pulumi-vault 5.21.0a1709368526__py3-none-any.whl → 6.5.0__py3-none-any.whl

pulumi_vault/database/outputs.py

@@ -4,9 +4,14 @@
 
 import copy
 import warnings
+import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 
 __all__ = [
@@ -63,6 +68,8 @@ class SecretBackendConnectionCassandra(dict):
             suggest = "pem_json"
         elif key == "protocolVersion":
             suggest = "protocol_version"
+        elif key == "skipVerification":
+            suggest = "skip_verification"
 
         if suggest:
             pulumi.log.warn(f"Key '{key}' not found in SecretBackendConnectionCassandra. Access the value via the '{suggest}' property getter instead.")
@@ -84,23 +91,21 @@ class SecretBackendConnectionCassandra(dict):
                  pem_json: Optional[str] = None,
                  port: Optional[int] = None,
                  protocol_version: Optional[int] = None,
+                 skip_verification: Optional[bool] = None,
                  tls: Optional[bool] = None,
                  username: Optional[str] = None):
         """
-        :param int connect_timeout: The number of seconds to use as a connection
-               timeout.
-        :param Sequence[str] hosts: The hosts to connect to.
-        :param bool insecure_tls: Whether to skip verification of the server
-               certificate when using TLS.
-        :param str password: The password to authenticate with.
-        :param str pem_bundle: Concatenated PEM blocks configuring the certificate
-               chain.
-        :param str pem_json: A JSON structure configuring the certificate chain.
-        :param int port: The default port to connect to if no port is specified as
-               part of the host.
+        :param int connect_timeout: The number of seconds to use as a connection timeout.
+        :param Sequence[str] hosts: Cassandra hosts to connect to.
+        :param bool insecure_tls: Whether to skip verification of the server certificate when using TLS.
+        :param str password: The password to use when authenticating with Cassandra.
+        :param str pem_bundle: Concatenated PEM blocks containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
+        :param str pem_json: Specifies JSON containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
+        :param int port: The transport port to use to connect to Cassandra.
         :param int protocol_version: The CQL protocol version to use.
+        :param bool skip_verification: Skip permissions checks when a connection to Cassandra is first created. These checks ensure that Vault is able to create roles, but can be resource intensive in clusters with many roles.
         :param bool tls: Whether to use TLS when connecting to Cassandra.
-        :param str username: The username to authenticate with.
+        :param str username: The username to use when authenticating with Cassandra.
         """
         if connect_timeout is not None:
             pulumi.set(__self__, "connect_timeout", connect_timeout)
@@ -118,6 +123,8 @@ class SecretBackendConnectionCassandra(dict):
             pulumi.set(__self__, "port", port)
         if protocol_version is not None:
             pulumi.set(__self__, "protocol_version", protocol_version)
+        if skip_verification is not None:
+            pulumi.set(__self__, "skip_verification", skip_verification)
         if tls is not None:
             pulumi.set(__self__, "tls", tls)
         if username is not None:
@@ -127,8 +134,7 @@ class SecretBackendConnectionCassandra(dict):
     @pulumi.getter(name="connectTimeout")
     def connect_timeout(self) -> Optional[int]:
         """
-        The number of seconds to use as a connection
-        timeout.
+        The number of seconds to use as a connection timeout.
         """
         return pulumi.get(self, "connect_timeout")
 
@@ -136,7 +142,7 @@ class SecretBackendConnectionCassandra(dict):
     @pulumi.getter
     def hosts(self) -> Optional[Sequence[str]]:
         """
-        The hosts to connect to.
+        Cassandra hosts to connect to.
         """
         return pulumi.get(self, "hosts")
 
@@ -144,8 +150,7 @@ class SecretBackendConnectionCassandra(dict):
     @pulumi.getter(name="insecureTls")
     def insecure_tls(self) -> Optional[bool]:
         """
-        Whether to skip verification of the server
-        certificate when using TLS.
+        Whether to skip verification of the server certificate when using TLS.
         """
         return pulumi.get(self, "insecure_tls")
 
@@ -153,7 +158,7 @@ class SecretBackendConnectionCassandra(dict):
     @pulumi.getter
     def password(self) -> Optional[str]:
         """
-        The password to authenticate with.
+        The password to use when authenticating with Cassandra.
         """
         return pulumi.get(self, "password")
 
@@ -161,8 +166,7 @@ class SecretBackendConnectionCassandra(dict):
     @pulumi.getter(name="pemBundle")
     def pem_bundle(self) -> Optional[str]:
         """
-        Concatenated PEM blocks configuring the certificate
-        chain.
+        Concatenated PEM blocks containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
         """
         return pulumi.get(self, "pem_bundle")
 
@@ -170,7 +174,7 @@ class SecretBackendConnectionCassandra(dict):
     @pulumi.getter(name="pemJson")
     def pem_json(self) -> Optional[str]:
         """
-        A JSON structure configuring the certificate chain.
+        Specifies JSON containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
         """
         return pulumi.get(self, "pem_json")
 
@@ -178,8 +182,7 @@ class SecretBackendConnectionCassandra(dict):
     @pulumi.getter
     def port(self) -> Optional[int]:
         """
-        The default port to connect to if no port is specified as
-        part of the host.
+        The transport port to use to connect to Cassandra.
         """
         return pulumi.get(self, "port")
 
@@ -191,6 +194,14 @@ class SecretBackendConnectionCassandra(dict):
         """
         return pulumi.get(self, "protocol_version")
 
+    @property
+    @pulumi.getter(name="skipVerification")
+    def skip_verification(self) -> Optional[bool]:
+        """
+        Skip permissions checks when a connection to Cassandra is first created. These checks ensure that Vault is able to create roles, but can be resource intensive in clusters with many roles.
+        """
+        return pulumi.get(self, "skip_verification")
+
     @property
     @pulumi.getter
     def tls(self) -> Optional[bool]:
@@ -203,7 +214,7 @@ class SecretBackendConnectionCassandra(dict):
     @pulumi.getter
     def username(self) -> Optional[str]:
         """
-        The username to authenticate with.
+        The username to use when authenticating with Cassandra.
         """
         return pulumi.get(self, "username")
 
@@ -243,14 +254,13 @@ class SecretBackendConnectionCouchbase(dict):
                  tls: Optional[bool] = None,
                  username_template: Optional[str] = None):
         """
-        :param Sequence[str] hosts: The hosts to connect to.
-        :param str password: The password to authenticate with.
-        :param str username: The username to authenticate with.
+        :param Sequence[str] hosts: A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`.
+        :param str password: Specifies the password corresponding to the given username.
+        :param str username: Specifies the username for Vault to use.
         :param str base64_pem: Required if `tls` is `true`. Specifies the certificate authority of the Couchbase server, as a PEM certificate that has been base64 encoded.
         :param str bucket_name: Required for Couchbase versions prior to 6.5.0. This is only used to verify vault's connection to the server.
-        :param bool insecure_tls: Whether to skip verification of the server
-               certificate when using TLS.
-        :param bool tls: Whether to use TLS when connecting to Cassandra.
+        :param bool insecure_tls: Specifies whether to skip verification of the server certificate when using TLS.
+        :param bool tls: Specifies whether to use TLS when connecting to Couchbase.
         :param str username_template: Template describing how dynamic usernames are generated.
         """
         pulumi.set(__self__, "hosts", hosts)
@@ -271,7 +281,7 @@ class SecretBackendConnectionCouchbase(dict):
     @pulumi.getter
     def hosts(self) -> Sequence[str]:
         """
-        The hosts to connect to.
+        A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`.
         """
         return pulumi.get(self, "hosts")
 
@@ -279,7 +289,7 @@ class SecretBackendConnectionCouchbase(dict):
     @pulumi.getter
     def password(self) -> str:
         """
-        The password to authenticate with.
+        Specifies the password corresponding to the given username.
         """
         return pulumi.get(self, "password")
 
@@ -287,7 +297,7 @@ class SecretBackendConnectionCouchbase(dict):
     @pulumi.getter
     def username(self) -> str:
         """
-        The username to authenticate with.
+        Specifies the username for Vault to use.
         """
         return pulumi.get(self, "username")
 
@@ -311,8 +321,7 @@ class SecretBackendConnectionCouchbase(dict):
     @pulumi.getter(name="insecureTls")
     def insecure_tls(self) -> Optional[bool]:
         """
-        Whether to skip verification of the server
-        certificate when using TLS.
+        Specifies whether to skip verification of the server certificate when using TLS.
         """
         return pulumi.get(self, "insecure_tls")
 
@@ -320,7 +329,7 @@ class SecretBackendConnectionCouchbase(dict):
     @pulumi.getter
     def tls(self) -> Optional[bool]:
         """
-        Whether to use TLS when connecting to Cassandra.
+        Specifies whether to use TLS when connecting to Couchbase.
         """
         return pulumi.get(self, "tls")
 
@@ -374,16 +383,15 @@ class SecretBackendConnectionElasticsearch(dict):
                  tls_server_name: Optional[str] = None,
                  username_template: Optional[str] = None):
         """
-        :param str password: The password to authenticate with.
-        :param str url: The URL for Elasticsearch's API. https requires certificate
-               by trusted CA if used.
-        :param str username: The username to authenticate with.
-        :param str ca_cert: The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity.
-        :param str ca_path: The path to a directory of PEM-encoded CA cert files to use to verify the Elasticsearch server's identity.
-        :param str client_cert: The path to the certificate for the Elasticsearch client to present for communication.
-        :param str client_key: The path to the key for the Elasticsearch client to use for communication.
-        :param bool insecure: Whether to disable certificate verification.
-        :param str tls_server_name: This, if set, is used to set the SNI host when connecting via TLS.
+        :param str password: The password to be used in the connection URL
+        :param str url: The URL for Elasticsearch's API
+        :param str username: The username to be used in the connection URL
+        :param str ca_cert: The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity
+        :param str ca_path: The path to a directory of PEM-encoded CA cert files to use to verify the Elasticsearch server's identity
+        :param str client_cert: The path to the certificate for the Elasticsearch client to present for communication
+        :param str client_key: The path to the key for the Elasticsearch client to use for communication
+        :param bool insecure: Whether to disable certificate verification
+        :param str tls_server_name: This, if set, is used to set the SNI host when connecting via TLS
         :param str username_template: Template describing how dynamic usernames are generated.
         """
         pulumi.set(__self__, "password", password)
@@ -408,7 +416,7 @@ class SecretBackendConnectionElasticsearch(dict):
     @pulumi.getter
     def password(self) -> str:
         """
-        The password to authenticate with.
+        The password to be used in the connection URL
         """
         return pulumi.get(self, "password")
 
@@ -416,8 +424,7 @@ class SecretBackendConnectionElasticsearch(dict):
     @pulumi.getter
     def url(self) -> str:
         """
-        The URL for Elasticsearch's API. https requires certificate
-        by trusted CA if used.
+        The URL for Elasticsearch's API
         """
         return pulumi.get(self, "url")
 
@@ -425,7 +432,7 @@ class SecretBackendConnectionElasticsearch(dict):
     @pulumi.getter
     def username(self) -> str:
         """
-        The username to authenticate with.
+        The username to be used in the connection URL
         """
         return pulumi.get(self, "username")
 
@@ -433,7 +440,7 @@ class SecretBackendConnectionElasticsearch(dict):
     @pulumi.getter(name="caCert")
     def ca_cert(self) -> Optional[str]:
         """
-        The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity.
+        The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity
         """
         return pulumi.get(self, "ca_cert")
 
@@ -441,7 +448,7 @@ class SecretBackendConnectionElasticsearch(dict):
     @pulumi.getter(name="caPath")
     def ca_path(self) -> Optional[str]:
         """
-        The path to a directory of PEM-encoded CA cert files to use to verify the Elasticsearch server's identity.
+        The path to a directory of PEM-encoded CA cert files to use to verify the Elasticsearch server's identity
         """
         return pulumi.get(self, "ca_path")
 
@@ -449,7 +456,7 @@ class SecretBackendConnectionElasticsearch(dict):
     @pulumi.getter(name="clientCert")
     def client_cert(self) -> Optional[str]:
         """
-        The path to the certificate for the Elasticsearch client to present for communication.
+        The path to the certificate for the Elasticsearch client to present for communication
         """
         return pulumi.get(self, "client_cert")
 
@@ -457,7 +464,7 @@ class SecretBackendConnectionElasticsearch(dict):
     @pulumi.getter(name="clientKey")
     def client_key(self) -> Optional[str]:
         """
-        The path to the key for the Elasticsearch client to use for communication.
+        The path to the key for the Elasticsearch client to use for communication
         """
         return pulumi.get(self, "client_key")
 
@@ -465,7 +472,7 @@ class SecretBackendConnectionElasticsearch(dict):
     @pulumi.getter
     def insecure(self) -> Optional[bool]:
         """
-        Whether to disable certificate verification.
+        Whether to disable certificate verification
         """
         return pulumi.get(self, "insecure")
 
@@ -473,7 +480,7 @@ class SecretBackendConnectionElasticsearch(dict):
     @pulumi.getter(name="tlsServerName")
     def tls_server_name(self) -> Optional[str]:
         """
-        This, if set, is used to set the SNI host when connecting via TLS.
+        This, if set, is used to set the SNI host when connecting via TLS
         """
         return pulumi.get(self, "tls_server_name")
 
@@ -522,19 +529,13 @@ class SecretBackendConnectionHana(dict):
                  password: Optional[str] = None,
                  username: Optional[str] = None):
         """
-        :param str connection_url: A URL containing connection information. See
-               the [Vault
-               docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload)
-               for an example.
-        :param bool disable_escaping: Disable special character escaping in username and password.
-        :param int max_connection_lifetime: The maximum number of seconds to keep
-               a connection alive for.
-        :param int max_idle_connections: The maximum number of idle connections to
-               maintain.
-        :param int max_open_connections: The maximum number of open connections to
-               use.
-        :param str password: The password to authenticate with.
-        :param str username: The username to authenticate with.
+        :param str connection_url: Connection string to use to connect to the database.
+        :param bool disable_escaping: Disable special character escaping in username and password
+        :param int max_connection_lifetime: Maximum number of seconds a connection may be reused.
+        :param int max_idle_connections: Maximum number of idle connections to the database.
+        :param int max_open_connections: Maximum number of open connections to the database.
+        :param str password: The root credential password used in the connection URL
+        :param str username: The root credential username used in the connection URL
         """
         if connection_url is not None:
             pulumi.set(__self__, "connection_url", connection_url)
@@ -555,10 +556,7 @@ class SecretBackendConnectionHana(dict):
     @pulumi.getter(name="connectionUrl")
     def connection_url(self) -> Optional[str]:
         """
-        A URL containing connection information. See
-        the [Vault
-        docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload)
-        for an example.
+        Connection string to use to connect to the database.
         """
         return pulumi.get(self, "connection_url")
 
@@ -566,7 +564,7 @@ class SecretBackendConnectionHana(dict):
     @pulumi.getter(name="disableEscaping")
     def disable_escaping(self) -> Optional[bool]:
         """
-        Disable special character escaping in username and password.
+        Disable special character escaping in username and password
         """
         return pulumi.get(self, "disable_escaping")
 
@@ -574,8 +572,7 @@ class SecretBackendConnectionHana(dict):
     @pulumi.getter(name="maxConnectionLifetime")
     def max_connection_lifetime(self) -> Optional[int]:
         """
-        The maximum number of seconds to keep
-        a connection alive for.
+        Maximum number of seconds a connection may be reused.
         """
         return pulumi.get(self, "max_connection_lifetime")
 
@@ -583,8 +580,7 @@ class SecretBackendConnectionHana(dict):
     @pulumi.getter(name="maxIdleConnections")
     def max_idle_connections(self) -> Optional[int]:
         """
-        The maximum number of idle connections to
-        maintain.
+        Maximum number of idle connections to the database.
         """
         return pulumi.get(self, "max_idle_connections")
 
@@ -592,8 +588,7 @@ class SecretBackendConnectionHana(dict):
     @pulumi.getter(name="maxOpenConnections")
     def max_open_connections(self) -> Optional[int]:
         """
-        The maximum number of open connections to
-        use.
+        Maximum number of open connections to the database.
         """
         return pulumi.get(self, "max_open_connections")
 
@@ -601,7 +596,7 @@ class SecretBackendConnectionHana(dict):
     @pulumi.getter
     def password(self) -> Optional[str]:
         """
-        The password to authenticate with.
+        The root credential password used in the connection URL
         """
         return pulumi.get(self, "password")
 
@@ -609,7 +604,7 @@ class SecretBackendConnectionHana(dict):
     @pulumi.getter
     def username(self) -> Optional[str]:
         """
-        The username to authenticate with.
+        The root credential username used in the connection URL
         """
         return pulumi.get(self, "username")
 
@@ -653,19 +648,15 @@ class SecretBackendConnectionInfluxdb(dict):
                  tls: Optional[bool] = None,
                  username_template: Optional[str] = None):
         """
-        :param str host: The host to connect to.
-        :param str password: The password to authenticate with.
-        :param str username: The username to authenticate with.
-        :param int connect_timeout: The number of seconds to use as a connection
-               timeout.
-        :param bool insecure_tls: Whether to skip verification of the server
-               certificate when using TLS.
-        :param str pem_bundle: Concatenated PEM blocks configuring the certificate
-               chain.
-        :param str pem_json: A JSON structure configuring the certificate chain.
-        :param int port: The default port to connect to if no port is specified as
-               part of the host.
-        :param bool tls: Whether to use TLS when connecting to Cassandra.
+        :param str host: Influxdb host to connect to.
+        :param str password: Specifies the password corresponding to the given username.
+        :param str username: Specifies the username to use for superuser access.
+        :param int connect_timeout: The number of seconds to use as a connection timeout.
+        :param bool insecure_tls: Whether to skip verification of the server certificate when using TLS.
+        :param str pem_bundle: Concatenated PEM blocks containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
+        :param str pem_json: Specifies JSON containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
+        :param int port: The transport port to use to connect to Influxdb.
+        :param bool tls: Whether to use TLS when connecting to Influxdb.
         :param str username_template: Template describing how dynamic usernames are generated.
         """
         pulumi.set(__self__, "host", host)
@@ -690,7 +681,7 @@ class SecretBackendConnectionInfluxdb(dict):
     @pulumi.getter
     def host(self) -> str:
         """
-        The host to connect to.
+        Influxdb host to connect to.
         """
         return pulumi.get(self, "host")
 
@@ -698,7 +689,7 @@ class SecretBackendConnectionInfluxdb(dict):
     @pulumi.getter
     def password(self) -> str:
         """
-        The password to authenticate with.
+        Specifies the password corresponding to the given username.
         """
         return pulumi.get(self, "password")
 
@@ -706,7 +697,7 @@ class SecretBackendConnectionInfluxdb(dict):
     @pulumi.getter
     def username(self) -> str:
         """
-        The username to authenticate with.
+        Specifies the username to use for superuser access.
         """
         return pulumi.get(self, "username")
 
@@ -714,8 +705,7 @@ class SecretBackendConnectionInfluxdb(dict):
     @pulumi.getter(name="connectTimeout")
     def connect_timeout(self) -> Optional[int]:
         """
-        The number of seconds to use as a connection
-        timeout.
+        The number of seconds to use as a connection timeout.
         """
         return pulumi.get(self, "connect_timeout")
 
@@ -723,8 +713,7 @@ class SecretBackendConnectionInfluxdb(dict):
     @pulumi.getter(name="insecureTls")
     def insecure_tls(self) -> Optional[bool]:
         """
-        Whether to skip verification of the server
-        certificate when using TLS.
+        Whether to skip verification of the server certificate when using TLS.
         """
         return pulumi.get(self, "insecure_tls")
 
@@ -732,8 +721,7 @@ class SecretBackendConnectionInfluxdb(dict):
     @pulumi.getter(name="pemBundle")
     def pem_bundle(self) -> Optional[str]:
         """
-        Concatenated PEM blocks configuring the certificate
-        chain.
+        Concatenated PEM blocks containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
         """
         return pulumi.get(self, "pem_bundle")
 
