pulumi-vault 6.6.0a1741415971__py3-none-any.whl → 6.7.0a1741847926__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (44) hide show
  1. pulumi_vault/__init__.py +8 -0
  2. pulumi_vault/aws/auth_backend_client.py +228 -4
  3. pulumi_vault/aws/secret_backend.py +266 -50
  4. pulumi_vault/aws/secret_backend_static_role.py +217 -0
  5. pulumi_vault/azure/auth_backend_config.py +257 -5
  6. pulumi_vault/azure/backend.py +249 -4
  7. pulumi_vault/database/_inputs.py +1692 -36
  8. pulumi_vault/database/outputs.py +1170 -18
  9. pulumi_vault/database/secret_backend_connection.py +220 -0
  10. pulumi_vault/database/secret_backend_static_role.py +143 -1
  11. pulumi_vault/database/secrets_mount.py +8 -0
  12. pulumi_vault/gcp/auth_backend.py +222 -2
  13. pulumi_vault/gcp/secret_backend.py +244 -4
  14. pulumi_vault/ldap/auth_backend.py +222 -2
  15. pulumi_vault/ldap/secret_backend.py +222 -2
  16. pulumi_vault/pkisecret/__init__.py +2 -0
  17. pulumi_vault/pkisecret/_inputs.py +0 -6
  18. pulumi_vault/pkisecret/backend_config_acme.py +47 -0
  19. pulumi_vault/pkisecret/backend_config_auto_tidy.py +1376 -0
  20. pulumi_vault/pkisecret/backend_config_cmpv2.py +61 -14
  21. pulumi_vault/pkisecret/get_backend_cert_metadata.py +277 -0
  22. pulumi_vault/pkisecret/get_backend_config_cmpv2.py +18 -1
  23. pulumi_vault/pkisecret/get_backend_issuer.py +114 -1
  24. pulumi_vault/pkisecret/outputs.py +0 -4
  25. pulumi_vault/pkisecret/secret_backend_cert.py +148 -7
  26. pulumi_vault/pkisecret/secret_backend_crl_config.py +54 -0
  27. pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +141 -0
  28. pulumi_vault/pkisecret/secret_backend_issuer.py +265 -0
  29. pulumi_vault/pkisecret/secret_backend_role.py +252 -3
  30. pulumi_vault/pkisecret/secret_backend_root_cert.py +423 -0
  31. pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +581 -3
  32. pulumi_vault/pkisecret/secret_backend_sign.py +94 -0
  33. pulumi_vault/pulumi-plugin.json +1 -1
  34. pulumi_vault/ssh/__init__.py +1 -0
  35. pulumi_vault/ssh/get_secret_backend_sign.py +294 -0
  36. pulumi_vault/terraformcloud/secret_role.py +7 -7
  37. pulumi_vault/transit/__init__.py +2 -0
  38. pulumi_vault/transit/get_sign.py +324 -0
  39. pulumi_vault/transit/get_verify.py +354 -0
  40. pulumi_vault/transit/secret_backend_key.py +162 -0
  41. {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0a1741847926.dist-info}/METADATA +1 -1
  42. {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0a1741847926.dist-info}/RECORD +44 -39
  43. {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0a1741847926.dist-info}/WHEEL +1 -1
  44. {pulumi_vault-6.6.0a1741415971.dist-info → pulumi_vault-6.7.0a1741847926.dist-info}/top_level.txt +0 -0
@@ -3489,6 +3489,10 @@ if not MYPY:
3489
3489
  data: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[str]]]]
3490
3490
  """
3491
3491
  A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
3492
+ """
3493
+ disable_automated_rotation: NotRequired[pulumi.Input[bool]]
3494
+ """
3495
+ Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
3492
3496
 
3493
3497
  Supported list of database secrets engines that can be configured:
3494
3498
  """
@@ -3528,6 +3532,22 @@ if not MYPY:
3528
3532
  """
3529
3533
  A list of database statements to be executed to rotate the root user's credentials.
3530
3534
  """
3535
+ rotation_period: NotRequired[pulumi.Input[int]]
3536
+ """
3537
+ The amount of time in seconds Vault should wait before rotating the root credential.
3538
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
3539
+ """
3540
+ rotation_schedule: NotRequired[pulumi.Input[str]]
3541
+ """
3542
+ The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
3543
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
3544
+ """
3545
+ rotation_window: NotRequired[pulumi.Input[int]]
3546
+ """
3547
+ The maximum amount of time in seconds allowed to complete
3548
+ a rotation when a scheduled token rotation occurs. The default rotation window is
3549
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
3550
+ """
3531
3551
  skip_verification: NotRequired[pulumi.Input[bool]]
3532
3552
  """
3533
3553
  Skip permissions checks when a connection to Cassandra is first created. These checks ensure that Vault is able to create roles, but can be resource intensive in clusters with many roles.
@@ -3555,6 +3575,7 @@ class SecretsMountCassandraArgs:
3555
3575
  allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
3556
3576
  connect_timeout: Optional[pulumi.Input[int]] = None,
3557
3577
  data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
3578
+ disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
3558
3579
  hosts: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
3559
3580
  insecure_tls: Optional[pulumi.Input[bool]] = None,
3560
3581
  password: Optional[pulumi.Input[str]] = None,
@@ -3564,6 +3585,9 @@ class SecretsMountCassandraArgs:
3564
3585
  port: Optional[pulumi.Input[int]] = None,
3565
3586
  protocol_version: Optional[pulumi.Input[int]] = None,
3566
3587
  root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
3588
+ rotation_period: Optional[pulumi.Input[int]] = None,
3589
+ rotation_schedule: Optional[pulumi.Input[str]] = None,
3590
+ rotation_window: Optional[pulumi.Input[int]] = None,
3567
3591
  skip_verification: Optional[pulumi.Input[bool]] = None,
3568
3592
  tls: Optional[pulumi.Input[bool]] = None,
3569
3593
  username: Optional[pulumi.Input[str]] = None,
@@ -3574,6 +3598,7 @@ class SecretsMountCassandraArgs:
3574
3598
  connection.
3575
3599
  :param pulumi.Input[int] connect_timeout: The number of seconds to use as a connection timeout.
3576
3600
  :param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
3601
+ :param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
3577
3602
 
3578
3603
  Supported list of database secrets engines that can be configured:
3579
3604
  :param pulumi.Input[Sequence[pulumi.Input[str]]] hosts: Cassandra hosts to connect to.
@@ -3585,6 +3610,13 @@ class SecretsMountCassandraArgs:
3585
3610
  :param pulumi.Input[int] port: The transport port to use to connect to Cassandra.
3586
3611
  :param pulumi.Input[int] protocol_version: The CQL protocol version to use.
3587
3612
  :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
3613
+ :param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
3614
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
3615
+ :param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
3616
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
3617
+ :param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
3618
+ a rotation when a scheduled token rotation occurs. The default rotation window is
3619
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
3588
3620
  :param pulumi.Input[bool] skip_verification: Skip permissions checks when a connection to Cassandra is first created. These checks ensure that Vault is able to create roles, but can be resource intensive in clusters with many roles.
3589
3621
  :param pulumi.Input[bool] tls: Whether to use TLS when connecting to Cassandra.
3590
3622
  :param pulumi.Input[str] username: The username to use when authenticating with Cassandra.
@@ -3598,6 +3630,8 @@ class SecretsMountCassandraArgs:
3598
3630
  pulumi.set(__self__, "connect_timeout", connect_timeout)
3599
3631
  if data is not None:
3600
3632
  pulumi.set(__self__, "data", data)
3633
+ if disable_automated_rotation is not None:
3634
+ pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
3601
3635
  if hosts is not None:
3602
3636
  pulumi.set(__self__, "hosts", hosts)
3603
3637
  if insecure_tls is not None:
@@ -3616,6 +3650,12 @@ class SecretsMountCassandraArgs:
3616
3650
  pulumi.set(__self__, "protocol_version", protocol_version)
3617
3651
  if root_rotation_statements is not None:
3618
3652
  pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
3653
+ if rotation_period is not None:
3654
+ pulumi.set(__self__, "rotation_period", rotation_period)
3655
+ if rotation_schedule is not None:
3656
+ pulumi.set(__self__, "rotation_schedule", rotation_schedule)
3657
+ if rotation_window is not None:
3658
+ pulumi.set(__self__, "rotation_window", rotation_window)
3619
3659
  if skip_verification is not None:
3620
3660
  pulumi.set(__self__, "skip_verification", skip_verification)
3621
3661
  if tls is not None:
@@ -3667,8 +3707,6 @@ class SecretsMountCassandraArgs:
3667
3707
  def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
3668
3708
  """
3669
3709
  A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
3670
-
3671
- Supported list of database secrets engines that can be configured:
3672
3710
  """
3673
3711
  return pulumi.get(self, "data")
3674
3712
 
@@ -3676,6 +3714,20 @@ class SecretsMountCassandraArgs:
3676
3714
  def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
3677
3715
  pulumi.set(self, "data", value)
3678
3716
 
3717
+ @property
3718
+ @pulumi.getter(name="disableAutomatedRotation")
3719
+ def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
3720
+ """
3721
+ Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
3722
+
3723
+ Supported list of database secrets engines that can be configured:
3724
+ """
3725
+ return pulumi.get(self, "disable_automated_rotation")
3726
+
3727
+ @disable_automated_rotation.setter
3728
+ def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
3729
+ pulumi.set(self, "disable_automated_rotation", value)
3730
+
3679
3731
  @property
3680
3732
  @pulumi.getter
3681
3733
  def hosts(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
@@ -3784,6 +3836,46 @@ class SecretsMountCassandraArgs:
3784
3836
  def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
3785
3837
  pulumi.set(self, "root_rotation_statements", value)
3786
3838
 
3839
+ @property
3840
+ @pulumi.getter(name="rotationPeriod")
3841
+ def rotation_period(self) -> Optional[pulumi.Input[int]]:
3842
+ """
3843
+ The amount of time in seconds Vault should wait before rotating the root credential.
3844
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
3845
+ """
3846
+ return pulumi.get(self, "rotation_period")
3847
+
3848
+ @rotation_period.setter
3849
+ def rotation_period(self, value: Optional[pulumi.Input[int]]):
3850
+ pulumi.set(self, "rotation_period", value)
3851
+
3852
+ @property
3853
+ @pulumi.getter(name="rotationSchedule")
3854
+ def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
3855
+ """
3856
+ The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
3857
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
3858
+ """
3859
+ return pulumi.get(self, "rotation_schedule")
3860
+
3861
+ @rotation_schedule.setter
3862
+ def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
3863
+ pulumi.set(self, "rotation_schedule", value)
3864
+
3865
+ @property
3866
+ @pulumi.getter(name="rotationWindow")
3867
+ def rotation_window(self) -> Optional[pulumi.Input[int]]:
3868
+ """
3869
+ The maximum amount of time in seconds allowed to complete
3870
+ a rotation when a scheduled token rotation occurs. The default rotation window is
3871
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
3872
+ """
3873
+ return pulumi.get(self, "rotation_window")
3874
+
3875
+ @rotation_window.setter
3876
+ def rotation_window(self, value: Optional[pulumi.Input[int]]):
3877
+ pulumi.set(self, "rotation_window", value)
3878
+
3787
3879
  @property
3788
3880
  @pulumi.getter(name="skipVerification")
3789
3881
  def skip_verification(self) -> Optional[pulumi.Input[bool]]:
@@ -3868,6 +3960,10 @@ if not MYPY:
3868
3960
  data: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[str]]]]
3869
3961
  """
3870
3962
  A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
3963
+ """
3964
+ disable_automated_rotation: NotRequired[pulumi.Input[bool]]
3965
+ """
3966
+ Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
3871
3967
 
3872
3968
  Supported list of database secrets engines that can be configured:
3873
3969
  """
@@ -3883,6 +3979,22 @@ if not MYPY:
3883
3979
  """
3884
3980
  A list of database statements to be executed to rotate the root user's credentials.
3885
3981
  """
3982
+ rotation_period: NotRequired[pulumi.Input[int]]
3983
+ """
3984
+ The amount of time in seconds Vault should wait before rotating the root credential.
3985
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
3986
+ """
3987
+ rotation_schedule: NotRequired[pulumi.Input[str]]
3988
+ """
3989
+ The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
3990
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
3991
+ """
3992
+ rotation_window: NotRequired[pulumi.Input[int]]
3993
+ """
3994
+ The maximum amount of time in seconds allowed to complete
3995
+ a rotation when a scheduled token rotation occurs. The default rotation window is
3996
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
3997
+ """
3886
3998
  tls: NotRequired[pulumi.Input[bool]]
3887
3999
  """
3888
4000
  Specifies whether to use TLS when connecting to Couchbase.
@@ -3910,9 +4022,13 @@ class SecretsMountCouchbaseArgs:
3910
4022
  base64_pem: Optional[pulumi.Input[str]] = None,
3911
4023
  bucket_name: Optional[pulumi.Input[str]] = None,
3912
4024
  data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
4025
+ disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
3913
4026
  insecure_tls: Optional[pulumi.Input[bool]] = None,
3914
4027
  plugin_name: Optional[pulumi.Input[str]] = None,
3915
4028
  root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
4029
+ rotation_period: Optional[pulumi.Input[int]] = None,
4030
+ rotation_schedule: Optional[pulumi.Input[str]] = None,
4031
+ rotation_window: Optional[pulumi.Input[int]] = None,
3916
4032
  tls: Optional[pulumi.Input[bool]] = None,
3917
4033
  username_template: Optional[pulumi.Input[str]] = None,
3918
4034
  verify_connection: Optional[pulumi.Input[bool]] = None):
@@ -3926,11 +4042,19 @@ class SecretsMountCouchbaseArgs:
3926
4042
  :param pulumi.Input[str] base64_pem: Required if `tls` is `true`. Specifies the certificate authority of the Couchbase server, as a PEM certificate that has been base64 encoded.
3927
4043
  :param pulumi.Input[str] bucket_name: Required for Couchbase versions prior to 6.5.0. This is only used to verify vault's connection to the server.
3928
4044
  :param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
4045
+ :param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
3929
4046
 
3930
4047
  Supported list of database secrets engines that can be configured:
3931
4048
  :param pulumi.Input[bool] insecure_tls: Specifies whether to skip verification of the server certificate when using TLS.
3932
4049
  :param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use.
3933
4050
  :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
4051
+ :param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
4052
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
4053
+ :param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
4054
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
4055
+ :param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
4056
+ a rotation when a scheduled token rotation occurs. The default rotation window is
4057
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
3934
4058
  :param pulumi.Input[bool] tls: Specifies whether to use TLS when connecting to Couchbase.
3935
4059
  :param pulumi.Input[str] username_template: Template describing how dynamic usernames are generated.
3936
4060
  :param pulumi.Input[bool] verify_connection: Whether the connection should be verified on
@@ -3948,12 +4072,20 @@ class SecretsMountCouchbaseArgs:
3948
4072
  pulumi.set(__self__, "bucket_name", bucket_name)
3949
4073
  if data is not None:
3950
4074
  pulumi.set(__self__, "data", data)
4075
+ if disable_automated_rotation is not None:
4076
+ pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
3951
4077
  if insecure_tls is not None:
3952
4078
  pulumi.set(__self__, "insecure_tls", insecure_tls)
3953
4079
  if plugin_name is not None:
3954
4080
  pulumi.set(__self__, "plugin_name", plugin_name)
3955
4081
  if root_rotation_statements is not None:
3956
4082
  pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
4083
+ if rotation_period is not None:
4084
+ pulumi.set(__self__, "rotation_period", rotation_period)
4085
+ if rotation_schedule is not None:
4086
+ pulumi.set(__self__, "rotation_schedule", rotation_schedule)
4087
+ if rotation_window is not None:
4088
+ pulumi.set(__self__, "rotation_window", rotation_window)
3957
4089
  if tls is not None:
3958
4090
  pulumi.set(__self__, "tls", tls)
3959
4091
  if username_template is not None:
@@ -4051,8 +4183,6 @@ class SecretsMountCouchbaseArgs:
4051
4183
  def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
4052
4184
  """
4053
4185
  A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
4054
-
4055
- Supported list of database secrets engines that can be configured:
4056
4186
  """
4057
4187
  return pulumi.get(self, "data")
4058
4188
 
@@ -4060,6 +4190,20 @@ class SecretsMountCouchbaseArgs:
4060
4190
  def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
4061
4191
  pulumi.set(self, "data", value)
4062
4192
 
4193
+ @property
4194
+ @pulumi.getter(name="disableAutomatedRotation")
4195
+ def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
4196
+ """
4197
+ Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
4198
+
4199
+ Supported list of database secrets engines that can be configured:
4200
+ """
4201
+ return pulumi.get(self, "disable_automated_rotation")
4202
+
4203
+ @disable_automated_rotation.setter
4204
+ def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
4205
+ pulumi.set(self, "disable_automated_rotation", value)
4206
+
4063
4207
  @property
4064
4208
  @pulumi.getter(name="insecureTls")
4065
4209
  def insecure_tls(self) -> Optional[pulumi.Input[bool]]:
@@ -4096,6 +4240,46 @@ class SecretsMountCouchbaseArgs:
4096
4240
  def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
4097
4241
  pulumi.set(self, "root_rotation_statements", value)
4098
4242
 
