pulumi-vault 6.6.0a1741415971__py3-none-any.whl → 6.7.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (264) hide show
  1. pulumi_vault/__init__.py +9 -0
  2. pulumi_vault/_inputs.py +583 -562
  3. pulumi_vault/ad/__init__.py +1 -0
  4. pulumi_vault/ad/get_access_credentials.py +20 -19
  5. pulumi_vault/ad/secret_backend.py +477 -476
  6. pulumi_vault/ad/secret_library.py +99 -98
  7. pulumi_vault/ad/secret_role.py +85 -84
  8. pulumi_vault/alicloud/__init__.py +1 -0
  9. pulumi_vault/alicloud/auth_backend_role.py +183 -182
  10. pulumi_vault/approle/__init__.py +1 -0
  11. pulumi_vault/approle/auth_backend_login.py +106 -105
  12. pulumi_vault/approle/auth_backend_role.py +239 -238
  13. pulumi_vault/approle/auth_backend_role_secret_id.py +162 -161
  14. pulumi_vault/approle/get_auth_backend_role_id.py +18 -17
  15. pulumi_vault/audit.py +85 -84
  16. pulumi_vault/audit_request_header.py +43 -42
  17. pulumi_vault/auth_backend.py +106 -105
  18. pulumi_vault/aws/__init__.py +1 -0
  19. pulumi_vault/aws/auth_backend_cert.py +71 -70
  20. pulumi_vault/aws/auth_backend_client.py +425 -200
  21. pulumi_vault/aws/auth_backend_config_identity.py +85 -84
  22. pulumi_vault/aws/auth_backend_identity_whitelist.py +57 -56
  23. pulumi_vault/aws/auth_backend_login.py +209 -208
  24. pulumi_vault/aws/auth_backend_role.py +400 -399
  25. pulumi_vault/aws/auth_backend_role_tag.py +127 -126
  26. pulumi_vault/aws/auth_backend_roletag_blacklist.py +57 -56
  27. pulumi_vault/aws/auth_backend_sts_role.py +71 -70
  28. pulumi_vault/aws/get_access_credentials.py +44 -43
  29. pulumi_vault/aws/get_static_access_credentials.py +13 -12
  30. pulumi_vault/aws/secret_backend.py +523 -306
  31. pulumi_vault/aws/secret_backend_role.py +211 -210
  32. pulumi_vault/aws/secret_backend_static_role.py +288 -70
  33. pulumi_vault/azure/__init__.py +1 -0
  34. pulumi_vault/azure/_inputs.py +21 -20
  35. pulumi_vault/azure/auth_backend_config.py +383 -130
  36. pulumi_vault/azure/auth_backend_role.py +253 -252
  37. pulumi_vault/azure/backend.py +432 -186
  38. pulumi_vault/azure/backend_role.py +188 -140
  39. pulumi_vault/azure/get_access_credentials.py +58 -57
  40. pulumi_vault/azure/outputs.py +11 -10
  41. pulumi_vault/cert_auth_backend_role.py +365 -364
  42. pulumi_vault/config/__init__.py +1 -0
  43. pulumi_vault/config/__init__.pyi +1 -0
  44. pulumi_vault/config/_inputs.py +11 -10
  45. pulumi_vault/config/outputs.py +287 -286
  46. pulumi_vault/config/ui_custom_message.py +113 -112
  47. pulumi_vault/config/vars.py +1 -0
  48. pulumi_vault/consul/__init__.py +1 -0
  49. pulumi_vault/consul/secret_backend.py +197 -196
  50. pulumi_vault/consul/secret_backend_role.py +183 -182
  51. pulumi_vault/database/__init__.py +1 -0
  52. pulumi_vault/database/_inputs.py +3857 -2200
  53. pulumi_vault/database/outputs.py +2483 -1330
  54. pulumi_vault/database/secret_backend_connection.py +333 -112
  55. pulumi_vault/database/secret_backend_role.py +169 -168
  56. pulumi_vault/database/secret_backend_static_role.py +283 -140
  57. pulumi_vault/database/secrets_mount.py +275 -266
  58. pulumi_vault/egp_policy.py +71 -70
  59. pulumi_vault/gcp/__init__.py +1 -0
  60. pulumi_vault/gcp/_inputs.py +82 -81
  61. pulumi_vault/gcp/auth_backend.py +426 -205
  62. pulumi_vault/gcp/auth_backend_role.py +281 -280
  63. pulumi_vault/gcp/get_auth_backend_role.py +70 -69
  64. pulumi_vault/gcp/outputs.py +50 -49
  65. pulumi_vault/gcp/secret_backend.py +420 -179
  66. pulumi_vault/gcp/secret_impersonated_account.py +92 -91
  67. pulumi_vault/gcp/secret_roleset.py +92 -91
  68. pulumi_vault/gcp/secret_static_account.py +92 -91
  69. pulumi_vault/generic/__init__.py +1 -0
  70. pulumi_vault/generic/endpoint.py +113 -112
  71. pulumi_vault/generic/get_secret.py +28 -27
  72. pulumi_vault/generic/secret.py +78 -77
  73. pulumi_vault/get_auth_backend.py +19 -18
  74. pulumi_vault/get_auth_backends.py +14 -13
  75. pulumi_vault/get_namespace.py +15 -14
  76. pulumi_vault/get_namespaces.py +68 -18
  77. pulumi_vault/get_nomad_access_token.py +19 -18
  78. pulumi_vault/get_policy_document.py +6 -5
  79. pulumi_vault/get_raft_autopilot_state.py +18 -17
  80. pulumi_vault/github/__init__.py +1 -0
  81. pulumi_vault/github/_inputs.py +42 -41
  82. pulumi_vault/github/auth_backend.py +232 -231
  83. pulumi_vault/github/outputs.py +26 -25
  84. pulumi_vault/github/team.py +57 -56
  85. pulumi_vault/github/user.py +57 -56
  86. pulumi_vault/identity/__init__.py +1 -0
  87. pulumi_vault/identity/entity.py +85 -84
  88. pulumi_vault/identity/entity_alias.py +71 -70
  89. pulumi_vault/identity/entity_policies.py +64 -63
  90. pulumi_vault/identity/get_entity.py +43 -42
  91. pulumi_vault/identity/get_group.py +50 -49
  92. pulumi_vault/identity/get_oidc_client_creds.py +14 -13
  93. pulumi_vault/identity/get_oidc_openid_config.py +24 -23
  94. pulumi_vault/identity/get_oidc_public_keys.py +13 -12
  95. pulumi_vault/identity/group.py +141 -140
  96. pulumi_vault/identity/group_alias.py +57 -56
  97. pulumi_vault/identity/group_member_entity_ids.py +57 -56
  98. pulumi_vault/identity/group_member_group_ids.py +57 -56
  99. pulumi_vault/identity/group_policies.py +64 -63
  100. pulumi_vault/identity/mfa_duo.py +148 -147
  101. pulumi_vault/identity/mfa_login_enforcement.py +120 -119
  102. pulumi_vault/identity/mfa_okta.py +134 -133
  103. pulumi_vault/identity/mfa_pingid.py +127 -126
  104. pulumi_vault/identity/mfa_totp.py +176 -175
  105. pulumi_vault/identity/oidc.py +29 -28
  106. pulumi_vault/identity/oidc_assignment.py +57 -56
  107. pulumi_vault/identity/oidc_client.py +127 -126
  108. pulumi_vault/identity/oidc_key.py +85 -84
  109. pulumi_vault/identity/oidc_key_allowed_client_id.py +43 -42
  110. pulumi_vault/identity/oidc_provider.py +92 -91
  111. pulumi_vault/identity/oidc_role.py +85 -84
  112. pulumi_vault/identity/oidc_scope.py +57 -56
  113. pulumi_vault/identity/outputs.py +32 -31
  114. pulumi_vault/jwt/__init__.py +1 -0
  115. pulumi_vault/jwt/_inputs.py +42 -41
  116. pulumi_vault/jwt/auth_backend.py +288 -287
  117. pulumi_vault/jwt/auth_backend_role.py +407 -406
  118. pulumi_vault/jwt/outputs.py +26 -25
  119. pulumi_vault/kmip/__init__.py +1 -0
  120. pulumi_vault/kmip/secret_backend.py +183 -182
  121. pulumi_vault/kmip/secret_role.py +295 -294
  122. pulumi_vault/kmip/secret_scope.py +57 -56
  123. pulumi_vault/kubernetes/__init__.py +1 -0
  124. pulumi_vault/kubernetes/auth_backend_config.py +141 -140
  125. pulumi_vault/kubernetes/auth_backend_role.py +225 -224
  126. pulumi_vault/kubernetes/get_auth_backend_config.py +47 -46
  127. pulumi_vault/kubernetes/get_auth_backend_role.py +70 -69
  128. pulumi_vault/kubernetes/get_service_account_token.py +38 -37
  129. pulumi_vault/kubernetes/secret_backend.py +316 -315
  130. pulumi_vault/kubernetes/secret_backend_role.py +197 -196
  131. pulumi_vault/kv/__init__.py +1 -0
  132. pulumi_vault/kv/_inputs.py +21 -20
  133. pulumi_vault/kv/get_secret.py +17 -16
  134. pulumi_vault/kv/get_secret_subkeys_v2.py +30 -29
  135. pulumi_vault/kv/get_secret_v2.py +29 -28
  136. pulumi_vault/kv/get_secrets_list.py +13 -12
  137. pulumi_vault/kv/get_secrets_list_v2.py +19 -18
  138. pulumi_vault/kv/outputs.py +13 -12
  139. pulumi_vault/kv/secret.py +50 -49
  140. pulumi_vault/kv/secret_backend_v2.py +71 -70
  141. pulumi_vault/kv/secret_v2.py +134 -133
  142. pulumi_vault/ldap/__init__.py +1 -0
  143. pulumi_vault/ldap/auth_backend.py +754 -533
  144. pulumi_vault/ldap/auth_backend_group.py +57 -56
  145. pulumi_vault/ldap/auth_backend_user.py +71 -70
  146. pulumi_vault/ldap/get_dynamic_credentials.py +17 -16
  147. pulumi_vault/ldap/get_static_credentials.py +18 -17
  148. pulumi_vault/ldap/secret_backend.py +720 -499
  149. pulumi_vault/ldap/secret_backend_dynamic_role.py +127 -126
  150. pulumi_vault/ldap/secret_backend_library_set.py +99 -98
  151. pulumi_vault/ldap/secret_backend_static_role.py +99 -98
  152. pulumi_vault/managed/__init__.py +1 -0
  153. pulumi_vault/managed/_inputs.py +229 -228
  154. pulumi_vault/managed/keys.py +15 -14
  155. pulumi_vault/managed/outputs.py +139 -138
  156. pulumi_vault/mfa_duo.py +113 -112
  157. pulumi_vault/mfa_okta.py +113 -112
  158. pulumi_vault/mfa_pingid.py +120 -119
  159. pulumi_vault/mfa_totp.py +127 -126
  160. pulumi_vault/mongodbatlas/__init__.py +1 -0
  161. pulumi_vault/mongodbatlas/secret_backend.py +64 -63
  162. pulumi_vault/mongodbatlas/secret_role.py +155 -154
  163. pulumi_vault/mount.py +274 -273
  164. pulumi_vault/namespace.py +64 -63
  165. pulumi_vault/nomad_secret_backend.py +211 -210
  166. pulumi_vault/nomad_secret_role.py +85 -84
  167. pulumi_vault/okta/__init__.py +1 -0
  168. pulumi_vault/okta/_inputs.py +26 -25
  169. pulumi_vault/okta/auth_backend.py +274 -273
  170. pulumi_vault/okta/auth_backend_group.py +57 -56
  171. pulumi_vault/okta/auth_backend_user.py +71 -70
  172. pulumi_vault/okta/outputs.py +16 -15
  173. pulumi_vault/outputs.py +73 -60
  174. pulumi_vault/password_policy.py +43 -42
  175. pulumi_vault/pkisecret/__init__.py +3 -0
  176. pulumi_vault/pkisecret/_inputs.py +31 -36
  177. pulumi_vault/pkisecret/backend_acme_eab.py +92 -91
  178. pulumi_vault/pkisecret/backend_config_acme.py +174 -126
  179. pulumi_vault/pkisecret/backend_config_auto_tidy.py +1377 -0
  180. pulumi_vault/pkisecret/backend_config_cluster.py +57 -56
  181. pulumi_vault/pkisecret/backend_config_cmpv2.py +152 -104
  182. pulumi_vault/pkisecret/backend_config_est.py +120 -119
  183. pulumi_vault/pkisecret/get_backend_cert_metadata.py +278 -0
  184. pulumi_vault/pkisecret/get_backend_config_cmpv2.py +35 -17
  185. pulumi_vault/pkisecret/get_backend_config_est.py +19 -18
  186. pulumi_vault/pkisecret/get_backend_issuer.py +139 -25
  187. pulumi_vault/pkisecret/get_backend_issuers.py +15 -14
  188. pulumi_vault/pkisecret/get_backend_key.py +20 -19
  189. pulumi_vault/pkisecret/get_backend_keys.py +15 -14
  190. pulumi_vault/pkisecret/outputs.py +28 -31
  191. pulumi_vault/pkisecret/secret_backend_cert.py +439 -297
  192. pulumi_vault/pkisecret/secret_backend_config_ca.py +43 -42
  193. pulumi_vault/pkisecret/secret_backend_config_issuers.py +57 -56
  194. pulumi_vault/pkisecret/secret_backend_config_urls.py +85 -84
  195. pulumi_vault/pkisecret/secret_backend_crl_config.py +237 -182
  196. pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +520 -378
  197. pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +57 -56
  198. pulumi_vault/pkisecret/secret_backend_issuer.py +441 -175
  199. pulumi_vault/pkisecret/secret_backend_key.py +120 -119
  200. pulumi_vault/pkisecret/secret_backend_role.py +894 -644
  201. pulumi_vault/pkisecret/secret_backend_root_cert.py +851 -427
  202. pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +936 -357
  203. pulumi_vault/pkisecret/secret_backend_sign.py +347 -252
  204. pulumi_vault/plugin.py +127 -126
  205. pulumi_vault/plugin_pinned_version.py +43 -42
  206. pulumi_vault/policy.py +43 -42
  207. pulumi_vault/provider.py +120 -119
  208. pulumi_vault/pulumi-plugin.json +1 -1
  209. pulumi_vault/quota_lease_count.py +85 -84
  210. pulumi_vault/quota_rate_limit.py +113 -112
  211. pulumi_vault/rabbitmq/__init__.py +1 -0
  212. pulumi_vault/rabbitmq/_inputs.py +41 -40
  213. pulumi_vault/rabbitmq/outputs.py +25 -24
  214. pulumi_vault/rabbitmq/secret_backend.py +169 -168
  215. pulumi_vault/rabbitmq/secret_backend_role.py +57 -56
  216. pulumi_vault/raft_autopilot.py +113 -112
  217. pulumi_vault/raft_snapshot_agent_config.py +393 -392
  218. pulumi_vault/rgp_policy.py +57 -56
  219. pulumi_vault/saml/__init__.py +1 -0
  220. pulumi_vault/saml/auth_backend.py +155 -154
  221. pulumi_vault/saml/auth_backend_role.py +239 -238
  222. pulumi_vault/secrets/__init__.py +1 -0
  223. pulumi_vault/secrets/_inputs.py +16 -15
  224. pulumi_vault/secrets/outputs.py +10 -9
  225. pulumi_vault/secrets/sync_association.py +71 -70
  226. pulumi_vault/secrets/sync_aws_destination.py +148 -147
  227. pulumi_vault/secrets/sync_azure_destination.py +148 -147
  228. pulumi_vault/secrets/sync_config.py +43 -42
  229. pulumi_vault/secrets/sync_gcp_destination.py +106 -105
  230. pulumi_vault/secrets/sync_gh_destination.py +134 -133
  231. pulumi_vault/secrets/sync_github_apps.py +64 -63
  232. pulumi_vault/secrets/sync_vercel_destination.py +120 -119
  233. pulumi_vault/ssh/__init__.py +2 -0
  234. pulumi_vault/ssh/_inputs.py +11 -10
  235. pulumi_vault/ssh/get_secret_backend_sign.py +295 -0
  236. pulumi_vault/ssh/outputs.py +7 -6
  237. pulumi_vault/ssh/secret_backend_ca.py +99 -98
  238. pulumi_vault/ssh/secret_backend_role.py +365 -364
  239. pulumi_vault/terraformcloud/__init__.py +1 -0
  240. pulumi_vault/terraformcloud/secret_backend.py +111 -110
  241. pulumi_vault/terraformcloud/secret_creds.py +74 -73
  242. pulumi_vault/terraformcloud/secret_role.py +96 -95
  243. pulumi_vault/token.py +246 -245
  244. pulumi_vault/tokenauth/__init__.py +1 -0
  245. pulumi_vault/tokenauth/auth_backend_role.py +267 -266
  246. pulumi_vault/transform/__init__.py +1 -0
  247. pulumi_vault/transform/alphabet.py +57 -56
  248. pulumi_vault/transform/get_decode.py +47 -46
  249. pulumi_vault/transform/get_encode.py +47 -46
  250. pulumi_vault/transform/role.py +57 -56
  251. pulumi_vault/transform/template.py +113 -112
  252. pulumi_vault/transform/transformation.py +141 -140
  253. pulumi_vault/transit/__init__.py +3 -0
  254. pulumi_vault/transit/get_decrypt.py +18 -17
  255. pulumi_vault/transit/get_encrypt.py +21 -20
  256. pulumi_vault/transit/get_sign.py +325 -0
  257. pulumi_vault/transit/get_verify.py +355 -0
  258. pulumi_vault/transit/secret_backend_key.py +394 -231
  259. pulumi_vault/transit/secret_cache_config.py +43 -42
  260. {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0.dist-info}/METADATA +2 -2
  261. pulumi_vault-6.7.0.dist-info/RECORD +265 -0
  262. {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0.dist-info}/WHEEL +1 -1
  263. pulumi_vault-6.6.0a1741415971.dist-info/RECORD +0 -260
  264. {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0.dist-info}/top_level.txt +0 -0
@@ -2,6 +2,7 @@
2
2
  # *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
3
3
  # *** Do not edit by hand unless you're certain you know what you are doing! ***
4
4
 
