VaultConfig
class resources.vault_config.VaultConfig
Base class: Resource
A configuration about a HashiCorp Vault which Cloudomation can access to fetch secrets.
Either a vault token or userpass authentication method can be used.
See the corresponding Flow Api class at VaultConfig
Property | Description | Type | Import/Export | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
bundle_id | Reference to the bundle this record is associated with. Allowed for BUNDLE_REPOSITORY, CONNECTOR, CUSTOM_OBJECT, DEVOLUTIONS_CONFIG, EXECUTION, FILE, FLOW, LDAP_CONFIG, MESSAGE, OAUTH, OBJECT_TEMPLATE, PLUGIN, ROLE, SCHEDULE, SCHEDULER, SCHEMA, SETTING, SYNC_CONFIG, TAG, VAULT_CONFIG, WEBHOOK, WRAPPER. Not allowed for BUNDLE, ORGANIZATION, PROCESS, PROJECT, USER, WORKSPACE. Mutually exclusive with project_id | UUID(as_uuid=False) | both | |||||||||||||||
bundle_name | The name of the bundle. Will look up the bundle and set bundle_id. | String(length=128) | neither | |||||||||||||||
check_hostname | If set, the hostname of the server is checked against the CA certificate. | Boolean() | both | |||||||||||||||
client_cert | A client certificate used to authenticate the SSL transport. | String(length=40960) | both | |||||||||||||||
client_key | The key of the client certificate used to authenticate the SSL transport. | String(length=40960) | import only | |||||||||||||||
commit_message | The commit message for this change. | Text() | import only | |||||||||||||||
created_at | DateTime(timezone=True) | export only | ||||||||||||||||
created_by | UUID(as_uuid=False) | export only | ||||||||||||||||
deleted_at | DateTime(timezone=True) | export only | ||||||||||||||||
deleted_by | UUID(as_uuid=False) | export only | ||||||||||||||||
description | A multiline description of what this record is and does. | Text() | both | |||||||||||||||
engine_path | The Vault engine to use, often secret or kv . | String(length=1024) | both | |||||||||||||||
has_client_key | Boolean() | neither | ||||||||||||||||
has_deprecation | Boolean() | export only | ||||||||||||||||
has_password | Boolean() | neither | ||||||||||||||||
has_syntax_error | Boolean() | export only | ||||||||||||||||
has_token | Boolean() | neither | ||||||||||||||||
id | UUID(as_uuid=False) | neither | ||||||||||||||||
is_auto_renew_enabled | If set, Engine will try to renew the token before it expires. Renewal will only succeed if the MAX_TTL of the token is not reached. Please refer to token renew for details. | Boolean() | both | |||||||||||||||
is_bundle_content | A flag to control if the resource is considered bundle content. Changes in bundle content mark the bundle as modified. Updating the bundle will modify the bundle content. | Boolean() | both | |||||||||||||||
is_bundle_readonly | Boolean() | neither | ||||||||||||||||
is_deleted | Boolean() | export only | ||||||||||||||||
is_enabled | A flag to control of the vault config is enabled. | Boolean() | both | |||||||||||||||
is_project_readonly | Boolean() | neither | ||||||||||||||||
is_readonly | A flag to control if the record can be modified. Allowed for BUNDLE, BUNDLE_REPOSITORY, CONNECTOR, CUSTOM_OBJECT, DEVOLUTIONS_CONFIG, FILE, FLOW, OAUTH, OBJECT_TEMPLATE, PLUGIN, PROJECT, ROLE, SCHEDULE, SCHEDULER, SCHEMA, SETTING, SYNC_CONFIG, TAG, VAULT_CONFIG, WEBHOOK, WRAPPER. Not allowed for EXECUTION, LDAP_CONFIG, MESSAGE, ORGANIZATION, PROCESS, USER, WORKSPACE | Boolean() | both | |||||||||||||||