4243
+ @property
4244
+ @pulumi.getter(name="rotationPeriod")
4245
+ def rotation_period(self) -> Optional[pulumi.Input[int]]:
4246
+ """
4247
+ The amount of time in seconds Vault should wait before rotating the root credential.
4248
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
4249
+ """
4250
+ return pulumi.get(self, "rotation_period")
4251
+
4252
+ @rotation_period.setter
4253
+ def rotation_period(self, value: Optional[pulumi.Input[int]]):
4254
+ pulumi.set(self, "rotation_period", value)
4255
+
4256
+ @property
4257
+ @pulumi.getter(name="rotationSchedule")
4258
+ def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
4259
+ """
4260
+ The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
4261
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
4262
+ """
4263
+ return pulumi.get(self, "rotation_schedule")
4264
+
4265
+ @rotation_schedule.setter
4266
+ def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
4267
+ pulumi.set(self, "rotation_schedule", value)
4268
+
4269
+ @property
4270
+ @pulumi.getter(name="rotationWindow")
4271
+ def rotation_window(self) -> Optional[pulumi.Input[int]]:
4272
+ """
4273
+ The maximum amount of time in seconds allowed to complete
4274
+ a rotation when a scheduled token rotation occurs. The default rotation window is
4275
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
4276
+ """
4277
+ return pulumi.get(self, "rotation_window")
4278
+
4279
+ @rotation_window.setter
4280
+ def rotation_window(self, value: Optional[pulumi.Input[int]]):
4281
+ pulumi.set(self, "rotation_window", value)
4282
+
4099
4283
  @property
4100
4284
  @pulumi.getter
4101
4285
  def tls(self) -> Optional[pulumi.Input[bool]]:
@@ -4176,6 +4360,10 @@ if not MYPY:
4176
4360
  data: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[str]]]]
4177
4361
  """
4178
4362
  A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
4363
+ """
4364
+ disable_automated_rotation: NotRequired[pulumi.Input[bool]]
4365
+ """
4366
+ Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
4179
4367
 
4180
4368
  Supported list of database secrets engines that can be configured:
4181
4369
  """
@@ -4191,6 +4379,22 @@ if not MYPY:
4191
4379
  """
4192
4380
  A list of database statements to be executed to rotate the root user's credentials.
4193
4381
  """
4382
+ rotation_period: NotRequired[pulumi.Input[int]]
4383
+ """
4384
+ The amount of time in seconds Vault should wait before rotating the root credential.
4385
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
4386
+ """
4387
+ rotation_schedule: NotRequired[pulumi.Input[str]]
4388
+ """
4389
+ The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
4390
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
4391
+ """
4392
+ rotation_window: NotRequired[pulumi.Input[int]]
4393
+ """
4394
+ The maximum amount of time in seconds allowed to complete
4395
+ a rotation when a scheduled token rotation occurs. The default rotation window is
4396
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
4397
+ """
4194
4398
  tls_server_name: NotRequired[pulumi.Input[str]]
4195
4399
  """
4196
4400
  This, if set, is used to set the SNI host when connecting via TLS
@@ -4220,9 +4424,13 @@ class SecretsMountElasticsearchArgs:
4220
4424
  client_cert: Optional[pulumi.Input[str]] = None,
4221
4425
  client_key: Optional[pulumi.Input[str]] = None,
4222
4426
  data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
4427
+ disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
4223
4428
  insecure: Optional[pulumi.Input[bool]] = None,
4224
4429
  plugin_name: Optional[pulumi.Input[str]] = None,
4225
4430
  root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
4431
+ rotation_period: Optional[pulumi.Input[int]] = None,
4432
+ rotation_schedule: Optional[pulumi.Input[str]] = None,
4433
+ rotation_window: Optional[pulumi.Input[int]] = None,
4226
4434
  tls_server_name: Optional[pulumi.Input[str]] = None,
4227
4435
  username_template: Optional[pulumi.Input[str]] = None,
4228
4436
  verify_connection: Optional[pulumi.Input[bool]] = None):
@@ -4238,11 +4446,19 @@ class SecretsMountElasticsearchArgs:
4238
4446
  :param pulumi.Input[str] client_cert: The path to the certificate for the Elasticsearch client to present for communication
4239
4447
  :param pulumi.Input[str] client_key: The path to the key for the Elasticsearch client to use for communication
4240
4448
  :param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
4449
+ :param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
4241
4450
 
4242
4451
  Supported list of database secrets engines that can be configured:
4243
4452
  :param pulumi.Input[bool] insecure: Whether to disable certificate verification
4244
4453
  :param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use.
4245
4454
  :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
4455
+ :param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
4456
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
4457
+ :param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
4458
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
4459
+ :param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
4460
+ a rotation when a scheduled token rotation occurs. The default rotation window is
4461
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
4246
4462
  :param pulumi.Input[str] tls_server_name: This, if set, is used to set the SNI host when connecting via TLS
4247
4463
  :param pulumi.Input[str] username_template: Template describing how dynamic usernames are generated.
4248
4464
  :param pulumi.Input[bool] verify_connection: Whether the connection should be verified on
@@ -4264,12 +4480,20 @@ class SecretsMountElasticsearchArgs:
4264
4480
  pulumi.set(__self__, "client_key", client_key)
4265
4481
  if data is not None:
4266
4482
  pulumi.set(__self__, "data", data)
4483
+ if disable_automated_rotation is not None:
4484
+ pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
4267
4485
  if insecure is not None:
4268
4486
  pulumi.set(__self__, "insecure", insecure)
4269
4487
  if plugin_name is not None:
4270
4488
  pulumi.set(__self__, "plugin_name", plugin_name)
4271
4489
  if root_rotation_statements is not None:
4272
4490
  pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
4491
+ if rotation_period is not None:
4492
+ pulumi.set(__self__, "rotation_period", rotation_period)
4493
+ if rotation_schedule is not None:
4494
+ pulumi.set(__self__, "rotation_schedule", rotation_schedule)
4495
+ if rotation_window is not None:
4496
+ pulumi.set(__self__, "rotation_window", rotation_window)
4273
4497
  if tls_server_name is not None:
4274
4498
  pulumi.set(__self__, "tls_server_name", tls_server_name)
4275
4499
  if username_template is not None:
@@ -4391,8 +4615,6 @@ class SecretsMountElasticsearchArgs:
4391
4615
  def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
4392
4616
  """
4393
4617
  A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
4394
-
4395
- Supported list of database secrets engines that can be configured:
4396
4618
  """
4397
4619
  return pulumi.get(self, "data")
4398
4620
 
@@ -4400,6 +4622,20 @@ class SecretsMountElasticsearchArgs:
4400
4622
  def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
4401
4623
  pulumi.set(self, "data", value)
4402
4624
 
4625
+ @property
4626
+ @pulumi.getter(name="disableAutomatedRotation")
4627
+ def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
4628
+ """
4629
+ Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
4630
+
4631
+ Supported list of database secrets engines that can be configured:
4632
+ """
4633
+ return pulumi.get(self, "disable_automated_rotation")
4634
+
4635
+ @disable_automated_rotation.setter
4636
+ def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
4637
+ pulumi.set(self, "disable_automated_rotation", value)
4638
+
4403
4639
  @property
4404
4640
  @pulumi.getter
4405
4641
  def insecure(self) -> Optional[pulumi.Input[bool]]:
@@ -4436,6 +4672,46 @@ class SecretsMountElasticsearchArgs:
4436
4672
  def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
4437
4673
  pulumi.set(self, "root_rotation_statements", value)
4438
4674
 
4675
+ @property
4676
+ @pulumi.getter(name="rotationPeriod")
4677
+ def rotation_period(self) -> Optional[pulumi.Input[int]]:
4678
+ """
4679
+ The amount of time in seconds Vault should wait before rotating the root credential.
4680
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
4681
+ """
4682
+ return pulumi.get(self, "rotation_period")
4683
+
4684
+ @rotation_period.setter
4685
+ def rotation_period(self, value: Optional[pulumi.Input[int]]):
4686
+ pulumi.set(self, "rotation_period", value)
4687
+
4688
+ @property
4689
+ @pulumi.getter(name="rotationSchedule")
4690
+ def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
4691
+ """
4692
+ The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
4693
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
4694
+ """
4695
+ return pulumi.get(self, "rotation_schedule")
4696
+
4697
+ @rotation_schedule.setter
4698
+ def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
4699
+ pulumi.set(self, "rotation_schedule", value)
4700
+
4701
+ @property
4702
+ @pulumi.getter(name="rotationWindow")
4703
+ def rotation_window(self) -> Optional[pulumi.Input[int]]:
4704
+ """
4705
+ The maximum amount of time in seconds allowed to complete
4706
+ a rotation when a scheduled token rotation occurs. The default rotation window is
4707
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
4708
+ """
4709
+ return pulumi.get(self, "rotation_window")
4710
+
4711
+ @rotation_window.setter
4712
+ def rotation_window(self, value: Optional[pulumi.Input[int]]):
4713
+ pulumi.set(self, "rotation_window", value)
4714
+
4439
4715
  @property
4440
4716
  @pulumi.getter(name="tlsServerName")
4441
4717
  def tls_server_name(self) -> Optional[pulumi.Input[str]]:
@@ -4492,6 +4768,10 @@ if not MYPY:
4492
4768
  data: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[str]]]]
4493
4769
  """
4494
4770
  A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
4771
+ """
4772
+ disable_automated_rotation: NotRequired[pulumi.Input[bool]]
4773
+ """
4774
+ Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
4495
4775
 
4496
4776
  Supported list of database secrets engines that can be configured:
4497
4777
  """
@@ -4523,6 +4803,22 @@ if not MYPY:
4523
4803
  """
4524
4804
  A list of database statements to be executed to rotate the root user's credentials.
4525
4805
  """
4806
+ rotation_period: NotRequired[pulumi.Input[int]]
4807
+ """
4808
+ The amount of time in seconds Vault should wait before rotating the root credential.
4809
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
4810
+ """
4811
+ rotation_schedule: NotRequired[pulumi.Input[str]]
4812
+ """
4813
+ The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
4814
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
4815
+ """
4816
+ rotation_window: NotRequired[pulumi.Input[int]]
4817
+ """
4818
+ The maximum amount of time in seconds allowed to complete
4819
+ a rotation when a scheduled token rotation occurs. The default rotation window is
4820
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
4821
+ """
4526
4822
  username: NotRequired[pulumi.Input[str]]
4527
4823
  """
4528
4824
  The root credential username used in the connection URL
@@ -4542,6 +4838,7 @@ class SecretsMountHanaArgs:
4542
4838
  allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
4543
4839
  connection_url: Optional[pulumi.Input[str]] = None,
4544
4840
  data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
4841
+ disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
4545
4842
  disable_escaping: Optional[pulumi.Input[bool]] = None,
4546
4843
  max_connection_lifetime: Optional[pulumi.Input[int]] = None,
4547
4844
  max_idle_connections: Optional[pulumi.Input[int]] = None,
@@ -4549,6 +4846,9 @@ class SecretsMountHanaArgs:
4549
4846
  password: Optional[pulumi.Input[str]] = None,
4550
4847
  plugin_name: Optional[pulumi.Input[str]] = None,
4551
4848
  root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
4849
+ rotation_period: Optional[pulumi.Input[int]] = None,
4850
+ rotation_schedule: Optional[pulumi.Input[str]] = None,
4851
+ rotation_window: Optional[pulumi.Input[int]] = None,
4552
4852
  username: Optional[pulumi.Input[str]] = None,
4553
4853
  verify_connection: Optional[pulumi.Input[bool]] = None):
4554
4854
  """
@@ -4557,6 +4857,7 @@ class SecretsMountHanaArgs:
4557
4857
  connection.
4558
4858
  :param pulumi.Input[str] connection_url: Connection string to use to connect to the database.
4559
4859
  :param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
4860
+ :param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
4560
4861
 
4561
4862
  Supported list of database secrets engines that can be configured:
4562
4863
  :param pulumi.Input[bool] disable_escaping: Disable special character escaping in username and password
@@ -4566,6 +4867,13 @@ class SecretsMountHanaArgs:
4566
4867
  :param pulumi.Input[str] password: The root credential password used in the connection URL
4567
4868
  :param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use.
4568
4869
  :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
4870
+ :param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
4871
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
4872
+ :param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
4873
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
4874
+ :param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
4875
+ a rotation when a scheduled token rotation occurs. The default rotation window is
4876
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
4569
4877
  :param pulumi.Input[str] username: The root credential username used in the connection URL
4570
4878
  :param pulumi.Input[bool] verify_connection: Whether the connection should be verified on
4571
4879
  initial configuration or not.
@@ -4577,6 +4885,8 @@ class SecretsMountHanaArgs:
4577
4885
  pulumi.set(__self__, "connection_url", connection_url)
4578
4886
  if data is not None:
4579
4887
  pulumi.set(__self__, "data", data)
4888
+ if disable_automated_rotation is not None:
4889
+ pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
4580
4890
  if disable_escaping is not None:
4581
4891
  pulumi.set(__self__, "disable_escaping", disable_escaping)
4582
4892
  if max_connection_lifetime is not None:
@@ -4591,6 +4901,12 @@ class SecretsMountHanaArgs:
4591
4901
  pulumi.set(__self__, "plugin_name", plugin_name)
4592
4902
  if root_rotation_statements is not None:
4593
4903
  pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
4904
+ if rotation_period is not None:
4905
+ pulumi.set(__self__, "rotation_period", rotation_period)
4906
+ if rotation_schedule is not None:
4907
+ pulumi.set(__self__, "rotation_schedule", rotation_schedule)
4908
+ if rotation_window is not None:
4909
+ pulumi.set(__self__, "rotation_window", rotation_window)
4594
4910
  if username is not None:
4595
4911
  pulumi.set(__self__, "username", username)
4596
4912
  if verify_connection is not None:
@@ -4638,8 +4954,6 @@ class SecretsMountHanaArgs:
4638
4954
  def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
4639
4955
  """
4640
4956
  A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
4641
-
4642
- Supported list of database secrets engines that can be configured:
4643
4957
  """
4644
4958
  return pulumi.get(self, "data")
4645
4959
 
@@ -4647,6 +4961,20 @@ class SecretsMountHanaArgs:
4647
4961
  def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
4648
4962
  pulumi.set(self, "data", value)
4649
4963
 
4964
+ @property
4965
+ @pulumi.getter(name="disableAutomatedRotation")
4966
+ def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
4967
+ """
4968
+ Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
4969
+
4970
+ Supported list of database secrets engines that can be configured:
4971
+ """
4972
+ return pulumi.get(self, "disable_automated_rotation")
4973
+
4974
+ @disable_automated_rotation.setter
4975
+ def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
4976
+ pulumi.set(self, "disable_automated_rotation", value)
4977
+
4650
4978
  @property
4651
4979
  @pulumi.getter(name="disableEscaping")
4652
4980
  def disable_escaping(self) -> Optional[pulumi.Input[bool]]:
@@ -4731,6 +5059,46 @@ class SecretsMountHanaArgs:
4731
5059
  def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
4732
5060
  pulumi.set(self, "root_rotation_statements", value)
4733
5061
 
5062
+ @property
5063
+ @pulumi.getter(name="rotationPeriod")
5064
+ def rotation_period(self) -> Optional[pulumi.Input[int]]:
5065
+ """
5066
+ The amount of time in seconds Vault should wait before rotating the root credential.
5067
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
5068
+ """
5069
+ return pulumi.get(self, "rotation_period")
5070
+
5071
+ @rotation_period.setter
5072
+ def rotation_period(self, value: Optional[pulumi.Input[int]]):
5073
+ pulumi.set(self, "rotation_period", value)
5074
+
5075
+ @property
5076
+ @pulumi.getter(name="rotationSchedule")
5077
+ def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
5078
+ """
5079
+ The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
5080
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
5081
+ """
5082
+ return pulumi.get(self, "rotation_schedule")
5083
+
5084
+ @rotation_schedule.setter
5085
+ def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
5086
+ pulumi.set(self, "rotation_schedule", value)
5087
+
5088
+ @property
5089
+ @pulumi.getter(name="rotationWindow")
5090
+ def rotation_window(self) -> Optional[pulumi.Input[int]]:
5091
+ """
5092
+ The maximum amount of time in seconds allowed to complete
5093
+ a rotation when a scheduled token rotation occurs. The default rotation window is
5094
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
5095
+ """
5096
+ return pulumi.get(self, "rotation_window")
5097
+
5098
+ @rotation_window.setter
5099
+ def rotation_window(self, value: Optional[pulumi.Input[int]]):
5100
+ pulumi.set(self, "rotation_window", value)
5101
+
4734
5102
  @property
4735
5103
  @pulumi.getter
4736
5104
  def username(self) -> Optional[pulumi.Input[str]]:
@@ -4787,6 +5155,10 @@ if not MYPY:
4787
5155
  data: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[str]]]]
4788
5156
  """
4789
5157
  A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
5158
+ """
5159
+ disable_automated_rotation: NotRequired[pulumi.Input[bool]]
5160
+ """
5161
+ Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
4790
5162
 
4791
5163
  Supported list of database secrets engines that can be configured:
4792
5164
  """
@@ -4814,6 +5186,22 @@ if not MYPY:
4814
5186
  """
4815
5187
  A list of database statements to be executed to rotate the root user's credentials.
4816
5188
  """
5189
+ rotation_period: NotRequired[pulumi.Input[int]]
5190
+ """
5191
+ The amount of time in seconds Vault should wait before rotating the root credential.
5192
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
5193
+ """
5194
+ rotation_schedule: NotRequired[pulumi.Input[str]]
5195
+ """
5196
+ The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
5197
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
5198
+ """
5199
+ rotation_window: NotRequired[pulumi.Input[int]]
5200
+ """
5201
+ The maximum amount of time in seconds allowed to complete
5202
+ a rotation when a scheduled token rotation occurs. The default rotation window is
5203
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
5204
+ """
4817
5205
  tls: NotRequired[pulumi.Input[bool]]
4818
5206
  """
4819
5207
  Whether to use TLS when connecting to Influxdb.
@@ -4840,12 +5228,16 @@ class SecretsMountInfluxdbArgs:
4840
5228
  allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
4841
5229
  connect_timeout: Optional[pulumi.Input[int]] = None,
4842
5230
  data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
5231
+ disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
4843
5232
  insecure_tls: Optional[pulumi.Input[bool]] = None,
4844
5233
  pem_bundle: Optional[pulumi.Input[str]] = None,
4845
5234
  pem_json: Optional[pulumi.Input[str]] = None,
4846
5235
  plugin_name: Optional[pulumi.Input[str]] = None,
4847
5236
  port: Optional[pulumi.Input[int]] = None,
4848
5237
  root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
5238
+ rotation_period: Optional[pulumi.Input[int]] = None,
5239
+ rotation_schedule: Optional[pulumi.Input[str]] = None,
5240
+ rotation_window: Optional[pulumi.Input[int]] = None,
4849
5241
  tls: Optional[pulumi.Input[bool]] = None,
4850
5242
  username_template: Optional[pulumi.Input[str]] = None,
4851
5243
  verify_connection: Optional[pulumi.Input[bool]] = None):
@@ -4858,6 +5250,7 @@ class SecretsMountInfluxdbArgs:
4858
5250
  connection.
4859
5251
  :param pulumi.Input[int] connect_timeout: The number of seconds to use as a connection timeout.
4860
5252
  :param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
5253
+ :param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
4861
5254
 
