pulumi-vault 5.21.0a1709368526__py3-none-any.whl → 6.5.0a1736836139__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (229) hide show
  1. pulumi_vault/__init__.py +52 -0
  2. pulumi_vault/_inputs.py +560 -0
  3. pulumi_vault/_utilities.py +41 -5
  4. pulumi_vault/ad/get_access_credentials.py +26 -9
  5. pulumi_vault/ad/secret_backend.py +16 -142
  6. pulumi_vault/ad/secret_library.py +16 -9
  7. pulumi_vault/ad/secret_role.py +14 -9
  8. pulumi_vault/alicloud/auth_backend_role.py +76 -190
  9. pulumi_vault/approle/auth_backend_login.py +12 -7
  10. pulumi_vault/approle/auth_backend_role.py +77 -191
  11. pulumi_vault/approle/auth_backend_role_secret_id.py +106 -7
  12. pulumi_vault/approle/get_auth_backend_role_id.py +18 -5
  13. pulumi_vault/audit.py +30 -21
  14. pulumi_vault/audit_request_header.py +11 -2
  15. pulumi_vault/auth_backend.py +66 -14
  16. pulumi_vault/aws/auth_backend_cert.py +18 -9
  17. pulumi_vault/aws/auth_backend_client.py +267 -22
  18. pulumi_vault/aws/auth_backend_config_identity.py +14 -9
  19. pulumi_vault/aws/auth_backend_identity_whitelist.py +20 -15
  20. pulumi_vault/aws/auth_backend_login.py +19 -22
  21. pulumi_vault/aws/auth_backend_role.py +77 -191
  22. pulumi_vault/aws/auth_backend_role_tag.py +12 -7
  23. pulumi_vault/aws/auth_backend_roletag_blacklist.py +18 -13
  24. pulumi_vault/aws/auth_backend_sts_role.py +14 -9
  25. pulumi_vault/aws/get_access_credentials.py +38 -9
  26. pulumi_vault/aws/get_static_access_credentials.py +19 -5
  27. pulumi_vault/aws/secret_backend.py +77 -9
  28. pulumi_vault/aws/secret_backend_role.py +185 -9
  29. pulumi_vault/aws/secret_backend_static_role.py +20 -11
  30. pulumi_vault/azure/_inputs.py +24 -0
  31. pulumi_vault/azure/auth_backend_config.py +153 -15
  32. pulumi_vault/azure/auth_backend_role.py +77 -191
  33. pulumi_vault/azure/backend.py +227 -21
  34. pulumi_vault/azure/backend_role.py +42 -37
  35. pulumi_vault/azure/get_access_credentials.py +41 -7
  36. pulumi_vault/azure/outputs.py +5 -0
  37. pulumi_vault/cert_auth_backend_role.py +87 -267
  38. pulumi_vault/config/__init__.pyi +5 -0
  39. pulumi_vault/config/_inputs.py +73 -0
  40. pulumi_vault/config/outputs.py +35 -0
  41. pulumi_vault/config/ui_custom_message.py +529 -0
  42. pulumi_vault/config/vars.py +5 -0
  43. pulumi_vault/consul/secret_backend.py +28 -19
  44. pulumi_vault/consul/secret_backend_role.py +18 -78
  45. pulumi_vault/database/_inputs.py +2770 -881
  46. pulumi_vault/database/outputs.py +721 -838
  47. pulumi_vault/database/secret_backend_connection.py +119 -112
  48. pulumi_vault/database/secret_backend_role.py +31 -22
  49. pulumi_vault/database/secret_backend_static_role.py +87 -13
  50. pulumi_vault/database/secrets_mount.py +427 -136
  51. pulumi_vault/egp_policy.py +16 -11
  52. pulumi_vault/gcp/_inputs.py +111 -0
  53. pulumi_vault/gcp/auth_backend.py +250 -33
  54. pulumi_vault/gcp/auth_backend_role.py +77 -269
  55. pulumi_vault/gcp/get_auth_backend_role.py +43 -5
  56. pulumi_vault/gcp/outputs.py +5 -0
  57. pulumi_vault/gcp/secret_backend.py +287 -12
  58. pulumi_vault/gcp/secret_impersonated_account.py +76 -15
  59. pulumi_vault/gcp/secret_roleset.py +31 -24
  60. pulumi_vault/gcp/secret_static_account.py +39 -32
  61. pulumi_vault/generic/endpoint.py +24 -17
  62. pulumi_vault/generic/get_secret.py +64 -8
  63. pulumi_vault/generic/secret.py +21 -16
  64. pulumi_vault/get_auth_backend.py +24 -7
  65. pulumi_vault/get_auth_backends.py +51 -9
  66. pulumi_vault/get_namespace.py +226 -0
  67. pulumi_vault/get_namespaces.py +153 -0
  68. pulumi_vault/get_nomad_access_token.py +31 -11
  69. pulumi_vault/get_policy_document.py +34 -19
  70. pulumi_vault/get_raft_autopilot_state.py +29 -10
  71. pulumi_vault/github/_inputs.py +55 -0
  72. pulumi_vault/github/auth_backend.py +19 -14
  73. pulumi_vault/github/outputs.py +5 -0
  74. pulumi_vault/github/team.py +16 -11
  75. pulumi_vault/github/user.py +16 -11
  76. pulumi_vault/identity/entity.py +20 -13
  77. pulumi_vault/identity/entity_alias.py +20 -13
  78. pulumi_vault/identity/entity_policies.py +28 -11
  79. pulumi_vault/identity/get_entity.py +42 -10
  80. pulumi_vault/identity/get_group.py +47 -9
  81. pulumi_vault/identity/get_oidc_client_creds.py +21 -7
  82. pulumi_vault/identity/get_oidc_openid_config.py +39 -9
  83. pulumi_vault/identity/get_oidc_public_keys.py +29 -10
  84. pulumi_vault/identity/group.py +58 -39
  85. pulumi_vault/identity/group_alias.py +16 -9
  86. pulumi_vault/identity/group_member_entity_ids.py +28 -66
  87. pulumi_vault/identity/group_member_group_ids.py +40 -19
  88. pulumi_vault/identity/group_policies.py +20 -7
  89. pulumi_vault/identity/mfa_duo.py +11 -6
  90. pulumi_vault/identity/mfa_login_enforcement.py +15 -6
  91. pulumi_vault/identity/mfa_okta.py +11 -6
  92. pulumi_vault/identity/mfa_pingid.py +7 -2
  93. pulumi_vault/identity/mfa_totp.py +7 -2
  94. pulumi_vault/identity/oidc.py +12 -7
  95. pulumi_vault/identity/oidc_assignment.py +24 -11
  96. pulumi_vault/identity/oidc_client.py +36 -23
  97. pulumi_vault/identity/oidc_key.py +30 -17
  98. pulumi_vault/identity/oidc_key_allowed_client_id.py +28 -15
  99. pulumi_vault/identity/oidc_provider.py +36 -21
  100. pulumi_vault/identity/oidc_role.py +42 -21
  101. pulumi_vault/identity/oidc_scope.py +20 -13
  102. pulumi_vault/identity/outputs.py +8 -3
  103. pulumi_vault/jwt/_inputs.py +55 -0
  104. pulumi_vault/jwt/auth_backend.py +45 -40
  105. pulumi_vault/jwt/auth_backend_role.py +133 -254
  106. pulumi_vault/jwt/outputs.py +5 -0
  107. pulumi_vault/kmip/secret_backend.py +24 -19
  108. pulumi_vault/kmip/secret_role.py +14 -9
  109. pulumi_vault/kmip/secret_scope.py +14 -9
  110. pulumi_vault/kubernetes/auth_backend_config.py +57 -5
  111. pulumi_vault/kubernetes/auth_backend_role.py +70 -177
  112. pulumi_vault/kubernetes/get_auth_backend_config.py +60 -8
  113. pulumi_vault/kubernetes/get_auth_backend_role.py +40 -5
  114. pulumi_vault/kubernetes/get_service_account_token.py +39 -11
  115. pulumi_vault/kubernetes/secret_backend.py +316 -27
  116. pulumi_vault/kubernetes/secret_backend_role.py +137 -46