location_inheritance | Controls the project/bundle association of a newly created record when no project_id /project_name /bundle_id /bundle_name is specified in the create request. Depending on the record type different options are available:
| String(length=128) | neither | |||||||||||||||
modified_at | DateTime(timezone=True) | export only | ||||||||||||||||
modified_by | UUID(as_uuid=False) | export only | ||||||||||||||||
name | The name of this record. Must be unique across a workspace. | String(length=128) | both | |||||||||||||||
organization_id | UUID(as_uuid=False) | export only | ||||||||||||||||
password | A password to authenticate. Either token , username and password , or client_cert and client_key must be set. | String(length=1024) | import only | |||||||||||||||
project_id | Reference to the project this record is associated with. Allowed for CONNECTOR, CUSTOM_OBJECT, DEVOLUTIONS_CONFIG, EXECUTION, FILE, FLOW, MESSAGE, OAUTH, OBJECT_TEMPLATE, PLUGIN, SCHEDULE, SCHEDULER, SCHEMA, SETTING, SYNC_CONFIG, TAG, VAULT_CONFIG, WEBHOOK, WRAPPER. Not allowed for BUNDLE, BUNDLE_REPOSITORY, LDAP_CONFIG, ORGANIZATION, PROCESS, PROJECT, ROLE, USER, WORKSPACE. Mutually exclusive with bundle_id. | UUID(as_uuid=False) | both | |||||||||||||||
project_name | The name of the project. Will look up the project and set project_id. | String(length=128) | neither | |||||||||||||||
record_type | Enum('BUNDLE', 'BUNDLE_REPOSITORY', 'CONNECTOR', 'CUSTOM_OBJECT', 'DEVOLUTIONS_CONFIG', 'EXECUTION', 'FILE', 'FLOW', 'LDAP_CONFIG', 'MESSAGE', 'OAUTH', 'OBJECT_TEMPLATE', 'ORGANIZATION', 'PLUGIN', 'PROCESS', 'PROJECT', 'ROLE', 'SCHEDULE', 'SCHEDULER', 'SCHEMA', 'SETTING', 'SYNC_CONFIG', 'TAG', 'USER', 'VAULT_CONFIG', 'WEBHOOK', 'WORKSPACE', 'WRAPPER', name='recordtype') | neither | ||||||||||||||||
repository_path | The path to the storing repository, relative to GIT_REPOSITORY_SAVE_PATH | String(length=256) | neither | |||||||||||||||
resource_type | Enum('BUNDLE', 'BUNDLE_REPOSITORY', 'CONNECTOR', 'CUSTOM_OBJECT', 'DEVOLUTIONS_CONFIG', 'FILE', 'FLOW', 'LDAP_CONFIG', 'OAUTH', 'OBJECT_TEMPLATE', 'ORGANIZATION', 'PLUGIN', 'PROJECT', 'ROLE', 'SCHEDULE', 'SCHEDULER', 'SCHEMA', 'SETTING', 'SYNC_CONFIG', 'TAG', 'USER', 'VAULT_CONFIG', 'WEBHOOK', 'WORKSPACE', 'WRAPPER', name='resourcetype') | neither | ||||||||||||||||
schema_version | String(length=128) | both | ||||||||||||||||
server_ca | The content of the server's CA certificates in PEM format. To be used for self-signed certificates. | String(length=40960) | both | |||||||||||||||
token | A Vault access token to authenticate. Either token , username and password , or client_cert and client_key must be set. | String(length=1024) | import only | |||||||||||||||
username | A Username to authenticate. Either token , username and password , or client_cert and client_key must be set. | String(length=1024) | both | |||||||||||||||
vault_url | The URL to your vault installation | String(length=1024) | both | |||||||||||||||
verify_ssl | Verify the server's SSL certificate. Strongly recommended. Can be disabled if using a self-signed certificate. | Boolean() | both | |||||||||||||||
workspace_id | UUID(as_uuid=False) | export only |