4862
5255
  Supported list of database secrets engines that can be configured:
4863
5256
  :param pulumi.Input[bool] insecure_tls: Whether to skip verification of the server certificate when using TLS.
@@ -4866,6 +5259,13 @@ class SecretsMountInfluxdbArgs:
4866
5259
  :param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use.
4867
5260
  :param pulumi.Input[int] port: The transport port to use to connect to Influxdb.
4868
5261
  :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
5262
+ :param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
5263
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
5264
+ :param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
5265
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
5266
+ :param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
5267
+ a rotation when a scheduled token rotation occurs. The default rotation window is
5268
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
4869
5269
  :param pulumi.Input[bool] tls: Whether to use TLS when connecting to Influxdb.
4870
5270
  :param pulumi.Input[str] username_template: Template describing how dynamic usernames are generated.
4871
5271
  :param pulumi.Input[bool] verify_connection: Whether the connection should be verified on
@@ -4881,6 +5281,8 @@ class SecretsMountInfluxdbArgs:
4881
5281
  pulumi.set(__self__, "connect_timeout", connect_timeout)
4882
5282
  if data is not None:
4883
5283
  pulumi.set(__self__, "data", data)
5284
+ if disable_automated_rotation is not None:
5285
+ pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
4884
5286
  if insecure_tls is not None:
4885
5287
  pulumi.set(__self__, "insecure_tls", insecure_tls)
4886
5288
  if pem_bundle is not None:
@@ -4893,6 +5295,12 @@ class SecretsMountInfluxdbArgs:
4893
5295
  pulumi.set(__self__, "port", port)
4894
5296
  if root_rotation_statements is not None:
4895
5297
  pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
5298
+ if rotation_period is not None:
5299
+ pulumi.set(__self__, "rotation_period", rotation_period)
5300
+ if rotation_schedule is not None:
5301
+ pulumi.set(__self__, "rotation_schedule", rotation_schedule)
5302
+ if rotation_window is not None:
5303
+ pulumi.set(__self__, "rotation_window", rotation_window)
4896
5304
  if tls is not None:
4897
5305
  pulumi.set(__self__, "tls", tls)
4898
5306
  if username_template is not None:
@@ -4978,8 +5386,6 @@ class SecretsMountInfluxdbArgs:
4978
5386
  def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
4979
5387
  """
4980
5388
  A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
4981
-
4982
- Supported list of database secrets engines that can be configured:
4983
5389
  """
4984
5390
  return pulumi.get(self, "data")
4985
5391
 
@@ -4987,6 +5393,20 @@ class SecretsMountInfluxdbArgs:
4987
5393
  def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
4988
5394
  pulumi.set(self, "data", value)
4989
5395
 
5396
+ @property
5397
+ @pulumi.getter(name="disableAutomatedRotation")
5398
+ def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
5399
+ """
5400
+ Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
5401
+
5402
+ Supported list of database secrets engines that can be configured:
5403
+ """
5404
+ return pulumi.get(self, "disable_automated_rotation")
5405
+
5406
+ @disable_automated_rotation.setter
5407
+ def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
5408
+ pulumi.set(self, "disable_automated_rotation", value)
5409
+
4990
5410
  @property
4991
5411
  @pulumi.getter(name="insecureTls")
4992
5412
  def insecure_tls(self) -> Optional[pulumi.Input[bool]]:
@@ -5059,6 +5479,46 @@ class SecretsMountInfluxdbArgs:
5059
5479
  def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
5060
5480
  pulumi.set(self, "root_rotation_statements", value)
5061
5481
 
5482
+ @property
5483
+ @pulumi.getter(name="rotationPeriod")
5484
+ def rotation_period(self) -> Optional[pulumi.Input[int]]:
5485
+ """
5486
+ The amount of time in seconds Vault should wait before rotating the root credential.
5487
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
5488
+ """
5489
+ return pulumi.get(self, "rotation_period")
5490
+
5491
+ @rotation_period.setter
5492
+ def rotation_period(self, value: Optional[pulumi.Input[int]]):
5493
+ pulumi.set(self, "rotation_period", value)
5494
+
5495
+ @property
5496
+ @pulumi.getter(name="rotationSchedule")
5497
+ def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
5498
+ """
5499
+ The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
5500
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
5501
+ """
5502
+ return pulumi.get(self, "rotation_schedule")
5503
+
5504
+ @rotation_schedule.setter
5505
+ def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
5506
+ pulumi.set(self, "rotation_schedule", value)
5507
+
5508
+ @property
5509
+ @pulumi.getter(name="rotationWindow")
5510
+ def rotation_window(self) -> Optional[pulumi.Input[int]]:
5511
+ """
5512
+ The maximum amount of time in seconds allowed to complete
5513
+ a rotation when a scheduled token rotation occurs. The default rotation window is
5514
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
5515
+ """
5516
+ return pulumi.get(self, "rotation_window")
5517
+
5518
+ @rotation_window.setter
5519
+ def rotation_window(self, value: Optional[pulumi.Input[int]]):
5520
+ pulumi.set(self, "rotation_window", value)
5521
+
5062
5522
  @property
5063
5523
  @pulumi.getter
5064
5524
  def tls(self) -> Optional[pulumi.Input[bool]]:
@@ -5115,6 +5575,10 @@ if not MYPY:
5115
5575
  data: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[str]]]]
5116
5576
  """
5117
5577
  A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
5578
+ """
5579
+ disable_automated_rotation: NotRequired[pulumi.Input[bool]]
5580
+ """
5581
+ Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
5118
5582
 
5119
5583
  Supported list of database secrets engines that can be configured:
5120
5584
  """
@@ -5142,6 +5606,22 @@ if not MYPY:
5142
5606
  """
5143
5607
  A list of database statements to be executed to rotate the root user's credentials.
5144
5608
  """
5609
+ rotation_period: NotRequired[pulumi.Input[int]]
5610
+ """
5611
+ The amount of time in seconds Vault should wait before rotating the root credential.
5612
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
5613
+ """
5614
+ rotation_schedule: NotRequired[pulumi.Input[str]]
5615
+ """
5616
+ The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
5617
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
5618
+ """
5619
+ rotation_window: NotRequired[pulumi.Input[int]]
5620
+ """
5621
+ The maximum amount of time in seconds allowed to complete
5622
+ a rotation when a scheduled token rotation occurs. The default rotation window is
5623
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
5624
+ """
5145
5625
  username: NotRequired[pulumi.Input[str]]
5146
5626
  """
5147
5627
  The root credential username used in the connection URL
@@ -5165,12 +5645,16 @@ class SecretsMountMongodbArgs:
5165
5645
  allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
5166
5646
  connection_url: Optional[pulumi.Input[str]] = None,
5167
5647
  data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
5648
+ disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
5168
5649
  max_connection_lifetime: Optional[pulumi.Input[int]] = None,
5169
5650
  max_idle_connections: Optional[pulumi.Input[int]] = None,
5170
5651
  max_open_connections: Optional[pulumi.Input[int]] = None,
5171
5652
  password: Optional[pulumi.Input[str]] = None,
5172
5653
  plugin_name: Optional[pulumi.Input[str]] = None,
5173
5654
  root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
5655
+ rotation_period: Optional[pulumi.Input[int]] = None,
5656
+ rotation_schedule: Optional[pulumi.Input[str]] = None,
5657
+ rotation_window: Optional[pulumi.Input[int]] = None,
5174
5658
  username: Optional[pulumi.Input[str]] = None,
5175
5659
  username_template: Optional[pulumi.Input[str]] = None,
5176
5660
  verify_connection: Optional[pulumi.Input[bool]] = None):
@@ -5180,6 +5664,7 @@ class SecretsMountMongodbArgs:
5180
5664
  connection.
5181
5665
  :param pulumi.Input[str] connection_url: Connection string to use to connect to the database.
5182
5666
  :param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
5667
+ :param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
5183
5668
 
5184
5669
  Supported list of database secrets engines that can be configured:
5185
5670
  :param pulumi.Input[int] max_connection_lifetime: Maximum number of seconds a connection may be reused.
@@ -5188,6 +5673,13 @@ class SecretsMountMongodbArgs:
5188
5673
  :param pulumi.Input[str] password: The root credential password used in the connection URL
5189
5674
  :param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use.
5190
5675
  :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
5676
+ :param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
5677
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
5678
+ :param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
5679
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
5680
+ :param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
5681
+ a rotation when a scheduled token rotation occurs. The default rotation window is
5682
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
5191
5683
  :param pulumi.Input[str] username: The root credential username used in the connection URL
5192
5684
  :param pulumi.Input[str] username_template: Username generation template.
5193
5685
  :param pulumi.Input[bool] verify_connection: Whether the connection should be verified on
@@ -5200,6 +5692,8 @@ class SecretsMountMongodbArgs:
5200
5692
  pulumi.set(__self__, "connection_url", connection_url)
5201
5693
  if data is not None:
5202
5694
  pulumi.set(__self__, "data", data)
5695
+ if disable_automated_rotation is not None:
5696
+ pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
5203
5697
  if max_connection_lifetime is not None:
5204
5698
  pulumi.set(__self__, "max_connection_lifetime", max_connection_lifetime)
5205
5699
  if max_idle_connections is not None:
@@ -5212,6 +5706,12 @@ class SecretsMountMongodbArgs:
5212
5706
  pulumi.set(__self__, "plugin_name", plugin_name)
5213
5707
  if root_rotation_statements is not None:
5214
5708
  pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
5709
+ if rotation_period is not None:
5710
+ pulumi.set(__self__, "rotation_period", rotation_period)
5711
+ if rotation_schedule is not None:
5712
+ pulumi.set(__self__, "rotation_schedule", rotation_schedule)
5713
+ if rotation_window is not None:
5714
+ pulumi.set(__self__, "rotation_window", rotation_window)
5215
5715
  if username is not None:
5216
5716
  pulumi.set(__self__, "username", username)
5217
5717
  if username_template is not None:
@@ -5261,8 +5761,6 @@ class SecretsMountMongodbArgs:
5261
5761
  def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
5262
5762
  """
5263
5763
  A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
5264
-
5265
- Supported list of database secrets engines that can be configured:
5266
5764
  """
5267
5765
  return pulumi.get(self, "data")
5268
5766
 
@@ -5270,6 +5768,20 @@ class SecretsMountMongodbArgs:
5270
5768
  def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
5271
5769
  pulumi.set(self, "data", value)
5272
5770
 
5771
+ @property
5772
+ @pulumi.getter(name="disableAutomatedRotation")
5773
+ def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
5774
+ """
5775
+ Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
5776
+
5777
+ Supported list of database secrets engines that can be configured:
5778
+ """
5779
+ return pulumi.get(self, "disable_automated_rotation")
5780
+
5781
+ @disable_automated_rotation.setter
5782
+ def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
5783
+ pulumi.set(self, "disable_automated_rotation", value)
5784
+
5273
5785
  @property
5274
5786
  @pulumi.getter(name="maxConnectionLifetime")
5275
5787
  def max_connection_lifetime(self) -> Optional[pulumi.Input[int]]:
@@ -5342,6 +5854,46 @@ class SecretsMountMongodbArgs:
5342
5854
  def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
5343
5855
  pulumi.set(self, "root_rotation_statements", value)
5344
5856
 
5857
+ @property
5858
+ @pulumi.getter(name="rotationPeriod")
5859
+ def rotation_period(self) -> Optional[pulumi.Input[int]]:
5860
+ """
5861
+ The amount of time in seconds Vault should wait before rotating the root credential.
5862
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
5863
+ """
5864
+ return pulumi.get(self, "rotation_period")
5865
+
5866
+ @rotation_period.setter
5867
+ def rotation_period(self, value: Optional[pulumi.Input[int]]):
5868
+ pulumi.set(self, "rotation_period", value)
5869
+
5870
+ @property
5871
+ @pulumi.getter(name="rotationSchedule")
5872
+ def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
5873
+ """
5874
+ The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
5875
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
5876
+ """
5877
+ return pulumi.get(self, "rotation_schedule")
5878
+
5879
+ @rotation_schedule.setter
5880
+ def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
5881
+ pulumi.set(self, "rotation_schedule", value)
5882
+
5883
+ @property
5884
+ @pulumi.getter(name="rotationWindow")
5885
+ def rotation_window(self) -> Optional[pulumi.Input[int]]:
5886
+ """
5887
+ The maximum amount of time in seconds allowed to complete
5888
+ a rotation when a scheduled token rotation occurs. The default rotation window is
5889
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
5890
+ """
5891
+ return pulumi.get(self, "rotation_window")
5892
+
5893
+ @rotation_window.setter
5894
+ def rotation_window(self, value: Optional[pulumi.Input[int]]):
5895
+ pulumi.set(self, "rotation_window", value)
5896
+
5345
5897
  @property
5346
5898
  @pulumi.getter
5347
5899
  def username(self) -> Optional[pulumi.Input[str]]:
@@ -5406,6 +5958,10 @@ if not MYPY:
5406
5958
  data: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[str]]]]
5407
5959
  """
5408
5960
  A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
5961
+ """
5962
+ disable_automated_rotation: NotRequired[pulumi.Input[bool]]
5963
+ """
5964
+ Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
5409
5965
 
5410
5966
  Supported list of database secrets engines that can be configured:
5411
5967
  """
@@ -5417,6 +5973,22 @@ if not MYPY:
5417
5973
  """
5418
5974
  A list of database statements to be executed to rotate the root user's credentials.
5419
5975
  """
5976
+ rotation_period: NotRequired[pulumi.Input[int]]
5977
+ """
5978
+ The amount of time in seconds Vault should wait before rotating the root credential.
5979
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
5980
+ """
5981
+ rotation_schedule: NotRequired[pulumi.Input[str]]
5982
+ """
5983
+ The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
5984
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
5985
+ """
5986
+ rotation_window: NotRequired[pulumi.Input[int]]
5987
+ """
5988
+ The maximum amount of time in seconds allowed to complete
5989
+ a rotation when a scheduled token rotation occurs. The default rotation window is
5990
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
5991
+ """
5420
5992
  verify_connection: NotRequired[pulumi.Input[bool]]
5421
5993
  """
5422
5994
  Whether the connection should be verified on
@@ -5434,8 +6006,12 @@ class SecretsMountMongodbatlaArgs:
5434
6006
  public_key: pulumi.Input[str],
5435
6007
  allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
5436
6008
  data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
6009
+ disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
5437
6010
  plugin_name: Optional[pulumi.Input[str]] = None,
5438
6011
  root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
6012
+ rotation_period: Optional[pulumi.Input[int]] = None,
6013
+ rotation_schedule: Optional[pulumi.Input[str]] = None,
6014
+ rotation_window: Optional[pulumi.Input[int]] = None,
5439
6015
  verify_connection: Optional[pulumi.Input[bool]] = None):
5440
6016
  """
5441
6017
  :param pulumi.Input[str] name: Name of the database connection.
@@ -5445,10 +6021,18 @@ class SecretsMountMongodbatlaArgs:
5445
6021
  :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_roles: A list of roles that are allowed to use this
5446
6022
  connection.
5447
6023
  :param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
6024
+ :param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
5448
6025
 
5449
6026
  Supported list of database secrets engines that can be configured:
5450
6027
  :param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use.
5451
6028
  :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
6029
+ :param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
6030
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
6031
+ :param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
6032
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
6033
+ :param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
6034
+ a rotation when a scheduled token rotation occurs. The default rotation window is
6035
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
5452
6036
  :param pulumi.Input[bool] verify_connection: Whether the connection should be verified on
5453
6037
  initial configuration or not.
5454
6038
  """
@@ -5460,10 +6044,18 @@ class SecretsMountMongodbatlaArgs:
5460
6044
  pulumi.set(__self__, "allowed_roles", allowed_roles)
5461
6045
  if data is not None:
5462
6046
  pulumi.set(__self__, "data", data)
6047
+ if disable_automated_rotation is not None:
6048
+ pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
5463
6049
  if plugin_name is not None:
5464
6050
  pulumi.set(__self__, "plugin_name", plugin_name)
5465
6051
  if root_rotation_statements is not None:
5466
6052
  pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
6053
+ if rotation_period is not None:
6054
+ pulumi.set(__self__, "rotation_period", rotation_period)
6055
+ if rotation_schedule is not None:
6056
+ pulumi.set(__self__, "rotation_schedule", rotation_schedule)
6057
+ if rotation_window is not None:
6058
+ pulumi.set(__self__, "rotation_window", rotation_window)
5467
6059
  if verify_connection is not None:
5468
6060
  pulumi.set(__self__, "verify_connection", verify_connection)
5469
6061
 
@@ -5533,8 +6125,6 @@ class SecretsMountMongodbatlaArgs:
5533
6125
  def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
5534
6126
  """
5535
6127
  A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
5536
-
5537
- Supported list of database secrets engines that can be configured:
5538
6128
  """
5539
6129
  return pulumi.get(self, "data")
5540
6130
 
@@ -5542,6 +6132,20 @@ class SecretsMountMongodbatlaArgs:
5542
6132
  def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
5543
6133
  pulumi.set(self, "data", value)
5544
6134
 
