pulumi-vault 5.21.0a1710160723__py3-none-any.whl → 6.5.0a1736836139__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (229) hide show
  1. pulumi_vault/__init__.py +52 -0
  2. pulumi_vault/_inputs.py +560 -0
  3. pulumi_vault/_utilities.py +41 -5
  4. pulumi_vault/ad/get_access_credentials.py +22 -7
  5. pulumi_vault/ad/secret_backend.py +14 -144
  6. pulumi_vault/ad/secret_library.py +14 -11
  7. pulumi_vault/ad/secret_role.py +12 -11
  8. pulumi_vault/alicloud/auth_backend_role.py +74 -192
  9. pulumi_vault/approle/auth_backend_login.py +12 -11
  10. pulumi_vault/approle/auth_backend_role.py +75 -193
  11. pulumi_vault/approle/auth_backend_role_secret_id.py +106 -11
  12. pulumi_vault/approle/get_auth_backend_role_id.py +18 -9
  13. pulumi_vault/audit.py +24 -27
  14. pulumi_vault/audit_request_header.py +11 -6
  15. pulumi_vault/auth_backend.py +64 -12
  16. pulumi_vault/aws/auth_backend_cert.py +12 -7
  17. pulumi_vault/aws/auth_backend_client.py +265 -24
  18. pulumi_vault/aws/auth_backend_config_identity.py +12 -11
  19. pulumi_vault/aws/auth_backend_identity_whitelist.py +18 -17
  20. pulumi_vault/aws/auth_backend_login.py +19 -22
  21. pulumi_vault/aws/auth_backend_role.py +75 -193
  22. pulumi_vault/aws/auth_backend_role_tag.py +12 -7
  23. pulumi_vault/aws/auth_backend_roletag_blacklist.py +18 -17
  24. pulumi_vault/aws/auth_backend_sts_role.py +12 -11
  25. pulumi_vault/aws/get_access_credentials.py +34 -7
  26. pulumi_vault/aws/get_static_access_credentials.py +19 -5
  27. pulumi_vault/aws/secret_backend.py +75 -7
  28. pulumi_vault/aws/secret_backend_role.py +183 -11
  29. pulumi_vault/aws/secret_backend_static_role.py +14 -11
  30. pulumi_vault/azure/_inputs.py +24 -0
  31. pulumi_vault/azure/auth_backend_config.py +151 -17
  32. pulumi_vault/azure/auth_backend_role.py +75 -193
  33. pulumi_vault/azure/backend.py +223 -29
  34. pulumi_vault/azure/backend_role.py +42 -41
  35. pulumi_vault/azure/get_access_credentials.py +39 -11
  36. pulumi_vault/azure/outputs.py +5 -0
  37. pulumi_vault/cert_auth_backend_role.py +87 -271
  38. pulumi_vault/config/__init__.pyi +5 -0
  39. pulumi_vault/config/_inputs.py +73 -0
  40. pulumi_vault/config/outputs.py +35 -0
  41. pulumi_vault/config/ui_custom_message.py +529 -0
  42. pulumi_vault/config/vars.py +5 -0
  43. pulumi_vault/consul/secret_backend.py +22 -25
  44. pulumi_vault/consul/secret_backend_role.py +14 -80
  45. pulumi_vault/database/_inputs.py +2770 -881
  46. pulumi_vault/database/outputs.py +721 -838
  47. pulumi_vault/database/secret_backend_connection.py +117 -114
  48. pulumi_vault/database/secret_backend_role.py +29 -24
  49. pulumi_vault/database/secret_backend_static_role.py +85 -15
  50. pulumi_vault/database/secrets_mount.py +425 -138
  51. pulumi_vault/egp_policy.py +16 -15
  52. pulumi_vault/gcp/_inputs.py +111 -0
  53. pulumi_vault/gcp/auth_backend.py +248 -35
  54. pulumi_vault/gcp/auth_backend_role.py +75 -271
  55. pulumi_vault/gcp/get_auth_backend_role.py +43 -9
  56. pulumi_vault/gcp/outputs.py +5 -0
  57. pulumi_vault/gcp/secret_backend.py +287 -16
  58. pulumi_vault/gcp/secret_impersonated_account.py +74 -17
  59. pulumi_vault/gcp/secret_roleset.py +29 -26
  60. pulumi_vault/gcp/secret_static_account.py +37 -34
  61. pulumi_vault/generic/endpoint.py +22 -21
  62. pulumi_vault/generic/get_secret.py +68 -12
  63. pulumi_vault/generic/secret.py +19 -14
  64. pulumi_vault/get_auth_backend.py +24 -11
  65. pulumi_vault/get_auth_backends.py +33 -11
  66. pulumi_vault/get_namespace.py +226 -0
  67. pulumi_vault/get_namespaces.py +153 -0
  68. pulumi_vault/get_nomad_access_token.py +31 -15
  69. pulumi_vault/get_policy_document.py +34 -23
  70. pulumi_vault/get_raft_autopilot_state.py +29 -14
  71. pulumi_vault/github/_inputs.py +55 -0
  72. pulumi_vault/github/auth_backend.py +17 -16
  73. pulumi_vault/github/outputs.py +5 -0
  74. pulumi_vault/github/team.py +14 -13
  75. pulumi_vault/github/user.py +14 -13
  76. pulumi_vault/identity/entity.py +18 -15
  77. pulumi_vault/identity/entity_alias.py +18 -15
  78. pulumi_vault/identity/entity_policies.py +24 -19
  79. pulumi_vault/identity/get_entity.py +40 -14
  80. pulumi_vault/identity/get_group.py +45 -13
  81. pulumi_vault/identity/get_oidc_client_creds.py +21 -11
  82. pulumi_vault/identity/get_oidc_openid_config.py +39 -13
  83. pulumi_vault/identity/get_oidc_public_keys.py +29 -14
  84. pulumi_vault/identity/group.py +50 -49
  85. pulumi_vault/identity/group_alias.py +14 -11
  86. pulumi_vault/identity/group_member_entity_ids.py +24 -74
  87. pulumi_vault/identity/group_member_group_ids.py +36 -27
  88. pulumi_vault/identity/group_policies.py +16 -15
  89. pulumi_vault/identity/mfa_duo.py +9 -8
  90. pulumi_vault/identity/mfa_login_enforcement.py +13 -8
  91. pulumi_vault/identity/mfa_okta.py +9 -8
  92. pulumi_vault/identity/mfa_pingid.py +5 -4
  93. pulumi_vault/identity/mfa_totp.py +5 -4
  94. pulumi_vault/identity/oidc.py +12 -11
  95. pulumi_vault/identity/oidc_assignment.py +22 -13
  96. pulumi_vault/identity/oidc_client.py +34 -25
  97. pulumi_vault/identity/oidc_key.py +28 -19
  98. pulumi_vault/identity/oidc_key_allowed_client_id.py +28 -19
  99. pulumi_vault/identity/oidc_provider.py +34 -23
  100. pulumi_vault/identity/oidc_role.py +40 -27
  101. pulumi_vault/identity/oidc_scope.py +18 -15
  102. pulumi_vault/identity/outputs.py +8 -3
  103. pulumi_vault/jwt/_inputs.py +55 -0
  104. pulumi_vault/jwt/auth_backend.py +39 -46
  105. pulumi_vault/jwt/auth_backend_role.py +131 -260
  106. pulumi_vault/jwt/outputs.py +5 -0
  107. pulumi_vault/kmip/secret_backend.py +22 -21
  108. pulumi_vault/kmip/secret_role.py +12 -11
  109. pulumi_vault/kmip/secret_scope.py +12 -11
  110. pulumi_vault/kubernetes/auth_backend_config.py +55 -7
  111. pulumi_vault/kubernetes/auth_backend_role.py +68 -179
  112. pulumi_vault/kubernetes/get_auth_backend_config.py +60 -8
  113. pulumi_vault/kubernetes/get_auth_backend_role.py +40 -5
  114. pulumi_vault/kubernetes/get_service_account_token.py +39 -15
  115. pulumi_vault/kubernetes/secret_backend.py +314 -29
  116. pulumi_vault/kubernetes/secret_backend_role.py +135 -56