5
+ import builtins
5
6
  import copy
6
7
  import warnings
7
8
  import sys
@@ -21,11 +22,12 @@ __all__ = ['SecretBackendConnectionArgs', 'SecretBackendConnection']
21
22
  @pulumi.input_type
22
23
  class SecretBackendConnectionArgs:
23
24
  def __init__(__self__, *,
24
- backend: pulumi.Input[str],
25
- allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
25
+ backend: pulumi.Input[builtins.str],
26
+ allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
26
27
  cassandra: Optional[pulumi.Input['SecretBackendConnectionCassandraArgs']] = None,
27
28
  couchbase: Optional[pulumi.Input['SecretBackendConnectionCouchbaseArgs']] = None,
28
- data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
29
+ data: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
30
+ disable_automated_rotation: Optional[pulumi.Input[builtins.bool]] = None,
29
31
  elasticsearch: Optional[pulumi.Input['SecretBackendConnectionElasticsearchArgs']] = None,
30
32
  hana: Optional[pulumi.Input['SecretBackendConnectionHanaArgs']] = None,
31
33
  influxdb: Optional[pulumi.Input['SecretBackendConnectionInfluxdbArgs']] = None,
@@ -36,25 +38,29 @@ class SecretBackendConnectionArgs:
36
38
  mysql_aurora: Optional[pulumi.Input['SecretBackendConnectionMysqlAuroraArgs']] = None,
37
39
  mysql_legacy: Optional[pulumi.Input['SecretBackendConnectionMysqlLegacyArgs']] = None,
38
40
  mysql_rds: Optional[pulumi.Input['SecretBackendConnectionMysqlRdsArgs']] = None,
39
- name: Optional[pulumi.Input[str]] = None,
40
- namespace: Optional[pulumi.Input[str]] = None,
41
+ name: Optional[pulumi.Input[builtins.str]] = None,
42
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
41
43
  oracle: Optional[pulumi.Input['SecretBackendConnectionOracleArgs']] = None,
42
- plugin_name: Optional[pulumi.Input[str]] = None,
44
+ plugin_name: Optional[pulumi.Input[builtins.str]] = None,
43
45
  postgresql: Optional[pulumi.Input['SecretBackendConnectionPostgresqlArgs']] = None,
44
46
  redis: Optional[pulumi.Input['SecretBackendConnectionRedisArgs']] = None,
45
47
  redis_elasticache: Optional[pulumi.Input['SecretBackendConnectionRedisElasticacheArgs']] = None,
46
48
  redshift: Optional[pulumi.Input['SecretBackendConnectionRedshiftArgs']] = None,
47
- root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
49
+ root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
50
+ rotation_period: Optional[pulumi.Input[builtins.int]] = None,
51
+ rotation_schedule: Optional[pulumi.Input[builtins.str]] = None,
52
+ rotation_window: Optional[pulumi.Input[builtins.int]] = None,
48
53
  snowflake: Optional[pulumi.Input['SecretBackendConnectionSnowflakeArgs']] = None,
49
- verify_connection: Optional[pulumi.Input[bool]] = None):
54
+ verify_connection: Optional[pulumi.Input[builtins.bool]] = None):
50
55
  """
51
56
  The set of arguments for constructing a SecretBackendConnection resource.
52
- :param pulumi.Input[str] backend: The unique name of the Vault mount to configure.
53
- :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_roles: A list of roles that are allowed to use this
57
+ :param pulumi.Input[builtins.str] backend: The unique name of the Vault mount to configure.
58
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_roles: A list of roles that are allowed to use this
54
59
  connection.
55
60
  :param pulumi.Input['SecretBackendConnectionCassandraArgs'] cassandra: A nested block containing configuration options for Cassandra connections.
56
61
  :param pulumi.Input['SecretBackendConnectionCouchbaseArgs'] couchbase: A nested block containing configuration options for Couchbase connections.
57
- :param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
62
+ :param pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
63
+ :param pulumi.Input[builtins.bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
58
64
  :param pulumi.Input['SecretBackendConnectionElasticsearchArgs'] elasticsearch: A nested block containing configuration options for Elasticsearch connections.
59
65
  :param pulumi.Input['SecretBackendConnectionHanaArgs'] hana: A nested block containing configuration options for SAP HanaDB connections.
60
66
  :param pulumi.Input['SecretBackendConnectionInfluxdbArgs'] influxdb: A nested block containing configuration options for InfluxDB connections.
@@ -65,22 +71,29 @@ class SecretBackendConnectionArgs:
65
71
  :param pulumi.Input['SecretBackendConnectionMysqlAuroraArgs'] mysql_aurora: A nested block containing configuration options for Aurora MySQL connections.
66
72
  :param pulumi.Input['SecretBackendConnectionMysqlLegacyArgs'] mysql_legacy: A nested block containing configuration options for legacy MySQL connections.
67
73
  :param pulumi.Input['SecretBackendConnectionMysqlRdsArgs'] mysql_rds: A nested block containing configuration options for RDS MySQL connections.
68
- :param pulumi.Input[str] name: A unique name to give the database connection.
69
- :param pulumi.Input[str] namespace: The namespace to provision the resource in.
74
+ :param pulumi.Input[builtins.str] name: A unique name to give the database connection.
75
+ :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
70
76
  The value should not contain leading or trailing forward slashes.
71
77
  The `namespace` is always relative to the provider's configured namespace.
72
78
  *Available only for Vault Enterprise*.
73
79
  :param pulumi.Input['SecretBackendConnectionOracleArgs'] oracle: A nested block containing configuration options for Oracle connections.
74
- :param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use.
80
+ :param pulumi.Input[builtins.str] plugin_name: Specifies the name of the plugin to use.
75
81
  :param pulumi.Input['SecretBackendConnectionPostgresqlArgs'] postgresql: A nested block containing configuration options for PostgreSQL connections.
76
82
  :param pulumi.Input['SecretBackendConnectionRedisArgs'] redis: A nested block containing configuration options for Redis connections.
77
83
  :param pulumi.Input['SecretBackendConnectionRedisElasticacheArgs'] redis_elasticache: A nested block containing configuration options for Redis ElastiCache connections.
78
84
 
