pulumi-vault 7.6.0__tar.gz → 7.6.0a1764138710__tar.gz

{pulumi_vault-7.6.0 → pulumi_vault-7.6.0a1764138710}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: pulumi_vault
-Version: 7.6.0
+Version: 7.6.0a1764138710
 Summary: A Pulumi package for creating and managing HashiCorp Vault cloud resources.
 License: Apache-2.0
 Project-URL: Homepage, https://pulumi.io

{pulumi_vault-7.6.0 → pulumi_vault-7.6.0a1764138710}/pulumi_vault/database/_inputs.py

@@ -2739,10 +2739,6 @@ if not MYPY:
         """
         Version counter for root credential password write-only field
         """
-        self_managed: NotRequired[pulumi.Input[_builtins.bool]]
-        """
-        If set, allows onboarding static roles with a rootless connection configuration.
-        """
         split_statements: NotRequired[pulumi.Input[_builtins.bool]]
         """
         Set to true in order to split statements after semi-colons.
@@ -2769,7 +2765,6 @@ class SecretBackendConnectionOracleArgs:
                  password: Optional[pulumi.Input[_builtins.str]] = None,
                  password_wo: Optional[pulumi.Input[_builtins.str]] = None,
                  password_wo_version: Optional[pulumi.Input[_builtins.int]] = None,
-                 self_managed: Optional[pulumi.Input[_builtins.bool]] = None,
                  split_statements: Optional[pulumi.Input[_builtins.bool]] = None,
                  username: Optional[pulumi.Input[_builtins.str]] = None,
                  username_template: Optional[pulumi.Input[_builtins.str]] = None):
@@ -2783,7 +2778,6 @@ class SecretBackendConnectionOracleArgs:
         :param pulumi.Input[_builtins.str] password_wo: **NOTE:** This field is write-only and its value will not be updated in state as part of read operations.
                Write-only field for the root credential password used in the connection URL
         :param pulumi.Input[_builtins.int] password_wo_version: Version counter for root credential password write-only field
-        :param pulumi.Input[_builtins.bool] self_managed: If set, allows onboarding static roles with a rootless connection configuration.
         :param pulumi.Input[_builtins.bool] split_statements: Set to true in order to split statements after semi-colons.
         :param pulumi.Input[_builtins.str] username: The root credential username used in the connection URL
         :param pulumi.Input[_builtins.str] username_template: Username generation template.
@@ -2804,8 +2798,6 @@ class SecretBackendConnectionOracleArgs:
             pulumi.set(__self__, "password_wo", password_wo)
         if password_wo_version is not None:
             pulumi.set(__self__, "password_wo_version", password_wo_version)
-        if self_managed is not None:
-            pulumi.set(__self__, "self_managed", self_managed)
         if split_statements is not None:
             pulumi.set(__self__, "split_statements", split_statements)
         if username is not None:
@@ -2910,18 +2902,6 @@ class SecretBackendConnectionOracleArgs:
     def password_wo_version(self, value: Optional[pulumi.Input[_builtins.int]]):
         pulumi.set(self, "password_wo_version", value)
 
