pulumi-vault 6.4.0__py3-none-any.whl → 6.4.0a1723820369__py3-none-any.whl

pulumi_vault/database/outputs.py

@@ -4,14 +4,9 @@
 
 import copy
 import warnings
-import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
-if sys.version_info >= (3, 11):
-    from typing import NotRequired, TypedDict, TypeAlias
-else:
-    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 
 __all__ = [
@@ -68,8 +63,6 @@ class SecretBackendConnectionCassandra(dict):
             suggest = "pem_json"
         elif key == "protocolVersion":
             suggest = "protocol_version"
-        elif key == "skipVerification":
-            suggest = "skip_verification"
 
         if suggest:
             pulumi.log.warn(f"Key '{key}' not found in SecretBackendConnectionCassandra. Access the value via the '{suggest}' property getter instead.")
@@ -91,7 +84,6 @@ class SecretBackendConnectionCassandra(dict):
                  pem_json: Optional[str] = None,
                  port: Optional[int] = None,
                  protocol_version: Optional[int] = None,
-                 skip_verification: Optional[bool] = None,
                  tls: Optional[bool] = None,
                  username: Optional[str] = None):
         """
@@ -103,7 +95,6 @@ class SecretBackendConnectionCassandra(dict):
         :param str pem_json: Specifies JSON containing a certificate and private key; a certificate, private key, and issuing CA certificate; or just a CA certificate.
         :param int port: The transport port to use to connect to Cassandra.
         :param int protocol_version: The CQL protocol version to use.
-        :param bool skip_verification: Skip permissions checks when a connection to Cassandra is first created. These checks ensure that Vault is able to create roles, but can be resource intensive in clusters with many roles.
         :param bool tls: Whether to use TLS when connecting to Cassandra.
         :param str username: The username to use when authenticating with Cassandra.
         """
@@ -123,8 +114,6 @@ class SecretBackendConnectionCassandra(dict):
             pulumi.set(__self__, "port", port)
         if protocol_version is not None:
             pulumi.set(__self__, "protocol_version", protocol_version)
-        if skip_verification is not None:
-            pulumi.set(__self__, "skip_verification", skip_verification)
         if tls is not None:
             pulumi.set(__self__, "tls", tls)
         if username is not None:
@@ -194,14 +183,6 @@ class SecretBackendConnectionCassandra(dict):
         """
         return pulumi.get(self, "protocol_version")
 
-    @property
-    @pulumi.getter(name="skipVerification")
-    def skip_verification(self) -> Optional[bool]:
-        """
-        Skip permissions checks when a connection to Cassandra is first created. These checks ensure that Vault is able to create roles, but can be resource intensive in clusters with many roles.
-        """
-        return pulumi.get(self, "skip_verification")
-
     @property
     @pulumi.getter
     def tls(self) -> Optional[bool]:
@@ -1928,16 +1909,8 @@ class SecretBackendConnectionPostgresql(dict):
             suggest = "max_idle_connections"
         elif key == "maxOpenConnections":
             suggest = "max_open_connections"
-        elif key == "privateKey":
-            suggest = "private_key"
-        elif key == "selfManaged":
-            suggest = "self_managed"
         elif key == "serviceAccountJson":
             suggest = "service_account_json"
-        elif key == "tlsCa":
-            suggest = "tls_ca"
-        elif key == "tlsCertificate":
-            suggest = "tls_certificate"
         elif key == "usernameTemplate":
             suggest = "username_template"
 
