diff --git a/examples/go.mod b/examples/go.mod index 5b0dcc3ad..36d117a3b 100644 --- a/examples/go.mod +++ b/examples/go.mod @@ -2,7 +2,7 @@ module github.com/pulumi/pulumi-vault/examples/v5 go 1.21 -require github.com/pulumi/pulumi/pkg/v3 v3.105.0 +require github.com/pulumi/pulumi/pkg/v3 v3.107.0 require ( cloud.google.com/go v0.110.10 // indirect @@ -135,7 +135,7 @@ require ( github.com/pmezard/go-difflib v1.0.0 // indirect github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231 // indirect github.com/pulumi/esc v0.6.2 // indirect - github.com/pulumi/pulumi/sdk/v3 v3.105.0 // indirect + github.com/pulumi/pulumi/sdk/v3 v3.107.0 // indirect github.com/rivo/uniseg v0.4.4 // indirect github.com/rogpeppe/go-internal v1.11.0 // indirect github.com/ryanuber/go-glob v1.0.0 // indirect diff --git a/examples/go.sum b/examples/go.sum index c752447cc..bf363e563 100644 --- a/examples/go.sum +++ b/examples/go.sum @@ -1467,10 +1467,10 @@ github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231 h1:vkHw5I/plNdTr435 github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231/go.mod h1:murToZ2N9hNJzewjHBgfFdXhZKjY3z5cYC1VXk+lbFE= github.com/pulumi/esc v0.6.2 h1:+z+l8cuwIauLSwXQS0uoI3rqB+YG4SzsZYtHfNoXBvw= github.com/pulumi/esc v0.6.2/go.mod h1:jNnYNjzsOgVTjCp0LL24NsCk8ZJxq4IoLQdCT0X7l8k= -github.com/pulumi/pulumi/pkg/v3 v3.105.0 h1:bJG1vUiYH2gDF1pfBKlIABDNoJD2LvU1LmjjL+EbvuM= -github.com/pulumi/pulumi/pkg/v3 v3.105.0/go.mod h1:eZAFEFOwE/skElTfwetfyTxPebmWr5vOS5NSU9XwlVw= -github.com/pulumi/pulumi/sdk/v3 v3.105.0 h1:OKEeubZigWyQVnZS6udnFnZHZ/8OWXuUYv9ir3OY+vs= -github.com/pulumi/pulumi/sdk/v3 v3.105.0/go.mod h1:Ml3rpGfyZlI4zQCG7LN2XDSmH4XUNYdyBwJ3yEr/OpI= +github.com/pulumi/pulumi/pkg/v3 v3.107.0 h1:HRyIl1c9ur0PVQW+GuFL1APBEuGa/fQQMp3F+WluxW8= +github.com/pulumi/pulumi/pkg/v3 v3.107.0/go.mod h1:7edfZu4FlrXdIn4339tJ+SQX5VKGqbFntmpc8cai0Zg= +github.com/pulumi/pulumi/sdk/v3 v3.107.0 h1:bef+ayh9+4KkAqXih4EjlHfQXRY24NWPwWBIQhBxTjg= +github.com/pulumi/pulumi/sdk/v3 v3.107.0/go.mod h1:Ml3rpGfyZlI4zQCG7LN2XDSmH4XUNYdyBwJ3yEr/OpI= github.com/rakyll/embedmd v0.0.0-20171029212350-c8060a0752a2/go.mod h1:7jOTMgqac46PZcF54q6l2hkLEG8op93fZu61KmxWDV4= github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4= github.com/rivo/uniseg v0.1.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= diff --git a/provider/cmd/pulumi-resource-vault/schema.json b/provider/cmd/pulumi-resource-vault/schema.json index d2c8a784e..b30651661 100644 --- a/provider/cmd/pulumi-resource-vault/schema.json +++ b/provider/cmd/pulumi-resource-vault/schema.json @@ -10144,7 +10144,7 @@ } }, "vault:database/secretBackendStaticRole:SecretBackendStaticRole": { - "description": "Creates a Database Secret Backend static role in Vault. Database secret backend\nstatic roles can be used to manage 1-to-1 mapping of a Vault Role to a user in a\ndatabase for the database.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst db = new vault.Mount(\"db\", {\n path: \"postgres\",\n type: \"database\",\n});\nconst postgres = new vault.database.SecretBackendConnection(\"postgres\", {\n backend: db.path,\n allowedRoles: [\"*\"],\n postgresql: {\n connectionUrl: \"postgres://username:password@host:port/database\",\n },\n});\n// configure a static role with period-based rotations\nconst periodRole = new vault.database.SecretBackendStaticRole(\"periodRole\", {\n backend: db.path,\n dbName: postgres.name,\n username: \"example\",\n