-    @_builtins.property
-    @pulumi.getter(name="selfManaged")
-    def self_managed(self) -> Optional[pulumi.Input[_builtins.bool]]:
-        """
-        If set, allows onboarding static roles with a rootless connection configuration.
-        """
-        return pulumi.get(self, "self_managed")
-
-    @self_managed.setter
-    def self_managed(self, value: Optional[pulumi.Input[_builtins.bool]]):
-        pulumi.set(self, "self_managed", value)
-
     @_builtins.property
     @pulumi.getter(name="splitStatements")
     def split_statements(self) -> Optional[pulumi.Input[_builtins.bool]]:
@@ -9378,10 +9358,6 @@ if not MYPY:
         a rotation when a scheduled token rotation occurs. The default rotation window is
         unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
         """
-        self_managed: NotRequired[pulumi.Input[_builtins.bool]]
-        """
-        If set, allows onboarding static roles with a rootless connection configuration.
-        """
         split_statements: NotRequired[pulumi.Input[_builtins.bool]]
         """
         Set to true in order to split statements after semi-colons.
@@ -9422,7 +9398,6 @@ class SecretsMountOracleArgs:
                  rotation_period: Optional[pulumi.Input[_builtins.int]] = None,
                  rotation_schedule: Optional[pulumi.Input[_builtins.str]] = None,
                  rotation_window: Optional[pulumi.Input[_builtins.int]] = None,
-                 self_managed: Optional[pulumi.Input[_builtins.bool]] = None,
                  split_statements: Optional[pulumi.Input[_builtins.bool]] = None,
                  username: Optional[pulumi.Input[_builtins.str]] = None,
                  username_template: Optional[pulumi.Input[_builtins.str]] = None,
@@ -9453,7 +9428,6 @@ class SecretsMountOracleArgs:
         :param pulumi.Input[_builtins.int] rotation_window: The maximum amount of time in seconds allowed to complete
                a rotation when a scheduled token rotation occurs. The default rotation window is
                unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
-        :param pulumi.Input[_builtins.bool] self_managed: If set, allows onboarding static roles with a rootless connection configuration.
         :param pulumi.Input[_builtins.bool] split_statements: Set to true in order to split statements after semi-colons.
         :param pulumi.Input[_builtins.str] username: The root credential username used in the connection URL
         :param pulumi.Input[_builtins.str] username_template: Username generation template.
@@ -9493,8 +9467,6 @@ class SecretsMountOracleArgs:
             pulumi.set(__self__, "rotation_schedule", rotation_schedule)
         if rotation_window is not None:
             pulumi.set(__self__, "rotation_window", rotation_window)
-        if self_managed is not None:
-            pulumi.set(__self__, "self_managed", self_managed)
         if split_statements is not None:
             pulumi.set(__self__, "split_statements", split_statements)
         if username is not None:
@@ -9716,18 +9688,6 @@ class SecretsMountOracleArgs:
     def rotation_window(self, value: Optional[pulumi.Input[_builtins.int]]):
         pulumi.set(self, "rotation_window", value)
 
-    @_builtins.property
-    @pulumi.getter(name="selfManaged")
-    def self_managed(self) -> Optional[pulumi.Input[_builtins.bool]]:
-        """
-        If set, allows onboarding static roles with a rootless connection configuration.
-        """
-        return pulumi.get(self, "self_managed")
-
-    @self_managed.setter
-    def self_managed(self, value: Optional[pulumi.Input[_builtins.bool]]):
-        pulumi.set(self, "self_managed", value)
-
     @_builtins.property
     @pulumi.getter(name="splitStatements")
     def split_statements(self) -> Optional[pulumi.Input[_builtins.bool]]:

{pulumi_vault-7.6.0 → pulumi_vault-7.6.0a1764138710}/pulumi_vault/database/outputs.py

@@ -1996,8 +1996,6 @@ class SecretBackendConnectionOracle(dict):
             suggest = "password_wo"
         elif key == "passwordWoVersion":
             suggest = "password_wo_version"
-        elif key == "selfManaged":
-            suggest = "self_managed"
         elif key == "splitStatements":
             suggest = "split_statements"
         elif key == "usernameTemplate":
@@ -2023,7 +2021,6 @@ class SecretBackendConnectionOracle(dict):
                  password: Optional[_builtins.str] = None,
                  password_wo: Optional[_builtins.str] = None,
                  password_wo_version: Optional[_builtins.int] = None,
-                 self_managed: Optional[_builtins.bool] = None,
                  split_statements: Optional[_builtins.bool] = None,
                  username: Optional[_builtins.str] = None,
                  username_template: Optional[_builtins.str] = None):
@@ -2037,7 +2034,6 @@ class SecretBackendConnectionOracle(dict):
         :param _builtins.str password_wo: **NOTE:** This field is write-only and its value will not be updated in state as part of read operations.
                Write-only field for the root credential password used in the connection URL
         :param _builtins.int password_wo_version: Version counter for root credential password write-only field
-        :param _builtins.bool self_managed: If set, allows onboarding static roles with a rootless connection configuration.
         :param _builtins.bool split_statements: Set to true in order to split statements after semi-colons.
         :param _builtins.str username: The root credential username used in the connection URL
         :param _builtins.str username_template: Username generation template.
@@ -2058,8 +2054,6 @@ class SecretBackendConnectionOracle(dict):
             pulumi.set(__self__, "password_wo", password_wo)
         if password_wo_version is not None:
             pulumi.set(__self__, "password_wo_version", password_wo_version)
-        if self_managed is not None:
-            pulumi.set(__self__, "self_managed", self_managed)
         if split_statements is not None:
             pulumi.set(__self__, "split_statements", split_statements)
         if username is not None:
@@ -2132,14 +2126,6 @@ class SecretBackendConnectionOracle(dict):
         """
         return pulumi.get(self, "password_wo_version")
 
