pulumi-vault 6.7.0a1743576047__py3-none-any.whl → 6.7.0a1744267302__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (264) hide show
  1. pulumi_vault/__init__.py +1 -0
  2. pulumi_vault/_inputs.py +554 -553
  3. pulumi_vault/ad/__init__.py +1 -0
  4. pulumi_vault/ad/get_access_credentials.py +20 -19
  5. pulumi_vault/ad/secret_backend.py +477 -476
  6. pulumi_vault/ad/secret_library.py +99 -98
  7. pulumi_vault/ad/secret_role.py +85 -84
  8. pulumi_vault/alicloud/__init__.py +1 -0
  9. pulumi_vault/alicloud/auth_backend_role.py +183 -182
  10. pulumi_vault/approle/__init__.py +1 -0
  11. pulumi_vault/approle/auth_backend_login.py +106 -105
  12. pulumi_vault/approle/auth_backend_role.py +239 -238
  13. pulumi_vault/approle/auth_backend_role_secret_id.py +162 -161
  14. pulumi_vault/approle/get_auth_backend_role_id.py +18 -17
  15. pulumi_vault/audit.py +85 -84
  16. pulumi_vault/audit_request_header.py +43 -42
  17. pulumi_vault/auth_backend.py +106 -105
  18. pulumi_vault/aws/__init__.py +1 -0
  19. pulumi_vault/aws/auth_backend_cert.py +71 -70
  20. pulumi_vault/aws/auth_backend_client.py +253 -252
  21. pulumi_vault/aws/auth_backend_config_identity.py +85 -84
  22. pulumi_vault/aws/auth_backend_identity_whitelist.py +57 -56
  23. pulumi_vault/aws/auth_backend_login.py +209 -208
  24. pulumi_vault/aws/auth_backend_role.py +400 -399
  25. pulumi_vault/aws/auth_backend_role_tag.py +127 -126
  26. pulumi_vault/aws/auth_backend_roletag_blacklist.py +57 -56
  27. pulumi_vault/aws/auth_backend_sts_role.py +71 -70
  28. pulumi_vault/aws/get_access_credentials.py +44 -43
  29. pulumi_vault/aws/get_static_access_credentials.py +13 -12
  30. pulumi_vault/aws/secret_backend.py +337 -336
  31. pulumi_vault/aws/secret_backend_role.py +211 -210
  32. pulumi_vault/aws/secret_backend_static_role.py +113 -112
  33. pulumi_vault/azure/__init__.py +1 -0
  34. pulumi_vault/azure/_inputs.py +21 -20
  35. pulumi_vault/azure/auth_backend_config.py +183 -182
  36. pulumi_vault/azure/auth_backend_role.py +253 -252
  37. pulumi_vault/azure/backend.py +239 -238
  38. pulumi_vault/azure/backend_role.py +141 -140
  39. pulumi_vault/azure/get_access_credentials.py +58 -57
  40. pulumi_vault/azure/outputs.py +11 -10
  41. pulumi_vault/cert_auth_backend_role.py +365 -364
  42. pulumi_vault/config/__init__.py +1 -0
  43. pulumi_vault/config/__init__.pyi +1 -0
  44. pulumi_vault/config/_inputs.py +11 -10
  45. pulumi_vault/config/outputs.py +287 -286
  46. pulumi_vault/config/ui_custom_message.py +113 -112
  47. pulumi_vault/config/vars.py +1 -0
  48. pulumi_vault/consul/__init__.py +1 -0
  49. pulumi_vault/consul/secret_backend.py +197 -196
  50. pulumi_vault/consul/secret_backend_role.py +183 -182
  51. pulumi_vault/database/__init__.py +1 -0
  52. pulumi_vault/database/_inputs.py +2525 -2524
  53. pulumi_vault/database/outputs.py +1529 -1528
  54. pulumi_vault/database/secret_backend_connection.py +169 -168
  55. pulumi_vault/database/secret_backend_role.py +169 -168
  56. pulumi_vault/database/secret_backend_static_role.py +179 -178
  57. pulumi_vault/database/secrets_mount.py +267 -266
  58. pulumi_vault/egp_policy.py +71 -70
  59. pulumi_vault/gcp/__init__.py +1 -0
  60. pulumi_vault/gcp/_inputs.py +82 -81
  61. pulumi_vault/gcp/auth_backend.py +260 -259
  62. pulumi_vault/gcp/auth_backend_role.py +281 -280
  63. pulumi_vault/gcp/get_auth_backend_role.py +70 -69
  64. pulumi_vault/gcp/outputs.py +50 -49
  65. pulumi_vault/gcp/secret_backend.py +232 -231
  66. pulumi_vault/gcp/secret_impersonated_account.py +92 -91
  67. pulumi_vault/gcp/secret_roleset.py +92 -91
  68. pulumi_vault/gcp/secret_static_account.py +92 -91
  69. pulumi_vault/generic/__init__.py +1 -0
  70. pulumi_vault/generic/endpoint.py +113 -112
  71. pulumi_vault/generic/get_secret.py +28 -27
  72. pulumi_vault/generic/secret.py +78 -77
  73. pulumi_vault/get_auth_backend.py +19 -18
  74. pulumi_vault/get_auth_backends.py +14 -13
  75. pulumi_vault/get_namespace.py +15 -14
  76. pulumi_vault/get_namespaces.py +8 -7
  77. pulumi_vault/get_nomad_access_token.py +19 -18
  78. pulumi_vault/get_policy_document.py +6 -5
  79. pulumi_vault/get_raft_autopilot_state.py +18 -17
  80. pulumi_vault/github/__init__.py +1 -0
  81. pulumi_vault/github/_inputs.py +42 -41
  82. pulumi_vault/github/auth_backend.py +232 -231
  83. pulumi_vault/github/outputs.py +26 -25
  84. pulumi_vault/github/team.py +57 -56
  85. pulumi_vault/github/user.py +57 -56
  86. pulumi_vault/identity/__init__.py +1 -0
  87. pulumi_vault/identity/entity.py +85 -84
  88. pulumi_vault/identity/entity_alias.py +71 -70
  89. pulumi_vault/identity/entity_policies.py +64 -63
  90. pulumi_vault/identity/get_entity.py +43 -42
  91. pulumi_vault/identity/get_group.py +50 -49
  92. pulumi_vault/identity/get_oidc_client_creds.py +14 -13
  93. pulumi_vault/identity/get_oidc_openid_config.py +24 -23
  94. pulumi_vault/identity/get_oidc_public_keys.py +13 -12
  95. pulumi_vault/identity/group.py +141 -140
  96. pulumi_vault/identity/group_alias.py +57 -56
  97. pulumi_vault/identity/group_member_entity_ids.py +57 -56
  98. pulumi_vault/identity/group_member_group_ids.py +57 -56
  99. pulumi_vault/identity/group_policies.py +64 -63
  100. pulumi_vault/identity/mfa_duo.py +148 -147
  101. pulumi_vault/identity/mfa_login_enforcement.py +120 -119
  102. pulumi_vault/identity/mfa_okta.py +134 -133
  103. pulumi_vault/identity/mfa_pingid.py +127 -126
  104. pulumi_vault/identity/mfa_totp.py +176 -175
  105. pulumi_vault/identity/oidc.py +29 -28
  106. pulumi_vault/identity/oidc_assignment.py +57 -56
  107. pulumi_vault/identity/oidc_client.py +127 -126
  108. pulumi_vault/identity/oidc_key.py +85 -84
  109. pulumi_vault/identity/oidc_key_allowed_client_id.py +43 -42
  110. pulumi_vault/identity/oidc_provider.py +92 -91
  111. pulumi_vault/identity/oidc_role.py +85 -84
  112. pulumi_vault/identity/oidc_scope.py +57 -56
  113. pulumi_vault/identity/outputs.py +32 -31
  114. pulumi_vault/jwt/__init__.py +1 -0
  115. pulumi_vault/jwt/_inputs.py +42 -41
  116. pulumi_vault/jwt/auth_backend.py +288 -287
  117. pulumi_vault/jwt/auth_backend_role.py +407 -406
  118. pulumi_vault/jwt/outputs.py +26 -25
  119. pulumi_vault/kmip/__init__.py +1 -0
  120. pulumi_vault/kmip/secret_backend.py +183 -182
  121. pulumi_vault/kmip/secret_role.py +295 -294
  122. pulumi_vault/kmip/secret_scope.py +57 -56
  123. pulumi_vault/kubernetes/__init__.py +1 -0
  124. pulumi_vault/kubernetes/auth_backend_config.py +141 -140
  125. pulumi_vault/kubernetes/auth_backend_role.py +225 -224
  126. pulumi_vault/kubernetes/get_auth_backend_config.py +47 -46
  127. pulumi_vault/kubernetes/get_auth_backend_role.py +70 -69
  128. pulumi_vault/kubernetes/get_service_account_token.py +38 -37
  129. pulumi_vault/kubernetes/secret_backend.py +316 -315
  130. pulumi_vault/kubernetes/secret_backend_role.py +197 -196
  131. pulumi_vault/kv/__init__.py +1 -0
  132. pulumi_vault/kv/_inputs.py +21 -20
  133. pulumi_vault/kv/get_secret.py +17 -16
  134. pulumi_vault/kv/get_secret_subkeys_v2.py +30 -29
  135. pulumi_vault/kv/get_secret_v2.py +29 -28
  136. pulumi_vault/kv/get_secrets_list.py +13 -12
  137. pulumi_vault/kv/get_secrets_list_v2.py +19 -18
  138. pulumi_vault/kv/outputs.py +13 -12
  139. pulumi_vault/kv/secret.py +50 -49
  140. pulumi_vault/kv/secret_backend_v2.py +71 -70
  141. pulumi_vault/kv/secret_v2.py +134 -133
  142. pulumi_vault/ldap/__init__.py +1 -0
  143. pulumi_vault/ldap/auth_backend.py +588 -587
  144. pulumi_vault/ldap/auth_backend_group.py +57 -56
  145. pulumi_vault/ldap/auth_backend_user.py +71 -70
  146. pulumi_vault/ldap/get_dynamic_credentials.py +17 -16
  147. pulumi_vault/ldap/get_static_credentials.py +18 -17
  148. pulumi_vault/ldap/secret_backend.py +554 -553
  149. pulumi_vault/ldap/secret_backend_dynamic_role.py +127 -126
  150. pulumi_vault/ldap/secret_backend_library_set.py +99 -98
  151. pulumi_vault/ldap/secret_backend_static_role.py +99 -98
  152. pulumi_vault/managed/__init__.py +1 -0
  153. pulumi_vault/managed/_inputs.py +229 -228
  154. pulumi_vault/managed/keys.py +15 -14
  155. pulumi_vault/managed/outputs.py +139 -138
  156. pulumi_vault/mfa_duo.py +113 -112
  157. pulumi_vault/mfa_okta.py +113 -112
  158. pulumi_vault/mfa_pingid.py +120 -119
  159. pulumi_vault/mfa_totp.py +127 -126
  160. pulumi_vault/mongodbatlas/__init__.py +1 -0
  161. pulumi_vault/mongodbatlas/secret_backend.py +64 -63
  162. pulumi_vault/mongodbatlas/secret_role.py +155 -154
  163. pulumi_vault/mount.py +274 -273
  164. pulumi_vault/namespace.py +64 -63
  165. pulumi_vault/nomad_secret_backend.py +211 -210
  166. pulumi_vault/nomad_secret_role.py +85 -84
  167. pulumi_vault/okta/__init__.py +1 -0
  168. pulumi_vault/okta/_inputs.py +26 -25
  169. pulumi_vault/okta/auth_backend.py +274 -273
  170. pulumi_vault/okta/auth_backend_group.py +57 -56
  171. pulumi_vault/okta/auth_backend_user.py +71 -70
  172. pulumi_vault/okta/outputs.py +16 -15
  173. pulumi_vault/outputs.py +56 -55
  174. pulumi_vault/password_policy.py +43 -42
  175. pulumi_vault/pkisecret/__init__.py +1 -0
  176. pulumi_vault/pkisecret/_inputs.py +31 -30
  177. pulumi_vault/pkisecret/backend_acme_eab.py +92 -91
  178. pulumi_vault/pkisecret/backend_config_acme.py +141 -140
  179. pulumi_vault/pkisecret/backend_config_auto_tidy.py +323 -322
  180. pulumi_vault/pkisecret/backend_config_cluster.py +57 -56
  181. pulumi_vault/pkisecret/backend_config_cmpv2.py +106 -105
  182. pulumi_vault/pkisecret/backend_config_est.py +120 -119
  183. pulumi_vault/pkisecret/get_backend_cert_metadata.py +22 -21
  184. pulumi_vault/pkisecret/get_backend_config_cmpv2.py +22 -21
  185. pulumi_vault/pkisecret/get_backend_config_est.py +19 -18
  186. pulumi_vault/pkisecret/get_backend_issuer.py +45 -44
  187. pulumi_vault/pkisecret/get_backend_issuers.py +15 -14
  188. pulumi_vault/pkisecret/get_backend_key.py +20 -19
  189. pulumi_vault/pkisecret/get_backend_keys.py +15 -14
  190. pulumi_vault/pkisecret/outputs.py +28 -27
  191. pulumi_vault/pkisecret/secret_backend_cert.py +337 -336
  192. pulumi_vault/pkisecret/secret_backend_config_ca.py +43 -42
  193. pulumi_vault/pkisecret/secret_backend_config_issuers.py +57 -56
  194. pulumi_vault/pkisecret/secret_backend_config_urls.py +85 -84
  195. pulumi_vault/pkisecret/secret_backend_crl_config.py +197 -196
  196. pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +421 -420
  197. pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +57 -56
  198. pulumi_vault/pkisecret/secret_backend_issuer.py +232 -231
  199. pulumi_vault/pkisecret/secret_backend_key.py +120 -119
  200. pulumi_vault/pkisecret/secret_backend_role.py +715 -714
  201. pulumi_vault/pkisecret/secret_backend_root_cert.py +554 -553
  202. pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +526 -525
  203. pulumi_vault/pkisecret/secret_backend_sign.py +281 -280
  204. pulumi_vault/plugin.py +127 -126
  205. pulumi_vault/plugin_pinned_version.py +43 -42
  206. pulumi_vault/policy.py +43 -42
  207. pulumi_vault/provider.py +120 -119
  208. pulumi_vault/pulumi-plugin.json +1 -1
  209. pulumi_vault/quota_lease_count.py +85 -84
  210. pulumi_vault/quota_rate_limit.py +113 -112
  211. pulumi_vault/rabbitmq/__init__.py +1 -0
  212. pulumi_vault/rabbitmq/_inputs.py +41 -40
  213. pulumi_vault/rabbitmq/outputs.py +25 -24
  214. pulumi_vault/rabbitmq/secret_backend.py +169 -168
  215. pulumi_vault/rabbitmq/secret_backend_role.py +57 -56
  216. pulumi_vault/raft_autopilot.py +113 -112
  217. pulumi_vault/raft_snapshot_agent_config.py +393 -392
  218. pulumi_vault/rgp_policy.py +57 -56
  219. pulumi_vault/saml/__init__.py +1 -0
  220. pulumi_vault/saml/auth_backend.py +155 -154
  221. pulumi_vault/saml/auth_backend_role.py +239 -238
  222. pulumi_vault/secrets/__init__.py +1 -0
  223. pulumi_vault/secrets/_inputs.py +16 -15
  224. pulumi_vault/secrets/outputs.py +10 -9
  225. pulumi_vault/secrets/sync_association.py +71 -70
  226. pulumi_vault/secrets/sync_aws_destination.py +148 -147
  227. pulumi_vault/secrets/sync_azure_destination.py +148 -147
  228. pulumi_vault/secrets/sync_config.py +43 -42
  229. pulumi_vault/secrets/sync_gcp_destination.py +106 -105
  230. pulumi_vault/secrets/sync_gh_destination.py +134 -133
  231. pulumi_vault/secrets/sync_github_apps.py +64 -63
  232. pulumi_vault/secrets/sync_vercel_destination.py +120 -119
  233. pulumi_vault/ssh/__init__.py +1 -0
  234. pulumi_vault/ssh/_inputs.py +11 -10
  235. pulumi_vault/ssh/get_secret_backend_sign.py +52 -51
  236. pulumi_vault/ssh/outputs.py +7 -6
  237. pulumi_vault/ssh/secret_backend_ca.py +99 -98
  238. pulumi_vault/ssh/secret_backend_role.py +365 -364
  239. pulumi_vault/terraformcloud/__init__.py +1 -0
  240. pulumi_vault/terraformcloud/secret_backend.py +111 -110
  241. pulumi_vault/terraformcloud/secret_creds.py +74 -73
  242. pulumi_vault/terraformcloud/secret_role.py +93 -92
  243. pulumi_vault/token.py +246 -245
  244. pulumi_vault/tokenauth/__init__.py +1 -0
  245. pulumi_vault/tokenauth/auth_backend_role.py +267 -266
  246. pulumi_vault/transform/__init__.py +1 -0
  247. pulumi_vault/transform/alphabet.py +57 -56
  248. pulumi_vault/transform/get_decode.py +47 -46
  249. pulumi_vault/transform/get_encode.py +47 -46
  250. pulumi_vault/transform/role.py +57 -56
  251. pulumi_vault/transform/template.py +113 -112
  252. pulumi_vault/transform/transformation.py +141 -140
  253. pulumi_vault/transit/__init__.py +1 -0
  254. pulumi_vault/transit/get_decrypt.py +18 -17
  255. pulumi_vault/transit/get_encrypt.py +21 -20
  256. pulumi_vault/transit/get_sign.py +54 -53
  257. pulumi_vault/transit/get_verify.py +60 -59
  258. pulumi_vault/transit/secret_backend_key.py +274 -273
  259. pulumi_vault/transit/secret_cache_config.py +43 -42
  260. {pulumi_vault-6.7.0a1743576047.dist-info → pulumi_vault-6.7.0a1744267302.dist-info}/METADATA +1 -1
  261. pulumi_vault-6.7.0a1744267302.dist-info/RECORD +265 -0
  262. pulumi_vault-6.7.0a1743576047.dist-info/RECORD +0 -265
  263. {pulumi_vault-6.7.0a1743576047.dist-info → pulumi_vault-6.7.0a1744267302.dist-info}/WHEEL +0 -0
  264. {pulumi_vault-6.7.0a1743576047.dist-info → pulumi_vault-6.7.0a1744267302.dist-info}/top_level.txt +0 -0
@@ -2,6 +2,7 @@
2
2
  # *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
3
3
  # *** Do not edit by hand unless you're certain you know what you are doing! ***
4
4
 
