pulumi-vault 6.1.1a1717550614__py3-none-any.whl → 6.2.0a1712470779__py3-none-any.whl

pulumi_vault/ldap/secret_backend_static_role.py

@@ -292,6 +292,7 @@ class SecretBackendStaticRole(pulumi.CustomResource):
         """
         ## Example Usage
 
+        <!--Start PulumiCodeChooser -->
         ```python
         import pulumi
         import pulumi_vault as vault
@@ -310,6 +311,7 @@ class SecretBackendStaticRole(pulumi.CustomResource):
             role_name="alice",
             rotation_period=60)
         ```
+        <!--End PulumiCodeChooser -->
 
         ## Import
 
@@ -346,6 +348,7 @@ class SecretBackendStaticRole(pulumi.CustomResource):
         """
         ## Example Usage
 
+        <!--Start PulumiCodeChooser -->
         ```python
         import pulumi
         import pulumi_vault as vault
@@ -364,6 +367,7 @@ class SecretBackendStaticRole(pulumi.CustomResource):
             role_name="alice",
             rotation_period=60)
         ```
+        <!--End PulumiCodeChooser -->
 
         ## Import
 

pulumi_vault/managed/_inputs.py

@@ -33,19 +33,26 @@ class KeysAwArgs:
                  region: Optional[pulumi.Input[str]] = None,
                  uuid: Optional[pulumi.Input[str]] = None):
         """
-        :param pulumi.Input[str] access_key: The AWS access key to use
-        :param pulumi.Input[str] key_bits: The size in bits for an RSA key. This field is required when 'key_type' is 'RSA'
-        :param pulumi.Input[str] key_type: The type of key to use
-        :param pulumi.Input[str] kms_key: An identifier for the key
-        :param pulumi.Input[str] name: A unique lowercase name that serves as identifying the key
-        :param pulumi.Input[str] secret_key: The AWS secret key to use
-        :param pulumi.Input[bool] allow_generate_key: If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
-        :param pulumi.Input[bool] allow_replace_key: Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
-        :param pulumi.Input[bool] allow_store_key: Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
-        :param pulumi.Input[bool] any_mount: Allow usage from any mount point within the namespace if 'true'
-        :param pulumi.Input[str] curve: The curve to use for an ECDSA key. Used when key_type is 'ECDSA'. Required if 'allow_generate_key' is true
-        :param pulumi.Input[str] endpoint: Used to specify a custom AWS endpoint
-        :param pulumi.Input[str] region: The AWS region where the keys are stored (or will be stored)
+        :param pulumi.Input[str] access_key: The AWS access key to use.
+        :param pulumi.Input[str] key_bits: The size in bits for an RSA key.
+        :param pulumi.Input[str] key_type: The type of key to use.
+        :param pulumi.Input[str] kms_key: An identifier for the key.
+        :param pulumi.Input[str] name: A unique lowercase name that serves as identifying the key.
+        :param pulumi.Input[str] secret_key: The AWS access key to use.
+        :param pulumi.Input[bool] allow_generate_key: If no existing key can be found in 
+               the referenced backend, instructs Vault to generate a key within the backend.
+        :param pulumi.Input[bool] allow_replace_key: Controls the ability for Vault to replace through
+               generation or importing a key into the configured backend even
+               if a key is present, if set to `false` those operations are forbidden
+               if a key exists.
+        :param pulumi.Input[bool] allow_store_key: Controls the ability for Vault to import a key to the
+               configured backend, if `false`, those operations will be forbidden.
+        :param pulumi.Input[bool] any_mount: If `true`, allows usage from any mount point within the
+               namespace.
+        :param pulumi.Input[str] curve: The curve to use for an ECDSA key. Used when `key_type` 
+               is `ECDSA`. Required if `allow_generate_key` is `true`.
+        :param pulumi.Input[str] endpoint: Used to specify a custom AWS endpoint.
+        :param pulumi.Input[str] region: The AWS region where the keys are stored (or will be stored).
         :param pulumi.Input[str] uuid: ID of the managed key read from Vault
         """
         pulumi.set(__self__, "access_key", access_key)
@@ -75,7 +82,7 @@ class KeysAwArgs:
     @pulumi.getter(name="accessKey")
     def access_key(self) -> pulumi.Input[str]:
         """
-        The AWS access key to use
+        The AWS access key to use.
         """
         return pulumi.get(self, "access_key")
 