6135
+ @property
6136
+ @pulumi.getter(name="disableAutomatedRotation")
6137
+ def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
6138
+ """
6139
+ Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
6140
+
6141
+ Supported list of database secrets engines that can be configured:
6142
+ """
6143
+ return pulumi.get(self, "disable_automated_rotation")
6144
+
6145
+ @disable_automated_rotation.setter
6146
+ def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
6147
+ pulumi.set(self, "disable_automated_rotation", value)
6148
+
5545
6149
  @property
5546
6150
  @pulumi.getter(name="pluginName")
5547
6151
  def plugin_name(self) -> Optional[pulumi.Input[str]]:
@@ -5566,6 +6170,46 @@ class SecretsMountMongodbatlaArgs:
5566
6170
  def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
5567
6171
  pulumi.set(self, "root_rotation_statements", value)
5568
6172
 
6173
+ @property
6174
+ @pulumi.getter(name="rotationPeriod")
6175
+ def rotation_period(self) -> Optional[pulumi.Input[int]]:
6176
+ """
6177
+ The amount of time in seconds Vault should wait before rotating the root credential.
6178
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
6179
+ """
6180
+ return pulumi.get(self, "rotation_period")
6181
+
6182
+ @rotation_period.setter
6183
+ def rotation_period(self, value: Optional[pulumi.Input[int]]):
6184
+ pulumi.set(self, "rotation_period", value)
6185
+
6186
+ @property
6187
+ @pulumi.getter(name="rotationSchedule")
6188
+ def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
6189
+ """
6190
+ The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
6191
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
6192
+ """
6193
+ return pulumi.get(self, "rotation_schedule")
6194
+
6195
+ @rotation_schedule.setter
6196
+ def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
6197
+ pulumi.set(self, "rotation_schedule", value)
6198
+
6199
+ @property
6200
+ @pulumi.getter(name="rotationWindow")
6201
+ def rotation_window(self) -> Optional[pulumi.Input[int]]:
6202
+ """
6203
+ The maximum amount of time in seconds allowed to complete
6204
+ a rotation when a scheduled token rotation occurs. The default rotation window is
6205
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
6206
+ """
6207
+ return pulumi.get(self, "rotation_window")
6208
+
6209
+ @rotation_window.setter
6210
+ def rotation_window(self, value: Optional[pulumi.Input[int]]):
6211
+ pulumi.set(self, "rotation_window", value)
6212
+
5569
6213
  @property
5570
6214
  @pulumi.getter(name="verifyConnection")
5571
6215
  def verify_connection(self) -> Optional[pulumi.Input[bool]]:
@@ -5602,6 +6246,10 @@ if not MYPY:
5602
6246
  data: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[str]]]]
5603
6247
  """
5604
6248
  A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
6249
+ """
6250
+ disable_automated_rotation: NotRequired[pulumi.Input[bool]]
6251
+ """
6252
+ Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
5605
6253
 
5606
6254
  Supported list of database secrets engines that can be configured:
5607
6255
  """
@@ -5633,6 +6281,22 @@ if not MYPY:
5633
6281
  """
5634
6282
  A list of database statements to be executed to rotate the root user's credentials.
5635
6283
  """
6284
+ rotation_period: NotRequired[pulumi.Input[int]]
6285
+ """
6286
+ The amount of time in seconds Vault should wait before rotating the root credential.
6287
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
6288
+ """
6289
+ rotation_schedule: NotRequired[pulumi.Input[str]]
6290
+ """
6291
+ The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
6292
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
6293
+ """
6294
+ rotation_window: NotRequired[pulumi.Input[int]]
6295
+ """
6296
+ The maximum amount of time in seconds allowed to complete
6297
+ a rotation when a scheduled token rotation occurs. The default rotation window is
6298
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
6299
+ """
5636
6300
  username: NotRequired[pulumi.Input[str]]
5637
6301
  """
5638
6302
  The root credential username used in the connection URL
@@ -5657,6 +6321,7 @@ class SecretsMountMssqlArgs:
5657
6321
  connection_url: Optional[pulumi.Input[str]] = None,
5658
6322
  contained_db: Optional[pulumi.Input[bool]] = None,
5659
6323
  data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
6324
+ disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
5660
6325
  disable_escaping: Optional[pulumi.Input[bool]] = None,
5661
6326
  max_connection_lifetime: Optional[pulumi.Input[int]] = None,
5662
6327
  max_idle_connections: Optional[pulumi.Input[int]] = None,
@@ -5664,6 +6329,9 @@ class SecretsMountMssqlArgs:
5664
6329
  password: Optional[pulumi.Input[str]] = None,
5665
6330
  plugin_name: Optional[pulumi.Input[str]] = None,
5666
6331
  root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
6332
+ rotation_period: Optional[pulumi.Input[int]] = None,
6333
+ rotation_schedule: Optional[pulumi.Input[str]] = None,
6334
+ rotation_window: Optional[pulumi.Input[int]] = None,
5667
6335
  username: Optional[pulumi.Input[str]] = None,
5668
6336
  username_template: Optional[pulumi.Input[str]] = None,
5669
6337
  verify_connection: Optional[pulumi.Input[bool]] = None):
@@ -5674,6 +6342,7 @@ class SecretsMountMssqlArgs:
5674
6342
  :param pulumi.Input[str] connection_url: Connection string to use to connect to the database.
5675
6343
  :param pulumi.Input[bool] contained_db: Set to true when the target is a Contained Database, e.g. AzureSQL.
5676
6344
  :param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
6345
+ :param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
5677
6346
 
5678
6347
  Supported list of database secrets engines that can be configured:
5679
6348
  :param pulumi.Input[bool] disable_escaping: Disable special character escaping in username and password
@@ -5683,6 +6352,13 @@ class SecretsMountMssqlArgs:
5683
6352
  :param pulumi.Input[str] password: The root credential password used in the connection URL
5684
6353
  :param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use.
5685
6354
  :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
6355
+ :param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
6356
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
6357
+ :param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
6358
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
6359
+ :param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
6360
+ a rotation when a scheduled token rotation occurs. The default rotation window is
6361
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
5686
6362
  :param pulumi.Input[str] username: The root credential username used in the connection URL
5687
6363
  :param pulumi.Input[str] username_template: Username generation template.
5688
6364
  :param pulumi.Input[bool] verify_connection: Whether the connection should be verified on
@@ -5697,6 +6373,8 @@ class SecretsMountMssqlArgs:
5697
6373
  pulumi.set(__self__, "contained_db", contained_db)
5698
6374
  if data is not None:
5699
6375
  pulumi.set(__self__, "data", data)
6376
+ if disable_automated_rotation is not None:
6377
+ pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
5700
6378
  if disable_escaping is not None:
5701
6379
  pulumi.set(__self__, "disable_escaping", disable_escaping)
5702
6380
  if max_connection_lifetime is not None:
@@ -5711,6 +6389,12 @@ class SecretsMountMssqlArgs:
5711
6389
  pulumi.set(__self__, "plugin_name", plugin_name)
5712
6390
  if root_rotation_statements is not None:
5713
6391
  pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
6392
+ if rotation_period is not None:
6393
+ pulumi.set(__self__, "rotation_period", rotation_period)
6394
+ if rotation_schedule is not None:
6395
+ pulumi.set(__self__, "rotation_schedule", rotation_schedule)
6396
+ if rotation_window is not None:
6397
+ pulumi.set(__self__, "rotation_window", rotation_window)
5714
6398
  if username is not None:
5715
6399
  pulumi.set(__self__, "username", username)
5716
6400
  if username_template is not None:
@@ -5772,8 +6456,6 @@ class SecretsMountMssqlArgs:
5772
6456
  def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
5773
6457
  """
5774
6458
  A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
5775
-
5776
- Supported list of database secrets engines that can be configured:
5777
6459
  """
5778
6460
  return pulumi.get(self, "data")
5779
6461
 
@@ -5781,6 +6463,20 @@ class SecretsMountMssqlArgs:
5781
6463
  def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
5782
6464
  pulumi.set(self, "data", value)
5783
6465
 
6466
+ @property
6467
+ @pulumi.getter(name="disableAutomatedRotation")
6468
+ def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
6469
+ """
6470
+ Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
6471
+
6472
+ Supported list of database secrets engines that can be configured:
6473
+ """
6474
+ return pulumi.get(self, "disable_automated_rotation")
6475
+
6476
+ @disable_automated_rotation.setter
6477
+ def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
6478
+ pulumi.set(self, "disable_automated_rotation", value)
6479
+
5784
6480
  @property
5785
6481
  @pulumi.getter(name="disableEscaping")
5786
6482
  def disable_escaping(self) -> Optional[pulumi.Input[bool]]:
@@ -5865,6 +6561,46 @@ class SecretsMountMssqlArgs:
5865
6561
  def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
5866
6562
  pulumi.set(self, "root_rotation_statements", value)
5867
6563
 
6564
+ @property
6565
+ @pulumi.getter(name="rotationPeriod")
6566
+ def rotation_period(self) -> Optional[pulumi.Input[int]]:
6567
+ """
6568
+ The amount of time in seconds Vault should wait before rotating the root credential.
6569
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
6570
+ """
6571
+ return pulumi.get(self, "rotation_period")
6572
+
6573
+ @rotation_period.setter
6574
+ def rotation_period(self, value: Optional[pulumi.Input[int]]):
6575
+ pulumi.set(self, "rotation_period", value)
6576
+
6577
+ @property
6578
+ @pulumi.getter(name="rotationSchedule")
6579
+ def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
6580
+ """
6581
+ The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
6582
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
6583
+ """
6584
+ return pulumi.get(self, "rotation_schedule")
6585
+
6586
+ @rotation_schedule.setter
6587
+ def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
6588
+ pulumi.set(self, "rotation_schedule", value)
6589
+
6590
+ @property
6591
+ @pulumi.getter(name="rotationWindow")
6592
+ def rotation_window(self) -> Optional[pulumi.Input[int]]:
6593
+ """
6594
+ The maximum amount of time in seconds allowed to complete
6595
+ a rotation when a scheduled token rotation occurs. The default rotation window is
6596
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
6597
+ """
6598
+ return pulumi.get(self, "rotation_window")
6599
+
6600
+ @rotation_window.setter
6601
+ def rotation_window(self, value: Optional[pulumi.Input[int]]):
6602
+ pulumi.set(self, "rotation_window", value)
6603
+
5868
6604
  @property
5869
6605
  @pulumi.getter
5870
6606
  def username(self) -> Optional[pulumi.Input[str]]:
@@ -5925,6 +6661,10 @@ if not MYPY:
5925
6661
  data: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[str]]]]
5926
6662
  """
5927
6663
  A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
6664
+ """
6665
+ disable_automated_rotation: NotRequired[pulumi.Input[bool]]
6666
+ """
6667
+ Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
5928
6668
 
5929
6669
  Supported list of database secrets engines that can be configured:
5930
6670
  """
@@ -5952,6 +6692,22 @@ if not MYPY:
5952
6692
  """
5953
6693
  A list of database statements to be executed to rotate the root user's credentials.
5954
6694
  """
6695
+ rotation_period: NotRequired[pulumi.Input[int]]
6696
+ """
6697
+ The amount of time in seconds Vault should wait before rotating the root credential.
6698
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
6699
+ """
6700
+ rotation_schedule: NotRequired[pulumi.Input[str]]
6701
+ """
6702
+ The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
6703
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
6704
+ """
6705
+ rotation_window: NotRequired[pulumi.Input[int]]
6706
+ """
6707
+ The maximum amount of time in seconds allowed to complete
6708
+ a rotation when a scheduled token rotation occurs. The default rotation window is
6709
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
6710
+ """
5955
6711
  service_account_json: NotRequired[pulumi.Input[str]]
5956
6712
  """
5957
6713
  A JSON encoded credential for use with IAM authorization
@@ -5988,12 +6744,16 @@ class SecretsMountMysqlArgs:
5988
6744
  auth_type: Optional[pulumi.Input[str]] = None,
5989
6745
  connection_url: Optional[pulumi.Input[str]] = None,
5990
6746
  data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
6747
+ disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
5991
6748
  max_connection_lifetime: Optional[pulumi.Input[int]] = None,
5992
6749
  max_idle_connections: Optional[pulumi.Input[int]] = None,
5993
6750
  max_open_connections: Optional[pulumi.Input[int]] = None,
5994
6751
  password: Optional[pulumi.Input[str]] = None,
5995
6752
  plugin_name: Optional[pulumi.Input[str]] = None,
5996
6753
  root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
6754
+ rotation_period: Optional[pulumi.Input[int]] = None,
6755
+ rotation_schedule: Optional[pulumi.Input[str]] = None,
6756
+ rotation_window: Optional[pulumi.Input[int]] = None,
5997
6757
  service_account_json: Optional[pulumi.Input[str]] = None,
5998
6758
  tls_ca: Optional[pulumi.Input[str]] = None,
5999
6759
  tls_certificate_key: Optional[pulumi.Input[str]] = None,
@@ -6007,6 +6767,7 @@ class SecretsMountMysqlArgs:
6007
6767
  :param pulumi.Input[str] auth_type: Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
6008
6768
  :param pulumi.Input[str] connection_url: Connection string to use to connect to the database.
6009
6769
  :param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
6770
+ :param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
6010
6771
 
6011
6772
  Supported list of database secrets engines that can be configured:
6012
6773
  :param pulumi.Input[int] max_connection_lifetime: Maximum number of seconds a connection may be reused.
@@ -6015,6 +6776,13 @@ class SecretsMountMysqlArgs:
6015
6776
  :param pulumi.Input[str] password: The root credential password used in the connection URL
6016
6777
  :param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use.
6017
6778
  :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
6779
+ :param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
6780
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
6781
+ :param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
6782
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
6783
+ :param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
6784
+ a rotation when a scheduled token rotation occurs. The default rotation window is
6785
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
6018
6786
  :param pulumi.Input[str] service_account_json: A JSON encoded credential for use with IAM authorization
6019
6787
  :param pulumi.Input[str] tls_ca: x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
6020
6788
  :param pulumi.Input[str] tls_certificate_key: x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
@@ -6032,6 +6800,8 @@ class SecretsMountMysqlArgs:
6032
6800
  pulumi.set(__self__, "connection_url", connection_url)
6033
6801
  if data is not None:
6034
6802
  pulumi.set(__self__, "data", data)
6803
+ if disable_automated_rotation is not None:
6804
+ pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
6035
6805
  if max_connection_lifetime is not None:
6036
6806
  pulumi.set(__self__, "max_connection_lifetime", max_connection_lifetime)
6037
6807
  if max_idle_connections is not None:
@@ -6044,6 +6814,12 @@ class SecretsMountMysqlArgs:
6044
6814
  pulumi.set(__self__, "plugin_name", plugin_name)
6045
6815
  if root_rotation_statements is not None:
6046
6816
  pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
6817
+ if rotation_period is not None:
6818
+ pulumi.set(__self__, "rotation_period", rotation_period)
6819
+ if rotation_schedule is not None:
6820
+ pulumi.set(__self__, "rotation_schedule", rotation_schedule)
6821
+ if rotation_window is not None:
6822
+ pulumi.set(__self__, "rotation_window", rotation_window)
6047
6823
  if service_account_json is not None:
6048
6824
  pulumi.set(__self__, "service_account_json", service_account_json)
6049
6825
  if tls_ca is not None:
@@ -6111,8 +6887,6 @@ class SecretsMountMysqlArgs:
6111
6887
  def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
6112
6888
  """
6113
6889
  A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
6114
-
6115
- Supported list of database secrets engines that can be configured:
6116
6890
  """
6117
6891
  return pulumi.get(self, "data")
6118
6892
 
@@ -6120,6 +6894,20 @@ class SecretsMountMysqlArgs:
6120
6894
  def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
6121
6895
  pulumi.set(self, "data", value)
6122
6896
 
6897
+ @property
6898
+ @pulumi.getter(name="disableAutomatedRotation")
6899
+ def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
6900
+ """
6901
+ Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
6902
+
6903
+ Supported list of database secrets engines that can be configured:
6904
+ """
6905
+ return pulumi.get(self, "disable_automated_rotation")
6906
+
6907
+ @disable_automated_rotation.setter
6908
+ def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
6909
+ pulumi.set(self, "disable_automated_rotation", value)
6910
+
6123
6911
  @property
6124
6912
  @pulumi.getter(name="maxConnectionLifetime")
6125
6913
  def max_connection_lifetime(self) -> Optional[pulumi.Input[int]]:
@@ -6192,6 +6980,46 @@ class SecretsMountMysqlArgs:
6192
6980
  def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
6193
6981
  pulumi.set(self, "root_rotation_statements", value)
6194
6982
 
6983
+ @property
6984
+ @pulumi.getter(name="rotationPeriod")
6985
+ def rotation_period(self) -> Optional[pulumi.Input[int]]:
6986
+ """
6987
+ The amount of time in seconds Vault should wait before rotating the root credential.
6988
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
6989
+ """
6990
+ return pulumi.get(self, "rotation_period")
6991
+
6992
+ @rotation_period.setter
6993
+ def rotation_period(self, value: Optional[pulumi.Input[int]]):
6994
+ pulumi.set(self, "rotation_period", value)
6995
+
6996
+ @property
6997
+ @pulumi.getter(name="rotationSchedule")
6998
+ def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
6999
+ """
7000
+ The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
7001
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
7002
+ """
7003
+ return pulumi.get(self, "rotation_schedule")
7004
+
7005
+ @rotation_schedule.setter
7006
+ def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
7007
+ pulumi.set(self, "rotation_schedule", value)
7008
+
7009
+ @property
7010
+ @pulumi.getter(name="rotationWindow")
7011
+ def rotation_window(self) -> Optional[pulumi.Input[int]]:
7012
+ """
7013
+ The maximum amount of time in seconds allowed to complete
7014
+ a rotation when a scheduled token rotation occurs. The default rotation window is
7015
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
7016
+ """
7017
+ return pulumi.get(self, "rotation_window")
7018
+
7019
+ @rotation_window.setter
7020
+ def rotation_window(self, value: Optional[pulumi.Input[int]]):
7021
+ pulumi.set(self, "rotation_window", value)
7022
+
6195
7023
  @property
6196
7024
  @pulumi.getter(name="serviceAccountJson")
6197
7025
  def service_account_json(self) -> Optional[pulumi.Input[str]]:
@@ -6288,6 +7116,10 @@ if not MYPY:
6288
7116
  data: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[str]]]]
6289
7117
  """
6290
7118
  A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
7119
+ """
7120
+ disable_automated_rotation: NotRequired[pulumi.Input[bool]]
7121
+ """
7122
+ Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
6291
7123
 