@@ -741,7 +729,7 @@ class SecretBackendConnectionInfluxdb(dict):
     @pulumi.getter(name="pemJson")
     def pem_json(self) -> Optional[str]:
         """
-        A JSON structure configuring the certificate chain.
+        Specifies JSON containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
         """
         return pulumi.get(self, "pem_json")
 
@@ -749,8 +737,7 @@ class SecretBackendConnectionInfluxdb(dict):
     @pulumi.getter
     def port(self) -> Optional[int]:
         """
-        The default port to connect to if no port is specified as
-        part of the host.
+        The transport port to use to connect to Influxdb.
         """
         return pulumi.get(self, "port")
 
@@ -758,7 +745,7 @@ class SecretBackendConnectionInfluxdb(dict):
     @pulumi.getter
     def tls(self) -> Optional[bool]:
         """
-        Whether to use TLS when connecting to Cassandra.
+        Whether to use TLS when connecting to Influxdb.
         """
         return pulumi.get(self, "tls")
 
@@ -807,19 +794,13 @@ class SecretBackendConnectionMongodb(dict):
                  username: Optional[str] = None,
                  username_template: Optional[str] = None):
         """
-        :param str connection_url: A URL containing connection information. See
-               the [Vault
-               docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload)
-               for an example.
-        :param int max_connection_lifetime: The maximum number of seconds to keep
-               a connection alive for.
-        :param int max_idle_connections: The maximum number of idle connections to
-               maintain.
-        :param int max_open_connections: The maximum number of open connections to
-               use.
-        :param str password: The password to authenticate with.
-        :param str username: The username to authenticate with.
-        :param str username_template: Template describing how dynamic usernames are generated.
+        :param str connection_url: Connection string to use to connect to the database.
+        :param int max_connection_lifetime: Maximum number of seconds a connection may be reused.
+        :param int max_idle_connections: Maximum number of idle connections to the database.
+        :param int max_open_connections: Maximum number of open connections to the database.
+        :param str password: The root credential password used in the connection URL
+        :param str username: The root credential username used in the connection URL
+        :param str username_template: Username generation template.
         """
         if connection_url is not None:
             pulumi.set(__self__, "connection_url", connection_url)
@@ -840,10 +821,7 @@ class SecretBackendConnectionMongodb(dict):
     @pulumi.getter(name="connectionUrl")
     def connection_url(self) -> Optional[str]:
         """
-        A URL containing connection information. See
-        the [Vault
-        docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload)
-        for an example.
+        Connection string to use to connect to the database.
         """
         return pulumi.get(self, "connection_url")
 
@@ -851,8 +829,7 @@ class SecretBackendConnectionMongodb(dict):
     @pulumi.getter(name="maxConnectionLifetime")
     def max_connection_lifetime(self) -> Optional[int]:
         """
-        The maximum number of seconds to keep
-        a connection alive for.
+        Maximum number of seconds a connection may be reused.
         """
         return pulumi.get(self, "max_connection_lifetime")
 
@@ -860,8 +837,7 @@ class SecretBackendConnectionMongodb(dict):
     @pulumi.getter(name="maxIdleConnections")
     def max_idle_connections(self) -> Optional[int]:
         """
-        The maximum number of idle connections to
-        maintain.
+        Maximum number of idle connections to the database.
         """
         return pulumi.get(self, "max_idle_connections")
 
@@ -869,8 +845,7 @@ class SecretBackendConnectionMongodb(dict):
     @pulumi.getter(name="maxOpenConnections")
     def max_open_connections(self) -> Optional[int]:
         """
-        The maximum number of open connections to
-        use.
+        Maximum number of open connections to the database.
         """
         return pulumi.get(self, "max_open_connections")
 
@@ -878,7 +853,7 @@ class SecretBackendConnectionMongodb(dict):
     @pulumi.getter
     def password(self) -> Optional[str]:
         """
-        The password to authenticate with.
+        The root credential password used in the connection URL
         """
         return pulumi.get(self, "password")
 
@@ -886,7 +861,7 @@ class SecretBackendConnectionMongodb(dict):
     @pulumi.getter
     def username(self) -> Optional[str]:
         """
-        The username to authenticate with.
+        The root credential username used in the connection URL
         """
         return pulumi.get(self, "username")
 
@@ -894,7 +869,7 @@ class SecretBackendConnectionMongodb(dict):
     @pulumi.getter(name="usernameTemplate")
     def username_template(self) -> Optional[str]:
         """
-        Template describing how dynamic usernames are generated.
+        Username generation template.
         """
         return pulumi.get(self, "username_template")
 
@@ -1002,24 +977,15 @@ class SecretBackendConnectionMssql(dict):
                  username: Optional[str] = None,
                  username_template: Optional[str] = None):
         """
-        :param str connection_url: A URL containing connection information. See
-               the [Vault
-               docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload)
-               for an example.
-        :param bool contained_db: For Vault v1.9+. Set to true when the target is a
-               Contained Database, e.g. AzureSQL.
-               See the [Vault
-               docs](https://www.vaultproject.io/api/secret/databases/mssql#contained_db)
-        :param bool disable_escaping: Disable special character escaping in username and password.
-        :param int max_connection_lifetime: The maximum number of seconds to keep
-               a connection alive for.
-        :param int max_idle_connections: The maximum number of idle connections to
-               maintain.
-        :param int max_open_connections: The maximum number of open connections to
-               use.
-        :param str password: The password to authenticate with.
-        :param str username: The username to authenticate with.
-        :param str username_template: Template describing how dynamic usernames are generated.
+        :param str connection_url: Connection string to use to connect to the database.
+        :param bool contained_db: Set to true when the target is a Contained Database, e.g. AzureSQL.
+        :param bool disable_escaping: Disable special character escaping in username and password
+        :param int max_connection_lifetime: Maximum number of seconds a connection may be reused.
+        :param int max_idle_connections: Maximum number of idle connections to the database.
+        :param int max_open_connections: Maximum number of open connections to the database.
+        :param str password: The root credential password used in the connection URL
+        :param str username: The root credential username used in the connection URL
+        :param str username_template: Username generation template.
         """
         if connection_url is not None:
             pulumi.set(__self__, "connection_url", connection_url)
@@ -1044,10 +1010,7 @@ class SecretBackendConnectionMssql(dict):
     @pulumi.getter(name="connectionUrl")
     def connection_url(self) -> Optional[str]:
         """
-        A URL containing connection information. See
-        the [Vault
-        docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload)
-        for an example.
+        Connection string to use to connect to the database.
         """
         return pulumi.get(self, "connection_url")
 
@@ -1055,10 +1018,7 @@ class SecretBackendConnectionMssql(dict):
     @pulumi.getter(name="containedDb")
     def contained_db(self) -> Optional[bool]:
         """
-        For Vault v1.9+. Set to true when the target is a
-        Contained Database, e.g. AzureSQL.
-        See the [Vault
-        docs](https://www.vaultproject.io/api/secret/databases/mssql#contained_db)
+        Set to true when the target is a Contained Database, e.g. AzureSQL.
         """
         return pulumi.get(self, "contained_db")
 
@@ -1066,7 +1026,7 @@ class SecretBackendConnectionMssql(dict):
     @pulumi.getter(name="disableEscaping")
     def disable_escaping(self) -> Optional[bool]:
         """
-        Disable special character escaping in username and password.
+        Disable special character escaping in username and password
         """
         return pulumi.get(self, "disable_escaping")
 
@@ -1074,8 +1034,7 @@ class SecretBackendConnectionMssql(dict):
     @pulumi.getter(name="maxConnectionLifetime")
     def max_connection_lifetime(self) -> Optional[int]:
         """
-        The maximum number of seconds to keep
-        a connection alive for.
+        Maximum number of seconds a connection may be reused.
         """
         return pulumi.get(self, "max_connection_lifetime")
 
@@ -1083,8 +1042,7 @@ class SecretBackendConnectionMssql(dict):
     @pulumi.getter(name="maxIdleConnections")
     def max_idle_connections(self) -> Optional[int]:
         """
-        The maximum number of idle connections to
-        maintain.
+        Maximum number of idle connections to the database.
         """
         return pulumi.get(self, "max_idle_connections")
 
@@ -1092,8 +1050,7 @@ class SecretBackendConnectionMssql(dict):
     @pulumi.getter(name="maxOpenConnections")
     def max_open_connections(self) -> Optional[int]:
         """
-        The maximum number of open connections to
-        use.
+        Maximum number of open connections to the database.
         """
         return pulumi.get(self, "max_open_connections")
 
@@ -1101,7 +1058,7 @@ class SecretBackendConnectionMssql(dict):
     @pulumi.getter
     def password(self) -> Optional[str]:
         """
-        The password to authenticate with.
+        The root credential password used in the connection URL
         """
         return pulumi.get(self, "password")
 
@@ -1109,7 +1066,7 @@ class SecretBackendConnectionMssql(dict):
     @pulumi.getter
     def username(self) -> Optional[str]:
         """
-        The username to authenticate with.
+        The root credential username used in the connection URL
         """
         return pulumi.get(self, "username")
 
@@ -1117,7 +1074,7 @@ class SecretBackendConnectionMssql(dict):
     @pulumi.getter(name="usernameTemplate")
     def username_template(self) -> Optional[str]:
         """
-        Template describing how dynamic usernames are generated.
+        Username generation template.
         """
         return pulumi.get(self, "username_template")
 
@@ -1170,23 +1127,17 @@ class SecretBackendConnectionMysql(dict):
                  username: Optional[str] = None,
                  username_template: Optional[str] = None):
         """
-        :param str auth_type: Enable IAM authentication to a Google Cloud instance when set to `gcp_iam`
-        :param str connection_url: A URL containing connection information. See
-               the [Vault
-               docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload)
-               for an example.
-        :param int max_connection_lifetime: The maximum number of seconds to keep
-               a connection alive for.
-        :param int max_idle_connections: The maximum number of idle connections to
-               maintain.
-        :param int max_open_connections: The maximum number of open connections to
-               use.
-        :param str password: The password to authenticate with.
-        :param str service_account_json: JSON encoding of an IAM access key. Requires `auth_type` to be `gcp_iam`.
+        :param str auth_type: Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
+        :param str connection_url: Connection string to use to connect to the database.
+        :param int max_connection_lifetime: Maximum number of seconds a connection may be reused.
+        :param int max_idle_connections: Maximum number of idle connections to the database.
+        :param int max_open_connections: Maximum number of open connections to the database.
+        :param str password: The root credential password used in the connection URL
+        :param str service_account_json: A JSON encoded credential for use with IAM authorization
         :param str tls_ca: x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
         :param str tls_certificate_key: x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
-        :param str username: The username to authenticate with.
-        :param str username_template: Template describing how dynamic usernames are generated.
+        :param str username: The root credential username used in the connection URL
+        :param str username_template: Username generation template.
         """
         if auth_type is not None:
             pulumi.set(__self__, "auth_type", auth_type)
@@ -1215,7 +1166,7 @@ class SecretBackendConnectionMysql(dict):
     @pulumi.getter(name="authType")
     def auth_type(self) -> Optional[str]:
         """
-        Enable IAM authentication to a Google Cloud instance when set to `gcp_iam`
+        Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
         """
         return pulumi.get(self, "auth_type")
 
@@ -1223,10 +1174,7 @@ class SecretBackendConnectionMysql(dict):
     @pulumi.getter(name="connectionUrl")
     def connection_url(self) -> Optional[str]:
         """
-        A URL containing connection information. See
-        the [Vault
-        docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload)
-        for an example.
+        Connection string to use to connect to the database.
         """
         return pulumi.get(self, "connection_url")
 
@@ -1234,8 +1182,7 @@ class SecretBackendConnectionMysql(dict):
     @pulumi.getter(name="maxConnectionLifetime")
     def max_connection_lifetime(self) -> Optional[int]:
         """
-        The maximum number of seconds to keep
-        a connection alive for.
+        Maximum number of seconds a connection may be reused.
         """
         return pulumi.get(self, "max_connection_lifetime")
 
@@ -1243,8 +1190,7 @@ class SecretBackendConnectionMysql(dict):
     @pulumi.getter(name="maxIdleConnections")
     def max_idle_connections(self) -> Optional[int]:
         """
-        The maximum number of idle connections to
-        maintain.
+        Maximum number of idle connections to the database.
         """
         return pulumi.get(self, "max_idle_connections")
 
@@ -1252,8 +1198,7 @@ class SecretBackendConnectionMysql(dict):
     @pulumi.getter(name="maxOpenConnections")
     def max_open_connections(self) -> Optional[int]:
         """
-        The maximum number of open connections to
-        use.
+        Maximum number of open connections to the database.
         """
         return pulumi.get(self, "max_open_connections")
 
@@ -1261,7 +1206,7 @@ class SecretBackendConnectionMysql(dict):
     @pulumi.getter
     def password(self) -> Optional[str]:
         """
-        The password to authenticate with.
+        The root credential password used in the connection URL
         """
         return pulumi.get(self, "password")
 
@@ -1269,7 +1214,7 @@ class SecretBackendConnectionMysql(dict):
     @pulumi.getter(name="serviceAccountJson")
     def service_account_json(self) -> Optional[str]:
         """
-        JSON encoding of an IAM access key. Requires `auth_type` to be `gcp_iam`.
+        A JSON encoded credential for use with IAM authorization
         """
         return pulumi.get(self, "service_account_json")
 
@@ -1293,7 +1238,7 @@ class SecretBackendConnectionMysql(dict):
     @pulumi.getter
     def username(self) -> Optional[str]:
         """
-        The username to authenticate with.
+        The root credential username used in the connection URL
         """
         return pulumi.get(self, "username")
 
@@ -1301,7 +1246,7 @@ class SecretBackendConnectionMysql(dict):
     @pulumi.getter(name="usernameTemplate")
     def username_template(self) -> Optional[str]:
         """
-        Template describing how dynamic usernames are generated.
+        Username generation template.
         """
         return pulumi.get(self, "username_template")
 
@@ -1354,23 +1299,17 @@ class SecretBackendConnectionMysqlAurora(dict):
                  username: Optional[str] = None,
                  username_template: Optional[str] = None):
         """
-        :param str auth_type: Enable IAM authentication to a Google Cloud instance when set to `gcp_iam`
-        :param str connection_url: A URL containing connection information. See
-               the [Vault
-               docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload)
-               for an example.
-        :param int max_connection_lifetime: The maximum number of seconds to keep
-               a connection alive for.
-        :param int max_idle_connections: The maximum number of idle connections to
-               maintain.
-        :param int max_open_connections: The maximum number of open connections to
-               use.
-        :param str password: The password to authenticate with.
-        :param str service_account_json: JSON encoding of an IAM access key. Requires `auth_type` to be `gcp_iam`.
+        :param str auth_type: Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
+        :param str connection_url: Connection string to use to connect to the database.
+        :param int max_connection_lifetime: Maximum number of seconds a connection may be reused.
+        :param int max_idle_connections: Maximum number of idle connections to the database.
+        :param int max_open_connections: Maximum number of open connections to the database.
+        :param str password: The root credential password used in the connection URL
+        :param str service_account_json: A JSON encoded credential for use with IAM authorization
         :param str tls_ca: x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
         :param str tls_certificate_key: x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
-        :param str username: The username to authenticate with.
-        :param str username_template: Template describing how dynamic usernames are generated.
+        :param str username: The root credential username used in the connection URL
+        :param str username_template: Username generation template.
         """
         if auth_type is not None:
             pulumi.set(__self__, "auth_type", auth_type)
@@ -1399,7 +1338,7 @@ class SecretBackendConnectionMysqlAurora(dict):
     @pulumi.getter(name="authType")
     def auth_type(self) -> Optional[str]:
         """
-        Enable IAM authentication to a Google Cloud instance when set to `gcp_iam`
+        Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
         """
         return pulumi.get(self, "auth_type")
 
@@ -1407,10 +1346,7 @@ class SecretBackendConnectionMysqlAurora(dict):
     @pulumi.getter(name="connectionUrl")
     def connection_url(self) -> Optional[str]:
         """
-        A URL containing connection information. See
-        the [Vault
-        docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload)
-        for an example.
+        Connection string to use to connect to the database.
         """
         return pulumi.get(self, "connection_url")
 
@@ -1418,8 +1354,7 @@ class SecretBackendConnectionMysqlAurora(dict):
     @pulumi.getter(name="maxConnectionLifetime")
     def max_connection_lifetime(self) -> Optional[int]:
         """
-        The maximum number of seconds to keep
-        a connection alive for.
+        Maximum number of seconds a connection may be reused.
         """
         return pulumi.get(self, "max_connection_lifetime")
 
@@ -1427,8 +1362,7 @@ class SecretBackendConnectionMysqlAurora(dict):
     @pulumi.getter(name="maxIdleConnections")
     def max_idle_connections(self) -> Optional[int]:
         """
-        The maximum number of idle connections to
-        maintain.
+        Maximum number of idle connections to the database.
         """
         return pulumi.get(self, "max_idle_connections")
 
@@ -1436,8 +1370,7 @@ class SecretBackendConnectionMysqlAurora(dict):
     @pulumi.getter(name="maxOpenConnections")
     def max_open_connections(self) -> Optional[int]:
         """
-        The maximum number of open connections to
-        use.
+        Maximum number of open connections to the database.
         """
         return pulumi.get(self, "max_open_connections")
 
@@ -1445,7 +1378,7 @@ class SecretBackendConnectionMysqlAurora(dict):
     @pulumi.getter
     def password(self) -> Optional[str]:
         """
-        The password to authenticate with.
+        The root credential password used in the connection URL
         """
         return pulumi.get(self, "password")
 
@@ -1453,7 +1386,7 @@ class SecretBackendConnectionMysqlAurora(dict):
     @pulumi.getter(name="serviceAccountJson")
     def service_account_json(self) -> Optional[str]:
         """
-        JSON encoding of an IAM access key. Requires `auth_type` to be `gcp_iam`.
+        A JSON encoded credential for use with IAM authorization
         """
         return pulumi.get(self, "service_account_json")
 
@@ -1477,7 +1410,7 @@ class SecretBackendConnectionMysqlAurora(dict):
     @pulumi.getter
     def username(self) -> Optional[str]:
         """
-        The username to authenticate with.
+        The root credential username used in the connection URL
         """
         return pulumi.get(self, "username")
 
@@ -1485,7 +1418,7 @@ class SecretBackendConnectionMysqlAurora(dict):
     @pulumi.getter(name="usernameTemplate")
     def username_template(self) -> Optional[str]:
         """
-        Template describing how dynamic usernames are generated.
+        Username generation template.
         """
         return pulumi.get(self, "username_template")
 
@@ -1538,23 +1471,17 @@ class SecretBackendConnectionMysqlLegacy(dict):
                  username: Optional[str] = None,
                  username_template: Optional[str] = None):
         """
-        :param str auth_type: Enable IAM authentication to a Google Cloud instance when set to `gcp_iam`
-        :param str connection_url: A URL containing connection information. See
-               the [Vault
-               docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload)
-               for an example.
-        :param int max_connection_lifetime: The maximum number of seconds to keep
-               a connection alive for.
-        :param int max_idle_connections: The maximum number of idle connections to
-               maintain.
-        :param int max_open_connections: The maximum number of open connections to
-               use.
-        :param str password: The password to authenticate with.
-        :param str service_account_json: JSON encoding of an IAM access key. Requires `auth_type` to be `gcp_iam`.
+        :param str auth_type: Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
+        :param str connection_url: Connection string to use to connect to the database.
+        :param int max_connection_lifetime: Maximum number of seconds a connection may be reused.
+        :param int max_idle_connections: Maximum number of idle connections to the database.
+        :param int max_open_connections: Maximum number of open connections to the database.
+        :param str password: The root credential password used in the connection URL
+        :param str service_account_json: A JSON encoded credential for use with IAM authorization
         :param str tls_ca: x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
         :param str tls_certificate_key: x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
-        :param str username: The username to authenticate with.
-        :param str username_template: Template describing how dynamic usernames are generated.
+        :param str username: The root credential username used in the connection URL
+        :param str username_template: Username generation template.
         """
         if auth_type is not None:
             pulumi.set(__self__, "auth_type", auth_type)
@@ -1583,7 +1510,7 @@ class SecretBackendConnectionMysqlLegacy(dict):
     @pulumi.getter(name="authType")
     def auth_type(self) -> Optional[str]:
         """
-        Enable IAM authentication to a Google Cloud instance when set to `gcp_iam`
+        Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
         """
         return pulumi.get(self, "auth_type")
 
