pulumi-vault 6.6.0a1741836364__py3-none-any.whl → 6.7.0__py3-none-any.whl

pulumi_vault/_inputs.py

@@ -2,6 +2,7 @@
 # *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
 # *** Do not edit by hand unless you're certain you know what you are doing! ***
 
+import builtins
 import copy
 import warnings
 import sys
@@ -57,44 +58,44 @@ MYPY = False
 
 if not MYPY:
     class AuthBackendTuneArgsDict(TypedDict):
-        allowed_response_headers: NotRequired[pulumi.Input[Sequence[pulumi.Input[str]]]]
+        allowed_response_headers: NotRequired[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]
         """
         List of headers to whitelist and allowing
         a plugin to include them in the response.
         """
-        audit_non_hmac_request_keys: NotRequired[pulumi.Input[Sequence[pulumi.Input[str]]]]
+        audit_non_hmac_request_keys: NotRequired[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]
         """
         Specifies the list of keys that will
         not be HMAC'd by audit devices in the request data object.
         """
-        audit_non_hmac_response_keys: NotRequired[pulumi.Input[Sequence[pulumi.Input[str]]]]
+        audit_non_hmac_response_keys: NotRequired[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]
         """
         Specifies the list of keys that will
         not be HMAC'd by audit devices in the response data object.
         """
-        default_lease_ttl: NotRequired[pulumi.Input[str]]
+        default_lease_ttl: NotRequired[pulumi.Input[builtins.str]]
         """
         Specifies the default time-to-live.
         If set, this overrides the global default.
         Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)
         """
-        listing_visibility: NotRequired[pulumi.Input[str]]
+        listing_visibility: NotRequired[pulumi.Input[builtins.str]]
         """
         Specifies whether to show this mount in
         the UI-specific listing endpoint. Valid values are "unauth" or "hidden".
         """
-        max_lease_ttl: NotRequired[pulumi.Input[str]]
+        max_lease_ttl: NotRequired[pulumi.Input[builtins.str]]
         """
         Specifies the maximum time-to-live.
         If set, this overrides the global default.
         Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)
         """
-        passthrough_request_headers: NotRequired[pulumi.Input[Sequence[pulumi.Input[str]]]]
+        passthrough_request_headers: NotRequired[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]
         """
         List of headers to whitelist and
         pass from the request to the backend.
         """
-        token_type: NotRequired[pulumi.Input[str]]
+        token_type: NotRequired[pulumi.Input[builtins.str]]
         """
         Specifies the type of tokens that should be returned by
         the mount. Valid values are "default-service", "default-batch", "service", "batch".
@@ -105,32 +106,32 @@ elif False:
 @pulumi.input_type
 class AuthBackendTuneArgs:
     def __init__(__self__, *,
-                 allowed_response_headers: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
-                 audit_non_hmac_request_keys: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
-                 audit_non_hmac_response_keys: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
-                 default_lease_ttl: Optional[pulumi.Input[str]] = None,
-                 listing_visibility: Optional[pulumi.Input[str]] = None,
-                 max_lease_ttl: Optional[pulumi.Input[str]] = None,
-                 passthrough_request_headers: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
-                 token_type: Optional[pulumi.Input[str]] = None):
-        """
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_response_headers: List of headers to whitelist and allowing
+                 allowed_response_headers: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
+                 audit_non_hmac_request_keys: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
+                 audit_non_hmac_response_keys: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
+                 default_lease_ttl: Optional[pulumi.Input[builtins.str]] = None,
+                 listing_visibility: Optional[pulumi.Input[builtins.str]] = None,
+                 max_lease_ttl: Optional[pulumi.Input[builtins.str]] = None,
+                 passthrough_request_headers: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
+                 token_type: Optional[pulumi.Input[builtins.str]] = None):
+        """
+        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_response_headers: List of headers to whitelist and allowing
                a plugin to include them in the response.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] audit_non_hmac_request_keys: Specifies the list of keys that will
+        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] audit_non_hmac_request_keys: Specifies the list of keys that will
                not be HMAC'd by audit devices in the request data object.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] audit_non_hmac_response_keys: Specifies the list of keys that will
+        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] audit_non_hmac_response_keys: Specifies the list of keys that will
                not be HMAC'd by audit devices in the response data object.
-        :param pulumi.Input[str] default_lease_ttl: Specifies the default time-to-live.
+        :param pulumi.Input[builtins.str] default_lease_ttl: Specifies the default time-to-live.
                If set, this overrides the global default.
                Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)
-        :param pulumi.Input[str] listing_visibility: Specifies whether to show this mount in
+        :param pulumi.Input[builtins.str] listing_visibility: Specifies whether to show this mount in
                the UI-specific listing endpoint. Valid values are "unauth" or "hidden".
-        :param pulumi.Input[str] max_lease_ttl: Specifies the maximum time-to-live.
+        :param pulumi.Input[builtins.str] max_lease_ttl: Specifies the maximum time-to-live.
                If set, this overrides the global default.
                Must be a valid [duration string](https://golang.org/pkg/time/#ParseDuration)
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] passthrough_request_headers: List of headers to whitelist and
+        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] passthrough_request_headers: List of headers to whitelist and
                pass from the request to the backend.
-        :param pulumi.Input[str] token_type: Specifies the type of tokens that should be returned by
+        :param pulumi.Input[builtins.str] token_type: Specifies the type of tokens that should be returned by
                the mount. Valid values are "default-service", "default-batch", "service", "batch".
         """
         if allowed_response_headers is not None:
@@ -152,7 +153,7 @@ class AuthBackendTuneArgs:
 
     @property
     @pulumi.getter(name="allowedResponseHeaders")
-    def allowed_response_headers(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
+    def allowed_response_headers(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
         """
         List of headers to whitelist and allowing
         a plugin to include them in the response.
@@ -160,12 +161,12 @@ class AuthBackendTuneArgs:
         return pulumi.get(self, "allowed_response_headers")
 
     @allowed_response_headers.setter
-    def allowed_response_headers(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
+    def allowed_response_headers(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
         pulumi.set(self, "allowed_response_headers", value)
 
     @property
     @pulumi.getter(name="auditNonHmacRequestKeys")
-    def audit_non_hmac_request_keys(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
+    def audit_non_hmac_request_keys(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
         """
         Specifies the list of keys that will
         not be HMAC'd by audit devices in the request data object.
@@ -173,12 +174,12 @@ class AuthBackendTuneArgs:
         return pulumi.get(self, "audit_non_hmac_request_keys")
 
     @audit_non_hmac_request_keys.setter
-    def audit_non_hmac_request_keys(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
+    def audit_non_hmac_request_keys(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
         pulumi.set(self, "audit_non_hmac_request_keys", value)
 
     @property
     @pulumi.getter(name="auditNonHmacResponseKeys")
-    def audit_non_hmac_response_keys(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
+    def audit_non_hmac_response_keys(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
         """
         Specifies the list of keys that will
         not be HMAC'd by audit devices in the response data object.
@@ -186,12 +187,12 @@ class AuthBackendTuneArgs:
         return pulumi.get(self, "audit_non_hmac_response_keys")
 
     @audit_non_hmac_response_keys.setter
-    def audit_non_hmac_response_keys(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
+    def audit_non_hmac_response_keys(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
         pulumi.set(self, "audit_non_hmac_response_keys", value)
 
     @property
     @pulumi.getter(name="defaultLeaseTtl")
-    def default_lease_ttl(self) -> Optional[pulumi.Input[str]]:
+    def default_lease_ttl(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         Specifies the default time-to-live.
         If set, this overrides the global default.
@@ -200,12 +201,12 @@ class AuthBackendTuneArgs:
         return pulumi.get(self, "default_lease_ttl")
 
     @default_lease_ttl.setter
-    def default_lease_ttl(self, value: Optional[pulumi.Input[str]]):
+    def default_lease_ttl(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "default_lease_ttl", value)
 
     @property
     @pulumi.getter(name="listingVisibility")
-    def listing_visibility(self) -> Optional[pulumi.Input[str]]:
+    def listing_visibility(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         Specifies whether to show this mount in
         the UI-specific listing endpoint. Valid values are "unauth" or "hidden".
@@ -213,12 +214,12 @@ class AuthBackendTuneArgs:
         return pulumi.get(self, "listing_visibility")
 
     @listing_visibility.setter
-    def listing_visibility(self, value: Optional[pulumi.Input[str]]):
+    def listing_visibility(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "listing_visibility", value)
 
     @property
     @pulumi.getter(name="maxLeaseTtl")
-    def max_lease_ttl(self) -> Optional[pulumi.Input[str]]:
+    def max_lease_ttl(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         Specifies the maximum time-to-live.
         If set, this overrides the global default.
@@ -227,12 +228,12 @@ class AuthBackendTuneArgs:
         return pulumi.get(self, "max_lease_ttl")
 
     @max_lease_ttl.setter
-    def max_lease_ttl(self, value: Optional[pulumi.Input[str]]):
+    def max_lease_ttl(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "max_lease_ttl", value)
 
     @property
     @pulumi.getter(name="passthroughRequestHeaders")
-    def passthrough_request_headers(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
+    def passthrough_request_headers(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
         """
         List of headers to whitelist and
         pass from the request to the backend.
@@ -240,12 +241,12 @@ class AuthBackendTuneArgs:
         return pulumi.get(self, "passthrough_request_headers")
 
     @passthrough_request_headers.setter
-    def passthrough_request_headers(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
+    def passthrough_request_headers(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
         pulumi.set(self, "passthrough_request_headers", value)
 
     @property
     @pulumi.getter(name="tokenType")
-    def token_type(self) -> Optional[pulumi.Input[str]]:
+    def token_type(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         Specifies the type of tokens that should be returned by
         the mount. Valid values are "default-service", "default-batch", "service", "batch".
@@ -253,20 +254,20 @@ class AuthBackendTuneArgs:
         return pulumi.get(self, "token_type")
 
     @token_type.setter
-    def token_type(self, value: Optional[pulumi.Input[str]]):
+    def token_type(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "token_type", value)
 
 
 if not MYPY:
     class ProviderAuthLoginArgsDict(TypedDict):
-        path: pulumi.Input[str]
-        method: NotRequired[pulumi.Input[str]]
-        namespace: NotRequired[pulumi.Input[str]]
+        path: pulumi.Input[builtins.str]
+        method: NotRequired[pulumi.Input[builtins.str]]
+        namespace: NotRequired[pulumi.Input[builtins.str]]
         """
         The authentication engine's namespace. Conflicts with use_root_namespace
         """
-        parameters: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[str]]]]
-        use_root_namespace: NotRequired[pulumi.Input[bool]]
+        parameters: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]
+        use_root_namespace: NotRequired[pulumi.Input[builtins.bool]]
         """
         Authenticate to the root Vault namespace. Conflicts with namespace
         """
@@ -276,14 +277,14 @@ elif False:
 @pulumi.input_type
 class ProviderAuthLoginArgs:
     def __init__(__self__, *,
-                 path: pulumi.Input[str],
-                 method: Optional[pulumi.Input[str]] = None,
-                 namespace: Optional[pulumi.Input[str]] = None,
-                 parameters: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
-                 use_root_namespace: Optional[pulumi.Input[bool]] = None):
+                 path: pulumi.Input[builtins.str],
+                 method: Optional[pulumi.Input[builtins.str]] = None,
+                 namespace: Optional[pulumi.Input[builtins.str]] = None,
+                 parameters: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
+                 use_root_namespace: Optional[pulumi.Input[builtins.bool]] = None):
         """
-        :param pulumi.Input[str] namespace: The authentication engine's namespace. Conflicts with use_root_namespace
-        :param pulumi.Input[bool] use_root_namespace: Authenticate to the root Vault namespace. Conflicts with namespace
+        :param pulumi.Input[builtins.str] namespace: The authentication engine's namespace. Conflicts with use_root_namespace
+        :param pulumi.Input[builtins.bool] use_root_namespace: Authenticate to the root Vault namespace. Conflicts with namespace
         """
         pulumi.set(__self__, "path", path)
         if method is not None:
@@ -297,119 +298,119 @@ class ProviderAuthLoginArgs:
 
     @property
     @pulumi.getter
-    def path(self) -> pulumi.Input[str]:
+    def path(self) -> pulumi.Input[builtins.str]:
         return pulumi.get(self, "path")
 
     @path.setter
-    def path(self, value: pulumi.Input[str]):
+    def path(self, value: pulumi.Input[builtins.str]):
         pulumi.set(self, "path", value)
 
     @property
     @pulumi.getter
-    def method(self) -> Optional[pulumi.Input[str]]:
+    def method(self) -> Optional[pulumi.Input[builtins.str]]:
         return pulumi.get(self, "method")
 
     @method.setter
-    def method(self, value: Optional[pulumi.Input[str]]):
+    def method(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "method", value)
 
     @property
     @pulumi.getter
-    def namespace(self) -> Optional[pulumi.Input[str]]:
+    def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The authentication engine's namespace. Conflicts with use_root_namespace
         """
         return pulumi.get(self, "namespace")
 
     @namespace.setter
-    def namespace(self, value: Optional[pulumi.Input[str]]):
+    def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "namespace", value)
 
     @property
     @pulumi.getter
-    def parameters(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
+    def parameters(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]:
         return pulumi.get(self, "parameters")
 
     @parameters.setter
-    def parameters(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
+    def parameters(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]):
         pulumi.set(self, "parameters", value)
 
     @property
     @pulumi.getter(name="useRootNamespace")
-    def use_root_namespace(self) -> Optional[pulumi.Input[bool]]:
+    def use_root_namespace(self) -> Optional[pulumi.Input[builtins.bool]]:
         """
         Authenticate to the root Vault namespace. Conflicts with namespace
         """
         return pulumi.get(self, "use_root_namespace")
 
