pulumi-vault 5.21.0a1710160723__py3-none-any.whl → 6.5.0a1736850018__py3-none-any.whl

pulumi_vault/managed/outputs.py

@@ -4,9 +4,14 @@
 
 import copy
 import warnings
+import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 
 __all__ = [
@@ -66,26 +71,19 @@ class KeysAw(dict):
                  region: Optional[str] = None,
                  uuid: Optional[str] = None):
         """
-        :param str access_key: The AWS access key to use.
-        :param str key_bits: The size in bits for an RSA key.
-        :param str key_type: The type of key to use.
-        :param str kms_key: An identifier for the key.
-        :param str name: A unique lowercase name that serves as identifying the key.
-        :param str secret_key: The AWS access key to use.
-        :param bool allow_generate_key: If no existing key can be found in 
-               the referenced backend, instructs Vault to generate a key within the backend.
-        :param bool allow_replace_key: Controls the ability for Vault to replace through
-               generation or importing a key into the configured backend even
-               if a key is present, if set to `false` those operations are forbidden
-               if a key exists.
-        :param bool allow_store_key: Controls the ability for Vault to import a key to the
-               configured backend, if `false`, those operations will be forbidden.
-        :param bool any_mount: If `true`, allows usage from any mount point within the
-               namespace.
-        :param str curve: The curve to use for an ECDSA key. Used when `key_type` 
-               is `ECDSA`. Required if `allow_generate_key` is `true`.
-        :param str endpoint: Used to specify a custom AWS endpoint.
-        :param str region: The AWS region where the keys are stored (or will be stored).
+        :param str access_key: The AWS access key to use
+        :param str key_bits: The size in bits for an RSA key. This field is required when 'key_type' is 'RSA'
+        :param str key_type: The type of key to use
+        :param str kms_key: An identifier for the key
+        :param str name: A unique lowercase name that serves as identifying the key
+        :param str secret_key: The AWS secret key to use
+        :param bool allow_generate_key: If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
+        :param bool allow_replace_key: Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
+        :param bool allow_store_key: Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
+        :param bool any_mount: Allow usage from any mount point within the namespace if 'true'
+        :param str curve: The curve to use for an ECDSA key. Used when key_type is 'ECDSA'. Required if 'allow_generate_key' is true
+        :param str endpoint: Used to specify a custom AWS endpoint
+        :param str region: The AWS region where the keys are stored (or will be stored)
         :param str uuid: ID of the managed key read from Vault
         """
         pulumi.set(__self__, "access_key", access_key)
@@ -115,7 +113,7 @@ class KeysAw(dict):
     @pulumi.getter(name="accessKey")
     def access_key(self) -> str:
         """
-        The AWS access key to use.
+        The AWS access key to use
         """
         return pulumi.get(self, "access_key")
 
@@ -123,7 +121,7 @@ class KeysAw(dict):
     @pulumi.getter(name="keyBits")
     def key_bits(self) -> str:
         """
-        The size in bits for an RSA key.
+        The size in bits for an RSA key. This field is required when 'key_type' is 'RSA'
         """
         return pulumi.get(self, "key_bits")
 
@@ -131,7 +129,7 @@ class KeysAw(dict):
     @pulumi.getter(name="keyType")
     def key_type(self) -> str:
         """
-        The type of key to use.
+        The type of key to use
         """
         return pulumi.get(self, "key_type")
 
@@ -139,7 +137,7 @@ class KeysAw(dict):
     @pulumi.getter(name="kmsKey")
     def kms_key(self) -> str:
         """
-        An identifier for the key.
+        An identifier for the key
         """
         return pulumi.get(self, "kms_key")
 
@@ -147,7 +145,7 @@ class KeysAw(dict):
     @pulumi.getter
     def name(self) -> str:
         """
-        A unique lowercase name that serves as identifying the key.
+        A unique lowercase name that serves as identifying the key
         """
         return pulumi.get(self, "name")
 
@@ -155,7 +153,7 @@ class KeysAw(dict):
     @pulumi.getter(name="secretKey")
     def secret_key(self) -> str:
         """
-        The AWS access key to use.
+        The AWS secret key to use
         """
         return pulumi.get(self, "secret_key")
 
@@ -163,8 +161,7 @@ class KeysAw(dict):
     @pulumi.getter(name="allowGenerateKey")
     def allow_generate_key(self) -> Optional[bool]:
         """
-        If no existing key can be found in 
-        the referenced backend, instructs Vault to generate a key within the backend.
+        If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
         """
         return pulumi.get(self, "allow_generate_key")
 