@@ -1591,10 +1518,7 @@ class SecretBackendConnectionMysqlLegacy(dict):
     @pulumi.getter(name="connectionUrl")
     def connection_url(self) -> Optional[str]:
         """
-        A URL containing connection information. See
-        the [Vault
-        docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload)
-        for an example.
+        Connection string to use to connect to the database.
         """
         return pulumi.get(self, "connection_url")
 
@@ -1602,8 +1526,7 @@ class SecretBackendConnectionMysqlLegacy(dict):
     @pulumi.getter(name="maxConnectionLifetime")
     def max_connection_lifetime(self) -> Optional[int]:
         """
-        The maximum number of seconds to keep
-        a connection alive for.
+        Maximum number of seconds a connection may be reused.
         """
         return pulumi.get(self, "max_connection_lifetime")
 
@@ -1611,8 +1534,7 @@ class SecretBackendConnectionMysqlLegacy(dict):
     @pulumi.getter(name="maxIdleConnections")
     def max_idle_connections(self) -> Optional[int]:
         """
-        The maximum number of idle connections to
-        maintain.
+        Maximum number of idle connections to the database.
         """
         return pulumi.get(self, "max_idle_connections")
 
@@ -1620,8 +1542,7 @@ class SecretBackendConnectionMysqlLegacy(dict):
     @pulumi.getter(name="maxOpenConnections")
     def max_open_connections(self) -> Optional[int]:
         """
-        The maximum number of open connections to
-        use.
+        Maximum number of open connections to the database.
         """
         return pulumi.get(self, "max_open_connections")
 
@@ -1629,7 +1550,7 @@ class SecretBackendConnectionMysqlLegacy(dict):
     @pulumi.getter
     def password(self) -> Optional[str]:
         """
-        The password to authenticate with.
+        The root credential password used in the connection URL
         """
         return pulumi.get(self, "password")
 
@@ -1637,7 +1558,7 @@ class SecretBackendConnectionMysqlLegacy(dict):
     @pulumi.getter(name="serviceAccountJson")
     def service_account_json(self) -> Optional[str]:
         """
-        JSON encoding of an IAM access key. Requires `auth_type` to be `gcp_iam`.
+        A JSON encoded credential for use with IAM authorization
         """
         return pulumi.get(self, "service_account_json")
 
@@ -1661,7 +1582,7 @@ class SecretBackendConnectionMysqlLegacy(dict):
     @pulumi.getter
     def username(self) -> Optional[str]:
         """
-        The username to authenticate with.
+        The root credential username used in the connection URL
         """
         return pulumi.get(self, "username")
 
@@ -1669,7 +1590,7 @@ class SecretBackendConnectionMysqlLegacy(dict):
     @pulumi.getter(name="usernameTemplate")
     def username_template(self) -> Optional[str]:
         """
-        Template describing how dynamic usernames are generated.
+        Username generation template.
         """
         return pulumi.get(self, "username_template")
 
@@ -1722,23 +1643,17 @@ class SecretBackendConnectionMysqlRds(dict):
                  username: Optional[str] = None,
                  username_template: Optional[str] = None):
         """
-        :param str auth_type: Enable IAM authentication to a Google Cloud instance when set to `gcp_iam`
-        :param str connection_url: A URL containing connection information. See
-               the [Vault
-               docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload)
-               for an example.
-        :param int max_connection_lifetime: The maximum number of seconds to keep
-               a connection alive for.
-        :param int max_idle_connections: The maximum number of idle connections to
-               maintain.
-        :param int max_open_connections: The maximum number of open connections to
-               use.
-        :param str password: The password to authenticate with.
-        :param str service_account_json: JSON encoding of an IAM access key. Requires `auth_type` to be `gcp_iam`.
+        :param str auth_type: Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
+        :param str connection_url: Connection string to use to connect to the database.
+        :param int max_connection_lifetime: Maximum number of seconds a connection may be reused.
+        :param int max_idle_connections: Maximum number of idle connections to the database.
+        :param int max_open_connections: Maximum number of open connections to the database.
+        :param str password: The root credential password used in the connection URL
+        :param str service_account_json: A JSON encoded credential for use with IAM authorization
         :param str tls_ca: x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
         :param str tls_certificate_key: x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
-        :param str username: The username to authenticate with.
-        :param str username_template: Template describing how dynamic usernames are generated.
+        :param str username: The root credential username used in the connection URL
+        :param str username_template: Username generation template.
         """
         if auth_type is not None:
             pulumi.set(__self__, "auth_type", auth_type)
@@ -1767,7 +1682,7 @@ class SecretBackendConnectionMysqlRds(dict):
     @pulumi.getter(name="authType")
     def auth_type(self) -> Optional[str]:
         """
-        Enable IAM authentication to a Google Cloud instance when set to `gcp_iam`
+        Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
         """
         return pulumi.get(self, "auth_type")
 
@@ -1775,10 +1690,7 @@ class SecretBackendConnectionMysqlRds(dict):
     @pulumi.getter(name="connectionUrl")
     def connection_url(self) -> Optional[str]:
         """
-        A URL containing connection information. See
-        the [Vault
-        docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload)
-        for an example.
+        Connection string to use to connect to the database.
         """
         return pulumi.get(self, "connection_url")
 
@@ -1786,8 +1698,7 @@ class SecretBackendConnectionMysqlRds(dict):
     @pulumi.getter(name="maxConnectionLifetime")
     def max_connection_lifetime(self) -> Optional[int]:
         """
-        The maximum number of seconds to keep
-        a connection alive for.
+        Maximum number of seconds a connection may be reused.
         """
         return pulumi.get(self, "max_connection_lifetime")
 
@@ -1795,8 +1706,7 @@ class SecretBackendConnectionMysqlRds(dict):
     @pulumi.getter(name="maxIdleConnections")
     def max_idle_connections(self) -> Optional[int]:
         """
-        The maximum number of idle connections to
-        maintain.
+        Maximum number of idle connections to the database.
         """
         return pulumi.get(self, "max_idle_connections")
 
@@ -1804,8 +1714,7 @@ class SecretBackendConnectionMysqlRds(dict):
     @pulumi.getter(name="maxOpenConnections")
     def max_open_connections(self) -> Optional[int]:
         """
-        The maximum number of open connections to
-        use.
+        Maximum number of open connections to the database.
         """
         return pulumi.get(self, "max_open_connections")
 
@@ -1813,7 +1722,7 @@ class SecretBackendConnectionMysqlRds(dict):
     @pulumi.getter
     def password(self) -> Optional[str]:
         """
-        The password to authenticate with.
+        The root credential password used in the connection URL
         """
         return pulumi.get(self, "password")
 
@@ -1821,7 +1730,7 @@ class SecretBackendConnectionMysqlRds(dict):
     @pulumi.getter(name="serviceAccountJson")
     def service_account_json(self) -> Optional[str]:
         """
-        JSON encoding of an IAM access key. Requires `auth_type` to be `gcp_iam`.
+        A JSON encoded credential for use with IAM authorization
         """
         return pulumi.get(self, "service_account_json")
 
@@ -1845,7 +1754,7 @@ class SecretBackendConnectionMysqlRds(dict):
     @pulumi.getter
     def username(self) -> Optional[str]:
         """
-        The username to authenticate with.
+        The root credential username used in the connection URL
         """
         return pulumi.get(self, "username")
 
@@ -1853,7 +1762,7 @@ class SecretBackendConnectionMysqlRds(dict):
     @pulumi.getter(name="usernameTemplate")
     def username_template(self) -> Optional[str]:
         """
-        Template describing how dynamic usernames are generated.
+        Username generation template.
         """
         return pulumi.get(self, "username_template")
 
@@ -1900,21 +1809,15 @@ class SecretBackendConnectionOracle(dict):
                  username: Optional[str] = None,
                  username_template: Optional[str] = None):
         """
-        :param str connection_url: A URL containing connection information. See
-               the [Vault
-               docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload)
-               for an example.
-        :param bool disconnect_sessions: Enable the built-in session disconnect mechanism.
-        :param int max_connection_lifetime: The maximum number of seconds to keep
-               a connection alive for.
-        :param int max_idle_connections: The maximum number of idle connections to
-               maintain.
-        :param int max_open_connections: The maximum number of open connections to
-               use.
-        :param str password: The password to authenticate with.
-        :param bool split_statements: Enable spliting statements after semi-colons.
-        :param str username: The username to authenticate with.
-        :param str username_template: Template describing how dynamic usernames are generated.
+        :param str connection_url: Connection string to use to connect to the database.
+        :param bool disconnect_sessions: Set to true to disconnect any open sessions prior to running the revocation statements.
+        :param int max_connection_lifetime: Maximum number of seconds a connection may be reused.
+        :param int max_idle_connections: Maximum number of idle connections to the database.
+        :param int max_open_connections: Maximum number of open connections to the database.
+        :param str password: The root credential password used in the connection URL
+        :param bool split_statements: Set to true in order to split statements after semi-colons.
+        :param str username: The root credential username used in the connection URL
+        :param str username_template: Username generation template.
         """
         if connection_url is not None:
             pulumi.set(__self__, "connection_url", connection_url)
@@ -1939,10 +1842,7 @@ class SecretBackendConnectionOracle(dict):
     @pulumi.getter(name="connectionUrl")
     def connection_url(self) -> Optional[str]:
         """
-        A URL containing connection information. See
-        the [Vault
-        docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload)
-        for an example.
+        Connection string to use to connect to the database.
         """
         return pulumi.get(self, "connection_url")
 
@@ -1950,7 +1850,7 @@ class SecretBackendConnectionOracle(dict):
     @pulumi.getter(name="disconnectSessions")
     def disconnect_sessions(self) -> Optional[bool]:
         """
-        Enable the built-in session disconnect mechanism.
+        Set to true to disconnect any open sessions prior to running the revocation statements.
         """
         return pulumi.get(self, "disconnect_sessions")
 
@@ -1958,8 +1858,7 @@ class SecretBackendConnectionOracle(dict):
     @pulumi.getter(name="maxConnectionLifetime")
     def max_connection_lifetime(self) -> Optional[int]:
         """
-        The maximum number of seconds to keep
-        a connection alive for.
+        Maximum number of seconds a connection may be reused.
         """
         return pulumi.get(self, "max_connection_lifetime")
 
@@ -1967,8 +1866,7 @@ class SecretBackendConnectionOracle(dict):
     @pulumi.getter(name="maxIdleConnections")
     def max_idle_connections(self) -> Optional[int]:
         """
-        The maximum number of idle connections to
-        maintain.
+        Maximum number of idle connections to the database.
         """
         return pulumi.get(self, "max_idle_connections")
 
@@ -1976,8 +1874,7 @@ class SecretBackendConnectionOracle(dict):
     @pulumi.getter(name="maxOpenConnections")
     def max_open_connections(self) -> Optional[int]:
         """
-        The maximum number of open connections to
-        use.
+        Maximum number of open connections to the database.
         """
         return pulumi.get(self, "max_open_connections")
 
@@ -1985,7 +1882,7 @@ class SecretBackendConnectionOracle(dict):
     @pulumi.getter
     def password(self) -> Optional[str]:
         """
-        The password to authenticate with.
+        The root credential password used in the connection URL
         """
         return pulumi.get(self, "password")
 
@@ -1993,7 +1890,7 @@ class SecretBackendConnectionOracle(dict):
     @pulumi.getter(name="splitStatements")
     def split_statements(self) -> Optional[bool]:
         """
-        Enable spliting statements after semi-colons.
+        Set to true in order to split statements after semi-colons.
         """
         return pulumi.get(self, "split_statements")
 
@@ -2001,7 +1898,7 @@ class SecretBackendConnectionOracle(dict):
     @pulumi.getter
     def username(self) -> Optional[str]:
         """
-        The username to authenticate with.
+        The root credential username used in the connection URL
         """
         return pulumi.get(self, "username")
 
@@ -2009,7 +1906,7 @@ class SecretBackendConnectionOracle(dict):
     @pulumi.getter(name="usernameTemplate")
     def username_template(self) -> Optional[str]:
         """
-        Template describing how dynamic usernames are generated.
+        Username generation template.
         """
         return pulumi.get(self, "username_template")
 
@@ -2031,8 +1928,18 @@ class SecretBackendConnectionPostgresql(dict):
             suggest = "max_idle_connections"
         elif key == "maxOpenConnections":
             suggest = "max_open_connections"
+        elif key == "passwordAuthentication":
+            suggest = "password_authentication"
+        elif key == "privateKey":
+            suggest = "private_key"
+        elif key == "selfManaged":
+            suggest = "self_managed"
         elif key == "serviceAccountJson":
             suggest = "service_account_json"
+        elif key == "tlsCa":
+            suggest = "tls_ca"
+        elif key == "tlsCertificate":
+            suggest = "tls_certificate"
         elif key == "usernameTemplate":
             suggest = "username_template"
 
@@ -2055,26 +1962,30 @@ class SecretBackendConnectionPostgresql(dict):
                  max_idle_connections: Optional[int] = None,
                  max_open_connections: Optional[int] = None,
                  password: Optional[str] = None,
+                 password_authentication: Optional[str] = None,
+                 private_key: Optional[str] = None,
+                 self_managed: Optional[bool] = None,
                  service_account_json: Optional[str] = None,
+                 tls_ca: Optional[str] = None,
+                 tls_certificate: Optional[str] = None,
                  username: Optional[str] = None,
                  username_template: Optional[str] = None):
         """
-        :param str auth_type: Enable IAM authentication to a Google Cloud instance when set to `gcp_iam`
-        :param str connection_url: A URL containing connection information. See
-               the [Vault
-               docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload)
-               for an example.
-        :param bool disable_escaping: Disable special character escaping in username and password.
-        :param int max_connection_lifetime: The maximum number of seconds to keep
-               a connection alive for.
-        :param int max_idle_connections: The maximum number of idle connections to
-               maintain.
-        :param int max_open_connections: The maximum number of open connections to
-               use.
-        :param str password: The password to authenticate with.
-        :param str service_account_json: JSON encoding of an IAM access key. Requires `auth_type` to be `gcp_iam`.
-        :param str username: The username to authenticate with.
-        :param str username_template: Template describing how dynamic usernames are generated.
+        :param str auth_type: Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
+        :param str connection_url: Connection string to use to connect to the database.
+        :param bool disable_escaping: Disable special character escaping in username and password
+        :param int max_connection_lifetime: Maximum number of seconds a connection may be reused.
+        :param int max_idle_connections: Maximum number of idle connections to the database.
+        :param int max_open_connections: Maximum number of open connections to the database.
+        :param str password: The root credential password used in the connection URL
+        :param str password_authentication: When set to `scram-sha-256`, passwords will be hashed by Vault before being sent to PostgreSQL.
+        :param str private_key: The secret key used for the x509 client certificate. Must be PEM encoded.
+        :param bool self_managed: If set, allows onboarding static roles with a rootless connection configuration.
+        :param str service_account_json: A JSON encoded credential for use with IAM authorization
+        :param str tls_ca: The x509 CA file for validating the certificate presented by the PostgreSQL server. Must be PEM encoded.
+        :param str tls_certificate: The x509 client certificate for connecting to the database. Must be PEM encoded.
+        :param str username: The root credential username used in the connection URL
+        :param str username_template: Username generation template.
         """
         if auth_type is not None:
             pulumi.set(__self__, "auth_type", auth_type)
@@ -2090,8 +2001,18 @@ class SecretBackendConnectionPostgresql(dict):
             pulumi.set(__self__, "max_open_connections", max_open_connections)
         if password is not None:
             pulumi.set(__self__, "password", password)
+        if password_authentication is not None:
+            pulumi.set(__self__, "password_authentication", password_authentication)
+        if private_key is not None:
+            pulumi.set(__self__, "private_key", private_key)
+        if self_managed is not None:
+            pulumi.set(__self__, "self_managed", self_managed)
         if service_account_json is not None:
             pulumi.set(__self__, "service_account_json", service_account_json)
+        if tls_ca is not None:
+            pulumi.set(__self__, "tls_ca", tls_ca)
+        if tls_certificate is not None:
+            pulumi.set(__self__, "tls_certificate", tls_certificate)
         if username is not None:
             pulumi.set(__self__, "username", username)
         if username_template is not None:
@@ -2101,7 +2022,7 @@ class SecretBackendConnectionPostgresql(dict):
     @pulumi.getter(name="authType")
     def auth_type(self) -> Optional[str]:
         """
-        Enable IAM authentication to a Google Cloud instance when set to `gcp_iam`
+        Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
         """
         return pulumi.get(self, "auth_type")
 
@@ -2109,10 +2030,7 @@ class SecretBackendConnectionPostgresql(dict):
     @pulumi.getter(name="connectionUrl")
     def connection_url(self) -> Optional[str]:
         """
-        A URL containing connection information. See
-        the [Vault
-        docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload)
-        for an example.
+        Connection string to use to connect to the database.
         """
         return pulumi.get(self, "connection_url")
 
@@ -2120,7 +2038,7 @@ class SecretBackendConnectionPostgresql(dict):
     @pulumi.getter(name="disableEscaping")
     def disable_escaping(self) -> Optional[bool]:
         """
-        Disable special character escaping in username and password.
+        Disable special character escaping in username and password
         """
         return pulumi.get(self, "disable_escaping")
 
@@ -2128,8 +2046,7 @@ class SecretBackendConnectionPostgresql(dict):
     @pulumi.getter(name="maxConnectionLifetime")
     def max_connection_lifetime(self) -> Optional[int]:
         """
-        The maximum number of seconds to keep
-        a connection alive for.
+        Maximum number of seconds a connection may be reused.
         """
         return pulumi.get(self, "max_connection_lifetime")
 
@@ -2137,8 +2054,7 @@ class SecretBackendConnectionPostgresql(dict):
     @pulumi.getter(name="maxIdleConnections")
     def max_idle_connections(self) -> Optional[int]:
         """
-        The maximum number of idle connections to
-        maintain.
+        Maximum number of idle connections to the database.
         """
         return pulumi.get(self, "max_idle_connections")
 
@@ -2146,8 +2062,7 @@ class SecretBackendConnectionPostgresql(dict):
     @pulumi.getter(name="maxOpenConnections")
     def max_open_connections(self) -> Optional[int]:
         """
-        The maximum number of open connections to
-        use.
+        Maximum number of open connections to the database.
         """
         return pulumi.get(self, "max_open_connections")
 
@@ -2155,23 +2070,63 @@ class SecretBackendConnectionPostgresql(dict):
     @pulumi.getter
     def password(self) -> Optional[str]:
         """
-        The password to authenticate with.
+        The root credential password used in the connection URL
         """
         return pulumi.get(self, "password")
 
+    @property
+    @pulumi.getter(name="passwordAuthentication")
+    def password_authentication(self) -> Optional[str]:
+        """
+        When set to `scram-sha-256`, passwords will be hashed by Vault before being sent to PostgreSQL.
+        """
+        return pulumi.get(self, "password_authentication")
+
+    @property
+    @pulumi.getter(name="privateKey")
+    def private_key(self) -> Optional[str]:
+        """
+        The secret key used for the x509 client certificate. Must be PEM encoded.
+        """
+        return pulumi.get(self, "private_key")
+
+    @property
+    @pulumi.getter(name="selfManaged")
+    def self_managed(self) -> Optional[bool]:
+        """
+        If set, allows onboarding static roles with a rootless connection configuration.
+        """
+        return pulumi.get(self, "self_managed")
+
     @property
     @pulumi.getter(name="serviceAccountJson")
     def service_account_json(self) -> Optional[str]:
         """
-        JSON encoding of an IAM access key. Requires `auth_type` to be `gcp_iam`.
+        A JSON encoded credential for use with IAM authorization
         """
         return pulumi.get(self, "service_account_json")
 
