pulumi-vault 5.21.0a1710160723__py3-none-any.whl → 6.5.0a1736850018__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (229) hide show
  1. pulumi_vault/__init__.py +52 -0
  2. pulumi_vault/_inputs.py +560 -0
  3. pulumi_vault/_utilities.py +41 -5
  4. pulumi_vault/ad/get_access_credentials.py +22 -7
  5. pulumi_vault/ad/secret_backend.py +14 -144
  6. pulumi_vault/ad/secret_library.py +14 -11
  7. pulumi_vault/ad/secret_role.py +12 -11
  8. pulumi_vault/alicloud/auth_backend_role.py +74 -192
  9. pulumi_vault/approle/auth_backend_login.py +12 -11
  10. pulumi_vault/approle/auth_backend_role.py +75 -193
  11. pulumi_vault/approle/auth_backend_role_secret_id.py +106 -11
  12. pulumi_vault/approle/get_auth_backend_role_id.py +18 -9
  13. pulumi_vault/audit.py +24 -27
  14. pulumi_vault/audit_request_header.py +11 -6
  15. pulumi_vault/auth_backend.py +64 -12
  16. pulumi_vault/aws/auth_backend_cert.py +12 -7
  17. pulumi_vault/aws/auth_backend_client.py +265 -24
  18. pulumi_vault/aws/auth_backend_config_identity.py +12 -11
  19. pulumi_vault/aws/auth_backend_identity_whitelist.py +18 -17
  20. pulumi_vault/aws/auth_backend_login.py +19 -22
  21. pulumi_vault/aws/auth_backend_role.py +75 -193
  22. pulumi_vault/aws/auth_backend_role_tag.py +12 -7
  23. pulumi_vault/aws/auth_backend_roletag_blacklist.py +18 -17
  24. pulumi_vault/aws/auth_backend_sts_role.py +12 -11
  25. pulumi_vault/aws/get_access_credentials.py +34 -7
  26. pulumi_vault/aws/get_static_access_credentials.py +19 -5
  27. pulumi_vault/aws/secret_backend.py +75 -7
  28. pulumi_vault/aws/secret_backend_role.py +183 -11
  29. pulumi_vault/aws/secret_backend_static_role.py +14 -11
  30. pulumi_vault/azure/_inputs.py +24 -0
  31. pulumi_vault/azure/auth_backend_config.py +151 -17
  32. pulumi_vault/azure/auth_backend_role.py +75 -193
  33. pulumi_vault/azure/backend.py +223 -29
  34. pulumi_vault/azure/backend_role.py +42 -41
  35. pulumi_vault/azure/get_access_credentials.py +39 -11
  36. pulumi_vault/azure/outputs.py +5 -0
  37. pulumi_vault/cert_auth_backend_role.py +87 -271
  38. pulumi_vault/config/__init__.pyi +5 -0
  39. pulumi_vault/config/_inputs.py +73 -0
  40. pulumi_vault/config/outputs.py +35 -0
  41. pulumi_vault/config/ui_custom_message.py +529 -0
  42. pulumi_vault/config/vars.py +5 -0
  43. pulumi_vault/consul/secret_backend.py +22 -25
  44. pulumi_vault/consul/secret_backend_role.py +14 -80
  45. pulumi_vault/database/_inputs.py +2770 -881
  46. pulumi_vault/database/outputs.py +721 -838
  47. pulumi_vault/database/secret_backend_connection.py +117 -114
  48. pulumi_vault/database/secret_backend_role.py +29 -24
  49. pulumi_vault/database/secret_backend_static_role.py +85 -15
  50. pulumi_vault/database/secrets_mount.py +425 -138
  51. pulumi_vault/egp_policy.py +16 -15
  52. pulumi_vault/gcp/_inputs.py +111 -0
  53. pulumi_vault/gcp/auth_backend.py +248 -35
  54. pulumi_vault/gcp/auth_backend_role.py +75 -271
  55. pulumi_vault/gcp/get_auth_backend_role.py +43 -9
  56. pulumi_vault/gcp/outputs.py +5 -0
  57. pulumi_vault/gcp/secret_backend.py +287 -16
  58. pulumi_vault/gcp/secret_impersonated_account.py +74 -17
  59. pulumi_vault/gcp/secret_roleset.py +29 -26
  60. pulumi_vault/gcp/secret_static_account.py +37 -34
  61. pulumi_vault/generic/endpoint.py +22 -21
  62. pulumi_vault/generic/get_secret.py +68 -12
  63. pulumi_vault/generic/secret.py +19 -14
  64. pulumi_vault/get_auth_backend.py +24 -11
  65. pulumi_vault/get_auth_backends.py +33 -11
  66. pulumi_vault/get_namespace.py +226 -0
  67. pulumi_vault/get_namespaces.py +153 -0
  68. pulumi_vault/get_nomad_access_token.py +31 -15
  69. pulumi_vault/get_policy_document.py +34 -23
  70. pulumi_vault/get_raft_autopilot_state.py +29 -14
  71. pulumi_vault/github/_inputs.py +55 -0
  72. pulumi_vault/github/auth_backend.py +17 -16
  73. pulumi_vault/github/outputs.py +5 -0
  74. pulumi_vault/github/team.py +14 -13
  75. pulumi_vault/github/user.py +14 -13
  76. pulumi_vault/identity/entity.py +18 -15
  77. pulumi_vault/identity/entity_alias.py +18 -15
  78. pulumi_vault/identity/entity_policies.py +24 -19
  79. pulumi_vault/identity/get_entity.py +40 -14
  80. pulumi_vault/identity/get_group.py +45 -13
  81. pulumi_vault/identity/get_oidc_client_creds.py +21 -11
  82. pulumi_vault/identity/get_oidc_openid_config.py +39 -13
  83. pulumi_vault/identity/get_oidc_public_keys.py +29 -14
  84. pulumi_vault/identity/group.py +50 -49
  85. pulumi_vault/identity/group_alias.py +14 -11
  86. pulumi_vault/identity/group_member_entity_ids.py +24 -74
  87. pulumi_vault/identity/group_member_group_ids.py +36 -27
  88. pulumi_vault/identity/group_policies.py +16 -15
  89. pulumi_vault/identity/mfa_duo.py +9 -8
  90. pulumi_vault/identity/mfa_login_enforcement.py +13 -8
  91. pulumi_vault/identity/mfa_okta.py +9 -8
  92. pulumi_vault/identity/mfa_pingid.py +5 -4
  93. pulumi_vault/identity/mfa_totp.py +5 -4
  94. pulumi_vault/identity/oidc.py +12 -11
  95. pulumi_vault/identity/oidc_assignment.py +22 -13
  96. pulumi_vault/identity/oidc_client.py +34 -25
  97. pulumi_vault/identity/oidc_key.py +28 -19
  98. pulumi_vault/identity/oidc_key_allowed_client_id.py +28 -19
  99. pulumi_vault/identity/oidc_provider.py +34 -23
  100. pulumi_vault/identity/oidc_role.py +40 -27
  101. pulumi_vault/identity/oidc_scope.py +18 -15
  102. pulumi_vault/identity/outputs.py +8 -3
  103. pulumi_vault/jwt/_inputs.py +55 -0
  104. pulumi_vault/jwt/auth_backend.py +39 -46
  105. pulumi_vault/jwt/auth_backend_role.py +131 -260
  106. pulumi_vault/jwt/outputs.py +5 -0
  107. pulumi_vault/kmip/secret_backend.py +22 -21
  108. pulumi_vault/kmip/secret_role.py +12 -11
  109. pulumi_vault/kmip/secret_scope.py +12 -11
  110. pulumi_vault/kubernetes/auth_backend_config.py +55 -7
  111. pulumi_vault/kubernetes/auth_backend_role.py +68 -179
  112. pulumi_vault/kubernetes/get_auth_backend_config.py +60 -8
  113. pulumi_vault/kubernetes/get_auth_backend_role.py +40 -5
  114. pulumi_vault/kubernetes/get_service_account_token.py +39 -15
  115. pulumi_vault/kubernetes/secret_backend.py +314 -29
  116. pulumi_vault/kubernetes/secret_backend_role.py +135 -56
