pulumi-vault 6.7.0a1743576047__py3-none-any.whl → 6.7.0a1744267302__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (264) hide show
  1. pulumi_vault/__init__.py +1 -0
  2. pulumi_vault/_inputs.py +554 -553
  3. pulumi_vault/ad/__init__.py +1 -0
  4. pulumi_vault/ad/get_access_credentials.py +20 -19
  5. pulumi_vault/ad/secret_backend.py +477 -476
  6. pulumi_vault/ad/secret_library.py +99 -98
  7. pulumi_vault/ad/secret_role.py +85 -84
  8. pulumi_vault/alicloud/__init__.py +1 -0
  9. pulumi_vault/alicloud/auth_backend_role.py +183 -182
  10. pulumi_vault/approle/__init__.py +1 -0
  11. pulumi_vault/approle/auth_backend_login.py +106 -105
  12. pulumi_vault/approle/auth_backend_role.py +239 -238
  13. pulumi_vault/approle/auth_backend_role_secret_id.py +162 -161
  14. pulumi_vault/approle/get_auth_backend_role_id.py +18 -17
  15. pulumi_vault/audit.py +85 -84
  16. pulumi_vault/audit_request_header.py +43 -42
  17. pulumi_vault/auth_backend.py +106 -105
  18. pulumi_vault/aws/__init__.py +1 -0
  19. pulumi_vault/aws/auth_backend_cert.py +71 -70
  20. pulumi_vault/aws/auth_backend_client.py +253 -252
  21. pulumi_vault/aws/auth_backend_config_identity.py +85 -84
  22. pulumi_vault/aws/auth_backend_identity_whitelist.py +57 -56
  23. pulumi_vault/aws/auth_backend_login.py +209 -208
  24. pulumi_vault/aws/auth_backend_role.py +400 -399
  25. pulumi_vault/aws/auth_backend_role_tag.py +127 -126
  26. pulumi_vault/aws/auth_backend_roletag_blacklist.py +57 -56
  27. pulumi_vault/aws/auth_backend_sts_role.py +71 -70
  28. pulumi_vault/aws/get_access_credentials.py +44 -43
  29. pulumi_vault/aws/get_static_access_credentials.py +13 -12
  30. pulumi_vault/aws/secret_backend.py +337 -336
  31. pulumi_vault/aws/secret_backend_role.py +211 -210
  32. pulumi_vault/aws/secret_backend_static_role.py +113 -112
  33. pulumi_vault/azure/__init__.py +1 -0
  34. pulumi_vault/azure/_inputs.py +21 -20
  35. pulumi_vault/azure/auth_backend_config.py +183 -182
  36. pulumi_vault/azure/auth_backend_role.py +253 -252
  37. pulumi_vault/azure/backend.py +239 -238
  38. pulumi_vault/azure/backend_role.py +141 -140
  39. pulumi_vault/azure/get_access_credentials.py +58 -57
  40. pulumi_vault/azure/outputs.py +11 -10
  41. pulumi_vault/cert_auth_backend_role.py +365 -364
  42. pulumi_vault/config/__init__.py +1 -0
  43. pulumi_vault/config/__init__.pyi +1 -0
  44. pulumi_vault/config/_inputs.py +11 -10
  45. pulumi_vault/config/outputs.py +287 -286
  46. pulumi_vault/config/ui_custom_message.py +113 -112
  47. pulumi_vault/config/vars.py +1 -0
  48. pulumi_vault/consul/__init__.py +1 -0
  49. pulumi_vault/consul/secret_backend.py +197 -196
  50. pulumi_vault/consul/secret_backend_role.py +183 -182
  51. pulumi_vault/database/__init__.py +1 -0
  52. pulumi_vault/database/_inputs.py +2525 -2524
  53. pulumi_vault/database/outputs.py +1529 -1528
  54. pulumi_vault/database/secret_backend_connection.py +169 -168
  55. pulumi_vault/database/secret_backend_role.py +169 -168
  56. pulumi_vault/database/secret_backend_static_role.py +179 -178
  57. pulumi_vault/database/secrets_mount.py +267 -266
  58. pulumi_vault/egp_policy.py +71 -70
  59. pulumi_vault/gcp/__init__.py +1 -0
  60. pulumi_vault/gcp/_inputs.py +82 -81
  61. pulumi_vault/gcp/auth_backend.py +260 -259
  62. pulumi_vault/gcp/auth_backend_role.py +281 -280
  63. pulumi_vault/gcp/get_auth_backend_role.py +70 -69
  64. pulumi_vault/gcp/outputs.py +50 -49
  65. pulumi_vault/gcp/secret_backend.py +232 -231
  66. pulumi_vault/gcp/secret_impersonated_account.py +92 -91
  67. pulumi_vault/gcp/secret_roleset.py +92 -91
  68. pulumi_vault/gcp/secret_static_account.py +92 -91
  69. pulumi_vault/generic/__init__.py +1 -0
  70. pulumi_vault/generic/endpoint.py +113 -112
  71. pulumi_vault/generic/get_secret.py +28 -27
  72. pulumi_vault/generic/secret.py +78 -77
  73. pulumi_vault/get_auth_backend.py +19 -18
  74. pulumi_vault/get_auth_backends.py +14 -13
  75. pulumi_vault/get_namespace.py +15 -14
  76. pulumi_vault/get_namespaces.py +8 -7
  77. pulumi_vault/get_nomad_access_token.py +19 -18
  78. pulumi_vault/get_policy_document.py +6 -5
  79. pulumi_vault/get_raft_autopilot_state.py +18 -17
  80. pulumi_vault/github/__init__.py +1 -0
  81. pulumi_vault/github/_inputs.py +42 -41
  82. pulumi_vault/github/auth_backend.py +232 -231
  83. pulumi_vault/github/outputs.py +26 -25
  84. pulumi_vault/github/team.py +57 -56
  85. pulumi_vault/github/user.py +57 -56
  86. pulumi_vault/identity/__init__.py +1 -0
  87. pulumi_vault/identity/entity.py +85 -84
  88. pulumi_vault/identity/entity_alias.py +71 -70
  89. pulumi_vault/identity/entity_policies.py +64 -63
  90. pulumi_vault/identity/get_entity.py +43 -42
  91. pulumi_vault/identity/get_group.py +50 -49
  92. pulumi_vault/identity/get_oidc_client_creds.py +14 -13
  93. pulumi_vault/identity/get_oidc_openid_config.py +24 -23
  94. pulumi_vault/identity/get_oidc_public_keys.py +13 -12
  95. pulumi_vault/identity/group.py +141 -140
  96. pulumi_vault/identity/group_alias.py +57 -56
  97. pulumi_vault/identity/group_member_entity_ids.py +57 -56
  98. pulumi_vault/identity/group_member_group_ids.py +57 -56
  99. pulumi_vault/identity/group_policies.py +64 -63
  100. pulumi_vault/identity/mfa_duo.py +148 -147
  101. pulumi_vault/identity/mfa_login_enforcement.py +120 -119
  102. pulumi_vault/identity/mfa_okta.py +134 -133
  103. pulumi_vault/identity/mfa_pingid.py +127 -126
  104. pulumi_vault/identity/mfa_totp.py +176 -175
  105. pulumi_vault/identity/oidc.py +29 -28
  106. pulumi_vault/identity/oidc_assignment.py +57 -56
  107. pulumi_vault/identity/oidc_client.py +127 -126
  108. pulumi_vault/identity/oidc_key.py +85 -84
  109. pulumi_vault/identity/oidc_key_allowed_client_id.py +43 -42
  110. pulumi_vault/identity/oidc_provider.py +92 -91
  111. pulumi_vault/identity/oidc_role.py +85 -84
  112. pulumi_vault/identity/oidc_scope.py +57 -56
  113. pulumi_vault/identity/outputs.py +32 -31
  114. pulumi_vault/jwt/__init__.py +1 -0
  115. pulumi_vault/jwt/_inputs.py +42 -41
  116. pulumi_vault/jwt/auth_backend.py +288 -287
  117. pulumi_vault/jwt/auth_backend_role.py +407 -406
  118. pulumi_vault/jwt/outputs.py +26 -25
  119. pulumi_vault/kmip/__init__.py +1 -0
  120. pulumi_vault/kmip/secret_backend.py +183 -182
  121. pulumi_vault/kmip/secret_role.py +295 -294
  122. pulumi_vault/kmip/secret_scope.py +57 -56
  123. pulumi_vault/kubernetes/__init__.py +1 -0
  124. pulumi_vault/kubernetes/auth_backend_config.py +141 -140
  125. pulumi_vault/kubernetes/auth_backend_role.py +225 -224
  126. pulumi_vault/kubernetes/get_auth_backend_config.py +47 -46
  127. pulumi_vault/kubernetes/get_auth_backend_role.py +70 -69
  128. pulumi_vault/kubernetes/get_service_account_token.py +38 -37
  129. pulumi_vault/kubernetes/secret_backend.py +316 -315
  130. pulumi_vault/kubernetes/secret_backend_role.py +197 -196
  131. pulumi_vault/kv/__init__.py +1 -0
  132. pulumi_vault/kv/_inputs.py +21 -20
  133. pulumi_vault/kv/get_secret.py +17 -16
  134. pulumi_vault/kv/get_secret_subkeys_v2.py +30 -29
  135. pulumi_vault/kv/get_secret_v2.py +29 -28
  136. pulumi_vault/kv/get_secrets_list.py +13 -12
  137. pulumi_vault/kv/get_secrets_list_v2.py +19 -18
  138. pulumi_vault/kv/outputs.py +13 -12
  139. pulumi_vault/kv/secret.py +50 -49
  140. pulumi_vault/kv/secret_backend_v2.py +71 -70
  141. pulumi_vault/kv/secret_v2.py +134 -133
  142. pulumi_vault/ldap/__init__.py +1 -0
  143. pulumi_vault/ldap/auth_backend.py +588 -587
  144. pulumi_vault/ldap/auth_backend_group.py +57 -56
  145. pulumi_vault/ldap/auth_backend_user.py +71 -70
  146. pulumi_vault/ldap/get_dynamic_credentials.py +17 -16
  147. pulumi_vault/ldap/get_static_credentials.py +18 -17
  148. pulumi_vault/ldap/secret_backend.py +554 -553
  149. pulumi_vault/ldap/secret_backend_dynamic_role.py +127 -126
  150. pulumi_vault/ldap/secret_backend_library_set.py +99 -98
  151. pulumi_vault/ldap/secret_backend_static_role.py +99 -98
  152. pulumi_vault/managed/__init__.py +1 -0
  153. pulumi_vault/managed/_inputs.py +229 -228
  154. pulumi_vault/managed/keys.py +15 -14
  155. pulumi_vault/managed/outputs.py +139 -138
  156. pulumi_vault/mfa_duo.py +113 -112
  157. pulumi_vault/mfa_okta.py +113 -112
  158. pulumi_vault/mfa_pingid.py +120 -119
  159. pulumi_vault/mfa_totp.py +127 -126
  160. pulumi_vault/mongodbatlas/__init__.py +1 -0
  161. pulumi_vault/mongodbatlas/secret_backend.py +64 -63
  162. pulumi_vault/mongodbatlas/secret_role.py +155 -154
  163. pulumi_vault/mount.py +274 -273
  164. pulumi_vault/namespace.py +64 -63
  165. pulumi_vault/nomad_secret_backend.py +211 -210
  166. pulumi_vault/nomad_secret_role.py +85 -84
  167. pulumi_vault/okta/__init__.py +1 -0
  168. pulumi_vault/okta/_inputs.py +26 -25
  169. pulumi_vault/okta/auth_backend.py +274 -273
  170. pulumi_vault/okta/auth_backend_group.py +57 -56
  171. pulumi_vault/okta/auth_backend_user.py +71 -70
  172. pulumi_vault/okta/outputs.py +16 -15
  173. pulumi_vault/outputs.py +56 -55
  174. pulumi_vault/password_policy.py +43 -42
  175. pulumi_vault/pkisecret/__init__.py +1 -0
  176. pulumi_vault/pkisecret/_inputs.py +31 -30
  177. pulumi_vault/pkisecret/backend_acme_eab.py +92 -91
  178. pulumi_vault/pkisecret/backend_config_acme.py +141 -140
  179. pulumi_vault/pkisecret/backend_config_auto_tidy.py +323 -322
  180. pulumi_vault/pkisecret/backend_config_cluster.py +57 -56
  181. pulumi_vault/pkisecret/backend_config_cmpv2.py +106 -105
  182. pulumi_vault/pkisecret/backend_config_est.py +120 -119
  183. pulumi_vault/pkisecret/get_backend_cert_metadata.py +22 -21
  184. pulumi_vault/pkisecret/get_backend_config_cmpv2.py +22 -21
  185. pulumi_vault/pkisecret/get_backend_config_est.py +19 -18
  186. pulumi_vault/pkisecret/get_backend_issuer.py +45 -44
  187. pulumi_vault/pkisecret/get_backend_issuers.py +15 -14
  188. pulumi_vault/pkisecret/get_backend_key.py +20 -19
  189. pulumi_vault/pkisecret/get_backend_keys.py +15 -14
  190. pulumi_vault/pkisecret/outputs.py +28 -27
  191. pulumi_vault/pkisecret/secret_backend_cert.py +337 -336
  192. pulumi_vault/pkisecret/secret_backend_config_ca.py +43 -42
  193. pulumi_vault/pkisecret/secret_backend_config_issuers.py +57 -56
  194. pulumi_vault/pkisecret/secret_backend_config_urls.py +85 -84
  195. pulumi_vault/pkisecret/secret_backend_crl_config.py +197 -196
  196. pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +421 -420
  197. pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +57 -56
  198. pulumi_vault/pkisecret/secret_backend_issuer.py +232 -231
  199. pulumi_vault/pkisecret/secret_backend_key.py +120 -119
  200. pulumi_vault/pkisecret/secret_backend_role.py +715 -714
  201. pulumi_vault/pkisecret/secret_backend_root_cert.py +554 -553
  202. pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +526 -525
  203. pulumi_vault/pkisecret/secret_backend_sign.py +281 -280
  204. pulumi_vault/plugin.py +127 -126
  205. pulumi_vault/plugin_pinned_version.py +43 -42
  206. pulumi_vault/policy.py +43 -42
  207. pulumi_vault/provider.py +120 -119
  208. pulumi_vault/pulumi-plugin.json +1 -1
  209. pulumi_vault/quota_lease_count.py +85 -84
  210. pulumi_vault/quota_rate_limit.py +113 -112
  211. pulumi_vault/rabbitmq/__init__.py +1 -0
  212. pulumi_vault/rabbitmq/_inputs.py +41 -40
  213. pulumi_vault/rabbitmq/outputs.py +25 -24
  214. pulumi_vault/rabbitmq/secret_backend.py +169 -168
  215. pulumi_vault/rabbitmq/secret_backend_role.py +57 -56
  216. pulumi_vault/raft_autopilot.py +113 -112
  217. pulumi_vault/raft_snapshot_agent_config.py +393 -392
  218. pulumi_vault/rgp_policy.py +57 -56
  219. pulumi_vault/saml/__init__.py +1 -0
  220. pulumi_vault/saml/auth_backend.py +155 -154
  221. pulumi_vault/saml/auth_backend_role.py +239 -238
  222. pulumi_vault/secrets/__init__.py +1 -0
  223. pulumi_vault/secrets/_inputs.py +16 -15
  224. pulumi_vault/secrets/outputs.py +10 -9
  225. pulumi_vault/secrets/sync_association.py +71 -70
  226. pulumi_vault/secrets/sync_aws_destination.py +148 -147
  227. pulumi_vault/secrets/sync_azure_destination.py +148 -147
  228. pulumi_vault/secrets/sync_config.py +43 -42
  229. pulumi_vault/secrets/sync_gcp_destination.py +106 -105
  230. pulumi_vault/secrets/sync_gh_destination.py +134 -133
  231. pulumi_vault/secrets/sync_github_apps.py +64 -63
  232. pulumi_vault/secrets/sync_vercel_destination.py +120 -119
  233. pulumi_vault/ssh/__init__.py +1 -0
  234. pulumi_vault/ssh/_inputs.py +11 -10
  235. pulumi_vault/ssh/get_secret_backend_sign.py +52 -51
  236. pulumi_vault/ssh/outputs.py +7 -6
  237. pulumi_vault/ssh/secret_backend_ca.py +99 -98
  238. pulumi_vault/ssh/secret_backend_role.py +365 -364
  239. pulumi_vault/terraformcloud/__init__.py +1 -0
  240. pulumi_vault/terraformcloud/secret_backend.py +111 -110
  241. pulumi_vault/terraformcloud/secret_creds.py +74 -73
  242. pulumi_vault/terraformcloud/secret_role.py +93 -92
  243. pulumi_vault/token.py +246 -245
  244. pulumi_vault/tokenauth/__init__.py +1 -0
  245. pulumi_vault/tokenauth/auth_backend_role.py +267 -266
  246. pulumi_vault/transform/__init__.py +1 -0
  247. pulumi_vault/transform/alphabet.py +57 -56
  248. pulumi_vault/transform/get_decode.py +47 -46
  249. pulumi_vault/transform/get_encode.py +47 -46
  250. pulumi_vault/transform/role.py +57 -56
  251. pulumi_vault/transform/template.py +113 -112
  252. pulumi_vault/transform/transformation.py +141 -140
  253. pulumi_vault/transit/__init__.py +1 -0
  254. pulumi_vault/transit/get_decrypt.py +18 -17
  255. pulumi_vault/transit/get_encrypt.py +21 -20
  256. pulumi_vault/transit/get_sign.py +54 -53
  257. pulumi_vault/transit/get_verify.py +60 -59
  258. pulumi_vault/transit/secret_backend_key.py +274 -273
  259. pulumi_vault/transit/secret_cache_config.py +43 -42
  260. {pulumi_vault-6.7.0a1743576047.dist-info → pulumi_vault-6.7.0a1744267302.dist-info}/METADATA +1 -1
  261. pulumi_vault-6.7.0a1744267302.dist-info/RECORD +265 -0
  262. pulumi_vault-6.7.0a1743576047.dist-info/RECORD +0 -265
  263. {pulumi_vault-6.7.0a1743576047.dist-info → pulumi_vault-6.7.0a1744267302.dist-info}/WHEEL +0 -0
  264. {pulumi_vault-6.7.0a1743576047.dist-info → pulumi_vault-6.7.0a1744267302.dist-info}/top_level.txt +0 -0
@@ -2,6 +2,7 @@
2
2
  # *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
3
3
  # *** Do not edit by hand unless you're certain you know what you are doing! ***
4
4
 