5
+ import builtins
5
6
  import copy
6
7
  import warnings
7
8
  import sys
@@ -21,70 +22,70 @@ __all__ = ['SecretBackendRoleArgs', 'SecretBackendRole']
21
22
  @pulumi.input_type
22
23
  class SecretBackendRoleArgs:
23
24
  def __init__(__self__, *,
24
- backend: pulumi.Input[str],
25
- key_type: pulumi.Input[str],
26
- algorithm_signer: Optional[pulumi.Input[str]] = None,
27
- allow_bare_domains: Optional[pulumi.Input[bool]] = None,
28
- allow_empty_principals: Optional[pulumi.Input[bool]] = None,
29
- allow_host_certificates: Optional[pulumi.Input[bool]] = None,
30
- allow_subdomains: Optional[pulumi.Input[bool]] = None,
31
- allow_user_certificates: Optional[pulumi.Input[bool]] = None,
32
- allow_user_key_ids: Optional[pulumi.Input[bool]] = None,
33
- allowed_critical_options: Optional[pulumi.Input[str]] = None,
34
- allowed_domains: Optional[pulumi.Input[str]] = None,
35
- allowed_domains_template: Optional[pulumi.Input[bool]] = None,
36
- allowed_extensions: Optional[pulumi.Input[str]] = None,
25
+ backend: pulumi.Input[builtins.str],
26
+ key_type: pulumi.Input[builtins.str],
27
+ algorithm_signer: Optional[pulumi.Input[builtins.str]] = None,
28
+ allow_bare_domains: Optional[pulumi.Input[builtins.bool]] = None,
29
+ allow_empty_principals: Optional[pulumi.Input[builtins.bool]] = None,
30
+ allow_host_certificates: Optional[pulumi.Input[builtins.bool]] = None,
31
+ allow_subdomains: Optional[pulumi.Input[builtins.bool]] = None,
32
+ allow_user_certificates: Optional[pulumi.Input[builtins.bool]] = None,
33
+ allow_user_key_ids: Optional[pulumi.Input[builtins.bool]] = None,
34
+ allowed_critical_options: Optional[pulumi.Input[builtins.str]] = None,
35
+ allowed_domains: Optional[pulumi.Input[builtins.str]] = None,
36
+ allowed_domains_template: Optional[pulumi.Input[builtins.bool]] = None,
37
+ allowed_extensions: Optional[pulumi.Input[builtins.str]] = None,
37
38
  allowed_user_key_configs: Optional[pulumi.Input[Sequence[pulumi.Input['SecretBackendRoleAllowedUserKeyConfigArgs']]]] = None,
38
- allowed_users: Optional[pulumi.Input[str]] = None,
39
- allowed_users_template: Optional[pulumi.Input[bool]] = None,
40
- cidr_list: Optional[pulumi.Input[str]] = None,
41
- default_critical_options: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
42
- default_extensions: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
43
- default_user: Optional[pulumi.Input[str]] = None,
44
- default_user_template: Optional[pulumi.Input[bool]] = None,
45
- key_id_format: Optional[pulumi.Input[str]] = None,
46
- max_ttl: Optional[pulumi.Input[str]] = None,
47
- name: Optional[pulumi.Input[str]] = None,
48
- namespace: Optional[pulumi.Input[str]] = None,
49
- not_before_duration: Optional[pulumi.Input[str]] = None,
50
- ttl: Optional[pulumi.Input[str]] = None):
39
+ allowed_users: Optional[pulumi.Input[builtins.str]] = None,
40
+ allowed_users_template: Optional[pulumi.Input[builtins.bool]] = None,
41
+ cidr_list: Optional[pulumi.Input[builtins.str]] = None,
42
+ default_critical_options: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
43
+ default_extensions: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
44
+ default_user: Optional[pulumi.Input[builtins.str]] = None,
45
+ default_user_template: Optional[pulumi.Input[builtins.bool]] = None,
46
+ key_id_format: Optional[pulumi.Input[builtins.str]] = None,
47
+ max_ttl: Optional[pulumi.Input[builtins.str]] = None,
48
+ name: Optional[pulumi.Input[builtins.str]] = None,
49
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
50
+ not_before_duration: Optional[pulumi.Input[builtins.str]] = None,
51
+ ttl: Optional[pulumi.Input[builtins.str]] = None):
51
52
  """
52
53
  The set of arguments for constructing a SecretBackendRole resource.
53
- :param pulumi.Input[str] backend: The path where the SSH secret backend is mounted.
54
- :param pulumi.Input[str] key_type: Specifies the type of credentials generated by this role. This can be either `otp`, `dynamic` or `ca`.
55
- :param pulumi.Input[str] algorithm_signer: When supplied, this value specifies a signing algorithm for the key. Possible values: ssh-rsa, rsa-sha2-256, rsa-sha2-512.
56
- :param pulumi.Input[bool] allow_bare_domains: Specifies if host certificates that are requested are allowed to use the base domains listed in `allowed_domains`.
57
- :param pulumi.Input[bool] allow_empty_principals: Allow signing certificates with no
54
+ :param pulumi.Input[builtins.str] backend: The path where the SSH secret backend is mounted.
55
+ :param pulumi.Input[builtins.str] key_type: Specifies the type of credentials generated by this role. This can be either `otp`, `dynamic` or `ca`.
56
+ :param pulumi.Input[builtins.str] algorithm_signer: When supplied, this value specifies a signing algorithm for the key. Possible values: ssh-rsa, rsa-sha2-256, rsa-sha2-512.
57
+ :param pulumi.Input[builtins.bool] allow_bare_domains: Specifies if host certificates that are requested are allowed to use the base domains listed in `allowed_domains`.
58
+ :param pulumi.Input[builtins.bool] allow_empty_principals: Allow signing certificates with no
58
59
  valid principals (e.g. any valid principal). For backwards compatibility
59
60
  only. The default of false is highly recommended.
60
- :param pulumi.Input[bool] allow_host_certificates: Specifies if certificates are allowed to be signed for use as a 'host'.
61
- :param pulumi.Input[bool] allow_subdomains: Specifies if host certificates that are requested are allowed to be subdomains of those listed in `allowed_domains`.
62
- :param pulumi.Input[bool] allow_user_certificates: Specifies if certificates are allowed to be signed for use as a 'user'.
63
- :param pulumi.Input[bool] allow_user_key_ids: Specifies if users can override the key ID for a signed certificate with the `key_id` field.
64
- :param pulumi.Input[str] allowed_critical_options: Specifies a comma-separated list of critical options that certificates can have when signed.
65
- :param pulumi.Input[str] allowed_domains: The list of domains for which a client can request a host certificate.
66
- :param pulumi.Input[bool] allowed_domains_template: Specifies if `allowed_domains` can be declared using
61
+ :param pulumi.Input[builtins.bool] allow_host_certificates: Specifies if certificates are allowed to be signed for use as a 'host'.
62
+ :param pulumi.Input[builtins.bool] allow_subdomains: Specifies if host certificates that are requested are allowed to be subdomains of those listed in `allowed_domains`.
63
+ :param pulumi.Input[builtins.bool] allow_user_certificates: Specifies if certificates are allowed to be signed for use as a 'user'.
64
+ :param pulumi.Input[builtins.bool] allow_user_key_ids: Specifies if users can override the key ID for a signed certificate with the `key_id` field.
65
+ :param pulumi.Input[builtins.str] allowed_critical_options: Specifies a comma-separated list of critical options that certificates can have when signed.
66
+ :param pulumi.Input[builtins.str] allowed_domains: The list of domains for which a client can request a host certificate.
67
+ :param pulumi.Input[builtins.bool] allowed_domains_template: Specifies if `allowed_domains` can be declared using
67
68
  identity template policies. Non-templated domains are also permitted.
68
- :param pulumi.Input[str] allowed_extensions: Specifies a comma-separated list of extensions that certificates can have when signed.
69
+ :param pulumi.Input[builtins.str] allowed_extensions: Specifies a comma-separated list of extensions that certificates can have when signed.
69
70
  :param pulumi.Input[Sequence[pulumi.Input['SecretBackendRoleAllowedUserKeyConfigArgs']]] allowed_user_key_configs: Set of configuration blocks to define allowed
70
71
  user key configuration, like key type and their lengths. Can be specified multiple times.
71
72
  *See Configuration-Options for more info*
72
- :param pulumi.Input[str] allowed_users: Specifies a comma-separated list of usernames that are to be allowed, only if certain usernames are to be allowed.
73
- :param pulumi.Input[bool] allowed_users_template: Specifies if `allowed_users` can be declared using identity template policies. Non-templated users are also permitted.
74
- :param pulumi.Input[str] cidr_list: The comma-separated string of CIDR blocks for which this role is applicable.
75
- :param pulumi.Input[Mapping[str, pulumi.Input[str]]] default_critical_options: Specifies a map of critical options that certificates have when signed.
76
- :param pulumi.Input[Mapping[str, pulumi.Input[str]]] default_extensions: Specifies a map of extensions that certificates have when signed.
77
- :param pulumi.Input[str] default_user: Specifies the default username for which a credential will be generated.
78
- :param pulumi.Input[bool] default_user_template: If set, `default_users` can be specified using identity template values. A non-templated user is also permitted.
79
- :param pulumi.Input[str] key_id_format: Specifies a custom format for the key id of a signed certificate.
80
- :param pulumi.Input[str] max_ttl: Specifies the maximum Time To Live value.
81
- :param pulumi.Input[str] name: Specifies the name of the role to create.
82
- :param pulumi.Input[str] namespace: The namespace to provision the resource in.
73
+ :param pulumi.Input[builtins.str] allowed_users: Specifies a comma-separated list of usernames that are to be allowed, only if certain usernames are to be allowed.
74
+ :param pulumi.Input[builtins.bool] allowed_users_template: Specifies if `allowed_users` can be declared using identity template policies. Non-templated users are also permitted.
75
+ :param pulumi.Input[builtins.str] cidr_list: The comma-separated string of CIDR blocks for which this role is applicable.
76
+ :param pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]] default_critical_options: Specifies a map of critical options that certificates have when signed.
77
+ :param pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]] default_extensions: Specifies a map of extensions that certificates have when signed.
78
+ :param pulumi.Input[builtins.str] default_user: Specifies the default username for which a credential will be generated.
79
+ :param pulumi.Input[builtins.bool] default_user_template: If set, `default_users` can be specified using identity template values. A non-templated user is also permitted.
80
+ :param pulumi.Input[builtins.str] key_id_format: Specifies a custom format for the key id of a signed certificate.
81
+ :param pulumi.Input[builtins.str] max_ttl: Specifies the maximum Time To Live value.
82
+ :param pulumi.Input[builtins.str] name: Specifies the name of the role to create.
83
+ :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
83
84
  The value should not contain leading or trailing forward slashes.
84
85
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
85
86
  *Available only for Vault Enterprise*.
86
- :param pulumi.Input[str] not_before_duration: Specifies the duration by which to backdate the ValidAfter property. Uses duration format strings.
87
- :param pulumi.Input[str] ttl: Specifies the Time To Live value.
87
+ :param pulumi.Input[builtins.str] not_before_duration: Specifies the duration by which to backdate the ValidAfter property. Uses duration format strings.
88
+ :param pulumi.Input[builtins.str] ttl: Specifies the Time To Live value.
88
89
  """
89
90
  pulumi.set(__self__, "backend", backend)
90
91
  pulumi.set(__self__, "key_type", key_type)
@@ -141,55 +142,55 @@ class SecretBackendRoleArgs:
141
142
 