  117. pulumi_vault/kv/_inputs.py +36 -4
  118. pulumi_vault/kv/get_secret.py +23 -12
  119. pulumi_vault/kv/get_secret_subkeys_v2.py +31 -14
  120. pulumi_vault/kv/get_secret_v2.py +89 -9
  121. pulumi_vault/kv/get_secrets_list.py +22 -15
  122. pulumi_vault/kv/get_secrets_list_v2.py +35 -19
  123. pulumi_vault/kv/outputs.py +8 -3
  124. pulumi_vault/kv/secret.py +19 -18
  125. pulumi_vault/kv/secret_backend_v2.py +12 -11
  126. pulumi_vault/kv/secret_v2.py +55 -52
  127. pulumi_vault/ldap/auth_backend.py +125 -168
  128. pulumi_vault/ldap/auth_backend_group.py +12 -11
  129. pulumi_vault/ldap/auth_backend_user.py +12 -11
  130. pulumi_vault/ldap/get_dynamic_credentials.py +23 -5
  131. pulumi_vault/ldap/get_static_credentials.py +24 -5
  132. pulumi_vault/ldap/secret_backend.py +352 -84
  133. pulumi_vault/ldap/secret_backend_dynamic_role.py +12 -11
  134. pulumi_vault/ldap/secret_backend_library_set.py +14 -11
  135. pulumi_vault/ldap/secret_backend_static_role.py +67 -12
  136. pulumi_vault/managed/_inputs.py +289 -132
  137. pulumi_vault/managed/keys.py +27 -43
  138. pulumi_vault/managed/outputs.py +89 -132
  139. pulumi_vault/mfa_duo.py +16 -13
  140. pulumi_vault/mfa_okta.py +16 -13
  141. pulumi_vault/mfa_pingid.py +16 -13
  142. pulumi_vault/mfa_totp.py +22 -19
  143. pulumi_vault/mongodbatlas/secret_backend.py +18 -17
  144. pulumi_vault/mongodbatlas/secret_role.py +41 -38
  145. pulumi_vault/mount.py +389 -65
  146. pulumi_vault/namespace.py +26 -21
  147. pulumi_vault/nomad_secret_backend.py +16 -15
  148. pulumi_vault/nomad_secret_role.py +12 -11
  149. pulumi_vault/okta/_inputs.py +47 -8
  150. pulumi_vault/okta/auth_backend.py +483 -41
  151. pulumi_vault/okta/auth_backend_group.py +12 -11
  152. pulumi_vault/okta/auth_backend_user.py +12 -11
  153. pulumi_vault/okta/outputs.py +13 -8
  154. pulumi_vault/outputs.py +5 -0
  155. pulumi_vault/password_policy.py +18 -15
  156. pulumi_vault/pkisecret/__init__.py +3 -0
  157. pulumi_vault/pkisecret/_inputs.py +81 -0
  158. pulumi_vault/pkisecret/backend_config_cluster.py +369 -0
  159. pulumi_vault/pkisecret/backend_config_est.py +619 -0
  160. pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
  161. pulumi_vault/pkisecret/get_backend_issuer.py +63 -7
  162. pulumi_vault/pkisecret/get_backend_issuers.py +21 -12
  163. pulumi_vault/pkisecret/get_backend_key.py +24 -13
  164. pulumi_vault/pkisecret/get_backend_keys.py +21 -12
  165. pulumi_vault/pkisecret/outputs.py +69 -0
  166. pulumi_vault/pkisecret/secret_backend_cert.py +18 -15
  167. pulumi_vault/pkisecret/secret_backend_config_ca.py +16 -15
  168. pulumi_vault/pkisecret/secret_backend_config_issuers.py +12 -11
  169. pulumi_vault/pkisecret/secret_backend_config_urls.py +59 -11
  170. pulumi_vault/pkisecret/secret_backend_crl_config.py +14 -13
  171. pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +16 -15
  172. pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +22 -21
  173. pulumi_vault/pkisecret/secret_backend_issuer.py +12 -11
  174. pulumi_vault/pkisecret/secret_backend_key.py +12 -7
  175. pulumi_vault/pkisecret/secret_backend_role.py +19 -16
  176. pulumi_vault/pkisecret/secret_backend_root_cert.py +16 -52
  177. pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +18 -62
  178. pulumi_vault/pkisecret/secret_backend_sign.py +18 -60
  179. pulumi_vault/plugin.py +595 -0
  180. pulumi_vault/plugin_pinned_version.py +298 -0
  181. pulumi_vault/policy.py +12 -7
  182. pulumi_vault/provider.py +48 -53
  183. pulumi_vault/pulumi-plugin.json +2 -1
  184. pulumi_vault/quota_lease_count.py +58 -8
  185. pulumi_vault/quota_rate_limit.py +54 -4
  186. pulumi_vault/rabbitmq/_inputs.py +61 -0
  187. pulumi_vault/rabbitmq/outputs.py +5 -0
  188. pulumi_vault/rabbitmq/secret_backend.py +16 -15
  189. pulumi_vault/rabbitmq/secret_backend_role.py +52 -49
  190. pulumi_vault/raft_autopilot.py +12 -11
  191. pulumi_vault/raft_snapshot_agent_config.py +121 -311
  192. pulumi_vault/rgp_policy.py +14 -13
  193. pulumi_vault/saml/auth_backend.py +20 -19
  194. pulumi_vault/saml/auth_backend_role.py +90 -199
  195. pulumi_vault/secrets/__init__.py +3 -0
  196. pulumi_vault/secrets/_inputs.py +110 -0
  197. pulumi_vault/secrets/outputs.py +94 -0
  198. pulumi_vault/secrets/sync_association.py +56 -75
  199. pulumi_vault/secrets/sync_aws_destination.py +240 -29
  200. pulumi_vault/secrets/sync_azure_destination.py +90 -33
  201. pulumi_vault/secrets/sync_config.py +7 -6
  202. pulumi_vault/secrets/sync_gcp_destination.py +156 -27
  203. pulumi_vault/secrets/sync_gh_destination.py +187 -15
  204. pulumi_vault/secrets/sync_github_apps.py +375 -0
  205. pulumi_vault/secrets/sync_vercel_destination.py +72 -15
  206. pulumi_vault/ssh/_inputs.py +28 -32
  207. pulumi_vault/ssh/outputs.py +11 -32
  208. pulumi_vault/ssh/secret_backend_ca.py +106 -11
  209. pulumi_vault/ssh/secret_backend_role.py +83 -120
  210. pulumi_vault/terraformcloud/secret_backend.py +5 -56
  211. pulumi_vault/terraformcloud/secret_creds.py +14 -24
  212. pulumi_vault/terraformcloud/secret_role.py +14 -76
  213. pulumi_vault/token.py +26 -25
  214. pulumi_vault/tokenauth/auth_backend_role.py +76 -201
  215. pulumi_vault/transform/alphabet.py +16 -13
  216. pulumi_vault/transform/get_decode.py +45 -21
  217. pulumi_vault/transform/get_encode.py +45 -21
  218. pulumi_vault/transform/role.py +16 -13
  219. pulumi_vault/transform/template.py +30 -25
  220. pulumi_vault/transform/transformation.py +12 -7
  221. pulumi_vault/transit/get_decrypt.py +26 -25
  222. pulumi_vault/transit/get_encrypt.py +24 -19
  223. pulumi_vault/transit/secret_backend_key.py +25 -97
  224. pulumi_vault/transit/secret_cache_config.py +12 -11
  225. {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/METADATA +8 -7
  226. pulumi_vault-6.5.0a1736836139.dist-info/RECORD +256 -0
  227. {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/WHEEL +1 -1
  228. pulumi_vault-5.21.0a1710160723.dist-info/RECORD +0 -244
  229. {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736836139.dist-info}/top_level.txt +0 -0
@@ -4,9 +4,14 @@
4
4
 