@@ -172,10 +169,7 @@ class KeysAw(dict):
     @pulumi.getter(name="allowReplaceKey")
     def allow_replace_key(self) -> Optional[bool]:
         """
-        Controls the ability for Vault to replace through
-        generation or importing a key into the configured backend even
-        if a key is present, if set to `false` those operations are forbidden
-        if a key exists.
+        Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
         """
         return pulumi.get(self, "allow_replace_key")
 
@@ -183,8 +177,7 @@ class KeysAw(dict):
     @pulumi.getter(name="allowStoreKey")
     def allow_store_key(self) -> Optional[bool]:
         """
-        Controls the ability for Vault to import a key to the
-        configured backend, if `false`, those operations will be forbidden.
+        Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
         """
         return pulumi.get(self, "allow_store_key")
 
@@ -192,8 +185,7 @@ class KeysAw(dict):
     @pulumi.getter(name="anyMount")
     def any_mount(self) -> Optional[bool]:
         """
-        If `true`, allows usage from any mount point within the
-        namespace.
+        Allow usage from any mount point within the namespace if 'true'
         """
         return pulumi.get(self, "any_mount")
 
@@ -201,8 +193,7 @@ class KeysAw(dict):
     @pulumi.getter
     def curve(self) -> Optional[str]:
         """
-        The curve to use for an ECDSA key. Used when `key_type` 
-        is `ECDSA`. Required if `allow_generate_key` is `true`.
+        The curve to use for an ECDSA key. Used when key_type is 'ECDSA'. Required if 'allow_generate_key' is true
         """
         return pulumi.get(self, "curve")
 
@@ -210,7 +201,7 @@ class KeysAw(dict):
     @pulumi.getter
     def endpoint(self) -> Optional[str]:
         """
-        Used to specify a custom AWS endpoint.
+        Used to specify a custom AWS endpoint
         """
         return pulumi.get(self, "endpoint")
 
@@ -218,7 +209,7 @@ class KeysAw(dict):
     @pulumi.getter
     def region(self) -> Optional[str]:
         """
-        The AWS region where the keys are stored (or will be stored).
+        The AWS region where the keys are stored (or will be stored)
         """
         return pulumi.get(self, "region")
 
@@ -287,26 +278,20 @@ class KeysAzure(dict):
                  resource: Optional[str] = None,
                  uuid: Optional[str] = None):
         """
-        :param str client_id: The client id for credentials to query the Azure APIs.
-        :param str client_secret: The client secret for credentials to query the Azure APIs.
-        :param str key_name: The Key Vault key to use for encryption and decryption.
-        :param str key_type: The type of key to use.
-        :param str name: A unique lowercase name that serves as identifying the key.
-        :param str tenant_id: The tenant id for the Azure Active Directory organization.
-        :param str vault_name: The Key Vault vault to use for encryption and decryption.
-        :param bool allow_generate_key: If no existing key can be found in 
-               the referenced backend, instructs Vault to generate a key within the backend.
-        :param bool allow_replace_key: Controls the ability for Vault to replace through
-               generation or importing a key into the configured backend even
-               if a key is present, if set to `false` those operations are forbidden
-               if a key exists.
-        :param bool allow_store_key: Controls the ability for Vault to import a key to the
-               configured backend, if `false`, those operations will be forbidden.
-        :param bool any_mount: If `true`, allows usage from any mount point within the
-               namespace.
-        :param str environment: The Azure Cloud environment API endpoints to use.
-        :param str key_bits: The size in bits for an RSA key.
-        :param str resource: The Azure Key Vault resource's DNS Suffix to connect to.
+        :param str client_id: The client id for credentials to query the Azure APIs
+        :param str client_secret: The client secret for credentials to query the Azure APIs
+        :param str key_name: The Key Vault key to use for encryption and decryption
+        :param str key_type: The type of key to use
+        :param str name: A unique lowercase name that serves as identifying the key
+        :param str tenant_id: The tenant id for the Azure Active Directory organization
+        :param str vault_name: The Key Vault vault to use the encryption keys for encryption and decryption
+        :param bool allow_generate_key: If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
+        :param bool allow_replace_key: Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
+        :param bool allow_store_key: Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
+        :param bool any_mount: Allow usage from any mount point within the namespace if 'true'
+        :param str environment: The Azure Cloud environment API endpoints to use
+        :param str key_bits: The size in bits for an RSA key. This field is required when 'key_type' is 'RSA' or when 'allow_generate_key' is true
+        :param str resource: The Azure Key Vault resource's DNS Suffix to connect to
         :param str uuid: ID of the managed key read from Vault
         """
         pulumi.set(__self__, "client_id", client_id)
@@ -337,7 +322,7 @@ class KeysAzure(dict):
     @pulumi.getter(name="clientId")
     def client_id(self) -> str:
         """
-        The client id for credentials to query the Azure APIs.
+        The client id for credentials to query the Azure APIs
         """
         return pulumi.get(self, "client_id")
 