+    @property
+    @pulumi.getter(name="tlsCa")
+    def tls_ca(self) -> Optional[str]:
+        """
+        The x509 CA file for validating the certificate presented by the PostgreSQL server. Must be PEM encoded.
+        """
+        return pulumi.get(self, "tls_ca")
+
+    @property
+    @pulumi.getter(name="tlsCertificate")
+    def tls_certificate(self) -> Optional[str]:
+        """
+        The x509 client certificate for connecting to the database. Must be PEM encoded.
+        """
+        return pulumi.get(self, "tls_certificate")
+
     @property
     @pulumi.getter
     def username(self) -> Optional[str]:
         """
-        The username to authenticate with.
+        The root credential username used in the connection URL
         """
         return pulumi.get(self, "username")
 
@@ -2179,7 +2134,7 @@ class SecretBackendConnectionPostgresql(dict):
     @pulumi.getter(name="usernameTemplate")
     def username_template(self) -> Optional[str]:
         """
-        Template describing how dynamic usernames are generated.
+        Username generation template.
         """
         return pulumi.get(self, "username_template")
 
@@ -2214,15 +2169,13 @@ class SecretBackendConnectionRedis(dict):
                  port: Optional[int] = None,
                  tls: Optional[bool] = None):
         """
-        :param str host: The host to connect to.
-        :param str password: The password to authenticate with.
-        :param str username: The username to authenticate with.
-        :param str ca_cert: The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity.
-        :param bool insecure_tls: Whether to skip verification of the server
-               certificate when using TLS.
-        :param int port: The default port to connect to if no port is specified as
-               part of the host.
-        :param bool tls: Whether to use TLS when connecting to Cassandra.
+        :param str host: Specifies the host to connect to
+        :param str password: Specifies the password corresponding to the given username.
+        :param str username: Specifies the username for Vault to use.
+        :param str ca_cert: The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity.
+        :param bool insecure_tls: Specifies whether to skip verification of the server certificate when using TLS.
+        :param int port: The transport port to use to connect to Redis.
+        :param bool tls: Specifies whether to use TLS when connecting to Redis.
         """
         pulumi.set(__self__, "host", host)
         pulumi.set(__self__, "password", password)
@@ -2240,7 +2193,7 @@ class SecretBackendConnectionRedis(dict):
     @pulumi.getter
     def host(self) -> str:
         """
-        The host to connect to.
+        Specifies the host to connect to
         """
         return pulumi.get(self, "host")
 
@@ -2248,7 +2201,7 @@ class SecretBackendConnectionRedis(dict):
     @pulumi.getter
     def password(self) -> str:
         """
-        The password to authenticate with.
+        Specifies the password corresponding to the given username.
         """
         return pulumi.get(self, "password")
 
@@ -2256,7 +2209,7 @@ class SecretBackendConnectionRedis(dict):
     @pulumi.getter
     def username(self) -> str:
         """
-        The username to authenticate with.
+        Specifies the username for Vault to use.
         """
         return pulumi.get(self, "username")
 
@@ -2264,7 +2217,7 @@ class SecretBackendConnectionRedis(dict):
     @pulumi.getter(name="caCert")
     def ca_cert(self) -> Optional[str]:
         """
-        The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity.
+        The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity.
         """
         return pulumi.get(self, "ca_cert")
 
@@ -2272,8 +2225,7 @@ class SecretBackendConnectionRedis(dict):
     @pulumi.getter(name="insecureTls")
     def insecure_tls(self) -> Optional[bool]:
         """
-        Whether to skip verification of the server
-        certificate when using TLS.
+        Specifies whether to skip verification of the server certificate when using TLS.
         """
         return pulumi.get(self, "insecure_tls")
 
@@ -2281,8 +2233,7 @@ class SecretBackendConnectionRedis(dict):
     @pulumi.getter
     def port(self) -> Optional[int]:
         """
-        The default port to connect to if no port is specified as
-        part of the host.
+        The transport port to use to connect to Redis.
         """
         return pulumi.get(self, "port")
 
@@ -2290,7 +2241,7 @@ class SecretBackendConnectionRedis(dict):
     @pulumi.getter
     def tls(self) -> Optional[bool]:
         """
-        Whether to use TLS when connecting to Cassandra.
+        Specifies whether to use TLS when connecting to Redis.
         """
         return pulumi.get(self, "tls")
 
@@ -2303,11 +2254,10 @@ class SecretBackendConnectionRedisElasticache(dict):
                  region: Optional[str] = None,
                  username: Optional[str] = None):
         """
-        :param str url: The URL for Elasticsearch's API. https requires certificate
-               by trusted CA if used.
-        :param str password: The password to authenticate with.
-        :param str region: The region where the ElastiCache cluster is hosted. If omitted Vault tries to infer from the environment instead.
-        :param str username: The username to authenticate with.
+        :param str url: The configuration endpoint for the ElastiCache cluster to connect to.
+        :param str password: The AWS secret key id to use to talk to ElastiCache. If omitted the credentials chain provider is used instead.
+        :param str region: The AWS region where the ElastiCache cluster is hosted. If omitted the plugin tries to infer the region from the environment.
+        :param str username: The AWS access key id to use to talk to ElastiCache. If omitted the credentials chain provider is used instead.
         """
         pulumi.set(__self__, "url", url)
         if password is not None:
@@ -2321,8 +2271,7 @@ class SecretBackendConnectionRedisElasticache(dict):
     @pulumi.getter
     def url(self) -> str:
         """
-        The URL for Elasticsearch's API. https requires certificate
-        by trusted CA if used.
+        The configuration endpoint for the ElastiCache cluster to connect to.
         """
         return pulumi.get(self, "url")
 
@@ -2330,7 +2279,7 @@ class SecretBackendConnectionRedisElasticache(dict):
     @pulumi.getter
     def password(self) -> Optional[str]:
         """
-        The password to authenticate with.
+        The AWS secret key id to use to talk to ElastiCache. If omitted the credentials chain provider is used instead.
         """
         return pulumi.get(self, "password")
 
@@ -2338,7 +2287,7 @@ class SecretBackendConnectionRedisElasticache(dict):
     @pulumi.getter
     def region(self) -> Optional[str]:
         """
-        The region where the ElastiCache cluster is hosted. If omitted Vault tries to infer from the environment instead.
+        The AWS region where the ElastiCache cluster is hosted. If omitted the plugin tries to infer the region from the environment.
         """
         return pulumi.get(self, "region")
 
@@ -2346,7 +2295,7 @@ class SecretBackendConnectionRedisElasticache(dict):
     @pulumi.getter
     def username(self) -> Optional[str]:
         """
-        The username to authenticate with.
+        The AWS access key id to use to talk to ElastiCache. If omitted the credentials chain provider is used instead.
         """
         return pulumi.get(self, "username")
 
@@ -2390,20 +2339,14 @@ class SecretBackendConnectionRedshift(dict):
                  username: Optional[str] = None,
                  username_template: Optional[str] = None):
         """
-        :param str connection_url: A URL containing connection information. See
-               the [Vault
-               docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload)
-               for an example.
-        :param bool disable_escaping: Disable special character escaping in username and password.
-        :param int max_connection_lifetime: The maximum number of seconds to keep
-               a connection alive for.
-        :param int max_idle_connections: The maximum number of idle connections to
-               maintain.
-        :param int max_open_connections: The maximum number of open connections to
-               use.
-        :param str password: The password to authenticate with.
-        :param str username: The username to authenticate with.
-        :param str username_template: Template describing how dynamic usernames are generated.
+        :param str connection_url: Connection string to use to connect to the database.
+        :param bool disable_escaping: Disable special character escaping in username and password
+        :param int max_connection_lifetime: Maximum number of seconds a connection may be reused.
+        :param int max_idle_connections: Maximum number of idle connections to the database.
+        :param int max_open_connections: Maximum number of open connections to the database.
+        :param str password: The root credential password used in the connection URL
+        :param str username: The root credential username used in the connection URL
+        :param str username_template: Username generation template.
         """
         if connection_url is not None:
             pulumi.set(__self__, "connection_url", connection_url)
@@ -2426,10 +2369,7 @@ class SecretBackendConnectionRedshift(dict):
     @pulumi.getter(name="connectionUrl")
     def connection_url(self) -> Optional[str]:
         """
-        A URL containing connection information. See
-        the [Vault
-        docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload)
-        for an example.
+        Connection string to use to connect to the database.
         """
         return pulumi.get(self, "connection_url")
 
@@ -2437,7 +2377,7 @@ class SecretBackendConnectionRedshift(dict):
     @pulumi.getter(name="disableEscaping")
     def disable_escaping(self) -> Optional[bool]:
         """
-        Disable special character escaping in username and password.
+        Disable special character escaping in username and password
         """
         return pulumi.get(self, "disable_escaping")
 
@@ -2445,8 +2385,7 @@ class SecretBackendConnectionRedshift(dict):
     @pulumi.getter(name="maxConnectionLifetime")
     def max_connection_lifetime(self) -> Optional[int]:
         """
-        The maximum number of seconds to keep
-        a connection alive for.
+        Maximum number of seconds a connection may be reused.
         """
         return pulumi.get(self, "max_connection_lifetime")
 
@@ -2454,8 +2393,7 @@ class SecretBackendConnectionRedshift(dict):
     @pulumi.getter(name="maxIdleConnections")
     def max_idle_connections(self) -> Optional[int]:
         """
-        The maximum number of idle connections to
-        maintain.
+        Maximum number of idle connections to the database.
         """
         return pulumi.get(self, "max_idle_connections")
 
@@ -2463,8 +2401,7 @@ class SecretBackendConnectionRedshift(dict):
     @pulumi.getter(name="maxOpenConnections")
     def max_open_connections(self) -> Optional[int]:
         """
-        The maximum number of open connections to
-        use.
+        Maximum number of open connections to the database.
         """
         return pulumi.get(self, "max_open_connections")
 
@@ -2472,7 +2409,7 @@ class SecretBackendConnectionRedshift(dict):
     @pulumi.getter
     def password(self) -> Optional[str]:
         """
-        The password to authenticate with.
+        The root credential password used in the connection URL
         """
         return pulumi.get(self, "password")
 
@@ -2480,7 +2417,7 @@ class SecretBackendConnectionRedshift(dict):
     @pulumi.getter
     def username(self) -> Optional[str]:
         """
-        The username to authenticate with.
+        The root credential username used in the connection URL
         """
         return pulumi.get(self, "username")
 
@@ -2488,7 +2425,7 @@ class SecretBackendConnectionRedshift(dict):
     @pulumi.getter(name="usernameTemplate")
     def username_template(self) -> Optional[str]:
         """
-        Template describing how dynamic usernames are generated.
+        Username generation template.
         """
         return pulumi.get(self, "username_template")
 
@@ -2529,19 +2466,13 @@ class SecretBackendConnectionSnowflake(dict):
                  username: Optional[str] = None,
                  username_template: Optional[str] = None):
         """
-        :param str connection_url: A URL containing connection information. See
-               the [Vault
-               docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload)
-               for an example.
-        :param int max_connection_lifetime: The maximum number of seconds to keep
-               a connection alive for.
-        :param int max_idle_connections: The maximum number of idle connections to
-               maintain.
-        :param int max_open_connections: The maximum number of open connections to
-               use.
-        :param str password: The password to authenticate with.
-        :param str username: The username to authenticate with.
-        :param str username_template: Template describing how dynamic usernames are generated.
+        :param str connection_url: Connection string to use to connect to the database.
+        :param int max_connection_lifetime: Maximum number of seconds a connection may be reused.
+        :param int max_idle_connections: Maximum number of idle connections to the database.
+        :param int max_open_connections: Maximum number of open connections to the database.
+        :param str password: The root credential password used in the connection URL
+        :param str username: The root credential username used in the connection URL
+        :param str username_template: Username generation template.
         """
         if connection_url is not None:
             pulumi.set(__self__, "connection_url", connection_url)
@@ -2562,10 +2493,7 @@ class SecretBackendConnectionSnowflake(dict):
     @pulumi.getter(name="connectionUrl")
     def connection_url(self) -> Optional[str]:
         """
-        A URL containing connection information. See
-        the [Vault
-        docs](https://www.vaultproject.io/api-docs/secret/databases/mongodb.html#sample-payload)
-        for an example.
+        Connection string to use to connect to the database.
         """
         return pulumi.get(self, "connection_url")
 
@@ -2573,8 +2501,7 @@ class SecretBackendConnectionSnowflake(dict):
     @pulumi.getter(name="maxConnectionLifetime")
     def max_connection_lifetime(self) -> Optional[int]:
         """
-        The maximum number of seconds to keep
-        a connection alive for.
+        Maximum number of seconds a connection may be reused.
         """
         return pulumi.get(self, "max_connection_lifetime")
 
@@ -2582,8 +2509,7 @@ class SecretBackendConnectionSnowflake(dict):
     @pulumi.getter(name="maxIdleConnections")
     def max_idle_connections(self) -> Optional[int]:
         """
-        The maximum number of idle connections to
-        maintain.
+        Maximum number of idle connections to the database.
         """
         return pulumi.get(self, "max_idle_connections")
 
@@ -2591,8 +2517,7 @@ class SecretBackendConnectionSnowflake(dict):
     @pulumi.getter(name="maxOpenConnections")
     def max_open_connections(self) -> Optional[int]:
         """
-        The maximum number of open connections to
-        use.
+        Maximum number of open connections to the database.
         """
         return pulumi.get(self, "max_open_connections")
 
@@ -2600,7 +2525,7 @@ class SecretBackendConnectionSnowflake(dict):
     @pulumi.getter
     def password(self) -> Optional[str]:
         """
-        The password to authenticate with.
+        The root credential password used in the connection URL
         """
         return pulumi.get(self, "password")
 
@@ -2608,7 +2533,7 @@ class SecretBackendConnectionSnowflake(dict):
     @pulumi.getter
     def username(self) -> Optional[str]:
         """
-        The username to authenticate with.
+        The root credential username used in the connection URL
         """
         return pulumi.get(self, "username")
 
@@ -2616,7 +2541,7 @@ class SecretBackendConnectionSnowflake(dict):
     @pulumi.getter(name="usernameTemplate")
     def username_template(self) -> Optional[str]:
         """
-        Template describing how dynamic usernames are generated.
+        Username generation template.
         """
         return pulumi.get(self, "username_template")
 
@@ -2642,6 +2567,8 @@ class SecretsMountCassandra(dict):
             suggest = "protocol_version"
         elif key == "rootRotationStatements":
             suggest = "root_rotation_statements"
+        elif key == "skipVerification":
+            suggest = "skip_verification"
         elif key == "verifyConnection":
             suggest = "verify_connection"
 
@@ -2660,7 +2587,7 @@ class SecretsMountCassandra(dict):
                  name: str,
                  allowed_roles: Optional[Sequence[str]] = None,
                  connect_timeout: Optional[int] = None,
-                 data: Optional[Mapping[str, Any]] = None,
+                 data: Optional[Mapping[str, str]] = None,
                  hosts: Optional[Sequence[str]] = None,
                  insecure_tls: Optional[bool] = None,
                  password: Optional[str] = None,
@@ -2670,6 +2597,7 @@ class SecretsMountCassandra(dict):
                  port: Optional[int] = None,
                  protocol_version: Optional[int] = None,
                  root_rotation_statements: Optional[Sequence[str]] = None,
+                 skip_verification: Optional[bool] = None,
                  tls: Optional[bool] = None,
                  username: Optional[str] = None,
                  verify_connection: Optional[bool] = None):
@@ -2677,25 +2605,22 @@ class SecretsMountCassandra(dict):
         :param str name: Name of the database connection.
         :param Sequence[str] allowed_roles: A list of roles that are allowed to use this
                connection.
-        :param int connect_timeout: The number of seconds to use as a connection
-               timeout.
-        :param Mapping[str, Any] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
+        :param int connect_timeout: The number of seconds to use as a connection timeout.
+        :param Mapping[str, str] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
                
                Supported list of database secrets engines that can be configured:
-        :param Sequence[str] hosts: The hosts to connect to.
-        :param bool insecure_tls: Whether to skip verification of the server
-               certificate when using TLS.
-        :param str password: The root credential password used in the connection URL.
-        :param str pem_bundle: Concatenated PEM blocks configuring the certificate
-               chain.
-        :param str pem_json: A JSON structure configuring the certificate chain.
+        :param Sequence[str] hosts: Cassandra hosts to connect to.
+        :param bool insecure_tls: Whether to skip verification of the server certificate when using TLS.
+        :param str password: The password to use when authenticating with Cassandra.
+        :param str pem_bundle: Concatenated PEM blocks containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
+        :param str pem_json: Specifies JSON containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
         :param str plugin_name: Specifies the name of the plugin to use.
-        :param int port: The default port to connect to if no port is specified as
-               part of the host.
+        :param int port: The transport port to use to connect to Cassandra.
         :param int protocol_version: The CQL protocol version to use.
         :param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
+        :param bool skip_verification: Skip permissions checks when a connection to Cassandra is first created. These checks ensure that Vault is able to create roles, but can be resource intensive in clusters with many roles.
         :param bool tls: Whether to use TLS when connecting to Cassandra.
-        :param str username: The root credential username used in the connection URL.
+        :param str username: The username to use when authenticating with Cassandra.
         :param bool verify_connection: Whether the connection should be verified on
                initial configuration or not.
         """
@@ -2724,6 +2649,8 @@ class SecretsMountCassandra(dict):
             pulumi.set(__self__, "protocol_version", protocol_version)
         if root_rotation_statements is not None:
             pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
+        if skip_verification is not None:
+            pulumi.set(__self__, "skip_verification", skip_verification)
         if tls is not None:
             pulumi.set(__self__, "tls", tls)
         if username is not None:
@@ -2752,14 +2679,13 @@ class SecretsMountCassandra(dict):
     @pulumi.getter(name="connectTimeout")
     def connect_timeout(self) -> Optional[int]:
         """
-        The number of seconds to use as a connection
-        timeout.
+        The number of seconds to use as a connection timeout.
         """
         return pulumi.get(self, "connect_timeout")
 
     @property
     @pulumi.getter
-    def data(self) -> Optional[Mapping[str, Any]]:
+    def data(self) -> Optional[Mapping[str, str]]:
         """
         A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
 
@@ -2771,7 +2697,7 @@ class SecretsMountCassandra(dict):
     @pulumi.getter
     def hosts(self) -> Optional[Sequence[str]]:
         """
-        The hosts to connect to.
+        Cassandra hosts to connect to.
         """
         return pulumi.get(self, "hosts")
 
@@ -2779,8 +2705,7 @@ class SecretsMountCassandra(dict):
     @pulumi.getter(name="insecureTls")
     def insecure_tls(self) -> Optional[bool]:
         """
-        Whether to skip verification of the server
-        certificate when using TLS.
+        Whether to skip verification of the server certificate when using TLS.
         """
         return pulumi.get(self, "insecure_tls")
 
@@ -2788,7 +2713,7 @@ class SecretsMountCassandra(dict):
     @pulumi.getter
     def password(self) -> Optional[str]:
         """
-        The root credential password used in the connection URL.
+        The password to use when authenticating with Cassandra.
         """
         return pulumi.get(self, "password")
 
@@ -2796,8 +2721,7 @@ class SecretsMountCassandra(dict):
     @pulumi.getter(name="pemBundle")
     def pem_bundle(self) -> Optional[str]:
         """
-        Concatenated PEM blocks configuring the certificate
-        chain.
+        Concatenated PEM blocks containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
         """
         return pulumi.get(self, "pem_bundle")
 
@@ -2805,7 +2729,7 @@ class SecretsMountCassandra(dict):
     @pulumi.getter(name="pemJson")
     def pem_json(self) -> Optional[str]:
         """
-        A JSON structure configuring the certificate chain.
+        Specifies JSON containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
         """
         return pulumi.get(self, "pem_json")
 
@@ -2821,8 +2745,7 @@ class SecretsMountCassandra(dict):
     @pulumi.getter
     def port(self) -> Optional[int]:
         """
-        The default port to connect to if no port is specified as
-        part of the host.
+        The transport port to use to connect to Cassandra.
         """
         return pulumi.get(self, "port")
 
