pulumi-vault 6.6.0a1741836364__py3-none-any.whl → 6.7.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (264) hide show
  1. pulumi_vault/__init__.py +1 -0
  2. pulumi_vault/_inputs.py +583 -562
  3. pulumi_vault/ad/__init__.py +1 -0
  4. pulumi_vault/ad/get_access_credentials.py +20 -19
  5. pulumi_vault/ad/secret_backend.py +477 -476
  6. pulumi_vault/ad/secret_library.py +99 -98
  7. pulumi_vault/ad/secret_role.py +85 -84
  8. pulumi_vault/alicloud/__init__.py +1 -0
  9. pulumi_vault/alicloud/auth_backend_role.py +183 -182
  10. pulumi_vault/approle/__init__.py +1 -0
  11. pulumi_vault/approle/auth_backend_login.py +106 -105
  12. pulumi_vault/approle/auth_backend_role.py +239 -238
  13. pulumi_vault/approle/auth_backend_role_secret_id.py +162 -161
  14. pulumi_vault/approle/get_auth_backend_role_id.py +18 -17
  15. pulumi_vault/audit.py +85 -84
  16. pulumi_vault/audit_request_header.py +43 -42
  17. pulumi_vault/auth_backend.py +106 -105
  18. pulumi_vault/aws/__init__.py +1 -0
  19. pulumi_vault/aws/auth_backend_cert.py +71 -70
  20. pulumi_vault/aws/auth_backend_client.py +253 -252
  21. pulumi_vault/aws/auth_backend_config_identity.py +85 -84
  22. pulumi_vault/aws/auth_backend_identity_whitelist.py +57 -56
  23. pulumi_vault/aws/auth_backend_login.py +209 -208
  24. pulumi_vault/aws/auth_backend_role.py +400 -399
  25. pulumi_vault/aws/auth_backend_role_tag.py +127 -126
  26. pulumi_vault/aws/auth_backend_roletag_blacklist.py +57 -56
  27. pulumi_vault/aws/auth_backend_sts_role.py +71 -70
  28. pulumi_vault/aws/get_access_credentials.py +44 -43
  29. pulumi_vault/aws/get_static_access_credentials.py +13 -12
  30. pulumi_vault/aws/secret_backend.py +337 -336
  31. pulumi_vault/aws/secret_backend_role.py +211 -210
  32. pulumi_vault/aws/secret_backend_static_role.py +113 -112
  33. pulumi_vault/azure/__init__.py +1 -0
  34. pulumi_vault/azure/_inputs.py +21 -20
  35. pulumi_vault/azure/auth_backend_config.py +183 -182
  36. pulumi_vault/azure/auth_backend_role.py +253 -252
  37. pulumi_vault/azure/backend.py +239 -238
  38. pulumi_vault/azure/backend_role.py +188 -140
  39. pulumi_vault/azure/get_access_credentials.py +58 -57
  40. pulumi_vault/azure/outputs.py +11 -10
  41. pulumi_vault/cert_auth_backend_role.py +365 -364
  42. pulumi_vault/config/__init__.py +1 -0
  43. pulumi_vault/config/__init__.pyi +1 -0
  44. pulumi_vault/config/_inputs.py +11 -10
  45. pulumi_vault/config/outputs.py +287 -286
  46. pulumi_vault/config/ui_custom_message.py +113 -112
  47. pulumi_vault/config/vars.py +1 -0
  48. pulumi_vault/consul/__init__.py +1 -0
  49. pulumi_vault/consul/secret_backend.py +197 -196
  50. pulumi_vault/consul/secret_backend_role.py +183 -182
  51. pulumi_vault/database/__init__.py +1 -0
  52. pulumi_vault/database/_inputs.py +2525 -2524
  53. pulumi_vault/database/outputs.py +1529 -1528
  54. pulumi_vault/database/secret_backend_connection.py +169 -168
  55. pulumi_vault/database/secret_backend_role.py +169 -168
  56. pulumi_vault/database/secret_backend_static_role.py +179 -178
  57. pulumi_vault/database/secrets_mount.py +267 -266
  58. pulumi_vault/egp_policy.py +71 -70
  59. pulumi_vault/gcp/__init__.py +1 -0
  60. pulumi_vault/gcp/_inputs.py +82 -81
  61. pulumi_vault/gcp/auth_backend.py +260 -259
  62. pulumi_vault/gcp/auth_backend_role.py +281 -280
  63. pulumi_vault/gcp/get_auth_backend_role.py +70 -69
  64. pulumi_vault/gcp/outputs.py +50 -49
  65. pulumi_vault/gcp/secret_backend.py +232 -231
  66. pulumi_vault/gcp/secret_impersonated_account.py +92 -91
  67. pulumi_vault/gcp/secret_roleset.py +92 -91
  68. pulumi_vault/gcp/secret_static_account.py +92 -91
  69. pulumi_vault/generic/__init__.py +1 -0
  70. pulumi_vault/generic/endpoint.py +113 -112
  71. pulumi_vault/generic/get_secret.py +28 -27
  72. pulumi_vault/generic/secret.py +78 -77
  73. pulumi_vault/get_auth_backend.py +19 -18
  74. pulumi_vault/get_auth_backends.py +14 -13
  75. pulumi_vault/get_namespace.py +15 -14
  76. pulumi_vault/get_namespaces.py +68 -18
  77. pulumi_vault/get_nomad_access_token.py +19 -18
  78. pulumi_vault/get_policy_document.py +6 -5
  79. pulumi_vault/get_raft_autopilot_state.py +18 -17
  80. pulumi_vault/github/__init__.py +1 -0
  81. pulumi_vault/github/_inputs.py +42 -41
  82. pulumi_vault/github/auth_backend.py +232 -231
  83. pulumi_vault/github/outputs.py +26 -25
  84. pulumi_vault/github/team.py +57 -56
  85. pulumi_vault/github/user.py +57 -56
  86. pulumi_vault/identity/__init__.py +1 -0
  87. pulumi_vault/identity/entity.py +85 -84
  88. pulumi_vault/identity/entity_alias.py +71 -70
  89. pulumi_vault/identity/entity_policies.py +64 -63
  90. pulumi_vault/identity/get_entity.py +43 -42
  91. pulumi_vault/identity/get_group.py +50 -49
  92. pulumi_vault/identity/get_oidc_client_creds.py +14 -13
  93. pulumi_vault/identity/get_oidc_openid_config.py +24 -23
  94. pulumi_vault/identity/get_oidc_public_keys.py +13 -12
  95. pulumi_vault/identity/group.py +141 -140
  96. pulumi_vault/identity/group_alias.py +57 -56
  97. pulumi_vault/identity/group_member_entity_ids.py +57 -56
  98. pulumi_vault/identity/group_member_group_ids.py +57 -56
  99. pulumi_vault/identity/group_policies.py +64 -63
  100. pulumi_vault/identity/mfa_duo.py +148 -147
  101. pulumi_vault/identity/mfa_login_enforcement.py +120 -119
  102. pulumi_vault/identity/mfa_okta.py +134 -133
  103. pulumi_vault/identity/mfa_pingid.py +127 -126
  104. pulumi_vault/identity/mfa_totp.py +176 -175
  105. pulumi_vault/identity/oidc.py +29 -28
  106. pulumi_vault/identity/oidc_assignment.py +57 -56
  107. pulumi_vault/identity/oidc_client.py +127 -126
  108. pulumi_vault/identity/oidc_key.py +85 -84
  109. pulumi_vault/identity/oidc_key_allowed_client_id.py +43 -42
  110. pulumi_vault/identity/oidc_provider.py +92 -91
  111. pulumi_vault/identity/oidc_role.py +85 -84
  112. pulumi_vault/identity/oidc_scope.py +57 -56
  113. pulumi_vault/identity/outputs.py +32 -31
  114. pulumi_vault/jwt/__init__.py +1 -0
  115. pulumi_vault/jwt/_inputs.py +42 -41
  116. pulumi_vault/jwt/auth_backend.py +288 -287
  117. pulumi_vault/jwt/auth_backend_role.py +407 -406
  118. pulumi_vault/jwt/outputs.py +26 -25
  119. pulumi_vault/kmip/__init__.py +1 -0
  120. pulumi_vault/kmip/secret_backend.py +183 -182
  121. pulumi_vault/kmip/secret_role.py +295 -294
  122. pulumi_vault/kmip/secret_scope.py +57 -56
  123. pulumi_vault/kubernetes/__init__.py +1 -0
  124. pulumi_vault/kubernetes/auth_backend_config.py +141 -140
  125. pulumi_vault/kubernetes/auth_backend_role.py +225 -224
  126. pulumi_vault/kubernetes/get_auth_backend_config.py +47 -46
  127. pulumi_vault/kubernetes/get_auth_backend_role.py +70 -69
  128. pulumi_vault/kubernetes/get_service_account_token.py +38 -37
  129. pulumi_vault/kubernetes/secret_backend.py +316 -315
  130. pulumi_vault/kubernetes/secret_backend_role.py +197 -196
  131. pulumi_vault/kv/__init__.py +1 -0
  132. pulumi_vault/kv/_inputs.py +21 -20
  133. pulumi_vault/kv/get_secret.py +17 -16
  134. pulumi_vault/kv/get_secret_subkeys_v2.py +30 -29
  135. pulumi_vault/kv/get_secret_v2.py +29 -28
  136. pulumi_vault/kv/get_secrets_list.py +13 -12
  137. pulumi_vault/kv/get_secrets_list_v2.py +19 -18
  138. pulumi_vault/kv/outputs.py +13 -12
  139. pulumi_vault/kv/secret.py +50 -49
  140. pulumi_vault/kv/secret_backend_v2.py +71 -70
  141. pulumi_vault/kv/secret_v2.py +134 -133
  142. pulumi_vault/ldap/__init__.py +1 -0
  143. pulumi_vault/ldap/auth_backend.py +588 -587
  144. pulumi_vault/ldap/auth_backend_group.py +57 -56
  145. pulumi_vault/ldap/auth_backend_user.py +71 -70
  146. pulumi_vault/ldap/get_dynamic_credentials.py +17 -16
  147. pulumi_vault/ldap/get_static_credentials.py +18 -17
  148. pulumi_vault/ldap/secret_backend.py +554 -553
  149. pulumi_vault/ldap/secret_backend_dynamic_role.py +127 -126
  150. pulumi_vault/ldap/secret_backend_library_set.py +99 -98
  151. pulumi_vault/ldap/secret_backend_static_role.py +99 -98
  152. pulumi_vault/managed/__init__.py +1 -0
  153. pulumi_vault/managed/_inputs.py +229 -228
  154. pulumi_vault/managed/keys.py +15 -14
  155. pulumi_vault/managed/outputs.py +139 -138
  156. pulumi_vault/mfa_duo.py +113 -112
  157. pulumi_vault/mfa_okta.py +113 -112
  158. pulumi_vault/mfa_pingid.py +120 -119
  159. pulumi_vault/mfa_totp.py +127 -126
  160. pulumi_vault/mongodbatlas/__init__.py +1 -0
  161. pulumi_vault/mongodbatlas/secret_backend.py +64 -63
  162. pulumi_vault/mongodbatlas/secret_role.py +155 -154
  163. pulumi_vault/mount.py +274 -273
  164. pulumi_vault/namespace.py +64 -63
  165. pulumi_vault/nomad_secret_backend.py +211 -210
  166. pulumi_vault/nomad_secret_role.py +85 -84
  167. pulumi_vault/okta/__init__.py +1 -0
  168. pulumi_vault/okta/_inputs.py +26 -25
  169. pulumi_vault/okta/auth_backend.py +274 -273
  170. pulumi_vault/okta/auth_backend_group.py +57 -56
  171. pulumi_vault/okta/auth_backend_user.py +71 -70
  172. pulumi_vault/okta/outputs.py +16 -15
  173. pulumi_vault/outputs.py +73 -60
  174. pulumi_vault/password_policy.py +43 -42
  175. pulumi_vault/pkisecret/__init__.py +1 -0
  176. pulumi_vault/pkisecret/_inputs.py +31 -30
  177. pulumi_vault/pkisecret/backend_acme_eab.py +92 -91
  178. pulumi_vault/pkisecret/backend_config_acme.py +141 -140
  179. pulumi_vault/pkisecret/backend_config_auto_tidy.py +323 -322
  180. pulumi_vault/pkisecret/backend_config_cluster.py +57 -56
  181. pulumi_vault/pkisecret/backend_config_cmpv2.py +106 -105
  182. pulumi_vault/pkisecret/backend_config_est.py +120 -119
  183. pulumi_vault/pkisecret/get_backend_cert_metadata.py +22 -21
  184. pulumi_vault/pkisecret/get_backend_config_cmpv2.py +22 -21
  185. pulumi_vault/pkisecret/get_backend_config_est.py +19 -18
  186. pulumi_vault/pkisecret/get_backend_issuer.py +45 -44
  187. pulumi_vault/pkisecret/get_backend_issuers.py +15 -14
  188. pulumi_vault/pkisecret/get_backend_key.py +20 -19
  189. pulumi_vault/pkisecret/get_backend_keys.py +15 -14
  190. pulumi_vault/pkisecret/outputs.py +28 -27
  191. pulumi_vault/pkisecret/secret_backend_cert.py +337 -336
  192. pulumi_vault/pkisecret/secret_backend_config_ca.py +43 -42
  193. pulumi_vault/pkisecret/secret_backend_config_issuers.py +57 -56
  194. pulumi_vault/pkisecret/secret_backend_config_urls.py +85 -84
  195. pulumi_vault/pkisecret/secret_backend_crl_config.py +197 -196
  196. pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +421 -420
  197. pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +57 -56
  198. pulumi_vault/pkisecret/secret_backend_issuer.py +232 -231
  199. pulumi_vault/pkisecret/secret_backend_key.py +120 -119
  200. pulumi_vault/pkisecret/secret_backend_role.py +715 -714
  201. pulumi_vault/pkisecret/secret_backend_root_cert.py +554 -553
  202. pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +526 -525
  203. pulumi_vault/pkisecret/secret_backend_sign.py +281 -280
  204. pulumi_vault/plugin.py +127 -126
  205. pulumi_vault/plugin_pinned_version.py +43 -42
  206. pulumi_vault/policy.py +43 -42
  207. pulumi_vault/provider.py +120 -119
  208. pulumi_vault/pulumi-plugin.json +1 -1
  209. pulumi_vault/quota_lease_count.py +85 -84
  210. pulumi_vault/quota_rate_limit.py +113 -112
  211. pulumi_vault/rabbitmq/__init__.py +1 -0
  212. pulumi_vault/rabbitmq/_inputs.py +41 -40
  213. pulumi_vault/rabbitmq/outputs.py +25 -24
  214. pulumi_vault/rabbitmq/secret_backend.py +169 -168
  215. pulumi_vault/rabbitmq/secret_backend_role.py +57 -56
  216. pulumi_vault/raft_autopilot.py +113 -112
  217. pulumi_vault/raft_snapshot_agent_config.py +393 -392
  218. pulumi_vault/rgp_policy.py +57 -56
  219. pulumi_vault/saml/__init__.py +1 -0
  220. pulumi_vault/saml/auth_backend.py +155 -154
  221. pulumi_vault/saml/auth_backend_role.py +239 -238
  222. pulumi_vault/secrets/__init__.py +1 -0
  223. pulumi_vault/secrets/_inputs.py +16 -15
  224. pulumi_vault/secrets/outputs.py +10 -9
  225. pulumi_vault/secrets/sync_association.py +71 -70
  226. pulumi_vault/secrets/sync_aws_destination.py +148 -147
  227. pulumi_vault/secrets/sync_azure_destination.py +148 -147
  228. pulumi_vault/secrets/sync_config.py +43 -42
  229. pulumi_vault/secrets/sync_gcp_destination.py +106 -105
  230. pulumi_vault/secrets/sync_gh_destination.py +134 -133
  231. pulumi_vault/secrets/sync_github_apps.py +64 -63
  232. pulumi_vault/secrets/sync_vercel_destination.py +120 -119
  233. pulumi_vault/ssh/__init__.py +1 -0
  234. pulumi_vault/ssh/_inputs.py +11 -10
  235. pulumi_vault/ssh/get_secret_backend_sign.py +52 -51
  236. pulumi_vault/ssh/outputs.py +7 -6
  237. pulumi_vault/ssh/secret_backend_ca.py +99 -98
  238. pulumi_vault/ssh/secret_backend_role.py +365 -364
  239. pulumi_vault/terraformcloud/__init__.py +1 -0
  240. pulumi_vault/terraformcloud/secret_backend.py +111 -110
  241. pulumi_vault/terraformcloud/secret_creds.py +74 -73
  242. pulumi_vault/terraformcloud/secret_role.py +93 -92
  243. pulumi_vault/token.py +246 -245
  244. pulumi_vault/tokenauth/__init__.py +1 -0
  245. pulumi_vault/tokenauth/auth_backend_role.py +267 -266
  246. pulumi_vault/transform/__init__.py +1 -0
  247. pulumi_vault/transform/alphabet.py +57 -56
  248. pulumi_vault/transform/get_decode.py +47 -46
  249. pulumi_vault/transform/get_encode.py +47 -46
  250. pulumi_vault/transform/role.py +57 -56
  251. pulumi_vault/transform/template.py +113 -112
  252. pulumi_vault/transform/transformation.py +141 -140
  253. pulumi_vault/transit/__init__.py +1 -0
  254. pulumi_vault/transit/get_decrypt.py +18 -17
  255. pulumi_vault/transit/get_encrypt.py +21 -20
  256. pulumi_vault/transit/get_sign.py +54 -53
  257. pulumi_vault/transit/get_verify.py +60 -59
  258. pulumi_vault/transit/secret_backend_key.py +274 -273
  259. pulumi_vault/transit/secret_cache_config.py +43 -42
  260. {pulumi_vault-6.6.0a1741836364.dist-info → pulumi_vault-6.7.0.dist-info}/METADATA +2 -2
  261. pulumi_vault-6.7.0.dist-info/RECORD +265 -0
  262. {pulumi_vault-6.6.0a1741836364.dist-info → pulumi_vault-6.7.0.dist-info}/WHEEL +1 -1
  263. pulumi_vault-6.6.0a1741836364.dist-info/RECORD +0 -265
  264. {pulumi_vault-6.6.0a1741836364.dist-info → pulumi_vault-6.7.0.dist-info}/top_level.txt +0 -0
@@ -2,6 +2,7 @@
2
2
  # *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
3
3
  # *** Do not edit by hand unless you're certain you know what you are doing! ***
4
4
 
