pulumi-vault 6.7.0a1743576047__py3-none-any.whl → 6.7.0a1744183682__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (264) hide show
  1. pulumi_vault/__init__.py +1 -0
  2. pulumi_vault/_inputs.py +554 -553
  3. pulumi_vault/ad/__init__.py +1 -0
  4. pulumi_vault/ad/get_access_credentials.py +20 -19
  5. pulumi_vault/ad/secret_backend.py +477 -476
  6. pulumi_vault/ad/secret_library.py +99 -98
  7. pulumi_vault/ad/secret_role.py +85 -84
  8. pulumi_vault/alicloud/__init__.py +1 -0
  9. pulumi_vault/alicloud/auth_backend_role.py +183 -182
  10. pulumi_vault/approle/__init__.py +1 -0
  11. pulumi_vault/approle/auth_backend_login.py +106 -105
  12. pulumi_vault/approle/auth_backend_role.py +239 -238
  13. pulumi_vault/approle/auth_backend_role_secret_id.py +162 -161
  14. pulumi_vault/approle/get_auth_backend_role_id.py +18 -17
  15. pulumi_vault/audit.py +85 -84
  16. pulumi_vault/audit_request_header.py +43 -42
  17. pulumi_vault/auth_backend.py +106 -105
  18. pulumi_vault/aws/__init__.py +1 -0
  19. pulumi_vault/aws/auth_backend_cert.py +71 -70
  20. pulumi_vault/aws/auth_backend_client.py +253 -252
  21. pulumi_vault/aws/auth_backend_config_identity.py +85 -84
  22. pulumi_vault/aws/auth_backend_identity_whitelist.py +57 -56
  23. pulumi_vault/aws/auth_backend_login.py +209 -208
  24. pulumi_vault/aws/auth_backend_role.py +400 -399
  25. pulumi_vault/aws/auth_backend_role_tag.py +127 -126
  26. pulumi_vault/aws/auth_backend_roletag_blacklist.py +57 -56
  27. pulumi_vault/aws/auth_backend_sts_role.py +71 -70
  28. pulumi_vault/aws/get_access_credentials.py +44 -43
  29. pulumi_vault/aws/get_static_access_credentials.py +13 -12
  30. pulumi_vault/aws/secret_backend.py +337 -336
  31. pulumi_vault/aws/secret_backend_role.py +211 -210
  32. pulumi_vault/aws/secret_backend_static_role.py +113 -112
  33. pulumi_vault/azure/__init__.py +1 -0
  34. pulumi_vault/azure/_inputs.py +21 -20
  35. pulumi_vault/azure/auth_backend_config.py +183 -182
  36. pulumi_vault/azure/auth_backend_role.py +253 -252
  37. pulumi_vault/azure/backend.py +239 -238
  38. pulumi_vault/azure/backend_role.py +141 -140
  39. pulumi_vault/azure/get_access_credentials.py +58 -57
  40. pulumi_vault/azure/outputs.py +11 -10
  41. pulumi_vault/cert_auth_backend_role.py +365 -364
  42. pulumi_vault/config/__init__.py +1 -0
  43. pulumi_vault/config/__init__.pyi +1 -0
  44. pulumi_vault/config/_inputs.py +11 -10
  45. pulumi_vault/config/outputs.py +287 -286
  46. pulumi_vault/config/ui_custom_message.py +113 -112
  47. pulumi_vault/config/vars.py +1 -0
  48. pulumi_vault/consul/__init__.py +1 -0
  49. pulumi_vault/consul/secret_backend.py +197 -196
  50. pulumi_vault/consul/secret_backend_role.py +183 -182
  51. pulumi_vault/database/__init__.py +1 -0
  52. pulumi_vault/database/_inputs.py +2525 -2524
  53. pulumi_vault/database/outputs.py +1529 -1528
  54. pulumi_vault/database/secret_backend_connection.py +169 -168
  55. pulumi_vault/database/secret_backend_role.py +169 -168
  56. pulumi_vault/database/secret_backend_static_role.py +179 -178
  57. pulumi_vault/database/secrets_mount.py +267 -266
  58. pulumi_vault/egp_policy.py +71 -70
  59. pulumi_vault/gcp/__init__.py +1 -0
  60. pulumi_vault/gcp/_inputs.py +82 -81
  61. pulumi_vault/gcp/auth_backend.py +260 -259
  62. pulumi_vault/gcp/auth_backend_role.py +281 -280
  63. pulumi_vault/gcp/get_auth_backend_role.py +70 -69
  64. pulumi_vault/gcp/outputs.py +50 -49
  65. pulumi_vault/gcp/secret_backend.py +232 -231
  66. pulumi_vault/gcp/secret_impersonated_account.py +92 -91
  67. pulumi_vault/gcp/secret_roleset.py +92 -91
  68. pulumi_vault/gcp/secret_static_account.py +92 -91
  69. pulumi_vault/generic/__init__.py +1 -0
  70. pulumi_vault/generic/endpoint.py +113 -112
  71. pulumi_vault/generic/get_secret.py +28 -27
  72. pulumi_vault/generic/secret.py +78 -77
  73. pulumi_vault/get_auth_backend.py +19 -18
  74. pulumi_vault/get_auth_backends.py +14 -13
  75. pulumi_vault/get_namespace.py +15 -14
  76. pulumi_vault/get_namespaces.py +8 -7
  77. pulumi_vault/get_nomad_access_token.py +19 -18
  78. pulumi_vault/get_policy_document.py +6 -5
  79. pulumi_vault/get_raft_autopilot_state.py +18 -17
  80. pulumi_vault/github/__init__.py +1 -0
  81. pulumi_vault/github/_inputs.py +42 -41
  82. pulumi_vault/github/auth_backend.py +232 -231
  83. pulumi_vault/github/outputs.py +26 -25
  84. pulumi_vault/github/team.py +57 -56
  85. pulumi_vault/github/user.py +57 -56
  86. pulumi_vault/identity/__init__.py +1 -0
  87. pulumi_vault/identity/entity.py +85 -84
  88. pulumi_vault/identity/entity_alias.py +71 -70
  89. pulumi_vault/identity/entity_policies.py +64 -63
  90. pulumi_vault/identity/get_entity.py +43 -42
  91. pulumi_vault/identity/get_group.py +50 -49
  92. pulumi_vault/identity/get_oidc_client_creds.py +14 -13
  93. pulumi_vault/identity/get_oidc_openid_config.py +24 -23
  94. pulumi_vault/identity/get_oidc_public_keys.py +13 -12
  95. pulumi_vault/identity/group.py +141 -140
  96. pulumi_vault/identity/group_alias.py +57 -56
  97. pulumi_vault/identity/group_member_entity_ids.py +57 -56
  98. pulumi_vault/identity/group_member_group_ids.py +57 -56
  99. pulumi_vault/identity/group_policies.py +64 -63
  100. pulumi_vault/identity/mfa_duo.py +148 -147
  101. pulumi_vault/identity/mfa_login_enforcement.py +120 -119
  102. pulumi_vault/identity/mfa_okta.py +134 -133
  103. pulumi_vault/identity/mfa_pingid.py +127 -126
  104. pulumi_vault/identity/mfa_totp.py +176 -175
  105. pulumi_vault/identity/oidc.py +29 -28
  106. pulumi_vault/identity/oidc_assignment.py +57 -56
  107. pulumi_vault/identity/oidc_client.py +127 -126
  108. pulumi_vault/identity/oidc_key.py +85 -84
  109. pulumi_vault/identity/oidc_key_allowed_client_id.py +43 -42
  110. pulumi_vault/identity/oidc_provider.py +92 -91
  111. pulumi_vault/identity/oidc_role.py +85 -84
  112. pulumi_vault/identity/oidc_scope.py +57 -56
  113. pulumi_vault/identity/outputs.py +32 -31
  114. pulumi_vault/jwt/__init__.py +1 -0
  115. pulumi_vault/jwt/_inputs.py +42 -41
  116. pulumi_vault/jwt/auth_backend.py +288 -287
  117. pulumi_vault/jwt/auth_backend_role.py +407 -406
  118. pulumi_vault/jwt/outputs.py +26 -25
  119. pulumi_vault/kmip/__init__.py +1 -0
  120. pulumi_vault/kmip/secret_backend.py +183 -182
  121. pulumi_vault/kmip/secret_role.py +295 -294
  122. pulumi_vault/kmip/secret_scope.py +57 -56
  123. pulumi_vault/kubernetes/__init__.py +1 -0
  124. pulumi_vault/kubernetes/auth_backend_config.py +141 -140
  125. pulumi_vault/kubernetes/auth_backend_role.py +225 -224
  126. pulumi_vault/kubernetes/get_auth_backend_config.py +47 -46
  127. pulumi_vault/kubernetes/get_auth_backend_role.py +70 -69
  128. pulumi_vault/kubernetes/get_service_account_token.py +38 -37
  129. pulumi_vault/kubernetes/secret_backend.py +316 -315
  130. pulumi_vault/kubernetes/secret_backend_role.py +197 -196
  131. pulumi_vault/kv/__init__.py +1 -0
  132. pulumi_vault/kv/_inputs.py +21 -20
  133. pulumi_vault/kv/get_secret.py +17 -16
  134. pulumi_vault/kv/get_secret_subkeys_v2.py +30 -29
  135. pulumi_vault/kv/get_secret_v2.py +29 -28
  136. pulumi_vault/kv/get_secrets_list.py +13 -12
  137. pulumi_vault/kv/get_secrets_list_v2.py +19 -18
  138. pulumi_vault/kv/outputs.py +13 -12
  139. pulumi_vault/kv/secret.py +50 -49
  140. pulumi_vault/kv/secret_backend_v2.py +71 -70
  141. pulumi_vault/kv/secret_v2.py +134 -133
  142. pulumi_vault/ldap/__init__.py +1 -0
  143. pulumi_vault/ldap/auth_backend.py +588 -587
  144. pulumi_vault/ldap/auth_backend_group.py +57 -56
  145. pulumi_vault/ldap/auth_backend_user.py +71 -70
  146. pulumi_vault/ldap/get_dynamic_credentials.py +17 -16
  147. pulumi_vault/ldap/get_static_credentials.py +18 -17
  148. pulumi_vault/ldap/secret_backend.py +554 -553
  149. pulumi_vault/ldap/secret_backend_dynamic_role.py +127 -126
  150. pulumi_vault/ldap/secret_backend_library_set.py +99 -98
  151. pulumi_vault/ldap/secret_backend_static_role.py +99 -98
  152. pulumi_vault/managed/__init__.py +1 -0
  153. pulumi_vault/managed/_inputs.py +229 -228
  154. pulumi_vault/managed/keys.py +15 -14
  155. pulumi_vault/managed/outputs.py +139 -138
  156. pulumi_vault/mfa_duo.py +113 -112
  157. pulumi_vault/mfa_okta.py +113 -112
  158. pulumi_vault/mfa_pingid.py +120 -119
  159. pulumi_vault/mfa_totp.py +127 -126
  160. pulumi_vault/mongodbatlas/__init__.py +1 -0
  161. pulumi_vault/mongodbatlas/secret_backend.py +64 -63
  162. pulumi_vault/mongodbatlas/secret_role.py +155 -154
  163. pulumi_vault/mount.py +274 -273
  164. pulumi_vault/namespace.py +64 -63
  165. pulumi_vault/nomad_secret_backend.py +211 -210
  166. pulumi_vault/nomad_secret_role.py +85 -84
  167. pulumi_vault/okta/__init__.py +1 -0
  168. pulumi_vault/okta/_inputs.py +26 -25
  169. pulumi_vault/okta/auth_backend.py +274 -273
  170. pulumi_vault/okta/auth_backend_group.py +57 -56
  171. pulumi_vault/okta/auth_backend_user.py +71 -70
  172. pulumi_vault/okta/outputs.py +16 -15
  173. pulumi_vault/outputs.py +56 -55
  174. pulumi_vault/password_policy.py +43 -42
  175. pulumi_vault/pkisecret/__init__.py +1 -0
  176. pulumi_vault/pkisecret/_inputs.py +31 -30
  177. pulumi_vault/pkisecret/backend_acme_eab.py +92 -91
  178. pulumi_vault/pkisecret/backend_config_acme.py +141 -140
  179. pulumi_vault/pkisecret/backend_config_auto_tidy.py +323 -322
  180. pulumi_vault/pkisecret/backend_config_cluster.py +57 -56
  181. pulumi_vault/pkisecret/backend_config_cmpv2.py +106 -105
  182. pulumi_vault/pkisecret/backend_config_est.py +120 -119
  183. pulumi_vault/pkisecret/get_backend_cert_metadata.py +22 -21
  184. pulumi_vault/pkisecret/get_backend_config_cmpv2.py +22 -21
  185. pulumi_vault/pkisecret/get_backend_config_est.py +19 -18
  186. pulumi_vault/pkisecret/get_backend_issuer.py +45 -44
  187. pulumi_vault/pkisecret/get_backend_issuers.py +15 -14
  188. pulumi_vault/pkisecret/get_backend_key.py +20 -19
  189. pulumi_vault/pkisecret/get_backend_keys.py +15 -14
  190. pulumi_vault/pkisecret/outputs.py +28 -27
  191. pulumi_vault/pkisecret/secret_backend_cert.py +337 -336
  192. pulumi_vault/pkisecret/secret_backend_config_ca.py +43 -42
  193. pulumi_vault/pkisecret/secret_backend_config_issuers.py +57 -56
  194. pulumi_vault/pkisecret/secret_backend_config_urls.py +85 -84
  195. pulumi_vault/pkisecret/secret_backend_crl_config.py +197 -196
  196. pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +421 -420
  197. pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +57 -56
  198. pulumi_vault/pkisecret/secret_backend_issuer.py +232 -231
  199. pulumi_vault/pkisecret/secret_backend_key.py +120 -119
  200. pulumi_vault/pkisecret/secret_backend_role.py +715 -714
  201. pulumi_vault/pkisecret/secret_backend_root_cert.py +554 -553
  202. pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +526 -525
  203. pulumi_vault/pkisecret/secret_backend_sign.py +281 -280
  204. pulumi_vault/plugin.py +127 -126
  205. pulumi_vault/plugin_pinned_version.py +43 -42
  206. pulumi_vault/policy.py +43 -42
  207. pulumi_vault/provider.py +120 -119
  208. pulumi_vault/pulumi-plugin.json +1 -1
  209. pulumi_vault/quota_lease_count.py +85 -84
  210. pulumi_vault/quota_rate_limit.py +113 -112
  211. pulumi_vault/rabbitmq/__init__.py +1 -0
  212. pulumi_vault/rabbitmq/_inputs.py +41 -40
  213. pulumi_vault/rabbitmq/outputs.py +25 -24
  214. pulumi_vault/rabbitmq/secret_backend.py +169 -168
  215. pulumi_vault/rabbitmq/secret_backend_role.py +57 -56
  216. pulumi_vault/raft_autopilot.py +113 -112
  217. pulumi_vault/raft_snapshot_agent_config.py +393 -392
  218. pulumi_vault/rgp_policy.py +57 -56
  219. pulumi_vault/saml/__init__.py +1 -0
  220. pulumi_vault/saml/auth_backend.py +155 -154
  221. pulumi_vault/saml/auth_backend_role.py +239 -238
  222. pulumi_vault/secrets/__init__.py +1 -0
  223. pulumi_vault/secrets/_inputs.py +16 -15
  224. pulumi_vault/secrets/outputs.py +10 -9
  225. pulumi_vault/secrets/sync_association.py +71 -70
  226. pulumi_vault/secrets/sync_aws_destination.py +148 -147
  227. pulumi_vault/secrets/sync_azure_destination.py +148 -147
  228. pulumi_vault/secrets/sync_config.py +43 -42
  229. pulumi_vault/secrets/sync_gcp_destination.py +106 -105
  230. pulumi_vault/secrets/sync_gh_destination.py +134 -133
  231. pulumi_vault/secrets/sync_github_apps.py +64 -63
  232. pulumi_vault/secrets/sync_vercel_destination.py +120 -119
  233. pulumi_vault/ssh/__init__.py +1 -0
  234. pulumi_vault/ssh/_inputs.py +11 -10
  235. pulumi_vault/ssh/get_secret_backend_sign.py +52 -51
  236. pulumi_vault/ssh/outputs.py +7 -6
  237. pulumi_vault/ssh/secret_backend_ca.py +99 -98
  238. pulumi_vault/ssh/secret_backend_role.py +365 -364
  239. pulumi_vault/terraformcloud/__init__.py +1 -0
  240. pulumi_vault/terraformcloud/secret_backend.py +111 -110
  241. pulumi_vault/terraformcloud/secret_creds.py +74 -73
  242. pulumi_vault/terraformcloud/secret_role.py +93 -92
  243. pulumi_vault/token.py +246 -245
  244. pulumi_vault/tokenauth/__init__.py +1 -0
  245. pulumi_vault/tokenauth/auth_backend_role.py +267 -266
  246. pulumi_vault/transform/__init__.py +1 -0
  247. pulumi_vault/transform/alphabet.py +57 -56
  248. pulumi_vault/transform/get_decode.py +47 -46
  249. pulumi_vault/transform/get_encode.py +47 -46
  250. pulumi_vault/transform/role.py +57 -56
  251. pulumi_vault/transform/template.py +113 -112
  252. pulumi_vault/transform/transformation.py +141 -140
  253. pulumi_vault/transit/__init__.py +1 -0
  254. pulumi_vault/transit/get_decrypt.py +18 -17
  255. pulumi_vault/transit/get_encrypt.py +21 -20
  256. pulumi_vault/transit/get_sign.py +54 -53
  257. pulumi_vault/transit/get_verify.py +60 -59
  258. pulumi_vault/transit/secret_backend_key.py +274 -273
  259. pulumi_vault/transit/secret_cache_config.py +43 -42
  260. {pulumi_vault-6.7.0a1743576047.dist-info → pulumi_vault-6.7.0a1744183682.dist-info}/METADATA +1 -1
  261. pulumi_vault-6.7.0a1744183682.dist-info/RECORD +265 -0
  262. pulumi_vault-6.7.0a1743576047.dist-info/RECORD +0 -265
  263. {pulumi_vault-6.7.0a1743576047.dist-info → pulumi_vault-6.7.0a1744183682.dist-info}/WHEEL +0 -0
  264. {pulumi_vault-6.7.0a1743576047.dist-info → pulumi_vault-6.7.0a1744183682.dist-info}/top_level.txt +0 -0
@@ -2,6 +2,7 @@
2
2
  # *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
3
3
  # *** Do not edit by hand unless you're certain you know what you are doing! ***
4
4
 