@@ -1960,11 +1933,7 @@ class SecretBackendConnectionPostgresql(dict):
                  max_idle_connections: Optional[int] = None,
                  max_open_connections: Optional[int] = None,
                  password: Optional[str] = None,
-                 private_key: Optional[str] = None,
-                 self_managed: Optional[bool] = None,
                  service_account_json: Optional[str] = None,
-                 tls_ca: Optional[str] = None,
-                 tls_certificate: Optional[str] = None,
                  username: Optional[str] = None,
                  username_template: Optional[str] = None):
         """
@@ -1975,11 +1944,7 @@ class SecretBackendConnectionPostgresql(dict):
         :param int max_idle_connections: Maximum number of idle connections to the database.
         :param int max_open_connections: Maximum number of open connections to the database.
         :param str password: The root credential password used in the connection URL
-        :param str private_key: The secret key used for the x509 client certificate. Must be PEM encoded.
-        :param bool self_managed: If set, allows onboarding static roles with a rootless connection configuration.
         :param str service_account_json: A JSON encoded credential for use with IAM authorization
-        :param str tls_ca: The x509 CA file for validating the certificate presented by the PostgreSQL server. Must be PEM encoded.
-        :param str tls_certificate: The x509 client certificate for connecting to the database. Must be PEM encoded.
         :param str username: The root credential username used in the connection URL
         :param str username_template: Username generation template.
         """
@@ -1997,16 +1962,8 @@ class SecretBackendConnectionPostgresql(dict):
             pulumi.set(__self__, "max_open_connections", max_open_connections)
         if password is not None:
             pulumi.set(__self__, "password", password)
-        if private_key is not None:
-            pulumi.set(__self__, "private_key", private_key)
-        if self_managed is not None:
-            pulumi.set(__self__, "self_managed", self_managed)
         if service_account_json is not None:
             pulumi.set(__self__, "service_account_json", service_account_json)
-        if tls_ca is not None:
-            pulumi.set(__self__, "tls_ca", tls_ca)
-        if tls_certificate is not None:
-            pulumi.set(__self__, "tls_certificate", tls_certificate)
         if username is not None:
             pulumi.set(__self__, "username", username)
         if username_template is not None:
@@ -2068,22 +2025,6 @@ class SecretBackendConnectionPostgresql(dict):
         """
         return pulumi.get(self, "password")
 
-    @property
-    @pulumi.getter(name="privateKey")
-    def private_key(self) -> Optional[str]:
-        """
-        The secret key used for the x509 client certificate. Must be PEM encoded.
-        """
-        return pulumi.get(self, "private_key")
-
-    @property
-    @pulumi.getter(name="selfManaged")
-    def self_managed(self) -> Optional[bool]:
-        """
-        If set, allows onboarding static roles with a rootless connection configuration.
-        """
-        return pulumi.get(self, "self_managed")
-
     @property
     @pulumi.getter(name="serviceAccountJson")
     def service_account_json(self) -> Optional[str]:
@@ -2092,22 +2033,6 @@ class SecretBackendConnectionPostgresql(dict):
         """
         return pulumi.get(self, "service_account_json")
 
-    @property
-    @pulumi.getter(name="tlsCa")
-    def tls_ca(self) -> Optional[str]:
-        """
-        The x509 CA file for validating the certificate presented by the PostgreSQL server. Must be PEM encoded.
-        """
-        return pulumi.get(self, "tls_ca")
-
-    @property
-    @pulumi.getter(name="tlsCertificate")
-    def tls_certificate(self) -> Optional[str]:
-        """
-        The x509 client certificate for connecting to the database. Must be PEM encoded.
-        """
-        return pulumi.get(self, "tls_certificate")
-
     @property
     @pulumi.getter
     def username(self) -> Optional[str]:
@@ -2553,8 +2478,6 @@ class SecretsMountCassandra(dict):
             suggest = "protocol_version"
         elif key == "rootRotationStatements":
             suggest = "root_rotation_statements"
-        elif key == "skipVerification":
-            suggest = "skip_verification"
         elif key == "verifyConnection":
             suggest = "verify_connection"
 
@@ -2583,7 +2506,6 @@ class SecretsMountCassandra(dict):
                  port: Optional[int] = None,
                  protocol_version: Optional[int] = None,
                  root_rotation_statements: Optional[Sequence[str]] = None,
-                 skip_verification: Optional[bool] = None,
                  tls: Optional[bool] = None,
                  username: Optional[str] = None,
                  verify_connection: Optional[bool] = None):
@@ -2604,7 +2526,6 @@ class SecretsMountCassandra(dict):
         :param int port: The transport port to use to connect to Cassandra.
         :param int protocol_version: The CQL protocol version to use.
         :param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
-        :param bool skip_verification: Skip permissions checks when a connection to Cassandra is first created. These checks ensure that Vault is able to create roles, but can be resource intensive in clusters with many roles.
         :param bool tls: Whether to use TLS when connecting to Cassandra.
         :param str username: The username to use when authenticating with Cassandra.
         :param bool verify_connection: Whether the connection should be verified on
@@ -2635,8 +2556,6 @@ class SecretsMountCassandra(dict):
             pulumi.set(__self__, "protocol_version", protocol_version)
         if root_rotation_statements is not None:
             pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
-        if skip_verification is not None:
-            pulumi.set(__self__, "skip_verification", skip_verification)
         if tls is not None:
             pulumi.set(__self__, "tls", tls)
         if username is not None:
@@ -2751,14 +2670,6 @@ class SecretsMountCassandra(dict):
         """
         return pulumi.get(self, "root_rotation_statements")
 