     @use_root_namespace.setter
-    def use_root_namespace(self, value: Optional[pulumi.Input[bool]]):
+    def use_root_namespace(self, value: Optional[pulumi.Input[builtins.bool]]):
         pulumi.set(self, "use_root_namespace", value)
 
 
 if not MYPY:
     class ProviderAuthLoginAwsArgsDict(TypedDict):
-        role: pulumi.Input[str]
+        role: pulumi.Input[builtins.str]
         """
         The Vault role to use when logging into Vault.
         """
-        aws_access_key_id: NotRequired[pulumi.Input[str]]
+        aws_access_key_id: NotRequired[pulumi.Input[builtins.str]]
         """
         The AWS access key ID.
         """
-        aws_iam_endpoint: NotRequired[pulumi.Input[str]]
+        aws_iam_endpoint: NotRequired[pulumi.Input[builtins.str]]
         """
         The IAM endpoint URL.
         """
-        aws_profile: NotRequired[pulumi.Input[str]]
+        aws_profile: NotRequired[pulumi.Input[builtins.str]]
         """
         The name of the AWS profile.
         """
-        aws_region: NotRequired[pulumi.Input[str]]
+        aws_region: NotRequired[pulumi.Input[builtins.str]]
         """
         The AWS region.
         """
-        aws_role_arn: NotRequired[pulumi.Input[str]]
+        aws_role_arn: NotRequired[pulumi.Input[builtins.str]]
         """
         The ARN of the AWS Role to assume.Used during STS AssumeRole
         """
-        aws_role_session_name: NotRequired[pulumi.Input[str]]
+        aws_role_session_name: NotRequired[pulumi.Input[builtins.str]]
         """
         Specifies the name to attach to the AWS role session. Used during STS AssumeRole
         """
-        aws_secret_access_key: NotRequired[pulumi.Input[str]]
+        aws_secret_access_key: NotRequired[pulumi.Input[builtins.str]]
         """
         The AWS secret access key.
         """
-        aws_session_token: NotRequired[pulumi.Input[str]]
+        aws_session_token: NotRequired[pulumi.Input[builtins.str]]
         """
         The AWS session token.
         """
-        aws_shared_credentials_file: NotRequired[pulumi.Input[str]]
+        aws_shared_credentials_file: NotRequired[pulumi.Input[builtins.str]]
         """
         Path to the AWS shared credentials file.
         """
-        aws_sts_endpoint: NotRequired[pulumi.Input[str]]
+        aws_sts_endpoint: NotRequired[pulumi.Input[builtins.str]]
         """
         The STS endpoint URL.
         """
-        aws_web_identity_token_file: NotRequired[pulumi.Input[str]]
+        aws_web_identity_token_file: NotRequired[pulumi.Input[builtins.str]]
         """
         Path to the file containing an OAuth 2.0 access token or OpenID Connect ID token.
         """
-        header_value: NotRequired[pulumi.Input[str]]
+        header_value: NotRequired[pulumi.Input[builtins.str]]
         """
         The Vault header value to include in the STS signing request.
         """
-        mount: NotRequired[pulumi.Input[str]]
+        mount: NotRequired[pulumi.Input[builtins.str]]
         """
         The path where the authentication engine is mounted.
         """
-        namespace: NotRequired[pulumi.Input[str]]
+        namespace: NotRequired[pulumi.Input[builtins.str]]
         """
         The authentication engine's namespace. Conflicts with use_root_namespace
         """
-        use_root_namespace: NotRequired[pulumi.Input[bool]]
+        use_root_namespace: NotRequired[pulumi.Input[builtins.bool]]
         """
         Authenticate to the root Vault namespace. Conflicts with namespace
         """
@@ -419,39 +420,39 @@ elif False:
 @pulumi.input_type
 class ProviderAuthLoginAwsArgs:
     def __init__(__self__, *,
-                 role: pulumi.Input[str],
-                 aws_access_key_id: Optional[pulumi.Input[str]] = None,
-                 aws_iam_endpoint: Optional[pulumi.Input[str]] = None,
-                 aws_profile: Optional[pulumi.Input[str]] = None,
-                 aws_region: Optional[pulumi.Input[str]] = None,
-                 aws_role_arn: Optional[pulumi.Input[str]] = None,
-                 aws_role_session_name: Optional[pulumi.Input[str]] = None,
-                 aws_secret_access_key: Optional[pulumi.Input[str]] = None,
-                 aws_session_token: Optional[pulumi.Input[str]] = None,
-                 aws_shared_credentials_file: Optional[pulumi.Input[str]] = None,
-                 aws_sts_endpoint: Optional[pulumi.Input[str]] = None,
-                 aws_web_identity_token_file: Optional[pulumi.Input[str]] = None,
-                 header_value: Optional[pulumi.Input[str]] = None,
-                 mount: Optional[pulumi.Input[str]] = None,
-                 namespace: Optional[pulumi.Input[str]] = None,
-                 use_root_namespace: Optional[pulumi.Input[bool]] = None):
-        """
-        :param pulumi.Input[str] role: The Vault role to use when logging into Vault.
-        :param pulumi.Input[str] aws_access_key_id: The AWS access key ID.
-        :param pulumi.Input[str] aws_iam_endpoint: The IAM endpoint URL.
-        :param pulumi.Input[str] aws_profile: The name of the AWS profile.
-        :param pulumi.Input[str] aws_region: The AWS region.
-        :param pulumi.Input[str] aws_role_arn: The ARN of the AWS Role to assume.Used during STS AssumeRole
-        :param pulumi.Input[str] aws_role_session_name: Specifies the name to attach to the AWS role session. Used during STS AssumeRole
-        :param pulumi.Input[str] aws_secret_access_key: The AWS secret access key.
-        :param pulumi.Input[str] aws_session_token: The AWS session token.
-        :param pulumi.Input[str] aws_shared_credentials_file: Path to the AWS shared credentials file.
-        :param pulumi.Input[str] aws_sts_endpoint: The STS endpoint URL.
-        :param pulumi.Input[str] aws_web_identity_token_file: Path to the file containing an OAuth 2.0 access token or OpenID Connect ID token.
-        :param pulumi.Input[str] header_value: The Vault header value to include in the STS signing request.
-        :param pulumi.Input[str] mount: The path where the authentication engine is mounted.
-        :param pulumi.Input[str] namespace: The authentication engine's namespace. Conflicts with use_root_namespace
-        :param pulumi.Input[bool] use_root_namespace: Authenticate to the root Vault namespace. Conflicts with namespace
+                 role: pulumi.Input[builtins.str],
+                 aws_access_key_id: Optional[pulumi.Input[builtins.str]] = None,
+                 aws_iam_endpoint: Optional[pulumi.Input[builtins.str]] = None,
+                 aws_profile: Optional[pulumi.Input[builtins.str]] = None,
+                 aws_region: Optional[pulumi.Input[builtins.str]] = None,
+                 aws_role_arn: Optional[pulumi.Input[builtins.str]] = None,
+                 aws_role_session_name: Optional[pulumi.Input[builtins.str]] = None,
+                 aws_secret_access_key: Optional[pulumi.Input[builtins.str]] = None,
+                 aws_session_token: Optional[pulumi.Input[builtins.str]] = None,
+                 aws_shared_credentials_file: Optional[pulumi.Input[builtins.str]] = None,
+                 aws_sts_endpoint: Optional[pulumi.Input[builtins.str]] = None,
+                 aws_web_identity_token_file: Optional[pulumi.Input[builtins.str]] = None,
+                 header_value: Optional[pulumi.Input[builtins.str]] = None,
+                 mount: Optional[pulumi.Input[builtins.str]] = None,
+                 namespace: Optional[pulumi.Input[builtins.str]] = None,
+                 use_root_namespace: Optional[pulumi.Input[builtins.bool]] = None):
+        """
+        :param pulumi.Input[builtins.str] role: The Vault role to use when logging into Vault.
+        :param pulumi.Input[builtins.str] aws_access_key_id: The AWS access key ID.
+        :param pulumi.Input[builtins.str] aws_iam_endpoint: The IAM endpoint URL.
+        :param pulumi.Input[builtins.str] aws_profile: The name of the AWS profile.
+        :param pulumi.Input[builtins.str] aws_region: The AWS region.
+        :param pulumi.Input[builtins.str] aws_role_arn: The ARN of the AWS Role to assume.Used during STS AssumeRole
+        :param pulumi.Input[builtins.str] aws_role_session_name: Specifies the name to attach to the AWS role session. Used during STS AssumeRole
+        :param pulumi.Input[builtins.str] aws_secret_access_key: The AWS secret access key.
+        :param pulumi.Input[builtins.str] aws_session_token: The AWS session token.
+        :param pulumi.Input[builtins.str] aws_shared_credentials_file: Path to the AWS shared credentials file.
+        :param pulumi.Input[builtins.str] aws_sts_endpoint: The STS endpoint URL.
+        :param pulumi.Input[builtins.str] aws_web_identity_token_file: Path to the file containing an OAuth 2.0 access token or OpenID Connect ID token.
+        :param pulumi.Input[builtins.str] header_value: The Vault header value to include in the STS signing request.
+        :param pulumi.Input[builtins.str] mount: The path where the authentication engine is mounted.
+        :param pulumi.Input[builtins.str] namespace: The authentication engine's namespace. Conflicts with use_root_namespace
+        :param pulumi.Input[builtins.bool] use_root_namespace: Authenticate to the root Vault namespace. Conflicts with namespace
         """
         pulumi.set(__self__, "role", role)
         if aws_access_key_id is not None:
@@ -487,244 +488,244 @@ class ProviderAuthLoginAwsArgs:
 
     @property
     @pulumi.getter
-    def role(self) -> pulumi.Input[str]:
+    def role(self) -> pulumi.Input[builtins.str]:
         """
         The Vault role to use when logging into Vault.
         """
         return pulumi.get(self, "role")
 
     @role.setter
-    def role(self, value: pulumi.Input[str]):
+    def role(self, value: pulumi.Input[builtins.str]):
         pulumi.set(self, "role", value)
 
     @property
     @pulumi.getter(name="awsAccessKeyId")
-    def aws_access_key_id(self) -> Optional[pulumi.Input[str]]:
+    def aws_access_key_id(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The AWS access key ID.
         """
         return pulumi.get(self, "aws_access_key_id")
 
     @aws_access_key_id.setter
-    def aws_access_key_id(self, value: Optional[pulumi.Input[str]]):
+    def aws_access_key_id(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "aws_access_key_id", value)
 
     @property
     @pulumi.getter(name="awsIamEndpoint")
-    def aws_iam_endpoint(self) -> Optional[pulumi.Input[str]]:
+    def aws_iam_endpoint(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The IAM endpoint URL.
         """
         return pulumi.get(self, "aws_iam_endpoint")
 
     @aws_iam_endpoint.setter
-    def aws_iam_endpoint(self, value: Optional[pulumi.Input[str]]):
+    def aws_iam_endpoint(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "aws_iam_endpoint", value)
 
     @property
     @pulumi.getter(name="awsProfile")
-    def aws_profile(self) -> Optional[pulumi.Input[str]]:
+    def aws_profile(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The name of the AWS profile.
         """
         return pulumi.get(self, "aws_profile")
 
     @aws_profile.setter
-    def aws_profile(self, value: Optional[pulumi.Input[str]]):
+    def aws_profile(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "aws_profile", value)
 
     @property
     @pulumi.getter(name="awsRegion")
-    def aws_region(self) -> Optional[pulumi.Input[str]]:
+    def aws_region(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The AWS region.
         """
         return pulumi.get(self, "aws_region")
 
     @aws_region.setter
-    def aws_region(self, value: Optional[pulumi.Input[str]]):
+    def aws_region(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "aws_region", value)
 
     @property
     @pulumi.getter(name="awsRoleArn")
-    def aws_role_arn(self) -> Optional[pulumi.Input[str]]:
+    def aws_role_arn(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The ARN of the AWS Role to assume.Used during STS AssumeRole
         """
         return pulumi.get(self, "aws_role_arn")
 
     @aws_role_arn.setter
-    def aws_role_arn(self, value: Optional[pulumi.Input[str]]):
+    def aws_role_arn(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "aws_role_arn", value)
 
     @property
     @pulumi.getter(name="awsRoleSessionName")
-    def aws_role_session_name(self) -> Optional[pulumi.Input[str]]:
+    def aws_role_session_name(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         Specifies the name to attach to the AWS role session. Used during STS AssumeRole
         """
         return pulumi.get(self, "aws_role_session_name")
 
     @aws_role_session_name.setter
-    def aws_role_session_name(self, value: Optional[pulumi.Input[str]]):
+    def aws_role_session_name(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "aws_role_session_name", value)
 
     @property
     @pulumi.getter(name="awsSecretAccessKey")
-    def aws_secret_access_key(self) -> Optional[pulumi.Input[str]]:
+    def aws_secret_access_key(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The AWS secret access key.
         """
         return pulumi.get(self, "aws_secret_access_key")
 
     @aws_secret_access_key.setter
-    def aws_secret_access_key(self, value: Optional[pulumi.Input[str]]):
+    def aws_secret_access_key(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "aws_secret_access_key", value)
 
     @property
     @pulumi.getter(name="awsSessionToken")
-    def aws_session_token(self) -> Optional[pulumi.Input[str]]:
+    def aws_session_token(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The AWS session token.
         """
         return pulumi.get(self, "aws_session_token")
 
     @aws_session_token.setter
-    def aws_session_token(self, value: Optional[pulumi.Input[str]]):
+    def aws_session_token(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "aws_session_token", value)
 
     @property
     @pulumi.getter(name="awsSharedCredentialsFile")
-    def aws_shared_credentials_file(self) -> Optional[pulumi.Input[str]]:
+    def aws_shared_credentials_file(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         Path to the AWS shared credentials file.
         """
         return pulumi.get(self, "aws_shared_credentials_file")
 
     @aws_shared_credentials_file.setter
-    def aws_shared_credentials_file(self, value: Optional[pulumi.Input[str]]):
+    def aws_shared_credentials_file(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "aws_shared_credentials_file", value)
 
     @property
     @pulumi.getter(name="awsStsEndpoint")
-    def aws_sts_endpoint(self) -> Optional[pulumi.Input[str]]:
+    def aws_sts_endpoint(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The STS endpoint URL.
         """
         return pulumi.get(self, "aws_sts_endpoint")
 
     @aws_sts_endpoint.setter
-    def aws_sts_endpoint(self, value: Optional[pulumi.Input[str]]):
+    def aws_sts_endpoint(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "aws_sts_endpoint", value)
 
