pulumi-vault 6.7.0a1743576047__py3-none-any.whl → 6.7.0a1744267302__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (264) hide show
  1. pulumi_vault/__init__.py +1 -0
  2. pulumi_vault/_inputs.py +554 -553
  3. pulumi_vault/ad/__init__.py +1 -0
  4. pulumi_vault/ad/get_access_credentials.py +20 -19
  5. pulumi_vault/ad/secret_backend.py +477 -476
  6. pulumi_vault/ad/secret_library.py +99 -98
  7. pulumi_vault/ad/secret_role.py +85 -84
  8. pulumi_vault/alicloud/__init__.py +1 -0
  9. pulumi_vault/alicloud/auth_backend_role.py +183 -182
  10. pulumi_vault/approle/__init__.py +1 -0
  11. pulumi_vault/approle/auth_backend_login.py +106 -105
  12. pulumi_vault/approle/auth_backend_role.py +239 -238
  13. pulumi_vault/approle/auth_backend_role_secret_id.py +162 -161
  14. pulumi_vault/approle/get_auth_backend_role_id.py +18 -17
  15. pulumi_vault/audit.py +85 -84
  16. pulumi_vault/audit_request_header.py +43 -42
  17. pulumi_vault/auth_backend.py +106 -105
  18. pulumi_vault/aws/__init__.py +1 -0
  19. pulumi_vault/aws/auth_backend_cert.py +71 -70
  20. pulumi_vault/aws/auth_backend_client.py +253 -252
  21. pulumi_vault/aws/auth_backend_config_identity.py +85 -84
  22. pulumi_vault/aws/auth_backend_identity_whitelist.py +57 -56
  23. pulumi_vault/aws/auth_backend_login.py +209 -208
  24. pulumi_vault/aws/auth_backend_role.py +400 -399
  25. pulumi_vault/aws/auth_backend_role_tag.py +127 -126
  26. pulumi_vault/aws/auth_backend_roletag_blacklist.py +57 -56
  27. pulumi_vault/aws/auth_backend_sts_role.py +71 -70
  28. pulumi_vault/aws/get_access_credentials.py +44 -43
  29. pulumi_vault/aws/get_static_access_credentials.py +13 -12
  30. pulumi_vault/aws/secret_backend.py +337 -336
  31. pulumi_vault/aws/secret_backend_role.py +211 -210
  32. pulumi_vault/aws/secret_backend_static_role.py +113 -112
  33. pulumi_vault/azure/__init__.py +1 -0
  34. pulumi_vault/azure/_inputs.py +21 -20
  35. pulumi_vault/azure/auth_backend_config.py +183 -182
  36. pulumi_vault/azure/auth_backend_role.py +253 -252
  37. pulumi_vault/azure/backend.py +239 -238
  38. pulumi_vault/azure/backend_role.py +141 -140
  39. pulumi_vault/azure/get_access_credentials.py +58 -57
  40. pulumi_vault/azure/outputs.py +11 -10
  41. pulumi_vault/cert_auth_backend_role.py +365 -364
  42. pulumi_vault/config/__init__.py +1 -0
  43. pulumi_vault/config/__init__.pyi +1 -0
  44. pulumi_vault/config/_inputs.py +11 -10
  45. pulumi_vault/config/outputs.py +287 -286
  46. pulumi_vault/config/ui_custom_message.py +113 -112
  47. pulumi_vault/config/vars.py +1 -0
  48. pulumi_vault/consul/__init__.py +1 -0
  49. pulumi_vault/consul/secret_backend.py +197 -196
  50. pulumi_vault/consul/secret_backend_role.py +183 -182
  51. pulumi_vault/database/__init__.py +1 -0
  52. pulumi_vault/database/_inputs.py +2525 -2524
  53. pulumi_vault/database/outputs.py +1529 -1528
  54. pulumi_vault/database/secret_backend_connection.py +169 -168
  55. pulumi_vault/database/secret_backend_role.py +169 -168
  56. pulumi_vault/database/secret_backend_static_role.py +179 -178
  57. pulumi_vault/database/secrets_mount.py +267 -266
  58. pulumi_vault/egp_policy.py +71 -70
  59. pulumi_vault/gcp/__init__.py +1 -0
  60. pulumi_vault/gcp/_inputs.py +82 -81
  61. pulumi_vault/gcp/auth_backend.py +260 -259
  62. pulumi_vault/gcp/auth_backend_role.py +281 -280
  63. pulumi_vault/gcp/get_auth_backend_role.py +70 -69
  64. pulumi_vault/gcp/outputs.py +50 -49
  65. pulumi_vault/gcp/secret_backend.py +232 -231
  66. pulumi_vault/gcp/secret_impersonated_account.py +92 -91
  67. pulumi_vault/gcp/secret_roleset.py +92 -91
  68. pulumi_vault/gcp/secret_static_account.py +92 -91
  69. pulumi_vault/generic/__init__.py +1 -0
  70. pulumi_vault/generic/endpoint.py +113 -112
  71. pulumi_vault/generic/get_secret.py +28 -27
  72. pulumi_vault/generic/secret.py +78 -77
  73. pulumi_vault/get_auth_backend.py +19 -18
  74. pulumi_vault/get_auth_backends.py +14 -13
  75. pulumi_vault/get_namespace.py +15 -14
  76. pulumi_vault/get_namespaces.py +8 -7
  77. pulumi_vault/get_nomad_access_token.py +19 -18
  78. pulumi_vault/get_policy_document.py +6 -5
  79. pulumi_vault/get_raft_autopilot_state.py +18 -17
  80. pulumi_vault/github/__init__.py +1 -0
  81. pulumi_vault/github/_inputs.py +42 -41
  82. pulumi_vault/github/auth_backend.py +232 -231
  83. pulumi_vault/github/outputs.py +26 -25
  84. pulumi_vault/github/team.py +57 -56
  85. pulumi_vault/github/user.py +57 -56
  86. pulumi_vault/identity/__init__.py +1 -0
  87. pulumi_vault/identity/entity.py +85 -84
  88. pulumi_vault/identity/entity_alias.py +71 -70
  89. pulumi_vault/identity/entity_policies.py +64 -63
  90. pulumi_vault/identity/get_entity.py +43 -42
  91. pulumi_vault/identity/get_group.py +50 -49
  92. pulumi_vault/identity/get_oidc_client_creds.py +14 -13
  93. pulumi_vault/identity/get_oidc_openid_config.py +24 -23
  94. pulumi_vault/identity/get_oidc_public_keys.py +13 -12
  95. pulumi_vault/identity/group.py +141 -140
  96. pulumi_vault/identity/group_alias.py +57 -56
  97. pulumi_vault/identity/group_member_entity_ids.py +57 -56
  98. pulumi_vault/identity/group_member_group_ids.py +57 -56
  99. pulumi_vault/identity/group_policies.py +64 -63
  100. pulumi_vault/identity/mfa_duo.py +148 -147
  101. pulumi_vault/identity/mfa_login_enforcement.py +120 -119
  102. pulumi_vault/identity/mfa_okta.py +134 -133
  103. pulumi_vault/identity/mfa_pingid.py +127 -126
  104. pulumi_vault/identity/mfa_totp.py +176 -175
  105. pulumi_vault/identity/oidc.py +29 -28
  106. pulumi_vault/identity/oidc_assignment.py +57 -56
  107. pulumi_vault/identity/oidc_client.py +127 -126
  108. pulumi_vault/identity/oidc_key.py +85 -84
  109. pulumi_vault/identity/oidc_key_allowed_client_id.py +43 -42
  110. pulumi_vault/identity/oidc_provider.py +92 -91
  111. pulumi_vault/identity/oidc_role.py +85 -84
  112. pulumi_vault/identity/oidc_scope.py +57 -56
  113. pulumi_vault/identity/outputs.py +32 -31
  114. pulumi_vault/jwt/__init__.py +1 -0
  115. pulumi_vault/jwt/_inputs.py +42 -41
  116. pulumi_vault/jwt/auth_backend.py +288 -287
  117. pulumi_vault/jwt/auth_backend_role.py +407 -406
  118. pulumi_vault/jwt/outputs.py +26 -25
  119. pulumi_vault/kmip/__init__.py +1 -0
  120. pulumi_vault/kmip/secret_backend.py +183 -182
  121. pulumi_vault/kmip/secret_role.py +295 -294
  122. pulumi_vault/kmip/secret_scope.py +57 -56
  123. pulumi_vault/kubernetes/__init__.py +1 -0
  124. pulumi_vault/kubernetes/auth_backend_config.py +141 -140
  125. pulumi_vault/kubernetes/auth_backend_role.py +225 -224
  126. pulumi_vault/kubernetes/get_auth_backend_config.py +47 -46
  127. pulumi_vault/kubernetes/get_auth_backend_role.py +70 -69
  128. pulumi_vault/kubernetes/get_service_account_token.py +38 -37
  129. pulumi_vault/kubernetes/secret_backend.py +316 -315
  130. pulumi_vault/kubernetes/secret_backend_role.py +197 -196
  131. pulumi_vault/kv/__init__.py +1 -0
  132. pulumi_vault/kv/_inputs.py +21 -20
  133. pulumi_vault/kv/get_secret.py +17 -16
  134. pulumi_vault/kv/get_secret_subkeys_v2.py +30 -29
  135. pulumi_vault/kv/get_secret_v2.py +29 -28
  136. pulumi_vault/kv/get_secrets_list.py +13 -12
  137. pulumi_vault/kv/get_secrets_list_v2.py +19 -18
  138. pulumi_vault/kv/outputs.py +13 -12
  139. pulumi_vault/kv/secret.py +50 -49
  140. pulumi_vault/kv/secret_backend_v2.py +71 -70
  141. pulumi_vault/kv/secret_v2.py +134 -133
  142. pulumi_vault/ldap/__init__.py +1 -0
  143. pulumi_vault/ldap/auth_backend.py +588 -587
  144. pulumi_vault/ldap/auth_backend_group.py +57 -56
  145. pulumi_vault/ldap/auth_backend_user.py +71 -70
  146. pulumi_vault/ldap/get_dynamic_credentials.py +17 -16
  147. pulumi_vault/ldap/get_static_credentials.py +18 -17
  148. pulumi_vault/ldap/secret_backend.py +554 -553
  149. pulumi_vault/ldap/secret_backend_dynamic_role.py +127 -126
  150. pulumi_vault/ldap/secret_backend_library_set.py +99 -98
  151. pulumi_vault/ldap/secret_backend_static_role.py +99 -98
  152. pulumi_vault/managed/__init__.py +1 -0
  153. pulumi_vault/managed/_inputs.py +229 -228
  154. pulumi_vault/managed/keys.py +15 -14
  155. pulumi_vault/managed/outputs.py +139 -138
  156. pulumi_vault/mfa_duo.py +113 -112
  157. pulumi_vault/mfa_okta.py +113 -112
  158. pulumi_vault/mfa_pingid.py +120 -119
  159. pulumi_vault/mfa_totp.py +127 -126
  160. pulumi_vault/mongodbatlas/__init__.py +1 -0
  161. pulumi_vault/mongodbatlas/secret_backend.py +64 -63
  162. pulumi_vault/mongodbatlas/secret_role.py +155 -154
  163. pulumi_vault/mount.py +274 -273
  164. pulumi_vault/namespace.py +64 -63
  165. pulumi_vault/nomad_secret_backend.py +211 -210
  166. pulumi_vault/nomad_secret_role.py +85 -84
  167. pulumi_vault/okta/__init__.py +1 -0
  168. pulumi_vault/okta/_inputs.py +26 -25
  169. pulumi_vault/okta/auth_backend.py +274 -273
  170. pulumi_vault/okta/auth_backend_group.py +57 -56
  171. pulumi_vault/okta/auth_backend_user.py +71 -70
  172. pulumi_vault/okta/outputs.py +16 -15
  173. pulumi_vault/outputs.py +56 -55
  174. pulumi_vault/password_policy.py +43 -42
  175. pulumi_vault/pkisecret/__init__.py +1 -0
  176. pulumi_vault/pkisecret/_inputs.py +31 -30
  177. pulumi_vault/pkisecret/backend_acme_eab.py +92 -91
  178. pulumi_vault/pkisecret/backend_config_acme.py +141 -140
  179. pulumi_vault/pkisecret/backend_config_auto_tidy.py +323 -322
  180. pulumi_vault/pkisecret/backend_config_cluster.py +57 -56
  181. pulumi_vault/pkisecret/backend_config_cmpv2.py +106 -105
  182. pulumi_vault/pkisecret/backend_config_est.py +120 -119
  183. pulumi_vault/pkisecret/get_backend_cert_metadata.py +22 -21
  184. pulumi_vault/pkisecret/get_backend_config_cmpv2.py +22 -21
  185. pulumi_vault/pkisecret/get_backend_config_est.py +19 -18
  186. pulumi_vault/pkisecret/get_backend_issuer.py +45 -44
  187. pulumi_vault/pkisecret/get_backend_issuers.py +15 -14
  188. pulumi_vault/pkisecret/get_backend_key.py +20 -19
  189. pulumi_vault/pkisecret/get_backend_keys.py +15 -14
  190. pulumi_vault/pkisecret/outputs.py +28 -27
  191. pulumi_vault/pkisecret/secret_backend_cert.py +337 -336
  192. pulumi_vault/pkisecret/secret_backend_config_ca.py +43 -42
  193. pulumi_vault/pkisecret/secret_backend_config_issuers.py +57 -56
  194. pulumi_vault/pkisecret/secret_backend_config_urls.py +85 -84
  195. pulumi_vault/pkisecret/secret_backend_crl_config.py +197 -196
  196. pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +421 -420
  197. pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +57 -56
  198. pulumi_vault/pkisecret/secret_backend_issuer.py +232 -231
  199. pulumi_vault/pkisecret/secret_backend_key.py +120 -119
  200. pulumi_vault/pkisecret/secret_backend_role.py +715 -714
  201. pulumi_vault/pkisecret/secret_backend_root_cert.py +554 -553
  202. pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +526 -525
  203. pulumi_vault/pkisecret/secret_backend_sign.py +281 -280
  204. pulumi_vault/plugin.py +127 -126
  205. pulumi_vault/plugin_pinned_version.py +43 -42
  206. pulumi_vault/policy.py +43 -42
  207. pulumi_vault/provider.py +120 -119
  208. pulumi_vault/pulumi-plugin.json +1 -1
  209. pulumi_vault/quota_lease_count.py +85 -84
  210. pulumi_vault/quota_rate_limit.py +113 -112
  211. pulumi_vault/rabbitmq/__init__.py +1 -0
  212. pulumi_vault/rabbitmq/_inputs.py +41 -40
  213. pulumi_vault/rabbitmq/outputs.py +25 -24
  214. pulumi_vault/rabbitmq/secret_backend.py +169 -168
  215. pulumi_vault/rabbitmq/secret_backend_role.py +57 -56
  216. pulumi_vault/raft_autopilot.py +113 -112
  217. pulumi_vault/raft_snapshot_agent_config.py +393 -392
  218. pulumi_vault/rgp_policy.py +57 -56
  219. pulumi_vault/saml/__init__.py +1 -0
  220. pulumi_vault/saml/auth_backend.py +155 -154
  221. pulumi_vault/saml/auth_backend_role.py +239 -238
  222. pulumi_vault/secrets/__init__.py +1 -0
  223. pulumi_vault/secrets/_inputs.py +16 -15
  224. pulumi_vault/secrets/outputs.py +10 -9
  225. pulumi_vault/secrets/sync_association.py +71 -70
  226. pulumi_vault/secrets/sync_aws_destination.py +148 -147
  227. pulumi_vault/secrets/sync_azure_destination.py +148 -147
  228. pulumi_vault/secrets/sync_config.py +43 -42
  229. pulumi_vault/secrets/sync_gcp_destination.py +106 -105
  230. pulumi_vault/secrets/sync_gh_destination.py +134 -133
  231. pulumi_vault/secrets/sync_github_apps.py +64 -63
  232. pulumi_vault/secrets/sync_vercel_destination.py +120 -119
  233. pulumi_vault/ssh/__init__.py +1 -0
  234. pulumi_vault/ssh/_inputs.py +11 -10
  235. pulumi_vault/ssh/get_secret_backend_sign.py +52 -51
  236. pulumi_vault/ssh/outputs.py +7 -6
  237. pulumi_vault/ssh/secret_backend_ca.py +99 -98
  238. pulumi_vault/ssh/secret_backend_role.py +365 -364
  239. pulumi_vault/terraformcloud/__init__.py +1 -0
  240. pulumi_vault/terraformcloud/secret_backend.py +111 -110
  241. pulumi_vault/terraformcloud/secret_creds.py +74 -73
  242. pulumi_vault/terraformcloud/secret_role.py +93 -92
  243. pulumi_vault/token.py +246 -245
  244. pulumi_vault/tokenauth/__init__.py +1 -0
  245. pulumi_vault/tokenauth/auth_backend_role.py +267 -266
  246. pulumi_vault/transform/__init__.py +1 -0
  247. pulumi_vault/transform/alphabet.py +57 -56
  248. pulumi_vault/transform/get_decode.py +47 -46
  249. pulumi_vault/transform/get_encode.py +47 -46
  250. pulumi_vault/transform/role.py +57 -56
  251. pulumi_vault/transform/template.py +113 -112
  252. pulumi_vault/transform/transformation.py +141 -140
  253. pulumi_vault/transit/__init__.py +1 -0
  254. pulumi_vault/transit/get_decrypt.py +18 -17
  255. pulumi_vault/transit/get_encrypt.py +21 -20
  256. pulumi_vault/transit/get_sign.py +54 -53
  257. pulumi_vault/transit/get_verify.py +60 -59
  258. pulumi_vault/transit/secret_backend_key.py +274 -273
  259. pulumi_vault/transit/secret_cache_config.py +43 -42
  260. {pulumi_vault-6.7.0a1743576047.dist-info → pulumi_vault-6.7.0a1744267302.dist-info}/METADATA +1 -1
  261. pulumi_vault-6.7.0a1744267302.dist-info/RECORD +265 -0
  262. pulumi_vault-6.7.0a1743576047.dist-info/RECORD +0 -265
  263. {pulumi_vault-6.7.0a1743576047.dist-info → pulumi_vault-6.7.0a1744267302.dist-info}/WHEEL +0 -0
  264. {pulumi_vault-6.7.0a1743576047.dist-info → pulumi_vault-6.7.0a1744267302.dist-info}/top_level.txt +0 -0
@@ -2,6 +2,7 @@
2
2
  # *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
3
3
  # *** Do not edit by hand unless you're certain you know what you are doing! ***
4
4
 
