pulumi-vault 7.2.0a1753339763__py3-none-any.whl → 7.2.0a1753512474__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (267) hide show
  1. pulumi_vault/__init__.py +1 -1
  2. pulumi_vault/_inputs.py +672 -673
  3. pulumi_vault/ad/__init__.py +1 -1
  4. pulumi_vault/ad/get_access_credentials.py +27 -28
  5. pulumi_vault/ad/secret_backend.py +579 -580
  6. pulumi_vault/ad/secret_library.py +120 -121
  7. pulumi_vault/ad/secret_role.py +104 -105
  8. pulumi_vault/alicloud/__init__.py +1 -1
  9. pulumi_vault/alicloud/auth_backend_role.py +222 -223
  10. pulumi_vault/approle/__init__.py +1 -1
  11. pulumi_vault/approle/auth_backend_login.py +138 -139
  12. pulumi_vault/approle/auth_backend_role.py +292 -293
  13. pulumi_vault/approle/auth_backend_role_secret_id.py +202 -203
  14. pulumi_vault/approle/get_auth_backend_role_id.py +23 -24
  15. pulumi_vault/audit.py +103 -104
  16. pulumi_vault/audit_request_header.py +52 -53
  17. pulumi_vault/auth_backend.py +132 -133
  18. pulumi_vault/aws/__init__.py +1 -1
  19. pulumi_vault/aws/auth_backend_cert.py +86 -87
  20. pulumi_vault/aws/auth_backend_client.py +307 -308
  21. pulumi_vault/aws/auth_backend_config_identity.py +103 -104
  22. pulumi_vault/aws/auth_backend_identity_whitelist.py +69 -70
  23. pulumi_vault/aws/auth_backend_login.py +258 -259
  24. pulumi_vault/aws/auth_backend_role.py +486 -487
  25. pulumi_vault/aws/auth_backend_role_tag.py +155 -156
  26. pulumi_vault/aws/auth_backend_roletag_blacklist.py +69 -70
  27. pulumi_vault/aws/auth_backend_sts_role.py +86 -87
  28. pulumi_vault/aws/get_access_credentials.py +59 -60
  29. pulumi_vault/aws/get_static_access_credentials.py +19 -20
  30. pulumi_vault/aws/secret_backend.py +409 -410
  31. pulumi_vault/aws/secret_backend_role.py +256 -257
  32. pulumi_vault/aws/secret_backend_static_role.py +137 -138
  33. pulumi_vault/azure/__init__.py +1 -1
  34. pulumi_vault/azure/_inputs.py +26 -27
  35. pulumi_vault/azure/auth_backend_config.py +222 -223
  36. pulumi_vault/azure/auth_backend_role.py +307 -308
  37. pulumi_vault/azure/backend.py +273 -274
  38. pulumi_vault/azure/backend_role.py +194 -195
  39. pulumi_vault/azure/get_access_credentials.py +75 -76
  40. pulumi_vault/azure/outputs.py +16 -17
  41. pulumi_vault/cert_auth_backend_role.py +443 -444
  42. pulumi_vault/config/__init__.py +1 -1
  43. pulumi_vault/config/__init__.pyi +1 -2
  44. pulumi_vault/config/_inputs.py +13 -14
  45. pulumi_vault/config/outputs.py +380 -381
  46. pulumi_vault/config/ui_custom_message.py +140 -141
  47. pulumi_vault/config/vars.py +31 -32
  48. pulumi_vault/consul/__init__.py +1 -1
  49. pulumi_vault/consul/secret_backend.py +239 -240
  50. pulumi_vault/consul/secret_backend_role.py +222 -223
  51. pulumi_vault/database/__init__.py +1 -1
  52. pulumi_vault/database/_inputs.py +3167 -3168
  53. pulumi_vault/database/outputs.py +2123 -2124
  54. pulumi_vault/database/secret_backend_connection.py +259 -260
  55. pulumi_vault/database/secret_backend_role.py +205 -206
  56. pulumi_vault/database/secret_backend_static_role.py +218 -219
  57. pulumi_vault/database/secrets_mount.py +379 -380
  58. pulumi_vault/egp_policy.py +86 -87
  59. pulumi_vault/gcp/__init__.py +1 -1
  60. pulumi_vault/gcp/_inputs.py +98 -99
  61. pulumi_vault/gcp/auth_backend.py +322 -323
  62. pulumi_vault/gcp/auth_backend_role.py +347 -348
  63. pulumi_vault/gcp/get_auth_backend_role.py +91 -92
  64. pulumi_vault/gcp/outputs.py +66 -67
  65. pulumi_vault/gcp/secret_backend.py +299 -300
  66. pulumi_vault/gcp/secret_impersonated_account.py +112 -113
  67. pulumi_vault/gcp/secret_roleset.py +115 -116
  68. pulumi_vault/gcp/secret_static_account.py +115 -116
  69. pulumi_vault/generic/__init__.py +1 -1
  70. pulumi_vault/generic/endpoint.py +138 -139
  71. pulumi_vault/generic/get_secret.py +39 -40
  72. pulumi_vault/generic/secret.py +95 -96
  73. pulumi_vault/get_auth_backend.py +29 -30
  74. pulumi_vault/get_auth_backends.py +19 -20
  75. pulumi_vault/get_namespace.py +21 -22
  76. pulumi_vault/get_namespaces.py +19 -20
  77. pulumi_vault/get_nomad_access_token.py +25 -26
  78. pulumi_vault/get_policy_document.py +10 -11
  79. pulumi_vault/get_raft_autopilot_state.py +31 -32
  80. pulumi_vault/github/__init__.py +1 -1
  81. pulumi_vault/github/_inputs.py +50 -51
  82. pulumi_vault/github/auth_backend.py +285 -286
  83. pulumi_vault/github/outputs.py +34 -35
  84. pulumi_vault/github/team.py +69 -70
  85. pulumi_vault/github/user.py +69 -70
  86. pulumi_vault/identity/__init__.py +1 -1
  87. pulumi_vault/identity/entity.py +103 -104
  88. pulumi_vault/identity/entity_alias.py +86 -87
  89. pulumi_vault/identity/entity_policies.py +78 -79
  90. pulumi_vault/identity/get_entity.py +62 -63
  91. pulumi_vault/identity/get_group.py +75 -76
  92. pulumi_vault/identity/get_oidc_client_creds.py +19 -20
  93. pulumi_vault/identity/get_oidc_openid_config.py +39 -40
  94. pulumi_vault/identity/get_oidc_public_keys.py +17 -18
  95. pulumi_vault/identity/group.py +171 -172
  96. pulumi_vault/identity/group_alias.py +69 -70
  97. pulumi_vault/identity/group_member_entity_ids.py +69 -70
  98. pulumi_vault/identity/group_member_group_ids.py +69 -70
  99. pulumi_vault/identity/group_policies.py +78 -79
  100. pulumi_vault/identity/mfa_duo.py +183 -184
  101. pulumi_vault/identity/mfa_login_enforcement.py +147 -148
  102. pulumi_vault/identity/mfa_okta.py +166 -167
  103. pulumi_vault/identity/mfa_pingid.py +160 -161
  104. pulumi_vault/identity/mfa_totp.py +217 -218
  105. pulumi_vault/identity/oidc.py +35 -36
  106. pulumi_vault/identity/oidc_assignment.py +69 -70
  107. pulumi_vault/identity/oidc_client.py +155 -156
  108. pulumi_vault/identity/oidc_key.py +103 -104
  109. pulumi_vault/identity/oidc_key_allowed_client_id.py +52 -53
  110. pulumi_vault/identity/oidc_provider.py +112 -113
  111. pulumi_vault/identity/oidc_role.py +103 -104
  112. pulumi_vault/identity/oidc_scope.py +69 -70
  113. pulumi_vault/identity/outputs.py +42 -43
  114. pulumi_vault/jwt/__init__.py +1 -1
  115. pulumi_vault/jwt/_inputs.py +50 -51
  116. pulumi_vault/jwt/auth_backend.py +353 -354
  117. pulumi_vault/jwt/auth_backend_role.py +494 -495
  118. pulumi_vault/jwt/outputs.py +34 -35
  119. pulumi_vault/kmip/__init__.py +1 -1
  120. pulumi_vault/kmip/secret_backend.py +222 -223
  121. pulumi_vault/kmip/secret_role.py +358 -359
  122. pulumi_vault/kmip/secret_scope.py +69 -70
  123. pulumi_vault/kubernetes/__init__.py +1 -1
  124. pulumi_vault/kubernetes/auth_backend_config.py +171 -172
  125. pulumi_vault/kubernetes/auth_backend_role.py +273 -274
  126. pulumi_vault/kubernetes/get_auth_backend_config.py +57 -58
  127. pulumi_vault/kubernetes/get_auth_backend_role.py +87 -88
  128. pulumi_vault/kubernetes/get_service_account_token.py +51 -52
  129. pulumi_vault/kubernetes/secret_backend.py +384 -385
  130. pulumi_vault/kubernetes/secret_backend_role.py +239 -240
  131. pulumi_vault/kv/__init__.py +1 -1
  132. pulumi_vault/kv/_inputs.py +25 -26
  133. pulumi_vault/kv/get_secret.py +25 -26
  134. pulumi_vault/kv/get_secret_subkeys_v2.py +39 -40
  135. pulumi_vault/kv/get_secret_v2.py +41 -42
  136. pulumi_vault/kv/get_secrets_list.py +17 -18
  137. pulumi_vault/kv/get_secrets_list_v2.py +25 -26
  138. pulumi_vault/kv/outputs.py +17 -18
  139. pulumi_vault/kv/secret.py +61 -62
  140. pulumi_vault/kv/secret_backend_v2.py +86 -87
  141. pulumi_vault/kv/secret_v2.py +184 -185
  142. pulumi_vault/ldap/__init__.py +1 -1
  143. pulumi_vault/ldap/auth_backend.py +716 -717
  144. pulumi_vault/ldap/auth_backend_group.py +69 -70
  145. pulumi_vault/ldap/auth_backend_user.py +86 -87
  146. pulumi_vault/ldap/get_dynamic_credentials.py +27 -28
  147. pulumi_vault/ldap/get_static_credentials.py +29 -30
  148. pulumi_vault/ldap/secret_backend.py +673 -674
  149. pulumi_vault/ldap/secret_backend_dynamic_role.py +154 -155
  150. pulumi_vault/ldap/secret_backend_library_set.py +120 -121
  151. pulumi_vault/ldap/secret_backend_static_role.py +120 -121
  152. pulumi_vault/managed/__init__.py +1 -1
  153. pulumi_vault/managed/_inputs.py +274 -275
  154. pulumi_vault/managed/keys.py +27 -28
  155. pulumi_vault/managed/outputs.py +184 -185
  156. pulumi_vault/mfa_duo.py +137 -138
  157. pulumi_vault/mfa_okta.py +137 -138
  158. pulumi_vault/mfa_pingid.py +149 -150
  159. pulumi_vault/mfa_totp.py +154 -155
  160. pulumi_vault/mongodbatlas/__init__.py +1 -1
  161. pulumi_vault/mongodbatlas/secret_backend.py +78 -79
  162. pulumi_vault/mongodbatlas/secret_role.py +188 -189
  163. pulumi_vault/mount.py +333 -334
  164. pulumi_vault/namespace.py +78 -79
  165. pulumi_vault/nomad_secret_backend.py +256 -257
  166. pulumi_vault/nomad_secret_role.py +103 -104
  167. pulumi_vault/okta/__init__.py +1 -1
  168. pulumi_vault/okta/_inputs.py +31 -32
  169. pulumi_vault/okta/auth_backend.py +305 -306
  170. pulumi_vault/okta/auth_backend_group.py +69 -70
  171. pulumi_vault/okta/auth_backend_user.py +86 -87
  172. pulumi_vault/okta/outputs.py +21 -22
  173. pulumi_vault/outputs.py +81 -82
  174. pulumi_vault/pkisecret/__init__.py +1 -1
  175. pulumi_vault/pkisecret/_inputs.py +55 -56
  176. pulumi_vault/pkisecret/backend_acme_eab.py +116 -117
  177. pulumi_vault/pkisecret/backend_config_acme.py +175 -176
  178. pulumi_vault/pkisecret/backend_config_auto_tidy.py +394 -395
  179. pulumi_vault/pkisecret/backend_config_cluster.py +71 -72
  180. pulumi_vault/pkisecret/backend_config_cmpv2.py +132 -133
  181. pulumi_vault/pkisecret/backend_config_est.py +149 -150
  182. pulumi_vault/pkisecret/backend_config_scep.py +137 -138
  183. pulumi_vault/pkisecret/get_backend_cert_metadata.py +37 -38
  184. pulumi_vault/pkisecret/get_backend_config_cmpv2.py +32 -33
  185. pulumi_vault/pkisecret/get_backend_config_est.py +30 -31
  186. pulumi_vault/pkisecret/get_backend_config_scep.py +29 -30
  187. pulumi_vault/pkisecret/get_backend_issuer.py +63 -64
  188. pulumi_vault/pkisecret/get_backend_issuers.py +23 -24
  189. pulumi_vault/pkisecret/get_backend_key.py +29 -30
  190. pulumi_vault/pkisecret/get_backend_keys.py +23 -24
  191. pulumi_vault/pkisecret/outputs.py +61 -62
  192. pulumi_vault/pkisecret/secret_backend_cert.py +415 -416
  193. pulumi_vault/pkisecret/secret_backend_config_ca.py +54 -55
  194. pulumi_vault/pkisecret/secret_backend_config_issuers.py +75 -76
  195. pulumi_vault/pkisecret/secret_backend_config_urls.py +105 -106
  196. pulumi_vault/pkisecret/secret_backend_crl_config.py +241 -242
  197. pulumi_vault/pkisecret/secret_backend_intermediate_cert_request.py +515 -516
  198. pulumi_vault/pkisecret/secret_backend_intermediate_set_signed.py +78 -79
  199. pulumi_vault/pkisecret/secret_backend_issuer.py +286 -287
  200. pulumi_vault/pkisecret/secret_backend_key.py +146 -147
  201. pulumi_vault/pkisecret/secret_backend_role.py +873 -874
  202. pulumi_vault/pkisecret/secret_backend_root_cert.py +677 -678
  203. pulumi_vault/pkisecret/secret_backend_root_sign_intermediate.py +660 -661
  204. pulumi_vault/pkisecret/secret_backend_sign.py +346 -347
  205. pulumi_vault/plugin.py +154 -155
  206. pulumi_vault/plugin_pinned_version.py +52 -53
  207. pulumi_vault/policy.py +52 -53
  208. pulumi_vault/provider.py +160 -161
  209. pulumi_vault/pulumi-plugin.json +1 -1
  210. pulumi_vault/quota_lease_count.py +103 -104
  211. pulumi_vault/quota_rate_limit.py +171 -172
  212. pulumi_vault/rabbitmq/__init__.py +1 -1
  213. pulumi_vault/rabbitmq/_inputs.py +50 -51
  214. pulumi_vault/rabbitmq/outputs.py +34 -35
  215. pulumi_vault/rabbitmq/secret_backend.py +207 -208
  216. pulumi_vault/rabbitmq/secret_backend_role.py +79 -80
  217. pulumi_vault/raft_autopilot.py +137 -138
  218. pulumi_vault/raft_snapshot_agent_config.py +477 -478
  219. pulumi_vault/rgp_policy.py +69 -70
  220. pulumi_vault/saml/__init__.py +1 -1
  221. pulumi_vault/saml/auth_backend.py +188 -189
  222. pulumi_vault/saml/auth_backend_role.py +290 -291
  223. pulumi_vault/scep_auth_backend_role.py +252 -253
  224. pulumi_vault/secrets/__init__.py +1 -1
  225. pulumi_vault/secrets/_inputs.py +19 -20
  226. pulumi_vault/secrets/outputs.py +13 -14
  227. pulumi_vault/secrets/sync_association.py +88 -89
  228. pulumi_vault/secrets/sync_aws_destination.py +180 -181
  229. pulumi_vault/secrets/sync_azure_destination.py +180 -181
  230. pulumi_vault/secrets/sync_config.py +52 -53
  231. pulumi_vault/secrets/sync_gcp_destination.py +129 -130
  232. pulumi_vault/secrets/sync_gh_destination.py +163 -164
  233. pulumi_vault/secrets/sync_github_apps.py +78 -79
  234. pulumi_vault/secrets/sync_vercel_destination.py +146 -147
  235. pulumi_vault/ssh/__init__.py +1 -1
  236. pulumi_vault/ssh/_inputs.py +13 -14
  237. pulumi_vault/ssh/get_secret_backend_sign.py +65 -66
  238. pulumi_vault/ssh/outputs.py +9 -10
  239. pulumi_vault/ssh/secret_backend_ca.py +120 -121
  240. pulumi_vault/ssh/secret_backend_role.py +446 -447
  241. pulumi_vault/terraformcloud/__init__.py +1 -1
  242. pulumi_vault/terraformcloud/secret_backend.py +138 -139
  243. pulumi_vault/terraformcloud/secret_creds.py +93 -94
  244. pulumi_vault/terraformcloud/secret_role.py +117 -118
  245. pulumi_vault/token.py +301 -302
  246. pulumi_vault/tokenauth/__init__.py +1 -1
  247. pulumi_vault/tokenauth/auth_backend_role.py +324 -325
  248. pulumi_vault/transform/__init__.py +1 -1
  249. pulumi_vault/transform/alphabet.py +69 -70
  250. pulumi_vault/transform/get_decode.py +57 -58
  251. pulumi_vault/transform/get_encode.py +57 -58
  252. pulumi_vault/transform/role.py +69 -70
  253. pulumi_vault/transform/template.py +137 -138
  254. pulumi_vault/transform/transformation.py +171 -172
  255. pulumi_vault/transit/__init__.py +1 -1
  256. pulumi_vault/transit/get_cmac.py +47 -48
  257. pulumi_vault/transit/get_decrypt.py +25 -26
  258. pulumi_vault/transit/get_encrypt.py +29 -30
  259. pulumi_vault/transit/get_sign.py +71 -72
  260. pulumi_vault/transit/get_verify.py +83 -84
  261. pulumi_vault/transit/secret_backend_key.py +336 -337
  262. pulumi_vault/transit/secret_cache_config.py +52 -53
  263. {pulumi_vault-7.2.0a1753339763.dist-info → pulumi_vault-7.2.0a1753512474.dist-info}/METADATA +1 -1
  264. pulumi_vault-7.2.0a1753512474.dist-info/RECORD +268 -0
  265. pulumi_vault-7.2.0a1753339763.dist-info/RECORD +0 -268
  266. {pulumi_vault-7.2.0a1753339763.dist-info → pulumi_vault-7.2.0a1753512474.dist-info}/WHEEL +0 -0
  267. {pulumi_vault-7.2.0a1753339763.dist-info → pulumi_vault-7.2.0a1753512474.dist-info}/top_level.txt +0 -0
pulumi_vault/aws/auth_backend_role.py CHANGED
@@ -2,8 +2,7 @@
2
2
  # *** WARNING: this file was generated by pulumi-language-python. ***
3
3
  # *** Do not edit by hand unless you're certain you know what you are doing! ***
4
4
 