5
5
  import copy
6
6
  import warnings
7
+ import sys
7
8
  import pulumi
8
9
  import pulumi.runtime
9
10
  from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
10
15
  from .. import _utilities
11
16
 
12
17
  __all__ = ['AuthBackendRoleArgs', 'AuthBackendRole']
@@ -40,7 +45,7 @@ class AuthBackendRoleArgs:
40
45
  presented when logging in using this AppRole. Defaults to `true`.
41
46
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
42
47
  The value should not contain leading or trailing forward slashes.
43
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
48
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
44
49
  *Available only for Vault Enterprise*.
45
50
  :param pulumi.Input[str] role_id: The RoleID of this role. If not specified, one will be
46
51
  auto-generated.
@@ -51,32 +56,15 @@ class AuthBackendRoleArgs:
51
56
  expire. A value of zero will allow unlimited uses.
52
57
  :param pulumi.Input[int] secret_id_ttl: The number of seconds after which any SecretID
53
58
  expires.
54
- :param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: List of CIDR blocks; if set, specifies blocks of IP
55
- addresses which can authenticate successfully, and ties the resulting token to these blocks
56
- as well.
57
- :param pulumi.Input[int] token_explicit_max_ttl: If set, will encode an
58
- [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls)
59
- onto the token in number of seconds. This is a hard cap even if `token_ttl` and
60
- `token_max_ttl` would otherwise allow a renewal.
61
- :param pulumi.Input[int] token_max_ttl: The maximum lifetime for generated tokens in number of seconds.
62
- Its current value will be referenced at renewal time.
63
- :param pulumi.Input[bool] token_no_default_policy: If set, the default policy will not be set on
64
- generated tokens; otherwise it will be added to the policies set in token_policies.
65
- :param pulumi.Input[int] token_num_uses: The [maximum number](https://www.vaultproject.io/api-docs/auth/approle#token_num_uses)
66
- of times a generated token may be used (within its lifetime); 0 means unlimited.
67
- :param pulumi.Input[int] token_period: If set, indicates that the
68
- token generated using this role should never expire. The token should be renewed within the
69
- duration specified by this value. At each renewal, the token's TTL will be set to the
70
- value of this field. Specified in seconds.
71
- :param pulumi.Input[Sequence[pulumi.Input[str]]] token_policies: List of policies to encode onto generated tokens. Depending
72
- on the auth method, this list may be supplemented by user/group/other values.
73
- :param pulumi.Input[int] token_ttl: The incremental lifetime for generated tokens in number of seconds.
74
- Its current value will be referenced at renewal time.
75
- :param pulumi.Input[str] token_type: The type of token that should be generated. Can be `service`,
76
- `batch`, or `default` to use the mount's tuned default (which unless changed will be
77
- `service` tokens). For token store roles, there are two additional possibilities:
78
- `default-service` and `default-batch` which specify the type to return unless the client
79
- requests a different type at generation time.
59
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
60
+ :param pulumi.Input[int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
61
+ :param pulumi.Input[int] token_max_ttl: The maximum lifetime of the generated token
62
+ :param pulumi.Input[bool] token_no_default_policy: If true, the 'default' policy will not automatically be added to generated tokens
63
+ :param pulumi.Input[int] token_num_uses: The maximum number of times a token may be used, a value of zero means unlimited
64
+ :param pulumi.Input[int] token_period: Generated Token's Period
65
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] token_policies: Generated Token's Policies
66
+ :param pulumi.Input[int] token_ttl: The initial ttl of the token to generate in seconds
67
+ :param pulumi.Input[str] token_type: The type of token to generate, service or batch
80
68
  """
81
69
  pulumi.set(__self__, "role_name", role_name)
82
70
  if backend is not None:
@@ -156,7 +144,7 @@ class AuthBackendRoleArgs:
156
144
  """
157
145
  The namespace to provision the resource in.
158
146
  The value should not contain leading or trailing forward slashes.
159
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
147
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
160
148
  *Available only for Vault Enterprise*.
161
149
  """
162
150
  return pulumi.get(self, "namespace")
@@ -222,9 +210,7 @@ class AuthBackendRoleArgs:
222
210
  @pulumi.getter(name="tokenBoundCidrs")
223
211
  def token_bound_cidrs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
224
212
  """
225
- List of CIDR blocks; if set, specifies blocks of IP
226
- addresses which can authenticate successfully, and ties the resulting token to these blocks
227
- as well.
213
+ Specifies the blocks of IP addresses which are allowed to use the generated token
228
214
  """
229
215
  return pulumi.get(self, "token_bound_cidrs")
230
216
 