5
+ import builtins
5
6
  import copy
6
7
  import warnings
7
8
  import sys
@@ -21,31 +22,31 @@ __all__ = ['AuthBackendArgs', 'AuthBackend']
21
22
  @pulumi.input_type
22
23
  class AuthBackendArgs:
23
24
  def __init__(__self__, *,
24
- client_email: Optional[pulumi.Input[str]] = None,
25
- client_id: Optional[pulumi.Input[str]] = None,
26
- credentials: Optional[pulumi.Input[str]] = None,
25
+ client_email: Optional[pulumi.Input[builtins.str]] = None,
26
+ client_id: Optional[pulumi.Input[builtins.str]] = None,
27
+ credentials: Optional[pulumi.Input[builtins.str]] = None,
27
28
  custom_endpoint: Optional[pulumi.Input['AuthBackendCustomEndpointArgs']] = None,
28
- description: Optional[pulumi.Input[str]] = None,
29
- disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
30
- disable_remount: Optional[pulumi.Input[bool]] = None,
31
- identity_token_audience: Optional[pulumi.Input[str]] = None,
32
- identity_token_key: Optional[pulumi.Input[str]] = None,
33
- identity_token_ttl: Optional[pulumi.Input[int]] = None,
34
- local: Optional[pulumi.Input[bool]] = None,
35
- namespace: Optional[pulumi.Input[str]] = None,
36
- path: Optional[pulumi.Input[str]] = None,
37
- private_key_id: Optional[pulumi.Input[str]] = None,
38
- project_id: Optional[pulumi.Input[str]] = None,
39
- rotation_period: Optional[pulumi.Input[int]] = None,
40
- rotation_schedule: Optional[pulumi.Input[str]] = None,
41
- rotation_window: Optional[pulumi.Input[int]] = None,
42
- service_account_email: Optional[pulumi.Input[str]] = None,
29
+ description: Optional[pulumi.Input[builtins.str]] = None,
30
+ disable_automated_rotation: Optional[pulumi.Input[builtins.bool]] = None,
31
+ disable_remount: Optional[pulumi.Input[builtins.bool]] = None,
32
+ identity_token_audience: Optional[pulumi.Input[builtins.str]] = None,
33
+ identity_token_key: Optional[pulumi.Input[builtins.str]] = None,
34
+ identity_token_ttl: Optional[pulumi.Input[builtins.int]] = None,
35
+ local: Optional[pulumi.Input[builtins.bool]] = None,
36
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
37
+ path: Optional[pulumi.Input[builtins.str]] = None,
38
+ private_key_id: Optional[pulumi.Input[builtins.str]] = None,
39
+ project_id: Optional[pulumi.Input[builtins.str]] = None,
40
+ rotation_period: Optional[pulumi.Input[builtins.int]] = None,
41
+ rotation_schedule: Optional[pulumi.Input[builtins.str]] = None,
42
+ rotation_window: Optional[pulumi.Input[builtins.int]] = None,
43
+ service_account_email: Optional[pulumi.Input[builtins.str]] = None,
43
44
  tune: Optional[pulumi.Input['AuthBackendTuneArgs']] = None):
44
45
  """
45
46
  The set of arguments for constructing a AuthBackend resource.
46
- :param pulumi.Input[str] client_email: The clients email associated with the credentials
47
- :param pulumi.Input[str] client_id: The Client ID of the credentials
48
- :param pulumi.Input[str] credentials: A JSON string containing the contents of a GCP credentials file. If this value is empty, Vault will try to use Application Default Credentials from the machine on which the Vault server is running.
47
+ :param pulumi.Input[builtins.str] client_email: The clients email associated with the credentials
48
+ :param pulumi.Input[builtins.str] client_id: The Client ID of the credentials
49
+ :param pulumi.Input[builtins.str] credentials: A JSON string containing the contents of a GCP credentials file. If this value is empty, Vault will try to use Application Default Credentials from the machine on which the Vault server is running.
49
50
  :param pulumi.Input['AuthBackendCustomEndpointArgs'] custom_endpoint: Specifies overrides to
50
51
  [service endpoints](https://cloud.google.com/apis/design/glossary#api_service_endpoint)
51
52
  used when making API requests. This allows specific requests made during authentication
@@ -53,32 +54,32 @@ class AuthBackendArgs:
53
54
  environments. Requires Vault 1.11+.
54
55
 