5
+ import builtins
5
6
  import copy
6
7
  import warnings
7
8
  import sys
@@ -19,101 +20,101 @@ __all__ = ['SecretBackendArgs', 'SecretBackend']
19
20
  @pulumi.input_type
20
21
  class SecretBackendArgs:
21
22
  def __init__(__self__, *,
22
- binddn: pulumi.Input[str],
23
- bindpass: pulumi.Input[str],
24
- allowed_managed_keys: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
25
- allowed_response_headers: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
26
- audit_non_hmac_request_keys: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
27
- audit_non_hmac_response_keys: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
28
- certificate: Optional[pulumi.Input[str]] = None,
29
- client_tls_cert: Optional[pulumi.Input[str]] = None,
30
- client_tls_key: Optional[pulumi.Input[str]] = None,
31
- connection_timeout: Optional[pulumi.Input[int]] = None,
32
- default_lease_ttl_seconds: Optional[pulumi.Input[int]] = None,
33
- delegated_auth_accessors: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
34
- description: Optional[pulumi.Input[str]] = None,
35
- disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
36
- disable_remount: Optional[pulumi.Input[bool]] = None,
37
- external_entropy_access: Optional[pulumi.Input[bool]] = None,
38
- identity_token_key: Optional[pulumi.Input[str]] = None,
39
- insecure_tls: Optional[pulumi.Input[bool]] = None,
40
- listing_visibility: Optional[pulumi.Input[str]] = None,
41
- local: Optional[pulumi.Input[bool]] = None,
42
- max_lease_ttl_seconds: Optional[pulumi.Input[int]] = None,
43
- namespace: Optional[pulumi.Input[str]] = None,
44
- options: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
45
- passthrough_request_headers: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
46
- password_policy: Optional[pulumi.Input[str]] = None,
47
- path: Optional[pulumi.Input[str]] = None,
48
- plugin_version: Optional[pulumi.Input[str]] = None,
49
- request_timeout: Optional[pulumi.Input[int]] = None,
50
- rotation_period: Optional[pulumi.Input[int]] = None,
51
- rotation_schedule: Optional[pulumi.Input[str]] = None,
52
- rotation_window: Optional[pulumi.Input[int]] = None,
53
- schema: Optional[pulumi.Input[str]] = None,
54
- seal_wrap: Optional[pulumi.Input[bool]] = None,
55
- skip_static_role_import_rotation: Optional[pulumi.Input[bool]] = None,
56
- starttls: Optional[pulumi.Input[bool]] = None,
57
- upndomain: Optional[pulumi.Input[str]] = None,
58
- url: Optional[pulumi.Input[str]] = None,
59
- userattr: Optional[pulumi.Input[str]] = None,
60
- userdn: Optional[pulumi.Input[str]] = None):
23
+ binddn: pulumi.Input[builtins.str],
24
+ bindpass: pulumi.Input[builtins.str],
25
+ allowed_managed_keys: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
26
+ allowed_response_headers: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
27
+ audit_non_hmac_request_keys: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
28
+ audit_non_hmac_response_keys: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
29
+ certificate: Optional[pulumi.Input[builtins.str]] = None,
30
+ client_tls_cert: Optional[pulumi.Input[builtins.str]] = None,
31
+ client_tls_key: Optional[pulumi.Input[builtins.str]] = None,
32
+ connection_timeout: Optional[pulumi.Input[builtins.int]] = None,
33
+ default_lease_ttl_seconds: Optional[pulumi.Input[builtins.int]] = None,
34
+ delegated_auth_accessors: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
35
+ description: Optional[pulumi.Input[builtins.str]] = None,
36
+ disable_automated_rotation: Optional[pulumi.Input[builtins.bool]] = None,
37
+ disable_remount: Optional[pulumi.Input[builtins.bool]] = None,
38
+ external_entropy_access: Optional[pulumi.Input[builtins.bool]] = None,
39
+ identity_token_key: Optional[pulumi.Input[builtins.str]] = None,
40
+ insecure_tls: Optional[pulumi.Input[builtins.bool]] = None,
41
+ listing_visibility: Optional[pulumi.Input[builtins.str]] = None,
42
+ local: Optional[pulumi.Input[builtins.bool]] = None,
43
+ max_lease_ttl_seconds: Optional[pulumi.Input[builtins.int]] = None,
44
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
45
+ options: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
46
+ passthrough_request_headers: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
47
+ password_policy: Optional[pulumi.Input[builtins.str]] = None,
48
+ path: Optional[pulumi.Input[builtins.str]] = None,
49
+ plugin_version: Optional[pulumi.Input[builtins.str]] = None,
50
+ request_timeout: Optional[pulumi.Input[builtins.int]] = None,
51
+ rotation_period: Optional[pulumi.Input[builtins.int]] = None,
52
+ rotation_schedule: Optional[pulumi.Input[builtins.str]] = None,
53
+ rotation_window: Optional[pulumi.Input[builtins.int]] = None,
54
+ schema: Optional[pulumi.Input[builtins.str]] = None,
55
+ seal_wrap: Optional[pulumi.Input[builtins.bool]] = None,
56
+ skip_static_role_import_rotation: Optional[pulumi.Input[builtins.bool]] = None,
57
+ starttls: Optional[pulumi.Input[builtins.bool]] = None,
58
+ upndomain: Optional[pulumi.Input[builtins.str]] = None,
59
+ url: Optional[pulumi.Input[builtins.str]] = None,
60
+ userattr: Optional[pulumi.Input[builtins.str]] = None,
61
+ userdn: Optional[pulumi.Input[builtins.str]] = None):
61
62
  """
62
63
  The set of arguments for constructing a SecretBackend resource.
63
- :param pulumi.Input[str] binddn: Distinguished name of object to bind when performing user and group search.
64
- :param pulumi.Input[str] bindpass: Password to use along with binddn when performing user search.
65
- :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_managed_keys: List of managed key registry entry names that the mount in question is allowed to access
66
- :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_response_headers: List of headers to allow and pass from the request to the plugin
67
- :param pulumi.Input[Sequence[pulumi.Input[str]]] audit_non_hmac_request_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
68
- :param pulumi.Input[Sequence[pulumi.Input[str]]] audit_non_hmac_response_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
69
- :param pulumi.Input[str] certificate: CA certificate to use when verifying LDAP server certificate, must be
64
+ :param pulumi.Input[builtins.str] binddn: Distinguished name of object to bind when performing user and group search.
65
+ :param pulumi.Input[builtins.str] bindpass: Password to use along with binddn when performing user search.
66
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_managed_keys: List of managed key registry entry names that the mount in question is allowed to access
67
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_response_headers: List of headers to allow and pass from the request to the plugin
68
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] audit_non_hmac_request_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
69
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] audit_non_hmac_response_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
70
+ :param pulumi.Input[builtins.str] certificate: CA certificate to use when verifying LDAP server certificate, must be
70
71
  x509 PEM encoded.
71
- :param pulumi.Input[str] client_tls_cert: Client certificate to provide to the LDAP server, must be x509 PEM encoded.
72
- :param pulumi.Input[str] client_tls_key: Client certificate key to provide to the LDAP server, must be x509 PEM encoded.
73
- :param pulumi.Input[int] connection_timeout: Timeout, in seconds, when attempting to connect to the LDAP server before trying
72
+ :param pulumi.Input[builtins.str] client_tls_cert: Client certificate to provide to the LDAP server, must be x509 PEM encoded.
73
+ :param pulumi.Input[builtins.str] client_tls_key: Client certificate key to provide to the LDAP server, must be x509 PEM encoded.
74
+ :param pulumi.Input[builtins.int] connection_timeout: Timeout, in seconds, when attempting to connect to the LDAP server before trying
74
75
  the next URL in the configuration.
75
- :param pulumi.Input[int] default_lease_ttl_seconds: Default lease duration for secrets in seconds.
76
- :param pulumi.Input[Sequence[pulumi.Input[str]]] delegated_auth_accessors: List of headers to allow and pass from the request to the plugin
77
- :param pulumi.Input[str] description: Human-friendly description of the mount for the Active Directory backend.
78
- :param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
79
- :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
80
- :param pulumi.Input[bool] external_entropy_access: Enable the secrets engine to access Vault's external entropy source
81
- :param pulumi.Input[str] identity_token_key: The key to use for signing plugin workload identity tokens
82
- :param pulumi.Input[bool] insecure_tls: Skip LDAP server SSL Certificate verification. This is not recommended for production.
76
+ :param pulumi.Input[builtins.int] default_lease_ttl_seconds: Default lease duration for secrets in seconds.
77
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] delegated_auth_accessors: List of headers to allow and pass from the request to the plugin
78
+ :param pulumi.Input[builtins.str] description: Human-friendly description of the mount for the Active Directory backend.
79
+ :param pulumi.Input[builtins.bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
80
+ :param pulumi.Input[builtins.bool] disable_remount: If set, opts out of mount migration on path updates.
81
+ :param pulumi.Input[builtins.bool] external_entropy_access: Enable the secrets engine to access Vault's external entropy source
82
+ :param pulumi.Input[builtins.str] identity_token_key: The key to use for signing plugin workload identity tokens
83
+ :param pulumi.Input[builtins.bool] insecure_tls: Skip LDAP server SSL Certificate verification. This is not recommended for production.
83
84
  Defaults to `false`.
84
- :param pulumi.Input[str] listing_visibility: Specifies whether to show this mount in the UI-specific listing endpoint
85
- :param pulumi.Input[bool] local: Mark the secrets engine as local-only. Local engines are not replicated or removed by
85
+ :param pulumi.Input[builtins.str] listing_visibility: Specifies whether to show this mount in the UI-specific listing endpoint
86
+ :param pulumi.Input[builtins.bool] local: Mark the secrets engine as local-only. Local engines are not replicated or removed by
86
87
  replication.Tolerance duration to use when checking the last rotation time.
87
- :param pulumi.Input[int] max_lease_ttl_seconds: Maximum possible lease duration for secrets in seconds.
88
- :param pulumi.Input[str] namespace: The namespace to provision the resource in.
88
+ :param pulumi.Input[builtins.int] max_lease_ttl_seconds: Maximum possible lease duration for secrets in seconds.
89
+ :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
89
90
  The value should not contain leading or trailing forward slashes.
90
91
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
91
92
  *Available only for Vault Enterprise*.
92
- :param pulumi.Input[Mapping[str, pulumi.Input[str]]] options: Specifies mount type specific options that are passed to the backend
93
- :param pulumi.Input[Sequence[pulumi.Input[str]]] passthrough_request_headers: List of headers to allow and pass from the request to the plugin
94
- :param pulumi.Input[str] password_policy: Name of the password policy to use to generate passwords.
95
- :param pulumi.Input[str] path: The unique path this backend should be mounted at. Must
93
+ :param pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]] options: Specifies mount type specific options that are passed to the backend
94
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] passthrough_request_headers: List of headers to allow and pass from the request to the plugin
95
+ :param pulumi.Input[builtins.str] password_policy: Name of the password policy to use to generate passwords.
96
+ :param pulumi.Input[builtins.str] path: The unique path this backend should be mounted at. Must
96
97
  not begin or end with a `/`. Defaults to `ldap`.
97
- :param pulumi.Input[str] plugin_version: Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
98
- :param pulumi.Input[int] request_timeout: Timeout, in seconds, for the connection when making requests against the server
98
+ :param pulumi.Input[builtins.str] plugin_version: Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
99
+ :param pulumi.Input[builtins.int] request_timeout: Timeout, in seconds, for the connection when making requests against the server
99
100
  before returning back an error.
100
- :param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
101
+ :param pulumi.Input[builtins.int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
101
102
  A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
102
- :param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
103
+ :param pulumi.Input[builtins.str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
103
104
  defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
104
- :param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
105
+ :param pulumi.Input[builtins.int] rotation_window: The maximum amount of time in seconds allowed to complete
105
106
  a rotation when a scheduled token rotation occurs. The default rotation window is
106
107
  unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
107
- :param pulumi.Input[str] schema: The LDAP schema to use when storing entry passwords. Valid schemas include `openldap`, `ad`, and `racf`. Default is `openldap`.
108
- :param pulumi.Input[bool] seal_wrap: Enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
109
- :param pulumi.Input[bool] skip_static_role_import_rotation: If set to true, static roles will not be rotated during import.
108
+ :param pulumi.Input[builtins.str] schema: The LDAP schema to use when storing entry passwords. Valid schemas include `openldap`, `ad`, and `racf`. Default is `openldap`.
109
+ :param pulumi.Input[builtins.bool] seal_wrap: Enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
110
+ :param pulumi.Input[builtins.bool] skip_static_role_import_rotation: If set to true, static roles will not be rotated during import.
110
111
  Defaults to false. Requires Vault 1.16 or above.
111
- :param pulumi.Input[bool] starttls: Issue a StartTLS command after establishing unencrypted connection.
112
- :param pulumi.Input[str] upndomain: Enables userPrincipalDomain login with [username]@UPNDomain.
113
- :param pulumi.Input[str] url: LDAP URL to connect to. Multiple URLs can be specified by concatenating
112
+ :param pulumi.Input[builtins.bool] starttls: Issue a StartTLS command after establishing unencrypted connection.
113
+ :param pulumi.Input[builtins.str] upndomain: Enables userPrincipalDomain login with [username]@UPNDomain.
114
+ :param pulumi.Input[builtins.str] url: LDAP URL to connect to. Multiple URLs can be specified by concatenating
114
115
  them with commas; they will be tried in-order. Defaults to `ldap://127.0.0.1`.
115
- :param pulumi.Input[str] userattr: Attribute used when searching users. Defaults to `cn`.
116
- :param pulumi.Input[str] userdn: LDAP domain to use for users (eg: ou=People,dc=example,dc=org)`.
116
+ :param pulumi.Input[builtins.str] userattr: Attribute used when searching users. Defaults to `cn`.
117
+ :param pulumi.Input[builtins.str] userdn: LDAP domain to use for users (eg: ou=People,dc=example,dc=org)`.
117
118
  """
118
119
  pulumi.set(__self__, "binddn", binddn)
119
120
  pulumi.set(__self__, "bindpass", bindpass)
@@ -194,79 +195,79 @@ class SecretBackendArgs:
194
195
 
195
196
  @property
196
197
  @pulumi.getter
197
- def binddn(self) -> pulumi.Input[str]:
198
+ def binddn(self) -> pulumi.Input[builtins.str]:
198
199
  """
199
200
  Distinguished name of object to bind when performing user and group search.
200
201
  """
201
202
  return pulumi.get(self, "binddn")
202
203
 
203
204
  @binddn.setter
204
- def binddn(self, value: pulumi.Input[str]):
205
+ def binddn(self, value: pulumi.Input[builtins.str]):
205
206
  pulumi.set(self, "binddn", value)
206
207
 
207
208
  @property
208
209
  @pulumi.getter
209
- def bindpass(self) -> pulumi.Input[str]:
210
+ def bindpass(self) -> pulumi.Input[builtins.str]:
210
211
  """
211
212
  Password to use along with binddn when performing user search.
212
213
  """
213
214
  return pulumi.get(self, "bindpass")
214
215
 
215
216
  @bindpass.setter
216
- def bindpass(self, value: pulumi.Input[str]):
217
+ def bindpass(self, value: pulumi.Input[builtins.str]):
217
218
  pulumi.set(self, "bindpass", value)
218
219
 
219
220
  @property
220
221
  @pulumi.getter(name="allowedManagedKeys")
221
- def allowed_managed_keys(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
222
+ def allowed_managed_keys(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
222
223
  """
223
224
  List of managed key registry entry names that the mount in question is allowed to access
224
225
  """
225
226
  return pulumi.get(self, "allowed_managed_keys")
226
227
 
227
228
  @allowed_managed_keys.setter
228
- def allowed_managed_keys(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
229
+ def allowed_managed_keys(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
229
230
  pulumi.set(self, "allowed_managed_keys", value)
230
231
 
231
232
  @property
232
233
  @pulumi.getter(name="allowedResponseHeaders")
233
- def allowed_response_headers(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
234
+ def allowed_response_headers(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
234
235
  """
235
236
  List of headers to allow and pass from the request to the plugin
236
237
  """
237
238
  return pulumi.get(self, "allowed_response_headers")
238
239
 
239
240
  @allowed_response_headers.setter
240
- def allowed_response_headers(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
241
+ def allowed_response_headers(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
241
242
  pulumi.set(self, "allowed_response_headers", value)
242
243
 
243
244
  @property
244
245
  @pulumi.getter(name="auditNonHmacRequestKeys")
245
- def audit_non_hmac_request_keys(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
246
+ def audit_non_hmac_request_keys(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
246
247
  """
247
248
  Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
248
249
  """
249
250
  return pulumi.get(self, "audit_non_hmac_request_keys")
250
251
 
251
252
  @audit_non_hmac_request_keys.setter
252
- def audit_non_hmac_request_keys(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
253
+ def audit_non_hmac_request_keys(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
253
254
  pulumi.set(self, "audit_non_hmac_request_keys", value)
254
255
 
255
256
  @property
256
257
  @pulumi.getter(name="auditNonHmacResponseKeys")
257
- def audit_non_hmac_response_keys(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
258
+ def audit_non_hmac_response_keys(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
258
259
  """
259
260
  Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
260
261
  """
261
262
  return pulumi.get(self, "audit_non_hmac_response_keys")
262
263
 
263
264
  @audit_non_hmac_response_keys.setter
264
- def audit_non_hmac_response_keys(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
265
+ def audit_non_hmac_response_keys(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
265
266
  pulumi.set(self, "audit_non_hmac_response_keys", value)
266
267
 
267
268
  @property
268
269
  @pulumi.getter
269
- def certificate(self) -> Optional[pulumi.Input[str]]:
270
+ def certificate(self) -> Optional[pulumi.Input[builtins.str]]:
270
271
  """
271
272
  CA certificate to use when verifying LDAP server certificate, must be
272
273
  x509 PEM encoded.
@@ -274,36 +275,36 @@ class SecretBackendArgs:
274
275
  return pulumi.get(self, "certificate")
275
276
 
276
277
  @certificate.setter
277
- def certificate(self, value: Optional[pulumi.Input[str]]):
278
+ def certificate(self, value: Optional[pulumi.Input[builtins.str]]):
278
279
  pulumi.set(self, "certificate", value)
279
280
 
280
281
  @property
281
282
  @pulumi.getter(name="clientTlsCert")
282
- def client_tls_cert(self) -> Optional[pulumi.Input[str]]:
283
+ def client_tls_cert(self) -> Optional[pulumi.Input[builtins.str]]:
283
284
  """
284
285
  Client certificate to provide to the LDAP server, must be x509 PEM encoded.
285
286
  """
286
287
  return pulumi.get(self, "client_tls_cert")
287
288
 
288
289
  @client_tls_cert.setter
289
- def client_tls_cert(self, value: Optional[pulumi.Input[str]]):
290
+ def client_tls_cert(self, value: Optional[pulumi.Input[builtins.str]]):
290
291
  pulumi.set(self, "client_tls_cert", value)
291
292
 
292
293
  @property
293
294
  @pulumi.getter(name="clientTlsKey")
294
- def client_tls_key(self) -> Optional[pulumi.Input[str]]:
295
+ def client_tls_key(self) -> Optional[pulumi.Input[builtins.str]]:
295
296
  """
296
297
  Client certificate key to provide to the LDAP server, must be x509 PEM encoded.
297
298
  """
298
299
  return pulumi.get(self, "client_tls_key")
299
300
 
300
301
  @client_tls_key.setter
301
- def client_tls_key(self, value: Optional[pulumi.Input[str]]):
302
+ def client_tls_key(self, value: Optional[pulumi.Input[builtins.str]]):
302
303
  pulumi.set(self, "client_tls_key", value)
303
304
 
304
305
  @property
305
306
  @pulumi.getter(name="connectionTimeout")
306
- def connection_timeout(self) -> Optional[pulumi.Input[int]]:
307
+ def connection_timeout(self) -> Optional[pulumi.Input[builtins.int]]:
307
308
  """
308
309
  Timeout, in seconds, when attempting to connect to the LDAP server before trying
309
310
  the next URL in the configuration.
@@ -311,96 +312,96 @@ class SecretBackendArgs:
311
312
  return pulumi.get(self, "connection_timeout")
312
313
 
313
314
  @connection_timeout.setter
314
- def connection_timeout(self, value: Optional[pulumi.Input[int]]):
315
+ def connection_timeout(self, value: Optional[pulumi.Input[builtins.int]]):
315
316
  pulumi.set(self, "connection_timeout", value)
316
317
 