5
+ import builtins
5
6
  import copy
6
7
  import warnings
7
8
  import sys
@@ -19,48 +20,48 @@ __all__ = ['SecretBackendKeyArgs', 'SecretBackendKey']
19
20
  @pulumi.input_type
20
21
  class SecretBackendKeyArgs:
21
22
  def __init__(__self__, *,
22
- backend: pulumi.Input[str],
23
- allow_plaintext_backup: Optional[pulumi.Input[bool]] = None,
24
- auto_rotate_period: Optional[pulumi.Input[int]] = None,
25
- convergent_encryption: Optional[pulumi.Input[bool]] = None,
26
- deletion_allowed: Optional[pulumi.Input[bool]] = None,
27
- derived: Optional[pulumi.Input[bool]] = None,
28
- exportable: Optional[pulumi.Input[bool]] = None,
29
- hybrid_key_type_ec: Optional[pulumi.Input[str]] = None,
30
- hybrid_key_type_pqc: Optional[pulumi.Input[str]] = None,
31
- key_size: Optional[pulumi.Input[int]] = None,
32
- min_decryption_version: Optional[pulumi.Input[int]] = None,
33
- min_encryption_version: Optional[pulumi.Input[int]] = None,
34
- name: Optional[pulumi.Input[str]] = None,
35
- namespace: Optional[pulumi.Input[str]] = None,
36
- parameter_set: Optional[pulumi.Input[str]] = None,
37
- type: Optional[pulumi.Input[str]] = None):
23
+ backend: pulumi.Input[builtins.str],
24
+ allow_plaintext_backup: Optional[pulumi.Input[builtins.bool]] = None,
25
+ auto_rotate_period: Optional[pulumi.Input[builtins.int]] = None,
26
+ convergent_encryption: Optional[pulumi.Input[builtins.bool]] = None,
27
+ deletion_allowed: Optional[pulumi.Input[builtins.bool]] = None,
28
+ derived: Optional[pulumi.Input[builtins.bool]] = None,
29
+ exportable: Optional[pulumi.Input[builtins.bool]] = None,
30
+ hybrid_key_type_ec: Optional[pulumi.Input[builtins.str]] = None,
31
+ hybrid_key_type_pqc: Optional[pulumi.Input[builtins.str]] = None,
32
+ key_size: Optional[pulumi.Input[builtins.int]] = None,
33
+ min_decryption_version: Optional[pulumi.Input[builtins.int]] = None,
34
+ min_encryption_version: Optional[pulumi.Input[builtins.int]] = None,
35
+ name: Optional[pulumi.Input[builtins.str]] = None,
36
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
37
+ parameter_set: Optional[pulumi.Input[builtins.str]] = None,
38
+ type: Optional[pulumi.Input[builtins.str]] = None):
38
39
  """
39
40
  The set of arguments for constructing a SecretBackendKey resource.
40
- :param pulumi.Input[str] backend: The path the transit secret backend is mounted at, with no leading or trailing `/`s.
41
- :param pulumi.Input[bool] allow_plaintext_backup: Enables taking backup of entire keyring in the plaintext format. Once set, this cannot be disabled.
41
+ :param pulumi.Input[builtins.str] backend: The path the transit secret backend is mounted at, with no leading or trailing `/`s.
42
+ :param pulumi.Input[builtins.bool] allow_plaintext_backup: Enables taking backup of entire keyring in the plaintext format. Once set, this cannot be disabled.
42
43
  * Refer to Vault API documentation on key backups for more information: [Backup Key](https://www.vaultproject.io/api-docs/secret/transit#backup-key)
43
- :param pulumi.Input[int] auto_rotate_period: Amount of seconds the key should live before being automatically rotated.
44
+ :param pulumi.Input[builtins.int] auto_rotate_period: Amount of seconds the key should live before being automatically rotated.
44
45
  A value of 0 disables automatic rotation for the key.
45
- :param pulumi.Input[bool] convergent_encryption: Whether or not to support convergent encryption, where the same plaintext creates the same ciphertext. This requires `derived` to be set to `true`.
46
- :param pulumi.Input[bool] deletion_allowed: Specifies if the key is allowed to be deleted.
47
- :param pulumi.Input[bool] derived: Specifies if key derivation is to be used. If enabled, all encrypt/decrypt requests to this key must provide a context which is used for key derivation.
48
- :param pulumi.Input[bool] exportable: Enables keys to be exportable. This allows for all valid private keys in the keyring to be exported. Once set, this cannot be disabled.
49
- :param pulumi.Input[str] hybrid_key_type_ec: The elliptic curve algorithm to use for hybrid signatures.
46
+ :param pulumi.Input[builtins.bool] convergent_encryption: Whether or not to support convergent encryption, where the same plaintext creates the same ciphertext. This requires `derived` to be set to `true`.
47
+ :param pulumi.Input[builtins.bool] deletion_allowed: Specifies if the key is allowed to be deleted.
48
+ :param pulumi.Input[builtins.bool] derived: Specifies if key derivation is to be used. If enabled, all encrypt/decrypt requests to this key must provide a context which is used for key derivation.
49
+ :param pulumi.Input[builtins.bool] exportable: Enables keys to be exportable. This allows for all valid private keys in the keyring to be exported. Once set, this cannot be disabled.
50
+ :param pulumi.Input[builtins.str] hybrid_key_type_ec: The elliptic curve algorithm to use for hybrid signatures.
50
51
  Supported key types are `ecdsa-p256`, `ecdsa-p384`, `ecdsa-p521`, and `ed25519`.
51
- :param pulumi.Input[str] hybrid_key_type_pqc: The post-quantum algorithm to use for hybrid signatures.
52
+ :param pulumi.Input[builtins.str] hybrid_key_type_pqc: The post-quantum algorithm to use for hybrid signatures.
52
53
  Currently, ML-DSA is the only supported key type.
53
- :param pulumi.Input[int] key_size: The key size in bytes for algorithms that allow variable key sizes. Currently only applicable to HMAC, where it must be between 32 and 512 bytes.
54
- :param pulumi.Input[int] min_decryption_version: Minimum key version to use for decryption.
55
- :param pulumi.Input[int] min_encryption_version: Minimum key version to use for encryption
56
- :param pulumi.Input[str] name: The name to identify this key within the backend. Must be unique within the backend.
57
- :param pulumi.Input[str] namespace: The namespace to provision the resource in.
54
+ :param pulumi.Input[builtins.int] key_size: The key size in bytes for algorithms that allow variable key sizes. Currently only applicable to HMAC, where it must be between 32 and 512 bytes.
55
+ :param pulumi.Input[builtins.int] min_decryption_version: Minimum key version to use for decryption.
56
+ :param pulumi.Input[builtins.int] min_encryption_version: Minimum key version to use for encryption
57
+ :param pulumi.Input[builtins.str] name: The name to identify this key within the backend. Must be unique within the backend.
58
+ :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
58
59
  The value should not contain leading or trailing forward slashes.
59
60
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
60
61
  *Available only for Vault Enterprise*.
61
- :param pulumi.Input[str] parameter_set: The parameter set to use for ML-DSA. Required for
62
+ :param pulumi.Input[builtins.str] parameter_set: The parameter set to use for ML-DSA. Required for
62
63
  ML-DSA and hybrid keys. Valid values are `44`, `65`, and `87`.
63
- :param pulumi.Input[str] type: Specifies the type of key to create. The currently-supported types are: `aes128-gcm96`, `aes256-gcm96` (default), `chacha20-poly1305`, `ed25519`, `ecdsa-p256`, `ecdsa-p384`, `ecdsa-p521`, `hmac`, `rsa-2048`, `rsa-3072` and `rsa-4096`.
64
+ :param pulumi.Input[builtins.str] type: Specifies the type of key to create. The currently-supported types are: `aes128-gcm96`, `aes256-gcm96` (default), `chacha20-poly1305`, `ed25519`, `ecdsa-p256`, `ecdsa-p384`, `ecdsa-p521`, `hmac`, `rsa-2048`, `rsa-3072` and `rsa-4096`.
64
65
  * Refer to the Vault documentation on transit key types for more information: [Key Types](https://www.vaultproject.io/docs/secrets/transit#key-types)
65
66
  """
66
67
  pulumi.set(__self__, "backend", backend)
@@ -97,19 +98,19 @@ class SecretBackendKeyArgs:
97
98
 