55
56
  Overrides are set at the subdomain level using the following keys:
56
- :param pulumi.Input[str] description: A description of the auth method.
57
- :param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
58
- :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
57
+ :param pulumi.Input[builtins.str] description: A description of the auth method.
58
+ :param pulumi.Input[builtins.bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
59
+ :param pulumi.Input[builtins.bool] disable_remount: If set, opts out of mount migration on path updates.
59
60
  See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
60
- :param pulumi.Input[str] identity_token_audience: The audience claim value for plugin identity
61
+ :param pulumi.Input[builtins.str] identity_token_audience: The audience claim value for plugin identity
61
62
  tokens. Must match an allowed audience configured for the target [Workload Identity Pool](https://cloud.google.com/iam/docs/workload-identity-federation-with-other-providers#prepare).
62
63
  Mutually exclusive with `credentials`. Requires Vault 1.17+. *Available only for Vault Enterprise*.
63
- :param pulumi.Input[str] identity_token_key: The key to use for signing plugin identity
64
+ :param pulumi.Input[builtins.str] identity_token_key: The key to use for signing plugin identity
64
65
  tokens. Requires Vault 1.17+. *Available only for Vault Enterprise*.
65
- :param pulumi.Input[int] identity_token_ttl: The TTL of generated tokens.
66
- :param pulumi.Input[bool] local: Specifies if the auth method is local only.
67
- :param pulumi.Input[str] namespace: The namespace to provision the resource in.
66
+ :param pulumi.Input[builtins.int] identity_token_ttl: The TTL of generated tokens.
67
+ :param pulumi.Input[builtins.bool] local: Specifies if the auth method is local only.
68
+ :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
68
69
  The value should not contain leading or trailing forward slashes.
69
70
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
70
71
  *Available only for Vault Enterprise*.
71
- :param pulumi.Input[str] path: The path to mount the auth method — this defaults to 'gcp'.
72
- :param pulumi.Input[str] private_key_id: The ID of the private key from the credentials
73
- :param pulumi.Input[str] project_id: The GCP Project ID
74
- :param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
72
+ :param pulumi.Input[builtins.str] path: The path to mount the auth method — this defaults to 'gcp'.
73
+ :param pulumi.Input[builtins.str] private_key_id: The ID of the private key from the credentials
74
+ :param pulumi.Input[builtins.str] project_id: The GCP Project ID
75
+ :param pulumi.Input[builtins.int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
75
76
  A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
76
- :param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
77
+ :param pulumi.Input[builtins.str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
77
78
  defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
78
- :param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
79
+ :param pulumi.Input[builtins.int] rotation_window: The maximum amount of time in seconds allowed to complete
79
80
  a rotation when a scheduled token rotation occurs. The default rotation window is
80
81
  unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
81
- :param pulumi.Input[str] service_account_email: Service Account to impersonate for plugin workload identity federation.
82
+ :param pulumi.Input[builtins.str] service_account_email: Service Account to impersonate for plugin workload identity federation.
82
83
  Required with `identity_token_audience`. Requires Vault 1.17+. *Available only for Vault Enterprise*.
83
84
  :param pulumi.Input['AuthBackendTuneArgs'] tune: Extra configuration block. Structure is documented below.
84
85
 
@@ -127,38 +128,38 @@ class AuthBackendArgs:
127
128
 
128
129
  @property
129
130
  @pulumi.getter(name="clientEmail")
130
- def client_email(self) -> Optional[pulumi.Input[str]]:
131
+ def client_email(self) -> Optional[pulumi.Input[builtins.str]]:
131
132
  """
132
133
  The clients email associated with the credentials
133
134
  """
134
135
  return pulumi.get(self, "client_email")
135
136
 
136
137
  @client_email.setter
137
- def client_email(self, value: Optional[pulumi.Input[str]]):
138
+ def client_email(self, value: Optional[pulumi.Input[builtins.str]]):
138
139
  pulumi.set(self, "client_email", value)
139
140
 
140
141
  @property
141
142
  @pulumi.getter(name="clientId")
142
- def client_id(self) -> Optional[pulumi.Input[str]]:
143
+ def client_id(self) -> Optional[pulumi.Input[builtins.str]]:
143
144
  """
144
145
  The Client ID of the credentials
145
146
  """
146
147
  return pulumi.get(self, "client_id")
147
148
 
148
149
  @client_id.setter
149
- def client_id(self, value: Optional[pulumi.Input[str]]):
150
+ def client_id(self, value: Optional[pulumi.Input[builtins.str]]):
150
151
  pulumi.set(self, "client_id", value)
151
152
 
152
153
  @property
153
154
  @pulumi.getter
154
- def credentials(self) -> Optional[pulumi.Input[str]]:
155
+ def credentials(self) -> Optional[pulumi.Input[builtins.str]]:
155
156
  """
156
157
  A JSON string containing the contents of a GCP credentials file. If this value is empty, Vault will try to use Application Default Credentials from the machine on which the Vault server is running.
157
158
  """
158
159
  return pulumi.get(self, "credentials")
159
160
 
160
161
  @credentials.setter
161
- def credentials(self, value: Optional[pulumi.Input[str]]):
162
+ def credentials(self, value: Optional[pulumi.Input[builtins.str]]):
162
163
  pulumi.set(self, "credentials", value)
163
164
 
164
165
  @property
@@ -181,31 +182,31 @@ class AuthBackendArgs:
181
182
 
182
183
  @property
183
184
  @pulumi.getter
184
- def description(self) -> Optional[pulumi.Input[str]]:
185
+ def description(self) -> Optional[pulumi.Input[builtins.str]]:
185
186
  """
186
187
  A description of the auth method.
187
188
  """
188
189
  return pulumi.get(self, "description")
189
190
 
190
191
  @description.setter
191
- def description(self, value: Optional[pulumi.Input[str]]):
192
+ def description(self, value: Optional[pulumi.Input[builtins.str]]):
192
193
  pulumi.set(self, "description", value)
193
194
 
194
195
  @property
195
196
  @pulumi.getter(name="disableAutomatedRotation")
196
- def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
197
+ def disable_automated_rotation(self) -> Optional[pulumi.Input[builtins.bool]]:
197
198
  """
198
199
  Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
199
200
  """
200
201
  return pulumi.get(self, "disable_automated_rotation")
201
202
 
202
203
  @disable_automated_rotation.setter
203
- def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
204
+ def disable_automated_rotation(self, value: Optional[pulumi.Input[builtins.bool]]):
204
205
  pulumi.set(self, "disable_automated_rotation", value)
205
206
 
206
207
  @property
207
208
  @pulumi.getter(name="disableRemount")
208
- def disable_remount(self) -> Optional[pulumi.Input[bool]]:
209
+ def disable_remount(self) -> Optional[pulumi.Input[builtins.bool]]:
209
210
  """
210
211
  If set, opts out of mount migration on path updates.
211
212
  See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
@@ -213,12 +214,12 @@ class AuthBackendArgs:
213
214
  return pulumi.get(self, "disable_remount")
214
215
 
215
216
  @disable_remount.setter
216
- def disable_remount(self, value: Optional[pulumi.Input[bool]]):
217
+ def disable_remount(self, value: Optional[pulumi.Input[builtins.bool]]):
217
218
  pulumi.set(self, "disable_remount", value)
218
219
 
219
220
  @property
220
221
  @pulumi.getter(name="identityTokenAudience")
221
- def identity_token_audience(self) -> Optional[pulumi.Input[str]]:
222
+ def identity_token_audience(self) -> Optional[pulumi.Input[builtins.str]]:
222
223
  """
223
224
  The audience claim value for plugin identity
224
225
  tokens. Must match an allowed audience configured for the target [Workload Identity Pool](https://cloud.google.com/iam/docs/workload-identity-federation-with-other-providers#prepare).
@@ -227,12 +228,12 @@ class AuthBackendArgs:
227
228
  return pulumi.get(self, "identity_token_audience")
228
229
 
229
230
  @identity_token_audience.setter
230
- def identity_token_audience(self, value: Optional[pulumi.Input[str]]):
231
+ def identity_token_audience(self, value: Optional[pulumi.Input[builtins.str]]):
231
232
  pulumi.set(self, "identity_token_audience", value)
232
233
 
233
234
  @property
234
235
  @pulumi.getter(name="identityTokenKey")
235
- def identity_token_key(self) -> Optional[pulumi.Input[str]]:
236
+ def identity_token_key(self) -> Optional[pulumi.Input[builtins.str]]:
236
237
  """
237
238
  The key to use for signing plugin identity
238
239
  tokens. Requires Vault 1.17+. *Available only for Vault Enterprise*.
@@ -240,36 +241,36 @@ class AuthBackendArgs:
240
241
  return pulumi.get(self, "identity_token_key")
241
242
 
242
243
  @identity_token_key.setter
243
- def identity_token_key(self, value: Optional[pulumi.Input[str]]):
244
+ def identity_token_key(self, value: Optional[pulumi.Input[builtins.str]]):
244
245
  pulumi.set(self, "identity_token_key", value)
245
246
 
246
247
  @property
247
248
  @pulumi.getter(name="identityTokenTtl")
248
- def identity_token_ttl(self) -> Optional[pulumi.Input[int]]:
249
+ def identity_token_ttl(self) -> Optional[pulumi.Input[builtins.int]]:
249
250
  """
250
251
  The TTL of generated tokens.
251
252
  """
252
253
  return pulumi.get(self, "identity_token_ttl")
253
254
 
254
255
  @identity_token_ttl.setter
255
- def identity_token_ttl(self, value: Optional[pulumi.Input[int]]):
256
+ def identity_token_ttl(self, value: Optional[pulumi.Input[builtins.int]]):
256
257
  pulumi.set(self, "identity_token_ttl", value)
257
258
 
258
259
  @property
259
260
  @pulumi.getter
260
- def local(self) -> Optional[pulumi.Input[bool]]:
261
+ def local(self) -> Optional[pulumi.Input[builtins.bool]]:
261
262
  """
262
263
  Specifies if the auth method is local only.
263
264
  """
264
265
  return pulumi.get(self, "local")
265
266
 
266
267
  @local.setter
267
- def local(self, value: Optional[pulumi.Input[bool]]):
268
+ def local(self, value: Optional[pulumi.Input[builtins.bool]]):
268
269
  pulumi.set(self, "local", value)
269
270
 