79
85
  Exactly one of the nested blocks of configuration options must be supplied.
80
86
  :param pulumi.Input['SecretBackendConnectionRedshiftArgs'] redshift: Connection parameters for the redshift-database-plugin plugin.
81
- :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
87
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
88
+ :param pulumi.Input[builtins.int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
89
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
90
+ :param pulumi.Input[builtins.str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
91
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
92
+ :param pulumi.Input[builtins.int] rotation_window: The maximum amount of time in seconds allowed to complete
93
+ a rotation when a scheduled token rotation occurs. The default rotation window is
94
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
82
95
  :param pulumi.Input['SecretBackendConnectionSnowflakeArgs'] snowflake: A nested block containing configuration options for Snowflake connections.
83
- :param pulumi.Input[bool] verify_connection: Whether the connection should be verified on
96
+ :param pulumi.Input[builtins.bool] verify_connection: Whether the connection should be verified on
84
97
  initial configuration or not.
85
98
  """
86
99
  pulumi.set(__self__, "backend", backend)
@@ -92,6 +105,8 @@ class SecretBackendConnectionArgs:
92
105
  pulumi.set(__self__, "couchbase", couchbase)
93
106
  if data is not None:
94
107
  pulumi.set(__self__, "data", data)
108
+ if disable_automated_rotation is not None:
109
+ pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
95
110
  if elasticsearch is not None:
96
111
  pulumi.set(__self__, "elasticsearch", elasticsearch)
97
112
  if hana is not None:
@@ -130,6 +145,12 @@ class SecretBackendConnectionArgs:
130
145
  pulumi.set(__self__, "redshift", redshift)
131
146
  if root_rotation_statements is not None:
132
147
  pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
148
+ if rotation_period is not None:
149
+ pulumi.set(__self__, "rotation_period", rotation_period)
150
+ if rotation_schedule is not None:
151
+ pulumi.set(__self__, "rotation_schedule", rotation_schedule)
152
+ if rotation_window is not None:
153
+ pulumi.set(__self__, "rotation_window", rotation_window)
133
154
  if snowflake is not None:
134
155
  pulumi.set(__self__, "snowflake", snowflake)
135
156
  if verify_connection is not None:
@@ -137,19 +158,19 @@ class SecretBackendConnectionArgs:
137
158
 
138
159
  @property
139
160
  @pulumi.getter
140
- def backend(self) -> pulumi.Input[str]:
161
+ def backend(self) -> pulumi.Input[builtins.str]:
141
162
  """
142
163
  The unique name of the Vault mount to configure.
143
164
  """
144
165
  return pulumi.get(self, "backend")
145
166
 
146
167
  @backend.setter
147
- def backend(self, value: pulumi.Input[str]):
168
+ def backend(self, value: pulumi.Input[builtins.str]):
148
169
  pulumi.set(self, "backend", value)
149
170
 
150
171
  @property
151
172
  @pulumi.getter(name="allowedRoles")
152
- def allowed_roles(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
173
+ def allowed_roles(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
153
174
  """
154
175
  A list of roles that are allowed to use this
155
176
  connection.
@@ -157,7 +178,7 @@ class SecretBackendConnectionArgs:
157
178
  return pulumi.get(self, "allowed_roles")
158
179
 
159
180
  @allowed_roles.setter
160
- def allowed_roles(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
181
+ def allowed_roles(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
161
182
  pulumi.set(self, "allowed_roles", value)
162
183
 
163
184
  @property
@@ -186,16 +207,28 @@ class SecretBackendConnectionArgs:
186
207
 
187
208
  @property
188
209
  @pulumi.getter
189
- def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
210
+ def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]:
190
211
  """
191
212
  A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
192
213
  """
193
214
  return pulumi.get(self, "data")
194
215
 
195
216
  @data.setter
196
- def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
217
+ def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]):
197
218
  pulumi.set(self, "data", value)
198
219
 
220
+ @property
221
+ @pulumi.getter(name="disableAutomatedRotation")
222
+ def disable_automated_rotation(self) -> Optional[pulumi.Input[builtins.bool]]:
223
+ """
224
+ Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
225
+ """
226
+ return pulumi.get(self, "disable_automated_rotation")
227
+
228
+ @disable_automated_rotation.setter
229
+ def disable_automated_rotation(self, value: Optional[pulumi.Input[builtins.bool]]):
230
+ pulumi.set(self, "disable_automated_rotation", value)
231
+
199
232
  @property
200
233
  @pulumi.getter
201
234
  def elasticsearch(self) -> Optional[pulumi.Input['SecretBackendConnectionElasticsearchArgs']]:
@@ -318,19 +351,19 @@ class SecretBackendConnectionArgs:
318
351
 
319
352
  @property
320
353
  @pulumi.getter
321
- def name(self) -> Optional[pulumi.Input[str]]:
354
+ def name(self) -> Optional[pulumi.Input[builtins.str]]:
322
355
  """
323
356
  A unique name to give the database connection.
324
357
  """
325
358
  return pulumi.get(self, "name")
326
359
 
327
360
  @name.setter
328
- def name(self, value: Optional[pulumi.Input[str]]):
361
+ def name(self, value: Optional[pulumi.Input[builtins.str]]):
329
362
  pulumi.set(self, "name", value)
330
363
 
331
364
  @property
332
365
  @pulumi.getter
333
- def namespace(self) -> Optional[pulumi.Input[str]]:
366
+ def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
334
367
  """
335
368
  The namespace to provision the resource in.
336
369
  The value should not contain leading or trailing forward slashes.
@@ -340,7 +373,7 @@ class SecretBackendConnectionArgs:
340
373
  return pulumi.get(self, "namespace")
341
374
 
342
375
  @namespace.setter
343
- def namespace(self, value: Optional[pulumi.Input[str]]):
376
+ def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
344
377
  pulumi.set(self, "namespace", value)
345
378
 
346
379
  @property
@@ -357,14 +390,14 @@ class SecretBackendConnectionArgs:
357
390
 
358
391
  @property
359
392
  @pulumi.getter(name="pluginName")
360
- def plugin_name(self) -> Optional[pulumi.Input[str]]:
393
+ def plugin_name(self) -> Optional[pulumi.Input[builtins.str]]:
361
394
  """
362
395
  Specifies the name of the plugin to use.
363
396
  """
364
397
  return pulumi.get(self, "plugin_name")
365
398
 
