pulumi-vault 6.7.0a1743576047__py3-none-any.whl → 6.7.0a1744267302__py3-none-any.whl

pulumi_vault/pkisecret/backend_config_est.py

@@ -2,6 +2,7 @@
 # *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
 # *** Do not edit by hand unless you're certain you know what you are doing! ***
 
+import builtins
 import copy
 import warnings
 import sys
@@ -21,29 +22,29 @@ __all__ = ['BackendConfigEstArgs', 'BackendConfigEst']
 @pulumi.input_type
 class BackendConfigEstArgs:
     def __init__(__self__, *,
-                 backend: pulumi.Input[str],
-                 audit_fields: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
+                 backend: pulumi.Input[builtins.str],
+                 audit_fields: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
                  authenticators: Optional[pulumi.Input['BackendConfigEstAuthenticatorsArgs']] = None,
-                 default_mount: Optional[pulumi.Input[bool]] = None,
-                 default_path_policy: Optional[pulumi.Input[str]] = None,
-                 enable_sentinel_parsing: Optional[pulumi.Input[bool]] = None,
-                 enabled: Optional[pulumi.Input[bool]] = None,
-                 label_to_path_policy: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
-                 namespace: Optional[pulumi.Input[str]] = None):
+                 default_mount: Optional[pulumi.Input[builtins.bool]] = None,
+                 default_path_policy: Optional[pulumi.Input[builtins.str]] = None,
+                 enable_sentinel_parsing: Optional[pulumi.Input[builtins.bool]] = None,
+                 enabled: Optional[pulumi.Input[builtins.bool]] = None,
+                 label_to_path_policy: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
+                 namespace: Optional[pulumi.Input[builtins.str]] = None):
         """
         The set of arguments for constructing a BackendConfigEst resource.
-        :param pulumi.Input[str] backend: The path to the PKI secret backend to
+        :param pulumi.Input[builtins.str] backend: The path to the PKI secret backend to
                read the EST configuration from, with no leading or trailing `/`s.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] audit_fields: Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
+        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] audit_fields: Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
                
                <a id="nestedatt--authenticators"></a>
         :param pulumi.Input['BackendConfigEstAuthenticatorsArgs'] authenticators: Lists the mount accessors EST should delegate authentication requests towards (see below for nested schema).
-        :param pulumi.Input[bool] default_mount: If set, this mount will register the default `.well-known/est` URL path. Only a single mount can enable this across a Vault cluster.
-        :param pulumi.Input[str] default_path_policy: Required to be set if default_mount is enabled. Specifies the behavior for requests using the default EST label. Can be sign-verbatim or a role given by role:<role_name>.
-        :param pulumi.Input[bool] enable_sentinel_parsing: If set, parse out fields from the provided CSR making them available for Sentinel policies.
-        :param pulumi.Input[bool] enabled: Specifies whether EST is enabled.
-        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] label_to_path_policy: Configures a pairing of an EST label with the redirected behavior for requests hitting that role. The path policy can be sign-verbatim or a role given by role:<role_name>. Labels must be unique across Vault cluster, and will register .well-known/est/<label> URL paths.
-        :param pulumi.Input[str] namespace: The namespace of the target resource.
+        :param pulumi.Input[builtins.bool] default_mount: If set, this mount will register the default `.well-known/est` URL path. Only a single mount can enable this across a Vault cluster.
+        :param pulumi.Input[builtins.str] default_path_policy: Required to be set if default_mount is enabled. Specifies the behavior for requests using the default EST label. Can be sign-verbatim or a role given by role:<role_name>.
+        :param pulumi.Input[builtins.bool] enable_sentinel_parsing: If set, parse out fields from the provided CSR making them available for Sentinel policies.
+        :param pulumi.Input[builtins.bool] enabled: Specifies whether EST is enabled.
+        :param pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]] label_to_path_policy: Configures a pairing of an EST label with the redirected behavior for requests hitting that role. The path policy can be sign-verbatim or a role given by role:<role_name>. Labels must be unique across Vault cluster, and will register .well-known/est/<label> URL paths.
+        :param pulumi.Input[builtins.str] namespace: The namespace of the target resource.
                The value should not contain leading or trailing forward slashes.
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
@@ -68,7 +69,7 @@ class BackendConfigEstArgs:
 