142
143
  @property
143
144
  @pulumi.getter
144
- def backend(self) -> pulumi.Input[str]:
145
+ def backend(self) -> pulumi.Input[builtins.str]:
145
146
  """
146
147
  The path where the SSH secret backend is mounted.
147
148
  """
148
149
  return pulumi.get(self, "backend")
149
150
 
150
151
  @backend.setter
151
- def backend(self, value: pulumi.Input[str]):
152
+ def backend(self, value: pulumi.Input[builtins.str]):
152
153
  pulumi.set(self, "backend", value)
153
154
 
154
155
  @property
155
156
  @pulumi.getter(name="keyType")
156
- def key_type(self) -> pulumi.Input[str]:
157
+ def key_type(self) -> pulumi.Input[builtins.str]:
157
158
  """
158
159
  Specifies the type of credentials generated by this role. This can be either `otp`, `dynamic` or `ca`.
159
160
  """
160
161
  return pulumi.get(self, "key_type")
161
162
 
162
163
  @key_type.setter
163
- def key_type(self, value: pulumi.Input[str]):
164
+ def key_type(self, value: pulumi.Input[builtins.str]):
164
165
  pulumi.set(self, "key_type", value)
165
166
 
166
167
  @property
167
168
  @pulumi.getter(name="algorithmSigner")
168
- def algorithm_signer(self) -> Optional[pulumi.Input[str]]:
169
+ def algorithm_signer(self) -> Optional[pulumi.Input[builtins.str]]:
169
170
  """
170
171
  When supplied, this value specifies a signing algorithm for the key. Possible values: ssh-rsa, rsa-sha2-256, rsa-sha2-512.
171
172
  """
172
173
  return pulumi.get(self, "algorithm_signer")
173
174
 
174
175
  @algorithm_signer.setter
175
- def algorithm_signer(self, value: Optional[pulumi.Input[str]]):
176
+ def algorithm_signer(self, value: Optional[pulumi.Input[builtins.str]]):
176
177
  pulumi.set(self, "algorithm_signer", value)
177
178
 
178
179
  @property
179
180
  @pulumi.getter(name="allowBareDomains")
180
- def allow_bare_domains(self) -> Optional[pulumi.Input[bool]]:
181
+ def allow_bare_domains(self) -> Optional[pulumi.Input[builtins.bool]]:
181
182
  """
182
183
  Specifies if host certificates that are requested are allowed to use the base domains listed in `allowed_domains`.
183
184
  """
184
185
  return pulumi.get(self, "allow_bare_domains")
185
186
 
186
187
  @allow_bare_domains.setter
187
- def allow_bare_domains(self, value: Optional[pulumi.Input[bool]]):
188
+ def allow_bare_domains(self, value: Optional[pulumi.Input[builtins.bool]]):
188
189
  pulumi.set(self, "allow_bare_domains", value)
189
190
 
190
191
  @property
191
192
  @pulumi.getter(name="allowEmptyPrincipals")
192
- def allow_empty_principals(self) -> Optional[pulumi.Input[bool]]:
193
+ def allow_empty_principals(self) -> Optional[pulumi.Input[builtins.bool]]:
193
194
  """
194
195
  Allow signing certificates with no
195
196
  valid principals (e.g. any valid principal). For backwards compatibility
@@ -198,84 +199,84 @@ class SecretBackendRoleArgs:
198
199
  return pulumi.get(self, "allow_empty_principals")
199
200
 
200
201
  @allow_empty_principals.setter
201
- def allow_empty_principals(self, value: Optional[pulumi.Input[bool]]):
202
+ def allow_empty_principals(self, value: Optional[pulumi.Input[builtins.bool]]):
202
203
  pulumi.set(self, "allow_empty_principals", value)
203
204
 
204
205
  @property
205
206
  @pulumi.getter(name="allowHostCertificates")
206
- def allow_host_certificates(self) -> Optional[pulumi.Input[bool]]:
207
+ def allow_host_certificates(self) -> Optional[pulumi.Input[builtins.bool]]:
207
208
  """
208
209
  Specifies if certificates are allowed to be signed for use as a 'host'.
209
210
  """
210
211
  return pulumi.get(self, "allow_host_certificates")
211
212
 
212
213
  @allow_host_certificates.setter
213
- def allow_host_certificates(self, value: Optional[pulumi.Input[bool]]):
214
+ def allow_host_certificates(self, value: Optional[pulumi.Input[builtins.bool]]):
214
215
  pulumi.set(self, "allow_host_certificates", value)
215
216
 
216
217
  @property
217
218
  @pulumi.getter(name="allowSubdomains")
218
- def allow_subdomains(self) -> Optional[pulumi.Input[bool]]:
219
+ def allow_subdomains(self) -> Optional[pulumi.Input[builtins.bool]]:
219
220
  """
220
221
  Specifies if host certificates that are requested are allowed to be subdomains of those listed in `allowed_domains`.
221
222
  """
222
223
  return pulumi.get(self, "allow_subdomains")
223
224
 
224
225
  @allow_subdomains.setter
225
- def allow_subdomains(self, value: Optional[pulumi.Input[bool]]):
226
+ def allow_subdomains(self, value: Optional[pulumi.Input[builtins.bool]]):
226
227
  pulumi.set(self, "allow_subdomains", value)
227
228
 
228
229
  @property
229
230
  @pulumi.getter(name="allowUserCertificates")
230
- def allow_user_certificates(self) -> Optional[pulumi.Input[bool]]:
231
+ def allow_user_certificates(self) -> Optional[pulumi.Input[builtins.bool]]:
231
232
  """
232
233
  Specifies if certificates are allowed to be signed for use as a 'user'.
233
234
  """
234
235
  return pulumi.get(self, "allow_user_certificates")
235
236
 
236
237
  @allow_user_certificates.setter
237
- def allow_user_certificates(self, value: Optional[pulumi.Input[bool]]):
238
+ def allow_user_certificates(self, value: Optional[pulumi.Input[builtins.bool]]):
238
239
  pulumi.set(self, "allow_user_certificates", value)
239
240
 
240
241
  @property
241
242
  @pulumi.getter(name="allowUserKeyIds")
242
- def allow_user_key_ids(self) -> Optional[pulumi.Input[bool]]:
243
+ def allow_user_key_ids(self) -> Optional[pulumi.Input[builtins.bool]]:
243
244
  """
244
245
  Specifies if users can override the key ID for a signed certificate with the `key_id` field.
245
246
  """
246
247
  return pulumi.get(self, "allow_user_key_ids")
247
248
 
248
249
  @allow_user_key_ids.setter
249
- def allow_user_key_ids(self, value: Optional[pulumi.Input[bool]]):
250
+ def allow_user_key_ids(self, value: Optional[pulumi.Input[builtins.bool]]):
250
251
  pulumi.set(self, "allow_user_key_ids", value)
251
252
 
252
253
  @property
253
254
  @pulumi.getter(name="allowedCriticalOptions")
254
- def allowed_critical_options(self) -> Optional[pulumi.Input[str]]:
255
+ def allowed_critical_options(self) -> Optional[pulumi.Input[builtins.str]]:
255
256
  """
256
257
  Specifies a comma-separated list of critical options that certificates can have when signed.
257
258
  """
258
259
  return pulumi.get(self, "allowed_critical_options")
259
260
 
260
261
  @allowed_critical_options.setter
261
- def allowed_critical_options(self, value: Optional[pulumi.Input[str]]):
262
+ def allowed_critical_options(self, value: Optional[pulumi.Input[builtins.str]]):
262
263
  pulumi.set(self, "allowed_critical_options", value)
263
264
 
264
265
  @property
265
266
  @pulumi.getter(name="allowedDomains")
266
- def allowed_domains(self) -> Optional[pulumi.Input[str]]:
267
+ def allowed_domains(self) -> Optional[pulumi.Input[builtins.str]]:
267
268
  """
268
269
  The list of domains for which a client can request a host certificate.
269
270
  """
270
271
  return pulumi.get(self, "allowed_domains")
271
272
 
272
273
  @allowed_domains.setter
273
- def allowed_domains(self, value: Optional[pulumi.Input[str]]):
274
+ def allowed_domains(self, value: Optional[pulumi.Input[builtins.str]]):
274
275
  pulumi.set(self, "allowed_domains", value)
275
276
 
276
277
  @property
277
278
  @pulumi.getter(name="allowedDomainsTemplate")
278
- def allowed_domains_template(self) -> Optional[pulumi.Input[bool]]:
279
+ def allowed_domains_template(self) -> Optional[pulumi.Input[builtins.bool]]:
279
280
  """
280
281
  Specifies if `allowed_domains` can be declared using
281
282
  identity template policies. Non-templated domains are also permitted.
@@ -283,19 +284,19 @@ class SecretBackendRoleArgs:
283
284
  return pulumi.get(self, "allowed_domains_template")
284
285
 
285
286
  @allowed_domains_template.setter
286
- def allowed_domains_template(self, value: Optional[pulumi.Input[bool]]):
287
+ def allowed_domains_template(self, value: Optional[pulumi.Input[builtins.bool]]):
287
288
  pulumi.set(self, "allowed_domains_template", value)
288
289
 
289
290
  @property
290
291
  @pulumi.getter(name="allowedExtensions")
291
- def allowed_extensions(self) -> Optional[pulumi.Input[str]]:
292
+ def allowed_extensions(self) -> Optional[pulumi.Input[builtins.str]]:
292
293
  """
293
294
  Specifies a comma-separated list of extensions that certificates can have when signed.
294
295
  """
295
296
  return pulumi.get(self, "allowed_extensions")
296
297
 
297
298
  @allowed_extensions.setter
298
- def allowed_extensions(self, value: Optional[pulumi.Input[str]]):
299
+ def allowed_extensions(self, value: Optional[pulumi.Input[builtins.str]]):
299
300
  pulumi.set(self, "allowed_extensions", value)
300
301
 
301
302
  @property
@@ -314,127 +315,127 @@ class SecretBackendRoleArgs:
314
315
 
315
316
  @property
316
317
  @pulumi.getter(name="allowedUsers")
317
- def allowed_users(self) -> Optional[pulumi.Input[str]]:
318
+ def allowed_users(self) -> Optional[pulumi.Input[builtins.str]]:
318
319
  """
319
320
  Specifies a comma-separated list of usernames that are to be allowed, only if certain usernames are to be allowed.
320
321
  """
321
322
  return pulumi.get(self, "allowed_users")
322
323
 
323
324
  @allowed_users.setter
324
- def allowed_users(self, value: Optional[pulumi.Input[str]]):
325
+ def allowed_users(self, value: Optional[pulumi.Input[builtins.str]]):
325
326
  pulumi.set(self, "allowed_users", value)
326
327
 
327
328
  @property
328
329
  @pulumi.getter(name="allowedUsersTemplate")
329
- def allowed_users_template(self) -> Optional[pulumi.Input[bool]]:
330
+ def allowed_users_template(self) -> Optional[pulumi.Input[builtins.bool]]:
330
331
  """
331
332
  Specifies if `allowed_users` can be declared using identity template policies. Non-templated users are also permitted.
332
333
  """
333
334
  return pulumi.get(self, "allowed_users_template")
334
335
 
335
336
  @allowed_users_template.setter
336
- def allowed_users_template(self, value: Optional[pulumi.Input[bool]]):
337
+ def allowed_users_template(self, value: Optional[pulumi.Input[builtins.bool]]):
337
338
  pulumi.set(self, "allowed_users_template", value)
338
339
 
339
340
  @property
340
341
  @pulumi.getter(name="cidrList")
341
- def cidr_list(self) -> Optional[pulumi.Input[str]]:
342
+ def cidr_list(self) -> Optional[pulumi.Input[builtins.str]]:
342
343
  """
343
344
  The comma-separated string of CIDR blocks for which this role is applicable.
344
345
  """
345
346
  return pulumi.get(self, "cidr_list")
346
347
 
347
348
  @cidr_list.setter
348
- def cidr_list(self, value: Optional[pulumi.Input[str]]):
349
+ def cidr_list(self, value: Optional[pulumi.Input[builtins.str]]):
349
350
  pulumi.set(self, "cidr_list", value)
350
351
 
351
352
  @property
352
353
  @pulumi.getter(name="defaultCriticalOptions")
353
- def default_critical_options(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
354
+ def default_critical_options(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]:
354
355
  """
355
356
  Specifies a map of critical options that certificates have when signed.
356
357
  """
357
358
  return pulumi.get(self, "default_critical_options")
358
359
 
359
360
  @default_critical_options.setter
360
- def default_critical_options(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
361
+ def default_critical_options(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]):
361
362
  pulumi.set(self, "default_critical_options", value)
362
363
 
363
364
  @property
364
365
  @pulumi.getter(name="defaultExtensions")
365
- def default_extensions(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
366
+ def default_extensions(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]:
366
367
  """
367
368
  Specifies a map of extensions that certificates have when signed.
368
369
  """
369
370
  return pulumi.get(self, "default_extensions")
370
371
 
371
372
  @default_extensions.setter
372
- def default_extensions(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
373
+ def default_extensions(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]):
373
374
  pulumi.set(self, "default_extensions", value)
374
375
 
375
376
  @property
376
377
  @pulumi.getter(name="defaultUser")
377
- def default_user(self) -> Optional[pulumi.Input[str]]:
378
+ def default_user(self) -> Optional[pulumi.Input[builtins.str]]:
378
379
  """
379
380
  Specifies the default username for which a credential will be generated.
380
381
  """
381
382
  return pulumi.get(self, "default_user")
382
383
 
383
384
  @default_user.setter
384
- def default_user(self, value: Optional[pulumi.Input[str]]):
385
+ def default_user(self, value: Optional[pulumi.Input[builtins.str]]):
385
386
  pulumi.set(self, "default_user", value)
386
387
 
387
388
  @property
388
389
  @pulumi.getter(name="defaultUserTemplate")
389
- def default_user_template(self) -> Optional[pulumi.Input[bool]]:
390
+ def default_user_template(self) -> Optional[pulumi.Input[builtins.bool]]:
390
391
  """
391
392
  If set, `default_users` can be specified using identity template values. A non-templated user is also permitted.
392
393
  """
393
394
  return pulumi.get(self, "default_user_template")
394
395
 
395
396
  @default_user_template.setter
396
- def default_user_template(self, value: Optional[pulumi.Input[bool]]):
397
+ def default_user_template(self, value: Optional[pulumi.Input[builtins.bool]]):
397
398
  pulumi.set(self, "default_user_template", value)
398
399
 
399
400
  @property
400
401
  @pulumi.getter(name="keyIdFormat")
401
- def key_id_format(self) -> Optional[pulumi.Input[str]]:
402
+ def key_id_format(self) -> Optional[pulumi.Input[builtins.str]]:
402
403
  """
403
404
  Specifies a custom format for the key id of a signed certificate.
404
405
  """
405
406
  return pulumi.get(self, "key_id_format")
406
407
 