  117. pulumi_vault/kv/_inputs.py +36 -4
  118. pulumi_vault/kv/get_secret.py +25 -8
  119. pulumi_vault/kv/get_secret_subkeys_v2.py +33 -10
  120. pulumi_vault/kv/get_secret_v2.py +85 -9
  121. pulumi_vault/kv/get_secrets_list.py +24 -11
  122. pulumi_vault/kv/get_secrets_list_v2.py +37 -15
  123. pulumi_vault/kv/outputs.py +8 -3
  124. pulumi_vault/kv/secret.py +23 -16
  125. pulumi_vault/kv/secret_backend_v2.py +20 -11
  126. pulumi_vault/kv/secret_v2.py +59 -50
  127. pulumi_vault/ldap/auth_backend.py +127 -166
  128. pulumi_vault/ldap/auth_backend_group.py +14 -9
  129. pulumi_vault/ldap/auth_backend_user.py +14 -9
  130. pulumi_vault/ldap/get_dynamic_credentials.py +23 -5
  131. pulumi_vault/ldap/get_static_credentials.py +24 -5
  132. pulumi_vault/ldap/secret_backend.py +354 -82
  133. pulumi_vault/ldap/secret_backend_dynamic_role.py +18 -11
  134. pulumi_vault/ldap/secret_backend_library_set.py +16 -9
  135. pulumi_vault/ldap/secret_backend_static_role.py +73 -12
  136. pulumi_vault/managed/_inputs.py +289 -132
  137. pulumi_vault/managed/keys.py +29 -57
  138. pulumi_vault/managed/outputs.py +89 -132
  139. pulumi_vault/mfa_duo.py +18 -11
  140. pulumi_vault/mfa_okta.py +18 -11
  141. pulumi_vault/mfa_pingid.py +18 -11
  142. pulumi_vault/mfa_totp.py +24 -17
  143. pulumi_vault/mongodbatlas/secret_backend.py +20 -15
  144. pulumi_vault/mongodbatlas/secret_role.py +47 -38
  145. pulumi_vault/mount.py +391 -51
  146. pulumi_vault/namespace.py +68 -83
  147. pulumi_vault/nomad_secret_backend.py +18 -13
  148. pulumi_vault/nomad_secret_role.py +14 -9
  149. pulumi_vault/okta/_inputs.py +47 -8
  150. pulumi_vault/okta/auth_backend.py +485 -39
  151. pulumi_vault/okta/auth_backend_group.py +14 -9
  152. pulumi_vault/okta/auth_backend_user.py +14 -9
  153. pulumi_vault/okta/outputs.py +13 -8
  154. pulumi_vault/outputs.py +5 -0
  155. pulumi_vault/password_policy.py +20 -13
  156. pulumi_vault/pkisecret/__init__.py +3 -0
  157. pulumi_vault/pkisecret/_inputs.py +81 -0
  158. pulumi_vault/pkisecret/backend_config_cluster.py +369 -0
  159. pulumi_vault/pkisecret/backend_config_est.py +619 -0
  160. pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
  161. pulumi_vault/pkisecret/get_backend_issuer.py +67 -9
  162. pulumi_vault/pkisecret/get_backend_issuers.py +21 -8
  163. pulumi_vault/pkisecret/get_backend_key.py +24 -9
  164. pulumi_vault/pkisecret/get_backend_keys.py +21 -8
  165. pulumi_vault/pkisecret/outputs.py +69 -0
  166. pulumi_vault/pkisecret/secret_backend_cert.py +18 -11
  167. pulumi_vault/pkisecret/secret_backend_config_ca.py +16 -11
  168. pulumi_vault/pkisecret/secret_backend_config_issuers.py +14 -9
  169. pulumi_vault/pkisecret/secret_backend_config_urls.py +67 -11
  170. pulumi_vault/pkisecret/secret_backend_crl_config.py +14 -9
  171. pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +16 -11
  172. pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +22 -17
  173. pulumi_vault/pkisecret/secret_backend_issuer.py +14 -9
  174. pulumi_vault/pkisecret/secret_backend_key.py +14 -9
  175. pulumi_vault/pkisecret/secret_backend_role.py +21 -14
  176. pulumi_vault/pkisecret/secret_backend_root_cert.py +16 -48
  177. pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +18 -56
  178. pulumi_vault/pkisecret/secret_backend_sign.py +18 -54
  179. pulumi_vault/plugin.py +595 -0
  180. pulumi_vault/plugin_pinned_version.py +298 -0
  181. pulumi_vault/policy.py +14 -9
  182. pulumi_vault/provider.py +48 -53
  183. pulumi_vault/pulumi-plugin.json +2 -1
  184. pulumi_vault/quota_lease_count.py +60 -6
  185. pulumi_vault/quota_rate_limit.py +56 -2
  186. pulumi_vault/rabbitmq/_inputs.py +61 -0
  187. pulumi_vault/rabbitmq/outputs.py +5 -0
  188. pulumi_vault/rabbitmq/secret_backend.py +18 -13
  189. pulumi_vault/rabbitmq/secret_backend_role.py +54 -47
  190. pulumi_vault/raft_autopilot.py +14 -9
  191. pulumi_vault/raft_snapshot_agent_config.py +129 -224
  192. pulumi_vault/rgp_policy.py +14 -9
  193. pulumi_vault/saml/auth_backend.py +22 -17
  194. pulumi_vault/saml/auth_backend_role.py +92 -197
  195. pulumi_vault/secrets/__init__.py +3 -0
  196. pulumi_vault/secrets/_inputs.py +110 -0
  197. pulumi_vault/secrets/outputs.py +94 -0
  198. pulumi_vault/secrets/sync_association.py +56 -71
  199. pulumi_vault/secrets/sync_aws_destination.py +242 -27
  200. pulumi_vault/secrets/sync_azure_destination.py +92 -31
  201. pulumi_vault/secrets/sync_config.py +9 -4
  202. pulumi_vault/secrets/sync_gcp_destination.py +158 -25
  203. pulumi_vault/secrets/sync_gh_destination.py +189 -13
  204. pulumi_vault/secrets/sync_github_apps.py +375 -0
  205. pulumi_vault/secrets/sync_vercel_destination.py +74 -13
  206. pulumi_vault/ssh/_inputs.py +28 -28
  207. pulumi_vault/ssh/outputs.py +11 -28
  208. pulumi_vault/ssh/secret_backend_ca.py +108 -9
  209. pulumi_vault/ssh/secret_backend_role.py +85 -118
  210. pulumi_vault/terraformcloud/secret_backend.py +7 -54
  211. pulumi_vault/terraformcloud/secret_creds.py +14 -20
  212. pulumi_vault/terraformcloud/secret_role.py +16 -74
  213. pulumi_vault/token.py +28 -23
  214. pulumi_vault/tokenauth/auth_backend_role.py +78 -199
  215. pulumi_vault/transform/alphabet.py +16 -9
  216. pulumi_vault/transform/get_decode.py +45 -17
  217. pulumi_vault/transform/get_encode.py +45 -17
  218. pulumi_vault/transform/role.py +16 -9
  219. pulumi_vault/transform/template.py +30 -21
  220. pulumi_vault/transform/transformation.py +12 -7
  221. pulumi_vault/transit/get_decrypt.py +26 -21
  222. pulumi_vault/transit/get_encrypt.py +24 -19
  223. pulumi_vault/transit/secret_backend_key.py +27 -93
  224. pulumi_vault/transit/secret_cache_config.py +12 -7
  225. {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/METADATA +8 -7
  226. pulumi_vault-6.5.0a1736836139.dist-info/RECORD +256 -0
  227. {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/WHEEL +1 -1
  228. pulumi_vault-5.21.0a1709368526.dist-info/RECORD +0 -244
  229. {pulumi_vault-5.21.0a1709368526.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/top_level.txt +0 -0
@@ -4,9 +4,14 @@
4
4
 