     @property
     @pulumi.getter
-    def backend(self) -> pulumi.Input[str]:
+    def backend(self) -> pulumi.Input[builtins.str]:
         """
         The path to the PKI secret backend to
         read the EST configuration from, with no leading or trailing `/`s.
@@ -76,12 +77,12 @@ class BackendConfigEstArgs:
         return pulumi.get(self, "backend")
 
     @backend.setter
-    def backend(self, value: pulumi.Input[str]):
+    def backend(self, value: pulumi.Input[builtins.str]):
         pulumi.set(self, "backend", value)
 
     @property
     @pulumi.getter(name="auditFields")
-    def audit_fields(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
+    def audit_fields(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
         """
         Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
 
@@ -90,7 +91,7 @@ class BackendConfigEstArgs:
         return pulumi.get(self, "audit_fields")
 
     @audit_fields.setter
-    def audit_fields(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
+    def audit_fields(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
         pulumi.set(self, "audit_fields", value)
 
     @property
@@ -107,67 +108,67 @@ class BackendConfigEstArgs:
 
     @property
     @pulumi.getter(name="defaultMount")
-    def default_mount(self) -> Optional[pulumi.Input[bool]]:
+    def default_mount(self) -> Optional[pulumi.Input[builtins.bool]]:
         """
         If set, this mount will register the default `.well-known/est` URL path. Only a single mount can enable this across a Vault cluster.
         """
         return pulumi.get(self, "default_mount")
 
     @default_mount.setter
-    def default_mount(self, value: Optional[pulumi.Input[bool]]):
+    def default_mount(self, value: Optional[pulumi.Input[builtins.bool]]):
         pulumi.set(self, "default_mount", value)
 
     @property
     @pulumi.getter(name="defaultPathPolicy")
-    def default_path_policy(self) -> Optional[pulumi.Input[str]]:
+    def default_path_policy(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         Required to be set if default_mount is enabled. Specifies the behavior for requests using the default EST label. Can be sign-verbatim or a role given by role:<role_name>.
         """
         return pulumi.get(self, "default_path_policy")
 
     @default_path_policy.setter
-    def default_path_policy(self, value: Optional[pulumi.Input[str]]):
+    def default_path_policy(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "default_path_policy", value)
 
     @property
     @pulumi.getter(name="enableSentinelParsing")
-    def enable_sentinel_parsing(self) -> Optional[pulumi.Input[bool]]:
+    def enable_sentinel_parsing(self) -> Optional[pulumi.Input[builtins.bool]]:
         """
         If set, parse out fields from the provided CSR making them available for Sentinel policies.
         """
         return pulumi.get(self, "enable_sentinel_parsing")
 
     @enable_sentinel_parsing.setter
-    def enable_sentinel_parsing(self, value: Optional[pulumi.Input[bool]]):
+    def enable_sentinel_parsing(self, value: Optional[pulumi.Input[builtins.bool]]):
         pulumi.set(self, "enable_sentinel_parsing", value)
 
     @property
     @pulumi.getter
-    def enabled(self) -> Optional[pulumi.Input[bool]]:
+    def enabled(self) -> Optional[pulumi.Input[builtins.bool]]:
         """
         Specifies whether EST is enabled.
         """
         return pulumi.get(self, "enabled")
 
     @enabled.setter
-    def enabled(self, value: Optional[pulumi.Input[bool]]):
+    def enabled(self, value: Optional[pulumi.Input[builtins.bool]]):
         pulumi.set(self, "enabled", value)
 
     @property
     @pulumi.getter(name="labelToPathPolicy")
-    def label_to_path_policy(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
+    def label_to_path_policy(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]:
         """
         Configures a pairing of an EST label with the redirected behavior for requests hitting that role. The path policy can be sign-verbatim or a role given by role:<role_name>. Labels must be unique across Vault cluster, and will register .well-known/est/<label> URL paths.
         """
         return pulumi.get(self, "label_to_path_policy")
 