  117. pulumi_vault/kv/_inputs.py +36 -4
  118. pulumi_vault/kv/get_secret.py +23 -12
  119. pulumi_vault/kv/get_secret_subkeys_v2.py +31 -14
  120. pulumi_vault/kv/get_secret_v2.py +89 -9
  121. pulumi_vault/kv/get_secrets_list.py +22 -15
  122. pulumi_vault/kv/get_secrets_list_v2.py +35 -19
  123. pulumi_vault/kv/outputs.py +8 -3
  124. pulumi_vault/kv/secret.py +19 -18
  125. pulumi_vault/kv/secret_backend_v2.py +12 -11
  126. pulumi_vault/kv/secret_v2.py +55 -52
  127. pulumi_vault/ldap/auth_backend.py +125 -168
  128. pulumi_vault/ldap/auth_backend_group.py +12 -11
  129. pulumi_vault/ldap/auth_backend_user.py +12 -11
  130. pulumi_vault/ldap/get_dynamic_credentials.py +23 -5
  131. pulumi_vault/ldap/get_static_credentials.py +24 -5
  132. pulumi_vault/ldap/secret_backend.py +352 -84
  133. pulumi_vault/ldap/secret_backend_dynamic_role.py +12 -11
  134. pulumi_vault/ldap/secret_backend_library_set.py +14 -11
  135. pulumi_vault/ldap/secret_backend_static_role.py +67 -12
  136. pulumi_vault/managed/_inputs.py +289 -132
  137. pulumi_vault/managed/keys.py +27 -43
  138. pulumi_vault/managed/outputs.py +89 -132
  139. pulumi_vault/mfa_duo.py +16 -13
  140. pulumi_vault/mfa_okta.py +16 -13
  141. pulumi_vault/mfa_pingid.py +16 -13
  142. pulumi_vault/mfa_totp.py +22 -19
  143. pulumi_vault/mongodbatlas/secret_backend.py +18 -17
  144. pulumi_vault/mongodbatlas/secret_role.py +41 -38
  145. pulumi_vault/mount.py +389 -65
  146. pulumi_vault/namespace.py +26 -21
  147. pulumi_vault/nomad_secret_backend.py +16 -15
  148. pulumi_vault/nomad_secret_role.py +12 -11
  149. pulumi_vault/okta/_inputs.py +47 -8
  150. pulumi_vault/okta/auth_backend.py +483 -41
  151. pulumi_vault/okta/auth_backend_group.py +12 -11
  152. pulumi_vault/okta/auth_backend_user.py +12 -11
  153. pulumi_vault/okta/outputs.py +13 -8
  154. pulumi_vault/outputs.py +5 -0
  155. pulumi_vault/password_policy.py +18 -15
  156. pulumi_vault/pkisecret/__init__.py +3 -0
  157. pulumi_vault/pkisecret/_inputs.py +81 -0
  158. pulumi_vault/pkisecret/backend_config_cluster.py +369 -0
  159. pulumi_vault/pkisecret/backend_config_est.py +619 -0
  160. pulumi_vault/pkisecret/get_backend_config_est.py +251 -0
  161. pulumi_vault/pkisecret/get_backend_issuer.py +63 -7
  162. pulumi_vault/pkisecret/get_backend_issuers.py +21 -12
  163. pulumi_vault/pkisecret/get_backend_key.py +24 -13
  164. pulumi_vault/pkisecret/get_backend_keys.py +21 -12
  165. pulumi_vault/pkisecret/outputs.py +69 -0
  166. pulumi_vault/pkisecret/secret_backend_cert.py +18 -15
  167. pulumi_vault/pkisecret/secret_backend_config_ca.py +16 -15
  168. pulumi_vault/pkisecret/secret_backend_config_issuers.py +12 -11
  169. pulumi_vault/pkisecret/secret_backend_config_urls.py +59 -11
  170. pulumi_vault/pkisecret/secret_backend_crl_config.py +14 -13
  171. pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +16 -15
  172. pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +22 -21
  173. pulumi_vault/pkisecret/secret_backend_issuer.py +12 -11
  174. pulumi_vault/pkisecret/secret_backend_key.py +12 -7
  175. pulumi_vault/pkisecret/secret_backend_role.py +19 -16
  176. pulumi_vault/pkisecret/secret_backend_root_cert.py +16 -52
  177. pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +18 -62
  178. pulumi_vault/pkisecret/secret_backend_sign.py +18 -60
  179. pulumi_vault/plugin.py +595 -0
  180. pulumi_vault/plugin_pinned_version.py +298 -0
  181. pulumi_vault/policy.py +12 -7
  182. pulumi_vault/provider.py +48 -53
  183. pulumi_vault/pulumi-plugin.json +2 -1
  184. pulumi_vault/quota_lease_count.py +58 -8
  185. pulumi_vault/quota_rate_limit.py +54 -4
  186. pulumi_vault/rabbitmq/_inputs.py +61 -0
  187. pulumi_vault/rabbitmq/outputs.py +5 -0
  188. pulumi_vault/rabbitmq/secret_backend.py +16 -15
  189. pulumi_vault/rabbitmq/secret_backend_role.py +52 -49
  190. pulumi_vault/raft_autopilot.py +12 -11
  191. pulumi_vault/raft_snapshot_agent_config.py +121 -311
  192. pulumi_vault/rgp_policy.py +14 -13
  193. pulumi_vault/saml/auth_backend.py +20 -19
  194. pulumi_vault/saml/auth_backend_role.py +90 -199
  195. pulumi_vault/secrets/__init__.py +3 -0
  196. pulumi_vault/secrets/_inputs.py +110 -0
  197. pulumi_vault/secrets/outputs.py +94 -0
  198. pulumi_vault/secrets/sync_association.py +56 -75
  199. pulumi_vault/secrets/sync_aws_destination.py +240 -29
  200. pulumi_vault/secrets/sync_azure_destination.py +90 -33
  201. pulumi_vault/secrets/sync_config.py +7 -6
  202. pulumi_vault/secrets/sync_gcp_destination.py +156 -27
  203. pulumi_vault/secrets/sync_gh_destination.py +187 -15
  204. pulumi_vault/secrets/sync_github_apps.py +375 -0
  205. pulumi_vault/secrets/sync_vercel_destination.py +72 -15
  206. pulumi_vault/ssh/_inputs.py +28 -32
  207. pulumi_vault/ssh/outputs.py +11 -32
  208. pulumi_vault/ssh/secret_backend_ca.py +106 -11
  209. pulumi_vault/ssh/secret_backend_role.py +83 -120
  210. pulumi_vault/terraformcloud/secret_backend.py +5 -56
  211. pulumi_vault/terraformcloud/secret_creds.py +14 -24
  212. pulumi_vault/terraformcloud/secret_role.py +14 -76
  213. pulumi_vault/token.py +26 -25
  214. pulumi_vault/tokenauth/auth_backend_role.py +76 -201
  215. pulumi_vault/transform/alphabet.py +16 -13
  216. pulumi_vault/transform/get_decode.py +45 -21
  217. pulumi_vault/transform/get_encode.py +45 -21
  218. pulumi_vault/transform/role.py +16 -13
  219. pulumi_vault/transform/template.py +30 -25
  220. pulumi_vault/transform/transformation.py +12 -7
  221. pulumi_vault/transit/get_decrypt.py +26 -25
  222. pulumi_vault/transit/get_encrypt.py +24 -19
  223. pulumi_vault/transit/secret_backend_key.py +25 -97
  224. pulumi_vault/transit/secret_cache_config.py +12 -11
  225. {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736850018.dist-info}/METADATA +8 -7
  226. pulumi_vault-6.5.0a1736850018.dist-info/RECORD +256 -0
  227. {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736850018.dist-info}/WHEEL +1 -1
  228. pulumi_vault-5.21.0a1710160723.dist-info/RECORD +0 -244
  229. {pulumi_vault-5.21.0a1710160723.dist-info → pulumi_vault-6.5.0a1736850018.dist-info}/top_level.txt +0 -0
@@ -4,9 +4,14 @@
4
4
 
