pulumi-vault 6.4.0__py3-none-any.whl → 6.4.0a1723820369__py3-none-any.whl

pulumi_vault/identity/group_alias.py

@@ -4,14 +4,9 @@
 
 import copy
 import warnings
-import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
-if sys.version_info >= (3, 11):
-    from typing import NotRequired, TypedDict, TypeAlias
-else:
-    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 
 __all__ = ['GroupAliasArgs', 'GroupAlias']

pulumi_vault/identity/group_member_entity_ids.py

@@ -4,14 +4,9 @@
 
 import copy
 import warnings
-import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
-if sys.version_info >= (3, 11):
-    from typing import NotRequired, TypedDict, TypeAlias
-else:
-    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 
 __all__ = ['GroupMemberEntityIdsArgs', 'GroupMemberEntityIds']

pulumi_vault/identity/group_member_group_ids.py

@@ -4,14 +4,9 @@
 
 import copy
 import warnings
-import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
-if sys.version_info >= (3, 11):
-    from typing import NotRequired, TypedDict, TypeAlias
-else:
-    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 
 __all__ = ['GroupMemberGroupIdsArgs', 'GroupMemberGroupIds']

pulumi_vault/identity/group_policies.py

@@ -4,14 +4,9 @@
 
 import copy
 import warnings
-import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
-if sys.version_info >= (3, 11):
-    from typing import NotRequired, TypedDict, TypeAlias
-else:
-    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 
 __all__ = ['GroupPoliciesArgs', 'GroupPolicies']

pulumi_vault/identity/mfa_duo.py

@@ -4,14 +4,9 @@
 
 import copy
 import warnings
-import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
-if sys.version_info >= (3, 11):
-    from typing import NotRequired, TypedDict, TypeAlias
-else:
-    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 
 __all__ = ['MfaDuoArgs', 'MfaDuo']

pulumi_vault/identity/mfa_login_enforcement.py

@@ -4,14 +4,9 @@
 
 import copy
 import warnings
-import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
-if sys.version_info >= (3, 11):
-    from typing import NotRequired, TypedDict, TypeAlias
-else:
-    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 
 __all__ = ['MfaLoginEnforcementArgs', 'MfaLoginEnforcement']

pulumi_vault/identity/mfa_okta.py

@@ -4,14 +4,9 @@
 
 import copy
 import warnings
-import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
-if sys.version_info >= (3, 11):
-    from typing import NotRequired, TypedDict, TypeAlias
-else:
-    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 
 __all__ = ['MfaOktaArgs', 'MfaOkta']

pulumi_vault/identity/mfa_pingid.py

@@ -4,14 +4,9 @@
 
 import copy
 import warnings
-import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
-if sys.version_info >= (3, 11):
-    from typing import NotRequired, TypedDict, TypeAlias
-else:
-    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 
 __all__ = ['MfaPingidArgs', 'MfaPingid']

pulumi_vault/identity/mfa_totp.py

@@ -4,14 +4,9 @@
 
 import copy
 import warnings
-import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
-if sys.version_info >= (3, 11):
-    from typing import NotRequired, TypedDict, TypeAlias
-else:
-    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 
 __all__ = ['MfaTotpArgs', 'MfaTotp']

pulumi_vault/identity/oidc.py

@@ -4,14 +4,9 @@
 
 import copy
 import warnings
-import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
-if sys.version_info >= (3, 11):
-    from typing import NotRequired, TypedDict, TypeAlias
-else:
-    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 
 __all__ = ['OidcArgs', 'Oidc']

pulumi_vault/identity/oidc_assignment.py

@@ -4,14 +4,9 @@
 
 import copy
 import warnings
-import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
-if sys.version_info >= (3, 11):
-    from typing import NotRequired, TypedDict, TypeAlias
-else:
-    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 
 __all__ = ['OidcAssignmentArgs', 'OidcAssignment']

pulumi_vault/identity/oidc_client.py

@@ -4,14 +4,9 @@
 
 import copy
 import warnings
-import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
-if sys.version_info >= (3, 11):
-    from typing import NotRequired, TypedDict, TypeAlias
-else:
-    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 
 __all__ = ['OidcClientArgs', 'OidcClient']

pulumi_vault/identity/oidc_key.py

@@ -4,14 +4,9 @@
 
 import copy
 import warnings
-import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
-if sys.version_info >= (3, 11):
-    from typing import NotRequired, TypedDict, TypeAlias
-else:
-    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 
 __all__ = ['OidcKeyArgs', 'OidcKey']