     @label_to_path_policy.setter
-    def label_to_path_policy(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
+    def label_to_path_policy(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]):
         pulumi.set(self, "label_to_path_policy", value)
 
     @property
     @pulumi.getter
-    def namespace(self) -> Optional[pulumi.Input[str]]:
+    def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The namespace of the target resource.
         The value should not contain leading or trailing forward slashes.
@@ -177,38 +178,38 @@ class BackendConfigEstArgs:
         return pulumi.get(self, "namespace")
 
     @namespace.setter
-    def namespace(self, value: Optional[pulumi.Input[str]]):
+    def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "namespace", value)
 
 
 @pulumi.input_type
 class _BackendConfigEstState:
     def __init__(__self__, *,
-                 audit_fields: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
+                 audit_fields: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
                  authenticators: Optional[pulumi.Input['BackendConfigEstAuthenticatorsArgs']] = None,
-                 backend: Optional[pulumi.Input[str]] = None,
-                 default_mount: Optional[pulumi.Input[bool]] = None,
-                 default_path_policy: Optional[pulumi.Input[str]] = None,
-                 enable_sentinel_parsing: Optional[pulumi.Input[bool]] = None,
-                 enabled: Optional[pulumi.Input[bool]] = None,
-                 label_to_path_policy: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
-                 last_updated: Optional[pulumi.Input[str]] = None,
-                 namespace: Optional[pulumi.Input[str]] = None):
+                 backend: Optional[pulumi.Input[builtins.str]] = None,
+                 default_mount: Optional[pulumi.Input[builtins.bool]] = None,
+                 default_path_policy: Optional[pulumi.Input[builtins.str]] = None,
+                 enable_sentinel_parsing: Optional[pulumi.Input[builtins.bool]] = None,
+                 enabled: Optional[pulumi.Input[builtins.bool]] = None,
+                 label_to_path_policy: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
+                 last_updated: Optional[pulumi.Input[builtins.str]] = None,
+                 namespace: Optional[pulumi.Input[builtins.str]] = None):
         """
         Input properties used for looking up and filtering BackendConfigEst resources.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] audit_fields: Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
+        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] audit_fields: Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
                
                <a id="nestedatt--authenticators"></a>
         :param pulumi.Input['BackendConfigEstAuthenticatorsArgs'] authenticators: Lists the mount accessors EST should delegate authentication requests towards (see below for nested schema).
-        :param pulumi.Input[str] backend: The path to the PKI secret backend to
+        :param pulumi.Input[builtins.str] backend: The path to the PKI secret backend to
                read the EST configuration from, with no leading or trailing `/`s.
-        :param pulumi.Input[bool] default_mount: If set, this mount will register the default `.well-known/est` URL path. Only a single mount can enable this across a Vault cluster.
-        :param pulumi.Input[str] default_path_policy: Required to be set if default_mount is enabled. Specifies the behavior for requests using the default EST label. Can be sign-verbatim or a role given by role:<role_name>.
-        :param pulumi.Input[bool] enable_sentinel_parsing: If set, parse out fields from the provided CSR making them available for Sentinel policies.
-        :param pulumi.Input[bool] enabled: Specifies whether EST is enabled.
-        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] label_to_path_policy: Configures a pairing of an EST label with the redirected behavior for requests hitting that role. The path policy can be sign-verbatim or a role given by role:<role_name>. Labels must be unique across Vault cluster, and will register .well-known/est/<label> URL paths.
-        :param pulumi.Input[str] last_updated: A read-only timestamp representing the last time the configuration was updated.
-        :param pulumi.Input[str] namespace: The namespace of the target resource.
+        :param pulumi.Input[builtins.bool] default_mount: If set, this mount will register the default `.well-known/est` URL path. Only a single mount can enable this across a Vault cluster.
+        :param pulumi.Input[builtins.str] default_path_policy: Required to be set if default_mount is enabled. Specifies the behavior for requests using the default EST label. Can be sign-verbatim or a role given by role:<role_name>.
+        :param pulumi.Input[builtins.bool] enable_sentinel_parsing: If set, parse out fields from the provided CSR making them available for Sentinel policies.
+        :param pulumi.Input[builtins.bool] enabled: Specifies whether EST is enabled.
+        :param pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]] label_to_path_policy: Configures a pairing of an EST label with the redirected behavior for requests hitting that role. The path policy can be sign-verbatim or a role given by role:<role_name>. Labels must be unique across Vault cluster, and will register .well-known/est/<label> URL paths.
+        :param pulumi.Input[builtins.str] last_updated: A read-only timestamp representing the last time the configuration was updated.
+        :param pulumi.Input[builtins.str] namespace: The namespace of the target resource.
                The value should not contain leading or trailing forward slashes.
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
@@ -236,7 +237,7 @@ class _BackendConfigEstState:
 