5
5
  import copy
6
6
  import warnings
7
+ import sys
7
8
  import pulumi
8
9
  import pulumi.runtime
9
10
  from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
10
15
  from .. import _utilities
11
16
 
12
17
  __all__ = ['AuthBackendRoleArgs', 'AuthBackendRole']
@@ -100,7 +105,7 @@ class AuthBackendRoleArgs:
100
105
  This only applies when `auth_type` is set to `iam`.
101
106
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
102
107
  The value should not contain leading or trailing forward slashes.
103
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
108
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
104
109
  *Available only for Vault Enterprise*.
105
110
  :param pulumi.Input[bool] resolve_aws_unique_ids: Only valid when
106
111
  `auth_type` is `iam`. If set to `true`, the `bound_iam_principal_arns` are
@@ -117,32 +122,15 @@ class AuthBackendRoleArgs:
117
122
  for this field should be the key of the tag on the EC2 instance. `auth_type`
118
123
  must be set to `ec2` or `inferred_entity_type` must be set to `ec2_instance`
119
124
  to use this constraint.
120
- :param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: List of CIDR blocks; if set, specifies blocks of IP
121
- addresses which can authenticate successfully, and ties the resulting token to these blocks
122
- as well.
123
- :param pulumi.Input[int] token_explicit_max_ttl: If set, will encode an
124
- [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls)
125
- onto the token in number of seconds. This is a hard cap even if `token_ttl` and
126
- `token_max_ttl` would otherwise allow a renewal.
127
- :param pulumi.Input[int] token_max_ttl: The maximum lifetime for generated tokens in number of seconds.
128
- Its current value will be referenced at renewal time.
129
- :param pulumi.Input[bool] token_no_default_policy: If set, the default policy will not be set on
130
- generated tokens; otherwise it will be added to the policies set in token_policies.
131
- :param pulumi.Input[int] token_num_uses: The [maximum number](https://www.vaultproject.io/api-docs/auth/aws#token_num_uses)
132
- of times a generated token may be used (within its lifetime); 0 means unlimited.
133
- :param pulumi.Input[int] token_period: If set, indicates that the
134
- token generated using this role should never expire. The token should be renewed within the
135
- duration specified by this value. At each renewal, the token's TTL will be set to the
136
- value of this field. Specified in seconds.
137
- :param pulumi.Input[Sequence[pulumi.Input[str]]] token_policies: List of policies to encode onto generated tokens. Depending
138
- on the auth method, this list may be supplemented by user/group/other values.
139
- :param pulumi.Input[int] token_ttl: The incremental lifetime for generated tokens in number of seconds.
140
- Its current value will be referenced at renewal time.
141
- :param pulumi.Input[str] token_type: The type of token that should be generated. Can be `service`,
142
- `batch`, or `default` to use the mount's tuned default (which unless changed will be
143
- `service` tokens). For token store roles, there are two additional possibilities:
144
- `default-service` and `default-batch` which specify the type to return unless the client
145
- requests a different type at generation time.
125
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
126
+ :param pulumi.Input[int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
127
+ :param pulumi.Input[int] token_max_ttl: The maximum lifetime of the generated token
128
+ :param pulumi.Input[bool] token_no_default_policy: If true, the 'default' policy will not automatically be added to generated tokens
129
+ :param pulumi.Input[int] token_num_uses: The maximum number of times a token may be used, a value of zero means unlimited
130
+ :param pulumi.Input[int] token_period: Generated Token's Period
131
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] token_policies: Generated Token's Policies
132
+ :param pulumi.Input[int] token_ttl: The initial ttl of the token to generate in seconds
133
+ :param pulumi.Input[str] token_type: The type of token to generate, service or batch
146
134
  """
147
135
  pulumi.set(__self__, "role", role)
148
136
  if allow_instance_migration is not None:
@@ -436,7 +424,7 @@ class AuthBackendRoleArgs:
436
424
  """
437
425
  The namespace to provision the resource in.
438
426
  The value should not contain leading or trailing forward slashes.
439
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
427
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
440
428
  *Available only for Vault Enterprise*.
441
429
  """
442
430
  return pulumi.get(self, "namespace")
@@ -486,9 +474,7 @@ class AuthBackendRoleArgs:
486
474
  @pulumi.getter(name="tokenBoundCidrs")
487
475
  def token_bound_cidrs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
488
476
  """
489
- List of CIDR blocks; if set, specifies blocks of IP
490
- addresses which can authenticate successfully, and ties the resulting token to these blocks
491
- as well.
477
+ Specifies the blocks of IP addresses which are allowed to use the generated token
492
478
  """
493
479
  return pulumi.get(self, "token_bound_cidrs")
494
480
 
