that can be configured: */ data?: {[key: string]: any}; /** - * The maximum number of seconds to keep - * a connection alive for. + * The maximum amount of time a connection may be reused. */ maxConnectionLifetime?: number; /** * The maximum number of idle connections to - * maintain. + * the database. */ maxIdleConnections?: number; /** * The maximum number of open connections to - * use. + * the database. */ maxOpenConnections?: number; name: string; /** - * The password to be used in the connection. + * The root credential password used in the connection URL. */ password?: string; /** @@ -1584,11 +1624,11 @@ export namespace database { */ rootRotationStatements?: string[]; /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. */ username?: string; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. */ usernameTemplate?: string; /** @@ -1605,32 +1645,33 @@ export namespace database { */ allowedRoles?: string[]; /** - * A URL containing connection information. - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) */ connectionUrl?: string; /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + * + * Supported list of database secrets engines that can be configured: */ data?: {[key: string]: any}; /** - * The maximum number of seconds to keep - * a connection alive for. + * The maximum amount of time a connection may be reused. */ maxConnectionLifetime?: number; /** * The maximum number of idle connections to - * maintain. + * the database. */ maxIdleConnections?: number; /** * The maximum number of open connections to - * use. + * the database. */ maxOpenConnections?: number; name: string; /** - * The password to be used in the connection. + * The root credential password used in the connection URL. */ password?: string; /** @@ -1642,11 +1683,11 @@ export namespace database { */ rootRotationStatements?: string[]; /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. */ username?: string; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. */ usernameTemplate?: string; /** @@ -1663,32 +1704,33 @@ export namespace database { */ allowedRoles?: string[]; /** - * A URL containing connection information. - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) */ connectionUrl?: string; /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + * + * Supported list of database secrets engines that can be configured: */ data?: {[key: string]: any}; /** - * The maximum number of seconds to keep - * a connection alive for. + * The maximum amount of time a connection may be reused. */ maxConnectionLifetime?: number; /** * The maximum number of idle connections to - * maintain. + * the database. */ maxIdleConnections?: number; /** * The maximum number of open connections to - * use. + * the database. */ maxOpenConnections?: number; name: string; /** - * The password to be used in the connection. + * The root credential password used in the connection URL. */ password?: string; /** @@ -1700,11 +1742,11 @@ export namespace database { */ rootRotationStatements?: string[]; /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. */ username?: string; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. */ usernameTemplate?: string; /** @@ -1722,12 +1764,14 @@ export namespace database { allowedRoles?: string[]; authType?: string; /** - * A URL containing connection information. - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) */ connectionUrl?: string; /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + * + * Supported list of database secrets engines that can be configured: */ data?: {[key: string]: any}; /** @@ -1735,23 +1779,22 @@ export namespace database { */ disableEscaping?: boolean; /** - * The maximum number of seconds to keep - * a connection alive for. + * The maximum amount of time a connection may be reused. */ maxConnectionLifetime?: number; /** * The maximum number of idle connections to - * maintain. + * the database. */ maxIdleConnections?: number; /** * The maximum number of open connections to - * use. + * the database. */ maxOpenConnections?: number; name: string; /** - * The password to be used in the connection. + * The root credential password used in the connection URL. */ password?: string; /** @@ -1764,11 +1807,11 @@ export namespace database { rootRotationStatements?: string[]; serviceAccountJson?: string; /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. */ username?: string; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. */ usernameTemplate?: string; /** @@ -1785,11 +1828,13 @@ export namespace database { */ allowedRoles?: string[]; /** - * The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity. + * The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. */ caCert?: string; /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + * + * Supported list of database secrets engines that can be configured: */ data?: {[key: string]: any}; /** @@ -1803,7 +1848,7 @@ export namespace database { insecureTls?: boolean; name: string; /** - * The password to be used in the connection. + * The root credential password used in the connection URL. */ password: string; /** @@ -1820,11 +1865,11 @@ export namespace database { */ rootRotationStatements?: string[]; /** - * Whether to use TLS when connecting to Redis. + * Whether to use TLS when connecting to Cassandra. */ tls?: boolean; /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. */ username: string; /** @@ -1842,11 +1887,13 @@ export namespace database { allowedRoles?: string[]; /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + * + * Supported list of database secrets engines that can be configured: */ data?: {[key: string]: any}; name: string; /** - * The password to be used in the connection. + * The root credential password used in the connection URL. */ password?: string; /** @@ -1863,11 +1910,12 @@ export namespace database { */ rootRotationStatements?: string[]; /** - * The configuration endpoint for the ElastiCache cluster to connect to. + * The URL for Elasticsearch's API. https requires certificate + * by trusted CA if used. */ url: string; /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. */ username?: string; /** @@ -1884,12 +1932,14 @@ export namespace database { */ allowedRoles?: string[]; /** - * A URL containing connection information. - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) */ connectionUrl?: string; /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + * + * Supported list of database secrets engines that can be configured: */ data?: {[key: string]: any}; /** @@ -1897,23 +1947,22 @@ export namespace database { */ disableEscaping?: boolean; /** - * The maximum number of seconds to keep - * a connection alive for. + * The maximum amount of time a connection may be reused. */ maxConnectionLifetime?: number; /** * The maximum number of idle connections to - * maintain. + * the database. */ maxIdleConnections?: number; /** * The maximum number of open connections to - * use. + * the database. */ maxOpenConnections?: number; name: string; /** - * The password to be used in the connection. + * The root credential password used in the connection URL. */ password?: string; /** @@ -1925,11 +1974,11 @@ export namespace database { */ rootRotationStatements?: string[]; /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. */ username?: string; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. */ usernameTemplate?: string; /** @@ -1946,32 +1995,33 @@ export namespace database { */ allowedRoles?: string[]; /** - * A URL containing connection information. - * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + * Specifies the Redshift DSN. + * See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) */ connectionUrl?: string; /** * A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + * + * Supported list of database secrets engines that can be configured: */ data?: {[key: string]: any}; /** - * The maximum number of seconds to keep - * a connection alive for. + * The maximum amount of time a connection may be reused. */ maxConnectionLifetime?: number; /** * The maximum number of idle connections to - * maintain. + * the database. */ maxIdleConnections?: number; /** * The maximum number of open connections to - * use. + * the database. */ maxOpenConnections?: number; name: string; /** - * The password to be used in the connection. + * The root credential password used in the connection URL. */ password?: string; /** @@ -1983,11 +2033,11 @@ export namespace database { */ rootRotationStatements?: string[]; /** - * The username to be used in the connection (the account admin level). + * The root credential username used in the connection URL. */ username?: string; /** - * - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + * [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. */ usernameTemplate?: string; /** @@ -2007,6 +2057,11 @@ export namespace gcp { api?: string; /** * Replaces the service endpoint used in API requests to `https://compute.googleapis.com`. + * + * The endpoint value provided for a given key has the form of `scheme://host:port`. + * The `scheme://` and `:port` portions of the endpoint value are optional. + * + * For more details on the usage of each argument consult the [Vault GCP API documentation](https://www.vaultproject.io/api-docs/auth/gcp#configure). */ compute?: string; /** @@ -2230,8 +2285,8 @@ export namespace managed { */ anyMount: boolean; /** - * Supplies the curve value when using the `CKM_ECDSA` mechanism. - * Required if `allowGenerateKey` is `true`. + * The curve to use for an ECDSA key. Used when `keyType` + * is `ECDSA`. Required if `allowGenerateKey` is `true`. */ curve?: string; /** @@ -2239,9 +2294,7 @@ export namespace managed { */ endpoint?: string; /** - * Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - * `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - * `allowGenerateKey` is `true`. + * The size in bits for an RSA key. */ keyBits: string; /** @@ -2303,9 +2356,7 @@ export namespace managed { */ environment: string; /** - * Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - * `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - * `allowGenerateKey` is `true`. + * The size in bits for an RSA key. */ keyBits?: string; /** @@ -2359,8 +2410,8 @@ export namespace managed { */ anyMount: boolean; /** - * Supplies the curve value when using the `CKM_ECDSA` mechanism. - * Required if `allowGenerateKey` is `true`. + * The curve to use for an ECDSA key. Used when `keyType` + * is `ECDSA`. Required if `allowGenerateKey` is `true`. */ curve?: string; /** @@ -2369,9 +2420,7 @@ export namespace managed { */ forceRwSession?: string; /** - * Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - * `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - * `allowGenerateKey` is `true`. + * The size in bits for an RSA key. */ keyBits?: string; /** @@ -2421,7 +2470,7 @@ export namespace okta { */ groupName: string; /** - * List of Vault policies to associate with this user + * Vault policies to associate with this group */ policies: string[]; } @@ -2432,7 +2481,7 @@ export namespace okta { */ groups?: string[]; /** - * List of Vault policies to associate with this user + * Vault policies to associate with this group */ policies?: string[]; /** @@ -2444,6 +2493,23 @@ export namespace okta { } export namespace pkiSecret { + export interface SecretBackendRolePolicyIdentifier { + /** + * The URL of the CPS for the policy identifier + * + * Example usage: + */ + cps?: string; + /** + * A notice for the policy identifier + */ + notice?: string; + /** + * The OID for the policy identifier + */ + oid: string; + } + } export namespace rabbitMq { @@ -2477,6 +2543,12 @@ export namespace ssh { * For key types that do not support setting the length a value of `[0]` should be used. * Setting multiple lengths is only supported on Vault 1.10+. For prior releases `length` * must be set to a single element list. + * + * Example configuration blocks that might be included in the `vault.ssh.SecretBackendRole` + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * ``` */ lengths: number[]; /** diff --git a/sdk/python/pulumi_vault/__init__.py b/sdk/python/pulumi_vault/__init__.py index 9b9e688d3..1c4abc007 100644 --- a/sdk/python/pulumi_vault/__init__.py +++ b/sdk/python/pulumi_vault/__init__.py @@ -11,8 +11,10 @@ from .cert_auth_backend_role import * from .egp_policy import * from .get_auth_backend import * +from .get_auth_backends import * from .get_nomad_access_token import * from .get_policy_document import * +from .get_raft_autopilot_state import * from .mfa_duo import * from .mfa_okta import * from .mfa_pingid import * @@ -79,6 +81,8 @@ pkisecret = __pkisecret import pulumi_vault.rabbitmq as __rabbitmq rabbitmq = __rabbitmq + import pulumi_vault.saml as __saml + saml = __saml import pulumi_vault.ssh as __ssh ssh = __ssh import pulumi_vault.terraformcloud as __terraformcloud @@ -112,6 +116,7 @@ okta = _utilities.lazy_import('pulumi_vault.okta') pkisecret = _utilities.lazy_import('pulumi_vault.pkisecret') rabbitmq = _utilities.lazy_import('pulumi_vault.rabbitmq') + saml = _utilities.lazy_import('pulumi_vault.saml') ssh = _utilities.lazy_import('pulumi_vault.ssh') terraformcloud = _utilities.lazy_import('pulumi_vault.terraformcloud') tokenauth = _utilities.lazy_import('pulumi_vault.tokenauth') @@ -1097,6 +1102,22 @@ "vault:rabbitMq/secretBackendRole:SecretBackendRole": "SecretBackendRole" } }, + { + "pkg": "vault", + "mod": "saml/authBackend", + "fqn": "pulumi_vault.saml", + "classes": { + "vault:saml/authBackend:AuthBackend": "AuthBackend" + } + }, + { + "pkg": "vault", + "mod": "saml/authBackendRole", + "fqn": "pulumi_vault.saml", + "classes": { + "vault:saml/authBackendRole:AuthBackendRole": "AuthBackendRole" + } + }, { "pkg": "vault", "mod": "ssh/secretBackendCa", diff --git a/sdk/python/pulumi_vault/_inputs.py b/sdk/python/pulumi_vault/_inputs.py index d7723e829..8ecd6cd95 100644 --- a/sdk/python/pulumi_vault/_inputs.py +++ b/sdk/python/pulumi_vault/_inputs.py @@ -191,7 +191,8 @@ def __init__(__self__, *, path: pulumi.Input[str], method: Optional[pulumi.Input[str]] = None, namespace: Optional[pulumi.Input[str]] = None, - parameters: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None): + parameters: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, + use_root_namespace: Optional[pulumi.Input[bool]] = None): pulumi.set(__self__, "path", path) if method is not None: pulumi.set(__self__, "method", method) @@ -199,6 +200,8 @@ def __init__(__self__, *, pulumi.set(__self__, "namespace", namespace) if parameters is not None: pulumi.set(__self__, "parameters", parameters) + if use_root_namespace is not None: + pulumi.set(__self__, "use_root_namespace", use_root_namespace) @property @pulumi.getter @@ -236,6 +239,15 @@ def parameters(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]: def parameters(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]): pulumi.set(self, "parameters", value) + @property + @pulumi.getter(name="useRootNamespace") + def use_root_namespace(self) -> Optional[pulumi.Input[bool]]: + return pulumi.get(self, "use_root_namespace") + + @use_root_namespace.setter + def use_root_namespace(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "use_root_namespace", value) + @pulumi.input_type class ProviderAuthLoginAwsArgs: @@ -254,7 +266,8 @@ def __init__(__self__, *, aws_web_identity_token_file: Optional[pulumi.Input[str]] = None, header_value: Optional[pulumi.Input[str]] = None, mount: Optional[pulumi.Input[str]] = None, - namespace: Optional[pulumi.Input[str]] = None): + namespace: Optional[pulumi.Input[str]] = None, + use_root_namespace: Optional[pulumi.Input[bool]] = None): pulumi.set(__self__, "role", role) if aws_access_key_id is not None: pulumi.set(__self__, "aws_access_key_id", aws_access_key_id) @@ -284,6 +297,8 @@ def __init__(__self__, *, pulumi.set(__self__, "mount", mount) if namespace is not None: pulumi.set(__self__, "namespace", namespace) + if use_root_namespace is not None: + pulumi.set(__self__, "use_root_namespace", use_root_namespace) @property @pulumi.getter @@ -420,6 +435,15 @@ def namespace(self) -> Optional[pulumi.Input[str]]: def namespace(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "namespace", value) + @property + @pulumi.getter(name="useRootNamespace") + def use_root_namespace(self) -> Optional[pulumi.Input[bool]]: + return pulumi.get(self, "use_root_namespace") + + @use_root_namespace.setter + def use_root_namespace(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "use_root_namespace", value) + @pulumi.input_type class ProviderAuthLoginAzureArgs: @@ -433,6 +457,7 @@ def __init__(__self__, *, namespace: Optional[pulumi.Input[str]] = None, scope: Optional[pulumi.Input[str]] = None, tenant_id: Optional[pulumi.Input[str]] = None, + use_root_namespace: Optional[pulumi.Input[bool]] = None, vm_name: Optional[pulumi.Input[str]] = None, vmss_name: Optional[pulumi.Input[str]] = None): pulumi.set(__self__, "resource_group_name", resource_group_name) @@ -450,6 +475,8 @@ def __init__(__self__, *, pulumi.set(__self__, "scope", scope) if tenant_id is not None: pulumi.set(__self__, "tenant_id", tenant_id) + if use_root_namespace is not None: + pulumi.set(__self__, "use_root_namespace", use_root_namespace) if vm_name is not None: pulumi.set(__self__, "vm_name", vm_name) if vmss_name is not None: @@ -536,6 +563,15 @@ def tenant_id(self) -> Optional[pulumi.Input[str]]: def tenant_id(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "tenant_id", value) + @property + @pulumi.getter(name="useRootNamespace") + def use_root_namespace(self) -> Optional[pulumi.Input[bool]]: + return pulumi.get(self, "use_root_namespace") + + @use_root_namespace.setter + def use_root_namespace(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "use_root_namespace", value) + @property @pulumi.getter(name="vmName") def vm_name(self) -> Optional[pulumi.Input[str]]: @@ -562,7 +598,8 @@ def __init__(__self__, *, key_file: pulumi.Input[str], mount: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, - namespace: Optional[pulumi.Input[str]] = None): + namespace: Optional[pulumi.Input[str]] = None, + use_root_namespace: Optional[pulumi.Input[bool]] = None): pulumi.set(__self__, "cert_file", cert_file) pulumi.set(__self__, "key_file", key_file) if mount is not None: @@ -571,6 +608,8 @@ def __init__(__self__, *, pulumi.set(__self__, "name", name) if namespace is not None: pulumi.set(__self__, "namespace", namespace) + if use_root_namespace is not None: + pulumi.set(__self__, "use_root_namespace", use_root_namespace) @property @pulumi.getter(name="certFile") @@ -617,6 +656,15 @@ def namespace(self) -> Optional[pulumi.Input[str]]: def namespace(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "namespace", value) + @property + @pulumi.getter(name="useRootNamespace") + def use_root_namespace(self) -> Optional[pulumi.Input[bool]]: + return pulumi.get(self, "use_root_namespace") + + @use_root_namespace.setter + def use_root_namespace(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "use_root_namespace", value) + @pulumi.input_type class ProviderAuthLoginGcpArgs: @@ -626,7 +674,8 @@ def __init__(__self__, *, jwt: Optional[pulumi.Input[str]] = None, mount: Optional[pulumi.Input[str]] = None, namespace: Optional[pulumi.Input[str]] = None, - service_account: Optional[pulumi.Input[str]] = None): + service_account: Optional[pulumi.Input[str]] = None, + use_root_namespace: Optional[pulumi.Input[bool]] = None): pulumi.set(__self__, "role", role) if credentials is not None: pulumi.set(__self__, "credentials", credentials) @@ -638,6 +687,8 @@ def __init__(__self__, *, pulumi.set(__self__, "namespace", namespace) if service_account is not None: pulumi.set(__self__, "service_account", service_account) + if use_root_namespace is not None: + pulumi.set(__self__, "use_root_namespace", use_root_namespace) @property @pulumi.getter @@ -693,6 +744,15 @@ def service_account(self) -> Optional[pulumi.Input[str]]: def service_account(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "service_account", value) + @property + @pulumi.getter(name="useRootNamespace") + def use_root_namespace(self) -> Optional[pulumi.Input[bool]]: + return pulumi.get(self, "use_root_namespace") + + @use_root_namespace.setter + def use_root_namespace(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "use_root_namespace", value) + @pulumi.input_type class ProviderAuthLoginJwtArgs: @@ -700,13 +760,16 @@ def __init__(__self__, *, jwt: pulumi.Input[str], role: pulumi.Input[str], mount: Optional[pulumi.Input[str]] = None, - namespace: Optional[pulumi.Input[str]] = None): + namespace: Optional[pulumi.Input[str]] = None, + use_root_namespace: Optional[pulumi.Input[bool]] = None): pulumi.set(__self__, "jwt", jwt) pulumi.set(__self__, "role", role) if mount is not None: pulumi.set(__self__, "mount", mount) if namespace is not None: pulumi.set(__self__, "namespace", namespace) + if use_root_namespace is not None: + pulumi.set(__self__, "use_root_namespace", use_root_namespace) @property @pulumi.getter @@ -744,6 +807,15 @@ def namespace(self) -> Optional[pulumi.Input[str]]: def namespace(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "namespace", value) + @property + @pulumi.getter(name="useRootNamespace") + def use_root_namespace(self) -> Optional[pulumi.Input[bool]]: + return pulumi.get(self, "use_root_namespace") + + @use_root_namespace.setter + def use_root_namespace(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "use_root_namespace", value) + @pulumi.input_type class ProviderAuthLoginKerberosArgs: @@ -757,6 +829,7 @@ def __init__(__self__, *, remove_instance_name: Optional[pulumi.Input[bool]] = None, service: Optional[pulumi.Input[str]] = None, token: Optional[pulumi.Input[str]] = None, + use_root_namespace: Optional[pulumi.Input[bool]] = None, username: Optional[pulumi.Input[str]] = None): if disable_fast_negotiation is not None: pulumi.set(__self__, "disable_fast_negotiation", disable_fast_negotiation) @@ -776,6 +849,8 @@ def __init__(__self__, *, pulumi.set(__self__, "service", service) if token is not None: pulumi.set(__self__, "token", token) + if use_root_namespace is not None: + pulumi.set(__self__, "use_root_namespace", use_root_namespace) if username is not None: pulumi.set(__self__, "username", username) @@ -860,6 +935,15 @@ def token(self) -> Optional[pulumi.Input[str]]: def token(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "token", value) + @property + @pulumi.getter(name="useRootNamespace") + def use_root_namespace(self) -> Optional[pulumi.Input[bool]]: + return pulumi.get(self, "use_root_namespace") + + @use_root_namespace.setter + def use_root_namespace(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "use_root_namespace", value) + @property @pulumi.getter def username(self) -> Optional[pulumi.Input[str]]: @@ -876,13 +960,16 @@ def __init__(__self__, *, auth_type: pulumi.Input[str], role: pulumi.Input[str], mount: Optional[pulumi.Input[str]] = None, - namespace: Optional[pulumi.Input[str]] = None): + namespace: Optional[pulumi.Input[str]] = None, + use_root_namespace: Optional[pulumi.Input[bool]] = None): pulumi.set(__self__, "auth_type", auth_type) pulumi.set(__self__, "role", role) if mount is not None: pulumi.set(__self__, "mount", mount) if namespace is not None: pulumi.set(__self__, "namespace", namespace) + if use_root_namespace is not None: + pulumi.set(__self__, "use_root_namespace", use_root_namespace) @property @pulumi.getter(name="authType") @@ -920,6 +1007,15 @@ def namespace(self) -> Optional[pulumi.Input[str]]: def namespace(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "namespace", value) + @property + @pulumi.getter(name="useRootNamespace") + def use_root_namespace(self) -> Optional[pulumi.Input[bool]]: + return pulumi.get(self, "use_root_namespace") + + @use_root_namespace.setter + def use_root_namespace(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "use_root_namespace", value) + @pulumi.input_type class ProviderAuthLoginOidcArgs: @@ -928,7 +1024,8 @@ def __init__(__self__, *, callback_address: Optional[pulumi.Input[str]] = None, callback_listener_address: Optional[pulumi.Input[str]] = None, mount: Optional[pulumi.Input[str]] = None, - namespace: Optional[pulumi.Input[str]] = None): + namespace: Optional[pulumi.Input[str]] = None, + use_root_namespace: Optional[pulumi.Input[bool]] = None): pulumi.set(__self__, "role", role) if callback_address is not None: pulumi.set(__self__, "callback_address", callback_address) @@ -938,6 +1035,8 @@ def __init__(__self__, *, pulumi.set(__self__, "mount", mount) if namespace is not None: pulumi.set(__self__, "namespace", namespace) + if use_root_namespace is not None: + pulumi.set(__self__, "use_root_namespace", use_root_namespace) @property @pulumi.getter @@ -984,6 +1083,15 @@ def namespace(self) -> Optional[pulumi.Input[str]]: def namespace(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "namespace", value) + @property + @pulumi.getter(name="useRootNamespace") + def use_root_namespace(self) -> Optional[pulumi.Input[bool]]: + return pulumi.get(self, "use_root_namespace") + + @use_root_namespace.setter + def use_root_namespace(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "use_root_namespace", value) + @pulumi.input_type class ProviderAuthLoginRadiusArgs: @@ -991,13 +1099,16 @@ def __init__(__self__, *, password: pulumi.Input[str], username: pulumi.Input[str], mount: Optional[pulumi.Input[str]] = None, - namespace: Optional[pulumi.Input[str]] = None): + namespace: Optional[pulumi.Input[str]] = None, + use_root_namespace: Optional[pulumi.Input[bool]] = None): pulumi.set(__self__, "password", password) pulumi.set(__self__, "username", username) if mount is not None: pulumi.set(__self__, "mount", mount) if namespace is not None: pulumi.set(__self__, "namespace", namespace) + if use_root_namespace is not None: + pulumi.set(__self__, "use_root_namespace", use_root_namespace) @property @pulumi.getter @@ -1035,15 +1146,27 @@ def namespace(self) -> Optional[pulumi.Input[str]]: def namespace(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "namespace", value) + @property + @pulumi.getter(name="useRootNamespace") + def use_root_namespace(self) -> Optional[pulumi.Input[bool]]: + return pulumi.get(self, "use_root_namespace") + + @use_root_namespace.setter + def use_root_namespace(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "use_root_namespace", value) + @pulumi.input_type class ProviderAuthLoginTokenFileArgs: def __init__(__self__, *, filename: pulumi.Input[str], - namespace: Optional[pulumi.Input[str]] = None): + namespace: Optional[pulumi.Input[str]] = None, + use_root_namespace: Optional[pulumi.Input[bool]] = None): pulumi.set(__self__, "filename", filename) if namespace is not None: pulumi.set(__self__, "namespace", namespace) + if use_root_namespace is not None: + pulumi.set(__self__, "use_root_namespace", use_root_namespace) @property @pulumi.getter @@ -1063,6 +1186,15 @@ def namespace(self) -> Optional[pulumi.Input[str]]: def namespace(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "namespace", value) + @property + @pulumi.getter(name="useRootNamespace") + def use_root_namespace(self) -> Optional[pulumi.Input[bool]]: + return pulumi.get(self, "use_root_namespace") + + @use_root_namespace.setter + def use_root_namespace(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "use_root_namespace", value) + @pulumi.input_type class ProviderAuthLoginUserpassArgs: @@ -1071,7 +1203,8 @@ def __init__(__self__, *, mount: Optional[pulumi.Input[str]] = None, namespace: Optional[pulumi.Input[str]] = None, password: Optional[pulumi.Input[str]] = None, - password_file: Optional[pulumi.Input[str]] = None): + password_file: Optional[pulumi.Input[str]] = None, + use_root_namespace: Optional[pulumi.Input[bool]] = None): pulumi.set(__self__, "username", username) if mount is not None: pulumi.set(__self__, "mount", mount) @@ -1081,6 +1214,8 @@ def __init__(__self__, *, pulumi.set(__self__, "password", password) if password_file is not None: pulumi.set(__self__, "password_file", password_file) + if use_root_namespace is not None: + pulumi.set(__self__, "use_root_namespace", use_root_namespace) @property @pulumi.getter @@ -1127,6 +1262,15 @@ def password_file(self) -> Optional[pulumi.Input[str]]: def password_file(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "password_file", value) + @property + @pulumi.getter(name="useRootNamespace") + def use_root_namespace(self) -> Optional[pulumi.Input[bool]]: + return pulumi.get(self, "use_root_namespace") + + @use_root_namespace.setter + def use_root_namespace(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "use_root_namespace", value) + @pulumi.input_type class ProviderClientAuthArgs: diff --git a/sdk/python/pulumi_vault/ad/get_access_credentials.py b/sdk/python/pulumi_vault/ad/get_access_credentials.py index e404bbb9f..e02c8bf0a 100644 --- a/sdk/python/pulumi_vault/ad/get_access_credentials.py +++ b/sdk/python/pulumi_vault/ad/get_access_credentials.py @@ -131,13 +131,13 @@ def get_access_credentials(backend: Optional[str] = None, __ret__ = pulumi.runtime.invoke('vault:ad/getAccessCredentials:getAccessCredentials', __args__, opts=opts, typ=GetAccessCredentialsResult).value return AwaitableGetAccessCredentialsResult( - backend=__ret__.backend, - current_password=__ret__.current_password, - id=__ret__.id, - last_password=__ret__.last_password, - namespace=__ret__.namespace, - role=__ret__.role, - username=__ret__.username) + backend=pulumi.get(__ret__, 'backend'), + current_password=pulumi.get(__ret__, 'current_password'), + id=pulumi.get(__ret__, 'id'), + last_password=pulumi.get(__ret__, 'last_password'), + namespace=pulumi.get(__ret__, 'namespace'), + role=pulumi.get(__ret__, 'role'), + username=pulumi.get(__ret__, 'username')) @_utilities.lift_output_func(get_access_credentials) diff --git a/sdk/python/pulumi_vault/ad/secret_backend.py b/sdk/python/pulumi_vault/ad/secret_backend.py index 08281a61f..11dfe113c 100644 --- a/sdk/python/pulumi_vault/ad/secret_backend.py +++ b/sdk/python/pulumi_vault/ad/secret_backend.py @@ -359,6 +359,9 @@ def formatter(self) -> Optional[pulumi.Input[str]]: """ **Deprecated** use `password_policy`. Text to insert the password into, ex. "customPrefix{{PASSWORD}}customSuffix". """ + warnings.warn("""Formatter is deprecated and password_policy should be used with Vault >= 1.5.""", DeprecationWarning) + pulumi.log.warn("""formatter is deprecated: Formatter is deprecated and password_policy should be used with Vault >= 1.5.""") + return pulumi.get(self, "formatter") @formatter.setter @@ -436,6 +439,9 @@ def length(self) -> Optional[pulumi.Input[int]]: **Deprecated** use `password_policy`. The desired length of passwords that Vault generates. *Mutually exclusive with `password_policy` on vault-1.11+* """ + warnings.warn("""Length is deprecated and password_policy should be used with Vault >= 1.5.""", DeprecationWarning) + pulumi.log.warn("""length is deprecated: Length is deprecated and password_policy should be used with Vault >= 1.5.""") + return pulumi.get(self, "length") @length.setter @@ -999,6 +1005,9 @@ def formatter(self) -> Optional[pulumi.Input[str]]: """ **Deprecated** use `password_policy`. Text to insert the password into, ex. "customPrefix{{PASSWORD}}customSuffix". """ + warnings.warn("""Formatter is deprecated and password_policy should be used with Vault >= 1.5.""", DeprecationWarning) + pulumi.log.warn("""formatter is deprecated: Formatter is deprecated and password_policy should be used with Vault >= 1.5.""") + return pulumi.get(self, "formatter") @formatter.setter @@ -1076,6 +1085,9 @@ def length(self) -> Optional[pulumi.Input[int]]: **Deprecated** use `password_policy`. The desired length of passwords that Vault generates. *Mutually exclusive with `password_policy` on vault-1.11+* """ + warnings.warn("""Length is deprecated and password_policy should be used with Vault >= 1.5.""", DeprecationWarning) + pulumi.log.warn("""length is deprecated: Length is deprecated and password_policy should be used with Vault >= 1.5.""") + return pulumi.get(self, "length") @length.setter @@ -1526,18 +1538,12 @@ def _internal_init(__self__, __props__.__dict__["description"] = description __props__.__dict__["disable_remount"] = disable_remount __props__.__dict__["discoverdn"] = discoverdn - if formatter is not None and not opts.urn: - warnings.warn("""Formatter is deprecated and password_policy should be used with Vault >= 1.5.""", DeprecationWarning) - pulumi.log.warn("""formatter is deprecated: Formatter is deprecated and password_policy should be used with Vault >= 1.5.""") __props__.__dict__["formatter"] = formatter __props__.__dict__["groupattr"] = groupattr __props__.__dict__["groupdn"] = groupdn __props__.__dict__["groupfilter"] = groupfilter __props__.__dict__["insecure_tls"] = insecure_tls __props__.__dict__["last_rotation_tolerance"] = last_rotation_tolerance - if length is not None and not opts.urn: - warnings.warn("""Length is deprecated and password_policy should be used with Vault >= 1.5.""", DeprecationWarning) - pulumi.log.warn("""length is deprecated: Length is deprecated and password_policy should be used with Vault >= 1.5.""") __props__.__dict__["length"] = length __props__.__dict__["local"] = local __props__.__dict__["max_lease_ttl_seconds"] = max_lease_ttl_seconds @@ -1830,6 +1836,9 @@ def formatter(self) -> pulumi.Output[str]: """ **Deprecated** use `password_policy`. Text to insert the password into, ex. "customPrefix{{PASSWORD}}customSuffix". """ + warnings.warn("""Formatter is deprecated and password_policy should be used with Vault >= 1.5.""", DeprecationWarning) + pulumi.log.warn("""formatter is deprecated: Formatter is deprecated and password_policy should be used with Vault >= 1.5.""") + return pulumi.get(self, "formatter") @property @@ -1883,6 +1892,9 @@ def length(self) -> pulumi.Output[int]: **Deprecated** use `password_policy`. The desired length of passwords that Vault generates. *Mutually exclusive with `password_policy` on vault-1.11+* """ + warnings.warn("""Length is deprecated and password_policy should be used with Vault >= 1.5.""", DeprecationWarning) + pulumi.log.warn("""length is deprecated: Length is deprecated and password_policy should be used with Vault >= 1.5.""") + return pulumi.get(self, "length") @property diff --git a/sdk/python/pulumi_vault/alicloud/auth_backend_role.py b/sdk/python/pulumi_vault/alicloud/auth_backend_role.py index 176e887ad..e40078b47 100644 --- a/sdk/python/pulumi_vault/alicloud/auth_backend_role.py +++ b/sdk/python/pulumi_vault/alicloud/auth_backend_role.py @@ -34,6 +34,8 @@ def __init__(__self__, *, the role reflected in the arn. :param pulumi.Input[str] backend: Path to the mounted AliCloud auth backend. Defaults to `alicloud` + + For more details on the usage of each argument consult the [Vault AliCloud API documentation](https://www.vaultproject.io/api-docs/auth/alicloud). :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured namespace. @@ -121,6 +123,8 @@ def backend(self) -> Optional[pulumi.Input[str]]: """ Path to the mounted AliCloud auth backend. Defaults to `alicloud` + + For more details on the usage of each argument consult the [Vault AliCloud API documentation](https://www.vaultproject.io/api-docs/auth/alicloud). """ return pulumi.get(self, "backend") @@ -290,6 +294,8 @@ def __init__(__self__, *, :param pulumi.Input[str] arn: The role's arn. :param pulumi.Input[str] backend: Path to the mounted AliCloud auth backend. Defaults to `alicloud` + + For more details on the usage of each argument consult the [Vault AliCloud API documentation](https://www.vaultproject.io/api-docs/auth/alicloud). :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured namespace. @@ -368,6 +374,8 @@ def backend(self) -> Optional[pulumi.Input[str]]: """ Path to the mounted AliCloud auth backend. Defaults to `alicloud` + + For more details on the usage of each argument consult the [Vault AliCloud API documentation](https://www.vaultproject.io/api-docs/auth/alicloud). """ return pulumi.get(self, "backend") @@ -579,6 +587,8 @@ def __init__(__self__, :param pulumi.Input[str] arn: The role's arn. :param pulumi.Input[str] backend: Path to the mounted AliCloud auth backend. Defaults to `alicloud` + + For more details on the usage of each argument consult the [Vault AliCloud API documentation](https://www.vaultproject.io/api-docs/auth/alicloud). :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured namespace. @@ -731,6 +741,8 @@ def get(resource_name: str, :param pulumi.Input[str] arn: The role's arn. :param pulumi.Input[str] backend: Path to the mounted AliCloud auth backend. Defaults to `alicloud` + + For more details on the usage of each argument consult the [Vault AliCloud API documentation](https://www.vaultproject.io/api-docs/auth/alicloud). :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured namespace. @@ -797,6 +809,8 @@ def backend(self) -> pulumi.Output[Optional[str]]: """ Path to the mounted AliCloud auth backend. Defaults to `alicloud` + + For more details on the usage of each argument consult the [Vault AliCloud API documentation](https://www.vaultproject.io/api-docs/auth/alicloud). """ return pulumi.get(self, "backend") diff --git a/sdk/python/pulumi_vault/approle/get_auth_backend_role_id.py b/sdk/python/pulumi_vault/approle/get_auth_backend_role_id.py index 0c109d0d9..a03af8556 100644 --- a/sdk/python/pulumi_vault/approle/get_auth_backend_role_id.py +++ b/sdk/python/pulumi_vault/approle/get_auth_backend_role_id.py @@ -118,11 +118,11 @@ def get_auth_backend_role_id(backend: Optional[str] = None, __ret__ = pulumi.runtime.invoke('vault:appRole/getAuthBackendRoleId:getAuthBackendRoleId', __args__, opts=opts, typ=GetAuthBackendRoleIdResult).value return AwaitableGetAuthBackendRoleIdResult( - backend=__ret__.backend, - id=__ret__.id, - namespace=__ret__.namespace, - role_id=__ret__.role_id, - role_name=__ret__.role_name) + backend=pulumi.get(__ret__, 'backend'), + id=pulumi.get(__ret__, 'id'), + namespace=pulumi.get(__ret__, 'namespace'), + role_id=pulumi.get(__ret__, 'role_id'), + role_name=pulumi.get(__ret__, 'role_name')) @_utilities.lift_output_func(get_auth_backend_role_id) diff --git a/sdk/python/pulumi_vault/audit.py b/sdk/python/pulumi_vault/audit.py index d48d4af27..8be5e20bf 100644 --- a/sdk/python/pulumi_vault/audit.py +++ b/sdk/python/pulumi_vault/audit.py @@ -23,6 +23,8 @@ def __init__(__self__, *, """ The set of arguments for constructing a Audit resource. :param pulumi.Input[Mapping[str, pulumi.Input[str]]] options: Configuration options to pass to the audit device itself. + + For a reference of the device types and their options, consult the [Vault documentation.](https://www.vaultproject.io/docs/audit/index.html) :param pulumi.Input[str] type: Type of the audit device, such as 'file'. :param pulumi.Input[str] description: Human-friendly description of the audit device. :param pulumi.Input[bool] local: Specifies if the audit device is a local only. Local audit devices are not replicated nor (if a secondary) removed by replication. @@ -48,6 +50,8 @@ def __init__(__self__, *, def options(self) -> pulumi.Input[Mapping[str, pulumi.Input[str]]]: """ Configuration options to pass to the audit device itself. + + For a reference of the device types and their options, consult the [Vault documentation.](https://www.vaultproject.io/docs/audit/index.html) """ return pulumi.get(self, "options") @@ -137,6 +141,8 @@ def __init__(__self__, *, The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). *Available only for Vault Enterprise*. :param pulumi.Input[Mapping[str, pulumi.Input[str]]] options: Configuration options to pass to the audit device itself. + + For a reference of the device types and their options, consult the [Vault documentation.](https://www.vaultproject.io/docs/audit/index.html) :param pulumi.Input[str] path: The path to mount the audit device. This defaults to the type. :param pulumi.Input[str] type: Type of the audit device, such as 'file'. """ @@ -197,6 +203,8 @@ def namespace(self, value: Optional[pulumi.Input[str]]): def options(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]: """ Configuration options to pass to the audit device itself. + + For a reference of the device types and their options, consult the [Vault documentation.](https://www.vaultproject.io/docs/audit/index.html) """ return pulumi.get(self, "options") @@ -289,6 +297,8 @@ def __init__(__self__, The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). *Available only for Vault Enterprise*. :param pulumi.Input[Mapping[str, pulumi.Input[str]]] options: Configuration options to pass to the audit device itself. + + For a reference of the device types and their options, consult the [Vault documentation.](https://www.vaultproject.io/docs/audit/index.html) :param pulumi.Input[str] path: The path to mount the audit device. This defaults to the type. :param pulumi.Input[str] type: Type of the audit device, such as 'file'. """ @@ -407,6 +417,8 @@ def get(resource_name: str, The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). *Available only for Vault Enterprise*. :param pulumi.Input[Mapping[str, pulumi.Input[str]]] options: Configuration options to pass to the audit device itself. + + For a reference of the device types and their options, consult the [Vault documentation.](https://www.vaultproject.io/docs/audit/index.html) :param pulumi.Input[str] path: The path to mount the audit device. This defaults to the type. :param pulumi.Input[str] type: Type of the audit device, such as 'file'. """ @@ -454,6 +466,8 @@ def namespace(self) -> pulumi.Output[Optional[str]]: def options(self) -> pulumi.Output[Mapping[str, str]]: """ Configuration options to pass to the audit device itself. + + For a reference of the device types and their options, consult the [Vault documentation.](https://www.vaultproject.io/docs/audit/index.html) """ return pulumi.get(self, "options") diff --git a/sdk/python/pulumi_vault/auth_backend.py b/sdk/python/pulumi_vault/auth_backend.py index 6e4e24c79..15f65520f 100644 --- a/sdk/python/pulumi_vault/auth_backend.py +++ b/sdk/python/pulumi_vault/auth_backend.py @@ -36,6 +36,8 @@ def __init__(__self__, *, *Available only for Vault Enterprise*. :param pulumi.Input[str] path: The path to mount the auth method — this defaults to the name of the type. :param pulumi.Input['AuthBackendTuneArgs'] tune: Extra configuration block. Structure is documented below. + + The `tune` block is used to tune the auth backend: """ pulumi.set(__self__, "type", type) if description is not None: @@ -132,6 +134,8 @@ def path(self, value: Optional[pulumi.Input[str]]): def tune(self) -> Optional[pulumi.Input['AuthBackendTuneArgs']]: """ Extra configuration block. Structure is documented below. + + The `tune` block is used to tune the auth backend: """ return pulumi.get(self, "tune") @@ -164,6 +168,8 @@ def __init__(__self__, *, *Available only for Vault Enterprise*. :param pulumi.Input[str] path: The path to mount the auth method — this defaults to the name of the type. :param pulumi.Input['AuthBackendTuneArgs'] tune: Extra configuration block. Structure is documented below. + + The `tune` block is used to tune the auth backend: :param pulumi.Input[str] type: The name of the auth method type. """ if accessor is not None: @@ -264,6 +270,8 @@ def path(self, value: Optional[pulumi.Input[str]]): def tune(self) -> Optional[pulumi.Input['AuthBackendTuneArgs']]: """ Extra configuration block. Structure is documented below. + + The `tune` block is used to tune the auth backend: """ return pulumi.get(self, "tune") @@ -318,6 +326,8 @@ def __init__(__self__, *Available only for Vault Enterprise*. :param pulumi.Input[str] path: The path to mount the auth method — this defaults to the name of the type. :param pulumi.Input[pulumi.InputType['AuthBackendTuneArgs']] tune: Extra configuration block. Structure is documented below. + + The `tune` block is used to tune the auth backend: :param pulumi.Input[str] type: The name of the auth method type. """ ... @@ -412,6 +422,8 @@ def get(resource_name: str, *Available only for Vault Enterprise*. :param pulumi.Input[str] path: The path to mount the auth method — this defaults to the name of the type. :param pulumi.Input[pulumi.InputType['AuthBackendTuneArgs']] tune: Extra configuration block. Structure is documented below. + + The `tune` block is used to tune the auth backend: :param pulumi.Input[str] type: The name of the auth method type. """ opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) @@ -485,6 +497,8 @@ def path(self) -> pulumi.Output[str]: def tune(self) -> pulumi.Output['outputs.AuthBackendTune']: """ Extra configuration block. Structure is documented below. + + The `tune` block is used to tune the auth backend: """ return pulumi.get(self, "tune") diff --git a/sdk/python/pulumi_vault/aws/__init__.py b/sdk/python/pulumi_vault/aws/__init__.py index 4105c463a..712716f36 100644 --- a/sdk/python/pulumi_vault/aws/__init__.py +++ b/sdk/python/pulumi_vault/aws/__init__.py @@ -15,6 +15,7 @@ from .auth_backend_roletag_blacklist import * from .auth_backend_sts_role import * from .get_access_credentials import * +from .get_static_access_credentials import * from .secret_backend import * from .secret_backend_role import * from .secret_backend_static_role import * diff --git a/sdk/python/pulumi_vault/aws/get_access_credentials.py b/sdk/python/pulumi_vault/aws/get_access_credentials.py index 14a2526f4..069802ac0 100644 --- a/sdk/python/pulumi_vault/aws/get_access_credentials.py +++ b/sdk/python/pulumi_vault/aws/get_access_credentials.py @@ -230,21 +230,21 @@ def get_access_credentials(backend: Optional[str] = None, __ret__ = pulumi.runtime.invoke('vault:aws/getAccessCredentials:getAccessCredentials', __args__, opts=opts, typ=GetAccessCredentialsResult).value return AwaitableGetAccessCredentialsResult( - access_key=__ret__.access_key, - backend=__ret__.backend, - id=__ret__.id, - lease_duration=__ret__.lease_duration, - lease_id=__ret__.lease_id, - lease_renewable=__ret__.lease_renewable, - lease_start_time=__ret__.lease_start_time, - namespace=__ret__.namespace, - region=__ret__.region, - role=__ret__.role, - role_arn=__ret__.role_arn, - secret_key=__ret__.secret_key, - security_token=__ret__.security_token, - ttl=__ret__.ttl, - type=__ret__.type) + access_key=pulumi.get(__ret__, 'access_key'), + backend=pulumi.get(__ret__, 'backend'), + id=pulumi.get(__ret__, 'id'), + lease_duration=pulumi.get(__ret__, 'lease_duration'), + lease_id=pulumi.get(__ret__, 'lease_id'), + lease_renewable=pulumi.get(__ret__, 'lease_renewable'), + lease_start_time=pulumi.get(__ret__, 'lease_start_time'), + namespace=pulumi.get(__ret__, 'namespace'), + region=pulumi.get(__ret__, 'region'), + role=pulumi.get(__ret__, 'role'), + role_arn=pulumi.get(__ret__, 'role_arn'), + secret_key=pulumi.get(__ret__, 'secret_key'), + security_token=pulumi.get(__ret__, 'security_token'), + ttl=pulumi.get(__ret__, 'ttl'), + type=pulumi.get(__ret__, 'type')) @_utilities.lift_output_func(get_access_credentials) diff --git a/sdk/python/pulumi_vault/aws/get_static_access_credentials.py b/sdk/python/pulumi_vault/aws/get_static_access_credentials.py new file mode 100644 index 000000000..d7379f90e --- /dev/null +++ b/sdk/python/pulumi_vault/aws/get_static_access_credentials.py @@ -0,0 +1,123 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +from .. import _utilities + +__all__ = [ + 'GetStaticAccessCredentialsResult', + 'AwaitableGetStaticAccessCredentialsResult', + 'get_static_access_credentials', + 'get_static_access_credentials_output', +] + +@pulumi.output_type +class GetStaticAccessCredentialsResult: + """ + A collection of values returned by getStaticAccessCredentials. + """ + def __init__(__self__, access_key=None, backend=None, id=None, name=None, namespace=None, secret_key=None): + if access_key and not isinstance(access_key, str): + raise TypeError("Expected argument 'access_key' to be a str") + pulumi.set(__self__, "access_key", access_key) + if backend and not isinstance(backend, str): + raise TypeError("Expected argument 'backend' to be a str") + pulumi.set(__self__, "backend", backend) + if id and not isinstance(id, str): + raise TypeError("Expected argument 'id' to be a str") + pulumi.set(__self__, "id", id) + if name and not isinstance(name, str): + raise TypeError("Expected argument 'name' to be a str") + pulumi.set(__self__, "name", name) + if namespace and not isinstance(namespace, str): + raise TypeError("Expected argument 'namespace' to be a str") + pulumi.set(__self__, "namespace", namespace) + if secret_key and not isinstance(secret_key, str): + raise TypeError("Expected argument 'secret_key' to be a str") + pulumi.set(__self__, "secret_key", secret_key) + + @property + @pulumi.getter(name="accessKey") + def access_key(self) -> str: + return pulumi.get(self, "access_key") + + @property + @pulumi.getter + def backend(self) -> str: + return pulumi.get(self, "backend") + + @property + @pulumi.getter + def id(self) -> str: + """ + The provider-assigned unique ID for this managed resource. + """ + return pulumi.get(self, "id") + + @property + @pulumi.getter + def name(self) -> str: + return pulumi.get(self, "name") + + @property + @pulumi.getter + def namespace(self) -> Optional[str]: + return pulumi.get(self, "namespace") + + @property + @pulumi.getter(name="secretKey") + def secret_key(self) -> str: + return pulumi.get(self, "secret_key") + + +class AwaitableGetStaticAccessCredentialsResult(GetStaticAccessCredentialsResult): + # pylint: disable=using-constant-test + def __await__(self): + if False: + yield self + return GetStaticAccessCredentialsResult( + access_key=self.access_key, + backend=self.backend, + id=self.id, + name=self.name, + namespace=self.namespace, + secret_key=self.secret_key) + + +def get_static_access_credentials(backend: Optional[str] = None, + name: Optional[str] = None, + namespace: Optional[str] = None, + opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetStaticAccessCredentialsResult: + """ + Use this data source to access information about an existing resource. + """ + __args__ = dict() + __args__['backend'] = backend + __args__['name'] = name + __args__['namespace'] = namespace + opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + __ret__ = pulumi.runtime.invoke('vault:aws/getStaticAccessCredentials:getStaticAccessCredentials', __args__, opts=opts, typ=GetStaticAccessCredentialsResult).value + + return AwaitableGetStaticAccessCredentialsResult( + access_key=pulumi.get(__ret__, 'access_key'), + backend=pulumi.get(__ret__, 'backend'), + id=pulumi.get(__ret__, 'id'), + name=pulumi.get(__ret__, 'name'), + namespace=pulumi.get(__ret__, 'namespace'), + secret_key=pulumi.get(__ret__, 'secret_key')) + + +@_utilities.lift_output_func(get_static_access_credentials) +def get_static_access_credentials_output(backend: Optional[pulumi.Input[str]] = None, + name: Optional[pulumi.Input[str]] = None, + namespace: Optional[pulumi.Input[Optional[str]]] = None, + opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetStaticAccessCredentialsResult]: + """ + Use this data source to access information about an existing resource. + """ + ... diff --git a/sdk/python/pulumi_vault/aws/secret_backend.py b/sdk/python/pulumi_vault/aws/secret_backend.py index 5e68d0664..3fbd7262f 100644 --- a/sdk/python/pulumi_vault/aws/secret_backend.py +++ b/sdk/python/pulumi_vault/aws/secret_backend.py @@ -46,9 +46,8 @@ def __init__(__self__, *, *Available only for Vault Enterprise*. :param pulumi.Input[str] path: The unique path this backend should be mounted at. Must not begin or end with a `/`. Defaults to `aws`. - :param pulumi.Input[str] region: The AWS region for API calls. Defaults to `us-east-1`. - :param pulumi.Input[str] secret_key: The AWS Secret Key this backend should use to - issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials. + :param pulumi.Input[str] region: The AWS region to make API calls against. Defaults to us-east-1. + :param pulumi.Input[str] secret_key: The AWS Secret Access Key to use when generating new credentials. :param pulumi.Input[str] sts_endpoint: Specifies a custom HTTP STS endpoint to use. :param pulumi.Input[str] username_template: Template describing how dynamic usernames are generated. The username template is used to generate both IAM usernames (capped at 64 characters) and STS usernames (capped at 32 characters). If no template is provided the field defaults to the template: """ @@ -199,7 +198,7 @@ def path(self, value: Optional[pulumi.Input[str]]): @pulumi.getter def region(self) -> Optional[pulumi.Input[str]]: """ - The AWS region for API calls. Defaults to `us-east-1`. + The AWS region to make API calls against. Defaults to us-east-1. """ return pulumi.get(self, "region") @@ -211,8 +210,7 @@ def region(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="secretKey") def secret_key(self) -> Optional[pulumi.Input[str]]: """ - The AWS Secret Key this backend should use to - issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials. + The AWS Secret Access Key to use when generating new credentials. """ return pulumi.get(self, "secret_key") @@ -280,9 +278,8 @@ def __init__(__self__, *, *Available only for Vault Enterprise*. :param pulumi.Input[str] path: The unique path this backend should be mounted at. Must not begin or end with a `/`. Defaults to `aws`. - :param pulumi.Input[str] region: The AWS region for API calls. Defaults to `us-east-1`. - :param pulumi.Input[str] secret_key: The AWS Secret Key this backend should use to - issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials. + :param pulumi.Input[str] region: The AWS region to make API calls against. Defaults to us-east-1. + :param pulumi.Input[str] secret_key: The AWS Secret Access Key to use when generating new credentials. :param pulumi.Input[str] sts_endpoint: Specifies a custom HTTP STS endpoint to use. :param pulumi.Input[str] username_template: Template describing how dynamic usernames are generated. The username template is used to generate both IAM usernames (capped at 64 characters) and STS usernames (capped at 32 characters). If no template is provided the field defaults to the template: """ @@ -433,7 +430,7 @@ def path(self, value: Optional[pulumi.Input[str]]): @pulumi.getter def region(self) -> Optional[pulumi.Input[str]]: """ - The AWS region for API calls. Defaults to `us-east-1`. + The AWS region to make API calls against. Defaults to us-east-1. """ return pulumi.get(self, "region") @@ -445,8 +442,7 @@ def region(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="secretKey") def secret_key(self) -> Optional[pulumi.Input[str]]: """ - The AWS Secret Key this backend should use to - issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials. + The AWS Secret Access Key to use when generating new credentials. """ return pulumi.get(self, "secret_key") @@ -526,9 +522,8 @@ def __init__(__self__, *Available only for Vault Enterprise*. :param pulumi.Input[str] path: The unique path this backend should be mounted at. Must not begin or end with a `/`. Defaults to `aws`. - :param pulumi.Input[str] region: The AWS region for API calls. Defaults to `us-east-1`. - :param pulumi.Input[str] secret_key: The AWS Secret Key this backend should use to - issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials. + :param pulumi.Input[str] region: The AWS region to make API calls against. Defaults to us-east-1. + :param pulumi.Input[str] secret_key: The AWS Secret Access Key to use when generating new credentials. :param pulumi.Input[str] sts_endpoint: Specifies a custom HTTP STS endpoint to use. :param pulumi.Input[str] username_template: Template describing how dynamic usernames are generated. The username template is used to generate both IAM usernames (capped at 64 characters) and STS usernames (capped at 32 characters). If no template is provided the field defaults to the template: """ @@ -646,9 +641,8 @@ def get(resource_name: str, *Available only for Vault Enterprise*. :param pulumi.Input[str] path: The unique path this backend should be mounted at. Must not begin or end with a `/`. Defaults to `aws`. - :param pulumi.Input[str] region: The AWS region for API calls. Defaults to `us-east-1`. - :param pulumi.Input[str] secret_key: The AWS Secret Key this backend should use to - issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials. + :param pulumi.Input[str] region: The AWS region to make API calls against. Defaults to us-east-1. + :param pulumi.Input[str] secret_key: The AWS Secret Access Key to use when generating new credentials. :param pulumi.Input[str] sts_endpoint: Specifies a custom HTTP STS endpoint to use. :param pulumi.Input[str] username_template: Template describing how dynamic usernames are generated. The username template is used to generate both IAM usernames (capped at 64 characters) and STS usernames (capped at 32 characters). If no template is provided the field defaults to the template: """ @@ -755,7 +749,7 @@ def path(self) -> pulumi.Output[Optional[str]]: @pulumi.getter def region(self) -> pulumi.Output[str]: """ - The AWS region for API calls. Defaults to `us-east-1`. + The AWS region to make API calls against. Defaults to us-east-1. """ return pulumi.get(self, "region") @@ -763,8 +757,7 @@ def region(self) -> pulumi.Output[str]: @pulumi.getter(name="secretKey") def secret_key(self) -> pulumi.Output[Optional[str]]: """ - The AWS Secret Key this backend should use to - issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials. + The AWS Secret Access Key to use when generating new credentials. """ return pulumi.get(self, "secret_key") diff --git a/sdk/python/pulumi_vault/azure/backend.py b/sdk/python/pulumi_vault/azure/backend.py index 5f1c46c18..ea61dabec 100644 --- a/sdk/python/pulumi_vault/azure/backend.py +++ b/sdk/python/pulumi_vault/azure/backend.py @@ -26,20 +26,20 @@ def __init__(__self__, *, use_microsoft_graph_api: Optional[pulumi.Input[bool]] = None): """ The set of arguments for constructing a Backend resource. - :param pulumi.Input[str] subscription_id: - The subscription id for the Azure Active Directory. - :param pulumi.Input[str] tenant_id: - The tenant id for the Azure Active Directory. - :param pulumi.Input[str] client_id: - The OAuth2 client id to connect to Azure. - :param pulumi.Input[str] client_secret: - The OAuth2 client secret to connect to Azure. + :param pulumi.Input[str] subscription_id: The subscription id for the Azure Active Directory. + :param pulumi.Input[str] tenant_id: The tenant id for the Azure Active Directory. + :param pulumi.Input[str] client_id: The OAuth2 client id to connect to Azure. + :param pulumi.Input[str] client_secret: The OAuth2 client secret to connect to Azure. :param pulumi.Input[str] description: Human-friendly description of the mount for the backend. :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates. See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) - :param pulumi.Input[str] environment: - The Azure environment. + :param pulumi.Input[str] environment: The Azure environment. :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). *Available only for Vault Enterprise*. - :param pulumi.Input[str] path: - The unique path this backend should be mounted at. Defaults to `azure`. - :param pulumi.Input[bool] use_microsoft_graph_api: - Indicates whether the secrets engine should use + :param pulumi.Input[str] path: The unique path this backend should be mounted at. Defaults to `azure`. + :param pulumi.Input[bool] use_microsoft_graph_api: Indicates whether the secrets engine should use the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) """ @@ -66,7 +66,7 @@ def __init__(__self__, *, @pulumi.getter(name="subscriptionId") def subscription_id(self) -> pulumi.Input[str]: """ - - The subscription id for the Azure Active Directory. + The subscription id for the Azure Active Directory. """ return pulumi.get(self, "subscription_id") @@ -78,7 +78,7 @@ def subscription_id(self, value: pulumi.Input[str]): @pulumi.getter(name="tenantId") def tenant_id(self) -> pulumi.Input[str]: """ - - The tenant id for the Azure Active Directory. + The tenant id for the Azure Active Directory. """ return pulumi.get(self, "tenant_id") @@ -90,7 +90,7 @@ def tenant_id(self, value: pulumi.Input[str]): @pulumi.getter(name="clientId") def client_id(self) -> Optional[pulumi.Input[str]]: """ - - The OAuth2 client id to connect to Azure. + The OAuth2 client id to connect to Azure. """ return pulumi.get(self, "client_id") @@ -102,7 +102,7 @@ def client_id(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="clientSecret") def client_secret(self) -> Optional[pulumi.Input[str]]: """ - - The OAuth2 client secret to connect to Azure. + The OAuth2 client secret to connect to Azure. """ return pulumi.get(self, "client_secret") @@ -139,7 +139,7 @@ def disable_remount(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter def environment(self) -> Optional[pulumi.Input[str]]: """ - - The Azure environment. + The Azure environment. """ return pulumi.get(self, "environment") @@ -166,7 +166,7 @@ def namespace(self, value: Optional[pulumi.Input[str]]): @pulumi.getter def path(self) -> Optional[pulumi.Input[str]]: """ - - The unique path this backend should be mounted at. Defaults to `azure`. + The unique path this backend should be mounted at. Defaults to `azure`. """ return pulumi.get(self, "path") @@ -178,7 +178,7 @@ def path(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="useMicrosoftGraphApi") def use_microsoft_graph_api(self) -> Optional[pulumi.Input[bool]]: """ - - Indicates whether the secrets engine should use + Indicates whether the secrets engine should use the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) """ @@ -204,20 +204,20 @@ def __init__(__self__, *, use_microsoft_graph_api: Optional[pulumi.Input[bool]] = None): """ Input properties used for looking up and filtering Backend resources. - :param pulumi.Input[str] client_id: - The OAuth2 client id to connect to Azure. - :param pulumi.Input[str] client_secret: - The OAuth2 client secret to connect to Azure. + :param pulumi.Input[str] client_id: The OAuth2 client id to connect to Azure. + :param pulumi.Input[str] client_secret: The OAuth2 client secret to connect to Azure. :param pulumi.Input[str] description: Human-friendly description of the mount for the backend. :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates. See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) - :param pulumi.Input[str] environment: - The Azure environment. + :param pulumi.Input[str] environment: The Azure environment. :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). *Available only for Vault Enterprise*. - :param pulumi.Input[str] path: - The unique path this backend should be mounted at. Defaults to `azure`. - :param pulumi.Input[str] subscription_id: - The subscription id for the Azure Active Directory. - :param pulumi.Input[str] tenant_id: - The tenant id for the Azure Active Directory. - :param pulumi.Input[bool] use_microsoft_graph_api: - Indicates whether the secrets engine should use + :param pulumi.Input[str] path: The unique path this backend should be mounted at. Defaults to `azure`. + :param pulumi.Input[str] subscription_id: The subscription id for the Azure Active Directory. + :param pulumi.Input[str] tenant_id: The tenant id for the Azure Active Directory. + :param pulumi.Input[bool] use_microsoft_graph_api: Indicates whether the secrets engine should use the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) """ @@ -246,7 +246,7 @@ def __init__(__self__, *, @pulumi.getter(name="clientId") def client_id(self) -> Optional[pulumi.Input[str]]: """ - - The OAuth2 client id to connect to Azure. + The OAuth2 client id to connect to Azure. """ return pulumi.get(self, "client_id") @@ -258,7 +258,7 @@ def client_id(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="clientSecret") def client_secret(self) -> Optional[pulumi.Input[str]]: """ - - The OAuth2 client secret to connect to Azure. + The OAuth2 client secret to connect to Azure. """ return pulumi.get(self, "client_secret") @@ -295,7 +295,7 @@ def disable_remount(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter def environment(self) -> Optional[pulumi.Input[str]]: """ - - The Azure environment. + The Azure environment. """ return pulumi.get(self, "environment") @@ -322,7 +322,7 @@ def namespace(self, value: Optional[pulumi.Input[str]]): @pulumi.getter def path(self) -> Optional[pulumi.Input[str]]: """ - - The unique path this backend should be mounted at. Defaults to `azure`. + The unique path this backend should be mounted at. Defaults to `azure`. """ return pulumi.get(self, "path") @@ -334,7 +334,7 @@ def path(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="subscriptionId") def subscription_id(self) -> Optional[pulumi.Input[str]]: """ - - The subscription id for the Azure Active Directory. + The subscription id for the Azure Active Directory. """ return pulumi.get(self, "subscription_id") @@ -346,7 +346,7 @@ def subscription_id(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="tenantId") def tenant_id(self) -> Optional[pulumi.Input[str]]: """ - - The tenant id for the Azure Active Directory. + The tenant id for the Azure Active Directory. """ return pulumi.get(self, "tenant_id") @@ -358,7 +358,7 @@ def tenant_id(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="useMicrosoftGraphApi") def use_microsoft_graph_api(self) -> Optional[pulumi.Input[bool]]: """ - - Indicates whether the secrets engine should use + Indicates whether the secrets engine should use the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) """ @@ -418,20 +418,20 @@ def __init__(__self__, :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. - :param pulumi.Input[str] client_id: - The OAuth2 client id to connect to Azure. - :param pulumi.Input[str] client_secret: - The OAuth2 client secret to connect to Azure. + :param pulumi.Input[str] client_id: The OAuth2 client id to connect to Azure. + :param pulumi.Input[str] client_secret: The OAuth2 client secret to connect to Azure. :param pulumi.Input[str] description: Human-friendly description of the mount for the backend. :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates. See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) - :param pulumi.Input[str] environment: - The Azure environment. + :param pulumi.Input[str] environment: The Azure environment. :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). *Available only for Vault Enterprise*. - :param pulumi.Input[str] path: - The unique path this backend should be mounted at. Defaults to `azure`. - :param pulumi.Input[str] subscription_id: - The subscription id for the Azure Active Directory. - :param pulumi.Input[str] tenant_id: - The tenant id for the Azure Active Directory. - :param pulumi.Input[bool] use_microsoft_graph_api: - Indicates whether the secrets engine should use + :param pulumi.Input[str] path: The unique path this backend should be mounted at. Defaults to `azure`. + :param pulumi.Input[str] subscription_id: The subscription id for the Azure Active Directory. + :param pulumi.Input[str] tenant_id: The tenant id for the Azure Active Directory. + :param pulumi.Input[bool] use_microsoft_graph_api: Indicates whether the secrets engine should use the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) """ @@ -549,20 +549,20 @@ def get(resource_name: str, :param str resource_name: The unique name of the resulting resource. :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. :param pulumi.ResourceOptions opts: Options for the resource. - :param pulumi.Input[str] client_id: - The OAuth2 client id to connect to Azure. - :param pulumi.Input[str] client_secret: - The OAuth2 client secret to connect to Azure. + :param pulumi.Input[str] client_id: The OAuth2 client id to connect to Azure. + :param pulumi.Input[str] client_secret: The OAuth2 client secret to connect to Azure. :param pulumi.Input[str] description: Human-friendly description of the mount for the backend. :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates. See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) - :param pulumi.Input[str] environment: - The Azure environment. + :param pulumi.Input[str] environment: The Azure environment. :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). *Available only for Vault Enterprise*. - :param pulumi.Input[str] path: - The unique path this backend should be mounted at. Defaults to `azure`. - :param pulumi.Input[str] subscription_id: - The subscription id for the Azure Active Directory. - :param pulumi.Input[str] tenant_id: - The tenant id for the Azure Active Directory. - :param pulumi.Input[bool] use_microsoft_graph_api: - Indicates whether the secrets engine should use + :param pulumi.Input[str] path: The unique path this backend should be mounted at. Defaults to `azure`. + :param pulumi.Input[str] subscription_id: The subscription id for the Azure Active Directory. + :param pulumi.Input[str] tenant_id: The tenant id for the Azure Active Directory. + :param pulumi.Input[bool] use_microsoft_graph_api: Indicates whether the secrets engine should use the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) """ @@ -586,7 +586,7 @@ def get(resource_name: str, @pulumi.getter(name="clientId") def client_id(self) -> pulumi.Output[Optional[str]]: """ - - The OAuth2 client id to connect to Azure. + The OAuth2 client id to connect to Azure. """ return pulumi.get(self, "client_id") @@ -594,7 +594,7 @@ def client_id(self) -> pulumi.Output[Optional[str]]: @pulumi.getter(name="clientSecret") def client_secret(self) -> pulumi.Output[Optional[str]]: """ - - The OAuth2 client secret to connect to Azure. + The OAuth2 client secret to connect to Azure. """ return pulumi.get(self, "client_secret") @@ -619,7 +619,7 @@ def disable_remount(self) -> pulumi.Output[Optional[bool]]: @pulumi.getter def environment(self) -> pulumi.Output[Optional[str]]: """ - - The Azure environment. + The Azure environment. """ return pulumi.get(self, "environment") @@ -638,7 +638,7 @@ def namespace(self) -> pulumi.Output[Optional[str]]: @pulumi.getter def path(self) -> pulumi.Output[Optional[str]]: """ - - The unique path this backend should be mounted at. Defaults to `azure`. + The unique path this backend should be mounted at. Defaults to `azure`. """ return pulumi.get(self, "path") @@ -646,7 +646,7 @@ def path(self) -> pulumi.Output[Optional[str]]: @pulumi.getter(name="subscriptionId") def subscription_id(self) -> pulumi.Output[str]: """ - - The subscription id for the Azure Active Directory. + The subscription id for the Azure Active Directory. """ return pulumi.get(self, "subscription_id") @@ -654,7 +654,7 @@ def subscription_id(self) -> pulumi.Output[str]: @pulumi.getter(name="tenantId") def tenant_id(self) -> pulumi.Output[str]: """ - - The tenant id for the Azure Active Directory. + The tenant id for the Azure Active Directory. """ return pulumi.get(self, "tenant_id") @@ -662,7 +662,7 @@ def tenant_id(self) -> pulumi.Output[str]: @pulumi.getter(name="useMicrosoftGraphApi") def use_microsoft_graph_api(self) -> pulumi.Output[bool]: """ - - Indicates whether the secrets engine should use + Indicates whether the secrets engine should use the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`. For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api) """ diff --git a/sdk/python/pulumi_vault/azure/get_access_credentials.py b/sdk/python/pulumi_vault/azure/get_access_credentials.py index c7da91b61..b88e0766b 100644 --- a/sdk/python/pulumi_vault/azure/get_access_credentials.py +++ b/sdk/python/pulumi_vault/azure/get_access_credentials.py @@ -280,23 +280,23 @@ def get_access_credentials(backend: Optional[str] = None, __ret__ = pulumi.runtime.invoke('vault:azure/getAccessCredentials:getAccessCredentials', __args__, opts=opts, typ=GetAccessCredentialsResult).value return AwaitableGetAccessCredentialsResult( - backend=__ret__.backend, - client_id=__ret__.client_id, - client_secret=__ret__.client_secret, - environment=__ret__.environment, - id=__ret__.id, - lease_duration=__ret__.lease_duration, - lease_id=__ret__.lease_id, - lease_renewable=__ret__.lease_renewable, - lease_start_time=__ret__.lease_start_time, - max_cred_validation_seconds=__ret__.max_cred_validation_seconds, - namespace=__ret__.namespace, - num_seconds_between_tests=__ret__.num_seconds_between_tests, - num_sequential_successes=__ret__.num_sequential_successes, - role=__ret__.role, - subscription_id=__ret__.subscription_id, - tenant_id=__ret__.tenant_id, - validate_creds=__ret__.validate_creds) + backend=pulumi.get(__ret__, 'backend'), + client_id=pulumi.get(__ret__, 'client_id'), + client_secret=pulumi.get(__ret__, 'client_secret'), + environment=pulumi.get(__ret__, 'environment'), + id=pulumi.get(__ret__, 'id'), + lease_duration=pulumi.get(__ret__, 'lease_duration'), + lease_id=pulumi.get(__ret__, 'lease_id'), + lease_renewable=pulumi.get(__ret__, 'lease_renewable'), + lease_start_time=pulumi.get(__ret__, 'lease_start_time'), + max_cred_validation_seconds=pulumi.get(__ret__, 'max_cred_validation_seconds'), + namespace=pulumi.get(__ret__, 'namespace'), + num_seconds_between_tests=pulumi.get(__ret__, 'num_seconds_between_tests'), + num_sequential_successes=pulumi.get(__ret__, 'num_sequential_successes'), + role=pulumi.get(__ret__, 'role'), + subscription_id=pulumi.get(__ret__, 'subscription_id'), + tenant_id=pulumi.get(__ret__, 'tenant_id'), + validate_creds=pulumi.get(__ret__, 'validate_creds')) @_utilities.lift_output_func(get_access_credentials) diff --git a/sdk/python/pulumi_vault/cert_auth_backend_role.py b/sdk/python/pulumi_vault/cert_auth_backend_role.py index e94d98c33..b2d98e52c 100644 --- a/sdk/python/pulumi_vault/cert_auth_backend_role.py +++ b/sdk/python/pulumi_vault/cert_auth_backend_role.py @@ -26,6 +26,11 @@ def __init__(__self__, *, display_name: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, namespace: Optional[pulumi.Input[str]] = None, + ocsp_ca_certificates: Optional[pulumi.Input[str]] = None, + ocsp_enabled: Optional[pulumi.Input[bool]] = None, + ocsp_fail_open: Optional[pulumi.Input[bool]] = None, + ocsp_query_all_servers: Optional[pulumi.Input[bool]] = None, + ocsp_servers_overrides: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, required_extensions: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, token_explicit_max_ttl: Optional[pulumi.Input[int]] = None, @@ -53,7 +58,25 @@ def __init__(__self__, *, The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). *Available only for Vault Enterprise*. - :param pulumi.Input[Sequence[pulumi.Input[str]]] required_extensions: TLS extensions required on client certificates + :param pulumi.Input[str] ocsp_ca_certificates: Any additional CA certificates + needed to verify OCSP responses. Provided as base64 encoded PEM data. + Requires Vault version 1.13+. + :param pulumi.Input[bool] ocsp_enabled: If enabled, validate certificates' + revocation status using OCSP. Requires Vault version 1.13+. + :param pulumi.Input[bool] ocsp_fail_open: If true and an OCSP response cannot + be fetched or is of an unknown status, the login will proceed as if the + certificate has not been revoked. + Requires Vault version 1.13+. + :param pulumi.Input[bool] ocsp_query_all_servers: If set to true, rather than + accepting the first successful OCSP response, query all servers and consider + the certificate valid only if all servers agree. + Requires Vault version 1.13+. + :param pulumi.Input[Sequence[pulumi.Input[str]]] ocsp_servers_overrides: : A comma-separated list of OCSP + server addresses. If unset, the OCSP server is determined from the + AuthorityInformationAccess extension on the certificate being inspected. + Requires Vault version 1.13+. + :param pulumi.Input[Sequence[pulumi.Input[str]]] required_extensions: TLS extensions required on + client certificates :param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: List of CIDR blocks; if set, specifies blocks of IP addresses which can authenticate successfully, and ties the resulting token to these blocks as well. @@ -80,6 +103,8 @@ def __init__(__self__, *, `service` tokens). For token store roles, there are two additional possibilities: `default-service` and `default-batch` which specify the type to return unless the client requests a different type at generation time. + + For more details on the usage of each argument consult the [Vault Cert API documentation](https://www.vaultproject.io/api-docs/auth/cert). """ pulumi.set(__self__, "certificate", certificate) if allowed_common_names is not None: @@ -107,6 +132,16 @@ def __init__(__self__, *, pulumi.set(__self__, "name", name) if namespace is not None: pulumi.set(__self__, "namespace", namespace) + if ocsp_ca_certificates is not None: + pulumi.set(__self__, "ocsp_ca_certificates", ocsp_ca_certificates) + if ocsp_enabled is not None: + pulumi.set(__self__, "ocsp_enabled", ocsp_enabled) + if ocsp_fail_open is not None: + pulumi.set(__self__, "ocsp_fail_open", ocsp_fail_open) + if ocsp_query_all_servers is not None: + pulumi.set(__self__, "ocsp_query_all_servers", ocsp_query_all_servers) + if ocsp_servers_overrides is not None: + pulumi.set(__self__, "ocsp_servers_overrides", ocsp_servers_overrides) if required_extensions is not None: pulumi.set(__self__, "required_extensions", required_extensions) if token_bound_cidrs is not None: @@ -191,6 +226,9 @@ def allowed_names(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]] @property @pulumi.getter(name="allowedOrganizationUnits") def allowed_organization_units(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + warnings.warn("""Use allowed_organizational_units""", DeprecationWarning) + pulumi.log.warn("""allowed_organization_units is deprecated: Use allowed_organizational_units""") + return pulumi.get(self, "allowed_organization_units") @allowed_organization_units.setter @@ -273,11 +311,84 @@ def namespace(self) -> Optional[pulumi.Input[str]]: def namespace(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "namespace", value) + @property + @pulumi.getter(name="ocspCaCertificates") + def ocsp_ca_certificates(self) -> Optional[pulumi.Input[str]]: + """ + Any additional CA certificates + needed to verify OCSP responses. Provided as base64 encoded PEM data. + Requires Vault version 1.13+. + """ + return pulumi.get(self, "ocsp_ca_certificates") + + @ocsp_ca_certificates.setter + def ocsp_ca_certificates(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "ocsp_ca_certificates", value) + + @property + @pulumi.getter(name="ocspEnabled") + def ocsp_enabled(self) -> Optional[pulumi.Input[bool]]: + """ + If enabled, validate certificates' + revocation status using OCSP. Requires Vault version 1.13+. + """ + return pulumi.get(self, "ocsp_enabled") + + @ocsp_enabled.setter + def ocsp_enabled(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "ocsp_enabled", value) + + @property + @pulumi.getter(name="ocspFailOpen") + def ocsp_fail_open(self) -> Optional[pulumi.Input[bool]]: + """ + If true and an OCSP response cannot + be fetched or is of an unknown status, the login will proceed as if the + certificate has not been revoked. + Requires Vault version 1.13+. + """ + return pulumi.get(self, "ocsp_fail_open") + + @ocsp_fail_open.setter + def ocsp_fail_open(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "ocsp_fail_open", value) + + @property + @pulumi.getter(name="ocspQueryAllServers") + def ocsp_query_all_servers(self) -> Optional[pulumi.Input[bool]]: + """ + If set to true, rather than + accepting the first successful OCSP response, query all servers and consider + the certificate valid only if all servers agree. + Requires Vault version 1.13+. + """ + return pulumi.get(self, "ocsp_query_all_servers") + + @ocsp_query_all_servers.setter + def ocsp_query_all_servers(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "ocsp_query_all_servers", value) + + @property + @pulumi.getter(name="ocspServersOverrides") + def ocsp_servers_overrides(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + : A comma-separated list of OCSP + server addresses. If unset, the OCSP server is determined from the + AuthorityInformationAccess extension on the certificate being inspected. + Requires Vault version 1.13+. + """ + return pulumi.get(self, "ocsp_servers_overrides") + + @ocsp_servers_overrides.setter + def ocsp_servers_overrides(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): + pulumi.set(self, "ocsp_servers_overrides", value) + @property @pulumi.getter(name="requiredExtensions") def required_extensions(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: """ - TLS extensions required on client certificates + TLS extensions required on + client certificates """ return pulumi.get(self, "required_extensions") @@ -403,6 +514,8 @@ def token_type(self) -> Optional[pulumi.Input[str]]: `service` tokens). For token store roles, there are two additional possibilities: `default-service` and `default-batch` which specify the type to return unless the client requests a different type at generation time. + + For more details on the usage of each argument consult the [Vault Cert API documentation](https://www.vaultproject.io/api-docs/auth/cert). """ return pulumi.get(self, "token_type") @@ -426,6 +539,11 @@ def __init__(__self__, *, display_name: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, namespace: Optional[pulumi.Input[str]] = None, + ocsp_ca_certificates: Optional[pulumi.Input[str]] = None, + ocsp_enabled: Optional[pulumi.Input[bool]] = None, + ocsp_fail_open: Optional[pulumi.Input[bool]] = None, + ocsp_query_all_servers: Optional[pulumi.Input[bool]] = None, + ocsp_servers_overrides: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, required_extensions: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, token_explicit_max_ttl: Optional[pulumi.Input[int]] = None, @@ -453,7 +571,25 @@ def __init__(__self__, *, The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). *Available only for Vault Enterprise*. - :param pulumi.Input[Sequence[pulumi.Input[str]]] required_extensions: TLS extensions required on client certificates + :param pulumi.Input[str] ocsp_ca_certificates: Any additional CA certificates + needed to verify OCSP responses. Provided as base64 encoded PEM data. + Requires Vault version 1.13+. + :param pulumi.Input[bool] ocsp_enabled: If enabled, validate certificates' + revocation status using OCSP. Requires Vault version 1.13+. + :param pulumi.Input[bool] ocsp_fail_open: If true and an OCSP response cannot + be fetched or is of an unknown status, the login will proceed as if the + certificate has not been revoked. + Requires Vault version 1.13+. + :param pulumi.Input[bool] ocsp_query_all_servers: If set to true, rather than + accepting the first successful OCSP response, query all servers and consider + the certificate valid only if all servers agree. + Requires Vault version 1.13+. + :param pulumi.Input[Sequence[pulumi.Input[str]]] ocsp_servers_overrides: : A comma-separated list of OCSP + server addresses. If unset, the OCSP server is determined from the + AuthorityInformationAccess extension on the certificate being inspected. + Requires Vault version 1.13+. + :param pulumi.Input[Sequence[pulumi.Input[str]]] required_extensions: TLS extensions required on + client certificates :param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: List of CIDR blocks; if set, specifies blocks of IP addresses which can authenticate successfully, and ties the resulting token to these blocks as well. @@ -480,6 +616,8 @@ def __init__(__self__, *, `service` tokens). For token store roles, there are two additional possibilities: `default-service` and `default-batch` which specify the type to return unless the client requests a different type at generation time. + + For more details on the usage of each argument consult the [Vault Cert API documentation](https://www.vaultproject.io/api-docs/auth/cert). """ if allowed_common_names is not None: pulumi.set(__self__, "allowed_common_names", allowed_common_names) @@ -508,6 +646,16 @@ def __init__(__self__, *, pulumi.set(__self__, "name", name) if namespace is not None: pulumi.set(__self__, "namespace", namespace) + if ocsp_ca_certificates is not None: + pulumi.set(__self__, "ocsp_ca_certificates", ocsp_ca_certificates) + if ocsp_enabled is not None: + pulumi.set(__self__, "ocsp_enabled", ocsp_enabled) + if ocsp_fail_open is not None: + pulumi.set(__self__, "ocsp_fail_open", ocsp_fail_open) + if ocsp_query_all_servers is not None: + pulumi.set(__self__, "ocsp_query_all_servers", ocsp_query_all_servers) + if ocsp_servers_overrides is not None: + pulumi.set(__self__, "ocsp_servers_overrides", ocsp_servers_overrides) if required_extensions is not None: pulumi.set(__self__, "required_extensions", required_extensions) if token_bound_cidrs is not None: @@ -580,6 +728,9 @@ def allowed_names(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]] @property @pulumi.getter(name="allowedOrganizationUnits") def allowed_organization_units(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + warnings.warn("""Use allowed_organizational_units""", DeprecationWarning) + pulumi.log.warn("""allowed_organization_units is deprecated: Use allowed_organizational_units""") + return pulumi.get(self, "allowed_organization_units") @allowed_organization_units.setter @@ -674,11 +825,84 @@ def namespace(self) -> Optional[pulumi.Input[str]]: def namespace(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "namespace", value) + @property + @pulumi.getter(name="ocspCaCertificates") + def ocsp_ca_certificates(self) -> Optional[pulumi.Input[str]]: + """ + Any additional CA certificates + needed to verify OCSP responses. Provided as base64 encoded PEM data. + Requires Vault version 1.13+. + """ + return pulumi.get(self, "ocsp_ca_certificates") + + @ocsp_ca_certificates.setter + def ocsp_ca_certificates(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "ocsp_ca_certificates", value) + + @property + @pulumi.getter(name="ocspEnabled") + def ocsp_enabled(self) -> Optional[pulumi.Input[bool]]: + """ + If enabled, validate certificates' + revocation status using OCSP. Requires Vault version 1.13+. + """ + return pulumi.get(self, "ocsp_enabled") + + @ocsp_enabled.setter + def ocsp_enabled(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "ocsp_enabled", value) + + @property + @pulumi.getter(name="ocspFailOpen") + def ocsp_fail_open(self) -> Optional[pulumi.Input[bool]]: + """ + If true and an OCSP response cannot + be fetched or is of an unknown status, the login will proceed as if the + certificate has not been revoked. + Requires Vault version 1.13+. + """ + return pulumi.get(self, "ocsp_fail_open") + + @ocsp_fail_open.setter + def ocsp_fail_open(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "ocsp_fail_open", value) + + @property + @pulumi.getter(name="ocspQueryAllServers") + def ocsp_query_all_servers(self) -> Optional[pulumi.Input[bool]]: + """ + If set to true, rather than + accepting the first successful OCSP response, query all servers and consider + the certificate valid only if all servers agree. + Requires Vault version 1.13+. + """ + return pulumi.get(self, "ocsp_query_all_servers") + + @ocsp_query_all_servers.setter + def ocsp_query_all_servers(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "ocsp_query_all_servers", value) + + @property + @pulumi.getter(name="ocspServersOverrides") + def ocsp_servers_overrides(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + : A comma-separated list of OCSP + server addresses. If unset, the OCSP server is determined from the + AuthorityInformationAccess extension on the certificate being inspected. + Requires Vault version 1.13+. + """ + return pulumi.get(self, "ocsp_servers_overrides") + + @ocsp_servers_overrides.setter + def ocsp_servers_overrides(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): + pulumi.set(self, "ocsp_servers_overrides", value) + @property @pulumi.getter(name="requiredExtensions") def required_extensions(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: """ - TLS extensions required on client certificates + TLS extensions required on + client certificates """ return pulumi.get(self, "required_extensions") @@ -804,6 +1028,8 @@ def token_type(self) -> Optional[pulumi.Input[str]]: `service` tokens). For token store roles, there are two additional possibilities: `default-service` and `default-batch` which specify the type to return unless the client requests a different type at generation time. + + For more details on the usage of each argument consult the [Vault Cert API documentation](https://www.vaultproject.io/api-docs/auth/cert). """ return pulumi.get(self, "token_type") @@ -829,6 +1055,11 @@ def __init__(__self__, display_name: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, namespace: Optional[pulumi.Input[str]] = None, + ocsp_ca_certificates: Optional[pulumi.Input[str]] = None, + ocsp_enabled: Optional[pulumi.Input[bool]] = None, + ocsp_fail_open: Optional[pulumi.Input[bool]] = None, + ocsp_query_all_servers: Optional[pulumi.Input[bool]] = None, + ocsp_servers_overrides: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, required_extensions: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, token_explicit_max_ttl: Optional[pulumi.Input[int]] = None, @@ -881,7 +1112,25 @@ def __init__(__self__, The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). *Available only for Vault Enterprise*. - :param pulumi.Input[Sequence[pulumi.Input[str]]] required_extensions: TLS extensions required on client certificates + :param pulumi.Input[str] ocsp_ca_certificates: Any additional CA certificates + needed to verify OCSP responses. Provided as base64 encoded PEM data. + Requires Vault version 1.13+. + :param pulumi.Input[bool] ocsp_enabled: If enabled, validate certificates' + revocation status using OCSP. Requires Vault version 1.13+. + :param pulumi.Input[bool] ocsp_fail_open: If true and an OCSP response cannot + be fetched or is of an unknown status, the login will proceed as if the + certificate has not been revoked. + Requires Vault version 1.13+. + :param pulumi.Input[bool] ocsp_query_all_servers: If set to true, rather than + accepting the first successful OCSP response, query all servers and consider + the certificate valid only if all servers agree. + Requires Vault version 1.13+. + :param pulumi.Input[Sequence[pulumi.Input[str]]] ocsp_servers_overrides: : A comma-separated list of OCSP + server addresses. If unset, the OCSP server is determined from the + AuthorityInformationAccess extension on the certificate being inspected. + Requires Vault version 1.13+. + :param pulumi.Input[Sequence[pulumi.Input[str]]] required_extensions: TLS extensions required on + client certificates :param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: List of CIDR blocks; if set, specifies blocks of IP addresses which can authenticate successfully, and ties the resulting token to these blocks as well. @@ -908,6 +1157,8 @@ def __init__(__self__, `service` tokens). For token store roles, there are two additional possibilities: `default-service` and `default-batch` which specify the type to return unless the client requests a different type at generation time. + + For more details on the usage of each argument consult the [Vault Cert API documentation](https://www.vaultproject.io/api-docs/auth/cert). """ ... @overload @@ -966,6 +1217,11 @@ def _internal_init(__self__, display_name: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, namespace: Optional[pulumi.Input[str]] = None, + ocsp_ca_certificates: Optional[pulumi.Input[str]] = None, + ocsp_enabled: Optional[pulumi.Input[bool]] = None, + ocsp_fail_open: Optional[pulumi.Input[bool]] = None, + ocsp_query_all_servers: Optional[pulumi.Input[bool]] = None, + ocsp_servers_overrides: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, required_extensions: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, token_explicit_max_ttl: Optional[pulumi.Input[int]] = None, @@ -989,9 +1245,6 @@ def _internal_init(__self__, __props__.__dict__["allowed_dns_sans"] = allowed_dns_sans __props__.__dict__["allowed_email_sans"] = allowed_email_sans __props__.__dict__["allowed_names"] = allowed_names - if allowed_organization_units is not None and not opts.urn: - warnings.warn("""Use allowed_organizational_units""", DeprecationWarning) - pulumi.log.warn("""allowed_organization_units is deprecated: Use allowed_organizational_units""") __props__.__dict__["allowed_organization_units"] = allowed_organization_units __props__.