     @property
     @pulumi.getter(name="auditFields")
-    def audit_fields(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
+    def audit_fields(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
         """
         Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
 
@@ -245,7 +246,7 @@ class _BackendConfigEstState:
         return pulumi.get(self, "audit_fields")
 
     @audit_fields.setter
-    def audit_fields(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
+    def audit_fields(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
         pulumi.set(self, "audit_fields", value)
 
     @property
@@ -262,7 +263,7 @@ class _BackendConfigEstState:
 
     @property
     @pulumi.getter
-    def backend(self) -> Optional[pulumi.Input[str]]:
+    def backend(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The path to the PKI secret backend to
         read the EST configuration from, with no leading or trailing `/`s.
@@ -270,84 +271,84 @@ class _BackendConfigEstState:
         return pulumi.get(self, "backend")
 
     @backend.setter
-    def backend(self, value: Optional[pulumi.Input[str]]):
+    def backend(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "backend", value)
 
     @property
     @pulumi.getter(name="defaultMount")
-    def default_mount(self) -> Optional[pulumi.Input[bool]]:
+    def default_mount(self) -> Optional[pulumi.Input[builtins.bool]]:
         """
         If set, this mount will register the default `.well-known/est` URL path. Only a single mount can enable this across a Vault cluster.
         """
         return pulumi.get(self, "default_mount")
 
     @default_mount.setter
-    def default_mount(self, value: Optional[pulumi.Input[bool]]):
+    def default_mount(self, value: Optional[pulumi.Input[builtins.bool]]):
         pulumi.set(self, "default_mount", value)
 
     @property
     @pulumi.getter(name="defaultPathPolicy")
-    def default_path_policy(self) -> Optional[pulumi.Input[str]]:
+    def default_path_policy(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         Required to be set if default_mount is enabled. Specifies the behavior for requests using the default EST label. Can be sign-verbatim or a role given by role:<role_name>.
         """
         return pulumi.get(self, "default_path_policy")
 
     @default_path_policy.setter
-    def default_path_policy(self, value: Optional[pulumi.Input[str]]):
+    def default_path_policy(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "default_path_policy", value)
 
     @property
     @pulumi.getter(name="enableSentinelParsing")
-    def enable_sentinel_parsing(self) -> Optional[pulumi.Input[bool]]:
+    def enable_sentinel_parsing(self) -> Optional[pulumi.Input[builtins.bool]]:
         """
         If set, parse out fields from the provided CSR making them available for Sentinel policies.
         """
         return pulumi.get(self, "enable_sentinel_parsing")
 
     @enable_sentinel_parsing.setter
-    def enable_sentinel_parsing(self, value: Optional[pulumi.Input[bool]]):
+    def enable_sentinel_parsing(self, value: Optional[pulumi.Input[builtins.bool]]):
         pulumi.set(self, "enable_sentinel_parsing", value)
 
     @property
     @pulumi.getter
-    def enabled(self) -> Optional[pulumi.Input[bool]]:
+    def enabled(self) -> Optional[pulumi.Input[builtins.bool]]:
         """
         Specifies whether EST is enabled.
         """
         return pulumi.get(self, "enabled")
 