270
271
  @property
271
272
  @pulumi.getter
272
- def namespace(self) -> Optional[pulumi.Input[str]]:
273
+ def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
273
274
  """
274
275
  The namespace to provision the resource in.
275
276
  The value should not contain leading or trailing forward slashes.
@@ -279,48 +280,48 @@ class AuthBackendArgs:
279
280
  return pulumi.get(self, "namespace")
280
281
 
281
282
  @namespace.setter
282
- def namespace(self, value: Optional[pulumi.Input[str]]):
283
+ def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
283
284
  pulumi.set(self, "namespace", value)
284
285
 
285
286
  @property
286
287
  @pulumi.getter
287
- def path(self) -> Optional[pulumi.Input[str]]:
288
+ def path(self) -> Optional[pulumi.Input[builtins.str]]:
288
289
  """
289
290
  The path to mount the auth method — this defaults to 'gcp'.
290
291
  """
291
292
  return pulumi.get(self, "path")
292
293
 
293
294
  @path.setter
294
- def path(self, value: Optional[pulumi.Input[str]]):
295
+ def path(self, value: Optional[pulumi.Input[builtins.str]]):
295
296
  pulumi.set(self, "path", value)
296
297
 
297
298
  @property
298
299
  @pulumi.getter(name="privateKeyId")
299
- def private_key_id(self) -> Optional[pulumi.Input[str]]:
300
+ def private_key_id(self) -> Optional[pulumi.Input[builtins.str]]:
300
301
  """
301
302
  The ID of the private key from the credentials
302
303
  """
303
304
  return pulumi.get(self, "private_key_id")
304
305
 
305
306
  @private_key_id.setter
306
- def private_key_id(self, value: Optional[pulumi.Input[str]]):
307
+ def private_key_id(self, value: Optional[pulumi.Input[builtins.str]]):
307
308
  pulumi.set(self, "private_key_id", value)
308
309
 
309
310
  @property
310
311
  @pulumi.getter(name="projectId")
311
- def project_id(self) -> Optional[pulumi.Input[str]]:
312
+ def project_id(self) -> Optional[pulumi.Input[builtins.str]]:
312
313
  """
313
314
  The GCP Project ID
314
315
  """
315
316
  return pulumi.get(self, "project_id")
316
317
 
317
318
  @project_id.setter
318
- def project_id(self, value: Optional[pulumi.Input[str]]):
319
+ def project_id(self, value: Optional[pulumi.Input[builtins.str]]):
319
320
  pulumi.set(self, "project_id", value)
320
321
 
321
322
  @property
322
323
  @pulumi.getter(name="rotationPeriod")
323
- def rotation_period(self) -> Optional[pulumi.Input[int]]:
324
+ def rotation_period(self) -> Optional[pulumi.Input[builtins.int]]:
324
325
  """
325
326
  The amount of time in seconds Vault should wait before rotating the root credential.
326
327
  A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
@@ -328,12 +329,12 @@ class AuthBackendArgs:
328
329
  return pulumi.get(self, "rotation_period")
329
330
 
330
331
  @rotation_period.setter
331
- def rotation_period(self, value: Optional[pulumi.Input[int]]):
332
+ def rotation_period(self, value: Optional[pulumi.Input[builtins.int]]):
332
333
  pulumi.set(self, "rotation_period", value)
333
334
 
334
335
  @property
335
336
  @pulumi.getter(name="rotationSchedule")
336
- def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
337
+ def rotation_schedule(self) -> Optional[pulumi.Input[builtins.str]]:
337
338
  """
338
339
  The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
339
340
  defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
@@ -341,12 +342,12 @@ class AuthBackendArgs:
341
342
  return pulumi.get(self, "rotation_schedule")
342
343
 
343
344
  @rotation_schedule.setter
344
- def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
345
+ def rotation_schedule(self, value: Optional[pulumi.Input[builtins.str]]):
345
346
  pulumi.set(self, "rotation_schedule", value)
346
347
 
347
348
  @property
348
349
  @pulumi.getter(name="rotationWindow")
349
- def rotation_window(self) -> Optional[pulumi.Input[int]]:
350
+ def rotation_window(self) -> Optional[pulumi.Input[builtins.int]]:
350
351
  """
351
352
  The maximum amount of time in seconds allowed to complete
352
353
  a rotation when a scheduled token rotation occurs. The default rotation window is
@@ -355,12 +356,12 @@ class AuthBackendArgs:
355
356
  return pulumi.get(self, "rotation_window")
356
357
 
357
358
  @rotation_window.setter
358
- def rotation_window(self, value: Optional[pulumi.Input[int]]):
359
+ def rotation_window(self, value: Optional[pulumi.Input[builtins.int]]):
359
360
  pulumi.set(self, "rotation_window", value)
360
361
 
361
362
  @property
362
363
  @pulumi.getter(name="serviceAccountEmail")
363
- def service_account_email(self) -> Optional[pulumi.Input[str]]:
364
+ def service_account_email(self) -> Optional[pulumi.Input[builtins.str]]:
364
365
  """
365
366
  Service Account to impersonate for plugin workload identity federation.
366
367
  Required with `identity_token_audience`. Requires Vault 1.17+. *Available only for Vault Enterprise*.
@@ -368,7 +369,7 @@ class AuthBackendArgs:
368
369
  return pulumi.get(self, "service_account_email")
369
370
 
370
371
  @service_account_email.setter
371
- def service_account_email(self, value: Optional[pulumi.Input[str]]):
372
+ def service_account_email(self, value: Optional[pulumi.Input[builtins.str]]):
372
373
  pulumi.set(self, "service_account_email", value)
373
374
 
374
375
  @property
@@ -389,33 +390,33 @@ class AuthBackendArgs:
389
390
  @pulumi.input_type
390
391
  class _AuthBackendState:
391
392
  def __init__(__self__, *,
392
- accessor: Optional[pulumi.Input[str]] = None,
393
- client_email: Optional[pulumi.Input[str]] = None,
394
- client_id: Optional[pulumi.Input[str]] = None,
395
- credentials: Optional[pulumi.Input[str]] = None,
393
+ accessor: Optional[pulumi.Input[builtins.str]] = None,
394
+ client_email: Optional[pulumi.Input[builtins.str]] = None,
395
+ client_id: Optional[pulumi.Input[builtins.str]] = None,
396
+ credentials: Optional[pulumi.Input[builtins.str]] = None,
396
397
  custom_endpoint: Optional[pulumi.Input['AuthBackendCustomEndpointArgs']] = None,
397
- description: Optional[pulumi.Input[str]] = None,
398
- disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
399
- disable_remount: Optional[pulumi.Input[bool]] = None,
400
- identity_token_audience: Optional[pulumi.Input[str]] = None,
401
- identity_token_key: Optional[pulumi.Input[str]] = None,
402
- identity_token_ttl: Optional[pulumi.Input[int]] = None,
403
- local: Optional[pulumi.Input[bool]] = None,
404
- namespace: Optional[pulumi.Input[str]] = None,
405
- path: Optional[pulumi.Input[str]] = None,
406
- private_key_id: Optional[pulumi.Input[str]] = None,
407
- project_id: Optional[pulumi.Input[str]] = None,
408
- rotation_period: Optional[pulumi.Input[int]] = None,
409
- rotation_schedule: Optional[pulumi.Input[str]] = None,
410
- rotation_window: Optional[pulumi.Input[int]] = None,
411
- service_account_email: Optional[pulumi.Input[str]] = None,
398
+ description: Optional[pulumi.Input[builtins.str]] = None,
399
+ disable_automated_rotation: Optional[pulumi.Input[builtins.bool]] = None,
400
+ disable_remount: Optional[pulumi.Input[builtins.bool]] = None,
401
+ identity_token_audience: Optional[pulumi.Input[builtins.str]] = None,
402
+ identity_token_key: Optional[pulumi.Input[builtins.str]] = None,
403
+ identity_token_ttl: Optional[pulumi.Input[builtins.int]] = None,
404
+ local: Optional[pulumi.Input[builtins.bool]] = None,
405
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
406
+ path: Optional[pulumi.Input[builtins.str]] = None,
407
+ private_key_id: Optional[pulumi.Input[builtins.str]] = None,
408
+ project_id: Optional[pulumi.Input[builtins.str]] = None,
409
+ rotation_period: Optional[pulumi.Input[builtins.int]] = None,
410
+ rotation_schedule: Optional[pulumi.Input[builtins.str]] = None,
411
+ rotation_window: Optional[pulumi.Input[builtins.int]] = None,
412
+ service_account_email: Optional[pulumi.Input[builtins.str]] = None,
412
413
  tune: Optional[pulumi.Input['AuthBackendTuneArgs']] = None):
413
414
  """
414
415
  Input properties used for looking up and filtering AuthBackend resources.
415
- :param pulumi.Input[str] accessor: The mount accessor related to the auth mount. It is useful for integration with [Identity Secrets Engine](https://www.vaultproject.io/docs/secrets/identity/index.html).
416
- :param pulumi.Input[str] client_email: The clients email associated with the credentials
417
- :param pulumi.Input[str] client_id: The Client ID of the credentials
418
- :param pulumi.Input[str] credentials: A JSON string containing the contents of a GCP credentials file. If this value is empty, Vault will try to use Application Default Credentials from the machine on which the Vault server is running.
416
+ :param pulumi.Input[builtins.str] accessor: The mount accessor related to the auth mount. It is useful for integration with [Identity Secrets Engine](https://www.vaultproject.io/docs/secrets/identity/index.html).
417
+ :param pulumi.Input[builtins.str] client_email: The clients email associated with the credentials
418
+ :param pulumi.Input[builtins.str] client_id: The Client ID of the credentials
419
+ :param pulumi.Input[builtins.str] credentials: A JSON string containing the contents of a GCP credentials file. If this value is empty, Vault will try to use Application Default Credentials from the machine on which the Vault server is running.
419
420
  :param pulumi.Input['AuthBackendCustomEndpointArgs'] custom_endpoint: Specifies overrides to
420
421
  [service endpoints](https://cloud.google.com/apis/design/glossary#api_service_endpoint)
421
422
  used when making API requests. This allows specific requests made during authentication
@@ -423,32 +424,32 @@ class _AuthBackendState:
423
424
  environments. Requires Vault 1.11+.
424
425
 