6292
7124
  Supported list of database secrets engines that can be configured:
6293
7125
  """
@@ -6315,6 +7147,22 @@ if not MYPY:
6315
7147
  """
6316
7148
  A list of database statements to be executed to rotate the root user's credentials.
6317
7149
  """
7150
+ rotation_period: NotRequired[pulumi.Input[int]]
7151
+ """
7152
+ The amount of time in seconds Vault should wait before rotating the root credential.
7153
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
7154
+ """
7155
+ rotation_schedule: NotRequired[pulumi.Input[str]]
7156
+ """
7157
+ The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
7158
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
7159
+ """
7160
+ rotation_window: NotRequired[pulumi.Input[int]]
7161
+ """
7162
+ The maximum amount of time in seconds allowed to complete
7163
+ a rotation when a scheduled token rotation occurs. The default rotation window is
7164
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
7165
+ """
6318
7166
  service_account_json: NotRequired[pulumi.Input[str]]
6319
7167
  """
6320
7168
  A JSON encoded credential for use with IAM authorization
@@ -6351,12 +7199,16 @@ class SecretsMountMysqlAuroraArgs:
6351
7199
  auth_type: Optional[pulumi.Input[str]] = None,
6352
7200
  connection_url: Optional[pulumi.Input[str]] = None,
6353
7201
  data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
7202
+ disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
6354
7203
  max_connection_lifetime: Optional[pulumi.Input[int]] = None,
6355
7204
  max_idle_connections: Optional[pulumi.Input[int]] = None,
6356
7205
  max_open_connections: Optional[pulumi.Input[int]] = None,
6357
7206
  password: Optional[pulumi.Input[str]] = None,
6358
7207
  plugin_name: Optional[pulumi.Input[str]] = None,
6359
7208
  root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
7209
+ rotation_period: Optional[pulumi.Input[int]] = None,
7210
+ rotation_schedule: Optional[pulumi.Input[str]] = None,
7211
+ rotation_window: Optional[pulumi.Input[int]] = None,
6360
7212
  service_account_json: Optional[pulumi.Input[str]] = None,
6361
7213
  tls_ca: Optional[pulumi.Input[str]] = None,
6362
7214
  tls_certificate_key: Optional[pulumi.Input[str]] = None,
@@ -6370,6 +7222,7 @@ class SecretsMountMysqlAuroraArgs:
6370
7222
  :param pulumi.Input[str] auth_type: Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
6371
7223
  :param pulumi.Input[str] connection_url: Connection string to use to connect to the database.
6372
7224
  :param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
7225
+ :param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
6373
7226
 
6374
7227
  Supported list of database secrets engines that can be configured:
6375
7228
  :param pulumi.Input[int] max_connection_lifetime: Maximum number of seconds a connection may be reused.
@@ -6378,6 +7231,13 @@ class SecretsMountMysqlAuroraArgs:
6378
7231
  :param pulumi.Input[str] password: The root credential password used in the connection URL
6379
7232
  :param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use.
6380
7233
  :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
7234
+ :param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
7235
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
7236
+ :param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
7237
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
7238
+ :param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
7239
+ a rotation when a scheduled token rotation occurs. The default rotation window is
7240
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
6381
7241
  :param pulumi.Input[str] service_account_json: A JSON encoded credential for use with IAM authorization
6382
7242
  :param pulumi.Input[str] tls_ca: x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
6383
7243
  :param pulumi.Input[str] tls_certificate_key: x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
@@ -6395,6 +7255,8 @@ class SecretsMountMysqlAuroraArgs:
6395
7255
  pulumi.set(__self__, "connection_url", connection_url)
6396
7256
  if data is not None:
6397
7257
  pulumi.set(__self__, "data", data)
7258
+ if disable_automated_rotation is not None:
7259
+ pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
6398
7260
  if max_connection_lifetime is not None:
6399
7261
  pulumi.set(__self__, "max_connection_lifetime", max_connection_lifetime)
6400
7262
  if max_idle_connections is not None:
@@ -6407,6 +7269,12 @@ class SecretsMountMysqlAuroraArgs:
6407
7269
  pulumi.set(__self__, "plugin_name", plugin_name)
6408
7270
  if root_rotation_statements is not None:
6409
7271
  pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
7272
+ if rotation_period is not None:
7273
+ pulumi.set(__self__, "rotation_period", rotation_period)
7274
+ if rotation_schedule is not None:
7275
+ pulumi.set(__self__, "rotation_schedule", rotation_schedule)
7276
+ if rotation_window is not None:
7277
+ pulumi.set(__self__, "rotation_window", rotation_window)
6410
7278
  if service_account_json is not None:
6411
7279
  pulumi.set(__self__, "service_account_json", service_account_json)
6412
7280
  if tls_ca is not None:
@@ -6474,8 +7342,6 @@ class SecretsMountMysqlAuroraArgs:
6474
7342
  def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
6475
7343
  """
6476
7344
  A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
6477
-
6478
- Supported list of database secrets engines that can be configured:
6479
7345
  """
6480
7346
  return pulumi.get(self, "data")
6481
7347
 
@@ -6483,6 +7349,20 @@ class SecretsMountMysqlAuroraArgs:
6483
7349
  def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
6484
7350
  pulumi.set(self, "data", value)
6485
7351
 
7352
+ @property
7353
+ @pulumi.getter(name="disableAutomatedRotation")
7354
+ def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
7355
+ """
7356
+ Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
7357
+
7358
+ Supported list of database secrets engines that can be configured:
7359
+ """
7360
+ return pulumi.get(self, "disable_automated_rotation")
7361
+
7362
+ @disable_automated_rotation.setter
7363
+ def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
7364
+ pulumi.set(self, "disable_automated_rotation", value)
7365
+
6486
7366
  @property
6487
7367
  @pulumi.getter(name="maxConnectionLifetime")
6488
7368
  def max_connection_lifetime(self) -> Optional[pulumi.Input[int]]:
@@ -6555,6 +7435,46 @@ class SecretsMountMysqlAuroraArgs:
6555
7435
  def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
6556
7436
  pulumi.set(self, "root_rotation_statements", value)
6557
7437
 
7438
+ @property
7439
+ @pulumi.getter(name="rotationPeriod")
7440
+ def rotation_period(self) -> Optional[pulumi.Input[int]]:
7441
+ """
7442
+ The amount of time in seconds Vault should wait before rotating the root credential.
7443
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
7444
+ """
7445
+ return pulumi.get(self, "rotation_period")
7446
+
7447
+ @rotation_period.setter
7448
+ def rotation_period(self, value: Optional[pulumi.Input[int]]):
7449
+ pulumi.set(self, "rotation_period", value)
7450
+
7451
+ @property
7452
+ @pulumi.getter(name="rotationSchedule")
7453
+ def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
7454
+ """
7455
+ The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
7456
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
7457
+ """
7458
+ return pulumi.get(self, "rotation_schedule")
7459
+
7460
+ @rotation_schedule.setter
7461
+ def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
7462
+ pulumi.set(self, "rotation_schedule", value)
7463
+
7464
+ @property
7465
+ @pulumi.getter(name="rotationWindow")
7466
+ def rotation_window(self) -> Optional[pulumi.Input[int]]:
7467
+ """
7468
+ The maximum amount of time in seconds allowed to complete
7469
+ a rotation when a scheduled token rotation occurs. The default rotation window is
7470
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
7471
+ """
7472
+ return pulumi.get(self, "rotation_window")
7473
+
7474
+ @rotation_window.setter
7475
+ def rotation_window(self, value: Optional[pulumi.Input[int]]):
7476
+ pulumi.set(self, "rotation_window", value)
7477
+
6558
7478
  @property
6559
7479
  @pulumi.getter(name="serviceAccountJson")
6560
7480
  def service_account_json(self) -> Optional[pulumi.Input[str]]:
@@ -6651,6 +7571,10 @@ if not MYPY:
6651
7571
  data: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[str]]]]
6652
7572
  """
6653
7573
  A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
7574
+ """
7575
+ disable_automated_rotation: NotRequired[pulumi.Input[bool]]
7576
+ """
7577
+ Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
6654
7578
 
6655
7579
  Supported list of database secrets engines that can be configured:
6656
7580
  """
@@ -6678,6 +7602,22 @@ if not MYPY:
6678
7602
  """
6679
7603
  A list of database statements to be executed to rotate the root user's credentials.
6680
7604
  """
7605
+ rotation_period: NotRequired[pulumi.Input[int]]
7606
+ """
7607
+ The amount of time in seconds Vault should wait before rotating the root credential.
7608
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
7609
+ """
7610
+ rotation_schedule: NotRequired[pulumi.Input[str]]
7611
+ """
7612
+ The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
7613
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
7614
+ """
7615
+ rotation_window: NotRequired[pulumi.Input[int]]
7616
+ """
7617
+ The maximum amount of time in seconds allowed to complete
7618
+ a rotation when a scheduled token rotation occurs. The default rotation window is
7619
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
7620
+ """
6681
7621
  service_account_json: NotRequired[pulumi.Input[str]]
6682
7622
  """
6683
7623
  A JSON encoded credential for use with IAM authorization
@@ -6714,12 +7654,16 @@ class SecretsMountMysqlLegacyArgs:
6714
7654
  auth_type: Optional[pulumi.Input[str]] = None,
6715
7655
  connection_url: Optional[pulumi.Input[str]] = None,
6716
7656
  data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
7657
+ disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
6717
7658
  max_connection_lifetime: Optional[pulumi.Input[int]] = None,
6718
7659
  max_idle_connections: Optional[pulumi.Input[int]] = None,
6719
7660
  max_open_connections: Optional[pulumi.Input[int]] = None,
6720
7661
  password: Optional[pulumi.Input[str]] = None,
6721
7662
  plugin_name: Optional[pulumi.Input[str]] = None,
6722
7663
  root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
7664
+ rotation_period: Optional[pulumi.Input[int]] = None,
7665
+ rotation_schedule: Optional[pulumi.Input[str]] = None,
7666
+ rotation_window: Optional[pulumi.Input[int]] = None,
6723
7667
  service_account_json: Optional[pulumi.Input[str]] = None,
6724
7668
  tls_ca: Optional[pulumi.Input[str]] = None,
6725
7669
  tls_certificate_key: Optional[pulumi.Input[str]] = None,
@@ -6733,6 +7677,7 @@ class SecretsMountMysqlLegacyArgs:
6733
7677
  :param pulumi.Input[str] auth_type: Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
6734
7678
  :param pulumi.Input[str] connection_url: Connection string to use to connect to the database.
6735
7679
  :param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
7680
+ :param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
6736
7681
 
6737
7682
  Supported list of database secrets engines that can be configured:
6738
7683
  :param pulumi.Input[int] max_connection_lifetime: Maximum number of seconds a connection may be reused.
@@ -6741,6 +7686,13 @@ class SecretsMountMysqlLegacyArgs:
6741
7686
  :param pulumi.Input[str] password: The root credential password used in the connection URL
6742
7687
  :param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use.
6743
7688
  :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
7689
+ :param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
7690
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
7691
+ :param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
7692
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
7693
+ :param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
7694
+ a rotation when a scheduled token rotation occurs. The default rotation window is
7695
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
6744
7696
  :param pulumi.Input[str] service_account_json: A JSON encoded credential for use with IAM authorization
6745
7697
  :param pulumi.Input[str] tls_ca: x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
6746
7698
  :param pulumi.Input[str] tls_certificate_key: x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
@@ -6758,6 +7710,8 @@ class SecretsMountMysqlLegacyArgs:
6758
7710
  pulumi.set(__self__, "connection_url", connection_url)
6759
7711
  if data is not None:
6760
7712
  pulumi.set(__self__, "data", data)
7713
+ if disable_automated_rotation is not None:
7714
+ pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
6761
7715
  if max_connection_lifetime is not None:
6762
7716
  pulumi.set(__self__, "max_connection_lifetime", max_connection_lifetime)
6763
7717
  if max_idle_connections is not None:
@@ -6770,6 +7724,12 @@ class SecretsMountMysqlLegacyArgs:
6770
7724
  pulumi.set(__self__, "plugin_name", plugin_name)
6771
7725
  if root_rotation_statements is not None:
6772
7726
  pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
7727
+ if rotation_period is not None:
7728
+ pulumi.set(__self__, "rotation_period", rotation_period)
7729
+ if rotation_schedule is not None:
7730
+ pulumi.set(__self__, "rotation_schedule", rotation_schedule)
7731
+ if rotation_window is not None:
7732
+ pulumi.set(__self__, "rotation_window", rotation_window)
6773
7733
  if service_account_json is not None:
6774
7734
  pulumi.set(__self__, "service_account_json", service_account_json)
6775
7735
  if tls_ca is not None:
@@ -6837,8 +7797,6 @@ class SecretsMountMysqlLegacyArgs:
6837
7797
  def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
6838
7798
  """
6839
7799
  A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
6840
-
6841
- Supported list of database secrets engines that can be configured:
6842
7800
  """
6843
7801
  return pulumi.get(self, "data")
6844
7802
 
@@ -6846,6 +7804,20 @@ class SecretsMountMysqlLegacyArgs:
6846
7804
  def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
6847
7805
  pulumi.set(self, "data", value)
6848
7806
 
7807
+ @property
7808
+ @pulumi.getter(name="disableAutomatedRotation")
7809
+ def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
7810
+ """
7811
+ Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
7812
+
7813
+ Supported list of database secrets engines that can be configured:
7814
+ """
7815
+ return pulumi.get(self, "disable_automated_rotation")
7816
+
7817
+ @disable_automated_rotation.setter
7818
+ def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
7819
+ pulumi.set(self, "disable_automated_rotation", value)
7820
+
6849
7821
  @property
6850
7822
  @pulumi.getter(name="maxConnectionLifetime")
6851
7823
  def max_connection_lifetime(self) -> Optional[pulumi.Input[int]]:
@@ -6918,6 +7890,46 @@ class SecretsMountMysqlLegacyArgs:
6918
7890
  def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
6919
7891
  pulumi.set(self, "root_rotation_statements", value)
6920
7892
 
7893
+ @property
7894
+ @pulumi.getter(name="rotationPeriod")
7895
+ def rotation_period(self) -> Optional[pulumi.Input[int]]:
7896
+ """
7897
+ The amount of time in seconds Vault should wait before rotating the root credential.
7898
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
7899
+ """
7900
+ return pulumi.get(self, "rotation_period")
7901
+
7902
+ @rotation_period.setter
7903
+ def rotation_period(self, value: Optional[pulumi.Input[int]]):
7904
+ pulumi.set(self, "rotation_period", value)
7905
+
7906
+ @property
7907
+ @pulumi.getter(name="rotationSchedule")
7908
+ def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
7909
+ """
7910
+ The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
7911
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
7912
+ """
7913
+ return pulumi.get(self, "rotation_schedule")
7914
+
7915
+ @rotation_schedule.setter
7916
+ def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
7917
+ pulumi.set(self, "rotation_schedule", value)
7918
+
7919
+ @property
7920
+ @pulumi.getter(name="rotationWindow")
7921
+ def rotation_window(self) -> Optional[pulumi.Input[int]]:
7922
+ """
7923
+ The maximum amount of time in seconds allowed to complete
7924
+ a rotation when a scheduled token rotation occurs. The default rotation window is
7925
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
7926
+ """
7927
+ return pulumi.get(self, "rotation_window")
7928
+
7929
+ @rotation_window.setter
7930
+ def rotation_window(self, value: Optional[pulumi.Input[int]]):
7931
+ pulumi.set(self, "rotation_window", value)
7932
+
6921
7933
  @property
6922
7934
  @pulumi.getter(name="serviceAccountJson")
6923
7935
  def service_account_json(self) -> Optional[pulumi.Input[str]]:
@@ -7014,6 +8026,10 @@ if not MYPY:
7014
8026
  data: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[str]]]]
7015
8027
  """
7016
8028
  A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
8029
+ """
8030
+ disable_automated_rotation: NotRequired[pulumi.Input[bool]]
8031
+ """
8032
+ Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
7017
8033
 