5
+ import builtins
5
6
  import copy
6
7
  import warnings
7
8
  import sys
@@ -19,68 +20,68 @@ __all__ = ['SecretBackendArgs', 'SecretBackend']
19
20
  @pulumi.input_type
20
21
  class SecretBackendArgs:
21
22
  def __init__(__self__, *,
22
- access_key: Optional[pulumi.Input[str]] = None,
23
- default_lease_ttl_seconds: Optional[pulumi.Input[int]] = None,
24
- description: Optional[pulumi.Input[str]] = None,
25
- disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
26
- disable_remount: Optional[pulumi.Input[bool]] = None,
27
- iam_endpoint: Optional[pulumi.Input[str]] = None,
28
- identity_token_audience: Optional[pulumi.Input[str]] = None,
29
- identity_token_key: Optional[pulumi.Input[str]] = None,
30
- identity_token_ttl: Optional[pulumi.Input[int]] = None,
31
- local: Optional[pulumi.Input[bool]] = None,
32
- max_lease_ttl_seconds: Optional[pulumi.Input[int]] = None,
33
- namespace: Optional[pulumi.Input[str]] = None,
34
- path: Optional[pulumi.Input[str]] = None,
35
- region: Optional[pulumi.Input[str]] = None,
36
- role_arn: Optional[pulumi.Input[str]] = None,
37
- rotation_period: Optional[pulumi.Input[int]] = None,
38
- rotation_schedule: Optional[pulumi.Input[str]] = None,
39
- rotation_window: Optional[pulumi.Input[int]] = None,
40
- secret_key: Optional[pulumi.Input[str]] = None,
41
- sts_endpoint: Optional[pulumi.Input[str]] = None,
42
- sts_fallback_endpoints: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
43
- sts_fallback_regions: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
44
- sts_region: Optional[pulumi.Input[str]] = None,
45
- username_template: Optional[pulumi.Input[str]] = None):
23
+ access_key: Optional[pulumi.Input[builtins.str]] = None,
24
+ default_lease_ttl_seconds: Optional[pulumi.Input[builtins.int]] = None,
25
+ description: Optional[pulumi.Input[builtins.str]] = None,
26
+ disable_automated_rotation: Optional[pulumi.Input[builtins.bool]] = None,
27
+ disable_remount: Optional[pulumi.Input[builtins.bool]] = None,
28
+ iam_endpoint: Optional[pulumi.Input[builtins.str]] = None,
29
+ identity_token_audience: Optional[pulumi.Input[builtins.str]] = None,
30
+ identity_token_key: Optional[pulumi.Input[builtins.str]] = None,
31
+ identity_token_ttl: Optional[pulumi.Input[builtins.int]] = None,
32
+ local: Optional[pulumi.Input[builtins.bool]] = None,
33
+ max_lease_ttl_seconds: Optional[pulumi.Input[builtins.int]] = None,
34
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
35
+ path: Optional[pulumi.Input[builtins.str]] = None,
36
+ region: Optional[pulumi.Input[builtins.str]] = None,
37
+ role_arn: Optional[pulumi.Input[builtins.str]] = None,
38
+ rotation_period: Optional[pulumi.Input[builtins.int]] = None,
39
+ rotation_schedule: Optional[pulumi.Input[builtins.str]] = None,
40
+ rotation_window: Optional[pulumi.Input[builtins.int]] = None,
41
+ secret_key: Optional[pulumi.Input[builtins.str]] = None,
42
+ sts_endpoint: Optional[pulumi.Input[builtins.str]] = None,
43
+ sts_fallback_endpoints: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
44
+ sts_fallback_regions: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
45
+ sts_region: Optional[pulumi.Input[builtins.str]] = None,
46
+ username_template: Optional[pulumi.Input[builtins.str]] = None):
46
47
  """
47
48
  The set of arguments for constructing a SecretBackend resource.
48
- :param pulumi.Input[str] access_key: The AWS Access Key ID this backend should use to
49
+ :param pulumi.Input[builtins.str] access_key: The AWS Access Key ID this backend should use to
49
50
  issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials.
50
- :param pulumi.Input[int] default_lease_ttl_seconds: The default TTL for credentials
51
+ :param pulumi.Input[builtins.int] default_lease_ttl_seconds: The default TTL for credentials
51
52
  issued by this backend.
52
- :param pulumi.Input[str] description: A human-friendly description for this backend.
53
- :param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
54
- :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
53
+ :param pulumi.Input[builtins.str] description: A human-friendly description for this backend.
54
+ :param pulumi.Input[builtins.bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
55
+ :param pulumi.Input[builtins.bool] disable_remount: If set, opts out of mount migration on path updates.
55
56
  See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
56
- :param pulumi.Input[str] iam_endpoint: Specifies a custom HTTP IAM endpoint to use.
57
- :param pulumi.Input[str] identity_token_audience: The audience claim value. Requires Vault 1.16+.
58
- :param pulumi.Input[str] identity_token_key: The key to use for signing identity tokens. Requires Vault 1.16+.
59
- :param pulumi.Input[int] identity_token_ttl: The TTL of generated identity tokens in seconds. Requires Vault 1.16+.
60
- :param pulumi.Input[bool] local: Specifies whether the secrets mount will be marked as local. Local mounts are not replicated to performance replicas.
61
- :param pulumi.Input[int] max_lease_ttl_seconds: The maximum TTL that can be requested
57
+ :param pulumi.Input[builtins.str] iam_endpoint: Specifies a custom HTTP IAM endpoint to use.
58
+ :param pulumi.Input[builtins.str] identity_token_audience: The audience claim value. Requires Vault 1.16+.
59
+ :param pulumi.Input[builtins.str] identity_token_key: The key to use for signing identity tokens. Requires Vault 1.16+.
60
+ :param pulumi.Input[builtins.int] identity_token_ttl: The TTL of generated identity tokens in seconds. Requires Vault 1.16+.
61
+ :param pulumi.Input[builtins.bool] local: Specifies whether the secrets mount will be marked as local. Local mounts are not replicated to performance replicas.
62
+ :param pulumi.Input[builtins.int] max_lease_ttl_seconds: The maximum TTL that can be requested
62
63
  for credentials issued by this backend.
63
- :param pulumi.Input[str] namespace: The namespace to provision the resource in.
64
+ :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
64
65
  The value should not contain leading or trailing forward slashes.
65
66
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
66
67
  *Available only for Vault Enterprise*.
67
- :param pulumi.Input[str] path: The unique path this backend should be mounted at. Must
68
+ :param pulumi.Input[builtins.str] path: The unique path this backend should be mounted at. Must
68
69
  not begin or end with a `/`. Defaults to `aws`.
69
- :param pulumi.Input[str] region: The AWS region to make API calls against. Defaults to us-east-1.
70
- :param pulumi.Input[str] role_arn: Role ARN to assume for plugin identity token federation. Requires Vault 1.16+.
71
- :param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
70
+ :param pulumi.Input[builtins.str] region: The AWS region to make API calls against. Defaults to us-east-1.
71
+ :param pulumi.Input[builtins.str] role_arn: Role ARN to assume for plugin identity token federation. Requires Vault 1.16+.
72
+ :param pulumi.Input[builtins.int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
72
73
  A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
73
- :param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
74
+ :param pulumi.Input[builtins.str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
74
75
  defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
75
- :param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
76
+ :param pulumi.Input[builtins.int] rotation_window: The maximum amount of time in seconds allowed to complete
76
77
  a rotation when a scheduled token rotation occurs. The default rotation window is
77
78
  unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
78
- :param pulumi.Input[str] secret_key: The AWS Secret Access Key to use when generating new credentials.
79
- :param pulumi.Input[str] sts_endpoint: Specifies a custom HTTP STS endpoint to use.
80
- :param pulumi.Input[Sequence[pulumi.Input[str]]] sts_fallback_endpoints: Ordered list of `sts_endpoint`s to try if the defined one fails. Requires Vault 1.19+
81
- :param pulumi.Input[Sequence[pulumi.Input[str]]] sts_fallback_regions: Ordered list of `sts_region`s matching the fallback endpoints. Should correspond in order with those endpoints. Requires Vault 1.19+
82
- :param pulumi.Input[str] sts_region: Specifies the region of the STS endpoint. Should be included if `sts_endpoint` is supplied. Requires Vault 1.19+
83
- :param pulumi.Input[str] username_template: Template describing how dynamic usernames are generated. The username template is used to generate both IAM usernames (capped at 64 characters) and STS usernames (capped at 32 characters). If no template is provided the field defaults to the template:
79
+ :param pulumi.Input[builtins.str] secret_key: The AWS Secret Access Key to use when generating new credentials.
80
+ :param pulumi.Input[builtins.str] sts_endpoint: Specifies a custom HTTP STS endpoint to use.
81
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] sts_fallback_endpoints: Ordered list of `sts_endpoint`s to try if the defined one fails. Requires Vault 1.19+
82
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] sts_fallback_regions: Ordered list of `sts_region`s matching the fallback endpoints. Should correspond in order with those endpoints. Requires Vault 1.19+
83
+ :param pulumi.Input[builtins.str] sts_region: Specifies the region of the STS endpoint. Should be included if `sts_endpoint` is supplied. Requires Vault 1.19+
84
+ :param pulumi.Input[builtins.str] username_template: Template describing how dynamic usernames are generated. The username template is used to generate both IAM usernames (capped at 64 characters) and STS usernames (capped at 32 characters). If no template is provided the field defaults to the template:
84
85
 