5
- import builtins
6
- import copy
5
+ import builtins as _builtins
7
6
  import warnings
8
7
  import sys
9
8
  import pulumi
@@ -20,95 +19,95 @@ __all__ = ['AuthBackendRoleArgs', 'AuthBackendRole']
20
19
  @pulumi.input_type
21
20
  class AuthBackendRoleArgs:
22
21
  def __init__(__self__, *,
23
- role: pulumi.Input[builtins.str],
24
- allow_instance_migration: Optional[pulumi.Input[builtins.bool]] = None,
25
- auth_type: Optional[pulumi.Input[builtins.str]] = None,
26
- backend: Optional[pulumi.Input[builtins.str]] = None,
27
- bound_account_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
28
- bound_ami_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
29
- bound_ec2_instance_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
30
- bound_iam_instance_profile_arns: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
31
- bound_iam_principal_arns: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
32
- bound_iam_role_arns: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
33
- bound_regions: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
34
- bound_subnet_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
35
- bound_vpc_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
36
- disallow_reauthentication: Optional[pulumi.Input[builtins.bool]] = None,
37
- inferred_aws_region: Optional[pulumi.Input[builtins.str]] = None,
38
- inferred_entity_type: Optional[pulumi.Input[builtins.str]] = None,
39
- namespace: Optional[pulumi.Input[builtins.str]] = None,
40
- resolve_aws_unique_ids: Optional[pulumi.Input[builtins.bool]] = None,
41
- role_tag: Optional[pulumi.Input[builtins.str]] = None,
42
- token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
43
- token_explicit_max_ttl: Optional[pulumi.Input[builtins.int]] = None,
44
- token_max_ttl: Optional[pulumi.Input[builtins.int]] = None,
45
- token_no_default_policy: Optional[pulumi.Input[builtins.bool]] = None,
46
- token_num_uses: Optional[pulumi.Input[builtins.int]] = None,
47
- token_period: Optional[pulumi.Input[builtins.int]] = None,
48
- token_policies: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
49
- token_ttl: Optional[pulumi.Input[builtins.int]] = None,
50
- token_type: Optional[pulumi.Input[builtins.str]] = None):
22
+ role: pulumi.Input[_builtins.str],
23
+ allow_instance_migration: Optional[pulumi.Input[_builtins.bool]] = None,
24
+ auth_type: Optional[pulumi.Input[_builtins.str]] = None,
25
+ backend: Optional[pulumi.Input[_builtins.str]] = None,
26
+ bound_account_ids: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
27
+ bound_ami_ids: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
28
+ bound_ec2_instance_ids: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
29
+ bound_iam_instance_profile_arns: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
30
+ bound_iam_principal_arns: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
31
+ bound_iam_role_arns: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
32
+ bound_regions: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
33
+ bound_subnet_ids: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
34
+ bound_vpc_ids: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
35
+ disallow_reauthentication: Optional[pulumi.Input[_builtins.bool]] = None,
36
+ inferred_aws_region: Optional[pulumi.Input[_builtins.str]] = None,
37
+ inferred_entity_type: Optional[pulumi.Input[_builtins.str]] = None,
38
+ namespace: Optional[pulumi.Input[_builtins.str]] = None,
39
+ resolve_aws_unique_ids: Optional[pulumi.Input[_builtins.bool]] = None,
40
+ role_tag: Optional[pulumi.Input[_builtins.str]] = None,
41
+ token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
42
+ token_explicit_max_ttl: Optional[pulumi.Input[_builtins.int]] = None,
43
+ token_max_ttl: Optional[pulumi.Input[_builtins.int]] = None,
44
+ token_no_default_policy: Optional[pulumi.Input[_builtins.bool]] = None,
45
+ token_num_uses: Optional[pulumi.Input[_builtins.int]] = None,
46
+ token_period: Optional[pulumi.Input[_builtins.int]] = None,
47
+ token_policies: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
48
+ token_ttl: Optional[pulumi.Input[_builtins.int]] = None,
49
+ token_type: Optional[pulumi.Input[_builtins.str]] = None):
51
50
  """
52
51
  The set of arguments for constructing a AuthBackendRole resource.
53
- :param pulumi.Input[builtins.str] role: The name of the role.
54
- :param pulumi.Input[builtins.bool] allow_instance_migration: If set to `true`, allows migration of
52
+ :param pulumi.Input[_builtins.str] role: The name of the role.
53
+ :param pulumi.Input[_builtins.bool] allow_instance_migration: If set to `true`, allows migration of
55
54
  the underlying instance where the client resides.
56
- :param pulumi.Input[builtins.str] auth_type: The auth type permitted for this role. Valid choices
55
+ :param pulumi.Input[_builtins.str] auth_type: The auth type permitted for this role. Valid choices
57
56
  are `ec2` and `iam`. Defaults to `iam`.
58
- :param pulumi.Input[builtins.str] backend: Path to the mounted aws auth backend.
59
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] bound_account_ids: If set, defines a constraint on the EC2
57
+ :param pulumi.Input[_builtins.str] backend: Path to the mounted aws auth backend.
58
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] bound_account_ids: If set, defines a constraint on the EC2
60
59
  instances that can perform the login operation that they should be using the
61
60
  account ID specified by this field. `auth_type` must be set to `ec2` or
62
61
  `inferred_entity_type` must be set to `ec2_instance` to use this constraint.
63
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] bound_ami_ids: If set, defines a constraint on the EC2 instances
62
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] bound_ami_ids: If set, defines a constraint on the EC2 instances
64
63
  that can perform the login operation that they should be using the AMI ID
65
64
  specified by this field. `auth_type` must be set to `ec2` or
66
65
  `inferred_entity_type` must be set to `ec2_instance` to use this constraint.
67
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] bound_ec2_instance_ids: Only EC2 instances that match this instance ID will be permitted to log in.
68
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] bound_iam_instance_profile_arns: If set, defines a constraint on
66
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] bound_ec2_instance_ids: Only EC2 instances that match this instance ID will be permitted to log in.
67
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] bound_iam_instance_profile_arns: If set, defines a constraint on
69
68
  the EC2 instances that can perform the login operation that they must be
70
69
  associated with an IAM instance profile ARN which has a prefix that matches
71
70
  the value specified by this field. The value is prefix-matched as though it
72
71
  were a glob ending in `*`. `auth_type` must be set to `ec2` or
73
72
  `inferred_entity_type` must be set to `ec2_instance` to use this constraint.
74
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] bound_iam_principal_arns: If set, defines the IAM principal that
73
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] bound_iam_principal_arns: If set, defines the IAM principal that
75
74
  must be authenticated when `auth_type` is set to `iam`. Wildcards are
76
75
  supported at the end of the ARN.
77
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] bound_iam_role_arns: If set, defines a constraint on the EC2
76
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] bound_iam_role_arns: If set, defines a constraint on the EC2
78
77
  instances that can perform the login operation that they must match the IAM
79
78
  role ARN specified by this field. `auth_type` must be set to `ec2` or
80
79
  `inferred_entity_type` must be set to `ec2_instance` to use this constraint.
81
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] bound_regions: If set, defines a constraint on the EC2 instances
80
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] bound_regions: If set, defines a constraint on the EC2 instances
82
81
  that can perform the login operation that the region in their identity
83
82
  document must match the one specified by this field. `auth_type` must be set
84
83
  to `ec2` or `inferred_entity_type` must be set to `ec2_instance` to use this
85
84
  constraint.
86
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] bound_subnet_ids: If set, defines a constraint on the EC2
85
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] bound_subnet_ids: If set, defines a constraint on the EC2
87
86
  instances that can perform the login operation that they be associated with
88
87
  the subnet ID that matches the value specified by this field. `auth_type`
89
88
  must be set to `ec2` or `inferred_entity_type` must be set to `ec2_instance`
90
89
  to use this constraint.
91
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] bound_vpc_ids: If set, defines a constraint on the EC2 instances
90
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] bound_vpc_ids: If set, defines a constraint on the EC2 instances
92
91
  that can perform the login operation that they be associated with the VPC ID
93
92
  that matches the value specified by this field. `auth_type` must be set to
94
93
  `ec2` or `inferred_entity_type` must be set to `ec2_instance` to use this
95
94
  constraint.
96
- :param pulumi.Input[builtins.bool] disallow_reauthentication: IF set to `true`, only allows a
95
+ :param pulumi.Input[_builtins.bool] disallow_reauthentication: IF set to `true`, only allows a
97
96
  single token to be granted per instance ID. This can only be set when
98
97
  `auth_type` is set to `ec2`.
99
- :param pulumi.Input[builtins.str] inferred_aws_region: When `inferred_entity_type` is set, this
98
+ :param pulumi.Input[_builtins.str] inferred_aws_region: When `inferred_entity_type` is set, this
100
99
  is the region to search for the inferred entities. Required if
101
100
  `inferred_entity_type` is set. This only applies when `auth_type` is set to
102
101
  `iam`.
103
- :param pulumi.Input[builtins.str] inferred_entity_type: If set, instructs Vault to turn on
102
+ :param pulumi.Input[_builtins.str] inferred_entity_type: If set, instructs Vault to turn on
104
103
  inferencing. The only valid value is `ec2_instance`, which instructs Vault to
105
104
  infer that the role comes from an EC2 instance in an IAM instance profile.
106
105
  This only applies when `auth_type` is set to `iam`.
107
- :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
106
+ :param pulumi.Input[_builtins.str] namespace: The namespace to provision the resource in.
108
107
  The value should not contain leading or trailing forward slashes.
109
108
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
110
109
  *Available only for Vault Enterprise*.
111
- :param pulumi.Input[builtins.bool] resolve_aws_unique_ids: Only valid when
110
+ :param pulumi.Input[_builtins.bool] resolve_aws_unique_ids: Only valid when
112
111
  `auth_type` is `iam`. If set to `true`, the `bound_iam_principal_arns` are
113
112
  resolved to [AWS Unique
114
113
  IDs](http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-unique-ids)
@@ -119,19 +118,19 @@ class AuthBackendRoleArgs:
119
118
  roles won't get access to roles in Vault that were permissioned to the prior
120
119
  principals of the same name. Defaults to `true`.
121
120
  Once set to `true`, this cannot be changed to `false` without recreating the role.
122
- :param pulumi.Input[builtins.str] role_tag: If set, enable role tags for this role. The value set
121
+ :param pulumi.Input[_builtins.str] role_tag: If set, enable role tags for this role. The value set
123
122
  for this field should be the key of the tag on the EC2 instance. `auth_type`
124
123
  must be set to `ec2` or `inferred_entity_type` must be set to `ec2_instance`
125
124
  to use this constraint.
126
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
127
- :param pulumi.Input[builtins.int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
128
- :param pulumi.Input[builtins.int] token_max_ttl: The maximum lifetime of the generated token
129
- :param pulumi.Input[builtins.bool] token_no_default_policy: If true, the 'default' policy will not automatically be added to generated tokens
130
- :param pulumi.Input[builtins.int] token_num_uses: The maximum number of times a token may be used, a value of zero means unlimited
131
- :param pulumi.Input[builtins.int] token_period: Generated Token's Period
132
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] token_policies: Generated Token's Policies
133
- :param pulumi.Input[builtins.int] token_ttl: The initial ttl of the token to generate in seconds
134
- :param pulumi.Input[builtins.str] token_type: The type of token to generate, service or batch
125
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
126
+ :param pulumi.Input[_builtins.int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
127
+ :param pulumi.Input[_builtins.int] token_max_ttl: The maximum lifetime of the generated token
128
+ :param pulumi.Input[_builtins.bool] token_no_default_policy: If true, the 'default' policy will not automatically be added to generated tokens
129
+ :param pulumi.Input[_builtins.int] token_num_uses: The maximum number of times a token may be used, a value of zero means unlimited
130
+ :param pulumi.Input[_builtins.int] token_period: Generated Token's Period
131
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] token_policies: Generated Token's Policies
132
+ :param pulumi.Input[_builtins.int] token_ttl: The initial ttl of the token to generate in seconds
133
+ :param pulumi.Input[_builtins.str] token_type: The type of token to generate, service or batch
135
134
  """
136
135
  pulumi.set(__self__, "role", role)
137
136
  if allow_instance_migration is not None:
@@ -189,21 +188,21 @@ class AuthBackendRoleArgs:
189
188
  if token_type is not None:
190
189
  pulumi.set(__self__, "token_type", token_type)
191
190
 
192
- @property
191
+ @_builtins.property
193
192
  @pulumi.getter
194
- def role(self) -> pulumi.Input[builtins.str]:
193
+ def role(self) -> pulumi.Input[_builtins.str]:
195
194
  """
196
195
  The name of the role.
197
196
  """
198
197
  return pulumi.get(self, "role")
199
198
 
200
199
  @role.setter
201
- def role(self, value: pulumi.Input[builtins.str]):
200
+ def role(self, value: pulumi.Input[_builtins.str]):
202
201
  pulumi.set(self, "role", value)
203
202
 
204
- @property
203
+ @_builtins.property
205
204
  @pulumi.getter(name="allowInstanceMigration")
206
- def allow_instance_migration(self) -> Optional[pulumi.Input[builtins.bool]]:
205
+ def allow_instance_migration(self) -> Optional[pulumi.Input[_builtins.bool]]:
207
206
  """
208
207
  If set to `true`, allows migration of
209
208
  the underlying instance where the client resides.
@@ -211,12 +210,12 @@ class AuthBackendRoleArgs:
211
210
  return pulumi.get(self, "allow_instance_migration")
212
211
 
213
212
  @allow_instance_migration.setter
214
- def allow_instance_migration(self, value: Optional[pulumi.Input[builtins.bool]]):
213
+ def allow_instance_migration(self, value: Optional[pulumi.Input[_builtins.bool]]):
215
214
  pulumi.set(self, "allow_instance_migration", value)
216
215
 
217
- @property
216
+ @_builtins.property
218
217
  @pulumi.getter(name="authType")
219
- def auth_type(self) -> Optional[pulumi.Input[builtins.str]]:
218
+ def auth_type(self) -> Optional[pulumi.Input[_builtins.str]]:
220
219
  """
221
220
  The auth type permitted for this role. Valid choices
222
221
  are `ec2` and `iam`. Defaults to `iam`.
@@ -224,24 +223,24 @@ class AuthBackendRoleArgs:
224
223
  return pulumi.get(self, "auth_type")
225
224
 
226
225
  @auth_type.setter
227
- def auth_type(self, value: Optional[pulumi.Input[builtins.str]]):
226
+ def auth_type(self, value: Optional[pulumi.Input[_builtins.str]]):
228
227
  pulumi.set(self, "auth_type", value)
229
228
 
230
- @property
229
+ @_builtins.property
231
230
  @pulumi.getter
232
- def backend(self) -> Optional[pulumi.Input[builtins.str]]:
231
+ def backend(self) -> Optional[pulumi.Input[_builtins.str]]:
233
232
  """
234
233
  Path to the mounted aws auth backend.
235
234
  """
236
235
  return pulumi.get(self, "backend")
237
236
 
238
237
  @backend.setter
239
- def backend(self, value: Optional[pulumi.Input[builtins.str]]):
238
+ def backend(self, value: Optional[pulumi.Input[_builtins.str]]):
240
239
  pulumi.set(self, "backend", value)
241
240
 
242
- @property
241
+ @_builtins.property
243
242
  @pulumi.getter(name="boundAccountIds")
244
- def bound_account_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
243
+ def bound_account_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
245
244
  """
246
245
  If set, defines a constraint on the EC2
247
246
  instances that can perform the login operation that they should be using the
@@ -251,12 +250,12 @@ class AuthBackendRoleArgs:
251
250
  return pulumi.get(self, "bound_account_ids")
252
251
 
253
252
  @bound_account_ids.setter
254
- def bound_account_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
253
+ def bound_account_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
255
254
  pulumi.set(self, "bound_account_ids", value)
256
255
 
257
- @property
256
+ @_builtins.property
258
257
  @pulumi.getter(name="boundAmiIds")
259
- def bound_ami_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
258
+ def bound_ami_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
260
259
  """
261
260
  If set, defines a constraint on the EC2 instances
262
261
  that can perform the login operation that they should be using the AMI ID
@@ -266,24 +265,24 @@ class AuthBackendRoleArgs:
266
265
  return pulumi.get(self, "bound_ami_ids")
267
266
 
268
267
  @bound_ami_ids.setter
269
- def bound_ami_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
268
+ def bound_ami_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
270
269
  pulumi.set(self, "bound_ami_ids", value)
271
270
 
272
- @property
271
+ @_builtins.property
273
272
  @pulumi.getter(name="boundEc2InstanceIds")
274
- def bound_ec2_instance_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
273
+ def bound_ec2_instance_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
275
274
  """
276
275
  Only EC2 instances that match this instance ID will be permitted to log in.
277
276
  """
278
277
  return pulumi.get(self, "bound_ec2_instance_ids")
279
278
 
280
279
  @bound_ec2_instance_ids.setter
281
- def bound_ec2_instance_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
280
+ def bound_ec2_instance_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
282
281
  pulumi.set(self, "bound_ec2_instance_ids", value)
283
282
 
284
- @property
283
+ @_builtins.property
285
284
  @pulumi.getter(name="boundIamInstanceProfileArns")
286
- def bound_iam_instance_profile_arns(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
285
+ def bound_iam_instance_profile_arns(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
287
286
  """
288
287
  If set, defines a constraint on
289
288
  the EC2 instances that can perform the login operation that they must be
@@ -295,12 +294,12 @@ class AuthBackendRoleArgs:
295
294
  return pulumi.get(self, "bound_iam_instance_profile_arns")
296
295
 
297
296
  @bound_iam_instance_profile_arns.setter
298
- def bound_iam_instance_profile_arns(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
297
+ def bound_iam_instance_profile_arns(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
299
298
  pulumi.set(self, "bound_iam_instance_profile_arns", value)
300
299
 
301
- @property
300
+ @_builtins.property
302
301
  @pulumi.getter(name="boundIamPrincipalArns")
303
- def bound_iam_principal_arns(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
302
+ def bound_iam_principal_arns(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
304
303
  """
305
304
  If set, defines the IAM principal that
306
305
  must be authenticated when `auth_type` is set to `iam`. Wildcards are
@@ -309,12 +308,12 @@ class AuthBackendRoleArgs:
309
308
  return pulumi.get(self, "bound_iam_principal_arns")
310
309
 
311
310
  @bound_iam_principal_arns.setter
312
- def bound_iam_principal_arns(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
311
+ def bound_iam_principal_arns(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
313
312
  pulumi.set(self, "bound_iam_principal_arns", value)
314
313
 
315
- @property
314
+ @_builtins.property
316
315
  @pulumi.getter(name="boundIamRoleArns")
317
- def bound_iam_role_arns(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
316
+ def bound_iam_role_arns(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
318
317
  """
319
318
  If set, defines a constraint on the EC2
320
319
  instances that can perform the login operation that they must match the IAM
@@ -324,12 +323,12 @@ class AuthBackendRoleArgs:
324
323
  return pulumi.get(self, "bound_iam_role_arns")
325
324
 
326
325
  @bound_iam_role_arns.setter
327
- def bound_iam_role_arns(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
326
+ def bound_iam_role_arns(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
328
327
  pulumi.set(self, "bound_iam_role_arns", value)
329
328
 
330
- @property
329
+ @_builtins.property
331
330
  @pulumi.getter(name="boundRegions")
332
- def bound_regions(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
331
+ def bound_regions(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
333
332
  """
334
333
  If set, defines a constraint on the EC2 instances
335
334
  that can perform the login operation that the region in their identity
@@ -340,12 +339,12 @@ class AuthBackendRoleArgs:
340
339
  return pulumi.get(self, "bound_regions")
341
340
 
342
341
  @bound_regions.setter
343
- def bound_regions(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
342
+ def bound_regions(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
344
343
  pulumi.set(self, "bound_regions", value)
345
344
 
346
- @property
345
+ @_builtins.property
347
346
  @pulumi.getter(name="boundSubnetIds")
348
- def bound_subnet_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
347
+ def bound_subnet_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
349
348
  """
350
349
  If set, defines a constraint on the EC2
351
350
  instances that can perform the login operation that they be associated with
@@ -356,12 +355,12 @@ class AuthBackendRoleArgs:
356
355
  return pulumi.get(self, "bound_subnet_ids")
357
356
 
358
357
  @bound_subnet_ids.setter
359
- def bound_subnet_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
358
+ def bound_subnet_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
360
359
  pulumi.set(self, "bound_subnet_ids", value)
361
360
 
362
- @property
361
+ @_builtins.property
363
362
  @pulumi.getter(name="boundVpcIds")
364
- def bound_vpc_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
363
+ def bound_vpc_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
365
364
  """
366
365
  If set, defines a constraint on the EC2 instances
367
366
  that can perform the login operation that they be associated with the VPC ID
@@ -372,12 +371,12 @@ class AuthBackendRoleArgs:
372
371
  return pulumi.get(self, "bound_vpc_ids")
373
372
 
374
373
  @bound_vpc_ids.setter
375
- def bound_vpc_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
374
+ def bound_vpc_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
376
375
  pulumi.set(self, "bound_vpc_ids", value)
377
376
 
378
- @property
377
+ @_builtins.property
379
378
  @pulumi.getter(name="disallowReauthentication")
380
- def disallow_reauthentication(self) -> Optional[pulumi.Input[builtins.bool]]:
379
+ def disallow_reauthentication(self) -> Optional[pulumi.Input[_builtins.bool]]:
381
380
  """
382
381
  IF set to `true`, only allows a
383
382
  single token to be granted per instance ID. This can only be set when
@@ -386,12 +385,12 @@ class AuthBackendRoleArgs:
386
385
  return pulumi.get(self, "disallow_reauthentication")
387
386
 
388
387
  @disallow_reauthentication.setter
389
- def disallow_reauthentication(self, value: Optional[pulumi.Input[builtins.bool]]):
388
+ def disallow_reauthentication(self, value: Optional[pulumi.Input[_builtins.bool]]):
390
389
  pulumi.set(self, "disallow_reauthentication", value)
391
390
 
392
- @property
391
+ @_builtins.property
393
392
  @pulumi.getter(name="inferredAwsRegion")
394
- def inferred_aws_region(self) -> Optional[pulumi.Input[builtins.str]]:
393
+ def inferred_aws_region(self) -> Optional[pulumi.Input[_builtins.str]]:
395
394
  """
396
395
  When `inferred_entity_type` is set, this
397
396
  is the region to search for the inferred entities. Required if
@@ -401,12 +400,12 @@ class AuthBackendRoleArgs:
401
400
  return pulumi.get(self, "inferred_aws_region")
402
401
 
403
402
  @inferred_aws_region.setter
404
- def inferred_aws_region(self, value: Optional[pulumi.Input[builtins.str]]):
403
+ def inferred_aws_region(self, value: Optional[pulumi.Input[_builtins.str]]):
405
404
  pulumi.set(self, "inferred_aws_region", value)
406
405
 
407
- @property
406
+ @_builtins.property
408
407
  @pulumi.getter(name="inferredEntityType")
409
- def inferred_entity_type(self) -> Optional[pulumi.Input[builtins.str]]:
408
+ def inferred_entity_type(self) -> Optional[pulumi.Input[_builtins.str]]:
410
409
  """
411
410
  If set, instructs Vault to turn on
412
411
  inferencing. The only valid value is `ec2_instance`, which instructs Vault to
@@ -416,12 +415,12 @@ class AuthBackendRoleArgs:
416
415
  return pulumi.get(self, "inferred_entity_type")
417
416
 
418
417
  @inferred_entity_type.setter
419
- def inferred_entity_type(self, value: Optional[pulumi.Input[builtins.str]]):
418
+ def inferred_entity_type(self, value: Optional[pulumi.Input[_builtins.str]]):
420
419
  pulumi.set(self, "inferred_entity_type", value)
421
420
 
422
- @property
421
+ @_builtins.property
423
422
  @pulumi.getter
424
- def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
423
+ def namespace(self) -> Optional[pulumi.Input[_builtins.str]]:
425
424
  """
426
425
  The namespace to provision the resource in.
427
426
  The value should not contain leading or trailing forward slashes.
@@ -431,12 +430,12 @@ class AuthBackendRoleArgs:
431
430
  return pulumi.get(self, "namespace")
432
431
 
433
432
  @namespace.setter
434
- def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
433
+ def namespace(self, value: Optional[pulumi.Input[_builtins.str]]):
435
434
  pulumi.set(self, "namespace", value)
436
435
 
437
- @property
436
+ @_builtins.property
438
437
  @pulumi.getter(name="resolveAwsUniqueIds")
439
- def resolve_aws_unique_ids(self) -> Optional[pulumi.Input[builtins.bool]]:
438
+ def resolve_aws_unique_ids(self) -> Optional[pulumi.Input[_builtins.bool]]:
440
439
  """
441
440
  Only valid when
442
441
  `auth_type` is `iam`. If set to `true`, the `bound_iam_principal_arns` are
@@ -453,12 +452,12 @@ class AuthBackendRoleArgs:
453
452
  return pulumi.get(self, "resolve_aws_unique_ids")
454
453
 
455
454
  @resolve_aws_unique_ids.setter
456
- def resolve_aws_unique_ids(self, value: Optional[pulumi.Input[builtins.bool]]):
455
+ def resolve_aws_unique_ids(self, value: Optional[pulumi.Input[_builtins.bool]]):
457
456
  pulumi.set(self, "resolve_aws_unique_ids", value)
458
457
 
459
- @property
458
+ @_builtins.property
460
459
  @pulumi.getter(name="roleTag")
461
- def role_tag(self) -> Optional[pulumi.Input[builtins.str]]:
460
+ def role_tag(self) -> Optional[pulumi.Input[_builtins.str]]:
462
461
  """
463
462
  If set, enable role tags for this role. The value set
464
463
  for this field should be the key of the tag on the EC2 instance. `auth_type`
@@ -468,210 +467,210 @@ class AuthBackendRoleArgs:
468
467
  return pulumi.get(self, "role_tag")
469
468
 
470
469
  @role_tag.setter
471
- def role_tag(self, value: Optional[pulumi.Input[builtins.str]]):
470
+ def role_tag(self, value: Optional[pulumi.Input[_builtins.str]]):
472
471
  pulumi.set(self, "role_tag", value)
473
472
 
474
- @property
473
+ @_builtins.property
475
474
  @pulumi.getter(name="tokenBoundCidrs")
476
- def token_bound_cidrs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
475
+ def token_bound_cidrs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
477
476
  """
478
477
  Specifies the blocks of IP addresses which are allowed to use the generated token
479
478
  """
480
479
  return pulumi.get(self, "token_bound_cidrs")
481
480
 
482
481
  @token_bound_cidrs.setter
483
- def token_bound_cidrs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
482
+ def token_bound_cidrs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
484
483
  pulumi.set(self, "token_bound_cidrs", value)
485
484
 
486
- @property
485
+ @_builtins.property
487
486
  @pulumi.getter(name="tokenExplicitMaxTtl")
488
- def token_explicit_max_ttl(self) -> Optional[pulumi.Input[builtins.int]]:
487
+ def token_explicit_max_ttl(self) -> Optional[pulumi.Input[_builtins.int]]:
489
488
  """
490
489
  Generated Token's Explicit Maximum TTL in seconds
491
490
  """
492
491
  return pulumi.get(self, "token_explicit_max_ttl")
493
492
 
494
493
  @token_explicit_max_ttl.setter
495
- def token_explicit_max_ttl(self, value: Optional[pulumi.Input[builtins.int]]):
494
+ def token_explicit_max_ttl(self, value: Optional[pulumi.Input[_builtins.int]]):
496
495
  pulumi.set(self, "token_explicit_max_ttl", value)
497
496
 
498
- @property
497
+ @_builtins.property
499
498
  @pulumi.getter(name="tokenMaxTtl")
500
- def token_max_ttl(self) -> Optional[pulumi.Input[builtins.int]]:
499
+ def token_max_ttl(self) -> Optional[pulumi.Input[_builtins.int]]:
501
500
  """
502
501
  The maximum lifetime of the generated token
503
502
  """
504
503
  return pulumi.get(self, "token_max_ttl")
505
504
 
506
505
  @token_max_ttl.setter
507
- def token_max_ttl(self, value: Optional[pulumi.Input[builtins.int]]):
506
+ def token_max_ttl(self, value: Optional[pulumi.Input[_builtins.int]]):
508
507
  pulumi.set(self, "token_max_ttl", value)
509
508
 
510
- @property
509
+ @_builtins.property
511
510
  @pulumi.getter(name="tokenNoDefaultPolicy")
512
- def token_no_default_policy(self) -> Optional[pulumi.Input[builtins.bool]]:
511
+ def token_no_default_policy(self) -> Optional[pulumi.Input[_builtins.bool]]:
513
512
  """
514
513
  If true, the 'default' policy will not automatically be added to generated tokens
515
514
  """
516
515
  return pulumi.get(self, "token_no_default_policy")
517
516
 
518
517
  @token_no_default_policy.setter
519
- def token_no_default_policy(self, value: Optional[pulumi.Input[builtins.bool]]):
518
+ def token_no_default_policy(self, value: Optional[pulumi.Input[_builtins.bool]]):
520
519
  pulumi.set(self, "token_no_default_policy", value)
521
520
 
522
- @property
521
+ @_builtins.property
523
522
  @pulumi.getter(name="tokenNumUses")
524
- def token_num_uses(self) -> Optional[pulumi.Input[builtins.int]]:
523
+ def token_num_uses(self) -> Optional[pulumi.Input[_builtins.int]]:
525
524
  """
526
525
  The maximum number of times a token may be used, a value of zero means unlimited
527
526
  """
528
527
  return pulumi.get(self, "token_num_uses")
529
528
 
530
529
  @token_num_uses.setter
531
- def token_num_uses(self, value: Optional[pulumi.Input[builtins.int]]):
530
+ def token_num_uses(self, value: Optional[pulumi.Input[_builtins.int]]):
532
531
  pulumi.set(self, "token_num_uses", value)
533
532
 
534
- @property
533
+ @_builtins.property
535
534
  @pulumi.getter(name="tokenPeriod")
536
- def token_period(self) -> Optional[pulumi.Input[builtins.int]]:
535
+ def token_period(self) -> Optional[pulumi.Input[_builtins.int]]:
537
536
  """
538
537
  Generated Token's Period
539
538
  """
540
539
  return pulumi.get(self, "token_period")
541
540
 
542
541
  @token_period.setter
543
- def token_period(self, value: Optional[pulumi.Input[builtins.int]]):
542
+ def token_period(self, value: Optional[pulumi.Input[_builtins.int]]):
544
543
  pulumi.set(self, "token_period", value)
545
544
 
546
- @property
545
+ @_builtins.property
547
546
  @pulumi.getter(name="tokenPolicies")
548
- def token_policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
547
+ def token_policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
549
548
  """
550
549
  Generated Token's Policies
551
550
  """
552
551
  return pulumi.get(self, "token_policies")
553
552
 
554
553
  @token_policies.setter
555
- def token_policies(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
554
+ def token_policies(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
556
555
  pulumi.set(self, "token_policies", value)
557
556
 
558
- @property
557
+ @_builtins.property
559
558
  @pulumi.getter(name="tokenTtl")
560
- def token_ttl(self) -> Optional[pulumi.Input[builtins.int]]:
559
+ def token_ttl(self) -> Optional[pulumi.Input[_builtins.int]]:
561
560
  """
562
561
  The initial ttl of the token to generate in seconds
563
562
  """
564
563
  return pulumi.get(self, "token_ttl")
565
564
 
566
565
  @token_ttl.setter
567
- def token_ttl(self, value: Optional[pulumi.Input[builtins.int]]):
566
+ def token_ttl(self, value: Optional[pulumi.Input[_builtins.int]]):
568
567
  pulumi.set(self, "token_ttl", value)
569
568
 
570
- @property
569
+ @_builtins.property
571
570
  @pulumi.getter(name="tokenType")
572
- def token_type(self) -> Optional[pulumi.Input[builtins.str]]:
571
+ def token_type(self) -> Optional[pulumi.Input[_builtins.str]]:
573
572
  """
574
573
  The type of token to generate, service or batch
575
574
  """
576
575
  return pulumi.get(self, "token_type")
577
576
 
578
577
  @token_type.setter
579
- def token_type(self, value: Optional[pulumi.Input[builtins.str]]):
578
+ def token_type(self, value: Optional[pulumi.Input[_builtins.str]]):
580
579
  pulumi.set(self, "token_type", value)
581
580
 
582
581
 
583
582
  @pulumi.input_type
584
583
  class _AuthBackendRoleState:
585
584
  def __init__(__self__, *,
586
- allow_instance_migration: Optional[pulumi.Input[builtins.bool]] = None,
587
- auth_type: Optional[pulumi.Input[builtins.str]] = None,
588
- backend: Optional[pulumi.Input[builtins.str]] = None,
589
- bound_account_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
590
- bound_ami_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
591
- bound_ec2_instance_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
592
- bound_iam_instance_profile_arns: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
593
- bound_iam_principal_arns: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
594
- bound_iam_role_arns: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
595
- bound_regions: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
596
- bound_subnet_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
597
- bound_vpc_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
598
- disallow_reauthentication: Optional[pulumi.Input[builtins.bool]] = None,
599
- inferred_aws_region: Optional[pulumi.Input[builtins.str]] = None,
600
- inferred_entity_type: Optional[pulumi.Input[builtins.str]] = None,
601
- namespace: Optional[pulumi.Input[builtins.str]] = None,
602
- resolve_aws_unique_ids: Optional[pulumi.Input[builtins.bool]] = None,
603
- role: Optional[pulumi.Input[builtins.str]] = None,
604
- role_id: Optional[pulumi.Input[builtins.str]] = None,
605
- role_tag: Optional[pulumi.Input[builtins.str]] = None,
606
- token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
607
- token_explicit_max_ttl: Optional[pulumi.Input[builtins.int]] = None,
608
- token_max_ttl: Optional[pulumi.Input[builtins.int]] = None,
609
- token_no_default_policy: Optional[pulumi.Input[builtins.bool]] = None,
610
- token_num_uses: Optional[pulumi.Input[builtins.int]] = None,
611
- token_period: Optional[pulumi.Input[builtins.int]] = None,
612
- token_policies: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
613
- token_ttl: Optional[pulumi.Input[builtins.int]] = None,
614
- token_type: Optional[pulumi.Input[builtins.str]] = None):
585
+ allow_instance_migration: Optional[pulumi.Input[_builtins.bool]] = None,
586
+ auth_type: Optional[pulumi.Input[_builtins.str]] = None,
587
+ backend: Optional[pulumi.Input[_builtins.str]] = None,
588
+ bound_account_ids: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
589
+ bound_ami_ids: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
590
+ bound_ec2_instance_ids: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
591
+ bound_iam_instance_profile_arns: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
592
+ bound_iam_principal_arns: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
593
+ bound_iam_role_arns: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
594
+ bound_regions: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
595
+ bound_subnet_ids: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
596
+ bound_vpc_ids: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
597
+ disallow_reauthentication: Optional[pulumi.Input[_builtins.bool]] = None,
598
+ inferred_aws_region: Optional[pulumi.Input[_builtins.str]] = None,
599
+ inferred_entity_type: Optional[pulumi.Input[_builtins.str]] = None,
600
+ namespace: Optional[pulumi.Input[_builtins.str]] = None,
601
+ resolve_aws_unique_ids: Optional[pulumi.Input[_builtins.bool]] = None,
602
+ role: Optional[pulumi.Input[_builtins.str]] = None,
603
+ role_id: Optional[pulumi.Input[_builtins.str]] = None,
604
+ role_tag: Optional[pulumi.Input[_builtins.str]] = None,
605
+ token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
606
+ token_explicit_max_ttl: Optional[pulumi.Input[_builtins.int]] = None,
607
+ token_max_ttl: Optional[pulumi.Input[_builtins.int]] = None,
608
+ token_no_default_policy: Optional[pulumi.Input[_builtins.bool]] = None,
609
+ token_num_uses: Optional[pulumi.Input[_builtins.int]] = None,
610
+ token_period: Optional[pulumi.Input[_builtins.int]] = None,
611
+ token_policies: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
612
+ token_ttl: Optional[pulumi.Input[_builtins.int]] = None,
613
+ token_type: Optional[pulumi.Input[_builtins.str]] = None):
615
614
  """
616
615
  Input properties used for looking up and filtering AuthBackendRole resources.
617
- :param pulumi.Input[builtins.bool] allow_instance_migration: If set to `true`, allows migration of
616
+ :param pulumi.Input[_builtins.bool] allow_instance_migration: If set to `true`, allows migration of
618
617
  the underlying instance where the client resides.
619
- :param pulumi.Input[builtins.str] auth_type: The auth type permitted for this role. Valid choices
618
+ :param pulumi.Input[_builtins.str] auth_type: The auth type permitted for this role. Valid choices
620
619
  are `ec2` and `iam`. Defaults to `iam`.
621
- :param pulumi.Input[builtins.str] backend: Path to the mounted aws auth backend.
622
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] bound_account_ids: If set, defines a constraint on the EC2
620
+ :param pulumi.Input[_builtins.str] backend: Path to the mounted aws auth backend.
621
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] bound_account_ids: If set, defines a constraint on the EC2
623
622
  instances that can perform the login operation that they should be using the
624
623
  account ID specified by this field. `auth_type` must be set to `ec2` or
625
624
  `inferred_entity_type` must be set to `ec2_instance` to use this constraint.
626
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] bound_ami_ids: If set, defines a constraint on the EC2 instances
625
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] bound_ami_ids: If set, defines a constraint on the EC2 instances
627
626
  that can perform the login operation that they should be using the AMI ID
628
627
  specified by this field. `auth_type` must be set to `ec2` or
629
628
  `inferred_entity_type` must be set to `ec2_instance` to use this constraint.
630
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] bound_ec2_instance_ids: Only EC2 instances that match this instance ID will be permitted to log in.
631
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] bound_iam_instance_profile_arns: If set, defines a constraint on
629
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] bound_ec2_instance_ids: Only EC2 instances that match this instance ID will be permitted to log in.
630
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] bound_iam_instance_profile_arns: If set, defines a constraint on
632
631
  the EC2 instances that can perform the login operation that they must be
633
632
  associated with an IAM instance profile ARN which has a prefix that matches
634
633
  the value specified by this field. The value is prefix-matched as though it
635
634
  were a glob ending in `*`. `auth_type` must be set to `ec2` or
636
635
  `inferred_entity_type` must be set to `ec2_instance` to use this constraint.
637
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] bound_iam_principal_arns: If set, defines the IAM principal that
636
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] bound_iam_principal_arns: If set, defines the IAM principal that
638
637
  must be authenticated when `auth_type` is set to `iam`. Wildcards are
639
638
  supported at the end of the ARN.
640
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] bound_iam_role_arns: If set, defines a constraint on the EC2
639
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] bound_iam_role_arns: If set, defines a constraint on the EC2
641
640
  instances that can perform the login operation that they must match the IAM
642
641
  role ARN specified by this field. `auth_type` must be set to `ec2` or
643
642
  `inferred_entity_type` must be set to `ec2_instance` to use this constraint.
644
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] bound_regions: If set, defines a constraint on the EC2 instances
643
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] bound_regions: If set, defines a constraint on the EC2 instances
645
644
  that can perform the login operation that the region in their identity
646
645
  document must match the one specified by this field. `auth_type` must be set
647
646
  to `ec2` or `inferred_entity_type` must be set to `ec2_instance` to use this
648
647
  constraint.
649
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] bound_subnet_ids: If set, defines a constraint on the EC2
648
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] bound_subnet_ids: If set, defines a constraint on the EC2
650
649
  instances that can perform the login operation that they be associated with
651
650
  the subnet ID that matches the value specified by this field. `auth_type`
652
651
  must be set to `ec2` or `inferred_entity_type` must be set to `ec2_instance`
653
652
  to use this constraint.
654
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] bound_vpc_ids: If set, defines a constraint on the EC2 instances
653
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] bound_vpc_ids: If set, defines a constraint on the EC2 instances
655
654
  that can perform the login operation that they be associated with the VPC ID
656
655
  that matches the value specified by this field. `auth_type` must be set to
657
656
  `ec2` or `inferred_entity_type` must be set to `ec2_instance` to use this
658
657
  constraint.
659
- :param pulumi.Input[builtins.bool] disallow_reauthentication: IF set to `true`, only allows a
658
+ :param pulumi.Input[_builtins.bool] disallow_reauthentication: IF set to `true`, only allows a
660
659
  single token to be granted per instance ID. This can only be set when
661
660
  `auth_type` is set to `ec2`.
662
- :param pulumi.Input[builtins.str] inferred_aws_region: When `inferred_entity_type` is set, this
661
+ :param pulumi.Input[_builtins.str] inferred_aws_region: When `inferred_entity_type` is set, this
663
662
  is the region to search for the inferred entities. Required if
664
663
  `inferred_entity_type` is set. This only applies when `auth_type` is set to
665
664
  `iam`.
666
- :param pulumi.Input[builtins.str] inferred_entity_type: If set, instructs Vault to turn on
665
+ :param pulumi.Input[_builtins.str] inferred_entity_type: If set, instructs Vault to turn on
667
666
  inferencing. The only valid value is `ec2_instance`, which instructs Vault to
668
667
  infer that the role comes from an EC2 instance in an IAM instance profile.
669
668
  This only applies when `auth_type` is set to `iam`.
670
- :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
669
+ :param pulumi.Input[_builtins.str] namespace: The namespace to provision the resource in.
671
670
  The value should not contain leading or trailing forward slashes.
672
671
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
673
672
  *Available only for Vault Enterprise*.
674
- :param pulumi.Input[builtins.bool] resolve_aws_unique_ids: Only valid when
673
+ :param pulumi.Input[_builtins.bool] resolve_aws_unique_ids: Only valid when
675
674
  `auth_type` is `iam`. If set to `true`, the `bound_iam_principal_arns` are
676
675
  resolved to [AWS Unique
677
676
  IDs](http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-unique-ids)
@@ -682,21 +681,21 @@ class _AuthBackendRoleState:
682
681
  roles won't get access to roles in Vault that were permissioned to the prior
683
682
  principals of the same name. Defaults to `true`.
684
683
  Once set to `true`, this cannot be changed to `false` without recreating the role.
685
- :param pulumi.Input[builtins.str] role: The name of the role.
686
- :param pulumi.Input[builtins.str] role_id: The Vault generated role ID.
687
- :param pulumi.Input[builtins.str] role_tag: If set, enable role tags for this role. The value set
684
+ :param pulumi.Input[_builtins.str] role: The name of the role.
685
+ :param pulumi.Input[_builtins.str] role_id: The Vault generated role ID.
686
+ :param pulumi.Input[_builtins.str] role_tag: If set, enable role tags for this role. The value set
688
687
  for this field should be the key of the tag on the EC2 instance. `auth_type`
689
688
  must be set to `ec2` or `inferred_entity_type` must be set to `ec2_instance`
690
689
  to use this constraint.
691
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
692
- :param pulumi.Input[builtins.int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
693
- :param pulumi.Input[builtins.int] token_max_ttl: The maximum lifetime of the generated token
694
- :param pulumi.Input[builtins.bool] token_no_default_policy: If true, the 'default' policy will not automatically be added to generated tokens
695
- :param pulumi.Input[builtins.int] token_num_uses: The maximum number of times a token may be used, a value of zero means unlimited
696
- :param pulumi.Input[builtins.int] token_period: Generated Token's Period
697
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] token_policies: Generated Token's Policies
698
- :param pulumi.Input[builtins.int] token_ttl: The initial ttl of the token to generate in seconds
699
- :param pulumi.Input[builtins.str] token_type: The type of token to generate, service or batch
690
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
691
+ :param pulumi.Input[_builtins.int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
692
+ :param pulumi.Input[_builtins.int] token_max_ttl: The maximum lifetime of the generated token
693
+ :param pulumi.Input[_builtins.bool] token_no_default_policy: If true, the 'default' policy will not automatically be added to generated tokens
694
+ :param pulumi.Input[_builtins.int] token_num_uses: The maximum number of times a token may be used, a value of zero means unlimited
695
+ :param pulumi.Input[_builtins.int] token_period: Generated Token's Period
696
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] token_policies: Generated Token's Policies
697
+ :param pulumi.Input[_builtins.int] token_ttl: The initial ttl of the token to generate in seconds
698
+ :param pulumi.Input[_builtins.str] token_type: The type of token to generate, service or batch
700
699
  """
701
700
  if allow_instance_migration is not None:
702
701
  pulumi.set(__self__, "allow_instance_migration", allow_instance_migration)
@@ -757,9 +756,9 @@ class _AuthBackendRoleState:
757
756
  if token_type is not None:
758
757
  pulumi.set(__self__, "token_type", token_type)
759
758
 
760
- @property
759
+ @_builtins.property
761
760
  @pulumi.getter(name="allowInstanceMigration")
762
- def allow_instance_migration(self) -> Optional[pulumi.Input[builtins.bool]]:
761
+ def allow_instance_migration(self) -> Optional[pulumi.Input[_builtins.bool]]:
763
762
  """
764
763
  If set to `true`, allows migration of
765
764
  the underlying instance where the client resides.
@@ -767,12 +766,12 @@ class _AuthBackendRoleState:
767
766
  return pulumi.get(self, "allow_instance_migration")
768
767
 
769
768
  @allow_instance_migration.setter
770
- def allow_instance_migration(self, value: Optional[pulumi.Input[builtins.bool]]):
769
+ def allow_instance_migration(self, value: Optional[pulumi.Input[_builtins.bool]]):
771
770
  pulumi.set(self, "allow_instance_migration", value)
772
771
 
773
- @property
772
+ @_builtins.property
774
773
  @pulumi.getter(name="authType")
775
- def auth_type(self) -> Optional[pulumi.Input[builtins.str]]:
774
+ def auth_type(self) -> Optional[pulumi.Input[_builtins.str]]:
776
775
  """
777
776
  The auth type permitted for this role. Valid choices
778
777
  are `ec2` and `iam`. Defaults to `iam`.
@@ -780,24 +779,24 @@ class _AuthBackendRoleState:
780
779
  return pulumi.get(self, "auth_type")
781
780
 
782
781
  @auth_type.setter
783
- def auth_type(self, value: Optional[pulumi.Input[builtins.str]]):
782
+ def auth_type(self, value: Optional[pulumi.Input[_builtins.str]]):
784
783
  pulumi.set(self, "auth_type", value)
785
784
 
786
- @property
785
+ @_builtins.property
787
786
  @pulumi.getter
788
- def backend(self) -> Optional[pulumi.Input[builtins.str]]:
787
+ def backend(self) -> Optional[pulumi.Input[_builtins.str]]:
789
788
  """
790
789
  Path to the mounted aws auth backend.
791
790
  """
792
791
  return pulumi.get(self, "backend")
793
792
 
794
793
  @backend.setter
795
- def backend(self, value: Optional[pulumi.Input[builtins.str]]):
794
+ def backend(self, value: Optional[pulumi.Input[_builtins.str]]):
796
795
  pulumi.set(self, "backend", value)
797
796
 
798
- @property
797
+ @_builtins.property
799
798
  @pulumi.getter(name="boundAccountIds")
800
- def bound_account_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
799
+ def bound_account_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
801
800
  """
802
801
  If set, defines a constraint on the EC2
803
802
  instances that can perform the login operation that they should be using the
@@ -807,12 +806,12 @@ class _AuthBackendRoleState:
807
806
  return pulumi.get(self, "bound_account_ids")
808
807
 
809
808
  @bound_account_ids.setter
810
- def bound_account_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
809
+ def bound_account_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
811
810
  pulumi.set(self, "bound_account_ids", value)
812
811
 
813
- @property
812
+ @_builtins.property
814
813
  @pulumi.getter(name="boundAmiIds")
815
- def bound_ami_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
814
+ def bound_ami_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
816
815
  """
817
816
  If set, defines a constraint on the EC2 instances
818
817
  that can perform the login operation that they should be using the AMI ID
@@ -822,24 +821,24 @@ class _AuthBackendRoleState:
822
821
  return pulumi.get(self, "bound_ami_ids")
823
822
 
824
823
  @bound_ami_ids.setter
825
- def bound_ami_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
824
+ def bound_ami_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
826
825
  pulumi.set(self, "bound_ami_ids", value)
827
826
 
828
- @property
827
+ @_builtins.property
829
828
  @pulumi.getter(name="boundEc2InstanceIds")
830
- def bound_ec2_instance_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
829
+ def bound_ec2_instance_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
831
830
  """
832
831
  Only EC2 instances that match this instance ID will be permitted to log in.
833
832
  """
834
833
  return pulumi.get(self, "bound_ec2_instance_ids")
835
834
 
836
835
  @bound_ec2_instance_ids.setter
837
- def bound_ec2_instance_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
836
+ def bound_ec2_instance_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
838
837
  pulumi.set(self, "bound_ec2_instance_ids", value)
839
838
 
840
- @property
839
+ @_builtins.property
841
840
  @pulumi.getter(name="boundIamInstanceProfileArns")
842
- def bound_iam_instance_profile_arns(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
841
+ def bound_iam_instance_profile_arns(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
843
842
  """
844
843
  If set, defines a constraint on
845
844
  the EC2 instances that can perform the login operation that they must be
@@ -851,12 +850,12 @@ class _AuthBackendRoleState:
851
850
  return pulumi.get(self, "bound_iam_instance_profile_arns")
852
851
 
853
852
  @bound_iam_instance_profile_arns.setter
854
- def bound_iam_instance_profile_arns(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
853
+ def bound_iam_instance_profile_arns(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
855
854
  pulumi.set(self, "bound_iam_instance_profile_arns", value)
856
855
 
857
- @property
856
+ @_builtins.property
858
857
  @pulumi.getter(name="boundIamPrincipalArns")
859
- def bound_iam_principal_arns(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
858
+ def bound_iam_principal_arns(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
860
859
  """
861
860
  If set, defines the IAM principal that
862
861
  must be authenticated when `auth_type` is set to `iam`. Wildcards are
@@ -865,12 +864,12 @@ class _AuthBackendRoleState:
865
864
  return pulumi.get(self, "bound_iam_principal_arns")
866
865
 
867
866
  @bound_iam_principal_arns.setter
868
- def bound_iam_principal_arns(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
867
+ def bound_iam_principal_arns(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
869
868
  pulumi.set(self, "bound_iam_principal_arns", value)
870
869
 
871
- @property
870
+ @_builtins.property
872
871
  @pulumi.getter(name="boundIamRoleArns")
873
- def bound_iam_role_arns(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
872
+ def bound_iam_role_arns(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
874
873
  """
875
874
  If set, defines a constraint on the EC2
876
875
  instances that can perform the login operation that they must match the IAM
@@ -880,12 +879,12 @@ class _AuthBackendRoleState:
880
879
  return pulumi.get(self, "bound_iam_role_arns")
881
880
 
882
881
  @bound_iam_role_arns.setter
883
- def bound_iam_role_arns(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
882
+ def bound_iam_role_arns(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
884
883
  pulumi.set(self, "bound_iam_role_arns", value)
885
884
 
886
- @property
885
+ @_builtins.property
887
886
  @pulumi.getter(name="boundRegions")
888
- def bound_regions(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
887
+ def bound_regions(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
889
888
  """
890
889
  If set, defines a constraint on the EC2 instances
891
890
  that can perform the login operation that the region in their identity
@@ -896,12 +895,12 @@ class _AuthBackendRoleState:
896
895
  return pulumi.get(self, "bound_regions")
897
896
 
898
897
  @bound_regions.setter
899
- def bound_regions(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
898
+ def bound_regions(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
900
899
  pulumi.set(self, "bound_regions", value)
901
900
 
902
- @property
901
+ @_builtins.property
903
902
  @pulumi.getter(name="boundSubnetIds")
904
- def bound_subnet_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
903
+ def bound_subnet_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
905
904
  """
906
905
  If set, defines a constraint on the EC2
907
906
  instances that can perform the login operation that they be associated with
@@ -912,12 +911,12 @@ class _AuthBackendRoleState:
912
911
  return pulumi.get(self, "bound_subnet_ids")
913
912
 
914
913
  @bound_subnet_ids.setter
915
- def bound_subnet_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
914
+ def bound_subnet_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
916
915
  pulumi.set(self, "bound_subnet_ids", value)
917
916
 
918
- @property
917
+ @_builtins.property
919
918
  @pulumi.getter(name="boundVpcIds")
920
- def bound_vpc_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
919
+ def bound_vpc_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
921
920
  """
922
921
  If set, defines a constraint on the EC2 instances
923
922
  that can perform the login operation that they be associated with the VPC ID
@@ -928,12 +927,12 @@ class _AuthBackendRoleState:
928
927
  return pulumi.get(self, "bound_vpc_ids")
929
928
 
930
929
  @bound_vpc_ids.setter
931
- def bound_vpc_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
930
+ def bound_vpc_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
932
931
  pulumi.set(self, "bound_vpc_ids", value)
933
932
 
934
- @property
933
+ @_builtins.property
935
934
  @pulumi.getter(name="disallowReauthentication")
936
- def disallow_reauthentication(self) -> Optional[pulumi.Input[builtins.bool]]:
935
+ def disallow_reauthentication(self) -> Optional[pulumi.Input[_builtins.bool]]:
937
936
  """
938
937
  IF set to `true`, only allows a
939
938
  single token to be granted per instance ID. This can only be set when
@@ -942,12 +941,12 @@ class _AuthBackendRoleState:
942
941
  return pulumi.get(self, "disallow_reauthentication")
943
942
 
944
943
  @disallow_reauthentication.setter
945
- def disallow_reauthentication(self, value: Optional[pulumi.Input[builtins.bool]]):
944
+ def disallow_reauthentication(self, value: Optional[pulumi.Input[_builtins.bool]]):
946
945
  pulumi.set(self, "disallow_reauthentication", value)
947
946
 
948
- @property
947
+ @_builtins.property
949
948
  @pulumi.getter(name="inferredAwsRegion")
950
- def inferred_aws_region(self) -> Optional[pulumi.Input[builtins.str]]:
949
+ def inferred_aws_region(self) -> Optional[pulumi.Input[_builtins.str]]:
951
950
  """
952
951
  When `inferred_entity_type` is set, this
953
952
  is the region to search for the inferred entities. Required if
@@ -957,12 +956,12 @@ class _AuthBackendRoleState:
957
956
  return pulumi.get(self, "inferred_aws_region")
958
957
 
959
958
  @inferred_aws_region.setter
960
- def inferred_aws_region(self, value: Optional[pulumi.Input[builtins.str]]):
959
+ def inferred_aws_region(self, value: Optional[pulumi.Input[_builtins.str]]):
961
960
  pulumi.set(self, "inferred_aws_region", value)
962
961
 
963
- @property
962
+ @_builtins.property
964
963
  @pulumi.getter(name="inferredEntityType")
965
- def inferred_entity_type(self) -> Optional[pulumi.Input[builtins.str]]:
964
+ def inferred_entity_type(self) -> Optional[pulumi.Input[_builtins.str]]:
966
965
  """
967
966
  If set, instructs Vault to turn on
968
967
  inferencing. The only valid value is `ec2_instance`, which instructs Vault to
@@ -972,12 +971,12 @@ class _AuthBackendRoleState:
972
971
  return pulumi.get(self, "inferred_entity_type")
973
972
 
974
973
  @inferred_entity_type.setter
975
- def inferred_entity_type(self, value: Optional[pulumi.Input[builtins.str]]):
974
+ def inferred_entity_type(self, value: Optional[pulumi.Input[_builtins.str]]):
976
975
  pulumi.set(self, "inferred_entity_type", value)
977
976
 
978
- @property
977
+ @_builtins.property
979
978
  @pulumi.getter
980
- def namespace(self) -> Optional[pulumi.Input[builtins.str]]:
979
+ def namespace(self) -> Optional[pulumi.Input[_builtins.str]]:
981
980
  """
982
981
  The namespace to provision the resource in.
983
982
  The value should not contain leading or trailing forward slashes.
@@ -987,12 +986,12 @@ class _AuthBackendRoleState:
987
986
  return pulumi.get(self, "namespace")
988
987
 
989
988
  @namespace.setter
990
- def namespace(self, value: Optional[pulumi.Input[builtins.str]]):
989
+ def namespace(self, value: Optional[pulumi.Input[_builtins.str]]):
991
990
  pulumi.set(self, "namespace", value)
992
991
 
993
- @property
992
+ @_builtins.property
994
993
  @pulumi.getter(name="resolveAwsUniqueIds")
995
- def resolve_aws_unique_ids(self) -> Optional[pulumi.Input[builtins.bool]]:
994
+ def resolve_aws_unique_ids(self) -> Optional[pulumi.Input[_builtins.bool]]:
996
995
  """
997
996
  Only valid when
998
997
  `auth_type` is `iam`. If set to `true`, the `bound_iam_principal_arns` are
@@ -1009,36 +1008,36 @@ class _AuthBackendRoleState:
1009
1008
  return pulumi.get(self, "resolve_aws_unique_ids")
1010
1009
 
1011
1010
  @resolve_aws_unique_ids.setter
1012
- def resolve_aws_unique_ids(self, value: Optional[pulumi.Input[builtins.bool]]):
1011
+ def resolve_aws_unique_ids(self, value: Optional[pulumi.Input[_builtins.bool]]):
1013
1012
  pulumi.set(self, "resolve_aws_unique_ids", value)
1014
1013
 
1015
- @property
1014
+ @_builtins.property
1016
1015
  @pulumi.getter
1017
- def role(self) -> Optional[pulumi.Input[builtins.str]]:
1016
+ def role(self) -> Optional[pulumi.Input[_builtins.str]]:
1018
1017
  """
1019
1018
  The name of the role.
1020
1019
  """
1021
1020
  return pulumi.get(self, "role")
1022
1021
 
1023
1022
  @role.setter
1024
- def role(self, value: Optional[pulumi.Input[builtins.str]]):
1023
+ def role(self, value: Optional[pulumi.Input[_builtins.str]]):
1025
1024
  pulumi.set(self, "role", value)
1026
1025
 
1027
- @property
1026
+ @_builtins.property
1028
1027
  @pulumi.getter(name="roleId")
1029
- def role_id(self) -> Optional[pulumi.Input[builtins.str]]:
1028
+ def role_id(self) -> Optional[pulumi.Input[_builtins.str]]:
1030
1029
  """
1031
1030
  The Vault generated role ID.
1032
1031
  """
1033
1032
  return pulumi.get(self, "role_id")
1034
1033
 
1035
1034
  @role_id.setter
1036
- def role_id(self, value: Optional[pulumi.Input[builtins.str]]):
1035
+ def role_id(self, value: Optional[pulumi.Input[_builtins.str]]):
1037
1036
  pulumi.set(self, "role_id", value)
1038
1037
 
1039
- @property
1038
+ @_builtins.property
1040
1039
  @pulumi.getter(name="roleTag")
1041
- def role_tag(self) -> Optional[pulumi.Input[builtins.str]]:
1040
+ def role_tag(self) -> Optional[pulumi.Input[_builtins.str]]:
1042
1041
  """
1043
1042
  If set, enable role tags for this role. The value set
1044
1043
  for this field should be the key of the tag on the EC2 instance. `auth_type`
@@ -1048,115 +1047,115 @@ class _AuthBackendRoleState:
1048
1047
  return pulumi.get(self, "role_tag")
1049
1048
 
1050
1049
  @role_tag.setter
1051
- def role_tag(self, value: Optional[pulumi.Input[builtins.str]]):
1050
+ def role_tag(self, value: Optional[pulumi.Input[_builtins.str]]):
1052
1051
  pulumi.set(self, "role_tag", value)
1053
1052
 
1054
- @property
1053
+ @_builtins.property
1055
1054
  @pulumi.getter(name="tokenBoundCidrs")
1056
- def token_bound_cidrs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
1055
+ def token_bound_cidrs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
1057
1056
  """
1058
1057
  Specifies the blocks of IP addresses which are allowed to use the generated token
1059
1058
  """
1060
1059
  return pulumi.get(self, "token_bound_cidrs")
1061
1060
 
1062
1061
  @token_bound_cidrs.setter
1063
- def token_bound_cidrs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
1062
+ def token_bound_cidrs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
1064
1063
  pulumi.set(self, "token_bound_cidrs", value)
1065
1064
 
1066
- @property
1065
+ @_builtins.property
1067
1066
  @pulumi.getter(name="tokenExplicitMaxTtl")
1068
- def token_explicit_max_ttl(self) -> Optional[pulumi.Input[builtins.int]]:
1067
+ def token_explicit_max_ttl(self) -> Optional[pulumi.Input[_builtins.int]]:
1069
1068
  """
1070
1069
  Generated Token's Explicit Maximum TTL in seconds
1071
1070
  """
1072
1071
  return pulumi.get(self, "token_explicit_max_ttl")
1073
1072
 
1074
1073
  @token_explicit_max_ttl.setter
1075
- def token_explicit_max_ttl(self, value: Optional[pulumi.Input[builtins.int]]):
1074
+ def token_explicit_max_ttl(self, value: Optional[pulumi.Input[_builtins.int]]):
1076
1075
  pulumi.set(self, "token_explicit_max_ttl", value)
1077
1076
 
1078
- @property
1077
+ @_builtins.property
1079
1078
  @pulumi.getter(name="tokenMaxTtl")
1080
- def token_max_ttl(self) -> Optional[pulumi.Input[builtins.int]]:
1079
+ def token_max_ttl(self) -> Optional[pulumi.Input[_builtins.int]]:
1081
1080
  """
1082
1081
  The maximum lifetime of the generated token
1083
1082
  """
1084
1083
  return pulumi.get(self, "token_max_ttl")
1085
1084
 
1086
1085
  @token_max_ttl.setter
1087
- def token_max_ttl(self, value: Optional[pulumi.Input[builtins.int]]):
1086
+ def token_max_ttl(self, value: Optional[pulumi.Input[_builtins.int]]):
1088
1087
  pulumi.set(self, "token_max_ttl", value)
1089
1088
 
1090
- @property
1089
+ @_builtins.property
1091
1090
  @pulumi.getter(name="tokenNoDefaultPolicy")
1092
- def token_no_default_policy(self) -> Optional[pulumi.Input[builtins.bool]]:
1091
+ def token_no_default_policy(self) -> Optional[pulumi.Input[_builtins.bool]]:
1093
1092
  """
1094
1093
  If true, the 'default' policy will not automatically be added to generated tokens
1095
1094
  """
1096
1095
  return pulumi.get(self, "token_no_default_policy")
1097
1096
 
1098
1097
  @token_no_default_policy.setter
1099
- def token_no_default_policy(self, value: Optional[pulumi.Input[builtins.bool]]):
1098
+ def token_no_default_policy(self, value: Optional[pulumi.Input[_builtins.bool]]):
1100
1099
  pulumi.set(self, "token_no_default_policy", value)
1101
1100
 
1102
- @property
1101
+ @_builtins.property
1103
1102
  @pulumi.getter(name="tokenNumUses")
1104
- def token_num_uses(self) -> Optional[pulumi.Input[builtins.int]]:
1103
+ def token_num_uses(self) -> Optional[pulumi.Input[_builtins.int]]:
1105
1104
  """
1106
1105
  The maximum number of times a token may be used, a value of zero means unlimited
1107
1106
  """
1108
1107
  return pulumi.get(self, "token_num_uses")
1109
1108
 
1110
1109
  @token_num_uses.setter
1111
- def token_num_uses(self, value: Optional[pulumi.Input[builtins.int]]):
1110
+ def token_num_uses(self, value: Optional[pulumi.Input[_builtins.int]]):
1112
1111
  pulumi.set(self, "token_num_uses", value)
1113
1112
 
1114
- @property
1113
+ @_builtins.property
1115
1114
  @pulumi.getter(name="tokenPeriod")
1116
- def token_period(self) -> Optional[pulumi.Input[builtins.int]]:
1115
+ def token_period(self) -> Optional[pulumi.Input[_builtins.int]]:
1117
1116
  """
1118
1117
  Generated Token's Period
1119
1118
  """
1120
1119
  return pulumi.get(self, "token_period")
1121
1120
 
1122
1121
  @token_period.setter
1123
- def token_period(self, value: Optional[pulumi.Input[builtins.int]]):
1122
+ def token_period(self, value: Optional[pulumi.Input[_builtins.int]]):
1124
1123
  pulumi.set(self, "token_period", value)
1125
1124
 
1126
- @property
1125
+ @_builtins.property
1127
1126
  @pulumi.getter(name="tokenPolicies")
1128
- def token_policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
1127
+ def token_policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
1129
1128
  """
1130
1129
  Generated Token's Policies
1131
1130
  """
1132
1131
  return pulumi.get(self, "token_policies")
1133
1132
 
1134
1133
  @token_policies.setter
1135
- def token_policies(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
1134
+ def token_policies(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
1136
1135
  pulumi.set(self, "token_policies", value)
1137
1136
 
1138
- @property
1137
+ @_builtins.property
1139
1138
  @pulumi.getter(name="tokenTtl")
1140
- def token_ttl(self) -> Optional[pulumi.Input[builtins.int]]:
1139
+ def token_ttl(self) -> Optional[pulumi.Input[_builtins.int]]:
1141
1140
  """
1142
1141
  The initial ttl of the token to generate in seconds
1143
1142
  """
1144
1143
  return pulumi.get(self, "token_ttl")
1145
1144
 
1146
1145
  @token_ttl.setter
1147
- def token_ttl(self, value: Optional[pulumi.Input[builtins.int]]):
1146
+ def token_ttl(self, value: Optional[pulumi.Input[_builtins.int]]):
1148
1147
  pulumi.set(self, "token_ttl", value)
1149
1148
 
1150
- @property
1149
+ @_builtins.property
1151
1150
  @pulumi.getter(name="tokenType")
1152
- def token_type(self) -> Optional[pulumi.Input[builtins.str]]:
1151
+ def token_type(self) -> Optional[pulumi.Input[_builtins.str]]:
1153
1152
  """
1154
1153
  The type of token to generate, service or batch
1155
1154
  """
1156
1155
  return pulumi.get(self, "token_type")
1157
1156
 
1158
1157
  @token_type.setter
1159
- def token_type(self, value: Optional[pulumi.Input[builtins.str]]):
1158
+ def token_type(self, value: Optional[pulumi.Input[_builtins.str]]):
1160
1159
  pulumi.set(self, "token_type", value)
1161
1160
 
1162
1161
 
@@ -1166,34 +1165,34 @@ class AuthBackendRole(pulumi.CustomResource):
1166
1165
  def __init__(__self__,
1167
1166
  resource_name: str,
1168
1167
  opts: Optional[pulumi.ResourceOptions] = None,
1169
- allow_instance_migration: Optional[pulumi.Input[builtins.bool]] = None,
1170
- auth_type: Optional[pulumi.Input[builtins.str]] = None,
1171
- backend: Optional[pulumi.Input[builtins.str]] = None,
1172
- bound_account_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1173
- bound_ami_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1174
- bound_ec2_instance_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1175
- bound_iam_instance_profile_arns: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1176
- bound_iam_principal_arns: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1177
- bound_iam_role_arns: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1178
- bound_regions: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1179
- bound_subnet_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1180
- bound_vpc_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1181
- disallow_reauthentication: Optional[pulumi.Input[builtins.bool]] = None,
1182
- inferred_aws_region: Optional[pulumi.Input[builtins.str]] = None,
1183
- inferred_entity_type: Optional[pulumi.Input[builtins.str]] = None,
1184
- namespace: Optional[pulumi.Input[builtins.str]] = None,
1185
- resolve_aws_unique_ids: Optional[pulumi.Input[builtins.bool]] = None,
1186
- role: Optional[pulumi.Input[builtins.str]] = None,
1187
- role_tag: Optional[pulumi.Input[builtins.str]] = None,
1188
- token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1189
- token_explicit_max_ttl: Optional[pulumi.Input[builtins.int]] = None,
1190
- token_max_ttl: Optional[pulumi.Input[builtins.int]] = None,
1191
- token_no_default_policy: Optional[pulumi.Input[builtins.bool]] = None,
1192
- token_num_uses: Optional[pulumi.Input[builtins.int]] = None,
1193
- token_period: Optional[pulumi.Input[builtins.int]] = None,
1194
- token_policies: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1195
- token_ttl: Optional[pulumi.Input[builtins.int]] = None,
1196
- token_type: Optional[pulumi.Input[builtins.str]] = None,
1168
+ allow_instance_migration: Optional[pulumi.Input[_builtins.bool]] = None,
1169
+ auth_type: Optional[pulumi.Input[_builtins.str]] = None,
1170
+ backend: Optional[pulumi.Input[_builtins.str]] = None,
1171
+ bound_account_ids: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
1172
+ bound_ami_ids: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
1173
+ bound_ec2_instance_ids: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
1174
+ bound_iam_instance_profile_arns: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
1175
+ bound_iam_principal_arns: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
1176
+ bound_iam_role_arns: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
1177
+ bound_regions: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
1178
+ bound_subnet_ids: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
1179
+ bound_vpc_ids: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
1180
+ disallow_reauthentication: Optional[pulumi.Input[_builtins.bool]] = None,
1181
+ inferred_aws_region: Optional[pulumi.Input[_builtins.str]] = None,
1182
+ inferred_entity_type: Optional[pulumi.Input[_builtins.str]] = None,
1183
+ namespace: Optional[pulumi.Input[_builtins.str]] = None,
1184
+ resolve_aws_unique_ids: Optional[pulumi.Input[_builtins.bool]] = None,
1185
+ role: Optional[pulumi.Input[_builtins.str]] = None,
1186
+ role_tag: Optional[pulumi.Input[_builtins.str]] = None,
1187
+ token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
1188
+ token_explicit_max_ttl: Optional[pulumi.Input[_builtins.int]] = None,
1189
+ token_max_ttl: Optional[pulumi.Input[_builtins.int]] = None,
1190
+ token_no_default_policy: Optional[pulumi.Input[_builtins.bool]] = None,
1191
+ token_num_uses: Optional[pulumi.Input[_builtins.int]] = None,
1192
+ token_period: Optional[pulumi.Input[_builtins.int]] = None,
1193
+ token_policies: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
1194
+ token_ttl: Optional[pulumi.Input[_builtins.int]] = None,
1195
+ token_type: Optional[pulumi.Input[_builtins.str]] = None,
1197
1196
  __props__=None):
1198
1197
  """
1199
1198
  Manages an AWS auth backend role in a Vault server. Roles constrain the
@@ -1240,64 +1239,64 @@ class AuthBackendRole(pulumi.CustomResource):
1240
1239
 
1241
1240
  :param str resource_name: The name of the resource.
1242
1241
  :param pulumi.ResourceOptions opts: Options for the resource.
1243
- :param pulumi.Input[builtins.bool] allow_instance_migration: If set to `true`, allows migration of
1242
+ :param pulumi.Input[_builtins.bool] allow_instance_migration: If set to `true`, allows migration of
1244
1243
  the underlying instance where the client resides.
1245
- :param pulumi.Input[builtins.str] auth_type: The auth type permitted for this role. Valid choices
1244
+ :param pulumi.Input[_builtins.str] auth_type: The auth type permitted for this role. Valid choices
1246
1245
  are `ec2` and `iam`. Defaults to `iam`.
1247
- :param pulumi.Input[builtins.str] backend: Path to the mounted aws auth backend.
1248
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] bound_account_ids: If set, defines a constraint on the EC2
1246
+ :param pulumi.Input[_builtins.str] backend: Path to the mounted aws auth backend.
1247
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] bound_account_ids: If set, defines a constraint on the EC2
1249
1248
  instances that can perform the login operation that they should be using the
1250
1249
  account ID specified by this field. `auth_type` must be set to `ec2` or
1251
1250
  `inferred_entity_type` must be set to `ec2_instance` to use this constraint.
1252
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] bound_ami_ids: If set, defines a constraint on the EC2 instances
1251
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] bound_ami_ids: If set, defines a constraint on the EC2 instances
1253
1252
  that can perform the login operation that they should be using the AMI ID
1254
1253
  specified by this field. `auth_type` must be set to `ec2` or
1255
1254
  `inferred_entity_type` must be set to `ec2_instance` to use this constraint.
1256
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] bound_ec2_instance_ids: Only EC2 instances that match this instance ID will be permitted to log in.
1257
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] bound_iam_instance_profile_arns: If set, defines a constraint on
1255
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] bound_ec2_instance_ids: Only EC2 instances that match this instance ID will be permitted to log in.
1256
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] bound_iam_instance_profile_arns: If set, defines a constraint on
1258
1257
  the EC2 instances that can perform the login operation that they must be
1259
1258
  associated with an IAM instance profile ARN which has a prefix that matches
1260
1259
  the value specified by this field. The value is prefix-matched as though it
1261
1260
  were a glob ending in `*`. `auth_type` must be set to `ec2` or
1262
1261
  `inferred_entity_type` must be set to `ec2_instance` to use this constraint.
1263
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] bound_iam_principal_arns: If set, defines the IAM principal that
1262
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] bound_iam_principal_arns: If set, defines the IAM principal that
1264
1263
  must be authenticated when `auth_type` is set to `iam`. Wildcards are
1265
1264
  supported at the end of the ARN.
1266
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] bound_iam_role_arns: If set, defines a constraint on the EC2
1265
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] bound_iam_role_arns: If set, defines a constraint on the EC2
1267
1266
  instances that can perform the login operation that they must match the IAM
1268
1267
  role ARN specified by this field. `auth_type` must be set to `ec2` or
1269
1268
  `inferred_entity_type` must be set to `ec2_instance` to use this constraint.
1270
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] bound_regions: If set, defines a constraint on the EC2 instances
1269
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] bound_regions: If set, defines a constraint on the EC2 instances
1271
1270
  that can perform the login operation that the region in their identity
1272
1271
  document must match the one specified by this field. `auth_type` must be set
1273
1272
  to `ec2` or `inferred_entity_type` must be set to `ec2_instance` to use this
1274
1273
  constraint.
1275
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] bound_subnet_ids: If set, defines a constraint on the EC2
1274
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] bound_subnet_ids: If set, defines a constraint on the EC2
1276
1275
  instances that can perform the login operation that they be associated with
1277
1276
  the subnet ID that matches the value specified by this field. `auth_type`
1278
1277
  must be set to `ec2` or `inferred_entity_type` must be set to `ec2_instance`
1279
1278
  to use this constraint.
1280
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] bound_vpc_ids: If set, defines a constraint on the EC2 instances
1279
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] bound_vpc_ids: If set, defines a constraint on the EC2 instances
1281
1280
  that can perform the login operation that they be associated with the VPC ID
1282
1281
  that matches the value specified by this field. `auth_type` must be set to
1283
1282
  `ec2` or `inferred_entity_type` must be set to `ec2_instance` to use this
1284
1283
  constraint.
1285
- :param pulumi.Input[builtins.bool] disallow_reauthentication: IF set to `true`, only allows a
1284
+ :param pulumi.Input[_builtins.bool] disallow_reauthentication: IF set to `true`, only allows a
1286
1285
  single token to be granted per instance ID. This can only be set when
1287
1286
  `auth_type` is set to `ec2`.
1288
- :param pulumi.Input[builtins.str] inferred_aws_region: When `inferred_entity_type` is set, this
1287
+ :param pulumi.Input[_builtins.str] inferred_aws_region: When `inferred_entity_type` is set, this
1289
1288
  is the region to search for the inferred entities. Required if
1290
1289
  `inferred_entity_type` is set. This only applies when `auth_type` is set to
1291
1290
  `iam`.
1292
- :param pulumi.Input[builtins.str] inferred_entity_type: If set, instructs Vault to turn on
1291
+ :param pulumi.Input[_builtins.str] inferred_entity_type: If set, instructs Vault to turn on
1293
1292
  inferencing. The only valid value is `ec2_instance`, which instructs Vault to
1294
1293
  infer that the role comes from an EC2 instance in an IAM instance profile.
1295
1294
  This only applies when `auth_type` is set to `iam`.
1296
- :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
1295
+ :param pulumi.Input[_builtins.str] namespace: The namespace to provision the resource in.
1297
1296
  The value should not contain leading or trailing forward slashes.
1298
1297
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
1299
1298
  *Available only for Vault Enterprise*.
1300
- :param pulumi.Input[builtins.bool] resolve_aws_unique_ids: Only valid when
1299
+ :param pulumi.Input[_builtins.bool] resolve_aws_unique_ids: Only valid when
1301
1300
  `auth_type` is `iam`. If set to `true`, the `bound_iam_principal_arns` are
1302
1301
  resolved to [AWS Unique
1303
1302
  IDs](http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-unique-ids)
@@ -1308,20 +1307,20 @@ class AuthBackendRole(pulumi.CustomResource):
1308
1307
  roles won't get access to roles in Vault that were permissioned to the prior
1309
1308
  principals of the same name. Defaults to `true`.
1310
1309
  Once set to `true`, this cannot be changed to `false` without recreating the role.
1311
- :param pulumi.Input[builtins.str] role: The name of the role.
1312
- :param pulumi.Input[builtins.str] role_tag: If set, enable role tags for this role. The value set
1310
+ :param pulumi.Input[_builtins.str] role: The name of the role.
1311
+ :param pulumi.Input[_builtins.str] role_tag: If set, enable role tags for this role. The value set
1313
1312
  for this field should be the key of the tag on the EC2 instance. `auth_type`
1314
1313
  must be set to `ec2` or `inferred_entity_type` must be set to `ec2_instance`
1315
1314
  to use this constraint.
1316
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
1317
- :param pulumi.Input[builtins.int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
1318
- :param pulumi.Input[builtins.int] token_max_ttl: The maximum lifetime of the generated token
1319
- :param pulumi.Input[builtins.bool] token_no_default_policy: If true, the 'default' policy will not automatically be added to generated tokens
1320
- :param pulumi.Input[builtins.int] token_num_uses: The maximum number of times a token may be used, a value of zero means unlimited
1321
- :param pulumi.Input[builtins.int] token_period: Generated Token's Period
1322
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] token_policies: Generated Token's Policies
1323
- :param pulumi.Input[builtins.int] token_ttl: The initial ttl of the token to generate in seconds
1324
- :param pulumi.Input[builtins.str] token_type: The type of token to generate, service or batch
1315
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
1316
+ :param pulumi.Input[_builtins.int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
1317
+ :param pulumi.Input[_builtins.int] token_max_ttl: The maximum lifetime of the generated token
1318
+ :param pulumi.Input[_builtins.bool] token_no_default_policy: If true, the 'default' policy will not automatically be added to generated tokens
1319
+ :param pulumi.Input[_builtins.int] token_num_uses: The maximum number of times a token may be used, a value of zero means unlimited
1320
+ :param pulumi.Input[_builtins.int] token_period: Generated Token's Period
1321
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] token_policies: Generated Token's Policies
1322
+ :param pulumi.Input[_builtins.int] token_ttl: The initial ttl of the token to generate in seconds
1323
+ :param pulumi.Input[_builtins.str] token_type: The type of token to generate, service or batch
1325
1324
  """
1326
1325
  ...
1327
1326
  @overload
@@ -1387,34 +1386,34 @@ class AuthBackendRole(pulumi.CustomResource):
1387
1386
  def _internal_init(__self__,
1388
1387
  resource_name: str,
1389
1388
  opts: Optional[pulumi.ResourceOptions] = None,
1390
- allow_instance_migration: Optional[pulumi.Input[builtins.bool]] = None,
1391
- auth_type: Optional[pulumi.Input[builtins.str]] = None,
1392
- backend: Optional[pulumi.Input[builtins.str]] = None,
1393
- bound_account_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1394
- bound_ami_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1395
- bound_ec2_instance_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1396
- bound_iam_instance_profile_arns: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1397
- bound_iam_principal_arns: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1398
- bound_iam_role_arns: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1399
- bound_regions: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1400
- bound_subnet_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1401
- bound_vpc_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1402
- disallow_reauthentication: Optional[pulumi.Input[builtins.bool]] = None,
1403
- inferred_aws_region: Optional[pulumi.Input[builtins.str]] = None,
1404
- inferred_entity_type: Optional[pulumi.Input[builtins.str]] = None,
1405
- namespace: Optional[pulumi.Input[builtins.str]] = None,
1406
- resolve_aws_unique_ids: Optional[pulumi.Input[builtins.bool]] = None,
1407
- role: Optional[pulumi.Input[builtins.str]] = None,
1408
- role_tag: Optional[pulumi.Input[builtins.str]] = None,
1409
- token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1410
- token_explicit_max_ttl: Optional[pulumi.Input[builtins.int]] = None,
1411
- token_max_ttl: Optional[pulumi.Input[builtins.int]] = None,
1412
- token_no_default_policy: Optional[pulumi.Input[builtins.bool]] = None,
1413
- token_num_uses: Optional[pulumi.Input[builtins.int]] = None,
1414
- token_period: Optional[pulumi.Input[builtins.int]] = None,
1415
- token_policies: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1416
- token_ttl: Optional[pulumi.Input[builtins.int]] = None,
1417
- token_type: Optional[pulumi.Input[builtins.str]] = None,
1389
+ allow_instance_migration: Optional[pulumi.Input[_builtins.bool]] = None,
1390
+ auth_type: Optional[pulumi.Input[_builtins.str]] = None,
1391
+ backend: Optional[pulumi.Input[_builtins.str]] = None,
1392
+ bound_account_ids: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
1393
+ bound_ami_ids: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
1394
+ bound_ec2_instance_ids: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
1395
+ bound_iam_instance_profile_arns: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
1396
+ bound_iam_principal_arns: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
1397
+ bound_iam_role_arns: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
1398
+ bound_regions: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
1399
+ bound_subnet_ids: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
1400
+ bound_vpc_ids: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
1401
+ disallow_reauthentication: Optional[pulumi.Input[_builtins.bool]] = None,
1402
+ inferred_aws_region: Optional[pulumi.Input[_builtins.str]] = None,
1403
+ inferred_entity_type: Optional[pulumi.Input[_builtins.str]] = None,
1404
+ namespace: Optional[pulumi.Input[_builtins.str]] = None,
1405
+ resolve_aws_unique_ids: Optional[pulumi.Input[_builtins.bool]] = None,
1406
+ role: Optional[pulumi.Input[_builtins.str]] = None,
1407
+ role_tag: Optional[pulumi.Input[_builtins.str]] = None,
1408
+ token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
1409
+ token_explicit_max_ttl: Optional[pulumi.Input[_builtins.int]] = None,
1410
+ token_max_ttl: Optional[pulumi.Input[_builtins.int]] = None,
1411
+ token_no_default_policy: Optional[pulumi.Input[_builtins.bool]] = None,
1412
+ token_num_uses: Optional[pulumi.Input[_builtins.int]] = None,
1413
+ token_period: Optional[pulumi.Input[_builtins.int]] = None,
1414
+ token_policies: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
1415
+ token_ttl: Optional[pulumi.Input[_builtins.int]] = None,
1416
+ token_type: Optional[pulumi.Input[_builtins.str]] = None,
1418
1417
  __props__=None):
1419
1418
  opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
1420
1419
  if not isinstance(opts, pulumi.ResourceOptions):
@@ -1465,35 +1464,35 @@ class AuthBackendRole(pulumi.CustomResource):
1465
1464
  def get(resource_name: str,
1466
1465
  id: pulumi.Input[str],
1467
1466
  opts: Optional[pulumi.ResourceOptions] = None,
1468
- allow_instance_migration: Optional[pulumi.Input[builtins.bool]] = None,
1469
- auth_type: Optional[pulumi.Input[builtins.str]] = None,
1470
- backend: Optional[pulumi.Input[builtins.str]] = None,
1471
- bound_account_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1472
- bound_ami_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1473
- bound_ec2_instance_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1474
- bound_iam_instance_profile_arns: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1475
- bound_iam_principal_arns: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1476
- bound_iam_role_arns: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1477
- bound_regions: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1478
- bound_subnet_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1479
- bound_vpc_ids: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1480
- disallow_reauthentication: Optional[pulumi.Input[builtins.bool]] = None,
1481
- inferred_aws_region: Optional[pulumi.Input[builtins.str]] = None,
1482
- inferred_entity_type: Optional[pulumi.Input[builtins.str]] = None,
1483
- namespace: Optional[pulumi.Input[builtins.str]] = None,
1484
- resolve_aws_unique_ids: Optional[pulumi.Input[builtins.bool]] = None,
1485
- role: Optional[pulumi.Input[builtins.str]] = None,
1486
- role_id: Optional[pulumi.Input[builtins.str]] = None,
1487
- role_tag: Optional[pulumi.Input[builtins.str]] = None,
1488
- token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1489
- token_explicit_max_ttl: Optional[pulumi.Input[builtins.int]] = None,
1490
- token_max_ttl: Optional[pulumi.Input[builtins.int]] = None,
1491
- token_no_default_policy: Optional[pulumi.Input[builtins.bool]] = None,
1492
- token_num_uses: Optional[pulumi.Input[builtins.int]] = None,
1493
- token_period: Optional[pulumi.Input[builtins.int]] = None,
1494
- token_policies: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
1495
- token_ttl: Optional[pulumi.Input[builtins.int]] = None,
1496
- token_type: Optional[pulumi.Input[builtins.str]] = None) -> 'AuthBackendRole':
1467
+ allow_instance_migration: Optional[pulumi.Input[_builtins.bool]] = None,
1468
+ auth_type: Optional[pulumi.Input[_builtins.str]] = None,
1469
+ backend: Optional[pulumi.Input[_builtins.str]] = None,
1470
+ bound_account_ids: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
1471
+ bound_ami_ids: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
1472
+ bound_ec2_instance_ids: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
1473
+ bound_iam_instance_profile_arns: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
1474
+ bound_iam_principal_arns: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
1475
+ bound_iam_role_arns: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
1476
+ bound_regions: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
1477
+ bound_subnet_ids: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
1478
+ bound_vpc_ids: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
1479
+ disallow_reauthentication: Optional[pulumi.Input[_builtins.bool]] = None,
1480
+ inferred_aws_region: Optional[pulumi.Input[_builtins.str]] = None,
1481
+ inferred_entity_type: Optional[pulumi.Input[_builtins.str]] = None,
1482
+ namespace: Optional[pulumi.Input[_builtins.str]] = None,
1483
+ resolve_aws_unique_ids: Optional[pulumi.Input[_builtins.bool]] = None,
1484
+ role: Optional[pulumi.Input[_builtins.str]] = None,
1485
+ role_id: Optional[pulumi.Input[_builtins.str]] = None,
1486
+ role_tag: Optional[pulumi.Input[_builtins.str]] = None,
1487
+ token_bound_cidrs: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
1488
+ token_explicit_max_ttl: Optional[pulumi.Input[_builtins.int]] = None,
1489
+ token_max_ttl: Optional[pulumi.Input[_builtins.int]] = None,
1490
+ token_no_default_policy: Optional[pulumi.Input[_builtins.bool]] = None,
1491
+ token_num_uses: Optional[pulumi.Input[_builtins.int]] = None,
1492
+ token_period: Optional[pulumi.Input[_builtins.int]] = None,
1493
+ token_policies: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
1494
+ token_ttl: Optional[pulumi.Input[_builtins.int]] = None,
1495
+ token_type: Optional[pulumi.Input[_builtins.str]] = None) -> 'AuthBackendRole':
1497
1496
  """
1498
1497
  Get an existing AuthBackendRole resource's state with the given name, id, and optional extra
1499
1498
  properties used to qualify the lookup.
@@ -1501,64 +1500,64 @@ class AuthBackendRole(pulumi.CustomResource):
1501
1500
  :param str resource_name: The unique name of the resulting resource.
1502
1501
  :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
1503
1502
  :param pulumi.ResourceOptions opts: Options for the resource.
1504
- :param pulumi.Input[builtins.bool] allow_instance_migration: If set to `true`, allows migration of
1503
+ :param pulumi.Input[_builtins.bool] allow_instance_migration: If set to `true`, allows migration of
1505
1504
  the underlying instance where the client resides.
1506
- :param pulumi.Input[builtins.str] auth_type: The auth type permitted for this role. Valid choices
1505
+ :param pulumi.Input[_builtins.str] auth_type: The auth type permitted for this role. Valid choices
1507
1506
  are `ec2` and `iam`. Defaults to `iam`.
1508
- :param pulumi.Input[builtins.str] backend: Path to the mounted aws auth backend.
1509
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] bound_account_ids: If set, defines a constraint on the EC2
1507
+ :param pulumi.Input[_builtins.str] backend: Path to the mounted aws auth backend.
1508
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] bound_account_ids: If set, defines a constraint on the EC2
1510
1509
  instances that can perform the login operation that they should be using the
1511
1510
  account ID specified by this field. `auth_type` must be set to `ec2` or
1512
1511
  `inferred_entity_type` must be set to `ec2_instance` to use this constraint.
1513
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] bound_ami_ids: If set, defines a constraint on the EC2 instances
1512
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] bound_ami_ids: If set, defines a constraint on the EC2 instances
1514
1513
  that can perform the login operation that they should be using the AMI ID
1515
1514
  specified by this field. `auth_type` must be set to `ec2` or
1516
1515
  `inferred_entity_type` must be set to `ec2_instance` to use this constraint.
1517
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] bound_ec2_instance_ids: Only EC2 instances that match this instance ID will be permitted to log in.
1518
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] bound_iam_instance_profile_arns: If set, defines a constraint on
1516
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] bound_ec2_instance_ids: Only EC2 instances that match this instance ID will be permitted to log in.
1517
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] bound_iam_instance_profile_arns: If set, defines a constraint on
1519
1518
  the EC2 instances that can perform the login operation that they must be
1520
1519
  associated with an IAM instance profile ARN which has a prefix that matches
1521
1520
  the value specified by this field. The value is prefix-matched as though it
1522
1521
  were a glob ending in `*`. `auth_type` must be set to `ec2` or
1523
1522
  `inferred_entity_type` must be set to `ec2_instance` to use this constraint.
1524
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] bound_iam_principal_arns: If set, defines the IAM principal that
1523
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] bound_iam_principal_arns: If set, defines the IAM principal that
1525
1524
  must be authenticated when `auth_type` is set to `iam`. Wildcards are
1526
1525
  supported at the end of the ARN.
1527
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] bound_iam_role_arns: If set, defines a constraint on the EC2
1526
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] bound_iam_role_arns: If set, defines a constraint on the EC2
1528
1527
  instances that can perform the login operation that they must match the IAM
1529
1528
  role ARN specified by this field. `auth_type` must be set to `ec2` or
1530
1529
  `inferred_entity_type` must be set to `ec2_instance` to use this constraint.
1531
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] bound_regions: If set, defines a constraint on the EC2 instances
1530
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] bound_regions: If set, defines a constraint on the EC2 instances
1532
1531
  that can perform the login operation that the region in their identity
1533
1532
  document must match the one specified by this field. `auth_type` must be set
1534
1533
  to `ec2` or `inferred_entity_type` must be set to `ec2_instance` to use this
1535
1534
  constraint.
1536
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] bound_subnet_ids: If set, defines a constraint on the EC2
1535
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] bound_subnet_ids: If set, defines a constraint on the EC2
1537
1536
  instances that can perform the login operation that they be associated with
1538
1537
  the subnet ID that matches the value specified by this field. `auth_type`
1539
1538
  must be set to `ec2` or `inferred_entity_type` must be set to `ec2_instance`
1540
1539
  to use this constraint.
1541
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] bound_vpc_ids: If set, defines a constraint on the EC2 instances
1540
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] bound_vpc_ids: If set, defines a constraint on the EC2 instances
1542
1541
  that can perform the login operation that they be associated with the VPC ID
1543
1542
  that matches the value specified by this field. `auth_type` must be set to
1544
1543
  `ec2` or `inferred_entity_type` must be set to `ec2_instance` to use this
1545
1544
  constraint.
1546
- :param pulumi.Input[builtins.bool] disallow_reauthentication: IF set to `true`, only allows a
1545
+ :param pulumi.Input[_builtins.bool] disallow_reauthentication: IF set to `true`, only allows a
1547
1546
  single token to be granted per instance ID. This can only be set when
1548
1547
  `auth_type` is set to `ec2`.
1549
- :param pulumi.Input[builtins.str] inferred_aws_region: When `inferred_entity_type` is set, this
1548
+ :param pulumi.Input[_builtins.str] inferred_aws_region: When `inferred_entity_type` is set, this
1550
1549
  is the region to search for the inferred entities. Required if
1551
1550
  `inferred_entity_type` is set. This only applies when `auth_type` is set to
1552
1551
  `iam`.
1553
- :param pulumi.Input[builtins.str] inferred_entity_type: If set, instructs Vault to turn on
1552
+ :param pulumi.Input[_builtins.str] inferred_entity_type: If set, instructs Vault to turn on
1554
1553
  inferencing. The only valid value is `ec2_instance`, which instructs Vault to
1555
1554
  infer that the role comes from an EC2 instance in an IAM instance profile.
1556
1555
  This only applies when `auth_type` is set to `iam`.
1557
- :param pulumi.Input[builtins.str] namespace: The namespace to provision the resource in.
1556
+ :param pulumi.Input[_builtins.str] namespace: The namespace to provision the resource in.
1558
1557
  The value should not contain leading or trailing forward slashes.
1559
1558
  The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
1560
1559
  *Available only for Vault Enterprise*.
1561
- :param pulumi.Input[builtins.bool] resolve_aws_unique_ids: Only valid when
1560
+ :param pulumi.Input[_builtins.bool] resolve_aws_unique_ids: Only valid when
1562
1561
  `auth_type` is `iam`. If set to `true`, the `bound_iam_principal_arns` are
1563
1562
  resolved to [AWS Unique
1564
1563
  IDs](http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-unique-ids)
@@ -1569,21 +1568,21 @@ class AuthBackendRole(pulumi.CustomResource):
1569
1568
  roles won't get access to roles in Vault that were permissioned to the prior
1570
1569
  principals of the same name. Defaults to `true`.
1571
1570
  Once set to `true`, this cannot be changed to `false` without recreating the role.
1572
- :param pulumi.Input[builtins.str] role: The name of the role.
1573
- :param pulumi.Input[builtins.str] role_id: The Vault generated role ID.
1574
- :param pulumi.Input[builtins.str] role_tag: If set, enable role tags for this role. The value set
1571
+ :param pulumi.Input[_builtins.str] role: The name of the role.
1572
+ :param pulumi.Input[_builtins.str] role_id: The Vault generated role ID.
1573
+ :param pulumi.Input[_builtins.str] role_tag: If set, enable role tags for this role. The value set
1575
1574
  for this field should be the key of the tag on the EC2 instance. `auth_type`
1576
1575
  must be set to `ec2` or `inferred_entity_type` must be set to `ec2_instance`
1577
1576
  to use this constraint.
1578
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
1579
- :param pulumi.Input[builtins.int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
1580
- :param pulumi.Input[builtins.int] token_max_ttl: The maximum lifetime of the generated token
1581
- :param pulumi.Input[builtins.bool] token_no_default_policy: If true, the 'default' policy will not automatically be added to generated tokens
1582
- :param pulumi.Input[builtins.int] token_num_uses: The maximum number of times a token may be used, a value of zero means unlimited
1583
- :param pulumi.Input[builtins.int] token_period: Generated Token's Period
1584
- :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] token_policies: Generated Token's Policies
1585
- :param pulumi.Input[builtins.int] token_ttl: The initial ttl of the token to generate in seconds
1586
- :param pulumi.Input[builtins.str] token_type: The type of token to generate, service or batch
1577
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] token_bound_cidrs: Specifies the blocks of IP addresses which are allowed to use the generated token
1578
+ :param pulumi.Input[_builtins.int] token_explicit_max_ttl: Generated Token's Explicit Maximum TTL in seconds
1579
+ :param pulumi.Input[_builtins.int] token_max_ttl: The maximum lifetime of the generated token
1580
+ :param pulumi.Input[_builtins.bool] token_no_default_policy: If true, the 'default' policy will not automatically be added to generated tokens
1581
+ :param pulumi.Input[_builtins.int] token_num_uses: The maximum number of times a token may be used, a value of zero means unlimited
1582
+ :param pulumi.Input[_builtins.int] token_period: Generated Token's Period
1583
+ :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] token_policies: Generated Token's Policies
1584
+ :param pulumi.Input[_builtins.int] token_ttl: The initial ttl of the token to generate in seconds
1585
+ :param pulumi.Input[_builtins.str] token_type: The type of token to generate, service or batch
1587
1586
  """
1588
1587
  opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
1589
1588
 
@@ -1620,35 +1619,35 @@ class AuthBackendRole(pulumi.CustomResource):
1620
1619
  __props__.__dict__["token_type"] = token_type
1621
1620
  return AuthBackendRole(resource_name, opts=opts, __props__=__props__)
1622
1621
 
1623
- @property
1622
+ @_builtins.property
1624
1623
  @pulumi.getter(name="allowInstanceMigration")
1625
- def allow_instance_migration(self) -> pulumi.Output[Optional[builtins.bool]]:
1624
+ def allow_instance_migration(self) -> pulumi.Output[Optional[_builtins.bool]]:
1626
1625
  """
1627
1626
  If set to `true`, allows migration of
1628
1627
  the underlying instance where the client resides.
1629
1628
  """
1630
1629
  return pulumi.get(self, "allow_instance_migration")
1631
1630
 
1632
- @property
1631
+ @_builtins.property
1633
1632
  @pulumi.getter(name="authType")
1634
- def auth_type(self) -> pulumi.Output[Optional[builtins.str]]:
1633
+ def auth_type(self) -> pulumi.Output[Optional[_builtins.str]]:
1635
1634
  """
1636
1635
  The auth type permitted for this role. Valid choices
1637
1636
  are `ec2` and `iam`. Defaults to `iam`.
1638
1637
  """
1639
1638
  return pulumi.get(self, "auth_type")
1640
1639
 
1641
- @property
1640
+ @_builtins.property
1642
1641
  @pulumi.getter
1643
- def backend(self) -> pulumi.Output[Optional[builtins.str]]:
1642
+ def backend(self) -> pulumi.Output[Optional[_builtins.str]]:
1644
1643
  """
1645
1644
  Path to the mounted aws auth backend.
1646
1645
  """
1647
1646
  return pulumi.get(self, "backend")
1648
1647
 
1649
- @property
1648
+ @_builtins.property
1650
1649
  @pulumi.getter(name="boundAccountIds")
1651
- def bound_account_ids(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
1650
+ def bound_account_ids(self) -> pulumi.Output[Optional[Sequence[_builtins.str]]]:
1652
1651
  """
1653
1652
  If set, defines a constraint on the EC2
1654
1653
  instances that can perform the login operation that they should be using the
@@ -1657,9 +1656,9 @@ class AuthBackendRole(pulumi.CustomResource):
1657
1656
  """
1658
1657
  return pulumi.get(self, "bound_account_ids")
1659
1658
 
1660
- @property
1659
+ @_builtins.property
1661
1660
  @pulumi.getter(name="boundAmiIds")
1662
- def bound_ami_ids(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
1661
+ def bound_ami_ids(self) -> pulumi.Output[Optional[Sequence[_builtins.str]]]:
1663
1662
  """
1664
1663
  If set, defines a constraint on the EC2 instances
1665
1664
  that can perform the login operation that they should be using the AMI ID
@@ -1668,17 +1667,17 @@ class AuthBackendRole(pulumi.CustomResource):
1668
1667
  """
1669
1668
  return pulumi.get(self, "bound_ami_ids")
1670
1669
 
1671
- @property
1670
+ @_builtins.property
1672
1671
  @pulumi.getter(name="boundEc2InstanceIds")
1673
- def bound_ec2_instance_ids(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
1672
+ def bound_ec2_instance_ids(self) -> pulumi.Output[Optional[Sequence[_builtins.str]]]:
1674
1673
  """
1675
1674
  Only EC2 instances that match this instance ID will be permitted to log in.
1676
1675
  """
1677
1676
  return pulumi.get(self, "bound_ec2_instance_ids")
1678
1677
 
1679
- @property
1678
+ @_builtins.property
1680
1679
  @pulumi.getter(name="boundIamInstanceProfileArns")
1681
- def bound_iam_instance_profile_arns(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
1680
+ def bound_iam_instance_profile_arns(self) -> pulumi.Output[Optional[Sequence[_builtins.str]]]:
1682
1681
  """
1683
1682
  If set, defines a constraint on
1684
1683
  the EC2 instances that can perform the login operation that they must be
@@ -1689,9 +1688,9 @@ class AuthBackendRole(pulumi.CustomResource):
1689
1688
  """
1690
1689
  return pulumi.get(self, "bound_iam_instance_profile_arns")
1691
1690
 
1692
- @property
1691
+ @_builtins.property
1693
1692
  @pulumi.getter(name="boundIamPrincipalArns")
1694
- def bound_iam_principal_arns(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
1693
+ def bound_iam_principal_arns(self) -> pulumi.Output[Optional[Sequence[_builtins.str]]]:
1695
1694
  """
1696
1695
  If set, defines the IAM principal that
1697
1696
  must be authenticated when `auth_type` is set to `iam`. Wildcards are
@@ -1699,9 +1698,9 @@ class AuthBackendRole(pulumi.CustomResource):
1699
1698
  """
1700
1699
  return pulumi.get(self, "bound_iam_principal_arns")
1701
1700
 
1702
- @property
1701
+ @_builtins.property
1703
1702
  @pulumi.getter(name="boundIamRoleArns")
1704
- def bound_iam_role_arns(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
1703
+ def bound_iam_role_arns(self) -> pulumi.Output[Optional[Sequence[_builtins.str]]]:
1705
1704
  """
1706
1705
  If set, defines a constraint on the EC2
1707
1706
  instances that can perform the login operation that they must match the IAM
@@ -1710,9 +1709,9 @@ class AuthBackendRole(pulumi.CustomResource):
1710
1709
  """
1711
1710
  return pulumi.get(self, "bound_iam_role_arns")
1712
1711
 
1713
- @property
1712
+ @_builtins.property
1714
1713
  @pulumi.getter(name="boundRegions")
1715
- def bound_regions(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
1714
+ def bound_regions(self) -> pulumi.Output[Optional[Sequence[_builtins.str]]]:
1716
1715
  """
1717
1716
  If set, defines a constraint on the EC2 instances
1718
1717
  that can perform the login operation that the region in their identity
@@ -1722,9 +1721,9 @@ class AuthBackendRole(pulumi.CustomResource):
1722
1721
  """
1723
1722
  return pulumi.get(self, "bound_regions")
1724
1723
 
1725
- @property
1724
+ @_builtins.property
1726
1725
  @pulumi.getter(name="boundSubnetIds")
1727
- def bound_subnet_ids(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
1726
+ def bound_subnet_ids(self) -> pulumi.Output[Optional[Sequence[_builtins.str]]]:
1728
1727
  """
1729
1728
  If set, defines a constraint on the EC2
1730
1729
  instances that can perform the login operation that they be associated with
@@ -1734,9 +1733,9 @@ class AuthBackendRole(pulumi.CustomResource):
1734
1733
  """
1735
1734
  return pulumi.get(self, "bound_subnet_ids")
1736
1735
 
1737
- @property
1736
+ @_builtins.property
1738
1737
  @pulumi.getter(name="boundVpcIds")
1739
- def bound_vpc_ids(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
1738
+ def bound_vpc_ids(self) -> pulumi.Output[Optional[Sequence[_builtins.str]]]:
1740
1739
  """
1741
1740
  If set, defines a constraint on the EC2 instances
1742
1741
  that can perform the login operation that they be associated with the VPC ID
@@ -1746,9 +1745,9 @@ class AuthBackendRole(pulumi.CustomResource):
1746
1745
  """
1747
1746
  return pulumi.get(self, "bound_vpc_ids")
1748
1747
 
1749
- @property
1748
+ @_builtins.property
1750
1749
  @pulumi.getter(name="disallowReauthentication")
1751
- def disallow_reauthentication(self) -> pulumi.Output[Optional[builtins.bool]]:
1750
+ def disallow_reauthentication(self) -> pulumi.Output[Optional[_builtins.bool]]:
1752
1751
  """
1753
1752
  IF set to `true`, only allows a
1754
1753
  single token to be granted per instance ID. This can only be set when
@@ -1756,9 +1755,9 @@ class AuthBackendRole(pulumi.CustomResource):
1756
1755
  """
1757
1756
  return pulumi.get(self, "disallow_reauthentication")
1758
1757
 
1759
- @property
1758
+ @_builtins.property
1760
1759
  @pulumi.getter(name="inferredAwsRegion")
1761
- def inferred_aws_region(self) -> pulumi.Output[Optional[builtins.str]]:
1760
+ def inferred_aws_region(self) -> pulumi.Output[Optional[_builtins.str]]:
1762
1761
  """
1763
1762
  When `inferred_entity_type` is set, this
1764
1763
  is the region to search for the inferred entities. Required if
@@ -1767,9 +1766,9 @@ class AuthBackendRole(pulumi.CustomResource):
1767
1766
  """
1768
1767
  return pulumi.get(self, "inferred_aws_region")
1769
1768
 
1770
- @property
1769
+ @_builtins.property
1771
1770
  @pulumi.getter(name="inferredEntityType")
1772
- def inferred_entity_type(self) -> pulumi.Output[Optional[builtins.str]]:
1771
+ def inferred_entity_type(self) -> pulumi.Output[Optional[_builtins.str]]:
1773
1772
  """
1774
1773
  If set, instructs Vault to turn on
1775
1774
  inferencing. The only valid value is `ec2_instance`, which instructs Vault to
@@ -1778,9 +1777,9 @@ class AuthBackendRole(pulumi.CustomResource):
1778
1777
  """
1779
1778
  return pulumi.get(self, "inferred_entity_type")
1780
1779
 
1781
- @property
1780
+ @_builtins.property
1782
1781
  @pulumi.getter
1783
- def namespace(self) -> pulumi.Output[Optional[builtins.str]]:
1782
+ def namespace(self) -> pulumi.Output[Optional[_builtins.str]]:
1784
1783
  """
1785
1784
  The namespace to provision the resource in.
1786
1785
  The value should not contain leading or trailing forward slashes.
@@ -1789,9 +1788,9 @@ class AuthBackendRole(pulumi.CustomResource):
1789
1788
  """
1790
1789
  return pulumi.get(self, "namespace")
1791
1790
 
1792
- @property
1791
+ @_builtins.property
1793
1792
  @pulumi.getter(name="resolveAwsUniqueIds")
1794
- def resolve_aws_unique_ids(self) -> pulumi.Output[Optional[builtins.bool]]:
1793
+ def resolve_aws_unique_ids(self) -> pulumi.Output[Optional[_builtins.bool]]:
1795
1794
  """
1796
1795
  Only valid when
1797
1796
  `auth_type` is `iam`. If set to `true`, the `bound_iam_principal_arns` are
@@ -1807,25 +1806,25 @@ class AuthBackendRole(pulumi.CustomResource):
1807
1806
  """
1808
1807
  return pulumi.get(self, "resolve_aws_unique_ids")
1809
1808
 
1810
- @property
1809
+ @_builtins.property
1811
1810
  @pulumi.getter
1812
- def role(self) -> pulumi.Output[builtins.str]:
1811
+ def role(self) -> pulumi.Output[_builtins.str]:
1813
1812
  """
1814
1813
  The name of the role.
1815
1814
  """
1816
1815
  return pulumi.get(self, "role")
1817
1816
 
1818
- @property
1817
+ @_builtins.property
1819
1818
  @pulumi.getter(name="roleId")
1820
- def role_id(self) -> pulumi.Output[builtins.str]:
1819
+ def role_id(self) -> pulumi.Output[_builtins.str]:
1821
1820
  """
1822
1821
  The Vault generated role ID.
1823
1822
  """
1824
1823
  return pulumi.get(self, "role_id")
1825
1824
 
1826
- @property
1825
+ @_builtins.property
1827
1826
  @pulumi.getter(name="roleTag")
1828
- def role_tag(self) -> pulumi.Output[Optional[builtins.str]]:
1827
+ def role_tag(self) -> pulumi.Output[Optional[_builtins.str]]:
1829
1828
  """
1830
1829
  If set, enable role tags for this role. The value set
1831
1830
  for this field should be the key of the tag on the EC2 instance. `auth_type`
@@ -1834,73 +1833,73 @@ class AuthBackendRole(pulumi.CustomResource):
1834
1833
  """
1835
1834
  return pulumi.get(self, "role_tag")
1836
1835
 
1837
- @property
1836
+ @_builtins.property
1838
1837
  @pulumi.getter(name="tokenBoundCidrs")
1839
- def token_bound_cidrs(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
1838
+ def token_bound_cidrs(self) -> pulumi.Output[Optional[Sequence[_builtins.str]]]:
1840
1839
  """
1841
1840
  Specifies the blocks of IP addresses which are allowed to use the generated token
1842
1841
  """
1843
1842
  return pulumi.get(self, "token_bound_cidrs")
1844
1843
 
1845
- @property
1844
+ @_builtins.property
1846
1845
  @pulumi.getter(name="tokenExplicitMaxTtl")
1847
- def token_explicit_max_ttl(self) -> pulumi.Output[Optional[builtins.int]]:
1846
+ def token_explicit_max_ttl(self) -> pulumi.Output[Optional[_builtins.int]]:
1848
1847
  """
1849
1848
  Generated Token's Explicit Maximum TTL in seconds
1850
1849
  """
1851
1850
  return pulumi.get(self, "token_explicit_max_ttl")
1852
1851
 
1853
- @property
1852
+ @_builtins.property
1854
1853
  @pulumi.getter(name="tokenMaxTtl")
1855
- def token_max_ttl(self) -> pulumi.Output[Optional[builtins.int]]:
1854
+ def token_max_ttl(self) -> pulumi.Output[Optional[_builtins.int]]:
1856
1855
  """
1857
1856
  The maximum lifetime of the generated token
1858
1857
  """
1859
1858
  return pulumi.get(self, "token_max_ttl")
1860
1859
 
1861
- @property
1860
+ @_builtins.property
1862
1861
  @pulumi.getter(name="tokenNoDefaultPolicy")
1863
- def token_no_default_policy(self) -> pulumi.Output[Optional[builtins.bool]]:
1862
+ def token_no_default_policy(self) -> pulumi.Output[Optional[_builtins.bool]]:
1864
1863
  """
1865
1864
  If true, the 'default' policy will not automatically be added to generated tokens
1866
1865
  """
1867
1866
  return pulumi.get(self, "token_no_default_policy")
1868
1867
 
1869
- @property
1868
+ @_builtins.property
1870
1869
  @pulumi.getter(name="tokenNumUses")
1871
- def token_num_uses(self) -> pulumi.Output[Optional[builtins.int]]:
1870
+ def token_num_uses(self) -> pulumi.Output[Optional[_builtins.int]]:
1872
1871
  """
1873
1872
  The maximum number of times a token may be used, a value of zero means unlimited
1874
1873
  """
1875
1874
  return pulumi.get(self, "token_num_uses")
1876
1875
 
1877
- @property
1876
+ @_builtins.property
1878
1877
  @pulumi.getter(name="tokenPeriod")
1879
- def token_period(self) -> pulumi.Output[Optional[builtins.int]]:
1878
+ def token_period(self) -> pulumi.Output[Optional[_builtins.int]]:
1880
1879
  """
1881
1880
  Generated Token's Period
1882
1881
  """
1883
1882
  return pulumi.get(self, "token_period")
1884
1883
 
1885
- @property
1884
+ @_builtins.property
1886
1885
  @pulumi.getter(name="tokenPolicies")
1887
- def token_policies(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
1886
+ def token_policies(self) -> pulumi.Output[Optional[Sequence[_builtins.str]]]:
1888
1887
  """
1889
1888
  Generated Token's Policies
1890
1889
  """
1891
1890
  return pulumi.get(self, "token_policies")
1892
1891
 
1893
- @property
1892
+ @_builtins.property
1894
1893
  @pulumi.getter(name="tokenTtl")
1895
- def token_ttl(self) -> pulumi.Output[Optional[builtins.int]]:
1894
+ def token_ttl(self) -> pulumi.Output[Optional[_builtins.int]]:
1896
1895
  """
1897
1896
  The initial ttl of the token to generate in seconds
1898
1897
  """
1899
1898
  return pulumi.get(self, "token_ttl")
1900
1899
 
1901
- @property
1900
+ @_builtins.property
1902
1901
  @pulumi.getter(name="tokenType")
1903
- def token_type(self) -> pulumi.Output[Optional[builtins.str]]:
1902
+ def token_type(self) -> pulumi.Output[Optional[_builtins.str]]:
1904
1903
  """
1905
1904
  The type of token to generate, service or batch
1906
1905
  """