5
5
  import copy
6
6
  import warnings
7
+ import sys
7
8
  import pulumi
8
9
  import pulumi.runtime
9
10
  from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
10
15
  from .. import _utilities
11
16
 
12
17
  __all__ = ['AuthBackendRoleArgs', 'AuthBackendRole']
@@ -40,7 +45,7 @@ class AuthBackendRoleArgs:
40
45
  presented when logging in using this AppRole. Defaults to `true`.
41
46
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
42
47
  The value should not contain leading or trailing forward slashes.
43
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
48
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
44
49
  *Available only for Vault Enterprise*.
45
50
  :param pulumi.Input[str] role_id: The RoleID of this role. If not specified, one will be
46
51
  auto-generated.
@@ -51,32 +56,15 @@ class AuthBackendRoleArgs:
51
56
  expire. A value of zero will allow unlimited uses.
52
57
  :param pulumi.Input[int] secret_id_ttl: The number of seconds after which any SecretID
53
58
  expires.
54
- :param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: List of CIDR blocks; if set, specifies blocks of IP
55
- addresses which can authenticate successfully, and ties the resulting token to these blocks
56
- as well.
57
- :param pulumi.Input[int] token_explicit_max_ttl: If set, will encode an
58
- [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls)
59
- onto the token in number of seconds. This is a hard cap even if `token_ttl` and
60
- `token_max_ttl` would otherwise allow a renewal.
61
- :param pulumi.Input[int] token_max_ttl: The maximum lifetime for generated tokens in number of seconds.
62
- Its current value will be referenced at renewal time.
63
- :param pulumi.Input[bool] token_no_default_policy: If set, the default policy will not be set on
64
- generated tokens; otherwise it will be added to the policies set in token_policies.
65
- :param pulumi.Input[int] token_num_uses: The [maximum number](https://www.vaultproject.io/api-docs/auth/approle#token_num_uses)
66
- of times a generated token may be used (within its lifetime); 0 means unlimited.
67
- :param pulumi.Input[int] token_period: If set, indicates that the
68
- token generated using this role should never expire. The token should be renewed within the
69
- duration specified by this value. At each renewal, the token's TTL will be set to the
70
- value of this field. Specified in seconds.
71
- :param pulumi.Input[Sequence[pulumi.Input[str]]] token_policies: List of policies to encode onto generated tokens. Depending
72
- on the auth method, this list may be supplemented by user/group/other values.
73
- :param pulumi.Input[int] token_ttl: The incremental lifetime for generated tokens in number of seconds.
74
- Its current value will be referenced at renewal time.
75
- :param pulumi.Input[str] token_type: The type of token that should be generated. Can be `service`,
76
- `batch`, or `default` to use the mount's tuned default (which unless changed will be
77
- `service` tokens). For token store roles, there are two additional possibilities:
78
- `default-service` and `default-batch` which specify the type to return unless the client
79
- requests a different type at generation time.
59
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
60
+ :param pulumi.Input[int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
61
+ :param pulumi.Input[int] token_max_ttl: The maximum lifetime of the generated token
62
+ :param pulumi.Input[bool] token_no_default_policy: If true, the 'default' policy will not automatically be added to generated tokens
63
+ :param pulumi.Input[int] token_num_uses: The maximum number of times a token may be used, a value of zero means unlimited
64
+ :param pulumi.Input[int] token_period: Generated Token's Period
65
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] token_policies: Generated Token's Policies
66
+ :param pulumi.Input[int] token_ttl: The initial ttl of the token to generate in seconds
67
+ :param pulumi.Input[str] token_type: The type of token to generate, service or batch
80
68
  """
81
69
  pulumi.set(__self__, "role_name", role_name)
82
70
  if backend is not None:
@@ -156,7 +144,7 @@ class AuthBackendRoleArgs:
156
144
  """
157
145
  The namespace to provision the resource in.
158
146
  The value should not contain leading or trailing forward slashes.
159
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
147
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
160
148
  *Available only for Vault Enterprise*.
161
149
  """
162
150
  return pulumi.get(self, "namespace")
@@ -222,9 +210,7 @@ class AuthBackendRoleArgs:
222
210
  @pulumi.getter(name="tokenBoundCidrs")
223
211
  def token_bound_cidrs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
224
212
  """
225
- List of CIDR blocks; if set, specifies blocks of IP
226
- addresses which can authenticate successfully, and ties the resulting token to these blocks
227
- as well.
213
+ Specifies the blocks of IP addresses which are allowed to use the generated token
228
214
  """
229
215
  return pulumi.get(self, "token_bound_cidrs")
230
216
 