317
318
  @property
318
319
  @pulumi.getter(name="defaultLeaseTtlSeconds")
319
- def default_lease_ttl_seconds(self) -> Optional[pulumi.Input[int]]:
320
+ def default_lease_ttl_seconds(self) -> Optional[pulumi.Input[builtins.int]]:
320
321
  """
321
322
  Default lease duration for secrets in seconds.
322
323
  """
323
324
  return pulumi.get(self, "default_lease_ttl_seconds")
324
325
 
325
326
  @default_lease_ttl_seconds.setter
326
- def default_lease_ttl_seconds(self, value: Optional[pulumi.Input[int]]):
327
+ def default_lease_ttl_seconds(self, value: Optional[pulumi.Input[builtins.int]]):
327
328
  pulumi.set(self, "default_lease_ttl_seconds", value)
328
329
 
329
330
  @property
330
331
  @pulumi.getter(name="delegatedAuthAccessors")
331
- def delegated_auth_accessors(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
332
+ def delegated_auth_accessors(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
332
333
  """
333
334
  List of headers to allow and pass from the request to the plugin
334
335
  """
335
336
  return pulumi.get(self, "delegated_auth_accessors")
336
337
 
337
338
  @delegated_auth_accessors.setter
338
- def delegated_auth_accessors(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
339
+ def delegated_auth_accessors(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
339
340
  pulumi.set(self, "delegated_auth_accessors", value)
340
341
 
341
342
  @property
342
343
  @pulumi.getter
343
- def description(self) -> Optional[pulumi.Input[str]]:
344
+ def description(self) -> Optional[pulumi.Input[builtins.str]]:
344
345
  """
345
346
  Human-friendly description of the mount for the Active Directory backend.
346
347
  """
347
348
  return pulumi.get(self, "description")
348
349
 
349
350
  @description.setter
350
- def description(self, value: Optional[pulumi.Input[str]]):
351
+ def description(self, value: Optional[pulumi.Input[builtins.str]]):
351
352
  pulumi.set(self, "description", value)
352
353
 
353
354
  @property
354
355
  @pulumi.getter(name="disableAutomatedRotation")
355
- def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
356
+ def disable_automated_rotation(self) -> Optional[pulumi.Input[builtins.bool]]:
356
357
  """
357
358
  Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
358
359
  """
359
360
  return pulumi.get(self, "disable_automated_rotation")
360
361
 
361
362
  @disable_automated_rotation.setter
362
- def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
363
+ def disable_automated_rotation(self, value: Optional[pulumi.Input[builtins.bool]]):
363
364
  pulumi.set(self, "disable_automated_rotation", value)
364
365
 
365
366
  @property
366
367
  @pulumi.getter(name="disableRemount")
367
- def disable_remount(self) -> Optional[pulumi.Input[bool]]:
368
+ def disable_remount(self) -> Optional[pulumi.Input[builtins.bool]]:
368
369
  """
369
370
  If set, opts out of mount migration on path updates.
370
371
  """
371
372
  return pulumi.get(self, "disable_remount")
372
373
 
373
374
  @disable_remount.setter
374
- def disable_remount(self, value: Optional[pulumi.Input[bool]]):
375
+ def disable_remount(self, value: Optional[pulumi.Input[builtins.bool]]):
375
376
  pulumi.set(self, "disable_remount", value)
376
377
 
377
378
  @property
378
379
  @pulumi.getter(name="externalEntropyAccess")
379
- def external_entropy_access(self) -> Optional[pulumi.Input[bool]]:
380
+ def external_entropy_access(self) -> Optional[pulumi.Input[builtins.bool]]:
380
381
  """
381
382
  Enable the secrets engine to access Vault's external entropy source
382
383
  """
383
384
  return pulumi.get(self, "external_entropy_access")
384
385
 
385
386
  @external_entropy_access.setter
386
- def external_entropy_access(self, value: Optional[pulumi.Input[bool]]):
387
+ def external_entropy_access(self, value: Optional[pulumi.Input[builtins.bool]]):
387
388
  pulumi.set(self, "external_entropy_access", value)
388
389
 
389
390
  @property
390
391
  @pulumi.getter(name="identityTokenKey")
391
- def identity_token_key(self) -> Optional[pulumi.Input[str]]:
392
+ def identity_token_key(self) -> Optional[pulumi.Input[builtins.str]]:
392
393
  """
393
394
  The key to use for signing plugin workload identity tokens
394
395
  """
395
396
  return pulumi.get(self, "identity_token_key")
396
397
 
397
398
  @identity_token_key.setter
398
- def identity_token_key(self, value: Optional[pulumi.Input[str]]):
399
+ def identity_token_key(self, value: Optional[pulumi.Input[builtins.str]]):
399
400
  pulumi.set(self, "identity_token_key", value)
400
401
 
401
402
  @property
402
403
  @pulumi.getter(name="insecureTls")
403
- def insecure_tls(self) -> Optional[pulumi.Input[bool]]:
404
+ def insecure_tls(self) -> Optional[pulumi.Input[builtins.bool]]:
404
405
  """
405
406
  Skip LDAP server SSL Certificate verification. This is not recommended for production.
406
407
  Defaults to `false`.
@@ -408,24 +409,24 @@ class SecretBackendArgs:
408
409
  return pulumi.get(self, "insecure_tls")
409
410
 
410
411
  @insecure_tls.setter
411
- def insecure_tls(self, value: Optional[pulumi.Input[bool]]):
412
+ def insecure_tls(self, value: Optional[pulumi.Input[builtins.bool]]):
412
413
  pulumi.set(self, "insecure_tls", value)
413
414
 
414
415
  @property
415
416
  @pulumi.getter(name="listingVisibility")
416
- def listing_visibility(self) -> Optional[pulumi.Input[str]]:
417
+ def listing_visibility(self) -> Optional[pulumi.Input[builtins.str]]:
417
418
  """
418
419
  Specifies whether to show this mount in the UI-specific listing endpoint
419
420
  """
420
421
  return pulumi.get(self, "listing_visibility")
421
422
 
422
423
  @listing_visibility.setter
423
- def listing_visibility(self, value: Optional[pulumi.Input[str]]):
424
+ def listing_visibility(self, value: Optional[pulumi.Input[builtins.str]]):
424
425
  pulumi.set(self, "listing_visibility", value)
425
426
 
426
427
  @property
427
428
  @pulumi.getter
428
- def local(self) -> Optional[pulumi.Input[bool]]:
429
+ def local(self) -> Optional[pulumi.Input[builtins.bool]]:
429
430
  """
430
431
  Mark the secrets engine as local-only. Local engines are not replicated or removed by
431
432
  replication.Tolerance duration to use when checking the last rotation time.
@@ -433,24 +434,24 @@ class SecretBackendArgs:
433
434
  return pulumi.get(self, "local")
434
435
 
435
436
  @local.setter
436
- def local(self, value: Optional[pulumi.Input[bool]]):
437
+ def local(self, value: Optional[pulumi.Input[builtins.bool]]):
437
438
  pulumi.set(self, "local", value)
438
439
 
439
440
  @property
440
441
  @pulumi.getter(name="maxLeaseTtlSeconds")
441
- def max_lease_ttl_seconds(self) -> Optional[pulumi.Input[int]]:
442
+ def max_lease_ttl_seconds(self) -> Optional[pulumi.Input[builtins.int]]:
442
443
  """
443
444
  Maximum possible lease duration for secrets in seconds.
444
445
  """
445
446
  return pulumi.get(self, "max_lease_ttl_seconds")
446
447
 
447
448
  @max_lease_ttl_seconds.setter
448
- def max_lease_ttl_seconds(self, value: Optional[pulumi.Input[int]]):
449
+ def max_lease_ttl_seconds(self, value: Optional[pulumi.Input[builtins.int]]):
449
450
  pulumi.set(self, "max_lease_ttl_seconds", value)
450
451
 
451
452
  @property
452
453
  @pulumi.getter
453
- def namespace(self) -> Optional[pulumi.Input[str]]:
454
+ def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
454
455
  """
455
456
  The namespace to provision the resource in.
456
457
  The value should not contain leading or trailing forward slashes.
@@ -460,48 +461,48 @@ class SecretBackendArgs:
460
461
  return pulumi.get(self, "namespace")
461
462
 
462
463
  @namespace.setter
463
- def namespace(self, value: Optional[pulumi.Input[str]]):
464
+ def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
464
465
  pulumi.set(self, "namespace", value)
465
466
 
466
467
  @property
467
468
  @pulumi.getter
468
- def options(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
469
+ def options(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]:
469
470
  """
470
471
  Specifies mount type specific options that are passed to the backend
471
472
  """
472
473
  return pulumi.get(self, "options")
473
474
 
474
475
  @options.setter
475
- def options(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
476
+ def options(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]):
476
477
  pulumi.set(self, "options", value)
477
478
 
478
479
  @property
479
480
  @pulumi.getter(name="passthroughRequestHeaders")
480
- def passthrough_request_headers(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
481
+ def passthrough_request_headers(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
481
482
  """
482
483
  List of headers to allow and pass from the request to the plugin
483
484
  """
484
485
  return pulumi.get(self, "passthrough_request_headers")
485
486
 
486
487
  @passthrough_request_headers.setter
487
- def passthrough_request_headers(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
488
+ def passthrough_request_headers(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
488
489
  pulumi.set(self, "passthrough_request_headers", value)
489
490
 
490
491
  @property
491
492
  @pulumi.getter(name="passwordPolicy")
492
- def password_policy(self) -> Optional[pulumi.Input[str]]:
493
+ def password_policy(self) -> Optional[pulumi.Input[builtins.str]]:
493
494
  """
494
495
  Name of the password policy to use to generate passwords.
495
496
  """
496
497
  return pulumi.get(self, "password_policy")
497
498
 
498
499
  @password_policy.setter
499
- def password_policy(self, value: Optional[pulumi.Input[str]]):
500
+ def password_policy(self, value: Optional[pulumi.Input[builtins.str]]):
500
501
  pulumi.set(self, "password_policy", value)
501
502
 
502
503
  @property
503
504
  @pulumi.getter
504
- def path(self) -> Optional[pulumi.Input[str]]:
505
+ def path(self) -> Optional[pulumi.Input[builtins.str]]:
505
506
  """
506
507
  The unique path this backend should be mounted at. Must
507
508
  not begin or end with a `/`. Defaults to `ldap`.
@@ -509,24 +510,24 @@ class SecretBackendArgs:
509
510
  return pulumi.get(self, "path")
510
511
 
511
512
  @path.setter
512
- def path(self, value: Optional[pulumi.Input[str]]):
513
+ def path(self, value: Optional[pulumi.Input[builtins.str]]):
513
514
  pulumi.set(self, "path", value)
514
515
 
515
516
  @property
516
517
  @pulumi.getter(name="pluginVersion")
517
- def plugin_version(self) -> Optional[pulumi.Input[str]]:
518
+ def plugin_version(self) -> Optional[pulumi.Input[builtins.str]]:
518
519
  """
519
520
  Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
520
521
  """
521
522
  return pulumi.get(self, "plugin_version")
522
523
 
523
524
  @plugin_version.setter
524
- def plugin_version(self, value: Optional[pulumi.Input[str]]):
525
+ def plugin_version(self, value: Optional[pulumi.Input[builtins.str]]):
525
526
  pulumi.set(self, "plugin_version", value)
526
527
 
527
528
  @property
528
529
  @pulumi.getter(name="requestTimeout")
529
- def request_timeout(self) -> Optional[pulumi.Input[int]]:
530
+ def request_timeout(self) -> Optional[pulumi.Input[builtins.int]]:
530
531
  """
531
532
  Timeout, in seconds, for the connection when making requests against the server
532
533
  before returning back an error.
@@ -534,12 +535,12 @@ class SecretBackendArgs:
534
535
  return pulumi.get(self, "request_timeout")
535
536
 
536
537
  @request_timeout.setter
537
- def request_timeout(self, value: Optional[pulumi.Input[int]]):
538
+ def request_timeout(self, value: Optional[pulumi.Input[builtins.int]]):
538
539
  pulumi.set(self, "request_timeout", value)
539
540
 
540
541
  @property
541
542
  @pulumi.getter(name="rotationPeriod")
542
- def rotation_period(self) -> Optional[pulumi.Input[int]]:
543
+ def rotation_period(self) -> Optional[pulumi.Input[builtins.int]]:
543
544
  """
544
545
  The amount of time in seconds Vault should wait before rotating the root credential.
545
546
  A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
@@ -547,12 +548,12 @@ class SecretBackendArgs:
547
548
  return pulumi.get(self, "rotation_period")
548
549
 
549
550
  @rotation_period.setter
550
- def rotation_period(self, value: Optional[pulumi.Input[int]]):
551
+ def rotation_period(self, value: Optional[pulumi.Input[builtins.int]]):
551
552
  pulumi.set(self, "rotation_period", value)
552
553
 
553
554
  @property
554
555
  @pulumi.getter(name="rotationSchedule")
555
- def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
556
+ def rotation_schedule(self) -> Optional[pulumi.Input[builtins.str]]:
556
557
  """
557
558
  The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
558
559
  defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
@@ -560,12 +561,12 @@ class SecretBackendArgs:
560
561
  return pulumi.get(self, "rotation_schedule")
561
562
 
562
563
  @rotation_schedule.setter
563
- def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
564
+ def rotation_schedule(self, value: Optional[pulumi.Input[builtins.str]]):
564
565
  pulumi.set(self, "rotation_schedule", value)
565
566
 
566
567
  @property
567
568
  @pulumi.getter(name="rotationWindow")
568
- def rotation_window(self) -> Optional[pulumi.Input[int]]:
569
+ def rotation_window(self) -> Optional[pulumi.Input[builtins.int]]:
569
570
  """
570
571
  The maximum amount of time in seconds allowed to complete
571
572
  a rotation when a scheduled token rotation occurs. The default rotation window is
@@ -574,36 +575,36 @@ class SecretBackendArgs:
574
575
  return pulumi.get(self, "rotation_window")
575
576
 
576
577
  @rotation_window.setter
577
- def rotation_window(self, value: Optional[pulumi.Input[int]]):
578
+ def rotation_window(self, value: Optional[pulumi.Input[builtins.int]]):
578
579
  pulumi.set(self, "rotation_window", value)
579
580
 
580
581
  @property
581
582
  @pulumi.getter
582
- def schema(self) -> Optional[pulumi.Input[str]]:
583
+ def schema(self) -> Optional[pulumi.Input[builtins.str]]:
583
584
  """
584
585
  The LDAP schema to use when storing entry passwords. Valid schemas include `openldap`, `ad`, and `racf`. Default is `openldap`.
585
586
  """
586
587
  return pulumi.get(self, "schema")
587
588
 
588
589
  @schema.setter
589
- def schema(self, value: Optional[pulumi.Input[str]]):
590
+ def schema(self, value: Optional[pulumi.Input[builtins.str]]):
590
591
  pulumi.set(self, "schema", value)
591
592
 
592
593
  @property
593
594
  @pulumi.getter(name="sealWrap")
594
- def seal_wrap(self) -> Optional[pulumi.Input[bool]]:
595
+ def seal_wrap(self) -> Optional[pulumi.Input[builtins.bool]]:
595
596
  """
596
597
  Enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
597
598
  """
598
599
  return pulumi.get(self, "seal_wrap")
599
600
 
600
601
  @seal_wrap.setter
601
- def seal_wrap(self, value: Optional[pulumi.Input[bool]]):
602
+ def seal_wrap(self, value: Optional[pulumi.Input[builtins.bool]]):
602
603
  pulumi.set(self, "seal_wrap", value)
603
604
 
604
605
  @property
605
606
  @pulumi.getter(name="skipStaticRoleImportRotation")
606
- def skip_static_role_import_rotation(self) -> Optional[pulumi.Input[bool]]:
607
+ def skip_static_role_import_rotation(self) -> Optional[pulumi.Input[builtins.bool]]:
607
608
  """
608
609
  If set to true, static roles will not be rotated during import.
609
610
  Defaults to false. Requires Vault 1.16 or above.
@@ -611,36 +612,36 @@ class SecretBackendArgs:
611
612
  return pulumi.get(self, "skip_static_role_import_rotation")
612
613
 
613
614
  @skip_static_role_import_rotation.setter
614
- def skip_static_role_import_rotation(self, value: Optional[pulumi.Input[bool]]):
615
+ def skip_static_role_import_rotation(self, value: Optional[pulumi.Input[builtins.bool]]):
615
616
  pulumi.set(self, "skip_static_role_import_rotation", value)
616
617
 
617
618
  @property
618
619
  @pulumi.getter
619
- def starttls(self) -> Optional[pulumi.Input[bool]]:
620
+ def starttls(self) -> Optional[pulumi.Input[builtins.bool]]:
620
621
  """
621
622
  Issue a StartTLS command after establishing unencrypted connection.
622
623
  """
623
624
  return pulumi.get(self, "starttls")
624
625
 
625
626
  @starttls.setter
626
- def starttls(self, value: Optional[pulumi.Input[bool]]):
627
+ def starttls(self, value: Optional[pulumi.Input[builtins.bool]]):
627
628
  pulumi.set(self, "starttls", value)
628
629
 
629
630
  @property
630
631
  @pulumi.getter
631
- def upndomain(self) -> Optional[pulumi.Input[str]]:
632
+ def upndomain(self) -> Optional[pulumi.Input[builtins.str]]:
632
633
  """
633
634
  Enables userPrincipalDomain login with [username]@UPNDomain.
634
635
  """
635
636
  return pulumi.get(self, "upndomain")
636
637
 
637
638
  @upndomain.setter
638
- def upndomain(self, value: Optional[pulumi.Input[str]]):
639
+ def upndomain(self, value: Optional[pulumi.Input[builtins.str]]):
639
640
  pulumi.set(self, "upndomain", value)
640
641
 
641
642
  @property
642
643
  @pulumi.getter
643
- def url(self) -> Optional[pulumi.Input[str]]:
644
+ def url(self) -> Optional[pulumi.Input[builtins.str]]:
644
645
  """
645
646
  LDAP URL to connect to. Multiple URLs can be specified by concatenating
646
647
  them with commas; they will be tried in-order. Defaults to `ldap://127.0.0.1`.
@@ -648,134 +649,134 @@ class SecretBackendArgs:
648
649
  return pulumi.get(self, "url")
649
650
 
650
651
  @url.setter
651
- def url(self, value: Optional[pulumi.Input[str]]):
652
+ def url(self, value: Optional[pulumi.Input[builtins.str]]):
652
653
  pulumi.set(self, "url", value)
653
654
 
654
655
  @property
655
656
  @pulumi.getter
656
- def userattr(self) -> Optional[pulumi.Input[str]]:
657
+ def userattr(self) -> Optional[pulumi.Input[builtins.str]]:
657
658
  """
658
659
  Attribute used when searching users. Defaults to `cn`.
659
660
  """
660
661
  return pulumi.get(self, "userattr")
661
662
 
662
663
  @userattr.setter
663
- def userattr(self, value: Optional[pulumi.Input[str]]):
664
+ def userattr(self, value: Optional[pulumi.Input[builtins.str]]):
664
665
  pulumi.set(self, "userattr", value)
665
666
 
666
667
  @property
667
668
  @pulumi.getter
668
- def userdn(self) -> Optional[pulumi.Input[str]]:
669
+ def userdn(self) -> Optional[pulumi.Input[builtins.str]]:
669
670
  """
670
671
  LDAP domain to use for users (eg: ou=People,dc=example,dc=org)`.
671
672
  """
672
673
  return pulumi.get(self, "userdn")
673
674
 