     @property
     @pulumi.getter(name="awsWebIdentityTokenFile")
-    def aws_web_identity_token_file(self) -> Optional[pulumi.Input[str]]:
+    def aws_web_identity_token_file(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         Path to the file containing an OAuth 2.0 access token or OpenID Connect ID token.
         """
         return pulumi.get(self, "aws_web_identity_token_file")
 
     @aws_web_identity_token_file.setter
-    def aws_web_identity_token_file(self, value: Optional[pulumi.Input[str]]):
+    def aws_web_identity_token_file(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "aws_web_identity_token_file", value)
 
     @property
     @pulumi.getter(name="headerValue")
-    def header_value(self) -> Optional[pulumi.Input[str]]:
+    def header_value(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The Vault header value to include in the STS signing request.
         """
         return pulumi.get(self, "header_value")
 
     @header_value.setter
-    def header_value(self, value: Optional[pulumi.Input[str]]):
+    def header_value(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "header_value", value)
 
     @property
     @pulumi.getter
-    def mount(self) -> Optional[pulumi.Input[str]]:
+    def mount(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The path where the authentication engine is mounted.
         """
         return pulumi.get(self, "mount")
 
     @mount.setter
-    def mount(self, value: Optional[pulumi.Input[str]]):
+    def mount(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "mount", value)
 
     @property
     @pulumi.getter
-    def namespace(self) -> Optional[pulumi.Input[str]]:
+    def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The authentication engine's namespace. Conflicts with use_root_namespace
         """
         return pulumi.get(self, "namespace")
 
     @namespace.setter
-    def namespace(self, value: Optional[pulumi.Input[str]]):
+    def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "namespace", value)
 
     @property
     @pulumi.getter(name="useRootNamespace")
-    def use_root_namespace(self) -> Optional[pulumi.Input[bool]]:
+    def use_root_namespace(self) -> Optional[pulumi.Input[builtins.bool]]:
         """
         Authenticate to the root Vault namespace. Conflicts with namespace
         """
         return pulumi.get(self, "use_root_namespace")
 
     @use_root_namespace.setter
-    def use_root_namespace(self, value: Optional[pulumi.Input[bool]]):
+    def use_root_namespace(self, value: Optional[pulumi.Input[builtins.bool]]):
         pulumi.set(self, "use_root_namespace", value)
 
 
 if not MYPY:
     class ProviderAuthLoginAzureArgsDict(TypedDict):
-        resource_group_name: pulumi.Input[str]
+        resource_group_name: pulumi.Input[builtins.str]
         """
         The resource group for the machine that generated the MSI token. This information can be obtained through instance metadata.
         """
-        role: pulumi.Input[str]
+        role: pulumi.Input[builtins.str]
         """
         Name of the login role.
         """
-        subscription_id: pulumi.Input[str]
+        subscription_id: pulumi.Input[builtins.str]
         """
         The subscription ID for the machine that generated the MSI token. This information can be obtained through instance metadata.
         """
-        client_id: NotRequired[pulumi.Input[str]]
+        client_id: NotRequired[pulumi.Input[builtins.str]]
         """
         The identity's client ID.
         """
-        jwt: NotRequired[pulumi.Input[str]]
+        jwt: NotRequired[pulumi.Input[builtins.str]]
         """
         A signed JSON Web Token. If not specified on will be created automatically
         """
-        mount: NotRequired[pulumi.Input[str]]
+        mount: NotRequired[pulumi.Input[builtins.str]]
         """
         The path where the authentication engine is mounted.
         """
-        namespace: NotRequired[pulumi.Input[str]]
+        namespace: NotRequired[pulumi.Input[builtins.str]]
         """
         The authentication engine's namespace. Conflicts with use_root_namespace
         """
-        scope: NotRequired[pulumi.Input[str]]
+        scope: NotRequired[pulumi.Input[builtins.str]]
         """
         The scopes to include in the token request.
         """
-        tenant_id: NotRequired[pulumi.Input[str]]
+        tenant_id: NotRequired[pulumi.Input[builtins.str]]
         """
         Provides the tenant ID to use in a multi-tenant authentication scenario.
         """
-        use_root_namespace: NotRequired[pulumi.Input[bool]]
+        use_root_namespace: NotRequired[pulumi.Input[builtins.bool]]
         """
         Authenticate to the root Vault namespace. Conflicts with namespace
         """
-        vm_name: NotRequired[pulumi.Input[str]]
+        vm_name: NotRequired[pulumi.Input[builtins.str]]
         """
         The virtual machine name for the machine that generated the MSI token. This information can be obtained through instance metadata.
         """
-        vmss_name: NotRequired[pulumi.Input[str]]
+        vmss_name: NotRequired[pulumi.Input[builtins.str]]
         """
         The virtual machine scale set name for the machine that generated the MSI token. This information can be obtained through instance metadata.
         """
@@ -734,31 +735,31 @@ elif False:
 @pulumi.input_type
 class ProviderAuthLoginAzureArgs:
     def __init__(__self__, *,
-                 resource_group_name: pulumi.Input[str],
-                 role: pulumi.Input[str],
-                 subscription_id: pulumi.Input[str],
-                 client_id: Optional[pulumi.Input[str]] = None,
-                 jwt: Optional[pulumi.Input[str]] = None,
-                 mount: Optional[pulumi.Input[str]] = None,
-                 namespace: Optional[pulumi.Input[str]] = None,
-                 scope: Optional[pulumi.Input[str]] = None,
-                 tenant_id: Optional[pulumi.Input[str]] = None,
-                 use_root_namespace: Optional[pulumi.Input[bool]] = None,
-                 vm_name: Optional[pulumi.Input[str]] = None,
-                 vmss_name: Optional[pulumi.Input[str]] = None):
-        """
-        :param pulumi.Input[str] resource_group_name: The resource group for the machine that generated the MSI token. This information can be obtained through instance metadata.
-        :param pulumi.Input[str] role: Name of the login role.
-        :param pulumi.Input[str] subscription_id: The subscription ID for the machine that generated the MSI token. This information can be obtained through instance metadata.
-        :param pulumi.Input[str] client_id: The identity's client ID.
-        :param pulumi.Input[str] jwt: A signed JSON Web Token. If not specified on will be created automatically
-        :param pulumi.Input[str] mount: The path where the authentication engine is mounted.
-        :param pulumi.Input[str] namespace: The authentication engine's namespace. Conflicts with use_root_namespace
-        :param pulumi.Input[str] scope: The scopes to include in the token request.
-        :param pulumi.Input[str] tenant_id: Provides the tenant ID to use in a multi-tenant authentication scenario.
-        :param pulumi.Input[bool] use_root_namespace: Authenticate to the root Vault namespace. Conflicts with namespace
-        :param pulumi.Input[str] vm_name: The virtual machine name for the machine that generated the MSI token. This information can be obtained through instance metadata.
-        :param pulumi.Input[str] vmss_name: The virtual machine scale set name for the machine that generated the MSI token. This information can be obtained through instance metadata.
+                 resource_group_name: pulumi.Input[builtins.str],
+                 role: pulumi.Input[builtins.str],
+                 subscription_id: pulumi.Input[builtins.str],
+                 client_id: Optional[pulumi.Input[builtins.str]] = None,
+                 jwt: Optional[pulumi.Input[builtins.str]] = None,
+                 mount: Optional[pulumi.Input[builtins.str]] = None,
+                 namespace: Optional[pulumi.Input[builtins.str]] = None,
+                 scope: Optional[pulumi.Input[builtins.str]] = None,
+                 tenant_id: Optional[pulumi.Input[builtins.str]] = None,
+                 use_root_namespace: Optional[pulumi.Input[builtins.bool]] = None,
+                 vm_name: Optional[pulumi.Input[builtins.str]] = None,
+                 vmss_name: Optional[pulumi.Input[builtins.str]] = None):
+        """
+        :param pulumi.Input[builtins.str] resource_group_name: The resource group for the machine that generated the MSI token. This information can be obtained through instance metadata.
+        :param pulumi.Input[builtins.str] role: Name of the login role.
+        :param pulumi.Input[builtins.str] subscription_id: The subscription ID for the machine that generated the MSI token. This information can be obtained through instance metadata.
+        :param pulumi.Input[builtins.str] client_id: The identity's client ID.
+        :param pulumi.Input[builtins.str] jwt: A signed JSON Web Token. If not specified on will be created automatically
+        :param pulumi.Input[builtins.str] mount: The path where the authentication engine is mounted.
+        :param pulumi.Input[builtins.str] namespace: The authentication engine's namespace. Conflicts with use_root_namespace
+        :param pulumi.Input[builtins.str] scope: The scopes to include in the token request.
+        :param pulumi.Input[builtins.str] tenant_id: Provides the tenant ID to use in a multi-tenant authentication scenario.
+        :param pulumi.Input[builtins.bool] use_root_namespace: Authenticate to the root Vault namespace. Conflicts with namespace
+        :param pulumi.Input[builtins.str] vm_name: The virtual machine name for the machine that generated the MSI token. This information can be obtained through instance metadata.
+        :param pulumi.Input[builtins.str] vmss_name: The virtual machine scale set name for the machine that generated the MSI token. This information can be obtained through instance metadata.
         """
         pulumi.set(__self__, "resource_group_name", resource_group_name)
         pulumi.set(__self__, "role", role)
@@ -784,172 +785,172 @@ class ProviderAuthLoginAzureArgs:
 
     @property
     @pulumi.getter(name="resourceGroupName")
-    def resource_group_name(self) -> pulumi.Input[str]:
+    def resource_group_name(self) -> pulumi.Input[builtins.str]:
         """
         The resource group for the machine that generated the MSI token. This information can be obtained through instance metadata.
         """
         return pulumi.get(self, "resource_group_name")
 
     @resource_group_name.setter
-    def resource_group_name(self, value: pulumi.Input[str]):
+    def resource_group_name(self, value: pulumi.Input[builtins.str]):
         pulumi.set(self, "resource_group_name", value)
 
     @property
     @pulumi.getter
-    def role(self) -> pulumi.Input[str]:
+    def role(self) -> pulumi.Input[builtins.str]:
         """
         Name of the login role.
         """
         return pulumi.get(self, "role")
 
     @role.setter
-    def role(self, value: pulumi.Input[str]):
+    def role(self, value: pulumi.Input[builtins.str]):
         pulumi.set(self, "role", value)
 
     @property
     @pulumi.getter(name="subscriptionId")
-    def subscription_id(self) -> pulumi.Input[str]:
+    def subscription_id(self) -> pulumi.Input[builtins.str]:
         """
         The subscription ID for the machine that generated the MSI token. This information can be obtained through instance metadata.
         """
         return pulumi.get(self, "subscription_id")
 
     @subscription_id.setter
-    def subscription_id(self, value: pulumi.Input[str]):
+    def subscription_id(self, value: pulumi.Input[builtins.str]):
         pulumi.set(self, "subscription_id", value)
 
     @property
     @pulumi.getter(name="clientId")
-    def client_id(self) -> Optional[pulumi.Input[str]]:
+    def client_id(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The identity's client ID.
         """
         return pulumi.get(self, "client_id")
 
     @client_id.setter
-    def client_id(self, value: Optional[pulumi.Input[str]]):
+    def client_id(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "client_id", value)
 
     @property
     @pulumi.getter
-    def jwt(self) -> Optional[pulumi.Input[str]]:
+    def jwt(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         A signed JSON Web Token. If not specified on will be created automatically
         """
         return pulumi.get(self, "jwt")
 
     @jwt.setter
-    def jwt(self, value: Optional[pulumi.Input[str]]):
+    def jwt(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "jwt", value)
 
     @property
     @pulumi.getter
-    def mount(self) -> Optional[pulumi.Input[str]]:
+    def mount(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The path where the authentication engine is mounted.
         """
         return pulumi.get(self, "mount")
 
     @mount.setter
-    def mount(self, value: Optional[pulumi.Input[str]]):
+    def mount(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "mount", value)
 
     @property
     @pulumi.getter
-    def namespace(self) -> Optional[pulumi.Input[str]]:
+    def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The authentication engine's namespace. Conflicts with use_root_namespace
         """
         return pulumi.get(self, "namespace")
 
     @namespace.setter
-    def namespace(self, value: Optional[pulumi.Input[str]]):
+    def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "namespace", value)
 
     @property
     @pulumi.getter
-    def scope(self) -> Optional[pulumi.Input[str]]:
+    def scope(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The scopes to include in the token request.
         """
         return pulumi.get(self, "scope")
 
     @scope.setter
-    def scope(self, value: Optional[pulumi.Input[str]]):
+    def scope(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "scope", value)
 
     @property
     @pulumi.getter(name="tenantId")
-    def tenant_id(self) -> Optional[pulumi.Input[str]]:
+    def tenant_id(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         Provides the tenant ID to use in a multi-tenant authentication scenario.
         """
         return pulumi.get(self, "tenant_id")
 
     @tenant_id.setter
-    def tenant_id(self, value: Optional[pulumi.Input[str]]):
+    def tenant_id(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "tenant_id", value)
 
     @property
     @pulumi.getter(name="useRootNamespace")
-    def use_root_namespace(self) -> Optional[pulumi.Input[bool]]:
+    def use_root_namespace(self) -> Optional[pulumi.Input[builtins.bool]]:
         """
         Authenticate to the root Vault namespace. Conflicts with namespace
         """
         return pulumi.get(self, "use_root_namespace")
 
     @use_root_namespace.setter
-    def use_root_namespace(self, value: Optional[pulumi.Input[bool]]):
+    def use_root_namespace(self, value: Optional[pulumi.Input[builtins.bool]]):
         pulumi.set(self, "use_root_namespace", value)
 
     @property
     @pulumi.getter(name="vmName")
-    def vm_name(self) -> Optional[pulumi.Input[str]]:
+    def vm_name(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The virtual machine name for the machine that generated the MSI token. This information can be obtained through instance metadata.
         """
         return pulumi.get(self, "vm_name")
 
     @vm_name.setter
-    def vm_name(self, value: Optional[pulumi.Input[str]]):
+    def vm_name(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "vm_name", value)
 