pulumi_vault/identity/oidc_key_allowed_client_id.py

@@ -4,14 +4,9 @@
 
 import copy
 import warnings
-import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
-if sys.version_info >= (3, 11):
-    from typing import NotRequired, TypedDict, TypeAlias
-else:
-    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 
 __all__ = ['OidcKeyAllowedClientIDArgs', 'OidcKeyAllowedClientID']

pulumi_vault/identity/oidc_provider.py

@@ -4,14 +4,9 @@
 
 import copy
 import warnings
-import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
-if sys.version_info >= (3, 11):
-    from typing import NotRequired, TypedDict, TypeAlias
-else:
-    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 
 __all__ = ['OidcProviderArgs', 'OidcProvider']

pulumi_vault/identity/oidc_role.py

@@ -4,14 +4,9 @@
 
 import copy
 import warnings
-import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
-if sys.version_info >= (3, 11):
-    from typing import NotRequired, TypedDict, TypeAlias
-else:
-    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 
 __all__ = ['OidcRoleArgs', 'OidcRole']

pulumi_vault/identity/oidc_scope.py

@@ -4,14 +4,9 @@
 
 import copy
 import warnings
-import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
-if sys.version_info >= (3, 11):
-    from typing import NotRequired, TypedDict, TypeAlias
-else:
-    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 
 __all__ = ['OidcScopeArgs', 'OidcScope']

pulumi_vault/identity/outputs.py

@@ -4,14 +4,9 @@
 
 import copy
 import warnings
-import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
-if sys.version_info >= (3, 11):
-    from typing import NotRequired, TypedDict, TypeAlias
-else:
-    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 
 __all__ = [

pulumi_vault/jwt/_inputs.py

@@ -4,70 +4,15 @@
 
 import copy
 import warnings
-import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
-if sys.version_info >= (3, 11):
-    from typing import NotRequired, TypedDict, TypeAlias
-else:
-    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 
 __all__ = [
     'AuthBackendTuneArgs',
-    'AuthBackendTuneArgsDict',
 ]
 
-MYPY = False
-
-if not MYPY:
-    class AuthBackendTuneArgsDict(TypedDict):
-        allowed_response_headers: NotRequired[pulumi.Input[Sequence[pulumi.Input[str]]]]
-        """
-        List of headers to whitelist and allowing
-        a plugin to include them in the response.
-        """
-        audit_non_hmac_request_keys: NotRequired[pulumi.Input[Sequence[pulumi.Input[str]]]]
-        """
-        Specifies the list of keys that will
-        not be HMAC'd by audit devices in the request data object.
-        """
-        audit_non_hmac_response_keys: NotRequired[pulumi.Input[Sequence[pulumi.Input[str]]]]
-        """
-        Specifies the list of keys that will
-        not be HMAC'd by audit devices in the response data object.
-        """
-        default_lease_ttl: NotRequired[pulumi.Input[str]]
-        """
-        Specifies the default time-to-live.
-        If set, this overrides the global default.
-        Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)
-        """
-        listing_visibility: NotRequired[pulumi.Input[str]]
-        """
-        Specifies whether to show this mount in
-        the UI-specific listing endpoint. Valid values are "unauth" or "hidden".
-        """
-        max_lease_ttl: NotRequired[pulumi.Input[str]]
-        """
-        Specifies the maximum time-to-live.
-        If set, this overrides the global default.
-        Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)
-        """
-        passthrough_request_headers: NotRequired[pulumi.Input[Sequence[pulumi.Input[str]]]]
-        """
-        List of headers to whitelist and
-        pass from the request to the backend.
-        """
-        token_type: NotRequired[pulumi.Input[str]]
-        """
-        Specifies the type of tokens that should be returned by
-        the mount. Valid values are "default-service", "default-batch", "service", "batch".
-        """
-elif False:
-    AuthBackendTuneArgsDict: TypeAlias = Mapping[str, Any]
-
 @pulumi.input_type
 class AuthBackendTuneArgs:
     def __init__(__self__, *,

pulumi_vault/jwt/auth_backend.py

@@ -4,14 +4,9 @@
 
 import copy
 import warnings
-import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
-if sys.version_info >= (3, 11):
-    from typing import NotRequired, TypedDict, TypeAlias
-else:
-    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 from . import outputs
 from ._inputs import *