rotationPeriod: 3600,\n rotationStatements: [\"ALTER USER \\\"{{name}}\\\" WITH PASSWORD '{{password}}';\"],\n});\n// configure a static role with schedule-based rotations\nconst scheduleRole = new vault.database.SecretBackendStaticRole(\"scheduleRole\", {\n backend: db.path,\n dbName: postgres.name,\n username: \"example\",\n rotationSchedule: \"0 0 * * SAT\",\n rotationWindow: 172800,\n rotationStatements: [\"ALTER USER \\\"{{name}}\\\" WITH PASSWORD '{{password}}';\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ndb = vault.Mount(\"db\",\n path=\"postgres\",\n type=\"database\")\npostgres = vault.database.SecretBackendConnection(\"postgres\",\n backend=db.path,\n allowed_roles=[\"*\"],\n postgresql=vault.database.SecretBackendConnectionPostgresqlArgs(\n connection_url=\"postgres://username:password@host:port/database\",\n ))\n# configure a static role with period-based rotations\nperiod_role = vault.database.SecretBackendStaticRole(\"periodRole\",\n backend=db.path,\n db_name=postgres.name,\n username=\"example\",\n rotation_period=3600,\n rotation_statements=[\"ALTER USER \\\"{{name}}\\\" WITH PASSWORD '{{password}}';\"])\n# configure a static role with schedule-based rotations\nschedule_role = vault.database.SecretBackendStaticRole(\"scheduleRole\",\n backend=db.path,\n db_name=postgres.name,\n username=\"example\",\n rotation_schedule=\"0 0 * * SAT\",\n rotation_window=172800,\n rotation_statements=[\"ALTER USER \\\"{{name}}\\\" WITH PASSWORD '{{password}}';\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var db = new Vault.Mount(\"db\", new()\n {\n Path = \"postgres\",\n Type = \"database\",\n });\n\n var postgres = new Vault.Database.SecretBackendConnection(\"postgres\", new()\n {\n Backend = db.Path,\n AllowedRoles = new[]\n {\n \"*\",\n },\n Postgresql = new Vault.Database.Inputs.SecretBackendConnectionPostgresqlArgs\n {\n ConnectionUrl = \"postgres://username:password@host:port/database\",\n },\n });\n\n // configure a static role with period-based rotations\n var periodRole = new Vault.Database.SecretBackendStaticRole(\"periodRole\", new()\n {\n Backend = db.Path,\n DbName = postgres.Name,\n Username = \"example\",\n RotationPeriod = 3600,\n RotationStatements = new[]\n {\n \"ALTER USER \\\"{{name}}\\\" WITH PASSWORD '{{password}}';\",\n },\n });\n\n // configure a static role with schedule-based rotations\n var scheduleRole = new Vault.Database.SecretBackendStaticRole(\"scheduleRole\", new()\n {\n Backend = db.Path,\n DbName = postgres.Name,\n Username = \"example\",\n RotationSchedule = \"0 0 * * SAT\",\n RotationWindow = 172800,\n RotationStatements = new[]\n {\n \"ALTER USER \\\"{{name}}\\\" WITH PASSWORD '{{password}}';\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/database\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdb, err := vault.NewMount(ctx, \"db\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"postgres\"),\n\t\t\tType: pulumi.String(\"database\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tpostgres, err := database.NewSecretBackendConnection(ctx, \"postgres\", \u0026database.SecretBackendConnectionArgs{\n\t\t\tBackend: db.Path,\n\t\t\tAllowedRoles: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"*\"),\n\t\t\t},\n\t\t\tPostgresql: \u0026database.SecretBackendConnectionPostgresqlArgs{\n\t\t\t\tConnectionUrl: pulumi.String(\"postgres://username:password@host:port/database\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = database.NewSecretBackendStaticRole(ctx, \"periodRole\", \u0026database.SecretBackendStaticRoleArgs{\n\t\t\tBackend: db.Path,\n\t\t\tDbName: postgres.Name,\n\t\t\tUsername: pulumi.String(\"example\"),\n\t\t\tRotationPeriod: pulumi.Int(3600),\n\t\t\tRotationStatements: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"ALTER USER \\\"{{name}}\\\" WITH PASSWORD '{{password}}';\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = database.NewSecretBackendStaticRole(ctx, \"scheduleRole\", \u0026database.SecretBackendStaticRoleArgs{\n\t\t\tBackend: db.Path,\n\t\t\tDbName: postgres.Name,\n\t\t\tUsername: pulumi.String(\"example\"),\n\t\t\tRotationSchedule: pulumi.String(\"0 0 * * SAT\"),\n\t\t\tRotationWindow: pulumi.Int(172800),\n\t\t\tRotationStatements: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"ALTER USER \\\"{{name}}\\\" WITH PASSWORD '{{password}}';\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.database.SecretBackendConnection;\nimport com.pulumi.vault.database.SecretBackendConnectionArgs;\nimport com.pulumi.vault.database.inputs.SecretBackendConnectionPostgresqlArgs;\nimport com.pulumi.vault.database.SecretBackendStaticRole;\nimport com.pulumi.vault.database.SecretBackendStaticRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var db = new Mount(\"db\", MountArgs.builder() \n .path(\"postgres\")\n .type(\"database\")\n .build());\n\n var postgres = new SecretBackendConnection(\"postgres\", SecretBackendConnectionArgs.builder() \n .backend(db.path())\n .allowedRoles(\"*\")\n .postgresql(SecretBackendConnectionPostgresqlArgs.builder()\n .connectionUrl(\"postgres://username:password@host:port/database\")\n .build())\n .build());\n\n var periodRole = new SecretBackendStaticRole(\"periodRole\", SecretBackendStaticRoleArgs.builder() \n .backend(db.path())\n .dbName(postgres.name())\n .username(\"example\")\n .rotationPeriod(\"3600\")\n .rotationStatements(\"ALTER USER \\\"{{name}}\\\" WITH PASSWORD '{{password}}';\")\n .build());\n\n var scheduleRole = new SecretBackendStaticRole(\"scheduleRole\", SecretBackendStaticRoleArgs.builder() \n .backend(db.path())\n .dbName(postgres.name())\n .username(\"example\")\n .rotationSchedule(\"0 0 * * SAT\")\n .rotationWindow(\"172800\")\n .rotationStatements(\"ALTER USER \\\"{{name}}\\\" WITH PASSWORD '{{password}}';\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n db:\n type: vault:Mount\n properties:\n path: postgres\n type: database\n postgres:\n type: vault:database:SecretBackendConnection\n properties:\n backend: ${db.path}\n allowedRoles:\n - '*'\n postgresql:\n connectionUrl: postgres://username:password@host:port/database\n # configure a static role with period-based rotations\n periodRole:\n type: vault:database:SecretBackendStaticRole\n properties:\n backend: ${db.path}\n dbName: ${postgres.name}\n username: example\n rotationPeriod: '3600'\n rotationStatements:\n - ALTER USER \"{{name}}\" WITH PASSWORD '{{password}}';\n # configure a static role with schedule-based rotations\n scheduleRole:\n type: vault:database:SecretBackendStaticRole\n properties:\n backend: ${db.path}\n dbName: ${postgres.name}\n username: example\n rotationSchedule: 0 0 * * SAT\n rotationWindow: '172800'\n rotationStatements:\n - ALTER USER \"{{name}}\" WITH PASSWORD '{{password}}';\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nDatabase secret backend static roles can be imported using the `backend`, `/static-roles/`, and the `name` e.g.