-    @_builtins.property
-    @pulumi.getter(name="selfManaged")
-    def self_managed(self) -> Optional[_builtins.bool]:
-        """
-        If set, allows onboarding static roles with a rootless connection configuration.
-        """
-        return pulumi.get(self, "self_managed")
-
     @_builtins.property
     @pulumi.getter(name="splitStatements")
     def split_statements(self) -> Optional[_builtins.bool]:
@@ -6690,8 +6676,6 @@ class SecretsMountOracle(dict):
             suggest = "rotation_schedule"
         elif key == "rotationWindow":
             suggest = "rotation_window"
-        elif key == "selfManaged":
-            suggest = "self_managed"
         elif key == "splitStatements":
             suggest = "split_statements"
         elif key == "usernameTemplate":
@@ -6728,7 +6712,6 @@ class SecretsMountOracle(dict):
                  rotation_period: Optional[_builtins.int] = None,
                  rotation_schedule: Optional[_builtins.str] = None,
                  rotation_window: Optional[_builtins.int] = None,
-                 self_managed: Optional[_builtins.bool] = None,
                  split_statements: Optional[_builtins.bool] = None,
                  username: Optional[_builtins.str] = None,
                  username_template: Optional[_builtins.str] = None,
@@ -6759,7 +6742,6 @@ class SecretsMountOracle(dict):
         :param _builtins.int rotation_window: The maximum amount of time in seconds allowed to complete
                a rotation when a scheduled token rotation occurs. The default rotation window is
                unbound and the minimum allowable window is `3600`. Requires Vault Enterprise 1.19+.
-        :param _builtins.bool self_managed: If set, allows onboarding static roles with a rootless connection configuration.
         :param _builtins.bool split_statements: Set to true in order to split statements after semi-colons.
         :param _builtins.str username: The root credential username used in the connection URL
         :param _builtins.str username_template: Username generation template.
@@ -6799,8 +6781,6 @@ class SecretsMountOracle(dict):
             pulumi.set(__self__, "rotation_schedule", rotation_schedule)
         if rotation_window is not None:
             pulumi.set(__self__, "rotation_window", rotation_window)
-        if self_managed is not None:
-            pulumi.set(__self__, "self_managed", self_managed)
         if split_statements is not None:
             pulumi.set(__self__, "split_statements", split_statements)
         if username is not None:
@@ -6954,14 +6934,6 @@ class SecretsMountOracle(dict):
         """
         return pulumi.get(self, "rotation_window")
 
-    @_builtins.property
-    @pulumi.getter(name="selfManaged")
-    def self_managed(self) -> Optional[_builtins.bool]:
-        """
-        If set, allows onboarding static roles with a rootless connection configuration.
-        """
-        return pulumi.get(self, "self_managed")
-
     @_builtins.property
     @pulumi.getter(name="splitStatements")
     def split_statements(self) -> Optional[_builtins.bool]:

{pulumi_vault-7.6.0 → pulumi_vault-7.6.0a1764138710}/pulumi_vault/database/secret_backend_connection.py

@@ -1077,8 +1077,6 @@ class SecretBackendConnection(pulumi.CustomResource):
         """
         ## Example Usage
 
-        ### PostgreSQL Connection
-
         ```python
         import pulumi
         import pulumi_vault as vault
@@ -1100,37 +1098,6 @@ class SecretBackendConnection(pulumi.CustomResource):
             })
         ```
 
-        ### Oracle Connection with Self-Managed Mode (Rootless)
-
-        For Vault 1.18+ Enterprise, you can configure Oracle connections in self-managed mode,
-        which allows a static role to manage its own database credentials without requiring root access:
-
-        ```python
-        import pulumi
-        import pulumi_vault as vault
-
-        db = vault.Mount("db",
-            path="database",
-            type="database")
-        oracle = vault.database.SecretBackendConnection("oracle",
-            backend=db.path,
-            name="oracle",
-            allowed_roles=["my-role"],
-            oracle={
-                "connection_url": "{{username}}/{{password}}@//host:port/service",
-                "self_managed": True,
-                "plugin_name": "vault-plugin-database-oracle",
-            })
-        oracle_role = vault.database.SecretBackendStaticRole("oracle_role",
-            backend=db.path,
-            name="my-role",
-            db_name=oracle.name,
-            username="vault_user",
-            password_wo="initial-password",
-            password_wo_version=1,
-            rotation_period=3600)
-        ```
-
         ## Ephemeral Attributes Reference
 
         The following write-only attributes are supported for all DBs that support username/password:
@@ -1204,8 +1171,6 @@ class SecretBackendConnection(pulumi.CustomResource):
         """
         ## Example Usage
 
-        ### PostgreSQL Connection
-
         ```python
         import pulumi
         import pulumi_vault as vault
@@ -1227,37 +1192,6 @@ class SecretBackendConnection(pulumi.CustomResource):
             })
         ```
 