674
675
  @userdn.setter
675
- def userdn(self, value: Optional[pulumi.Input[str]]):
676
+ def userdn(self, value: Optional[pulumi.Input[builtins.str]]):
676
677
  pulumi.set(self, "userdn", value)
677
678
 
678
679
 
679
680
  @pulumi.input_type
680
681
  class _SecretBackendState:
681
682
  def __init__(__self__, *,
682
- accessor: Optional[pulumi.Input[str]] = None,
683
- allowed_managed_keys: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
684
- allowed_response_headers: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
685
- audit_non_hmac_request_keys: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
686
- audit_non_hmac_response_keys: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
687
- binddn: Optional[pulumi.Input[str]] = None,
688
- bindpass: Optional[pulumi.Input[str]] = None,
689
- certificate: Optional[pulumi.Input[str]] = None,
690
- client_tls_cert: Optional[pulumi.Input[str]] = None,
691
- client_tls_key: Optional[pulumi.Input[str]] = None,
692
- connection_timeout: Optional[pulumi.Input[int]] = None,
693
- default_lease_ttl_seconds: Optional[pulumi.Input[int]] = None,
694
- delegated_auth_accessors: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
695
- description: Optional[pulumi.Input[str]] = None,
696
- disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
697
- disable_remount: Optional[pulumi.Input[bool]] = None,
698
- external_entropy_access: Optional[pulumi.Input[bool]] = None,
699
- identity_token_key: Optional[pulumi.Input[str]] = None,
700
- insecure_tls: Optional[pulumi.Input[bool]] = None,
701
- listing_visibility: Optional[pulumi.Input[str]] = None,
702
- local: Optional[pulumi.Input[bool]] = None,
703
- max_lease_ttl_seconds: Optional[pulumi.Input[int]] = None,
704
- namespace: Optional[pulumi.Input[str]] = None,
705
- options: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
706
- passthrough_request_headers: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
707
- password_policy: Optional[pulumi.Input[str]] = None,
708
- path: Optional[pulumi.Input[str]] = None,
709
- plugin_version: Optional[pulumi.Input[str]] = None,
710
- request_timeout: Optional[pulumi.Input[int]] = None,
711
- rotation_period: Optional[pulumi.Input[int]] = None,
712
- rotation_schedule: Optional[pulumi.Input[str]] = None,
713
- rotation_window: Optional[pulumi.Input[int]] = None,
714
- schema: Optional[pulumi.Input[str]] = None,
715
- seal_wrap: Optional[pulumi.Input[bool]] = None,
716
- skip_static_role_import_rotation: Optional[pulumi.Input[bool]] = None,
717
- starttls: Optional[pulumi.Input[bool]] = None,
718
- upndomain: Optional[pulumi.Input[str]] = None,
719
- url: Optional[pulumi.Input[str]] = None,
720
- userattr: Optional[pulumi.Input[str]] = None,
721
- userdn: Optional[pulumi.Input[str]] = None):
683
+ accessor: Optional[pulumi.Input[builtins.str]] = None,
684
+ allowed_managed_keys: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
685
+ allowed_response_headers: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
686
+ audit_non_hmac_request_keys: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
687
+ audit_non_hmac_response_keys: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
688
+ binddn: Optional[pulumi.Input[builtins.str]] = None,
689
+ bindpass: Optional[pulumi.Input[builtins.str]] = None,
690
+ certificate: Optional[pulumi.Input[builtins.str]] = None,
691
+ client_tls_cert: Optional[pulumi.Input[builtins.str]] = None,
692
+ client_tls_key: Optional[pulumi.Input[builtins.str]] = None,
693
+ connection_timeout: Optional[pulumi.Input[builtins.int]] = None,
694
+ default_lease_ttl_seconds: Optional[pulumi.Input[builtins.int]] = None,
695
+ delegated_auth_accessors: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
696
+ description: Optional[pulumi.Input[builtins.str]] = None,
697
+ disable_automated_rotation: Optional[pulumi.Input[builtins.bool]] = None,
698
+ disable_remount: Optional[pulumi.Input[builtins.bool]] = None,
699
+ external_entropy_access: Optional[pulumi.Input[builtins.bool]] = None,
700
+ identity_token_key: Optional[pulumi.Input[builtins.str]] = None,
701
+ insecure_tls: Optional[pulumi.Input[builtins.bool]] = None,
702
+ listing_visibility: Optional[pulumi.Input[builtins.str]] = None,
703
+ local: Optional[pulumi.Input[builtins.bool]] = None,
704
+ max_lease_ttl_seconds: Optional[pulumi.Input[builtins.int]] = None,
705
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
706
+ options: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
707
+ passthrough_request_headers: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
708
+ password_policy: Optional[pulumi.Input[builtins.str]] = None,
709
+ path: Optional[pulumi.Input[builtins.str]] = None,
710
+ plugin_version: Optional[pulumi.Input[builtins.str]] = None,
711
+ request_timeout: Optional[pulumi.Input[builtins.int]] = None,
712
+ rotation_period: Optional[pulumi.Input[builtins.int]] = None,
713
+ rotation_schedule: Optional[pulumi.Input[builtins.str]] = None,
714
+ rotation_window: Optional[pulumi.Input[builtins.int]] = None,
715
+ schema: Optional[pulumi.Input[builtins.str]] = None,
716
+ seal_wrap: Optional[pulumi.Input[builtins.bool]] = None,
717
+ skip_static_role_import_rotation: Optional[pulumi.Input[builtins.bool]] = None,
718
+ starttls: Optional[pulumi.Input[builtins.bool]] = None,
719
+ upndomain: Optional[pulumi.Input[builtins.str]] = None,
720
+ url: Optional[pulumi.Input[builtins.str]] = None,
721
+ userattr: Optional[pulumi.Input[builtins.str]] = None,
722
+ userdn: Optional[pulumi.Input[builtins.str]] = None):
722
723
  """
723
724
  Input properties used for looking up and filtering SecretBackend resources.
724
- :param pulumi.Input[str] accessor: Accessor of the mount
725
- :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_managed_keys: List of managed key registry entry names that the mount in question is allowed to access
726
- :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_response_headers: List of headers to allow and pass from the request to the plugin
727
- :param pulumi.Input[Sequence[pulumi.Input[str]]] audit_non_hmac_request_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
728
- :param pulumi.Input[Sequence[pulumi.Input[str]]] audit_non_hmac_response_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
729
- :param pulumi.Input[str] binddn: Distinguished name of object to bind when performing user and group search.
730
- :param pulumi.Input[str] bindpass: Password to use along with binddn when performing user search.
731
- :param pulumi.Input[str] certificate: CA certificate to use when verifying LDAP server certificate, must be
725
+ :param pulumi.Input[builtins.str] accessor: Accessor of the mount
726
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_managed_keys: List of managed key registry entry names that the mount in question is allowed to access
727
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_response_headers: List of headers to allow and pass from the request to the plugin
728
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] audit_non_hmac_request_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
729
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] audit_non_hmac_response_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
730
+ :param pulumi.Input[builtins.str] binddn: Distinguished name of object to bind when performing user and group search.
731
+ :param pulumi.Input[builtins.str] bindpass: Password to use along with binddn when performing user search.
732
+ :param pulumi.Input[builtins.str] certificate: CA certificate to use when verifying LDAP server certificate, must be
732
733
  x509 PEM encoded.
733
- :param pulumi.Input[str] client_tls_cert: Client certificate to provide to the LDAP server, must be x509 PEM encoded.
734
- :param pulumi.Input[str] client_tls_key: Client certificate key to provide to the LDAP server, must be x509 PEM encoded.
735
- :param pulumi.Input[int] connection_timeout: Timeout, in seconds, when attempting to connect to the LDAP server before trying
734
+ :param pulumi.Input[builtins.str] client_tls_cert: Client certificate to provide to the LDAP server, must be x509 PEM encoded.
735
+ :param pulumi.Input[builtins.str] client_tls_key: Client certificate key to provide to the LDAP server, must be x509 PEM encoded.
736
+ :param pulumi.Input[builtins.int] connection_timeout: Timeout, in seconds, when attempting to connect to the LDAP server before trying
736
737
  the next URL in the configuration.
737
- :param pulumi.Input[int] default_lease_ttl_seconds: Default lease duration for secrets in seconds.
738
- :param pulumi.Input[Sequence[pulumi.Input[str]]] delegated_auth_accessors: List of headers to allow and pass from the request to the plugin
739
- :param pulumi.Input[str] description: Human-friendly description of the mount for the Active Directory backend.
740
- :param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
741
- :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
742
- :param pulumi.Input[bool] external_entropy_access: Enable the secrets engine to access Vault's external entropy source
743
- :param pulumi.Input[str] identity_token_key: The key to use for signing plugin workload identity tokens
744
- :param pulumi.Input[bool] insecure_tls: Skip LDAP server SSL Certificate verification. This is not recommended for production.
738
+ :param pulumi.Input[builtins.int] default_lease_ttl_seconds: Default lease duration for secrets in seconds.
739
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] delegated_auth_accessors: List of headers to allow and pass from the request to the plugin
740
+ :param pulumi.Input[builtins.str] description: Human-friendly description of the mount for the Active Directory backend.
741
+ :param pulumi.Input[builtins.bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
742
+ :param pulumi.Input[builtins.bool] disable_remount: If set, opts out of mount migration on path updates.
743
+ :param pulumi.Input[builtins.bool] external_entropy_access: Enable the secrets engine to access Vault's external entropy source
744
+ :param pulumi.Input[builtins.str] identity_token_key: The key to use for signing plugin workload identity tokens
745
+ :param pulumi.Input[builtins.bool] insecure_tls: Skip LDAP server SSL Certificate verification. This is not recommended for production.
745
746
  Defaults to `false`.
746
- :param pulumi.Input[str] listing_visibility: Specifies whether to show this mount in the UI-specific listing endpoint
747
- :param pulumi.Input[bool] local: Mark the secrets engine as local-only. Local engines are not replicated or removed by
747
+ :param pulumi.Input[builtins.str] listing_visibility: Specifies whether to show this mount in the UI-specific listing endpoint
748
+ :param pulumi.Input[builtins.bool] local: Mark the secrets engine as local-only. Local engines are not replicated or removed by
748
749
  replication.Tolerance duration to use when checking the last rotation time.
749
- :param pulumi.Input[int] max_lease_ttl_seconds: Maximum possible lease duration for secrets in seconds.
750
- :param pulumi.Input[str] namespace: The namespace to provision the resource in.
750
+ :param pulumi.Input[builtins.int] max_lease_ttl_seconds: Maximum possible lease duration for secrets in seconds.
751
+ :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
751
752
  The value should not contain leading or trailing forward slashes.
752
753
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
753
754
  *Available only for Vault Enterprise*.
754
- :param pulumi.Input[Mapping[str, pulumi.Input[str]]] options: Specifies mount type specific options that are passed to the backend
755
- :param pulumi.Input[Sequence[pulumi.Input[str]]] passthrough_request_headers: List of headers to allow and pass from the request to the plugin
756
- :param pulumi.Input[str] password_policy: Name of the password policy to use to generate passwords.
757
- :param pulumi.Input[str] path: The unique path this backend should be mounted at. Must
755
+ :param pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]] options: Specifies mount type specific options that are passed to the backend
756
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] passthrough_request_headers: List of headers to allow and pass from the request to the plugin
757
+ :param pulumi.Input[builtins.str] password_policy: Name of the password policy to use to generate passwords.
758
+ :param pulumi.Input[builtins.str] path: The unique path this backend should be mounted at. Must
758
759
  not begin or end with a `/`. Defaults to `ldap`.
759
- :param pulumi.Input[str] plugin_version: Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
760
- :param pulumi.Input[int] request_timeout: Timeout, in seconds, for the connection when making requests against the server
760
+ :param pulumi.Input[builtins.str] plugin_version: Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
761
+ :param pulumi.Input[builtins.int] request_timeout: Timeout, in seconds, for the connection when making requests against the server
761
762
  before returning back an error.
762
- :param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
763
+ :param pulumi.Input[builtins.int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
763
764
  A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
764
- :param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
765
+ :param pulumi.Input[builtins.str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
765
766
  defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
766
- :param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
767
+ :param pulumi.Input[builtins.int] rotation_window: The maximum amount of time in seconds allowed to complete
767
768
  a rotation when a scheduled token rotation occurs. The default rotation window is
768
769
  unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
769
- :param pulumi.Input[str] schema: The LDAP schema to use when storing entry passwords. Valid schemas include `openldap`, `ad`, and `racf`. Default is `openldap`.
770
- :param pulumi.Input[bool] seal_wrap: Enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
771
- :param pulumi.Input[bool] skip_static_role_import_rotation: If set to true, static roles will not be rotated during import.
770
+ :param pulumi.Input[builtins.str] schema: The LDAP schema to use when storing entry passwords. Valid schemas include `openldap`, `ad`, and `racf`. Default is `openldap`.
771
+ :param pulumi.Input[builtins.bool] seal_wrap: Enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
772
+ :param pulumi.Input[builtins.bool] skip_static_role_import_rotation: If set to true, static roles will not be rotated during import.
772
773
  Defaults to false. Requires Vault 1.16 or above.
773
- :param pulumi.Input[bool] starttls: Issue a StartTLS command after establishing unencrypted connection.
774
- :param pulumi.Input[str] upndomain: Enables userPrincipalDomain login with [username]@UPNDomain.
775
- :param pulumi.Input[str] url: LDAP URL to connect to. Multiple URLs can be specified by concatenating
774
+ :param pulumi.Input[builtins.bool] starttls: Issue a StartTLS command after establishing unencrypted connection.
775
+ :param pulumi.Input[builtins.str] upndomain: Enables userPrincipalDomain login with [username]@UPNDomain.
776
+ :param pulumi.Input[builtins.str] url: LDAP URL to connect to. Multiple URLs can be specified by concatenating
776
777
  them with commas; they will be tried in-order. Defaults to `ldap://127.0.0.1`.
777
- :param pulumi.Input[str] userattr: Attribute used when searching users. Defaults to `cn`.
778
- :param pulumi.Input[str] userdn: LDAP domain to use for users (eg: ou=People,dc=example,dc=org)`.
778
+ :param pulumi.Input[builtins.str] userattr: Attribute used when searching users. Defaults to `cn`.
779
+ :param pulumi.Input[builtins.str] userdn: LDAP domain to use for users (eg: ou=People,dc=example,dc=org)`.
779
780
  """
780
781
  if accessor is not None:
781
782
  pulumi.set(__self__, "accessor", accessor)
@@ -860,91 +861,91 @@ class _SecretBackendState:
860
861
 
861
862
  @property
862
863
  @pulumi.getter
863
- def accessor(self) -> Optional[pulumi.Input[str]]:
864
+ def accessor(self) -> Optional[pulumi.Input[builtins.str]]:
864
865
  """
865
866
  Accessor of the mount
866
867
  """
867
868
  return pulumi.get(self, "accessor")
868
869
 
869
870
  @accessor.setter
870
- def accessor(self, value: Optional[pulumi.Input[str]]):
871
+ def accessor(self, value: Optional[pulumi.Input[builtins.str]]):
871
872
  pulumi.set(self, "accessor", value)
872
873
 
873
874
  @property
874
875
  @pulumi.getter(name="allowedManagedKeys")
875
- def allowed_managed_keys(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
876
+ def allowed_managed_keys(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
876
877
  """
877
878
  List of managed key registry entry names that the mount in question is allowed to access
878
879
  """
879
880
  return pulumi.get(self, "allowed_managed_keys")
880
881
 
881
882
  @allowed_managed_keys.setter
882
- def allowed_managed_keys(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
883
+ def allowed_managed_keys(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
883
884
  pulumi.set(self, "allowed_managed_keys", value)
884
885
 
885
886
  @property
886
887
  @pulumi.getter(name="allowedResponseHeaders")
887
- def allowed_response_headers(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
888
+ def allowed_response_headers(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
888
889
  """
889
890
  List of headers to allow and pass from the request to the plugin
890
891
  """
891
892
  return pulumi.get(self, "allowed_response_headers")
892
893
 
893
894
  @allowed_response_headers.setter
894
- def allowed_response_headers(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
895
+ def allowed_response_headers(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
895
896
  pulumi.set(self, "allowed_response_headers", value)
896
897
 
897
898
  @property
898
899
  @pulumi.getter(name="auditNonHmacRequestKeys")
899
- def audit_non_hmac_request_keys(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
900
+ def audit_non_hmac_request_keys(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
900
901
  """
901
902
  Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
902
903
  """
903
904
  return pulumi.get(self, "audit_non_hmac_request_keys")
904
905
 
905
906
  @audit_non_hmac_request_keys.setter
906
- def audit_non_hmac_request_keys(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
907
+ def audit_non_hmac_request_keys(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
907
908
  pulumi.set(self, "audit_non_hmac_request_keys", value)
908
909
 
909
910
  @property
910
911
  @pulumi.getter(name="auditNonHmacResponseKeys")
911
- def audit_non_hmac_response_keys(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
912
+ def audit_non_hmac_response_keys(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
912
913
  """
913
914
  Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
914
915
  """
915
916
  return pulumi.get(self, "audit_non_hmac_response_keys")
916
917
 
917
918
  @audit_non_hmac_response_keys.setter
918
- def audit_non_hmac_response_keys(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
919
+ def audit_non_hmac_response_keys(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
919
920
  pulumi.set(self, "audit_non_hmac_response_keys", value)
920
921
 
921
922
  @property
922
923
  @pulumi.getter
923
- def binddn(self) -> Optional[pulumi.Input[str]]:
924
+ def binddn(self) -> Optional[pulumi.Input[builtins.str]]:
924
925
  """
925
926
  Distinguished name of object to bind when performing user and group search.
926
927
  """
927
928
  return pulumi.get(self, "binddn")
928
929
 
929
930
  @binddn.setter
930
- def binddn(self, value: Optional[pulumi.Input[str]]):
931
+ def binddn(self, value: Optional[pulumi.Input[builtins.str]]):
931
932
  pulumi.set(self, "binddn", value)
932
933
 
933
934
  @property
934
935
  @pulumi.getter
935
- def bindpass(self) -> Optional[pulumi.Input[str]]:
936
+ def bindpass(self) -> Optional[pulumi.Input[builtins.str]]:
936
937
  """
937
938
  Password to use along with binddn when performing user search.
938
939
  """
939
940
  return pulumi.get(self, "bindpass")
940
941
 
941
942
  @bindpass.setter
942
- def bindpass(self, value: Optional[pulumi.Input[str]]):
943
+ def bindpass(self, value: Optional[pulumi.Input[builtins.str]]):
943
944
  pulumi.set(self, "bindpass", value)
944
945
 
945
946
  @property
946
947
  @pulumi.getter
947
- def certificate(self) -> Optional[pulumi.Input[str]]:
948
+ def certificate(self) -> Optional[pulumi.Input[builtins.str]]:
948
949
  """
949
950
  CA certificate to use when verifying LDAP server certificate, must be
950
951
  x509 PEM encoded.
@@ -952,36 +953,36 @@ class _SecretBackendState:
952
953
  return pulumi.get(self, "certificate")
953
954
 
954
955
  @certificate.setter
955
- def certificate(self, value: Optional[pulumi.Input[str]]):
956
+ def certificate(self, value: Optional[pulumi.Input[builtins.str]]):
956
957
  pulumi.set(self, "certificate", value)
957
958
 
958
959
  @property
959
960
  @pulumi.getter(name="clientTlsCert")
960
- def client_tls_cert(self) -> Optional[pulumi.Input[str]]:
961
+ def client_tls_cert(self) -> Optional[pulumi.Input[builtins.str]]:
961
962
  """
962
963
  Client certificate to provide to the LDAP server, must be x509 PEM encoded.
963
964
  """
964
965
  return pulumi.get(self, "client_tls_cert")
965
966
 
