pulumi-vault 5.19.0a1705474292__py3-none-any.whl → 5.20.0__py3-none-any.whl

pulumi_vault/kubernetes/auth_backend_config.py

@@ -36,7 +36,7 @@ class AuthBackendConfigArgs:
                The `namespace` is always relative to the provider's configured namespace.
                *Available only for Vault Enterprise*.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] pem_keys: List of PEM-formatted public keys or certificates used to verify the signatures of Kubernetes service account JWTs. If a certificate is given, its public key will be extracted. Not every installation of Kubernetes exposes these keys.
-        :param pulumi.Input[str] token_reviewer_jwt: A service account JWT used to access the TokenReview API to validate other JWTs during login. If not set the JWT used for login will be used to access the API.
+        :param pulumi.Input[str] token_reviewer_jwt: A service account JWT (or other token) used as a bearer token to access the TokenReview API to validate other JWTs during login. If not set the JWT used for login will be used to access the API.
         """
         pulumi.set(__self__, "kubernetes_host", kubernetes_host)
         if backend is not None:
@@ -159,7 +159,7 @@ class AuthBackendConfigArgs:
     @pulumi.getter(name="tokenReviewerJwt")
     def token_reviewer_jwt(self) -> Optional[pulumi.Input[str]]:
         """
-        A service account JWT used to access the TokenReview API to validate other JWTs during login. If not set the JWT used for login will be used to access the API.
+        A service account JWT (or other token) used as a bearer token to access the TokenReview API to validate other JWTs during login. If not set the JWT used for login will be used to access the API.
         """
         return pulumi.get(self, "token_reviewer_jwt")
 
@@ -193,7 +193,7 @@ class _AuthBackendConfigState:
                The `namespace` is always relative to the provider's configured namespace.
                *Available only for Vault Enterprise*.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] pem_keys: List of PEM-formatted public keys or certificates used to verify the signatures of Kubernetes service account JWTs. If a certificate is given, its public key will be extracted. Not every installation of Kubernetes exposes these keys.
-        :param pulumi.Input[str] token_reviewer_jwt: A service account JWT used to access the TokenReview API to validate other JWTs during login. If not set the JWT used for login will be used to access the API.
+        :param pulumi.Input[str] token_reviewer_jwt: A service account JWT (or other token) used as a bearer token to access the TokenReview API to validate other JWTs during login. If not set the JWT used for login will be used to access the API.
         """
         if backend is not None:
             pulumi.set(__self__, "backend", backend)
@@ -317,7 +317,7 @@ class _AuthBackendConfigState:
     @pulumi.getter(name="tokenReviewerJwt")
     def token_reviewer_jwt(self) -> Optional[pulumi.Input[str]]:
         """
-        A service account JWT used to access the TokenReview API to validate other JWTs during login. If not set the JWT used for login will be used to access the API.
+        A service account JWT (or other token) used as a bearer token to access the TokenReview API to validate other JWTs during login. If not set the JWT used for login will be used to access the API.
         """
         return pulumi.get(self, "token_reviewer_jwt")
 
@@ -385,7 +385,7 @@ class AuthBackendConfig(pulumi.CustomResource):
                The `namespace` is always relative to the provider's configured namespace.
                *Available only for Vault Enterprise*.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] pem_keys: List of PEM-formatted public keys or certificates used to verify the signatures of Kubernetes service account JWTs. If a certificate is given, its public key will be extracted. Not every installation of Kubernetes exposes these keys.
-        :param pulumi.Input[str] token_reviewer_jwt: A service account JWT used to access the TokenReview API to validate other JWTs during login. If not set the JWT used for login will be used to access the API.
+        :param pulumi.Input[str] token_reviewer_jwt: A service account JWT (or other token) used as a bearer token to access the TokenReview API to validate other JWTs during login. If not set the JWT used for login will be used to access the API.
         """
         ...
     @overload
@@ -507,7 +507,7 @@ class AuthBackendConfig(pulumi.CustomResource):
                The `namespace` is always relative to the provider's configured namespace.
                *Available only for Vault Enterprise*.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] pem_keys: List of PEM-formatted public keys or certificates used to verify the signatures of Kubernetes service account JWTs. If a certificate is given, its public key will be extracted. Not every installation of Kubernetes exposes these keys.
-        :param pulumi.Input[str] token_reviewer_jwt: A service account JWT used to access the TokenReview API to validate other JWTs during login. If not set the JWT used for login will be used to access the API.
+        :param pulumi.Input[str] token_reviewer_jwt: A service account JWT (or other token) used as a bearer token to access the TokenReview API to validate other JWTs during login. If not set the JWT used for login will be used to access the API.
         """
         opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
 
@@ -595,7 +595,7 @@ class AuthBackendConfig(pulumi.CustomResource):
     @pulumi.getter(name="tokenReviewerJwt")
     def token_reviewer_jwt(self) -> pulumi.Output[Optional[str]]:
         """
-        A service account JWT used to access the TokenReview API to validate other JWTs during login. If not set the JWT used for login will be used to access the API.
+        A service account JWT (or other token) used as a bearer token to access the TokenReview API to validate other JWTs during login. If not set the JWT used for login will be used to access the API.
         """
         return pulumi.get(self, "token_reviewer_jwt")
 

pulumi_vault/kubernetes/secret_backend_role.py

@@ -633,10 +633,12 @@ class SecretBackendRole(pulumi.CustomResource):
 
         ## Import
 
-        The Kubernetes secret backend role can be imported using the full path to the role of the form`<backend_path>/roles/<role_name>` e.g.
+        The Kubernetes secret backend role can be imported using the full path to the role
+
+         of the form: `<backend_path>/roles/<role_name>` e.g.
 
         ```sh
-         $ pulumi import vault:kubernetes/secretBackendRole:SecretBackendRole example kubernetes kubernetes/roles/example-role
+        $ pulumi import vault:kubernetes/secretBackendRole:SecretBackendRole example kubernetes kubernetes/roles/example-role
         ```
 
         :param str resource_name: The name of the resource.
@@ -777,10 +779,12 @@ class SecretBackendRole(pulumi.CustomResource):
 
         ## Import
 
-        The Kubernetes secret backend role can be imported using the full path to the role of the form`<backend_path>/roles/<role_name>` e.g.
+        The Kubernetes secret backend role can be imported using the full path to the role
+
+         of the form: `<backend_path>/roles/<role_name>` e.g.
 
         ```sh
-         $ pulumi import vault:kubernetes/secretBackendRole:SecretBackendRole example kubernetes kubernetes/roles/example-role
+        $ pulumi import vault:kubernetes/secretBackendRole:SecretBackendRole example kubernetes kubernetes/roles/example-role
         ```
 
         :param str resource_name: The name of the resource.

pulumi_vault/kv/_inputs.py

@@ -21,10 +21,13 @@ class SecretV2CustomMetadataArgs:
                  delete_version_after: Optional[pulumi.Input[int]] = None,
                  max_versions: Optional[pulumi.Input[int]] = None):
         """
+        :param pulumi.Input[bool] cas_required: If true, all keys will require the cas parameter to be set on all write requests.
         :param pulumi.Input[Mapping[str, Any]] data: A mapping whose keys are the top-level data keys returned from
                Vault and whose values are the corresponding values. This map can only
                represent string data, so any non-string values returned from Vault are
                serialized as JSON.
+        :param pulumi.Input[int] delete_version_after: If set, specifies the length of time before a version is deleted.
+        :param pulumi.Input[int] max_versions: The number of versions to keep per key.
         """
         if cas_required is not None:
             pulumi.set(__self__, "cas_required", cas_required)
@@ -38,6 +41,9 @@ class SecretV2CustomMetadataArgs:
     @property
     @pulumi.getter(name="casRequired")
     def cas_required(self) -> Optional[pulumi.Input[bool]]:
+        """
+        If true, all keys will require the cas parameter to be set on all write requests.
+        """
         return pulumi.get(self, "cas_required")
 
     @cas_required.setter
@@ -62,6 +68,9 @@ class SecretV2CustomMetadataArgs:
     @property
     @pulumi.getter(name="deleteVersionAfter")
     def delete_version_after(self) -> Optional[pulumi.Input[int]]:
+        """
+        If set, specifies the length of time before a version is deleted.
+        """
         return pulumi.get(self, "delete_version_after")
 
     @delete_version_after.setter
@@ -71,6 +80,9 @@ class SecretV2CustomMetadataArgs:
     @property
     @pulumi.getter(name="maxVersions")
     def max_versions(self) -> Optional[pulumi.Input[int]]:
+        """
+        The number of versions to keep per key.
+        """
         return pulumi.get(self, "max_versions")
 
     @max_versions.setter

pulumi_vault/kv/outputs.py

@@ -42,10 +42,13 @@ class SecretV2CustomMetadata(dict):
                  delete_version_after: Optional[int] = None,
                  max_versions: Optional[int] = None):
         """
+        :param bool cas_required: If true, all keys will require the cas parameter to be set on all write requests.
         :param Mapping[str, Any] data: A mapping whose keys are the top-level data keys returned from
                Vault and whose values are the corresponding values. This map can only
                represent string data, so any non-string values returned from Vault are
                serialized as JSON.
+        :param int delete_version_after: If set, specifies the length of time before a version is deleted.
+        :param int max_versions: The number of versions to keep per key.
         """
         if cas_required is not None:
             pulumi.set(__self__, "cas_required", cas_required)
@@ -59,6 +62,9 @@ class SecretV2CustomMetadata(dict):
     @property
     @pulumi.getter(name="casRequired")
     def cas_required(self) -> Optional[bool]:
+        """
+        If true, all keys will require the cas parameter to be set on all write requests.
+        """
         return pulumi.get(self, "cas_required")
 
     @property
@@ -75,11 +81,17 @@ class SecretV2CustomMetadata(dict):
     @property
     @pulumi.getter(name="deleteVersionAfter")
     def delete_version_after(self) -> Optional[int]:
+        """
+        If set, specifies the length of time before a version is deleted.
+        """
         return pulumi.get(self, "delete_version_after")
 
     @property
     @pulumi.getter(name="maxVersions")
     def max_versions(self) -> Optional[int]:
+        """
+        The number of versions to keep per key.
+        """
         return pulumi.get(self, "max_versions")
 
 

pulumi_vault/ldap/secret_backend_dynamic_role.py

@@ -453,7 +453,7 @@ class SecretBackendDynamicRole(pulumi.CustomResource):
 
         ## Import
 
-        LDAP secret backend dynamic role can be imported using the full path to the role of the form`<mount_path>/dynamic-role/<role_name>` e.g.
+        LDAP secret backend dynamic role can be imported using the full path to the role of the form: `<mount_path>/dynamic-role/<role_name>` e.g.
 
         ```sh
          $ pulumi import vault:ldap/secretBackendDynamicRole:SecretBackendDynamicRole role ldap/role/dynamic-role
@@ -534,7 +534,7 @@ class SecretBackendDynamicRole(pulumi.CustomResource):
 
         ## Import
 
-        LDAP secret backend dynamic role can be imported using the full path to the role of the form`<mount_path>/dynamic-role/<role_name>` e.g.
+        LDAP secret backend dynamic role can be imported using the full path to the role of the form: `<mount_path>/dynamic-role/<role_name>` e.g.
 
         ```sh
          $ pulumi import vault:ldap/secretBackendDynamicRole:SecretBackendDynamicRole role ldap/role/dynamic-role

pulumi_vault/ldap/secret_backend_static_role.py

@@ -276,7 +276,7 @@ class SecretBackendStaticRole(pulumi.CustomResource):
 
         ## Import
 
-        LDAP secret backend static role can be imported using the full path to the role of the form`<mount_path>/static-role/<role_name>` e.g.
+        LDAP secret backend static role can be imported using the full path to the role of the form: `<mount_path>/static-role/<role_name>` e.g.
 
         ```sh
          $ pulumi import vault:ldap/secretBackendStaticRole:SecretBackendStaticRole role ldap/static-role/example-role
@@ -327,7 +327,7 @@ class SecretBackendStaticRole(pulumi.CustomResource):
 
         ## Import
 
-        LDAP secret backend static role can be imported using the full path to the role of the form`<mount_path>/static-role/<role_name>` e.g.
+        LDAP secret backend static role can be imported using the full path to the role of the form: `<mount_path>/static-role/<role_name>` e.g.
 
         ```sh
          $ pulumi import vault:ldap/secretBackendStaticRole:SecretBackendStaticRole role ldap/static-role/example-role

pulumi_vault/managed/_inputs.py

@@ -53,6 +53,7 @@ class KeysAwArgs:
                is `ECDSA`. Required if `allow_generate_key` is `true`.
         :param pulumi.Input[str] endpoint: Used to specify a custom AWS endpoint.
         :param pulumi.Input[str] region: The AWS region where the keys are stored (or will be stored).
+        :param pulumi.Input[str] uuid: ID of the managed key read from Vault
         """
         pulumi.set(__self__, "access_key", access_key)
         pulumi.set(__self__, "key_bits", key_bits)
@@ -243,6 +244,9 @@ class KeysAwArgs:
     @property
     @pulumi.getter
     def uuid(self) -> Optional[pulumi.Input[str]]:
+        """
+        ID of the managed key read from Vault
+        """
         return pulumi.get(self, "uuid")
 
     @uuid.setter
@@ -289,6 +293,7 @@ class KeysAzureArgs:
         :param pulumi.Input[str] environment: The Azure Cloud environment API endpoints to use.
         :param pulumi.Input[str] key_bits: The size in bits for an RSA key.
         :param pulumi.Input[str] resource: The Azure Key Vault resource's DNS Suffix to connect to.
+        :param pulumi.Input[str] uuid: ID of the managed key read from Vault
         """
         pulumi.set(__self__, "client_id", client_id)
         pulumi.set(__self__, "client_secret", client_secret)
@@ -491,6 +496,9 @@ class KeysAzureArgs:
     @property
     @pulumi.getter
     def uuid(self) -> Optional[pulumi.Input[str]]:
+        """
+        ID of the managed key read from Vault
+        """
         return pulumi.get(self, "uuid")
 
     @uuid.setter
@@ -544,6 +552,7 @@ class KeysPkcArgs:
         :param pulumi.Input[str] slot: The slot number to use, specified as a string in a decimal format
                (e.g. `2305843009213693953`).
         :param pulumi.Input[str] token_label: The slot token label to use.
+        :param pulumi.Input[str] uuid: ID of the managed key read from Vault
         """
         pulumi.set(__self__, "key_id", key_id)
         pulumi.set(__self__, "key_label", key_label)
@@ -766,6 +775,9 @@ class KeysPkcArgs:
     @property
     @pulumi.getter
     def uuid(self) -> Optional[pulumi.Input[str]]:
+        """
+        ID of the managed key read from Vault
+        """
         return pulumi.get(self, "uuid")
 
     @uuid.setter

pulumi_vault/managed/keys.py

@@ -180,6 +180,16 @@ class Keys(pulumi.CustomResource):
                  pkcs: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['KeysPkcArgs']]]]] = None,
                  __props__=None):
         """
+        A resource that manages the lifecycle of all [Managed Keys](https://www.vaultproject.io/docs/enterprise/managed-keys) in Vault.
+
+        **Note** this feature is available only with Vault Enterprise.
+
+        ## Caveats
+
+        This single resource handles the lifecycle of _all_ the managed keys that must be created in Vault.
+        There can only be one such resource in the TF state, and if there are already provisioned managed
+        keys in Vault, we recommend using `pulumi import` instead.
+
         ## Import
 
         Mounts can be imported using the `id` of `default`, e.g.
@@ -205,6 +215,16 @@ class Keys(pulumi.CustomResource):
                  args: Optional[KeysArgs] = None,
                  opts: Optional[pulumi.ResourceOptions] = None):
         """
+        A resource that manages the lifecycle of all [Managed Keys](https://www.vaultproject.io/docs/enterprise/managed-keys) in Vault.
+
+        **Note** this feature is available only with Vault Enterprise.
+
+        ## Caveats
+
+        This single resource handles the lifecycle of _all_ the managed keys that must be created in Vault.
+        There can only be one such resource in the TF state, and if there are already provisioned managed
+        keys in Vault, we recommend using `pulumi import` instead.
+
         ## Import
 
         Mounts can be imported using the `id` of `default`, e.g.

pulumi_vault/managed/outputs.py

@@ -86,6 +86,7 @@ class KeysAw(dict):
                is `ECDSA`. Required if `allow_generate_key` is `true`.
         :param str endpoint: Used to specify a custom AWS endpoint.
         :param str region: The AWS region where the keys are stored (or will be stored).
+        :param str uuid: ID of the managed key read from Vault
         """
         pulumi.set(__self__, "access_key", access_key)
         pulumi.set(__self__, "key_bits", key_bits)
@@ -224,6 +225,9 @@ class KeysAw(dict):
     @property
     @pulumi.getter
     def uuid(self) -> Optional[str]:
+        """
+        ID of the managed key read from Vault
+        """
         return pulumi.get(self, "uuid")
 
 
@@ -303,6 +307,7 @@ class KeysAzure(dict):
         :param str environment: The Azure Cloud environment API endpoints to use.
         :param str key_bits: The size in bits for an RSA key.
         :param str resource: The Azure Key Vault resource's DNS Suffix to connect to.
+        :param str uuid: ID of the managed key read from Vault
         """
         pulumi.set(__self__, "client_id", client_id)
         pulumi.set(__self__, "client_secret", client_secret)
@@ -449,6 +454,9 @@ class KeysAzure(dict):
     @property
     @pulumi.getter
     def uuid(self) -> Optional[str]:
+        """
+        ID of the managed key read from Vault
+        """
         return pulumi.get(self, "uuid")
 
 
@@ -531,6 +539,7 @@ class KeysPkc(dict):
         :param str slot: The slot number to use, specified as a string in a decimal format
                (e.g. `2305843009213693953`).
         :param str token_label: The slot token label to use.
+        :param str uuid: ID of the managed key read from Vault
         """
         pulumi.set(__self__, "key_id", key_id)
         pulumi.set(__self__, "key_label", key_label)
@@ -693,6 +702,9 @@ class KeysPkc(dict):
     @property
     @pulumi.getter
     def uuid(self) -> Optional[str]:
+        """
+        ID of the managed key read from Vault
+        """
         return pulumi.get(self, "uuid")
 
 

pulumi_vault/mongodbatlas/secret_role.py

@@ -443,7 +443,7 @@ class SecretRole(pulumi.CustomResource):
 
         ## Import
 
-        The MongoDB Atlas secret role can be imported using the full path to the role of the form`<mount_path>/roles/<role_name>` e.g.
+        The MongoDB Atlas secret role can be imported using the full path to the role of the form: `<mount_path>/roles/<role_name>` e.g.
 
         ```sh
          $ pulumi import vault:mongodbatlas/secretRole:SecretRole example mongodbatlas/roles/example-role
@@ -503,7 +503,7 @@ class SecretRole(pulumi.CustomResource):
 
         ## Import
 
-        The MongoDB Atlas secret role can be imported using the full path to the role of the form`<mount_path>/roles/<role_name>` e.g.
+        The MongoDB Atlas secret role can be imported using the full path to the role of the form: `<mount_path>/roles/<role_name>` e.g.
 
         ```sh
          $ pulumi import vault:mongodbatlas/secretRole:SecretRole example mongodbatlas/roles/example-role

pulumi_vault/namespace.py

@@ -206,10 +206,14 @@ class Namespace(pulumi.CustomResource):
         Namespaces can be imported using its `name` as accessor id
 
         ```sh
-         $ pulumi import vault:index/namespace:Namespace example <name>
+        $ pulumi import vault:index/namespace:Namespace example <name>
         ```
 
-         If the declared resource is imported and intends to support namespaces using a provider alias, then the name is relative to the namespace path. hcl provider "vault" {
+         If the declared resource is imported and intends to support namespaces using a provider alias, then the name is relative to the namespace path.
+
+         hcl
+
+         provider "vault" {
 
         # Configuration options
 
@@ -217,19 +221,29 @@ class Namespace(pulumi.CustomResource):
 
          alias
 
-         = "example" } resource "vault_namespace" "example2" {
+         = "example"
+
+         }
+
+         resource "vault_namespace" "example2" {
 
          provider = vault.example
 
          path
 
-         = "example2" }
+         = "example2"
+
+         }
 
         ```sh
-         $ pulumi import vault:index/namespace:Namespace example2 example2
+        $ pulumi import vault:index/namespace:Namespace example2 example2
         ```
 