-        ### Oracle Connection with Self-Managed Mode (Rootless)
-
-        For Vault 1.18+ Enterprise, you can configure Oracle connections in self-managed mode,
-        which allows a static role to manage its own database credentials without requiring root access:
-
-        ```python
-        import pulumi
-        import pulumi_vault as vault
-
-        db = vault.Mount("db",
-            path="database",
-            type="database")
-        oracle = vault.database.SecretBackendConnection("oracle",
-            backend=db.path,
-            name="oracle",
-            allowed_roles=["my-role"],
-            oracle={
-                "connection_url": "{{username}}/{{password}}@//host:port/service",
-                "self_managed": True,
-                "plugin_name": "vault-plugin-database-oracle",
-            })
-        oracle_role = vault.database.SecretBackendStaticRole("oracle_role",
-            backend=db.path,
-            name="my-role",
-            db_name=oracle.name,
-            username="vault_user",
-            password_wo="initial-password",
-            password_wo_version=1,
-            rotation_period=3600)
-        ```
-
         ## Ephemeral Attributes Reference
 
         The following write-only attributes are supported for all DBs that support username/password:

{pulumi_vault-7.6.0 → pulumi_vault-7.6.0a1764138710}/pulumi_vault/database/secret_backend_static_role.py

@@ -26,8 +26,6 @@ class SecretBackendStaticRoleArgs:
                  credential_type: Optional[pulumi.Input[_builtins.str]] = None,
                  name: Optional[pulumi.Input[_builtins.str]] = None,
                  namespace: Optional[pulumi.Input[_builtins.str]] = None,
-                 password_wo: Optional[pulumi.Input[_builtins.str]] = None,
-                 password_wo_version: Optional[pulumi.Input[_builtins.int]] = None,
                  rotation_period: Optional[pulumi.Input[_builtins.int]] = None,
                  rotation_schedule: Optional[pulumi.Input[_builtins.str]] = None,
                  rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
@@ -45,13 +43,6 @@ class SecretBackendStaticRoleArgs:
                The value should not contain leading or trailing forward slashes.
                The `namespace` is always relative to the provider's configured namespace.
                *Available only for Vault Enterprise*.
-        :param pulumi.Input[_builtins.str] password_wo: **NOTE:** This field is write-only and its value will not be updated in state as part of read operations.
-               The password corresponding to the username in the database.
-               This is a write-only field. Requires Vault 1.19+. Deprecates `self_managed_password` which was introduced in Vault 1.18.
-               Cannot be used with `self_managed_password`.
-        :param pulumi.Input[_builtins.int] password_wo_version: The version of the `password_wo` field. 
-               Used for tracking changes to the write-only password field. For more info see
-               updating write-only attributes.
         :param pulumi.Input[_builtins.int] rotation_period: The amount of time Vault should wait before rotating the password, in seconds.
                Mutually exclusive with `rotation_schedule`.
         :param pulumi.Input[_builtins.str] rotation_schedule: A cron-style string that will define the schedule on which rotations should occur.
@@ -65,7 +56,6 @@ class SecretBackendStaticRoleArgs:
         :param pulumi.Input[_builtins.str] self_managed_password: The password corresponding to the username in the database.
                Required when using the Rootless Password Rotation workflow for static roles. Only enabled for
                select DB engines (Postgres). Requires Vault 1.18+ Enterprise.
-               **Deprecated**: Use `password_wo` instead. This field will be removed in a future version.
         :param pulumi.Input[_builtins.bool] skip_import_rotation: If set to true, Vault will skip the
                initial secret rotation on import. Requires Vault 1.18+ Enterprise.
         """
@@ -80,10 +70,6 @@ class SecretBackendStaticRoleArgs:
             pulumi.set(__self__, "name", name)
         if namespace is not None:
             pulumi.set(__self__, "namespace", namespace)
-        if password_wo is not None:
-            pulumi.set(__self__, "password_wo", password_wo)
-        if password_wo_version is not None:
-            pulumi.set(__self__, "password_wo_version", password_wo_version)
         if rotation_period is not None:
             pulumi.set(__self__, "rotation_period", rotation_period)
         if rotation_schedule is not None:
@@ -181,35 +167,6 @@ class SecretBackendStaticRoleArgs:
     def namespace(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "namespace", value)
 