     @property
     @pulumi.getter(name="vmssName")
-    def vmss_name(self) -> Optional[pulumi.Input[str]]:
+    def vmss_name(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The virtual machine scale set name for the machine that generated the MSI token. This information can be obtained through instance metadata.
         """
         return pulumi.get(self, "vmss_name")
 
     @vmss_name.setter
-    def vmss_name(self, value: Optional[pulumi.Input[str]]):
+    def vmss_name(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "vmss_name", value)
 
 
 if not MYPY:
     class ProviderAuthLoginCertArgsDict(TypedDict):
-        cert_file: pulumi.Input[str]
+        cert_file: pulumi.Input[builtins.str]
         """
         Path to a file containing the client certificate.
         """
-        key_file: pulumi.Input[str]
+        key_file: pulumi.Input[builtins.str]
         """
         Path to a file containing the private key that the certificate was issued for.
         """
-        mount: NotRequired[pulumi.Input[str]]
+        mount: NotRequired[pulumi.Input[builtins.str]]
         """
         The path where the authentication engine is mounted.
         """
-        name: NotRequired[pulumi.Input[str]]
+        name: NotRequired[pulumi.Input[builtins.str]]
         """
         Name of the certificate's role
         """
-        namespace: NotRequired[pulumi.Input[str]]
+        namespace: NotRequired[pulumi.Input[builtins.str]]
         """
         The authentication engine's namespace. Conflicts with use_root_namespace
         """
-        use_root_namespace: NotRequired[pulumi.Input[bool]]
+        use_root_namespace: NotRequired[pulumi.Input[builtins.bool]]
         """
         Authenticate to the root Vault namespace. Conflicts with namespace
         """
@@ -959,19 +960,19 @@ elif False:
 @pulumi.input_type
 class ProviderAuthLoginCertArgs:
     def __init__(__self__, *,
-                 cert_file: pulumi.Input[str],
-                 key_file: pulumi.Input[str],
-                 mount: Optional[pulumi.Input[str]] = None,
-                 name: Optional[pulumi.Input[str]] = None,
-                 namespace: Optional[pulumi.Input[str]] = None,
-                 use_root_namespace: Optional[pulumi.Input[bool]] = None):
-        """
-        :param pulumi.Input[str] cert_file: Path to a file containing the client certificate.
-        :param pulumi.Input[str] key_file: Path to a file containing the private key that the certificate was issued for.
-        :param pulumi.Input[str] mount: The path where the authentication engine is mounted.
-        :param pulumi.Input[str] name: Name of the certificate's role
-        :param pulumi.Input[str] namespace: The authentication engine's namespace. Conflicts with use_root_namespace
-        :param pulumi.Input[bool] use_root_namespace: Authenticate to the root Vault namespace. Conflicts with namespace
+                 cert_file: pulumi.Input[builtins.str],
+                 key_file: pulumi.Input[builtins.str],
+                 mount: Optional[pulumi.Input[builtins.str]] = None,
+                 name: Optional[pulumi.Input[builtins.str]] = None,
+                 namespace: Optional[pulumi.Input[builtins.str]] = None,
+                 use_root_namespace: Optional[pulumi.Input[builtins.bool]] = None):
+        """
+        :param pulumi.Input[builtins.str] cert_file: Path to a file containing the client certificate.
+        :param pulumi.Input[builtins.str] key_file: Path to a file containing the private key that the certificate was issued for.
+        :param pulumi.Input[builtins.str] mount: The path where the authentication engine is mounted.
+        :param pulumi.Input[builtins.str] name: Name of the certificate's role
+        :param pulumi.Input[builtins.str] namespace: The authentication engine's namespace. Conflicts with use_root_namespace
+        :param pulumi.Input[builtins.bool] use_root_namespace: Authenticate to the root Vault namespace. Conflicts with namespace
         """
         pulumi.set(__self__, "cert_file", cert_file)
         pulumi.set(__self__, "key_file", key_file)
@@ -986,104 +987,104 @@ class ProviderAuthLoginCertArgs:
 
     @property
     @pulumi.getter(name="certFile")
-    def cert_file(self) -> pulumi.Input[str]:
+    def cert_file(self) -> pulumi.Input[builtins.str]:
         """
         Path to a file containing the client certificate.
         """
         return pulumi.get(self, "cert_file")
 
     @cert_file.setter
-    def cert_file(self, value: pulumi.Input[str]):
+    def cert_file(self, value: pulumi.Input[builtins.str]):
         pulumi.set(self, "cert_file", value)
 
     @property
     @pulumi.getter(name="keyFile")
-    def key_file(self) -> pulumi.Input[str]:
+    def key_file(self) -> pulumi.Input[builtins.str]:
         """
         Path to a file containing the private key that the certificate was issued for.
         """
         return pulumi.get(self, "key_file")
 
     @key_file.setter
-    def key_file(self, value: pulumi.Input[str]):
+    def key_file(self, value: pulumi.Input[builtins.str]):
         pulumi.set(self, "key_file", value)
 
     @property
     @pulumi.getter
-    def mount(self) -> Optional[pulumi.Input[str]]:
+    def mount(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The path where the authentication engine is mounted.
         """
         return pulumi.get(self, "mount")
 
     @mount.setter
-    def mount(self, value: Optional[pulumi.Input[str]]):
+    def mount(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "mount", value)
 
     @property
     @pulumi.getter
-    def name(self) -> Optional[pulumi.Input[str]]:
+    def name(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         Name of the certificate's role
         """
         return pulumi.get(self, "name")
 
     @name.setter
-    def name(self, value: Optional[pulumi.Input[str]]):
+    def name(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "name", value)
 
     @property
     @pulumi.getter
-    def namespace(self) -> Optional[pulumi.Input[str]]:
+    def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The authentication engine's namespace. Conflicts with use_root_namespace
         """
         return pulumi.get(self, "namespace")
 
     @namespace.setter
-    def namespace(self, value: Optional[pulumi.Input[str]]):
+    def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "namespace", value)
 
     @property
     @pulumi.getter(name="useRootNamespace")
-    def use_root_namespace(self) -> Optional[pulumi.Input[bool]]:
+    def use_root_namespace(self) -> Optional[pulumi.Input[builtins.bool]]:
         """
         Authenticate to the root Vault namespace. Conflicts with namespace
         """
         return pulumi.get(self, "use_root_namespace")
 
     @use_root_namespace.setter
-    def use_root_namespace(self, value: Optional[pulumi.Input[bool]]):
+    def use_root_namespace(self, value: Optional[pulumi.Input[builtins.bool]]):
         pulumi.set(self, "use_root_namespace", value)
 
 
 if not MYPY:
     class ProviderAuthLoginGcpArgsDict(TypedDict):
-        role: pulumi.Input[str]
+        role: pulumi.Input[builtins.str]
         """
         Name of the login role.
         """
-        credentials: NotRequired[pulumi.Input[str]]
+        credentials: NotRequired[pulumi.Input[builtins.str]]
         """
         Path to the Google Cloud credentials file.
         """
-        jwt: NotRequired[pulumi.Input[str]]
+        jwt: NotRequired[pulumi.Input[builtins.str]]
         """
         A signed JSON Web Token.
         """
-        mount: NotRequired[pulumi.Input[str]]
+        mount: NotRequired[pulumi.Input[builtins.str]]
         """
         The path where the authentication engine is mounted.
         """
-        namespace: NotRequired[pulumi.Input[str]]
+        namespace: NotRequired[pulumi.Input[builtins.str]]
         """
         The authentication engine's namespace. Conflicts with use_root_namespace
         """
-        service_account: NotRequired[pulumi.Input[str]]
+        service_account: NotRequired[pulumi.Input[builtins.str]]
         """
         IAM service account.
         """
-        use_root_namespace: NotRequired[pulumi.Input[bool]]
+        use_root_namespace: NotRequired[pulumi.Input[builtins.bool]]
         """
         Authenticate to the root Vault namespace. Conflicts with namespace
         """
@@ -1093,21 +1094,21 @@ elif False:
 @pulumi.input_type
 class ProviderAuthLoginGcpArgs:
     def __init__(__self__, *,
-                 role: pulumi.Input[str],
-                 credentials: Optional[pulumi.Input[str]] = None,
-                 jwt: Optional[pulumi.Input[str]] = None,
-                 mount: Optional[pulumi.Input[str]] = None,
-                 namespace: Optional[pulumi.Input[str]] = None,
-                 service_account: Optional[pulumi.Input[str]] = None,
-                 use_root_namespace: Optional[pulumi.Input[bool]] = None):
-        """
-        :param pulumi.Input[str] role: Name of the login role.
-        :param pulumi.Input[str] credentials: Path to the Google Cloud credentials file.
-        :param pulumi.Input[str] jwt: A signed JSON Web Token.
-        :param pulumi.Input[str] mount: The path where the authentication engine is mounted.
-        :param pulumi.Input[str] namespace: The authentication engine's namespace. Conflicts with use_root_namespace
-        :param pulumi.Input[str] service_account: IAM service account.
-        :param pulumi.Input[bool] use_root_namespace: Authenticate to the root Vault namespace. Conflicts with namespace
+                 role: pulumi.Input[builtins.str],
+                 credentials: Optional[pulumi.Input[builtins.str]] = None,
+                 jwt: Optional[pulumi.Input[builtins.str]] = None,
+                 mount: Optional[pulumi.Input[builtins.str]] = None,
+                 namespace: Optional[pulumi.Input[builtins.str]] = None,
+                 service_account: Optional[pulumi.Input[builtins.str]] = None,
+                 use_root_namespace: Optional[pulumi.Input[builtins.bool]] = None):
+        """
+        :param pulumi.Input[builtins.str] role: Name of the login role.
+        :param pulumi.Input[builtins.str] credentials: Path to the Google Cloud credentials file.
+        :param pulumi.Input[builtins.str] jwt: A signed JSON Web Token.
+        :param pulumi.Input[builtins.str] mount: The path where the authentication engine is mounted.
+        :param pulumi.Input[builtins.str] namespace: The authentication engine's namespace. Conflicts with use_root_namespace
+        :param pulumi.Input[builtins.str] service_account: IAM service account.
+        :param pulumi.Input[builtins.bool] use_root_namespace: Authenticate to the root Vault namespace. Conflicts with namespace
         """
         pulumi.set(__self__, "role", role)
         if credentials is not None:
@@ -1125,108 +1126,108 @@ class ProviderAuthLoginGcpArgs:
 
     @property
     @pulumi.getter
-    def role(self) -> pulumi.Input[str]:
+    def role(self) -> pulumi.Input[builtins.str]:
         """
         Name of the login role.
         """
         return pulumi.get(self, "role")
 
     @role.setter
-    def role(self, value: pulumi.Input[str]):
+    def role(self, value: pulumi.Input[builtins.str]):
         pulumi.set(self, "role", value)
 
     @property
     @pulumi.getter
-    def credentials(self) -> Optional[pulumi.Input[str]]:
+    def credentials(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         Path to the Google Cloud credentials file.
         """
         return pulumi.get(self, "credentials")
 
     @credentials.setter
-    def credentials(self, value: Optional[pulumi.Input[str]]):
+    def credentials(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "credentials", value)
 
     @property
     @pulumi.getter
-    def jwt(self) -> Optional[pulumi.Input[str]]:
+    def jwt(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         A signed JSON Web Token.
         """
         return pulumi.get(self, "jwt")
 
     @jwt.setter
-    def jwt(self, value: Optional[pulumi.Input[str]]):
+    def jwt(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "jwt", value)
 
     @property
     @pulumi.getter
-    def mount(self) -> Optional[pulumi.Input[str]]:
+    def mount(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The path where the authentication engine is mounted.
         """
         return pulumi.get(self, "mount")
 
     @mount.setter
-    def mount(self, value: Optional[pulumi.Input[str]]):
+    def mount(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "mount", value)
 
     @property
     @pulumi.getter
-    def namespace(self) -> Optional[pulumi.Input[str]]:
+    def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The authentication engine's namespace. Conflicts with use_root_namespace
         """
         return pulumi.get(self, "namespace")
 
     @namespace.setter
-    def namespace(self, value: Optional[pulumi.Input[str]]):
+    def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "namespace", value)
 
     @property
     @pulumi.getter(name="serviceAccount")
-    def service_account(self) -> Optional[pulumi.Input[str]]:
+    def service_account(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         IAM service account.
         """
         return pulumi.get(self, "service_account")
 
     @service_account.setter
-    def service_account(self, value: Optional[pulumi.Input[str]]):
+    def service_account(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "service_account", value)
 
     @property
     @pulumi.getter(name="useRootNamespace")
-    def use_root_namespace(self) -> Optional[pulumi.Input[bool]]:
+    def use_root_namespace(self) -> Optional[pulumi.Input[builtins.bool]]:
         """
         Authenticate to the root Vault namespace. Conflicts with namespace
         """
         return pulumi.get(self, "use_root_namespace")
 