425
426
  Overrides are set at the subdomain level using the following keys:
426
- :param pulumi.Input[str] description: A description of the auth method.
427
- :param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
428
- :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
427
+ :param pulumi.Input[builtins.str] description: A description of the auth method.
428
+ :param pulumi.Input[builtins.bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
429
+ :param pulumi.Input[builtins.bool] disable_remount: If set, opts out of mount migration on path updates.
429
430
  See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
430
- :param pulumi.Input[str] identity_token_audience: The audience claim value for plugin identity
431
+ :param pulumi.Input[builtins.str] identity_token_audience: The audience claim value for plugin identity
431
432
  tokens. Must match an allowed audience configured for the target [Workload Identity Pool](https://cloud.google.com/iam/docs/workload-identity-federation-with-other-providers#prepare).
432
433
  Mutually exclusive with `credentials`. Requires Vault 1.17+. *Available only for Vault Enterprise*.
433
- :param pulumi.Input[str] identity_token_key: The key to use for signing plugin identity
434
+ :param pulumi.Input[builtins.str] identity_token_key: The key to use for signing plugin identity
434
435
  tokens. Requires Vault 1.17+. *Available only for Vault Enterprise*.
435
- :param pulumi.Input[int] identity_token_ttl: The TTL of generated tokens.
436
- :param pulumi.Input[bool] local: Specifies if the auth method is local only.
437
- :param pulumi.Input[str] namespace: The namespace to provision the resource in.
436
+ :param pulumi.Input[builtins.int] identity_token_ttl: The TTL of generated tokens.
437
+ :param pulumi.Input[builtins.bool] local: Specifies if the auth method is local only.
438
+ :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
438
439
  The value should not contain leading or trailing forward slashes.
439
440
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
440
441
  *Available only for Vault Enterprise*.
441
- :param pulumi.Input[str] path: The path to mount the auth method — this defaults to 'gcp'.
442
- :param pulumi.Input[str] private_key_id: The ID of the private key from the credentials
443
- :param pulumi.Input[str] project_id: The GCP Project ID
444
- :param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
442
+ :param pulumi.Input[builtins.str] path: The path to mount the auth method — this defaults to 'gcp'.
443
+ :param pulumi.Input[builtins.str] private_key_id: The ID of the private key from the credentials
444
+ :param pulumi.Input[builtins.str] project_id: The GCP Project ID
445
+ :param pulumi.Input[builtins.int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
445
446
  A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
446
- :param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
447
+ :param pulumi.Input[builtins.str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
447
448
  defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
448
- :param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
449
+ :param pulumi.Input[builtins.int] rotation_window: The maximum amount of time in seconds allowed to complete
449
450
  a rotation when a scheduled token rotation occurs. The default rotation window is
450
451
  unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
451
- :param pulumi.Input[str] service_account_email: Service Account to impersonate for plugin workload identity federation.
452
+ :param pulumi.Input[builtins.str] service_account_email: Service Account to impersonate for plugin workload identity federation.
452
453
  Required with `identity_token_audience`. Requires Vault 1.17+. *Available only for Vault Enterprise*.
453
454
  :param pulumi.Input['AuthBackendTuneArgs'] tune: Extra configuration block. Structure is documented below.
454
455
 
@@ -499,50 +500,50 @@ class _AuthBackendState:
499
500
 
500
501
  @property
501
502
  @pulumi.getter
502
- def accessor(self) -> Optional[pulumi.Input[str]]:
503
+ def accessor(self) -> Optional[pulumi.Input[builtins.str]]:
503
504
  """
504
505
  The mount accessor related to the auth mount. It is useful for integration with [Identity Secrets Engine](https://www.vaultproject.io/docs/secrets/identity/index.html).
505
506
  """
506
507
  return pulumi.get(self, "accessor")
507
508
 
508
509
  @accessor.setter
509
- def accessor(self, value: Optional[pulumi.Input[str]]):
510
+ def accessor(self, value: Optional[pulumi.Input[builtins.str]]):
510
511
  pulumi.set(self, "accessor", value)
511
512
 
512
513
  @property
513
514
  @pulumi.getter(name="clientEmail")
514
- def client_email(self) -> Optional[pulumi.Input[str]]:
515
+ def client_email(self) -> Optional[pulumi.Input[builtins.str]]:
515
516
  """
516
517
  The clients email associated with the credentials
517
518
  """
518
519
  return pulumi.get(self, "client_email")
519
520
 
520
521
  @client_email.setter
521
- def client_email(self, value: Optional[pulumi.Input[str]]):
522
+ def client_email(self, value: Optional[pulumi.Input[builtins.str]]):
522
523
  pulumi.set(self, "client_email", value)
523
524
 
524
525
  @property
525
526
  @pulumi.getter(name="clientId")
526
- def client_id(self) -> Optional[pulumi.Input[str]]:
527
+ def client_id(self) -> Optional[pulumi.Input[builtins.str]]:
527
528
  """
528
529
  The Client ID of the credentials
529
530
  """
530
531
  return pulumi.get(self, "client_id")
531
532
 
532
533
  @client_id.setter
533
- def client_id(self, value: Optional[pulumi.Input[str]]):
534
+ def client_id(self, value: Optional[pulumi.Input[builtins.str]]):
534
535
  pulumi.set(self, "client_id", value)
535
536
 
536
537
  @property
537
538
  @pulumi.getter
538
- def credentials(self) -> Optional[pulumi.Input[str]]:
539
+ def credentials(self) -> Optional[pulumi.Input[builtins.str]]:
539
540
  """
540
541
  A JSON string containing the contents of a GCP credentials file. If this value is empty, Vault will try to use Application Default Credentials from the machine on which the Vault server is running.
541
542
  """
542
543
  return pulumi.get(self, "credentials")
543
544
 
544
545
  @credentials.setter
545
- def credentials(self, value: Optional[pulumi.Input[str]]):
546
+ def credentials(self, value: Optional[pulumi.Input[builtins.str]]):
546
547
  pulumi.set(self, "credentials", value)
547
548
 
548
549
  @property
@@ -565,31 +566,31 @@ class _AuthBackendState:
565
566
 
566
567
  @property
567
568
  @pulumi.getter
568
- def description(self) -> Optional[pulumi.Input[str]]:
569
+ def description(self) -> Optional[pulumi.Input[builtins.str]]:
569
570
  """
570
571
  A description of the auth method.
571
572
  """
572
573
  return pulumi.get(self, "description")
573
574
 
574
575
  @description.setter
575
- def description(self, value: Optional[pulumi.Input[str]]):
576
+ def description(self, value: Optional[pulumi.Input[builtins.str]]):
576
577
  pulumi.set(self, "description", value)
577
578
 
578
579
  @property
579
580
  @pulumi.getter(name="disableAutomatedRotation")
580
- def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
581
+ def disable_automated_rotation(self) -> Optional[pulumi.Input[builtins.bool]]:
581
582
  """
582
583
  Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
583
584
  """
584
585
  return pulumi.get(self, "disable_automated_rotation")
585
586
 
586
587
  @disable_automated_rotation.setter
587
- def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
588
+ def disable_automated_rotation(self, value: Optional[pulumi.Input[builtins.bool]]):
588
589
  pulumi.set(self, "disable_automated_rotation", value)
589
590
 
590
591
  @property
591
592
  @pulumi.getter(name="disableRemount")
592
- def disable_remount(self) -> Optional[pulumi.Input[bool]]:
593
+ def disable_remount(self) -> Optional[pulumi.Input[builtins.bool]]:
593
594
  """
594
595
  If set, opts out of mount migration on path updates.
595
596
  See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
@@ -597,12 +598,12 @@ class _AuthBackendState:
597
598
  return pulumi.get(self, "disable_remount")
598
599
 
599
600
  @disable_remount.setter
600
- def disable_remount(self, value: Optional[pulumi.Input[bool]]):
601
+ def disable_remount(self, value: Optional[pulumi.Input[builtins.bool]]):
601
602
  pulumi.set(self, "disable_remount", value)
602
603
 
603
604
  @property
604
605
  @pulumi.getter(name="identityTokenAudience")
605
- def identity_token_audience(self) -> Optional[pulumi.Input[str]]:
606
+ def identity_token_audience(self) -> Optional[pulumi.Input[builtins.str]]:
606
607
  """
607
608
  The audience claim value for plugin identity
608
609
  tokens. Must match an allowed audience configured for the target [Workload Identity Pool](https://cloud.google.com/iam/docs/workload-identity-federation-with-other-providers#prepare).
@@ -611,12 +612,12 @@ class _AuthBackendState:
611
612
  return pulumi.get(self, "identity_token_audience")
612
613
 
613
614
  @identity_token_audience.setter
614
- def identity_token_audience(self, value: Optional[pulumi.Input[str]]):
615
+ def identity_token_audience(self, value: Optional[pulumi.Input[builtins.str]]):
615
616
  pulumi.set(self, "identity_token_audience", value)
616
617
 
617
618
  @property
618
619
  @pulumi.getter(name="identityTokenKey")
619
- def identity_token_key(self) -> Optional[pulumi.Input[str]]:
620
+ def identity_token_key(self) -> Optional[pulumi.Input[builtins.str]]:
620
621
  """
621
622
  The key to use for signing plugin identity
622
623
  tokens. Requires Vault 1.17+. *Available only for Vault Enterprise*.
@@ -624,36 +625,36 @@ class _AuthBackendState:
624
625
  return pulumi.get(self, "identity_token_key")
625
626
 
626
627
  @identity_token_key.setter
627
- def identity_token_key(self, value: Optional[pulumi.Input[str]]):
628
+ def identity_token_key(self, value: Optional[pulumi.Input[builtins.str]]):
628
629
  pulumi.set(self, "identity_token_key", value)
629
630
 
630
631
  @property
631
632
  @pulumi.getter(name="identityTokenTtl")
632
- def identity_token_ttl(self) -> Optional[pulumi.Input[int]]:
633
+ def identity_token_ttl(self) -> Optional[pulumi.Input[builtins.int]]:
633
634
  """
634
635
  The TTL of generated tokens.
635
636
  """
636
637
  return pulumi.get(self, "identity_token_ttl")
637
638
 
638
639
  @identity_token_ttl.setter
639
- def identity_token_ttl(self, value: Optional[pulumi.Input[int]]):
640
+ def identity_token_ttl(self, value: Optional[pulumi.Input[builtins.int]]):
640
641
  pulumi.set(self, "identity_token_ttl", value)
641
642
 
642
643
  @property
643
644
  @pulumi.getter
644
- def local(self) -> Optional[pulumi.Input[bool]]:
645
+ def local(self) -> Optional[pulumi.Input[builtins.bool]]:
645
646
  """
646
647
  Specifies if the auth method is local only.
647
648
  """
648
649
  return pulumi.get(self, "local")
649
650
 
650
651
  @local.setter
651
- def local(self, value: Optional[pulumi.Input[bool]]):
652
+ def local(self, value: Optional[pulumi.Input[builtins.bool]]):
652
653
  pulumi.set(self, "local", value)
653
654
 
654
655
  @property
655
656
  @pulumi.getter
656
- def namespace(self) -> Optional[pulumi.Input[str]]:
657
+ def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
657
658
  """
658
659
  The namespace to provision the resource in.
659
660
  The value should not contain leading or trailing forward slashes.
@@ -663,48 +664,48 @@ class _AuthBackendState:
663
664
  return pulumi.get(self, "namespace")
664
665
 
665
666
  @namespace.setter
666
- def namespace(self, value: Optional[pulumi.Input[str]]):
667
+ def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
667
668
  pulumi.set(self, "namespace", value)
668
669
 
669
670
  @property
670
671
  @pulumi.getter
671
- def path(self) -> Optional[pulumi.Input[str]]:
672
+ def path(self) -> Optional[pulumi.Input[builtins.str]]:
672
673
  """
673
674
  The path to mount the auth method — this defaults to 'gcp'.
674
675
  """
675
676
  return pulumi.get(self, "path")
676
677
 