-    @_builtins.property
-    @pulumi.getter(name="passwordWo")
-    def password_wo(self) -> Optional[pulumi.Input[_builtins.str]]:
-        """
-        **NOTE:** This field is write-only and its value will not be updated in state as part of read operations.
-        The password corresponding to the username in the database.
-        This is a write-only field. Requires Vault 1.19+. Deprecates `self_managed_password` which was introduced in Vault 1.18.
-        Cannot be used with `self_managed_password`.
-        """
-        return pulumi.get(self, "password_wo")
-
-    @password_wo.setter
-    def password_wo(self, value: Optional[pulumi.Input[_builtins.str]]):
-        pulumi.set(self, "password_wo", value)
-
-    @_builtins.property
-    @pulumi.getter(name="passwordWoVersion")
-    def password_wo_version(self) -> Optional[pulumi.Input[_builtins.int]]:
-        """
-        The version of the `password_wo` field. 
-        Used for tracking changes to the write-only password field. For more info see
-        updating write-only attributes.
-        """
-        return pulumi.get(self, "password_wo_version")
-
-    @password_wo_version.setter
-    def password_wo_version(self, value: Optional[pulumi.Input[_builtins.int]]):
-        pulumi.set(self, "password_wo_version", value)
-
     @_builtins.property
     @pulumi.getter(name="rotationPeriod")
     def rotation_period(self) -> Optional[pulumi.Input[_builtins.int]]:
@@ -271,7 +228,6 @@ class SecretBackendStaticRoleArgs:
         The password corresponding to the username in the database.
         Required when using the Rootless Password Rotation workflow for static roles. Only enabled for
         select DB engines (Postgres). Requires Vault 1.18+ Enterprise.
-        **Deprecated**: Use `password_wo` instead. This field will be removed in a future version.
         """
         return pulumi.get(self, "self_managed_password")
 
@@ -302,8 +258,6 @@ class _SecretBackendStaticRoleState:
                  db_name: Optional[pulumi.Input[_builtins.str]] = None,
                  name: Optional[pulumi.Input[_builtins.str]] = None,
                  namespace: Optional[pulumi.Input[_builtins.str]] = None,
-                 password_wo: Optional[pulumi.Input[_builtins.str]] = None,
-                 password_wo_version: Optional[pulumi.Input[_builtins.int]] = None,
                  rotation_period: Optional[pulumi.Input[_builtins.int]] = None,
                  rotation_schedule: Optional[pulumi.Input[_builtins.str]] = None,
                  rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
@@ -321,13 +275,6 @@ class _SecretBackendStaticRoleState:
                The value should not contain leading or trailing forward slashes.
                The `namespace` is always relative to the provider's configured namespace.
                *Available only for Vault Enterprise*.
-        :param pulumi.Input[_builtins.str] password_wo: **NOTE:** This field is write-only and its value will not be updated in state as part of read operations.
-               The password corresponding to the username in the database.
-               This is a write-only field. Requires Vault 1.19+. Deprecates `self_managed_password` which was introduced in Vault 1.18.
-               Cannot be used with `self_managed_password`.
-        :param pulumi.Input[_builtins.int] password_wo_version: The version of the `password_wo` field. 
-               Used for tracking changes to the write-only password field. For more info see
-               updating write-only attributes.
         :param pulumi.Input[_builtins.int] rotation_period: The amount of time Vault should wait before rotating the password, in seconds.
                Mutually exclusive with `rotation_schedule`.
         :param pulumi.Input[_builtins.str] rotation_schedule: A cron-style string that will define the schedule on which rotations should occur.
@@ -341,7 +288,6 @@ class _SecretBackendStaticRoleState:
         :param pulumi.Input[_builtins.str] self_managed_password: The password corresponding to the username in the database.
                Required when using the Rootless Password Rotation workflow for static roles. Only enabled for
                select DB engines (Postgres). Requires Vault 1.18+ Enterprise.
-               **Deprecated**: Use `password_wo` instead. This field will be removed in a future version.
         :param pulumi.Input[_builtins.bool] skip_import_rotation: If set to true, Vault will skip the
                initial secret rotation on import. Requires Vault 1.18+ Enterprise.
         :param pulumi.Input[_builtins.str] username: The database username that this static role corresponds to.
@@ -358,10 +304,6 @@ class _SecretBackendStaticRoleState:
             pulumi.set(__self__, "name", name)
         if namespace is not None:
             pulumi.set(__self__, "namespace", namespace)
-        if password_wo is not None:
-            pulumi.set(__self__, "password_wo", password_wo)
-        if password_wo_version is not None:
-            pulumi.set(__self__, "password_wo_version", password_wo_version)
         if rotation_period is not None:
             pulumi.set(__self__, "rotation_period", rotation_period)
         if rotation_schedule is not None:
@@ -449,35 +391,6 @@ class _SecretBackendStaticRoleState:
     def namespace(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "namespace", value)
 