@@ -236,10 +222,7 @@ class AuthBackendRoleArgs:
236
222
  @pulumi.getter(name="tokenExplicitMaxTtl")
237
223
  def token_explicit_max_ttl(self) -> Optional[pulumi.Input[int]]:
238
224
  """
239
- If set, will encode an
240
- [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls)
241
- onto the token in number of seconds. This is a hard cap even if `token_ttl` and
242
- `token_max_ttl` would otherwise allow a renewal.
225
+ Generated Token's Explicit Maximum TTL in seconds
243
226
  """
244
227
  return pulumi.get(self, "token_explicit_max_ttl")
245
228
 
@@ -251,8 +234,7 @@ class AuthBackendRoleArgs:
251
234
  @pulumi.getter(name="tokenMaxTtl")
252
235
  def token_max_ttl(self) -> Optional[pulumi.Input[int]]:
253
236
  """
254
- The maximum lifetime for generated tokens in number of seconds.
255
- Its current value will be referenced at renewal time.
237
+ The maximum lifetime of the generated token
256
238
  """
257
239
  return pulumi.get(self, "token_max_ttl")
258
240
 
@@ -264,8 +246,7 @@ class AuthBackendRoleArgs:
264
246
  @pulumi.getter(name="tokenNoDefaultPolicy")
265
247
  def token_no_default_policy(self) -> Optional[pulumi.Input[bool]]:
266
248
  """
267
- If set, the default policy will not be set on
268
- generated tokens; otherwise it will be added to the policies set in token_policies.
249
+ If true, the 'default' policy will not automatically be added to generated tokens
269
250
  """
270
251
  return pulumi.get(self, "token_no_default_policy")
271
252
 
@@ -277,8 +258,7 @@ class AuthBackendRoleArgs:
277
258
  @pulumi.getter(name="tokenNumUses")
278
259
  def token_num_uses(self) -> Optional[pulumi.Input[int]]:
279
260
  """
280
- The [maximum number](https://www.vaultproject.io/api-docs/auth/approle#token_num_uses)
281
- of times a generated token may be used (within its lifetime); 0 means unlimited.
261
+ The maximum number of times a token may be used, a value of zero means unlimited
282
262
  """
283
263
  return pulumi.get(self, "token_num_uses")
284
264
 
@@ -290,10 +270,7 @@ class AuthBackendRoleArgs:
290
270
  @pulumi.getter(name="tokenPeriod")
291
271
  def token_period(self) -> Optional[pulumi.Input[int]]:
292
272
  """
293
- If set, indicates that the
294
- token generated using this role should never expire. The token should be renewed within the
295
- duration specified by this value. At each renewal, the token's TTL will be set to the
296
- value of this field. Specified in seconds.
273
+ Generated Token's Period
297
274
  """
298
275
  return pulumi.get(self, "token_period")
299
276
 
@@ -305,8 +282,7 @@ class AuthBackendRoleArgs:
305
282
  @pulumi.getter(name="tokenPolicies")
306
283
  def token_policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
307
284
  """
308
- List of policies to encode onto generated tokens. Depending
309
- on the auth method, this list may be supplemented by user/group/other values.
285
+ Generated Token's Policies
310
286
  """
311
287
  return pulumi.get(self, "token_policies")
312
288
 