98
99
  @property
99
100
  @pulumi.getter
100
- def backend(self) -> pulumi.Input[str]:
101
+ def backend(self) -> pulumi.Input[builtins.str]:
101
102
  """
102
103
  The path the transit secret backend is mounted at, with no leading or trailing `/`s.
103
104
  """
104
105
  return pulumi.get(self, "backend")
105
106
 
106
107
  @backend.setter
107
- def backend(self, value: pulumi.Input[str]):
108
+ def backend(self, value: pulumi.Input[builtins.str]):
108
109
  pulumi.set(self, "backend", value)
109
110
 
110
111
  @property
111
112
  @pulumi.getter(name="allowPlaintextBackup")
112
- def allow_plaintext_backup(self) -> Optional[pulumi.Input[bool]]:
113
+ def allow_plaintext_backup(self) -> Optional[pulumi.Input[builtins.bool]]:
113
114
  """
114
115
  Enables taking backup of entire keyring in the plaintext format. Once set, this cannot be disabled.
115
116
  * Refer to Vault API documentation on key backups for more information: [Backup Key](https://www.vaultproject.io/api-docs/secret/transit#backup-key)
@@ -117,12 +118,12 @@ class SecretBackendKeyArgs:
117
118
  return pulumi.get(self, "allow_plaintext_backup")
118
119
 
119
120
  @allow_plaintext_backup.setter
120
- def allow_plaintext_backup(self, value: Optional[pulumi.Input[bool]]):
121
+ def allow_plaintext_backup(self, value: Optional[pulumi.Input[builtins.bool]]):
121
122
  pulumi.set(self, "allow_plaintext_backup", value)
122
123
 
123
124
  @property
124
125
  @pulumi.getter(name="autoRotatePeriod")
125
- def auto_rotate_period(self) -> Optional[pulumi.Input[int]]:
126
+ def auto_rotate_period(self) -> Optional[pulumi.Input[builtins.int]]:
126
127
  """
127
128
  Amount of seconds the key should live before being automatically rotated.
128
129
  A value of 0 disables automatic rotation for the key.
@@ -130,60 +131,60 @@ class SecretBackendKeyArgs:
130
131
  return pulumi.get(self, "auto_rotate_period")
131
132
 
132
133
  @auto_rotate_period.setter
133
- def auto_rotate_period(self, value: Optional[pulumi.Input[int]]):
134
+ def auto_rotate_period(self, value: Optional[pulumi.Input[builtins.int]]):
134
135
  pulumi.set(self, "auto_rotate_period", value)
135
136
 
136
137
  @property
137
138
  @pulumi.getter(name="convergentEncryption")
138
- def convergent_encryption(self) -> Optional[pulumi.Input[bool]]:
139
+ def convergent_encryption(self) -> Optional[pulumi.Input[builtins.bool]]:
139
140
  """
140
141
  Whether or not to support convergent encryption, where the same plaintext creates the same ciphertext. This requires `derived` to be set to `true`.
141
142
  """
142
143
  return pulumi.get(self, "convergent_encryption")
143
144
 
144
145
  @convergent_encryption.setter
145
- def convergent_encryption(self, value: Optional[pulumi.Input[bool]]):
146
+ def convergent_encryption(self, value: Optional[pulumi.Input[builtins.bool]]):
146
147
  pulumi.set(self, "convergent_encryption", value)
147
148
 
148
149
  @property
149
150
  @pulumi.getter(name="deletionAllowed")
150
- def deletion_allowed(self) -> Optional[pulumi.Input[bool]]:
151
+ def deletion_allowed(self) -> Optional[pulumi.Input[builtins.bool]]:
151
152
  """
152
153
  Specifies if the key is allowed to be deleted.
153
154
  """
154
155
  return pulumi.get(self, "deletion_allowed")
155
156
 
156
157
  @deletion_allowed.setter
157
- def deletion_allowed(self, value: Optional[pulumi.Input[bool]]):
158
+ def deletion_allowed(self, value: Optional[pulumi.Input[builtins.bool]]):
158
159
  pulumi.set(self, "deletion_allowed", value)
159
160
 
160
161
  @property
161
162
  @pulumi.getter
162
- def derived(self) -> Optional[pulumi.Input[bool]]:
163
+ def derived(self) -> Optional[pulumi.Input[builtins.bool]]:
163
164
  """
164
165
  Specifies if key derivation is to be used. If enabled, all encrypt/decrypt requests to this key must provide a context which is used for key derivation.
165
166
  """
166
167
  return pulumi.get(self, "derived")
167
168
 
168
169
  @derived.setter
169
- def derived(self, value: Optional[pulumi.Input[bool]]):
170
+ def derived(self, value: Optional[pulumi.Input[builtins.bool]]):
170
171
  pulumi.set(self, "derived", value)
171
172
 
172
173
  @property
173
174
  @pulumi.getter
174
- def exportable(self) -> Optional[pulumi.Input[bool]]:
175
+ def exportable(self) -> Optional[pulumi.Input[builtins.bool]]:
175
176
  """
176
177
  Enables keys to be exportable. This allows for all valid private keys in the keyring to be exported. Once set, this cannot be disabled.
177
178
  """
178
179
  return pulumi.get(self, "exportable")
179
180
 
180
181
  @exportable.setter
181
- def exportable(self, value: Optional[pulumi.Input[bool]]):
182
+ def exportable(self, value: Optional[pulumi.Input[builtins.bool]]):
182
183
  pulumi.set(self, "exportable", value)
183
184
 
184
185
  @property
185
186
  @pulumi.getter(name="hybridKeyTypeEc")
186
- def hybrid_key_type_ec(self) -> Optional[pulumi.Input[str]]:
187
+ def hybrid_key_type_ec(self) -> Optional[pulumi.Input[builtins.str]]:
187
188
  """
188
189
  The elliptic curve algorithm to use for hybrid signatures.
189
190
  Supported key types are `ecdsa-p256`, `ecdsa-p384`, `ecdsa-p521`, and `ed25519`.
@@ -191,12 +192,12 @@ class SecretBackendKeyArgs:
191
192
  return pulumi.get(self, "hybrid_key_type_ec")
192
193
 
193
194
  @hybrid_key_type_ec.setter
194
- def hybrid_key_type_ec(self, value: Optional[pulumi.Input[str]]):
195
+ def hybrid_key_type_ec(self, value: Optional[pulumi.Input[builtins.str]]):
195
196
  pulumi.set(self, "hybrid_key_type_ec", value)
196
197
 
197
198
  @property
198
199
  @pulumi.getter(name="hybridKeyTypePqc")
199
- def hybrid_key_type_pqc(self) -> Optional[pulumi.Input[str]]:
200
+ def hybrid_key_type_pqc(self) -> Optional[pulumi.Input[builtins.str]]:
200
201
  """
201
202
  The post-quantum algorithm to use for hybrid signatures.
202
203
  Currently, ML-DSA is the only supported key type.
@@ -204,60 +205,60 @@ class SecretBackendKeyArgs:
204
205
  return pulumi.get(self, "hybrid_key_type_pqc")
205
206
 
206
207
  @hybrid_key_type_pqc.setter
207
- def hybrid_key_type_pqc(self, value: Optional[pulumi.Input[str]]):
208
+ def hybrid_key_type_pqc(self, value: Optional[pulumi.Input[builtins.str]]):
208
209
  pulumi.set(self, "hybrid_key_type_pqc", value)
209
210
 
210
211
  @property
211
212
  @pulumi.getter(name="keySize")
212
- def key_size(self) -> Optional[pulumi.Input[int]]:
213
+ def key_size(self) -> Optional[pulumi.Input[builtins.int]]:
213
214
  """
214
215
  The key size in bytes for algorithms that allow variable key sizes. Currently only applicable to HMAC, where it must be between 32 and 512 bytes.
215
216
  """
216
217
  return pulumi.get(self, "key_size")
217
218
 
218
219
  @key_size.setter
219
- def key_size(self, value: Optional[pulumi.Input[int]]):
220
+ def key_size(self, value: Optional[pulumi.Input[builtins.int]]):
220
221
  pulumi.set(self, "key_size", value)
221
222
 
222
223
  @property
223
224
  @pulumi.getter(name="minDecryptionVersion")
224
- def min_decryption_version(self) -> Optional[pulumi.Input[int]]:
225
+ def min_decryption_version(self) -> Optional[pulumi.Input[builtins.int]]:
225
226
  """
226
227
  Minimum key version to use for decryption.
227
228
  """
228
229
  return pulumi.get(self, "min_decryption_version")
229
230
 
230
231
  @min_decryption_version.setter
231
- def min_decryption_version(self, value: Optional[pulumi.Input[int]]):
232
+ def min_decryption_version(self, value: Optional[pulumi.Input[builtins.int]]):
232
233
  pulumi.set(self, "min_decryption_version", value)
233
234
 
234
235
  @property
235
236
  @pulumi.getter(name="minEncryptionVersion")
236
- def min_encryption_version(self) -> Optional[pulumi.Input[int]]:
237
+ def min_encryption_version(self) -> Optional[pulumi.Input[builtins.int]]:
237
238
  """
238
239
  Minimum key version to use for encryption
239
240
  """
240
241
  return pulumi.get(self, "min_encryption_version")
241
242
 
242
243
  @min_encryption_version.setter
243
- def min_encryption_version(self, value: Optional[pulumi.Input[int]]):
244
+ def min_encryption_version(self, value: Optional[pulumi.Input[builtins.int]]):
244
245
  pulumi.set(self, "min_encryption_version", value)
245
246
 
246
247
  @property
247
248
  @pulumi.getter
248
- def name(self) -> Optional[pulumi.Input[str]]:
249
+ def name(self) -> Optional[pulumi.Input[builtins.str]]:
249
250
  """
250
251
  The name to identify this key within the backend. Must be unique within the backend.
251
252
  """
252
253
  return pulumi.get(self, "name")
253
254
 
254
255
  @name.setter
255
- def name(self, value: Optional[pulumi.Input[str]]):
256
+ def name(self, value: Optional[pulumi.Input[builtins.str]]):
256
257
  pulumi.set(self, "name", value)
257
258
 
258
259
  @property
259
260
  @pulumi.getter
260
- def namespace(self) -> Optional[pulumi.Input[str]]:
261
+ def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
261
262
  """
262
263
  The namespace to provision the resource in.
263
264
  The value should not contain leading or trailing forward slashes.
@@ -267,12 +268,12 @@ class SecretBackendKeyArgs:
267
268
  return pulumi.get(self, "namespace")
268
269
 
269
270
  @namespace.setter
270
- def namespace(self, value: Optional[pulumi.Input[str]]):
271
+ def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
271
272
  pulumi.set(self, "namespace", value)
272
273
 
273
274
  @property
274
275
  @pulumi.getter(name="parameterSet")
275
- def parameter_set(self) -> Optional[pulumi.Input[str]]:
276
+ def parameter_set(self) -> Optional[pulumi.Input[builtins.str]]:
276
277
  """
277
278
  The parameter set to use for ML-DSA. Required for
278
279
  ML-DSA and hybrid keys. Valid values are `44`, `65`, and `87`.
@@ -280,12 +281,12 @@ class SecretBackendKeyArgs:
280
281
  return pulumi.get(self, "parameter_set")
281
282
 
282
283
  @parameter_set.setter
283
- def parameter_set(self, value: Optional[pulumi.Input[str]]):
284
+ def parameter_set(self, value: Optional[pulumi.Input[builtins.str]]):
284
285
  pulumi.set(self, "parameter_set", value)
285
286
 
286
287
  @property
287
288
  @pulumi.getter
288
- def type(self) -> Optional[pulumi.Input[str]]:
289
+ def type(self) -> Optional[pulumi.Input[builtins.str]]:
289
290
  """
290
291
  Specifies the type of key to create. The currently-supported types are: `aes128-gcm96`, `aes256-gcm96` (default), `chacha20-poly1305`, `ed25519`, `ecdsa-p256`, `ecdsa-p384`, `ecdsa-p521`, `hmac`, `rsa-2048`, `rsa-3072` and `rsa-4096`.
291
292
  * Refer to the Vault documentation on transit key types for more information: [Key Types](https://www.vaultproject.io/docs/secrets/transit#key-types)
@@ -293,71 +294,71 @@ class SecretBackendKeyArgs:
293
294
  return pulumi.get(self, "type")
294
295
 