     @enabled.setter
-    def enabled(self, value: Optional[pulumi.Input[bool]]):
+    def enabled(self, value: Optional[pulumi.Input[builtins.bool]]):
         pulumi.set(self, "enabled", value)
 
     @property
     @pulumi.getter(name="labelToPathPolicy")
-    def label_to_path_policy(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
+    def label_to_path_policy(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]:
         """
         Configures a pairing of an EST label with the redirected behavior for requests hitting that role. The path policy can be sign-verbatim or a role given by role:<role_name>. Labels must be unique across Vault cluster, and will register .well-known/est/<label> URL paths.
         """
         return pulumi.get(self, "label_to_path_policy")
 
     @label_to_path_policy.setter
-    def label_to_path_policy(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
+    def label_to_path_policy(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]):
         pulumi.set(self, "label_to_path_policy", value)
 
     @property
     @pulumi.getter(name="lastUpdated")
-    def last_updated(self) -> Optional[pulumi.Input[str]]:
+    def last_updated(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         A read-only timestamp representing the last time the configuration was updated.
         """
         return pulumi.get(self, "last_updated")
 
     @last_updated.setter
-    def last_updated(self, value: Optional[pulumi.Input[str]]):
+    def last_updated(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "last_updated", value)
 
     @property
     @pulumi.getter
-    def namespace(self) -> Optional[pulumi.Input[str]]:
+    def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
         """
         The namespace of the target resource.
         The value should not contain leading or trailing forward slashes.
@@ -357,7 +358,7 @@ class _BackendConfigEstState:
         return pulumi.get(self, "namespace")
 
     @namespace.setter
-    def namespace(self, value: Optional[pulumi.Input[str]]):
+    def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "namespace", value)
 
 
@@ -366,15 +367,15 @@ class BackendConfigEst(pulumi.CustomResource):
     def __init__(__self__,
                  resource_name: str,
                  opts: Optional[pulumi.ResourceOptions] = None,
-                 audit_fields: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
+                 audit_fields: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
                  authenticators: Optional[pulumi.Input[Union['BackendConfigEstAuthenticatorsArgs', 'BackendConfigEstAuthenticatorsArgsDict']]] = None,
-                 backend: Optional[pulumi.Input[str]] = None,
-                 default_mount: Optional[pulumi.Input[bool]] = None,
-                 default_path_policy: Optional[pulumi.Input[str]] = None,
-                 enable_sentinel_parsing: Optional[pulumi.Input[bool]] = None,
-                 enabled: Optional[pulumi.Input[bool]] = None,
-                 label_to_path_policy: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
-                 namespace: Optional[pulumi.Input[str]] = None,
+                 backend: Optional[pulumi.Input[builtins.str]] = None,
+                 default_mount: Optional[pulumi.Input[builtins.bool]] = None,
+                 default_path_policy: Optional[pulumi.Input[builtins.str]] = None,
+                 enable_sentinel_parsing: Optional[pulumi.Input[builtins.bool]] = None,
+                 enabled: Optional[pulumi.Input[builtins.bool]] = None,
+                 label_to_path_policy: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
+                 namespace: Optional[pulumi.Input[builtins.str]] = None,
                  __props__=None):
         """
         Allows setting the EST configuration on a PKI Secret Backend
@@ -391,18 +392,18 @@ class BackendConfigEst(pulumi.CustomResource):
 
         :param str resource_name: The name of the resource.
         :param pulumi.ResourceOptions opts: Options for the resource.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] audit_fields: Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
+        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] audit_fields: Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
                