@@ -318,8 +294,7 @@ class AuthBackendRoleArgs:
318
294
  @pulumi.getter(name="tokenTtl")
319
295
  def token_ttl(self) -> Optional[pulumi.Input[int]]:
320
296
  """
321
- The incremental lifetime for generated tokens in number of seconds.
322
- Its current value will be referenced at renewal time.
297
+ The initial ttl of the token to generate in seconds
323
298
  """
324
299
  return pulumi.get(self, "token_ttl")
325
300
 
@@ -331,11 +306,7 @@ class AuthBackendRoleArgs:
331
306
  @pulumi.getter(name="tokenType")
332
307
  def token_type(self) -> Optional[pulumi.Input[str]]:
333
308
  """
334
- The type of token that should be generated. Can be `service`,
335
- `batch`, or `default` to use the mount's tuned default (which unless changed will be
336
- `service` tokens). For token store roles, there are two additional possibilities:
337
- `default-service` and `default-batch` which specify the type to return unless the client
338
- requests a different type at generation time.
309
+ The type of token to generate, service or batch
339
310
  """
340
311
  return pulumi.get(self, "token_type")
341
312
 
@@ -372,7 +343,7 @@ class _AuthBackendRoleState:
372
343
  presented when logging in using this AppRole. Defaults to `true`.
373
344
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
374
345
  The value should not contain leading or trailing forward slashes.
375
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
346
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
376
347
  *Available only for Vault Enterprise*.
377
348
  :param pulumi.Input[str] role_id: The RoleID of this role. If not specified, one will be
378
349
  auto-generated.
@@ -384,32 +355,15 @@ class _AuthBackendRoleState:
384
355
  expire. A value of zero will allow unlimited uses.
385
356
  :param pulumi.Input[int] secret_id_ttl: The number of seconds after which any SecretID
386
357
  expires.
387
- :param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: List of CIDR blocks; if set, specifies blocks of IP
388
- addresses which can authenticate successfully, and ties the resulting token to these blocks
389
- as well.
390
- :param pulumi.Input[int] token_explicit_max_ttl: If set, will encode an
391
- [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls)
392
- onto the token in number of seconds. This is a hard cap even if `token_ttl` and
393
- `token_max_ttl` would otherwise allow a renewal.
394
- :param pulumi.Input[int] token_max_ttl: The maximum lifetime for generated tokens in number of seconds.
395
- Its current value will be referenced at renewal time.
396
- :param pulumi.Input[bool] token_no_default_policy: If set, the default policy will not be set on
397
- generated tokens; otherwise it will be added to the policies set in token_policies.
398
- :param pulumi.Input[int] token_num_uses: The [maximum number](https://www.vaultproject.io/api-docs/auth/approle#token_num_uses)
399
- of times a generated token may be used (within its lifetime); 0 means unlimited.
400
- :param pulumi.Input[int] token_period: If set, indicates that the
401
- token generated using this role should never expire. The token should be renewed within the
402
- duration specified by this value. At each renewal, the token's TTL will be set to the
403
- value of this field. Specified in seconds.
404
- :param pulumi.Input[Sequence[pulumi.Input[str]]] token_policies: List of policies to encode onto generated tokens. Depending
405
- on the auth method, this list may be supplemented by user/group/other values.
406
- :param pulumi.Input[int] token_ttl: The incremental lifetime for generated tokens in number of seconds.
407
- Its current value will be referenced at renewal time.
408
- :param pulumi.Input[str] token_type: The type of token that should be generated. Can be `service`,
409
- `batch`, or `default` to use the mount's tuned default (which unless changed will be
410
- `service` tokens). For token store roles, there are two additional possibilities:
411
- `default-service` and `default-batch` which specify the type to return unless the client
412
- requests a different type at generation time.
358
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
359
+ :param pulumi.Input[int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
360
+ :param pulumi.Input[int] token_max_ttl: The maximum lifetime of the generated token
361
+ :param pulumi.Input[bool] token_no_default_policy: If true, the 'default' policy will not automatically be added to generated tokens
362
+ :param pulumi.Input[int] token_num_uses: The maximum number of times a token may be used, a value of zero means unlimited
363
+ :param pulumi.Input[int] token_period: Generated Token's Period
364
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] token_policies: Generated Token's Policies
365
+ :param pulumi.Input[int] token_ttl: The initial ttl of the token to generate in seconds
366
+ :param pulumi.Input[str] token_type: The type of token to generate, service or batch
413
367
  """
414
368
  if backend is not None:
415
369
  pulumi.set(__self__, "backend", backend)
@@ -478,7 +432,7 @@ class _AuthBackendRoleState:
478
432
  """
479
433
  The namespace to provision the resource in.
480
434
  The value should not contain leading or trailing forward slashes.
481
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
435
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
482
436
  *Available only for Vault Enterprise*.
483
437
  """
484
438
  return pulumi.get(self, "namespace")
@@ -556,9 +510,7 @@ class _AuthBackendRoleState:
556
510
  @pulumi.getter(name="tokenBoundCidrs")
557
511
  def token_bound_cidrs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
558
512
  """
559
- List of CIDR blocks; if set, specifies blocks of IP
560
- addresses which can authenticate successfully, and ties the resulting token to these blocks
561
- as well.
513
+ Specifies the blocks of IP addresses which are allowed to use the generated token
562
514
  """
563
515
  return pulumi.get(self, "token_bound_cidrs")
564
516
 
@@ -570,10 +522,7 @@ class _AuthBackendRoleState:
570
522
  @pulumi.getter(name="tokenExplicitMaxTtl")
571
523
  def token_explicit_max_ttl(self) -> Optional[pulumi.Input[int]]:
572
524
  """
573
- If set, will encode an
574
- [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls)
575
- onto the token in number of seconds. This is a hard cap even if `token_ttl` and
576
- `token_max_ttl` would otherwise allow a renewal.
525
+ Generated Token's Explicit Maximum TTL in seconds
577
526
  """
578
527
  return pulumi.get(self, "token_explicit_max_ttl")
579
528
 