-    @property
-    @pulumi.getter(name="skipVerification")
-    def skip_verification(self) -> Optional[bool]:
-        """
-        Skip permissions checks when a connection to Cassandra is first created. These checks ensure that Vault is able to create roles, but can be resource intensive in clusters with many roles.
-        """
-        return pulumi.get(self, "skip_verification")
-
     @property
     @pulumi.getter
     def tls(self) -> Optional[bool]:
@@ -5542,18 +5453,10 @@ class SecretsMountPostgresql(dict):
             suggest = "max_open_connections"
         elif key == "pluginName":
             suggest = "plugin_name"
-        elif key == "privateKey":
-            suggest = "private_key"
         elif key == "rootRotationStatements":
             suggest = "root_rotation_statements"
-        elif key == "selfManaged":
-            suggest = "self_managed"
         elif key == "serviceAccountJson":
             suggest = "service_account_json"
-        elif key == "tlsCa":
-            suggest = "tls_ca"
-        elif key == "tlsCertificate":
-            suggest = "tls_certificate"
         elif key == "usernameTemplate":
             suggest = "username_template"
         elif key == "verifyConnection":
@@ -5582,12 +5485,8 @@ class SecretsMountPostgresql(dict):
                  max_open_connections: Optional[int] = None,
                  password: Optional[str] = None,
                  plugin_name: Optional[str] = None,
-                 private_key: Optional[str] = None,
                  root_rotation_statements: Optional[Sequence[str]] = None,
-                 self_managed: Optional[bool] = None,
                  service_account_json: Optional[str] = None,
-                 tls_ca: Optional[str] = None,
-                 tls_certificate: Optional[str] = None,
                  username: Optional[str] = None,
                  username_template: Optional[str] = None,
                  verify_connection: Optional[bool] = None):
@@ -5606,12 +5505,8 @@ class SecretsMountPostgresql(dict):
         :param int max_open_connections: Maximum number of open connections to the database.
         :param str password: The root credential password used in the connection URL
         :param str plugin_name: Specifies the name of the plugin to use.
-        :param str private_key: The secret key used for the x509 client certificate. Must be PEM encoded.
         :param Sequence[str] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
-        :param bool self_managed: If set, allows onboarding static roles with a rootless connection configuration.
         :param str service_account_json: A JSON encoded credential for use with IAM authorization
-        :param str tls_ca: The x509 CA file for validating the certificate presented by the PostgreSQL server. Must be PEM encoded.
-        :param str tls_certificate: The x509 client certificate for connecting to the database. Must be PEM encoded.
         :param str username: The root credential username used in the connection URL
         :param str username_template: Username generation template.
         :param bool verify_connection: Whether the connection should be verified on
@@ -5638,18 +5533,10 @@ class SecretsMountPostgresql(dict):
             pulumi.set(__self__, "password", password)
         if plugin_name is not None:
             pulumi.set(__self__, "plugin_name", plugin_name)
-        if private_key is not None:
-            pulumi.set(__self__, "private_key", private_key)
         if root_rotation_statements is not None:
             pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
-        if self_managed is not None:
-            pulumi.set(__self__, "self_managed", self_managed)
         if service_account_json is not None:
             pulumi.set(__self__, "service_account_json", service_account_json)
-        if tls_ca is not None:
-            pulumi.set(__self__, "tls_ca", tls_ca)
-        if tls_certificate is not None:
-            pulumi.set(__self__, "tls_certificate", tls_certificate)
         if username is not None:
             pulumi.set(__self__, "username", username)
         if username_template is not None:
@@ -5748,14 +5635,6 @@ class SecretsMountPostgresql(dict):
         """
         return pulumi.get(self, "plugin_name")
 
-    @property
-    @pulumi.getter(name="privateKey")
-    def private_key(self) -> Optional[str]:
-        """
-        The secret key used for the x509 client certificate. Must be PEM encoded.
-        """
-        return pulumi.get(self, "private_key")
-
     @property
     @pulumi.getter(name="rootRotationStatements")
     def root_rotation_statements(self) -> Optional[Sequence[str]]:
@@ -5764,14 +5643,6 @@ class SecretsMountPostgresql(dict):
         """
         return pulumi.get(self, "root_rotation_statements")
 