407
408
  @key_id_format.setter
408
- def key_id_format(self, value: Optional[pulumi.Input[str]]):
409
+ def key_id_format(self, value: Optional[pulumi.Input[builtins.str]]):
409
410
  pulumi.set(self, "key_id_format", value)
410
411
 
411
412
  @property
412
413
  @pulumi.getter(name="maxTtl")
413
- def max_ttl(self) -> Optional[pulumi.Input[str]]:
414
+ def max_ttl(self) -> Optional[pulumi.Input[builtins.str]]:
414
415
  """
415
416
  Specifies the maximum Time To Live value.
416
417
  """
417
418
  return pulumi.get(self, "max_ttl")
418
419
 
419
420
  @max_ttl.setter
420
- def max_ttl(self, value: Optional[pulumi.Input[str]]):
421
+ def max_ttl(self, value: Optional[pulumi.Input[builtins.str]]):
421
422
  pulumi.set(self, "max_ttl", value)
422
423
 
423
424
  @property
424
425
  @pulumi.getter
425
- def name(self) -> Optional[pulumi.Input[str]]:
426
+ def name(self) -> Optional[pulumi.Input[builtins.str]]:
426
427
  """
427
428
  Specifies the name of the role to create.
428
429
  """
429
430
  return pulumi.get(self, "name")
430
431
 
431
432
  @name.setter
432
- def name(self, value: Optional[pulumi.Input[str]]):
433
+ def name(self, value: Optional[pulumi.Input[builtins.str]]):
433
434
  pulumi.set(self, "name", value)
434
435
 
435
436
  @property
436
437
  @pulumi.getter
437
- def namespace(self) -> Optional[pulumi.Input[str]]:
438
+ def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
438
439
  """
439
440
  The namespace to provision the resource in.
440
441
  The value should not contain leading or trailing forward slashes.
@@ -444,101 +445,101 @@ class SecretBackendRoleArgs:
444
445
  return pulumi.get(self, "namespace")
445
446
 
446
447
  @namespace.setter
447
- def namespace(self, value: Optional[pulumi.Input[str]]):
448
+ def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
448
449
  pulumi.set(self, "namespace", value)
449
450
 
450
451
  @property
451
452
  @pulumi.getter(name="notBeforeDuration")
452
- def not_before_duration(self) -> Optional[pulumi.Input[str]]:
453
+ def not_before_duration(self) -> Optional[pulumi.Input[builtins.str]]:
453
454
  """
454
455
  Specifies the duration by which to backdate the ValidAfter property. Uses duration format strings.
455
456
  """
456
457
  return pulumi.get(self, "not_before_duration")
457
458
 
458
459
  @not_before_duration.setter
459
- def not_before_duration(self, value: Optional[pulumi.Input[str]]):
460
+ def not_before_duration(self, value: Optional[pulumi.Input[builtins.str]]):
460
461
  pulumi.set(self, "not_before_duration", value)
461
462
 
462
463
  @property
463
464
  @pulumi.getter
464
- def ttl(self) -> Optional[pulumi.Input[str]]:
465
+ def ttl(self) -> Optional[pulumi.Input[builtins.str]]:
465
466
  """
466
467
  Specifies the Time To Live value.
467
468
  """
468
469
  return pulumi.get(self, "ttl")
469
470
 
470
471
  @ttl.setter
471
- def ttl(self, value: Optional[pulumi.Input[str]]):
472
+ def ttl(self, value: Optional[pulumi.Input[builtins.str]]):
472
473
  pulumi.set(self, "ttl", value)
473
474
 
474
475
 
475
476
  @pulumi.input_type
476
477
  class _SecretBackendRoleState:
477
478
  def __init__(__self__, *,
478
- algorithm_signer: Optional[pulumi.Input[str]] = None,
479
- allow_bare_domains: Optional[pulumi.Input[bool]] = None,
480
- allow_empty_principals: Optional[pulumi.Input[bool]] = None,
481
- allow_host_certificates: Optional[pulumi.Input[bool]] = None,
482
- allow_subdomains: Optional[pulumi.Input[bool]] = None,
483
- allow_user_certificates: Optional[pulumi.Input[bool]] = None,
484
- allow_user_key_ids: Optional[pulumi.Input[bool]] = None,
485
- allowed_critical_options: Optional[pulumi.Input[str]] = None,
486
- allowed_domains: Optional[pulumi.Input[str]] = None,
487
- allowed_domains_template: Optional[pulumi.Input[bool]] = None,
488
- allowed_extensions: Optional[pulumi.Input[str]] = None,
479
+ algorithm_signer: Optional[pulumi.Input[builtins.str]] = None,
480
+ allow_bare_domains: Optional[pulumi.Input[builtins.bool]] = None,
481
+ allow_empty_principals: Optional[pulumi.Input[builtins.bool]] = None,
482
+ allow_host_certificates: Optional[pulumi.Input[builtins.bool]] = None,
483
+ allow_subdomains: Optional[pulumi.Input[builtins.bool]] = None,
484
+ allow_user_certificates: Optional[pulumi.Input[builtins.bool]] = None,
485
+ allow_user_key_ids: Optional[pulumi.Input[builtins.bool]] = None,
486
+ allowed_critical_options: Optional[pulumi.Input[builtins.str]] = None,
487
+ allowed_domains: Optional[pulumi.Input[builtins.str]] = None,
488
+ allowed_domains_template: Optional[pulumi.Input[builtins.bool]] = None,
489
+ allowed_extensions: Optional[pulumi.Input[builtins.str]] = None,
489
490
  allowed_user_key_configs: Optional[pulumi.Input[Sequence[pulumi.Input['SecretBackendRoleAllowedUserKeyConfigArgs']]]] = None,
490
- allowed_users: Optional[pulumi.Input[str]] = None,
491
- allowed_users_template: Optional[pulumi.Input[bool]] = None,
492
- backend: Optional[pulumi.Input[str]] = None,
493
- cidr_list: Optional[pulumi.Input[str]] = None,
494
- default_critical_options: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
495
- default_extensions: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
496
- default_user: Optional[pulumi.Input[str]] = None,
497
- default_user_template: Optional[pulumi.Input[bool]] = None,
498
- key_id_format: Optional[pulumi.Input[str]] = None,
499
- key_type: Optional[pulumi.Input[str]] = None,
500
- max_ttl: Optional[pulumi.Input[str]] = None,
501
- name: Optional[pulumi.Input[str]] = None,
502
- namespace: Optional[pulumi.Input[str]] = None,
503
- not_before_duration: Optional[pulumi.Input[str]] = None,
504
- ttl: Optional[pulumi.Input[str]] = None):
491
+ allowed_users: Optional[pulumi.Input[builtins.str]] = None,
492
+ allowed_users_template: Optional[pulumi.Input[builtins.bool]] = None,
493
+ backend: Optional[pulumi.Input[builtins.str]] = None,
494
+ cidr_list: Optional[pulumi.Input[builtins.str]] = None,
495
+ default_critical_options: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
496
+ default_extensions: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
497
+ default_user: Optional[pulumi.Input[builtins.str]] = None,
498
+ default_user_template: Optional[pulumi.Input[builtins.bool]] = None,
499
+ key_id_format: Optional[pulumi.Input[builtins.str]] = None,
500
+ key_type: Optional[pulumi.Input[builtins.str]] = None,
501
+ max_ttl: Optional[pulumi.Input[builtins.str]] = None,
502
+ name: Optional[pulumi.Input[builtins.str]] = None,
503
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
504
+ not_before_duration: Optional[pulumi.Input[builtins.str]] = None,
505
+ ttl: Optional[pulumi.Input[builtins.str]] = None):
505
506
  """
506
507
  Input properties used for looking up and filtering SecretBackendRole resources.
507
- :param pulumi.Input[str] algorithm_signer: When supplied, this value specifies a signing algorithm for the key. Possible values: ssh-rsa, rsa-sha2-256, rsa-sha2-512.
508
- :param pulumi.Input[bool] allow_bare_domains: Specifies if host certificates that are requested are allowed to use the base domains listed in `allowed_domains`.
509
- :param pulumi.Input[bool] allow_empty_principals: Allow signing certificates with no
508
+ :param pulumi.Input[builtins.str] algorithm_signer: When supplied, this value specifies a signing algorithm for the key. Possible values: ssh-rsa, rsa-sha2-256, rsa-sha2-512.
509
+ :param pulumi.Input[builtins.bool] allow_bare_domains: Specifies if host certificates that are requested are allowed to use the base domains listed in `allowed_domains`.
510
+ :param pulumi.Input[builtins.bool] allow_empty_principals: Allow signing certificates with no
510
511
  valid principals (e.g. any valid principal). For backwards compatibility
511
512
  only. The default of false is highly recommended.
512
- :param pulumi.Input[bool] allow_host_certificates: Specifies if certificates are allowed to be signed for use as a 'host'.
513
- :param pulumi.Input[bool] allow_subdomains: Specifies if host certificates that are requested are allowed to be subdomains of those listed in `allowed_domains`.
514
- :param pulumi.Input[bool] allow_user_certificates: Specifies if certificates are allowed to be signed for use as a 'user'.
515
- :param pulumi.Input[bool] allow_user_key_ids: Specifies if users can override the key ID for a signed certificate with the `key_id` field.
516
- :param pulumi.Input[str] allowed_critical_options: Specifies a comma-separated list of critical options that certificates can have when signed.
517
- :param pulumi.Input[str] allowed_domains: The list of domains for which a client can request a host certificate.
518
- :param pulumi.Input[bool] allowed_domains_template: Specifies if `allowed_domains` can be declared using
513
+ :param pulumi.Input[builtins.bool] allow_host_certificates: Specifies if certificates are allowed to be signed for use as a 'host'.
514
+ :param pulumi.Input[builtins.bool] allow_subdomains: Specifies if host certificates that are requested are allowed to be subdomains of those listed in `allowed_domains`.
515
+ :param pulumi.Input[builtins.bool] allow_user_certificates: Specifies if certificates are allowed to be signed for use as a 'user'.
516
+ :param pulumi.Input[builtins.bool] allow_user_key_ids: Specifies if users can override the key ID for a signed certificate with the `key_id` field.
517
+ :param pulumi.Input[builtins.str] allowed_critical_options: Specifies a comma-separated list of critical options that certificates can have when signed.
518
+ :param pulumi.Input[builtins.str] allowed_domains: The list of domains for which a client can request a host certificate.
519
+ :param pulumi.Input[builtins.bool] allowed_domains_template: Specifies if `allowed_domains` can be declared using
519
520
  identity template policies. Non-templated domains are also permitted.
520
- :param pulumi.Input[str] allowed_extensions: Specifies a comma-separated list of extensions that certificates can have when signed.
521
+ :param pulumi.Input[builtins.str] allowed_extensions: Specifies a comma-separated list of extensions that certificates can have when signed.
521
522
  :param pulumi.Input[Sequence[pulumi.Input['SecretBackendRoleAllowedUserKeyConfigArgs']]] allowed_user_key_configs: Set of configuration blocks to define allowed
522
523
  user key configuration, like key type and their lengths. Can be specified multiple times.
523
524
  *See Configuration-Options for more info*
524
- :param pulumi.Input[str] allowed_users: Specifies a comma-separated list of usernames that are to be allowed, only if certain usernames are to be allowed.
525
- :param pulumi.Input[bool] allowed_users_template: Specifies if `allowed_users` can be declared using identity template policies. Non-templated users are also permitted.
526
- :param pulumi.Input[str] backend: The path where the SSH secret backend is mounted.
527
- :param pulumi.Input[str] cidr_list: The comma-separated string of CIDR blocks for which this role is applicable.
528
- :param pulumi.Input[Mapping[str, pulumi.Input[str]]] default_critical_options: Specifies a map of critical options that certificates have when signed.
529
- :param pulumi.Input[Mapping[str, pulumi.Input[str]]] default_extensions: Specifies a map of extensions that certificates have when signed.
530
- :param pulumi.Input[str] default_user: Specifies the default username for which a credential will be generated.
531
- :param pulumi.Input[bool] default_user_template: If set, `default_users` can be specified using identity template values. A non-templated user is also permitted.
532
- :param pulumi.Input[str] key_id_format: Specifies a custom format for the key id of a signed certificate.
533
- :param pulumi.Input[str] key_type: Specifies the type of credentials generated by this role. This can be either `otp`, `dynamic` or `ca`.
534
- :param pulumi.Input[str] max_ttl: Specifies the maximum Time To Live value.
535
- :param pulumi.Input[str] name: Specifies the name of the role to create.
536
- :param pulumi.Input[str] namespace: The namespace to provision the resource in.
525
+ :param pulumi.Input[builtins.str] allowed_users: Specifies a comma-separated list of usernames that are to be allowed, only if certain usernames are to be allowed.
526
+ :param pulumi.Input[builtins.bool] allowed_users_template: Specifies if `allowed_users` can be declared using identity template policies. Non-templated users are also permitted.
527
+ :param pulumi.Input[builtins.str] backend: The path where the SSH secret backend is mounted.
528
+ :param pulumi.Input[builtins.str] cidr_list: The comma-separated string of CIDR blocks for which this role is applicable.
529
+ :param pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]] default_critical_options: Specifies a map of critical options that certificates have when signed.
530
+ :param pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]] default_extensions: Specifies a map of extensions that certificates have when signed.
531
+ :param pulumi.Input[builtins.str] default_user: Specifies the default username for which a credential will be generated.
532
+ :param pulumi.Input[builtins.bool] default_user_template: If set, `default_users` can be specified using identity template values. A non-templated user is also permitted.
533
+ :param pulumi.Input[builtins.str] key_id_format: Specifies a custom format for the key id of a signed certificate.
534
+ :param pulumi.Input[builtins.str] key_type: Specifies the type of credentials generated by this role. This can be either `otp`, `dynamic` or `ca`.
535
+ :param pulumi.Input[builtins.str] max_ttl: Specifies the maximum Time To Live value.
536
+ :param pulumi.Input[builtins.str] name: Specifies the name of the role to create.
537
+ :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
537
538
  The value should not contain leading or trailing forward slashes.
538
539
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
539
540
  *Available only for Vault Enterprise*.
540
- :param pulumi.Input[str] not_before_duration: Specifies the duration by which to backdate the ValidAfter property. Uses duration format strings.
541
- :param pulumi.Input[str] ttl: Specifies the Time To Live value.
541
+ :param pulumi.Input[builtins.str] not_before_duration: Specifies the duration by which to backdate the ValidAfter property. Uses duration format strings.
542
+ :param pulumi.Input[builtins.str] ttl: Specifies the Time To Live value.
542
543
  """
543
544
  if algorithm_signer is not None:
544
545
  pulumi.set(__self__, "algorithm_signer", algorithm_signer)
@@ -597,31 +598,31 @@ class _SecretBackendRoleState:
597
598
 