__dict__["allowed_organizational_units"] = allowed_organizational_units __props__.__dict__["allowed_uri_sans"] = allowed_uri_sans @@ -1002,6 +1255,11 @@ def _internal_init(__self__, __props__.__dict__["display_name"] = display_name __props__.__dict__["name"] = name __props__.__dict__["namespace"] = namespace + __props__.__dict__["ocsp_ca_certificates"] = ocsp_ca_certificates + __props__.__dict__["ocsp_enabled"] = ocsp_enabled + __props__.__dict__["ocsp_fail_open"] = ocsp_fail_open + __props__.__dict__["ocsp_query_all_servers"] = ocsp_query_all_servers + __props__.__dict__["ocsp_servers_overrides"] = ocsp_servers_overrides __props__.__dict__["required_extensions"] = required_extensions __props__.__dict__["token_bound_cidrs"] = token_bound_cidrs __props__.__dict__["token_explicit_max_ttl"] = token_explicit_max_ttl @@ -1034,6 +1292,11 @@ def get(resource_name: str, display_name: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, namespace: Optional[pulumi.Input[str]] = None, + ocsp_ca_certificates: Optional[pulumi.Input[str]] = None, + ocsp_enabled: Optional[pulumi.Input[bool]] = None, + ocsp_fail_open: Optional[pulumi.Input[bool]] = None, + ocsp_query_all_servers: Optional[pulumi.Input[bool]] = None, + ocsp_servers_overrides: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, required_extensions: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, token_explicit_max_ttl: Optional[pulumi.Input[int]] = None, @@ -1066,7 +1329,25 @@ def get(resource_name: str, The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). *Available only for Vault Enterprise*. - :param pulumi.Input[Sequence[pulumi.Input[str]]] required_extensions: TLS extensions required on client certificates + :param pulumi.Input[str] ocsp_ca_certificates: Any additional CA certificates + needed to verify OCSP responses. Provided as base64 encoded PEM data. + Requires Vault version 1.13+. + :param pulumi.Input[bool] ocsp_enabled: If enabled, validate certificates' + revocation status using OCSP. Requires Vault version 1.13+. + :param pulumi.Input[bool] ocsp_fail_open: If true and an OCSP response cannot + be fetched or is of an unknown status, the login will proceed as if the + certificate has not been revoked. + Requires Vault version 1.13+. + :param pulumi.Input[bool] ocsp_query_all_servers: If set to true, rather than + accepting the first successful OCSP response, query all servers and consider + the certificate valid only if all servers agree. + Requires Vault version 1.13+. + :param pulumi.Input[Sequence[pulumi.Input[str]]] ocsp_servers_overrides: : A comma-separated list of OCSP + server addresses. If unset, the OCSP server is determined from the + AuthorityInformationAccess extension on the certificate being inspected. + Requires Vault version 1.13+. + :param pulumi.Input[Sequence[pulumi.Input[str]]] required_extensions: TLS extensions required on + client certificates :param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: List of CIDR blocks; if set, specifies blocks of IP addresses which can authenticate successfully, and ties the resulting token to these blocks as well. @@ -1093,6 +1374,8 @@ def get(resource_name: str, `service` tokens). For token store roles, there are two additional possibilities: `default-service` and `default-batch` which specify the type to return unless the client requests a different type at generation time. + + For more details on the usage of each argument consult the [Vault Cert API documentation](https://www.vaultproject.io/api-docs/auth/cert). """ opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) @@ -1110,6 +1393,11 @@ def get(resource_name: str, __props__.__dict__["display_name"] = display_name __props__.__dict__["name"] = name __props__.__dict__["namespace"] = namespace + __props__.__dict__["ocsp_ca_certificates"] = ocsp_ca_certificates + __props__.__dict__["ocsp_enabled"] = ocsp_enabled + __props__.__dict__["ocsp_fail_open"] = ocsp_fail_open + __props__.__dict__["ocsp_query_all_servers"] = ocsp_query_all_servers + __props__.__dict__["ocsp_servers_overrides"] = ocsp_servers_overrides __props__.__dict__["required_extensions"] = required_extensions __props__.__dict__["token_bound_cidrs"] = token_bound_cidrs __props__.__dict__["token_explicit_max_ttl"] = token_explicit_max_ttl @@ -1157,6 +1445,9 @@ def allowed_names(self) -> pulumi.Output[Sequence[str]]: @property @pulumi.getter(name="allowedOrganizationUnits") def allowed_organization_units(self) -> pulumi.Output[Sequence[str]]: + warnings.warn("""Use allowed_organizational_units""", DeprecationWarning) + pulumi.log.warn("""allowed_organization_units is deprecated: Use allowed_organizational_units""") + return pulumi.get(self, "allowed_organization_units") @property @@ -1219,11 +1510,64 @@ def namespace(self) -> pulumi.Output[Optional[str]]: """ return pulumi.get(self, "namespace") + @property + @pulumi.getter(name="ocspCaCertificates") + def ocsp_ca_certificates(self) -> pulumi.Output[Optional[str]]: + """ + Any additional CA certificates + needed to verify OCSP responses. Provided as base64 encoded PEM data. + Requires Vault version 1.13+. + """ + return pulumi.get(self, "ocsp_ca_certificates") + + @property + @pulumi.getter(name="ocspEnabled") + def ocsp_enabled(self) -> pulumi.Output[bool]: + """ + If enabled, validate certificates' + revocation status using OCSP. Requires Vault version 1.13+. + """ + return pulumi.get(self, "ocsp_enabled") + + @property + @pulumi.getter(name="ocspFailOpen") + def ocsp_fail_open(self) -> pulumi.Output[bool]: + """ + If true and an OCSP response cannot + be fetched or is of an unknown status, the login will proceed as if the + certificate has not been revoked. + Requires Vault version 1.13+. + """ + return pulumi.get(self, "ocsp_fail_open") + + @property + @pulumi.getter(name="ocspQueryAllServers") + def ocsp_query_all_servers(self) -> pulumi.Output[bool]: + """ + If set to true, rather than + accepting the first successful OCSP response, query all servers and consider + the certificate valid only if all servers agree. + Requires Vault version 1.13+. + """ + return pulumi.get(self, "ocsp_query_all_servers") + + @property + @pulumi.getter(name="ocspServersOverrides") + def ocsp_servers_overrides(self) -> pulumi.Output[Optional[Sequence[str]]]: + """ + : A comma-separated list of OCSP + server addresses. If unset, the OCSP server is determined from the + AuthorityInformationAccess extension on the certificate being inspected. + Requires Vault version 1.13+. + """ + return pulumi.get(self, "ocsp_servers_overrides") + @property @pulumi.getter(name="requiredExtensions") def required_extensions(self) -> pulumi.Output[Sequence[str]]: """ - TLS extensions required on client certificates + TLS extensions required on + client certificates """ return pulumi.get(self, "required_extensions") @@ -1313,6 +1657,8 @@ def token_type(self) -> pulumi.Output[Optional[str]]: `service` tokens). For token store roles, there are two additional possibilities: `default-service` and `default-batch` which specify the type to return unless the client requests a different type at generation time. + + For more details on the usage of each argument consult the [Vault Cert API documentation](https://www.vaultproject.io/api-docs/auth/cert). """ return pulumi.get(self, "token_type") diff --git a/sdk/python/pulumi_vault/config/__init__.pyi b/sdk/python/pulumi_vault/config/__init__.pyi index a540825de..1ab82a0aa 100644 --- a/sdk/python/pulumi_vault/config/__init__.pyi +++ b/sdk/python/pulumi_vault/config/__init__.pyi @@ -120,6 +120,12 @@ namespace: Optional[str] The namespace to use. Available only for Vault Enterprise. """ +setNamespaceFromToken: Optional[bool] +""" +In the case where the Vault token is for a specific namespace and the provider namespace is not configured, use the +token namespace as the root namespace for all resources. +""" + skipChildToken: Optional[bool] """ Set this to true to prevent the creation of ephemeral child token used by this provider. diff --git a/sdk/python/pulumi_vault/config/outputs.py b/sdk/python/pulumi_vault/config/outputs.py index 924808305..6eb0a11c2 100644 --- a/sdk/python/pulumi_vault/config/outputs.py +++ b/sdk/python/pulumi_vault/config/outputs.py @@ -32,7 +32,8 @@ def __init__(__self__, *, path: str, method: Optional[str] = None, namespace: Optional[str] = None, - parameters: Optional[Mapping[str, str]] = None): + parameters: Optional[Mapping[str, str]] = None, + use_root_namespace: Optional[bool] = None): pulumi.set(__self__, "path", path) if method is not None: pulumi.set(__self__, "method", method) @@ -40,6 +41,8 @@ def __init__(__self__, *, pulumi.set(__self__, "namespace", namespace) if parameters is not None: pulumi.set(__self__, "parameters", parameters) + if use_root_namespace is not None: + pulumi.set(__self__, "use_root_namespace", use_root_namespace) @property @pulumi.getter @@ -61,6 +64,11 @@ def namespace(self) -> Optional[str]: def parameters(self) -> Optional[Mapping[str, str]]: return pulumi.get(self, "parameters") + @property + @pulumi.getter(name="useRootNamespace") + def use_root_namespace(self) -> Optional[bool]: + return pulumi.get(self, "use_root_namespace") + @pulumi.output_type class AuthLoginAws(dict): @@ -79,7 +87,8 @@ def __init__(__self__, *, aws_web_identity_token_file: Optional[str] = None, header_value: Optional[str] = None, mount: Optional[str] = None, - namespace: Optional[str] = None): + namespace: Optional[str] = None, + use_root_namespace: Optional[bool] = None): pulumi.set(__self__, "role", role) if aws_access_key_id is not None: pulumi.set(__self__, "aws_access_key_id", aws_access_key_id) @@ -109,6 +118,8 @@ def __init__(__self__, *, pulumi.set(__self__, "mount", mount) if namespace is not None: pulumi.set(__self__, "namespace", namespace) + if use_root_namespace is not None: + pulumi.set(__self__, "use_root_namespace", use_root_namespace) @property @pulumi.getter @@ -185,6 +196,11 @@ def mount(self) -> Optional[str]: def namespace(self) -> Optional[str]: return pulumi.get(self, "namespace") + @property + @pulumi.getter(name="useRootNamespace") + def use_root_namespace(self) -> Optional[bool]: + return pulumi.get(self, "use_root_namespace") + @pulumi.output_type class AuthLoginAzure(dict): @@ -198,6 +214,7 @@ def __init__(__self__, *, namespace: Optional[str] = None, scope: Optional[str] = None, tenant_id: Optional[str] = None, + use_root_namespace: Optional[bool] = None, vm_name: Optional[str] = None, vmss_name: Optional[str] = None): pulumi.set(__self__, "resource_group_name", resource_group_name) @@ -215,6 +232,8 @@ def __init__(__self__, *, pulumi.set(__self__, "scope", scope) if tenant_id is not None: pulumi.set(__self__, "tenant_id", tenant_id) + if use_root_namespace is not None: + pulumi.set(__self__, "use_root_namespace", use_root_namespace) if vm_name is not None: pulumi.set(__self__, "vm_name", vm_name) if vmss_name is not None: @@ -265,6 +284,11 @@ def scope(self) -> Optional[str]: def tenant_id(self) -> Optional[str]: return pulumi.get(self, "tenant_id") + @property + @pulumi.getter(name="useRootNamespace") + def use_root_namespace(self) -> Optional[bool]: + return pulumi.get(self, "use_root_namespace") + @property @pulumi.getter(name="vmName") def vm_name(self) -> Optional[str]: @@ -283,7 +307,8 @@ def __init__(__self__, *, key_file: str, mount: Optional[str] = None, name: Optional[str] = None, - namespace: Optional[str] = None): + namespace: Optional[str] = None, + use_root_namespace: Optional[bool] = None): pulumi.set(__self__, "cert_file", cert_file) pulumi.set(__self__, "key_file", key_file) if mount is not None: @@ -292,6 +317,8 @@ def __init__(__self__, *, pulumi.set(__self__, "name", name) if namespace is not None: pulumi.set(__self__, "namespace", namespace) + if use_root_namespace is not None: + pulumi.set(__self__, "use_root_namespace", use_root_namespace) @property @pulumi.getter(name="certFile") @@ -318,6 +345,11 @@ def name(self) -> Optional[str]: def namespace(self) -> Optional[str]: return pulumi.get(self, "namespace") + @property + @pulumi.getter(name="useRootNamespace") + def use_root_namespace(self) -> Optional[bool]: + return pulumi.get(self, "use_root_namespace") + @pulumi.output_type class AuthLoginGcp(dict): @@ -327,7 +359,8 @@ def __init__(__self__, *, jwt: Optional[str] = None, mount: Optional[str] = None, namespace: Optional[str] = None, - service_account: Optional[str] = None): + service_account: Optional[str] = None, + use_root_namespace: Optional[bool] = None): pulumi.set(__self__, "role", role) if credentials is not None: pulumi.set(__self__, "credentials", credentials) @@ -339,6 +372,8 @@ def __init__(__self__, *, pulumi.set(__self__, "namespace", namespace) if service_account is not None: pulumi.set(__self__, "service_account", service_account) + if use_root_namespace is not None: + pulumi.set(__self__, "use_root_namespace", use_root_namespace) @property @pulumi.getter @@ -370,6 +405,11 @@ def namespace(self) -> Optional[str]: def service_account(self) -> Optional[str]: return pulumi.get(self, "service_account") + @property + @pulumi.getter(name="useRootNamespace") + def use_root_namespace(self) -> Optional[bool]: + return pulumi.get(self, "use_root_namespace") + @pulumi.output_type class AuthLoginJwt(dict): @@ -377,13 +417,16 @@ def __init__(__self__, *, jwt: str, role: str, mount: Optional[str] = None, - namespace: Optional[str] = None): + namespace: Optional[str] = None, + use_root_namespace: Optional[bool] = None): pulumi.set(__self__, "jwt", jwt) pulumi.set(__self__, "role", role) if mount is not None: pulumi.set(__self__, "mount", mount) if namespace is not None: pulumi.set(__self__, "namespace", namespace) + if use_root_namespace is not None: + pulumi.set(__self__, "use_root_namespace", use_root_namespace) @property @pulumi.getter @@ -405,6 +448,11 @@ def mount(self) -> Optional[str]: def namespace(self) -> Optional[str]: return pulumi.get(self, "namespace") + @property + @pulumi.getter(name="useRootNamespace") + def use_root_namespace(self) -> Optional[bool]: + return pulumi.get(self, "use_root_namespace") + @pulumi.output_type class AuthLoginKerberos(dict): @@ -418,6 +466,7 @@ def __init__(__self__, *, remove_instance_name: Optional[bool] = None, service: Optional[str] = None, token: Optional[str] = None, + use_root_namespace: Optional[bool] = None, username: Optional[str] = None): if disable_fast_negotiation is not None: pulumi.set(__self__, "disable_fast_negotiation", disable_fast_negotiation) @@ -437,6 +486,8 @@ def __init__(__self__, *, pulumi.set(__self__, "service", service) if token is not None: pulumi.set(__self__, "token", token) + if use_root_namespace is not None: + pulumi.set(__self__, "use_root_namespace", use_root_namespace) if username is not None: pulumi.set(__self__, "username", username) @@ -485,6 +536,11 @@ def service(self) -> Optional[str]: def token(self) -> Optional[str]: return pulumi.get(self, "token") + @property + @pulumi.getter(name="useRootNamespace") + def use_root_namespace(self) -> Optional[bool]: + return pulumi.get(self, "use_root_namespace") + @property @pulumi.getter def username(self) -> Optional[str]: @@ -497,13 +553,16 @@ def __init__(__self__, *, auth_type: str, role: str, mount: Optional[str] = None, - namespace: Optional[str] = None): + namespace: Optional[str] = None, + use_root_namespace: Optional[bool] = None): pulumi.set(__self__, "auth_type", auth_type) pulumi.set(__self__, "role", role) if mount is not None: pulumi.set(__self__, "mount", mount) if namespace is not None: pulumi.set(__self__, "namespace", namespace) + if use_root_namespace is not None: + pulumi.set(__self__, "use_root_namespace", use_root_namespace) @property @pulumi.getter(name="authType") @@ -525,6 +584,11 @@ def mount(self) -> Optional[str]: def namespace(self) -> Optional[str]: return pulumi.get(self, "namespace") + @property + @pulumi.getter(name="useRootNamespace") + def use_root_namespace(self) -> Optional[bool]: + return pulumi.get(self, "use_root_namespace") + @pulumi.output_type class AuthLoginOidc(dict): @@ -533,7 +597,8 @@ def __init__(__self__, *, callback_address: Optional[str] = None, callback_listener_address: Optional[str] = None, mount: Optional[str] = None, - namespace: Optional[str] = None): + namespace: Optional[str] = None, + use_root_namespace: Optional[bool] = None): pulumi.set(__self__, "role", role) if callback_address is not None: pulumi.set(__self__, "callback_address", callback_address) @@ -543,6 +608,8 @@ def __init__(__self__, *, pulumi.set(__self__, "mount", mount) if namespace is not None: pulumi.set(__self__, "namespace", namespace) + if use_root_namespace is not None: + pulumi.set(__self__, "use_root_namespace", use_root_namespace) @property @pulumi.getter @@ -569,6 +636,11 @@ def mount(self) -> Optional[str]: def namespace(self) -> Optional[str]: return pulumi.get(self, "namespace") + @property + @pulumi.getter(name="useRootNamespace") + def use_root_namespace(self) -> Optional[bool]: + return pulumi.get(self, "use_root_namespace") + @pulumi.output_type class AuthLoginRadius(dict): @@ -576,13 +648,16 @@ def __init__(__self__, *, password: str, username: str, mount: Optional[str] = None, - namespace: Optional[str] = None): + namespace: Optional[str] = None, + use_root_namespace: Optional[bool] = None): pulumi.set(__self__, "password", password) pulumi.set(__self__, "username", username) if mount is not None: pulumi.set(__self__, "mount", mount) if namespace is not None: pulumi.set(__self__, "namespace", namespace) + if use_root_namespace is not None: + pulumi.set(__self__, "use_root_namespace", use_root_namespace) @property @pulumi.getter @@ -604,15 +679,23 @@ def mount(self) -> Optional[str]: def namespace(self) -> Optional[str]: return pulumi.get(self, "namespace") + @property + @pulumi.getter(name="useRootNamespace") + def use_root_namespace(self) -> Optional[bool]: + return pulumi.get(self, "use_root_namespace") + @pulumi.output_type class AuthLoginTokenFile(dict): def __init__(__self__, *, filename: str, - namespace: Optional[str] = None): + namespace: Optional[str] = None, + use_root_namespace: Optional[bool] = None): pulumi.set(__self__, "filename", filename) if namespace is not None: pulumi.set(__self__, "namespace", namespace) + if use_root_namespace is not None: + pulumi.set(__self__, "use_root_namespace", use_root_namespace) @property @pulumi.getter @@ -624,6 +707,11 @@ def filename(self) -> str: def namespace(self) -> Optional[str]: return pulumi.get(self, "namespace") + @property + @pulumi.getter(name="useRootNamespace") + def use_root_namespace(self) -> Optional[bool]: + return pulumi.get(self, "use_root_namespace") + @pulumi.output_type class AuthLoginUserpass(dict): @@ -632,7 +720,8 @@ def __init__(__self__, *, mount: Optional[str] = None, namespace: Optional[str] = None, password: Optional[str] = None, - password_file: Optional[str] = None): + password_file: Optional[str] = None, + use_root_namespace: Optional[bool] = None): pulumi.set(__self__, "username", username) if mount is not None: pulumi.set(__self__, "mount", mount) @@ -642,6 +731,8 @@ def __init__(__self__, *, pulumi.set(__self__, "password", password) if password_file is not None: pulumi.set(__self__, "password_file", password_file) + if use_root_namespace is not None: + pulumi.set(__self__, "use_root_namespace", use_root_namespace) @property @pulumi.getter @@ -668,6 +759,11 @@ def password(self) -> Optional[str]: def password_file(self) -> Optional[str]: return pulumi.get(self, "password_file") + @property + @pulumi.getter(name="useRootNamespace") + def use_root_namespace(self) -> Optional[bool]: + return pulumi.get(self, "use_root_namespace") + @pulumi.output_type class ClientAuth(dict): diff --git a/sdk/python/pulumi_vault/config/vars.py b/sdk/python/pulumi_vault/config/vars.py index b6c96a082..d17f13d82 100644 --- a/sdk/python/pulumi_vault/config/vars.py +++ b/sdk/python/pulumi_vault/config/vars.py @@ -170,6 +170,14 @@ def namespace(self) -> Optional[str]: """ return __config__.get('namespace') + @property + def set_namespace_from_token(self) -> Optional[bool]: + """ + In the case where the Vault token is for a specific namespace and the provider namespace is not configured, use the + token namespace as the root namespace for all resources. + """ + return __config__.get_bool('setNamespaceFromToken') + @property def skip_child_token(self) -> Optional[bool]: """ diff --git a/sdk/python/pulumi_vault/consul/secret_backend.py b/sdk/python/pulumi_vault/consul/secret_backend.py index da1960197..0b52c9005 100644 --- a/sdk/python/pulumi_vault/consul/secret_backend.py +++ b/sdk/python/pulumi_vault/consul/secret_backend.py @@ -32,6 +32,10 @@ def __init__(__self__, *, The set of arguments for constructing a SecretBackend resource. :param pulumi.Input[str] address: Specifies the address of the Consul instance, provided as "host:port" like "127.0.0.1:8500". :param pulumi.Input[bool] bootstrap: Denotes that the resource is used to bootstrap the Consul ACL system. + + > **Important** When `bootstrap` is true, Vault will attempt to bootstrap the Consul server. The token returned from + this operation will only ever be known to Vault. If the resource is ever destroyed, the bootstrap token will be lost + and a [Consul reset may be required.](https://learn.hashicorp.com/tutorials/consul/access-control-troubleshoot#reset-the-acl-system) :param pulumi.Input[str] ca_cert: CA certificate to use when verifying Consul server certificate, must be x509 PEM encoded. :param pulumi.Input[str] client_cert: Client certificate used for Consul's TLS communication, must be x509 PEM encoded and if this is set you need to also set client_key. @@ -51,8 +55,7 @@ def __init__(__self__, *, :param pulumi.Input[str] path: The unique location this backend should be mounted at. Must not begin or end with a `/`. Defaults to `consul`. :param pulumi.Input[str] scheme: Specifies the URL scheme to use. Defaults to `http`. - :param pulumi.Input[str] token: The Consul management token this backend should use to issue new tokens. This field is required - when `bootstrap` is false. + :param pulumi.Input[str] token: Specifies the Consul token to use when managing or issuing new tokens. """ pulumi.set(__self__, "address", address) if bootstrap is not None: @@ -99,6 +102,10 @@ def address(self, value: pulumi.Input[str]): def bootstrap(self) -> Optional[pulumi.Input[bool]]: """ Denotes that the resource is used to bootstrap the Consul ACL system. + + > **Important** When `bootstrap` is true, Vault will attempt to bootstrap the Consul server. The token returned from + this operation will only ever be known to Vault. If the resource is ever destroyed, the bootstrap token will be lost + and a [Consul reset may be required.](https://learn.hashicorp.com/tutorials/consul/access-control-troubleshoot#reset-the-acl-system) """ return pulumi.get(self, "bootstrap") @@ -250,8 +257,7 @@ def scheme(self, value: Optional[pulumi.Input[str]]): @pulumi.getter def token(self) -> Optional[pulumi.Input[str]]: """ - The Consul management token this backend should use to issue new tokens. This field is required - when `bootstrap` is false. + Specifies the Consul token to use when managing or issuing new tokens. """ return pulumi.get(self, "token") @@ -281,6 +287,10 @@ def __init__(__self__, *, Input properties used for looking up and filtering SecretBackend resources. :param pulumi.Input[str] address: Specifies the address of the Consul instance, provided as "host:port" like "127.0.0.1:8500". :param pulumi.Input[bool] bootstrap: Denotes that the resource is used to bootstrap the Consul ACL system. + + > **Important** When `bootstrap` is true, Vault will attempt to bootstrap the Consul server. The token returned from + this operation will only ever be known to Vault. If the resource is ever destroyed, the bootstrap token will be lost + and a [Consul reset may be required.](https://learn.hashicorp.com/tutorials/consul/access-control-troubleshoot#reset-the-acl-system) :param pulumi.Input[str] ca_cert: CA certificate to use when verifying Consul server certificate, must be x509 PEM encoded. :param pulumi.Input[str] client_cert: Client certificate used for Consul's TLS communication, must be x509 PEM encoded and if this is set you need to also set client_key. @@ -300,8 +310,7 @@ def __init__(__self__, *, :param pulumi.Input[str] path: The unique location this backend should be mounted at. Must not begin or end with a `/`. Defaults to `consul`. :param pulumi.Input[str] scheme: Specifies the URL scheme to use. Defaults to `http`. - :param pulumi.Input[str] token: The Consul management token this backend should use to issue new tokens. This field is required - when `bootstrap` is false. + :param pulumi.Input[str] token: Specifies the Consul token to use when managing or issuing new tokens. """ if address is not None: pulumi.set(__self__, "address", address) @@ -349,6 +358,10 @@ def address(self, value: Optional[pulumi.Input[str]]): def bootstrap(self) -> Optional[pulumi.Input[bool]]: """ Denotes that the resource is used to bootstrap the Consul ACL system. + + > **Important** When `bootstrap` is true, Vault will attempt to bootstrap the Consul server. The token returned from + this operation will only ever be known to Vault. If the resource is ever destroyed, the bootstrap token will be lost + and a [Consul reset may be required.](https://learn.hashicorp.com/tutorials/consul/access-control-troubleshoot#reset-the-acl-system) """ return pulumi.get(self, "bootstrap") @@ -500,8 +513,7 @@ def scheme(self, value: Optional[pulumi.Input[str]]): @pulumi.getter def token(self) -> Optional[pulumi.Input[str]]: """ - The Consul management token this backend should use to issue new tokens. This field is required - when `bootstrap` is false. + Specifies the Consul token to use when managing or issuing new tokens. """ return pulumi.get(self, "token") @@ -567,6 +579,10 @@ def __init__(__self__, :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] address: Specifies the address of the Consul instance, provided as "host:port" like "127.0.0.1:8500". :param pulumi.Input[bool] bootstrap: Denotes that the resource is used to bootstrap the Consul ACL system. + + > **Important** When `bootstrap` is true, Vault will attempt to bootstrap the Consul server. The token returned from + this operation will only ever be known to Vault. If the resource is ever destroyed, the bootstrap token will be lost + and a [Consul reset may be required.](https://learn.hashicorp.com/tutorials/consul/access-control-troubleshoot#reset-the-acl-system) :param pulumi.Input[str] ca_cert: CA certificate to use when verifying Consul server certificate, must be x509 PEM encoded. :param pulumi.Input[str] client_cert: Client certificate used for Consul's TLS communication, must be x509 PEM encoded and if this is set you need to also set client_key. @@ -586,8 +602,7 @@ def __init__(__self__, :param pulumi.Input[str] path: The unique location this backend should be mounted at. Must not begin or end with a `/`. Defaults to `consul`. :param pulumi.Input[str] scheme: Specifies the URL scheme to use. Defaults to `http`. - :param pulumi.Input[str] token: The Consul management token this backend should use to issue new tokens. This field is required - when `bootstrap` is false. + :param pulumi.Input[str] token: Specifies the Consul token to use when managing or issuing new tokens. """ ... @overload @@ -717,6 +732,10 @@ def get(resource_name: str, :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] address: Specifies the address of the Consul instance, provided as "host:port" like "127.0.0.1:8500". :param pulumi.Input[bool] bootstrap: Denotes that the resource is used to bootstrap the Consul ACL system. + + > **Important** When `bootstrap` is true, Vault will attempt to bootstrap the Consul server. The token returned from + this operation will only ever be known to Vault. If the resource is ever destroyed, the bootstrap token will be lost + and a [Consul reset may be required.](https://learn.hashicorp.com/tutorials/consul/access-control-troubleshoot#reset-the-acl-system) :param pulumi.Input[str] ca_cert: CA certificate to use when verifying Consul server certificate, must be x509 PEM encoded. :param pulumi.Input[str] client_cert: Client certificate used for Consul's TLS communication, must be x509 PEM encoded and if this is set you need to also set client_key. @@ -736,8 +755,7 @@ def get(resource_name: str, :param pulumi.Input[str] path: The unique location this backend should be mounted at. Must not begin or end with a `/`. Defaults to `consul`. :param pulumi.Input[str] scheme: Specifies the URL scheme to use. Defaults to `http`. - :param pulumi.Input[str] token: The Consul management token this backend should use to issue new tokens. This field is required - when `bootstrap` is false. + :param pulumi.Input[str] token: Specifies the Consul token to use when managing or issuing new tokens. """ opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) @@ -772,6 +790,10 @@ def address(self) -> pulumi.Output[str]: def bootstrap(self) -> pulumi.Output[Optional[bool]]: """ Denotes that the resource is used to bootstrap the Consul ACL system. + + > **Important** When `bootstrap` is true, Vault will attempt to bootstrap the Consul server. The token returned from + this operation will only ever be known to Vault. If the resource is ever destroyed, the bootstrap token will be lost + and a [Consul reset may be required.](https://learn.hashicorp.com/tutorials/consul/access-control-troubleshoot#reset-the-acl-system) """ return pulumi.get(self, "bootstrap") @@ -875,8 +897,7 @@ def scheme(self) -> pulumi.Output[Optional[str]]: @pulumi.getter def token(self) -> pulumi.Output[Optional[str]]: """ - The Consul management token this backend should use to issue new tokens. This field is required - when `bootstrap` is false. + Specifies the Consul token to use when managing or issuing new tokens. """ return pulumi.get(self, "token") diff --git a/sdk/python/pulumi_vault/consul/secret_backend_role.py b/sdk/python/pulumi_vault/consul/secret_backend_role.py index 1788b193a..6ba818704 100644 --- a/sdk/python/pulumi_vault/consul/secret_backend_role.py +++ b/sdk/python/pulumi_vault/consul/secret_backend_role.py @@ -249,6 +249,9 @@ def token_type(self) -> Optional[pulumi.Input[str]]: Specifies the type of token to create when using this role. Valid values are "client" or "management". *Deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.* """ + warnings.warn("""Consul 1.11 and later removed the legacy ACL system which supported this field.""", DeprecationWarning) + pulumi.log.warn("""token_type is deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.""") + return pulumi.get(self, "token_type") @token_type.setter @@ -506,6 +509,9 @@ def token_type(self) -> Optional[pulumi.Input[str]]: Specifies the type of token to create when using this role. Valid values are "client" or "management". *Deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.* """ + warnings.warn("""Consul 1.11 and later removed the legacy ACL system which supported this field.""", DeprecationWarning) + pulumi.log.warn("""token_type is deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.""") + return pulumi.get(self, "token_type") @token_type.setter @@ -693,9 +699,6 @@ def _internal_init(__self__, __props__.__dict__["partition"] = partition __props__.__dict__["policies"] = policies __props__.__dict__["service_identities"] = service_identities - if token_type is not None and not opts.urn: - warnings.warn("""Consul 1.11 and later removed the legacy ACL system which supported this field.""", DeprecationWarning) - pulumi.log.warn("""token_type is deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.""") __props__.__dict__["token_type"] = token_type __props__.__dict__["ttl"] = ttl super(SecretBackendRole, __self__).__init__( @@ -888,6 +891,9 @@ def token_type(self) -> pulumi.Output[Optional[str]]: Specifies the type of token to create when using this role. Valid values are "client" or "management". *Deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.* """ + warnings.warn("""Consul 1.11 and later removed the legacy ACL system which supported this field.""", DeprecationWarning) + pulumi.log.warn("""token_type is deprecated: Consul 1.11 and later removed the legacy ACL system which supported this field.""") + return pulumi.get(self, "token_type") @property diff --git a/sdk/python/pulumi_vault/database/_inputs.py b/sdk/python/pulumi_vault/database/_inputs.py index c0036a61c..8262f085d 100644 --- a/sdk/python/pulumi_vault/database/_inputs.py +++ b/sdk/python/pulumi_vault/database/_inputs.py @@ -64,18 +64,18 @@ def __init__(__self__, *, """ :param pulumi.Input[int] connect_timeout: The number of seconds to use as a connection timeout. - :param pulumi.Input[Sequence[pulumi.Input[str]]] hosts: A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + :param pulumi.Input[Sequence[pulumi.Input[str]]] hosts: The hosts to connect to. :param pulumi.Input[bool] insecure_tls: Whether to skip verification of the server certificate when using TLS. - :param pulumi.Input[str] password: The root credential password used in the connection URL. + :param pulumi.Input[str] password: The password to authenticate with. :param pulumi.Input[str] pem_bundle: Concatenated PEM blocks configuring the certificate chain. :param pulumi.Input[str] pem_json: A JSON structure configuring the certificate chain. :param pulumi.Input[int] port: The default port to connect to if no port is specified as part of the host. :param pulumi.Input[int] protocol_version: The CQL protocol version to use. - :param pulumi.Input[bool] tls: Whether to use TLS when connecting to Redis. - :param pulumi.Input[str] username: The root credential username used in the connection URL. + :param pulumi.Input[bool] tls: Whether to use TLS when connecting to Cassandra. + :param pulumi.Input[str] username: The username to authenticate with. """ if connect_timeout is not None: pulumi.set(__self__, "connect_timeout", connect_timeout) @@ -115,7 +115,7 @@ def connect_timeout(self, value: Optional[pulumi.Input[int]]): @pulumi.getter def hosts(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: """ - A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + The hosts to connect to. """ return pulumi.get(self, "hosts") @@ -140,7 +140,7 @@ def insecure_tls(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter def password(self) -> Optional[pulumi.Input[str]]: """ - The root credential password used in the connection URL. + The password to authenticate with. """ return pulumi.get(self, "password") @@ -202,7 +202,7 @@ def protocol_version(self, value: Optional[pulumi.Input[int]]): @pulumi.getter def tls(self) -> Optional[pulumi.Input[bool]]: """ - Whether to use TLS when connecting to Redis. + Whether to use TLS when connecting to Cassandra. """ return pulumi.get(self, "tls") @@ -214,7 +214,7 @@ def tls(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter def username(self) -> Optional[pulumi.Input[str]]: """ - The root credential username used in the connection URL. + The username to authenticate with. """ return pulumi.get(self, "username") @@ -235,15 +235,15 @@ def __init__(__self__, *, tls: Optional[pulumi.Input[bool]] = None, username_template: Optional[pulumi.Input[str]] = None): """ - :param pulumi.Input[Sequence[pulumi.Input[str]]] hosts: A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. - :param pulumi.Input[str] password: The root credential password used in the connection URL. - :param pulumi.Input[str] username: The root credential username used in the connection URL. + :param pulumi.Input[Sequence[pulumi.Input[str]]] hosts: The hosts to connect to. + :param pulumi.Input[str] password: The password to authenticate with. + :param pulumi.Input[str] username: The username to authenticate with. :param pulumi.Input[str] base64_pem: Required if `tls` is `true`. Specifies the certificate authority of the Couchbase server, as a PEM certificate that has been base64 encoded. :param pulumi.Input[str] bucket_name: Required for Couchbase versions prior to 6.5.0. This is only used to verify vault's connection to the server. :param pulumi.Input[bool] insecure_tls: Whether to skip verification of the server certificate when using TLS. - :param pulumi.Input[bool] tls: Whether to use TLS when connecting to Redis. - :param pulumi.Input[str] username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + :param pulumi.Input[bool] tls: Whether to use TLS when connecting to Cassandra. + :param pulumi.Input[str] username_template: Template describing how dynamic usernames are generated. """ pulumi.set(__self__, "hosts", hosts) pulumi.set(__self__, "password", password) @@ -263,7 +263,7 @@ def __init__(__self__, *, @pulumi.getter def hosts(self) -> pulumi.Input[Sequence[pulumi.Input[str]]]: """ - A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + The hosts to connect to. """ return pulumi.get(self, "hosts") @@ -275,7 +275,7 @@ def hosts(self, value: pulumi.Input[Sequence[pulumi.Input[str]]]): @pulumi.getter def password(self) -> pulumi.Input[str]: """ - The root credential password used in the connection URL. + The password to authenticate with. """ return pulumi.get(self, "password") @@ -287,7 +287,7 @@ def password(self, value: pulumi.Input[str]): @pulumi.getter def username(self) -> pulumi.Input[str]: """ - The root credential username used in the connection URL. + The username to authenticate with. """ return pulumi.get(self, "username") @@ -336,7 +336,7 @@ def insecure_tls(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter def tls(self) -> Optional[pulumi.Input[bool]]: """ - Whether to use TLS when connecting to Redis. + Whether to use TLS when connecting to Cassandra. """ return pulumi.get(self, "tls") @@ -348,7 +348,7 @@ def tls(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[pulumi.Input[str]]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + Template describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -371,17 +371,17 @@ def __init__(__self__, *, tls_server_name: Optional[pulumi.Input[str]] = None, username_template: Optional[pulumi.Input[str]] = None): """ - :param pulumi.Input[str] password: The root credential password used in the connection URL. + :param pulumi.Input[str] password: The password to authenticate with. :param pulumi.Input[str] url: The URL for Elasticsearch's API. https requires certificate by trusted CA if used. - :param pulumi.Input[str] username: The root credential username used in the connection URL. + :param pulumi.Input[str] username: The username to authenticate with. :param pulumi.Input[str] ca_cert: The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. :param pulumi.Input[str] ca_path: The path to a directory of PEM-encoded CA cert files to use to verify the Elasticsearch server's identity. :param pulumi.Input[str] client_cert: The path to the certificate for the Elasticsearch client to present for communication. :param pulumi.Input[str] client_key: The path to the key for the Elasticsearch client to use for communication. :param pulumi.Input[bool] insecure: Whether to disable certificate verification. :param pulumi.Input[str] tls_server_name: This, if set, is used to set the SNI host when connecting via TLS. - :param pulumi.Input[str] username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + :param pulumi.Input[str] username_template: Template describing how dynamic usernames are generated. """ pulumi.set(__self__, "password", password) pulumi.set(__self__, "url", url) @@ -405,7 +405,7 @@ def __init__(__self__, *, @pulumi.getter def password(self) -> pulumi.Input[str]: """ - The root credential password used in the connection URL. + The password to authenticate with. """ return pulumi.get(self, "password") @@ -430,7 +430,7 @@ def url(self, value: pulumi.Input[str]): @pulumi.getter def username(self) -> pulumi.Input[str]: """ - The root credential username used in the connection URL. + The username to authenticate with. """ return pulumi.get(self, "username") @@ -514,7 +514,7 @@ def tls_server_name(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[pulumi.Input[str]]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + Template describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -534,18 +534,19 @@ def __init__(__self__, *, password: Optional[pulumi.Input[str]] = None, username: Optional[pulumi.Input[str]] = None): """ - :param pulumi.Input[str] connection_url: Specifies the Redshift DSN. See + :param pulumi.Input[str] connection_url: A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. :param pulumi.Input[bool] disable_escaping: Disable special character escaping in username and password. - :param pulumi.Input[int] max_connection_lifetime: The maximum amount of time a connection may be reused. + :param pulumi.Input[int] max_connection_lifetime: The maximum number of seconds to keep + a connection alive for. :param pulumi.Input[int] max_idle_connections: The maximum number of idle connections to - the database. + maintain. :param pulumi.Input[int] max_open_connections: The maximum number of open connections to - the database. - :param pulumi.Input[str] password: The root credential password used in the connection URL. - :param pulumi.Input[str] username: The root credential username used in the connection URL. + use. + :param pulumi.Input[str] password: The password to authenticate with. + :param pulumi.Input[str] username: The username to authenticate with. """ if connection_url is not None: pulumi.set(__self__, "connection_url", connection_url) @@ -566,9 +567,9 @@ def __init__(__self__, *, @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[pulumi.Input[str]]: """ - Specifies the Redshift DSN. See + A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. """ return pulumi.get(self, "connection_url") @@ -593,7 +594,8 @@ def disable_escaping(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[pulumi.Input[int]]: """ - The maximum amount of time a connection may be reused. + The maximum number of seconds to keep + a connection alive for. """ return pulumi.get(self, "max_connection_lifetime") @@ -606,7 +608,7 @@ def max_connection_lifetime(self, value: Optional[pulumi.Input[int]]): def max_idle_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of idle connections to - the database. + maintain. """ return pulumi.get(self, "max_idle_connections") @@ -619,7 +621,7 @@ def max_idle_connections(self, value: Optional[pulumi.Input[int]]): def max_open_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of open connections to - the database. + use. """ return pulumi.get(self, "max_open_connections") @@ -631,7 +633,7 @@ def max_open_connections(self, value: Optional[pulumi.Input[int]]): @pulumi.getter def password(self) -> Optional[pulumi.Input[str]]: """ - The root credential password used in the connection URL. + The password to authenticate with. """ return pulumi.get(self, "password") @@ -643,7 +645,7 @@ def password(self, value: Optional[pulumi.Input[str]]): @pulumi.getter def username(self) -> Optional[pulumi.Input[str]]: """ - The root credential username used in the connection URL. + The username to authenticate with. """ return pulumi.get(self, "username") @@ -667,8 +669,8 @@ def __init__(__self__, *, username_template: Optional[pulumi.Input[str]] = None): """ :param pulumi.Input[str] host: The host to connect to. - :param pulumi.Input[str] password: The root credential password used in the connection URL. - :param pulumi.Input[str] username: The root credential username used in the connection URL. + :param pulumi.Input[str] password: The password to authenticate with. + :param pulumi.Input[str] username: The username to authenticate with. :param pulumi.Input[int] connect_timeout: The number of seconds to use as a connection timeout. :param pulumi.Input[bool] insecure_tls: Whether to skip verification of the server @@ -678,8 +680,8 @@ def __init__(__self__, *, :param pulumi.Input[str] pem_json: A JSON structure configuring the certificate chain. :param pulumi.Input[int] port: The default port to connect to if no port is specified as part of the host. - :param pulumi.Input[bool] tls: Whether to use TLS when connecting to Redis. - :param pulumi.Input[str] username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + :param pulumi.Input[bool] tls: Whether to use TLS when connecting to Cassandra. + :param pulumi.Input[str] username_template: Template describing how dynamic usernames are generated. """ pulumi.set(__self__, "host", host) pulumi.set(__self__, "password", password) @@ -715,7 +717,7 @@ def host(self, value: pulumi.Input[str]): @pulumi.getter def password(self) -> pulumi.Input[str]: """ - The root credential password used in the connection URL. + The password to authenticate with. """ return pulumi.get(self, "password") @@ -727,7 +729,7 @@ def password(self, value: pulumi.Input[str]): @pulumi.getter def username(self) -> pulumi.Input[str]: """ - The root credential username used in the connection URL. + The username to authenticate with. """ return pulumi.get(self, "username") @@ -803,7 +805,7 @@ def port(self, value: Optional[pulumi.Input[int]]): @pulumi.getter def tls(self) -> Optional[pulumi.Input[bool]]: """ - Whether to use TLS when connecting to Redis. + Whether to use TLS when connecting to Cassandra. """ return pulumi.get(self, "tls") @@ -815,7 +817,7 @@ def tls(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[pulumi.Input[str]]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + Template describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -835,18 +837,19 @@ def __init__(__self__, *, username: Optional[pulumi.Input[str]] = None, username_template: Optional[pulumi.Input[str]] = None): """ - :param pulumi.Input[str] connection_url: Specifies the Redshift DSN. See + :param pulumi.Input[str] connection_url: A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. - :param pulumi.Input[int] max_connection_lifetime: The maximum amount of time a connection may be reused. + :param pulumi.Input[int] max_connection_lifetime: The maximum number of seconds to keep + a connection alive for. :param pulumi.Input[int] max_idle_connections: The maximum number of idle connections to - the database. + maintain. :param pulumi.Input[int] max_open_connections: The maximum number of open connections to - the database. - :param pulumi.Input[str] password: The root credential password used in the connection URL. - :param pulumi.Input[str] username: The root credential username used in the connection URL. - :param pulumi.Input[str] username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + use. + :param pulumi.Input[str] password: The password to authenticate with. + :param pulumi.Input[str] username: The username to authenticate with. + :param pulumi.Input[str] username_template: Template describing how dynamic usernames are generated. """ if connection_url is not None: pulumi.set(__self__, "connection_url", connection_url) @@ -867,9 +870,9 @@ def __init__(__self__, *, @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[pulumi.Input[str]]: """ - Specifies the Redshift DSN. See + A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. """ return pulumi.get(self, "connection_url") @@ -882,7 +885,8 @@ def connection_url(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[pulumi.Input[int]]: """ - The maximum amount of time a connection may be reused. + The maximum number of seconds to keep + a connection alive for. """ return pulumi.get(self, "max_connection_lifetime") @@ -895,7 +899,7 @@ def max_connection_lifetime(self, value: Optional[pulumi.Input[int]]): def max_idle_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of idle connections to - the database. + maintain. """ return pulumi.get(self, "max_idle_connections") @@ -908,7 +912,7 @@ def max_idle_connections(self, value: Optional[pulumi.Input[int]]): def max_open_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of open connections to - the database. + use. """ return pulumi.get(self, "max_open_connections") @@ -920,7 +924,7 @@ def max_open_connections(self, value: Optional[pulumi.Input[int]]): @pulumi.getter def password(self) -> Optional[pulumi.Input[str]]: """ - The root credential password used in the connection URL. + The password to authenticate with. """ return pulumi.get(self, "password") @@ -932,7 +936,7 @@ def password(self, value: Optional[pulumi.Input[str]]): @pulumi.getter def username(self) -> Optional[pulumi.Input[str]]: """ - The root credential username used in the connection URL. + The username to authenticate with. """ return pulumi.get(self, "username") @@ -944,7 +948,7 @@ def username(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[pulumi.Input[str]]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + Template describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -1018,23 +1022,24 @@ def __init__(__self__, *, username: Optional[pulumi.Input[str]] = None, username_template: Optional[pulumi.Input[str]] = None): """ - :param pulumi.Input[str] connection_url: Specifies the Redshift DSN. See + :param pulumi.Input[str] connection_url: A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. :param pulumi.Input[bool] contained_db: For Vault v1.9+. Set to true when the target is a Contained Database, e.g. AzureSQL. See the [Vault docs](https://www.vaultproject.io/api/secret/databases/mssql#contained_db) :param pulumi.Input[bool] disable_escaping: Disable special character escaping in username and password. - :param pulumi.Input[int] max_connection_lifetime: The maximum amount of time a connection may be reused. + :param pulumi.Input[int] max_connection_lifetime: The maximum number of seconds to keep + a connection alive for. :param pulumi.Input[int] max_idle_connections: The maximum number of idle connections to - the database. + maintain. :param pulumi.Input[int] max_open_connections: The maximum number of open connections to - the database. - :param pulumi.Input[str] password: The root credential password used in the connection URL. - :param pulumi.Input[str] username: The root credential username used in the connection URL. - :param pulumi.Input[str] username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + use. + :param pulumi.Input[str] password: The password to authenticate with. + :param pulumi.Input[str] username: The username to authenticate with. + :param pulumi.Input[str] username_template: Template describing how dynamic usernames are generated. """ if connection_url is not None: pulumi.set(__self__, "connection_url", connection_url) @@ -1059,9 +1064,9 @@ def __init__(__self__, *, @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[pulumi.Input[str]]: """ - Specifies the Redshift DSN. See + A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. """ return pulumi.get(self, "connection_url") @@ -1101,7 +1106,8 @@ def disable_escaping(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[pulumi.Input[int]]: """ - The maximum amount of time a connection may be reused. + The maximum number of seconds to keep + a connection alive for. """ return pulumi.get(self, "max_connection_lifetime") @@ -1114,7 +1120,7 @@ def max_connection_lifetime(self, value: Optional[pulumi.Input[int]]): def max_idle_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of idle connections to - the database. + maintain. """ return pulumi.get(self, "max_idle_connections") @@ -1127,7 +1133,7 @@ def max_idle_connections(self, value: Optional[pulumi.Input[int]]): def max_open_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of open connections to - the database. + use. """ return pulumi.get(self, "max_open_connections") @@ -1139,7 +1145,7 @@ def max_open_connections(self, value: Optional[pulumi.Input[int]]): @pulumi.getter def password(self) -> Optional[pulumi.Input[str]]: """ - The root credential password used in the connection URL. + The password to authenticate with. """ return pulumi.get(self, "password") @@ -1151,7 +1157,7 @@ def password(self, value: Optional[pulumi.Input[str]]): @pulumi.getter def username(self) -> Optional[pulumi.Input[str]]: """ - The root credential username used in the connection URL. + The username to authenticate with. """ return pulumi.get(self, "username") @@ -1163,7 +1169,7 @@ def username(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[pulumi.Input[str]]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + Template describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -1188,21 +1194,22 @@ def __init__(__self__, *, username_template: Optional[pulumi.Input[str]] = None): """ :param pulumi.Input[str] auth_type: Enable IAM authentication to a Google Cloud instance when set to `gcp_iam` - :param pulumi.Input[str] connection_url: Specifies the Redshift DSN. See + :param pulumi.Input[str] connection_url: A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. - :param pulumi.Input[int] max_connection_lifetime: The maximum amount of time a connection may be reused. + :param pulumi.Input[int] max_connection_lifetime: The maximum number of seconds to keep + a connection alive for. :param pulumi.Input[int] max_idle_connections: The maximum number of idle connections to - the database. + maintain. :param pulumi.Input[int] max_open_connections: The maximum number of open connections to - the database. - :param pulumi.Input[str] password: The root credential password used in the connection URL. + use. + :param pulumi.Input[str] password: The password to authenticate with. :param pulumi.Input[str] service_account_json: JSON encoding of an IAM access key. Requires `auth_type` to be `gcp_iam`. :param pulumi.Input[str] tls_ca: x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded. :param pulumi.Input[str] tls_certificate_key: x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined. - :param pulumi.Input[str] username: The root credential username used in the connection URL. - :param pulumi.Input[str] username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + :param pulumi.Input[str] username: The username to authenticate with. + :param pulumi.Input[str] username_template: Template describing how dynamic usernames are generated. """ if auth_type is not None: pulumi.set(__self__, "auth_type", auth_type) @@ -1243,9 +1250,9 @@ def auth_type(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[pulumi.Input[str]]: """ - Specifies the Redshift DSN. See + A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. """ return pulumi.get(self, "connection_url") @@ -1258,7 +1265,8 @@ def connection_url(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[pulumi.Input[int]]: """ - The maximum amount of time a connection may be reused. + The maximum number of seconds to keep + a connection alive for. """ return pulumi.get(self, "max_connection_lifetime") @@ -1271,7 +1279,7 @@ def max_connection_lifetime(self, value: Optional[pulumi.Input[int]]): def max_idle_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of idle connections to - the database. + maintain. """ return pulumi.get(self, "max_idle_connections") @@ -1284,7 +1292,7 @@ def max_idle_connections(self, value: Optional[pulumi.Input[int]]): def max_open_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of open connections to - the database. + use. """ return pulumi.get(self, "max_open_connections") @@ -1296,7 +1304,7 @@ def max_open_connections(self, value: Optional[pulumi.Input[int]]): @pulumi.getter def password(self) -> Optional[pulumi.Input[str]]: """ - The root credential password used in the connection URL. + The password to authenticate with. """ return pulumi.get(self, "password") @@ -1344,7 +1352,7 @@ def tls_certificate_key(self, value: Optional[pulumi.Input[str]]): @pulumi.getter def username(self) -> Optional[pulumi.Input[str]]: """ - The root credential username used in the connection URL. + The username to authenticate with. """ return pulumi.get(self, "username") @@ -1356,7 +1364,7 @@ def username(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[pulumi.Input[str]]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + Template describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -1376,18 +1384,19 @@ def __init__(__self__, *, username: Optional[pulumi.Input[str]] = None, username_template: Optional[pulumi.Input[str]] = None): """ - :param pulumi.Input[str] connection_url: Specifies the Redshift DSN. See + :param pulumi.Input[str] connection_url: A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. - :param pulumi.Input[int] max_connection_lifetime: The maximum amount of time a connection may be reused. + :param pulumi.Input[int] max_connection_lifetime: The maximum number of seconds to keep + a connection alive for. :param pulumi.Input[int] max_idle_connections: The maximum number of idle connections to - the database. + maintain. :param pulumi.Input[int] max_open_connections: The maximum number of open connections to - the database. - :param pulumi.Input[str] password: The root credential password used in the connection URL. - :param pulumi.Input[str] username: The root credential username used in the connection URL. - :param pulumi.Input[str] username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + use. + :param pulumi.Input[str] password: The password to authenticate with. + :param pulumi.Input[str] username: The username to authenticate with. + :param pulumi.Input[str] username_template: Template describing how dynamic usernames are generated. """ if connection_url is not None: pulumi.set(__self__, "connection_url", connection_url) @@ -1408,9 +1417,9 @@ def __init__(__self__, *, @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[pulumi.Input[str]]: """ - Specifies the Redshift DSN. See + A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. """ return pulumi.get(self, "connection_url") @@ -1423,7 +1432,8 @@ def connection_url(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[pulumi.Input[int]]: """ - The maximum amount of time a connection may be reused. + The maximum number of seconds to keep + a connection alive for. """ return pulumi.get(self, "max_connection_lifetime") @@ -1436,7 +1446,7 @@ def max_connection_lifetime(self, value: Optional[pulumi.Input[int]]): def max_idle_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of idle connections to - the database. + maintain. """ return pulumi.get(self, "max_idle_connections") @@ -1449,7 +1459,7 @@ def max_idle_connections(self, value: Optional[pulumi.Input[int]]): def max_open_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of open connections to - the database. + use. """ return pulumi.get(self, "max_open_connections") @@ -1461,7 +1471,7 @@ def max_open_connections(self, value: Optional[pulumi.Input[int]]): @pulumi.getter def password(self) -> Optional[pulumi.Input[str]]: """ - The root credential password used in the connection URL. + The password to authenticate with. """ return pulumi.get(self, "password") @@ -1473,7 +1483,7 @@ def password(self, value: Optional[pulumi.Input[str]]): @pulumi.getter def username(self) -> Optional[pulumi.Input[str]]: """ - The root credential username used in the connection URL. + The username to authenticate with. """ return pulumi.get(self, "username") @@ -1485,7 +1495,7 @@ def username(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[pulumi.Input[str]]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + Template describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -1505,18 +1515,19 @@ def __init__(__self__, *, username: Optional[pulumi.Input[str]] = None, username_template: Optional[pulumi.Input[str]] = None): """ - :param pulumi.Input[str] connection_url: Specifies the Redshift DSN. See + :param pulumi.Input[str] connection_url: A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. - :param pulumi.Input[int] max_connection_lifetime: The maximum amount of time a connection may be reused. + :param pulumi.Input[int] max_connection_lifetime: The maximum number of seconds to keep + a connection alive for. :param pulumi.Input[int] max_idle_connections: The maximum number of idle connections to - the database. + maintain. :param pulumi.Input[int] max_open_connections: The maximum number of open connections to - the database. - :param pulumi.Input[str] password: The root credential password used in the connection URL. - :param pulumi.Input[str] username: The root credential username used in the connection URL. - :param pulumi.Input[str] username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + use. + :param pulumi.Input[str] password: The password to authenticate with. + :param pulumi.Input[str] username: The username to authenticate with. + :param pulumi.Input[str] username_template: Template describing how dynamic usernames are generated. """ if connection_url is not None: pulumi.set(__self__, "connection_url", connection_url) @@ -1537,9 +1548,9 @@ def __init__(__self__, *, @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[pulumi.Input[str]]: """ - Specifies the Redshift DSN. See + A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. """ return pulumi.get(self, "connection_url") @@ -1552,7 +1563,8 @@ def connection_url(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[pulumi.Input[int]]: """ - The maximum amount of time a connection may be reused. + The maximum number of seconds to keep + a connection alive for. """ return pulumi.get(self, "max_connection_lifetime") @@ -1565,7 +1577,7 @@ def max_connection_lifetime(self, value: Optional[pulumi.Input[int]]): def max_idle_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of idle connections to - the database. + maintain. """ return pulumi.get(self, "max_idle_connections") @@ -1578,7 +1590,7 @@ def max_idle_connections(self, value: Optional[pulumi.Input[int]]): def max_open_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of open connections to - the database. + use. """ return pulumi.get(self, "max_open_connections") @@ -1590,7 +1602,7 @@ def max_open_connections(self, value: Optional[pulumi.Input[int]]): @pulumi.getter def password(self) -> Optional[pulumi.Input[str]]: """ - The root credential password used in the connection URL. + The password to authenticate with. """ return pulumi.get(self, "password") @@ -1602,7 +1614,7 @@ def password(self, value: Optional[pulumi.Input[str]]): @pulumi.getter def username(self) -> Optional[pulumi.Input[str]]: """ - The root credential username used in the connection URL. + The username to authenticate with. """ return pulumi.get(self, "username") @@ -1614,7 +1626,7 @@ def username(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[pulumi.Input[str]]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + Template describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -1634,18 +1646,19 @@ def __init__(__self__, *, username: Optional[pulumi.Input[str]] = None, username_template: Optional[pulumi.Input[str]] = None): """ - :param pulumi.Input[str] connection_url: Specifies the Redshift DSN. See + :param pulumi.Input[str] connection_url: A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. - :param pulumi.Input[int] max_connection_lifetime: The maximum amount of time a connection may be reused. + :param pulumi.Input[int] max_connection_lifetime: The maximum number of seconds to keep + a connection alive for. :param pulumi.Input[int] max_idle_connections: The maximum number of idle connections to - the database. + maintain. :param pulumi.Input[int] max_open_connections: The maximum number of open connections to - the database. - :param pulumi.Input[str] password: The root credential password used in the connection URL. - :param pulumi.Input[str] username: The root credential username used in the connection URL. - :param pulumi.Input[str] username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + use. + :param pulumi.Input[str] password: The password to authenticate with. + :param pulumi.Input[str] username: The username to authenticate with. + :param pulumi.Input[str] username_template: Template describing how dynamic usernames are generated. """ if connection_url is not None: pulumi.set(__self__, "connection_url", connection_url) @@ -1666,9 +1679,9 @@ def __init__(__self__, *, @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[pulumi.Input[str]]: """ - Specifies the Redshift DSN. See + A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. """ return pulumi.get(self, "connection_url") @@ -1681,7 +1694,8 @@ def connection_url(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[pulumi.Input[int]]: """ - The maximum amount of time a connection may be reused. + The maximum number of seconds to keep + a connection alive for. """ return pulumi.get(self, "max_connection_lifetime") @@ -1694,7 +1708,7 @@ def max_connection_lifetime(self, value: Optional[pulumi.Input[int]]): def max_idle_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of idle connections to - the database. + maintain. """ return pulumi.get(self, "max_idle_connections") @@ -1707,7 +1721,7 @@ def max_idle_connections(self, value: Optional[pulumi.Input[int]]): def max_open_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of open connections to - the database. + use. """ return pulumi.get(self, "max_open_connections") @@ -1719,7 +1733,7 @@ def max_open_connections(self, value: Optional[pulumi.Input[int]]): @pulumi.getter def password(self) -> Optional[pulumi.Input[str]]: """ - The root credential password used in the connection URL. + The password to authenticate with. """ return pulumi.get(self, "password") @@ -1731,7 +1745,7 @@ def password(self, value: Optional[pulumi.Input[str]]): @pulumi.getter def username(self) -> Optional[pulumi.Input[str]]: """ - The root credential username used in the connection URL. + The username to authenticate with. """ return pulumi.get(self, "username") @@ -1743,7 +1757,7 @@ def username(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[pulumi.Input[str]]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + Template describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -1763,18 +1777,19 @@ def __init__(__self__, *, username: Optional[pulumi.Input[str]] = None, username_template: Optional[pulumi.Input[str]] = None): """ - :param pulumi.Input[str] connection_url: Specifies the Redshift DSN. See + :param pulumi.Input[str] connection_url: A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. - :param pulumi.Input[int] max_connection_lifetime: The maximum amount of time a connection may be reused. + :param pulumi.Input[int] max_connection_lifetime: The maximum number of seconds to keep + a connection alive for. :param pulumi.Input[int] max_idle_connections: The maximum number of idle connections to - the database. + maintain. :param pulumi.Input[int] max_open_connections: The maximum number of open connections to - the database. - :param pulumi.Input[str] password: The root credential password used in the connection URL. - :param pulumi.Input[str] username: The root credential username used in the connection URL. - :param pulumi.Input[str] username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + use. + :param pulumi.Input[str] password: The password to authenticate with. + :param pulumi.Input[str] username: The username to authenticate with. + :param pulumi.Input[str] username_template: Template describing how dynamic usernames are generated. """ if connection_url is not None: pulumi.set(__self__, "connection_url", connection_url) @@ -1795,9 +1810,9 @@ def __init__(__self__, *, @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[pulumi.Input[str]]: """ - Specifies the Redshift DSN. See + A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. """ return pulumi.get(self, "connection_url") @@ -1810,7 +1825,8 @@ def connection_url(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[pulumi.Input[int]]: """ - The maximum amount of time a connection may be reused. + The maximum number of seconds to keep + a connection alive for. """ return pulumi.get(self, "max_connection_lifetime") @@ -1823,7 +1839,7 @@ def max_connection_lifetime(self, value: Optional[pulumi.Input[int]]): def max_idle_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of idle connections to - the database. + maintain. """ return pulumi.get(self, "max_idle_connections") @@ -1836,7 +1852,7 @@ def max_idle_connections(self, value: Optional[pulumi.Input[int]]): def max_open_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of open connections to - the database. + use. """ return pulumi.get(self, "max_open_connections") @@ -1848,7 +1864,7 @@ def max_open_connections(self, value: Optional[pulumi.Input[int]]): @pulumi.getter def password(self) -> Optional[pulumi.Input[str]]: """ - The root credential password used in the connection URL. + The password to authenticate with. """ return pulumi.get(self, "password") @@ -1860,7 +1876,7 @@ def password(self, value: Optional[pulumi.Input[str]]): @pulumi.getter def username(self) -> Optional[pulumi.Input[str]]: """ - The root credential username used in the connection URL. + The username to authenticate with. """ return pulumi.get(self, "username") @@ -1872,7 +1888,7 @@ def username(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[pulumi.Input[str]]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + Template describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -1896,20 +1912,21 @@ def __init__(__self__, *, username_template: Optional[pulumi.Input[str]] = None): """ :param pulumi.Input[str] auth_type: Enable IAM authentication to a Google Cloud instance when set to `gcp_iam` - :param pulumi.Input[str] connection_url: Specifies the Redshift DSN. See + :param pulumi.Input[str] connection_url: A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. :param pulumi.Input[bool] disable_escaping: Disable special character escaping in username and password. - :param pulumi.Input[int] max_connection_lifetime: The maximum amount of time a connection may be reused. + :param pulumi.Input[int] max_connection_lifetime: The maximum number of seconds to keep + a connection alive for. :param pulumi.Input[int] max_idle_connections: The maximum number of idle connections to - the database. + maintain. :param pulumi.Input[int] max_open_connections: The maximum number of open connections to - the database. - :param pulumi.Input[str] password: The root credential password used in the connection URL. + use. + :param pulumi.Input[str] password: The password to authenticate with. :param pulumi.Input[str] service_account_json: JSON encoding of an IAM access key. Requires `auth_type` to be `gcp_iam`. - :param pulumi.Input[str] username: The root credential username used in the connection URL. - :param pulumi.Input[str] username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + :param pulumi.Input[str] username: The username to authenticate with. + :param pulumi.Input[str] username_template: Template describing how dynamic usernames are generated. """ if auth_type is not None: pulumi.set(__self__, "auth_type", auth_type) @@ -1948,9 +1965,9 @@ def auth_type(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[pulumi.Input[str]]: """ - Specifies the Redshift DSN. See + A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. """ return pulumi.get(self, "connection_url") @@ -1975,7 +1992,8 @@ def disable_escaping(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[pulumi.Input[int]]: """ - The maximum amount of time a connection may be reused. + The maximum number of seconds to keep + a connection alive for. """ return pulumi.get(self, "max_connection_lifetime") @@ -1988,7 +2006,7 @@ def max_connection_lifetime(self, value: Optional[pulumi.Input[int]]): def max_idle_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of idle connections to - the database. + maintain. """ return pulumi.get(self, "max_idle_connections") @@ -2001,7 +2019,7 @@ def max_idle_connections(self, value: Optional[pulumi.Input[int]]): def max_open_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of open connections to - the database. + use. """ return pulumi.get(self, "max_open_connections") @@ -2013,7 +2031,7 @@ def max_open_connections(self, value: Optional[pulumi.Input[int]]): @pulumi.getter def password(self) -> Optional[pulumi.Input[str]]: """ - The root credential password used in the connection URL. + The password to authenticate with. """ return pulumi.get(self, "password") @@ -2037,7 +2055,7 @@ def service_account_json(self, value: Optional[pulumi.Input[str]]): @pulumi.getter def username(self) -> Optional[pulumi.Input[str]]: """ - The root credential username used in the connection URL. + The username to authenticate with. """ return pulumi.get(self, "username") @@ -2049,7 +2067,7 @@ def username(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[pulumi.Input[str]]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + Template describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -2070,14 +2088,14 @@ def __init__(__self__, *, tls: Optional[pulumi.Input[bool]] = None): """ :param pulumi.Input[str] host: The host to connect to. - :param pulumi.Input[str] password: The root credential password used in the connection URL. - :param pulumi.Input[str] username: The root credential username used in the connection URL. + :param pulumi.Input[str] password: The password to authenticate with. + :param pulumi.Input[str] username: The username to authenticate with. :param pulumi.Input[str] ca_cert: The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. :param pulumi.Input[bool] insecure_tls: Whether to skip verification of the server certificate when using TLS. :param pulumi.Input[int] port: The default port to connect to if no port is specified as part of the host. - :param pulumi.Input[bool] tls: Whether to use TLS when connecting to Redis. + :param pulumi.Input[bool] tls: Whether to use TLS when connecting to Cassandra. """ pulumi.set(__self__, "host", host) pulumi.set(__self__, "password", password) @@ -2107,7 +2125,7 @@ def host(self, value: pulumi.Input[str]): @pulumi.getter def password(self) -> pulumi.Input[str]: """ - The root credential password used in the connection URL. + The password to authenticate with. """ return pulumi.get(self, "password") @@ -2119,7 +2137,7 @@ def password(self, value: pulumi.Input[str]): @pulumi.getter def username(self) -> pulumi.Input[str]: """ - The root credential username used in the connection URL. + The username to authenticate with. """ return pulumi.get(self, "username") @@ -2169,7 +2187,7 @@ def port(self, value: Optional[pulumi.Input[int]]): @pulumi.getter def tls(self) -> Optional[pulumi.Input[bool]]: """ - Whether to use TLS when connecting to Redis. + Whether to use TLS when connecting to Cassandra. """ return pulumi.get(self, "tls") @@ -2188,9 +2206,9 @@ def __init__(__self__, *, """ :param pulumi.Input[str] url: The URL for Elasticsearch's API. https requires certificate by trusted CA if used. - :param pulumi.Input[str] password: The root credential password used in the connection URL. + :param pulumi.Input[str] password: The password to authenticate with. :param pulumi.Input[str] region: The region where the ElastiCache cluster is hosted. If omitted Vault tries to infer from the environment instead. - :param pulumi.Input[str] username: The root credential username used in the connection URL. + :param pulumi.Input[str] username: The username to authenticate with. """ pulumi.set(__self__, "url", url) if password is not None: @@ -2217,7 +2235,7 @@ def url(self, value: pulumi.Input[str]): @pulumi.getter def password(self) -> Optional[pulumi.Input[str]]: """ - The root credential password used in the connection URL. + The password to authenticate with. """ return pulumi.get(self, "password") @@ -2241,7 +2259,7 @@ def region(self, value: Optional[pulumi.Input[str]]): @pulumi.getter def username(self) -> Optional[pulumi.Input[str]]: """ - The root credential username used in the connection URL. + The username to authenticate with. """ return pulumi.get(self, "username") @@ -2262,19 +2280,20 @@ def __init__(__self__, *, username: Optional[pulumi.Input[str]] = None, username_template: Optional[pulumi.Input[str]] = None): """ - :param pulumi.Input[str] connection_url: Specifies the Redshift DSN. See + :param pulumi.Input[str] connection_url: A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. :param pulumi.Input[bool] disable_escaping: Disable special character escaping in username and password. - :param pulumi.Input[int] max_connection_lifetime: The maximum amount of time a connection may be reused. + :param pulumi.Input[int] max_connection_lifetime: The maximum number of seconds to keep + a connection alive for. :param pulumi.Input[int] max_idle_connections: The maximum number of idle connections to - the database. + maintain. :param pulumi.Input[int] max_open_connections: The maximum number of open connections to - the database. - :param pulumi.Input[str] password: The root credential password used in the connection URL. - :param pulumi.Input[str] username: The root credential username used in the connection URL. - :param pulumi.Input[str] username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + use. + :param pulumi.Input[str] password: The password to authenticate with. + :param pulumi.Input[str] username: The username to authenticate with. + :param pulumi.Input[str] username_template: Template describing how dynamic usernames are generated. """ if connection_url is not None: pulumi.set(__self__, "connection_url", connection_url) @@ -2297,9 +2316,9 @@ def __init__(__self__, *, @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[pulumi.Input[str]]: """ - Specifies the Redshift DSN. See + A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. """ return pulumi.get(self, "connection_url") @@ -2324,7 +2343,8 @@ def disable_escaping(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[pulumi.Input[int]]: """ - The maximum amount of time a connection may be reused. + The maximum number of seconds to keep + a connection alive for. """ return pulumi.get(self, "max_connection_lifetime") @@ -2337,7 +2357,7 @@ def max_connection_lifetime(self, value: Optional[pulumi.Input[int]]): def max_idle_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of idle connections to - the database. + maintain. """ return pulumi.get(self, "max_idle_connections") @@ -2350,7 +2370,7 @@ def max_idle_connections(self, value: Optional[pulumi.Input[int]]): def max_open_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of open connections to - the database. + use. """ return pulumi.get(self, "max_open_connections") @@ -2362,7 +2382,7 @@ def max_open_connections(self, value: Optional[pulumi.Input[int]]): @pulumi.getter def password(self) -> Optional[pulumi.Input[str]]: """ - The root credential password used in the connection URL. + The password to authenticate with. """ return pulumi.get(self, "password") @@ -2374,7 +2394,7 @@ def password(self, value: Optional[pulumi.Input[str]]): @pulumi.getter def username(self) -> Optional[pulumi.Input[str]]: """ - The root credential username used in the connection URL. + The username to authenticate with. """ return pulumi.get(self, "username") @@ -2386,7 +2406,7 @@ def username(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[pulumi.Input[str]]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + Template describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -2406,18 +2426,19 @@ def __init__(__self__, *, username: Optional[pulumi.Input[str]] = None, username_template: Optional[pulumi.Input[str]] = None): """ - :param pulumi.Input[str] connection_url: Specifies the Redshift DSN. See + :param pulumi.Input[str] connection_url: A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. - :param pulumi.Input[int] max_connection_lifetime: The maximum amount of time a connection may be reused. + :param pulumi.Input[int] max_connection_lifetime: The maximum number of seconds to keep + a connection alive for. :param pulumi.Input[int] max_idle_connections: The maximum number of idle connections to - the database. + maintain. :param pulumi.Input[int] max_open_connections: The maximum number of open connections to - the database. - :param pulumi.Input[str] password: The root credential password used in the connection URL. - :param pulumi.Input[str] username: The root credential username used in the connection URL. - :param pulumi.Input[str] username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + use. + :param pulumi.Input[str] password: The password to authenticate with. + :param pulumi.Input[str] username: The username to authenticate with. + :param pulumi.Input[str] username_template: Template describing how dynamic usernames are generated. """ if connection_url is not None: pulumi.set(__self__, "connection_url", connection_url) @@ -2438,9 +2459,9 @@ def __init__(__self__, *, @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[pulumi.Input[str]]: """ - Specifies the Redshift DSN. See + A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. """ return pulumi.get(self, "connection_url") @@ -2453,7 +2474,8 @@ def connection_url(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[pulumi.Input[int]]: """ - The maximum amount of time a connection may be reused. + The maximum number of seconds to keep + a connection alive for. """ return pulumi.get(self, "max_connection_lifetime") @@ -2466,7 +2488,7 @@ def max_connection_lifetime(self, value: Optional[pulumi.Input[int]]): def max_idle_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of idle connections to - the database. + maintain. """ return pulumi.get(self, "max_idle_connections") @@ -2479,7 +2501,7 @@ def max_idle_connections(self, value: Optional[pulumi.Input[int]]): def max_open_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of open connections to - the database. + use. """ return pulumi.get(self, "max_open_connections") @@ -2491,7 +2513,7 @@ def max_open_connections(self, value: Optional[pulumi.Input[int]]): @pulumi.getter def password(self) -> Optional[pulumi.Input[str]]: """ - The root credential password used in the connection URL. + The password to authenticate with. """ return pulumi.get(self, "password") @@ -2503,7 +2525,7 @@ def password(self, value: Optional[pulumi.Input[str]]): @pulumi.getter def username(self) -> Optional[pulumi.Input[str]]: """ - The root credential username used in the connection URL. + The username to authenticate with. """ return pulumi.get(self, "username") @@ -2515,7 +2537,7 @@ def username(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[pulumi.Input[str]]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + Template describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -2549,10 +2571,12 @@ def __init__(__self__, *, :param pulumi.Input[int] connect_timeout: The number of seconds to use as a connection timeout. :param pulumi.Input[Mapping[str, Any]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings. - :param pulumi.Input[Sequence[pulumi.Input[str]]] hosts: A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + + Supported list of database secrets engines that can be configured: + :param pulumi.Input[Sequence[pulumi.Input[str]]] hosts: The hosts to connect to. :param pulumi.Input[bool] insecure_tls: Whether to skip verification of the server certificate when using TLS. - :param pulumi.Input[str] password: The password to be used in the connection. + :param pulumi.Input[str] password: The root credential password used in the connection URL. :param pulumi.Input[str] pem_bundle: Concatenated PEM blocks configuring the certificate chain. :param pulumi.Input[str] pem_json: A JSON structure configuring the certificate chain. @@ -2561,8 +2585,8 @@ def __init__(__self__, *, part of the host. :param pulumi.Input[int] protocol_version: The CQL protocol version to use. :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials. - :param pulumi.Input[bool] tls: Whether to use TLS when connecting to Redis. - :param pulumi.Input[str] username: The username to be used in the connection (the account admin level). + :param pulumi.Input[bool] tls: Whether to use TLS when connecting to Cassandra. + :param pulumi.Input[str] username: The root credential username used in the connection URL. :param pulumi.Input[bool] verify_connection: Whether the connection should be verified on initial configuration or not. """ @@ -2638,6 +2662,8 @@ def connect_timeout(self, value: Optional[pulumi.Input[int]]): def data(self) -> Optional[pulumi.Input[Mapping[str, Any]]]: """ A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: """ return pulumi.get(self, "data") @@ -2649,7 +2675,7 @@ def data(self, value: Optional[pulumi.Input[Mapping[str, Any]]]): @pulumi.getter def hosts(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: """ - A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + The hosts to connect to. """ return pulumi.get(self, "hosts") @@ -2674,7 +2700,7 @@ def insecure_tls(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter def password(self) -> Optional[pulumi.Input[str]]: """ - The password to be used in the connection. + The root credential password used in the connection URL. """ return pulumi.get(self, "password") @@ -2760,7 +2786,7 @@ def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi. @pulumi.getter def tls(self) -> Optional[pulumi.Input[bool]]: """ - Whether to use TLS when connecting to Redis. + Whether to use TLS when connecting to Cassandra. """ return pulumi.get(self, "tls") @@ -2772,7 +2798,7 @@ def tls(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter def username(self) -> Optional[pulumi.Input[str]]: """ - The username to be used in the connection (the account admin level). + The root credential username used in the connection URL. """ return pulumi.get(self, "username") @@ -2812,20 +2838,22 @@ def __init__(__self__, *, username_template: Optional[pulumi.Input[str]] = None, verify_connection: Optional[pulumi.Input[bool]] = None): """ - :param pulumi.Input[Sequence[pulumi.Input[str]]] hosts: A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. - :param pulumi.Input[str] password: The password to be used in the connection. - :param pulumi.Input[str] username: The username to be used in the connection (the account admin level). + :param pulumi.Input[Sequence[pulumi.Input[str]]] hosts: The hosts to connect to. + :param pulumi.Input[str] password: The root credential password used in the connection URL. + :param pulumi.Input[str] username: The root credential username used in the connection URL. :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_roles: A list of roles that are allowed to use this connection. :param pulumi.Input[str] base64_pem: Required if `tls` is `true`. Specifies the certificate authority of the Couchbase server, as a PEM certificate that has been base64 encoded. :param pulumi.Input[str] bucket_name: Required for Couchbase versions prior to 6.5.0. This is only used to verify vault's connection to the server. :param pulumi.Input[Mapping[str, Any]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: :param pulumi.Input[bool] insecure_tls: Whether to skip verification of the server certificate when using TLS. :param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use. :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials. - :param pulumi.Input[bool] tls: Whether to use TLS when connecting to Redis. - :param pulumi.Input[str] username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + :param pulumi.Input[bool] tls: Whether to use TLS when connecting to Cassandra. + :param pulumi.Input[str] username_template: [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. :param pulumi.Input[bool] verify_connection: Whether the connection should be verified on initial configuration or not. """ @@ -2858,7 +2886,7 @@ def __init__(__self__, *, @pulumi.getter def hosts(self) -> pulumi.Input[Sequence[pulumi.Input[str]]]: """ - A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + The hosts to connect to. """ return pulumi.get(self, "hosts") @@ -2879,7 +2907,7 @@ def name(self, value: pulumi.Input[str]): @pulumi.getter def password(self) -> pulumi.Input[str]: """ - The password to be used in the connection. + The root credential password used in the connection URL. """ return pulumi.get(self, "password") @@ -2891,7 +2919,7 @@ def password(self, value: pulumi.Input[str]): @pulumi.getter def username(self) -> pulumi.Input[str]: """ - The username to be used in the connection (the account admin level). + The root credential username used in the connection URL. """ return pulumi.get(self, "username") @@ -2941,6 +2969,8 @@ def bucket_name(self, value: Optional[pulumi.Input[str]]): def data(self) -> Optional[pulumi.Input[Mapping[str, Any]]]: """ A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: """ return pulumi.get(self, "data") @@ -2989,7 +3019,7 @@ def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi. @pulumi.getter def tls(self) -> Optional[pulumi.Input[bool]]: """ - Whether to use TLS when connecting to Redis. + Whether to use TLS when connecting to Cassandra. """ return pulumi.get(self, "tls") @@ -3001,7 +3031,7 @@ def tls(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[pulumi.Input[str]]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -3043,21 +3073,24 @@ def __init__(__self__, *, username_template: Optional[pulumi.Input[str]] = None, verify_connection: Optional[pulumi.Input[bool]] = None): """ - :param pulumi.Input[str] password: The password to be used in the connection. - :param pulumi.Input[str] url: The configuration endpoint for the ElastiCache cluster to connect to. - :param pulumi.Input[str] username: The username to be used in the connection (the account admin level). + :param pulumi.Input[str] password: The root credential password used in the connection URL. + :param pulumi.Input[str] url: The URL for Elasticsearch's API. https requires certificate + by trusted CA if used. + :param pulumi.Input[str] username: The root credential username used in the connection URL. :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_roles: A list of roles that are allowed to use this connection. - :param pulumi.Input[str] ca_cert: The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity. + :param pulumi.Input[str] ca_cert: The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. :param pulumi.Input[str] ca_path: The path to a directory of PEM-encoded CA cert files to use to verify the Elasticsearch server's identity. :param pulumi.Input[str] client_cert: The path to the certificate for the Elasticsearch client to present for communication. :param pulumi.Input[str] client_key: The path to the key for the Elasticsearch client to use for communication. :param pulumi.Input[Mapping[str, Any]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: :param pulumi.Input[bool] insecure: Whether to disable certificate verification. :param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use. :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials. :param pulumi.Input[str] tls_server_name: This, if set, is used to set the SNI host when connecting via TLS. - :param pulumi.Input[str] username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + :param pulumi.Input[str] username_template: [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. :param pulumi.Input[bool] verify_connection: Whether the connection should be verified on initial configuration or not. """ @@ -3103,7 +3136,7 @@ def name(self, value: pulumi.Input[str]): @pulumi.getter def password(self) -> pulumi.Input[str]: """ - The password to be used in the connection. + The root credential password used in the connection URL. """ return pulumi.get(self, "password") @@ -3115,7 +3148,8 @@ def password(self, value: pulumi.Input[str]): @pulumi.getter def url(self) -> pulumi.Input[str]: """ - The configuration endpoint for the ElastiCache cluster to connect to. + The URL for Elasticsearch's API. https requires certificate + by trusted CA if used. """ return pulumi.get(self, "url") @@ -3127,7 +3161,7 @@ def url(self, value: pulumi.Input[str]): @pulumi.getter def username(self) -> pulumi.Input[str]: """ - The username to be used in the connection (the account admin level). + The root credential username used in the connection URL. """ return pulumi.get(self, "username") @@ -3152,7 +3186,7 @@ def allowed_roles(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]] @pulumi.getter(name="caCert") def ca_cert(self) -> Optional[pulumi.Input[str]]: """ - The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity. + The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. """ return pulumi.get(self, "ca_cert") @@ -3201,6 +3235,8 @@ def client_key(self, value: Optional[pulumi.Input[str]]): def data(self) -> Optional[pulumi.Input[Mapping[str, Any]]]: """ A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: """ return pulumi.get(self, "data") @@ -3260,7 +3296,7 @@ def tls_server_name(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[pulumi.Input[str]]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -3301,20 +3337,21 @@ def __init__(__self__, *, """ :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_roles: A list of roles that are allowed to use this connection. - :param pulumi.Input[str] connection_url: A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + :param pulumi.Input[str] connection_url: Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) :param pulumi.Input[Mapping[str, Any]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: :param pulumi.Input[bool] disable_escaping: Disable special character escaping in username and password. - :param pulumi.Input[int] max_connection_lifetime: The maximum number of seconds to keep - a connection alive for. + :param pulumi.Input[int] max_connection_lifetime: The maximum amount of time a connection may be reused. :param pulumi.Input[int] max_idle_connections: The maximum number of idle connections to - maintain. + the database. :param pulumi.Input[int] max_open_connections: The maximum number of open connections to - use. - :param pulumi.Input[str] password: The password to be used in the connection. + the database. + :param pulumi.Input[str] password: The root credential password used in the connection URL. :param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use. :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials. - :param pulumi.Input[str] username: The username to be used in the connection (the account admin level). + :param pulumi.Input[str] username: The root credential username used in the connection URL. :param pulumi.Input[bool] verify_connection: Whether the connection should be verified on initial configuration or not. """ @@ -3370,8 +3407,8 @@ def allowed_roles(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]] @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[pulumi.Input[str]]: """ - A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) """ return pulumi.get(self, "connection_url") @@ -3384,6 +3421,8 @@ def connection_url(self, value: Optional[pulumi.Input[str]]): def data(self) -> Optional[pulumi.Input[Mapping[str, Any]]]: """ A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: """ return pulumi.get(self, "data") @@ -3407,8 +3446,7 @@ def disable_escaping(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[pulumi.Input[int]]: """ - The maximum number of seconds to keep - a connection alive for. + The maximum amount of time a connection may be reused. """ return pulumi.get(self, "max_connection_lifetime") @@ -3421,7 +3459,7 @@ def max_connection_lifetime(self, value: Optional[pulumi.Input[int]]): def max_idle_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of idle connections to - maintain. + the database. """ return pulumi.get(self, "max_idle_connections") @@ -3434,7 +3472,7 @@ def max_idle_connections(self, value: Optional[pulumi.Input[int]]): def max_open_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of open connections to - use. + the database. """ return pulumi.get(self, "max_open_connections") @@ -3446,7 +3484,7 @@ def max_open_connections(self, value: Optional[pulumi.Input[int]]): @pulumi.getter def password(self) -> Optional[pulumi.Input[str]]: """ - The password to be used in the connection. + The root credential password used in the connection URL. """ return pulumi.get(self, "password") @@ -3482,7 +3520,7 @@ def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi. @pulumi.getter def username(self) -> Optional[pulumi.Input[str]]: """ - The username to be used in the connection (the account admin level). + The root credential username used in the connection URL. """ return pulumi.get(self, "username") @@ -3525,13 +3563,15 @@ def __init__(__self__, *, verify_connection: Optional[pulumi.Input[bool]] = None): """ :param pulumi.Input[str] host: The host to connect to. - :param pulumi.Input[str] password: The password to be used in the connection. - :param pulumi.Input[str] username: The username to be used in the connection (the account admin level). + :param pulumi.Input[str] password: The root credential password used in the connection URL. + :param pulumi.Input[str] username: The root credential username used in the connection URL. :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_roles: A list of roles that are allowed to use this connection. :param pulumi.Input[int] connect_timeout: The number of seconds to use as a connection timeout. :param pulumi.Input[Mapping[str, Any]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: :param pulumi.Input[bool] insecure_tls: Whether to skip verification of the server certificate when using TLS. :param pulumi.Input[str] pem_bundle: Concatenated PEM blocks configuring the certificate @@ -3541,8 +3581,8 @@ def __init__(__self__, *, :param pulumi.Input[int] port: The default port to connect to if no port is specified as part of the host. :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials. - :param pulumi.Input[bool] tls: Whether to use TLS when connecting to Redis. - :param pulumi.Input[str] username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + :param pulumi.Input[bool] tls: Whether to use TLS when connecting to Cassandra. + :param pulumi.Input[str] username_template: [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. :param pulumi.Input[bool] verify_connection: Whether the connection should be verified on initial configuration or not. """ @@ -3600,7 +3640,7 @@ def name(self, value: pulumi.Input[str]): @pulumi.getter def password(self) -> pulumi.Input[str]: """ - The password to be used in the connection. + The root credential password used in the connection URL. """ return pulumi.get(self, "password") @@ -3612,7 +3652,7 @@ def password(self, value: pulumi.Input[str]): @pulumi.getter def username(self) -> pulumi.Input[str]: """ - The username to be used in the connection (the account admin level). + The root credential username used in the connection URL. """ return pulumi.get(self, "username") @@ -3651,6 +3691,8 @@ def connect_timeout(self, value: Optional[pulumi.Input[int]]): def data(self) -> Optional[pulumi.Input[Mapping[str, Any]]]: """ A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: """ return pulumi.get(self, "data") @@ -3737,7 +3779,7 @@ def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi. @pulumi.getter def tls(self) -> Optional[pulumi.Input[bool]]: """ - Whether to use TLS when connecting to Redis. + Whether to use TLS when connecting to Cassandra. """ return pulumi.get(self, "tls") @@ -3749,7 +3791,7 @@ def tls(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[pulumi.Input[str]]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -3790,20 +3832,21 @@ def __init__(__self__, *, """ :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_roles: A list of roles that are allowed to use this connection. - :param pulumi.Input[str] connection_url: A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + :param pulumi.Input[str] connection_url: Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) :param pulumi.Input[Mapping[str, Any]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings. - :param pulumi.Input[int] max_connection_lifetime: The maximum number of seconds to keep - a connection alive for. + + Supported list of database secrets engines that can be configured: + :param pulumi.Input[int] max_connection_lifetime: The maximum amount of time a connection may be reused. :param pulumi.Input[int] max_idle_connections: The maximum number of idle connections to - maintain. + the database. :param pulumi.Input[int] max_open_connections: The maximum number of open connections to - use. - :param pulumi.Input[str] password: The password to be used in the connection. + the database. + :param pulumi.Input[str] password: The root credential password used in the connection URL. :param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use. :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials. - :param pulumi.Input[str] username: The username to be used in the connection (the account admin level). - :param pulumi.Input[str] username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + :param pulumi.Input[str] username: The root credential username used in the connection URL. + :param pulumi.Input[str] username_template: [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. :param pulumi.Input[bool] verify_connection: Whether the connection should be verified on initial configuration or not. """ @@ -3859,8 +3902,8 @@ def allowed_roles(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]] @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[pulumi.Input[str]]: """ - A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) """ return pulumi.get(self, "connection_url") @@ -3873,6 +3916,8 @@ def connection_url(self, value: Optional[pulumi.Input[str]]): def data(self) -> Optional[pulumi.Input[Mapping[str, Any]]]: """ A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: """ return pulumi.get(self, "data") @@ -3884,8 +3929,7 @@ def data(self, value: Optional[pulumi.Input[Mapping[str, Any]]]): @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[pulumi.Input[int]]: """ - The maximum number of seconds to keep - a connection alive for. + The maximum amount of time a connection may be reused. """ return pulumi.get(self, "max_connection_lifetime") @@ -3898,7 +3942,7 @@ def max_connection_lifetime(self, value: Optional[pulumi.Input[int]]): def max_idle_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of idle connections to - maintain. + the database. """ return pulumi.get(self, "max_idle_connections") @@ -3911,7 +3955,7 @@ def max_idle_connections(self, value: Optional[pulumi.Input[int]]): def max_open_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of open connections to - use. + the database. """ return pulumi.get(self, "max_open_connections") @@ -3923,7 +3967,7 @@ def max_open_connections(self, value: Optional[pulumi.Input[int]]): @pulumi.getter def password(self) -> Optional[pulumi.Input[str]]: """ - The password to be used in the connection. + The root credential password used in the connection URL. """ return pulumi.get(self, "password") @@ -3959,7 +4003,7 @@ def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi. @pulumi.getter def username(self) -> Optional[pulumi.Input[str]]: """ - The username to be used in the connection (the account admin level). + The root credential username used in the connection URL. """ return pulumi.get(self, "username") @@ -3971,7 +4015,7 @@ def username(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[pulumi.Input[str]]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -4012,6 +4056,8 @@ def __init__(__self__, *, :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_roles: A list of roles that are allowed to use this connection. :param pulumi.Input[Mapping[str, Any]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: :param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use. :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials. :param pulumi.Input[bool] verify_connection: Whether the connection should be verified on @@ -4095,6 +4141,8 @@ def allowed_roles(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]] def data(self) -> Optional[pulumi.Input[Mapping[str, Any]]]: """ A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: """ return pulumi.get(self, "data") @@ -4161,24 +4209,25 @@ def __init__(__self__, *, """ :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_roles: A list of roles that are allowed to use this connection. - :param pulumi.Input[str] connection_url: A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + :param pulumi.Input[str] connection_url: Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) :param pulumi.Input[bool] contained_db: For Vault v1.9+. Set to true when the target is a Contained Database, e.g. AzureSQL. See [Vault docs](https://www.vaultproject.io/api/secret/databases/mssql#contained_db) :param pulumi.Input[Mapping[str, Any]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: :param pulumi.Input[bool] disable_escaping: Disable special character escaping in username and password. - :param pulumi.Input[int] max_connection_lifetime: The maximum number of seconds to keep - a connection alive for. + :param pulumi.Input[int] max_connection_lifetime: The maximum amount of time a connection may be reused. :param pulumi.Input[int] max_idle_connections: The maximum number of idle connections to - maintain. + the database. :param pulumi.Input[int] max_open_connections: The maximum number of open connections to - use. - :param pulumi.Input[str] password: The password to be used in the connection. + the database. + :param pulumi.Input[str] password: The root credential password used in the connection URL. :param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use. :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials. - :param pulumi.Input[str] username: The username to be used in the connection (the account admin level). - :param pulumi.Input[str] username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + :param pulumi.Input[str] username: The root credential username used in the connection URL. + :param pulumi.Input[str] username_template: [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. :param pulumi.Input[bool] verify_connection: Whether the connection should be verified on initial configuration or not. """ @@ -4238,8 +4287,8 @@ def allowed_roles(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]] @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[pulumi.Input[str]]: """ - A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) """ return pulumi.get(self, "connection_url") @@ -4266,6 +4315,8 @@ def contained_db(self, value: Optional[pulumi.Input[bool]]): def data(self) -> Optional[pulumi.Input[Mapping[str, Any]]]: """ A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: """ return pulumi.get(self, "data") @@ -4289,8 +4340,7 @@ def disable_escaping(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[pulumi.Input[int]]: """ - The maximum number of seconds to keep - a connection alive for. + The maximum amount of time a connection may be reused. """ return pulumi.get(self, "max_connection_lifetime") @@ -4303,7 +4353,7 @@ def max_connection_lifetime(self, value: Optional[pulumi.Input[int]]): def max_idle_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of idle connections to - maintain. + the database. """ return pulumi.get(self, "max_idle_connections") @@ -4316,7 +4366,7 @@ def max_idle_connections(self, value: Optional[pulumi.Input[int]]): def max_open_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of open connections to - use. + the database. """ return pulumi.get(self, "max_open_connections") @@ -4328,7 +4378,7 @@ def max_open_connections(self, value: Optional[pulumi.Input[int]]): @pulumi.getter def password(self) -> Optional[pulumi.Input[str]]: """ - The password to be used in the connection. + The root credential password used in the connection URL. """ return pulumi.get(self, "password") @@ -4364,7 +4414,7 @@ def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi. @pulumi.getter def username(self) -> Optional[pulumi.Input[str]]: """ - The username to be used in the connection (the account admin level). + The root credential username used in the connection URL. """ return pulumi.get(self, "username") @@ -4376,7 +4426,7 @@ def username(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[pulumi.Input[str]]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -4421,22 +4471,23 @@ def __init__(__self__, *, """ :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_roles: A list of roles that are allowed to use this connection. - :param pulumi.Input[str] connection_url: A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + :param pulumi.Input[str] connection_url: Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) :param pulumi.Input[Mapping[str, Any]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings. - :param pulumi.Input[int] max_connection_lifetime: The maximum number of seconds to keep - a connection alive for. + + Supported list of database secrets engines that can be configured: + :param pulumi.Input[int] max_connection_lifetime: The maximum amount of time a connection may be reused. :param pulumi.Input[int] max_idle_connections: The maximum number of idle connections to - maintain. + the database. :param pulumi.Input[int] max_open_connections: The maximum number of open connections to - use. - :param pulumi.Input[str] password: The password to be used in the connection. + the database. + :param pulumi.Input[str] password: The root credential password used in the connection URL. :param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use. :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials. :param pulumi.Input[str] tls_ca: x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded. :param pulumi.Input[str] tls_certificate_key: x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined. - :param pulumi.Input[str] username: The username to be used in the connection (the account admin level). - :param pulumi.Input[str] username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + :param pulumi.Input[str] username: The root credential username used in the connection URL. + :param pulumi.Input[str] username_template: [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. :param pulumi.Input[bool] verify_connection: Whether the connection should be verified on initial configuration or not. """ @@ -4509,8 +4560,8 @@ def auth_type(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[pulumi.Input[str]]: """ - A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) """ return pulumi.get(self, "connection_url") @@ -4523,6 +4574,8 @@ def connection_url(self, value: Optional[pulumi.Input[str]]): def data(self) -> Optional[pulumi.Input[Mapping[str, Any]]]: """ A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: """ return pulumi.get(self, "data") @@ -4534,8 +4587,7 @@ def data(self, value: Optional[pulumi.Input[Mapping[str, Any]]]): @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[pulumi.Input[int]]: """ - The maximum number of seconds to keep - a connection alive for. + The maximum amount of time a connection may be reused. """ return pulumi.get(self, "max_connection_lifetime") @@ -4548,7 +4600,7 @@ def max_connection_lifetime(self, value: Optional[pulumi.Input[int]]): def max_idle_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of idle connections to - maintain. + the database. """ return pulumi.get(self, "max_idle_connections") @@ -4561,7 +4613,7 @@ def max_idle_connections(self, value: Optional[pulumi.Input[int]]): def max_open_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of open connections to - use. + the database. """ return pulumi.get(self, "max_open_connections") @@ -4573,7 +4625,7 @@ def max_open_connections(self, value: Optional[pulumi.Input[int]]): @pulumi.getter def password(self) -> Optional[pulumi.Input[str]]: """ - The password to be used in the connection. + The root credential password used in the connection URL. """ return pulumi.get(self, "password") @@ -4642,7 +4694,7 @@ def tls_certificate_key(self, value: Optional[pulumi.Input[str]]): @pulumi.getter def username(self) -> Optional[pulumi.Input[str]]: """ - The username to be used in the connection (the account admin level). + The root credential username used in the connection URL. """ return pulumi.get(self, "username") @@ -4654,7 +4706,7 @@ def username(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[pulumi.Input[str]]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -4695,20 +4747,21 @@ def __init__(__self__, *, """ :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_roles: A list of roles that are allowed to use this connection. - :param pulumi.Input[str] connection_url: A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + :param pulumi.Input[str] connection_url: Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) :param pulumi.Input[Mapping[str, Any]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings. - :param pulumi.Input[int] max_connection_lifetime: The maximum number of seconds to keep - a connection alive for. + + Supported list of database secrets engines that can be configured: + :param pulumi.Input[int] max_connection_lifetime: The maximum amount of time a connection may be reused. :param pulumi.Input[int] max_idle_connections: The maximum number of idle connections to - maintain. + the database. :param pulumi.Input[int] max_open_connections: The maximum number of open connections to - use. - :param pulumi.Input[str] password: The password to be used in the connection. + the database. + :param pulumi.Input[str] password: The root credential password used in the connection URL. :param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use. :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials. - :param pulumi.Input[str] username: The username to be used in the connection (the account admin level). - :param pulumi.Input[str] username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + :param pulumi.Input[str] username: The root credential username used in the connection URL. + :param pulumi.Input[str] username_template: [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. :param pulumi.Input[bool] verify_connection: Whether the connection should be verified on initial configuration or not. """ @@ -4764,8 +4817,8 @@ def allowed_roles(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]] @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[pulumi.Input[str]]: """ - A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) """ return pulumi.get(self, "connection_url") @@ -4778,6 +4831,8 @@ def connection_url(self, value: Optional[pulumi.Input[str]]): def data(self) -> Optional[pulumi.Input[Mapping[str, Any]]]: """ A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: """ return pulumi.get(self, "data") @@ -4789,8 +4844,7 @@ def data(self, value: Optional[pulumi.Input[Mapping[str, Any]]]): @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[pulumi.Input[int]]: """ - The maximum number of seconds to keep - a connection alive for. + The maximum amount of time a connection may be reused. """ return pulumi.get(self, "max_connection_lifetime") @@ -4803,7 +4857,7 @@ def max_connection_lifetime(self, value: Optional[pulumi.Input[int]]): def max_idle_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of idle connections to - maintain. + the database. """ return pulumi.get(self, "max_idle_connections") @@ -4816,7 +4870,7 @@ def max_idle_connections(self, value: Optional[pulumi.Input[int]]): def max_open_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of open connections to - use. + the database. """ return pulumi.get(self, "max_open_connections") @@ -4828,7 +4882,7 @@ def max_open_connections(self, value: Optional[pulumi.Input[int]]): @pulumi.getter def password(self) -> Optional[pulumi.Input[str]]: """ - The password to be used in the connection. + The root credential password used in the connection URL. """ return pulumi.get(self, "password") @@ -4864,7 +4918,7 @@ def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi. @pulumi.getter def username(self) -> Optional[pulumi.Input[str]]: """ - The username to be used in the connection (the account admin level). + The root credential username used in the connection URL. """ return pulumi.get(self, "username") @@ -4876,7 +4930,7 @@ def username(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[pulumi.Input[str]]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -4917,20 +4971,21 @@ def __init__(__self__, *, """ :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_roles: A list of roles that are allowed to use this connection. - :param pulumi.Input[str] connection_url: A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + :param pulumi.Input[str] connection_url: Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) :param pulumi.Input[Mapping[str, Any]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings. - :param pulumi.Input[int] max_connection_lifetime: The maximum number of seconds to keep - a connection alive for. + + Supported list of database secrets engines that can be configured: + :param pulumi.Input[int] max_connection_lifetime: The maximum amount of time a connection may be reused. :param pulumi.Input[int] max_idle_connections: The maximum number of idle connections to - maintain. + the database. :param pulumi.Input[int] max_open_connections: The maximum number of open connections to - use. - :param pulumi.Input[str] password: The password to be used in the connection. + the database. + :param pulumi.Input[str] password: The root credential password used in the connection URL. :param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use. :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials. - :param pulumi.Input[str] username: The username to be used in the connection (the account admin level). - :param pulumi.Input[str] username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + :param pulumi.Input[str] username: The root credential username used in the connection URL. + :param pulumi.Input[str] username_template: [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. :param pulumi.Input[bool] verify_connection: Whether the connection should be verified on initial configuration or not. """ @@ -4986,8 +5041,8 @@ def allowed_roles(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]] @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[pulumi.Input[str]]: """ - A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) """ return pulumi.get(self, "connection_url") @@ -5000,6 +5055,8 @@ def connection_url(self, value: Optional[pulumi.Input[str]]): def data(self) -> Optional[pulumi.Input[Mapping[str, Any]]]: """ A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: """ return pulumi.get(self, "data") @@ -5011,8 +5068,7 @@ def data(self, value: Optional[pulumi.Input[Mapping[str, Any]]]): @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[pulumi.Input[int]]: """ - The maximum number of seconds to keep - a connection alive for. + The maximum amount of time a connection may be reused. """ return pulumi.get(self, "max_connection_lifetime") @@ -5025,7 +5081,7 @@ def max_connection_lifetime(self, value: Optional[pulumi.Input[int]]): def max_idle_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of idle connections to - maintain. + the database. """ return pulumi.get(self, "max_idle_connections") @@ -5038,7 +5094,7 @@ def max_idle_connections(self, value: Optional[pulumi.Input[int]]): def max_open_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of open connections to - use. + the database. """ return pulumi.get(self, "max_open_connections") @@ -5050,7 +5106,7 @@ def max_open_connections(self, value: Optional[pulumi.Input[int]]): @pulumi.getter def password(self) -> Optional[pulumi.Input[str]]: """ - The password to be used in the connection. + The root credential password used in the connection URL. """ return pulumi.get(self, "password") @@ -5086,7 +5142,7 @@ def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi. @pulumi.getter def username(self) -> Optional[pulumi.Input[str]]: """ - The username to be used in the connection (the account admin level). + The root credential username used in the connection URL. """ return pulumi.get(self, "username") @@ -5098,7 +5154,7 @@ def username(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[pulumi.Input[str]]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -5139,20 +5195,21 @@ def __init__(__self__, *, """ :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_roles: A list of roles that are allowed to use this connection. - :param pulumi.Input[str] connection_url: A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + :param pulumi.Input[str] connection_url: Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) :param pulumi.Input[Mapping[str, Any]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings. - :param pulumi.Input[int] max_connection_lifetime: The maximum number of seconds to keep - a connection alive for. + + Supported list of database secrets engines that can be configured: + :param pulumi.Input[int] max_connection_lifetime: The maximum amount of time a connection may be reused. :param pulumi.Input[int] max_idle_connections: The maximum number of idle connections to - maintain. + the database. :param pulumi.Input[int] max_open_connections: The maximum number of open connections to - use. - :param pulumi.Input[str] password: The password to be used in the connection. + the database. + :param pulumi.Input[str] password: The root credential password used in the connection URL. :param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use. :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials. - :param pulumi.Input[str] username: The username to be used in the connection (the account admin level). - :param pulumi.Input[str] username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + :param pulumi.Input[str] username: The root credential username used in the connection URL. + :param pulumi.Input[str] username_template: [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. :param pulumi.Input[bool] verify_connection: Whether the connection should be verified on initial configuration or not. """ @@ -5208,8 +5265,8 @@ def allowed_roles(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]] @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[pulumi.Input[str]]: """ - A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) """ return pulumi.get(self, "connection_url") @@ -5222,6 +5279,8 @@ def connection_url(self, value: Optional[pulumi.Input[str]]): def data(self) -> Optional[pulumi.Input[Mapping[str, Any]]]: """ A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: """ return pulumi.get(self, "data") @@ -5233,8 +5292,7 @@ def data(self, value: Optional[pulumi.Input[Mapping[str, Any]]]): @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[pulumi.Input[int]]: """ - The maximum number of seconds to keep - a connection alive for. + The maximum amount of time a connection may be reused. """ return pulumi.get(self, "max_connection_lifetime") @@ -5247,7 +5305,7 @@ def max_connection_lifetime(self, value: Optional[pulumi.Input[int]]): def max_idle_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of idle connections to - maintain. + the database. """ return pulumi.get(self, "max_idle_connections") @@ -5260,7 +5318,7 @@ def max_idle_connections(self, value: Optional[pulumi.Input[int]]): def max_open_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of open connections to - use. + the database. """ return pulumi.get(self, "max_open_connections") @@ -5272,7 +5330,7 @@ def max_open_connections(self, value: Optional[pulumi.Input[int]]): @pulumi.getter def password(self) -> Optional[pulumi.Input[str]]: """ - The password to be used in the connection. + The root credential password used in the connection URL. """ return pulumi.get(self, "password") @@ -5308,7 +5366,7 @@ def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi. @pulumi.getter def username(self) -> Optional[pulumi.Input[str]]: """ - The username to be used in the connection (the account admin level). + The root credential username used in the connection URL. """ return pulumi.get(self, "username") @@ -5320,7 +5378,7 @@ def username(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[pulumi.Input[str]]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -5361,20 +5419,21 @@ def __init__(__self__, *, """ :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_roles: A list of roles that are allowed to use this connection. - :param pulumi.Input[str] connection_url: A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + :param pulumi.Input[str] connection_url: Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) :param pulumi.Input[Mapping[str, Any]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings. - :param pulumi.Input[int] max_connection_lifetime: The maximum number of seconds to keep - a connection alive for. + + Supported list of database secrets engines that can be configured: + :param pulumi.Input[int] max_connection_lifetime: The maximum amount of time a connection may be reused. :param pulumi.Input[int] max_idle_connections: The maximum number of idle connections to - maintain. + the database. :param pulumi.Input[int] max_open_connections: The maximum number of open connections to - use. - :param pulumi.Input[str] password: The password to be used in the connection. + the database. + :param pulumi.Input[str] password: The root credential password used in the connection URL. :param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use. :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials. - :param pulumi.Input[str] username: The username to be used in the connection (the account admin level). - :param pulumi.Input[str] username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + :param pulumi.Input[str] username: The root credential username used in the connection URL. + :param pulumi.Input[str] username_template: [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. :param pulumi.Input[bool] verify_connection: Whether the connection should be verified on initial configuration or not. """ @@ -5430,8 +5489,8 @@ def allowed_roles(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]] @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[pulumi.Input[str]]: """ - A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) """ return pulumi.get(self, "connection_url") @@ -5444,6 +5503,8 @@ def connection_url(self, value: Optional[pulumi.Input[str]]): def data(self) -> Optional[pulumi.Input[Mapping[str, Any]]]: """ A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: """ return pulumi.get(self, "data") @@ -5455,8 +5516,7 @@ def data(self, value: Optional[pulumi.Input[Mapping[str, Any]]]): @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[pulumi.Input[int]]: """ - The maximum number of seconds to keep - a connection alive for. + The maximum amount of time a connection may be reused. """ return pulumi.get(self, "max_connection_lifetime") @@ -5469,7 +5529,7 @@ def max_connection_lifetime(self, value: Optional[pulumi.Input[int]]): def max_idle_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of idle connections to - maintain. + the database. """ return pulumi.get(self, "max_idle_connections") @@ -5482,7 +5542,7 @@ def max_idle_connections(self, value: Optional[pulumi.Input[int]]): def max_open_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of open connections to - use. + the database. """ return pulumi.get(self, "max_open_connections") @@ -5494,7 +5554,7 @@ def max_open_connections(self, value: Optional[pulumi.Input[int]]): @pulumi.getter def password(self) -> Optional[pulumi.Input[str]]: """ - The password to be used in the connection. + The root credential password used in the connection URL. """ return pulumi.get(self, "password") @@ -5530,7 +5590,7 @@ def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi. @pulumi.getter def username(self) -> Optional[pulumi.Input[str]]: """ - The username to be used in the connection (the account admin level). + The root credential username used in the connection URL. """ return pulumi.get(self, "username") @@ -5542,7 +5602,7 @@ def username(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[pulumi.Input[str]]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -5586,21 +5646,22 @@ def __init__(__self__, *, """ :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_roles: A list of roles that are allowed to use this connection. - :param pulumi.Input[str] connection_url: A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + :param pulumi.Input[str] connection_url: Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) :param pulumi.Input[Mapping[str, Any]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: :param pulumi.Input[bool] disable_escaping: Disable special character escaping in username and password. - :param pulumi.Input[int] max_connection_lifetime: The maximum number of seconds to keep - a connection alive for. + :param pulumi.Input[int] max_connection_lifetime: The maximum amount of time a connection may be reused. :param pulumi.Input[int] max_idle_connections: The maximum number of idle connections to - maintain. + the database. :param pulumi.Input[int] max_open_connections: The maximum number of open connections to - use. - :param pulumi.Input[str] password: The password to be used in the connection. + the database. + :param pulumi.Input[str] password: The root credential password used in the connection URL. :param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use. :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials. - :param pulumi.Input[str] username: The username to be used in the connection (the account admin level). - :param pulumi.Input[str] username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + :param pulumi.Input[str] username: The root credential username used in the connection URL. + :param pulumi.Input[str] username_template: [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. :param pulumi.Input[bool] verify_connection: Whether the connection should be verified on initial configuration or not. """ @@ -5671,8 +5732,8 @@ def auth_type(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[pulumi.Input[str]]: """ - A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) """ return pulumi.get(self, "connection_url") @@ -5685,6 +5746,8 @@ def connection_url(self, value: Optional[pulumi.Input[str]]): def data(self) -> Optional[pulumi.Input[Mapping[str, Any]]]: """ A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: """ return pulumi.get(self, "data") @@ -5708,8 +5771,7 @@ def disable_escaping(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[pulumi.Input[int]]: """ - The maximum number of seconds to keep - a connection alive for. + The maximum amount of time a connection may be reused. """ return pulumi.get(self, "max_connection_lifetime") @@ -5722,7 +5784,7 @@ def max_connection_lifetime(self, value: Optional[pulumi.Input[int]]): def max_idle_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of idle connections to - maintain. + the database. """ return pulumi.get(self, "max_idle_connections") @@ -5735,7 +5797,7 @@ def max_idle_connections(self, value: Optional[pulumi.Input[int]]): def max_open_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of open connections to - use. + the database. """ return pulumi.get(self, "max_open_connections") @@ -5747,7 +5809,7 @@ def max_open_connections(self, value: Optional[pulumi.Input[int]]): @pulumi.getter def password(self) -> Optional[pulumi.Input[str]]: """ - The password to be used in the connection. + The root credential password used in the connection URL. """ return pulumi.get(self, "password") @@ -5792,7 +5854,7 @@ def service_account_json(self, value: Optional[pulumi.Input[str]]): @pulumi.getter def username(self) -> Optional[pulumi.Input[str]]: """ - The username to be used in the connection (the account admin level). + The root credential username used in the connection URL. """ return pulumi.get(self, "username") @@ -5804,7 +5866,7 @@ def username(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[pulumi.Input[str]]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -5844,19 +5906,21 @@ def __init__(__self__, *, verify_connection: Optional[pulumi.Input[bool]] = None): """ :param pulumi.Input[str] host: The host to connect to. - :param pulumi.Input[str] password: The password to be used in the connection. - :param pulumi.Input[str] username: The username to be used in the connection (the account admin level). + :param pulumi.Input[str] password: The root credential password used in the connection URL. + :param pulumi.Input[str] username: The root credential username used in the connection URL. :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_roles: A list of roles that are allowed to use this connection. - :param pulumi.Input[str] ca_cert: The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity. + :param pulumi.Input[str] ca_cert: The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. :param pulumi.Input[Mapping[str, Any]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: :param pulumi.Input[bool] insecure_tls: Whether to skip verification of the server certificate when using TLS. :param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use. :param pulumi.Input[int] port: The default port to connect to if no port is specified as part of the host. :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials. - :param pulumi.Input[bool] tls: Whether to use TLS when connecting to Redis. + :param pulumi.Input[bool] tls: Whether to use TLS when connecting to Cassandra. :param pulumi.Input[bool] verify_connection: Whether the connection should be verified on initial configuration or not. """ @@ -5908,7 +5972,7 @@ def name(self, value: pulumi.Input[str]): @pulumi.getter def password(self) -> pulumi.Input[str]: """ - The password to be used in the connection. + The root credential password used in the connection URL. """ return pulumi.get(self, "password") @@ -5920,7 +5984,7 @@ def password(self, value: pulumi.Input[str]): @pulumi.getter def username(self) -> pulumi.Input[str]: """ - The username to be used in the connection (the account admin level). + The root credential username used in the connection URL. """ return pulumi.get(self, "username") @@ -5945,7 +6009,7 @@ def allowed_roles(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]] @pulumi.getter(name="caCert") def ca_cert(self) -> Optional[pulumi.Input[str]]: """ - The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity. + The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. """ return pulumi.get(self, "ca_cert") @@ -5958,6 +6022,8 @@ def ca_cert(self, value: Optional[pulumi.Input[str]]): def data(self) -> Optional[pulumi.Input[Mapping[str, Any]]]: """ A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: """ return pulumi.get(self, "data") @@ -6019,7 +6085,7 @@ def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi. @pulumi.getter def tls(self) -> Optional[pulumi.Input[bool]]: """ - Whether to use TLS when connecting to Redis. + Whether to use TLS when connecting to Cassandra. """ return pulumi.get(self, "tls") @@ -6055,16 +6121,19 @@ def __init__(__self__, *, username: Optional[pulumi.Input[str]] = None, verify_connection: Optional[pulumi.Input[bool]] = None): """ - :param pulumi.Input[str] url: The configuration endpoint for the ElastiCache cluster to connect to. + :param pulumi.Input[str] url: The URL for Elasticsearch's API. https requires certificate + by trusted CA if used. :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_roles: A list of roles that are allowed to use this connection. :param pulumi.Input[Mapping[str, Any]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings. - :param pulumi.Input[str] password: The password to be used in the connection. + + Supported list of database secrets engines that can be configured: + :param pulumi.Input[str] password: The root credential password used in the connection URL. :param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use. :param pulumi.Input[str] region: The AWS region where the ElastiCache cluster is hosted. If omitted the plugin tries to infer the region from the environment. :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials. - :param pulumi.Input[str] username: The username to be used in the connection (the account admin level). + :param pulumi.Input[str] username: The root credential username used in the connection URL. :param pulumi.Input[bool] verify_connection: Whether the connection should be verified on initial configuration or not. """ @@ -6100,7 +6169,8 @@ def name(self, value: pulumi.Input[str]): @pulumi.getter def url(self) -> pulumi.Input[str]: """ - The configuration endpoint for the ElastiCache cluster to connect to. + The URL for Elasticsearch's API. https requires certificate + by trusted CA if used. """ return pulumi.get(self, "url") @@ -6126,6 +6196,8 @@ def allowed_roles(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]] def data(self) -> Optional[pulumi.Input[Mapping[str, Any]]]: """ A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: """ return pulumi.get(self, "data") @@ -6137,7 +6209,7 @@ def data(self, value: Optional[pulumi.Input[Mapping[str, Any]]]): @pulumi.getter def password(self) -> Optional[pulumi.Input[str]]: """ - The password to be used in the connection. + The root credential password used in the connection URL. """ return pulumi.get(self, "password") @@ -6186,7 +6258,7 @@ def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi. @pulumi.getter def username(self) -> Optional[pulumi.Input[str]]: """ - The username to be used in the connection (the account admin level). + The root credential username used in the connection URL. """ return pulumi.get(self, "username") @@ -6228,21 +6300,22 @@ def __init__(__self__, *, """ :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_roles: A list of roles that are allowed to use this connection. - :param pulumi.Input[str] connection_url: A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + :param pulumi.Input[str] connection_url: Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) :param pulumi.Input[Mapping[str, Any]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: :param pulumi.Input[bool] disable_escaping: Disable special character escaping in username and password. - :param pulumi.Input[int] max_connection_lifetime: The maximum number of seconds to keep - a connection alive for. + :param pulumi.Input[int] max_connection_lifetime: The maximum amount of time a connection may be reused. :param pulumi.Input[int] max_idle_connections: The maximum number of idle connections to - maintain. + the database. :param pulumi.Input[int] max_open_connections: The maximum number of open connections to - use. - :param pulumi.Input[str] password: The password to be used in the connection. + the database. + :param pulumi.Input[str] password: The root credential password used in the connection URL. :param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use. :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials. - :param pulumi.Input[str] username: The username to be used in the connection (the account admin level). - :param pulumi.Input[str] username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + :param pulumi.Input[str] username: The root credential username used in the connection URL. + :param pulumi.Input[str] username_template: [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. :param pulumi.Input[bool] verify_connection: Whether the connection should be verified on initial configuration or not. """ @@ -6300,8 +6373,8 @@ def allowed_roles(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]] @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[pulumi.Input[str]]: """ - A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) """ return pulumi.get(self, "connection_url") @@ -6314,6 +6387,8 @@ def connection_url(self, value: Optional[pulumi.Input[str]]): def data(self) -> Optional[pulumi.Input[Mapping[str, Any]]]: """ A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: """ return pulumi.get(self, "data") @@ -6337,8 +6412,7 @@ def disable_escaping(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[pulumi.Input[int]]: """ - The maximum number of seconds to keep - a connection alive for. + The maximum amount of time a connection may be reused. """ return pulumi.get(self, "max_connection_lifetime") @@ -6351,7 +6425,7 @@ def max_connection_lifetime(self, value: Optional[pulumi.Input[int]]): def max_idle_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of idle connections to - maintain. + the database. """ return pulumi.get(self, "max_idle_connections") @@ -6364,7 +6438,7 @@ def max_idle_connections(self, value: Optional[pulumi.Input[int]]): def max_open_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of open connections to - use. + the database. """ return pulumi.get(self, "max_open_connections") @@ -6376,7 +6450,7 @@ def max_open_connections(self, value: Optional[pulumi.Input[int]]): @pulumi.getter def password(self) -> Optional[pulumi.Input[str]]: """ - The password to be used in the connection. + The root credential password used in the connection URL. """ return pulumi.get(self, "password") @@ -6412,7 +6486,7 @@ def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi. @pulumi.getter def username(self) -> Optional[pulumi.Input[str]]: """ - The username to be used in the connection (the account admin level). + The root credential username used in the connection URL. """ return pulumi.get(self, "username") @@ -6424,7 +6498,7 @@ def username(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[pulumi.Input[str]]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -6465,20 +6539,21 @@ def __init__(__self__, *, """ :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_roles: A list of roles that are allowed to use this connection. - :param pulumi.Input[str] connection_url: A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + :param pulumi.Input[str] connection_url: Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) :param pulumi.Input[Mapping[str, Any]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings. - :param pulumi.Input[int] max_connection_lifetime: The maximum number of seconds to keep - a connection alive for. + + Supported list of database secrets engines that can be configured: + :param pulumi.Input[int] max_connection_lifetime: The maximum amount of time a connection may be reused. :param pulumi.Input[int] max_idle_connections: The maximum number of idle connections to - maintain. + the database. :param pulumi.Input[int] max_open_connections: The maximum number of open connections to - use. - :param pulumi.Input[str] password: The password to be used in the connection. + the database. + :param pulumi.Input[str] password: The root credential password used in the connection URL. :param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use. :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials. - :param pulumi.Input[str] username: The username to be used in the connection (the account admin level). - :param pulumi.Input[str] username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + :param pulumi.Input[str] username: The root credential username used in the connection URL. + :param pulumi.Input[str] username_template: [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. :param pulumi.Input[bool] verify_connection: Whether the connection should be verified on initial configuration or not. """ @@ -6534,8 +6609,8 @@ def allowed_roles(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]] @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[pulumi.Input[str]]: """ - A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) """ return pulumi.get(self, "connection_url") @@ -6548,6 +6623,8 @@ def connection_url(self, value: Optional[pulumi.Input[str]]): def data(self) -> Optional[pulumi.Input[Mapping[str, Any]]]: """ A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: """ return pulumi.get(self, "data") @@ -6559,8 +6636,7 @@ def data(self, value: Optional[pulumi.Input[Mapping[str, Any]]]): @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[pulumi.Input[int]]: """ - The maximum number of seconds to keep - a connection alive for. + The maximum amount of time a connection may be reused. """ return pulumi.get(self, "max_connection_lifetime") @@ -6573,7 +6649,7 @@ def max_connection_lifetime(self, value: Optional[pulumi.Input[int]]): def max_idle_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of idle connections to - maintain. + the database. """ return pulumi.get(self, "max_idle_connections") @@ -6586,7 +6662,7 @@ def max_idle_connections(self, value: Optional[pulumi.Input[int]]): def max_open_connections(self) -> Optional[pulumi.Input[int]]: """ The maximum number of open connections to - use. + the database. """ return pulumi.get(self, "max_open_connections") @@ -6598,7 +6674,7 @@ def max_open_connections(self, value: Optional[pulumi.Input[int]]): @pulumi.getter def password(self) -> Optional[pulumi.Input[str]]: """ - The password to be used in the connection. + The root credential password used in the connection URL. """ return pulumi.get(self, "password") @@ -6634,7 +6710,7 @@ def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi. @pulumi.getter def username(self) -> Optional[pulumi.Input[str]]: """ - The username to be used in the connection (the account admin level). + The root credential username used in the connection URL. """ return pulumi.get(self, "username") @@ -6646,7 +6722,7 @@ def username(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[pulumi.Input[str]]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") diff --git a/sdk/python/pulumi_vault/database/outputs.py b/sdk/python/pulumi_vault/database/outputs.py index 4711c8263..ad14e799d 100644 --- a/sdk/python/pulumi_vault/database/outputs.py +++ b/sdk/python/pulumi_vault/database/outputs.py @@ -89,18 +89,18 @@ def __init__(__self__, *, """ :param int connect_timeout: The number of seconds to use as a connection timeout. - :param Sequence[str] hosts: A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + :param Sequence[str] hosts: The hosts to connect to. :param bool insecure_tls: Whether to skip verification of the server certificate when using TLS. - :param str password: The root credential password used in the connection URL. + :param str password: The password to authenticate with. :param str pem_bundle: Concatenated PEM blocks configuring the certificate chain. :param str pem_json: A JSON structure configuring the certificate chain. :param int port: The default port to connect to if no port is specified as part of the host. :param int protocol_version: The CQL protocol version to use. - :param bool tls: Whether to use TLS when connecting to Redis. - :param str username: The root credential username used in the connection URL. + :param bool tls: Whether to use TLS when connecting to Cassandra. + :param str username: The username to authenticate with. """ if connect_timeout is not None: pulumi.set(__self__, "connect_timeout", connect_timeout) @@ -136,7 +136,7 @@ def connect_timeout(self) -> Optional[int]: @pulumi.getter def hosts(self) -> Optional[Sequence[str]]: """ - A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + The hosts to connect to. """ return pulumi.get(self, "hosts") @@ -153,7 +153,7 @@ def insecure_tls(self) -> Optional[bool]: @pulumi.getter def password(self) -> Optional[str]: """ - The root credential password used in the connection URL. + The password to authenticate with. """ return pulumi.get(self, "password") @@ -195,7 +195,7 @@ def protocol_version(self) -> Optional[int]: @pulumi.getter def tls(self) -> Optional[bool]: """ - Whether to use TLS when connecting to Redis. + Whether to use TLS when connecting to Cassandra. """ return pulumi.get(self, "tls") @@ -203,7 +203,7 @@ def tls(self) -> Optional[bool]: @pulumi.getter def username(self) -> Optional[str]: """ - The root credential username used in the connection URL. + The username to authenticate with. """ return pulumi.get(self, "username") @@ -243,15 +243,15 @@ def __init__(__self__, *, tls: Optional[bool] = None, username_template: Optional[str] = None): """ - :param Sequence[str] hosts: A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. - :param str password: The root credential password used in the connection URL. - :param str username: The root credential username used in the connection URL. + :param Sequence[str] hosts: The hosts to connect to. + :param str password: The password to authenticate with. + :param str username: The username to authenticate with. :param str base64_pem: Required if `tls` is `true`. Specifies the certificate authority of the Couchbase server, as a PEM certificate that has been base64 encoded. :param str bucket_name: Required for Couchbase versions prior to 6.5.0. This is only used to verify vault's connection to the server. :param bool insecure_tls: Whether to skip verification of the server certificate when using TLS. - :param bool tls: Whether to use TLS when connecting to Redis. - :param str username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + :param bool tls: Whether to use TLS when connecting to Cassandra. + :param str username_template: Template describing how dynamic usernames are generated. """ pulumi.set(__self__, "hosts", hosts) pulumi.set(__self__, "password", password) @@ -271,7 +271,7 @@ def __init__(__self__, *, @pulumi.getter def hosts(self) -> Sequence[str]: """ - A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + The hosts to connect to. """ return pulumi.get(self, "hosts") @@ -279,7 +279,7 @@ def hosts(self) -> Sequence[str]: @pulumi.getter def password(self) -> str: """ - The root credential password used in the connection URL. + The password to authenticate with. """ return pulumi.get(self, "password") @@ -287,7 +287,7 @@ def password(self) -> str: @pulumi.getter def username(self) -> str: """ - The root credential username used in the connection URL. + The username to authenticate with. """ return pulumi.get(self, "username") @@ -320,7 +320,7 @@ def insecure_tls(self) -> Optional[bool]: @pulumi.getter def tls(self) -> Optional[bool]: """ - Whether to use TLS when connecting to Redis. + Whether to use TLS when connecting to Cassandra. """ return pulumi.get(self, "tls") @@ -328,7 +328,7 @@ def tls(self) -> Optional[bool]: @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[str]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + Template describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -374,17 +374,17 @@ def __init__(__self__, *, tls_server_name: Optional[str] = None, username_template: Optional[str] = None): """ - :param str password: The root credential password used in the connection URL. + :param str password: The password to authenticate with. :param str url: The URL for Elasticsearch's API. https requires certificate by trusted CA if used. - :param str username: The root credential username used in the connection URL. + :param str username: The username to authenticate with. :param str ca_cert: The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. :param str ca_path: The path to a directory of PEM-encoded CA cert files to use to verify the Elasticsearch server's identity. :param str client_cert: The path to the certificate for the Elasticsearch client to present for communication. :param str client_key: The path to the key for the Elasticsearch client to use for communication. :param bool insecure: Whether to disable certificate verification. :param str tls_server_name: This, if set, is used to set the SNI host when connecting via TLS. - :param str username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + :param str username_template: Template describing how dynamic usernames are generated. """ pulumi.set(__self__, "password", password) pulumi.set(__self__, "url", url) @@ -408,7 +408,7 @@ def __init__(__self__, *, @pulumi.getter def password(self) -> str: """ - The root credential password used in the connection URL. + The password to authenticate with. """ return pulumi.get(self, "password") @@ -425,7 +425,7 @@ def url(self) -> str: @pulumi.getter def username(self) -> str: """ - The root credential username used in the connection URL. + The username to authenticate with. """ return pulumi.get(self, "username") @@ -481,7 +481,7 @@ def tls_server_name(self) -> Optional[str]: @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[str]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + Template describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -522,18 +522,19 @@ def __init__(__self__, *, password: Optional[str] = None, username: Optional[str] = None): """ - :param str connection_url: Specifies the Redshift DSN. See + :param str connection_url: A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. :param bool disable_escaping: Disable special character escaping in username and password. - :param int max_connection_lifetime: The maximum amount of time a connection may be reused. + :param int max_connection_lifetime: The maximum number of seconds to keep + a connection alive for. :param int max_idle_connections: The maximum number of idle connections to - the database. + maintain. :param int max_open_connections: The maximum number of open connections to - the database. - :param str password: The root credential password used in the connection URL. - :param str username: The root credential username used in the connection URL. + use. + :param str password: The password to authenticate with. + :param str username: The username to authenticate with. """ if connection_url is not None: pulumi.set(__self__, "connection_url", connection_url) @@ -554,9 +555,9 @@ def __init__(__self__, *, @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[str]: """ - Specifies the Redshift DSN. See + A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. """ return pulumi.get(self, "connection_url") @@ -573,7 +574,8 @@ def disable_escaping(self) -> Optional[bool]: @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[int]: """ - The maximum amount of time a connection may be reused. + The maximum number of seconds to keep + a connection alive for. """ return pulumi.get(self, "max_connection_lifetime") @@ -582,7 +584,7 @@ def max_connection_lifetime(self) -> Optional[int]: def max_idle_connections(self) -> Optional[int]: """ The maximum number of idle connections to - the database. + maintain. """ return pulumi.get(self, "max_idle_connections") @@ -591,7 +593,7 @@ def max_idle_connections(self) -> Optional[int]: def max_open_connections(self) -> Optional[int]: """ The maximum number of open connections to - the database. + use. """ return pulumi.get(self, "max_open_connections") @@ -599,7 +601,7 @@ def max_open_connections(self) -> Optional[int]: @pulumi.getter def password(self) -> Optional[str]: """ - The root credential password used in the connection URL. + The password to authenticate with. """ return pulumi.get(self, "password") @@ -607,7 +609,7 @@ def password(self) -> Optional[str]: @pulumi.getter def username(self) -> Optional[str]: """ - The root credential username used in the connection URL. + The username to authenticate with. """ return pulumi.get(self, "username") @@ -652,8 +654,8 @@ def __init__(__self__, *, username_template: Optional[str] = None): """ :param str host: The host to connect to. - :param str password: The root credential password used in the connection URL. - :param str username: The root credential username used in the connection URL. + :param str password: The password to authenticate with. + :param str username: The username to authenticate with. :param int connect_timeout: The number of seconds to use as a connection timeout. :param bool insecure_tls: Whether to skip verification of the server @@ -663,8 +665,8 @@ def __init__(__self__, *, :param str pem_json: A JSON structure configuring the certificate chain. :param int port: The default port to connect to if no port is specified as part of the host. - :param bool tls: Whether to use TLS when connecting to Redis. - :param str username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + :param bool tls: Whether to use TLS when connecting to Cassandra. + :param str username_template: Template describing how dynamic usernames are generated. """ pulumi.set(__self__, "host", host) pulumi.set(__self__, "password", password) @@ -696,7 +698,7 @@ def host(self) -> str: @pulumi.getter def password(self) -> str: """ - The root credential password used in the connection URL. + The password to authenticate with. """ return pulumi.get(self, "password") @@ -704,7 +706,7 @@ def password(self) -> str: @pulumi.getter def username(self) -> str: """ - The root credential username used in the connection URL. + The username to authenticate with. """ return pulumi.get(self, "username") @@ -756,7 +758,7 @@ def port(self) -> Optional[int]: @pulumi.getter def tls(self) -> Optional[bool]: """ - Whether to use TLS when connecting to Redis. + Whether to use TLS when connecting to Cassandra. """ return pulumi.get(self, "tls") @@ -764,7 +766,7 @@ def tls(self) -> Optional[bool]: @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[str]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + Template describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -805,18 +807,19 @@ def __init__(__self__, *, username: Optional[str] = None, username_template: Optional[str] = None): """ - :param str connection_url: Specifies the Redshift DSN. See + :param str connection_url: A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. - :param int max_connection_lifetime: The maximum amount of time a connection may be reused. + :param int max_connection_lifetime: The maximum number of seconds to keep + a connection alive for. :param int max_idle_connections: The maximum number of idle connections to - the database. + maintain. :param int max_open_connections: The maximum number of open connections to - the database. - :param str password: The root credential password used in the connection URL. - :param str username: The root credential username used in the connection URL. - :param str username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + use. + :param str password: The password to authenticate with. + :param str username: The username to authenticate with. + :param str username_template: Template describing how dynamic usernames are generated. """ if connection_url is not None: pulumi.set(__self__, "connection_url", connection_url) @@ -837,9 +840,9 @@ def __init__(__self__, *, @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[str]: """ - Specifies the Redshift DSN. See + A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. """ return pulumi.get(self, "connection_url") @@ -848,7 +851,8 @@ def connection_url(self) -> Optional[str]: @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[int]: """ - The maximum amount of time a connection may be reused. + The maximum number of seconds to keep + a connection alive for. """ return pulumi.get(self, "max_connection_lifetime") @@ -857,7 +861,7 @@ def max_connection_lifetime(self) -> Optional[int]: def max_idle_connections(self) -> Optional[int]: """ The maximum number of idle connections to - the database. + maintain. """ return pulumi.get(self, "max_idle_connections") @@ -866,7 +870,7 @@ def max_idle_connections(self) -> Optional[int]: def max_open_connections(self) -> Optional[int]: """ The maximum number of open connections to - the database. + use. """ return pulumi.get(self, "max_open_connections") @@ -874,7 +878,7 @@ def max_open_connections(self) -> Optional[int]: @pulumi.getter def password(self) -> Optional[str]: """ - The root credential password used in the connection URL. + The password to authenticate with. """ return pulumi.get(self, "password") @@ -882,7 +886,7 @@ def password(self) -> Optional[str]: @pulumi.getter def username(self) -> Optional[str]: """ - The root credential username used in the connection URL. + The username to authenticate with. """ return pulumi.get(self, "username") @@ -890,7 +894,7 @@ def username(self) -> Optional[str]: @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[str]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + Template describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -998,23 +1002,24 @@ def __init__(__self__, *, username: Optional[str] = None, username_template: Optional[str] = None): """ - :param str connection_url: Specifies the Redshift DSN. See + :param str connection_url: A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. :param bool contained_db: For Vault v1.9+. Set to true when the target is a Contained Database, e.g. AzureSQL. See the [Vault docs](https://www.vaultproject.io/api/secret/databases/mssql#contained_db) :param bool disable_escaping: Disable special character escaping in username and password. - :param int max_connection_lifetime: The maximum amount of time a connection may be reused. + :param int max_connection_lifetime: The maximum number of seconds to keep + a connection alive for. :param int max_idle_connections: The maximum number of idle connections to - the database. + maintain. :param int max_open_connections: The maximum number of open connections to - the database. - :param str password: The root credential password used in the connection URL. - :param str username: The root credential username used in the connection URL. - :param str username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + use. + :param str password: The password to authenticate with. + :param str username: The username to authenticate with. + :param str username_template: Template describing how dynamic usernames are generated. """ if connection_url is not None: pulumi.set(__self__, "connection_url", connection_url) @@ -1039,9 +1044,9 @@ def __init__(__self__, *, @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[str]: """ - Specifies the Redshift DSN. See + A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. """ return pulumi.get(self, "connection_url") @@ -1069,7 +1074,8 @@ def disable_escaping(self) -> Optional[bool]: @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[int]: """ - The maximum amount of time a connection may be reused. + The maximum number of seconds to keep + a connection alive for. """ return pulumi.get(self, "max_connection_lifetime") @@ -1078,7 +1084,7 @@ def max_connection_lifetime(self) -> Optional[int]: def max_idle_connections(self) -> Optional[int]: """ The maximum number of idle connections to - the database. + maintain. """ return pulumi.get(self, "max_idle_connections") @@ -1087,7 +1093,7 @@ def max_idle_connections(self) -> Optional[int]: def max_open_connections(self) -> Optional[int]: """ The maximum number of open connections to - the database. + use. """ return pulumi.get(self, "max_open_connections") @@ -1095,7 +1101,7 @@ def max_open_connections(self) -> Optional[int]: @pulumi.getter def password(self) -> Optional[str]: """ - The root credential password used in the connection URL. + The password to authenticate with. """ return pulumi.get(self, "password") @@ -1103,7 +1109,7 @@ def password(self) -> Optional[str]: @pulumi.getter def username(self) -> Optional[str]: """ - The root credential username used in the connection URL. + The username to authenticate with. """ return pulumi.get(self, "username") @@ -1111,7 +1117,7 @@ def username(self) -> Optional[str]: @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[str]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + Template describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -1165,21 +1171,22 @@ def __init__(__self__, *, username_template: Optional[str] = None): """ :param str auth_type: Enable IAM authentication to a Google Cloud instance when set to `gcp_iam` - :param str connection_url: Specifies the Redshift DSN. See + :param str connection_url: A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. - :param int max_connection_lifetime: The maximum amount of time a connection may be reused. + :param int max_connection_lifetime: The maximum number of seconds to keep + a connection alive for. :param int max_idle_connections: The maximum number of idle connections to - the database. + maintain. :param int max_open_connections: The maximum number of open connections to - the database. - :param str password: The root credential password used in the connection URL. + use. + :param str password: The password to authenticate with. :param str service_account_json: JSON encoding of an IAM access key. Requires `auth_type` to be `gcp_iam`. :param str tls_ca: x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded. :param str tls_certificate_key: x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined. - :param str username: The root credential username used in the connection URL. - :param str username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + :param str username: The username to authenticate with. + :param str username_template: Template describing how dynamic usernames are generated. """ if auth_type is not None: pulumi.set(__self__, "auth_type", auth_type) @@ -1216,9 +1223,9 @@ def auth_type(self) -> Optional[str]: @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[str]: """ - Specifies the Redshift DSN. See + A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. """ return pulumi.get(self, "connection_url") @@ -1227,7 +1234,8 @@ def connection_url(self) -> Optional[str]: @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[int]: """ - The maximum amount of time a connection may be reused. + The maximum number of seconds to keep + a connection alive for. """ return pulumi.get(self, "max_connection_lifetime") @@ -1236,7 +1244,7 @@ def max_connection_lifetime(self) -> Optional[int]: def max_idle_connections(self) -> Optional[int]: """ The maximum number of idle connections to - the database. + maintain. """ return pulumi.get(self, "max_idle_connections") @@ -1245,7 +1253,7 @@ def max_idle_connections(self) -> Optional[int]: def max_open_connections(self) -> Optional[int]: """ The maximum number of open connections to - the database. + use. """ return pulumi.get(self, "max_open_connections") @@ -1253,7 +1261,7 @@ def max_open_connections(self) -> Optional[int]: @pulumi.getter def password(self) -> Optional[str]: """ - The root credential password used in the connection URL. + The password to authenticate with. """ return pulumi.get(self, "password") @@ -1285,7 +1293,7 @@ def tls_certificate_key(self) -> Optional[str]: @pulumi.getter def username(self) -> Optional[str]: """ - The root credential username used in the connection URL. + The username to authenticate with. """ return pulumi.get(self, "username") @@ -1293,7 +1301,7 @@ def username(self) -> Optional[str]: @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[str]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + Template describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -1334,18 +1342,19 @@ def __init__(__self__, *, username: Optional[str] = None, username_template: Optional[str] = None): """ - :param str connection_url: Specifies the Redshift DSN. See + :param str connection_url: A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. - :param int max_connection_lifetime: The maximum amount of time a connection may be reused. + :param int max_connection_lifetime: The maximum number of seconds to keep + a connection alive for. :param int max_idle_connections: The maximum number of idle connections to - the database. + maintain. :param int max_open_connections: The maximum number of open connections to - the database. - :param str password: The root credential password used in the connection URL. - :param str username: The root credential username used in the connection URL. - :param str username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + use. + :param str password: The password to authenticate with. + :param str username: The username to authenticate with. + :param str username_template: Template describing how dynamic usernames are generated. """ if connection_url is not None: pulumi.set(__self__, "connection_url", connection_url) @@ -1366,9 +1375,9 @@ def __init__(__self__, *, @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[str]: """ - Specifies the Redshift DSN. See + A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. """ return pulumi.get(self, "connection_url") @@ -1377,7 +1386,8 @@ def connection_url(self) -> Optional[str]: @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[int]: """ - The maximum amount of time a connection may be reused. + The maximum number of seconds to keep + a connection alive for. """ return pulumi.get(self, "max_connection_lifetime") @@ -1386,7 +1396,7 @@ def max_connection_lifetime(self) -> Optional[int]: def max_idle_connections(self) -> Optional[int]: """ The maximum number of idle connections to - the database. + maintain. """ return pulumi.get(self, "max_idle_connections") @@ -1395,7 +1405,7 @@ def max_idle_connections(self) -> Optional[int]: def max_open_connections(self) -> Optional[int]: """ The maximum number of open connections to - the database. + use. """ return pulumi.get(self, "max_open_connections") @@ -1403,7 +1413,7 @@ def max_open_connections(self) -> Optional[int]: @pulumi.getter def password(self) -> Optional[str]: """ - The root credential password used in the connection URL. + The password to authenticate with. """ return pulumi.get(self, "password") @@ -1411,7 +1421,7 @@ def password(self) -> Optional[str]: @pulumi.getter def username(self) -> Optional[str]: """ - The root credential username used in the connection URL. + The username to authenticate with. """ return pulumi.get(self, "username") @@ -1419,7 +1429,7 @@ def username(self) -> Optional[str]: @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[str]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + Template describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -1460,18 +1470,19 @@ def __init__(__self__, *, username: Optional[str] = None, username_template: Optional[str] = None): """ - :param str connection_url: Specifies the Redshift DSN. See + :param str connection_url: A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. - :param int max_connection_lifetime: The maximum amount of time a connection may be reused. + :param int max_connection_lifetime: The maximum number of seconds to keep + a connection alive for. :param int max_idle_connections: The maximum number of idle connections to - the database. + maintain. :param int max_open_connections: The maximum number of open connections to - the database. - :param str password: The root credential password used in the connection URL. - :param str username: The root credential username used in the connection URL. - :param str username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + use. + :param str password: The password to authenticate with. + :param str username: The username to authenticate with. + :param str username_template: Template describing how dynamic usernames are generated. """ if connection_url is not None: pulumi.set(__self__, "connection_url", connection_url) @@ -1492,9 +1503,9 @@ def __init__(__self__, *, @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[str]: """ - Specifies the Redshift DSN. See + A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. """ return pulumi.get(self, "connection_url") @@ -1503,7 +1514,8 @@ def connection_url(self) -> Optional[str]: @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[int]: """ - The maximum amount of time a connection may be reused. + The maximum number of seconds to keep + a connection alive for. """ return pulumi.get(self, "max_connection_lifetime") @@ -1512,7 +1524,7 @@ def max_connection_lifetime(self) -> Optional[int]: def max_idle_connections(self) -> Optional[int]: """ The maximum number of idle connections to - the database. + maintain. """ return pulumi.get(self, "max_idle_connections") @@ -1521,7 +1533,7 @@ def max_idle_connections(self) -> Optional[int]: def max_open_connections(self) -> Optional[int]: """ The maximum number of open connections to - the database. + use. """ return pulumi.get(self, "max_open_connections") @@ -1529,7 +1541,7 @@ def max_open_connections(self) -> Optional[int]: @pulumi.getter def password(self) -> Optional[str]: """ - The root credential password used in the connection URL. + The password to authenticate with. """ return pulumi.get(self, "password") @@ -1537,7 +1549,7 @@ def password(self) -> Optional[str]: @pulumi.getter def username(self) -> Optional[str]: """ - The root credential username used in the connection URL. + The username to authenticate with. """ return pulumi.get(self, "username") @@ -1545,7 +1557,7 @@ def username(self) -> Optional[str]: @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[str]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + Template describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -1586,18 +1598,19 @@ def __init__(__self__, *, username: Optional[str] = None, username_template: Optional[str] = None): """ - :param str connection_url: Specifies the Redshift DSN. See + :param str connection_url: A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. - :param int max_connection_lifetime: The maximum amount of time a connection may be reused. + :param int max_connection_lifetime: The maximum number of seconds to keep + a connection alive for. :param int max_idle_connections: The maximum number of idle connections to - the database. + maintain. :param int max_open_connections: The maximum number of open connections to - the database. - :param str password: The root credential password used in the connection URL. - :param str username: The root credential username used in the connection URL. - :param str username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + use. + :param str password: The password to authenticate with. + :param str username: The username to authenticate with. + :param str username_template: Template describing how dynamic usernames are generated. """ if connection_url is not None: pulumi.set(__self__, "connection_url", connection_url) @@ -1618,9 +1631,9 @@ def __init__(__self__, *, @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[str]: """ - Specifies the Redshift DSN. See + A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. """ return pulumi.get(self, "connection_url") @@ -1629,7 +1642,8 @@ def connection_url(self) -> Optional[str]: @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[int]: """ - The maximum amount of time a connection may be reused. + The maximum number of seconds to keep + a connection alive for. """ return pulumi.get(self, "max_connection_lifetime") @@ -1638,7 +1652,7 @@ def max_connection_lifetime(self) -> Optional[int]: def max_idle_connections(self) -> Optional[int]: """ The maximum number of idle connections to - the database. + maintain. """ return pulumi.get(self, "max_idle_connections") @@ -1647,7 +1661,7 @@ def max_idle_connections(self) -> Optional[int]: def max_open_connections(self) -> Optional[int]: """ The maximum number of open connections to - the database. + use. """ return pulumi.get(self, "max_open_connections") @@ -1655,7 +1669,7 @@ def max_open_connections(self) -> Optional[int]: @pulumi.getter def password(self) -> Optional[str]: """ - The root credential password used in the connection URL. + The password to authenticate with. """ return pulumi.get(self, "password") @@ -1663,7 +1677,7 @@ def password(self) -> Optional[str]: @pulumi.getter def username(self) -> Optional[str]: """ - The root credential username used in the connection URL. + The username to authenticate with. """ return pulumi.get(self, "username") @@ -1671,7 +1685,7 @@ def username(self) -> Optional[str]: @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[str]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + Template describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -1712,18 +1726,19 @@ def __init__(__self__, *, username: Optional[str] = None, username_template: Optional[str] = None): """ - :param str connection_url: Specifies the Redshift DSN. See + :param str connection_url: A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. - :param int max_connection_lifetime: The maximum amount of time a connection may be reused. + :param int max_connection_lifetime: The maximum number of seconds to keep + a connection alive for. :param int max_idle_connections: The maximum number of idle connections to - the database. + maintain. :param int max_open_connections: The maximum number of open connections to - the database. - :param str password: The root credential password used in the connection URL. - :param str username: The root credential username used in the connection URL. - :param str username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + use. + :param str password: The password to authenticate with. + :param str username: The username to authenticate with. + :param str username_template: Template describing how dynamic usernames are generated. """ if connection_url is not None: pulumi.set(__self__, "connection_url", connection_url) @@ -1744,9 +1759,9 @@ def __init__(__self__, *, @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[str]: """ - Specifies the Redshift DSN. See + A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. """ return pulumi.get(self, "connection_url") @@ -1755,7 +1770,8 @@ def connection_url(self) -> Optional[str]: @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[int]: """ - The maximum amount of time a connection may be reused. + The maximum number of seconds to keep + a connection alive for. """ return pulumi.get(self, "max_connection_lifetime") @@ -1764,7 +1780,7 @@ def max_connection_lifetime(self) -> Optional[int]: def max_idle_connections(self) -> Optional[int]: """ The maximum number of idle connections to - the database. + maintain. """ return pulumi.get(self, "max_idle_connections") @@ -1773,7 +1789,7 @@ def max_idle_connections(self) -> Optional[int]: def max_open_connections(self) -> Optional[int]: """ The maximum number of open connections to - the database. + use. """ return pulumi.get(self, "max_open_connections") @@ -1781,7 +1797,7 @@ def max_open_connections(self) -> Optional[int]: @pulumi.getter def password(self) -> Optional[str]: """ - The root credential password used in the connection URL. + The password to authenticate with. """ return pulumi.get(self, "password") @@ -1789,7 +1805,7 @@ def password(self) -> Optional[str]: @pulumi.getter def username(self) -> Optional[str]: """ - The root credential username used in the connection URL. + The username to authenticate with. """ return pulumi.get(self, "username") @@ -1797,7 +1813,7 @@ def username(self) -> Optional[str]: @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[str]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + Template describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -1848,20 +1864,21 @@ def __init__(__self__, *, username_template: Optional[str] = None): """ :param str auth_type: Enable IAM authentication to a Google Cloud instance when set to `gcp_iam` - :param str connection_url: Specifies the Redshift DSN. See + :param str connection_url: A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. :param bool disable_escaping: Disable special character escaping in username and password. - :param int max_connection_lifetime: The maximum amount of time a connection may be reused. + :param int max_connection_lifetime: The maximum number of seconds to keep + a connection alive for. :param int max_idle_connections: The maximum number of idle connections to - the database. + maintain. :param int max_open_connections: The maximum number of open connections to - the database. - :param str password: The root credential password used in the connection URL. + use. + :param str password: The password to authenticate with. :param str service_account_json: JSON encoding of an IAM access key. Requires `auth_type` to be `gcp_iam`. - :param str username: The root credential username used in the connection URL. - :param str username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + :param str username: The username to authenticate with. + :param str username_template: Template describing how dynamic usernames are generated. """ if auth_type is not None: pulumi.set(__self__, "auth_type", auth_type) @@ -1896,9 +1913,9 @@ def auth_type(self) -> Optional[str]: @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[str]: """ - Specifies the Redshift DSN. See + A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. """ return pulumi.get(self, "connection_url") @@ -1915,7 +1932,8 @@ def disable_escaping(self) -> Optional[bool]: @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[int]: """ - The maximum amount of time a connection may be reused. + The maximum number of seconds to keep + a connection alive for. """ return pulumi.get(self, "max_connection_lifetime") @@ -1924,7 +1942,7 @@ def max_connection_lifetime(self) -> Optional[int]: def max_idle_connections(self) -> Optional[int]: """ The maximum number of idle connections to - the database. + maintain. """ return pulumi.get(self, "max_idle_connections") @@ -1933,7 +1951,7 @@ def max_idle_connections(self) -> Optional[int]: def max_open_connections(self) -> Optional[int]: """ The maximum number of open connections to - the database. + use. """ return pulumi.get(self, "max_open_connections") @@ -1941,7 +1959,7 @@ def max_open_connections(self) -> Optional[int]: @pulumi.getter def password(self) -> Optional[str]: """ - The root credential password used in the connection URL. + The password to authenticate with. """ return pulumi.get(self, "password") @@ -1957,7 +1975,7 @@ def service_account_json(self) -> Optional[str]: @pulumi.getter def username(self) -> Optional[str]: """ - The root credential username used in the connection URL. + The username to authenticate with. """ return pulumi.get(self, "username") @@ -1965,7 +1983,7 @@ def username(self) -> Optional[str]: @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[str]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + Template describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -2001,14 +2019,14 @@ def __init__(__self__, *, tls: Optional[bool] = None): """ :param str host: The host to connect to. - :param str password: The root credential password used in the connection URL. - :param str username: The root credential username used in the connection URL. + :param str password: The password to authenticate with. + :param str username: The username to authenticate with. :param str ca_cert: The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. :param bool insecure_tls: Whether to skip verification of the server certificate when using TLS. :param int port: The default port to connect to if no port is specified as part of the host. - :param bool tls: Whether to use TLS when connecting to Redis. + :param bool tls: Whether to use TLS when connecting to Cassandra. """ pulumi.set(__self__, "host", host) pulumi.set(__self__, "password", password) @@ -2034,7 +2052,7 @@ def host(self) -> str: @pulumi.getter def password(self) -> str: """ - The root credential password used in the connection URL. + The password to authenticate with. """ return pulumi.get(self, "password") @@ -2042,7 +2060,7 @@ def password(self) -> str: @pulumi.getter def username(self) -> str: """ - The root credential username used in the connection URL. + The username to authenticate with. """ return pulumi.get(self, "username") @@ -2076,7 +2094,7 @@ def port(self) -> Optional[int]: @pulumi.getter def tls(self) -> Optional[bool]: """ - Whether to use TLS when connecting to Redis. + Whether to use TLS when connecting to Cassandra. """ return pulumi.get(self, "tls") @@ -2091,9 +2109,9 @@ def __init__(__self__, *, """ :param str url: The URL for Elasticsearch's API. https requires certificate by trusted CA if used. - :param str password: The root credential password used in the connection URL. + :param str password: The password to authenticate with. :param str region: The region where the ElastiCache cluster is hosted. If omitted Vault tries to infer from the environment instead. - :param str username: The root credential username used in the connection URL. + :param str username: The username to authenticate with. """ pulumi.set(__self__, "url", url) if password is not None: @@ -2116,7 +2134,7 @@ def url(self) -> str: @pulumi.getter def password(self) -> Optional[str]: """ - The root credential password used in the connection URL. + The password to authenticate with. """ return pulumi.get(self, "password") @@ -2132,7 +2150,7 @@ def region(self) -> Optional[str]: @pulumi.getter def username(self) -> Optional[str]: """ - The root credential username used in the connection URL. + The username to authenticate with. """ return pulumi.get(self, "username") @@ -2176,19 +2194,20 @@ def __init__(__self__, *, username: Optional[str] = None, username_template: Optional[str] = None): """ - :param str connection_url: Specifies the Redshift DSN. See + :param str connection_url: A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. :param bool disable_escaping: Disable special character escaping in username and