677
678
  @path.setter
678
- def path(self, value: Optional[pulumi.Input[str]]):
679
+ def path(self, value: Optional[pulumi.Input[builtins.str]]):
679
680
  pulumi.set(self, "path", value)
680
681
 
681
682
  @property
682
683
  @pulumi.getter(name="privateKeyId")
683
- def private_key_id(self) -> Optional[pulumi.Input[str]]:
684
+ def private_key_id(self) -> Optional[pulumi.Input[builtins.str]]:
684
685
  """
685
686
  The ID of the private key from the credentials
686
687
  """
687
688
  return pulumi.get(self, "private_key_id")
688
689
 
689
690
  @private_key_id.setter
690
- def private_key_id(self, value: Optional[pulumi.Input[str]]):
691
+ def private_key_id(self, value: Optional[pulumi.Input[builtins.str]]):
691
692
  pulumi.set(self, "private_key_id", value)
692
693
 
693
694
  @property
694
695
  @pulumi.getter(name="projectId")
695
- def project_id(self) -> Optional[pulumi.Input[str]]:
696
+ def project_id(self) -> Optional[pulumi.Input[builtins.str]]:
696
697
  """
697
698
  The GCP Project ID
698
699
  """
699
700
  return pulumi.get(self, "project_id")
700
701
 
701
702
  @project_id.setter
702
- def project_id(self, value: Optional[pulumi.Input[str]]):
703
+ def project_id(self, value: Optional[pulumi.Input[builtins.str]]):
703
704
  pulumi.set(self, "project_id", value)
704
705
 
705
706
  @property
706
707
  @pulumi.getter(name="rotationPeriod")
707
- def rotation_period(self) -> Optional[pulumi.Input[int]]:
708
+ def rotation_period(self) -> Optional[pulumi.Input[builtins.int]]:
708
709
  """
709
710
  The amount of time in seconds Vault should wait before rotating the root credential.
710
711
  A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
@@ -712,12 +713,12 @@ class _AuthBackendState:
712
713
  return pulumi.get(self, "rotation_period")
713
714
 
714
715
  @rotation_period.setter
715
- def rotation_period(self, value: Optional[pulumi.Input[int]]):
716
+ def rotation_period(self, value: Optional[pulumi.Input[builtins.int]]):
716
717
  pulumi.set(self, "rotation_period", value)
717
718
 
718
719
  @property
719
720
  @pulumi.getter(name="rotationSchedule")
720
- def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
721
+ def rotation_schedule(self) -> Optional[pulumi.Input[builtins.str]]:
721
722
  """
722
723
  The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
723
724
  defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
@@ -725,12 +726,12 @@ class _AuthBackendState:
725
726
  return pulumi.get(self, "rotation_schedule")
726
727
 
727
728
  @rotation_schedule.setter
728
- def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
729
+ def rotation_schedule(self, value: Optional[pulumi.Input[builtins.str]]):
729
730
  pulumi.set(self, "rotation_schedule", value)
730
731
 
731
732
  @property
732
733
  @pulumi.getter(name="rotationWindow")
733
- def rotation_window(self) -> Optional[pulumi.Input[int]]:
734
+ def rotation_window(self) -> Optional[pulumi.Input[builtins.int]]:
734
735
  """
735
736
  The maximum amount of time in seconds allowed to complete
736
737
  a rotation when a scheduled token rotation occurs. The default rotation window is
@@ -739,12 +740,12 @@ class _AuthBackendState:
739
740
  return pulumi.get(self, "rotation_window")
740
741
 
741
742
  @rotation_window.setter
742
- def rotation_window(self, value: Optional[pulumi.Input[int]]):
743
+ def rotation_window(self, value: Optional[pulumi.Input[builtins.int]]):
743
744
  pulumi.set(self, "rotation_window", value)
744
745
 
745
746
  @property
746
747
  @pulumi.getter(name="serviceAccountEmail")
747
- def service_account_email(self) -> Optional[pulumi.Input[str]]:
748
+ def service_account_email(self) -> Optional[pulumi.Input[builtins.str]]:
748
749
  """
749
750
  Service Account to impersonate for plugin workload identity federation.
750
751
  Required with `identity_token_audience`. Requires Vault 1.17+. *Available only for Vault Enterprise*.
@@ -752,7 +753,7 @@ class _AuthBackendState:
752
753
  return pulumi.get(self, "service_account_email")
753
754
 
754
755
  @service_account_email.setter
755
- def service_account_email(self, value: Optional[pulumi.Input[str]]):
756
+ def service_account_email(self, value: Optional[pulumi.Input[builtins.str]]):
756
757
  pulumi.set(self, "service_account_email", value)
757
758
 
758
759
  @property
@@ -775,25 +776,25 @@ class AuthBackend(pulumi.CustomResource):
775
776
  def __init__(__self__,
776
777
  resource_name: str,
777
778
  opts: Optional[pulumi.ResourceOptions] = None,
778
- client_email: Optional[pulumi.Input[str]] = None,
779
- client_id: Optional[pulumi.Input[str]] = None,
780
- credentials: Optional[pulumi.Input[str]] = None,
779
+ client_email: Optional[pulumi.Input[builtins.str]] = None,
780
+ client_id: Optional[pulumi.Input[builtins.str]] = None,
781
+ credentials: Optional[pulumi.Input[builtins.str]] = None,
781
782
  custom_endpoint: Optional[pulumi.Input[Union['AuthBackendCustomEndpointArgs', 'AuthBackendCustomEndpointArgsDict']]] = None,
782
- description: Optional[pulumi.Input[str]] = None,
783
- disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
784
- disable_remount: Optional[pulumi.Input[bool]] = None,
785
- identity_token_audience: Optional[pulumi.Input[str]] = None,
786
- identity_token_key: Optional[pulumi.Input[str]] = None,
787
- identity_token_ttl: Optional[pulumi.Input[int]] = None,
788
- local: Optional[pulumi.Input[bool]] = None,
789
- namespace: Optional[pulumi.Input[str]] = None,
790
- path: Optional[pulumi.Input[str]] = None,
791
- private_key_id: Optional[pulumi.Input[str]] = None,
792
- project_id: Optional[pulumi.Input[str]] = None,
793
- rotation_period: Optional[pulumi.Input[int]] = None,
794
- rotation_schedule: Optional[pulumi.Input[str]] = None,
795
- rotation_window: Optional[pulumi.Input[int]] = None,
796
- service_account_email: Optional[pulumi.Input[str]] = None,
783
+ description: Optional[pulumi.Input[builtins.str]] = None,
784
+ disable_automated_rotation: Optional[pulumi.Input[builtins.bool]] = None,
785
+ disable_remount: Optional[pulumi.Input[builtins.bool]] = None,
786
+ identity_token_audience: Optional[pulumi.Input[builtins.str]] = None,
787
+ identity_token_key: Optional[pulumi.Input[builtins.str]] = None,
788
+ identity_token_ttl: Optional[pulumi.Input[builtins.int]] = None,
789
+ local: Optional[pulumi.Input[builtins.bool]] = None,
790
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
791
+ path: Optional[pulumi.Input[builtins.str]] = None,
792
+ private_key_id: Optional[pulumi.Input[builtins.str]] = None,
793
+ project_id: Optional[pulumi.Input[builtins.str]] = None,
794
+ rotation_period: Optional[pulumi.Input[builtins.int]] = None,
795
+ rotation_schedule: Optional[pulumi.Input[builtins.str]] = None,
796
+ rotation_window: Optional[pulumi.Input[builtins.int]] = None,
797
+ service_account_email: Optional[pulumi.Input[builtins.str]] = None,
797
798
  tune: Optional[pulumi.Input[Union['AuthBackendTuneArgs', 'AuthBackendTuneArgsDict']]] = None,
798
799
  __props__=None):
799
800
  """
@@ -825,9 +826,9 @@ class AuthBackend(pulumi.CustomResource):
825
826
 
826
827
  :param str resource_name: The name of the resource.
827
828
  :param pulumi.ResourceOptions opts: Options for the resource.
828
- :param pulumi.Input[str] client_email: The clients email associated with the credentials
829
- :param pulumi.Input[str] client_id: The Client ID of the credentials
830
- :param pulumi.Input[str] credentials: A JSON string containing the contents of a GCP credentials file. If this value is empty, Vault will try to use Application Default Credentials from the machine on which the Vault server is running.
829
+ :param pulumi.Input[builtins.str] client_email: The clients email associated with the credentials
830
+ :param pulumi.Input[builtins.str] client_id: The Client ID of the credentials
831
+ :param pulumi.Input[builtins.str] credentials: A JSON string containing the contents of a GCP credentials file. If this value is empty, Vault will try to use Application Default Credentials from the machine on which the Vault server is running.
831
832
  :param pulumi.Input[Union['AuthBackendCustomEndpointArgs', 'AuthBackendCustomEndpointArgsDict']] custom_endpoint: Specifies overrides to
832
833
  [service endpoints](https://cloud.google.com/apis/design/glossary#api_service_endpoint)
833
834
  used when making API requests. This allows specific requests made during authentication
@@ -835,32 +836,32 @@ class AuthBackend(pulumi.CustomResource):
835
836
  environments. Requires Vault 1.11+.
836
837
 
837
838
  Overrides are set at the subdomain level using the following keys:
838
- :param pulumi.Input[str] description: A description of the auth method.
839
- :param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
840
- :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
839
+ :param pulumi.Input[builtins.str] description: A description of the auth method.
840
+ :param pulumi.Input[builtins.bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
841
+ :param pulumi.Input[builtins.bool] disable_remount: If set, opts out of mount migration on path updates.
841
842
  See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
842
- :param pulumi.Input[str] identity_token_audience: The audience claim value for plugin identity
843
+ :param pulumi.Input[builtins.str] identity_token_audience: The audience claim value for plugin identity
843
844
  tokens. Must match an allowed audience configured for the target [Workload Identity Pool](https://cloud.google.com/iam/docs/workload-identity-federation-with-other-providers#prepare).
844
845
  Mutually exclusive with `credentials`. Requires Vault 1.17+. *Available only for Vault Enterprise*.
845
- :param pulumi.Input[str] identity_token_key: The key to use for signing plugin identity
846
+ :param pulumi.Input[builtins.str] identity_token_key: The key to use for signing plugin identity
846
847
  tokens. Requires Vault 1.17+. *Available only for Vault Enterprise*.
847
- :param pulumi.Input[int] identity_token_ttl: The TTL of generated tokens.
848
- :param pulumi.Input[bool] local: Specifies if the auth method is local only.
849
- :param pulumi.Input[str] namespace: The namespace to provision the resource in.
848
+ :param pulumi.Input[builtins.int] identity_token_ttl: The TTL of generated tokens.
849
+ :param pulumi.Input[builtins.bool] local: Specifies if the auth method is local only.
850
+ :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
850
851
  The value should not contain leading or trailing forward slashes.
851
852
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
852
853
  *Available only for Vault Enterprise*.
853
- :param pulumi.Input[str] path: The path to mount the auth method — this defaults to 'gcp'.
854
- :param pulumi.Input[str] private_key_id: The ID of the private key from the credentials
855
- :param pulumi.Input[str] project_id: The GCP Project ID
856
- :param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
854
+ :param pulumi.Input[builtins.str] path: The path to mount the auth method — this defaults to 'gcp'.
855
+ :param pulumi.Input[builtins.str] private_key_id: The ID of the private key from the credentials
856
+ :param pulumi.Input[builtins.str] project_id: The GCP Project ID
857
+ :param pulumi.Input[builtins.int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
857
858
  A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
858
- :param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
859
+ :param pulumi.Input[builtins.str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
859
860
  defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
860
- :param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
861
+ :param pulumi.Input[builtins.int] rotation_window: The maximum amount of time in seconds allowed to complete
861
862
  a rotation when a scheduled token rotation occurs. The default rotation window is
862
863
  unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
863
- :param pulumi.Input[str] service_account_email: Service Account to impersonate for plugin workload identity federation.
864
+ :param pulumi.Input[builtins.str] service_account_email: Service Account to impersonate for plugin workload identity federation.
864
865
  Required with `identity_token_audience`. Requires Vault 1.17+. *Available only for Vault Enterprise*.
865
866
  :param pulumi.Input[Union['AuthBackendTuneArgs', 'AuthBackendTuneArgsDict']] tune: Extra configuration block. Structure is documented below.
866
867
 