7018
8034
  Supported list of database secrets engines that can be configured:
7019
8035
  """
@@ -7041,6 +8057,22 @@ if not MYPY:
7041
8057
  """
7042
8058
  A list of database statements to be executed to rotate the root user's credentials.
7043
8059
  """
8060
+ rotation_period: NotRequired[pulumi.Input[int]]
8061
+ """
8062
+ The amount of time in seconds Vault should wait before rotating the root credential.
8063
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
8064
+ """
8065
+ rotation_schedule: NotRequired[pulumi.Input[str]]
8066
+ """
8067
+ The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
8068
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
8069
+ """
8070
+ rotation_window: NotRequired[pulumi.Input[int]]
8071
+ """
8072
+ The maximum amount of time in seconds allowed to complete
8073
+ a rotation when a scheduled token rotation occurs. The default rotation window is
8074
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
8075
+ """
7044
8076
  service_account_json: NotRequired[pulumi.Input[str]]
7045
8077
  """
7046
8078
  A JSON encoded credential for use with IAM authorization
@@ -7077,12 +8109,16 @@ class SecretsMountMysqlRdArgs:
7077
8109
  auth_type: Optional[pulumi.Input[str]] = None,
7078
8110
  connection_url: Optional[pulumi.Input[str]] = None,
7079
8111
  data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
8112
+ disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
7080
8113
  max_connection_lifetime: Optional[pulumi.Input[int]] = None,
7081
8114
  max_idle_connections: Optional[pulumi.Input[int]] = None,
7082
8115
  max_open_connections: Optional[pulumi.Input[int]] = None,
7083
8116
  password: Optional[pulumi.Input[str]] = None,
7084
8117
  plugin_name: Optional[pulumi.Input[str]] = None,
7085
8118
  root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
8119
+ rotation_period: Optional[pulumi.Input[int]] = None,
8120
+ rotation_schedule: Optional[pulumi.Input[str]] = None,
8121
+ rotation_window: Optional[pulumi.Input[int]] = None,
7086
8122
  service_account_json: Optional[pulumi.Input[str]] = None,
7087
8123
  tls_ca: Optional[pulumi.Input[str]] = None,
7088
8124
  tls_certificate_key: Optional[pulumi.Input[str]] = None,
@@ -7096,6 +8132,7 @@ class SecretsMountMysqlRdArgs:
7096
8132
  :param pulumi.Input[str] auth_type: Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
7097
8133
  :param pulumi.Input[str] connection_url: Connection string to use to connect to the database.
7098
8134
  :param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
8135
+ :param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
7099
8136
 
7100
8137
  Supported list of database secrets engines that can be configured:
7101
8138
  :param pulumi.Input[int] max_connection_lifetime: Maximum number of seconds a connection may be reused.
@@ -7104,6 +8141,13 @@ class SecretsMountMysqlRdArgs:
7104
8141
  :param pulumi.Input[str] password: The root credential password used in the connection URL
7105
8142
  :param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use.
7106
8143
  :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
8144
+ :param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
8145
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
8146
+ :param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
8147
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
8148
+ :param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
8149
+ a rotation when a scheduled token rotation occurs. The default rotation window is
8150
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
7107
8151
  :param pulumi.Input[str] service_account_json: A JSON encoded credential for use with IAM authorization
7108
8152
  :param pulumi.Input[str] tls_ca: x509 CA file for validating the certificate presented by the MySQL server. Must be PEM encoded.
7109
8153
  :param pulumi.Input[str] tls_certificate_key: x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.
@@ -7121,6 +8165,8 @@ class SecretsMountMysqlRdArgs:
7121
8165
  pulumi.set(__self__, "connection_url", connection_url)
7122
8166
  if data is not None:
7123
8167
  pulumi.set(__self__, "data", data)
8168
+ if disable_automated_rotation is not None:
8169
+ pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
7124
8170
  if max_connection_lifetime is not None:
7125
8171
  pulumi.set(__self__, "max_connection_lifetime", max_connection_lifetime)
7126
8172
  if max_idle_connections is not None:
@@ -7133,6 +8179,12 @@ class SecretsMountMysqlRdArgs:
7133
8179
  pulumi.set(__self__, "plugin_name", plugin_name)
7134
8180
  if root_rotation_statements is not None:
7135
8181
  pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
8182
+ if rotation_period is not None:
8183
+ pulumi.set(__self__, "rotation_period", rotation_period)
8184
+ if rotation_schedule is not None:
8185
+ pulumi.set(__self__, "rotation_schedule", rotation_schedule)
8186
+ if rotation_window is not None:
8187
+ pulumi.set(__self__, "rotation_window", rotation_window)
7136
8188
  if service_account_json is not None:
7137
8189
  pulumi.set(__self__, "service_account_json", service_account_json)
7138
8190
  if tls_ca is not None:
@@ -7200,8 +8252,6 @@ class SecretsMountMysqlRdArgs:
7200
8252
  def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
7201
8253
  """
7202
8254
  A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
7203
-
7204
- Supported list of database secrets engines that can be configured:
7205
8255
  """
7206
8256
  return pulumi.get(self, "data")
7207
8257
 
@@ -7209,6 +8259,20 @@ class SecretsMountMysqlRdArgs:
7209
8259
  def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
7210
8260
  pulumi.set(self, "data", value)
7211
8261
 
8262
+ @property
8263
+ @pulumi.getter(name="disableAutomatedRotation")
8264
+ def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
8265
+ """
8266
+ Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
8267
+
8268
+ Supported list of database secrets engines that can be configured:
8269
+ """
8270
+ return pulumi.get(self, "disable_automated_rotation")
8271
+
8272
+ @disable_automated_rotation.setter
8273
+ def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
8274
+ pulumi.set(self, "disable_automated_rotation", value)
8275
+
7212
8276
  @property
7213
8277
  @pulumi.getter(name="maxConnectionLifetime")
7214
8278
  def max_connection_lifetime(self) -> Optional[pulumi.Input[int]]:
@@ -7281,6 +8345,46 @@ class SecretsMountMysqlRdArgs:
7281
8345
  def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
7282
8346
  pulumi.set(self, "root_rotation_statements", value)
7283
8347
 
8348
+ @property
8349
+ @pulumi.getter(name="rotationPeriod")
8350
+ def rotation_period(self) -> Optional[pulumi.Input[int]]:
8351
+ """
8352
+ The amount of time in seconds Vault should wait before rotating the root credential.
8353
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
8354
+ """
8355
+ return pulumi.get(self, "rotation_period")
8356
+
8357
+ @rotation_period.setter
8358
+ def rotation_period(self, value: Optional[pulumi.Input[int]]):
8359
+ pulumi.set(self, "rotation_period", value)
8360
+
8361
+ @property
8362
+ @pulumi.getter(name="rotationSchedule")
8363
+ def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
8364
+ """
8365
+ The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
8366
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
8367
+ """
8368
+ return pulumi.get(self, "rotation_schedule")
8369
+
8370
+ @rotation_schedule.setter
8371
+ def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
8372
+ pulumi.set(self, "rotation_schedule", value)
8373
+
8374
+ @property
8375
+ @pulumi.getter(name="rotationWindow")
8376
+ def rotation_window(self) -> Optional[pulumi.Input[int]]:
8377
+ """
8378
+ The maximum amount of time in seconds allowed to complete
8379
+ a rotation when a scheduled token rotation occurs. The default rotation window is
8380
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
8381
+ """
8382
+ return pulumi.get(self, "rotation_window")
8383
+
8384
+ @rotation_window.setter
8385
+ def rotation_window(self, value: Optional[pulumi.Input[int]]):
8386
+ pulumi.set(self, "rotation_window", value)
8387
+
7284
8388
  @property
7285
8389
  @pulumi.getter(name="serviceAccountJson")
7286
8390
  def service_account_json(self) -> Optional[pulumi.Input[str]]:
@@ -7373,6 +8477,10 @@ if not MYPY:
7373
8477
  data: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[str]]]]
7374
8478
  """
7375
8479
  A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
8480
+ """
8481
+ disable_automated_rotation: NotRequired[pulumi.Input[bool]]
8482
+ """
8483
+ Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
7376
8484
 
7377
8485
  Supported list of database secrets engines that can be configured:
7378
8486
  """
@@ -7404,6 +8512,22 @@ if not MYPY:
7404
8512
  """
7405
8513
  A list of database statements to be executed to rotate the root user's credentials.
7406
8514
  """
8515
+ rotation_period: NotRequired[pulumi.Input[int]]
8516
+ """
8517
+ The amount of time in seconds Vault should wait before rotating the root credential.
8518
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
8519
+ """
8520
+ rotation_schedule: NotRequired[pulumi.Input[str]]
8521
+ """
8522
+ The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
8523
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
8524
+ """
8525
+ rotation_window: NotRequired[pulumi.Input[int]]
8526
+ """
8527
+ The maximum amount of time in seconds allowed to complete
8528
+ a rotation when a scheduled token rotation occurs. The default rotation window is
8529
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
8530
+ """
7407
8531
  split_statements: NotRequired[pulumi.Input[bool]]
7408
8532
  """
7409
8533
  Set to true in order to split statements after semi-colons.
@@ -7431,6 +8555,7 @@ class SecretsMountOracleArgs:
7431
8555
  allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
7432
8556
  connection_url: Optional[pulumi.Input[str]] = None,
7433
8557
  data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
8558
+ disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
7434
8559
  disconnect_sessions: Optional[pulumi.Input[bool]] = None,
7435
8560
  max_connection_lifetime: Optional[pulumi.Input[int]] = None,
7436
8561
  max_idle_connections: Optional[pulumi.Input[int]] = None,
@@ -7438,6 +8563,9 @@ class SecretsMountOracleArgs:
7438
8563
  password: Optional[pulumi.Input[str]] = None,
7439
8564
  plugin_name: Optional[pulumi.Input[str]] = None,
7440
8565
  root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
8566
+ rotation_period: Optional[pulumi.Input[int]] = None,
8567
+ rotation_schedule: Optional[pulumi.Input[str]] = None,
8568
+ rotation_window: Optional[pulumi.Input[int]] = None,
7441
8569
  split_statements: Optional[pulumi.Input[bool]] = None,
7442
8570
  username: Optional[pulumi.Input[str]] = None,
7443
8571
  username_template: Optional[pulumi.Input[str]] = None,
@@ -7448,6 +8576,7 @@ class SecretsMountOracleArgs:
7448
8576
  connection.
7449
8577
  :param pulumi.Input[str] connection_url: Connection string to use to connect to the database.
7450
8578
  :param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
8579
+ :param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
7451
8580
 
7452
8581
  Supported list of database secrets engines that can be configured:
7453
8582
  :param pulumi.Input[bool] disconnect_sessions: Set to true to disconnect any open sessions prior to running the revocation statements.
@@ -7457,6 +8586,13 @@ class SecretsMountOracleArgs:
7457
8586
  :param pulumi.Input[str] password: The root credential password used in the connection URL
7458
8587
  :param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use.
7459
8588
  :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
8589
+ :param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
8590
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
8591
+ :param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
8592
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
8593
+ :param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
8594
+ a rotation when a scheduled token rotation occurs. The default rotation window is
8595
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
7460
8596
  :param pulumi.Input[bool] split_statements: Set to true in order to split statements after semi-colons.
7461
8597
  :param pulumi.Input[str] username: The root credential username used in the connection URL
7462
8598
  :param pulumi.Input[str] username_template: Username generation template.
@@ -7470,6 +8606,8 @@ class SecretsMountOracleArgs:
7470
8606
  pulumi.set(__self__, "connection_url", connection_url)
7471
8607
  if data is not None:
7472
8608
  pulumi.set(__self__, "data", data)
8609
+ if disable_automated_rotation is not None:
8610
+ pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
7473
8611
  if disconnect_sessions is not None:
7474
8612
  pulumi.set(__self__, "disconnect_sessions", disconnect_sessions)
7475
8613
  if max_connection_lifetime is not None:
@@ -7484,6 +8622,12 @@ class SecretsMountOracleArgs:
7484
8622
  pulumi.set(__self__, "plugin_name", plugin_name)
7485
8623
  if root_rotation_statements is not None:
7486
8624
  pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
8625
+ if rotation_period is not None:
8626
+ pulumi.set(__self__, "rotation_period", rotation_period)
8627
+ if rotation_schedule is not None:
8628
+ pulumi.set(__self__, "rotation_schedule", rotation_schedule)
8629
+ if rotation_window is not None:
8630
+ pulumi.set(__self__, "rotation_window", rotation_window)
7487
8631
  if split_statements is not None:
7488
8632
  pulumi.set(__self__, "split_statements", split_statements)
7489
8633
  if username is not None:
@@ -7535,8 +8679,6 @@ class SecretsMountOracleArgs:
7535
8679
  def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
7536
8680
  """
7537
8681
  A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
7538
-
7539
- Supported list of database secrets engines that can be configured:
7540
8682
  """
7541
8683
  return pulumi.get(self, "data")
7542
8684
 
@@ -7544,6 +8686,20 @@ class SecretsMountOracleArgs:
7544
8686
  def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
7545
8687
  pulumi.set(self, "data", value)
7546
8688
 
8689
+ @property
8690
+ @pulumi.getter(name="disableAutomatedRotation")
8691
+ def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
8692
+ """
8693
+ Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
8694
+
8695
+ Supported list of database secrets engines that can be configured:
8696
+ """
8697
+ return pulumi.get(self, "disable_automated_rotation")
8698
+
8699
+ @disable_automated_rotation.setter
8700
+ def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
8701
+ pulumi.set(self, "disable_automated_rotation", value)
8702
+
7547
8703
  @property
7548
8704
  @pulumi.getter(name="disconnectSessions")
7549
8705
  def disconnect_sessions(self) -> Optional[pulumi.Input[bool]]:
@@ -7628,6 +8784,46 @@ class SecretsMountOracleArgs:
7628
8784
  def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
7629
8785
  pulumi.set(self, "root_rotation_statements", value)
7630
8786
 
8787
+ @property
8788
+ @pulumi.getter(name="rotationPeriod")
8789
+ def rotation_period(self) -> Optional[pulumi.Input[int]]:
8790
+ """
8791
+ The amount of time in seconds Vault should wait before rotating the root credential.
8792
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
8793
+ """
8794
+ return pulumi.get(self, "rotation_period")
8795
+
8796
+ @rotation_period.setter
8797
+ def rotation_period(self, value: Optional[pulumi.Input[int]]):
8798
+ pulumi.set(self, "rotation_period", value)
8799
+
8800
+ @property
8801
+ @pulumi.getter(name="rotationSchedule")
8802
+ def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
8803
+ """
8804
+ The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
8805
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
8806
+ """
8807
+ return pulumi.get(self, "rotation_schedule")
8808
+
8809
+ @rotation_schedule.setter
8810
+ def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
8811
+ pulumi.set(self, "rotation_schedule", value)
8812
+
8813
+ @property
8814
+ @pulumi.getter(name="rotationWindow")
8815
+ def rotation_window(self) -> Optional[pulumi.Input[int]]:
8816
+ """
8817
+ The maximum amount of time in seconds allowed to complete
8818
+ a rotation when a scheduled token rotation occurs. The default rotation window is
8819
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
8820
+ """
8821
+ return pulumi.get(self, "rotation_window")
8822
+
8823
+ @rotation_window.setter
8824
+ def rotation_window(self, value: Optional[pulumi.Input[int]]):
8825
+ pulumi.set(self, "rotation_window", value)
8826
+
7631
8827
  @property
7632
8828
  @pulumi.getter(name="splitStatements")
7633
8829
  def split_statements(self) -> Optional[pulumi.Input[bool]]:
@@ -7700,6 +8896,10 @@ if not MYPY:
7700
8896
  data: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[str]]]]
7701
8897
  """
7702
8898
  A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
8899
+ """
8900
+ disable_automated_rotation: NotRequired[pulumi.Input[bool]]
8901
+ """
8902
+ Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
7703
8903
 
7704
8904
  Supported list of database secrets engines that can be configured:
7705
8905
  """
@@ -7739,6 +8939,22 @@ if not MYPY:
7739
8939
  """
7740
8940
  A list of database statements to be executed to rotate the root user's credentials.
7741
8941
  """
8942
+ rotation_period: NotRequired[pulumi.Input[int]]
8943
+ """
8944
+ The amount of time in seconds Vault should wait before rotating the root credential.
8945
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
8946
+ """
8947
+ rotation_schedule: NotRequired[pulumi.Input[str]]
8948
+ """
8949
+ The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
8950
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
8951
+ """
8952
+ rotation_window: NotRequired[pulumi.Input[int]]
8953
+ """
8954
+ The maximum amount of time in seconds allowed to complete
8955
+ a rotation when a scheduled token rotation occurs. The default rotation window is
8956
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
8957
+ """
7742
8958
  self_managed: NotRequired[pulumi.Input[bool]]
7743
8959
  """
7744
8960
  If set, allows onboarding static roles with a rootless connection configuration.
@@ -7779,6 +8995,7 @@ class SecretsMountPostgresqlArgs:
7779
8995
  auth_type: Optional[pulumi.Input[str]] = None,
7780
8996
  connection_url: Optional[pulumi.Input[str]] = None,
7781
8997
  data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
8998
+ disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
7782
8999
  disable_escaping: Optional[pulumi.Input[bool]] = None,
7783
9000
  max_connection_lifetime: Optional[pulumi.Input[int]] = None,
7784
9001
  max_idle_connections: Optional[pulumi.Input[int]] = None,
@@ -7788,6 +9005,9 @@ class SecretsMountPostgresqlArgs:
7788
9005
  plugin_name: Optional[pulumi.Input[str]] = None,
7789
9006
  private_key: Optional[pulumi.Input[str]] = None,
7790
9007
  root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
9008
+ rotation_period: Optional[pulumi.Input[int]] = None,
9009
+ rotation_schedule: Optional[pulumi.Input[str]] = None,
9010
+ rotation_window: Optional[pulumi.Input[int]] = None,
7791
9011
  self_managed: Optional[pulumi.Input[bool]] = None,
7792
9012
  service_account_json: Optional[pulumi.Input[str]] = None,
7793
9013
  tls_ca: Optional[pulumi.Input[str]] = None,
@@ -7802,6 +9022,7 @@ class SecretsMountPostgresqlArgs:
7802
9022
  :param pulumi.Input[str] auth_type: Specify alternative authorization type. (Only 'gcp_iam' is valid currently)
7803
9023
  :param pulumi.Input[str] connection_url: Connection string to use to connect to the database.
7804
9024
  :param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
9025
+ :param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
7805
9026
 