366
399
  @plugin_name.setter
367
- def plugin_name(self, value: Optional[pulumi.Input[str]]):
400
+ def plugin_name(self, value: Optional[pulumi.Input[builtins.str]]):
368
401
  pulumi.set(self, "plugin_name", value)
369
402
 
370
403
  @property
@@ -419,16 +452,56 @@ class SecretBackendConnectionArgs:
419
452
 
420
453
  @property
421
454
  @pulumi.getter(name="rootRotationStatements")
422
- def root_rotation_statements(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
455
+ def root_rotation_statements(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
423
456
  """
424
457
  A list of database statements to be executed to rotate the root user's credentials.
425
458
  """
426
459
  return pulumi.get(self, "root_rotation_statements")
427
460
 
428
461
  @root_rotation_statements.setter
429
- def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
462
+ def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
430
463
  pulumi.set(self, "root_rotation_statements", value)
431
464
 
465
+ @property
466
+ @pulumi.getter(name="rotationPeriod")
467
+ def rotation_period(self) -> Optional[pulumi.Input[builtins.int]]:
468
+ """
469
+ The amount of time in seconds Vault should wait before rotating the root credential.
470
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
471
+ """
472
+ return pulumi.get(self, "rotation_period")
473
+
474
+ @rotation_period.setter
475
+ def rotation_period(self, value: Optional[pulumi.Input[builtins.int]]):
476
+ pulumi.set(self, "rotation_period", value)
477
+
478
+ @property
479
+ @pulumi.getter(name="rotationSchedule")
480
+ def rotation_schedule(self) -> Optional[pulumi.Input[builtins.str]]:
481
+ """
482
+ The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
483
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
484
+ """
485
+ return pulumi.get(self, "rotation_schedule")
486
+
487
+ @rotation_schedule.setter
488
+ def rotation_schedule(self, value: Optional[pulumi.Input[builtins.str]]):
489
+ pulumi.set(self, "rotation_schedule", value)
490
+
491
+ @property
492
+ @pulumi.getter(name="rotationWindow")
493
+ def rotation_window(self) -> Optional[pulumi.Input[builtins.int]]:
494
+ """
495
+ The maximum amount of time in seconds allowed to complete
496
+ a rotation when a scheduled token rotation occurs. The default rotation window is
497
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
498
+ """
499
+ return pulumi.get(self, "rotation_window")
500
+
501
+ @rotation_window.setter
502
+ def rotation_window(self, value: Optional[pulumi.Input[builtins.int]]):
503
+ pulumi.set(self, "rotation_window", value)
504
+
432
505
  @property
433
506
  @pulumi.getter
434
507
  def snowflake(self) -> Optional[pulumi.Input['SecretBackendConnectionSnowflakeArgs']]:
@@ -443,7 +516,7 @@ class SecretBackendConnectionArgs:
443
516
 
444
517
  @property
445
518
  @pulumi.getter(name="verifyConnection")
446
- def verify_connection(self) -> Optional[pulumi.Input[bool]]:
519
+ def verify_connection(self) -> Optional[pulumi.Input[builtins.bool]]:
447
520
  """
448
521
  Whether the connection should be verified on
449
522
  initial configuration or not.
@@ -451,18 +524,19 @@ class SecretBackendConnectionArgs:
451
524
  return pulumi.get(self, "verify_connection")
452
525
 
453
526
  @verify_connection.setter
454
- def verify_connection(self, value: Optional[pulumi.Input[bool]]):
527
+ def verify_connection(self, value: Optional[pulumi.Input[builtins.bool]]):
455
528
  pulumi.set(self, "verify_connection", value)
456
529
 
457
530
 
458
531
  @pulumi.input_type
459
532
  class _SecretBackendConnectionState:
460
533
  def __init__(__self__, *,
461
- allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
462
- backend: Optional[pulumi.Input[str]] = None,
534
+ allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
535
+ backend: Optional[pulumi.Input[builtins.str]] = None,
463
536
  cassandra: Optional[pulumi.Input['SecretBackendConnectionCassandraArgs']] = None,
464
537
  couchbase: Optional[pulumi.Input['SecretBackendConnectionCouchbaseArgs']] = None,
465
- data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
538
+ data: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
539
+ disable_automated_rotation: Optional[pulumi.Input[builtins.bool]] = None,
466
540
  elasticsearch: Optional[pulumi.Input['SecretBackendConnectionElasticsearchArgs']] = None,
467
541
  hana: Optional[pulumi.Input['SecretBackendConnectionHanaArgs']] = None,
468
542
  influxdb: Optional[pulumi.Input['SecretBackendConnectionInfluxdbArgs']] = None,
@@ -473,25 +547,29 @@ class _SecretBackendConnectionState:
473
547
  mysql_aurora: Optional[pulumi.Input['SecretBackendConnectionMysqlAuroraArgs']] = None,
474
548
  mysql_legacy: Optional[pulumi.Input['SecretBackendConnectionMysqlLegacyArgs']] = None,
475
549
  mysql_rds: Optional[pulumi.Input['SecretBackendConnectionMysqlRdsArgs']] = None,
476
- name: Optional[pulumi.Input[str]] = None,
477
- namespace: Optional[pulumi.Input[str]] = None,
550
+ name: Optional[pulumi.Input[builtins.str]] = None,
551
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
478
552
  oracle: Optional[pulumi.Input['SecretBackendConnectionOracleArgs']] = None,
479
- plugin_name: Optional[pulumi.Input[str]] = None,
553
+ plugin_name: Optional[pulumi.Input[builtins.str]] = None,
480
554
  postgresql: Optional[pulumi.Input['SecretBackendConnectionPostgresqlArgs']] = None,
481
555
  redis: Optional[pulumi.Input['SecretBackendConnectionRedisArgs']] = None,
482
556
  redis_elasticache: Optional[pulumi.Input['SecretBackendConnectionRedisElasticacheArgs']] = None,
483
557
  redshift: Optional[pulumi.Input['SecretBackendConnectionRedshiftArgs']] = None,
484
- root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
558
+ root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
559
+ rotation_period: Optional[pulumi.Input[builtins.int]] = None,
560
+ rotation_schedule: Optional[pulumi.Input[builtins.str]] = None,
561
+ rotation_window: Optional[pulumi.Input[builtins.int]] = None,
485
562
  snowflake: Optional[pulumi.Input['SecretBackendConnectionSnowflakeArgs']] = None,
486
- verify_connection: Optional[pulumi.Input[bool]] = None):
563
+ verify_connection: Optional[pulumi.Input[builtins.bool]] = None):
487
564
  """
488
565
  Input properties used for looking up and filtering SecretBackendConnection resources.
489
- :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_roles: A list of roles that are allowed to use this
566
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_roles: A list of roles that are allowed to use this
490
567
  connection.
491
- :param pulumi.Input[str] backend: The unique name of the Vault mount to configure.
568
+ :param pulumi.Input[builtins.str] backend: The unique name of the Vault mount to configure.
492
569
  :param pulumi.Input['SecretBackendConnectionCassandraArgs'] cassandra: A nested block containing configuration options for Cassandra connections.
493
570
  :param pulumi.Input['SecretBackendConnectionCouchbaseArgs'] couchbase: A nested block containing configuration options for Couchbase connections.
494
- :param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
571
+ :param pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
572
+ :param pulumi.Input[builtins.bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
495
573
  :param pulumi.Input['SecretBackendConnectionElasticsearchArgs'] elasticsearch: A nested block containing configuration options for Elasticsearch connections.
496
574
  :param pulumi.Input['SecretBackendConnectionHanaArgs'] hana: A nested block containing configuration options for SAP HanaDB connections.
497
575
  :param pulumi.Input['SecretBackendConnectionInfluxdbArgs'] influxdb: A nested block containing configuration options for InfluxDB connections.
@@ -502,22 +580,29 @@ class _SecretBackendConnectionState:
502
580
  :param pulumi.Input['SecretBackendConnectionMysqlAuroraArgs'] mysql_aurora: A nested block containing configuration options for Aurora MySQL connections.
503
581
  :param pulumi.Input['SecretBackendConnectionMysqlLegacyArgs'] mysql_legacy: A nested block containing configuration options for legacy MySQL connections.
504
582
  :param pulumi.Input['SecretBackendConnectionMysqlRdsArgs'] mysql_rds: A nested block containing configuration options for RDS MySQL connections.
505
- :param pulumi.Input[str] name: A unique name to give the database connection.
506
- :param pulumi.Input[str] namespace: The namespace to provision the resource in.
583
+ :param pulumi.Input[builtins.str] name: A unique name to give the database connection.
584
+ :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
507
585
  The value should not contain leading or trailing forward slashes.
508
586
  The `namespace` is always relative to the provider's configured namespace.
509
587
  *Available only for Vault Enterprise*.
510
588
  :param pulumi.Input['SecretBackendConnectionOracleArgs'] oracle: A nested block containing configuration options for Oracle connections.
511
- :param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use.
589
+ :param pulumi.Input[builtins.str] plugin_name: Specifies the name of the plugin to use.
512
590
  :param pulumi.Input['SecretBackendConnectionPostgresqlArgs'] postgresql: A nested block containing configuration options for PostgreSQL connections.
513
591
  :param pulumi.Input['SecretBackendConnectionRedisArgs'] redis: A nested block containing configuration options for Redis connections.
514
592
  :param pulumi.Input['SecretBackendConnectionRedisElasticacheArgs'] redis_elasticache: A nested block containing configuration options for Redis ElastiCache connections.
515
593
 