     @use_root_namespace.setter
-    def use_root_namespace(self, value: Optional[pulumi.Input[bool]]):
+    def use_root_namespace(self, value: Optional[pulumi.Input[builtins.bool]]):
         pulumi.set(self, "use_root_namespace", value)
 
 
 if not MYPY:
     class ProviderAuthLoginJwtArgsDict(TypedDict):
-        jwt: pulumi.Input[str]
+        jwt: pulumi.Input[builtins.str]
         """
         A signed JSON Web Token.
         """
-        role: pulumi.Input[str]
+        role: pulumi.Input[builtins.str]
         """
         Name of the login role.
         """
-        mount: NotRequired[pulumi.Input[str]]
+        mount: NotRequired[pulumi.Input[builtins.str]]
         """
         The path where the authentication engine is mounted.
         """
-        namespace: NotRequired[pulumi.Input[str]]
+        namespace: NotRequired[pulumi.Input[builtins.str]]
         """
         The authentication engine's namespace. Conflicts with use_root_namespace
         """
-        use_root_namespace: NotRequired[pulumi.Input[bool]]
+        use_root_namespace: NotRequired[pulumi.Input[builtins.bool]]
         """
         Authenticate to the root Vault namespace. Conflicts with namespace
         """
@@ -1236,17 +1237,17 @@ elif False:
 @pulumi.input_type
 class ProviderAuthLoginJwtArgs:
     def __init__(__self__, *,
-                 jwt: pulumi.Input[str],
-                 role: pulumi.Input[str],
-                 mount: Optional[pulumi.Input[str]] = None,
-                 namespace: Optional[pulumi.Input[str]] = None,
-                 use_root_namespace: Optional[pulumi.Input[bool]] = None):
-        """
-        :param pulumi.Input[str] jwt: A signed JSON Web Token.
-        :param pulumi.Input[str] role: Name of the login role.
-        :param pulumi.Input[str] mount: The path where the authentication engine is mounted.
-        :param pulumi.Input[str] namespace: The authentication engine's namespace. Conflicts with use_root_namespace
-        :param pulumi.Input[bool] use_root_namespace: Authenticate to the root Vault namespace. Conflicts with namespace
+                 jwt: pulumi.Input[builtins.str],
+                 role: pulumi.Input[builtins.str],
+                 mount: Optional[pulumi.Input[builtins.str]] = None,
+                 namespace: Optional[pulumi.Input[builtins.str]] = None,
+                 use_root_namespace: Optional[pulumi.Input[builtins.bool]] = None):
+        """
+        :param pulumi.Input[builtins.str] jwt: A signed JSON Web Token.
+        :param pulumi.Input[builtins.str] role: Name of the login role.
+        :param pulumi.Input[builtins.str] mount: The path where the authentication engine is mounted.
+        :param pulumi.Input[builtins.str] namespace: The authentication engine's namespace. Conflicts with use_root_namespace
+        :param pulumi.Input[builtins.bool] use_root_namespace: Authenticate to the root Vault namespace. Conflicts with namespace
         """
         pulumi.set(__self__, "jwt", jwt)
         pulumi.set(__self__, "role", role)
@@ -1259,108 +1260,108 @@ class ProviderAuthLoginJwtArgs:
 
     @property
     @pulumi.getter
-    def jwt(self) -> pulumi.Input[str]:
+    def jwt(self) -> pulumi.Input[builtins.str]:
         """
         A signed JSON Web Token.
         """
         return pulumi.get(self, "jwt")
 
     @jwt.setter
-    def jwt(self, value: pulumi.Input[str]):
+    def jwt(self, value: pulumi.Input[builtins.str]):
         pulumi.set(self, "jwt", value)
 
     @property
     @pulumi.getter
-    def role(self) -> pulumi.Input[str]:
+    def role(self) -> pulumi.Input[builtins.str]:
         """
         Name of the login role.
         """
         return pulumi.get(self, "role")
 
     @role.setter
-    def role(self, value: pulumi.Input[str]):
+    def role(self, value: pulumi.Input[builtins.str]):
         pulumi.set(self, "role", value)
 
     @property
     @pulumi.getter
-    def mount(self) -> Optional[pulumi.Input[str]]:
+    def mount(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The path where the authentication engine is mounted.
         """
         return pulumi.get(self, "mount")
 
     @mount.setter
-    def mount(self, value: Optional[pulumi.Input[str]]):
+    def mount(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "mount", value)
 
     @property
     @pulumi.getter
-    def namespace(self) -> Optional[pulumi.Input[str]]:
+    def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The authentication engine's namespace. Conflicts with use_root_namespace
         """
         return pulumi.get(self, "namespace")
 
     @namespace.setter
-    def namespace(self, value: Optional[pulumi.Input[str]]):
+    def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "namespace", value)
 
     @property
     @pulumi.getter(name="useRootNamespace")
-    def use_root_namespace(self) -> Optional[pulumi.Input[bool]]:
+    def use_root_namespace(self) -> Optional[pulumi.Input[builtins.bool]]:
         """
         Authenticate to the root Vault namespace. Conflicts with namespace
         """
         return pulumi.get(self, "use_root_namespace")
 
     @use_root_namespace.setter
-    def use_root_namespace(self, value: Optional[pulumi.Input[bool]]):
+    def use_root_namespace(self, value: Optional[pulumi.Input[builtins.bool]]):
         pulumi.set(self, "use_root_namespace", value)
 
 
 if not MYPY:
     class ProviderAuthLoginKerberosArgsDict(TypedDict):
-        disable_fast_negotiation: NotRequired[pulumi.Input[bool]]
+        disable_fast_negotiation: NotRequired[pulumi.Input[builtins.bool]]
         """
         Disable the Kerberos FAST negotiation.
         """
-        keytab_path: NotRequired[pulumi.Input[str]]
+        keytab_path: NotRequired[pulumi.Input[builtins.str]]
         """
         The Kerberos keytab file containing the entry of the login entity.
         """
-        krb5conf_path: NotRequired[pulumi.Input[str]]
+        krb5conf_path: NotRequired[pulumi.Input[builtins.str]]
         """
         A valid Kerberos configuration file e.g. /etc/krb5.conf.
         """
-        mount: NotRequired[pulumi.Input[str]]
+        mount: NotRequired[pulumi.Input[builtins.str]]
         """
         The path where the authentication engine is mounted.
         """
-        namespace: NotRequired[pulumi.Input[str]]
+        namespace: NotRequired[pulumi.Input[builtins.str]]
         """
         The authentication engine's namespace. Conflicts with use_root_namespace
         """
-        realm: NotRequired[pulumi.Input[str]]
+        realm: NotRequired[pulumi.Input[builtins.str]]
         """
         The Kerberos server's authoritative authentication domain
         """
-        remove_instance_name: NotRequired[pulumi.Input[bool]]
+        remove_instance_name: NotRequired[pulumi.Input[builtins.bool]]
         """
         Strip the host from the username found in the keytab.
         """
-        service: NotRequired[pulumi.Input[str]]
+        service: NotRequired[pulumi.Input[builtins.str]]
         """
         The service principle name.
         """
-        token: NotRequired[pulumi.Input[str]]
+        token: NotRequired[pulumi.Input[builtins.str]]
         """
         Simple and Protected GSSAPI Negotiation Mechanism (SPNEGO) token
         """
-        use_root_namespace: NotRequired[pulumi.Input[bool]]
+        use_root_namespace: NotRequired[pulumi.Input[builtins.bool]]
         """
         Authenticate to the root Vault namespace. Conflicts with namespace
         """
-        username: NotRequired[pulumi.Input[str]]
+        username: NotRequired[pulumi.Input[builtins.str]]
         """
         The username to login into Kerberos with.
         """
@@ -1370,29 +1371,29 @@ elif False:
 @pulumi.input_type
 class ProviderAuthLoginKerberosArgs:
     def __init__(__self__, *,
-                 disable_fast_negotiation: Optional[pulumi.Input[bool]] = None,
-                 keytab_path: Optional[pulumi.Input[str]] = None,
-                 krb5conf_path: Optional[pulumi.Input[str]] = None,
-                 mount: Optional[pulumi.Input[str]] = None,
-                 namespace: Optional[pulumi.Input[str]] = None,
-                 realm: Optional[pulumi.Input[str]] = None,
-                 remove_instance_name: Optional[pulumi.Input[bool]] = None,
-                 service: Optional[pulumi.Input[str]] = None,
-                 token: Optional[pulumi.Input[str]] = None,
-                 use_root_namespace: Optional[pulumi.Input[bool]] = None,
-                 username: Optional[pulumi.Input[str]] = None):
-        """
-        :param pulumi.Input[bool] disable_fast_negotiation: Disable the Kerberos FAST negotiation.
-        :param pulumi.Input[str] keytab_path: The Kerberos keytab file containing the entry of the login entity.
-        :param pulumi.Input[str] krb5conf_path: A valid Kerberos configuration file e.g. /etc/krb5.conf.
-        :param pulumi.Input[str] mount: The path where the authentication engine is mounted.
-        :param pulumi.Input[str] namespace: The authentication engine's namespace. Conflicts with use_root_namespace
-        :param pulumi.Input[str] realm: The Kerberos server's authoritative authentication domain
-        :param pulumi.Input[bool] remove_instance_name: Strip the host from the username found in the keytab.
-        :param pulumi.Input[str] service: The service principle name.
-        :param pulumi.Input[str] token: Simple and Protected GSSAPI Negotiation Mechanism (SPNEGO) token
-        :param pulumi.Input[bool] use_root_namespace: Authenticate to the root Vault namespace. Conflicts with namespace
-        :param pulumi.Input[str] username: The username to login into Kerberos with.
+                 disable_fast_negotiation: Optional[pulumi.Input[builtins.bool]] = None,
+                 keytab_path: Optional[pulumi.Input[builtins.str]] = None,
+                 krb5conf_path: Optional[pulumi.Input[builtins.str]] = None,
+                 mount: Optional[pulumi.Input[builtins.str]] = None,
+                 namespace: Optional[pulumi.Input[builtins.str]] = None,
+                 realm: Optional[pulumi.Input[builtins.str]] = None,
+                 remove_instance_name: Optional[pulumi.Input[builtins.bool]] = None,
+                 service: Optional[pulumi.Input[builtins.str]] = None,
+                 token: Optional[pulumi.Input[builtins.str]] = None,
+                 use_root_namespace: Optional[pulumi.Input[builtins.bool]] = None,
+                 username: Optional[pulumi.Input[builtins.str]] = None):
+        """
+        :param pulumi.Input[builtins.bool] disable_fast_negotiation: Disable the Kerberos FAST negotiation.
+        :param pulumi.Input[builtins.str] keytab_path: The Kerberos keytab file containing the entry of the login entity.
+        :param pulumi.Input[builtins.str] krb5conf_path: A valid Kerberos configuration file e.g. /etc/krb5.conf.
+        :param pulumi.Input[builtins.str] mount: The path where the authentication engine is mounted.
+        :param pulumi.Input[builtins.str] namespace: The authentication engine's namespace. Conflicts with use_root_namespace
+        :param pulumi.Input[builtins.str] realm: The Kerberos server's authoritative authentication domain
+        :param pulumi.Input[builtins.bool] remove_instance_name: Strip the host from the username found in the keytab.
+        :param pulumi.Input[builtins.str] service: The service principle name.
+        :param pulumi.Input[builtins.str] token: Simple and Protected GSSAPI Negotiation Mechanism (SPNEGO) token
+        :param pulumi.Input[builtins.bool] use_root_namespace: Authenticate to the root Vault namespace. Conflicts with namespace
+        :param pulumi.Input[builtins.str] username: The username to login into Kerberos with.
         """
         if disable_fast_negotiation is not None:
             pulumi.set(__self__, "disable_fast_negotiation", disable_fast_negotiation)
@@ -1419,156 +1420,156 @@ class ProviderAuthLoginKerberosArgs:
 
     @property
     @pulumi.getter(name="disableFastNegotiation")
-    def disable_fast_negotiation(self) -> Optional[pulumi.Input[bool]]:
+    def disable_fast_negotiation(self) -> Optional[pulumi.Input[builtins.bool]]:
         """
         Disable the Kerberos FAST negotiation.
         """
         return pulumi.get(self, "disable_fast_negotiation")
 
     @disable_fast_negotiation.setter
-    def disable_fast_negotiation(self, value: Optional[pulumi.Input[bool]]):
+    def disable_fast_negotiation(self, value: Optional[pulumi.Input[builtins.bool]]):
         pulumi.set(self, "disable_fast_negotiation", value)
 
     @property
     @pulumi.getter(name="keytabPath")
-    def keytab_path(self) -> Optional[pulumi.Input[str]]:
+    def keytab_path(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The Kerberos keytab file containing the entry of the login entity.
         """
         return pulumi.get(self, "keytab_path")
 
     @keytab_path.setter
-    def keytab_path(self, value: Optional[pulumi.Input[str]]):
+    def keytab_path(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "keytab_path", value)
 
     @property
     @pulumi.getter(name="krb5confPath")
-    def krb5conf_path(self) -> Optional[pulumi.Input[str]]:
+    def krb5conf_path(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         A valid Kerberos configuration file e.g. /etc/krb5.conf.
         """
         return pulumi.get(self, "krb5conf_path")
 
     @krb5conf_path.setter
-    def krb5conf_path(self, value: Optional[pulumi.Input[str]]):
+    def krb5conf_path(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "krb5conf_path", value)
 
     @property
     @pulumi.getter
-    def mount(self) -> Optional[pulumi.Input[str]]:
+    def mount(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The path where the authentication engine is mounted.
         """
         return pulumi.get(self, "mount")
 
     @mount.setter
-    def mount(self, value: Optional[pulumi.Input[str]]):
+    def mount(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "mount", value)
 
     @property
     @pulumi.getter
-    def namespace(self) -> Optional[pulumi.Input[str]]:
+    def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The authentication engine's namespace. Conflicts with use_root_namespace
         """
         return pulumi.get(self, "namespace")
 
     @namespace.setter
-    def namespace(self, value: Optional[pulumi.Input[str]]):
+    def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "namespace", value)
 
     @property
     @pulumi.getter
-    def realm(self) -> Optional[pulumi.Input[str]]:
+    def realm(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The Kerberos server's authoritative authentication domain
         """
         return pulumi.get(self, "realm")
 
     @realm.setter
-    def realm(self, value: Optional[pulumi.Input[str]]):
+    def realm(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "realm", value)
 
     @property
     @pulumi.getter(name="removeInstanceName")
-    def remove_instance_name(self) -> Optional[pulumi.Input[bool]]:
+    def remove_instance_name(self) -> Optional[pulumi.Input[builtins.bool]]:
         """
         Strip the host from the username found in the keytab.
         """
         return pulumi.get(self, "remove_instance_name")
 
     @remove_instance_name.setter
-    def remove_instance_name(self, value: Optional[pulumi.Input[bool]]):
+    def remove_instance_name(self, value: Optional[pulumi.Input[builtins.bool]]):
         pulumi.set(self, "remove_instance_name", value)
 
     @property
     @pulumi.getter
-    def service(self) -> Optional[pulumi.Input[str]]:
+    def service(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The service principle name.
         """
         return pulumi.get(self, "service")
 
     @service.setter
-    def service(self, value: Optional[pulumi.Input[str]]):
+    def service(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "service", value)
 
     @property
     @pulumi.getter
-    def token(self) -> Optional[pulumi.Input[str]]:
+    def token(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         Simple and Protected GSSAPI Negotiation Mechanism (SPNEGO) token
         """
         return pulumi.get(self, "token")
 