@@ -500,10 +486,7 @@ class AuthBackendRoleArgs:
500
486
  @pulumi.getter(name="tokenExplicitMaxTtl")
501
487
  def token_explicit_max_ttl(self) -> Optional[pulumi.Input[int]]:
502
488
  """
503
- If set, will encode an
504
- [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls)
505
- onto the token in number of seconds. This is a hard cap even if `token_ttl` and
506
- `token_max_ttl` would otherwise allow a renewal.
489
+ Generated Token's Explicit Maximum TTL in seconds
507
490
  """
508
491
  return pulumi.get(self, "token_explicit_max_ttl")
509
492
 
@@ -515,8 +498,7 @@ class AuthBackendRoleArgs:
515
498
  @pulumi.getter(name="tokenMaxTtl")
516
499
  def token_max_ttl(self) -> Optional[pulumi.Input[int]]:
517
500
  """
518
- The maximum lifetime for generated tokens in number of seconds.
519
- Its current value will be referenced at renewal time.
501
+ The maximum lifetime of the generated token
520
502
  """
521
503
  return pulumi.get(self, "token_max_ttl")
522
504
 
@@ -528,8 +510,7 @@ class AuthBackendRoleArgs:
528
510
  @pulumi.getter(name="tokenNoDefaultPolicy")
529
511
  def token_no_default_policy(self) -> Optional[pulumi.Input[bool]]:
530
512
  """
531
- If set, the default policy will not be set on
532
- generated tokens; otherwise it will be added to the policies set in token_policies.
513
+ If true, the 'default' policy will not automatically be added to generated tokens
533
514
  """
534
515
  return pulumi.get(self, "token_no_default_policy")
535
516
 
@@ -541,8 +522,7 @@ class AuthBackendRoleArgs:
541
522
  @pulumi.getter(name="tokenNumUses")
542
523
  def token_num_uses(self) -> Optional[pulumi.Input[int]]:
543
524
  """
544
- The [maximum number](https://www.vaultproject.io/api-docs/auth/aws#token_num_uses)
545
- of times a generated token may be used (within its lifetime); 0 means unlimited.
525
+ The maximum number of times a token may be used, a value of zero means unlimited
546
526
  """
547
527
  return pulumi.get(self, "token_num_uses")
548
528
 
@@ -554,10 +534,7 @@ class AuthBackendRoleArgs:
554
534
  @pulumi.getter(name="tokenPeriod")
555
535
  def token_period(self) -> Optional[pulumi.Input[int]]:
556
536
  """
557
- If set, indicates that the
558
- token generated using this role should never expire. The token should be renewed within the
559
- duration specified by this value. At each renewal, the token's TTL will be set to the
560
- value of this field. Specified in seconds.
537
+ Generated Token's Period
561
538
  """
562
539
  return pulumi.get(self, "token_period")
563
540
 
@@ -569,8 +546,7 @@ class AuthBackendRoleArgs:
569
546
  @pulumi.getter(name="tokenPolicies")
570
547
  def token_policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
571
548
  """
572
- List of policies to encode onto generated tokens. Depending
573
- on the auth method, this list may be supplemented by user/group/other values.
549
+ Generated Token's Policies
574
550
  """
575
551
  return pulumi.get(self, "token_policies")
576
552
 
@@ -582,8 +558,7 @@ class AuthBackendRoleArgs:
582
558
  @pulumi.getter(name="tokenTtl")
583
559
  def token_ttl(self) -> Optional[pulumi.Input[int]]:
584
560
  """
585
- The incremental lifetime for generated tokens in number of seconds.
586
- Its current value will be referenced at renewal time.
561
+ The initial ttl of the token to generate in seconds
587
562
  """
588
563
  return pulumi.get(self, "token_ttl")
589
564
 
@@ -595,11 +570,7 @@ class AuthBackendRoleArgs:
595
570
  @pulumi.getter(name="tokenType")
596
571
  def token_type(self) -> Optional[pulumi.Input[str]]:
597
572
  """
598
- The type of token that should be generated. Can be `service`,
599
- `batch`, or `default` to use the mount's tuned default (which unless changed will be
600
- `service` tokens). For token store roles, there are two additional possibilities:
601
- `default-service` and `default-batch` which specify the type to return unless the client
602
- requests a different type at generation time.
573
+ The type of token to generate, service or batch
603
574
  """
604
575
  return pulumi.get(self, "token_type")
605
576
 
@@ -697,7 +668,7 @@ class _AuthBackendRoleState:
697
668
  This only applies when `auth_type` is set to `iam`.
698
669
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
699
670
  The value should not contain leading or trailing forward slashes.
700
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
671
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
701
672
  *Available only for Vault Enterprise*.
702
673
  :param pulumi.Input[bool] resolve_aws_unique_ids: Only valid when
703
674
  `auth_type` is `iam`. If set to `true`, the `bound_iam_principal_arns` are
@@ -716,32 +687,15 @@ class _AuthBackendRoleState:
716
687
  for this field should be the key of the tag on the EC2 instance. `auth_type`
717
688
  must be set to `ec2` or `inferred_entity_type` must be set to `ec2_instance`
718
689
  to use this constraint.
719
- :param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: List of CIDR blocks; if set, specifies blocks of IP
720
- addresses which can authenticate successfully, and ties the resulting token to these blocks
721
- as well.
722
- :param pulumi.Input[int] token_explicit_max_ttl: If set, will encode an
723
- [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls)
724
- onto the token in number of seconds. This is a hard cap even if `token_ttl` and
725
- `token_max_ttl` would otherwise allow a renewal.
726
- :param pulumi.Input[int] token_max_ttl: The maximum lifetime for generated tokens in number of seconds.
727
- Its current value will be referenced at renewal time.
728
- :param pulumi.Input[bool] token_no_default_policy: If set, the default policy will not be set on
729
- generated tokens; otherwise it will be added to the policies set in token_policies.
730
- :param pulumi.Input[int] token_num_uses: The [maximum number](https://www.vaultproject.io/api-docs/auth/aws#token_num_uses)
731
- of times a generated token may be used (within its lifetime); 0 means unlimited.
732
- :param pulumi.Input[int] token_period: If set, indicates that the
733
- token generated using this role should never expire. The token should be renewed within the
734
- duration specified by this value. At each renewal, the token's TTL will be set to the
735
- value of this field. Specified in seconds.
736
- :param pulumi.Input[Sequence[pulumi.Input[str]]] token_policies: List of policies to encode onto generated tokens. Depending
737
- on the auth method, this list may be supplemented by user/group/other values.
738
- :param pulumi.Input[int] token_ttl: The incremental lifetime for generated tokens in number of seconds.
739
- Its current value will be referenced at renewal time.
740
- :param pulumi.Input[str] token_type: The type of token that should be generated. Can be `service`,
741
- `batch`, or `default` to use the mount's tuned default (which unless changed will be
742
- `service` tokens). For token store roles, there are two additional possibilities:
743
- `default-service` and `default-batch` which specify the type to return unless the client
744
- requests a different type at generation time.
690
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
691
+ :param pulumi.Input[int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
692
+ :param pulumi.Input[int] token_max_ttl: The maximum lifetime of the generated token
693
+ :param pulumi.Input[bool] token_no_default_policy: If true, the 'default' policy will not automatically be added to generated tokens
694
+ :param pulumi.Input[int] token_num_uses: The maximum number of times a token may be used, a value of zero means unlimited
695
+ :param pulumi.Input[int] token_period: Generated Token's Period
696
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] token_policies: Generated Token's Policies
697
+ :param pulumi.Input[int] token_ttl: The initial ttl of the token to generate in seconds
698
+ :param pulumi.Input[str] token_type: The type of token to generate, service or batch
745
699
  """
746
700
  if allow_instance_migration is not None:
747
701
  pulumi.set(__self__, "allow_instance_migration", allow_instance_migration)
@@ -1026,7 +980,7 @@ class _AuthBackendRoleState:
1026
980
  """
1027
981
  The namespace to provision the resource in.
1028
982
  The value should not contain leading or trailing forward slashes.
1029
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
983
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
1030
984
  *Available only for Vault Enterprise*.
1031
985
  """
1032
986
  return pulumi.get(self, "namespace")
@@ -1100,9 +1054,7 @@ class _AuthBackendRoleState:
1100
1054
  @pulumi.getter(name="tokenBoundCidrs")
1101
1055
  def token_bound_cidrs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
1102
1056
  """
1103
- List of CIDR blocks; if set, specifies blocks of IP
1104
- addresses which can authenticate successfully, and ties the resulting token to these blocks
1105
- as well.
1057
+ Specifies the blocks of IP addresses which are allowed to use the generated token
1106
1058
  """
1107
1059
  return pulumi.get(self, "token_bound_cidrs")
1108
1060
 
@@ -1114,10 +1066,7 @@ class _AuthBackendRoleState:
1114
1066
  @pulumi.getter(name="tokenExplicitMaxTtl")
1115
1067
  def token_explicit_max_ttl(self) -> Optional[pulumi.Input[int]]:
1116
1068
  """
1117
- If set, will encode an
1118
- [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls)
1119
- onto the token in number of seconds. This is a hard cap even if `token_ttl` and
1120
- `token_max_ttl` would otherwise allow a renewal.
1069
+ Generated Token's Explicit Maximum TTL in seconds
1121
1070
  """
1122
1071
  return pulumi.get(self, "token_explicit_max_ttl")
1123
1072
 
@@ -1129,8 +1078,7 @@ class _AuthBackendRoleState:
1129
1078
  @pulumi.getter(name="tokenMaxTtl")
1130
1079
  def token_max_ttl(self) -> Optional[pulumi.Input[int]]:
1131
1080
  """
1132
- The maximum lifetime for generated tokens in number of seconds.
1133
- Its current value will be referenced at renewal time.
1081
+ The maximum lifetime of the generated token
1134
1082
  """
1135
1083
  return pulumi.get(self, "token_max_ttl")
1136
1084
 