85
86
  ```
86
87
  {{ if (eq .Type "STS") }}
@@ -142,7 +143,7 @@ class SecretBackendArgs:
142
143
 
143
144
  @property
144
145
  @pulumi.getter(name="accessKey")
145
- def access_key(self) -> Optional[pulumi.Input[str]]:
146
+ def access_key(self) -> Optional[pulumi.Input[builtins.str]]:
146
147
  """
147
148
  The AWS Access Key ID this backend should use to
148
149
  issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials.
@@ -150,12 +151,12 @@ class SecretBackendArgs:
150
151
  return pulumi.get(self, "access_key")
151
152
 
152
153
  @access_key.setter
153
- def access_key(self, value: Optional[pulumi.Input[str]]):
154
+ def access_key(self, value: Optional[pulumi.Input[builtins.str]]):
154
155
  pulumi.set(self, "access_key", value)
155
156
 
156
157
  @property
157
158
  @pulumi.getter(name="defaultLeaseTtlSeconds")
158
- def default_lease_ttl_seconds(self) -> Optional[pulumi.Input[int]]:
159
+ def default_lease_ttl_seconds(self) -> Optional[pulumi.Input[builtins.int]]:
159
160
  """
160
161
  The default TTL for credentials
161
162
  issued by this backend.
@@ -163,36 +164,36 @@ class SecretBackendArgs:
163
164
  return pulumi.get(self, "default_lease_ttl_seconds")
164
165
 
165
166
  @default_lease_ttl_seconds.setter
166
- def default_lease_ttl_seconds(self, value: Optional[pulumi.Input[int]]):
167
+ def default_lease_ttl_seconds(self, value: Optional[pulumi.Input[builtins.int]]):
167
168
  pulumi.set(self, "default_lease_ttl_seconds", value)
168
169
 
169
170
  @property
170
171
  @pulumi.getter
171
- def description(self) -> Optional[pulumi.Input[str]]:
172
+ def description(self) -> Optional[pulumi.Input[builtins.str]]:
172
173
  """
173
174
  A human-friendly description for this backend.
174
175
  """
175
176
  return pulumi.get(self, "description")
176
177
 
177
178
  @description.setter
178
- def description(self, value: Optional[pulumi.Input[str]]):
179
+ def description(self, value: Optional[pulumi.Input[builtins.str]]):
179
180
  pulumi.set(self, "description", value)
180
181
 
181
182
  @property
182
183
  @pulumi.getter(name="disableAutomatedRotation")
183
- def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
184
+ def disable_automated_rotation(self) -> Optional[pulumi.Input[builtins.bool]]:
184
185
  """
185
186
  Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
186
187
  """
187
188
  return pulumi.get(self, "disable_automated_rotation")
188
189
 
189
190
  @disable_automated_rotation.setter
190
- def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
191
+ def disable_automated_rotation(self, value: Optional[pulumi.Input[builtins.bool]]):
191
192
  pulumi.set(self, "disable_automated_rotation", value)
192
193
 
193
194
  @property
194
195
  @pulumi.getter(name="disableRemount")
195
- def disable_remount(self) -> Optional[pulumi.Input[bool]]:
196
+ def disable_remount(self) -> Optional[pulumi.Input[builtins.bool]]:
196
197
  """
197
198
  If set, opts out of mount migration on path updates.
198
199
  See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
@@ -200,72 +201,72 @@ class SecretBackendArgs:
200
201
  return pulumi.get(self, "disable_remount")
201
202
 
202
203
  @disable_remount.setter
203
- def disable_remount(self, value: Optional[pulumi.Input[bool]]):
204
+ def disable_remount(self, value: Optional[pulumi.Input[builtins.bool]]):
204
205
  pulumi.set(self, "disable_remount", value)
205
206
 
206
207
  @property
207
208
  @pulumi.getter(name="iamEndpoint")
208
- def iam_endpoint(self) -> Optional[pulumi.Input[str]]:
209
+ def iam_endpoint(self) -> Optional[pulumi.Input[builtins.str]]:
209
210
  """
210
211
  Specifies a custom HTTP IAM endpoint to use.
211
212
  """
212
213
  return pulumi.get(self, "iam_endpoint")
213
214
 
214
215
  @iam_endpoint.setter
215
- def iam_endpoint(self, value: Optional[pulumi.Input[str]]):
216
+ def iam_endpoint(self, value: Optional[pulumi.Input[builtins.str]]):
216
217
  pulumi.set(self, "iam_endpoint", value)
217
218
 
218
219
  @property
219
220
  @pulumi.getter(name="identityTokenAudience")
220
- def identity_token_audience(self) -> Optional[pulumi.Input[str]]:
221
+ def identity_token_audience(self) -> Optional[pulumi.Input[builtins.str]]:
221
222
  """
222
223
  The audience claim value. Requires Vault 1.16+.
223
224
  """
224
225
  return pulumi.get(self, "identity_token_audience")
225
226
 
226
227
  @identity_token_audience.setter
227
- def identity_token_audience(self, value: Optional[pulumi.Input[str]]):
228
+ def identity_token_audience(self, value: Optional[pulumi.Input[builtins.str]]):
228
229
  pulumi.set(self, "identity_token_audience", value)
229
230
 
230
231
  @property
231
232
  @pulumi.getter(name="identityTokenKey")
232
- def identity_token_key(self) -> Optional[pulumi.Input[str]]:
233
+ def identity_token_key(self) -> Optional[pulumi.Input[builtins.str]]:
233
234
  """
234
235
  The key to use for signing identity tokens. Requires Vault 1.16+.
235
236
  """
236
237
  return pulumi.get(self, "identity_token_key")
237
238
 
238
239
  @identity_token_key.setter
239
- def identity_token_key(self, value: Optional[pulumi.Input[str]]):
240
+ def identity_token_key(self, value: Optional[pulumi.Input[builtins.str]]):
240
241
  pulumi.set(self, "identity_token_key", value)
241
242
 
242
243
  @property
243
244
  @pulumi.getter(name="identityTokenTtl")
244
- def identity_token_ttl(self) -> Optional[pulumi.Input[int]]:
245
+ def identity_token_ttl(self) -> Optional[pulumi.Input[builtins.int]]:
245
246
  """
246
247
  The TTL of generated identity tokens in seconds. Requires Vault 1.16+.
247
248
  """
248
249
  return pulumi.get(self, "identity_token_ttl")
249
250
 
250
251
  @identity_token_ttl.setter
251
- def identity_token_ttl(self, value: Optional[pulumi.Input[int]]):
252
+ def identity_token_ttl(self, value: Optional[pulumi.Input[builtins.int]]):
252
253
  pulumi.set(self, "identity_token_ttl", value)
253
254
 
254
255
  @property
255
256
  @pulumi.getter
256
- def local(self) -> Optional[pulumi.Input[bool]]:
257
+ def local(self) -> Optional[pulumi.Input[builtins.bool]]:
257
258
  """
258
259
  Specifies whether the secrets mount will be marked as local. Local mounts are not replicated to performance replicas.
259
260
  """
260
261
  return pulumi.get(self, "local")
261
262
 
262
263
  @local.setter
263
- def local(self, value: Optional[pulumi.Input[bool]]):
264
+ def local(self, value: Optional[pulumi.Input[builtins.bool]]):
264
265
  pulumi.set(self, "local", value)
265
266
 
266
267
  @property
267
268
  @pulumi.getter(name="maxLeaseTtlSeconds")
268
- def max_lease_ttl_seconds(self) -> Optional[pulumi.Input[int]]:
269
+ def max_lease_ttl_seconds(self) -> Optional[pulumi.Input[builtins.int]]:
269
270
  """
270
271
  The maximum TTL that can be requested
271
272
  for credentials issued by this backend.
@@ -273,12 +274,12 @@ class SecretBackendArgs:
273
274
  return pulumi.get(self, "max_lease_ttl_seconds")
274
275
 
275
276
  @max_lease_ttl_seconds.setter
276
- def max_lease_ttl_seconds(self, value: Optional[pulumi.Input[int]]):
277
+ def max_lease_ttl_seconds(self, value: Optional[pulumi.Input[builtins.int]]):
277
278
  pulumi.set(self, "max_lease_ttl_seconds", value)
278
279
 
279
280
  @property
280
281
  @pulumi.getter
281
- def namespace(self) -> Optional[pulumi.Input[str]]:
282
+ def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
282
283
  """
283
284
  The namespace to provision the resource in.
284
285
  The value should not contain leading or trailing forward slashes.
@@ -288,12 +289,12 @@ class SecretBackendArgs:
288
289
  return pulumi.get(self, "namespace")
289
290
 
290
291
  @namespace.setter
291
- def namespace(self, value: Optional[pulumi.Input[str]]):
292
+ def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
292
293
  pulumi.set(self, "namespace", value)
293
294
 
294
295
  @property
295
296
  @pulumi.getter
296
- def path(self) -> Optional[pulumi.Input[str]]:
297
+ def path(self) -> Optional[pulumi.Input[builtins.str]]:
297
298
  """
298
299
  The unique path this backend should be mounted at. Must
299
300
  not begin or end with a `/`. Defaults to `aws`.
@@ -301,36 +302,36 @@ class SecretBackendArgs:
301
302
  return pulumi.get(self, "path")
302
303
 
303
304
  @path.setter
304
- def path(self, value: Optional[pulumi.Input[str]]):
305
+ def path(self, value: Optional[pulumi.Input[builtins.str]]):
305
306
  pulumi.set(self, "path", value)
306
307
 
307
308
  @property
308
309
  @pulumi.getter
309
- def region(self) -> Optional[pulumi.Input[str]]:
310
+ def region(self) -> Optional[pulumi.Input[builtins.str]]:
310
311
  """
311
312
  The AWS region to make API calls against. Defaults to us-east-1.
312
313
  """
313
314
  return pulumi.get(self, "region")
314
315
 
315
316
  @region.setter
316
- def region(self, value: Optional[pulumi.Input[str]]):
317
+ def region(self, value: Optional[pulumi.Input[builtins.str]]):
317
318
  pulumi.set(self, "region", value)
318
319
 
319
320
  @property
320
321
  @pulumi.getter(name="roleArn")
321
- def role_arn(self) -> Optional[pulumi.Input[str]]:
322
+ def role_arn(self) -> Optional[pulumi.Input[builtins.str]]:
322
323
  """
323
324
  Role ARN to assume for plugin identity token federation. Requires Vault 1.16+.
324
325
  """
325
326
  return pulumi.get(self, "role_arn")
326
327
 
327
328
  @role_arn.setter
328
- def role_arn(self, value: Optional[pulumi.Input[str]]):
329
+ def role_arn(self, value: Optional[pulumi.Input[builtins.str]]):
329
330
  pulumi.set(self, "role_arn", value)
330
331
 
331
332
  @property
332
333
  @pulumi.getter(name="rotationPeriod")
333
- def rotation_period(self) -> Optional[pulumi.Input[int]]:
334
+ def rotation_period(self) -> Optional[pulumi.Input[builtins.int]]:
334
335
  """
335
336
  The amount of time in seconds Vault should wait before rotating the root credential.
336
337
  A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
@@ -338,12 +339,12 @@ class SecretBackendArgs:
338
339
  return pulumi.get(self, "rotation_period")
339
340
 
340
341
  @rotation_period.setter
341
- def rotation_period(self, value: Optional[pulumi.Input[int]]):
342
+ def rotation_period(self, value: Optional[pulumi.Input[builtins.int]]):
342
343
  pulumi.set(self, "rotation_period", value)
343
344
 
344
345
  @property
345
346
  @pulumi.getter(name="rotationSchedule")
346
- def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
347
+ def rotation_schedule(self) -> Optional[pulumi.Input[builtins.str]]:
347
348
  """
348
349
  The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
349
350
  defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
@@ -351,12 +352,12 @@ class SecretBackendArgs:
351
352
  return pulumi.get(self, "rotation_schedule")
352
353
 
353
354
  @rotation_schedule.setter
354
- def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
355
+ def rotation_schedule(self, value: Optional[pulumi.Input[builtins.str]]):
355
356
  pulumi.set(self, "rotation_schedule", value)
356
357
 
357
358
  @property
358
359
  @pulumi.getter(name="rotationWindow")
359
- def rotation_window(self) -> Optional[pulumi.Input[int]]:
360
+ def rotation_window(self) -> Optional[pulumi.Input[builtins.int]]:
360
361
  """
361
362
  The maximum amount of time in seconds allowed to complete
362
363
  a rotation when a scheduled token rotation occurs. The default rotation window is
@@ -365,72 +366,72 @@ class SecretBackendArgs:
365
366
  return pulumi.get(self, "rotation_window")
366
367
 
367
368
  @rotation_window.setter
368
- def rotation_window(self, value: Optional[pulumi.Input[int]]):
369
+ def rotation_window(self, value: Optional[pulumi.Input[builtins.int]]):
369
370
  pulumi.set(self, "rotation_window", value)
370
371
 
371
372
  @property
372
373
  @pulumi.getter(name="secretKey")
373
- def secret_key(self) -> Optional[pulumi.Input[str]]:
374
+ def secret_key(self) -> Optional[pulumi.Input[builtins.str]]:
374
375
  """
375
376
  The AWS Secret Access Key to use when generating new credentials.
376
377
  """
377
378
  return pulumi.get(self, "secret_key")
378
379
 
379
380
  @secret_key.setter
380
- def secret_key(self, value: Optional[pulumi.Input[str]]):
381
+ def secret_key(self, value: Optional[pulumi.Input[builtins.str]]):
381
382
  pulumi.set(self, "secret_key", value)
382
383
 
383
384
  @property
384
385
  @pulumi.getter(name="stsEndpoint")
385
- def sts_endpoint(self) -> Optional[pulumi.Input[str]]:
386
+ def sts_endpoint(self) -> Optional[pulumi.Input[builtins.str]]:
386
387
  """
387
388
  Specifies a custom HTTP STS endpoint to use.
388
389
  """
389
390
  return pulumi.get(self, "sts_endpoint")
390
391
 
391
392
  @sts_endpoint.setter
392
- def sts_endpoint(self, value: Optional[pulumi.Input[str]]):
393
+ def sts_endpoint(self, value: Optional[pulumi.Input[builtins.str]]):
393
394
  pulumi.set(self, "sts_endpoint", value)
394
395
 
395
396
  @property
396
397
  @pulumi.getter(name="stsFallbackEndpoints")
397
- def sts_fallback_endpoints(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
398
+ def sts_fallback_endpoints(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
398
399
  """
399
400
  Ordered list of `sts_endpoint`s to try if the defined one fails. Requires Vault 1.19+
400
401
  """
401
402
  return pulumi.get(self, "sts_fallback_endpoints")
402
403
 
403
404
  @sts_fallback_endpoints.setter
404
- def sts_fallback_endpoints(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
405
+ def sts_fallback_endpoints(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
405
406
  pulumi.set(self, "sts_fallback_endpoints", value)
406
407
 
407
408
  @property
408
409
  @pulumi.getter(name="stsFallbackRegions")
409
- def sts_fallback_regions(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
410
+ def sts_fallback_regions(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
410
411
  """
411
412
  Ordered list of `sts_region`s matching the fallback endpoints. Should correspond in order with those endpoints. Requires Vault 1.19+
412
413
  """
413
414
  return pulumi.get(self, "sts_fallback_regions")
414
415
 
415
416
  @sts_fallback_regions.setter
416
- def sts_fallback_regions(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
417
+ def sts_fallback_regions(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
417
418
  pulumi.set(self, "sts_fallback_regions", value)
418
419
 
419
420
  @property
420
421
  @pulumi.getter(name="stsRegion")
421
- def sts_region(self) -> Optional[pulumi.Input[str]]:
422
+ def sts_region(self) -> Optional[pulumi.Input[builtins.str]]:
422
423
  """
423
424
  Specifies the region of the STS endpoint. Should be included if `sts_endpoint` is supplied. Requires Vault 1.19+
424
425
  """
425
426
  return pulumi.get(self, "sts_region")
426
427
 
427
428
  @sts_region.setter
428
- def sts_region(self, value: Optional[pulumi.Input[str]]):
429
+ def sts_region(self, value: Optional[pulumi.Input[builtins.str]]):
429
430
  pulumi.set(self, "sts_region", value)
430
431
 
431
432
  @property
432
433
  @pulumi.getter(name="usernameTemplate")
433
- def username_template(self) -> Optional[pulumi.Input[str]]:
434
+ def username_template(self) -> Optional[pulumi.Input[builtins.str]]:
434
435
  """
435
436
  Template describing how dynamic usernames are generated. The username template is used to generate both IAM usernames (capped at 64 characters) and STS usernames (capped at 32 characters). If no template is provided the field defaults to the template:
436
437
 
@@ -446,75 +447,75 @@ class SecretBackendArgs:
446
447
  return pulumi.get(self, "username_template")
447
448
 
448
449
  @username_template.setter
449
- def username_template(self, value: Optional[pulumi.Input[str]]):
450
+ def username_template(self, value: Optional[pulumi.Input[builtins.str]]):
450
451
  pulumi.set(self, "username_template", value)
451
452
 
452
453
 
453
454
  @pulumi.input_type
454
455
  class _SecretBackendState:
455
456
  def __init__(__self__, *,
456
- access_key: Optional[pulumi.Input[str]] = None,
457
- default_lease_ttl_seconds: Optional[pulumi.Input[int]] = None,
458
- description: Optional[pulumi.Input[str]] = None,
459
- disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
460
- disable_remount: Optional[pulumi.Input[bool]] = None,
461
- iam_endpoint: Optional[pulumi.Input[str]] = None,
462
- identity_token_audience: Optional[pulumi.Input[str]] = None,
463
- identity_token_key: Optional[pulumi.Input[str]] = None,
464
- identity_token_ttl: Optional[pulumi.Input[int]] = None,
465
- local: Optional[pulumi.Input[bool]] = None,
466
- max_lease_ttl_seconds: Optional[pulumi.Input[int]] = None,
467
- namespace: Optional[pulumi.Input[str]] = None,
468
- path: Optional[pulumi.Input[str]] = None,
469
- region: Optional[pulumi.Input[str]] = None,
470
- role_arn: Optional[pulumi.Input[str]] = None,
471
- rotation_period: Optional[pulumi.Input[int]] = None,
472
- rotation_schedule: Optional[pulumi.Input[str]] = None,
473
- rotation_window: Optional[pulumi.Input[int]] = None,
474
- secret_key: Optional[pulumi.Input[str]] = None,
475
- sts_endpoint: Optional[pulumi.Input[str]] = None,
476
- sts_fallback_endpoints: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
477
- sts_fallback_regions: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
478
- sts_region: Optional[pulumi.Input[str]] = None,
479
- username_template: Optional[pulumi.Input[str]] = None):
457
+ access_key: Optional[pulumi.Input[builtins.str]] = None,
458
+ default_lease_ttl_seconds: Optional[pulumi.Input[builtins.int]] = None,
459
+ description: Optional[pulumi.Input[builtins.str]] = None,
460
+ disable_automated_rotation: Optional[pulumi.Input[builtins.bool]] = None,
461
+ disable_remount: Optional[pulumi.Input[builtins.bool]] = None,
462
+ iam_endpoint: Optional[pulumi.Input[builtins.str]] = None,
463
+ identity_token_audience: Optional[pulumi.Input[builtins.str]] = None,
464
+ identity_token_key: Optional[pulumi.Input[builtins.str]] = None,
465
+ identity_token_ttl: Optional[pulumi.Input[builtins.int]] = None,
466
+ local: Optional[pulumi.Input[builtins.bool]] = None,
467
+ max_lease_ttl_seconds: Optional[pulumi.Input[builtins.int]] = None,
468
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
469
+ path: Optional[pulumi.Input[builtins.str]] = None,
470
+ region: Optional[pulumi.Input[builtins.str]] = None,
471
+ role_arn: Optional[pulumi.Input[builtins.str]] = None,
472
+ rotation_period: Optional[pulumi.Input[builtins.int]] = None,
473
+ rotation_schedule: Optional[pulumi.Input[builtins.str]] = None,
474
+ rotation_window: Optional[pulumi.Input[builtins.int]] = None,
475
+ secret_key: Optional[pulumi.Input[builtins.str]] = None,
476
+ sts_endpoint: Optional[pulumi.Input[builtins.str]] = None,
477
+ sts_fallback_endpoints: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
478
+ sts_fallback_regions: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
479
+ sts_region: Optional[pulumi.Input[builtins.str]] = None,
480
+ username_template: Optional[pulumi.Input[builtins.str]] = None):
480
481
  """
481
482
  Input properties used for looking up and filtering SecretBackend resources.
482
- :param pulumi.Input[str] access_key: The AWS Access Key ID this backend should use to
483
+ :param pulumi.Input[builtins.str] access_key: The AWS Access Key ID this backend should use to
483
484
  issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials.
484
- :param pulumi.Input[int] default_lease_ttl_seconds: The default TTL for credentials
485
+ :param pulumi.Input[builtins.int] default_lease_ttl_seconds: The default TTL for credentials
485
486
  issued by this backend.
486
- :param pulumi.Input[str] description: A human-friendly description for this backend.
487
- :param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
488
- :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
487
+ :param pulumi.Input[builtins.str] description: A human-friendly description for this backend.
488
+ :param pulumi.Input[builtins.bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
489
+ :param pulumi.Input[builtins.bool] disable_remount: If set, opts out of mount migration on path updates.
489
490
  See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
490
- :param pulumi.Input[str] iam_endpoint: Specifies a custom HTTP IAM endpoint to use.
491
- :param pulumi.Input[str] identity_token_audience: The audience claim value. Requires Vault 1.16+.
492
- :param pulumi.Input[str] identity_token_key: The key to use for signing identity tokens. Requires Vault 1.16+.
493
- :param pulumi.Input[int] identity_token_ttl: The TTL of generated identity tokens in seconds. Requires Vault 1.16+.
494
- :param pulumi.Input[bool] local: Specifies whether the secrets mount will be marked as local. Local mounts are not replicated to performance replicas.
495
- :param pulumi.Input[int] max_lease_ttl_seconds: The maximum TTL that can be requested
491
+ :param pulumi.Input[builtins.str] iam_endpoint: Specifies a custom HTTP IAM endpoint to use.
492
+ :param pulumi.Input[builtins.str] identity_token_audience: The audience claim value. Requires Vault 1.16+.
493
+ :param pulumi.Input[builtins.str] identity_token_key: The key to use for signing identity tokens. Requires Vault 1.16+.
494
+ :param pulumi.Input[builtins.int] identity_token_ttl: The TTL of generated identity tokens in seconds. Requires Vault 1.16+.
495
+ :param pulumi.Input[builtins.bool] local: Specifies whether the secrets mount will be marked as local. Local mounts are not replicated to performance replicas.
496
+ :param pulumi.Input[builtins.int] max_lease_ttl_seconds: The maximum TTL that can be requested
496
497
  for credentials issued by this backend.
497
- :param pulumi.Input[str] namespace: The namespace to provision the resource in.
498
+ :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
498
499
  The value should not contain leading or trailing forward slashes.
499
500
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
500
501
  *Available only for Vault Enterprise*.
501
- :param pulumi.Input[str] path: The unique path this backend should be mounted at. Must
502
+ :param pulumi.Input[builtins.str] path: The unique path this backend should be mounted at. Must
502
503
  not begin or end with a `/`. Defaults to `aws`.
503
- :param pulumi.Input[str] region: The AWS region to make API calls against. Defaults to us-east-1.
504
- :param pulumi.Input[str] role_arn: Role ARN to assume for plugin identity token federation. Requires Vault 1.16+.
505
- :param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
504
+ :param pulumi.Input[builtins.str] region: The AWS region to make API calls against. Defaults to us-east-1.
505
+ :param pulumi.Input[builtins.str] role_arn: Role ARN to assume for plugin identity token federation. Requires Vault 1.16+.
506
+ :param pulumi.Input[builtins.int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
506
507
  A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
507
- :param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
508
+ :param pulumi.Input[builtins.str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
508
509
  defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
509
- :param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
510
+ :param pulumi.Input[builtins.int] rotation_window: The maximum amount of time in seconds allowed to complete
510
511
  a rotation when a scheduled token rotation occurs. The default rotation window is
511
512
  unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
512
- :param pulumi.Input[str] secret_key: The AWS Secret Access Key to use when generating new credentials.
513
- :param pulumi.Input[str] sts_endpoint: Specifies a custom HTTP STS endpoint to use.
514
- :param pulumi.Input[Sequence[pulumi.Input[str]]] sts_fallback_endpoints: Ordered list of `sts_endpoint`s to try if the defined one fails. Requires Vault 1.19+
515
- :param pulumi.Input[Sequence[pulumi.Input[str]]] sts_fallback_regions: Ordered list of `sts_region`s matching the fallback endpoints. Should correspond in order with those endpoints. Requires Vault 1.19+
516
- :param pulumi.Input[str] sts_region: Specifies the region of the STS endpoint. Should be included if `sts_endpoint` is supplied. Requires Vault 1.19+
517
- :param pulumi.Input[str] username_template: Template describing how dynamic usernames are generated. The username template is used to generate both IAM usernames (capped at 64 characters) and STS usernames (capped at 32 characters). If no template is provided the field defaults to the template:
513
+ :param pulumi.Input[builtins.str] secret_key: The AWS Secret Access Key to use when generating new credentials.
514
+ :param pulumi.Input[builtins.str] sts_endpoint: Specifies a custom HTTP STS endpoint to use.
515
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] sts_fallback_endpoints: Ordered list of `sts_endpoint`s to try if the defined one fails. Requires Vault 1.19+
516
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] sts_fallback_regions: Ordered list of `sts_region`s matching the fallback endpoints. Should correspond in order with those endpoints. Requires Vault 1.19+
517
+ :param pulumi.Input[builtins.str] sts_region: Specifies the region of the STS endpoint. Should be included if `sts_endpoint` is supplied. Requires Vault 1.19+
518
+ :param pulumi.Input[builtins.str] username_template: Template describing how dynamic usernames are generated. The username template is used to generate both IAM usernames (capped at 64 characters) and STS usernames (capped at 32 characters). If no template is provided the field defaults to the template:
518
519
 
519
520
  ```
520
521
  {{ if (eq .Type "STS") }}
@@ -576,7 +577,7 @@ class _SecretBackendState:
576
577
 
577
578
  @property
578
579
  @pulumi.getter(name="accessKey")
579
- def access_key(self) -> Optional[pulumi.Input[str]]:
580
+ def access_key(self) -> Optional[pulumi.Input[builtins.str]]:
580
581
  """
581
582
  The AWS Access Key ID this backend should use to
582
583
  issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials.
@@ -584,12 +585,12 @@ class _SecretBackendState:
584
585
  return pulumi.get(self, "access_key")
585
586
 
586
587
  @access_key.setter
587
- def access_key(self, value: Optional[pulumi.Input[str]]):
588
+ def access_key(self, value: Optional[pulumi.Input[builtins.str]]):
588
589
  pulumi.set(self, "access_key", value)
589
590
 
590
591
  @property
591
592
  @pulumi.getter(name="defaultLeaseTtlSeconds")
592
- def default_lease_ttl_seconds(self) -> Optional[pulumi.Input[int]]:
593
+ def default_lease_ttl_seconds(self) -> Optional[pulumi.Input[builtins.int]]:
593
594
  """
594
595
  The default TTL for credentials
595
596
  issued by this backend.
@@ -597,36 +598,36 @@ class _SecretBackendState:
597
598
  return pulumi.get(self, "default_lease_ttl_seconds")
598
599
 
599
600
  @default_lease_ttl_seconds.setter
600
- def default_lease_ttl_seconds(self, value: Optional[pulumi.Input[int]]):
601
+ def default_lease_ttl_seconds(self, value: Optional[pulumi.Input[builtins.int]]):
601
602
  pulumi.set(self, "default_lease_ttl_seconds", value)
602
603
 
603
604
  @property
604
605
  @pulumi.getter
605
- def description(self) -> Optional[pulumi.Input[str]]:
606
+ def description(self) -> Optional[pulumi.Input[builtins.str]]:
606
607
  """
607
608
  A human-friendly description for this backend.
608
609
  """
609
610
  return pulumi.get(self, "description")
610
611
 
611
612
  @description.setter
612
- def description(self, value: Optional[pulumi.Input[str]]):
613
+ def description(self, value: Optional[pulumi.Input[builtins.str]]):
613
614
  pulumi.set(self, "description", value)
614
615
 
615
616
  @property
616
617
  @pulumi.getter(name="disableAutomatedRotation")
617
- def disable_automated_rotation(self) -> Optional[pulumi.Input[bool]]:
618
+ def disable_automated_rotation(self) -> Optional[pulumi.Input[builtins.bool]]:
618
619
  """
619
620
  Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
620
621
  """
621
622
  return pulumi.get(self, "disable_automated_rotation")
622
623
 
623
624
  @disable_automated_rotation.setter
624
- def disable_automated_rotation(self, value: Optional[pulumi.Input[bool]]):
625
+ def disable_automated_rotation(self, value: Optional[pulumi.Input[builtins.bool]]):
625
626
  pulumi.set(self, "disable_automated_rotation", value)
626
627
 
627
628
  @property
628
629
  @pulumi.getter(name="disableRemount")
629
- def disable_remount(self) -> Optional[pulumi.Input[bool]]:
630
+ def disable_remount(self) -> Optional[pulumi.Input[builtins.bool]]:
630
631
  """
631
632
  If set, opts out of mount migration on path updates.
632
633
  See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
@@ -634,72 +635,72 @@ class _SecretBackendState:
634
635
  return pulumi.get(self, "disable_remount")
635
636
 
636
637
  @disable_remount.setter
637
- def disable_remount(self, value: Optional[pulumi.Input[bool]]):
638
+ def disable_remount(self, value: Optional[pulumi.Input[builtins.bool]]):
638
639
  pulumi.set(self, "disable_remount", value)
639
640
 
640
641
  @property
641
642
  @pulumi.getter(name="iamEndpoint")
642
- def iam_endpoint(self) -> Optional[pulumi.Input[str]]:
643
+ def iam_endpoint(self) -> Optional[pulumi.Input[builtins.str]]:
643
644
  """
644
645
  Specifies a custom HTTP IAM endpoint to use.
645
646
  """
646
647
  return pulumi.get(self, "iam_endpoint")
647
648
 
648
649
  @iam_endpoint.setter
649
- def iam_endpoint(self, value: Optional[pulumi.Input[str]]):
650
+ def iam_endpoint(self, value: Optional[pulumi.Input[builtins.str]]):
650
651
  pulumi.set(self, "iam_endpoint", value)
651
652
 
652
653
  @property
653
654
  @pulumi.getter(name="identityTokenAudience")
654
- def identity_token_audience(self) -> Optional[pulumi.Input[str]]:
655
+ def identity_token_audience(self) -> Optional[pulumi.Input[builtins.str]]:
655
656
  """
656
657
  The audience claim value. Requires Vault 1.16+.
657
658
  """
658
659
  return pulumi.get(self, "identity_token_audience")
659
660
 
660
661
  @identity_token_audience.setter
661
- def identity_token_audience(self, value: Optional[pulumi.Input[str]]):
662
+ def identity_token_audience(self, value: Optional[pulumi.Input[builtins.str]]):
662
663
  pulumi.set(self, "identity_token_audience", value)
663
664
 
664
665
  @property
665
666
  @pulumi.getter(name="identityTokenKey")
666
- def identity_token_key(self) -> Optional[pulumi.Input[str]]:
667
+ def identity_token_key(self) -> Optional[pulumi.Input[builtins.str]]:
667
668
  """
668
669
  The key to use for signing identity tokens. Requires Vault 1.16+.
669
670
  """
670
671
  return pulumi.get(self, "identity_token_key")
671
672
 
672
673
  @identity_token_key.setter
673
- def identity_token_key(self, value: Optional[pulumi.Input[str]]):
674
+ def identity_token_key(self, value: Optional[pulumi.Input[builtins.str]]):
674
675
  pulumi.set(self, "identity_token_key", value)
675
676
 
676
677
  @property
677
678
  @pulumi.getter(name="identityTokenTtl")
678
- def identity_token_ttl(self) -> Optional[pulumi.Input[int]]:
679
+ def identity_token_ttl(self) -> Optional[pulumi.Input[builtins.int]]:
679
680
  """
680
681
  The TTL of generated identity tokens in seconds. Requires Vault 1.16+.
681
682
  """
682
683
  return pulumi.get(self, "identity_token_ttl")
683
684
 
684
685
  @identity_token_ttl.setter
685
- def identity_token_ttl(self, value: Optional[pulumi.Input[int]]):
686
+ def identity_token_ttl(self, value: Optional[pulumi.Input[builtins.int]]):
686
687
  pulumi.set(self, "identity_token_ttl", value)
687
688
 
688
689
  @property
689
690
  @pulumi.getter
690
- def local(self) -> Optional[pulumi.Input[bool]]:
691
+ def local(self) -> Optional[pulumi.Input[builtins.bool]]:
691
692
  """
692
693
  Specifies whether the secrets mount will be marked as local. Local mounts are not replicated to performance replicas.
693
694
  """
694
695
  return pulumi.get(self, "local")
695
696
 
696
697
  @local.setter
697
- def local(self, value: Optional[pulumi.Input[bool]]):
698
+ def local(self, value: Optional[pulumi.Input[builtins.bool]]):
698
699
  pulumi.set(self, "local", value)
699
700
 
700
701
  @property
701
702
  @pulumi.getter(name="maxLeaseTtlSeconds")
702
- def max_lease_ttl_seconds(self) -> Optional[pulumi.Input[int]]:
703
+ def max_lease_ttl_seconds(self) -> Optional[pulumi.Input[builtins.int]]:
703
704
  """
704
705
  The maximum TTL that can be requested
705
706
  for credentials issued by this backend.
@@ -707,12 +708,12 @@ class _SecretBackendState:
707
708
  return pulumi.get(self, "max_lease_ttl_seconds")
708
709
 
709
710
  @max_lease_ttl_seconds.setter
710
- def max_lease_ttl_seconds(self, value: Optional[pulumi.Input[int]]):
711
+ def max_lease_ttl_seconds(self, value: Optional[pulumi.Input[builtins.int]]):
711
712
  pulumi.set(self, "max_lease_ttl_seconds", value)
712
713
 
713
714
  @property
714
715
  @pulumi.getter
715
- def namespace(self) -> Optional[pulumi.Input[str]]:
716
+ def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
716
717
  """
717
718
  The namespace to provision the resource in.
718
719
  The value should not contain leading or trailing forward slashes.
@@ -722,12 +723,12 @@ class _SecretBackendState:
722
723
  return pulumi.get(self, "namespace")
723
724
 
724
725
  @namespace.setter
725
- def namespace(self, value: Optional[pulumi.Input[str]]):
726
+ def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
726
727
  pulumi.set(self, "namespace", value)
727
728
 
728
729
  @property
729
730
  @pulumi.getter
730
- def path(self) -> Optional[pulumi.Input[str]]:
731
+ def path(self) -> Optional[pulumi.Input[builtins.str]]:
731
732
  """
732
733
  The unique path this backend should be mounted at. Must
733
734
  not begin or end with a `/`. Defaults to `aws`.
@@ -735,36 +736,36 @@ class _SecretBackendState:
735
736
  return pulumi.get(self, "path")
736
737
 
737
738
  @path.setter
738
- def path(self, value: Optional[pulumi.Input[str]]):
739
+ def path(self, value: Optional[pulumi.Input[builtins.str]]):
739
740
  pulumi.set(self, "path", value)
740
741
 
741
742
  @property
742
743
  @pulumi.getter
743
- def region(self) -> Optional[pulumi.Input[str]]:
744
+ def region(self) -> Optional[pulumi.Input[builtins.str]]:
744
745
  """
745
746
  The AWS region to make API calls against. Defaults to us-east-1.
746
747
  """
747
748
  return pulumi.get(self, "region")
748
749
 
749
750
  @region.setter
750
- def region(self, value: Optional[pulumi.Input[str]]):
751
+ def region(self, value: Optional[pulumi.Input[builtins.str]]):
751
752
  pulumi.set(self, "region", value)
752
753
 
753
754
  @property
754
755
  @pulumi.getter(name="roleArn")
755
- def role_arn(self) -> Optional[pulumi.Input[str]]:
756
+ def role_arn(self) -> Optional[pulumi.Input[builtins.str]]:
756
757
  """
757
758
  Role ARN to assume for plugin identity token federation. Requires Vault 1.16+.
758
759
  """
759
760
  return pulumi.get(self, "role_arn")
760
761
 
761
762
  @role_arn.setter
762
- def role_arn(self, value: Optional[pulumi.Input[str]]):
763
+ def role_arn(self, value: Optional[pulumi.Input[builtins.str]]):
763
764
  pulumi.set(self, "role_arn", value)
764
765
 
765
766
  @property
766
767
  @pulumi.getter(name="rotationPeriod")
767
- def rotation_period(self) -> Optional[pulumi.Input[int]]:
768
+ def rotation_period(self) -> Optional[pulumi.Input[builtins.int]]:
768
769
  """
769
770
  The amount of time in seconds Vault should wait before rotating the root credential.
770
771
  A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
@@ -772,12 +773,12 @@ class _SecretBackendState:
772
773
  return pulumi.get(self, "rotation_period")
773
774
 
774
775
  @rotation_period.setter
775
- def rotation_period(self, value: Optional[pulumi.Input[int]]):
776
+ def rotation_period(self, value: Optional[pulumi.Input[builtins.int]]):
776
777
  pulumi.set(self, "rotation_period", value)
777
778
 
778
779
  @property
779
780
  @pulumi.getter(name="rotationSchedule")
780
- def rotation_schedule(self) -> Optional[pulumi.Input[str]]:
781
+ def rotation_schedule(self) -> Optional[pulumi.Input[builtins.str]]:
781
782
  """
782
783
  The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
783
784
  defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
@@ -785,12 +786,12 @@ class _SecretBackendState:
785
786
  return pulumi.get(self, "rotation_schedule")
786
787
 
787
788
  @rotation_schedule.setter
788
- def rotation_schedule(self, value: Optional[pulumi.Input[str]]):
789
+ def rotation_schedule(self, value: Optional[pulumi.Input[builtins.str]]):
789
790
  pulumi.set(self, "rotation_schedule", value)
790
791
 
791
792
  @property
792
793
  @pulumi.getter(name="rotationWindow")
793
- def rotation_window(self) -> Optional[pulumi.Input[int]]:
794
+ def rotation_window(self) -> Optional[pulumi.Input[builtins.int]]:
794
795
  """
795
796
  The maximum amount of time in seconds allowed to complete
796
797
  a rotation when a scheduled token rotation occurs. The default rotation window is
@@ -799,72 +800,72 @@ class _SecretBackendState:
799
800
  return pulumi.get(self, "rotation_window")
800
801
 
801
802
  @rotation_window.setter
802
- def rotation_window(self, value: Optional[pulumi.Input[int]]):
803
+ def rotation_window(self, value: Optional[pulumi.Input[builtins.int]]):
803
804
  pulumi.set(self, "rotation_window", value)
804
805
 