598
599
  @property
599
600
  @pulumi.getter(name="algorithmSigner")
600
- def algorithm_signer(self) -> Optional[pulumi.Input[str]]:
601
+ def algorithm_signer(self) -> Optional[pulumi.Input[builtins.str]]:
601
602
  """
602
603
  When supplied, this value specifies a signing algorithm for the key. Possible values: ssh-rsa, rsa-sha2-256, rsa-sha2-512.
603
604
  """
604
605
  return pulumi.get(self, "algorithm_signer")
605
606
 
606
607
  @algorithm_signer.setter
607
- def algorithm_signer(self, value: Optional[pulumi.Input[str]]):
608
+ def algorithm_signer(self, value: Optional[pulumi.Input[builtins.str]]):
608
609
  pulumi.set(self, "algorithm_signer", value)
609
610
 
610
611
  @property
611
612
  @pulumi.getter(name="allowBareDomains")
612
- def allow_bare_domains(self) -> Optional[pulumi.Input[bool]]:
613
+ def allow_bare_domains(self) -> Optional[pulumi.Input[builtins.bool]]:
613
614
  """
614
615
  Specifies if host certificates that are requested are allowed to use the base domains listed in `allowed_domains`.
615
616
  """
616
617
  return pulumi.get(self, "allow_bare_domains")
617
618
 
618
619
  @allow_bare_domains.setter
619
- def allow_bare_domains(self, value: Optional[pulumi.Input[bool]]):
620
+ def allow_bare_domains(self, value: Optional[pulumi.Input[builtins.bool]]):
620
621
  pulumi.set(self, "allow_bare_domains", value)
621
622
 
622
623
  @property
623
624
  @pulumi.getter(name="allowEmptyPrincipals")
624
- def allow_empty_principals(self) -> Optional[pulumi.Input[bool]]:
625
+ def allow_empty_principals(self) -> Optional[pulumi.Input[builtins.bool]]:
625
626
  """
626
627
  Allow signing certificates with no
627
628
  valid principals (e.g. any valid principal). For backwards compatibility
@@ -630,84 +631,84 @@ class _SecretBackendRoleState:
630
631
  return pulumi.get(self, "allow_empty_principals")
631
632
 
632
633
  @allow_empty_principals.setter
633
- def allow_empty_principals(self, value: Optional[pulumi.Input[bool]]):
634
+ def allow_empty_principals(self, value: Optional[pulumi.Input[builtins.bool]]):
634
635
  pulumi.set(self, "allow_empty_principals", value)
635
636
 
636
637
  @property
637
638
  @pulumi.getter(name="allowHostCertificates")
638
- def allow_host_certificates(self) -> Optional[pulumi.Input[bool]]:
639
+ def allow_host_certificates(self) -> Optional[pulumi.Input[builtins.bool]]:
639
640
  """
640
641
  Specifies if certificates are allowed to be signed for use as a 'host'.
641
642
  """
642
643
  return pulumi.get(self, "allow_host_certificates")
643
644
 
644
645
  @allow_host_certificates.setter
645
- def allow_host_certificates(self, value: Optional[pulumi.Input[bool]]):
646
+ def allow_host_certificates(self, value: Optional[pulumi.Input[builtins.bool]]):
646
647
  pulumi.set(self, "allow_host_certificates", value)
647
648
 
648
649
  @property
649
650
  @pulumi.getter(name="allowSubdomains")
650
- def allow_subdomains(self) -> Optional[pulumi.Input[bool]]:
651
+ def allow_subdomains(self) -> Optional[pulumi.Input[builtins.bool]]:
651
652
  """
652
653
  Specifies if host certificates that are requested are allowed to be subdomains of those listed in `allowed_domains`.
653
654
  """
654
655
  return pulumi.get(self, "allow_subdomains")
655
656
 
656
657
  @allow_subdomains.setter
657
- def allow_subdomains(self, value: Optional[pulumi.Input[bool]]):
658
+ def allow_subdomains(self, value: Optional[pulumi.Input[builtins.bool]]):
658
659
  pulumi.set(self, "allow_subdomains", value)
659
660
 
660
661
  @property
661
662
  @pulumi.getter(name="allowUserCertificates")
662
- def allow_user_certificates(self) -> Optional[pulumi.Input[bool]]:
663
+ def allow_user_certificates(self) -> Optional[pulumi.Input[builtins.bool]]:
663
664
  """
664
665
  Specifies if certificates are allowed to be signed for use as a 'user'.
665
666
  """
666
667
  return pulumi.get(self, "allow_user_certificates")
667
668
 
668
669
  @allow_user_certificates.setter
669
- def allow_user_certificates(self, value: Optional[pulumi.Input[bool]]):
670
+ def allow_user_certificates(self, value: Optional[pulumi.Input[builtins.bool]]):
670
671
  pulumi.set(self, "allow_user_certificates", value)
671
672
 
672
673
  @property
673
674
  @pulumi.getter(name="allowUserKeyIds")
674
- def allow_user_key_ids(self) -> Optional[pulumi.Input[bool]]:
675
+ def allow_user_key_ids(self) -> Optional[pulumi.Input[builtins.bool]]:
675
676
  """
676
677
  Specifies if users can override the key ID for a signed certificate with the `key_id` field.
677
678
  """
678
679
  return pulumi.get(self, "allow_user_key_ids")
679
680
 
680
681
  @allow_user_key_ids.setter
681
- def allow_user_key_ids(self, value: Optional[pulumi.Input[bool]]):
682
+ def allow_user_key_ids(self, value: Optional[pulumi.Input[builtins.bool]]):
682
683
  pulumi.set(self, "allow_user_key_ids", value)
683
684
 
684
685
  @property
685
686
  @pulumi.getter(name="allowedCriticalOptions")
686
- def allowed_critical_options(self) -> Optional[pulumi.Input[str]]:
687
+ def allowed_critical_options(self) -> Optional[pulumi.Input[builtins.str]]:
687
688
  """
688
689
  Specifies a comma-separated list of critical options that certificates can have when signed.
689
690
  """
690
691
  return pulumi.get(self, "allowed_critical_options")
691
692
 
692
693
  @allowed_critical_options.setter
693
- def allowed_critical_options(self, value: Optional[pulumi.Input[str]]):
694
+ def allowed_critical_options(self, value: Optional[pulumi.Input[builtins.str]]):
694
695
  pulumi.set(self, "allowed_critical_options", value)
695
696
 
696
697
  @property
697
698
  @pulumi.getter(name="allowedDomains")
698
- def allowed_domains(self) -> Optional[pulumi.Input[str]]:
699
+ def allowed_domains(self) -> Optional[pulumi.Input[builtins.str]]:
699
700
  """
700
701
  The list of domains for which a client can request a host certificate.
701
702
  """
702
703
  return pulumi.get(self, "allowed_domains")
703
704
 
704
705
  @allowed_domains.setter
705
- def allowed_domains(self, value: Optional[pulumi.Input[str]]):
706
+ def allowed_domains(self, value: Optional[pulumi.Input[builtins.str]]):
706
707
  pulumi.set(self, "allowed_domains", value)
707
708
 
708
709
  @property
709
710
  @pulumi.getter(name="allowedDomainsTemplate")
710
- def allowed_domains_template(self) -> Optional[pulumi.Input[bool]]:
711
+ def allowed_domains_template(self) -> Optional[pulumi.Input[builtins.bool]]:
711
712
  """
712
713
  Specifies if `allowed_domains` can be declared using
713
714
  identity template policies. Non-templated domains are also permitted.
@@ -715,19 +716,19 @@ class _SecretBackendRoleState:
715
716
  return pulumi.get(self, "allowed_domains_template")
716
717
 
717
718
  @allowed_domains_template.setter
718
- def allowed_domains_template(self, value: Optional[pulumi.Input[bool]]):
719
+ def allowed_domains_template(self, value: Optional[pulumi.Input[builtins.bool]]):
719
720
  pulumi.set(self, "allowed_domains_template", value)
720
721
 
721
722
  @property
722
723
  @pulumi.getter(name="allowedExtensions")
723
- def allowed_extensions(self) -> Optional[pulumi.Input[str]]:
724
+ def allowed_extensions(self) -> Optional[pulumi.Input[builtins.str]]:
724
725
  """
725
726
  Specifies a comma-separated list of extensions that certificates can have when signed.
726
727
  """
727
728
  return pulumi.get(self, "allowed_extensions")
728
729
 
729
730
  @allowed_extensions.setter
730
- def allowed_extensions(self, value: Optional[pulumi.Input[str]]):
731
+ def allowed_extensions(self, value: Optional[pulumi.Input[builtins.str]]):
731
732
  pulumi.set(self, "allowed_extensions", value)
732
733
 
733
734
  @property
@@ -746,151 +747,151 @@ class _SecretBackendRoleState:
746
747
 
747
748
  @property
748
749
  @pulumi.getter(name="allowedUsers")
749
- def allowed_users(self) -> Optional[pulumi.Input[str]]:
750
+ def allowed_users(self) -> Optional[pulumi.Input[builtins.str]]:
750
751
  """
751
752
  Specifies a comma-separated list of usernames that are to be allowed, only if certain usernames are to be allowed.
752
753
  """
753
754
  return pulumi.get(self, "allowed_users")
754
755
 
755
756
  @allowed_users.setter
756
- def allowed_users(self, value: Optional[pulumi.Input[str]]):
757
+ def allowed_users(self, value: Optional[pulumi.Input[builtins.str]]):
757
758
  pulumi.set(self, "allowed_users", value)
758
759
 
759
760
  @property
760
761
  @pulumi.getter(name="allowedUsersTemplate")
761
- def allowed_users_template(self) -> Optional[pulumi.Input[bool]]:
762
+ def allowed_users_template(self) -> Optional[pulumi.Input[builtins.bool]]:
762
763
  """
763
764
  Specifies if `allowed_users` can be declared using identity template policies. Non-templated users are also permitted.
764
765
  """
765
766
  return pulumi.get(self, "allowed_users_template")
766
767
 
767
768
  @allowed_users_template.setter
768
- def allowed_users_template(self, value: Optional[pulumi.Input[bool]]):
769
+ def allowed_users_template(self, value: Optional[pulumi.Input[builtins.bool]]):
769
770
  pulumi.set(self, "allowed_users_template", value)
770
771
 
771
772
  @property
772
773
  @pulumi.getter
773
- def backend(self) -> Optional[pulumi.Input[str]]:
774
+ def backend(self) -> Optional[pulumi.Input[builtins.str]]:
774
775
  """
775
776
  The path where the SSH secret backend is mounted.
776
777
  """
777
778
  return pulumi.get(self, "backend")
778
779
 
779
780
  @backend.setter
780
- def backend(self, value: Optional[pulumi.Input[str]]):
781
+ def backend(self, value: Optional[pulumi.Input[builtins.str]]):
781
782
  pulumi.set(self, "backend", value)
782
783
 
783
784
  @property
784
785
  @pulumi.getter(name="cidrList")
785
- def cidr_list(self) -> Optional[pulumi.Input[str]]:
786
+ def cidr_list(self) -> Optional[pulumi.Input[builtins.str]]:
786
787
  """
787
788
  The comma-separated string of CIDR blocks for which this role is applicable.
788
789
  """
789
790
  return pulumi.get(self, "cidr_list")
790
791
 
791
792
  @cidr_list.setter
792
- def cidr_list(self, value: Optional[pulumi.Input[str]]):
793
+ def cidr_list(self, value: Optional[pulumi.Input[builtins.str]]):
793
794
  pulumi.set(self, "cidr_list", value)
794
795
 
795
796
  @property
796
797
  @pulumi.getter(name="defaultCriticalOptions")
797
- def default_critical_options(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
798
+ def default_critical_options(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]:
798
799
  """
799
800
  Specifies a map of critical options that certificates have when signed.
800
801
  """
801
802
  return pulumi.get(self, "default_critical_options")
802
803
 
803
804
  @default_critical_options.setter
804
- def default_critical_options(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
805
+ def default_critical_options(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]):
805
806
  pulumi.set(self, "default_critical_options", value)
806
807
 
807
808
  @property
808
809
  @pulumi.getter(name="defaultExtensions")
809
- def default_extensions(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
810
+ def default_extensions(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]:
810
811
  """
811
812
  Specifies a map of extensions that certificates have when signed.
812
813
  """
813
814
  return pulumi.get(self, "default_extensions")
814
815
 
815
816
  @default_extensions.setter
816
- def default_extensions(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
817
+ def default_extensions(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]):
817
818
  pulumi.set(self, "default_extensions", value)
818
819
 
819
820
  @property
820
821
  @pulumi.getter(name="defaultUser")
821
- def default_user(self) -> Optional[pulumi.Input[str]]:
822
+ def default_user(self) -> Optional[pulumi.Input[builtins.str]]:
822
823
  """
823
824
  Specifies the default username for which a credential will be generated.
824
825
  """
825
826
  return pulumi.get(self, "default_user")
826
827
 
827
828
  @default_user.setter
828
- def default_user(self, value: Optional[pulumi.Input[str]]):
829
+ def default_user(self, value: Optional[pulumi.Input[builtins.str]]):
829
830
  pulumi.set(self, "default_user", value)
830
831
 
831
832
  @property
832
833
  @pulumi.getter(name="defaultUserTemplate")
833
- def default_user_template(self) -> Optional[pulumi.Input[bool]]:
834
+ def default_user_template(self) -> Optional[pulumi.Input[builtins.bool]]:
834
835
  """
835
836
  If set, `default_users` can be specified using identity template values. A non-templated user is also permitted.
836
837
  """
837
838
  return pulumi.get(self, "default_user_template")
838
839
 
839
840
  @default_user_template.setter
840
- def default_user_template(self, value: Optional[pulumi.Input[bool]]):
841
+ def default_user_template(self, value: Optional[pulumi.Input[builtins.bool]]):
841
842
  pulumi.set(self, "default_user_template", value)
842
843
 
843
844
  @property
844
845
  @pulumi.getter(name="keyIdFormat")
845
- def key_id_format(self) -> Optional[pulumi.Input[str]]:
846
+ def key_id_format(self) -> Optional[pulumi.Input[builtins.str]]:
846
847
  """
847
848
  Specifies a custom format for the key id of a signed certificate.
848
849
  """
849
850
  return pulumi.get(self, "key_id_format")
850
851
 
851
852
  @key_id_format.setter
852
- def key_id_format(self, value: Optional[pulumi.Input[str]]):
853
+ def key_id_format(self, value: Optional[pulumi.Input[builtins.str]]):
853
854
  pulumi.set(self, "key_id_format", value)
854
855
 
855
856
  @property
856
857
  @pulumi.getter(name="keyType")
857
- def key_type(self) -> Optional[pulumi.Input[str]]:
858
+ def key_type(self) -> Optional[pulumi.Input[builtins.str]]:
858
859
  """
859
860
  Specifies the type of credentials generated by this role. This can be either `otp`, `dynamic` or `ca`.
860
861
  """
861
862
  return pulumi.get(self, "key_type")
862
863
 