@@ -236,10 +222,7 @@ class AuthBackendRoleArgs:
236
222
  @pulumi.getter(name="tokenExplicitMaxTtl")
237
223
  def token_explicit_max_ttl(self) -> Optional[pulumi.Input[int]]:
238
224
  """
239
- If set, will encode an
240
- [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls)
241
- onto the token in number of seconds. This is a hard cap even if `token_ttl` and
242
- `token_max_ttl` would otherwise allow a renewal.
225
+ Generated Token's Explicit Maximum TTL in seconds
243
226
  """
244
227
  return pulumi.get(self, "token_explicit_max_ttl")
245
228
 
@@ -251,8 +234,7 @@ class AuthBackendRoleArgs:
251
234
  @pulumi.getter(name="tokenMaxTtl")
252
235
  def token_max_ttl(self) -> Optional[pulumi.Input[int]]:
253
236
  """
254
- The maximum lifetime for generated tokens in number of seconds.
255
- Its current value will be referenced at renewal time.
237
+ The maximum lifetime of the generated token
256
238
  """
257
239
  return pulumi.get(self, "token_max_ttl")
258
240
 
@@ -264,8 +246,7 @@ class AuthBackendRoleArgs:
264
246
  @pulumi.getter(name="tokenNoDefaultPolicy")
265
247
  def token_no_default_policy(self) -> Optional[pulumi.Input[bool]]:
266
248
  """
267
- If set, the default policy will not be set on
268
- generated tokens; otherwise it will be added to the policies set in token_policies.
249
+ If true, the 'default' policy will not automatically be added to generated tokens
269
250
  """
270
251
  return pulumi.get(self, "token_no_default_policy")
271
252
 
@@ -277,8 +258,7 @@ class AuthBackendRoleArgs:
277
258
  @pulumi.getter(name="tokenNumUses")
278
259
  def token_num_uses(self) -> Optional[pulumi.Input[int]]:
279
260
  """
280
- The [maximum number](https://www.vaultproject.io/api-docs/auth/approle#token_num_uses)
281
- of times a generated token may be used (within its lifetime); 0 means unlimited.
261
+ The maximum number of times a token may be used, a value of zero means unlimited
282
262
  """
283
263
  return pulumi.get(self, "token_num_uses")
284
264
 
@@ -290,10 +270,7 @@ class AuthBackendRoleArgs:
290
270
  @pulumi.getter(name="tokenPeriod")
291
271
  def token_period(self) -> Optional[pulumi.Input[int]]:
292
272
  """
293
- If set, indicates that the
294
- token generated using this role should never expire. The token should be renewed within the
295
- duration specified by this value. At each renewal, the token's TTL will be set to the
296
- value of this field. Specified in seconds.
273
+ Generated Token's Period
297
274
  """
298
275
  return pulumi.get(self, "token_period")
299
276
 