516
594
  Exactly one of the nested blocks of configuration options must be supplied.
517
595
  :param pulumi.Input['SecretBackendConnectionRedshiftArgs'] redshift: Connection parameters for the redshift-database-plugin plugin.
518
- :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
596
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
597
+ :param pulumi.Input[builtins.int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
598
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
599
+ :param pulumi.Input[builtins.str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
600
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
601
+ :param pulumi.Input[builtins.int] rotation_window: The maximum amount of time in seconds allowed to complete
602
+ a rotation when a scheduled token rotation occurs. The default rotation window is
603
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
519
604
  :param pulumi.Input['SecretBackendConnectionSnowflakeArgs'] snowflake: A nested block containing configuration options for Snowflake connections.
520
- :param pulumi.Input[bool] verify_connection: Whether the connection should be verified on
605
+ :param pulumi.Input[builtins.bool] verify_connection: Whether the connection should be verified on
521
606
  initial configuration or not.
522
607
  """
523
608
  if allowed_roles is not None:
@@ -530,6 +615,8 @@ class _SecretBackendConnectionState:
530
615
  pulumi.set(__self__, "couchbase", couchbase)
531
616
  if data is not None:
532
617
  pulumi.set(__self__, "data", data)
618
+ if disable_automated_rotation is not None:
619
+ pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
533
620
  if elasticsearch is not None:
534
621
  pulumi.set(__self__, "elasticsearch", elasticsearch)
535
622
  if hana is not None:
@@ -568,6 +655,12 @@ class _SecretBackendConnectionState:
568
655
  pulumi.set(__self__, "redshift", redshift)
569
656
  if root_rotation_statements is not None:
570
657
  pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
658
+ if rotation_period is not None:
659
+ pulumi.set(__self__, "rotation_period", rotation_period)
660
+ if rotation_schedule is not None:
661
+ pulumi.set(__self__, "rotation_schedule", rotation_schedule)
662
+ if rotation_window is not None:
663
+ pulumi.set(__self__, "rotation_window", rotation_window)
571
664
  if snowflake is not None:
572
665
  pulumi.set(__self__, "snowflake", snowflake)
573
666
  if verify_connection is not None:
@@ -575,7 +668,7 @@ class _SecretBackendConnectionState:
575
668
 
576
669
  @property
577
670
  @pulumi.getter(name="allowedRoles")
578
- def allowed_roles(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
671
+ def allowed_roles(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
579
672
  """
580
673
  A list of roles that are allowed to use this
581
674
  connection.
@@ -583,19 +676,19 @@ class _SecretBackendConnectionState:
583
676
  return pulumi.get(self, "allowed_roles")
584
677
 
585
678
  @allowed_roles.setter
586
- def allowed_roles(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
679
+ def allowed_roles(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
587
680
  pulumi.set(self, "allowed_roles", value)
588
681
 
589
682
  @property
590
683
  @pulumi.getter
591
- def backend(self) -> Optional[pulumi.Input[str]]:
684
+ def backend(self) -> Optional[pulumi.Input[builtins.str]]:
592
685
  """
593
686
  The unique name of the Vault mount to configure.
594
687
  """
595
688
  return pulumi.get(self, "backend")
596
689
 
597
690
  @backend.setter
598
- def backend(self, value: Optional[pulumi.Input[str]]):
691
+ def backend(self, value: Optional[pulumi.Input[builtins.str]]):
599
692
  pulumi.set(self, "backend", value)
600
693
 
601
694
  @property
@@ -624,16 +717,28 @@ class _SecretBackendConnectionState:
624
717
 
625
718
  @property
626
719
  @pulumi.getter
627
- def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
720
+ def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]:
628
721
  """
629
722
  A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
630
723
  """
631
724
  return pulumi.get(self, "data")
632
725
 
633
726
  @data.setter
634
- def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
727
+ def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]):
635
728
  pulumi.set(self, "data", value)
636
729
 
730
+ @property
731
+ @pulumi.getter(name="disableAutomatedRotation")
732
+ def disable_automated_rotation(self) -> Optional[pulumi.Input[builtins.bool]]:
733
+ """
734
+ Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
735
+ """
736
+ return pulumi.get(self, "disable_automated_rotation")
737
+
738
+ @disable_automated_rotation.setter
739
+ def disable_automated_rotation(self, value: Optional[pulumi.Input[builtins.bool]]):
740
+ pulumi.set(self, "disable_automated_rotation", value)
741
+
637
742
  @property
638
743
  @pulumi.getter
639
744
  def elasticsearch(self) -> Optional[pulumi.Input['SecretBackendConnectionElasticsearchArgs']]:
@@ -756,19 +861,19 @@ class _SecretBackendConnectionState:
756
861
 
757
862
  @property
758
863
  @pulumi.getter
759
- def name(self) -> Optional[pulumi.Input[str]]:
864
+ def name(self) -> Optional[pulumi.Input[builtins.str]]:
760
865
  """
761
866
  A unique name to give the database connection.
762
867
  """
763
868
  return pulumi.get(self, "name")
764
869
 
765
870
  @name.setter
766
- def name(self, value: Optional[pulumi.Input[str]]):
871
+ def name(self, value: Optional[pulumi.Input[builtins.str]]):
767
872
  pulumi.set(self, "name", value)
768
873
 
769
874
  @property
770
875
  @pulumi.getter
771
- def namespace(self) -> Optional[pulumi.Input[str]]:
876
+ def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
772
877
  """
773
878
  The namespace to provision the resource in.
774
879
  The value should not contain leading or trailing forward slashes.
@@ -778,7 +883,7 @@ class _SecretBackendConnectionState:
778
883
  return pulumi.get(self, "namespace")
779
884
 
780
885
  @namespace.setter
781
- def namespace(self, value: Optional[pulumi.Input[str]]):
886
+ def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
782
887
  pulumi.set(self, "namespace", value)
783
888
 
784
889
  @property
@@ -795,14 +900,14 @@ class _SecretBackendConnectionState:
795
900
 
796
901
  @property
797
902
  @pulumi.getter(name="pluginName")
798
- def plugin_name(self) -> Optional[pulumi.Input[str]]:
903
+ def plugin_name(self) -> Optional[pulumi.Input[builtins.str]]:
799
904
  """
800
905
  Specifies the name of the plugin to use.
801
906
  """
802
907
  return pulumi.get(self, "plugin_name")
803
908
 
804
909
  @plugin_name.setter
805
- def plugin_name(self, value: Optional[pulumi.Input[str]]):
910
+ def plugin_name(self, value: Optional[pulumi.Input[builtins.str]]):
806
911
  pulumi.set(self, "plugin_name", value)
807
912
 
808
913
  @property
@@ -857,16 +962,56 @@ class _SecretBackendConnectionState:
857
962
 
858
963
  @property
859
964
  @pulumi.getter(name="rootRotationStatements")
860
- def root_rotation_statements(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
965
+ def root_rotation_statements(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
861
966
  """
862
967
  A list of database statements to be executed to rotate the root user's credentials.
863
968
  """
864
969
  return pulumi.get(self, "root_rotation_statements")
865
970
 
866
971
  @root_rotation_statements.setter
867
- def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
972
+ def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
868
973
  pulumi.set(self, "root_rotation_statements", value)
869
974
 
975
+ @property
976
+ @pulumi.getter(name="rotationPeriod")
977
+ def rotation_period(self) -> Optional[pulumi.Input[builtins.int]]:
978
+ """
979
+ The amount of time in seconds Vault should wait before rotating the root credential.
980
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
981
+ """
982
+ return pulumi.get(self, "rotation_period")
983
+
984
+ @rotation_period.setter
985
+ def rotation_period(self, value: Optional[pulumi.Input[builtins.int]]):
986
+ pulumi.set(self, "rotation_period", value)
987
+
988
+ @property
989
+ @pulumi.getter(name="rotationSchedule")
990
+ def rotation_schedule(self) -> Optional[pulumi.Input[builtins.str]]:
991
+ """
992
+ The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
993
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
994
+ """
995
+ return pulumi.get(self, "rotation_schedule")
996
+
997
+ @rotation_schedule.setter
998
+ def rotation_schedule(self, value: Optional[pulumi.Input[builtins.str]]):
999
+ pulumi.set(self, "rotation_schedule", value)
1000
+
1001
+ @property
1002
+ @pulumi.getter(name="rotationWindow")
1003
+ def rotation_window(self) -> Optional[pulumi.Input[builtins.int]]:
1004
+ """
1005
+ The maximum amount of time in seconds allowed to complete
1006
+ a rotation when a scheduled token rotation occurs. The default rotation window is
1007
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
1008
+ """
1009
+ return pulumi.get(self, "rotation_window")
1010
+
1011
+ @rotation_window.setter
1012
+ def rotation_window(self, value: Optional[pulumi.Input[builtins.int]]):
1013
+ pulumi.set(self, "rotation_window", value)
1014
+
870
1015
  @property
871
1016
  @pulumi.getter
872
1017
  def snowflake(self) -> Optional[pulumi.Input['SecretBackendConnectionSnowflakeArgs']]:
@@ -881,7 +1026,7 @@ class _SecretBackendConnectionState:
881
1026
 
882
1027
  @property
883
1028
  @pulumi.getter(name="verifyConnection")
884
- def verify_connection(self) -> Optional[pulumi.Input[bool]]:
1029
+ def verify_connection(self) -> Optional[pulumi.Input[builtins.bool]]:
885
1030
  """
886
1031
  Whether the connection should be verified on
887
1032
  initial configuration or not.
@@ -889,7 +1034,7 @@ class _SecretBackendConnectionState:
889
1034
  return pulumi.get(self, "verify_connection")
890
1035
 
891
1036
  @verify_connection.setter
892
- def verify_connection(self, value: Optional[pulumi.Input[bool]]):
1037
+ def verify_connection(self, value: Optional[pulumi.Input[builtins.bool]]):
893
1038
  pulumi.set(self, "verify_connection", value)
894
1039
 