     @token.setter
-    def token(self, value: Optional[pulumi.Input[str]]):
+    def token(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "token", value)
 
     @property
     @pulumi.getter(name="useRootNamespace")
-    def use_root_namespace(self) -> Optional[pulumi.Input[bool]]:
+    def use_root_namespace(self) -> Optional[pulumi.Input[builtins.bool]]:
         """
         Authenticate to the root Vault namespace. Conflicts with namespace
         """
         return pulumi.get(self, "use_root_namespace")
 
     @use_root_namespace.setter
-    def use_root_namespace(self, value: Optional[pulumi.Input[bool]]):
+    def use_root_namespace(self, value: Optional[pulumi.Input[builtins.bool]]):
         pulumi.set(self, "use_root_namespace", value)
 
     @property
     @pulumi.getter
-    def username(self) -> Optional[pulumi.Input[str]]:
+    def username(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The username to login into Kerberos with.
         """
         return pulumi.get(self, "username")
 
     @username.setter
-    def username(self, value: Optional[pulumi.Input[str]]):
+    def username(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "username", value)
 
 
 if not MYPY:
     class ProviderAuthLoginOciArgsDict(TypedDict):
-        auth_type: pulumi.Input[str]
+        auth_type: pulumi.Input[builtins.str]
         """
         Authentication type to use when getting OCI credentials.
         """
-        role: pulumi.Input[str]
+        role: pulumi.Input[builtins.str]
         """
         Name of the login role.
         """
-        mount: NotRequired[pulumi.Input[str]]
+        mount: NotRequired[pulumi.Input[builtins.str]]
         """
         The path where the authentication engine is mounted.
         """
-        namespace: NotRequired[pulumi.Input[str]]
+        namespace: NotRequired[pulumi.Input[builtins.str]]
         """
         The authentication engine's namespace. Conflicts with use_root_namespace
         """
-        use_root_namespace: NotRequired[pulumi.Input[bool]]
+        use_root_namespace: NotRequired[pulumi.Input[builtins.bool]]
         """
         Authenticate to the root Vault namespace. Conflicts with namespace
         """
@@ -1578,17 +1579,17 @@ elif False:
 @pulumi.input_type
 class ProviderAuthLoginOciArgs:
     def __init__(__self__, *,
-                 auth_type: pulumi.Input[str],
-                 role: pulumi.Input[str],
-                 mount: Optional[pulumi.Input[str]] = None,
-                 namespace: Optional[pulumi.Input[str]] = None,
-                 use_root_namespace: Optional[pulumi.Input[bool]] = None):
-        """
-        :param pulumi.Input[str] auth_type: Authentication type to use when getting OCI credentials.
-        :param pulumi.Input[str] role: Name of the login role.
-        :param pulumi.Input[str] mount: The path where the authentication engine is mounted.
-        :param pulumi.Input[str] namespace: The authentication engine's namespace. Conflicts with use_root_namespace
-        :param pulumi.Input[bool] use_root_namespace: Authenticate to the root Vault namespace. Conflicts with namespace
+                 auth_type: pulumi.Input[builtins.str],
+                 role: pulumi.Input[builtins.str],
+                 mount: Optional[pulumi.Input[builtins.str]] = None,
+                 namespace: Optional[pulumi.Input[builtins.str]] = None,
+                 use_root_namespace: Optional[pulumi.Input[builtins.bool]] = None):
+        """
+        :param pulumi.Input[builtins.str] auth_type: Authentication type to use when getting OCI credentials.
+        :param pulumi.Input[builtins.str] role: Name of the login role.
+        :param pulumi.Input[builtins.str] mount: The path where the authentication engine is mounted.
+        :param pulumi.Input[builtins.str] namespace: The authentication engine's namespace. Conflicts with use_root_namespace
+        :param pulumi.Input[builtins.bool] use_root_namespace: Authenticate to the root Vault namespace. Conflicts with namespace
         """
         pulumi.set(__self__, "auth_type", auth_type)
         pulumi.set(__self__, "role", role)
@@ -1601,88 +1602,88 @@ class ProviderAuthLoginOciArgs:
 
     @property
     @pulumi.getter(name="authType")
-    def auth_type(self) -> pulumi.Input[str]:
+    def auth_type(self) -> pulumi.Input[builtins.str]:
         """
         Authentication type to use when getting OCI credentials.
         """
         return pulumi.get(self, "auth_type")
 
     @auth_type.setter
-    def auth_type(self, value: pulumi.Input[str]):
+    def auth_type(self, value: pulumi.Input[builtins.str]):
         pulumi.set(self, "auth_type", value)
 
     @property
     @pulumi.getter
-    def role(self) -> pulumi.Input[str]:
+    def role(self) -> pulumi.Input[builtins.str]:
         """
         Name of the login role.
         """
         return pulumi.get(self, "role")
 
     @role.setter
-    def role(self, value: pulumi.Input[str]):
+    def role(self, value: pulumi.Input[builtins.str]):
         pulumi.set(self, "role", value)
 
     @property
     @pulumi.getter
-    def mount(self) -> Optional[pulumi.Input[str]]:
+    def mount(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The path where the authentication engine is mounted.
         """
         return pulumi.get(self, "mount")
 
     @mount.setter
-    def mount(self, value: Optional[pulumi.Input[str]]):
+    def mount(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "mount", value)
 
     @property
     @pulumi.getter
-    def namespace(self) -> Optional[pulumi.Input[str]]:
+    def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The authentication engine's namespace. Conflicts with use_root_namespace
         """
         return pulumi.get(self, "namespace")
 
     @namespace.setter
-    def namespace(self, value: Optional[pulumi.Input[str]]):
+    def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "namespace", value)
 
     @property
     @pulumi.getter(name="useRootNamespace")
-    def use_root_namespace(self) -> Optional[pulumi.Input[bool]]:
+    def use_root_namespace(self) -> Optional[pulumi.Input[builtins.bool]]:
         """
         Authenticate to the root Vault namespace. Conflicts with namespace
         """
         return pulumi.get(self, "use_root_namespace")
 
     @use_root_namespace.setter
-    def use_root_namespace(self, value: Optional[pulumi.Input[bool]]):
+    def use_root_namespace(self, value: Optional[pulumi.Input[builtins.bool]]):
         pulumi.set(self, "use_root_namespace", value)
 
 
 if not MYPY:
     class ProviderAuthLoginOidcArgsDict(TypedDict):
-        role: pulumi.Input[str]
+        role: pulumi.Input[builtins.str]
         """
         Name of the login role.
         """
-        callback_address: NotRequired[pulumi.Input[str]]
+        callback_address: NotRequired[pulumi.Input[builtins.str]]
         """
         The callback address. Must be a valid URI without the path.
         """
-        callback_listener_address: NotRequired[pulumi.Input[str]]
+        callback_listener_address: NotRequired[pulumi.Input[builtins.str]]
         """
         The callback listener's address. Must be a valid URI without the path.
         """
-        mount: NotRequired[pulumi.Input[str]]
+        mount: NotRequired[pulumi.Input[builtins.str]]
         """
         The path where the authentication engine is mounted.
         """
-        namespace: NotRequired[pulumi.Input[str]]
+        namespace: NotRequired[pulumi.Input[builtins.str]]
         """
         The authentication engine's namespace. Conflicts with use_root_namespace
         """
-        use_root_namespace: NotRequired[pulumi.Input[bool]]
+        use_root_namespace: NotRequired[pulumi.Input[builtins.bool]]
         """
         Authenticate to the root Vault namespace. Conflicts with namespace
         """
@@ -1692,19 +1693,19 @@ elif False:
 @pulumi.input_type
 class ProviderAuthLoginOidcArgs:
     def __init__(__self__, *,
-                 role: pulumi.Input[str],
-                 callback_address: Optional[pulumi.Input[str]] = None,
-                 callback_listener_address: Optional[pulumi.Input[str]] = None,
-                 mount: Optional[pulumi.Input[str]] = None,
-                 namespace: Optional[pulumi.Input[str]] = None,
-                 use_root_namespace: Optional[pulumi.Input[bool]] = None):
-        """
-        :param pulumi.Input[str] role: Name of the login role.
-        :param pulumi.Input[str] callback_address: The callback address. Must be a valid URI without the path.
-        :param pulumi.Input[str] callback_listener_address: The callback listener's address. Must be a valid URI without the path.
-        :param pulumi.Input[str] mount: The path where the authentication engine is mounted.
-        :param pulumi.Input[str] namespace: The authentication engine's namespace. Conflicts with use_root_namespace
-        :param pulumi.Input[bool] use_root_namespace: Authenticate to the root Vault namespace. Conflicts with namespace
+                 role: pulumi.Input[builtins.str],
+                 callback_address: Optional[pulumi.Input[builtins.str]] = None,
+                 callback_listener_address: Optional[pulumi.Input[builtins.str]] = None,
+                 mount: Optional[pulumi.Input[builtins.str]] = None,
+                 namespace: Optional[pulumi.Input[builtins.str]] = None,
+                 use_root_namespace: Optional[pulumi.Input[builtins.bool]] = None):
+        """
+        :param pulumi.Input[builtins.str] role: Name of the login role.
+        :param pulumi.Input[builtins.str] callback_address: The callback address. Must be a valid URI without the path.
+        :param pulumi.Input[builtins.str] callback_listener_address: The callback listener's address. Must be a valid URI without the path.
+        :param pulumi.Input[builtins.str] mount: The path where the authentication engine is mounted.
+        :param pulumi.Input[builtins.str] namespace: The authentication engine's namespace. Conflicts with use_root_namespace
+        :param pulumi.Input[builtins.bool] use_root_namespace: Authenticate to the root Vault namespace. Conflicts with namespace
         """
         pulumi.set(__self__, "role", role)
         if callback_address is not None:
@@ -1720,96 +1721,96 @@ class ProviderAuthLoginOidcArgs:
 
     @property
     @pulumi.getter
-    def role(self) -> pulumi.Input[str]:
+    def role(self) -> pulumi.Input[builtins.str]:
         """
         Name of the login role.
         """
         return pulumi.get(self, "role")
 
     @role.setter
-    def role(self, value: pulumi.Input[str]):
+    def role(self, value: pulumi.Input[builtins.str]):
         pulumi.set(self, "role", value)
 
     @property
     @pulumi.getter(name="callbackAddress")
-    def callback_address(self) -> Optional[pulumi.Input[str]]:
+    def callback_address(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The callback address. Must be a valid URI without the path.
         """
         return pulumi.get(self, "callback_address")
 
     @callback_address.setter
-    def callback_address(self, value: Optional[pulumi.Input[str]]):
+    def callback_address(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "callback_address", value)
 
     @property
     @pulumi.getter(name="callbackListenerAddress")
-    def callback_listener_address(self) -> Optional[pulumi.Input[str]]:
+    def callback_listener_address(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The callback listener's address. Must be a valid URI without the path.
         """
         return pulumi.get(self, "callback_listener_address")
 
     @callback_listener_address.setter
-    def callback_listener_address(self, value: Optional[pulumi.Input[str]]):
+    def callback_listener_address(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "callback_listener_address", value)
 
     @property
     @pulumi.getter
-    def mount(self) -> Optional[pulumi.Input[str]]:
+    def mount(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The path where the authentication engine is mounted.
         """
         return pulumi.get(self, "mount")
 
     @mount.setter
-    def mount(self, value: Optional[pulumi.Input[str]]):
+    def mount(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "mount", value)
 
     @property
     @pulumi.getter
-    def namespace(self) -> Optional[pulumi.Input[str]]:
+    def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The authentication engine's namespace. Conflicts with use_root_namespace
         """
         return pulumi.get(self, "namespace")
 
     @namespace.setter
-    def namespace(self, value: Optional[pulumi.Input[str]]):
+    def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "namespace", value)
 
     @property
     @pulumi.getter(name="useRootNamespace")
-    def use_root_namespace(self) -> Optional[pulumi.Input[bool]]:
+    def use_root_namespace(self) -> Optional[pulumi.Input[builtins.bool]]:
         """
         Authenticate to the root Vault namespace. Conflicts with namespace
         """
         return pulumi.get(self, "use_root_namespace")
 
     @use_root_namespace.setter
-    def use_root_namespace(self, value: Optional[pulumi.Input[bool]]):
+    def use_root_namespace(self, value: Optional[pulumi.Input[builtins.bool]]):
         pulumi.set(self, "use_root_namespace", value)
 
 
 if not MYPY:
     class ProviderAuthLoginRadiusArgsDict(TypedDict):
-        password: pulumi.Input[str]
+        password: pulumi.Input[builtins.str]
         """
         The Radius password for username.
         """
-        username: pulumi.Input[str]
+        username: pulumi.Input[builtins.str]
         """
         The Radius username.
         """
-        mount: NotRequired[pulumi.Input[str]]
+        mount: NotRequired[pulumi.Input[builtins.str]]
         """
         The path where the authentication engine is mounted.
         """
-        namespace: NotRequired[pulumi.Input[str]]
+        namespace: NotRequired[pulumi.Input[builtins.str]]
         """
         The authentication engine's namespace. Conflicts with use_root_namespace
         """
-        use_root_namespace: NotRequired[pulumi.Input[bool]]
+        use_root_namespace: NotRequired[pulumi.Input[builtins.bool]]
         """
         Authenticate to the root Vault namespace. Conflicts with namespace
         """
@@ -1819,17 +1820,17 @@ elif False:
 @pulumi.input_type
 class ProviderAuthLoginRadiusArgs:
     def __init__(__self__, *,
-                 password: pulumi.Input[str],
-                 username: pulumi.Input[str],
-                 mount: Optional[pulumi.Input[str]] = None,
-                 namespace: Optional[pulumi.Input[str]] = None,
-                 use_root_namespace: Optional[pulumi.Input[bool]] = None):
-        """
-        :param pulumi.Input[str] password: The Radius password for username.
-        :param pulumi.Input[str] username: The Radius username.
-        :param pulumi.Input[str] mount: The path where the authentication engine is mounted.
-        :param pulumi.Input[str] namespace: The authentication engine's namespace. Conflicts with use_root_namespace
-        :param pulumi.Input[bool] use_root_namespace: Authenticate to the root Vault namespace. Conflicts with namespace
+                 password: pulumi.Input[builtins.str],
+                 username: pulumi.Input[builtins.str],
+                 mount: Optional[pulumi.Input[builtins.str]] = None,
+                 namespace: Optional[pulumi.Input[builtins.str]] = None,
+                 use_root_namespace: Optional[pulumi.Input[builtins.bool]] = None):
+        """
+        :param pulumi.Input[builtins.str] password: The Radius password for username.
+        :param pulumi.Input[builtins.str] username: The Radius username.
+        :param pulumi.Input[builtins.str] mount: The path where the authentication engine is mounted.
+        :param pulumi.Input[builtins.str] namespace: The authentication engine's namespace. Conflicts with use_root_namespace
+        :param pulumi.Input[builtins.bool] use_root_namespace: Authenticate to the root Vault namespace. Conflicts with namespace
         """
         pulumi.set(__self__, "password", password)
         pulumi.set(__self__, "username", username)
@@ -1842,76 +1843,76 @@ class ProviderAuthLoginRadiusArgs:
 