@@ -2842,6 +2765,14 @@ class SecretsMountCassandra(dict):
         """
         return pulumi.get(self, "root_rotation_statements")
 
+    @property
+    @pulumi.getter(name="skipVerification")
+    def skip_verification(self) -> Optional[bool]:
+        """
+        Skip permissions checks when a connection to Cassandra is first created. These checks ensure that Vault is able to create roles, but can be resource intensive in clusters with many roles.
+        """
+        return pulumi.get(self, "skip_verification")
+
     @property
     @pulumi.getter
     def tls(self) -> Optional[bool]:
@@ -2854,7 +2785,7 @@ class SecretsMountCassandra(dict):
     @pulumi.getter
     def username(self) -> Optional[str]:
         """
-        The root credential username used in the connection URL.
+        The username to use when authenticating with Cassandra.
         """
         return pulumi.get(self, "username")
 
@@ -2909,7 +2840,7 @@ class SecretsMountCouchbase(dict):
                  allowed_roles: Optional[Sequence[str]] = None,
                  base64_pem: Optional[str] = None,
                  bucket_name: Optional[str] = None,
-                 data: Optional[Mapping[str, Any]] = None,
+                 data: Optional[Mapping[str, str]] = None,
                  insecure_tls: Optional[bool] = None,
                  plugin_name: Optional[str] = None,
                  root_rotation_statements: Optional[Sequence[str]] = None,
@@ -2917,23 +2848,22 @@ class SecretsMountCouchbase(dict):
                  username_template: Optional[str] = None,
                  verify_connection: Optional[bool] = None):
         """
-        :param Sequence[str] hosts: The hosts to connect to.
+        :param Sequence[str] hosts: A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`.
         :param str name: Name of the database connection.
-        :param str password: The root credential password used in the connection URL.
-        :param str username: The root credential username used in the connection URL.
+        :param str password: Specifies the password corresponding to the given username.
+        :param str username: Specifies the username for Vault to use.
         :param Sequence[str] allowed_roles: A list of roles that are allowed to use this
                connection.
         :param str base64_pem: Required if `tls` is `true`. Specifies the certificate authority of the Couchbase server, as a PEM certificate that has been base64 encoded.
         :param str bucket_name: Required for Couchbase versions prior to 6.5.0. This is only used to verify vault's connection to the server.
-        :param Mapping[str, Any] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
+        :param Mapping[str, str] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
                
                Supported list of database secrets engines that can be configured:
-        :param bool insecure_tls: Whether to skip verification of the server
-               certificate when using TLS.
+        :param bool insecure_tls: Specifies whether to skip verification of the server certificate when using TLS.
         :param str plugin_name: Specifies the name of the plugin to use.
         :param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
-        :param bool tls: Whether to use TLS when connecting to Cassandra.
-        :param str username_template: [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.
+        :param bool tls: Specifies whether to use TLS when connecting to Couchbase.
+        :param str username_template: Template describing how dynamic usernames are generated.
         :param bool verify_connection: Whether the connection should be verified on
                initial configuration or not.
         """
@@ -2966,7 +2896,7 @@ class SecretsMountCouchbase(dict):
     @pulumi.getter
     def hosts(self) -> Sequence[str]:
         """
-        The hosts to connect to.
+        A set of Couchbase URIs to connect to. Must use `couchbases://` scheme if `tls` is `true`.
         """
         return pulumi.get(self, "hosts")
 
@@ -2982,7 +2912,7 @@ class SecretsMountCouchbase(dict):
     @pulumi.getter
     def password(self) -> str:
         """
-        The root credential password used in the connection URL.
+        Specifies the password corresponding to the given username.
         """
         return pulumi.get(self, "password")
 
@@ -2990,7 +2920,7 @@ class SecretsMountCouchbase(dict):
     @pulumi.getter
     def username(self) -> str:
         """
-        The root credential username used in the connection URL.
+        Specifies the username for Vault to use.
         """
         return pulumi.get(self, "username")
 
@@ -3021,7 +2951,7 @@ class SecretsMountCouchbase(dict):
 
     @property
     @pulumi.getter
-    def data(self) -> Optional[Mapping[str, Any]]:
+    def data(self) -> Optional[Mapping[str, str]]:
         """
         A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
 
@@ -3033,8 +2963,7 @@ class SecretsMountCouchbase(dict):
     @pulumi.getter(name="insecureTls")
     def insecure_tls(self) -> Optional[bool]:
         """
-        Whether to skip verification of the server
-        certificate when using TLS.
+        Specifies whether to skip verification of the server certificate when using TLS.
         """
         return pulumi.get(self, "insecure_tls")
 
@@ -3058,7 +2987,7 @@ class SecretsMountCouchbase(dict):
     @pulumi.getter
     def tls(self) -> Optional[bool]:
         """
-        Whether to use TLS when connecting to Cassandra.
+        Specifies whether to use TLS when connecting to Couchbase.
         """
         return pulumi.get(self, "tls")
 
@@ -3066,7 +2995,7 @@ class SecretsMountCouchbase(dict):
     @pulumi.getter(name="usernameTemplate")
     def username_template(self) -> Optional[str]:
         """
-        [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.
+        Template describing how dynamic usernames are generated.
         """
         return pulumi.get(self, "username_template")
 
@@ -3127,7 +3056,7 @@ class SecretsMountElasticsearch(dict):
                  ca_path: Optional[str] = None,
                  client_cert: Optional[str] = None,
                  client_key: Optional[str] = None,
-                 data: Optional[Mapping[str, Any]] = None,
+                 data: Optional[Mapping[str, str]] = None,
                  insecure: Optional[bool] = None,
                  plugin_name: Optional[str] = None,
                  root_rotation_statements: Optional[Sequence[str]] = None,
@@ -3136,24 +3065,23 @@ class SecretsMountElasticsearch(dict):
                  verify_connection: Optional[bool] = None):
         """
         :param str name: Name of the database connection.
-        :param str password: The root credential password used in the connection URL.
-        :param str url: The URL for Elasticsearch's API. https requires certificate
-               by trusted CA if used.
-        :param str username: The root credential username used in the connection URL.
+        :param str password: The password to be used in the connection URL
+        :param str url: The URL for Elasticsearch's API
+        :param str username: The username to be used in the connection URL
         :param Sequence[str] allowed_roles: A list of roles that are allowed to use this
                connection.
-        :param str ca_cert: The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity.
-        :param str ca_path: The path to a directory of PEM-encoded CA cert files to use to verify the Elasticsearch server's identity.
-        :param str client_cert: The path to the certificate for the Elasticsearch client to present for communication.
-        :param str client_key: The path to the key for the Elasticsearch client to use for communication.
-        :param Mapping[str, Any] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
+        :param str ca_cert: The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity
+        :param str ca_path: The path to a directory of PEM-encoded CA cert files to use to verify the Elasticsearch server's identity
+        :param str client_cert: The path to the certificate for the Elasticsearch client to present for communication
+        :param str client_key: The path to the key for the Elasticsearch client to use for communication
+        :param Mapping[str, str] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
                
                Supported list of database secrets engines that can be configured:
-        :param bool insecure: Whether to disable certificate verification.
+        :param bool insecure: Whether to disable certificate verification
         :param str plugin_name: Specifies the name of the plugin to use.
         :param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
-        :param str tls_server_name: This, if set, is used to set the SNI host when connecting via TLS.
-        :param str username_template: [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.
+        :param str tls_server_name: This, if set, is used to set the SNI host when connecting via TLS
+        :param str username_template: Template describing how dynamic usernames are generated.
         :param bool verify_connection: Whether the connection should be verified on
                initial configuration or not.
         """
@@ -3198,7 +3126,7 @@ class SecretsMountElasticsearch(dict):
     @pulumi.getter
     def password(self) -> str:
         """
-        The root credential password used in the connection URL.
+        The password to be used in the connection URL
         """
         return pulumi.get(self, "password")
 
@@ -3206,8 +3134,7 @@ class SecretsMountElasticsearch(dict):
     @pulumi.getter
     def url(self) -> str:
         """
-        The URL for Elasticsearch's API. https requires certificate
-        by trusted CA if used.
+        The URL for Elasticsearch's API
         """
         return pulumi.get(self, "url")
 
@@ -3215,7 +3142,7 @@ class SecretsMountElasticsearch(dict):
     @pulumi.getter
     def username(self) -> str:
         """
-        The root credential username used in the connection URL.
+        The username to be used in the connection URL
         """
         return pulumi.get(self, "username")
 
@@ -3232,7 +3159,7 @@ class SecretsMountElasticsearch(dict):
     @pulumi.getter(name="caCert")
     def ca_cert(self) -> Optional[str]:
         """
-        The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity.
+        The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity
         """
         return pulumi.get(self, "ca_cert")
 
@@ -3240,7 +3167,7 @@ class SecretsMountElasticsearch(dict):
     @pulumi.getter(name="caPath")
     def ca_path(self) -> Optional[str]:
         """
-        The path to a directory of PEM-encoded CA cert files to use to verify the Elasticsearch server's identity.
+        The path to a directory of PEM-encoded CA cert files to use to verify the Elasticsearch server's identity
         """
         return pulumi.get(self, "ca_path")
 
@@ -3248,7 +3175,7 @@ class SecretsMountElasticsearch(dict):
     @pulumi.getter(name="clientCert")
     def client_cert(self) -> Optional[str]:
         """
-        The path to the certificate for the Elasticsearch client to present for communication.
+        The path to the certificate for the Elasticsearch client to present for communication
         """
         return pulumi.get(self, "client_cert")
 
@@ -3256,13 +3183,13 @@ class SecretsMountElasticsearch(dict):
     @pulumi.getter(name="clientKey")
     def client_key(self) -> Optional[str]:
         """
-        The path to the key for the Elasticsearch client to use for communication.
+        The path to the key for the Elasticsearch client to use for communication
         """
         return pulumi.get(self, "client_key")
 
     @property
     @pulumi.getter
-    def data(self) -> Optional[Mapping[str, Any]]:
+    def data(self) -> Optional[Mapping[str, str]]:
         """
         A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
 
@@ -3274,7 +3201,7 @@ class SecretsMountElasticsearch(dict):
     @pulumi.getter
     def insecure(self) -> Optional[bool]:
         """
-        Whether to disable certificate verification.
+        Whether to disable certificate verification
         """
         return pulumi.get(self, "insecure")
 
@@ -3298,7 +3225,7 @@ class SecretsMountElasticsearch(dict):
     @pulumi.getter(name="tlsServerName")
     def tls_server_name(self) -> Optional[str]:
         """
-        This, if set, is used to set the SNI host when connecting via TLS.
+        This, if set, is used to set the SNI host when connecting via TLS
         """
         return pulumi.get(self, "tls_server_name")
 
@@ -3306,7 +3233,7 @@ class SecretsMountElasticsearch(dict):
     @pulumi.getter(name="usernameTemplate")
     def username_template(self) -> Optional[str]:
         """
-        [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.
+        Template describing how dynamic usernames are generated.
         """
         return pulumi.get(self, "username_template")
 
@@ -3359,7 +3286,7 @@ class SecretsMountHana(dict):
                  name: str,
                  allowed_roles: Optional[Sequence[str]] = None,
                  connection_url: Optional[str] = None,
-                 data: Optional[Mapping[str, Any]] = None,
+                 data: Optional[Mapping[str, str]] = None,
                  disable_escaping: Optional[bool] = None,
                  max_connection_lifetime: Optional[int] = None,
                  max_idle_connections: Optional[int] = None,
@@ -3373,21 +3300,18 @@ class SecretsMountHana(dict):
         :param str name: Name of the database connection.
         :param Sequence[str] allowed_roles: A list of roles that are allowed to use this
                connection.
-        :param str connection_url: Specifies the Redshift DSN. 
-               See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)
-        :param Mapping[str, Any] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
+        :param str connection_url: Connection string to use to connect to the database.
+        :param Mapping[str, str] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
                
                Supported list of database secrets engines that can be configured:
-        :param bool disable_escaping: Disable special character escaping in username and password.
-        :param int max_connection_lifetime: The maximum amount of time a connection may be reused.
-        :param int max_idle_connections: The maximum number of idle connections to
-               the database.
-        :param int max_open_connections: The maximum number of open connections to
-               the database.
-        :param str password: The root credential password used in the connection URL.
+        :param bool disable_escaping: Disable special character escaping in username and password
+        :param int max_connection_lifetime: Maximum number of seconds a connection may be reused.
+        :param int max_idle_connections: Maximum number of idle connections to the database.
+        :param int max_open_connections: Maximum number of open connections to the database.
+        :param str password: The root credential password used in the connection URL
         :param str plugin_name: Specifies the name of the plugin to use.
         :param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
-        :param str username: The root credential username used in the connection URL.
+        :param str username: The root credential username used in the connection URL
         :param bool verify_connection: Whether the connection should be verified on
                initial configuration or not.
         """
@@ -3438,14 +3362,13 @@ class SecretsMountHana(dict):
     @pulumi.getter(name="connectionUrl")
     def connection_url(self) -> Optional[str]:
         """
-        Specifies the Redshift DSN. 
-        See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)
+        Connection string to use to connect to the database.
         """
         return pulumi.get(self, "connection_url")
 
     @property
     @pulumi.getter
-    def data(self) -> Optional[Mapping[str, Any]]:
+    def data(self) -> Optional[Mapping[str, str]]:
         """
         A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
 
@@ -3457,7 +3380,7 @@ class SecretsMountHana(dict):
     @pulumi.getter(name="disableEscaping")
     def disable_escaping(self) -> Optional[bool]:
         """
-        Disable special character escaping in username and password.
+        Disable special character escaping in username and password
         """
         return pulumi.get(self, "disable_escaping")
 
@@ -3465,7 +3388,7 @@ class SecretsMountHana(dict):
     @pulumi.getter(name="maxConnectionLifetime")
     def max_connection_lifetime(self) -> Optional[int]:
         """
-        The maximum amount of time a connection may be reused.
+        Maximum number of seconds a connection may be reused.
         """
         return pulumi.get(self, "max_connection_lifetime")
 
@@ -3473,8 +3396,7 @@ class SecretsMountHana(dict):
     @pulumi.getter(name="maxIdleConnections")
     def max_idle_connections(self) -> Optional[int]:
         """
-        The maximum number of idle connections to
-        the database.
+        Maximum number of idle connections to the database.
         """
         return pulumi.get(self, "max_idle_connections")
 
@@ -3482,8 +3404,7 @@ class SecretsMountHana(dict):
     @pulumi.getter(name="maxOpenConnections")
     def max_open_connections(self) -> Optional[int]:
         """
-        The maximum number of open connections to
-        the database.
+        Maximum number of open connections to the database.
         """
         return pulumi.get(self, "max_open_connections")
 
@@ -3491,7 +3412,7 @@ class SecretsMountHana(dict):
     @pulumi.getter
     def password(self) -> Optional[str]:
         """
-        The root credential password used in the connection URL.
+        The root credential password used in the connection URL
         """
         return pulumi.get(self, "password")
 
@@ -3515,7 +3436,7 @@ class SecretsMountHana(dict):
     @pulumi.getter
     def username(self) -> Optional[str]:
         """
-        The root credential username used in the connection URL.
+        The root credential username used in the connection URL
         """
         return pulumi.get(self, "username")
 
@@ -3571,7 +3492,7 @@ class SecretsMountInfluxdb(dict):
                  username: str,
                  allowed_roles: Optional[Sequence[str]] = None,
                  connect_timeout: Optional[int] = None,
-                 data: Optional[Mapping[str, Any]] = None,
+                 data: Optional[Mapping[str, str]] = None,
                  insecure_tls: Optional[bool] = None,
                  pem_bundle: Optional[str] = None,
                  pem_json: Optional[str] = None,
@@ -3582,28 +3503,24 @@ class SecretsMountInfluxdb(dict):
                  username_template: Optional[str] = None,
                  verify_connection: Optional[bool] = None):
         """
-        :param str host: The host to connect to.
+        :param str host: Influxdb host to connect to.
         :param str name: Name of the database connection.
-        :param str password: The root credential password used in the connection URL.
-        :param str username: The root credential username used in the connection URL.
+        :param str password: Specifies the password corresponding to the given username.
+        :param str username: Specifies the username to use for superuser access.
         :param Sequence[str] allowed_roles: A list of roles that are allowed to use this
                connection.
-        :param int connect_timeout: The number of seconds to use as a connection
-               timeout.
-        :param Mapping[str, Any] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
+        :param int connect_timeout: The number of seconds to use as a connection timeout.
+        :param Mapping[str, str] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
                
                Supported list of database secrets engines that can be configured:
-        :param bool insecure_tls: Whether to skip verification of the server
-               certificate when using TLS.
-        :param str pem_bundle: Concatenated PEM blocks configuring the certificate
-               chain.
-        :param str pem_json: A JSON structure configuring the certificate chain.
+        :param bool insecure_tls: Whether to skip verification of the server certificate when using TLS.
+        :param str pem_bundle: Concatenated PEM blocks containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
+        :param str pem_json: Specifies JSON containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
         :param str plugin_name: Specifies the name of the plugin to use.
-        :param int port: The default port to connect to if no port is specified as
-               part of the host.
+        :param int port: The transport port to use to connect to Influxdb.
         :param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
-        :param bool tls: Whether to use TLS when connecting to Cassandra.
-        :param str username_template: [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.
+        :param bool tls: Whether to use TLS when connecting to Influxdb.
+        :param str username_template: Template describing how dynamic usernames are generated.
         :param bool verify_connection: Whether the connection should be verified on
                initial configuration or not.
         """
@@ -3640,7 +3557,7 @@ class SecretsMountInfluxdb(dict):
     @pulumi.getter
     def host(self) -> str:
         """
-        The host to connect to.
+        Influxdb host to connect to.
         """
         return pulumi.get(self, "host")
 
@@ -3656,7 +3573,7 @@ class SecretsMountInfluxdb(dict):
     @pulumi.getter
     def password(self) -> str:
         """
-        The root credential password used in the connection URL.
+        Specifies the password corresponding to the given username.
         """
         return pulumi.get(self, "password")
 
@@ -3664,7 +3581,7 @@ class SecretsMountInfluxdb(dict):
     @pulumi.getter
     def username(self) -> str:
         """
-        The root credential username used in the connection URL.
+        Specifies the username to use for superuser access.
         """
         return pulumi.get(self, "username")
 
@@ -3681,14 +3598,13 @@ class SecretsMountInfluxdb(dict):
     @pulumi.getter(name="connectTimeout")
     def connect_timeout(self) -> Optional[int]:
         """
-        The number of seconds to use as a connection
-        timeout.
+        The number of seconds to use as a connection timeout.
         """
         return pulumi.get(self, "connect_timeout")
 
     @property
     @pulumi.getter
-    def data(self) -> Optional[Mapping[str, Any]]:
+    def data(self) -> Optional[Mapping[str, str]]:
         """
         A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
 
@@ -3700,8 +3616,7 @@ class SecretsMountInfluxdb(dict):
     @pulumi.getter(name="insecureTls")
     def insecure_tls(self) -> Optional[bool]:
         """
-        Whether to skip verification of the server
-        certificate when using TLS.
+        Whether to skip verification of the server certificate when using TLS.
         """
         return pulumi.get(self, "insecure_tls")
 
@@ -3709,8 +3624,7 @@ class SecretsMountInfluxdb(dict):
     @pulumi.getter(name="pemBundle")
     def pem_bundle(self) -> Optional[str]:
         """
-        Concatenated PEM blocks configuring the certificate
-        chain.
+        Concatenated PEM blocks containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
         """
         return pulumi.get(self, "pem_bundle")
 
@@ -3718,7 +3632,7 @@ class SecretsMountInfluxdb(dict):
     @pulumi.getter(name="pemJson")
     def pem_json(self) -> Optional[str]:
         """
-        A JSON structure configuring the certificate chain.
+        Specifies JSON containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
         """
         return pulumi.get(self, "pem_json")
 