@@ -914,25 +915,25 @@ class AuthBackend(pulumi.CustomResource):
914
915
  def _internal_init(__self__,
915
916
  resource_name: str,
916
917
  opts: Optional[pulumi.ResourceOptions] = None,
917
- client_email: Optional[pulumi.Input[str]] = None,
918
- client_id: Optional[pulumi.Input[str]] = None,
919
- credentials: Optional[pulumi.Input[str]] = None,
918
+ client_email: Optional[pulumi.Input[builtins.str]] = None,
919
+ client_id: Optional[pulumi.Input[builtins.str]] = None,
920
+ credentials: Optional[pulumi.Input[builtins.str]] = None,
920
921
  custom_endpoint: Optional[pulumi.Input[Union['AuthBackendCustomEndpointArgs', 'AuthBackendCustomEndpointArgsDict']]] = None,
921
- description: Optional[pulumi.Input[str]] = None,
922
- disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
923
- disable_remount: Optional[pulumi.Input[bool]] = None,
924
- identity_token_audience: Optional[pulumi.Input[str]] = None,
925
- identity_token_key: Optional[pulumi.Input[str]] = None,
926
- identity_token_ttl: Optional[pulumi.Input[int]] = None,
927
- local: Optional[pulumi.Input[bool]] = None,
928
- namespace: Optional[pulumi.Input[str]] = None,
929
- path: Optional[pulumi.Input[str]] = None,
930
- private_key_id: Optional[pulumi.Input[str]] = None,
931
- project_id: Optional[pulumi.Input[str]] = None,
932
- rotation_period: Optional[pulumi.Input[int]] = None,
933
- rotation_schedule: Optional[pulumi.Input[str]] = None,
934
- rotation_window: Optional[pulumi.Input[int]] = None,
935
- service_account_email: Optional[pulumi.Input[str]] = None,
922
+ description: Optional[pulumi.Input[builtins.str]] = None,
923
+ disable_automated_rotation: Optional[pulumi.Input[builtins.bool]] = None,
924
+ disable_remount: Optional[pulumi.Input[builtins.bool]] = None,
925
+ identity_token_audience: Optional[pulumi.Input[builtins.str]] = None,
926
+ identity_token_key: Optional[pulumi.Input[builtins.str]] = None,
927
+ identity_token_ttl: Optional[pulumi.Input[builtins.int]] = None,
928
+ local: Optional[pulumi.Input[builtins.bool]] = None,
929
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
930
+ path: Optional[pulumi.Input[builtins.str]] = None,
931
+ private_key_id: Optional[pulumi.Input[builtins.str]] = None,
932
+ project_id: Optional[pulumi.Input[builtins.str]] = None,
933
+ rotation_period: Optional[pulumi.Input[builtins.int]] = None,
934
+ rotation_schedule: Optional[pulumi.Input[builtins.str]] = None,
935
+ rotation_window: Optional[pulumi.Input[builtins.int]] = None,
936
+ service_account_email: Optional[pulumi.Input[builtins.str]] = None,
936
937
  tune: Optional[pulumi.Input[Union['AuthBackendTuneArgs', 'AuthBackendTuneArgsDict']]] = None,
937
938
  __props__=None):
938
939
  opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
@@ -976,26 +977,26 @@ class AuthBackend(pulumi.CustomResource):
976
977
  def get(resource_name: str,
977
978
  id: pulumi.Input[str],
978
979
  opts: Optional[pulumi.ResourceOptions] = None,
979
- accessor: Optional[pulumi.Input[str]] = None,
980
- client_email: Optional[pulumi.Input[str]] = None,
981
- client_id: Optional[pulumi.Input[str]] = None,
982
- credentials: Optional[pulumi.Input[str]] = None,
980
+ accessor: Optional[pulumi.Input[builtins.str]] = None,
981
+ client_email: Optional[pulumi.Input[builtins.str]] = None,
982
+ client_id: Optional[pulumi.Input[builtins.str]] = None,
983
+ credentials: Optional[pulumi.Input[builtins.str]] = None,
983
984
  custom_endpoint: Optional[pulumi.Input[Union['AuthBackendCustomEndpointArgs', 'AuthBackendCustomEndpointArgsDict']]] = None,
984
- description: Optional[pulumi.Input[str]] = None,
985
- disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
986
- disable_remount: Optional[pulumi.Input[bool]] = None,
987
- identity_token_audience: Optional[pulumi.Input[str]] = None,
988
- identity_token_key: Optional[pulumi.Input[str]] = None,
989
- identity_token_ttl: Optional[pulumi.Input[int]] = None,
990
- local: Optional[pulumi.Input[bool]] = None,
991
- namespace: Optional[pulumi.Input[str]] = None,
992
- path: Optional[pulumi.Input[str]] = None,
993
- private_key_id: Optional[pulumi.Input[str]] = None,
994
- project_id: Optional[pulumi.Input[str]] = None,
995
- rotation_period: Optional[pulumi.Input[int]] = None,
996
- rotation_schedule: Optional[pulumi.Input[str]] = None,
997
- rotation_window: Optional[pulumi.Input[int]] = None,
998
- service_account_email: Optional[pulumi.Input[str]] = None,
985
+ description: Optional[pulumi.Input[builtins.str]] = None,
986
+ disable_automated_rotation: Optional[pulumi.Input[builtins.bool]] = None,
987
+ disable_remount: Optional[pulumi.Input[builtins.bool]] = None,
988
+ identity_token_audience: Optional[pulumi.Input[builtins.str]] = None,
989
+ identity_token_key: Optional[pulumi.Input[builtins.str]] = None,
990
+ identity_token_ttl: Optional[pulumi.Input[builtins.int]] = None,
991
+ local: Optional[pulumi.Input[builtins.bool]] = None,
992
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
993
+ path: Optional[pulumi.Input[builtins.str]] = None,
994
+ private_key_id: Optional[pulumi.Input[builtins.str]] = None,
995
+ project_id: Optional[pulumi.Input[builtins.str]] = None,
996
+ rotation_period: Optional[pulumi.Input[builtins.int]] = None,
997
+ rotation_schedule: Optional[pulumi.Input[builtins.str]] = None,
998
+ rotation_window: Optional[pulumi.Input[builtins.int]] = None,
999
+ service_account_email: Optional[pulumi.Input[builtins.str]] = None,
999
1000
  tune: Optional[pulumi.Input[Union['AuthBackendTuneArgs', 'AuthBackendTuneArgsDict']]] = None) -> 'AuthBackend':
1000
1001
  """
1001
1002
  Get an existing AuthBackend resource's state with the given name, id, and optional extra
@@ -1004,10 +1005,10 @@ class AuthBackend(pulumi.CustomResource):
1004
1005
  :param str resource_name: The unique name of the resulting resource.
1005
1006
  :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
1006
1007
  :param pulumi.ResourceOptions opts: Options for the resource.
1007
- :param pulumi.Input[str] accessor: The mount accessor related to the auth mount. It is useful for integration with [Identity Secrets Engine](https://www.vaultproject.io/docs/secrets/identity/index.html).
1008
- :param pulumi.Input[str] client_email: The clients email associated with the credentials
1009
- :param pulumi.Input[str] client_id: The Client ID of the credentials
1010
- :param pulumi.Input[str] credentials: A JSON string containing the contents of a GCP credentials file. If this value is empty, Vault will try to use Application Default Credentials from the machine on which the Vault server is running.
1008
+ :param pulumi.Input[builtins.str] accessor: The mount accessor related to the auth mount. It is useful for integration with [Identity Secrets Engine](https://www.vaultproject.io/docs/secrets/identity/index.html).
1009
+ :param pulumi.Input[builtins.str] client_email: The clients email associated with the credentials
1010
+ :param pulumi.Input[builtins.str] client_id: The Client ID of the credentials
1011
+ :param pulumi.Input[builtins.str] credentials: A JSON string containing the contents of a GCP credentials file. If this value is empty, Vault will try to use Application Default Credentials from the machine on which the Vault server is running.
1011
1012
  :param pulumi.Input[Union['AuthBackendCustomEndpointArgs', 'AuthBackendCustomEndpointArgsDict']] custom_endpoint: Specifies overrides to
1012
1013
  [service endpoints](https://cloud.google.com/apis/design/glossary#api_service_endpoint)
1013
1014
  used when making API requests. This allows specific requests made during authentication
@@ -1015,32 +1016,32 @@ class AuthBackend(pulumi.CustomResource):
1015
1016
  environments. Requires Vault 1.11+.
1016
1017
 