-    @_builtins.property
-    @pulumi.getter(name="passwordWo")
-    def password_wo(self) -> Optional[pulumi.Input[_builtins.str]]:
-        """
-        **NOTE:** This field is write-only and its value will not be updated in state as part of read operations.
-        The password corresponding to the username in the database.
-        This is a write-only field. Requires Vault 1.19+. Deprecates `self_managed_password` which was introduced in Vault 1.18.
-        Cannot be used with `self_managed_password`.
-        """
-        return pulumi.get(self, "password_wo")
-
-    @password_wo.setter
-    def password_wo(self, value: Optional[pulumi.Input[_builtins.str]]):
-        pulumi.set(self, "password_wo", value)
-
-    @_builtins.property
-    @pulumi.getter(name="passwordWoVersion")
-    def password_wo_version(self) -> Optional[pulumi.Input[_builtins.int]]:
-        """
-        The version of the `password_wo` field. 
-        Used for tracking changes to the write-only password field. For more info see
-        updating write-only attributes.
-        """
-        return pulumi.get(self, "password_wo_version")
-
-    @password_wo_version.setter
-    def password_wo_version(self, value: Optional[pulumi.Input[_builtins.int]]):
-        pulumi.set(self, "password_wo_version", value)
-
     @_builtins.property
     @pulumi.getter(name="rotationPeriod")
     def rotation_period(self) -> Optional[pulumi.Input[_builtins.int]]:
@@ -539,7 +452,6 @@ class _SecretBackendStaticRoleState:
         The password corresponding to the username in the database.
         Required when using the Rootless Password Rotation workflow for static roles. Only enabled for
         select DB engines (Postgres). Requires Vault 1.18+ Enterprise.
-        **Deprecated**: Use `password_wo` instead. This field will be removed in a future version.
         """
         return pulumi.get(self, "self_managed_password")
 
@@ -585,8 +497,6 @@ class SecretBackendStaticRole(pulumi.CustomResource):
                  db_name: Optional[pulumi.Input[_builtins.str]] = None,
                  name: Optional[pulumi.Input[_builtins.str]] = None,
                  namespace: Optional[pulumi.Input[_builtins.str]] = None,
-                 password_wo: Optional[pulumi.Input[_builtins.str]] = None,
-                 password_wo_version: Optional[pulumi.Input[_builtins.int]] = None,
                  rotation_period: Optional[pulumi.Input[_builtins.int]] = None,
                  rotation_schedule: Optional[pulumi.Input[_builtins.str]] = None,
                  rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
@@ -633,16 +543,6 @@ class SecretBackendStaticRole(pulumi.CustomResource):
             rotation_schedule="0 0 * * SAT",
             rotation_window=172800,
             rotation_statements=["ALTER USER \\"{{name}}\\" WITH PASSWORD '{{password}}';"])
-        # configure a static role with a password (Vault 1.19+)
-        password_role = vault.database.SecretBackendStaticRole("password_role",
-            backend=db.path,
-            name="my-password-role",
-            db_name=postgres.name,
-            username="example",
-            password_wo="my-password",
-            password_wo_version=1,
-            rotation_period=3600,
-            rotation_statements=["ALTER USER \\"{{name}}\\" WITH PASSWORD '{{password}}';"])
         ```
 