966
967
  @client_tls_cert.setter
967
- def client_tls_cert(self, value: Optional[pulumi.Input[str]]):
968
+ def client_tls_cert(self, value: Optional[pulumi.Input[builtins.str]]):
968
969
  pulumi.set(self, "client_tls_cert", value)
969
970
 
970
971
  @property
971
972
  @pulumi.getter(name="clientTlsKey")
972
- def client_tls_key(self) -> Optional[pulumi.Input[str]]:
973
+ def client_tls_key(self) -> Optional[pulumi.Input[builtins.str]]:
973
974
  """
974
975
  Client certificate key to provide to the LDAP server, must be x509 PEM encoded.
975
976
  """
976
977
  return pulumi.get(self, "client_tls_key")
977
978
 
978
979
  @client_tls_key.setter
979
- def client_tls_key(self, value: Optional[pulumi.Input[str]]):
980
+ def client_tls_key(self, value: Optional[pulumi.Input[builtins.str]]):
980
981
  pulumi.set(self, "client_tls_key", value)
981
982
 
982
983
  @property
983
984
  @pulumi.getter(name="connectionTimeout")
984
- def connection_timeout(self) -> Optional[pulumi.Input[int]]:
985
+ def connection_timeout(self) -> Optional[pulumi.Input[builtins.int]]:
985
986
  """
986
987
  Timeout, in seconds, when attempting to connect to the LDAP server before trying
987
988
  the next URL in the configuration.
@@ -989,96 +990,96 @@ class _SecretBackendState:
989
990
  return pulumi.get(self, "connection_timeout")
990
991
 
991
992
  @connection_timeout.setter
992
- def connection_timeout(self, value: Optional[pulumi.Input[int]]):
993
+ def connection_timeout(self, value: Optional[pulumi.Input[builtins.int]]):
993
994
  pulumi.set(self, "connection_timeout", value)
994
995
 
995
996
  @property
996
997
  @pulumi.getter(name="defaultLeaseTtlSeconds")
997
- def default_lease_ttl_seconds(self) -> Optional[pulumi.Input[int]]:
998
+ def default_lease_ttl_seconds(self) -> Optional[pulumi.Input[builtins.int]]:
998
999
  """
999
1000
  Default lease duration for secrets in seconds.
1000
1001
  """
1001
1002
  return pulumi.get(self, "default_lease_ttl_seconds")
1002
1003
 
1003
1004
  @default_lease_ttl_seconds.setter
1004
- def default_lease_ttl_seconds(self, value: Optional[pulumi.Input[int]]):
1005
+ def default_lease_ttl_seconds(self, value: Optional[pulumi.Input[builtins.int]]):
1005
1006
  pulumi.set(self, "default_lease_ttl_seconds", value)
1006
1007
 
1007
1008
  @property
1008
1009
  @pulumi.getter(name="delegatedAuthAccessors")
1009
- def delegated_auth_accessors(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
1010
+ def delegated_auth_accessors(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
1010
1011
  """
1011
1012
  List of headers to allow and pass from the request to the plugin
1012
1013
  """
1013
1014
  return pulumi.get(self, "delegated_auth_accessors")
1014
1015
 
1015
1016
  @delegated_auth_accessors.setter
1016
- def delegated_auth_accessors(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
1017
+ def delegated_auth_accessors(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
1017
1018
  pulumi.set(self, "delegated_auth_accessors", value)
1018
1019
 
1019
1020
  @property
1020
1021
  @pulumi.getter
1021
- def description(self) -> Optional[pulumi.Input[str]]:
1022
+ def description(self) -> Optional[pulumi.Input[builtins.str]]:
1022
1023
  """
1023
1024
  Human-friendly description of the mount for the Active Directory backend.
1024
1025
  """
1025
1026
  return pulumi.get(self, "description")
1026
1027
 
1027
1028
  @description.setter
1028
- def description(self, value: Optional[pulumi.Input[str]]):
1029
+ def description(self, value: Optional[pulumi.Input[builtins.str]]):
1029
1030
  pulumi.set(self, "description", value)
1030
1031
 
1031
1032
  @property
1032
1033
  @pulumi.getter(name="disableAutomatedRotation")
1033
- def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
1034
+ def disable_automated_rotation(self) -> Optional[pulumi.Input[builtins.bool]]:
1034
1035
  """
1035
1036
  Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
1036
1037
  """
1037
1038
  return pulumi.get(self, "disable_automated_rotation")
1038
1039
 
1039
1040
  @disable_automated_rotation.setter
1040
- def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
1041
+ def disable_automated_rotation(self, value: Optional[pulumi.Input[builtins.bool]]):
1041
1042
  pulumi.set(self, "disable_automated_rotation", value)
1042
1043
 
1043
1044
  @property
1044
1045
  @pulumi.getter(name="disableRemount")
1045
- def disable_remount(self) -> Optional[pulumi.Input[bool]]:
1046
+ def disable_remount(self) -> Optional[pulumi.Input[builtins.bool]]:
1046
1047
  """
1047
1048
  If set, opts out of mount migration on path updates.
1048
1049
  """
1049
1050
  return pulumi.get(self, "disable_remount")
1050
1051
 
1051
1052
  @disable_remount.setter
1052
- def disable_remount(self, value: Optional[pulumi.Input[bool]]):
1053
+ def disable_remount(self, value: Optional[pulumi.Input[builtins.bool]]):
1053
1054
  pulumi.set(self, "disable_remount", value)
1054
1055
 
1055
1056
  @property
1056
1057
  @pulumi.getter(name="externalEntropyAccess")
1057
- def external_entropy_access(self) -> Optional[pulumi.Input[bool]]:
1058
+ def external_entropy_access(self) -> Optional[pulumi.Input[builtins.bool]]:
1058
1059
  """
1059
1060
  Enable the secrets engine to access Vault's external entropy source
1060
1061
  """
1061
1062
  return pulumi.get(self, "external_entropy_access")
1062
1063
 
1063
1064
  @external_entropy_access.setter
1064
- def external_entropy_access(self, value: Optional[pulumi.Input[bool]]):
1065
+ def external_entropy_access(self, value: Optional[pulumi.Input[builtins.bool]]):
1065
1066
  pulumi.set(self, "external_entropy_access", value)
1066
1067
 
1067
1068
  @property
1068
1069
  @pulumi.getter(name="identityTokenKey")
1069
- def identity_token_key(self) -> Optional[pulumi.Input[str]]:
1070
+ def identity_token_key(self) -> Optional[pulumi.Input[builtins.str]]:
1070
1071
  """
1071
1072
  The key to use for signing plugin workload identity tokens
1072
1073
  """
1073
1074
  return pulumi.get(self, "identity_token_key")
1074
1075
 
1075
1076
  @identity_token_key.setter
1076
- def identity_token_key(self, value: Optional[pulumi.Input[str]]):
1077
+ def identity_token_key(self, value: Optional[pulumi.Input[builtins.str]]):
1077
1078
  pulumi.set(self, "identity_token_key", value)
1078
1079
 
1079
1080
  @property
1080
1081
  @pulumi.getter(name="insecureTls")
1081
- def insecure_tls(self) -> Optional[pulumi.Input[bool]]:
1082
+ def insecure_tls(self) -> Optional[pulumi.Input[builtins.bool]]:
1082
1083
  """
1083
1084
  Skip LDAP server SSL Certificate verification. This is not recommended for production.
1084
1085
  Defaults to `false`.
@@ -1086,24 +1087,24 @@ class _SecretBackendState:
1086
1087
  return pulumi.get(self, "insecure_tls")
1087
1088
 
1088
1089
  @insecure_tls.setter
1089
- def insecure_tls(self, value: Optional[pulumi.Input[bool]]):
1090
+ def insecure_tls(self, value: Optional[pulumi.Input[builtins.bool]]):
1090
1091
  pulumi.set(self, "insecure_tls", value)
1091
1092
 
1092
1093
  @property
1093
1094
  @pulumi.getter(name="listingVisibility")
1094
- def listing_visibility(self) -> Optional[pulumi.Input[str]]:
1095
+ def listing_visibility(self) -> Optional[pulumi.Input[builtins.str]]:
1095
1096
  """
1096
1097
  Specifies whether to show this mount in the UI-specific listing endpoint
1097
1098
  """
1098
1099
  return pulumi.get(self, "listing_visibility")
1099
1100
 
1100
1101
  @listing_visibility.setter
1101
- def listing_visibility(self, value: Optional[pulumi.Input[str]]):
1102
+ def listing_visibility(self, value: Optional[pulumi.Input[builtins.str]]):
1102
1103
  pulumi.set(self, "listing_visibility", value)
1103
1104
 
1104
1105
  @property
1105
1106
  @pulumi.getter
1106
- def local(self) -> Optional[pulumi.Input[bool]]:
1107
+ def local(self) -> Optional[pulumi.Input[builtins.bool]]:
1107
1108
  """
1108
1109
  Mark the secrets engine as local-only. Local engines are not replicated or removed by
1109
1110
  replication.Tolerance duration to use when checking the last rotation time.
@@ -1111,24 +1112,24 @@ class _SecretBackendState:
1111
1112
  return pulumi.get(self, "local")
1112
1113
 
1113
1114
  @local.setter
1114
- def local(self, value: Optional[pulumi.Input[bool]]):
1115
+ def local(self, value: Optional[pulumi.Input[builtins.bool]]):
1115
1116
  pulumi.set(self, "local", value)
1116
1117
 
1117
1118
  @property
1118
1119
  @pulumi.getter(name="maxLeaseTtlSeconds")
1119
- def max_lease_ttl_seconds(self) -> Optional[pulumi.Input[int]]:
1120
+ def max_lease_ttl_seconds(self) -> Optional[pulumi.Input[builtins.int]]:
1120
1121
  """
1121
1122
  Maximum possible lease duration for secrets in seconds.
1122
1123
  """
1123
1124
  return pulumi.get(self, "max_lease_ttl_seconds")
1124
1125
 
1125
1126
  @max_lease_ttl_seconds.setter
1126
- def max_lease_ttl_seconds(self, value: Optional[pulumi.Input[int]]):
1127
+ def max_lease_ttl_seconds(self, value: Optional[pulumi.Input[builtins.int]]):
1127
1128
  pulumi.set(self, "max_lease_ttl_seconds", value)
1128
1129
 
1129
1130
  @property
1130
1131
  @pulumi.getter
1131
- def namespace(self) -> Optional[pulumi.Input[str]]:
1132
+ def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
1132
1133
  """
1133
1134
  The namespace to provision the resource in.
1134
1135
  The value should not contain leading or trailing forward slashes.
@@ -1138,48 +1139,48 @@ class _SecretBackendState:
1138
1139
  return pulumi.get(self, "namespace")
1139
1140
 
1140
1141
  @namespace.setter
1141
- def namespace(self, value: Optional[pulumi.Input[str]]):
1142
+ def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
1142
1143
  pulumi.set(self, "namespace", value)
1143
1144
 
1144
1145
  @property
1145
1146
  @pulumi.getter
1146
- def options(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
1147
+ def options(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]:
1147
1148
  """
1148
1149
  Specifies mount type specific options that are passed to the backend
1149
1150
  """
1150
1151
  return pulumi.get(self, "options")
1151
1152
 
1152
1153
  @options.setter
1153
- def options(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
1154
+ def options(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]):
1154
1155
  pulumi.set(self, "options", value)
1155
1156
 
1156
1157
  @property
1157
1158
  @pulumi.getter(name="passthroughRequestHeaders")
1158
- def passthrough_request_headers(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
1159
+ def passthrough_request_headers(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
1159
1160
  """
1160
1161
  List of headers to allow and pass from the request to the plugin
1161
1162
  """
1162
1163
  return pulumi.get(self, "passthrough_request_headers")
1163
1164
 
1164
1165
  @passthrough_request_headers.setter
1165
- def passthrough_request_headers(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
1166
+ def passthrough_request_headers(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
1166
1167
  pulumi.set(self, "passthrough_request_headers", value)
1167
1168
 
1168
1169
  @property
1169
1170
  @pulumi.getter(name="passwordPolicy")
1170
- def password_policy(self) -> Optional[pulumi.Input[str]]:
1171
+ def password_policy(self) -> Optional[pulumi.Input[builtins.str]]:
1171
1172
  """
1172
1173
  Name of the password policy to use to generate passwords.
1173
1174
  """
1174
1175
  return pulumi.get(self, "password_policy")
1175
1176
 
1176
1177
  @password_policy.setter
1177
- def password_policy(self, value: Optional[pulumi.Input[str]]):
1178
+ def password_policy(self, value: Optional[pulumi.Input[builtins.str]]):
1178
1179
  pulumi.set(self, "password_policy", value)
1179
1180
 
1180
1181
  @property
1181
1182
  @pulumi.getter
1182
- def path(self) -> Optional[pulumi.Input[str]]:
1183
+ def path(self) -> Optional[pulumi.Input[builtins.str]]:
1183
1184
  """
1184
1185
  The unique path this backend should be mounted at. Must
1185
1186
  not begin or end with a `/`. Defaults to `ldap`.
@@ -1187,24 +1188,24 @@ class _SecretBackendState:
1187
1188
  return pulumi.get(self, "path")
1188
1189
 
1189
1190
  @path.setter
1190
- def path(self, value: Optional[pulumi.Input[str]]):
1191
+ def path(self, value: Optional[pulumi.Input[builtins.str]]):
1191
1192
  pulumi.set(self, "path", value)
1192
1193
 
1193
1194
  @property
1194
1195
  @pulumi.getter(name="pluginVersion")
1195
- def plugin_version(self) -> Optional[pulumi.Input[str]]:
1196
+ def plugin_version(self) -> Optional[pulumi.Input[builtins.str]]:
1196
1197
  """
1197
1198
  Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
1198
1199
  """
1199
1200
  return pulumi.get(self, "plugin_version")
1200
1201
 
1201
1202
  @plugin_version.setter
1202
- def plugin_version(self, value: Optional[pulumi.Input[str]]):
1203
+ def plugin_version(self, value: Optional[pulumi.Input[builtins.str]]):
1203
1204
  pulumi.set(self, "plugin_version", value)
1204
1205
 
1205
1206
  @property
1206
1207
  @pulumi.getter(name="requestTimeout")
1207
- def request_timeout(self) -> Optional[pulumi.Input[int]]:
1208
+ def request_timeout(self) -> Optional[pulumi.Input[builtins.int]]:
1208
1209
  """
1209
1210
  Timeout, in seconds, for the connection when making requests against the server
1210
1211
  before returning back an error.
@@ -1212,12 +1213,12 @@ class _SecretBackendState:
1212
1213
  return pulumi.get(self, "request_timeout")
1213
1214
 
1214
1215
  @request_timeout.setter
1215
- def request_timeout(self, value: Optional[pulumi.Input[int]]):
1216
+ def request_timeout(self, value: Optional[pulumi.Input[builtins.int]]):
1216
1217
  pulumi.set(self, "request_timeout", value)
1217
1218
 
1218
1219
  @property
1219
1220
  @pulumi.getter(name="rotationPeriod")
1220
- def rotation_period(self) -> Optional[pulumi.Input[int]]:
1221
+ def rotation_period(self) -> Optional[pulumi.Input[builtins.int]]:
1221
1222
  """
1222
1223
  The amount of time in seconds Vault should wait before rotating the root credential.
1223
1224
  A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
@@ -1225,12 +1226,12 @@ class _SecretBackendState:
1225
1226
  return pulumi.get(self, "rotation_period")
1226
1227
 
1227
1228
  @rotation_period.setter
1228
- def rotation_period(self, value: Optional[pulumi.Input[int]]):
1229
+ def rotation_period(self, value: Optional[pulumi.Input[builtins.int]]):
1229
1230
  pulumi.set(self, "rotation_period", value)
1230
1231
 
1231
1232
  @property
1232
1233
  @pulumi.getter(name="rotationSchedule")
1233
- def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
1234
+ def rotation_schedule(self) -> Optional[pulumi.Input[builtins.str]]:
1234
1235
  """
1235
1236
  The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
1236
1237
  defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
@@ -1238,12 +1239,12 @@ class _SecretBackendState:
1238
1239
  return pulumi.get(self, "rotation_schedule")
1239
1240
 
1240
1241
  @rotation_schedule.setter
1241
- def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
1242
+ def rotation_schedule(self, value: Optional[pulumi.Input[builtins.str]]):
1242
1243
  pulumi.set(self, "rotation_schedule", value)
1243
1244
 
1244
1245
  @property
1245
1246
  @pulumi.getter(name="rotationWindow")
1246
- def rotation_window(self) -> Optional[pulumi.Input[int]]:
1247
+ def rotation_window(self) -> Optional[pulumi.Input[builtins.int]]:
1247
1248
  """
1248
1249
  The maximum amount of time in seconds allowed to complete
1249
1250
  a rotation when a scheduled token rotation occurs. The default rotation window is
@@ -1252,36 +1253,36 @@ class _SecretBackendState:
1252
1253
  return pulumi.get(self, "rotation_window")
1253
1254
 
1254
1255
  @rotation_window.setter
1255
- def rotation_window(self, value: Optional[pulumi.Input[int]]):
1256
+ def rotation_window(self, value: Optional[pulumi.Input[builtins.int]]):
1256
1257
  pulumi.set(self, "rotation_window", value)
1257
1258
 
1258
1259
  @property
1259
1260
  @pulumi.getter
1260
- def schema(self) -> Optional[pulumi.Input[str]]:
1261
+ def schema(self) -> Optional[pulumi.Input[builtins.str]]:
1261
1262
  """
1262
1263
  The LDAP schema to use when storing entry passwords. Valid schemas include `openldap`, `ad`, and `racf`. Default is `openldap`.
1263
1264
  """
1264
1265
  return pulumi.get(self, "schema")
1265
1266
 
1266
1267
  @schema.setter
1267
- def schema(self, value: Optional[pulumi.Input[str]]):
1268
+ def schema(self, value: Optional[pulumi.Input[builtins.str]]):
1268
1269
  pulumi.set(self, "schema", value)
1269
1270
 
1270
1271
  @property
1271
1272
  @pulumi.getter(name="sealWrap")
1272
- def seal_wrap(self) -> Optional[pulumi.Input[bool]]:
1273
+ def seal_wrap(self) -> Optional[pulumi.Input[builtins.bool]]:
1273
1274
  """
1274
1275
  Enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
1275
1276
  """
1276
1277
  return pulumi.get(self, "seal_wrap")
1277
1278
 
1278
1279
  @seal_wrap.setter
1279
- def seal_wrap(self, value: Optional[pulumi.Input[bool]]):
1280
+ def seal_wrap(self, value: Optional[pulumi.Input[builtins.bool]]):
1280
1281
  pulumi.set(self, "seal_wrap", value)
1281
1282
 
1282
1283
  @property
1283
1284
  @pulumi.getter(name="skipStaticRoleImportRotation")
1284
- def skip_static_role_import_rotation(self) -> Optional[pulumi.Input[bool]]:
1285
+ def skip_static_role_import_rotation(self) -> Optional[pulumi.Input[builtins.bool]]:
1285
1286
  """
1286
1287
  If set to true, static roles will not be rotated during import.
1287
1288
  Defaults to false. Requires Vault 1.16 or above.
@@ -1289,36 +1290,36 @@ class _SecretBackendState:
1289
1290
  return pulumi.get(self, "skip_static_role_import_rotation")
1290
1291
 