-    @property
-    @pulumi.getter(name="selfManaged")
-    def self_managed(self) -> Optional[bool]:
-        """
-        If set, allows onboarding static roles with a rootless connection configuration.
-        """
-        return pulumi.get(self, "self_managed")
-
     @property
     @pulumi.getter(name="serviceAccountJson")
     def service_account_json(self) -> Optional[str]:
@@ -5780,22 +5651,6 @@ class SecretsMountPostgresql(dict):
         """
         return pulumi.get(self, "service_account_json")
 
-    @property
-    @pulumi.getter(name="tlsCa")
-    def tls_ca(self) -> Optional[str]:
-        """
-        The x509 CA file for validating the certificate presented by the PostgreSQL server. Must be PEM encoded.
-        """
-        return pulumi.get(self, "tls_ca")
-
-    @property
-    @pulumi.getter(name="tlsCertificate")
-    def tls_certificate(self) -> Optional[str]:
-        """
-        The x509 client certificate for connecting to the database. Must be PEM encoded.
-        """
-        return pulumi.get(self, "tls_certificate")
-
     @property
     @pulumi.getter
     def username(self) -> Optional[str]:

pulumi_vault/database/secret_backend_connection.py

@@ -4,14 +4,9 @@
 
 import copy
 import warnings
-import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
-if sys.version_info >= (3, 11):
-    from typing import NotRequired, TypedDict, TypeAlias
-else:
-    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 from . import outputs
 from ._inputs import *

pulumi_vault/database/secret_backend_role.py

@@ -4,14 +4,9 @@
 
 import copy
 import warnings
-import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
-if sys.version_info >= (3, 11):
-    from typing import NotRequired, TypedDict, TypeAlias
-else:
-    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 
 __all__ = ['SecretBackendRoleArgs', 'SecretBackendRole']

pulumi_vault/database/secret_backend_static_role.py

@@ -4,14 +4,9 @@
 
 import copy
 import warnings
-import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
-if sys.version_info >= (3, 11):
-    from typing import NotRequired, TypedDict, TypeAlias
-else:
-    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 
 __all__ = ['SecretBackendStaticRoleArgs', 'SecretBackendStaticRole']
@@ -27,8 +22,7 @@ class SecretBackendStaticRoleArgs:
                  rotation_period: Optional[pulumi.Input[int]] = None,
                  rotation_schedule: Optional[pulumi.Input[str]] = None,
                  rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
-                 rotation_window: Optional[pulumi.Input[int]] = None,
-                 self_managed_password: Optional[pulumi.Input[str]] = None):
+                 rotation_window: Optional[pulumi.Input[int]] = None):
         """
         The set of arguments for constructing a SecretBackendStaticRole resource.
         :param pulumi.Input[str] backend: The unique name of the Vault mount to configure.
@@ -49,9 +43,6 @@ class SecretBackendStaticRoleArgs:
         :param pulumi.Input[Sequence[pulumi.Input[str]]] rotation_statements: Database statements to execute to rotate the password for the configured database user.
         :param pulumi.Input[int] rotation_window: The amount of time, in seconds, in which rotations are allowed to occur starting
                from a given `rotation_schedule`.
-        :param pulumi.Input[str] self_managed_password: The password corresponding to the username in the database.
-               Required when using the Rootless Password Rotation workflow for static roles. Only enabled for
-               select DB engines (Postgres). Requires Vault 1.18+ Enterprise.
         """
         pulumi.set(__self__, "backend", backend)
         pulumi.set(__self__, "db_name", db_name)
@@ -68,8 +59,6 @@ class SecretBackendStaticRoleArgs:
             pulumi.set(__self__, "rotation_statements", rotation_statements)
         if rotation_window is not None:
             pulumi.set(__self__, "rotation_window", rotation_window)
-        if self_managed_password is not None:
-            pulumi.set(__self__, "self_managed_password", self_managed_password)
 
     @property
     @pulumi.getter
@@ -188,20 +177,6 @@ class SecretBackendStaticRoleArgs:
     def rotation_window(self, value: Optional[pulumi.Input[int]]):
         pulumi.set(self, "rotation_window", value)
 