         ## Import
@@ -663,13 +563,6 @@ class SecretBackendStaticRole(pulumi.CustomResource):
                The value should not contain leading or trailing forward slashes.
                The `namespace` is always relative to the provider's configured namespace.
                *Available only for Vault Enterprise*.
-        :param pulumi.Input[_builtins.str] password_wo: **NOTE:** This field is write-only and its value will not be updated in state as part of read operations.
-               The password corresponding to the username in the database.
-               This is a write-only field. Requires Vault 1.19+. Deprecates `self_managed_password` which was introduced in Vault 1.18.
-               Cannot be used with `self_managed_password`.
-        :param pulumi.Input[_builtins.int] password_wo_version: The version of the `password_wo` field. 
-               Used for tracking changes to the write-only password field. For more info see
-               updating write-only attributes.
         :param pulumi.Input[_builtins.int] rotation_period: The amount of time Vault should wait before rotating the password, in seconds.
                Mutually exclusive with `rotation_schedule`.
         :param pulumi.Input[_builtins.str] rotation_schedule: A cron-style string that will define the schedule on which rotations should occur.
@@ -683,7 +576,6 @@ class SecretBackendStaticRole(pulumi.CustomResource):
         :param pulumi.Input[_builtins.str] self_managed_password: The password corresponding to the username in the database.
                Required when using the Rootless Password Rotation workflow for static roles. Only enabled for
                select DB engines (Postgres). Requires Vault 1.18+ Enterprise.
-               **Deprecated**: Use `password_wo` instead. This field will be removed in a future version.
         :param pulumi.Input[_builtins.bool] skip_import_rotation: If set to true, Vault will skip the
                initial secret rotation on import. Requires Vault 1.18+ Enterprise.
         :param pulumi.Input[_builtins.str] username: The database username that this static role corresponds to.
@@ -732,16 +624,6 @@ class SecretBackendStaticRole(pulumi.CustomResource):
             rotation_schedule="0 0 * * SAT",
             rotation_window=172800,
             rotation_statements=["ALTER USER \\"{{name}}\\" WITH PASSWORD '{{password}}';"])
-        # configure a static role with a password (Vault 1.19+)
-        password_role = vault.database.SecretBackendStaticRole("password_role",
-            backend=db.path,
-            name="my-password-role",
-            db_name=postgres.name,
-            username="example",
-            password_wo="my-password",
-            password_wo_version=1,
-            rotation_period=3600,
-            rotation_statements=["ALTER USER \\"{{name}}\\" WITH PASSWORD '{{password}}';"])
         ```
 