1291
1292
  @skip_static_role_import_rotation.setter
1292
- def skip_static_role_import_rotation(self, value: Optional[pulumi.Input[bool]]):
1293
+ def skip_static_role_import_rotation(self, value: Optional[pulumi.Input[builtins.bool]]):
1293
1294
  pulumi.set(self, "skip_static_role_import_rotation", value)
1294
1295
 
1295
1296
  @property
1296
1297
  @pulumi.getter
1297
- def starttls(self) -> Optional[pulumi.Input[bool]]:
1298
+ def starttls(self) -> Optional[pulumi.Input[builtins.bool]]:
1298
1299
  """
1299
1300
  Issue a StartTLS command after establishing unencrypted connection.
1300
1301
  """
1301
1302
  return pulumi.get(self, "starttls")
1302
1303
 
1303
1304
  @starttls.setter
1304
- def starttls(self, value: Optional[pulumi.Input[bool]]):
1305
+ def starttls(self, value: Optional[pulumi.Input[builtins.bool]]):
1305
1306
  pulumi.set(self, "starttls", value)
1306
1307
 
1307
1308
  @property
1308
1309
  @pulumi.getter
1309
- def upndomain(self) -> Optional[pulumi.Input[str]]:
1310
+ def upndomain(self) -> Optional[pulumi.Input[builtins.str]]:
1310
1311
  """
1311
1312
  Enables userPrincipalDomain login with [username]@UPNDomain.
1312
1313
  """
1313
1314
  return pulumi.get(self, "upndomain")
1314
1315
 
1315
1316
  @upndomain.setter
1316
- def upndomain(self, value: Optional[pulumi.Input[str]]):
1317
+ def upndomain(self, value: Optional[pulumi.Input[builtins.str]]):
1317
1318
  pulumi.set(self, "upndomain", value)
1318
1319
 
1319
1320
  @property
1320
1321
  @pulumi.getter
1321
- def url(self) -> Optional[pulumi.Input[str]]:
1322
+ def url(self) -> Optional[pulumi.Input[builtins.str]]:
1322
1323
  """
1323
1324
  LDAP URL to connect to. Multiple URLs can be specified by concatenating
1324
1325
  them with commas; they will be tried in-order. Defaults to `ldap://127.0.0.1`.
@@ -1326,31 +1327,31 @@ class _SecretBackendState:
1326
1327
  return pulumi.get(self, "url")
1327
1328
 
1328
1329
  @url.setter
1329
- def url(self, value: Optional[pulumi.Input[str]]):
1330
+ def url(self, value: Optional[pulumi.Input[builtins.str]]):
1330
1331
  pulumi.set(self, "url", value)
1331
1332
 
1332
1333
  @property
1333
1334
  @pulumi.getter
1334
- def userattr(self) -> Optional[pulumi.Input[str]]:
1335
+ def userattr(self) -> Optional[pulumi.Input[builtins.str]]:
1335
1336
  """
1336
1337
  Attribute used when searching users. Defaults to `cn`.
1337
1338
  """
1338
1339
  return pulumi.get(self, "userattr")
1339
1340
 
1340
1341
  @userattr.setter
1341
- def userattr(self, value: Optional[pulumi.Input[str]]):
1342
+ def userattr(self, value: Optional[pulumi.Input[builtins.str]]):
1342
1343
  pulumi.set(self, "userattr", value)
1343
1344
 
1344
1345
  @property
1345
1346
  @pulumi.getter
1346
- def userdn(self) -> Optional[pulumi.Input[str]]:
1347
+ def userdn(self) -> Optional[pulumi.Input[builtins.str]]:
1347
1348
  """
1348
1349
  LDAP domain to use for users (eg: ou=People,dc=example,dc=org)`.
1349
1350
  """
1350
1351
  return pulumi.get(self, "userdn")
1351
1352
 
1352
1353
  @userdn.setter
1353
- def userdn(self, value: Optional[pulumi.Input[str]]):
1354
+ def userdn(self, value: Optional[pulumi.Input[builtins.str]]):
1354
1355
  pulumi.set(self, "userdn", value)
1355
1356
 
1356
1357
 
@@ -1359,45 +1360,45 @@ class SecretBackend(pulumi.CustomResource):
1359
1360
  def __init__(__self__,
1360
1361
  resource_name: str,
1361
1362
  opts: Optional[pulumi.ResourceOptions] = None,
1362
- allowed_managed_keys: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
1363
- allowed_response_headers: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
1364
- audit_non_hmac_request_keys: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
1365
- audit_non_hmac_response_keys: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
1366
- binddn: Optional[pulumi.Input[str]] = None,
1367
- bindpass: Optional[pulumi.Input[str]] = None,
1368
- certificate: Optional[pulumi.Input[str]] = None,
1369
- client_tls_cert: Optional[pulumi.Input[str]] = None,
1370
- client_tls_key: Optional[pulumi.Input[str]] = None,
1371
- connection_timeout: Optional[pulumi.Input[int]] = None,
1372
- default_lease_ttl_seconds: Optional[pulumi.Input[int]] = None,
1373
- delegated_auth_accessors: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
1374
- description: Optional[pulumi.Input[str]] = None,
1375
- disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
1376
- disable_remount: Optional[pulumi.Input[bool]] = None,
1377
- external_entropy_access: Optional[pulumi.Input[bool]] = None,
1378
- identity_token_key: Optional[pulumi.Input[str]] = None,
1379
- insecure_tls: Optional[pulumi.Input[bool]] = None,
1380
- listing_visibility: Optional[pulumi.Input[str]] = None,
1381
- local: Optional[pulumi.Input[bool]] = None,
1382
- max_lease_ttl_seconds: Optional[pulumi.Input[int]] = None,
1383
- namespace: Optional[pulumi.Input[str]] = None,
1384
- options: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
1385
- passthrough_request_headers: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
1386
- password_policy: Optional[pulumi.Input[str]] = None,
1387
- path: Optional[pulumi.Input[str]] = None,
1388
- plugin_version: Optional[pulumi.Input[str]] = None,
1389
- request_timeout: Optional[pulumi.Input[int]] = None,
1390
- rotation_period: Optional[pulumi.Input[int]] = None,
1391
- rotation_schedule: Optional[pulumi.Input[str]] = None,
1392
- rotation_window: Optional[pulumi.Input[int]] = None,
1393
- schema: Optional[pulumi.Input[str]] = None,
1394
- seal_wrap: Optional[pulumi.Input[bool]] = None,
1395
- skip_static_role_import_rotation: Optional[pulumi.Input[bool]] = None,
1396
- starttls: Optional[pulumi.Input[bool]] = None,
1397
- upndomain: Optional[pulumi.Input[str]] = None,
1398
- url: Optional[pulumi.Input[str]] = None,
1399
- userattr: Optional[pulumi.Input[str]] = None,
1400
- userdn: Optional[pulumi.Input[str]] = None,
1363
+ allowed_managed_keys: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1364
+ allowed_response_headers: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1365
+ audit_non_hmac_request_keys: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1366
+ audit_non_hmac_response_keys: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1367
+ binddn: Optional[pulumi.Input[builtins.str]] = None,
1368
+ bindpass: Optional[pulumi.Input[builtins.str]] = None,
1369
+ certificate: Optional[pulumi.Input[builtins.str]] = None,
1370
+ client_tls_cert: Optional[pulumi.Input[builtins.str]] = None,
1371
+ client_tls_key: Optional[pulumi.Input[builtins.str]] = None,
1372
+ connection_timeout: Optional[pulumi.Input[builtins.int]] = None,
1373
+ default_lease_ttl_seconds: Optional[pulumi.Input[builtins.int]] = None,
1374
+ delegated_auth_accessors: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1375
+ description: Optional[pulumi.Input[builtins.str]] = None,
1376
+ disable_automated_rotation: Optional[pulumi.Input[builtins.bool]] = None,
1377
+ disable_remount: Optional[pulumi.Input[builtins.bool]] = None,
1378
+ external_entropy_access: Optional[pulumi.Input[builtins.bool]] = None,
1379
+ identity_token_key: Optional[pulumi.Input[builtins.str]] = None,
1380
+ insecure_tls: Optional[pulumi.Input[builtins.bool]] = None,
1381
+ listing_visibility: Optional[pulumi.Input[builtins.str]] = None,
1382
+ local: Optional[pulumi.Input[builtins.bool]] = None,
1383
+ max_lease_ttl_seconds: Optional[pulumi.Input[builtins.int]] = None,
1384
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
1385
+ options: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
1386
+ passthrough_request_headers: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1387
+ password_policy: Optional[pulumi.Input[builtins.str]] = None,
1388
+ path: Optional[pulumi.Input[builtins.str]] = None,
1389
+ plugin_version: Optional[pulumi.Input[builtins.str]] = None,
1390
+ request_timeout: Optional[pulumi.Input[builtins.int]] = None,
1391
+ rotation_period: Optional[pulumi.Input[builtins.int]] = None,
1392
+ rotation_schedule: Optional[pulumi.Input[builtins.str]] = None,
1393
+ rotation_window: Optional[pulumi.Input[builtins.int]] = None,
1394
+ schema: Optional[pulumi.Input[builtins.str]] = None,
1395
+ seal_wrap: Optional[pulumi.Input[builtins.bool]] = None,
1396
+ skip_static_role_import_rotation: Optional[pulumi.Input[builtins.bool]] = None,
1397
+ starttls: Optional[pulumi.Input[builtins.bool]] = None,
1398
+ upndomain: Optional[pulumi.Input[builtins.str]] = None,
1399
+ url: Optional[pulumi.Input[builtins.str]] = None,
1400
+ userattr: Optional[pulumi.Input[builtins.str]] = None,
1401
+ userdn: Optional[pulumi.Input[builtins.str]] = None,
1401
1402
  __props__=None):
1402
1403
  """
1403
1404
  ## Example Usage
@@ -1427,60 +1428,60 @@ class SecretBackend(pulumi.CustomResource):
1427
1428
 