805
806
  @property
806
807
  @pulumi.getter(name="secretKey")
807
- def secret_key(self) -> Optional[pulumi.Input[str]]:
808
+ def secret_key(self) -> Optional[pulumi.Input[builtins.str]]:
808
809
  """
809
810
  The AWS Secret Access Key to use when generating new credentials.
810
811
  """
811
812
  return pulumi.get(self, "secret_key")
812
813
 
813
814
  @secret_key.setter
814
- def secret_key(self, value: Optional[pulumi.Input[str]]):
815
+ def secret_key(self, value: Optional[pulumi.Input[builtins.str]]):
815
816
  pulumi.set(self, "secret_key", value)
816
817
 
817
818
  @property
818
819
  @pulumi.getter(name="stsEndpoint")
819
- def sts_endpoint(self) -> Optional[pulumi.Input[str]]:
820
+ def sts_endpoint(self) -> Optional[pulumi.Input[builtins.str]]:
820
821
  """
821
822
  Specifies a custom HTTP STS endpoint to use.
822
823
  """
823
824
  return pulumi.get(self, "sts_endpoint")
824
825
 
825
826
  @sts_endpoint.setter
826
- def sts_endpoint(self, value: Optional[pulumi.Input[str]]):
827
+ def sts_endpoint(self, value: Optional[pulumi.Input[builtins.str]]):
827
828
  pulumi.set(self, "sts_endpoint", value)
828
829
 
829
830
  @property
830
831
  @pulumi.getter(name="stsFallbackEndpoints")
831
- def sts_fallback_endpoints(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
832
+ def sts_fallback_endpoints(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
832
833
  """
833
834
  Ordered list of `sts_endpoint`s to try if the defined one fails. Requires Vault 1.19+
834
835
  """
835
836
  return pulumi.get(self, "sts_fallback_endpoints")
836
837
 
837
838
  @sts_fallback_endpoints.setter
838
- def sts_fallback_endpoints(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
839
+ def sts_fallback_endpoints(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
839
840
  pulumi.set(self, "sts_fallback_endpoints", value)
840
841
 
841
842
  @property
842
843
  @pulumi.getter(name="stsFallbackRegions")
843
- def sts_fallback_regions(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
844
+ def sts_fallback_regions(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
844
845
  """
845
846
  Ordered list of `sts_region`s matching the fallback endpoints. Should correspond in order with those endpoints. Requires Vault 1.19+
846
847
  """
847
848
  return pulumi.get(self, "sts_fallback_regions")
848
849
 
849
850
  @sts_fallback_regions.setter
850
- def sts_fallback_regions(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
851
+ def sts_fallback_regions(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
851
852
  pulumi.set(self, "sts_fallback_regions", value)
852
853
 
853
854
  @property
854
855
  @pulumi.getter(name="stsRegion")
855
- def sts_region(self) -> Optional[pulumi.Input[str]]:
856
+ def sts_region(self) -> Optional[pulumi.Input[builtins.str]]:
856
857
  """
857
858
  Specifies the region of the STS endpoint. Should be included if `sts_endpoint` is supplied. Requires Vault 1.19+
858
859
  """
859
860
  return pulumi.get(self, "sts_region")
860
861
 
861
862
  @sts_region.setter
862
- def sts_region(self, value: Optional[pulumi.Input[str]]):
863
+ def sts_region(self, value: Optional[pulumi.Input[builtins.str]]):
863
864
  pulumi.set(self, "sts_region", value)
864
865
 
865
866
  @property
866
867
  @pulumi.getter(name="usernameTemplate")
867
- def username_template(self) -> Optional[pulumi.Input[str]]:
868
+ def username_template(self) -> Optional[pulumi.Input[builtins.str]]:
868
869
  """
869
870
  Template describing how dynamic usernames are generated. The username template is used to generate both IAM usernames (capped at 64 characters) and STS usernames (capped at 32 characters). If no template is provided the field defaults to the template:
870
871
 
@@ -880,7 +881,7 @@ class _SecretBackendState:
880
881
  return pulumi.get(self, "username_template")
881
882
 
882
883
  @username_template.setter
883
- def username_template(self, value: Optional[pulumi.Input[str]]):
884
+ def username_template(self, value: Optional[pulumi.Input[builtins.str]]):
884
885
  pulumi.set(self, "username_template", value)
885
886
 
886
887
 
@@ -889,30 +890,30 @@ class SecretBackend(pulumi.CustomResource):
889
890
  def __init__(__self__,
890
891
  resource_name: str,
891
892
  opts: Optional[pulumi.ResourceOptions] = None,
892
- access_key: Optional[pulumi.Input[str]] = None,
893
- default_lease_ttl_seconds: Optional[pulumi.Input[int]] = None,
894
- description: Optional[pulumi.Input[str]] = None,
895
- disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
896
- disable_remount: Optional[pulumi.Input[bool]] = None,
897
- iam_endpoint: Optional[pulumi.Input[str]] = None,
898
- identity_token_audience: Optional[pulumi.Input[str]] = None,
899
- identity_token_key: Optional[pulumi.Input[str]] = None,
900
- identity_token_ttl: Optional[pulumi.Input[int]] = None,
901
- local: Optional[pulumi.Input[bool]] = None,
902
- max_lease_ttl_seconds: Optional[pulumi.Input[int]] = None,
903
- namespace: Optional[pulumi.Input[str]] = None,
904
- path: Optional[pulumi.Input[str]] = None,
905
- region: Optional[pulumi.Input[str]] = None,
906
- role_arn: Optional[pulumi.Input[str]] = None,
907
- rotation_period: Optional[pulumi.Input[int]] = None,
908
- rotation_schedule: Optional[pulumi.Input[str]] = None,
909
- rotation_window: Optional[pulumi.Input[int]] = None,
910
- secret_key: Optional[pulumi.Input[str]] = None,
911
- sts_endpoint: Optional[pulumi.Input[str]] = None,
912
- sts_fallback_endpoints: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
913
- sts_fallback_regions: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
914
- sts_region: Optional[pulumi.Input[str]] = None,
915
- username_template: Optional[pulumi.Input[str]] = None,
893
+ access_key: Optional[pulumi.Input[builtins.str]] = None,
894
+ default_lease_ttl_seconds: Optional[pulumi.Input[builtins.int]] = None,
895
+ description: Optional[pulumi.Input[builtins.str]] = None,
896
+ disable_automated_rotation: Optional[pulumi.Input[builtins.bool]] = None,
897
+ disable_remount: Optional[pulumi.Input[builtins.bool]] = None,
898
+ iam_endpoint: Optional[pulumi.Input[builtins.str]] = None,
899
+ identity_token_audience: Optional[pulumi.Input[builtins.str]] = None,
900
+ identity_token_key: Optional[pulumi.Input[builtins.str]] = None,
901
+ identity_token_ttl: Optional[pulumi.Input[builtins.int]] = None,
902
+ local: Optional[pulumi.Input[builtins.bool]] = None,
903
+ max_lease_ttl_seconds: Optional[pulumi.Input[builtins.int]] = None,
904
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
905
+ path: Optional[pulumi.Input[builtins.str]] = None,
906
+ region: Optional[pulumi.Input[builtins.str]] = None,
907
+ role_arn: Optional[pulumi.Input[builtins.str]] = None,
908
+ rotation_period: Optional[pulumi.Input[builtins.int]] = None,
909
+ rotation_schedule: Optional[pulumi.Input[builtins.str]] = None,
910
+ rotation_window: Optional[pulumi.Input[builtins.int]] = None,
911
+ secret_key: Optional[pulumi.Input[builtins.str]] = None,
912
+ sts_endpoint: Optional[pulumi.Input[builtins.str]] = None,
913
+ sts_fallback_endpoints: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
914
+ sts_fallback_regions: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
915
+ sts_region: Optional[pulumi.Input[builtins.str]] = None,
916
+ username_template: Optional[pulumi.Input[builtins.str]] = None,
916
917
  __props__=None):
917
918
  """
918
919
  ## Import
@@ -925,42 +926,42 @@ class SecretBackend(pulumi.CustomResource):
925
926
 
926
927
  :param str resource_name: The name of the resource.
927
928
  :param pulumi.ResourceOptions opts: Options for the resource.
928
- :param pulumi.Input[str] access_key: The AWS Access Key ID this backend should use to
929
+ :param pulumi.Input[builtins.str] access_key: The AWS Access Key ID this backend should use to
929
930
  issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials.
930
- :param pulumi.Input[int] default_lease_ttl_seconds: The default TTL for credentials
931
+ :param pulumi.Input[builtins.int] default_lease_ttl_seconds: The default TTL for credentials
931
932
  issued by this backend.
932
- :param pulumi.Input[str] description: A human-friendly description for this backend.
933
- :param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
934
- :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
933
+ :param pulumi.Input[builtins.str] description: A human-friendly description for this backend.
934
+ :param pulumi.Input[builtins.bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
935
+ :param pulumi.Input[builtins.bool] disable_remount: If set, opts out of mount migration on path updates.
935
936
  See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
936
- :param pulumi.Input[str] iam_endpoint: Specifies a custom HTTP IAM endpoint to use.
937
- :param pulumi.Input[str] identity_token_audience: The audience claim value. Requires Vault 1.16+.
938
- :param pulumi.Input[str] identity_token_key: The key to use for signing identity tokens. Requires Vault 1.16+.
939
- :param pulumi.Input[int] identity_token_ttl: The TTL of generated identity tokens in seconds. Requires Vault 1.16+.
940
- :param pulumi.Input[bool] local: Specifies whether the secrets mount will be marked as local. Local mounts are not replicated to performance replicas.
941
- :param pulumi.Input[int] max_lease_ttl_seconds: The maximum TTL that can be requested
937
+ :param pulumi.Input[builtins.str] iam_endpoint: Specifies a custom HTTP IAM endpoint to use.
938
+ :param pulumi.Input[builtins.str] identity_token_audience: The audience claim value. Requires Vault 1.16+.
939
+ :param pulumi.Input[builtins.str] identity_token_key: The key to use for signing identity tokens. Requires Vault 1.16+.
940
+ :param pulumi.Input[builtins.int] identity_token_ttl: The TTL of generated identity tokens in seconds. Requires Vault 1.16+.
941
+ :param pulumi.Input[builtins.bool] local: Specifies whether the secrets mount will be marked as local. Local mounts are not replicated to performance replicas.
942
+ :param pulumi.Input[builtins.int] max_lease_ttl_seconds: The maximum TTL that can be requested
942
943
  for credentials issued by this backend.
943
- :param pulumi.Input[str] namespace: The namespace to provision the resource in.
944
+ :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
944
945
  The value should not contain leading or trailing forward slashes.
945
946
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
946
947
  *Available only for Vault Enterprise*.
947
- :param pulumi.Input[str] path: The unique path this backend should be mounted at. Must
948
+ :param pulumi.Input[builtins.str] path: The unique path this backend should be mounted at. Must
948
949
  not begin or end with a `/`. Defaults to `aws`.
949
- :param pulumi.Input[str] region: The AWS region to make API calls against. Defaults to us-east-1.
950
- :param pulumi.Input[str] role_arn: Role ARN to assume for plugin identity token federation. Requires Vault 1.16+.
951
- :param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
950
+ :param pulumi.Input[builtins.str] region: The AWS region to make API calls against. Defaults to us-east-1.
951
+ :param pulumi.Input[builtins.str] role_arn: Role ARN to assume for plugin identity token federation. Requires Vault 1.16+.
952
+ :param pulumi.Input[builtins.int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
952
953
  A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
953
- :param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
954
+ :param pulumi.Input[builtins.str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
954
955
  defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
955
- :param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
956
+ :param pulumi.Input[builtins.int] rotation_window: The maximum amount of time in seconds allowed to complete
956
957
  a rotation when a scheduled token rotation occurs. The default rotation window is
957
958
  unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
958
- :param pulumi.Input[str] secret_key: The AWS Secret Access Key to use when generating new credentials.
959
- :param pulumi.Input[str] sts_endpoint: Specifies a custom HTTP STS endpoint to use.
960
- :param pulumi.Input[Sequence[pulumi.Input[str]]] sts_fallback_endpoints: Ordered list of `sts_endpoint`s to try if the defined one fails. Requires Vault 1.19+
961
- :param pulumi.Input[Sequence[pulumi.Input[str]]] sts_fallback_regions: Ordered list of `sts_region`s matching the fallback endpoints. Should correspond in order with those endpoints. Requires Vault 1.19+
962
- :param pulumi.Input[str] sts_region: Specifies the region of the STS endpoint. Should be included if `sts_endpoint` is supplied. Requires Vault 1.19+
963
- :param pulumi.Input[str] username_template: Template describing how dynamic usernames are generated. The username template is used to generate both IAM usernames (capped at 64 characters) and STS usernames (capped at 32 characters). If no template is provided the field defaults to the template:
959
+ :param pulumi.Input[builtins.str] secret_key: The AWS Secret Access Key to use when generating new credentials.
960
+ :param pulumi.Input[builtins.str] sts_endpoint: Specifies a custom HTTP STS endpoint to use.
961
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] sts_fallback_endpoints: Ordered list of `sts_endpoint`s to try if the defined one fails. Requires Vault 1.19+
962
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] sts_fallback_regions: Ordered list of `sts_region`s matching the fallback endpoints. Should correspond in order with those endpoints. Requires Vault 1.19+
963
+ :param pulumi.Input[builtins.str] sts_region: Specifies the region of the STS endpoint. Should be included if `sts_endpoint` is supplied. Requires Vault 1.19+
964
+ :param pulumi.Input[builtins.str] username_template: Template describing how dynamic usernames are generated. The username template is used to generate both IAM usernames (capped at 64 characters) and STS usernames (capped at 32 characters). If no template is provided the field defaults to the template:
964
965
 