                <a id="nestedatt--authenticators"></a>
         :param pulumi.Input[Union['BackendConfigEstAuthenticatorsArgs', 'BackendConfigEstAuthenticatorsArgsDict']] authenticators: Lists the mount accessors EST should delegate authentication requests towards (see below for nested schema).
-        :param pulumi.Input[str] backend: The path to the PKI secret backend to
+        :param pulumi.Input[builtins.str] backend: The path to the PKI secret backend to
                read the EST configuration from, with no leading or trailing `/`s.
-        :param pulumi.Input[bool] default_mount: If set, this mount will register the default `.well-known/est` URL path. Only a single mount can enable this across a Vault cluster.
-        :param pulumi.Input[str] default_path_policy: Required to be set if default_mount is enabled. Specifies the behavior for requests using the default EST label. Can be sign-verbatim or a role given by role:<role_name>.
-        :param pulumi.Input[bool] enable_sentinel_parsing: If set, parse out fields from the provided CSR making them available for Sentinel policies.
-        :param pulumi.Input[bool] enabled: Specifies whether EST is enabled.
-        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] label_to_path_policy: Configures a pairing of an EST label with the redirected behavior for requests hitting that role. The path policy can be sign-verbatim or a role given by role:<role_name>. Labels must be unique across Vault cluster, and will register .well-known/est/<label> URL paths.
-        :param pulumi.Input[str] namespace: The namespace of the target resource.
+        :param pulumi.Input[builtins.bool] default_mount: If set, this mount will register the default `.well-known/est` URL path. Only a single mount can enable this across a Vault cluster.
+        :param pulumi.Input[builtins.str] default_path_policy: Required to be set if default_mount is enabled. Specifies the behavior for requests using the default EST label. Can be sign-verbatim or a role given by role:<role_name>.
+        :param pulumi.Input[builtins.bool] enable_sentinel_parsing: If set, parse out fields from the provided CSR making them available for Sentinel policies.
+        :param pulumi.Input[builtins.bool] enabled: Specifies whether EST is enabled.
+        :param pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]] label_to_path_policy: Configures a pairing of an EST label with the redirected behavior for requests hitting that role. The path policy can be sign-verbatim or a role given by role:<role_name>. Labels must be unique across Vault cluster, and will register .well-known/est/<label> URL paths.
+        :param pulumi.Input[builtins.str] namespace: The namespace of the target resource.
                The value should not contain leading or trailing forward slashes.
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
@@ -441,15 +442,15 @@ class BackendConfigEst(pulumi.CustomResource):
     def _internal_init(__self__,
                  resource_name: str,
                  opts: Optional[pulumi.ResourceOptions] = None,
-                 audit_fields: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
+                 audit_fields: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
                  authenticators: Optional[pulumi.Input[Union['BackendConfigEstAuthenticatorsArgs', 'BackendConfigEstAuthenticatorsArgsDict']]] = None,
-                 backend: Optional[pulumi.Input[str]] = None,
-                 default_mount: Optional[pulumi.Input[bool]] = None,
-                 default_path_policy: Optional[pulumi.Input[str]] = None,
-                 enable_sentinel_parsing: Optional[pulumi.Input[bool]] = None,
-                 enabled: Optional[pulumi.Input[bool]] = None,
-                 label_to_path_policy: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
-                 namespace: Optional[pulumi.Input[str]] = None,
+                 backend: Optional[pulumi.Input[builtins.str]] = None,
+                 default_mount: Optional[pulumi.Input[builtins.bool]] = None,
+                 default_path_policy: Optional[pulumi.Input[builtins.str]] = None,
+                 enable_sentinel_parsing: Optional[pulumi.Input[builtins.bool]] = None,
+                 enabled: Optional[pulumi.Input[builtins.bool]] = None,
+                 label_to_path_policy: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
+                 namespace: Optional[pulumi.Input[builtins.str]] = None,
                  __props__=None):
         opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
         if not isinstance(opts, pulumi.ResourceOptions):
@@ -481,16 +482,16 @@ class BackendConfigEst(pulumi.CustomResource):
     def get(resource_name: str,
             id: pulumi.Input[str],
             opts: Optional[pulumi.ResourceOptions] = None,
-            audit_fields: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
+            audit_fields: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
             authenticators: Optional[pulumi.Input[Union['BackendConfigEstAuthenticatorsArgs', 'BackendConfigEstAuthenticatorsArgsDict']]] = None,
-            backend: Optional[pulumi.Input[str]] = None,
-            default_mount: Optional[pulumi.Input[bool]] = None,
-            default_path_policy: Optional[pulumi.Input[str]] = None,
-            enable_sentinel_parsing: Optional[pulumi.Input[bool]] = None,
-            enabled: Optional[pulumi.Input[bool]] = None,
-            label_to_path_policy: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
-            last_updated: Optional[pulumi.Input[str]] = None,
-            namespace: Optional[pulumi.Input[str]] = None) -> 'BackendConfigEst':
+            backend: Optional[pulumi.Input[builtins.str]] = None,
+            default_mount: Optional[pulumi.Input[builtins.bool]] = None,
+            default_path_policy: Optional[pulumi.Input[builtins.str]] = None,
+            enable_sentinel_parsing: Optional[pulumi.Input[builtins.bool]] = None,
+            enabled: Optional[pulumi.Input[builtins.bool]] = None,
+            label_to_path_policy: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
+            last_updated: Optional[pulumi.Input[builtins.str]] = None,
+            namespace: Optional[pulumi.Input[builtins.str]] = None) -> 'BackendConfigEst':
         """
         Get an existing BackendConfigEst resource's state with the given name, id, and optional extra
         properties used to qualify the lookup.
@@ -498,19 +499,19 @@ class BackendConfigEst(pulumi.CustomResource):
         :param str resource_name: The unique name of the resulting resource.
         :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
         :param pulumi.ResourceOptions opts: Options for the resource.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] audit_fields: Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
+        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] audit_fields: Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
                