1428
1429
  :param str resource_name: The name of the resource.
1429
1430
  :param pulumi.ResourceOptions opts: Options for the resource.
1430
- :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_managed_keys: List of managed key registry entry names that the mount in question is allowed to access
1431
- :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_response_headers: List of headers to allow and pass from the request to the plugin
1432
- :param pulumi.Input[Sequence[pulumi.Input[str]]] audit_non_hmac_request_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
1433
- :param pulumi.Input[Sequence[pulumi.Input[str]]] audit_non_hmac_response_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
1434
- :param pulumi.Input[str] binddn: Distinguished name of object to bind when performing user and group search.
1435
- :param pulumi.Input[str] bindpass: Password to use along with binddn when performing user search.
1436
- :param pulumi.Input[str] certificate: CA certificate to use when verifying LDAP server certificate, must be
1431
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_managed_keys: List of managed key registry entry names that the mount in question is allowed to access
1432
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_response_headers: List of headers to allow and pass from the request to the plugin
1433
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] audit_non_hmac_request_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
1434
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] audit_non_hmac_response_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
1435
+ :param pulumi.Input[builtins.str] binddn: Distinguished name of object to bind when performing user and group search.
1436
+ :param pulumi.Input[builtins.str] bindpass: Password to use along with binddn when performing user search.
1437
+ :param pulumi.Input[builtins.str] certificate: CA certificate to use when verifying LDAP server certificate, must be
1437
1438
  x509 PEM encoded.
1438
- :param pulumi.Input[str] client_tls_cert: Client certificate to provide to the LDAP server, must be x509 PEM encoded.
1439
- :param pulumi.Input[str] client_tls_key: Client certificate key to provide to the LDAP server, must be x509 PEM encoded.
1440
- :param pulumi.Input[int] connection_timeout: Timeout, in seconds, when attempting to connect to the LDAP server before trying
1439
+ :param pulumi.Input[builtins.str] client_tls_cert: Client certificate to provide to the LDAP server, must be x509 PEM encoded.
1440
+ :param pulumi.Input[builtins.str] client_tls_key: Client certificate key to provide to the LDAP server, must be x509 PEM encoded.
1441
+ :param pulumi.Input[builtins.int] connection_timeout: Timeout, in seconds, when attempting to connect to the LDAP server before trying
1441
1442
  the next URL in the configuration.
1442
- :param pulumi.Input[int] default_lease_ttl_seconds: Default lease duration for secrets in seconds.
1443
- :param pulumi.Input[Sequence[pulumi.Input[str]]] delegated_auth_accessors: List of headers to allow and pass from the request to the plugin
1444
- :param pulumi.Input[str] description: Human-friendly description of the mount for the Active Directory backend.
1445
- :param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
1446
- :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
1447
- :param pulumi.Input[bool] external_entropy_access: Enable the secrets engine to access Vault's external entropy source
1448
- :param pulumi.Input[str] identity_token_key: The key to use for signing plugin workload identity tokens
1449
- :param pulumi.Input[bool] insecure_tls: Skip LDAP server SSL Certificate verification. This is not recommended for production.
1443
+ :param pulumi.Input[builtins.int] default_lease_ttl_seconds: Default lease duration for secrets in seconds.
1444
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] delegated_auth_accessors: List of headers to allow and pass from the request to the plugin
1445
+ :param pulumi.Input[builtins.str] description: Human-friendly description of the mount for the Active Directory backend.
1446
+ :param pulumi.Input[builtins.bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
1447
+ :param pulumi.Input[builtins.bool] disable_remount: If set, opts out of mount migration on path updates.
1448
+ :param pulumi.Input[builtins.bool] external_entropy_access: Enable the secrets engine to access Vault's external entropy source
1449
+ :param pulumi.Input[builtins.str] identity_token_key: The key to use for signing plugin workload identity tokens
1450
+ :param pulumi.Input[builtins.bool] insecure_tls: Skip LDAP server SSL Certificate verification. This is not recommended for production.
1450
1451
  Defaults to `false`.
1451
- :param pulumi.Input[str] listing_visibility: Specifies whether to show this mount in the UI-specific listing endpoint
1452
- :param pulumi.Input[bool] local: Mark the secrets engine as local-only. Local engines are not replicated or removed by
1452
+ :param pulumi.Input[builtins.str] listing_visibility: Specifies whether to show this mount in the UI-specific listing endpoint
1453
+ :param pulumi.Input[builtins.bool] local: Mark the secrets engine as local-only. Local engines are not replicated or removed by
1453
1454
  replication.Tolerance duration to use when checking the last rotation time.
1454
- :param pulumi.Input[int] max_lease_ttl_seconds: Maximum possible lease duration for secrets in seconds.
1455
- :param pulumi.Input[str] namespace: The namespace to provision the resource in.
1455
+ :param pulumi.Input[builtins.int] max_lease_ttl_seconds: Maximum possible lease duration for secrets in seconds.
1456
+ :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
1456
1457
  The value should not contain leading or trailing forward slashes.
1457
1458
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
1458
1459
  *Available only for Vault Enterprise*.
1459
- :param pulumi.Input[Mapping[str, pulumi.Input[str]]] options: Specifies mount type specific options that are passed to the backend
1460
- :param pulumi.Input[Sequence[pulumi.Input[str]]] passthrough_request_headers: List of headers to allow and pass from the request to the plugin
1461
- :param pulumi.Input[str] password_policy: Name of the password policy to use to generate passwords.
1462
- :param pulumi.Input[str] path: The unique path this backend should be mounted at. Must
1460
+ :param pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]] options: Specifies mount type specific options that are passed to the backend
1461
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] passthrough_request_headers: List of headers to allow and pass from the request to the plugin
1462
+ :param pulumi.Input[builtins.str] password_policy: Name of the password policy to use to generate passwords.
1463
+ :param pulumi.Input[builtins.str] path: The unique path this backend should be mounted at. Must
1463
1464
  not begin or end with a `/`. Defaults to `ldap`.
1464
- :param pulumi.Input[str] plugin_version: Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
1465
- :param pulumi.Input[int] request_timeout: Timeout, in seconds, for the connection when making requests against the server
1465
+ :param pulumi.Input[builtins.str] plugin_version: Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
1466
+ :param pulumi.Input[builtins.int] request_timeout: Timeout, in seconds, for the connection when making requests against the server
1466
1467
  before returning back an error.
1467
- :param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
1468
+ :param pulumi.Input[builtins.int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
1468
1469
  A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
1469
- :param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
1470
+ :param pulumi.Input[builtins.str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
1470
1471
  defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
1471
- :param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
1472
+ :param pulumi.Input[builtins.int] rotation_window: The maximum amount of time in seconds allowed to complete
1472
1473
  a rotation when a scheduled token rotation occurs. The default rotation window is
1473
1474
  unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
1474
- :param pulumi.Input[str] schema: The LDAP schema to use when storing entry passwords. Valid schemas include `openldap`, `ad`, and `racf`. Default is `openldap`.
1475
- :param pulumi.Input[bool] seal_wrap: Enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
1476
- :param pulumi.Input[bool] skip_static_role_import_rotation: If set to true, static roles will not be rotated during import.
1475
+ :param pulumi.Input[builtins.str] schema: The LDAP schema to use when storing entry passwords. Valid schemas include `openldap`, `ad`, and `racf`. Default is `openldap`.
1476
+ :param pulumi.Input[builtins.bool] seal_wrap: Enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
1477
+ :param pulumi.Input[builtins.bool] skip_static_role_import_rotation: If set to true, static roles will not be rotated during import.
1477
1478
  Defaults to false. Requires Vault 1.16 or above.
1478
- :param pulumi.Input[bool] starttls: Issue a StartTLS command after establishing unencrypted connection.
1479
- :param pulumi.Input[str] upndomain: Enables userPrincipalDomain login with [username]@UPNDomain.
1480
- :param pulumi.Input[str] url: LDAP URL to connect to. Multiple URLs can be specified by concatenating
1479
+ :param pulumi.Input[builtins.bool] starttls: Issue a StartTLS command after establishing unencrypted connection.
1480
+ :param pulumi.Input[builtins.str] upndomain: Enables userPrincipalDomain login with [username]@UPNDomain.
1481
+ :param pulumi.Input[builtins.str] url: LDAP URL to connect to. Multiple URLs can be specified by concatenating
1481
1482
  them with commas; they will be tried in-order. Defaults to `ldap://127.0.0.1`.
1482
- :param pulumi.Input[str] userattr: Attribute used when searching users. Defaults to `cn`.
1483
- :param pulumi.Input[str] userdn: LDAP domain to use for users (eg: ou=People,dc=example,dc=org)`.
1483
+ :param pulumi.Input[builtins.str] userattr: Attribute used when searching users. Defaults to `cn`.
1484
+ :param pulumi.Input[builtins.str] userdn: LDAP domain to use for users (eg: ou=People,dc=example,dc=org)`.
1484
1485
  """
1485
1486
  ...
1486
1487
  @overload
@@ -1529,45 +1530,45 @@ class SecretBackend(pulumi.CustomResource):
1529
1530
  def _internal_init(__self__,
1530
1531
  resource_name: str,
1531
1532
  opts: Optional[pulumi.ResourceOptions] = None,
1532
- allowed_managed_keys: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
1533
- allowed_response_headers: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
1534
- audit_non_hmac_request_keys: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
1535
- audit_non_hmac_response_keys: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
1536
- binddn: Optional[pulumi.Input[str]] = None,
1537
- bindpass: Optional[pulumi.Input[str]] = None,
1538
- certificate: Optional[pulumi.Input[str]] = None,
1539
- client_tls_cert: Optional[pulumi.Input[str]] = None,
1540
- client_tls_key: Optional[pulumi.Input[str]] = None,
1541
- connection_timeout: Optional[pulumi.Input[int]] = None,
1542
- default_lease_ttl_seconds: Optional[pulumi.Input[int]] = None,
1543
- delegated_auth_accessors: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
1544
- description: Optional[pulumi.Input[str]] = None,
1545
- disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
1546
- disable_remount: Optional[pulumi.Input[bool]] = None,
1547
- external_entropy_access: Optional[pulumi.Input[bool]] = None,
1548
- identity_token_key: Optional[pulumi.Input[str]] = None,
1549
- insecure_tls: Optional[pulumi.Input[bool]] = None,
1550
- listing_visibility: Optional[pulumi.Input[str]] = None,
1551
- local: Optional[pulumi.Input[bool]] = None,
1552
- max_lease_ttl_seconds: Optional[pulumi.Input[int]] = None,
1553
- namespace: Optional[pulumi.Input[str]] = None,
1554
- options: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
1555
- passthrough_request_headers: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
1556
- password_policy: Optional[pulumi.Input[str]] = None,
1557
- path: Optional[pulumi.Input[str]] = None,
1558
- plugin_version: Optional[pulumi.Input[str]] = None,
1559
- request_timeout: Optional[pulumi.Input[int]] = None,
1560
- rotation_period: Optional[pulumi.Input[int]] = None,
1561
- rotation_schedule: Optional[pulumi.Input[str]] = None,
1562
- rotation_window: Optional[pulumi.Input[int]] = None,
1563
- schema: Optional[pulumi.Input[str]] = None,
1564
- seal_wrap: Optional[pulumi.Input[bool]] = None,
1565
- skip_static_role_import_rotation: Optional[pulumi.Input[bool]] = None,
1566
- starttls: Optional[pulumi.Input[bool]] = None,
1567
- upndomain: Optional[pulumi.Input[str]] = None,
1568
- url: Optional[pulumi.Input[str]] = None,
1569
- userattr: Optional[pulumi.Input[str]] = None,
1570
- userdn: Optional[pulumi.Input[str]] = None,
1533
+ allowed_managed_keys: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1534
+ allowed_response_headers: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1535
+ audit_non_hmac_request_keys: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1536
+ audit_non_hmac_response_keys: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1537
+ binddn: Optional[pulumi.Input[builtins.str]] = None,
1538
+ bindpass: Optional[pulumi.Input[builtins.str]] = None,
1539
+ certificate: Optional[pulumi.Input[builtins.str]] = None,
1540
+ client_tls_cert: Optional[pulumi.Input[builtins.str]] = None,
1541
+ client_tls_key: Optional[pulumi.Input[builtins.str]] = None,
1542
+ connection_timeout: Optional[pulumi.Input[builtins.int]] = None,
1543
+ default_lease_ttl_seconds: Optional[pulumi.Input[builtins.int]] = None,
1544
+ delegated_auth_accessors: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1545
+ description: Optional[pulumi.Input[builtins.str]] = None,
1546
+ disable_automated_rotation: Optional[pulumi.Input[builtins.bool]] = None,
1547
+ disable_remount: Optional[pulumi.Input[builtins.bool]] = None,
1548
+ external_entropy_access: Optional[pulumi.Input[builtins.bool]] = None,
1549
+ identity_token_key: Optional[pulumi.Input[builtins.str]] = None,
1550
+ insecure_tls: Optional[pulumi.Input[builtins.bool]] = None,
1551
+ listing_visibility: Optional[pulumi.Input[builtins.str]] = None,
1552
+ local: Optional[pulumi.Input[builtins.bool]] = None,
1553
+ max_lease_ttl_seconds: Optional[pulumi.Input[builtins.int]] = None,
1554
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
1555
+ options: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
1556
+ passthrough_request_headers: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1557
+ password_policy: Optional[pulumi.Input[builtins.str]] = None,
1558
+ path: Optional[pulumi.Input[builtins.str]] = None,
1559
+ plugin_version: Optional[pulumi.Input[builtins.str]] = None,
1560
+ request_timeout: Optional[pulumi.Input[builtins.int]] = None,
1561
+ rotation_period: Optional[pulumi.Input[builtins.int]] = None,
1562
+ rotation_schedule: Optional[pulumi.Input[builtins.str]] = None,
1563
+ rotation_window: Optional[pulumi.Input[builtins.int]] = None,
1564
+ schema: Optional[pulumi.Input[builtins.str]] = None,
1565
+ seal_wrap: Optional[pulumi.Input[builtins.bool]] = None,
1566
+ skip_static_role_import_rotation: Optional[pulumi.Input[builtins.bool]] = None,
1567
+ starttls: Optional[pulumi.Input[builtins.bool]] = None,
1568
+ upndomain: Optional[pulumi.Input[builtins.str]] = None,
1569
+ url: Optional[pulumi.Input[builtins.str]] = None,
1570
+ userattr: Optional[pulumi.Input[builtins.str]] = None,
1571
+ userdn: Optional[pulumi.Input[builtins.str]] = None,
1571
1572
  __props__=None):
1572
1573
  opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
1573
1574
  if not isinstance(opts, pulumi.ResourceOptions):
@@ -1633,46 +1634,46 @@ class SecretBackend(pulumi.CustomResource):
1633
1634
  def get(resource_name: str,
1634
1635
  id: pulumi.Input[str],
1635
1636
  opts: Optional[pulumi.ResourceOptions] = None,
1636
- accessor: Optional[pulumi.Input[str]] = None,
1637
- allowed_managed_keys: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
1638
- allowed_response_headers: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
1639
- audit_non_hmac_request_keys: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
1640
- audit_non_hmac_response_keys: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
1641
- binddn: Optional[pulumi.Input[str]] = None,
1642
- bindpass: Optional[pulumi.Input[str]] = None,
1643
- certificate: Optional[pulumi.Input[str]] = None,
1644
- client_tls_cert: Optional[pulumi.Input[str]] = None,
1645
- client_tls_key: Optional[pulumi.Input[str]] = None,
1646
- connection_timeout: Optional[pulumi.Input[int]] = None,
1647
- default_lease_ttl_seconds: Optional[pulumi.Input[int]] = None,
1648
- delegated_auth_accessors: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
1649
- description: Optional[pulumi.Input[str]] = None,
1650
- disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
1651
- disable_remount: Optional[pulumi.Input[bool]] = None,
1652
- external_entropy_access: Optional[pulumi.Input[bool]] = None,
1653
- identity_token_key: Optional[pulumi.Input[str]] = None,
1654
- insecure_tls: Optional[pulumi.Input[bool]] = None,
1655
- listing_visibility: Optional[pulumi.Input[str]] = None,
1656
- local: Optional[pulumi.Input[bool]] = None,
1657
- max_lease_ttl_seconds: Optional[pulumi.Input[int]] = None,
1658
- namespace: Optional[pulumi.Input[str]] = None,
1659
- options: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
1660
- passthrough_request_headers: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
1661
- password_policy: Optional[pulumi.Input[str]] = None,
1662
- path: Optional[pulumi.Input[str]] = None,
1663
- plugin_version: Optional[pulumi.Input[str]] = None,
1664
- request_timeout: Optional[pulumi.Input[int]] = None,
1665
- rotation_period: Optional[pulumi.Input[int]] = None,
1666
- rotation_schedule: Optional[pulumi.Input[str]] = None,
1667
- rotation_window: Optional[pulumi.Input[int]] = None,
1668
- schema: Optional[pulumi.Input[str]] = None,
1669
- seal_wrap: Optional[pulumi.Input[bool]] = None,
1670
- skip_static_role_import_rotation: Optional[pulumi.Input[bool]] = None,
1671
- starttls: Optional[pulumi.Input[bool]] = None,
1672
- upndomain: Optional[pulumi.Input[str]] = None,
1673
- url: Optional[pulumi.Input[str]] = None,
1674
- userattr: Optional[pulumi.Input[str]] = None,
1675
- userdn: Optional[pulumi.Input[str]] = None) -> 'SecretBackend':
1637
+ accessor: Optional[pulumi.Input[builtins.str]] = None,
1638
+ allowed_managed_keys: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1639
+ allowed_response_headers: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1640
+ audit_non_hmac_request_keys: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1641
+ audit_non_hmac_response_keys: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1642
+ binddn: Optional[pulumi.Input[builtins.str]] = None,
1643
+ bindpass: Optional[pulumi.Input[builtins.str]] = None,
1644
+ certificate: Optional[pulumi.Input[builtins.str]] = None,
1645
+ client_tls_cert: Optional[pulumi.Input[builtins.str]] = None,
1646
+ client_tls_key: Optional[pulumi.Input[builtins.str]] = None,
1647
+ connection_timeout: Optional[pulumi.Input[builtins.int]] = None,
1648
+ default_lease_ttl_seconds: Optional[pulumi.Input[builtins.int]] = None,
1649
+ delegated_auth_accessors: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1650
+ description: Optional[pulumi.Input[builtins.str]] = None,
1651
+ disable_automated_rotation: Optional[pulumi.Input[builtins.bool]] = None,
1652
+ disable_remount: Optional[pulumi.Input[builtins.bool]] = None,
1653
+ external_entropy_access: Optional[pulumi.Input[builtins.bool]] = None,
1654
+ identity_token_key: Optional[pulumi.Input[builtins.str]] = None,
1655
+ insecure_tls: Optional[pulumi.Input[builtins.bool]] = None,
1656
+ listing_visibility: Optional[pulumi.Input[builtins.str]] = None,
1657
+ local: Optional[pulumi.Input[builtins.bool]] = None,
1658
+ max_lease_ttl_seconds: Optional[pulumi.Input[builtins.int]] = None,
1659
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
1660
+ options: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
1661
+ passthrough_request_headers: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1662
+ password_policy: Optional[pulumi.Input[builtins.str]] = None,
1663
+ path: Optional[pulumi.Input[builtins.str]] = None,
1664
+ plugin_version: Optional[pulumi.Input[builtins.str]] = None,
1665
+ request_timeout: Optional[pulumi.Input[builtins.int]] = None,
1666
+ rotation_period: Optional[pulumi.Input[builtins.int]] = None,
1667
+ rotation_schedule: Optional[pulumi.Input[builtins.str]] = None,
1668
+ rotation_window: Optional[pulumi.Input[builtins.int]] = None,
1669
+ schema: Optional[pulumi.Input[builtins.str]] = None,
1670
+ seal_wrap: Optional[pulumi.Input[builtins.bool]] = None,
1671
+ skip_static_role_import_rotation: Optional[pulumi.Input[builtins.bool]] = None,
1672
+ starttls: Optional[pulumi.Input[builtins.bool]] = None,
1673
+ upndomain: Optional[pulumi.Input[builtins.str]] = None,
1674
+ url: Optional[pulumi.Input[builtins.str]] = None,
1675
+ userattr: Optional[pulumi.Input[builtins.str]] = None,
1676
+ userdn: Optional[pulumi.Input[builtins.str]] = None) -> 'SecretBackend':
1676
1677
  """
1677
1678
  Get an existing SecretBackend resource's state with the given name, id, and optional extra
1678
1679
  properties used to qualify the lookup.
@@ -1680,61 +1681,61 @@ class SecretBackend(pulumi.CustomResource):
1680
1681
  :param str resource_name: The unique name of the resulting resource.
1681
1682
  :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
1682
1683
  :param pulumi.ResourceOptions opts: Options for the resource.
1683
- :param pulumi.Input[str] accessor: Accessor of the mount
1684
- :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_managed_keys: List of managed key registry entry names that the mount in question is allowed to access
1685
- :param pulumi.Input[Sequence[pulumi.Input[str]]] allowed_response_headers: List of headers to allow and pass from the request to the plugin
1686
- :param pulumi.Input[Sequence[pulumi.Input[str]]] audit_non_hmac_request_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
1687
- :param pulumi.Input[Sequence[pulumi.Input[str]]] audit_non_hmac_response_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
1688
- :param pulumi.Input[str] binddn: Distinguished name of object to bind when performing user and group search.
1689
- :param pulumi.Input[str] bindpass: Password to use along with binddn when performing user search.
1690
- :param pulumi.Input[str] certificate: CA certificate to use when verifying LDAP server certificate, must be
1684
+ :param pulumi.Input[builtins.str] accessor: Accessor of the mount
1685
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_managed_keys: List of managed key registry entry names that the mount in question is allowed to access
1686
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] allowed_response_headers: List of headers to allow and pass from the request to the plugin
1687
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] audit_non_hmac_request_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
1688
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] audit_non_hmac_response_keys: Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
1689
+ :param pulumi.Input[builtins.str] binddn: Distinguished name of object to bind when performing user and group search.
1690
+ :param pulumi.Input[builtins.str] bindpass: Password to use along with binddn when performing user search.
1691
+ :param pulumi.Input[builtins.str] certificate: CA certificate to use when verifying LDAP server certificate, must be
1691
1692
  x509 PEM encoded.
1692
- :param pulumi.Input[str] client_tls_cert: Client certificate to provide to the LDAP server, must be x509 PEM encoded.
1693
- :param pulumi.Input[str] client_tls_key: Client certificate key to provide to the LDAP server, must be x509 PEM encoded.
1694
- :param pulumi.Input[int] connection_timeout: Timeout, in seconds, when attempting to connect to the LDAP server before trying
1693
+ :param pulumi.Input[builtins.str] client_tls_cert: Client certificate to provide to the LDAP server, must be x509 PEM encoded.
1694
+ :param pulumi.Input[builtins.str] client_tls_key: Client certificate key to provide to the LDAP server, must be x509 PEM encoded.
1695
+ :param pulumi.Input[builtins.int] connection_timeout: Timeout, in seconds, when attempting to connect to the LDAP server before trying
1695
1696
  the next URL in the configuration.
1696
- :param pulumi.Input[int] default_lease_ttl_seconds: Default lease duration for secrets in seconds.
1697
- :param pulumi.Input[Sequence[pulumi.Input[str]]] delegated_auth_accessors: List of headers to allow and pass from the request to the plugin
1698
- :param pulumi.Input[str] description: Human-friendly description of the mount for the Active Directory backend.
1699
- :param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
1700
- :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
1701
- :param pulumi.Input[bool] external_entropy_access: Enable the secrets engine to access Vault's external entropy source
1702
- :param pulumi.Input[str] identity_token_key: The key to use for signing plugin workload identity tokens
1703
- :param pulumi.Input[bool] insecure_tls: Skip LDAP server SSL Certificate verification. This is not recommended for production.
1697
+ :param pulumi.Input[builtins.int] default_lease_ttl_seconds: Default lease duration for secrets in seconds.
1698
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] delegated_auth_accessors: List of headers to allow and pass from the request to the plugin
1699
+ :param pulumi.Input[builtins.str] description: Human-friendly description of the mount for the Active Directory backend.
1700
+ :param pulumi.Input[builtins.bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
1701
+ :param pulumi.Input[builtins.bool] disable_remount: If set, opts out of mount migration on path updates.
1702
+ :param pulumi.Input[builtins.bool] external_entropy_access: Enable the secrets engine to access Vault's external entropy source
1703
+ :param pulumi.Input[builtins.str] identity_token_key: The key to use for signing plugin workload identity tokens
1704
+ :param pulumi.Input[builtins.bool] insecure_tls: Skip LDAP server SSL Certificate verification. This is not recommended for production.
1704
1705
  Defaults to `false`.
1705
- :param pulumi.Input[str] listing_visibility: Specifies whether to show this mount in the UI-specific listing endpoint
1706
- :param pulumi.Input[bool] local: Mark the secrets engine as local-only. Local engines are not replicated or removed by
1706
+ :param pulumi.Input[builtins.str] listing_visibility: Specifies whether to show this mount in the UI-specific listing endpoint
1707
+ :param pulumi.Input[builtins.bool] local: Mark the secrets engine as local-only. Local engines are not replicated or removed by
1707
1708
  replication.Tolerance duration to use when checking the last rotation time.
1708
- :param pulumi.Input[int] max_lease_ttl_seconds: Maximum possible lease duration for secrets in seconds.
1709
- :param pulumi.Input[str] namespace: The namespace to provision the resource in.
1709
+ :param pulumi.Input[builtins.int] max_lease_ttl_seconds: Maximum possible lease duration for secrets in seconds.
1710
+ :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
1710
1711
  The value should not contain leading or trailing forward slashes.
1711
1712
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
1712
1713
  *Available only for Vault Enterprise*.
1713
- :param pulumi.Input[Mapping[str, pulumi.Input[str]]] options: Specifies mount type specific options that are passed to the backend
1714
- :param pulumi.Input[Sequence[pulumi.Input[str]]] passthrough_request_headers: List of headers to allow and pass from the request to the plugin
1715
- :param pulumi.Input[str] password_policy: Name of the password policy to use to generate passwords.
1716
- :param pulumi.Input[str] path: The unique path this backend should be mounted at. Must
1714
+ :param pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]] options: Specifies mount type specific options that are passed to the backend
1715
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] passthrough_request_headers: List of headers to allow and pass from the request to the plugin
1716
+ :param pulumi.Input[builtins.str] password_policy: Name of the password policy to use to generate passwords.
1717
+ :param pulumi.Input[builtins.str] path: The unique path this backend should be mounted at. Must
1717
1718
  not begin or end with a `/`. Defaults to `ldap`.
1718
- :param pulumi.Input[str] plugin_version: Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
1719
- :param pulumi.Input[int] request_timeout: Timeout, in seconds, for the connection when making requests against the server
1719
+ :param pulumi.Input[builtins.str] plugin_version: Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
1720
+ :param pulumi.Input[builtins.int] request_timeout: Timeout, in seconds, for the connection when making requests against the server
1720
1721
  before returning back an error.
1721
- :param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
1722
+ :param pulumi.Input[builtins.int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
1722
1723
  A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
1723
- :param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
1724
+ :param pulumi.Input[builtins.str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
1724
1725
  defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
1725
- :param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
1726
+ :param pulumi.Input[builtins.int] rotation_window: The maximum amount of time in seconds allowed to complete
1726
1727
  a rotation when a scheduled token rotation occurs. The default rotation window is
1727
1728
  unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
1728
- :param pulumi.Input[str] schema: The LDAP schema to use when storing entry passwords. Valid schemas include `openldap`, `ad`, and `racf`. Default is `openldap`.
1729
- :param pulumi.Input[bool] seal_wrap: Enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
1730
- :param pulumi.Input[bool] skip_static_role_import_rotation: If set to true, static roles will not be rotated during import.
1729
+ :param pulumi.Input[builtins.str] schema: The LDAP schema to use when storing entry passwords. Valid schemas include `openldap`, `ad`, and `racf`. Default is `openldap`.
1730
+ :param pulumi.Input[builtins.bool] seal_wrap: Enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
1731
+ :param pulumi.Input[builtins.bool] skip_static_role_import_rotation: If set to true, static roles will not be rotated during import.
1731
1732
  Defaults to false. Requires Vault 1.16 or above.
1732
- :param pulumi.Input[bool] starttls: Issue a StartTLS command after establishing unencrypted connection.
1733
- :param pulumi.Input[str] upndomain: Enables userPrincipalDomain login with [username]@UPNDomain.
1734
- :param pulumi.Input[str] url: LDAP URL to connect to. Multiple URLs can be specified by concatenating
1733
+ :param pulumi.Input[builtins.bool] starttls: Issue a StartTLS command after establishing unencrypted connection.
1734
+ :param pulumi.Input[builtins.str] upndomain: Enables userPrincipalDomain login with [username]@UPNDomain.
1735
+ :param pulumi.Input[builtins.str] url: LDAP URL to connect to. Multiple URLs can be specified by concatenating
1735
1736
  them with commas; they will be tried in-order. Defaults to `ldap://127.0.0.1`.
1736
- :param pulumi.Input[str] userattr: Attribute used when searching users. Defaults to `cn`.
1737
- :param pulumi.Input[str] userdn: LDAP domain to use for users (eg: ou=People,dc=example,dc=org)`.
1737
+ :param pulumi.Input[builtins.str] userattr: Attribute used when searching users. Defaults to `cn`.
1738
+ :param pulumi.Input[builtins.str] userdn: LDAP domain to use for users (eg: ou=People,dc=example,dc=org)`.
1738
1739
  """
1739
1740
  opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
1740
1741
 