\n\n```sh\n $ pulumi import vault:database/secretBackendStaticRole:SecretBackendStaticRole example postgres/static-roles/my-role\n```\n ", + "description": "Creates a Database Secret Backend static role in Vault. Database secret backend\nstatic roles can be used to manage 1-to-1 mapping of a Vault Role to a user in a\ndatabase for the database.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as vault from \"@pulumi/vault\";\n\nconst db = new vault.Mount(\"db\", {\n path: \"postgres\",\n type: \"database\",\n});\nconst postgres = new vault.database.SecretBackendConnection(\"postgres\", {\n backend: db.path,\n allowedRoles: [\"*\"],\n postgresql: {\n connectionUrl: \"postgres://username:password@host:port/database\",\n },\n});\n// configure a static role with period-based rotations\nconst periodRole = new vault.database.SecretBackendStaticRole(\"periodRole\", {\n backend: db.path,\n dbName: postgres.name,\n username: \"example\",\n rotationPeriod: 3600,\n rotationStatements: [\"ALTER USER \\\"{{name}}\\\" WITH PASSWORD '{{password}}';\"],\n});\n// configure a static role with schedule-based rotations\nconst scheduleRole = new vault.database.SecretBackendStaticRole(\"scheduleRole\", {\n backend: db.path,\n dbName: postgres.name,\n username: \"example\",\n rotationSchedule: \"0 0 * * SAT\",\n rotationWindow: 172800,\n rotationStatements: [\"ALTER USER \\\"{{name}}\\\" WITH PASSWORD '{{password}}';\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_vault as vault\n\ndb = vault.Mount(\"db\",\n path=\"postgres\",\n type=\"database\")\npostgres = vault.database.SecretBackendConnection(\"postgres\",\n backend=db.path,\n allowed_roles=[\"*\"],\n postgresql=vault.database.SecretBackendConnectionPostgresqlArgs(\n connection_url=\"postgres://username:password@host:port/database\",\n ))\n# configure a static role with period-based rotations\nperiod_role = vault.database.SecretBackendStaticRole(\"periodRole\",\n backend=db.path,\n db_name=postgres.name,\n username=\"example\",\n rotation_period=3600,\n rotation_statements=[\"ALTER USER \\\"{{name}}\\\" WITH PASSWORD '{{password}}';\"])\n# configure a static role with schedule-based rotations\nschedule_role = vault.database.SecretBackendStaticRole(\"scheduleRole\",\n backend=db.path,\n db_name=postgres.name,\n username=\"example\",\n rotation_schedule=\"0 0 * * SAT\",\n rotation_window=172800,\n rotation_statements=[\"ALTER USER \\\"{{name}}\\\" WITH PASSWORD '{{password}}';\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Vault = Pulumi.Vault;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var db = new Vault.Mount(\"db\", new()\n {\n Path = \"postgres\",\n Type = \"database\",\n });\n\n var postgres = new Vault.Database.SecretBackendConnection(\"postgres\", new()\n {\n Backend = db.Path,\n AllowedRoles = new[]\n {\n \"*\",\n },\n Postgresql = new Vault.Database.Inputs.SecretBackendConnectionPostgresqlArgs\n {\n ConnectionUrl = \"postgres://username:password@host:port/database\",\n },\n });\n\n // configure a static role with period-based rotations\n var periodRole = new Vault.Database.SecretBackendStaticRole(\"periodRole\", new()\n {\n Backend = db.Path,\n DbName = postgres.Name,\n Username = \"example\",\n RotationPeriod = 3600,\n RotationStatements = new[]\n {\n \"ALTER USER \\\"{{name}}\\\" WITH PASSWORD '{{password}}';\",\n },\n });\n\n // configure a static role with schedule-based rotations\n var scheduleRole = new Vault.Database.SecretBackendStaticRole(\"scheduleRole\", new()\n {\n Backend = db.Path,\n DbName = postgres.Name,\n Username = \"example\",\n RotationSchedule = \"0 0 * * SAT\",\n RotationWindow = 172800,\n RotationStatements = new[]\n {\n \"ALTER USER \\\"{{name}}\\\" WITH PASSWORD '{{password}}';\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault\"\n\t\"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/database\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdb, err := vault.NewMount(ctx, \"db\", \u0026vault.MountArgs{\n\t\t\tPath: pulumi.String(\"postgres\"),\n\t\t\tType: pulumi.String(\"database\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tpostgres, err := database.NewSecretBackendConnection(ctx, \"postgres\", \u0026database.SecretBackendConnectionArgs{\n\t\t\tBackend: db.Path,\n\t\t\tAllowedRoles: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"*\"),\n\t\t\t},\n\t\t\tPostgresql: \u0026database.SecretBackendConnectionPostgresqlArgs{\n\t\t\t\tConnectionUrl: pulumi.String(\"postgres://username:password@host:port/database\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// configure a static role with period-based rotations\n\t\t_, err = database.NewSecretBackendStaticRole(ctx, \"periodRole\", \u0026database.SecretBackendStaticRoleArgs{\n\t\t\tBackend: db.Path,\n\t\t\tDbName: postgres.Name,\n\t\t\tUsername: pulumi.String(\"example\"),\n\t\t\tRotationPeriod: pulumi.Int(3600),\n\t\t\tRotationStatements: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"ALTER USER \\\"{{name}}\\\" WITH PASSWORD '{{password}}';\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// configure a static role with schedule-based rotations\n\t\t_, err = database.NewSecretBackendStaticRole(ctx, \"scheduleRole\", \u0026database.SecretBackendStaticRoleArgs{\n\t\t\tBackend: db.Path,\n\t\t\tDbName: postgres.Name,\n\t\t\tUsername: pulumi.String(\"example\"),\n\t\t\tRotationSchedule: pulumi.String(\"0 0 * * SAT\"),\n\t\t\tRotationWindow: pulumi.Int(172800),\n\t\t\tRotationStatements: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"ALTER USER \\\"{{name}}\\\" WITH PASSWORD '{{password}}';\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.vault.Mount;\nimport com.pulumi.vault.MountArgs;\nimport com.pulumi.vault.database.SecretBackendConnection;\nimport com.pulumi.vault.database.SecretBackendConnectionArgs;\nimport com.pulumi.vault.database.inputs.SecretBackendConnectionPostgresqlArgs;\nimport com.pulumi.vault.database.SecretBackendStaticRole;\nimport com.pulumi.vault.database.SecretBackendStaticRoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var db = new Mount(\"db\", MountArgs.builder() \n .path(\"postgres\")\n .type(\"database\")\n .build());\n\n var postgres = new SecretBackendConnection(\"postgres\", SecretBackendConnectionArgs.builder() \n .backend(db.path())\n .allowedRoles(\"*\")\n .postgresql(SecretBackendConnectionPostgresqlArgs.builder()\n .connectionUrl(\"postgres://username:password@host:port/database\")\n .build())\n .build());\n\n var periodRole = new SecretBackendStaticRole(\"periodRole\", SecretBackendStaticRoleArgs.builder() \n .backend(db.path())\n .dbName(postgres.name())\n .username(\"example\")\n .rotationPeriod(\"3600\")\n .rotationStatements(\"ALTER USER \\\"{{name}}\\\" WITH PASSWORD '{{password}}';\")\n .build());\n\n var scheduleRole = new SecretBackendStaticRole(\"scheduleRole\", SecretBackendStaticRoleArgs.builder() \n .backend(db.path())\n .dbName(postgres.name())\n .username(\"example\")\n .rotationSchedule(\"0 0 * * SAT\")\n .rotationWindow(\"172800\")\n .rotationStatements(\"ALTER USER \\\"{{name}}\\\" WITH PASSWORD '{{password}}';\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n db:\n type: vault:Mount\n properties:\n path: postgres\n type: database\n postgres:\n type: vault:database:SecretBackendConnection\n properties:\n backend: ${db.path}\n allowedRoles:\n - '*'\n postgresql:\n connectionUrl: postgres://username:password@host:port/database\n # configure a static role with period-based rotations\n periodRole:\n type: vault:database:SecretBackendStaticRole\n properties:\n backend: ${db.path}\n dbName: ${postgres.name}\n username: example\n rotationPeriod: '3600'\n rotationStatements:\n - ALTER USER \"{{name}}\" WITH PASSWORD '{{password}}';\n # configure a static role with schedule-based rotations\n scheduleRole:\n type: vault:database:SecretBackendStaticRole\n properties:\n backend: ${db.path}\n dbName: ${postgres.name}\n username: example\n rotationSchedule: 0 0 * * SAT\n rotationWindow: '172800'\n rotationStatements:\n - ALTER USER \"{{name}}\" WITH PASSWORD '{{password}}';\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nDatabase secret backend static roles can be imported using the `backend`, `/static-roles/`, and the `name` e.g.\n\n```sh\n $ pulumi import vault:database/secretBackendStaticRole:SecretBackendStaticRole example postgres/static-roles/my-role\n```\n ", "properties": { "backend": { "type": "string", diff --git a/provider/go.mod b/provider/go.mod index 6b7bd49bf..96a76bb05 100644 --- a/provider/go.mod +++ b/provider/go.mod @@ -4,8 +4,8 @@ go 1.21.3 require ( github.com/hashicorp/terraform-provider-vault v0.0.0 - github.com/pulumi/pulumi-terraform-bridge/v3 v3.75.0 - github.com/pulumi/pulumi/sdk/v3 v3.105.0 + github.com/pulumi/pulumi-terraform-bridge/v3 v3.76.0 + github.com/pulumi/pulumi/sdk/v3 v3.107.0 ) require ( @@ -212,7 +212,7 @@ require ( github.com/pulumi/pulumi-java/pkg v0.9.9 // indirect github.com/pulumi/pulumi-terraform-bridge/x/muxer v0.0.8 // indirect github.com/pulumi/pulumi-yaml v1.5.0 // indirect - github.com/pulumi/pulumi/pkg/v3 v3.105.0 // indirect + github.com/pulumi/pulumi/pkg/v3 v3.107.0 // indirect github.com/pulumi/schema-tools v0.1.2 // indirect github.com/pulumi/terraform-diff-reader v0.0.2 // indirect github.com/rivo/uniseg v0.4.4 // indirect diff --git a/provider/go.sum b/provider/go.sum index cdbabef99..465e538db 100644 --- a/provider/go.sum +++ b/provider/go.sum @@ -2517,16 +2517,16 @@ github.com/pulumi/providertest v0.0.10 h1:bx77G0JYPO2Alf/SHRP05XpAYMrboKJkMIVkbF github.com/pulumi/providertest v0.0.10/go.mod h1:HsxjVsytcMIuNj19w1lT2W0QXY0oReXl1+h6eD2JXP8= github.com/pulumi/pulumi-java/pkg v0.9.9 h1:F3xJUtMFDVrTGCxb7Rh2Q8s6tj7gMfM5pcoUthz7vFY= github.com/pulumi/pulumi-java/pkg v0.9.9/go.mod h1:LVF1zeg3UkToHWxb67V+zEIxQc3EdMnlot5NWSt+FpA= -github.com/pulumi/pulumi-terraform-bridge/v3 v3.75.0 h1:U4ela95zt8F1cPKfb7WZmlnp+ZqigaV/H5WZQdE5YkQ= -github.com/pulumi/pulumi-terraform-bridge/v3 v3.75.0/go.mod h1:Qww43/Vier5FvEYsOF7JcxECa6irjPqO047KKXfJVzk= +github.com/pulumi/pulumi-terraform-bridge/v3 v3.76.0 h1:o8XQDN0KH1LE1SNYjk512HdQujxmnOVhMp4mlqIGqVo= +github.com/pulumi/pulumi-terraform-bridge/v3 v3.76.0/go.mod h1:iSQ4IXK9AD/ne+pFcR+kqtrEuOD43/1f8jugbYWvt4c= github.com/pulumi/pulumi-terraform-bridge/x/muxer v0.0.8 