@@ -3734,8 +3648,7 @@ class SecretsMountInfluxdb(dict):
     @pulumi.getter
     def port(self) -> Optional[int]:
         """
-        The default port to connect to if no port is specified as
-        part of the host.
+        The transport port to use to connect to Influxdb.
         """
         return pulumi.get(self, "port")
 
@@ -3751,7 +3664,7 @@ class SecretsMountInfluxdb(dict):
     @pulumi.getter
     def tls(self) -> Optional[bool]:
         """
-        Whether to use TLS when connecting to Cassandra.
+        Whether to use TLS when connecting to Influxdb.
         """
         return pulumi.get(self, "tls")
 
@@ -3759,7 +3672,7 @@ class SecretsMountInfluxdb(dict):
     @pulumi.getter(name="usernameTemplate")
     def username_template(self) -> Optional[str]:
         """
-        [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.
+        Template describing how dynamic usernames are generated.
         """
         return pulumi.get(self, "username_template")
 
@@ -3812,7 +3725,7 @@ class SecretsMountMongodb(dict):
                  name: str,
                  allowed_roles: Optional[Sequence[str]] = None,
                  connection_url: Optional[str] = None,
-                 data: Optional[Mapping[str, Any]] = None,
+                 data: Optional[Mapping[str, str]] = None,
                  max_connection_lifetime: Optional[int] = None,
                  max_idle_connections: Optional[int] = None,
                  max_open_connections: Optional[int] = None,
@@ -3826,21 +3739,18 @@ class SecretsMountMongodb(dict):
         :param str name: Name of the database connection.
         :param Sequence[str] allowed_roles: A list of roles that are allowed to use this
                connection.
-        :param str connection_url: Specifies the Redshift DSN. 
-               See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)
-        :param Mapping[str, Any] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
+        :param str connection_url: Connection string to use to connect to the database.
+        :param Mapping[str, str] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
                
                Supported list of database secrets engines that can be configured:
-        :param int max_connection_lifetime: The maximum amount of time a connection may be reused.
-        :param int max_idle_connections: The maximum number of idle connections to
-               the database.
-        :param int max_open_connections: The maximum number of open connections to
-               the database.
-        :param str password: The root credential password used in the connection URL.
+        :param int max_connection_lifetime: Maximum number of seconds a connection may be reused.
+        :param int max_idle_connections: Maximum number of idle connections to the database.
+        :param int max_open_connections: Maximum number of open connections to the database.
+        :param str password: The root credential password used in the connection URL
         :param str plugin_name: Specifies the name of the plugin to use.
         :param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
-        :param str username: The root credential username used in the connection URL.
-        :param str username_template: [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.
+        :param str username: The root credential username used in the connection URL
+        :param str username_template: Username generation template.
         :param bool verify_connection: Whether the connection should be verified on
                initial configuration or not.
         """
@@ -3891,14 +3801,13 @@ class SecretsMountMongodb(dict):
     @pulumi.getter(name="connectionUrl")
     def connection_url(self) -> Optional[str]:
         """
-        Specifies the Redshift DSN. 
-        See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)
+        Connection string to use to connect to the database.
         """
         return pulumi.get(self, "connection_url")
 
     @property
     @pulumi.getter
-    def data(self) -> Optional[Mapping[str, Any]]:
+    def data(self) -> Optional[Mapping[str, str]]:
         """
         A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
 
@@ -3910,7 +3819,7 @@ class SecretsMountMongodb(dict):
     @pulumi.getter(name="maxConnectionLifetime")
     def max_connection_lifetime(self) -> Optional[int]:
         """
-        The maximum amount of time a connection may be reused.
+        Maximum number of seconds a connection may be reused.
         """
         return pulumi.get(self, "max_connection_lifetime")
 
@@ -3918,8 +3827,7 @@ class SecretsMountMongodb(dict):
     @pulumi.getter(name="maxIdleConnections")
     def max_idle_connections(self) -> Optional[int]:
         """
-        The maximum number of idle connections to
-        the database.
+        Maximum number of idle connections to the database.
         """
         return pulumi.get(self, "max_idle_connections")
 
@@ -3927,8 +3835,7 @@ class SecretsMountMongodb(dict):
     @pulumi.getter(name="maxOpenConnections")
     def max_open_connections(self) -> Optional[int]:
         """
-        The maximum number of open connections to
-        the database.
+        Maximum number of open connections to the database.
         """
         return pulumi.get(self, "max_open_connections")
 
@@ -3936,7 +3843,7 @@ class SecretsMountMongodb(dict):
     @pulumi.getter
     def password(self) -> Optional[str]:
         """
-        The root credential password used in the connection URL.
+        The root credential password used in the connection URL
         """
         return pulumi.get(self, "password")
 
@@ -3960,7 +3867,7 @@ class SecretsMountMongodb(dict):
     @pulumi.getter
     def username(self) -> Optional[str]:
         """
-        The root credential username used in the connection URL.
+        The root credential username used in the connection URL
         """
         return pulumi.get(self, "username")
 
@@ -3968,7 +3875,7 @@ class SecretsMountMongodb(dict):
     @pulumi.getter(name="usernameTemplate")
     def username_template(self) -> Optional[str]:
         """
-        [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.
+        Username generation template.
         """
         return pulumi.get(self, "username_template")
 
@@ -4019,7 +3926,7 @@ class SecretsMountMongodbatla(dict):
                  project_id: str,
                  public_key: str,
                  allowed_roles: Optional[Sequence[str]] = None,
-                 data: Optional[Mapping[str, Any]] = None,
+                 data: Optional[Mapping[str, str]] = None,
                  plugin_name: Optional[str] = None,
                  root_rotation_statements: Optional[Sequence[str]] = None,
                  verify_connection: Optional[bool] = None):
@@ -4030,7 +3937,7 @@ class SecretsMountMongodbatla(dict):
         :param str public_key: The Public Programmatic API Key used to authenticate with the MongoDB Atlas API.
         :param Sequence[str] allowed_roles: A list of roles that are allowed to use this
                connection.
-        :param Mapping[str, Any] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
+        :param Mapping[str, str] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
                
                Supported list of database secrets engines that can be configured:
         :param str plugin_name: Specifies the name of the plugin to use.
@@ -4096,7 +4003,7 @@ class SecretsMountMongodbatla(dict):
 
     @property
     @pulumi.getter
-    def data(self) -> Optional[Mapping[str, Any]]:
+    def data(self) -> Optional[Mapping[str, str]]:
         """
         A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
 
@@ -4174,7 +4081,7 @@ class SecretsMountMssql(dict):
                  allowed_roles: Optional[Sequence[str]] = None,
                  connection_url: Optional[str] = None,
                  contained_db: Optional[bool] = None,
-                 data: Optional[Mapping[str, Any]] = None,
+                 data: Optional[Mapping[str, str]] = None,
                  disable_escaping: Optional[bool] = None,
                  max_connection_lifetime: Optional[int] = None,
                  max_idle_connections: Optional[int] = None,
@@ -4189,25 +4096,20 @@ class SecretsMountMssql(dict):
         :param str name: Name of the database connection.
         :param Sequence[str] allowed_roles: A list of roles that are allowed to use this
                connection.
-        :param str connection_url: Specifies the Redshift DSN. 
-               See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)
-        :param bool contained_db: For Vault v1.9+. Set to true when the target is a
-               Contained Database, e.g. AzureSQL.
-               See [Vault docs](https://www.vaultproject.io/api/secret/databases/mssql#contained_db)
-        :param Mapping[str, Any] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
+        :param str connection_url: Connection string to use to connect to the database.
+        :param bool contained_db: Set to true when the target is a Contained Database, e.g. AzureSQL.
+        :param Mapping[str, str] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
                
                Supported list of database secrets engines that can be configured:
-        :param bool disable_escaping: Disable special character escaping in username and password.
-        :param int max_connection_lifetime: The maximum amount of time a connection may be reused.
-        :param int max_idle_connections: The maximum number of idle connections to
-               the database.
-        :param int max_open_connections: The maximum number of open connections to
-               the database.
-        :param str password: The root credential password used in the connection URL.
+        :param bool disable_escaping: Disable special character escaping in username and password
+        :param int max_connection_lifetime: Maximum number of seconds a connection may be reused.
+        :param int max_idle_connections: Maximum number of idle connections to the database.
+        :param int max_open_connections: Maximum number of open connections to the database.
+        :param str password: The root credential password used in the connection URL
         :param str plugin_name: Specifies the name of the plugin to use.
         :param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
-        :param str username: The root credential username used in the connection URL.
-        :param str username_template: [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.
+        :param str username: The root credential username used in the connection URL
+        :param str username_template: Username generation template.
         :param bool verify_connection: Whether the connection should be verified on
                initial configuration or not.
         """
@@ -4262,8 +4164,7 @@ class SecretsMountMssql(dict):
     @pulumi.getter(name="connectionUrl")
     def connection_url(self) -> Optional[str]:
         """
-        Specifies the Redshift DSN. 
-        See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)
+        Connection string to use to connect to the database.
         """
         return pulumi.get(self, "connection_url")
 
@@ -4271,15 +4172,13 @@ class SecretsMountMssql(dict):
     @pulumi.getter(name="containedDb")
     def contained_db(self) -> Optional[bool]:
         """
-        For Vault v1.9+. Set to true when the target is a
-        Contained Database, e.g. AzureSQL.
-        See [Vault docs](https://www.vaultproject.io/api/secret/databases/mssql#contained_db)
+        Set to true when the target is a Contained Database, e.g. AzureSQL.
         """
         return pulumi.get(self, "contained_db")
 
     @property
     @pulumi.getter
-    def data(self) -> Optional[Mapping[str, Any]]:
+    def data(self) -> Optional[Mapping[str, str]]:
         """
         A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
 
@@ -4291,7 +4190,7 @@ class SecretsMountMssql(dict):
     @pulumi.getter(name="disableEscaping")
     def disable_escaping(self) -> Optional[bool]:
         """
-        Disable special character escaping in username and password.
+        Disable special character escaping in username and password
         """
         return pulumi.get(self, "disable_escaping")
 
@@ -4299,7 +4198,7 @@ class SecretsMountMssql(dict):
     @pulumi.getter(name="maxConnectionLifetime")
     def max_connection_lifetime(self) -> Optional[int]:
         """
-        The maximum amount of time a connection may be reused.
+        Maximum number of seconds a connection may be reused.
         """
         return pulumi.get(self, "max_connection_lifetime")
 
@@ -4307,8 +4206,7 @@ class SecretsMountMssql(dict):
     @pulumi.getter(name="maxIdleConnections")
     def max_idle_connections(self) -> Optional[int]:
         """
-        The maximum number of idle connections to
-        the database.
+        Maximum number of idle connections to the database.
         """
         return pulumi.get(self, "max_idle_connections")
 
@@ -4316,8 +4214,7 @@ class SecretsMountMssql(dict):
     @pulumi.getter(name="maxOpenConnections")
     def max_open_connections(self) -> Optional[int]:
         """
-        The maximum number of open connections to
-        the database.
+        Maximum number of open connections to the database.
         """
         return pulumi.get(self, "max_open_connections")
 
@@ -4325,7 +4222,7 @@ class SecretsMountMssql(dict):
     @pulumi.getter
     def password(self) -> Optional[str]:
         """
-        The root credential password used in the connection URL.
+        The root credential password used in the connection URL
         """
         return pulumi.get(self, "password")
 
@@ -4349,7 +4246,7 @@ class SecretsMountMssql(dict):
     @pulumi.getter
     def username(self) -> Optional[str]:
         """
-        The root credential username used in the connection URL.
+        The root credential username used in the connection URL
         """
         return pulumi.get(self, "username")
 
@@ -4357,7 +4254,7 @@ class SecretsMountMssql(dict):
     @pulumi.getter(name="usernameTemplate")
     def username_template(self) -> Optional[str]:
         """
-        [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.
+        Username generation template.
         """
         return pulumi.get(self, "username_template")
 
@@ -4419,7 +4316,7 @@ class SecretsMountMysql(dict):
                  allowed_roles: Optional[Sequence[str]] = None,
                  auth_type: Optional[str] = None,
                  connection_url: Optional[str] = None,
-                 data: Optional[Mapping[str, Any]] = None,
+                 data: Optional[Mapping[str, str]] = None,
                  max_connection_lifetime: Optional[int] = None,
                  max_idle_connections: Optional[int] = None,
                  max_open_connections: Optional[int] = None,
@@ -4437,24 +4334,21 @@ class SecretsMountMysql(dict):
         :param Sequence[str] allowed_roles: A list of roles that are allowed to use this
                connection.
         :param str auth_type: Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
-        :param str connection_url: Specifies the Redshift DSN. 
-               See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)
-        :param Mapping[str, Any] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
+        :param str connection_url: Connection string to use to connect to the database.
+        :param Mapping[str, str] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
                
                Supported list of database secrets engines that can be configured:
-        :param int max_connection_lifetime: The maximum amount of time a connection may be reused.
-        :param int max_idle_connections: The maximum number of idle connections to
-               the database.
-        :param int max_open_connections: The maximum number of open connections to
-               the database.
-        :param str password: The root credential password used in the connection URL.
+        :param int max_connection_lifetime: Maximum number of seconds a connection may be reused.
+        :param int max_idle_connections: Maximum number of idle connections to the database.
+        :param int max_open_connections: Maximum number of open connections to the database.
+        :param str password: The root credential password used in the connection URL
         :param str plugin_name: Specifies the name of the plugin to use.
         :param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
         :param str service_account_json: A JSON encoded credential for use with IAM authorization
         :param str tls_ca: x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
         :param str tls_certificate_key: x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
-        :param str username: The root credential username used in the connection URL.
-        :param str username_template: [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.
+        :param str username: The root credential username used in the connection URL
+        :param str username_template: Username generation template.
         :param bool verify_connection: Whether the connection should be verified on
                initial configuration or not.
         """
@@ -4521,14 +4415,13 @@ class SecretsMountMysql(dict):
     @pulumi.getter(name="connectionUrl")
     def connection_url(self) -> Optional[str]:
         """
-        Specifies the Redshift DSN. 
-        See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)
+        Connection string to use to connect to the database.
         """
         return pulumi.get(self, "connection_url")
 
     @property
     @pulumi.getter
-    def data(self) -> Optional[Mapping[str, Any]]:
+    def data(self) -> Optional[Mapping[str, str]]:
         """
         A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
 
@@ -4540,7 +4433,7 @@ class SecretsMountMysql(dict):
     @pulumi.getter(name="maxConnectionLifetime")
     def max_connection_lifetime(self) -> Optional[int]:
         """
-        The maximum amount of time a connection may be reused.
+        Maximum number of seconds a connection may be reused.
         """
         return pulumi.get(self, "max_connection_lifetime")
 
@@ -4548,8 +4441,7 @@ class SecretsMountMysql(dict):
     @pulumi.getter(name="maxIdleConnections")
     def max_idle_connections(self) -> Optional[int]:
         """
-        The maximum number of idle connections to
-        the database.
+        Maximum number of idle connections to the database.
         """
         return pulumi.get(self, "max_idle_connections")
 
@@ -4557,8 +4449,7 @@ class SecretsMountMysql(dict):
     @pulumi.getter(name="maxOpenConnections")
     def max_open_connections(self) -> Optional[int]:
         """
-        The maximum number of open connections to
-        the database.
+        Maximum number of open connections to the database.
         """
         return pulumi.get(self, "max_open_connections")
 
@@ -4566,7 +4457,7 @@ class SecretsMountMysql(dict):
     @pulumi.getter
     def password(self) -> Optional[str]:
         """
-        The root credential password used in the connection URL.
+        The root credential password used in the connection URL
         """
         return pulumi.get(self, "password")
 
@@ -4614,7 +4505,7 @@ class SecretsMountMysql(dict):
     @pulumi.getter
     def username(self) -> Optional[str]:
         """
-        The root credential username used in the connection URL.
+        The root credential username used in the connection URL
         """
         return pulumi.get(self, "username")
 
@@ -4622,7 +4513,7 @@ class SecretsMountMysql(dict):
     @pulumi.getter(name="usernameTemplate")
     def username_template(self) -> Optional[str]:
         """
-        [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.
+        Username generation template.
         """
         return pulumi.get(self, "username_template")
 
@@ -4684,7 +4575,7 @@ class SecretsMountMysqlAurora(dict):
                  allowed_roles: Optional[Sequence[str]] = None,
                  auth_type: Optional[str] = None,
                  connection_url: Optional[str] = None,
-                 data: Optional[Mapping[str, Any]] = None,
+                 data: Optional[Mapping[str, str]] = None,
                  max_connection_lifetime: Optional[int] = None,
                  max_idle_connections: Optional[int] = None,
                  max_open_connections: Optional[int] = None,
@@ -4702,24 +4593,21 @@ class SecretsMountMysqlAurora(dict):
         :param Sequence[str] allowed_roles: A list of roles that are allowed to use this
                connection.
         :param str auth_type: Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
-        :param str connection_url: Specifies the Redshift DSN. 
-               See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)
-        :param Mapping[str, Any] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
+        :param str connection_url: Connection string to use to connect to the database.
+        :param Mapping[str, str] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
                
                Supported list of database secrets engines that can be configured:
-        :param int max_connection_lifetime: The maximum amount of time a connection may be reused.
-        :param int max_idle_connections: The maximum number of idle connections to
-               the database.
-        :param int max_open_connections: The maximum number of open connections to
-               the database.
-        :param str password: The root credential password used in the connection URL.
+        :param int max_connection_lifetime: Maximum number of seconds a connection may be reused.
+        :param int max_idle_connections: Maximum number of idle connections to the database.
+        :param int max_open_connections: Maximum number of open connections to the database.
+        :param str password: The root credential password used in the connection URL
         :param str plugin_name: Specifies the name of the plugin to use.
         :param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
         :param str service_account_json: A JSON encoded credential for use with IAM authorization
         :param str tls_ca: x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
         :param str tls_certificate_key: x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
-        :param str username: The root credential username used in the connection URL.
-        :param str username_template: [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.
+        :param str username: The root credential username used in the connection URL
+        :param str username_template: Username generation template.
         :param bool verify_connection: Whether the connection should be verified on
                initial configuration or not.
         """
@@ -4786,14 +4674,13 @@ class SecretsMountMysqlAurora(dict):
     @pulumi.getter(name="connectionUrl")
     def connection_url(self) -> Optional[str]:
         """
-        Specifies the Redshift DSN. 
-        See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)
+        Connection string to use to connect to the database.
         """
         return pulumi.get(self, "connection_url")
 
     @property
     @pulumi.getter
-    def data(self) -> Optional[Mapping[str, Any]]:
+    def data(self) -> Optional[Mapping[str, str]]:
         """
         A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
 
@@ -4805,7 +4692,7 @@ class SecretsMountMysqlAurora(dict):
     @pulumi.getter(name="maxConnectionLifetime")
     def max_connection_lifetime(self) -> Optional[int]:
         """
-        The maximum amount of time a connection may be reused.
+        Maximum number of seconds a connection may be reused.
         """
         return pulumi.get(self, "max_connection_lifetime")
 
@@ -4813,8 +4700,7 @@ class SecretsMountMysqlAurora(dict):
     @pulumi.getter(name="maxIdleConnections")
     def max_idle_connections(self) -> Optional[int]:
         """
-        The maximum number of idle connections to
-        the database.
+        Maximum number of idle connections to the database.
         """
         return pulumi.get(self, "max_idle_connections")
 
@@ -4822,8 +4708,7 @@ class SecretsMountMysqlAurora(dict):
     @pulumi.getter(name="maxOpenConnections")
     def max_open_connections(self) -> Optional[int]:
         """
-        The maximum number of open connections to
-        the database.
+        Maximum number of open connections to the database.
         """
         return pulumi.get(self, "max_open_connections")
 
@@ -4831,7 +4716,7 @@ class SecretsMountMysqlAurora(dict):
     @pulumi.getter
     def password(self) -> Optional[str]:
         """
-        The root credential password used in the connection URL.
+        The root credential password used in the connection URL
         """
         return pulumi.get(self, "password")
 