-    @property
-    @pulumi.getter(name="selfManagedPassword")
-    def self_managed_password(self) -> Optional[pulumi.Input[str]]:
-        """
-        The password corresponding to the username in the database.
-        Required when using the Rootless Password Rotation workflow for static roles. Only enabled for
-        select DB engines (Postgres). Requires Vault 1.18+ Enterprise.
-        """
-        return pulumi.get(self, "self_managed_password")
-
-    @self_managed_password.setter
-    def self_managed_password(self, value: Optional[pulumi.Input[str]]):
-        pulumi.set(self, "self_managed_password", value)
-
 
 @pulumi.input_type
 class _SecretBackendStaticRoleState:
@@ -214,7 +189,6 @@ class _SecretBackendStaticRoleState:
                  rotation_schedule: Optional[pulumi.Input[str]] = None,
                  rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                  rotation_window: Optional[pulumi.Input[int]] = None,
-                 self_managed_password: Optional[pulumi.Input[str]] = None,
                  username: Optional[pulumi.Input[str]] = None):
         """
         Input properties used for looking up and filtering SecretBackendStaticRole resources.
@@ -235,9 +209,6 @@ class _SecretBackendStaticRoleState:
         :param pulumi.Input[Sequence[pulumi.Input[str]]] rotation_statements: Database statements to execute to rotate the password for the configured database user.
         :param pulumi.Input[int] rotation_window: The amount of time, in seconds, in which rotations are allowed to occur starting
                from a given `rotation_schedule`.
-        :param pulumi.Input[str] self_managed_password: The password corresponding to the username in the database.
-               Required when using the Rootless Password Rotation workflow for static roles. Only enabled for
-               select DB engines (Postgres). Requires Vault 1.18+ Enterprise.
         :param pulumi.Input[str] username: The database username that this static role corresponds to.
         """
         if backend is not None:
@@ -256,8 +227,6 @@ class _SecretBackendStaticRoleState:
             pulumi.set(__self__, "rotation_statements", rotation_statements)
         if rotation_window is not None:
             pulumi.set(__self__, "rotation_window", rotation_window)
-        if self_managed_password is not None:
-            pulumi.set(__self__, "self_managed_password", self_managed_password)
         if username is not None:
             pulumi.set(__self__, "username", username)
 
@@ -366,20 +335,6 @@ class _SecretBackendStaticRoleState:
     def rotation_window(self, value: Optional[pulumi.Input[int]]):
         pulumi.set(self, "rotation_window", value)
 