@@ -585,8 +534,7 @@ class _AuthBackendRoleState:
585
534
  @pulumi.getter(name="tokenMaxTtl")
586
535
  def token_max_ttl(self) -> Optional[pulumi.Input[int]]:
587
536
  """
588
- The maximum lifetime for generated tokens in number of seconds.
589
- Its current value will be referenced at renewal time.
537
+ The maximum lifetime of the generated token
590
538
  """
591
539
  return pulumi.get(self, "token_max_ttl")
592
540
 
@@ -598,8 +546,7 @@ class _AuthBackendRoleState:
598
546
  @pulumi.getter(name="tokenNoDefaultPolicy")
599
547
  def token_no_default_policy(self) -> Optional[pulumi.Input[bool]]:
600
548
  """
601
- If set, the default policy will not be set on
602
- generated tokens; otherwise it will be added to the policies set in token_policies.
549
+ If true, the 'default' policy will not automatically be added to generated tokens
603
550
  """
604
551
  return pulumi.get(self, "token_no_default_policy")
605
552
 
@@ -611,8 +558,7 @@ class _AuthBackendRoleState:
611
558
  @pulumi.getter(name="tokenNumUses")
612
559
  def token_num_uses(self) -> Optional[pulumi.Input[int]]:
613
560
  """
614
- The [maximum number](https://www.vaultproject.io/api-docs/auth/approle#token_num_uses)
615
- of times a generated token may be used (within its lifetime); 0 means unlimited.
561
+ The maximum number of times a token may be used, a value of zero means unlimited
616
562
  """
617
563
  return pulumi.get(self, "token_num_uses")
618
564
 
@@ -624,10 +570,7 @@ class _AuthBackendRoleState:
624
570
  @pulumi.getter(name="tokenPeriod")
625
571
  def token_period(self) -> Optional[pulumi.Input[int]]:
626
572
  """
627
- If set, indicates that the
628
- token generated using this role should never expire. The token should be renewed within the
629
- duration specified by this value. At each renewal, the token's TTL will be set to the
630
- value of this field. Specified in seconds.
573
+ Generated Token's Period
631
574
  """
632
575
  return pulumi.get(self, "token_period")
633
576
 
@@ -639,8 +582,7 @@ class _AuthBackendRoleState:
639
582
  @pulumi.getter(name="tokenPolicies")
640
583
  def token_policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
641
584
  """
642
- List of policies to encode onto generated tokens. Depending
643
- on the auth method, this list may be supplemented by user/group/other values.
585
+ Generated Token's Policies
644
586
  """
645
587
  return pulumi.get(self, "token_policies")
646
588
 
@@ -652,8 +594,7 @@ class _AuthBackendRoleState:
652
594
  @pulumi.getter(name="tokenTtl")
653
595
  def token_ttl(self) -> Optional[pulumi.Input[int]]:
654
596
  """
655
- The incremental lifetime for generated tokens in number of seconds.
656
- Its current value will be referenced at renewal time.
597
+ The initial ttl of the token to generate in seconds
657
598
  """
658
599
  return pulumi.get(self, "token_ttl")
659
600
 
@@ -665,11 +606,7 @@ class _AuthBackendRoleState:
665
606
  @pulumi.getter(name="tokenType")
666
607
  def token_type(self) -> Optional[pulumi.Input[str]]:
667
608
  """
668
- The type of token that should be generated. Can be `service`,
669
- `batch`, or `default` to use the mount's tuned default (which unless changed will be
670
- `service` tokens). For token store roles, there are two additional possibilities:
671
- `default-service` and `default-batch` which specify the type to return unless the client
672
- requests a different type at generation time.
609
+ The type of token to generate, service or batch
673
610
  """
674
611
  return pulumi.get(self, "token_type")
675
612
 
@@ -708,7 +645,6 @@ class AuthBackendRole(pulumi.CustomResource):
708
645
 
709
646
  ## Example Usage
710
647
 
711
- <!--Start PulumiCodeChooser -->
712
648
  ```python
713
649
  import pulumi
714
650
  import pulumi_vault as vault
@@ -723,7 +659,6 @@ class AuthBackendRole(pulumi.CustomResource):
723
659
  "prod",
724
660
  ])
725
661
  ```
726
- <!--End PulumiCodeChooser -->
727
662
 