895
1040
 
@@ -898,11 +1043,12 @@ class SecretBackendConnection(pulumi.CustomResource):
898
1043
  def __init__(__self__,
899
1044
  resource_name: str,
900
1045
  opts: Optional[pulumi.ResourceOptions] = None,
901
- allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
902
- backend: Optional[pulumi.Input[str]] = None,
1046
+ allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1047
+ backend: Optional[pulumi.Input[builtins.str]] = None,
903
1048
  cassandra: Optional[pulumi.Input[Union['SecretBackendConnectionCassandraArgs', 'SecretBackendConnectionCassandraArgsDict']]] = None,
904
1049
  couchbase: Optional[pulumi.Input[Union['SecretBackendConnectionCouchbaseArgs', 'SecretBackendConnectionCouchbaseArgsDict']]] = None,
905
- data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
1050
+ data: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
1051
+ disable_automated_rotation: Optional[pulumi.Input[builtins.bool]] = None,
906
1052
  elasticsearch: Optional[pulumi.Input[Union['SecretBackendConnectionElasticsearchArgs', 'SecretBackendConnectionElasticsearchArgsDict']]] = None,
907
1053
  hana: Optional[pulumi.Input[Union['SecretBackendConnectionHanaArgs', 'SecretBackendConnectionHanaArgsDict']]] = None,
908
1054
  influxdb: Optional[pulumi.Input[Union['SecretBackendConnectionInfluxdbArgs', 'SecretBackendConnectionInfluxdbArgsDict']]] = None,
@@ -913,17 +1059,20 @@ class SecretBackendConnection(pulumi.CustomResource):
913
1059
  mysql_aurora: Optional[pulumi.Input[Union['SecretBackendConnectionMysqlAuroraArgs', 'SecretBackendConnectionMysqlAuroraArgsDict']]] = None,
914
1060
  mysql_legacy: Optional[pulumi.Input[Union['SecretBackendConnectionMysqlLegacyArgs', 'SecretBackendConnectionMysqlLegacyArgsDict']]] = None,
915
1061
  mysql_rds: Optional[pulumi.Input[Union['SecretBackendConnectionMysqlRdsArgs', 'SecretBackendConnectionMysqlRdsArgsDict']]] = None,
916
- name: Optional[pulumi.Input[str]] = None,
917
- namespace: Optional[pulumi.Input[str]] = None,
1062
+ name: Optional[pulumi.Input[builtins.str]] = None,
1063
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
918
1064
  oracle: Optional[pulumi.Input[Union['SecretBackendConnectionOracleArgs', 'SecretBackendConnectionOracleArgsDict']]] = None,
919
- plugin_name: Optional[pulumi.Input[str]] = None,
1065
+ plugin_name: Optional[pulumi.Input[builtins.str]] = None,
920
1066
  postgresql: Optional[pulumi.Input[Union['SecretBackendConnectionPostgresqlArgs', 'SecretBackendConnectionPostgresqlArgsDict']]] = None,
921
1067
  redis: Optional[pulumi.Input[Union['SecretBackendConnectionRedisArgs', 'SecretBackendConnectionRedisArgsDict']]] = None,
922
1068
  redis_elasticache: Optional[pulumi.Input[Union['SecretBackendConnectionRedisElasticacheArgs', 'SecretBackendConnectionRedisElasticacheArgsDict']]] = None,
923
1069
  redshift: Optional[pulumi.Input[Union['SecretBackendConnectionRedshiftArgs', 'SecretBackendConnectionRedshiftArgsDict']]] = None,
924
- root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
1070
+ root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1071
+ rotation_period: Optional[pulumi.Input[builtins.int]] = None,
1072
+ rotation_schedule: Optional[pulumi.Input[builtins.str]] = None,
1073
+ rotation_window: Optional[pulumi.Input[builtins.int]] = None,
925
1074
  snowflake: Optional[pulumi.Input[Union['SecretBackendConnectionSnowflakeArgs', 'SecretBackendConnectionSnowflakeArgsDict']]] = None,
926
- verify_connection: Optional[pulumi.Input[bool]] = None,
1075
+ verify_connection: Optional[pulumi.Input[builtins.bool]] = None,
927
1076
  __props__=None):
928
1077
  """
929
1078
  ## Example Usage
@@ -942,6 +1091,8 @@ class SecretBackendConnection(pulumi.CustomResource):
942
1091
  "dev",
943
1092
  "prod",
944
1093
  ],
1094
+ rotation_schedule="0 * * * SAT",
1095
+ rotation_window=3600,
945
1096
  postgresql={
946
1097
  "connection_url": "postgres://username:password@host:port/database",
947
1098
  })
@@ -957,12 +1108,13 @@ class SecretBackendConnection(pulumi.CustomResource):
957
1108
 
958
1109
  :param str resource_name: The name of the resource.
959
1110
  :param pulumi.ResourceOptions opts: Options for the resource.
960
- :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_roles: A list of roles that are allowed to use this
1111
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_roles: A list of roles that are allowed to use this
961
1112
  connection.
962
- :param pulumi.Input[str] backend: The unique name of the Vault mount to configure.
1113
+ :param pulumi.Input[builtins.str] backend: The unique name of the Vault mount to configure.
963
1114
  :param pulumi.Input[Union['SecretBackendConnectionCassandraArgs', 'SecretBackendConnectionCassandraArgsDict']] cassandra: A nested block containing configuration options for Cassandra connections.
964
1115
  :param pulumi.Input[Union['SecretBackendConnectionCouchbaseArgs', 'SecretBackendConnectionCouchbaseArgsDict']] couchbase: A nested block containing configuration options for Couchbase connections.
965
- :param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
1116
+ :param pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
1117
+ :param pulumi.Input[builtins.bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
966
1118
  :param pulumi.Input[Union['SecretBackendConnectionElasticsearchArgs', 'SecretBackendConnectionElasticsearchArgsDict']] elasticsearch: A nested block containing configuration options for Elasticsearch connections.
967
1119
  :param pulumi.Input[Union['SecretBackendConnectionHanaArgs', 'SecretBackendConnectionHanaArgsDict']] hana: A nested block containing configuration options for SAP HanaDB connections.
968
1120
  :param pulumi.Input[Union['SecretBackendConnectionInfluxdbArgs', 'SecretBackendConnectionInfluxdbArgsDict']] influxdb: A nested block containing configuration options for InfluxDB connections.
@@ -973,22 +1125,29 @@ class SecretBackendConnection(pulumi.CustomResource):
973
1125
  :param pulumi.Input[Union['SecretBackendConnectionMysqlAuroraArgs', 'SecretBackendConnectionMysqlAuroraArgsDict']] mysql_aurora: A nested block containing configuration options for Aurora MySQL connections.
974
1126
  :param pulumi.Input[Union['SecretBackendConnectionMysqlLegacyArgs', 'SecretBackendConnectionMysqlLegacyArgsDict']] mysql_legacy: A nested block containing configuration options for legacy MySQL connections.
975
1127
  :param pulumi.Input[Union['SecretBackendConnectionMysqlRdsArgs', 'SecretBackendConnectionMysqlRdsArgsDict']] mysql_rds: A nested block containing configuration options for RDS MySQL connections.
976
- :param pulumi.Input[str] name: A unique name to give the database connection.
977
- :param pulumi.Input[str] namespace: The namespace to provision the resource in.
1128
+ :param pulumi.Input[builtins.str] name: A unique name to give the database connection.
1129
+ :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
978
1130
  The value should not contain leading or trailing forward slashes.
979
1131
  The `namespace` is always relative to the provider's configured namespace.
980
1132
  *Available only for Vault Enterprise*.
981
1133
  :param pulumi.Input[Union['SecretBackendConnectionOracleArgs', 'SecretBackendConnectionOracleArgsDict']] oracle: A nested block containing configuration options for Oracle connections.
982
- :param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use.
1134
+ :param pulumi.Input[builtins.str] plugin_name: Specifies the name of the plugin to use.
983
1135
  :param pulumi.Input[Union['SecretBackendConnectionPostgresqlArgs', 'SecretBackendConnectionPostgresqlArgsDict']] postgresql: A nested block containing configuration options for PostgreSQL connections.
984
1136
  :param pulumi.Input[Union['SecretBackendConnectionRedisArgs', 'SecretBackendConnectionRedisArgsDict']] redis: A nested block containing configuration options for Redis connections.
985
1137
  :param pulumi.Input[Union['SecretBackendConnectionRedisElasticacheArgs', 'SecretBackendConnectionRedisElasticacheArgsDict']] redis_elasticache: A nested block containing configuration options for Redis ElastiCache connections.
986
1138
 
987
1139
  Exactly one of the nested blocks of configuration options must be supplied.
988
1140
  :param pulumi.Input[Union['SecretBackendConnectionRedshiftArgs', 'SecretBackendConnectionRedshiftArgsDict']] redshift: Connection parameters for the redshift-database-plugin plugin.
989
- :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
1141
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
1142
+ :param pulumi.Input[builtins.int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
1143
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
1144
+ :param pulumi.Input[builtins.str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
1145
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
1146
+ :param pulumi.Input[builtins.int] rotation_window: The maximum amount of time in seconds allowed to complete
1147
+ a rotation when a scheduled token rotation occurs. The default rotation window is
1148
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
990
1149
  :param pulumi.Input[Union['SecretBackendConnectionSnowflakeArgs', 'SecretBackendConnectionSnowflakeArgsDict']] snowflake: A nested block containing configuration options for Snowflake connections.
991
- :param pulumi.Input[bool] verify_connection: Whether the connection should be verified on
1150
+ :param pulumi.Input[builtins.bool] verify_connection: Whether the connection should be verified on
992
1151
  initial configuration or not.
993
1152
  """
994
1153
  ...
@@ -1014,6 +1173,8 @@ class SecretBackendConnection(pulumi.CustomResource):
1014
1173
  "dev",
1015
1174
  "prod",
1016
1175
  ],
1176
+ rotation_schedule="0 * * * SAT",
1177
+ rotation_window=3600,
1017
1178
  postgresql={
1018
1179
  "connection_url": "postgres://username:password@host:port/database",
1019
1180
  })
@@ -1042,11 +1203,12 @@ class SecretBackendConnection(pulumi.CustomResource):
1042
1203
  def _internal_init(__self__,
1043
1204
  resource_name: str,
1044
1205
  opts: Optional[pulumi.ResourceOptions] = None,
1045
- allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
1046
- backend: Optional[pulumi.Input[str]] = None,
1206
+ allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1207
+ backend: Optional[pulumi.Input[builtins.str]] = None,
1047
1208
  cassandra: Optional[pulumi.Input[Union['SecretBackendConnectionCassandraArgs', 'SecretBackendConnectionCassandraArgsDict']]] = None,
1048
1209
  couchbase: Optional[pulumi.Input[Union['SecretBackendConnectionCouchbaseArgs', 'SecretBackendConnectionCouchbaseArgsDict']]] = None,
1049
- data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
1210
+ data: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
1211
+ disable_automated_rotation: Optional[pulumi.Input[builtins.bool]] = None,
1050
1212
  elasticsearch: Optional[pulumi.Input[Union['SecretBackendConnectionElasticsearchArgs', 'SecretBackendConnectionElasticsearchArgsDict']]] = None,
1051
1213
  hana: Optional[pulumi.Input[Union['SecretBackendConnectionHanaArgs', 'SecretBackendConnectionHanaArgsDict']]] = None,
1052
1214
  influxdb: Optional[pulumi.Input[Union['SecretBackendConnectionInfluxdbArgs', 'SecretBackendConnectionInfluxdbArgsDict']]] = None,
@@ -1057,17 +1219,20 @@ class SecretBackendConnection(pulumi.CustomResource):
1057
1219
  mysql_aurora: Optional[pulumi.Input[Union['SecretBackendConnectionMysqlAuroraArgs', 'SecretBackendConnectionMysqlAuroraArgsDict']]] = None,
1058
1220
  mysql_legacy: Optional[pulumi.Input[Union['SecretBackendConnectionMysqlLegacyArgs', 'SecretBackendConnectionMysqlLegacyArgsDict']]] = None,
1059
1221
  mysql_rds: Optional[pulumi.Input[Union['SecretBackendConnectionMysqlRdsArgs', 'SecretBackendConnectionMysqlRdsArgsDict']]] = None,
1060
- name: Optional[pulumi.Input[str]] = None,
1061
- namespace: Optional[pulumi.Input[str]] = None,
1222
+ name: Optional[pulumi.Input[builtins.str]] = None,
1223
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
1062
1224
  oracle: Optional[pulumi.Input[Union['SecretBackendConnectionOracleArgs', 'SecretBackendConnectionOracleArgsDict']]] = None,
1063
- plugin_name: Optional[pulumi.Input[str]] = None,
1225
+ plugin_name: Optional[pulumi.Input[builtins.str]] = None,
1064
1226
  postgresql: Optional[pulumi.Input[Union['SecretBackendConnectionPostgresqlArgs', 'SecretBackendConnectionPostgresqlArgsDict']]] = None,
1065
1227
  redis: Optional[pulumi.Input[Union['SecretBackendConnectionRedisArgs', 'SecretBackendConnectionRedisArgsDict']]] = None,
1066
1228
  redis_elasticache: Optional[pulumi.Input[Union['SecretBackendConnectionRedisElasticacheArgs', 'SecretBackendConnectionRedisElasticacheArgsDict']]] = None,
1067
1229
  redshift: Optional[pulumi.Input[Union['SecretBackendConnectionRedshiftArgs', 'SecretBackendConnectionRedshiftArgsDict']]] = None,
1068
- root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
1230
+ root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1231
+ rotation_period: Optional[pulumi.Input[builtins.int]] = None,
1232
+ rotation_schedule: Optional[pulumi.Input[builtins.str]] = None,
1233
+ rotation_window: Optional[pulumi.Input[builtins.int]] = None,
1069
1234
  snowflake: Optional[pulumi.Input[Union['SecretBackendConnectionSnowflakeArgs', 'SecretBackendConnectionSnowflakeArgsDict']]] = None,
1070
- verify_connection: Optional[pulumi.Input[bool]] = None,
1235
+ verify_connection: Optional[pulumi.Input[builtins.bool]] = None,
1071
1236
  __props__=None):
1072
1237
  opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
1073
1238
  if not isinstance(opts, pulumi.ResourceOptions):
@@ -1084,6 +1249,7 @@ class SecretBackendConnection(pulumi.CustomResource):
1084
1249
  __props__.__dict__["cassandra"] = cassandra
1085
1250
  __props__.__dict__["couchbase"] = couchbase
1086
1251
  __props__.__dict__["data"] = data
1252
+ __props__.__dict__["disable_automated_rotation"] = disable_automated_rotation
1087
1253
  __props__.__dict__["elasticsearch"] = elasticsearch
1088
1254
  __props__.__dict__["hana"] = hana
1089
1255
  __props__.__dict__["influxdb"] = influxdb
@@ -1103,6 +1269,9 @@ class SecretBackendConnection(pulumi.CustomResource):
1103
1269
  __props__.__dict__["redis_elasticache"] = redis_elasticache
1104
1270
  __props__.__dict__["redshift"] = redshift
1105
1271
  __props__.__dict__["root_rotation_statements"] = root_rotation_statements
1272
+ __props__.__dict__["rotation_period"] = rotation_period
1273
+ __props__.__dict__["rotation_schedule"] = rotation_schedule
1274
+ __props__.__dict__["rotation_window"] = rotation_window
1106
1275
  __props__.__dict__["snowflake"] = snowflake
1107
1276
  __props__.__dict__["verify_connection"] = verify_connection
1108
1277
  super(SecretBackendConnection, __self__).__init__(
@@ -1115,11 +1284,12 @@ class SecretBackendConnection(pulumi.CustomResource):
1115
1284
  def get(resource_name: str,
1116
1285
  id: pulumi.Input[str],
1117
1286
  opts: Optional[pulumi.ResourceOptions] = None,
1118
- allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
1119
- backend: Optional[pulumi.Input[str]] = None,
1287
+ allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1288
+ backend: Optional[pulumi.Input[builtins.str]] = None,
1120
1289
  cassandra: Optional[pulumi.Input[Union['SecretBackendConnectionCassandraArgs', 'SecretBackendConnectionCassandraArgsDict']]] = None,
1121
1290
  couchbase: Optional[pulumi.Input[Union['SecretBackendConnectionCouchbaseArgs', 'SecretBackendConnectionCouchbaseArgsDict']]] = None,
1122
- data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
1291
+ data: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
1292
+ disable_automated_rotation: Optional[pulumi.Input[builtins.bool]] = None,
1123
1293
  elasticsearch: Optional[pulumi.Input[Union['SecretBackendConnectionElasticsearchArgs', 'SecretBackendConnectionElasticsearchArgsDict']]] = None,
1124
1294
  hana: Optional[pulumi.Input[Union['SecretBackendConnectionHanaArgs', 'SecretBackendConnectionHanaArgsDict']]] = None,
1125
1295
  influxdb: Optional[pulumi.Input[Union['SecretBackendConnectionInfluxdbArgs', 'SecretBackendConnectionInfluxdbArgsDict']]] = None,
@@ -1130,17 +1300,20 @@ class SecretBackendConnection(pulumi.CustomResource):
1130
1300
  mysql_aurora: Optional[pulumi.Input[Union['SecretBackendConnectionMysqlAuroraArgs', 'SecretBackendConnectionMysqlAuroraArgsDict']]] = None,
1131
1301
  mysql_legacy: Optional[pulumi.Input[Union['SecretBackendConnectionMysqlLegacyArgs', 'SecretBackendConnectionMysqlLegacyArgsDict']]] = None,
1132
1302
  mysql_rds: Optional[pulumi.Input[Union['SecretBackendConnectionMysqlRdsArgs', 'SecretBackendConnectionMysqlRdsArgsDict']]] = None,
1133
- name: Optional[pulumi.Input[str]] = None,
1134
- namespace: Optional[pulumi.Input[str]] = None,
1303
+ name: Optional[pulumi.Input[builtins.str]] = None,
1304
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
1135
1305
  oracle: Optional[pulumi.Input[Union['SecretBackendConnectionOracleArgs', 'SecretBackendConnectionOracleArgsDict']]] = None,
1136
- plugin_name: Optional[pulumi.Input[str]] = None,
1306
+ plugin_name: Optional[pulumi.Input[builtins.str]] = None,
1137
1307
  postgresql: Optional[pulumi.Input[Union['SecretBackendConnectionPostgresqlArgs', 'SecretBackendConnectionPostgresqlArgsDict']]] = None,
1138
1308
  redis: Optional[pulumi.Input[Union['SecretBackendConnectionRedisArgs', 'SecretBackendConnectionRedisArgsDict']]] = None,
1139
1309
  redis_elasticache: Optional[pulumi.Input[Union['SecretBackendConnectionRedisElasticacheArgs', 'SecretBackendConnectionRedisElasticacheArgsDict']]] = None,
1140
1310
  redshift: Optional[pulumi.Input[Union['SecretBackendConnectionRedshiftArgs', 'SecretBackendConnectionRedshiftArgsDict']]] = None,
1141
- root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
1311
+ root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1312
+ rotation_period: Optional[pulumi.Input[builtins.int]] = None,
1313
+ rotation_schedule: Optional[pulumi.Input[builtins.str]] = None,
1314
+ rotation_window: Optional[pulumi.Input[builtins.int]] = None,
1142
1315
  snowflake: Optional[pulumi.Input[Union['SecretBackendConnectionSnowflakeArgs', 'SecretBackendConnectionSnowflakeArgsDict']]] = None,
1143
- verify_connection: Optional[pulumi.Input[bool]] = None) -> 'SecretBackendConnection':
1316
+ verify_connection: Optional[pulumi.Input[builtins.bool]] = None) -> 'SecretBackendConnection':
1144
1317
  """
1145
1318
  Get an existing SecretBackendConnection resource's state with the given name, id, and optional extra
1146
1319
  properties used to qualify the lookup.
@@ -1148,12 +1321,13 @@ class SecretBackendConnection(pulumi.CustomResource):
1148
1321
  :param str resource_name: The unique name of the resulting resource.
1149
1322
  :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
1150
1323
  :param pulumi.ResourceOptions opts: Options for the resource.
1151
- :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_roles: A list of roles that are allowed to use this
1324
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_roles: A list of roles that are allowed to use this
1152
1325
  connection.
1153
- :param pulumi.Input[str] backend: The unique name of the Vault mount to configure.
1326
+ :param pulumi.Input[builtins.str] backend: The unique name of the Vault mount to configure.
1154
1327
  :param pulumi.Input[Union['SecretBackendConnectionCassandraArgs', 'SecretBackendConnectionCassandraArgsDict']] cassandra: A nested block containing configuration options for Cassandra connections.
1155
1328
  :param pulumi.Input[Union['SecretBackendConnectionCouchbaseArgs', 'SecretBackendConnectionCouchbaseArgsDict']] couchbase: A nested block containing configuration options for Couchbase connections.
1156
- :param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
1329
+ :param pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
1330
+ :param pulumi.Input[builtins.bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
1157
1331
  :param pulumi.Input[Union['SecretBackendConnectionElasticsearchArgs', 'SecretBackendConnectionElasticsearchArgsDict']] elasticsearch: A nested block containing configuration options for Elasticsearch connections.
1158
1332
  :param pulumi.Input[Union['SecretBackendConnectionHanaArgs', 'SecretBackendConnectionHanaArgsDict']] hana: A nested block containing configuration options for SAP HanaDB connections.
1159
1333
  :param pulumi.Input[Union['SecretBackendConnectionInfluxdbArgs', 'SecretBackendConnectionInfluxdbArgsDict']] influxdb: A nested block containing configuration options for InfluxDB connections.
@@ -1164,22 +1338,29 @@ class SecretBackendConnection(pulumi.CustomResource):
1164
1338
  :param pulumi.Input[Union['SecretBackendConnectionMysqlAuroraArgs', 'SecretBackendConnectionMysqlAuroraArgsDict']] mysql_aurora: A nested block containing configuration options for Aurora MySQL connections.
1165
1339
  :param pulumi.Input[Union['SecretBackendConnectionMysqlLegacyArgs', 'SecretBackendConnectionMysqlLegacyArgsDict']] mysql_legacy: A nested block containing configuration options for legacy MySQL connections.
1166
1340
  :param pulumi.Input[Union['SecretBackendConnectionMysqlRdsArgs', 'SecretBackendConnectionMysqlRdsArgsDict']] mysql_rds: A nested block containing configuration options for RDS MySQL connections.
1167
- :param pulumi.Input[str] name: A unique name to give the database connection.
1168
- :param pulumi.Input[str] namespace: The namespace to provision the resource in.
1341
+ :param pulumi.Input[builtins.str] name: A unique name to give the database connection.
1342
+ :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
1169
1343
  The value should not contain leading or trailing forward slashes.
1170
1344
  The `namespace` is always relative to the provider's configured namespace.
1171
1345
  *Available only for Vault Enterprise*.
1172
1346
  :param pulumi.Input[Union['SecretBackendConnectionOracleArgs', 'SecretBackendConnectionOracleArgsDict']] oracle: A nested block containing configuration options for Oracle connections.
1173
- :param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use.
1347
+ :param pulumi.Input[builtins.str] plugin_name: Specifies the name of the plugin to use.
1174
1348
  :param pulumi.Input[Union['SecretBackendConnectionPostgresqlArgs', 'SecretBackendConnectionPostgresqlArgsDict']] postgresql: A nested block containing configuration options for PostgreSQL connections.
1175
1349
  :param pulumi.Input[Union['SecretBackendConnectionRedisArgs', 'SecretBackendConnectionRedisArgsDict']] redis: A nested block containing configuration options for Redis connections.
1176
1350
  :param pulumi.Input[Union['SecretBackendConnectionRedisElasticacheArgs', 'SecretBackendConnectionRedisElasticacheArgsDict']] redis_elasticache: A nested block containing configuration options for Redis ElastiCache connections.
1177
1351
 
