pulumi-vault 5.19.0a1705621752__py3-none-any.whl → 5.20.0__py3-none-any.whl

pulumi_vault/_utilities.py

@@ -4,11 +4,11 @@
 
 
 import asyncio
+import importlib.metadata
 import importlib.util
 import inspect
 import json
 import os
-import pkg_resources
 import sys
 import typing
 
@@ -72,7 +72,7 @@ def _get_semver_version():
     # to receive a valid semver string when receiving requests from the language host, so it's our
     # responsibility as the library to convert our own PEP440 version into a valid semver string.
 
-    pep440_version_string = pkg_resources.require(root_package)[0].version
+    pep440_version_string = importlib.metadata.version(root_package)
     pep440_version = PEP440Version.parse(pep440_version_string)
     (major, minor, patch) = pep440_version.release
     prerelease = None

pulumi_vault/aws/secret_backend.py

@@ -19,11 +19,15 @@ class SecretBackendArgs:
                  description: Optional[pulumi.Input[str]] = None,
                  disable_remount: Optional[pulumi.Input[bool]] = None,
                  iam_endpoint: Optional[pulumi.Input[str]] = None,
+                 identity_token_audience: Optional[pulumi.Input[str]] = None,
+                 identity_token_key: Optional[pulumi.Input[str]] = None,
+                 identity_token_ttl: Optional[pulumi.Input[int]] = None,
                  local: Optional[pulumi.Input[bool]] = None,
                  max_lease_ttl_seconds: Optional[pulumi.Input[int]] = None,
                  namespace: Optional[pulumi.Input[str]] = None,
                  path: Optional[pulumi.Input[str]] = None,
                  region: Optional[pulumi.Input[str]] = None,
+                 role_arn: Optional[pulumi.Input[str]] = None,
                  secret_key: Optional[pulumi.Input[str]] = None,
                  sts_endpoint: Optional[pulumi.Input[str]] = None,
                  username_template: Optional[pulumi.Input[str]] = None):
@@ -37,6 +41,9 @@ class SecretBackendArgs:
         :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
                See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
         :param pulumi.Input[str] iam_endpoint: Specifies a custom HTTP IAM endpoint to use.
+        :param pulumi.Input[str] identity_token_audience: The audience claim value. Requires Vault 1.16+.
+        :param pulumi.Input[str] identity_token_key: The key to use for signing identity tokens. Requires Vault 1.16+.
+        :param pulumi.Input[int] identity_token_ttl: The TTL of generated identity tokens in seconds. Requires Vault 1.16+.
         :param pulumi.Input[bool] local: Specifies whether the secrets mount will be marked as local. Local mounts are not replicated to performance replicas.
         :param pulumi.Input[int] max_lease_ttl_seconds: The maximum TTL that can be requested
                for credentials issued by this backend.
@@ -47,6 +54,7 @@ class SecretBackendArgs:
         :param pulumi.Input[str] path: The unique path this backend should be mounted at. Must
                not begin or end with a `/`. Defaults to `aws`.
         :param pulumi.Input[str] region: The AWS region to make API calls against. Defaults to us-east-1.
+        :param pulumi.Input[str] role_arn: Role ARN to assume for plugin identity token federation. Requires Vault 1.16+.
         :param pulumi.Input[str] secret_key: The AWS Secret Access Key to use when generating new credentials.
         :param pulumi.Input[str] sts_endpoint: Specifies a custom HTTP STS endpoint to use.
         :param pulumi.Input[str] username_template: Template describing how dynamic usernames are generated. The username template is used to generate both IAM usernames (capped at 64 characters) and STS usernames (capped at 32 characters). If no template is provided the field defaults to the template:
@@ -61,6 +69,12 @@ class SecretBackendArgs:
             pulumi.set(__self__, "disable_remount", disable_remount)
         if iam_endpoint is not None:
             pulumi.set(__self__, "iam_endpoint", iam_endpoint)
+        if identity_token_audience is not None:
+            pulumi.set(__self__, "identity_token_audience", identity_token_audience)
+        if identity_token_key is not None:
+            pulumi.set(__self__, "identity_token_key", identity_token_key)
+        if identity_token_ttl is not None:
+            pulumi.set(__self__, "identity_token_ttl", identity_token_ttl)
         if local is not None:
             pulumi.set(__self__, "local", local)
         if max_lease_ttl_seconds is not None:
@@ -71,6 +85,8 @@ class SecretBackendArgs:
             pulumi.set(__self__, "path", path)
         if region is not None:
             pulumi.set(__self__, "region", region)
+        if role_arn is not None:
+            pulumi.set(__self__, "role_arn", role_arn)
         if secret_key is not None:
             pulumi.set(__self__, "secret_key", secret_key)
         if sts_endpoint is not None:
@@ -141,6 +157,42 @@ class SecretBackendArgs:
     def iam_endpoint(self, value: Optional[pulumi.Input[str]]):
         pulumi.set(self, "iam_endpoint", value)
 
+    @property
+    @pulumi.getter(name="identityTokenAudience")
+    def identity_token_audience(self) -> Optional[pulumi.Input[str]]:
+        """
+        The audience claim value. Requires Vault 1.16+.
+        """
+        return pulumi.get(self, "identity_token_audience")
+
+    @identity_token_audience.setter
+    def identity_token_audience(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "identity_token_audience", value)
+
+    @property
+    @pulumi.getter(name="identityTokenKey")
+    def identity_token_key(self) -> Optional[pulumi.Input[str]]:
+        """
+        The key to use for signing identity tokens. Requires Vault 1.16+.
+        """
+        return pulumi.get(self, "identity_token_key")
+
+    @identity_token_key.setter
+    def identity_token_key(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "identity_token_key", value)
+
+    @property
+    @pulumi.getter(name="identityTokenTtl")
+    def identity_token_ttl(self) -> Optional[pulumi.Input[int]]:
+        """
+        The TTL of generated identity tokens in seconds. Requires Vault 1.16+.
+        """
+        return pulumi.get(self, "identity_token_ttl")
+
+    @identity_token_ttl.setter
+    def identity_token_ttl(self, value: Optional[pulumi.Input[int]]):
+        pulumi.set(self, "identity_token_ttl", value)
+
     @property
     @pulumi.getter
     def local(self) -> Optional[pulumi.Input[bool]]:
@@ -206,6 +258,18 @@ class SecretBackendArgs:
     def region(self, value: Optional[pulumi.Input[str]]):
         pulumi.set(self, "region", value)
 
+    @property
+    @pulumi.getter(name="roleArn")
+    def role_arn(self) -> Optional[pulumi.Input[str]]:
+        """
+        Role ARN to assume for plugin identity token federation. Requires Vault 1.16+.
+        """
+        return pulumi.get(self, "role_arn")
+
+    @role_arn.setter
+    def role_arn(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "role_arn", value)
+
     @property
     @pulumi.getter(name="secretKey")
     def secret_key(self) -> Optional[pulumi.Input[str]]:
@@ -251,11 +315,15 @@ class _SecretBackendState:
                  description: Optional[pulumi.Input[str]] = None,
                  disable_remount: Optional[pulumi.Input[bool]] = None,
                  iam_endpoint: Optional[pulumi.Input[str]] = None,
+                 identity_token_audience: Optional[pulumi.Input[str]] = None,
+                 identity_token_key: Optional[pulumi.Input[str]] = None,
+                 identity_token_ttl: Optional[pulumi.Input[int]] = None,
                  local: Optional[pulumi.Input[bool]] = None,
                  max_lease_ttl_seconds: Optional[pulumi.Input[int]] = None,
                  namespace: Optional[pulumi.Input[str]] = None,
                  path: Optional[pulumi.Input[str]] = None,
                  region: Optional[pulumi.Input[str]] = None,
+                 role_arn: Optional[pulumi.Input[str]] = None,
                  secret_key: Optional[pulumi.Input[str]] = None,
                  sts_endpoint: Optional[pulumi.Input[str]] = None,
                  username_template: Optional[pulumi.Input[str]] = None):
@@ -269,6 +337,9 @@ class _SecretBackendState:
         :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
                See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
         :param pulumi.Input[str] iam_endpoint: Specifies a custom HTTP IAM endpoint to use.
+        :param pulumi.Input[str] identity_token_audience: The audience claim value. Requires Vault 1.16+.
+        :param pulumi.Input[str] identity_token_key: The key to use for signing identity tokens. Requires Vault 1.16+.
+        :param pulumi.Input[int] identity_token_ttl: The TTL of generated identity tokens in seconds. Requires Vault 1.16+.
         :param pulumi.Input[bool] local: Specifies whether the secrets mount will be marked as local. Local mounts are not replicated to performance replicas.
         :param pulumi.Input[int] max_lease_ttl_seconds: The maximum TTL that can be requested
                for credentials issued by this backend.
@@ -279,6 +350,7 @@ class _SecretBackendState:
         :param pulumi.Input[str] path: The unique path this backend should be mounted at. Must
                not begin or end with a `/`. Defaults to `aws`.
         :param pulumi.Input[str] region: The AWS region to make API calls against. Defaults to us-east-1.
+        :param pulumi.Input[str] role_arn: Role ARN to assume for plugin identity token federation. Requires Vault 1.16+.
         :param pulumi.Input[str] secret_key: The AWS Secret Access Key to use when generating new credentials.
         :param pulumi.Input[str] sts_endpoint: Specifies a custom HTTP STS endpoint to use.
         :param pulumi.Input[str] username_template: Template describing how dynamic usernames are generated. The username template is used to generate both IAM usernames (capped at 64 characters) and STS usernames (capped at 32 characters). If no template is provided the field defaults to the template:
@@ -293,6 +365,12 @@ class _SecretBackendState:
             pulumi.set(__self__, "disable_remount", disable_remount)
         if iam_endpoint is not None:
             pulumi.set(__self__, "iam_endpoint", iam_endpoint)
+        if identity_token_audience is not None:
+            pulumi.set(__self__, "identity_token_audience", identity_token_audience)
+        if identity_token_key is not None:
+            pulumi.set(__self__, "identity_token_key", identity_token_key)
+        if identity_token_ttl is not None:
+            pulumi.set(__self__, "identity_token_ttl", identity_token_ttl)
         if local is not None:
             pulumi.set(__self__, "local", local)
         if max_lease_ttl_seconds is not None:
@@ -303,6 +381,8 @@ class _SecretBackendState:
             pulumi.set(__self__, "path", path)
         if region is not None:
             pulumi.set(__self__, "region", region)
+        if role_arn is not None:
+            pulumi.set(__self__, "role_arn", role_arn)
         if secret_key is not None:
             pulumi.set(__self__, "secret_key", secret_key)
         if sts_endpoint is not None:
@@ -373,6 +453,42 @@ class _SecretBackendState:
     def iam_endpoint(self, value: Optional[pulumi.Input[str]]):
         pulumi.set(self, "iam_endpoint", value)
 
+    @property
+    @pulumi.getter(name="identityTokenAudience")
+    def identity_token_audience(self) -> Optional[pulumi.Input[str]]:
+        """
+        The audience claim value. Requires Vault 1.16+.
+        """
+        return pulumi.get(self, "identity_token_audience")
+
+    @identity_token_audience.setter
+    def identity_token_audience(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "identity_token_audience", value)
+
+    @property
+    @pulumi.getter(name="identityTokenKey")
+    def identity_token_key(self) -> Optional[pulumi.Input[str]]:
+        """
+        The key to use for signing identity tokens. Requires Vault 1.16+.
+        """
+        return pulumi.get(self, "identity_token_key")
+
+    @identity_token_key.setter
+    def identity_token_key(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "identity_token_key", value)
+
+    @property
+    @pulumi.getter(name="identityTokenTtl")
+    def identity_token_ttl(self) -> Optional[pulumi.Input[int]]:
+        """
+        The TTL of generated identity tokens in seconds. Requires Vault 1.16+.
+        """
+        return pulumi.get(self, "identity_token_ttl")
+
+    @identity_token_ttl.setter
+    def identity_token_ttl(self, value: Optional[pulumi.Input[int]]):
+        pulumi.set(self, "identity_token_ttl", value)
+
     @property
     @pulumi.getter
     def local(self) -> Optional[pulumi.Input[bool]]:
@@ -438,6 +554,18 @@ class _SecretBackendState:
     def region(self, value: Optional[pulumi.Input[str]]):
         pulumi.set(self, "region", value)
 
+    @property
+    @pulumi.getter(name="roleArn")
+    def role_arn(self) -> Optional[pulumi.Input[str]]:
+        """
+        Role ARN to assume for plugin identity token federation. Requires Vault 1.16+.
+        """
+        return pulumi.get(self, "role_arn")
+
+    @role_arn.setter
+    def role_arn(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "role_arn", value)
+
     @property
     @pulumi.getter(name="secretKey")
     def secret_key(self) -> Optional[pulumi.Input[str]]:
@@ -485,11 +613,15 @@ class SecretBackend(pulumi.CustomResource):
                  description: Optional[pulumi.Input[str]] = None,
                  disable_remount: Optional[pulumi.Input[bool]] = None,
                  iam_endpoint: Optional[pulumi.Input[str]] = None,
+                 identity_token_audience: Optional[pulumi.Input[str]] = None,
+                 identity_token_key: Optional[pulumi.Input[str]] = None,
+                 identity_token_ttl: Optional[pulumi.Input[int]] = None,
                  local: Optional[pulumi.Input[bool]] = None,
                  max_lease_ttl_seconds: Optional[pulumi.Input[int]] = None,
                  namespace: Optional[pulumi.Input[str]] = None,
                  path: Optional[pulumi.Input[str]] = None,
                  region: Optional[pulumi.Input[str]] = None,
+                 role_arn: Optional[pulumi.Input[str]] = None,
                  secret_key: Optional[pulumi.Input[str]] = None,
                  sts_endpoint: Optional[pulumi.Input[str]] = None,
                  username_template: Optional[pulumi.Input[str]] = None,
@@ -513,6 +645,9 @@ class SecretBackend(pulumi.CustomResource):
         :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
                See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
         :param pulumi.Input[str] iam_endpoint: Specifies a custom HTTP IAM endpoint to use.
+        :param pulumi.Input[str] identity_token_audience: The audience claim value. Requires Vault 1.16+.
+        :param pulumi.Input[str] identity_token_key: The key to use for signing identity tokens. Requires Vault 1.16+.
+        :param pulumi.Input[int] identity_token_ttl: The TTL of generated identity tokens in seconds. Requires Vault 1.16+.
         :param pulumi.Input[bool] local: Specifies whether the secrets mount will be marked as local. Local mounts are not replicated to performance replicas.
         :param pulumi.Input[int] max_lease_ttl_seconds: The maximum TTL that can be requested
                for credentials issued by this backend.
@@ -523,6 +658,7 @@ class SecretBackend(pulumi.CustomResource):
         :param pulumi.Input[str] path: The unique path this backend should be mounted at. Must
                not begin or end with a `/`. Defaults to `aws`.
         :param pulumi.Input[str] region: The AWS region to make API calls against. Defaults to us-east-1.
+        :param pulumi.Input[str] role_arn: Role ARN to assume for plugin identity token federation. Requires Vault 1.16+.
         :param pulumi.Input[str] secret_key: The AWS Secret Access Key to use when generating new credentials.
         :param pulumi.Input[str] sts_endpoint: Specifies a custom HTTP STS endpoint to use.
         :param pulumi.Input[str] username_template: Template describing how dynamic usernames are generated. The username template is used to generate both IAM usernames (capped at 64 characters) and STS usernames (capped at 32 characters). If no template is provided the field defaults to the template:
@@ -562,11 +698,15 @@ class SecretBackend(pulumi.CustomResource):
                  description: Optional[pulumi.Input[str]] = None,
                  disable_remount: Optional[pulumi.Input[bool]] = None,
                  iam_endpoint: Optional[pulumi.Input[str]] = None,
+                 identity_token_audience: Optional[pulumi.Input[str]] = None,
+                 identity_token_key: Optional[pulumi.Input[str]] = None,
+                 identity_token_ttl: Optional[pulumi.Input[int]] = None,
                  local: Optional[pulumi.Input[bool]] = None,
                  max_lease_ttl_seconds: Optional[pulumi.Input[int]] = None,
                  namespace: Optional[pulumi.Input[str]] = None,
                  path: Optional[pulumi.Input[str]] = None,
                  region: Optional[pulumi.Input[str]] = None,
+                 role_arn: Optional[pulumi.Input[str]] = None,
                  secret_key: Optional[pulumi.Input[str]] = None,
                  sts_endpoint: Optional[pulumi.Input[str]] = None,
                  username_template: Optional[pulumi.Input[str]] = None,
@@ -584,11 +724,15 @@ class SecretBackend(pulumi.CustomResource):
             __props__.__dict__["description"] = description
             __props__.__dict__["disable_remount"] = disable_remount
             __props__.__dict__["iam_endpoint"] = iam_endpoint
+            __props__.__dict__["identity_token_audience"] = identity_token_audience
+            __props__.__dict__["identity_token_key"] = identity_token_key
+            __props__.__dict__["identity_token_ttl"] = identity_token_ttl
             __props__.__dict__["local"] = local
             __props__.__dict__["max_lease_ttl_seconds"] = max_lease_ttl_seconds
             __props__.__dict__["namespace"] = namespace
             __props__.__dict__["path"] = path
             __props__.__dict__["region"] = region
+            __props__.__dict__["role_arn"] = role_arn
             __props__.__dict__["secret_key"] = None if secret_key is None else pulumi.Output.secret(secret_key)
             __props__.__dict__["sts_endpoint"] = sts_endpoint
             __props__.__dict__["username_template"] = username_template
@@ -609,11 +753,15 @@ class SecretBackend(pulumi.CustomResource):
             description: Optional[pulumi.Input[str]] = None,
             disable_remount: Optional[pulumi.Input[bool]] = None,
             iam_endpoint: Optional[pulumi.Input[str]] = None,
+            identity_token_audience: Optional[pulumi.Input[str]] = None,
+            identity_token_key: Optional[pulumi.Input[str]] = None,
+            identity_token_ttl: Optional[pulumi.Input[int]] = None,
             local: Optional[pulumi.Input[bool]] = None,
             max_lease_ttl_seconds: Optional[pulumi.Input[int]] = None,
             namespace: Optional[pulumi.Input[str]] = None,
             path: Optional[pulumi.Input[str]] = None,
             region: Optional[pulumi.Input[str]] = None,
+            role_arn: Optional[pulumi.Input[str]] = None,
             secret_key: Optional[pulumi.Input[str]] = None,
             sts_endpoint: Optional[pulumi.Input[str]] = None,
             username_template: Optional[pulumi.Input[str]] = None) -> 'SecretBackend':
@@ -632,6 +780,9 @@ class SecretBackend(pulumi.CustomResource):
         :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
                See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
         :param pulumi.Input[str] iam_endpoint: Specifies a custom HTTP IAM endpoint to use.
+        :param pulumi.Input[str] identity_token_audience: The audience claim value. Requires Vault 1.16+.
+        :param pulumi.Input[str] identity_token_key: The key to use for signing identity tokens. Requires Vault 1.16+.
+        :param pulumi.Input[int] identity_token_ttl: The TTL of generated identity tokens in seconds. Requires Vault 1.16+.
         :param pulumi.Input[bool] local: Specifies whether the secrets mount will be marked as local. Local mounts are not replicated to performance replicas.
         :param pulumi.Input[int] max_lease_ttl_seconds: The maximum TTL that can be requested
                for credentials issued by this backend.
@@ -642,6 +793,7 @@ class SecretBackend(pulumi.CustomResource):
         :param pulumi.Input[str] path: The unique path this backend should be mounted at. Must
                not begin or end with a `/`. Defaults to `aws`.
         :param pulumi.Input[str] region: The AWS region to make API calls against. Defaults to us-east-1.
+        :param pulumi.Input[str] role_arn: Role ARN to assume for plugin identity token federation. Requires Vault 1.16+.
         :param pulumi.Input[str] secret_key: The AWS Secret Access Key to use when generating new credentials.
         :param pulumi.Input[str] sts_endpoint: Specifies a custom HTTP STS endpoint to use.
         :param pulumi.Input[str] username_template: Template describing how dynamic usernames are generated. The username template is used to generate both IAM usernames (capped at 64 characters) and STS usernames (capped at 32 characters). If no template is provided the field defaults to the template:
@@ -655,11 +807,15 @@ class SecretBackend(pulumi.CustomResource):
         __props__.__dict__["description"] = description
         __props__.__dict__["disable_remount"] = disable_remount
         __props__.__dict__["iam_endpoint"] = iam_endpoint
+        __props__.__dict__["identity_token_audience"] = identity_token_audience
+        __props__.__dict__["identity_token_key"] = identity_token_key
+        __props__.__dict__["identity_token_ttl"] = identity_token_ttl
         __props__.__dict__["local"] = local
         __props__.__dict__["max_lease_ttl_seconds"] = max_lease_ttl_seconds
         __props__.__dict__["namespace"] = namespace
         __props__.__dict__["path"] = path
         __props__.__dict__["region"] = region
+        __props__.__dict__["role_arn"] = role_arn
         __props__.__dict__["secret_key"] = secret_key
         __props__.__dict__["sts_endpoint"] = sts_endpoint
         __props__.__dict__["username_template"] = username_template
@@ -708,6 +864,30 @@ class SecretBackend(pulumi.CustomResource):
         """
         return pulumi.get(self, "iam_endpoint")
 