@@ -345,7 +330,7 @@ class KeysAzure(dict):
     @pulumi.getter(name="clientSecret")
     def client_secret(self) -> str:
         """
-        The client secret for credentials to query the Azure APIs.
+        The client secret for credentials to query the Azure APIs
         """
         return pulumi.get(self, "client_secret")
 
@@ -353,7 +338,7 @@ class KeysAzure(dict):
     @pulumi.getter(name="keyName")
     def key_name(self) -> str:
         """
-        The Key Vault key to use for encryption and decryption.
+        The Key Vault key to use for encryption and decryption
         """
         return pulumi.get(self, "key_name")
 
@@ -361,7 +346,7 @@ class KeysAzure(dict):
     @pulumi.getter(name="keyType")
     def key_type(self) -> str:
         """
-        The type of key to use.
+        The type of key to use
         """
         return pulumi.get(self, "key_type")
 
@@ -369,7 +354,7 @@ class KeysAzure(dict):
     @pulumi.getter
     def name(self) -> str:
         """
-        A unique lowercase name that serves as identifying the key.
+        A unique lowercase name that serves as identifying the key
         """
         return pulumi.get(self, "name")
 
@@ -377,7 +362,7 @@ class KeysAzure(dict):
     @pulumi.getter(name="tenantId")
     def tenant_id(self) -> str:
         """
-        The tenant id for the Azure Active Directory organization.
+        The tenant id for the Azure Active Directory organization
         """
         return pulumi.get(self, "tenant_id")
 
@@ -385,7 +370,7 @@ class KeysAzure(dict):
     @pulumi.getter(name="vaultName")
     def vault_name(self) -> str:
         """
-        The Key Vault vault to use for encryption and decryption.
+        The Key Vault vault to use the encryption keys for encryption and decryption
         """
         return pulumi.get(self, "vault_name")
 
@@ -393,8 +378,7 @@ class KeysAzure(dict):
     @pulumi.getter(name="allowGenerateKey")
     def allow_generate_key(self) -> Optional[bool]:
         """
-        If no existing key can be found in 
-        the referenced backend, instructs Vault to generate a key within the backend.
+        If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
         """
         return pulumi.get(self, "allow_generate_key")
 
@@ -402,10 +386,7 @@ class KeysAzure(dict):
     @pulumi.getter(name="allowReplaceKey")
     def allow_replace_key(self) -> Optional[bool]:
         """
-        Controls the ability for Vault to replace through
-        generation or importing a key into the configured backend even
-        if a key is present, if set to `false` those operations are forbidden
-        if a key exists.
+        Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
         """
         return pulumi.get(self, "allow_replace_key")
 
@@ -413,8 +394,7 @@ class KeysAzure(dict):
     @pulumi.getter(name="allowStoreKey")
     def allow_store_key(self) -> Optional[bool]:
         """
-        Controls the ability for Vault to import a key to the
-        configured backend, if `false`, those operations will be forbidden.
+        Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
         """
         return pulumi.get(self, "allow_store_key")
 
@@ -422,8 +402,7 @@ class KeysAzure(dict):
     @pulumi.getter(name="anyMount")
     def any_mount(self) -> Optional[bool]:
         """
-        If `true`, allows usage from any mount point within the
-        namespace.
+        Allow usage from any mount point within the namespace if 'true'
         """
         return pulumi.get(self, "any_mount")
 
@@ -431,7 +410,7 @@ class KeysAzure(dict):
     @pulumi.getter
     def environment(self) -> Optional[str]:
         """
-        The Azure Cloud environment API endpoints to use.
+        The Azure Cloud environment API endpoints to use
         """
         return pulumi.get(self, "environment")
 
@@ -439,7 +418,7 @@ class KeysAzure(dict):
     @pulumi.getter(name="keyBits")
     def key_bits(self) -> Optional[str]:
         """
-        The size in bits for an RSA key.
+        The size in bits for an RSA key. This field is required when 'key_type' is 'RSA' or when 'allow_generate_key' is true
         """
         return pulumi.get(self, "key_bits")
 
@@ -447,7 +426,7 @@ class KeysAzure(dict):
     @pulumi.getter
     def resource(self) -> Optional[str]:
         """
-        The Azure Key Vault resource's DNS Suffix to connect to.
+        The Azure Key Vault resource's DNS Suffix to connect to
         """
         return pulumi.get(self, "resource")
 
@@ -513,32 +492,21 @@ class KeysPkc(dict):
                  token_label: Optional[str] = None,
                  uuid: Optional[str] = None):
         """
-        :param str key_id: The id of a PKCS#11 key to use.
-        :param str key_label: The label of the key to use.
-        :param str library: The name of the kms_library stanza to use from Vault's config
-               to lookup the local library path.
-        :param str mechanism: The encryption/decryption mechanism to use, specified as a
-               hexadecimal (prefixed by 0x) string.
-        :param str name: A unique lowercase name that serves as identifying the key.
-        :param str pin: The PIN for login.
-        :param bool allow_generate_key: If no existing key can be found in 
-               the referenced backend, instructs Vault to generate a key within the backend.
-        :param bool allow_replace_key: Controls the ability for Vault to replace through
-               generation or importing a key into the configured backend even
-               if a key is present, if set to `false` those operations are forbidden
-               if a key exists.
-        :param bool allow_store_key: Controls the ability for Vault to import a key to the
-               configured backend, if `false`, those operations will be forbidden.
-        :param bool any_mount: If `true`, allows usage from any mount point within the
-               namespace.
-        :param str curve: The curve to use for an ECDSA key. Used when `key_type` 
-               is `ECDSA`. Required if `allow_generate_key` is `true`.
-        :param str force_rw_session: Force all operations to open up a read-write session to
-               the HSM.
-        :param str key_bits: The size in bits for an RSA key.
-        :param str slot: The slot number to use, specified as a string in a decimal format
-               (e.g. `2305843009213693953`).
-        :param str token_label: The slot token label to use.
+        :param str key_id: The id of a PKCS#11 key to use
+        :param str key_label: The label of the key to use
+        :param str library: The name of the kms_library stanza to use from Vault's config to lookup the local library path
+        :param str mechanism: The encryption/decryption mechanism to use, specified as a hexadecimal (prefixed by 0x) string.
+        :param str name: A unique lowercase name that serves as identifying the key
+        :param str pin: The PIN for login
+        :param bool allow_generate_key: If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
+        :param bool allow_replace_key: Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
+        :param bool allow_store_key: Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
+        :param bool any_mount: Allow usage from any mount point within the namespace if 'true'
+        :param str curve: Supplies the curve value when using the 'CKM_ECDSA' mechanism. Required if 'allow_generate_key' is true
+        :param str force_rw_session: Force all operations to open up a read-write session to the HSM
+        :param str key_bits: Supplies the size in bits of the key when using 'CKM_RSA_PKCS_PSS', 'CKM_RSA_PKCS_OAEP' or 'CKM_RSA_PKCS' as a value for 'mechanism'. Required if 'allow_generate_key' is true
+        :param str slot: The slot number to use, specified as a string in a decimal format (e.g. '2305843009213693953')
+        :param str token_label: The slot token label to use
         :param str uuid: ID of the managed key read from Vault
         """
         pulumi.set(__self__, "key_id", key_id)
@@ -572,7 +540,7 @@ class KeysPkc(dict):
     @pulumi.getter(name="keyId")
     def key_id(self) -> str:
         """
-        The id of a PKCS#11 key to use.
+        The id of a PKCS#11 key to use
         """
         return pulumi.get(self, "key_id")
 
@@ -580,7 +548,7 @@ class KeysPkc(dict):
     @pulumi.getter(name="keyLabel")
     def key_label(self) -> str:
         """
-        The label of the key to use.
+        The label of the key to use
         """
         return pulumi.get(self, "key_label")
 
@@ -588,8 +556,7 @@ class KeysPkc(dict):
     @pulumi.getter
     def library(self) -> str:
         """
-        The name of the kms_library stanza to use from Vault's config
-        to lookup the local library path.
+        The name of the kms_library stanza to use from Vault's config to lookup the local library path
         """
         return pulumi.get(self, "library")
 
@@ -597,8 +564,7 @@ class KeysPkc(dict):
     @pulumi.getter
     def mechanism(self) -> str:
         """
-        The encryption/decryption mechanism to use, specified as a
-        hexadecimal (prefixed by 0x) string.
+        The encryption/decryption mechanism to use, specified as a hexadecimal (prefixed by 0x) string.
         """
         return pulumi.get(self, "mechanism")
 
@@ -606,7 +572,7 @@ class KeysPkc(dict):
     @pulumi.getter
     def name(self) -> str:
         """
-        A unique lowercase name that serves as identifying the key.
+        A unique lowercase name that serves as identifying the key
         """
         return pulumi.get(self, "name")
 
@@ -614,7 +580,7 @@ class KeysPkc(dict):
     @pulumi.getter
     def pin(self) -> str:
         """
-        The PIN for login.
+        The PIN for login
         """
         return pulumi.get(self, "pin")
 
@@ -622,8 +588,7 @@ class KeysPkc(dict):
     @pulumi.getter(name="allowGenerateKey")
     def allow_generate_key(self) -> Optional[bool]:
         """
-        If no existing key can be found in 
-        the referenced backend, instructs Vault to generate a key within the backend.
+        If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
         """
         return pulumi.get(self, "allow_generate_key")
 
@@ -631,10 +596,7 @@ class KeysPkc(dict):
     @pulumi.getter(name="allowReplaceKey")
     def allow_replace_key(self) -> Optional[bool]:
         """
-        Controls the ability for Vault to replace through
-        generation or importing a key into the configured backend even
-        if a key is present, if set to `false` those operations are forbidden
-        if a key exists.
+        Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
         """
         return pulumi.get(self, "allow_replace_key")
 
@@ -642,8 +604,7 @@ class KeysPkc(dict):
     @pulumi.getter(name="allowStoreKey")
     def allow_store_key(self) -> Optional[bool]:
         """
-        Controls the ability for Vault to import a key to the
-        configured backend, if `false`, those operations will be forbidden.
+        Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
         """
         return pulumi.get(self, "allow_store_key")
 
@@ -651,8 +612,7 @@ class KeysPkc(dict):
     @pulumi.getter(name="anyMount")
     def any_mount(self) -> Optional[bool]:
         """
-        If `true`, allows usage from any mount point within the
-        namespace.
+        Allow usage from any mount point within the namespace if 'true'
         """
         return pulumi.get(self, "any_mount")
 
@@ -660,8 +620,7 @@ class KeysPkc(dict):
     @pulumi.getter
     def curve(self) -> Optional[str]:
         """
-        The curve to use for an ECDSA key. Used when `key_type` 
-        is `ECDSA`. Required if `allow_generate_key` is `true`.
+        Supplies the curve value when using the 'CKM_ECDSA' mechanism. Required if 'allow_generate_key' is true
         """
         return pulumi.get(self, "curve")
 
@@ -669,8 +628,7 @@ class KeysPkc(dict):
     @pulumi.getter(name="forceRwSession")
     def force_rw_session(self) -> Optional[str]:
         """
-        Force all operations to open up a read-write session to
-        the HSM.
+        Force all operations to open up a read-write session to the HSM
         """
         return pulumi.get(self, "force_rw_session")
 
@@ -678,7 +636,7 @@ class KeysPkc(dict):
     @pulumi.getter(name="keyBits")
     def key_bits(self) -> Optional[str]:
         """
-        The size in bits for an RSA key.
+        Supplies the size in bits of the key when using 'CKM_RSA_PKCS_PSS', 'CKM_RSA_PKCS_OAEP' or 'CKM_RSA_PKCS' as a value for 'mechanism'. Required if 'allow_generate_key' is true
         """
         return pulumi.get(self, "key_bits")
 
@@ -686,8 +644,7 @@ class KeysPkc(dict):
     @pulumi.getter
     def slot(self) -> Optional[str]:
         """
-        The slot number to use, specified as a string in a decimal format
-        (e.g. `2305843009213693953`).
+        The slot number to use, specified as a string in a decimal format (e.g. '2305843009213693953')
         """
         return pulumi.get(self, "slot")
 
@@ -695,7 +652,7 @@ class KeysPkc(dict):
     @pulumi.getter(name="tokenLabel")
     def token_label(self) -> Optional[str]:
         """
-        The slot token label to use.
+        The slot token label to use
         """
         return pulumi.get(self, "token_label")
 

pulumi_vault/mfa_duo.py

@@ -4,9 +4,14 @@
 
 import copy
 import warnings
+import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from . import _utilities
 
 __all__ = ['MfaDuoArgs', 'MfaDuo']
@@ -31,7 +36,7 @@ class MfaDuoArgs:
         :param pulumi.Input[str] name: `(string: <required>)` – Name of the MFA method.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[str] push_info: `(string)` - Push information for Duo.
         :param pulumi.Input[str] username_format: `(string)` - A format string for mapping Identity names to MFA method names. Values to substitute should be placed in `{{}}`. For example, `"{{alias.name}}@example.com"`. If blank, the Alias's Name field will be used as-is. Currently-supported mappings:
@@ -119,7 +124,7 @@ class MfaDuoArgs:
         """
         The namespace to provision the resource in.
         The value should not contain leading or trailing forward slashes.
-        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         *Available only for Vault Enterprise*.
         """
         return pulumi.get(self, "namespace")
@@ -176,7 +181,7 @@ class _MfaDuoState:
         :param pulumi.Input[str] name: `(string: <required>)` – Name of the MFA method.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[str] push_info: `(string)` - Push information for Duo.
         :param pulumi.Input[str] secret_key: `(string: <required>)` - Secret key for Duo.
@@ -257,7 +262,7 @@ class _MfaDuoState:
         """
         The namespace to provision the resource in.
         The value should not contain leading or trailing forward slashes.
-        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         *Available only for Vault Enterprise*.
         """
         return pulumi.get(self, "namespace")
@@ -328,7 +333,6 @@ class MfaDuo(pulumi.CustomResource):
 
         ## Example Usage
 
-        <!--Start PulumiCodeChooser -->
         ```python
         import pulumi
         import pulumi_vault as vault
@@ -336,13 +340,13 @@ class MfaDuo(pulumi.CustomResource):
         userpass = vault.AuthBackend("userpass",
             type="userpass",
             path="userpass")
-        my_duo = vault.MfaDuo("myDuo",
+        my_duo = vault.MfaDuo("my_duo",
+            name="my_duo",
             mount_accessor=userpass.accessor,
             secret_key="8C7THtrIigh2rPZQMbguugt8IUftWhMRCOBzbuyz",
             integration_key="BIACEUEAXI20BNWTEYXT",
             api_hostname="api-2b5c39f5.duosecurity.com")
         ```
-        <!--End PulumiCodeChooser -->
 
         ## Import
 
@@ -360,7 +364,7 @@ class MfaDuo(pulumi.CustomResource):
         :param pulumi.Input[str] name: `(string: <required>)` – Name of the MFA method.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[str] push_info: `(string)` - Push information for Duo.
         :param pulumi.Input[str] secret_key: `(string: <required>)` - Secret key for Duo.
@@ -383,7 +387,6 @@ class MfaDuo(pulumi.CustomResource):
 
         ## Example Usage
 
-        <!--Start PulumiCodeChooser -->
         ```python
         import pulumi
         import pulumi_vault as vault
@@ -391,13 +394,13 @@ class MfaDuo(pulumi.CustomResource):
         userpass = vault.AuthBackend("userpass",
             type="userpass",
             path="userpass")
-        my_duo = vault.MfaDuo("myDuo",
+        my_duo = vault.MfaDuo("my_duo",
+            name="my_duo",
             mount_accessor=userpass.accessor,
             secret_key="8C7THtrIigh2rPZQMbguugt8IUftWhMRCOBzbuyz",
             integration_key="BIACEUEAXI20BNWTEYXT",
             api_hostname="api-2b5c39f5.duosecurity.com")
         ```
-        <!--End PulumiCodeChooser -->
 
         ## Import
 
@@ -488,7 +491,7 @@ class MfaDuo(pulumi.CustomResource):
         :param pulumi.Input[str] name: `(string: <required>)` – Name of the MFA method.
         :param pulumi.Input[str] namespace: The namespace to provision the resource in.
                The value should not contain leading or trailing forward slashes.
-               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+               The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
         :param pulumi.Input[str] push_info: `(string)` - Push information for Duo.
         :param pulumi.Input[str] secret_key: `(string: <required>)` - Secret key for Duo.
@@ -550,7 +553,7 @@ class MfaDuo(pulumi.CustomResource):
         """
         The namespace to provision the resource in.
         The value should not contain leading or trailing forward slashes.
-        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault#namespace).
+        The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
         *Available only for Vault Enterprise*.
         """
         return pulumi.get(self, "namespace")