@@ -305,8 +282,7 @@ class AuthBackendRoleArgs:
305
282
  @pulumi.getter(name="tokenPolicies")
306
283
  def token_policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
307
284
  """
308
- List of policies to encode onto generated tokens. Depending
309
- on the auth method, this list may be supplemented by user/group/other values.
285
+ Generated Token's Policies
310
286
  """
311
287
  return pulumi.get(self, "token_policies")
312
288
 
@@ -318,8 +294,7 @@ class AuthBackendRoleArgs:
318
294
  @pulumi.getter(name="tokenTtl")
319
295
  def token_ttl(self) -> Optional[pulumi.Input[int]]:
320
296
  """
321
- The incremental lifetime for generated tokens in number of seconds.
322
- Its current value will be referenced at renewal time.
297
+ The initial ttl of the token to generate in seconds
323
298
  """
324
299
  return pulumi.get(self, "token_ttl")
325
300
 
@@ -331,11 +306,7 @@ class AuthBackendRoleArgs:
331
306
  @pulumi.getter(name="tokenType")
332
307
  def token_type(self) -> Optional[pulumi.Input[str]]:
333
308
  """
334
- The type of token that should be generated. Can be `service`,
335
- `batch`, or `default` to use the mount's tuned default (which unless changed will be
336
- `service` tokens). For token store roles, there are two additional possibilities:
337
- `default-service` and `default-batch` which specify the type to return unless the client
338
- requests a different type at generation time.
309
+ The type of token to generate, service or batch
339
310
  """
340
311
  return pulumi.get(self, "token_type")
341
312
 
@@ -372,7 +343,7 @@ class _AuthBackendRoleState:
372
343
  presented when logging in using this AppRole. Defaults to `true`.
373
344
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
374
345
  The value should not contain leading or trailing forward slashes.
375
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
346
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
376
347
  *Available only for Vault Enterprise*.
377
348
  :param pulumi.Input[str] role_id: The RoleID of this role. If not specified, one will be
378
349
  auto-generated.
@@ -384,32 +355,15 @@ class _AuthBackendRoleState:
384
355
  expire. A value of zero will allow unlimited uses.
385
356
  :param pulumi.Input[int] secret_id_ttl: The number of seconds after which any SecretID
386
357
  expires.
387
- :param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: List of CIDR blocks; if set, specifies blocks of IP
388
- addresses which can authenticate successfully, and ties the resulting token to these blocks
389
- as well.
390
- :param pulumi.Input[int] token_explicit_max_ttl: If set, will encode an
391
- [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls)
392
- onto the token in number of seconds. This is a hard cap even if `token_ttl` and
393
- `token_max_ttl` would otherwise allow a renewal.
394
- :param pulumi.Input[int] token_max_ttl: The maximum lifetime for generated tokens in number of seconds.
395
- Its current value will be referenced at renewal time.
396
- :param pulumi.Input[bool] token_no_default_policy: If set, the default policy will not be set on
397
- generated tokens; otherwise it will be added to the policies set in token_policies.
398
- :param pulumi.Input[int] token_num_uses: The [maximum number](https://www.vaultproject.io/api-docs/auth/approle#token_num_uses)
399
- of times a generated token may be used (within its lifetime); 0 means unlimited.
400
- :param pulumi.Input[int] token_period: If set, indicates that the
401
- token generated using this role should never expire. The token should be renewed within the
402
- duration specified by this value. At each renewal, the token's TTL will be set to the
403
- value of this field. Specified in seconds.
404
- :param pulumi.Input[Sequence[pulumi.Input[str]]] token_policies: List of policies to encode onto generated tokens. Depending
405
- on the auth method, this list may be supplemented by user/group/other values.
406
- :param pulumi.Input[int] token_ttl: The incremental lifetime for generated tokens in number of seconds.
407
- Its current value will be referenced at renewal time.
408
- :param pulumi.Input[str] token_type: The type of token that should be generated. Can be `service`,
409
- `batch`, or `default` to use the mount's tuned default (which unless changed will be
410
- `service` tokens). For token store roles, there are two additional possibilities:
411
- `default-service` and `default-batch` which specify the type to return unless the client
412
- requests a different type at generation time.
358
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
359
+ :param pulumi.Input[int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
360
+ :param pulumi.Input[int] token_max_ttl: The maximum lifetime of the generated token
361
+ :param pulumi.Input[bool] token_no_default_policy: If true, the 'default' policy will not automatically be added to generated tokens
362
+ :param pulumi.Input[int] token_num_uses: The maximum number of times a token may be used, a value of zero means unlimited
363
+ :param pulumi.Input[int] token_period: Generated Token's Period
364
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] token_policies: Generated Token's Policies
365
+ :param pulumi.Input[int] token_ttl: The initial ttl of the token to generate in seconds
366
+ :param pulumi.Input[str] token_type: The type of token to generate, service or batch
413
367
  """
414
368
  if backend is not None:
415
369
  pulumi.set(__self__, "backend", backend)
@@ -478,7 +432,7 @@ class _AuthBackendRoleState:
478
432
  """
479
433
  The namespace to provision the resource in.
480
434
  The value should not contain leading or trailing forward slashes.
481
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
435
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
482
436
  *Available only for Vault Enterprise*.
483
437
  """
484
438
  return pulumi.get(self, "namespace")
@@ -556,9 +510,7 @@ class _AuthBackendRoleState:
556
510
  @pulumi.getter(name="tokenBoundCidrs")
557
511
  def token_bound_cidrs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
558
512
  """
559
- List of CIDR blocks; if set, specifies blocks of IP
560
- addresses which can authenticate successfully, and ties the resulting token to these blocks
561
- as well.
513
+ Specifies the blocks of IP addresses which are allowed to use the generated token
562
514
  """
563
515
  return pulumi.get(self, "token_bound_cidrs")
564
516
 