863
864
  @key_type.setter
864
- def key_type(self, value: Optional[pulumi.Input[str]]):
865
+ def key_type(self, value: Optional[pulumi.Input[builtins.str]]):
865
866
  pulumi.set(self, "key_type", value)
866
867
 
867
868
  @property
868
869
  @pulumi.getter(name="maxTtl")
869
- def max_ttl(self) -> Optional[pulumi.Input[str]]:
870
+ def max_ttl(self) -> Optional[pulumi.Input[builtins.str]]:
870
871
  """
871
872
  Specifies the maximum Time To Live value.
872
873
  """
873
874
  return pulumi.get(self, "max_ttl")
874
875
 
875
876
  @max_ttl.setter
876
- def max_ttl(self, value: Optional[pulumi.Input[str]]):
877
+ def max_ttl(self, value: Optional[pulumi.Input[builtins.str]]):
877
878
  pulumi.set(self, "max_ttl", value)
878
879
 
879
880
  @property
880
881
  @pulumi.getter
881
- def name(self) -> Optional[pulumi.Input[str]]:
882
+ def name(self) -> Optional[pulumi.Input[builtins.str]]:
882
883
  """
883
884
  Specifies the name of the role to create.
884
885
  """
885
886
  return pulumi.get(self, "name")
886
887
 
887
888
  @name.setter
888
- def name(self, value: Optional[pulumi.Input[str]]):
889
+ def name(self, value: Optional[pulumi.Input[builtins.str]]):
889
890
  pulumi.set(self, "name", value)
890
891
 
891
892
  @property
892
893
  @pulumi.getter
893
- def namespace(self) -> Optional[pulumi.Input[str]]:
894
+ def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
894
895
  """
895
896
  The namespace to provision the resource in.
896
897
  The value should not contain leading or trailing forward slashes.
@@ -900,31 +901,31 @@ class _SecretBackendRoleState:
900
901
  return pulumi.get(self, "namespace")
901
902
 
902
903
  @namespace.setter
903
- def namespace(self, value: Optional[pulumi.Input[str]]):
904
+ def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
904
905
  pulumi.set(self, "namespace", value)
905
906
 
906
907
  @property
907
908
  @pulumi.getter(name="notBeforeDuration")
908
- def not_before_duration(self) -> Optional[pulumi.Input[str]]:
909
+ def not_before_duration(self) -> Optional[pulumi.Input[builtins.str]]:
909
910
  """
910
911
  Specifies the duration by which to backdate the ValidAfter property. Uses duration format strings.
911
912
  """
912
913
  return pulumi.get(self, "not_before_duration")
913
914
 
914
915
  @not_before_duration.setter
915
- def not_before_duration(self, value: Optional[pulumi.Input[str]]):
916
+ def not_before_duration(self, value: Optional[pulumi.Input[builtins.str]]):
916
917
  pulumi.set(self, "not_before_duration", value)
917
918
 
918
919
  @property
919
920
  @pulumi.getter
920
- def ttl(self) -> Optional[pulumi.Input[str]]:
921
+ def ttl(self) -> Optional[pulumi.Input[builtins.str]]:
921
922
  """
922
923
  Specifies the Time To Live value.
923
924
  """
924
925
  return pulumi.get(self, "ttl")
925
926
 
926
927
  @ttl.setter
927
- def ttl(self, value: Optional[pulumi.Input[str]]):
928
+ def ttl(self, value: Optional[pulumi.Input[builtins.str]]):
928
929
  pulumi.set(self, "ttl", value)
929
930
 
930
931
 
@@ -933,33 +934,33 @@ class SecretBackendRole(pulumi.CustomResource):
933
934
  def __init__(__self__,
934
935
  resource_name: str,
935
936
  opts: Optional[pulumi.ResourceOptions] = None,
936
- algorithm_signer: Optional[pulumi.Input[str]] = None,
937
- allow_bare_domains: Optional[pulumi.Input[bool]] = None,
938
- allow_empty_principals: Optional[pulumi.Input[bool]] = None,
939
- allow_host_certificates: Optional[pulumi.Input[bool]] = None,
940
- allow_subdomains: Optional[pulumi.Input[bool]] = None,
941
- allow_user_certificates: Optional[pulumi.Input[bool]] = None,
942
- allow_user_key_ids: Optional[pulumi.Input[bool]] = None,
943
- allowed_critical_options: Optional[pulumi.Input[str]] = None,
944
- allowed_domains: Optional[pulumi.Input[str]] = None,
945
- allowed_domains_template: Optional[pulumi.Input[bool]] = None,
946
- allowed_extensions: Optional[pulumi.Input[str]] = None,
937
+ algorithm_signer: Optional[pulumi.Input[builtins.str]] = None,
938
+ allow_bare_domains: Optional[pulumi.Input[builtins.bool]] = None,
939
+ allow_empty_principals: Optional[pulumi.Input[builtins.bool]] = None,
940
+ allow_host_certificates: Optional[pulumi.Input[builtins.bool]] = None,
941
+ allow_subdomains: Optional[pulumi.Input[builtins.bool]] = None,
942
+ allow_user_certificates: Optional[pulumi.Input[builtins.bool]] = None,
943
+ allow_user_key_ids: Optional[pulumi.Input[builtins.bool]] = None,
944
+ allowed_critical_options: Optional[pulumi.Input[builtins.str]] = None,
945
+ allowed_domains: Optional[pulumi.Input[builtins.str]] = None,
946
+ allowed_domains_template: Optional[pulumi.Input[builtins.bool]] = None,
947
+ allowed_extensions: Optional[pulumi.Input[builtins.str]] = None,
947
948
  allowed_user_key_configs: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretBackendRoleAllowedUserKeyConfigArgs', 'SecretBackendRoleAllowedUserKeyConfigArgsDict']]]]] = None,
948
- allowed_users: Optional[pulumi.Input[str]] = None,
949
- allowed_users_template: Optional[pulumi.Input[bool]] = None,
950
- backend: Optional[pulumi.Input[str]] = None,
951
- cidr_list: Optional[pulumi.Input[str]] = None,
952
- default_critical_options: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
953
- default_extensions: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
954
- default_user: Optional[pulumi.Input[str]] = None,
955
- default_user_template: Optional[pulumi.Input[bool]] = None,
956
- key_id_format: Optional[pulumi.Input[str]] = None,
957
- key_type: Optional[pulumi.Input[str]] = None,
958
- max_ttl: Optional[pulumi.Input[str]] = None,
959
- name: Optional[pulumi.Input[str]] = None,
960
- namespace: Optional[pulumi.Input[str]] = None,
961
- not_before_duration: Optional[pulumi.Input[str]] = None,
962
- ttl: Optional[pulumi.Input[str]] = None,
949
+ allowed_users: Optional[pulumi.Input[builtins.str]] = None,
950
+ allowed_users_template: Optional[pulumi.Input[builtins.bool]] = None,
951
+ backend: Optional[pulumi.Input[builtins.str]] = None,
952
+ cidr_list: Optional[pulumi.Input[builtins.str]] = None,
953
+ default_critical_options: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
954
+ default_extensions: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
955
+ default_user: Optional[pulumi.Input[builtins.str]] = None,
956
+ default_user_template: Optional[pulumi.Input[builtins.bool]] = None,
957
+ key_id_format: Optional[pulumi.Input[builtins.str]] = None,
958
+ key_type: Optional[pulumi.Input[builtins.str]] = None,
959
+ max_ttl: Optional[pulumi.Input[builtins.str]] = None,
960
+ name: Optional[pulumi.Input[builtins.str]] = None,
961
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
962
+ not_before_duration: Optional[pulumi.Input[builtins.str]] = None,
963
+ ttl: Optional[pulumi.Input[builtins.str]] = None,
963
964
  __props__=None):
964
965
  """
965
966
  Provides a resource to manage roles in an SSH secret backend
@@ -996,41 +997,41 @@ class SecretBackendRole(pulumi.CustomResource):
996
997
 
997
998
  :param str resource_name: The name of the resource.
998
999
  :param pulumi.ResourceOptions opts: Options for the resource.
999
- :param pulumi.Input[str] algorithm_signer: When supplied, this value specifies a signing algorithm for the key. Possible values: ssh-rsa, rsa-sha2-256, rsa-sha2-512.
1000
- :param pulumi.Input[bool] allow_bare_domains: Specifies if host certificates that are requested are allowed to use the base domains listed in `allowed_domains`.
1001
- :param pulumi.Input[bool] allow_empty_principals: Allow signing certificates with no
1000
+ :param pulumi.Input[builtins.str] algorithm_signer: When supplied, this value specifies a signing algorithm for the key. Possible values: ssh-rsa, rsa-sha2-256, rsa-sha2-512.
1001
+ :param pulumi.Input[builtins.bool] allow_bare_domains: Specifies if host certificates that are requested are allowed to use the base domains listed in `allowed_domains`.
1002
+ :param pulumi.Input[builtins.bool] allow_empty_principals: Allow signing certificates with no
1002
1003
  valid principals (e.g. any valid principal). For backwards compatibility
1003
1004
  only. The default of false is highly recommended.
1004
- :param pulumi.Input[bool] allow_host_certificates: Specifies if certificates are allowed to be signed for use as a 'host'.
1005
- :param pulumi.Input[bool] allow_subdomains: Specifies if host certificates that are requested are allowed to be subdomains of those listed in `allowed_domains`.
1006
- :param pulumi.Input[bool] allow_user_certificates: Specifies if certificates are allowed to be signed for use as a 'user'.
1007
- :param pulumi.Input[bool] allow_user_key_ids: Specifies if users can override the key ID for a signed certificate with the `key_id` field.
1008
- :param pulumi.Input[str] allowed_critical_options: Specifies a comma-separated list of critical options that certificates can have when signed.
1009
- :param pulumi.Input[str] allowed_domains: The list of domains for which a client can request a host certificate.
1010
- :param pulumi.Input[bool] allowed_domains_template: Specifies if `allowed_domains` can be declared using
1005
+ :param pulumi.Input[builtins.bool] allow_host_certificates: Specifies if certificates are allowed to be signed for use as a 'host'.
1006
+ :param pulumi.Input[builtins.bool] allow_subdomains: Specifies if host certificates that are requested are allowed to be subdomains of those listed in `allowed_domains`.
1007
+ :param pulumi.Input[builtins.bool] allow_user_certificates: Specifies if certificates are allowed to be signed for use as a 'user'.
1008
+ :param pulumi.Input[builtins.bool] allow_user_key_ids: Specifies if users can override the key ID for a signed certificate with the `key_id` field.
1009
+ :param pulumi.Input[builtins.str] allowed_critical_options: Specifies a comma-separated list of critical options that certificates can have when signed.
1010
+ :param pulumi.Input[builtins.str] allowed_domains: The list of domains for which a client can request a host certificate.
1011
+ :param pulumi.Input[builtins.bool] allowed_domains_template: Specifies if `allowed_domains` can be declared using
1011
1012
  identity template policies. Non-templated domains are also permitted.
1012
- :param pulumi.Input[str] allowed_extensions: Specifies a comma-separated list of extensions that certificates can have when signed.
1013
+ :param pulumi.Input[builtins.str] allowed_extensions: Specifies a comma-separated list of extensions that certificates can have when signed.
1013
1014
  :param pulumi.Input[Sequence[pulumi.Input[Union['SecretBackendRoleAllowedUserKeyConfigArgs', 'SecretBackendRoleAllowedUserKeyConfigArgsDict']]]] allowed_user_key_configs: Set of configuration blocks to define allowed
1014
1015
  user key configuration, like key type and their lengths. Can be specified multiple times.
1015
1016
  *See Configuration-Options for more info*
1016
- :param pulumi.Input[str] allowed_users: Specifies a comma-separated list of usernames that are to be allowed, only if certain usernames are to be allowed.
1017
- :param pulumi.Input[bool] allowed_users_template: Specifies if `allowed_users` can be declared using identity template policies. Non-templated users are also permitted.
1018
- :param pulumi.Input[str] backend: The path where the SSH secret backend is mounted.
1019
- :param pulumi.Input[str] cidr_list: The comma-separated string of CIDR blocks for which this role is applicable.
1020
- :param pulumi.Input[Mapping[str, pulumi.Input[str]]] default_critical_options: Specifies a map of critical options that certificates have when signed.
1021
- :param pulumi.Input[Mapping[str, pulumi.Input[str]]] default_extensions: Specifies a map of extensions that certificates have when signed.
1022
- :param pulumi.Input[str] default_user: Specifies the default username for which a credential will be generated.
1023
- :param pulumi.Input[bool] default_user_template: If set, `default_users` can be specified using identity template values. A non-templated user is also permitted.
1024
- :param pulumi.Input[str] key_id_format: Specifies a custom format for the key id of a signed certificate.
1025
- :param pulumi.Input[str] key_type: Specifies the type of credentials generated by this role. This can be either `otp`, `dynamic` or `ca`.
1026
- :param pulumi.Input[str] max_ttl: Specifies the maximum Time To Live value.
1027
- :param pulumi.Input[str] name: Specifies the name of the role to create.
1028
- :param pulumi.Input[str] namespace: The namespace to provision the resource in.
1017
+ :param pulumi.Input[builtins.str] allowed_users: Specifies a comma-separated list of usernames that are to be allowed, only if certain usernames are to be allowed.
1018
+ :param pulumi.Input[builtins.bool] allowed_users_template: Specifies if `allowed_users` can be declared using identity template policies. Non-templated users are also permitted.
1019
+ :param pulumi.Input[builtins.str] backend: The path where the SSH secret backend is mounted.
1020
+ :param pulumi.Input[builtins.str] cidr_list: The comma-separated string of CIDR blocks for which this role is applicable.
1021
+ :param pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]] default_critical_options: Specifies a map of critical options that certificates have when signed.
1022
+ :param pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]] default_extensions: Specifies a map of extensions that certificates have when signed.
1023
+ :param pulumi.Input[builtins.str] default_user: Specifies the default username for which a credential will be generated.
1024
+ :param pulumi.Input[builtins.bool] default_user_template: If set, `default_users` can be specified using identity template values. A non-templated user is also permitted.
1025
+ :param pulumi.Input[builtins.str] key_id_format: Specifies a custom format for the key id of a signed certificate.
1026
+ :param pulumi.Input[builtins.str] key_type: Specifies the type of credentials generated by this role. This can be either `otp`, `dynamic` or `ca`.
1027
+ :param pulumi.Input[builtins.str] max_ttl: Specifies the maximum Time To Live value.
1028
+ :param pulumi.Input[builtins.str] name: Specifies the name of the role to create.
1029
+ :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
1029
1030
  The value should not contain leading or trailing forward slashes.
1030
1031
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
1031
1032
  *Available only for Vault Enterprise*.
1032
- :param pulumi.Input[str] not_before_duration: Specifies the duration by which to backdate the ValidAfter property. Uses duration format strings.
1033
- :param pulumi.Input[str] ttl: Specifies the Time To Live value.
1033
+ :param pulumi.Input[builtins.str] not_before_duration: Specifies the duration by which to backdate the ValidAfter property. Uses duration format strings.
1034
+ :param pulumi.Input[builtins.str] ttl: Specifies the Time To Live value.
1034
1035
  """
1035
1036
  ...
1036
1037
  @overload
@@ -1086,33 +1087,33 @@ class SecretBackendRole(pulumi.CustomResource):
1086
1087
  def _internal_init(__self__,
1087
1088
  resource_name: str,
1088
1089
  opts: Optional[pulumi.ResourceOptions] = None,
1089
- algorithm_signer: Optional[pulumi.Input[str]] = None,
1090
- allow_bare_domains: Optional[pulumi.Input[bool]] = None,
1091
- allow_empty_principals: Optional[pulumi.Input[bool]] = None,
1092
- allow_host_certificates: Optional[pulumi.Input[bool]] = None,
1093
- allow_subdomains: Optional[pulumi.Input[bool]] = None,
1094
- allow_user_certificates: Optional[pulumi.Input[bool]] = None,
1095
- allow_user_key_ids: Optional[pulumi.Input[bool]] = None,
1096
- allowed_critical_options: Optional[pulumi.Input[str]] = None,
1097
- allowed_domains: Optional[pulumi.Input[str]] = None,
1098
- allowed_domains_template: Optional[pulumi.Input[bool]] = None,
1099
- allowed_extensions: Optional[pulumi.Input[str]] = None,
1090
+ algorithm_signer: Optional[pulumi.Input[builtins.str]] = None,
1091
+ allow_bare_domains: Optional[pulumi.Input[builtins.bool]] = None,
1092
+ allow_empty_principals: Optional[pulumi.Input[builtins.bool]] = None,
1093
+ allow_host_certificates: Optional[pulumi.Input[builtins.bool]] = None,
1094
+ allow_subdomains: Optional[pulumi.Input[builtins.bool]] = None,
1095
+ allow_user_certificates: Optional[pulumi.Input[builtins.bool]] = None,
1096
+ allow_user_key_ids: Optional[pulumi.Input[builtins.bool]] = None,
1097
+ allowed_critical_options: Optional[pulumi.Input[builtins.str]] = None,
1098
+ allowed_domains: Optional[pulumi.Input[builtins.str]] = None,
1099
+ allowed_domains_template: Optional[pulumi.Input[builtins.bool]] = None,
1100
+ allowed_extensions: Optional[pulumi.Input[builtins.str]] = None,
1100
1101
  allowed_user_key_configs: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretBackendRoleAllowedUserKeyConfigArgs', 'SecretBackendRoleAllowedUserKeyConfigArgsDict']]]]] = None,
1101
- allowed_users: Optional[pulumi.Input[str]] = None,
1102
- allowed_users_template: Optional[pulumi.Input[bool]] = None,
1103
- backend: Optional[pulumi.Input[str]] = None,
1104
- cidr_list: Optional[pulumi.Input[str]] = None,
1105
- default_critical_options: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
1106
- default_extensions: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
1107
- default_user: Optional[pulumi.Input[str]] = None,
1108
- default_user_template: Optional[pulumi.Input[bool]] = None,
1109
- key_id_format: Optional[pulumi.Input[str]] = None,
1110
- key_type: Optional[pulumi.Input[str]] = None,
1111
- max_ttl: Optional[pulumi.Input[str]] = None,
1112
- name: Optional[pulumi.Input[str]] = None,
1113
- namespace: Optional[pulumi.Input[str]] = None,
1114
- not_before_duration: Optional[pulumi.Input[str]] = None,
1115
- ttl: Optional[pulumi.Input[str]] = None,
1102
+ allowed_users: Optional[pulumi.Input[builtins.str]] = None,
1103
+ allowed_users_template: Optional[pulumi.Input[builtins.bool]] = None,
1104
+ backend: Optional[pulumi.Input[builtins.str]] = None,
1105
+ cidr_list: Optional[pulumi.Input[builtins.str]] = None,
1106
+ default_critical_options: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
1107
+ default_extensions: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
1108
+ default_user: Optional[pulumi.Input[builtins.str]] = None,
1109
+ default_user_template: Optional[pulumi.Input[builtins.bool]] = None,
1110
+ key_id_format: Optional[pulumi.Input[builtins.str]] = None,
1111
+ key_type: Optional[pulumi.Input[builtins.str]] = None,
1112
+ max_ttl: Optional[pulumi.Input[builtins.str]] = None,
1113
+ name: Optional[pulumi.Input[builtins.str]] = None,
1114
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
1115
+ not_before_duration: Optional[pulumi.Input[builtins.str]] = None,
1116
+ ttl: Optional[pulumi.Input[builtins.str]] = None,
1116
1117
  __props__=None):
1117
1118
  opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
1118
1119
  if not isinstance(opts, pulumi.ResourceOptions):
@@ -1163,33 +1164,33 @@ class SecretBackendRole(pulumi.CustomResource):
1163
1164
  def get(resource_name: str,
1164
1165
  id: pulumi.Input[str],
1165
1166
  opts: Optional[pulumi.ResourceOptions] = None,
1166
- algorithm_signer: Optional[pulumi.Input[str]] = None,
1167
- allow_bare_domains: Optional[pulumi.Input[bool]] = None,
1168
- allow_empty_principals: Optional[pulumi.Input[bool]] = None,
1169
- allow_host_certificates: Optional[pulumi.Input[bool]] = None,
1170
- allow_subdomains: Optional[pulumi.Input[bool]] = None,
1171
- allow_user_certificates: Optional[pulumi.Input[bool]] = None,
1172
- allow_user_key_ids: Optional[pulumi.Input[bool]] = None,
1173
- allowed_critical_options: Optional[pulumi.Input[str]] = None,
1174
- allowed_domains: Optional[pulumi.Input[str]] = None,
1175
- allowed_domains_template: Optional[pulumi.Input[bool]] = None,
1176
- allowed_extensions: Optional[pulumi.Input[str]] = None,
1167
+ algorithm_signer: Optional[pulumi.Input[builtins.str]] = None,
1168
+ allow_bare_domains: Optional[pulumi.Input[builtins.bool]] = None,
1169
+ allow_empty_principals: Optional[pulumi.Input[builtins.bool]] = None,
1170
+ allow_host_certificates: Optional[pulumi.Input[builtins.bool]] = None,
1171
+ allow_subdomains: Optional[pulumi.Input[builtins.bool]] = None,
1172
+ allow_user_certificates: Optional[pulumi.Input[builtins.bool]] = None,
1173
+ allow_user_key_ids: Optional[pulumi.Input[builtins.bool]] = None,
1174
+ allowed_critical_options: Optional[pulumi.Input[builtins.str]] = None,
1175
+ allowed_domains: Optional[pulumi.Input[builtins.str]] = None,
1176
+ allowed_domains_template: Optional[pulumi.Input[builtins.bool]] = None,
1177
+ allowed_extensions: Optional[pulumi.Input[builtins.str]] = None,
1177
1178
  allowed_user_key_configs: Optional[pulumi.Input[Sequence[pulumi.Input[Union['SecretBackendRoleAllowedUserKeyConfigArgs', 'SecretBackendRoleAllowedUserKeyConfigArgsDict']]]]] = None,
1178
- allowed_users: Optional[pulumi.Input[str]] = None,
1179
- allowed_users_template: Optional[pulumi.Input[bool]] = None,
1180
- backend: Optional[pulumi.Input[str]] = None,
1181
- cidr_list: Optional[pulumi.Input[str]] = None,
1182
- default_critical_options: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
1183
- default_extensions: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
1184
- default_user: Optional[pulumi.Input[str]] = None,
1185
- default_user_template: Optional[pulumi.Input[bool]] = None,
1186
- key_id_format: Optional[pulumi.Input[str]] = None,
1187
- key_type: Optional[pulumi.Input[str]] = None,
1188
- max_ttl: Optional[pulumi.Input[str]] = None,
1189
- name: Optional[pulumi.Input[str]] = None,
1190
- namespace: Optional[pulumi.Input[str]] = None,
1191
- not_before_duration: Optional[pulumi.Input[str]] = None,
1192
- ttl: Optional[pulumi.Input[str]] = None) -> 'SecretBackendRole':
1179
+ allowed_users: Optional[pulumi.Input[builtins.str]] = None,
1180
+ allowed_users_template: Optional[pulumi.Input[builtins.bool]] = None,
1181
+ backend: Optional[pulumi.Input[builtins.str]] = None,
1182
+ cidr_list: Optional[pulumi.Input[builtins.str]] = None,
1183
+ default_critical_options: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
1184
+ default_extensions: Optional[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]] = None,
1185
+ default_user: Optional[pulumi.Input[builtins.str]] = None,
1186
+ default_user_template: Optional[pulumi.Input[builtins.bool]] = None,
1187
+ key_id_format: Optional[pulumi.Input[builtins.str]] = None,
1188
+ key_type: Optional[pulumi.Input[builtins.str]] = None,
1189
+ max_ttl: Optional[pulumi.Input[builtins.str]] = None,
1190
+ name: Optional[pulumi.Input[builtins.str]] = None,
1191
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
1192
+ not_before_duration: Optional[pulumi.Input[builtins.str]] = None,
1193
+ ttl: Optional[pulumi.Input[builtins.str]] = None) -> 'SecretBackendRole':
1193
1194
  """
1194
1195
  Get an existing SecretBackendRole resource's state with the given name, id, and optional extra
1195
1196
  properties used to qualify the lookup.
@@ -1197,41 +1198,41 @@ class SecretBackendRole(pulumi.CustomResource):
1197
1198
  :param str resource_name: The unique name of the resulting resource.
1198
1199
  :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
1199
1200
  :param pulumi.ResourceOptions opts: Options for the resource.
1200
- :param pulumi.Input[str] algorithm_signer: When supplied, this value specifies a signing algorithm for the key. Possible values: ssh-rsa, rsa-sha2-256, rsa-sha2-512.
1201
- :param pulumi.Input[bool] allow_bare_domains: Specifies if host certificates that are requested are allowed to use the base domains listed in `allowed_domains`.
1202
- :param pulumi.Input[bool] allow_empty_principals: Allow signing certificates with no
1201
+ :param pulumi.Input[builtins.str] algorithm_signer: When supplied, this value specifies a signing algorithm for the key. Possible values: ssh-rsa, rsa-sha2-256, rsa-sha2-512.
1202
+ :param pulumi.Input[builtins.bool] allow_bare_domains: Specifies if host certificates that are requested are allowed to use the base domains listed in `allowed_domains`.
1203
+ :param pulumi.Input[builtins.bool] allow_empty_principals: Allow signing certificates with no
1203
1204
  valid principals (e.g. any valid principal). For backwards compatibility
1204
1205
  only. The default of false is highly recommended.
1205
- :param pulumi.Input[bool] allow_host_certificates: Specifies if certificates are allowed to be signed for use as a 'host'.
1206
- :param pulumi.Input[bool] allow_subdomains: Specifies if host certificates that are requested are allowed to be subdomains of those listed in `allowed_domains`.
1207
- :param pulumi.Input[bool] allow_user_certificates: Specifies if certificates are allowed to be signed for use as a 'user'.
1208
- :param pulumi.Input[bool] allow_user_key_ids: Specifies if users can override the key ID for a signed certificate with the `key_id` field.
1209
- :param pulumi.Input[str] allowed_critical_options: Specifies a comma-separated list of critical options that certificates can have when signed.
1210
- :param pulumi.Input[str] allowed_domains: The list of domains for which a client can request a host certificate.
1211
- :param pulumi.Input[bool] allowed_domains_template: Specifies if `allowed_domains` can be declared using
1206
+ :param pulumi.Input[builtins.bool] allow_host_certificates: Specifies if certificates are allowed to be signed for use as a 'host'.
1207
+ :param pulumi.Input[builtins.bool] allow_subdomains: Specifies if host certificates that are requested are allowed to be subdomains of those listed in `allowed_domains`.
1208
+ :param pulumi.Input[builtins.bool] allow_user_certificates: Specifies if certificates are allowed to be signed for use as a 'user'.
1209
+ :param pulumi.Input[builtins.bool] allow_user_key_ids: Specifies if users can override the key ID for a signed certificate with the `key_id` field.
1210
+ :param pulumi.Input[builtins.str] allowed_critical_options: Specifies a comma-separated list of critical options that certificates can have when signed.
1211
+ :param pulumi.Input[builtins.str] allowed_domains: The list of domains for which a client can request a host certificate.
1212
+ :param pulumi.Input[builtins.bool] allowed_domains_template: Specifies if `allowed_domains` can be declared using
1212
1213
  identity template policies. Non-templated domains are also permitted.
1213
- :param pulumi.Input[str] allowed_extensions: Specifies a comma-separated list of extensions that certificates can have when signed.
1214
+ :param pulumi.Input[builtins.str] allowed_extensions: Specifies a comma-separated list of extensions that certificates can have when signed.
1214
1215
  :param pulumi.Input[Sequence[pulumi.Input[Union['SecretBackendRoleAllowedUserKeyConfigArgs', 'SecretBackendRoleAllowedUserKeyConfigArgsDict']]]] allowed_user_key_configs: Set of configuration blocks to define allowed
1215
1216
  user key configuration, like key type and their lengths. Can be specified multiple times.
1216
1217
  *See Configuration-Options for more info*
1217
- :param pulumi.Input[str] allowed_users: Specifies a comma-separated list of usernames that are to be allowed, only if certain usernames are to be allowed.
1218
- :param pulumi.Input[bool] allowed_users_template: Specifies if `allowed_users` can be declared using identity template policies. Non-templated users are also permitted.
1219
- :param pulumi.Input[str] backend: The path where the SSH secret backend is mounted.
1220
- :param pulumi.Input[str] cidr_list: The comma-separated string of CIDR blocks for which this role is applicable.
1221
- :param pulumi.Input[Mapping[str, pulumi.Input[str]]] default_critical_options: Specifies a map of critical options that certificates have when signed.
1222
- :param pulumi.Input[Mapping[str, pulumi.Input[str]]] default_extensions: Specifies a map of extensions that certificates have when signed.
1223
- :param pulumi.Input[str] default_user: Specifies the default username for which a credential will be generated.
1224
- :param pulumi.Input[bool] default_user_template: If set, `default_users` can be specified using identity template values. A non-templated user is also permitted.
1225
- :param pulumi.Input[str] key_id_format: Specifies a custom format for the key id of a signed certificate.
1226
- :param pulumi.Input[str] key_type: Specifies the type of credentials generated by this role. This can be either `otp`, `dynamic` or `ca`.
1227
- :param pulumi.Input[str] max_ttl: Specifies the maximum Time To Live value.
1228
- :param pulumi.Input[str] name: Specifies the name of the role to create.
1229
- :param pulumi.Input[str] namespace: The namespace to provision the resource in.
1218
+ :param pulumi.Input[builtins.str] allowed_users: Specifies a comma-separated list of usernames that are to be allowed, only if certain usernames are to be allowed.
1219
+ :param pulumi.Input[builtins.bool] allowed_users_template: Specifies if `allowed_users` can be declared using identity template policies. Non-templated users are also permitted.
1220
+ :param pulumi.Input[builtins.str] backend: The path where the SSH secret backend is mounted.
1221
+ :param pulumi.Input[builtins.str] cidr_list: The comma-separated string of CIDR blocks for which this role is applicable.
1222
+ :param pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]] default_critical_options: Specifies a map of critical options that certificates have when signed.
1223
+ :param pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]] default_extensions: Specifies a map of extensions that certificates have when signed.
1224
+ :param pulumi.Input[builtins.str] default_user: Specifies the default username for which a credential will be generated.
1225
+ :param pulumi.Input[builtins.bool] default_user_template: If set, `default_users` can be specified using identity template values. A non-templated user is also permitted.
1226
+ :param pulumi.Input[builtins.str] key_id_format: Specifies a custom format for the key id of a signed certificate.
1227
+ :param pulumi.Input[builtins.str] key_type: Specifies the type of credentials generated by this role. This can be either `otp`, `dynamic` or `ca`.
1228
+ :param pulumi.Input[builtins.str] max_ttl: Specifies the maximum Time To Live value.
1229
+ :param pulumi.Input[builtins.str] name: Specifies the name of the role to create.
1230
+ :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
1230
1231
  The value should not contain leading or trailing forward slashes.
1231
1232
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
1232
1233
  *Available only for Vault Enterprise*.
1233
- :param pulumi.Input[str] not_before_duration: Specifies the duration by which to backdate the ValidAfter property. Uses duration format strings.
1234
- :param pulumi.Input[str] ttl: Specifies the Time To Live value.
1234
+ :param pulumi.Input[builtins.str] not_before_duration: Specifies the duration by which to backdate the ValidAfter property. Uses duration format strings.
1235
+ :param pulumi.Input[builtins.str] ttl: Specifies the Time To Live value.
1235
1236
  """
1236
1237
  opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
1237
1238
 