-    @property
-    @pulumi.getter(name="selfManagedPassword")
-    def self_managed_password(self) -> Optional[pulumi.Input[str]]:
-        """
-        The password corresponding to the username in the database.
-        Required when using the Rootless Password Rotation workflow for static roles. Only enabled for
-        select DB engines (Postgres). Requires Vault 1.18+ Enterprise.
-        """
-        return pulumi.get(self, "self_managed_password")
-
-    @self_managed_password.setter
-    def self_managed_password(self, value: Optional[pulumi.Input[str]]):
-        pulumi.set(self, "self_managed_password", value)
-
     @property
     @pulumi.getter
     def username(self) -> Optional[pulumi.Input[str]]:
@@ -406,7 +361,6 @@ class SecretBackendStaticRole(pulumi.CustomResource):
                  rotation_schedule: Optional[pulumi.Input[str]] = None,
                  rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                  rotation_window: Optional[pulumi.Input[int]] = None,
-                 self_managed_password: Optional[pulumi.Input[str]] = None,
                  username: Optional[pulumi.Input[str]] = None,
                  __props__=None):
         """
@@ -476,9 +430,6 @@ class SecretBackendStaticRole(pulumi.CustomResource):
         :param pulumi.Input[Sequence[pulumi.Input[str]]] rotation_statements: Database statements to execute to rotate the password for the configured database user.
         :param pulumi.Input[int] rotation_window: The amount of time, in seconds, in which rotations are allowed to occur starting
                from a given `rotation_schedule`.
-        :param pulumi.Input[str] self_managed_password: The password corresponding to the username in the database.
-               Required when using the Rootless Password Rotation workflow for static roles. Only enabled for
-               select DB engines (Postgres). Requires Vault 1.18+ Enterprise.
         :param pulumi.Input[str] username: The database username that this static role corresponds to.
         """
         ...
@@ -558,7 +509,6 @@ class SecretBackendStaticRole(pulumi.CustomResource):
                  rotation_schedule: Optional[pulumi.Input[str]] = None,
                  rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                  rotation_window: Optional[pulumi.Input[int]] = None,
-                 self_managed_password: Optional[pulumi.Input[str]] = None,
                  username: Optional[pulumi.Input[str]] = None,
                  __props__=None):
         opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
@@ -581,12 +531,9 @@ class SecretBackendStaticRole(pulumi.CustomResource):
             __props__.__dict__["rotation_schedule"] = rotation_schedule
             __props__.__dict__["rotation_statements"] = rotation_statements
             __props__.__dict__["rotation_window"] = rotation_window
-            __props__.__dict__["self_managed_password"] = None if self_managed_password is None else pulumi.Output.secret(self_managed_password)
             if username is None and not opts.urn:
                 raise TypeError("Missing required property 'username'")
             __props__.__dict__["username"] = username
-        secret_opts = pulumi.ResourceOptions(additional_secret_outputs=["selfManagedPassword"])
-        opts = pulumi.ResourceOptions.merge(opts, secret_opts)
         super(SecretBackendStaticRole, __self__).__init__(
             'vault:database/secretBackendStaticRole:SecretBackendStaticRole',
             resource_name,
@@ -605,7 +552,6 @@ class SecretBackendStaticRole(pulumi.CustomResource):
             rotation_schedule: Optional[pulumi.Input[str]] = None,
             rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
             rotation_window: Optional[pulumi.Input[int]] = None,
-            self_managed_password: Optional[pulumi.Input[str]] = None,
             username: Optional[pulumi.Input[str]] = None) -> 'SecretBackendStaticRole':
         """
         Get an existing SecretBackendStaticRole resource's state with the given name, id, and optional extra
@@ -631,9 +577,6 @@ class SecretBackendStaticRole(pulumi.CustomResource):
         :param pulumi.Input[Sequence[pulumi.Input[str]]] rotation_statements: Database statements to execute to rotate the password for the configured database user.
         :param pulumi.Input[int] rotation_window: The amount of time, in seconds, in which rotations are allowed to occur starting
                from a given `rotation_schedule`.
-        :param pulumi.Input[str] self_managed_password: The password corresponding to the username in the database.
-               Required when using the Rootless Password Rotation workflow for static roles. Only enabled for
-               select DB engines (Postgres). Requires Vault 1.18+ Enterprise.
         :param pulumi.Input[str] username: The database username that this static role corresponds to.
         """
         opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
@@ -648,7 +591,6 @@ class SecretBackendStaticRole(pulumi.CustomResource):
         __props__.__dict__["rotation_schedule"] = rotation_schedule
         __props__.__dict__["rotation_statements"] = rotation_statements
         __props__.__dict__["rotation_window"] = rotation_window
-        __props__.__dict__["self_managed_password"] = self_managed_password
         __props__.__dict__["username"] = username
         return SecretBackendStaticRole(resource_name, opts=opts, __props__=__props__)
 
@@ -725,16 +667,6 @@ class SecretBackendStaticRole(pulumi.CustomResource):
         """
         return pulumi.get(self, "rotation_window")
 
-    @property
-    @pulumi.getter(name="selfManagedPassword")
-    def self_managed_password(self) -> pulumi.Output[Optional[str]]:
-        """
-        The password corresponding to the username in the database.
-        Required when using the Rootless Password Rotation workflow for static roles. Only enabled for
-        select DB engines (Postgres). Requires Vault 1.18+ Enterprise.
-        """
-        return pulumi.get(self, "self_managed_password")
-
     @property
     @pulumi.getter
     def username(self) -> pulumi.Output[str]:

pulumi_vault/database/secrets_mount.py

@@ -4,14 +4,9 @@
 
 import copy
 import warnings
-import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
-if sys.version_info >= (3, 11):
-    from typing import NotRequired, TypedDict, TypeAlias
-else:
-    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 from . import outputs
 from ._inputs import *

pulumi_vault/egp_policy.py

@@ -4,14 +4,9 @@
 
 import copy
 import warnings
-import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
-if sys.version_info >= (3, 11):
-    from typing import NotRequired, TypedDict, TypeAlias
-else:
-    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from . import _utilities
 
 __all__ = ['EgpPolicyArgs', 'EgpPolicy']