@@ -4879,7 +4764,7 @@ class SecretsMountMysqlAurora(dict):
     @pulumi.getter
     def username(self) -> Optional[str]:
         """
-        The root credential username used in the connection URL.
+        The root credential username used in the connection URL
         """
         return pulumi.get(self, "username")
 
@@ -4887,7 +4772,7 @@ class SecretsMountMysqlAurora(dict):
     @pulumi.getter(name="usernameTemplate")
     def username_template(self) -> Optional[str]:
         """
-        [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.
+        Username generation template.
         """
         return pulumi.get(self, "username_template")
 
@@ -4949,7 +4834,7 @@ class SecretsMountMysqlLegacy(dict):
                  allowed_roles: Optional[Sequence[str]] = None,
                  auth_type: Optional[str] = None,
                  connection_url: Optional[str] = None,
-                 data: Optional[Mapping[str, Any]] = None,
+                 data: Optional[Mapping[str, str]] = None,
                  max_connection_lifetime: Optional[int] = None,
                  max_idle_connections: Optional[int] = None,
                  max_open_connections: Optional[int] = None,
@@ -4967,24 +4852,21 @@ class SecretsMountMysqlLegacy(dict):
         :param Sequence[str] allowed_roles: A list of roles that are allowed to use this
                connection.
         :param str auth_type: Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
-        :param str connection_url: Specifies the Redshift DSN. 
-               See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)
-        :param Mapping[str, Any] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
+        :param str connection_url: Connection string to use to connect to the database.
+        :param Mapping[str, str] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
                
                Supported list of database secrets engines that can be configured:
-        :param int max_connection_lifetime: The maximum amount of time a connection may be reused.
-        :param int max_idle_connections: The maximum number of idle connections to
-               the database.
-        :param int max_open_connections: The maximum number of open connections to
-               the database.
-        :param str password: The root credential password used in the connection URL.
+        :param int max_connection_lifetime: Maximum number of seconds a connection may be reused.
+        :param int max_idle_connections: Maximum number of idle connections to the database.
+        :param int max_open_connections: Maximum number of open connections to the database.
+        :param str password: The root credential password used in the connection URL
         :param str plugin_name: Specifies the name of the plugin to use.
         :param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
         :param str service_account_json: A JSON encoded credential for use with IAM authorization
         :param str tls_ca: x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
         :param str tls_certificate_key: x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
-        :param str username: The root credential username used in the connection URL.
-        :param str username_template: [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.
+        :param str username: The root credential username used in the connection URL
+        :param str username_template: Username generation template.
         :param bool verify_connection: Whether the connection should be verified on
                initial configuration or not.
         """
@@ -5051,14 +4933,13 @@ class SecretsMountMysqlLegacy(dict):
     @pulumi.getter(name="connectionUrl")
     def connection_url(self) -> Optional[str]:
         """
-        Specifies the Redshift DSN. 
-        See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)
+        Connection string to use to connect to the database.
         """
         return pulumi.get(self, "connection_url")
 
     @property
     @pulumi.getter
-    def data(self) -> Optional[Mapping[str, Any]]:
+    def data(self) -> Optional[Mapping[str, str]]:
         """
         A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
 
@@ -5070,7 +4951,7 @@ class SecretsMountMysqlLegacy(dict):
     @pulumi.getter(name="maxConnectionLifetime")
     def max_connection_lifetime(self) -> Optional[int]:
         """
-        The maximum amount of time a connection may be reused.
+        Maximum number of seconds a connection may be reused.
         """
         return pulumi.get(self, "max_connection_lifetime")
 
@@ -5078,8 +4959,7 @@ class SecretsMountMysqlLegacy(dict):
     @pulumi.getter(name="maxIdleConnections")
     def max_idle_connections(self) -> Optional[int]:
         """
-        The maximum number of idle connections to
-        the database.
+        Maximum number of idle connections to the database.
         """
         return pulumi.get(self, "max_idle_connections")
 
@@ -5087,8 +4967,7 @@ class SecretsMountMysqlLegacy(dict):
     @pulumi.getter(name="maxOpenConnections")
     def max_open_connections(self) -> Optional[int]:
         """
-        The maximum number of open connections to
-        the database.
+        Maximum number of open connections to the database.
         """
         return pulumi.get(self, "max_open_connections")
 
@@ -5096,7 +4975,7 @@ class SecretsMountMysqlLegacy(dict):
     @pulumi.getter
     def password(self) -> Optional[str]:
         """
-        The root credential password used in the connection URL.
+        The root credential password used in the connection URL
         """
         return pulumi.get(self, "password")
 
@@ -5144,7 +5023,7 @@ class SecretsMountMysqlLegacy(dict):
     @pulumi.getter
     def username(self) -> Optional[str]:
         """
-        The root credential username used in the connection URL.
+        The root credential username used in the connection URL
         """
         return pulumi.get(self, "username")
 
@@ -5152,7 +5031,7 @@ class SecretsMountMysqlLegacy(dict):
     @pulumi.getter(name="usernameTemplate")
     def username_template(self) -> Optional[str]:
         """
-        [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.
+        Username generation template.
         """
         return pulumi.get(self, "username_template")
 
@@ -5214,7 +5093,7 @@ class SecretsMountMysqlRd(dict):
                  allowed_roles: Optional[Sequence[str]] = None,
                  auth_type: Optional[str] = None,
                  connection_url: Optional[str] = None,
-                 data: Optional[Mapping[str, Any]] = None,
+                 data: Optional[Mapping[str, str]] = None,
                  max_connection_lifetime: Optional[int] = None,
                  max_idle_connections: Optional[int] = None,
                  max_open_connections: Optional[int] = None,
@@ -5232,24 +5111,21 @@ class SecretsMountMysqlRd(dict):
         :param Sequence[str] allowed_roles: A list of roles that are allowed to use this
                connection.
         :param str auth_type: Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
-        :param str connection_url: Specifies the Redshift DSN. 
-               See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)
-        :param Mapping[str, Any] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
+        :param str connection_url: Connection string to use to connect to the database.
+        :param Mapping[str, str] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
                
                Supported list of database secrets engines that can be configured:
-        :param int max_connection_lifetime: The maximum amount of time a connection may be reused.
-        :param int max_idle_connections: The maximum number of idle connections to
-               the database.
-        :param int max_open_connections: The maximum number of open connections to
-               the database.
-        :param str password: The root credential password used in the connection URL.
+        :param int max_connection_lifetime: Maximum number of seconds a connection may be reused.
+        :param int max_idle_connections: Maximum number of idle connections to the database.
+        :param int max_open_connections: Maximum number of open connections to the database.
+        :param str password: The root credential password used in the connection URL
         :param str plugin_name: Specifies the name of the plugin to use.
         :param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
         :param str service_account_json: A JSON encoded credential for use with IAM authorization
         :param str tls_ca: x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
         :param str tls_certificate_key: x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
-        :param str username: The root credential username used in the connection URL.
-        :param str username_template: [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.
+        :param str username: The root credential username used in the connection URL
+        :param str username_template: Username generation template.
         :param bool verify_connection: Whether the connection should be verified on
                initial configuration or not.
         """
@@ -5316,14 +5192,13 @@ class SecretsMountMysqlRd(dict):
     @pulumi.getter(name="connectionUrl")
     def connection_url(self) -> Optional[str]:
         """
-        Specifies the Redshift DSN. 
-        See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)
+        Connection string to use to connect to the database.
         """
         return pulumi.get(self, "connection_url")
 
     @property
     @pulumi.getter
-    def data(self) -> Optional[Mapping[str, Any]]:
+    def data(self) -> Optional[Mapping[str, str]]:
         """
         A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
 
@@ -5335,7 +5210,7 @@ class SecretsMountMysqlRd(dict):
     @pulumi.getter(name="maxConnectionLifetime")
     def max_connection_lifetime(self) -> Optional[int]:
         """
-        The maximum amount of time a connection may be reused.
+        Maximum number of seconds a connection may be reused.
         """
         return pulumi.get(self, "max_connection_lifetime")
 
@@ -5343,8 +5218,7 @@ class SecretsMountMysqlRd(dict):
     @pulumi.getter(name="maxIdleConnections")
     def max_idle_connections(self) -> Optional[int]:
         """
-        The maximum number of idle connections to
-        the database.
+        Maximum number of idle connections to the database.
         """
         return pulumi.get(self, "max_idle_connections")
 
@@ -5352,8 +5226,7 @@ class SecretsMountMysqlRd(dict):
     @pulumi.getter(name="maxOpenConnections")
     def max_open_connections(self) -> Optional[int]:
         """
-        The maximum number of open connections to
-        the database.
+        Maximum number of open connections to the database.
         """
         return pulumi.get(self, "max_open_connections")
 
@@ -5361,7 +5234,7 @@ class SecretsMountMysqlRd(dict):
     @pulumi.getter
     def password(self) -> Optional[str]:
         """
-        The root credential password used in the connection URL.
+        The root credential password used in the connection URL
         """
         return pulumi.get(self, "password")
 
@@ -5409,7 +5282,7 @@ class SecretsMountMysqlRd(dict):
     @pulumi.getter
     def username(self) -> Optional[str]:
         """
-        The root credential username used in the connection URL.
+        The root credential username used in the connection URL
         """
         return pulumi.get(self, "username")
 
@@ -5417,7 +5290,7 @@ class SecretsMountMysqlRd(dict):
     @pulumi.getter(name="usernameTemplate")
     def username_template(self) -> Optional[str]:
         """
-        [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.
+        Username generation template.
         """
         return pulumi.get(self, "username_template")
 
@@ -5474,7 +5347,7 @@ class SecretsMountOracle(dict):
                  name: str,
                  allowed_roles: Optional[Sequence[str]] = None,
                  connection_url: Optional[str] = None,
-                 data: Optional[Mapping[str, Any]] = None,
+                 data: Optional[Mapping[str, str]] = None,
                  disconnect_sessions: Optional[bool] = None,
                  max_connection_lifetime: Optional[int] = None,
                  max_idle_connections: Optional[int] = None,
@@ -5490,23 +5363,20 @@ class SecretsMountOracle(dict):
         :param str name: Name of the database connection.
         :param Sequence[str] allowed_roles: A list of roles that are allowed to use this
                connection.
-        :param str connection_url: Specifies the Redshift DSN. 
-               See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)
-        :param Mapping[str, Any] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
+        :param str connection_url: Connection string to use to connect to the database.
+        :param Mapping[str, str] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
                
                Supported list of database secrets engines that can be configured:
         :param bool disconnect_sessions: Set to true to disconnect any open sessions prior to running the revocation statements.
-        :param int max_connection_lifetime: The maximum amount of time a connection may be reused.
-        :param int max_idle_connections: The maximum number of idle connections to
-               the database.
-        :param int max_open_connections: The maximum number of open connections to
-               the database.
-        :param str password: The root credential password used in the connection URL.
+        :param int max_connection_lifetime: Maximum number of seconds a connection may be reused.
+        :param int max_idle_connections: Maximum number of idle connections to the database.
+        :param int max_open_connections: Maximum number of open connections to the database.
+        :param str password: The root credential password used in the connection URL
         :param str plugin_name: Specifies the name of the plugin to use.
         :param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
         :param bool split_statements: Set to true in order to split statements after semi-colons.
-        :param str username: The root credential username used in the connection URL.
-        :param str username_template: [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.
+        :param str username: The root credential username used in the connection URL
+        :param str username_template: Username generation template.
         :param bool verify_connection: Whether the connection should be verified on
                initial configuration or not.
         """
@@ -5561,14 +5431,13 @@ class SecretsMountOracle(dict):
     @pulumi.getter(name="connectionUrl")
     def connection_url(self) -> Optional[str]:
         """
-        Specifies the Redshift DSN. 
-        See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)
+        Connection string to use to connect to the database.
         """
         return pulumi.get(self, "connection_url")
 
     @property
     @pulumi.getter
-    def data(self) -> Optional[Mapping[str, Any]]:
+    def data(self) -> Optional[Mapping[str, str]]:
         """
         A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
 
@@ -5588,7 +5457,7 @@ class SecretsMountOracle(dict):
     @pulumi.getter(name="maxConnectionLifetime")
     def max_connection_lifetime(self) -> Optional[int]:
         """
-        The maximum amount of time a connection may be reused.
+        Maximum number of seconds a connection may be reused.
         """
         return pulumi.get(self, "max_connection_lifetime")
 
@@ -5596,8 +5465,7 @@ class SecretsMountOracle(dict):
     @pulumi.getter(name="maxIdleConnections")
     def max_idle_connections(self) -> Optional[int]:
         """
-        The maximum number of idle connections to
-        the database.
+        Maximum number of idle connections to the database.
         """
         return pulumi.get(self, "max_idle_connections")
 
@@ -5605,8 +5473,7 @@ class SecretsMountOracle(dict):
     @pulumi.getter(name="maxOpenConnections")
     def max_open_connections(self) -> Optional[int]:
         """
-        The maximum number of open connections to
-        the database.
+        Maximum number of open connections to the database.
         """
         return pulumi.get(self, "max_open_connections")
 
@@ -5614,7 +5481,7 @@ class SecretsMountOracle(dict):
     @pulumi.getter
     def password(self) -> Optional[str]:
         """
-        The root credential password used in the connection URL.
+        The root credential password used in the connection URL
         """
         return pulumi.get(self, "password")
 
@@ -5646,7 +5513,7 @@ class SecretsMountOracle(dict):
     @pulumi.getter
     def username(self) -> Optional[str]:
         """
-        The root credential username used in the connection URL.
+        The root credential username used in the connection URL
         """
         return pulumi.get(self, "username")
 
@@ -5654,7 +5521,7 @@ class SecretsMountOracle(dict):
     @pulumi.getter(name="usernameTemplate")
     def username_template(self) -> Optional[str]:
         """
-        [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.
+        Username generation template.
         """
         return pulumi.get(self, "username_template")
 
@@ -5687,12 +5554,22 @@ class SecretsMountPostgresql(dict):
             suggest = "max_idle_connections"
         elif key == "maxOpenConnections":
             suggest = "max_open_connections"
+        elif key == "passwordAuthentication":
+            suggest = "password_authentication"
         elif key == "pluginName":
             suggest = "plugin_name"
+        elif key == "privateKey":
+            suggest = "private_key"
         elif key == "rootRotationStatements":
             suggest = "root_rotation_statements"
+        elif key == "selfManaged":
+            suggest = "self_managed"
         elif key == "serviceAccountJson":
             suggest = "service_account_json"
+        elif key == "tlsCa":
+            suggest = "tls_ca"
+        elif key == "tlsCertificate":
+            suggest = "tls_certificate"
         elif key == "usernameTemplate":
             suggest = "username_template"
         elif key == "verifyConnection":
@@ -5714,15 +5591,20 @@ class SecretsMountPostgresql(dict):
                  allowed_roles: Optional[Sequence[str]] = None,
                  auth_type: Optional[str] = None,
                  connection_url: Optional[str] = None,
-                 data: Optional[Mapping[str, Any]] = None,
+                 data: Optional[Mapping[str, str]] = None,
                  disable_escaping: Optional[bool] = None,
                  max_connection_lifetime: Optional[int] = None,
                  max_idle_connections: Optional[int] = None,
                  max_open_connections: Optional[int] = None,
                  password: Optional[str] = None,
+                 password_authentication: Optional[str] = None,
                  plugin_name: Optional[str] = None,
+                 private_key: Optional[str] = None,
                  root_rotation_statements: Optional[Sequence[str]] = None,
+                 self_managed: Optional[bool] = None,
                  service_account_json: Optional[str] = None,
+                 tls_ca: Optional[str] = None,
+                 tls_certificate: Optional[str] = None,
                  username: Optional[str] = None,
                  username_template: Optional[str] = None,
                  verify_connection: Optional[bool] = None):
@@ -5731,23 +5613,25 @@ class SecretsMountPostgresql(dict):
         :param Sequence[str] allowed_roles: A list of roles that are allowed to use this
                connection.
         :param str auth_type: Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
-        :param str connection_url: Specifies the Redshift DSN. 
-               See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)
-        :param Mapping[str, Any] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
+        :param str connection_url: Connection string to use to connect to the database.
+        :param Mapping[str, str] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
                
                Supported list of database secrets engines that can be configured:
-        :param bool disable_escaping: Disable special character escaping in username and password.
-        :param int max_connection_lifetime: The maximum amount of time a connection may be reused.
-        :param int max_idle_connections: The maximum number of idle connections to
-               the database.
-        :param int max_open_connections: The maximum number of open connections to
-               the database.
-        :param str password: The root credential password used in the connection URL.
+        :param bool disable_escaping: Disable special character escaping in username and password
+        :param int max_connection_lifetime: Maximum number of seconds a connection may be reused.
+        :param int max_idle_connections: Maximum number of idle connections to the database.
+        :param int max_open_connections: Maximum number of open connections to the database.
+        :param str password: The root credential password used in the connection URL
+        :param str password_authentication: When set to `scram-sha-256`, passwords will be hashed by Vault before being sent to PostgreSQL.
         :param str plugin_name: Specifies the name of the plugin to use.
+        :param str private_key: The secret key used for the x509 client certificate. Must be PEM encoded.
         :param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
+        :param bool self_managed: If set, allows onboarding static roles with a rootless connection configuration.
         :param str service_account_json: A JSON encoded credential for use with IAM authorization
-        :param str username: The root credential username used in the connection URL.
-        :param str username_template: [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.
+        :param str tls_ca: The x509 CA file for validating the certificate presented by the PostgreSQL server. Must be PEM encoded.
+        :param str tls_certificate: The x509 client certificate for connecting to the database. Must be PEM encoded.
+        :param str username: The root credential username used in the connection URL
+        :param str username_template: Username generation template.
         :param bool verify_connection: Whether the connection should be verified on
                initial configuration or not.
         """
@@ -5770,12 +5654,22 @@ class SecretsMountPostgresql(dict):
             pulumi.set(__self__, "max_open_connections", max_open_connections)
         if password is not None:
             pulumi.set(__self__, "password", password)
+        if password_authentication is not None:
+            pulumi.set(__self__, "password_authentication", password_authentication)
         if plugin_name is not None:
             pulumi.set(__self__, "plugin_name", plugin_name)
+        if private_key is not None:
+            pulumi.set(__self__, "private_key", private_key)
         if root_rotation_statements is not None:
             pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
+        if self_managed is not None:
+            pulumi.set(__self__, "self_managed", self_managed)
         if service_account_json is not None:
             pulumi.set(__self__, "service_account_json", service_account_json)
+        if tls_ca is not None:
+            pulumi.set(__self__, "tls_ca", tls_ca)
+        if tls_certificate is not None:
+            pulumi.set(__self__, "tls_certificate", tls_certificate)
         if username is not None:
             pulumi.set(__self__, "username", username)
         if username_template is not None:
@@ -5812,14 +5706,13 @@ class SecretsMountPostgresql(dict):
     @pulumi.getter(name="connectionUrl")
     def connection_url(self) -> Optional[str]:
         """
-        Specifies the Redshift DSN. 
-        See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)
+        Connection string to use to connect to the database.
         """
         return pulumi.get(self, "connection_url")
 
     @property
     @pulumi.getter
-    def data(self) -> Optional[Mapping[str, Any]]:
+    def data(self) -> Optional[Mapping[str, str]]:
         """
         A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
 
@@ -5831,7 +5724,7 @@ class SecretsMountPostgresql(dict):
     @pulumi.getter(name="disableEscaping")
     def disable_escaping(self) -> Optional[bool]:
         """
-        Disable special character escaping in username and password.
+        Disable special character escaping in username and password
         """
         return pulumi.get(self, "disable_escaping")
 
@@ -5839,7 +5732,7 @@ class SecretsMountPostgresql(dict):
     @pulumi.getter(name="maxConnectionLifetime")
     def max_connection_lifetime(self) -> Optional[int]:
         """
-        The maximum amount of time a connection may be reused.
+        Maximum number of seconds a connection may be reused.
         """
         return pulumi.get(self, "max_connection_lifetime")
 