728
663
  ## Import
729
664
 
@@ -741,7 +676,7 @@ class AuthBackendRole(pulumi.CustomResource):
741
676
  presented when logging in using this AppRole. Defaults to `true`.
742
677
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
743
678
  The value should not contain leading or trailing forward slashes.
744
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
679
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
745
680
  *Available only for Vault Enterprise*.
746
681
  :param pulumi.Input[str] role_id: The RoleID of this role. If not specified, one will be
747
682
  auto-generated.
@@ -753,32 +688,15 @@ class AuthBackendRole(pulumi.CustomResource):
753
688
  expire. A value of zero will allow unlimited uses.
754
689
  :param pulumi.Input[int] secret_id_ttl: The number of seconds after which any SecretID
755
690
  expires.
756
- :param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: List of CIDR blocks; if set, specifies blocks of IP
757
- addresses which can authenticate successfully, and ties the resulting token to these blocks
758
- as well.
759
- :param pulumi.Input[int] token_explicit_max_ttl: If set, will encode an
760
- [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls)
761
- onto the token in number of seconds. This is a hard cap even if `token_ttl` and
762
- `token_max_ttl` would otherwise allow a renewal.
763
- :param pulumi.Input[int] token_max_ttl: The maximum lifetime for generated tokens in number of seconds.
764
- Its current value will be referenced at renewal time.
765
- :param pulumi.Input[bool] token_no_default_policy: If set, the default policy will not be set on
766
- generated tokens; otherwise it will be added to the policies set in token_policies.
767
- :param pulumi.Input[int] token_num_uses: The [maximum number](https://www.vaultproject.io/api-docs/auth/approle#token_num_uses)
768
- of times a generated token may be used (within its lifetime); 0 means unlimited.
769
- :param pulumi.Input[int] token_period: If set, indicates that the
770
- token generated using this role should never expire. The token should be renewed within the
771
- duration specified by this value. At each renewal, the token's TTL will be set to the
772
- value of this field. Specified in seconds.
773
- :param pulumi.Input[Sequence[pulumi.Input[str]]] token_policies: List of policies to encode onto generated tokens. Depending
774
- on the auth method, this list may be supplemented by user/group/other values.
775
- :param pulumi.Input[int] token_ttl: The incremental lifetime for generated tokens in number of seconds.
776
- Its current value will be referenced at renewal time.
777
- :param pulumi.Input[str] token_type: The type of token that should be generated. Can be `service`,
778
- `batch`, or `default` to use the mount's tuned default (which unless changed will be
779
- `service` tokens). For token store roles, there are two additional possibilities:
780
- `default-service` and `default-batch` which specify the type to return unless the client
781
- requests a different type at generation time.
691
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
692
+ :param pulumi.Input[int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
693
+ :param pulumi.Input[int] token_max_ttl: The maximum lifetime of the generated token
694
+ :param pulumi.Input[bool] token_no_default_policy: If true, the 'default' policy will not automatically be added to generated tokens
695
+ :param pulumi.Input[int] token_num_uses: The maximum number of times a token may be used, a value of zero means unlimited
696
+ :param pulumi.Input[int] token_period: Generated Token's Period
697
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] token_policies: Generated Token's Policies
698
+ :param pulumi.Input[int] token_ttl: The initial ttl of the token to generate in seconds
699
+ :param pulumi.Input[str] token_type: The type of token to generate, service or batch
782
700
  """
783
701
  ...
784
702
  @overload
@@ -793,7 +711,6 @@ class AuthBackendRole(pulumi.CustomResource):
793
711
 
794
712
  ## Example Usage
795
713
 
796
- <!--Start PulumiCodeChooser -->
797
714
  ```python
798
715
  import pulumi
799
716
  import pulumi_vault as vault
@@ -808,7 +725,6 @@ class AuthBackendRole(pulumi.CustomResource):
808
725
  "prod",
809
726
  ])
810
727
  ```
811
- <!--End PulumiCodeChooser -->
812
728
 
813
729
  ## Import
814
730
 
@@ -918,7 +834,7 @@ class AuthBackendRole(pulumi.CustomResource):
918
834
  presented when logging in using this AppRole. Defaults to `true`.
919
835
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
920
836
  The value should not contain leading or trailing forward slashes.
921
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
837
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
922
838
  *Available only for Vault Enterprise*.
923
839
  :param pulumi.Input[str] role_id: The RoleID of this role. If not specified, one will be
924
840
  auto-generated.
@@ -930,32 +846,15 @@ class AuthBackendRole(pulumi.CustomResource):
930
846
  expire. A value of zero will allow unlimited uses.
931
847
  :param pulumi.Input[int] secret_id_ttl: The number of seconds after which any SecretID
932
848
  expires.
933
- :param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: List of CIDR blocks; if set, specifies blocks of IP
934
- addresses which can authenticate successfully, and ties the resulting token to these blocks
935
- as well.
936
- :param pulumi.Input[int] token_explicit_max_ttl: If set, will encode an
937
- [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls)
938
- onto the token in number of seconds. This is a hard cap even if `token_ttl` and
939
- `token_max_ttl` would otherwise allow a renewal.
940
- :param pulumi.Input[int] token_max_ttl: The maximum lifetime for generated tokens in number of seconds.
941
- Its current value will be referenced at renewal time.
942
- :param pulumi.Input[bool] token_no_default_policy: If set, the default policy will not be set on
943
- generated tokens; otherwise it will be added to the policies set in token_policies.
944
- :param pulumi.Input[int] token_num_uses: The [maximum number](https://www.vaultproject.io/api-docs/auth/approle#token_num_uses)
945
- of times a generated token may be used (within its lifetime); 0 means unlimited.
946
- :param pulumi.Input[int] token_period: If set, indicates that the
947
- token generated using this role should never expire. The token should be renewed within the
948
- duration specified by this value. At each renewal, the token's TTL will be set to the
949
- value of this field. Specified in seconds.
950
- :param pulumi.Input[Sequence[pulumi.Input[str]]] token_policies: List of policies to encode onto generated tokens. Depending
951
- on the auth method, this list may be supplemented by user/group/other values.
952
- :param pulumi.Input[int] token_ttl: The incremental lifetime for generated tokens in number of seconds.
953
- Its current value will be referenced at renewal time.
954
- :param pulumi.Input[str] token_type: The type of token that should be generated. Can be `service`,
955
- `batch`, or `default` to use the mount's tuned default (which unless changed will be
956
- `service` tokens). For token store roles, there are two additional possibilities:
957
- `default-service` and `default-batch` which specify the type to return unless the client
958
- requests a different type at generation time.
849
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
850
+ :param pulumi.Input[int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
851
+ :param pulumi.Input[int] token_max_ttl: The maximum lifetime of the generated token
852
+ :param pulumi.Input[bool] token_no_default_policy: If true, the 'default' policy will not automatically be added to generated tokens
853
+ :param pulumi.Input[int] token_num_uses: The maximum number of times a token may be used, a value of zero means unlimited
854
+ :param pulumi.Input[int] token_period: Generated Token's Period
855
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] token_policies: Generated Token's Policies
856
+ :param pulumi.Input[int] token_ttl: The initial ttl of the token to generate in seconds
857
+ :param pulumi.Input[str] token_type: The type of token to generate, service or batch
959
858
  """
960
859
  opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
961
860
 