295
296
  @type.setter
296
- def type(self, value: Optional[pulumi.Input[str]]):
297
+ def type(self, value: Optional[pulumi.Input[builtins.str]]):
297
298
  pulumi.set(self, "type", value)
298
299
 
299
300
 
300
301
  @pulumi.input_type
301
302
  class _SecretBackendKeyState:
302
303
  def __init__(__self__, *,
303
- allow_plaintext_backup: Optional[pulumi.Input[bool]] = None,
304
- auto_rotate_period: Optional[pulumi.Input[int]] = None,
305
- backend: Optional[pulumi.Input[str]] = None,
306
- convergent_encryption: Optional[pulumi.Input[bool]] = None,
307
- deletion_allowed: Optional[pulumi.Input[bool]] = None,
308
- derived: Optional[pulumi.Input[bool]] = None,
309
- exportable: Optional[pulumi.Input[bool]] = None,
310
- hybrid_key_type_ec: Optional[pulumi.Input[str]] = None,
311
- hybrid_key_type_pqc: Optional[pulumi.Input[str]] = None,
312
- key_size: Optional[pulumi.Input[int]] = None,
313
- keys: Optional[pulumi.Input[Sequence[pulumi.Input[Mapping[str, pulumi.Input[str]]]]]] = None,
314
- latest_version: Optional[pulumi.Input[int]] = None,
315
- min_available_version: Optional[pulumi.Input[int]] = None,
316
- min_decryption_version: Optional[pulumi.Input[int]] = None,
317
- min_encryption_version: Optional[pulumi.Input[int]] = None,
318
- name: Optional[pulumi.Input[str]] = None,
319
- namespace: Optional[pulumi.Input[str]] = None,
320
- parameter_set: Optional[pulumi.Input[str]] = None,
321
- supports_decryption: Optional[pulumi.Input[bool]] = None,
322
- supports_derivation: Optional[pulumi.Input[bool]] = None,
323
- supports_encryption: Optional[pulumi.Input[bool]] = None,
324
- supports_signing: Optional[pulumi.Input[bool]] = None,
325
- type: Optional[pulumi.Input[str]] = None):
304
+ allow_plaintext_backup: Optional[pulumi.Input[builtins.bool]] = None,
305
+ auto_rotate_period: Optional[pulumi.Input[builtins.int]] = None,
306
+ backend: Optional[pulumi.Input[builtins.str]] = None,
307
+ convergent_encryption: Optional[pulumi.Input[builtins.bool]] = None,
308
+ deletion_allowed: Optional[pulumi.Input[builtins.bool]] = None,
309
+ derived: Optional[pulumi.Input[builtins.bool]] = None,
310
+ exportable: Optional[pulumi.Input[builtins.bool]] = None,
311
+ hybrid_key_type_ec: Optional[pulumi.Input[builtins.str]] = None,
312
+ hybrid_key_type_pqc: Optional[pulumi.Input[builtins.str]] = None,
313
+ key_size: Optional[pulumi.Input[builtins.int]] = None,
314
+ keys: Optional[pulumi.Input[Sequence[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]]] = None,
315
+ latest_version: Optional[pulumi.Input[builtins.int]] = None,
316
+ min_available_version: Optional[pulumi.Input[builtins.int]] = None,
317
+ min_decryption_version: Optional[pulumi.Input[builtins.int]] = None,
318
+ min_encryption_version: Optional[pulumi.Input[builtins.int]] = None,
319
+ name: Optional[pulumi.Input[builtins.str]] = None,
320
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
321
+ parameter_set: Optional[pulumi.Input[builtins.str]] = None,
322
+ supports_decryption: Optional[pulumi.Input[builtins.bool]] = None,
323
+ supports_derivation: Optional[pulumi.Input[builtins.bool]] = None,
324
+ supports_encryption: Optional[pulumi.Input[builtins.bool]] = None,
325
+ supports_signing: Optional[pulumi.Input[builtins.bool]] = None,
326
+ type: Optional[pulumi.Input[builtins.str]] = None):
326
327
  """
327
328
  Input properties used for looking up and filtering SecretBackendKey resources.
328
- :param pulumi.Input[bool] allow_plaintext_backup: Enables taking backup of entire keyring in the plaintext format. Once set, this cannot be disabled.
329
+ :param pulumi.Input[builtins.bool] allow_plaintext_backup: Enables taking backup of entire keyring in the plaintext format. Once set, this cannot be disabled.
329
330
  * Refer to Vault API documentation on key backups for more information: [Backup Key](https://www.vaultproject.io/api-docs/secret/transit#backup-key)
330
- :param pulumi.Input[int] auto_rotate_period: Amount of seconds the key should live before being automatically rotated.
331
+ :param pulumi.Input[builtins.int] auto_rotate_period: Amount of seconds the key should live before being automatically rotated.
331
332
  A value of 0 disables automatic rotation for the key.
332
- :param pulumi.Input[str] backend: The path the transit secret backend is mounted at, with no leading or trailing `/`s.
333
- :param pulumi.Input[bool] convergent_encryption: Whether or not to support convergent encryption, where the same plaintext creates the same ciphertext. This requires `derived` to be set to `true`.
334
- :param pulumi.Input[bool] deletion_allowed: Specifies if the key is allowed to be deleted.
335
- :param pulumi.Input[bool] derived: Specifies if key derivation is to be used. If enabled, all encrypt/decrypt requests to this key must provide a context which is used for key derivation.
336
- :param pulumi.Input[bool] exportable: Enables keys to be exportable. This allows for all valid private keys in the keyring to be exported. Once set, this cannot be disabled.
337
- :param pulumi.Input[str] hybrid_key_type_ec: The elliptic curve algorithm to use for hybrid signatures.
333
+ :param pulumi.Input[builtins.str] backend: The path the transit secret backend is mounted at, with no leading or trailing `/`s.
334
+ :param pulumi.Input[builtins.bool] convergent_encryption: Whether or not to support convergent encryption, where the same plaintext creates the same ciphertext. This requires `derived` to be set to `true`.
335
+ :param pulumi.Input[builtins.bool] deletion_allowed: Specifies if the key is allowed to be deleted.
336
+ :param pulumi.Input[builtins.bool] derived: Specifies if key derivation is to be used. If enabled, all encrypt/decrypt requests to this key must provide a context which is used for key derivation.
337
+ :param pulumi.Input[builtins.bool] exportable: Enables keys to be exportable. This allows for all valid private keys in the keyring to be exported. Once set, this cannot be disabled.
338
+ :param pulumi.Input[builtins.str] hybrid_key_type_ec: The elliptic curve algorithm to use for hybrid signatures.
338
339
  Supported key types are `ecdsa-p256`, `ecdsa-p384`, `ecdsa-p521`, and `ed25519`.
339
- :param pulumi.Input[str] hybrid_key_type_pqc: The post-quantum algorithm to use for hybrid signatures.
340
+ :param pulumi.Input[builtins.str] hybrid_key_type_pqc: The post-quantum algorithm to use for hybrid signatures.
340
341
  Currently, ML-DSA is the only supported key type.
341
- :param pulumi.Input[int] key_size: The key size in bytes for algorithms that allow variable key sizes. Currently only applicable to HMAC, where it must be between 32 and 512 bytes.
342
- :param pulumi.Input[Sequence[pulumi.Input[Mapping[str, pulumi.Input[str]]]]] keys: List of key versions in the keyring. This attribute is zero-indexed and will contain a map of values depending on the `type` of the encryption key.
342
+ :param pulumi.Input[builtins.int] key_size: The key size in bytes for algorithms that allow variable key sizes. Currently only applicable to HMAC, where it must be between 32 and 512 bytes.
343
+ :param pulumi.Input[Sequence[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]] keys: List of key versions in the keyring. This attribute is zero-indexed and will contain a map of values depending on the `type` of the encryption key.
343
344
  * for key types `aes128-gcm96`, `aes256-gcm96` and `chacha20-poly1305`, each key version will be a map of a single value `id` which is just a hash of the key's metadata.
344
345
  * for key types `ed25519`, `ecdsa-p256`, `ecdsa-p384`, `ecdsa-p521`, `rsa-2048`, `rsa-3072` and `rsa-4096`, each key version will be a map of the following:
345
- :param pulumi.Input[int] latest_version: Latest key version available. This value is 1-indexed, so if `latest_version` is `1`, then the key's information can be referenced from `keys` by selecting element `0`
346
- :param pulumi.Input[int] min_available_version: Minimum key version available for use. If keys have been archived by increasing `min_decryption_version`, this attribute will reflect that change.
347
- :param pulumi.Input[int] min_decryption_version: Minimum key version to use for decryption.
348
- :param pulumi.Input[int] min_encryption_version: Minimum key version to use for encryption
349
- :param pulumi.Input[str] name: The name to identify this key within the backend. Must be unique within the backend.
350
- :param pulumi.Input[str] namespace: The namespace to provision the resource in.
346
+ :param pulumi.Input[builtins.int] latest_version: Latest key version available. This value is 1-indexed, so if `latest_version` is `1`, then the key's information can be referenced from `keys` by selecting element `0`
347
+ :param pulumi.Input[builtins.int] min_available_version: Minimum key version available for use. If keys have been archived by increasing `min_decryption_version`, this attribute will reflect that change.
348
+ :param pulumi.Input[builtins.int] min_decryption_version: Minimum key version to use for decryption.
349
+ :param pulumi.Input[builtins.int] min_encryption_version: Minimum key version to use for encryption
350
+ :param pulumi.Input[builtins.str] name: The name to identify this key within the backend. Must be unique within the backend.
351
+ :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
351
352
  The value should not contain leading or trailing forward slashes.
352
353
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
353
354
  *Available only for Vault Enterprise*.
354
- :param pulumi.Input[str] parameter_set: The parameter set to use for ML-DSA. Required for
355
+ :param pulumi.Input[builtins.str] parameter_set: The parameter set to use for ML-DSA. Required for
355
356
  ML-DSA and hybrid keys. Valid values are `44`, `65`, and `87`.
356
- :param pulumi.Input[bool] supports_decryption: Whether or not the key supports decryption, based on key type.
357
- :param pulumi.Input[bool] supports_derivation: Whether or not the key supports derivation, based on key type.
358
- :param pulumi.Input[bool] supports_encryption: Whether or not the key supports encryption, based on key type.
359
- :param pulumi.Input[bool] supports_signing: Whether or not the key supports signing, based on key type.
360
- :param pulumi.Input[str] type: Specifies the type of key to create. The currently-supported types are: `aes128-gcm96`, `aes256-gcm96` (default), `chacha20-poly1305`, `ed25519`, `ecdsa-p256`, `ecdsa-p384`, `ecdsa-p521`, `hmac`, `rsa-2048`, `rsa-3072` and `rsa-4096`.
357
+ :param pulumi.Input[builtins.bool] supports_decryption: Whether or not the key supports decryption, based on key type.
358
+ :param pulumi.Input[builtins.bool] supports_derivation: Whether or not the key supports derivation, based on key type.
359
+ :param pulumi.Input[builtins.bool] supports_encryption: Whether or not the key supports encryption, based on key type.
360
+ :param pulumi.Input[builtins.bool] supports_signing: Whether or not the key supports signing, based on key type.
361
+ :param pulumi.Input[builtins.str] type: Specifies the type of key to create. The currently-supported types are: `aes128-gcm96`, `aes256-gcm96` (default), `chacha20-poly1305`, `ed25519`, `ecdsa-p256`, `ecdsa-p384`, `ecdsa-p521`, `hmac`, `rsa-2048`, `rsa-3072` and `rsa-4096`.
361
362
  * Refer to the Vault documentation on transit key types for more information: [Key Types](https://www.vaultproject.io/docs/secrets/transit#key-types)
362
363
  """
363
364
  if allow_plaintext_backup is not None:
@@ -409,7 +410,7 @@ class _SecretBackendKeyState:
409
410
 
410
411
  @property
411
412
  @pulumi.getter(name="allowPlaintextBackup")
412
- def allow_plaintext_backup(self) -> Optional[pulumi.Input[bool]]:
413
+ def allow_plaintext_backup(self) -> Optional[pulumi.Input[builtins.bool]]:
413
414
  """
414
415
  Enables taking backup of entire keyring in the plaintext format. Once set, this cannot be disabled.
415
416
  * Refer to Vault API documentation on key backups for more information: [Backup Key](https://www.vaultproject.io/api-docs/secret/transit#backup-key)
@@ -417,12 +418,12 @@ class _SecretBackendKeyState:
417
418
  return pulumi.get(self, "allow_plaintext_backup")
418
419
 
419
420
  @allow_plaintext_backup.setter
420
- def allow_plaintext_backup(self, value: Optional[pulumi.Input[bool]]):
421
+ def allow_plaintext_backup(self, value: Optional[pulumi.Input[builtins.bool]]):
421
422
  pulumi.set(self, "allow_plaintext_backup", value)
422
423
 