                <a id="nestedatt--authenticators"></a>
         :param pulumi.Input[Union['BackendConfigEstAuthenticatorsArgs', 'BackendConfigEstAuthenticatorsArgsDict']] authenticators: Lists the mount accessors EST should delegate authentication requests towards (see below for nested schema).
-        :param pulumi.Input[str] backend: The path to the PKI secret backend to
+        :param pulumi.Input[builtins.str] backend: The path to the PKI secret backend to
                read the EST configuration from, with no leading or trailing `/`s.
-        :param pulumi.Input[bool] default_mount: If set, this mount will register the default `.well-known/est` URL path. Only a single mount can enable this across a Vault cluster.
-        :param pulumi.Input[str] default_path_policy: Required to be set if default_mount is enabled. Specifies the behavior for requests using the default EST label. Can be sign-verbatim or a role given by role:<role_name>.
-        :param pulumi.Input[bool] enable_sentinel_parsing: If set, parse out fields from the provided CSR making them available for Sentinel policies.
-        :param pulumi.Input[bool] enabled: Specifies whether EST is enabled.
-        :param pulumi.Input[Mapping[str, pulumi.Input[str]]] label_to_path_policy: Configures a pairing of an EST label with the redirected behavior for requests hitting that role. The path policy can be sign-verbatim or a role given by role:<role_name>. Labels must be unique across Vault cluster, and will register .well-known/est/<label> URL paths.
-        :param pulumi.Input[str] last_updated: A read-only timestamp representing the last time the configuration was updated.
-        :param pulumi.Input[str] namespace: The namespace of the target resource.
+        :param pulumi.Input[builtins.bool] default_mount: If set, this mount will register the default `.well-known/est` URL path. Only a single mount can enable this across a Vault cluster.
+        :param pulumi.Input[builtins.str] default_path_policy: Required to be set if default_mount is enabled. Specifies the behavior for requests using the default EST label. Can be sign-verbatim or a role given by role:<role_name>.
+        :param pulumi.Input[builtins.bool] enable_sentinel_parsing: If set, parse out fields from the provided CSR making them available for Sentinel policies.
+        :param pulumi.Input[builtins.bool] enabled: Specifies whether EST is enabled.
+        :param pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]] label_to_path_policy: Configures a pairing of an EST label with the redirected behavior for requests hitting that role. The path policy can be sign-verbatim or a role given by role:<role_name>. Labels must be unique across Vault cluster, and will register .well-known/est/<label> URL paths.
+        :param pulumi.Input[builtins.str] last_updated: A read-only timestamp representing the last time the configuration was updated.
+        :param pulumi.Input[builtins.str] namespace: The namespace of the target resource.
                The value should not contain leading or trailing forward slashes.
                The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
                *Available only for Vault Enterprise*.
@@ -533,7 +534,7 @@ class BackendConfigEst(pulumi.CustomResource):
 
     @property
     @pulumi.getter(name="auditFields")
-    def audit_fields(self) -> pulumi.Output[Sequence[str]]:
+    def audit_fields(self) -> pulumi.Output[Sequence[builtins.str]]:
         """
         Fields parsed from the CSR that appear in the audit and can be used by sentinel policies.
 