@@ -1268,7 +1269,7 @@ class SecretBackendRole(pulumi.CustomResource):
1268
1269
 
1269
1270
  @property
1270
1271
  @pulumi.getter(name="algorithmSigner")
1271
- def algorithm_signer(self) -> pulumi.Output[str]:
1272
+ def algorithm_signer(self) -> pulumi.Output[builtins.str]:
1272
1273
  """
1273
1274
  When supplied, this value specifies a signing algorithm for the key. Possible values: ssh-rsa, rsa-sha2-256, rsa-sha2-512.
1274
1275
  """
@@ -1276,7 +1277,7 @@ class SecretBackendRole(pulumi.CustomResource):
1276
1277
 
1277
1278
  @property
1278
1279
  @pulumi.getter(name="allowBareDomains")
1279
- def allow_bare_domains(self) -> pulumi.Output[Optional[bool]]:
1280
+ def allow_bare_domains(self) -> pulumi.Output[Optional[builtins.bool]]:
1280
1281
  """
1281
1282
  Specifies if host certificates that are requested are allowed to use the base domains listed in `allowed_domains`.
1282
1283
  """
@@ -1284,7 +1285,7 @@ class SecretBackendRole(pulumi.CustomResource):
1284
1285
 
1285
1286
  @property
1286
1287
  @pulumi.getter(name="allowEmptyPrincipals")
1287
- def allow_empty_principals(self) -> pulumi.Output[Optional[bool]]:
1288
+ def allow_empty_principals(self) -> pulumi.Output[Optional[builtins.bool]]:
1288
1289
  """
1289
1290
  Allow signing certificates with no
1290
1291
  valid principals (e.g. any valid principal). For backwards compatibility
@@ -1294,7 +1295,7 @@ class SecretBackendRole(pulumi.CustomResource):
1294
1295
 
1295
1296
  @property
1296
1297
  @pulumi.getter(name="allowHostCertificates")
1297
- def allow_host_certificates(self) -> pulumi.Output[Optional[bool]]:
1298
+ def allow_host_certificates(self) -> pulumi.Output[Optional[builtins.bool]]:
1298
1299
  """
1299
1300
  Specifies if certificates are allowed to be signed for use as a 'host'.
1300
1301
  """
@@ -1302,7 +1303,7 @@ class SecretBackendRole(pulumi.CustomResource):
1302
1303
 
1303
1304
  @property
1304
1305
  @pulumi.getter(name="allowSubdomains")
1305
- def allow_subdomains(self) -> pulumi.Output[Optional[bool]]:
1306
+ def allow_subdomains(self) -> pulumi.Output[Optional[builtins.bool]]:
1306
1307
  """
1307
1308
  Specifies if host certificates that are requested are allowed to be subdomains of those listed in `allowed_domains`.
1308
1309
  """
@@ -1310,7 +1311,7 @@ class SecretBackendRole(pulumi.CustomResource):
1310
1311
 
1311
1312
  @property
1312
1313
  @pulumi.getter(name="allowUserCertificates")
1313
- def allow_user_certificates(self) -> pulumi.Output[Optional[bool]]:
1314
+ def allow_user_certificates(self) -> pulumi.Output[Optional[builtins.bool]]:
1314
1315
  """
1315
1316
  Specifies if certificates are allowed to be signed for use as a 'user'.
1316
1317
  """
@@ -1318,7 +1319,7 @@ class SecretBackendRole(pulumi.CustomResource):
1318
1319
 
1319
1320
  @property
1320
1321
  @pulumi.getter(name="allowUserKeyIds")
1321
- def allow_user_key_ids(self) -> pulumi.Output[Optional[bool]]:
1322
+ def allow_user_key_ids(self) -> pulumi.Output[Optional[builtins.bool]]:
1322
1323
  """
1323
1324
  Specifies if users can override the key ID for a signed certificate with the `key_id` field.
1324
1325
  """
@@ -1326,7 +1327,7 @@ class SecretBackendRole(pulumi.CustomResource):
1326
1327
 
1327
1328
  @property
1328
1329
  @pulumi.getter(name="allowedCriticalOptions")
1329
- def allowed_critical_options(self) -> pulumi.Output[Optional[str]]:
1330
+ def allowed_critical_options(self) -> pulumi.Output[Optional[builtins.str]]:
1330
1331
  """
1331
1332
  Specifies a comma-separated list of critical options that certificates can have when signed.
1332
1333
  """
@@ -1334,7 +1335,7 @@ class SecretBackendRole(pulumi.CustomResource):
1334
1335
 
1335
1336
  @property
1336
1337
  @pulumi.getter(name="allowedDomains")
1337
- def allowed_domains(self) -> pulumi.Output[Optional[str]]:
1338
+ def allowed_domains(self) -> pulumi.Output[Optional[builtins.str]]:
1338
1339
  """
1339
1340
  The list of domains for which a client can request a host certificate.
1340
1341
  """
@@ -1342,7 +1343,7 @@ class SecretBackendRole(pulumi.CustomResource):
1342
1343
 
1343
1344
  @property
1344
1345
  @pulumi.getter(name="allowedDomainsTemplate")
1345
- def allowed_domains_template(self) -> pulumi.Output[bool]:
1346
+ def allowed_domains_template(self) -> pulumi.Output[builtins.bool]:
1346
1347
  """
1347
1348
  Specifies if `allowed_domains` can be declared using
1348
1349
  identity template policies. Non-templated domains are also permitted.
@@ -1351,7 +1352,7 @@ class SecretBackendRole(pulumi.CustomResource):
1351
1352
 
1352
1353
  @property
1353
1354
  @pulumi.getter(name="allowedExtensions")
1354
- def allowed_extensions(self) -> pulumi.Output[Optional[str]]:
1355
+ def allowed_extensions(self) -> pulumi.Output[Optional[builtins.str]]:
1355
1356
  """
1356
1357
  Specifies a comma-separated list of extensions that certificates can have when signed.
1357
1358
  """
@@ -1369,7 +1370,7 @@ class SecretBackendRole(pulumi.CustomResource):
1369
1370
 
1370
1371
  @property
1371
1372
  @pulumi.getter(name="allowedUsers")
1372
- def allowed_users(self) -> pulumi.Output[Optional[str]]:
1373
+ def allowed_users(self) -> pulumi.Output[Optional[builtins.str]]:
1373
1374
  """
1374
1375
  Specifies a comma-separated list of usernames that are to be allowed, only if certain usernames are to be allowed.
1375
1376
  """
@@ -1377,7 +1378,7 @@ class SecretBackendRole(pulumi.CustomResource):
1377
1378
 
1378
1379
  @property
1379
1380
  @pulumi.getter(name="allowedUsersTemplate")
1380
- def allowed_users_template(self) -> pulumi.Output[Optional[bool]]:
1381
+ def allowed_users_template(self) -> pulumi.Output[Optional[builtins.bool]]:
1381
1382
  """
1382
1383
  Specifies if `allowed_users` can be declared using identity template policies. Non-templated users are also permitted.
1383
1384
  """
@@ -1385,7 +1386,7 @@ class SecretBackendRole(pulumi.CustomResource):
1385
1386
 
1386
1387
  @property
1387
1388
  @pulumi.getter
1388
- def backend(self) -> pulumi.Output[str]:
1389
+ def backend(self) -> pulumi.Output[builtins.str]:
1389
1390
  """
1390
1391
  The path where the SSH secret backend is mounted.
1391
1392
  """
@@ -1393,7 +1394,7 @@ class SecretBackendRole(pulumi.CustomResource):
1393
1394
 
1394
1395
  @property
1395
1396
  @pulumi.getter(name="cidrList")
1396
- def cidr_list(self) -> pulumi.Output[Optional[str]]:
1397
+ def cidr_list(self) -> pulumi.Output[Optional[builtins.str]]:
1397
1398
  """
1398
1399
  The comma-separated string of CIDR blocks for which this role is applicable.
1399
1400
  """
@@ -1401,7 +1402,7 @@ class SecretBackendRole(pulumi.CustomResource):
1401
1402
 
1402
1403
  @property
1403
1404
  @pulumi.getter(name="defaultCriticalOptions")
1404
- def default_critical_options(self) -> pulumi.Output[Optional[Mapping[str, str]]]:
1405
+ def default_critical_options(self) -> pulumi.Output[Optional[Mapping[str, builtins.str]]]:
1405
1406
  """
1406
1407
  Specifies a map of critical options that certificates have when signed.
1407
1408
  """
@@ -1409,7 +1410,7 @@ class SecretBackendRole(pulumi.CustomResource):
1409
1410
 
1410
1411
  @property
1411
1412
  @pulumi.getter(name="defaultExtensions")
1412
- def default_extensions(self) -> pulumi.Output[Optional[Mapping[str, str]]]:
1413
+ def default_extensions(self) -> pulumi.Output[Optional[Mapping[str, builtins.str]]]:
1413
1414
  """
1414
1415
  Specifies a map of extensions that certificates have when signed.
1415
1416
  """
@@ -1417,7 +1418,7 @@ class SecretBackendRole(pulumi.CustomResource):
1417
1418
 
1418
1419
  @property
1419
1420
  @pulumi.getter(name="defaultUser")
1420
- def default_user(self) -> pulumi.Output[Optional[str]]:
1421
+ def default_user(self) -> pulumi.Output[Optional[builtins.str]]:
1421
1422
  """
1422
1423
  Specifies the default username for which a credential will be generated.
1423
1424
  """
@@ -1425,7 +1426,7 @@ class SecretBackendRole(pulumi.CustomResource):
1425
1426
 
1426
1427
  @property
1427
1428
  @pulumi.getter(name="defaultUserTemplate")
1428
- def default_user_template(self) -> pulumi.Output[Optional[bool]]:
1429
+ def default_user_template(self) -> pulumi.Output[Optional[builtins.bool]]:
1429
1430
  """
1430
1431
  If set, `default_users` can be specified using identity template values. A non-templated user is also permitted.
1431
1432
  """
@@ -1433,7 +1434,7 @@ class SecretBackendRole(pulumi.CustomResource):
1433
1434
 
1434
1435
  @property
1435
1436
  @pulumi.getter(name="keyIdFormat")
1436
- def key_id_format(self) -> pulumi.Output[Optional[str]]:
1437
+ def key_id_format(self) -> pulumi.Output[Optional[builtins.str]]:
1437
1438
  """
1438
1439
  Specifies a custom format for the key id of a signed certificate.
1439
1440
  """
@@ -1441,7 +1442,7 @@ class SecretBackendRole(pulumi.CustomResource):
1441
1442
 
1442
1443
  @property
1443
1444
  @pulumi.getter(name="keyType")
1444
- def key_type(self) -> pulumi.Output[str]:
1445
+ def key_type(self) -> pulumi.Output[builtins.str]:
1445
1446
  """
1446
1447
  Specifies the type of credentials generated by this role. This can be either `otp`, `dynamic` or `ca`.
1447
1448
  """
@@ -1449,7 +1450,7 @@ class SecretBackendRole(pulumi.CustomResource):
1449
1450
 
1450
1451
  @property
1451
1452
  @pulumi.getter(name="maxTtl")
1452
- def max_ttl(self) -> pulumi.Output[str]:
1453
+ def max_ttl(self) -> pulumi.Output[builtins.str]:
1453
1454
  """
1454
1455
  Specifies the maximum Time To Live value.
1455
1456
  """
@@ -1457,7 +1458,7 @@ class SecretBackendRole(pulumi.CustomResource):
1457
1458
 
1458
1459
  @property
1459
1460
  @pulumi.getter
1460
- def name(self) -> pulumi.Output[str]:
1461
+ def name(self) -> pulumi.Output[builtins.str]:
1461
1462
  """
1462
1463
  Specifies the name of the role to create.
1463
1464
  """
@@ -1465,7 +1466,7 @@ class SecretBackendRole(pulumi.CustomResource):
1465
1466
 
1466
1467
  @property
1467
1468
  @pulumi.getter
1468
- def namespace(self) -> pulumi.Output[Optional[str]]:
1469
+ def namespace(self) -> pulumi.Output[Optional[builtins.str]]:
1469
1470
  """
1470
1471
  The namespace to provision the resource in.
1471
1472
  The value should not contain leading or trailing forward slashes.
@@ -1476,7 +1477,7 @@ class SecretBackendRole(pulumi.CustomResource):
1476
1477
 
1477
1478
  @property
1478
1479
  @pulumi.getter(name="notBeforeDuration")
1479
- def not_before_duration(self) -> pulumi.Output[str]:
1480
+ def not_before_duration(self) -> pulumi.Output[builtins.str]:
1480
1481
  """
1481
1482
  Specifies the duration by which to backdate the ValidAfter property. Uses duration format strings.
1482
1483
  """
@@ -1484,7 +1485,7 @@ class SecretBackendRole(pulumi.CustomResource):
1484
1485
 
1485
1486
  @property
1486
1487
  @pulumi.getter
1487
- def ttl(self) -> pulumi.Output[str]:
1488
+ def ttl(self) -> pulumi.Output[builtins.str]:
1488
1489
  """
1489
1490
  Specifies the Time To Live value.
1490
1491
  """