965
966
  ```
966
967
  {{ if (eq .Type "STS") }}
@@ -1001,30 +1002,30 @@ class SecretBackend(pulumi.CustomResource):
1001
1002
  def _internal_init(__self__,
1002
1003
  resource_name: str,
1003
1004
  opts: Optional[pulumi.ResourceOptions] = None,
1004
- access_key: Optional[pulumi.Input[str]] = None,
1005
- default_lease_ttl_seconds: Optional[pulumi.Input[int]] = None,
1006
- description: Optional[pulumi.Input[str]] = None,
1007
- disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
1008
- disable_remount: Optional[pulumi.Input[bool]] = None,
1009
- iam_endpoint: Optional[pulumi.Input[str]] = None,
1010
- identity_token_audience: Optional[pulumi.Input[str]] = None,
1011
- identity_token_key: Optional[pulumi.Input[str]] = None,
1012
- identity_token_ttl: Optional[pulumi.Input[int]] = None,
1013
- local: Optional[pulumi.Input[bool]] = None,
1014
- max_lease_ttl_seconds: Optional[pulumi.Input[int]] = None,
1015
- namespace: Optional[pulumi.Input[str]] = None,
1016
- path: Optional[pulumi.Input[str]] = None,
1017
- region: Optional[pulumi.Input[str]] = None,
1018
- role_arn: Optional[pulumi.Input[str]] = None,
1019
- rotation_period: Optional[pulumi.Input[int]] = None,
1020
- rotation_schedule: Optional[pulumi.Input[str]] = None,
1021
- rotation_window: Optional[pulumi.Input[int]] = None,
1022
- secret_key: Optional[pulumi.Input[str]] = None,
1023
- sts_endpoint: Optional[pulumi.Input[str]] = None,
1024
- sts_fallback_endpoints: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
1025
- sts_fallback_regions: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
1026
- sts_region: Optional[pulumi.Input[str]] = None,
1027
- username_template: Optional[pulumi.Input[str]] = None,
1005
+ access_key: Optional[pulumi.Input[builtins.str]] = None,
1006
+ default_lease_ttl_seconds: Optional[pulumi.Input[builtins.int]] = None,
1007
+ description: Optional[pulumi.Input[builtins.str]] = None,
1008
+ disable_automated_rotation: Optional[pulumi.Input[builtins.bool]] = None,
1009
+ disable_remount: Optional[pulumi.Input[builtins.bool]] = None,
1010
+ iam_endpoint: Optional[pulumi.Input[builtins.str]] = None,
1011
+ identity_token_audience: Optional[pulumi.Input[builtins.str]] = None,
1012
+ identity_token_key: Optional[pulumi.Input[builtins.str]] = None,
1013
+ identity_token_ttl: Optional[pulumi.Input[builtins.int]] = None,
1014
+ local: Optional[pulumi.Input[builtins.bool]] = None,
1015
+ max_lease_ttl_seconds: Optional[pulumi.Input[builtins.int]] = None,
1016
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
1017
+ path: Optional[pulumi.Input[builtins.str]] = None,
1018
+ region: Optional[pulumi.Input[builtins.str]] = None,
1019
+ role_arn: Optional[pulumi.Input[builtins.str]] = None,
1020
+ rotation_period: Optional[pulumi.Input[builtins.int]] = None,
1021
+ rotation_schedule: Optional[pulumi.Input[builtins.str]] = None,
1022
+ rotation_window: Optional[pulumi.Input[builtins.int]] = None,
1023
+ secret_key: Optional[pulumi.Input[builtins.str]] = None,
1024
+ sts_endpoint: Optional[pulumi.Input[builtins.str]] = None,
1025
+ sts_fallback_endpoints: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1026
+ sts_fallback_regions: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1027
+ sts_region: Optional[pulumi.Input[builtins.str]] = None,
1028
+ username_template: Optional[pulumi.Input[builtins.str]] = None,
1028
1029
  __props__=None):
1029
1030
  opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
1030
1031
  if not isinstance(opts, pulumi.ResourceOptions):
@@ -1070,30 +1071,30 @@ class SecretBackend(pulumi.CustomResource):
1070
1071
  def get(resource_name: str,
1071
1072
  id: pulumi.Input[str],
1072
1073
  opts: Optional[pulumi.ResourceOptions] = None,
1073
- access_key: Optional[pulumi.Input[str]] = None,
1074
- default_lease_ttl_seconds: Optional[pulumi.Input[int]] = None,
1075
- description: Optional[pulumi.Input[str]] = None,
1076
- disable_automated_rotation: Optional[pulumi.Input[bool]] = None,
1077
- disable_remount: Optional[pulumi.Input[bool]] = None,
1078
- iam_endpoint: Optional[pulumi.Input[str]] = None,
1079
- identity_token_audience: Optional[pulumi.Input[str]] = None,
1080
- identity_token_key: Optional[pulumi.Input[str]] = None,
1081
- identity_token_ttl: Optional[pulumi.Input[int]] = None,
1082
- local: Optional[pulumi.Input[bool]] = None,
1083
- max_lease_ttl_seconds: Optional[pulumi.Input[int]] = None,
1084
- namespace: Optional[pulumi.Input[str]] = None,
1085
- path: Optional[pulumi.Input[str]] = None,
1086
- region: Optional[pulumi.Input[str]] = None,
1087
- role_arn: Optional[pulumi.Input[str]] = None,
1088
- rotation_period: Optional[pulumi.Input[int]] = None,
1089
- rotation_schedule: Optional[pulumi.Input[str]] = None,
1090
- rotation_window: Optional[pulumi.Input[int]] = None,
1091
- secret_key: Optional[pulumi.Input[str]] = None,
1092
- sts_endpoint: Optional[pulumi.Input[str]] = None,
1093
- sts_fallback_endpoints: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
1094
- sts_fallback_regions: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
1095
- sts_region: Optional[pulumi.Input[str]] = None,
1096
- username_template: Optional[pulumi.Input[str]] = None) -> 'SecretBackend':
1074
+ access_key: Optional[pulumi.Input[builtins.str]] = None,
1075
+ default_lease_ttl_seconds: Optional[pulumi.Input[builtins.int]] = None,
1076
+ description: Optional[pulumi.Input[builtins.str]] = None,
1077
+ disable_automated_rotation: Optional[pulumi.Input[builtins.bool]] = None,
1078
+ disable_remount: Optional[pulumi.Input[builtins.bool]] = None,
1079
+ iam_endpoint: Optional[pulumi.Input[builtins.str]] = None,
1080
+ identity_token_audience: Optional[pulumi.Input[builtins.str]] = None,
1081
+ identity_token_key: Optional[pulumi.Input[builtins.str]] = None,
1082
+ identity_token_ttl: Optional[pulumi.Input[builtins.int]] = None,
1083
+ local: Optional[pulumi.Input[builtins.bool]] = None,
1084
+ max_lease_ttl_seconds: Optional[pulumi.Input[builtins.int]] = None,
1085
+ namespace: Optional[pulumi.Input[builtins.str]] = None,
1086
+ path: Optional[pulumi.Input[builtins.str]] = None,
1087
+ region: Optional[pulumi.Input[builtins.str]] = None,
1088
+ role_arn: Optional[pulumi.Input[builtins.str]] = None,
1089
+ rotation_period: Optional[pulumi.Input[builtins.int]] = None,
1090
+ rotation_schedule: Optional[pulumi.Input[builtins.str]] = None,
1091
+ rotation_window: Optional[pulumi.Input[builtins.int]] = None,
1092
+ secret_key: Optional[pulumi.Input[builtins.str]] = None,
1093
+ sts_endpoint: Optional[pulumi.Input[builtins.str]] = None,
1094
+ sts_fallback_endpoints: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1095
+ sts_fallback_regions: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1096
+ sts_region: Optional[pulumi.Input[builtins.str]] = None,
1097
+ username_template: Optional[pulumi.Input[builtins.str]] = None) -> 'SecretBackend':
1097
1098
  """
1098
1099
  Get an existing SecretBackend resource's state with the given name, id, and optional extra
1099
1100
  properties used to qualify the lookup.
@@ -1101,42 +1102,42 @@ class SecretBackend(pulumi.CustomResource):
1101
1102
  :param str resource_name: The unique name of the resulting resource.
1102
1103
  :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
1103
1104
  :param pulumi.ResourceOptions opts: Options for the resource.
1104
- :param pulumi.Input[str] access_key: The AWS Access Key ID this backend should use to
1105
+ :param pulumi.Input[builtins.str] access_key: The AWS Access Key ID this backend should use to
1105
1106
  issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials.
1106
- :param pulumi.Input[int] default_lease_ttl_seconds: The default TTL for credentials
1107
+ :param pulumi.Input[builtins.int] default_lease_ttl_seconds: The default TTL for credentials
1107
1108
  issued by this backend.
1108
- :param pulumi.Input[str] description: A human-friendly description for this backend.
1109
- :param pulumi.Input[bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
1110
- :param pulumi.Input[bool] disable_remount: If set, opts out of mount migration on path updates.
1109
+ :param pulumi.Input[builtins.str] description: A human-friendly description for this backend.
1110
+ :param pulumi.Input[builtins.bool] disable_automated_rotation: Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
1111
+ :param pulumi.Input[builtins.bool] disable_remount: If set, opts out of mount migration on path updates.
1111
1112
  See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
1112
- :param pulumi.Input[str] iam_endpoint: Specifies a custom HTTP IAM endpoint to use.
1113
- :param pulumi.Input[str] identity_token_audience: The audience claim value. Requires Vault 1.16+.
1114
- :param pulumi.Input[str] identity_token_key: The key to use for signing identity tokens. Requires Vault 1.16+.
1115
- :param pulumi.Input[int] identity_token_ttl: The TTL of generated identity tokens in seconds. Requires Vault 1.16+.
1116
- :param pulumi.Input[bool] local: Specifies whether the secrets mount will be marked as local. Local mounts are not replicated to performance replicas.
1117
- :param pulumi.Input[int] max_lease_ttl_seconds: The maximum TTL that can be requested
1113
+ :param pulumi.Input[builtins.str] iam_endpoint: Specifies a custom HTTP IAM endpoint to use.
1114
+ :param pulumi.Input[builtins.str] identity_token_audience: The audience claim value. Requires Vault 1.16+.
1115
+ :param pulumi.Input[builtins.str] identity_token_key: The key to use for signing identity tokens. Requires Vault 1.16+.
1116
+ :param pulumi.Input[builtins.int] identity_token_ttl: The TTL of generated identity tokens in seconds. Requires Vault 1.16+.
1117
+ :param pulumi.Input[builtins.bool] local: Specifies whether the secrets mount will be marked as local. Local mounts are not replicated to performance replicas.
1118
+ :param pulumi.Input[builtins.int] max_lease_ttl_seconds: The maximum TTL that can be requested
1118
1119
  for credentials issued by this backend.
1119
- :param pulumi.Input[str] namespace: The namespace to provision the resource in.
1120
+ :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
1120
1121
  The value should not contain leading or trailing forward slashes.
1121
1122
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
1122
1123
  *Available only for Vault Enterprise*.
1123
- :param pulumi.Input[str] path: The unique path this backend should be mounted at. Must
1124
+ :param pulumi.Input[builtins.str] path: The unique path this backend should be mounted at. Must
1124
1125
  not begin or end with a `/`. Defaults to `aws`.
1125
- :param pulumi.Input[str] region: The AWS region to make API calls against. Defaults to us-east-1.
1126
- :param pulumi.Input[str] role_arn: Role ARN to assume for plugin identity token federation. Requires Vault 1.16+.
1127
- :param pulumi.Input[int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
1126
+ :param pulumi.Input[builtins.str] region: The AWS region to make API calls against. Defaults to us-east-1.
1127
+ :param pulumi.Input[builtins.str] role_arn: Role ARN to assume for plugin identity token federation. Requires Vault 1.16+.
1128
+ :param pulumi.Input[builtins.int] rotation_period: The amount of time in seconds Vault should wait before rotating the root credential.
1128
1129
  A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
1129
- :param pulumi.Input[str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
1130
+ :param pulumi.Input[builtins.str] rotation_schedule: The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
1130
1131
  defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
1131
- :param pulumi.Input[int] rotation_window: The maximum amount of time in seconds allowed to complete
1132
+ :param pulumi.Input[builtins.int] rotation_window: The maximum amount of time in seconds allowed to complete
1132
1133
  a rotation when a scheduled token rotation occurs. The default rotation window is
1133
1134
  unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
1134
- :param pulumi.Input[str] secret_key: The AWS Secret Access Key to use when generating new credentials.
1135
- :param pulumi.Input[str] sts_endpoint: Specifies a custom HTTP STS endpoint to use.
1136
- :param pulumi.Input[Sequence[pulumi.Input[str]]] sts_fallback_endpoints: Ordered list of `sts_endpoint`s to try if the defined one fails. Requires Vault 1.19+
1137
- :param pulumi.Input[Sequence[pulumi.Input[str]]] sts_fallback_regions: Ordered list of `sts_region`s matching the fallback endpoints. Should correspond in order with those endpoints. Requires Vault 1.19+
1138
- :param pulumi.Input[str] sts_region: Specifies the region of the STS endpoint. Should be included if `sts_endpoint` is supplied. Requires Vault 1.19+
1139
- :param pulumi.Input[str] username_template: Template describing how dynamic usernames are generated. The username template is used to generate both IAM usernames (capped at 64 characters) and STS usernames (capped at 32 characters). If no template is provided the field defaults to the template:
1135
+ :param pulumi.Input[builtins.str] secret_key: The AWS Secret Access Key to use when generating new credentials.
1136
+ :param pulumi.Input[builtins.str] sts_endpoint: Specifies a custom HTTP STS endpoint to use.
1137
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] sts_fallback_endpoints: Ordered list of `sts_endpoint`s to try if the defined one fails. Requires Vault 1.19+
1138
+ :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] sts_fallback_regions: Ordered list of `sts_region`s matching the fallback endpoints. Should correspond in order with those endpoints. Requires Vault 1.19+
1139
+ :param pulumi.Input[builtins.str] sts_region: Specifies the region of the STS endpoint. Should be included if `sts_endpoint` is supplied. Requires Vault 1.19+
1140
+ :param pulumi.Input[builtins.str] username_template: Template describing how dynamic usernames are generated. The username template is used to generate both IAM usernames (capped at 64 characters) and STS usernames (capped at 32 characters). If no template is provided the field defaults to the template:
1140
1141
 
1141
1142
  ```
1142
1143
  {{ if (eq .Type "STS") }}
@@ -1179,7 +1180,7 @@ class SecretBackend(pulumi.CustomResource):
1179
1180
 