@@ -570,10 +522,7 @@ class _AuthBackendRoleState:
570
522
  @pulumi.getter(name="tokenExplicitMaxTtl")
571
523
  def token_explicit_max_ttl(self) -> Optional[pulumi.Input[int]]:
572
524
  """
573
- If set, will encode an
574
- [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls)
575
- onto the token in number of seconds. This is a hard cap even if `token_ttl` and
576
- `token_max_ttl` would otherwise allow a renewal.
525
+ Generated Token's Explicit Maximum TTL in seconds
577
526
  """
578
527
  return pulumi.get(self, "token_explicit_max_ttl")
579
528
 
@@ -585,8 +534,7 @@ class _AuthBackendRoleState:
585
534
  @pulumi.getter(name="tokenMaxTtl")
586
535
  def token_max_ttl(self) -> Optional[pulumi.Input[int]]:
587
536
  """
588
- The maximum lifetime for generated tokens in number of seconds.
589
- Its current value will be referenced at renewal time.
537
+ The maximum lifetime of the generated token
590
538
  """
591
539
  return pulumi.get(self, "token_max_ttl")
592
540
 
@@ -598,8 +546,7 @@ class _AuthBackendRoleState:
598
546
  @pulumi.getter(name="tokenNoDefaultPolicy")
599
547
  def token_no_default_policy(self) -> Optional[pulumi.Input[bool]]:
600
548
  """
601
- If set, the default policy will not be set on
602
- generated tokens; otherwise it will be added to the policies set in token_policies.
549
+ If true, the 'default' policy will not automatically be added to generated tokens
603
550
  """
604
551
  return pulumi.get(self, "token_no_default_policy")
605
552
 
@@ -611,8 +558,7 @@ class _AuthBackendRoleState:
611
558
  @pulumi.getter(name="tokenNumUses")
612
559
  def token_num_uses(self) -> Optional[pulumi.Input[int]]:
613
560
  """
614
- The [maximum number](https://www.vaultproject.io/api-docs/auth/approle#token_num_uses)
615
- of times a generated token may be used (within its lifetime); 0 means unlimited.
561
+ The maximum number of times a token may be used, a value of zero means unlimited
616
562
  """
617
563
  return pulumi.get(self, "token_num_uses")
618
564
 
@@ -624,10 +570,7 @@ class _AuthBackendRoleState:
624
570
  @pulumi.getter(name="tokenPeriod")
625
571
  def token_period(self) -> Optional[pulumi.Input[int]]:
626
572
  """
627
- If set, indicates that the
628
- token generated using this role should never expire. The token should be renewed within the
629
- duration specified by this value. At each renewal, the token's TTL will be set to the
630
- value of this field. Specified in seconds.
573
+ Generated Token's Period
631
574
  """
632
575
  return pulumi.get(self, "token_period")
633
576
 
@@ -639,8 +582,7 @@ class _AuthBackendRoleState:
639
582
  @pulumi.getter(name="tokenPolicies")
640
583
  def token_policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
641
584
  """
642
- List of policies to encode onto generated tokens. Depending
643
- on the auth method, this list may be supplemented by user/group/other values.
585
+ Generated Token's Policies
644
586
  """
645
587
  return pulumi.get(self, "token_policies")
646
588
 
@@ -652,8 +594,7 @@ class _AuthBackendRoleState:
652
594
  @pulumi.getter(name="tokenTtl")
653
595
  def token_ttl(self) -> Optional[pulumi.Input[int]]:
654
596
  """
655
- The incremental lifetime for generated tokens in number of seconds.
656
- Its current value will be referenced at renewal time.
597
+ The initial ttl of the token to generate in seconds
657
598
  """
658
599
  return pulumi.get(self, "token_ttl")
659
600
 
@@ -665,11 +606,7 @@ class _AuthBackendRoleState:
665
606
  @pulumi.getter(name="tokenType")
666
607
  def token_type(self) -> Optional[pulumi.Input[str]]:
667
608
  """
668
- The type of token that should be generated. Can be `service`,
669
- `batch`, or `default` to use the mount's tuned default (which unless changed will be
670
- `service` tokens). For token store roles, there are two additional possibilities:
671
- `default-service` and `default-batch` which specify the type to return unless the client
672
- requests a different type at generation time.
609
+ The type of token to generate, service or batch
673
610
  """
674
611
  return pulumi.get(self, "token_type")
675
612
 
@@ -728,7 +665,7 @@ class AuthBackendRole(pulumi.CustomResource):
728
665
  AppRole authentication backend roles can be imported using the `path`, e.g.
729
666
 
730
667
  ```sh
731
- $ pulumi import vault:appRole/authBackendRole:AuthBackendRole example auth/approle/role/test-role
668
+ $ pulumi import vault:appRole/authBackendRole:AuthBackendRole example auth/approle/role/test-role
732
669
  ```
733
670
 