@@ -1142,8 +1090,7 @@ class _AuthBackendRoleState:
1142
1090
  @pulumi.getter(name="tokenNoDefaultPolicy")
1143
1091
  def token_no_default_policy(self) -> Optional[pulumi.Input[bool]]:
1144
1092
  """
1145
- If set, the default policy will not be set on
1146
- generated tokens; otherwise it will be added to the policies set in token_policies.
1093
+ If true, the 'default' policy will not automatically be added to generated tokens
1147
1094
  """
1148
1095
  return pulumi.get(self, "token_no_default_policy")
1149
1096
 
@@ -1155,8 +1102,7 @@ class _AuthBackendRoleState:
1155
1102
  @pulumi.getter(name="tokenNumUses")
1156
1103
  def token_num_uses(self) -> Optional[pulumi.Input[int]]:
1157
1104
  """
1158
- The [maximum number](https://www.vaultproject.io/api-docs/auth/aws#token_num_uses)
1159
- of times a generated token may be used (within its lifetime); 0 means unlimited.
1105
+ The maximum number of times a token may be used, a value of zero means unlimited
1160
1106
  """
1161
1107
  return pulumi.get(self, "token_num_uses")
1162
1108
 
@@ -1168,10 +1114,7 @@ class _AuthBackendRoleState:
1168
1114
  @pulumi.getter(name="tokenPeriod")
1169
1115
  def token_period(self) -> Optional[pulumi.Input[int]]:
1170
1116
  """
1171
- If set, indicates that the
1172
- token generated using this role should never expire. The token should be renewed within the
1173
- duration specified by this value. At each renewal, the token's TTL will be set to the
1174
- value of this field. Specified in seconds.
1117
+ Generated Token's Period
1175
1118
  """
1176
1119
  return pulumi.get(self, "token_period")
1177
1120
 
@@ -1183,8 +1126,7 @@ class _AuthBackendRoleState:
1183
1126
  @pulumi.getter(name="tokenPolicies")
1184
1127
  def token_policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
1185
1128
  """
1186
- List of policies to encode onto generated tokens. Depending
1187
- on the auth method, this list may be supplemented by user/group/other values.
1129
+ Generated Token's Policies
1188
1130
  """
1189
1131
  return pulumi.get(self, "token_policies")
1190
1132
 
@@ -1196,8 +1138,7 @@ class _AuthBackendRoleState:
1196
1138
  @pulumi.getter(name="tokenTtl")
1197
1139
  def token_ttl(self) -> Optional[pulumi.Input[int]]:
1198
1140
  """
1199
- The incremental lifetime for generated tokens in number of seconds.
1200
- Its current value will be referenced at renewal time.
1141
+ The initial ttl of the token to generate in seconds
1201
1142
  """
1202
1143
  return pulumi.get(self, "token_ttl")
1203
1144
 
@@ -1209,11 +1150,7 @@ class _AuthBackendRoleState:
1209
1150
  @pulumi.getter(name="tokenType")
1210
1151
  def token_type(self) -> Optional[pulumi.Input[str]]:
1211
1152
  """
1212
- The type of token that should be generated. Can be `service`,
1213
- `batch`, or `default` to use the mount's tuned default (which unless changed will be
1214
- `service` tokens). For token store roles, there are two additional possibilities:
1215
- `default-service` and `default-batch` which specify the type to return unless the client
1216
- requests a different type at generation time.
1153
+ The type of token to generate, service or batch
1217
1154
  """
1218
1155
  return pulumi.get(self, "token_type")
1219
1156
 
@@ -1265,7 +1202,6 @@ class AuthBackendRole(pulumi.CustomResource):
1265
1202
 
1266
1203
  ## Example Usage
1267
1204
 
1268
- <!--Start PulumiCodeChooser -->
1269
1205
  ```python
1270
1206
  import pulumi
1271
1207
  import pulumi_vault as vault
@@ -1291,7 +1227,6 @@ class AuthBackendRole(pulumi.CustomResource):
1291
1227
  "prod",
1292
1228
  ])
1293
1229
  ```
1294
- <!--End PulumiCodeChooser -->
1295
1230
 