+    @property
+    @pulumi.getter(name="identityTokenAudience")
+    def identity_token_audience(self) -> pulumi.Output[Optional[str]]:
+        """
+        The audience claim value. Requires Vault 1.16+.
+        """
+        return pulumi.get(self, "identity_token_audience")
+
+    @property
+    @pulumi.getter(name="identityTokenKey")
+    def identity_token_key(self) -> pulumi.Output[Optional[str]]:
+        """
+        The key to use for signing identity tokens. Requires Vault 1.16+.
+        """
+        return pulumi.get(self, "identity_token_key")
+
+    @property
+    @pulumi.getter(name="identityTokenTtl")
+    def identity_token_ttl(self) -> pulumi.Output[int]:
+        """
+        The TTL of generated identity tokens in seconds. Requires Vault 1.16+.
+        """
+        return pulumi.get(self, "identity_token_ttl")
+
     @property
     @pulumi.getter
     def local(self) -> pulumi.Output[Optional[bool]]:
@@ -753,6 +933,14 @@ class SecretBackend(pulumi.CustomResource):
         """
         return pulumi.get(self, "region")
 
+    @property
+    @pulumi.getter(name="roleArn")
+    def role_arn(self) -> pulumi.Output[Optional[str]]:
+        """
+        Role ARN to assume for plugin identity token federation. Requires Vault 1.16+.
+        """
+        return pulumi.get(self, "role_arn")
+
     @property
     @pulumi.getter(name="secretKey")
     def secret_key(self) -> pulumi.Output[Optional[str]]:

pulumi_vault/aws/secret_backend_static_role.py

@@ -234,7 +234,7 @@ class SecretBackendStaticRole(pulumi.CustomResource):
 
         ## Import
 
-        AWS secret backend static role can be imported using the full path to the role of the form`<mount_path>/static-roles/<role_name>` e.g.
+        AWS secret backend static role can be imported using the full path to the role of the form: `<mount_path>/static-roles/<role_name>` e.g.
 
         ```sh
          $ pulumi import vault:aws/secretBackendStaticRole:SecretBackendStaticRole role aws/static-roles/example-role
@@ -277,7 +277,7 @@ class SecretBackendStaticRole(pulumi.CustomResource):
 
         ## Import
 
-        AWS secret backend static role can be imported using the full path to the role of the form`<mount_path>/static-roles/<role_name>` e.g.
+        AWS secret backend static role can be imported using the full path to the role of the form: `<mount_path>/static-roles/<role_name>` e.g.
 