@@ -551,7 +552,7 @@ class BackendConfigEst(pulumi.CustomResource):
 
     @property
     @pulumi.getter
-    def backend(self) -> pulumi.Output[str]:
+    def backend(self) -> pulumi.Output[builtins.str]:
         """
         The path to the PKI secret backend to
         read the EST configuration from, with no leading or trailing `/`s.
@@ -560,7 +561,7 @@ class BackendConfigEst(pulumi.CustomResource):
 
     @property
     @pulumi.getter(name="defaultMount")
-    def default_mount(self) -> pulumi.Output[Optional[bool]]:
+    def default_mount(self) -> pulumi.Output[Optional[builtins.bool]]:
         """
         If set, this mount will register the default `.well-known/est` URL path. Only a single mount can enable this across a Vault cluster.
         """
@@ -568,7 +569,7 @@ class BackendConfigEst(pulumi.CustomResource):
 
     @property
     @pulumi.getter(name="defaultPathPolicy")
-    def default_path_policy(self) -> pulumi.Output[Optional[str]]:
+    def default_path_policy(self) -> pulumi.Output[Optional[builtins.str]]:
         """
         Required to be set if default_mount is enabled. Specifies the behavior for requests using the default EST label. Can be sign-verbatim or a role given by role:<role_name>.
         """
@@ -576,7 +577,7 @@ class BackendConfigEst(pulumi.CustomResource):
 
     @property
     @pulumi.getter(name="enableSentinelParsing")
-    def enable_sentinel_parsing(self) -> pulumi.Output[Optional[bool]]:
+    def enable_sentinel_parsing(self) -> pulumi.Output[Optional[builtins.bool]]:
         """
         If set, parse out fields from the provided CSR making them available for Sentinel policies.
         """
@@ -584,7 +585,7 @@ class BackendConfigEst(pulumi.CustomResource):
 
     @property
     @pulumi.getter
-    def enabled(self) -> pulumi.Output[Optional[bool]]:
+    def enabled(self) -> pulumi.Output[Optional[builtins.bool]]:
         """
         Specifies whether EST is enabled.
         """
@@ -592,7 +593,7 @@ class BackendConfigEst(pulumi.CustomResource):
 
     @property
     @pulumi.getter(name="labelToPathPolicy")
-    def label_to_path_policy(self) -> pulumi.Output[Optional[Mapping[str, str]]]:
+    def label_to_path_policy(self) -> pulumi.Output[Optional[Mapping[str, builtins.str]]]:
         """
         Configures a pairing of an EST label with the redirected behavior for requests hitting that role. The path policy can be sign-verbatim or a role given by role:<role_name>. Labels must be unique across Vault cluster, and will register .well-known/est/<label> URL paths.
         """
@@ -600,7 +601,7 @@ class BackendConfigEst(pulumi.CustomResource):
 
     @property
     @pulumi.getter(name="lastUpdated")
-    def last_updated(self) -> pulumi.Output[str]:
+    def last_updated(self) -> pulumi.Output[builtins.str]:
         """
         A read-only timestamp representing the last time the configuration was updated.
         """
@@ -608,7 +609,7 @@ class BackendConfigEst(pulumi.CustomResource):
 
     @property
     @pulumi.getter
-    def namespace(self) -> pulumi.Output[Optional[str]]:
+    def namespace(self) -> pulumi.Output[Optional[builtins.str]]:
         """
         The namespace of the target resource.
         The value should not contain leading or trailing forward slashes.