h1:mav2tSitA9BPJPLLahKgepHyYsMzwaTm4cvp0dcTMYw= github.com/pulumi/pulumi-terraform-bridge/x/muxer v0.0.8/go.mod h1:qUYk2c9i/yqMGNj9/bQyXpS39BxNDSXYjVN1njnq0zY= github.com/pulumi/pulumi-yaml v1.5.0 h1:HfXu+WSFNpycref9CK935cViYJzXwSgHGWM/RepyrW0= github.com/pulumi/pulumi-yaml v1.5.0/go.mod h1:AvKSmEQv2EkPbpvAQroR1eP1LkJGC8z5NDM34rVWOtg= -github.com/pulumi/pulumi/pkg/v3 v3.105.0 h1:bJG1vUiYH2gDF1pfBKlIABDNoJD2LvU1LmjjL+EbvuM= -github.com/pulumi/pulumi/pkg/v3 v3.105.0/go.mod h1:eZAFEFOwE/skElTfwetfyTxPebmWr5vOS5NSU9XwlVw= -github.com/pulumi/pulumi/sdk/v3 v3.105.0 h1:OKEeubZigWyQVnZS6udnFnZHZ/8OWXuUYv9ir3OY+vs= -github.com/pulumi/pulumi/sdk/v3 v3.105.0/go.mod h1:Ml3rpGfyZlI4zQCG7LN2XDSmH4XUNYdyBwJ3yEr/OpI= +github.com/pulumi/pulumi/pkg/v3 v3.107.0 h1:HRyIl1c9ur0PVQW+GuFL1APBEuGa/fQQMp3F+WluxW8= +github.com/pulumi/pulumi/pkg/v3 v3.107.0/go.mod h1:7edfZu4FlrXdIn4339tJ+SQX5VKGqbFntmpc8cai0Zg= +github.com/pulumi/pulumi/sdk/v3 v3.107.0 h1:bef+ayh9+4KkAqXih4EjlHfQXRY24NWPwWBIQhBxTjg= +github.com/pulumi/pulumi/sdk/v3 v3.107.0/go.mod h1:Ml3rpGfyZlI4zQCG7LN2XDSmH4XUNYdyBwJ3yEr/OpI= github.com/pulumi/schema-tools v0.1.2 h1:Fd9xvUjgck4NA+7/jSk7InqCUT4Kj940+EcnbQKpfZo= github.com/pulumi/schema-tools v0.1.2/go.mod h1:62lgj52Tzq11eqWTIaKd+EVyYAu5dEcDJxMhTjvMO/k= github.com/pulumi/terraform-diff-reader v0.0.2 h1:kTE4nEXU3/SYXESvAIem+wyHMI3abqkI3OhJ0G04LLI= diff --git a/sdk/go.mod b/sdk/go.mod index e5b02942b..888a5bd6c 100644 --- a/sdk/go.mod +++ b/sdk/go.mod @@ -4,7 +4,7 @@ go 1.21 require ( github.com/blang/semver v3.5.1+incompatible - github.com/pulumi/pulumi/sdk/v3 v3.105.0 + github.com/pulumi/pulumi/sdk/v3 v3.107.0 ) require ( diff --git a/sdk/go.sum b/sdk/go.sum index 6b1732e49..e0318b579 100644 --- a/sdk/go.sum +++ b/sdk/go.sum @@ -148,8 +148,8 @@ github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231 h1:vkHw5I/plNdTr435 github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231/go.mod h1:murToZ2N9hNJzewjHBgfFdXhZKjY3z5cYC1VXk+lbFE= github.com/pulumi/esc v0.6.2 h1:+z+l8cuwIauLSwXQS0uoI3rqB+YG4SzsZYtHfNoXBvw= github.com/pulumi/esc v0.6.2/go.mod h1:jNnYNjzsOgVTjCp0LL24NsCk8ZJxq4IoLQdCT0X7l8k= -github.com/pulumi/pulumi/sdk/v3 v3.105.0 h1:OKEeubZigWyQVnZS6udnFnZHZ/8OWXuUYv9ir3OY+vs= -github.com/pulumi/pulumi/sdk/v3 v3.105.0/go.mod h1:Ml3rpGfyZlI4zQCG7LN2XDSmH4XUNYdyBwJ3yEr/OpI= +github.com/pulumi/pulumi/sdk/v3 v3.107.0 h1:bef+ayh9+4KkAqXih4EjlHfQXRY24NWPwWBIQhBxTjg= +github.com/pulumi/pulumi/sdk/v3 v3.107.0/go.mod h1:Ml3rpGfyZlI4zQCG7LN2XDSmH4XUNYdyBwJ3yEr/OpI= github.com/rivo/uniseg v0.1.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.4.4 h1:8TfxU8dW6PdqD27gjM8MVNuicgxIjxpm4K7x4jp8sis= diff --git a/sdk/go/vault/database/secretBackendStaticRole.go b/sdk/go/vault/database/secretBackendStaticRole.go index fb0404183..069b6ef6c 100644 --- a/sdk/go/vault/database/secretBackendStaticRole.go +++ b/sdk/go/vault/database/secretBackendStaticRole.go @@ -50,6 +50,7 @@ import ( // if err != nil { // return err // } +// // configure a static role with period-based rotations // _, err = database.NewSecretBackendStaticRole(ctx, "periodRole", &database.SecretBackendStaticRoleArgs{ // Backend: db.Path, // DbName: postgres.Name, @@ -62,6 +63,7 @@ import ( // if err != nil { // return err // } +// // configure a static role with schedule-based rotations // _, err = database.NewSecretBackendStaticRole(ctx, "scheduleRole", &database.SecretBackendStaticRoleArgs{ // Backend: db.Path, // DbName: postgres.Name,