1180
1181
  @property
1181
1182
  @pulumi.getter(name="accessKey")
1182
- def access_key(self) -> pulumi.Output[Optional[str]]:
1183
+ def access_key(self) -> pulumi.Output[Optional[builtins.str]]:
1183
1184
  """
1184
1185
  The AWS Access Key ID this backend should use to
1185
1186
  issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials.
@@ -1188,7 +1189,7 @@ class SecretBackend(pulumi.CustomResource):
1188
1189
 
1189
1190
  @property
1190
1191
  @pulumi.getter(name="defaultLeaseTtlSeconds")
1191
- def default_lease_ttl_seconds(self) -> pulumi.Output[int]:
1192
+ def default_lease_ttl_seconds(self) -> pulumi.Output[builtins.int]:
1192
1193
  """
1193
1194
  The default TTL for credentials
1194
1195
  issued by this backend.
@@ -1197,7 +1198,7 @@ class SecretBackend(pulumi.CustomResource):
1197
1198
 
1198
1199
  @property
1199
1200
  @pulumi.getter
1200
- def description(self) -> pulumi.Output[Optional[str]]:
1201
+ def description(self) -> pulumi.Output[Optional[builtins.str]]:
1201
1202
  """
1202
1203
  A human-friendly description for this backend.
1203
1204
  """
@@ -1205,7 +1206,7 @@ class SecretBackend(pulumi.CustomResource):
1205
1206
 
1206
1207
  @property
1207
1208
  @pulumi.getter(name="disableAutomatedRotation")
1208
- def disable_automated_rotation(self) -> pulumi.Output[Optional[bool]]:
1209
+ def disable_automated_rotation(self) -> pulumi.Output[Optional[builtins.bool]]:
1209
1210
  """
1210
1211
  Cancels all upcoming rotations of the root credential until unset. Requires Vault Enterprise 1.19+.
1211
1212
  """
@@ -1213,7 +1214,7 @@ class SecretBackend(pulumi.CustomResource):
1213
1214
 
1214
1215
  @property
1215
1216
  @pulumi.getter(name="disableRemount")
1216
- def disable_remount(self) -> pulumi.Output[Optional[bool]]:
1217
+ def disable_remount(self) -> pulumi.Output[Optional[builtins.bool]]:
1217
1218
  """
1218
1219
  If set, opts out of mount migration on path updates.
1219
1220
  See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
@@ -1222,7 +1223,7 @@ class SecretBackend(pulumi.CustomResource):
1222
1223
 
1223
1224
  @property
1224
1225
  @pulumi.getter(name="iamEndpoint")
1225
- def iam_endpoint(self) -> pulumi.Output[Optional[str]]:
1226
+ def iam_endpoint(self) -> pulumi.Output[Optional[builtins.str]]:
1226
1227
  """
1227
1228
  Specifies a custom HTTP IAM endpoint to use.
1228
1229
  """
@@ -1230,7 +1231,7 @@ class SecretBackend(pulumi.CustomResource):
1230
1231
 
1231
1232
  @property
1232
1233
  @pulumi.getter(name="identityTokenAudience")
1233
- def identity_token_audience(self) -> pulumi.Output[Optional[str]]:
1234
+ def identity_token_audience(self) -> pulumi.Output[Optional[builtins.str]]:
1234
1235
  """
1235
1236
  The audience claim value. Requires Vault 1.16+.
1236
1237
  """
@@ -1238,7 +1239,7 @@ class SecretBackend(pulumi.CustomResource):
1238
1239
 
1239
1240
  @property
1240
1241
  @pulumi.getter(name="identityTokenKey")
1241
- def identity_token_key(self) -> pulumi.Output[Optional[str]]:
1242
+ def identity_token_key(self) -> pulumi.Output[Optional[builtins.str]]:
1242
1243
  """
1243
1244
  The key to use for signing identity tokens. Requires Vault 1.16+.
1244
1245
  """
@@ -1246,7 +1247,7 @@ class SecretBackend(pulumi.CustomResource):
1246
1247
 
1247
1248
  @property
1248
1249
  @pulumi.getter(name="identityTokenTtl")
1249
- def identity_token_ttl(self) -> pulumi.Output[int]:
1250
+ def identity_token_ttl(self) -> pulumi.Output[builtins.int]:
1250
1251
  """
1251
1252
  The TTL of generated identity tokens in seconds. Requires Vault 1.16+.
1252
1253
  """
@@ -1254,7 +1255,7 @@ class SecretBackend(pulumi.CustomResource):
1254
1255
 
1255
1256
  @property
1256
1257
  @pulumi.getter
1257
- def local(self) -> pulumi.Output[Optional[bool]]:
1258
+ def local(self) -> pulumi.Output[Optional[builtins.bool]]:
1258
1259
  """
1259
1260
  Specifies whether the secrets mount will be marked as local. Local mounts are not replicated to performance replicas.
1260
1261
  """
@@ -1262,7 +1263,7 @@ class SecretBackend(pulumi.CustomResource):
1262
1263
 
1263
1264
  @property
1264
1265
  @pulumi.getter(name="maxLeaseTtlSeconds")
1265
- def max_lease_ttl_seconds(self) -> pulumi.Output[int]:
1266
+ def max_lease_ttl_seconds(self) -> pulumi.Output[builtins.int]:
1266
1267
  """
1267
1268
  The maximum TTL that can be requested
1268
1269
  for credentials issued by this backend.
@@ -1271,7 +1272,7 @@ class SecretBackend(pulumi.CustomResource):
1271
1272
 
1272
1273
  @property
1273
1274
  @pulumi.getter
1274
- def namespace(self) -> pulumi.Output[Optional[str]]:
1275
+ def namespace(self) -> pulumi.Output[Optional[builtins.str]]:
1275
1276
  """
1276
1277
  The namespace to provision the resource in.
1277
1278
  The value should not contain leading or trailing forward slashes.
@@ -1282,7 +1283,7 @@ class SecretBackend(pulumi.CustomResource):
1282
1283
 
1283
1284
  @property
1284
1285
  @pulumi.getter
1285
- def path(self) -> pulumi.Output[Optional[str]]:
1286
+ def path(self) -> pulumi.Output[Optional[builtins.str]]:
1286
1287
  """
1287
1288
  The unique path this backend should be mounted at. Must
1288
1289
  not begin or end with a `/`. Defaults to `aws`.
@@ -1291,7 +1292,7 @@ class SecretBackend(pulumi.CustomResource):
1291
1292
 
1292
1293
  @property
1293
1294
  @pulumi.getter
1294
- def region(self) -> pulumi.Output[str]:
1295
+ def region(self) -> pulumi.Output[builtins.str]:
1295
1296
  """
1296
1297
  The AWS region to make API calls against. Defaults to us-east-1.
1297
1298
  """
@@ -1299,7 +1300,7 @@ class SecretBackend(pulumi.CustomResource):
1299
1300
 
1300
1301
  @property
1301
1302
  @pulumi.getter(name="roleArn")
1302
- def role_arn(self) -> pulumi.Output[Optional[str]]:
1303
+ def role_arn(self) -> pulumi.Output[Optional[builtins.str]]:
1303
1304
  """
1304
1305
  Role ARN to assume for plugin identity token federation. Requires Vault 1.16+.
1305
1306
  """
@@ -1307,7 +1308,7 @@ class SecretBackend(pulumi.CustomResource):
1307
1308
 
1308
1309
  @property
1309
1310
  @pulumi.getter(name="rotationPeriod")
1310
- def rotation_period(self) -> pulumi.Output[Optional[int]]:
1311
+ def rotation_period(self) -> pulumi.Output[Optional[builtins.int]]:
1311
1312
  """
1312
1313
  The amount of time in seconds Vault should wait before rotating the root credential.
1313
1314
  A zero value tells Vault not to rotate the root credential. The minimum rotation period is 10 seconds. Requires Vault Enterprise 1.19+.
@@ -1316,7 +1317,7 @@ class SecretBackend(pulumi.CustomResource):
1316
1317
 
1317
1318
  @property
1318
1319
  @pulumi.getter(name="rotationSchedule")
1319
- def rotation_schedule(self) -> pulumi.Output[Optional[str]]:
1320
+ def rotation_schedule(self) -> pulumi.Output[Optional[builtins.str]]:
1320
1321
  """
1321
1322
  The schedule, in [cron-style time format](https://en.wikipedia.org/wiki/Cron),
1322
1323
  defining the schedule on which Vault should rotate the root token. Requires Vault Enterprise 1.19+.
@@ -1325,7 +1326,7 @@ class SecretBackend(pulumi.CustomResource):
1325
1326
 
1326
1327
  @property
1327
1328
  @pulumi.getter(name="rotationWindow")
1328
- def rotation_window(self) -> pulumi.Output[Optional[int]]:
1329
+ def rotation_window(self) -> pulumi.Output[Optional[builtins.int]]:
1329
1330
  """
1330
1331
  The maximum amount of time in seconds allowed to complete
1331
1332
  a rotation when a scheduled token rotation occurs. The default rotation window is
@@ -1335,7 +1336,7 @@ class SecretBackend(pulumi.CustomResource):
1335
1336
 
1336
1337
  @property
1337
1338
  @pulumi.getter(name="secretKey")
1338
- def secret_key(self) -> pulumi.Output[Optional[str]]:
1339
+ def secret_key(self) -> pulumi.Output[Optional[builtins.str]]:
1339
1340
  """
1340
1341
  The AWS Secret Access Key to use when generating new credentials.
1341
1342
  """
@@ -1343,7 +1344,7 @@ class SecretBackend(pulumi.CustomResource):
1343
1344
 
1344
1345
  @property
1345
1346
  @pulumi.getter(name="stsEndpoint")
1346
- def sts_endpoint(self) -> pulumi.Output[Optional[str]]:
1347
+ def sts_endpoint(self) -> pulumi.Output[Optional[builtins.str]]:
1347
1348
  """
1348
1349
  Specifies a custom HTTP STS endpoint to use.
1349
1350
  """
@@ -1351,7 +1352,7 @@ class SecretBackend(pulumi.CustomResource):
1351
1352
 
1352
1353
  @property
1353
1354
  @pulumi.getter(name="stsFallbackEndpoints")
1354
- def sts_fallback_endpoints(self) -> pulumi.Output[Optional[Sequence[str]]]:
1355
+ def sts_fallback_endpoints(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
1355
1356
  """
1356
1357
  Ordered list of `sts_endpoint`s to try if the defined one fails. Requires Vault 1.19+
1357
1358
  """
@@ -1359,7 +1360,7 @@ class SecretBackend(pulumi.CustomResource):
1359
1360
 
1360
1361
  @property
1361
1362
  @pulumi.getter(name="stsFallbackRegions")
1362
- def sts_fallback_regions(self) -> pulumi.Output[Optional[Sequence[str]]]:
1363
+ def sts_fallback_regions(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
1363
1364
  """
1364
1365
  Ordered list of `sts_region`s matching the fallback endpoints. Should correspond in order with those endpoints. Requires Vault 1.19+
1365
1366
  """
@@ -1367,7 +1368,7 @@ class SecretBackend(pulumi.CustomResource):
1367
1368
 
1368
1369
  @property
1369
1370
  @pulumi.getter(name="stsRegion")
1370
- def sts_region(self) -> pulumi.Output[Optional[str]]:
1371
+ def sts_region(self) -> pulumi.Output[Optional[builtins.str]]:
1371
1372
  """
1372
1373
  Specifies the region of the STS endpoint. Should be included if `sts_endpoint` is supplied. Requires Vault 1.19+
1373
1374
  """
@@ -1375,7 +1376,7 @@ class SecretBackend(pulumi.CustomResource):
1375
1376
 
1376
1377
  @property
1377
1378
  @pulumi.getter(name="usernameTemplate")
1378
- def username_template(self) -> pulumi.Output[str]:
1379
+ def username_template(self) -> pulumi.Output[builtins.str]:
1379
1380
  """
1380
1381
  Template describing how dynamic usernames are generated. The username template is used to generate both IAM usernames (capped at 64 characters) and STS usernames (capped at 32 characters). If no template is provided the field defaults to the template:
1381
1382