7806
9027
  Supported list of database secrets engines that can be configured:
7807
9028
  :param pulumi.Input[bool] disable_escaping: Disable special character escaping in username and password
@@ -7813,6 +9034,13 @@ class SecretsMountPostgresqlArgs:
7813
9034
  :param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use.
7814
9035
  :param pulumi.Input[str] private_key: The secret key used for the x509 client certificate. Must be PEM encoded.
7815
9036
  :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
9037
+ :param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
9038
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
9039
+ :param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
9040
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
9041
+ :param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
9042
+ a rotation when a scheduled token rotation occurs. The default rotation window is
9043
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
7816
9044
  :param pulumi.Input[bool] self_managed: If set, allows onboarding static roles with a rootless connection configuration.
7817
9045
  :param pulumi.Input[str] service_account_json: A JSON encoded credential for use with IAM authorization
7818
9046
  :param pulumi.Input[str] tls_ca: The x509 CA file for validating the certificate presented by the PostgreSQL server. Must be PEM encoded.
@@ -7831,6 +9059,8 @@ class SecretsMountPostgresqlArgs:
7831
9059
  pulumi.set(__self__, "connection_url", connection_url)
7832
9060
  if data is not None:
7833
9061
  pulumi.set(__self__, "data", data)
9062
+ if disable_automated_rotation is not None:
9063
+ pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
7834
9064
  if disable_escaping is not None:
7835
9065
  pulumi.set(__self__, "disable_escaping", disable_escaping)
7836
9066
  if max_connection_lifetime is not None:
@@ -7849,6 +9079,12 @@ class SecretsMountPostgresqlArgs:
7849
9079
  pulumi.set(__self__, "private_key", private_key)
7850
9080
  if root_rotation_statements is not None:
7851
9081
  pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
9082
+ if rotation_period is not None:
9083
+ pulumi.set(__self__, "rotation_period", rotation_period)
9084
+ if rotation_schedule is not None:
9085
+ pulumi.set(__self__, "rotation_schedule", rotation_schedule)
9086
+ if rotation_window is not None:
9087
+ pulumi.set(__self__, "rotation_window", rotation_window)
7852
9088
  if self_managed is not None:
7853
9089
  pulumi.set(__self__, "self_managed", self_managed)
7854
9090
  if service_account_json is not None:
@@ -7918,8 +9154,6 @@ class SecretsMountPostgresqlArgs:
7918
9154
  def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
7919
9155
  """
7920
9156
  A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
7921
-
7922
- Supported list of database secrets engines that can be configured:
7923
9157
  """
7924
9158
  return pulumi.get(self, "data")
7925
9159
 
@@ -7927,6 +9161,20 @@ class SecretsMountPostgresqlArgs:
7927
9161
  def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
7928
9162
  pulumi.set(self, "data", value)
7929
9163
 
9164
+ @property
9165
+ @pulumi.getter(name="disableAutomatedRotation")
9166
+ def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
9167
+ """
9168
+ Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
9169
+
9170
+ Supported list of database secrets engines that can be configured:
9171
+ """
9172
+ return pulumi.get(self, "disable_automated_rotation")
9173
+
9174
+ @disable_automated_rotation.setter
9175
+ def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
9176
+ pulumi.set(self, "disable_automated_rotation", value)
9177
+
7930
9178
  @property
7931
9179
  @pulumi.getter(name="disableEscaping")
7932
9180
  def disable_escaping(self) -> Optional[pulumi.Input[bool]]:
@@ -8035,6 +9283,46 @@ class SecretsMountPostgresqlArgs:
8035
9283
  def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
8036
9284
  pulumi.set(self, "root_rotation_statements", value)
8037
9285
 
9286
+ @property
9287
+ @pulumi.getter(name="rotationPeriod")
9288
+ def rotation_period(self) -> Optional[pulumi.Input[int]]:
9289
+ """
9290
+ The amount of time in seconds Vault should wait before rotating the root credential.
9291
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
9292
+ """
9293
+ return pulumi.get(self, "rotation_period")
9294
+
9295
+ @rotation_period.setter
9296
+ def rotation_period(self, value: Optional[pulumi.Input[int]]):
9297
+ pulumi.set(self, "rotation_period", value)
9298
+
9299
+ @property
9300
+ @pulumi.getter(name="rotationSchedule")
9301
+ def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
9302
+ """
9303
+ The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
9304
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
9305
+ """
9306
+ return pulumi.get(self, "rotation_schedule")
9307
+
9308
+ @rotation_schedule.setter
9309
+ def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
9310
+ pulumi.set(self, "rotation_schedule", value)
9311
+
9312
+ @property
9313
+ @pulumi.getter(name="rotationWindow")
9314
+ def rotation_window(self) -> Optional[pulumi.Input[int]]:
9315
+ """
9316
+ The maximum amount of time in seconds allowed to complete
9317
+ a rotation when a scheduled token rotation occurs. The default rotation window is
9318
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
9319
+ """
9320
+ return pulumi.get(self, "rotation_window")
9321
+
9322
+ @rotation_window.setter
9323
+ def rotation_window(self, value: Optional[pulumi.Input[int]]):
9324
+ pulumi.set(self, "rotation_window", value)
9325
+
8038
9326
  @property
8039
9327
  @pulumi.getter(name="selfManaged")
8040
9328
  def self_managed(self) -> Optional[pulumi.Input[bool]]:
@@ -8151,6 +9439,10 @@ if not MYPY:
8151
9439
  data: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[str]]]]
8152
9440
  """
8153
9441
  A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
9442
+ """
9443
+ disable_automated_rotation: NotRequired[pulumi.Input[bool]]
9444
+ """
9445
+ Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
8154
9446
 
8155
9447
  Supported list of database secrets engines that can be configured:
8156
9448
  """
@@ -8170,6 +9462,22 @@ if not MYPY:
8170
9462
  """
8171
9463
  A list of database statements to be executed to rotate the root user's credentials.
8172
9464
  """
9465
+ rotation_period: NotRequired[pulumi.Input[int]]
9466
+ """
9467
+ The amount of time in seconds Vault should wait before rotating the root credential.
9468
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
9469
+ """
9470
+ rotation_schedule: NotRequired[pulumi.Input[str]]
9471
+ """
9472
+ The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
9473
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
9474
+ """
9475
+ rotation_window: NotRequired[pulumi.Input[int]]
9476
+ """
9477
+ The maximum amount of time in seconds allowed to complete
9478
+ a rotation when a scheduled token rotation occurs. The default rotation window is
9479
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
9480
+ """
8173
9481
  tls: NotRequired[pulumi.Input[bool]]
8174
9482
  """
8175
9483
  Specifies whether to use TLS when connecting to Redis.
@@ -8192,10 +9500,14 @@ class SecretsMountRediArgs:
8192
9500
  allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
8193
9501
  ca_cert: Optional[pulumi.Input[str]] = None,
8194
9502
  data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
9503
+ disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
8195
9504
  insecure_tls: Optional[pulumi.Input[bool]] = None,
8196
9505
  plugin_name: Optional[pulumi.Input[str]] = None,
8197
9506
  port: Optional[pulumi.Input[int]] = None,
8198
9507
  root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
9508
+ rotation_period: Optional[pulumi.Input[int]] = None,
9509
+ rotation_schedule: Optional[pulumi.Input[str]] = None,
9510
+ rotation_window: Optional[pulumi.Input[int]] = None,
8199
9511
  tls: Optional[pulumi.Input[bool]] = None,
8200
9512
  verify_connection: Optional[pulumi.Input[bool]] = None):
8201
9513
  """
@@ -8207,12 +9519,20 @@ class SecretsMountRediArgs:
8207
9519
  connection.
8208
9520
  :param pulumi.Input[str] ca_cert: The contents of a PEM-encoded CA cert file to use to verify the Redis server's identity.
8209
9521
  :param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
9522
+ :param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
8210
9523
 
8211
9524
  Supported list of database secrets engines that can be configured:
8212
9525
  :param pulumi.Input[bool] insecure_tls: Specifies whether to skip verification of the server certificate when using TLS.
8213
9526
  :param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use.
8214
9527
  :param pulumi.Input[int] port: The transport port to use to connect to Redis.
8215
9528
  :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
9529
+ :param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
9530
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
9531
+ :param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
9532
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
9533
+ :param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
9534
+ a rotation when a scheduled token rotation occurs. The default rotation window is
9535
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
8216
9536
  :param pulumi.Input[bool] tls: Specifies whether to use TLS when connecting to Redis.
8217
9537
  :param pulumi.Input[bool] verify_connection: Whether the connection should be verified on
8218
9538
  initial configuration or not.
@@ -8227,6 +9547,8 @@ class SecretsMountRediArgs:
8227
9547
  pulumi.set(__self__, "ca_cert", ca_cert)
8228
9548
  if data is not None:
8229
9549
  pulumi.set(__self__, "data", data)
9550
+ if disable_automated_rotation is not None:
9551
+ pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
8230
9552
  if insecure_tls is not None:
8231
9553
  pulumi.set(__self__, "insecure_tls", insecure_tls)
8232
9554
  if plugin_name is not None:
@@ -8235,6 +9557,12 @@ class SecretsMountRediArgs:
8235
9557
  pulumi.set(__self__, "port", port)
8236
9558
  if root_rotation_statements is not None:
8237
9559
  pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
9560
+ if rotation_period is not None:
9561
+ pulumi.set(__self__, "rotation_period", rotation_period)
9562
+ if rotation_schedule is not None:
9563
+ pulumi.set(__self__, "rotation_schedule", rotation_schedule)
9564
+ if rotation_window is not None:
9565
+ pulumi.set(__self__, "rotation_window", rotation_window)
8238
9566
  if tls is not None:
8239
9567
  pulumi.set(__self__, "tls", tls)
8240
9568
  if verify_connection is not None:
@@ -8318,8 +9646,6 @@ class SecretsMountRediArgs:
8318
9646
  def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
8319
9647
  """
8320
9648
  A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
8321
-
8322
- Supported list of database secrets engines that can be configured:
8323
9649
  """
8324
9650
  return pulumi.get(self, "data")
8325
9651
 
@@ -8327,6 +9653,20 @@ class SecretsMountRediArgs:
8327
9653
  def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
8328
9654
  pulumi.set(self, "data", value)
8329
9655
 
9656
+ @property
9657
+ @pulumi.getter(name="disableAutomatedRotation")
9658
+ def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
9659
+ """
9660
+ Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
9661
+
9662
+ Supported list of database secrets engines that can be configured:
9663
+ """
9664
+ return pulumi.get(self, "disable_automated_rotation")
9665
+
9666
+ @disable_automated_rotation.setter
9667
+ def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
9668
+ pulumi.set(self, "disable_automated_rotation", value)
9669
+
8330
9670
  @property
8331
9671
  @pulumi.getter(name="insecureTls")
8332
9672
  def insecure_tls(self) -> Optional[pulumi.Input[bool]]:
@@ -8375,6 +9715,46 @@ class SecretsMountRediArgs:
8375
9715
  def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
8376
9716
  pulumi.set(self, "root_rotation_statements", value)
8377
9717
 
9718
+ @property
9719
+ @pulumi.getter(name="rotationPeriod")
9720
+ def rotation_period(self) -> Optional[pulumi.Input[int]]:
9721
+ """
9722
+ The amount of time in seconds Vault should wait before rotating the root credential.
9723
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
9724
+ """
9725
+ return pulumi.get(self, "rotation_period")
9726
+
9727
+ @rotation_period.setter
9728
+ def rotation_period(self, value: Optional[pulumi.Input[int]]):
9729
+ pulumi.set(self, "rotation_period", value)
9730
+
9731
+ @property
9732
+ @pulumi.getter(name="rotationSchedule")
9733
+ def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
9734
+ """
9735
+ The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
9736
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
9737
+ """
9738
+ return pulumi.get(self, "rotation_schedule")
9739
+
9740
+ @rotation_schedule.setter
9741
+ def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
9742
+ pulumi.set(self, "rotation_schedule", value)
9743
+
9744
+ @property
9745
+ @pulumi.getter(name="rotationWindow")
9746
+ def rotation_window(self) -> Optional[pulumi.Input[int]]:
9747
+ """
9748
+ The maximum amount of time in seconds allowed to complete
9749
+ a rotation when a scheduled token rotation occurs. The default rotation window is
9750
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
9751
+ """
9752
+ return pulumi.get(self, "rotation_window")
9753
+
9754
+ @rotation_window.setter
9755
+ def rotation_window(self, value: Optional[pulumi.Input[int]]):
9756
+ pulumi.set(self, "rotation_window", value)
9757
+
8378
9758
  @property
8379
9759
  @pulumi.getter
8380
9760
  def tls(self) -> Optional[pulumi.Input[bool]]:
@@ -8419,6 +9799,10 @@ if not MYPY:
8419
9799
  data: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[str]]]]
8420
9800
  """
8421
9801
  A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
9802
+ """
9803
+ disable_automated_rotation: NotRequired[pulumi.Input[bool]]
9804
+ """
9805
+ Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
8422
9806
 
8423
9807
  Supported list of database secrets engines that can be configured:
8424
9808
  """
@@ -8438,6 +9822,22 @@ if not MYPY:
8438
9822
  """
8439
9823
  A list of database statements to be executed to rotate the root user's credentials.
8440
9824
  """
9825
+ rotation_period: NotRequired[pulumi.Input[int]]
9826
+ """
9827
+ The amount of time in seconds Vault should wait before rotating the root credential.
9828
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
9829
+ """
9830
+ rotation_schedule: NotRequired[pulumi.Input[str]]
9831
+ """
9832
+ The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
9833
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
9834
+ """
9835
+ rotation_window: NotRequired[pulumi.Input[int]]
9836
+ """
9837
+ The maximum amount of time in seconds allowed to complete
9838
+ a rotation when a scheduled token rotation occurs. The default rotation window is
9839
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
9840
+ """
8441
9841
  username: NotRequired[pulumi.Input[str]]
8442
9842
  """
8443
9843
  The AWS access key id to use to talk to ElastiCache. If omitted the credentials chain provider is used instead.
@@ -8457,10 +9857,14 @@ class SecretsMountRedisElasticachArgs:
8457
9857
  url: pulumi.Input[str],
8458
9858
  allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
8459
9859
  data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
9860
+ disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
8460
9861
  password: Optional[pulumi.Input[str]] = None,
8461
9862
  plugin_name: Optional[pulumi.Input[str]] = None,
8462
9863
  region: Optional[pulumi.Input[str]] = None,
8463
9864
  root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
9865
+ rotation_period: Optional[pulumi.Input[int]] = None,
9866
+ rotation_schedule: Optional[pulumi.Input[str]] = None,
9867
+ rotation_window: Optional[pulumi.Input[int]] = None,
8464
9868
  username: Optional[pulumi.Input[str]] = None,
8465
9869
  verify_connection: Optional[pulumi.Input[bool]] = None):
8466
9870
  """
@@ -8469,12 +9873,20 @@ class SecretsMountRedisElasticachArgs:
8469
9873
  :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_roles: A list of roles that are allowed to use this
8470
9874
  connection.
8471
9875
  :param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
9876
+ :param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
8472
9877
 
8473
9878
  Supported list of database secrets engines that can be configured:
8474
9879
  :param pulumi.Input[str] password: The AWS secret key id to use to talk to ElastiCache. If omitted the credentials chain provider is used instead.
8475
9880
  :param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use.
8476
9881
  :param pulumi.Input[str] region: The AWS region where the ElastiCache cluster is hosted. If omitted the plugin tries to infer the region from the environment.
8477
9882
  :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
9883
+ :param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
9884
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
9885
+ :param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
9886
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
9887
+ :param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
9888
+ a rotation when a scheduled token rotation occurs. The default rotation window is
9889
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
8478
9890
  :param pulumi.Input[str] username: The AWS access key id to use to talk to ElastiCache. If omitted the credentials chain provider is used instead.
8479
9891
  :param pulumi.Input[bool] verify_connection: Whether the connection should be verified on
8480
9892
  initial configuration or not.
@@ -8485,6 +9897,8 @@ class SecretsMountRedisElasticachArgs:
8485
9897
  pulumi.set(__self__, "allowed_roles", allowed_roles)
8486
9898
  if data is not None:
8487
9899
  pulumi.set(__self__, "data", data)
9900
+ if disable_automated_rotation is not None:
9901
+ pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
8488
9902
  if password is not None:
8489
9903
  pulumi.set(__self__, "password", password)
8490
9904
  if plugin_name is not None:
@@ -8493,6 +9907,12 @@ class SecretsMountRedisElasticachArgs:
8493
9907
  pulumi.set(__self__, "region", region)
8494
9908
  if root_rotation_statements is not None:
8495
9909
  pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
9910
+ if rotation_period is not None:
9911
+ pulumi.set(__self__, "rotation_period", rotation_period)
9912
+ if rotation_schedule is not None:
9913
+ pulumi.set(__self__, "rotation_schedule", rotation_schedule)
9914
+ if rotation_window is not None:
9915
+ pulumi.set(__self__, "rotation_window", rotation_window)
8496
9916
  if username is not None:
8497
9917
  pulumi.set(__self__, "username", username)
8498
9918
  if verify_connection is not None:
@@ -8540,8 +9960,6 @@ class SecretsMountRedisElasticachArgs:
8540
9960
  def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
8541
9961
  """
8542
9962
  A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
8543
-
8544
- Supported list of database secrets engines that can be configured:
8545
9963
  """
8546
9964
  return pulumi.get(self, "data")
8547
9965
 
@@ -8549,6 +9967,20 @@ class SecretsMountRedisElasticachArgs:
8549
9967
  def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
8550
9968
  pulumi.set(self, "data", value)
8551
9969
 
9970
+ @property
9971
+ @pulumi.getter(name="disableAutomatedRotation")
9972
+ def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
9973
+ """
9974
+ Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
9975
+
9976
+ Supported list of database secrets engines that can be configured:
9977
+ """
9978
+ return pulumi.get(self, "disable_automated_rotation")
9979
+
9980
+ @disable_automated_rotation.setter
9981
+ def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
9982
+ pulumi.set(self, "disable_automated_rotation", value)
9983
+
8552
9984
  @property
8553
9985
  @pulumi.getter
8554
9986
  def password(self) -> Optional[pulumi.Input[str]]:
@@ -8597,6 +10029,46 @@ class SecretsMountRedisElasticachArgs:
8597
10029
  def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
8598
10030
  pulumi.set(self, "root_rotation_statements", value)
8599
10031
 