423
424
  @property
424
425
  @pulumi.getter(name="autoRotatePeriod")
425
- def auto_rotate_period(self) -> Optional[pulumi.Input[int]]:
426
+ def auto_rotate_period(self) -> Optional[pulumi.Input[builtins.int]]:
426
427
  """
427
428
  Amount of seconds the key should live before being automatically rotated.
428
429
  A value of 0 disables automatic rotation for the key.
@@ -430,72 +431,72 @@ class _SecretBackendKeyState:
430
431
  return pulumi.get(self, "auto_rotate_period")
431
432
 
432
433
  @auto_rotate_period.setter
433
- def auto_rotate_period(self, value: Optional[pulumi.Input[int]]):
434
+ def auto_rotate_period(self, value: Optional[pulumi.Input[builtins.int]]):
434
435
  pulumi.set(self, "auto_rotate_period", value)
435
436
 
436
437
  @property
437
438
  @pulumi.getter
438
- def backend(self) -> Optional[pulumi.Input[str]]:
439
+ def backend(self) -> Optional[pulumi.Input[builtins.str]]:
439
440
  """
440
441
  The path the transit secret backend is mounted at, with no leading or trailing `/`s.
441
442
  """
442
443
  return pulumi.get(self, "backend")
443
444
 
444
445
  @backend.setter
445
- def backend(self, value: Optional[pulumi.Input[str]]):
446
+ def backend(self, value: Optional[pulumi.Input[builtins.str]]):
446
447
  pulumi.set(self, "backend", value)
447
448
 
448
449
  @property
449
450
  @pulumi.getter(name="convergentEncryption")
450
- def convergent_encryption(self) -> Optional[pulumi.Input[bool]]:
451
+ def convergent_encryption(self) -> Optional[pulumi.Input[builtins.bool]]:
451
452
  """
452
453
  Whether or not to support convergent encryption, where the same plaintext creates the same ciphertext. This requires `derived` to be set to `true`.
453
454
  """
454
455
  return pulumi.get(self, "convergent_encryption")
455
456
 
456
457
  @convergent_encryption.setter
457
- def convergent_encryption(self, value: Optional[pulumi.Input[bool]]):
458
+ def convergent_encryption(self, value: Optional[pulumi.Input[builtins.bool]]):
458
459
  pulumi.set(self, "convergent_encryption", value)
459
460
 
460
461
  @property
461
462
  @pulumi.getter(name="deletionAllowed")
462
- def deletion_allowed(self) -> Optional[pulumi.Input[bool]]:
463
+ def deletion_allowed(self) -> Optional[pulumi.Input[builtins.bool]]:
463
464
  """
464
465
  Specifies if the key is allowed to be deleted.
465
466
  """
466
467
  return pulumi.get(self, "deletion_allowed")
467
468
 
468
469
  @deletion_allowed.setter
469
- def deletion_allowed(self, value: Optional[pulumi.Input[bool]]):
470
+ def deletion_allowed(self, value: Optional[pulumi.Input[builtins.bool]]):
470
471
  pulumi.set(self, "deletion_allowed", value)
471
472
 
472
473
  @property
473
474
  @pulumi.getter
474
- def derived(self) -> Optional[pulumi.Input[bool]]:
475
+ def derived(self) -> Optional[pulumi.Input[builtins.bool]]:
475
476
  """
476
477
  Specifies if key derivation is to be used. If enabled, all encrypt/decrypt requests to this key must provide a context which is used for key derivation.
477
478
  """
478
479
  return pulumi.get(self, "derived")
479
480
 
480
481
  @derived.setter
481
- def derived(self, value: Optional[pulumi.Input[bool]]):
482
+ def derived(self, value: Optional[pulumi.Input[builtins.bool]]):
482
483
  pulumi.set(self, "derived", value)
483
484
 
484
485
  @property
485
486
  @pulumi.getter
486
- def exportable(self) -> Optional[pulumi.Input[bool]]:
487
+ def exportable(self) -> Optional[pulumi.Input[builtins.bool]]:
487
488
  """
488
489
  Enables keys to be exportable. This allows for all valid private keys in the keyring to be exported. Once set, this cannot be disabled.
489
490
  """
490
491
  return pulumi.get(self, "exportable")
491
492
 
492
493
  @exportable.setter
493
- def exportable(self, value: Optional[pulumi.Input[bool]]):
494
+ def exportable(self, value: Optional[pulumi.Input[builtins.bool]]):
494
495
  pulumi.set(self, "exportable", value)
495
496
 
496
497
  @property
497
498
  @pulumi.getter(name="hybridKeyTypeEc")
498
- def hybrid_key_type_ec(self) -> Optional[pulumi.Input[str]]:
499
+ def hybrid_key_type_ec(self) -> Optional[pulumi.Input[builtins.str]]:
499
500
  """
500
501
  The elliptic curve algorithm to use for hybrid signatures.
501
502
  Supported key types are `ecdsa-p256`, `ecdsa-p384`, `ecdsa-p521`, and `ed25519`.
@@ -503,12 +504,12 @@ class _SecretBackendKeyState:
503
504
  return pulumi.get(self, "hybrid_key_type_ec")
504
505
 
505
506
  @hybrid_key_type_ec.setter
506
- def hybrid_key_type_ec(self, value: Optional[pulumi.Input[str]]):
507
+ def hybrid_key_type_ec(self, value: Optional[pulumi.Input[builtins.str]]):
507
508
  pulumi.set(self, "hybrid_key_type_ec", value)
508
509
 
509
510
  @property
510
511
  @pulumi.getter(name="hybridKeyTypePqc")
511
- def hybrid_key_type_pqc(self) -> Optional[pulumi.Input[str]]:
512
+ def hybrid_key_type_pqc(self) -> Optional[pulumi.Input[builtins.str]]:
512
513
  """
513
514
  The post-quantum algorithm to use for hybrid signatures.
514
515
  Currently, ML-DSA is the only supported key type.
@@ -516,24 +517,24 @@ class _SecretBackendKeyState:
516
517
  return pulumi.get(self, "hybrid_key_type_pqc")
517
518
 
518
519
  @hybrid_key_type_pqc.setter
519
- def hybrid_key_type_pqc(self, value: Optional[pulumi.Input[str]]):
520
+ def hybrid_key_type_pqc(self, value: Optional[pulumi.Input[builtins.str]]):
520
521
  pulumi.set(self, "hybrid_key_type_pqc", value)
521
522
 
522
523
  @property
523
524
  @pulumi.getter(name="keySize")
524
- def key_size(self) -> Optional[pulumi.Input[int]]:
525
+ def key_size(self) -> Optional[pulumi.Input[builtins.int]]:
525
526
  """
526
527
  The key size in bytes for algorithms that allow variable key sizes. Currently only applicable to HMAC, where it must be between 32 and 512 bytes.
527
528
  """
528
529
  return pulumi.get(self, "key_size")
529
530
 
530
531
  @key_size.setter
531
- def key_size(self, value: Optional[pulumi.Input[int]]):
532
+ def key_size(self, value: Optional[pulumi.Input[builtins.int]]):
532
533
  pulumi.set(self, "key_size", value)
533
534
 
534
535
  @property
535
536
  @pulumi.getter
536
- def keys(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[Mapping[str, pulumi.Input[str]]]]]]:
537
+ def keys(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]]]:
537
538
  """
538
539
  List of key versions in the keyring. This attribute is zero-indexed and will contain a map of values depending on the `type` of the encryption key.
539
540
  * for key types `aes128-gcm96`, `aes256-gcm96` and `chacha20-poly1305`, each key version will be a map of a single value `id` which is just a hash of the key's metadata.
@@ -542,72 +543,72 @@ class _SecretBackendKeyState:
542
543
  return pulumi.get(self, "keys")
543
544
 
544
545
  @keys.setter
545
- def keys(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[Mapping[str, pulumi.Input[str]]]]]]):
546
+ def keys(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]]]):
546
547
  pulumi.set(self, "keys", value)
547
548
 
548
549
  @property
549
550
  @pulumi.getter(name="latestVersion")
550
- def latest_version(self) -> Optional[pulumi.Input[int]]:
551
+ def latest_version(self) -> Optional[pulumi.Input[builtins.int]]:
551
552
  """
552
553
  Latest key version available. This value is 1-indexed, so if `latest_version` is `1`, then the key's information can be referenced from `keys` by selecting element `0`
553
554
  """
554
555
  return pulumi.get(self, "latest_version")
555
556
 
556
557
  @latest_version.setter
557
- def latest_version(self, value: Optional[pulumi.Input[int]]):
558
+ def latest_version(self, value: Optional[pulumi.Input[builtins.int]]):
558
559
  pulumi.set(self, "latest_version", value)
559
560
 
560
561
  @property
561
562
  @pulumi.getter(name="minAvailableVersion")
562
- def min_available_version(self) -> Optional[pulumi.Input[int]]:
563
+ def min_available_version(self) -> Optional[pulumi.Input[builtins.int]]:
563
564
  """
564
565
  Minimum key version available for use. If keys have been archived by increasing `min_decryption_version`, this attribute will reflect that change.
565
566
  """
566
567
  return pulumi.get(self, "min_available_version")
567
568
 
568
569
  @min_available_version.setter
569
- def min_available_version(self, value: Optional[pulumi.Input[int]]):
570
+ def min_available_version(self, value: Optional[pulumi.Input[builtins.int]]):
570
571
  pulumi.set(self, "min_available_version", value)
571
572
 
572
573
  @property
573
574
  @pulumi.getter(name="minDecryptionVersion")
574
- def min_decryption_version(self) -> Optional[pulumi.Input[int]]:
575
+ def min_decryption_version(self) -> Optional[pulumi.Input[builtins.int]]:
575
576
  """
576
577
  Minimum key version to use for decryption.
577
578
  """
578
579
  return pulumi.get(self, "min_decryption_version")
579
580
 
580
581
  @min_decryption_version.setter
581
- def min_decryption_version(self, value: Optional[pulumi.Input[int]]):
582
+ def min_decryption_version(self, value: Optional[pulumi.Input[builtins.int]]):
582
583
  pulumi.set(self, "min_decryption_version", value)
583
584
 
584
585
  @property
585
586
  @pulumi.getter(name="minEncryptionVersion")
586
- def min_encryption_version(self) -> Optional[pulumi.Input[int]]:
587
+ def min_encryption_version(self) -> Optional[pulumi.Input[builtins.int]]:
587
588
  """
588
589
  Minimum key version to use for encryption
589
590
  """
590
591
  return pulumi.get(self, "min_encryption_version")
591
592
 
592
593
  @min_encryption_version.setter
593
- def min_encryption_version(self, value: Optional[pulumi.Input[int]]):
594
+ def min_encryption_version(self, value: Optional[pulumi.Input[builtins.int]]):
594
595
  pulumi.set(self, "min_encryption_version", value)
595
596
 
596
597
  @property
597
598
  @pulumi.getter
598
- def name(self) -> Optional[pulumi.Input[str]]:
599
+ def name(self) -> Optional[pulumi.Input[builtins.str]]:
599
600
  """
600
601
  The name to identify this key within the backend. Must be unique within the backend.
601
602
  """
602
603
  return pulumi.get(self, "name")
603
604
 
604
605
  @name.setter
605
- def name(self, value: Optional[pulumi.Input[str]]):
606
+ def name(self, value: Optional[pulumi.Input[builtins.str]]):
606
607
  pulumi.set(self, "name", value)
607
608
 
608
609
  @property
609
610
  @pulumi.getter
610
- def namespace(self) -> Optional[pulumi.Input[str]]:
611
+ def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
611
612
  """
612
613
  The namespace to provision the resource in.
613
614
  The value should not contain leading or trailing forward slashes.
@@ -617,12 +618,12 @@ class _SecretBackendKeyState:
617
618
  return pulumi.get(self, "namespace")
618
619
 
619
620
  @namespace.setter
620
- def namespace(self, value: Optional[pulumi.Input[str]]):
621
+ def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
621
622
  pulumi.set(self, "namespace", value)
622
623
 
623
624
  @property
624
625
  @pulumi.getter(name="parameterSet")
625
- def parameter_set(self) -> Optional[pulumi.Input[str]]:
626
+ def parameter_set(self) -> Optional[pulumi.Input[builtins.str]]:
626
627
  """
627
628
  The parameter set to use for ML-DSA. Required for
628
629
  ML-DSA and hybrid keys. Valid values are `44`, `65`, and `87`.
@@ -630,60 +631,60 @@ class _SecretBackendKeyState:
630
631
  return pulumi.get(self, "parameter_set")
631
632
 
632
633
  @parameter_set.setter
633
- def parameter_set(self, value: Optional[pulumi.Input[str]]):
634
+ def parameter_set(self, value: Optional[pulumi.Input[builtins.str]]):
634
635
  pulumi.set(self, "parameter_set", value)
635
636
 
636
637
  @property
637
638
  @pulumi.getter(name="supportsDecryption")
638
- def supports_decryption(self) -> Optional[pulumi.Input[bool]]:
639
+ def supports_decryption(self) -> Optional[pulumi.Input[builtins.bool]]:
639
640
  """
640
641
  Whether or not the key supports decryption, based on key type.
641
642
  """
642
643
  return pulumi.get(self, "supports_decryption")
643
644
 