1017
1018
  Overrides are set at the subdomain level using the following keys:
1018
- :param pulumi.Input[str] description: A description of the auth method.
1019
- :param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
1020
- :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
1019
+ :param pulumi.Input[builtins.str] description: A description of the auth method.
1020
+ :param pulumi.Input[builtins.bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
1021
+ :param pulumi.Input[builtins.bool] disable_remount: If set, opts out of mount migration on path updates.
1021
1022
  See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
1022
- :param pulumi.Input[str] identity_token_audience: The audience claim value for plugin identity
1023
+ :param pulumi.Input[builtins.str] identity_token_audience: The audience claim value for plugin identity
1023
1024
  tokens. Must match an allowed audience configured for the target [Workload Identity Pool](https://cloud.google.com/iam/docs/workload-identity-federation-with-other-providers#prepare).
1024
1025
  Mutually exclusive with `credentials`. Requires Vault 1.17+. *Available only for Vault Enterprise*.
1025
- :param pulumi.Input[str] identity_token_key: The key to use for signing plugin identity
1026
+ :param pulumi.Input[builtins.str] identity_token_key: The key to use for signing plugin identity
1026
1027
  tokens. Requires Vault 1.17+. *Available only for Vault Enterprise*.
1027
- :param pulumi.Input[int] identity_token_ttl: The TTL of generated tokens.
1028
- :param pulumi.Input[bool] local: Specifies if the auth method is local only.
1029
- :param pulumi.Input[str] namespace: The namespace to provision the resource in.
1028
+ :param pulumi.Input[builtins.int] identity_token_ttl: The TTL of generated tokens.
1029
+ :param pulumi.Input[builtins.bool] local: Specifies if the auth method is local only.
1030
+ :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
1030
1031
  The value should not contain leading or trailing forward slashes.
1031
1032
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
1032
1033
  *Available only for Vault Enterprise*.
1033
- :param pulumi.Input[str] path: The path to mount the auth method — this defaults to 'gcp'.
1034
- :param pulumi.Input[str] private_key_id: The ID of the private key from the credentials
1035
- :param pulumi.Input[str] project_id: The GCP Project ID
1036
- :param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
1034
+ :param pulumi.Input[builtins.str] path: The path to mount the auth method — this defaults to 'gcp'.
1035
+ :param pulumi.Input[builtins.str] private_key_id: The ID of the private key from the credentials
1036
+ :param pulumi.Input[builtins.str] project_id: The GCP Project ID
1037
+ :param pulumi.Input[builtins.int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
1037
1038
  A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
1038
- :param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
1039
+ :param pulumi.Input[builtins.str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
1039
1040
  defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
1040
- :param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
1041
+ :param pulumi.Input[builtins.int] rotation_window: The maximum amount of time in seconds allowed to complete
1041
1042
  a rotation when a scheduled token rotation occurs. The default rotation window is
1042
1043
  unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
1043
- :param pulumi.Input[str] service_account_email: Service Account to impersonate for plugin workload identity federation.
1044
+ :param pulumi.Input[builtins.str] service_account_email: Service Account to impersonate for plugin workload identity federation.
1044
1045
  Required with `identity_token_audience`. Requires Vault 1.17+. *Available only for Vault Enterprise*.
1045
1046
  :param pulumi.Input[Union['AuthBackendTuneArgs', 'AuthBackendTuneArgsDict']] tune: Extra configuration block. Structure is documented below.
1046
1047
 
@@ -1075,7 +1076,7 @@ class AuthBackend(pulumi.CustomResource):
1075
1076
 
1076
1077
  @property
1077
1078
  @pulumi.getter
1078
- def accessor(self) -> pulumi.Output[str]:
1079
+ def accessor(self) -> pulumi.Output[builtins.str]:
1079
1080
  """
1080
1081
  The mount accessor related to the auth mount. It is useful for integration with [Identity Secrets Engine](https://www.vaultproject.io/docs/secrets/identity/index.html).
1081
1082
  """
@@ -1083,7 +1084,7 @@ class AuthBackend(pulumi.CustomResource):
1083
1084
 
1084
1085
  @property
1085
1086
  @pulumi.getter(name="clientEmail")
1086
- def client_email(self) -> pulumi.Output[str]:
1087
+ def client_email(self) -> pulumi.Output[builtins.str]:
1087
1088
  """
1088
1089
  The clients email associated with the credentials
1089
1090
  """
@@ -1091,7 +1092,7 @@ class AuthBackend(pulumi.CustomResource):
1091
1092
 
1092
1093
  @property
1093
1094
  @pulumi.getter(name="clientId")
1094
- def client_id(self) -> pulumi.Output[str]:
1095
+ def client_id(self) -> pulumi.Output[builtins.str]:
1095
1096
  """
1096
1097
  The Client ID of the credentials
1097
1098
  """
@@ -1099,7 +1100,7 @@ class AuthBackend(pulumi.CustomResource):
1099
1100
 
1100
1101
  @property
1101
1102
  @pulumi.getter
1102
- def credentials(self) -> pulumi.Output[Optional[str]]:
1103
+ def credentials(self) -> pulumi.Output[Optional[builtins.str]]:
1103
1104
  """
1104
1105
  A JSON string containing the contents of a GCP credentials file. If this value is empty, Vault will try to use Application Default Credentials from the machine on which the Vault server is running.
1105
1106
  """
@@ -1121,7 +1122,7 @@ class AuthBackend(pulumi.CustomResource):
1121
1122
 
1122
1123
  @property
1123
1124
  @pulumi.getter
1124
- def description(self) -> pulumi.Output[Optional[str]]:
1125
+ def description(self) -> pulumi.Output[Optional[builtins.str]]:
1125
1126
  """
1126
1127
  A description of the auth method.
1127
1128
  """
@@ -1129,7 +1130,7 @@ class AuthBackend(pulumi.CustomResource):
1129
1130
 
1130
1131
  @property
1131
1132
  @pulumi.getter(name="disableAutomatedRotation")
1132
- def disable_automated_rotation(self) -> pulumi.Output[Optional[bool]]:
1133
+ def disable_automated_rotation(self) -> pulumi.Output[Optional[builtins.bool]]:
1133
1134
  """
1134
1135
  Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
1135
1136
  """
@@ -1137,7 +1138,7 @@ class AuthBackend(pulumi.CustomResource):
1137
1138
 
1138
1139
  @property
1139
1140
  @pulumi.getter(name="disableRemount")
1140
- def disable_remount(self) -> pulumi.Output[Optional[bool]]:
1141
+ def disable_remount(self) -> pulumi.Output[Optional[builtins.bool]]:
1141
1142
  """
1142
1143
  If set, opts out of mount migration on path updates.
1143
1144
  See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
@@ -1146,7 +1147,7 @@ class AuthBackend(pulumi.CustomResource):
1146
1147
 
1147
1148
  @property
1148
1149
  @pulumi.getter(name="identityTokenAudience")
1149
- def identity_token_audience(self) -> pulumi.Output[Optional[str]]:
1150
+ def identity_token_audience(self) -> pulumi.Output[Optional[builtins.str]]:
1150
1151
  """
1151
1152
  The audience claim value for plugin identity
1152
1153
  tokens. Must match an allowed audience configured for the target [Workload Identity Pool](https://cloud.google.com/iam/docs/workload-identity-federation-with-other-providers#prepare).
@@ -1156,7 +1157,7 @@ class AuthBackend(pulumi.CustomResource):
1156
1157
 
1157
1158
  @property
1158
1159
  @pulumi.getter(name="identityTokenKey")
1159
- def identity_token_key(self) -> pulumi.Output[Optional[str]]:
1160
+ def identity_token_key(self) -> pulumi.Output[Optional[builtins.str]]:
1160
1161
  """
1161
1162
  The key to use for signing plugin identity
1162
1163
  tokens. Requires Vault 1.17+. *Available only for Vault Enterprise*.
@@ -1165,7 +1166,7 @@ class AuthBackend(pulumi.CustomResource):
1165
1166
 
1166
1167
  @property
1167
1168
  @pulumi.getter(name="identityTokenTtl")
1168
- def identity_token_ttl(self) -> pulumi.Output[Optional[int]]:
1169
+ def identity_token_ttl(self) -> pulumi.Output[Optional[builtins.int]]:
1169
1170
  """
1170
1171
  The TTL of generated tokens.
1171
1172
  """
@@ -1173,7 +1174,7 @@ class AuthBackend(pulumi.CustomResource):
1173
1174
 
1174
1175
  @property
1175
1176
  @pulumi.getter
1176
- def local(self) -> pulumi.Output[Optional[bool]]:
1177
+ def local(self) -> pulumi.Output[Optional[builtins.bool]]:
1177
1178
  """
1178
1179
  Specifies if the auth method is local only.
1179
1180
  """
@@ -1181,7 +1182,7 @@ class AuthBackend(pulumi.CustomResource):
1181
1182
 
1182
1183
  @property
1183
1184
  @pulumi.getter
1184
- def namespace(self) -> pulumi.Output[Optional[str]]:
1185
+ def namespace(self) -> pulumi.Output[Optional[builtins.str]]:
1185
1186
  """
1186
1187
  The namespace to provision the resource in.
1187
1188
  The value should not contain leading or trailing forward slashes.
@@ -1192,7 +1193,7 @@ class AuthBackend(pulumi.CustomResource):
1192
1193
 
1193
1194
  @property
1194
1195
  @pulumi.getter
1195
- def path(self) -> pulumi.Output[Optional[str]]:
1196
+ def path(self) -> pulumi.Output[Optional[builtins.str]]:
1196
1197
  """
1197
1198
  The path to mount the auth method — this defaults to 'gcp'.
1198
1199
  """
@@ -1200,7 +1201,7 @@ class AuthBackend(pulumi.CustomResource):
1200
1201
 
1201
1202
  @property
1202
1203
  @pulumi.getter(name="privateKeyId")
1203
- def private_key_id(self) -> pulumi.Output[str]:
1204
+ def private_key_id(self) -> pulumi.Output[builtins.str]:
1204
1205
  """
1205
1206
  The ID of the private key from the credentials
1206
1207
  """
@@ -1208,7 +1209,7 @@ class AuthBackend(pulumi.CustomResource):
1208
1209
 
1209
1210
  @property
1210
1211
  @pulumi.getter(name="projectId")
1211
- def project_id(self) -> pulumi.Output[str]:
1212
+ def project_id(self) -> pulumi.Output[builtins.str]:
1212
1213
  """
1213
1214
  The GCP Project ID
1214
1215
  """
@@ -1216,7 +1217,7 @@ class AuthBackend(pulumi.CustomResource):
1216
1217
 
1217
1218
  @property
1218
1219
  @pulumi.getter(name="rotationPeriod")
1219
- def rotation_period(self) -> pulumi.Output[Optional[int]]:
1220
+ def rotation_period(self) -> pulumi.Output[Optional[builtins.int]]:
1220
1221
  """
1221
1222
  The amount of time in seconds Vault should wait before rotating the root credential.
1222
1223
  A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
@@ -1225,7 +1226,7 @@ class AuthBackend(pulumi.CustomResource):
1225
1226
 
1226
1227
  @property
1227
1228
  @pulumi.getter(name="rotationSchedule")
1228
- def rotation_schedule(self) -> pulumi.Output[Optional[str]]:
1229
+ def rotation_schedule(self) -> pulumi.Output[Optional[builtins.str]]:
1229
1230
  """
1230
1231
  The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
1231
1232
  defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
@@ -1234,7 +1235,7 @@ class AuthBackend(pulumi.CustomResource):
1234
1235
 
1235
1236
  @property
1236
1237
  @pulumi.getter(name="rotationWindow")
1237
- def rotation_window(self) -> pulumi.Output[Optional[int]]:
1238
+ def rotation_window(self) -> pulumi.Output[Optional[builtins.int]]:
1238
1239
  """
1239
1240
  The maximum amount of time in seconds allowed to complete
1240
1241
  a rotation when a scheduled token rotation occurs. The default rotation window is
@@ -1244,7 +1245,7 @@ class AuthBackend(pulumi.CustomResource):
1244
1245
 
1245
1246
  @property
1246
1247
  @pulumi.getter(name="serviceAccountEmail")
1247
- def service_account_email(self) -> pulumi.Output[Optional[str]]:
1248
+ def service_account_email(self) -> pulumi.Output[Optional[builtins.str]]:
1248
1249
  """
1249
1250
  Service Account to impersonate for plugin workload identity federation.
1250
1251
  Required with `identity_token_audience`. Requires Vault 1.17+. *Available only for Vault Enterprise*.