1296
1231
  ## Import
1297
1232
 
@@ -1358,7 +1293,7 @@ class AuthBackendRole(pulumi.CustomResource):
1358
1293
  This only applies when `auth_type` is set to `iam`.
1359
1294
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
1360
1295
  The value should not contain leading or trailing forward slashes.
1361
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
1296
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
1362
1297
  *Available only for Vault Enterprise*.
1363
1298
  :param pulumi.Input[bool] resolve_aws_unique_ids: Only valid when
1364
1299
  `auth_type` is `iam`. If set to `true`, the `bound_iam_principal_arns` are
@@ -1376,32 +1311,15 @@ class AuthBackendRole(pulumi.CustomResource):
1376
1311
  for this field should be the key of the tag on the EC2 instance. `auth_type`
1377
1312
  must be set to `ec2` or `inferred_entity_type` must be set to `ec2_instance`
1378
1313
  to use this constraint.
1379
- :param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: List of CIDR blocks; if set, specifies blocks of IP
1380
- addresses which can authenticate successfully, and ties the resulting token to these blocks
1381
- as well.
1382
- :param pulumi.Input[int] token_explicit_max_ttl: If set, will encode an
1383
- [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls)
1384
- onto the token in number of seconds. This is a hard cap even if `token_ttl` and
1385
- `token_max_ttl` would otherwise allow a renewal.
1386
- :param pulumi.Input[int] token_max_ttl: The maximum lifetime for generated tokens in number of seconds.
1387
- Its current value will be referenced at renewal time.
1388
- :param pulumi.Input[bool] token_no_default_policy: If set, the default policy will not be set on
1389
- generated tokens; otherwise it will be added to the policies set in token_policies.
1390
- :param pulumi.Input[int] token_num_uses: The [maximum number](https://www.vaultproject.io/api-docs/auth/aws#token_num_uses)
1391
- of times a generated token may be used (within its lifetime); 0 means unlimited.
1392
- :param pulumi.Input[int] token_period: If set, indicates that the
1393
- token generated using this role should never expire. The token should be renewed within the
1394
- duration specified by this value. At each renewal, the token's TTL will be set to the
1395
- value of this field. Specified in seconds.
1396
- :param pulumi.Input[Sequence[pulumi.Input[str]]] token_policies: List of policies to encode onto generated tokens. Depending
1397
- on the auth method, this list may be supplemented by user/group/other values.
1398
- :param pulumi.Input[int] token_ttl: The incremental lifetime for generated tokens in number of seconds.
1399
- Its current value will be referenced at renewal time.
1400
- :param pulumi.Input[str] token_type: The type of token that should be generated. Can be `service`,
1401
- `batch`, or `default` to use the mount's tuned default (which unless changed will be
1402
- `service` tokens). For token store roles, there are two additional possibilities:
1403
- `default-service` and `default-batch` which specify the type to return unless the client
1404
- requests a different type at generation time.
1314
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
1315
+ :param pulumi.Input[int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
1316
+ :param pulumi.Input[int] token_max_ttl: The maximum lifetime of the generated token
1317
+ :param pulumi.Input[bool] token_no_default_policy: If true, the 'default' policy will not automatically be added to generated tokens
1318
+ :param pulumi.Input[int] token_num_uses: The maximum number of times a token may be used, a value of zero means unlimited
1319
+ :param pulumi.Input[int] token_period: Generated Token's Period
1320
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] token_policies: Generated Token's Policies
1321
+ :param pulumi.Input[int] token_ttl: The initial ttl of the token to generate in seconds
1322
+ :param pulumi.Input[str] token_type: The type of token to generate, service or batch
1405
1323
  """
1406
1324
  ...
1407
1325
  @overload
@@ -1418,7 +1336,6 @@ class AuthBackendRole(pulumi.CustomResource):
1418
1336
 
1419
1337
  ## Example Usage
1420
1338
 
1421
- <!--Start PulumiCodeChooser -->
1422
1339
  ```python
1423
1340
  import pulumi
1424
1341
  import pulumi_vault as vault
@@ -1444,7 +1361,6 @@ class AuthBackendRole(pulumi.CustomResource):
1444
1361
  "prod",
1445
1362
  ])
1446
1363
  ```
1447
- <!--End PulumiCodeChooser -->
1448
1364
 
1449
1365
  ## Import
1450
1366
 
@@ -1638,7 +1554,7 @@ class AuthBackendRole(pulumi.CustomResource):
1638
1554
  This only applies when `auth_type` is set to `iam`.
1639
1555
  :param pulumi.Input[str] namespace: The namespace to provision the resource in.
1640
1556
  The value should not contain leading or trailing forward slashes.
1641
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
1557
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
1642
1558
  *Available only for Vault Enterprise*.
1643
1559
  :param pulumi.Input[bool] resolve_aws_unique_ids: Only valid when
1644
1560
  `auth_type` is `iam`. If set to `true`, the `bound_iam_principal_arns` are
@@ -1657,32 +1573,15 @@ class AuthBackendRole(pulumi.CustomResource):
1657
1573
  for this field should be the key of the tag on the EC2 instance. `auth_type`
1658
1574
  must be set to `ec2` or `inferred_entity_type` must be set to `ec2_instance`
1659
1575
  to use this constraint.
1660
- :param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: List of CIDR blocks; if set, specifies blocks of IP
1661
- addresses which can authenticate successfully, and ties the resulting token to these blocks
1662
- as well.
1663
- :param pulumi.Input[int] token_explicit_max_ttl: If set, will encode an
1664
- [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls)
1665
- onto the token in number of seconds. This is a hard cap even if `token_ttl` and
1666
- `token_max_ttl` would otherwise allow a renewal.
1667
- :param pulumi.Input[int] token_max_ttl: The maximum lifetime for generated tokens in number of seconds.
1668
- Its current value will be referenced at renewal time.
1669
- :param pulumi.Input[bool] token_no_default_policy: If set, the default policy will not be set on
1670
- generated tokens; otherwise it will be added to the policies set in token_policies.
1671
- :param pulumi.Input[int] token_num_uses: The [maximum number](https://www.vaultproject.io/api-docs/auth/aws#token_num_uses)
1672
- of times a generated token may be used (within its lifetime); 0 means unlimited.
1673
- :param pulumi.Input[int] token_period: If set, indicates that the
1674
- token generated using this role should never expire. The token should be renewed within the
1675
- duration specified by this value. At each renewal, the token's TTL will be set to the
1676
- value of this field. Specified in seconds.
1677
- :param pulumi.Input[Sequence[pulumi.Input[str]]] token_policies: List of policies to encode onto generated tokens. Depending
1678
- on the auth method, this list may be supplemented by user/group/other values.
1679
- :param pulumi.Input[int] token_ttl: The incremental lifetime for generated tokens in number of seconds.
1680
- Its current value will be referenced at renewal time.
1681
- :param pulumi.Input[str] token_type: The type of token that should be generated. Can be `service`,
1682
- `batch`, or `default` to use the mount's tuned default (which unless changed will be
1683
- `service` tokens). For token store roles, there are two additional possibilities:
1684
- `default-service` and `default-batch` which specify the type to return unless the client
1685
- requests a different type at generation time.
1576
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
1577
+ :param pulumi.Input[int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
1578
+ :param pulumi.Input[int] token_max_ttl: The maximum lifetime of the generated token
1579
+ :param pulumi.Input[bool] token_no_default_policy: If true, the 'default' policy will not automatically be added to generated tokens
1580
+ :param pulumi.Input[int] token_num_uses: The maximum number of times a token may be used, a value of zero means unlimited
1581
+ :param pulumi.Input[int] token_period: Generated Token's Period
1582
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] token_policies: Generated Token's Policies
1583
+ :param pulumi.Input[int] token_ttl: The initial ttl of the token to generate in seconds
1584
+ :param pulumi.Input[str] token_type: The type of token to generate, service or batch
1686
1585
  """
1687
1586
  opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
1688
1587
 