@@ -1784,7 +1785,7 @@ class SecretBackend(pulumi.CustomResource):
1784
1785
 
1785
1786
  @property
1786
1787
  @pulumi.getter
1787
- def accessor(self) -> pulumi.Output[str]:
1788
+ def accessor(self) -> pulumi.Output[builtins.str]:
1788
1789
  """
1789
1790
  Accessor of the mount
1790
1791
  """
@@ -1792,7 +1793,7 @@ class SecretBackend(pulumi.CustomResource):
1792
1793
 
1793
1794
  @property
1794
1795
  @pulumi.getter(name="allowedManagedKeys")
1795
- def allowed_managed_keys(self) -> pulumi.Output[Optional[Sequence[str]]]:
1796
+ def allowed_managed_keys(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
1796
1797
  """
1797
1798
  List of managed key registry entry names that the mount in question is allowed to access
1798
1799
  """
@@ -1800,7 +1801,7 @@ class SecretBackend(pulumi.CustomResource):
1800
1801
 
1801
1802
  @property
1802
1803
  @pulumi.getter(name="allowedResponseHeaders")
1803
- def allowed_response_headers(self) -> pulumi.Output[Optional[Sequence[str]]]:
1804
+ def allowed_response_headers(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
1804
1805
  """
1805
1806
  List of headers to allow and pass from the request to the plugin
1806
1807
  """
@@ -1808,7 +1809,7 @@ class SecretBackend(pulumi.CustomResource):
1808
1809
 
1809
1810
  @property
1810
1811
  @pulumi.getter(name="auditNonHmacRequestKeys")
1811
- def audit_non_hmac_request_keys(self) -> pulumi.Output[Sequence[str]]:
1812
+ def audit_non_hmac_request_keys(self) -> pulumi.Output[Sequence[builtins.str]]:
1812
1813
  """
1813
1814
  Specifies the list of keys that will not be HMAC'd by audit devices in the request data object.
1814
1815
  """
@@ -1816,7 +1817,7 @@ class SecretBackend(pulumi.CustomResource):
1816
1817
 
1817
1818
  @property
1818
1819
  @pulumi.getter(name="auditNonHmacResponseKeys")
1819
- def audit_non_hmac_response_keys(self) -> pulumi.Output[Sequence[str]]:
1820
+ def audit_non_hmac_response_keys(self) -> pulumi.Output[Sequence[builtins.str]]:
1820
1821
  """
1821
1822
  Specifies the list of keys that will not be HMAC'd by audit devices in the response data object.
1822
1823
  """
@@ -1824,7 +1825,7 @@ class SecretBackend(pulumi.CustomResource):
1824
1825
 
1825
1826
  @property
1826
1827
  @pulumi.getter
1827
- def binddn(self) -> pulumi.Output[str]:
1828
+ def binddn(self) -> pulumi.Output[builtins.str]:
1828
1829
  """
1829
1830
  Distinguished name of object to bind when performing user and group search.
1830
1831
  """
@@ -1832,7 +1833,7 @@ class SecretBackend(pulumi.CustomResource):
1832
1833
 
1833
1834
  @property
1834
1835
  @pulumi.getter
1835
- def bindpass(self) -> pulumi.Output[str]:
1836
+ def bindpass(self) -> pulumi.Output[builtins.str]:
1836
1837
  """
1837
1838
  Password to use along with binddn when performing user search.
1838
1839
  """
@@ -1840,7 +1841,7 @@ class SecretBackend(pulumi.CustomResource):
1840
1841
 
1841
1842
  @property
1842
1843
  @pulumi.getter
1843
- def certificate(self) -> pulumi.Output[Optional[str]]:
1844
+ def certificate(self) -> pulumi.Output[Optional[builtins.str]]:
1844
1845
  """
1845
1846
  CA certificate to use when verifying LDAP server certificate, must be
1846
1847
  x509 PEM encoded.
@@ -1849,7 +1850,7 @@ class SecretBackend(pulumi.CustomResource):
1849
1850
 
1850
1851
  @property
1851
1852
  @pulumi.getter(name="clientTlsCert")
1852
- def client_tls_cert(self) -> pulumi.Output[Optional[str]]:
1853
+ def client_tls_cert(self) -> pulumi.Output[Optional[builtins.str]]:
1853
1854
  """
1854
1855
  Client certificate to provide to the LDAP server, must be x509 PEM encoded.
1855
1856
  """
@@ -1857,7 +1858,7 @@ class SecretBackend(pulumi.CustomResource):
1857
1858
 
1858
1859
  @property
1859
1860
  @pulumi.getter(name="clientTlsKey")
1860
- def client_tls_key(self) -> pulumi.Output[Optional[str]]:
1861
+ def client_tls_key(self) -> pulumi.Output[Optional[builtins.str]]:
1861
1862
  """
1862
1863
  Client certificate key to provide to the LDAP server, must be x509 PEM encoded.
1863
1864
  """
@@ -1865,7 +1866,7 @@ class SecretBackend(pulumi.CustomResource):
1865
1866
 
1866
1867
  @property
1867
1868
  @pulumi.getter(name="connectionTimeout")
1868
- def connection_timeout(self) -> pulumi.Output[Optional[int]]:
1869
+ def connection_timeout(self) -> pulumi.Output[Optional[builtins.int]]:
1869
1870
  """
1870
1871
  Timeout, in seconds, when attempting to connect to the LDAP server before trying
1871
1872
  the next URL in the configuration.
@@ -1874,7 +1875,7 @@ class SecretBackend(pulumi.CustomResource):
1874
1875
 
1875
1876
  @property
1876
1877
  @pulumi.getter(name="defaultLeaseTtlSeconds")
1877
- def default_lease_ttl_seconds(self) -> pulumi.Output[int]:
1878
+ def default_lease_ttl_seconds(self) -> pulumi.Output[builtins.int]:
1878
1879
  """
1879
1880
  Default lease duration for secrets in seconds.
1880
1881
  """
@@ -1882,7 +1883,7 @@ class SecretBackend(pulumi.CustomResource):
1882
1883
 
1883
1884
  @property
1884
1885
  @pulumi.getter(name="delegatedAuthAccessors")
1885
- def delegated_auth_accessors(self) -> pulumi.Output[Optional[Sequence[str]]]:
1886
+ def delegated_auth_accessors(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
1886
1887
  """
1887
1888
  List of headers to allow and pass from the request to the plugin
1888
1889
  """
@@ -1890,7 +1891,7 @@ class SecretBackend(pulumi.CustomResource):
1890
1891
 
1891
1892
  @property
1892
1893
  @pulumi.getter
1893
- def description(self) -> pulumi.Output[Optional[str]]:
1894
+ def description(self) -> pulumi.Output[Optional[builtins.str]]:
1894
1895
  """
1895
1896
  Human-friendly description of the mount for the Active Directory backend.
1896
1897
  """
@@ -1898,7 +1899,7 @@ class SecretBackend(pulumi.CustomResource):
1898
1899
 
1899
1900
  @property
1900
1901
  @pulumi.getter(name="disableAutomatedRotation")
1901
- def disable_automated_rotation(self) -> pulumi.Output[Optional[bool]]:
1902
+ def disable_automated_rotation(self) -> pulumi.Output[Optional[builtins.bool]]:
1902
1903
  """
1903
1904
  Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
1904
1905
  """
@@ -1906,7 +1907,7 @@ class SecretBackend(pulumi.CustomResource):
1906
1907
 
1907
1908
  @property
1908
1909
  @pulumi.getter(name="disableRemount")
1909
- def disable_remount(self) -> pulumi.Output[Optional[bool]]:
1910
+ def disable_remount(self) -> pulumi.Output[Optional[builtins.bool]]:
1910
1911
  """
1911
1912
  If set, opts out of mount migration on path updates.
1912
1913
  """
@@ -1914,7 +1915,7 @@ class SecretBackend(pulumi.CustomResource):
1914
1915
 
1915
1916
  @property
1916
1917
  @pulumi.getter(name="externalEntropyAccess")
1917
- def external_entropy_access(self) -> pulumi.Output[Optional[bool]]:
1918
+ def external_entropy_access(self) -> pulumi.Output[Optional[builtins.bool]]:
1918
1919
  """
1919
1920
  Enable the secrets engine to access Vault's external entropy source
1920
1921
  """
@@ -1922,7 +1923,7 @@ class SecretBackend(pulumi.CustomResource):
1922
1923
 
1923
1924
  @property
1924
1925
  @pulumi.getter(name="identityTokenKey")
1925
- def identity_token_key(self) -> pulumi.Output[Optional[str]]:
1926
+ def identity_token_key(self) -> pulumi.Output[Optional[builtins.str]]:
1926
1927
  """
1927
1928
  The key to use for signing plugin workload identity tokens
1928
1929
  """
@@ -1930,7 +1931,7 @@ class SecretBackend(pulumi.CustomResource):
1930
1931
 
1931
1932
  @property
1932
1933
  @pulumi.getter(name="insecureTls")
1933
- def insecure_tls(self) -> pulumi.Output[Optional[bool]]:
1934
+ def insecure_tls(self) -> pulumi.Output[Optional[builtins.bool]]:
1934
1935
  """
1935
1936
  Skip LDAP server SSL Certificate verification. This is not recommended for production.
1936
1937
  Defaults to `false`.
@@ -1939,7 +1940,7 @@ class SecretBackend(pulumi.CustomResource):
1939
1940
 
1940
1941
  @property
1941
1942
  @pulumi.getter(name="listingVisibility")
1942
- def listing_visibility(self) -> pulumi.Output[Optional[str]]:
1943
+ def listing_visibility(self) -> pulumi.Output[Optional[builtins.str]]:
1943
1944
  """
1944
1945
  Specifies whether to show this mount in the UI-specific listing endpoint
1945
1946
  """
@@ -1947,7 +1948,7 @@ class SecretBackend(pulumi.CustomResource):
1947
1948
 
1948
1949
  @property
1949
1950
  @pulumi.getter
1950
- def local(self) -> pulumi.Output[Optional[bool]]:
1951
+ def local(self) -> pulumi.Output[Optional[builtins.bool]]:
1951
1952
  """
1952
1953
  Mark the secrets engine as local-only. Local engines are not replicated or removed by
1953
1954
  replication.Tolerance duration to use when checking the last rotation time.
@@ -1956,7 +1957,7 @@ class SecretBackend(pulumi.CustomResource):
1956
1957
 
1957
1958
  @property
1958
1959
  @pulumi.getter(name="maxLeaseTtlSeconds")
1959
- def max_lease_ttl_seconds(self) -> pulumi.Output[int]:
1960
+ def max_lease_ttl_seconds(self) -> pulumi.Output[builtins.int]:
1960
1961
  """
1961
1962
  Maximum possible lease duration for secrets in seconds.
1962
1963
  """
@@ -1964,7 +1965,7 @@ class SecretBackend(pulumi.CustomResource):
1964
1965
 
1965
1966
  @property
1966
1967
  @pulumi.getter
1967
- def namespace(self) -> pulumi.Output[Optional[str]]:
1968
+ def namespace(self) -> pulumi.Output[Optional[builtins.str]]:
1968
1969
  """
1969
1970
  The namespace to provision the resource in.
1970
1971
  The value should not contain leading or trailing forward slashes.
@@ -1975,7 +1976,7 @@ class SecretBackend(pulumi.CustomResource):
1975
1976
 
1976
1977
  @property
1977
1978
  @pulumi.getter
1978
- def options(self) -> pulumi.Output[Optional[Mapping[str, str]]]:
1979
+ def options(self) -> pulumi.Output[Optional[Mapping[str, builtins.str]]]:
1979
1980
  """
1980
1981
  Specifies mount type specific options that are passed to the backend
1981
1982
  """
@@ -1983,7 +1984,7 @@ class SecretBackend(pulumi.CustomResource):
1983
1984
 
1984
1985
  @property
1985
1986
  @pulumi.getter(name="passthroughRequestHeaders")
1986
- def passthrough_request_headers(self) -> pulumi.Output[Optional[Sequence[str]]]:
1987
+ def passthrough_request_headers(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
1987
1988
  """
1988
1989
  List of headers to allow and pass from the request to the plugin
1989
1990
  """
@@ -1991,7 +1992,7 @@ class SecretBackend(pulumi.CustomResource):
1991
1992
 
1992
1993
  @property
1993
1994
  @pulumi.getter(name="passwordPolicy")
1994
- def password_policy(self) -> pulumi.Output[Optional[str]]:
1995
+ def password_policy(self) -> pulumi.Output[Optional[builtins.str]]:
1995
1996
  """
1996
1997
  Name of the password policy to use to generate passwords.
1997
1998
  """
@@ -1999,7 +2000,7 @@ class SecretBackend(pulumi.CustomResource):
1999
2000
 
2000
2001
  @property
2001
2002
  @pulumi.getter
2002
- def path(self) -> pulumi.Output[Optional[str]]:
2003
+ def path(self) -> pulumi.Output[Optional[builtins.str]]:
2003
2004
  """
2004
2005
  The unique path this backend should be mounted at. Must
2005
2006
  not begin or end with a `/`. Defaults to `ldap`.
@@ -2008,7 +2009,7 @@ class SecretBackend(pulumi.CustomResource):
2008
2009
 
2009
2010
  @property
2010
2011
  @pulumi.getter(name="pluginVersion")
2011
- def plugin_version(self) -> pulumi.Output[Optional[str]]:
2012
+ def plugin_version(self) -> pulumi.Output[Optional[builtins.str]]:
2012
2013
  """
2013
2014
  Specifies the semantic version of the plugin to use, e.g. 'v1.0.0'
2014
2015
  """
@@ -2016,7 +2017,7 @@ class SecretBackend(pulumi.CustomResource):
2016
2017
 
2017
2018
  @property
2018
2019
  @pulumi.getter(name="requestTimeout")
2019
- def request_timeout(self) -> pulumi.Output[int]:
2020
+ def request_timeout(self) -> pulumi.Output[builtins.int]:
2020
2021
  """
2021
2022
  Timeout, in seconds, for the connection when making requests against the server
2022
2023
  before returning back an error.
@@ -2025,7 +2026,7 @@ class SecretBackend(pulumi.CustomResource):
2025
2026
 
2026
2027
  @property
2027
2028
  @pulumi.getter(name="rotationPeriod")
2028
- def rotation_period(self) -> pulumi.Output[Optional[int]]:
2029
+ def rotation_period(self) -> pulumi.Output[Optional[builtins.int]]:
2029
2030
  """
2030
2031
  The amount of time in seconds Vault should wait before rotating the root credential.
2031
2032
  A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
@@ -2034,7 +2035,7 @@ class SecretBackend(pulumi.CustomResource):
2034
2035
 
2035
2036
  @property
2036
2037
  @pulumi.getter(name="rotationSchedule")
2037
- def rotation_schedule(self) -> pulumi.Output[Optional[str]]:
2038
+ def rotation_schedule(self) -> pulumi.Output[Optional[builtins.str]]:
2038
2039
  """
2039
2040
  The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
2040
2041
  defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
@@ -2043,7 +2044,7 @@ class SecretBackend(pulumi.CustomResource):
2043
2044
 
2044
2045
  @property
2045
2046
  @pulumi.getter(name="rotationWindow")
2046
- def rotation_window(self) -> pulumi.Output[Optional[int]]:
2047
+ def rotation_window(self) -> pulumi.Output[Optional[builtins.int]]:
2047
2048
  """
2048
2049
  The maximum amount of time in seconds allowed to complete
2049
2050
  a rotation when a scheduled token rotation occurs. The default rotation window is
@@ -2053,7 +2054,7 @@ class SecretBackend(pulumi.CustomResource):
2053
2054
 
2054
2055
  @property
2055
2056
  @pulumi.getter
2056
- def schema(self) -> pulumi.Output[str]:
2057
+ def schema(self) -> pulumi.Output[builtins.str]:
2057
2058
  """
2058
2059
  The LDAP schema to use when storing entry passwords. Valid schemas include `openldap`, `ad`, and `racf`. Default is `openldap`.
2059
2060
  """
@@ -2061,7 +2062,7 @@ class SecretBackend(pulumi.CustomResource):
2061
2062
 
2062
2063
  @property
2063
2064
  @pulumi.getter(name="sealWrap")
2064
- def seal_wrap(self) -> pulumi.Output[bool]:
2065
+ def seal_wrap(self) -> pulumi.Output[builtins.bool]:
2065
2066
  """
2066
2067
  Enable seal wrapping for the mount, causing values stored by the mount to be wrapped by the seal's encryption capability
2067
2068
  """
@@ -2069,7 +2070,7 @@ class SecretBackend(pulumi.CustomResource):
2069
2070
 
2070
2071
  @property
2071
2072
  @pulumi.getter(name="skipStaticRoleImportRotation")
2072
- def skip_static_role_import_rotation(self) -> pulumi.Output[Optional[bool]]:
2073
+ def skip_static_role_import_rotation(self) -> pulumi.Output[Optional[builtins.bool]]:
2073
2074
  """
2074
2075
  If set to true, static roles will not be rotated during import.
2075
2076
  Defaults to false. Requires Vault 1.16 or above.
@@ -2078,7 +2079,7 @@ class SecretBackend(pulumi.CustomResource):
2078
2079
 
2079
2080
  @property
2080
2081
  @pulumi.getter
2081
- def starttls(self) -> pulumi.Output[bool]:
2082
+ def starttls(self) -> pulumi.Output[builtins.bool]:
2082
2083
  """
2083
2084
  Issue a StartTLS command after establishing unencrypted connection.
2084
2085
  """
@@ -2086,7 +2087,7 @@ class SecretBackend(pulumi.CustomResource):
2086
2087
 
2087
2088
  @property
2088
2089
  @pulumi.getter
2089
- def upndomain(self) -> pulumi.Output[str]:
2090
+ def upndomain(self) -> pulumi.Output[builtins.str]:
2090
2091
  """
2091
2092
  Enables userPrincipalDomain login with [username]@UPNDomain.
2092
2093
  """
@@ -2094,7 +2095,7 @@ class SecretBackend(pulumi.CustomResource):
2094
2095
 
2095
2096
  @property
2096
2097
  @pulumi.getter
2097
- def url(self) -> pulumi.Output[str]:
2098
+ def url(self) -> pulumi.Output[builtins.str]:
2098
2099
  """
2099
2100
  LDAP URL to connect to. Multiple URLs can be specified by concatenating
2100
2101
  them with commas; they will be tried in-order. Defaults to `ldap://127.0.0.1`.
@@ -2103,7 +2104,7 @@ class SecretBackend(pulumi.CustomResource):
2103
2104
 
2104
2105
  @property
2105
2106
  @pulumi.getter
2106
- def userattr(self) -> pulumi.Output[str]:
2107
+ def userattr(self) -> pulumi.Output[builtins.str]:
2107
2108
  """
2108
2109
  Attribute used when searching users. Defaults to `cn`.
2109
2110
  """
@@ -2111,7 +2112,7 @@ class SecretBackend(pulumi.CustomResource):
2111
2112
 
2112
2113
  @property
2113
2114
  @pulumi.getter
2114
- def userdn(self) -> pulumi.Output[Optional[str]]:
2115
+ def userdn(self) -> pulumi.Output[Optional[builtins.str]]:
2115
2116
  """
2116
2117
  LDAP domain to use for users (eg: ou=People,dc=example,dc=org)`.
2117
2118
  """