1178
1352
  Exactly one of the nested blocks of configuration options must be supplied.
1179
1353
  :param pulumi.Input[Union['SecretBackendConnectionRedshiftArgs', 'SecretBackendConnectionRedshiftArgsDict']] redshift: Connection parameters for the redshift-database-plugin plugin.
1180
- :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
1354
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
1355
+ :param pulumi.Input[builtins.int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
1356
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
1357
+ :param pulumi.Input[builtins.str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
1358
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
1359
+ :param pulumi.Input[builtins.int] rotation_window: The maximum amount of time in seconds allowed to complete
1360
+ a rotation when a scheduled token rotation occurs. The default rotation window is
1361
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
1181
1362
  :param pulumi.Input[Union['SecretBackendConnectionSnowflakeArgs', 'SecretBackendConnectionSnowflakeArgsDict']] snowflake: A nested block containing configuration options for Snowflake connections.
1182
- :param pulumi.Input[bool] verify_connection: Whether the connection should be verified on
1363
+ :param pulumi.Input[builtins.bool] verify_connection: Whether the connection should be verified on
1183
1364
  initial configuration or not.
1184
1365
  """
1185
1366
  opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
@@ -1191,6 +1372,7 @@ class SecretBackendConnection(pulumi.CustomResource):
1191
1372
  __props__.__dict__["cassandra"] = cassandra
1192
1373
  __props__.__dict__["couchbase"] = couchbase
1193
1374
  __props__.__dict__["data"] = data
1375
+ __props__.__dict__["disable_automated_rotation"] = disable_automated_rotation
1194
1376
  __props__.__dict__["elasticsearch"] = elasticsearch
1195
1377
  __props__.__dict__["hana"] = hana
1196
1378
  __props__.__dict__["influxdb"] = influxdb
@@ -1210,13 +1392,16 @@ class SecretBackendConnection(pulumi.CustomResource):
1210
1392
  __props__.__dict__["redis_elasticache"] = redis_elasticache
1211
1393
  __props__.__dict__["redshift"] = redshift
1212
1394
  __props__.__dict__["root_rotation_statements"] = root_rotation_statements
1395
+ __props__.__dict__["rotation_period"] = rotation_period
1396
+ __props__.__dict__["rotation_schedule"] = rotation_schedule
1397
+ __props__.__dict__["rotation_window"] = rotation_window
1213
1398
  __props__.__dict__["snowflake"] = snowflake
1214
1399
  __props__.__dict__["verify_connection"] = verify_connection
1215
1400
  return SecretBackendConnection(resource_name, opts=opts, __props__=__props__)
1216
1401
 
1217
1402
  @property
1218
1403
  @pulumi.getter(name="allowedRoles")
1219
- def allowed_roles(self) -> pulumi.Output[Optional[Sequence[str]]]:
1404
+ def allowed_roles(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
1220
1405
  """
1221
1406
  A list of roles that are allowed to use this
1222
1407
  connection.
@@ -1225,7 +1410,7 @@ class SecretBackendConnection(pulumi.CustomResource):
1225
1410
 
1226
1411
  @property
1227
1412
  @pulumi.getter
1228
- def backend(self) -> pulumi.Output[str]:
1413
+ def backend(self) -> pulumi.Output[builtins.str]:
1229
1414
  """
1230
1415
  The unique name of the Vault mount to configure.
1231
1416
  """
@@ -1249,12 +1434,20 @@ class SecretBackendConnection(pulumi.CustomResource):
1249
1434
 
1250
1435
  @property
1251
1436
  @pulumi.getter
1252
- def data(self) -> pulumi.Output[Optional[Mapping[str, str]]]:
1437
+ def data(self) -> pulumi.Output[Optional[Mapping[str, builtins.str]]]:
1253
1438
  """
1254
1439
  A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
1255
1440
  """
1256
1441
  return pulumi.get(self, "data")
1257
1442
 
1443
+ @property
1444
+ @pulumi.getter(name="disableAutomatedRotation")
1445
+ def disable_automated_rotation(self) -> pulumi.Output[Optional[builtins.bool]]:
1446
+ """
1447
+ Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
1448
+ """
1449
+ return pulumi.get(self, "disable_automated_rotation")
1450
+
1258
1451
  @property
1259
1452
  @pulumi.getter
1260
1453
  def elasticsearch(self) -> pulumi.Output[Optional['outputs.SecretBackendConnectionElasticsearch']]:
@@ -1337,7 +1530,7 @@ class SecretBackendConnection(pulumi.CustomResource):
1337
1530
 
1338
1531
  @property
1339
1532
  @pulumi.getter
1340
- def name(self) -> pulumi.Output[str]:
1533
+ def name(self) -> pulumi.Output[builtins.str]:
1341
1534
  """
1342
1535
  A unique name to give the database connection.
1343
1536
  """
@@ -1345,7 +1538,7 @@ class SecretBackendConnection(pulumi.CustomResource):
1345
1538
 
1346
1539
  @property
1347
1540
  @pulumi.getter
1348
- def namespace(self) -> pulumi.Output[Optional[str]]:
1541
+ def namespace(self) -> pulumi.Output[Optional[builtins.str]]:
1349
1542
  """
1350
1543
  The namespace to provision the resource in.
1351
1544
  The value should not contain leading or trailing forward slashes.
@@ -1364,7 +1557,7 @@ class SecretBackendConnection(pulumi.CustomResource):
1364
1557
 
1365
1558
  @property
1366
1559
  @pulumi.getter(name="pluginName")
1367
- def plugin_name(self) -> pulumi.Output[str]:
1560
+ def plugin_name(self) -> pulumi.Output[builtins.str]:
1368
1561
  """
1369
1562
  Specifies the name of the plugin to use.
1370
1563
  """
@@ -1406,12 +1599,40 @@ class SecretBackendConnection(pulumi.CustomResource):
1406
1599
 
1407
1600
  @property
1408
1601
  @pulumi.getter(name="rootRotationStatements")
1409
- def root_rotation_statements(self) -> pulumi.Output[Optional[Sequence[str]]]:
1602
+ def root_rotation_statements(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
1410
1603
  """
1411
1604
  A list of database statements to be executed to rotate the root user's credentials.
1412
1605
  """
1413
1606
  return pulumi.get(self, "root_rotation_statements")
1414
1607
 
1608
+ @property
1609
+ @pulumi.getter(name="rotationPeriod")
1610
+ def rotation_period(self) -> pulumi.Output[Optional[builtins.int]]:
1611
+ """
1612
+ The amount of time in seconds Vault should wait before rotating the root credential.
1613
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
1614
+ """
1615
+ return pulumi.get(self, "rotation_period")
1616
+
1617
+ @property
1618
+ @pulumi.getter(name="rotationSchedule")
1619
+ def rotation_schedule(self) -> pulumi.Output[Optional[builtins.str]]:
1620
+ """
1621
+ The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
1622
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
1623
+ """
1624
+ return pulumi.get(self, "rotation_schedule")
1625
+
1626
+ @property
1627
+ @pulumi.getter(name="rotationWindow")
1628
+ def rotation_window(self) -> pulumi.Output[Optional[builtins.int]]:
1629
+ """
1630
+ The maximum amount of time in seconds allowed to complete
1631
+ a rotation when a scheduled token rotation occurs. The default rotation window is
1632
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
1633
+ """
1634
+ return pulumi.get(self, "rotation_window")
1635
+
1415
1636
  @property
1416
1637
  @pulumi.getter
1417
1638
  def snowflake(self) -> pulumi.Output[Optional['outputs.SecretBackendConnectionSnowflake']]:
@@ -1422,7 +1643,7 @@ class SecretBackendConnection(pulumi.CustomResource):
1422
1643
 
1423
1644
  @property
1424
1645
  @pulumi.getter(name="verifyConnection")
1425
- def verify_connection(self) -> pulumi.Output[Optional[bool]]:
1646
+ def verify_connection(self) -> pulumi.Output[Optional[builtins.bool]]:
1426
1647
  """
1427
1648
  Whether the connection should be verified on
1428
1649
  initial configuration or not.