pulumi_vault/jwt/auth_backend_role.py

@@ -4,14 +4,9 @@
 
 import copy
 import warnings
-import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
-if sys.version_info >= (3, 11):
-    from typing import NotRequired, TypedDict, TypeAlias
-else:
-    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 
 __all__ = ['AuthBackendRoleArgs', 'AuthBackendRole']

pulumi_vault/jwt/outputs.py

@@ -4,14 +4,9 @@
 
 import copy
 import warnings
-import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
-if sys.version_info >= (3, 11):
-    from typing import NotRequired, TypedDict, TypeAlias
-else:
-    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 
 __all__ = [

pulumi_vault/kmip/secret_backend.py

@@ -4,14 +4,9 @@
 
 import copy
 import warnings
-import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
-if sys.version_info >= (3, 11):
-    from typing import NotRequired, TypedDict, TypeAlias
-else:
-    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 
 __all__ = ['SecretBackendArgs', 'SecretBackend']

pulumi_vault/kmip/secret_role.py

@@ -4,14 +4,9 @@
 
 import copy
 import warnings
-import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
-if sys.version_info >= (3, 11):
-    from typing import NotRequired, TypedDict, TypeAlias
-else:
-    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 
 __all__ = ['SecretRoleArgs', 'SecretRole']

pulumi_vault/kmip/secret_scope.py

@@ -4,14 +4,9 @@
 
 import copy
 import warnings
-import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
-if sys.version_info >= (3, 11):
-    from typing import NotRequired, TypedDict, TypeAlias
-else:
-    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 
 __all__ = ['SecretScopeArgs', 'SecretScope']

pulumi_vault/kubernetes/auth_backend_config.py

@@ -4,14 +4,9 @@
 
 import copy
 import warnings
-import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
-if sys.version_info >= (3, 11):
-    from typing import NotRequired, TypedDict, TypeAlias
-else:
-    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 
 __all__ = ['AuthBackendConfigArgs', 'AuthBackendConfig']
@@ -27,8 +22,7 @@ class AuthBackendConfigArgs:
                  kubernetes_ca_cert: Optional[pulumi.Input[str]] = None,
                  namespace: Optional[pulumi.Input[str]] = None,
                  pem_keys: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
-                 token_reviewer_jwt: Optional[pulumi.Input[str]] = None,
-                 use_annotations_as_alias_metadata: Optional[pulumi.Input[bool]] = None):
+                 token_reviewer_jwt: Optional[pulumi.Input[str]] = None):
         """
         The set of arguments for constructing a AuthBackendConfig resource.
         :param pulumi.Input[str] kubernetes_host: Host must be a host string, a host:port pair, or a URL to the base of the Kubernetes API server.
@@ -43,7 +37,6 @@ class AuthBackendConfigArgs:
                *Available only for Vault Enterprise*.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] pem_keys: List of PEM-formatted public keys or certificates used to verify the signatures of Kubernetes service account JWTs. If a certificate is given, its public key will be extracted. Not every installation of Kubernetes exposes these keys.
         :param pulumi.Input[str] token_reviewer_jwt: A service account JWT (or other token) used as a bearer token to access the TokenReview API to validate other JWTs during login. If not set the JWT used for login will be used to access the API.
-        :param pulumi.Input[bool] use_annotations_as_alias_metadata: Use annotations from the client token's associated service account as alias metadata for the Vault entity. Requires Vault `v1.16+` or Vault auth kubernetes plugin `v0.18.0+`
         """
         pulumi.set(__self__, "kubernetes_host", kubernetes_host)
         if backend is not None:
@@ -62,8 +55,6 @@ class AuthBackendConfigArgs:
             pulumi.set(__self__, "pem_keys", pem_keys)
         if token_reviewer_jwt is not None:
             pulumi.set(__self__, "token_reviewer_jwt", token_reviewer_jwt)
-        if use_annotations_as_alias_metadata is not None:
-            pulumi.set(__self__, "use_annotations_as_alias_metadata", use_annotations_as_alias_metadata)
 
     @property
     @pulumi.getter(name="kubernetesHost")
@@ -176,18 +167,6 @@ class AuthBackendConfigArgs:
     def token_reviewer_jwt(self, value: Optional[pulumi.Input[str]]):
         pulumi.set(self, "token_reviewer_jwt", value)
 