644
645
  @supports_decryption.setter
645
- def supports_decryption(self, value: Optional[pulumi.Input[bool]]):
646
+ def supports_decryption(self, value: Optional[pulumi.Input[builtins.bool]]):
646
647
  pulumi.set(self, "supports_decryption", value)
647
648
 
648
649
  @property
649
650
  @pulumi.getter(name="supportsDerivation")
650
- def supports_derivation(self) -> Optional[pulumi.Input[bool]]:
651
+ def supports_derivation(self) -> Optional[pulumi.Input[builtins.bool]]:
651
652
  """
652
653
  Whether or not the key supports derivation, based on key type.
653
654
  """
654
655
  return pulumi.get(self, "supports_derivation")
655
656
 
656
657
  @supports_derivation.setter
657
- def supports_derivation(self, value: Optional[pulumi.Input[bool]]):
658
+ def supports_derivation(self, value: Optional[pulumi.Input[builtins.bool]]):
658
659
  pulumi.set(self, "supports_derivation", value)
659
660
 
660
661
  @property
661
662
  @pulumi.getter(name="supportsEncryption")
662
- def supports_encryption(self) -> Optional[pulumi.Input[bool]]:
663
+ def supports_encryption(self) -> Optional[pulumi.Input[builtins.bool]]:
663
664
  """
664
665
  Whether or not the key supports encryption, based on key type.
665
666
  """
666
667
  return pulumi.get(self, "supports_encryption")
667
668
 
668
669
  @supports_encryption.setter
669
- def supports_encryption(self, value: Optional[pulumi.Input[bool]]):
670
+ def supports_encryption(self, value: Optional[pulumi.Input[builtins.bool]]):
670
671
  pulumi.set(self, "supports_encryption", value)
671
672
 
672
673
  @property
673
674
  @pulumi.getter(name="supportsSigning")
674
- def supports_signing(self) -> Optional[pulumi.Input[bool]]:
675
+ def supports_signing(self) -> Optional[pulumi.Input[builtins.bool]]:
675
676
  """
676
677
  Whether or not the key supports signing, based on key type.
677
678
  """
678
679
  return pulumi.get(self, "supports_signing")
679
680
 
680
681
  @supports_signing.setter
681
- def supports_signing(self, value: Optional[pulumi.Input[bool]]):
682
+ def supports_signing(self, value: Optional[pulumi.Input[builtins.bool]]):
682
683
  pulumi.set(self, "supports_signing", value)
683
684
 
684
685
  @property
685
686
  @pulumi.getter
686
- def type(self) -> Optional[pulumi.Input[str]]:
687
+ def type(self) -> Optional[pulumi.Input[builtins.str]]:
687
688
  """
688
689
  Specifies the type of key to create. The currently-supported types are: `aes128-gcm96`, `aes256-gcm96` (default), `chacha20-poly1305`, `ed25519`, `ecdsa-p256`, `ecdsa-p384`, `ecdsa-p521`, `hmac`, `rsa-2048`, `rsa-3072` and `rsa-4096`.
689
690
  * Refer to the Vault documentation on transit key types for more information: [Key Types](https://www.vaultproject.io/docs/secrets/transit#key-types)
@@ -691,7 +692,7 @@ class _SecretBackendKeyState:
691
692
  return pulumi.get(self, "type")
692
693
 
693
694
  @type.setter
694
- def type(self, value: Optional[pulumi.Input[str]]):
695
+ def type(self, value: Optional[pulumi.Input[builtins.str]]):
695
696
  pulumi.set(self, "type", value)
696
697
 
697
698
 
@@ -700,22 +701,22 @@ class SecretBackendKey(pulumi.CustomResource):
700
701
  def __init__(__self__,
701
702
  resource_name: str,
702
703
  opts: Optional[pulumi.ResourceOptions] = None,
703
- allow_plaintext_backup: Optional[pulumi.Input[bool]] = None,
704
- auto_rotate_period: Optional[pulumi.Input[int]] = None,
705
- backend: Optional[pulumi.Input[str]] = None,
706
- convergent_encryption: Optional[pulumi.Input[bool]] = None,
707
- deletion_allowed: Optional[pulumi.Input[bool]] = None,
708
- derived: Optional[pulumi.Input[bool]] = None,
709
- exportable: Optional[pulumi.Input[bool]] = None,
710
- hybrid_key_type_ec: Optional[pulumi.Input[str]] = None,
711
- hybrid_key_type_pqc: Optional[pulumi.Input[str]] = None,
712
- key_size: Optional[pulumi.Input[int]] = None,
713
- min_decryption_version: Optional[pulumi.Input[int]] = None,
714
- min_encryption_version: Optional[pulumi.Input[int]] = None,
715
- name: Optional[pulumi.Input[str]] = None,
716
- namespace: Optional[pulumi.Input[str]] = None,
717
- parameter_set: Optional[pulumi.Input[str]] = None,
718
- type: Optional[pulumi.Input[str]] = None,
704
+ allow_plaintext_backup: Optional[pulumi.Input[builtins.bool]] = None,
705
+ auto_rotate_period: Optional[pulumi.Input[builtins.int]] = None,
706
+ backend: Optional[pulumi.Input[builtins.str]] = None,
707
+ convergent_encryption: Optional[pulumi.Input[builtins.bool]] = None,
708
+ deletion_allowed: Optional[pulumi.Input[builtins.bool]] = None,
709
+ derived: Optional[pulumi.Input[builtins.bool]] = None,
710
+ exportable: Optional[pulumi.Input[builtins.bool]] = None,
711
+ hybrid_key_type_ec: Optional[pulumi.Input[builtins.str]] = None,
712
+ hybrid_key_type_pqc: Optional[pulumi.Input[builtins.str]] = None,
713
+ key_size: Optional[pulumi.Input[builtins.int]] = None,
714
+ min_decryption_version: Optional[pulumi.Input[builtins.int]] = None,
715
+ min_encryption_version: Optional[pulumi.Input[builtins.int]] = None,
716
+ name: Optional[pulumi.Input[builtins.str]] = None,
717
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
718
+ parameter_set: Optional[pulumi.Input[builtins.str]] = None,
719
+ type: Optional[pulumi.Input[builtins.str]] = None,
719
720
  __props__=None):
720
721
  """
721
722
  Creates an Encryption Keyring on a Transit Secret Backend for Vault.
@@ -747,30 +748,30 @@ class SecretBackendKey(pulumi.CustomResource):
747
748
 
748
749
  :param str resource_name: The name of the resource.
749
750
  :param pulumi.ResourceOptions opts: Options for the resource.
750
- :param pulumi.Input[bool] allow_plaintext_backup: Enables taking backup of entire keyring in the plaintext format. Once set, this cannot be disabled.
751
+ :param pulumi.Input[builtins.bool] allow_plaintext_backup: Enables taking backup of entire keyring in the plaintext format. Once set, this cannot be disabled.
751
752
  * Refer to Vault API documentation on key backups for more information: [Backup Key](https://www.vaultproject.io/api-docs/secret/transit#backup-key)
752
- :param pulumi.Input[int] auto_rotate_period: Amount of seconds the key should live before being automatically rotated.
753
+ :param pulumi.Input[builtins.int] auto_rotate_period: Amount of seconds the key should live before being automatically rotated.
753
754
  A value of 0 disables automatic rotation for the key.
754
- :param pulumi.Input[str] backend: The path the transit secret backend is mounted at, with no leading or trailing `/`s.
755
- :param pulumi.Input[bool] convergent_encryption: Whether or not to support convergent encryption, where the same plaintext creates the same ciphertext. This requires `derived` to be set to `true`.
756
- :param pulumi.Input[bool] deletion_allowed: Specifies if the key is allowed to be deleted.
757
- :param pulumi.Input[bool] derived: Specifies if key derivation is to be used. If enabled, all encrypt/decrypt requests to this key must provide a context which is used for key derivation.
758
- :param pulumi.Input[bool] exportable: Enables keys to be exportable. This allows for all valid private keys in the keyring to be exported. Once set, this cannot be disabled.
759
- :param pulumi.Input[str] hybrid_key_type_ec: The elliptic curve algorithm to use for hybrid signatures.
755
+ :param pulumi.Input[builtins.str] backend: The path the transit secret backend is mounted at, with no leading or trailing `/`s.
756
+ :param pulumi.Input[builtins.bool] convergent_encryption: Whether or not to support convergent encryption, where the same plaintext creates the same ciphertext. This requires `derived` to be set to `true`.
757
+ :param pulumi.Input[builtins.bool] deletion_allowed: Specifies if the key is allowed to be deleted.
758
+ :param pulumi.Input[builtins.bool] derived: Specifies if key derivation is to be used. If enabled, all encrypt/decrypt requests to this key must provide a context which is used for key derivation.
759
+ :param pulumi.Input[builtins.bool] exportable: Enables keys to be exportable. This allows for all valid private keys in the keyring to be exported. Once set, this cannot be disabled.
760
+ :param pulumi.Input[builtins.str] hybrid_key_type_ec: The elliptic curve algorithm to use for hybrid signatures.
760
761
  Supported key types are `ecdsa-p256`, `ecdsa-p384`, `ecdsa-p521`, and `ed25519`.
761
- :param pulumi.Input[str] hybrid_key_type_pqc: The post-quantum algorithm to use for hybrid signatures.
762
+ :param pulumi.Input[builtins.str] hybrid_key_type_pqc: The post-quantum algorithm to use for hybrid signatures.
762
763
  Currently, ML-DSA is the only supported key type.
763
- :param pulumi.Input[int] key_size: The key size in bytes for algorithms that allow variable key sizes. Currently only applicable to HMAC, where it must be between 32 and 512 bytes.
764
- :param pulumi.Input[int] min_decryption_version: Minimum key version to use for decryption.
765
- :param pulumi.Input[int] min_encryption_version: Minimum key version to use for encryption
766
- :param pulumi.Input[str] name: The name to identify this key within the backend. Must be unique within the backend.
767
- :param pulumi.Input[str] namespace: The namespace to provision the resource in.
764
+ :param pulumi.Input[builtins.int] key_size: The key size in bytes for algorithms that allow variable key sizes. Currently only applicable to HMAC, where it must be between 32 and 512 bytes.
765
+ :param pulumi.Input[builtins.int] min_decryption_version: Minimum key version to use for decryption.
766
+ :param pulumi.Input[builtins.int] min_encryption_version: Minimum key version to use for encryption
767
+ :param pulumi.Input[builtins.str] name: The name to identify this key within the backend. Must be unique within the backend.
768
+ :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
768
769
  The value should not contain leading or trailing forward slashes.
769
770
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
770
771
  *Available only for Vault Enterprise*.
771
- :param pulumi.Input[str] parameter_set: The parameter set to use for ML-DSA. Required for
772
+ :param pulumi.Input[builtins.str] parameter_set: The parameter set to use for ML-DSA. Required for
772
773
  ML-DSA and hybrid keys. Valid values are `44`, `65`, and `87`.
773
- :param pulumi.Input[str] type: Specifies the type of key to create. The currently-supported types are: `aes128-gcm96`, `aes256-gcm96` (default), `chacha20-poly1305`, `ed25519`, `ecdsa-p256`, `ecdsa-p384`, `ecdsa-p521`, `hmac`, `rsa-2048`, `rsa-3072` and `rsa-4096`.
774
+ :param pulumi.Input[builtins.str] type: Specifies the type of key to create. The currently-supported types are: `aes128-gcm96`, `aes256-gcm96` (default), `chacha20-poly1305`, `ed25519`, `ecdsa-p256`, `ecdsa-p384`, `ecdsa-p521`, `hmac`, `rsa-2048`, `rsa-3072` and `rsa-4096`.
774
775
  * Refer to the Vault documentation on transit key types for more information: [Key Types](https://www.vaultproject.io/docs/secrets/transit#key-types)
775
776
  """
776
777
  ...
@@ -822,22 +823,22 @@ class SecretBackendKey(pulumi.CustomResource):
822
823
  def _internal_init(__self__,
823
824
  resource_name: str,
824
825
  opts: Optional[pulumi.ResourceOptions] = None,
825
- allow_plaintext_backup: Optional[pulumi.Input[bool]] = None,
826
- auto_rotate_period: Optional[pulumi.Input[int]] = None,
827
- backend: Optional[pulumi.Input[str]] = None,
828
- convergent_encryption: Optional[pulumi.Input[bool]] = None,
829
- deletion_allowed: Optional[pulumi.Input[bool]] = None,
830
- derived: Optional[pulumi.Input[bool]] = None,
831
- exportable: Optional[pulumi.Input[bool]] = None,
832
- hybrid_key_type_ec: Optional[pulumi.Input[str]] = None,
833
- hybrid_key_type_pqc: Optional[pulumi.Input[str]] = None,
834
- key_size: Optional[pulumi.Input[int]] = None,
835
- min_decryption_version: Optional[pulumi.Input[int]] = None,
836
- min_encryption_version: Optional[pulumi.Input[int]] = None,
837
- name: Optional[pulumi.Input[str]] = None,
838
- namespace: Optional[pulumi.Input[str]] = None,
839
- parameter_set: Optional[pulumi.Input[str]] = None,
840
- type: Optional[pulumi.Input[str]] = None,
826
+ allow_plaintext_backup: Optional[pulumi.Input[builtins.bool]] = None,
827
+ auto_rotate_period: Optional[pulumi.Input[builtins.int]] = None,
828
+ backend: Optional[pulumi.Input[builtins.str]] = None,
829
+ convergent_encryption: Optional[pulumi.Input[builtins.bool]] = None,
830
+ deletion_allowed: Optional[pulumi.Input[builtins.bool]] = None,
831
+ derived: Optional[pulumi.Input[builtins.bool]] = None,
832
+ exportable: Optional[pulumi.Input[builtins.bool]] = None,
833
+ hybrid_key_type_ec: Optional[pulumi.Input[builtins.str]] = None,
834
+ hybrid_key_type_pqc: Optional[pulumi.Input[builtins.str]] = None,
835
+ key_size: Optional[pulumi.Input[builtins.int]] = None,
836
+ min_decryption_version: Optional[pulumi.Input[builtins.int]] = None,
837
+ min_encryption_version: Optional[pulumi.Input[builtins.int]] = None,
838
+ name: Optional[pulumi.Input[builtins.str]] = None,
839
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
840
+ parameter_set: Optional[pulumi.Input[builtins.str]] = None,
841
+ type: Optional[pulumi.Input[builtins.str]] = None,
841
842
  __props__=None):
842
843
  opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
843
844
  if not isinstance(opts, pulumi.ResourceOptions):
@@ -882,29 +883,29 @@ class SecretBackendKey(pulumi.CustomResource):
882
883
  def get(resource_name: str,
883
884
  id: pulumi.Input[str],
884
885
  opts: Optional[pulumi.ResourceOptions] = None,
885
- allow_plaintext_backup: Optional[pulumi.Input[bool]] = None,
886
- auto_rotate_period: Optional[pulumi.Input[int]] = None,
887
- backend: Optional[pulumi.Input[str]] = None,
888
- convergent_encryption: Optional[pulumi.Input[bool]] = None,
889
- deletion_allowed: Optional[pulumi.Input[bool]] = None,
890
- derived: Optional[pulumi.Input[bool]] = None,
891
- exportable: Optional[pulumi.Input[bool]] = None,
892
- hybrid_key_type_ec: Optional[pulumi.Input[str]] = None,
893
- hybrid_key_type_pqc: Optional[pulumi.Input[str]] = None,
894
- key_size: Optional[pulumi.Input[int]] = None,
895
- keys: Optional[pulumi.Input[Sequence[pulumi.Input[Mapping[str, pulumi.Input[str]]]]]] = None,
896
- latest_version: Optional[pulumi.Input[int]] = None,
897
- min_available_version: Optional[pulumi.Input[int]] = None,
898
- min_decryption_version: Optional[pulumi.Input[int]] = None,
899
- min_encryption_version: Optional[pulumi.Input[int]] = None,
900
- name: Optional[pulumi.Input[str]] = None,
901
- namespace: Optional[pulumi.Input[str]] = None,
902
- parameter_set: Optional[pulumi.Input[str]] = None,
903
- supports_decryption: Optional[pulumi.Input[bool]] = None,
904
- supports_derivation: Optional[pulumi.Input[bool]] = None,
905
- supports_encryption: Optional[pulumi.Input[bool]] = None,
906
- supports_signing: Optional[pulumi.Input[bool]] = None,
907
- type: Optional[pulumi.Input[str]] = None) -> 'SecretBackendKey':
886
+ allow_plaintext_backup: Optional[pulumi.Input[builtins.bool]] = None,
887
+ auto_rotate_period: Optional[pulumi.Input[builtins.int]] = None,
888
+ backend: Optional[pulumi.Input[builtins.str]] = None,
889
+ convergent_encryption: Optional[pulumi.Input[builtins.bool]] = None,
890
+ deletion_allowed: Optional[pulumi.Input[builtins.bool]] = None,
891
+ derived: Optional[pulumi.Input[builtins.bool]] = None,
892
+ exportable: Optional[pulumi.Input[builtins.bool]] = None,
893
+ hybrid_key_type_ec: Optional[pulumi.Input[builtins.str]] = None,
894
+ hybrid_key_type_pqc: Optional[pulumi.Input[builtins.str]] = None,
895
+ key_size: Optional[pulumi.Input[builtins.int]] = None,
896
+ keys: Optional[pulumi.Input[Sequence[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]]] = None,
897
+ latest_version: Optional[pulumi.Input[builtins.int]] = None,
898
+ min_available_version: Optional[pulumi.Input[builtins.int]] = None,
899
+ min_decryption_version: Optional[pulumi.Input[builtins.int]] = None,
900
+ min_encryption_version: Optional[pulumi.Input[builtins.int]] = None,
901
+ name: Optional[pulumi.Input[builtins.str]] = None,
902
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
903
+ parameter_set: Optional[pulumi.Input[builtins.str]] = None,
904
+ supports_decryption: Optional[pulumi.Input[builtins.bool]] = None,
905
+ supports_derivation: Optional[pulumi.Input[builtins.bool]] = None,
906
+ supports_encryption: Optional[pulumi.Input[builtins.bool]] = None,
907
+ supports_signing: Optional[pulumi.Input[builtins.bool]] = None,
908
+ type: Optional[pulumi.Input[builtins.str]] = None) -> 'SecretBackendKey':
908
909
  """
909
910
  Get an existing SecretBackendKey resource's state with the given name, id, and optional extra
910
911
  properties used to qualify the lookup.
@@ -912,39 +913,39 @@ class SecretBackendKey(pulumi.CustomResource):
912
913
  :param str resource_name: The unique name of the resulting resource.
913
914
  :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
914
915
  :param pulumi.ResourceOptions opts: Options for the resource.
915
- :param pulumi.Input[bool] allow_plaintext_backup: Enables taking backup of entire keyring in the plaintext format. Once set, this cannot be disabled.
916
+ :param pulumi.Input[builtins.bool] allow_plaintext_backup: Enables taking backup of entire keyring in the plaintext format. Once set, this cannot be disabled.
916
917
  * Refer to Vault API documentation on key backups for more information: [Backup Key](https://www.vaultproject.io/api-docs/secret/transit#backup-key)
917
- :param pulumi.Input[int] auto_rotate_period: Amount of seconds the key should live before being automatically rotated.
918
+ :param pulumi.Input[builtins.int] auto_rotate_period: Amount of seconds the key should live before being automatically rotated.
918
919
  A value of 0 disables automatic rotation for the key.
919
- :param pulumi.Input[str] backend: The path the transit secret backend is mounted at, with no leading or trailing `/`s.
920
- :param pulumi.Input[bool] convergent_encryption: Whether or not to support convergent encryption, where the same plaintext creates the same ciphertext. This requires `derived` to be set to `true`.
921
- :param pulumi.Input[bool] deletion_allowed: Specifies if the key is allowed to be deleted.
922
- :param pulumi.Input[bool] derived: Specifies if key derivation is to be used. If enabled, all encrypt/decrypt requests to this key must provide a context which is used for key derivation.
923
- :param pulumi.Input[bool] exportable: Enables keys to be exportable. This allows for all valid private keys in the keyring to be exported. Once set, this cannot be disabled.
924
- :param pulumi.Input[str] hybrid_key_type_ec: The elliptic curve algorithm to use for hybrid signatures.
920
+ :param pulumi.Input[builtins.str] backend: The path the transit secret backend is mounted at, with no leading or trailing `/`s.
921
+ :param pulumi.Input[builtins.bool] convergent_encryption: Whether or not to support convergent encryption, where the same plaintext creates the same ciphertext. This requires `derived` to be set to `true`.
922
+ :param pulumi.Input[builtins.bool] deletion_allowed: Specifies if the key is allowed to be deleted.
923
+ :param pulumi.Input[builtins.bool] derived: Specifies if key derivation is to be used. If enabled, all encrypt/decrypt requests to this key must provide a context which is used for key derivation.
924
+ :param pulumi.Input[builtins.bool] exportable: Enables keys to be exportable. This allows for all valid private keys in the keyring to be exported. Once set, this cannot be disabled.
925
+ :param pulumi.Input[builtins.str] hybrid_key_type_ec: The elliptic curve algorithm to use for hybrid signatures.
925
926
  Supported key types are `ecdsa-p256`, `ecdsa-p384`, `ecdsa-p521`, and `ed25519`.
926
- :param pulumi.Input[str] hybrid_key_type_pqc: The post-quantum algorithm to use for hybrid signatures.
927
+ :param pulumi.Input[builtins.str] hybrid_key_type_pqc: The post-quantum algorithm to use for hybrid signatures.
927
928
  Currently, ML-DSA is the only supported key type.
928
- :param pulumi.Input[int] key_size: The key size in bytes for algorithms that allow variable key sizes. Currently only applicable to HMAC, where it must be between 32 and 512 bytes.
929
- :param pulumi.Input[Sequence[pulumi.Input[Mapping[str, pulumi.Input[str]]]]] keys: List of key versions in the keyring. This attribute is zero-indexed and will contain a map of values depending on the `type` of the encryption key.
929
+ :param pulumi.Input[builtins.int] key_size: The key size in bytes for algorithms that allow variable key sizes. Currently only applicable to HMAC, where it must be between 32 and 512 bytes.
930
+ :param pulumi.Input[Sequence[pulumi.Input[Mapping[str, pulumi.Input[builtins.str]]]]] keys: List of key versions in the keyring. This attribute is zero-indexed and will contain a map of values depending on the `type` of the encryption key.
930
931
  * for key types `aes128-gcm96`, `aes256-gcm96` and `chacha20-poly1305`, each key version will be a map of a single value `id` which is just a hash of the key's metadata.
931
932
  * for key types `ed25519`, `ecdsa-p256`, `ecdsa-p384`, `ecdsa-p521`, `rsa-2048`, `rsa-3072` and `rsa-4096`, each key version will be a map of the following:
932
- :param pulumi.Input[int] latest_version: Latest key version available. This value is 1-indexed, so if `latest_version` is `1`, then the key's information can be referenced from `keys` by selecting element `0`
933
- :param pulumi.Input[int] min_available_version: Minimum key version available for use. If keys have been archived by increasing `min_decryption_version`, this attribute will reflect that change.
934
- :param pulumi.Input[int] min_decryption_version: Minimum key version to use for decryption.
935
- :param pulumi.Input[int] min_encryption_version: Minimum key version to use for encryption
936
- :param pulumi.Input[str] name: The name to identify this key within the backend. Must be unique within the backend.
937
- :param pulumi.Input[str] namespace: The namespace to provision the resource in.
933
+ :param pulumi.Input[builtins.int] latest_version: Latest key version available. This value is 1-indexed, so if `latest_version` is `1`, then the key's information can be referenced from `keys` by selecting element `0`
934
+ :param pulumi.Input[builtins.int] min_available_version: Minimum key version available for use. If keys have been archived by increasing `min_decryption_version`, this attribute will reflect that change.
935
+ :param pulumi.Input[builtins.int] min_decryption_version: Minimum key version to use for decryption.
936
+ :param pulumi.Input[builtins.int] min_encryption_version: Minimum key version to use for encryption
937
+ :param pulumi.Input[builtins.str] name: The name to identify this key within the backend. Must be unique within the backend.
938
+ :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
938
939
  The value should not contain leading or trailing forward slashes.
939
940
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
940
941
  *Available only for Vault Enterprise*.
941
- :param pulumi.Input[str] parameter_set: The parameter set to use for ML-DSA. Required for
942
+ :param pulumi.Input[builtins.str] parameter_set: The parameter set to use for ML-DSA. Required for
942
943
  ML-DSA and hybrid keys. Valid values are `44`, `65`, and `87`.
943
- :param pulumi.Input[bool] supports_decryption: Whether or not the key supports decryption, based on key type.
944
- :param pulumi.Input[bool] supports_derivation: Whether or not the key supports derivation, based on key type.
945
- :param pulumi.Input[bool] supports_encryption: Whether or not the key supports encryption, based on key type.
946
- :param pulumi.Input[bool] supports_signing: Whether or not the key supports signing, based on key type.
947
- :param pulumi.Input[str] type: Specifies the type of key to create. The currently-supported types are: `aes128-gcm96`, `aes256-gcm96` (default), `chacha20-poly1305`, `ed25519`, `ecdsa-p256`, `ecdsa-p384`, `ecdsa-p521`, `hmac`, `rsa-2048`, `rsa-3072` and `rsa-4096`.
944
+ :param pulumi.Input[builtins.bool] supports_decryption: Whether or not the key supports decryption, based on key type.
945
+ :param pulumi.Input[builtins.bool] supports_derivation: Whether or not the key supports derivation, based on key type.
946
+ :param pulumi.Input[builtins.bool] supports_encryption: Whether or not the key supports encryption, based on key type.
947
+ :param pulumi.Input[builtins.bool] supports_signing: Whether or not the key supports signing, based on key type.
948
+ :param pulumi.Input[builtins.str] type: Specifies the type of key to create. The currently-supported types are: `aes128-gcm96`, `aes256-gcm96` (default), `chacha20-poly1305`, `ed25519`, `ecdsa-p256`, `ecdsa-p384`, `ecdsa-p521`, `hmac`, `rsa-2048`, `rsa-3072` and `rsa-4096`.
948
949
  * Refer to the Vault documentation on transit key types for more information: [Key Types](https://www.vaultproject.io/docs/secrets/transit#key-types)
949
950
  """
950
951
  opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
@@ -978,7 +979,7 @@ class SecretBackendKey(pulumi.CustomResource):
978
979
 