-         $ terraform state show vault_namespace.example2 vault_namespace.example2resource "vault_namespace" "example2" {
+         $ terraform state show vault_namespace.example2
+
+         vault_namespace.example2:
+
+         resource "vault_namespace" "example2" {
 
          id
 
@@ -243,7 +257,9 @@ class Namespace(pulumi.CustomResource):
 
          path_fq
 
-        = "example2" }
+        = "example2"
+
+         }
 
         :param str resource_name: The name of the resource.
         :param pulumi.ResourceOptions opts: Options for the resource.
@@ -269,10 +285,14 @@ class Namespace(pulumi.CustomResource):
         Namespaces can be imported using its `name` as accessor id
 
         ```sh
-         $ pulumi import vault:index/namespace:Namespace example <name>
+        $ pulumi import vault:index/namespace:Namespace example <name>
         ```
 
-         If the declared resource is imported and intends to support namespaces using a provider alias, then the name is relative to the namespace path. hcl provider "vault" {
+         If the declared resource is imported and intends to support namespaces using a provider alias, then the name is relative to the namespace path.
+
+         hcl
+
+         provider "vault" {
 
         # Configuration options
 
@@ -280,19 +300,29 @@ class Namespace(pulumi.CustomResource):
 
          alias
 
-         = "example" } resource "vault_namespace" "example2" {
+         = "example"
+
+         }
+
+         resource "vault_namespace" "example2" {
 
          provider = vault.example
 
          path
 
-         = "example2" }
+         = "example2"
+
+         }
 
         ```sh
-         $ pulumi import vault:index/namespace:Namespace example2 example2
+        $ pulumi import vault:index/namespace:Namespace example2 example2
         ```
 
-         $ terraform state show vault_namespace.example2 vault_namespace.example2resource "vault_namespace" "example2" {
+         $ terraform state show vault_namespace.example2
+
+         vault_namespace.example2:
+
+         resource "vault_namespace" "example2" {
 
          id
 
@@ -306,7 +336,9 @@ class Namespace(pulumi.CustomResource):
 
          path_fq
 
-        = "example2" }
+        = "example2"
+
+         }
 
         :param str resource_name: The name of the resource.
         :param NamespaceArgs args: The arguments to use to populate this resource's properties.

pulumi_vault/pkisecret/secret_backend_config_issuers.py

@@ -185,9 +185,6 @@ class SecretBackendConfigIssuers(pulumi.CustomResource):
                  namespace: Optional[pulumi.Input[str]] = None,
                  __props__=None):
         """
-        Allows setting the value of the default issuer. For more information, see the
-        [Vault documentation](https://developer.hashicorp.com/vault/api-docs/secret/pki#set-issuers-configuration)
-
         ## Example Usage
 
         ```python
@@ -241,9 +238,6 @@ class SecretBackendConfigIssuers(pulumi.CustomResource):
                  args: SecretBackendConfigIssuersArgs,
                  opts: Optional[pulumi.ResourceOptions] = None):
         """
-        Allows setting the value of the default issuer. For more information, see the
-        [Vault documentation](https://developer.hashicorp.com/vault/api-docs/secret/pki#set-issuers-configuration)
-
         ## Example Usage
 
         ```python

pulumi_vault/pkisecret/secret_backend_issuer.py

@@ -484,11 +484,6 @@ class SecretBackendIssuer(pulumi.CustomResource):
                  usage: Optional[pulumi.Input[str]] = None,
                  __props__=None):
         """
-        Manages the lifecycle of an existing issuer on a PKI Secret Backend. This resource does not
-        create issuers. It instead tracks and performs updates made to an existing issuer that was
-        created by one of the PKI generate endpoints. For more information, see the
-        [Vault documentation](https://developer.hashicorp.com/vault/api-docs/secret/pki#managing-keys-and-issuers)
-
         ## Example Usage
 
         ```python
@@ -551,11 +546,6 @@ class SecretBackendIssuer(pulumi.CustomResource):
                  args: SecretBackendIssuerArgs,
                  opts: Optional[pulumi.ResourceOptions] = None):
         """
-        Manages the lifecycle of an existing issuer on a PKI Secret Backend. This resource does not
-        create issuers. It instead tracks and performs updates made to an existing issuer that was
-        created by one of the PKI generate endpoints. For more information, see the
-        [Vault documentation](https://developer.hashicorp.com/vault/api-docs/secret/pki#managing-keys-and-issuers)
-
         ## Example Usage
 
         ```python