-    @property
-    @pulumi.getter(name="useAnnotationsAsAliasMetadata")
-    def use_annotations_as_alias_metadata(self) -> Optional[pulumi.Input[bool]]:
-        """
-        Use annotations from the client token's associated service account as alias metadata for the Vault entity. Requires Vault `v1.16+` or Vault auth kubernetes plugin `v0.18.0+`
-        """
-        return pulumi.get(self, "use_annotations_as_alias_metadata")
-
-    @use_annotations_as_alias_metadata.setter
-    def use_annotations_as_alias_metadata(self, value: Optional[pulumi.Input[bool]]):
-        pulumi.set(self, "use_annotations_as_alias_metadata", value)
-
 
 @pulumi.input_type
 class _AuthBackendConfigState:
@@ -200,8 +179,7 @@ class _AuthBackendConfigState:
                  kubernetes_host: Optional[pulumi.Input[str]] = None,
                  namespace: Optional[pulumi.Input[str]] = None,
                  pem_keys: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
-                 token_reviewer_jwt: Optional[pulumi.Input[str]] = None,
-                 use_annotations_as_alias_metadata: Optional[pulumi.Input[bool]] = None):
+                 token_reviewer_jwt: Optional[pulumi.Input[str]] = None):
         """
         Input properties used for looking up and filtering AuthBackendConfig resources.
         :param pulumi.Input[str] backend: Unique name of the kubernetes backend to configure.
@@ -216,7 +194,6 @@ class _AuthBackendConfigState:
                *Available only for Vault Enterprise*.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] pem_keys: List of PEM-formatted public keys or certificates used to verify the signatures of Kubernetes service account JWTs. If a certificate is given, its public key will be extracted. Not every installation of Kubernetes exposes these keys.
         :param pulumi.Input[str] token_reviewer_jwt: A service account JWT (or other token) used as a bearer token to access the TokenReview API to validate other JWTs during login. If not set the JWT used for login will be used to access the API.
-        :param pulumi.Input[bool] use_annotations_as_alias_metadata: Use annotations from the client token's associated service account as alias metadata for the Vault entity. Requires Vault `v1.16+` or Vault auth kubernetes plugin `v0.18.0+`
         """
         if backend is not None:
             pulumi.set(__self__, "backend", backend)
@@ -236,8 +213,6 @@ class _AuthBackendConfigState:
             pulumi.set(__self__, "pem_keys", pem_keys)
         if token_reviewer_jwt is not None:
             pulumi.set(__self__, "token_reviewer_jwt", token_reviewer_jwt)
-        if use_annotations_as_alias_metadata is not None:
-            pulumi.set(__self__, "use_annotations_as_alias_metadata", use_annotations_as_alias_metadata)
 
     @property
     @pulumi.getter
@@ -350,18 +325,6 @@ class _AuthBackendConfigState:
     def token_reviewer_jwt(self, value: Optional[pulumi.Input[str]]):
         pulumi.set(self, "token_reviewer_jwt", value)
 
-    @property
-    @pulumi.getter(name="useAnnotationsAsAliasMetadata")
-    def use_annotations_as_alias_metadata(self) -> Optional[pulumi.Input[bool]]:
-        """
-        Use annotations from the client token's associated service account as alias metadata for the Vault entity. Requires Vault `v1.16+` or Vault auth kubernetes plugin `v0.18.0+`
-        """
-        return pulumi.get(self, "use_annotations_as_alias_metadata")
-
-    @use_annotations_as_alias_metadata.setter
-    def use_annotations_as_alias_metadata(self, value: Optional[pulumi.Input[bool]]):
-        pulumi.set(self, "use_annotations_as_alias_metadata", value)
-
 