734
671
  :param str resource_name: The name of the resource.
@@ -739,7 +676,7 @@ class AuthBackendRole(pulumi.CustomResource):
739
676
  presented when logging in using this AppRole. Defaults to `true`.
740
677
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
741
678
  The value should not contain leading or trailing forward slashes.
742
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
679
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
743
680
  *Available only for Vault Enterprise*.
744
681
  :param pulumi.Input[str] role_id: The RoleID of this role. If not specified, one will be
745
682
  auto-generated.
@@ -751,32 +688,15 @@ class AuthBackendRole(pulumi.CustomResource):
751
688
  expire. A value of zero will allow unlimited uses.
752
689
  :param pulumi.Input[int] secret_id_ttl: The number of seconds after which any SecretID
753
690
  expires.
754
- :param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: List of CIDR blocks; if set, specifies blocks of IP
755
- addresses which can authenticate successfully, and ties the resulting token to these blocks
756
- as well.
757
- :param pulumi.Input[int] token_explicit_max_ttl: If set, will encode an
758
- [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls)
759
- onto the token in number of seconds. This is a hard cap even if `token_ttl` and
760
- `token_max_ttl` would otherwise allow a renewal.
761
- :param pulumi.Input[int] token_max_ttl: The maximum lifetime for generated tokens in number of seconds.
762
- Its current value will be referenced at renewal time.
763
- :param pulumi.Input[bool] token_no_default_policy: If set, the default policy will not be set on
764
- generated tokens; otherwise it will be added to the policies set in token_policies.
765
- :param pulumi.Input[int] token_num_uses: The [maximum number](https://www.vaultproject.io/api-docs/auth/approle#token_num_uses)
766
- of times a generated token may be used (within its lifetime); 0 means unlimited.
767
- :param pulumi.Input[int] token_period: If set, indicates that the
768
- token generated using this role should never expire. The token should be renewed within the
769
- duration specified by this value. At each renewal, the token's TTL will be set to the
770
- value of this field. Specified in seconds.
771
- :param pulumi.Input[Sequence[pulumi.Input[str]]] token_policies: List of policies to encode onto generated tokens. Depending
772
- on the auth method, this list may be supplemented by user/group/other values.
773
- :param pulumi.Input[int] token_ttl: The incremental lifetime for generated tokens in number of seconds.
774
- Its current value will be referenced at renewal time.
775
- :param pulumi.Input[str] token_type: The type of token that should be generated. Can be `service`,
776
- `batch`, or `default` to use the mount's tuned default (which unless changed will be
777
- `service` tokens). For token store roles, there are two additional possibilities:
778
- `default-service` and `default-batch` which specify the type to return unless the client
779
- requests a different type at generation time.
691
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
692
+ :param pulumi.Input[int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
693
+ :param pulumi.Input[int] token_max_ttl: The maximum lifetime of the generated token
694
+ :param pulumi.Input[bool] token_no_default_policy: If true, the 'default' policy will not automatically be added to generated tokens
695
+ :param pulumi.Input[int] token_num_uses: The maximum number of times a token may be used, a value of zero means unlimited
696
+ :param pulumi.Input[int] token_period: Generated Token's Period
697
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] token_policies: Generated Token's Policies
698
+ :param pulumi.Input[int] token_ttl: The initial ttl of the token to generate in seconds
699
+ :param pulumi.Input[str] token_type: The type of token to generate, service or batch
780
700
  """
781
701
  ...
782
702
  @overload
@@ -811,7 +731,7 @@ class AuthBackendRole(pulumi.CustomResource):
811
731
  AppRole authentication backend roles can be imported using the `path`, e.g.
812
732
 
813
733
  ```sh
814
- $ pulumi import vault:appRole/authBackendRole:AuthBackendRole example auth/approle/role/test-role
734
+ $ pulumi import vault:appRole/authBackendRole:AuthBackendRole example auth/approle/role/test-role
815
735
  ```
816
736
 
817
737
  :param str resource_name: The name of the resource.
@@ -914,7 +834,7 @@ class AuthBackendRole(pulumi.CustomResource):
914
834
  presented when logging in using this AppRole. Defaults to `true`.
915
835
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
916
836
  The value should not contain leading or trailing forward slashes.
917
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
837
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
918
838
  *Available only for Vault Enterprise*.
919
839
  :param pulumi.Input[str] role_id: The RoleID of this role. If not specified, one will be
920
840
  auto-generated.
@@ -926,32 +846,15 @@ class AuthBackendRole(pulumi.CustomResource):
926
846
  expire. A value of zero will allow unlimited uses.
927
847
  :param pulumi.Input[int] secret_id_ttl: The number of seconds after which any SecretID
928
848
  expires.
929
- :param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: List of CIDR blocks; if set, specifies blocks of IP
930
- addresses which can authenticate successfully, and ties the resulting token to these blocks
931
- as well.
932
- :param pulumi.Input[int] token_explicit_max_ttl: If set, will encode an
933
- [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls)
934
- onto the token in number of seconds. This is a hard cap even if `token_ttl` and
935
- `token_max_ttl` would otherwise allow a renewal.
936
- :param pulumi.Input[int] token_max_ttl: The maximum lifetime for generated tokens in number of seconds.
937
- Its current value will be referenced at renewal time.
938
- :param pulumi.Input[bool] token_no_default_policy: If set, the default policy will not be set on
939
- generated tokens; otherwise it will be added to the policies set in token_policies.
940
- :param pulumi.Input[int] token_num_uses: The [maximum number](https://www.vaultproject.io/api-docs/auth/approle#token_num_uses)
941
- of times a generated token may be used (within its lifetime); 0 means unlimited.
942
- :param pulumi.Input[int] token_period: If set, indicates that the
943
- token generated using this role should never expire. The token should be renewed within the
944
- duration specified by this value. At each renewal, the token's TTL will be set to the
945
- value of this field. Specified in seconds.
946
- :param pulumi.Input[Sequence[pulumi.Input[str]]] token_policies: List of policies to encode onto generated tokens. Depending
947
- on the auth method, this list may be supplemented by user/group/other values.
948
- :param pulumi.Input[int] token_ttl: The incremental lifetime for generated tokens in number of seconds.
949
- Its current value will be referenced at renewal time.
950
- :param pulumi.Input[str] token_type: The type of token that should be generated. Can be `service`,
951
- `batch`, or `default` to use the mount's tuned default (which unless changed will be
952
- `service` tokens). For token store roles, there are two additional possibilities:
953
- `default-service` and `default-batch` which specify the type to return unless the client
954
- requests a different type at generation time.
849
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
850
+ :param pulumi.Input[int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
851
+ :param pulumi.Input[int] token_max_ttl: The maximum lifetime of the generated token
852
+ :param pulumi.Input[bool] token_no_default_policy: If true, the 'default' policy will not automatically be added to generated tokens
853
+ :param pulumi.Input[int] token_num_uses: The maximum number of times a token may be used, a value of zero means unlimited
854
+ :param pulumi.Input[int] token_period: Generated Token's Period
855
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] token_policies: Generated Token's Policies
856
+ :param pulumi.Input[int] token_ttl: The initial ttl of the token to generate in seconds
857
+ :param pulumi.Input[str] token_type: The type of token to generate, service or batch
955
858
  """
956
859
  opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
957
860
 