@@ -5847,8 +5740,7 @@ class SecretsMountPostgresql(dict):
     @pulumi.getter(name="maxIdleConnections")
     def max_idle_connections(self) -> Optional[int]:
         """
-        The maximum number of idle connections to
-        the database.
+        Maximum number of idle connections to the database.
         """
         return pulumi.get(self, "max_idle_connections")
 
@@ -5856,8 +5748,7 @@ class SecretsMountPostgresql(dict):
     @pulumi.getter(name="maxOpenConnections")
     def max_open_connections(self) -> Optional[int]:
         """
-        The maximum number of open connections to
-        the database.
+        Maximum number of open connections to the database.
         """
         return pulumi.get(self, "max_open_connections")
 
@@ -5865,10 +5756,18 @@ class SecretsMountPostgresql(dict):
     @pulumi.getter
     def password(self) -> Optional[str]:
         """
-        The root credential password used in the connection URL.
+        The root credential password used in the connection URL
         """
         return pulumi.get(self, "password")
 
+    @property
+    @pulumi.getter(name="passwordAuthentication")
+    def password_authentication(self) -> Optional[str]:
+        """
+        When set to `scram-sha-256`, passwords will be hashed by Vault before being sent to PostgreSQL.
+        """
+        return pulumi.get(self, "password_authentication")
+
     @property
     @pulumi.getter(name="pluginName")
     def plugin_name(self) -> Optional[str]:
@@ -5877,6 +5776,14 @@ class SecretsMountPostgresql(dict):
         """
         return pulumi.get(self, "plugin_name")
 
+    @property
+    @pulumi.getter(name="privateKey")
+    def private_key(self) -> Optional[str]:
+        """
+        The secret key used for the x509 client certificate. Must be PEM encoded.
+        """
+        return pulumi.get(self, "private_key")
+
     @property
     @pulumi.getter(name="rootRotationStatements")
     def root_rotation_statements(self) -> Optional[Sequence[str]]:
@@ -5885,6 +5792,14 @@ class SecretsMountPostgresql(dict):
         """
         return pulumi.get(self, "root_rotation_statements")
 
+    @property
+    @pulumi.getter(name="selfManaged")
+    def self_managed(self) -> Optional[bool]:
+        """
+        If set, allows onboarding static roles with a rootless connection configuration.
+        """
+        return pulumi.get(self, "self_managed")
+
     @property
     @pulumi.getter(name="serviceAccountJson")
     def service_account_json(self) -> Optional[str]:
@@ -5893,11 +5808,27 @@ class SecretsMountPostgresql(dict):
         """
         return pulumi.get(self, "service_account_json")
 
+    @property
+    @pulumi.getter(name="tlsCa")
+    def tls_ca(self) -> Optional[str]:
+        """
+        The x509 CA file for validating the certificate presented by the PostgreSQL server. Must be PEM encoded.
+        """
+        return pulumi.get(self, "tls_ca")
+
+    @property
+    @pulumi.getter(name="tlsCertificate")
+    def tls_certificate(self) -> Optional[str]:
+        """
+        The x509 client certificate for connecting to the database. Must be PEM encoded.
+        """
+        return pulumi.get(self, "tls_certificate")
+
     @property
     @pulumi.getter
     def username(self) -> Optional[str]:
         """
-        The root credential username used in the connection URL.
+        The root credential username used in the connection URL
         """
         return pulumi.get(self, "username")
 
@@ -5905,7 +5836,7 @@ class SecretsMountPostgresql(dict):
     @pulumi.getter(name="usernameTemplate")
     def username_template(self) -> Optional[str]:
         """
-        [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.
+        Username generation template.
         """
         return pulumi.get(self, "username_template")
 
@@ -5955,7 +5886,7 @@ class SecretsMountRedi(dict):
                  username: str,
                  allowed_roles: Optional[Sequence[str]] = None,
                  ca_cert: Optional[str] = None,
-                 data: Optional[Mapping[str, Any]] = None,
+                 data: Optional[Mapping[str, str]] = None,
                  insecure_tls: Optional[bool] = None,
                  plugin_name: Optional[str] = None,
                  port: Optional[int] = None,
@@ -5963,23 +5894,21 @@ class SecretsMountRedi(dict):
                  tls: Optional[bool] = None,
                  verify_connection: Optional[bool] = None):
         """
-        :param str host: The host to connect to.
+        :param str host: Specifies the host to connect to
         :param str name: Name of the database connection.
-        :param str password: The root credential password used in the connection URL.
-        :param str username: The root credential username used in the connection URL.
+        :param str password: Specifies the password corresponding to the given username.
+        :param str username: Specifies the username for Vault to use.
         :param Sequence[str] allowed_roles: A list of roles that are allowed to use this
                connection.
-        :param str ca_cert: The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity.
-        :param Mapping[str, Any] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
+        :param str ca_cert: The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity.
+        :param Mapping[str, str] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
                
                Supported list of database secrets engines that can be configured:
-        :param bool insecure_tls: Whether to skip verification of the server
-               certificate when using TLS.
+        :param bool insecure_tls: Specifies whether to skip verification of the server certificate when using TLS.
         :param str plugin_name: Specifies the name of the plugin to use.
-        :param int port: The default port to connect to if no port is specified as
-               part of the host.
+        :param int port: The transport port to use to connect to Redis.
         :param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
-        :param bool tls: Whether to use TLS when connecting to Cassandra.
+        :param bool tls: Specifies whether to use TLS when connecting to Redis.
         :param bool verify_connection: Whether the connection should be verified on
                initial configuration or not.
         """
@@ -6010,7 +5939,7 @@ class SecretsMountRedi(dict):
     @pulumi.getter
     def host(self) -> str:
         """
-        The host to connect to.
+        Specifies the host to connect to
         """
         return pulumi.get(self, "host")
 
@@ -6026,7 +5955,7 @@ class SecretsMountRedi(dict):
     @pulumi.getter
     def password(self) -> str:
         """
-        The root credential password used in the connection URL.
+        Specifies the password corresponding to the given username.
         """
         return pulumi.get(self, "password")
 
@@ -6034,7 +5963,7 @@ class SecretsMountRedi(dict):
     @pulumi.getter
     def username(self) -> str:
         """
-        The root credential username used in the connection URL.
+        Specifies the username for Vault to use.
         """
         return pulumi.get(self, "username")
 
@@ -6051,13 +5980,13 @@ class SecretsMountRedi(dict):
     @pulumi.getter(name="caCert")
     def ca_cert(self) -> Optional[str]:
         """
-        The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity.
+        The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity.
         """
         return pulumi.get(self, "ca_cert")
 
     @property
     @pulumi.getter
-    def data(self) -> Optional[Mapping[str, Any]]:
+    def data(self) -> Optional[Mapping[str, str]]:
         """
         A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
 
@@ -6069,8 +5998,7 @@ class SecretsMountRedi(dict):
     @pulumi.getter(name="insecureTls")
     def insecure_tls(self) -> Optional[bool]:
         """
-        Whether to skip verification of the server
-        certificate when using TLS.
+        Specifies whether to skip verification of the server certificate when using TLS.
         """
         return pulumi.get(self, "insecure_tls")
 
@@ -6086,8 +6014,7 @@ class SecretsMountRedi(dict):
     @pulumi.getter
     def port(self) -> Optional[int]:
         """
-        The default port to connect to if no port is specified as
-        part of the host.
+        The transport port to use to connect to Redis.
         """
         return pulumi.get(self, "port")
 
@@ -6103,7 +6030,7 @@ class SecretsMountRedi(dict):
     @pulumi.getter
     def tls(self) -> Optional[bool]:
         """
-        Whether to use TLS when connecting to Cassandra.
+        Specifies whether to use TLS when connecting to Redis.
         """
         return pulumi.get(self, "tls")
 
@@ -6146,7 +6073,7 @@ class SecretsMountRedisElasticach(dict):
                  name: str,
                  url: str,
                  allowed_roles: Optional[Sequence[str]] = None,
-                 data: Optional[Mapping[str, Any]] = None,
+                 data: Optional[Mapping[str, str]] = None,
                  password: Optional[str] = None,
                  plugin_name: Optional[str] = None,
                  region: Optional[str] = None,
@@ -6155,19 +6082,17 @@ class SecretsMountRedisElasticach(dict):
                  verify_connection: Optional[bool] = None):
         """
         :param str name: Name of the database connection.
-        :param str url: The URL for Elasticsearch's API. https requires certificate
-               by trusted CA if used.
+        :param str url: The configuration endpoint for the ElastiCache cluster to connect to.
         :param Sequence[str] allowed_roles: A list of roles that are allowed to use this
                connection.
-        :param Mapping[str, Any] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
+        :param Mapping[str, str] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
                
                Supported list of database secrets engines that can be configured:
-        :param str password: The root credential password used in the connection URL.
+        :param str password: The AWS secret key id to use to talk to ElastiCache. If omitted the credentials chain provider is used instead.
         :param str plugin_name: Specifies the name of the plugin to use.
-        :param str region: The AWS region where the ElastiCache cluster is hosted.
-               If omitted the plugin tries to infer the region from the environment.
+        :param str region: The AWS region where the ElastiCache cluster is hosted. If omitted the plugin tries to infer the region from the environment.
         :param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
-        :param str username: The root credential username used in the connection URL.
+        :param str username: The AWS access key id to use to talk to ElastiCache. If omitted the credentials chain provider is used instead.
         :param bool verify_connection: Whether the connection should be verified on
                initial configuration or not.
         """
@@ -6202,8 +6127,7 @@ class SecretsMountRedisElasticach(dict):
     @pulumi.getter
     def url(self) -> str:
         """
-        The URL for Elasticsearch's API. https requires certificate
-        by trusted CA if used.
+        The configuration endpoint for the ElastiCache cluster to connect to.
         """
         return pulumi.get(self, "url")
 
@@ -6218,7 +6142,7 @@ class SecretsMountRedisElasticach(dict):
 
     @property
     @pulumi.getter
-    def data(self) -> Optional[Mapping[str, Any]]:
+    def data(self) -> Optional[Mapping[str, str]]:
         """
         A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
 
@@ -6230,7 +6154,7 @@ class SecretsMountRedisElasticach(dict):
     @pulumi.getter
     def password(self) -> Optional[str]:
         """
-        The root credential password used in the connection URL.
+        The AWS secret key id to use to talk to ElastiCache. If omitted the credentials chain provider is used instead.
         """
         return pulumi.get(self, "password")
 
@@ -6246,8 +6170,7 @@ class SecretsMountRedisElasticach(dict):
     @pulumi.getter
     def region(self) -> Optional[str]:
         """
-        The AWS region where the ElastiCache cluster is hosted.
-        If omitted the plugin tries to infer the region from the environment.
+        The AWS region where the ElastiCache cluster is hosted. If omitted the plugin tries to infer the region from the environment.
         """
         return pulumi.get(self, "region")
 
@@ -6263,7 +6186,7 @@ class SecretsMountRedisElasticach(dict):
     @pulumi.getter
     def username(self) -> Optional[str]:
         """
-        The root credential username used in the connection URL.
+        The AWS access key id to use to talk to ElastiCache. If omitted the credentials chain provider is used instead.
         """
         return pulumi.get(self, "username")
 
@@ -6318,7 +6241,7 @@ class SecretsMountRedshift(dict):
                  name: str,
                  allowed_roles: Optional[Sequence[str]] = None,
                  connection_url: Optional[str] = None,
-                 data: Optional[Mapping[str, Any]] = None,
+                 data: Optional[Mapping[str, str]] = None,
                  disable_escaping: Optional[bool] = None,
                  max_connection_lifetime: Optional[int] = None,
                  max_idle_connections: Optional[int] = None,
@@ -6333,22 +6256,19 @@ class SecretsMountRedshift(dict):
         :param str name: Name of the database connection.
         :param Sequence[str] allowed_roles: A list of roles that are allowed to use this
                connection.
-        :param str connection_url: Specifies the Redshift DSN. 
-               See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)
-        :param Mapping[str, Any] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
+        :param str connection_url: Connection string to use to connect to the database.
+        :param Mapping[str, str] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
                
                Supported list of database secrets engines that can be configured:
-        :param bool disable_escaping: Disable special character escaping in username and password.
-        :param int max_connection_lifetime: The maximum amount of time a connection may be reused.
-        :param int max_idle_connections: The maximum number of idle connections to
-               the database.
-        :param int max_open_connections: The maximum number of open connections to
-               the database.
-        :param str password: The root credential password used in the connection URL.
+        :param bool disable_escaping: Disable special character escaping in username and password
+        :param int max_connection_lifetime: Maximum number of seconds a connection may be reused.
+        :param int max_idle_connections: Maximum number of idle connections to the database.
+        :param int max_open_connections: Maximum number of open connections to the database.
+        :param str password: The root credential password used in the connection URL
         :param str plugin_name: Specifies the name of the plugin to use.
         :param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
-        :param str username: The root credential username used in the connection URL.
-        :param str username_template: [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.
+        :param str username: The root credential username used in the connection URL
+        :param str username_template: Username generation template.
         :param bool verify_connection: Whether the connection should be verified on
                initial configuration or not.
         """
@@ -6401,14 +6321,13 @@ class SecretsMountRedshift(dict):
     @pulumi.getter(name="connectionUrl")
     def connection_url(self) -> Optional[str]:
         """
-        Specifies the Redshift DSN. 
-        See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)
+        Connection string to use to connect to the database.
         """
         return pulumi.get(self, "connection_url")
 
     @property
     @pulumi.getter
-    def data(self) -> Optional[Mapping[str, Any]]:
+    def data(self) -> Optional[Mapping[str, str]]:
         """
         A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
 
@@ -6420,7 +6339,7 @@ class SecretsMountRedshift(dict):
     @pulumi.getter(name="disableEscaping")
     def disable_escaping(self) -> Optional[bool]:
         """
-        Disable special character escaping in username and password.
+        Disable special character escaping in username and password
         """
         return pulumi.get(self, "disable_escaping")
 
@@ -6428,7 +6347,7 @@ class SecretsMountRedshift(dict):
     @pulumi.getter(name="maxConnectionLifetime")
     def max_connection_lifetime(self) -> Optional[int]:
         """
-        The maximum amount of time a connection may be reused.
+        Maximum number of seconds a connection may be reused.
         """
         return pulumi.get(self, "max_connection_lifetime")
 
@@ -6436,8 +6355,7 @@ class SecretsMountRedshift(dict):
     @pulumi.getter(name="maxIdleConnections")
     def max_idle_connections(self) -> Optional[int]:
         """
-        The maximum number of idle connections to
-        the database.
+        Maximum number of idle connections to the database.
         """
         return pulumi.get(self, "max_idle_connections")
 
@@ -6445,8 +6363,7 @@ class SecretsMountRedshift(dict):
     @pulumi.getter(name="maxOpenConnections")
     def max_open_connections(self) -> Optional[int]:
         """
-        The maximum number of open connections to
-        the database.
+        Maximum number of open connections to the database.
         """
         return pulumi.get(self, "max_open_connections")
 
@@ -6454,7 +6371,7 @@ class SecretsMountRedshift(dict):
     @pulumi.getter
     def password(self) -> Optional[str]:
         """
-        The root credential password used in the connection URL.
+        The root credential password used in the connection URL
         """
         return pulumi.get(self, "password")
 
@@ -6478,7 +6395,7 @@ class SecretsMountRedshift(dict):
     @pulumi.getter
     def username(self) -> Optional[str]:
         """
-        The root credential username used in the connection URL.
+        The root credential username used in the connection URL
         """
         return pulumi.get(self, "username")
 
@@ -6486,7 +6403,7 @@ class SecretsMountRedshift(dict):
     @pulumi.getter(name="usernameTemplate")
     def username_template(self) -> Optional[str]:
         """
-        [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.
+        Username generation template.
         """
         return pulumi.get(self, "username_template")
 
@@ -6539,7 +6456,7 @@ class SecretsMountSnowflake(dict):
                  name: str,
                  allowed_roles: Optional[Sequence[str]] = None,
                  connection_url: Optional[str] = None,
-                 data: Optional[Mapping[str, Any]] = None,
+                 data: Optional[Mapping[str, str]] = None,
                  max_connection_lifetime: Optional[int] = None,
                  max_idle_connections: Optional[int] = None,
                  max_open_connections: Optional[int] = None,
@@ -6553,21 +6470,18 @@ class SecretsMountSnowflake(dict):
         :param str name: Name of the database connection.
         :param Sequence[str] allowed_roles: A list of roles that are allowed to use this
                connection.
-        :param str connection_url: Specifies the Redshift DSN. 
-               See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)
-        :param Mapping[str, Any] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
+        :param str connection_url: Connection string to use to connect to the database.
+        :param Mapping[str, str] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
                
                Supported list of database secrets engines that can be configured:
-        :param int max_connection_lifetime: The maximum amount of time a connection may be reused.
-        :param int max_idle_connections: The maximum number of idle connections to
-               the database.
-        :param int max_open_connections: The maximum number of open connections to
-               the database.
-        :param str password: The root credential password used in the connection URL.
+        :param int max_connection_lifetime: Maximum number of seconds a connection may be reused.
+        :param int max_idle_connections: Maximum number of idle connections to the database.
+        :param int max_open_connections: Maximum number of open connections to the database.
+        :param str password: The root credential password used in the connection URL
         :param str plugin_name: Specifies the name of the plugin to use.
         :param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
-        :param str username: The root credential username used in the connection URL.
-        :param str username_template: [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.
+        :param str username: The root credential username used in the connection URL
+        :param str username_template: Username generation template.
         :param bool verify_connection: Whether the connection should be verified on
                initial configuration or not.
         """
@@ -6618,14 +6532,13 @@ class SecretsMountSnowflake(dict):
     @pulumi.getter(name="connectionUrl")
     def connection_url(self) -> Optional[str]:
         """
-        Specifies the Redshift DSN. 
-        See [Vault docs](https://www.vaultproject.io/api-docs/secret/databases/redshift#sample-payload)
+        Connection string to use to connect to the database.
         """
         return pulumi.get(self, "connection_url")
 
     @property
     @pulumi.getter
-    def data(self) -> Optional[Mapping[str, Any]]:
+    def data(self) -> Optional[Mapping[str, str]]:
         """
         A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
 
@@ -6637,7 +6550,7 @@ class SecretsMountSnowflake(dict):
     @pulumi.getter(name="maxConnectionLifetime")
     def max_connection_lifetime(self) -> Optional[int]:
         """
-        The maximum amount of time a connection may be reused.
+        Maximum number of seconds a connection may be reused.
         """
         return pulumi.get(self, "max_connection_lifetime")
 
@@ -6645,8 +6558,7 @@ class SecretsMountSnowflake(dict):
     @pulumi.getter(name="maxIdleConnections")
     def max_idle_connections(self) -> Optional[int]:
         """
-        The maximum number of idle connections to
-        the database.
+        Maximum number of idle connections to the database.
         """
         return pulumi.get(self, "max_idle_connections")
 
@@ -6654,8 +6566,7 @@ class SecretsMountSnowflake(dict):
     @pulumi.getter(name="maxOpenConnections")
     def max_open_connections(self) -> Optional[int]:
         """
-        The maximum number of open connections to
-        the database.
+        Maximum number of open connections to the database.
         """
         return pulumi.get(self, "max_open_connections")
 
@@ -6663,7 +6574,7 @@ class SecretsMountSnowflake(dict):
     @pulumi.getter
     def password(self) -> Optional[str]:
         """
-        The root credential password used in the connection URL.
+        The root credential password used in the connection URL
         """
         return pulumi.get(self, "password")
 
@@ -6687,7 +6598,7 @@ class SecretsMountSnowflake(dict):
     @pulumi.getter
     def username(self) -> Optional[str]:
         """
-        The root credential username used in the connection URL.
+        The root credential username used in the connection URL
         """
         return pulumi.get(self, "username")
 
@@ -6695,7 +6606,7 @@ class SecretsMountSnowflake(dict):
     @pulumi.getter(name="usernameTemplate")
     def username_template(self) -> Optional[str]:
         """
-        [Template](https://www.vaultproject.io/docs/concepts/username-templating) describing how dynamic usernames are generated.
+        Username generation template.
         """
         return pulumi.get(self, "username_template")