         ```sh
          $ pulumi import vault:aws/secretBackendStaticRole:SecretBackendStaticRole role aws/static-roles/example-role

pulumi_vault/azure/backend.py

@@ -39,9 +39,7 @@ class BackendArgs:
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[str] path: The unique path this backend should be mounted at. Defaults to `azure`.
-        :param pulumi.Input[bool] use_microsoft_graph_api: Indicates whether the secrets engine should use 
-               the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`.
-               For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api)
+        :param pulumi.Input[bool] use_microsoft_graph_api: Use the Microsoft Graph API. Should be set to true on vault-1.10+
         """
         pulumi.set(__self__, "subscription_id", subscription_id)
         pulumi.set(__self__, "tenant_id", tenant_id)
@@ -178,9 +176,7 @@ class BackendArgs:
     @pulumi.getter(name="useMicrosoftGraphApi")
     def use_microsoft_graph_api(self) -> Optional[pulumi.Input[bool]]:
         """
-        Indicates whether the secrets engine should use 
-        the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`.
-        For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api)
+        Use the Microsoft Graph API. Should be set to true on vault-1.10+
         """
         return pulumi.get(self, "use_microsoft_graph_api")
 
@@ -217,9 +213,7 @@ class _BackendState:
         :param pulumi.Input[str] path: The unique path this backend should be mounted at. Defaults to `azure`.
         :param pulumi.Input[str] subscription_id: The subscription id for the Azure Active Directory.
         :param pulumi.Input[str] tenant_id: The tenant id for the Azure Active Directory.
-        :param pulumi.Input[bool] use_microsoft_graph_api: Indicates whether the secrets engine should use 
-               the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`.
-               For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api)
+        :param pulumi.Input[bool] use_microsoft_graph_api: Use the Microsoft Graph API. Should be set to true on vault-1.10+
         """
         if client_id is not None:
             pulumi.set(__self__, "client_id", client_id)
@@ -358,9 +352,7 @@ class _BackendState:
     @pulumi.getter(name="useMicrosoftGraphApi")
     def use_microsoft_graph_api(self) -> Optional[pulumi.Input[bool]]:
         """
-        Indicates whether the secrets engine should use 
-        the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`.
-        For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api)
+        Use the Microsoft Graph API. Should be set to true on vault-1.10+
         """
         return pulumi.get(self, "use_microsoft_graph_api")
 
@@ -431,9 +423,7 @@ class Backend(pulumi.CustomResource):
         :param pulumi.Input[str] path: The unique path this backend should be mounted at. Defaults to `azure`.
         :param pulumi.Input[str] subscription_id: The subscription id for the Azure Active Directory.
         :param pulumi.Input[str] tenant_id: The tenant id for the Azure Active Directory.
-        :param pulumi.Input[bool] use_microsoft_graph_api: Indicates whether the secrets engine should use 
-               the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`.
-               For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api)
+        :param pulumi.Input[bool] use_microsoft_graph_api: Use the Microsoft Graph API. Should be set to true on vault-1.10+
         """
         ...
     @overload
@@ -562,9 +552,7 @@ class Backend(pulumi.CustomResource):
         :param pulumi.Input[str] path: The unique path this backend should be mounted at. Defaults to `azure`.
         :param pulumi.Input[str] subscription_id: The subscription id for the Azure Active Directory.
         :param pulumi.Input[str] tenant_id: The tenant id for the Azure Active Directory.
-        :param pulumi.Input[bool] use_microsoft_graph_api: Indicates whether the secrets engine should use 
-               the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`.
-               For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api)
+        :param pulumi.Input[bool] use_microsoft_graph_api: Use the Microsoft Graph API. Should be set to true on vault-1.10+
         """
         opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
 
@@ -662,9 +650,7 @@ class Backend(pulumi.CustomResource):
     @pulumi.getter(name="useMicrosoftGraphApi")
     def use_microsoft_graph_api(self) -> pulumi.Output[bool]:
         """
-        Indicates whether the secrets engine should use 
-        the Microsoft Graph API. This parameter has been deprecated and will be ignored in `vault-1.12+`.
-        For more information, please refer to the [Vault docs](https://developer.hashicorp.com/vault/api-docs/secret/azure#use_microsoft_graph_api)
+        Use the Microsoft Graph API. Should be set to true on vault-1.10+
         """
         return pulumi.get(self, "use_microsoft_graph_api")
 

pulumi_vault/config/__init__.pyi

@@ -11,9 +11,6 @@ from .. import _utilities
 from . import outputs
 
 addAddressToEnv: Optional[str]
-"""
-If true, adds the value of the `address` argument to the Terraform process environment.
-"""
 
 address: Optional[str]
 """