password. - :param int max_connection_lifetime: The maximum amount of time a connection may be reused. + :param int max_connection_lifetime: The maximum number of seconds to keep + a connection alive for. :param int max_idle_connections: The maximum number of idle connections to - the database. + maintain. :param int max_open_connections: The maximum number of open connections to - the database. - :param str password: The root credential password used in the connection URL. - :param str username: The root credential username used in the connection URL. - :param str username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + use. + :param str password: The password to authenticate with. + :param str username: The username to authenticate with. + :param str username_template: Template describing how dynamic usernames are generated. """ if connection_url is not None: pulumi.set(__self__, "connection_url", connection_url) @@ -2211,9 +2230,9 @@ def __init__(__self__, *, @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[str]: """ - Specifies the Redshift DSN. See + A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. """ return pulumi.get(self, "connection_url") @@ -2230,7 +2249,8 @@ def disable_escaping(self) -> Optional[bool]: @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[int]: """ - The maximum amount of time a connection may be reused. + The maximum number of seconds to keep + a connection alive for. """ return pulumi.get(self, "max_connection_lifetime") @@ -2239,7 +2259,7 @@ def max_connection_lifetime(self) -> Optional[int]: def max_idle_connections(self) -> Optional[int]: """ The maximum number of idle connections to - the database. + maintain. """ return pulumi.get(self, "max_idle_connections") @@ -2248,7 +2268,7 @@ def max_idle_connections(self) -> Optional[int]: def max_open_connections(self) -> Optional[int]: """ The maximum number of open connections to - the database. + use. """ return pulumi.get(self, "max_open_connections") @@ -2256,7 +2276,7 @@ def max_open_connections(self) -> Optional[int]: @pulumi.getter def password(self) -> Optional[str]: """ - The root credential password used in the connection URL. + The password to authenticate with. """ return pulumi.get(self, "password") @@ -2264,7 +2284,7 @@ def password(self) -> Optional[str]: @pulumi.getter def username(self) -> Optional[str]: """ - The root credential username used in the connection URL. + The username to authenticate with. """ return pulumi.get(self, "username") @@ -2272,7 +2292,7 @@ def username(self) -> Optional[str]: @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[str]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + Template describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -2313,18 +2333,19 @@ def __init__(__self__, *, username: Optional[str] = None, username_template: Optional[str] = None): """ - :param str connection_url: Specifies the Redshift DSN. See + :param str connection_url: A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. - :param int max_connection_lifetime: The maximum amount of time a connection may be reused. + :param int max_connection_lifetime: The maximum number of seconds to keep + a connection alive for. :param int max_idle_connections: The maximum number of idle connections to - the database. + maintain. :param int max_open_connections: The maximum number of open connections to - the database. - :param str password: The root credential password used in the connection URL. - :param str username: The root credential username used in the connection URL. - :param str username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + use. + :param str password: The password to authenticate with. + :param str username: The username to authenticate with. + :param str username_template: Template describing how dynamic usernames are generated. """ if connection_url is not None: pulumi.set(__self__, "connection_url", connection_url) @@ -2345,9 +2366,9 @@ def __init__(__self__, *, @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[str]: """ - Specifies the Redshift DSN. See + A URL containing connection information. See the [Vault - docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) + docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload) for an example. """ return pulumi.get(self, "connection_url") @@ -2356,7 +2377,8 @@ def connection_url(self) -> Optional[str]: @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[int]: """ - The maximum amount of time a connection may be reused. + The maximum number of seconds to keep + a connection alive for. """ return pulumi.get(self, "max_connection_lifetime") @@ -2365,7 +2387,7 @@ def max_connection_lifetime(self) -> Optional[int]: def max_idle_connections(self) -> Optional[int]: """ The maximum number of idle connections to - the database. + maintain. """ return pulumi.get(self, "max_idle_connections") @@ -2374,7 +2396,7 @@ def max_idle_connections(self) -> Optional[int]: def max_open_connections(self) -> Optional[int]: """ The maximum number of open connections to - the database. + use. """ return pulumi.get(self, "max_open_connections") @@ -2382,7 +2404,7 @@ def max_open_connections(self) -> Optional[int]: @pulumi.getter def password(self) -> Optional[str]: """ - The root credential password used in the connection URL. + The password to authenticate with. """ return pulumi.get(self, "password") @@ -2390,7 +2412,7 @@ def password(self) -> Optional[str]: @pulumi.getter def username(self) -> Optional[str]: """ - The root credential username used in the connection URL. + The username to authenticate with. """ return pulumi.get(self, "username") @@ -2398,7 +2420,7 @@ def username(self) -> Optional[str]: @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[str]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + Template describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -2461,10 +2483,12 @@ def __init__(__self__, *, :param int connect_timeout: The number of seconds to use as a connection timeout. :param Mapping[str, Any] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings. - :param Sequence[str] hosts: A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + + Supported list of database secrets engines that can be configured: + :param Sequence[str] hosts: The hosts to connect to. :param bool insecure_tls: Whether to skip verification of the server certificate when using TLS. - :param str password: The password to be used in the connection. + :param str password: The root credential password used in the connection URL. :param str pem_bundle: Concatenated PEM blocks configuring the certificate chain. :param str pem_json: A JSON structure configuring the certificate chain. @@ -2473,8 +2497,8 @@ def __init__(__self__, *, part of the host. :param int protocol_version: The CQL protocol version to use. :param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials. - :param bool tls: Whether to use TLS when connecting to Redis. - :param str username: The username to be used in the connection (the account admin level). + :param bool tls: Whether to use TLS when connecting to Cassandra. + :param str username: The root credential username used in the connection URL. :param bool verify_connection: Whether the connection should be verified on initial configuration or not. """ @@ -2538,6 +2562,8 @@ def connect_timeout(self) -> Optional[int]: def data(self) -> Optional[Mapping[str, Any]]: """ A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: """ return pulumi.get(self, "data") @@ -2545,7 +2571,7 @@ def data(self) -> Optional[Mapping[str, Any]]: @pulumi.getter def hosts(self) -> Optional[Sequence[str]]: """ - A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + The hosts to connect to. """ return pulumi.get(self, "hosts") @@ -2562,7 +2588,7 @@ def insecure_tls(self) -> Optional[bool]: @pulumi.getter def password(self) -> Optional[str]: """ - The password to be used in the connection. + The root credential password used in the connection URL. """ return pulumi.get(self, "password") @@ -2620,7 +2646,7 @@ def root_rotation_statements(self) -> Optional[Sequence[str]]: @pulumi.getter def tls(self) -> Optional[bool]: """ - Whether to use TLS when connecting to Redis. + Whether to use TLS when connecting to Cassandra. """ return pulumi.get(self, "tls") @@ -2628,7 +2654,7 @@ def tls(self) -> Optional[bool]: @pulumi.getter def username(self) -> Optional[str]: """ - The username to be used in the connection (the account admin level). + The root credential username used in the connection URL. """ return pulumi.get(self, "username") @@ -2691,20 +2717,22 @@ def __init__(__self__, *, username_template: Optional[str] = None, verify_connection: Optional[bool] = None): """ - :param Sequence[str] hosts: A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. - :param str password: The password to be used in the connection. - :param str username: The username to be used in the connection (the account admin level). + :param Sequence[str] hosts: The hosts to connect to. + :param str password: The root credential password used in the connection URL. + :param str username: The root credential username used in the connection URL. :param Sequence[str] allowed_roles: A list of roles that are allowed to use this connection. :param str base64_pem: Required if `tls` is `true`. Specifies the certificate authority of the Couchbase server, as a PEM certificate that has been base64 encoded. :param str bucket_name: Required for Couchbase versions prior to 6.5.0. This is only used to verify vault's connection to the server. :param Mapping[str, Any] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: :param bool insecure_tls: Whether to skip verification of the server certificate when using TLS. :param str plugin_name: Specifies the name of the plugin to use. :param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials. - :param bool tls: Whether to use TLS when connecting to Redis. - :param str username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + :param bool tls: Whether to use TLS when connecting to Cassandra. + :param str username_template: [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. :param bool verify_connection: Whether the connection should be verified on initial configuration or not. """ @@ -2737,7 +2765,7 @@ def __init__(__self__, *, @pulumi.getter def hosts(self) -> Sequence[str]: """ - A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`. + The hosts to connect to. """ return pulumi.get(self, "hosts") @@ -2750,7 +2778,7 @@ def name(self) -> str: @pulumi.getter def password(self) -> str: """ - The password to be used in the connection. + The root credential password used in the connection URL. """ return pulumi.get(self, "password") @@ -2758,7 +2786,7 @@ def password(self) -> str: @pulumi.getter def username(self) -> str: """ - The username to be used in the connection (the account admin level). + The root credential username used in the connection URL. """ return pulumi.get(self, "username") @@ -2792,6 +2820,8 @@ def bucket_name(self) -> Optional[str]: def data(self) -> Optional[Mapping[str, Any]]: """ A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: """ return pulumi.get(self, "data") @@ -2824,7 +2854,7 @@ def root_rotation_statements(self) -> Optional[Sequence[str]]: @pulumi.getter def tls(self) -> Optional[bool]: """ - Whether to use TLS when connecting to Redis. + Whether to use TLS when connecting to Cassandra. """ return pulumi.get(self, "tls") @@ -2832,7 +2862,7 @@ def tls(self) -> Optional[bool]: @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[str]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -2901,21 +2931,24 @@ def __init__(__self__, *, username_template: Optional[str] = None, verify_connection: Optional[bool] = None): """ - :param str password: The password to be used in the connection. - :param str url: The configuration endpoint for the ElastiCache cluster to connect to. - :param str username: The username to be used in the connection (the account admin level). + :param str password: The root credential password used in the connection URL. + :param str url: The URL for Elasticsearch's API. https requires certificate + by trusted CA if used. + :param str username: The root credential username used in the connection URL. :param Sequence[str] allowed_roles: A list of roles that are allowed to use this connection. - :param str ca_cert: The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity. + :param str ca_cert: The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. :param str ca_path: The path to a directory of PEM-encoded CA cert files to use to verify the Elasticsearch server's identity. :param str client_cert: The path to the certificate for the Elasticsearch client to present for communication. :param str client_key: The path to the key for the Elasticsearch client to use for communication. :param Mapping[str, Any] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: :param bool insecure: Whether to disable certificate verification. :param str plugin_name: Specifies the name of the plugin to use. :param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials. :param str tls_server_name: This, if set, is used to set the SNI host when connecting via TLS. - :param str username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + :param str username_template: [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. :param bool verify_connection: Whether the connection should be verified on initial configuration or not. """ @@ -2957,7 +2990,7 @@ def name(self) -> str: @pulumi.getter def password(self) -> str: """ - The password to be used in the connection. + The root credential password used in the connection URL. """ return pulumi.get(self, "password") @@ -2965,7 +2998,8 @@ def password(self) -> str: @pulumi.getter def url(self) -> str: """ - The configuration endpoint for the ElastiCache cluster to connect to. + The URL for Elasticsearch's API. https requires certificate + by trusted CA if used. """ return pulumi.get(self, "url") @@ -2973,7 +3007,7 @@ def url(self) -> str: @pulumi.getter def username(self) -> str: """ - The username to be used in the connection (the account admin level). + The root credential username used in the connection URL. """ return pulumi.get(self, "username") @@ -2990,7 +3024,7 @@ def allowed_roles(self) -> Optional[Sequence[str]]: @pulumi.getter(name="caCert") def ca_cert(self) -> Optional[str]: """ - The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity. + The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. """ return pulumi.get(self, "ca_cert") @@ -3023,6 +3057,8 @@ def client_key(self) -> Optional[str]: def data(self) -> Optional[Mapping[str, Any]]: """ A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: """ return pulumi.get(self, "data") @@ -3062,7 +3098,7 @@ def tls_server_name(self) -> Optional[str]: @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[str]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -3128,20 +3164,21 @@ def __init__(__self__, *, """ :param Sequence[str] allowed_roles: A list of roles that are allowed to use this connection. - :param str connection_url: A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + :param str connection_url: Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) :param Mapping[str, Any] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: :param bool disable_escaping: Disable special character escaping in username and password. - :param int max_connection_lifetime: The maximum number of seconds to keep - a connection alive for. + :param int max_connection_lifetime: The maximum amount of time a connection may be reused. :param int max_idle_connections: The maximum number of idle connections to - maintain. + the database. :param int max_open_connections: The maximum number of open connections to - use. - :param str password: The password to be used in the connection. + the database. + :param str password: The root credential password used in the connection URL. :param str plugin_name: Specifies the name of the plugin to use. :param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials. - :param str username: The username to be used in the connection (the account admin level). + :param str username: The root credential username used in the connection URL. :param bool verify_connection: Whether the connection should be verified on initial configuration or not. """ @@ -3189,8 +3226,8 @@ def allowed_roles(self) -> Optional[Sequence[str]]: @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[str]: """ - A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) """ return pulumi.get(self, "connection_url") @@ -3199,6 +3236,8 @@ def connection_url(self) -> Optional[str]: def data(self) -> Optional[Mapping[str, Any]]: """ A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: """ return pulumi.get(self, "data") @@ -3214,8 +3253,7 @@ def disable_escaping(self) -> Optional[bool]: @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[int]: """ - The maximum number of seconds to keep - a connection alive for. + The maximum amount of time a connection may be reused. """ return pulumi.get(self, "max_connection_lifetime") @@ -3224,7 +3262,7 @@ def max_connection_lifetime(self) -> Optional[int]: def max_idle_connections(self) -> Optional[int]: """ The maximum number of idle connections to - maintain. + the database. """ return pulumi.get(self, "max_idle_connections") @@ -3233,7 +3271,7 @@ def max_idle_connections(self) -> Optional[int]: def max_open_connections(self) -> Optional[int]: """ The maximum number of open connections to - use. + the database. """ return pulumi.get(self, "max_open_connections") @@ -3241,7 +3279,7 @@ def max_open_connections(self) -> Optional[int]: @pulumi.getter def password(self) -> Optional[str]: """ - The password to be used in the connection. + The root credential password used in the connection URL. """ return pulumi.get(self, "password") @@ -3265,7 +3303,7 @@ def root_rotation_statements(self) -> Optional[Sequence[str]]: @pulumi.getter def username(self) -> Optional[str]: """ - The username to be used in the connection (the account admin level). + The root credential username used in the connection URL. """ return pulumi.get(self, "username") @@ -3333,13 +3371,15 @@ def __init__(__self__, *, verify_connection: Optional[bool] = None): """ :param str host: The host to connect to. - :param str password: The password to be used in the connection. - :param str username: The username to be used in the connection (the account admin level). + :param str password: The root credential password used in the connection URL. + :param str username: The root credential username used in the connection URL. :param Sequence[str] allowed_roles: A list of roles that are allowed to use this connection. :param int connect_timeout: The number of seconds to use as a connection timeout. :param Mapping[str, Any] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: :param bool insecure_tls: Whether to skip verification of the server certificate when using TLS. :param str pem_bundle: Concatenated PEM blocks configuring the certificate @@ -3349,8 +3389,8 @@ def __init__(__self__, *, :param int port: The default port to connect to if no port is specified as part of the host. :param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials. - :param bool tls: Whether to use TLS when connecting to Redis. - :param str username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + :param bool tls: Whether to use TLS when connecting to Cassandra. + :param str username_template: [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. :param bool verify_connection: Whether the connection should be verified on initial configuration or not. """ @@ -3400,7 +3440,7 @@ def name(self) -> str: @pulumi.getter def password(self) -> str: """ - The password to be used in the connection. + The root credential password used in the connection URL. """ return pulumi.get(self, "password") @@ -3408,7 +3448,7 @@ def password(self) -> str: @pulumi.getter def username(self) -> str: """ - The username to be used in the connection (the account admin level). + The root credential username used in the connection URL. """ return pulumi.get(self, "username") @@ -3435,6 +3475,8 @@ def connect_timeout(self) -> Optional[int]: def data(self) -> Optional[Mapping[str, Any]]: """ A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: """ return pulumi.get(self, "data") @@ -3493,7 +3535,7 @@ def root_rotation_statements(self) -> Optional[Sequence[str]]: @pulumi.getter def tls(self) -> Optional[bool]: """ - Whether to use TLS when connecting to Redis. + Whether to use TLS when connecting to Cassandra. """ return pulumi.get(self, "tls") @@ -3501,7 +3543,7 @@ def tls(self) -> Optional[bool]: @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[str]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -3567,20 +3609,21 @@ def __init__(__self__, *, """ :param Sequence[str] allowed_roles: A list of roles that are allowed to use this connection. - :param str connection_url: A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + :param str connection_url: Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) :param Mapping[str, Any] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings. - :param int max_connection_lifetime: The maximum number of seconds to keep - a connection alive for. + + Supported list of database secrets engines that can be configured: + :param int max_connection_lifetime: The maximum amount of time a connection may be reused. :param int max_idle_connections: The maximum number of idle connections to - maintain. + the database. :param int max_open_connections: The maximum number of open connections to - use. - :param str password: The password to be used in the connection. + the database. + :param str password: The root credential password used in the connection URL. :param str plugin_name: Specifies the name of the plugin to use. :param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials. - :param str username: The username to be used in the connection (the account admin level). - :param str username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + :param str username: The root credential username used in the connection URL. + :param str username_template: [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. :param bool verify_connection: Whether the connection should be verified on initial configuration or not. """ @@ -3628,8 +3671,8 @@ def allowed_roles(self) -> Optional[Sequence[str]]: @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[str]: """ - A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) """ return pulumi.get(self, "connection_url") @@ -3638,6 +3681,8 @@ def connection_url(self) -> Optional[str]: def data(self) -> Optional[Mapping[str, Any]]: """ A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: """ return pulumi.get(self, "data") @@ -3645,8 +3690,7 @@ def data(self) -> Optional[Mapping[str, Any]]: @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[int]: """ - The maximum number of seconds to keep - a connection alive for. + The maximum amount of time a connection may be reused. """ return pulumi.get(self, "max_connection_lifetime") @@ -3655,7 +3699,7 @@ def max_connection_lifetime(self) -> Optional[int]: def max_idle_connections(self) -> Optional[int]: """ The maximum number of idle connections to - maintain. + the database. """ return pulumi.get(self, "max_idle_connections") @@ -3664,7 +3708,7 @@ def max_idle_connections(self) -> Optional[int]: def max_open_connections(self) -> Optional[int]: """ The maximum number of open connections to - use. + the database. """ return pulumi.get(self, "max_open_connections") @@ -3672,7 +3716,7 @@ def max_open_connections(self) -> Optional[int]: @pulumi.getter def password(self) -> Optional[str]: """ - The password to be used in the connection. + The root credential password used in the connection URL. """ return pulumi.get(self, "password") @@ -3696,7 +3740,7 @@ def root_rotation_statements(self) -> Optional[Sequence[str]]: @pulumi.getter def username(self) -> Optional[str]: """ - The username to be used in the connection (the account admin level). + The root credential username used in the connection URL. """ return pulumi.get(self, "username") @@ -3704,7 +3748,7 @@ def username(self) -> Optional[str]: @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[str]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -3766,6 +3810,8 @@ def __init__(__self__, *, :param Sequence[str] allowed_roles: A list of roles that are allowed to use this connection. :param Mapping[str, Any] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: :param str plugin_name: Specifies the name of the plugin to use. :param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials. :param bool verify_connection: Whether the connection should be verified on @@ -3829,6 +3875,8 @@ def allowed_roles(self) -> Optional[Sequence[str]]: def data(self) -> Optional[Mapping[str, Any]]: """ A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: """ return pulumi.get(self, "data") @@ -3916,24 +3964,25 @@ def __init__(__self__, *, """ :param Sequence[str] allowed_roles: A list of roles that are allowed to use this connection. - :param str connection_url: A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + :param str connection_url: Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) :param bool contained_db: For Vault v1.9+. Set to true when the target is a Contained Database, e.g. AzureSQL. See [Vault docs](https://www.vaultproject.io/api/secret/databases/mssql#contained_db) :param Mapping[str, Any] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: :param bool disable_escaping: Disable special character escaping in username and password. - :param int max_connection_lifetime: The maximum number of seconds to keep - a connection alive for. + :param int max_connection_lifetime: The maximum amount of time a connection may be reused. :param int max_idle_connections: The maximum number of idle connections to - maintain. + the database. :param int max_open_connections: The maximum number of open connections to - use. - :param str password: The password to be used in the connection. + the database. + :param str password: The root credential password used in the connection URL. :param str plugin_name: Specifies the name of the plugin to use. :param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials. - :param str username: The username to be used in the connection (the account admin level). - :param str username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + :param str username: The root credential username used in the connection URL. + :param str username_template: [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. :param bool verify_connection: Whether the connection should be verified on initial configuration or not. """ @@ -3985,8 +4034,8 @@ def allowed_roles(self) -> Optional[Sequence[str]]: @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[str]: """ - A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) """ return pulumi.get(self, "connection_url") @@ -4005,6 +4054,8 @@ def contained_db(self) -> Optional[bool]: def data(self) -> Optional[Mapping[str, Any]]: """ A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: """ return pulumi.get(self, "data") @@ -4020,8 +4071,7 @@ def disable_escaping(self) -> Optional[bool]: @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[int]: """ - The maximum number of seconds to keep - a connection alive for. + The maximum amount of time a connection may be reused. """ return pulumi.get(self, "max_connection_lifetime") @@ -4030,7 +4080,7 @@ def max_connection_lifetime(self) -> Optional[int]: def max_idle_connections(self) -> Optional[int]: """ The maximum number of idle connections to - maintain. + the database. """ return pulumi.get(self, "max_idle_connections") @@ -4039,7 +4089,7 @@ def max_idle_connections(self) -> Optional[int]: def max_open_connections(self) -> Optional[int]: """ The maximum number of open connections to - use. + the database. """ return pulumi.get(self, "max_open_connections") @@ -4047,7 +4097,7 @@ def max_open_connections(self) -> Optional[int]: @pulumi.getter def password(self) -> Optional[str]: """ - The password to be used in the connection. + The root credential password used in the connection URL. """ return pulumi.get(self, "password") @@ -4071,7 +4121,7 @@ def root_rotation_statements(self) -> Optional[Sequence[str]]: @pulumi.getter def username(self) -> Optional[str]: """ - The username to be used in the connection (the account admin level). + The root credential username used in the connection URL. """ return pulumi.get(self, "username") @@ -4079,7 +4129,7 @@ def username(self) -> Optional[str]: @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[str]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -4157,22 +4207,23 @@ def __init__(__self__, *, """ :param Sequence[str] allowed_roles: A list of roles that are allowed to use this connection. - :param str connection_url: A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + :param str connection_url: Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) :param Mapping[str, Any] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings. - :param int max_connection_lifetime: The maximum number of seconds to keep - a connection alive for. + + Supported list of database secrets engines that can be configured: + :param int max_connection_lifetime: The maximum amount of time a connection may be reused. :param int max_idle_connections: The maximum number of idle connections to - maintain. + the database. :param int max_open_connections: The maximum number of open connections to - use. - :param str password: The password to be used in the connection. + the database. + :param str password: The root credential password used in the connection URL. :param str plugin_name: Specifies the name of the plugin to use. :param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials. :param str tls_ca: x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded. :param str tls_certificate_key: x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined. - :param str username: The username to be used in the connection (the account admin level). - :param str username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + :param str username: The root credential username used in the connection URL. + :param str username_template: [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. :param bool verify_connection: Whether the connection should be verified on initial configuration or not. """ @@ -4233,8 +4284,8 @@ def auth_type(self) -> Optional[str]: @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[str]: """ - A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) """ return pulumi.get(self, "connection_url") @@ -4243,6 +4294,8 @@ def connection_url(self) -> Optional[str]: def data(self) -> Optional[Mapping[str, Any]]: """ A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: """ return pulumi.get(self, "data") @@ -4250,8 +4303,7 @@ def data(self) -> Optional[Mapping[str, Any]]: @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[int]: """ - The maximum number of seconds to keep - a connection alive for. + The maximum amount of time a connection may be reused. """ return pulumi.get(self, "max_connection_lifetime") @@ -4260,7 +4312,7 @@ def max_connection_lifetime(self) -> Optional[int]: def max_idle_connections(self) -> Optional[int]: """ The maximum number of idle connections to - maintain. + the database. """ return pulumi.get(self, "max_idle_connections") @@ -4269,7 +4321,7 @@ def max_idle_connections(self) -> Optional[int]: def max_open_connections(self) -> Optional[int]: """ The maximum number of open connections to - use. + the database. """ return pulumi.get(self, "max_open_connections") @@ -4277,7 +4329,7 @@ def max_open_connections(self) -> Optional[int]: @pulumi.getter def password(self) -> Optional[str]: """ - The password to be used in the connection. + The root credential password used in the connection URL. """ return pulumi.get(self, "password") @@ -4322,7 +4374,7 @@ def tls_certificate_key(self) -> Optional[str]: @pulumi.getter def username(self) -> Optional[str]: """ - The username to be used in the connection (the account admin level). + The root credential username used in the connection URL. """ return pulumi.get(self, "username") @@ -4330,7 +4382,7 @@ def username(self) -> Optional[str]: @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[str]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -4396,20 +4448,21 @@ def __init__(__self__, *, """ :param Sequence[str] allowed_roles: A list of roles that are allowed to use this connection. - :param str connection_url: A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + :param str connection_url: Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) :param Mapping[str, Any] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings. - :param int max_connection_lifetime: The maximum number of seconds to keep - a connection alive for. + + Supported list of database secrets engines that can be configured: + :param int max_connection_lifetime: The maximum amount of time a connection may be reused. :param int max_idle_connections: The maximum number of idle connections to - maintain. + the database. :param int max_open_connections: The maximum number of open connections to - use. - :param str password: The password to be used in the connection. + the database. + :param str password: The root credential password used in the connection URL. :param str plugin_name: Specifies the name of the plugin to use. :param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials. - :param str username: The username to be used in the connection (the account admin level). - :param str username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + :param str username: The root credential username used in the connection URL. + :param str username_template: [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. :param bool verify_connection: Whether the connection should be verified on initial configuration or not. """ @@ -4457,8 +4510,8 @@ def allowed_roles(self) -> Optional[Sequence[str]]: @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[str]: """ - A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) """ return pulumi.get(self, "connection_url") @@ -4467,6 +4520,8 @@ def connection_url(self) -> Optional[str]: def data(self) -> Optional[Mapping[str, Any]]: """ A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: """ return pulumi.get(self, "data") @@ -4474,8 +4529,7 @@ def data(self) -> Optional[Mapping[str, Any]]: @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[int]: """ - The maximum number of seconds to keep - a connection alive for. + The maximum amount of time a connection may be reused. """ return pulumi.get(self, "max_connection_lifetime") @@ -4484,7 +4538,7 @@ def max_connection_lifetime(self) -> Optional[int]: def max_idle_connections(self) -> Optional[int]: """ The maximum number of idle connections to - maintain. + the database. """ return pulumi.get(self, "max_idle_connections") @@ -4493,7 +4547,7 @@ def max_idle_connections(self) -> Optional[int]: def max_open_connections(self) -> Optional[int]: """ The maximum number of open connections to - use. + the database. """ return pulumi.get(self, "max_open_connections") @@ -4501,7 +4555,7 @@ def max_open_connections(self) -> Optional[int]: @pulumi.getter def password(self) -> Optional[str]: """ - The password to be used in the connection. + The root credential password used in the connection URL. """ return pulumi.get(self, "password") @@ -4525,7 +4579,7 @@ def root_rotation_statements(self) -> Optional[Sequence[str]]: @pulumi.getter def username(self) -> Optional[str]: """ - The username to be used in the connection (the account admin level). + The root credential username used in the connection URL. """ return pulumi.get(self, "username") @@ -4533,7 +4587,7 @@ def username(self) -> Optional[str]: @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[str]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -4599,20 +4653,21 @@ def __init__(__self__, *, """ :param Sequence[str] allowed_roles: A list of roles that are allowed to use this connection. - :param str connection_url: A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + :param str connection_url: Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) :param Mapping[str, Any] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings. - :param int max_connection_lifetime: The maximum number of seconds to keep - a connection alive for. + + Supported list of database secrets engines that can be configured: + :param int max_connection_lifetime: The maximum amount of time a connection may be reused. :param int max_idle_connections: The maximum number of idle connections to - maintain. + the database. :param int max_open_connections: The maximum number of open connections to - use. - :param str password: The password to be used in the connection. + the database. + :param str password: The root credential password used in the connection URL. :param str plugin_name: Specifies the name of the plugin to use. :param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials. - :param str username: The username to be used in the connection (the account admin level). - :param str username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + :param str username: The root credential username used in the connection URL. + :param str username_template: [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. :param bool verify_connection: Whether the connection should be verified on initial configuration or not. """ @@ -4660,8 +4715,8 @@ def allowed_roles(self) -> Optional[Sequence[str]]: @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[str]: """ - A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) """ return pulumi.get(self, "connection_url") @@ -4670,6 +4725,8 @@ def connection_url(self) -> Optional[str]: def data(self) -> Optional[Mapping[str, Any]]: """ A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: """ return pulumi.get(self, "data") @@ -4677,8 +4734,7 @@ def data(self) -> Optional[Mapping[str, Any]]: @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[int]: """ - The maximum number of seconds to keep - a connection alive for. + The maximum amount of time a connection may be reused. """ return pulumi.get(self, "max_connection_lifetime") @@ -4687,7 +4743,7 @@ def max_connection_lifetime(self) -> Optional[int]: def max_idle_connections(self) -> Optional[int]: """ The maximum number of idle connections to - maintain. + the database. """ return pulumi.get(self, "max_idle_connections") @@ -4696,7 +4752,7 @@ def max_idle_connections(self) -> Optional[int]: def max_open_connections(self) -> Optional[int]: """ The maximum number of open connections to - use. + the database. """ return pulumi.get(self, "max_open_connections") @@ -4704,7 +4760,7 @@ def max_open_connections(self) -> Optional[int]: @pulumi.getter def password(self) -> Optional[str]: """ - The password to be used in the connection. + The root credential password used in the connection URL. """ return pulumi.get(self, "password") @@ -4728,7 +4784,7 @@ def root_rotation_statements(self) -> Optional[Sequence[str]]: @pulumi.getter def username(self) -> Optional[str]: """ - The username to be used in the connection (the account admin level). + The root credential username used in the connection URL. """ return pulumi.get(self, "username") @@ -4736,7 +4792,7 @@ def username(self) -> Optional[str]: @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[str]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -4802,20 +4858,21 @@ def __init__(__self__, *, """ :param Sequence[str] allowed_roles: A list of roles that are allowed to use this connection. - :param str connection_url: A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + :param str connection_url: Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) :param Mapping[str, Any] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings. - :param int max_connection_lifetime: The maximum number of seconds to keep - a connection alive for. + + Supported list of database secrets engines that can be configured: + :param int max_connection_lifetime: The maximum amount of time a connection may be reused. :param int max_idle_connections: The maximum number of idle connections to - maintain. + the database. :param int max_open_connections: The maximum number of open connections to - use. - :param str password: The password to be used in the connection. + the database. + :param str password: The root credential password used in the connection URL. :param str plugin_name: Specifies the name of the plugin to use. :param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials. - :param str username: The username to be used in the connection (the account admin level). - :param str username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + :param str username: The root credential username used in the connection URL. + :param str username_template: [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. :param bool verify_connection: Whether the connection should be verified on initial configuration or not. """ @@ -4863,8 +4920,8 @@ def allowed_roles(self) -> Optional[Sequence[str]]: @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[str]: """ - A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) """ return pulumi.get(self, "connection_url") @@ -4873,6 +4930,8 @@ def connection_url(self) -> Optional[str]: def data(self) -> Optional[Mapping[str, Any]]: """ A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: """ return pulumi.get(self, "data") @@ -4880,8 +4939,7 @@ def data(self) -> Optional[Mapping[str, Any]]: @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[int]: """ - The maximum number of seconds to keep - a connection alive for. + The maximum amount of time a connection may be reused. """ return pulumi.get(self, "max_connection_lifetime") @@ -4890,7 +4948,7 @@ def max_connection_lifetime(self) -> Optional[int]: def max_idle_connections(self) -> Optional[int]: """ The maximum number of idle connections to - maintain. + the database. """ return pulumi.get(self, "max_idle_connections") @@ -4899,7 +4957,7 @@ def max_idle_connections(self) -> Optional[int]: def max_open_connections(self) -> Optional[int]: """ The maximum number of open connections to - use. + the database. """ return pulumi.get(self, "max_open_connections") @@ -4907,7 +4965,7 @@ def max_open_connections(self) -> Optional[int]: @pulumi.getter def password(self) -> Optional[str]: """ - The password to be used in the connection. + The root credential password used in the connection URL. """ return pulumi.get(self, "password") @@ -4931,7 +4989,7 @@ def root_rotation_statements(self) -> Optional[Sequence[str]]: @pulumi.getter def username(self) -> Optional[str]: """ - The username to be used in the connection (the account admin level). + The root credential username used in the connection URL. """ return pulumi.get(self, "username") @@ -4939,7 +4997,7 @@ def username(self) -> Optional[str]: @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[str]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -5005,20 +5063,21 @@ def __init__(__self__, *, """ :param Sequence[str] allowed_roles: A list of roles that are allowed to use this connection. - :param str connection_url: A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + :param str connection_url: Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) :param Mapping[str, Any] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings. - :param int max_connection_lifetime: The maximum number of seconds to keep - a connection alive for. + + Supported list of database secrets engines that can be configured: + :param int max_connection_lifetime: The maximum amount of time a connection may be reused. :param int max_idle_connections: The maximum number of idle connections to - maintain. + the database. :param int max_open_connections: The maximum number of open connections to - use. - :param str password: The password to be used in the connection. + the database. + :param str password: The root credential password used in the connection URL. :param str plugin_name: Specifies the name of the plugin to use. :param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials. - :param str username: The username to be used in the connection (the account admin level). - :param str username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + :param str username: The root credential username used in the connection URL. + :param str username_template: [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. :param bool verify_connection: Whether the connection should be verified on initial configuration or not. """ @@ -5066,8 +5125,8 @@ def allowed_roles(self) -> Optional[Sequence[str]]: @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[str]: """ - A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) """ return pulumi.get(self, "connection_url") @@ -5076,6 +5135,8 @@ def connection_url(self) -> Optional[str]: def data(self) -> Optional[Mapping[str, Any]]: """ A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: """ return pulumi.get(self, "data") @@ -5083,8 +5144,7 @@ def data(self) -> Optional[Mapping[str, Any]]: @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[int]: """ - The maximum number of seconds to keep - a connection alive for. + The maximum amount of time a connection may be reused. """ return pulumi.get(self, "max_connection_lifetime") @@ -5093,7 +5153,7 @@ def max_connection_lifetime(self) -> Optional[int]: def max_idle_connections(self) -> Optional[int]: """ The maximum number of idle connections to - maintain. + the database. """ return pulumi.get(self, "max_idle_connections") @@ -5102,7 +5162,7 @@ def max_idle_connections(self) -> Optional[int]: def max_open_connections(self) -> Optional[int]: """ The maximum number of open connections to - use. + the database. """ return pulumi.get(self, "max_open_connections") @@ -5110,7 +5170,7 @@ def max_open_connections(self) -> Optional[int]: @pulumi.getter def password(self) -> Optional[str]: """ - The password to be used in the connection. + The root credential password used in the connection URL. """ return pulumi.get(self, "password") @@ -5134,7 +5194,7 @@ def root_rotation_statements(self) -> Optional[Sequence[str]]: @pulumi.getter def username(self) -> Optional[str]: """ - The username to be used in the connection (the account admin level). + The root credential username used in the connection URL. """ return pulumi.get(self, "username") @@ -5142,7 +5202,7 @@ def username(self) -> Optional[str]: @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[str]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -5217,21 +5277,22 @@ def __init__(__self__, *, """ :param Sequence[str] allowed_roles: A list of roles that are allowed to use this connection. - :param str connection_url: A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + :param str connection_url: Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) :param Mapping[str, Any] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: :param bool disable_escaping: Disable special character escaping in username and password. - :param int max_connection_lifetime: The maximum number of seconds to keep - a connection alive for. + :param int max_connection_lifetime: The maximum amount of time a connection may be reused. :param int max_idle_connections: The maximum number of idle connections to - maintain. + the database. :param int max_open_connections: The maximum number of open connections to - use. - :param str password: The password to be used in the connection. + the database. + :param str password: The root credential password used in the connection URL. :param str plugin_name: Specifies the name of the plugin to use. :param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials. - :param str username: The username to be used in the connection (the account admin level). - :param str username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + :param str username: The root credential username used in the connection URL. + :param str username_template: [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. :param bool verify_connection: Whether the connection should be verified on initial configuration or not. """ @@ -5290,8 +5351,8 @@ def auth_type(self) -> Optional[str]: @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[str]: """ - A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) """ return pulumi.get(self, "connection_url") @@ -5300,6 +5361,8 @@ def connection_url(self) -> Optional[str]: def data(self) -> Optional[Mapping[str, Any]]: """ A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: """ return pulumi.get(self, "data") @@ -5315,8 +5378,7 @@ def disable_escaping(self) -> Optional[bool]: @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[int]: """ - The maximum number of seconds to keep - a connection alive for. + The maximum amount of time a connection may be reused. """ return pulumi.get(self, "max_connection_lifetime") @@ -5325,7 +5387,7 @@ def max_connection_lifetime(self) -> Optional[int]: def max_idle_connections(self) -> Optional[int]: """ The maximum number of idle connections to - maintain. + the database. """ return pulumi.get(self, "max_idle_connections") @@ -5334,7 +5396,7 @@ def max_idle_connections(self) -> Optional[int]: def max_open_connections(self) -> Optional[int]: """ The maximum number of open connections to - use. + the database. """ return pulumi.get(self, "max_open_connections") @@ -5342,7 +5404,7 @@ def max_open_connections(self) -> Optional[int]: @pulumi.getter def password(self) -> Optional[str]: """ - The password to be used in the connection. + The root credential password used in the connection URL. """ return pulumi.get(self, "password") @@ -5371,7 +5433,7 @@ def service_account_json(self) -> Optional[str]: @pulumi.getter def username(self) -> Optional[str]: """ - The username to be used in the connection (the account admin level). + The root credential username used in the connection URL. """ return pulumi.get(self, "username") @@ -5379,7 +5441,7 @@ def username(self) -> Optional[str]: @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[str]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -5438,19 +5500,21 @@ def __init__(__self__, *, verify_connection: Optional[bool] = None): """ :param str host: The host to connect to. - :param str password: The password to be used in the connection. - :param str username: The username to be used in the connection (the account admin level). + :param str password: The root credential password used in the connection URL. + :param str username: The root credential username used in the connection URL. :param Sequence[str] allowed_roles: A list of roles that are allowed to use this connection. - :param str ca_cert: The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity. + :param str ca_cert: The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. :param Mapping[str, Any] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: :param bool insecure_tls: Whether to skip verification of the server certificate when using TLS. :param str plugin_name: Specifies the name of the plugin to use. :param int port: The default port to connect to if no port is specified as part of the host. :param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials. - :param bool tls: Whether to use TLS when connecting to Redis. + :param bool tls: Whether to use TLS when connecting to Cassandra. :param bool verify_connection: Whether the connection should be verified on initial configuration or not. """ @@ -5494,7 +5558,7 @@ def name(self) -> str: @pulumi.getter def password(self) -> str: """ - The password to be used in the connection. + The root credential password used in the connection URL. """ return pulumi.get(self, "password") @@ -5502,7 +5566,7 @@ def password(self) -> str: @pulumi.getter def username(self) -> str: """ - The username to be used in the connection (the account admin level). + The root credential username used in the connection URL. """ return pulumi.get(self, "username") @@ -5519,7 +5583,7 @@ def allowed_roles(self) -> Optional[Sequence[str]]: @pulumi.getter(name="caCert") def ca_cert(self) -> Optional[str]: """ - The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity. + The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. """ return pulumi.get(self, "ca_cert") @@ -5528,6 +5592,8 @@ def ca_cert(self) -> Optional[str]: def data(self) -> Optional[Mapping[str, Any]]: """ A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: """ return pulumi.get(self, "data") @@ -5569,7 +5635,7 @@ def root_rotation_statements(self) -> Optional[Sequence[str]]: @pulumi.getter def tls(self) -> Optional[bool]: """ - Whether to use TLS when connecting to Redis. + Whether to use TLS when connecting to Cassandra. """ return pulumi.get(self, "tls") @@ -5620,16 +5686,19 @@ def __init__(__self__, *, username: Optional[str] = None, verify_connection: Optional[bool] = None): """ - :param str url: The configuration endpoint for the ElastiCache cluster to connect to. + :param str url: The URL for Elasticsearch's API. https requires certificate + by trusted CA if used. :param Sequence[str] allowed_roles: A list of roles that are allowed to use this connection. :param Mapping[str, Any] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings. - :param str password: The password to be used in the connection. + + Supported list of database secrets engines that can be configured: + :param str password: The root credential password used in the connection URL. :param str plugin_name: Specifies the name of the plugin to use. :param str region: The AWS region where the ElastiCache cluster is hosted. If omitted the plugin tries to infer the region from the environment. :param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials. - :param str username: The username to be used in the connection (the account admin level). + :param str username: The root credential username used in the connection URL. :param bool verify_connection: Whether the connection should be verified on initial configuration or not. """ @@ -5661,7 +5730,8 @@ def name(self) -> str: @pulumi.getter def url(self) -> str: """ - The configuration endpoint for the ElastiCache cluster to connect to. + The URL for Elasticsearch's API. https requires certificate + by trusted CA if used. """ return pulumi.get(self, "url") @@ -5679,6 +5749,8 @@ def allowed_roles(self) -> Optional[Sequence[str]]: def data(self) -> Optional[Mapping[str, Any]]: """ A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: """ return pulumi.get(self, "data") @@ -5686,7 +5758,7 @@ def data(self) -> Optional[Mapping[str, Any]]: @pulumi.getter def password(self) -> Optional[str]: """ - The password to be used in the connection. + The root credential password used in the connection URL. """ return pulumi.get(self, "password") @@ -5719,7 +5791,7 @@ def root_rotation_statements(self) -> Optional[Sequence[str]]: @pulumi.getter def username(self) -> Optional[str]: """ - The username to be used in the connection (the account admin level). + The root credential username used in the connection URL. """ return pulumi.get(self, "username") @@ -5788,21 +5860,22 @@ def __init__(__self__, *, """ :param Sequence[str] allowed_roles: A list of roles that are allowed to use this connection. - :param str connection_url: A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + :param str connection_url: Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) :param Mapping[str, Any] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: :param bool disable_escaping: Disable special character escaping in username and password. - :param int max_connection_lifetime: The maximum number of seconds to keep - a connection alive for. + :param int max_connection_lifetime: The maximum amount of time a connection may be reused. :param int max_idle_connections: The maximum number of idle connections to - maintain. + the database. :param int max_open_connections: The maximum number of open connections to - use. - :param str password: The password to be used in the connection. + the database. + :param str password: The root credential password used in the connection URL. :param str plugin_name: Specifies the name of the plugin to use. :param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials. - :param str username: The username to be used in the connection (the account admin level). - :param str username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + :param str username: The root credential username used in the connection URL. + :param str username_template: [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. :param bool verify_connection: Whether the connection should be verified on initial configuration or not. """ @@ -5852,8 +5925,8 @@ def allowed_roles(self) -> Optional[Sequence[str]]: @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[str]: """ - A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) """ return pulumi.get(self, "connection_url") @@ -5862,6 +5935,8 @@ def connection_url(self) -> Optional[str]: def data(self) -> Optional[Mapping[str, Any]]: """ A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: """ return pulumi.get(self, "data") @@ -5877,8 +5952,7 @@ def disable_escaping(self) -> Optional[bool]: @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[int]: """ - The maximum number of seconds to keep - a connection alive for. + The maximum amount of time a connection may be reused. """ return pulumi.get(self, "max_connection_lifetime") @@ -5887,7 +5961,7 @@ def max_connection_lifetime(self) -> Optional[int]: def max_idle_connections(self) -> Optional[int]: """ The maximum number of idle connections to - maintain. + the database. """ return pulumi.get(self, "max_idle_connections") @@ -5896,7 +5970,7 @@ def max_idle_connections(self) -> Optional[int]: def max_open_connections(self) -> Optional[int]: """ The maximum number of open connections to - use. + the database. """ return pulumi.get(self, "max_open_connections") @@ -5904,7 +5978,7 @@ def max_open_connections(self) -> Optional[int]: @pulumi.getter def password(self) -> Optional[str]: """ - The password to be used in the connection. + The root credential password used in the connection URL. """ return pulumi.get(self, "password") @@ -5928,7 +6002,7 @@ def root_rotation_statements(self) -> Optional[Sequence[str]]: @pulumi.getter def username(self) -> Optional[str]: """ - The username to be used in the connection (the account admin level). + The root credential username used in the connection URL. """ return pulumi.get(self, "username") @@ -5936,7 +6010,7 @@ def username(self) -> Optional[str]: @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[str]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") @@ -6002,20 +6076,21 @@ def __init__(__self__, *, """ :param Sequence[str] allowed_roles: A list of roles that are allowed to use this connection. - :param str connection_url: A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + :param str connection_url: Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) :param Mapping[str, Any] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings. - :param int max_connection_lifetime: The maximum number of seconds to keep - a connection alive for. + + Supported list of database secrets engines that can be configured: + :param int max_connection_lifetime: The maximum amount of time a connection may be reused. :param int max_idle_connections: The maximum number of idle connections to - maintain. + the database. :param int max_open_connections: The maximum number of open connections to - use. - :param str password: The password to be used in the connection. + the database. + :param str password: The root credential password used in the connection URL. :param str plugin_name: Specifies the name of the plugin to use. :param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials. - :param str username: The username to be used in the connection (the account admin level). - :param str username_template: - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + :param str username: The root credential username used in the connection URL. + :param str username_template: [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. :param bool verify_connection: Whether the connection should be verified on initial configuration or not. """ @@ -6063,8 +6138,8 @@ def allowed_roles(self) -> Optional[Sequence[str]]: @pulumi.getter(name="connectionUrl") def connection_url(self) -> Optional[str]: """ - A URL containing connection information. - See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/snowflake#sample-payload) + Specifies the Redshift DSN. + See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload) """ return pulumi.get(self, "connection_url") @@ -6073,6 +6148,8 @@ def connection_url(self) -> Optional[str]: def data(self) -> Optional[Mapping[str, Any]]: """ A map of sensitive data to pass to the endpoint. Useful for templated connection strings. + + Supported list of database secrets engines that can be configured: """ return pulumi.get(self, "data") @@ -6080,8 +6157,7 @@ def data(self) -> Optional[Mapping[str, Any]]: @pulumi.getter(name="maxConnectionLifetime") def max_connection_lifetime(self) -> Optional[int]: """ - The maximum number of seconds to keep - a connection alive for. + The maximum amount of time a connection may be reused. """ return pulumi.get(self, "max_connection_lifetime") @@ -6090,7 +6166,7 @@ def max_connection_lifetime(self) -> Optional[int]: def max_idle_connections(self) -> Optional[int]: """ The maximum number of idle connections to - maintain. + the database. """ return pulumi.get(self, "max_idle_connections") @@ -6099,7 +6175,7 @@ def max_idle_connections(self) -> Optional[int]: def max_open_connections(self) -> Optional[int]: """ The maximum number of open connections to - use. + the database. """ return pulumi.get(self, "max_open_connections") @@ -6107,7 +6183,7 @@ def max_open_connections(self) -> Optional[int]: @pulumi.getter def password(self) -> Optional[str]: """ - The password to be used in the connection. + The root credential password used in the connection URL. """ return pulumi.get(self, "password") @@ -6131,7 +6207,7 @@ def root_rotation_statements(self) -> Optional[Sequence[str]]: @pulumi.getter def username(self) -> Optional[str]: """ - The username to be used in the connection (the account admin level). + The root credential username used in the connection URL. """ return pulumi.get(self, "username") @@ -6139,7 +6215,7 @@ def username(self) -> Optional[str]: @pulumi.getter(name="usernameTemplate") def username_template(self) -> Optional[str]: """ - - [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. + [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated. """ return pulumi.get(self, "username_template") diff --git a/sdk/python/pulumi_vault/database/secret_backend_connection.py b/sdk/python/pulumi_vault/database/secret_backend_connection.py index 9de668cf5..f0b70a643 100644 --- a/sdk/python/pulumi_vault/database/secret_backend_connection.py +++ b/sdk/python/pulumi_vault/database/secret_backend_connection.py @@ -70,6 +70,8 @@ def __init__(__self__, *, :param pulumi.Input['SecretBackendConnectionPostgresqlArgs'] postgresql: A nested block containing configuration options for PostgreSQL connections. :param pulumi.Input['SecretBackendConnectionRedisArgs'] redis: A nested block containing configuration options for Redis connections. :param pulumi.Input['SecretBackendConnectionRedisElasticacheArgs'] redis_elasticache: A nested block containing configuration options for Redis ElastiCache connections. + + Exactly one of the nested blocks of configuration options must be supplied. :param pulumi.Input['SecretBackendConnectionRedshiftArgs'] redshift: Connection parameters for the redshift-database-plugin plugin. :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials. :param pulumi.Input['SecretBackendConnectionSnowflakeArgs'] snowflake: A nested block containing configuration options for Snowflake connections. @@ -389,6 +391,8 @@ def redis(self, value: Optional[pulumi.Input['SecretBackendConnectionRedisArgs'] def redis_elasticache(self) -> Optional[pulumi.Input['SecretBackendConnectionRedisElasticacheArgs']]: """ A nested block containing configuration options for Redis ElastiCache connections. + + Exactly one of the nested blocks of configuration options must be supplied. """ return pulumi.get(self, "redis_elasticache") @@ -503,6 +507,8 @@ def __init__(__self__, *, :param pulumi.Input['SecretBackendConnectionPostgresqlArgs'] postgresql: A nested block containing configuration options for PostgreSQL connections. :param pulumi.Input['SecretBackendConnectionRedisArgs'] redis: A nested block containing configuration options for Redis connections. :param pulumi.Input['SecretBackendConnectionRedisElasticacheArgs'] redis_elasticache: A nested block containing configuration options for Redis ElastiCache connections. + + Exactly one of the nested blocks of configuration options must be supplied. :param pulumi.Input['SecretBackendConnectionRedshiftArgs'] redshift: Connection parameters for the redshift-database-plugin plugin. :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials. :param pulumi.Input['SecretBackendConnectionSnowflakeArgs'] snowflake: A nested block containing configuration options for Snowflake connections. @@ -823,6 +829,8 @@ def redis(self, value: Optional[pulumi.Input['SecretBackendConnectionRedisArgs'] def redis_elasticache(self) -> Optional[pulumi.Input['SecretBackendConnectionRedisElasticacheArgs']]: """ A nested block containing configuration options for Redis ElastiCache connections. + + Exactly one of the nested blocks of configuration options must be supplied. """ return pulumi.get(self, "redis_elasticache") @@ -969,6 +977,8 @@ def __init__(__self__, :param pulumi.Input[pulumi.InputType['SecretBackendConnectionPostgresqlArgs']] postgresql: A nested block containing configuration options for PostgreSQL connections. :param pulumi.Input[pulumi.InputType['SecretBackendConnectionRedisArgs']] redis: A nested block containing configuration options for Redis connections. :param pulumi.Input[pulumi.InputType['SecretBackendConnectionRedisElasticacheArgs']] redis_elasticache: A nested block containing configuration options for Redis ElastiCache connections. + + Exactly one of the nested blocks of configuration options must be supplied. :param pulumi.Input[pulumi.InputType['SecretBackendConnectionRedshiftArgs']] redshift: Connection parameters for the redshift-database-plugin plugin. :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials. :param pulumi.Input[pulumi.InputType['SecretBackendConnectionSnowflakeArgs']] snowflake: A nested block containing configuration options for Snowflake connections. @@ -1157,6 +1167,8 @@ def get(resource_name: str, :param pulumi.Input[pulumi.InputType['SecretBackendConnectionPostgresqlArgs']] postgresql: A nested block containing configuration options for PostgreSQL connections. :param pulumi.Input[pulumi.InputType['SecretBackendConnectionRedisArgs']] redis: A nested block containing configuration options for Redis connections. :param pulumi.Input[pulumi.InputType['SecretBackendConnectionRedisElasticacheArgs']] redis_elasticache: A nested block containing configuration options for Redis ElastiCache connections. + + Exactly one of the nested blocks of configuration options must be supplied. :param pulumi.Input[pulumi.InputType['SecretBackendConnectionRedshiftArgs']] redshift: Connection parameters for the redshift-database-plugin plugin. :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials. :param pulumi.Input[pulumi.InputType['SecretBackendConnectionSnowflakeArgs']] snowflake: A nested block containing configuration options for Snowflake connections. @@ -1372,6 +1384,8 @@ def redis(self) -> pulumi.Output[Optional['outputs.SecretBackendConnectionRedis' def redis_elasticache(self) -> pulumi.Output[Optional['outputs.SecretBackendConnectionRedisElasticache']]: """ A nested block containing configuration options for Redis ElastiCache connections. + + Exactly one of the nested blocks of configuration options must be supplied. """ return pulumi.get(self, "redis_elasticache") diff --git a/sdk/python/pulumi_vault/database/secret_backend_role.py b/sdk/python/pulumi_vault/database/secret_backend_role.py index e7305fe0a..db8555a46 100644 --- a/sdk/python/pulumi_vault/database/secret_backend_role.py +++ b/sdk/python/pulumi_vault/database/secret_backend_role.py @@ -35,6 +35,8 @@ def __init__(__self__, *, the role. :param pulumi.Input[Mapping[str, Any]] credential_config: Specifies the configuration for the given `credential_type`. + + The following options are available for each `credential_type` value: :param pulumi.Input[str] credential_type: Specifies the type of credential that will be generated for the role. Options include: `password`, `rsa_private_key`, `client_certificate`. See the plugin's API page for credential types supported by individual databases. @@ -120,6 +122,8 @@ def credential_config(self) -> Optional[pulumi.Input[Mapping[str, Any]]]: """ Specifies the configuration for the given `credential_type`. + + The following options are available for each `credential_type` value: """ return pulumi.get(self, "credential_config") @@ -256,6 +260,8 @@ def __init__(__self__, *, creating a user. :param pulumi.Input[Mapping[str, Any]] credential_config: Specifies the configuration for the given `credential_type`. + + The following options are available for each `credential_type` value: :param pulumi.Input[str] credential_type: Specifies the type of credential that will be generated for the role. Options include: `password`, `rsa_private_key`, `client_certificate`. See the plugin's API page for credential types supported by individual databases. @@ -333,6 +339,8 @@ def credential_config(self) -> Optional[pulumi.Input[Mapping[str, Any]]]: """ Specifies the configuration for the given `credential_type`. + + The following options are available for each `credential_type` value: """ return pulumi.get(self, "credential_config") @@ -518,6 +526,8 @@ def __init__(__self__, creating a user. :param pulumi.Input[Mapping[str, Any]] credential_config: Specifies the configuration for the given `credential_type`. + + The following options are available for each `credential_type` value: :param pulumi.Input[str] credential_type: Specifies the type of credential that will be generated for the role. Options include: `password`, `rsa_private_key`, `client_certificate`. See the plugin's API page for credential types supported by individual databases. @@ -666,6 +676,8 @@ def get(resource_name: str, creating a user. :param pulumi.Input[Mapping[str, Any]] credential_config: Specifies the configuration for the given `credential_type`. + + The following options are available for each `credential_type` value: :param pulumi.Input[str] credential_type: Specifies the type of credential that will be generated for the role. Options include: `password`, `rsa_private_key`, `client_certificate`. See the plugin's API page for credential types supported by individual databases. @@ -728,6 +740,8 @@ def credential_config(self) -> pulumi.Output[Optional[Mapping[str, Any]]]: """ Specifies the configuration for the given `credential_type`. + + The following options are available for each `credential_type` value: """ return pulumi.get(self, "credential_config") diff --git a/sdk/python/pulumi_vault/database/secret_backend_static_role.py b/sdk/python/pulumi_vault/database/secret_backend_static_role.py index 1392cb7e0..9d7592712 100644 --- a/sdk/python/pulumi_vault/database/secret_backend_static_role.py +++ b/sdk/python/pulumi_vault/database/secret_backend_static_role.py @@ -37,6 +37,9 @@ def __init__(__self__, *, Mutually exclusive with `rotation_schedule`. :param pulumi.Input[str] rotation_schedule: A cron-style string that will define the schedule on which rotations should occur. Mutually exclusive with `rotation_period`. + + **Warning**: The `rotation_period` and `rotation_schedule` fields are + mutually exclusive. One of them must be set but not both. :param pulumi.Input[Sequence[pulumi.Input[str]]] rotation_statements: Database statements to execute to rotate the password for the configured database user. :param pulumi.Input[int] rotation_window: The amount of time, in seconds, in which rotations are allowed to occur starting from a given `rotation_schedule`. @@ -139,6 +142,9 @@ def rotation_schedule(self) -> Optional[pulumi.Input[str]]: """ A cron-style string that will define the schedule on which rotations should occur. Mutually exclusive with `rotation_period`. + + **Warning**: The `rotation_period` and `rotation_schedule` fields are + mutually exclusive. One of them must be set but not both. """ return pulumi.get(self, "rotation_schedule") @@ -197,6 +203,9 @@ def __init__(__self__, *, Mutually exclusive with `rotation_schedule`. :param pulumi.Input[str] rotation_schedule: A cron-style string that will define the schedule on which rotations should occur. Mutually exclusive with `rotation_period`. + + **Warning**: The `rotation_period` and `rotation_schedule` fields are + mutually exclusive. One of them must be set but not both. :param pulumi.Input[Sequence[pulumi.Input[str]]] rotation_statements: Database statements to execute to rotate the password for the configured database user. :param pulumi.Input[int] rotation_window: The amount of time, in seconds, in which rotations are allowed to occur starting from a given `rotation_schedule`. @@ -291,6 +300,9 @@ def rotation_schedule(self) -> Optional[pulumi.Input[str]]: """ A cron-style string that will define the schedule on which rotations should occur. Mutually exclusive with `rotation_period`. + + **Warning**: The `rotation_period` and `rotation_schedule` fields are + mutually exclusive. One of them must be set but not both. """ return pulumi.get(self, "rotation_schedule") @@ -409,6 +421,9 @@ def __init__(__self__, Mutually exclusive with `rotation_schedule`. :param pulumi.Input[str] rotation_schedule: A cron-style string that will define the schedule on which rotations should occur. Mutually exclusive with `rotation_period`. + + **Warning**: The `rotation_period` and `rotation_schedule` fields are + mutually exclusive. One of them must be set but not both. :param pulumi.Input[Sequence[pulumi.Input[str]]] rotation_statements: Database statements to execute to rotate the password for the configured database user. :param pulumi.Input[int] rotation_window: The amount of time, in seconds, in which rotations are allowed to occur starting from a given `rotation_schedule`. @@ -550,6 +565,9 @@ def get(resource_name: str, Mutually exclusive with `rotation_schedule`. :param pulumi.Input[str] rotation_schedule: A cron-style string that will define the schedule on which rotations should occur. Mutually exclusive with `rotation_period`. + + **Warning**: The `rotation_period` and `rotation_schedule` fields are + mutually exclusive. One of them must be set but not both. :param pulumi.Input[Sequence[pulumi.Input[str]]] rotation_statements: Database statements to execute to rotate the password for the configured database user. :param pulumi.Input[int] rotation_window: The amount of time, in seconds, in which rotations are allowed to occur starting from a given `rotation_schedule`. @@ -620,6 +638,9 @@ def rotation_schedule(self) -> pulumi.Output[Optional[str]]: """ A cron-style string that will define the schedule on which rotations should occur. Mutually exclusive with `rotation_period`. + + **Warning**: The `rotation_period` and `rotation_schedule` fields are + mutually exclusive. One of them must be set but not both. """ return pulumi.get(self, "rotation_schedule") diff --git a/sdk/python/pulumi_vault/database/secrets_mount.py b/sdk/python/pulumi_vault/database/secrets_mount.py index b680f7341..ed47ff4c3 100644 --- a/sdk/python/pulumi_vault/database/secrets_mount.py +++ b/sdk/python/pulumi_vault/database/secrets_mount.py @@ -50,6 +50,8 @@ def __init__(__self__, *, The set of arguments for constructing a SecretsMount resource. :param pulumi.Input[str] path: Where the secret backend will be mounted :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_managed_keys: Set of managed key registry entry names that the mount in question is allowed to access + + The following arguments are common to all database engines: :param pulumi.Input[Sequence[pulumi.Input[str]]] audit_non_hmac_request_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the request data object. :param pulumi.Input[Sequence[pulumi.Input[str]]] audit_non_hmac_response_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the response data object. :param pulumi.Input[Sequence[pulumi.Input['SecretsMountCassandraArgs']]] cassandras: A nested block containing configuration options for Cassandra connections. @@ -174,6 +176,8 @@ def path(self, value: pulumi.Input[str]): def allowed_managed_keys(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: """ Set of managed key registry entry names that the mount in question is allowed to access + + The following arguments are common to all database engines: """ return pulumi.get(self, "allowed_managed_keys") @@ -575,6 +579,8 @@ def __init__(__self__, *, Input properties used for looking up and filtering SecretsMount resources. :param pulumi.Input[str] accessor: Accessor of the mount :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_managed_keys: Set of managed key registry entry names that the mount in question is allowed to access + + The following arguments are common to all database engines: :param pulumi.Input[Sequence[pulumi.Input[str]]] audit_non_hmac_request_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the request data object. :param pulumi.Input[Sequence[pulumi.Input[str]]] audit_non_hmac_response_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the response data object. :param pulumi.Input[Sequence[pulumi.Input['SecretsMountCassandraArgs']]] cassandras: A nested block containing configuration options for Cassandra connections. @@ -706,6 +712,8 @@ def accessor(self, value: Optional[pulumi.Input[str]]): def allowed_managed_keys(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: """ Set of managed key registry entry names that the mount in question is allowed to access + + The following arguments are common to all database engines: """ return pulumi.get(self, "allowed_managed_keys") @@ -1180,6 +1188,8 @@ def __init__(__self__, :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_managed_keys: Set of managed key registry entry names that the mount in question is allowed to access + + The following arguments are common to all database engines: :param pulumi.Input[Sequence[pulumi.Input[str]]] audit_non_hmac_request_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the request data object. :param pulumi.Input[Sequence[pulumi.Input[str]]] audit_non_hmac_response_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the response data object. :param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['SecretsMountCassandraArgs']]]] cassandras: A nested block containing configuration options for Cassandra connections. @@ -1422,6 +1432,8 @@ def get(resource_name: str, :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] accessor: Accessor of the mount :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_managed_keys: Set of managed key registry entry names that the mount in question is allowed to access + + The following arguments are common to all database engines: :param pulumi.Input[Sequence[pulumi.Input[str]]] audit_non_hmac_request_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the request data object. :param pulumi.Input[Sequence[pulumi.Input[str]]] audit_non_hmac_response_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the response data object. :param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['SecretsMountCassandraArgs']]]] cassandras: A nested block containing configuration options for Cassandra connections. @@ -1522,6 +1534,8 @@ def accessor(self) -> pulumi.Output[str]: def allowed_managed_keys(self) -> pulumi.Output[Optional[Sequence[str]]]: """ Set of managed key registry entry names that the mount in question is allowed to access + + The following arguments are common to all database engines: """ return pulumi.get(self, "allowed_managed_keys") diff --git a/sdk/python/pulumi_vault/gcp/_inputs.py b/sdk/python/pulumi_vault/gcp/_inputs.py index 4ae181155..2d39365ac 100644 --- a/sdk/python/pulumi_vault/gcp/_inputs.py +++ b/sdk/python/pulumi_vault/gcp/_inputs.py @@ -25,6 +25,11 @@ def __init__(__self__, *, """ :param pulumi.Input[str] api: Replaces the service endpoint used in API requests to `https://www.googleapis.com`. :param pulumi.Input[str] compute: Replaces the service endpoint used in API requests to `https://compute.googleapis.com`. + + The endpoint value provided for a given key has the form of `scheme://host:port`. + The `scheme://` and `:port` portions of the endpoint value are optional. + + For more details on the usage of each argument consult the [Vault GCP API documentation](https://www.vaultproject.io/api-docs/auth/gcp#configure). :param pulumi.Input[str] crm: Replaces the service endpoint used in API requests to `https://cloudresourcemanager.googleapis.com`. :param pulumi.Input[str] iam: Replaces the service endpoint used in API requests to `https://iam.googleapis.com`. """ @@ -54,6 +59,11 @@ def api(self, value: Optional[pulumi.Input[str]]): def compute(self) -> Optional[pulumi.Input[str]]: """ Replaces the service endpoint used in API requests to `https://compute.googleapis.com`. + + The endpoint value provided for a given key has the form of `scheme://host:port`. + The `scheme://` and `:port` portions of the endpoint value are optional. + + For more details on the usage of each argument consult the [Vault GCP API documentation](https://www.vaultproject.io/api-docs/auth/gcp#configure). """ return pulumi.get(self, "compute") diff --git a/sdk/python/pulumi_vault/gcp/auth_backend.py b/sdk/python/pulumi_vault/gcp/auth_backend.py index 6e581a34e..4a8ed7a14 100644 --- a/sdk/python/pulumi_vault/gcp/auth_backend.py +++ b/sdk/python/pulumi_vault/gcp/auth_backend.py @@ -37,6 +37,8 @@ def __init__(__self__, *, used when making API requests. This allows specific requests made during authentication to target alternative service endpoints for use in [Private Google Access](https://cloud.google.com/vpc/docs/configure-private-google-access) environments. Requires Vault 1.11+. + + Overrides are set at the subdomain level using the following keys: :param pulumi.Input[str] description: A description of the auth method. :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates. See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) @@ -117,6 +119,8 @@ def custom_endpoint(self) -> Optional[pulumi.Input['AuthBackendCustomEndpointArg used when making API requests. This allows specific requests made during authentication to target alternative service endpoints for use in [Private Google Access](https://cloud.google.com/vpc/docs/configure-private-google-access) environments. Requires Vault 1.11+. + + Overrides are set at the subdomain level using the following keys: """ return pulumi.get(self, "custom_endpoint") @@ -239,6 +243,8 @@ def __init__(__self__, *, used when making API requests. This allows specific requests made during authentication to target alternative service endpoints for use in [Private Google Access](https://cloud.google.com/vpc/docs/configure-private-google-access) environments. Requires Vault 1.11+. + + Overrides are set at the subdomain level using the following keys: :param pulumi.Input[str] description: A description of the auth method. :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates. See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) @@ -333,6 +339,8 @@ def custom_endpoint(self) -> Optional[pulumi.Input['AuthBackendCustomEndpointArg used when making API requests. This allows specific requests made during authentication to target alternative service endpoints for use in [Private Google Access](https://cloud.google.com/vpc/docs/configure-private-google-access) environments. Requires Vault 1.11+. + + Overrides are set at the subdomain level using the following keys: """ return pulumi.get(self, "custom_endpoint") @@ -483,6 +491,8 @@ def __init__(__self__, used when making API requests. This allows specific requests made during authentication to target alternative service endpoints for use in [Private Google Access](https://cloud.google.com/vpc/docs/configure-private-google-access) environments. Requires Vault 1.11+. + + Overrides are set at the subdomain level using the following keys: :param pulumi.Input[str] description: A description of the auth method. :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates. See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) @@ -615,6 +625,8 @@ def get(resource_name: str, used when making API requests. This allows specific requests made during authentication to target alternative service endpoints for use in [Private Google Access](https://cloud.google.com/vpc/docs/configure-private-google-access) environments. Requires Vault 1.11+. + + Overrides are set at the subdomain level using the following keys: :param pulumi.Input[str] description: A description of the auth method. :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates. See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) @@ -686,6 +698,8 @@ def custom_endpoint(self) -> pulumi.Output[Optional['outputs.AuthBackendCustomEn used when making API requests. This allows specific requests made during authentication to target alternative service endpoints for use in [Private Google Access](https://cloud.google.com/vpc/docs/configure-private-google-access) environments. Requires Vault 1.11+. + + Overrides are set at the subdomain level using the following keys: """ return pulumi.get(self, "custom_endpoint") diff --git a/sdk/python/pulumi_vault/gcp/auth_backend_role.py b/sdk/python/pulumi_vault/gcp/auth_backend_role.py index 6b851b7f9..88107ee80 100644 --- a/sdk/python/pulumi_vault/gcp/auth_backend_role.py +++ b/sdk/python/pulumi_vault/gcp/auth_backend_role.py @@ -44,7 +44,7 @@ def __init__(__self__, *, :param pulumi.Input[str] backend: Path to the mounted GCP auth backend :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_instance_groups: The instance groups that an authorized instance must belong to in order to be authenticated. If specified, either `bound_zones` or `bound_regions` must be set too. :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_labels: A comma-separated list of GCP labels formatted as `"key:value"` strings that must be set on authorized GCE instances. Because GCP labels are not currently ACL'd, we recommend that this be used in conjunction with other restrictions. - :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_projects: GCP Projects that the role exists within + :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_projects: An array of GCP project IDs. Only entities belonging to this project can authenticate under the role. :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_regions: The list of regions that a GCE instance must belong to in order to be authenticated. If bound_instance_groups is provided, it is assumed to be a regional group and the group must belong to this region. If bound_zones are provided, this attribute is ignored. :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_service_accounts: GCP Service Accounts allowed to issue tokens under this role. (Note: **Required** if role is `iam`) :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_zones: The list of zones that a GCE instance must belong to in order to be authenticated. If bound_instance_groups is provided, it is assumed to be a zonal group and the group must belong to this zone. @@ -208,7 +208,7 @@ def bound_labels(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]] @pulumi.getter(name="boundProjects") def bound_projects(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: """ - GCP Projects that the role exists within + An array of GCP project IDs. Only entities belonging to this project can authenticate under the role. """ return pulumi.get(self, "bound_projects") @@ -436,7 +436,7 @@ def __init__(__self__, *, :param pulumi.Input[str] backend: Path to the mounted GCP auth backend :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_instance_groups: The instance groups that an authorized instance must belong to in order to be authenticated. If specified, either `bound_zones` or `bound_regions` must be set too. :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_labels: A comma-separated list of GCP labels formatted as `"key:value"` strings that must be set on authorized GCE instances. Because GCP labels are not currently ACL'd, we recommend that this be used in conjunction with other restrictions. - :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_projects: GCP Projects that the role exists within + :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_projects: An array of GCP project IDs. Only entities belonging to this project can authenticate under the role. :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_regions: The list of regions that a GCE instance must belong to in order to be authenticated. If bound_instance_groups is provided, it is assumed to be a regional group and the group must belong to this region. If bound_zones are provided, this attribute is ignored. :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_service_accounts: GCP Service Accounts allowed to issue tokens under this role. (Note: **Required** if role is `iam`) :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_zones: The list of zones that a GCE instance must belong to in order to be authenticated. If bound_instance_groups is provided, it is assumed to be a zonal group and the group must belong to this zone. @@ -580,7 +580,7 @@ def bound_labels(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]] @pulumi.getter(name="boundProjects") def bound_projects(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: """ - GCP Projects that the role exists within + An array of GCP project IDs. Only entities belonging to this project can authenticate under the role. """ return pulumi.get(self, "bound_projects") @@ -870,7 +870,7 @@ def __init__(__self__, :param pulumi.Input[str] backend: Path to the mounted GCP auth backend :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_instance_groups: The instance groups that an authorized instance must belong to in order to be authenticated. If specified, either `bound_zones` or `bound_regions` must be set too. :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_labels: A comma-separated list of GCP labels formatted as `"key:value"` strings that must be set on authorized GCE instances. Because GCP labels are not currently ACL'd, we recommend that this be used in conjunction with other restrictions. - :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_projects: GCP Projects that the role exists within + :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_projects: An array of GCP project IDs. Only entities belonging to this project can authenticate under the role. :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_regions: The list of regions that a GCE instance must belong to in order to be authenticated. If bound_instance_groups is provided, it is assumed to be a regional group and the group must belong to this region. If bound_zones are provided, this attribute is ignored. :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_service_accounts: GCP Service Accounts allowed to issue tokens under this role. (Note: **Required** if role is `iam`) :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_zones: The list of zones that a GCE instance must belong to in order to be authenticated. If bound_instance_groups is provided, it is assumed to be a zonal group and the group must belong to this zone. @@ -1064,7 +1064,7 @@ def get(resource_name: str, :param pulumi.Input[str] backend: Path to the mounted GCP auth backend :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_instance_groups: The instance groups that an authorized instance must belong to in order to be authenticated. If specified, either `bound_zones` or `bound_regions` must be set too. :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_labels: A comma-separated list of GCP labels formatted as `"key:value"` strings that must be set on authorized GCE instances. Because GCP labels are not currently ACL'd, we recommend that this be used in conjunction with other restrictions. - :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_projects: GCP Projects that the role exists within + :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_projects: An array of GCP project IDs. Only entities belonging to this project can authenticate under the role. :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_regions: The list of regions that a GCE instance must belong to in order to be authenticated. If bound_instance_groups is provided, it is assumed to be a regional group and the group must belong to this region. If bound_zones are provided, this attribute is ignored. :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_service_accounts: GCP Service Accounts allowed to issue tokens under this role. (Note: **Required** if role is `iam`) :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_zones: The list of zones that a GCE instance must belong to in order to be authenticated. If bound_instance_groups is provided, it is assumed to be a zonal group and the group must belong to this zone. @@ -1171,7 +1171,7 @@ def bound_labels(self) -> pulumi.Output[Sequence[str]]: @pulumi.getter(name="boundProjects") def bound_projects(self) -> pulumi.Output[Optional[Sequence[str]]]: """ - GCP Projects that the role exists within + An array of GCP project IDs. Only entities belonging to this project can authenticate under the role. """ return pulumi.get(self, "bound_projects") diff --git a/sdk/python/pulumi_vault/gcp/get_auth_backend_role.py b/sdk/python/pulumi_vault/gcp/get_auth_backend_role.py index 7e25d85cd..03f09a0d2 100644 --- a/sdk/python/pulumi_vault/gcp/get_auth_backend_role.py +++ b/sdk/python/pulumi_vault/gcp/get_auth_backend_role.py @@ -372,27 +372,27 @@ def get_auth_backend_role(backend: Optional[str] = None, __ret__ = pulumi.runtime.invoke('vault:gcp/getAuthBackendRole:getAuthBackendRole', __args__, opts=opts, typ=GetAuthBackendRoleResult).value return AwaitableGetAuthBackendRoleResult( - backend=__ret__.backend, - bound_instance_groups=__ret__.bound_instance_groups, - bound_labels=__ret__.bound_labels, - bound_projects=__ret__.bound_projects, - bound_regions=__ret__.bound_regions, - bound_service_accounts=__ret__.bound_service_accounts, - bound_zones=__ret__.bound_zones, - id=__ret__.id, - namespace=__ret__.namespace, - role_id=__ret__.role_id, - role_name=__ret__.role_name, - token_bound_cidrs=__ret__.token_bound_cidrs, - token_explicit_max_ttl=__ret__.token_explicit_max_ttl, - token_max_ttl=__ret__.token_max_ttl, - token_no_default_policy=__ret__.token_no_default_policy, - token_num_uses=__ret__.token_num_uses, - token_period=__ret__.token_period, - token_policies=__ret__.token_policies, - token_ttl=__ret__.token_ttl, - token_type=__ret__.token_type, - type=__ret__.type) + backend=pulumi.get(__ret__, 'backend'), + bound_instance_groups=pulumi.get(__ret__, 'bound_instance_groups'), + bound_labels=pulumi.get(__ret__, 'bound_labels'), + bound_projects=pulumi.get(__ret__, 'bound_projects'), + bound_regions=pulumi.get(__ret__, 'bound_regions'), + bound_service_accounts=pulumi.get(__ret__, 'bound_service_accounts'), + bound_zones=pulumi.get(__ret__, 'bound_zones'), + id=pulumi.get(__ret__, 'id'), + namespace=pulumi.get(__ret__, 'namespace'), + role_id=pulumi.get(__ret__, 'role_id'), + role_name=pulumi.get(__ret__, 'role_name'), + token_bound_cidrs=pulumi.get(__ret__, 'token_bound_cidrs'), + token_explicit_max_ttl=pulumi.get(__ret__, 'token_explicit_max_ttl'), + token_max_ttl=pulumi.get(__ret__, 'token_max_ttl'), + token_no_default_policy=pulumi.get(__ret__, 'token_no_default_policy'), + token_num_uses=pulumi.get(__ret__, 'token_num_uses'), + token_period=pulumi.get(__ret__, 'token_period'), + token_policies=pulumi.get(__ret__, 'token_policies'), + token_ttl=pulumi.get(__ret__, 'token_ttl'), + token_type=pulumi.get(__ret__, 'token_type'), + type=pulumi.get(__ret__, 'type')) @_utilities.lift_output_func(get_auth_backend_role) diff --git a/sdk/python/pulumi_vault/gcp/outputs.py b/sdk/python/pulumi_vault/gcp/outputs.py index 18ed51e8f..e2438a7df 100644 --- a/sdk/python/pulumi_vault/gcp/outputs.py +++ b/sdk/python/pulumi_vault/gcp/outputs.py @@ -25,6 +25,11 @@ def __init__(__self__, *, """ :param str api: Replaces the service endpoint used in API requests to `https://www.googleapis.com`. :param str compute: Replaces the service endpoint used in API requests to `https://compute.googleapis.com`. + + The endpoint value provided for a given key has the form of `scheme://host:port`. + The `scheme://` and `:port` portions of the endpoint value are optional. + + For more details on the usage of each argument consult the [Vault GCP API documentation](https://www.vaultproject.io/api-docs/auth/gcp#configure). :param str crm: Replaces the service endpoint used in API requests to `https://cloudresourcemanager.googleapis.com`. :param str iam: Replaces the service endpoint used in API requests to `https://iam.googleapis.com`. """ @@ -50,6 +55,11 @@ def api(self) -> Optional[str]: def compute(self) -> Optional[str]: """ Replaces the service endpoint used in API requests to `https://compute.googleapis.com`. + + The endpoint value provided for a given key has the form of `scheme://host:port`. + The `scheme://` and `:port` portions of the endpoint value are optional. + + For more details on the usage of each argument consult the [Vault GCP API documentation](https://www.vaultproject.io/api-docs/auth/gcp#configure). """ return pulumi.get(self, "compute") diff --git a/sdk/python/pulumi_vault/gcp/secret_backend.py b/sdk/python/pulumi_vault/gcp/secret_backend.py index 6b0144be4..daa23fd3e 100644 --- a/sdk/python/pulumi_vault/gcp/secret_backend.py +++ b/sdk/python/pulumi_vault/gcp/secret_backend.py @@ -24,7 +24,7 @@ def __init__(__self__, *, path: Optional[pulumi.Input[str]] = None): """ The set of arguments for constructing a SecretBackend resource. - :param pulumi.Input[str] credentials: The GCP service account credentials in JSON format. + :param pulumi.Input[str] credentials: JSON-encoded credentials to use to connect to GCP :param pulumi.Input[int] default_lease_ttl_seconds: The default TTL for credentials issued by this backend. Defaults to '0'. :param pulumi.Input[str] description: A human-friendly description for this backend. @@ -61,7 +61,7 @@ def __init__(__self__, *, @pulumi.getter def credentials(self) -> Optional[pulumi.Input[str]]: """ - The GCP service account credentials in JSON format. + JSON-encoded credentials to use to connect to GCP """ return pulumi.get(self, "credentials") @@ -174,7 +174,7 @@ def __init__(__self__, *, path: Optional[pulumi.Input[str]] = None): """ Input properties used for looking up and filtering SecretBackend resources. - :param pulumi.Input[str] credentials: The GCP service account credentials in JSON format. + :param pulumi.Input[str] credentials: JSON-encoded credentials to use to connect to GCP :param pulumi.Input[int] default_lease_ttl_seconds: The default TTL for credentials issued by this backend. Defaults to '0'. :param pulumi.Input[str] description: A human-friendly description for this backend. @@ -211,7 +211,7 @@ def __init__(__self__, *, @pulumi.getter def credentials(self) -> Optional[pulumi.Input[str]]: """ - The GCP service account credentials in JSON format. + JSON-encoded credentials to use to connect to GCP """ return pulumi.get(self, "credentials") @@ -337,7 +337,7 @@ def __init__(__self__, :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. - :param pulumi.Input[str] credentials: The GCP service account credentials in JSON format. + :param pulumi.Input[str] credentials: JSON-encoded credentials to use to connect to GCP :param pulumi.Input[int] default_lease_ttl_seconds: The default TTL for credentials issued by this backend. Defaults to '0'. :param pulumi.Input[str] description: A human-friendly description for this backend. @@ -436,7 +436,7 @@ def get(resource_name: str, :param str resource_name: The unique name of the resulting resource. :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. :param pulumi.ResourceOptions opts: Options for the resource. - :param pulumi.Input[str] credentials: The GCP service account credentials in JSON format. + :param pulumi.Input[str] credentials: JSON-encoded credentials to use to connect to GCP :param pulumi.Input[int] default_lease_ttl_seconds: The default TTL for credentials issued by this backend. Defaults to '0'. :param pulumi.Input[str] description: A human-friendly description for this backend. @@ -470,7 +470,7 @@ def get(resource_name: str, @pulumi.getter def credentials(self) -> pulumi.Output[Optional[str]]: """ - The GCP service account credentials in JSON format. + JSON-encoded credentials to use to connect to GCP """ return pulumi.get(self, "credentials") diff --git a/sdk/python/pulumi_vault/gcp/secret_roleset.py b/sdk/python/pulumi_vault/gcp/secret_roleset.py index a4b137c1b..9b793493e 100644 --- a/sdk/python/pulumi_vault/gcp/secret_roleset.py +++ b/sdk/python/pulumi_vault/gcp/secret_roleset.py @@ -157,7 +157,7 @@ def __init__(__self__, *, :param pulumi.Input[str] project: Name of the GCP project that this roleset's service account will belong to. :param pulumi.Input[str] roleset: Name of the Roleset to create :param pulumi.Input[str] secret_type: Type of secret generated for this role set. Accepted values: `access_token`, `service_account_key`. Defaults to `access_token`. - :param pulumi.Input[str] service_account_email: Email of the service account created by Vault for this Roleset + :param pulumi.Input[str] service_account_email: Email of the service account created by Vault for this Roleset. :param pulumi.Input[Sequence[pulumi.Input[str]]] token_scopes: List of OAuth scopes to assign to `access_token` secrets generated under this role set (`access_token` role sets only). """ if backend is not None: @@ -256,7 +256,7 @@ def secret_type(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="serviceAccountEmail") def service_account_email(self) -> Optional[pulumi.Input[str]]: """ - Email of the service account created by Vault for this Roleset + Email of the service account created by Vault for this Roleset. """ return pulumi.get(self, "service_account_email") @@ -460,7 +460,7 @@ def get(resource_name: str, :param pulumi.Input[str] project: Name of the GCP project that this roleset's service account will belong to. :param pulumi.Input[str] roleset: Name of the Roleset to create :param pulumi.Input[str] secret_type: Type of secret generated for this role set. Accepted values: `access_token`, `service_account_key`. Defaults to `access_token`. - :param pulumi.Input[str] service_account_email: Email of the service account created by Vault for this Roleset + :param pulumi.Input[str] service_account_email: Email of the service account created by Vault for this Roleset. :param pulumi.Input[Sequence[pulumi.Input[str]]] token_scopes: List of OAuth scopes to assign to `access_token` secrets generated under this role set (`access_token` role sets only). """ opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) @@ -532,7 +532,7 @@ def secret_type(self) -> pulumi.Output[str]: @pulumi.getter(name="serviceAccountEmail") def service_account_email(self) -> pulumi.Output[str]: """ - Email of the service account created by Vault for this Roleset + Email of the service account created by Vault for this Roleset. """ return pulumi.get(self, "service_account_email") diff --git a/sdk/python/pulumi_vault/generic/endpoint.py b/sdk/python/pulumi_vault/generic/endpoint.py index d1ab14c23..c2521f44c 100644 --- a/sdk/python/pulumi_vault/generic/endpoint.py +++ b/sdk/python/pulumi_vault/generic/endpoint.py @@ -29,18 +29,32 @@ def __init__(__self__, *, data. Consult each backend's documentation to see which endpoints support the `PUT` methods and to determine whether they also support `DELETE` and `GET`. - :param pulumi.Input[bool] disable_delete: Don't attempt to delete the path from Vault if true + :param pulumi.Input[bool] disable_delete: - (Optional) True/false. Set this to true if your + vault authentication is not able to delete the data or if the endpoint + does not support the `DELETE` method. Defaults to false. :param pulumi.Input[bool] disable_read: True/false. Set this to true if your vault authentication is not able to read the data or if the endpoint does not support the `GET` method. Setting this to `true` will break drift detection. You should set this to `true` for endpoints that are write-only. Defaults to false. - :param pulumi.Input[bool] ignore_absent_fields: When reading, disregard fields not present in data_json + :param pulumi.Input[bool] ignore_absent_fields: - (Optional) True/false. If set to true, + ignore any fields present when the endpoint is read but that were not + in `data_json`. Also, if a field that was written is not returned when + the endpoint is read, treat that field as being up to date. You should + set this to `true` when writing to endpoint that, when read, returns a + different set of fields from the ones you wrote, as is common with + many configuration endpoints. Defaults to false. :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). *Available only for Vault Enterprise*. - :param pulumi.Input[Sequence[pulumi.Input[str]]] write_fields: Top-level fields returned by write to persist in state + :param pulumi.Input[Sequence[pulumi.Input[str]]] write_fields: - (Optional). A list of fields that should be returned + in `write_data_json` and `write_data`. If omitted, data returned by + the write operation is not available to the resource or included in + state. This helps to avoid accidental storage of sensitive values in + state. Some endpoints, such as many dynamic secrets endpoints, return + data from writing to an endpoint rather than reading it. You should + use `write_fields` if you need information returned in this way. """ pulumi.set(__self__, "data_json", data_json) pulumi.set(__self__, "path", path) @@ -87,7 +101,9 @@ def path(self, value: pulumi.Input[str]): @pulumi.getter(name="disableDelete") def disable_delete(self) -> Optional[pulumi.Input[bool]]: """ - Don't attempt to delete the path from Vault if true + - (Optional) True/false. Set this to true if your + vault authentication is not able to delete the data or if the endpoint + does not support the `DELETE` method. Defaults to false. """ return pulumi.get(self, "disable_delete") @@ -115,7 +131,13 @@ def disable_read(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter(name="ignoreAbsentFields") def ignore_absent_fields(self) -> Optional[pulumi.Input[bool]]: """ - When reading, disregard fields not present in data_json + - (Optional) True/false. If set to true, + ignore any fields present when the endpoint is read but that were not + in `data_json`. Also, if a field that was written is not returned when + the endpoint is read, treat that field as being up to date. You should + set this to `true` when writing to endpoint that, when read, returns a + different set of fields from the ones you wrote, as is common with + many configuration endpoints. Defaults to false. """ return pulumi.get(self, "ignore_absent_fields") @@ -142,7 +164,13 @@ def namespace(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="writeFields") def write_fields(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: """ - Top-level fields returned by write to persist in state + - (Optional). A list of fields that should be returned + in `write_data_json` and `write_data`. If omitted, data returned by + the write operation is not available to the resource or included in + state. This helps to avoid accidental storage of sensitive values in + state. Some endpoints, such as many dynamic secrets endpoints, return + data from writing to an endpoint rather than reading it. You should + use `write_fields` if you need information returned in this way. """ return pulumi.get(self, "write_fields") @@ -167,13 +195,21 @@ def __init__(__self__, *, Input properties used for looking up and filtering Endpoint resources. :param pulumi.Input[str] data_json: String containing a JSON-encoded object that will be written to the given path as the secret data. - :param pulumi.Input[bool] disable_delete: Don't attempt to delete the path from Vault if true + :param pulumi.Input[bool] disable_delete: - (Optional) True/false. Set this to true if your + vault authentication is not able to delete the data or if the endpoint + does not support the `DELETE` method. Defaults to false. :param pulumi.Input[bool] disable_read: True/false. Set this to true if your vault authentication is not able to read the data or if the endpoint does not support the `GET` method. Setting this to `true` will break drift detection. You should set this to `true` for endpoints that are write-only. Defaults to false. - :param pulumi.Input[bool] ignore_absent_fields: When reading, disregard fields not present in data_json + :param pulumi.Input[bool] ignore_absent_fields: - (Optional) True/false. If set to true, + ignore any fields present when the endpoint is read but that were not + in `data_json`. Also, if a field that was written is not returned when + the endpoint is read, treat that field as being up to date. You should + set this to `true` when writing to endpoint that, when read, returns a + different set of fields from the ones you wrote, as is common with + many configuration endpoints. Defaults to false. :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). @@ -182,9 +218,20 @@ def __init__(__self__, *, data. Consult each backend's documentation to see which endpoints support the `PUT` methods and to determine whether they also support `DELETE` and `GET`. - :param pulumi.Input[Mapping[str, pulumi.Input[str]]] write_data: Map of strings returned by write operation - :param pulumi.Input[str] write_data_json: JSON data returned by write operation - :param pulumi.Input[Sequence[pulumi.Input[str]]] write_fields: Top-level fields returned by write to persist in state + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] write_data: - A map whose keys are the top-level data keys + returned from Vault by the write operation and whose values are the + corresponding values. This map can only represent string data, so + any non-string values returned from Vault are serialized as JSON. + Only fields set in `write_fields` are present in the JSON data. + :param pulumi.Input[str] write_data_json: - The JSON data returned by the write operation. + Only fields set in `write_fields` are present in the JSON data. + :param pulumi.Input[Sequence[pulumi.Input[str]]] write_fields: - (Optional). A list of fields that should be returned + in `write_data_json` and `write_data`. If omitted, data returned by + the write operation is not available to the resource or included in + state. This helps to avoid accidental storage of sensitive values in + state. Some endpoints, such as many dynamic secrets endpoints, return + data from writing to an endpoint rather than reading it. You should + use `write_fields` if you need information returned in this way. """ if data_json is not None: pulumi.set(__self__, "data_json", data_json) @@ -222,7 +269,9 @@ def data_json(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="disableDelete") def disable_delete(self) -> Optional[pulumi.Input[bool]]: """ - Don't attempt to delete the path from Vault if true + - (Optional) True/false. Set this to true if your + vault authentication is not able to delete the data or if the endpoint + does not support the `DELETE` method. Defaults to false. """ return pulumi.get(self, "disable_delete") @@ -250,7 +299,13 @@ def disable_read(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter(name="ignoreAbsentFields") def ignore_absent_fields(self) -> Optional[pulumi.Input[bool]]: """ - When reading, disregard fields not present in data_json + - (Optional) True/false. If set to true, + ignore any fields present when the endpoint is read but that were not + in `data_json`. Also, if a field that was written is not returned when + the endpoint is read, treat that field as being up to date. You should + set this to `true` when writing to endpoint that, when read, returns a + different set of fields from the ones you wrote, as is common with + many configuration endpoints. Defaults to false. """ return pulumi.get(self, "ignore_absent_fields") @@ -292,7 +347,11 @@ def path(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="writeData") def write_data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]: """ - Map of strings returned by write operation + - A map whose keys are the top-level data keys + returned from Vault by the write operation and whose values are the + corresponding values. This map can only represent string data, so + any non-string values returned from Vault are serialized as JSON. + Only fields set in `write_fields` are present in the JSON data. """ return pulumi.get(self, "write_data") @@ -304,7 +363,8 @@ def write_data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str] @pulumi.getter(name="writeDataJson") def write_data_json(self) -> Optional[pulumi.Input[str]]: """ - JSON data returned by write operation + - The JSON data returned by the write operation. + Only fields set in `write_fields` are present in the JSON data. """ return pulumi.get(self, "write_data_json") @@ -316,7 +376,13 @@ def write_data_json(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="writeFields") def write_fields(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: """ - Top-level fields returned by write to persist in state + - (Optional). A list of fields that should be returned + in `write_data_json` and `write_data`. If omitted, data returned by + the write operation is not available to the resource or included in + state. This helps to avoid accidental storage of sensitive values in + state. Some endpoints, such as many dynamic secrets endpoints, return + data from writing to an endpoint rather than reading it. You should + use `write_fields` if you need information returned in this way. """ return pulumi.get(self, "write_fields") @@ -339,6 +405,45 @@ def __init__(__self__, write_fields: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, __props__=None): """ + ## Example Usage + + ```python + import pulumi + import pulumi_vault as vault + + userpass = vault.AuthBackend("userpass", type="userpass") + u1 = vault.generic.Endpoint("u1", + path="auth/userpass/users/u1", + ignore_absent_fields=True, + data_json=\"\"\"{ + "policies": ["p1"], + "password": "changeme" + } + \"\"\", + opts=pulumi.ResourceOptions(depends_on=[userpass])) + u1_token = vault.generic.Endpoint("u1Token", + path="auth/userpass/login/u1", + disable_read=True, + disable_delete=True, + data_json=\"\"\"{ + "password": "changeme" + } + \"\"\", + opts=pulumi.ResourceOptions(depends_on=[u1])) + u1_entity = vault.generic.Endpoint("u1Entity", + disable_read=True, + disable_delete=True, + path="identity/lookup/entity", + ignore_absent_fields=True, + write_fields=["id"], + data_json=\"\"\"{ + "alias_name": "u1", + "alias_mount_accessor": vault_auth_backend.userpass.accessor + } + \"\"\", + opts=pulumi.ResourceOptions(depends_on=[u1_token])) + pulumi.export("u1Id", u1_entity.write_data["id"]) + ``` ## Required Vault Capabilities Use of this resource requires the `create` or `update` capability @@ -354,13 +459,21 @@ def __init__(__self__, :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] data_json: String containing a JSON-encoded object that will be written to the given path as the secret data. - :param pulumi.Input[bool] disable_delete: Don't attempt to delete the path from Vault if true + :param pulumi.Input[bool] disable_delete: - (Optional) True/false. Set this to true if your + vault authentication is not able to delete the data or if the endpoint + does not support the `DELETE` method. Defaults to false. :param pulumi.Input[bool] disable_read: True/false. Set this to true if your vault authentication is not able to read the data or if the endpoint does not support the `GET` method. Setting this to `true` will break drift detection. You should set this to `true` for endpoints that are write-only. Defaults to false. - :param pulumi.Input[bool] ignore_absent_fields: When reading, disregard fields not present in data_json + :param pulumi.Input[bool] ignore_absent_fields: - (Optional) True/false. If set to true, + ignore any fields present when the endpoint is read but that were not + in `data_json`. Also, if a field that was written is not returned when + the endpoint is read, treat that field as being up to date. You should + set this to `true` when writing to endpoint that, when read, returns a + different set of fields from the ones you wrote, as is common with + many configuration endpoints. Defaults to false. :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). @@ -369,7 +482,13 @@ def __init__(__self__, data. Consult each backend's documentation to see which endpoints support the `PUT` methods and to determine whether they also support `DELETE` and `GET`. - :param pulumi.Input[Sequence[pulumi.Input[str]]] write_fields: Top-level fields returned by write to persist in state + :param pulumi.Input[Sequence[pulumi.Input[str]]] write_fields: - (Optional). A list of fields that should be returned + in `write_data_json` and `write_data`. If omitted, data returned by + the write operation is not available to the resource or included in + state. This helps to avoid accidental storage of sensitive values in + state. Some endpoints, such as many dynamic secrets endpoints, return + data from writing to an endpoint rather than reading it. You should + use `write_fields` if you need information returned in this way. """ ... @overload @@ -378,6 +497,45 @@ def __init__(__self__, args: EndpointArgs, opts: Optional[pulumi.ResourceOptions] = None): """ + ## Example Usage + + ```python + import pulumi + import pulumi_vault as vault + + userpass = vault.AuthBackend("userpass", type="userpass") + u1 = vault.generic.Endpoint("u1", + path="auth/userpass/users/u1", + ignore_absent_fields=True, + data_json=\"\"\"{ + "policies": ["p1"], + "password": "changeme" + } + \"\"\", + opts=pulumi.ResourceOptions(depends_on=[userpass])) + u1_token = vault.generic.Endpoint("u1Token", + path="auth/userpass/login/u1", + disable_read=True, + disable_delete=True, + data_json=\"\"\"{ + "password": "changeme" + } + \"\"\", + opts=pulumi.ResourceOptions(depends_on=[u1])) + u1_entity = vault.generic.Endpoint("u1Entity", + disable_read=True, + disable_delete=True, + path="identity/lookup/entity", + ignore_absent_fields=True, + write_fields=["id"], + data_json=\"\"\"{ + "alias_name": "u1", + "alias_mount_accessor": vault_auth_backend.userpass.accessor + } + \"\"\", + opts=pulumi.ResourceOptions(depends_on=[u1_token])) + pulumi.export("u1Id", u1_entity.write_data["id"]) + ``` ## Required Vault Capabilities Use of this resource requires the `create` or `update` capability @@ -463,13 +621,21 @@ def get(resource_name: str, :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] data_json: String containing a JSON-encoded object that will be written to the given path as the secret data. - :param pulumi.Input[bool] disable_delete: Don't attempt to delete the path from Vault if true + :param pulumi.Input[bool] disable_delete: - (Optional) True/false. Set this to true if your + vault authentication is not able to delete the data or if the endpoint + does not support the `DELETE` method. Defaults to false. :param pulumi.Input[bool] disable_read: True/false. Set this to true if your vault authentication is not able to read the data or if the endpoint does not support the `GET` method. Setting this to `true` will break drift detection. You should set this to `true` for endpoints that are write-only. Defaults to false. - :param pulumi.Input[bool] ignore_absent_fields: When reading, disregard fields not present in data_json + :param pulumi.Input[bool] ignore_absent_fields: - (Optional) True/false. If set to true, + ignore any fields present when the endpoint is read but that were not + in `data_json`. Also, if a field that was written is not returned when + the endpoint is read, treat that field as being up to date. You should + set this to `true` when writing to endpoint that, when read, returns a + different set of fields from the ones you wrote, as is common with + many configuration endpoints. Defaults to false. :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). @@ -478,9 +644,20 @@ def get(resource_name: str, data. Consult each backend's documentation to see which endpoints support the `PUT` methods and to determine whether they also support `DELETE` and `GET`. - :param pulumi.Input[Mapping[str, pulumi.Input[str]]] write_data: Map of strings returned by write operation - :param pulumi.Input[str] write_data_json: JSON data returned by write operation - :param pulumi.Input[Sequence[pulumi.Input[str]]] write_fields: Top-level fields returned by write to persist in state + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] write_data: - A map whose keys are the top-level data keys + returned from Vault by the write operation and whose values are the + corresponding values. This map can only represent string data, so + any non-string values returned from Vault are serialized as JSON. + Only fields set in `write_fields` are present in the JSON data. + :param pulumi.Input[str] write_data_json: - The JSON data returned by the write operation. + Only fields set in `write_fields` are present in the JSON data. + :param pulumi.Input[Sequence[pulumi.Input[str]]] write_fields: - (Optional). A list of fields that should be returned + in `write_data_json` and `write_data`. If omitted, data returned by + the write operation is not available to the resource or included in + state. This helps to avoid accidental storage of sensitive values in + state. Some endpoints, such as many dynamic secrets endpoints, return + data from writing to an endpoint rather than reading it. You should + use `write_fields` if you need information returned in this way. """ opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) @@ -510,7 +687,9 @@ def data_json(self) -> pulumi.Output[str]: @pulumi.getter(name="disableDelete") def disable_delete(self) -> pulumi.Output[Optional[bool]]: """ - Don't attempt to delete the path from Vault if true + - (Optional) True/false. Set this to true if your + vault authentication is not able to delete the data or if the endpoint + does not support the `DELETE` method. Defaults to false. """ return pulumi.get(self, "disable_delete") @@ -530,7 +709,13 @@ def disable_read(self) -> pulumi.Output[Optional[bool]]: @pulumi.getter(name="ignoreAbsentFields") def ignore_absent_fields(self) -> pulumi.Output[Optional[bool]]: """ - When reading, disregard fields not present in data_json + - (Optional) True/false. If set to true, + ignore any fields present when the endpoint is read but that were not + in `data_json`. Also, if a field that was written is not returned when + the endpoint is read, treat that field as being up to date. You should + set this to `true` when writing to endpoint that, when read, returns a + different set of fields from the ones you wrote, as is common with + many configuration endpoints. Defaults to false. """ return pulumi.get(self, "ignore_absent_fields") @@ -560,7 +745,11 @@ def path(self) -> pulumi.Output[str]: @pulumi.getter(name="writeData") def write_data(self) -> pulumi.Output[Mapping[str, str]]: """ - Map of strings returned by write operation + - A map whose keys are the top-level data keys + returned from Vault by the write operation and whose values are the + corresponding values. This map can only represent string data, so + any non-string values returned from Vault are serialized as JSON. + Only fields set in `write_fields` are present in the JSON data. """ return pulumi.get(self, "write_data") @@ -568,7 +757,8 @@ def write_data(self) -> pulumi.Output[Mapping[str, str]]: @pulumi.getter(name="writeDataJson") def write_data_json(self) -> pulumi.Output[str]: """ - JSON data returned by write operation + - The JSON data returned by the write operation. + Only fields set in `write_fields` are present in the JSON data. """ return pulumi.get(self, "write_data_json") @@ -576,7 +766,13 @@ def write_data_json(self) -> pulumi.Output[str]: @pulumi.getter(name="writeFields") def write_fields(self) -> pulumi.Output[Optional[Sequence[str]]]: """ - Top-level fields returned by write to persist in state + - (Optional). A list of fields that should be returned + in `write_data_json` and `write_data`. If omitted, data returned by + the write operation is not available to the resource or included in + state. This helps to avoid accidental storage of sensitive values in + state. Some endpoints, such as many dynamic secrets endpoints, return + data from writing to an endpoint rather than reading it. You should + use `write_fields` if you need information returned in this way. """ return pulumi.get(self, "write_fields") diff --git a/sdk/python/pulumi_vault/generic/get_secret.py b/sdk/python/pulumi_vault/generic/get_secret.py index 1bca650c6..6a2fba4e8 100644 --- a/sdk/python/pulumi_vault/generic/get_secret.py +++ b/sdk/python/pulumi_vault/generic/get_secret.py @@ -184,6 +184,9 @@ def get_secret(namespace: Optional[str] = None, :param int version: The version of the secret to read. This is used by the Vault KV secrets engine - version 2 to indicate which version of the secret to read. + :param bool with_lease_start_time: If set to true, stores `lease_start_time` in the TF state. + Note that storing the `lease_start_time` in the TF state will cause a persistent drift + on every `pulumi preview` and will require a `pulumi up`. """ __args__ = dict() __args__['namespace'] = namespace @@ -194,17 +197,17 @@ def get_secret(namespace: Optional[str] = None, __ret__ = pulumi.runtime.invoke('vault:generic/getSecret:getSecret', __args__, opts=opts, typ=GetSecretResult).value return AwaitableGetSecretResult( - data=__ret__.data, - data_json=__ret__.data_json, - id=__ret__.id, - lease_duration=__ret__.lease_duration, - lease_id=__ret__.lease_id, - lease_renewable=__ret__.lease_renewable, - lease_start_time=__ret__.lease_start_time, - namespace=__ret__.namespace, - path=__ret__.path, - version=__ret__.version, - with_lease_start_time=__ret__.with_lease_start_time) + data=pulumi.get(__ret__, 'data'), + data_json=pulumi.get(__ret__, 'data_json'), + id=pulumi.get(__ret__, 'id'), + lease_duration=pulumi.get(__ret__, 'lease_duration'), + lease_id=pulumi.get(__ret__, 'lease_id'), + lease_renewable=pulumi.get(__ret__, 'lease_renewable'), + lease_start_time=pulumi.get(__ret__, 'lease_start_time'), + namespace=pulumi.get(__ret__, 'namespace'), + path=pulumi.get(__ret__, 'path'), + version=pulumi.get(__ret__, 'version'), + with_lease_start_time=pulumi.get(__ret__, 'with_lease_start_time')) @_utilities.lift_output_func(get_secret) @@ -240,5 +243,8 @@ def get_secret_output(namespace: Optional[pulumi.Input[Optional[str]]] = None, :param int version: The version of the secret to read. This is used by the Vault KV secrets engine - version 2 to indicate which version of the secret to read. + :param bool with_lease_start_time: If set to true, stores `lease_start_time` in the TF state. + Note that storing the `lease_start_time` in the TF state will cause a persistent drift + on every `pulumi preview` and will require a `pulumi up`. """ ... diff --git a/sdk/python/pulumi_vault/get_auth_backend.py b/sdk/python/pulumi_vault/get_auth_backend.py index 4fd6fc799..feeb0551c 100644 --- a/sdk/python/pulumi_vault/get_auth_backend.py +++ b/sdk/python/pulumi_vault/get_auth_backend.py @@ -173,16 +173,16 @@ def get_auth_backend(namespace: Optional[str] = None, __ret__ = pulumi.runtime.invoke('vault:index/getAuthBackend:getAuthBackend', __args__, opts=opts, typ=GetAuthBackendResult).value return AwaitableGetAuthBackendResult( - accessor=__ret__.accessor, - default_lease_ttl_seconds=__ret__.default_lease_ttl_seconds, - description=__ret__.description, - id=__ret__.id, - listing_visibility=__ret__.listing_visibility, - local=__ret__.local, - max_lease_ttl_seconds=__ret__.max_lease_ttl_seconds, - namespace=__ret__.namespace, - path=__ret__.path, - type=__ret__.type) + accessor=pulumi.get(__ret__, 'accessor'), + default_lease_ttl_seconds=pulumi.get(__ret__, 'default_lease_ttl_seconds'), + description=pulumi.get(__ret__, 'description'), + id=pulumi.get(__ret__, 'id'), + listing_visibility=pulumi.get(__ret__, 'listing_visibility'), + local=pulumi.get(__ret__, 'local'), + max_lease_ttl_seconds=pulumi.get(__ret__, 'max_lease_ttl_seconds'), + namespace=pulumi.get(__ret__, 'namespace'), + path=pulumi.get(__ret__, 'path'), + type=pulumi.get(__ret__, 'type')) @_utilities.lift_output_func(get_auth_backend) diff --git a/sdk/python/pulumi_vault/get_auth_backends.py b/sdk/python/pulumi_vault/get_auth_backends.py new file mode 100644 index 000000000..32a1d2f95 --- /dev/null +++ b/sdk/python/pulumi_vault/get_auth_backends.py @@ -0,0 +1,128 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +from . import _utilities + +__all__ = [ + 'GetAuthBackendsResult', + 'AwaitableGetAuthBackendsResult', + 'get_auth_backends', + 'get_auth_backends_output', +] + +@pulumi.output_type +class GetAuthBackendsResult: + """ + A collection of values returned by getAuthBackends. + """ + def __init__(__self__, accessors=None, id=None, namespace=None, paths=None, type=None): + if accessors and not isinstance(accessors, list): + raise TypeError("Expected argument 'accessors' to be a list") + pulumi.set(__self__, "accessors", accessors) + if id and not isinstance(id, str): + raise TypeError("Expected argument 'id' to be a str") + pulumi.set(__self__, "id", id) + if namespace and not isinstance(namespace, str): + raise TypeError("Expected argument 'namespace' to be a str") + pulumi.set(__self__, "namespace", namespace) + if paths and not isinstance(paths, list): + raise TypeError("Expected argument 'paths' to be a list") + pulumi.set(__self__, "paths", paths) + if type and not isinstance(type, str): + raise TypeError("Expected argument 'type' to be a str") + pulumi.set(__self__, "type", type) + + @property + @pulumi.getter + def accessors(self) -> Sequence[str]: + """ + The accessor IDs for the auth methods. + """ + return pulumi.get(self, "accessors") + + @property + @pulumi.getter + def id(self) -> str: + """ + The provider-assigned unique ID for this managed resource. + """ + return pulumi.get(self, "id") + + @property + @pulumi.getter + def namespace(self) -> Optional[str]: + return pulumi.get(self, "namespace") + + @property + @pulumi.getter + def paths(self) -> Sequence[str]: + """ + List of auth backend mount points. + """ + return pulumi.get(self, "paths") + + @property + @pulumi.getter + def type(self) -> Optional[str]: + return pulumi.get(self, "type") + + +class AwaitableGetAuthBackendsResult(GetAuthBackendsResult): + # pylint: disable=using-constant-test + def __await__(self): + if False: + yield self + return GetAuthBackendsResult( + accessors=self.accessors, + id=self.id, + namespace=self.namespace, + paths=self.paths, + type=self.type) + + +def get_auth_backends(namespace: Optional[str] = None, + type: Optional[str] = None, + opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetAuthBackendsResult: + """ + Use this data source to access information about an existing resource. + + :param str namespace: The namespace of the target resource. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. + :param str type: The name of the auth method type. Allows filtering of backends returned by type. + """ + __args__ = dict() + __args__['namespace'] = namespace + __args__['type'] = type + opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + __ret__ = pulumi.runtime.invoke('vault:index/getAuthBackends:getAuthBackends', __args__, opts=opts, typ=GetAuthBackendsResult).value + + return AwaitableGetAuthBackendsResult( + accessors=pulumi.get(__ret__, 'accessors'), + id=pulumi.get(__ret__, 'id'), + namespace=pulumi.get(__ret__, 'namespace'), + paths=pulumi.get(__ret__, 'paths'), + type=pulumi.get(__ret__, 'type')) + + +@_utilities.lift_output_func(get_auth_backends) +def get_auth_backends_output(namespace: Optional[pulumi.Input[Optional[str]]] = None, + type: Optional[pulumi.Input[Optional[str]]] = None, + opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetAuthBackendsResult]: + """ + Use this data source to access information about an existing resource. + + :param str namespace: The namespace of the target resource. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. + :param str type: The name of the auth method type. Allows filtering of backends returned by type. + """ + ... diff --git a/sdk/python/pulumi_vault/get_nomad_access_token.py b/sdk/python/pulumi_vault/get_nomad_access_token.py index 8c0607fee..9ea3609c9 100644 --- a/sdk/python/pulumi_vault/get_nomad_access_token.py +++ b/sdk/python/pulumi_vault/get_nomad_access_token.py @@ -141,12 +141,12 @@ def get_nomad_access_token(backend: Optional[str] = None, __ret__ = pulumi.runtime.invoke('vault:index/getNomadAccessToken:getNomadAccessToken', __args__, opts=opts, typ=GetNomadAccessTokenResult).value return AwaitableGetNomadAccessTokenResult( - accessor_id=__ret__.accessor_id, - backend=__ret__.backend, - id=__ret__.id, - namespace=__ret__.namespace, - role=__ret__.role, - secret_id=__ret__.secret_id) + accessor_id=pulumi.get(__ret__, 'accessor_id'), + backend=pulumi.get(__ret__, 'backend'), + id=pulumi.get(__ret__, 'id'), + namespace=pulumi.get(__ret__, 'namespace'), + role=pulumi.get(__ret__, 'role'), + secret_id=pulumi.get(__ret__, 'secret_id')) @_utilities.lift_output_func(get_nomad_access_token) diff --git a/sdk/python/pulumi_vault/get_policy_document.py b/sdk/python/pulumi_vault/get_policy_document.py index cdef5cd9b..d94021420 100644 --- a/sdk/python/pulumi_vault/get_policy_document.py +++ b/sdk/python/pulumi_vault/get_policy_document.py @@ -109,10 +109,10 @@ def get_policy_document(namespace: Optional[str] = None, __ret__ = pulumi.runtime.invoke('vault:index/getPolicyDocument:getPolicyDocument', __args__, opts=opts, typ=GetPolicyDocumentResult).value return AwaitableGetPolicyDocumentResult( - hcl=__ret__.hcl, - id=__ret__.id, - namespace=__ret__.namespace, - rules=__ret__.rules) + hcl=pulumi.get(__ret__, 'hcl'), + id=pulumi.get(__ret__, 'id'), + namespace=pulumi.get(__ret__, 'namespace'), + rules=pulumi.get(__ret__, 'rules')) @_utilities.lift_output_func(get_policy_document) diff --git a/sdk/python/pulumi_vault/get_raft_autopilot_state.py b/sdk/python/pulumi_vault/get_raft_autopilot_state.py new file mode 100644 index 000000000..21345ad68 --- /dev/null +++ b/sdk/python/pulumi_vault/get_raft_autopilot_state.py @@ -0,0 +1,260 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +from . import _utilities + +__all__ = [ + 'GetRaftAutopilotStateResult', + 'AwaitableGetRaftAutopilotStateResult', + 'get_raft_autopilot_state', + 'get_raft_autopilot_state_output', +] + +@pulumi.output_type +class GetRaftAutopilotStateResult: + """ + A collection of values returned by getRaftAutopilotState. + """ + def __init__(__self__, failure_tolerance=None, healthy=None, id=None, leader=None, namespace=None, optimistic_failure_tolerance=None, redundancy_zones=None, redundancy_zones_json=None, servers=None, servers_json=None, upgrade_info=None, upgrade_info_json=None, voters=None): + if failure_tolerance and not isinstance(failure_tolerance, int): + raise TypeError("Expected argument 'failure_tolerance' to be a int") + pulumi.set(__self__, "failure_tolerance", failure_tolerance) + if healthy and not isinstance(healthy, bool): + raise TypeError("Expected argument 'healthy' to be a bool") + pulumi.set(__self__, "healthy", healthy) + if id and not isinstance(id, str): + raise TypeError("Expected argument 'id' to be a str") + pulumi.set(__self__, "id", id) + if leader and not isinstance(leader, str): + raise TypeError("Expected argument 'leader' to be a str") + pulumi.set(__self__, "leader", leader) + if namespace and not isinstance(namespace, str): + raise TypeError("Expected argument 'namespace' to be a str") + pulumi.set(__self__, "namespace", namespace) + if optimistic_failure_tolerance and not isinstance(optimistic_failure_tolerance, int): + raise TypeError("Expected argument 'optimistic_failure_tolerance' to be a int") + pulumi.set(__self__, "optimistic_failure_tolerance", optimistic_failure_tolerance) + if redundancy_zones and not isinstance(redundancy_zones, dict): + raise TypeError("Expected argument 'redundancy_zones' to be a dict") + pulumi.set(__self__, "redundancy_zones", redundancy_zones) + if redundancy_zones_json and not isinstance(redundancy_zones_json, str): + raise TypeError("Expected argument 'redundancy_zones_json' to be a str") + pulumi.set(__self__, "redundancy_zones_json", redundancy_zones_json) + if servers and not isinstance(servers, dict): + raise TypeError("Expected argument 'servers' to be a dict") + pulumi.set(__self__, "servers", servers) + if servers_json and not isinstance(servers_json, str): + raise TypeError("Expected argument 'servers_json' to be a str") + pulumi.set(__self__, "servers_json", servers_json) + if upgrade_info and not isinstance(upgrade_info, dict): + raise TypeError("Expected argument 'upgrade_info' to be a dict") + pulumi.set(__self__, "upgrade_info", upgrade_info) + if upgrade_info_json and not isinstance(upgrade_info_json, str): + raise TypeError("Expected argument 'upgrade_info_json' to be a str") + pulumi.set(__self__, "upgrade_info_json", upgrade_info_json) + if voters and not isinstance(voters, list): + raise TypeError("Expected argument 'voters' to be a list") + pulumi.set(__self__, "voters", voters) + + @property + @pulumi.getter(name="failureTolerance") + def failure_tolerance(self) -> int: + """ + How many nodes could fail before the cluster becomes unhealthy. + """ + return pulumi.get(self, "failure_tolerance") + + @property + @pulumi.getter + def healthy(self) -> bool: + """ + Cluster health status. + """ + return pulumi.get(self, "healthy") + + @property + @pulumi.getter + def id(self) -> str: + """ + The provider-assigned unique ID for this managed resource. + """ + return pulumi.get(self, "id") + + @property + @pulumi.getter + def leader(self) -> str: + """ + The current leader of Vault. + """ + return pulumi.get(self, "leader") + + @property + @pulumi.getter + def namespace(self) -> Optional[str]: + return pulumi.get(self, "namespace") + + @property + @pulumi.getter(name="optimisticFailureTolerance") + def optimistic_failure_tolerance(self) -> int: + """ + The cluster-level optimistic failure tolerance. + """ + return pulumi.get(self, "optimistic_failure_tolerance") + + @property + @pulumi.getter(name="redundancyZones") + def redundancy_zones(self) -> Mapping[str, Any]: + """ + Additional output related to redundancy zones stored as a serialized map of strings. + """ + return pulumi.get(self, "redundancy_zones") + + @property + @pulumi.getter(name="redundancyZonesJson") + def redundancy_zones_json(self) -> str: + """ + Additional output related to redundancy zones. + """ + return pulumi.get(self, "redundancy_zones_json") + + @property + @pulumi.getter + def servers(self) -> Mapping[str, Any]: + """ + Additionaly output related to servers in the cluster stored as a serialized map of strings. + """ + return pulumi.get(self, "servers") + + @property + @pulumi.getter(name="serversJson") + def servers_json(self) -> str: + """ + Additionaly output related to servers in the cluster. + """ + return pulumi.get(self, "servers_json") + + @property + @pulumi.getter(name="upgradeInfo") + def upgrade_info(self) -> Mapping[str, Any]: + """ + Additional output related to upgrade information stored as a serialized map of strings. + """ + return pulumi.get(self, "upgrade_info") + + @property + @pulumi.getter(name="upgradeInfoJson") + def upgrade_info_json(self) -> str: + """ + Additional output related to upgrade information. + """ + return pulumi.get(self, "upgrade_info_json") + + @property + @pulumi.getter + def voters(self) -> Sequence[str]: + """ + The voters in the Vault cluster. + """ + return pulumi.get(self, "voters") + + +class AwaitableGetRaftAutopilotStateResult(GetRaftAutopilotStateResult): + # pylint: disable=using-constant-test + def __await__(self): + if False: + yield self + return GetRaftAutopilotStateResult( + failure_tolerance=self.failure_tolerance, + healthy=self.healthy, + id=self.id, + leader=self.leader, + namespace=self.namespace, + optimistic_failure_tolerance=self.optimistic_failure_tolerance, + redundancy_zones=self.redundancy_zones, + redundancy_zones_json=self.redundancy_zones_json, + servers=self.servers, + servers_json=self.servers_json, + upgrade_info=self.upgrade_info, + upgrade_info_json=self.upgrade_info_json, + voters=self.voters) + + +def get_raft_autopilot_state(namespace: Optional[str] = None, + opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetRaftAutopilotStateResult: + """ + Displays the state of the raft cluster under integrated storage as seen by + autopilot. It shows whether autopilot thinks the cluster is healthy or not, and + how many nodes could fail before the cluster becomes unhealthy ("Failure + Tolerance"). For more information, please refer to the + [Vault documentation](https://developer.hashicorp.com/vault/api-docs/system/storage/raftautopilot#get-cluster-state). + + ## Example Usage + + ```python + import pulumi + import pulumi_vault as vault + + main = vault.get_raft_autopilot_state() + pulumi.export("failure-tolerance", main.failure_tolerance) + ``` + + + :param str namespace: The namespace of the target resource. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. + """ + __args__ = dict() + __args__['namespace'] = namespace + opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + __ret__ = pulumi.runtime.invoke('vault:index/getRaftAutopilotState:getRaftAutopilotState', __args__, opts=opts, typ=GetRaftAutopilotStateResult).value + + return AwaitableGetRaftAutopilotStateResult( + failure_tolerance=pulumi.get(__ret__, 'failure_tolerance'), + healthy=pulumi.get(__ret__, 'healthy'), + id=pulumi.get(__ret__, 'id'), + leader=pulumi.get(__ret__, 'leader'), + namespace=pulumi.get(__ret__, 'namespace'), + optimistic_failure_tolerance=pulumi.get(__ret__, 'optimistic_failure_tolerance'), + redundancy_zones=pulumi.get(__ret__, 'redundancy_zones'), + redundancy_zones_json=pulumi.get(__ret__, 'redundancy_zones_json'), + servers=pulumi.get(__ret__, 'servers'), + servers_json=pulumi.get(__ret__, 'servers_json'), + upgrade_info=pulumi.get(__ret__, 'upgrade_info'), + upgrade_info_json=pulumi.get(__ret__, 'upgrade_info_json'), + voters=pulumi.get(__ret__, 'voters')) + + +@_utilities.lift_output_func(get_raft_autopilot_state) +def get_raft_autopilot_state_output(namespace: Optional[pulumi.Input[Optional[str]]] = None, + opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetRaftAutopilotStateResult]: + """ + Displays the state of the raft cluster under integrated storage as seen by + autopilot. It shows whether autopilot thinks the cluster is healthy or not, and + how many nodes could fail before the cluster becomes unhealthy ("Failure + Tolerance"). For more information, please refer to the + [Vault documentation](https://developer.hashicorp.com/vault/api-docs/system/storage/raftautopilot#get-cluster-state). + + ## Example Usage + + ```python + import pulumi + import pulumi_vault as vault + + main = vault.get_raft_autopilot_state() + pulumi.export("failure-tolerance", main.failure_tolerance) + ``` + + + :param str namespace: The namespace of the target resource. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. + """ + ... diff --git a/sdk/python/pulumi_vault/github/auth_backend.py b/sdk/python/pulumi_vault/github/auth_backend.py index da5ea6239..7e3f23559 100644 --- a/sdk/python/pulumi_vault/github/auth_backend.py +++ b/sdk/python/pulumi_vault/github/auth_backend.py @@ -74,6 +74,8 @@ def __init__(__self__, *, :param pulumi.Input[str] token_type: Specifies the type of tokens that should be returned by the mount. Valid values are "default-service", "default-batch", "service", "batch". :param pulumi.Input['AuthBackendTuneArgs'] tune: Extra configuration block. Structure is documented below. + + The `tune` block is used to tune the auth backend: """ pulumi.set(__self__, "organization", organization) if base_url is not None: @@ -328,6 +330,8 @@ def token_type(self, value: Optional[pulumi.Input[str]]): def tune(self) -> Optional[pulumi.Input['AuthBackendTuneArgs']]: """ Extra configuration block. Structure is documented below. + + The `tune` block is used to tune the auth backend: """ return pulumi.get(self, "tune") @@ -399,6 +403,8 @@ def __init__(__self__, *, :param pulumi.Input[str] token_type: Specifies the type of tokens that should be returned by the mount. Valid values are "default-service", "default-batch", "service", "batch". :param pulumi.Input['AuthBackendTuneArgs'] tune: Extra configuration block. Structure is documented below. + + The `tune` block is used to tune the auth backend: """ if accessor is not None: pulumi.set(__self__, "accessor", accessor) @@ -668,6 +674,8 @@ def token_type(self, value: Optional[pulumi.Input[str]]): def tune(self) -> Optional[pulumi.Input['AuthBackendTuneArgs']]: """ Extra configuration block. Structure is documented below. + + The `tune` block is used to tune the auth backend: """ return pulumi.get(self, "tune") @@ -762,6 +770,8 @@ def __init__(__self__, :param pulumi.Input[str] token_type: Specifies the type of tokens that should be returned by the mount. Valid values are "default-service", "default-batch", "service", "batch". :param pulumi.Input[pulumi.InputType['AuthBackendTuneArgs']] tune: Extra configuration block. Structure is documented below. + + The `tune` block is used to tune the auth backend: """ ... @overload @@ -927,6 +937,8 @@ def get(resource_name: str, :param pulumi.Input[str] token_type: Specifies the type of tokens that should be returned by the mount. Valid values are "default-service", "default-batch", "service", "batch". :param pulumi.Input[pulumi.InputType['AuthBackendTuneArgs']] tune: Extra configuration block. Structure is documented below. + + The `tune` block is used to tune the auth backend: """ opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) @@ -1115,6 +1127,8 @@ def token_type(self) -> pulumi.Output[Optional[str]]: def tune(self) -> pulumi.Output['outputs.AuthBackendTune']: """ Extra configuration block. Structure is documented below. + + The `tune` block is used to tune the auth backend: """ return pulumi.get(self, "tune") diff --git a/sdk/python/pulumi_vault/identity/entity_policies.py b/sdk/python/pulumi_vault/identity/entity_policies.py index 3e3915516..d53a7346d 100644 --- a/sdk/python/pulumi_vault/identity/entity_policies.py +++ b/sdk/python/pulumi_vault/identity/entity_policies.py @@ -23,6 +23,10 @@ def __init__(__self__, *, :param pulumi.Input[str] entity_id: Entity ID to assign policies to. :param pulumi.Input[Sequence[pulumi.Input[str]]] policies: List of policies to assign to the entity :param pulumi.Input[bool] exclusive: Defaults to `true`. + + If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource. + + If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). @@ -64,6 +68,10 @@ def policies(self, value: pulumi.Input[Sequence[pulumi.Input[str]]]): def exclusive(self) -> Optional[pulumi.Input[bool]]: """ Defaults to `true`. + + If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource. + + If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. """ return pulumi.get(self, "exclusive") @@ -100,6 +108,10 @@ def __init__(__self__, *, :param pulumi.Input[str] entity_id: Entity ID to assign policies to. :param pulumi.Input[str] entity_name: The name of the entity that are assigned the policies. :param pulumi.Input[bool] exclusive: Defaults to `true`. + + If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource. + + If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). @@ -146,6 +158,10 @@ def entity_name(self, value: Optional[pulumi.Input[str]]): def exclusive(self) -> Optional[pulumi.Input[bool]]: """ Defaults to `true`. + + If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource. + + If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. """ return pulumi.get(self, "exclusive") @@ -234,6 +250,10 @@ def __init__(__self__, :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] entity_id: Entity ID to assign policies to. :param pulumi.Input[bool] exclusive: Defaults to `true`. + + If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource. + + If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). @@ -347,6 +367,10 @@ def get(resource_name: str, :param pulumi.Input[str] entity_id: Entity ID to assign policies to. :param pulumi.Input[str] entity_name: The name of the entity that are assigned the policies. :param pulumi.Input[bool] exclusive: Defaults to `true`. + + If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource. + + If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). @@ -385,6 +409,10 @@ def entity_name(self) -> pulumi.Output[str]: def exclusive(self) -> pulumi.Output[Optional[bool]]: """ Defaults to `true`. + + If `true`, this resource will take exclusive control of the policies assigned to the entity and will set it equal to what is specified in the resource. + + If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the entity. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. """ return pulumi.get(self, "exclusive") diff --git a/sdk/python/pulumi_vault/identity/get_entity.py b/sdk/python/pulumi_vault/identity/get_entity.py index c7e1d9d45..bc072b45f 100644 --- a/sdk/python/pulumi_vault/identity/get_entity.py +++ b/sdk/python/pulumi_vault/identity/get_entity.py @@ -268,6 +268,9 @@ def get_entity(alias_id: Optional[str] = None, :param str alias_id: ID of the alias. :param str alias_mount_accessor: Accessor of the mount to which the alias belongs to. This should be supplied in conjunction with `alias_name`. + + The lookup criteria can be `entity_name`, `entity_id`, `alias_id`, or a combination of + `alias_name` and `alias_mount_accessor`. :param str alias_name: Name of the alias. This should be supplied in conjunction with `alias_mount_accessor`. :param str entity_id: ID of the entity. @@ -288,25 +291,25 @@ def get_entity(alias_id: Optional[str] = None, __ret__ = pulumi.runtime.invoke('vault:identity/getEntity:getEntity', __args__, opts=opts, typ=GetEntityResult).value return AwaitableGetEntityResult( - alias_id=__ret__.alias_id, - alias_mount_accessor=__ret__.alias_mount_accessor, - alias_name=__ret__.alias_name, - aliases=__ret__.aliases, - creation_time=__ret__.creation_time, - data_json=__ret__.data_json, - direct_group_ids=__ret__.direct_group_ids, - disabled=__ret__.disabled, - entity_id=__ret__.entity_id, - entity_name=__ret__.entity_name, - group_ids=__ret__.group_ids, - id=__ret__.id, - inherited_group_ids=__ret__.inherited_group_ids, - last_update_time=__ret__.last_update_time, - merged_entity_ids=__ret__.merged_entity_ids, - metadata=__ret__.metadata, - namespace=__ret__.namespace, - namespace_id=__ret__.namespace_id, - policies=__ret__.policies) + alias_id=pulumi.get(__ret__, 'alias_id'), + alias_mount_accessor=pulumi.get(__ret__, 'alias_mount_accessor'), + alias_name=pulumi.get(__ret__, 'alias_name'), + aliases=pulumi.get(__ret__, 'aliases'), + creation_time=pulumi.get(__ret__, 'creation_time'), + data_json=pulumi.get(__ret__, 'data_json'), + direct_group_ids=pulumi.get(__ret__, 'direct_group_ids'), + disabled=pulumi.get(__ret__, 'disabled'), + entity_id=pulumi.get(__ret__, 'entity_id'), + entity_name=pulumi.get(__ret__, 'entity_name'), + group_ids=pulumi.get(__ret__, 'group_ids'), + id=pulumi.get(__ret__, 'id'), + inherited_group_ids=pulumi.get(__ret__, 'inherited_group_ids'), + last_update_time=pulumi.get(__ret__, 'last_update_time'), + merged_entity_ids=pulumi.get(__ret__, 'merged_entity_ids'), + metadata=pulumi.get(__ret__, 'metadata'), + namespace=pulumi.get(__ret__, 'namespace'), + namespace_id=pulumi.get(__ret__, 'namespace_id'), + policies=pulumi.get(__ret__, 'policies')) @_utilities.lift_output_func(get_entity) @@ -334,6 +337,9 @@ def get_entity_output(alias_id: Optional[pulumi.Input[Optional[str]]] = None, :param str alias_id: ID of the alias. :param str alias_mount_accessor: Accessor of the mount to which the alias belongs to. This should be supplied in conjunction with `alias_name`. + + The lookup criteria can be `entity_name`, `entity_id`, `alias_id`, or a combination of + `alias_name` and `alias_mount_accessor`. :param str alias_name: Name of the alias. This should be supplied in conjunction with `alias_mount_accessor`. :param str entity_id: ID of the entity. diff --git a/sdk/python/pulumi_vault/identity/get_group.py b/sdk/python/pulumi_vault/identity/get_group.py index 0fbdde4a4..bfc02dc0b 100644 --- a/sdk/python/pulumi_vault/identity/get_group.py +++ b/sdk/python/pulumi_vault/identity/get_group.py @@ -339,6 +339,9 @@ def get_group(alias_id: Optional[str] = None, :param str alias_id: ID of the alias. :param str alias_mount_accessor: Accessor of the mount to which the alias belongs to. This should be supplied in conjunction with `alias_name`. + + The lookup criteria can be `group_name`, `group_id`, `alias_id`, or a combination of + `alias_name` and `alias_mount_accessor`. :param str alias_name: Name of the alias. This should be supplied in conjunction with `alias_mount_accessor`. :param str group_id: ID of the group. @@ -359,31 +362,31 @@ def get_group(alias_id: Optional[str] = None, __ret__ = pulumi.runtime.invoke('vault:identity/getGroup:getGroup', __args__, opts=opts, typ=GetGroupResult).value return AwaitableGetGroupResult( - alias_canonical_id=__ret__.alias_canonical_id, - alias_creation_time=__ret__.alias_creation_time, - alias_id=__ret__.alias_id, - alias_last_update_time=__ret__.alias_last_update_time, - alias_merged_from_canonical_ids=__ret__.alias_merged_from_canonical_ids, - alias_metadata=__ret__.alias_metadata, - alias_mount_accessor=__ret__.alias_mount_accessor, - alias_mount_path=__ret__.alias_mount_path, - alias_mount_type=__ret__.alias_mount_type, - alias_name=__ret__.alias_name, - creation_time=__ret__.creation_time, - data_json=__ret__.data_json, - group_id=__ret__.group_id, - group_name=__ret__.group_name, - id=__ret__.id, - last_update_time=__ret__.last_update_time, - member_entity_ids=__ret__.member_entity_ids, - member_group_ids=__ret__.member_group_ids, - metadata=__ret__.metadata, - modify_index=__ret__.modify_index, - namespace=__ret__.namespace, - namespace_id=__ret__.namespace_id, - parent_group_ids=__ret__.parent_group_ids, - policies=__ret__.policies, - type=__ret__.type) + alias_canonical_id=pulumi.get(__ret__, 'alias_canonical_id'), + alias_creation_time=pulumi.get(__ret__, 'alias_creation_time'), + alias_id=pulumi.get(__ret__, 'alias_id'), + alias_last_update_time=pulumi.get(__ret__, 'alias_last_update_time'), + alias_merged_from_canonical_ids=pulumi.get(__ret__, 'alias_merged_from_canonical_ids'), + alias_metadata=pulumi.get(__ret__, 'alias_metadata'), + alias_mount_accessor=pulumi.get(__ret__, 'alias_mount_accessor'), + alias_mount_path=pulumi.get(__ret__, 'alias_mount_path'), + alias_mount_type=pulumi.get(__ret__, 'alias_mount_type'), + alias_name=pulumi.get(__ret__, 'alias_name'), + creation_time=pulumi.get(__ret__, 'creation_time'), + data_json=pulumi.get(__ret__, 'data_json'), + group_id=pulumi.get(__ret__, 'group_id'), + group_name=pulumi.get(__ret__, 'group_name'), + id=pulumi.get(__ret__, 'id'), + last_update_time=pulumi.get(__ret__, 'last_update_time'), + member_entity_ids=pulumi.get(__ret__, 'member_entity_ids'), + member_group_ids=pulumi.get(__ret__, 'member_group_ids'), + metadata=pulumi.get(__ret__, 'metadata'), + modify_index=pulumi.get(__ret__, 'modify_index'), + namespace=pulumi.get(__ret__, 'namespace'), + namespace_id=pulumi.get(__ret__, 'namespace_id'), + parent_group_ids=pulumi.get(__ret__, 'parent_group_ids'), + policies=pulumi.get(__ret__, 'policies'), + type=pulumi.get(__ret__, 'type')) @_utilities.lift_output_func(get_group) @@ -411,6 +414,9 @@ def get_group_output(alias_id: Optional[pulumi.Input[Optional[str]]] = None, :param str alias_id: ID of the alias. :param str alias_mount_accessor: Accessor of the mount to which the alias belongs to. This should be supplied in conjunction with `alias_name`. + + The lookup criteria can be `group_name`, `group_id`, `alias_id`, or a combination of + `alias_name` and `alias_mount_accessor`. :param str alias_name: Name of the alias. This should be supplied in conjunction with `alias_mount_accessor`. :param str group_id: ID of the group. diff --git a/sdk/python/pulumi_vault/identity/get_oidc_client_creds.py b/sdk/python/pulumi_vault/identity/get_oidc_client_creds.py index 892a96c51..c6e651f9b 100644 --- a/sdk/python/pulumi_vault/identity/get_oidc_client_creds.py +++ b/sdk/python/pulumi_vault/identity/get_oidc_client_creds.py @@ -51,6 +51,7 @@ def client_id(self) -> str: def client_secret(self) -> str: """ The Client Secret Key returned by Vault. + For public OpenID Clients `client_secret` is set to an empty string `""` """ return pulumi.get(self, "client_secret") @@ -121,11 +122,11 @@ def get_oidc_client_creds(name: Optional[str] = None, __ret__ = pulumi.runtime.invoke('vault:identity/getOidcClientCreds:getOidcClientCreds', __args__, opts=opts, typ=GetOidcClientCredsResult).value return AwaitableGetOidcClientCredsResult( - client_id=__ret__.client_id, - client_secret=__ret__.client_secret, - id=__ret__.id, - name=__ret__.name, - namespace=__ret__.namespace) + client_id=pulumi.get(__ret__, 'client_id'), + client_secret=pulumi.get(__ret__, 'client_secret'), + id=pulumi.get(__ret__, 'id'), + name=pulumi.get(__ret__, 'name'), + namespace=pulumi.get(__ret__, 'namespace')) @_utilities.lift_output_func(get_oidc_client_creds) diff --git a/sdk/python/pulumi_vault/identity/get_oidc_openid_config.py b/sdk/python/pulumi_vault/identity/get_oidc_openid_config.py index 219cc71cd..75e2a03f2 100644 --- a/sdk/python/pulumi_vault/identity/get_oidc_openid_config.py +++ b/sdk/python/pulumi_vault/identity/get_oidc_openid_config.py @@ -249,21 +249,21 @@ def get_oidc_openid_config(name: Optional[str] = None, __ret__ = pulumi.runtime.invoke('vault:identity/getOidcOpenidConfig:getOidcOpenidConfig', __args__, opts=opts, typ=GetOidcOpenidConfigResult).value return AwaitableGetOidcOpenidConfigResult( - authorization_endpoint=__ret__.authorization_endpoint, - grant_types_supporteds=__ret__.grant_types_supporteds, - id=__ret__.id, - id_token_signing_alg_values_supporteds=__ret__.id_token_signing_alg_values_supporteds, - issuer=__ret__.issuer, - jwks_uri=__ret__.jwks_uri, - name=__ret__.name, - namespace=__ret__.namespace, - request_uri_parameter_supported=__ret__.request_uri_parameter_supported, - response_types_supporteds=__ret__.response_types_supporteds, - scopes_supporteds=__ret__.scopes_supporteds, - subject_types_supporteds=__ret__.subject_types_supporteds, - token_endpoint=__ret__.token_endpoint, - token_endpoint_auth_methods_supporteds=__ret__.token_endpoint_auth_methods_supporteds, - userinfo_endpoint=__ret__.userinfo_endpoint) + authorization_endpoint=pulumi.get(__ret__, 'authorization_endpoint'), + grant_types_supporteds=pulumi.get(__ret__, 'grant_types_supporteds'), + id=pulumi.get(__ret__, 'id'), + id_token_signing_alg_values_supporteds=pulumi.get(__ret__, 'id_token_signing_alg_values_supporteds'), + issuer=pulumi.get(__ret__, 'issuer'), + jwks_uri=pulumi.get(__ret__, 'jwks_uri'), + name=pulumi.get(__ret__, 'name'), + namespace=pulumi.get(__ret__, 'namespace'), + request_uri_parameter_supported=pulumi.get(__ret__, 'request_uri_parameter_supported'), + response_types_supporteds=pulumi.get(__ret__, 'response_types_supporteds'), + scopes_supporteds=pulumi.get(__ret__, 'scopes_supporteds'), + subject_types_supporteds=pulumi.get(__ret__, 'subject_types_supporteds'), + token_endpoint=pulumi.get(__ret__, 'token_endpoint'), + token_endpoint_auth_methods_supporteds=pulumi.get(__ret__, 'token_endpoint_auth_methods_supporteds'), + userinfo_endpoint=pulumi.get(__ret__, 'userinfo_endpoint')) @_utilities.lift_output_func(get_oidc_openid_config) diff --git a/sdk/python/pulumi_vault/identity/get_oidc_public_keys.py b/sdk/python/pulumi_vault/identity/get_oidc_public_keys.py index a3a0293a1..56f398c5d 100644 --- a/sdk/python/pulumi_vault/identity/get_oidc_public_keys.py +++ b/sdk/python/pulumi_vault/identity/get_oidc_public_keys.py @@ -116,10 +116,10 @@ def get_oidc_public_keys(name: Optional[str] = None, __ret__ = pulumi.runtime.invoke('vault:identity/getOidcPublicKeys:getOidcPublicKeys', __args__, opts=opts, typ=GetOidcPublicKeysResult).value return AwaitableGetOidcPublicKeysResult( - id=__ret__.id, - keys=__ret__.keys, - name=__ret__.name, - namespace=__ret__.namespace) + id=pulumi.get(__ret__, 'id'), + keys=pulumi.get(__ret__, 'keys'), + name=pulumi.get(__ret__, 'name'), + namespace=pulumi.get(__ret__, 'namespace')) @_utilities.lift_output_func(get_oidc_public_keys) diff --git a/sdk/python/pulumi_vault/identity/group_member_entity_ids.py b/sdk/python/pulumi_vault/identity/group_member_entity_ids.py index e17eb7076..6292cef79 100644 --- a/sdk/python/pulumi_vault/identity/group_member_entity_ids.py +++ b/sdk/python/pulumi_vault/identity/group_member_entity_ids.py @@ -22,6 +22,10 @@ def __init__(__self__, *, The set of arguments for constructing a GroupMemberEntityIds resource. :param pulumi.Input[str] group_id: Group ID to assign member entities to. :param pulumi.Input[bool] exclusive: Defaults to `true`. + + If `true`, this resource will take exclusive control of the member entities that belong to the group and will set it equal to what is specified in the resource. + + If set to `false`, this resource will simply ensure that the member entities specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member entities specified in the resource are removed. :param pulumi.Input[Sequence[pulumi.Input[str]]] member_entity_ids: List of member entities that belong to the group :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. @@ -53,6 +57,10 @@ def group_id(self, value: pulumi.Input[str]): def exclusive(self) -> Optional[pulumi.Input[bool]]: """ Defaults to `true`. + + If `true`, this resource will take exclusive control of the member entities that belong to the group and will set it equal to what is specified in the resource. + + If set to `false`, this resource will simply ensure that the member entities specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member entities specified in the resource are removed. """ return pulumi.get(self, "exclusive") @@ -99,6 +107,10 @@ def __init__(__self__, *, """ Input properties used for looking up and filtering GroupMemberEntityIds resources. :param pulumi.Input[bool] exclusive: Defaults to `true`. + + If `true`, this resource will take exclusive control of the member entities that belong to the group and will set it equal to what is specified in the resource. + + If set to `false`, this resource will simply ensure that the member entities specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member entities specified in the resource are removed. :param pulumi.Input[str] group_id: Group ID to assign member entities to. :param pulumi.Input[str] group_name: The name of the group that are assigned the member entities. *Deprecated: The value for group_name may not always be accurate* @@ -130,6 +142,10 @@ def __init__(__self__, *, def exclusive(self) -> Optional[pulumi.Input[bool]]: """ Defaults to `true`. + + If `true`, this resource will take exclusive control of the member entities that belong to the group and will set it equal to what is specified in the resource. + + If set to `false`, this resource will simply ensure that the member entities specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member entities specified in the resource are removed. """ return pulumi.get(self, "exclusive") @@ -157,6 +173,11 @@ def group_name(self) -> Optional[pulumi.Input[str]]: *Deprecated: The value for group_name may not always be accurate* *use* `data.vault_identity_group.*.group_name`, *or* `vault_identity_group.*.group_name` *instead.* """ + warnings.warn("""The value for group_name may not always be accurate, +use \"data.vault_identity_group.*.group_name\", \"vault_identity_group.*.group_name\" instead""", DeprecationWarning) + pulumi.log.warn("""group_name is deprecated: The value for group_name may not always be accurate, +use \"data.vault_identity_group.*.group_name\", \"vault_identity_group.*.group_name\" instead""") + return pulumi.get(self, "group_name") @group_name.setter @@ -254,6 +275,10 @@ def __init__(__self__, :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[bool] exclusive: Defaults to `true`. + + If `true`, this resource will take exclusive control of the member entities that belong to the group and will set it equal to what is specified in the resource. + + If set to `false`, this resource will simply ensure that the member entities specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member entities specified in the resource are removed. :param pulumi.Input[str] group_id: Group ID to assign member entities to. :param pulumi.Input[Sequence[pulumi.Input[str]]] member_entity_ids: List of member entities that belong to the group :param pulumi.Input[str] namespace: The namespace to provision the resource in. @@ -375,6 +400,10 @@ def get(resource_name: str, :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[bool] exclusive: Defaults to `true`. + + If `true`, this resource will take exclusive control of the member entities that belong to the group and will set it equal to what is specified in the resource. + + If set to `false`, this resource will simply ensure that the member entities specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member entities specified in the resource are removed. :param pulumi.Input[str] group_id: Group ID to assign member entities to. :param pulumi.Input[str] group_name: The name of the group that are assigned the member entities. *Deprecated: The value for group_name may not always be accurate* @@ -401,6 +430,10 @@ def get(resource_name: str, def exclusive(self) -> pulumi.Output[Optional[bool]]: """ Defaults to `true`. + + If `true`, this resource will take exclusive control of the member entities that belong to the group and will set it equal to what is specified in the resource. + + If set to `false`, this resource will simply ensure that the member entities specified in the resource are present in the group. When destroying the resource, the resource will ensure that the member entities specified in the resource are removed. """ return pulumi.get(self, "exclusive") @@ -420,6 +453,11 @@ def group_name(self) -> pulumi.Output[str]: *Deprecated: The value for group_name may not always be accurate* *use* `data.vault_identity_group.*.group_name`, *or* `vault_identity_group.*.group_name` *instead.* """ + warnings.warn("""The value for group_name may not always be accurate, +use \"data.vault_identity_group.*.group_name\", \"vault_identity_group.*.group_name\" instead""", DeprecationWarning) + pulumi.log.warn("""group_name is deprecated: The value for group_name may not always be accurate, +use \"data.vault_identity_group.*.group_name\", \"vault_identity_group.*.group_name\" instead""") + return pulumi.get(self, "group_name") @property diff --git a/sdk/python/pulumi_vault/identity/group_member_group_ids.py b/sdk/python/pulumi_vault/identity/group_member_group_ids.py index 0d7090cf7..9e9f702db 100644 --- a/sdk/python/pulumi_vault/identity/group_member_group_ids.py +++ b/sdk/python/pulumi_vault/identity/group_member_group_ids.py @@ -22,6 +22,13 @@ def __init__(__self__, *, The set of arguments for constructing a GroupMemberGroupIds resource. :param pulumi.Input[str] group_id: Group ID to assign member entities to. :param pulumi.Input[bool] exclusive: Defaults to `true`. + + If `true`, this resource will take exclusive control of the member groups that belong to the group and will set + it equal to what is specified in the resource. + + If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource + are removed. :param pulumi.Input[Sequence[pulumi.Input[str]]] member_group_ids: List of member groups that belong to the group :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. @@ -53,6 +60,13 @@ def group_id(self, value: pulumi.Input[str]): def exclusive(self) -> Optional[pulumi.Input[bool]]: """ Defaults to `true`. + + If `true`, this resource will take exclusive control of the member groups that belong to the group and will set + it equal to what is specified in the resource. + + If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource + are removed. """ return pulumi.get(self, "exclusive") @@ -98,6 +112,13 @@ def __init__(__self__, *, """ Input properties used for looking up and filtering GroupMemberGroupIds resources. :param pulumi.Input[bool] exclusive: Defaults to `true`. + + If `true`, this resource will take exclusive control of the member groups that belong to the group and will set + it equal to what is specified in the resource. + + If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource + are removed. :param pulumi.Input[str] group_id: Group ID to assign member entities to. :param pulumi.Input[Sequence[pulumi.Input[str]]] member_group_ids: List of member groups that belong to the group :param pulumi.Input[str] namespace: The namespace to provision the resource in. @@ -119,6 +140,13 @@ def __init__(__self__, *, def exclusive(self) -> Optional[pulumi.Input[bool]]: """ Defaults to `true`. + + If `true`, this resource will take exclusive control of the member groups that belong to the group and will set + it equal to what is specified in the resource. + + If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource + are removed. """ return pulumi.get(self, "exclusive") @@ -226,6 +254,13 @@ def __init__(__self__, :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[bool] exclusive: Defaults to `true`. + + If `true`, this resource will take exclusive control of the member groups that belong to the group and will set + it equal to what is specified in the resource. + + If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource + are removed. :param pulumi.Input[str] group_id: Group ID to assign member entities to. :param pulumi.Input[Sequence[pulumi.Input[str]]] member_group_ids: List of member groups that belong to the group :param pulumi.Input[str] namespace: The namespace to provision the resource in. @@ -342,6 +377,13 @@ def get(resource_name: str, :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[bool] exclusive: Defaults to `true`. + + If `true`, this resource will take exclusive control of the member groups that belong to the group and will set + it equal to what is specified in the resource. + + If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource + are removed. :param pulumi.Input[str] group_id: Group ID to assign member entities to. :param pulumi.Input[Sequence[pulumi.Input[str]]] member_group_ids: List of member groups that belong to the group :param pulumi.Input[str] namespace: The namespace to provision the resource in. @@ -364,6 +406,13 @@ def get(resource_name: str, def exclusive(self) -> pulumi.Output[Optional[bool]]: """ Defaults to `true`. + + If `true`, this resource will take exclusive control of the member groups that belong to the group and will set + it equal to what is specified in the resource. + + If set to `false`, this resource will simply ensure that the member groups specified in the resource are present + in the group. When destroying the resource, the resource will ensure that the member groups specified in the resource + are removed. """ return pulumi.get(self, "exclusive") diff --git a/sdk/python/pulumi_vault/identity/group_policies.py b/sdk/python/pulumi_vault/identity/group_policies.py index 0c2bbfc0a..e14b1d0da 100644 --- a/sdk/python/pulumi_vault/identity/group_policies.py +++ b/sdk/python/pulumi_vault/identity/group_policies.py @@ -23,6 +23,10 @@ def __init__(__self__, *, :param pulumi.Input[str] group_id: Group ID to assign policies to. :param pulumi.Input[Sequence[pulumi.Input[str]]] policies: List of policies to assign to the group :param pulumi.Input[bool] exclusive: Defaults to `true`. + + If `true`, this resource will take exclusive control of the policies assigned to the group and will set it equal to what is specified in the resource. + + If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the group. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). @@ -64,6 +68,10 @@ def policies(self, value: pulumi.Input[Sequence[pulumi.Input[str]]]): def exclusive(self) -> Optional[pulumi.Input[bool]]: """ Defaults to `true`. + + If `true`, this resource will take exclusive control of the policies assigned to the group and will set it equal to what is specified in the resource. + + If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the group. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. """ return pulumi.get(self, "exclusive") @@ -98,6 +106,10 @@ def __init__(__self__, *, """ Input properties used for looking up and filtering GroupPolicies resources. :param pulumi.Input[bool] exclusive: Defaults to `true`. + + If `true`, this resource will take exclusive control of the policies assigned to the group and will set it equal to what is specified in the resource. + + If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the group. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. :param pulumi.Input[str] group_id: Group ID to assign policies to. :param pulumi.Input[str] group_name: The name of the group that are assigned the policies. :param pulumi.Input[str] namespace: The namespace to provision the resource in. @@ -122,6 +134,10 @@ def __init__(__self__, *, def exclusive(self) -> Optional[pulumi.Input[bool]]: """ Defaults to `true`. + + If `true`, this resource will take exclusive control of the policies assigned to the group and will set it equal to what is specified in the resource. + + If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the group. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. """ return pulumi.get(self, "exclusive") @@ -243,6 +259,10 @@ def __init__(__self__, :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[bool] exclusive: Defaults to `true`. + + If `true`, this resource will take exclusive control of the policies assigned to the group and will set it equal to what is specified in the resource. + + If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the group. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. :param pulumi.Input[str] group_id: Group ID to assign policies to. :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. @@ -365,6 +385,10 @@ def get(resource_name: str, :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[bool] exclusive: Defaults to `true`. + + If `true`, this resource will take exclusive control of the policies assigned to the group and will set it equal to what is specified in the resource. + + If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the group. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. :param pulumi.Input[str] group_id: Group ID to assign policies to. :param pulumi.Input[str] group_name: The name of the group that are assigned the policies. :param pulumi.Input[str] namespace: The namespace to provision the resource in. @@ -389,6 +413,10 @@ def get(resource_name: str, def exclusive(self) -> pulumi.Output[Optional[bool]]: """ Defaults to `true`. + + If `true`, this resource will take exclusive control of the policies assigned to the group and will set it equal to what is specified in the resource. + + If set to `false`, this resource will simply ensure that the policies specified in the resource are present in the group. When destroying the resource, the resource will ensure that the policies specified in the resource are removed. """ return pulumi.get(self, "exclusive") diff --git a/sdk/python/pulumi_vault/identity/oidc_key.py b/sdk/python/pulumi_vault/identity/oidc_key.py index 64f4dcada..cef885985 100644 --- a/sdk/python/pulumi_vault/identity/oidc_key.py +++ b/sdk/python/pulumi_vault/identity/oidc_key.py @@ -24,8 +24,8 @@ def __init__(__self__, *, The set of arguments for constructing a OidcKey resource. :param pulumi.Input[str] algorithm: Signing algorithm to use. Signing algorithm to use. Allowed values are: RS256 (default), RS384, RS512, ES256, ES384, ES512, EdDSA. - :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_client_ids: Array of role client ids allowed to use this key for signing. If empty, no roles are allowed. If "*", all roles are - allowed. + :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_client_ids: Array of role client ID allowed to use this key for signing. If + empty, no roles are allowed. If `["*"]`, all roles are allowed. :param pulumi.Input[str] name: Name of the OIDC Key to create. :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. @@ -65,8 +65,8 @@ def algorithm(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="allowedClientIds") def allowed_client_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: """ - Array of role client ids allowed to use this key for signing. If empty, no roles are allowed. If "*", all roles are - allowed. + Array of role client ID allowed to use this key for signing. If + empty, no roles are allowed. If `["*"]`, all roles are allowed. """ return pulumi.get(self, "allowed_client_ids") @@ -140,8 +140,8 @@ def __init__(__self__, *, Input properties used for looking up and filtering OidcKey resources. :param pulumi.Input[str] algorithm: Signing algorithm to use. Signing algorithm to use. Allowed values are: RS256 (default), RS384, RS512, ES256, ES384, ES512, EdDSA. - :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_client_ids: Array of role client ids allowed to use this key for signing. If empty, no roles are allowed. If "*", all roles are - allowed. + :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_client_ids: Array of role client ID allowed to use this key for signing. If + empty, no roles are allowed. If `["*"]`, all roles are allowed. :param pulumi.Input[str] name: Name of the OIDC Key to create. :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. @@ -181,8 +181,8 @@ def algorithm(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="allowedClientIds") def allowed_client_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: """ - Array of role client ids allowed to use this key for signing. If empty, no roles are allowed. If "*", all roles are - allowed. + Array of role client ID allowed to use this key for signing. If + empty, no roles are allowed. If `["*"]`, all roles are allowed. """ return pulumi.get(self, "allowed_client_ids") @@ -271,7 +271,7 @@ def __init__(__self__, ## Import - The key can be imported with the key name, for example + The key can be imported with the key name, for example: ```sh $ pulumi import vault:identity/oidcKey:OidcKey key key @@ -281,8 +281,8 @@ def __init__(__self__, :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] algorithm: Signing algorithm to use. Signing algorithm to use. Allowed values are: RS256 (default), RS384, RS512, ES256, ES384, ES512, EdDSA. - :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_client_ids: Array of role client ids allowed to use this key for signing. If empty, no roles are allowed. If "*", all roles are - allowed. + :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_client_ids: Array of role client ID allowed to use this key for signing. If + empty, no roles are allowed. If `["*"]`, all roles are allowed. :param pulumi.Input[str] name: Name of the OIDC Key to create. :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. @@ -314,7 +314,7 @@ def __init__(__self__, ## Import - The key can be imported with the key name, for example + The key can be imported with the key name, for example: ```sh $ pulumi import vault:identity/oidcKey:OidcKey key key @@ -381,8 +381,8 @@ def get(resource_name: str, :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] algorithm: Signing algorithm to use. Signing algorithm to use. Allowed values are: RS256 (default), RS384, RS512, ES256, ES384, ES512, EdDSA. - :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_client_ids: Array of role client ids allowed to use this key for signing. If empty, no roles are allowed. If "*", all roles are - allowed. + :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_client_ids: Array of role client ID allowed to use this key for signing. If + empty, no roles are allowed. If `["*"]`, all roles are allowed. :param pulumi.Input[str] name: Name of the OIDC Key to create. :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. @@ -417,8 +417,8 @@ def algorithm(self) -> pulumi.Output[Optional[str]]: @pulumi.getter(name="allowedClientIds") def allowed_client_ids(self) -> pulumi.Output[Sequence[str]]: """ - Array of role client ids allowed to use this key for signing. If empty, no roles are allowed. If "*", all roles are - allowed. + Array of role client ID allowed to use this key for signing. If + empty, no roles are allowed. If `["*"]`, all roles are allowed. """ return pulumi.get(self, "allowed_client_ids") diff --git a/sdk/python/pulumi_vault/identity/oidc_role.py b/sdk/python/pulumi_vault/identity/oidc_role.py index 1c6d6edab..95a902cfd 100644 --- a/sdk/python/pulumi_vault/identity/oidc_role.py +++ b/sdk/python/pulumi_vault/identity/oidc_role.py @@ -301,7 +301,7 @@ def __init__(__self__, ## Import - The key can be imported with the role name, for example + The key can be imported with the role name, for example: ```sh $ pulumi import vault:identity/oidcRole:OidcRole role role @@ -369,7 +369,7 @@ def __init__(__self__, ## Import - The key can be imported with the role name, for example + The key can be imported with the role name, for example: ```sh $ pulumi import vault:identity/oidcRole:OidcRole role role diff --git a/sdk/python/pulumi_vault/jwt/auth_backend.py b/sdk/python/pulumi_vault/jwt/auth_backend.py index faa1e006c..4a5f5f047 100644 --- a/sdk/python/pulumi_vault/jwt/auth_backend.py +++ b/sdk/python/pulumi_vault/jwt/auth_backend.py @@ -54,6 +54,10 @@ def __init__(__self__, *, The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). *Available only for Vault Enterprise*. :param pulumi.Input[bool] namespace_in_state: Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs + + * tune - (Optional) Extra configuration block. Structure is documented below. + + The `tune` block is used to tune the auth backend: :param pulumi.Input[str] oidc_client_id: Client ID used for OIDC backends :param pulumi.Input[str] oidc_client_secret: Client Secret used for OIDC backends :param pulumi.Input[str] oidc_discovery_ca_pem: The CA certificate or chain of certificates, in PEM format, to use to validate connections to the OIDC Discovery URL. If not set, system certificates are used @@ -236,6 +240,10 @@ def namespace(self, value: Optional[pulumi.Input[str]]): def namespace_in_state(self) -> Optional[pulumi.Input[bool]]: """ Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs + + * tune - (Optional) Extra configuration block. Structure is documented below. + + The `tune` block is used to tune the auth backend: """ return pulumi.get(self, "namespace_in_state") @@ -404,6 +412,10 @@ def __init__(__self__, *, The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). *Available only for Vault Enterprise*. :param pulumi.Input[bool] namespace_in_state: Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs + + * tune - (Optional) Extra configuration block. Structure is documented below. + + The `tune` block is used to tune the auth backend: :param pulumi.Input[str] oidc_client_id: Client ID used for OIDC backends :param pulumi.Input[str] oidc_client_secret: Client Secret used for OIDC backends :param pulumi.Input[str] oidc_discovery_ca_pem: The CA certificate or chain of certificates, in PEM format, to use to validate connections to the OIDC Discovery URL. If not set, system certificates are used @@ -600,6 +612,10 @@ def namespace(self, value: Optional[pulumi.Input[str]]): def namespace_in_state(self) -> Optional[pulumi.Input[bool]]: """ Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs + + * tune - (Optional) Extra configuration block. Structure is documented below. + + The `tune` block is used to tune the auth backend: """ return pulumi.get(self, "namespace_in_state") @@ -816,7 +832,6 @@ def __init__(__self__, ```sh $ pulumi import vault:jwt/authBackend:AuthBackend oidc oidc ``` - or ```sh @@ -840,6 +855,10 @@ def __init__(__self__, The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). *Available only for Vault Enterprise*. :param pulumi.Input[bool] namespace_in_state: Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs + + * tune - (Optional) Extra configuration block. Structure is documented below. + + The `tune` block is used to tune the auth backend: :param pulumi.Input[str] oidc_client_id: Client ID used for OIDC backends :param pulumi.Input[str] oidc_client_secret: Client Secret used for OIDC backends :param pulumi.Input[str] oidc_discovery_ca_pem: The CA certificate or chain of certificates, in PEM format, to use to validate connections to the OIDC Discovery URL. If not set, system certificates are used @@ -920,7 +939,6 @@ def __init__(__self__, ```sh $ pulumi import vault:jwt/authBackend:AuthBackend oidc oidc ``` - or ```sh @@ -1051,6 +1069,10 @@ def get(resource_name: str, The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). *Available only for Vault Enterprise*. :param pulumi.Input[bool] namespace_in_state: Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs + + * tune - (Optional) Extra configuration block. Structure is documented below. + + The `tune` block is used to tune the auth backend: :param pulumi.Input[str] oidc_client_id: Client ID used for OIDC backends :param pulumi.Input[str] oidc_client_secret: Client Secret used for OIDC backends :param pulumi.Input[str] oidc_discovery_ca_pem: The CA certificate or chain of certificates, in PEM format, to use to validate connections to the OIDC Discovery URL. If not set, system certificates are used @@ -1186,6 +1208,10 @@ def namespace(self) -> pulumi.Output[Optional[str]]: def namespace_in_state(self) -> pulumi.Output[Optional[bool]]: """ Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the OIDC provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs + + * tune - (Optional) Extra configuration block. Structure is documented below. + + The `tune` block is used to tune the auth backend: """ return pulumi.get(self, "namespace_in_state") diff --git a/sdk/python/pulumi_vault/kubernetes/auth_backend_role.py b/sdk/python/pulumi_vault/kubernetes/auth_backend_role.py index 6a0b7e366..be0afb43b 100644 --- a/sdk/python/pulumi_vault/kubernetes/auth_backend_role.py +++ b/sdk/python/pulumi_vault/kubernetes/auth_backend_role.py @@ -38,6 +38,10 @@ def __init__(__self__, *, :param pulumi.Input[str] alias_name_source: Configures how identity aliases are generated. Valid choices are: `serviceaccount_uid`, `serviceaccount_name`. (vault-1.9+) :param pulumi.Input[str] audience: Audience claim to verify in the JWT. + + > Please see [alias_name_source](https://www.vaultproject.io/api-docs/auth/kubernetes#alias_name_source) + before setting this to something other its default value. There are **important** security + implications to be aware of. :param pulumi.Input[str] backend: Unique name of the kubernetes backend to configure. :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. @@ -153,6 +157,10 @@ def alias_name_source(self, value: Optional[pulumi.Input[str]]): def audience(self) -> Optional[pulumi.Input[str]]: """ Audience claim to verify in the JWT. + + > Please see [alias_name_source](https://www.vaultproject.io/api-docs/auth/kubernetes#alias_name_source) + before setting this to something other its default value. There are **important** security + implications to be aware of. """ return pulumi.get(self, "audience") @@ -336,6 +344,10 @@ def __init__(__self__, *, :param pulumi.Input[str] alias_name_source: Configures how identity aliases are generated. Valid choices are: `serviceaccount_uid`, `serviceaccount_name`. (vault-1.9+) :param pulumi.Input[str] audience: Audience claim to verify in the JWT. + + > Please see [alias_name_source](https://www.vaultproject.io/api-docs/auth/kubernetes#alias_name_source) + before setting this to something other its default value. There are **important** security + implications to be aware of. :param pulumi.Input[str] backend: Unique name of the kubernetes backend to configure. :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_service_account_names: List of service account names able to access this role. If set to `["*"]` all names are allowed, both this and bound_service_account_namespaces can not be "*". :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_service_account_namespaces: List of namespaces allowed to access this role. If set to `["*"]` all namespaces are allowed, both this and bound_service_account_names can not be set to "*". @@ -421,6 +433,10 @@ def alias_name_source(self, value: Optional[pulumi.Input[str]]): def audience(self) -> Optional[pulumi.Input[str]]: """ Audience claim to verify in the JWT. + + > Please see [alias_name_source](https://www.vaultproject.io/api-docs/auth/kubernetes#alias_name_source) + before setting this to something other its default value. There are **important** security + implications to be aware of. """ return pulumi.get(self, "audience") @@ -677,6 +693,10 @@ def __init__(__self__, :param pulumi.Input[str] alias_name_source: Configures how identity aliases are generated. Valid choices are: `serviceaccount_uid`, `serviceaccount_name`. (vault-1.9+) :param pulumi.Input[str] audience: Audience claim to verify in the JWT. + + > Please see [alias_name_source](https://www.vaultproject.io/api-docs/auth/kubernetes#alias_name_source) + before setting this to something other its default value. There are **important** security + implications to be aware of. :param pulumi.Input[str] backend: Unique name of the kubernetes backend to configure. :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_service_account_names: List of service account names able to access this role. If set to `["*"]` all names are allowed, both this and bound_service_account_namespaces can not be "*". :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_service_account_namespaces: List of namespaces allowed to access this role. If set to `["*"]` all namespaces are allowed, both this and bound_service_account_names can not be set to "*". @@ -849,6 +869,10 @@ def get(resource_name: str, :param pulumi.Input[str] alias_name_source: Configures how identity aliases are generated. Valid choices are: `serviceaccount_uid`, `serviceaccount_name`. (vault-1.9+) :param pulumi.Input[str] audience: Audience claim to verify in the JWT. + + > Please see [alias_name_source](https://www.vaultproject.io/api-docs/auth/kubernetes#alias_name_source) + before setting this to something other its default value. There are **important** security + implications to be aware of. :param pulumi.Input[str] backend: Unique name of the kubernetes backend to configure. :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_service_account_names: List of service account names able to access this role. If set to `["*"]` all names are allowed, both this and bound_service_account_namespaces can not be "*". :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_service_account_namespaces: List of namespaces allowed to access this role. If set to `["*"]` all namespaces are allowed, both this and bound_service_account_names can not be set to "*". @@ -919,6 +943,10 @@ def alias_name_source(self) -> pulumi.Output[str]: def audience(self) -> pulumi.Output[Optional[str]]: """ Audience claim to verify in the JWT. + + > Please see [alias_name_source](https://www.vaultproject.io/api-docs/auth/kubernetes#alias_name_source) + before setting this to something other its default value. There are **important** security + implications to be aware of. """ return pulumi.get(self, "audience") diff --git a/sdk/python/pulumi_vault/kubernetes/get_auth_backend_config.py b/sdk/python/pulumi_vault/kubernetes/get_auth_backend_config.py index eeb94bca9..38b01ba23 100644 --- a/sdk/python/pulumi_vault/kubernetes/get_auth_backend_config.py +++ b/sdk/python/pulumi_vault/kubernetes/get_auth_backend_config.py @@ -167,15 +167,15 @@ def get_auth_backend_config(backend: Optional[str] = None, __ret__ = pulumi.runtime.invoke('vault:kubernetes/getAuthBackendConfig:getAuthBackendConfig', __args__, opts=opts, typ=GetAuthBackendConfigResult).value return AwaitableGetAuthBackendConfigResult( - backend=__ret__.backend, - disable_iss_validation=__ret__.disable_iss_validation, - disable_local_ca_jwt=__ret__.disable_local_ca_jwt, - id=__ret__.id, - issuer=__ret__.issuer, - kubernetes_ca_cert=__ret__.kubernetes_ca_cert, - kubernetes_host=__ret__.kubernetes_host, - namespace=__ret__.namespace, - pem_keys=__ret__.pem_keys) + backend=pulumi.get(__ret__, 'backend'), + disable_iss_validation=pulumi.get(__ret__, 'disable_iss_validation'), + disable_local_ca_jwt=pulumi.get(__ret__, 'disable_local_ca_jwt'), + id=pulumi.get(__ret__, 'id'), + issuer=pulumi.get(__ret__, 'issuer'), + kubernetes_ca_cert=pulumi.get(__ret__, 'kubernetes_ca_cert'), + kubernetes_host=pulumi.get(__ret__, 'kubernetes_host'), + namespace=pulumi.get(__ret__, 'namespace'), + pem_keys=pulumi.get(__ret__, 'pem_keys')) @_utilities.lift_output_func(get_auth_backend_config) diff --git a/sdk/python/pulumi_vault/kubernetes/get_auth_backend_role.py b/sdk/python/pulumi_vault/kubernetes/get_auth_backend_role.py index 2e2ce6cd6..4131504df 100644 --- a/sdk/python/pulumi_vault/kubernetes/get_auth_backend_role.py +++ b/sdk/python/pulumi_vault/kubernetes/get_auth_backend_role.py @@ -319,23 +319,23 @@ def get_auth_backend_role(audience: Optional[str] = None, __ret__ = pulumi.runtime.invoke('vault:kubernetes/getAuthBackendRole:getAuthBackendRole', __args__, opts=opts, typ=GetAuthBackendRoleResult).value return AwaitableGetAuthBackendRoleResult( - alias_name_source=__ret__.alias_name_source, - audience=__ret__.audience, - backend=__ret__.backend, - bound_service_account_names=__ret__.bound_service_account_names, - bound_service_account_namespaces=__ret__.bound_service_account_namespaces, - id=__ret__.id, - namespace=__ret__.namespace, - role_name=__ret__.role_name, - token_bound_cidrs=__ret__.token_bound_cidrs, - token_explicit_max_ttl=__ret__.token_explicit_max_ttl, - token_max_ttl=__ret__.token_max_ttl, - token_no_default_policy=__ret__.token_no_default_policy, - token_num_uses=__ret__.token_num_uses, - token_period=__ret__.token_period, - token_policies=__ret__.token_policies, - token_ttl=__ret__.token_ttl, - token_type=__ret__.token_type) + alias_name_source=pulumi.get(__ret__, 'alias_name_source'), + audience=pulumi.get(__ret__, 'audience'), + backend=pulumi.get(__ret__, 'backend'), + bound_service_account_names=pulumi.get(__ret__, 'bound_service_account_names'), + bound_service_account_namespaces=pulumi.get(__ret__, 'bound_service_account_namespaces'), + id=pulumi.get(__ret__, 'id'), + namespace=pulumi.get(__ret__, 'namespace'), + role_name=pulumi.get(__ret__, 'role_name'), + token_bound_cidrs=pulumi.get(__ret__, 'token_bound_cidrs'), + token_explicit_max_ttl=pulumi.get(__ret__, 'token_explicit_max_ttl'), + token_max_ttl=pulumi.get(__ret__, 'token_max_ttl'), + token_no_default_policy=pulumi.get(__ret__, 'token_no_default_policy'), + token_num_uses=pulumi.get(__ret__, 'token_num_uses'), + token_period=pulumi.get(__ret__, 'token_period'), + token_policies=pulumi.get(__ret__, 'token_policies'), + token_ttl=pulumi.get(__ret__, 'token_ttl'), + token_type=pulumi.get(__ret__, 'token_type')) @_utilities.lift_output_func(get_auth_backend_role) diff --git a/sdk/python/pulumi_vault/kubernetes/get_service_account_token.py b/sdk/python/pulumi_vault/kubernetes/get_service_account_token.py index 2fa1ce188..2407f1a15 100644 --- a/sdk/python/pulumi_vault/kubernetes/get_service_account_token.py +++ b/sdk/python/pulumi_vault/kubernetes/get_service_account_token.py @@ -239,19 +239,19 @@ def get_service_account_token(backend: Optional[str] = None, __ret__ = pulumi.runtime.invoke('vault:kubernetes/getServiceAccountToken:getServiceAccountToken', __args__, opts=opts, typ=GetServiceAccountTokenResult).value return AwaitableGetServiceAccountTokenResult( - backend=__ret__.backend, - cluster_role_binding=__ret__.cluster_role_binding, - id=__ret__.id, - kubernetes_namespace=__ret__.kubernetes_namespace, - lease_duration=__ret__.lease_duration, - lease_id=__ret__.lease_id, - lease_renewable=__ret__.lease_renewable, - namespace=__ret__.namespace, - role=__ret__.role, - service_account_name=__ret__.service_account_name, - service_account_namespace=__ret__.service_account_namespace, - service_account_token=__ret__.service_account_token, - ttl=__ret__.ttl) + backend=pulumi.get(__ret__, 'backend'), + cluster_role_binding=pulumi.get(__ret__, 'cluster_role_binding'), + id=pulumi.get(__ret__, 'id'), + kubernetes_namespace=pulumi.get(__ret__, 'kubernetes_namespace'), + lease_duration=pulumi.get(__ret__, 'lease_duration'), + lease_id=pulumi.get(__ret__, 'lease_id'), + lease_renewable=pulumi.get(__ret__, 'lease_renewable'), + namespace=pulumi.get(__ret__, 'namespace'), + role=pulumi.get(__ret__, 'role'), + service_account_name=pulumi.get(__ret__, 'service_account_name'), + service_account_namespace=pulumi.get(__ret__, 'service_account_namespace'), + service_account_token=pulumi.get(__ret__, 'service_account_token'), + ttl=pulumi.get(__ret__, 'ttl')) @_utilities.lift_output_func(get_service_account_token) diff --git a/sdk/python/pulumi_vault/kubernetes/secret_backend_role.py b/sdk/python/pulumi_vault/kubernetes/secret_backend_role.py index d458267d9..f00ab11cb 100644 --- a/sdk/python/pulumi_vault/kubernetes/secret_backend_role.py +++ b/sdk/python/pulumi_vault/kubernetes/secret_backend_role.py @@ -37,6 +37,8 @@ def __init__(__self__, *, Kubernetes objects. :param pulumi.Input[Mapping[str, pulumi.Input[str]]] extra_labels: Additional labels to apply to all generated Kubernetes objects. + + This resource also directly accepts all Mount fields. :param pulumi.Input[str] generated_role_rules: The Role or ClusterRole rules to use when generating a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name` and `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated @@ -130,6 +132,8 @@ def extra_labels(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]] """ Additional labels to apply to all generated Kubernetes objects. + + This resource also directly accepts all Mount fields. """ return pulumi.get(self, "extra_labels") @@ -285,6 +289,8 @@ def __init__(__self__, *, Kubernetes objects. :param pulumi.Input[Mapping[str, pulumi.Input[str]]] extra_labels: Additional labels to apply to all generated Kubernetes objects. + + This resource also directly accepts all Mount fields. :param pulumi.Input[str] generated_role_rules: The Role or ClusterRole rules to use when generating a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name` and `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated @@ -380,6 +386,8 @@ def extra_labels(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]] """ Additional labels to apply to all generated Kubernetes objects. + + This resource also directly accepts all Mount fields. """ return pulumi.get(self, "extra_labels") @@ -641,6 +649,8 @@ def __init__(__self__, Kubernetes objects. :param pulumi.Input[Mapping[str, pulumi.Input[str]]] extra_labels: Additional labels to apply to all generated Kubernetes objects. + + This resource also directly accepts all Mount fields. :param pulumi.Input[str] generated_role_rules: The Role or ClusterRole rules to use when generating a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name` and `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated @@ -865,6 +875,8 @@ def get(resource_name: str, Kubernetes objects. :param pulumi.Input[Mapping[str, pulumi.Input[str]]] extra_labels: Additional labels to apply to all generated Kubernetes objects. + + This resource also directly accepts all Mount fields. :param pulumi.Input[str] generated_role_rules: The Role or ClusterRole rules to use when generating a role. Accepts either JSON or YAML formatted rules. Mutually exclusive with `service_account_name` and `kubernetes_role_name`. If set, the entire chain of Kubernetes objects will be generated @@ -940,6 +952,8 @@ def extra_labels(self) -> pulumi.Output[Optional[Mapping[str, str]]]: """ Additional labels to apply to all generated Kubernetes objects. + + This resource also directly accepts all Mount fields. """ return pulumi.get(self, "extra_labels") diff --git a/sdk/python/pulumi_vault/kv/get_secret.py b/sdk/python/pulumi_vault/kv/get_secret.py index 424a9c849..c55179668 100644 --- a/sdk/python/pulumi_vault/kv/get_secret.py +++ b/sdk/python/pulumi_vault/kv/get_secret.py @@ -172,14 +172,14 @@ def get_secret(namespace: Optional[str] = None, __ret__ = pulumi.runtime.invoke('vault:kv/getSecret:getSecret', __args__, opts=opts, typ=GetSecretResult).value return AwaitableGetSecretResult( - data=__ret__.data, - data_json=__ret__.data_json, - id=__ret__.id, - lease_duration=__ret__.lease_duration, - lease_id=__ret__.lease_id, - lease_renewable=__ret__.lease_renewable, - namespace=__ret__.namespace, - path=__ret__.path) + data=pulumi.get(__ret__, 'data'), + data_json=pulumi.get(__ret__, 'data_json'), + id=pulumi.get(__ret__, 'id'), + lease_duration=pulumi.get(__ret__, 'lease_duration'), + lease_id=pulumi.get(__ret__, 'lease_id'), + lease_renewable=pulumi.get(__ret__, 'lease_renewable'), + namespace=pulumi.get(__ret__, 'namespace'), + path=pulumi.get(__ret__, 'path')) @_utilities.lift_output_func(get_secret) diff --git a/sdk/python/pulumi_vault/kv/get_secret_subkeys_v2.py b/sdk/python/pulumi_vault/kv/get_secret_subkeys_v2.py index 2fc44559c..ec7f65399 100644 --- a/sdk/python/pulumi_vault/kv/get_secret_subkeys_v2.py +++ b/sdk/python/pulumi_vault/kv/get_secret_subkeys_v2.py @@ -186,15 +186,15 @@ def get_secret_subkeys_v2(depth: Optional[int] = None, __ret__ = pulumi.runtime.invoke('vault:kv/getSecretSubkeysV2:getSecretSubkeysV2', __args__, opts=opts, typ=GetSecretSubkeysV2Result).value return AwaitableGetSecretSubkeysV2Result( - data=__ret__.data, - data_json=__ret__.data_json, - depth=__ret__.depth, - id=__ret__.id, - mount=__ret__.mount, - name=__ret__.name, - namespace=__ret__.namespace, - path=__ret__.path, - version=__ret__.version) + data=pulumi.get(__ret__, 'data'), + data_json=pulumi.get(__ret__, 'data_json'), + depth=pulumi.get(__ret__, 'depth'), + id=pulumi.get(__ret__, 'id'), + mount=pulumi.get(__ret__, 'mount'), + name=pulumi.get(__ret__, 'name'), + namespace=pulumi.get(__ret__, 'namespace'), + path=pulumi.get(__ret__, 'path'), + version=pulumi.get(__ret__, 'version')) @_utilities.lift_output_func(get_secret_subkeys_v2) diff --git a/sdk/python/pulumi_vault/kv/get_secret_v2.py b/sdk/python/pulumi_vault/kv/get_secret_v2.py index 9e8a7c58c..a7b3fdf20 100644 --- a/sdk/python/pulumi_vault/kv/get_secret_v2.py +++ b/sdk/python/pulumi_vault/kv/get_secret_v2.py @@ -199,18 +199,18 @@ def get_secret_v2(mount: Optional[str] = None, __ret__ = pulumi.runtime.invoke('vault:kv/getSecretV2:getSecretV2', __args__, opts=opts, typ=GetSecretV2Result).value return AwaitableGetSecretV2Result( - created_time=__ret__.created_time, - custom_metadata=__ret__.custom_metadata, - data=__ret__.data, - data_json=__ret__.data_json, - deletion_time=__ret__.deletion_time, - destroyed=__ret__.destroyed, - id=__ret__.id, - mount=__ret__.mount, - name=__ret__.name, - namespace=__ret__.namespace, - path=__ret__.path, - version=__ret__.version) + created_time=pulumi.get(__ret__, 'created_time'), + custom_metadata=pulumi.get(__ret__, 'custom_metadata'), + data=pulumi.get(__ret__, 'data'), + data_json=pulumi.get(__ret__, 'data_json'), + deletion_time=pulumi.get(__ret__, 'deletion_time'), + destroyed=pulumi.get(__ret__, 'destroyed'), + id=pulumi.get(__ret__, 'id'), + mount=pulumi.get(__ret__, 'mount'), + name=pulumi.get(__ret__, 'name'), + namespace=pulumi.get(__ret__, 'namespace'), + path=pulumi.get(__ret__, 'path'), + version=pulumi.get(__ret__, 'version')) @_utilities.lift_output_func(get_secret_v2) diff --git a/sdk/python/pulumi_vault/kv/get_secrets_list.py b/sdk/python/pulumi_vault/kv/get_secrets_list.py index 3d3e06c60..eb76ed394 100644 --- a/sdk/python/pulumi_vault/kv/get_secrets_list.py +++ b/sdk/python/pulumi_vault/kv/get_secrets_list.py @@ -122,10 +122,10 @@ def get_secrets_list(namespace: Optional[str] = None, __ret__ = pulumi.runtime.invoke('vault:kv/getSecretsList:getSecretsList', __args__, opts=opts, typ=GetSecretsListResult).value return AwaitableGetSecretsListResult( - id=__ret__.id, - names=__ret__.names, - namespace=__ret__.namespace, - path=__ret__.path) + id=pulumi.get(__ret__, 'id'), + names=pulumi.get(__ret__, 'names'), + namespace=pulumi.get(__ret__, 'namespace'), + path=pulumi.get(__ret__, 'path')) @_utilities.lift_output_func(get_secrets_list) diff --git a/sdk/python/pulumi_vault/kv/get_secrets_list_v2.py b/sdk/python/pulumi_vault/kv/get_secrets_list_v2.py index 85ae8f71f..9255870ce 100644 --- a/sdk/python/pulumi_vault/kv/get_secrets_list_v2.py +++ b/sdk/python/pulumi_vault/kv/get_secrets_list_v2.py @@ -156,12 +156,12 @@ def get_secrets_list_v2(mount: Optional[str] = None, __ret__ = pulumi.runtime.invoke('vault:kv/getSecretsListV2:getSecretsListV2', __args__, opts=opts, typ=GetSecretsListV2Result).value return AwaitableGetSecretsListV2Result( - id=__ret__.id, - mount=__ret__.mount, - name=__ret__.name, - names=__ret__.names, - namespace=__ret__.namespace, - path=__ret__.path) + id=pulumi.get(__ret__, 'id'), + mount=pulumi.get(__ret__, 'mount'), + name=pulumi.get(__ret__, 'name'), + names=pulumi.get(__ret__, 'names'), + namespace=pulumi.get(__ret__, 'namespace'), + path=pulumi.get(__ret__, 'path')) @_utilities.lift_output_func(get_secrets_list_v2) diff --git a/sdk/python/pulumi_vault/ldap/__init__.py b/sdk/python/pulumi_vault/ldap/__init__.py index b2500e2d9..cf48e9f4d 100644 --- a/sdk/python/pulumi_vault/ldap/__init__.py +++ b/sdk/python/pulumi_vault/ldap/__init__.py @@ -8,6 +8,8 @@ from .auth_backend import * from .auth_backend_group import * from .auth_backend_user import * +from .get_dynamic_credentials import * +from .get_static_credentials import * from .secret_backend import * from .secret_backend_dynamic_role import * from .secret_backend_library_set import * diff --git a/sdk/python/pulumi_vault/ldap/auth_backend.py b/sdk/python/pulumi_vault/ldap/auth_backend.py index cfc317bff..81d4d0ac3 100644 --- a/sdk/python/pulumi_vault/ldap/auth_backend.py +++ b/sdk/python/pulumi_vault/ldap/auth_backend.py @@ -58,9 +58,11 @@ def __init__(__self__, *, :param pulumi.Input[str] bindpass: Password to use with `binddn` when performing user search :param pulumi.Input[bool] case_sensitive_names: Control case senstivity of objects fetched from LDAP, this is used for object matching in vault :param pulumi.Input[str] certificate: Trusted CA to validate TLS certificate + :param pulumi.Input[bool] deny_null_bind: Prevents users from bypassing authentication when providing an empty password. :param pulumi.Input[str] description: Description for the LDAP auth backend mount :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates. See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) + :param pulumi.Input[bool] discoverdn: Use anonymous bind to discover the bind DN of a user. :param pulumi.Input[str] groupattr: LDAP attribute to follow on objects returned by groupfilter :param pulumi.Input[str] groupdn: Base DN under which to perform group search :param pulumi.Input[str] groupfilter: Go template used to construct group membership query @@ -97,12 +99,8 @@ def __init__(__self__, *, on the auth method, this list may be supplemented by user/group/other values. :param pulumi.Input[int] token_ttl: The incremental lifetime for generated tokens in number of seconds. Its current value will be referenced at renewal time. - :param pulumi.Input[str] token_type: The type of token that should be generated. Can be `service`, - `batch`, or `default` to use the mount's tuned default (which unless changed will be - `service` tokens). For token store roles, there are two additional possibilities: - `default-service` and `default-batch` which specify the type to return unless the client - requests a different type at generation time. - :param pulumi.Input[str] upndomain: The userPrincipalDomain used to construct UPN string + :param pulumi.Input[str] token_type: The type of token to generate, service or batch + :param pulumi.Input[str] upndomain: The `userPrincipalDomain` used to construct the UPN string for the authenticating user. :param pulumi.Input[bool] use_token_groups: Use the Active Directory tokenGroups constructed attribute of the user to find the group memberships :param pulumi.Input[str] userattr: Attribute on user object matching username passed in :param pulumi.Input[str] userdn: Base DN under which to perform user search @@ -264,6 +262,9 @@ def client_tls_key(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="denyNullBind") def deny_null_bind(self) -> Optional[pulumi.Input[bool]]: + """ + Prevents users from bypassing authentication when providing an empty password. + """ return pulumi.get(self, "deny_null_bind") @deny_null_bind.setter @@ -298,6 +299,9 @@ def disable_remount(self, value: Optional[pulumi.Input[bool]]): @property @pulumi.getter def discoverdn(self) -> Optional[pulumi.Input[bool]]: + """ + Use anonymous bind to discover the bind DN of a user. + """ return pulumi.get(self, "discoverdn") @discoverdn.setter @@ -553,11 +557,7 @@ def token_ttl(self, value: Optional[pulumi.Input[int]]): @pulumi.getter(name="tokenType") def token_type(self) -> Optional[pulumi.Input[str]]: """ - The type of token that should be generated. Can be `service`, - `batch`, or `default` to use the mount's tuned default (which unless changed will be - `service` tokens). For token store roles, there are two additional possibilities: - `default-service` and `default-batch` which specify the type to return unless the client - requests a different type at generation time. + The type of token to generate, service or batch """ return pulumi.get(self, "token_type") @@ -569,7 +569,7 @@ def token_type(self, value: Optional[pulumi.Input[str]]): @pulumi.getter def upndomain(self) -> Optional[pulumi.Input[str]]: """ - The userPrincipalDomain used to construct UPN string + The `userPrincipalDomain` used to construct the UPN string for the authenticating user. """ return pulumi.get(self, "upndomain") @@ -686,9 +686,11 @@ def __init__(__self__, *, :param pulumi.Input[str] bindpass: Password to use with `binddn` when performing user search :param pulumi.Input[bool] case_sensitive_names: Control case senstivity of objects fetched from LDAP, this is used for object matching in vault :param pulumi.Input[str] certificate: Trusted CA to validate TLS certificate + :param pulumi.Input[bool] deny_null_bind: Prevents users from bypassing authentication when providing an empty password. :param pulumi.Input[str] description: Description for the LDAP auth backend mount :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates. See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) + :param pulumi.Input[bool] discoverdn: Use anonymous bind to discover the bind DN of a user. :param pulumi.Input[str] groupattr: LDAP attribute to follow on objects returned by groupfilter :param pulumi.Input[str] groupdn: Base DN under which to perform group search :param pulumi.Input[str] groupfilter: Go template used to construct group membership query @@ -725,12 +727,8 @@ def __init__(__self__, *, on the auth method, this list may be supplemented by user/group/other values. :param pulumi.Input[int] token_ttl: The incremental lifetime for generated tokens in number of seconds. Its current value will be referenced at renewal time. - :param pulumi.Input[str] token_type: The type of token that should be generated. Can be `service`, - `batch`, or `default` to use the mount's tuned default (which unless changed will be - `service` tokens). For token store roles, there are two additional possibilities: - `default-service` and `default-batch` which specify the type to return unless the client - requests a different type at generation time. - :param pulumi.Input[str] upndomain: The userPrincipalDomain used to construct UPN string + :param pulumi.Input[str] token_type: The type of token to generate, service or batch + :param pulumi.Input[str] upndomain: The `userPrincipalDomain` used to construct the UPN string for the authenticating user. :param pulumi.Input[str] url: The URL of the LDAP server :param pulumi.Input[bool] use_token_groups: Use the Active Directory tokenGroups constructed attribute of the user to find the group memberships :param pulumi.Input[str] userattr: Attribute on user object matching username passed in @@ -896,6 +894,9 @@ def client_tls_key(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="denyNullBind") def deny_null_bind(self) -> Optional[pulumi.Input[bool]]: + """ + Prevents users from bypassing authentication when providing an empty password. + """ return pulumi.get(self, "deny_null_bind") @deny_null_bind.setter @@ -930,6 +931,9 @@ def disable_remount(self, value: Optional[pulumi.Input[bool]]): @property @pulumi.getter def discoverdn(self) -> Optional[pulumi.Input[bool]]: + """ + Use anonymous bind to discover the bind DN of a user. + """ return pulumi.get(self, "discoverdn") @discoverdn.setter @@ -1185,11 +1189,7 @@ def token_ttl(self, value: Optional[pulumi.Input[int]]): @pulumi.getter(name="tokenType") def token_type(self) -> Optional[pulumi.Input[str]]: """ - The type of token that should be generated. Can be `service`, - `batch`, or `default` to use the mount's tuned default (which unless changed will be - `service` tokens). For token store roles, there are two additional possibilities: - `default-service` and `default-batch` which specify the type to return unless the client - requests a different type at generation time. + The type of token to generate, service or batch """ return pulumi.get(self, "token_type") @@ -1201,7 +1201,7 @@ def token_type(self, value: Optional[pulumi.Input[str]]): @pulumi.getter def upndomain(self) -> Optional[pulumi.Input[str]]: """ - The userPrincipalDomain used to construct UPN string + The `userPrincipalDomain` used to construct the UPN string for the authenticating user. """ return pulumi.get(self, "upndomain") @@ -1359,9 +1359,11 @@ def __init__(__self__, :param pulumi.Input[str] bindpass: Password to use with `binddn` when performing user search :param pulumi.Input[bool] case_sensitive_names: Control case senstivity of objects fetched from LDAP, this is used for object matching in vault :param pulumi.Input[str] certificate: Trusted CA to validate TLS certificate + :param pulumi.Input[bool] deny_null_bind: Prevents users from bypassing authentication when providing an empty password. :param pulumi.Input[str] description: Description for the LDAP auth backend mount :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates. See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) + :param pulumi.Input[bool] discoverdn: Use anonymous bind to discover the bind DN of a user. :param pulumi.Input[str] groupattr: LDAP attribute to follow on objects returned by groupfilter :param pulumi.Input[str] groupdn: Base DN under which to perform group search :param pulumi.Input[str] groupfilter: Go template used to construct group membership query @@ -1398,12 +1400,8 @@ def __init__(__self__, on the auth method, this list may be supplemented by user/group/other values. :param pulumi.Input[int] token_ttl: The incremental lifetime for generated tokens in number of seconds. Its current value will be referenced at renewal time. - :param pulumi.Input[str] token_type: The type of token that should be generated. Can be `service`, - `batch`, or `default` to use the mount's tuned default (which unless changed will be - `service` tokens). For token store roles, there are two additional possibilities: - `default-service` and `default-batch` which specify the type to return unless the client - requests a different type at generation time. - :param pulumi.Input[str] upndomain: The userPrincipalDomain used to construct UPN string + :param pulumi.Input[str] token_type: The type of token to generate, service or batch + :param pulumi.Input[str] upndomain: The `userPrincipalDomain` used to construct the UPN string for the authenticating user. :param pulumi.Input[str] url: The URL of the LDAP server :param pulumi.Input[bool] use_token_groups: Use the Active Directory tokenGroups constructed attribute of the user to find the group memberships :param pulumi.Input[str] userattr: Attribute on user object matching username passed in @@ -1608,9 +1606,11 @@ def get(resource_name: str, :param pulumi.Input[str] bindpass: Password to use with `binddn` when performing user search :param pulumi.Input[bool] case_sensitive_names: Control case senstivity of objects fetched from LDAP, this is used for object matching in vault :param pulumi.Input[str] certificate: Trusted CA to validate TLS certificate + :param pulumi.Input[bool] deny_null_bind: Prevents users from bypassing authentication when providing an empty password. :param pulumi.Input[str] description: Description for the LDAP auth backend mount :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates. See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) + :param pulumi.Input[bool] discoverdn: Use anonymous bind to discover the bind DN of a user. :param pulumi.Input[str] groupattr: LDAP attribute to follow on objects returned by groupfilter :param pulumi.Input[str] groupdn: Base DN under which to perform group search :param pulumi.Input[str] groupfilter: Go template used to construct group membership query @@ -1647,12 +1647,8 @@ def get(resource_name: str, on the auth method, this list may be supplemented by user/group/other values. :param pulumi.Input[int] token_ttl: The incremental lifetime for generated tokens in number of seconds. Its current value will be referenced at renewal time. - :param pulumi.Input[str] token_type: The type of token that should be generated. Can be `service`, - `batch`, or `default` to use the mount's tuned default (which unless changed will be - `service` tokens). For token store roles, there are two additional possibilities: - `default-service` and `default-batch` which specify the type to return unless the client - requests a different type at generation time. - :param pulumi.Input[str] upndomain: The userPrincipalDomain used to construct UPN string + :param pulumi.Input[str] token_type: The type of token to generate, service or batch + :param pulumi.Input[str] upndomain: The `userPrincipalDomain` used to construct the UPN string for the authenticating user. :param pulumi.Input[str] url: The URL of the LDAP server :param pulumi.Input[bool] use_token_groups: Use the Active Directory tokenGroups constructed attribute of the user to find the group memberships :param pulumi.Input[str] userattr: Attribute on user object matching username passed in @@ -1757,6 +1753,9 @@ def client_tls_key(self) -> pulumi.Output[str]: @property @pulumi.getter(name="denyNullBind") def deny_null_bind(self) -> pulumi.Output[bool]: + """ + Prevents users from bypassing authentication when providing an empty password. + """ return pulumi.get(self, "deny_null_bind") @property @@ -1779,6 +1778,9 @@ def disable_remount(self) -> pulumi.Output[Optional[bool]]: @property @pulumi.getter def discoverdn(self) -> pulumi.Output[bool]: + """ + Use anonymous bind to discover the bind DN of a user. + """ return pulumi.get(self, "discoverdn") @property @@ -1954,11 +1956,7 @@ def token_ttl(self) -> pulumi.Output[Optional[int]]: @pulumi.getter(name="tokenType") def token_type(self) -> pulumi.Output[Optional[str]]: """ - The type of token that should be generated. Can be `service`, - `batch`, or `default` to use the mount's tuned default (which unless changed will be - `service` tokens). For token store roles, there are two additional possibilities: - `default-service` and `default-batch` which specify the type to return unless the client - requests a different type at generation time. + The type of token to generate, service or batch """ return pulumi.get(self, "token_type") @@ -1966,7 +1964,7 @@ def token_type(self) -> pulumi.Output[Optional[str]]: @pulumi.getter def upndomain(self) -> pulumi.Output[str]: """ - The userPrincipalDomain used to construct UPN string + The `userPrincipalDomain` used to construct the UPN string for the authenticating user. """ return pulumi.get(self, "upndomain") diff --git a/sdk/python/pulumi_vault/ldap/auth_backend_group.py b/sdk/python/pulumi_vault/ldap/auth_backend_group.py index 2ead51f74..4cee8c4c1 100644 --- a/sdk/python/pulumi_vault/ldap/auth_backend_group.py +++ b/sdk/python/pulumi_vault/ldap/auth_backend_group.py @@ -22,6 +22,8 @@ def __init__(__self__, *, The set of arguments for constructing a AuthBackendGroup resource. :param pulumi.Input[str] groupname: The LDAP groupname :param pulumi.Input[str] backend: Path to the authentication backend + + For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). @@ -53,6 +55,8 @@ def groupname(self, value: pulumi.Input[str]): def backend(self) -> Optional[pulumi.Input[str]]: """ Path to the authentication backend + + For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). """ return pulumi.get(self, "backend") @@ -98,6 +102,8 @@ def __init__(__self__, *, """ Input properties used for looking up and filtering AuthBackendGroup resources. :param pulumi.Input[str] backend: Path to the authentication backend + + For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). :param pulumi.Input[str] groupname: The LDAP groupname :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. @@ -119,6 +125,8 @@ def __init__(__self__, *, def backend(self) -> Optional[pulumi.Input[str]]: """ Path to the authentication backend + + For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). """ return pulumi.get(self, "backend") @@ -211,6 +219,8 @@ def __init__(__self__, :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] backend: Path to the authentication backend + + For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). :param pulumi.Input[str] groupname: The LDAP groupname :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. @@ -312,6 +322,8 @@ def get(resource_name: str, :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] backend: Path to the authentication backend + + For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). :param pulumi.Input[str] groupname: The LDAP groupname :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. @@ -334,6 +346,8 @@ def get(resource_name: str, def backend(self) -> pulumi.Output[Optional[str]]: """ Path to the authentication backend + + For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). """ return pulumi.get(self, "backend") diff --git a/sdk/python/pulumi_vault/ldap/auth_backend_user.py b/sdk/python/pulumi_vault/ldap/auth_backend_user.py index b9e2ca2b2..60c1643b8 100644 --- a/sdk/python/pulumi_vault/ldap/auth_backend_user.py +++ b/sdk/python/pulumi_vault/ldap/auth_backend_user.py @@ -23,6 +23,8 @@ def __init__(__self__, *, The set of arguments for constructing a AuthBackendUser resource. :param pulumi.Input[str] username: The LDAP username :param pulumi.Input[str] backend: Path to the authentication backend + + For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). :param pulumi.Input[Sequence[pulumi.Input[str]]] groups: Override LDAP groups which should be granted to user :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. @@ -57,6 +59,8 @@ def username(self, value: pulumi.Input[str]): def backend(self) -> Optional[pulumi.Input[str]]: """ Path to the authentication backend + + For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). """ return pulumi.get(self, "backend") @@ -115,6 +119,8 @@ def __init__(__self__, *, """ Input properties used for looking up and filtering AuthBackendUser resources. :param pulumi.Input[str] backend: Path to the authentication backend + + For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). :param pulumi.Input[Sequence[pulumi.Input[str]]] groups: Override LDAP groups which should be granted to user :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. @@ -139,6 +145,8 @@ def __init__(__self__, *, def backend(self) -> Optional[pulumi.Input[str]]: """ Path to the authentication backend + + For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). """ return pulumi.get(self, "backend") @@ -247,6 +255,8 @@ def __init__(__self__, :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] backend: Path to the authentication backend + + For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). :param pulumi.Input[Sequence[pulumi.Input[str]]] groups: Override LDAP groups which should be granted to user :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. @@ -355,6 +365,8 @@ def get(resource_name: str, :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] backend: Path to the authentication backend + + For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). :param pulumi.Input[Sequence[pulumi.Input[str]]] groups: Override LDAP groups which should be granted to user :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. @@ -379,6 +391,8 @@ def get(resource_name: str, def backend(self) -> pulumi.Output[Optional[str]]: """ Path to the authentication backend + + For more details on the usage of each argument consult the [Vault LDAP API documentation](https://www.vaultproject.io/api-docs/auth/ldap). """ return pulumi.get(self, "backend") diff --git a/sdk/python/pulumi_vault/ldap/get_dynamic_credentials.py b/sdk/python/pulumi_vault/ldap/get_dynamic_credentials.py new file mode 100644 index 000000000..cb0c380bf --- /dev/null +++ b/sdk/python/pulumi_vault/ldap/get_dynamic_credentials.py @@ -0,0 +1,163 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +from .. import _utilities + +__all__ = [ + 'GetDynamicCredentialsResult', + 'AwaitableGetDynamicCredentialsResult', + 'get_dynamic_credentials', + 'get_dynamic_credentials_output', +] + +@pulumi.output_type +class GetDynamicCredentialsResult: + """ + A collection of values returned by getDynamicCredentials. + """ + def __init__(__self__, distinguished_names=None, id=None, lease_duration=None, lease_id=None, lease_renewable=None, mount=None, namespace=None, password=None, role_name=None, username=None): + if distinguished_names and not isinstance(distinguished_names, list): + raise TypeError("Expected argument 'distinguished_names' to be a list") + pulumi.set(__self__, "distinguished_names", distinguished_names) + if id and not isinstance(id, str): + raise TypeError("Expected argument 'id' to be a str") + pulumi.set(__self__, "id", id) + if lease_duration and not isinstance(lease_duration, int): + raise TypeError("Expected argument 'lease_duration' to be a int") + pulumi.set(__self__, "lease_duration", lease_duration) + if lease_id and not isinstance(lease_id, str): + raise TypeError("Expected argument 'lease_id' to be a str") + pulumi.set(__self__, "lease_id", lease_id) + if lease_renewable and not isinstance(lease_renewable, bool): + raise TypeError("Expected argument 'lease_renewable' to be a bool") + pulumi.set(__self__, "lease_renewable", lease_renewable) + if mount and not isinstance(mount, str): + raise TypeError("Expected argument 'mount' to be a str") + pulumi.set(__self__, "mount", mount) + if namespace and not isinstance(namespace, str): + raise TypeError("Expected argument 'namespace' to be a str") + pulumi.set(__self__, "namespace", namespace) + if password and not isinstance(password, str): + raise TypeError("Expected argument 'password' to be a str") + pulumi.set(__self__, "password", password) + if role_name and not isinstance(role_name, str): + raise TypeError("Expected argument 'role_name' to be a str") + pulumi.set(__self__, "role_name", role_name) + if username and not isinstance(username, str): + raise TypeError("Expected argument 'username' to be a str") + pulumi.set(__self__, "username", username) + + @property + @pulumi.getter(name="distinguishedNames") + def distinguished_names(self) -> Sequence[str]: + return pulumi.get(self, "distinguished_names") + + @property + @pulumi.getter + def id(self) -> str: + """ + The provider-assigned unique ID for this managed resource. + """ + return pulumi.get(self, "id") + + @property + @pulumi.getter(name="leaseDuration") + def lease_duration(self) -> int: + return pulumi.get(self, "lease_duration") + + @property + @pulumi.getter(name="leaseId") + def lease_id(self) -> str: + return pulumi.get(self, "lease_id") + + @property + @pulumi.getter(name="leaseRenewable") + def lease_renewable(self) -> bool: + return pulumi.get(self, "lease_renewable") + + @property + @pulumi.getter + def mount(self) -> str: + return pulumi.get(self, "mount") + + @property + @pulumi.getter + def namespace(self) -> Optional[str]: + return pulumi.get(self, "namespace") + + @property + @pulumi.getter + def password(self) -> str: + return pulumi.get(self, "password") + + @property + @pulumi.getter(name="roleName") + def role_name(self) -> str: + return pulumi.get(self, "role_name") + + @property + @pulumi.getter + def username(self) -> str: + return pulumi.get(self, "username") + + +class AwaitableGetDynamicCredentialsResult(GetDynamicCredentialsResult): + # pylint: disable=using-constant-test + def __await__(self): + if False: + yield self + return GetDynamicCredentialsResult( + distinguished_names=self.distinguished_names, + id=self.id, + lease_duration=self.lease_duration, + lease_id=self.lease_id, + lease_renewable=self.lease_renewable, + mount=self.mount, + namespace=self.namespace, + password=self.password, + role_name=self.role_name, + username=self.username) + + +def get_dynamic_credentials(mount: Optional[str] = None, + namespace: Optional[str] = None, + role_name: Optional[str] = None, + opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetDynamicCredentialsResult: + """ + Use this data source to access information about an existing resource. + """ + __args__ = dict() + __args__['mount'] = mount + __args__['namespace'] = namespace + __args__['roleName'] = role_name + opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + __ret__ = pulumi.runtime.invoke('vault:ldap/getDynamicCredentials:getDynamicCredentials', __args__, opts=opts, typ=GetDynamicCredentialsResult).value + + return AwaitableGetDynamicCredentialsResult( + distinguished_names=pulumi.get(__ret__, 'distinguished_names'), + id=pulumi.get(__ret__, 'id'), + lease_duration=pulumi.get(__ret__, 'lease_duration'), + lease_id=pulumi.get(__ret__, 'lease_id'), + lease_renewable=pulumi.get(__ret__, 'lease_renewable'), + mount=pulumi.get(__ret__, 'mount'), + namespace=pulumi.get(__ret__, 'namespace'), + password=pulumi.get(__ret__, 'password'), + role_name=pulumi.get(__ret__, 'role_name'), + username=pulumi.get(__ret__, 'username')) + + +@_utilities.lift_output_func(get_dynamic_credentials) +def get_dynamic_credentials_output(mount: Optional[pulumi.Input[str]] = None, + namespace: Optional[pulumi.Input[Optional[str]]] = None, + role_name: Optional[pulumi.Input[str]] = None, + opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetDynamicCredentialsResult]: + """ + Use this data source to access information about an existing resource. + """ + ... diff --git a/sdk/python/pulumi_vault/ldap/get_static_credentials.py b/sdk/python/pulumi_vault/ldap/get_static_credentials.py new file mode 100644 index 000000000..af634c51d --- /dev/null +++ b/sdk/python/pulumi_vault/ldap/get_static_credentials.py @@ -0,0 +1,173 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +from .. import _utilities + +__all__ = [ + 'GetStaticCredentialsResult', + 'AwaitableGetStaticCredentialsResult', + 'get_static_credentials', + 'get_static_credentials_output', +] + +@pulumi.output_type +class GetStaticCredentialsResult: + """ + A collection of values returned by getStaticCredentials. + """ + def __init__(__self__, dn=None, id=None, last_password=None, last_vault_rotation=None, mount=None, namespace=None, password=None, role_name=None, rotation_period=None, ttl=None, username=None): + if dn and not isinstance(dn, str): + raise TypeError("Expected argument 'dn' to be a str") + pulumi.set(__self__, "dn", dn) + if id and not isinstance(id, str): + raise TypeError("Expected argument 'id' to be a str") + pulumi.set(__self__, "id", id) + if last_password and not isinstance(last_password, str): + raise TypeError("Expected argument 'last_password' to be a str") + pulumi.set(__self__, "last_password", last_password) + if last_vault_rotation and not isinstance(last_vault_rotation, str): + raise TypeError("Expected argument 'last_vault_rotation' to be a str") + pulumi.set(__self__, "last_vault_rotation", last_vault_rotation) + if mount and not isinstance(mount, str): + raise TypeError("Expected argument 'mount' to be a str") + pulumi.set(__self__, "mount", mount) + if namespace and not isinstance(namespace, str): + raise TypeError("Expected argument 'namespace' to be a str") + pulumi.set(__self__, "namespace", namespace) + if password and not isinstance(password, str): + raise TypeError("Expected argument 'password' to be a str") + pulumi.set(__self__, "password", password) + if role_name and not isinstance(role_name, str): + raise TypeError("Expected argument 'role_name' to be a str") + pulumi.set(__self__, "role_name", role_name) + if rotation_period and not isinstance(rotation_period, int): + raise TypeError("Expected argument 'rotation_period' to be a int") + pulumi.set(__self__, "rotation_period", rotation_period) + if ttl and not isinstance(ttl, int): + raise TypeError("Expected argument 'ttl' to be a int") + pulumi.set(__self__, "ttl", ttl) + if username and not isinstance(username, str): + raise TypeError("Expected argument 'username' to be a str") + pulumi.set(__self__, "username", username) + + @property + @pulumi.getter + def dn(self) -> str: + return pulumi.get(self, "dn") + + @property + @pulumi.getter + def id(self) -> str: + """ + The provider-assigned unique ID for this managed resource. + """ + return pulumi.get(self, "id") + + @property + @pulumi.getter(name="lastPassword") + def last_password(self) -> str: + return pulumi.get(self, "last_password") + + @property + @pulumi.getter(name="lastVaultRotation") + def last_vault_rotation(self) -> str: + return pulumi.get(self, "last_vault_rotation") + + @property + @pulumi.getter + def mount(self) -> str: + return pulumi.get(self, "mount") + + @property + @pulumi.getter + def namespace(self) -> Optional[str]: + return pulumi.get(self, "namespace") + + @property + @pulumi.getter + def password(self) -> str: + return pulumi.get(self, "password") + + @property + @pulumi.getter(name="roleName") + def role_name(self) -> str: + return pulumi.get(self, "role_name") + + @property + @pulumi.getter(name="rotationPeriod") + def rotation_period(self) -> int: + return pulumi.get(self, "rotation_period") + + @property + @pulumi.getter + def ttl(self) -> int: + return pulumi.get(self, "ttl") + + @property + @pulumi.getter + def username(self) -> str: + return pulumi.get(self, "username") + + +class AwaitableGetStaticCredentialsResult(GetStaticCredentialsResult): + # pylint: disable=using-constant-test + def __await__(self): + if False: + yield self + return GetStaticCredentialsResult( + dn=self.dn, + id=self.id, + last_password=self.last_password, + last_vault_rotation=self.last_vault_rotation, + mount=self.mount, + namespace=self.namespace, + password=self.password, + role_name=self.role_name, + rotation_period=self.rotation_period, + ttl=self.ttl, + username=self.username) + + +def get_static_credentials(mount: Optional[str] = None, + namespace: Optional[str] = None, + role_name: Optional[str] = None, + opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetStaticCredentialsResult: + """ + Use this data source to access information about an existing resource. + """ + __args__ = dict() + __args__['mount'] = mount + __args__['namespace'] = namespace + __args__['roleName'] = role_name + opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + __ret__ = pulumi.runtime.invoke('vault:ldap/getStaticCredentials:getStaticCredentials', __args__, opts=opts, typ=GetStaticCredentialsResult).value + + return AwaitableGetStaticCredentialsResult( + dn=pulumi.get(__ret__, 'dn'), + id=pulumi.get(__ret__, 'id'), + last_password=pulumi.get(__ret__, 'last_password'), + last_vault_rotation=pulumi.get(__ret__, 'last_vault_rotation'), + mount=pulumi.get(__ret__, 'mount'), + namespace=pulumi.get(__ret__, 'namespace'), + password=pulumi.get(__ret__, 'password'), + role_name=pulumi.get(__ret__, 'role_name'), + rotation_period=pulumi.get(__ret__, 'rotation_period'), + ttl=pulumi.get(__ret__, 'ttl'), + username=pulumi.get(__ret__, 'username')) + + +@_utilities.lift_output_func(get_static_credentials) +def get_static_credentials_output(mount: Optional[pulumi.Input[str]] = None, + namespace: Optional[pulumi.Input[Optional[str]]] = None, + role_name: Optional[pulumi.Input[str]] = None, + opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetStaticCredentialsResult]: + """ + Use this data source to access information about an existing resource. + """ + ... diff --git a/sdk/python/pulumi_vault/ldap/secret_backend.py b/sdk/python/pulumi_vault/ldap/secret_backend.py index 7fad7a603..710beafeb 100644 --- a/sdk/python/pulumi_vault/ldap/secret_backend.py +++ b/sdk/python/pulumi_vault/ldap/secret_backend.py @@ -324,6 +324,9 @@ def length(self) -> Optional[pulumi.Input[int]]: **Deprecated** use `password_policy`. The desired length of passwords that Vault generates. *Mutually exclusive with `password_policy` on vault-1.11+* """ + warnings.warn("""Length is deprecated and password_policy should be used with Vault >= 1.5.""", DeprecationWarning) + pulumi.log.warn("""length is deprecated: Length is deprecated and password_policy should be used with Vault >= 1.5.""") + return pulumi.get(self, "length") @length.setter @@ -837,6 +840,9 @@ def length(self) -> Optional[pulumi.Input[int]]: **Deprecated** use `password_policy`. The desired length of passwords that Vault generates. *Mutually exclusive with `password_policy` on vault-1.11+* """ + warnings.warn("""Length is deprecated and password_policy should be used with Vault >= 1.5.""", DeprecationWarning) + pulumi.log.warn("""length is deprecated: Length is deprecated and password_policy should be used with Vault >= 1.5.""") + return pulumi.get(self, "length") @length.setter @@ -1222,9 +1228,6 @@ def _internal_init(__self__, __props__.__dict__["disable_remount"] = disable_remount __props__.__dict__["external_entropy_access"] = external_entropy_access __props__.__dict__["insecure_tls"] = insecure_tls - if length is not None and not opts.urn: - warnings.warn("""Length is deprecated and password_policy should be used with Vault >= 1.5.""", DeprecationWarning) - pulumi.log.warn("""length is deprecated: Length is deprecated and password_policy should be used with Vault >= 1.5.""") __props__.__dict__["length"] = length __props__.__dict__["local"] = local __props__.__dict__["max_lease_ttl_seconds"] = max_lease_ttl_seconds @@ -1498,6 +1501,9 @@ def length(self) -> pulumi.Output[int]: **Deprecated** use `password_policy`. The desired length of passwords that Vault generates. *Mutually exclusive with `password_policy` on vault-1.11+* """ + warnings.warn("""Length is deprecated and password_policy should be used with Vault >= 1.5.""", DeprecationWarning) + pulumi.log.warn("""length is deprecated: Length is deprecated and password_policy should be used with Vault >= 1.5.""") + return pulumi.get(self, "length") @property diff --git a/sdk/python/pulumi_vault/managed/_inputs.py b/sdk/python/pulumi_vault/managed/_inputs.py index e1b549a6e..304525735 100644 --- a/sdk/python/pulumi_vault/managed/_inputs.py +++ b/sdk/python/pulumi_vault/managed/_inputs.py @@ -34,9 +34,7 @@ def __init__(__self__, *, uuid: Optional[pulumi.Input[str]] = None): """ :param pulumi.Input[str] access_key: The AWS access key to use. - :param pulumi.Input[str] key_bits: Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - `allow_generate_key` is `true`. + :param pulumi.Input[str] key_bits: The size in bits for an RSA key. :param pulumi.Input[str] key_type: The type of key to use. :param pulumi.Input[str] kms_key: An identifier for the key. :param pulumi.Input[str] name: A unique lowercase name that serves as identifying the key. @@ -51,8 +49,8 @@ def __init__(__self__, *, configured backend, if `false`, those operations will be forbidden. :param pulumi.Input[bool] any_mount: If `true`, allows usage from any mount point within the namespace. - :param pulumi.Input[str] curve: Supplies the curve value when using the `CKM_ECDSA` mechanism. - Required if `allow_generate_key` is `true`. + :param pulumi.Input[str] curve: The curve to use for an ECDSA key. Used when `key_type` + is `ECDSA`. Required if `allow_generate_key` is `true`. :param pulumi.Input[str] endpoint: Used to specify a custom AWS endpoint. :param pulumi.Input[str] region: The AWS region where the keys are stored (or will be stored). """ @@ -95,9 +93,7 @@ def access_key(self, value: pulumi.Input[str]): @pulumi.getter(name="keyBits") def key_bits(self) -> pulumi.Input[str]: """ - Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - `allow_generate_key` is `true`. + The size in bits for an RSA key. """ return pulumi.get(self, "key_bits") @@ -211,8 +207,8 @@ def any_mount(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter def curve(self) -> Optional[pulumi.Input[str]]: """ - Supplies the curve value when using the `CKM_ECDSA` mechanism. - Required if `allow_generate_key` is `true`. + The curve to use for an ECDSA key. Used when `key_type` + is `ECDSA`. Required if `allow_generate_key` is `true`. """ return pulumi.get(self, "curve") @@ -291,9 +287,7 @@ def __init__(__self__, *, :param pulumi.Input[bool] any_mount: If `true`, allows usage from any mount point within the namespace. :param pulumi.Input[str] environment: The Azure Cloud environment API endpoints to use. - :param pulumi.Input[str] key_bits: Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - `allow_generate_key` is `true`. + :param pulumi.Input[str] key_bits: The size in bits for an RSA key. :param pulumi.Input[str] resource: The Azure Key Vault resource's DNS Suffix to connect to. """ pulumi.set(__self__, "client_id", client_id) @@ -474,9 +468,7 @@ def environment(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="keyBits") def key_bits(self) -> Optional[pulumi.Input[str]]: """ - Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - `allow_generate_key` is `true`. + The size in bits for an RSA key. """ return pulumi.get(self, "key_bits") @@ -544,13 +536,11 @@ def __init__(__self__, *, configured backend, if `false`, those operations will be forbidden. :param pulumi.Input[bool] any_mount: If `true`, allows usage from any mount point within the namespace. - :param pulumi.Input[str] curve: Supplies the curve value when using the `CKM_ECDSA` mechanism. - Required if `allow_generate_key` is `true`. + :param pulumi.Input[str] curve: The curve to use for an ECDSA key. Used when `key_type` + is `ECDSA`. Required if `allow_generate_key` is `true`. :param pulumi.Input[str] force_rw_session: Force all operations to open up a read-write session to the HSM. - :param pulumi.Input[str] key_bits: Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - `allow_generate_key` is `true`. + :param pulumi.Input[str] key_bits: The size in bits for an RSA key. :param pulumi.Input[str] slot: The slot number to use, specified as a string in a decimal format (e.g. `2305843009213693953`). :param pulumi.Input[str] token_label: The slot token label to use. @@ -714,8 +704,8 @@ def any_mount(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter def curve(self) -> Optional[pulumi.Input[str]]: """ - Supplies the curve value when using the `CKM_ECDSA` mechanism. - Required if `allow_generate_key` is `true`. + The curve to use for an ECDSA key. Used when `key_type` + is `ECDSA`. Required if `allow_generate_key` is `true`. """ return pulumi.get(self, "curve") @@ -740,9 +730,7 @@ def force_rw_session(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="keyBits") def key_bits(self) -> Optional[pulumi.Input[str]]: """ - Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - `allow_generate_key` is `true`. + The size in bits for an RSA key. """ return pulumi.get(self, "key_bits") diff --git a/sdk/python/pulumi_vault/managed/outputs.py b/sdk/python/pulumi_vault/managed/outputs.py index c92dd4ade..f47df58e5 100644 --- a/sdk/python/pulumi_vault/managed/outputs.py +++ b/sdk/python/pulumi_vault/managed/outputs.py @@ -67,9 +67,7 @@ def __init__(__self__, *, uuid: Optional[str] = None): """ :param str access_key: The AWS access key to use. - :param str key_bits: Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - `allow_generate_key` is `true`. + :param str key_bits: The size in bits for an RSA key. :param str key_type: The type of key to use. :param str kms_key: An identifier for the key. :param str name: A unique lowercase name that serves as identifying the key. @@ -84,8 +82,8 @@ def __init__(__self__, *, configured backend, if `false`, those operations will be forbidden. :param bool any_mount: If `true`, allows usage from any mount point within the namespace. - :param str curve: Supplies the curve value when using the `CKM_ECDSA` mechanism. - Required if `allow_generate_key` is `true`. + :param str curve: The curve to use for an ECDSA key. Used when `key_type` + is `ECDSA`. Required if `allow_generate_key` is `true`. :param str endpoint: Used to specify a custom AWS endpoint. :param str region: The AWS region where the keys are stored (or will be stored). """ @@ -124,9 +122,7 @@ def access_key(self) -> str: @pulumi.getter(name="keyBits") def key_bits(self) -> str: """ - Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - `allow_generate_key` is `true`. + The size in bits for an RSA key. """ return pulumi.get(self, "key_bits") @@ -204,8 +200,8 @@ def any_mount(self) -> Optional[bool]: @pulumi.getter def curve(self) -> Optional[str]: """ - Supplies the curve value when using the `CKM_ECDSA` mechanism. - Required if `allow_generate_key` is `true`. + The curve to use for an ECDSA key. Used when `key_type` + is `ECDSA`. Required if `allow_generate_key` is `true`. """ return pulumi.get(self, "curve") @@ -305,9 +301,7 @@ def __init__(__self__, *, :param bool any_mount: If `true`, allows usage from any mount point within the namespace. :param str environment: The Azure Cloud environment API endpoints to use. - :param str key_bits: Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - `allow_generate_key` is `true`. + :param str key_bits: The size in bits for an RSA key. :param str resource: The Azure Key Vault resource's DNS Suffix to connect to. """ pulumi.set(__self__, "client_id", client_id) @@ -440,9 +434,7 @@ def environment(self) -> Optional[str]: @pulumi.getter(name="keyBits") def key_bits(self) -> Optional[str]: """ - Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - `allow_generate_key` is `true`. + The size in bits for an RSA key. """ return pulumi.get(self, "key_bits") @@ -531,13 +523,11 @@ def __init__(__self__, *, configured backend, if `false`, those operations will be forbidden. :param bool any_mount: If `true`, allows usage from any mount point within the namespace. - :param str curve: Supplies the curve value when using the `CKM_ECDSA` mechanism. - Required if `allow_generate_key` is `true`. + :param str curve: The curve to use for an ECDSA key. Used when `key_type` + is `ECDSA`. Required if `allow_generate_key` is `true`. :param str force_rw_session: Force all operations to open up a read-write session to the HSM. - :param str key_bits: Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - `allow_generate_key` is `true`. + :param str key_bits: The size in bits for an RSA key. :param str slot: The slot number to use, specified as a string in a decimal format (e.g. `2305843009213693953`). :param str token_label: The slot token label to use. @@ -661,8 +651,8 @@ def any_mount(self) -> Optional[bool]: @pulumi.getter def curve(self) -> Optional[str]: """ - Supplies the curve value when using the `CKM_ECDSA` mechanism. - Required if `allow_generate_key` is `true`. + The curve to use for an ECDSA key. Used when `key_type` + is `ECDSA`. Required if `allow_generate_key` is `true`. """ return pulumi.get(self, "curve") @@ -679,9 +669,7 @@ def force_rw_session(self) -> Optional[str]: @pulumi.getter(name="keyBits") def key_bits(self) -> Optional[str]: """ - Supplies the size in bits of the key when using `CKM_RSA_PKCS_PSS`, - `CKM_RSA_PKCS_OAEP` or `CKM_RSA_PKCS` as a value for `mechanism`. Required if - `allow_generate_key` is `true`. + The size in bits for an RSA key. """ return pulumi.get(self, "key_bits") diff --git a/sdk/python/pulumi_vault/mfa_pingid.py b/sdk/python/pulumi_vault/mfa_pingid.py index 5d0ca6b68..db300028d 100644 --- a/sdk/python/pulumi_vault/mfa_pingid.py +++ b/sdk/python/pulumi_vault/mfa_pingid.py @@ -136,9 +136,9 @@ def __init__(__self__, *, username_format: Optional[pulumi.Input[str]] = None): """ Input properties used for looking up and filtering MfaPingid resources. - :param pulumi.Input[str] admin_url: Admin URL computed by Vault. - :param pulumi.Input[str] authenticator_url: Authenticator URL computed by Vault. - :param pulumi.Input[str] idp_url: IDP URL computed by Vault. + :param pulumi.Input[str] admin_url: `(string)` – Admin URL computed by Vault + :param pulumi.Input[str] authenticator_url: `(string)` – Authenticator URL computed by Vault + :param pulumi.Input[str] idp_url: `(string)` – IDP URL computed by Vault :param pulumi.Input[str] mount_accessor: `(string: )` - The mount to tie this method to for use in automatic mappings. The mapping will use the Name field of Aliases associated with this mount as the username in the mapping. :param pulumi.Input[str] name: `(string: )` – Name of the MFA method. @@ -146,12 +146,12 @@ def __init__(__self__, *, The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). *Available only for Vault Enterprise*. - :param pulumi.Input[str] namespace_id: Namespace ID computed by Vault. - :param pulumi.Input[str] org_alias: Org Alias computed by Vault. + :param pulumi.Input[str] namespace_id: `(string)` – Namespace ID computed by Vault + :param pulumi.Input[str] org_alias: `(string)` – Org Alias computed by Vault :param pulumi.Input[str] settings_file_base64: `(string: )` - A base64-encoded third-party settings file retrieved from PingID's configuration page. - :param pulumi.Input[str] type: Type of configuration computed by Vault. - :param pulumi.Input[bool] use_signature: If set, enables use of PingID signature. Computed by Vault + :param pulumi.Input[str] type: `(string)` – Type of configuration computed by Vault + :param pulumi.Input[bool] use_signature: `(string)` – If set to true, enables use of PingID signature. Computed by Vault :param pulumi.Input[str] username_format: `(string)` - A format string for mapping Identity names to MFA method names. Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. If blank, the Alias's Name field will be used as-is. Currently-supported mappings: @@ -189,7 +189,7 @@ def __init__(__self__, *, @pulumi.getter(name="adminUrl") def admin_url(self) -> Optional[pulumi.Input[str]]: """ - Admin URL computed by Vault. + `(string)` – Admin URL computed by Vault """ return pulumi.get(self, "admin_url") @@ -201,7 +201,7 @@ def admin_url(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="authenticatorUrl") def authenticator_url(self) -> Optional[pulumi.Input[str]]: """ - Authenticator URL computed by Vault. + `(string)` – Authenticator URL computed by Vault """ return pulumi.get(self, "authenticator_url") @@ -213,7 +213,7 @@ def authenticator_url(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="idpUrl") def idp_url(self) -> Optional[pulumi.Input[str]]: """ - IDP URL computed by Vault. + `(string)` – IDP URL computed by Vault """ return pulumi.get(self, "idp_url") @@ -265,7 +265,7 @@ def namespace(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="namespaceId") def namespace_id(self) -> Optional[pulumi.Input[str]]: """ - Namespace ID computed by Vault. + `(string)` – Namespace ID computed by Vault """ return pulumi.get(self, "namespace_id") @@ -277,7 +277,7 @@ def namespace_id(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="orgAlias") def org_alias(self) -> Optional[pulumi.Input[str]]: """ - Org Alias computed by Vault. + `(string)` – Org Alias computed by Vault """ return pulumi.get(self, "org_alias") @@ -302,7 +302,7 @@ def settings_file_base64(self, value: Optional[pulumi.Input[str]]): @pulumi.getter def type(self) -> Optional[pulumi.Input[str]]: """ - Type of configuration computed by Vault. + `(string)` – Type of configuration computed by Vault """ return pulumi.get(self, "type") @@ -314,7 +314,7 @@ def type(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="useSignature") def use_signature(self) -> Optional[pulumi.Input[bool]]: """ - If set, enables use of PingID signature. Computed by Vault + `(string)` – If set to true, enables use of PingID signature. Computed by Vault """ return pulumi.get(self, "use_signature") @@ -511,9 +511,9 @@ def get(resource_name: str, :param str resource_name: The unique name of the resulting resource. :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. :param pulumi.ResourceOptions opts: Options for the resource. - :param pulumi.Input[str] admin_url: Admin URL computed by Vault. - :param pulumi.Input[str] authenticator_url: Authenticator URL computed by Vault. - :param pulumi.Input[str] idp_url: IDP URL computed by Vault. + :param pulumi.Input[str] admin_url: `(string)` – Admin URL computed by Vault + :param pulumi.Input[str] authenticator_url: `(string)` – Authenticator URL computed by Vault + :param pulumi.Input[str] idp_url: `(string)` – IDP URL computed by Vault :param pulumi.Input[str] mount_accessor: `(string: )` - The mount to tie this method to for use in automatic mappings. The mapping will use the Name field of Aliases associated with this mount as the username in the mapping. :param pulumi.Input[str] name: `(string: )` – Name of the MFA method. @@ -521,12 +521,12 @@ def get(resource_name: str, The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). *Available only for Vault Enterprise*. - :param pulumi.Input[str] namespace_id: Namespace ID computed by Vault. - :param pulumi.Input[str] org_alias: Org Alias computed by Vault. + :param pulumi.Input[str] namespace_id: `(string)` – Namespace ID computed by Vault + :param pulumi.Input[str] org_alias: `(string)` – Org Alias computed by Vault :param pulumi.Input[str] settings_file_base64: `(string: )` - A base64-encoded third-party settings file retrieved from PingID's configuration page. - :param pulumi.Input[str] type: Type of configuration computed by Vault. - :param pulumi.Input[bool] use_signature: If set, enables use of PingID signature. Computed by Vault + :param pulumi.Input[str] type: `(string)` – Type of configuration computed by Vault + :param pulumi.Input[bool] use_signature: `(string)` – If set to true, enables use of PingID signature. Computed by Vault :param pulumi.Input[str] username_format: `(string)` - A format string for mapping Identity names to MFA method names. Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. If blank, the Alias's Name field will be used as-is. Currently-supported mappings: @@ -557,7 +557,7 @@ def get(resource_name: str, @pulumi.getter(name="adminUrl") def admin_url(self) -> pulumi.Output[str]: """ - Admin URL computed by Vault. + `(string)` – Admin URL computed by Vault """ return pulumi.get(self, "admin_url") @@ -565,7 +565,7 @@ def admin_url(self) -> pulumi.Output[str]: @pulumi.getter(name="authenticatorUrl") def authenticator_url(self) -> pulumi.Output[str]: """ - Authenticator URL computed by Vault. + `(string)` – Authenticator URL computed by Vault """ return pulumi.get(self, "authenticator_url") @@ -573,7 +573,7 @@ def authenticator_url(self) -> pulumi.Output[str]: @pulumi.getter(name="idpUrl") def idp_url(self) -> pulumi.Output[str]: """ - IDP URL computed by Vault. + `(string)` – IDP URL computed by Vault """ return pulumi.get(self, "idp_url") @@ -609,7 +609,7 @@ def namespace(self) -> pulumi.Output[Optional[str]]: @pulumi.getter(name="namespaceId") def namespace_id(self) -> pulumi.Output[str]: """ - Namespace ID computed by Vault. + `(string)` – Namespace ID computed by Vault """ return pulumi.get(self, "namespace_id") @@ -617,7 +617,7 @@ def namespace_id(self) -> pulumi.Output[str]: @pulumi.getter(name="orgAlias") def org_alias(self) -> pulumi.Output[str]: """ - Org Alias computed by Vault. + `(string)` – Org Alias computed by Vault """ return pulumi.get(self, "org_alias") @@ -634,7 +634,7 @@ def settings_file_base64(self) -> pulumi.Output[str]: @pulumi.getter def type(self) -> pulumi.Output[str]: """ - Type of configuration computed by Vault. + `(string)` – Type of configuration computed by Vault """ return pulumi.get(self, "type") @@ -642,7 +642,7 @@ def type(self) -> pulumi.Output[str]: @pulumi.getter(name="useSignature") def use_signature(self) -> pulumi.Output[bool]: """ - If set, enables use of PingID signature. Computed by Vault + `(string)` – If set to true, enables use of PingID signature. Computed by Vault """ return pulumi.get(self, "use_signature") diff --git a/sdk/python/pulumi_vault/namespace.py b/sdk/python/pulumi_vault/namespace.py index b4896663e..a182ba071 100644 --- a/sdk/python/pulumi_vault/namespace.py +++ b/sdk/python/pulumi_vault/namespace.py @@ -15,11 +15,14 @@ class NamespaceArgs: def __init__(__self__, *, path: pulumi.Input[str], + custom_metadata: Optional[pulumi.Input[Mapping[str, Any]]] = None, namespace: Optional[pulumi.Input[str]] = None, path_fq: Optional[pulumi.Input[str]] = None): """ The set of arguments for constructing a Namespace resource. :param pulumi.Input[str] path: The path of the namespace. Must not have a trailing `/`. + :param pulumi.Input[Mapping[str, Any]] custom_metadata: Custom metadata describing this namespace. Value type + is `map[string]string`. Requires Vault version 1.12+. :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). @@ -28,6 +31,8 @@ def __init__(__self__, *, The path is relative to the provider's `namespace` argument. """ pulumi.set(__self__, "path", path) + if custom_metadata is not None: + pulumi.set(__self__, "custom_metadata", custom_metadata) if namespace is not None: pulumi.set(__self__, "namespace", namespace) if path_fq is not None: @@ -45,6 +50,19 @@ def path(self) -> pulumi.Input[str]: def path(self, value: pulumi.Input[str]): pulumi.set(self, "path", value) + @property + @pulumi.getter(name="customMetadata") + def custom_metadata(self) -> Optional[pulumi.Input[Mapping[str, Any]]]: + """ + Custom metadata describing this namespace. Value type + is `map[string]string`. Requires Vault version 1.12+. + """ + return pulumi.get(self, "custom_metadata") + + @custom_metadata.setter + def custom_metadata(self, value: Optional[pulumi.Input[Mapping[str, Any]]]): + pulumi.set(self, "custom_metadata", value) + @property @pulumi.getter def namespace(self) -> Optional[pulumi.Input[str]]: @@ -77,12 +95,15 @@ def path_fq(self, value: Optional[pulumi.Input[str]]): @pulumi.input_type class _NamespaceState: def __init__(__self__, *, + custom_metadata: Optional[pulumi.Input[Mapping[str, Any]]] = None, namespace: Optional[pulumi.Input[str]] = None, namespace_id: Optional[pulumi.Input[str]] = None, path: Optional[pulumi.Input[str]] = None, path_fq: Optional[pulumi.Input[str]] = None): """ Input properties used for looking up and filtering Namespace resources. + :param pulumi.Input[Mapping[str, Any]] custom_metadata: Custom metadata describing this namespace. Value type + is `map[string]string`. Requires Vault version 1.12+. :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). @@ -92,6 +113,8 @@ def __init__(__self__, *, :param pulumi.Input[str] path_fq: The fully qualified path to the namespace. Useful when provisioning resources in a child `namespace`. The path is relative to the provider's `namespace` argument. """ + if custom_metadata is not None: + pulumi.set(__self__, "custom_metadata", custom_metadata) if namespace is not None: pulumi.set(__self__, "namespace", namespace) if namespace_id is not None: @@ -101,6 +124,19 @@ def __init__(__self__, *, if path_fq is not None: pulumi.set(__self__, "path_fq", path_fq) + @property + @pulumi.getter(name="customMetadata") + def custom_metadata(self) -> Optional[pulumi.Input[Mapping[str, Any]]]: + """ + Custom metadata describing this namespace. Value type + is `map[string]string`. Requires Vault version 1.12+. + """ + return pulumi.get(self, "custom_metadata") + + @custom_metadata.setter + def custom_metadata(self, value: Optional[pulumi.Input[Mapping[str, Any]]]): + pulumi.set(self, "custom_metadata", value) + @property @pulumi.getter def namespace(self) -> Optional[pulumi.Input[str]]: @@ -159,6 +195,7 @@ class Namespace(pulumi.CustomResource): def __init__(__self__, resource_name: str, opts: Optional[pulumi.ResourceOptions] = None, + custom_metadata: Optional[pulumi.Input[Mapping[str, Any]]] = None, namespace: Optional[pulumi.Input[str]] = None, path: Optional[pulumi.Input[str]] = None, path_fq: Optional[pulumi.Input[str]] = None, @@ -210,6 +247,8 @@ def __init__(__self__, :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[Mapping[str, Any]] custom_metadata: Custom metadata describing this namespace. Value type + is `map[string]string`. Requires Vault version 1.12+. :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). @@ -284,6 +323,7 @@ def __init__(__self__, resource_name: str, *args, **kwargs): def _internal_init(__self__, resource_name: str, opts: Optional[pulumi.ResourceOptions] = None, + custom_metadata: Optional[pulumi.Input[Mapping[str, Any]]] = None, namespace: Optional[pulumi.Input[str]] = None, path: Optional[pulumi.Input[str]] = None, path_fq: Optional[pulumi.Input[str]] = None, @@ -296,6 +336,7 @@ def _internal_init(__self__, raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') __props__ = NamespaceArgs.__new__(NamespaceArgs) + __props__.__dict__["custom_metadata"] = custom_metadata __props__.__dict__["namespace"] = namespace if path is None and not opts.urn: raise TypeError("Missing required property 'path'") @@ -312,6 +353,7 @@ def _internal_init(__self__, def get(resource_name: str, id: pulumi.Input[str], opts: Optional[pulumi.ResourceOptions] = None, + custom_metadata: Optional[pulumi.Input[Mapping[str, Any]]] = None, namespace: Optional[pulumi.Input[str]] = None, namespace_id: Optional[pulumi.Input[str]] = None, path: Optional[pulumi.Input[str]] = None, @@ -323,6 +365,8 @@ def get(resource_name: str, :param str resource_name: The unique name of the resulting resource. :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[Mapping[str, Any]] custom_metadata: Custom metadata describing this namespace. Value type + is `map[string]string`. Requires Vault version 1.12+. :param pulumi.Input[str] namespace: The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). @@ -336,12 +380,22 @@ def get(resource_name: str, __props__ = _NamespaceState.__new__(_NamespaceState) + __props__.__dict__["custom_metadata"] = custom_metadata __props__.__dict__["namespace"] = namespace __props__.__dict__["namespace_id"] = namespace_id __props__.__dict__["path"] = path __props__.__dict__["path_fq"] = path_fq return Namespace(resource_name, opts=opts, __props__=__props__) + @property + @pulumi.getter(name="customMetadata") + def custom_metadata(self) -> pulumi.Output[Mapping[str, Any]]: + """ + Custom metadata describing this namespace. Value type + is `map[string]string`. Requires Vault version 1.12+. + """ + return pulumi.get(self, "custom_metadata") + @property @pulumi.getter def namespace(self) -> pulumi.Output[Optional[str]]: diff --git a/sdk/python/pulumi_vault/okta/_inputs.py b/sdk/python/pulumi_vault/okta/_inputs.py index 69bb9f5d1..703982342 100644 --- a/sdk/python/pulumi_vault/okta/_inputs.py +++ b/sdk/python/pulumi_vault/okta/_inputs.py @@ -21,7 +21,7 @@ def __init__(__self__, *, policies: pulumi.Input[Sequence[pulumi.Input[str]]]): """ :param pulumi.Input[str] group_name: Name of the group within the Okta - :param pulumi.Input[Sequence[pulumi.Input[str]]] policies: List of Vault policies to associate with this user + :param pulumi.Input[Sequence[pulumi.Input[str]]] policies: Vault policies to associate with this group """ pulumi.set(__self__, "group_name", group_name) pulumi.set(__self__, "policies", policies) @@ -42,7 +42,7 @@ def group_name(self, value: pulumi.Input[str]): @pulumi.getter def policies(self) -> pulumi.Input[Sequence[pulumi.Input[str]]]: """ - List of Vault policies to associate with this user + Vault policies to associate with this group """ return pulumi.get(self, "policies") @@ -60,7 +60,7 @@ def __init__(__self__, *, """ :param pulumi.Input[str] username: Name of the user within Okta :param pulumi.Input[Sequence[pulumi.Input[str]]] groups: List of Okta groups to associate with this user - :param pulumi.Input[Sequence[pulumi.Input[str]]] policies: List of Vault policies to associate with this user + :param pulumi.Input[Sequence[pulumi.Input[str]]] policies: Vault policies to associate with this group """ pulumi.set(__self__, "username", username) if groups is not None: @@ -96,7 +96,7 @@ def groups(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @pulumi.getter def policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: """ - List of Vault policies to associate with this user + Vault policies to associate with this group """ return pulumi.get(self, "policies") diff --git a/sdk/python/pulumi_vault/okta/outputs.py b/sdk/python/pulumi_vault/okta/outputs.py index 40ba30e77..60981c6d9 100644 --- a/sdk/python/pulumi_vault/okta/outputs.py +++ b/sdk/python/pulumi_vault/okta/outputs.py @@ -38,7 +38,7 @@ def __init__(__self__, *, policies: Sequence[str]): """ :param str group_name: Name of the group within the Okta - :param Sequence[str] policies: List of Vault policies to associate with this user + :param Sequence[str] policies: Vault policies to associate with this group """ pulumi.set(__self__, "group_name", group_name) pulumi.set(__self__, "policies", policies) @@ -55,7 +55,7 @@ def group_name(self) -> str: @pulumi.getter def policies(self) -> Sequence[str]: """ - List of Vault policies to associate with this user + Vault policies to associate with this group """ return pulumi.get(self, "policies") @@ -69,7 +69,7 @@ def __init__(__self__, *, """ :param str username: Name of the user within Okta :param Sequence[str] groups: List of Okta groups to associate with this user - :param Sequence[str] policies: List of Vault policies to associate with this user + :param Sequence[str] policies: Vault policies to associate with this group """ pulumi.set(__self__, "username", username) if groups is not None: @@ -97,7 +97,7 @@ def groups(self) -> Optional[Sequence[str]]: @pulumi.getter def policies(self) -> Optional[Sequence[str]]: """ - List of Vault policies to associate with this user + Vault policies to associate with this group """ return pulumi.get(self, "policies") diff --git a/sdk/python/pulumi_vault/pkisecret/__init__.py b/sdk/python/pulumi_vault/pkisecret/__init__.py index 124233306..a3d6b5213 100644 --- a/sdk/python/pulumi_vault/pkisecret/__init__.py +++ b/sdk/python/pulumi_vault/pkisecret/__init__.py @@ -5,6 +5,10 @@ from .. import _utilities import typing # Export this package's modules as members: +from .get_backend_issuer import * +from .get_backend_issuers import * +from .get_backend_key import * +from .get_backend_keys import * from .secret_backend_cert import * from .secret_backend_config_ca import * from .secret_backend_config_issuers import * @@ -18,3 +22,5 @@ from .secret_backend_root_cert import * from .secret_backend_root_sign_intermediate import * from .secret_backend_sign import * +from ._inputs import * +from . import outputs diff --git a/sdk/python/pulumi_vault/pkisecret/_inputs.py b/sdk/python/pulumi_vault/pkisecret/_inputs.py new file mode 100644 index 000000000..189654a0f --- /dev/null +++ b/sdk/python/pulumi_vault/pkisecret/_inputs.py @@ -0,0 +1,73 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +from .. import _utilities + +__all__ = [ + 'SecretBackendRolePolicyIdentifierArgs', +] + +@pulumi.input_type +class SecretBackendRolePolicyIdentifierArgs: + def __init__(__self__, *, + oid: pulumi.Input[str], + cps: Optional[pulumi.Input[str]] = None, + notice: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] oid: The OID for the policy identifier + :param pulumi.Input[str] cps: The URL of the CPS for the policy identifier + + Example usage: + :param pulumi.Input[str] notice: A notice for the policy identifier + """ + pulumi.set(__self__, "oid", oid) + if cps is not None: + pulumi.set(__self__, "cps", cps) + if notice is not None: + pulumi.set(__self__, "notice", notice) + + @property + @pulumi.getter + def oid(self) -> pulumi.Input[str]: + """ + The OID for the policy identifier + """ + return pulumi.get(self, "oid") + + @oid.setter + def oid(self, value: pulumi.Input[str]): + pulumi.set(self, "oid", value) + + @property + @pulumi.getter + def cps(self) -> Optional[pulumi.Input[str]]: + """ + The URL of the CPS for the policy identifier + + Example usage: + """ + return pulumi.get(self, "cps") + + @cps.setter + def cps(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "cps", value) + + @property + @pulumi.getter + def notice(self) -> Optional[pulumi.Input[str]]: + """ + A notice for the policy identifier + """ + return pulumi.get(self, "notice") + + @notice.setter + def notice(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "notice", value) + + diff --git a/sdk/python/pulumi_vault/pkisecret/get_backend_issuer.py b/sdk/python/pulumi_vault/pkisecret/get_backend_issuer.py new file mode 100644 index 000000000..70e20a5bc --- /dev/null +++ b/sdk/python/pulumi_vault/pkisecret/get_backend_issuer.py @@ -0,0 +1,224 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +from .. import _utilities + +__all__ = [ + 'GetBackendIssuerResult', + 'AwaitableGetBackendIssuerResult', + 'get_backend_issuer', + 'get_backend_issuer_output', +] + +@pulumi.output_type +class GetBackendIssuerResult: + """ + A collection of values returned by getBackendIssuer. + """ + def __init__(__self__, backend=None, ca_chains=None, certificate=None, id=None, issuer_id=None, issuer_name=None, issuer_ref=None, key_id=None, leaf_not_after_behavior=None, manual_chains=None, namespace=None, usage=None): + if backend and not isinstance(backend, str): + raise TypeError("Expected argument 'backend' to be a str") + pulumi.set(__self__, "backend", backend) + if ca_chains and not isinstance(ca_chains, list): + raise TypeError("Expected argument 'ca_chains' to be a list") + pulumi.set(__self__, "ca_chains", ca_chains) + if certificate and not isinstance(certificate, str): + raise TypeError("Expected argument 'certificate' to be a str") + pulumi.set(__self__, "certificate", certificate) + if id and not isinstance(id, str): + raise TypeError("Expected argument 'id' to be a str") + pulumi.set(__self__, "id", id) + if issuer_id and not isinstance(issuer_id, str): + raise TypeError("Expected argument 'issuer_id' to be a str") + pulumi.set(__self__, "issuer_id", issuer_id) + if issuer_name and not isinstance(issuer_name, str): + raise TypeError("Expected argument 'issuer_name' to be a str") + pulumi.set(__self__, "issuer_name", issuer_name) + if issuer_ref and not isinstance(issuer_ref, str): + raise TypeError("Expected argument 'issuer_ref' to be a str") + pulumi.set(__self__, "issuer_ref", issuer_ref) + if key_id and not isinstance(key_id, str): + raise TypeError("Expected argument 'key_id' to be a str") + pulumi.set(__self__, "key_id", key_id) + if leaf_not_after_behavior and not isinstance(leaf_not_after_behavior, str): + raise TypeError("Expected argument 'leaf_not_after_behavior' to be a str") + pulumi.set(__self__, "leaf_not_after_behavior", leaf_not_after_behavior) + if manual_chains and not isinstance(manual_chains, list): + raise TypeError("Expected argument 'manual_chains' to be a list") + pulumi.set(__self__, "manual_chains", manual_chains) + if namespace and not isinstance(namespace, str): + raise TypeError("Expected argument 'namespace' to be a str") + pulumi.set(__self__, "namespace", namespace) + if usage and not isinstance(usage, str): + raise TypeError("Expected argument 'usage' to be a str") + pulumi.set(__self__, "usage", usage) + + @property + @pulumi.getter + def backend(self) -> str: + return pulumi.get(self, "backend") + + @property + @pulumi.getter(name="caChains") + def ca_chains(self) -> Sequence[str]: + """ + The CA chain as a list of format specific certificates. + """ + return pulumi.get(self, "ca_chains") + + @property + @pulumi.getter + def certificate(self) -> str: + """ + Certificate associated with this issuer. + """ + return pulumi.get(self, "certificate") + + @property + @pulumi.getter + def id(self) -> str: + """ + The provider-assigned unique ID for this managed resource. + """ + return pulumi.get(self, "id") + + @property + @pulumi.getter(name="issuerId") + def issuer_id(self) -> str: + """ + ID of the issuer. + """ + return pulumi.get(self, "issuer_id") + + @property + @pulumi.getter(name="issuerName") + def issuer_name(self) -> str: + """ + Name of the issuer. + """ + return pulumi.get(self, "issuer_name") + + @property + @pulumi.getter(name="issuerRef") + def issuer_ref(self) -> str: + return pulumi.get(self, "issuer_ref") + + @property + @pulumi.getter(name="keyId") + def key_id(self) -> str: + """ + ID of the key used by the issuer. + """ + return pulumi.get(self, "key_id") + + @property + @pulumi.getter(name="leafNotAfterBehavior") + def leaf_not_after_behavior(self) -> str: + """ + Behavior of a leaf's NotAfter field during issuance. + """ + return pulumi.get(self, "leaf_not_after_behavior") + + @property + @pulumi.getter(name="manualChains") + def manual_chains(self) -> Sequence[str]: + """ + Chain of issuer references to build this issuer's computed + CAChain field from, when non-empty. + """ + return pulumi.get(self, "manual_chains") + + @property + @pulumi.getter + def namespace(self) -> Optional[str]: + return pulumi.get(self, "namespace") + + @property + @pulumi.getter + def usage(self) -> str: + """ + Allowed usages for this issuer. + """ + return pulumi.get(self, "usage") + + +class AwaitableGetBackendIssuerResult(GetBackendIssuerResult): + # pylint: disable=using-constant-test + def __await__(self): + if False: + yield self + return GetBackendIssuerResult( + backend=self.backend, + ca_chains=self.ca_chains, + certificate=self.certificate, + id=self.id, + issuer_id=self.issuer_id, + issuer_name=self.issuer_name, + issuer_ref=self.issuer_ref, + key_id=self.key_id, + leaf_not_after_behavior=self.leaf_not_after_behavior, + manual_chains=self.manual_chains, + namespace=self.namespace, + usage=self.usage) + + +def get_backend_issuer(backend: Optional[str] = None, + issuer_ref: Optional[str] = None, + namespace: Optional[str] = None, + opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetBackendIssuerResult: + """ + Use this data source to access information about an existing resource. + + :param str backend: The path to the PKI secret backend to + read the issuer from, with no leading or trailing `/`s. + :param str issuer_ref: Reference to an existing issuer. + :param str namespace: The namespace of the target resource. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. + """ + __args__ = dict() + __args__['backend'] = backend + __args__['issuerRef'] = issuer_ref + __args__['namespace'] = namespace + opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + __ret__ = pulumi.runtime.invoke('vault:pkiSecret/getBackendIssuer:getBackendIssuer', __args__, opts=opts, typ=GetBackendIssuerResult).value + + return AwaitableGetBackendIssuerResult( + backend=pulumi.get(__ret__, 'backend'), + ca_chains=pulumi.get(__ret__, 'ca_chains'), + certificate=pulumi.get(__ret__, 'certificate'), + id=pulumi.get(__ret__, 'id'), + issuer_id=pulumi.get(__ret__, 'issuer_id'), + issuer_name=pulumi.get(__ret__, 'issuer_name'), + issuer_ref=pulumi.get(__ret__, 'issuer_ref'), + key_id=pulumi.get(__ret__, 'key_id'), + leaf_not_after_behavior=pulumi.get(__ret__, 'leaf_not_after_behavior'), + manual_chains=pulumi.get(__ret__, 'manual_chains'), + namespace=pulumi.get(__ret__, 'namespace'), + usage=pulumi.get(__ret__, 'usage')) + + +@_utilities.lift_output_func(get_backend_issuer) +def get_backend_issuer_output(backend: Optional[pulumi.Input[str]] = None, + issuer_ref: Optional[pulumi.Input[str]] = None, + namespace: Optional[pulumi.Input[Optional[str]]] = None, + opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetBackendIssuerResult]: + """ + Use this data source to access information about an existing resource. + + :param str backend: The path to the PKI secret backend to + read the issuer from, with no leading or trailing `/`s. + :param str issuer_ref: Reference to an existing issuer. + :param str namespace: The namespace of the target resource. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. + """ + ... diff --git a/sdk/python/pulumi_vault/pkisecret/get_backend_issuers.py b/sdk/python/pulumi_vault/pkisecret/get_backend_issuers.py new file mode 100644 index 000000000..3fbdd9065 --- /dev/null +++ b/sdk/python/pulumi_vault/pkisecret/get_backend_issuers.py @@ -0,0 +1,179 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +from .. import _utilities + +__all__ = [ + 'GetBackendIssuersResult', + 'AwaitableGetBackendIssuersResult', + 'get_backend_issuers', + 'get_backend_issuers_output', +] + +@pulumi.output_type +class GetBackendIssuersResult: + """ + A collection of values returned by getBackendIssuers. + """ + def __init__(__self__, backend=None, id=None, key_info=None, key_info_json=None, keys=None, namespace=None): + if backend and not isinstance(backend, str): + raise TypeError("Expected argument 'backend' to be a str") + pulumi.set(__self__, "backend", backend) + if id and not isinstance(id, str): + raise TypeError("Expected argument 'id' to be a str") + pulumi.set(__self__, "id", id) + if key_info and not isinstance(key_info, dict): + raise TypeError("Expected argument 'key_info' to be a dict") + pulumi.set(__self__, "key_info", key_info) + if key_info_json and not isinstance(key_info_json, str): + raise TypeError("Expected argument 'key_info_json' to be a str") + pulumi.set(__self__, "key_info_json", key_info_json) + if keys and not isinstance(keys, list): + raise TypeError("Expected argument 'keys' to be a list") + pulumi.set(__self__, "keys", keys) + if namespace and not isinstance(namespace, str): + raise TypeError("Expected argument 'namespace' to be a str") + pulumi.set(__self__, "namespace", namespace) + + @property + @pulumi.getter + def backend(self) -> str: + return pulumi.get(self, "backend") + + @property + @pulumi.getter + def id(self) -> str: + """ + The provider-assigned unique ID for this managed resource. + """ + return pulumi.get(self, "id") + + @property + @pulumi.getter(name="keyInfo") + def key_info(self) -> Mapping[str, Any]: + """ + Map of issuer strings read from Vault. + """ + return pulumi.get(self, "key_info") + + @property + @pulumi.getter(name="keyInfoJson") + def key_info_json(self) -> str: + """ + JSON-encoded issuer data read from Vault. + """ + return pulumi.get(self, "key_info_json") + + @property + @pulumi.getter + def keys(self) -> Sequence[str]: + """ + Keys used by issuers under the backend path. + """ + return pulumi.get(self, "keys") + + @property + @pulumi.getter + def namespace(self) -> Optional[str]: + return pulumi.get(self, "namespace") + + +class AwaitableGetBackendIssuersResult(GetBackendIssuersResult): + # pylint: disable=using-constant-test + def __await__(self): + if False: + yield self + return GetBackendIssuersResult( + backend=self.backend, + id=self.id, + key_info=self.key_info, + key_info_json=self.key_info_json, + keys=self.keys, + namespace=self.namespace) + + +def get_backend_issuers(backend: Optional[str] = None, + namespace: Optional[str] = None, + opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetBackendIssuersResult: + """ + ## Example Usage + + ```python + import pulumi + import pulumi_vault as vault + + pki = vault.Mount("pki", + path="pki", + type="pki", + description="PKI secret engine mount") + root = vault.pki_secret.SecretBackendRootCert("root", + backend=pki.path, + type="internal", + common_name="example", + ttl="86400", + issuer_name="example") + test = vault.pkiSecret.get_backend_issuers_output(backend=root.backend) + ``` + + + :param str backend: The path to the PKI secret backend to + read the issuers from, with no leading or trailing `/`s. + :param str namespace: The namespace of the target resource. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. + """ + __args__ = dict() + __args__['backend'] = backend + __args__['namespace'] = namespace + opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + __ret__ = pulumi.runtime.invoke('vault:pkiSecret/getBackendIssuers:getBackendIssuers', __args__, opts=opts, typ=GetBackendIssuersResult).value + + return AwaitableGetBackendIssuersResult( + backend=pulumi.get(__ret__, 'backend'), + id=pulumi.get(__ret__, 'id'), + key_info=pulumi.get(__ret__, 'key_info'), + key_info_json=pulumi.get(__ret__, 'key_info_json'), + keys=pulumi.get(__ret__, 'keys'), + namespace=pulumi.get(__ret__, 'namespace')) + + +@_utilities.lift_output_func(get_backend_issuers) +def get_backend_issuers_output(backend: Optional[pulumi.Input[str]] = None, + namespace: Optional[pulumi.Input[Optional[str]]] = None, + opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetBackendIssuersResult]: + """ + ## Example Usage + + ```python + import pulumi + import pulumi_vault as vault + + pki = vault.Mount("pki", + path="pki", + type="pki", + description="PKI secret engine mount") + root = vault.pki_secret.SecretBackendRootCert("root", + backend=pki.path, + type="internal", + common_name="example", + ttl="86400", + issuer_name="example") + test = vault.pkiSecret.get_backend_issuers_output(backend=root.backend) + ``` + + + :param str backend: The path to the PKI secret backend to + read the issuers from, with no leading or trailing `/`s. + :param str namespace: The namespace of the target resource. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. + """ + ... diff --git a/sdk/python/pulumi_vault/pkisecret/get_backend_key.py b/sdk/python/pulumi_vault/pkisecret/get_backend_key.py new file mode 100644 index 000000000..026805742 --- /dev/null +++ b/sdk/python/pulumi_vault/pkisecret/get_backend_key.py @@ -0,0 +1,196 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +from .. import _utilities + +__all__ = [ + 'GetBackendKeyResult', + 'AwaitableGetBackendKeyResult', + 'get_backend_key', + 'get_backend_key_output', +] + +@pulumi.output_type +class GetBackendKeyResult: + """ + A collection of values returned by getBackendKey. + """ + def __init__(__self__, backend=None, id=None, key_id=None, key_name=None, key_ref=None, key_type=None, namespace=None): + if backend and not isinstance(backend, str): + raise TypeError("Expected argument 'backend' to be a str") + pulumi.set(__self__, "backend", backend) + if id and not isinstance(id, str): + raise TypeError("Expected argument 'id' to be a str") + pulumi.set(__self__, "id", id) + if key_id and not isinstance(key_id, str): + raise TypeError("Expected argument 'key_id' to be a str") + pulumi.set(__self__, "key_id", key_id) + if key_name and not isinstance(key_name, str): + raise TypeError("Expected argument 'key_name' to be a str") + pulumi.set(__self__, "key_name", key_name) + if key_ref and not isinstance(key_ref, str): + raise TypeError("Expected argument 'key_ref' to be a str") + pulumi.set(__self__, "key_ref", key_ref) + if key_type and not isinstance(key_type, str): + raise TypeError("Expected argument 'key_type' to be a str") + pulumi.set(__self__, "key_type", key_type) + if namespace and not isinstance(namespace, str): + raise TypeError("Expected argument 'namespace' to be a str") + pulumi.set(__self__, "namespace", namespace) + + @property + @pulumi.getter + def backend(self) -> str: + return pulumi.get(self, "backend") + + @property + @pulumi.getter + def id(self) -> str: + """ + The provider-assigned unique ID for this managed resource. + """ + return pulumi.get(self, "id") + + @property + @pulumi.getter(name="keyId") + def key_id(self) -> str: + """ + ID of the key. + """ + return pulumi.get(self, "key_id") + + @property + @pulumi.getter(name="keyName") + def key_name(self) -> str: + """ + Name of the key. + """ + return pulumi.get(self, "key_name") + + @property + @pulumi.getter(name="keyRef") + def key_ref(self) -> str: + return pulumi.get(self, "key_ref") + + @property + @pulumi.getter(name="keyType") + def key_type(self) -> str: + """ + Type of the key. + """ + return pulumi.get(self, "key_type") + + @property + @pulumi.getter + def namespace(self) -> Optional[str]: + return pulumi.get(self, "namespace") + + +class AwaitableGetBackendKeyResult(GetBackendKeyResult): + # pylint: disable=using-constant-test + def __await__(self): + if False: + yield self + return GetBackendKeyResult( + backend=self.backend, + id=self.id, + key_id=self.key_id, + key_name=self.key_name, + key_ref=self.key_ref, + key_type=self.key_type, + namespace=self.namespace) + + +def get_backend_key(backend: Optional[str] = None, + key_ref: Optional[str] = None, + namespace: Optional[str] = None, + opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetBackendKeyResult: + """ + ## Example Usage + + ```python + import pulumi + import pulumi_vault as vault + + pki = vault.Mount("pki", + path="pki", + type="pki", + description="PKI secret engine mount") + key = vault.pki_secret.SecretBackendKey("key", + backend=pki.path, + type="internal", + key_name="example", + key_type="rsa", + key_bits=4096) + example = key.key_id.apply(lambda key_id: vault.pkiSecret.get_backend_key_output(backend=vault_mount["key"]["path"], + key_ref=key_id)) + ``` + + + :param str backend: The path to the PKI secret backend to + read the key from, with no leading or trailing `/`s. + :param str key_ref: Reference to an existing key. + :param str namespace: The namespace of the target resource. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. + """ + __args__ = dict() + __args__['backend'] = backend + __args__['keyRef'] = key_ref + __args__['namespace'] = namespace + opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + __ret__ = pulumi.runtime.invoke('vault:pkiSecret/getBackendKey:getBackendKey', __args__, opts=opts, typ=GetBackendKeyResult).value + + return AwaitableGetBackendKeyResult( + backend=pulumi.get(__ret__, 'backend'), + id=pulumi.get(__ret__, 'id'), + key_id=pulumi.get(__ret__, 'key_id'), + key_name=pulumi.get(__ret__, 'key_name'), + key_ref=pulumi.get(__ret__, 'key_ref'), + key_type=pulumi.get(__ret__, 'key_type'), + namespace=pulumi.get(__ret__, 'namespace')) + + +@_utilities.lift_output_func(get_backend_key) +def get_backend_key_output(backend: Optional[pulumi.Input[str]] = None, + key_ref: Optional[pulumi.Input[str]] = None, + namespace: Optional[pulumi.Input[Optional[str]]] = None, + opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetBackendKeyResult]: + """ + ## Example Usage + + ```python + import pulumi + import pulumi_vault as vault + + pki = vault.Mount("pki", + path="pki", + type="pki", + description="PKI secret engine mount") + key = vault.pki_secret.SecretBackendKey("key", + backend=pki.path, + type="internal", + key_name="example", + key_type="rsa", + key_bits=4096) + example = key.key_id.apply(lambda key_id: vault.pkiSecret.get_backend_key_output(backend=vault_mount["key"]["path"], + key_ref=key_id)) + ``` + + + :param str backend: The path to the PKI secret backend to + read the key from, with no leading or trailing `/`s. + :param str key_ref: Reference to an existing key. + :param str namespace: The namespace of the target resource. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. + """ + ... diff --git a/sdk/python/pulumi_vault/pkisecret/get_backend_keys.py b/sdk/python/pulumi_vault/pkisecret/get_backend_keys.py new file mode 100644 index 000000000..abb4c2e03 --- /dev/null +++ b/sdk/python/pulumi_vault/pkisecret/get_backend_keys.py @@ -0,0 +1,179 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +from .. import _utilities + +__all__ = [ + 'GetBackendKeysResult', + 'AwaitableGetBackendKeysResult', + 'get_backend_keys', + 'get_backend_keys_output', +] + +@pulumi.output_type +class GetBackendKeysResult: + """ + A collection of values returned by getBackendKeys. + """ + def __init__(__self__, backend=None, id=None, key_info=None, key_info_json=None, keys=None, namespace=None): + if backend and not isinstance(backend, str): + raise TypeError("Expected argument 'backend' to be a str") + pulumi.set(__self__, "backend", backend) + if id and not isinstance(id, str): + raise TypeError("Expected argument 'id' to be a str") + pulumi.set(__self__, "id", id) + if key_info and not isinstance(key_info, dict): + raise TypeError("Expected argument 'key_info' to be a dict") + pulumi.set(__self__, "key_info", key_info) + if key_info_json and not isinstance(key_info_json, str): + raise TypeError("Expected argument 'key_info_json' to be a str") + pulumi.set(__self__, "key_info_json", key_info_json) + if keys and not isinstance(keys, list): + raise TypeError("Expected argument 'keys' to be a list") + pulumi.set(__self__, "keys", keys) + if namespace and not isinstance(namespace, str): + raise TypeError("Expected argument 'namespace' to be a str") + pulumi.set(__self__, "namespace", namespace) + + @property + @pulumi.getter + def backend(self) -> str: + return pulumi.get(self, "backend") + + @property + @pulumi.getter + def id(self) -> str: + """ + The provider-assigned unique ID for this managed resource. + """ + return pulumi.get(self, "id") + + @property + @pulumi.getter(name="keyInfo") + def key_info(self) -> Mapping[str, Any]: + """ + Map of key strings read from Vault. + """ + return pulumi.get(self, "key_info") + + @property + @pulumi.getter(name="keyInfoJson") + def key_info_json(self) -> str: + """ + JSON-encoded key data read from Vault. + """ + return pulumi.get(self, "key_info_json") + + @property + @pulumi.getter + def keys(self) -> Sequence[str]: + """ + Keys used under the backend path. + """ + return pulumi.get(self, "keys") + + @property + @pulumi.getter + def namespace(self) -> Optional[str]: + return pulumi.get(self, "namespace") + + +class AwaitableGetBackendKeysResult(GetBackendKeysResult): + # pylint: disable=using-constant-test + def __await__(self): + if False: + yield self + return GetBackendKeysResult( + backend=self.backend, + id=self.id, + key_info=self.key_info, + key_info_json=self.key_info_json, + keys=self.keys, + namespace=self.namespace) + + +def get_backend_keys(backend: Optional[str] = None, + namespace: Optional[str] = None, + opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetBackendKeysResult: + """ + ## Example Usage + + ```python + import pulumi + import pulumi_vault as vault + + pki = vault.Mount("pki", + path="pki", + type="pki", + description="PKI secret engine mount") + root = vault.pki_secret.SecretBackendRootCert("root", + backend=pki.path, + type="internal", + common_name="example", + ttl="86400", + key_name="example") + example = vault.pkiSecret.get_backend_keys_output(backend=root.backend) + ``` + + + :param str backend: The path to the PKI secret backend to + read the keys from, with no leading or trailing `/`s. + :param str namespace: The namespace of the target resource. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. + """ + __args__ = dict() + __args__['backend'] = backend + __args__['namespace'] = namespace + opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + __ret__ = pulumi.runtime.invoke('vault:pkiSecret/getBackendKeys:getBackendKeys', __args__, opts=opts, typ=GetBackendKeysResult).value + + return AwaitableGetBackendKeysResult( + backend=pulumi.get(__ret__, 'backend'), + id=pulumi.get(__ret__, 'id'), + key_info=pulumi.get(__ret__, 'key_info'), + key_info_json=pulumi.get(__ret__, 'key_info_json'), + keys=pulumi.get(__ret__, 'keys'), + namespace=pulumi.get(__ret__, 'namespace')) + + +@_utilities.lift_output_func(get_backend_keys) +def get_backend_keys_output(backend: Optional[pulumi.Input[str]] = None, + namespace: Optional[pulumi.Input[Optional[str]]] = None, + opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetBackendKeysResult]: + """ + ## Example Usage + + ```python + import pulumi + import pulumi_vault as vault + + pki = vault.Mount("pki", + path="pki", + type="pki", + description="PKI secret engine mount") + root = vault.pki_secret.SecretBackendRootCert("root", + backend=pki.path, + type="internal", + common_name="example", + ttl="86400", + key_name="example") + example = vault.pkiSecret.get_backend_keys_output(backend=root.backend) + ``` + + + :param str backend: The path to the PKI secret backend to + read the keys from, with no leading or trailing `/`s. + :param str namespace: The namespace of the target resource. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. + """ + ... diff --git a/sdk/python/pulumi_vault/pkisecret/outputs.py b/sdk/python/pulumi_vault/pkisecret/outputs.py new file mode 100644 index 000000000..506e80cb3 --- /dev/null +++ b/sdk/python/pulumi_vault/pkisecret/outputs.py @@ -0,0 +1,61 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +from .. import _utilities + +__all__ = [ + 'SecretBackendRolePolicyIdentifier', +] + +@pulumi.output_type +class SecretBackendRolePolicyIdentifier(dict): + def __init__(__self__, *, + oid: str, + cps: Optional[str] = None, + notice: Optional[str] = None): + """ + :param str oid: The OID for the policy identifier + :param str cps: The URL of the CPS for the policy identifier + + Example usage: + :param str notice: A notice for the policy identifier + """ + pulumi.set(__self__, "oid", oid) + if cps is not None: + pulumi.set(__self__, "cps", cps) + if notice is not None: + pulumi.set(__self__, "notice", notice) + + @property + @pulumi.getter + def oid(self) -> str: + """ + The OID for the policy identifier + """ + return pulumi.get(self, "oid") + + @property + @pulumi.getter + def cps(self) -> Optional[str]: + """ + The URL of the CPS for the policy identifier + + Example usage: + """ + return pulumi.get(self, "cps") + + @property + @pulumi.getter + def notice(self) -> Optional[str]: + """ + A notice for the policy identifier + """ + return pulumi.get(self, "notice") + + diff --git a/sdk/python/pulumi_vault/pkisecret/secret_backend_config_urls.py b/sdk/python/pulumi_vault/pkisecret/secret_backend_config_urls.py index b71092f8a..34dd6fb12 100644 --- a/sdk/python/pulumi_vault/pkisecret/secret_backend_config_urls.py +++ b/sdk/python/pulumi_vault/pkisecret/secret_backend_config_urls.py @@ -231,11 +231,7 @@ def __init__(__self__, ## Import - The PKI config URLs can be imported using the resource's `id`. - - In the case of the example above the `id` would be `pki-root/config/urls`, - - where the `pki-root` component is the resource's `backend`, e.g. + The PKI config URLs can be imported using the resource's `id`. In the case of the example above the `id` would be `pki-root/config/urls`, where the `pki-root` component is the resource's `backend`, e.g. ```sh $ pulumi import vault:pkiSecret/secretBackendConfigUrls:SecretBackendConfigUrls example pki-root/config/urls @@ -280,11 +276,7 @@ def __init__(__self__, ## Import - The PKI config URLs can be imported using the resource's `id`. - - In the case of the example above the `id` would be `pki-root/config/urls`, - - where the `pki-root` component is the resource's `backend`, e.g. + The PKI config URLs can be imported using the resource's `id`. In the case of the example above the `id` would be `pki-root/config/urls`, where the `pki-root` component is the resource's `backend`, e.g. ```sh $ pulumi import vault:pkiSecret/secretBackendConfigUrls:SecretBackendConfigUrls example pki-root/config/urls diff --git a/sdk/python/pulumi_vault/pkisecret/secret_backend_role.py b/sdk/python/pulumi_vault/pkisecret/secret_backend_role.py index 806bda036..be661d4c9 100644 --- a/sdk/python/pulumi_vault/pkisecret/secret_backend_role.py +++ b/sdk/python/pulumi_vault/pkisecret/secret_backend_role.py @@ -8,6 +8,8 @@ import pulumi.runtime from typing import Any, Mapping, Optional, Sequence, Union, overload from .. import _utilities +from . import outputs +from ._inputs import * __all__ = ['SecretBackendRoleArgs', 'SecretBackendRole'] @@ -49,6 +51,7 @@ def __init__(__self__, *, not_before_duration: Optional[pulumi.Input[str]] = None, organization_unit: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, organizations: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + policy_identifier: Optional[pulumi.Input[Sequence[pulumi.Input['SecretBackendRolePolicyIdentifierArgs']]]] = None, policy_identifiers: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, postal_codes: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, provinces: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, @@ -104,6 +107,7 @@ def __init__(__self__, *, :param pulumi.Input[str] not_before_duration: Specifies the [duration](https://developer.hashicorp.com/vault/docs/concepts/duration-format) by which to backdate the NotBefore property. :param pulumi.Input[Sequence[pulumi.Input[str]]] organization_unit: The organization unit of generated certificates :param pulumi.Input[Sequence[pulumi.Input[str]]] organizations: The organization of generated certificates + :param pulumi.Input[Sequence[pulumi.Input['SecretBackendRolePolicyIdentifierArgs']]] policy_identifier: (Vault 1.11+ only) A block for specifying policy identifers. The `policy_identifier` block can be repeated, and supports the following arguments: :param pulumi.Input[Sequence[pulumi.Input[str]]] policy_identifiers: Specify the list of allowed policies OIDs. Use with Vault 1.10 or before. For Vault 1.11+, use `policy_identifier` blocks instead :param pulumi.Input[Sequence[pulumi.Input[str]]] postal_codes: The postal code of generated certificates :param pulumi.Input[Sequence[pulumi.Input[str]]] provinces: The province of generated certificates @@ -183,6 +187,8 @@ def __init__(__self__, *, pulumi.set(__self__, "organization_unit", organization_unit) if organizations is not None: pulumi.set(__self__, "organizations", organizations) + if policy_identifier is not None: + pulumi.set(__self__, "policy_identifier", policy_identifier) if policy_identifiers is not None: pulumi.set(__self__, "policy_identifiers", policy_identifiers) if postal_codes is not None: @@ -631,6 +637,18 @@ def organizations(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: def organizations(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): pulumi.set(self, "organizations", value) + @property + @pulumi.getter(name="policyIdentifier") + def policy_identifier(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretBackendRolePolicyIdentifierArgs']]]]: + """ + (Vault 1.11+ only) A block for specifying policy identifers. The `policy_identifier` block can be repeated, and supports the following arguments: + """ + return pulumi.get(self, "policy_identifier") + + @policy_identifier.setter + def policy_identifier(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['SecretBackendRolePolicyIdentifierArgs']]]]): + pulumi.set(self, "policy_identifier", value) + @property @pulumi.getter(name="policyIdentifiers") def policy_identifiers(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: @@ -778,6 +796,7 @@ def __init__(__self__, *, not_before_duration: Optional[pulumi.Input[str]] = None, organization_unit: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, organizations: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + policy_identifier: Optional[pulumi.Input[Sequence[pulumi.Input['SecretBackendRolePolicyIdentifierArgs']]]] = None, policy_identifiers: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, postal_codes: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, provinces: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, @@ -833,6 +852,7 @@ def __init__(__self__, *, :param pulumi.Input[str] not_before_duration: Specifies the [duration](https://developer.hashicorp.com/vault/docs/concepts/duration-format) by which to backdate the NotBefore property. :param pulumi.Input[Sequence[pulumi.Input[str]]] organization_unit: The organization unit of generated certificates :param pulumi.Input[Sequence[pulumi.Input[str]]] organizations: The organization of generated certificates + :param pulumi.Input[Sequence[pulumi.Input['SecretBackendRolePolicyIdentifierArgs']]] policy_identifier: (Vault 1.11+ only) A block for specifying policy identifers. The `policy_identifier` block can be repeated, and supports the following arguments: :param pulumi.Input[Sequence[pulumi.Input[str]]] policy_identifiers: Specify the list of allowed policies OIDs. Use with Vault 1.10 or before. For Vault 1.11+, use `policy_identifier` blocks instead :param pulumi.Input[Sequence[pulumi.Input[str]]] postal_codes: The postal code of generated certificates :param pulumi.Input[Sequence[pulumi.Input[str]]] provinces: The province of generated certificates @@ -913,6 +933,8 @@ def __init__(__self__, *, pulumi.set(__self__, "organization_unit", organization_unit) if organizations is not None: pulumi.set(__self__, "organizations", organizations) + if policy_identifier is not None: + pulumi.set(__self__, "policy_identifier", policy_identifier) if policy_identifiers is not None: pulumi.set(__self__, "policy_identifiers", policy_identifiers) if postal_codes is not None: @@ -1361,6 +1383,18 @@ def organizations(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: def organizations(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): pulumi.set(self, "organizations", value) + @property + @pulumi.getter(name="policyIdentifier") + def policy_identifier(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecretBackendRolePolicyIdentifierArgs']]]]: + """ + (Vault 1.11+ only) A block for specifying policy identifers. The `policy_identifier` block can be repeated, and supports the following arguments: + """ + return pulumi.get(self, "policy_identifier") + + @policy_identifier.setter + def policy_identifier(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['SecretBackendRolePolicyIdentifierArgs']]]]): + pulumi.set(self, "policy_identifier", value) + @property @pulumi.getter(name="policyIdentifiers") def policy_identifiers(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: @@ -1510,6 +1544,7 @@ def __init__(__self__, not_before_duration: Optional[pulumi.Input[str]] = None, organization_unit: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, organizations: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + policy_identifier: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['SecretBackendRolePolicyIdentifierArgs']]]]] = None, policy_identifiers: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, postal_codes: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, provinces: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, @@ -1601,6 +1636,7 @@ def __init__(__self__, :param pulumi.Input[str] not_before_duration: Specifies the [duration](https://developer.hashicorp.com/vault/docs/concepts/duration-format) by which to backdate the NotBefore property. :param pulumi.Input[Sequence[pulumi.Input[str]]] organization_unit: The organization unit of generated certificates :param pulumi.Input[Sequence[pulumi.Input[str]]] organizations: The organization of generated certificates + :param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['SecretBackendRolePolicyIdentifierArgs']]]] policy_identifier: (Vault 1.11+ only) A block for specifying policy identifers. The `policy_identifier` block can be repeated, and supports the following arguments: :param pulumi.Input[Sequence[pulumi.Input[str]]] policy_identifiers: Specify the list of allowed policies OIDs. Use with Vault 1.10 or before. For Vault 1.11+, use `policy_identifier` blocks instead :param pulumi.Input[Sequence[pulumi.Input[str]]] postal_codes: The postal code of generated certificates :param pulumi.Input[Sequence[pulumi.Input[str]]] provinces: The province of generated certificates @@ -1702,6 +1738,7 @@ def _internal_init(__self__, not_before_duration: Optional[pulumi.Input[str]] = None, organization_unit: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, organizations: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + policy_identifier: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['SecretBackendRolePolicyIdentifierArgs']]]]] = None, policy_identifiers: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, postal_codes: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, provinces: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, @@ -1757,6 +1794,7 @@ def _internal_init(__self__, __props__.__dict__["not_before_duration"] = not_before_duration __props__.__dict__["organization_unit"] = organization_unit __props__.__dict__["organizations"] = organizations + __props__.__dict__["policy_identifier"] = policy_identifier __props__.__dict__["policy_identifiers"] = policy_identifiers __props__.__dict__["postal_codes"] = postal_codes __props__.__dict__["provinces"] = provinces @@ -1811,6 +1849,7 @@ def get(resource_name: str, not_before_duration: Optional[pulumi.Input[str]] = None, organization_unit: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, organizations: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + policy_identifier: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['SecretBackendRolePolicyIdentifierArgs']]]]] = None, policy_identifiers: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, postal_codes: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, provinces: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, @@ -1871,6 +1910,7 @@ def get(resource_name: str, :param pulumi.Input[str] not_before_duration: Specifies the [duration](https://developer.hashicorp.com/vault/docs/concepts/duration-format) by which to backdate the NotBefore property. :param pulumi.Input[Sequence[pulumi.Input[str]]] organization_unit: The organization unit of generated certificates :param pulumi.Input[Sequence[pulumi.Input[str]]] organizations: The organization of generated certificates + :param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['SecretBackendRolePolicyIdentifierArgs']]]] policy_identifier: (Vault 1.11+ only) A block for specifying policy identifers. The `policy_identifier` block can be repeated, and supports the following arguments: :param pulumi.Input[Sequence[pulumi.Input[str]]] policy_identifiers: Specify the list of allowed policies OIDs. Use with Vault 1.10 or before. For Vault 1.11+, use `policy_identifier` blocks instead :param pulumi.Input[Sequence[pulumi.Input[str]]] postal_codes: The postal code of generated certificates :param pulumi.Input[Sequence[pulumi.Input[str]]] provinces: The province of generated certificates @@ -1920,6 +1960,7 @@ def get(resource_name: str, __props__.__dict__["not_before_duration"] = not_before_duration __props__.__dict__["organization_unit"] = organization_unit __props__.__dict__["organizations"] = organizations + __props__.__dict__["policy_identifier"] = policy_identifier __props__.__dict__["policy_identifiers"] = policy_identifiers __props__.__dict__["postal_codes"] = postal_codes __props__.__dict__["provinces"] = provinces @@ -2220,6 +2261,14 @@ def organizations(self) -> pulumi.Output[Optional[Sequence[str]]]: """ return pulumi.get(self, "organizations") + @property + @pulumi.getter(name="policyIdentifier") + def policy_identifier(self) -> pulumi.Output[Optional[Sequence['outputs.SecretBackendRolePolicyIdentifier']]]: + """ + (Vault 1.11+ only) A block for specifying policy identifers. The `policy_identifier` block can be repeated, and supports the following arguments: + """ + return pulumi.get(self, "policy_identifier") + @property @pulumi.getter(name="policyIdentifiers") def policy_identifiers(self) -> pulumi.Output[Optional[Sequence[str]]]: diff --git a/sdk/python/pulumi_vault/pkisecret/secret_backend_root_cert.py b/sdk/python/pulumi_vault/pkisecret/secret_backend_root_cert.py index 86ab8353e..0dc93b13b 100644 --- a/sdk/python/pulumi_vault/pkisecret/secret_backend_root_cert.py +++ b/sdk/python/pulumi_vault/pkisecret/secret_backend_root_cert.py @@ -987,6 +987,9 @@ def serial(self) -> Optional[pulumi.Input[str]]: """ Deprecated, use `serial_number` instead. """ + warnings.warn("""Use serial_number instead""", DeprecationWarning) + pulumi.log.warn("""serial is deprecated: Use serial_number instead""") + return pulumi.get(self, "serial") @serial.setter @@ -1644,6 +1647,9 @@ def serial(self) -> pulumi.Output[str]: """ Deprecated, use `serial_number` instead. """ + warnings.warn("""Use serial_number instead""", DeprecationWarning) + pulumi.log.warn("""serial is deprecated: Use serial_number instead""") + return pulumi.get(self, "serial") @property diff --git a/sdk/python/pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py b/sdk/python/pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py index a4163b5d9..389c069f4 100644 --- a/sdk/python/pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +++ b/sdk/python/pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py @@ -818,6 +818,9 @@ def serial(self) -> Optional[pulumi.Input[str]]: """ The serial number. """ + warnings.warn("""Use serial_number instead""", DeprecationWarning) + pulumi.log.warn("""serial is deprecated: Use serial_number instead""") + return pulumi.get(self, "serial") @serial.setter @@ -1393,6 +1396,9 @@ def serial(self) -> pulumi.Output[str]: """ The serial number. """ + warnings.warn("""Use serial_number instead""", DeprecationWarning) + pulumi.log.warn("""serial is deprecated: Use serial_number instead""") + return pulumi.get(self, "serial") @property diff --git a/sdk/python/pulumi_vault/pkisecret/secret_backend_sign.py b/sdk/python/pulumi_vault/pkisecret/secret_backend_sign.py index 3eb887a13..98975285c 100644 --- a/sdk/python/pulumi_vault/pkisecret/secret_backend_sign.py +++ b/sdk/python/pulumi_vault/pkisecret/secret_backend_sign.py @@ -600,6 +600,9 @@ def serial(self) -> Optional[pulumi.Input[str]]: """ The serial number. """ + warnings.warn("""Use serial_number instead""", DeprecationWarning) + pulumi.log.warn("""serial is deprecated: Use serial_number instead""") + return pulumi.get(self, "serial") @serial.setter @@ -1101,6 +1104,9 @@ def serial(self) -> pulumi.Output[str]: """ The serial number. """ + warnings.warn("""Use serial_number instead""", DeprecationWarning) + pulumi.log.warn("""serial is deprecated: Use serial_number instead""") + return pulumi.get(self, "serial") @property diff --git a/sdk/python/pulumi_vault/provider.py b/sdk/python/pulumi_vault/provider.py index c93bb6c70..8eb564e94 100644 --- a/sdk/python/pulumi_vault/provider.py +++ b/sdk/python/pulumi_vault/provider.py @@ -38,6 +38,7 @@ def __init__(__self__, *, max_retries: Optional[pulumi.Input[int]] = None, max_retries_ccc: Optional[pulumi.Input[int]] = None, namespace: Optional[pulumi.Input[str]] = None, + set_namespace_from_token: Optional[pulumi.Input[bool]] = None, skip_child_token: Optional[pulumi.Input[bool]] = None, skip_get_vault_version: Optional[pulumi.Input[bool]] = None, skip_tls_verify: Optional[pulumi.Input[bool]] = None, @@ -69,6 +70,8 @@ def __init__(__self__, *, :param pulumi.Input[int] max_retries: Maximum number of retries when a 5xx error code is encountered. :param pulumi.Input[int] max_retries_ccc: Maximum number of retries for Client Controlled Consistency related operations :param pulumi.Input[str] namespace: The namespace to use. Available only for Vault Enterprise. + :param pulumi.Input[bool] set_namespace_from_token: In the case where the Vault token is for a specific namespace and the provider namespace is not configured, use the + token namespace as the root namespace for all resources. :param pulumi.Input[bool] skip_child_token: Set this to true to prevent the creation of ephemeral child token used by this provider. :param pulumi.Input[bool] skip_get_vault_version: Skip the dynamic fetching of the Vault server version. :param pulumi.Input[bool] skip_tls_verify: Set this to true only if the target Vault server is an insecure development instance. @@ -127,6 +130,8 @@ def __init__(__self__, *, pulumi.set(__self__, "max_retries_ccc", max_retries_ccc) if namespace is not None: pulumi.set(__self__, "namespace", namespace) + if set_namespace_from_token is not None: + pulumi.set(__self__, "set_namespace_from_token", set_namespace_from_token) if skip_child_token is not None: pulumi.set(__self__, "skip_child_token", skip_child_token) if skip_get_vault_version is not None: @@ -352,6 +357,9 @@ def client_auth(self) -> Optional[pulumi.Input['ProviderClientAuthArgs']]: """ Client authentication credentials. """ + warnings.warn("""Use auth_login_cert instead""", DeprecationWarning) + pulumi.log.warn("""client_auth is deprecated: Use auth_login_cert instead""") + return pulumi.get(self, "client_auth") @client_auth.setter @@ -418,6 +426,19 @@ def namespace(self) -> Optional[pulumi.Input[str]]: def namespace(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "namespace", value) + @property + @pulumi.getter(name="setNamespaceFromToken") + def set_namespace_from_token(self) -> Optional[pulumi.Input[bool]]: + """ + In the case where the Vault token is for a specific namespace and the provider namespace is not configured, use the + token namespace as the root namespace for all resources. + """ + return pulumi.get(self, "set_namespace_from_token") + + @set_namespace_from_token.setter + def set_namespace_from_token(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "set_namespace_from_token", value) + @property @pulumi.getter(name="skipChildToken") def skip_child_token(self) -> Optional[pulumi.Input[bool]]: @@ -518,6 +539,7 @@ def __init__(__self__, max_retries: Optional[pulumi.Input[int]] = None, max_retries_ccc: Optional[pulumi.Input[int]] = None, namespace: Optional[pulumi.Input[str]] = None, + set_namespace_from_token: Optional[pulumi.Input[bool]] = None, skip_child_token: Optional[pulumi.Input[bool]] = None, skip_get_vault_version: Optional[pulumi.Input[bool]] = None, skip_tls_verify: Optional[pulumi.Input[bool]] = None, @@ -556,6 +578,8 @@ def __init__(__self__, :param pulumi.Input[int] max_retries: Maximum number of retries when a 5xx error code is encountered. :param pulumi.Input[int] max_retries_ccc: Maximum number of retries for Client Controlled Consistency related operations :param pulumi.Input[str] namespace: The namespace to use. Available only for Vault Enterprise. + :param pulumi.Input[bool] set_namespace_from_token: In the case where the Vault token is for a specific namespace and the provider namespace is not configured, use the + token namespace as the root namespace for all resources. :param pulumi.Input[bool] skip_child_token: Set this to true to prevent the creation of ephemeral child token used by this provider. :param pulumi.Input[bool] skip_get_vault_version: Skip the dynamic fetching of the Vault server version. :param pulumi.Input[bool] skip_tls_verify: Set this to true only if the target Vault server is an insecure development instance. @@ -613,6 +637,7 @@ def _internal_init(__self__, max_retries: Optional[pulumi.Input[int]] = None, max_retries_ccc: Optional[pulumi.Input[int]] = None, namespace: Optional[pulumi.Input[str]] = None, + set_namespace_from_token: Optional[pulumi.Input[bool]] = None, skip_child_token: Optional[pulumi.Input[bool]] = None, skip_get_vault_version: Optional[pulumi.Input[bool]] = None, skip_tls_verify: Optional[pulumi.Input[bool]] = None, @@ -647,11 +672,8 @@ def _internal_init(__self__, __props__.__dict__["auth_login_userpass"] = pulumi.Output.from_input(auth_login_userpass).apply(pulumi.runtime.to_json) if auth_login_userpass is not None else None __props__.__dict__["ca_cert_dir"] = ca_cert_dir __props__.__dict__["ca_cert_file"] = ca_cert_file - if client_auth is not None and not opts.urn: - warnings.warn("""Use auth_login_cert instead""", DeprecationWarning) - pulumi.log.warn("""client_auth is deprecated: Use auth_login_cert instead""") __props__.__dict__["client_auth"] = pulumi.Output.from_input(client_auth).apply(pulumi.runtime.to_json) if client_auth is not None else None - __props__.__dict__["headers"] = pulumi.Output.from_input(headers).apply(pulumi.runtime.to_json) if headers is not None else None + __props__.__dict__["headers"] = pulumi.Output.secret(headers).apply(pulumi.runtime.to_json) if headers is not None else None if max_lease_ttl_seconds is None: max_lease_ttl_seconds = (_utilities.get_env_int('TERRAFORM_VAULT_MAX_TTL') or 1200) __props__.__dict__["max_lease_ttl_seconds"] = pulumi.Output.from_input(max_lease_ttl_seconds).apply(pulumi.runtime.to_json) if max_lease_ttl_seconds is not None else None @@ -660,6 +682,7 @@ def _internal_init(__self__, __props__.__dict__["max_retries"] = pulumi.Output.from_input(max_retries).apply(pulumi.runtime.to_json) if max_retries is not None else None __props__.__dict__["max_retries_ccc"] = pulumi.Output.from_input(max_retries_ccc).apply(pulumi.runtime.to_json) if max_retries_ccc is not None else None __props__.__dict__["namespace"] = namespace + __props__.__dict__["set_namespace_from_token"] = pulumi.Output.from_input(set_namespace_from_token).apply(pulumi.runtime.to_json) if set_namespace_from_token is not None else None __props__.__dict__["skip_child_token"] = pulumi.Output.from_input(skip_child_token).apply(pulumi.runtime.to_json) if skip_child_token is not None else None __props__.__dict__["skip_get_vault_version"] = pulumi.Output.from_input(skip_get_vault_version).apply(pulumi.runtime.to_json) if skip_get_vault_version is not None else None if skip_tls_verify is None: diff --git a/sdk/python/pulumi_vault/raft_snapshot_agent_config.py b/sdk/python/pulumi_vault/raft_snapshot_agent_config.py index a5eea6073..e40ba2088 100644 --- a/sdk/python/pulumi_vault/raft_snapshot_agent_config.py +++ b/sdk/python/pulumi_vault/raft_snapshot_agent_config.py @@ -85,6 +85,10 @@ def __init__(__self__, *, :param pulumi.Input[str] google_gcs_bucket: `` - GCS bucket to write snapshots to. :param pulumi.Input[str] google_service_account_key: Google service account key in JSON format. The raw value looks like this: + + ```python + import pulumi + ``` :param pulumi.Input[int] local_max_space: For `storage_type = local`, the maximum space, in bytes, to use for snapshots. Snapshot attempts will fail if there is not enough space left in this allowance. @@ -449,6 +453,10 @@ def google_service_account_key(self) -> Optional[pulumi.Input[str]]: """ Google service account key in JSON format. The raw value looks like this: + + ```python + import pulumi + ``` """ return pulumi.get(self, "google_service_account_key") @@ -578,6 +586,10 @@ def __init__(__self__, *, :param pulumi.Input[str] google_gcs_bucket: `` - GCS bucket to write snapshots to. :param pulumi.Input[str] google_service_account_key: Google service account key in JSON format. The raw value looks like this: + + ```python + import pulumi + ``` :param pulumi.Input[int] interval_seconds: `` - Time (in seconds) between snapshots. :param pulumi.Input[int] local_max_space: For `storage_type = local`, the maximum space, in bytes, to use for snapshots. Snapshot attempts will fail if there is not enough @@ -912,6 +924,10 @@ def google_service_account_key(self) -> Optional[pulumi.Input[str]]: """ Google service account key in JSON format. The raw value looks like this: + + ```python + import pulumi + ``` """ return pulumi.get(self, "google_service_account_key") @@ -1147,6 +1163,10 @@ def __init__(__self__, :param pulumi.Input[str] google_gcs_bucket: `` - GCS bucket to write snapshots to. :param pulumi.Input[str] google_service_account_key: Google service account key in JSON format. The raw value looks like this: + + ```python + import pulumi + ``` :param pulumi.Input[int] interval_seconds: `` - Time (in seconds) between snapshots. :param pulumi.Input[int] local_max_space: For `storage_type = local`, the maximum space, in bytes, to use for snapshots. Snapshot attempts will fail if there is not enough @@ -1399,6 +1419,10 @@ def get(resource_name: str, :param pulumi.Input[str] google_gcs_bucket: `` - GCS bucket to write snapshots to. :param pulumi.Input[str] google_service_account_key: Google service account key in JSON format. The raw value looks like this: + + ```python + import pulumi + ``` :param pulumi.Input[int] interval_seconds: `` - Time (in seconds) between snapshots. :param pulumi.Input[int] local_max_space: For `storage_type = local`, the maximum space, in bytes, to use for snapshots. Snapshot attempts will fail if there is not enough @@ -1630,6 +1654,10 @@ def google_service_account_key(self) -> pulumi.Output[Optional[str]]: """ Google service account key in JSON format. The raw value looks like this: + + ```python + import pulumi + ``` """ return pulumi.get(self, "google_service_account_key") diff --git a/sdk/python/pulumi_vault/saml/__init__.py b/sdk/python/pulumi_vault/saml/__init__.py new file mode 100644 index 000000000..cf22d1192 --- /dev/null +++ b/sdk/python/pulumi_vault/saml/__init__.py @@ -0,0 +1,9 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +from .. import _utilities +import typing +# Export this package's modules as members: +from .auth_backend import * +from .auth_backend_role import * diff --git a/sdk/python/pulumi_vault/saml/auth_backend.py b/sdk/python/pulumi_vault/saml/auth_backend.py new file mode 100644 index 000000000..6cb7ce107 --- /dev/null +++ b/sdk/python/pulumi_vault/saml/auth_backend.py @@ -0,0 +1,742 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +from .. import _utilities + +__all__ = ['AuthBackendArgs', 'AuthBackend'] + +@pulumi.input_type +class AuthBackendArgs: + def __init__(__self__, *, + acs_urls: pulumi.Input[Sequence[pulumi.Input[str]]], + entity_id: pulumi.Input[str], + default_role: Optional[pulumi.Input[str]] = None, + disable_remount: Optional[pulumi.Input[bool]] = None, + idp_cert: Optional[pulumi.Input[str]] = None, + idp_entity_id: Optional[pulumi.Input[str]] = None, + idp_metadata_url: Optional[pulumi.Input[str]] = None, + idp_sso_url: Optional[pulumi.Input[str]] = None, + namespace: Optional[pulumi.Input[str]] = None, + path: Optional[pulumi.Input[str]] = None, + verbose_logging: Optional[pulumi.Input[bool]] = None): + """ + The set of arguments for constructing a AuthBackend resource. + :param pulumi.Input[Sequence[pulumi.Input[str]]] acs_urls: The well-formatted URLs of your Assertion Consumer Service (ACS) + that should receive a response from the identity provider. + :param pulumi.Input[str] entity_id: The entity ID of the SAML authentication service provider. + :param pulumi.Input[str] default_role: The role to use if no role is provided during login. + :param pulumi.Input[bool] disable_remount: If set to `true`, opts out of mount migration on path updates. + See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) + :param pulumi.Input[str] idp_cert: The PEM encoded certificate of the identity provider. Mutually exclusive + with `idp_metadata_url`. + :param pulumi.Input[str] idp_entity_id: The entity ID of the identity provider. Mutually exclusive with + `idp_metadata_url`. + :param pulumi.Input[str] idp_metadata_url: The metadata URL of the identity provider. + :param pulumi.Input[str] idp_sso_url: The SSO URL of the identity provider. Mutually exclusive with + `idp_metadata_url`. + :param pulumi.Input[str] namespace: The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. + :param pulumi.Input[str] path: Path where the auth backend will be mounted. Defaults to `auth/saml` + if not specified. + :param pulumi.Input[bool] verbose_logging: If set to `true`, logs additional, potentially sensitive + information during the SAML exchange according to the current logging level. Not + recommended for production. + """ + pulumi.set(__self__, "acs_urls", acs_urls) + pulumi.set(__self__, "entity_id", entity_id) + if default_role is not None: + pulumi.set(__self__, "default_role", default_role) + if disable_remount is not None: + pulumi.set(__self__, "disable_remount", disable_remount) + if idp_cert is not None: + pulumi.set(__self__, "idp_cert", idp_cert) + if idp_entity_id is not None: + pulumi.set(__self__, "idp_entity_id", idp_entity_id) + if idp_metadata_url is not None: + pulumi.set(__self__, "idp_metadata_url", idp_metadata_url) + if idp_sso_url is not None: + pulumi.set(__self__, "idp_sso_url", idp_sso_url) + if namespace is not None: + pulumi.set(__self__, "namespace", namespace) + if path is not None: + pulumi.set(__self__, "path", path) + if verbose_logging is not None: + pulumi.set(__self__, "verbose_logging", verbose_logging) + + @property + @pulumi.getter(name="acsUrls") + def acs_urls(self) -> pulumi.Input[Sequence[pulumi.Input[str]]]: + """ + The well-formatted URLs of your Assertion Consumer Service (ACS) + that should receive a response from the identity provider. + """ + return pulumi.get(self, "acs_urls") + + @acs_urls.setter + def acs_urls(self, value: pulumi.Input[Sequence[pulumi.Input[str]]]): + pulumi.set(self, "acs_urls", value) + + @property + @pulumi.getter(name="entityId") + def entity_id(self) -> pulumi.Input[str]: + """ + The entity ID of the SAML authentication service provider. + """ + return pulumi.get(self, "entity_id") + + @entity_id.setter + def entity_id(self, value: pulumi.Input[str]): + pulumi.set(self, "entity_id", value) + + @property + @pulumi.getter(name="defaultRole") + def default_role(self) -> Optional[pulumi.Input[str]]: + """ + The role to use if no role is provided during login. + """ + return pulumi.get(self, "default_role") + + @default_role.setter + def default_role(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "default_role", value) + + @property + @pulumi.getter(name="disableRemount") + def disable_remount(self) -> Optional[pulumi.Input[bool]]: + """ + If set to `true`, opts out of mount migration on path updates. + See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) + """ + return pulumi.get(self, "disable_remount") + + @disable_remount.setter + def disable_remount(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "disable_remount", value) + + @property + @pulumi.getter(name="idpCert") + def idp_cert(self) -> Optional[pulumi.Input[str]]: + """ + The PEM encoded certificate of the identity provider. Mutually exclusive + with `idp_metadata_url`. + """ + return pulumi.get(self, "idp_cert") + + @idp_cert.setter + def idp_cert(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "idp_cert", value) + + @property + @pulumi.getter(name="idpEntityId") + def idp_entity_id(self) -> Optional[pulumi.Input[str]]: + """ + The entity ID of the identity provider. Mutually exclusive with + `idp_metadata_url`. + """ + return pulumi.get(self, "idp_entity_id") + + @idp_entity_id.setter + def idp_entity_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "idp_entity_id", value) + + @property + @pulumi.getter(name="idpMetadataUrl") + def idp_metadata_url(self) -> Optional[pulumi.Input[str]]: + """ + The metadata URL of the identity provider. + """ + return pulumi.get(self, "idp_metadata_url") + + @idp_metadata_url.setter + def idp_metadata_url(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "idp_metadata_url", value) + + @property + @pulumi.getter(name="idpSsoUrl") + def idp_sso_url(self) -> Optional[pulumi.Input[str]]: + """ + The SSO URL of the identity provider. Mutually exclusive with + `idp_metadata_url`. + """ + return pulumi.get(self, "idp_sso_url") + + @idp_sso_url.setter + def idp_sso_url(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "idp_sso_url", value) + + @property + @pulumi.getter + def namespace(self) -> Optional[pulumi.Input[str]]: + """ + The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. + """ + return pulumi.get(self, "namespace") + + @namespace.setter + def namespace(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "namespace", value) + + @property + @pulumi.getter + def path(self) -> Optional[pulumi.Input[str]]: + """ + Path where the auth backend will be mounted. Defaults to `auth/saml` + if not specified. + """ + return pulumi.get(self, "path") + + @path.setter + def path(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "path", value) + + @property + @pulumi.getter(name="verboseLogging") + def verbose_logging(self) -> Optional[pulumi.Input[bool]]: + """ + If set to `true`, logs additional, potentially sensitive + information during the SAML exchange according to the current logging level. Not + recommended for production. + """ + return pulumi.get(self, "verbose_logging") + + @verbose_logging.setter + def verbose_logging(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "verbose_logging", value) + + +@pulumi.input_type +class _AuthBackendState: + def __init__(__self__, *, + acs_urls: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + default_role: Optional[pulumi.Input[str]] = None, + disable_remount: Optional[pulumi.Input[bool]] = None, + entity_id: Optional[pulumi.Input[str]] = None, + idp_cert: Optional[pulumi.Input[str]] = None, + idp_entity_id: Optional[pulumi.Input[str]] = None, + idp_metadata_url: Optional[pulumi.Input[str]] = None, + idp_sso_url: Optional[pulumi.Input[str]] = None, + namespace: Optional[pulumi.Input[str]] = None, + path: Optional[pulumi.Input[str]] = None, + verbose_logging: Optional[pulumi.Input[bool]] = None): + """ + Input properties used for looking up and filtering AuthBackend resources. + :param pulumi.Input[Sequence[pulumi.Input[str]]] acs_urls: The well-formatted URLs of your Assertion Consumer Service (ACS) + that should receive a response from the identity provider. + :param pulumi.Input[str] default_role: The role to use if no role is provided during login. + :param pulumi.Input[bool] disable_remount: If set to `true`, opts out of mount migration on path updates. + See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) + :param pulumi.Input[str] entity_id: The entity ID of the SAML authentication service provider. + :param pulumi.Input[str] idp_cert: The PEM encoded certificate of the identity provider. Mutually exclusive + with `idp_metadata_url`. + :param pulumi.Input[str] idp_entity_id: The entity ID of the identity provider. Mutually exclusive with + `idp_metadata_url`. + :param pulumi.Input[str] idp_metadata_url: The metadata URL of the identity provider. + :param pulumi.Input[str] idp_sso_url: The SSO URL of the identity provider. Mutually exclusive with + `idp_metadata_url`. + :param pulumi.Input[str] namespace: The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. + :param pulumi.Input[str] path: Path where the auth backend will be mounted. Defaults to `auth/saml` + if not specified. + :param pulumi.Input[bool] verbose_logging: If set to `true`, logs additional, potentially sensitive + information during the SAML exchange according to the current logging level. Not + recommended for production. + """ + if acs_urls is not None: + pulumi.set(__self__, "acs_urls", acs_urls) + if default_role is not None: + pulumi.set(__self__, "default_role", default_role) + if disable_remount is not None: + pulumi.set(__self__, "disable_remount", disable_remount) + if entity_id is not None: + pulumi.set(__self__, "entity_id", entity_id) + if idp_cert is not None: + pulumi.set(__self__, "idp_cert", idp_cert) + if idp_entity_id is not None: + pulumi.set(__self__, "idp_entity_id", idp_entity_id) + if idp_metadata_url is not None: + pulumi.set(__self__, "idp_metadata_url", idp_metadata_url) + if idp_sso_url is not None: + pulumi.set(__self__, "idp_sso_url", idp_sso_url) + if namespace is not None: + pulumi.set(__self__, "namespace", namespace) + if path is not None: + pulumi.set(__self__, "path", path) + if verbose_logging is not None: + pulumi.set(__self__, "verbose_logging", verbose_logging) + + @property + @pulumi.getter(name="acsUrls") + def acs_urls(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The well-formatted URLs of your Assertion Consumer Service (ACS) + that should receive a response from the identity provider. + """ + return pulumi.get(self, "acs_urls") + + @acs_urls.setter + def acs_urls(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): + pulumi.set(self, "acs_urls", value) + + @property + @pulumi.getter(name="defaultRole") + def default_role(self) -> Optional[pulumi.Input[str]]: + """ + The role to use if no role is provided during login. + """ + return pulumi.get(self, "default_role") + + @default_role.setter + def default_role(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "default_role", value) + + @property + @pulumi.getter(name="disableRemount") + def disable_remount(self) -> Optional[pulumi.Input[bool]]: + """ + If set to `true`, opts out of mount migration on path updates. + See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) + """ + return pulumi.get(self, "disable_remount") + + @disable_remount.setter + def disable_remount(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "disable_remount", value) + + @property + @pulumi.getter(name="entityId") + def entity_id(self) -> Optional[pulumi.Input[str]]: + """ + The entity ID of the SAML authentication service provider. + """ + return pulumi.get(self, "entity_id") + + @entity_id.setter + def entity_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "entity_id", value) + + @property + @pulumi.getter(name="idpCert") + def idp_cert(self) -> Optional[pulumi.Input[str]]: + """ + The PEM encoded certificate of the identity provider. Mutually exclusive + with `idp_metadata_url`. + """ + return pulumi.get(self, "idp_cert") + + @idp_cert.setter + def idp_cert(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "idp_cert", value) + + @property + @pulumi.getter(name="idpEntityId") + def idp_entity_id(self) -> Optional[pulumi.Input[str]]: + """ + The entity ID of the identity provider. Mutually exclusive with + `idp_metadata_url`. + """ + return pulumi.get(self, "idp_entity_id") + + @idp_entity_id.setter + def idp_entity_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "idp_entity_id", value) + + @property + @pulumi.getter(name="idpMetadataUrl") + def idp_metadata_url(self) -> Optional[pulumi.Input[str]]: + """ + The metadata URL of the identity provider. + """ + return pulumi.get(self, "idp_metadata_url") + + @idp_metadata_url.setter + def idp_metadata_url(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "idp_metadata_url", value) + + @property + @pulumi.getter(name="idpSsoUrl") + def idp_sso_url(self) -> Optional[pulumi.Input[str]]: + """ + The SSO URL of the identity provider. Mutually exclusive with + `idp_metadata_url`. + """ + return pulumi.get(self, "idp_sso_url") + + @idp_sso_url.setter + def idp_sso_url(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "idp_sso_url", value) + + @property + @pulumi.getter + def namespace(self) -> Optional[pulumi.Input[str]]: + """ + The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. + """ + return pulumi.get(self, "namespace") + + @namespace.setter + def namespace(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "namespace", value) + + @property + @pulumi.getter + def path(self) -> Optional[pulumi.Input[str]]: + """ + Path where the auth backend will be mounted. Defaults to `auth/saml` + if not specified. + """ + return pulumi.get(self, "path") + + @path.setter + def path(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "path", value) + + @property + @pulumi.getter(name="verboseLogging") + def verbose_logging(self) -> Optional[pulumi.Input[bool]]: + """ + If set to `true`, logs additional, potentially sensitive + information during the SAML exchange according to the current logging level. Not + recommended for production. + """ + return pulumi.get(self, "verbose_logging") + + @verbose_logging.setter + def verbose_logging(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "verbose_logging", value) + + +class AuthBackend(pulumi.CustomResource): + @overload + def __init__(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + acs_urls: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + default_role: Optional[pulumi.Input[str]] = None, + disable_remount: Optional[pulumi.Input[bool]] = None, + entity_id: Optional[pulumi.Input[str]] = None, + idp_cert: Optional[pulumi.Input[str]] = None, + idp_entity_id: Optional[pulumi.Input[str]] = None, + idp_metadata_url: Optional[pulumi.Input[str]] = None, + idp_sso_url: Optional[pulumi.Input[str]] = None, + namespace: Optional[pulumi.Input[str]] = None, + path: Optional[pulumi.Input[str]] = None, + verbose_logging: Optional[pulumi.Input[bool]] = None, + __props__=None): + """ + Manages a SAML Auth mount in a Vault server. See the [Vault + documentation](https://www.vaultproject.io/docs/auth/saml/) for more + information. + + ## Example Usage + + ```python + import pulumi + import pulumi_vault as vault + + test = vault.saml.AuthBackend("test", + acs_urls=["https://my.vault.primary/v1/auth/saml/callback"], + default_role="admin", + entity_id="https://my.vault/v1/auth/saml", + idp_metadata_url="https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata", + path="saml") + ``` + + ## Import + + SAML authentication mounts can be imported using the `path`, e.g. + + ```sh + $ pulumi import vault:saml/authBackend:AuthBackend example saml + ``` + + :param str resource_name: The name of the resource. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[Sequence[pulumi.Input[str]]] acs_urls: The well-formatted URLs of your Assertion Consumer Service (ACS) + that should receive a response from the identity provider. + :param pulumi.Input[str] default_role: The role to use if no role is provided during login. + :param pulumi.Input[bool] disable_remount: If set to `true`, opts out of mount migration on path updates. + See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) + :param pulumi.Input[str] entity_id: The entity ID of the SAML authentication service provider. + :param pulumi.Input[str] idp_cert: The PEM encoded certificate of the identity provider. Mutually exclusive + with `idp_metadata_url`. + :param pulumi.Input[str] idp_entity_id: The entity ID of the identity provider. Mutually exclusive with + `idp_metadata_url`. + :param pulumi.Input[str] idp_metadata_url: The metadata URL of the identity provider. + :param pulumi.Input[str] idp_sso_url: The SSO URL of the identity provider. Mutually exclusive with + `idp_metadata_url`. + :param pulumi.Input[str] namespace: The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. + :param pulumi.Input[str] path: Path where the auth backend will be mounted. Defaults to `auth/saml` + if not specified. + :param pulumi.Input[bool] verbose_logging: If set to `true`, logs additional, potentially sensitive + information during the SAML exchange according to the current logging level. Not + recommended for production. + """ + ... + @overload + def __init__(__self__, + resource_name: str, + args: AuthBackendArgs, + opts: Optional[pulumi.ResourceOptions] = None): + """ + Manages a SAML Auth mount in a Vault server. See the [Vault + documentation](https://www.vaultproject.io/docs/auth/saml/) for more + information. + + ## Example Usage + + ```python + import pulumi + import pulumi_vault as vault + + test = vault.saml.AuthBackend("test", + acs_urls=["https://my.vault.primary/v1/auth/saml/callback"], + default_role="admin", + entity_id="https://my.vault/v1/auth/saml", + idp_metadata_url="https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata", + path="saml") + ``` + + ## Import + + SAML authentication mounts can be imported using the `path`, e.g. + + ```sh + $ pulumi import vault:saml/authBackend:AuthBackend example saml + ``` + + :param str resource_name: The name of the resource. + :param AuthBackendArgs args: The arguments to use to populate this resource's properties. + :param pulumi.ResourceOptions opts: Options for the resource. + """ + ... + def __init__(__self__, resource_name: str, *args, **kwargs): + resource_args, opts = _utilities.get_resource_args_opts(AuthBackendArgs, pulumi.ResourceOptions, *args, **kwargs) + if resource_args is not None: + __self__._internal_init(resource_name, opts, **resource_args.__dict__) + else: + __self__._internal_init(resource_name, *args, **kwargs) + + def _internal_init(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + acs_urls: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + default_role: Optional[pulumi.Input[str]] = None, + disable_remount: Optional[pulumi.Input[bool]] = None, + entity_id: Optional[pulumi.Input[str]] = None, + idp_cert: Optional[pulumi.Input[str]] = None, + idp_entity_id: Optional[pulumi.Input[str]] = None, + idp_metadata_url: Optional[pulumi.Input[str]] = None, + idp_sso_url: Optional[pulumi.Input[str]] = None, + namespace: Optional[pulumi.Input[str]] = None, + path: Optional[pulumi.Input[str]] = None, + verbose_logging: Optional[pulumi.Input[bool]] = None, + __props__=None): + opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) + if not isinstance(opts, pulumi.ResourceOptions): + raise TypeError('Expected resource options to be a ResourceOptions instance') + if opts.id is None: + if __props__ is not None: + raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') + __props__ = AuthBackendArgs.__new__(AuthBackendArgs) + + if acs_urls is None and not opts.urn: + raise TypeError("Missing required property 'acs_urls'") + __props__.__dict__["acs_urls"] = acs_urls + __props__.__dict__["default_role"] = default_role + __props__.__dict__["disable_remount"] = disable_remount + if entity_id is None and not opts.urn: + raise TypeError("Missing required property 'entity_id'") + __props__.__dict__["entity_id"] = entity_id + __props__.__dict__["idp_cert"] = idp_cert + __props__.__dict__["idp_entity_id"] = idp_entity_id + __props__.__dict__["idp_metadata_url"] = idp_metadata_url + __props__.__dict__["idp_sso_url"] = idp_sso_url + __props__.__dict__["namespace"] = namespace + __props__.__dict__["path"] = path + __props__.__dict__["verbose_logging"] = verbose_logging + super(AuthBackend, __self__).__init__( + 'vault:saml/authBackend:AuthBackend', + resource_name, + __props__, + opts) + + @staticmethod + def get(resource_name: str, + id: pulumi.Input[str], + opts: Optional[pulumi.ResourceOptions] = None, + acs_urls: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + default_role: Optional[pulumi.Input[str]] = None, + disable_remount: Optional[pulumi.Input[bool]] = None, + entity_id: Optional[pulumi.Input[str]] = None, + idp_cert: Optional[pulumi.Input[str]] = None, + idp_entity_id: Optional[pulumi.Input[str]] = None, + idp_metadata_url: Optional[pulumi.Input[str]] = None, + idp_sso_url: Optional[pulumi.Input[str]] = None, + namespace: Optional[pulumi.Input[str]] = None, + path: Optional[pulumi.Input[str]] = None, + verbose_logging: Optional[pulumi.Input[bool]] = None) -> 'AuthBackend': + """ + Get an existing AuthBackend resource's state with the given name, id, and optional extra + properties used to qualify the lookup. + + :param str resource_name: The unique name of the resulting resource. + :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[Sequence[pulumi.Input[str]]] acs_urls: The well-formatted URLs of your Assertion Consumer Service (ACS) + that should receive a response from the identity provider. + :param pulumi.Input[str] default_role: The role to use if no role is provided during login. + :param pulumi.Input[bool] disable_remount: If set to `true`, opts out of mount migration on path updates. + See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) + :param pulumi.Input[str] entity_id: The entity ID of the SAML authentication service provider. + :param pulumi.Input[str] idp_cert: The PEM encoded certificate of the identity provider. Mutually exclusive + with `idp_metadata_url`. + :param pulumi.Input[str] idp_entity_id: The entity ID of the identity provider. Mutually exclusive with + `idp_metadata_url`. + :param pulumi.Input[str] idp_metadata_url: The metadata URL of the identity provider. + :param pulumi.Input[str] idp_sso_url: The SSO URL of the identity provider. Mutually exclusive with + `idp_metadata_url`. + :param pulumi.Input[str] namespace: The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. + :param pulumi.Input[str] path: Path where the auth backend will be mounted. Defaults to `auth/saml` + if not specified. + :param pulumi.Input[bool] verbose_logging: If set to `true`, logs additional, potentially sensitive + information during the SAML exchange according to the current logging level. Not + recommended for production. + """ + opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) + + __props__ = _AuthBackendState.__new__(_AuthBackendState) + + __props__.__dict__["acs_urls"] = acs_urls + __props__.__dict__["default_role"] = default_role + __props__.__dict__["disable_remount"] = disable_remount + __props__.__dict__["entity_id"] = entity_id + __props__.__dict__["idp_cert"] = idp_cert + __props__.__dict__["idp_entity_id"] = idp_entity_id + __props__.__dict__["idp_metadata_url"] = idp_metadata_url + __props__.__dict__["idp_sso_url"] = idp_sso_url + __props__.__dict__["namespace"] = namespace + __props__.__dict__["path"] = path + __props__.__dict__["verbose_logging"] = verbose_logging + return AuthBackend(resource_name, opts=opts, __props__=__props__) + + @property + @pulumi.getter(name="acsUrls") + def acs_urls(self) -> pulumi.Output[Sequence[str]]: + """ + The well-formatted URLs of your Assertion Consumer Service (ACS) + that should receive a response from the identity provider. + """ + return pulumi.get(self, "acs_urls") + + @property + @pulumi.getter(name="defaultRole") + def default_role(self) -> pulumi.Output[Optional[str]]: + """ + The role to use if no role is provided during login. + """ + return pulumi.get(self, "default_role") + + @property + @pulumi.getter(name="disableRemount") + def disable_remount(self) -> pulumi.Output[Optional[bool]]: + """ + If set to `true`, opts out of mount migration on path updates. + See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration) + """ + return pulumi.get(self, "disable_remount") + + @property + @pulumi.getter(name="entityId") + def entity_id(self) -> pulumi.Output[str]: + """ + The entity ID of the SAML authentication service provider. + """ + return pulumi.get(self, "entity_id") + + @property + @pulumi.getter(name="idpCert") + def idp_cert(self) -> pulumi.Output[Optional[str]]: + """ + The PEM encoded certificate of the identity provider. Mutually exclusive + with `idp_metadata_url`. + """ + return pulumi.get(self, "idp_cert") + + @property + @pulumi.getter(name="idpEntityId") + def idp_entity_id(self) -> pulumi.Output[Optional[str]]: + """ + The entity ID of the identity provider. Mutually exclusive with + `idp_metadata_url`. + """ + return pulumi.get(self, "idp_entity_id") + + @property + @pulumi.getter(name="idpMetadataUrl") + def idp_metadata_url(self) -> pulumi.Output[Optional[str]]: + """ + The metadata URL of the identity provider. + """ + return pulumi.get(self, "idp_metadata_url") + + @property + @pulumi.getter(name="idpSsoUrl") + def idp_sso_url(self) -> pulumi.Output[Optional[str]]: + """ + The SSO URL of the identity provider. Mutually exclusive with + `idp_metadata_url`. + """ + return pulumi.get(self, "idp_sso_url") + + @property + @pulumi.getter + def namespace(self) -> pulumi.Output[Optional[str]]: + """ + The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. + """ + return pulumi.get(self, "namespace") + + @property + @pulumi.getter + def path(self) -> pulumi.Output[Optional[str]]: + """ + Path where the auth backend will be mounted. Defaults to `auth/saml` + if not specified. + """ + return pulumi.get(self, "path") + + @property + @pulumi.getter(name="verboseLogging") + def verbose_logging(self) -> pulumi.Output[bool]: + """ + If set to `true`, logs additional, potentially sensitive + information during the SAML exchange according to the current logging level. Not + recommended for production. + """ + return pulumi.get(self, "verbose_logging") + diff --git a/sdk/python/pulumi_vault/saml/auth_backend_role.py b/sdk/python/pulumi_vault/saml/auth_backend_role.py new file mode 100644 index 000000000..0d0fb489b --- /dev/null +++ b/sdk/python/pulumi_vault/saml/auth_backend_role.py @@ -0,0 +1,1125 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +from .. import _utilities + +__all__ = ['AuthBackendRoleArgs', 'AuthBackendRole'] + +@pulumi.input_type +class AuthBackendRoleArgs: + def __init__(__self__, *, + path: pulumi.Input[str], + bound_attributes: Optional[pulumi.Input[Mapping[str, Any]]] = None, + bound_attributes_type: Optional[pulumi.Input[str]] = None, + bound_subjects: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + bound_subjects_type: Optional[pulumi.Input[str]] = None, + groups_attribute: Optional[pulumi.Input[str]] = None, + name: Optional[pulumi.Input[str]] = None, + namespace: Optional[pulumi.Input[str]] = None, + token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + token_explicit_max_ttl: Optional[pulumi.Input[int]] = None, + token_max_ttl: Optional[pulumi.Input[int]] = None, + token_no_default_policy: Optional[pulumi.Input[bool]] = None, + token_num_uses: Optional[pulumi.Input[int]] = None, + token_period: Optional[pulumi.Input[int]] = None, + token_policies: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + token_ttl: Optional[pulumi.Input[int]] = None, + token_type: Optional[pulumi.Input[str]] = None): + """ + The set of arguments for constructing a AuthBackendRole resource. + :param pulumi.Input[str] path: Path where the auth backend is mounted. + :param pulumi.Input[Mapping[str, Any]] bound_attributes: Mapping of attribute names to values that are expected to + exist in the SAML assertion. + :param pulumi.Input[str] bound_attributes_type: The type of matching assertion to perform on + `bound_attributes_type`. + :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_subjects: List of subjects being asserted for SAML authentication. + :param pulumi.Input[str] bound_subjects_type: The type of matching assertion to perform on `bound_subjects`. + :param pulumi.Input[str] groups_attribute: The attribute to use to identify the set of groups to which the + user belongs. + :param pulumi.Input[str] name: Unique name of the role. + :param pulumi.Input[str] namespace: The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. + :param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: List of CIDR blocks; if set, specifies blocks of IP + addresses which can authenticate successfully, and ties the resulting token to these blocks + as well. + :param pulumi.Input[int] token_explicit_max_ttl: If set, will encode an + [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) + onto the token in number of seconds. This is a hard cap even if `token_ttl` and + `token_max_ttl` would otherwise allow a renewal. + :param pulumi.Input[int] token_max_ttl: The maximum lifetime for generated tokens in number of seconds. + Its current value will be referenced at renewal time. + :param pulumi.Input[bool] token_no_default_policy: If set, the default policy will not be set on + generated tokens; otherwise it will be added to the policies set in token_policies. + :param pulumi.Input[int] token_num_uses: The [maximum number](https://developer.hashicorp.com/vault/api-docs/auth/saml#token_num_uses) + of times a generated token may be used (within its lifetime); 0 means unlimited. + :param pulumi.Input[int] token_period: If set, indicates that the + token generated using this role should never expire. The token should be renewed within the + duration specified by this value. At each renewal, the token's TTL will be set to the + value of this field. Specified in seconds. + :param pulumi.Input[Sequence[pulumi.Input[str]]] token_policies: List of policies to encode onto generated tokens. Depending + on the auth method, this list may be supplemented by user/group/other values. + :param pulumi.Input[int] token_ttl: The incremental lifetime for generated tokens in number of seconds. + Its current value will be referenced at renewal time. + :param pulumi.Input[str] token_type: The type of token that should be generated. Can be `service`, + `batch`, or `default` to use the mount's tuned default (which unless changed will be + `service` tokens). For token store roles, there are two additional possibilities: + `default-service` and `default-batch` which specify the type to return unless the client + requests a different type at generation time. + """ + pulumi.set(__self__, "path", path) + if bound_attributes is not None: + pulumi.set(__self__, "bound_attributes", bound_attributes) + if bound_attributes_type is not None: + pulumi.set(__self__, "bound_attributes_type", bound_attributes_type) + if bound_subjects is not None: + pulumi.set(__self__, "bound_subjects", bound_subjects) + if bound_subjects_type is not None: + pulumi.set(__self__, "bound_subjects_type", bound_subjects_type) + if groups_attribute is not None: + pulumi.set(__self__, "groups_attribute", groups_attribute) + if name is not None: + pulumi.set(__self__, "name", name) + if namespace is not None: + pulumi.set(__self__, "namespace", namespace) + if token_bound_cidrs is not None: + pulumi.set(__self__, "token_bound_cidrs", token_bound_cidrs) + if token_explicit_max_ttl is not None: + pulumi.set(__self__, "token_explicit_max_ttl", token_explicit_max_ttl) + if token_max_ttl is not None: + pulumi.set(__self__, "token_max_ttl", token_max_ttl) + if token_no_default_policy is not None: + pulumi.set(__self__, "token_no_default_policy", token_no_default_policy) + if token_num_uses is not None: + pulumi.set(__self__, "token_num_uses", token_num_uses) + if token_period is not None: + pulumi.set(__self__, "token_period", token_period) + if token_policies is not None: + pulumi.set(__self__, "token_policies", token_policies) + if token_ttl is not None: + pulumi.set(__self__, "token_ttl", token_ttl) + if token_type is not None: + pulumi.set(__self__, "token_type", token_type) + + @property + @pulumi.getter + def path(self) -> pulumi.Input[str]: + """ + Path where the auth backend is mounted. + """ + return pulumi.get(self, "path") + + @path.setter + def path(self, value: pulumi.Input[str]): + pulumi.set(self, "path", value) + + @property + @pulumi.getter(name="boundAttributes") + def bound_attributes(self) -> Optional[pulumi.Input[Mapping[str, Any]]]: + """ + Mapping of attribute names to values that are expected to + exist in the SAML assertion. + """ + return pulumi.get(self, "bound_attributes") + + @bound_attributes.setter + def bound_attributes(self, value: Optional[pulumi.Input[Mapping[str, Any]]]): + pulumi.set(self, "bound_attributes", value) + + @property + @pulumi.getter(name="boundAttributesType") + def bound_attributes_type(self) -> Optional[pulumi.Input[str]]: + """ + The type of matching assertion to perform on + `bound_attributes_type`. + """ + return pulumi.get(self, "bound_attributes_type") + + @bound_attributes_type.setter + def bound_attributes_type(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "bound_attributes_type", value) + + @property + @pulumi.getter(name="boundSubjects") + def bound_subjects(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + List of subjects being asserted for SAML authentication. + """ + return pulumi.get(self, "bound_subjects") + + @bound_subjects.setter + def bound_subjects(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): + pulumi.set(self, "bound_subjects", value) + + @property + @pulumi.getter(name="boundSubjectsType") + def bound_subjects_type(self) -> Optional[pulumi.Input[str]]: + """ + The type of matching assertion to perform on `bound_subjects`. + """ + return pulumi.get(self, "bound_subjects_type") + + @bound_subjects_type.setter + def bound_subjects_type(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "bound_subjects_type", value) + + @property + @pulumi.getter(name="groupsAttribute") + def groups_attribute(self) -> Optional[pulumi.Input[str]]: + """ + The attribute to use to identify the set of groups to which the + user belongs. + """ + return pulumi.get(self, "groups_attribute") + + @groups_attribute.setter + def groups_attribute(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "groups_attribute", value) + + @property + @pulumi.getter + def name(self) -> Optional[pulumi.Input[str]]: + """ + Unique name of the role. + """ + return pulumi.get(self, "name") + + @name.setter + def name(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "name", value) + + @property + @pulumi.getter + def namespace(self) -> Optional[pulumi.Input[str]]: + """ + The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. + """ + return pulumi.get(self, "namespace") + + @namespace.setter + def namespace(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "namespace", value) + + @property + @pulumi.getter(name="tokenBoundCidrs") + def token_bound_cidrs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + List of CIDR blocks; if set, specifies blocks of IP + addresses which can authenticate successfully, and ties the resulting token to these blocks + as well. + """ + return pulumi.get(self, "token_bound_cidrs") + + @token_bound_cidrs.setter + def token_bound_cidrs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): + pulumi.set(self, "token_bound_cidrs", value) + + @property + @pulumi.getter(name="tokenExplicitMaxTtl") + def token_explicit_max_ttl(self) -> Optional[pulumi.Input[int]]: + """ + If set, will encode an + [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) + onto the token in number of seconds. This is a hard cap even if `token_ttl` and + `token_max_ttl` would otherwise allow a renewal. + """ + return pulumi.get(self, "token_explicit_max_ttl") + + @token_explicit_max_ttl.setter + def token_explicit_max_ttl(self, value: Optional[pulumi.Input[int]]): + pulumi.set(self, "token_explicit_max_ttl", value) + + @property + @pulumi.getter(name="tokenMaxTtl") + def token_max_ttl(self) -> Optional[pulumi.Input[int]]: + """ + The maximum lifetime for generated tokens in number of seconds. + Its current value will be referenced at renewal time. + """ + return pulumi.get(self, "token_max_ttl") + + @token_max_ttl.setter + def token_max_ttl(self, value: Optional[pulumi.Input[int]]): + pulumi.set(self, "token_max_ttl", value) + + @property + @pulumi.getter(name="tokenNoDefaultPolicy") + def token_no_default_policy(self) -> Optional[pulumi.Input[bool]]: + """ + If set, the default policy will not be set on + generated tokens; otherwise it will be added to the policies set in token_policies. + """ + return pulumi.get(self, "token_no_default_policy") + + @token_no_default_policy.setter + def token_no_default_policy(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "token_no_default_policy", value) + + @property + @pulumi.getter(name="tokenNumUses") + def token_num_uses(self) -> Optional[pulumi.Input[int]]: + """ + The [maximum number](https://developer.hashicorp.com/vault/api-docs/auth/saml#token_num_uses) + of times a generated token may be used (within its lifetime); 0 means unlimited. + """ + return pulumi.get(self, "token_num_uses") + + @token_num_uses.setter + def token_num_uses(self, value: Optional[pulumi.Input[int]]): + pulumi.set(self, "token_num_uses", value) + + @property + @pulumi.getter(name="tokenPeriod") + def token_period(self) -> Optional[pulumi.Input[int]]: + """ + If set, indicates that the + token generated using this role should never expire. The token should be renewed within the + duration specified by this value. At each renewal, the token's TTL will be set to the + value of this field. Specified in seconds. + """ + return pulumi.get(self, "token_period") + + @token_period.setter + def token_period(self, value: Optional[pulumi.Input[int]]): + pulumi.set(self, "token_period", value) + + @property + @pulumi.getter(name="tokenPolicies") + def token_policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + List of policies to encode onto generated tokens. Depending + on the auth method, this list may be supplemented by user/group/other values. + """ + return pulumi.get(self, "token_policies") + + @token_policies.setter + def token_policies(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): + pulumi.set(self, "token_policies", value) + + @property + @pulumi.getter(name="tokenTtl") + def token_ttl(self) -> Optional[pulumi.Input[int]]: + """ + The incremental lifetime for generated tokens in number of seconds. + Its current value will be referenced at renewal time. + """ + return pulumi.get(self, "token_ttl") + + @token_ttl.setter + def token_ttl(self, value: Optional[pulumi.Input[int]]): + pulumi.set(self, "token_ttl", value) + + @property + @pulumi.getter(name="tokenType") + def token_type(self) -> Optional[pulumi.Input[str]]: + """ + The type of token that should be generated. Can be `service`, + `batch`, or `default` to use the mount's tuned default (which unless changed will be + `service` tokens). For token store roles, there are two additional possibilities: + `default-service` and `default-batch` which specify the type to return unless the client + requests a different type at generation time. + """ + return pulumi.get(self, "token_type") + + @token_type.setter + def token_type(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "token_type", value) + + +@pulumi.input_type +class _AuthBackendRoleState: + def __init__(__self__, *, + bound_attributes: Optional[pulumi.Input[Mapping[str, Any]]] = None, + bound_attributes_type: Optional[pulumi.Input[str]] = None, + bound_subjects: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + bound_subjects_type: Optional[pulumi.Input[str]] = None, + groups_attribute: Optional[pulumi.Input[str]] = None, + name: Optional[pulumi.Input[str]] = None, + namespace: Optional[pulumi.Input[str]] = None, + path: Optional[pulumi.Input[str]] = None, + token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + token_explicit_max_ttl: Optional[pulumi.Input[int]] = None, + token_max_ttl: Optional[pulumi.Input[int]] = None, + token_no_default_policy: Optional[pulumi.Input[bool]] = None, + token_num_uses: Optional[pulumi.Input[int]] = None, + token_period: Optional[pulumi.Input[int]] = None, + token_policies: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + token_ttl: Optional[pulumi.Input[int]] = None, + token_type: Optional[pulumi.Input[str]] = None): + """ + Input properties used for looking up and filtering AuthBackendRole resources. + :param pulumi.Input[Mapping[str, Any]] bound_attributes: Mapping of attribute names to values that are expected to + exist in the SAML assertion. + :param pulumi.Input[str] bound_attributes_type: The type of matching assertion to perform on + `bound_attributes_type`. + :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_subjects: List of subjects being asserted for SAML authentication. + :param pulumi.Input[str] bound_subjects_type: The type of matching assertion to perform on `bound_subjects`. + :param pulumi.Input[str] groups_attribute: The attribute to use to identify the set of groups to which the + user belongs. + :param pulumi.Input[str] name: Unique name of the role. + :param pulumi.Input[str] namespace: The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. + :param pulumi.Input[str] path: Path where the auth backend is mounted. + :param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: List of CIDR blocks; if set, specifies blocks of IP + addresses which can authenticate successfully, and ties the resulting token to these blocks + as well. + :param pulumi.Input[int] token_explicit_max_ttl: If set, will encode an + [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) + onto the token in number of seconds. This is a hard cap even if `token_ttl` and + `token_max_ttl` would otherwise allow a renewal. + :param pulumi.Input[int] token_max_ttl: The maximum lifetime for generated tokens in number of seconds. + Its current value will be referenced at renewal time. + :param pulumi.Input[bool] token_no_default_policy: If set, the default policy will not be set on + generated tokens; otherwise it will be added to the policies set in token_policies. + :param pulumi.Input[int] token_num_uses: The [maximum number](https://developer.hashicorp.com/vault/api-docs/auth/saml#token_num_uses) + of times a generated token may be used (within its lifetime); 0 means unlimited. + :param pulumi.Input[int] token_period: If set, indicates that the + token generated using this role should never expire. The token should be renewed within the + duration specified by this value. At each renewal, the token's TTL will be set to the + value of this field. Specified in seconds. + :param pulumi.Input[Sequence[pulumi.Input[str]]] token_policies: List of policies to encode onto generated tokens. Depending + on the auth method, this list may be supplemented by user/group/other values. + :param pulumi.Input[int] token_ttl: The incremental lifetime for generated tokens in number of seconds. + Its current value will be referenced at renewal time. + :param pulumi.Input[str] token_type: The type of token that should be generated. Can be `service`, + `batch`, or `default` to use the mount's tuned default (which unless changed will be + `service` tokens). For token store roles, there are two additional possibilities: + `default-service` and `default-batch` which specify the type to return unless the client + requests a different type at generation time. + """ + if bound_attributes is not None: + pulumi.set(__self__, "bound_attributes", bound_attributes) + if bound_attributes_type is not None: + pulumi.set(__self__, "bound_attributes_type", bound_attributes_type) + if bound_subjects is not None: + pulumi.set(__self__, "bound_subjects", bound_subjects) + if bound_subjects_type is not None: + pulumi.set(__self__, "bound_subjects_type", bound_subjects_type) + if groups_attribute is not None: + pulumi.set(__self__, "groups_attribute", groups_attribute) + if name is not None: + pulumi.set(__self__, "name", name) + if namespace is not None: + pulumi.set(__self__, "namespace", namespace) + if path is not None: + pulumi.set(__self__, "path", path) + if token_bound_cidrs is not None: + pulumi.set(__self__, "token_bound_cidrs", token_bound_cidrs) + if token_explicit_max_ttl is not None: + pulumi.set(__self__, "token_explicit_max_ttl", token_explicit_max_ttl) + if token_max_ttl is not None: + pulumi.set(__self__, "token_max_ttl", token_max_ttl) + if token_no_default_policy is not None: + pulumi.set(__self__, "token_no_default_policy", token_no_default_policy) + if token_num_uses is not None: + pulumi.set(__self__, "token_num_uses", token_num_uses) + if token_period is not None: + pulumi.set(__self__, "token_period", token_period) + if token_policies is not None: + pulumi.set(__self__, "token_policies", token_policies) + if token_ttl is not None: + pulumi.set(__self__, "token_ttl", token_ttl) + if token_type is not None: + pulumi.set(__self__, "token_type", token_type) + + @property + @pulumi.getter(name="boundAttributes") + def bound_attributes(self) -> Optional[pulumi.Input[Mapping[str, Any]]]: + """ + Mapping of attribute names to values that are expected to + exist in the SAML assertion. + """ + return pulumi.get(self, "bound_attributes") + + @bound_attributes.setter + def bound_attributes(self, value: Optional[pulumi.Input[Mapping[str, Any]]]): + pulumi.set(self, "bound_attributes", value) + + @property + @pulumi.getter(name="boundAttributesType") + def bound_attributes_type(self) -> Optional[pulumi.Input[str]]: + """ + The type of matching assertion to perform on + `bound_attributes_type`. + """ + return pulumi.get(self, "bound_attributes_type") + + @bound_attributes_type.setter + def bound_attributes_type(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "bound_attributes_type", value) + + @property + @pulumi.getter(name="boundSubjects") + def bound_subjects(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + List of subjects being asserted for SAML authentication. + """ + return pulumi.get(self, "bound_subjects") + + @bound_subjects.setter + def bound_subjects(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): + pulumi.set(self, "bound_subjects", value) + + @property + @pulumi.getter(name="boundSubjectsType") + def bound_subjects_type(self) -> Optional[pulumi.Input[str]]: + """ + The type of matching assertion to perform on `bound_subjects`. + """ + return pulumi.get(self, "bound_subjects_type") + + @bound_subjects_type.setter + def bound_subjects_type(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "bound_subjects_type", value) + + @property + @pulumi.getter(name="groupsAttribute") + def groups_attribute(self) -> Optional[pulumi.Input[str]]: + """ + The attribute to use to identify the set of groups to which the + user belongs. + """ + return pulumi.get(self, "groups_attribute") + + @groups_attribute.setter + def groups_attribute(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "groups_attribute", value) + + @property + @pulumi.getter + def name(self) -> Optional[pulumi.Input[str]]: + """ + Unique name of the role. + """ + return pulumi.get(self, "name") + + @name.setter + def name(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "name", value) + + @property + @pulumi.getter + def namespace(self) -> Optional[pulumi.Input[str]]: + """ + The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. + """ + return pulumi.get(self, "namespace") + + @namespace.setter + def namespace(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "namespace", value) + + @property + @pulumi.getter + def path(self) -> Optional[pulumi.Input[str]]: + """ + Path where the auth backend is mounted. + """ + return pulumi.get(self, "path") + + @path.setter + def path(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "path", value) + + @property + @pulumi.getter(name="tokenBoundCidrs") + def token_bound_cidrs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + List of CIDR blocks; if set, specifies blocks of IP + addresses which can authenticate successfully, and ties the resulting token to these blocks + as well. + """ + return pulumi.get(self, "token_bound_cidrs") + + @token_bound_cidrs.setter + def token_bound_cidrs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): + pulumi.set(self, "token_bound_cidrs", value) + + @property + @pulumi.getter(name="tokenExplicitMaxTtl") + def token_explicit_max_ttl(self) -> Optional[pulumi.Input[int]]: + """ + If set, will encode an + [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) + onto the token in number of seconds. This is a hard cap even if `token_ttl` and + `token_max_ttl` would otherwise allow a renewal. + """ + return pulumi.get(self, "token_explicit_max_ttl") + + @token_explicit_max_ttl.setter + def token_explicit_max_ttl(self, value: Optional[pulumi.Input[int]]): + pulumi.set(self, "token_explicit_max_ttl", value) + + @property + @pulumi.getter(name="tokenMaxTtl") + def token_max_ttl(self) -> Optional[pulumi.Input[int]]: + """ + The maximum lifetime for generated tokens in number of seconds. + Its current value will be referenced at renewal time. + """ + return pulumi.get(self, "token_max_ttl") + + @token_max_ttl.setter + def token_max_ttl(self, value: Optional[pulumi.Input[int]]): + pulumi.set(self, "token_max_ttl", value) + + @property + @pulumi.getter(name="tokenNoDefaultPolicy") + def token_no_default_policy(self) -> Optional[pulumi.Input[bool]]: + """ + If set, the default policy will not be set on + generated tokens; otherwise it will be added to the policies set in token_policies. + """ + return pulumi.get(self, "token_no_default_policy") + + @token_no_default_policy.setter + def token_no_default_policy(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "token_no_default_policy", value) + + @property + @pulumi.getter(name="tokenNumUses") + def token_num_uses(self) -> Optional[pulumi.Input[int]]: + """ + The [maximum number](https://developer.hashicorp.com/vault/api-docs/auth/saml#token_num_uses) + of times a generated token may be used (within its lifetime); 0 means unlimited. + """ + return pulumi.get(self, "token_num_uses") + + @token_num_uses.setter + def token_num_uses(self, value: Optional[pulumi.Input[int]]): + pulumi.set(self, "token_num_uses", value) + + @property + @pulumi.getter(name="tokenPeriod") + def token_period(self) -> Optional[pulumi.Input[int]]: + """ + If set, indicates that the + token generated using this role should never expire. The token should be renewed within the + duration specified by this value. At each renewal, the token's TTL will be set to the + value of this field. Specified in seconds. + """ + return pulumi.get(self, "token_period") + + @token_period.setter + def token_period(self, value: Optional[pulumi.Input[int]]): + pulumi.set(self, "token_period", value) + + @property + @pulumi.getter(name="tokenPolicies") + def token_policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + List of policies to encode onto generated tokens. Depending + on the auth method, this list may be supplemented by user/group/other values. + """ + return pulumi.get(self, "token_policies") + + @token_policies.setter + def token_policies(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): + pulumi.set(self, "token_policies", value) + + @property + @pulumi.getter(name="tokenTtl") + def token_ttl(self) -> Optional[pulumi.Input[int]]: + """ + The incremental lifetime for generated tokens in number of seconds. + Its current value will be referenced at renewal time. + """ + return pulumi.get(self, "token_ttl") + + @token_ttl.setter + def token_ttl(self, value: Optional[pulumi.Input[int]]): + pulumi.set(self, "token_ttl", value) + + @property + @pulumi.getter(name="tokenType") + def token_type(self) -> Optional[pulumi.Input[str]]: + """ + The type of token that should be generated. Can be `service`, + `batch`, or `default` to use the mount's tuned default (which unless changed will be + `service` tokens). For token store roles, there are two additional possibilities: + `default-service` and `default-batch` which specify the type to return unless the client + requests a different type at generation time. + """ + return pulumi.get(self, "token_type") + + @token_type.setter + def token_type(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "token_type", value) + + +class AuthBackendRole(pulumi.CustomResource): + @overload + def __init__(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + bound_attributes: Optional[pulumi.Input[Mapping[str, Any]]] = None, + bound_attributes_type: Optional[pulumi.Input[str]] = None, + bound_subjects: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + bound_subjects_type: Optional[pulumi.Input[str]] = None, + groups_attribute: Optional[pulumi.Input[str]] = None, + name: Optional[pulumi.Input[str]] = None, + namespace: Optional[pulumi.Input[str]] = None, + path: Optional[pulumi.Input[str]] = None, + token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + token_explicit_max_ttl: Optional[pulumi.Input[int]] = None, + token_max_ttl: Optional[pulumi.Input[int]] = None, + token_no_default_policy: Optional[pulumi.Input[bool]] = None, + token_num_uses: Optional[pulumi.Input[int]] = None, + token_period: Optional[pulumi.Input[int]] = None, + token_policies: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + token_ttl: Optional[pulumi.Input[int]] = None, + token_type: Optional[pulumi.Input[str]] = None, + __props__=None): + """ + Manages an SAML auth backend role in a Vault server. See the [Vault + documentation](https://www.vaultproject.io/docs/auth/saml.html) for more + information. + + ## Example Usage + + ```python + import pulumi + import pulumi_vault as vault + + example_auth_backend = vault.saml.AuthBackend("exampleAuthBackend", + path="saml", + idp_metadata_url="https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata", + entity_id="https://my.vault/v1/auth/saml", + acs_urls=["https://my.vault.primary/v1/auth/saml/callback"], + default_role="default-role") + example_auth_backend_role = vault.saml.AuthBackendRole("exampleAuthBackendRole", + path=example_auth_backend.path, + groups_attribute="groups", + bound_attributes={ + "group": "admin", + }, + bound_subjects=["*example.com"], + token_policies=["writer"], + token_ttl=86400) + ``` + + ## Import + + SAML authentication backend roles can be imported using the `path`, e.g. + + ```sh + $ pulumi import vault:saml/authBackendRole:AuthBackendRole example auth/saml/role/my-role + ``` + + :param str resource_name: The name of the resource. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[Mapping[str, Any]] bound_attributes: Mapping of attribute names to values that are expected to + exist in the SAML assertion. + :param pulumi.Input[str] bound_attributes_type: The type of matching assertion to perform on + `bound_attributes_type`. + :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_subjects: List of subjects being asserted for SAML authentication. + :param pulumi.Input[str] bound_subjects_type: The type of matching assertion to perform on `bound_subjects`. + :param pulumi.Input[str] groups_attribute: The attribute to use to identify the set of groups to which the + user belongs. + :param pulumi.Input[str] name: Unique name of the role. + :param pulumi.Input[str] namespace: The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. + :param pulumi.Input[str] path: Path where the auth backend is mounted. + :param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: List of CIDR blocks; if set, specifies blocks of IP + addresses which can authenticate successfully, and ties the resulting token to these blocks + as well. + :param pulumi.Input[int] token_explicit_max_ttl: If set, will encode an + [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) + onto the token in number of seconds. This is a hard cap even if `token_ttl` and + `token_max_ttl` would otherwise allow a renewal. + :param pulumi.Input[int] token_max_ttl: The maximum lifetime for generated tokens in number of seconds. + Its current value will be referenced at renewal time. + :param pulumi.Input[bool] token_no_default_policy: If set, the default policy will not be set on + generated tokens; otherwise it will be added to the policies set in token_policies. + :param pulumi.Input[int] token_num_uses: The [maximum number](https://developer.hashicorp.com/vault/api-docs/auth/saml#token_num_uses) + of times a generated token may be used (within its lifetime); 0 means unlimited. + :param pulumi.Input[int] token_period: If set, indicates that the + token generated using this role should never expire. The token should be renewed within the + duration specified by this value. At each renewal, the token's TTL will be set to the + value of this field. Specified in seconds. + :param pulumi.Input[Sequence[pulumi.Input[str]]] token_policies: List of policies to encode onto generated tokens. Depending + on the auth method, this list may be supplemented by user/group/other values. + :param pulumi.Input[int] token_ttl: The incremental lifetime for generated tokens in number of seconds. + Its current value will be referenced at renewal time. + :param pulumi.Input[str] token_type: The type of token that should be generated. Can be `service`, + `batch`, or `default` to use the mount's tuned default (which unless changed will be + `service` tokens). For token store roles, there are two additional possibilities: + `default-service` and `default-batch` which specify the type to return unless the client + requests a different type at generation time. + """ + ... + @overload + def __init__(__self__, + resource_name: str, + args: AuthBackendRoleArgs, + opts: Optional[pulumi.ResourceOptions] = None): + """ + Manages an SAML auth backend role in a Vault server. See the [Vault + documentation](https://www.vaultproject.io/docs/auth/saml.html) for more + information. + + ## Example Usage + + ```python + import pulumi + import pulumi_vault as vault + + example_auth_backend = vault.saml.AuthBackend("exampleAuthBackend", + path="saml", + idp_metadata_url="https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata", + entity_id="https://my.vault/v1/auth/saml", + acs_urls=["https://my.vault.primary/v1/auth/saml/callback"], + default_role="default-role") + example_auth_backend_role = vault.saml.AuthBackendRole("exampleAuthBackendRole", + path=example_auth_backend.path, + groups_attribute="groups", + bound_attributes={ + "group": "admin", + }, + bound_subjects=["*example.com"], + token_policies=["writer"], + token_ttl=86400) + ``` + + ## Import + + SAML authentication backend roles can be imported using the `path`, e.g. + + ```sh + $ pulumi import vault:saml/authBackendRole:AuthBackendRole example auth/saml/role/my-role + ``` + + :param str resource_name: The name of the resource. + :param AuthBackendRoleArgs args: The arguments to use to populate this resource's properties. + :param pulumi.ResourceOptions opts: Options for the resource. + """ + ... + def __init__(__self__, resource_name: str, *args, **kwargs): + resource_args, opts = _utilities.get_resource_args_opts(AuthBackendRoleArgs, pulumi.ResourceOptions, *args, **kwargs) + if resource_args is not None: + __self__._internal_init(resource_name, opts, **resource_args.__dict__) + else: + __self__._internal_init(resource_name, *args, **kwargs) + + def _internal_init(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + bound_attributes: Optional[pulumi.Input[Mapping[str, Any]]] = None, + bound_attributes_type: Optional[pulumi.Input[str]] = None, + bound_subjects: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + bound_subjects_type: Optional[pulumi.Input[str]] = None, + groups_attribute: Optional[pulumi.Input[str]] = None, + name: Optional[pulumi.Input[str]] = None, + namespace: Optional[pulumi.Input[str]] = None, + path: Optional[pulumi.Input[str]] = None, + token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + token_explicit_max_ttl: Optional[pulumi.Input[int]] = None, + token_max_ttl: Optional[pulumi.Input[int]] = None, + token_no_default_policy: Optional[pulumi.Input[bool]] = None, + token_num_uses: Optional[pulumi.Input[int]] = None, + token_period: Optional[pulumi.Input[int]] = None, + token_policies: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + token_ttl: Optional[pulumi.Input[int]] = None, + token_type: Optional[pulumi.Input[str]] = None, + __props__=None): + opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) + if not isinstance(opts, pulumi.ResourceOptions): + raise TypeError('Expected resource options to be a ResourceOptions instance') + if opts.id is None: + if __props__ is not None: + raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') + __props__ = AuthBackendRoleArgs.__new__(AuthBackendRoleArgs) + + __props__.__dict__["bound_attributes"] = bound_attributes + __props__.__dict__["bound_attributes_type"] = bound_attributes_type + __props__.__dict__["bound_subjects"] = bound_subjects + __props__.__dict__["bound_subjects_type"] = bound_subjects_type + __props__.__dict__["groups_attribute"] = groups_attribute + __props__.__dict__["name"] = name + __props__.__dict__["namespace"] = namespace + if path is None and not opts.urn: + raise TypeError("Missing required property 'path'") + __props__.__dict__["path"] = path + __props__.__dict__["token_bound_cidrs"] = token_bound_cidrs + __props__.__dict__["token_explicit_max_ttl"] = token_explicit_max_ttl + __props__.__dict__["token_max_ttl"] = token_max_ttl + __props__.__dict__["token_no_default_policy"] = token_no_default_policy + __props__.__dict__["token_num_uses"] = token_num_uses + __props__.__dict__["token_period"] = token_period + __props__.__dict__["token_policies"] = token_policies + __props__.__dict__["token_ttl"] = token_ttl + __props__.__dict__["token_type"] = token_type + super(AuthBackendRole, __self__).__init__( + 'vault:saml/authBackendRole:AuthBackendRole', + resource_name, + __props__, + opts) + + @staticmethod + def get(resource_name: str, + id: pulumi.Input[str], + opts: Optional[pulumi.ResourceOptions] = None, + bound_attributes: Optional[pulumi.Input[Mapping[str, Any]]] = None, + bound_attributes_type: Optional[pulumi.Input[str]] = None, + bound_subjects: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + bound_subjects_type: Optional[pulumi.Input[str]] = None, + groups_attribute: Optional[pulumi.Input[str]] = None, + name: Optional[pulumi.Input[str]] = None, + namespace: Optional[pulumi.Input[str]] = None, + path: Optional[pulumi.Input[str]] = None, + token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + token_explicit_max_ttl: Optional[pulumi.Input[int]] = None, + token_max_ttl: Optional[pulumi.Input[int]] = None, + token_no_default_policy: Optional[pulumi.Input[bool]] = None, + token_num_uses: Optional[pulumi.Input[int]] = None, + token_period: Optional[pulumi.Input[int]] = None, + token_policies: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + token_ttl: Optional[pulumi.Input[int]] = None, + token_type: Optional[pulumi.Input[str]] = None) -> 'AuthBackendRole': + """ + Get an existing AuthBackendRole resource's state with the given name, id, and optional extra + properties used to qualify the lookup. + + :param str resource_name: The unique name of the resulting resource. + :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[Mapping[str, Any]] bound_attributes: Mapping of attribute names to values that are expected to + exist in the SAML assertion. + :param pulumi.Input[str] bound_attributes_type: The type of matching assertion to perform on + `bound_attributes_type`. + :param pulumi.Input[Sequence[pulumi.Input[str]]] bound_subjects: List of subjects being asserted for SAML authentication. + :param pulumi.Input[str] bound_subjects_type: The type of matching assertion to perform on `bound_subjects`. + :param pulumi.Input[str] groups_attribute: The attribute to use to identify the set of groups to which the + user belongs. + :param pulumi.Input[str] name: Unique name of the role. + :param pulumi.Input[str] namespace: The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. + :param pulumi.Input[str] path: Path where the auth backend is mounted. + :param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: List of CIDR blocks; if set, specifies blocks of IP + addresses which can authenticate successfully, and ties the resulting token to these blocks + as well. + :param pulumi.Input[int] token_explicit_max_ttl: If set, will encode an + [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) + onto the token in number of seconds. This is a hard cap even if `token_ttl` and + `token_max_ttl` would otherwise allow a renewal. + :param pulumi.Input[int] token_max_ttl: The maximum lifetime for generated tokens in number of seconds. + Its current value will be referenced at renewal time. + :param pulumi.Input[bool] token_no_default_policy: If set, the default policy will not be set on + generated tokens; otherwise it will be added to the policies set in token_policies. + :param pulumi.Input[int] token_num_uses: The [maximum number](https://developer.hashicorp.com/vault/api-docs/auth/saml#token_num_uses) + of times a generated token may be used (within its lifetime); 0 means unlimited. + :param pulumi.Input[int] token_period: If set, indicates that the + token generated using this role should never expire. The token should be renewed within the + duration specified by this value. At each renewal, the token's TTL will be set to the + value of this field. Specified in seconds. + :param pulumi.Input[Sequence[pulumi.Input[str]]] token_policies: List of policies to encode onto generated tokens. Depending + on the auth method, this list may be supplemented by user/group/other values. + :param pulumi.Input[int] token_ttl: The incremental lifetime for generated tokens in number of seconds. + Its current value will be referenced at renewal time. + :param pulumi.Input[str] token_type: The type of token that should be generated. Can be `service`, + `batch`, or `default` to use the mount's tuned default (which unless changed will be + `service` tokens). For token store roles, there are two additional possibilities: + `default-service` and `default-batch` which specify the type to return unless the client + requests a different type at generation time. + """ + opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) + + __props__ = _AuthBackendRoleState.__new__(_AuthBackendRoleState) + + __props__.__dict__["bound_attributes"] = bound_attributes + __props__.__dict__["bound_attributes_type"] = bound_attributes_type + __props__.__dict__["bound_subjects"] = bound_subjects + __props__.__dict__["bound_subjects_type"] = bound_subjects_type + __props__.__dict__["groups_attribute"] = groups_attribute + __props__.__dict__["name"] = name + __props__.__dict__["namespace"] = namespace + __props__.__dict__["path"] = path + __props__.__dict__["token_bound_cidrs"] = token_bound_cidrs + __props__.__dict__["token_explicit_max_ttl"] = token_explicit_max_ttl + __props__.__dict__["token_max_ttl"] = token_max_ttl + __props__.__dict__["token_no_default_policy"] = token_no_default_policy + __props__.__dict__["token_num_uses"] = token_num_uses + __props__.__dict__["token_period"] = token_period + __props__.__dict__["token_policies"] = token_policies + __props__.__dict__["token_ttl"] = token_ttl + __props__.__dict__["token_type"] = token_type + return AuthBackendRole(resource_name, opts=opts, __props__=__props__) + + @property + @pulumi.getter(name="boundAttributes") + def bound_attributes(self) -> pulumi.Output[Optional[Mapping[str, Any]]]: + """ + Mapping of attribute names to values that are expected to + exist in the SAML assertion. + """ + return pulumi.get(self, "bound_attributes") + + @property + @pulumi.getter(name="boundAttributesType") + def bound_attributes_type(self) -> pulumi.Output[str]: + """ + The type of matching assertion to perform on + `bound_attributes_type`. + """ + return pulumi.get(self, "bound_attributes_type") + + @property + @pulumi.getter(name="boundSubjects") + def bound_subjects(self) -> pulumi.Output[Optional[Sequence[str]]]: + """ + List of subjects being asserted for SAML authentication. + """ + return pulumi.get(self, "bound_subjects") + + @property + @pulumi.getter(name="boundSubjectsType") + def bound_subjects_type(self) -> pulumi.Output[str]: + """ + The type of matching assertion to perform on `bound_subjects`. + """ + return pulumi.get(self, "bound_subjects_type") + + @property + @pulumi.getter(name="groupsAttribute") + def groups_attribute(self) -> pulumi.Output[Optional[str]]: + """ + The attribute to use to identify the set of groups to which the + user belongs. + """ + return pulumi.get(self, "groups_attribute") + + @property + @pulumi.getter + def name(self) -> pulumi.Output[str]: + """ + Unique name of the role. + """ + return pulumi.get(self, "name") + + @property + @pulumi.getter + def namespace(self) -> pulumi.Output[Optional[str]]: + """ + The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. + """ + return pulumi.get(self, "namespace") + + @property + @pulumi.getter + def path(self) -> pulumi.Output[str]: + """ + Path where the auth backend is mounted. + """ + return pulumi.get(self, "path") + + @property + @pulumi.getter(name="tokenBoundCidrs") + def token_bound_cidrs(self) -> pulumi.Output[Optional[Sequence[str]]]: + """ + List of CIDR blocks; if set, specifies blocks of IP + addresses which can authenticate successfully, and ties the resulting token to these blocks + as well. + """ + return pulumi.get(self, "token_bound_cidrs") + + @property + @pulumi.getter(name="tokenExplicitMaxTtl") + def token_explicit_max_ttl(self) -> pulumi.Output[Optional[int]]: + """ + If set, will encode an + [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls) + onto the token in number of seconds. This is a hard cap even if `token_ttl` and + `token_max_ttl` would otherwise allow a renewal. + """ + return pulumi.get(self, "token_explicit_max_ttl") + + @property + @pulumi.getter(name="tokenMaxTtl") + def token_max_ttl(self) -> pulumi.Output[Optional[int]]: + """ + The maximum lifetime for generated tokens in number of seconds. + Its current value will be referenced at renewal time. + """ + return pulumi.get(self, "token_max_ttl") + + @property + @pulumi.getter(name="tokenNoDefaultPolicy") + def token_no_default_policy(self) -> pulumi.Output[Optional[bool]]: + """ + If set, the default policy will not be set on + generated tokens; otherwise it will be added to the policies set in token_policies. + """ + return pulumi.get(self, "token_no_default_policy") + + @property + @pulumi.getter(name="tokenNumUses") + def token_num_uses(self) -> pulumi.Output[Optional[int]]: + """ + The [maximum number](https://developer.hashicorp.com/vault/api-docs/auth/saml#token_num_uses) + of times a generated token may be used (within its lifetime); 0 means unlimited. + """ + return pulumi.get(self, "token_num_uses") + + @property + @pulumi.getter(name="tokenPeriod") + def token_period(self) -> pulumi.Output[Optional[int]]: + """ + If set, indicates that the + token generated using this role should never expire. The token should be renewed within the + duration specified by this value. At each renewal, the token's TTL will be set to the + value of this field. Specified in seconds. + """ + return pulumi.get(self, "token_period") + + @property + @pulumi.getter(name="tokenPolicies") + def token_policies(self) -> pulumi.Output[Optional[Sequence[str]]]: + """ + List of policies to encode onto generated tokens. Depending + on the auth method, this list may be supplemented by user/group/other values. + """ + return pulumi.get(self, "token_policies") + + @property + @pulumi.getter(name="tokenTtl") + def token_ttl(self) -> pulumi.Output[Optional[int]]: + """ + The incremental lifetime for generated tokens in number of seconds. + Its current value will be referenced at renewal time. + """ + return pulumi.get(self, "token_ttl") + + @property + @pulumi.getter(name="tokenType") + def token_type(self) -> pulumi.Output[Optional[str]]: + """ + The type of token that should be generated. Can be `service`, + `batch`, or `default` to use the mount's tuned default (which unless changed will be + `service` tokens). For token store roles, there are two additional possibilities: + `default-service` and `default-batch` which specify the type to return unless the client + requests a different type at generation time. + """ + return pulumi.get(self, "token_type") + diff --git a/sdk/python/pulumi_vault/ssh/_inputs.py b/sdk/python/pulumi_vault/ssh/_inputs.py index 8fddfff93..7cfea7c23 100644 --- a/sdk/python/pulumi_vault/ssh/_inputs.py +++ b/sdk/python/pulumi_vault/ssh/_inputs.py @@ -23,6 +23,12 @@ def __init__(__self__, *, For key types that do not support setting the length a value of `[0]` should be used. Setting multiple lengths is only supported on Vault 1.10+. For prior releases `length` must be set to a single element list. + + Example configuration blocks that might be included in the `ssh.SecretBackendRole` + + ```python + import pulumi + ``` :param pulumi.Input[str] type: The SSH public key type. *Supported key types are:* `rsa`, `ecdsa`, `ec`, `dsa`, `ed25519`, `ssh-rsa`, `ssh-dss`, `ssh-ed25519`, @@ -39,6 +45,12 @@ def lengths(self) -> pulumi.Input[Sequence[pulumi.Input[int]]]: For key types that do not support setting the length a value of `[0]` should be used. Setting multiple lengths is only supported on Vault 1.10+. For prior releases `length` must be set to a single element list. + + Example configuration blocks that might be included in the `ssh.SecretBackendRole` + + ```python + import pulumi + ``` """ return pulumi.get(self, "lengths") diff --git a/sdk/python/pulumi_vault/ssh/outputs.py b/sdk/python/pulumi_vault/ssh/outputs.py index a770d20b7..1d6bacbf7 100644 --- a/sdk/python/pulumi_vault/ssh/outputs.py +++ b/sdk/python/pulumi_vault/ssh/outputs.py @@ -23,6 +23,12 @@ def __init__(__self__, *, For key types that do not support setting the length a value of `[0]` should be used. Setting multiple lengths is only supported on Vault 1.10+. For prior releases `length` must be set to a single element list. + + Example configuration blocks that might be included in the `ssh.SecretBackendRole` + + ```python + import pulumi + ``` :param str type: The SSH public key type. *Supported key types are:* `rsa`, `ecdsa`, `ec`, `dsa`, `ed25519`, `ssh-rsa`, `ssh-dss`, `ssh-ed25519`, @@ -39,6 +45,12 @@ def lengths(self) -> Sequence[int]: For key types that do not support setting the length a value of `[0]` should be used. Setting multiple lengths is only supported on Vault 1.10+. For prior releases `length` must be set to a single element list. + + Example configuration blocks that might be included in the `ssh.SecretBackendRole` + + ```python + import pulumi + ``` """ return pulumi.get(self, "lengths") diff --git a/sdk/python/pulumi_vault/ssh/secret_backend_ca.py b/sdk/python/pulumi_vault/ssh/secret_backend_ca.py index 42c971ad9..607c0eb53 100644 --- a/sdk/python/pulumi_vault/ssh/secret_backend_ca.py +++ b/sdk/python/pulumi_vault/ssh/secret_backend_ca.py @@ -27,7 +27,7 @@ def __init__(__self__, *, The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). *Available only for Vault Enterprise*. - :param pulumi.Input[str] private_key: The private key part the SSH CA key pair; required if generate_signing_key is false. + :param pulumi.Input[str] private_key: Private key part the SSH CA key pair; required if generate_signing_key is false. :param pulumi.Input[str] public_key: The public key part the SSH CA key pair; required if generate_signing_key is false. """ if backend is not None: @@ -84,7 +84,7 @@ def namespace(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="privateKey") def private_key(self) -> Optional[pulumi.Input[str]]: """ - The private key part the SSH CA key pair; required if generate_signing_key is false. + Private key part the SSH CA key pair; required if generate_signing_key is false. """ return pulumi.get(self, "private_key") @@ -121,7 +121,7 @@ def __init__(__self__, *, The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). *Available only for Vault Enterprise*. - :param pulumi.Input[str] private_key: The private key part the SSH CA key pair; required if generate_signing_key is false. + :param pulumi.Input[str] private_key: Private key part the SSH CA key pair; required if generate_signing_key is false. :param pulumi.Input[str] public_key: The public key part the SSH CA key pair; required if generate_signing_key is false. """ if backend is not None: @@ -178,7 +178,7 @@ def namespace(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="privateKey") def private_key(self) -> Optional[pulumi.Input[str]]: """ - The private key part the SSH CA key pair; required if generate_signing_key is false. + Private key part the SSH CA key pair; required if generate_signing_key is false. """ return pulumi.get(self, "private_key") @@ -240,7 +240,7 @@ def __init__(__self__, The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). *Available only for Vault Enterprise*. - :param pulumi.Input[str] private_key: The private key part the SSH CA key pair; required if generate_signing_key is false. + :param pulumi.Input[str] private_key: Private key part the SSH CA key pair; required if generate_signing_key is false. :param pulumi.Input[str] public_key: The public key part the SSH CA key pair; required if generate_signing_key is false. """ ... @@ -335,7 +335,7 @@ def get(resource_name: str, The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). *Available only for Vault Enterprise*. - :param pulumi.Input[str] private_key: The private key part the SSH CA key pair; required if generate_signing_key is false. + :param pulumi.Input[str] private_key: Private key part the SSH CA key pair; required if generate_signing_key is false. :param pulumi.Input[str] public_key: The public key part the SSH CA key pair; required if generate_signing_key is false. """ opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) @@ -380,7 +380,7 @@ def namespace(self) -> pulumi.Output[Optional[str]]: @pulumi.getter(name="privateKey") def private_key(self) -> pulumi.Output[str]: """ - The private key part the SSH CA key pair; required if generate_signing_key is false. + Private key part the SSH CA key pair; required if generate_signing_key is false. """ return pulumi.get(self, "private_key") diff --git a/sdk/python/pulumi_vault/ssh/secret_backend_role.py b/sdk/python/pulumi_vault/ssh/secret_backend_role.py index a6a6adac1..6a260ba2d 100644 --- a/sdk/python/pulumi_vault/ssh/secret_backend_role.py +++ b/sdk/python/pulumi_vault/ssh/secret_backend_role.py @@ -305,6 +305,9 @@ def allowed_user_key_lengths(self) -> Optional[pulumi.Input[Mapping[str, pulumi. are allowed to be signed by the CA type. *Deprecated: use* allowed_user_key_config *instead* """ + warnings.warn("""Set in allowed_user_key_config""", DeprecationWarning) + pulumi.log.warn("""allowed_user_key_lengths is deprecated: Set in allowed_user_key_config""") + return pulumi.get(self, "allowed_user_key_lengths") @allowed_user_key_lengths.setter @@ -742,6 +745,9 @@ def allowed_user_key_lengths(self) -> Optional[pulumi.Input[Mapping[str, pulumi. are allowed to be signed by the CA type. *Deprecated: use* allowed_user_key_config *instead* """ + warnings.warn("""Set in allowed_user_key_config""", DeprecationWarning) + pulumi.log.warn("""allowed_user_key_lengths is deprecated: Set in allowed_user_key_config""") + return pulumi.get(self, "allowed_user_key_lengths") @allowed_user_key_lengths.setter @@ -1135,9 +1141,6 @@ def _internal_init(__self__, __props__.__dict__["allowed_domains_template"] = allowed_domains_template __props__.__dict__["allowed_extensions"] = allowed_extensions __props__.__dict__["allowed_user_key_configs"] = allowed_user_key_configs - if allowed_user_key_lengths is not None and not opts.urn: - warnings.warn("""Set in allowed_user_key_config""", DeprecationWarning) - pulumi.log.warn("""allowed_user_key_lengths is deprecated: Set in allowed_user_key_config""") __props__.__dict__["allowed_user_key_lengths"] = allowed_user_key_lengths __props__.__dict__["allowed_users"] = allowed_users __props__.__dict__["allowed_users_template"] = allowed_users_template @@ -1371,6 +1374,9 @@ def allowed_user_key_lengths(self) -> pulumi.Output[Optional[Mapping[str, int]]] are allowed to be signed by the CA type. *Deprecated: use* allowed_user_key_config *instead* """ + warnings.warn("""Set in allowed_user_key_config""", DeprecationWarning) + pulumi.log.warn("""allowed_user_key_lengths is deprecated: Set in allowed_user_key_config""") + return pulumi.get(self, "allowed_user_key_lengths") @property diff --git a/sdk/python/pulumi_vault/tokenauth/auth_backend_role.py b/sdk/python/pulumi_vault/tokenauth/auth_backend_role.py index 44682e0ad..55b9d6d2f 100644 --- a/sdk/python/pulumi_vault/tokenauth/auth_backend_role.py +++ b/sdk/python/pulumi_vault/tokenauth/auth_backend_role.py @@ -47,6 +47,8 @@ def __init__(__self__, *, *Available only for Vault Enterprise*. :param pulumi.Input[bool] orphan: If true, tokens created against this policy will be orphan tokens. :param pulumi.Input[str] path_suffix: Tokens created against this role will have the given suffix as part of their path in addition to the role name. + + > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked. :param pulumi.Input[bool] renewable: Whether to disable the ability of the token to be renewed past its initial TTL. :param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: List of CIDR blocks; if set, specifies blocks of IP addresses which can authenticate successfully, and ties the resulting token to these blocks @@ -216,6 +218,8 @@ def orphan(self, value: Optional[pulumi.Input[bool]]): def path_suffix(self) -> Optional[pulumi.Input[str]]: """ Tokens created against this role will have the given suffix as part of their path in addition to the role name. + + > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked. """ return pulumi.get(self, "path_suffix") @@ -395,6 +399,8 @@ def __init__(__self__, *, *Available only for Vault Enterprise*. :param pulumi.Input[bool] orphan: If true, tokens created against this policy will be orphan tokens. :param pulumi.Input[str] path_suffix: Tokens created against this role will have the given suffix as part of their path in addition to the role name. + + > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked. :param pulumi.Input[bool] renewable: Whether to disable the ability of the token to be renewed past its initial TTL. :param pulumi.Input[str] role_name: The name of the role. :param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: List of CIDR blocks; if set, specifies blocks of IP @@ -554,6 +560,8 @@ def orphan(self, value: Optional[pulumi.Input[bool]]): def path_suffix(self) -> Optional[pulumi.Input[str]]: """ Tokens created against this role will have the given suffix as part of their path in addition to the role name. + + > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked. """ return pulumi.get(self, "path_suffix") @@ -782,6 +790,8 @@ def __init__(__self__, *Available only for Vault Enterprise*. :param pulumi.Input[bool] orphan: If true, tokens created against this policy will be orphan tokens. :param pulumi.Input[str] path_suffix: Tokens created against this role will have the given suffix as part of their path in addition to the role name. + + > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked. :param pulumi.Input[bool] renewable: Whether to disable the ability of the token to be renewed past its initial TTL. :param pulumi.Input[str] role_name: The name of the role. :param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: List of CIDR blocks; if set, specifies blocks of IP @@ -961,6 +971,8 @@ def get(resource_name: str, *Available only for Vault Enterprise*. :param pulumi.Input[bool] orphan: If true, tokens created against this policy will be orphan tokens. :param pulumi.Input[str] path_suffix: Tokens created against this role will have the given suffix as part of their path in addition to the role name. + + > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked. :param pulumi.Input[bool] renewable: Whether to disable the ability of the token to be renewed past its initial TTL. :param pulumi.Input[str] role_name: The name of the role. :param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: List of CIDR blocks; if set, specifies blocks of IP @@ -1078,6 +1090,8 @@ def orphan(self) -> pulumi.Output[Optional[bool]]: def path_suffix(self) -> pulumi.Output[Optional[str]]: """ Tokens created against this role will have the given suffix as part of their path in addition to the role name. + + > Due to a bug the resource. This *will* cause all existing tokens issued by this role to be revoked. """ return pulumi.get(self, "path_suffix") diff --git a/sdk/python/pulumi_vault/transform/alphabet.py b/sdk/python/pulumi_vault/transform/alphabet.py index 1ea5e1ddb..d5d9b1735 100644 --- a/sdk/python/pulumi_vault/transform/alphabet.py +++ b/sdk/python/pulumi_vault/transform/alphabet.py @@ -16,18 +16,25 @@ class AlphabetArgs: def __init__(__self__, *, path: pulumi.Input[str], alphabet: Optional[pulumi.Input[str]] = None, - name: Optional[pulumi.Input[str]] = None): + name: Optional[pulumi.Input[str]] = None, + namespace: Optional[pulumi.Input[str]] = None): """ The set of arguments for constructing a Alphabet resource. :param pulumi.Input[str] path: Path to where the back-end is mounted within Vault. :param pulumi.Input[str] alphabet: A string of characters that contains the alphabet set. :param pulumi.Input[str] name: The name of the alphabet. + :param pulumi.Input[str] namespace: The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. """ pulumi.set(__self__, "path", path) if alphabet is not None: pulumi.set(__self__, "alphabet", alphabet) if name is not None: pulumi.set(__self__, "name", name) + if namespace is not None: + pulumi.set(__self__, "namespace", namespace) @property @pulumi.getter @@ -65,23 +72,45 @@ def name(self) -> Optional[pulumi.Input[str]]: def name(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "name", value) + @property + @pulumi.getter + def namespace(self) -> Optional[pulumi.Input[str]]: + """ + The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. + """ + return pulumi.get(self, "namespace") + + @namespace.setter + def namespace(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "namespace", value) + @pulumi.input_type class _AlphabetState: def __init__(__self__, *, alphabet: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, + namespace: Optional[pulumi.Input[str]] = None, path: Optional[pulumi.Input[str]] = None): """ Input properties used for looking up and filtering Alphabet resources. :param pulumi.Input[str] alphabet: A string of characters that contains the alphabet set. :param pulumi.Input[str] name: The name of the alphabet. + :param pulumi.Input[str] namespace: The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. :param pulumi.Input[str] path: Path to where the back-end is mounted within Vault. """ if alphabet is not None: pulumi.set(__self__, "alphabet", alphabet) if name is not None: pulumi.set(__self__, "name", name) + if namespace is not None: + pulumi.set(__self__, "namespace", namespace) if path is not None: pulumi.set(__self__, "path", path) @@ -109,6 +138,21 @@ def name(self) -> Optional[pulumi.Input[str]]: def name(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "name", value) + @property + @pulumi.getter + def namespace(self) -> Optional[pulumi.Input[str]]: + """ + The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. + """ + return pulumi.get(self, "namespace") + + @namespace.setter + def namespace(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "namespace", value) + @property @pulumi.getter def path(self) -> Optional[pulumi.Input[str]]: @@ -129,6 +173,7 @@ def __init__(__self__, opts: Optional[pulumi.ResourceOptions] = None, alphabet: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, + namespace: Optional[pulumi.Input[str]] = None, path: Optional[pulumi.Input[str]] = None, __props__=None): """ @@ -154,6 +199,10 @@ def __init__(__self__, :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] alphabet: A string of characters that contains the alphabet set. :param pulumi.Input[str] name: The name of the alphabet. + :param pulumi.Input[str] namespace: The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. :param pulumi.Input[str] path: Path to where the back-end is mounted within Vault. """ ... @@ -198,6 +247,7 @@ def _internal_init(__self__, opts: Optional[pulumi.ResourceOptions] = None, alphabet: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, + namespace: Optional[pulumi.Input[str]] = None, path: Optional[pulumi.Input[str]] = None, __props__=None): opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) @@ -210,6 +260,7 @@ def _internal_init(__self__, __props__.__dict__["alphabet"] = alphabet __props__.__dict__["name"] = name + __props__.__dict__["namespace"] = namespace if path is None and not opts.urn: raise TypeError("Missing required property 'path'") __props__.__dict__["path"] = path @@ -225,6 +276,7 @@ def get(resource_name: str, opts: Optional[pulumi.ResourceOptions] = None, alphabet: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, + namespace: Optional[pulumi.Input[str]] = None, path: Optional[pulumi.Input[str]] = None) -> 'Alphabet': """ Get an existing Alphabet resource's state with the given name, id, and optional extra @@ -235,6 +287,10 @@ def get(resource_name: str, :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] alphabet: A string of characters that contains the alphabet set. :param pulumi.Input[str] name: The name of the alphabet. + :param pulumi.Input[str] namespace: The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. :param pulumi.Input[str] path: Path to where the back-end is mounted within Vault. """ opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) @@ -243,6 +299,7 @@ def get(resource_name: str, __props__.__dict__["alphabet"] = alphabet __props__.__dict__["name"] = name + __props__.__dict__["namespace"] = namespace __props__.__dict__["path"] = path return Alphabet(resource_name, opts=opts, __props__=__props__) @@ -262,6 +319,17 @@ def name(self) -> pulumi.Output[str]: """ return pulumi.get(self, "name") + @property + @pulumi.getter + def namespace(self) -> pulumi.Output[Optional[str]]: + """ + The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. + """ + return pulumi.get(self, "namespace") + @property @pulumi.getter def path(self) -> pulumi.Output[str]: diff --git a/sdk/python/pulumi_vault/transform/get_decode.py b/sdk/python/pulumi_vault/transform/get_decode.py index 27789f0d8..e7b5e39eb 100644 --- a/sdk/python/pulumi_vault/transform/get_decode.py +++ b/sdk/python/pulumi_vault/transform/get_decode.py @@ -21,7 +21,7 @@ class GetDecodeResult: """ A collection of values returned by getDecode. """ - def __init__(__self__, batch_inputs=None, batch_results=None, decoded_value=None, id=None, path=None, role_name=None, transformation=None, tweak=None, value=None): + def __init__(__self__, batch_inputs=None, batch_results=None, decoded_value=None, id=None, namespace=None, path=None, role_name=None, transformation=None, tweak=None, value=None): if batch_inputs and not isinstance(batch_inputs, list): raise TypeError("Expected argument 'batch_inputs' to be a list") pulumi.set(__self__, "batch_inputs", batch_inputs) @@ -34,6 +34,9 @@ def __init__(__self__, batch_inputs=None, batch_results=None, decoded_value=None if id and not isinstance(id, str): raise TypeError("Expected argument 'id' to be a str") pulumi.set(__self__, "id", id) + if namespace and not isinstance(namespace, str): + raise TypeError("Expected argument 'namespace' to be a str") + pulumi.set(__self__, "namespace", namespace) if path and not isinstance(path, str): raise TypeError("Expected argument 'path' to be a str") pulumi.set(__self__, "path", path) @@ -73,6 +76,11 @@ def id(self) -> str: """ return pulumi.get(self, "id") + @property + @pulumi.getter + def namespace(self) -> Optional[str]: + return pulumi.get(self, "namespace") + @property @pulumi.getter def path(self) -> str: @@ -109,6 +117,7 @@ def __await__(self): batch_results=self.batch_results, decoded_value=self.decoded_value, id=self.id, + namespace=self.namespace, path=self.path, role_name=self.role_name, transformation=self.transformation, @@ -119,6 +128,7 @@ def __await__(self): def get_decode(batch_inputs: Optional[Sequence[Mapping[str, Any]]] = None, batch_results: Optional[Sequence[Mapping[str, Any]]] = None, decoded_value: Optional[str] = None, + namespace: Optional[str] = None, path: Optional[str] = None, role_name: Optional[str] = None, transformation: Optional[str] = None, @@ -130,10 +140,37 @@ def get_decode(batch_inputs: Optional[Sequence[Mapping[str, Any]]] = None, It decodes the provided value using a named role. + ## Example Usage + + ```python + import pulumi + import pulumi_vault as vault + + transform = vault.Mount("transform", + path="transform", + type="transform") + ccn_fpe = vault.transform.Transformation("ccn-fpe", + path=transform.path, + type="fpe", + template="builtin/creditcardnumber", + tweak_source="internal", + allowed_roles=["payments"]) + payments = vault.transform.Role("payments", + path=ccn_fpe.path, + transformations=["ccn-fpe"]) + test = vault.transform.get_decode_output(path=payments.path, + role_name="payments", + value="9300-3376-4943-8903") + ``` + :param Sequence[Mapping[str, Any]] batch_inputs: Specifies a list of items to be decoded in a single batch. If this parameter is set, the top-level parameters 'value', 'transformation' and 'tweak' will be ignored. Each batch item within the list can specify these parameters instead. :param Sequence[Mapping[str, Any]] batch_results: The result of decoding a batch. :param str decoded_value: The result of decoding a value. + :param str namespace: The namespace of the target resource. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. :param str path: Path to where the back-end is mounted within Vault. :param str role_name: The name of the role. :param str transformation: The transformation to perform. If no value is provided and the role contains a single transformation, this value will be inferred from the role. @@ -144,6 +181,7 @@ def get_decode(batch_inputs: Optional[Sequence[Mapping[str, Any]]] = None, __args__['batchInputs'] = batch_inputs __args__['batchResults'] = batch_results __args__['decodedValue'] = decoded_value + __args__['namespace'] = namespace __args__['path'] = path __args__['roleName'] = role_name __args__['transformation'] = transformation @@ -153,21 +191,23 @@ def get_decode(batch_inputs: Optional[Sequence[Mapping[str, Any]]] = None, __ret__ = pulumi.runtime.invoke('vault:transform/getDecode:getDecode', __args__, opts=opts, typ=GetDecodeResult).value return AwaitableGetDecodeResult( - batch_inputs=__ret__.batch_inputs, - batch_results=__ret__.batch_results, - decoded_value=__ret__.decoded_value, - id=__ret__.id, - path=__ret__.path, - role_name=__ret__.role_name, - transformation=__ret__.transformation, - tweak=__ret__.tweak, - value=__ret__.value) + batch_inputs=pulumi.get(__ret__, 'batch_inputs'), + batch_results=pulumi.get(__ret__, 'batch_results'), + decoded_value=pulumi.get(__ret__, 'decoded_value'), + id=pulumi.get(__ret__, 'id'), + namespace=pulumi.get(__ret__, 'namespace'), + path=pulumi.get(__ret__, 'path'), + role_name=pulumi.get(__ret__, 'role_name'), + transformation=pulumi.get(__ret__, 'transformation'), + tweak=pulumi.get(__ret__, 'tweak'), + value=pulumi.get(__ret__, 'value')) @_utilities.lift_output_func(get_decode) def get_decode_output(batch_inputs: Optional[pulumi.Input[Optional[Sequence[Mapping[str, Any]]]]] = None, batch_results: Optional[pulumi.Input[Optional[Sequence[Mapping[str, Any]]]]] = None, decoded_value: Optional[pulumi.Input[Optional[str]]] = None, + namespace: Optional[pulumi.Input[Optional[str]]] = None, path: Optional[pulumi.Input[str]] = None, role_name: Optional[pulumi.Input[str]] = None, transformation: Optional[pulumi.Input[Optional[str]]] = None, @@ -179,10 +219,37 @@ def get_decode_output(batch_inputs: Optional[pulumi.Input[Optional[Sequence[Mapp It decodes the provided value using a named role. + ## Example Usage + + ```python + import pulumi + import pulumi_vault as vault + + transform = vault.Mount("transform", + path="transform", + type="transform") + ccn_fpe = vault.transform.Transformation("ccn-fpe", + path=transform.path, + type="fpe", + template="builtin/creditcardnumber", + tweak_source="internal", + allowed_roles=["payments"]) + payments = vault.transform.Role("payments", + path=ccn_fpe.path, + transformations=["ccn-fpe"]) + test = vault.transform.get_decode_output(path=payments.path, + role_name="payments", + value="9300-3376-4943-8903") + ``` + :param Sequence[Mapping[str, Any]] batch_inputs: Specifies a list of items to be decoded in a single batch. If this parameter is set, the top-level parameters 'value', 'transformation' and 'tweak' will be ignored. Each batch item within the list can specify these parameters instead. :param Sequence[Mapping[str, Any]] batch_results: The result of decoding a batch. :param str decoded_value: The result of decoding a value. + :param str namespace: The namespace of the target resource. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. :param str path: Path to where the back-end is mounted within Vault. :param str role_name: The name of the role. :param str transformation: The transformation to perform. If no value is provided and the role contains a single transformation, this value will be inferred from the role. diff --git a/sdk/python/pulumi_vault/transform/get_encode.py b/sdk/python/pulumi_vault/transform/get_encode.py index 5b7c9f41d..c90ef35d1 100644 --- a/sdk/python/pulumi_vault/transform/get_encode.py +++ b/sdk/python/pulumi_vault/transform/get_encode.py @@ -21,7 +21,7 @@ class GetEncodeResult: """ A collection of values returned by getEncode. """ - def __init__(__self__, batch_inputs=None, batch_results=None, encoded_value=None, id=None, path=None, role_name=None, transformation=None, tweak=None, value=None): + def __init__(__self__, batch_inputs=None, batch_results=None, encoded_value=None, id=None, namespace=None, path=None, role_name=None, transformation=None, tweak=None, value=None): if batch_inputs and not isinstance(batch_inputs, list): raise TypeError("Expected argument 'batch_inputs' to be a list") pulumi.set(__self__, "batch_inputs", batch_inputs) @@ -34,6 +34,9 @@ def __init__(__self__, batch_inputs=None, batch_results=None, encoded_value=None if id and not isinstance(id, str): raise TypeError("Expected argument 'id' to be a str") pulumi.set(__self__, "id", id) + if namespace and not isinstance(namespace, str): + raise TypeError("Expected argument 'namespace' to be a str") + pulumi.set(__self__, "namespace", namespace) if path and not isinstance(path, str): raise TypeError("Expected argument 'path' to be a str") pulumi.set(__self__, "path", path) @@ -73,6 +76,11 @@ def id(self) -> str: """ return pulumi.get(self, "id") + @property + @pulumi.getter + def namespace(self) -> Optional[str]: + return pulumi.get(self, "namespace") + @property @pulumi.getter def path(self) -> str: @@ -109,6 +117,7 @@ def __await__(self): batch_results=self.batch_results, encoded_value=self.encoded_value, id=self.id, + namespace=self.namespace, path=self.path, role_name=self.role_name, transformation=self.transformation, @@ -119,6 +128,7 @@ def __await__(self): def get_encode(batch_inputs: Optional[Sequence[Mapping[str, Any]]] = None, batch_results: Optional[Sequence[Mapping[str, Any]]] = None, encoded_value: Optional[str] = None, + namespace: Optional[str] = None, path: Optional[str] = None, role_name: Optional[str] = None, transformation: Optional[str] = None, @@ -130,10 +140,39 @@ def get_encode(batch_inputs: Optional[Sequence[Mapping[str, Any]]] = None, It encodes the provided value using a named role. + ## Example Usage + + ```python + import pulumi + import pulumi_vault as vault + + transform = vault.Mount("transform", + path="transform", + type="transform") + ccn_fpe = vault.transform.Transformation("ccn-fpe", + path=transform.path, + type="fpe", + template="builtin/creditcardnumber", + tweak_source="internal", + allowed_roles=["payments"]) + payments = vault.transform.Role("payments", + path=ccn_fpe.path, + transformations=["ccn-fpe"]) + test = vault.transform.get_encode_output(path=payments.path, + role_name="payments", + batch_inputs=[{ + "value": "1111-2222-3333-4444", + }]) + ``` + :param Sequence[Mapping[str, Any]] batch_inputs: Specifies a list of items to be encoded in a single batch. If this parameter is set, the parameters 'value', 'transformation' and 'tweak' will be ignored. Each batch item within the list can specify these parameters instead. :param Sequence[Mapping[str, Any]] batch_results: The result of encoding a batch. :param str encoded_value: The result of encoding a value. + :param str namespace: The namespace of the target resource. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. :param str path: Path to where the back-end is mounted within Vault. :param str role_name: The name of the role. :param str transformation: The transformation to perform. If no value is provided and the role contains a single transformation, this value will be inferred from the role. @@ -144,6 +183,7 @@ def get_encode(batch_inputs: Optional[Sequence[Mapping[str, Any]]] = None, __args__['batchInputs'] = batch_inputs __args__['batchResults'] = batch_results __args__['encodedValue'] = encoded_value + __args__['namespace'] = namespace __args__['path'] = path __args__['roleName'] = role_name __args__['transformation'] = transformation @@ -153,21 +193,23 @@ def get_encode(batch_inputs: Optional[Sequence[Mapping[str, Any]]] = None, __ret__ = pulumi.runtime.invoke('vault:transform/getEncode:getEncode', __args__, opts=opts, typ=GetEncodeResult).value return AwaitableGetEncodeResult( - batch_inputs=__ret__.batch_inputs, - batch_results=__ret__.batch_results, - encoded_value=__ret__.encoded_value, - id=__ret__.id, - path=__ret__.path, - role_name=__ret__.role_name, - transformation=__ret__.transformation, - tweak=__ret__.tweak, - value=__ret__.value) + batch_inputs=pulumi.get(__ret__, 'batch_inputs'), + batch_results=pulumi.get(__ret__, 'batch_results'), + encoded_value=pulumi.get(__ret__, 'encoded_value'), + id=pulumi.get(__ret__, 'id'), + namespace=pulumi.get(__ret__, 'namespace'), + path=pulumi.get(__ret__, 'path'), + role_name=pulumi.get(__ret__, 'role_name'), + transformation=pulumi.get(__ret__, 'transformation'), + tweak=pulumi.get(__ret__, 'tweak'), + value=pulumi.get(__ret__, 'value')) @_utilities.lift_output_func(get_encode) def get_encode_output(batch_inputs: Optional[pulumi.Input[Optional[Sequence[Mapping[str, Any]]]]] = None, batch_results: Optional[pulumi.Input[Optional[Sequence[Mapping[str, Any]]]]] = None, encoded_value: Optional[pulumi.Input[Optional[str]]] = None, + namespace: Optional[pulumi.Input[Optional[str]]] = None, path: Optional[pulumi.Input[str]] = None, role_name: Optional[pulumi.Input[str]] = None, transformation: Optional[pulumi.Input[Optional[str]]] = None, @@ -179,10 +221,39 @@ def get_encode_output(batch_inputs: Optional[pulumi.Input[Optional[Sequence[Mapp It encodes the provided value using a named role. + ## Example Usage + + ```python + import pulumi + import pulumi_vault as vault + + transform = vault.Mount("transform", + path="transform", + type="transform") + ccn_fpe = vault.transform.Transformation("ccn-fpe", + path=transform.path, + type="fpe", + template="builtin/creditcardnumber", + tweak_source="internal", + allowed_roles=["payments"]) + payments = vault.transform.Role("payments", + path=ccn_fpe.path, + transformations=["ccn-fpe"]) + test = vault.transform.get_encode_output(path=payments.path, + role_name="payments", + batch_inputs=[{ + "value": "1111-2222-3333-4444", + }]) + ``` + :param Sequence[Mapping[str, Any]] batch_inputs: Specifies a list of items to be encoded in a single batch. If this parameter is set, the parameters 'value', 'transformation' and 'tweak' will be ignored. Each batch item within the list can specify these parameters instead. :param Sequence[Mapping[str, Any]] batch_results: The result of encoding a batch. :param str encoded_value: The result of encoding a value. + :param str namespace: The namespace of the target resource. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. :param str path: Path to where the back-end is mounted within Vault. :param str role_name: The name of the role. :param str transformation: The transformation to perform. If no value is provided and the role contains a single transformation, this value will be inferred from the role. diff --git a/sdk/python/pulumi_vault/transform/role.py b/sdk/python/pulumi_vault/transform/role.py index 91da5d9b3..f5d66b338 100644 --- a/sdk/python/pulumi_vault/transform/role.py +++ b/sdk/python/pulumi_vault/transform/role.py @@ -16,16 +16,23 @@ class RoleArgs: def __init__(__self__, *, path: pulumi.Input[str], name: Optional[pulumi.Input[str]] = None, + namespace: Optional[pulumi.Input[str]] = None, transformations: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): """ The set of arguments for constructing a Role resource. :param pulumi.Input[str] path: Path to where the back-end is mounted within Vault. :param pulumi.Input[str] name: The name of the role. + :param pulumi.Input[str] namespace: The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. :param pulumi.Input[Sequence[pulumi.Input[str]]] transformations: A comma separated string or slice of transformations to use. """ pulumi.set(__self__, "path", path) if name is not None: pulumi.set(__self__, "name", name) + if namespace is not None: + pulumi.set(__self__, "namespace", namespace) if transformations is not None: pulumi.set(__self__, "transformations", transformations) @@ -53,6 +60,21 @@ def name(self) -> Optional[pulumi.Input[str]]: def name(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "name", value) + @property + @pulumi.getter + def namespace(self) -> Optional[pulumi.Input[str]]: + """ + The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. + """ + return pulumi.get(self, "namespace") + + @namespace.setter + def namespace(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "namespace", value) + @property @pulumi.getter def transformations(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: @@ -70,16 +92,23 @@ def transformations(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str class _RoleState: def __init__(__self__, *, name: Optional[pulumi.Input[str]] = None, + namespace: Optional[pulumi.Input[str]] = None, path: Optional[pulumi.Input[str]] = None, transformations: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): """ Input properties used for looking up and filtering Role resources. :param pulumi.Input[str] name: The name of the role. + :param pulumi.Input[str] namespace: The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. :param pulumi.Input[str] path: Path to where the back-end is mounted within Vault. :param pulumi.Input[Sequence[pulumi.Input[str]]] transformations: A comma separated string or slice of transformations to use. """ if name is not None: pulumi.set(__self__, "name", name) + if namespace is not None: + pulumi.set(__self__, "namespace", namespace) if path is not None: pulumi.set(__self__, "path", path) if transformations is not None: @@ -97,6 +126,21 @@ def name(self) -> Optional[pulumi.Input[str]]: def name(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "name", value) + @property + @pulumi.getter + def namespace(self) -> Optional[pulumi.Input[str]]: + """ + The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. + """ + return pulumi.get(self, "namespace") + + @namespace.setter + def namespace(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "namespace", value) + @property @pulumi.getter def path(self) -> Optional[pulumi.Input[str]]: @@ -128,6 +172,7 @@ def __init__(__self__, resource_name: str, opts: Optional[pulumi.ResourceOptions] = None, name: Optional[pulumi.Input[str]] = None, + namespace: Optional[pulumi.Input[str]] = None, path: Optional[pulumi.Input[str]] = None, transformations: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, __props__=None): @@ -154,6 +199,10 @@ def __init__(__self__, :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] name: The name of the role. + :param pulumi.Input[str] namespace: The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. :param pulumi.Input[str] path: Path to where the back-end is mounted within Vault. :param pulumi.Input[Sequence[pulumi.Input[str]]] transformations: A comma separated string or slice of transformations to use. """ @@ -199,6 +248,7 @@ def _internal_init(__self__, resource_name: str, opts: Optional[pulumi.ResourceOptions] = None, name: Optional[pulumi.Input[str]] = None, + namespace: Optional[pulumi.Input[str]] = None, path: Optional[pulumi.Input[str]] = None, transformations: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, __props__=None): @@ -211,6 +261,7 @@ def _internal_init(__self__, __props__ = RoleArgs.__new__(RoleArgs) __props__.__dict__["name"] = name + __props__.__dict__["namespace"] = namespace if path is None and not opts.urn: raise TypeError("Missing required property 'path'") __props__.__dict__["path"] = path @@ -226,6 +277,7 @@ def get(resource_name: str, id: pulumi.Input[str], opts: Optional[pulumi.ResourceOptions] = None, name: Optional[pulumi.Input[str]] = None, + namespace: Optional[pulumi.Input[str]] = None, path: Optional[pulumi.Input[str]] = None, transformations: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None) -> 'Role': """ @@ -236,6 +288,10 @@ def get(resource_name: str, :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] name: The name of the role. + :param pulumi.Input[str] namespace: The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. :param pulumi.Input[str] path: Path to where the back-end is mounted within Vault. :param pulumi.Input[Sequence[pulumi.Input[str]]] transformations: A comma separated string or slice of transformations to use. """ @@ -244,6 +300,7 @@ def get(resource_name: str, __props__ = _RoleState.__new__(_RoleState) __props__.__dict__["name"] = name + __props__.__dict__["namespace"] = namespace __props__.__dict__["path"] = path __props__.__dict__["transformations"] = transformations return Role(resource_name, opts=opts, __props__=__props__) @@ -256,6 +313,17 @@ def name(self) -> pulumi.Output[str]: """ return pulumi.get(self, "name") + @property + @pulumi.getter + def namespace(self) -> pulumi.Output[Optional[str]]: + """ + The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. + """ + return pulumi.get(self, "namespace") + @property @pulumi.getter def path(self) -> pulumi.Output[str]: diff --git a/sdk/python/pulumi_vault/transform/template.py b/sdk/python/pulumi_vault/transform/template.py index acbb519bd..f36c8dd06 100644 --- a/sdk/python/pulumi_vault/transform/template.py +++ b/sdk/python/pulumi_vault/transform/template.py @@ -19,17 +19,22 @@ def __init__(__self__, *, decode_formats: Optional[pulumi.Input[Mapping[str, Any]]] = None, encode_format: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, + namespace: Optional[pulumi.Input[str]] = None, pattern: Optional[pulumi.Input[str]] = None, type: Optional[pulumi.Input[str]] = None): """ The set of arguments for constructing a Template resource. :param pulumi.Input[str] path: Path to where the back-end is mounted within Vault. :param pulumi.Input[str] alphabet: The alphabet to use for this template. This is only used during FPE transformations. - :param pulumi.Input[Mapping[str, Any]] decode_formats: - Optional mapping of name to regular expression template, used to customize + :param pulumi.Input[Mapping[str, Any]] decode_formats: Optional mapping of name to regular expression template, used to customize the decoded output. (requires Vault Enterprise 1.9+) - :param pulumi.Input[str] encode_format: - The regular expression template used to format encoded values. + :param pulumi.Input[str] encode_format: The regular expression template used to format encoded values. (requires Vault Enterprise 1.9+) :param pulumi.Input[str] name: The name of the template. + :param pulumi.Input[str] namespace: The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. :param pulumi.Input[str] pattern: The pattern used for matching. Currently, only regular expression pattern is supported. :param pulumi.Input[str] type: The pattern type to use for match detection. Currently, only regex is supported. """ @@ -42,6 +47,8 @@ def __init__(__self__, *, pulumi.set(__self__, "encode_format", encode_format) if name is not None: pulumi.set(__self__, "name", name) + if namespace is not None: + pulumi.set(__self__, "namespace", namespace) if pattern is not None: pulumi.set(__self__, "pattern", pattern) if type is not None: @@ -75,7 +82,7 @@ def alphabet(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="decodeFormats") def decode_formats(self) -> Optional[pulumi.Input[Mapping[str, Any]]]: """ - - Optional mapping of name to regular expression template, used to customize + Optional mapping of name to regular expression template, used to customize the decoded output. (requires Vault Enterprise 1.9+) """ return pulumi.get(self, "decode_formats") @@ -88,7 +95,7 @@ def decode_formats(self, value: Optional[pulumi.Input[Mapping[str, Any]]]): @pulumi.getter(name="encodeFormat") def encode_format(self) -> Optional[pulumi.Input[str]]: """ - - The regular expression template used to format encoded values. + The regular expression template used to format encoded values. (requires Vault Enterprise 1.9+) """ return pulumi.get(self, "encode_format") @@ -109,6 +116,21 @@ def name(self) -> Optional[pulumi.Input[str]]: def name(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "name", value) + @property + @pulumi.getter + def namespace(self) -> Optional[pulumi.Input[str]]: + """ + The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. + """ + return pulumi.get(self, "namespace") + + @namespace.setter + def namespace(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "namespace", value) + @property @pulumi.getter def pattern(self) -> Optional[pulumi.Input[str]]: @@ -141,17 +163,22 @@ def __init__(__self__, *, decode_formats: Optional[pulumi.Input[Mapping[str, Any]]] = None, encode_format: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, + namespace: Optional[pulumi.Input[str]] = None, path: Optional[pulumi.Input[str]] = None, pattern: Optional[pulumi.Input[str]] = None, type: Optional[pulumi.Input[str]] = None): """ Input properties used for looking up and filtering Template resources. :param pulumi.Input[str] alphabet: The alphabet to use for this template. This is only used during FPE transformations. - :param pulumi.Input[Mapping[str, Any]] decode_formats: - Optional mapping of name to regular expression template, used to customize + :param pulumi.Input[Mapping[str, Any]] decode_formats: Optional mapping of name to regular expression template, used to customize the decoded output. (requires Vault Enterprise 1.9+) - :param pulumi.Input[str] encode_format: - The regular expression template used to format encoded values. + :param pulumi.Input[str] encode_format: The regular expression template used to format encoded values. (requires Vault Enterprise 1.9+) :param pulumi.Input[str] name: The name of the template. + :param pulumi.Input[str] namespace: The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. :param pulumi.Input[str] path: Path to where the back-end is mounted within Vault. :param pulumi.Input[str] pattern: The pattern used for matching. Currently, only regular expression pattern is supported. :param pulumi.Input[str] type: The pattern type to use for match detection. Currently, only regex is supported. @@ -164,6 +191,8 @@ def __init__(__self__, *, pulumi.set(__self__, "encode_format", encode_format) if name is not None: pulumi.set(__self__, "name", name) + if namespace is not None: + pulumi.set(__self__, "namespace", namespace) if path is not None: pulumi.set(__self__, "path", path) if pattern is not None: @@ -187,7 +216,7 @@ def alphabet(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="decodeFormats") def decode_formats(self) -> Optional[pulumi.Input[Mapping[str, Any]]]: """ - - Optional mapping of name to regular expression template, used to customize + Optional mapping of name to regular expression template, used to customize the decoded output. (requires Vault Enterprise 1.9+) """ return pulumi.get(self, "decode_formats") @@ -200,7 +229,7 @@ def decode_formats(self, value: Optional[pulumi.Input[Mapping[str, Any]]]): @pulumi.getter(name="encodeFormat") def encode_format(self) -> Optional[pulumi.Input[str]]: """ - - The regular expression template used to format encoded values. + The regular expression template used to format encoded values. (requires Vault Enterprise 1.9+) """ return pulumi.get(self, "encode_format") @@ -221,6 +250,21 @@ def name(self) -> Optional[pulumi.Input[str]]: def name(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "name", value) + @property + @pulumi.getter + def namespace(self) -> Optional[pulumi.Input[str]]: + """ + The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. + """ + return pulumi.get(self, "namespace") + + @namespace.setter + def namespace(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "namespace", value) + @property @pulumi.getter def path(self) -> Optional[pulumi.Input[str]]: @@ -267,20 +311,62 @@ def __init__(__self__, decode_formats: Optional[pulumi.Input[Mapping[str, Any]]] = None, encode_format: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, + namespace: Optional[pulumi.Input[str]] = None, path: Optional[pulumi.Input[str]] = None, pattern: Optional[pulumi.Input[str]] = None, type: Optional[pulumi.Input[str]] = None, __props__=None): """ - Create a Template resource with the given unique name, props, and options. + This resource supports the `/transform/template/{name}` Vault endpoint. + + It creates or updates a template with the given name. If a template with the name does not exist, + it will be created. If the template exists, it will be updated with the new attributes. + + > Requires _Vault Enterprise with the Advanced Data Protection Transform Module_. + See [Transform Secrets Engine](https://www.vaultproject.io/docs/secrets/transform) + for more information. + + ## Example Usage + + Please note that the `pattern` below holds a regex. The regex shown + is identical to the one in our [Setup](https://www.vaultproject.io/docs/secrets/transform#setup) + docs, `(\\d{4})-(\\d{4})-(\\d{4})-(\\d{4})`. However, due to HCL, the + backslashes must be escaped to appear correctly in Vault. For further + assistance escaping your own custom regex, see String Literals. + + ```python + import pulumi + import pulumi_vault as vault + + transform = vault.Mount("transform", + path="transform", + type="transform") + numerics = vault.transform.Alphabet("numerics", + path=transform.path, + alphabet="0123456789") + test = vault.transform.Template("test", + path=numerics.path, + type="regex", + pattern="(\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})", + alphabet="numerics", + encode_format="$1-$2-$3-$4", + decode_formats={ + "last-four-digits": "$4", + }) + ``` + :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] alphabet: The alphabet to use for this template. This is only used during FPE transformations. - :param pulumi.Input[Mapping[str, Any]] decode_formats: - Optional mapping of name to regular expression template, used to customize + :param pulumi.Input[Mapping[str, Any]] decode_formats: Optional mapping of name to regular expression template, used to customize the decoded output. (requires Vault Enterprise 1.9+) - :param pulumi.Input[str] encode_format: - The regular expression template used to format encoded values. + :param pulumi.Input[str] encode_format: The regular expression template used to format encoded values. (requires Vault Enterprise 1.9+) :param pulumi.Input[str] name: The name of the template. + :param pulumi.Input[str] namespace: The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. :param pulumi.Input[str] path: Path to where the back-end is mounted within Vault. :param pulumi.Input[str] pattern: The pattern used for matching. Currently, only regular expression pattern is supported. :param pulumi.Input[str] type: The pattern type to use for match detection. Currently, only regex is supported. @@ -292,7 +378,44 @@ def __init__(__self__, args: TemplateArgs, opts: Optional[pulumi.ResourceOptions] = None): """ - Create a Template resource with the given unique name, props, and options. + This resource supports the `/transform/template/{name}` Vault endpoint. + + It creates or updates a template with the given name. If a template with the name does not exist, + it will be created. If the template exists, it will be updated with the new attributes. + + > Requires _Vault Enterprise with the Advanced Data Protection Transform Module_. + See [Transform Secrets Engine](https://www.vaultproject.io/docs/secrets/transform) + for more information. + + ## Example Usage + + Please note that the `pattern` below holds a regex. The regex shown + is identical to the one in our [Setup](https://www.vaultproject.io/docs/secrets/transform#setup) + docs, `(\\d{4})-(\\d{4})-(\\d{4})-(\\d{4})`. However, due to HCL, the + backslashes must be escaped to appear correctly in Vault. For further + assistance escaping your own custom regex, see String Literals. + + ```python + import pulumi + import pulumi_vault as vault + + transform = vault.Mount("transform", + path="transform", + type="transform") + numerics = vault.transform.Alphabet("numerics", + path=transform.path, + alphabet="0123456789") + test = vault.transform.Template("test", + path=numerics.path, + type="regex", + pattern="(\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})[- ](\\\\d{4})", + alphabet="numerics", + encode_format="$1-$2-$3-$4", + decode_formats={ + "last-four-digits": "$4", + }) + ``` + :param str resource_name: The name of the resource. :param TemplateArgs args: The arguments to use to populate this resource's properties. :param pulumi.ResourceOptions opts: Options for the resource. @@ -312,6 +435,7 @@ def _internal_init(__self__, decode_formats: Optional[pulumi.Input[Mapping[str, Any]]] = None, encode_format: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, + namespace: Optional[pulumi.Input[str]] = None, path: Optional[pulumi.Input[str]] = None, pattern: Optional[pulumi.Input[str]] = None, type: Optional[pulumi.Input[str]] = None, @@ -328,6 +452,7 @@ def _internal_init(__self__, __props__.__dict__["decode_formats"] = decode_formats __props__.__dict__["encode_format"] = encode_format __props__.__dict__["name"] = name + __props__.__dict__["namespace"] = namespace if path is None and not opts.urn: raise TypeError("Missing required property 'path'") __props__.__dict__["path"] = path @@ -347,6 +472,7 @@ def get(resource_name: str, decode_formats: Optional[pulumi.Input[Mapping[str, Any]]] = None, encode_format: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, + namespace: Optional[pulumi.Input[str]] = None, path: Optional[pulumi.Input[str]] = None, pattern: Optional[pulumi.Input[str]] = None, type: Optional[pulumi.Input[str]] = None) -> 'Template': @@ -358,11 +484,15 @@ def get(resource_name: str, :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] alphabet: The alphabet to use for this template. This is only used during FPE transformations. - :param pulumi.Input[Mapping[str, Any]] decode_formats: - Optional mapping of name to regular expression template, used to customize + :param pulumi.Input[Mapping[str, Any]] decode_formats: Optional mapping of name to regular expression template, used to customize the decoded output. (requires Vault Enterprise 1.9+) - :param pulumi.Input[str] encode_format: - The regular expression template used to format encoded values. + :param pulumi.Input[str] encode_format: The regular expression template used to format encoded values. (requires Vault Enterprise 1.9+) :param pulumi.Input[str] name: The name of the template. + :param pulumi.Input[str] namespace: The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. :param pulumi.Input[str] path: Path to where the back-end is mounted within Vault. :param pulumi.Input[str] pattern: The pattern used for matching. Currently, only regular expression pattern is supported. :param pulumi.Input[str] type: The pattern type to use for match detection. Currently, only regex is supported. @@ -375,6 +505,7 @@ def get(resource_name: str, __props__.__dict__["decode_formats"] = decode_formats __props__.__dict__["encode_format"] = encode_format __props__.__dict__["name"] = name + __props__.__dict__["namespace"] = namespace __props__.__dict__["path"] = path __props__.__dict__["pattern"] = pattern __props__.__dict__["type"] = type @@ -392,7 +523,7 @@ def alphabet(self) -> pulumi.Output[Optional[str]]: @pulumi.getter(name="decodeFormats") def decode_formats(self) -> pulumi.Output[Optional[Mapping[str, Any]]]: """ - - Optional mapping of name to regular expression template, used to customize + Optional mapping of name to regular expression template, used to customize the decoded output. (requires Vault Enterprise 1.9+) """ return pulumi.get(self, "decode_formats") @@ -401,7 +532,7 @@ def decode_formats(self) -> pulumi.Output[Optional[Mapping[str, Any]]]: @pulumi.getter(name="encodeFormat") def encode_format(self) -> pulumi.Output[Optional[str]]: """ - - The regular expression template used to format encoded values. + The regular expression template used to format encoded values. (requires Vault Enterprise 1.9+) """ return pulumi.get(self, "encode_format") @@ -414,6 +545,17 @@ def name(self) -> pulumi.Output[str]: """ return pulumi.get(self, "name") + @property + @pulumi.getter + def namespace(self) -> pulumi.Output[Optional[str]]: + """ + The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. + """ + return pulumi.get(self, "namespace") + @property @pulumi.getter def path(self) -> pulumi.Output[str]: diff --git a/sdk/python/pulumi_vault/transform/transformation.py b/sdk/python/pulumi_vault/transform/transformation.py index 1ea97fa48..93e80fe83 100644 --- a/sdk/python/pulumi_vault/transform/transformation.py +++ b/sdk/python/pulumi_vault/transform/transformation.py @@ -19,6 +19,7 @@ def __init__(__self__, *, deletion_allowed: Optional[pulumi.Input[bool]] = None, masking_character: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, + namespace: Optional[pulumi.Input[str]] = None, template: Optional[pulumi.Input[str]] = None, templates: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, tweak_source: Optional[pulumi.Input[str]] = None, @@ -32,6 +33,10 @@ def __init__(__self__, *, *Only supported on vault-1.12+* :param pulumi.Input[str] masking_character: The character used to replace data when in masking mode :param pulumi.Input[str] name: The name of the transformation. + :param pulumi.Input[str] namespace: The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. :param pulumi.Input[str] template: The name of the template to use. :param pulumi.Input[Sequence[pulumi.Input[str]]] templates: Templates configured for transformation. :param pulumi.Input[str] tweak_source: The source of where the tweak value comes from. Only valid when in FPE mode. @@ -46,6 +51,8 @@ def __init__(__self__, *, pulumi.set(__self__, "masking_character", masking_character) if name is not None: pulumi.set(__self__, "name", name) + if namespace is not None: + pulumi.set(__self__, "namespace", namespace) if template is not None: pulumi.set(__self__, "template", template) if templates is not None: @@ -117,6 +124,21 @@ def name(self) -> Optional[pulumi.Input[str]]: def name(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "name", value) + @property + @pulumi.getter + def namespace(self) -> Optional[pulumi.Input[str]]: + """ + The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. + """ + return pulumi.get(self, "namespace") + + @namespace.setter + def namespace(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "namespace", value) + @property @pulumi.getter def template(self) -> Optional[pulumi.Input[str]]: @@ -173,6 +195,7 @@ def __init__(__self__, *, deletion_allowed: Optional[pulumi.Input[bool]] = None, masking_character: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, + namespace: Optional[pulumi.Input[str]] = None, path: Optional[pulumi.Input[str]] = None, template: Optional[pulumi.Input[str]] = None, templates: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, @@ -186,6 +209,10 @@ def __init__(__self__, *, *Only supported on vault-1.12+* :param pulumi.Input[str] masking_character: The character used to replace data when in masking mode :param pulumi.Input[str] name: The name of the transformation. + :param pulumi.Input[str] namespace: The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. :param pulumi.Input[str] path: Path to where the back-end is mounted within Vault. :param pulumi.Input[str] template: The name of the template to use. :param pulumi.Input[Sequence[pulumi.Input[str]]] templates: Templates configured for transformation. @@ -200,6 +227,8 @@ def __init__(__self__, *, pulumi.set(__self__, "masking_character", masking_character) if name is not None: pulumi.set(__self__, "name", name) + if namespace is not None: + pulumi.set(__self__, "namespace", namespace) if path is not None: pulumi.set(__self__, "path", path) if template is not None: @@ -261,6 +290,21 @@ def name(self) -> Optional[pulumi.Input[str]]: def name(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "name", value) + @property + @pulumi.getter + def namespace(self) -> Optional[pulumi.Input[str]]: + """ + The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. + """ + return pulumi.get(self, "namespace") + + @namespace.setter + def namespace(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "namespace", value) + @property @pulumi.getter def path(self) -> Optional[pulumi.Input[str]]: @@ -331,6 +375,7 @@ def __init__(__self__, deletion_allowed: Optional[pulumi.Input[bool]] = None, masking_character: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, + namespace: Optional[pulumi.Input[str]] = None, path: Optional[pulumi.Input[str]] = None, template: Optional[pulumi.Input[str]] = None, templates: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, @@ -347,6 +392,10 @@ def __init__(__self__, *Only supported on vault-1.12+* :param pulumi.Input[str] masking_character: The character used to replace data when in masking mode :param pulumi.Input[str] name: The name of the transformation. + :param pulumi.Input[str] namespace: The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. :param pulumi.Input[str] path: Path to where the back-end is mounted within Vault. :param pulumi.Input[str] template: The name of the template to use. :param pulumi.Input[Sequence[pulumi.Input[str]]] templates: Templates configured for transformation. @@ -380,6 +429,7 @@ def _internal_init(__self__, deletion_allowed: Optional[pulumi.Input[bool]] = None, masking_character: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, + namespace: Optional[pulumi.Input[str]] = None, path: Optional[pulumi.Input[str]] = None, template: Optional[pulumi.Input[str]] = None, templates: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, @@ -398,6 +448,7 @@ def _internal_init(__self__, __props__.__dict__["deletion_allowed"] = deletion_allowed __props__.__dict__["masking_character"] = masking_character __props__.__dict__["name"] = name + __props__.__dict__["namespace"] = namespace if path is None and not opts.urn: raise TypeError("Missing required property 'path'") __props__.__dict__["path"] = path @@ -419,6 +470,7 @@ def get(resource_name: str, deletion_allowed: Optional[pulumi.Input[bool]] = None, masking_character: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, + namespace: Optional[pulumi.Input[str]] = None, path: Optional[pulumi.Input[str]] = None, template: Optional[pulumi.Input[str]] = None, templates: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, @@ -437,6 +489,10 @@ def get(resource_name: str, *Only supported on vault-1.12+* :param pulumi.Input[str] masking_character: The character used to replace data when in masking mode :param pulumi.Input[str] name: The name of the transformation. + :param pulumi.Input[str] namespace: The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. :param pulumi.Input[str] path: Path to where the back-end is mounted within Vault. :param pulumi.Input[str] template: The name of the template to use. :param pulumi.Input[Sequence[pulumi.Input[str]]] templates: Templates configured for transformation. @@ -451,6 +507,7 @@ def get(resource_name: str, __props__.__dict__["deletion_allowed"] = deletion_allowed __props__.__dict__["masking_character"] = masking_character __props__.__dict__["name"] = name + __props__.__dict__["namespace"] = namespace __props__.__dict__["path"] = path __props__.__dict__["template"] = template __props__.__dict__["templates"] = templates @@ -492,6 +549,17 @@ def name(self) -> pulumi.Output[str]: """ return pulumi.get(self, "name") + @property + @pulumi.getter + def namespace(self) -> pulumi.Output[Optional[str]]: + """ + The namespace to provision the resource in. + The value should not contain leading or trailing forward slashes. + The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace). + *Available only for Vault Enterprise*. + """ + return pulumi.get(self, "namespace") + @property @pulumi.getter def path(self) -> pulumi.Output[str]: diff --git a/sdk/python/pulumi_vault/transit/get_decrypt.py b/sdk/python/pulumi_vault/transit/get_decrypt.py index 0c4e3eb5f..f81e2b92e 100644 --- a/sdk/python/pulumi_vault/transit/get_decrypt.py +++ b/sdk/python/pulumi_vault/transit/get_decrypt.py @@ -137,13 +137,13 @@ def get_decrypt(backend: Optional[str] = None, __ret__ = pulumi.runtime.invoke('vault:transit/getDecrypt:getDecrypt', __args__, opts=opts, typ=GetDecryptResult).value return AwaitableGetDecryptResult( - backend=__ret__.backend, - ciphertext=__ret__.ciphertext, - context=__ret__.context, - id=__ret__.id, - key=__ret__.key, - namespace=__ret__.namespace, - plaintext=__ret__.plaintext) + backend=pulumi.get(__ret__, 'backend'), + ciphertext=pulumi.get(__ret__, 'ciphertext'), + context=pulumi.get(__ret__, 'context'), + id=pulumi.get(__ret__, 'id'), + key=pulumi.get(__ret__, 'key'), + namespace=pulumi.get(__ret__, 'namespace'), + plaintext=pulumi.get(__ret__, 'plaintext')) @_utilities.lift_output_func(get_decrypt) diff --git a/sdk/python/pulumi_vault/transit/get_encrypt.py b/sdk/python/pulumi_vault/transit/get_encrypt.py index d3dc9c6e1..b18fa6191 100644 --- a/sdk/python/pulumi_vault/transit/get_encrypt.py +++ b/sdk/python/pulumi_vault/transit/get_encrypt.py @@ -138,14 +138,14 @@ def get_encrypt(backend: Optional[str] = None, __ret__ = pulumi.runtime.invoke('vault:transit/getEncrypt:getEncrypt', __args__, opts=opts, typ=GetEncryptResult).value return AwaitableGetEncryptResult( - backend=__ret__.backend, - ciphertext=__ret__.ciphertext, - context=__ret__.context, - id=__ret__.id, - key=__ret__.key, - key_version=__ret__.key_version, - namespace=__ret__.namespace, - plaintext=__ret__.plaintext) + backend=pulumi.get(__ret__, 'backend'), + ciphertext=pulumi.get(__ret__, 'ciphertext'), + context=pulumi.get(__ret__, 'context'), + id=pulumi.get(__ret__, 'id'), + key=pulumi.get(__ret__, 'key'), + key_version=pulumi.get(__ret__, 'key_version'), + namespace=pulumi.get(__ret__, 'namespace'), + plaintext=pulumi.get(__ret__, 'plaintext')) @_utilities.lift_output_func(get_encrypt) diff --git a/sdk/python/pulumi_vault/transit/secret_backend_key.py b/sdk/python/pulumi_vault/transit/secret_backend_key.py index 2c5153356..5d3a3cf8c 100644 --- a/sdk/python/pulumi_vault/transit/secret_backend_key.py +++ b/sdk/python/pulumi_vault/transit/secret_backend_key.py @@ -115,6 +115,9 @@ def auto_rotate_interval(self) -> Optional[pulumi.Input[int]]: Amount of time the key should live before being automatically rotated. A value of 0 disables automatic rotation for the key. """ + warnings.warn("""Use auto_rotate_period instead""", DeprecationWarning) + pulumi.log.warn("""auto_rotate_interval is deprecated: Use auto_rotate_period instead""") + return pulumi.get(self, "auto_rotate_interval") @auto_rotate_interval.setter @@ -382,6 +385,9 @@ def auto_rotate_interval(self) -> Optional[pulumi.Input[int]]: Amount of time the key should live before being automatically rotated. A value of 0 disables automatic rotation for the key. """ + warnings.warn("""Use auto_rotate_period instead""", DeprecationWarning) + pulumi.log.warn("""auto_rotate_interval is deprecated: Use auto_rotate_period instead""") + return pulumi.get(self, "auto_rotate_interval") @auto_rotate_interval.setter @@ -771,9 +777,6 @@ def _internal_init(__self__, __props__ = SecretBackendKeyArgs.__new__(SecretBackendKeyArgs) __props__.__dict__["allow_plaintext_backup"] = allow_plaintext_backup - if auto_rotate_interval is not None and not opts.urn: - warnings.warn("""Use auto_rotate_period instead""", DeprecationWarning) - pulumi.log.warn("""auto_rotate_interval is deprecated: Use auto_rotate_period instead""") __props__.__dict__["auto_rotate_interval"] = auto_rotate_interval __props__.__dict__["auto_rotate_period"] = auto_rotate_period if backend is None and not opts.urn: @@ -908,6 +911,9 @@ def auto_rotate_interval(self) -> pulumi.Output[int]: Amount of time the key should live before being automatically rotated. A value of 0 disables automatic rotation for the key. """ + warnings.warn("""Use auto_rotate_period instead""", DeprecationWarning) + pulumi.log.warn("""auto_rotate_interval is deprecated: Use auto_rotate_period instead""") + return pulumi.get(self, "auto_rotate_interval") @property diff --git a/sdk/python/setup.py b/sdk/python/setup.py index e41b48d6f..2c9501210 100644 --- a/sdk/python/setup.py +++ b/sdk/python/setup.py @@ -9,26 +9,6 @@ VERSION = "0.0.0" -PLUGIN_VERSION = "0.0.0" - -class InstallPluginCommand(install): - def run(self): - install.run(self) - try: - check_call(['pulumi', 'plugin', 'install', 'resource', 'vault', PLUGIN_VERSION]) - except OSError as error: - if error.errno == errno.ENOENT: - print(f""" - There was an error installing the vault resource provider plugin. - It looks like `pulumi` is not installed on your system. - Please visit https://pulumi.com/ to install the Pulumi CLI. - You may try manually installing the plugin by running - `pulumi plugin install resource vault {PLUGIN_VERSION}` - """) - else: - raise - - def readme(): try: with open('README.md', encoding='utf-8') as f: @@ -38,13 +18,11 @@ def readme(): setup(name='pulumi_vault', + python_requires='>=3.7', version=VERSION, description="A Pulumi package for creating and managing HashiCorp Vault cloud resources.", long_description=readme(), long_description_content_type='text/markdown', - cmdclass={ - 'install': InstallPluginCommand, - }, keywords='pulumi vault', url='https://pulumi.io', project_urls={