979
980
  @property
980
981
  @pulumi.getter(name="allowPlaintextBackup")
981
- def allow_plaintext_backup(self) -> pulumi.Output[Optional[bool]]:
982
+ def allow_plaintext_backup(self) -> pulumi.Output[Optional[builtins.bool]]:
982
983
  """
983
984
  Enables taking backup of entire keyring in the plaintext format. Once set, this cannot be disabled.
984
985
  * Refer to Vault API documentation on key backups for more information: [Backup Key](https://www.vaultproject.io/api-docs/secret/transit#backup-key)
@@ -987,7 +988,7 @@ class SecretBackendKey(pulumi.CustomResource):
987
988
 
988
989
  @property
989
990
  @pulumi.getter(name="autoRotatePeriod")
990
- def auto_rotate_period(self) -> pulumi.Output[int]:
991
+ def auto_rotate_period(self) -> pulumi.Output[builtins.int]:
991
992
  """
992
993
  Amount of seconds the key should live before being automatically rotated.
993
994
  A value of 0 disables automatic rotation for the key.
@@ -996,7 +997,7 @@ class SecretBackendKey(pulumi.CustomResource):
996
997
 
997
998
  @property
998
999
  @pulumi.getter
999
- def backend(self) -> pulumi.Output[str]:
1000
+ def backend(self) -> pulumi.Output[builtins.str]:
1000
1001
  """
1001
1002
  The path the transit secret backend is mounted at, with no leading or trailing `/`s.
1002
1003
  """
@@ -1004,7 +1005,7 @@ class SecretBackendKey(pulumi.CustomResource):
1004
1005
 
1005
1006
  @property
1006
1007
  @pulumi.getter(name="convergentEncryption")
1007
- def convergent_encryption(self) -> pulumi.Output[Optional[bool]]:
1008
+ def convergent_encryption(self) -> pulumi.Output[Optional[builtins.bool]]:
1008
1009
  """
1009
1010
  Whether or not to support convergent encryption, where the same plaintext creates the same ciphertext. This requires `derived` to be set to `true`.
1010
1011
  """
@@ -1012,7 +1013,7 @@ class SecretBackendKey(pulumi.CustomResource):
1012
1013
 
1013
1014
  @property
1014
1015
  @pulumi.getter(name="deletionAllowed")
1015
- def deletion_allowed(self) -> pulumi.Output[Optional[bool]]:
1016
+ def deletion_allowed(self) -> pulumi.Output[Optional[builtins.bool]]:
1016
1017
  """
1017
1018
  Specifies if the key is allowed to be deleted.
1018
1019
  """
@@ -1020,7 +1021,7 @@ class SecretBackendKey(pulumi.CustomResource):
1020
1021
 
1021
1022
  @property
1022
1023
  @pulumi.getter
1023
- def derived(self) -> pulumi.Output[Optional[bool]]:
1024
+ def derived(self) -> pulumi.Output[Optional[builtins.bool]]:
1024
1025
  """
1025
1026
  Specifies if key derivation is to be used. If enabled, all encrypt/decrypt requests to this key must provide a context which is used for key derivation.
1026
1027
  """
@@ -1028,7 +1029,7 @@ class SecretBackendKey(pulumi.CustomResource):
1028
1029
 
1029
1030
  @property
1030
1031
  @pulumi.getter
1031
- def exportable(self) -> pulumi.Output[Optional[bool]]:
1032
+ def exportable(self) -> pulumi.Output[Optional[builtins.bool]]:
1032
1033
  """
1033
1034
  Enables keys to be exportable. This allows for all valid private keys in the keyring to be exported. Once set, this cannot be disabled.
1034
1035
  """
@@ -1036,7 +1037,7 @@ class SecretBackendKey(pulumi.CustomResource):
1036
1037
 
1037
1038
  @property
1038
1039
  @pulumi.getter(name="hybridKeyTypeEc")
1039
- def hybrid_key_type_ec(self) -> pulumi.Output[Optional[str]]:
1040
+ def hybrid_key_type_ec(self) -> pulumi.Output[Optional[builtins.str]]:
1040
1041
  """
1041
1042
  The elliptic curve algorithm to use for hybrid signatures.
1042
1043
  Supported key types are `ecdsa-p256`, `ecdsa-p384`, `ecdsa-p521`, and `ed25519`.
@@ -1045,7 +1046,7 @@ class SecretBackendKey(pulumi.CustomResource):
1045
1046
 
1046
1047
  @property
1047
1048
  @pulumi.getter(name="hybridKeyTypePqc")
1048
- def hybrid_key_type_pqc(self) -> pulumi.Output[Optional[str]]:
1049
+ def hybrid_key_type_pqc(self) -> pulumi.Output[Optional[builtins.str]]:
1049
1050
  """
1050
1051
  The post-quantum algorithm to use for hybrid signatures.
1051
1052
  Currently, ML-DSA is the only supported key type.
@@ -1054,7 +1055,7 @@ class SecretBackendKey(pulumi.CustomResource):
1054
1055
 
1055
1056
  @property
1056
1057
  @pulumi.getter(name="keySize")
1057
- def key_size(self) -> pulumi.Output[Optional[int]]:
1058
+ def key_size(self) -> pulumi.Output[Optional[builtins.int]]:
1058
1059
  """
1059
1060
  The key size in bytes for algorithms that allow variable key sizes. Currently only applicable to HMAC, where it must be between 32 and 512 bytes.
1060
1061
  """
@@ -1062,7 +1063,7 @@ class SecretBackendKey(pulumi.CustomResource):
1062
1063
 
1063
1064
  @property
1064
1065
  @pulumi.getter
1065
- def keys(self) -> pulumi.Output[Sequence[Mapping[str, str]]]:
1066
+ def keys(self) -> pulumi.Output[Sequence[Mapping[str, builtins.str]]]:
1066
1067
  """
1067
1068
  List of key versions in the keyring. This attribute is zero-indexed and will contain a map of values depending on the `type` of the encryption key.
1068
1069
  * for key types `aes128-gcm96`, `aes256-gcm96` and `chacha20-poly1305`, each key version will be a map of a single value `id` which is just a hash of the key's metadata.
@@ -1072,7 +1073,7 @@ class SecretBackendKey(pulumi.CustomResource):
1072
1073
 
1073
1074
  @property
1074
1075
  @pulumi.getter(name="latestVersion")
1075
- def latest_version(self) -> pulumi.Output[int]:
1076
+ def latest_version(self) -> pulumi.Output[builtins.int]:
1076
1077
  """
1077
1078
  Latest key version available. This value is 1-indexed, so if `latest_version` is `1`, then the key's information can be referenced from `keys` by selecting element `0`
1078
1079
  """
@@ -1080,7 +1081,7 @@ class SecretBackendKey(pulumi.CustomResource):
1080
1081
 
1081
1082
  @property
1082
1083
  @pulumi.getter(name="minAvailableVersion")
1083
- def min_available_version(self) -> pulumi.Output[int]:
1084
+ def min_available_version(self) -> pulumi.Output[builtins.int]:
1084
1085
  """
1085
1086
  Minimum key version available for use. If keys have been archived by increasing `min_decryption_version`, this attribute will reflect that change.
1086
1087
  """
@@ -1088,7 +1089,7 @@ class SecretBackendKey(pulumi.CustomResource):
1088
1089
 
1089
1090
  @property
1090
1091
  @pulumi.getter(name="minDecryptionVersion")
1091
- def min_decryption_version(self) -> pulumi.Output[Optional[int]]:
1092
+ def min_decryption_version(self) -> pulumi.Output[Optional[builtins.int]]:
1092
1093
  """
1093
1094
  Minimum key version to use for decryption.
1094
1095
  """
@@ -1096,7 +1097,7 @@ class SecretBackendKey(pulumi.CustomResource):
1096
1097
 
1097
1098
  @property
1098
1099
  @pulumi.getter(name="minEncryptionVersion")
1099
- def min_encryption_version(self) -> pulumi.Output[Optional[int]]:
1100
+ def min_encryption_version(self) -> pulumi.Output[Optional[builtins.int]]:
1100
1101
  """
1101
1102
  Minimum key version to use for encryption
1102
1103
  """
@@ -1104,7 +1105,7 @@ class SecretBackendKey(pulumi.CustomResource):
1104
1105
 
1105
1106
  @property
1106
1107
  @pulumi.getter
1107
- def name(self) -> pulumi.Output[str]:
1108
+ def name(self) -> pulumi.Output[builtins.str]:
1108
1109
  """
1109
1110
  The name to identify this key within the backend. Must be unique within the backend.
1110
1111
  """
@@ -1112,7 +1113,7 @@ class SecretBackendKey(pulumi.CustomResource):
1112
1113
 
1113
1114
  @property
1114
1115
  @pulumi.getter
1115
- def namespace(self) -> pulumi.Output[Optional[str]]:
1116
+ def namespace(self) -> pulumi.Output[Optional[builtins.str]]:
1116
1117
  """
1117
1118
  The namespace to provision the resource in.
1118
1119
  The value should not contain leading or trailing forward slashes.
@@ -1123,7 +1124,7 @@ class SecretBackendKey(pulumi.CustomResource):
1123
1124
 
1124
1125
  @property
1125
1126
  @pulumi.getter(name="parameterSet")
1126
- def parameter_set(self) -> pulumi.Output[Optional[str]]:
1127
+ def parameter_set(self) -> pulumi.Output[Optional[builtins.str]]:
1127
1128
  """
1128
1129
  The parameter set to use for ML-DSA. Required for
1129
1130
  ML-DSA and hybrid keys. Valid values are `44`, `65`, and `87`.
@@ -1132,7 +1133,7 @@ class SecretBackendKey(pulumi.CustomResource):
1132
1133
 
1133
1134
  @property
1134
1135
  @pulumi.getter(name="supportsDecryption")
1135
- def supports_decryption(self) -> pulumi.Output[bool]:
1136
+ def supports_decryption(self) -> pulumi.Output[builtins.bool]:
1136
1137
  """
1137
1138
  Whether or not the key supports decryption, based on key type.
1138
1139
  """
@@ -1140,7 +1141,7 @@ class SecretBackendKey(pulumi.CustomResource):
1140
1141
 
1141
1142
  @property
1142
1143
  @pulumi.getter(name="supportsDerivation")
1143
- def supports_derivation(self) -> pulumi.Output[bool]:
1144
+ def supports_derivation(self) -> pulumi.Output[builtins.bool]:
1144
1145
  """
1145
1146
  Whether or not the key supports derivation, based on key type.
1146
1147
  """
@@ -1148,7 +1149,7 @@ class SecretBackendKey(pulumi.CustomResource):
1148
1149
 
1149
1150
  @property
1150
1151
  @pulumi.getter(name="supportsEncryption")
1151
- def supports_encryption(self) -> pulumi.Output[bool]:
1152
+ def supports_encryption(self) -> pulumi.Output[builtins.bool]:
1152
1153
  """
1153
1154
  Whether or not the key supports encryption, based on key type.
1154
1155
  """
@@ -1156,7 +1157,7 @@ class SecretBackendKey(pulumi.CustomResource):
1156
1157
 
1157
1158
  @property
1158
1159
  @pulumi.getter(name="supportsSigning")
1159
- def supports_signing(self) -> pulumi.Output[bool]:
1160
+ def supports_signing(self) -> pulumi.Output[builtins.bool]:
1160
1161
  """
1161
1162
  Whether or not the key supports signing, based on key type.
1162
1163
  """
@@ -1164,7 +1165,7 @@ class SecretBackendKey(pulumi.CustomResource):
1164
1165
 
1165
1166
  @property
1166
1167
  @pulumi.getter
1167
- def type(self) -> pulumi.Output[Optional[str]]:
1168
+ def type(self) -> pulumi.Output[Optional[builtins.str]]:
1168
1169
  """
1169
1170
  Specifies the type of key to create. The currently-supported types are: `aes128-gcm96`, `aes256-gcm96` (default), `chacha20-poly1305`, `ed25519`, `ecdsa-p256`, `ecdsa-p384`, `ecdsa-p521`, `hmac`, `rsa-2048`, `rsa-3072` and `rsa-4096`.
1170
1171
  * Refer to the Vault documentation on transit key types for more information: [Key Types](https://www.vaultproject.io/docs/secrets/transit#key-types)