VaultConfig
class flow_api.vault_config.VaultConfig
(select=None, cls=None, init=None, by='name', allow_normal=True, allow_deleted=False, bundle_id=[class 'flow_api.system.NotSet'], bundle_name=[class 'flow_api.system.NotSet'], check_hostname=[class 'flow_api.system.NotSet'], client_cert=[class 'flow_api.system.NotSet'], client_key=[class 'flow_api.system.NotSet'], commit_message=[class 'flow_api.system.NotSet'], description=[class 'flow_api.system.NotSet'], engine_path=[class 'flow_api.system.NotSet'], is_auto_renew_enabled=[class 'flow_api.system.NotSet'], is_enabled=[class 'flow_api.system.NotSet'], is_readonly=[class 'flow_api.system.NotSet'], name=[class 'flow_api.system.NotSet'], password=[class 'flow_api.system.NotSet'], project_id=[class 'flow_api.system.NotSet'], project_name=[class 'flow_api.system.NotSet'], server_ca=[class 'flow_api.system.NotSet'], token=[class 'flow_api.system.NotSet'], username=[class 'flow_api.system.NotSet'], vault_url=[class 'flow_api.system.NotSet'], verify_ssl=[class 'flow_api.system.NotSet'], debug=False
)
Base class: Resource
A configuration about a HashiCorp Vault which Cloudomation can access to fetch secrets.
Either a vault token or userpass authentication method can be used.
See the corresponding Resources class at VaultConfig
Parameters
Name | Type | Description |
---|---|---|
allow_deleted | bool | |
allow_normal | bool | |
bundle_id | typing.Union[ flow_api.system.NotSet, str, NoneType ] | Reference to the bundle this record is associated with. Allowed for BUNDLE_REPOSITORY, CONNECTOR, CUSTOM_OBJECT, FILE, FLOW, LDAP_CONFIG, OAUTH, OBJECT_TEMPLATE, PLUGIN, ROLE, SCHEDULE, SCHEDULER, SCHEMA, SETTING, SYNC_CONFIG, TAG, VAULT_CONFIG, WEBHOOK, WRAPPER. Not allowed for BUNDLE, EXECUTION, MESSAGE, ORGANIZATION, PROCESS, PROJECT, USER, WORKSPACE. Mutually exclusive with project_id |
bundle_name | typing.Union[ flow_api.system.NotSet, str, NoneType ] | The name of the bundle. Will look up the bundle and set bundle_id. |
by | str | |
check_hostname | typing.Union[ flow_api.system.NotSet, bool ] | If set, the hostname of the server is checked against the CA certificate. |
client_cert | typing.Union[ flow_api.system.NotSet, str, NoneType ] | A client certificate used to authenticate the SSL transport. |
client_key | typing.Union[ flow_api.system.NotSet, str, NoneType ] | The key of the client certificate used to authenticate the SSL transport. |
cls | typing.Union[ type, NoneType ] | |
commit_message | typing.Union[ flow_api.system.NotSet, str, NoneType ] | The commit message for this change. |
debug | bool | if set, the content of the data being written will be logged. |
description | typing.Union[ flow_api.system.NotSet, str, NoneType ] | A multiline description of what this record is and does. |
engine_path | typing.Union[ flow_api.system.NotSet, str ] | The Vault engine to use, often secret or kv . |
init | typing.Union[ dict, NoneType ] | |
is_auto_renew_enabled | typing.Union[ flow_api.system.NotSet, bool ] | If set, Engine will try to renew the token before it expires. Renewal will only succeed if the MAX_TTL of the token is not reached. Please refer to token renew for details. |
is_enabled | typing.Union[ flow_api.system.NotSet, bool ] | A flag to control of the vault config is enabled. |
is_readonly | typing.Union[ flow_api.system.NotSet, bool ] | A flag to control if the record can be modified. Allowed for BUNDLE, BUNDLE_REPOSITORY, CONNECTOR, CUSTOM_OBJECT, FILE, FLOW, OAUTH, OBJECT_TEMPLATE, PLUGIN, PROJECT, ROLE, SCHEDULE, SCHEDULER, SCHEMA, SETTING, SYNC_CONFIG, TAG, VAULT_CONFIG, WEBHOOK, WRAPPER. Not allowed for EXECUTION, LDAP_CONFIG, MESSAGE, ORGANIZATION, PROCESS, USER, WORKSPACE |
name | typing.Union[ flow_api.system.NotSet, str ] | The name of this record. Must be unique across a workspace. |
password | typing.Union[ flow_api.system.NotSet, str, NoneType ] | A password to authenticate. Either token , username and password , or client_cert and client_key must be set. |
project_id | typing.Union[ flow_api.system.NotSet, str, NoneType ] | Reference to the project this record is associated with. Allowed for CONNECTOR, CUSTOM_OBJECT, EXECUTION, FILE, FLOW, MESSAGE, OAUTH, OBJECT_TEMPLATE, PLUGIN, SCHEDULE, SCHEDULER, SCHEMA, SETTING, SYNC_CONFIG, TAG, VAULT_CONFIG, WEBHOOK, WRAPPER. Not allowed for BUNDLE, BUNDLE_REPOSITORY, LDAP_CONFIG, ORGANIZATION, PROCESS, PROJECT, ROLE, USER, WORKSPACE. Mutually exclusive with bundle_id. |
project_name | typing.Union[ flow_api.system.NotSet, str, NoneType ] | The name of the project. Will look up the project and set project_id. |
select | typing.Union[ str, NoneType ] | |
server_ca | typing.Union[ flow_api.system.NotSet, str, NoneType ] | The content of the server's CA certificates in PEM format. To be used for self-signed certificates. |
token | typing.Union[ flow_api.system.NotSet, str, NoneType ] | A Vault access token to authenticate. Either token , username and password , or client_cert and client_key must be set. |
username | typing.Union[ flow_api.system.NotSet, str, NoneType ] | A Username to authenticate. Either token , username and password , or client_cert and client_key must be set. |
vault_url | typing.Union[ flow_api.system.NotSet, str, NoneType ] | The URL to your vault installation |
verify_ssl | typing.Union[ flow_api.system.NotSet, bool ] | Verify the server's SSL certificate. Strongly recommended. Can be disabled if using a self-signed certificate. |