     @property
     @pulumi.getter
-    def password(self) -> pulumi.Input[str]:
+    def password(self) -> pulumi.Input[builtins.str]:
         """
         The Radius password for username.
         """
         return pulumi.get(self, "password")
 
     @password.setter
-    def password(self, value: pulumi.Input[str]):
+    def password(self, value: pulumi.Input[builtins.str]):
         pulumi.set(self, "password", value)
 
     @property
     @pulumi.getter
-    def username(self) -> pulumi.Input[str]:
+    def username(self) -> pulumi.Input[builtins.str]:
         """
         The Radius username.
         """
         return pulumi.get(self, "username")
 
     @username.setter
-    def username(self, value: pulumi.Input[str]):
+    def username(self, value: pulumi.Input[builtins.str]):
         pulumi.set(self, "username", value)
 
     @property
     @pulumi.getter
-    def mount(self) -> Optional[pulumi.Input[str]]:
+    def mount(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The path where the authentication engine is mounted.
         """
         return pulumi.get(self, "mount")
 
     @mount.setter
-    def mount(self, value: Optional[pulumi.Input[str]]):
+    def mount(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "mount", value)
 
     @property
     @pulumi.getter
-    def namespace(self) -> Optional[pulumi.Input[str]]:
+    def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The authentication engine's namespace. Conflicts with use_root_namespace
         """
         return pulumi.get(self, "namespace")
 
     @namespace.setter
-    def namespace(self, value: Optional[pulumi.Input[str]]):
+    def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "namespace", value)
 
     @property
     @pulumi.getter(name="useRootNamespace")
-    def use_root_namespace(self) -> Optional[pulumi.Input[bool]]:
+    def use_root_namespace(self) -> Optional[pulumi.Input[builtins.bool]]:
         """
         Authenticate to the root Vault namespace. Conflicts with namespace
         """
         return pulumi.get(self, "use_root_namespace")
 
     @use_root_namespace.setter
-    def use_root_namespace(self, value: Optional[pulumi.Input[bool]]):
+    def use_root_namespace(self, value: Optional[pulumi.Input[builtins.bool]]):
         pulumi.set(self, "use_root_namespace", value)
 
 
 if not MYPY:
     class ProviderAuthLoginTokenFileArgsDict(TypedDict):
-        filename: pulumi.Input[str]
+        filename: pulumi.Input[builtins.str]
         """
         The name of a file containing a single line that is a valid Vault token
         """
-        namespace: NotRequired[pulumi.Input[str]]
+        namespace: NotRequired[pulumi.Input[builtins.str]]
         """
         The authentication engine's namespace. Conflicts with use_root_namespace
         """
-        use_root_namespace: NotRequired[pulumi.Input[bool]]
+        use_root_namespace: NotRequired[pulumi.Input[builtins.bool]]
         """
         Authenticate to the root Vault namespace. Conflicts with namespace
         """
@@ -1921,13 +1922,13 @@ elif False:
 @pulumi.input_type
 class ProviderAuthLoginTokenFileArgs:
     def __init__(__self__, *,
-                 filename: pulumi.Input[str],
-                 namespace: Optional[pulumi.Input[str]] = None,
-                 use_root_namespace: Optional[pulumi.Input[bool]] = None):
+                 filename: pulumi.Input[builtins.str],
+                 namespace: Optional[pulumi.Input[builtins.str]] = None,
+                 use_root_namespace: Optional[pulumi.Input[builtins.bool]] = None):
         """
-        :param pulumi.Input[str] filename: The name of a file containing a single line that is a valid Vault token
-        :param pulumi.Input[str] namespace: The authentication engine's namespace. Conflicts with use_root_namespace
-        :param pulumi.Input[bool] use_root_namespace: Authenticate to the root Vault namespace. Conflicts with namespace
+        :param pulumi.Input[builtins.str] filename: The name of a file containing a single line that is a valid Vault token
+        :param pulumi.Input[builtins.str] namespace: The authentication engine's namespace. Conflicts with use_root_namespace
+        :param pulumi.Input[builtins.bool] use_root_namespace: Authenticate to the root Vault namespace. Conflicts with namespace
         """
         pulumi.set(__self__, "filename", filename)
         if namespace is not None:
@@ -1937,64 +1938,64 @@ class ProviderAuthLoginTokenFileArgs:
 
     @property
     @pulumi.getter
-    def filename(self) -> pulumi.Input[str]:
+    def filename(self) -> pulumi.Input[builtins.str]:
         """
         The name of a file containing a single line that is a valid Vault token
         """
         return pulumi.get(self, "filename")
 
     @filename.setter
-    def filename(self, value: pulumi.Input[str]):
+    def filename(self, value: pulumi.Input[builtins.str]):
         pulumi.set(self, "filename", value)
 
     @property
     @pulumi.getter
-    def namespace(self) -> Optional[pulumi.Input[str]]:
+    def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The authentication engine's namespace. Conflicts with use_root_namespace
         """
         return pulumi.get(self, "namespace")
 
     @namespace.setter
-    def namespace(self, value: Optional[pulumi.Input[str]]):
+    def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "namespace", value)
 
     @property
     @pulumi.getter(name="useRootNamespace")
-    def use_root_namespace(self) -> Optional[pulumi.Input[bool]]:
+    def use_root_namespace(self) -> Optional[pulumi.Input[builtins.bool]]:
         """
         Authenticate to the root Vault namespace. Conflicts with namespace
         """
         return pulumi.get(self, "use_root_namespace")
 
     @use_root_namespace.setter
-    def use_root_namespace(self, value: Optional[pulumi.Input[bool]]):
+    def use_root_namespace(self, value: Optional[pulumi.Input[builtins.bool]]):
         pulumi.set(self, "use_root_namespace", value)
 
 
 if not MYPY:
     class ProviderAuthLoginUserpassArgsDict(TypedDict):
-        username: pulumi.Input[str]
+        username: pulumi.Input[builtins.str]
         """
         Login with username
         """
-        mount: NotRequired[pulumi.Input[str]]
+        mount: NotRequired[pulumi.Input[builtins.str]]
         """
         The path where the authentication engine is mounted.
         """
-        namespace: NotRequired[pulumi.Input[str]]
+        namespace: NotRequired[pulumi.Input[builtins.str]]
         """
         The authentication engine's namespace. Conflicts with use_root_namespace
         """
-        password: NotRequired[pulumi.Input[str]]
+        password: NotRequired[pulumi.Input[builtins.str]]
         """
         Login with password
         """
-        password_file: NotRequired[pulumi.Input[str]]
+        password_file: NotRequired[pulumi.Input[builtins.str]]
         """
         Login with password from a file
         """
-        use_root_namespace: NotRequired[pulumi.Input[bool]]
+        use_root_namespace: NotRequired[pulumi.Input[builtins.bool]]
         """
         Authenticate to the root Vault namespace. Conflicts with namespace
         """
@@ -2004,19 +2005,19 @@ elif False:
 @pulumi.input_type
 class ProviderAuthLoginUserpassArgs:
     def __init__(__self__, *,
-                 username: pulumi.Input[str],
-                 mount: Optional[pulumi.Input[str]] = None,
-                 namespace: Optional[pulumi.Input[str]] = None,
-                 password: Optional[pulumi.Input[str]] = None,
-                 password_file: Optional[pulumi.Input[str]] = None,
-                 use_root_namespace: Optional[pulumi.Input[bool]] = None):
-        """
-        :param pulumi.Input[str] username: Login with username
-        :param pulumi.Input[str] mount: The path where the authentication engine is mounted.
-        :param pulumi.Input[str] namespace: The authentication engine's namespace. Conflicts with use_root_namespace
-        :param pulumi.Input[str] password: Login with password
-        :param pulumi.Input[str] password_file: Login with password from a file
-        :param pulumi.Input[bool] use_root_namespace: Authenticate to the root Vault namespace. Conflicts with namespace
+                 username: pulumi.Input[builtins.str],
+                 mount: Optional[pulumi.Input[builtins.str]] = None,
+                 namespace: Optional[pulumi.Input[builtins.str]] = None,
+                 password: Optional[pulumi.Input[builtins.str]] = None,
+                 password_file: Optional[pulumi.Input[builtins.str]] = None,
+                 use_root_namespace: Optional[pulumi.Input[builtins.bool]] = None):
+        """
+        :param pulumi.Input[builtins.str] username: Login with username
+        :param pulumi.Input[builtins.str] mount: The path where the authentication engine is mounted.
+        :param pulumi.Input[builtins.str] namespace: The authentication engine's namespace. Conflicts with use_root_namespace
+        :param pulumi.Input[builtins.str] password: Login with password
+        :param pulumi.Input[builtins.str] password_file: Login with password from a file
+        :param pulumi.Input[builtins.bool] use_root_namespace: Authenticate to the root Vault namespace. Conflicts with namespace
         """
         pulumi.set(__self__, "username", username)
         if mount is not None:
@@ -2032,84 +2033,84 @@ class ProviderAuthLoginUserpassArgs:
 
     @property
     @pulumi.getter
-    def username(self) -> pulumi.Input[str]:
+    def username(self) -> pulumi.Input[builtins.str]:
         """
         Login with username
         """
         return pulumi.get(self, "username")
 
     @username.setter
-    def username(self, value: pulumi.Input[str]):
+    def username(self, value: pulumi.Input[builtins.str]):
         pulumi.set(self, "username", value)
 
     @property
     @pulumi.getter
-    def mount(self) -> Optional[pulumi.Input[str]]:
+    def mount(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The path where the authentication engine is mounted.
         """
         return pulumi.get(self, "mount")
 
     @mount.setter
-    def mount(self, value: Optional[pulumi.Input[str]]):
+    def mount(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "mount", value)
 
     @property
     @pulumi.getter
-    def namespace(self) -> Optional[pulumi.Input[str]]:
+    def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The authentication engine's namespace. Conflicts with use_root_namespace
         """
         return pulumi.get(self, "namespace")
 
     @namespace.setter
-    def namespace(self, value: Optional[pulumi.Input[str]]):
+    def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "namespace", value)
 
     @property
     @pulumi.getter
-    def password(self) -> Optional[pulumi.Input[str]]:
+    def password(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         Login with password
         """
         return pulumi.get(self, "password")
 
     @password.setter
-    def password(self, value: Optional[pulumi.Input[str]]):
+    def password(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "password", value)
 
     @property
     @pulumi.getter(name="passwordFile")
-    def password_file(self) -> Optional[pulumi.Input[str]]:
+    def password_file(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         Login with password from a file
         """
         return pulumi.get(self, "password_file")
 
     @password_file.setter
-    def password_file(self, value: Optional[pulumi.Input[str]]):
+    def password_file(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "password_file", value)
 
     @property
     @pulumi.getter(name="useRootNamespace")
-    def use_root_namespace(self) -> Optional[pulumi.Input[bool]]:
+    def use_root_namespace(self) -> Optional[pulumi.Input[builtins.bool]]:
         """
         Authenticate to the root Vault namespace. Conflicts with namespace
         """
         return pulumi.get(self, "use_root_namespace")
 
     @use_root_namespace.setter
-    def use_root_namespace(self, value: Optional[pulumi.Input[bool]]):
+    def use_root_namespace(self, value: Optional[pulumi.Input[builtins.bool]]):
         pulumi.set(self, "use_root_namespace", value)
 
 
 if not MYPY:
     class ProviderClientAuthArgsDict(TypedDict):
-        cert_file: pulumi.Input[str]
+        cert_file: pulumi.Input[builtins.str]
         """
         Path to a file containing the client certificate.
         """
-        key_file: pulumi.Input[str]
+        key_file: pulumi.Input[builtins.str]
         """
         Path to a file containing the private key that the certificate was issued for.
         """
@@ -2119,47 +2120,47 @@ elif False:
 @pulumi.input_type
 class ProviderClientAuthArgs:
     def __init__(__self__, *,
-                 cert_file: pulumi.Input[str],
-                 key_file: pulumi.Input[str]):
+                 cert_file: pulumi.Input[builtins.str],
+                 key_file: pulumi.Input[builtins.str]):
         """
-        :param pulumi.Input[str] cert_file: Path to a file containing the client certificate.
-        :param pulumi.Input[str] key_file: Path to a file containing the private key that the certificate was issued for.
+        :param pulumi.Input[builtins.str] cert_file: Path to a file containing the client certificate.
+        :param pulumi.Input[builtins.str] key_file: Path to a file containing the private key that the certificate was issued for.
         """
         pulumi.set(__self__, "cert_file", cert_file)
         pulumi.set(__self__, "key_file", key_file)
 
     @property
     @pulumi.getter(name="certFile")
-    def cert_file(self) -> pulumi.Input[str]:
+    def cert_file(self) -> pulumi.Input[builtins.str]:
         """
         Path to a file containing the client certificate.
         """
         return pulumi.get(self, "cert_file")
 
     @cert_file.setter
-    def cert_file(self, value: pulumi.Input[str]):
+    def cert_file(self, value: pulumi.Input[builtins.str]):
         pulumi.set(self, "cert_file", value)
 
     @property
     @pulumi.getter(name="keyFile")
-    def key_file(self) -> pulumi.Input[str]:
+    def key_file(self) -> pulumi.Input[builtins.str]:
         """
         Path to a file containing the private key that the certificate was issued for.
         """
         return pulumi.get(self, "key_file")
 