10032
+ @property
10033
+ @pulumi.getter(name="rotationPeriod")
10034
+ def rotation_period(self) -> Optional[pulumi.Input[int]]:
10035
+ """
10036
+ The amount of time in seconds Vault should wait before rotating the root credential.
10037
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
10038
+ """
10039
+ return pulumi.get(self, "rotation_period")
10040
+
10041
+ @rotation_period.setter
10042
+ def rotation_period(self, value: Optional[pulumi.Input[int]]):
10043
+ pulumi.set(self, "rotation_period", value)
10044
+
10045
+ @property
10046
+ @pulumi.getter(name="rotationSchedule")
10047
+ def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
10048
+ """
10049
+ The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
10050
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
10051
+ """
10052
+ return pulumi.get(self, "rotation_schedule")
10053
+
10054
+ @rotation_schedule.setter
10055
+ def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
10056
+ pulumi.set(self, "rotation_schedule", value)
10057
+
10058
+ @property
10059
+ @pulumi.getter(name="rotationWindow")
10060
+ def rotation_window(self) -> Optional[pulumi.Input[int]]:
10061
+ """
10062
+ The maximum amount of time in seconds allowed to complete
10063
+ a rotation when a scheduled token rotation occurs. The default rotation window is
10064
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
10065
+ """
10066
+ return pulumi.get(self, "rotation_window")
10067
+
10068
+ @rotation_window.setter
10069
+ def rotation_window(self, value: Optional[pulumi.Input[int]]):
10070
+ pulumi.set(self, "rotation_window", value)
10071
+
8600
10072
  @property
8601
10073
  @pulumi.getter
8602
10074
  def username(self) -> Optional[pulumi.Input[str]]:
@@ -8641,6 +10113,10 @@ if not MYPY:
8641
10113
  data: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[str]]]]
8642
10114
  """
8643
10115
  A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
10116
+ """
10117
+ disable_automated_rotation: NotRequired[pulumi.Input[bool]]
10118
+ """
10119
+ Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
8644
10120
 
8645
10121
  Supported list of database secrets engines that can be configured:
8646
10122
  """
@@ -8672,6 +10148,22 @@ if not MYPY:
8672
10148
  """
8673
10149
  A list of database statements to be executed to rotate the root user's credentials.
8674
10150
  """
10151
+ rotation_period: NotRequired[pulumi.Input[int]]
10152
+ """
10153
+ The amount of time in seconds Vault should wait before rotating the root credential.
10154
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
10155
+ """
10156
+ rotation_schedule: NotRequired[pulumi.Input[str]]
10157
+ """
10158
+ The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
10159
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
10160
+ """
10161
+ rotation_window: NotRequired[pulumi.Input[int]]
10162
+ """
10163
+ The maximum amount of time in seconds allowed to complete
10164
+ a rotation when a scheduled token rotation occurs. The default rotation window is
10165
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
10166
+ """
8675
10167
  username: NotRequired[pulumi.Input[str]]
8676
10168
  """
8677
10169
  The root credential username used in the connection URL
@@ -8695,6 +10187,7 @@ class SecretsMountRedshiftArgs:
8695
10187
  allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
8696
10188
  connection_url: Optional[pulumi.Input[str]] = None,
8697
10189
  data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
10190
+ disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
8698
10191
  disable_escaping: Optional[pulumi.Input[bool]] = None,
8699
10192
  max_connection_lifetime: Optional[pulumi.Input[int]] = None,
8700
10193
  max_idle_connections: Optional[pulumi.Input[int]] = None,
@@ -8702,6 +10195,9 @@ class SecretsMountRedshiftArgs:
8702
10195
  password: Optional[pulumi.Input[str]] = None,
8703
10196
  plugin_name: Optional[pulumi.Input[str]] = None,
8704
10197
  root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
10198
+ rotation_period: Optional[pulumi.Input[int]] = None,
10199
+ rotation_schedule: Optional[pulumi.Input[str]] = None,
10200
+ rotation_window: Optional[pulumi.Input[int]] = None,
8705
10201
  username: Optional[pulumi.Input[str]] = None,
8706
10202
  username_template: Optional[pulumi.Input[str]] = None,
8707
10203
  verify_connection: Optional[pulumi.Input[bool]] = None):
@@ -8711,6 +10207,7 @@ class SecretsMountRedshiftArgs:
8711
10207
  connection.
8712
10208
  :param pulumi.Input[str] connection_url: Connection string to use to connect to the database.
8713
10209
  :param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
10210
+ :param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
8714
10211
 
8715
10212
  Supported list of database secrets engines that can be configured:
8716
10213
  :param pulumi.Input[bool] disable_escaping: Disable special character escaping in username and password
@@ -8720,6 +10217,13 @@ class SecretsMountRedshiftArgs:
8720
10217
  :param pulumi.Input[str] password: The root credential password used in the connection URL
8721
10218
  :param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use.
8722
10219
  :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
10220
+ :param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
10221
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
10222
+ :param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
10223
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
10224
+ :param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
10225
+ a rotation when a scheduled token rotation occurs. The default rotation window is
10226
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
8723
10227
  :param pulumi.Input[str] username: The root credential username used in the connection URL
8724
10228
  :param pulumi.Input[str] username_template: Username generation template.
8725
10229
  :param pulumi.Input[bool] verify_connection: Whether the connection should be verified on
@@ -8732,6 +10236,8 @@ class SecretsMountRedshiftArgs:
8732
10236
  pulumi.set(__self__, "connection_url", connection_url)
8733
10237
  if data is not None:
8734
10238
  pulumi.set(__self__, "data", data)
10239
+ if disable_automated_rotation is not None:
10240
+ pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
8735
10241
  if disable_escaping is not None:
8736
10242
  pulumi.set(__self__, "disable_escaping", disable_escaping)
8737
10243
  if max_connection_lifetime is not None:
@@ -8746,6 +10252,12 @@ class SecretsMountRedshiftArgs:
8746
10252
  pulumi.set(__self__, "plugin_name", plugin_name)
8747
10253
  if root_rotation_statements is not None:
8748
10254
  pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
10255
+ if rotation_period is not None:
10256
+ pulumi.set(__self__, "rotation_period", rotation_period)
10257
+ if rotation_schedule is not None:
10258
+ pulumi.set(__self__, "rotation_schedule", rotation_schedule)
10259
+ if rotation_window is not None:
10260
+ pulumi.set(__self__, "rotation_window", rotation_window)
8749
10261
  if username is not None:
8750
10262
  pulumi.set(__self__, "username", username)
8751
10263
  if username_template is not None:
@@ -8795,8 +10307,6 @@ class SecretsMountRedshiftArgs:
8795
10307
  def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
8796
10308
  """
8797
10309
  A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
8798
-
8799
- Supported list of database secrets engines that can be configured:
8800
10310
  """
8801
10311
  return pulumi.get(self, "data")
8802
10312
 
@@ -8804,6 +10314,20 @@ class SecretsMountRedshiftArgs:
8804
10314
  def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
8805
10315
  pulumi.set(self, "data", value)
8806
10316
 
10317
+ @property
10318
+ @pulumi.getter(name="disableAutomatedRotation")
10319
+ def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
10320
+ """
10321
+ Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
10322
+
10323
+ Supported list of database secrets engines that can be configured:
10324
+ """
10325
+ return pulumi.get(self, "disable_automated_rotation")
10326
+
10327
+ @disable_automated_rotation.setter
10328
+ def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
10329
+ pulumi.set(self, "disable_automated_rotation", value)
10330
+
8807
10331
  @property
8808
10332
  @pulumi.getter(name="disableEscaping")
8809
10333
  def disable_escaping(self) -> Optional[pulumi.Input[bool]]:
@@ -8888,6 +10412,46 @@ class SecretsMountRedshiftArgs:
8888
10412
  def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
8889
10413
  pulumi.set(self, "root_rotation_statements", value)
8890
10414
 
10415
+ @property
10416
+ @pulumi.getter(name="rotationPeriod")
10417
+ def rotation_period(self) -> Optional[pulumi.Input[int]]:
10418
+ """
10419
+ The amount of time in seconds Vault should wait before rotating the root credential.
10420
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
10421
+ """
10422
+ return pulumi.get(self, "rotation_period")
10423
+
10424
+ @rotation_period.setter
10425
+ def rotation_period(self, value: Optional[pulumi.Input[int]]):
10426
+ pulumi.set(self, "rotation_period", value)
10427
+
10428
+ @property
10429
+ @pulumi.getter(name="rotationSchedule")
10430
+ def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
10431
+ """
10432
+ The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
10433
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
10434
+ """
10435
+ return pulumi.get(self, "rotation_schedule")
10436
+
10437
+ @rotation_schedule.setter
10438
+ def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
10439
+ pulumi.set(self, "rotation_schedule", value)
10440
+
10441
+ @property
10442
+ @pulumi.getter(name="rotationWindow")
10443
+ def rotation_window(self) -> Optional[pulumi.Input[int]]:
10444
+ """
10445
+ The maximum amount of time in seconds allowed to complete
10446
+ a rotation when a scheduled token rotation occurs. The default rotation window is
10447
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
10448
+ """
10449
+ return pulumi.get(self, "rotation_window")
10450
+
10451
+ @rotation_window.setter
10452
+ def rotation_window(self, value: Optional[pulumi.Input[int]]):
10453
+ pulumi.set(self, "rotation_window", value)
10454
+
8891
10455
  @property
8892
10456
  @pulumi.getter
8893
10457
  def username(self) -> Optional[pulumi.Input[str]]:
@@ -8944,6 +10508,10 @@ if not MYPY:
8944
10508
  data: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[str]]]]
8945
10509
  """
8946
10510
  A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
10511
+ """
10512
+ disable_automated_rotation: NotRequired[pulumi.Input[bool]]
10513
+ """
10514
+ Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
8947
10515
 
8948
10516
  Supported list of database secrets engines that can be configured:
8949
10517
  """
@@ -8971,6 +10539,22 @@ if not MYPY:
8971
10539
  """
8972
10540
  A list of database statements to be executed to rotate the root user's credentials.
8973
10541
  """
10542
+ rotation_period: NotRequired[pulumi.Input[int]]
10543
+ """
10544
+ The amount of time in seconds Vault should wait before rotating the root credential.
10545
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
10546
+ """
10547
+ rotation_schedule: NotRequired[pulumi.Input[str]]
10548
+ """
10549
+ The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
10550
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
10551
+ """
10552
+ rotation_window: NotRequired[pulumi.Input[int]]
10553
+ """
10554
+ The maximum amount of time in seconds allowed to complete
10555
+ a rotation when a scheduled token rotation occurs. The default rotation window is
10556
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
10557
+ """
8974
10558
  username: NotRequired[pulumi.Input[str]]
8975
10559
  """
8976
10560
  The root credential username used in the connection URL
@@ -8994,12 +10578,16 @@ class SecretsMountSnowflakeArgs:
8994
10578
  allowed_roles: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
8995
10579
  connection_url: Optional[pulumi.Input[str]] = None,
8996
10580
  data: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
10581
+ disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
8997
10582
  max_connection_lifetime: Optional[pulumi.Input[int]] = None,
8998
10583
  max_idle_connections: Optional[pulumi.Input[int]] = None,
8999
10584
  max_open_connections: Optional[pulumi.Input[int]] = None,
9000
10585
  password: Optional[pulumi.Input[str]] = None,
9001
10586
  plugin_name: Optional[pulumi.Input[str]] = None,
9002
10587
  root_rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
10588
+ rotation_period: Optional[pulumi.Input[int]] = None,
10589
+ rotation_schedule: Optional[pulumi.Input[str]] = None,
10590
+ rotation_window: Optional[pulumi.Input[int]] = None,
9003
10591
  username: Optional[pulumi.Input[str]] = None,
9004
10592
  username_template: Optional[pulumi.Input[str]] = None,
9005
10593
  verify_connection: Optional[pulumi.Input[bool]] = None):
@@ -9009,6 +10597,7 @@ class SecretsMountSnowflakeArgs:
9009
10597
  connection.
9010
10598
  :param pulumi.Input[str] connection_url: Connection string to use to connect to the database.
9011
10599
  :param pulumi.Input[Mapping[str, pulumi.Input[str]]] data: A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
10600
+ :param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
9012
10601
 
9013
10602
  Supported list of database secrets engines that can be configured:
9014
10603
  :param pulumi.Input[int] max_connection_lifetime: Maximum number of seconds a connection may be reused.
@@ -9017,6 +10606,13 @@ class SecretsMountSnowflakeArgs:
9017
10606
  :param pulumi.Input[str] password: The root credential password used in the connection URL
9018
10607
  :param pulumi.Input[str] plugin_name: Specifies the name of the plugin to use.
9019
10608
  :param pulumi.Input[Sequence[pulumi.Input[str]]] root_rotation_statements: A list of database statements to be executed to rotate the root user's credentials.
10609
+ :param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
10610
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
10611
+ :param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
10612
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
10613
+ :param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
10614
+ a rotation when a scheduled token rotation occurs. The default rotation window is
10615
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
9020
10616
  :param pulumi.Input[str] username: The root credential username used in the connection URL
9021
10617
  :param pulumi.Input[str] username_template: Username generation template.
9022
10618
  :param pulumi.Input[bool] verify_connection: Whether the connection should be verified on
@@ -9029,6 +10625,8 @@ class SecretsMountSnowflakeArgs:
9029
10625
  pulumi.set(__self__, "connection_url", connection_url)
9030
10626
  if data is not None:
9031
10627
  pulumi.set(__self__, "data", data)
10628
+ if disable_automated_rotation is not None:
10629
+ pulumi.set(__self__, "disable_automated_rotation", disable_automated_rotation)
9032
10630
  if max_connection_lifetime is not None:
9033
10631
  pulumi.set(__self__, "max_connection_lifetime", max_connection_lifetime)
9034
10632
  if max_idle_connections is not None:
@@ -9041,6 +10639,12 @@ class SecretsMountSnowflakeArgs:
9041
10639
  pulumi.set(__self__, "plugin_name", plugin_name)
9042
10640
  if root_rotation_statements is not None:
9043
10641
  pulumi.set(__self__, "root_rotation_statements", root_rotation_statements)
10642
+ if rotation_period is not None:
10643
+ pulumi.set(__self__, "rotation_period", rotation_period)
10644
+ if rotation_schedule is not None:
10645
+ pulumi.set(__self__, "rotation_schedule", rotation_schedule)
10646
+ if rotation_window is not None:
10647
+ pulumi.set(__self__, "rotation_window", rotation_window)
9044
10648
  if username is not None:
9045
10649
  pulumi.set(__self__, "username", username)
9046
10650
  if username_template is not None:
@@ -9090,8 +10694,6 @@ class SecretsMountSnowflakeArgs:
9090
10694
  def data(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
9091
10695
  """
9092
10696
  A map of sensitive data to pass to the endpoint. Useful for templated connection strings.
9093
-
9094
- Supported list of database secrets engines that can be configured:
9095
10697
  """
9096
10698
  return pulumi.get(self, "data")
9097
10699
 
@@ -9099,6 +10701,20 @@ class SecretsMountSnowflakeArgs:
9099
10701
  def data(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
9100
10702
  pulumi.set(self, "data", value)
9101
10703
 
10704
+ @property
10705
+ @pulumi.getter(name="disableAutomatedRotation")
10706
+ def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
10707
+ """
10708
+ Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
10709
+
10710
+ Supported list of database secrets engines that can be configured:
10711
+ """
10712
+ return pulumi.get(self, "disable_automated_rotation")
10713
+
10714
+ @disable_automated_rotation.setter
10715
+ def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
10716
+ pulumi.set(self, "disable_automated_rotation", value)
10717
+
9102
10718
  @property
9103
10719
  @pulumi.getter(name="maxConnectionLifetime")
9104
10720
  def max_connection_lifetime(self) -> Optional[pulumi.Input[int]]:
@@ -9171,6 +10787,46 @@ class SecretsMountSnowflakeArgs:
9171
10787
  def root_rotation_statements(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
9172
10788
  pulumi.set(self, "root_rotation_statements", value)
9173
10789
 
10790
+ @property
10791
+ @pulumi.getter(name="rotationPeriod")
10792
+ def rotation_period(self) -> Optional[pulumi.Input[int]]:
10793
+ """
10794
+ The amount of time in seconds Vault should wait before rotating the root credential.
10795
+ A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
10796
+ """
10797
+ return pulumi.get(self, "rotation_period")
10798
+
10799
+ @rotation_period.setter
10800
+ def rotation_period(self, value: Optional[pulumi.Input[int]]):
10801
+ pulumi.set(self, "rotation_period", value)
10802
+
10803
+ @property
10804
+ @pulumi.getter(name="rotationSchedule")
10805
+ def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
10806
+ """
10807
+ The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
10808
+ defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
10809
+ """
10810
+ return pulumi.get(self, "rotation_schedule")
10811
+
10812
+ @rotation_schedule.setter
10813
+ def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
10814
+ pulumi.set(self, "rotation_schedule", value)
10815
+
10816
+ @property
10817
+ @pulumi.getter(name="rotationWindow")
10818
+ def rotation_window(self) -> Optional[pulumi.Input[int]]:
10819
+ """
10820
+ The maximum amount of time in seconds allowed to complete
10821
+ a rotation when a scheduled token rotation occurs. The default rotation window is
10822
+ unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
10823
+ """
10824
+ return pulumi.get(self, "rotation_window")
10825
+
10826
+ @rotation_window.setter
10827
+ def rotation_window(self, value: Optional[pulumi.Input[int]]):
10828
+ pulumi.set(self, "rotation_window", value)
10829
+
9174
10830
  @property
9175
10831
  @pulumi.getter
9176
10832
  def username(self) -> Optional[pulumi.Input[str]]: