pulumi-vault 6.6.0a1741415971__py3-none-any.whl → 6.7.0__py3-none-any.whl

pulumi_vault/pkisecret/backend_config_cmpv2.py

@@ -2,6 +2,7 @@
 # *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
 # *** Do not edit by hand unless you're certain you know what you are doing! ***
 
+import builtins
 import copy
 import warnings
 import sys
@@ -21,25 +22,27 @@ __all__ = ['BackendConfigCmpv2Args', 'BackendConfigCmpv2']
 @pulumi.input_type
 class BackendConfigCmpv2Args:
     def __init__(__self__, *,
-                 backend: pulumi.Input[str],
-                 audit_fields: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
+                 backend: pulumi.Input[builtins.str],
+                 audit_fields: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
                  authenticators: Optional[pulumi.Input['BackendConfigCmpv2AuthenticatorsArgs']] = None,
-                 default_path_policy: Optional[pulumi.Input[str]] = None,
-                 enable_sentinel_parsing: Optional[pulumi.Input[bool]] = None,
-                 enabled: Optional[pulumi.Input[bool]] = None,
-                 namespace: Optional[pulumi.Input[str]] = None):
+                 default_path_policy: Optional[pulumi.Input[builtins.str]] = None,
+                 disabled_validations: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
+                 enable_sentinel_parsing: Optional[pulumi.Input[builtins.bool]] = None,
+                 enabled: Optional[pulumi.Input[builtins.bool]] = None,
+                 namespace: Optional[pulumi.Input[builtins.str]] = None):
         """
         The set of arguments for constructing a BackendConfigCmpv2 resource.
-        :param pulumi.Input[str] backend: The path to the PKI secret backend to
+        :param pulumi.Input[builtins.str] backend: The path to the PKI secret backend to
                read the CMPv2 configuration from, with no leading or trailing `/`s.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] audit_fields: Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
+        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] audit_fields: Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
+        :param pulumi.Input['BackendConfigCmpv2AuthenticatorsArgs'] authenticators: Lists the mount accessors CMPv2 should delegate authentication requests towards (see below for nested schema).
+        :param pulumi.Input[builtins.str] default_path_policy: Specifies the behavior for requests using the non-role-qualified CMPv2 requests. Can be sign-verbatim or a role given by role:<role_name>.
+        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] disabled_validations: A comma-separated list of validations not to perform on CMPv2 messages.
                
                <a id="nestedatt--authenticators"></a>
-        :param pulumi.Input['BackendConfigCmpv2AuthenticatorsArgs'] authenticators: Lists the mount accessors CMPv2 should delegate authentication requests towards (see below for nested schema).
-        :param pulumi.Input[str] default_path_policy: Specifies the behavior for requests using the non-role-qualified CMPv2 requests. Can be sign-verbatim or a role given by role:<role_name>.
-        :param pulumi.Input[bool] enable_sentinel_parsing: If set, parse out fields from the provided CSR making them available for Sentinel policies.
-        :param pulumi.Input[bool] enabled: Specifies whether CMPv2 is enabled.
-        :param pulumi.Input[str] namespace: The namespace of the target resource.
+        :param pulumi.Input[builtins.bool] enable_sentinel_parsing: If set, parse out fields from the provided CSR making them available for Sentinel policies.
+        :param pulumi.Input[builtins.bool] enabled: Specifies whether CMPv2 is enabled.
+        :param pulumi.Input[builtins.str] namespace: The namespace of the target resource.
                The value should not contain leading or trailing forward slashes.
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
@@ -51,6 +54,8 @@ class BackendConfigCmpv2Args:
             pulumi.set(__self__, "authenticators", authenticators)
         if default_path_policy is not None:
             pulumi.set(__self__, "default_path_policy", default_path_policy)
+        if disabled_validations is not None:
+            pulumi.set(__self__, "disabled_validations", disabled_validations)
         if enable_sentinel_parsing is not None:
             pulumi.set(__self__, "enable_sentinel_parsing", enable_sentinel_parsing)
         if enabled is not None:
@@ -60,7 +65,7 @@ class BackendConfigCmpv2Args:
 
     @property
     @pulumi.getter
-    def backend(self) -> pulumi.Input[str]:
+    def backend(self) -> pulumi.Input[builtins.str]:
         """
         The path to the PKI secret backend to
         read the CMPv2 configuration from, with no leading or trailing `/`s.
@@ -68,21 +73,19 @@ class BackendConfigCmpv2Args:
         return pulumi.get(self, "backend")
 
     @backend.setter
-    def backend(self, value: pulumi.Input[str]):
+    def backend(self, value: pulumi.Input[builtins.str]):
         pulumi.set(self, "backend", value)
 
     @property
     @pulumi.getter(name="auditFields")
-    def audit_fields(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
+    def audit_fields(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
         """
         Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
-
-        <a id="nestedatt--authenticators"></a>
         """
         return pulumi.get(self, "audit_fields")
 
     @audit_fields.setter
-    def audit_fields(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
+    def audit_fields(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
         pulumi.set(self, "audit_fields", value)
 
     @property
@@ -99,43 +102,57 @@ class BackendConfigCmpv2Args:
 
     @property
     @pulumi.getter(name="defaultPathPolicy")
-    def default_path_policy(self) -> Optional[pulumi.Input[str]]:
+    def default_path_policy(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         Specifies the behavior for requests using the non-role-qualified CMPv2 requests. Can be sign-verbatim or a role given by role:<role_name>.
         """
         return pulumi.get(self, "default_path_policy")
 
     @default_path_policy.setter
-    def default_path_policy(self, value: Optional[pulumi.Input[str]]):
+    def default_path_policy(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "default_path_policy", value)
 
+    @property
+    @pulumi.getter(name="disabledValidations")
+    def disabled_validations(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
+        """
+        A comma-separated list of validations not to perform on CMPv2 messages.
+
+        <a id="nestedatt--authenticators"></a>
+        """
+        return pulumi.get(self, "disabled_validations")
+
+    @disabled_validations.setter
+    def disabled_validations(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
+        pulumi.set(self, "disabled_validations", value)
+
     @property
     @pulumi.getter(name="enableSentinelParsing")
-    def enable_sentinel_parsing(self) -> Optional[pulumi.Input[bool]]:
+    def enable_sentinel_parsing(self) -> Optional[pulumi.Input[builtins.bool]]:
         """
         If set, parse out fields from the provided CSR making them available for Sentinel policies.
         """
         return pulumi.get(self, "enable_sentinel_parsing")
 
     @enable_sentinel_parsing.setter
-    def enable_sentinel_parsing(self, value: Optional[pulumi.Input[bool]]):
+    def enable_sentinel_parsing(self, value: Optional[pulumi.Input[builtins.bool]]):
         pulumi.set(self, "enable_sentinel_parsing", value)
 
     @property
     @pulumi.getter
-    def enabled(self) -> Optional[pulumi.Input[bool]]:
+    def enabled(self) -> Optional[pulumi.Input[builtins.bool]]:
         """
         Specifies whether CMPv2 is enabled.
         """
         return pulumi.get(self, "enabled")
 
     @enabled.setter
-    def enabled(self, value: Optional[pulumi.Input[bool]]):
+    def enabled(self, value: Optional[pulumi.Input[builtins.bool]]):
         pulumi.set(self, "enabled", value)
 
     @property
     @pulumi.getter
-    def namespace(self) -> Optional[pulumi.Input[str]]:
+    def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The namespace of the target resource.
         The value should not contain leading or trailing forward slashes.
@@ -145,34 +162,36 @@ class BackendConfigCmpv2Args:
         return pulumi.get(self, "namespace")
 
     @namespace.setter
-    def namespace(self, value: Optional[pulumi.Input[str]]):
+    def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "namespace", value)
 
 
 @pulumi.input_type
 class _BackendConfigCmpv2State:
     def __init__(__self__, *,
-                 audit_fields: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
+                 audit_fields: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
                  authenticators: Optional[pulumi.Input['BackendConfigCmpv2AuthenticatorsArgs']] = None,
-                 backend: Optional[pulumi.Input[str]] = None,
-                 default_path_policy: Optional[pulumi.Input[str]] = None,
-                 enable_sentinel_parsing: Optional[pulumi.Input[bool]] = None,
-                 enabled: Optional[pulumi.Input[bool]] = None,
-                 last_updated: Optional[pulumi.Input[str]] = None,
-                 namespace: Optional[pulumi.Input[str]] = None):
+                 backend: Optional[pulumi.Input[builtins.str]] = None,
+                 default_path_policy: Optional[pulumi.Input[builtins.str]] = None,
+                 disabled_validations: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
+                 enable_sentinel_parsing: Optional[pulumi.Input[builtins.bool]] = None,
+                 enabled: Optional[pulumi.Input[builtins.bool]] = None,
+                 last_updated: Optional[pulumi.Input[builtins.str]] = None,
+                 namespace: Optional[pulumi.Input[builtins.str]] = None):
         """
         Input properties used for looking up and filtering BackendConfigCmpv2 resources.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] audit_fields: Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
-               
-               <a id="nestedatt--authenticators"></a>
+        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] audit_fields: Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
         :param pulumi.Input['BackendConfigCmpv2AuthenticatorsArgs'] authenticators: Lists the mount accessors CMPv2 should delegate authentication requests towards (see below for nested schema).
-        :param pulumi.Input[str] backend: The path to the PKI secret backend to
+        :param pulumi.Input[builtins.str] backend: The path to the PKI secret backend to
                read the CMPv2 configuration from, with no leading or trailing `/`s.
-        :param pulumi.Input[str] default_path_policy: Specifies the behavior for requests using the non-role-qualified CMPv2 requests. Can be sign-verbatim or a role given by role:<role_name>.
-        :param pulumi.Input[bool] enable_sentinel_parsing: If set, parse out fields from the provided CSR making them available for Sentinel policies.
-        :param pulumi.Input[bool] enabled: Specifies whether CMPv2 is enabled.
-        :param pulumi.Input[str] last_updated: A read-only timestamp representing the last time the configuration was updated.
-        :param pulumi.Input[str] namespace: The namespace of the target resource.
+        :param pulumi.Input[builtins.str] default_path_policy: Specifies the behavior for requests using the non-role-qualified CMPv2 requests. Can be sign-verbatim or a role given by role:<role_name>.
+        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] disabled_validations: A comma-separated list of validations not to perform on CMPv2 messages.
+               
+               <a id="nestedatt--authenticators"></a>
+        :param pulumi.Input[builtins.bool] enable_sentinel_parsing: If set, parse out fields from the provided CSR making them available for Sentinel policies.
+        :param pulumi.Input[builtins.bool] enabled: Specifies whether CMPv2 is enabled.
+        :param pulumi.Input[builtins.str] last_updated: A read-only timestamp representing the last time the configuration was updated.
+        :param pulumi.Input[builtins.str] namespace: The namespace of the target resource.
                The value should not contain leading or trailing forward slashes.
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
@@ -185,6 +204,8 @@ class _BackendConfigCmpv2State:
             pulumi.set(__self__, "backend", backend)
         if default_path_policy is not None:
             pulumi.set(__self__, "default_path_policy", default_path_policy)
+        if disabled_validations is not None:
+            pulumi.set(__self__, "disabled_validations", disabled_validations)
         if enable_sentinel_parsing is not None:
             pulumi.set(__self__, "enable_sentinel_parsing", enable_sentinel_parsing)
         if enabled is not None:
@@ -196,16 +217,14 @@ class _BackendConfigCmpv2State:
 
     @property
     @pulumi.getter(name="auditFields")
-    def audit_fields(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
+    def audit_fields(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
         """
         Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
-
-        <a id="nestedatt--authenticators"></a>
         """
         return pulumi.get(self, "audit_fields")
 
     @audit_fields.setter
-    def audit_fields(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
+    def audit_fields(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
         pulumi.set(self, "audit_fields", value)
 
     @property
@@ -222,7 +241,7 @@ class _BackendConfigCmpv2State:
 
     @property
     @pulumi.getter
-    def backend(self) -> Optional[pulumi.Input[str]]:
+    def backend(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The path to the PKI secret backend to
         read the CMPv2 configuration from, with no leading or trailing `/`s.
@@ -230,60 +249,74 @@ class _BackendConfigCmpv2State:
         return pulumi.get(self, "backend")
 
     @backend.setter
-    def backend(self, value: Optional[pulumi.Input[str]]):
+    def backend(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "backend", value)
 
     @property
     @pulumi.getter(name="defaultPathPolicy")
-    def default_path_policy(self) -> Optional[pulumi.Input[str]]:
+    def default_path_policy(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         Specifies the behavior for requests using the non-role-qualified CMPv2 requests. Can be sign-verbatim or a role given by role:<role_name>.
         """
         return pulumi.get(self, "default_path_policy")
 
     @default_path_policy.setter
-    def default_path_policy(self, value: Optional[pulumi.Input[str]]):
+    def default_path_policy(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "default_path_policy", value)
 
+    @property
+    @pulumi.getter(name="disabledValidations")
+    def disabled_validations(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
+        """
+        A comma-separated list of validations not to perform on CMPv2 messages.
+
+        <a id="nestedatt--authenticators"></a>
+        """
+        return pulumi.get(self, "disabled_validations")
+
+    @disabled_validations.setter
+    def disabled_validations(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
+        pulumi.set(self, "disabled_validations", value)
+
     @property
     @pulumi.getter(name="enableSentinelParsing")
-    def enable_sentinel_parsing(self) -> Optional[pulumi.Input[bool]]:
+    def enable_sentinel_parsing(self) -> Optional[pulumi.Input[builtins.bool]]:
         """
         If set, parse out fields from the provided CSR making them available for Sentinel policies.
         """
         return pulumi.get(self, "enable_sentinel_parsing")
 
     @enable_sentinel_parsing.setter
-    def enable_sentinel_parsing(self, value: Optional[pulumi.Input[bool]]):
+    def enable_sentinel_parsing(self, value: Optional[pulumi.Input[builtins.bool]]):
         pulumi.set(self, "enable_sentinel_parsing", value)
 
     @property
     @pulumi.getter
-    def enabled(self) -> Optional[pulumi.Input[bool]]:
+    def enabled(self) -> Optional[pulumi.Input[builtins.bool]]:
         """
         Specifies whether CMPv2 is enabled.
         """
         return pulumi.get(self, "enabled")
 
     @enabled.setter
-    def enabled(self, value: Optional[pulumi.Input[bool]]):
+    def enabled(self, value: Optional[pulumi.Input[builtins.bool]]):
         pulumi.set(self, "enabled", value)
 
     @property
     @pulumi.getter(name="lastUpdated")
-    def last_updated(self) -> Optional[pulumi.Input[str]]:
+    def last_updated(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         A read-only timestamp representing the last time the configuration was updated.
         """
         return pulumi.get(self, "last_updated")
 
     @last_updated.setter
-    def last_updated(self, value: Optional[pulumi.Input[str]]):
+    def last_updated(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "last_updated", value)
 
     @property
     @pulumi.getter
-    def namespace(self) -> Optional[pulumi.Input[str]]:
+    def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The namespace of the target resource.
         The value should not contain leading or trailing forward slashes.
@@ -293,7 +326,7 @@ class _BackendConfigCmpv2State:
         return pulumi.get(self, "namespace")
 
     @namespace.setter
-    def namespace(self, value: Optional[pulumi.Input[str]]):
+    def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "namespace", value)
 
 
@@ -302,13 +335,14 @@ class BackendConfigCmpv2(pulumi.CustomResource):
     def __init__(__self__,
                  resource_name: str,
                  opts: Optional[pulumi.ResourceOptions] = None,
-                 audit_fields: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
+                 audit_fields: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
                  authenticators: Optional[pulumi.Input[Union['BackendConfigCmpv2AuthenticatorsArgs', 'BackendConfigCmpv2AuthenticatorsArgsDict']]] = None,
-                 backend: Optional[pulumi.Input[str]] = None,
-                 default_path_policy: Optional[pulumi.Input[str]] = None,
-                 enable_sentinel_parsing: Optional[pulumi.Input[bool]] = None,
-                 enabled: Optional[pulumi.Input[bool]] = None,
-                 namespace: Optional[pulumi.Input[str]] = None,
+                 backend: Optional[pulumi.Input[builtins.str]] = None,
+                 default_path_policy: Optional[pulumi.Input[builtins.str]] = None,
+                 disabled_validations: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
+                 enable_sentinel_parsing: Optional[pulumi.Input[builtins.bool]] = None,
+                 enabled: Optional[pulumi.Input[builtins.bool]] = None,
+                 namespace: Optional[pulumi.Input[builtins.str]] = None,
                  __props__=None):
         """
         Allows setting the CMPv2 configuration on a PKI Secret Backend
@@ -325,16 +359,17 @@ class BackendConfigCmpv2(pulumi.CustomResource):
 
         :param str resource_name: The name of the resource.
         :param pulumi.ResourceOptions opts: Options for the resource.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] audit_fields: Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
-               
-               <a id="nestedatt--authenticators"></a>
+        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] audit_fields: Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
         :param pulumi.Input[Union['BackendConfigCmpv2AuthenticatorsArgs', 'BackendConfigCmpv2AuthenticatorsArgsDict']] authenticators: Lists the mount accessors CMPv2 should delegate authentication requests towards (see below for nested schema).
-        :param pulumi.Input[str] backend: The path to the PKI secret backend to
+        :param pulumi.Input[builtins.str] backend: The path to the PKI secret backend to
                read the CMPv2 configuration from, with no leading or trailing `/`s.
-        :param pulumi.Input[str] default_path_policy: Specifies the behavior for requests using the non-role-qualified CMPv2 requests. Can be sign-verbatim or a role given by role:<role_name>.
-        :param pulumi.Input[bool] enable_sentinel_parsing: If set, parse out fields from the provided CSR making them available for Sentinel policies.
-        :param pulumi.Input[bool] enabled: Specifies whether CMPv2 is enabled.
-        :param pulumi.Input[str] namespace: The namespace of the target resource.
+        :param pulumi.Input[builtins.str] default_path_policy: Specifies the behavior for requests using the non-role-qualified CMPv2 requests. Can be sign-verbatim or a role given by role:<role_name>.
+        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] disabled_validations: A comma-separated list of validations not to perform on CMPv2 messages.
+               
+               <a id="nestedatt--authenticators"></a>
+        :param pulumi.Input[builtins.bool] enable_sentinel_parsing: If set, parse out fields from the provided CSR making them available for Sentinel policies.
+        :param pulumi.Input[builtins.bool] enabled: Specifies whether CMPv2 is enabled.
+        :param pulumi.Input[builtins.str] namespace: The namespace of the target resource.
                The value should not contain leading or trailing forward slashes.
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
@@ -373,13 +408,14 @@ class BackendConfigCmpv2(pulumi.CustomResource):
     def _internal_init(__self__,
                  resource_name: str,
                  opts: Optional[pulumi.ResourceOptions] = None,
-                 audit_fields: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
+                 audit_fields: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
                  authenticators: Optional[pulumi.Input[Union['BackendConfigCmpv2AuthenticatorsArgs', 'BackendConfigCmpv2AuthenticatorsArgsDict']]] = None,
-                 backend: Optional[pulumi.Input[str]] = None,
-                 default_path_policy: Optional[pulumi.Input[str]] = None,
-                 enable_sentinel_parsing: Optional[pulumi.Input[bool]] = None,
-                 enabled: Optional[pulumi.Input[bool]] = None,
-                 namespace: Optional[pulumi.Input[str]] = None,
+                 backend: Optional[pulumi.Input[builtins.str]] = None,
+                 default_path_policy: Optional[pulumi.Input[builtins.str]] = None,
+                 disabled_validations: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
+                 enable_sentinel_parsing: Optional[pulumi.Input[builtins.bool]] = None,
+                 enabled: Optional[pulumi.Input[builtins.bool]] = None,
+                 namespace: Optional[pulumi.Input[builtins.str]] = None,
                  __props__=None):
         opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
         if not isinstance(opts, pulumi.ResourceOptions):
@@ -395,6 +431,7 @@ class BackendConfigCmpv2(pulumi.CustomResource):
                 raise TypeError("Missing required property 'backend'")
             __props__.__dict__["backend"] = backend
             __props__.__dict__["default_path_policy"] = default_path_policy
+            __props__.__dict__["disabled_validations"] = disabled_validations
             __props__.__dict__["enable_sentinel_parsing"] = enable_sentinel_parsing
             __props__.__dict__["enabled"] = enabled
             __props__.__dict__["namespace"] = namespace
@@ -409,14 +446,15 @@ class BackendConfigCmpv2(pulumi.CustomResource):
     def get(resource_name: str,
             id: pulumi.Input[str],
             opts: Optional[pulumi.ResourceOptions] = None,
-            audit_fields: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
+            audit_fields: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
             authenticators: Optional[pulumi.Input[Union['BackendConfigCmpv2AuthenticatorsArgs', 'BackendConfigCmpv2AuthenticatorsArgsDict']]] = None,
-            backend: Optional[pulumi.Input[str]] = None,
-            default_path_policy: Optional[pulumi.Input[str]] = None,
-            enable_sentinel_parsing: Optional[pulumi.Input[bool]] = None,
-            enabled: Optional[pulumi.Input[bool]] = None,
-            last_updated: Optional[pulumi.Input[str]] = None,
-            namespace: Optional[pulumi.Input[str]] = None) -> 'BackendConfigCmpv2':
+            backend: Optional[pulumi.Input[builtins.str]] = None,
+            default_path_policy: Optional[pulumi.Input[builtins.str]] = None,
+            disabled_validations: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
+            enable_sentinel_parsing: Optional[pulumi.Input[builtins.bool]] = None,
+            enabled: Optional[pulumi.Input[builtins.bool]] = None,
+            last_updated: Optional[pulumi.Input[builtins.str]] = None,
+            namespace: Optional[pulumi.Input[builtins.str]] = None) -> 'BackendConfigCmpv2':
         """
         Get an existing BackendConfigCmpv2 resource's state with the given name, id, and optional extra
         properties used to qualify the lookup.
@@ -424,17 +462,18 @@ class BackendConfigCmpv2(pulumi.CustomResource):
         :param str resource_name: The unique name of the resulting resource.
         :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
         :param pulumi.ResourceOptions opts: Options for the resource.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] audit_fields: Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
-               
-               <a id="nestedatt--authenticators"></a>
+        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] audit_fields: Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
         :param pulumi.Input[Union['BackendConfigCmpv2AuthenticatorsArgs', 'BackendConfigCmpv2AuthenticatorsArgsDict']] authenticators: Lists the mount accessors CMPv2 should delegate authentication requests towards (see below for nested schema).
-        :param pulumi.Input[str] backend: The path to the PKI secret backend to
+        :param pulumi.Input[builtins.str] backend: The path to the PKI secret backend to
                read the CMPv2 configuration from, with no leading or trailing `/`s.
-        :param pulumi.Input[str] default_path_policy: Specifies the behavior for requests using the non-role-qualified CMPv2 requests. Can be sign-verbatim or a role given by role:<role_name>.
-        :param pulumi.Input[bool] enable_sentinel_parsing: If set, parse out fields from the provided CSR making them available for Sentinel policies.
-        :param pulumi.Input[bool] enabled: Specifies whether CMPv2 is enabled.
-        :param pulumi.Input[str] last_updated: A read-only timestamp representing the last time the configuration was updated.
-        :param pulumi.Input[str] namespace: The namespace of the target resource.
+        :param pulumi.Input[builtins.str] default_path_policy: Specifies the behavior for requests using the non-role-qualified CMPv2 requests. Can be sign-verbatim or a role given by role:<role_name>.
+        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] disabled_validations: A comma-separated list of validations not to perform on CMPv2 messages.
+               
+               <a id="nestedatt--authenticators"></a>
+        :param pulumi.Input[builtins.bool] enable_sentinel_parsing: If set, parse out fields from the provided CSR making them available for Sentinel policies.
+        :param pulumi.Input[builtins.bool] enabled: Specifies whether CMPv2 is enabled.
+        :param pulumi.Input[builtins.str] last_updated: A read-only timestamp representing the last time the configuration was updated.
+        :param pulumi.Input[builtins.str] namespace: The namespace of the target resource.
                The value should not contain leading or trailing forward slashes.
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
@@ -447,6 +486,7 @@ class BackendConfigCmpv2(pulumi.CustomResource):
         __props__.__dict__["authenticators"] = authenticators
         __props__.__dict__["backend"] = backend
         __props__.__dict__["default_path_policy"] = default_path_policy
+        __props__.__dict__["disabled_validations"] = disabled_validations
         __props__.__dict__["enable_sentinel_parsing"] = enable_sentinel_parsing
         __props__.__dict__["enabled"] = enabled
         __props__.__dict__["last_updated"] = last_updated
@@ -455,11 +495,9 @@ class BackendConfigCmpv2(pulumi.CustomResource):
 
     @property
     @pulumi.getter(name="auditFields")
-    def audit_fields(self) -> pulumi.Output[Sequence[str]]:
+    def audit_fields(self) -> pulumi.Output[Sequence[builtins.str]]:
         """
         Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
-
-        <a id="nestedatt--authenticators"></a>
         """
         return pulumi.get(self, "audit_fields")
 
@@ -473,7 +511,7 @@ class BackendConfigCmpv2(pulumi.CustomResource):
 
     @property
     @pulumi.getter
-    def backend(self) -> pulumi.Output[str]:
+    def backend(self) -> pulumi.Output[builtins.str]:
         """
         The path to the PKI secret backend to
         read the CMPv2 configuration from, with no leading or trailing `/`s.
@@ -482,15 +520,25 @@ class BackendConfigCmpv2(pulumi.CustomResource):
 
     @property
     @pulumi.getter(name="defaultPathPolicy")
-    def default_path_policy(self) -> pulumi.Output[Optional[str]]:
+    def default_path_policy(self) -> pulumi.Output[Optional[builtins.str]]:
         """
         Specifies the behavior for requests using the non-role-qualified CMPv2 requests. Can be sign-verbatim or a role given by role:<role_name>.
         """
         return pulumi.get(self, "default_path_policy")
 
+    @property
+    @pulumi.getter(name="disabledValidations")
+    def disabled_validations(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
+        """
+        A comma-separated list of validations not to perform on CMPv2 messages.
+
+        <a id="nestedatt--authenticators"></a>
+        """
+        return pulumi.get(self, "disabled_validations")
+
     @property
     @pulumi.getter(name="enableSentinelParsing")
-    def enable_sentinel_parsing(self) -> pulumi.Output[Optional[bool]]:
+    def enable_sentinel_parsing(self) -> pulumi.Output[Optional[builtins.bool]]:
         """
         If set, parse out fields from the provided CSR making them available for Sentinel policies.
         """
@@ -498,7 +546,7 @@ class BackendConfigCmpv2(pulumi.CustomResource):
 
     @property
     @pulumi.getter
-    def enabled(self) -> pulumi.Output[Optional[bool]]:
+    def enabled(self) -> pulumi.Output[Optional[builtins.bool]]:
         """
         Specifies whether CMPv2 is enabled.
         """
@@ -506,7 +554,7 @@ class BackendConfigCmpv2(pulumi.CustomResource):
 
     @property
     @pulumi.getter(name="lastUpdated")
-    def last_updated(self) -> pulumi.Output[str]:
+    def last_updated(self) -> pulumi.Output[builtins.str]:
         """
         A read-only timestamp representing the last time the configuration was updated.
         """
@@ -514,7 +562,7 @@ class BackendConfigCmpv2(pulumi.CustomResource):
 
     @property
     @pulumi.getter
-    def namespace(self) -> pulumi.Output[Optional[str]]:
+    def namespace(self) -> pulumi.Output[Optional[builtins.str]]:
         """
         The namespace of the target resource.
         The value should not contain leading or trailing forward slashes.