         ## Import
@@ -773,8 +655,6 @@ class SecretBackendStaticRole(pulumi.CustomResource):
                  db_name: Optional[pulumi.Input[_builtins.str]] = None,
                  name: Optional[pulumi.Input[_builtins.str]] = None,
                  namespace: Optional[pulumi.Input[_builtins.str]] = None,
-                 password_wo: Optional[pulumi.Input[_builtins.str]] = None,
-                 password_wo_version: Optional[pulumi.Input[_builtins.int]] = None,
                  rotation_period: Optional[pulumi.Input[_builtins.int]] = None,
                  rotation_schedule: Optional[pulumi.Input[_builtins.str]] = None,
                  rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
@@ -801,8 +681,6 @@ class SecretBackendStaticRole(pulumi.CustomResource):
             __props__.__dict__["db_name"] = db_name
             __props__.__dict__["name"] = name
             __props__.__dict__["namespace"] = namespace
-            __props__.__dict__["password_wo"] = None if password_wo is None else pulumi.Output.secret(password_wo)
-            __props__.__dict__["password_wo_version"] = password_wo_version
             __props__.__dict__["rotation_period"] = rotation_period
             __props__.__dict__["rotation_schedule"] = rotation_schedule
             __props__.__dict__["rotation_statements"] = rotation_statements
@@ -812,7 +690,7 @@ class SecretBackendStaticRole(pulumi.CustomResource):
             if username is None and not opts.urn:
                 raise TypeError("Missing required property 'username'")
             __props__.__dict__["username"] = username
-        secret_opts = pulumi.ResourceOptions(additional_secret_outputs=["passwordWo", "selfManagedPassword"])
+        secret_opts = pulumi.ResourceOptions(additional_secret_outputs=["selfManagedPassword"])
         opts = pulumi.ResourceOptions.merge(opts, secret_opts)
         super(SecretBackendStaticRole, __self__).__init__(
             'vault:database/secretBackendStaticRole:SecretBackendStaticRole',
@@ -830,8 +708,6 @@ class SecretBackendStaticRole(pulumi.CustomResource):
             db_name: Optional[pulumi.Input[_builtins.str]] = None,
             name: Optional[pulumi.Input[_builtins.str]] = None,
             namespace: Optional[pulumi.Input[_builtins.str]] = None,
-            password_wo: Optional[pulumi.Input[_builtins.str]] = None,
-            password_wo_version: Optional[pulumi.Input[_builtins.int]] = None,
             rotation_period: Optional[pulumi.Input[_builtins.int]] = None,
             rotation_schedule: Optional[pulumi.Input[_builtins.str]] = None,
             rotation_statements: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
@@ -854,13 +730,6 @@ class SecretBackendStaticRole(pulumi.CustomResource):
                The value should not contain leading or trailing forward slashes.
                The `namespace` is always relative to the provider's configured namespace.
                *Available only for Vault Enterprise*.
-        :param pulumi.Input[_builtins.str] password_wo: **NOTE:** This field is write-only and its value will not be updated in state as part of read operations.
-               The password corresponding to the username in the database.
-               This is a write-only field. Requires Vault 1.19+. Deprecates `self_managed_password` which was introduced in Vault 1.18.
-               Cannot be used with `self_managed_password`.
-        :param pulumi.Input[_builtins.int] password_wo_version: The version of the `password_wo` field. 
-               Used for tracking changes to the write-only password field. For more info see
-               updating write-only attributes.
         :param pulumi.Input[_builtins.int] rotation_period: The amount of time Vault should wait before rotating the password, in seconds.
                Mutually exclusive with `rotation_schedule`.
         :param pulumi.Input[_builtins.str] rotation_schedule: A cron-style string that will define the schedule on which rotations should occur.
@@ -874,7 +743,6 @@ class SecretBackendStaticRole(pulumi.CustomResource):
         :param pulumi.Input[_builtins.str] self_managed_password: The password corresponding to the username in the database.
                Required when using the Rootless Password Rotation workflow for static roles. Only enabled for
                select DB engines (Postgres). Requires Vault 1.18+ Enterprise.
-               **Deprecated**: Use `password_wo` instead. This field will be removed in a future version.
         :param pulumi.Input[_builtins.bool] skip_import_rotation: If set to true, Vault will skip the
                initial secret rotation on import. Requires Vault 1.18+ Enterprise.
         :param pulumi.Input[_builtins.str] username: The database username that this static role corresponds to.
@@ -889,8 +757,6 @@ class SecretBackendStaticRole(pulumi.CustomResource):
         __props__.__dict__["db_name"] = db_name
         __props__.__dict__["name"] = name
         __props__.__dict__["namespace"] = namespace
-        __props__.__dict__["password_wo"] = password_wo
-        __props__.__dict__["password_wo_version"] = password_wo_version
         __props__.__dict__["rotation_period"] = rotation_period
         __props__.__dict__["rotation_schedule"] = rotation_schedule
         __props__.__dict__["rotation_statements"] = rotation_statements
@@ -948,27 +814,6 @@ class SecretBackendStaticRole(pulumi.CustomResource):
         """
         return pulumi.get(self, "namespace")
 
-    @_builtins.property
-    @pulumi.getter(name="passwordWo")
-    def password_wo(self) -> pulumi.Output[Optional[_builtins.str]]:
-        """
-        **NOTE:** This field is write-only and its value will not be updated in state as part of read operations.
-        The password corresponding to the username in the database.
-        This is a write-only field. Requires Vault 1.19+. Deprecates `self_managed_password` which was introduced in Vault 1.18.
-        Cannot be used with `self_managed_password`.
-        """
-        return pulumi.get(self, "password_wo")
-
-    @_builtins.property
-    @pulumi.getter(name="passwordWoVersion")
-    def password_wo_version(self) -> pulumi.Output[Optional[_builtins.int]]:
-        """
-        The version of the `password_wo` field. 
-        Used for tracking changes to the write-only password field. For more info see
-        updating write-only attributes.
-        """
-        return pulumi.get(self, "password_wo_version")
-
     @_builtins.property
     @pulumi.getter(name="rotationPeriod")
     def rotation_period(self) -> pulumi.Output[Optional[_builtins.int]]:
@@ -1014,7 +859,6 @@ class SecretBackendStaticRole(pulumi.CustomResource):
         The password corresponding to the username in the database.
         Required when using the Rootless Password Rotation workflow for static roles. Only enabled for
         select DB engines (Postgres). Requires Vault 1.18+ Enterprise.
-        **Deprecated**: Use `password_wo` instead. This field will be removed in a future version.
         """
         return pulumi.get(self, "self_managed_password")