 class AuthBackendConfig(pulumi.CustomResource):
     @overload
@@ -377,7 +340,6 @@ class AuthBackendConfig(pulumi.CustomResource):
                  namespace: Optional[pulumi.Input[str]] = None,
                  pem_keys: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                  token_reviewer_jwt: Optional[pulumi.Input[str]] = None,
-                 use_annotations_as_alias_metadata: Optional[pulumi.Input[bool]] = None,
                  __props__=None):
         """
         Manages an Kubernetes auth backend config in a Vault server. See the [Vault
@@ -424,7 +386,6 @@ class AuthBackendConfig(pulumi.CustomResource):
                *Available only for Vault Enterprise*.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] pem_keys: List of PEM-formatted public keys or certificates used to verify the signatures of Kubernetes service account JWTs. If a certificate is given, its public key will be extracted. Not every installation of Kubernetes exposes these keys.
         :param pulumi.Input[str] token_reviewer_jwt: A service account JWT (or other token) used as a bearer token to access the TokenReview API to validate other JWTs during login. If not set the JWT used for login will be used to access the API.
-        :param pulumi.Input[bool] use_annotations_as_alias_metadata: Use annotations from the client token's associated service account as alias metadata for the Vault entity. Requires Vault `v1.16+` or Vault auth kubernetes plugin `v0.18.0+`
         """
         ...
     @overload
@@ -487,7 +448,6 @@ class AuthBackendConfig(pulumi.CustomResource):
                  namespace: Optional[pulumi.Input[str]] = None,
                  pem_keys: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                  token_reviewer_jwt: Optional[pulumi.Input[str]] = None,
-                 use_annotations_as_alias_metadata: Optional[pulumi.Input[bool]] = None,
                  __props__=None):
         opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
         if not isinstance(opts, pulumi.ResourceOptions):
@@ -508,7 +468,6 @@ class AuthBackendConfig(pulumi.CustomResource):
             __props__.__dict__["namespace"] = namespace
             __props__.__dict__["pem_keys"] = pem_keys
             __props__.__dict__["token_reviewer_jwt"] = None if token_reviewer_jwt is None else pulumi.Output.secret(token_reviewer_jwt)
-            __props__.__dict__["use_annotations_as_alias_metadata"] = use_annotations_as_alias_metadata
         secret_opts = pulumi.ResourceOptions(additional_secret_outputs=["tokenReviewerJwt"])
         opts = pulumi.ResourceOptions.merge(opts, secret_opts)
         super(AuthBackendConfig, __self__).__init__(
@@ -529,8 +488,7 @@ class AuthBackendConfig(pulumi.CustomResource):
             kubernetes_host: Optional[pulumi.Input[str]] = None,
             namespace: Optional[pulumi.Input[str]] = None,
             pem_keys: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
-            token_reviewer_jwt: Optional[pulumi.Input[str]] = None,
-            use_annotations_as_alias_metadata: Optional[pulumi.Input[bool]] = None) -> 'AuthBackendConfig':
+            token_reviewer_jwt: Optional[pulumi.Input[str]] = None) -> 'AuthBackendConfig':
         """
         Get an existing AuthBackendConfig resource's state with the given name, id, and optional extra
         properties used to qualify the lookup.
@@ -550,7 +508,6 @@ class AuthBackendConfig(pulumi.CustomResource):
                *Available only for Vault Enterprise*.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] pem_keys: List of PEM-formatted public keys or certificates used to verify the signatures of Kubernetes service account JWTs. If a certificate is given, its public key will be extracted. Not every installation of Kubernetes exposes these keys.
         :param pulumi.Input[str] token_reviewer_jwt: A service account JWT (or other token) used as a bearer token to access the TokenReview API to validate other JWTs during login. If not set the JWT used for login will be used to access the API.
-        :param pulumi.Input[bool] use_annotations_as_alias_metadata: Use annotations from the client token's associated service account as alias metadata for the Vault entity. Requires Vault `v1.16+` or Vault auth kubernetes plugin `v0.18.0+`
         """
         opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
 
@@ -565,7 +522,6 @@ class AuthBackendConfig(pulumi.CustomResource):
         __props__.__dict__["namespace"] = namespace
         __props__.__dict__["pem_keys"] = pem_keys
         __props__.__dict__["token_reviewer_jwt"] = token_reviewer_jwt
-        __props__.__dict__["use_annotations_as_alias_metadata"] = use_annotations_as_alias_metadata
         return AuthBackendConfig(resource_name, opts=opts, __props__=__props__)
 
     @property
@@ -643,11 +599,3 @@ class AuthBackendConfig(pulumi.CustomResource):
         """
         return pulumi.get(self, "token_reviewer_jwt")
 
-    @property
-    @pulumi.getter(name="useAnnotationsAsAliasMetadata")
-    def use_annotations_as_alias_metadata(self) -> pulumi.Output[bool]:
-        """
-        Use annotations from the client token's associated service account as alias metadata for the Vault entity. Requires Vault `v1.16+` or Vault auth kubernetes plugin `v0.18.0+`
-        """
-        return pulumi.get(self, "use_annotations_as_alias_metadata")
-

pulumi_vault/kubernetes/auth_backend_role.py

@@ -4,14 +4,9 @@
 
 import copy
 import warnings
-import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
-if sys.version_info >= (3, 11):
-    from typing import NotRequired, TypedDict, TypeAlias
-else:
-    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
 
 __all__ = ['AuthBackendRoleArgs', 'AuthBackendRole']