@@ -1883,7 +1782,7 @@ class AuthBackendRole(pulumi.CustomResource):
1883
1782
  """
1884
1783
  The namespace to provision the resource in.
1885
1784
  The value should not contain leading or trailing forward slashes.
1886
- The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
1785
+ The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
1887
1786
  *Available only for Vault Enterprise*.
1888
1787
  """
1889
1788
  return pulumi.get(self, "namespace")
@@ -1937,9 +1836,7 @@ class AuthBackendRole(pulumi.CustomResource):
1937
1836
  @pulumi.getter(name="tokenBoundCidrs")
1938
1837
  def token_bound_cidrs(self) -> pulumi.Output[Optional[Sequence[str]]]:
1939
1838
  """
1940
- List of CIDR blocks; if set, specifies blocks of IP
1941
- addresses which can authenticate successfully, and ties the resulting token to these blocks
1942
- as well.
1839
+ Specifies the blocks of IP addresses which are allowed to use the generated token
1943
1840
  """
1944
1841
  return pulumi.get(self, "token_bound_cidrs")
1945
1842
 
@@ -1947,10 +1844,7 @@ class AuthBackendRole(pulumi.CustomResource):
1947
1844
  @pulumi.getter(name="tokenExplicitMaxTtl")
1948
1845
  def token_explicit_max_ttl(self) -> pulumi.Output[Optional[int]]:
1949
1846
  """
1950
- If set, will encode an
1951
- [explicit max TTL](https://www.vaultproject.io/docs/concepts/tokens.html#token-time-to-live-periodic-tokens-and-explicit-max-ttls)
1952
- onto the token in number of seconds. This is a hard cap even if `token_ttl` and
1953
- `token_max_ttl` would otherwise allow a renewal.
1847
+ Generated Token's Explicit Maximum TTL in seconds
1954
1848
  """
1955
1849
  return pulumi.get(self, "token_explicit_max_ttl")
1956
1850
 
@@ -1958,8 +1852,7 @@ class AuthBackendRole(pulumi.CustomResource):
1958
1852
  @pulumi.getter(name="tokenMaxTtl")
1959
1853
  def token_max_ttl(self) -> pulumi.Output[Optional[int]]:
1960
1854
  """
1961
- The maximum lifetime for generated tokens in number of seconds.
1962
- Its current value will be referenced at renewal time.
1855
+ The maximum lifetime of the generated token
1963
1856
  """
1964
1857
  return pulumi.get(self, "token_max_ttl")
1965
1858
 
@@ -1967,8 +1860,7 @@ class AuthBackendRole(pulumi.CustomResource):
1967
1860
  @pulumi.getter(name="tokenNoDefaultPolicy")
1968
1861
  def token_no_default_policy(self) -> pulumi.Output[Optional[bool]]:
1969
1862
  """
1970
- If set, the default policy will not be set on
1971
- generated tokens; otherwise it will be added to the policies set in token_policies.
1863
+ If true, the 'default' policy will not automatically be added to generated tokens
1972
1864
  """
1973
1865
  return pulumi.get(self, "token_no_default_policy")
1974
1866
 
@@ -1976,8 +1868,7 @@ class AuthBackendRole(pulumi.CustomResource):
1976
1868
  @pulumi.getter(name="tokenNumUses")
1977
1869
  def token_num_uses(self) -> pulumi.Output[Optional[int]]:
1978
1870
  """
1979
- The [maximum number](https://www.vaultproject.io/api-docs/auth/aws#token_num_uses)
1980
- of times a generated token may be used (within its lifetime); 0 means unlimited.
1871
+ The maximum number of times a token may be used, a value of zero means unlimited
1981
1872
  """
1982
1873
  return pulumi.get(self, "token_num_uses")
1983
1874
 
@@ -1985,10 +1876,7 @@ class AuthBackendRole(pulumi.CustomResource):
1985
1876
  @pulumi.getter(name="tokenPeriod")
1986
1877
  def token_period(self) -> pulumi.Output[Optional[int]]:
1987
1878
  """
1988
- If set, indicates that the
1989
- token generated using this role should never expire. The token should be renewed within the
1990
- duration specified by this value. At each renewal, the token's TTL will be set to the
1991
- value of this field. Specified in seconds.
1879
+ Generated Token's Period
1992
1880
  """
1993
1881
  return pulumi.get(self, "token_period")
1994
1882
 
@@ -1996,8 +1884,7 @@ class AuthBackendRole(pulumi.CustomResource):
1996
1884
  @pulumi.getter(name="tokenPolicies")
1997
1885
  def token_policies(self) -> pulumi.Output[Optional[Sequence[str]]]:
1998
1886
  """
1999
- List of policies to encode onto generated tokens. Depending
2000
- on the auth method, this list may be supplemented by user/group/other values.
1887
+ Generated Token's Policies
2001
1888
  """
2002
1889
  return pulumi.get(self, "token_policies")
2003
1890
 
@@ -2005,8 +1892,7 @@ class AuthBackendRole(pulumi.CustomResource):
2005
1892
  @pulumi.getter(name="tokenTtl")
2006
1893
  def token_ttl(self) -> pulumi.Output[Optional[int]]:
2007
1894
  """
2008
- The incremental lifetime for generated tokens in number of seconds.
2009
- Its current value will be referenced at renewal time.
1895
+ The initial ttl of the token to generate in seconds
2010
1896
  """
2011
1897
  return pulumi.get(self, "token_ttl")
2012
1898
 
@@ -2014,11 +1900,7 @@ class AuthBackendRole(pulumi.CustomResource):
2014
1900
  @pulumi.getter(name="tokenType")
2015
1901
  def token_type(self) -> pulumi.Output[Optional[str]]:
2016
1902
  """
2017
- The type of token that should be generated. Can be `service`,
2018
- `batch`, or `default` to use the mount's tuned default (which unless changed will be
2019
- `service` tokens). For token store roles, there are two additional possibilities:
2020
- `default-service` and `default-batch` which specify the type to return unless the client
2021
- requests a different type at generation time.
1903
+ The type of token to generate, service or batch
2022
1904
  """
2023
1905
  return pulumi.get(self, "token_type")
2024
1906