@@ -1000,7 +903,7 @@ class AuthBackendRole(pulumi.CustomResource):
1000
903
  """
1001
904
  The namespace to provision the resource in.
1002
905
  The value should not contain leading or trailing forward slashes.
1003
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
906
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
1004
907
  *Available only for Vault Enterprise*.
1005
908
  """
1006
909
  return pulumi.get(self, "namespace")
@@ -1054,9 +957,7 @@ class AuthBackendRole(pulumi.CustomResource):
1054
957
  @pulumi.getter(name="tokenBoundCidrs")
1055
958
  def token_bound_cidrs(self) -> pulumi.Output[Optional[Sequence[str]]]:
1056
959
  """
1057
- List of CIDR blocks; if set, specifies blocks of IP
1058
- addresses which can authenticate successfully, and ties the resulting token to these blocks
1059
- as well.
960
+ Specifies the blocks of IP addresses which are allowed to use the generated token
1060
961
  """
1061
962
  return pulumi.get(self, "token_bound_cidrs")
1062
963
 
@@ -1064,10 +965,7 @@ class AuthBackendRole(pulumi.CustomResource):
1064
965
  @pulumi.getter(name="tokenExplicitMaxTtl")
1065
966
  def token_explicit_max_ttl(self) -> pulumi.Output[Optional[int]]:
1066
967
  """
1067
- If set, will encode an
1068
- [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls)
1069
- onto the token in number of seconds. This is a hard cap even if `token_ttl` and
1070
- `token_max_ttl` would otherwise allow a renewal.
968
+ Generated Token's Explicit Maximum TTL in seconds
1071
969
  """
1072
970
  return pulumi.get(self, "token_explicit_max_ttl")
1073
971
 
@@ -1075,8 +973,7 @@ class AuthBackendRole(pulumi.CustomResource):
1075
973
  @pulumi.getter(name="tokenMaxTtl")
1076
974
  def token_max_ttl(self) -> pulumi.Output[Optional[int]]:
1077
975
  """
1078
- The maximum lifetime for generated tokens in number of seconds.
1079
- Its current value will be referenced at renewal time.
976
+ The maximum lifetime of the generated token
1080
977
  """
1081
978
  return pulumi.get(self, "token_max_ttl")
1082
979
 
@@ -1084,8 +981,7 @@ class AuthBackendRole(pulumi.CustomResource):
1084
981
  @pulumi.getter(name="tokenNoDefaultPolicy")
1085
982
  def token_no_default_policy(self) -> pulumi.Output[Optional[bool]]:
1086
983
  """
1087
- If set, the default policy will not be set on
1088
- generated tokens; otherwise it will be added to the policies set in token_policies.
984
+ If true, the 'default' policy will not automatically be added to generated tokens
1089
985
  """
1090
986
  return pulumi.get(self, "token_no_default_policy")
1091
987
 
@@ -1093,8 +989,7 @@ class AuthBackendRole(pulumi.CustomResource):
1093
989
  @pulumi.getter(name="tokenNumUses")
1094
990
  def token_num_uses(self) -> pulumi.Output[Optional[int]]:
1095
991
  """
1096
- The [maximum number](https://www.vaultproject.io/api-docs/auth/approle#token_num_uses)
1097
- of times a generated token may be used (within its lifetime); 0 means unlimited.
992
+ The maximum number of times a token may be used, a value of zero means unlimited
1098
993
  """
1099
994
  return pulumi.get(self, "token_num_uses")
1100
995
 
@@ -1102,10 +997,7 @@ class AuthBackendRole(pulumi.CustomResource):
1102
997
  @pulumi.getter(name="tokenPeriod")
1103
998
  def token_period(self) -> pulumi.Output[Optional[int]]:
1104
999
  """
1105
- If set, indicates that the
1106
- token generated using this role should never expire. The token should be renewed within the
1107
- duration specified by this value. At each renewal, the token's TTL will be set to the
1108
- value of this field. Specified in seconds.
1000
+ Generated Token's Period
1109
1001
  """
1110
1002
  return pulumi.get(self, "token_period")
1111
1003
 
@@ -1113,8 +1005,7 @@ class AuthBackendRole(pulumi.CustomResource):
1113
1005
  @pulumi.getter(name="tokenPolicies")
1114
1006
  def token_policies(self) -> pulumi.Output[Optional[Sequence[str]]]:
1115
1007
  """
1116
- List of policies to encode onto generated tokens. Depending
1117
- on the auth method, this list may be supplemented by user/group/other values.
1008
+ Generated Token's Policies
1118
1009
  """
1119
1010
  return pulumi.get(self, "token_policies")
1120
1011
 
@@ -1122,8 +1013,7 @@ class AuthBackendRole(pulumi.CustomResource):
1122
1013
  @pulumi.getter(name="tokenTtl")
1123
1014
  def token_ttl(self) -> pulumi.Output[Optional[int]]:
1124
1015
  """
1125
- The incremental lifetime for generated tokens in number of seconds.
1126
- Its current value will be referenced at renewal time.
1016
+ The initial ttl of the token to generate in seconds
1127
1017
  """
1128
1018
  return pulumi.get(self, "token_ttl")
1129
1019
 
@@ -1131,11 +1021,7 @@ class AuthBackendRole(pulumi.CustomResource):
1131
1021
  @pulumi.getter(name="tokenType")
1132
1022
  def token_type(self) -> pulumi.Output[Optional[str]]:
1133
1023
  """
1134
- The type of token that should be generated. Can be `service`,
1135
- `batch`, or `default` to use the mount's tuned default (which unless changed will be
1136
- `service` tokens). For token store roles, there are two additional possibilities:
1137
- `default-service` and `default-batch` which specify the type to return unless the client
1138
- requests a different type at generation time.
1024
+ The type of token to generate, service or batch
1139
1025
  """
1140
1026
  return pulumi.get(self, "token_type")
1141
1027