@@ -1004,7 +903,7 @@ class AuthBackendRole(pulumi.CustomResource):
1004
903
  """
1005
904
  The namespace to provision the resource in.
1006
905
  The value should not contain leading or trailing forward slashes.
1007
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
906
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
1008
907
  *Available only for Vault Enterprise*.
1009
908
  """
1010
909
  return pulumi.get(self, "namespace")
@@ -1058,9 +957,7 @@ class AuthBackendRole(pulumi.CustomResource):
1058
957
  @pulumi.getter(name="tokenBoundCidrs")
1059
958
  def token_bound_cidrs(self) -> pulumi.Output[Optional[Sequence[str]]]:
1060
959
  """
1061
- List of CIDR blocks; if set, specifies blocks of IP
1062
- addresses which can authenticate successfully, and ties the resulting token to these blocks
1063
- as well.
960
+ Specifies the blocks of IP addresses which are allowed to use the generated token
1064
961
  """
1065
962
  return pulumi.get(self, "token_bound_cidrs")
1066
963
 
@@ -1068,10 +965,7 @@ class AuthBackendRole(pulumi.CustomResource):
1068
965
  @pulumi.getter(name="tokenExplicitMaxTtl")
1069
966
  def token_explicit_max_ttl(self) -> pulumi.Output[Optional[int]]:
1070
967
  """
1071
- If set, will encode an
1072
- [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls)
1073
- onto the token in number of seconds. This is a hard cap even if `token_ttl` and
1074
- `token_max_ttl` would otherwise allow a renewal.
968
+ Generated Token's Explicit Maximum TTL in seconds
1075
969
  """
1076
970
  return pulumi.get(self, "token_explicit_max_ttl")
1077
971
 
@@ -1079,8 +973,7 @@ class AuthBackendRole(pulumi.CustomResource):
1079
973
  @pulumi.getter(name="tokenMaxTtl")
1080
974
  def token_max_ttl(self) -> pulumi.Output[Optional[int]]:
1081
975
  """
1082
- The maximum lifetime for generated tokens in number of seconds.
1083
- Its current value will be referenced at renewal time.
976
+ The maximum lifetime of the generated token
1084
977
  """
1085
978
  return pulumi.get(self, "token_max_ttl")
1086
979
 
@@ -1088,8 +981,7 @@ class AuthBackendRole(pulumi.CustomResource):
1088
981
  @pulumi.getter(name="tokenNoDefaultPolicy")
1089
982
  def token_no_default_policy(self) -> pulumi.Output[Optional[bool]]:
1090
983
  """
1091
- If set, the default policy will not be set on
1092
- generated tokens; otherwise it will be added to the policies set in token_policies.
984
+ If true, the 'default' policy will not automatically be added to generated tokens
1093
985
  """
1094
986
  return pulumi.get(self, "token_no_default_policy")
1095
987
 
@@ -1097,8 +989,7 @@ class AuthBackendRole(pulumi.CustomResource):
1097
989
  @pulumi.getter(name="tokenNumUses")
1098
990
  def token_num_uses(self) -> pulumi.Output[Optional[int]]:
1099
991
  """
1100
- The [maximum number](https://www.vaultproject.io/api-docs/auth/approle#token_num_uses)
1101
- of times a generated token may be used (within its lifetime); 0 means unlimited.
992
+ The maximum number of times a token may be used, a value of zero means unlimited
1102
993
  """
1103
994
  return pulumi.get(self, "token_num_uses")
1104
995
 
@@ -1106,10 +997,7 @@ class AuthBackendRole(pulumi.CustomResource):
1106
997
  @pulumi.getter(name="tokenPeriod")
1107
998
  def token_period(self) -> pulumi.Output[Optional[int]]:
1108
999
  """
1109
- If set, indicates that the
1110
- token generated using this role should never expire. The token should be renewed within the
1111
- duration specified by this value. At each renewal, the token's TTL will be set to the
1112
- value of this field. Specified in seconds.
1000
+ Generated Token's Period
1113
1001
  """
1114
1002
  return pulumi.get(self, "token_period")
1115
1003
 
@@ -1117,8 +1005,7 @@ class AuthBackendRole(pulumi.CustomResource):
1117
1005
  @pulumi.getter(name="tokenPolicies")
1118
1006
  def token_policies(self) -> pulumi.Output[Optional[Sequence[str]]]:
1119
1007
  """
1120
- List of policies to encode onto generated tokens. Depending
1121
- on the auth method, this list may be supplemented by user/group/other values.
1008
+ Generated Token's Policies
1122
1009
  """
1123
1010
  return pulumi.get(self, "token_policies")
1124
1011
 
@@ -1126,8 +1013,7 @@ class AuthBackendRole(pulumi.CustomResource):
1126
1013
  @pulumi.getter(name="tokenTtl")
1127
1014
  def token_ttl(self) -> pulumi.Output[Optional[int]]:
1128
1015
  """
1129
- The incremental lifetime for generated tokens in number of seconds.
1130
- Its current value will be referenced at renewal time.
1016
+ The initial ttl of the token to generate in seconds
1131
1017
  """
1132
1018
  return pulumi.get(self, "token_ttl")
1133
1019
 
@@ -1135,11 +1021,7 @@ class AuthBackendRole(pulumi.CustomResource):
1135
1021
  @pulumi.getter(name="tokenType")
1136
1022
  def token_type(self) -> pulumi.Output[Optional[str]]:
1137
1023
  """
1138
- The type of token that should be generated. Can be `service`,
1139
- `batch`, or `default` to use the mount's tuned default (which unless changed will be
1140
- `service` tokens). For token store roles, there are two additional possibilities:
1141
- `default-service` and `default-batch` which specify the type to return unless the client
1142
- requests a different type at generation time.
1024
+ The type of token to generate, service or batch
1143
1025
  """
1144
1026
  return pulumi.get(self, "token_type")
1145
1027