     @key_file.setter
-    def key_file(self, value: pulumi.Input[str]):
+    def key_file(self, value: pulumi.Input[builtins.str]):
         pulumi.set(self, "key_file", value)
 
 
 if not MYPY:
     class ProviderHeaderArgsDict(TypedDict):
-        name: pulumi.Input[str]
+        name: pulumi.Input[builtins.str]
         """
         The header name
         """
-        value: pulumi.Input[str]
+        value: pulumi.Input[builtins.str]
         """
         The header value
         """
@@ -2169,47 +2170,47 @@ elif False:
 @pulumi.input_type
 class ProviderHeaderArgs:
     def __init__(__self__, *,
-                 name: pulumi.Input[str],
-                 value: pulumi.Input[str]):
+                 name: pulumi.Input[builtins.str],
+                 value: pulumi.Input[builtins.str]):
         """
-        :param pulumi.Input[str] name: The header name
-        :param pulumi.Input[str] value: The header value
+        :param pulumi.Input[builtins.str] name: The header name
+        :param pulumi.Input[builtins.str] value: The header value
         """
         pulumi.set(__self__, "name", name)
         pulumi.set(__self__, "value", value)
 
     @property
     @pulumi.getter
-    def name(self) -> pulumi.Input[str]:
+    def name(self) -> pulumi.Input[builtins.str]:
         """
         The header name
         """
         return pulumi.get(self, "name")
 
     @name.setter
-    def name(self, value: pulumi.Input[str]):
+    def name(self, value: pulumi.Input[builtins.str]):
         pulumi.set(self, "name", value)
 
     @property
     @pulumi.getter
-    def value(self) -> pulumi.Input[str]:
+    def value(self) -> pulumi.Input[builtins.str]:
         """
         The header value
         """
         return pulumi.get(self, "value")
 
     @value.setter
-    def value(self, value: pulumi.Input[str]):
+    def value(self, value: pulumi.Input[builtins.str]):
         pulumi.set(self, "value", value)
 
 
 if not MYPY:
     class GetPolicyDocumentRuleArgsDict(TypedDict):
-        capabilities: Sequence[str]
+        capabilities: Sequence[builtins.str]
         """
         A list of capabilities that this rule apply to `path`. For example, ["read", "write"].
         """
-        path: str
+        path: builtins.str
         """
         A path in Vault that this rule applies to.
         """
@@ -2221,45 +2222,51 @@ if not MYPY:
         """
         Blacklists a list of parameter and values. Any values specified here take precedence over `allowed_parameter`. See Parameters below.
         """
-        description: NotRequired[str]
+        description: NotRequired[builtins.str]
         """
         Description of the rule. Will be added as a comment to rendered rule.
         """
-        max_wrapping_ttl: NotRequired[str]
+        max_wrapping_ttl: NotRequired[builtins.str]
         """
         The maximum allowed TTL that clients can specify for a wrapped response.
         """
-        min_wrapping_ttl: NotRequired[str]
+        min_wrapping_ttl: NotRequired[builtins.str]
         """
         The minimum allowed TTL that clients can specify for a wrapped response.
         """
-        required_parameters: NotRequired[Sequence[str]]
+        required_parameters: NotRequired[Sequence[builtins.str]]
         """
         A list of parameters that must be specified.
         """
+        subscribe_event_types: NotRequired[Sequence[builtins.str]]
+        """
+        A list of event types to subscribe to when using `subscribe` capability.
+        """
 elif False:
     GetPolicyDocumentRuleArgsDict: TypeAlias = Mapping[str, Any]
 
 @pulumi.input_type
 class GetPolicyDocumentRuleArgs:
     def __init__(__self__, *,
-                 capabilities: Sequence[str],
-                 path: str,
+                 capabilities: Sequence[builtins.str],
+                 path: builtins.str,
                  allowed_parameters: Optional[Sequence['GetPolicyDocumentRuleAllowedParameterArgs']] = None,
                  denied_parameters: Optional[Sequence['GetPolicyDocumentRuleDeniedParameterArgs']] = None,
-                 description: Optional[str] = None,
-                 max_wrapping_ttl: Optional[str] = None,
-                 min_wrapping_ttl: Optional[str] = None,
-                 required_parameters: Optional[Sequence[str]] = None):
-        """
-        :param Sequence[str] capabilities: A list of capabilities that this rule apply to `path`. For example, ["read", "write"].
-        :param str path: A path in Vault that this rule applies to.
+                 description: Optional[builtins.str] = None,
+                 max_wrapping_ttl: Optional[builtins.str] = None,
+                 min_wrapping_ttl: Optional[builtins.str] = None,
+                 required_parameters: Optional[Sequence[builtins.str]] = None,
+                 subscribe_event_types: Optional[Sequence[builtins.str]] = None):
+        """
+        :param Sequence[builtins.str] capabilities: A list of capabilities that this rule apply to `path`. For example, ["read", "write"].
+        :param builtins.str path: A path in Vault that this rule applies to.
         :param Sequence['GetPolicyDocumentRuleAllowedParameterArgs'] allowed_parameters: Whitelists a list of keys and values that are permitted on the given path. See Parameters below.
         :param Sequence['GetPolicyDocumentRuleDeniedParameterArgs'] denied_parameters: Blacklists a list of parameter and values. Any values specified here take precedence over `allowed_parameter`. See Parameters below.
-        :param str description: Description of the rule. Will be added as a comment to rendered rule.
-        :param str max_wrapping_ttl: The maximum allowed TTL that clients can specify for a wrapped response.
-        :param str min_wrapping_ttl: The minimum allowed TTL that clients can specify for a wrapped response.
-        :param Sequence[str] required_parameters: A list of parameters that must be specified.
+        :param builtins.str description: Description of the rule. Will be added as a comment to rendered rule.
+        :param builtins.str max_wrapping_ttl: The maximum allowed TTL that clients can specify for a wrapped response.
+        :param builtins.str min_wrapping_ttl: The minimum allowed TTL that clients can specify for a wrapped response.
+        :param Sequence[builtins.str] required_parameters: A list of parameters that must be specified.
+        :param Sequence[builtins.str] subscribe_event_types: A list of event types to subscribe to when using `subscribe` capability.
         """
         pulumi.set(__self__, "capabilities", capabilities)
         pulumi.set(__self__, "path", path)
@@ -2275,29 +2282,31 @@ class GetPolicyDocumentRuleArgs:
             pulumi.set(__self__, "min_wrapping_ttl", min_wrapping_ttl)
         if required_parameters is not None:
             pulumi.set(__self__, "required_parameters", required_parameters)
+        if subscribe_event_types is not None:
+            pulumi.set(__self__, "subscribe_event_types", subscribe_event_types)
 
     @property
     @pulumi.getter
-    def capabilities(self) -> Sequence[str]:
+    def capabilities(self) -> Sequence[builtins.str]:
         """
         A list of capabilities that this rule apply to `path`. For example, ["read", "write"].
         """
         return pulumi.get(self, "capabilities")
 
     @capabilities.setter
-    def capabilities(self, value: Sequence[str]):
+    def capabilities(self, value: Sequence[builtins.str]):
         pulumi.set(self, "capabilities", value)
 
     @property
     @pulumi.getter
-    def path(self) -> str:
+    def path(self) -> builtins.str:
         """
         A path in Vault that this rule applies to.
         """
         return pulumi.get(self, "path")
 
     @path.setter
-    def path(self, value: str):
+    def path(self, value: builtins.str):
         pulumi.set(self, "path", value)
 
     @property
@@ -2326,62 +2335,74 @@ class GetPolicyDocumentRuleArgs:
 
     @property
     @pulumi.getter
-    def description(self) -> Optional[str]:
+    def description(self) -> Optional[builtins.str]:
         """
         Description of the rule. Will be added as a comment to rendered rule.
         """
         return pulumi.get(self, "description")
 
     @description.setter
-    def description(self, value: Optional[str]):
+    def description(self, value: Optional[builtins.str]):
         pulumi.set(self, "description", value)
 
     @property
     @pulumi.getter(name="maxWrappingTtl")
-    def max_wrapping_ttl(self) -> Optional[str]:
+    def max_wrapping_ttl(self) -> Optional[builtins.str]:
         """
         The maximum allowed TTL that clients can specify for a wrapped response.
         """
         return pulumi.get(self, "max_wrapping_ttl")
 
     @max_wrapping_ttl.setter
-    def max_wrapping_ttl(self, value: Optional[str]):
+    def max_wrapping_ttl(self, value: Optional[builtins.str]):
         pulumi.set(self, "max_wrapping_ttl", value)
 
     @property
     @pulumi.getter(name="minWrappingTtl")
-    def min_wrapping_ttl(self) -> Optional[str]:
+    def min_wrapping_ttl(self) -> Optional[builtins.str]:
         """
         The minimum allowed TTL that clients can specify for a wrapped response.
         """
         return pulumi.get(self, "min_wrapping_ttl")
 
     @min_wrapping_ttl.setter
-    def min_wrapping_ttl(self, value: Optional[str]):
+    def min_wrapping_ttl(self, value: Optional[builtins.str]):
         pulumi.set(self, "min_wrapping_ttl", value)
 
     @property
     @pulumi.getter(name="requiredParameters")
-    def required_parameters(self) -> Optional[Sequence[str]]:
+    def required_parameters(self) -> Optional[Sequence[builtins.str]]:
         """
         A list of parameters that must be specified.
         """
         return pulumi.get(self, "required_parameters")
 
     @required_parameters.setter
-    def required_parameters(self, value: Optional[Sequence[str]]):
+    def required_parameters(self, value: Optional[Sequence[builtins.str]]):
         pulumi.set(self, "required_parameters", value)
 
+    @property
+    @pulumi.getter(name="subscribeEventTypes")
+    def subscribe_event_types(self) -> Optional[Sequence[builtins.str]]:
+        """
+        A list of event types to subscribe to when using `subscribe` capability.
+        """
+        return pulumi.get(self, "subscribe_event_types")
+
+    @subscribe_event_types.setter
+    def subscribe_event_types(self, value: Optional[Sequence[builtins.str]]):
+        pulumi.set(self, "subscribe_event_types", value)
+
 
 if not MYPY:
     class GetPolicyDocumentRuleAllowedParameterArgsDict(TypedDict):
-        key: str
+        key: builtins.str
         """
-        name of permitted or denied parameter.
+        Name of permitted key.
         """
-        values: Sequence[str]
+        values: Sequence[builtins.str]
         """
-        list of values what are permitted or denied by policy rule.
+        A list of values what are permitted by policy rule.
         """
 elif False:
     GetPolicyDocumentRuleAllowedParameterArgsDict: TypeAlias = Mapping[str, Any]
@@ -2389,49 +2410,49 @@ elif False:
 @pulumi.input_type
 class GetPolicyDocumentRuleAllowedParameterArgs:
     def __init__(__self__, *,
-                 key: str,
-                 values: Sequence[str]):
+                 key: builtins.str,
+                 values: Sequence[builtins.str]):
         """
-        :param str key: name of permitted or denied parameter.
-        :param Sequence[str] values: list of values what are permitted or denied by policy rule.
+        :param builtins.str key: Name of permitted key.
+        :param Sequence[builtins.str] values: A list of values what are permitted by policy rule.
         """
         pulumi.set(__self__, "key", key)
         pulumi.set(__self__, "values", values)
 
     @property
     @pulumi.getter
-    def key(self) -> str:
+    def key(self) -> builtins.str:
         """
-        name of permitted or denied parameter.
+        Name of permitted key.
         """
         return pulumi.get(self, "key")
 
     @key.setter
-    def key(self, value: str):
+    def key(self, value: builtins.str):
         pulumi.set(self, "key", value)
 
     @property
     @pulumi.getter
-    def values(self) -> Sequence[str]:
+    def values(self) -> Sequence[builtins.str]:
         """
-        list of values what are permitted or denied by policy rule.
+        A list of values what are permitted by policy rule.
         """
         return pulumi.get(self, "values")
 
     @values.setter
-    def values(self, value: Sequence[str]):
+    def values(self, value: Sequence[builtins.str]):
         pulumi.set(self, "values", value)
 
 
 if not MYPY:
     class GetPolicyDocumentRuleDeniedParameterArgsDict(TypedDict):
-        key: str
+        key: builtins.str
         """
-        name of permitted or denied parameter.
+        Name of denied key.
         """
-        values: Sequence[str]
+        values: Sequence[builtins.str]
         """
-        list of values what are permitted or denied by policy rule.
+        A list of values what are denied by policy rule.
         """
 elif False:
     GetPolicyDocumentRuleDeniedParameterArgsDict: TypeAlias = Mapping[str, Any]
@@ -2439,37 +2460,37 @@ elif False:
 @pulumi.input_type
 class GetPolicyDocumentRuleDeniedParameterArgs:
     def __init__(__self__, *,
-                 key: str,
-                 values: Sequence[str]):
+                 key: builtins.str,
+                 values: Sequence[builtins.str]):
         """
-        :param str key: name of permitted or denied parameter.
-        :param Sequence[str] values: list of values what are permitted or denied by policy rule.
+        :param builtins.str key: Name of denied key.
+        :param Sequence[builtins.str] values: A list of values what are denied by policy rule.
         """
         pulumi.set(__self__, "key", key)
         pulumi.set(__self__, "values", values)
 
     @property
     @pulumi.getter
-    def key(self) -> str:
+    def key(self) -> builtins.str:
         """
-        name of permitted or denied parameter.
+        Name of denied key.
         """
         return pulumi.get(self, "key")
 
     @key.setter
-    def key(self, value: str):
+    def key(self, value: builtins.str):
         pulumi.set(self, "key", value)
 
     @property
     @pulumi.getter
-    def values(self) -> Sequence[str]:
+    def values(self) -> Sequence[builtins.str]:
         """
-        list of values what are permitted or denied by policy rule.
+        A list of values what are denied by policy rule.
         """
         return pulumi.get(self, "values")
 
     @values.setter
-    def values(self, value: Sequence[str]):
+    def values(self, value: Sequence[builtins.str]):
         pulumi.set(self, "values", value)