@@ -87,7 +94,7 @@ class KeysAwArgs:
     @pulumi.getter(name="keyBits")
     def key_bits(self) -> pulumi.Input[str]:
         """
-        The size in bits for an RSA key. This field is required when 'key_type' is 'RSA'
+        The size in bits for an RSA key.
         """
         return pulumi.get(self, "key_bits")
 
@@ -99,7 +106,7 @@ class KeysAwArgs:
     @pulumi.getter(name="keyType")
     def key_type(self) -> pulumi.Input[str]:
         """
-        The type of key to use
+        The type of key to use.
         """
         return pulumi.get(self, "key_type")
 
@@ -111,7 +118,7 @@ class KeysAwArgs:
     @pulumi.getter(name="kmsKey")
     def kms_key(self) -> pulumi.Input[str]:
         """
-        An identifier for the key
+        An identifier for the key.
         """
         return pulumi.get(self, "kms_key")
 
@@ -123,7 +130,7 @@ class KeysAwArgs:
     @pulumi.getter
     def name(self) -> pulumi.Input[str]:
         """
-        A unique lowercase name that serves as identifying the key
+        A unique lowercase name that serves as identifying the key.
         """
         return pulumi.get(self, "name")
 
@@ -135,7 +142,7 @@ class KeysAwArgs:
     @pulumi.getter(name="secretKey")
     def secret_key(self) -> pulumi.Input[str]:
         """
-        The AWS secret key to use
+        The AWS access key to use.
         """
         return pulumi.get(self, "secret_key")
 
@@ -147,7 +154,8 @@ class KeysAwArgs:
     @pulumi.getter(name="allowGenerateKey")
     def allow_generate_key(self) -> Optional[pulumi.Input[bool]]:
         """
-        If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
+        If no existing key can be found in 
+        the referenced backend, instructs Vault to generate a key within the backend.
         """
         return pulumi.get(self, "allow_generate_key")
 
@@ -159,7 +167,10 @@ class KeysAwArgs:
     @pulumi.getter(name="allowReplaceKey")
     def allow_replace_key(self) -> Optional[pulumi.Input[bool]]:
         """
-        Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
+        Controls the ability for Vault to replace through
+        generation or importing a key into the configured backend even
+        if a key is present, if set to `false` those operations are forbidden
+        if a key exists.
         """
         return pulumi.get(self, "allow_replace_key")
 
@@ -171,7 +182,8 @@ class KeysAwArgs:
     @pulumi.getter(name="allowStoreKey")
     def allow_store_key(self) -> Optional[pulumi.Input[bool]]:
         """
-        Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
+        Controls the ability for Vault to import a key to the
+        configured backend, if `false`, those operations will be forbidden.
         """
         return pulumi.get(self, "allow_store_key")
 
@@ -183,7 +195,8 @@ class KeysAwArgs:
     @pulumi.getter(name="anyMount")
     def any_mount(self) -> Optional[pulumi.Input[bool]]:
         """
-        Allow usage from any mount point within the namespace if 'true'
+        If `true`, allows usage from any mount point within the
+        namespace.
         """
         return pulumi.get(self, "any_mount")
 
@@ -195,7 +208,8 @@ class KeysAwArgs:
     @pulumi.getter
     def curve(self) -> Optional[pulumi.Input[str]]:
         """
-        The curve to use for an ECDSA key. Used when key_type is 'ECDSA'. Required if 'allow_generate_key' is true
+        The curve to use for an ECDSA key. Used when `key_type` 
+        is `ECDSA`. Required if `allow_generate_key` is `true`.
         """
         return pulumi.get(self, "curve")
 
@@ -207,7 +221,7 @@ class KeysAwArgs:
     @pulumi.getter
     def endpoint(self) -> Optional[pulumi.Input[str]]:
         """
-        Used to specify a custom AWS endpoint
+        Used to specify a custom AWS endpoint.
         """
         return pulumi.get(self, "endpoint")
 
@@ -219,7 +233,7 @@ class KeysAwArgs:
     @pulumi.getter
     def region(self) -> Optional[pulumi.Input[str]]:
         """
-        The AWS region where the keys are stored (or will be stored)
+        The AWS region where the keys are stored (or will be stored).
         """
         return pulumi.get(self, "region")
 
@@ -259,20 +273,26 @@ class KeysAzureArgs:
                  resource: Optional[pulumi.Input[str]] = None,
                  uuid: Optional[pulumi.Input[str]] = None):
         """
-        :param pulumi.Input[str] client_id: The client id for credentials to query the Azure APIs
-        :param pulumi.Input[str] client_secret: The client secret for credentials to query the Azure APIs
-        :param pulumi.Input[str] key_name: The Key Vault key to use for encryption and decryption
-        :param pulumi.Input[str] key_type: The type of key to use
-        :param pulumi.Input[str] name: A unique lowercase name that serves as identifying the key
-        :param pulumi.Input[str] tenant_id: The tenant id for the Azure Active Directory organization
-        :param pulumi.Input[str] vault_name: The Key Vault vault to use the encryption keys for encryption and decryption
-        :param pulumi.Input[bool] allow_generate_key: If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
-        :param pulumi.Input[bool] allow_replace_key: Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
-        :param pulumi.Input[bool] allow_store_key: Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
-        :param pulumi.Input[bool] any_mount: Allow usage from any mount point within the namespace if 'true'
-        :param pulumi.Input[str] environment: The Azure Cloud environment API endpoints to use
-        :param pulumi.Input[str] key_bits: The size in bits for an RSA key. This field is required when 'key_type' is 'RSA' or when 'allow_generate_key' is true
-        :param pulumi.Input[str] resource: The Azure Key Vault resource's DNS Suffix to connect to
+        :param pulumi.Input[str] client_id: The client id for credentials to query the Azure APIs.
+        :param pulumi.Input[str] client_secret: The client secret for credentials to query the Azure APIs.
+        :param pulumi.Input[str] key_name: The Key Vault key to use for encryption and decryption.
+        :param pulumi.Input[str] key_type: The type of key to use.
+        :param pulumi.Input[str] name: A unique lowercase name that serves as identifying the key.
+        :param pulumi.Input[str] tenant_id: The tenant id for the Azure Active Directory organization.
+        :param pulumi.Input[str] vault_name: The Key Vault vault to use for encryption and decryption.
+        :param pulumi.Input[bool] allow_generate_key: If no existing key can be found in 
+               the referenced backend, instructs Vault to generate a key within the backend.
+        :param pulumi.Input[bool] allow_replace_key: Controls the ability for Vault to replace through
+               generation or importing a key into the configured backend even
+               if a key is present, if set to `false` those operations are forbidden
+               if a key exists.
+        :param pulumi.Input[bool] allow_store_key: Controls the ability for Vault to import a key to the
+               configured backend, if `false`, those operations will be forbidden.
+        :param pulumi.Input[bool] any_mount: If `true`, allows usage from any mount point within the
+               namespace.
+        :param pulumi.Input[str] environment: The Azure Cloud environment API endpoints to use.
+        :param pulumi.Input[str] key_bits: The size in bits for an RSA key.
+        :param pulumi.Input[str] resource: The Azure Key Vault resource's DNS Suffix to connect to.
         :param pulumi.Input[str] uuid: ID of the managed key read from Vault
         """
         pulumi.set(__self__, "client_id", client_id)
@@ -303,7 +323,7 @@ class KeysAzureArgs:
     @pulumi.getter(name="clientId")
     def client_id(self) -> pulumi.Input[str]:
         """
-        The client id for credentials to query the Azure APIs
+        The client id for credentials to query the Azure APIs.
         """
         return pulumi.get(self, "client_id")
 
@@ -315,7 +335,7 @@ class KeysAzureArgs:
     @pulumi.getter(name="clientSecret")
     def client_secret(self) -> pulumi.Input[str]:
         """
-        The client secret for credentials to query the Azure APIs
+        The client secret for credentials to query the Azure APIs.
         """
         return pulumi.get(self, "client_secret")
 
@@ -327,7 +347,7 @@ class KeysAzureArgs:
     @pulumi.getter(name="keyName")
     def key_name(self) -> pulumi.Input[str]:
         """
-        The Key Vault key to use for encryption and decryption
+        The Key Vault key to use for encryption and decryption.
         """
         return pulumi.get(self, "key_name")
 
@@ -339,7 +359,7 @@ class KeysAzureArgs:
     @pulumi.getter(name="keyType")
     def key_type(self) -> pulumi.Input[str]:
         """
-        The type of key to use
+        The type of key to use.
         """
         return pulumi.get(self, "key_type")
 
@@ -351,7 +371,7 @@ class KeysAzureArgs:
     @pulumi.getter
     def name(self) -> pulumi.Input[str]:
         """
-        A unique lowercase name that serves as identifying the key
+        A unique lowercase name that serves as identifying the key.
         """
         return pulumi.get(self, "name")
 
@@ -363,7 +383,7 @@ class KeysAzureArgs:
     @pulumi.getter(name="tenantId")
     def tenant_id(self) -> pulumi.Input[str]:
         """
-        The tenant id for the Azure Active Directory organization
+        The tenant id for the Azure Active Directory organization.
         """
         return pulumi.get(self, "tenant_id")
 
@@ -375,7 +395,7 @@ class KeysAzureArgs:
     @pulumi.getter(name="vaultName")
     def vault_name(self) -> pulumi.Input[str]:
         """
-        The Key Vault vault to use the encryption keys for encryption and decryption
+        The Key Vault vault to use for encryption and decryption.
         """
         return pulumi.get(self, "vault_name")
 
@@ -387,7 +407,8 @@ class KeysAzureArgs:
     @pulumi.getter(name="allowGenerateKey")
     def allow_generate_key(self) -> Optional[pulumi.Input[bool]]:
         """
-        If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
+        If no existing key can be found in 
+        the referenced backend, instructs Vault to generate a key within the backend.
         """
         return pulumi.get(self, "allow_generate_key")
 
@@ -399,7 +420,10 @@ class KeysAzureArgs:
     @pulumi.getter(name="allowReplaceKey")
     def allow_replace_key(self) -> Optional[pulumi.Input[bool]]:
         """
-        Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
+        Controls the ability for Vault to replace through
+        generation or importing a key into the configured backend even
+        if a key is present, if set to `false` those operations are forbidden
+        if a key exists.
         """
         return pulumi.get(self, "allow_replace_key")
 
@@ -411,7 +435,8 @@ class KeysAzureArgs:
     @pulumi.getter(name="allowStoreKey")
     def allow_store_key(self) -> Optional[pulumi.Input[bool]]:
         """
-        Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
+        Controls the ability for Vault to import a key to the
+        configured backend, if `false`, those operations will be forbidden.
         """
         return pulumi.get(self, "allow_store_key")
 
@@ -423,7 +448,8 @@ class KeysAzureArgs:
     @pulumi.getter(name="anyMount")
     def any_mount(self) -> Optional[pulumi.Input[bool]]:
         """
-        Allow usage from any mount point within the namespace if 'true'
+        If `true`, allows usage from any mount point within the
+        namespace.
         """
         return pulumi.get(self, "any_mount")
 
@@ -435,7 +461,7 @@ class KeysAzureArgs:
     @pulumi.getter
     def environment(self) -> Optional[pulumi.Input[str]]:
         """
-        The Azure Cloud environment API endpoints to use
+        The Azure Cloud environment API endpoints to use.
         """
         return pulumi.get(self, "environment")
 
@@ -447,7 +473,7 @@ class KeysAzureArgs:
     @pulumi.getter(name="keyBits")
     def key_bits(self) -> Optional[pulumi.Input[str]]:
         """
-        The size in bits for an RSA key. This field is required when 'key_type' is 'RSA' or when 'allow_generate_key' is true
+        The size in bits for an RSA key.
         """
         return pulumi.get(self, "key_bits")
 
@@ -459,7 +485,7 @@ class KeysAzureArgs:
     @pulumi.getter
     def resource(self) -> Optional[pulumi.Input[str]]:
         """
-        The Azure Key Vault resource's DNS Suffix to connect to
+        The Azure Key Vault resource's DNS Suffix to connect to.
         """
         return pulumi.get(self, "resource")
 
@@ -500,21 +526,32 @@ class KeysPkcArgs:
                  token_label: Optional[pulumi.Input[str]] = None,
                  uuid: Optional[pulumi.Input[str]] = None):
         """
-        :param pulumi.Input[str] key_id: The id of a PKCS#11 key to use
-        :param pulumi.Input[str] key_label: The label of the key to use
-        :param pulumi.Input[str] library: The name of the kms_library stanza to use from Vault's config to lookup the local library path
-        :param pulumi.Input[str] mechanism: The encryption/decryption mechanism to use, specified as a hexadecimal (prefixed by 0x) string.
-        :param pulumi.Input[str] name: A unique lowercase name that serves as identifying the key
-        :param pulumi.Input[str] pin: The PIN for login
-        :param pulumi.Input[bool] allow_generate_key: If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
-        :param pulumi.Input[bool] allow_replace_key: Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
-        :param pulumi.Input[bool] allow_store_key: Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
-        :param pulumi.Input[bool] any_mount: Allow usage from any mount point within the namespace if 'true'
-        :param pulumi.Input[str] curve: Supplies the curve value when using the 'CKM_ECDSA' mechanism. Required if 'allow_generate_key' is true
-        :param pulumi.Input[str] force_rw_session: Force all operations to open up a read-write session to the HSM
-        :param pulumi.Input[str] key_bits: Supplies the size in bits of the key when using 'CKM_RSA_PKCS_PSS', 'CKM_RSA_PKCS_OAEP' or 'CKM_RSA_PKCS' as a value for 'mechanism'. Required if 'allow_generate_key' is true
-        :param pulumi.Input[str] slot: The slot number to use, specified as a string in a decimal format (e.g. '2305843009213693953')
-        :param pulumi.Input[str] token_label: The slot token label to use
+        :param pulumi.Input[str] key_id: The id of a PKCS#11 key to use.
+        :param pulumi.Input[str] key_label: The label of the key to use.
+        :param pulumi.Input[str] library: The name of the kms_library stanza to use from Vault's config
+               to lookup the local library path.
+        :param pulumi.Input[str] mechanism: The encryption/decryption mechanism to use, specified as a
+               hexadecimal (prefixed by 0x) string.
+        :param pulumi.Input[str] name: A unique lowercase name that serves as identifying the key.
+        :param pulumi.Input[str] pin: The PIN for login.
+        :param pulumi.Input[bool] allow_generate_key: If no existing key can be found in 
+               the referenced backend, instructs Vault to generate a key within the backend.
+        :param pulumi.Input[bool] allow_replace_key: Controls the ability for Vault to replace through
+               generation or importing a key into the configured backend even
+               if a key is present, if set to `false` those operations are forbidden
+               if a key exists.
+        :param pulumi.Input[bool] allow_store_key: Controls the ability for Vault to import a key to the
+               configured backend, if `false`, those operations will be forbidden.
+        :param pulumi.Input[bool] any_mount: If `true`, allows usage from any mount point within the
+               namespace.
+        :param pulumi.Input[str] curve: The curve to use for an ECDSA key. Used when `key_type` 
+               is `ECDSA`. Required if `allow_generate_key` is `true`.
+        :param pulumi.Input[str] force_rw_session: Force all operations to open up a read-write session to
+               the HSM.
+        :param pulumi.Input[str] key_bits: The size in bits for an RSA key.
+        :param pulumi.Input[str] slot: The slot number to use, specified as a string in a decimal format
+               (e.g. `2305843009213693953`).
+        :param pulumi.Input[str] token_label: The slot token label to use.
         :param pulumi.Input[str] uuid: ID of the managed key read from Vault
         """
         pulumi.set(__self__, "key_id", key_id)
@@ -548,7 +585,7 @@ class KeysPkcArgs:
     @pulumi.getter(name="keyId")
     def key_id(self) -> pulumi.Input[str]:
         """
-        The id of a PKCS#11 key to use
+        The id of a PKCS#11 key to use.
         """
         return pulumi.get(self, "key_id")
 
@@ -560,7 +597,7 @@ class KeysPkcArgs:
     @pulumi.getter(name="keyLabel")
     def key_label(self) -> pulumi.Input[str]:
         """
-        The label of the key to use
+        The label of the key to use.
         """
         return pulumi.get(self, "key_label")
 
@@ -572,7 +609,8 @@ class KeysPkcArgs:
     @pulumi.getter
     def library(self) -> pulumi.Input[str]:
         """
-        The name of the kms_library stanza to use from Vault's config to lookup the local library path
+        The name of the kms_library stanza to use from Vault's config
+        to lookup the local library path.
         """
         return pulumi.get(self, "library")
 
@@ -584,7 +622,8 @@ class KeysPkcArgs:
     @pulumi.getter
     def mechanism(self) -> pulumi.Input[str]:
         """
-        The encryption/decryption mechanism to use, specified as a hexadecimal (prefixed by 0x) string.
+        The encryption/decryption mechanism to use, specified as a
+        hexadecimal (prefixed by 0x) string.
         """
         return pulumi.get(self, "mechanism")
 
@@ -596,7 +635,7 @@ class KeysPkcArgs:
     @pulumi.getter
     def name(self) -> pulumi.Input[str]:
         """
-        A unique lowercase name that serves as identifying the key
+        A unique lowercase name that serves as identifying the key.
         """
         return pulumi.get(self, "name")
 
@@ -608,7 +647,7 @@ class KeysPkcArgs:
     @pulumi.getter
     def pin(self) -> pulumi.Input[str]:
         """
-        The PIN for login
+        The PIN for login.
         """
         return pulumi.get(self, "pin")
 
@@ -620,7 +659,8 @@ class KeysPkcArgs:
     @pulumi.getter(name="allowGenerateKey")
     def allow_generate_key(self) -> Optional[pulumi.Input[bool]]:
         """
-        If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
+        If no existing key can be found in 
+        the referenced backend, instructs Vault to generate a key within the backend.
         """
         return pulumi.get(self, "allow_generate_key")
 
@@ -632,7 +672,10 @@ class KeysPkcArgs:
     @pulumi.getter(name="allowReplaceKey")
     def allow_replace_key(self) -> Optional[pulumi.Input[bool]]:
         """
-        Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
+        Controls the ability for Vault to replace through
+        generation or importing a key into the configured backend even
+        if a key is present, if set to `false` those operations are forbidden
+        if a key exists.
         """
         return pulumi.get(self, "allow_replace_key")
 
@@ -644,7 +687,8 @@ class KeysPkcArgs:
     @pulumi.getter(name="allowStoreKey")
     def allow_store_key(self) -> Optional[pulumi.Input[bool]]:
         """
-        Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
+        Controls the ability for Vault to import a key to the
+        configured backend, if `false`, those operations will be forbidden.
         """
         return pulumi.get(self, "allow_store_key")
 
@@ -656,7 +700,8 @@ class KeysPkcArgs:
     @pulumi.getter(name="anyMount")
     def any_mount(self) -> Optional[pulumi.Input[bool]]:
         """
-        Allow usage from any mount point within the namespace if 'true'
+        If `true`, allows usage from any mount point within the
+        namespace.
         """
         return pulumi.get(self, "any_mount")
 
@@ -668,7 +713,8 @@ class KeysPkcArgs:
     @pulumi.getter
     def curve(self) -> Optional[pulumi.Input[str]]:
         """
-        Supplies the curve value when using the 'CKM_ECDSA' mechanism. Required if 'allow_generate_key' is true
+        The curve to use for an ECDSA key. Used when `key_type` 
+        is `ECDSA`. Required if `allow_generate_key` is `true`.
         """
         return pulumi.get(self, "curve")
 
@@ -680,7 +726,8 @@ class KeysPkcArgs:
     @pulumi.getter(name="forceRwSession")
     def force_rw_session(self) -> Optional[pulumi.Input[str]]:
         """
-        Force all operations to open up a read-write session to the HSM
+        Force all operations to open up a read-write session to
+        the HSM.
         """
         return pulumi.get(self, "force_rw_session")
 
@@ -692,7 +739,7 @@ class KeysPkcArgs:
     @pulumi.getter(name="keyBits")
     def key_bits(self) -> Optional[pulumi.Input[str]]:
         """
-        Supplies the size in bits of the key when using 'CKM_RSA_PKCS_PSS', 'CKM_RSA_PKCS_OAEP' or 'CKM_RSA_PKCS' as a value for 'mechanism'. Required if 'allow_generate_key' is true
+        The size in bits for an RSA key.
         """
         return pulumi.get(self, "key_bits")
 
@@ -704,7 +751,8 @@ class KeysPkcArgs:
     @pulumi.getter
     def slot(self) -> Optional[pulumi.Input[str]]:
         """
-        The slot number to use, specified as a string in a decimal format (e.g. '2305843009213693953')
+        The slot number to use, specified as a string in a decimal format
+        (e.g. `2305843009213693953`).
         """
         return pulumi.get(self, "slot")
 
@@ -716,7 +764,7 @@ class KeysPkcArgs:
     @pulumi.getter(name="tokenLabel")
     def token_label(self) -> Optional[pulumi.Input[str]]:
         """
-        The slot token label to use
+        The slot token label to use.
         """
         return pulumi.get(self, "token_label")
 

pulumi_vault/managed/keys.py

@@ -24,7 +24,10 @@ class KeysArgs:
         The set of arguments for constructing a Keys resource.
         :param pulumi.Input[Sequence[pulumi.Input['KeysAwArgs']]] aws: Configuration block for AWS Managed Keys
         :param pulumi.Input[Sequence[pulumi.Input['KeysAzureArgs']]] azures: Configuration block for Azure Managed Keys
-        :param pulumi.Input[str] namespace: Target namespace. (requires Enterprise)
+        :param pulumi.Input[str] namespace: The namespace to provision the resource in.
+               The value should not contain leading or trailing forward slashes.
+               The `namespace` is always relative to the provider's configured namespace.
+               *Available only for Vault Enterprise*.
         :param pulumi.Input[Sequence[pulumi.Input['KeysPkcArgs']]] pkcs: Configuration block for PKCS Managed Keys
         """
         if aws is not None:
@@ -64,7 +67,10 @@ class KeysArgs:
     @pulumi.getter
     def namespace(self) -> Optional[pulumi.Input[str]]:
         """
-        Target namespace. (requires Enterprise)
+        The namespace to provision the resource in.
+        The value should not contain leading or trailing forward slashes.
+        The `namespace` is always relative to the provider's configured namespace.
+        *Available only for Vault Enterprise*.
         """
         return pulumi.get(self, "namespace")
 
@@ -96,7 +102,10 @@ class _KeysState:
         Input properties used for looking up and filtering Keys resources.
         :param pulumi.Input[Sequence[pulumi.Input['KeysAwArgs']]] aws: Configuration block for AWS Managed Keys
         :param pulumi.Input[Sequence[pulumi.Input['KeysAzureArgs']]] azures: Configuration block for Azure Managed Keys
-        :param pulumi.Input[str] namespace: Target namespace. (requires Enterprise)
+        :param pulumi.Input[str] namespace: The namespace to provision the resource in.
+               The value should not contain leading or trailing forward slashes.
+               The `namespace` is always relative to the provider's configured namespace.
+               *Available only for Vault Enterprise*.
         :param pulumi.Input[Sequence[pulumi.Input['KeysPkcArgs']]] pkcs: Configuration block for PKCS Managed Keys
         """
         if aws is not None:
@@ -136,7 +145,10 @@ class _KeysState:
     @pulumi.getter
     def namespace(self) -> Optional[pulumi.Input[str]]:
         """
-        Target namespace. (requires Enterprise)
+        The namespace to provision the resource in.
+        The value should not contain leading or trailing forward slashes.
+        The `namespace` is always relative to the provider's configured namespace.
+        *Available only for Vault Enterprise*.
         """
         return pulumi.get(self, "namespace")
 
@@ -184,7 +196,10 @@ class Keys(pulumi.CustomResource):
         :param pulumi.ResourceOptions opts: Options for the resource.
         :param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['KeysAwArgs']]]] aws: Configuration block for AWS Managed Keys
         :param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['KeysAzureArgs']]]] azures: Configuration block for Azure Managed Keys
-        :param pulumi.Input[str] namespace: Target namespace. (requires Enterprise)
+        :param pulumi.Input[str] namespace: The namespace to provision the resource in.
+               The value should not contain leading or trailing forward slashes.
+               The `namespace` is always relative to the provider's configured namespace.
+               *Available only for Vault Enterprise*.
         :param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['KeysPkcArgs']]]] pkcs: Configuration block for PKCS Managed Keys
         """
         ...
@@ -261,7 +276,10 @@ class Keys(pulumi.CustomResource):
         :param pulumi.ResourceOptions opts: Options for the resource.
         :param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['KeysAwArgs']]]] aws: Configuration block for AWS Managed Keys
         :param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['KeysAzureArgs']]]] azures: Configuration block for Azure Managed Keys
-        :param pulumi.Input[str] namespace: Target namespace. (requires Enterprise)
+        :param pulumi.Input[str] namespace: The namespace to provision the resource in.
+               The value should not contain leading or trailing forward slashes.
+               The `namespace` is always relative to the provider's configured namespace.
+               *Available only for Vault Enterprise*.
         :param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['KeysPkcArgs']]]] pkcs: Configuration block for PKCS Managed Keys
         """
         opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
@@ -294,7 +312,10 @@ class Keys(pulumi.CustomResource):
     @pulumi.getter
     def namespace(self) -> pulumi.Output[Optional[str]]:
         """
-        Target namespace. (requires Enterprise)
+        The namespace to provision the resource in.
+        The value should not contain leading or trailing forward slashes.
+        The `namespace` is always relative to the provider's configured namespace.
+        *Available only for Vault Enterprise*.
         """
         return pulumi.get(self, "namespace")